warengroup/wx
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: warengroup:13e0deb5f530f6e58615535bbeebb5de6020a630
Branches Tags
warengroup:master
...
compare: warengroup:4e9ae9109e71740bfbae37ee249afa64669f3bda
Branches Tags
warengroup:master

3 Commits
13e0deb5f5 ... 4e9ae9109e

Author SHA1 Message Date
Christer Warén
4e9ae9109e Code Update 2024-06-16 04:03:45 +03:00
Christer Warén
0071b7407d Code Update 2024-06-16 04:01:17 +03:00
Christer Warén
b014dd1990 Code Update 2024-06-16 02:51:29 +03:00
17 changed files with 361 additions and 170 deletions
Show Stats Expand all files Collapse all files

0
build.sh Normal file → Executable file
View File

0
src/commands/login.sh → src/commands/auth/login.sh
View File

13
src/commands/auth/logout.sh Normal file
View File

@ -0,0 +1,13 @@
wx-logout(){
wx-header "Logout"
if [[ $USER != "root" && $USER != "local" && -f "$HOME/.config/warengroup/config.json" ]]
then
VAULT_LOGIN=$(cat $HOME/.config/warengroup/config.json | jq -r .login)
if [[ $VAULT_LOGIN != null && $VAULT_LOGIN != "{}" ]]
then
wx-clean
jq '.login = {}' $HOME/.config/warengroup/config.json &> $HOME/.config/warengroup/config.json.tmp
mv $HOME/.config/warengroup/config.json.tmp $HOME/.config/warengroup/config.json &> /dev/null
fi
fi
}

13
src/commands/help.sh
View File

@ -13,12 +13,15 @@ Common Commands:
edit Edit
save Save
sync Sync
clean Clean
keys Keys
generate Generate
delete Delete
sign Sign
retrieve Retrieve
save Save
sync Sync
sign Certificates
delete Delete
clean Clean
Authentication Commands:
login Login
@ -26,8 +29,12 @@ Authentication Commands:
Management Commands:
auto Auto
install Install
clean Clean
settings Settings
Maintenance Commands:
install Install
update Update
";
}

2
src/commands/infra.sh
View File

@ -1,6 +1,6 @@
wx-infra(){
wx-login
wx-ssh-sign &> /dev/null
wx-auto &> /dev/null
wx-header "Infra"
wx-restricted

8
src/commands/logout.sh
View File

@ -1,8 +0,0 @@
wx-logout(){
wx-header "Logout"
if [[ $USER != "root" && $USER != "local" ]]
then
jq '.login = {}' $HOME/.config/warengroup/config.json &> $HOME/.config/warengroup/config.json.tmp
mv $HOME/.config/warengroup/config.json.tmp $HOME/.config/warengroup/config.json &> /dev/null
fi
}

0
src/commands/install.sh → src/commands/maintenance/install.sh
View File

8
src/commands/maintenance/uninstall.sh Normal file
View File

@ -0,0 +1,8 @@
wx-uninstall(){
wx-header "Uninstall"
wx-logout
if [[ ! -d "$HOME/.config/warengroup" ]]
then
rm "$HOME/.config/warengroup" -rf
fi
}

0
src/commands/update.sh → src/commands/maintenance/update.sh
View File

2
src/commands/auto.sh → src/commands/management/auto.sh
View File

@ -4,5 +4,5 @@ wx-auto(){
wx-ssh-config-sync
wx-ssh-keys-sync
wx-ssh-sign
wx-ssh-keys-sign
}

6
src/commands/management/clean.sh Normal file
View File

@ -0,0 +1,6 @@
wx-clean(){
wx-login
wx-header "Clean"
wx-ssh-config-clean
wx-ssh-keys-clean
}

0
src/commands/settings.sh → src/commands/management/settings.sh
View File

4
src/commands/ssh.sh
View File

@ -7,9 +7,6 @@ wx-ssh(){
chmod 700 -R $HOME/.ssh/multiplex
case $1 in
sign)
wx-ssh-sign
;;
keys)
wx-ssh-keys $2 $3
;;
@ -18,7 +15,6 @@ wx-ssh(){
;;
*)
wx-header "SSH"
wx-stop
;;
esac

20
src/commands/ssh/config.sh
View File

@ -13,6 +13,9 @@ wx-ssh-config(){
sync)
wx-ssh-config-sync
;;
clean)
wx-ssh-config-clean
;;
*)
wx-ssh-config-sync
wx-stop
@ -21,23 +24,34 @@ wx-ssh-config(){
}
wx-ssh-config-edit(){
wx-header "SSH / Config"
wx-header "SSH / Config / Edit"
wx-restricted
nano ~/.ssh/config
}
wx-ssh-config-save(){
wx-header "SSH / Config"
wx-header "SSH / Config / Save"
wx-restricted
curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/config -X POST --header "X-Vault-Token: ${config["login",$ORG]}" -d "{ \"data\": { \"data\": \"$(cat ~/.ssh/config | base64 -w 0)\" } }" -s &> /dev/null
}
wx-ssh-config-sync(){
wx-header "SSH / Config"
wx-header "SSH / Config / Sync"
wx-restricted
VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/config -X GET --header "X-Vault-Token: ${config["login",$ORG]}")
if [[ $VAULT_STATUS -eq 200 ]]
then
echo $(curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/config -X GET --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.data.data') | base64 -d > ~/.ssh/config 2>&1
chmod 700 ~/.ssh/config
fi
}
wx-ssh-config-clean(){
wx-header "SSH / Config / Clean"
wx-restricted
VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/config -X GET --header "X-Vault-Token: ${config["login",$ORG]}")
if [[ -f "$HOME/.ssh/config" && $VAULT_STATUS -eq 200 ]]
then
rm "$HOME/.ssh/config"
fi
}

110
src/commands/ssh/keys.sh
View File

@ -7,6 +7,9 @@ wx-ssh-keys(){
wx-ssh-keys-generate $2
wx-ssh-keys-save $2
;;
sign)
wx-ssh-keys-sign
;;
retrieve)
wx-ssh-keys-retrieve $2
;;
@ -17,17 +20,19 @@ wx-ssh-keys(){
wx-ssh-keys-sync $2
;;
delete)
wx-ssh-keys-remove $2
wx-ssh-keys-delete $2
;;
clean)
wx-ssh-keys-clean $2
;;
*)
wx-ssh-keys-sync
wx-stop
;;
esac
}
wx-ssh-keys-generate(){
wx-header "SSH / Keys"
wx-header "SSH / Keys / Generate"
wx-restricted
if [[ ! -z $1 ]]
then
@ -38,8 +43,50 @@ wx-ssh-keys-generate(){
fi
}
wx-ssh-keys-sign(){
wx-header "SSH / Keys / Sign"
wx-restricted
if [[ $ORG == "warengroup" ]]
then
wx-ssh-keys-sign-create warengroup sysadmin 3600
elif [[ $ORG == "cwinfo" ]]
then
wx-ssh-keys-sign-create cwinfo sysadmin 3600
elif [[ $ORG == "cwchristerw" ]]
then
wx-ssh-keys-sign-create warengroup sysadmin 3600
wx-ssh-keys-sign-create cwinfo sysadmin 3600
wx-ssh-keys-sign-create cwchristerw sysadmin 3600
fi
}
wx-ssh-keys-sign-create(){
wx-restricted
NAME=$1
ROLE=$2
PRINCIPALS=$2
TTL=$3
if [[ ! -f "$HOME/.ssh/keys/$NAME" ]]
then
ssh-keygen -t ed25519 -f $HOME/.ssh/keys/$NAME -q -N "" -C "$USERNAME" &> /dev/null
fi
if [[ -f "$HOME/.ssh/keys/$NAME" ]]
then
echo "$NAME/$ROLE"
echo $(curl https://$VAULT_DOMAIN/v1/ssh/sign/$ROLE -X POST --header "X-Vault-Token: ${config["login",$ORG]}" -d "{ \"public_key\": \"$(cat $HOME/.ssh/keys/$NAME.pub)\", \"valid_principals\": \"$PRINCIPALS,$USERNAME\", \"ttl\": \"$TTL\" }" -s | jq -r '.data.signed_key') > ~/.ssh/keys/$NAME.sig 2>&1
fi
}
wx-ssh-keys-retrieve(){
wx-header "SSH / Keys"
if [[ -z $2 ]]
then
wx-header "SSH / Keys / Retrieve"
fi
wx-restricted
if [[ ! -z $1 ]]
then
@ -53,7 +100,7 @@ wx-ssh-keys-retrieve(){
}
wx-ssh-keys-save(){
wx-header "SSH / Keys"
wx-header "SSH / Keys / Save"
wx-restricted
if [[ ! -z $1 ]]
then
@ -65,7 +112,56 @@ wx-ssh-keys-save(){
}
wx-ssh-keys-sync(){
wx-header "SSH / Keys"
wx-header "SSH / Keys / Sync"
wx-restricted
echo ""
VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/cli/metadata/$USERNAME/settings/ssh/keys -X LIST --header "X-Vault-Token: ${config["login",$ORG]}")
if [[ $VAULT_STATUS -eq 200 ]]
then
for name in $(curl https://$VAULT_DOMAIN/v1/cli/metadata/$USERNAME/settings/ssh/keys -X LIST --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.keys | @sh' | tr -d \')
do
echo $name
wx-ssh-keys-retrieve $name --multiple
done
fi
}
wx-ssh-keys-clean(){
if [[ -z $1 ]]
then
wx-header "SSH / Keys / Clean"
fi
wx-restricted
if [[ ! -z $1 ]]
then
if [[ -f "$HOME/.ssh/keys/$1" && $(basename "$HOME/.ssh/keys/$1") != "legacy" ]]
then
rm "$HOME/.ssh/keys/$1" &> /dev/null
rm "$HOME/.ssh/keys/$1.pub" &> /dev/null
rm "$HOME/.ssh/keys/$1.sig" &> /dev/null
fi
else
if [[ $ORG == "warengroup" ]]
then
wx-ssh-keys-clean warengroup
elif [[ $ORG == "cwinfo" ]]
then
wx-ssh-keys-clean cwinfo
elif [[ $ORG == "cwchristerw" ]]
then
wx-ssh-keys-clean warengroup
wx-ssh-keys-clean cwinfo
wx-ssh-keys-clean cwchristerw
fi
for file in ~/.ssh/keys/*
do
VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/keys/$(basename "$file" .pub) -X GET --header "X-Vault-Token: ${config["login",$ORG]}")
if [[ $(basename "$file") != "legacy" && $VAULT_STATUS -eq 200 ]]
then
rm "$file" &> /dev/null
fi
done
fi
}

37
src/commands/ssh/sign.sh
View File

@ -1,37 +0,0 @@
wx-ssh-sign(){
wx-header "SSH / Sign"
wx-restricted
if [[ $ORG == "warengroup" ]]
then
wx-ssh-sign-create warengroup sysadmin 3600
elif [[ $ORG == "cwinfo" ]]
then
wx-ssh-sign-create cwinfo sysadmin 3600
elif [[ $ORG == "cwchristerw" ]]
then
wx-ssh-sign-create warengroup sysadmin 3600
wx-ssh-sign-create cwinfo sysadmin 3600
wx-ssh-sign-create cwchristerw sysadmin 3600
fi
}
wx-ssh-sign-create(){
wx-restricted
NAME=$1
ROLE=$2
PRINCIPALS=$2
TTL=$3
if [[ ! -f "$HOME/.ssh/keys/$NAME" ]]
then
ssh-keygen -t ed25519 -f $HOME/.ssh/keys/$NAME -q -N "" -C "$USERNAME" &> /dev/null
fi
if [[ -f "$HOME/.ssh/keys/$NAME" ]]
then
echo "$NAME/$ROLE"
echo $(curl https://$VAULT_DOMAIN/v1/ssh/sign/$ROLE -X POST --header "X-Vault-Token: ${config["login",$ORG]}" -d "{ \"public_key\": \"$(cat $HOME/.ssh/keys/$NAME.pub)\", \"valid_principals\": \"$PRINCIPALS,$USERNAME\", \"ttl\": \"$TTL\" }" -s | jq -r '.data.signed_key') > ~/.ssh/keys/$NAME.sig 2>&1
fi
}

308
wx
View File

@ -85,15 +85,6 @@ wx-stop (){
exit 1
}
wx-auto(){
wx-login
wx-header "Auto"
wx-ssh-config-sync
wx-ssh-keys-sync
wx-ssh-sign
}
wx-help(){
wx-header "Help"
@ -109,12 +100,15 @@ Common Commands:
edit Edit
save Save
sync Sync
clean Clean
keys Keys
generate Generate
delete Delete
sign Sign
retrieve Retrieve
save Save
sync Sync
sign Certificates
delete Delete
clean Clean
Authentication Commands:
login Login
@ -122,15 +116,19 @@ Authentication Commands:
Management Commands:
auto Auto
install Install
clean Clean
settings Settings
Maintenance Commands:
install Install
update Update
";
}
wx-infra(){
wx-login
wx-ssh-sign &> /dev/null
wx-auto &> /dev/null
wx-header "Infra"
wx-restricted
@ -166,24 +164,30 @@ wx-infra(){
esac
}
wx-install(){
if [[ -z $1 ]]
then
wx-header "Install"
fi
wx-ssh(){
wx-login
wx-restricted
mkdir -p $HOME/.ssh/keys
chmod 700 -R $HOME/.ssh/keys
mkdir -p $HOME/.ssh/multiplex
chmod 700 -R $HOME/.ssh/multiplex
if [[ -f "./wx" ]] && [[ -d "./src" ]]
then
podman run -it --rm -v "$PWD":/usr/src/myapp -w /usr/src/myapp docker.io/library/php:8-cli php generator.php &> /dev/null
mv wx.tmp wx &> /dev/null
chmod +x wx &> /dev/null
fi
case $1 in
keys)
wx-ssh-keys $2 $3
;;
config)
wx-ssh-config $2
;;
*)
wx-header "SSH"
wx-stop
;;
esac
}
mkdir $HOME/bin &> /dev/null
curl https://git.waren.io/warengroup/wx/raw/branch/master/wx -o $HOME/bin/wx &> /dev/null
chmod +x $HOME/bin/wx &> /dev/null
wx-welcome(){
wx-header "Welcome"
}
wx-login(){
@ -360,42 +364,45 @@ wx-login(){
wx-logout(){
wx-header "Logout"
if [[ $USER != "root" && $USER != "local" ]]
if [[ $USER != "root" && $USER != "local" && -f "$HOME/.config/warengroup/config.json" ]]
then
jq '.login = {}' $HOME/.config/warengroup/config.json &> $HOME/.config/warengroup/config.json.tmp
mv $HOME/.config/warengroup/config.json.tmp $HOME/.config/warengroup/config.json &> /dev/null
VAULT_LOGIN=$(cat $HOME/.config/warengroup/config.json | jq -r .login)
if [[ $VAULT_LOGIN != null && $VAULT_LOGIN != "{}" ]]
then
wx-clean
jq '.login = {}' $HOME/.config/warengroup/config.json &> $HOME/.config/warengroup/config.json.tmp
mv $HOME/.config/warengroup/config.json.tmp $HOME/.config/warengroup/config.json &> /dev/null
fi
fi
}
wx-settings(){
wx-login
wx-header "Settings"
wx-install(){
if [[ -z $1 ]]
then
wx-header "Install"
fi
wx-restricted
if [[ -f "./wx" ]] && [[ -d "./src" ]]
then
podman run -it --rm -v "$PWD":/usr/src/myapp -w /usr/src/myapp docker.io/library/php:8-cli php generator.php &> /dev/null
mv wx.tmp wx &> /dev/null
chmod +x wx &> /dev/null
fi
mkdir $HOME/bin &> /dev/null
curl https://git.waren.io/warengroup/wx/raw/branch/master/wx -o $HOME/bin/wx &> /dev/null
chmod +x $HOME/bin/wx &> /dev/null
}
wx-ssh(){
wx-login
mkdir -p $HOME/.ssh/keys
chmod 700 -R $HOME/.ssh/keys
mkdir -p $HOME/.ssh/multiplex
chmod 700 -R $HOME/.ssh/multiplex
case $1 in
sign)
wx-ssh-sign
;;
keys)
wx-ssh-keys $2 $3
;;
config)
wx-ssh-config $2
;;
*)
wx-header "SSH"
wx-stop
;;
esac
wx-uninstall(){
wx-header "Uninstall"
wx-logout
if [[ ! -d "$HOME/.config/warengroup" ]]
then
rm "$HOME/.config/warengroup" -rf
fi
}
wx-update(){
@ -403,8 +410,25 @@ wx-update(){
wx-install --update
}
wx-welcome(){
wx-header "Welcome"
wx-auto(){
wx-login
wx-header "Auto"
wx-ssh-config-sync
wx-ssh-keys-sync
wx-ssh-keys-sign
}
wx-clean(){
wx-login
wx-header "Clean"
wx-ssh-config-clean
wx-ssh-keys-clean
}
wx-settings(){
wx-login
wx-header "Settings"
}
wx-ssh-config(){
@ -422,6 +446,9 @@ wx-ssh-config(){
sync)
wx-ssh-config-sync
;;
clean)
wx-ssh-config-clean
;;
*)
wx-ssh-config-sync
wx-stop
@ -430,24 +457,35 @@ wx-ssh-config(){
}
wx-ssh-config-edit(){
wx-header "SSH / Config"
wx-header "SSH / Config / Edit"
wx-restricted
nano ~/.ssh/config
}
wx-ssh-config-save(){
wx-header "SSH / Config"
wx-header "SSH / Config / Save"
wx-restricted
curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/config -X POST --header "X-Vault-Token: ${config["login",$ORG]}" -d "{ \"data\": { \"data\": \"$(cat ~/.ssh/config | base64 -w 0)\" } }" -s &> /dev/null
}
wx-ssh-config-sync(){
wx-header "SSH / Config"
wx-header "SSH / Config / Sync"
wx-restricted
VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/config -X GET --header "X-Vault-Token: ${config["login",$ORG]}")
if [[ $VAULT_STATUS -eq 200 ]]
then
echo $(curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/config -X GET --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.data.data') | base64 -d > ~/.ssh/config 2>&1
chmod 700 ~/.ssh/config
fi
}
wx-ssh-config-clean(){
wx-header "SSH / Config / Clean"
wx-restricted
VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/config -X GET --header "X-Vault-Token: ${config["login",$ORG]}")
if [[ -f "$HOME/.ssh/config" && $VAULT_STATUS -eq 200 ]]
then
rm "$HOME/.ssh/config"
fi
}
@ -460,6 +498,9 @@ wx-ssh-keys(){
wx-ssh-keys-generate $2
wx-ssh-keys-save $2
;;
sign)
wx-ssh-keys-sign
;;
retrieve)
wx-ssh-keys-retrieve $2
;;
@ -470,17 +511,19 @@ wx-ssh-keys(){
wx-ssh-keys-sync $2
;;
delete)
wx-ssh-keys-remove $2
wx-ssh-keys-delete $2
;;
clean)
wx-ssh-keys-clean $2
;;
*)
wx-ssh-keys-sync
wx-stop
;;
esac
}
wx-ssh-keys-generate(){
wx-header "SSH / Keys"
wx-header "SSH / Keys / Generate"
wx-restricted
if [[ ! -z $1 ]]
then
@ -491,57 +534,25 @@ wx-ssh-keys-generate(){
fi
}
wx-ssh-keys-retrieve(){
wx-header "SSH / Keys"
wx-restricted
if [[ ! -z $1 ]]
then
VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/keys/$1 -X GET --header "X-Vault-Token: ${config["login",$ORG]}")
if [[ $VAULT_STATUS -eq 200 ]]
then
echo $(curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/keys/$1 -X GET --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.data.private') | base64 -d > ~/.ssh/keys/$1 2>&1
echo $(curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/keys/$1 -X GET --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.data.public') | base64 -d > ~/.ssh/keys/$1.pub 2>&1
fi
fi
}
wx-ssh-keys-save(){
wx-header "SSH / Keys"
wx-restricted
if [[ ! -z $1 ]]
then
if [[ -f "$HOME/.ssh/keys/$1" ]]
then
curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/keys/$1 -X POST --header "X-Vault-Token: ${config["login",$ORG]}" -d "{ \"data\": { \"private\": \"$(cat ~/.ssh/keys/$1 | base64 -w 0)\", \"public\": \"$(cat ~/.ssh/keys/$1.pub | base64 -w 0)\" } }" -s &> /dev/null
fi
fi
}
wx-ssh-keys-sync(){
wx-header "SSH / Keys"
wx-restricted
echo ""
}
wx-ssh-sign(){
wx-header "SSH / Sign"
wx-ssh-keys-sign(){
wx-header "SSH / Keys / Sign"
wx-restricted
if [[ $ORG == "warengroup" ]]
then
wx-ssh-sign-create warengroup sysadmin 3600
wx-ssh-keys-sign-create warengroup sysadmin 3600
elif [[ $ORG == "cwinfo" ]]
then
wx-ssh-sign-create cwinfo sysadmin 3600
wx-ssh-keys-sign-create cwinfo sysadmin 3600
elif [[ $ORG == "cwchristerw" ]]
then
wx-ssh-sign-create warengroup sysadmin 3600
wx-ssh-sign-create cwinfo sysadmin 3600
wx-ssh-sign-create cwchristerw sysadmin 3600
wx-ssh-keys-sign-create warengroup sysadmin 3600
wx-ssh-keys-sign-create cwinfo sysadmin 3600
wx-ssh-keys-sign-create cwchristerw sysadmin 3600
fi
}
wx-ssh-sign-create(){
wx-ssh-keys-sign-create(){
wx-restricted
NAME=$1
@ -561,6 +572,91 @@ wx-ssh-sign-create(){
fi
}
wx-ssh-keys-retrieve(){
if [[ -z $2 ]]
then
wx-header "SSH / Keys / Retrieve"
fi
wx-restricted
if [[ ! -z $1 ]]
then
VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/keys/$1 -X GET --header "X-Vault-Token: ${config["login",$ORG]}")
if [[ $VAULT_STATUS -eq 200 ]]
then
echo $(curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/keys/$1 -X GET --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.data.private') | base64 -d > ~/.ssh/keys/$1 2>&1
echo $(curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/keys/$1 -X GET --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.data.public') | base64 -d > ~/.ssh/keys/$1.pub 2>&1
fi
fi
}
wx-ssh-keys-save(){
wx-header "SSH / Keys / Save"
wx-restricted
if [[ ! -z $1 ]]
then
if [[ -f "$HOME/.ssh/keys/$1" ]]
then
curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/keys/$1 -X POST --header "X-Vault-Token: ${config["login",$ORG]}" -d "{ \"data\": { \"private\": \"$(cat ~/.ssh/keys/$1 | base64 -w 0)\", \"public\": \"$(cat ~/.ssh/keys/$1.pub | base64 -w 0)\" } }" -s &> /dev/null
fi
fi
}
wx-ssh-keys-sync(){
wx-header "SSH / Keys / Sync"
wx-restricted
VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/cli/metadata/$USERNAME/settings/ssh/keys -X LIST --header "X-Vault-Token: ${config["login",$ORG]}")
if [[ $VAULT_STATUS -eq 200 ]]
then
for name in $(curl https://$VAULT_DOMAIN/v1/cli/metadata/$USERNAME/settings/ssh/keys -X LIST --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.keys | @sh' | tr -d \')
do
echo $name
wx-ssh-keys-retrieve $name --multiple
done
fi
}
wx-ssh-keys-clean(){
if [[ -z $1 ]]
then
wx-header "SSH / Keys / Clean"
fi
wx-restricted
if [[ ! -z $1 ]]
then
if [[ -f "$HOME/.ssh/keys/$1" && $(basename "$HOME/.ssh/keys/$1") != "legacy" ]]
then
rm "$HOME/.ssh/keys/$1" &> /dev/null
rm "$HOME/.ssh/keys/$1.pub" &> /dev/null
rm "$HOME/.ssh/keys/$1.sig" &> /dev/null
fi
else
if [[ $ORG == "warengroup" ]]
then
wx-ssh-keys-clean warengroup
elif [[ $ORG == "cwinfo" ]]
then
wx-ssh-keys-clean cwinfo
elif [[ $ORG == "cwchristerw" ]]
then
wx-ssh-keys-clean warengroup
wx-ssh-keys-clean cwinfo
wx-ssh-keys-clean cwchristerw
fi
for file in ~/.ssh/keys/*
do
VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/keys/$(basename "$file" .pub) -X GET --header "X-Vault-Token: ${config["login",$ORG]}")
if [[ $(basename "$file") != "legacy" && $VAULT_STATUS -eq 200 ]]
then
rm "$file" &> /dev/null
fi
done
fi
}
if [[ ! -z $1 ]] && [[ $(type -t wx-$1) == function ]]
then