Compare commits
32 Commits
605366d786
...
develop
| Author | SHA1 | Date | |
|---|---|---|---|
|
9d8e3d0cff | ||
|
|
a69fb755f9 | ||
|
|
73d9e77ee0 | ||
|
|
a9e9902d6e | ||
|
|
373f010215 | ||
|
|
89dd3b084b | ||
|
|
bb9fdcd013 | ||
|
|
2e6d165baf | ||
|
|
17cb8fe954 | ||
|
|
ff4bebdc53 | ||
|
|
d9a7864199 | ||
|
|
03bba2ba7f | ||
|
|
e75b95abac | ||
|
|
73025e14d8 | ||
|
|
0cdc32a743 | ||
|
|
196a4ef2eb | ||
|
|
2220092a87 | ||
|
|
746ae8ebf4 | ||
|
|
944e9f020c | ||
|
|
eb5f7980de | ||
|
|
4111068772 | ||
|
|
b383c1ddd0 | ||
|
|
280928e133 | ||
|
|
5e3d337b2c | ||
|
|
28f807fb44 | ||
|
|
b236fdb65b | ||
|
|
e0e25ef1ac | ||
|
|
206bbbad1c | ||
|
|
0ca9ad28dc | ||
|
|
04699cccce | ||
|
|
3488bb794d | ||
|
|
6e11dc8e8e |
2
LICENSE
2
LICENSE
@@ -1,6 +1,6 @@
|
||||
MIT License
|
||||
|
||||
Copyright (c) 2023-2024 Warén Group
|
||||
Copyright (c) 2023-2025 Warén Group
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
of this software and associated documentation files (the "Software"), to deal
|
||||
|
||||
11
README.md
11
README.md
@@ -1,10 +1,13 @@
|
||||
# Warén Group - Init.sh
|
||||
|
||||
## Run Command
|
||||
## Linux - Run Command
|
||||
```
|
||||
curl https://waren.io/init.sh -o init.sh
|
||||
chmod +x init.sh
|
||||
./init.sh
|
||||
bash <(https://waren.io/init.sh)
|
||||
```
|
||||
|
||||
## Windows - Run Command
|
||||
```
|
||||
curl.exe https://waren.io/init.ps1 | powershell -
|
||||
```
|
||||
|
||||
## Maintaining Command
|
||||
|
||||
33
init.ps1
Normal file
33
init.ps1
Normal file
@@ -0,0 +1,33 @@
|
||||
echo ""
|
||||
echo ""
|
||||
echo ""
|
||||
echo "=============================="
|
||||
echo ""
|
||||
echo "Waren Init"
|
||||
echo ""
|
||||
echo "=============================="
|
||||
echo ""
|
||||
echo ""
|
||||
echo "Generating SSH Key"
|
||||
New-Item -ItemType Directory -Path "$Env:USERPROFILE\.ssh\keys" -Force
|
||||
ssh-keygen -f "$Env:USERPROFILE\.ssh\keys\infra" -t ed25519 -C "$Env:USERDOMAIN"
|
||||
echo ""
|
||||
echo ""
|
||||
echo "Copy SSH Key"
|
||||
Get-Content "$Env:USERPROFILE\.ssh\keys\infra.pub"
|
||||
echo ""
|
||||
echo ""
|
||||
echo "Install OpenSSH Server"
|
||||
Add-WindowsCapability -Online -Name OpenSSH.Server
|
||||
echo ""
|
||||
echo ""
|
||||
echo "Enable OpenSSH Server"
|
||||
Set-Service -Name sshd -StartupType 'Automatic'
|
||||
echo ""
|
||||
echo ""
|
||||
echo "Start OpenSSH Server"
|
||||
Start-Service -Name sshd
|
||||
echo ""
|
||||
echo ""
|
||||
echo "Install Debian"
|
||||
wsl --install Debian
|
||||
147
init.sh
147
init.sh
@@ -1,7 +1,15 @@
|
||||
#!/bin/bash
|
||||
|
||||
if [ ! "$BASH_VERSION" ] ; then
|
||||
bash $0 $1 $2 $3 $4 $5 $6 $7 $8 $9
|
||||
sudo curl https://waren.io/init.sh -o "$PWD/init.sh"
|
||||
sudo bash "$PWD/init.sh" $1 $2 $3 $4 $5 $6 $7 $8 $9
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [[ $USER != "root" ]]
|
||||
then
|
||||
sudo curl https://waren.io/init.sh -o "$PWD/init.sh"
|
||||
sudo bash "$PWD/init.sh" $1 $2 $3 $4 $5 $6 $7 $8 $9
|
||||
exit 1
|
||||
fi
|
||||
|
||||
@@ -65,14 +73,43 @@ wx-header(){
|
||||
}
|
||||
|
||||
wi-init(){
|
||||
wi-login $1 $2
|
||||
wi-login $1
|
||||
wi-header "Init"
|
||||
|
||||
if [[ ! -z $2 && ${#2} -gt 5 ]]
|
||||
then
|
||||
HOSTNAME="$2.$DEVICE_DOMAIN"
|
||||
elif [[ $(hostname -d) ]]
|
||||
then
|
||||
HOSTNAME=$(hostname --fqdn)
|
||||
else
|
||||
echo "Status: Hostname Required"
|
||||
wx-stop
|
||||
fi
|
||||
|
||||
if [[ ! -z $3 ]]
|
||||
then
|
||||
if [[ $3 == "server" || $3 == "workstation" ]]
|
||||
then
|
||||
TYPE="$3"
|
||||
else
|
||||
echo "Status: Type Invalid"
|
||||
wx-stop
|
||||
fi
|
||||
else
|
||||
echo "Status: Type Required"
|
||||
wx-stop
|
||||
fi
|
||||
|
||||
mkdir -p ~/.ssh/keys &> /dev/null
|
||||
|
||||
apt-get install -y python3-pip python3-venv jq git curl &> /dev/null
|
||||
apt-get update &> /dev/null
|
||||
apt-get install -y python3-pip python3-venv jq git curl lsb-release &> /dev/null
|
||||
dnf install -y epel-release &> /dev/null
|
||||
dnf install -y python3-pip jq git curl lsb_release &> /dev/null
|
||||
python3 -m venv /opt/ansible &> /dev/null
|
||||
/opt/ansible/bin/pip3 install ansible hvac netaddr jmespath pexpect &> /dev/null
|
||||
/opt/ansible/bin/pip3 install ansible &> /dev/null
|
||||
/opt/ansible/bin/pip3 install cryptography dnspython hvac jmespath netaddr pexpect xmltodict &> /dev/null
|
||||
|
||||
curl \
|
||||
-H "X-Vault-Token: ${config["login",$ORG]}" \
|
||||
@@ -85,46 +122,35 @@ wi-init(){
|
||||
|
||||
if [ ! -f ~/.ansible/vars.yml ]
|
||||
then
|
||||
openssl rand -base64 64 | tr -d '\n' | head -c 64 > ~/.ansible/vault.yml
|
||||
|
||||
ANSIBLE_VAULT_SECRET=$(<~/.ansible/vault.yml)
|
||||
|
||||
echo "---" > ~/.ansible/vars.yml
|
||||
echo "hostname: $HOSTNAME" >> ~/.ansible/vars.yml
|
||||
echo "folder: /$FOLDER/" >> ~/.ansible/vars.yml
|
||||
echo "vault:" >> ~/.ansible/vars.yml
|
||||
echo " ansible:" >> ~/.ansible/vars.yml
|
||||
echo " secret: $ANSIBLE_VAULT_SECRET" >> ~/.ansible/vars.yml
|
||||
echo " hashicorp:" >> ~/.ansible/vars.yml
|
||||
echo "info:" >> ~/.ansible/vars.yml
|
||||
echo " type: $TYPE" >> ~/.ansible/vars.yml
|
||||
echo "config:" >> ~/.ansible/vars.yml
|
||||
echo " identity:" >> ~/.ansible/vars.yml
|
||||
echo " vault:" >> ~/.ansible/vars.yml
|
||||
echo " domain: $VAULT_DOMAIN" >> ~/.ansible/vars.yml
|
||||
|
||||
/opt/ansible/bin/ansible-vault encrypt --vault-password-file ~/.ansible/vault.yml ~/.ansible/vars.yml > /dev/null
|
||||
fi
|
||||
|
||||
GIT_DOMAIN="git.cwinfo.net"
|
||||
GIT_DOMAIN="git.waren.io"
|
||||
GIT_PORT="2222"
|
||||
GIT_REPOSITORY="warengroup-private/infra-plus"
|
||||
|
||||
export HVT=${config["login",$ORG]}
|
||||
|
||||
/opt/ansible/bin/ansible-galaxy collection install ansible.posix ansible.utils community.crypto community.docker community.general community.hashi_vault community.libvirt community.mysql community.postgresql containers.podman --upgrade &> /dev/null
|
||||
/opt/ansible/bin/ansible-galaxy collection install ansible.posix ansible.utils ansible.windows community.crypto community.dns community.docker community.general community.grafana community.hashi_vault community.libvirt community.mongodb community.mysql community.postgresql community.windows containers.podman --upgrade &> /dev/null
|
||||
|
||||
/opt/ansible/bin/ansible-pull -U ssh://git@$GIT_DOMAIN:$GIT_PORT/$GIT_REPOSITORY --accept-host-key --vault-password-file ~/.ansible/vault.yml --private-key ~/.ssh/keys/init playbooks/init.yml -t init
|
||||
/opt/ansible/bin/ansible-pull -U ssh://git@$GIT_DOMAIN:$GIT_PORT/$GIT_REPOSITORY -d ~/.ansible/pull/infra --accept-host-key --private-key ~/.ssh/keys/init --extra-vars @~/.ansible/vars.yml playbooks/init.yml -t init
|
||||
|
||||
unset HVT
|
||||
}
|
||||
|
||||
wx-login(){
|
||||
if [[ -z "$HOSTNAME" || ${#HOSTNAME} -lt 5 ]]
|
||||
then
|
||||
wx-header "Login"
|
||||
echo "Status: Hostname Required"
|
||||
wx-stop
|
||||
fi
|
||||
|
||||
if [[ ! -z $1 ]]
|
||||
then
|
||||
ORG=$1
|
||||
jq '.org = "'$ORG'"' $HOME/.warengroup/config.json 1> $HOME/.warengroup/config.json.tmp
|
||||
mv $HOME/.warengroup/config.json.tmp $HOME/.warengroup/config.json &> /dev/null
|
||||
elif [[ $(hostname -d) = *"devices.waren.io" ]]
|
||||
then
|
||||
ORG=warengroup
|
||||
@@ -134,6 +160,9 @@ wx-login(){
|
||||
elif [[ $(hostname -d) = *"devices.christerwaren.fi" ]]
|
||||
then
|
||||
ORG=cwchristerw
|
||||
elif [[ $USER != "root" && $USER != "local" && -f "$HOME/.warengroup/config.json" && $(cat $HOME/.warengroup/config.json | jq -r .org) != "null" ]]
|
||||
then
|
||||
ORG=$(cat $HOME/.warengroup/config.json | jq -r .org)
|
||||
else
|
||||
wx-header "Login"
|
||||
echo "Status: Organization Required"
|
||||
@@ -157,21 +186,9 @@ wx-login(){
|
||||
|
||||
FOLDER=$ORG
|
||||
DEVICE_DOMAIN="devices.$DOMAIN"
|
||||
IDM_DOMAIN="idm.cwinfo.net"
|
||||
IDM_DOMAIN="idm.waren.io"
|
||||
VAULT_DOMAIN="vault.cwinfo.net"
|
||||
|
||||
if [[ ! -z $2 ]]
|
||||
then
|
||||
HOSTNAME="$2.$DEVICE_DOMAIN"
|
||||
elif [[ $(hostname -d) ]]
|
||||
then
|
||||
HOSTNAME=$(hostname --fqdn)
|
||||
else
|
||||
wx-header "Login"
|
||||
echo "Status: Hostname Required"
|
||||
wx-stop
|
||||
fi
|
||||
|
||||
if [[ -z $USER || $USER == "root" || $USER == "local" ]]
|
||||
then
|
||||
if [[ -z $SUDO_USER ]]
|
||||
@@ -195,9 +212,13 @@ wx-login(){
|
||||
if [[ $VAULT_STATUS -eq 200 ]]
|
||||
then
|
||||
|
||||
if [[ $USER != "root" && $USER != "local" && -f "$HOME/.config/warengroup/config.json" ]]
|
||||
if [[ $USER != "root" && $USER != "local" && -f "$HOME/.warengroup/config.json" ]]
|
||||
then
|
||||
TOKEN="$(cat $HOME/.config/warengroup/config.json | jq -r .login.$ORG)"
|
||||
if [[ $(cat $HOME/.warengroup/config.json | jq -r .login.$ORG.username) != "null" ]]
|
||||
then
|
||||
USERNAME="$(cat $HOME/.warengroup/config.json | jq -r .login.$ORG.username)"
|
||||
fi
|
||||
TOKEN="$(cat $HOME/.warengroup/config.json | jq -r .login.$ORG.token)"
|
||||
fi
|
||||
|
||||
VAULT_LOGIN=$(curl https://$VAULT_DOMAIN/v1/auth/token/renew -X POST --header "X-Vault-Token: $TOKEN" -d '{ "token": "'$TOKEN'" }' -s | jq -r '.auth.client_token')
|
||||
@@ -206,8 +227,8 @@ wx-login(){
|
||||
config["login",${ORG}]=$VAULT_LOGIN
|
||||
if [[ $USER != "root" && $USER != "local" ]]
|
||||
then
|
||||
jq '.login.'$ORG' = "'$VAULT_LOGIN'"' $HOME/.config/warengroup/config.json 1> $HOME/.config/warengroup/config.json.tmp
|
||||
mv $HOME/.config/warengroup/config.json.tmp $HOME/.config/warengroup/config.json &> /dev/null
|
||||
jq '.login.'$ORG'.token = "'$VAULT_LOGIN'"' $HOME/.warengroup/config.json 1> $HOME/.warengroup/config.json.tmp
|
||||
mv $HOME/.warengroup/config.json.tmp $HOME/.warengroup/config.json &> /dev/null
|
||||
fi
|
||||
else
|
||||
IDM_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$IDM_DOMAIN)
|
||||
@@ -216,7 +237,7 @@ wx-login(){
|
||||
wx-header "Login"
|
||||
echo $wxBold$ORG$wxNormal
|
||||
|
||||
if [[ -z $USERNAME || $USERNAME == "root" || $USERNAME == "local" ]]
|
||||
if [[ -z $USERNAME || $USERNAME == "root" || $USERNAME == "local" || $USERNAME == "nobody" ]]
|
||||
then
|
||||
echo -n "Username: "
|
||||
read USERNAME
|
||||
@@ -224,6 +245,9 @@ wx-login(){
|
||||
echo "Username: $USERNAME"
|
||||
fi
|
||||
|
||||
jq '.login.'$ORG'.username = "'$USERNAME'"' $HOME/.warengroup/config.json 1> $HOME/.warengroup/config.json.tmp
|
||||
mv $HOME/.warengroup/config.json.tmp $HOME/.warengroup/config.json &> /dev/null
|
||||
|
||||
echo -n "Password: "
|
||||
read -s PASSWORD
|
||||
echo "****************"
|
||||
@@ -244,8 +268,8 @@ wx-login(){
|
||||
|
||||
if [[ $USER != "root" && $USER != "local" ]]
|
||||
then
|
||||
jq '.login.'$ORG' = "'$VAULT_LOGIN'"' $HOME/.config/warengroup/config.json &> $HOME/.config/warengroup/config.json.tmp
|
||||
mv $HOME/.config/warengroup/config.json.tmp $HOME/.config/warengroup/config.json &> /dev/null
|
||||
jq '.login.'$ORG'.token = "'$VAULT_LOGIN'"' $HOME/.warengroup/config.json &> $HOME/.warengroup/config.json.tmp
|
||||
mv $HOME/.warengroup/config.json.tmp $HOME/.warengroup/config.json &> /dev/null
|
||||
fi
|
||||
fi
|
||||
else
|
||||
@@ -273,8 +297,8 @@ wx-login(){
|
||||
|
||||
if [[ $USER != "root" && $USER != "local" ]]
|
||||
then
|
||||
jq '.login.'$ORG' = "'$VAULT_LOGIN'"' $HOME/.config/warengroup/config.json &> $HOME/.config/warengroup/config.json.tmp
|
||||
mv $HOME/.config/warengroup/config.json.tmp $HOME/.config/warengroup/config.json &> /dev/null
|
||||
jq '.login.'$ORG'.token = "'$VAULT_LOGIN'"' $HOME/.warengroup/config.json &> $HOME/.warengroup/config.json.tmp
|
||||
mv $HOME/.warengroup/config.json.tmp $HOME/.warengroup/config.json &> /dev/null
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
@@ -292,18 +316,18 @@ wx-repeat() {
|
||||
printf "%s" "${spaces// /$str}"
|
||||
}
|
||||
|
||||
wi-restricted(){
|
||||
if [[ $USER != "root" && $USER != "local" ]]
|
||||
then
|
||||
sudo $1
|
||||
exit 1
|
||||
fi
|
||||
}
|
||||
|
||||
wi-start(){
|
||||
wi-header "Warén Group" h1
|
||||
wi-header "Warén Init" h1
|
||||
|
||||
apt install -y jq &> /dev/null
|
||||
mkdir -p $HOME/.warengroup &> /dev/null
|
||||
|
||||
if [[ ! -f "$HOME/.warengroup/config.json" || $(jq -e . < $HOME/.warengroup/config.json &>/dev/null; echo $?) -gt 0 ]]
|
||||
then
|
||||
echo '{}' | jq > $HOME/.warengroup/config.json
|
||||
fi
|
||||
|
||||
mkdir -p $HOME/.ssh/keys
|
||||
chmod 700 -R $HOME/.ssh/keys
|
||||
}
|
||||
|
||||
wi-stop (){
|
||||
@@ -317,6 +341,11 @@ wi-stop (){
|
||||
}
|
||||
|
||||
|
||||
wi-restricted "$0 $1 $2"
|
||||
wi-init $1 $2
|
||||
if [[ ! -f /bin/jq ]]
|
||||
then
|
||||
apt update &> /dev/null
|
||||
apt install -y jq &> /dev/null
|
||||
fi
|
||||
|
||||
wi-init $1 $2 $3
|
||||
wi-stop
|
||||
|
||||
19
src/base.sh
19
src/base.sh
@@ -1,7 +1,15 @@
|
||||
#!/bin/bash
|
||||
|
||||
if [ ! "$BASH_VERSION" ] ; then
|
||||
bash $0 $1 $2 $3 $4 $5 $6 $7 $8 $9
|
||||
sudo curl https://waren.io/init.sh -o "$PWD/init.sh"
|
||||
sudo bash "$PWD/init.sh" $1 $2 $3 $4 $5 $6 $7 $8 $9
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [[ $USER != "root" ]]
|
||||
then
|
||||
sudo curl https://waren.io/init.sh -o "$PWD/init.sh"
|
||||
sudo bash "$PWD/init.sh" $1 $2 $3 $4 $5 $6 $7 $8 $9
|
||||
exit 1
|
||||
fi
|
||||
|
||||
@@ -18,6 +26,11 @@ wiNormal=$(tput sgr0)
|
||||
|
||||
{{ CODES }}
|
||||
|
||||
wi-restricted "$0 $1 $2"
|
||||
wi-init $1 $2
|
||||
if [[ ! -f /bin/jq ]]
|
||||
then
|
||||
apt update &> /dev/null
|
||||
apt install -y jq &> /dev/null
|
||||
fi
|
||||
|
||||
wi-init $1 $2 $3
|
||||
wi-stop
|
||||
|
||||
@@ -1,12 +1,41 @@
|
||||
wi-init(){
|
||||
wi-login $1 $2
|
||||
wi-login $1
|
||||
wi-header "Init"
|
||||
|
||||
if [[ ! -z $2 && ${#2} -gt 5 ]]
|
||||
then
|
||||
HOSTNAME="$2.$DEVICE_DOMAIN"
|
||||
elif [[ $(hostname -d) ]]
|
||||
then
|
||||
HOSTNAME=$(hostname --fqdn)
|
||||
else
|
||||
echo "Status: Hostname Required"
|
||||
wx-stop
|
||||
fi
|
||||
|
||||
if [[ ! -z $3 ]]
|
||||
then
|
||||
if [[ $3 == "server" || $3 == "workstation" ]]
|
||||
then
|
||||
TYPE="$3"
|
||||
else
|
||||
echo "Status: Type Invalid"
|
||||
wx-stop
|
||||
fi
|
||||
else
|
||||
echo "Status: Type Required"
|
||||
wx-stop
|
||||
fi
|
||||
|
||||
mkdir -p ~/.ssh/keys &> /dev/null
|
||||
|
||||
apt-get install -y python3-pip python3-venv jq git curl &> /dev/null
|
||||
apt-get update &> /dev/null
|
||||
apt-get install -y python3-pip python3-venv jq git curl lsb-release &> /dev/null
|
||||
dnf install -y epel-release &> /dev/null
|
||||
dnf install -y python3-pip jq git curl lsb_release &> /dev/null
|
||||
python3 -m venv /opt/ansible &> /dev/null
|
||||
/opt/ansible/bin/pip3 install ansible hvac netaddr jmespath pexpect &> /dev/null
|
||||
/opt/ansible/bin/pip3 install ansible &> /dev/null
|
||||
/opt/ansible/bin/pip3 install cryptography dnspython hvac jmespath netaddr pexpect xmltodict &> /dev/null
|
||||
|
||||
curl \
|
||||
-H "X-Vault-Token: ${config["login",$ORG]}" \
|
||||
@@ -19,31 +48,25 @@ wi-init(){
|
||||
|
||||
if [ ! -f ~/.ansible/vars.yml ]
|
||||
then
|
||||
openssl rand -base64 64 | tr -d '\n' | head -c 64 > ~/.ansible/vault.yml
|
||||
|
||||
ANSIBLE_VAULT_SECRET=$(<~/.ansible/vault.yml)
|
||||
|
||||
echo "---" > ~/.ansible/vars.yml
|
||||
echo "hostname: $HOSTNAME" >> ~/.ansible/vars.yml
|
||||
echo "folder: /$FOLDER/" >> ~/.ansible/vars.yml
|
||||
echo "vault:" >> ~/.ansible/vars.yml
|
||||
echo " ansible:" >> ~/.ansible/vars.yml
|
||||
echo " secret: $ANSIBLE_VAULT_SECRET" >> ~/.ansible/vars.yml
|
||||
echo " hashicorp:" >> ~/.ansible/vars.yml
|
||||
echo "info:" >> ~/.ansible/vars.yml
|
||||
echo " type: $TYPE" >> ~/.ansible/vars.yml
|
||||
echo "config:" >> ~/.ansible/vars.yml
|
||||
echo " identity:" >> ~/.ansible/vars.yml
|
||||
echo " vault:" >> ~/.ansible/vars.yml
|
||||
echo " domain: $VAULT_DOMAIN" >> ~/.ansible/vars.yml
|
||||
|
||||
/opt/ansible/bin/ansible-vault encrypt --vault-password-file ~/.ansible/vault.yml ~/.ansible/vars.yml > /dev/null
|
||||
fi
|
||||
|
||||
GIT_DOMAIN="git.cwinfo.net"
|
||||
GIT_DOMAIN="git.waren.io"
|
||||
GIT_PORT="2222"
|
||||
GIT_REPOSITORY="warengroup-private/infra-plus"
|
||||
|
||||
export HVT=${config["login",$ORG]}
|
||||
|
||||
/opt/ansible/bin/ansible-galaxy collection install ansible.posix ansible.utils community.crypto community.docker community.general community.hashi_vault community.libvirt community.mysql community.postgresql containers.podman --upgrade &> /dev/null
|
||||
/opt/ansible/bin/ansible-galaxy collection install ansible.posix ansible.utils ansible.windows community.crypto community.dns community.docker community.general community.grafana community.hashi_vault community.libvirt community.mongodb community.mysql community.postgresql community.windows containers.podman --upgrade &> /dev/null
|
||||
|
||||
/opt/ansible/bin/ansible-pull -U ssh://git@$GIT_DOMAIN:$GIT_PORT/$GIT_REPOSITORY --accept-host-key --vault-password-file ~/.ansible/vault.yml --private-key ~/.ssh/keys/init playbooks/init.yml -t init
|
||||
/opt/ansible/bin/ansible-pull -U ssh://git@$GIT_DOMAIN:$GIT_PORT/$GIT_REPOSITORY -d ~/.ansible/pull/infra --accept-host-key --private-key ~/.ssh/keys/init --extra-vars @~/.ansible/vars.yml playbooks/init.yml -t init
|
||||
|
||||
unset HVT
|
||||
}
|
||||
|
||||
@@ -1,14 +1,9 @@
|
||||
wx-login(){
|
||||
if [[ -z "$HOSTNAME" || ${#HOSTNAME} -lt 5 ]]
|
||||
then
|
||||
wx-header "Login"
|
||||
echo "Status: Hostname Required"
|
||||
wx-stop
|
||||
fi
|
||||
|
||||
if [[ ! -z $1 ]]
|
||||
then
|
||||
ORG=$1
|
||||
jq '.org = "'$ORG'"' $HOME/.warengroup/config.json 1> $HOME/.warengroup/config.json.tmp
|
||||
mv $HOME/.warengroup/config.json.tmp $HOME/.warengroup/config.json &> /dev/null
|
||||
elif [[ $(hostname -d) = *"devices.waren.io" ]]
|
||||
then
|
||||
ORG=warengroup
|
||||
@@ -18,6 +13,9 @@ wx-login(){
|
||||
elif [[ $(hostname -d) = *"devices.christerwaren.fi" ]]
|
||||
then
|
||||
ORG=cwchristerw
|
||||
elif [[ $USER != "root" && $USER != "local" && -f "$HOME/.warengroup/config.json" && $(cat $HOME/.warengroup/config.json | jq -r .org) != "null" ]]
|
||||
then
|
||||
ORG=$(cat $HOME/.warengroup/config.json | jq -r .org)
|
||||
else
|
||||
wx-header "Login"
|
||||
echo "Status: Organization Required"
|
||||
@@ -41,21 +39,9 @@ wx-login(){
|
||||
|
||||
FOLDER=$ORG
|
||||
DEVICE_DOMAIN="devices.$DOMAIN"
|
||||
IDM_DOMAIN="idm.cwinfo.net"
|
||||
IDM_DOMAIN="idm.waren.io"
|
||||
VAULT_DOMAIN="vault.cwinfo.net"
|
||||
|
||||
if [[ ! -z $2 ]]
|
||||
then
|
||||
HOSTNAME="$2.$DEVICE_DOMAIN"
|
||||
elif [[ $(hostname -d) ]]
|
||||
then
|
||||
HOSTNAME=$(hostname --fqdn)
|
||||
else
|
||||
wx-header "Login"
|
||||
echo "Status: Hostname Required"
|
||||
wx-stop
|
||||
fi
|
||||
|
||||
if [[ -z $USER || $USER == "root" || $USER == "local" ]]
|
||||
then
|
||||
if [[ -z $SUDO_USER ]]
|
||||
@@ -79,9 +65,13 @@ wx-login(){
|
||||
if [[ $VAULT_STATUS -eq 200 ]]
|
||||
then
|
||||
|
||||
if [[ $USER != "root" && $USER != "local" && -f "$HOME/.config/warengroup/config.json" ]]
|
||||
if [[ $USER != "root" && $USER != "local" && -f "$HOME/.warengroup/config.json" ]]
|
||||
then
|
||||
TOKEN="$(cat $HOME/.config/warengroup/config.json | jq -r .login.$ORG)"
|
||||
if [[ $(cat $HOME/.warengroup/config.json | jq -r .login.$ORG.username) != "null" ]]
|
||||
then
|
||||
USERNAME="$(cat $HOME/.warengroup/config.json | jq -r .login.$ORG.username)"
|
||||
fi
|
||||
TOKEN="$(cat $HOME/.warengroup/config.json | jq -r .login.$ORG.token)"
|
||||
fi
|
||||
|
||||
VAULT_LOGIN=$(curl https://$VAULT_DOMAIN/v1/auth/token/renew -X POST --header "X-Vault-Token: $TOKEN" -d '{ "token": "'$TOKEN'" }' -s | jq -r '.auth.client_token')
|
||||
@@ -90,8 +80,8 @@ wx-login(){
|
||||
config["login",${ORG}]=$VAULT_LOGIN
|
||||
if [[ $USER != "root" && $USER != "local" ]]
|
||||
then
|
||||
jq '.login.'$ORG' = "'$VAULT_LOGIN'"' $HOME/.config/warengroup/config.json 1> $HOME/.config/warengroup/config.json.tmp
|
||||
mv $HOME/.config/warengroup/config.json.tmp $HOME/.config/warengroup/config.json &> /dev/null
|
||||
jq '.login.'$ORG'.token = "'$VAULT_LOGIN'"' $HOME/.warengroup/config.json 1> $HOME/.warengroup/config.json.tmp
|
||||
mv $HOME/.warengroup/config.json.tmp $HOME/.warengroup/config.json &> /dev/null
|
||||
fi
|
||||
else
|
||||
IDM_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$IDM_DOMAIN)
|
||||
@@ -100,7 +90,7 @@ wx-login(){
|
||||
wx-header "Login"
|
||||
echo $wxBold$ORG$wxNormal
|
||||
|
||||
if [[ -z $USERNAME || $USERNAME == "root" || $USERNAME == "local" ]]
|
||||
if [[ -z $USERNAME || $USERNAME == "root" || $USERNAME == "local" || $USERNAME == "nobody" ]]
|
||||
then
|
||||
echo -n "Username: "
|
||||
read USERNAME
|
||||
@@ -108,6 +98,9 @@ wx-login(){
|
||||
echo "Username: $USERNAME"
|
||||
fi
|
||||
|
||||
jq '.login.'$ORG'.username = "'$USERNAME'"' $HOME/.warengroup/config.json 1> $HOME/.warengroup/config.json.tmp
|
||||
mv $HOME/.warengroup/config.json.tmp $HOME/.warengroup/config.json &> /dev/null
|
||||
|
||||
echo -n "Password: "
|
||||
read -s PASSWORD
|
||||
echo "****************"
|
||||
@@ -128,8 +121,8 @@ wx-login(){
|
||||
|
||||
if [[ $USER != "root" && $USER != "local" ]]
|
||||
then
|
||||
jq '.login.'$ORG' = "'$VAULT_LOGIN'"' $HOME/.config/warengroup/config.json &> $HOME/.config/warengroup/config.json.tmp
|
||||
mv $HOME/.config/warengroup/config.json.tmp $HOME/.config/warengroup/config.json &> /dev/null
|
||||
jq '.login.'$ORG'.token = "'$VAULT_LOGIN'"' $HOME/.warengroup/config.json &> $HOME/.warengroup/config.json.tmp
|
||||
mv $HOME/.warengroup/config.json.tmp $HOME/.warengroup/config.json &> /dev/null
|
||||
fi
|
||||
fi
|
||||
else
|
||||
@@ -157,8 +150,8 @@ wx-login(){
|
||||
|
||||
if [[ $USER != "root" && $USER != "local" ]]
|
||||
then
|
||||
jq '.login.'$ORG' = "'$VAULT_LOGIN'"' $HOME/.config/warengroup/config.json &> $HOME/.config/warengroup/config.json.tmp
|
||||
mv $HOME/.config/warengroup/config.json.tmp $HOME/.config/warengroup/config.json &> /dev/null
|
||||
jq '.login.'$ORG'.token = "'$VAULT_LOGIN'"' $HOME/.warengroup/config.json &> $HOME/.warengroup/config.json.tmp
|
||||
mv $HOME/.warengroup/config.json.tmp $HOME/.warengroup/config.json &> /dev/null
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
|
||||
@@ -1,7 +0,0 @@
|
||||
wi-restricted(){
|
||||
if [[ $USER != "root" && $USER != "local" ]]
|
||||
then
|
||||
sudo $1
|
||||
exit 1
|
||||
fi
|
||||
}
|
||||
@@ -1,5 +1,13 @@
|
||||
wi-start(){
|
||||
wi-header "Warén Group" h1
|
||||
wi-header "Warén Init" h1
|
||||
|
||||
apt install -y jq &> /dev/null
|
||||
mkdir -p $HOME/.warengroup &> /dev/null
|
||||
|
||||
if [[ ! -f "$HOME/.warengroup/config.json" || $(jq -e . < $HOME/.warengroup/config.json &>/dev/null; echo $?) -gt 0 ]]
|
||||
then
|
||||
echo '{}' | jq > $HOME/.warengroup/config.json
|
||||
fi
|
||||
|
||||
mkdir -p $HOME/.ssh/keys
|
||||
chmod 700 -R $HOME/.ssh/keys
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user