Add containers based testbed setup

hack/Containerfile

@@ -0,0 +1,15 @@
+FROM docker.io/linuxserver/openssh-server:latest
+# https://hub.docker.com/r/linuxserver/openssh-server/
+
+RUN apk add --no-cache bash python3 nginx iperf3
+
+# suppress linuxserver.io logo printing
+RUN  sed -i '1 a exec &>/dev/null' /etc/s6-overlay/s6-rc.d/init-adduser/run
+
+ENV PUID=1000
+ENV PGID=1000
+ENV PASSWORD_ACCESS=true
+ENV USER_NAME=test
+ENV USER_PASSWORD=test
+ENV LOG_STDOUT=true
+COPY ./setup.service /etc/services.d/setup.service/run

hack/compose.yml

@@ -0,0 +1,29 @@
+name: sshuttle-testbed
+
+services:
+  node-1:
+    image: ghcr.io/sshuttle/sshuttle-testbed
+    container_name: sshuttle-testbed-node-1
+    hostname: node-1
+    ports:
+      - 22001:2222
+    cap_add:
+      - "NET_ADMIN"
+    environment:
+      - IP_ADDRESSES=10.55.1.77/24
+  node-2:
+    image: ghcr.io/sshuttle/sshuttle-testbed
+    container_name: sshuttle-testbed-node-2
+    hostname: node-2
+    ports:
+      - 22002:2222
+    cap_add:
+      - "NET_ADMIN"
+    environment:
+      - IP_ADDRESSES=10.55.2.77/32
+
+networks:
+  default:
+    driver: bridge
+    enable_ipv6: true
+    internal: true

hack/exec-iperf

@@ -0,0 +1,15 @@
+#!/usr/bin/env bash
+set -e
+
+
+node=$1
+
+if [[ ! $node =~ [1-9]+ ]]; then
+    echo "node argument missing. should be '1' , '2' etc"
+    exit 2
+fi
+shift
+
+ip="10.55.$node.77"
+
+exec iperf3 --client "$ip"  --port 5001

hack/exec-sshuttle

@@ -0,0 +1,29 @@
+#!/usr/bin/env bash
+set -e
+
+node=$1
+
+if [[ ! $node =~ [1-9]+ ]]; then
+    echo "node argument missing. should be '1' , '2' etc"
+    exit 2
+fi
+shift
+
+port="2200$node"
+subnet_args="-N"
+host=localhost
+user="test:test"
+
+if ! command -v sshpass >/dev/null; then
+    echo "sshpass is not found. You have to manually enter ssh password: 'test'" >&2
+    user="test"
+fi
+ssh_cmd='ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null'
+
+if [[ "$*" =~ -v ]]; then
+    ssh_cmd+='-v'
+fi
+
+SSHUTTLE_BIN=${SSHUTTLE_BIN:-"$(dirname "$0")/../run"}
+set -x
+exec "${SSHUTTLE_BIN}" -r "$user@$host:$port" --ssh-cmd "$ssh_cmd" "$@" $subnet_args

hack/setup.service

@@ -0,0 +1,49 @@
+#!/usr/bin/with-contenv bash
+# shellcheck shell=bash
+
+set -e
+
+echo -e ">>> Setting up $(hostname) | id: $(id) | $(python --version) \nip: $(ip a)\n route: $(ip r)"
+
+iface="$(ip route | awk '/default/ { print $5 }')"
+default_gw="$(ip route | awk '/default/ { print $3 }')"
+for addr in ${IP_ADDRESSES//,/ }; do
+    echo ">>> Adding $addr to interface $iface"
+    net_addr=$(ipcalc -n "$addr" | awk -F= '{print $2}')
+    (
+        set -ex
+        ip addr add "$addr" dev "$iface"
+        ip route add "$net_addr" via "$default_gw" dev "$iface" # so that sshuttle -N can discover routes
+    )
+done
+
+echo ">>> Starting iperf3 server"
+iperf3 --server --port 5001 &
+
+mkdir -p /www
+echo -e "<h5>Hello from $(hostname)</h5>
+<pre>
+<u>ip address</u>
+$(ip address)
+<u>ip route</u>
+$(ip route)
+</pre>" >/www/index.html
+echo " 
+daemon off;
+worker_processes 1;
+error_log /dev/stdout info;
+events {
+    worker_connections 1024;
+}
+http {
+    include /etc/nginx/mime.types;
+    server {
+        access_log /dev/stdout;
+        listen 8080 default_server;
+        listen [::]:8080 default_server;
+        root /www;
+    }
+}" >/etc/nginx/nginx.conf
+
+echo ">>> Starting nginx"
+exec nginx

hack/test-bed-up

@@ -0,0 +1,9 @@
+#!/usr/bin/env bash
+set -e
+cd "$(dirname "$0")"
+
+# podman build -t ghcr.io/sshuttle/sshuttle-testbed .
+# podman-compose up
+
+docker build -t ghcr.io/sshuttle/sshuttle-testbed -f Containerfile .
+docker compose up