[Buildbot-devel] slave connection over ssl possible?
Marcus Lindblom
macke at yar.nu
Wed Oct 7 08:08:49 UTC 2009
Andy Howell wrote:
> Marcus Lindblom wrote:
>> Andy Howell wrote:
>>> Hello,
>>>
>>> Is is possible to setup buildbot slaves to create an encrypted session to the master?
>> Not out-of-the-box, I think.
>>
>> However, you could always setup an SSH-tunnel to the buildmaster host
>> yourself first, then have the buildslave work through that.
>>
>> Hope it helps,
>>
>> /Marcus
>>
>
> Marcus,
>
> Thanks, I may go that route. I've been going through the code trying to see how to works.
> Looks like the master side should work by specifying a port specification like:
>
> ssl:9989:privateKey=myket.pem:certKey=mycert.pem
>
> I think the slave side needs some changes to make this work, as it explicitly opens
> TCPClient in buildbot/slave/bot.py. I've hacked that a bit, replace that call with a
> ClientConnectionFactory and SSSClinet, but its not working yet. Still trying to understand
> how twisted and buildbot work :)
I was more thinking that you'd keep ssh out of buildbot completely, and
manually ssh from client to master setting up a port-forwarding from
master to client and connect client to a port on its localhost that is
tunneled to the master's slave port.
i.e. slave -> localport -> sshclient -> sshdaemon -> masterport -> master.
That would allow you to use ssh without changing buildbot at all.
Hope it makes sense.
Cheers,
/Marcus
More information about the devel
mailing list