feat(nanoclaude): 배포 준비 — Dockerfile + self-SSH 로컬 분기

- Dockerfile: infra/ 복사, openssh-client, healthcheck 추가
- requirements.txt: asyncssh, python-dotenv 추가
- core/ssh.py: INFRA_LOCAL_HOST 환경변수로 self-SSH 대신 로컬 실행

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Hyungi Ahn
2026-04-13 13:31:41 +09:00
parent c7e44646fd
commit 1abec083e7
3 changed files with 42 additions and 2 deletions
+21
View File
@@ -5,17 +5,24 @@ Provides run_command() which handles:
- Password auth + sudo (company NAS)
- Timeout / retry
- Structured error classification
- Local execution for self-host (INFRA_LOCAL_HOST env)
"""
from __future__ import annotations
import asyncio
import os
from datetime import datetime, timezone
import asyncssh
from ..config import HostConfig, SSH_TIMEOUT, CMD_TIMEOUT, MAX_RETRIES
# If set, commands targeting this host use run_local() instead of SSH.
# Avoids self-SSH issues in Docker containers (Tailscale routing, overhead).
# Example: INFRA_LOCAL_HOST=gpu
_LOCAL_HOST = os.getenv("INFRA_LOCAL_HOST", "")
class SSHError(Exception):
"""Typed SSH error with error_type classification."""
@@ -45,6 +52,15 @@ async def _connect(host: HostConfig) -> asyncssh.SSHClientConnection:
return await asyncssh.connect(**kwargs)
def _is_local_host(host: HostConfig) -> bool:
"""Check if this host should use local execution instead of SSH."""
if not _LOCAL_HOST:
return False
from ..config import HOSTS
local_cfg = HOSTS.get(_LOCAL_HOST)
return local_cfg is not None and host.ip == local_cfg.ip
async def run_command(
host: HostConfig,
command: str,
@@ -53,9 +69,14 @@ async def run_command(
) -> tuple[str, str]:
"""Run a command on remote host. Returns (stdout, stderr).
If host matches INFRA_LOCAL_HOST, runs locally instead of SSH.
For NAS with sudo: wraps command with sudo using password via stdin.
Raises SSHError with typed error_type on failure.
"""
# Local execution for self-host
if _is_local_host(host):
return await run_local(command, timeout=timeout)
if use_sudo and host.needs_sudo and host.password:
# Pipe password to sudo via stdin
command = f"echo '{host.password}' | sudo -S {command}"