Git-Mirrors/qusal
1
0
Fork 0
mirror of https://github.com/ben-grande/qusal.git synced 2024-12-18 12:24:33 -05:00
Code Issues Packages Projects Releases Wiki Activity
f30bd20f54
qusal/salt/sys-net/files/server/rpc/qusal.ConnectTCP

38 lines
1.2 KiB
Plaintext
Raw Normal View History

feat: add TCP proxy for remote hosts Ideally, it would be a Qrexec socket service, but it doesn't handle DNS, only accepting IPs. The dev qube is now non-networked and network, especially to remote git repositories can be acquired via the proxy that is going to be installed in every netvm.
2024-06-13 12:01:08 -04:00
#!/bin/sh
## SPDX-FileCopyrightText: 2024 Benjamin Grande M. S. <ben.grande.b@gmail.com>
##
## SPDX-License-Identifier: AGPL-3.0-or-later
## How to use with SSH?
## On Dom0 Qrexec policy:
## qusal.ConnectTCP +domain.tld+22 sshclient @default ask default_target=sshproxy
## On Dom0, enable the "qusal-proxy-client" service for the client qube:
## qvm-features sshclient service.qusal-proxy-client 1
## On the SSH Proxy server (netvm of your liking), install this RPC service.
## qubesctl --skip-dom0 --targets=sshproxy state.apply sys-net.install-proxy
## On the client ssh configuration:
## Match Exec "test -f /var/run/qubes-service/qusal-proxy-client"
## ProxyCommand qrexec-client-vm @default qusal.ConnectTCP+%h+%p
set -eu
arg="${QREXEC_SERVICE_ARGUMENT}"
host="${arg%%+*}"
port="${arg##*+}"
if test -z "${port}" || test -z "${host}" || test "${port}" = "${host}"; then
echo "Missing either host, port or both" >&2
exit 1
fi
if test "${#host}" -gt 256; then
echo "Host size exceeds limit" >&2
exit 1
fi
if test "${#port}" -gt 5 || test "${port}" -gt 65535; then
echo "Invalid port number, it must be between 1 and 65535" >&2
exit 1
fi
exec socat - "TCP:${host}:${port}"
Reference in New Issue Copy Permalink