Code Update
This commit is contained in:
parent
2df1590a6d
commit
0b0237ede5
5
src/commands/auto.sh
Normal file
5
src/commands/auto.sh
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
wx-auto(){
|
||||||
|
wx-ssh-config-sync
|
||||||
|
wx-ssh-keys-sync
|
||||||
|
wx-ssh-sign
|
||||||
|
}
|
@ -8,11 +8,22 @@ Usage: $0 COMMAND [OPTIONS]
|
|||||||
|
|
||||||
Common Commands:
|
Common Commands:
|
||||||
init Init
|
init Init
|
||||||
|
help Help
|
||||||
ssh SSH
|
ssh SSH
|
||||||
config Config
|
config Config
|
||||||
|
edit Edit
|
||||||
|
save Save
|
||||||
|
sync Sync
|
||||||
|
keys Keys
|
||||||
|
generate Generate
|
||||||
|
delete Delete
|
||||||
|
save Save
|
||||||
|
sync Sync
|
||||||
sign Certificates
|
sign Certificates
|
||||||
|
|
||||||
Management Commands:
|
Management Commands:
|
||||||
|
auto Auto
|
||||||
|
login Login
|
||||||
settings Settings
|
settings Settings
|
||||||
";
|
";
|
||||||
|
|
||||||
|
@ -5,6 +5,8 @@ wx-infra(){
|
|||||||
echo " >> Infra << "
|
echo " >> Infra << "
|
||||||
echo "------------------------------"
|
echo "------------------------------"
|
||||||
|
|
||||||
|
INFRA_PATH="/home/cwchristerw/Desktop/Work in Progress/Programming/warengroup/infra"
|
||||||
|
|
||||||
case $USER in
|
case $USER in
|
||||||
cwchristerw)
|
cwchristerw)
|
||||||
if [[ -z $1 ]]
|
if [[ -z $1 ]]
|
||||||
@ -17,12 +19,12 @@ wx-infra(){
|
|||||||
then
|
then
|
||||||
echo "Tag Required"
|
echo "Tag Required"
|
||||||
else
|
else
|
||||||
cd "/home/cwchristerw/Desktop/Work in Progress/Programming/warengroup/infra"
|
cd "$INFRA_PATH"
|
||||||
ansible-playbook --vault-id warengroup@vault/warengroup playbooks/init.yml -t $2 $3 $4 $5 $6 $7 $8 $9
|
ansible-playbook --vault-id warengroup@vault/warengroup playbooks/init.yml -t $2 $3 $4 $5 $6 $7 $8 $9
|
||||||
cd "$OLDPWD"
|
cd "$OLDPWD"
|
||||||
fi
|
fi
|
||||||
else
|
else
|
||||||
cd "/home/cwchristerw/Desktop/Work in Progress/Programming/warengroup/infra"
|
cd "$INFRA_PATH"
|
||||||
ansible-playbook --vault-id warengroup@vault/warengroup playbooks.yml -t $1 $2 $3 $4 $5 $6 $7 $8 $9
|
ansible-playbook --vault-id warengroup@vault/warengroup playbooks.yml -t $1 $2 $3 $4 $5 $6 $7 $8 $9
|
||||||
cd "$OLDPWD"
|
cd "$OLDPWD"
|
||||||
fi
|
fi
|
||||||
|
@ -5,6 +5,9 @@ wx-ssh(){
|
|||||||
sign)
|
sign)
|
||||||
wx-ssh-sign
|
wx-ssh-sign
|
||||||
;;
|
;;
|
||||||
|
keys)
|
||||||
|
wx-ssh-keys $2 $3
|
||||||
|
;;
|
||||||
config)
|
config)
|
||||||
wx-ssh-config $2
|
wx-ssh-config $2
|
||||||
;;
|
;;
|
||||||
|
@ -19,8 +19,6 @@ wx-ssh-config(){
|
|||||||
wx-stop
|
wx-stop
|
||||||
;;
|
;;
|
||||||
esac
|
esac
|
||||||
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
wx-ssh-config-edit(){
|
wx-ssh-config-edit(){
|
||||||
@ -28,9 +26,15 @@ wx-ssh-config-edit(){
|
|||||||
}
|
}
|
||||||
|
|
||||||
wx-ssh-config-save(){
|
wx-ssh-config-save(){
|
||||||
curl https://$VAULT_DOMAIN/v1/cli/data/$USER -X POST --header "X-Vault-Token: ${config["login",$ORG]}" -d "{ \"data\": { \"settings/ssh/config\": \"$(cat ~/.ssh/config | base64 -w 0)\" } }" -s &> /dev/null
|
curl https://$VAULT_DOMAIN/v1/cli/data/$USER/settings/ssh/config -X POST --header "X-Vault-Token: ${config["login",$ORG]}" -d "{ \"data\": { \"data\": \"$(cat ~/.ssh/config | base64 -w 0)\" } }" -s &> /dev/null
|
||||||
}
|
}
|
||||||
|
|
||||||
wx-ssh-config-sync(){
|
wx-ssh-config-sync(){
|
||||||
echo $(curl https://$VAULT_DOMAIN/v1/cli/data/$USER -X GET --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.data["settings/ssh/config"]') | base64 -d > ~/.ssh/config 2>&1
|
VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/cli/data/$USER/settings/ssh/config -X GET --header "X-Vault-Token: ${config["login",$ORG]}")
|
||||||
|
if [[ $VAULT_STATUS -eq 200 ]]
|
||||||
|
then
|
||||||
|
echo $(curl https://$VAULT_DOMAIN/v1/cli/data/$USER/settings/ssh/config -X GET --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.data.data') | base64 -d > ~/.ssh/config 2>&1
|
||||||
|
else
|
||||||
|
echo "Status: Config Required"
|
||||||
|
fi
|
||||||
}
|
}
|
||||||
|
62
src/commands/ssh/keys.sh
Normal file
62
src/commands/ssh/keys.sh
Normal file
@ -0,0 +1,62 @@
|
|||||||
|
wx-ssh-keys(){
|
||||||
|
echo " >> SSH / Keys << "
|
||||||
|
echo "------------------------------"
|
||||||
|
|
||||||
|
case $1 in
|
||||||
|
generate)
|
||||||
|
wx-ssh-keys-sync $2
|
||||||
|
wx-ssh-keys-generate $2
|
||||||
|
wx-ssh-config-save $2
|
||||||
|
;;
|
||||||
|
retrieve)
|
||||||
|
wx-ssh-keys-retrieve $2
|
||||||
|
;;
|
||||||
|
save)
|
||||||
|
wx-ssh-keys-save $2
|
||||||
|
;;
|
||||||
|
sync)
|
||||||
|
wx-ssh-keys-sync $2
|
||||||
|
;;
|
||||||
|
delete)
|
||||||
|
wx-ssh-keys-remove $2
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
wx-ssh-keys-sync
|
||||||
|
wx-stop
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
}
|
||||||
|
|
||||||
|
wx-ssh-keys-generate(){
|
||||||
|
if [[ ! -z $1 ]]
|
||||||
|
then
|
||||||
|
if [[ ! -f "$HOME/.ssh/keys/$1" ]]
|
||||||
|
then
|
||||||
|
ssh-keygen -t ed25519 -f $HOME/.ssh/keys/$1 -q -N "" -C "$USER" &> /dev/null
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
wx-ssh-keys-retrieve(){
|
||||||
|
if [[ ! -z $1 ]]
|
||||||
|
then
|
||||||
|
VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/cli/data/$USER/settings/ssh/keys/$1 -X GET --header "X-Vault-Token: ${config["login",$ORG]}")
|
||||||
|
if [[ $VAULT_STATUS -eq 200 ]]
|
||||||
|
then
|
||||||
|
echo $(curl https://$VAULT_DOMAIN/v1/cli/data/$USER/settings/ssh/keys/$1 -X GET --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.data.private') | base64 -d > ~/.ssh/keys/$1 2>&1
|
||||||
|
echo $(curl https://$VAULT_DOMAIN/v1/cli/data/$USER/settings/ssh/keys/$1 -X GET --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.data.public') | base64 -d > ~/.ssh/keys/$1.pub 2>&1
|
||||||
|
else
|
||||||
|
echo "Status: Key Required"
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
wx-ssh-keys-save(){
|
||||||
|
if [[ ! -z $1 ]]
|
||||||
|
then
|
||||||
|
if [[ -f "$HOME/.ssh/keys/$1" ]]
|
||||||
|
then
|
||||||
|
curl https://$VAULT_DOMAIN/v1/cli/data/$USER/settings/ssh/keys/$1 -X POST --header "X-Vault-Token: ${config["login",$ORG]}" -d "{ \"data\": { \"private\": \"$(cat ~/.ssh/keys/$1 | base64 -w 0)\", \"public\": \"$(cat ~/.ssh/keys/$1.pub | base64 -w 0)\" } }" -s &> /dev/null
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
}
|
@ -26,14 +26,14 @@ wx-ssh-sign-create(){
|
|||||||
PRINCIPALS=$2
|
PRINCIPALS=$2
|
||||||
TTL=$3
|
TTL=$3
|
||||||
|
|
||||||
if [[ ! -f "$HOME/.ssh/keys/$NAME-ed25519" ]]
|
if [[ ! -f "$HOME/.ssh/keys/$NAME" ]]
|
||||||
then
|
then
|
||||||
ssh-keygen -t ed25519 -f $HOME/.ssh/keys/$NAME-ed25519 -q -N "" &> /dev/null
|
ssh-keygen -t ed25519 -f $HOME/.ssh/keys/$NAME -q -N "" -C "$USER" &> /dev/null
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [[ -f "$HOME/.ssh/keys/$NAME-ed25519" ]]
|
if [[ -f "$HOME/.ssh/keys/$NAME" ]]
|
||||||
then
|
then
|
||||||
echo "$NAME/$ROLE"
|
echo "$NAME/$ROLE"
|
||||||
echo $(curl https://$VAULT_DOMAIN/v1/ssh/sign/$ROLE -X POST --header "X-Vault-Token: ${config["login",$ORG]}" -d "{ \"public_key\": \"$(cat $HOME/.ssh/keys/$NAME-ed25519.pub)\", \"valid_principals\": \"$PRINCIPALS,$USER\", \"ttl\": \"$TTL\" }" -s | jq -r '.data.signed_key') > ~/.ssh/keys/$NAME-ed25519.sig 2>&1
|
echo $(curl https://$VAULT_DOMAIN/v1/ssh/sign/$ROLE -X POST --header "X-Vault-Token: ${config["login",$ORG]}" -d "{ \"public_key\": \"$(cat $HOME/.ssh/keys/$NAME.pub)\", \"valid_principals\": \"$PRINCIPALS,$USER\", \"ttl\": \"$TTL\" }" -s | jq -r '.data.signed_key') > ~/.ssh/keys/$NAME.sig 2>&1
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
289
wx
289
wx
@ -19,6 +19,117 @@ wxNormal=$(tput sgr0)
|
|||||||
|
|
||||||
declare -Ax config
|
declare -Ax config
|
||||||
|
|
||||||
|
wx-start(){
|
||||||
|
echo ""
|
||||||
|
echo ""
|
||||||
|
echo ""
|
||||||
|
echo "=============================="
|
||||||
|
echo -n "$wxBold"
|
||||||
|
echo " Warén CLI "
|
||||||
|
echo -n "$wxNormal"
|
||||||
|
echo "=============================="
|
||||||
|
|
||||||
|
mkdir -p $HOME/.config/warengroup &> /dev/null
|
||||||
|
|
||||||
|
if [[ ! -f "$HOME/.config/warengroup/config.json" ]]
|
||||||
|
then
|
||||||
|
echo '{}' | jq > $HOME/.config/warengroup/config.json
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
wx-stop (){
|
||||||
|
echo " "
|
||||||
|
echo " "
|
||||||
|
echo " "
|
||||||
|
if [[ -f "./wx" ]] && [[ -d "./src" ]]
|
||||||
|
then
|
||||||
|
podman run -it --rm -v "$PWD":/usr/src/myapp -w /usr/src/myapp docker.io/library/php:8-cli php generator.php &> /dev/null
|
||||||
|
mv wx.tmp wx &> /dev/null
|
||||||
|
chmod +x wx &> /dev/null
|
||||||
|
fi
|
||||||
|
|
||||||
|
mkdir $HOME/bin &> /dev/null
|
||||||
|
curl https://git.waren.io/warengroup/wx/raw/branch/master/wx -o $HOME/bin/wx &> /dev/null
|
||||||
|
chmod +x $HOME/bin/wx &> /dev/null
|
||||||
|
|
||||||
|
exit 1
|
||||||
|
}
|
||||||
|
|
||||||
|
wx-auto(){
|
||||||
|
wx-ssh-config-sync
|
||||||
|
wx-ssh-keys-sync
|
||||||
|
wx-ssh-sign
|
||||||
|
}
|
||||||
|
|
||||||
|
wx-help(){
|
||||||
|
|
||||||
|
echo " >> Help << "
|
||||||
|
echo "------------------------------"
|
||||||
|
|
||||||
|
echo -n "
|
||||||
|
Usage: $0 COMMAND [OPTIONS]
|
||||||
|
|
||||||
|
Common Commands:
|
||||||
|
init Init
|
||||||
|
help Help
|
||||||
|
ssh SSH
|
||||||
|
config Config
|
||||||
|
edit Edit
|
||||||
|
save Save
|
||||||
|
sync Sync
|
||||||
|
keys Keys
|
||||||
|
generate Generate
|
||||||
|
delete Delete
|
||||||
|
save Save
|
||||||
|
sync Sync
|
||||||
|
sign Certificates
|
||||||
|
|
||||||
|
Management Commands:
|
||||||
|
auto Auto
|
||||||
|
login Login
|
||||||
|
settings Settings
|
||||||
|
";
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
wx-infra(){
|
||||||
|
wx-login
|
||||||
|
wx-ssh-sign &> /dev/null
|
||||||
|
|
||||||
|
echo " >> Infra << "
|
||||||
|
echo "------------------------------"
|
||||||
|
|
||||||
|
INFRA_PATH="/home/cwchristerw/Desktop/Work in Progress/Programming/warengroup/infra"
|
||||||
|
|
||||||
|
case $USER in
|
||||||
|
cwchristerw)
|
||||||
|
if [[ -z $1 ]]
|
||||||
|
then
|
||||||
|
echo "Tag Required"
|
||||||
|
else
|
||||||
|
if [[ $1 == "init" ]]
|
||||||
|
then
|
||||||
|
if [[ -z $2 ]]
|
||||||
|
then
|
||||||
|
echo "Tag Required"
|
||||||
|
else
|
||||||
|
cd "$INFRA_PATH"
|
||||||
|
ansible-playbook --vault-id warengroup@vault/warengroup playbooks/init.yml -t $2 $3 $4 $5 $6 $7 $8 $9
|
||||||
|
cd "$OLDPWD"
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
cd "$INFRA_PATH"
|
||||||
|
ansible-playbook --vault-id warengroup@vault/warengroup playbooks.yml -t $1 $2 $3 $4 $5 $6 $7 $8 $9
|
||||||
|
cd "$OLDPWD"
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
echo "User Unsupported"
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
}
|
||||||
|
|
||||||
wx-login(){
|
wx-login(){
|
||||||
ORG=$1
|
ORG=$1
|
||||||
|
|
||||||
@ -201,98 +312,6 @@ wx-login(){
|
|||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
wx-start(){
|
|
||||||
echo ""
|
|
||||||
echo ""
|
|
||||||
echo ""
|
|
||||||
echo "=============================="
|
|
||||||
echo -n "$wxBold"
|
|
||||||
echo " Warén CLI "
|
|
||||||
echo -n "$wxNormal"
|
|
||||||
echo "=============================="
|
|
||||||
|
|
||||||
mkdir -p $HOME/.config/warengroup &> /dev/null
|
|
||||||
|
|
||||||
if [[ ! -f "$HOME/.config/warengroup/config.json" ]]
|
|
||||||
then
|
|
||||||
echo '{}' | jq > $HOME/.config/warengroup/config.json
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
|
|
||||||
wx-stop (){
|
|
||||||
echo " "
|
|
||||||
echo " "
|
|
||||||
echo " "
|
|
||||||
if [[ -f "./wx" ]] && [[ -d "./src" ]]
|
|
||||||
then
|
|
||||||
podman run -it --rm -v "$PWD":/usr/src/myapp -w /usr/src/myapp docker.io/library/php:8-cli php generator.php &> /dev/null
|
|
||||||
mv wx.tmp wx &> /dev/null
|
|
||||||
chmod +x wx &> /dev/null
|
|
||||||
fi
|
|
||||||
|
|
||||||
mkdir $HOME/bin &> /dev/null
|
|
||||||
curl https://git.waren.io/warengroup/wx/raw/branch/master/wx -o $HOME/bin/wx &> /dev/null
|
|
||||||
chmod +x $HOME/bin/wx &> /dev/null
|
|
||||||
|
|
||||||
exit 1
|
|
||||||
}
|
|
||||||
|
|
||||||
wx-help(){
|
|
||||||
|
|
||||||
echo " >> Help << "
|
|
||||||
echo "------------------------------"
|
|
||||||
|
|
||||||
echo -n "
|
|
||||||
Usage: $0 COMMAND [OPTIONS]
|
|
||||||
|
|
||||||
Common Commands:
|
|
||||||
init Init
|
|
||||||
ssh SSH
|
|
||||||
config Config
|
|
||||||
sign Certificates
|
|
||||||
|
|
||||||
Management Commands:
|
|
||||||
settings Settings
|
|
||||||
";
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
wx-infra(){
|
|
||||||
wx-login
|
|
||||||
wx-ssh-sign &> /dev/null
|
|
||||||
|
|
||||||
echo " >> Infra << "
|
|
||||||
echo "------------------------------"
|
|
||||||
|
|
||||||
case $USER in
|
|
||||||
cwchristerw)
|
|
||||||
if [[ -z $1 ]]
|
|
||||||
then
|
|
||||||
echo "Tag Required"
|
|
||||||
else
|
|
||||||
if [[ $1 == "init" ]]
|
|
||||||
then
|
|
||||||
if [[ -z $2 ]]
|
|
||||||
then
|
|
||||||
echo "Tag Required"
|
|
||||||
else
|
|
||||||
cd "/home/cwchristerw/Desktop/Work in Progress/Programming/warengroup/infra"
|
|
||||||
ansible-playbook --vault-id warengroup@vault/warengroup playbooks/init.yml -t $2 $3 $4 $5 $6 $7 $8 $9
|
|
||||||
cd "$OLDPWD"
|
|
||||||
fi
|
|
||||||
else
|
|
||||||
cd "/home/cwchristerw/Desktop/Work in Progress/Programming/warengroup/infra"
|
|
||||||
ansible-playbook --vault-id warengroup@vault/warengroup playbooks.yml -t $1 $2 $3 $4 $5 $6 $7 $8 $9
|
|
||||||
cd "$OLDPWD"
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
;;
|
|
||||||
*)
|
|
||||||
echo "User Unsupported"
|
|
||||||
;;
|
|
||||||
esac
|
|
||||||
}
|
|
||||||
|
|
||||||
wx-settings(){
|
wx-settings(){
|
||||||
wx-login
|
wx-login
|
||||||
|
|
||||||
@ -307,6 +326,9 @@ wx-ssh(){
|
|||||||
sign)
|
sign)
|
||||||
wx-ssh-sign
|
wx-ssh-sign
|
||||||
;;
|
;;
|
||||||
|
keys)
|
||||||
|
wx-ssh-keys $2 $3
|
||||||
|
;;
|
||||||
config)
|
config)
|
||||||
wx-ssh-config $2
|
wx-ssh-config $2
|
||||||
;;
|
;;
|
||||||
@ -345,8 +367,6 @@ wx-ssh-config(){
|
|||||||
wx-stop
|
wx-stop
|
||||||
;;
|
;;
|
||||||
esac
|
esac
|
||||||
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
wx-ssh-config-edit(){
|
wx-ssh-config-edit(){
|
||||||
@ -354,11 +374,80 @@ wx-ssh-config-edit(){
|
|||||||
}
|
}
|
||||||
|
|
||||||
wx-ssh-config-save(){
|
wx-ssh-config-save(){
|
||||||
curl https://$VAULT_DOMAIN/v1/cli/data/$USER -X POST --header "X-Vault-Token: ${config["login",$ORG]}" -d "{ \"data\": { \"settings/ssh/config\": \"$(cat ~/.ssh/config | base64 -w 0)\" } }" -s &> /dev/null
|
curl https://$VAULT_DOMAIN/v1/cli/data/$USER/settings/ssh/config -X POST --header "X-Vault-Token: ${config["login",$ORG]}" -d "{ \"data\": { \"data\": \"$(cat ~/.ssh/config | base64 -w 0)\" } }" -s &> /dev/null
|
||||||
}
|
}
|
||||||
|
|
||||||
wx-ssh-config-sync(){
|
wx-ssh-config-sync(){
|
||||||
echo $(curl https://$VAULT_DOMAIN/v1/cli/data/$USER -X GET --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.data["settings/ssh/config"]') | base64 -d > ~/.ssh/config 2>&1
|
VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/cli/data/$USER/settings/ssh/config -X GET --header "X-Vault-Token: ${config["login",$ORG]}")
|
||||||
|
if [[ $VAULT_STATUS -eq 200 ]]
|
||||||
|
then
|
||||||
|
echo $(curl https://$VAULT_DOMAIN/v1/cli/data/$USER/settings/ssh/config -X GET --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.data.data') | base64 -d > ~/.ssh/config 2>&1
|
||||||
|
else
|
||||||
|
echo "Status: Config Required"
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
wx-ssh-keys(){
|
||||||
|
echo " >> SSH / Keys << "
|
||||||
|
echo "------------------------------"
|
||||||
|
|
||||||
|
case $1 in
|
||||||
|
generate)
|
||||||
|
wx-ssh-keys-sync $2
|
||||||
|
wx-ssh-keys-generate $2
|
||||||
|
wx-ssh-config-save $2
|
||||||
|
;;
|
||||||
|
retrieve)
|
||||||
|
wx-ssh-keys-retrieve $2
|
||||||
|
;;
|
||||||
|
save)
|
||||||
|
wx-ssh-keys-save $2
|
||||||
|
;;
|
||||||
|
sync)
|
||||||
|
wx-ssh-keys-sync $2
|
||||||
|
;;
|
||||||
|
delete)
|
||||||
|
wx-ssh-keys-remove $2
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
wx-ssh-keys-sync
|
||||||
|
wx-stop
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
}
|
||||||
|
|
||||||
|
wx-ssh-keys-generate(){
|
||||||
|
if [[ ! -z $1 ]]
|
||||||
|
then
|
||||||
|
if [[ ! -f "$HOME/.ssh/keys/$1" ]]
|
||||||
|
then
|
||||||
|
ssh-keygen -t ed25519 -f $HOME/.ssh/keys/$1 -q -N "" -C "$USER" &> /dev/null
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
wx-ssh-keys-retrieve(){
|
||||||
|
if [[ ! -z $1 ]]
|
||||||
|
then
|
||||||
|
VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/cli/data/$USER/settings/ssh/keys/$1 -X GET --header "X-Vault-Token: ${config["login",$ORG]}")
|
||||||
|
if [[ $VAULT_STATUS -eq 200 ]]
|
||||||
|
then
|
||||||
|
echo $(curl https://$VAULT_DOMAIN/v1/cli/data/$USER/settings/ssh/keys/$1 -X GET --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.data.private') | base64 -d > ~/.ssh/keys/$1 2>&1
|
||||||
|
echo $(curl https://$VAULT_DOMAIN/v1/cli/data/$USER/settings/ssh/keys/$1 -X GET --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.data.public') | base64 -d > ~/.ssh/keys/$1.pub 2>&1
|
||||||
|
else
|
||||||
|
echo "Status: Key Required"
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
wx-ssh-keys-save(){
|
||||||
|
if [[ ! -z $1 ]]
|
||||||
|
then
|
||||||
|
if [[ -f "$HOME/.ssh/keys/$1" ]]
|
||||||
|
then
|
||||||
|
curl https://$VAULT_DOMAIN/v1/cli/data/$USER/settings/ssh/keys/$1 -X POST --header "X-Vault-Token: ${config["login",$ORG]}" -d "{ \"data\": { \"private\": \"$(cat ~/.ssh/keys/$1 | base64 -w 0)\", \"public\": \"$(cat ~/.ssh/keys/$1.pub | base64 -w 0)\" } }" -s &> /dev/null
|
||||||
|
fi
|
||||||
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
wx-ssh-sign(){
|
wx-ssh-sign(){
|
||||||
@ -389,15 +478,15 @@ wx-ssh-sign-create(){
|
|||||||
PRINCIPALS=$2
|
PRINCIPALS=$2
|
||||||
TTL=$3
|
TTL=$3
|
||||||
|
|
||||||
if [[ ! -f "$HOME/.ssh/keys/$NAME-ed25519" ]]
|
if [[ ! -f "$HOME/.ssh/keys/$NAME" ]]
|
||||||
then
|
then
|
||||||
ssh-keygen -t ed25519 -f $HOME/.ssh/keys/$NAME-ed25519 -q -N "" &> /dev/null
|
ssh-keygen -t ed25519 -f $HOME/.ssh/keys/$NAME -q -N "" -C "$USER" &> /dev/null
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [[ -f "$HOME/.ssh/keys/$NAME-ed25519" ]]
|
if [[ -f "$HOME/.ssh/keys/$NAME" ]]
|
||||||
then
|
then
|
||||||
echo "$NAME/$ROLE"
|
echo "$NAME/$ROLE"
|
||||||
echo $(curl https://$VAULT_DOMAIN/v1/ssh/sign/$ROLE -X POST --header "X-Vault-Token: ${config["login",$ORG]}" -d "{ \"public_key\": \"$(cat $HOME/.ssh/keys/$NAME-ed25519.pub)\", \"valid_principals\": \"$PRINCIPALS,$USER\", \"ttl\": \"$TTL\" }" -s | jq -r '.data.signed_key') > ~/.ssh/keys/$NAME-ed25519.sig 2>&1
|
echo $(curl https://$VAULT_DOMAIN/v1/ssh/sign/$ROLE -X POST --header "X-Vault-Token: ${config["login",$ORG]}" -d "{ \"public_key\": \"$(cat $HOME/.ssh/keys/$NAME.pub)\", \"valid_principals\": \"$PRINCIPALS,$USER\", \"ttl\": \"$TTL\" }" -s | jq -r '.data.signed_key') > ~/.ssh/keys/$NAME.sig 2>&1
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user