erik/converge
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
262 Commits 1 Branch 0 Tags 5.1 MiB
7798574843
Commit Graph

59 Commits

Author SHA1 Message Date
Erik Brakkee
8fe79e3c38 first integration test implemented using testcontainers. 2024-09-08 11:16:49 +02:00
Erik Brakkee
aa62cf6e4f minor renames. 2024-09-08 11:16:49 +02:00
Erik Brakkee
35beb19c2d moved ssh code to separate pacakge. 2024-09-08 11:16:49 +02:00
Erik Brakkee
781c14dcf4 agent/session.go no longer depends on ssh.Session and uses an 
internal interface.
 2024-09-08 11:16:49 +02:00
Erik Brakkee
974b4b9ad0 more symmetry. SetupHeartBeat froma agent to server now done in separate 
call.
 2024-09-08 11:16:49 +02:00
Erik Brakkee
00dd0d17c6 hostkey is now sent from the server to the agent so that at a later 
stage we can make the hostkey conrfigurable at the server level instead
of using a fixed hardcoded key.
 2024-09-08 11:16:49 +02:00
Erik Brakkee
4f06fd71e0 renamed modukle name so that pkgsite will work. 2024-09-08 11:16:49 +02:00
Erik Brakkee
f82b21b845 activity detection implemented for sftp. 2024-09-08 11:16:49 +02:00
Erik Brakkee
c2ec1ce117 Added agent uid to the client info so that client and agent can be correlated in prometheus/grafana. 2024-09-08 11:16:49 +02:00
Erik Brakkee
f3d0074f17 added environment info from the client. 2024-09-08 11:16:49 +02:00
Erik Brakkee
135fd081d8 prometheus support step 1 
updates to documentation.
 2024-09-08 11:16:49 +02:00
Erik Brakkee
cd953c5edf eliminated the username. 2024-09-08 11:16:49 +02:00
Erik Brakkee
d134f1e944 better messages when the user modifies the .authorized_keys file from 
within the session.
 2024-09-08 11:16:49 +02:00
Erik Brakkee
d109c72f66 removed password based access 
authorized keys can now be modified within the session.
keep last set of keys when no valid keys were found and keys are changed during the session .
 2024-09-08 11:16:49 +02:00
Erik Brakkee
51be117200 Simple validation of the id and the authorized keys. 2024-09-08 11:16:49 +02:00
Erik Brakkee
9456665a6f Preparation for alternative context path. 
The contextpath parameter in converge.go is
temporary and should be removed later. What is needed is autodetectio of the context path for the usage page and passing on the context for rendering.
 2024-09-08 11:16:49 +02:00
Erik Brakkee
830594740b * session will now expire some time after last user 
activity and updated documentation.
* downloads will now download again. Because of hx-boost
  the downloads where rendered in the browser. Now
  disabling hx-boost for the downloads section.
* relative link for sessions page
 2024-09-08 11:16:49 +02:00
Erik Brakkee
e141007f0a Now displaying agent number instead of id. 
Passing timezone to server side for rendering of time stamps
Configuration of preferred shells.
 2024-09-08 11:16:49 +02:00
Erik Brakkee
882f97fa17 many small changes 
* removed the Async utility
* now using Ping message to webclient for keep alive instaed of actual content
* added remote shell to AgentInfo
* retry of connections to the agent
* better logging for SynchronizeStreams
 2024-09-08 11:16:49 +02:00
Erik Brakkee
d6d2d5648c Live updates of the sessions. 
V1 in ascii-art. To be improved.
 2024-09-08 11:16:49 +02:00
Erik Brakkee
100771a7ba restructuring 2024-09-08 11:16:49 +02:00
Erik Brakkee
60d641a1a4 When a duplicate id is requested the server now allocates a new unique id so that the session can be handled anyway. 2024-09-08 11:16:49 +02:00
Erik Brakkee
816e8d8609 refactoring towards being able to send events from Admin to UI (websocket) without exposing connection info but only metadata. 2024-09-08 11:16:49 +02:00
Erik Brakkee
0e8ed86be3 basic htmx with server sending content to the client over a websocket is now working. This only worked when text message where being sent so the websocket handling had to be made configurable with a 'text' boolean field. 2024-09-08 11:16:49 +02:00
Erik Brakkee
e01a2bc729 Added pprof to convergeserver and optionally to 
the agent if PPROF_PORT is set.

Fixed issue with converge server not cleaning up goroutines because of blocking channel. Made sure to create channels with > 1 size everywhere it can be done. The blocking behavior of a default channel size is mostly in the way.

Known issue: Killing the SSH client will lead to the server side process not being terminated and some goroutines still running in the agent. This would require additional investigation to solve. The remote processes are still being cleaned up ok (at least on linux) when the agent exits.

This should not be an issue at all since the agent is a short-lived process and when running in a containerized environment with containers running on demand the cleanup will definitely work.
 2024-09-08 11:16:49 +02:00
Erik Brakkee
788050df32 Unique ids for clients generated by converge server and made available to the ssh session through a net.Conn extension that passes the ID to the SSH session through the LocalAddr(). 2024-09-08 11:16:49 +02:00
Erik Brakkee
9d0675b2f2 initialization of username, password on client (from server) and initialization of agentinfo on server is now done as soon as the agent registered and not through a side channel. 
Making use of some simple utilities for GOB to make it easy to send objects over the line.
 2024-09-08 11:16:49 +02:00
Erik Brakkee
ada34495ef GOB channel for easily and asynchronously using GOB on a single network connection, also dealing with timeouts and errors in a good way. 
Protocol version is now checked when the agent connects to the converge server.

Next up: sending connection metadata and username password from server to agent and sending environment information back to the server. This means then that the side channel will only be used for expiry time messages and session type with the client id passed in so the converge server can than correlate the results back to the correct channel.
 2024-09-08 11:16:49 +02:00
Erik Brakkee
d3cbf8388f Lots of refactoring. 
Now hijacking the ssh connection setup in the listener to exchange some information before passing the connection on to the SSH server.

Next step is to do the full exchange of required information and to make it easy some simple Read and Write methods with timeouts are needed that use gob.
 2024-09-08 11:16:49 +02:00
Erik Brakkee
eb4195d0e9 good url validation. 2024-09-08 11:16:48 +02:00
Erik Brakkee
9b8023496c Some cleanup in the agent code. 
Now supporting authorized SSH keys in the
.authorized_keys file.
 2024-09-08 11:16:48 +02:00
Erik Brakkee
d839583f7b communication between agent and server. Removed the flags libray for command-line parsing. 
Heartbeat mechanism from client to server over the custom connection for sending events to guarantee that the connectoin stays up.
 2024-09-08 11:16:48 +02:00
Erik Brakkee
40e8d56429 removed read and write dead lines. Appears to be still working. 2024-09-08 11:16:48 +02:00
Erik Brakkee
6f4929301d status update now reported to the server. More robustness needed. 2024-09-08 11:16:48 +02:00
Erik Brakkee
ffeca2a533 First version with basic communication from agent to server working. 2024-09-08 11:16:48 +02:00
Erik Brakkee
ff9adfeb24 Extraction of communication setup in separate entity with client and related server code close together to make the setup easier to understand. 2024-09-08 11:16:48 +02:00
Erik Brakkee
2dae10d093 added insecure flag to allow invalid certificates. 2024-09-08 11:16:48 +02:00
Erik Brakkee
5c0e3401f4 command-line argument parsing with error handling for all commands that are referred to on the docs page. 2024-09-08 11:16:48 +02:00
Erik Brakkee
2f9cead5c3 eliminated unused setWindowSize files. 2024-09-08 11:16:48 +02:00
Erik Brakkee
8c44943a48 * fixes for windows 
* detect kill ssh session
* include sftp session in the count of ssh sessions
* log session type in the agent
 2024-09-08 11:16:48 +02:00
Erik Brakkee
5c36843166 list of shells to try in windows. 2024-09-08 11:16:48 +02:00
Erik Brakkee
1e422dd698 refactoring to support both windows and linux with totally different Pty code. 2024-09-08 11:16:48 +02:00
Erik Brakkee
2f40f86294 cross compilation on windows working. 
pty.Start() is not supported on windows
 2024-09-08 11:16:48 +02:00
Erik Brakkee
cb00c5e4eb renamed cidebug module to converge 2024-09-08 11:16:48 +02:00
Erik Brakkee
f459d12bea agent now giving the exact commands to run to use it from the client 
side.
 2024-09-08 11:16:48 +02:00
Erik Brakkee
9fc0241d08 lots of work to make it actually work. 
Icluding the server keep alive interval.
Fix where expiry duration was added twice.
 2024-09-08 11:16:48 +02:00
Erik Brakkee
aa46ed7b5c Lots of work on docuemtation. The docs page now shows the correct 
installation dependent URLs. For now using ServerALiveInterval
to avoid disconnects.
 2024-09-08 11:16:48 +02:00
Erik Brakkee
7ee5658cbc added proxycomamnd to be used directly by ssh 2024-09-08 11:16:48 +02:00
Erik Brakkee
91cc99fdfe now with online downloads and docs. 2024-09-08 11:16:48 +02:00
Erik Brakkee
85caa6cb5a simple session management solution with a .hold file and messages to the 
user with better formatting.
 2024-09-08 11:16:48 +02:00