Eric Bower
·
2025-12-12
ssh.go
1package pico
2
3import (
4 "context"
5 "os"
6 "os/signal"
7 "syscall"
8 "time"
9
10 "git.sr.ht/~rockorager/vaxis"
11 "github.com/picosh/pico/pkg/db/postgres"
12 "github.com/picosh/pico/pkg/pssh"
13 "github.com/picosh/pico/pkg/send/auth"
14 "github.com/picosh/pico/pkg/send/list"
15 "github.com/picosh/pico/pkg/send/pipe"
16 "github.com/picosh/pico/pkg/send/protocols/rsync"
17 "github.com/picosh/pico/pkg/send/protocols/scp"
18 "github.com/picosh/pico/pkg/send/protocols/sftp"
19 "github.com/picosh/pico/pkg/shared"
20 "github.com/picosh/pico/pkg/tui"
21 "github.com/picosh/utils"
22 "golang.org/x/crypto/ssh"
23)
24
25func createTui(shrd *tui.SharedModel) pssh.SSHServerMiddleware {
26 return func(next pssh.SSHServerHandler) pssh.SSHServerHandler {
27 return func(sesh *pssh.SSHServerConnSession) error {
28 vty, err := shared.NewVConsole(sesh)
29 if err != nil {
30 return err
31 }
32 opts := vaxis.Options{
33 WithConsole: vty,
34 }
35 return tui.NewTui(opts, shrd)
36 }
37 }
38}
39
40func StartSshServer() {
41 appName := "pico-ssh"
42
43 host := utils.GetEnv("PICO_HOST", "0.0.0.0")
44 port := utils.GetEnv("PICO_SSH_PORT", "2222")
45 promPort := utils.GetEnv("PICO_PROM_PORT", "9222")
46 cfg := NewConfigSite(appName)
47 logger := cfg.Logger
48
49 ctx, cancel := context.WithCancel(context.Background())
50 defer cancel()
51
52 dbpool := postgres.NewDB(cfg.DbURL, cfg.Logger)
53 defer func() {
54 _ = dbpool.Close()
55 }()
56
57 handler := NewUploadHandler(
58 dbpool,
59 cfg,
60 )
61
62 cliHandler := &CliHandler{
63 Logger: logger,
64 DBPool: dbpool,
65 }
66
67 sshAuth := shared.NewSshAuthHandler(dbpool, logger, "pico")
68
69 // Create a new SSH server
70 server, err := pssh.NewSSHServerWithConfig(
71 ctx,
72 logger,
73 appName,
74 host,
75 port,
76 promPort,
77 "ssh_data/term_info_ed25519",
78 func(conn ssh.ConnMetadata, key ssh.PublicKey) (*ssh.Permissions, error) {
79 perms, err := sshAuth.PubkeyAuthHandler(conn, key)
80 logger.Warn("pubkey auth handler", "err", err)
81 if perms == nil {
82 perms = &ssh.Permissions{
83 Extensions: map[string]string{
84 "pubkey": utils.KeyForKeyText(key),
85 },
86 }
87 }
88
89 return perms, nil
90 },
91 []pssh.SSHServerMiddleware{
92 pipe.Middleware(handler, ""),
93 list.Middleware(handler),
94 scp.Middleware(handler),
95 rsync.Middleware(handler),
96 auth.Middleware(handler),
97 func(next pssh.SSHServerHandler) pssh.SSHServerHandler {
98 return func(sesh *pssh.SSHServerConnSession) error {
99 shrd := &tui.SharedModel{
100 Session: sesh,
101 Cfg: cfg,
102 Dbpool: handler.DBPool,
103 Logger: pssh.GetLogger(sesh),
104 }
105 return pssh.PtyMdw(createTui(shrd), 200*time.Millisecond)(next)(sesh)
106 }
107 },
108 Middleware(cliHandler),
109 pssh.LogMiddleware(handler, dbpool),
110 },
111 []pssh.SSHServerMiddleware{
112 sftp.Middleware(handler),
113 pssh.LogMiddleware(handler, dbpool),
114 },
115 nil,
116 )
117
118 if err != nil {
119 logger.Error("failed to create ssh server", "err", err.Error())
120 os.Exit(1)
121 }
122
123 done := make(chan os.Signal, 1)
124 signal.Notify(done, os.Interrupt, syscall.SIGINT, syscall.SIGTERM)
125 logger.Info("Starting SSH server", "addr", server.Config.ListenAddr)
126 go func() {
127 if err = server.ListenAndServe(); err != nil {
128 logger.Error("serve", "err", err.Error())
129 os.Exit(1)
130 }
131 }()
132
133 exit := func() {
134 logger.Info("stopping ssh server")
135 cancel()
136 }
137
138 <-done
139 exit()
140}