pi
a56a5846a5
Validate / docs-check (push) Successful in 6s
Validate / base-change-warning (push) Successful in 11s
Validate / validate-omos (push) Successful in 4m25s
Validate / validate-base (push) Successful in 5m21s
Validate / validate-omos-with-pi (push) Successful in 5m24s
Publish Docker Image / base-decide (push) Successful in 9s
Publish Docker Image / resolve-versions (push) Successful in 4s
Validate / validate-with-pi (push) Successful in 10m42s
Validate / validate-pi-only (push) Successful in 5m51s
Publish Docker Image / build-base (push) Successful in 30m30s
Publish Docker Image / smoke-base (push) Successful in 3m31s
Publish Docker Image / smoke-with-pi (push) Successful in 7m7s
Publish Docker Image / smoke-pi-only (push) Successful in 3m50s
Publish Docker Image / smoke-omos-with-pi (push) Successful in 5m20s
Publish Docker Image / smoke-omos (push) Successful in 12m4s
Publish Docker Image / build-variant-base (push) Successful in 15m56s
Publish Docker Image / build-variant-pi-only (push) Successful in 16m6s
Publish Docker Image / build-variant-with-pi (push) Successful in 17m56s
Publish Docker Image / build-variant-omos (push) Successful in 22m32s
Publish Docker Image / build-variant-omos-with-pi (push) Successful in 33m41s
Publish Docker Image / update-description (push) Successful in 9s
Publish Docker Image / promote-base-latest (push) Successful in 13s
- Fix: Include ~/.ssh/config was scoped to the Host host/mac block, so dssh <peer> by name fell back to SSH defaults. Emit Host * scope reset before every Include. - Fix: redirect ControlPath to writable ~/.ssh-local sidecar (Mac config's ~/.ssh/cm path is read-only in the container, broke multiplexed hosts). - Add: Include host-owned ~/.config/devbox-shell/ssh-lan.conf for named-peer ProxyJump overrides (keeps image generic; peer names stay host-side). - Add: opt-in DEVBOX_LAN_AUTOJUMP_PRIVATE=1 RFC1918 catch-all for roaming. - Docs: README/.env.example/AGENTS/CHANGELOG + new ssh-lan.conf.example.
46 lines
2.2 KiB
Plaintext
46 lines
2.2 KiB
Plaintext
# ssh-lan.conf.example — host-owned LAN-peer jump overrides for opencode-devbox
|
|
# ============================================================================
|
|
# WHAT THIS IS
|
|
# On a VM-backed host (macOS OrbStack / Docker Desktop) the container can't
|
|
# reach the host's LAN directly; it tunnels through the host via the `host`
|
|
# SSH jump that the entrypoint sets up (see the README "Reaching your LAN"
|
|
# section). To reach your LAN peers *by name*, they need `ProxyJump host`.
|
|
#
|
|
# WHY NOT JUST EDIT ~/.ssh/config?
|
|
# The host itself reaches those peers DIRECTLY — adding `ProxyJump host`
|
|
# there would break the host's own access (and ~/.ssh is mounted read-only
|
|
# into the container anyway). So container-only jump overrides live HERE.
|
|
#
|
|
# HOW IT'S WIRED
|
|
# If this file exists at ~/.config/devbox-shell/ssh-lan.conf on the host
|
|
# (the same bind-mounted devbox-shell bridge dir used for shared aliases),
|
|
# the generated ~/.ssh-local/config Includes it BEFORE your ~/.ssh/config.
|
|
# SSH's first-value-wins rule means ProxyJump is taken from here, while
|
|
# HostName / User / IdentityFile are inherited from the matching block in
|
|
# your ~/.ssh/config. So you only list the names + the jump — nothing else.
|
|
#
|
|
# SETUP
|
|
# 1. Copy to your host: cp ssh-lan.conf.example ~/.config/devbox-shell/ssh-lan.conf
|
|
# 2. Bind-mount ~/.config/devbox-shell into the container (most setups
|
|
# already do this for shared shell aliases).
|
|
# 3. List the host aliases (as named in your ~/.ssh/config) that should be
|
|
# reached through the host jump.
|
|
# 4. Restart the container, then: dssh <name>
|
|
#
|
|
# NOTE: these are facts about ONE host's LAN. A roaming laptop sees different
|
|
# networks — keep this per-host, never in the image. For ad-hoc private IPs on
|
|
# whatever LAN you're currently on, prefer DEVBOX_LAN_AUTOJUMP_PRIVATE=1
|
|
# instead of naming every peer.
|
|
|
|
# Example — names must match Host blocks already defined in your ~/.ssh/config:
|
|
Host pve pve-2 pbs-vm my-nas
|
|
ProxyJump host
|
|
|
|
# You can also give a peer its own settings here if it isn't in ~/.ssh/config
|
|
# at all (then specify everything, not just ProxyJump):
|
|
# Host lab-box
|
|
# HostName 192.168.1.77
|
|
# User admin
|
|
# IdentityFile ~/.ssh/id_ed25519
|
|
# ProxyJump host
|