我已经使用 docker-compose 设置了 gitea,我的机器的外部 SSH 端口是 4444,我在 sshd_config 中设置了它
version: '2'
volumes:
gitea:
postgres:
networks:
gitea:
external: false
services:
server:
image: gitea/gitea:latest
env_file:
- .env
restart: always
networks:
- gitea
volumes:
- gitea:/data
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
ports:
- "3000:3000"
- "2222:22"
depends_on:
- postgres
postgres:
image: postgres:9.6
restart: always
env_file:
- gittea_db.env
networks:
- gitea
ports:
- "5432:5432"
volumes:
- postgres:/var/lib/postgresql/data
以下是 .env 文件
USER_UID=1002
USER_GID=1001
DB_TYPE=postgres
DB_HOST=postgres:5432
DB_NAME=gittea
DB_USER=gittea
DB_PASSWD=password12
INSTALL_LOCK=True
APP_NAME=myapp
RUN_MODE=prod
DOMAIN=source.smarticlelabs.com
ROOT_URL=https://source.smarticlelabs.com
SSH_LISTEN_PORT=22
SSH_PORT=2222
但是当我在添加 ssh 密钥后尝试克隆 repo 时,我收到此错误
git clone ssh://[email protected]:2222/superadmin/testrepo.git
Cloning into 'testrepo'...
ssh: connect to host 51.15.245.237 port 2222: Connection refused
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
答案1
正如其他人指出的那样,这实际上可能是一个防火墙问题。
要解决此问题,您首先应该验证您的容器是否确实在运行docker-compose ps
# docker-compose ps
Name Command State Ports
-------------------------------------------------------------------------
server [cmd ...] Up 0.0.0.0:22->2222/tcp
接下来你应该检查你的Docker端口实际暴露的主机netstat -lpn|grep -i 2222
:
# netstat -lpn|grep -i 2222
tcp6 0 0 :::2222 :::* LISTEN 7216/docker-proxy-c
这也应该与当地Docker主机防火墙具有iptables-save|grep -i 2222
:
# iptables-save|grep -i 2222
-A POSTROUTING -s 172.18.0.2/32 -d 172.18.0.2/32 -p tcp -m tcp --dport 2222 -j MASQUERADE
-A DOCKER ! -i br-0383ea873b82 -p tcp -m tcp --dport 2222 -j DNAT --to-destination 172.18.0.2:2222
-A DOCKER -d 172.18.0.2/32 ! -i br-0383ea873b82 -o br-0383ea873b82 -p tcp -m tcp --dport 2222 -j ACCEPT
如果所有这些检查都是阳性,则可能是您的外部防火墙您的 Internet IP51.15.245.237
您可以通过从与您的 IntraNet 上的另一台主机进行连接来检查Docker主持人。