-
-
Notifications
You must be signed in to change notification settings - Fork 82
/
Copy pathdocker-compose.test.yml
123 lines (114 loc) · 3.44 KB
/
docker-compose.test.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
version: '3'
# Please see docs/TESTING.md for additional information.
services:
bootloader:
build:
context: ./test
dockerfile: Dockerfile.openssh
hostname: bootloader
command: /usr/bin/dumb-init /bin/sh -c "(
echo y | ssh-keygen -C testing -f /opt/id_rsa -N '';
cp /opt/id_rsa.pub /opt/authorized_keys;
chmod 600 /opt/authorized_keys;
sleep 300;
exit 1;
)"
volumes:
- sshkeys:/opt/
target:
build:
context: ./test
dockerfile: Dockerfile.openssh
depends_on:
- bootloader
hostname: target
command: /bin/sh -c "(
rm /root/.ssh/target.txt;
sed -i s/#PermitRootLogin.*/PermitRootLogin\ yes/ /etc/ssh/sshd_config;
echo root:root | chpasswd;
ssh-keygen -A;
touch /root/.ssh/target.txt;
/usr/sbin/sshd -D -e
)"
networks:
testnet:
ipv4_address: 203.0.113.100
volumes:
- sshkeys:/root/.ssh/
remote:
build:
context: ./test
dockerfile: Dockerfile.openssh
hostname: remote
depends_on:
- bootloader
command: /bin/sh -c "(
rm /root/.ssh/remote.txt;
sed -i s/#PermitRootLogin.*/PermitRootLogin\ yes/ /etc/ssh/sshd_config;
sed -i s/GatewayPorts\ no/GatewayPorts\ clientspecified/ /etc/ssh/sshd_config;
sed -i s/AllowTcpForwarding\ no/AllowTcpForwarding\ yes/ /etc/ssh/sshd_config;
echo root:root | chpasswd;
ssh-keygen -A;
touch /root/.ssh/remote.txt;
/usr/sbin/sshd -D -e
)"
networks:
testnet:
ipv4_address: 203.0.113.10
volumes:
- sshkeys:/root/.ssh/
local:
build: .
hostname: local
depends_on:
- bootloader
- remote
- target
environment:
- TERM=xterm
- SSH_BIND_IP=203.0.113.10
- SSH_REMOTE_USER=root
- SSH_REMOTE_HOST=203.0.113.10
- SSH_REMOTE_PORT=22
- SSH_TARGET_HOST=203.0.113.100
- SSH_TARGET_PORT=22
- SSH_TUNNEL_PORT=11111
- SSH_OPTIONS="-o StreamLocalBindUnlink=yes -o UseRoaming=no"
- SSH_KEY_FILE=/opt/id_rsa
- SSH_KNOWN_HOSTS_FILE=/dev/null
- SSH_STRICT_HOST_IP_CHECK=false
networks:
testnet:
ipv4_address: 203.0.113.111
restart: always
volumes:
- sshkeys:/opt/
sut:
build:
context: ./test
dockerfile: Dockerfile.openssh
hostname: source
depends_on:
- local
command: /bin/sh -c "(
while [ ! -f /opt/id_rsa ]; do echo 'waiting for ssh-keygen...'; sleep 2; done;
while [ ! -f /opt/authorized_keys ]; do echo 'waiting for authorized_keys...'; sleep 2; done;
while [ ! -f /opt/remote.txt ]; do echo 'waiting for remote...'; sleep 2; done;
while [ ! -f /opt/target.txt ]; do echo 'waiting for target...'; sleep 2; done;
echo 'testing...'
ssh -o StrictHostKeyChecking=no -i /opt/id_rsa root@203.0.113.10 -p 11111 -C 'if [ `hostname` == "target" ]; then echo '[INFO ] success'; exit 0; else echo '[PANIC] hostname is not target'; exit 1; fi';
)"
networks:
testnet:
ipv4_address: 203.0.113.200
volumes:
- sshkeys:/opt/
networks:
testnet:
driver: bridge
ipam:
driver: default
config:
- subnet: 203.0.113.0/24
volumes:
sshkeys: {}