Merge pull request coollabsio#3543 from peaklabs-dev/cf-production-ready

andrasbacsai · web-flow · commit 12a0d71e4770 · 2024-09-23T21:53:23.000+02:00
Feat: Make cloudflare production ready
diff --git a/app/Helpers/SshMultiplexingHelper.php b/app/Helpers/SshMultiplexingHelper.php
@@ -24,28 +24,23 @@ public static function serverSshConfiguration(Server $server)
     public static function ensureMultiplexedConnection(Server $server)
     {
         if (! self::isMultiplexingEnabled()) {
-            // ray('SSH Multiplexing: DISABLED')->red();
             return;
         }
 
-        // ray('SSH Multiplexing: ENABLED')->green();
-        // ray('Ensuring multiplexed connection for server:', $server);
-
         $sshConfig = self::serverSshConfiguration($server);
         $muxSocket = $sshConfig['muxFilename'];
         $sshKeyLocation = $sshConfig['sshKeyLocation'];
 
         self::validateSshKey($sshKeyLocation);
 
         $checkCommand = "ssh -O check -o ControlPath=$muxSocket {$server->user}@{$server->ip}";
+        if (data_get($server, 'settings.is_cloudflare_tunnel')) {
+            $checkCommand = 'cloudflared access ssh --hostname %h -O check -o ControlPath=' . $muxSocket . ' ' . $server->user . '@' . $server->ip;
+        }
         $process = Process::run($checkCommand);
 
         if ($process->exitCode() !== 0) {
-            // ray('SSH Multiplexing: Existing connection check failed or not found')->orange();
-            // ray('Establishing new connection');
             self::establishNewMultiplexedConnection($server);
-        } else {
-            // ray('SSH Multiplexing: Existing connection is valid')->green();
         }
     }
 
@@ -55,10 +50,6 @@ public static function establishNewMultiplexedConnection(Server $server)
         $sshKeyLocation = $sshConfig['sshKeyLocation'];
         $muxSocket = $sshConfig['muxFilename'];
 
-        // ray('Establishing new multiplexed connection')->blue();
-        // ray('SSH Key Location:', $sshKeyLocation);
-        // ray('Mux Socket:', $muxSocket);
-
         $connectionTimeout = config('constants.ssh.connection_timeout');
         $serverInterval = config('constants.ssh.server_interval');
         $muxPersistTime = config('constants.ssh.mux_persist_time');
@@ -67,25 +58,15 @@ public static function establishNewMultiplexedConnection(Server $server)
             .self::getCommonSshOptions($server, $sshKeyLocation, $connectionTimeout, $serverInterval)
             ."{$server->user}@{$server->ip}";
 
-        // ray('Establish Command:', $establishCommand);
+        if (data_get($server, 'settings.is_cloudflare_tunnel')) {
+            $establishCommand = 'cloudflared access ssh --hostname %h -fNM -o ControlMaster=auto -o ControlPath=' . $muxSocket . ' -o ControlPersist=' . $muxPersistTime . ' ' . self::getCommonSshOptions($server, $sshKeyLocation, $connectionTimeout, $serverInterval) . $server->user . '@' . $server->ip;
+        }
 
         $establishProcess = Process::run($establishCommand);
 
-        // ray('Establish Process Exit Code:', $establishProcess->exitCode());
-        // ray('Establish Process Output:', $establishProcess->output());
-        // ray('Establish Process Error Output:', $establishProcess->errorOutput());
-
         if ($establishProcess->exitCode() !== 0) {
-            // ray('Failed to establish multiplexed connection')->red();
             throw new \RuntimeException('Failed to establish multiplexed connection: '.$establishProcess->errorOutput());
         }
-
-        // ray('Successfully established multiplexed connection')->green();
-
-        // Check if the mux socket file was created
-        if (! file_exists($muxSocket)) {
-            // ray('Mux socket file not found after connection establishment')->orange();
-        }
     }
 
     public static function removeMuxFile(Server $server)
@@ -94,19 +75,10 @@ public static function removeMuxFile(Server $server)
         $muxSocket = $sshConfig['muxFilename'];
 
         $closeCommand = "ssh -O exit -o ControlPath=$muxSocket {$server->user}@{$server->ip}";
-        $process = Process::run($closeCommand);
-
-        // ray('Closing multiplexed connection')->blue();
-        // ray('Close command:', $closeCommand);
-        // ray('Close process exit code:', $process->exitCode());
-        // ray('Close process output:', $process->output());
-        // ray('Close process error output:', $process->errorOutput());
-
-        if ($process->exitCode() !== 0) {
-            // ray('Failed to close multiplexed connection')->orange();
-        } else {
-            // ray('Successfully closed multiplexed connection')->green();
+        if (data_get($server, 'settings.is_cloudflare_tunnel')) {
+            $closeCommand = 'cloudflared access ssh --hostname %h -O exit -o ControlPath=' . $muxSocket . ' ' . $server->user . '@' . $server->ip;
         }
+        Process::run($closeCommand);
     }
 
     public static function generateScpCommand(Server $server, string $source, string $dest)
@@ -116,16 +88,18 @@ public static function generateScpCommand(Server $server, string $source, string
         $muxSocket = $sshConfig['muxFilename'];
 
         $timeout = config('constants.ssh.command_timeout');
+        $muxPersistTime = config('constants.ssh.mux_persist_time');
 
         $scp_command = "timeout $timeout scp ";
 
         if (self::isMultiplexingEnabled()) {
-            $muxPersistTime = config('constants.ssh.mux_persist_time');
             $scp_command .= "-o ControlMaster=auto -o ControlPath=$muxSocket -o ControlPersist={$muxPersistTime} ";
             self::ensureMultiplexedConnection($server);
         }
 
-        self::addCloudflareProxyCommand($scp_command, $server);
+        if (data_get($server, 'settings.is_cloudflare_tunnel')) {
+            $scp_command = 'timeout ' . $timeout . ' cloudflared access ssh --hostname %h -o ControlMaster=auto -o ControlPath=' . $muxSocket . ' -o ControlPersist=' . $muxPersistTime . ' ';
+        }
 
         $scp_command .= self::getCommonSshOptions($server, $sshKeyLocation, config('constants.ssh.connection_timeout'), config('constants.ssh.server_interval'), isScp: true);
         $scp_command .= "{$source} {$server->user}@{$server->ip}:{$dest}";
@@ -144,16 +118,18 @@ public static function generateSshCommand(Server $server, string $command)
         $muxSocket = $sshConfig['muxFilename'];
 
         $timeout = config('constants.ssh.command_timeout');
+        $muxPersistTime = config('constants.ssh.mux_persist_time');
 
         $ssh_command = "timeout $timeout ssh ";
 
         if (self::isMultiplexingEnabled()) {
-            $muxPersistTime = config('constants.ssh.mux_persist_time');
             $ssh_command .= "-o ControlMaster=auto -o ControlPath=$muxSocket -o ControlPersist={$muxPersistTime} ";
             self::ensureMultiplexedConnection($server);
         }
 
-        self::addCloudflareProxyCommand($ssh_command, $server);
+        if (data_get($server, 'settings.is_cloudflare_tunnel')) {
+            $ssh_command = 'timeout ' . $timeout . ' cloudflared access ssh --hostname %h -o ControlMaster=auto -o ControlPath=' . $muxSocket . ' -o ControlPersist=' . $muxPersistTime . ' ';
+        }
 
         $ssh_command .= self::getCommonSshOptions($server, $sshKeyLocation, config('constants.ssh.connection_timeout'), config('constants.ssh.server_interval'));
 
@@ -183,13 +159,6 @@ private static function validateSshKey(string $sshKeyLocation): void
         }
     }
 
-    private static function addCloudflareProxyCommand(string &$command, Server $server): void
-    {
-        if (data_get($server, 'settings.is_cloudflare_tunnel')) {
-            $command .= '-o ProxyCommand="/usr/local/bin/cloudflared access ssh --hostname %h" ';
-        }
-    }
-
     private static function getCommonSshOptions(Server $server, string $sshKeyLocation, int $connectionTimeout, int $serverInterval, bool $isScp = false): string
     {
         $options = "-i {$sshKeyLocation} "
diff --git a/resources/views/livewire/server/configure-cloudflare-tunnels.blade.php b/resources/views/livewire/server/configure-cloudflare-tunnels.blade.php
@@ -1,6 +1,6 @@
 <form wire:submit.prevent='submit' class="flex flex-col w-full gap-2">
     <x-forms.input id="cloudflare_token" required label="Cloudflare Token" />
     <x-forms.input id="ssh_domain" label="Configured SSH Domain" required
-        helper="The SSH Domain you configured in Cloudflare" />
+        helper="The SSH Domain you configured in Cloudflare. Make sure there is no protocol like http(s):// so you provide a FQDN not a URL." />
     <x-forms.button type="submit" isHighlighted @click="modalOpen=false">Automated Configuration</x-forms.button>
 </form>
diff --git a/resources/views/livewire/server/form.blade.php b/resources/views/livewire/server/form.blade.php
@@ -68,7 +68,7 @@ class="mt-8 mb-4 w-full font-bold box-without-bg bg-coollabs hover:bg-coollabs-1
             </div>
             <div class="flex flex-col gap-2 w-full lg:flex-row">
                 <x-forms.input type="password" id="server.ip" label="IP Address/Domain"
-                    helper="An IP Address (127.0.0.1) or domain (example.com)." required />
+                    helper="An IP Address (127.0.0.1) or domain (example.com). Make sure there is no protocol like http(s):// so you provide a FQDN not a URL." required />
                 <div class="flex gap-2">
                     <x-forms.input id="server.user" label="User" required />
                     <x-forms.input type="number" id="server.port" label="Port" required />
