feature/ssh-server (#1)

Co-authored-by: Márcio Fernandes <marcio.fernandes@outlook.pt> Reviewed-on: #1
2025-09-07 13:50:18 +00:00
parent ea24e0e41a
commit ce1d7a749a
23 changed files with 727 additions and 10 deletions
--- a/docker/ssh-server/app/sshserver.py
+++ b/docker/ssh-server/app/sshserver.py
@@ -0,0 +1,126 @@
+import yaml
+import subprocess
+import crypt
+import os
+import globals
+import sys
+
+config_file_path='/etc/ssh/sshd_config'
+
+def set_sshd_option(file_path: str, key: str, value: str) -> None:
+    updated = False
+    lines = []
+
+    with open(file_path, 'r') as f:
+        for line in f:
+            if line.strip().startswith(key):
+                lines.append(f"{key} {value}\n")
+                updated = True
+            else:
+                lines.append(line)
+
+    if not updated:
+        lines.append(f"{key} {value}\n")
+
+    with open(file_path, 'w') as f:
+        f.writelines(lines)
+
+    print(f"✅ Updated {key} to '{value}' in {file_path}")
+     
+def load():
+    setup()
+    #print_server_config()
+    if globals.sshserver_enabled():
+        start_server()
+
+
+
+
+def setup_certs():
+    certs=[
+        "/etc/ssh/certs/ssh_host_rsa_key",
+        "/etc/ssh/certs/ssh_host_ecdsa_key",
+        "/etc/ssh/certs/ssh_host_ed25519_key"
+    ]
+    if not os.path.exists("/etc/ssh/certs"):
+        os.makedirs("/etc/ssh/certs")
+        print(f"📁 Created folder: /etc/ssh/certs")
+        
+    if not os.listdir("/etc/ssh/certs"):
+        subprocess.run([
+            "ssh-keygen", "-t", "rsa", "-f",
+            "/etc/ssh/certs/ssh_host_rsa_key"
+        ], check=True, stdout=sys.stdout, stderr=sys.stderr)
+        print(f"✅ RSA key and certificate created:🔑 /etc/ssh/certs/ssh_host_rsa_key")
+
+        subprocess.run([
+            "ssh-keygen", "-t", "ecdsa", "-f",
+            "/etc/ssh/certs/ssh_host_ecdsa_key"
+        ], check=True, stdout=sys.stdout, stderr=sys.stderr)
+        print(f"✅ RSA key and certificate created:🔑 /etc/ssh/certs/ssh_host_ecdsa_key")
+
+        subprocess.run([
+            "ssh-keygen", "-t", "ed25519", "-f",
+            "/etc/ssh/certs/ssh_host_ed25519_key"
+        ], check=True, stdout=sys.stdout, stderr=sys.stderr)
+        print(f"✅ RSA key and certificate created:🔑 /etc/ssh/certs/ssh_host_ed25519_key")
+
+    certLines=[]
+    for cert in certs:
+        if os.path.exists(cert):
+            certLines.append(f"HostKey {cert}\n")
+        else:
+            print(f"❌ HostKey path not found {cert}")     
+    if not certLines: RuntimeError("❌ Missing server certificates configuration. Bind Volume to /etc/ssh/certs")
+   
+    lines = []
+    with open(config_file_path, 'r') as f:
+        for line in f:
+            if line.strip().startswith("HostKey"):
+                continue  # remove existing HostKey lines
+            lines.append(line)
+
+    for key in certLines:   
+        print(f"✅ HostKey path updated to use {key}")         
+        lines.append(key)
+
+    with open(config_file_path, 'w') as f:
+        f.writelines(lines)
+
+ 
+
+def setup():
+    global config_file_path
+
+    serverConfig = globals.get_config().get("server") if globals.config_exits() else None
+    
+    if not serverConfig: 
+        return
+    
+    optionsConfig = serverConfig.get("options")
+    if optionsConfig:
+        for option in optionsConfig:   
+             set_sshd_option(config_file_path, option, optionsConfig[option])
+    setup_certs()
+
+    
+
+def print_server_config():
+    with open(config_file_path, 'r') as f:
+        content = f.read()
+        print(content)
+
+
+def  start_server():
+    print("INFO: Starting ssh server.")
+    serverPort=None
+    serverConfig = globals.get_config().get("server") if globals.config_exits() else None
+    if serverConfig:
+        serverPort = serverConfig.get("port")
+    if serverPort:
+        subprocess.run(["/usr/sbin/sshd", "-D", "-e", "-p", str(serverPort)])
+    else:   
+        subprocess.run(["/usr/sbin/sshd", "-D", "-e"])
+
+if __name__ == "__main__":
+    load()