warengroup/wx
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: warengroup:2df1590a6dbe57beb7ee1ba3c051ef3dbc5e3005
Branches Tags
warengroup:master warengroup:develop
...
compare: warengroup:develop
Branches Tags
warengroup:develop warengroup:master

58 Commits
2df1590a6d ... develop

Author SHA1 Message Date
Christer Warén
5a666e6f60 VSCode Settings: Update 2025-11-03 02:41:43 +02:00
Christer Warén
1e4f9ed508 Generator Update 2025-11-03 02:40:44 +02:00
Christer Warén
592cd95f42 Replace bin only on successful connection 2025-09-27 00:02:35 +03:00
Christer Warén
bce9c3c4d6 Auto - Create SSH certificates before getting SSH privatekeys 2025-09-24 13:39:33 +03:00
Christer Warén
f91e69ee55 Run clean in Uninstall command 2025-08-21 18:35:09 +03:00
Christer Warén
32e6b83611 Exit after Uninstall finished 2025-08-21 18:32:01 +03:00
Christer Warén
2742d39818 Fix issue with crontab removal in Uninstall 2025-08-21 18:18:30 +03:00
Christer Warén
fe5abf5419 Fix grep to ignore wildcard as regexp 2025-08-21 17:58:38 +03:00
Christer Warén
43192faed1 Fix typos 2025-08-21 17:44:27 +03:00
Christer Warén
a276adb6d2 Remove logout from uninstall 2025-08-21 17:28:23 +03:00
Christer Warén
b5186f0380 Add cronjob removal into uninstall 2025-08-21 17:26:21 +03:00
Christer Warén
86bb04d2ea Add cronjob to installation 2025-08-21 17:21:22 +03:00
Christer Warén
67fabf0ce1 Code Update 2025-06-26 23:07:14 +03:00
Christer Warén
fe56c50bfb Code Update 2025-06-23 09:35:37 +03:00
Christer Warén
eb14aa46ff Code Update 2025-06-22 01:24:09 +03:00
Christer Warén
c59d1b374d Code Update 2025-06-22 01:22:12 +03:00
Christer Warén
1a99d2e2a1 Code Update 2025-06-22 00:44:42 +03:00
Christer Warén
1d03f7be64 Code Update 2025-06-22 00:31:52 +03:00
Christer Warén
994e44d8f1 Code Update 2025-06-22 00:22:15 +03:00
Christer Warén
f016a452cd Remove Hostname variable from login process 2025-06-21 23:46:20 +03:00
Christer Warén
c17b9a0e42 Code Update 2025-05-10 12:09:50 +03:00
Christer Warén
a91d5d6011 Code Update 2025-05-10 11:29:56 +03:00
Christer Warén
3a0902fe8e Code Update 2025-04-27 15:39:50 +03:00
Christer Warén
9baae5bccc Code Update 2025-04-27 15:32:10 +03:00
Christer Warén
7b837fdba7 Code Update 2025-04-27 15:21:27 +03:00
Christer Warén
283b7538e6 Rename build.sh to maintainer.sh 2025-01-04 08:18:12 +02:00
Christer Warén
14ae6e5dad Fix typo in code 2025-01-04 06:22:06 +02:00
Christer Warén
87608f9bfb Code Update 2025-01-04 06:19:35 +02:00
Christer Warén
5903932328 Update copyright year 2025-01-01 18:00:22 +02:00
Christer Warén
96193196cc Fix typo on curl that will get Vault passwords in Infra command 2024-11-23 07:42:02 +02:00
Christer Warén
0186421fc6 Get Ansible vault passwords in Infra command 2024-11-23 07:18:17 +02:00
Christer Warén
714feda225 Hide git command output from stdout in Infra command 2024-11-23 07:06:57 +02:00
Christer Warén
3d834933e7 Fix home directory issue 2024-11-23 07:04:12 +02:00
Christer Warén
dd72a873ab Temporarily disable using jump host when getting Infra repo from Git server 2024-11-23 07:01:33 +02:00
Christer Warén
81cd3a1c1c Create secondary Infra directory and pull changes when using Infra command 2024-11-23 06:57:41 +02:00
Christer Warén
b52f1d4486 Add secondary Infra repo path to Infra command 2024-11-23 06:50:26 +02:00
Christer Warén
42239ef54d Add secondary Ansible Vault to cwchristerw user 2024-11-22 00:16:35 +02:00
Christer Warén
256a79e427 Code Update 2024-06-24 06:32:58 +03:00
Christer Warén
b36f98e5e9 Hide Clean output in logout command 2024-06-19 20:56:27 +03:00
Christer Warén
2f33daaaa7 Code Update 2024-06-16 04:06:43 +03:00
Christer Warén
4e9ae9109e Code Update 2024-06-16 04:03:45 +03:00
Christer Warén
0071b7407d Code Update 2024-06-16 04:01:17 +03:00
Christer Warén
b014dd1990 Code Update 2024-06-16 02:51:29 +03:00
Christer Warén
13e0deb5f5 Code Update 2024-06-03 23:10:36 +03:00
Christer Warén
b5b1b88763 Code Update 2024-06-01 15:27:05 +03:00
Christer Warén
90414af2dc Code Update 2024-06-01 02:09:21 +03:00
Christer Warén
e1b05fbc51 Code Update 2024-06-01 01:53:48 +03:00
Christer Warén
a614d63d1c Code Update 2024-06-01 01:11:20 +03:00
Christer Warén
ca14cb1988 Build Script 2024-06-01 00:28:36 +03:00
Christer Warén
e36265403e Code Update 2024-06-01 00:28:18 +03:00
Christer Warén
0ef3f8d8d6 Code Update 2024-05-31 23:26:44 +03:00
Christer Warén
706a917dbf Code Update 2024-05-30 19:19:35 +03:00
Christer Warén
7f950148e0 Code Update 2024-05-30 19:10:31 +03:00
Christer Warén
a54f68ded0 Code Update 2024-05-30 16:00:50 +03:00
Christer Warén
29be307377 Code Update 2024-05-30 15:56:01 +03:00
Christer Warén
02c84ef45f Code Update 2024-05-30 15:51:49 +03:00
Christer Warén
399372294c README.md Update 2024-05-30 15:34:13 +03:00
Christer Warén
0b0237ede5 Code Update 2024-05-30 15:33:31 +03:00
28 changed files with 1018 additions and 346 deletions
Expand all files Collapse all files

5
.vscode/settings.json vendored
View File

@@ -2,5 +2,8 @@
"files.trimTrailingWhitespace": true, "files.trimTrailingWhitespace": true,
"files.insertFinalNewline": true, "files.insertFinalNewline": true,
"files.trimFinalNewlines": true, "files.trimFinalNewlines": true,
"editor.renderFinalNewline": false "editor.renderFinalNewline": false,
"editor.tabSize": 2,
"editor.insertSpaces": true,
"editor.detectIndentation": false
} }

2
LICENSE
View File

@@ -1,6 +1,6 @@
MIT License MIT License
Copyright (c) 2023-2024 Warén Group Copyright (c) 2023-2025 Warén Group
Permission is hereby granted, free of charge, to any person obtaining a copy Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal of this software and associated documentation files (the "Software"), to deal

7
README.md
View File

@@ -5,4 +5,11 @@
mkdir $HOME/bin &> /dev/null mkdir $HOME/bin &> /dev/null
curl https://git.waren.io/warengroup/wx/raw/branch/master/wx -o $HOME/bin/wx &> /dev/null curl https://git.waren.io/warengroup/wx/raw/branch/master/wx -o $HOME/bin/wx &> /dev/null
chmod +x $HOME/bin/wx &> /dev/null chmod +x $HOME/bin/wx &> /dev/null
export PATH=$HOME/bin:$PATH
```
## Schedule
```
# Warén CLI
*/30 * * * * $HOME/bin/wx auto
``` ```

12
generator.php
View File

@@ -7,25 +7,31 @@ $dirs = [
__DIR__.'/src/commands/*.sh', __DIR__.'/src/commands/*.sh',
__DIR__.'/src/commands/*/*.sh', __DIR__.'/src/commands/*/*.sh',
__DIR__.'/src/commands/*/*/*.sh', __DIR__.'/src/commands/*/*/*.sh',
__DIR__.'/src/functions/*.sh' __DIR__.'/src/functions/*.sh',
__DIR__.'/src/ui/*.sh'
]; ];
$codes = []; $codes = [];
foreach($dirs as $dir){ foreach($dirs as $dir){
foreach(glob($dir) as $file){ foreach(glob($dir) as $file){
if(str_contains($dir, "commands")){
$codes['commands'][$file] = file_get_contents($file);
}
if(str_contains($dir, "functions")){ if(str_contains($dir, "functions")){
$codes['functions'][$file] = file_get_contents($file); $codes['functions'][$file] = file_get_contents($file);
} }
if(str_contains($dir, "commands")){ if(str_contains($dir, "ui")){
$codes['commands'][$file] = file_get_contents($file); $codes['ui'][$file] = file_get_contents($file);
} }
} }
} }
$code = str_replace("{{ FUNCTIONS }}", implode("\n", $codes['functions']), $base); $code = str_replace("{{ FUNCTIONS }}", implode("\n", $codes['functions']), $base);
$code = str_replace("{{ UI }}", implode("\n", $codes['ui']), $code);
$code = str_replace("{{ COMMANDS }}", implode("\n", $codes['commands']), $code); $code = str_replace("{{ COMMANDS }}", implode("\n", $codes['commands']), $code);
try { try {
$file = __DIR__.'/wx.tmp'; $file = __DIR__.'/wx.tmp';
$file = fopen($file, "w"); $file = fopen($file, "w");

13
maintainer.sh Executable file
View File

@@ -0,0 +1,13 @@
#!/bin/bash
if [ ! "$BASH_VERSION" ] ; then
bash $0 $1 $2 $3 $4 $5 $6 $7 $8 $9
exit 1
fi
if [[ -f "./wx" ]] && [[ -d "./src" ]]
then
podman run -it --rm -v "$PWD":/usr/src/myapp -w /usr/src/myapp docker.io/library/php:8-cli php generator.php &> /dev/null
mv wx.tmp wx &> /dev/null
chmod +x wx &> /dev/null
fi

1
src/base.sh
View File

@@ -22,7 +22,6 @@ declare -Ax config
{{ FUNCTIONS }} {{ FUNCTIONS }}
{{ COMMANDS }} {{ COMMANDS }}
wx-start
if [[ ! -z $1 ]] && [[ $(type -t wx-$1) == function ]] if [[ ! -z $1 ]] && [[ $(type -t wx-$1) == function ]]
then then
wx-$1 $2 $3 $4 $5 $6 $7 $8 $9 wx-$1 $2 $3 $4 $5 $6 $7 $8 $9

103
src/functions/login.sh → src/commands/auth/login.sh
View File

@@ -1,18 +1,9 @@
wx-login(){ wx-login(){
ORG=$1
if [[ -z "$HOSTNAME" || ${#HOSTNAME} -lt 5 ]]
then
echo " >> Login << "
echo "------------------------------"
echo "Status: Hostname Required"
wx-stop
fi
if [[ ! -z $1 ]] if [[ ! -z $1 ]]
then then
ORG=$1 ORG=$1
jq '.org = "'$ORG'"' $HOME/.warengroup/config.json 1> $HOME/.warengroup/config.json.tmp
mv $HOME/.warengroup/config.json.tmp $HOME/.warengroup/config.json &> /dev/null
elif [[ $(hostname -d) = *"devices.waren.io" ]] elif [[ $(hostname -d) = *"devices.waren.io" ]]
then then
ORG=warengroup ORG=warengroup
@@ -22,10 +13,11 @@ wx-login(){
elif [[ $(hostname -d) = *"devices.christerwaren.fi" ]] elif [[ $(hostname -d) = *"devices.christerwaren.fi" ]]
then then
ORG=cwchristerw ORG=cwchristerw
elif [[ $USER != "root" && $USER != "local" && -f "$HOME/.warengroup/config.json" && $(cat $HOME/.warengroup/config.json | jq -r .org) != "null" ]]
then
ORG=$(cat $HOME/.warengroup/config.json | jq -r .org)
else else
echo " >> Login << " wx-header "Login"
echo "------------------------------"
echo "Status: Organization Required" echo "Status: Organization Required"
wx-stop wx-stop
fi fi
@@ -40,83 +32,75 @@ wx-login(){
then then
DOMAIN=christerwaren.fi DOMAIN=christerwaren.fi
else else
echo " >> Login << " wx-header "Login"
echo "------------------------------"
echo "Status: Organization Unsupported" echo "Status: Organization Unsupported"
wx-stop wx-stop
fi fi
FOLDER=$ORG FOLDER=$ORG
DEVICE_DOMAIN="devices.$DOMAIN" DEVICE_DOMAIN="devices.$DOMAIN"
IDM_DOMAIN="idm.cwinfo.net" IDM_DOMAIN="idm.waren.io"
VAULT_DOMAIN="vault.cwinfo.net" VAULT_DOMAIN="vault.cwinfo.net"
if [[ ! -z $2 ]]
then
HOSTNAME="$2.$DEVICE_DOMAIN"
elif [[ $(hostname -d) ]]
then
HOSTNAME=$(hostname --fqdn)
else
echo " >> Login << "
echo "------------------------------"
echo "Status: Hostname Required"
wx-stop
fi
if [[ -z $USER || $USER == "root" || $USER == "local" ]] if [[ -z $USER || $USER == "root" || $USER == "local" ]]
then then
if [[ -z $SUDO_USER ]] if [[ -z $SUDO_USER ]]
then then
if [[ -z LOGNAME ]] if [[ -z LOGNAME ]]
then then
echo " >> Login << " wx-header "Login"
echo "------------------------------"
echo "Status: Username Required" echo "Status: Username Required"
wx-stop wx-stop
else else
USER=$LOGNAME USERNAME=$LOGNAME
fi fi
else else
USER=$SUDO_USER USERNAME=$SUDO_USER
fi fi
else
USERNAME=$USER
fi fi
VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/sys/health) VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/sys/health)
if [[ $VAULT_STATUS -eq 200 ]] if [[ $VAULT_STATUS -eq 200 ]]
then then
if [[ -f "$HOME/.config/warengroup/config.json" ]]
if [[ $USER != "root" && $USER != "local" && -f "$HOME/.warengroup/config.json" ]]
then then
TOKEN="$(cat $HOME/.config/warengroup/config.json | jq -r .login.$ORG)" if [[ $(cat $HOME/.warengroup/config.json | jq -r .login.$ORG.username) != "null" ]]
then
USERNAME="$(cat $HOME/.warengroup/config.json | jq -r .login.$ORG.username)"
fi
TOKEN="$(cat $HOME/.warengroup/config.json | jq -r .login.$ORG.token)"
fi fi
VAULT_LOGIN=$(curl https://$VAULT_DOMAIN/v1/auth/token/renew -X POST --header "X-Vault-Token: $TOKEN" -d '{ "token": "'$TOKEN'" }' -s | jq -r '.auth.client_token') VAULT_LOGIN=$(curl https://$VAULT_DOMAIN/v1/auth/token/renew -X POST --header "X-Vault-Token: $TOKEN" -d '{ "token": "'$TOKEN'" }' -s | jq -r '.auth.client_token')
if [[ ! -z $VAULT_LOGIN && ${#VAULT_LOGIN} == 95 ]] if [[ ! -z $VAULT_LOGIN && ${#VAULT_LOGIN} == 95 ]]
then then
config["login",${ORG}]=$VAULT_LOGIN config["login",${ORG}]=$VAULT_LOGIN
jq '.login.'$ORG' = "'$VAULT_LOGIN'"' $HOME/.config/warengroup/config.json &> $HOME/.config/warengroup/config.json.tmp if [[ $USER != "root" && $USER != "local" ]]
mv $HOME/.config/warengroup/config.json.tmp $HOME/.config/warengroup/config.json &> /dev/null then
jq '.login.'$ORG'.token = "'$VAULT_LOGIN'"' $HOME/.warengroup/config.json 1> $HOME/.warengroup/config.json.tmp
mv $HOME/.warengroup/config.json.tmp $HOME/.warengroup/config.json &> /dev/null
fi
else else
IDM_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$IDM_DOMAIN) IDM_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$IDM_DOMAIN)
if [[ $IDM_STATUS -eq 301 ]] if [[ $IDM_STATUS -eq 301 ]]
then then
echo " >> Login << " wx-header "Login"
echo "------------------------------"
echo $wxBold$ORG$wxNormal echo $wxBold$ORG$wxNormal
if [[ -z $USER || $USER == "root" || $USER == "local" ]] if [[ -z $USERNAME || $USERNAME == "root" || $USERNAME == "local" || $USERNAME == "nobody" ]]
then then
echo -n "Username: " echo -n "Username: "
read USERNAME read USERNAME
else else
echo "Username: $USER" echo "Username: $USERNAME"
USERNAME=$USER
fi fi
jq '.login.'$ORG'.username = "'$USERNAME'"' $HOME/.warengroup/config.json 1> $HOME/.warengroup/config.json.tmp
mv $HOME/.warengroup/config.json.tmp $HOME/.warengroup/config.json &> /dev/null
echo -n "Password: " echo -n "Password: "
read -s PASSWORD read -s PASSWORD
echo "****************" echo "****************"
@@ -134,15 +118,15 @@ wx-login(){
fi fi
config["login",${ORG}]=$VAULT_LOGIN config["login",${ORG}]=$VAULT_LOGIN
jq '.login.'$ORG' = "'$VAULT_LOGIN'"' $HOME/.config/warengroup/config.json &> $HOME/.config/warengroup/config.json.tmp
mv $HOME/.config/warengroup/config.json.tmp $HOME/.config/warengroup/config.json &> /dev/null
wx-start if [[ $USER != "root" && $USER != "local" ]]
then
jq '.login.'$ORG'.token = "'$VAULT_LOGIN'"' $HOME/.warengroup/config.json &> $HOME/.warengroup/config.json.tmp
mv $HOME/.warengroup/config.json.tmp $HOME/.warengroup/config.json &> /dev/null
fi
fi fi
else else
echo " >> Login << " wx-header "Login"
echo "------------------------------"
echo $wxBold$ORG$wxNormal echo $wxBold$ORG$wxNormal
echo -n "Token: " echo -n "Token: "
@@ -163,18 +147,17 @@ wx-login(){
fi fi
config["login",${ORG}]=$VAULT_LOGIN config["login",${ORG}]=$VAULT_LOGIN
jq '.login.'$ORG' = "'$VAULT_LOGIN'"' $HOME/.config/warengroup/config.json &> $HOME/.config/warengroup/config.json.tmp
mv $HOME/.config/warengroup/config.json.tmp $HOME/.config/warengroup/config.json &> /dev/null
wx-start if [[ $USER != "root" && $USER != "local" ]]
then
jq '.login.'$ORG'.token = "'$VAULT_LOGIN'"' $HOME/.warengroup/config.json &> $HOME/.warengroup/config.json.tmp
mv $HOME/.warengroup/config.json.tmp $HOME/.warengroup/config.json &> /dev/null
fi
fi fi
fi fi
else else
echo " >> Login << " wx-header "Login"
echo "------------------------------"
echo $wxBold$ORG$wxNormal echo $wxBold$ORG$wxNormal
echo "Status: Vault Offline" echo "Status: Vault Offline"
wx-stop wx-stop
fi fi

13
src/commands/auth/logout.sh Normal file
View File

@@ -0,0 +1,13 @@
wx-logout(){
wx-header "Logout"
if [[ $USER != "root" && $USER != "local" && -f "$HOME/.warengroup/config.json" ]]
then
VAULT_LOGIN=$(cat $HOME/.warengroup/config.json | jq -r .login)
if [[ $VAULT_LOGIN != null && $VAULT_LOGIN != "{}" ]]
then
wx-clean &> /dev/null
jq '.login = {}' $HOME/.warengroup/config.json &> $HOME/.warengroup/config.json.tmp
mv $HOME/.warengroup/config.json.tmp $HOME/.warengroup/config.json &> /dev/null
fi
fi
}

27
src/commands/help.sh
View File

@@ -1,19 +1,40 @@
wx-help(){ wx-help(){
echo " >> Help << " wx-header "Help"
echo "------------------------------"
echo -n " echo -n "
Usage: $0 COMMAND [OPTIONS] Usage: $0 COMMAND [OPTIONS]
Common Commands: Common Commands:
init Init init Init
help Help
ssh SSH ssh SSH
config Config config Config
sign Certificates edit Edit
save Save
sync Sync
clean Clean
keys Keys
generate Generate
sign Sign
retrieve Retrieve
save Save
sync Sync
delete Delete
clean Clean
Authentication Commands:
login Login
logout Logout
Management Commands: Management Commands:
auto Auto
clean Clean
settings Settings settings Settings
Maintenance Commands:
install Install
update Update
"; ";
} }

62
src/commands/infra.sh
View File

@@ -1,12 +1,41 @@
wx-infra(){ wx-infra(){
wx-login wx-login
wx-ssh-sign &> /dev/null wx-auto &> /dev/null
echo " >> Infra << " wx-header "Infra"
echo "------------------------------" wx-restricted
case $USER in case $USERNAME in
cwchristerw) cwchristerw)
if [[ -d "$HOME/Desktop/Work in Progress/Programming/warengroup/infra" ]]
then
INFRA_PATH="$HOME/Desktop/Work in Progress/Programming/warengroup/infra"
else
if [[ -d "$HOME/.warengroup/infra" ]]
then
INFRA_PATH="$HOME/.warengroup/infra"
else
INFRA_PATH="$HOME/.warengroup/infra"
mkdir -p "$INFRA_PATH" &> /dev/null
git clone ssh://git@git.waren.io:2222/warengroup-private/infra.git --config core.sshCommand="ssh -i $HOME/.ssh/keys/warengroup-legacy -o ProxyJump=none" "$INFRA_PATH" &> /dev/null
fi
fi
if [[ ! -f "$INFRA_PATH/vault/cwchristerw" || ! -f "$INFRA_PATH/vault/warengroup" ]]
then
mkdir -p "$INFRA_PATH/vault" &> /dev/null
curl \
-H "X-Vault-Token: ${config["login",$ORG]}" \
-X GET \
https://$VAULT_DOMAIN/v1/cli/data/cwchristerw/settings/infra -s | jq -r '.data.data.cwchristerw' > "$INFRA_PATH/vault/cwchristerw"
curl \
-H "X-Vault-Token: ${config["login",$ORG]}" \
-X GET \
https://$VAULT_DOMAIN/v1/cli/data/cwchristerw/settings/infra -s | jq -r '.data.data.warengroup' > "$INFRA_PATH/vault/warengroup"
fi
if [[ -z $1 ]] if [[ -z $1 ]]
then then
echo "Tag Required" echo "Tag Required"
@@ -15,15 +44,26 @@ wx-infra(){
then then
if [[ -z $2 ]] if [[ -z $2 ]]
then then
echo "Tag Required" 2=init
else
cd "/home/cwchristerw/Desktop/Work in Progress/Programming/warengroup/infra"
ansible-playbook --vault-id warengroup@vault/warengroup playbooks/init.yml -t $2 $3 $4 $5 $6 $7 $8 $9
cd "$OLDPWD"
fi fi
cd "$INFRA_PATH"
git pull &> /dev/null
ansible-galaxy collection install -r requirements.yml --upgrade &> /dev/null
ansible-playbook --vault-id warengroup@vault/warengroup --vault-id cwchristerw@vault/cwchristerw playbooks/init.yml -t $2 $3 $4 $5 $6 $7 $8 $9
cd "$OLDPWD"
elif [[ $1 == "manager" ]]
then
cd "$INFRA_PATH"
git pull &> /dev/null
ansible-galaxy collection install -r requirements.yml --upgrade &> /dev/null
ansible-playbook --vault-id warengroup@vault/warengroup --vault-id cwchristerw@vault/cwchristerw manager.yml $2 $3 $4 $5 $6 $7 $8 $9
cd "$OLDPWD"
else else
cd "/home/cwchristerw/Desktop/Work in Progress/Programming/warengroup/infra" cd "$INFRA_PATH"
ansible-playbook --vault-id warengroup@vault/warengroup playbooks.yml -t $1 $2 $3 $4 $5 $6 $7 $8 $9 git pull &> /dev/null
ansible-galaxy collection install -r requirements.yml --upgrade &> /dev/null
ansible-playbook --vault-id warengroup@vault/warengroup --vault-id cwchristerw@vault/cwchristerw playbooks.yml -t $1 $2 $3 $4 $5 $6 $7 $8 $9
cd "$OLDPWD" cd "$OLDPWD"
fi fi
fi fi

29
src/commands/maintenance/install.sh Normal file
View File

@@ -0,0 +1,29 @@
wx-install(){
if [[ -z $1 ]]
then
wx-header "Install"
fi
wx-restricted
if [[ -f "./wx" ]] && [[ -d "./src" ]]
then
podman run -it --rm -v "$PWD":/usr/src/myapp -w /usr/src/myapp docker.io/library/php:8-cli php generator.php &> /dev/null
mv wx.tmp wx &> /dev/null
chmod +x wx &> /dev/null
fi
mkdir $HOME/bin &> /dev/null
if [[ $(curl -s -o /dev/null -w "%{http_code}" https://git.waren.io/warengroup/wx/raw/branch/master/wx) -eq 200 ]]
then
curl https://git.waren.io/warengroup/wx/raw/branch/master/wx -o $HOME/bin/wx &> /dev/null
chmod +x $HOME/bin/wx &> /dev/null
fi
CRONJOB_NAME="#Warén CLI: Auto"
CRONJOB_TASK="*/5 * * * * $HOME/bin/wx auto"
if [[ -z $(crontab -l | grep -F "$CRONJOB_NAME") || -z $(crontab -l | grep -F "$CRONJOB_TASK") ]]
then
(crontab -l ; echo "$CRONJOB_NAME" ; echo "$CRONJOB_TASK") | grep -Fv "no crontab" | crontab -
fi
}

28
src/commands/maintenance/uninstall.sh Normal file
View File

@@ -0,0 +1,28 @@
wx-uninstall(){
wx-header "Uninstall"
wx-clean &> /dev/null
if [[ -d "$HOME/.warengroup" ]]
then
rm "$HOME/.warengroup" -rf
fi
CRONJOB_NAME="#Warén CLI: Auto"
CRONJOB_TASK="*/5 * * * * $HOME/bin/wx auto"
if [[ $(crontab -l | grep -F "$CRONJOB_NAME") || $(crontab -l | grep -F "$CRONJOB_TASK") ]]
then
crontab -l | grep -Fv "$CRONJOB_NAME" | grep -Fv "$CRONJOB_TASK" | grep -Fv "no crontab" | crontab -
fi
if [[ -f "$HOME/bin/wx" ]]
then
rm "$HOME/bin/wx" -rf
fi
echo " "
echo " "
echo " "
exit 1
}

4
src/commands/maintenance/update.sh Normal file
View File

@@ -0,0 +1,4 @@
wx-update(){
wx-header "Update"
wx-install --update
}

8
src/commands/management/auto.sh Normal file
View File

@@ -0,0 +1,8 @@
wx-auto(){
wx-login
wx-header "Auto"
wx-ssh-config-sync
wx-ssh-keys-sign
wx-ssh-keys-sync
}

6
src/commands/management/clean.sh Normal file
View File

@@ -0,0 +1,6 @@
wx-clean(){
wx-login
wx-header "Clean"
wx-ssh-config-clean
wx-ssh-keys-clean
}

4
src/commands/management/settings.sh Normal file
View File

@@ -0,0 +1,4 @@
wx-settings(){
wx-login
wx-header "Settings"
}

6
src/commands/settings.sh
View File

@@ -1,6 +0,0 @@
wx-settings(){
wx-login
echo " >> Settings << "
echo "------------------------------"
}

8
src/commands/ssh.sh
View File

@@ -2,16 +2,14 @@ wx-ssh(){
wx-login wx-login
case $1 in case $1 in
sign) keys)
wx-ssh-sign wx-ssh-keys $2 $3
;; ;;
config) config)
wx-ssh-config $2 wx-ssh-config $2
;; ;;
*) *)
echo " >> SSH << " wx-header "SSH"
echo "------------------------------"
wx-stop wx-stop
;; ;;
esac esac

39
src/commands/ssh/config.sh
View File

@@ -1,6 +1,5 @@
wx-ssh-config(){ wx-ssh-config(){
echo " >> SSH / Config << " wx-restricted
echo "------------------------------"
case $1 in case $1 in
edit) edit)
@@ -14,23 +13,51 @@ wx-ssh-config(){
sync) sync)
wx-ssh-config-sync wx-ssh-config-sync
;; ;;
clean)
wx-ssh-config-clean
;;
*) *)
wx-ssh-config-sync wx-ssh-config-sync
wx-stop wx-stop
;; ;;
esac esac
} }
wx-ssh-config-edit(){ wx-ssh-config-edit(){
wx-header "SSH / Config / Edit"
wx-restricted
nano ~/.ssh/config nano ~/.ssh/config
} }
wx-ssh-config-save(){ wx-ssh-config-save(){
curl https://$VAULT_DOMAIN/v1/cli/data/$USER -X POST --header "X-Vault-Token: ${config["login",$ORG]}" -d "{ \"data\": { \"settings/ssh/config\": \"$(cat ~/.ssh/config | base64 -w 0)\" } }" -s &> /dev/null wx-header "SSH / Config / Save"
wx-restricted
curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/config -X POST --header "X-Vault-Token: ${config["login",$ORG]}" -d "{ \"data\": { \"data\": \"$(cat ~/.ssh/config | base64 -w 0)\" } }" -s &> /dev/null
} }
wx-ssh-config-sync(){ wx-ssh-config-sync(){
echo $(curl https://$VAULT_DOMAIN/v1/cli/data/$USER -X GET --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.data["settings/ssh/config"]') | base64 -d > ~/.ssh/config 2>&1 wx-header "SSH / Config / Sync"
wx-restricted
VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/config -X GET --header "X-Vault-Token: ${config["login",$ORG]}")
if [[ $VAULT_STATUS -eq 200 ]]
then
touch ~/.ssh/config
SSH1_CONFIG_MD5=$(curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/config -X GET --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.data.data' | base64 -d | md5sum | base64)
SSH2_CONFIG_MD5=$(cat ~/.ssh/config | md5sum | base64)
if [[ $SSH1_CONFIG_MD5 != $SSH2_CONFIG_MD5 ]]
then
echo $(curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/config -X GET --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.data.data') | base64 -d > ~/.ssh/config 2>&1
chmod 700 ~/.ssh/config
fi
fi
}
wx-ssh-config-clean(){
wx-header "SSH / Config / Clean"
wx-restricted
VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/config -X GET --header "X-Vault-Token: ${config["login",$ORG]}")
if [[ -f "$HOME/.ssh/config" && $VAULT_STATUS -eq 200 ]]
then
rm "$HOME/.ssh/config"
fi
} }

169
src/commands/ssh/keys.sh Normal file
View File

@@ -0,0 +1,169 @@
wx-ssh-keys(){
wx-restricted
case $1 in
generate)
wx-ssh-keys-retrieve $2
wx-ssh-keys-generate $2
wx-ssh-keys-save $2
;;
sign)
wx-ssh-keys-sign
;;
retrieve)
wx-ssh-keys-retrieve $2
;;
save)
wx-ssh-keys-save $2
;;
sync)
wx-ssh-keys-sync $2
;;
delete)
wx-ssh-keys-delete $2
;;
clean)
wx-ssh-keys-clean $2
;;
*)
wx-stop
;;
esac
}
wx-ssh-keys-generate(){
wx-header "SSH / Keys / Generate"
wx-restricted
if [[ ! -z $1 ]]
then
if [[ ! -f "$HOME/.ssh/keys/$1" ]]
then
ssh-keygen -t ed25519 -f $HOME/.ssh/keys/$1 -q -N "" -C "$USERNAME" &> /dev/null
fi
fi
}
wx-ssh-keys-sign(){
wx-header "SSH / Keys / Sign"
wx-restricted
if [[ $ORG == "warengroup" && $USERNAME != "cwchristerw" ]]
then
wx-ssh-keys-sign-create warengroup sysadmin 3600
elif [[ $ORG == "cwinfo" && $USERNAME != "cwchristerw" ]]
then
wx-ssh-keys-sign-create cwinfo sysadmin 3600
elif [[ $ORG == "cwchristerw" || $USERNAME == "cwchristerw" ]]
then
wx-ssh-keys-sign-create warengroup sysadmin 3600
wx-ssh-keys-sign-create cwinfo sysadmin 3600
wx-ssh-keys-sign-create cwchristerw sysadmin 3600
fi
}
wx-ssh-keys-sign-create(){
wx-restricted
NAME=$1
ROLE=$2
PRINCIPALS=$2
TTL=$3
if [[ ! -f "$HOME/.ssh/keys/$NAME" ]]
then
ssh-keygen -t ed25519 -f $HOME/.ssh/keys/$NAME -q -N "" -C "$USERNAME" &> /dev/null
fi
if [[ -f "$HOME/.ssh/keys/$NAME" ]]
then
echo "$NAME/$ROLE"
echo $(curl https://$VAULT_DOMAIN/v1/ssh/sign/$ROLE -X POST --header "X-Vault-Token: ${config["login",$ORG]}" -d "{ \"public_key\": \"$(cat $HOME/.ssh/keys/$NAME.pub)\", \"valid_principals\": \"$PRINCIPALS,$USERNAME\", \"ttl\": \"$TTL\" }" -s | jq -r '.data.signed_key') > ~/.ssh/keys/$NAME.sig 2>&1
fi
}
wx-ssh-keys-retrieve(){
if [[ -z $2 ]]
then
wx-header "SSH / Keys / Retrieve"
fi
wx-restricted
if [[ ! -z $1 ]]
then
VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/keys/$1 -X GET --header "X-Vault-Token: ${config["login",$ORG]}")
if [[ $VAULT_STATUS -eq 200 ]]
then
echo $(curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/keys/$1 -X GET --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.data.private') | base64 -d > ~/.ssh/keys/$1 2>&1
chmod 700 ~/.ssh/keys/$1
echo $(curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/keys/$1 -X GET --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.data.public') | base64 -d > ~/.ssh/keys/$1.pub 2>&1
chmod 700 ~/.ssh/keys/$1.pub
fi
fi
}
wx-ssh-keys-save(){
wx-header "SSH / Keys / Save"
wx-restricted
if [[ ! -z $1 ]]
then
if [[ -f "$HOME/.ssh/keys/$1" ]]
then
curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/keys/$1 -X POST --header "X-Vault-Token: ${config["login",$ORG]}" -d "{ \"data\": { \"private\": \"$(cat ~/.ssh/keys/$1 | base64 -w 0)\", \"public\": \"$(cat ~/.ssh/keys/$1.pub | base64 -w 0)\" } }" -s &> /dev/null
fi
fi
}
wx-ssh-keys-sync(){
wx-header "SSH / Keys / Sync"
wx-restricted
VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/cli/metadata/$USERNAME/settings/ssh/keys -X LIST --header "X-Vault-Token: ${config["login",$ORG]}")
if [[ $VAULT_STATUS -eq 200 ]]
then
for name in $(curl https://$VAULT_DOMAIN/v1/cli/metadata/$USERNAME/settings/ssh/keys -X LIST --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.keys | @sh' | tr -d \')
do
echo $name
wx-ssh-keys-retrieve $name --multiple
done
fi
}
wx-ssh-keys-clean(){
if [[ -z $1 ]]
then
wx-header "SSH / Keys / Clean"
fi
wx-restricted
if [[ ! -z $1 ]]
then
if [[ -f "$HOME/.ssh/keys/$1" && $(basename "$HOME/.ssh/keys/$1") != "legacy" ]]
then
rm "$HOME/.ssh/keys/$1" &> /dev/null
rm "$HOME/.ssh/keys/$1.pub" &> /dev/null
rm "$HOME/.ssh/keys/$1.sig" &> /dev/null
fi
else
if [[ $ORG == "warengroup" && $USERNAME != "cwchristerw" ]]
then
wx-ssh-keys-clean warengroup
elif [[ $ORG == "cwinfo" && $USERNAME != "cwchristerw" ]]
then
wx-ssh-keys-clean cwinfo
elif [[ $ORG == "cwchristerw" || $USERNAME == "cwchristerw" ]]
then
wx-ssh-keys-clean warengroup
wx-ssh-keys-clean cwinfo
wx-ssh-keys-clean cwchristerw
fi
for file in ~/.ssh/keys/*
do
VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/keys/$(basename "$file" .pub) -X GET --header "X-Vault-Token: ${config["login",$ORG]}")
if [[ $(basename "$file") != "legacy" && $VAULT_STATUS -eq 200 ]]
then
rm "$file" &> /dev/null
fi
done
fi
}

39
src/commands/ssh/sign.sh
View File

@@ -1,39 +0,0 @@
wx-ssh-sign(){
echo " >> SSH / Sign << "
echo "------------------------------"
if [[ $ORG == "warengroup" ]]
then
wx-ssh-sign-create warengroup sysadmin 3600
elif [[ $ORG == "cwinfo" ]]
then
wx-ssh-sign-create cwinfo sysadmin 3600
elif [[ $ORG == "cwchristerw" ]]
then
wx-ssh-sign-create warengroup sysadmin 3600
wx-ssh-sign-create cwinfo sysadmin 3600
wx-ssh-sign-create cwchristerw sysadmin 3600
fi
}
wx-ssh-sign-create(){
mkdir -p $HOME/.ssh/keys
chmod 700 $HOME/.ssh/keys
chmod 600 $HOME/.ssh/keys/*
NAME=$1
ROLE=$2
PRINCIPALS=$2
TTL=$3
if [[ ! -f "$HOME/.ssh/keys/$NAME-ed25519" ]]
then
ssh-keygen -t ed25519 -f $HOME/.ssh/keys/$NAME-ed25519 -q -N "" &> /dev/null
fi
if [[ -f "$HOME/.ssh/keys/$NAME-ed25519" ]]
then
echo "$NAME/$ROLE"
echo $(curl https://$VAULT_DOMAIN/v1/ssh/sign/$ROLE -X POST --header "X-Vault-Token: ${config["login",$ORG]}" -d "{ \"public_key\": \"$(cat $HOME/.ssh/keys/$NAME-ed25519.pub)\", \"valid_principals\": \"$PRINCIPALS,$USER\", \"ttl\": \"$TTL\" }" -s | jq -r '.data.signed_key') > ~/.ssh/keys/$NAME-ed25519.sig 2>&1
fi
}

3
src/commands/welcome.sh
View File

@@ -1,4 +1,3 @@
wx-welcome(){ wx-welcome(){
echo " >> Welcome << " wx-header "Welcome"
echo "------------------------------"
} }

24
src/functions/header.sh Normal file
View File

@@ -0,0 +1,24 @@
wx-header(){
if [[ $2 == "h1" ]]
then
echo ""
echo ""
echo ""
echo "=============================="
wx-repeat " " $((30/2-${#1}/2))
echo -n "$wxBold"
echo -n "$1"
echo -n "$wxNormal"
echo ""
echo "=============================="
fi
if [[ $2 == "h2" || -z $2 ]]
then
wx-start
wx-repeat " " $((30/2-6/2-${#1}/2))
echo -n ">> $1 <<"
echo ""
echo "------------------------------"
fi
}

5
src/functions/repeat.sh Normal file
View File

@@ -0,0 +1,5 @@
wx-repeat() {
local str=$1 n=$2 spaces
printf -v spaces "%*s" $n " "
printf "%s" "${spaces// /$str}"
}

10
src/functions/restricted.sh Normal file
View File

@@ -0,0 +1,10 @@
wx-restricted(){
if [[ $USER == "root" || $USER == "local" ]]
then
echo "Status: Command Restricted"
echo " "
echo " "
echo " "
exit 1
fi
}

20
src/functions/start.sh
View File

@@ -1,17 +1,15 @@
wx-start(){ wx-start(){
echo "" wx-header "Warén CLI" h1
echo ""
echo ""
echo "=============================="
echo -n "$wxBold"
echo " Warén CLI "
echo -n "$wxNormal"
echo "=============================="
mkdir -p $HOME/.config/warengroup &> /dev/null mkdir -p $HOME/.warengroup &> /dev/null
if [[ ! -f "$HOME/.config/warengroup/config.json" ]] if [[ ! -f "$HOME/.warengroup/config.json" || $(jq -e . < $HOME/.warengroup/config.json &>/dev/null; echo $?) -gt 0 ]]
then then
echo '{}' | jq > $HOME/.config/warengroup/config.json echo '{}' | jq > $HOME/.warengroup/config.json
fi fi
mkdir -p $HOME/.ssh/keys
chmod 700 -R $HOME/.ssh/keys
mkdir -p $HOME/.ssh/multiplex
chmod 700 -R $HOME/.ssh/multiplex
} }

15
src/functions/stop.sh
View File

@@ -2,16 +2,13 @@ wx-stop (){
echo " " echo " "
echo " " echo " "
echo " " echo " "
if [[ -f "./wx" ]] && [[ -d "./src" ]]
then
podman run -it --rm -v "$PWD":/usr/src/myapp -w /usr/src/myapp docker.io/library/php:8-cli php generator.php &> /dev/null
mv wx.tmp wx &> /dev/null
chmod +x wx &> /dev/null
fi
mkdir $HOME/bin &> /dev/null wx-install --auto
curl https://git.waren.io/warengroup/wx/raw/branch/master/wx -o $HOME/bin/wx &> /dev/null
chmod +x $HOME/bin/wx &> /dev/null if [[ $USERNAME != $USER && $USERNAME != $SUDO_USER && $USERNAME != $LOGNAME ]]
then
wx-logout
fi
exit 1 exit 1
} }

690
wx
View File

@@ -19,21 +19,223 @@ wxNormal=$(tput sgr0)
declare -Ax config declare -Ax config
wx-login(){ wx-header(){
ORG=$1 if [[ $2 == "h1" ]]
if [[ -z "$HOSTNAME" || ${#HOSTNAME} -lt 5 ]]
then then
echo " >> Login << " echo ""
echo "------------------------------" echo ""
echo ""
echo "Status: Hostname Required" echo "=============================="
wx-stop wx-repeat " " $((30/2-${#1}/2))
echo -n "$wxBold"
echo -n "$1"
echo -n "$wxNormal"
echo ""
echo "=============================="
fi fi
if [[ $2 == "h2" || -z $2 ]]
then
wx-start
wx-repeat " " $((30/2-6/2-${#1}/2))
echo -n ">> $1 <<"
echo ""
echo "------------------------------"
fi
}
wx-repeat() {
local str=$1 n=$2 spaces
printf -v spaces "%*s" $n " "
printf "%s" "${spaces// /$str}"
}
wx-restricted(){
if [[ $USER == "root" || $USER == "local" ]]
then
echo "Status: Command Restricted"
echo " "
echo " "
echo " "
exit 1
fi
}
wx-start(){
wx-header "Warén CLI" h1
mkdir -p $HOME/.warengroup &> /dev/null
if [[ ! -f "$HOME/.warengroup/config.json" || $(jq -e . < $HOME/.warengroup/config.json &>/dev/null; echo $?) -gt 0 ]]
then
echo '{}' | jq > $HOME/.warengroup/config.json
fi
mkdir -p $HOME/.ssh/keys
chmod 700 -R $HOME/.ssh/keys
mkdir -p $HOME/.ssh/multiplex
chmod 700 -R $HOME/.ssh/multiplex
}
wx-stop (){
echo " "
echo " "
echo " "
wx-install --auto
if [[ $USERNAME != $USER && $USERNAME != $SUDO_USER && $USERNAME != $LOGNAME ]]
then
wx-logout
fi
exit 1
}
wx-help(){
wx-header "Help"
echo -n "
Usage: $0 COMMAND [OPTIONS]
Common Commands:
init Init
help Help
ssh SSH
config Config
edit Edit
save Save
sync Sync
clean Clean
keys Keys
generate Generate
sign Sign
retrieve Retrieve
save Save
sync Sync
delete Delete
clean Clean
Authentication Commands:
login Login
logout Logout
Management Commands:
auto Auto
clean Clean
settings Settings
Maintenance Commands:
install Install
update Update
";
}
wx-infra(){
wx-login
wx-auto &> /dev/null
wx-header "Infra"
wx-restricted
case $USERNAME in
cwchristerw)
if [[ -d "$HOME/Desktop/Work in Progress/Programming/warengroup/infra" ]]
then
INFRA_PATH="$HOME/Desktop/Work in Progress/Programming/warengroup/infra"
else
if [[ -d "$HOME/.warengroup/infra" ]]
then
INFRA_PATH="$HOME/.warengroup/infra"
else
INFRA_PATH="$HOME/.warengroup/infra"
mkdir -p "$INFRA_PATH" &> /dev/null
git clone ssh://git@git.waren.io:2222/warengroup-private/infra.git --config core.sshCommand="ssh -i $HOME/.ssh/keys/warengroup-legacy -o ProxyJump=none" "$INFRA_PATH" &> /dev/null
fi
fi
if [[ ! -f "$INFRA_PATH/vault/cwchristerw" || ! -f "$INFRA_PATH/vault/warengroup" ]]
then
mkdir -p "$INFRA_PATH/vault" &> /dev/null
curl \
-H "X-Vault-Token: ${config["login",$ORG]}" \
-X GET \
https://$VAULT_DOMAIN/v1/cli/data/cwchristerw/settings/infra -s | jq -r '.data.data.cwchristerw' > "$INFRA_PATH/vault/cwchristerw"
curl \
-H "X-Vault-Token: ${config["login",$ORG]}" \
-X GET \
https://$VAULT_DOMAIN/v1/cli/data/cwchristerw/settings/infra -s | jq -r '.data.data.warengroup' > "$INFRA_PATH/vault/warengroup"
fi
if [[ -z $1 ]]
then
echo "Tag Required"
else
if [[ $1 == "init" ]]
then
if [[ -z $2 ]]
then
2=init
fi
cd "$INFRA_PATH"
git pull &> /dev/null
ansible-galaxy collection install -r requirements.yml --upgrade &> /dev/null
ansible-playbook --vault-id warengroup@vault/warengroup --vault-id cwchristerw@vault/cwchristerw playbooks/init.yml -t $2 $3 $4 $5 $6 $7 $8 $9
cd "$OLDPWD"
elif [[ $1 == "manager" ]]
then
cd "$INFRA_PATH"
git pull &> /dev/null
ansible-galaxy collection install -r requirements.yml --upgrade &> /dev/null
ansible-playbook --vault-id warengroup@vault/warengroup --vault-id cwchristerw@vault/cwchristerw manager.yml $2 $3 $4 $5 $6 $7 $8 $9
cd "$OLDPWD"
else
cd "$INFRA_PATH"
git pull &> /dev/null
ansible-galaxy collection install -r requirements.yml --upgrade &> /dev/null
ansible-playbook --vault-id warengroup@vault/warengroup --vault-id cwchristerw@vault/cwchristerw playbooks.yml -t $1 $2 $3 $4 $5 $6 $7 $8 $9
cd "$OLDPWD"
fi
fi
;;
*)
echo "User Unsupported"
;;
esac
}
wx-ssh(){
wx-login
case $1 in
keys)
wx-ssh-keys $2 $3
;;
config)
wx-ssh-config $2
;;
*)
wx-header "SSH"
wx-stop
;;
esac
}
wx-welcome(){
wx-header "Welcome"
}
wx-login(){
if [[ ! -z $1 ]] if [[ ! -z $1 ]]
then then
ORG=$1 ORG=$1
jq '.org = "'$ORG'"' $HOME/.warengroup/config.json 1> $HOME/.warengroup/config.json.tmp
mv $HOME/.warengroup/config.json.tmp $HOME/.warengroup/config.json &> /dev/null
elif [[ $(hostname -d) = *"devices.waren.io" ]] elif [[ $(hostname -d) = *"devices.waren.io" ]]
then then
ORG=warengroup ORG=warengroup
@@ -43,10 +245,11 @@ wx-login(){
elif [[ $(hostname -d) = *"devices.christerwaren.fi" ]] elif [[ $(hostname -d) = *"devices.christerwaren.fi" ]]
then then
ORG=cwchristerw ORG=cwchristerw
elif [[ $USER != "root" && $USER != "local" && -f "$HOME/.warengroup/config.json" && $(cat $HOME/.warengroup/config.json | jq -r .org) != "null" ]]
then
ORG=$(cat $HOME/.warengroup/config.json | jq -r .org)
else else
echo " >> Login << " wx-header "Login"
echo "------------------------------"
echo "Status: Organization Required" echo "Status: Organization Required"
wx-stop wx-stop
fi fi
@@ -61,83 +264,75 @@ wx-login(){
then then
DOMAIN=christerwaren.fi DOMAIN=christerwaren.fi
else else
echo " >> Login << " wx-header "Login"
echo "------------------------------"
echo "Status: Organization Unsupported" echo "Status: Organization Unsupported"
wx-stop wx-stop
fi fi
FOLDER=$ORG FOLDER=$ORG
DEVICE_DOMAIN="devices.$DOMAIN" DEVICE_DOMAIN="devices.$DOMAIN"
IDM_DOMAIN="idm.cwinfo.net" IDM_DOMAIN="idm.waren.io"
VAULT_DOMAIN="vault.cwinfo.net" VAULT_DOMAIN="vault.cwinfo.net"
if [[ ! -z $2 ]]
then
HOSTNAME="$2.$DEVICE_DOMAIN"
elif [[ $(hostname -d) ]]
then
HOSTNAME=$(hostname --fqdn)
else
echo " >> Login << "
echo "------------------------------"
echo "Status: Hostname Required"
wx-stop
fi
if [[ -z $USER || $USER == "root" || $USER == "local" ]] if [[ -z $USER || $USER == "root" || $USER == "local" ]]
then then
if [[ -z $SUDO_USER ]] if [[ -z $SUDO_USER ]]
then then
if [[ -z LOGNAME ]] if [[ -z LOGNAME ]]
then then
echo " >> Login << " wx-header "Login"
echo "------------------------------"
echo "Status: Username Required" echo "Status: Username Required"
wx-stop wx-stop
else else
USER=$LOGNAME USERNAME=$LOGNAME
fi fi
else else
USER=$SUDO_USER USERNAME=$SUDO_USER
fi fi
else
USERNAME=$USER
fi fi
VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/sys/health) VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/sys/health)
if [[ $VAULT_STATUS -eq 200 ]] if [[ $VAULT_STATUS -eq 200 ]]
then then
if [[ -f "$HOME/.config/warengroup/config.json" ]]
if [[ $USER != "root" && $USER != "local" && -f "$HOME/.warengroup/config.json" ]]
then then
TOKEN="$(cat $HOME/.config/warengroup/config.json | jq -r .login.$ORG)" if [[ $(cat $HOME/.warengroup/config.json | jq -r .login.$ORG.username) != "null" ]]
then
USERNAME="$(cat $HOME/.warengroup/config.json | jq -r .login.$ORG.username)"
fi
TOKEN="$(cat $HOME/.warengroup/config.json | jq -r .login.$ORG.token)"
fi fi
VAULT_LOGIN=$(curl https://$VAULT_DOMAIN/v1/auth/token/renew -X POST --header "X-Vault-Token: $TOKEN" -d '{ "token": "'$TOKEN'" }' -s | jq -r '.auth.client_token') VAULT_LOGIN=$(curl https://$VAULT_DOMAIN/v1/auth/token/renew -X POST --header "X-Vault-Token: $TOKEN" -d '{ "token": "'$TOKEN'" }' -s | jq -r '.auth.client_token')
if [[ ! -z $VAULT_LOGIN && ${#VAULT_LOGIN} == 95 ]] if [[ ! -z $VAULT_LOGIN && ${#VAULT_LOGIN} == 95 ]]
then then
config["login",${ORG}]=$VAULT_LOGIN config["login",${ORG}]=$VAULT_LOGIN
jq '.login.'$ORG' = "'$VAULT_LOGIN'"' $HOME/.config/warengroup/config.json &> $HOME/.config/warengroup/config.json.tmp if [[ $USER != "root" && $USER != "local" ]]
mv $HOME/.config/warengroup/config.json.tmp $HOME/.config/warengroup/config.json &> /dev/null then
jq '.login.'$ORG'.token = "'$VAULT_LOGIN'"' $HOME/.warengroup/config.json 1> $HOME/.warengroup/config.json.tmp
mv $HOME/.warengroup/config.json.tmp $HOME/.warengroup/config.json &> /dev/null
fi
else else
IDM_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$IDM_DOMAIN) IDM_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$IDM_DOMAIN)
if [[ $IDM_STATUS -eq 301 ]] if [[ $IDM_STATUS -eq 301 ]]
then then
echo " >> Login << " wx-header "Login"
echo "------------------------------"
echo $wxBold$ORG$wxNormal echo $wxBold$ORG$wxNormal
if [[ -z $USER || $USER == "root" || $USER == "local" ]] if [[ -z $USERNAME || $USERNAME == "root" || $USERNAME == "local" || $USERNAME == "nobody" ]]
then then
echo -n "Username: " echo -n "Username: "
read USERNAME read USERNAME
else else
echo "Username: $USER" echo "Username: $USERNAME"
USERNAME=$USER
fi fi
jq '.login.'$ORG'.username = "'$USERNAME'"' $HOME/.warengroup/config.json 1> $HOME/.warengroup/config.json.tmp
mv $HOME/.warengroup/config.json.tmp $HOME/.warengroup/config.json &> /dev/null
echo -n "Password: " echo -n "Password: "
read -s PASSWORD read -s PASSWORD
echo "****************" echo "****************"
@@ -155,15 +350,15 @@ wx-login(){
fi fi
config["login",${ORG}]=$VAULT_LOGIN config["login",${ORG}]=$VAULT_LOGIN
jq '.login.'$ORG' = "'$VAULT_LOGIN'"' $HOME/.config/warengroup/config.json &> $HOME/.config/warengroup/config.json.tmp
mv $HOME/.config/warengroup/config.json.tmp $HOME/.config/warengroup/config.json &> /dev/null
wx-start if [[ $USER != "root" && $USER != "local" ]]
then
jq '.login.'$ORG'.token = "'$VAULT_LOGIN'"' $HOME/.warengroup/config.json &> $HOME/.warengroup/config.json.tmp
mv $HOME/.warengroup/config.json.tmp $HOME/.warengroup/config.json &> /dev/null
fi
fi fi
else else
echo " >> Login << " wx-header "Login"
echo "------------------------------"
echo $wxBold$ORG$wxNormal echo $wxBold$ORG$wxNormal
echo -n "Token: " echo -n "Token: "
@@ -184,45 +379,44 @@ wx-login(){
fi fi
config["login",${ORG}]=$VAULT_LOGIN config["login",${ORG}]=$VAULT_LOGIN
jq '.login.'$ORG' = "'$VAULT_LOGIN'"' $HOME/.config/warengroup/config.json &> $HOME/.config/warengroup/config.json.tmp
mv $HOME/.config/warengroup/config.json.tmp $HOME/.config/warengroup/config.json &> /dev/null
wx-start if [[ $USER != "root" && $USER != "local" ]]
then
jq '.login.'$ORG'.token = "'$VAULT_LOGIN'"' $HOME/.warengroup/config.json &> $HOME/.warengroup/config.json.tmp
mv $HOME/.warengroup/config.json.tmp $HOME/.warengroup/config.json &> /dev/null
fi
fi fi
fi fi
else else
echo " >> Login << " wx-header "Login"
echo "------------------------------"
echo $wxBold$ORG$wxNormal echo $wxBold$ORG$wxNormal
echo "Status: Vault Offline" echo "Status: Vault Offline"
wx-stop wx-stop
fi fi
} }
wx-start(){ wx-logout(){
echo "" wx-header "Logout"
echo "" if [[ $USER != "root" && $USER != "local" && -f "$HOME/.warengroup/config.json" ]]
echo ""
echo "=============================="
echo -n "$wxBold"
echo " Warén CLI "
echo -n "$wxNormal"
echo "=============================="
mkdir -p $HOME/.config/warengroup &> /dev/null
if [[ ! -f "$HOME/.config/warengroup/config.json" ]]
then then
echo '{}' | jq > $HOME/.config/warengroup/config.json VAULT_LOGIN=$(cat $HOME/.warengroup/config.json | jq -r .login)
if [[ $VAULT_LOGIN != null && $VAULT_LOGIN != "{}" ]]
then
wx-clean &> /dev/null
jq '.login = {}' $HOME/.warengroup/config.json &> $HOME/.warengroup/config.json.tmp
mv $HOME/.warengroup/config.json.tmp $HOME/.warengroup/config.json &> /dev/null
fi
fi fi
} }
wx-stop (){ wx-install(){
echo " " if [[ -z $1 ]]
echo " " then
echo " " wx-header "Install"
fi
wx-restricted
if [[ -f "./wx" ]] && [[ -d "./src" ]] if [[ -f "./wx" ]] && [[ -d "./src" ]]
then then
podman run -it --rm -v "$PWD":/usr/src/myapp -w /usr/src/myapp docker.io/library/php:8-cli php generator.php &> /dev/null podman run -it --rm -v "$PWD":/usr/src/myapp -w /usr/src/myapp docker.io/library/php:8-cli php generator.php &> /dev/null
@@ -231,102 +425,77 @@ wx-stop (){
fi fi
mkdir $HOME/bin &> /dev/null mkdir $HOME/bin &> /dev/null
if [[ $(curl -s -o /dev/null -w "%{http_code}" https://git.waren.io/warengroup/wx/raw/branch/master/wx) -eq 200 ]]
then
curl https://git.waren.io/warengroup/wx/raw/branch/master/wx -o $HOME/bin/wx &> /dev/null curl https://git.waren.io/warengroup/wx/raw/branch/master/wx -o $HOME/bin/wx &> /dev/null
chmod +x $HOME/bin/wx &> /dev/null chmod +x $HOME/bin/wx &> /dev/null
fi
CRONJOB_NAME="#Warén CLI: Auto"
CRONJOB_TASK="*/5 * * * * $HOME/bin/wx auto"
if [[ -z $(crontab -l | grep -F "$CRONJOB_NAME") || -z $(crontab -l | grep -F "$CRONJOB_TASK") ]]
then
(crontab -l ; echo "$CRONJOB_NAME" ; echo "$CRONJOB_TASK") | grep -Fv "no crontab" | crontab -
fi
}
wx-uninstall(){
wx-header "Uninstall"
wx-clean &> /dev/null
if [[ -d "$HOME/.warengroup" ]]
then
rm "$HOME/.warengroup" -rf
fi
CRONJOB_NAME="#Warén CLI: Auto"
CRONJOB_TASK="*/5 * * * * $HOME/bin/wx auto"
if [[ $(crontab -l | grep -F "$CRONJOB_NAME") || $(crontab -l | grep -F "$CRONJOB_TASK") ]]
then
crontab -l | grep -Fv "$CRONJOB_NAME" | grep -Fv "$CRONJOB_TASK" | grep -Fv "no crontab" | crontab -
fi
if [[ -f "$HOME/bin/wx" ]]
then
rm "$HOME/bin/wx" -rf
fi
echo " "
echo " "
echo " "
exit 1 exit 1
} }
wx-help(){ wx-update(){
wx-header "Update"
echo " >> Help << " wx-install --update
echo "------------------------------"
echo -n "
Usage: $0 COMMAND [OPTIONS]
Common Commands:
init Init
ssh SSH
config Config
sign Certificates
Management Commands:
settings Settings
";
} }
wx-infra(){ wx-auto(){
wx-login wx-login
wx-ssh-sign &> /dev/null wx-header "Auto"
echo " >> Infra << " wx-ssh-config-sync
echo "------------------------------" wx-ssh-keys-sign
wx-ssh-keys-sync
}
case $USER in wx-clean(){
cwchristerw) wx-login
if [[ -z $1 ]] wx-header "Clean"
then wx-ssh-config-clean
echo "Tag Required" wx-ssh-keys-clean
else
if [[ $1 == "init" ]]
then
if [[ -z $2 ]]
then
echo "Tag Required"
else
cd "/home/cwchristerw/Desktop/Work in Progress/Programming/warengroup/infra"
ansible-playbook --vault-id warengroup@vault/warengroup playbooks/init.yml -t $2 $3 $4 $5 $6 $7 $8 $9
cd "$OLDPWD"
fi
else
cd "/home/cwchristerw/Desktop/Work in Progress/Programming/warengroup/infra"
ansible-playbook --vault-id warengroup@vault/warengroup playbooks.yml -t $1 $2 $3 $4 $5 $6 $7 $8 $9
cd "$OLDPWD"
fi
fi
;;
*)
echo "User Unsupported"
;;
esac
} }
wx-settings(){ wx-settings(){
wx-login wx-login
wx-header "Settings"
echo " >> Settings << "
echo "------------------------------"
}
wx-ssh(){
wx-login
case $1 in
sign)
wx-ssh-sign
;;
config)
wx-ssh-config $2
;;
*)
echo " >> SSH << "
echo "------------------------------"
wx-stop
;;
esac
}
wx-welcome(){
echo " >> Welcome << "
echo "------------------------------"
} }
wx-ssh-config(){ wx-ssh-config(){
echo " >> SSH / Config << " wx-restricted
echo "------------------------------"
case $1 in case $1 in
edit) edit)
@@ -340,69 +509,226 @@ wx-ssh-config(){
sync) sync)
wx-ssh-config-sync wx-ssh-config-sync
;; ;;
clean)
wx-ssh-config-clean
;;
*) *)
wx-ssh-config-sync wx-ssh-config-sync
wx-stop wx-stop
;; ;;
esac esac
} }
wx-ssh-config-edit(){ wx-ssh-config-edit(){
wx-header "SSH / Config / Edit"
wx-restricted
nano ~/.ssh/config nano ~/.ssh/config
} }
wx-ssh-config-save(){ wx-ssh-config-save(){
curl https://$VAULT_DOMAIN/v1/cli/data/$USER -X POST --header "X-Vault-Token: ${config["login",$ORG]}" -d "{ \"data\": { \"settings/ssh/config\": \"$(cat ~/.ssh/config | base64 -w 0)\" } }" -s &> /dev/null wx-header "SSH / Config / Save"
wx-restricted
curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/config -X POST --header "X-Vault-Token: ${config["login",$ORG]}" -d "{ \"data\": { \"data\": \"$(cat ~/.ssh/config | base64 -w 0)\" } }" -s &> /dev/null
} }
wx-ssh-config-sync(){ wx-ssh-config-sync(){
echo $(curl https://$VAULT_DOMAIN/v1/cli/data/$USER -X GET --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.data["settings/ssh/config"]') | base64 -d > ~/.ssh/config 2>&1 wx-header "SSH / Config / Sync"
} wx-restricted
VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/config -X GET --header "X-Vault-Token: ${config["login",$ORG]}")
wx-ssh-sign(){ if [[ $VAULT_STATUS -eq 200 ]]
echo " >> SSH / Sign << "
echo "------------------------------"
if [[ $ORG == "warengroup" ]]
then then
wx-ssh-sign-create warengroup sysadmin 3600 touch ~/.ssh/config
elif [[ $ORG == "cwinfo" ]] SSH1_CONFIG_MD5=$(curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/config -X GET --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.data.data' | base64 -d | md5sum | base64)
SSH2_CONFIG_MD5=$(cat ~/.ssh/config | md5sum | base64)
if [[ $SSH1_CONFIG_MD5 != $SSH2_CONFIG_MD5 ]]
then then
wx-ssh-sign-create cwinfo sysadmin 3600 echo $(curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/config -X GET --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.data.data') | base64 -d > ~/.ssh/config 2>&1
elif [[ $ORG == "cwchristerw" ]] chmod 700 ~/.ssh/config
then fi
wx-ssh-sign-create warengroup sysadmin 3600
wx-ssh-sign-create cwinfo sysadmin 3600
wx-ssh-sign-create cwchristerw sysadmin 3600
fi fi
} }
wx-ssh-sign-create(){ wx-ssh-config-clean(){
mkdir -p $HOME/.ssh/keys wx-header "SSH / Config / Clean"
chmod 700 $HOME/.ssh/keys wx-restricted
chmod 600 $HOME/.ssh/keys/* VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/config -X GET --header "X-Vault-Token: ${config["login",$ORG]}")
if [[ -f "$HOME/.ssh/config" && $VAULT_STATUS -eq 200 ]]
then
rm "$HOME/.ssh/config"
fi
}
wx-ssh-keys(){
wx-restricted
case $1 in
generate)
wx-ssh-keys-retrieve $2
wx-ssh-keys-generate $2
wx-ssh-keys-save $2
;;
sign)
wx-ssh-keys-sign
;;
retrieve)
wx-ssh-keys-retrieve $2
;;
save)
wx-ssh-keys-save $2
;;
sync)
wx-ssh-keys-sync $2
;;
delete)
wx-ssh-keys-delete $2
;;
clean)
wx-ssh-keys-clean $2
;;
*)
wx-stop
;;
esac
}
wx-ssh-keys-generate(){
wx-header "SSH / Keys / Generate"
wx-restricted
if [[ ! -z $1 ]]
then
if [[ ! -f "$HOME/.ssh/keys/$1" ]]
then
ssh-keygen -t ed25519 -f $HOME/.ssh/keys/$1 -q -N "" -C "$USERNAME" &> /dev/null
fi
fi
}
wx-ssh-keys-sign(){
wx-header "SSH / Keys / Sign"
wx-restricted
if [[ $ORG == "warengroup" && $USERNAME != "cwchristerw" ]]
then
wx-ssh-keys-sign-create warengroup sysadmin 3600
elif [[ $ORG == "cwinfo" && $USERNAME != "cwchristerw" ]]
then
wx-ssh-keys-sign-create cwinfo sysadmin 3600
elif [[ $ORG == "cwchristerw" || $USERNAME == "cwchristerw" ]]
then
wx-ssh-keys-sign-create warengroup sysadmin 3600
wx-ssh-keys-sign-create cwinfo sysadmin 3600
wx-ssh-keys-sign-create cwchristerw sysadmin 3600
fi
}
wx-ssh-keys-sign-create(){
wx-restricted
NAME=$1 NAME=$1
ROLE=$2 ROLE=$2
PRINCIPALS=$2 PRINCIPALS=$2
TTL=$3 TTL=$3
if [[ ! -f "$HOME/.ssh/keys/$NAME-ed25519" ]] if [[ ! -f "$HOME/.ssh/keys/$NAME" ]]
then then
ssh-keygen -t ed25519 -f $HOME/.ssh/keys/$NAME-ed25519 -q -N "" &> /dev/null ssh-keygen -t ed25519 -f $HOME/.ssh/keys/$NAME -q -N "" -C "$USERNAME" &> /dev/null
fi fi
if [[ -f "$HOME/.ssh/keys/$NAME-ed25519" ]] if [[ -f "$HOME/.ssh/keys/$NAME" ]]
then then
echo "$NAME/$ROLE" echo "$NAME/$ROLE"
echo $(curl https://$VAULT_DOMAIN/v1/ssh/sign/$ROLE -X POST --header "X-Vault-Token: ${config["login",$ORG]}" -d "{ \"public_key\": \"$(cat $HOME/.ssh/keys/$NAME-ed25519.pub)\", \"valid_principals\": \"$PRINCIPALS,$USER\", \"ttl\": \"$TTL\" }" -s | jq -r '.data.signed_key') > ~/.ssh/keys/$NAME-ed25519.sig 2>&1 echo $(curl https://$VAULT_DOMAIN/v1/ssh/sign/$ROLE -X POST --header "X-Vault-Token: ${config["login",$ORG]}" -d "{ \"public_key\": \"$(cat $HOME/.ssh/keys/$NAME.pub)\", \"valid_principals\": \"$PRINCIPALS,$USERNAME\", \"ttl\": \"$TTL\" }" -s | jq -r '.data.signed_key') > ~/.ssh/keys/$NAME.sig 2>&1
fi
}
wx-ssh-keys-retrieve(){
if [[ -z $2 ]]
then
wx-header "SSH / Keys / Retrieve"
fi
wx-restricted
if [[ ! -z $1 ]]
then
VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/keys/$1 -X GET --header "X-Vault-Token: ${config["login",$ORG]}")
if [[ $VAULT_STATUS -eq 200 ]]
then
echo $(curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/keys/$1 -X GET --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.data.private') | base64 -d > ~/.ssh/keys/$1 2>&1
chmod 700 ~/.ssh/keys/$1
echo $(curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/keys/$1 -X GET --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.data.public') | base64 -d > ~/.ssh/keys/$1.pub 2>&1
chmod 700 ~/.ssh/keys/$1.pub
fi
fi
}
wx-ssh-keys-save(){
wx-header "SSH / Keys / Save"
wx-restricted
if [[ ! -z $1 ]]
then
if [[ -f "$HOME/.ssh/keys/$1" ]]
then
curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/keys/$1 -X POST --header "X-Vault-Token: ${config["login",$ORG]}" -d "{ \"data\": { \"private\": \"$(cat ~/.ssh/keys/$1 | base64 -w 0)\", \"public\": \"$(cat ~/.ssh/keys/$1.pub | base64 -w 0)\" } }" -s &> /dev/null
fi
fi
}
wx-ssh-keys-sync(){
wx-header "SSH / Keys / Sync"
wx-restricted
VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/cli/metadata/$USERNAME/settings/ssh/keys -X LIST --header "X-Vault-Token: ${config["login",$ORG]}")
if [[ $VAULT_STATUS -eq 200 ]]
then
for name in $(curl https://$VAULT_DOMAIN/v1/cli/metadata/$USERNAME/settings/ssh/keys -X LIST --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.keys | @sh' | tr -d \')
do
echo $name
wx-ssh-keys-retrieve $name --multiple
done
fi
}
wx-ssh-keys-clean(){
if [[ -z $1 ]]
then
wx-header "SSH / Keys / Clean"
fi
wx-restricted
if [[ ! -z $1 ]]
then
if [[ -f "$HOME/.ssh/keys/$1" && $(basename "$HOME/.ssh/keys/$1") != "legacy" ]]
then
rm "$HOME/.ssh/keys/$1" &> /dev/null
rm "$HOME/.ssh/keys/$1.pub" &> /dev/null
rm "$HOME/.ssh/keys/$1.sig" &> /dev/null
fi
else
if [[ $ORG == "warengroup" && $USERNAME != "cwchristerw" ]]
then
wx-ssh-keys-clean warengroup
elif [[ $ORG == "cwinfo" && $USERNAME != "cwchristerw" ]]
then
wx-ssh-keys-clean cwinfo
elif [[ $ORG == "cwchristerw" || $USERNAME == "cwchristerw" ]]
then
wx-ssh-keys-clean warengroup
wx-ssh-keys-clean cwinfo
wx-ssh-keys-clean cwchristerw
fi
for file in ~/.ssh/keys/*
do
VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/keys/$(basename "$file" .pub) -X GET --header "X-Vault-Token: ${config["login",$ORG]}")
if [[ $(basename "$file") != "legacy" && $VAULT_STATUS -eq 200 ]]
then
rm "$file" &> /dev/null
fi
done
fi fi
} }
wx-start
if [[ ! -z $1 ]] && [[ $(type -t wx-$1) == function ]] if [[ ! -z $1 ]] && [[ $(type -t wx-$1) == function ]]
then then
wx-$1 $2 $3 $4 $5 $6 $7 $8 $9 wx-$1 $2 $3 $4 $5 $6 $7 $8 $9