server

package
v0.6.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 6, 2026 License: Apache-2.0 Imports: 21 Imported by: 0

Documentation

Overview

Package server wires together the security pipeline and registers MCP tools.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func NewHTTPHandler 

func NewHTTPHandler(core *Core, opts ...ServerOptions) http.Handler

NewHTTPHandler returns an http.Handler serving MCP over SSE.

func NewMCPServer 

func NewMCPServer(core *Core, opts ...ServerOptions) *mcp.Server

func RunStdio 

func RunStdio(ctx context.Context, core *Core, opts ...ServerOptions) error

Types

type ConnectInput 

type ConnectInput struct {
	Host         string `json:"host" jsonschema:"Hostname or IP address"`
	User         string `json:"user,omitempty" jsonschema:"SSH username (default root)"`
	Port         int    `json:"port,omitempty" jsonschema:"SSH port (default 22)"`
	IdentityFile string `json:"identity_file,omitempty" jsonschema:"Path to SSH identity file"`
	Password     string `json:"password,omitempty" jsonschema:"SSH password"`
	Passphrase   string `json:"passphrase,omitempty" jsonschema:"Passphrase for encrypted key"`
	Transport    string `json:"transport,omitempty" jsonschema:"Transport type: ssh (default) or local"`
}

type Core 

type Core struct {
	Registry    map[string]*manifest.Manifest
	Runner      Executor
	LocalRunner Executor

	Parse       func(string) (*parser.Pipeline, error)
	Validate    func(*parser.Pipeline, map[string]*manifest.Manifest) error
	Reconstruct func(*parser.Pipeline, bool, bool) string
	Truncate    func(string, string, int, int, ...int) output.CommandResult

	DefaultTimeout   int
	MaxOutputBytes   int
	MaxDownloadBytes int
	DownloadDir      string
	MaxSleepSeconds  int
	DisabledTools    map[string]bool
	// contains filtered or unexported fields
}

func NewCore 

func NewCore(registry map[string]*manifest.Manifest, runner Executor, logger *slog.Logger, opts ...CoreOption) *Core

func (*Core) Close 

func (c *Core) Close(ctx context.Context) error

Close disconnects all SSH sessions and clears internal state. Internal state is always cleared even if the disconnect fails. It is safe to call multiple times.

func (*Core) Connect 

func (c *Core) Connect(ctx context.Context, in ConnectInput) (map[string]any, error)

func (*Core) ConnectedHostsSnapshot added in v0.6.0 

func (c *Core) ConnectedHostsSnapshot() []string

ConnectedHostsSnapshot returns a sorted snapshot of currently connected hosts.

func (*Core) Disconnect 

func (c *Core) Disconnect(ctx context.Context, in DisconnectInput) (map[string]any, error)

func (*Core) DownloadFile 

func (c *Core) DownloadFile(ctx context.Context, in DownloadInput) (DownloadResult, error)

func (*Core) Execute 

func (c *Core) Execute(ctx context.Context, in ExecuteInput) (output.CommandResult, error)

func (*Core) Logger 

func (c *Core) Logger() *slog.Logger

Logger returns the logger used by this Core.

func (*Core) Provision 

func (c *Core) Provision(ctx context.Context, in ProvisionInput) (map[string]any, error)

func (*Core) ServersSnapshot added in v0.6.0 

func (c *Core) ServersSnapshot() StatusResult

ServersSnapshot returns a snapshot of all server entries.

func (*Core) Sleep 

func (c *Core) Sleep(ctx context.Context, in SleepInput) (map[string]any, error)

func (*Core) Status added in v0.6.0 

func (c *Core) Status(_ context.Context, _ StatusInput) (StatusResult, error)

func (*Core) ValidateCommand added in v0.6.0 

func (c *Core) ValidateCommand(_ context.Context, in ValidateInput) (ValidateResult, error)

type CoreOption 

type CoreOption func(*Core)

func WithDefaultTimeout 

func WithDefaultTimeout(seconds int) CoreOption

func WithDisabledTools added in v0.6.0 

func WithDisabledTools(tools []string) CoreOption

func WithDownloadDir 

func WithDownloadDir(dir string) CoreOption

func WithMaxDownloadBytes 

func WithMaxDownloadBytes(bytes int) CoreOption

func WithMaxOutputBytes 

func WithMaxOutputBytes(bytes int) CoreOption

func WithMaxSleepSeconds 

func WithMaxSleepSeconds(seconds int) CoreOption

type DisconnectInput 

type DisconnectInput struct {
	Host string `json:"host,omitempty" jsonschema:"Hostname to disconnect; empty disconnects all"`
}

type DownloadInput 

type DownloadInput struct {
	RemotePath string `json:"remote_path" jsonschema:"Absolute path to file on remote server"`
	LocalDir   string `json:"local_dir,omitempty" jsonschema:"Local directory to save to (default: /tmp/shellguard-downloads/)"`
	Host       string `json:"host,omitempty" jsonschema:"Hostname when multiple connections exist"`
}

type DownloadResult 

type DownloadResult struct {
	LocalPath string `json:"local_path"`
	SizeBytes int64  `json:"size_bytes"`
	Filename  string `json:"filename"`
}

type ExecuteInput 

type ExecuteInput struct {
	Command string `json:"command" jsonschema:"Shell command or pipeline to execute"`
	Host    string `json:"host,omitempty" jsonschema:"Hostname when multiple connections exist"`
}

type Executor 

type Executor interface {
	Connect(ctx context.Context, params ssh.ConnectionParams) error
	Execute(ctx context.Context, host, command string, timeout time.Duration) (ssh.ExecResult, error)
	ExecuteRaw(ctx context.Context, host, command string, timeout time.Duration) (ssh.ExecResult, error)
	SFTPSession(host string) (ssh.SFTPClient, error)
	Disconnect(ctx context.Context, host string) error
}

Executor runs commands on remote targets.

type LocalExecutor added in v0.6.0 

type LocalExecutor struct{}

LocalExecutor runs commands on the local machine.

func NewLocalExecutor added in v0.6.0 

func NewLocalExecutor() *LocalExecutor

NewLocalExecutor returns a new LocalExecutor.

func (*LocalExecutor) Connect added in v0.6.0 

func (l *LocalExecutor) Connect(_ context.Context, _ ssh.ConnectionParams) error

func (*LocalExecutor) Disconnect added in v0.6.0 

func (l *LocalExecutor) Disconnect(_ context.Context, _ string) error

func (*LocalExecutor) Execute added in v0.6.0 

func (l *LocalExecutor) Execute(ctx context.Context, _, command string, timeout time.Duration) (ssh.ExecResult, error)

func (*LocalExecutor) ExecuteRaw added in v0.6.0 

func (l *LocalExecutor) ExecuteRaw(ctx context.Context, _, command string, timeout time.Duration) (ssh.ExecResult, error)

func (*LocalExecutor) SFTPSession added in v0.6.0 

func (l *LocalExecutor) SFTPSession(_ string) (ssh.SFTPClient, error)

type ProbeResult 

type ProbeResult struct {
	Missing []string
	Arch    string
}

type ProvisionInput 

type ProvisionInput struct {
	Host string `json:"host,omitempty" jsonschema:"Hostname to provision. Required when connected to multiple servers."`
}

type ServerEntry added in v0.6.0 

type ServerEntry struct {
	Transport TransportType
	Connected bool
}

ServerEntry tracks the state of a connected server.

type ServerOptions 

type ServerOptions struct {
	// Name is the MCP server implementation name. Default: "shellguard".
	Name string
	// Version is the MCP server implementation version. Default: "0.2.0".
	Version string
	// AutoConnect, when non-nil, causes an automatic SSH connection after
	// the MCP handshake completes (via InitializedHandler).
	AutoConnect *ConnectInput
}

type ServerStatus added in v0.6.0 

type ServerStatus struct {
	Connected bool          `json:"connected"`
	Transport TransportType `json:"transport"`
}

type SleepInput 

type SleepInput struct {
	Seconds float64 `json:"seconds" jsonschema:"Duration to sleep in seconds"`
}

type StatusInput added in v0.6.0 

type StatusInput struct{}

type StatusResult added in v0.6.0 

type StatusResult map[string]ServerStatus

type TransportType added in v0.6.0 

type TransportType string

TransportType identifies how a server connection is established. 

const (
	TransportSSH   TransportType = "ssh"
	TransportLocal TransportType = "local"
)

type ValidateInput added in v0.6.0 

type ValidateInput struct {
	Command string `json:"command" jsonschema:"Shell command or pipeline to validate"`
}

type ValidateResult added in v0.6.0 

type ValidateResult struct {
	OK      bool   `json:"ok"`
	Reason  string `json:"reason,omitempty"`
	Command string `json:"command,omitempty"`
	Detail  string `json:"detail,omitempty"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.