add optional ssh-admin cell

dCache · Oct 21, 2023 · d28b02e · d28b02e
1 parent 75f6855
commit d28b02e
Show file tree

Hide file tree

Showing 3 changed files with 19 additions and 0 deletions.
diff --git a/templates/configmap.yaml b/templates/configmap.yaml
@@ -89,6 +89,12 @@ data:
     [door-svc/spacemanager]
     spacemanager.authz.link-group-file-name=/opt/dcache/etc/linkgroupauthz.conf
 
+{{- if .Values.sshAdmin.enabled }}
+    [door-svc/admin]
+    admin.paths.host-keys=/etc/grid-security/ssh_host_rsa_key
+{{- end }}
+
+
 {{- range .Values.dcache.pools }}
 
     [pool-{{ . }}-svc]

diff --git a/templates/door.yaml b/templates/door.yaml
@@ -71,6 +71,14 @@ spec:
           volumeMounts:
             - mountPath: /etc/grid-security
               name: certs
+      {{- if .Values.sshAdmin.enabled }}
+        - name: gen-ssh-key
+          image: kroniak/ssh-client
+          command: ['sh', '-c', "ssh-keygen -t rsa -b 2048 -N '' -f /etc/grid-security/ssh_host_rsa_key; chown 994:1000 /etc/grid-security/ssh_host_rsa_key"]
+          volumeMounts:
+            - mountPath: /etc/grid-security
+              name: certs
+      {{- end }}
       volumes:
       {{ include "dcache.conf.volume" . | indent 6 }}
       - name: certs

diff --git a/values.yaml b/values.yaml
@@ -30,6 +30,11 @@ door:
     gridftp: 2811
     srm: 8443
 
+sshAdmin:
+  enabled: true
+  port: 22224
+
+
 mover:
   nfs: 32049
   xrootd: 31094