spacelatte · May 18, 2021 17:23
diff --git a/docker-ssh-overlay-port-forward.mk b/docker-ssh-overlay-port-forward.mk
 #!/usr/bin/env make -f
 # ---
 # USAGE:
 # make -f {this_file} port-fwd/host.ssh/container_ip:container_port PORT_NETWORK=attachable-overlay-net
 # FLOW:
 # Fact: Creates SSH tunnel, docker port-binding and socat TCP proxy to gain access on a non-published port on a container which is inside an overlay network.
 # Uses SSH forwarding to have: `localhost:$PORT_LOCAL -> ssh.host:$PORT_INTERMEDIATE_HOST`
 # Uses Docker port binding to have: `ssh.host:$PORT_INTERMEDIATE_HOST -> container:$PORT_INTERMEDIATE_PROXY`
 # Uses Socat TCP proxy to have: `container:$PORT_INTERMEDIATE_PROXY -> target_ip:target_port`
 # The `target_ip:target_port` is the 3rd path element.
 # Example: `port-fwd/ssh.example.com/10.0.0.2:8000`
 #                    ^        ^        ^
 #                    |        |        port of the innermost container (target)
 #                    |        ip of the innermost container. Does not have to be at the same host, since connection goes through the overlay network
 #                    swarm cluster member, using a master/manager node would be wise.
 # QUIRK: You must specify correct network. It must be the same network as target container. 

 PORT_NETWORK            := ingress
 PORT_LOCAL              := $(shell echo $$(( RANDOM % 10000 + 10000 ));)
 PORT_INTERMEDIATE_HOST  := $(shell echo $$(( RANDOM % 16384 + 32768 ));)
 PORT_INTERMEDIATE_PROXY := $(shell echo $$(( RANDOM %  9000 +  1000 ));)
 port-fwd/%:
 	@echo "Opening localhost:$(PORT_LOCAL)"
 	@ssh -tL $(PORT_LOCAL):0:$(PORT_INTERMEDIATE_HOST) ssh://$(dir $*) -- \
 		docker run \
 			--rm=true  \
 			--net=$(PORT_NETWORK) \
 			--name=portfwd-$(USER)-$(PORT_LOCAL)--$(PORT_INTERMEDIATE_HOST)-$(PORT_INTERMEDIATE_PROXY)--$(subst :,-,$(notdir $*)) \
 			-p $(PORT_INTERMEDIATE_HOST):$(PORT_INTERMEDIATE_PROXY)/tcp \
 			-it alpine/socat \
 				-d TCP-L:$(PORT_INTERMEDIATE_PROXY),fork TCP:$(notdir $*)
	#!/usr/bin/env make -f
	# ---
	# USAGE:
	# make -f {this_file} port-fwd/host.ssh/container_ip:container_port PORT_NETWORK=attachable-overlay-net
	# FLOW:
	# Fact: Creates SSH tunnel, docker port-binding and socat TCP proxy to gain access on a non-published port on a container which is inside an overlay network.
	# Uses SSH forwarding to have: `localhost:$PORT_LOCAL -> ssh.host:$PORT_INTERMEDIATE_HOST`
	# Uses Docker port binding to have: `ssh.host:$PORT_INTERMEDIATE_HOST -> container:$PORT_INTERMEDIATE_PROXY`
	# Uses Socat TCP proxy to have: `container:$PORT_INTERMEDIATE_PROXY -> target_ip:target_port`
	# The `target_ip:target_port` is the 3rd path element.
	# Example: `port-fwd/ssh.example.com/10.0.0.2:8000`
	# ^ ^ ^
	# \| \| port of the innermost container (target)
	# \| ip of the innermost container. Does not have to be at the same host, since connection goes through the overlay network
	# swarm cluster member, using a master/manager node would be wise.
	# QUIRK: You must specify correct network. It must be the same network as target container.

	PORT_NETWORK := ingress
	PORT_LOCAL := $(shell echo $$(( RANDOM % 10000 + 10000 ));)
	PORT_INTERMEDIATE_HOST := $(shell echo $$(( RANDOM % 16384 + 32768 ));)
	PORT_INTERMEDIATE_PROXY := $(shell echo $$(( RANDOM % 9000 + 1000 ));)
	port-fwd/%:
	@echo "Opening localhost:$(PORT_LOCAL)"
	@ssh -tL $(PORT_LOCAL):0:$(PORT_INTERMEDIATE_HOST) ssh://$(dir $*) -- \
	docker run \
	--rm=true \
	--net=$(PORT_NETWORK) \
	--name=portfwd-$(USER)-$(PORT_LOCAL)--$(PORT_INTERMEDIATE_HOST)-$(PORT_INTERMEDIATE_PROXY)--$(subst :,-,$(notdir $*)) \
	-p $(PORT_INTERMEDIATE_HOST):$(PORT_INTERMEDIATE_PROXY)/tcp \
	-it alpine/socat \
	-d TCP-L:$(PORT_INTERMEDIATE_PROXY),fork TCP:$(notdir $*)