On Fri, Sep 23, 2022, 3:08 AM Cyril Servant <cyril.servant@xxxxxx> wrote: > Hi, > > Le 21/09/2022 à 22:59, Carl Karsten a écrit : > > The goal is to host 4 or 5 websites for friends. all low traffic, so a > > single box should be fine. 16 cores, 32g ram, 1 nic, 1 public IP. > > hostname: prox > > > > each site gets a VM, created manually, (they all get debian) add > > friends ssh keys and let them ssh in and do whatever they want in > > their vm. and be able to ansible over ssh like ansible does. > > > > hostnames vm1, vm2... friends all manage their own domain name > > register / dns, point their www's at my IP. > > > > I would like to keep ports all standard: 22 for ssh, 80/443 for > > http/s, etc. and route to the VM based on hostname. > > > > ssh user@prox gets the host, ssh user@vm1 gets vm1. curl http://vm1 > gets vm1. > > > > There are lots of ways to do this, I'm trying to work out a config > > that makes it easy on their end. > > you can use sshproxy which I'm maintaining > : https://github.com/cea-hpc/sshproxy > With sshproxy's routing system, you can proxy each user to its > respective VM, without them having a shell on the gateway. > > This looks promising. Could you give me the conf for what I described? > My setup will end up in a public repo, so maybe someone else can use it too. > > > > > > Telling them all to use ProxyJump isn't out of the question, but I'm > > hoping there are other options. > > > > I don't mind a separate solution for ssh and http. like for http I > > can run an nginx on the public IP with > > > > server_name vm1; > > location / { proxy_pass http://10.0.0.1; > > > > -- > Cyril > _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev@xxxxxxxxxxx > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev > _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
