Hacker News new | ask | show | jobs
by ataylor32 1973 days ago
Can you elaborate on this?:

> I do all of my development remotely via ssh and local forwards

I do a little with SSH tunnels, but not much. Do you mean you have it set up so that on your Mac you can go to localhost:8080 (or whatever) in your browser and it will actually go to the remote machine?
2 comments
tbrock 1973 days ago
Yes, just set up a localforward in your .ssh/config like this:

    Host dev
        HostName <ip_of_dev_box>
        User <my_username>
        ForwardAgent yes
        AddKeysToAgent yes
        IdentityFile ~/.ssh/id_m1_air
        LocalForward 8443 localhost:8443
        LocalForward 8080 localhost:8080
        LocalForward 8065 localhost:8065
        LocalForward 3000 localhost:3000
        ...
Those line's effectively mean forward my local port 8443 to the remote host's 8443. The local port + remote port (and even the remote host) don't need to be the same.

Since it’s forwarding a TCP port your aren’t limited to forwarding just the web traffic either. I forward:

    - Database ports (run mysql or psql locally for example)
    - Docker socket
    - Backend api ports
    - Redis port
    - Webserver port
And more...

Then you just use local clients as if those things were all running on your local machine

link
tga 1973 days ago
Just one more step missing for a fully remote docker setup: have you ever tried combining this with a sshfs mount so you can also develop an app running in a remote container?
link
jokethrowaway 1973 days ago
Visual Studio has [this](https://code.visualstudio.com/docs/remote/ssh) which is quite painless to use
link
tbrock 1973 days ago
Maybe I'll try that
link
ataylor32 1973 days ago
Thanks! This sounds like a great setup.
link
beagle3 1973 days ago
It’s worth reading a bit about sshuttle. It basically leverages ssh into a simple one way VPN as far as ergonomics and user experience go (but the underlying implementation is closer to opening LocalForward connections on demand).

Highly recommended.

link
crgwbr 1971 days ago
Almost as easy: just setup a point to point WireGuard tunnel. I used sshuttle for remote Docker dev for a while, but found that WireGuard way outperforms it.
link
beagle3 1971 days ago
sshuttle is definitely no efficiency daemon - however, it only requires being able to ssh to the other side, amd run Python there, and that’s it - whereas for Wireguard you need root on the other side, a sufficiently new kernel (or building an out of kernel module) - it’s way better if you can use it but IME it isn’t “almost as easy” - sshuttle usually just works if you can ssh.
link