From 4fb621933387c21f6f09676850e6f0ce0dd7cd3f Mon Sep 17 00:00:00 2001
From: Xiao Pan <xyz@flylightning.xyz>
Date: Fri, 29 Aug 2025 06:30:36 +0000
Subject: ibb netns also run sshd, so when I vpn to ibb I can ssh to it

---
 etc/netns/ns0/nftables.conf         |  2 +-
 etc/systemd/system/sshd-ns0.service | 19 +++++++++++++++++++
 2 files changed, 20 insertions(+), 1 deletion(-)
 create mode 100644 etc/systemd/system/sshd-ns0.service

(limited to 'etc')

diff --git a/etc/netns/ns0/nftables.conf b/etc/netns/ns0/nftables.conf
index 2d6a6e48..5d287bd9 100644
--- a/etc/netns/ns0/nftables.conf
+++ b/etc/netns/ns0/nftables.conf
@@ -27,7 +27,7 @@ table inet my_table {
 		ip protocol icmp accept
 		meta l4proto ipv6-icmp accept
 
-		#tcp dport ssh accept
+		tcp dport ssh accept
 		#tcp dport qbt-nox accept
 		tcp dport qbt accept
 		udp dport qbt accept
diff --git a/etc/systemd/system/sshd-ns0.service b/etc/systemd/system/sshd-ns0.service
new file mode 100644
index 00000000..d66b8932
--- /dev/null
+++ b/etc/systemd/system/sshd-ns0.service
@@ -0,0 +1,19 @@
+# modified from /usr/lib/systemd/system/sshd.service
+
+[Unit]
+After=network.target sshdgenkeys.service
+Before=ssh-access.target
+Description=OpenSSH Daemon
+Documentation=man:sshd(8) man:sshd_config(5)
+Wants=sshdgenkeys.service ssh-access.target
+After=ns0.service
+
+[Service]
+Type=notify-reload
+ExecStart=/usr/bin/sshd -D
+KillMode=process
+Restart=always
+NetworkNamespacePath=/run/netns/ns0
+
+[Install]
+WantedBy=multi-user.target
-- 
cgit v1.2.3-70-g09d2