diff --git a/CLAUDE.md b/CLAUDE.md index 4ae10e1..65f7945 100644 --- a/CLAUDE.md +++ b/CLAUDE.md @@ -72,6 +72,18 @@ All repos hosted at `gitea.dooplex.hu/admin/`. Git credentials are stored (`git SSH key-based authentication is configured and working. No password prompts. +**IMPORTANT — SSH binary:** Claude Code runs in Git Bash, which has its own SSH at +`/usr/bin/ssh` (= `C:\Program Files\Git\usr\bin\ssh.exe`). This binary does NOT have +access to the Windows SSH agent and will fail silently (exit 0/141 with no output). +Always use the Windows native OpenSSH binary with the full path: + +``` +SSH=/c/Windows/System32/OpenSSH/ssh.exe +``` + +All SSH commands in this file use `$SSH` — set it at the start of your session or +substitute the full path manually. + | Host | IP | User | Role | |------|----|------|------| | Build server | 192.168.0.180 | kisfenyo | Build + push container images | @@ -105,15 +117,20 @@ The build server (192.168.0.180) has the build toolchain. The version tag should !! Important: use "kisfenyo" user for SSH, as written below -First, check the current running version: +First, set the SSH variable (required for every session — Git Bash's built-in ssh does NOT work): ```bash -ssh kisfenyo@192.168.0.162 "docker ps --filter name=felhom-controller --format '{{.Image}}'" +SSH=/c/Windows/System32/OpenSSH/ssh.exe +``` + +Check the current running version: +```bash +$SSH kisfenyo@192.168.0.162 "docker ps --filter name=felhom-controller --format '{{.Image}}'" ``` Then build with the next version (e.g., if current is 0.2.10, use 0.2.11): IMPORTANT!: Build directory is: ~/build/felhom-controller ```bash -ssh kisfenyo@192.168.0.180 "cd ~/build/felhom-controller && git -C ~/git/deploy-felhom-compose pull && ./build.sh --push" +$SSH kisfenyo@192.168.0.180 "cd ~/build/felhom-controller && git -C ~/git/deploy-felhom-compose pull && ./build.sh --push" ``` The build script: @@ -125,28 +142,29 @@ The build script: ### Step 3: Deploy on the demo node ```bash -ssh kisfenyo@192.168.0.162 "cd /opt/docker/felhom-controller && sudo docker pull gitea.dooplex.hu/admin/felhom-controller: && sudo sed -i 's|image: gitea.dooplex.hu/admin/felhom-controller:.*|image: gitea.dooplex.hu/admin/felhom-controller:|' docker-compose.yml && sudo docker compose up -d" +$SSH kisfenyo@192.168.0.162 "cd /opt/docker/felhom-controller && sudo docker pull gitea.dooplex.hu/admin/felhom-controller: && sudo sed -i 's|image: gitea.dooplex.hu/admin/felhom-controller:.*|image: gitea.dooplex.hu/admin/felhom-controller:|' docker-compose.yml && sudo docker compose up -d" ``` ### Step 4: Verify the deployment ```bash -ssh kisfenyo@192.168.0.162 "docker ps --filter name=felhom-controller --format '{{.Image}} {{.Status}}'" +$SSH kisfenyo@192.168.0.162 "docker ps --filter name=felhom-controller --format '{{.Image}} {{.Status}}'" ``` Should show the new version and "Up" status. Also check logs for startup errors: ```bash -ssh kisfenyo@192.168.0.162 "docker logs felhom-controller --tail 20" +$SSH kisfenyo@192.168.0.162 "docker logs felhom-controller --tail 20" ``` ### Build workflow summary | Step | Command | Where | |------|---------|-------| +| 0. Set SSH var | `SSH=/c/Windows/System32/OpenSSH/ssh.exe` | Local (once per session) | | 1. Commit + push | `git add -A && git commit -m "..." && git push` | Local (this repo) | -| 2. Build + push image | `ssh 192.168.0.180 "cd ~/build/felhom-controller... ./build.sh --push"` | Build server | -| 3. Deploy | `ssh 192.168.0.162 "... docker compose up -d"` | Demo node | -| 4. Verify | `ssh 192.168.0.162 "docker ps ..."` | Demo node | +| 2. Build + push image | `$SSH kisfenyo@192.168.0.180 "cd ~/build/felhom-controller... ./build.sh --push"` | Build server | +| 3. Deploy | `$SSH kisfenyo@192.168.0.162 "... docker compose up -d"` | Demo node | +| 4. Verify | `$SSH kisfenyo@192.168.0.162 "docker ps ..."` | Demo node | **IMPORTANT:** If you make changes to the app-catalog-felhom.eu repo, commit and push those too: ```bash diff --git a/docs/vscode-ssh-fix.md b/docs/vscode-ssh-fix.md new file mode 100644 index 0000000..74d901e --- /dev/null +++ b/docs/vscode-ssh-fix.md @@ -0,0 +1,142 @@ +# VSCode / Claude Code SSH Fix Guide + +## The Problem + +Claude Code runs inside VSCode's integrated terminal, which uses Git Bash on Windows. +Git Bash ships its own SSH binary at: + +``` +C:\Program Files\Git\usr\bin\ssh.exe +``` + +This binary resolves **before** Windows' native OpenSSH in the PATH: + +``` +$ which ssh +/usr/bin/ssh ← Git Bash SSH (BROKEN for our use) + +$ where ssh +C:\Program Files\Git\usr\bin\ssh.exe ← resolves first +C:\Windows\System32\OpenSSH\ssh.exe ← Windows native (WORKS) +``` + +Git Bash's SSH does **not** have access to the Windows SSH Agent (`ssh-agent` service). +This means SSH key authentication fails silently — commands return exit code 0 or 141 +with no output captured, making it extremely confusing to debug. + +Windows' native OpenSSH (`C:\Windows\System32\OpenSSH\ssh.exe`) connects to the +Windows SSH Agent service and has access to your stored keys. + +## Fix 1: VSCode Settings (Recommended — Permanent) + +Open VSCode Settings JSON (`Ctrl+Shift+P` → "Preferences: Open User Settings (JSON)") +and add `GIT_SSH` to the terminal environment: + +```json +{ + "terminal.integrated.env.windows": { + "GIT_SSH": "C:\\Windows\\System32\\OpenSSH\\ssh.exe" + } +} +``` + +This tells Git (and any tool that respects `GIT_SSH`) to use Windows' native OpenSSH. + +However, this only fixes `git` operations — direct `ssh` calls in the terminal still +resolve to Git Bash's binary. To fix that too, prepend Windows OpenSSH to the PATH: + +```json +{ + "terminal.integrated.env.windows": { + "GIT_SSH": "C:\\Windows\\System32\\OpenSSH\\ssh.exe", + "PATH": "C:\\Windows\\System32\\OpenSSH;${env:PATH}" + } +} +``` + +After changing this setting: +1. **Close all terminals** in VSCode (kill them, don't just hide) +2. **Reload the window** (`Ctrl+Shift+P` → "Developer: Reload Window") +3. Open a new terminal and verify: + ``` + which ssh + ``` + Should now show `/c/Windows/System32/OpenSSH/ssh` (or similar Windows path). + +## Fix 2: Per-Session Variable (Workaround) + +If you don't want to change VSCode settings, set this at the start of every +Claude Code session (or tell Claude to do it): + +```bash +SSH=/c/Windows/System32/OpenSSH/ssh.exe +``` + +Then use `$SSH` instead of `ssh` in all commands: + +```bash +$SSH kisfenyo@192.168.0.162 "docker ps" +``` + +This is what CLAUDE.md now documents for the build/deploy workflow. + +## Fix 3: Shell Profile (Alternative Permanent Fix) + +Add to your `~/.bashrc` or `~/.bash_profile` (Git Bash profile): + +```bash +# Prefer Windows native OpenSSH over Git Bash's bundled SSH +alias ssh='/c/Windows/System32/OpenSSH/ssh.exe' +alias ssh-add='/c/Windows/System32/OpenSSH/ssh-add.exe' +alias scp='/c/Windows/System32/OpenSSH/scp.exe' +``` + +This works for interactive shells but may not apply to all VSCode terminal contexts. + +## Verifying the Fix + +After applying any fix, test with: + +```bash +# Check which binary resolves +which ssh + +# Test actual connectivity +ssh kisfenyo@192.168.0.162 "echo OK" +``` + +Expected output for a working setup: +``` +OK +``` + +If you see no output, empty response, or exit code 141/255, the wrong SSH binary +is still being used. + +## Why This Happens + +- Windows SSH Agent (`ssh-agent` Windows service) stores SSH keys added via + `ssh-add` from PowerShell/CMD +- Git Bash's SSH uses its own agent protocol (Unix socket) which is separate from + the Windows service +- When VSCode spawns a Git Bash terminal, the PATH has Git's `/usr/bin` before + `C:\Windows\System32\OpenSSH`, so Git's SSH wins +- The Git Bash SSH binary can't talk to the Windows SSH Agent, so key-based auth + fails — but it fails silently (no error message, broken pipe on stdout) + +## Windows SSH Agent Setup (if keys aren't loaded) + +If SSH still fails after fixing the binary path, ensure the Windows SSH Agent +has your keys: + +1. Open **Services** (`Win+R` → `services.msc`) +2. Find **OpenSSH Authentication Agent** → set to **Automatic** → **Start** +3. In PowerShell (not Git Bash): + ```powershell + ssh-add C:\Users\User\.ssh\id_ed25519 + ``` +4. Verify: + ```powershell + ssh-add -l + ``` + Should list your key fingerprint.