I have Bitbucket Server serving SSH git traffic on port 7999 and it has an HAProxy for SSH port forwarding ( HAProxy is only for a set of users from a secure n/w).
The requirement is to Allow only selected projects/repos to be cloned using SSH protocol which has to pass through HAproxy on port 7999. Port forwarding is working however ACL is not yet working.
The git SSH clone URL looks as:
git clone ssh://git@mydomain.name.com:7999/project1/repo1.git
Question1)Is this can be achieved using HAproxy ACLs for SSH URIs? Question2) I am a beginner on HAproxy ACL, how to write a HAproxy rule so that block all repos by default and allow only selected repos?
I tried
deny if {path -i -m end reponame.git}
however not succeeded.
seeking example/guidance on how best we can achieve it using HAproxy.