Merge pull request #317 from balena-io/ab77/patch

SSH reliability settings
2025-02-21 02:01:28 +00:00 · 2024-08-19 18:21:12 +00:00 · 2024-08-19 18:21:12 +00:00 · 366249a439
commit 366249a439
parent 24d2b2c646 539adade50
1 changed files with 22 additions and 0 deletions
--- a/.github/workflows/tests.yml
+++ b/.github/workflows/tests.yml
@ -798,6 +798,14 @@ jobs:
                && rm -f "\${tmphosts}" \
                && getent hosts api.${{ matrix.subdomain }}.${{ matrix.dns_tld }} | grep 127.0.1.1

+              sshd -T
+              service ssh restart
+
+          # https://forums.docker.com/t/docker-compose-through-ssh-failing-and-referring-to-docker-example-com/115165/18
+          - path: /etc/ssh/sshd_config.d/00-cloud-init
+            content: |
+              MaxStartups 100:0:100
+
        # cloud-init runs as root
        # (e.g.) https://cloudinit.readthedocs.io/en/latest/reference/merging.html#example-cloud-config
        runcmd:
@ -839,6 +847,10 @@ jobs:
        aws ec2 wait instance-running --instance-ids "${instance_id}"
        with_backoff aws ec2 wait instance-status-ok --instance-ids "${instance_id}"

+        private_ip="$(aws ec2 describe-instances --instance-id "${instance_id}" \
+          | jq -r .Reservations[].Instances[].PrivateIpAddress)"
+        echo "private_ip=${private_ip}" >>"${GITHUB_OUTPUT}"
+
      env:
        ATTEMPTS: 2
        AWS_DEFAULT_REGION: ${{ vars.AWS_REGION || 'us-east-1' }}
@ -876,10 +888,20 @@ jobs:
        trap 'log_output' EXIT

        # https://docs.aws.amazon.com/systems-manager/latest/userguide/session-manager-getting-started-enable-ssh-connections.html
+        mkdir -p "${HOME}/.ssh/controlmasters"
        cat << EOF > "${HOME}/.ssh/config"
+        host *
+            StrictHostKeyChecking no
+            UserKnownHostsFile /dev/null
+
        host i-*
            StrictHostKeyChecking no
            UserKnownHostsFile /dev/null
+            TCPKeepAlive yes
+            ServerAliveInterval 5
+            ControlPath "${HOME}/.ssh/controlmasters/%r@%h:%p"
+            ControlMaster auto
+            ControlPersist 5m
            ProxyCommand sh -c "aws ssm start-session --target %h --document-name AWS-StartSSHSession --parameters 'portNumber=%p'"
        EOF