coder
diff --git a/‎.github/workflows/coder.yaml
Lines changed: 1 addition & 23 deletions b/‎.github/workflows/coder.yaml
Lines changed: 1 addition & 23 deletions
diff --git a/‎.gitignore
Lines changed: 2 additions & 0 deletions b/‎.gitignore
Lines changed: 2 additions & 0 deletions
diff --git a/‎Makefile
Lines changed: 12 additions & 6 deletions b/‎Makefile
Lines changed: 12 additions & 6 deletions
diff --git a/‎agent/agent.go
Lines changed: 1 addition & 0 deletions b/‎agent/agent.go
Lines changed: 1 addition & 0 deletions
diff --git a/‎agent/agent_test.go
Lines changed: 15 additions & 0 deletions b/‎agent/agent_test.go
Lines changed: 15 additions & 0 deletions
diff --git a/‎agent/wireguard.go
Lines changed: 34 additions & 0 deletions b/‎agent/wireguard.go
Lines changed: 34 additions & 0 deletions
diff --git a/‎cli/configssh.go
Lines changed: 9 additions & 2 deletions b/‎cli/configssh.go
Lines changed: 9 additions & 2 deletions
@@ -267,30 +267,8 @@ jobs:
           terraform_version: 1.1.9
           terraform_wrapper: false
 
-      - name: Start PostgreSQL Database
-        env:
-          POSTGRES_PASSWORD: postgres
-          POSTGRES_USER: postgres
-          POSTGRES_DB: postgres
-          PGDATA: /tmp
-        run: |
-          docker run \
-            -e POSTGRES_PASSWORD=postgres \
-            -e POSTGRES_USER=postgres \
-            -e POSTGRES_DB=postgres \
-            -e PGDATA=/tmp \
-            -p 5432:5432 \
-            -d postgres:11 \
-            -c shared_buffers=1GB \
-            -c max_connections=1000
-          while ! pg_isready -h 127.0.0.1
-          do
-              echo "$(date) - waiting for database to start"
-              sleep 0.5
-          done
-
       - name: Test with PostgreSQL Database
-        run: "make test-postgres"
+        run: make test-postgres
 
       - name: Upload DataDog Trace
         if: always() && github.actor != 'dependabot[bot]' && !github.event.pull_request.head.repo.fork
 
@@ -13,6 +13,8 @@ node_modules
 vendor
 .eslintcache
 yarn-error.log
+gotests.xml
+gotests.coverage
 .idea
 .DS_Store
 
 
@@ -171,14 +171,15 @@ test: test-clean
 	gotestsum -- -v -short ./...
 .PHONY: test
 
-test-postgres: test-clean
-	DB=ci gotestsum --junitfile="gotests.xml" --packages="./..." -- \
-          -covermode=atomic -coverprofile="gotests.coverage" -timeout=30m \
-          -coverpkg=./...,github.com/coder/coder/codersdk \
-          -count=1 -race -failfast
+test-postgres: test-clean test-postgres-docker
+	DB_FROM=$(shell go run scripts/migrate-ci/main.go) gotestsum --junitfile="gotests.xml" --packages="./..." -- \
+		-covermode=atomic -coverprofile="gotests.coverage" -timeout=30m \
+		-coverpkg=./...,github.com/coder/coder/codersdk \
+		-count=2 -race -failfast
 .PHONY: test-postgres
 
 test-postgres-docker:
+	docker rm -f test-postgres-docker || true
 	docker run \
 		--env POSTGRES_PASSWORD=postgres \
 		--env POSTGRES_USER=postgres \
@@ -189,12 +190,17 @@ test-postgres-docker:
 		--name test-postgres-docker \
 		--restart no \
 		--detach \
-		postgres:11 \
+		postgres:13 \
 		-c shared_buffers=1GB \
 		-c max_connections=1000 \
 		-c fsync=off \
 		-c synchronous_commit=off \
 		-c full_page_writes=off
+	while ! pg_isready -h 127.0.0.1
+	do
+		echo "$(date) - waiting for database to start"
+		sleep 0.5
+	done
 .PHONY: test-postgres-docker
 
 test-clean:
 
@@ -467,6 +467,7 @@ func (a *agent) handleSSHSession(session ssh.Session) error {
 	}
 	go func() {
 		_, _ = io.Copy(stdinPipe, session)
+		_ = stdinPipe.Close()
 	}()
 	err = cmd.Start()
 	if err != nil {
 
@@ -16,6 +16,7 @@ import (
 	"testing"
 	"time"
 
+	scp "github.com/bramvdbogaerde/go-scp"
 	"github.com/google/uuid"
 	"github.com/pion/udp"
 	"github.com/pion/webrtc/v3"
@@ -149,6 +150,20 @@ func TestAgent(t *testing.T) {
 		require.NoError(t, err)
 	})
 
+	t.Run("SCP", func(t *testing.T) {
+		t.Parallel()
+		sshClient, err := setupAgent(t, agent.Metadata{}, 0).SSHClient()
+		require.NoError(t, err)
+		scpClient, err := scp.NewClientBySSH(sshClient)
+		require.NoError(t, err)
+		tempFile := filepath.Join(t.TempDir(), "scp")
+		content := "hello world"
+		err = scpClient.CopyFile(context.Background(), strings.NewReader(content), tempFile, "0755")
+		require.NoError(t, err)
+		_, err = os.Stat(tempFile)
+		require.NoError(t, err)
+	})
+
 	t.Run("EnvironmentVariables", func(t *testing.T) {
 		t.Parallel()
 		key := "EXAMPLE"
 
@@ -2,6 +2,8 @@ package agent
 
 import (
 	"context"
+	"net"
+	"strconv"
 
 	"golang.org/x/xerrors"
 	"inet.af/netaddr"
@@ -58,6 +60,38 @@ func (a *agent) startWireguard(ctx context.Context, addrs []netaddr.IPPrefix) er
 		}
 	}()
 
+	a.startWireguardListeners(ctx, wg, []handlerPort{
+		{port: 12212, handler: a.sshServer.HandleConn},
+	})
+
 	a.network = wg
 	return nil
 }
+
+type handlerPort struct {
+	handler func(conn net.Conn)
+	port    uint16
+}
+
+func (a *agent) startWireguardListeners(ctx context.Context, network *peerwg.Network, handlers []handlerPort) {
+	for _, h := range handlers {
+		go func(h handlerPort) {
+			a.logger.Debug(ctx, "starting wireguard listener", slog.F("port", h.port))
+
+			listener, err := network.Listen("tcp", net.JoinHostPort("", strconv.Itoa(int(h.port))))
+			if err != nil {
+				a.logger.Warn(ctx, "listen wireguard", slog.F("port", h.port), slog.Error(err))
+				return
+			}
+
+			for {
+				conn, err := listener.Accept()
+				if err != nil {
+					return
+				}
+
+				go h.handler(conn)
+			}
+		}(h)
+	}
+}
@@ -135,6 +135,7 @@ func configSSH() *cobra.Command {
 		coderConfigFile  string
 		dryRun           bool
 		skipProxyCommand bool
+		wireguard        bool
 	)
 	cmd := &cobra.Command{
 		Annotations: workspaceCommand,
@@ -287,7 +288,11 @@ func configSSH() *cobra.Command {
 						"\tLogLevel ERROR",
 					)
 					if !skipProxyCommand {
-						configOptions = append(configOptions, fmt.Sprintf("\tProxyCommand %q --global-config %q ssh --stdio %s", binaryFile, root, hostname))
+						if !wireguard {
+							configOptions = append(configOptions, fmt.Sprintf("\tProxyCommand %q --global-config %q ssh --stdio %s", binaryFile, root, hostname))
+						} else {
+							configOptions = append(configOptions, fmt.Sprintf("\tProxyCommand %q --global-config %q ssh --wireguard --stdio %s", binaryFile, root, hostname))
+						}
 					}
 
 					_, _ = buf.WriteString(strings.Join(configOptions, "\n"))
@@ -374,6 +379,8 @@ func configSSH() *cobra.Command {
 	cmd.Flags().BoolVarP(&skipProxyCommand, "skip-proxy-command", "", false, "Specifies whether the ProxyCommand option should be skipped. Useful for testing.")
 	_ = cmd.Flags().MarkHidden("skip-proxy-command")
 	cliflag.BoolVarP(cmd.Flags(), &usePreviousOpts, "use-previous-options", "", "CODER_SSH_USE_PREVIOUS_OPTIONS", false, "Specifies whether or not to keep options from previous run of config-ssh.")
+	cliflag.BoolVarP(cmd.Flags(), &wireguard, "wireguard", "", "CODER_CONFIG_SSH_WIREGUARD", false, "Whether to use Wireguard for SSH tunneling.")
+	_ = cmd.Flags().MarkHidden("wireguard")
 
 	// Deprecated: Remove after migration period.
 	cmd.Flags().StringVar(&coderConfigFile, "test.ssh-coder-config-file", sshDefaultCoderConfigFileName, "Specifies the path to an Coder SSH config file. Useful for testing.")
@@ -539,7 +546,7 @@ func currentBinPath(w io.Writer) (string, error) {
 		_, _ = fmt.Fprint(w, "\n")
 	}
 
-	return binName, nil
+	return exePath, nil
 }
 
 // diffBytes takes two byte slices and diffs them as if they were in a
Original file line number	Diff line number	Diff line change
`@@ -467,6 +467,7 @@ func (a *agent) handleSSHSession(session ssh.Session) error {`
`467`	`467`	`}`
`468`	`468`	`go func() {`
`469`	`469`	`_, _ = io.Copy(stdinPipe, session)`
	`470`	`+ _ = stdinPipe.Close()`
`470`	`471`	`}()`
`471`	`472`	`err = cmd.Start()`
`472`	`473`	`if err != nil {`