fix(seedbox): disable Tailscale SSH management for CI compatibility
All checks were successful
Deploy Seedbox / Deploy Seedbox Stacks (push) Successful in 1m0s
All checks were successful
Deploy Seedbox / Deploy Seedbox Stacks (push) Successful in 1m0s
- Remove --ssh flag from tailscale up - Remove temporary SSH port 22 opening (not needed anymore) - SSH now uses standard auth via Tailscale network - CI can connect without Tailscale SSH check prompts
This commit is contained in:
@@ -80,8 +80,8 @@ main() {
|
|||||||
log_info "Installing Tailscale..."
|
log_info "Installing Tailscale..."
|
||||||
curl -fsSL https://tailscale.com/install.sh | sh
|
curl -fsSL https://tailscale.com/install.sh | sh
|
||||||
|
|
||||||
log_info "Connecting to Tailscale (SSH only)..."
|
log_info "Connecting to Tailscale (without SSH management)..."
|
||||||
sudo tailscale up --ssh
|
sudo tailscale up
|
||||||
|
|
||||||
# Get Tailscale hostname for display
|
# Get Tailscale hostname for display
|
||||||
TS_FQDN=$(tailscale status --json 2>/dev/null | awk -F'"' '
|
TS_FQDN=$(tailscale status --json 2>/dev/null | awk -F'"' '
|
||||||
@@ -125,19 +125,10 @@ EOF
|
|||||||
# BitTorrent peer port (public)
|
# BitTorrent peer port (public)
|
||||||
sudo ufw allow 51413/tcp > /dev/null
|
sudo ufw allow 51413/tcp > /dev/null
|
||||||
sudo ufw allow 51413/udp > /dev/null
|
sudo ufw allow 51413/udp > /dev/null
|
||||||
# Allow all traffic on Tailscale interface
|
# Allow all traffic on Tailscale interface (including SSH)
|
||||||
sudo ufw allow in on tailscale0 > /dev/null
|
sudo ufw allow in on tailscale0 > /dev/null
|
||||||
# Temporary SSH access (safety net)
|
|
||||||
sudo ufw allow 22/tcp > /dev/null
|
|
||||||
sudo ufw --force enable > /dev/null
|
sudo ufw --force enable > /dev/null
|
||||||
|
|
||||||
# Schedule SSH rule removal in 5 minutes
|
|
||||||
log_warn "SSH port 22 temporarily open for 5 minutes (safety net)."
|
|
||||||
echo "sudo ufw delete allow 22/tcp && logger 'UFW: SSH port 22 closed'" | sudo at now + 5 minutes 2>/dev/null || {
|
|
||||||
log_warn "Could not schedule automatic SSH cleanup. Run manually:"
|
|
||||||
log_warn " sudo ufw delete allow 22/tcp"
|
|
||||||
}
|
|
||||||
|
|
||||||
# Step 8: Create directory structure
|
# Step 8: Create directory structure
|
||||||
log_info "Creating directory structure..."
|
log_info "Creating directory structure..."
|
||||||
sudo mkdir -p "$SEEDBOX_DIR"
|
sudo mkdir -p "$SEEDBOX_DIR"
|
||||||
@@ -222,7 +213,7 @@ MOTD
|
|||||||
log_info "=========================================="
|
log_info "=========================================="
|
||||||
echo ""
|
echo ""
|
||||||
echo "Server accessible at:"
|
echo "Server accessible at:"
|
||||||
echo " SSH: ${TS_FQDN}"
|
echo " SSH: ssh user@${TS_FQDN}"
|
||||||
echo ""
|
echo ""
|
||||||
echo "Directory structure:"
|
echo "Directory structure:"
|
||||||
echo " ${SEEDBOX_DIR}/"
|
echo " ${SEEDBOX_DIR}/"
|
||||||
@@ -245,8 +236,7 @@ MOTD
|
|||||||
echo " 2. Push to main branch to trigger deployment"
|
echo " 2. Push to main branch to trigger deployment"
|
||||||
echo " 3. Services will be available at <service>.taila5ad8.ts.net"
|
echo " 3. Services will be available at <service>.taila5ad8.ts.net"
|
||||||
echo ""
|
echo ""
|
||||||
log_warn "SSH port 22 will be closed in 5 minutes."
|
log_info "SSH access via Tailscale: ssh user@${TS_FQDN}"
|
||||||
log_warn "Use Tailscale SSH: ssh ${TS_FQDN}"
|
|
||||||
echo ""
|
echo ""
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user