Currently peer to peer communication seems to be possible only over tor (requiring root privileges to setup). It would be great to have an alternative connection method that can easily be used as an unprivileged user as well.
Magic-wormhole has an experimental feature called "dilation" (https://magic-wormhole.readthedocs.io/en/latest/api.html#dilation) which can be used to open a direct bidirectional TCP connection between two systems only using the usual magic-wormhole codes (which can be generated once and re-used, so essentially like a pre-shared key stored on each side).
There is a project called fowl (https://github.com/meejah/fowl) that uses this feature to port-forward over such a tunnel, which could be used for this purpose or serve as a reference for how to use this feature in git-annex. This implementation has some issues, but I think the approach has potential.
It would be great if git annex remotedaemon
(I suppose? I am not too well-versed on the internals) could optionally be configured to establish such a tunnel to remotes and use it for communication. Or maybe this is already possible to implement from outside of git-annex and I just need a hint on how to do that?
autossh
for persistence, maybe that can help you? Although I guess for forwarding to a privileged port 22 you would still need root privileges, meh...Forwarding to port 22 shouldn't require root, e.g. the mentioned fowl tunnel could also be used to tunnel a local port to a remote ssh server on port 22. You just cannot listen on a local privileged port, but that shouldn't be a problem.
There are a bunch of "tunnelers" like serveo, e.g. ngrok and zrok, but the disadvantage of that is that it still requires a running ssh server.
My imagined use-case would be something like two phones or laptops behind NAT without tor or a ssh daemon. I think with magic-wormhole's dilation feature it would be possible to make it so that you could run
git annex remotedaemon
orgit annex assistant
on one or both devices (after pairing) and have them communicate without any further setup required.Since magic-wormhole is already used for pairing it wouldn't even be a new dependency.
Maybe this is already implementable from outside git-annex as a custom git-remote though, I'd have to take a look at what git-remote-tor-annex is really doing...
generic p2p socket transport is discussing adding something that could perhaps be used to implement this.