How hard would it be to patch proxy device to make local port available to remote container?
Right now proxy, when added from remote LXD client, still operates on LXD host ports. This config, unfortunately, makes 127.0.0.1:3333 from the host available to the container, not 127.0.0.1:3333 from the local machine running client:
$ lxc config device add IPython remoteshared proxy listen=tcp:127.0.0.1:3333 \
connect=tcp:127.0.0.1:3333 bind=host
$ lxc config device show IPython
remoteshared:
bind: host
connect: tcp:127.0.0.1:3333
listen: tcp:127.0.0.1:3333
type: proxy
As a result, I can not use my local services if LXD container is remote. I share my project folder by NFS, sign keys over socket, authenticate git etc.
I am thinking that either new bind=remote or new device like tunnel could reuse already encrypted LXD connection to forward ports.