Commit 717a924

bryfry <bryon.fryer@gmail.com>
2020-10-03 19:38:41
router_firewall image
main
1 parent 7836fd4
Changed files (5)
docker
files
router_firewall
admin
admin.pub
nope.sh
ssh
user_admin
Dockerfile
docker-compose.yml
docker/files/router_firewall/admin
@@ -0,0 +1,38 @@
+-----BEGIN OPENSSH PRIVATE KEY-----
+b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABlwAAAAdzc2gtcn
+NhAAAAAwEAAQAAAYEAy0eAkMA5YiqA5w8B47u+geyJ9AbXGGAmQd088sA2sBbNno8vS7vw
+TlOFfOIL8q5HSlNR02njyNgg0KtrkcQzxQwYaetU0iIfJ8T0FbP2rVgsuOrHPUfRP33k1l
+3qj7iuSF18y6tAet7VXsNdsEoWkGUb1flk6g3SiWYwanqeZUpkAy3jXFFWKtzQvfoIfXOZ
+x5l0q/x9MImK4ixf7jvsR29NO4zRiRgC8Kq4LP+hYYpwpLzgE7sznKRLIVpVMa1AwkzpzH
+/le0C6C5ETp//ADoPvPpUbFLkT8nrDaIS/v4JzkRgMB6oz1YBbj9at+3for0yp6v8MpqIy
+1MKFicPTV8LP/qWBsSSHed4gmZ5ZlPJ+nRycE7P3PSsSN2iy4gbT3i78UmFs1iyMHL65Lp
+eW0RiPayNfsBnVbeOEiQOFb3i/8D/ICcmE8p5k6i3t6RxydLF8RU86ZeijWdSsi+aeMpnc
+v7e+LAyj9Cs+MlUjQdp6tK1jRvbcfknQi03eEphjAAAFiMS6IqjEuiKoAAAAB3NzaC1yc2
+EAAAGBAMtHgJDAOWIqgOcPAeO7voHsifQG1xhgJkHdPPLANrAWzZ6PL0u78E5ThXziC/Ku
+R0pTUdNp48jYINCra5HEM8UMGGnrVNIiHyfE9BWz9q1YLLjqxz1H0T995NZd6o+4rkhdfM
+urQHre1V7DXbBKFpBlG9X5ZOoN0olmMGp6nmVKZAMt41xRVirc0L36CH1zmceZdKv8fTCJ
+iuIsX+477EdvTTuM0YkYAvCquCz/oWGKcKS84BO7M5ykSyFaVTGtQMJM6cx/5XtAuguRE6
+f/wA6D7z6VGxS5E/J6w2iEv7+Cc5EYDAeqM9WAW4/Wrft36K9Mqer/DKaiMtTChYnD01fC
+z/6lgbEkh3neIJmeWZTyfp0cnBOz9z0rEjdosuIG094u/FJhbNYsjBy+uS6XltEYj2sjX7
+AZ1W3jhIkDhW94v/A/yAnJhPKeZOot7ekccnSxfEVPOmXoo1nUrIvmnjKZ3L+3viwMo/Qr
+PjJVI0HaerStY0b23H5J0ItN3hKYYwAAAAMBAAEAAAGBAKY8MN0u9T5b99H8qdTsgZyKLT
+6MIXZjmqWeIOt7WL2jyD70ZP8QEDJdhvpbeN3au54CiRXUsFxcsmky5eLsilGH1Kc5tcGp
++cRyAhGFfCLBysDl7k0k3++GKo9LejhSFORE33tG7pIMjHzUU1eJHu6yYJMZQfdNmnCWSt
+2orMO0lBkte5LRSSAAOAxD3pGI6acazRiggFgjApp3I3QVOOIqGQSr4ea05iKd2cOiwPyd
+VATEGJLKMijVCkOaNbVMMgP1EfDC8qcEY2gfuFFeNPEnGxDu8HR6RkvGhKKYStaF+swcur
+RxWP4is7Xxgypg+e87jieuK81opV3Qckkmxq2YsqiwJ5pn1rH2UdAEmS2GoSr61gO/1lPY
+3xEfYvXa195GzXt//mJ+ptjrv+I2pB00Wi3YGJg0IXnT2xed9R726WI0FpCM0E4TRAw9lB
+/8XKwIyFqUO77P20mrFFwQu4UV69zHs1qZR/8YbeEI59emdtGtnwD3rCtlnWLSvkKXsQAA
+AMEAzSXzPwyPPhNyrV+y/Ar/dSygo0sKVmEY+iid1ouh9lNOZk7dx8QrC0IuwWSpY5WyNa
+RuhtQZ6gnBAoiKnPT1LxWujcAzNBCkv3eavrPHXw48abZo/CFQ1Km/eeR21IK2LUVJmajC
+dALrCwm3k+nwBqFkBWJqMMHMvLXQnRXeOB9xTgVEyYzEn2TFKWzJpyba9FOyCPJZsCHofS
+aRyTrB21D9TgAlPH/nHkeN7zIjq2dXL2wJyqn3thKg8Rz/VamYAAAAwQD93vThNDxa47gy
+O0XFH3c9falygcW4W9/dWQSeG9heAfwiw79CTRchUCjbj8pLClpqOIsWTRRlofdFQcxw/l
+j3tmVbIgFiqQIgnVd3uRzIV85SA9HFsHHcX6rQh+yG4GWeI0GEf0CY15J2OLlRVIMlFICw
+lrEL6xWrEwTRlnFcZKW7RONvsRMOX+a12BOOjTe2tETEcE7JIDG9cU6EkZ8H4jn79VX4cD
+wBU+BDZS626fEJnt209WyirFnwN0KmYlUAAADBAMz77c1+mghItFS62PQM6n/vkDoQD0B5
+d85C8OlbqmhixzDsQq1TzONwva7CQWrNgfbUc1fShTSWygH7I35uwQBCrZnNuqB4vsPVoJ
+YoQf7iXSI33Mct13/2FW88KVAWnJj0i4OPrjg010x/8FchjX8YDjiwqttXBwAN6afZY+qq
++eH+NE1Y4Lv/gedng+hu76a4Sa+3p5tj3bfo066E7XwMHHX/YCgCnTJqoGODOZAPB5lmbZ
+REOm4/9hon/5731wAAAAp1YnVudHVAdG1jAQIDBAUGBw==
+-----END OPENSSH PRIVATE KEY-----
docker/files/router_firewall/admin.pub
@@ -0,0 +1,1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDLR4CQwDliKoDnDwHju76B7In0BtcYYCZB3TzywDawFs2ejy9Lu/BOU4V84gvyrkdKU1HTaePI2CDQq2uRxDPFDBhp61TSIh8nxPQVs/atWCy46sc9R9E/feTWXeqPuK5IXXzLq0B63tVew12wShaQZRvV+WTqDdKJZjBqep5lSmQDLeNcUVYq3NC9+gh9c5nHmXSr/H0wiYriLF/uO+xHb007jNGJGALwqrgs/6FhinCkvOATuzOcpEshWlUxrUDCTOnMf+V7QLoLkROn/8AOg+8+lRsUuRPyesNohL+/gnORGAwHqjPVgFuP1q37d+ivTKnq/wymojLUwoWJw9NXws/+pYGxJId53iCZnlmU8n6dHJwTs/c9KxI3aLLiBtPeLvxSYWzWLIwcvrkul5bRGI9rI1+wGdVt44SJA4VveL/wP8gJyYTynmTqLe3pHHJ0sXxFTzpl6KNZ1KyL5p4ymdy/t74sDKP0Kz4yVSNB2nq0rWNG9tx+SdCLTd4SmGM= ubuntu@tmc
docker/files/router_firewall/nope.sh
@@ -0,0 +1,2 @@
+#!/bin/sh
+echo NOPE! EDITED!
docker/ssh/user_admin/Dockerfile
@@ -0,0 +1,20 @@
+
+FROM ubuntu:20.04
+
+RUN apt-get update && apt-get install -y openssh-server
+
+RUN mkdir /var/run/sshd
+RUN useradd --create-home --shell /bin/nope admin
+RUN mkdir /home/admin/.ssh
+
+# SSH login fix. Otherwise user is kicked off after login
+RUN sed 's@session\s*required\s*pam_loginuid.so@session optional pam_loginuid.so@g' -i /etc/pam.d/sshd
+
+ENV NOTVISIBLE "in users profile"
+RUN echo "export VISIBLE=now" >> /etc/profile
+
+EXPOSE 22
+CMD ["/usr/sbin/sshd", "-D", "-e"]
+
+
+
docker-compose.yml
@@ -1,4 +1,4 @@
-version: '3'
+version: '3.2'
 
 networks:
   bchd:
@@ -33,6 +33,26 @@ networks:
         - subnet: 192.168.200.0/24
 
 services:
+  router_firewall:
+    build: docker/ssh/user_admin
+    image: sshd_user_admin
+    restart: always
+    networks:
+     - internet
+     - party
+    volumes: 
+     - type: bind
+       source: ./docker/files/router_firewall/admin.pub
+       target: /home/admin/.ssh/authorized_keys
+       volume:
+         nocopy: True
+     - type: bind
+       source: ./docker/files/router_firewall/nope.sh
+       target: /bin/nope
+       volume:
+         nocopy: True
+   # TODO static IP on internet
+   # TODO static IP party
 
 # 40 redirectors
   redirector01: