From ef05a58ab42cc0de88847e0b2bfc4e9a77560cd0 Mon Sep 17 00:00:00 2001
From: ange <ange@yw5n.com>
Date: Sun, 18 Feb 2024 20:39:48 +0100
Subject: [PATCH] feat: git ssh port

---
 rootfs/etc/haproxy/haproxy.cfg | 10 ++++++++++
 rootfs/etc/iptables/rules.v4   |  1 +
 2 files changed, 11 insertions(+)

diff --git a/rootfs/etc/haproxy/haproxy.cfg b/rootfs/etc/haproxy/haproxy.cfg
index 5d83946..3fb2fec 100644
--- a/rootfs/etc/haproxy/haproxy.cfg
+++ b/rootfs/etc/haproxy/haproxy.cfg
@@ -24,6 +24,11 @@ defaults
     errorfile 503 /etc/haproxy/errors/503.http
     errorfile 504 /etc/haproxy/errors/504.http
 
+frontend ssh
+    mode tcp
+    bind *:22
+    use_backend http
+
 frontend http
     mode tcp
     bind *:80
@@ -34,6 +39,11 @@ frontend https
     bind *:443
     use_backend https
 
+backend ssh
+    mode tcp
+    balance leastconn
+    server s1 149.202.74.193:30022 check send-proxy
+
 backend http
     mode tcp
     balance leastconn
diff --git a/rootfs/etc/iptables/rules.v4 b/rootfs/etc/iptables/rules.v4
index b2d7f5d..b68b821 100644
--- a/rootfs/etc/iptables/rules.v4
+++ b/rootfs/etc/iptables/rules.v4
@@ -5,6 +5,7 @@
 -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
 -A INPUT -i lo -j ACCEPT
 -A INPUT -p icmp -j ACCEPT
+-A INPUT -p tcp --dport    22 -j ACCEPT
 -A INPUT -p tcp --dport    80 -j ACCEPT
 -A INPUT -p tcp --dport   443 -j ACCEPT
 -A INPUT -p tcp --dport  6443 -j ACCEPT