jorhett
November 20, 2020, 12:08am
1
If I want to open a port and connect to it using a random program, it’s clear from the help text that I can do this:
boundary connect -target-name=foo_target -exec foo -- -fooarg1 --fooarg2
But what is missing here is where foo should connect too. Obviously, localhost – but which port? Seems I can do this:
boundary connect -target-name=foo_target -exec foo -listen-port=8000 -- localhost:8000 -fooarg1 --fooarg2
… but this requires local management of which port is in use. It would be really great if we could get the randomly assigned port interpolated into the args, perhaps like this?
boundary connect -target-name=foo_target -exec foo -- localhost:%target-port% --fooarg1
malnick
November 20, 2020, 12:21am
2
Thanks for trying Boundary @jorhett !
There’s built-in templating when passing arguments to the wrapped exec command. The two variables available are {{boundary.ip}} and {{boundary.port}}.
Example:
boundary connect -exec nc -- {{boundary.ip}} {{boundary.port}}`
Is equivalent to:
nc 127.0.0.1 33456
Let me know if this makes sense! Thanks.
jorhett
November 20, 2020, 5:07pm
3
Awesome! I tested and confirmed this makes for a clean SSH configuration then.
Host foo
HostName foo.example.com
ProxyCommand boundary connect --target-name foo -exec nc -- {{boundary.ip}} {{boundary.port}}
Much nicer than the shell script I was using
#!/usr/bin/env bash
coproc BC { boundary connect -target-name=$1 -format=json; }
read -u ${BC[0]} JSON
nc localhost $(echo $JSON |jq .port)
…although late yesterday I realized that I could just do this in the shell script:
nc localhost ${BOUNDARY_PROXIED_PORT}
Both this environment variable and those interpolation methods should be documented
malnick
November 20, 2020, 5:25pm
4
Right on. If you’re doing ProxyCommand stuff, this might also interest you: https://github.com/hashicorp/boundary/pull/796
