From a80cd99ada18cf10bab9d28831e31164ee2a9829 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Arturo=20Filast=C3=B2?= <arturo@filasto.net>
Date: Tue, 24 Sep 2024 22:36:31 +0300
Subject: [PATCH] Fix permissions

---
 tf/modules/ooni_th_droplet/templates/cloud-init-docker.yml | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/tf/modules/ooni_th_droplet/templates/cloud-init-docker.yml b/tf/modules/ooni_th_droplet/templates/cloud-init-docker.yml
index bd083bb6..49b46217 100644
--- a/tf/modules/ooni_th_droplet/templates/cloud-init-docker.yml
+++ b/tf/modules/ooni_th_droplet/templates/cloud-init-docker.yml
@@ -88,8 +88,6 @@ users:
 write_files:
   - path: /etc/ssh/sshd_config
     content: |
-      Port 2222
-      Protocol 2
       PermitRootLogin no
       PermitEmptyPasswords no
       PasswordAuthentication no
@@ -114,7 +112,7 @@ write_files:
         resolver 127.0.0.1;
 
         # test helper metrics
-        location / {
+        location /metrics {
           allow ${monitoring_ip};
           deny all;
 
@@ -159,7 +157,7 @@ runcmd:
   - systemctl restart sshd
   - ufw default deny incoming
   - ufw default allow outgoing
-  - ufw allow 2222/tcp
+  - ufw allow 22/tcp
   - ufw allow 80/tcp
   - ufw allow 443/tcp
   - ufw allow from ${monitoring_ip} proto tcp to any port 9001