Skip to content
This repository was archived by the owner on Aug 30, 2024. It is now read-only.

feat: Enable arbitrary SSH options passed via config-ssh #410

Merged
merged 4 commits into from
Aug 9, 2021
Merged

feat: Enable arbitrary SSH options passed via config-ssh #410

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
e071f1c
feat: Add option to disable SSH connection cache
kylecarbs Aug 9, 2021
33e15b3
Refactor to enable arbitrary options
kylecarbs Aug 9, 2021
840bf99
Generate docs
kylecarbs Aug 9, 2021
4410549
Add comment for duplicated values
kylecarbs Aug 9, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions docs/coder_config-ssh.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@ coder config-ssh [flags]
```
--filepath string override the default path of your ssh config file (default "~/.ssh/config")
-h, --help help for config-ssh
-o, --option strings additional options injected in the ssh config (ex. disable caching with "-o ControlPath=none")
--remove remove the auto-generated Coder ssh config
```

Expand Down
55 changes: 33 additions & 22 deletions internal/cmd/configssh.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,23 +33,25 @@ const sshEndToken = "# ------------END-CODER-ENTERPRISE------------"

func configSSHCmd() *cobra.Command {
var (
configpath string
remove = false
configpath string
remove = false
additionalOptions []string
)

cmd := &cobra.Command{
Use: "config-ssh",
Short: "Configure SSH to access Coder workspaces",
Long: "Inject the proper OpenSSH configuration into your local SSH config file.",
RunE: configSSH(&configpath, &remove),
RunE: configSSH(&configpath, &remove, &additionalOptions),
}
cmd.Flags().StringVar(&configpath, "filepath", filepath.Join("~", ".ssh", "config"), "override the default path of your ssh config file")
cmd.Flags().StringSliceVarP(&additionalOptions, "option", "o", []string{}, "additional options injected in the ssh config (ex. disable caching with \"-o ControlPath=none\")")
cmd.Flags().BoolVar(&remove, "remove", false, "remove the auto-generated Coder ssh config")

return cmd
}

func configSSH(configpath *string, remove *bool) func(cmd *cobra.Command, _ []string) error {
func configSSH(configpath *string, remove *bool, additionalOptions *[]string) func(cmd *cobra.Command, _ []string) error {
return func(cmd *cobra.Command, _ []string) error {
ctx := cmd.Context()
usr, err := user.Current()
Expand Down Expand Up @@ -118,7 +120,7 @@ func configSSH(configpath *string, remove *bool) func(cmd *cobra.Command, _ []st
return xerrors.Errorf("Failed to get executable path: %w", err)
}

newConfig := makeNewConfigs(binPath, workspacesWithProviders, privateKeyFilepath)
newConfig := makeNewConfigs(binPath, workspacesWithProviders, privateKeyFilepath, *additionalOptions)

err = os.MkdirAll(filepath.Dir(*configpath), os.ModePerm)
if err != nil {
Expand Down Expand Up @@ -226,7 +228,7 @@ func writeSSHKey(ctx context.Context, client coder.Client, privateKeyPath string
return ioutil.WriteFile(privateKeyPath, []byte(key.PrivateKey), 0600)
}

func makeNewConfigs(binPath string, workspaces []coderutil.WorkspaceWithWorkspaceProvider, privateKeyFilepath string) string {
func makeNewConfigs(binPath string, workspaces []coderutil.WorkspaceWithWorkspaceProvider, privateKeyFilepath string, additionalOptions []string) string {
newConfig := fmt.Sprintf("\n%s\n%s\n\n", sshStartToken, sshStartMessage)

sort.Slice(workspaces, func(i, j int) bool { return workspaces[i].Workspace.Name < workspaces[j].Workspace.Name })
Expand All @@ -240,32 +242,41 @@ func makeNewConfigs(binPath string, workspaces []coderutil.WorkspaceWithWorkspac
continue
}

newConfig += makeSSHConfig(binPath, workspace.Workspace.Name, privateKeyFilepath)
newConfig += makeSSHConfig(binPath, workspace.Workspace.Name, privateKeyFilepath, additionalOptions)
}
newConfig += fmt.Sprintf("\n%s\n", sshEndToken)

return newConfig
}

func makeSSHConfig(binPath, workspaceName, privateKeyFilepath string) string {
entry := fmt.Sprintf(
`Host coder.%s
HostName coder.%s
ProxyCommand "%s" tunnel %s 12213 stdio
StrictHostKeyChecking no
ConnectTimeout=0
IdentitiesOnly yes
IdentityFile="%s"
`, workspaceName, workspaceName, binPath, workspaceName, privateKeyFilepath)
func makeSSHConfig(binPath, workspaceName, privateKeyFilepath string, additionalOptions []string) string {
// Custom user options come first to maximizessh customization.
options := []string{}
if len(additionalOptions) > 0 {
options = []string{
"# Custom options. Duplicated values will always prefer the first!",
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think it would be better if we kept a map[string]string of the name/value pairs, and then override them based on key... but ssh might have some peculiarities with the config format, like being case-insensitive

I think this is an improvement over the status quo so definitely think this is good now, we can always revisit later if we get customer feedback that this is confusing :)

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I did this in an iteration, but didn't want the jank of splitting on " " or "="... I wasn't sure if there were additional edge-cases, and didn't wanna risk it!

That's definitely a cleaner approach though, so someday 🙏

}
options = append(options, additionalOptions...)
options = append(options, "# End custom options.")
}
options = append(options,
fmt.Sprintf("HostName coder.%s", workspaceName),
fmt.Sprintf("ProxyCommand %q tunnel %s 12213 stdio", binPath, workspaceName),
"StrictHostKeyChecking no",
"ConnectTimeout=0",
"IdentitiesOnly yes",
fmt.Sprintf("IdentityFile=%q", privateKeyFilepath),
)

if runtime.GOOS == "linux" || runtime.GOOS == "darwin" {
entry += ` ControlMaster auto
ControlPath ~/.ssh/.connection-%r@%h:%p
ControlPersist 600
`
options = append(options,
"ControlMaster auto",
"ControlPath ~/.ssh/.connection-%r@%h:%p",
"ControlPersist 600",
)
}

return entry
return fmt.Sprintf("Host coder.%s\n\t%s\n\n", workspaceName, strings.Join(options, "\n\t"))
}

func writeStr(filename, data string) error {
Expand Down
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy