LOCAL_PORT is optional, licence, ssh cmd, readme w/o docker run block

Author: itnelo

CHANGELOG.md

@@ -0,0 +1,15 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## [Unreleased]
+### Changed
+
+- No changes yet.
+
+[Unreleased]: https://github.com/symfony-doge/docker-ssh-tunnel/compare/0.1.0...0.x
+[0.2.0]: https://github.com/symfony-doge/docker-ssh-tunnel/compare/0.1.0..0.2.0
+[0.1.0]: https://github.com/symfony-doge/docker-ssh-tunnel/releases/tag/0.1.0

Dockerfile

@@ -3,22 +3,20 @@ FROM alpine:3.11
 
 LABEL maintainer="Pavel Petrov <[email protected]>"
 LABEL version="0.1.0"
-LABEL description="Docker SSH tunnel"
+LABEL description="A simple SSH tunnel for port forwarding within Docker environment"
 
-RUN apk add --update openssh-client && rm -rf /var/cache/apk/*
+ENV LOCAL_HOST *
+ENV LOCAL_PORT _
+
+ENV REMOTE_HOST 127.0.0.1
+ENV REMOTE_PORT _
 
-ARG LOCAL_HOST=*
-ARG LOCAL_PORT
+ENV SSH_TUNNEL_HOST _
+ENV SSH_TUNNEL_PORT 22
+ENV SSH_TUNNEL_USER root
 
-ARG REMOTE_HOST=127.0.0.1
-ARG REMOTE_PORT
+RUN apk add --update openssh-client && rm -rf /var/cache/apk/*
 
-ARG SSH_TUNNEL_HOST
-ARG SSH_TUNNEL_PORT=22
-ARG SSH_TUNNEL_USER=root
+COPY docker-ssh-tunnel-cmd.sh /usr/local/bin/docker-ssh-tunnel-cmd.sh
 
-CMD ssh \
-        -p $SSH_TUNNEL_PORT \
-        -L $LOCAL_HOST:$LOCAL_PORT:$REMOTE_HOST:$REMOTE_PORT \
-        $SSH_TUNNEL_USER@$SSH_TUNNEL_HOST \
-        -N
+CMD ["docker-ssh-tunnel-cmd.sh"]

LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2020 Pavel Petrov <[email protected]>
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

@@ -0,0 +1,57 @@
+
+# Docker SSH tunnel
+
+This docker image can be used in case when you need
+an access, for example, to some service on your production server,
+which doesn't expose it's ports to the worldwide.
+Additionally, you don't want to touch ports on your local machine,
+because some of them can be busy or just reserved.
+
+## Usage
+
+### docker run
+
+### docker-compose.yml
+
+The minimal configuration will look like:
+
+```
+services:
+    ssh-tunnel-example:
+        image: symfonydoge/docker-ssh-tunnel:latest
+        volumes:
+            - $HOME/.ssh/id_rsa:/root/ssh-import/id_rsa:ro
+        environment:
+            SSH_TUNNEL_HOST: corp.domain.ltd
+            REMOTE_PORT: 6379
+```
+
+where `$HOME/.ssh/id_rsa` is a path to your private SSH key,
+`corp.domain.ltd` is a domain or IP address of your server
+and `6379` is the remote port to forward
+(local port will be the same if not specified explicitly, 
+see full list of environment variables below).
+
+Now each container in the compose project can access
+tunnelled resource through `ssh-tunnel-example:6379`.
+
+### Environment Variables
+
+| Name              | Default value | Description                                                                       |
+| :---------------- | :------------ | :-------------------------------------------------------------------------------- |
+| `LOCAL_HOST`      | *             | IP address or domain to present remote resource in the tunnel container           |
+| `LOCAL_PORT`      | equal to `REMOTE_PORT` | Port number to present remote resource in the tunnel container           |
+| `REMOTE_HOST`     | 127.0.0.1     | IP address or domain of resource on the remote server by which it can be accessed |
+| `REMOTE_PORT`     |               | Port number of resource on the remote server by which it can be accessed          |
+| `SSH_TUNNEL_HOST` |               | Host of the remote server to create an SSH tunnel                                 |
+| `SSH_TUNNEL_PORT` | 22            | SSH daemon port on the remote server                                              |
+| `SSH_TUNNEL_USER` | root          | User login for establishing an SSH connection                                     |
+
+### Hints
+
+- You can expose a port only for local access
+in your docker-compose project, just specify localhost
+in the mapping: `127.0.0.1:6379:6379`. See [documentation](https://docs.docker.com/config/containers/container-networking/).
+
+## Changelog
+All notable changes to this project will be documented in [CHANGELOG.md](CHANGELOG.md).

docker-ssh-tunnel-cmd.sh

@@ -0,0 +1,25 @@
+#!/usr/bin/env sh
+
+if [ $LOCAL_PORT == "_" ]; then
+    LOCAL_PORT=$REMOTE_PORT
+fi
+
+SSH_TUNNEL_CMD="
+    ssh \
+        -v \
+        -o StrictHostKeyChecking=no \
+        -o ForwardAgent=yes \
+        -o TCPKeepAlive=yes \
+        -o ConnectTimeout=5 \
+        -o ServerAliveCountMax=10 \
+        -o ServerAliveInterval=15 \
+        -i /root/ssh-import/id_rsa
+        -p $SSH_TUNNEL_PORT \
+        -L $LOCAL_HOST:$LOCAL_PORT:$REMOTE_HOST:$REMOTE_PORT \
+        $SSH_TUNNEL_USER@$SSH_TUNNEL_HOST \
+        -N
+"
+
+echo "Running:" ${SSH_TUNNEL_CMD}
+
+${SSH_TUNNEL_CMD}