diff --git a/lib/kamal/commands/base.rb b/lib/kamal/commands/base.rb index c0eac91c..73e698dd 100644 --- a/lib/kamal/commands/base.rb +++ b/lib/kamal/commands/base.rb @@ -11,7 +11,7 @@ def initialize(config) end def run_over_ssh(*command, host:) - "ssh#{ssh_proxy_args} -t #{config.ssh.user}@#{host} -p #{config.ssh.port} '#{command.join(" ").gsub("'", "'\\\\''")}'" + "ssh#{ssh_proxy_args}#{ssh_config_args} -t #{config.ssh.user}@#{host} -p #{config.ssh.port} '#{command.join(" ").gsub("'", "'\\\\''")}'" end def container_id_for(container_name:, only_running: false) @@ -94,5 +94,16 @@ def ssh_proxy_args " -o ProxyCommand='#{config.ssh.proxy.command_line_template}'" end end + + def ssh_config_args + case config.ssh.config + when true, nil + "" + when false + " -F none" + when String + " -F #{Shellwords.escape(config.ssh.config)}" + end + end end end diff --git a/lib/kamal/configuration/docs/ssh.yml b/lib/kamal/configuration/docs/ssh.yml index 8d103352..fa4894c5 100644 --- a/lib/kamal/configuration/docs/ssh.yml +++ b/lib/kamal/configuration/docs/ssh.yml @@ -66,5 +66,5 @@ ssh: # # Set to true to load the default OpenSSH config files (~/.ssh/config, # /etc/ssh_config), to false ignore config files, or to a file path - # (or array of paths) to load specific configuration. Defaults to true. + # to load specific configuration. Defaults to true. config: true diff --git a/lib/kamal/configuration/ssh.rb b/lib/kamal/configuration/ssh.rb index dc88367e..28ba9671 100644 --- a/lib/kamal/configuration/ssh.rb +++ b/lib/kamal/configuration/ssh.rb @@ -7,7 +7,7 @@ class Kamal::Configuration::Ssh def initialize(config:) @ssh_config = config.raw_config.ssh || {} - validate! ssh_config + validate! ssh_config, with: Kamal::Configuration::Validator::Ssh end def user @@ -38,8 +38,12 @@ def key_data ssh_config["key_data"] end + def config + ssh_config["config"] + end + def options - { user: user, port: port, proxy: proxy, logger: logger, keepalive: true, keepalive_interval: 30, keys_only: keys_only, keys: keys, key_data: key_data }.compact + { user: user, port: port, proxy: proxy, logger: logger, keepalive: true, keepalive_interval: 30, keys_only: keys_only, keys: keys, key_data: key_data, config: config }.compact end def to_h diff --git a/lib/kamal/configuration/validator/ssh.rb b/lib/kamal/configuration/validator/ssh.rb new file mode 100644 index 00000000..ffa337ad --- /dev/null +++ b/lib/kamal/configuration/validator/ssh.rb @@ -0,0 +1,19 @@ +class Kamal::Configuration::Validator::Ssh < Kamal::Configuration::Validator + SPECIAL_KEYS = [ "config" ] + + def validate! + validate_against_example! \ + config.except(*SPECIAL_KEYS), + example.except(*SPECIAL_KEYS) + + validate_config_key! if config.key?("config") + end + + private + + def validate_config_key! + with_context(config["config"]) do + validate_type! config["config"], TrueClass, String + end + end +end diff --git a/test/commands/app_test.rb b/test/commands/app_test.rb index 0e5cad79..4d3560d6 100644 --- a/test/commands/app_test.rb +++ b/test/commands/app_test.rb @@ -300,6 +300,16 @@ class CommandsAppTest < ActiveSupport::TestCase assert_equal "ssh -t root@1.1.1.1 -p 2222 'ls'", new_command.run_over_ssh("ls", host: "1.1.1.1") end + test "run over ssh with custom config" do + @config[:ssh] = { "config" => "config/ssh config" } + assert_equal "ssh -F config/ssh\\ config -t root@1.1.1.1 -p 22 'ls'", new_command.run_over_ssh("ls", host: "1.1.1.1") + end + + test "run over ssh with no config" do + @config[:ssh] = { "config" => false } + assert_equal "ssh -F none -t root@1.1.1.1 -p 22 'ls'", new_command.run_over_ssh("ls", host: "1.1.1.1") + end + test "run over ssh with proxy" do @config[:ssh] = { "proxy" => "2.2.2.2" } assert_equal "ssh -J root@2.2.2.2 -t root@1.1.1.1 -p 22 'ls'", new_command.run_over_ssh("ls", host: "1.1.1.1") diff --git a/test/configuration/ssh_test.rb b/test/configuration/ssh_test.rb index 76d1ae9a..8315f6bb 100644 --- a/test/configuration/ssh_test.rb +++ b/test/configuration/ssh_test.rb @@ -37,4 +37,14 @@ class ConfigurationSshTest < ActiveSupport::TestCase config = Kamal::Configuration.new(@deploy.tap { |c| c.merge!(ssh: { "proxy" => "app@1.2.3.4" }) }) assert_equal "app@1.2.3.4", config.ssh.options[:proxy].jump_proxies end + + test "ssh options with disabled ssh_config" do + config = Kamal::Configuration.new(@deploy.tap { |c| c.merge!(ssh: { "config" => false }) }) + assert_equal false, config.ssh.options[:config] + end + + test "ssh options with path to an ssh_config-file" do + config = Kamal::Configuration.new(@deploy.tap { |c| c.merge!(ssh: { "config" => "config/ssh_config" }) }) + assert_equal "config/ssh_config", config.ssh.options[:config] + end end