feat: SSH STCP key generation and frp tunnel registration

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-05-02 18:07:33 +08:00
parent 7fe1ee64d8
commit 1a7e0a9738
3 changed files with 36 additions and 14 deletions
--- a/lib/frpc.js
+++ b/lib/frpc.js
@@ -143,9 +143,16 @@ function downloadFile(url, dest) {
  });
 }

-function writeFrpcConfig(clawId, frpConfig) {
+function writeFrpcConfig(clawId, frpConfig, sshSecretKey) {
  const { auth_token, dashboard_local_port = 18789 } = frpConfig;
  const ttyRemotePort = 10000 + Number(clawId);
+  const stcpBlock = sshSecretKey ? `
+[[proxies]]
+name = "ssh-${clawId}-secret"
+type = "stcp"
+secretKey = "${sshSecretKey}"
+localPort = 22
+` : '';
  const toml = `# 由 clawd 自动生成，请勿手动修改
 serverAddr = "frp.claw.cutos.ai"
 serverPort = 443
@@ -168,10 +175,10 @@ name = "tty-${clawId}"
 type = "tcp"
 localPort = ${TTYD_PORT}
 remotePort = ${ttyRemotePort}
-`;
+${stcpBlock}`;
  fs.mkdirSync(CONFIG_DIR, { recursive: true });
  fs.writeFileSync(FRPC_CONFIG, toml, 'utf8');
-  log.info('frpc', `frpc.toml 已写入: dashboard subdomain=${clawId}, tty tcp-port=${ttyRemotePort}`);
+  log.info('frpc', `frpc.toml 已写入: dashboard subdomain=${clawId}, tty tcp-port=${ttyRemotePort}${sshSecretKey ? ', ssh stcp=enabled' : ''}`);
 }

 /**
@@ -183,7 +190,7 @@ class FrpcManager {
    this._watchdog = null;
  }

-  async start(clawId, frpConfig) {
+  async start(clawId, frpConfig, sshSecretKey) {
    this.stop();

    if (!fs.existsSync(FRPC_BIN)) {
@@ -195,7 +202,7 @@ class FrpcManager {
      }
    }

-    writeFrpcConfig(clawId, frpConfig);
+    writeFrpcConfig(clawId, frpConfig, sshSecretKey);

    this._watchdog = new Watchdog('frpc', FRPC_BIN, ['-c', FRPC_CONFIG], {
      maxRestarts:  10,