diff --git a/prod/gitea/packer/files/sshd_config b/prod/gitea/packer/files/sshd_config deleted file mode 100644 index f82ba81..0000000 --- a/prod/gitea/packer/files/sshd_config +++ /dev/null @@ -1,122 +0,0 @@ -# $OpenBSD: sshd_config,v 1.101 2017/03/14 07:19:07 djm Exp $ - -# This is the sshd server system-wide configuration file. See -# sshd_config(5) for more information. - -# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin - -# The strategy used for options in the default sshd_config shipped with -# OpenSSH is to specify options with their default value where -# possible, but leave them commented. Uncommented options override the -# default value. - -Port 222 -#AddressFamily any -#ListenAddress 0.0.0.0 -#ListenAddress :: - -#HostKey /etc/ssh/ssh_host_rsa_key -#HostKey /etc/ssh/ssh_host_ecdsa_key -#HostKey /etc/ssh/ssh_host_ed25519_key - -# Ciphers and keying -#RekeyLimit default none - -# Logging -#SyslogFacility AUTH -#LogLevel INFO - -# Authentication: - -#LoginGraceTime 2m -PermitRootLogin yes -#StrictModes yes -#MaxAuthTries 6 -#MaxSessions 10 - -#PubkeyAuthentication yes - -# Expect .ssh/authorized_keys2 to be disregarded by default in future. -#AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys2 - -#AuthorizedPrincipalsFile none - -#AuthorizedKeysCommand none -#AuthorizedKeysCommandUser nobody - -# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts -#HostbasedAuthentication no -# Change to yes if you don't trust ~/.ssh/known_hosts for -# HostbasedAuthentication -#IgnoreUserKnownHosts no -# Don't read the user's ~/.rhosts and ~/.shosts files -#IgnoreRhosts yes - -# To disable tunneled clear text passwords, change to no here! -PasswordAuthentication no -#PermitEmptyPasswords no - -# Change to yes to enable challenge-response passwords (beware issues with -# some PAM modules and threads) -ChallengeResponseAuthentication no - -# Kerberos options -#KerberosAuthentication no -#KerberosOrLocalPasswd yes -#KerberosTicketCleanup yes -#KerberosGetAFSToken no - -# GSSAPI options -#GSSAPIAuthentication no -#GSSAPICleanupCredentials yes -#GSSAPIStrictAcceptorCheck yes -#GSSAPIKeyExchange no - -# Set this to 'yes' to enable PAM authentication, account processing, -# and session processing. If this is enabled, PAM authentication will -# be allowed through the ChallengeResponseAuthentication and -# PasswordAuthentication. Depending on your PAM configuration, -# PAM authentication via ChallengeResponseAuthentication may bypass -# the setting of "PermitRootLogin yes -# If you just want the PAM account and session checks to run without -# PAM authentication, then enable this but set PasswordAuthentication -# and ChallengeResponseAuthentication to 'no'. -UsePAM yes - -#AllowAgentForwarding yes -#AllowTcpForwarding yes -#GatewayPorts no -X11Forwarding yes -#X11DisplayOffset 10 -#X11UseLocalhost yes -#PermitTTY yes -PrintMotd no -#PrintLastLog yes -#TCPKeepAlive yes -#UseLogin no -#PermitUserEnvironment no -#Compression delayed -#ClientAliveInterval 0 -#ClientAliveCountMax 3 -#UseDNS no -#PidFile /var/run/sshd.pid -#MaxStartups 10:30:100 -#PermitTunnel no -#ChrootDirectory none -#VersionAddendum none - -# no default banner path -#Banner none - -# Allow client to pass locale environment variables -AcceptEnv LANG LC_* - -# override default of no subsystems -Subsystem sftp /usr/lib/openssh/sftp-server - -# Example of overriding settings on a per-user basis -#Match User anoncvs -# X11Forwarding no -# AllowTcpForwarding no -# PermitTTY no -# ForceCommand cvs server diff --git a/prod/gitea/packer/gitea.json b/prod/gitea/packer/gitea.json index eb5f203..b377a5f 100644 --- a/prod/gitea/packer/gitea.json +++ b/prod/gitea/packer/gitea.json @@ -52,11 +52,6 @@ "source": "files/certbot-renew.service", "destination": "/tmp/certbot-renew.service" }, - { - "type": "file", - "source": "files/sshd_config", - "destination": "/tmp/sshd_config" - }, { "type": "shell", "script": "scripts/nginx.sh" diff --git a/prod/gitea/packer/packer-manifest.json b/prod/gitea/packer/packer-manifest.json index 0fa4fb7..b8a8b8e 100644 --- a/prod/gitea/packer/packer-manifest.json +++ b/prod/gitea/packer/packer-manifest.json @@ -161,7 +161,25 @@ "artifact_id": "nyc1:163229340", "packer_run_uuid": "7eb25857-c225-7ca3-499f-0ca2b6777a86", "custom_data": null + }, + { + "name": "digitalocean", + "builder_type": "digitalocean", + "build_time": 1723949431, + "files": null, + "artifact_id": "nyc1:163258757", + "packer_run_uuid": "9e852c33-433f-0522-9c3d-af9dfd1bcc76", + "custom_data": null + }, + { + "name": "digitalocean", + "builder_type": "digitalocean", + "build_time": 1723950259, + "files": null, + "artifact_id": "nyc1:163259232", + "packer_run_uuid": "aafc31bc-0c6c-b2a7-ec66-07ee2e9c2615", + "custom_data": null } ], - "last_run_uuid": "7eb25857-c225-7ca3-499f-0ca2b6777a86" + "last_run_uuid": "aafc31bc-0c6c-b2a7-ec66-07ee2e9c2615" } \ No newline at end of file diff --git a/prod/gitea/packer/scripts/gitea.sh b/prod/gitea/packer/scripts/gitea.sh index 17d3a51..90b8fdd 100644 --- a/prod/gitea/packer/scripts/gitea.sh +++ b/prod/gitea/packer/scripts/gitea.sh @@ -17,7 +17,7 @@ chown -R root:git /etc/gitea chmod 770 /etc/gitea chmod 660 /etc/gitea/app.ini -wget -O gitea https://dl.gitea.io/gitea/1.13.1/gitea-1.13.1-linux-amd64 +wget -O gitea https://dl.gitea.io/gitea/1.22.1/gitea-1.22.1-linux-amd64 chmod +x gitea mv gitea /usr/local/bin/ diff --git a/prod/gitea/packer/scripts/nginx.sh b/prod/gitea/packer/scripts/nginx.sh index e133b75..5a3cb9d 100644 --- a/prod/gitea/packer/scripts/nginx.sh +++ b/prod/gitea/packer/scripts/nginx.sh @@ -22,6 +22,3 @@ sudo ln -s /etc/nginx/sites-available/gitea.conf \ sudo unlink /etc/nginx/sites-enabled/default sudo systemctl enable nginx - -sudo mv /tmp/sshd_config /etc/ssh/sshd_config -sudo systemctl restart ssh