soft-serve
soft-serve copied to clipboard
charmbracelet
Access Soft Serve On Remote Server
Hi there,
I installed Soft Serve on a remote server. It works great in local, but I have trouble accessing it from the outside.
I would like to setup something like your git.charm.sh to access it from my local computer. But so far I failed.
Could you share the parts of your Nginx config that makes ssh git.charm.sh possible?
Thank you very much!
I don't think they have nginx set up. Running a nmap scan shows only port 22 open with OpenSSH on the other side.
What issue are you running into?
Hi there,
I installed Soft Serve on a remote server. It works great in local, but I have trouble accessing it from the outside.
I would like to setup something like your
git.charm.shto access it from my local computer. But so far I failed.Could you share the parts of your Nginx config that makes
ssh git.charm.shpossible?Thank you very much!
Maybe the firewall or the security team rules stopped you. For example, Alibaba Cloud does not allow external access to the server by default. You must open the port (default 23231) manually.
Hi there, thanks to you both for your answers!
So I enabled my firewall and added the port 23231. My configuration looks like this:
To Action From
-- ------ ----
OpenSSH ALLOW Anywhere
Nginx Full ALLOW Anywhere
23231/tcp ALLOW Anywhere
OpenSSH (v6) ALLOW Anywhere (v6)
Nginx Full (v6) ALLOW Anywhere (v6)
23231/tcp (v6) ALLOW Anywhere (v6)
Also, I added a service to automatically launch Soft Serve on boot. While connected to my server, I can access it with the command ssh localhost -p 23231 as shown in the documentation:
But when I try to access it directly from my local computer with a command such as ssh [email protected] -p 23231 or ssh ssh://[email protected]:23231, I still get the message: ssh: connect to host 0.0.0.0 port 23231: Connection refused.
I'm quite new to all this server configuration stuff. Maybe I'm missing something obvious. Do you know what it might be?
Hi there, thanks to you both for your answers!
So I enabled my firewall and added the port
23231. My configuration looks like this:To Action From -- ------ ---- OpenSSH ALLOW Anywhere Nginx Full ALLOW Anywhere 23231/tcp ALLOW Anywhere OpenSSH (v6) ALLOW Anywhere (v6) Nginx Full (v6) ALLOW Anywhere (v6) 23231/tcp (v6) ALLOW Anywhere (v6)Also, I added a
serviceto automatically launch Soft Serve on boot. While connected to my server, I can access it with the commandssh localhost -p 23231as shown in the documentation:
But when I try to access it directly from my local computer with a command such as
ssh [email protected] -p 23231orssh ssh://[email protected]:23231, I still get the message:ssh: connect to host 0.0.0.0 port 23231: Connection refused.I'm quite new to all this server configuration stuff. Maybe I'm missing something obvious. Do you know what it might be?
Firstly, check the IP 0.0.0.0 and make sure you can use this undestination ip to locate your server on the Internet?
Secondly, does your local computer have a private key that corresponds to the public key in soft-serve configuration?
check ~/.ssh/<private key file>.
You're running the server on localhost, which will only allow connection from your local network. You need to set your environment variable for SOFT_SERVE_HOST to 0.0.0.0.
So I finally got some time to focus on this. Thank you again for your help. But I still can't get it to work.
@xuwhao I didn't know the address 0.0.0.0 was reserved, thanks for telling me. I was using it as an example ip.
The way Soft Serve is configured right now includes the public key of my remote server "DO Admin" and the public key of my local computer "RilDev". I pushed the modifications and restarted the service. The one my server works well, but it is still not working when I try to connect with ssh [email protected] -p 23231
@zQueal I set the my environement variable SOFT_SERVE_HOST to 0.0.0.0. Now I don't get access denied it just looks like it is not loading.
ssh -t [email protected] -p 23231
ssh: connect to host 123.123.123.123 port 23231: Connection timed out
I tried to setup a reverse ssh proxy by following this guide https://www.howtoforge.com/community/threads/a-guide-to-using-nginx-as-a-reverse-proxy-for-http-s-and-ssh.82918/. But this time it blocked my soft-server.service telling me the port is already in use.
My config looks something like this:
upstream ssh.rildev.tk {
server 123.123.123.123:22;
}
server {
listen 23231;
proxy_pass ssh.rildev.tk;
}
Any idea how to make this work? How do you access your Soft Server on a remote host?
Maybe you already solved the issue, but stumbled upon this post setting up my own git server with soft-serve I'll share my configuration and the steps to setup soft-serve as a service.
First, let's assume you only want to access soft-serve with ssh: You don't need nginx. soft-serve has a builtin ssh-server. You just need a service running on your host, which shall start soft-serve on boot.
Assumed setup:
- Linux Ubuntu (should work on any debian-based distribution with systemd)
- Separate user (
git) for running soft-serve as a service - Repository directory in
git's home directory:/home/git/repos - systemd service running as user
gitwhich starts on boot - remote access:
git.yourdomain.com
Needed steps:
- Create user
git - Create systemd configuration
- Enable linger to allow user
gitrunning services on boot
Example:
# login to your host with user having sudo access rights
ssh [email protected]
# install soft-serve according to https://github.com/charmbracelet/soft-serve#installation
# allow port 23231
sudo ufw allow 23231
sudo ufw reload
# create user git
sudo adduser git
# change to user git
sudo su - git
# initially run soft serve according to https://github.com/charmbracelet/soft-serve#configuration
SOFT_SERVE_INITIAL_ADMIN_KEY="ssh-..." SOFT_SERVE_REPO_PATH=/home/git/repos soft serve
# clone the config repository from your local machine
# john@localbox:~$ git clone ssh://git.yourdomain.com:23231/config
# exit soft serve by ctrl+c
# create a service to run soft on boot
mkdir -p /home/git/.config/systemd/user/
# see file below
vi /home/git/.config/systemd/user/soft-serve.service
# logout (switch back to user sysadmin)
# enable linger for user git, see below (1) for an explanation
sudo loginctl enable-linger git
# IMPORTANT: this part has to be executed with a real login session,
# not with `sudo su - git` (reason: systemd needs a real login session
ssh [email protected]
# start the service
systemctl --user start soft-serve.service
# enable on boot
systemctl --user enable soft-serve.service
# if all goes well, you should see soft running under systemd as user git:
ps xuf | grep -1 soft
# git 857 0.0 1.7 18172 8404 ? Ss Nov28 0:00 /lib/systemd/systemd --user
# git 860 0.0 0.1 169388 744 ? S Nov28 0:00 \_ (sd-pam)
# git 33374 0.0 3.9 731948 18644 ? Ssl 07:38 0:00 \_ /usr/bin/soft serve
systemd user service:
# /home/git/.config/systemd/user/soft-serve.service
[Unit]
Description=git soft-serve
After=network.target
[Service]
Type=simple
Restart=always
RestartSec=1
Environment=SOFT_SERVE_PORT="23231"
Environment=SOFT_SERVE_BIND_ADDRESS="0.0.0.0"
Environment=SOFT_SERVE_KEY_PATH="/home/git/.ssh/soft_serve_server_ed25519"
Environment=SOFT_SERVE_REPO_PATH="/home/git/repos"
Environment=SOFT_SERVE_HOST="git.yourdomain.com"
ExecStart=/usr/bin/soft serve
[Install]
WantedBy=default.target
I hope this helps or supports others stumbling upon this post.
Notes:
-
loginctl enable-linger gitenables the user git to run services on boot or without being logged in:
man loginctl
If enabled for a specific user, a user manager is spawned for the user at boot and kept around after logouts. This allows users who are not logged in to run long-running services.
