Fix #474: allow vagrant localhost ssh in vm_devbox

Allow ssh connections from vagrant over localhost in vm_devbox. This allows services like sirepo.job_driver.sbatch to connect over localhost back in to the host via ssh to start a job_agent.
radiasoft · Apr 1, 2024 · 5876e89 · 5876e89
1 parent 5c9dd66
commit 5876e89
Show file tree

Hide file tree

Showing 4 changed files with 13 additions and 1 deletion.
diff --git a/rsconf/component/vm_devbox.py b/rsconf/component/vm_devbox.py
@@ -9,6 +9,7 @@
 from pykern.pkcollections import PKDict
 from pykern.pkdebug import pkdp
 from rsconf import component
+from rsconf import db
 from rsconf import systemd
 import re
 
@@ -38,6 +39,7 @@ def _create_user_instances():
         self.buildt.require_component("network")
         z.run_d = systemd.unit_run_d(jc, self.name)
         z.run_u = jc.rsconf_db.run_u
+        z.local_ip = db.LOCAL_IP
         z.ssh_port = jc.vm_devbox_users.spec[self._user].ssh_port
         z.ssh_guest_host_key_f = "/etc/ssh/host_key"
         z.ssh_guest_identity_pub_f = "/etc/ssh/identity.pub"

diff --git a/rsconf/package_data/vm_devbox/start.sh.jinja b/rsconf/package_data/vm_devbox/start.sh.jinja
@@ -79,6 +79,11 @@ PasswordAuthentication no
 PermitRootLogin no
 Protocol 2
 X11Forwarding yes
+
+# SSH acces from localhost (ex for sirepo.job_driver.sbatch)
+ListenAddress {{ this.local_ip }}:22
+Match User {{ this.run_u }} Address {{ this.local_ip }}
+    PasswordAuthentication yes
 EOF_INSTALL
 
 echo '{{ this.ssh_identity_pub_key }}' >> '/home/{{ this.run_u }}/.ssh/authorized_keys'

diff --git a/tests/pkcli/build_data/1.out/srv/host/v9.radia.run/srv/vm_devbox_user-1/start b/tests/pkcli/build_data/1.out/srv/host/v9.radia.run/srv/vm_devbox_user-1/start
@@ -79,6 +79,11 @@ PasswordAuthentication no
 PermitRootLogin no
 Protocol 2
 X11Forwarding yes
+
+# SSH acces from localhost (ex for sirepo.job_driver.sbatch)
+ListenAddress 127.0.0.1:22
+Match User vagrant Address 127.0.0.1
+    PasswordAuthentication yes
 EOF_INSTALL
 
 echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKe3wWXD3GUVd/5viGVhf6L/ttJJfmksXauPSpC8zWru v9.radia.run

diff --git a/tests/pkcli/build_data/1.out/srv/host/v9.radia.run/vm_devbox_user-1.sh b/tests/pkcli/build_data/1.out/srv/host/v9.radia.run/vm_devbox_user-1.sh
@@ -4,7 +4,7 @@ rsconf_service_prepare 'vm_devbox_user-1' '/etc/systemd/system/vm_devbox_user-1.
 rsconf_install_access '700' 'vagrant' 'vagrant'
 rsconf_install_directory '/srv/vm_devbox_user-1'
 rsconf_install_access '500' 'vagrant' 'vagrant'
-rsconf_install_file '/srv/vm_devbox_user-1/start' '081baa61746f4dd28339816bb90453ed'
+rsconf_install_file '/srv/vm_devbox_user-1/start' '2143bff8b238bc0b4a5fdfde1da6e470'
 rsconf_install_file '/srv/vm_devbox_user-1/stop' '94f5e7855deadc753f54580dfad70217'
 rsconf_install_access '444' 'root' 'root'
 rsconf_install_file '/etc/systemd/system/vm_devbox_user-1.service' '95beabb09a3e8a9977002d11ae4e47cd'