[BUG] ssh tunnel seems killing itself because of concurrency #517
Description
Title
ssh tunnel seems killing itself because of concurrency
Platform
Web - Edge
Server Installation Method
Docker
Version
1.11.1
Troubleshooting
- I have examined logs and tried to find the issue
- I have reviewed opened and closed issues
- I have tried restarting the application
- I have read Known Issues (Known Issues (Read Before Posting) #296)
The Problem
Logs in docker:
[7:13:51 AM] [INFO] [📡] Tunnel creation request received [op:tunnel_create_request,user:TEST_USER,host:TEST_HOST_ID,tunnel:TUNNEL_CONFIG_XXX]
[7:13:51 AM] [INFO] [📡] Killing remote tunnel process [op:tunnel_remote_kill,user:TEST_USER,host:TEST_HOST_ID,tunnel:TUNNEL_CONFIG_XXX]
[7:13:51 AM] [INFO] [📡] Creating new SSH connection for tunnel [op:tunnel_connection_create,user:TEST_USER,host:TEST_HOST_ID,tunnel:TUNNEL_CONFIG_XXX]
[7:13:52 AM] [SUCCESS] [📡] Tunnel port binding successful [op:tunnel_port_bound,user:TEST_USER,host:TEST_HOST_ID,tunnel:TUNNEL_CONFIG_XXX]
[7:13:52 AM] [INFO] [📡] Remote tunnel process found, proceeding to kill [op:tunnel_remote_found,user:TEST_USER,host:TEST_HOST_ID,tunnel:TUNNEL_CONFIG_XXX]
[7:13:52 AM] [ERROR] [📡] SSH stderr for 'TUNNEL_CONFIG_XXX': write: Broken pipe
[7:13:56 AM] [SUCCESS] [📡] Remote tunnel process killed [op:tunnel_remote_killed,user:TEST_USER,host:TEST_HOST_ID,tunnel:TUNNEL_CONFIG_XXX]
[7:14:03 AM] [INFO] [📡] Killing remote tunnel process [op:tunnel_remote_kill,user:TEST_USER,host:TEST_HOST_ID,tunnel:TUNNEL_CONFIG_XXX]
[7:14:04 AM] [WARN] [📡] Remote tunnel process not found [op:tunnel_remote_not_found,user:TEST_USER,host:TEST_HOST_ID,tunnel:TUNNEL_CONFIG_XXX]
Status in web browser:
Maybe adding await cleanupTunnelResources(tunnelName, true) in connectSSHTunnel() would help.
How to Reproduce
- create a normal tunnel.
- in the source server, manually using ssh -R or -L would work as espected. Set ~/.ssh/config if ProxyCommand is needed to connect to endpoint server.
- using web client to setup tunnel would failed, showing logs above.
Additional Context
By the way, using SOCKS5 Proxy to connect ssh server works well when connect ssh via browser. However servers would keep at "offline" status (the red dot). Also Android termix apps in this case seems cannot connect to those ssh server using proxy. So in the context I use tun-proxy container to provide network for termix and everything works fine.
services:
# 1. The Transparent Proxy Sidecar
tun-proxy:
image: xjasonlyu/tun2socks:v2.6.0
container_name: termix-proxy
restart: unless-stopped
cap_add:
- NET_ADMIN
cap_drop:
- ALL
devices:
- '/dev/net/tun:/dev/net/tun'
# If SOCKS proxy requires auth, use: socks5://user:pass@host.docker.internal:PORT
environment:
- PROXY=socks5://host.docker.internal:<SOCKS5-proxy-port>
- LOGLEVEL=info
- MTU=1380
extra_hosts:
- "host.docker.internal:host-gateway"
ports:
# Port bindings MUST move to the sidecar container
- '127.0.0.1:<port-for-reverse-proxy>:8080'
networks:
termix_proxy_net: # Connect to our named bridge
# 2. Application Container
termix:
image: bugattiguy527/termix:latest
container_name: termix
restart: unless-stopped
# Attach this container directly to the proxy's network namespace
network_mode: "service:tun-proxy"
depends_on:
- tun-proxy
volumes:
- termix-data:/app/data
# Environment variables are kept for any internal tools that might still want them,
# but all raw TCP/UDP is now captured by the sidecar.
environment:
- PORT=8080
- HTTP_PROXY=
- http_proxy=
- HTTPS_PROXY=
- https_proxy=
volumes:
termix-data:
driver: local