admin/deploy-felhom-compose
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

updated SSH executable details

Browse Source
This commit is contained in:
authentik Default Admin
2026-02-18 08:36:12 +01:00
parent c789a00b2d
commit 1a5e96e998
2 changed files with 169 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files
CLAUDE.md
+27 -9
View File
@@ -72,6 +72,18 @@ All repos hosted at `gitea.dooplex.hu/admin/`. Git credentials are stored (`git
SSH key-based authentication is configured and working. No password prompts. SSH key-based authentication is configured and working. No password prompts.
**IMPORTANT — SSH binary:** Claude Code runs in Git Bash, which has its own SSH at
`/usr/bin/ssh` (= `C:\Program Files\Git\usr\bin\ssh.exe`). This binary does NOT have
access to the Windows SSH agent and will fail silently (exit 0/141 with no output).
Always use the Windows native OpenSSH binary with the full path:
```
SSH=/c/Windows/System32/OpenSSH/ssh.exe
```
All SSH commands in this file use `$SSH` — set it at the start of your session or
substitute the full path manually.
| Host | IP | User | Role | | Host | IP | User | Role |
|------|----|------|------| |------|----|------|------|
| Build server | 192.168.0.180 | kisfenyo | Build + push container images | | Build server | 192.168.0.180 | kisfenyo | Build + push container images |
@@ -105,15 +117,20 @@ The build server (192.168.0.180) has the build toolchain. The version tag should
!! Important: use "kisfenyo" user for SSH, as written below !! Important: use "kisfenyo" user for SSH, as written below
First, check the current running version: First, set the SSH variable (required for every session — Git Bash's built-in ssh does NOT work):
```bash ```bash
ssh kisfenyo@192.168.0.162 "docker ps --filter name=felhom-controller --format '{{.Image}}'" SSH=/c/Windows/System32/OpenSSH/ssh.exe
```
Check the current running version:
```bash
$SSH kisfenyo@192.168.0.162 "docker ps --filter name=felhom-controller --format '{{.Image}}'"
``` ```
Then build with the next version (e.g., if current is 0.2.10, use 0.2.11): Then build with the next version (e.g., if current is 0.2.10, use 0.2.11):
IMPORTANT!: Build directory is: ~/build/felhom-controller IMPORTANT!: Build directory is: ~/build/felhom-controller
```bash ```bash
ssh kisfenyo@192.168.0.180 "cd ~/build/felhom-controller && git -C ~/git/deploy-felhom-compose pull && ./build.sh <NEW_VERSION> --push" $SSH kisfenyo@192.168.0.180 "cd ~/build/felhom-controller && git -C ~/git/deploy-felhom-compose pull && ./build.sh <NEW_VERSION> --push"
``` ```
The build script: The build script:
@@ -125,28 +142,29 @@ The build script:
### Step 3: Deploy on the demo node ### Step 3: Deploy on the demo node
```bash ```bash
ssh kisfenyo@192.168.0.162 "cd /opt/docker/felhom-controller && sudo docker pull gitea.dooplex.hu/admin/felhom-controller:<NEW_VERSION> && sudo sed -i 's|image: gitea.dooplex.hu/admin/felhom-controller:.*|image: gitea.dooplex.hu/admin/felhom-controller:<NEW_VERSION>|' docker-compose.yml && sudo docker compose up -d" $SSH kisfenyo@192.168.0.162 "cd /opt/docker/felhom-controller && sudo docker pull gitea.dooplex.hu/admin/felhom-controller:<NEW_VERSION> && sudo sed -i 's|image: gitea.dooplex.hu/admin/felhom-controller:.*|image: gitea.dooplex.hu/admin/felhom-controller:<NEW_VERSION>|' docker-compose.yml && sudo docker compose up -d"
``` ```
### Step 4: Verify the deployment ### Step 4: Verify the deployment
```bash ```bash
ssh kisfenyo@192.168.0.162 "docker ps --filter name=felhom-controller --format '{{.Image}} {{.Status}}'" $SSH kisfenyo@192.168.0.162 "docker ps --filter name=felhom-controller --format '{{.Image}} {{.Status}}'"
``` ```
Should show the new version and "Up" status. Also check logs for startup errors: Should show the new version and "Up" status. Also check logs for startup errors:
```bash ```bash
ssh kisfenyo@192.168.0.162 "docker logs felhom-controller --tail 20" $SSH kisfenyo@192.168.0.162 "docker logs felhom-controller --tail 20"
``` ```
### Build workflow summary ### Build workflow summary
| Step | Command | Where | | Step | Command | Where |
|------|---------|-------| |------|---------|-------|
| 0. Set SSH var | `SSH=/c/Windows/System32/OpenSSH/ssh.exe` | Local (once per session) |
| 1. Commit + push | `git add -A && git commit -m "..." && git push` | Local (this repo) | | 1. Commit + push | `git add -A && git commit -m "..." && git push` | Local (this repo) |
| 2. Build + push image | `ssh 192.168.0.180 "cd ~/build/felhom-controller... ./build.sh <VER> --push"` | Build server | | 2. Build + push image | `$SSH kisfenyo@192.168.0.180 "cd ~/build/felhom-controller... ./build.sh <VER> --push"` | Build server |
| 3. Deploy | `ssh 192.168.0.162 "... docker compose up -d"` | Demo node | | 3. Deploy | `$SSH kisfenyo@192.168.0.162 "... docker compose up -d"` | Demo node |
| 4. Verify | `ssh 192.168.0.162 "docker ps ..."` | Demo node | | 4. Verify | `$SSH kisfenyo@192.168.0.162 "docker ps ..."` | Demo node |
**IMPORTANT:** If you make changes to the app-catalog-felhom.eu repo, commit and push those too: **IMPORTANT:** If you make changes to the app-catalog-felhom.eu repo, commit and push those too:
```bash ```bash
docs/vscode-ssh-fix.md
+142
View File
@@ -0,0 +1,142 @@
# VSCode / Claude Code SSH Fix Guide
## The Problem
Claude Code runs inside VSCode's integrated terminal, which uses Git Bash on Windows.
Git Bash ships its own SSH binary at:
```
C:\Program Files\Git\usr\bin\ssh.exe
```
This binary resolves **before** Windows' native OpenSSH in the PATH:
```
$ which ssh
/usr/bin/ssh ← Git Bash SSH (BROKEN for our use)
$ where ssh
C:\Program Files\Git\usr\bin\ssh.exe ← resolves first
C:\Windows\System32\OpenSSH\ssh.exe ← Windows native (WORKS)
```
Git Bash's SSH does **not** have access to the Windows SSH Agent (`ssh-agent` service).
This means SSH key authentication fails silently — commands return exit code 0 or 141
with no output captured, making it extremely confusing to debug.
Windows' native OpenSSH (`C:\Windows\System32\OpenSSH\ssh.exe`) connects to the
Windows SSH Agent service and has access to your stored keys.
## Fix 1: VSCode Settings (Recommended — Permanent)
Open VSCode Settings JSON (`Ctrl+Shift+P` → "Preferences: Open User Settings (JSON)")
and add `GIT_SSH` to the terminal environment:
```json
{
"terminal.integrated.env.windows": {
"GIT_SSH": "C:\\Windows\\System32\\OpenSSH\\ssh.exe"
}
}
```
This tells Git (and any tool that respects `GIT_SSH`) to use Windows' native OpenSSH.
However, this only fixes `git` operations — direct `ssh` calls in the terminal still
resolve to Git Bash's binary. To fix that too, prepend Windows OpenSSH to the PATH:
```json
{
"terminal.integrated.env.windows": {
"GIT_SSH": "C:\\Windows\\System32\\OpenSSH\\ssh.exe",
"PATH": "C:\\Windows\\System32\\OpenSSH;${env:PATH}"
}
}
```
After changing this setting:
1. **Close all terminals** in VSCode (kill them, don't just hide)
2. **Reload the window** (`Ctrl+Shift+P` → "Developer: Reload Window")
3. Open a new terminal and verify:
```
which ssh
```
Should now show `/c/Windows/System32/OpenSSH/ssh` (or similar Windows path).
## Fix 2: Per-Session Variable (Workaround)
If you don't want to change VSCode settings, set this at the start of every
Claude Code session (or tell Claude to do it):
```bash
SSH=/c/Windows/System32/OpenSSH/ssh.exe
```
Then use `$SSH` instead of `ssh` in all commands:
```bash
$SSH kisfenyo@192.168.0.162 "docker ps"
```
This is what CLAUDE.md now documents for the build/deploy workflow.
## Fix 3: Shell Profile (Alternative Permanent Fix)
Add to your `~/.bashrc` or `~/.bash_profile` (Git Bash profile):
```bash
# Prefer Windows native OpenSSH over Git Bash's bundled SSH
alias ssh='/c/Windows/System32/OpenSSH/ssh.exe'
alias ssh-add='/c/Windows/System32/OpenSSH/ssh-add.exe'
alias scp='/c/Windows/System32/OpenSSH/scp.exe'
```
This works for interactive shells but may not apply to all VSCode terminal contexts.
## Verifying the Fix
After applying any fix, test with:
```bash
# Check which binary resolves
which ssh
# Test actual connectivity
ssh kisfenyo@192.168.0.162 "echo OK"
```
Expected output for a working setup:
```
OK
```
If you see no output, empty response, or exit code 141/255, the wrong SSH binary
is still being used.
## Why This Happens
- Windows SSH Agent (`ssh-agent` Windows service) stores SSH keys added via
`ssh-add` from PowerShell/CMD
- Git Bash's SSH uses its own agent protocol (Unix socket) which is separate from
the Windows service
- When VSCode spawns a Git Bash terminal, the PATH has Git's `/usr/bin` before
`C:\Windows\System32\OpenSSH`, so Git's SSH wins
- The Git Bash SSH binary can't talk to the Windows SSH Agent, so key-based auth
fails — but it fails silently (no error message, broken pipe on stdout)
## Windows SSH Agent Setup (if keys aren't loaded)
If SSH still fails after fixing the binary path, ensure the Windows SSH Agent
has your keys:
1. Open **Services** (`Win+R` → `services.msc`)
2. Find **OpenSSH Authentication Agent** → set to **Automatic** → **Start**
3. In PowerShell (not Git Bash):
```powershell
ssh-add C:\Users\User\.ssh\id_ed25519
```
4. Verify:
```powershell
ssh-add -l
```
Should list your key fingerprint.