hullarb / ssheasy

ssh, sftp client running in the browser powered by golang and wasm
232 stars 47 forks source link

Can't run on Cloudflare Workers #21

Open sntran opened 6 months ago

sntran commented 6 months ago

Hello,

Our team were interested in running an SSH client on Cloudflare Workers, and ssheasy seems to be a great fit. However, we hit a snag of not being able to connect to the proxy server.

After debugging, it turned out that the implementation of github.com/hullarb/dom/net/ws/wsconn_js uses new Function() to create the WebSocket instance, which is not allowed in such serverless environment.

Since github.com/hullarb/dom has no Issues reporting, I figure to report here, since it's related to ssheasy anyway.

Is there a way we can avoid using new Function()?

hullarb commented 6 months ago

Hi!

Thanks for opening an issue. To be honest i have not much experience, knowledge about Cloudflare Workers, but i assume they have some alternative API to create a websocket connection, don't they?

Also i'm wondering what would be the usecase to run the client in serverless environment, could you share some details on that?

sntran commented 6 months ago

Hi,

Thanks for the quick response!

i assume they have some alternative API to create a websocket connection

Yes. They support the full WebSocket API just like in browsers. They just don't allow your codes to call new Function(string) or eval(string). Just like in strict mode.

Also i'm wondering what would be the usecase to run the client in serverless environment, could you share some details on that?

We have a task runner that run on demand/schedule in serverless environment. One of the tasks is to SFTP a CSV from a remote server and process and store the data into database.

hullarb commented 6 months ago

Thanks for sharing some details. Unforaunatelly i don't have experience with cloudflare workers, but based on the docs i'm not sure if reusing this code is the best option. ssheasy was design for the browser where you have to go through http, but in workers you could open TCP connections directly and just start an ssh connection, wouldn't that be option?

sntran commented 6 months ago

Thanks for checking! You're correct that using TCP connections directly is a better option. However, there is no readily-made JS library to set up SSH connection directly. That is why I'm looking at ssheasy as implementing the whole SSH protocol is out of my scope, and the Cloudflare Workers environment is very similar to the browser.

However, as I mentioned in the original post, the issue is actually inside your github.com/hullarb/dom library, specifically the net/ws/wsconn_js module that uses new Function to set up the WebSocket client. I'm not familiar with Go, but looking around and I find this wasmws that seems to manually construct the WebSocket instance, so I think it can be done.

hullarb commented 6 months ago

sure, you could try to adapt the dom lib for the worker env. but maybe you could look into https://www.npmjs.com/package/ssh2#get-a-directory-listing-via-sftp i found some cloudflare worker example using this https://gist.github.com/DevCEDTeam/acfea17ed23ffe00ca67ece56444eb8c

sntran commented 6 months ago

maybe you could look into https://www.npmjs.com/package/ssh2#get-a-directory-listing-via-sftp

We did look at ssh2 as it's the most popular SSH/SFTP solution in Node.js ecosystem. However, it does not work in Cloudflare Workers, as Cloudflare only support a certain runtime APIs from Node.js, and they have to be prefixed with node:, which most of the NPM packages do not do, including ssh2.

i found some cloudflare worker example using this https://gist.github.com/DevCEDTeam/acfea17ed23ffe00ca67ece56444eb8c

Not sure how that gist works, but it does not look like a script that runs on Cloudflare Workers.