Enable explicitly specifying the client's public IP address (#7).

tintoy · tintoy · commit 0ea75bfc872a · 2016-11-09T22:20:50.000+11:00
diff --git a/README.md b/README.md
@@ -43,16 +43,18 @@ Note that only OS images are supported for now, not customer images.
 Additionally, the OS must be a Linux distribution supported by docker-machine (Ubuntu 12.04 and above are supported, but RedHat 6 and 7 are not supported due to iptables configuration issues).
 * `ddcloud-ssh-user` - The SSH username to use.  
 Default: "root".  
-Environment: `MCP_SSH_USER`
+Environment: `MCP_SSH_USER`.
 * `ddcloud-ssh-key` - The SSH key file to use.  
-Environment: `MCP_SSH_KEY`
+Environment: `MCP_SSH_KEY`.
 * `ddcloud-ssh-port` - The SSH port to use.  
 Default: 22.  
-Environment: `MCP_SSH_PORT`
+Environment: `MCP_SSH_PORT`.
 * `ddcloud-ssh-bootstrap-password` - The initial SSH password used to bootstrap SSH key authentication.  
 This password is removed once the SSH key has been installed  
 Environment: `MCP_SSH_BOOTSTRAP_PASSWORD`
 * `ddcloud-create-ssh-firewall-rule` - Automatically create a firewall rule to enable inbound SSH to the target server?
+* `ddcloud-client-public-ip` - Use the specified IPv4 address as the client's public IP address (don't auto-detect).  
+Environment: `MCP_CLIENT_PUBLIC_IP`.
 * `ddcloud-use-private-ip` - Don't create NAT and firewall rules for target server (you will need to be connected to the VPN for your target data centre).
 
 ## Installing the provider
diff --git a/client.go b/client.go
@@ -565,7 +565,7 @@ func (driver *Driver) isSSHFirewallRuleCreated() bool {
 }
 
 // Create a firewall rule to enable inbound SSH connections to the target server from the client machine's (external) IP address.
-func (driver *Driver) createSSHFirewallRule(clientPublicIPAddress string) error {
+func (driver *Driver) createSSHFirewallRule() error {
 	if !driver.isServerCreated() {
 		return fmt.Errorf("Server '%s' has not been created", driver.MachineName)
 	}
@@ -577,7 +577,7 @@ func (driver *Driver) createSSHFirewallRule(clientPublicIPAddress string) error
 	log.Debugf("Creating SSH firewall rule for server '%s' (allow inbound traffic on port %d from '%s' to '%s')...",
 		driver.MachineName,
 		driver.SSHPort,
-		clientPublicIPAddress,
+		driver.ClientPublicIPAddress,
 		driver.IPAddress,
 	)
 
@@ -589,7 +589,7 @@ func (driver *Driver) createSSHFirewallRule(clientPublicIPAddress string) error
 	ruleConfiguration.Enable()
 	ruleConfiguration.IPv4()
 	ruleConfiguration.TCP()
-	ruleConfiguration.MatchSourceAddress(clientPublicIPAddress)
+	ruleConfiguration.MatchSourceAddress(driver.ClientPublicIPAddress)
 	ruleConfiguration.MatchDestinationAddress(driver.IPAddress)
 	ruleConfiguration.MatchDestinationPort(driver.SSHPort)
 
diff --git a/client_public_ip.go b/client_public_ip.go
@@ -10,6 +10,7 @@ package main
 import (
 	"encoding/json"
 	"fmt"
+	"github.com/docker/machine/libmachine/log"
 	"io/ioutil"
 	"net/http"
 )
@@ -21,6 +22,8 @@ type ipInfo struct {
 
 // Retrieve the client machine's public IPv4 address.
 func getClientPublicIPv4Address() (string, error) {
+	log.Infof("Auto-detecting client's public (external) IP address...")
+
 	response, err := http.Get("https://ifconfig.co/json")
 	if err != nil {
 		return "", fmt.Errorf("Unable to connect to ifconfig.co to determine your IP address: %s", err.Error())
diff --git a/driver.go b/driver.go
@@ -83,6 +83,9 @@ type Driver struct {
 	// The Id of the firewall rule (if any) created for inbound SSH access to the target server.
 	SSHFirewallRuleID string
 
+	// The client's public (external) IP address.
+	ClientPublicIPAddress string
+
 	// The CloudControl API client.
 	client *compute.Client
 }
@@ -157,6 +160,12 @@ func (driver *Driver) GetCreateFlags() []mcnflag.Flag {
 			Name:  "ddcloud-create-ssh-firewall-rule",
 			Usage: "Create a firewall rule to allow SSH access to the target server? Default: false",
 		},
+		mcnflag.StringFlag{
+			EnvVar: "MCP_CLIENT_PUBLIC_IP",
+			Name:  "ddcloud-client-public-ip",
+			Usage: "Use the specified IPv4 address as the client's public IP address (don't auto-detect)",
+			Value: "",
+		},
 		mcnflag.BoolFlag{
 			Name:  "ddcloud-use-private-ip",
 			Usage: "Don't create NAT and firewall rules for target server (you will need to be connected to the VPN for your target data centre). Default: false",
@@ -187,6 +196,7 @@ func (driver *Driver) SetConfigFromFlags(flags drivers.DriverOptions) error {
 	driver.SSHBootstrapPassword = flags.String("ddcloud-ssh-bootstrap-password")
 
 	driver.CreateSSHFirewallRule = flags.Bool("ddcloud-create-ssh-firewall-rule")
+	driver.ClientPublicIPAddress = flags.String("ddcloud-client-public-ip")
 	driver.UsePrivateIP = flags.Bool("ddcloud-use-private-ip")
 
 	log.Debugf("docker-machine-driver-ddcloud %s", DriverVersion)
@@ -266,21 +276,22 @@ func (driver *Driver) Create() error {
 		log.Infof("Server '%s' has public IP '%s'.", driver.MachineName, driver.IPAddress)
 
 		if driver.CreateSSHFirewallRule {
-			var clientPublicIPAddress string
-			clientPublicIPAddress, err = getClientPublicIPv4Address()
-			if err != nil {
-				return err
+			if driver.ClientPublicIPAddress == "" {
+				driver.ClientPublicIPAddress, err = getClientPublicIPv4Address()
+				if err != nil {
+					return err
+				}
 			}
 
 			log.Infof("Creating firewall rule to enable inbound SSH traffic from local machine '%s' ('%s') to '%s' ('%s':%d)...",
 				os.Getenv("HOST"),
-				clientPublicIPAddress,
+				driver.ClientPublicIPAddress,
 				driver.MachineName,
 				driver.IPAddress,
 				driver.SSHPort,
 			)
 
-			err = driver.createSSHFirewallRule(clientPublicIPAddress)
+			err = driver.createSSHFirewallRule()
 			if err != nil {
 				return err
 			}
