There have been multiple accounts created with the sole purpose of posting advertisement posts or replies containing unsolicited advertising.

Accounts which solely post advertisements, or persistently post them may be terminated.

mb_ , (edited )

There are a few ways to do it, but you don’t use caddy for SSH.

  • host SSH on port 22, forgejo on a different port. Expose both ports to the internet
  • host SSH on a different port, forgejo on port 22. Expose both ports to the internet
  • host SSH on port 22. Forgejo on port 2222. Only 22 exposed to the internet. Change the authorized_keys user of the git user on host to automatically call the internal forgejo SSH app

Last option is how I run my Gitea instance, authorized keys is managed by gitea so you don’t really need to do anything high maintenance.

~git/.ssh/authorized_keys:


<span style="color:#323232;">command="/usr/local/bin/gitea --config=/data/gitea/conf/app.ini serv key-9",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty,no-user-rc,restrict ssh-rsa PUBLICKEYHASH
</span>

/usr/local/bin/gitea:


<span style="color:#323232;">ssh -p 2222 -o StrictHostKeyChecking=no [email protected] "SSH_ORIGINAL_COMMAND="$SSH_ORIGINAL_COMMAND" $0 $@"
</span>

127.0.0.14 is the local git docker access where I expose the service, but you couldn’t different ports, IPS, etc.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • [email protected]
  • random
  • lifeLocal
  • goranko
  • All magazines
    •