How do we connect `meteor shell` to a remote/production app?

trusktr · March 12, 2025, 8:22pm

How do we connect meteor shell to a remote/production app?

grubba · March 13, 2025, 8:45pm

You have to connect via ssh (and your machine should have meteor globally installed)

Go to your project and run meteor shell there(it should work in any meteor project folder)

trusktr · March 16, 2025, 11:48pm

@grubba ah, thanks. That’s what I figured. I was curious if there was something like meteor shell foo.com.

That might be interesting. It might be doable assuming an app uses the official accounts package, then perhaps meteor shell login foo.com could establish and cache the authentication locally such that logging into the app server’s terminal isn’t required (and Meteor also would not need to be installed there).

jkuester · March 17, 2025, 7:52am

@trusktr there is an old package by qualia that I remeber (qualia:prod-shell - Packosphere) maybe it helps you in any way.

grubba · March 17, 2025, 1:42pm

That could be a great package.

rails-like debugging in prod is so cool

DanielDornhardt · March 23, 2025, 11:29am

Hi… pssst… don’t tell the juniors… they might think “eval is evil” by reflex… and they’re right of course to be careful… so make sure to use some kind of user authentication. This is just a snippet… But it can help in a pinch to dump some information or trigger something.

Note a) that you need to adapt it to your methods framework of choice, and you NEED NEED NEED to use robust user authentication! Or you open your server up to everybody to do anything they want, obviously.

Also, this is still from the Meteor 2 days so it probably would need to be adapted to async if you want to return stuff using async calls…

But as a template this should work…

/**
 * A tiny shell which allows superusers to run arbitrary code on the server.
 *
 * Pass in a string, it will exec() it & return the result.
 */

import { ValidatedMethod } from 'meteor/mdg:validated-method'
import { simpleSchemaMixin } from 'meteor/trusted-care:simple-schema-mixin'
import SimpleSchema from 'meteor/aldeed:simple-schema'

import permissionMixin from '/imports/services/security/lib/permissionMixin'

export default new ValidatedMethod({
    name: 'TC.services.tinyShell.runCommand',
    mixins: [simpleSchemaMixin, permissionMixin],
    schema: new SimpleSchema({
        // the command to execute (JS)
        command: {
            type: String,
        },
    }),
    async permissions({ command }) {
        await this.callerIsSuperadmin()
    },
    async run({ command }) {
        // eslint-disable-next-line no-eval
        return eval(command)
    },
})

trusktr · March 25, 2025, 6:57pm

There’s one issue with that one, also the same issue using meteor shell on the server directly: some web hosts don’t allow SSH access. For example, NodeChef doesn’t allow SSH access. Dang it NodeChef.

trusktr · March 25, 2025, 6:59pm

That’s cool, it shows how the server can accept a JS string via a method. How does the person on the other side send the JS? Let’s say they are in a terminal ready to send a JS string. What do they type into the terminal?

EDIT: Oh this would be with Meteor.call() in devtools while logged into the client.

Seems like this would be a nice addition to accounts-base or a package depending on accounts-base, such that once a set of emails are specified in a config option, those users can send JS commands when they are logged in.

And then meteor shell could have a terminal client for logging into a site and sending commands via the same methods.

DanielDornhardt · March 26, 2025, 3:03pm

Hi! Thank you!

Actually this is something really silly and it’s very easy to shoot yourself in the foot with, so authentication really is the key factor here.

It was really just a quick hack at the time to get some information / set some settings in the live system I think I recall.

And it’s one of this things which are nice to keep in your back pocket for emergencies. But I don’t know how well it would work as a proper tool.

I don’t know enough about how standard shells are put together in general… but yeah, it is a cool thing and i’m surprised this isn’t a thing… it could be a generic node thing as well, no? Maybe someone can do an npm package + a browser plugin or something like that…

…(or maybe someone did and it’s just very hard to google )

grubba · March 31, 2025, 7:02pm

This is very cool!!!

I had a PoC once on creating meteor methods on demand, which was very similar; I remember adding a way to share the last context.

So you could define variables and call them later on to debug