https://rancher.com/ logo
Join Slack
Powered by
This message was deleted.
# lima
a
This message was deleted.
f
idk, but why don't you define a shell alias or a small wrapper script?
h
this is basically what you can leverage ssh proxycommand for, in many cases, and then lets you supply additional flags, etc.
i was gonna write a script but figured i would give this a shot, since ive done it before for other tools, but can’t figure it out this time 😅
f
Put a fixed port into your 
lima.yaml
file and then copy the arguments for 
show-ssh
into your proxy command?
h
i don’t think the port is an issue
Copy code
sh -c "$(/opt/homebrew/bin/limactl show-ssh docker)"
works in my shell, but this doesn’t: `~/.ssh/config`:
Copy code
host docker
    ProxyCommand sh -c "$(/opt/homebrew/bin/limactl show-ssh %h)"
Copy code
ssh -v docker
Pseudo-terminal will not be allocated because stdin is not a terminal.
-bash: line 1: $'SSH-2.0-OpenSSH_8.6\r': command not found
f
That's why I suggested a wrapper. I have a 
bin/wrapper
directory at the very front of my 
PATH
that modifies existing commands. A trivial example is always adding 
--mmap
to the 
ag
command:
Copy code
#!/bin/bash
set - --mmap "$@"
exec $(type -a -P $(basename $BASH_SOURCE) | grep -v $BASH_SOURCE | head -1) "$@"
You could create a similar wrapper for 
ssh
, add some heuristics to determine the host name your are connecting to, and if it matches your lima VM name, modify 
$@
as necessary, or set additional environment variables or whatever.
Here is a 
kubectl
wrapper that adds AWS secrets to the environment when the kubeconfig includes 
aws
commands:
Copy code
$ cat kubectl
#!/bin/bash

kubeconfig="${KUBECONFIG}"
if [ -z "${kubeconfig}" ]; then
    kubeconfig=$HOME/.kube/config
fi
if [ -r "${kubeconfig}" ]; then
    if grep -q "command: aws" "${kubeconfig}"; then
        export AWS_ACCESS_KEY_ID=$(kc-env get AWS_ACCESS_KEY_SPLATFORM)
        export AWS_SECRET_ACCESS_KEY=$(kc-env get AWS_SECRET_KEY_SPLATFORM)
    fi
fi

exec $(type -a -p $(basename $BASH_SOURCE) | grep -v $BASH_SOURCE | head -1) "$@"
It is a bit crude, but works for me because I typically don't have AWS clusters defined locally, so only need to inject credentials occasionally.
And I just notice that Rancher Desktop has broken this wrapper by adding itself to the front of my 
PATH
. I should have used the "Manual" config option. 😄
Copy code
$ type -a -p kubectl
/Users/jan/.rd/bin/kubectl
/Users/jan/Dropbox/bin/wrapper/kubectl
/usr/local/bin/kubectl
h
i figured out what i needed
Copy code
host docker
    ProxyCommand sh -c "$(limactl show-ssh %h) nc 127.0.0.1 22"
total hack though since i think this tunnels it twice
f
Yeah, but if it works... 🤷
h
yet i still have issues with my terminfo 😡
ah nvm its sudo causing that issue
f
sudo
is the 
root
cause 😄
🥁 1
🤦 1
h
even simpler: Host docker
Copy code
Host docker
    ProxyCommand limactl shell %h nc 127.0.0.1 22
and automagic:
Copy code
# match lima VM names and use limactl to ssh to them
Match exec "limactl list -q | grep -q '%h'"
    ProxyCommand limactl shell %h nc 127.0.0.1 22
67 Views
Open in Slack
PreviousNext
Powered by