# ssh-lan.conf.example — host-owned LAN-peer jump overrides for opencode-devbox # ============================================================================ # WHAT THIS IS # On a VM-backed host (macOS OrbStack / Docker Desktop) the container can't # reach the host's LAN directly; it tunnels through the host via the `host` # SSH jump that the entrypoint sets up (see the README "Reaching your LAN" # section). To reach your LAN peers *by name*, they need `ProxyJump host`. # # WHY NOT JUST EDIT ~/.ssh/config? # The host itself reaches those peers DIRECTLY — adding `ProxyJump host` # there would break the host's own access (and ~/.ssh is mounted read-only # into the container anyway). So container-only jump overrides live HERE. # # HOW IT'S WIRED # If this file exists at ~/.config/devbox-shell/ssh-lan.conf on the host # (the same bind-mounted devbox-shell bridge dir used for shared aliases), # the generated ~/.ssh-local/config Includes it BEFORE your ~/.ssh/config. # SSH's first-value-wins rule means ProxyJump is taken from here, while # HostName / User / IdentityFile are inherited from the matching block in # your ~/.ssh/config. So you only list the names + the jump — nothing else. # # SETUP # 1. Copy to your host: cp ssh-lan.conf.example ~/.config/devbox-shell/ssh-lan.conf # 2. Bind-mount ~/.config/devbox-shell into the container (most setups # already do this for shared shell aliases). # 3. List the host aliases (as named in your ~/.ssh/config) that should be # reached through the host jump. # 4. Restart the container, then: dssh # # NOTE: these are facts about ONE host's LAN. A roaming laptop sees different # networks — keep this per-host, never in the image. For ad-hoc private IPs on # whatever LAN you're currently on, prefer DEVBOX_LAN_AUTOJUMP_PRIVATE=1 # instead of naming every peer. # Example — names must match Host blocks already defined in your ~/.ssh/config: Host pve pve-2 pbs-vm my-nas ProxyJump host # You can also give a peer its own settings here if it isn't in ~/.ssh/config # at all (then specify everything, not just ProxyJump): # Host lab-box # HostName 192.168.1.77 # User admin # IdentityFile ~/.ssh/id_ed25519 # ProxyJump host