-
Notifications
You must be signed in to change notification settings - Fork 1
/
fodo
executable file
·38 lines (32 loc) · 1.31 KB
/
fodo
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
#!/bin/bash
#
# AUTHORS: Pavol Ivanko & Jozef Knaperek, (c) 2019
#
# LICENSE: MIT
#
# PURPOSE: This script forwards the control domain socket of a remote Docker Engine to the local machine via SSH tunnel
# and sets up the local environment to talk to the remote Docker Engine.
# The main objective is not to rely on Docker's TLS endpoint for remote control but instead leverage the existing
# access mechanism made for this purpose - SSH. The access is easier to mange and you don't need to open up
# an additional port on your firewall just for Docker access.
#
# USAGE: fodo <hostname> [port]
#
set -e
if [ "$#" -ne 1 ] && [ "$#" -ne 2 ]; then
echo "Usagge: $0 <hostname> [port]"
exit 1
fi
SSH_PORT=${2:-22}
TARGET_DIR=$(mktemp --directory --tmpdir dockerssh-$1-XXXXXXXX)
DOCKER_SOCKET=$TARGET_DIR/docker.sock
CONTROL_SSH_SOCKET=$TARGET_DIR/ssh-control.sock
function cleanup {
ssh -S $CONTROL_SSH_SOCKET -O exit -p $SSH_PORT root@$1
rm -r $TARGET_DIR
}
trap cleanup EXIT
ssh -M -S $CONTROL_SSH_SOCKET -fnNT -o StreamLocalBindUnlink=yes -o ExitOnForwardFailure=yes -o ServerAliveInterval=15 -o ServerAliveCountMax=600 -L $DOCKER_SOCKET:/var/run/docker.sock -p $SSH_PORT root@$1
export DOCKER_HOST=unix://$DOCKER_SOCKET
export DOCKER_MACHINE_NAME=$(docker info --format '{{ .Name }}')
$SHELL