feat: Add deployment side config-ssh options (#6613)

* feat: Allow setting deployment wide ssh config settings * feat: config-ssh respects deployment ssh config * The '.' is now configurable * Move buildinfo into deployment.go
2025-07-06 15:41:45 +00:00 · 2023-03-16 13:03:37 -05:00
parent 25e8abd63e
commit fe247c86eb
18 changed files with 642 additions and 49 deletions
--- a/coderd/apidoc/docs.go
+++ b/coderd/apidoc/docs.go
@ -384,6 +384,31 @@ const docTemplate = `{
                }
            }
        },
+        "/deployment/ssh": {
+            "get": {
+                "security": [
+                    {
+                        "CoderSessionToken": []
+                    }
+                ],
+                "produces": [
+                    "application/json"
+                ],
+                "tags": [
+                    "General"
+                ],
+                "summary": "SSH Config",
+                "operationId": "ssh-config",
+                "responses": {
+                    "200": {
+                        "description": "OK",
+                        "schema": {
+                            "$ref": "#/definitions/codersdk.SSHConfigResponse"
+                        }
+                    }
+                }
+            }
+        },
        "/deployment/stats": {
            "get": {
                "security": [
@ -6574,6 +6599,9 @@ const docTemplate = `{
                "config": {
                    "type": "string"
                },
+                "config_ssh": {
+                    "$ref": "#/definitions/codersdk.SSHConfig"
+                },
                "dangerous": {
                    "$ref": "#/definitions/codersdk.DangerousConfig"
                },
@ -7688,6 +7716,36 @@ const docTemplate = `{
                }
            }
        },
+        "codersdk.SSHConfig": {
+            "type": "object",
+            "properties": {
+                "deploymentName": {
+                    "description": "DeploymentName is the config-ssh Hostname prefix",
+                    "type": "string"
+                },
+                "sshconfigOptions": {
+                    "description": "SSHConfigOptions are additional options to add to the ssh config file.\nThis will override defaults.",
+                    "type": "array",
+                    "items": {
+                        "type": "string"
+                    }
+                }
+            }
+        },
+        "codersdk.SSHConfigResponse": {
+            "type": "object",
+            "properties": {
+                "hostname_prefix": {
+                    "type": "string"
+                },
+                "ssh_config_options": {
+                    "type": "object",
+                    "additionalProperties": {
+                        "type": "string"
+                    }
+                }
+            }
+        },
        "codersdk.ServiceBannerConfig": {
            "type": "object",
            "properties": {
--- a/coderd/apidoc/swagger.json
+++ b/coderd/apidoc/swagger.json
@ -326,6 +326,27 @@
        }
      }
    },
+    "/deployment/ssh": {
+      "get": {
+        "security": [
+          {
+            "CoderSessionToken": []
+          }
+        ],
+        "produces": ["application/json"],
+        "tags": ["General"],
+        "summary": "SSH Config",
+        "operationId": "ssh-config",
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/codersdk.SSHConfigResponse"
+            }
+          }
+        }
+      }
+    },
    "/deployment/stats": {
      "get": {
        "security": [
@ -5870,6 +5891,9 @@
        "config": {
          "type": "string"
        },
+        "config_ssh": {
+          "$ref": "#/definitions/codersdk.SSHConfig"
+        },
        "dangerous": {
          "$ref": "#/definitions/codersdk.DangerousConfig"
        },
@ -6895,6 +6919,36 @@
        }
      }
    },
+    "codersdk.SSHConfig": {
+      "type": "object",
+      "properties": {
+        "deploymentName": {
+          "description": "DeploymentName is the config-ssh Hostname prefix",
+          "type": "string"
+        },
+        "sshconfigOptions": {
+          "description": "SSHConfigOptions are additional options to add to the ssh config file.\nThis will override defaults.",
+          "type": "array",
+          "items": {
+            "type": "string"
+          }
+        }
+      }
+    },
+    "codersdk.SSHConfigResponse": {
+      "type": "object",
+      "properties": {
+        "hostname_prefix": {
+          "type": "string"
+        },
+        "ssh_config_options": {
+          "type": "object",
+          "additionalProperties": {
+            "type": "string"
+          }
+        }
+      }
+    },
    "codersdk.ServiceBannerConfig": {
      "type": "object",
      "properties": {
--- a/coderd/buildinfo.go
+++ b/coderd/buildinfo.go
@ -1,22 +0,0 @@
-package coderd
-
-import (
-	"net/http"
-
-	"github.com/coder/coder/buildinfo"
-	"github.com/coder/coder/coderd/httpapi"
-	"github.com/coder/coder/codersdk"
-)
-
-// @Summary Build info
-// @ID build-info
-// @Produce json
-// @Tags General
-// @Success 200 {object} codersdk.BuildInfoResponse
-// @Router /buildinfo [get]
-func buildInfo(rw http.ResponseWriter, r *http.Request) {
-	httpapi.Write(r.Context(), rw, http.StatusOK, codersdk.BuildInfoResponse{
-		ExternalURL: buildinfo.ExternalURL(),
-		Version:     buildinfo.Version(),
-	})
-}
--- a/coderd/coderd.go
+++ b/coderd/coderd.go
@ -138,6 +138,9 @@ type Options struct {
 	DeploymentValues            *codersdk.DeploymentValues
 	UpdateCheckOptions          *updatecheck.Options // Set non-nil to enable update checking.

+	// SSHConfig is the response clients use to configure config-ssh locally.
+	SSHConfig codersdk.SSHConfigResponse
+
 	HTTPClient *http.Client
 }

@ -210,6 +213,9 @@ func New(options *Options) *API {
 	if options.Auditor == nil {
 		options.Auditor = audit.NewNop()
 	}
+	if options.SSHConfig.HostnamePrefix == "" {
+		options.SSHConfig.HostnamePrefix = "coder."
+	}
 	// TODO: remove this once we promote authz_querier out of experiments.
 	if experiments.Enabled(codersdk.ExperimentAuthzQuerier) {
 		options.Database = dbauthz.New(
@ -403,6 +409,7 @@ func New(options *Options) *API {
 			r.Use(apiKeyMiddleware)
 			r.Get("/config", api.deploymentValues)
 			r.Get("/stats", api.deploymentStats)
+			r.Get("/ssh", api.sshConfig)
 		})
 		r.Route("/experiments", func(r chi.Router) {
 			r.Use(apiKeyMiddleware)
--- a/coderd/coderdtest/authorize.go
+++ b/coderd/coderdtest/authorize.go
@ -57,6 +57,7 @@ func AGPLRoutes(a *AuthTester) (map[string]string, map[string]RouteCheck) {
 		"POST:/api/v2/csp/reports":      {NoAuthorize: true},
 		"POST:/api/v2/authcheck":        {NoAuthorize: true},
 		"GET:/api/v2/applications/host": {NoAuthorize: true},
+		"GET:/api/v2/deployment/ssh":    {NoAuthorize: true, StatusCode: http.StatusOK},

 		// Has it's own auth
 		"GET:/api/v2/users/oauth2/github/callback": {NoAuthorize: true},
--- a/coderd/coderdtest/coderdtest.go
+++ b/coderd/coderdtest/coderdtest.go
@ -126,6 +126,8 @@ type Options struct {
 	Database database.Store
 	Pubsub   database.Pubsub

+	ConfigSSH codersdk.SSHConfigResponse
+
 	SwaggerEndpoint bool
 }

@ -333,6 +335,7 @@ func NewOptions(t *testing.T, options *Options) (func(http.Handler), context.Can
 			UpdateCheckOptions:          options.UpdateCheckOptions,
 			SwaggerEndpoint:             options.SwaggerEndpoint,
 			AppSigningKey:               AppSigningKey,
+			SSHConfig:                   options.ConfigSSH,
 		}
 }

--- a/coderd/deployment.go
+++ b/coderd/deployment.go
@ -3,6 +3,7 @@ package coderd
 import (
 	"net/http"

+	"github.com/coder/coder/buildinfo"
 	"github.com/coder/coder/coderd/httpapi"
 	"github.com/coder/coder/coderd/rbac"
 	"github.com/coder/coder/codersdk"
@ -59,3 +60,27 @@ func (api *API) deploymentStats(rw http.ResponseWriter, r *http.Request) {

 	httpapi.Write(r.Context(), rw, http.StatusOK, stats)
 }
+
+// @Summary Build info
+// @ID build-info
+// @Produce json
+// @Tags General
+// @Success 200 {object} codersdk.BuildInfoResponse
+// @Router /buildinfo [get]
+func buildInfo(rw http.ResponseWriter, r *http.Request) {
+	httpapi.Write(r.Context(), rw, http.StatusOK, codersdk.BuildInfoResponse{
+		ExternalURL: buildinfo.ExternalURL(),
+		Version:     buildinfo.Version(),
+	})
+}
+
+// @Summary SSH Config
+// @ID ssh-config
+// @Security CoderSessionToken
+// @Produce json
+// @Tags General
+// @Success 200 {object} codersdk.SSHConfigResponse
+// @Router /deployment/ssh [get]
+func (api *API) sshConfig(rw http.ResponseWriter, r *http.Request) {
+	httpapi.Write(r.Context(), rw, http.StatusOK, api.SSHConfig)
+}