erik/converge
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
178 Commits 1 Branch 0 Tags 5.1 MiB
3cd2ccf25c
Commit Graph

125 Commits

Author SHA1 Message Date
Erik Brakkee
3cd2ccf25c throttling implemented for events. 2024-09-08 11:16:49 +02:00
Erik Brakkee
3574b64842 Server side sorting for the websessions page. No longer using LinkedMap as a result. 2024-09-08 11:16:49 +02:00
Erik Brakkee
96c62ab925 concurrency for the expiry time 2024-09-08 11:16:49 +02:00
Erik Brakkee
fc7977f7bb now using maps of Guid to Agent/Client in the state, working towards the definitive solution. 
Using LinkedMap that preserves insertion order for the implementation and also added unit tests for that.
 2024-09-08 11:16:49 +02:00
Erik Brakkee
556315906d introdcution of typesafe ids. 2024-09-08 11:16:49 +02:00
Erik Brakkee
c86ea894d1 Now using a more efficient data structure in the prometheus code for saving the last state to improve efficiency and minimize copying even more. 2024-09-08 11:16:49 +02:00
Erik Brakkee
ae59905329 Eliminating copying of objects in the prometheus integration. 2024-09-08 11:16:49 +02:00
Erik Brakkee
2916184661 Now optionally enabling thye pprof endpoint with the --pprof flag. 2024-09-08 11:16:49 +02:00
Erik Brakkee
eb145b2374 a bit more safety by copying the state when passing it to 
the websessions and prometheus.
 2024-09-08 11:16:49 +02:00
Erik Brakkee
6bb75728e7 eliminated unused fields in State 
Now preserving the lastState in prometheus.go in a State object instead
of in multiple values.
 2024-09-08 11:16:49 +02:00
Erik Brakkee
77c27b395b removed obsolete comments. 2024-09-08 11:16:49 +02:00
Erik Brakkee
2d426f8db3 using unbuffered channels everywhere now. Only change required was to initialize prometeus and the websessions before the matchmaker. This is because at startup the matchmaker wants to write a notification when it starts up but then prometheus and the websessions would not be there to read them. 
Alternative solution would be to run all initialization code in go routines to make it independent of initialization order but having a defined initialization order is much cleaner.
 2024-09-08 11:16:49 +02:00
Erik Brakkee
30a49217e4 Much imporoved websocket connection closure will now detect closing of 
websockets immediately.
 2024-09-08 11:16:49 +02:00
Erik Brakkee
1bf992d92a removed the init method in prometheuis.go 2024-09-08 11:16:49 +02:00
Erik Brakkee
a06d8b0ca6 renamed converge package to matchmaker. 2024-09-08 11:16:49 +02:00
Erik Brakkee
4f06fd71e0 renamed modukle name so that pkgsite will work. 2024-09-08 11:16:49 +02:00
Erik Brakkee
f823d4b67b fixed issues with the prometheus code with subtle errors due to the use 
of pointers. Now using simple value objects.
 2024-09-08 11:16:49 +02:00
Erik Brakkee
061fabfd07 Addes agent address and client address to the client and agent info. 2024-09-08 11:16:49 +02:00
Erik Brakkee
ad72c41347 ClientConnection no longer has public fields. 2024-09-08 11:16:49 +02:00
Erik Brakkee
db1d908d06 a lot of work to get prometheus monitoring better. 
Now the duration is updated every second to get more accurate readings. Also, the time series are now cleaned up when they no longer exists. Previously, all time series were deleted and then everything was setup from scratch.
 2024-09-08 11:16:49 +02:00
Erik Brakkee
1c92fcb03e much more clean handling of concurrency in the converge server by separating the administration from the matchmaking by putting admin in a separate package. 2024-09-08 11:16:49 +02:00
Erik Brakkee
f82b21b845 activity detection implemented for sftp. 2024-09-08 11:16:49 +02:00
Erik Brakkee
b8715bcbe8 eliminated the stop times. Not a good idea to have this metric because it starts becoming relevant after an agent has stopped and so it has basically unlimited lifetime which is not good. 2024-09-08 11:16:49 +02:00
Erik Brakkee
1be96d8742 Added agent_start_time, agent_stop_time, client_start_time, and client_stop_time metrics. 2024-09-08 11:16:49 +02:00
Erik Brakkee
c2ec1ce117 Added agent uid to the client info so that client and agent can be correlated in prometheus/grafana. 2024-09-08 11:16:49 +02:00
Erik Brakkee
c4bc07b0e0 nov showing a message that the rendez-vous id is generated. 2024-09-08 11:16:49 +02:00
Erik Brakkee
5b7d51f210 Code is more robust and should now never try to send a notification to a web client that can block, using a context with cancellation. 2024-09-08 11:16:49 +02:00
Erik Brakkee
4a3448dcc3 wsproxy now giving a more friendly error message when there is a protocol mismatch describing what the user should do. 2024-09-08 11:16:49 +02:00
Erik Brakkee
128be0ebb5 Added client environment info to the prometheus metrics as labels. 2024-09-08 11:16:49 +02:00
Erik Brakkee
f3d0074f17 added environment info from the client. 2024-09-08 11:16:49 +02:00
Erik Brakkee
b4b962d859 remove some console logs in the javascript 
prometheus now listening on separate port
fixed powershell command for setting up authorized keys.
 2024-09-08 11:16:49 +02:00
Erik Brakkee
f62b81cbfb cumulative counters implemented. 2024-09-08 11:16:49 +02:00
Erik Brakkee
97d34424ca prometheus monitoring now more complete. Including a guid to uniquely identify agents and clients. 2024-09-08 11:16:49 +02:00
Erik Brakkee
135fd081d8 prometheus support step 1 
updates to documentation.
 2024-09-08 11:16:49 +02:00
Erik Brakkee
2366b78e95 ClientId is now a string instead of an int. 2024-09-08 11:16:49 +02:00
Erik Brakkee
ae60b77eec public id is now shown on the sessions page since authorized keys are 
used which is safer.
 2024-09-08 11:16:49 +02:00
Erik Brakkee
cd953c5edf eliminated the username. 2024-09-08 11:16:49 +02:00
Erik Brakkee
d134f1e944 better messages when the user modifies the .authorized_keys file from 
within the session.
 2024-09-08 11:16:49 +02:00
Erik Brakkee
d109c72f66 removed password based access 
authorized keys can now be modified within the session.
keep last set of keys when no valid keys were found and keys are changed during the session .
 2024-09-08 11:16:49 +02:00
Erik Brakkee
1b1f8f2167 A lot of work in getting cut and paste from the UI to 
work properly.

Wrote two web components. One for cut and paste in general, and another for code samples.
 2024-09-08 11:16:49 +02:00
Erik Brakkee
51be117200 Simple validation of the id and the authorized keys. 2024-09-08 11:16:49 +02:00
Erik Brakkee
2cf73feef5 More clean handling of the contextpath. 
Now using long option names for the options of converge to be consistent with the other components.
 2024-09-08 11:16:49 +02:00
Erik Brakkee
75e1bd77ba Alternative contextpath is now supported. 
This will simplify hosting in cases where you have no control over DNS but only over one domain.
 2024-09-08 11:16:49 +02:00
Erik Brakkee
9456665a6f Preparation for alternative context path. 
The contextpath parameter in converge.go is
temporary and should be removed later. What is needed is autodetectio of the context path for the usage page and passing on the context for rendering.
 2024-09-08 11:16:49 +02:00
Erik Brakkee
b41317c598 Lots of work on making easier interactive documentation, especially to make working with SSH public keys really easy. 
Next step is to do more validation in the UI.
Specifically:
* validate authorized keys
* detection of accidental use of a private key

Then, password based access can be disabled.
 2024-09-08 11:16:49 +02:00
Erik Brakkee
49db7578a7 large parts of the usage is now dynamic. 
Still need to generate instructions for authorized keys. A lot of troubleshooting for the form to cookie persistence.
 2024-09-08 11:16:49 +02:00
Erik Brakkee
62b51a6d09 work in progress: 
* usage page now has more dynamic part where user
  can enter id and publis ssh keys and the server will
  generate the appropriate commmands to execute depending on the local and remote shell.
 2024-09-08 11:16:49 +02:00
Erik Brakkee
830594740b * session will now expire some time after last user 
activity and updated documentation.
* downloads will now download again. Because of hx-boost
  the downloads where rendered in the browser. Now
  disabling hx-boost for the downloads section.
* relative link for sessions page
 2024-09-08 11:16:49 +02:00
Erik Brakkee
a9bd539175 Updated documentation: 
* remote shell usage for linux, cmd, and powershell
* help of wsproxy.
 2024-09-08 11:16:49 +02:00
Erik Brakkee
adee89cc08 Now by default wsproxy uses a specific protocol to establish connections to the server. It does this by adding the ?wsproxy query parameter. 
The server then sends it the protocol version and the client connection info describing whether an agent was found or not. This improves usability for users.

With the --raw option it bypasses this query parameter and wsproxy then works in the old way as a simple stdio-websocket connector. It then still works with converge server but can also be used for simple websocket troubleshooting.
 2024-09-08 11:16:49 +02:00