ssh tunnel WIP

packages/api/src/proc/serverConnectionProcess.js

@@ -166,7 +166,9 @@ function start() {
     if (time - lastPing > 40 * 1000) {
       logger.info('Server connection not alive, exiting');
       const driver = requireEngineDriver(storedConnection);
-      await driver.close(dbhan);
+      if (dbhan) {
+        await driver.close(dbhan);
+      }
       process.exit(0);
     }
   }, 10 * 1000);

packages/api/src/proc/sshForwardProcess.js

@@ -7,7 +7,7 @@ const { getLogger, extractErrorLogData, extractErrorMessage } = require('dbgate-
 
 const logger = getLogger('sshProcess');
 
-async function getSshConnection(connection) {
+async function getSshConnection(connection, tunnelConfig) {
   const sshConfig = {
     endHost: connection.sshHost || '',
     endPort: connection.sshPort || 22,
@@ -23,6 +23,7 @@ async function getSshConnection(connection) {
         : undefined,
     skipAutoPrivateKey: true,
     noReadline: true,
+    bindHost: tunnelConfig.fromHost,
   };
 
   const sshConn = new SSHConnection(sshConfig);
@@ -31,7 +32,7 @@ async function getSshConnection(connection) {
 
 async function handleStart({ connection, tunnelConfig }) {
   try {
-    const sshConn = await getSshConnection(connection);
+    const sshConn = await getSshConnection(connection, tunnelConfig);
     await sshConn.forward(tunnelConfig);
 
     process.send({

packages/api/src/utility/SSHConnection.js

@@ -130,7 +130,7 @@ class SSHConnection {
     const connectionToBastion = await this.connect(bastionHost);
     return new Promise((resolve, reject) => {
       connectionToBastion.forwardOut(
-        '127.0.0.1',
+        this.options.bindHost,
         22,
         this.options.endHost,
         this.options.endPort || 22,
@@ -228,9 +228,9 @@ class SSHConnection {
             options.toPort
           );
           connection.forwardOut(
-            '127.0.0.1',
+            this.options.bindHost,
             options.fromPort,
-            options.toHost || '127.0.0.1',
+            options.toHost || this.options.bindHost,
             options.toPort,
             (error, stream) => {
               if (error) {
@@ -241,7 +241,7 @@ class SSHConnection {
             }
           );
         })
-        .listen(options.fromPort, '127.0.0.1', () => {
+        .listen(options.fromPort, this.options.bindHost, () => {
           return resolve();
         });
     });

packages/api/src/utility/connectUtility.js

@@ -63,7 +63,7 @@ async function connectUtility(driver, storedConnection, connectionMode, addition
       throw new Error(tunnel.message);
     }
 
-    connection.server = 'localhost';
+    connection.server = tunnel.localHost;
     connection.port = tunnel.localPort;
   }
 

packages/api/src/utility/sshTunnel.js

@@ -61,15 +61,20 @@ function callForwardProcess(connection, tunnelConfig, tunnelCacheKey) {
 }
 
 async function getSshTunnel(connection) {
+  const config = require('../controllers/config');
+
   const tunnelCacheKey = stableStringify(_.pick(connection, TUNNEL_FIELDS));
+  const globalSettings = await config.getSettings();
 
   return await lock.acquire(tunnelCacheKey, async () => {
     if (sshTunnelCache[tunnelCacheKey]) return sshTunnelCache[tunnelCacheKey];
     const localPort = await portfinder.getPortPromise({ port: 10000, stopPort: 60000 });
+    const localHost = globalSettings?.['connection.sshBindHost'] || '127.0.0.1';
     // workaround for `getPortPromise` not releasing the port quickly enough
     await new Promise(resolve => setTimeout(resolve, 500));
     const tunnelConfig = {
       fromPort: localPort,
+      fromHost: localHost,
       toPort: connection.port,
       toHost: connection.server,
     };
@@ -87,6 +92,7 @@ async function getSshTunnel(connection) {
       sshTunnelCache[tunnelCacheKey] = {
         state: 'ok',
         localPort,
+        localHost,
         subprocess,
       };
       return sshTunnelCache[tunnelCacheKey];