Wishlist
The SSH directory ✨
With Wishlist you can have a single entry point for multiple SSH endpoints,
whether they are Wish apps or not.
As a server, it can be used to start multiple SSH apps within a single package
and list them over SSH.
You can list apps provided elsewhere, too.
You can also use the wishlist
command to list and connect to servers in your
~/.ssh/config
or in a YAML configuration file.
Installation
Use your fave package manager:
brew install charmbracelet/tap/wishlist
yay -S wishlist-bin
yay -S wishlist
winget install wishlist
scoop bucket add charm https://github.com/charmbracelet/scoop-bucket.git
scoop install wishlist
nix-env -iA nixpkgs.wishlist
sudo mkdir -p /etc/apt/keyrings
curl -fsSL https://repo.charm.sh/apt/gpg.key | sudo gpg --dearmor -o /etc/apt/keyrings/charm.gpg
echo "deb [signed-by=/etc/apt/keyrings/charm.gpg] https://repo.charm.sh/apt/ * *" | sudo tee /etc/apt/sources.list.d/charm.list
sudo apt update && sudo apt install wishlist
echo '[charm]
name=Charm
baseurl=https://repo.charm.sh/yum/
enabled=1
gpgcheck=1
gpgkey=https://repo.charm.sh/yum/gpg.key' | sudo tee /etc/yum.repos.d/charm.repo
sudo yum install wishlist
Or download a pre-compiled binary or package from the releases page.
Or just build it yourself (requires Go 1.19+):
git clone https://github.com/charmbracelet/wishlist.git
cd wishlist
go build ./cmd/wishlist/
Usage
CLI
Remote
If you just want a directory of existing servers, you can use the wishlist
CLI
and a YAML config file. You can also just run it without any arguments to list
the servers in your ~/.ssh/config
. To start wishlist in server mode, you'll
need to use the serve
subcommand:
wishlist serve
Check the example config file file as well as
wishlist server --help
for details.
Local
If you want to explore your ~/.ssh/config
, you can run wishlist in local mode
with:
wishlist
Note that not all options are supported at this moment. Check the
commented example config for reference.
Library
Wishlist is also available as a library, which allows you to start several apps
within the same process.
Check out the _example
folder for a working example.
Auth
Local mode
When running in local mode, wishlist will first see if the current endpoint has
an IdentityFile
specified.
If so, it'll try to use that.
If not, it'll see if there's a SSH Agent available, and use it.
Otherwise, it'll try the common key names in ~/.ssh
.
Server mode
When running as a server, wishlist will first try to forward the current SSH
Agent.
If there's no agent, it'll create or use an existing ed25519 key present in
.wishlist/client_ed25519
.
Password authentication is not supported at this moment.
Agent forwarding example
eval (ssh-agent)
ssh-add -k
ssh-add -l
ssh \
-o 'ForwardAgent=yes' \
-o 'UserKnownHostsFile=/dev/null' \
-p 2222 \
foo.bar \
-t list
You can also add this to your ~/.ssh/config
, for instance:
Host wishlist
HostName foo.bar
Port 2222
ForwardAgent yes
UserKnownHostsFile /dev/null
Discovery
Wishlist can discover endpoints using Zeroconf, SRV Records, and Tailscale.
You can find a brief explanation and examples of all of them bellow.
Run wishlist --help
to see all the options.
Tailscale
You can configure Wishlist to find all nodes in your tailnet and add them
as endpoints:
wishlist --tailscale.net=your_tailnet_name --tailscale.key=tskey-api-abc123...
You can use the Hints to change the connection settings.
OAuth authentication
Tailscale API keys expire after 90 days. If you want something that doesn't
require you to intervene every couple of months, use OAuth Clients:
Create a client here.
The only scope needed is devices:read
.
Instead of using --tailscale.key
(or $TAILSCALE_KEY
), set
--tailscale.client.id
and --tailscale.client.secret
(or
$TAILSCALE_CLIENT_ID
and $TAILSCALE_CLIENT_SECRET
, respectively).
Zeroconf/Avahi/mDNS/Bonjour
You can enable this using the --zeroconf.enabled
flag:
wishlist --zeroconf.enabled
Optionally, you can also specify a timeout with --zeroconf.timeout
and, which
domain to look for with --zeroconf.domain
.
Wishlist will look for _ssh._tcp
services in the given domain.
You can use the Hints to change the connection settings.
SRV records
You can set Wishlist up to find nodes from DNS SRV
records:
wishlist --srv.domain example.com
By default, Wishlist will set the name of the endpoint to the SRV
target.
You can, however, customize that with a TXT
record in the following format:
wishlist.name full.address:22=thename
So, in this case, a SRV
record pointing to full.address
on port 22
will
get the name thename
.
Hints
You can use the hints
key in the YAML configuration file to hint settings into
discovered endpoints.
Check the example configuration file to learn
what options are available.
If you're using a SSH configuration file as the Wishlist configuration file,
it'll try to match the hosts with the rules in the given configuration.
Otherwise, the services will simply be added to the list.
The difference is that if a hints themselves won't show in the TUI, as of hosts
in the SSH configuration will.
Running it
Wishlist will read and store all its information in a .wishlist
folder in the
current working directory:
- the server keys
- the client keys
- known hosts
- config files
Config files may be provided in either YAML or SSH Config formats:
The config files are tried in the following order:
- the
-config
flag in either YAML or SSH config formats .wishlist/config.yaml
.wishlist/config.yml
.wishlist/config
[[user config dir]]/wishlist/config.yaml
1[[user config dir]]/wishlist/config.yml
1[[user config dir]]/wishlist/config
1$HOME/.ssh/config
/etc/ssh/ssh_config
The first one that is loaded and parsed without errors will be used. This means
that if you have your common used hosts in your ~/.ssh/config
, you can simply
run wishlist
and get it running right away. It also means that if you don't
want that, you can pass a path to -config
, and it can be either a YAML, or a
SSH config file.
Using the binary
wishlist
Using Docker
mkdir .wishlist
$EDITOR .wishlist/config.yaml
docker run \
-p 2222:22 \
-v $PWD/.wishlist:/.wishlist \
docker.io/charmcli/wishlist:latest
Supported SSH Options
Not all SSH options are currently supported.
Here's a list of the ones that are:
User
Hostname
Port
IdentityFiles
ForwardAgent
RequestTTY
RemoteCommand
SendEnv
SetEnv
ConnectTimeout
Include
PreferredAuthentications
ProxyJump
Acknowledgments
The gif above shows a lot of Maas Lalani’s confeTTY.
Feedback
We’d love to hear your thoughts on this project. Feel free to drop us a note!
License
MIT
Part of Charm.
Charm热爱开源 • Charm loves open source