ssh tunnel env switch and logging

compose.yaml

@@ -140,10 +140,11 @@ services:
       context: sshtun
       dockerfile: Dockerfile
     restart: always
+    environment:
+      - USE_TUN=${USE_TUN}
     ports:
       - "22222:22"
     expose:
-      - "11111"
       - "11112"
     networks:
       - frontnet

compose.yaml.local

@@ -140,10 +140,11 @@ services:
       context: sshtun
       dockerfile: Dockerfile
     restart: always
+    environment:
+      - USE_TUN=${USE_TUN}
     ports:
       - "22222:22"
     expose:
-      - "11111"
       - "11112"
     networks:
       - frontnet

compose.yaml.prod

@@ -140,10 +140,11 @@ services:
       context: sshtun
       dockerfile: Dockerfile
     restart: always
+    environment:
+      - USE_TUN=${USE_TUN}
     ports:
       - "22222:22"
     expose:
-      - "11111"
       - "11112"
     networks:
       - frontnet

dotenv

@@ -13,6 +13,9 @@ BUILD_GPG_PP=
 # Tor:
 # true/false:
 USE_TOR=false
+# SSH Tun:
+# true/false:
+USE_TUN=false
 
 # Backend:
 FLASK_SECRET_KEY="flaskkey"

sshtun/entrypoint.sh

@@ -1,8 +1,14 @@
 #!/bin/bash
-# Container goal:
+# Container goal: egress
-# autossh -N -R 11111:localhost:11434 -i sshtun/oilykey/<SOMEKEY> -p 22222 <SOMEURL>
+# first:	physical_box$ autossh -N -R 11111:localhost:11434 -i sshtun/oilykey/<SOMEKEY> -p 22222 <rem_vps_url>
-# forwards    rem_c_port:(operator_pc:op_pc_port) ...some args...  rem_host_p rem_host_url 
+# will forward rem_c_port:physical_box:physical_box_port ...some args...  rem_vps_p rem_vps_url
+# then:		frontnet_c$ curl sshtun.frontnet:11112 --> physical_box:11434
 
-nohup socat TCP-LISTEN:11112,fork TCP:localhost:11111 &
+if $USE_TUN ; then
-/usr/sbin/sshd -D
+	echo "@@@@@@@@@@ SSH TUNNEL ENABLED BY ENV"
+	nohup socat TCP-LISTEN:11112,fork TCP:localhost:11111 &
+	/usr/sbin/sshd -De
+else
+	echo "@@@@@@@@@@ SSH TUNNEL DISABLED BY ENV"
+fi