Bastion

The image can be pulled from Dockerhub.

Building

Get latest tag

git fetch --all --tags
TAGNAME="$(git describe --abbrev=0 --tags)"

echo $TAGNAME

On a x86 chip

docker build -t dblworks/bastion:$TAGNAME .

On a ARM chip (for a x86 target):

docker build -t dblworks/bastion:$TAGNAME . --platform linux/amd64

Publishing

docker push dblworks/bastion:$TAGNAME

Running

docker run -e "PERMITTED_GITHUB_USERNAMES=marcqualie swiknaba" localhost/bastion

Deployment

Deploying to AWS ECS

Using the DBL terraform module:

module "ecs_service_bastion" {
  source = "github.com/dbl-works/terraform//ecs-deploy?ref=v2023.12.22"

  project     = "dbl"
  environment = "production"

  cpu         = 256
  memory      = 512

  load_balancer_target_group_name = "dbl-production-ssh"

  sidecar_config = []

  app_config     = {
    name           = "bastion"
    image_tag      = "v1.5"
    image_name     = "dblworks/bastion"
    container_port = 22
    secrets        = []
    commands       = []
    environment_variables = {
      PERMITTED_GITHUB_USERNAMES = "swiknaba samkahchiin"
    }
  }
}

Further Reads

sshd config: ubuntu.com