Add vsock-backed SSH session reminders

Remind users when a VM is still running after hanger vm ssh exits instead of silently dropping them back to the host shell.\n\nAttach a Firecracker vsock device to each VM, persist the host vsock path/CID,\nadd a new guest-side banger-vsock-pingd responder to the runtime bundle and both\nimage-build paths, and expose a vm.ping RPC that the CLI and TUI call after SSH\nreturns. Doctor and start/build preflight now validate the helper plus\n/dev/vhost-vsock so the feature fails early and clearly.\n\nValidated with go mod tidy, bash -n customize.sh, git diff --check, make build,\nand GOCACHE=/tmp/banger-gocache go test ./... outside the sandbox because the\ndaemon tests need real Unix/UDP sockets. Rebuild the image/rootfs used for new\nVMs so the guest ping service is present.
2026-03-18 20:14:51 -03:00 · 2026-03-18 20:14:51 -03:00 · 08ef706e3f
commit 08ef706e3f
parent 4930d82cb9
31 changed files with 912 additions and 75 deletions
--- a/internal/daemon/imagebuild.go
+++ b/internal/daemon/imagebuild.go
@ -17,6 +17,7 @@ import (
 	"banger/internal/hostnat"
 	"banger/internal/model"
 	"banger/internal/system"
+	"banger/internal/vsockping"
 )

 const (
@ -103,6 +104,16 @@ func (d *Daemon) runImageBuildNative(ctx context.Context, spec imageBuildSpec) (
 	}
 	defer client.Close()

+	helperBytes, err := os.ReadFile(d.config.VSockPingHelperPath)
+	if err != nil {
+		return err
+	}
+	if err := writeBuildLog(spec.BuildLog, "installing vsock ping helper"); err != nil {
+		return err
+	}
+	if err := client.UploadFile(ctx, vsockping.GuestInstallPath, 0o755, helperBytes, spec.BuildLog); err != nil {
+		return err
+	}
 	if err := writeBuildLog(spec.BuildLog, "configuring guest"); err != nil {
 		return err
 	}
@ -207,7 +218,7 @@ func (d *Daemon) startImageBuildVM(ctx context.Context, spec imageBuildSpec) (im
 		return imageBuildVM{}, nil, err
 	}
 	vm.PID = d.resolveFirecrackerPID(firecrackerCtx, machine, vm.APISock)
-	if err := d.ensureSocketAccess(ctx, vm.APISock); err != nil {
+	if err := d.ensureSocketAccess(ctx, vm.APISock, "firecracker api socket"); err != nil {
 		_ = d.killVMProcess(context.Background(), vm.PID)
 		_ = hostnat.Ensure(ctx, d.runner, vm.GuestIP, vm.TapDevice, false)
 		_, _ = d.runner.RunSudo(ctx, "ip", "link", "del", vm.TapDevice)
@ -255,6 +266,7 @@ func buildProvisionScript(vmName, dnsServer string, packages []string, installDo
 	script.WriteString("DEBIAN_FRONTEND=noninteractive apt-get -y install \"${PACKAGES[@]}\"\n")
 	appendMiseSetup(&script)
 	appendTmuxSetup(&script)
+	appendVSockPingSetup(&script)
 	if installDocker {
 		script.WriteString("DEBIAN_FRONTEND=noninteractive apt-get -y remove containerd || true\n")
 		script.WriteString("if ! DEBIAN_FRONTEND=noninteractive apt-get -y install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin; then\n")
@ -318,6 +330,19 @@ func appendTmuxSetup(script *bytes.Buffer) {
 	script.WriteString("chmod 0644 \"$TMUX_CONF\"\n")
 }

+func appendVSockPingSetup(script *bytes.Buffer) {
+	script.WriteString("mkdir -p /etc/modules-load.d /etc/systemd/system\n")
+	script.WriteString("cat > /etc/modules-load.d/banger-vsock.conf <<'EOF'\n")
+	script.WriteString(vsockping.ModulesLoadConfig())
+	script.WriteString("EOF\n")
+	script.WriteString("chmod 0644 /etc/modules-load.d/banger-vsock.conf\n")
+	script.WriteString("cat > /etc/systemd/system/" + vsockping.ServiceName + " <<'EOF'\n")
+	script.WriteString(vsockping.ServiceUnit())
+	script.WriteString("EOF\n")
+	script.WriteString("chmod 0644 /etc/systemd/system/" + vsockping.ServiceName + "\n")
+	script.WriteString("if command -v systemctl >/dev/null 2>&1; then systemctl daemon-reload || true; systemctl enable --now " + vsockping.ServiceName + " || true; fi\n")
+}
+
 func appendGitRepo(script *bytes.Buffer, dir, repo string) {
 	fmt.Fprintf(script, "if [[ -d \"%s/.git\" ]]; then\n", dir)
 	fmt.Fprintf(script, "  git -C \"%s\" fetch --depth 1 origin\n", dir)