.devcontainer/scripts/setup-ssh-to-windows.fish at main

aesthetic.computer / core
fork atom
Monorepo for Aesthetic.Computer aesthetic.computer
fork atom
core / .devcontainer / scripts / setup-ssh-to-windows.fish
at main 110 lines 5.1 kB view raw
wrap content
prompt.ac/@jeffrey feat: reconcile unreal plugin publishing and robo painting 4d ago
94ce4dda
  1#!/usr/bin/env fish
  2# Setup / verify SSH connection from this devcontainer to the Windows host
  3# (jeffrey's Windows 11 tower, computer name 'Aesthetic').
  4#
  5# This script is IDEMPOTENT and SAFE to re-run. The heavy lifting lives in
  6# entry.fish (the bridge container is ensured automatically on every container
  7# start). This script is for manual diagnostics, recovering after a broken
  8# state, or first-time setup on a new host.
  9#
 10# Topology:
 11#   devcontainer (172.17.0.2)
 12#     --> 172.17.0.1:2222 (socat container 'ac-ssh-bridge' on Fedora's Docker
 13#                          in --network=host mode)
 14#     --> 172.19.64.1:22  (WSL2 NAT gateway, from Fedora WSL distro's view)
 15#     --> Windows OpenSSH (binds 0.0.0.0:22, key authorized at
 16#                          C:\ProgramData\ssh\administrators_authorized_keys)
 17#
 18# For the full writeup see:
 19#   ~/.claude/projects/-workspaces-aesthetic-computer/memory/ssh_bridge_to_windows.md
 20
 21echo "🪟 Setup / verify SSH to Windows host"
 22echo ""
 23
 24# -----------------------------------------------------------------------------
 25# Step 1: Verify vault id_rsa is in place
 26# -----------------------------------------------------------------------------
 27if not test -f ~/.ssh/id_rsa
 28    echo "❌ ~/.ssh/id_rsa not found"
 29    echo "   Run devault.fish or let entry.fish restore it from the vault:"
 30    echo "   cd /workspaces/aesthetic-computer/aesthetic-computer-vault && fish devault.fish"
 31    exit 1
 32end
 33echo "✅ ~/.ssh/id_rsa present"
 34
 35# -----------------------------------------------------------------------------
 36# Step 2: Verify ~/.ssh/config has a 'Host aesthetic' (or 'windows-host') block
 37# -----------------------------------------------------------------------------
 38if not grep -qE '^Host .*(aesthetic|windows-host)' ~/.ssh/config 2>/dev/null
 39    echo "❌ No 'Host aesthetic' or 'Host windows-host' block in ~/.ssh/config"
 40    echo "   The vault's home/.ssh/config should contain it. Run devault.fish"
 41    echo "   to restore it, or add the block manually. Expected content:"
 42    echo ""
 43    echo "   Host aesthetic aesthetic-windows jeffrey-windows windows-host"
 44    echo "       HostName 172.17.0.1"
 45    echo "       Port 2222"
 46    echo "       User me"
 47    echo "       IdentityFile ~/.ssh/id_rsa"
 48    echo "       IdentitiesOnly yes"
 49    exit 1
 50end
 51echo "✅ ~/.ssh/config has Host block for aesthetic/windows-host"
 52
 53# -----------------------------------------------------------------------------
 54# Step 3: Verify / (re)start the socat bridge container on the Fedora host
 55# -----------------------------------------------------------------------------
 56if not test -S /var/run/docker.sock
 57    echo "❌ No /var/run/docker.sock — cannot manage the bridge from inside the devcontainer"
 58    echo "   The devcontainer needs the Docker socket mounted to start the bridge."
 59    exit 1
 60end
 61
 62set bridge_state (sudo -n docker inspect -f '{{.State.Running}}' ac-ssh-bridge 2>/dev/null)
 63if test "$bridge_state" = "true"
 64    echo "✅ ac-ssh-bridge container is running"
 65else
 66    echo "🔧 ac-ssh-bridge not running, starting it..."
 67
 68    # Detect the Windows host IP by running a helper in --network=host mode.
 69    # Its default route IS the Fedora host's default route, which in WSL2 NAT
 70    # mode points at the Windows host.
 71    set win_ip (sudo -n docker run --rm --network=host alpine sh -c 'ip route | awk "/default/ {print \$3}"' 2>/dev/null)
 72    if test -z "$win_ip"
 73        echo "❌ Could not detect Windows host IP via helper container"
 74        exit 1
 75    end
 76    echo "   Detected Windows host at $win_ip (from Fedora namespace)"
 77
 78    sudo -n docker rm -f ac-ssh-bridge >/dev/null 2>&1
 79    if sudo -n docker run -d --name ac-ssh-bridge --restart unless-stopped --network=host \
 80        alpine/socat "TCP-LISTEN:2222,fork,reuseaddr" "TCP:$win_ip:22" >/dev/null
 81        echo "✅ ac-ssh-bridge started (forwarding :2222 -> $win_ip:22)"
 82    else
 83        echo "❌ Failed to start ac-ssh-bridge container"
 84        exit 1
 85    end
 86end
 87
 88# -----------------------------------------------------------------------------
 89# Step 4: Test the end-to-end connection
 90# -----------------------------------------------------------------------------
 91echo ""
 92echo "🧪 Testing ssh aesthetic ..."
 93if ssh -o BatchMode=yes -o ConnectTimeout=5 aesthetic 'powershell -Command "$env:COMPUTERNAME"' 2>/dev/null
 94    echo "✅ SSH to Windows host works"
 95    echo ""
 96    echo "You can now run e.g.:"
 97    echo "  ssh aesthetic 'powershell -Command \"Get-Process\"'"
 98    echo "  scp -P 2222 myfile.txt me@172.17.0.1:'C:/Users/me/Desktop/'"
 99else
100    echo "❌ SSH to Windows host failed"
101    echo ""
102    echo "Debug checklist:"
103    echo "  1. Is Windows OpenSSH running?  ssh aesthetic -v  (look at handshake)"
104    echo "  2. Is the key installed on Windows?"
105    echo "     C:\\ProgramData\\ssh\\administrators_authorized_keys should contain ~/.ssh/id_rsa.pub"
106    echo "  3. Is Windows Firewall blocking? Set-NetFirewallRule -DisplayName 'OpenSSH SSH Server (sshd)' -Profile Any"
107    echo "  4. Is the bridge forwarding the right IP?"
108    echo "     sudo docker logs ac-ssh-bridge"
109    exit 1
110end