vagrant-share 0.0.1 → 2.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f7aef04145a45e96678767bdc41b5533223dabf38bb925fb2ea976d50e121ce0
-  data.tar.gz: 61b414dcd6dc9e2f590f2b46e779a9c66d0630657fa05a976d91e7491fe505b6
+  metadata.gz: 9ce4b9c14ff2751cfa2baf8d40a1ee8586842edd4d8bd10fbae68b3a2a995240
+  data.tar.gz: ba5d360f4b7c05eb0f742e51e887a6325cd85cd91ae01e4805458209fec46172
 SHA512:
-  metadata.gz: 91014f58f732f32e674f783ae835ef4ceb43aa3494b0f806ce6a4a466919d2fad26a11a8459c9de770b0c9a0f6eb6559cbfaa82f6a98a22ea980de3b49fafbbb
-  data.tar.gz: '0082ce32c15fcdaf5e6c818a3801a8c27a4459b59cb6c1598faa570d0e21d9fe0e12e9b6e8e93ca063b3fc2ce16267701d7089bdf4400aa1c6236ededdd91aa3'
+  metadata.gz: c5eaa589dabf2a75d9e01705b381c21419b7eeee2309c8fb9cd965f45c64a18222b368ce394353c155b19e71c5b1e703d0294a4f0d64e086c00c1268a1ab69e9
+  data.tar.gz: b93bf2c432942c24ccaca7a6764f0ebe601a9875d667254d7d35035a0017027f8c770d4552509f2aba3f22e0469a3ade381654a689cf4cd297a97b5d61353e3b

data/lib/vagrant-share.rb

@@ -0,0 +1,18 @@
+require "pathname"
+require "vagrant-share/plugin"
+
+module VagrantPlugins
+  module Share
+    autoload :Command, "vagrant-share/command"
+    autoload :Errors, "vagrant-share/errors"
+    autoload :Helper, "vagrant-share/helper"
+    autoload :VERSION, "vagrant-share/version"
+
+    # This returns the path to the source of this plugin.
+    #
+    # @return [Pathname]
+    def self.source_root
+      @source_root ||= Pathname.new(File.expand_path("../../", __FILE__))
+    end
+  end
+end

data/lib/vagrant-share/cap/tinycore.rb

@@ -0,0 +1,89 @@
+module VagrantPlugins
+  module Share
+    module Cap
+      class TinyCore
+
+        DEFAULT_SHARE_PASSWORD="VAGRANT_SHARE_DEFAULT_PASSWORD".freeze
+
+        def self.share_proxy(machine, options={})
+          proxy_port = options.fetch(:proxy, 31338)
+          proxied_ports = options.fetch(:forwards, [])
+          shared_password = options[:shared_password] || DEFAULT_SHARE_PASSWORD
+
+          machine.communicate.tap do |comm|
+            comm.sudo("sysctl -w net.ipv4.ip_forward=1")
+            comm.sudo("/usr/local/sbin/iptables -t filter -I INPUT -p tcp -i eth0 --dport #{proxy_port} -j ACCEPT")
+            comm.sudo("/usr/local/sbin/iptables -t nat -A OUTPUT -d `route | grep default | awk '{print $2}'`/32 -j RETURN")
+            proxied_ports.each do |port_number|
+              comm.sudo("/usr/local/sbin/iptables -t nat -A OUTPUT -p tcp --dport #{port_number} -j DNAT --to-destination `route | grep default | awk '{print $2}'`:#{port_number}")
+            end
+            if options[:target]
+              comm.sudo("/usr/local/sbin/iptables -t nat -A OUTPUT -p tcp -j DNAT --to-destination #{options[:target]}")
+            end
+            comm.sudo("start-stop-daemon -b --start --exec /usr/local/bin/ss-server " \
+              "-- -password #{shared_password} -s :#{proxy_port}")
+          end
+          proxy_port
+        end
+
+        def self.connect_proxy(machine, vm_ip, proxy_port, **opts)
+          if opts[:type].to_s == "standalone"
+            redsocks_conf = REDSOCKS_CONF.
+              gsub("%PROXY_IP%", "127.0.0.1").
+              gsub("%PROXY_PORT%", "31339")
+          else
+            ip_parts    = vm_ip.split(".")
+            ip_parts[3] = "1"
+            host_ip     = ip_parts.join(".")
+
+            redsocks_conf = REDSOCKS_CONF.
+              gsub("%PROXY_IP%", host_ip).
+              gsub("%PROXY_PORT%", proxy_port.to_s)
+          end
+          shared_password = opts[:shared_password] || DEFAULT_SHARE_PASSWORD
+
+          machine.communicate.tap do |comm|
+            comm.sudo("sysctl -w net.ipv4.ip_forward=1")
+            comm.sudo("/usr/local/sbin/iptables -t nat -A PREROUTING -i eth1 -p tcp -j REDIRECT --to-ports 31338")
+            comm.sudo("/usr/local/sbin/iptables -A INPUT -i eth1 -j ACCEPT")
+
+            comm.sudo("rm -f ~/redsocks.conf")
+            redsocks_conf.split("\n").each do |line|
+              comm.sudo("echo '#{line}' >> ~/redsocks.conf")
+            end
+
+            if opts[:type].to_s == "standalone"
+              comm.sudo("start-stop-daemon -b --start --exec /usr/local/bin/ss-client " \
+                "-- -socks :31339 -password #{shared_password} -c #{vm_ip}:#{proxy_port}")
+            end
+
+            comm.sudo(
+              "start-stop-daemon -b --start --exec /usr/local/bin/redsocks " \
+                "-- -c ~/redsocks.conf")
+          end
+        end
+
+        # This is the configuration for redsocks that we use to proxy
+        REDSOCKS_CONF = <<EOF
+base {
+        log_debug = on;
+        log_info = on;
+        log = "file:/root/redsocks.log";
+        daemon = off;
+        redirector = iptables;
+}
+
+redsocks {
+        local_ip = 0.0.0.0;
+        local_port = 31338;
+        ip = %PROXY_IP%;
+        port = %PROXY_PORT%;
+        type = socks5;
+}
+EOF
+
+
+      end
+    end
+  end
+end

data/lib/vagrant-share/command.rb

@@ -0,0 +1,9 @@
+module VagrantPlugins
+  module Share
+    module Command
+      autoload :Connect, "vagrant-share/command/connect"
+      autoload :Ngrok, "vagrant-share/command/ngrok"
+      autoload :Share, "vagrant-share/command/share"
+    end
+  end
+end

data/lib/vagrant-share/command/connect.rb

@@ -0,0 +1,82 @@
+require "ipaddr"
+require "openssl"
+require "pathname"
+require "thread"
+require "tempfile"
+require "uri"
+
+require "log4r"
+
+require "vagrant/util/ssh"
+
+module VagrantPlugins
+  module Share
+    module Command
+      class Connect < Vagrant.plugin("2", "command")
+
+        include Ngrok::Connect
+
+        def self.synopsis
+          "connect to a remotely shared Vagrant environment"
+        end
+
+        def execute
+          @logger = Log4r::Logger.new("vagrant::share::command::connect")
+
+          options = {}
+
+          opts = OptionParser.new do |o|
+            o.banner = "Usage: vagrant connect NAME"
+            o.separator ""
+            o.separator "Gives you access to any Vagrant environment shared using "
+            o.separator "`vagrant share`. The NAME parameter should be the unique name"
+            o.separator "that was outputted with `vagrant share` on the remote side."
+            o.separator ""
+            o.separator "Vagrant will give you an IP that you can use to access the"
+            o.separator "remote environment. You'll be able to access any ports that"
+            o.separator "the shared environment has authorized."
+            o.separator ""
+            o.on("--disable-static-ip", "No static IP, only a SOCKS proxy") do |s|
+              options[:disable_static_ip] = s
+            end
+
+            o.on("--static-ip IP", String, "Manually override static IP chosen") do |ip|
+              begin
+                IPAddr.new(ip)
+              rescue IPAddr::InvalidAddressError
+                raise Errors::IPInvalid, ip: ip
+              end
+
+              options[:static_ip] = ip
+            end
+
+            o.on("--ssh", "SSH into the remote machine") do |ssh|
+              options[:ssh] = ssh
+            end
+
+            o.on("--driver DRIVER", "Deprecated option for compatibility") do |driver|
+              options[:driver] = driver
+            end
+
+            o.on("--share-password", "Custom share password") do |p|
+              options[:share_password] = p
+            end
+          end
+
+          # Parse the options
+          argv = parse_options(opts)
+          return if !argv
+          if argv.empty? || argv.length > 1
+            raise Vagrant::Errors::CLIInvalidUsage, help: opts.help.chomp
+          end
+
+          if options[:ssh]
+            return execute_ssh(argv, options)
+          else
+            return execute_connect(argv, options)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/vagrant-share/command/ngrok.rb

@@ -0,0 +1,14 @@
+module VagrantPlugins
+  module Share
+    module Command
+      module Ngrok
+        # Default ngrok endpoint for TCP style connections
+        DEFAULT_NGROK_TCP_ENDPOINT = "0.tcp.ngrok.io".freeze
+        NGROK_TCP_DOMAIN = "tcp.ngrok.io".freeze
+
+        autoload :Connect, "vagrant-share/command/ngrok/connect"
+        autoload :Share, "vagrant-share/command/ngrok/share"
+      end
+    end
+  end
+end

data/lib/vagrant-share/command/ngrok/connect.rb

@@ -0,0 +1,236 @@
+module VagrantPlugins
+  module Share
+    module Command
+      module Ngrok
+        module Connect
+          # Start the ngrok based connect
+          #
+          # @param [Array<String>] argv CLI arguments
+          # @param [Hash] options CLI options
+          def connect_to_share(argv, options)
+            if options[:retrap_int]
+              halt_queue = Queue.new
+              wait_runner = Thread.new do
+                until halt_queue.pop == :halt
+                  @logger.debug("Connect wait runner watching for halt.")
+                end
+                @logger.debug("Connect wait runner received halt instruction.")
+                :halt
+              end
+              Helper.signal_retrap("INT") do
+                halt_queue << :halt
+              end
+            end
+
+            name, host_info = argv.first.to_s.split("@")
+            proxy_port, api_port = name.split(":").map do |word_pair|
+              Helper.dewordify(word_pair.split("_"))
+            end
+            host_num = host_info.to_s.empty? ? "0" : Helper.dewordify(host_info.split("_")).to_s
+
+            # Determine the static IP to use for the VM, if we're using one.
+            ip   = nil
+            ip_f = nil
+            if !options[:disable_static_ip]
+              @logger.info("Acquiring IP for connect VM")
+              ip, ip_f = Helper.acquire_ip(@env, options[:static_ip])
+              if ip == nil
+                if options[:static_ip]
+                  raise Errors::IPInUse, ip: options[:static_ip]
+                else
+                  raise Errors::IPCouldNotAutoAcquire
+                end
+              end
+              @logger.info("Connect VM IP will be: #{ip}")
+            end
+
+            # Get the proxy machine we'll start
+            machine  = Helper.share_machine(@env, ip: ip)
+            ui       = machine.ui
+            proxy_ui = machine.ui.dup
+            proxy_ui.opts[:bold] = false
+            proxy_ui.opts[:prefix_spaces] = true
+
+            ui.output(I18n.t("vagrant_share.connecting", name: name))
+
+            # Check for box updates if we have a box already...
+            if machine.box
+              ui.output(I18n.t("vagrant_share.box_update_check"))
+              begin
+                if machine.box.has_update?
+                  ui.detail(I18n.t("vagrant_share.box_update"))
+
+                  # There is an update! Delete the previous box to force
+                  # an update.
+                  machine.box.destroy!
+                  machine.box = nil
+                else
+                  ui.detail(I18n.t("vagrant_share.box_up_to_date"))
+                end
+              rescue => e
+                @logger.warn("failed to check for box update: #{e}")
+              end
+            end
+            if options[:driver].to_s.include?("ngrok.io")
+              proxy_endpoint = options[:driver]
+            else
+              proxy_endpoint = "#{host_num}.#{NGROK_TCP_DOMAIN}"
+            end
+
+            # Start the machine
+            ui.output(I18n.t("vagrant_share.starting_proxy_vm"))
+            machine.with_ui(proxy_ui) do
+              machine.action(:up)
+              machine.guest.capability(:connect_proxy, proxy_endpoint, proxy_port,
+                type: :standalone
+              )
+            end
+
+            yield name, ui, ip, proxy_port, api_port
+
+            # NOTE: Use a timed join on wait thread to prevent deadlock being claimed
+            if wait_runner
+              until wait_runner.join(30) == :halt
+                if Helper.ping_share(ip, api_port)
+                  @logger.debug("Validated share connection alive. Waiting for halt.")
+                else
+                  @logger.error("Share connection state has been lost. Halting connect.")
+                  ui.error(I18n.t("vagrant_share.ngrok.connection_lost", name: name))
+                  Process.kill("INT", Process.pid)
+                end
+              end
+            end
+          ensure
+            # If we have a machine, make sure we destroy it
+            if machine
+              machine.action(:destroy, force_confirm_destroy: true)
+            end
+            # If we acquired an IP, make sure we close and delete that file
+            if ip_f
+              ip_f.close
+              File.delete(ip_f.path) rescue nil
+            end
+          end
+
+          # Perform connection to share
+          #
+          # @param [Array<String>] argv CLI arguments
+          # @param [Hash] options CLI options
+          def execute_connect(argv, options)
+            opts = options.merge(retrap_int: true)
+            connect_to_share(argv, opts) do |name, ui, ip, proxy_port, api_port|
+              begin
+                share = Helper.share_info("share-info", ip, api_port)
+              rescue => e
+                @logger.error("Failed to establish connection to share `#{name}`." \
+                  "#{e.class}: #{e}")
+                raise Errors::ShareNotFound, name: name
+              end
+              ui.output(I18n.t("vagrant_share.looking_up", name: name))
+
+              share["ports"] ||= []
+              if !share["ports"].empty?
+                ui.detail(I18n.t("vagrant_share.connect_restricted_ports") + "\n ")
+                share["ports"].each do |port|
+                  next if port.to_s == proxy_port.to_s
+                  ui.detail("Port: #{port}")
+                end
+                ui.detail(" ")
+              end
+
+              if share["has_private_key"]
+                ui.detail(I18n.t("vagrant_share.connect_ssh_available"))
+                ui.detail(" ")
+              end
+
+              # Let the user know we connected and how to connect
+              ui.success(I18n.t("vagrant_share.started_connect"))
+              ui.success(I18n.t(
+                "vagrant_share.connect_socks_port", port: proxy_port.to_s))
+              ui.success(I18n.t("vagrant_share.connect_ip", ip: ip))
+              ui.success(" ")
+              ui.success(I18n.t("vagrant_share.connect_info"))
+            end
+          end
+
+          # Perform SSH connection to share
+          #
+          # @param [Array<String>] argv CLI arguments
+          # @param [Hash] options CLI options
+          def execute_ssh(argv, options)
+            private_key_path = nil
+            connect_to_share(argv, options) do |name, ui, ip, proxy_port, api_port|
+              # Determine information about this share
+              ui.output(I18n.t("vagrant_share.looking_up", name: name))
+              share = Helper.share_info("connect-ssh", ip, api_port)
+
+              if !share["has_private_key"]
+                raise Errors::SSHNotShared,
+                  name: name
+              end
+
+              if share["private_key_password"]
+                ui.ask(
+                  I18n.t("vagrant_share.connect_password_required"),
+                  color: :yellow)
+              end
+
+              # Get the private key
+              private_key = share["ssh_key"]
+              if share["private_key_password"]
+                while true
+                  password = nil
+                  while !password
+                    password = ui.ask(
+                      "#{I18n.t("vagrant_share.connect_password_prompt")} ",
+                      echo: false)
+                  end
+
+                  begin
+                    private_key = OpenSSL::PKey::RSA.new(private_key, password)
+                    private_key = private_key.to_pem
+                    password    = nil
+                    break
+                  rescue OpenSSL::PKey::RSAError
+                    ui.error(I18n.t("vagrant_share.connect_invalid_password"))
+                  end
+                end
+              end
+
+              private_key_file = Tempfile.new("vagrant-connect-key")
+              private_key_path = Pathname.new(private_key_file.path)
+              private_key_file.write(private_key)
+              private_key_file.close
+
+              # Nil out the private key so it can be GC'd
+              private_key = nil
+
+              # In 45 seconds, delete the private key file. 45 seconds
+              # should be long enough for SSH to properly connect.
+              key_thr = Thread.new do
+                sleep 45
+                private_key_path.unlink rescue nil
+              end
+
+              # Configure SSH
+              ssh_info = {
+                host: ip,
+                port: share["ssh_port"],
+                username: share["ssh_username"],
+                private_key_path: [private_key_path.to_s],
+              }
+              ui.output(I18n.t("vagrant_share.executing_ssh"))
+              Vagrant::Util::SSH.check_key_permissions(private_key_path)
+              Vagrant::Util::SSH.exec(ssh_info, subprocess: true)
+            end
+          ensure
+            # If the private key is still around, delete it
+            if private_key_path && private_key_path.file?
+              private_key_path.unlink rescue nil
+            end
+          end
+        end
+      end
+    end
+  end
+end