I have this docker file
# Use the base PHP image
FROM php:7.4-apache
# Set the TERM environment variable
RUN echo "export TERM=xterm" >> /root/.bashrc
# Install necessary PHP extensions and dependencies
RUN apt-get update && apt-get install -y \
openssh-server \
vim \
cron \
nano \
libpng-dev \
libjpeg-dev \
libxml2-dev \
libzip-dev \
libicu-dev \
libfreetype6-dev \
libonig-dev \
libcurl4-openssl-dev \
zlib1g-dev \
libpq-dev \
gnupg2 \
curl \
lsb-release \
&& apt-get update \
&& docker-php-ext-configure gd --with-freetype --with-jpeg \
&& docker-php-ext-install -j$(nproc) gd iconv xmlrpc zip intl soap mysqli pdo_mysql opcache curl json xml mbstring
# Enable Apache mod_rewrite
RUN a2enmod rewrite
# SSH Configuration
RUN mkdir /var/run/sshd && \
echo 'Port 2222' >> /etc/ssh/sshd_config && \
echo 'PasswordAuthentication no' >> /etc/ssh/sshd_config && \
echo 'PermitRootLogin yes' >> /etc/ssh/sshd_config && \
mkdir -p /root/.ssh && chmod 700 /root/.ssh
# Copy Moodle data
COPY ./ /var/www/html
# Configure Apache to listen on all interfaces
RUN sed -i 's/Listen 80/Listen 0.0.0.0:80/' /etc/apache2/ports.conf
RUN sed -i 's/<VirtualHost *:80>/<VirtualHost 0.0.0.0:80>/' /etc/apache2/sites-available/000-default.conf
# Create entrypoint script
COPY entrypoint.sh /usr/local/bin/entrypoint.sh
RUN chmod +x /usr/local/bin/entrypoint.sh
# Expose port 80 for Apache
EXPOSE 80 2222
# Use the entrypoint script to start Apache
ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
CMD ["apache2-foreground"]
# Don't forget to run the moodle search replace tool in the browser or run it on the mysql dump
This entrypoint.sh
#!/bin/bash
# Ensure the Moodledata directory exists and has the correct permissions
mkdir -p /moodledata
chown -R www-data:www-data /moodledata
chmod -R 775 /moodledata
# Ensure the webroot has the correct permissions
chown -R www-data:www-data /var/www/html
chmod -R 755 /var/www/html
# Extract the domain from the WWWROOT environment variable (removing the scheme)
SERVER_NAME=$(echo $WWWROOT | sed -e 's~http[s]*://~~' -e 's~/.*~~')
# Set the ServerName in the Apache configuration
echo "ServerName $SERVER_NAME" >> /etc/apache2/apache2.conf
/usr/sbin/sshd
echo $AUTHORIZED_KEYS >/root/.ssh/authorized_keys
# Execute the CMD passed to the Docker container
exec "$@"
and this fly.toml
# fly.toml app configuration file generated for stage-learntrac-app on 2024-10-09T19:36:32+11:00
#
# See https://fly.io/docs/reference/configuration/ for information about how to use this file.
#
app = 'stage-learntrac-app'
primary_region = 'syd'
[build]
[env]
APP_ENV = 'production'
DATAROOT = '/moodledata'
DB_CONNECTION = 'mysql'
DB_NAME = 'some_db'
DB_HOST = 'stage-learntrac-mysql.internal'
DB_LIBRARY = 'native'
DB_OPTIONS = '{"dbpersist":0,"dbport":"3306","dbcollation":"utf8mb4_general_ci","dbsocket":"/var/run/mysqld/mysqld.sock"}'
DB_PREFIX = 'gwf_'
DB_TYPE = 'mysqli'
HOSTNAME = '0.0.0.0'
SSL_PROXY = '1'
WWWROOT = 'https://stage-learntrac-app.fly.dev'
[[mounts]]
source = 'moodledata'
destination = '/moodledata'
[http_service]
internal_port = 80
force_https = true
auto_stop_machines = 'stop'
auto_start_machines = true
min_machines_running = 1
processes = ['app']
[[services]]
internal_port = 2222
protocol = "tcp"
[[services.ports]]
port = 2222
handlers = []
[[vm]]
memory = '1gb'
cpu_kind = 'shared'
cpus = 1
and I also have dedicated ipv4
v4 37.16.22.10 public (dedicated, $2/mo) global 1h16m ago
yet when I try connect I get the below kex_exchange_identifcation error. I get this from my local machine or from another fly app in my internal network.
This is the ssh-keygen command I used on the other fly app and then copied the .pub key into authorized_keys ssh-keygen -t rsa -b 2048 -f /root/.ssh/id_rsa -N ‘’
❯ ssh -vvv -4 -i ~/.ssh/fly -p 2222 root@37.16.22.10
OpenSSH_9.8p1, OpenSSL 3.3.2 3 Sep 2024
debug1: Reading configuration data /home/user/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug3: /etc/ssh/ssh_config line 2: Including file /etc/ssh/ssh_config.d/20-systemd-ssh-proxy.conf depth 0
debug1: Reading configuration data /etc/ssh/ssh_config.d/20-systemd-ssh-proxy.conf
debug2: resolve_canonicalize: hostname 37.16.22.10 is address
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts' -> '/home/user/.ssh/known_hosts'
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts2' -> '/home/user/.ssh/known_hosts2'
debug3: channel_clear_timeouts: clearing
debug3: ssh_connect_direct: entering
debug1: Connecting to 37.16.22.10 [37.16.22.10] port 2222.
debug3: set_sock_tos: set socket 3 IP_TOS 0x48
debug1: Connection established.
debug1: identity file /home/user/.ssh/fly type 0
debug1: identity file /home/user/.ssh/fly-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_9.8
kex_exchange_identification: read: Connection reset by peer
Connection reset by 37.16.22.10 port 2222