Source Update
This commit is contained in:
parent
19b4325920
commit
9de267de43
24
src/base.sh
Normal file
24
src/base.sh
Normal file
@ -0,0 +1,24 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
if [ ! "$BASH_VERSION" ] ; then
|
||||||
|
bash $0 $1 $2 $3 $4 $5 $6 $7 $8 $9
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
wiRed=$(tput setaf 196)
|
||||||
|
wiGreen=$(tput setaf 46)
|
||||||
|
wiYellow=$(tput setaf 226)
|
||||||
|
wiBlue=$(tput setaf 21)
|
||||||
|
wiPurple=$(tput setaf 165)
|
||||||
|
wiTurquoise=$(tput setaf 14)
|
||||||
|
wiPink=$(tput setaf 198)
|
||||||
|
wiOrange=$(tput setaf 202)
|
||||||
|
wiUnderline=$(tput smul)
|
||||||
|
wiBold=$(tput bold)
|
||||||
|
wiNormal=$(tput sgr0)
|
||||||
|
|
||||||
|
{{ CODES }}
|
||||||
|
|
||||||
|
wi-start
|
||||||
|
wi-init $1 $2
|
||||||
|
wi-stop
|
46
src/functions/init.sh
Normal file
46
src/functions/init.sh
Normal file
@ -0,0 +1,46 @@
|
|||||||
|
wi-init(){
|
||||||
|
wi-login $1 $2
|
||||||
|
|
||||||
|
echo " >> Init << "
|
||||||
|
echo "------------------------------"
|
||||||
|
|
||||||
|
mkdir -p ~/.ssh &> /dev/null
|
||||||
|
|
||||||
|
apt-get install -y python3-pip python3-venv jq git curl &> /dev/null
|
||||||
|
python3 -m venv /opt/ansible &> /dev/null
|
||||||
|
/opt/ansible/bin/pip3 install ansible hvac netaddr jmespath pexpect &> /dev/null
|
||||||
|
|
||||||
|
curl \
|
||||||
|
-H "X-Vault-Token: $VAULT_TOKEN" \
|
||||||
|
-X GET \
|
||||||
|
https://$VAULT_DOMAIN/v1/init.sh/data/ssh -s | jq -r '.data.data.privkey' > ~/.ssh/init
|
||||||
|
|
||||||
|
chmod 700 ~/.ssh/init
|
||||||
|
|
||||||
|
mkdir -p ~/.ansible > /dev/null
|
||||||
|
|
||||||
|
if [ ! -f ~/.ansible/vars.yml ]
|
||||||
|
then
|
||||||
|
openssl rand -base64 64 | tr -d '\n' | head -c 64 > ~/.ansible/vault.yml
|
||||||
|
|
||||||
|
ANSIBLE_VAULT_SECRET=$(<~/.ansible/vault.yml)
|
||||||
|
|
||||||
|
echo "---" > ~/.ansible/vars.yml
|
||||||
|
echo "hostname: $HOSTNAME" >> ~/.ansible/vars.yml
|
||||||
|
echo "folder: /$FOLDER/" >> ~/.ansible/vars.yml
|
||||||
|
echo "vault:" >> ~/.ansible/vars.yml
|
||||||
|
echo " ansible:" >> ~/.ansible/vars.yml
|
||||||
|
echo " secret: $ANSIBLE_VAULT_SECRET" >> ~/.ansible/vars.yml
|
||||||
|
echo " hashicorp:" >> ~/.ansible/vars.yml
|
||||||
|
echo " domain: $VAULT_DOMAIN" >> ~/.ansible/vars.yml
|
||||||
|
|
||||||
|
/opt/ansible/bin/ansible-vault encrypt --vault-password-file ~/.ansible/vault.yml ~/.ansible/vars.yml > /dev/null
|
||||||
|
fi
|
||||||
|
|
||||||
|
ssh-keyscan -p $GIT_PORT $GIT_DOMAIN &> ~/.ssh/known_hosts
|
||||||
|
|
||||||
|
/opt/ansible/bin/ansible-pull -U ssh://git@$GIT_DOMAIN:$GIT_PORT/$GIT_REPOSITORY --vault-password-file ~/.ansible/vault.yml --private-key ~/.ssh/init playbooks/init.yml -t init
|
||||||
|
|
||||||
|
|
||||||
|
unset HVT
|
||||||
|
}
|
145
src/functions/login.sh
Normal file
145
src/functions/login.sh
Normal file
@ -0,0 +1,145 @@
|
|||||||
|
wi-login(){
|
||||||
|
echo -n "$wiItalic"
|
||||||
|
echo " >> Login << "
|
||||||
|
echo -n "$wiNormal";
|
||||||
|
echo "------------------------------"
|
||||||
|
|
||||||
|
ORG=$1
|
||||||
|
|
||||||
|
if [[ -z "$HOSTNAME" || ${#HOSTNAME} -lt 5 ]]
|
||||||
|
then
|
||||||
|
wi-stop
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [[ $(hostname -d) == "devices.waren.io" ]]
|
||||||
|
then
|
||||||
|
ORG=warengroup
|
||||||
|
elif [[ $(hostname -d) == "devices.cwinfo.net" || $(hostname -d) == "fr1.servers.devices.cwinfo.net" ]]
|
||||||
|
then
|
||||||
|
ORG=cwinfo
|
||||||
|
elif [[ $(hostname -d) == "devices.christerwaren.fi" ]]
|
||||||
|
then
|
||||||
|
ORG=cwchristerw
|
||||||
|
elif [[ -z $ORG ]]
|
||||||
|
then
|
||||||
|
echo -n "Status: Organization Required"
|
||||||
|
|
||||||
|
wi-stop
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [[ $ORG == "warengroup" ]]
|
||||||
|
then
|
||||||
|
DOMAIN=waren.io
|
||||||
|
elif [[ $ORG == "cwinfo" ]]
|
||||||
|
then
|
||||||
|
DOMAIN=cwinfo.net
|
||||||
|
elif [[ $ORG == "cwchristerw" ]]
|
||||||
|
then
|
||||||
|
DOMAIN=christerwaren.fi
|
||||||
|
else
|
||||||
|
echo -n "Status: Organization Unsupported"
|
||||||
|
|
||||||
|
wi-stop
|
||||||
|
fi
|
||||||
|
|
||||||
|
FOLDER=$ORG
|
||||||
|
DEVICE_DOMAIN="devices.$DOMAIN"
|
||||||
|
IDM_DOMAIN="idm.cwinfo.net"
|
||||||
|
VAULT_DOMAIN="vault.cwinfo.net"
|
||||||
|
GIT_DOMAIN="git.cwinfo.net"
|
||||||
|
GIT_PORT=2222
|
||||||
|
GIT_REPOSITORY="warengroup-private/infra-plus"
|
||||||
|
|
||||||
|
if [[ $(hostname -d) ]]
|
||||||
|
then
|
||||||
|
HOSTNAME=$(hostname --fqdn)
|
||||||
|
elif [[ -z $(hostname -d) ]] && [[ ! -z $2 ]]
|
||||||
|
then
|
||||||
|
HOSTNAME="$2.$DEVICE_DOMAIN"
|
||||||
|
else
|
||||||
|
echo -n "Status: Hostname Required"
|
||||||
|
wi-stop
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [[ -z $USER || $USER == "root" || $USER == "local" ]]
|
||||||
|
then
|
||||||
|
if [[ -z $SUDO_USER ]]
|
||||||
|
then
|
||||||
|
if [[ -z LOGNAME ]]
|
||||||
|
then
|
||||||
|
echo -n "Status: Username Required"
|
||||||
|
wi-stop
|
||||||
|
else
|
||||||
|
USER=$LOGNAME
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
USER=$SUDO_USER
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/sys/health)
|
||||||
|
if [[ $VAULT_STATUS -eq 200 ]]
|
||||||
|
then
|
||||||
|
IDM_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$IDM_DOMAIN)
|
||||||
|
if [[ $IDM_STATUS -eq 301 ]]
|
||||||
|
then
|
||||||
|
echo $wiBold$ORG$wiNormal
|
||||||
|
|
||||||
|
if [[ -z $USER || $USER == "root" || $USER == "local" ]]
|
||||||
|
then
|
||||||
|
echo -n "Username: "
|
||||||
|
read USERNAME
|
||||||
|
else
|
||||||
|
echo "Username: $USER"
|
||||||
|
USERNAME=$USER
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo -n "Password: "
|
||||||
|
read -s PASSWORD
|
||||||
|
echo "****************"
|
||||||
|
|
||||||
|
if [[ -z $USERNAME || -z $PASSWORD ]]
|
||||||
|
then
|
||||||
|
echo -n "Status: Username & Password Required"
|
||||||
|
wi-stop
|
||||||
|
else
|
||||||
|
VAULT_LOGIN=$(curl https://$VAULT_DOMAIN/v1/auth/ldap/login/$USERNAME -X POST -d '{ "password": "'$PASSWORD'" }' -s | jq -r '.auth.client_token')
|
||||||
|
if [[ -z $VAULT_LOGIN || ${#VAULT_LOGIN} -lt 95 || ${#VAULT_LOGIN} -gt 95 ]]
|
||||||
|
then
|
||||||
|
echo -n "Status: Login Failed"
|
||||||
|
wi-stop
|
||||||
|
fi
|
||||||
|
|
||||||
|
HVT=$VAULT_LOGIN
|
||||||
|
wi-start
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
echo $wiBold$ORG$wiNormal
|
||||||
|
|
||||||
|
echo -n "Token: "
|
||||||
|
read -s TOKEN
|
||||||
|
echo "****************"
|
||||||
|
|
||||||
|
if [[ -z $TOKEN || ${#TOKEN} -lt 95 || ${#TOKEN} -gt 95 ]]
|
||||||
|
then
|
||||||
|
echo -n "Status: Vault Token Required"
|
||||||
|
wi-stop
|
||||||
|
fi
|
||||||
|
|
||||||
|
VAULT_LOGIN=$(curl https://$VAULT_DOMAIN/v1/auth/token/renew -X POST --header "X-Vault-Token: $TOKEN" -d '{ "token": "'$TOKEN'" }' -s | jq -r '.auth.client_token')
|
||||||
|
if [[ -z $VAULT_LOGIN || ${#VAULT_LOGIN} -lt 95 || ${#VAULT_LOGIN} -gt 95 ]]
|
||||||
|
then
|
||||||
|
echo -n "Status: Login Failed"
|
||||||
|
wi-stop
|
||||||
|
fi
|
||||||
|
|
||||||
|
HVT=$VAULT_LOGIN
|
||||||
|
wi-start
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
echo $wiBold$ORG$wiNormal
|
||||||
|
|
||||||
|
echo -n "Status: Vault Offline"
|
||||||
|
wi-stop
|
||||||
|
fi
|
||||||
|
}
|
11
src/functions/start.sh
Normal file
11
src/functions/start.sh
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
wi-start(){
|
||||||
|
echo ""
|
||||||
|
echo ""
|
||||||
|
echo ""
|
||||||
|
echo "=============================="
|
||||||
|
echo -n "$wiBold"
|
||||||
|
echo " Warén Group "
|
||||||
|
echo " Init.sh "
|
||||||
|
echo -n "$wiNormal"
|
||||||
|
echo "=============================="
|
||||||
|
}
|
7
src/functions/stop.sh
Normal file
7
src/functions/stop.sh
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
wi-stop (){
|
||||||
|
echo "=============================="
|
||||||
|
echo " "
|
||||||
|
echo " "
|
||||||
|
echo " "
|
||||||
|
exit 1
|
||||||
|
}
|
Loading…
Reference in New Issue
Block a user