add openssh to container and add CICD harbor file

2026-04-11 13:47:05 +02:00 · 2025-11-13 22:29:13 +01:00
parent 97cbe5bb4e
commit 59b9557013
3 changed files with 54 additions and 7 deletions
--- a/.gitea/workflows/build-harbor.yml
+++ b/.gitea/workflows/build-harbor.yml
@@ -0,0 +1,38 @@
+name: Build and Push to Harbor when new commit to main-branch
+
+on:
+  push:
+    branches: [ main ]
+
+jobs:
+  build:
+    runs-on: linux_amd64
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Login to Harbor (Robot)
+        if: ${{ secrets.HARBOR_REGISTRY && secrets.HARBOR_USERNAME && secrets.HARBOR_PASSWORD }}
+        env:
+          REGISTRY: ${{ secrets.HARBOR_REGISTRY }}
+          ROBOT_USER: ${{ secrets.HARBOR_USERNAME }}
+          ROBOT_PASS: ${{ secrets.HARBOR_PASSWORD }}
+        run: |
+          mkdir -p "$HOME/.config/containers"
+          echo "$ROBOT_PASS" | podman login --username "$ROBOT_USER" --password-stdin "$REGISTRY"
+
+
+      - name: Build & tag
+        env:
+          REG:  ${{ secrets.HARBOR_REGISTRY }}
+          PROJ: ${{ secrets.HARBOR_PROJECT }}
+        run: |
+          podman build -t $REG/$PROJ/fail2ban-ui:${{ github.sha }} .
+          podman tag  $REG/$PROJ/fail2ban-ui:${{ github.sha }} $REG/$PROJ/fail2ban-ui:latest
+
+      - name: Push
+        env:
+          REG:  ${{ secrets.HARBOR_REGISTRY }}
+          PROJ: ${{ secrets.HARBOR_PROJECT }}
+        run: |
+          podman push $REG/$PROJ/fail2ban-ui:${{ github.sha }}
+          podman push $REG/$PROJ/fail2ban-ui:latest
--- a/4
+++ b/4
@@ -22,10 +22,10 @@ FROM alpine:latest AS standalone-ui

 # Install required container dependencies
 RUN apk --update --no-cache add \
-    bash curl wget whois tzdata jq ca-certificates htop fail2ban geoip \
+    bash curl wget whois tzdata jq ca-certificates htop fail2ban geoip openssh-client \
    && adduser -D -u 1000 -G root fail2ban

-RUN mkdir -p /app /config \
+RUN mkdir -p /app /config /config/.ssh \
    /etc/fail2ban/jail.d \
    /etc/fail2ban/filter.d \
    /etc/fail2ban/action.d \
--- a/pkg/web/handlers.go
+++ b/pkg/web/handlers.go
@@ -324,12 +324,21 @@ func SetDefaultServerHandler(c *gin.Context) {

 // ListSSHKeysHandler returns SSH keys available on the UI host.
 func ListSSHKeysHandler(c *gin.Context) {
-	home, err := os.UserHomeDir()
-	if err != nil {
-		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
-		return
+	var dir string
+	// Check if running inside a container
+	if _, container := os.LookupEnv("CONTAINER"); container {
+		// In container, check /config/.ssh
+		dir = "/config/.ssh"
+	} else {
+		// On host, check ~/.ssh
+		home, err := os.UserHomeDir()
+		if err != nil {
+			c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
+			return
+		}
+		dir = filepath.Join(home, ".ssh")
 	}
-	dir := filepath.Join(home, ".ssh")
+
 	entries, err := os.ReadDir(dir)
 	if err != nil {
 		if os.IsNotExist(err) {