@lazycatcloud/lzc-cli 1.1.9 → 1.1.11

package/lib/api.js

@@ -7,9 +7,10 @@ import fetch from "node-fetch";
 //
 // sdk 提供的API
 export default class API {
-  constructor(appId, host) {
+  constructor(appId, host, uid = "") {
     this.appId = appId;
     this.host = host;
+    this.uid = uid;
   }
   async install(zipPath) {
     if (!fs.existsSync(zipPath)) {
@@ -35,7 +36,7 @@ export default class API {
 
   async resume() {
     const resp = await fetch(
-      `${this.host}/api/v1/app/resume?id=${this.appId}`,
+      `${this.host}/api/v1/app/resume?id=${this.appId}&userId=${this.uid}`,
       {
         method: "POST",
       }
@@ -46,24 +47,6 @@ export default class API {
     }
   }
 
-  async hasMount() {
-    const resp = await fetch(
-      `${this.host}/api/v1/app/hasMount?id=${this.appId}`,
-      {
-        method: "GET",
-      }
-    );
-    if (resp.status == 200) {
-      return true;
-    } else {
-      const text = await resp.text();
-      if (text) {
-        logger.debug("hasMount request failed", text);
-      }
-      return false;
-    }
-  }
-
   async isDevshell() {
     const resp = await fetch(
       `${this.host}/api/v1/app/isDevshell?id=${this.appId}`,
@@ -83,7 +66,9 @@ export default class API {
   }
 
   async status() {
-    const resp = await fetch(`${this.host}/api/v1/app/status?id=${this.appId}`);
+    const resp = await fetch(
+      `${this.host}/api/v1/app/status?id=${this.appId}&userId=${this.uid}`
+    );
     if (resp.status == 200) {
       const status = await resp.json();
       return status;

package/lib/app/index.js

@@ -1,7 +1,7 @@
 import path from "node:path";
 import lpkCreate from "./lpk_create.js";
 import { LpkBuild } from "./lpk_build.js";
-import { AppDevShell, fallbackToRsync } from "./lpk_devshell.js";
+import { AppDevShell } from "./lpk_devshell.js";
 import { LpkInstaller } from "./lpk_installer.js";
 import { LpkUninstaller } from "./lpk_uninstall.js";
 import { LpkStatuser } from "./lpk_status.js";
@@ -53,32 +53,31 @@ export function lpkProjectCommand(program) {
           alias: "rsync",
           deprecate: true,
           type: "boolean",
-          default: fallbackToRsync(),
+          default: true,
         });
-        const shell = process.env.SHELL
-          ? path.basename(process.env.SHELL)
-          : "sh";
         args.option("s", {
           alias: "shell",
           describe: "指定你最喜欢的shell",
           type: "string",
-          default: shell,
+          default: "bash",
         });
         args.option("f", {
           alias: "force",
           describe: "强制重新构建",
           type: "boolean",
         });
+        args.option("c", {
+          alias: "config",
+          describe: "devshell配置文件",
+          type: "string",
+          default: "lzc-build.yml",
+        });
       },
-      handler: async ({ context, shell, rsync, force }) => {
-        const app = new AppDevShell(context, undefined, rsync, force);
+      handler: async ({ context, shell, force, config }) => {
+        const app = new AppDevShell(context, config, force);
         await app.init();
         await app.build();
-        if (rsync) {
-          await app.rsyncShell(shell);
-        } else {
-          await app.sshfsShell(shell);
-        }
+        await app.rsyncShell(shell);
       },
     },
   ];

package/lib/app/lpk_build.js

@@ -14,6 +14,8 @@ import { LpkManifest } from "./lpk_create.js";
 import archiver from "archiver";
 import yaml from "js-yaml";
 
+const isMacos = process.platform == "darwin";
+
 async function tarContentDir(from, to, cwd = "./") {
   const dest = fs.createWriteStream(to);
   tar
@@ -90,9 +92,26 @@ async function fetchIconTo(options, cwd, destDir) {
 // 提供一些方便的环境变量，可以在 lzc-build.yml 中直接使用
 // - LocalIP 本地局域网ip
 function localIp() {
+  if (isMacos) {
+    const result = spawnSync("sh", [
+      "-c",
+      "ifconfig | awk '/inet /&&!/127.0.0.1/{print $2;exit}'",
+    ]);
+    if (result.error) {
+      logger.debug("macos get current ip is error", result.error);
+      return "";
+    } else {
+      const ip = result.stdout.toString().trim();
+      return ip;
+    }
+  }
   const output = spawnSync("ip", ["route", "get", "1.1.1.1"], {
     encoding: "utf-8",
   });
+  if (output.status !== 0) {
+    logger.debug("run ip route error", output.status, output.stderr);
+    return "";
+  }
   const match = output.stdout.match(/src\ (.+)\ uid/i);
   if (match) {
     return match[1];

package/lib/app/lpk_devshell.js

@@ -2,7 +2,7 @@
 import path from "node:path";
 import fs from "node:fs";
 import logger from "loglevel";
-import { spawn, execSync } from "node:child_process";
+import { execSync } from "node:child_process";
 import { LpkBuild } from "./lpk_build.js";
 import { LpkInstaller } from "./lpk_installer.js";
 import debounce from "lodash.debounce";
@@ -13,14 +13,12 @@ import {
   isFileExist,
   GitIgnore,
   sleep,
-  envTemplateFile,
   md5String,
   md5File,
   createTemplateFileCommon,
   loadFromYaml,
   FileLocker,
 } from "../utils.js";
-import yaml from "js-yaml";
 import Key from "../key.js";
 import os from "node:os";
 import { sdkEnv } from "../env.js";
@@ -28,8 +26,8 @@ import commandExists from "command-exists";
 import chokidar from "chokidar";
 import _ from "lodash";
 import BoxAPI from "../api.js";
-import inquirer from "inquirer";
 import { SdkDocker } from "./lpk_devshell_docker.js";
+import { getUidByManifest } from "../lzc_sdk.js";
 
 function sdkSSHHost() {
   const sdkUrl = sdkEnv.sdkUrl;
@@ -41,17 +39,6 @@ function sdkSSHPort() {
   return 2222;
 }
 
-function sdkSSHAddress() {
-  const host = sdkSSHHost();
-  const port = sdkSSHPort();
-  return `${host}:${port}`;
-}
-
-// 如果本地的机器没有 docker, 将会使用 rsync 同步
-export function fallbackToRsync() {
-  return !commandExists.sync("docker");
-}
-
 // 判断是否需要重新构建
 // - 先判断 lzc-build.yml 是否发生改变
 // - 再判断 lzc-build.yml 中的 manifest 中指定的文件是否发生改变
@@ -59,12 +46,11 @@ export function fallbackToRsync() {
 // - 根据 backend api 判断一个 appid 是否属于 running
 // - 根据在 backend api 中判断同步的目录下是否存在文件 判断当前运行的 app 是否已经有一个挂载的实例，避免重复挂载
 class AppDevShellMonitor {
-  constructor(cwd, pkgId, rsyncMode = false) {
+  constructor(cwd, pkgId, uid = "") {
     this.pwd = cwd ? path.resolve(cwd) : process.cwd();
-    this.rsyncMode = rsyncMode;
 
     this.pkgId = pkgId;
-    this.boxapi = new BoxAPI(pkgId, sdkEnv.sdkUrl);
+    this.boxapi = new BoxAPI(pkgId, sdkEnv.sdkUrl, uid);
 
     this.optionsFilePath = path.join(this.pwd, "lzc-build.yml");
     this.options = loadFromYaml(this.optionsFilePath);
@@ -99,21 +85,10 @@ class AppDevShellMonitor {
 
   async shouldBuild() {
     return (
-      this.change() ||
-      (await this.notRunning()) ||
-      (await this.noMount()) ||
-      (await this.noDevshell())
+      this.change() || (await this.notRunning()) || (await this.noDevshell())
     );
   }
 
-  async shouldRemount() {
-    try {
-      return await this.noMount();
-    } catch {
-      return true;
-    }
-  }
-
   change() {
     logger.debug("oldHash", this.oldHash);
     logger.debug("newHash", this.newHash);
@@ -148,43 +123,31 @@ class AppDevShellMonitor {
     }
   }
 
-  async noMount() {
-    let hasMount = await this.boxapi.hasMount();
-    if (hasMount && this.rsyncMode) {
-      throw "sshfs docker 进程还在运行中，如果需要使用rsync模式，请先停止；或者继续使用sshfs模式";
-    }
-    if (this.rsyncMode) {
-      // rsync mode skip mount check
-      return false;
-    }
-    return !hasMount;
-  }
-
   async noDevshell() {
     return !(await this.boxapi.isDevshell());
   }
 }
 
 export class AppDevShell {
-  constructor(cwd, builder, rsyncMode, forceBuild = false) {
+  constructor(cwd, config, forceBuild = false) {
     this.cwd = cwd ? path.resolve(cwd) : process.cwd();
-    this.lpkBuild = builder;
+    this.lpkBuild = undefined;
     this.monitor = undefined;
-    this.sshfsProcess = undefined;
-    this.rsyncMode = rsyncMode;
     this.forceBuild = forceBuild;
+    this.lpkBuildConfig = config;
   }
 
   async init() {
     if (!this.lpkBuild) {
-      this.lpkBuild = new LpkBuild(this.cwd);
+      this.lpkBuild = new LpkBuild(this.cwd, this.lpkBuildConfig);
       await this.lpkBuild.init();
     }
     const manifest = await this.lpkBuild.getManifest();
+    const uid = await getUidByManifest(manifest);
     this.monitor = await new AppDevShellMonitor(
       this.cwd,
       manifest["package"],
-      this.rsyncMode
+      uid
     ).init();
   }
 
@@ -194,11 +157,6 @@ export class AppDevShell {
       logger.debug("build...");
       await this.devshellBuild();
     }
-    // 判断是否需要重新启动 sshfs 容器
-    if (!this.rsyncMode && (await this.monitor.shouldRemount())) {
-      logger.debug("mount...");
-      this.sshfsProcess = await this.sshfs();
-    }
   }
 
   async devshellBuild() {
@@ -438,7 +396,8 @@ export class AppDevShell {
       logger.debug(err);
     }
 
-    const devshell = new DevShell(pairs["private"], pkgId, runShell);
+    const uid = await getUidByManifest(manifest);
+    const devshell = new DevShell(pairs["private"], pkgId, runShell, uid);
     if (isSync) {
       await devshell.shell();
     } else {
@@ -449,55 +408,16 @@ export class AppDevShell {
     // 现在会一直卡在退出状态后，必须要另外手动的指定 pkill node
     process.exit(0);
   }
-
-  async sshfs() {
-    const k = new Key();
-    const pairs = await k.getKeyPair();
-    const manifest = await this.lpkBuild.getManifest();
-    const localDevshell = new LocalDevshell(pairs, sdkSSHAddress());
-    const syncP = localDevshell.run(manifest.package, this.cwd);
-    await syncP.ready();
-    return syncP;
-  }
-
-  async sshfsShell(runShell) {
-    const manifest = await this.lpkBuild.getManifest();
-    const sdk = new SdkDocker();
-    await sdk.interactiveShell(manifest.package, runShell);
-
-    if (this.sshfsProcess) {
-      // already exit
-      if (this.sshfsProcess.p.exitCode) {
-        return;
-      }
-
-      const questions = [
-        {
-          name: "stop",
-          type: "input",
-          default: "n",
-          message: "是否停止 sshfs 同步容器(y/n): ",
-        },
-      ];
-      const answers = await inquirer.prompt(questions);
-      if (answers.stop.toLowerCase() === "y") {
-        this.sshfsProcess.p.kill("SIGTERM");
-      } else {
-        this.sshfsProcess.p.unref();
-        // FIXME: why must process.exit()
-        process.exit(0);
-      }
-    }
-  }
 }
 
 class DevShell {
-  constructor(keyFile, appId, runShell = "sh") {
+  constructor(keyFile, appId, runShell = "sh", uid = "") {
     logger.debug("keyFile", keyFile);
     logger.debug("appid", appId);
 
     this.keyFile = keyFile;
     this.appId = appId;
+    this.uid = uid;
     this.runShell = runShell;
   }
 
@@ -523,11 +443,12 @@ class DevShell {
     }
 
     let rsyncDebug = process.env.RSYNCDEBUG ? "-P" : "";
-    let storePath = `/var/lib/box-server/lzcapps/${appId}/lzcapp/cache/devshell`;
+    const userId = this.uid ? `/${this.uid}` : "";
+    let storePath = `/run/lzc_boot/data/cache/${appId}${userId}/devshell`;
     // FIXME: 下方执行命令不确定是否有兼容性问题
     try {
       execSync(
-        `rsync ${rsyncDebug} --rsh='${rsh}' --recursive --relative --perms --update . ${host}:${storePath} --filter=':- .gitignore' --exclude='node_modules' --exclude='.git' --delete --ignore-errors --usermap=:nobody --groupmap=*:nobody`,
+        `rsync ${rsyncDebug} --rsh='${rsh}' --recursive --relative --perms --update . ${host}:${storePath} --filter=':- .gitignore' --exclude='node_modules' --exclude='.git' --ignore-errors --usermap=:nobody --groupmap=*:nobody`,
         { stdio: ["ignore", "inherit", "inherit"] }
       );
     } catch (err) {
@@ -615,72 +536,6 @@ class DevShell {
 
   async connectShell() {
     const sdk = new SdkDocker();
-    await sdk.interactiveShell(this.appId, this.runShell);
-  }
-}
-
-// 本地的 devshell 容器
-// - 将当前项目目录通过 volumes 的方式绑定到 local_devshell 中
-// - local_devshell 中通过 ssh 反代本地的 22 端口到 sdk 中 30222
-// - sdk 中的 sshfs 通过连接 30222 端口进行同步
-// - 结合 local_devshell 容器中的 entrypoint 脚本
-class LocalDevshell {
-  constructor(pairs, sdkHost) {
-    this.publicKey = pairs["public"];
-    this.privateKey = pairs["private"];
-    this.sdkHost = sdkHost;
-    this.log = logger.getLogger("LocalDevshell");
-  }
-
-  run(pkgId, projectPath) {
-    const host = this.sdkHost.split(":")[0];
-    const port = this.sdkHost.split(":")[1];
-    // prettier-ignore
-    const syncP = spawn(`docker`, [
-      `run`, `--rm`,
-      `--network=host`,
-      `-v`, `${projectPath}:/project/${pkgId}`,
-      `-v`, `${this.privateKey}:/sdk/privateKey`,
-      `-v`, `${this.publicKey}:/sdk/publicKey`,
-      `-e`, `PKGID=${pkgId}`,
-      `-e`, `SDK_HOST=${host}`,
-      `-e`, `SDK_PORT=${port}`,
-      `-e`, `HOSTUID=${process.getuid()}`,
-      `-e`, `HOSTGID=${process.getgid()}`,
-      `registry.lazycat.cloud/lzc-cli/local_devshell:0.0.4`,
-    ], { detached: true, stdio: ["ignore", "pipe", "pipe"] });
-    syncP.stdout.on("data", (data) => {
-      this.log.debug(data.toString());
-    });
-    syncP.stderr.on("data", (data) => {
-      this.log.debug(data.toString());
-    });
-    return {
-      p: syncP,
-      ready: async () => {
-        return new Promise((_resolve, _reject) => {
-          syncP.stdout.on("data", (data) => {
-            if (data.toString().search(/sshfs running/g) > -1) {
-              this.log.debug("sshfs ready");
-              _resolve();
-            }
-          });
-
-          syncP.on("error", (err) => {
-            this.log.error(err);
-          });
-
-          syncP.on("close", (code) => {
-            if (code != 0) {
-              this.log.debug(`docker exited with code ${code}`);
-              _reject();
-            } else {
-              this.log.debug("sshfs close");
-              _resolve();
-            }
-          });
-        });
-      },
-    };
+    await sdk.interactiveShell(this.appId, this.runShell, this.uid);
   }
 }

package/lib/app/lpk_devshell_docker.js

@@ -135,14 +135,14 @@ export class SdkDocker {
     }
   }
 
-  async interactiveShell(appId, shell) {
+  async interactiveShell(appId, shell, uid = "") {
     const host = new URL(sdkEnv.sdkUrl).hostname;
     const opts = await connectOptions(host);
     const client = new SSHClient(opts);
     await client.connect();
     try {
       const replacedAppId = appId.replaceAll(".", "_").replaceAll("-", "__");
-      const containerName = `lzc--${replacedAppId}-app-1`;
+      const containerName = `lzc-${uid}-${replacedAppId}-app-1`;
       const stream = await client.exec(
         `docker exec -e SHELL=${shell} -e PKGID=${appId} -ti ${containerName} /lzcapp/pkg/content/devshell/exec.sh`,
         {

package/lib/app/lpk_installer.js

@@ -6,6 +6,8 @@ import path from "node:path";
 import Key from "../key.js";
 import { loadFromYaml, Downloader, sleep } from "../utils.js";
 import { spawnSync } from "node:child_process";
+import { getUidByManifest } from "../lzc_sdk.js";
+import fetch from "node-fetch";
 
 export class LpkInstaller {
   constructor() {}
@@ -25,22 +27,30 @@ export class LpkInstaller {
     }
 
     let manifest = await builder.getManifest();
-    let api = new BoxAPI(manifest["package"], sdkEnv.sdkUrl);
+    let uid = await getUidByManifest(manifest);
+    let api = new BoxAPI(manifest["package"], sdkEnv.sdkUrl, uid);
 
     let pkgPath = await builder.exec("");
     logger.info("开始部署应用");
     await api.install(pkgPath);
 
+    const appUrl = sdkEnv.sdkUrl.replace(
+      /sdk/,
+      manifest["application"]["subdomain"]
+    );
+    // 如果是多实例的应用，需要先访问下，才会创建对应的容器
+    if (manifest["application"]["user_app"]) {
+      const res = await fetch(appUrl);
+      if (res.status >= 400) {
+        throw `访问 ${appUrl} 失败`;
+      }
+    }
+
     // 新安装的应用默认为休眠的状态，需要先等容器创建成功，等成为 paused 后 resume 下
     await api.checkStatus(true);
 
     await sleep(2000);
-    logger.info(
-      `👉 请在浏览器中访问 ${sdkEnv.sdkUrl.replace(
-        /sdk/,
-        manifest["application"]["subdomain"]
-      )}`
-    );
+    logger.info(`👉 请在浏览器中访问 ${appUrl}`);
   }
 
   async install(pkgUrl) {

package/lib/appstore/publish.js

@@ -1,4 +1,4 @@
-import { request } from "./login.js";
+import { request, autoLogin } from "./login.js";
 import logger from "loglevel";
 import FormData from "form-data";
 import fs from "node:fs";
@@ -35,6 +35,8 @@ export class Publish {
       fs.rmSync(tempDir, { recursive: true });
     }
 
+    await autoLogin();
+
     if (!changelog) {
       const answer = await askChangeLog();
       changelog = answer.changelog;

package/lib/key.js

@@ -83,7 +83,7 @@ export default class Key {
               key: fs.readFileSync(pair["private"]),
             },
           ],
-          keepaliveInterval: 5000,
+          keepaliveInterval: 60000, // 60s
         });
     });
   }

package/lib/lzc_sdk.js

@@ -0,0 +1,25 @@
+import os from "node:os";
+import path from "node:path";
+import fs from "node:fs";
+import logger from "loglevel";
+
+const lzcConfigFile = path.resolve(
+  os.homedir(),
+  ".config",
+  "lzc-client-desktop",
+  "defaultBox.json"
+);
+
+let lzcConfig = undefined;
+export async function getUidByManifest(manifest) {
+  if (manifest["application"]["user_app"]) {
+    if (!lzcConfig) {
+      lzcConfig = JSON.parse(
+        fs.readFileSync(lzcConfigFile, { encoding: "utf8" })
+      );
+      logger.debug("loginUser: ", lzcConfig["loginUser"]);
+    }
+    return lzcConfig["loginUser"];
+  }
+  return "";
+}

package/lib/sdk.js

@@ -35,7 +35,7 @@ export async function connectOptions(host) {
         agent: process.env.SSH_AUTH_SOCK,
       },
     ],
-    keepaliveInterval: 5000, // 5s
+    keepaliveInterval: 60000, // 60s
     debug: sshDebug(),
   };
 }

package/package.json

@@ -1,9 +1,8 @@
 {
   "name": "@lazycatcloud/lzc-cli",
-  "version": "1.1.9",
+  "version": "1.1.11",
   "description": "lazycat cloud developer kit",
   "scripts": {
-    "postinstall": "cp .githooks/* .git/hooks/",
     "test": "tap",
     "snap": "tap"
   },
@@ -32,6 +31,7 @@
     "@balena/dockerignore": "^1.0.2",
     "@improbable-eng/grpc-web": "^0.15.0",
     "@improbable-eng/grpc-web-node-http-transport": "^0.15.0",
+    "@lazycatcloud/sdk": "^0.1.120",
     "archiver": "^5.3.0",
     "browser-headers": "^0.4.1",
     "chalk": "^4.1.2",

package/template/_lpk/exec.sh

@@ -13,7 +13,10 @@ cd /lzcapp/cache/devshell
 if command -v $SHELL &> /dev/null
 then
     exec $SHELL
+elif command -v bash &> /dev/null
+then
+     exec /bin/sh
 else
-    echo "$SHELL 不存在，执行默认的 /bin/sh"
+    echo "执行默认的 /bin/sh"
     exec /bin/sh
 fi

package/lib/autologin.js

@@ -1,4 +0,0 @@
-import fetch from "node-fetch";
-export async function request(url, options = {}) {
-  return fetch(url, options);
-}

package/template/_lpk/local_devshell/Dockerfile

@@ -1,16 +0,0 @@
-FROM alpine:3.16
-
-RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.ustc.edu.cn/g' /etc/apk/repositories
-
-RUN apk add --no-cache openssh openssl inotify-tools curl tzdata \
-  && echo "root:root" | chpasswd
-
-COPY sshd_config /etc/ssh/sshd_config
-COPY entrypoint.sh /entrypoint.sh
-
-RUN cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && \
-    echo "Asia/Shanghai" > /etc/timezone && \
-    date && \
-    chmod +x /entrypoint.sh
-
-CMD ["./entrypoint.sh"]

package/template/_lpk/local_devshell/build.sh

@@ -1,5 +0,0 @@
-#!/usr/bin/sh
-
-VERSION=0.0.4
-docker build -f Dockerfile . -t registry.lazycat.cloud/lzc-cli/local_devshell:$VERSION
-docker push registry.lazycat.cloud/lzc-cli/local_devshell:$VERSION

package/template/_lpk/local_devshell/entrypoint.sh

@@ -1,87 +0,0 @@
-#!/bin/sh
-set -e
-
-ssh-keygen -A
-
-free_port(){
-    # $1 最小端口
-    local port="$1"
-    port="${port:-8192}"
-    local ports
-    ports="$(cut -c 16-19 /proc/net/tcp)"
-    while echo "$ports" | grep -q "$(printf '%.4X' "$port")"; do
-        port=$((port+1))
-    done
-    echo $port
-}
-local_ssh_port="$(free_port 22812)"
-
-# do not detach (-D), log to stderr (-e), passthrough other arguments
-/usr/sbin/sshd -e -p $local_ssh_port
-
-OPTIONS="-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o ConnectionAttempts=3 -o ConnectTimeout=30 -o ServerAliveInterval=5"
-
-# 生成key
-cat >/tmp/prepare.sh <<EOF
-#!/bin/sh
-mkdir -p /tmp/$PKGID/.ssh
-
-if [ ! -f /tmp/$PKGID/.ssh/id_ed25519 ]; then
-   ssh-keygen -t ed25519 -f /tmp/$PKGID/.ssh/id_ed25519 -P ""
-fi
-EOF
-ssh $OPTIONS -p $SDK_PORT -i /sdk/privateKey $SDK_HOST "$(cat /tmp/prepare.sh)"
-
-# 复制生成的 key 到本地的 devshell 容器中
-scp -O -i /sdk/privateKey -P $SDK_PORT $OPTIONS $SDK_HOST:/tmp/$PKGID/.ssh/id_ed25519.pub /tmp/id_ed25519.pub
-# 输出到本地 devshell 容器中的 authorized_keys 中
-mkdir -p /root/.ssh
-cat /tmp/id_ed25519.pub >> /root/.ssh/authorized_keys
-
-
-# 生成 ssh port
-cat >/tmp/sdk_port.sh <<\EOF
-#!/bin/sh
-free_port(){
-    # $1 最小端口
-    local port="$1"
-    port="${port:-8192}"
-    local ports
-    ports="$(cut -c 16-19 /proc/net/tcp)"
-    while echo "$ports" | grep -q "$(printf '%.4X' "$port")"; do
-        port=$((port+1))
-    done
-    echo $port
-}
-echo "ssh_port:$(free_port 12282)"
-EOF
-ssh_port=$(ssh $OPTIONS -p $SDK_PORT -i /sdk/privateKey $SDK_HOST "$(cat /tmp/sdk_port.sh)" 2>&1 |\
-               grep ssh_port | awk -F: '{ print $2 }')
-echo "ssh port: $ssh_port"
-
-# inotify script
-cat >/tmp/inotify.sh <<EOF
-#!/bin/sh
-cd /project
-while [ -d /project/$PKGID ]
-do
-  cd /project/$PKGID
-  inotifywait -q -m -r -e "modify,move,create,delete" --timefmt "%Y-%m-%d %X" --format "%T,%:e,%w%f,$PKGID" .
-done
-EOF
-chmod +x /tmp/inotify.sh
-
-# 反代本地的 $local_ssh_port 端口到 sdk 容器中的端口 ssh_port
-cat >/tmp/sshfs.sh <<EOF
-#!/bin/sh
-set -ex
-
-mkdir -p /var/lib/box-server/lzcapps/$PKGID/lzcapp/cache/devshell
-
-sshfs -v root@localhost:/project/$PKGID /var/lib/box-server/lzcapps/$PKGID/lzcapp/cache/devshell -o allow_other,default_permissions -o direct_io -o dir_cache=no -o IdentityFile=/tmp/$PKGID/.ssh/id_ed25519 -o auto_unmount $OPTIONS -p $ssh_port -o uid=$HOSTUID -o gid=$HOSTGID
-
-echo "sshfs running"
-ssh root@localhost $OPTIONS -p $ssh_port -i /tmp/$PKGID/.ssh/id_ed25519 sh -c '/tmp/inotify.sh' | /lzc-cli-backend -inotify
-EOF
-
-exec ssh -R 127.0.0.1:$ssh_port:127.0.0.1:$local_ssh_port -p $SDK_PORT $OPTIONS -i /sdk/privateKey $SDK_HOST "$(cat /tmp/sshfs.sh)"

package/template/_lpk/local_devshell/sshd_config

@@ -1,117 +0,0 @@
-#       $OpenBSD: sshd_config,v 1.104 2021/07/02 05:11:21 dtucker Exp $
-
-# This is the sshd server system-wide configuration file.  See
-# sshd_config(5) for more information.
-
-# This sshd was compiled with PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
-
-# The strategy used for options in the default sshd_config shipped with
-# OpenSSH is to specify options with their default value where
-# possible, but leave them commented.  Uncommented options override the
-# default value.
-
-# Port 22456
-#AddressFamily any
-ListenAddress 127.0.0.1
-#ListenAddress ::
-
-#HostKey /etc/ssh/ssh_host_rsa_key
-#HostKey /etc/ssh/ssh_host_ecdsa_key
-#HostKey /etc/ssh/ssh_host_ed25519_key
-
-# Ciphers and keying
-#RekeyLimit default none
-
-# Logging
-#SyslogFacility AUTH
-#LogLevel INFO
-
-# Authentication:
-
-#LoginGraceTime 2m
-PermitRootLogin yes
-#StrictModes yes
-#MaxAuthTries 6
-#MaxSessions 10
-
-PubkeyAuthentication yes
-
-# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
-# but this is overridden so installations will only check .ssh/authorized_keys
-AuthorizedKeysFile      .ssh/authorized_keys
-
-#AuthorizedPrincipalsFile none
-
-#AuthorizedKeysCommand none
-#AuthorizedKeysCommandUser nobody
-
-# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
-#HostbasedAuthentication no
-# Change to yes if you don't trust ~/.ssh/known_hosts for
-# HostbasedAuthentication
-IgnoreUserKnownHosts yes
-# Don't read the user's ~/.rhosts and ~/.shosts files
-IgnoreRhosts yes
-
-# To disable tunneled clear text passwords, change to no here!
-PasswordAuthentication no
-PermitEmptyPasswords no
-
-# Change to no to disable s/key passwords
-#KbdInteractiveAuthentication yes
-
-# Kerberos options
-#KerberosAuthentication no
-#KerberosOrLocalPasswd yes
-#KerberosTicketCleanup yes
-#KerberosGetAFSToken no
-
-# GSSAPI options
-#GSSAPIAuthentication no
-#GSSAPICleanupCredentials yes
-
-# Set this to 'yes' to enable PAM authentication, account processing,
-# and session processing. If this is enabled, PAM authentication will
-# be allowed through the KbdInteractiveAuthentication and
-# PasswordAuthentication.  Depending on your PAM configuration,
-# PAM authentication via KbdInteractiveAuthentication may bypass
-# the setting of "PermitRootLogin without-password".
-# If you just want the PAM account and session checks to run without
-# PAM authentication, then enable this but set PasswordAuthentication
-# and KbdInteractiveAuthentication to 'no'.
-# UsePAM no
-
-AllowAgentForwarding yes
-# Feel free to re-enable these if your use case requires them.
-AllowTcpForwarding yes
-GatewayPorts yes
-X11Forwarding no
-#X11DisplayOffset 10
-#X11UseLocalhost yes
-#PermitTTY yes
-#PrintMotd yes
-#PrintLastLog yes
-#TCPKeepAlive yes
-#PermitUserEnvironment no
-#Compression delayed
-ClientAliveInterval 5
-ClientAliveCountMax 3
-#UseDNS no
-#PidFile /run/sshd.pid
-#MaxStartups 10:30:100
-#PermitTunnel no
-#ChrootDirectory none
-#VersionAddendum none
-
-# no default banner path
-#Banner none
-
-# override default of no subsystems
-Subsystem       sftp    /usr/lib/ssh/sftp-server
-
-# Example of overriding settings on a per-user basis
-#Match User anoncvs
-#       X11Forwarding no
-#       AllowTcpForwarding no
-#       PermitTTY no
-#       ForceCommand cvs server