Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

feat: modify config-ssh to check for Coder Connect#17419

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.

Already on GitHub?Sign in to your account

Merged
spikecurtis merged 1 commit intomainfromspike/config-ssh-match-suffix
Apr 17, 2025

Conversation

spikecurtis
Copy link
Contributor

@spikecurtisspikecurtis commentedApr 16, 2025
edited
Loading

relates to#16828

Changes SSH config so that suffixes only match if Coder Connect is not running / available. This means that we will use the existing Coder Connect tunnel if it is available, rather than creating a new tunnel viacoder ssh --stdio.

@spikecurtisGraphite App
Copy link
ContributorAuthor

spikecurtis commentedApr 16, 2025
edited
Loading

@spikecurtisspikecurtis marked this pull request as ready for reviewApril 16, 2025 13:27
@spikecurtisspikecurtisforce-pushed thespike/config-ssh-match-suffix branch fromefdb86b to3073db4CompareApril 16, 2025 13:30
@spikecurtisspikecurtisforce-pushed thespike/connect-exists-cmd branch fromecef684 to169ab02CompareApril 16, 2025 13:30
@spikecurtisspikecurtis changed the titlefeat: modifies config-ssh to check for Coder Connectfeat: modify config-ssh to check for Coder ConnectApr 16, 2025
Copy link
Member

@mafredrimafredri left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

Awesome! Tried it out and seems to work well. This also (perhaps inadvertently) fixes most issues when trying to connect to stopped workspaces as it will automatically proxy the first time and trigger autostart. 😄

@mafredri
Copy link
Member

Edit: Just realized that setting-o options are only effective for proxied commands. It'd be nice to have two entries in the SSH config, i.e:

Host *.coder        Foo=BarMatch host *.coder !exec "/Users/maf/Code/coder/coder connect exists %h"        ConnectTimeout=0        StrictHostKeyChecking=no        UserKnownHostsFile=/dev/null        LogLevel ERROR        ProxyCommand /Users/maf/Code/coder/coder --global-config "/Users/maf/Library/Application Support/coderv2" ssh --stdio --hostname-suffix coder %h
ethanndickson reacted with thumbs up emoji

Copy link
Member

@ethanndicksonethanndickson left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

LGTM after the-o settings are added to the non-proxycommand.

It'd be nice to have two entries in the SSH config, i.e:

Host *.coder       Foo=BarMatch host *.coder !exec "/Users/maf/Code/coder/coder connect exists %h"...

It's confusing that this works, I thought the rule was whatever Host appeared first in the config was used, so that this would never hit the match block. Apparently not.

This also (perhaps inadvertently) fixes most issues when trying to connect to stopped workspaces as it will automatically proxy the first time and trigger autostart.

This is sick

@spikecurtisspikecurtisforce-pushed thespike/connect-exists-cmd branch from169ab02 toa89e1c3CompareApril 17, 2025 06:57
@spikecurtisspikecurtisforce-pushed thespike/config-ssh-match-suffix branch from3073db4 to2bb6713CompareApril 17, 2025 06:57
@spikecurtisspikecurtisforce-pushed thespike/connect-exists-cmd branch froma89e1c3 todc5fab3CompareApril 17, 2025 07:12
@spikecurtisspikecurtisforce-pushed thespike/config-ssh-match-suffix branch from2bb6713 toafbcc03CompareApril 17, 2025 07:12
@spikecurtisspikecurtis changed the base branch fromspike/connect-exists-cmd tographite-base/17419April 17, 2025 07:23
@spikecurtisspikecurtisforce-pushed thespike/config-ssh-match-suffix branch fromafbcc03 toa8cf4c3CompareApril 17, 2025 07:23
@graphite-appgraphite-appbot changed the base branch fromgraphite-base/17419 tomainApril 17, 2025 07:24
@spikecurtisspikecurtisforce-pushed thespike/config-ssh-match-suffix branch froma8cf4c3 toc4e9eebCompareApril 17, 2025 07:24
@spikecurtisGraphite App
Copy link
ContributorAuthor

Ok, now looks like

Host *.coder        ConnectTimeout=0        StrictHostKeyChecking=no        UserKnownHostsFile=/dev/null        LogLevel ERRORMatch host *.coder !exec "C:\Users\micha\repos\coder\coder.exe connect exists %h"        ProxyCommand C:\Users\micha\repos\coder\coder.exe --global-config C:\Users\micha\AppData\Roaming\coderv2 ssh --stdio --hostname-suffix coder %h

@spikecurtisspikecurtisforce-pushed thespike/config-ssh-match-suffix branch fromc4e9eeb to77364baCompareApril 17, 2025 07:47
@spikecurtisspikecurtis merged commitb0854aa intomainApr 17, 2025
34 checks passed
@spikecurtisGraphite App
Copy link
ContributorAuthor

Merge activity

  • Apr 17, 4:04 AM EDT: A user merged this pull request withGraphite.

@spikecurtisspikecurtis deleted the spike/config-ssh-match-suffix branchApril 17, 2025 08:04
@github-actionsgithub-actionsbot locked and limited conversation to collaboratorsApr 17, 2025
@mafredri
Copy link
Member

Ok, now looks like

Host *.coder        ConnectTimeout=0        StrictHostKeyChecking=no        UserKnownHostsFile=/dev/null        LogLevel ERRORMatch host *.coder !exec "C:\Users\micha\repos\coder\coder.exe connect exists %h"        ProxyCommand C:\Users\micha\repos\coder\coder.exe --global-config C:\Users\micha\AppData\Roaming\coderv2 ssh --stdio --hostname-suffix coder %h

@spikecurtis works as expected now, thanks! It'd be nice to move those default ones (at least ConnectTimeout, StrictHostKeyChecking, and UserKnownHostsFile, but probably LogLevel too) to the match block though, since host key verification works well over Coder Connect (seems a shame to disable it) and the others are most likely related to proxying as well.

@spikecurtisGraphite App
Copy link
ContributorAuthor

Honestly, we can probably retireStrictHostKeyChecking andUserKnownHostsFile settings entirely at some point soon, since we've implemented steps to ensure Agents use the same key on rebuilds.

@mafredri
Copy link
Member

Oh yeah, I thought it was still a requirement for the proxy command but it seems you are right, we can totally do that! I think theConnectTimeout andLogLevel ERROR are still required to be able to wait for a workspace to start and perhaps show output as well, but have not verified.

Sign up for freeto subscribe to this conversation on GitHub. Already have an account?Sign in.
Reviewers

@mafredrimafredrimafredri approved these changes

@ethanndicksonethanndicksonethanndickson approved these changes

Assignees

@spikecurtisspikecurtis

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

3 participants
@spikecurtis@mafredri@ethanndickson
[8]ページ先頭
©2009-2025 Movatter.jp