This action creates a WireGuard tunnel between a GitHub Actions runner and a peer under your control to allow direct SSH access to the runner. This enables interactive sessions to allow for deeper debugging and testing.
- uses: omahn/[email protected]
with:
# Required. IP address of your WireGuard peer/endpoint. Must be publicly reachable.
peer_ip: ''
# Required. SSH public key as a string.
ssh_public_key: ''
# Port of WireGuard peer.
peer_port: '51820'
# Private IP of GitHub WireGuard peer.
github_ip: '192.168.192.1'
# Seconds to wait for SSH connection.
ssh_connection_timeout: '300'
# Seconds to timeout SSH session.
session_timeout: 3600The action will install and configure WireGuard before enabling SSH access. The action output includes the peer configuration to use locally. Copy to /etc/wireguard/github.conf and use sudo wg-quick up github (or equivalent) to bring up the tunnel. Logins will then be possible to the ${github_ip} as the runner username using the SSH key associated with the specified SSH public key provided in the configuration.
WireGuard SSH is not certified by GitHub. It is provided by a third-party and is governed by separate terms of service, privacy policy, and support documentation.