example-config.yaml

# Example configuration for bssh
#
# USER FIELD BEHAVIOR:
# - 'user' in defaults/cluster applies to DESTINATION nodes only
# - For jump hosts, specify username in jump_host string: user@jumphost:port
# - If no username in jump_host, your current local username ($USER) is used
#
# Example:
#   user: admin              # Used for destination nodes
#   jump_host: bai@bastion   # User 'bai' for bastion, 'admin' for destination
#
defaults:
  user: ubuntu
  port: 22
  ssh_key: ~/.ssh/id_rsa
  parallel: 10
  # Global default jump host (optional) - used for all clusters unless overridden
  # jump_host: bastion.example.com

clusters:
  local:
    nodes:
      - localhost
    user: ${USER}

  dev:
    nodes:
      - dev1.example.com
      - dev2.example.com
      - dev3.example.com
    user: developer
    ssh_key: ~/.ssh/dev_key

  production:
    nodes:
      - host: prod1.example.com
        port: 2222
        user: admin
      - host: prod2.example.com
        port: 2222
        user: admin
        # Node-level jump host override (optional)
        # jump_host: prod2-bastion.example.com
      - host: prod3.example.com
      - host: prod4.example.com
    ssh_key: ~/.ssh/prod_key
    # Cluster-level jump host (optional) - applies to all nodes in this cluster
    # jump_host: prod-bastion.example.com

  # Example: Cluster behind a jump host/bastion
  # IMPORTANT: 'user' field applies to DESTINATION nodes only.
  # For jump host authentication, specify username in jump_host string: user@host:port
  # If no username is specified in jump_host, your current local username is used.
  internal:
    nodes:
      - host: internal1.private
      - host: internal2.private
      - host: internal3.private
    user: admin  # User for internal*.private (destination nodes)
    ssh_key: ~/.ssh/destination_key  # Key for destination nodes
    # Legacy string format (uses cluster ssh_key for both jump host and destinations)
    jump_host: jumpuser@bastion.example.com
    # Alternative structured format with dedicated jump host key:
    # jump_host:
    #   host: bastion.example.com
    #   user: jumpuser
    #   port: 22  # optional
    #   ssh_key: ~/.ssh/jump_host_key  # Uses this key for bastion only

  # Example: Mixed direct and jump host access with per-node jump host override
  hybrid:
    nodes:
      - host: behind-firewall.internal
        # Per-node jump host with dedicated key
        jump_host:
          host: gateway.example.com
          user: gw_user
          ssh_key: ~/.ssh/gateway_key
      - host: direct-access.example.com
        jump_host: ""  # Empty string disables jump host (direct connection)
    jump_host: default-bastion.example.com  # Default for cluster (string format)

  # Example: Multi-hop jump chain with environment variables
  secure:
    nodes:
      - host: target.secure.internal
    jump_host: ${FIRST_HOP},${SECOND_HOP}  # Comma-separated for multi-hop

  # Example: Using SSH config Host alias as jump host
  # This references a Host defined in ~/.ssh/config, inheriting its settings:
  # - HostName, User, Port, and IdentityFile are all read from SSH config
  #
  # ~/.ssh/config example:
  #   Host my-bastion
  #       HostName bastion.example.com
  #       User jumpuser
  #       Port 2222
  #       IdentityFile ~/.ssh/bastion_key
  #
  ssh_config_ref:
    nodes:
      - host: target.internal
    # Simple format with @ prefix references SSH config Host alias
    jump_host: "@my-bastion"

  # Alternative structured format for SSH config reference
  ssh_config_ref_structured:
    nodes:
      - host: target2.internal
    jump_host:
      ssh_config_host: my-bastion  # References SSH config Host alias

  # Example: Per-node SSH config references
  mixed_ssh_config:
    nodes:
      - host: node1.internal
        jump_host: "@bastion-zone-a"  # Different SSH config entry per node
      - host: node2.internal
        jump_host: "@bastion-zone-b"
      - host: node3.internal
        # Direct connection, no jump host
        jump_host: ""