Merge pull request #959 from szwabodev/feat/localServerTerminal

feat: local server terminal access
2025-06-26 18:27:59 +00:00 · 2024-12-29 18:06:32 -06:00
parent c168648cce 228d12a61c
commit da148a6c50
12 changed files with 341 additions and 34 deletions
--- a/apps/dokploy/server/wss/terminal.ts
+++ b/apps/dokploy/server/wss/terminal.ts
@@ -1,8 +1,9 @@
 import type http from "node:http";
 import { findServerById, validateWebSocketRequest } from "@dokploy/server";
 import { publicIpv4, publicIpv6 } from "public-ip";
-import { Client } from "ssh2";
+import { Client, type ConnectConfig } from "ssh2";
 import { WebSocketServer } from "ws";
+import { setupLocalServerSSHKey } from "./utils";

 export const getPublicIpWithFallback = async () => {
 	// @ts-ignore
@@ -55,21 +56,67 @@ export const setupTerminalWebSocketServer = (
 			return;
 		}

-		const server = await findServerById(serverId);
+		let connectionDetails: ConnectConfig = {};

-		if (!server) {
-			ws.close();
-			return;
+		const isLocalServer = serverId === "local";
+
+		if (isLocalServer) {
+			const port = Number(url.searchParams.get("port"));
+			const username = url.searchParams.get("username");
+
+			if (!port || !username) {
+				ws.close();
+				return;
+			}
+
+			ws.send("Setting up private SSH key...\n");
+			const privateKey = await setupLocalServerSSHKey();
+
+			if (!privateKey) {
+				ws.close();
+				return;
+			}
+
+			connectionDetails = {
+				host: "localhost",
+				port,
+				username,
+				privateKey,
+			};
+		} else {
+			ws.send("Getting server data...\n");
+			const server = await findServerById(serverId);
+
+			if (!server) {
+				ws.close();
+				return;
+			}
+
+			const { ipAddress: host, port, username, sshKey, sshKeyId } = server;
+
+			if (!sshKeyId) {
+				throw new Error("No SSH key available for this server");
+			}
+
+			connectionDetails = {
+				host,
+				port,
+				username,
+				privateKey: sshKey?.privateKey,
+			};
 		}

-		if (!server.sshKeyId)
-			throw new Error("No SSH key available for this server");
-
 		const conn = new Client();
 		let stdout = "";
 		let stderr = "";
+
+		ws.send("Connecting...\n");
+
 		conn
 			.once("ready", () => {
+				// Clear terminal content once connected
+				ws.send("\x1bc");
+
 				conn.shell({}, (err, stream) => {
 					if (err) throw err;

@@ -112,18 +159,13 @@ export const setupTerminalWebSocketServer = (
 			.on("error", (err) => {
 				if (err.level === "client-authentication") {
 					ws.send(
-						`Authentication failed: Invalid SSH private key. ❌ Error: ${err.message} ${err.level}`,
+						`Authentication failed: Unauthorized ${isLocalServer ? "" : "private SSH key or "}username.\n❌  Error: ${err.message} ${err.level}`,
 					);
 				} else {
 					ws.send(`SSH connection error: ${err.message}`);
 				}
 				conn.end();
 			})
-			.connect({
-				host: server.ipAddress,
-				port: server.port,
-				username: server.username,
-				privateKey: server.sshKey?.privateKey,
-			});
+			.connect(connectionDetails);
 	});
 };
--- a/apps/dokploy/server/wss/utils.ts
+++ b/apps/dokploy/server/wss/utils.ts
@@ -1,4 +1,17 @@
+import { execAsync } from "@dokploy/server/utils/process/execAsync";
 import os from "node:os";
+import path from "node:path";
+import fs from "node:fs";
+
+const HOME_PATH = process.env.HOME || process.env.USERPROFILE || "/";
+
+const LOCAL_SSH_KEY_PATH = path.join(
+	HOME_PATH,
+	".ssh",
+	"auto_generated-dokploy-local",
+);
+
+const AUTHORIZED_KEYS_PATH = path.join(HOME_PATH, ".ssh", "authorized_keys");

 export const getShell = () => {
 	switch (os.platform()) {
@@ -10,3 +23,40 @@ export const getShell = () => {
 			return "bash";
 	}
 };
+
+/** Returns private SSH key for dokploy local server terminal. Uses already created SSH key or generates a new SSH key, also automatically appends the public key to `authorized_keys`, creating the file if needed. */
+export const setupLocalServerSSHKey = async () => {
+	try {
+		if (!fs.existsSync(LOCAL_SSH_KEY_PATH)) {
+			// Generate new SSH key if it hasn't been created yet
+			await execAsync(
+				`ssh-keygen -t rsa -b 4096 -f ${LOCAL_SSH_KEY_PATH} -N ""`,
+			);
+		}
+
+		const privateKey = fs.readFileSync(LOCAL_SSH_KEY_PATH, "utf8");
+		const publicKey = fs.readFileSync(`${LOCAL_SSH_KEY_PATH}.pub`, "utf8");
+		const authKeyContent = `${publicKey}\n`;
+
+		if (!fs.existsSync(AUTHORIZED_KEYS_PATH)) {
+			// Create authorized_keys if it doesn't exist yet
+			fs.writeFileSync(AUTHORIZED_KEYS_PATH, authKeyContent, { mode: 0o600 });
+			return privateKey;
+		}
+
+		const existingAuthKeys = fs.readFileSync(AUTHORIZED_KEYS_PATH, "utf8");
+		if (existingAuthKeys.includes(publicKey)) {
+			return privateKey;
+		}
+
+		// Append the public key to authorized_keys
+		fs.appendFileSync(AUTHORIZED_KEYS_PATH, authKeyContent, {
+			mode: 0o600,
+		});
+
+		return privateKey;
+	} catch (error) {
+		console.error("Error getting private SSH key for local terminal:", error);
+		return "";
+	}
+};