dave/coolify
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

fix: if mux conn fails, still use it without mux + save priv key with better logic

Browse Source
This commit is contained in:
Andras Bacsai
2024-11-22 10:06:12 +01:00
parent 9dd982b722
commit 821538911f
2 changed files with 16 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
app/Helpers/SshMultiplexingHelper.php
View File

@@ -21,17 +21,16 @@ class SshMultiplexingHelper
]; ];
} }
public static function ensureMultiplexedConnection(Server $server) public static function ensureMultiplexedConnection(Server $server): bool
{ {
if (! self::isMultiplexingEnabled()) { if (! self::isMultiplexingEnabled()) {
return; return false;
} }
$sshConfig = self::serverSshConfiguration($server); $sshConfig = self::serverSshConfiguration($server);
$muxSocket = $sshConfig['muxFilename']; $muxSocket = $sshConfig['muxFilename'];
$sshKeyLocation = $sshConfig['sshKeyLocation'];
self::validateSshKey($sshKeyLocation); self::validateSshKey($server->privateKey);
$checkCommand = "ssh -O check -o ControlPath=$muxSocket "; $checkCommand = "ssh -O check -o ControlPath=$muxSocket ";
if (data_get($server, 'settings.is_cloudflare_tunnel')) { if (data_get($server, 'settings.is_cloudflare_tunnel')) {
@@ -41,16 +40,17 @@ class SshMultiplexingHelper
$process = Process::run($checkCommand); $process = Process::run($checkCommand);
if ($process->exitCode() !== 0) { if ($process->exitCode() !== 0) {
self::establishNewMultiplexedConnection($server); return self::establishNewMultiplexedConnection($server);
}
} }
public static function establishNewMultiplexedConnection(Server $server) return true;
}
public static function establishNewMultiplexedConnection(Server $server): bool
{ {
$sshConfig = self::serverSshConfiguration($server); $sshConfig = self::serverSshConfiguration($server);
$sshKeyLocation = $sshConfig['sshKeyLocation']; $sshKeyLocation = $sshConfig['sshKeyLocation'];
$muxSocket = $sshConfig['muxFilename']; $muxSocket = $sshConfig['muxFilename'];
$connectionTimeout = config('constants.ssh.connection_timeout'); $connectionTimeout = config('constants.ssh.connection_timeout');
$serverInterval = config('constants.ssh.server_interval'); $serverInterval = config('constants.ssh.server_interval');
$muxPersistTime = config('constants.ssh.mux_persist_time'); $muxPersistTime = config('constants.ssh.mux_persist_time');
@@ -60,15 +60,14 @@ class SshMultiplexingHelper
if (data_get($server, 'settings.is_cloudflare_tunnel')) { if (data_get($server, 'settings.is_cloudflare_tunnel')) {
$establishCommand .= ' -o ProxyCommand="cloudflared access ssh --hostname %h" '; $establishCommand .= ' -o ProxyCommand="cloudflared access ssh --hostname %h" ';
} }
$establishCommand .= self::getCommonSshOptions($server, $sshKeyLocation, $connectionTimeout, $serverInterval); $establishCommand .= self::getCommonSshOptions($server, $sshKeyLocation, $connectionTimeout, $serverInterval);
$establishCommand .= "{$server->user}@{$server->ip}"; $establishCommand .= "{$server->user}@{$server->ip}";
$establishProcess = Process::run($establishCommand); $establishProcess = Process::run($establishCommand);
if ($establishProcess->exitCode() !== 0) { if ($establishProcess->exitCode() !== 0) {
throw new \RuntimeException('Failed to establish multiplexed connection: '.$establishProcess->errorOutput()); return false;
} }
return true;
} }
public static function removeMuxFile(Server $server) public static function removeMuxFile(Server $server)
@@ -97,9 +96,8 @@ class SshMultiplexingHelper
if ($server->isIpv6()) { if ($server->isIpv6()) {
$scp_command .= '-6 '; $scp_command .= '-6 ';
} }
if (self::isMultiplexingEnabled()) { if (self::isMultiplexingEnabled() && self::ensureMultiplexedConnection($server)) {
$scp_command .= "-o ControlMaster=auto -o ControlPath=$muxSocket -o ControlPersist={$muxPersistTime} "; $scp_command .= "-o ControlMaster=auto -o ControlPath=$muxSocket -o ControlPersist={$muxPersistTime} ";
self::ensureMultiplexedConnection($server);
} }
if (data_get($server, 'settings.is_cloudflare_tunnel')) { if (data_get($server, 'settings.is_cloudflare_tunnel')) {
@@ -127,9 +125,8 @@ class SshMultiplexingHelper
$ssh_command = "timeout $timeout ssh "; $ssh_command = "timeout $timeout ssh ";
if (self::isMultiplexingEnabled()) { if (self::isMultiplexingEnabled() && self::ensureMultiplexedConnection($server)) {
$ssh_command .= "-o ControlMaster=auto -o ControlPath=$muxSocket -o ControlPersist={$muxPersistTime} "; $ssh_command .= "-o ControlMaster=auto -o ControlPath=$muxSocket -o ControlPersist={$muxPersistTime} ";
self::ensureMultiplexedConnection($server);
} }
if (data_get($server, 'settings.is_cloudflare_tunnel')) { if (data_get($server, 'settings.is_cloudflare_tunnel')) {
@@ -154,13 +151,14 @@ class SshMultiplexingHelper
return config('constants.ssh.mux_enabled') && ! config('constants.coolify.is_windows_docker_desktop'); return config('constants.ssh.mux_enabled') && ! config('constants.coolify.is_windows_docker_desktop');
} }
private static function validateSshKey(string $sshKeyLocation): void private static function validateSshKey(PrivateKey $privateKey): void
{ {
$checkKeyCommand = "ls $sshKeyLocation 2>/dev/null"; $keyLocation = $privateKey->getKeyLocation();
$checkKeyCommand = "ls $keyLocation 2>/dev/null";
$keyCheckProcess = Process::run($checkKeyCommand); $keyCheckProcess = Process::run($checkKeyCommand);
if ($keyCheckProcess->exitCode() !== 0) { if ($keyCheckProcess->exitCode() !== 0) {
throw new \RuntimeException("SSH key file not accessible: $sshKeyLocation"); $privateKey->storeInFileSystem();
} }
} }

4
app/Models/Server.php
View File

@@ -1059,10 +1059,6 @@ $schema://$host {
return ['uptime' => false, 'error' => 'Server skipped.']; return ['uptime' => false, 'error' => 'Server skipped.'];
} }
try { try {
// Make sure the private key is stored
if ($this->privateKey) {
$this->privateKey->storeInFileSystem();
}
instant_remote_process(['ls /'], $this); instant_remote_process(['ls /'], $this);
if ($this->settings->is_reachable === false) { if ($this->settings->is_reachable === false) {
$this->settings->is_reachable = true; $this->settings->is_reachable = true;