Code Update

2024-06-16 02:51:29 +03:00
parent 13e0deb5f5
commit b014dd1990
14 changed files with 295 additions and 134 deletions
--- a/src/commands/auth/login.sh
+++ b/src/commands/auth/login.sh
--- a/src/commands/auth/logout.sh
+++ b/src/commands/auth/logout.sh
@ -2,6 +2,7 @@ wx-logout(){
    wx-header "Logout"
    if [[ $USER != "root" && $USER != "local" ]]
    then
+        wx-clean
        jq '.login = {}' $HOME/.config/warengroup/config.json &> $HOME/.config/warengroup/config.json.tmp
        mv $HOME/.config/warengroup/config.json.tmp $HOME/.config/warengroup/config.json &> /dev/null
    fi
--- a/src/commands/help.sh
+++ b/src/commands/help.sh
@ -13,12 +13,15 @@ Common Commands:
      edit        Edit
      save        Save
      sync        Sync
+      clean       Clean
    keys        Keys
      generate    Generate
-      delete      Delete
+      sign        Sign
+      retrieve    Retrieve
      save        Save
      sync        Sync
-    sign        Certificates
+      delete      Delete
+      clean       Clean

 Authentication Commands:
  login      Login
@ -26,8 +29,12 @@ Authentication Commands:

 Management Commands:
  auto       Auto
-  install    Install
+  clean      Clean
  settings   Settings
+
+Maintenance Commands:
+  install    Install
+  update     Update
 ";

 }
--- a/src/commands/maintenance/install.sh
+++ b/src/commands/maintenance/install.sh
--- a/src/commands/maintenance/uninstall.sh
+++ b/src/commands/maintenance/uninstall.sh
@ -0,0 +1,8 @@
+wx-uninstall(){
+    wx-header "Uninstall"
+    wx-logout
+    if [[ ! -d "$HOME/.config/warengroup" ]]
+    then
+        rm "$HOME/.config/warengroup" -rf
+    fi
+}
--- a/src/commands/maintenance/update.sh
+++ b/src/commands/maintenance/update.sh
--- a/src/commands/management/auto.sh
+++ b/src/commands/management/auto.sh
@ -4,5 +4,5 @@ wx-auto(){

    wx-ssh-config-sync
    wx-ssh-keys-sync
-    wx-ssh-sign
+    wx-ssh-keys-sign
 }
--- a/src/commands/management/clean.sh
+++ b/src/commands/management/clean.sh
@ -0,0 +1,6 @@
+wx-clean(){
+    wx-login
+    wx-header "Clean"
+    wx-ssh-config-clean
+    wx-ssh-keys-clean
+}
--- a/src/commands/management/settings.sh
+++ b/src/commands/management/settings.sh
--- a/src/commands/ssh/config.sh
+++ b/src/commands/ssh/config.sh
@ -13,6 +13,9 @@ wx-ssh-config(){
        sync)
            wx-ssh-config-sync
            ;;
+        clean)
+            wx-ssh-config-clean
+            ;;
        *)
            wx-ssh-config-sync
            wx-stop
@ -41,3 +44,13 @@ wx-ssh-config-sync(){
        echo $(curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/config -X GET --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.data.data') | base64 -d > ~/.ssh/config 2>&1
    fi
 }
+
+wx-ssh-config-clean(){
+    wx-header "SSH / Config"
+    wx-restricted
+    VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/config -X GET --header "X-Vault-Token: ${config["login",$ORG]}")
+    if [[ -f "$HOME/.ssh/config" && $VAULT_STATUS -eq 200 ]]
+    then
+        rm "$HOME/.ssh/config"
+    fi
+}
--- a/src/commands/ssh/keys.sh
+++ b/src/commands/ssh/keys.sh
@ -7,6 +7,9 @@ wx-ssh-keys(){
            wx-ssh-keys-generate $2
            wx-ssh-keys-save $2
            ;;
+        sign)
+            wx-ssh-keys-sign
+            ;;
        retrieve)
            wx-ssh-keys-retrieve $2
            ;;
@ -17,10 +20,12 @@ wx-ssh-keys(){
            wx-ssh-keys-sync $2
            ;;
        delete)
-            wx-ssh-keys-remove $2
+            wx-ssh-keys-delete $2
+            ;;
+        clean)
+            wx-ssh-keys-clean $2
            ;;
        *)
-            wx-ssh-keys-sync
            wx-stop
            ;;
    esac
@ -38,6 +43,44 @@ wx-ssh-keys-generate(){
    fi
 }

+wx-ssh-keys-sign(){
+    wx-header "SSH / Sign"
+    wx-restricted
+
+    if [[ $ORG == "warengroup" ]]
+    then
+        wx-ssh-keys-sign-create warengroup sysadmin 3600
+    elif [[ $ORG == "cwinfo" ]]
+    then
+        wx-ssh-keys-sign-create cwinfo sysadmin 3600
+    elif [[ $ORG == "cwchristerw" ]]
+    then
+        wx-ssh-keys-sign-create warengroup sysadmin 3600
+        wx-ssh-keys-sign-create cwinfo sysadmin 3600
+        wx-ssh-keys-sign-create cwchristerw sysadmin 3600
+    fi
+}
+
+wx-ssh-keys-sign-create(){
+    wx-restricted
+
+    NAME=$1
+    ROLE=$2
+    PRINCIPALS=$2
+    TTL=$3
+
+    if [[ ! -f "$HOME/.ssh/keys/$NAME" ]]
+    then
+        ssh-keygen -t ed25519 -f $HOME/.ssh/keys/$NAME -q -N "" -C "$USERNAME" &> /dev/null
+    fi
+
+    if [[ -f "$HOME/.ssh/keys/$NAME" ]]
+    then
+        echo "$NAME/$ROLE"
+        echo $(curl https://$VAULT_DOMAIN/v1/ssh/sign/$ROLE -X POST --header "X-Vault-Token: ${config["login",$ORG]}" -d "{ \"public_key\": \"$(cat $HOME/.ssh/keys/$NAME.pub)\", \"valid_principals\": \"$PRINCIPALS,$USERNAME\", \"ttl\": \"$TTL\" }" -s | jq -r '.data.signed_key') > ~/.ssh/keys/$NAME.sig 2>&1
+    fi
+}
+
 wx-ssh-keys-retrieve(){
    wx-header "SSH / Keys"
    wx-restricted
@ -67,5 +110,44 @@ wx-ssh-keys-save(){
 wx-ssh-keys-sync(){
    wx-header "SSH / Keys"
    wx-restricted
-    echo ""
+}
+
+wx-ssh-keys-clean(){
+    if [[ -z $1 ]]
+    then
+        wx-header "SSH / Keys"
+    fi
+    wx-restricted
+
+    if [[ ! -z $1 ]]
+    then
+        if [[ -f "$HOME/.ssh/keys/$1" && $(basename "$HOME/.ssh/keys/$1") != "legacy" ]]
+        then
+            rm "$HOME/.ssh/keys/$1" &> /dev/null
+            rm "$HOME/.ssh/keys/$1.pub" &> /dev/null
+            rm "$HOME/.ssh/keys/$1.sig" &> /dev/null
+        fi
+    else
+        if [[ $ORG == "warengroup" ]]
+        then
+            wx-ssh-keys-clean warengroup
+        elif [[ $ORG == "cwinfo" ]]
+        then
+            wx-ssh-keys-clean cwinfo
+        elif [[ $ORG == "cwchristerw" ]]
+        then
+            wx-ssh-keys-clean warengroup
+            wx-ssh-keys-clean cwinfo
+            wx-ssh-keys-clean cwchristerw
+        fi
+
+        for file in ~/.ssh/keys/*
+        do
+            VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/keys/$(basename "$file" .pub) -X GET --header "X-Vault-Token: ${config["login",$ORG]}")
+            if [[ $(basename "$file") != "legacy" && $VAULT_STATUS -eq 200 ]]
+            then
+                rm "$file" &> /dev/null
+            fi
+        done
+    fi
 }
--- a/src/commands/ssh/sign.sh
+++ b/src/commands/ssh/sign.sh
@ -1,37 +0,0 @@
-wx-ssh-sign(){
-    wx-header "SSH / Sign"
-    wx-restricted
-
-    if [[ $ORG == "warengroup" ]]
-    then
-        wx-ssh-sign-create warengroup sysadmin 3600
-    elif [[ $ORG == "cwinfo" ]]
-    then
-        wx-ssh-sign-create cwinfo sysadmin 3600
-    elif [[ $ORG == "cwchristerw" ]]
-    then
-        wx-ssh-sign-create warengroup sysadmin 3600
-        wx-ssh-sign-create cwinfo sysadmin 3600
-        wx-ssh-sign-create cwchristerw sysadmin 3600
-    fi
-}
-
-wx-ssh-sign-create(){
-    wx-restricted
-
-    NAME=$1
-    ROLE=$2
-    PRINCIPALS=$2
-    TTL=$3
-
-    if [[ ! -f "$HOME/.ssh/keys/$NAME" ]]
-    then
-        ssh-keygen -t ed25519 -f $HOME/.ssh/keys/$NAME -q -N "" -C "$USERNAME" &> /dev/null
-    fi
-
-    if [[ -f "$HOME/.ssh/keys/$NAME" ]]
-    then
-        echo "$NAME/$ROLE"
-        echo $(curl https://$VAULT_DOMAIN/v1/ssh/sign/$ROLE -X POST --header "X-Vault-Token: ${config["login",$ORG]}" -d "{ \"public_key\": \"$(cat $HOME/.ssh/keys/$NAME.pub)\", \"valid_principals\": \"$PRINCIPALS,$USERNAME\", \"ttl\": \"$TTL\" }" -s | jq -r '.data.signed_key') > ~/.ssh/keys/$NAME.sig 2>&1
-    fi
-}