Use new Init playbook location

LICENSE

@@ -1,6 +1,6 @@
 MIT License
 
-Copyright (c) 2023-2024 Warén Group
+Copyright (c) 2023-2025 Warén Group
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

README.md

@@ -1,10 +1,13 @@
 # Warén Group - Init.sh
 
-## Run Command
+## Linux - Run Command
 ```
-curl https://waren.io/init.sh -o init.sh
-chmod +x init.sh
-./init.sh
+bash <(https://waren.io/init.sh)
+```
+
+## Windows - Run Command
+```
+curl.exe https://waren.io/init.ps1 | powershell -
 ```
 
 ## Maintaining Command

generator.php

@@ -4,18 +4,25 @@ $base = file_get_contents(__DIR__."/src/base.sh");
 
 
 $dirs = [
-    __DIR__.'/src/functions/*.sh'
+    __DIR__.'/src/functions/*.sh',
+    __DIR__.'/src/ui/*.sh'
 ];
 
 $codes = [];
 
 foreach($dirs as $dir){
     foreach(glob($dir) as $file){
-        $codes[$file] = file_get_contents($file);
+        if(str_contains($dir, "functions")){
+            $codes['functions'][$file] = file_get_contents($file);
+        }
+        if(str_contains($dir, "ui")){
+            $codes['ui'][$file] = file_get_contents($file);
+        }
     }
 }
 
-$code = str_replace("{{ CODES }}", implode("\n", $codes), $base);
+$code = str_replace("{{ FUNCTIONS }}", implode("\n", $codes['functions']), $base);
+$code = str_replace("{{ UI }}", implode("\n", $codes['ui']), $code);
 
 try {
     $file = __DIR__.'/init.sh';

init.ps1

@@ -0,0 +1,33 @@
+echo ""
+echo ""
+echo ""
+echo "=============================="
+echo ""
+echo "Waren Init"
+echo ""
+echo "=============================="
+echo ""
+echo ""
+echo "Generating SSH Key"
+New-Item -ItemType Directory -Path "$Env:USERPROFILE\.ssh\keys" -Force
+ssh-keygen -f "$Env:USERPROFILE\.ssh\keys\infra" -t ed25519 -C "$Env:USERDOMAIN"
+echo ""
+echo ""
+echo "Copy SSH Key"
+Get-Content "$Env:USERPROFILE\.ssh\keys\infra.pub"
+echo ""
+echo ""
+echo "Install OpenSSH Server"
+Add-WindowsCapability -Online -Name OpenSSH.Server
+echo ""
+echo ""
+echo "Enable OpenSSH Server"
+Set-Service -Name sshd -StartupType 'Automatic'
+echo ""
+echo ""
+echo "Start OpenSSH Server"
+Start-Service -Name sshd
+echo ""
+echo ""
+echo "Install Debian"
+wsl --install Debian

init.sh

@@ -1,81 +1,62 @@
 #!/bin/bash
 
-if [ ! "$BASH_VERSION" ] ; then
-    bash $0 $1 $2 $3 $4 $5 $6 $7 $8 $9
-    exit 1
-fi
+#if [ ! "$BASH_VERSION" ] ; then
+#    bash $0 $1 $2 $3 $4 $5 $6 $7 $8 $9
+#    exit 1
+#fi
 
-wiRed=$(tput setaf 196)
-wiGreen=$(tput setaf 46)
-wiYellow=$(tput setaf 226)
-wiBlue=$(tput setaf 21)
-wiPurple=$(tput setaf 165)
-wiTurquoise=$(tput setaf 14)
-wiPink=$(tput setaf 198)
-wiOrange=$(tput setaf 202)
-wiBold=$(tput bold)
-wiNormal=$(tput sgr0)
+declare -Ax args
+declare -Ax config
+declare -Ax messages
 
-wi-header(){
-    wx-header "$1" "$2"
+wxi-config(){
+  echo -n ""
 }
 
-wi-repeat(){
-    wx-repeat "$1" "$2"
-}
+wx-init(){
+    wx-login
+    wxi-header "Init"
 
-wi-login(){
-    wx-login "$1" "$2"
-}
-
-wx-start(){
-    wi-start
-}
-
-wx-stop(){
-    wi-stop
-}
-
-wxBold=$wiBold
-wxNormal=$wiNormal
-
-wx-header(){
-    if [[ $2 == "h1" ]]
+    if [[ ! -z ${args['hostname']} && ${#args['hostname']} -gt 5 ]]
     then
-        echo ""
-        echo ""
-        echo ""
-        echo "=============================="
-        wx-repeat " " $((30/2-${#1}/2))
-        echo -n "$wxBold"
-        echo -n "$1"
-        echo -n "$wxNormal"
-        echo ""
-        echo "=============================="
+        HOSTNAME="${args['hostname']}.devices.$DOMAIN"
+    elif [[ $(hostname -d) ]]
+    then
+        HOSTNAME=$(hostname --fqdn)
+    else
+        wxi-content status "Hostname" "Required"
+        wxi-stop
     fi
 
-    if [[ $2 == "h2" || -z $2 ]]
+    if [[ ! -z ${args['device-type']} ]]
     then
-        wx-start
-        wx-repeat " " $((30/2-6/2-${#1}/2))
-        echo -n ">> $1 <<"
-        echo ""
-        echo "------------------------------"
+        if [[ ${args['device-type']} == "server" ]]
+        then
+            DEVICE_TYPE="Server"
+        elif [[ ${args['device-type']} == "workstation" ]]
+        then
+            DEVICE_TYPE="Workstation"
+        else
+            wxi-content status "Device Type" "Invalid"
+            wxi-stop
+        fi
+    else
+        wxi-content status "Device Type" "Required"
+        wxi-stop
     fi
-}
-
-wi-init(){
-    wi-login $1 $2
-    wi-header "Init"
 
     mkdir -p ~/.ssh/keys &> /dev/null
 
-    apt-get install -y python3-pip python3-venv jq git curl &> /dev/null
+    apt-get update &> /dev/null
+    apt-get install -y python3-pip python3-venv jq git curl lsb-release &> /dev/null
+    dnf install -y epel-release &> /dev/null
+    dnf install -y python3-pip jq git curl lsb_release &> /dev/null
     python3 -m venv /opt/ansible &> /dev/null
-    /opt/ansible/bin/pip3 install ansible hvac netaddr jmespath pexpect &> /dev/null
+    /opt/ansible/bin/pip3 install ansible &> /dev/null
+    /opt/ansible/bin/pip3 install cryptography dnspython hvac jmespath netaddr pexpect xmltodict &> /dev/null
 
     curl \
-        -H "X-Vault-Token: ${config["login",$ORG]}" \
+        -H "X-Vault-Token: $TOKEN" \
         -X GET \
         https://$VAULT_DOMAIN/v1/init.sh/data/ssh -s | jq -r '.data.data.privkey' > ~/.ssh/keys/init
 
@@ -85,238 +66,409 @@ wi-init(){
 
     if [ ! -f ~/.ansible/vars.yml ]
     then
-        openssl rand -base64 64 | tr -d '\n' | head -c 64 > ~/.ansible/vault.yml
-
-        ANSIBLE_VAULT_SECRET=$(<~/.ansible/vault.yml)
-
         echo "---" > ~/.ansible/vars.yml
         echo "hostname: $HOSTNAME" >> ~/.ansible/vars.yml
-        echo "folder: /$FOLDER/" >> ~/.ansible/vars.yml
-        echo "vault:" >> ~/.ansible/vars.yml
-        echo "  ansible:" >> ~/.ansible/vars.yml
-        echo "    secret: $ANSIBLE_VAULT_SECRET" >> ~/.ansible/vars.yml
-        echo "  hashicorp:" >> ~/.ansible/vars.yml
-        echo "    domain: $VAULT_DOMAIN" >> ~/.ansible/vars.yml
-
-        /opt/ansible/bin/ansible-vault encrypt --vault-password-file ~/.ansible/vault.yml ~/.ansible/vars.yml > /dev/null
+        echo "info:" >> ~/.ansible/vars.yml
+        echo "  type: $DEVICE_TYPE" >> ~/.ansible/vars.yml
+        echo "config:" >> ~/.ansible/vars.yml
+        echo "  identity:" >> ~/.ansible/vars.yml
+        echo "    vault:" >> ~/.ansible/vars.yml
+        echo "      domain: $VAULT_DOMAIN" >> ~/.ansible/vars.yml
     fi
 
-    GIT_DOMAIN="git.cwinfo.net"
+    GIT_DOMAIN="git.waren.io"
     GIT_PORT="2222"
     GIT_REPOSITORY="warengroup-private/infra-plus"
 
-    export HVT=${config["login",$ORG]}
+    export HVT=$TOKEN
 
-    /opt/ansible/bin/ansible-galaxy collection install ansible.posix ansible.utils community.crypto community.docker community.general community.hashi_vault community.libvirt community.mysql community.postgresql containers.podman --upgrade &> /dev/null
+    /opt/ansible/bin/ansible-galaxy collection install ansible.posix ansible.utils ansible.windows community.crypto community.dns community.docker community.general community.grafana community.hashi_vault community.libvirt community.mongodb community.mysql community.postgresql community.windows containers.podman --upgrade &> /dev/null
 
-    /opt/ansible/bin/ansible-pull -U ssh://git@$GIT_DOMAIN:$GIT_PORT/$GIT_REPOSITORY --accept-host-key --vault-password-file ~/.ansible/vault.yml --private-key ~/.ssh/keys/init playbooks/init.yml -t init
+    /opt/ansible/bin/ansible-pull -U ssh://git@$GIT_DOMAIN:$GIT_PORT/$GIT_REPOSITORY -d ~/.ansible/pull/infra --accept-host-key --private-key ~/.ssh/keys/init --extra-vars @~/.ansible/vars.yml init.yml -t init
 
     unset HVT
 }
 
 wx-login(){
-    if [[ -z "$HOSTNAME" || ${#HOSTNAME} -lt 5 ]]
-    then
-        wx-header "Login"
-        echo "Status: Hostname Required"
-        wx-stop
-    fi
+  wxi-header "Login"
+  wxi-restricted --user
+  wxi-restricted --org
+  wxi-restricted --vault
 
-    if [[ ! -z $1 ]]
-    then
-        ORG=$1
-    elif [[ $(hostname -d) = *"devices.waren.io" ]]
-    then
-        ORG=warengroup
-    elif [[ $(hostname -d) = *"devices.cwinfo.net" ]]
-    then
-        ORG=cwinfo
-    elif [[ $(hostname -d) = *"devices.christerwaren.fi" ]]
-    then
-        ORG=cwchristerw
-    else
-        wx-header "Login"
-        echo "Status: Organization Required"
-        wx-stop
-    fi
+  wxi-header "$ORG_HEADER" h3
 
-    if [[ $ORG == "warengroup" ]]
-    then
-        DOMAIN=waren.io
-    elif [[ $ORG == "cwinfo" ]]
-    then
-        DOMAIN=cwinfo.net
-    elif [[ $ORG == "cwchristerw" ]]
-    then
-        DOMAIN=christerwaren.fi
-    else
-        wx-header "Login"
-        echo "Status: Organization Unsupported"
-        wx-stop
-    fi
+  if [[ ! -z ${args['auth-method']} ]]
+  then
+    AUTH_METHOD=${args['auth-method']}
+  elif [[ ! -z ${args['token']} ]]
+  then
+    AUTH_METHOD=token
+  elif [[ -f "$HOME/.warengroup/config.json" && $(cat $HOME/.warengroup/config.json | jq -r .login.$ORG.token) != 'null' && $(cat $HOME/.warengroup/config.json | jq -r .login.$ORG.token) != '' ]]
+  then
+    AUTH_METHOD=token
+  elif [[ ! -z ${args['username']} ]]
+  then
+    AUTH_METHOD=ldap
+  else
+    AUTH_METHOD=ldap
+  fi
 
-    FOLDER=$ORG
-    DEVICE_DOMAIN="devices.$DOMAIN"
-    IDM_DOMAIN="idm.cwinfo.net"
-    VAULT_DOMAIN="vault.cwinfo.net"
-
-    if [[ ! -z $2 ]]
-    then
-        HOSTNAME="$2.$DEVICE_DOMAIN"
-    elif [[ $(hostname -d) ]]
-    then
-        HOSTNAME=$(hostname --fqdn)
-    else
-        wx-header "Login"
-        echo "Status: Hostname Required"
-        wx-stop
-    fi
-
-    if [[ -z $USER || $USER == "root" || $USER == "local" ]]
-    then
-        if [[ -z $SUDO_USER ]]
+  if [[ ! -z $AUTH_METHOD ]]
+  then
+    case $AUTH_METHOD in
+      ldap)
+        echo -n "Username: "
+        if [[ ! -z ${args['username']} ]]
         then
-            if [[ -z LOGNAME ]]
-            then
-                wx-header "Login"
-                echo "Status: Username Required"
-                wx-stop
-            else
-                USERNAME=$LOGNAME
-            fi
+          USERNAME=${args['username']}
+          wxi-content text "$USERNAME"
         else
-            USERNAME=$SUDO_USER
+          read USERNAME
         fi
+
+        echo -n "Password: "
+        if [[ ! -z ${args['password']} ]]
+        then
+          PASSWORD=${args['password']}
+        else
+          read -s PASSWORD
+        fi
+
+        if [[ ! -z $PASSWORD ]]
+        then
+          wxi-content text "****************"
+        else
+          wxi-content text ""
+        fi
+
+        if [[ -z $USERNAME || -z $PASSWORD ]]
+        then
+          wxi-content status "Username & Password" "Required"
+          wxi-footer
+          wxi-stop
+        fi
+
+        VAULT_LOGIN=$(curl https://$VAULT_DOMAIN/v1/auth/ldap/login/$USERNAME -X POST -d '{ "password": "'$PASSWORD'" }' -s | jq -r '.auth.client_token')
+        if [[ -z $VAULT_LOGIN || ${#VAULT_LOGIN} -lt 95 || ${#VAULT_LOGIN} -gt 95 ]]
+        then
+          wxi-content status "Login" "Failed"
+          wxi-stop
+        fi
+
+        TOKEN=$VAULT_LOGIN
+        wxi-config login
+        ;;
+      token)
+        echo -n "Token: "
+        if [[ ! -z ${args['token']} ]]
+        then
+          if [[ ${args['token']} != "true" ]]
+          then
+            TOKEN=${args['token']}
+          fi
+        elif [[ -f "$HOME/.warengroup/config.json" && $(cat $HOME/.warengroup/config.json | jq -r .login.$ORG.token) != 'null' && $(cat $HOME/.warengroup/config.json | jq -r .login.$ORG.token) != '' ]]
+        then
+          TOKEN=$(cat $HOME/.warengroup/config.json | jq -r .login.$ORG.token)
+        else
+          read -s TOKEN
+        fi
+
+        if [[ ! -z $TOKEN ]]
+        then
+          wxi-content text "***********************************************************************************************"
+        fi
+
+        if [[ -z $TOKEN ]]
+        then
+          wxi-content status "Token" "Required"
+          wxi-footer
+          wxi-stop
+        fi
+
+        if [[ ${#TOKEN} -lt 95 || ${#TOKEN} -gt 95 ]]
+        then
+          wxi-content status "Token" "Invalid"
+          wxi-footer
+          wxi-stop
+        fi
+
+        VAULT_LOGIN=$(curl https://$VAULT_DOMAIN/v1/auth/token/renew-self -X POST --header "X-Vault-Token: $TOKEN" -d '{ "token": "'$TOKEN'" }' -s | jq -r '.auth.client_token')
+        if [[ -z $VAULT_LOGIN || ${#VAULT_LOGIN} -lt 95 || ${#VAULT_LOGIN} -gt 95 ]]
+        then
+          wxi-content status "Login" "Failed"
+          wxi-stop
+        fi
+
+        TOKEN=$VAULT_LOGIN
+        wxi-config login
+        ;;
+      *)
+        wxi-content status "Login Type" "Unsupported"
+        wxi-footer
+        wxi-stop
+        ;;
+    esac
+  fi
+
+  VAULT_USERNAME=$(curl https://$VAULT_DOMAIN/v1/auth/token/lookup-self -X GET --header "X-Vault-Token: $TOKEN" -s | jq -r '.data.display_name')
+  if [[ -z $VAULT_USERNAME ]]
+  then
+    wxi-content status "Login" "Username Missing"
+    wxi-stop
+  elif [[ $VAULT_USERNAME != ldap* && $VAULT_USERNAME != oidc* ]]
+  then
+    wxi-content status "Login" "Authentication Method Invalid"
+    wxi-stop
+  elif [[ $VAULT_USERNAME == ldap* ]]
+  then
+    USERNAME=${VAULT_USERNAME#ldap-}
+  elif [[ $VAULT_USERNAME == oidc* ]]
+  then
+    USERNAME=${VAULT_USERNAME#oidc-}
+  fi
+
+  wxi-footer
+}
+
+wxi-restricted(){
+  if [[ -z $1 || $1 == "--user" ]]
+  then
+    if [[ $USER != "root" && $USER != "local" ]]
+    then
+      wxi-content status "Command" "Restricted"
+      wxi-content text "It's not permitted to execute this command as $USER."
+      wxi-footer
+      wxi-repeat "\n" 3
+      exit 1
+    fi
+  fi
+
+  if [[ $1 == "--org" ]]
+  then
+    if [[ ! -z ${args['org']} ]]
+    then
+      case ${args['org']} in
+          warengroup)
+              ORG=warengroup
+              ;;
+          cwchristerw)
+              ORG=cwchristerw
+              ;;
+          *)
+              wxi-content status "Organization" "Unsupported"
+              wxi-footer
+              wxi-stop
+              ;;
+      esac
+    elif [[ $(hostname -d) == "devices.waren.io" ]]
+    then
+      ORG=warengroup
+    elif [[ $(hostname -d) == "devices.christerwaren.fi" ]]
+    then
+      ORG=cwchristerw
+    fi
+
+    if [[ ! -z $ORG ]]
+    then
+      case $ORG in
+        warengroup)
+          DOMAIN=waren.io
+          VAULT_DOMAIN=vault.cwinfo.net
+          ORG_HEADER="Warén Group"
+          ;;
+        cwchristerw)
+          DOMAIN=christerwaren.fi
+          VAULT_DOMAIN=vault.cwinfo.net
+          ORG_HEADER="Christer Warén"
+          ;;
+        *)
+          wxi-content status "Organization" "Unsupported"
+          wxi-footer
+          wxi-stop
+          ;;
+      esac
     else
-        USERNAME=$USER
+      wxi-content status "Organization" "Required"
+      wxi-footer
+      wxi-stop
+    fi
+  fi
+
+  if [[ -z $1 || $1 == "--vault" ]]
+  then
+    if [[ -z $VAULT_DOMAIN ]]
+    then
+      wxi-content status "Vault" "Unavailable"
+      wxi-footer
+      wxi-repeat "\n" 3
+      exit 1
     fi
 
     VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/sys/health)
-    if [[ $VAULT_STATUS -eq 200 ]]
+    if [[ ! $VAULT_STATUS -eq 200 ]]
     then
-
-        if [[ $USER != "root" && $USER != "local" && -f "$HOME/.config/warengroup/config.json" ]]
-        then
-            TOKEN="$(cat $HOME/.config/warengroup/config.json | jq -r .login.$ORG)"
-        fi
-
-        VAULT_LOGIN=$(curl https://$VAULT_DOMAIN/v1/auth/token/renew -X POST --header "X-Vault-Token: $TOKEN" -d '{ "token": "'$TOKEN'" }' -s | jq -r '.auth.client_token')
-        if [[ ! -z $VAULT_LOGIN && ${#VAULT_LOGIN} == 95 ]]
-        then
-            config["login",${ORG}]=$VAULT_LOGIN
-            if [[ $USER != "root" && $USER != "local" ]]
-            then
-                jq '.login.'$ORG' = "'$VAULT_LOGIN'"' $HOME/.config/warengroup/config.json 1> $HOME/.config/warengroup/config.json.tmp
-                mv $HOME/.config/warengroup/config.json.tmp $HOME/.config/warengroup/config.json &> /dev/null
-            fi
-        else
-            IDM_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$IDM_DOMAIN)
-            if [[ $IDM_STATUS -eq 301 ]]
-            then
-                wx-header "Login"
-                echo $wxBold$ORG$wxNormal
-
-                if [[ -z $USERNAME || $USERNAME == "root" || $USERNAME == "local" ]]
-                then
-                    echo -n "Username: "
-                    read USERNAME
-                else
-                    echo "Username: $USERNAME"
-                fi
-
-                echo -n "Password: "
-                read -s PASSWORD
-                echo "****************"
-
-                if [[ -z $USERNAME || -z $PASSWORD ]]
-                then
-                    echo "Status: Username & Password Required"
-                    wx-stop
-                else
-                    VAULT_LOGIN=$(curl https://$VAULT_DOMAIN/v1/auth/ldap/login/$USERNAME -X POST -d '{ "password": "'$PASSWORD'" }' -s | jq -r '.auth.client_token')
-                    if [[ -z $VAULT_LOGIN || ${#VAULT_LOGIN} -lt 95 || ${#VAULT_LOGIN} -gt 95 ]]
-                    then
-                        echo "Status: Login Failed"
-                        wx-stop
-                    fi
-
-                    config["login",${ORG}]=$VAULT_LOGIN
-
-                    if [[ $USER != "root" && $USER != "local" ]]
-                    then
-                        jq '.login.'$ORG' = "'$VAULT_LOGIN'"' $HOME/.config/warengroup/config.json &> $HOME/.config/warengroup/config.json.tmp
-                        mv $HOME/.config/warengroup/config.json.tmp $HOME/.config/warengroup/config.json &> /dev/null
-                    fi
-                fi
-            else
-                wx-header "Login"
-                echo $wxBold$ORG$wxNormal
-
-                echo -n "Token: "
-                read -s TOKEN
-                echo "****************"
-
-                if [[ -z $TOKEN || ${#TOKEN} -lt 95 || ${#TOKEN} -gt 95 ]]
-                then
-                    echo "Status: Vault Token Required"
-                    wx-stop
-                fi
-
-                VAULT_LOGIN=$(curl https://$VAULT_DOMAIN/v1/auth/token/renew -X POST --header "X-Vault-Token: $TOKEN" -d '{ "token": "'$TOKEN'" }' -s | jq -r '.auth.client_token')
-                if [[ -z $VAULT_LOGIN || ${#VAULT_LOGIN} -lt 95 || ${#VAULT_LOGIN} -gt 95 ]]
-                then
-                    echo "Status: Login Failed"
-                    wx-stop
-                fi
-
-                config["login",${ORG}]=$VAULT_LOGIN
-
-                if [[ $USER != "root" && $USER != "local" ]]
-                then
-                    jq '.login.'$ORG' = "'$VAULT_LOGIN'"' $HOME/.config/warengroup/config.json &> $HOME/.config/warengroup/config.json.tmp
-                    mv $HOME/.config/warengroup/config.json.tmp $HOME/.config/warengroup/config.json &> /dev/null
-                fi
-            fi
-        fi
-    else
-        wx-header "Login"
-        echo $wxBold$ORG$wxNormal
-        echo "Status: Vault Offline"
-        wx-stop
+      wxi-content status "Vault" "Offline"
+      wxi-footer
+      wxi-repeat "\n" 3
+      exit 1
     fi
+  fi
 }
 
-wx-repeat() {
-    local str=$1 n=$2 spaces
-    printf -v spaces "%*s" $n " "
-    printf "%s" "${spaces// /$str}"
-}
+wxi-start(){
+    wxi-header "Warén Init" h1
 
-wi-restricted(){
-    if [[ $USER != "root" && $USER != "local" ]]
+    mkdir -p $HOME/.warengroup &> /dev/null
+
+    if [[ ! -f "$HOME/.warengroup/config.json" || $(jq -e . < $HOME/.warengroup/config.json &>/dev/null; echo $?) -gt 0 ]]
     then
-        sudo $1
-        exit 1
+        echo '{}' | jq > $HOME/.warengroup/config.json
     fi
+
+    mkdir -p $HOME/.ssh/keys
+    chmod 700 -R $HOME/.ssh/keys
 }
 
-wi-start(){
-    wi-header "Warén Group" h1
-
-    apt install -y jq &> /dev/null
-}
-
-wi-stop (){
-    echo " "
-    echo " "
-    echo " "
-
+wxi-stop (){
     rm -rf /.ssh/keys/init &> /dev/null
 
+    wxi-repeat "\n" 3
     exit 1
 }
 
+wxi-content(){
+  if [[ $1 == "text" ]]
+  then
+    echo "$2"
+  elif [[ $1 == "status" ]]
+  then
+    wxi-repeat "\n" 2
+    echo -n "$wxiBold"
+    echo "Status"
+    echo -n "$wxiNormal"
+    echo "$2 - $3"
+  elif [[ $1 == "link" ]]
+  then
+    echo "$2 - $3"
+  fi
+}
 
-wi-restricted "$0 $1 $2"
-wi-init $1 $2
-wi-stop
+wxi-footer(){
+  echo ""
+  echo "------------------------------"
+  wxi-repeat " " $((30/2-12/2))
+  echo -n "$wxiBold"
+  echo "Warén Group™"
+  echo -n "$wxiNormal"
+  wxi-repeat " " $((30/2-17/2))
+  echo "https://waren.io"
+  echo "=============================="
+}
+
+wxiRed=$(tput setaf 196)
+wxiGreen=$(tput setaf 46)
+wxiYellow=$(tput setaf 226)
+wxiBlue=$(tput setaf 21)
+wxiPurple=$(tput setaf 165)
+wxiTurquoise=$(tput setaf 14)
+wxiPink=$(tput setaf 198)
+wxiOrange=$(tput setaf 202)
+wxiUnderline=$(tput smul)
+wxiBold=$(tput bold)
+wxiNormal=$(tput sgr0)
+
+wxi-header(){
+  if [[ $2 == "h1" ]]
+  then
+    wxi-repeat "\n" 3
+    echo "=============================="
+    wxi-repeat " " $((30/2-${#1}/2))
+    echo -n "$wxiBold"
+    echo "$1"
+    echo -n "$wxiNormal"
+    echo "=============================="
+  fi
+
+  if [[ $2 == "h2" || -z $2 ]]
+  then
+    wxi-start
+    wxi-repeat " " $((30/2-6/2-${#1}/2))
+    echo -n "$wxiBold"
+    echo ">> $1 <<"
+    echo -n "$wxiNormal"
+    echo "------------------------------"
+    echo ""
+  fi
+
+  if [[ $2 == "h3" ]]
+  then
+    echo -n "$wxiBold"
+    echo "$1"
+    echo -n "$wxiNormal"
+  fi
+}
+
+
+wxi-repeat() {
+  if [[ $1 == " " ]]
+  then
+    local str=$1 n=$2 spaces
+    printf -v spaces "%*s" $n " "
+    printf "%s" "${spaces// /$str}"
+  else
+    for i in $(seq 1 $2);
+    do
+        echo -en $1
+    done
+  fi
+}
+
+
+i=1
+while [[ "$1" != "" ]]
+do
+  case $1 in
+    --*)
+      key="${1%%=*}"
+      value="${1#*=}"
+
+      if [[ "$value" == "$key" ]]
+      then
+        shift
+        value="$1"
+      fi
+
+      if [[ -z $value ]]
+      then
+        value=true
+      fi
+
+      args["${key#--}"]="$value"
+      ;;
+    -*)
+      key="${1%=*}"
+      value="${1#*=}"
+
+      if [[ "$value" == "$key" ]]
+      then
+        shift
+        value="$1"
+      fi
+
+      if [[ -z $value ]]
+      then
+        value=true
+      fi
+
+      args["${key#-}"]="$value"
+      ;;
+    *)
+      args["$i"]="${1%%=*}"
+      i=$((i + 1))
+      ;;
+    esac
+    shift
+done
+
+wx-init
+wxi-stop

maintainer.sh

@@ -26,9 +26,8 @@ case $1 in
         ;;
     update)
         echo "Updating..."
-        cp ../wx/src/functions/header.sh src/functions/header.sh
-        cp ../wx/src/functions/repeat.sh src/functions/repeat.sh
-        cp ../wx/src/commands/auth/login.sh src/functions/login.sh
+        cp -r ../wx/src/ui src
+        cp -r ../wx/src/commands/auth/login.sh src/functions/login.sh
         ;;
     ready)
         echo "Ready"

src/base.sh

@@ -1,23 +1,62 @@
 #!/bin/bash
 
-if [ ! "$BASH_VERSION" ] ; then
-    bash $0 $1 $2 $3 $4 $5 $6 $7 $8 $9
-    exit 1
-fi
+#if [ ! "$BASH_VERSION" ] ; then
+#    bash $0 $1 $2 $3 $4 $5 $6 $7 $8 $9
+#    exit 1
+#fi
 
-wiRed=$(tput setaf 196)
-wiGreen=$(tput setaf 46)
-wiYellow=$(tput setaf 226)
-wiBlue=$(tput setaf 21)
-wiPurple=$(tput setaf 165)
-wiTurquoise=$(tput setaf 14)
-wiPink=$(tput setaf 198)
-wiOrange=$(tput setaf 202)
-wiBold=$(tput bold)
-wiNormal=$(tput sgr0)
+declare -Ax args
+declare -Ax config
+declare -Ax messages
 
-{{ CODES }}
+{{ FUNCTIONS }}
+{{ UI }}
 
-wi-restricted "$0 $1 $2"
-wi-init $1 $2
-wi-stop
+i=1
+while [[ "$1" != "" ]]
+do
+  case $1 in
+    --*)
+      key="${1%%=*}"
+      value="${1#*=}"
+
+      if [[ "$value" == "$key" ]]
+      then
+        shift
+        value="$1"
+      fi
+
+      if [[ -z $value ]]
+      then
+        value=true
+      fi
+
+      args["${key#--}"]="$value"
+      ;;
+    -*)
+      key="${1%=*}"
+      value="${1#*=}"
+
+      if [[ "$value" == "$key" ]]
+      then
+        shift
+        value="$1"
+      fi
+
+      if [[ -z $value ]]
+      then
+        value=true
+      fi
+
+      args["${key#-}"]="$value"
+      ;;
+    *)
+      args["$i"]="${1%%=*}"
+      i=$((i + 1))
+      ;;
+    esac
+    shift
+done
+
+wx-init
+wxi-stop

src/functions/compatibility.sh

@@ -1,22 +0,0 @@
-wi-header(){
-    wx-header "$1" "$2"
-}
-
-wi-repeat(){
-    wx-repeat "$1" "$2"
-}
-
-wi-login(){
-    wx-login "$1" "$2"
-}
-
-wx-start(){
-    wi-start
-}
-
-wx-stop(){
-    wi-stop
-}
-
-wxBold=$wiBold
-wxNormal=$wiNormal

src/functions/config.sh

@@ -0,0 +1,3 @@
+wxi-config(){
+  echo -n ""
+}

src/functions/header.sh

@@ -1,24 +0,0 @@
-wx-header(){
-    if [[ $2 == "h1" ]]
-    then
-        echo ""
-        echo ""
-        echo ""
-        echo "=============================="
-        wx-repeat " " $((30/2-${#1}/2))
-        echo -n "$wxBold"
-        echo -n "$1"
-        echo -n "$wxNormal"
-        echo ""
-        echo "=============================="
-    fi
-
-    if [[ $2 == "h2" || -z $2 ]]
-    then
-        wx-start
-        wx-repeat " " $((30/2-6/2-${#1}/2))
-        echo -n ">> $1 <<"
-        echo ""
-        echo "------------------------------"
-    fi
-}

src/functions/init.sh

@@ -1,15 +1,47 @@
-wi-init(){
-    wi-login $1 $2
-    wi-header "Init"
+wx-init(){
+    wx-login
+    wxi-header "Init"
+
+    if [[ ! -z ${args['hostname']} && ${#args['hostname']} -gt 5 ]]
+    then
+        HOSTNAME="${args['hostname']}.devices.$DOMAIN"
+    elif [[ $(hostname -d) ]]
+    then
+        HOSTNAME=$(hostname --fqdn)
+    else
+        wxi-content status "Hostname" "Required"
+        wxi-stop
+    fi
+
+    if [[ ! -z ${args['device-type']} ]]
+    then
+        if [[ ${args['device-type']} == "server" ]]
+        then
+            DEVICE_TYPE="Server"
+        elif [[ ${args['device-type']} == "workstation" ]]
+        then
+            DEVICE_TYPE="Workstation"
+        else
+            wxi-content status "Device Type" "Invalid"
+            wxi-stop
+        fi
+    else
+        wxi-content status "Device Type" "Required"
+        wxi-stop
+    fi
 
     mkdir -p ~/.ssh/keys &> /dev/null
 
-    apt-get install -y python3-pip python3-venv jq git curl &> /dev/null
+    apt-get update &> /dev/null
+    apt-get install -y python3-pip python3-venv jq git curl lsb-release &> /dev/null
+    dnf install -y epel-release &> /dev/null
+    dnf install -y python3-pip jq git curl lsb_release &> /dev/null
     python3 -m venv /opt/ansible &> /dev/null
-    /opt/ansible/bin/pip3 install ansible hvac netaddr jmespath pexpect &> /dev/null
+    /opt/ansible/bin/pip3 install ansible &> /dev/null
+    /opt/ansible/bin/pip3 install cryptography dnspython hvac jmespath netaddr pexpect xmltodict &> /dev/null
 
     curl \
-        -H "X-Vault-Token: ${config["login",$ORG]}" \
+        -H "X-Vault-Token: $TOKEN" \
         -X GET \
         https://$VAULT_DOMAIN/v1/init.sh/data/ssh -s | jq -r '.data.data.privkey' > ~/.ssh/keys/init
 
@@ -19,31 +51,25 @@ wi-init(){
 
     if [ ! -f ~/.ansible/vars.yml ]
     then
-        openssl rand -base64 64 | tr -d '\n' | head -c 64 > ~/.ansible/vault.yml
-
-        ANSIBLE_VAULT_SECRET=$(<~/.ansible/vault.yml)
-
         echo "---" > ~/.ansible/vars.yml
         echo "hostname: $HOSTNAME" >> ~/.ansible/vars.yml
-        echo "folder: /$FOLDER/" >> ~/.ansible/vars.yml
-        echo "vault:" >> ~/.ansible/vars.yml
-        echo "  ansible:" >> ~/.ansible/vars.yml
-        echo "    secret: $ANSIBLE_VAULT_SECRET" >> ~/.ansible/vars.yml
-        echo "  hashicorp:" >> ~/.ansible/vars.yml
-        echo "    domain: $VAULT_DOMAIN" >> ~/.ansible/vars.yml
-
-        /opt/ansible/bin/ansible-vault encrypt --vault-password-file ~/.ansible/vault.yml ~/.ansible/vars.yml > /dev/null
+        echo "info:" >> ~/.ansible/vars.yml
+        echo "  type: $DEVICE_TYPE" >> ~/.ansible/vars.yml
+        echo "config:" >> ~/.ansible/vars.yml
+        echo "  identity:" >> ~/.ansible/vars.yml
+        echo "    vault:" >> ~/.ansible/vars.yml
+        echo "      domain: $VAULT_DOMAIN" >> ~/.ansible/vars.yml
     fi
 
-    GIT_DOMAIN="git.cwinfo.net"
+    GIT_DOMAIN="git.waren.io"
     GIT_PORT="2222"
     GIT_REPOSITORY="warengroup-private/infra-plus"
 
-    export HVT=${config["login",$ORG]}
+    export HVT=$TOKEN
 
-    /opt/ansible/bin/ansible-galaxy collection install ansible.posix ansible.utils community.crypto community.docker community.general community.hashi_vault community.libvirt community.mysql community.postgresql containers.podman --upgrade &> /dev/null
+    /opt/ansible/bin/ansible-galaxy collection install ansible.posix ansible.utils ansible.windows community.crypto community.dns community.docker community.general community.grafana community.hashi_vault community.libvirt community.mongodb community.mysql community.postgresql community.windows containers.podman --upgrade &> /dev/null
 
-    /opt/ansible/bin/ansible-pull -U ssh://git@$GIT_DOMAIN:$GIT_PORT/$GIT_REPOSITORY --accept-host-key --vault-password-file ~/.ansible/vault.yml --private-key ~/.ssh/keys/init playbooks/init.yml -t init
+    /opt/ansible/bin/ansible-pull -U ssh://git@$GIT_DOMAIN:$GIT_PORT/$GIT_REPOSITORY -d ~/.ansible/pull/infra --accept-host-key --private-key ~/.ssh/keys/init --extra-vars @~/.ansible/vars.yml init.yml -t init
 
     unset HVT
 }

src/functions/login.sh

@@ -1,171 +1,140 @@
 wx-login(){
-    if [[ -z "$HOSTNAME" || ${#HOSTNAME} -lt 5 ]]
-    then
-        wx-header "Login"
-        echo "Status: Hostname Required"
-        wx-stop
-    fi
+  wxi-header "Login"
+  wxi-restricted --user
+  wxi-restricted --org
+  wxi-restricted --vault
 
-    if [[ ! -z $1 ]]
-    then
-        ORG=$1
-    elif [[ $(hostname -d) = *"devices.waren.io" ]]
-    then
-        ORG=warengroup
-    elif [[ $(hostname -d) = *"devices.cwinfo.net" ]]
-    then
-        ORG=cwinfo
-    elif [[ $(hostname -d) = *"devices.christerwaren.fi" ]]
-    then
-        ORG=cwchristerw
-    else
-        wx-header "Login"
-        echo "Status: Organization Required"
-        wx-stop
-    fi
+  wxi-header "$ORG_HEADER" h3
 
-    if [[ $ORG == "warengroup" ]]
-    then
-        DOMAIN=waren.io
-    elif [[ $ORG == "cwinfo" ]]
-    then
-        DOMAIN=cwinfo.net
-    elif [[ $ORG == "cwchristerw" ]]
-    then
-        DOMAIN=christerwaren.fi
-    else
-        wx-header "Login"
-        echo "Status: Organization Unsupported"
-        wx-stop
-    fi
+  if [[ ! -z ${args['auth-method']} ]]
+  then
+    AUTH_METHOD=${args['auth-method']}
+  elif [[ ! -z ${args['token']} ]]
+  then
+    AUTH_METHOD=token
+  elif [[ -f "$HOME/.warengroup/config.json" && $(cat $HOME/.warengroup/config.json | jq -r .login.$ORG.token) != 'null' && $(cat $HOME/.warengroup/config.json | jq -r .login.$ORG.token) != '' ]]
+  then
+    AUTH_METHOD=token
+  elif [[ ! -z ${args['username']} ]]
+  then
+    AUTH_METHOD=ldap
+  else
+    AUTH_METHOD=ldap
+  fi
 
-    FOLDER=$ORG
-    DEVICE_DOMAIN="devices.$DOMAIN"
-    IDM_DOMAIN="idm.cwinfo.net"
-    VAULT_DOMAIN="vault.cwinfo.net"
-
-    if [[ ! -z $2 ]]
-    then
-        HOSTNAME="$2.$DEVICE_DOMAIN"
-    elif [[ $(hostname -d) ]]
-    then
-        HOSTNAME=$(hostname --fqdn)
-    else
-        wx-header "Login"
-        echo "Status: Hostname Required"
-        wx-stop
-    fi
-
-    if [[ -z $USER || $USER == "root" || $USER == "local" ]]
-    then
-        if [[ -z $SUDO_USER ]]
+  if [[ ! -z $AUTH_METHOD ]]
+  then
+    case $AUTH_METHOD in
+      ldap)
+        echo -n "Username: "
+        if [[ ! -z ${args['username']} ]]
         then
-            if [[ -z LOGNAME ]]
-            then
-                wx-header "Login"
-                echo "Status: Username Required"
-                wx-stop
-            else
-                USERNAME=$LOGNAME
-            fi
+          USERNAME=${args['username']}
+          wxi-content text "$USERNAME"
         else
-            USERNAME=$SUDO_USER
-        fi
-    else
-        USERNAME=$USER
-    fi
-
-    VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/sys/health)
-    if [[ $VAULT_STATUS -eq 200 ]]
-    then
-
-        if [[ $USER != "root" && $USER != "local" && -f "$HOME/.config/warengroup/config.json" ]]
-        then
-            TOKEN="$(cat $HOME/.config/warengroup/config.json | jq -r .login.$ORG)"
+          read USERNAME
         fi
 
-        VAULT_LOGIN=$(curl https://$VAULT_DOMAIN/v1/auth/token/renew -X POST --header "X-Vault-Token: $TOKEN" -d '{ "token": "'$TOKEN'" }' -s | jq -r '.auth.client_token')
-        if [[ ! -z $VAULT_LOGIN && ${#VAULT_LOGIN} == 95 ]]
+        echo -n "Password: "
+        if [[ ! -z ${args['password']} ]]
         then
-            config["login",${ORG}]=$VAULT_LOGIN
-            if [[ $USER != "root" && $USER != "local" ]]
-            then
-                jq '.login.'$ORG' = "'$VAULT_LOGIN'"' $HOME/.config/warengroup/config.json 1> $HOME/.config/warengroup/config.json.tmp
-                mv $HOME/.config/warengroup/config.json.tmp $HOME/.config/warengroup/config.json &> /dev/null
-            fi
+          PASSWORD=${args['password']}
         else
-            IDM_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$IDM_DOMAIN)
-            if [[ $IDM_STATUS -eq 301 ]]
-            then
-                wx-header "Login"
-                echo $wxBold$ORG$wxNormal
-
-                if [[ -z $USERNAME || $USERNAME == "root" || $USERNAME == "local" ]]
-                then
-                    echo -n "Username: "
-                    read USERNAME
-                else
-                    echo "Username: $USERNAME"
-                fi
-
-                echo -n "Password: "
-                read -s PASSWORD
-                echo "****************"
-
-                if [[ -z $USERNAME || -z $PASSWORD ]]
-                then
-                    echo "Status: Username & Password Required"
-                    wx-stop
-                else
-                    VAULT_LOGIN=$(curl https://$VAULT_DOMAIN/v1/auth/ldap/login/$USERNAME -X POST -d '{ "password": "'$PASSWORD'" }' -s | jq -r '.auth.client_token')
-                    if [[ -z $VAULT_LOGIN || ${#VAULT_LOGIN} -lt 95 || ${#VAULT_LOGIN} -gt 95 ]]
-                    then
-                        echo "Status: Login Failed"
-                        wx-stop
-                    fi
-
-                    config["login",${ORG}]=$VAULT_LOGIN
-
-                    if [[ $USER != "root" && $USER != "local" ]]
-                    then
-                        jq '.login.'$ORG' = "'$VAULT_LOGIN'"' $HOME/.config/warengroup/config.json &> $HOME/.config/warengroup/config.json.tmp
-                        mv $HOME/.config/warengroup/config.json.tmp $HOME/.config/warengroup/config.json &> /dev/null
-                    fi
-                fi
-            else
-                wx-header "Login"
-                echo $wxBold$ORG$wxNormal
-
-                echo -n "Token: "
-                read -s TOKEN
-                echo "****************"
-
-                if [[ -z $TOKEN || ${#TOKEN} -lt 95 || ${#TOKEN} -gt 95 ]]
-                then
-                    echo "Status: Vault Token Required"
-                    wx-stop
-                fi
-
-                VAULT_LOGIN=$(curl https://$VAULT_DOMAIN/v1/auth/token/renew -X POST --header "X-Vault-Token: $TOKEN" -d '{ "token": "'$TOKEN'" }' -s | jq -r '.auth.client_token')
-                if [[ -z $VAULT_LOGIN || ${#VAULT_LOGIN} -lt 95 || ${#VAULT_LOGIN} -gt 95 ]]
-                then
-                    echo "Status: Login Failed"
-                    wx-stop
-                fi
-
-                config["login",${ORG}]=$VAULT_LOGIN
-
-                if [[ $USER != "root" && $USER != "local" ]]
-                then
-                    jq '.login.'$ORG' = "'$VAULT_LOGIN'"' $HOME/.config/warengroup/config.json &> $HOME/.config/warengroup/config.json.tmp
-                    mv $HOME/.config/warengroup/config.json.tmp $HOME/.config/warengroup/config.json &> /dev/null
-                fi
-            fi
+          read -s PASSWORD
         fi
-    else
-        wx-header "Login"
-        echo $wxBold$ORG$wxNormal
-        echo "Status: Vault Offline"
-        wx-stop
-    fi
+
+        if [[ ! -z $PASSWORD ]]
+        then
+          wxi-content text "****************"
+        else
+          wxi-content text ""
+        fi
+
+        if [[ -z $USERNAME || -z $PASSWORD ]]
+        then
+          wxi-content status "Username & Password" "Required"
+          wxi-footer
+          wxi-stop
+        fi
+
+        VAULT_LOGIN=$(curl https://$VAULT_DOMAIN/v1/auth/ldap/login/$USERNAME -X POST -d '{ "password": "'$PASSWORD'" }' -s | jq -r '.auth.client_token')
+        if [[ -z $VAULT_LOGIN || ${#VAULT_LOGIN} -lt 95 || ${#VAULT_LOGIN} -gt 95 ]]
+        then
+          wxi-content status "Login" "Failed"
+          wxi-stop
+        fi
+
+        TOKEN=$VAULT_LOGIN
+        wxi-config login
+        ;;
+      token)
+        echo -n "Token: "
+        if [[ ! -z ${args['token']} ]]
+        then
+          if [[ ${args['token']} != "true" ]]
+          then
+            TOKEN=${args['token']}
+          fi
+        elif [[ -f "$HOME/.warengroup/config.json" && $(cat $HOME/.warengroup/config.json | jq -r .login.$ORG.token) != 'null' && $(cat $HOME/.warengroup/config.json | jq -r .login.$ORG.token) != '' ]]
+        then
+          TOKEN=$(cat $HOME/.warengroup/config.json | jq -r .login.$ORG.token)
+        else
+          read -s TOKEN
+        fi
+
+        if [[ ! -z $TOKEN ]]
+        then
+          wxi-content text "***********************************************************************************************"
+        fi
+
+        if [[ -z $TOKEN ]]
+        then
+          wxi-content status "Token" "Required"
+          wxi-footer
+          wxi-stop
+        fi
+
+        if [[ ${#TOKEN} -lt 95 || ${#TOKEN} -gt 95 ]]
+        then
+          wxi-content status "Token" "Invalid"
+          wxi-footer
+          wxi-stop
+        fi
+
+        VAULT_LOGIN=$(curl https://$VAULT_DOMAIN/v1/auth/token/renew-self -X POST --header "X-Vault-Token: $TOKEN" -d '{ "token": "'$TOKEN'" }' -s | jq -r '.auth.client_token')
+        if [[ -z $VAULT_LOGIN || ${#VAULT_LOGIN} -lt 95 || ${#VAULT_LOGIN} -gt 95 ]]
+        then
+          wxi-content status "Login" "Failed"
+          wxi-stop
+        fi
+
+        TOKEN=$VAULT_LOGIN
+        wxi-config login
+        ;;
+      *)
+        wxi-content status "Login Type" "Unsupported"
+        wxi-footer
+        wxi-stop
+        ;;
+    esac
+  fi
+
+  VAULT_USERNAME=$(curl https://$VAULT_DOMAIN/v1/auth/token/lookup-self -X GET --header "X-Vault-Token: $TOKEN" -s | jq -r '.data.display_name')
+  if [[ -z $VAULT_USERNAME ]]
+  then
+    wxi-content status "Login" "Username Missing"
+    wxi-stop
+  elif [[ $VAULT_USERNAME != ldap* && $VAULT_USERNAME != oidc* ]]
+  then
+    wxi-content status "Login" "Authentication Method Invalid"
+    wxi-stop
+  elif [[ $VAULT_USERNAME == ldap* ]]
+  then
+    USERNAME=${VAULT_USERNAME#ldap-}
+  elif [[ $VAULT_USERNAME == oidc* ]]
+  then
+    USERNAME=${VAULT_USERNAME#oidc-}
+  fi
+
+  wxi-footer
 }

src/functions/repeat.sh

@@ -1,5 +0,0 @@
-wx-repeat() {
-    local str=$1 n=$2 spaces
-    printf -v spaces "%*s" $n " "
-    printf "%s" "${spaces// /$str}"
-}

src/functions/restricted.sh

@@ -1,7 +1,84 @@
-wi-restricted(){
+wxi-restricted(){
+  if [[ -z $1 || $1 == "--user" ]]
+  then
     if [[ $USER != "root" && $USER != "local" ]]
     then
-        sudo $1
-        exit 1
+      wxi-content status "Command" "Restricted"
+      wxi-content text "It's not permitted to execute this command as $USER."
+      wxi-footer
+      wxi-repeat "\n" 3
+      exit 1
     fi
+  fi
+
+  if [[ $1 == "--org" ]]
+  then
+    if [[ ! -z ${args['org']} ]]
+    then
+      case ${args['org']} in
+          warengroup)
+              ORG=warengroup
+              ;;
+          cwchristerw)
+              ORG=cwchristerw
+              ;;
+          *)
+              wxi-content status "Organization" "Unsupported"
+              wxi-footer
+              wxi-stop
+              ;;
+      esac
+    elif [[ $(hostname -d) == "devices.waren.io" ]]
+    then
+      ORG=warengroup
+    elif [[ $(hostname -d) == "devices.christerwaren.fi" ]]
+    then
+      ORG=cwchristerw
+    fi
+
+    if [[ ! -z $ORG ]]
+    then
+      case $ORG in
+        warengroup)
+          DOMAIN=waren.io
+          VAULT_DOMAIN=vault.cwinfo.net
+          ORG_HEADER="Warén Group"
+          ;;
+        cwchristerw)
+          DOMAIN=christerwaren.fi
+          VAULT_DOMAIN=vault.cwinfo.net
+          ORG_HEADER="Christer Warén"
+          ;;
+        *)
+          wxi-content status "Organization" "Unsupported"
+          wxi-footer
+          wxi-stop
+          ;;
+      esac
+    else
+      wxi-content status "Organization" "Required"
+      wxi-footer
+      wxi-stop
+    fi
+  fi
+
+  if [[ -z $1 || $1 == "--vault" ]]
+  then
+    if [[ -z $VAULT_DOMAIN ]]
+    then
+      wxi-content status "Vault" "Unavailable"
+      wxi-footer
+      wxi-repeat "\n" 3
+      exit 1
+    fi
+
+    VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/sys/health)
+    if [[ ! $VAULT_STATUS -eq 200 ]]
+    then
+      wxi-content status "Vault" "Offline"
+      wxi-footer
+      wxi-repeat "\n" 3
+      exit 1
+    fi
+  fi
 }

src/functions/start.sh

@@ -1,5 +1,13 @@
-wi-start(){
-    wi-header "Warén Group" h1
+wxi-start(){
+    wxi-header "Warén Init" h1
 
-    apt install -y jq &> /dev/null
+    mkdir -p $HOME/.warengroup &> /dev/null
+
+    if [[ ! -f "$HOME/.warengroup/config.json" || $(jq -e . < $HOME/.warengroup/config.json &>/dev/null; echo $?) -gt 0 ]]
+    then
+        echo '{}' | jq > $HOME/.warengroup/config.json
+    fi
+
+    mkdir -p $HOME/.ssh/keys
+    chmod 700 -R $HOME/.ssh/keys
 }

src/functions/stop.sh

@@ -1,9 +1,6 @@
-wi-stop (){
-    echo " "
-    echo " "
-    echo " "
-
+wxi-stop (){
     rm -rf /.ssh/keys/init &> /dev/null
 
+    wxi-repeat "\n" 3
     exit 1
 }

src/ui/content.sh

@@ -0,0 +1,16 @@
+wxi-content(){
+  if [[ $1 == "text" ]]
+  then
+    echo "$2"
+  elif [[ $1 == "status" ]]
+  then
+    wxi-repeat "\n" 2
+    echo -n "$wxiBold"
+    echo "Status"
+    echo -n "$wxiNormal"
+    echo "$2 - $3"
+  elif [[ $1 == "link" ]]
+  then
+    echo "$2 - $3"
+  fi
+}

src/ui/footer.sh

@@ -0,0 +1,11 @@
+wxi-footer(){
+  echo ""
+  echo "------------------------------"
+  wxi-repeat " " $((30/2-12/2))
+  echo -n "$wxiBold"
+  echo "Warén Group™"
+  echo -n "$wxiNormal"
+  wxi-repeat " " $((30/2-17/2))
+  echo "https://waren.io"
+  echo "=============================="
+}

src/ui/formatting.sh

@@ -0,0 +1,11 @@
+wxiRed=$(tput setaf 196)
+wxiGreen=$(tput setaf 46)
+wxiYellow=$(tput setaf 226)
+wxiBlue=$(tput setaf 21)
+wxiPurple=$(tput setaf 165)
+wxiTurquoise=$(tput setaf 14)
+wxiPink=$(tput setaf 198)
+wxiOrange=$(tput setaf 202)
+wxiUnderline=$(tput smul)
+wxiBold=$(tput bold)
+wxiNormal=$(tput sgr0)

src/ui/header.sh

@@ -0,0 +1,30 @@
+wxi-header(){
+  if [[ $2 == "h1" ]]
+  then
+    wxi-repeat "\n" 3
+    echo "=============================="
+    wxi-repeat " " $((30/2-${#1}/2))
+    echo -n "$wxiBold"
+    echo "$1"
+    echo -n "$wxiNormal"
+    echo "=============================="
+  fi
+
+  if [[ $2 == "h2" || -z $2 ]]
+  then
+    wxi-start
+    wxi-repeat " " $((30/2-6/2-${#1}/2))
+    echo -n "$wxiBold"
+    echo ">> $1 <<"
+    echo -n "$wxiNormal"
+    echo "------------------------------"
+    echo ""
+  fi
+
+  if [[ $2 == "h3" ]]
+  then
+    echo -n "$wxiBold"
+    echo "$1"
+    echo -n "$wxiNormal"
+  fi
+}

src/ui/repeat.sh

@@ -0,0 +1,13 @@
+wxi-repeat() {
+  if [[ $1 == " " ]]
+  then
+    local str=$1 n=$2 spaces
+    printf -v spaces "%*s" $n " "
+    printf "%s" "${spaces// /$str}"
+  else
+    for i in $(seq 1 $2);
+    do
+        echo -en $1
+    done
+  fi
+}