warengroup/wx
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: warengroup:0ef3f8d8d6dc8ab82ebf1cbfc98567ca51de9d1e
Branches Tags
warengroup:master warengroup:develop
..
compare: warengroup:develop
Branches Tags
warengroup:develop warengroup:master

50 Commits
0ef3f8d8d6 ... develop

Author SHA1 Message Date
Christer Warén
5a666e6f60 VSCode Settings: Update 2025-11-03 02:41:43 +02:00
Christer Warén
1e4f9ed508 Generator Update 2025-11-03 02:40:44 +02:00
Christer Warén
592cd95f42 Replace bin only on successful connection 2025-09-27 00:02:35 +03:00
Christer Warén
bce9c3c4d6 Auto - Create SSH certificates before getting SSH privatekeys 2025-09-24 13:39:33 +03:00
Christer Warén
f91e69ee55 Run clean in Uninstall command 2025-08-21 18:35:09 +03:00
Christer Warén
32e6b83611 Exit after Uninstall finished 2025-08-21 18:32:01 +03:00
Christer Warén
2742d39818 Fix issue with crontab removal in Uninstall 2025-08-21 18:18:30 +03:00
Christer Warén
fe5abf5419 Fix grep to ignore wildcard as regexp 2025-08-21 17:58:38 +03:00
Christer Warén
43192faed1 Fix typos 2025-08-21 17:44:27 +03:00
Christer Warén
a276adb6d2 Remove logout from uninstall 2025-08-21 17:28:23 +03:00
Christer Warén
b5186f0380 Add cronjob removal into uninstall 2025-08-21 17:26:21 +03:00
Christer Warén
86bb04d2ea Add cronjob to installation 2025-08-21 17:21:22 +03:00
Christer Warén
67fabf0ce1 Code Update 2025-06-26 23:07:14 +03:00
Christer Warén
fe56c50bfb Code Update 2025-06-23 09:35:37 +03:00
Christer Warén
eb14aa46ff Code Update 2025-06-22 01:24:09 +03:00
Christer Warén
c59d1b374d Code Update 2025-06-22 01:22:12 +03:00
Christer Warén
1a99d2e2a1 Code Update 2025-06-22 00:44:42 +03:00
Christer Warén
1d03f7be64 Code Update 2025-06-22 00:31:52 +03:00
Christer Warén
994e44d8f1 Code Update 2025-06-22 00:22:15 +03:00
Christer Warén
f016a452cd Remove Hostname variable from login process 2025-06-21 23:46:20 +03:00
Christer Warén
c17b9a0e42 Code Update 2025-05-10 12:09:50 +03:00
Christer Warén
a91d5d6011 Code Update 2025-05-10 11:29:56 +03:00
Christer Warén
3a0902fe8e Code Update 2025-04-27 15:39:50 +03:00
Christer Warén
9baae5bccc Code Update 2025-04-27 15:32:10 +03:00
Christer Warén
7b837fdba7 Code Update 2025-04-27 15:21:27 +03:00
Christer Warén
283b7538e6 Rename build.sh to maintainer.sh 2025-01-04 08:18:12 +02:00
Christer Warén
14ae6e5dad Fix typo in code 2025-01-04 06:22:06 +02:00
Christer Warén
87608f9bfb Code Update 2025-01-04 06:19:35 +02:00
Christer Warén
5903932328 Update copyright year 2025-01-01 18:00:22 +02:00
Christer Warén
96193196cc Fix typo on curl that will get Vault passwords in Infra command 2024-11-23 07:42:02 +02:00
Christer Warén
0186421fc6 Get Ansible vault passwords in Infra command 2024-11-23 07:18:17 +02:00
Christer Warén
714feda225 Hide git command output from stdout in Infra command 2024-11-23 07:06:57 +02:00
Christer Warén
3d834933e7 Fix home directory issue 2024-11-23 07:04:12 +02:00
Christer Warén
dd72a873ab Temporarily disable using jump host when getting Infra repo from Git server 2024-11-23 07:01:33 +02:00
Christer Warén
81cd3a1c1c Create secondary Infra directory and pull changes when using Infra command 2024-11-23 06:57:41 +02:00
Christer Warén
b52f1d4486 Add secondary Infra repo path to Infra command 2024-11-23 06:50:26 +02:00
Christer Warén
42239ef54d Add secondary Ansible Vault to cwchristerw user 2024-11-22 00:16:35 +02:00
Christer Warén
256a79e427 Code Update 2024-06-24 06:32:58 +03:00
Christer Warén
b36f98e5e9 Hide Clean output in logout command 2024-06-19 20:56:27 +03:00
Christer Warén
2f33daaaa7 Code Update 2024-06-16 04:06:43 +03:00
Christer Warén
4e9ae9109e Code Update 2024-06-16 04:03:45 +03:00
Christer Warén
0071b7407d Code Update 2024-06-16 04:01:17 +03:00
Christer Warén
b014dd1990 Code Update 2024-06-16 02:51:29 +03:00
Christer Warén
13e0deb5f5 Code Update 2024-06-03 23:10:36 +03:00
Christer Warén
b5b1b88763 Code Update 2024-06-01 15:27:05 +03:00
Christer Warén
90414af2dc Code Update 2024-06-01 02:09:21 +03:00
Christer Warén
e1b05fbc51 Code Update 2024-06-01 01:53:48 +03:00
Christer Warén
a614d63d1c Code Update 2024-06-01 01:11:20 +03:00
Christer Warén
ca14cb1988 Build Script 2024-06-01 00:28:36 +03:00
Christer Warén
e36265403e Code Update 2024-06-01 00:28:18 +03:00
28 changed files with 837 additions and 360 deletions
Expand all files Collapse all files

11
.vscode/settings.json vendored
View File

@@ -1,6 +1,9 @@
{ {
"files.trimTrailingWhitespace": true, "files.trimTrailingWhitespace": true,
"files.insertFinalNewline": true, "files.insertFinalNewline": true,
"files.trimFinalNewlines": true, "files.trimFinalNewlines": true,
"editor.renderFinalNewline": false "editor.renderFinalNewline": false,
"editor.tabSize": 2,
"editor.insertSpaces": true,
"editor.detectIndentation": false
} }

2
LICENSE
View File

@@ -1,6 +1,6 @@
MIT License MIT License
Copyright (c) 2023-2024 Warén Group Copyright (c) 2023-2025 Warén Group
Permission is hereby granted, free of charge, to any person obtaining a copy Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal of this software and associated documentation files (the "Software"), to deal

12
generator.php
View File

@@ -7,25 +7,31 @@ $dirs = [
__DIR__.'/src/commands/*.sh', __DIR__.'/src/commands/*.sh',
__DIR__.'/src/commands/*/*.sh', __DIR__.'/src/commands/*/*.sh',
__DIR__.'/src/commands/*/*/*.sh', __DIR__.'/src/commands/*/*/*.sh',
__DIR__.'/src/functions/*.sh' __DIR__.'/src/functions/*.sh',
__DIR__.'/src/ui/*.sh'
]; ];
$codes = []; $codes = [];
foreach($dirs as $dir){ foreach($dirs as $dir){
foreach(glob($dir) as $file){ foreach(glob($dir) as $file){
if(str_contains($dir, "commands")){
$codes['commands'][$file] = file_get_contents($file);
}
if(str_contains($dir, "functions")){ if(str_contains($dir, "functions")){
$codes['functions'][$file] = file_get_contents($file); $codes['functions'][$file] = file_get_contents($file);
} }
if(str_contains($dir, "commands")){ if(str_contains($dir, "ui")){
$codes['commands'][$file] = file_get_contents($file); $codes['ui'][$file] = file_get_contents($file);
} }
} }
} }
$code = str_replace("{{ FUNCTIONS }}", implode("\n", $codes['functions']), $base); $code = str_replace("{{ FUNCTIONS }}", implode("\n", $codes['functions']), $base);
$code = str_replace("{{ UI }}", implode("\n", $codes['ui']), $code);
$code = str_replace("{{ COMMANDS }}", implode("\n", $codes['commands']), $code); $code = str_replace("{{ COMMANDS }}", implode("\n", $codes['commands']), $code);
try { try {
$file = __DIR__.'/wx.tmp'; $file = __DIR__.'/wx.tmp';
$file = fopen($file, "w"); $file = fopen($file, "w");

13
maintainer.sh Executable file
View File

@@ -0,0 +1,13 @@
#!/bin/bash
if [ ! "$BASH_VERSION" ] ; then
bash $0 $1 $2 $3 $4 $5 $6 $7 $8 $9
exit 1
fi
if [[ -f "./wx" ]] && [[ -d "./src" ]]
then
podman run -it --rm -v "$PWD":/usr/src/myapp -w /usr/src/myapp docker.io/library/php:8-cli php generator.php &> /dev/null
mv wx.tmp wx &> /dev/null
chmod +x wx &> /dev/null
fi

1
src/base.sh
View File

@@ -22,7 +22,6 @@ declare -Ax config
{{ FUNCTIONS }} {{ FUNCTIONS }}
{{ COMMANDS }} {{ COMMANDS }}
wx-start
if [[ ! -z $1 ]] && [[ $(type -t wx-$1) == function ]] if [[ ! -z $1 ]] && [[ $(type -t wx-$1) == function ]]
then then
wx-$1 $2 $3 $4 $5 $6 $7 $8 $9 wx-$1 $2 $3 $4 $5 $6 $7 $8 $9

96
src/commands/login.sh → src/commands/auth/login.sh
View File

@@ -1,18 +1,9 @@
wx-login(){ wx-login(){
ORG=$1
if [[ -z "$HOSTNAME" || ${#HOSTNAME} -lt 5 ]]
then
echo " >> Login << "
echo "------------------------------"
echo "Status: Hostname Required"
wx-stop
fi
if [[ ! -z $1 ]] if [[ ! -z $1 ]]
then then
ORG=$1 ORG=$1
jq '.org = "'$ORG'"' $HOME/.warengroup/config.json 1> $HOME/.warengroup/config.json.tmp
mv $HOME/.warengroup/config.json.tmp $HOME/.warengroup/config.json &> /dev/null
elif [[ $(hostname -d) = *"devices.waren.io" ]] elif [[ $(hostname -d) = *"devices.waren.io" ]]
then then
ORG=warengroup ORG=warengroup
@@ -22,10 +13,11 @@ wx-login(){
elif [[ $(hostname -d) = *"devices.christerwaren.fi" ]] elif [[ $(hostname -d) = *"devices.christerwaren.fi" ]]
then then
ORG=cwchristerw ORG=cwchristerw
elif [[ $USER != "root" && $USER != "local" && -f "$HOME/.warengroup/config.json" && $(cat $HOME/.warengroup/config.json | jq -r .org) != "null" ]]
then
ORG=$(cat $HOME/.warengroup/config.json | jq -r .org)
else else
echo " >> Login << " wx-header "Login"
echo "------------------------------"
echo "Status: Organization Required" echo "Status: Organization Required"
wx-stop wx-stop
fi fi
@@ -40,41 +32,23 @@ wx-login(){
then then
DOMAIN=christerwaren.fi DOMAIN=christerwaren.fi
else else
echo " >> Login << " wx-header "Login"
echo "------------------------------"
echo "Status: Organization Unsupported" echo "Status: Organization Unsupported"
wx-stop wx-stop
fi fi
FOLDER=$ORG FOLDER=$ORG
DEVICE_DOMAIN="devices.$DOMAIN" DEVICE_DOMAIN="devices.$DOMAIN"
IDM_DOMAIN="idm.cwinfo.net" IDM_DOMAIN="idm.waren.io"
VAULT_DOMAIN="vault.cwinfo.net" VAULT_DOMAIN="vault.cwinfo.net"
if [[ ! -z $2 ]]
then
HOSTNAME="$2.$DEVICE_DOMAIN"
elif [[ $(hostname -d) ]]
then
HOSTNAME=$(hostname --fqdn)
else
echo " >> Login << "
echo "------------------------------"
echo "Status: Hostname Required"
wx-stop
fi
if [[ -z $USER || $USER == "root" || $USER == "local" ]] if [[ -z $USER || $USER == "root" || $USER == "local" ]]
then then
if [[ -z $SUDO_USER ]] if [[ -z $SUDO_USER ]]
then then
if [[ -z LOGNAME ]] if [[ -z LOGNAME ]]
then then
echo " >> Login << " wx-header "Login"
echo "------------------------------"
echo "Status: Username Required" echo "Status: Username Required"
wx-stop wx-stop
else else
@@ -83,32 +57,40 @@ wx-login(){
else else
USERNAME=$SUDO_USER USERNAME=$SUDO_USER
fi fi
else
USERNAME=$USER
fi fi
VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/sys/health) VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/sys/health)
if [[ $VAULT_STATUS -eq 200 ]] if [[ $VAULT_STATUS -eq 200 ]]
then then
if [[ -f "$HOME/.config/warengroup/config.json" ]]
if [[ $USER != "root" && $USER != "local" && -f "$HOME/.warengroup/config.json" ]]
then then
TOKEN="$(cat $HOME/.config/warengroup/config.json | jq -r .login.$ORG)" if [[ $(cat $HOME/.warengroup/config.json | jq -r .login.$ORG.username) != "null" ]]
then
USERNAME="$(cat $HOME/.warengroup/config.json | jq -r .login.$ORG.username)"
fi
TOKEN="$(cat $HOME/.warengroup/config.json | jq -r .login.$ORG.token)"
fi fi
VAULT_LOGIN=$(curl https://$VAULT_DOMAIN/v1/auth/token/renew -X POST --header "X-Vault-Token: $TOKEN" -d '{ "token": "'$TOKEN'" }' -s | jq -r '.auth.client_token') VAULT_LOGIN=$(curl https://$VAULT_DOMAIN/v1/auth/token/renew -X POST --header "X-Vault-Token: $TOKEN" -d '{ "token": "'$TOKEN'" }' -s | jq -r '.auth.client_token')
if [[ ! -z $VAULT_LOGIN && ${#VAULT_LOGIN} == 95 ]] if [[ ! -z $VAULT_LOGIN && ${#VAULT_LOGIN} == 95 ]]
then then
config["login",${ORG}]=$VAULT_LOGIN config["login",${ORG}]=$VAULT_LOGIN
jq '.login.'$ORG' = "'$VAULT_LOGIN'"' $HOME/.config/warengroup/config.json &> $HOME/.config/warengroup/config.json.tmp if [[ $USER != "root" && $USER != "local" ]]
mv $HOME/.config/warengroup/config.json.tmp $HOME/.config/warengroup/config.json &> /dev/null then
jq '.login.'$ORG'.token = "'$VAULT_LOGIN'"' $HOME/.warengroup/config.json 1> $HOME/.warengroup/config.json.tmp
mv $HOME/.warengroup/config.json.tmp $HOME/.warengroup/config.json &> /dev/null
fi
else else
IDM_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$IDM_DOMAIN) IDM_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$IDM_DOMAIN)
if [[ $IDM_STATUS -eq 301 ]] if [[ $IDM_STATUS -eq 301 ]]
then then
echo " >> Login << " wx-header "Login"
echo "------------------------------"
echo $wxBold$ORG$wxNormal echo $wxBold$ORG$wxNormal
if [[ -z $USERNAME || $USERNAME == "root" || $USERNAME == "local" ]] if [[ -z $USERNAME || $USERNAME == "root" || $USERNAME == "local" || $USERNAME == "nobody" ]]
then then
echo -n "Username: " echo -n "Username: "
read USERNAME read USERNAME
@@ -116,6 +98,9 @@ wx-login(){
echo "Username: $USERNAME" echo "Username: $USERNAME"
fi fi
jq '.login.'$ORG'.username = "'$USERNAME'"' $HOME/.warengroup/config.json 1> $HOME/.warengroup/config.json.tmp
mv $HOME/.warengroup/config.json.tmp $HOME/.warengroup/config.json &> /dev/null
echo -n "Password: " echo -n "Password: "
read -s PASSWORD read -s PASSWORD
echo "****************" echo "****************"
@@ -133,15 +118,15 @@ wx-login(){
fi fi
config["login",${ORG}]=$VAULT_LOGIN config["login",${ORG}]=$VAULT_LOGIN
jq '.login.'$ORG' = "'$VAULT_LOGIN'"' $HOME/.config/warengroup/config.json &> $HOME/.config/warengroup/config.json.tmp
mv $HOME/.config/warengroup/config.json.tmp $HOME/.config/warengroup/config.json &> /dev/null
wx-start if [[ $USER != "root" && $USER != "local" ]]
then
jq '.login.'$ORG'.token = "'$VAULT_LOGIN'"' $HOME/.warengroup/config.json &> $HOME/.warengroup/config.json.tmp
mv $HOME/.warengroup/config.json.tmp $HOME/.warengroup/config.json &> /dev/null
fi
fi fi
else else
echo " >> Login << " wx-header "Login"
echo "------------------------------"
echo $wxBold$ORG$wxNormal echo $wxBold$ORG$wxNormal
echo -n "Token: " echo -n "Token: "
@@ -162,18 +147,17 @@ wx-login(){
fi fi
config["login",${ORG}]=$VAULT_LOGIN config["login",${ORG}]=$VAULT_LOGIN
jq '.login.'$ORG' = "'$VAULT_LOGIN'"' $HOME/.config/warengroup/config.json &> $HOME/.config/warengroup/config.json.tmp
mv $HOME/.config/warengroup/config.json.tmp $HOME/.config/warengroup/config.json &> /dev/null
wx-start if [[ $USER != "root" && $USER != "local" ]]
then
jq '.login.'$ORG'.token = "'$VAULT_LOGIN'"' $HOME/.warengroup/config.json &> $HOME/.warengroup/config.json.tmp
mv $HOME/.warengroup/config.json.tmp $HOME/.warengroup/config.json &> /dev/null
fi
fi fi
fi fi
else else
echo " >> Login << " wx-header "Login"
echo "------------------------------"
echo $wxBold$ORG$wxNormal echo $wxBold$ORG$wxNormal
echo "Status: Vault Offline" echo "Status: Vault Offline"
wx-stop wx-stop
fi fi

13
src/commands/auth/logout.sh Normal file
View File

@@ -0,0 +1,13 @@
wx-logout(){
wx-header "Logout"
if [[ $USER != "root" && $USER != "local" && -f "$HOME/.warengroup/config.json" ]]
then
VAULT_LOGIN=$(cat $HOME/.warengroup/config.json | jq -r .login)
if [[ $VAULT_LOGIN != null && $VAULT_LOGIN != "{}" ]]
then
wx-clean &> /dev/null
jq '.login = {}' $HOME/.warengroup/config.json &> $HOME/.warengroup/config.json.tmp
mv $HOME/.warengroup/config.json.tmp $HOME/.warengroup/config.json &> /dev/null
fi
fi
}

10
src/commands/auto.sh
View File

@@ -1,10 +0,0 @@
wx-auto(){
wx-login
echo " >> Auto << "
echo "------------------------------"
wx-ssh-config-sync
wx-ssh-keys-sync
wx-ssh-sign
}

20
src/commands/help.sh
View File

@@ -1,7 +1,6 @@
wx-help(){ wx-help(){
echo " >> Help << " wx-header "Help"
echo "------------------------------"
echo -n " echo -n "
Usage: $0 COMMAND [OPTIONS] Usage: $0 COMMAND [OPTIONS]
@@ -14,17 +13,28 @@ Common Commands:
edit Edit edit Edit
save Save save Save
sync Sync sync Sync
clean Clean
keys Keys keys Keys
generate Generate generate Generate
delete Delete sign Sign
retrieve Retrieve
save Save save Save
sync Sync sync Sync
sign Certificates delete Delete
clean Clean
Authentication Commands:
login Login
logout Logout
Management Commands: Management Commands:
auto Auto auto Auto
login Login clean Clean
settings Settings settings Settings
Maintenance Commands:
install Install
update Update
"; ";
} }

60
src/commands/infra.sh
View File

@@ -1,14 +1,41 @@
wx-infra(){ wx-infra(){
wx-login wx-login
wx-ssh-sign &> /dev/null wx-auto &> /dev/null
echo " >> Infra << " wx-header "Infra"
echo "------------------------------" wx-restricted
INFRA_PATH="/home/cwchristerw/Desktop/Work in Progress/Programming/warengroup/infra"
case $USERNAME in case $USERNAME in
cwchristerw) cwchristerw)
if [[ -d "$HOME/Desktop/Work in Progress/Programming/warengroup/infra" ]]
then
INFRA_PATH="$HOME/Desktop/Work in Progress/Programming/warengroup/infra"
else
if [[ -d "$HOME/.warengroup/infra" ]]
then
INFRA_PATH="$HOME/.warengroup/infra"
else
INFRA_PATH="$HOME/.warengroup/infra"
mkdir -p "$INFRA_PATH" &> /dev/null
git clone ssh://git@git.waren.io:2222/warengroup-private/infra.git --config core.sshCommand="ssh -i $HOME/.ssh/keys/warengroup-legacy -o ProxyJump=none" "$INFRA_PATH" &> /dev/null
fi
fi
if [[ ! -f "$INFRA_PATH/vault/cwchristerw" || ! -f "$INFRA_PATH/vault/warengroup" ]]
then
mkdir -p "$INFRA_PATH/vault" &> /dev/null
curl \
-H "X-Vault-Token: ${config["login",$ORG]}" \
-X GET \
https://$VAULT_DOMAIN/v1/cli/data/cwchristerw/settings/infra -s | jq -r '.data.data.cwchristerw' > "$INFRA_PATH/vault/cwchristerw"
curl \
-H "X-Vault-Token: ${config["login",$ORG]}" \
-X GET \
https://$VAULT_DOMAIN/v1/cli/data/cwchristerw/settings/infra -s | jq -r '.data.data.warengroup' > "$INFRA_PATH/vault/warengroup"
fi
if [[ -z $1 ]] if [[ -z $1 ]]
then then
echo "Tag Required" echo "Tag Required"
@@ -17,15 +44,26 @@ wx-infra(){
then then
if [[ -z $2 ]] if [[ -z $2 ]]
then then
echo "Tag Required" 2=init
else
cd "$INFRA_PATH"
ansible-playbook --vault-id warengroup@vault/warengroup playbooks/init.yml -t $2 $3 $4 $5 $6 $7 $8 $9
cd "$OLDPWD"
fi fi
cd "$INFRA_PATH"
git pull &> /dev/null
ansible-galaxy collection install -r requirements.yml --upgrade &> /dev/null
ansible-playbook --vault-id warengroup@vault/warengroup --vault-id cwchristerw@vault/cwchristerw playbooks/init.yml -t $2 $3 $4 $5 $6 $7 $8 $9
cd "$OLDPWD"
elif [[ $1 == "manager" ]]
then
cd "$INFRA_PATH"
git pull &> /dev/null
ansible-galaxy collection install -r requirements.yml --upgrade &> /dev/null
ansible-playbook --vault-id warengroup@vault/warengroup --vault-id cwchristerw@vault/cwchristerw manager.yml $2 $3 $4 $5 $6 $7 $8 $9
cd "$OLDPWD"
else else
cd "$INFRA_PATH" cd "$INFRA_PATH"
ansible-playbook --vault-id warengroup@vault/warengroup playbooks.yml -t $1 $2 $3 $4 $5 $6 $7 $8 $9 git pull &> /dev/null
ansible-galaxy collection install -r requirements.yml --upgrade &> /dev/null
ansible-playbook --vault-id warengroup@vault/warengroup --vault-id cwchristerw@vault/cwchristerw playbooks.yml -t $1 $2 $3 $4 $5 $6 $7 $8 $9
cd "$OLDPWD" cd "$OLDPWD"
fi fi
fi fi

29
src/commands/maintenance/install.sh Normal file
View File

@@ -0,0 +1,29 @@
wx-install(){
if [[ -z $1 ]]
then
wx-header "Install"
fi
wx-restricted
if [[ -f "./wx" ]] && [[ -d "./src" ]]
then
podman run -it --rm -v "$PWD":/usr/src/myapp -w /usr/src/myapp docker.io/library/php:8-cli php generator.php &> /dev/null
mv wx.tmp wx &> /dev/null
chmod +x wx &> /dev/null
fi
mkdir $HOME/bin &> /dev/null
if [[ $(curl -s -o /dev/null -w "%{http_code}" https://git.waren.io/warengroup/wx/raw/branch/master/wx) -eq 200 ]]
then
curl https://git.waren.io/warengroup/wx/raw/branch/master/wx -o $HOME/bin/wx &> /dev/null
chmod +x $HOME/bin/wx &> /dev/null
fi
CRONJOB_NAME="#Warén CLI: Auto"
CRONJOB_TASK="*/5 * * * * $HOME/bin/wx auto"
if [[ -z $(crontab -l | grep -F "$CRONJOB_NAME") || -z $(crontab -l | grep -F "$CRONJOB_TASK") ]]
then
(crontab -l ; echo "$CRONJOB_NAME" ; echo "$CRONJOB_TASK") | grep -Fv "no crontab" | crontab -
fi
}

28
src/commands/maintenance/uninstall.sh Normal file
View File

@@ -0,0 +1,28 @@
wx-uninstall(){
wx-header "Uninstall"
wx-clean &> /dev/null
if [[ -d "$HOME/.warengroup" ]]
then
rm "$HOME/.warengroup" -rf
fi
CRONJOB_NAME="#Warén CLI: Auto"
CRONJOB_TASK="*/5 * * * * $HOME/bin/wx auto"
if [[ $(crontab -l | grep -F "$CRONJOB_NAME") || $(crontab -l | grep -F "$CRONJOB_TASK") ]]
then
crontab -l | grep -Fv "$CRONJOB_NAME" | grep -Fv "$CRONJOB_TASK" | grep -Fv "no crontab" | crontab -
fi
if [[ -f "$HOME/bin/wx" ]]
then
rm "$HOME/bin/wx" -rf
fi
echo " "
echo " "
echo " "
exit 1
}

4
src/commands/maintenance/update.sh Normal file
View File

@@ -0,0 +1,4 @@
wx-update(){
wx-header "Update"
wx-install --update
}

8
src/commands/management/auto.sh Normal file
View File

@@ -0,0 +1,8 @@
wx-auto(){
wx-login
wx-header "Auto"
wx-ssh-config-sync
wx-ssh-keys-sign
wx-ssh-keys-sync
}

6
src/commands/management/clean.sh Normal file
View File

@@ -0,0 +1,6 @@
wx-clean(){
wx-login
wx-header "Clean"
wx-ssh-config-clean
wx-ssh-keys-clean
}

4
src/commands/management/settings.sh Normal file
View File

@@ -0,0 +1,4 @@
wx-settings(){
wx-login
wx-header "Settings"
}

6
src/commands/settings.sh
View File

@@ -1,6 +0,0 @@
wx-settings(){
wx-login
echo " >> Settings << "
echo "------------------------------"
}

10
src/commands/ssh.sh
View File

@@ -1,13 +1,7 @@
wx-ssh(){ wx-ssh(){
wx-login wx-login
mkdir -p $HOME/.ssh/keys
chmod 700 -R $HOME/.ssh/keys
case $1 in case $1 in
sign)
wx-ssh-sign
;;
keys) keys)
wx-ssh-keys $2 $3 wx-ssh-keys $2 $3
;; ;;
@@ -15,9 +9,7 @@ wx-ssh(){
wx-ssh-config $2 wx-ssh-config $2
;; ;;
*) *)
echo " >> SSH << " wx-header "SSH"
echo "------------------------------"
wx-stop wx-stop
;; ;;
esac esac

31
src/commands/ssh/config.sh
View File

@@ -1,6 +1,5 @@
wx-ssh-config(){ wx-ssh-config(){
echo " >> SSH / Config << " wx-restricted
echo "------------------------------"
case $1 in case $1 in
edit) edit)
@@ -14,6 +13,9 @@ wx-ssh-config(){
sync) sync)
wx-ssh-config-sync wx-ssh-config-sync
;; ;;
clean)
wx-ssh-config-clean
;;
*) *)
wx-ssh-config-sync wx-ssh-config-sync
wx-stop wx-stop
@@ -22,17 +24,40 @@ wx-ssh-config(){
} }
wx-ssh-config-edit(){ wx-ssh-config-edit(){
wx-header "SSH / Config / Edit"
wx-restricted
nano ~/.ssh/config nano ~/.ssh/config
} }
wx-ssh-config-save(){ wx-ssh-config-save(){
wx-header "SSH / Config / Save"
wx-restricted
curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/config -X POST --header "X-Vault-Token: ${config["login",$ORG]}" -d "{ \"data\": { \"data\": \"$(cat ~/.ssh/config | base64 -w 0)\" } }" -s &> /dev/null curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/config -X POST --header "X-Vault-Token: ${config["login",$ORG]}" -d "{ \"data\": { \"data\": \"$(cat ~/.ssh/config | base64 -w 0)\" } }" -s &> /dev/null
} }
wx-ssh-config-sync(){ wx-ssh-config-sync(){
wx-header "SSH / Config / Sync"
wx-restricted
VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/config -X GET --header "X-Vault-Token: ${config["login",$ORG]}") VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/config -X GET --header "X-Vault-Token: ${config["login",$ORG]}")
if [[ $VAULT_STATUS -eq 200 ]] if [[ $VAULT_STATUS -eq 200 ]]
then then
echo $(curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/config -X GET --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.data.data') | base64 -d > ~/.ssh/config 2>&1 touch ~/.ssh/config
SSH1_CONFIG_MD5=$(curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/config -X GET --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.data.data' | base64 -d | md5sum | base64)
SSH2_CONFIG_MD5=$(cat ~/.ssh/config | md5sum | base64)
if [[ $SSH1_CONFIG_MD5 != $SSH2_CONFIG_MD5 ]]
then
echo $(curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/config -X GET --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.data.data') | base64 -d > ~/.ssh/config 2>&1
chmod 700 ~/.ssh/config
fi
fi
}
wx-ssh-config-clean(){
wx-header "SSH / Config / Clean"
wx-restricted
VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/config -X GET --header "X-Vault-Token: ${config["login",$ORG]}")
if [[ -f "$HOME/.ssh/config" && $VAULT_STATUS -eq 200 ]]
then
rm "$HOME/.ssh/config"
fi fi
} }

115
src/commands/ssh/keys.sh
View File

@@ -1,6 +1,5 @@
wx-ssh-keys(){ wx-ssh-keys(){
echo " >> SSH / Keys << " wx-restricted
echo "------------------------------"
case $1 in case $1 in
generate) generate)
@@ -8,6 +7,9 @@ wx-ssh-keys(){
wx-ssh-keys-generate $2 wx-ssh-keys-generate $2
wx-ssh-keys-save $2 wx-ssh-keys-save $2
;; ;;
sign)
wx-ssh-keys-sign
;;
retrieve) retrieve)
wx-ssh-keys-retrieve $2 wx-ssh-keys-retrieve $2
;; ;;
@@ -18,16 +20,20 @@ wx-ssh-keys(){
wx-ssh-keys-sync $2 wx-ssh-keys-sync $2
;; ;;
delete) delete)
wx-ssh-keys-remove $2 wx-ssh-keys-delete $2
;;
clean)
wx-ssh-keys-clean $2
;; ;;
*) *)
wx-ssh-keys-sync
wx-stop wx-stop
;; ;;
esac esac
} }
wx-ssh-keys-generate(){ wx-ssh-keys-generate(){
wx-header "SSH / Keys / Generate"
wx-restricted
if [[ ! -z $1 ]] if [[ ! -z $1 ]]
then then
if [[ ! -f "$HOME/.ssh/keys/$1" ]] if [[ ! -f "$HOME/.ssh/keys/$1" ]]
@@ -37,19 +43,67 @@ wx-ssh-keys-generate(){
fi fi
} }
wx-ssh-keys-sign(){
wx-header "SSH / Keys / Sign"
wx-restricted
if [[ $ORG == "warengroup" && $USERNAME != "cwchristerw" ]]
then
wx-ssh-keys-sign-create warengroup sysadmin 3600
elif [[ $ORG == "cwinfo" && $USERNAME != "cwchristerw" ]]
then
wx-ssh-keys-sign-create cwinfo sysadmin 3600
elif [[ $ORG == "cwchristerw" || $USERNAME == "cwchristerw" ]]
then
wx-ssh-keys-sign-create warengroup sysadmin 3600
wx-ssh-keys-sign-create cwinfo sysadmin 3600
wx-ssh-keys-sign-create cwchristerw sysadmin 3600
fi
}
wx-ssh-keys-sign-create(){
wx-restricted
NAME=$1
ROLE=$2
PRINCIPALS=$2
TTL=$3
if [[ ! -f "$HOME/.ssh/keys/$NAME" ]]
then
ssh-keygen -t ed25519 -f $HOME/.ssh/keys/$NAME -q -N "" -C "$USERNAME" &> /dev/null
fi
if [[ -f "$HOME/.ssh/keys/$NAME" ]]
then
echo "$NAME/$ROLE"
echo $(curl https://$VAULT_DOMAIN/v1/ssh/sign/$ROLE -X POST --header "X-Vault-Token: ${config["login",$ORG]}" -d "{ \"public_key\": \"$(cat $HOME/.ssh/keys/$NAME.pub)\", \"valid_principals\": \"$PRINCIPALS,$USERNAME\", \"ttl\": \"$TTL\" }" -s | jq -r '.data.signed_key') > ~/.ssh/keys/$NAME.sig 2>&1
fi
}
wx-ssh-keys-retrieve(){ wx-ssh-keys-retrieve(){
if [[ -z $2 ]]
then
wx-header "SSH / Keys / Retrieve"
fi
wx-restricted
if [[ ! -z $1 ]] if [[ ! -z $1 ]]
then then
VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/keys/$1 -X GET --header "X-Vault-Token: ${config["login",$ORG]}") VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/keys/$1 -X GET --header "X-Vault-Token: ${config["login",$ORG]}")
if [[ $VAULT_STATUS -eq 200 ]] if [[ $VAULT_STATUS -eq 200 ]]
then then
echo $(curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/keys/$1 -X GET --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.data.private') | base64 -d > ~/.ssh/keys/$1 2>&1 echo $(curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/keys/$1 -X GET --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.data.private') | base64 -d > ~/.ssh/keys/$1 2>&1
chmod 700 ~/.ssh/keys/$1
echo $(curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/keys/$1 -X GET --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.data.public') | base64 -d > ~/.ssh/keys/$1.pub 2>&1 echo $(curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/keys/$1 -X GET --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.data.public') | base64 -d > ~/.ssh/keys/$1.pub 2>&1
chmod 700 ~/.ssh/keys/$1.pub
fi fi
fi fi
} }
wx-ssh-keys-save(){ wx-ssh-keys-save(){
wx-header "SSH / Keys / Save"
wx-restricted
if [[ ! -z $1 ]] if [[ ! -z $1 ]]
then then
if [[ -f "$HOME/.ssh/keys/$1" ]] if [[ -f "$HOME/.ssh/keys/$1" ]]
@@ -60,5 +114,56 @@ wx-ssh-keys-save(){
} }
wx-ssh-keys-sync(){ wx-ssh-keys-sync(){
echo "" wx-header "SSH / Keys / Sync"
wx-restricted
VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/cli/metadata/$USERNAME/settings/ssh/keys -X LIST --header "X-Vault-Token: ${config["login",$ORG]}")
if [[ $VAULT_STATUS -eq 200 ]]
then
for name in $(curl https://$VAULT_DOMAIN/v1/cli/metadata/$USERNAME/settings/ssh/keys -X LIST --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.keys | @sh' | tr -d \')
do
echo $name
wx-ssh-keys-retrieve $name --multiple
done
fi
}
wx-ssh-keys-clean(){
if [[ -z $1 ]]
then
wx-header "SSH / Keys / Clean"
fi
wx-restricted
if [[ ! -z $1 ]]
then
if [[ -f "$HOME/.ssh/keys/$1" && $(basename "$HOME/.ssh/keys/$1") != "legacy" ]]
then
rm "$HOME/.ssh/keys/$1" &> /dev/null
rm "$HOME/.ssh/keys/$1.pub" &> /dev/null
rm "$HOME/.ssh/keys/$1.sig" &> /dev/null
fi
else
if [[ $ORG == "warengroup" && $USERNAME != "cwchristerw" ]]
then
wx-ssh-keys-clean warengroup
elif [[ $ORG == "cwinfo" && $USERNAME != "cwchristerw" ]]
then
wx-ssh-keys-clean cwinfo
elif [[ $ORG == "cwchristerw" || $USERNAME == "cwchristerw" ]]
then
wx-ssh-keys-clean warengroup
wx-ssh-keys-clean cwinfo
wx-ssh-keys-clean cwchristerw
fi
for file in ~/.ssh/keys/*
do
VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/keys/$(basename "$file" .pub) -X GET --header "X-Vault-Token: ${config["login",$ORG]}")
if [[ $(basename "$file") != "legacy" && $VAULT_STATUS -eq 200 ]]
then
rm "$file" &> /dev/null
fi
done
fi
} }

35
src/commands/ssh/sign.sh
View File

@@ -1,35 +0,0 @@
wx-ssh-sign(){
echo " >> SSH / Sign << "
echo "------------------------------"
if [[ $ORG == "warengroup" ]]
then
wx-ssh-sign-create warengroup sysadmin 3600
elif [[ $ORG == "cwinfo" ]]
then
wx-ssh-sign-create cwinfo sysadmin 3600
elif [[ $ORG == "cwchristerw" ]]
then
wx-ssh-sign-create warengroup sysadmin 3600
wx-ssh-sign-create cwinfo sysadmin 3600
wx-ssh-sign-create cwchristerw sysadmin 3600
fi
}
wx-ssh-sign-create(){
NAME=$1
ROLE=$2
PRINCIPALS=$2
TTL=$3
if [[ ! -f "$HOME/.ssh/keys/$NAME" ]]
then
ssh-keygen -t ed25519 -f $HOME/.ssh/keys/$NAME -q -N "" -C "$USERNAME" &> /dev/null
fi
if [[ -f "$HOME/.ssh/keys/$NAME" ]]
then
echo "$NAME/$ROLE"
echo $(curl https://$VAULT_DOMAIN/v1/ssh/sign/$ROLE -X POST --header "X-Vault-Token: ${config["login",$ORG]}" -d "{ \"public_key\": \"$(cat $HOME/.ssh/keys/$NAME.pub)\", \"valid_principals\": \"$PRINCIPALS,$USERNAME\", \"ttl\": \"$TTL\" }" -s | jq -r '.data.signed_key') > ~/.ssh/keys/$NAME.sig 2>&1
fi
}

3
src/commands/welcome.sh
View File

@@ -1,4 +1,3 @@
wx-welcome(){ wx-welcome(){
echo " >> Welcome << " wx-header "Welcome"
echo "------------------------------"
} }

24
src/functions/header.sh Normal file
View File

@@ -0,0 +1,24 @@
wx-header(){
if [[ $2 == "h1" ]]
then
echo ""
echo ""
echo ""
echo "=============================="
wx-repeat " " $((30/2-${#1}/2))
echo -n "$wxBold"
echo -n "$1"
echo -n "$wxNormal"
echo ""
echo "=============================="
fi
if [[ $2 == "h2" || -z $2 ]]
then
wx-start
wx-repeat " " $((30/2-6/2-${#1}/2))
echo -n ">> $1 <<"
echo ""
echo "------------------------------"
fi
}

5
src/functions/repeat.sh Normal file
View File

@@ -0,0 +1,5 @@
wx-repeat() {
local str=$1 n=$2 spaces
printf -v spaces "%*s" $n " "
printf "%s" "${spaces// /$str}"
}

10
src/functions/restricted.sh Normal file
View File

@@ -0,0 +1,10 @@
wx-restricted(){
if [[ $USER == "root" || $USER == "local" ]]
then
echo "Status: Command Restricted"
echo " "
echo " "
echo " "
exit 1
fi
}

20
src/functions/start.sh
View File

@@ -1,17 +1,15 @@
wx-start(){ wx-start(){
echo "" wx-header "Warén CLI" h1
echo ""
echo ""
echo "=============================="
echo -n "$wxBold"
echo " Warén CLI "
echo -n "$wxNormal"
echo "=============================="
mkdir -p $HOME/.config/warengroup &> /dev/null mkdir -p $HOME/.warengroup &> /dev/null
if [[ ! -f "$HOME/.config/warengroup/config.json" ]] if [[ ! -f "$HOME/.warengroup/config.json" || $(jq -e . < $HOME/.warengroup/config.json &>/dev/null; echo $?) -gt 0 ]]
then then
echo '{}' | jq > $HOME/.config/warengroup/config.json echo '{}' | jq > $HOME/.warengroup/config.json
fi fi
mkdir -p $HOME/.ssh/keys
chmod 700 -R $HOME/.ssh/keys
mkdir -p $HOME/.ssh/multiplex
chmod 700 -R $HOME/.ssh/multiplex
} }

14
src/functions/stop.sh
View File

@@ -2,18 +2,12 @@ wx-stop (){
echo " " echo " "
echo " " echo " "
echo " " echo " "
if [[ -f "./wx" ]] && [[ -d "./src" ]]
then
podman run -it --rm -v "$PWD":/usr/src/myapp -w /usr/src/myapp docker.io/library/php:8-cli php generator.php &> /dev/null
mv wx.tmp wx &> /dev/null
chmod +x wx &> /dev/null
fi
if [[ $USER != "root" && $USER != "local" ]] wx-install --auto
if [[ $USERNAME != $USER && $USERNAME != $SUDO_USER && $USERNAME != $LOGNAME ]]
then then
mkdir $HOME/bin &> /dev/null wx-logout
curl https://git.waren.io/warengroup/wx/raw/branch/master/wx -o $HOME/bin/wx &> /dev/null
chmod +x $HOME/bin/wx &> /dev/null
fi fi
exit 1 exit 1

607
wx
View File

@@ -19,60 +19,82 @@ wxNormal=$(tput sgr0)
declare -Ax config declare -Ax config
wx-start(){ wx-header(){
echo "" if [[ $2 == "h1" ]]
echo ""
echo ""
echo "=============================="
echo -n "$wxBold"
echo " Warén CLI "
echo -n "$wxNormal"
echo "=============================="
mkdir -p $HOME/.config/warengroup &> /dev/null
if [[ ! -f "$HOME/.config/warengroup/config.json" ]]
then then
echo '{}' | jq > $HOME/.config/warengroup/config.json echo ""
echo ""
echo ""
echo "=============================="
wx-repeat " " $((30/2-${#1}/2))
echo -n "$wxBold"
echo -n "$1"
echo -n "$wxNormal"
echo ""
echo "=============================="
fi fi
if [[ $2 == "h2" || -z $2 ]]
then
wx-start
wx-repeat " " $((30/2-6/2-${#1}/2))
echo -n ">> $1 <<"
echo ""
echo "------------------------------"
fi
}
wx-repeat() {
local str=$1 n=$2 spaces
printf -v spaces "%*s" $n " "
printf "%s" "${spaces// /$str}"
}
wx-restricted(){
if [[ $USER == "root" || $USER == "local" ]]
then
echo "Status: Command Restricted"
echo " "
echo " "
echo " "
exit 1
fi
}
wx-start(){
wx-header "Warén CLI" h1
mkdir -p $HOME/.warengroup &> /dev/null
if [[ ! -f "$HOME/.warengroup/config.json" || $(jq -e . < $HOME/.warengroup/config.json &>/dev/null; echo $?) -gt 0 ]]
then
echo '{}' | jq > $HOME/.warengroup/config.json
fi
mkdir -p $HOME/.ssh/keys
chmod 700 -R $HOME/.ssh/keys
mkdir -p $HOME/.ssh/multiplex
chmod 700 -R $HOME/.ssh/multiplex
} }
wx-stop (){ wx-stop (){
echo " " echo " "
echo " " echo " "
echo " " echo " "
if [[ -f "./wx" ]] && [[ -d "./src" ]]
then
podman run -it --rm -v "$PWD":/usr/src/myapp -w /usr/src/myapp docker.io/library/php:8-cli php generator.php &> /dev/null
mv wx.tmp wx &> /dev/null
chmod +x wx &> /dev/null
fi
if [[ $USER != "root" && $USER != "local" ]] wx-install --auto
if [[ $USERNAME != $USER && $USERNAME != $SUDO_USER && $USERNAME != $LOGNAME ]]
then then
mkdir $HOME/bin &> /dev/null wx-logout
curl https://git.waren.io/warengroup/wx/raw/branch/master/wx -o $HOME/bin/wx &> /dev/null
chmod +x $HOME/bin/wx &> /dev/null
fi fi
exit 1 exit 1
} }
wx-auto(){
wx-login
echo " >> Auto << "
echo "------------------------------"
wx-ssh-config-sync
wx-ssh-keys-sync
wx-ssh-sign
}
wx-help(){ wx-help(){
echo " >> Help << " wx-header "Help"
echo "------------------------------"
echo -n " echo -n "
Usage: $0 COMMAND [OPTIONS] Usage: $0 COMMAND [OPTIONS]
@@ -85,32 +107,70 @@ Common Commands:
edit Edit edit Edit
save Save save Save
sync Sync sync Sync
clean Clean
keys Keys keys Keys
generate Generate generate Generate
delete Delete sign Sign
retrieve Retrieve
save Save save Save
sync Sync sync Sync
sign Certificates delete Delete
clean Clean
Authentication Commands:
login Login
logout Logout
Management Commands: Management Commands:
auto Auto auto Auto
login Login clean Clean
settings Settings settings Settings
Maintenance Commands:
install Install
update Update
"; ";
} }
wx-infra(){ wx-infra(){
wx-login wx-login
wx-ssh-sign &> /dev/null wx-auto &> /dev/null
echo " >> Infra << " wx-header "Infra"
echo "------------------------------" wx-restricted
INFRA_PATH="/home/cwchristerw/Desktop/Work in Progress/Programming/warengroup/infra"
case $USERNAME in case $USERNAME in
cwchristerw) cwchristerw)
if [[ -d "$HOME/Desktop/Work in Progress/Programming/warengroup/infra" ]]
then
INFRA_PATH="$HOME/Desktop/Work in Progress/Programming/warengroup/infra"
else
if [[ -d "$HOME/.warengroup/infra" ]]
then
INFRA_PATH="$HOME/.warengroup/infra"
else
INFRA_PATH="$HOME/.warengroup/infra"
mkdir -p "$INFRA_PATH" &> /dev/null
git clone ssh://git@git.waren.io:2222/warengroup-private/infra.git --config core.sshCommand="ssh -i $HOME/.ssh/keys/warengroup-legacy -o ProxyJump=none" "$INFRA_PATH" &> /dev/null
fi
fi
if [[ ! -f "$INFRA_PATH/vault/cwchristerw" || ! -f "$INFRA_PATH/vault/warengroup" ]]
then
mkdir -p "$INFRA_PATH/vault" &> /dev/null
curl \
-H "X-Vault-Token: ${config["login",$ORG]}" \
-X GET \
https://$VAULT_DOMAIN/v1/cli/data/cwchristerw/settings/infra -s | jq -r '.data.data.cwchristerw' > "$INFRA_PATH/vault/cwchristerw"
curl \
-H "X-Vault-Token: ${config["login",$ORG]}" \
-X GET \
https://$VAULT_DOMAIN/v1/cli/data/cwchristerw/settings/infra -s | jq -r '.data.data.warengroup' > "$INFRA_PATH/vault/warengroup"
fi
if [[ -z $1 ]] if [[ -z $1 ]]
then then
echo "Tag Required" echo "Tag Required"
@@ -119,15 +179,26 @@ wx-infra(){
then then
if [[ -z $2 ]] if [[ -z $2 ]]
then then
echo "Tag Required" 2=init
else
cd "$INFRA_PATH"
ansible-playbook --vault-id warengroup@vault/warengroup playbooks/init.yml -t $2 $3 $4 $5 $6 $7 $8 $9
cd "$OLDPWD"
fi fi
cd "$INFRA_PATH"
git pull &> /dev/null
ansible-galaxy collection install -r requirements.yml --upgrade &> /dev/null
ansible-playbook --vault-id warengroup@vault/warengroup --vault-id cwchristerw@vault/cwchristerw playbooks/init.yml -t $2 $3 $4 $5 $6 $7 $8 $9
cd "$OLDPWD"
elif [[ $1 == "manager" ]]
then
cd "$INFRA_PATH"
git pull &> /dev/null
ansible-galaxy collection install -r requirements.yml --upgrade &> /dev/null
ansible-playbook --vault-id warengroup@vault/warengroup --vault-id cwchristerw@vault/cwchristerw manager.yml $2 $3 $4 $5 $6 $7 $8 $9
cd "$OLDPWD"
else else
cd "$INFRA_PATH" cd "$INFRA_PATH"
ansible-playbook --vault-id warengroup@vault/warengroup playbooks.yml -t $1 $2 $3 $4 $5 $6 $7 $8 $9 git pull &> /dev/null
ansible-galaxy collection install -r requirements.yml --upgrade &> /dev/null
ansible-playbook --vault-id warengroup@vault/warengroup --vault-id cwchristerw@vault/cwchristerw playbooks.yml -t $1 $2 $3 $4 $5 $6 $7 $8 $9
cd "$OLDPWD" cd "$OLDPWD"
fi fi
fi fi
@@ -138,21 +209,33 @@ wx-infra(){
esac esac
} }
wx-ssh(){
wx-login
case $1 in
keys)
wx-ssh-keys $2 $3
;;
config)
wx-ssh-config $2
;;
*)
wx-header "SSH"
wx-stop
;;
esac
}
wx-welcome(){
wx-header "Welcome"
}
wx-login(){ wx-login(){
ORG=$1
if [[ -z "$HOSTNAME" || ${#HOSTNAME} -lt 5 ]]
then
echo " >> Login << "
echo "------------------------------"
echo "Status: Hostname Required"
wx-stop
fi
if [[ ! -z $1 ]] if [[ ! -z $1 ]]
then then
ORG=$1 ORG=$1
jq '.org = "'$ORG'"' $HOME/.warengroup/config.json 1> $HOME/.warengroup/config.json.tmp
mv $HOME/.warengroup/config.json.tmp $HOME/.warengroup/config.json &> /dev/null
elif [[ $(hostname -d) = *"devices.waren.io" ]] elif [[ $(hostname -d) = *"devices.waren.io" ]]
then then
ORG=warengroup ORG=warengroup
@@ -162,10 +245,11 @@ wx-login(){
elif [[ $(hostname -d) = *"devices.christerwaren.fi" ]] elif [[ $(hostname -d) = *"devices.christerwaren.fi" ]]
then then
ORG=cwchristerw ORG=cwchristerw
elif [[ $USER != "root" && $USER != "local" && -f "$HOME/.warengroup/config.json" && $(cat $HOME/.warengroup/config.json | jq -r .org) != "null" ]]
then
ORG=$(cat $HOME/.warengroup/config.json | jq -r .org)
else else
echo " >> Login << " wx-header "Login"
echo "------------------------------"
echo "Status: Organization Required" echo "Status: Organization Required"
wx-stop wx-stop
fi fi
@@ -180,41 +264,23 @@ wx-login(){
then then
DOMAIN=christerwaren.fi DOMAIN=christerwaren.fi
else else
echo " >> Login << " wx-header "Login"
echo "------------------------------"
echo "Status: Organization Unsupported" echo "Status: Organization Unsupported"
wx-stop wx-stop
fi fi
FOLDER=$ORG FOLDER=$ORG
DEVICE_DOMAIN="devices.$DOMAIN" DEVICE_DOMAIN="devices.$DOMAIN"
IDM_DOMAIN="idm.cwinfo.net" IDM_DOMAIN="idm.waren.io"
VAULT_DOMAIN="vault.cwinfo.net" VAULT_DOMAIN="vault.cwinfo.net"
if [[ ! -z $2 ]]
then
HOSTNAME="$2.$DEVICE_DOMAIN"
elif [[ $(hostname -d) ]]
then
HOSTNAME=$(hostname --fqdn)
else
echo " >> Login << "
echo "------------------------------"
echo "Status: Hostname Required"
wx-stop
fi
if [[ -z $USER || $USER == "root" || $USER == "local" ]] if [[ -z $USER || $USER == "root" || $USER == "local" ]]
then then
if [[ -z $SUDO_USER ]] if [[ -z $SUDO_USER ]]
then then
if [[ -z LOGNAME ]] if [[ -z LOGNAME ]]
then then
echo " >> Login << " wx-header "Login"
echo "------------------------------"
echo "Status: Username Required" echo "Status: Username Required"
wx-stop wx-stop
else else
@@ -223,32 +289,40 @@ wx-login(){
else else
USERNAME=$SUDO_USER USERNAME=$SUDO_USER
fi fi
else
USERNAME=$USER
fi fi
VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/sys/health) VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/sys/health)
if [[ $VAULT_STATUS -eq 200 ]] if [[ $VAULT_STATUS -eq 200 ]]
then then
if [[ -f "$HOME/.config/warengroup/config.json" ]]
if [[ $USER != "root" && $USER != "local" && -f "$HOME/.warengroup/config.json" ]]
then then
TOKEN="$(cat $HOME/.config/warengroup/config.json | jq -r .login.$ORG)" if [[ $(cat $HOME/.warengroup/config.json | jq -r .login.$ORG.username) != "null" ]]
then
USERNAME="$(cat $HOME/.warengroup/config.json | jq -r .login.$ORG.username)"
fi
TOKEN="$(cat $HOME/.warengroup/config.json | jq -r .login.$ORG.token)"
fi fi
VAULT_LOGIN=$(curl https://$VAULT_DOMAIN/v1/auth/token/renew -X POST --header "X-Vault-Token: $TOKEN" -d '{ "token": "'$TOKEN'" }' -s | jq -r '.auth.client_token') VAULT_LOGIN=$(curl https://$VAULT_DOMAIN/v1/auth/token/renew -X POST --header "X-Vault-Token: $TOKEN" -d '{ "token": "'$TOKEN'" }' -s | jq -r '.auth.client_token')
if [[ ! -z $VAULT_LOGIN && ${#VAULT_LOGIN} == 95 ]] if [[ ! -z $VAULT_LOGIN && ${#VAULT_LOGIN} == 95 ]]
then then
config["login",${ORG}]=$VAULT_LOGIN config["login",${ORG}]=$VAULT_LOGIN
jq '.login.'$ORG' = "'$VAULT_LOGIN'"' $HOME/.config/warengroup/config.json &> $HOME/.config/warengroup/config.json.tmp if [[ $USER != "root" && $USER != "local" ]]
mv $HOME/.config/warengroup/config.json.tmp $HOME/.config/warengroup/config.json &> /dev/null then
jq '.login.'$ORG'.token = "'$VAULT_LOGIN'"' $HOME/.warengroup/config.json 1> $HOME/.warengroup/config.json.tmp
mv $HOME/.warengroup/config.json.tmp $HOME/.warengroup/config.json &> /dev/null
fi
else else
IDM_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$IDM_DOMAIN) IDM_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$IDM_DOMAIN)
if [[ $IDM_STATUS -eq 301 ]] if [[ $IDM_STATUS -eq 301 ]]
then then
echo " >> Login << " wx-header "Login"
echo "------------------------------"
echo $wxBold$ORG$wxNormal echo $wxBold$ORG$wxNormal
if [[ -z $USERNAME || $USERNAME == "root" || $USERNAME == "local" ]] if [[ -z $USERNAME || $USERNAME == "root" || $USERNAME == "local" || $USERNAME == "nobody" ]]
then then
echo -n "Username: " echo -n "Username: "
read USERNAME read USERNAME
@@ -256,6 +330,9 @@ wx-login(){
echo "Username: $USERNAME" echo "Username: $USERNAME"
fi fi
jq '.login.'$ORG'.username = "'$USERNAME'"' $HOME/.warengroup/config.json 1> $HOME/.warengroup/config.json.tmp
mv $HOME/.warengroup/config.json.tmp $HOME/.warengroup/config.json &> /dev/null
echo -n "Password: " echo -n "Password: "
read -s PASSWORD read -s PASSWORD
echo "****************" echo "****************"
@@ -273,15 +350,15 @@ wx-login(){
fi fi
config["login",${ORG}]=$VAULT_LOGIN config["login",${ORG}]=$VAULT_LOGIN
jq '.login.'$ORG' = "'$VAULT_LOGIN'"' $HOME/.config/warengroup/config.json &> $HOME/.config/warengroup/config.json.tmp
mv $HOME/.config/warengroup/config.json.tmp $HOME/.config/warengroup/config.json &> /dev/null
wx-start if [[ $USER != "root" && $USER != "local" ]]
then
jq '.login.'$ORG'.token = "'$VAULT_LOGIN'"' $HOME/.warengroup/config.json &> $HOME/.warengroup/config.json.tmp
mv $HOME/.warengroup/config.json.tmp $HOME/.warengroup/config.json &> /dev/null
fi
fi fi
else else
echo " >> Login << " wx-header "Login"
echo "------------------------------"
echo $wxBold$ORG$wxNormal echo $wxBold$ORG$wxNormal
echo -n "Token: " echo -n "Token: "
@@ -302,63 +379,123 @@ wx-login(){
fi fi
config["login",${ORG}]=$VAULT_LOGIN config["login",${ORG}]=$VAULT_LOGIN
jq '.login.'$ORG' = "'$VAULT_LOGIN'"' $HOME/.config/warengroup/config.json &> $HOME/.config/warengroup/config.json.tmp
mv $HOME/.config/warengroup/config.json.tmp $HOME/.config/warengroup/config.json &> /dev/null
wx-start if [[ $USER != "root" && $USER != "local" ]]
then
jq '.login.'$ORG'.token = "'$VAULT_LOGIN'"' $HOME/.warengroup/config.json &> $HOME/.warengroup/config.json.tmp
mv $HOME/.warengroup/config.json.tmp $HOME/.warengroup/config.json &> /dev/null
fi
fi fi
fi fi
else else
echo " >> Login << " wx-header "Login"
echo "------------------------------"
echo $wxBold$ORG$wxNormal echo $wxBold$ORG$wxNormal
echo "Status: Vault Offline" echo "Status: Vault Offline"
wx-stop wx-stop
fi fi
} }
wx-logout(){
wx-header "Logout"
if [[ $USER != "root" && $USER != "local" && -f "$HOME/.warengroup/config.json" ]]
then
VAULT_LOGIN=$(cat $HOME/.warengroup/config.json | jq -r .login)
if [[ $VAULT_LOGIN != null && $VAULT_LOGIN != "{}" ]]
then
wx-clean &> /dev/null
jq '.login = {}' $HOME/.warengroup/config.json &> $HOME/.warengroup/config.json.tmp
mv $HOME/.warengroup/config.json.tmp $HOME/.warengroup/config.json &> /dev/null
fi
fi
}
wx-install(){
if [[ -z $1 ]]
then
wx-header "Install"
fi
wx-restricted
if [[ -f "./wx" ]] && [[ -d "./src" ]]
then
podman run -it --rm -v "$PWD":/usr/src/myapp -w /usr/src/myapp docker.io/library/php:8-cli php generator.php &> /dev/null
mv wx.tmp wx &> /dev/null
chmod +x wx &> /dev/null
fi
mkdir $HOME/bin &> /dev/null
if [[ $(curl -s -o /dev/null -w "%{http_code}" https://git.waren.io/warengroup/wx/raw/branch/master/wx) -eq 200 ]]
then
curl https://git.waren.io/warengroup/wx/raw/branch/master/wx -o $HOME/bin/wx &> /dev/null
chmod +x $HOME/bin/wx &> /dev/null
fi
CRONJOB_NAME="#Warén CLI: Auto"
CRONJOB_TASK="*/5 * * * * $HOME/bin/wx auto"
if [[ -z $(crontab -l | grep -F "$CRONJOB_NAME") || -z $(crontab -l | grep -F "$CRONJOB_TASK") ]]
then
(crontab -l ; echo "$CRONJOB_NAME" ; echo "$CRONJOB_TASK") | grep -Fv "no crontab" | crontab -
fi
}
wx-uninstall(){
wx-header "Uninstall"
wx-clean &> /dev/null
if [[ -d "$HOME/.warengroup" ]]
then
rm "$HOME/.warengroup" -rf
fi
CRONJOB_NAME="#Warén CLI: Auto"
CRONJOB_TASK="*/5 * * * * $HOME/bin/wx auto"
if [[ $(crontab -l | grep -F "$CRONJOB_NAME") || $(crontab -l | grep -F "$CRONJOB_TASK") ]]
then
crontab -l | grep -Fv "$CRONJOB_NAME" | grep -Fv "$CRONJOB_TASK" | grep -Fv "no crontab" | crontab -
fi
if [[ -f "$HOME/bin/wx" ]]
then
rm "$HOME/bin/wx" -rf
fi
echo " "
echo " "
echo " "
exit 1
}
wx-update(){
wx-header "Update"
wx-install --update
}
wx-auto(){
wx-login
wx-header "Auto"
wx-ssh-config-sync
wx-ssh-keys-sign
wx-ssh-keys-sync
}
wx-clean(){
wx-login
wx-header "Clean"
wx-ssh-config-clean
wx-ssh-keys-clean
}
wx-settings(){ wx-settings(){
wx-login wx-login
wx-header "Settings"
echo " >> Settings << "
echo "------------------------------"
}
wx-ssh(){
wx-login
mkdir -p $HOME/.ssh/keys
chmod 700 -R $HOME/.ssh/keys
case $1 in
sign)
wx-ssh-sign
;;
keys)
wx-ssh-keys $2 $3
;;
config)
wx-ssh-config $2
;;
*)
echo " >> SSH << "
echo "------------------------------"
wx-stop
;;
esac
}
wx-welcome(){
echo " >> Welcome << "
echo "------------------------------"
} }
wx-ssh-config(){ wx-ssh-config(){
echo " >> SSH / Config << " wx-restricted
echo "------------------------------"
case $1 in case $1 in
edit) edit)
@@ -372,6 +509,9 @@ wx-ssh-config(){
sync) sync)
wx-ssh-config-sync wx-ssh-config-sync
;; ;;
clean)
wx-ssh-config-clean
;;
*) *)
wx-ssh-config-sync wx-ssh-config-sync
wx-stop wx-stop
@@ -380,24 +520,46 @@ wx-ssh-config(){
} }
wx-ssh-config-edit(){ wx-ssh-config-edit(){
wx-header "SSH / Config / Edit"
wx-restricted
nano ~/.ssh/config nano ~/.ssh/config
} }
wx-ssh-config-save(){ wx-ssh-config-save(){
wx-header "SSH / Config / Save"
wx-restricted
curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/config -X POST --header "X-Vault-Token: ${config["login",$ORG]}" -d "{ \"data\": { \"data\": \"$(cat ~/.ssh/config | base64 -w 0)\" } }" -s &> /dev/null curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/config -X POST --header "X-Vault-Token: ${config["login",$ORG]}" -d "{ \"data\": { \"data\": \"$(cat ~/.ssh/config | base64 -w 0)\" } }" -s &> /dev/null
} }
wx-ssh-config-sync(){ wx-ssh-config-sync(){
wx-header "SSH / Config / Sync"
wx-restricted
VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/config -X GET --header "X-Vault-Token: ${config["login",$ORG]}") VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/config -X GET --header "X-Vault-Token: ${config["login",$ORG]}")
if [[ $VAULT_STATUS -eq 200 ]] if [[ $VAULT_STATUS -eq 200 ]]
then then
echo $(curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/config -X GET --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.data.data') | base64 -d > ~/.ssh/config 2>&1 touch ~/.ssh/config
SSH1_CONFIG_MD5=$(curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/config -X GET --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.data.data' | base64 -d | md5sum | base64)
SSH2_CONFIG_MD5=$(cat ~/.ssh/config | md5sum | base64)
if [[ $SSH1_CONFIG_MD5 != $SSH2_CONFIG_MD5 ]]
then
echo $(curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/config -X GET --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.data.data') | base64 -d > ~/.ssh/config 2>&1
chmod 700 ~/.ssh/config
fi
fi
}
wx-ssh-config-clean(){
wx-header "SSH / Config / Clean"
wx-restricted
VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/config -X GET --header "X-Vault-Token: ${config["login",$ORG]}")
if [[ -f "$HOME/.ssh/config" && $VAULT_STATUS -eq 200 ]]
then
rm "$HOME/.ssh/config"
fi fi
} }
wx-ssh-keys(){ wx-ssh-keys(){
echo " >> SSH / Keys << " wx-restricted
echo "------------------------------"
case $1 in case $1 in
generate) generate)
@@ -405,6 +567,9 @@ wx-ssh-keys(){
wx-ssh-keys-generate $2 wx-ssh-keys-generate $2
wx-ssh-keys-save $2 wx-ssh-keys-save $2
;; ;;
sign)
wx-ssh-keys-sign
;;
retrieve) retrieve)
wx-ssh-keys-retrieve $2 wx-ssh-keys-retrieve $2
;; ;;
@@ -415,16 +580,20 @@ wx-ssh-keys(){
wx-ssh-keys-sync $2 wx-ssh-keys-sync $2
;; ;;
delete) delete)
wx-ssh-keys-remove $2 wx-ssh-keys-delete $2
;;
clean)
wx-ssh-keys-clean $2
;; ;;
*) *)
wx-ssh-keys-sync
wx-stop wx-stop
;; ;;
esac esac
} }
wx-ssh-keys-generate(){ wx-ssh-keys-generate(){
wx-header "SSH / Keys / Generate"
wx-restricted
if [[ ! -z $1 ]] if [[ ! -z $1 ]]
then then
if [[ ! -f "$HOME/.ssh/keys/$1" ]] if [[ ! -f "$HOME/.ssh/keys/$1" ]]
@@ -434,51 +603,27 @@ wx-ssh-keys-generate(){
fi fi
} }
wx-ssh-keys-retrieve(){ wx-ssh-keys-sign(){
if [[ ! -z $1 ]] wx-header "SSH / Keys / Sign"
wx-restricted
if [[ $ORG == "warengroup" && $USERNAME != "cwchristerw" ]]
then then
VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/keys/$1 -X GET --header "X-Vault-Token: ${config["login",$ORG]}") wx-ssh-keys-sign-create warengroup sysadmin 3600
if [[ $VAULT_STATUS -eq 200 ]] elif [[ $ORG == "cwinfo" && $USERNAME != "cwchristerw" ]]
then then
echo $(curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/keys/$1 -X GET --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.data.private') | base64 -d > ~/.ssh/keys/$1 2>&1 wx-ssh-keys-sign-create cwinfo sysadmin 3600
echo $(curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/keys/$1 -X GET --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.data.public') | base64 -d > ~/.ssh/keys/$1.pub 2>&1 elif [[ $ORG == "cwchristerw" || $USERNAME == "cwchristerw" ]]
fi then
wx-ssh-keys-sign-create warengroup sysadmin 3600
wx-ssh-keys-sign-create cwinfo sysadmin 3600
wx-ssh-keys-sign-create cwchristerw sysadmin 3600
fi fi
} }
wx-ssh-keys-save(){ wx-ssh-keys-sign-create(){
if [[ ! -z $1 ]] wx-restricted
then
if [[ -f "$HOME/.ssh/keys/$1" ]]
then
curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/keys/$1 -X POST --header "X-Vault-Token: ${config["login",$ORG]}" -d "{ \"data\": { \"private\": \"$(cat ~/.ssh/keys/$1 | base64 -w 0)\", \"public\": \"$(cat ~/.ssh/keys/$1.pub | base64 -w 0)\" } }" -s &> /dev/null
fi
fi
}
wx-ssh-keys-sync(){
echo ""
}
wx-ssh-sign(){
echo " >> SSH / Sign << "
echo "------------------------------"
if [[ $ORG == "warengroup" ]]
then
wx-ssh-sign-create warengroup sysadmin 3600
elif [[ $ORG == "cwinfo" ]]
then
wx-ssh-sign-create cwinfo sysadmin 3600
elif [[ $ORG == "cwchristerw" ]]
then
wx-ssh-sign-create warengroup sysadmin 3600
wx-ssh-sign-create cwinfo sysadmin 3600
wx-ssh-sign-create cwchristerw sysadmin 3600
fi
}
wx-ssh-sign-create(){
NAME=$1 NAME=$1
ROLE=$2 ROLE=$2
PRINCIPALS=$2 PRINCIPALS=$2
@@ -496,8 +641,94 @@ wx-ssh-sign-create(){
fi fi
} }
wx-ssh-keys-retrieve(){
if [[ -z $2 ]]
then
wx-header "SSH / Keys / Retrieve"
fi
wx-restricted
if [[ ! -z $1 ]]
then
VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/keys/$1 -X GET --header "X-Vault-Token: ${config["login",$ORG]}")
if [[ $VAULT_STATUS -eq 200 ]]
then
echo $(curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/keys/$1 -X GET --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.data.private') | base64 -d > ~/.ssh/keys/$1 2>&1
chmod 700 ~/.ssh/keys/$1
echo $(curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/keys/$1 -X GET --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.data.public') | base64 -d > ~/.ssh/keys/$1.pub 2>&1
chmod 700 ~/.ssh/keys/$1.pub
fi
fi
}
wx-ssh-keys-save(){
wx-header "SSH / Keys / Save"
wx-restricted
if [[ ! -z $1 ]]
then
if [[ -f "$HOME/.ssh/keys/$1" ]]
then
curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/keys/$1 -X POST --header "X-Vault-Token: ${config["login",$ORG]}" -d "{ \"data\": { \"private\": \"$(cat ~/.ssh/keys/$1 | base64 -w 0)\", \"public\": \"$(cat ~/.ssh/keys/$1.pub | base64 -w 0)\" } }" -s &> /dev/null
fi
fi
}
wx-ssh-keys-sync(){
wx-header "SSH / Keys / Sync"
wx-restricted
VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/cli/metadata/$USERNAME/settings/ssh/keys -X LIST --header "X-Vault-Token: ${config["login",$ORG]}")
if [[ $VAULT_STATUS -eq 200 ]]
then
for name in $(curl https://$VAULT_DOMAIN/v1/cli/metadata/$USERNAME/settings/ssh/keys -X LIST --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.keys | @sh' | tr -d \')
do
echo $name
wx-ssh-keys-retrieve $name --multiple
done
fi
}
wx-ssh-keys-clean(){
if [[ -z $1 ]]
then
wx-header "SSH / Keys / Clean"
fi
wx-restricted
if [[ ! -z $1 ]]
then
if [[ -f "$HOME/.ssh/keys/$1" && $(basename "$HOME/.ssh/keys/$1") != "legacy" ]]
then
rm "$HOME/.ssh/keys/$1" &> /dev/null
rm "$HOME/.ssh/keys/$1.pub" &> /dev/null
rm "$HOME/.ssh/keys/$1.sig" &> /dev/null
fi
else
if [[ $ORG == "warengroup" && $USERNAME != "cwchristerw" ]]
then
wx-ssh-keys-clean warengroup
elif [[ $ORG == "cwinfo" && $USERNAME != "cwchristerw" ]]
then
wx-ssh-keys-clean cwinfo
elif [[ $ORG == "cwchristerw" || $USERNAME == "cwchristerw" ]]
then
wx-ssh-keys-clean warengroup
wx-ssh-keys-clean cwinfo
wx-ssh-keys-clean cwchristerw
fi
for file in ~/.ssh/keys/*
do
VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/keys/$(basename "$file" .pub) -X GET --header "X-Vault-Token: ${config["login",$ORG]}")
if [[ $(basename "$file") != "legacy" && $VAULT_STATUS -eq 200 ]]
then
rm "$file" &> /dev/null
fi
done
fi
}
wx-start
if [[ ! -z $1 ]] && [[ $(type -t wx-$1) == function ]] if [[ ! -z $1 ]] && [[ $(type -t wx-$1) == function ]]
then then
wx-$1 $2 $3 $4 $5 $6 $7 $8 $9 wx-$1 $2 $3 $4 $5 $6 $7 $8 $9