On Mon, 09 Jun 2014 17:37:06 +0200 Michael Scherer <misc@xxxxxxxx> wrote: > Le lundi 09 juin 2014 à 08:44 -0600, Tim Flink a écrit : > > > The QA devel folks use phabricator and phabricator supports git repo > > hosting (through http(s) and ssh). In order to support git over ssh > > while keeping user information in phabricator (username, ssh key for > > git, repo permissions etc.), it uses a short-circuited ssh daemon > > that uses phabricator for auth instead of system accounts > > (restricted to git commands, though). Git repos on alternate ports > > is a bit of a pain, so to support git+ssh on port 22 I change the > > real ssh daemon (that can do more than git) to an alternate port. > > What about having the real sshd listening on one ip ( if possible, a > rfc1918 one in the VPN ) and git from phabricator on a second ? I can't think of any reason why that wouldn't work but I don't see what's wrong with just using an alternate port instead of adding a second IP. I don't have a strong opinion on the exact setup as long as the external port 22 is handled by phabricator and the machine remains manageable through ansible without too many odd workarounds. Tim
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ infrastructure mailing list infrastructure@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/infrastructure
