Compare commits
28 Commits
4e9ae9109e
...
master
| Author | SHA1 | Date | |
|---|---|---|---|
| 67fabf0ce1 | |||
| fe56c50bfb | |||
| eb14aa46ff | |||
| c59d1b374d | |||
| 1a99d2e2a1 | |||
| 1d03f7be64 | |||
| 994e44d8f1 | |||
| f016a452cd | |||
| c17b9a0e42 | |||
| a91d5d6011 | |||
| 3a0902fe8e | |||
| 9baae5bccc | |||
| 7b837fdba7 | |||
| 283b7538e6 | |||
| 14ae6e5dad | |||
| 87608f9bfb | |||
| 5903932328 | |||
| 96193196cc | |||
| 0186421fc6 | |||
| 714feda225 | |||
| 3d834933e7 | |||
| dd72a873ab | |||
| 81cd3a1c1c | |||
| b52f1d4486 | |||
| 42239ef54d | |||
| 256a79e427 | |||
| b36f98e5e9 | |||
| 2f33daaaa7 |
2
LICENSE
2
LICENSE
@ -1,6 +1,6 @@
|
||||
MIT License
|
||||
|
||||
Copyright (c) 2023-2024 Warén Group
|
||||
Copyright (c) 2023-2025 Warén Group
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
of this software and associated documentation files (the "Software"), to deal
|
||||
|
||||
@ -1,14 +1,9 @@
|
||||
wx-login(){
|
||||
if [[ -z "$HOSTNAME" || ${#HOSTNAME} -lt 5 ]]
|
||||
then
|
||||
wx-header "Login"
|
||||
echo "Status: Hostname Required"
|
||||
wx-stop
|
||||
fi
|
||||
|
||||
if [[ ! -z $1 ]]
|
||||
then
|
||||
ORG=$1
|
||||
jq '.org = "'$ORG'"' $HOME/.warengroup/config.json 1> $HOME/.warengroup/config.json.tmp
|
||||
mv $HOME/.warengroup/config.json.tmp $HOME/.warengroup/config.json &> /dev/null
|
||||
elif [[ $(hostname -d) = *"devices.waren.io" ]]
|
||||
then
|
||||
ORG=warengroup
|
||||
@ -18,6 +13,9 @@ wx-login(){
|
||||
elif [[ $(hostname -d) = *"devices.christerwaren.fi" ]]
|
||||
then
|
||||
ORG=cwchristerw
|
||||
elif [[ $USER != "root" && $USER != "local" && -f "$HOME/.warengroup/config.json" && $(cat $HOME/.warengroup/config.json | jq -r .org) != "null" ]]
|
||||
then
|
||||
ORG=$(cat $HOME/.warengroup/config.json | jq -r .org)
|
||||
else
|
||||
wx-header "Login"
|
||||
echo "Status: Organization Required"
|
||||
@ -41,21 +39,9 @@ wx-login(){
|
||||
|
||||
FOLDER=$ORG
|
||||
DEVICE_DOMAIN="devices.$DOMAIN"
|
||||
IDM_DOMAIN="idm.cwinfo.net"
|
||||
IDM_DOMAIN="idm.waren.io"
|
||||
VAULT_DOMAIN="vault.cwinfo.net"
|
||||
|
||||
if [[ ! -z $2 ]]
|
||||
then
|
||||
HOSTNAME="$2.$DEVICE_DOMAIN"
|
||||
elif [[ $(hostname -d) ]]
|
||||
then
|
||||
HOSTNAME=$(hostname --fqdn)
|
||||
else
|
||||
wx-header "Login"
|
||||
echo "Status: Hostname Required"
|
||||
wx-stop
|
||||
fi
|
||||
|
||||
if [[ -z $USER || $USER == "root" || $USER == "local" ]]
|
||||
then
|
||||
if [[ -z $SUDO_USER ]]
|
||||
@ -79,9 +65,13 @@ wx-login(){
|
||||
if [[ $VAULT_STATUS -eq 200 ]]
|
||||
then
|
||||
|
||||
if [[ $USER != "root" && $USER != "local" && -f "$HOME/.config/warengroup/config.json" ]]
|
||||
if [[ $USER != "root" && $USER != "local" && -f "$HOME/.warengroup/config.json" ]]
|
||||
then
|
||||
TOKEN="$(cat $HOME/.config/warengroup/config.json | jq -r .login.$ORG)"
|
||||
if [[ $(cat $HOME/.warengroup/config.json | jq -r .login.$ORG.username) != "null" ]]
|
||||
then
|
||||
USERNAME="$(cat $HOME/.warengroup/config.json | jq -r .login.$ORG.username)"
|
||||
fi
|
||||
TOKEN="$(cat $HOME/.warengroup/config.json | jq -r .login.$ORG.token)"
|
||||
fi
|
||||
|
||||
VAULT_LOGIN=$(curl https://$VAULT_DOMAIN/v1/auth/token/renew -X POST --header "X-Vault-Token: $TOKEN" -d '{ "token": "'$TOKEN'" }' -s | jq -r '.auth.client_token')
|
||||
@ -90,8 +80,8 @@ wx-login(){
|
||||
config["login",${ORG}]=$VAULT_LOGIN
|
||||
if [[ $USER != "root" && $USER != "local" ]]
|
||||
then
|
||||
jq '.login.'$ORG' = "'$VAULT_LOGIN'"' $HOME/.config/warengroup/config.json 1> $HOME/.config/warengroup/config.json.tmp
|
||||
mv $HOME/.config/warengroup/config.json.tmp $HOME/.config/warengroup/config.json &> /dev/null
|
||||
jq '.login.'$ORG'.token = "'$VAULT_LOGIN'"' $HOME/.warengroup/config.json 1> $HOME/.warengroup/config.json.tmp
|
||||
mv $HOME/.warengroup/config.json.tmp $HOME/.warengroup/config.json &> /dev/null
|
||||
fi
|
||||
else
|
||||
IDM_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$IDM_DOMAIN)
|
||||
@ -100,7 +90,7 @@ wx-login(){
|
||||
wx-header "Login"
|
||||
echo $wxBold$ORG$wxNormal
|
||||
|
||||
if [[ -z $USERNAME || $USERNAME == "root" || $USERNAME == "local" ]]
|
||||
if [[ -z $USERNAME || $USERNAME == "root" || $USERNAME == "local" || $USERNAME == "nobody" ]]
|
||||
then
|
||||
echo -n "Username: "
|
||||
read USERNAME
|
||||
@ -108,6 +98,9 @@ wx-login(){
|
||||
echo "Username: $USERNAME"
|
||||
fi
|
||||
|
||||
jq '.login.'$ORG'.username = "'$USERNAME'"' $HOME/.warengroup/config.json 1> $HOME/.warengroup/config.json.tmp
|
||||
mv $HOME/.warengroup/config.json.tmp $HOME/.warengroup/config.json &> /dev/null
|
||||
|
||||
echo -n "Password: "
|
||||
read -s PASSWORD
|
||||
echo "****************"
|
||||
@ -128,8 +121,8 @@ wx-login(){
|
||||
|
||||
if [[ $USER != "root" && $USER != "local" ]]
|
||||
then
|
||||
jq '.login.'$ORG' = "'$VAULT_LOGIN'"' $HOME/.config/warengroup/config.json &> $HOME/.config/warengroup/config.json.tmp
|
||||
mv $HOME/.config/warengroup/config.json.tmp $HOME/.config/warengroup/config.json &> /dev/null
|
||||
jq '.login.'$ORG'.token = "'$VAULT_LOGIN'"' $HOME/.warengroup/config.json &> $HOME/.warengroup/config.json.tmp
|
||||
mv $HOME/.warengroup/config.json.tmp $HOME/.warengroup/config.json &> /dev/null
|
||||
fi
|
||||
fi
|
||||
else
|
||||
@ -157,8 +150,8 @@ wx-login(){
|
||||
|
||||
if [[ $USER != "root" && $USER != "local" ]]
|
||||
then
|
||||
jq '.login.'$ORG' = "'$VAULT_LOGIN'"' $HOME/.config/warengroup/config.json &> $HOME/.config/warengroup/config.json.tmp
|
||||
mv $HOME/.config/warengroup/config.json.tmp $HOME/.config/warengroup/config.json &> /dev/null
|
||||
jq '.login.'$ORG'.token = "'$VAULT_LOGIN'"' $HOME/.warengroup/config.json &> $HOME/.warengroup/config.json.tmp
|
||||
mv $HOME/.warengroup/config.json.tmp $HOME/.warengroup/config.json &> /dev/null
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
|
||||
@ -1,13 +1,13 @@
|
||||
wx-logout(){
|
||||
wx-header "Logout"
|
||||
if [[ $USER != "root" && $USER != "local" && -f "$HOME/.config/warengroup/config.json" ]]
|
||||
if [[ $USER != "root" && $USER != "local" && -f "$HOME/.warengroup/config.json" ]]
|
||||
then
|
||||
VAULT_LOGIN=$(cat $HOME/.config/warengroup/config.json | jq -r .login)
|
||||
VAULT_LOGIN=$(cat $HOME/.warengroup/config.json | jq -r .login)
|
||||
if [[ $VAULT_LOGIN != null && $VAULT_LOGIN != "{}" ]]
|
||||
then
|
||||
wx-clean
|
||||
jq '.login = {}' $HOME/.config/warengroup/config.json &> $HOME/.config/warengroup/config.json.tmp
|
||||
mv $HOME/.config/warengroup/config.json.tmp $HOME/.config/warengroup/config.json &> /dev/null
|
||||
wx-clean &> /dev/null
|
||||
jq '.login = {}' $HOME/.warengroup/config.json &> $HOME/.warengroup/config.json.tmp
|
||||
mv $HOME/.warengroup/config.json.tmp $HOME/.warengroup/config.json &> /dev/null
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
@ -5,10 +5,37 @@ wx-infra(){
|
||||
wx-header "Infra"
|
||||
wx-restricted
|
||||
|
||||
INFRA_PATH="/home/cwchristerw/Desktop/Work in Progress/Programming/warengroup/infra"
|
||||
|
||||
case $USERNAME in
|
||||
cwchristerw)
|
||||
if [[ -d "$HOME/Desktop/Work in Progress/Programming/warengroup/infra" ]]
|
||||
then
|
||||
INFRA_PATH="$HOME/Desktop/Work in Progress/Programming/warengroup/infra"
|
||||
else
|
||||
if [[ -d "$HOME/.warengroup/infra" ]]
|
||||
then
|
||||
INFRA_PATH="$HOME/.warengroup/infra"
|
||||
else
|
||||
INFRA_PATH="$HOME/.warengroup/infra"
|
||||
mkdir -p "$INFRA_PATH" &> /dev/null
|
||||
git clone ssh://git@git.waren.io:2222/warengroup-private/infra.git --config core.sshCommand="ssh -i $HOME/.ssh/keys/warengroup-legacy -o ProxyJump=none" "$INFRA_PATH" &> /dev/null
|
||||
fi
|
||||
fi
|
||||
|
||||
if [[ ! -f "$INFRA_PATH/vault/cwchristerw" || ! -f "$INFRA_PATH/vault/warengroup" ]]
|
||||
then
|
||||
mkdir -p "$INFRA_PATH/vault" &> /dev/null
|
||||
|
||||
curl \
|
||||
-H "X-Vault-Token: ${config["login",$ORG]}" \
|
||||
-X GET \
|
||||
https://$VAULT_DOMAIN/v1/cli/data/cwchristerw/settings/infra -s | jq -r '.data.data.cwchristerw' > "$INFRA_PATH/vault/cwchristerw"
|
||||
|
||||
curl \
|
||||
-H "X-Vault-Token: ${config["login",$ORG]}" \
|
||||
-X GET \
|
||||
https://$VAULT_DOMAIN/v1/cli/data/cwchristerw/settings/infra -s | jq -r '.data.data.warengroup' > "$INFRA_PATH/vault/warengroup"
|
||||
fi
|
||||
|
||||
if [[ -z $1 ]]
|
||||
then
|
||||
echo "Tag Required"
|
||||
@ -17,15 +44,26 @@ wx-infra(){
|
||||
then
|
||||
if [[ -z $2 ]]
|
||||
then
|
||||
echo "Tag Required"
|
||||
else
|
||||
cd "$INFRA_PATH"
|
||||
ansible-playbook --vault-id warengroup@vault/warengroup playbooks/init.yml -t $2 $3 $4 $5 $6 $7 $8 $9
|
||||
cd "$OLDPWD"
|
||||
2=init
|
||||
fi
|
||||
|
||||
cd "$INFRA_PATH"
|
||||
git pull &> /dev/null
|
||||
ansible-galaxy collection install -r requirements.yml --upgrade &> /dev/null
|
||||
ansible-playbook --vault-id warengroup@vault/warengroup --vault-id cwchristerw@vault/cwchristerw playbooks/init.yml -t $2 $3 $4 $5 $6 $7 $8 $9
|
||||
cd "$OLDPWD"
|
||||
elif [[ $1 == "manager" ]]
|
||||
then
|
||||
cd "$INFRA_PATH"
|
||||
git pull &> /dev/null
|
||||
ansible-galaxy collection install -r requirements.yml --upgrade &> /dev/null
|
||||
ansible-playbook --vault-id warengroup@vault/warengroup --vault-id cwchristerw@vault/cwchristerw manager.yml $2 $3 $4 $5 $6 $7 $8 $9
|
||||
cd "$OLDPWD"
|
||||
else
|
||||
cd "$INFRA_PATH"
|
||||
ansible-playbook --vault-id warengroup@vault/warengroup playbooks.yml -t $1 $2 $3 $4 $5 $6 $7 $8 $9
|
||||
git pull &> /dev/null
|
||||
ansible-galaxy collection install -r requirements.yml --upgrade &> /dev/null
|
||||
ansible-playbook --vault-id warengroup@vault/warengroup --vault-id cwchristerw@vault/cwchristerw playbooks.yml -t $1 $2 $3 $4 $5 $6 $7 $8 $9
|
||||
cd "$OLDPWD"
|
||||
fi
|
||||
fi
|
||||
|
||||
@ -1,8 +1,8 @@
|
||||
wx-uninstall(){
|
||||
wx-header "Uninstall"
|
||||
wx-logout
|
||||
if [[ ! -d "$HOME/.config/warengroup" ]]
|
||||
if [[ ! -d "$HOME/.warengroup" ]]
|
||||
then
|
||||
rm "$HOME/.config/warengroup" -rf
|
||||
rm "$HOME/.warengroup" -rf
|
||||
fi
|
||||
}
|
||||
|
||||
@ -1,11 +1,6 @@
|
||||
wx-ssh(){
|
||||
wx-login
|
||||
|
||||
mkdir -p $HOME/.ssh/keys
|
||||
chmod 700 -R $HOME/.ssh/keys
|
||||
mkdir -p $HOME/.ssh/multiplex
|
||||
chmod 700 -R $HOME/.ssh/multiplex
|
||||
|
||||
case $1 in
|
||||
keys)
|
||||
wx-ssh-keys $2 $3
|
||||
|
||||
@ -41,8 +41,14 @@ wx-ssh-config-sync(){
|
||||
VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/config -X GET --header "X-Vault-Token: ${config["login",$ORG]}")
|
||||
if [[ $VAULT_STATUS -eq 200 ]]
|
||||
then
|
||||
echo $(curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/config -X GET --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.data.data') | base64 -d > ~/.ssh/config 2>&1
|
||||
chmod 700 ~/.ssh/config
|
||||
touch ~/.ssh/config
|
||||
SSH1_CONFIG_MD5=$(curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/config -X GET --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.data.data' | base64 -d | md5sum | base64)
|
||||
SSH2_CONFIG_MD5=$(cat ~/.ssh/config | md5sum | base64)
|
||||
if [[ $SSH1_CONFIG_MD5 != $SSH2_CONFIG_MD5 ]]
|
||||
then
|
||||
echo $(curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/config -X GET --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.data.data') | base64 -d > ~/.ssh/config 2>&1
|
||||
chmod 700 ~/.ssh/config
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
|
||||
@ -47,13 +47,13 @@ wx-ssh-keys-sign(){
|
||||
wx-header "SSH / Keys / Sign"
|
||||
wx-restricted
|
||||
|
||||
if [[ $ORG == "warengroup" ]]
|
||||
if [[ $ORG == "warengroup" && $USERNAME != "cwchristerw" ]]
|
||||
then
|
||||
wx-ssh-keys-sign-create warengroup sysadmin 3600
|
||||
elif [[ $ORG == "cwinfo" ]]
|
||||
elif [[ $ORG == "cwinfo" && $USERNAME != "cwchristerw" ]]
|
||||
then
|
||||
wx-ssh-keys-sign-create cwinfo sysadmin 3600
|
||||
elif [[ $ORG == "cwchristerw" ]]
|
||||
elif [[ $ORG == "cwchristerw" || $USERNAME == "cwchristerw" ]]
|
||||
then
|
||||
wx-ssh-keys-sign-create warengroup sysadmin 3600
|
||||
wx-ssh-keys-sign-create cwinfo sysadmin 3600
|
||||
@ -94,7 +94,9 @@ wx-ssh-keys-retrieve(){
|
||||
if [[ $VAULT_STATUS -eq 200 ]]
|
||||
then
|
||||
echo $(curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/keys/$1 -X GET --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.data.private') | base64 -d > ~/.ssh/keys/$1 2>&1
|
||||
chmod 700 ~/.ssh/keys/$1
|
||||
echo $(curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/keys/$1 -X GET --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.data.public') | base64 -d > ~/.ssh/keys/$1.pub 2>&1
|
||||
chmod 700 ~/.ssh/keys/$1.pub
|
||||
fi
|
||||
fi
|
||||
}
|
||||
@ -142,13 +144,13 @@ wx-ssh-keys-clean(){
|
||||
rm "$HOME/.ssh/keys/$1.sig" &> /dev/null
|
||||
fi
|
||||
else
|
||||
if [[ $ORG == "warengroup" ]]
|
||||
if [[ $ORG == "warengroup" && $USERNAME != "cwchristerw" ]]
|
||||
then
|
||||
wx-ssh-keys-clean warengroup
|
||||
elif [[ $ORG == "cwinfo" ]]
|
||||
elif [[ $ORG == "cwinfo" && $USERNAME != "cwchristerw" ]]
|
||||
then
|
||||
wx-ssh-keys-clean cwinfo
|
||||
elif [[ $ORG == "cwchristerw" ]]
|
||||
elif [[ $ORG == "cwchristerw" || $USERNAME == "cwchristerw" ]]
|
||||
then
|
||||
wx-ssh-keys-clean warengroup
|
||||
wx-ssh-keys-clean cwinfo
|
||||
|
||||
@ -1,13 +1,15 @@
|
||||
wx-start(){
|
||||
wx-header "Warén CLI" h1
|
||||
|
||||
if [[ $USER != "root" && $USER != "local" ]]
|
||||
then
|
||||
mkdir -p $HOME/.config/warengroup &> /dev/null
|
||||
mkdir -p $HOME/.warengroup &> /dev/null
|
||||
|
||||
if [[ ! -f "$HOME/.config/warengroup/config.json" ]]
|
||||
then
|
||||
echo '{}' | jq > $HOME/.config/warengroup/config.json
|
||||
fi
|
||||
if [[ ! -f "$HOME/.warengroup/config.json" || $(jq -e . < $HOME/.warengroup/config.json &>/dev/null; echo $?) -gt 0 ]]
|
||||
then
|
||||
echo '{}' | jq > $HOME/.warengroup/config.json
|
||||
fi
|
||||
|
||||
mkdir -p $HOME/.ssh/keys
|
||||
chmod 700 -R $HOME/.ssh/keys
|
||||
mkdir -p $HOME/.ssh/multiplex
|
||||
chmod 700 -R $HOME/.ssh/multiplex
|
||||
}
|
||||
|
||||
@ -5,5 +5,10 @@ wx-stop (){
|
||||
|
||||
wx-install --auto
|
||||
|
||||
if [[ $USERNAME != $USER && $USERNAME != $SUDO_USER && $USERNAME != $LOGNAME ]]
|
||||
then
|
||||
wx-logout
|
||||
fi
|
||||
|
||||
exit 1
|
||||
}
|
||||
|
||||
169
wx
169
wx
@ -64,15 +64,17 @@ wx-restricted(){
|
||||
wx-start(){
|
||||
wx-header "Warén CLI" h1
|
||||
|
||||
if [[ $USER != "root" && $USER != "local" ]]
|
||||
then
|
||||
mkdir -p $HOME/.config/warengroup &> /dev/null
|
||||
mkdir -p $HOME/.warengroup &> /dev/null
|
||||
|
||||
if [[ ! -f "$HOME/.config/warengroup/config.json" ]]
|
||||
then
|
||||
echo '{}' | jq > $HOME/.config/warengroup/config.json
|
||||
fi
|
||||
if [[ ! -f "$HOME/.warengroup/config.json" || $(jq -e . < $HOME/.warengroup/config.json &>/dev/null; echo $?) -gt 0 ]]
|
||||
then
|
||||
echo '{}' | jq > $HOME/.warengroup/config.json
|
||||
fi
|
||||
|
||||
mkdir -p $HOME/.ssh/keys
|
||||
chmod 700 -R $HOME/.ssh/keys
|
||||
mkdir -p $HOME/.ssh/multiplex
|
||||
chmod 700 -R $HOME/.ssh/multiplex
|
||||
}
|
||||
|
||||
wx-stop (){
|
||||
@ -82,6 +84,11 @@ wx-stop (){
|
||||
|
||||
wx-install --auto
|
||||
|
||||
if [[ $USERNAME != $USER && $USERNAME != $SUDO_USER && $USERNAME != $LOGNAME ]]
|
||||
then
|
||||
wx-logout
|
||||
fi
|
||||
|
||||
exit 1
|
||||
}
|
||||
|
||||
@ -133,10 +140,37 @@ wx-infra(){
|
||||
wx-header "Infra"
|
||||
wx-restricted
|
||||
|
||||
INFRA_PATH="/home/cwchristerw/Desktop/Work in Progress/Programming/warengroup/infra"
|
||||
|
||||
case $USERNAME in
|
||||
cwchristerw)
|
||||
if [[ -d "$HOME/Desktop/Work in Progress/Programming/warengroup/infra" ]]
|
||||
then
|
||||
INFRA_PATH="$HOME/Desktop/Work in Progress/Programming/warengroup/infra"
|
||||
else
|
||||
if [[ -d "$HOME/.warengroup/infra" ]]
|
||||
then
|
||||
INFRA_PATH="$HOME/.warengroup/infra"
|
||||
else
|
||||
INFRA_PATH="$HOME/.warengroup/infra"
|
||||
mkdir -p "$INFRA_PATH" &> /dev/null
|
||||
git clone ssh://git@git.waren.io:2222/warengroup-private/infra.git --config core.sshCommand="ssh -i $HOME/.ssh/keys/warengroup-legacy -o ProxyJump=none" "$INFRA_PATH" &> /dev/null
|
||||
fi
|
||||
fi
|
||||
|
||||
if [[ ! -f "$INFRA_PATH/vault/cwchristerw" || ! -f "$INFRA_PATH/vault/warengroup" ]]
|
||||
then
|
||||
mkdir -p "$INFRA_PATH/vault" &> /dev/null
|
||||
|
||||
curl \
|
||||
-H "X-Vault-Token: ${config["login",$ORG]}" \
|
||||
-X GET \
|
||||
https://$VAULT_DOMAIN/v1/cli/data/cwchristerw/settings/infra -s | jq -r '.data.data.cwchristerw' > "$INFRA_PATH/vault/cwchristerw"
|
||||
|
||||
curl \
|
||||
-H "X-Vault-Token: ${config["login",$ORG]}" \
|
||||
-X GET \
|
||||
https://$VAULT_DOMAIN/v1/cli/data/cwchristerw/settings/infra -s | jq -r '.data.data.warengroup' > "$INFRA_PATH/vault/warengroup"
|
||||
fi
|
||||
|
||||
if [[ -z $1 ]]
|
||||
then
|
||||
echo "Tag Required"
|
||||
@ -145,15 +179,26 @@ wx-infra(){
|
||||
then
|
||||
if [[ -z $2 ]]
|
||||
then
|
||||
echo "Tag Required"
|
||||
else
|
||||
cd "$INFRA_PATH"
|
||||
ansible-playbook --vault-id warengroup@vault/warengroup playbooks/init.yml -t $2 $3 $4 $5 $6 $7 $8 $9
|
||||
cd "$OLDPWD"
|
||||
2=init
|
||||
fi
|
||||
|
||||
cd "$INFRA_PATH"
|
||||
git pull &> /dev/null
|
||||
ansible-galaxy collection install -r requirements.yml --upgrade &> /dev/null
|
||||
ansible-playbook --vault-id warengroup@vault/warengroup --vault-id cwchristerw@vault/cwchristerw playbooks/init.yml -t $2 $3 $4 $5 $6 $7 $8 $9
|
||||
cd "$OLDPWD"
|
||||
elif [[ $1 == "manager" ]]
|
||||
then
|
||||
cd "$INFRA_PATH"
|
||||
git pull &> /dev/null
|
||||
ansible-galaxy collection install -r requirements.yml --upgrade &> /dev/null
|
||||
ansible-playbook --vault-id warengroup@vault/warengroup --vault-id cwchristerw@vault/cwchristerw manager.yml $2 $3 $4 $5 $6 $7 $8 $9
|
||||
cd "$OLDPWD"
|
||||
else
|
||||
cd "$INFRA_PATH"
|
||||
ansible-playbook --vault-id warengroup@vault/warengroup playbooks.yml -t $1 $2 $3 $4 $5 $6 $7 $8 $9
|
||||
git pull &> /dev/null
|
||||
ansible-galaxy collection install -r requirements.yml --upgrade &> /dev/null
|
||||
ansible-playbook --vault-id warengroup@vault/warengroup --vault-id cwchristerw@vault/cwchristerw playbooks.yml -t $1 $2 $3 $4 $5 $6 $7 $8 $9
|
||||
cd "$OLDPWD"
|
||||
fi
|
||||
fi
|
||||
@ -167,11 +212,6 @@ wx-infra(){
|
||||
wx-ssh(){
|
||||
wx-login
|
||||
|
||||
mkdir -p $HOME/.ssh/keys
|
||||
chmod 700 -R $HOME/.ssh/keys
|
||||
mkdir -p $HOME/.ssh/multiplex
|
||||
chmod 700 -R $HOME/.ssh/multiplex
|
||||
|
||||
case $1 in
|
||||
keys)
|
||||
wx-ssh-keys $2 $3
|
||||
@ -191,16 +231,11 @@ wx-welcome(){
|
||||
}
|
||||
|
||||
wx-login(){
|
||||
if [[ -z "$HOSTNAME" || ${#HOSTNAME} -lt 5 ]]
|
||||
then
|
||||
wx-header "Login"
|
||||
echo "Status: Hostname Required"
|
||||
wx-stop
|
||||
fi
|
||||
|
||||
if [[ ! -z $1 ]]
|
||||
then
|
||||
ORG=$1
|
||||
jq '.org = "'$ORG'"' $HOME/.warengroup/config.json 1> $HOME/.warengroup/config.json.tmp
|
||||
mv $HOME/.warengroup/config.json.tmp $HOME/.warengroup/config.json &> /dev/null
|
||||
elif [[ $(hostname -d) = *"devices.waren.io" ]]
|
||||
then
|
||||
ORG=warengroup
|
||||
@ -210,6 +245,9 @@ wx-login(){
|
||||
elif [[ $(hostname -d) = *"devices.christerwaren.fi" ]]
|
||||
then
|
||||
ORG=cwchristerw
|
||||
elif [[ $USER != "root" && $USER != "local" && -f "$HOME/.warengroup/config.json" && $(cat $HOME/.warengroup/config.json | jq -r .org) != "null" ]]
|
||||
then
|
||||
ORG=$(cat $HOME/.warengroup/config.json | jq -r .org)
|
||||
else
|
||||
wx-header "Login"
|
||||
echo "Status: Organization Required"
|
||||
@ -233,21 +271,9 @@ wx-login(){
|
||||
|
||||
FOLDER=$ORG
|
||||
DEVICE_DOMAIN="devices.$DOMAIN"
|
||||
IDM_DOMAIN="idm.cwinfo.net"
|
||||
IDM_DOMAIN="idm.waren.io"
|
||||
VAULT_DOMAIN="vault.cwinfo.net"
|
||||
|
||||
if [[ ! -z $2 ]]
|
||||
then
|
||||
HOSTNAME="$2.$DEVICE_DOMAIN"
|
||||
elif [[ $(hostname -d) ]]
|
||||
then
|
||||
HOSTNAME=$(hostname --fqdn)
|
||||
else
|
||||
wx-header "Login"
|
||||
echo "Status: Hostname Required"
|
||||
wx-stop
|
||||
fi
|
||||
|
||||
if [[ -z $USER || $USER == "root" || $USER == "local" ]]
|
||||
then
|
||||
if [[ -z $SUDO_USER ]]
|
||||
@ -271,9 +297,13 @@ wx-login(){
|
||||
if [[ $VAULT_STATUS -eq 200 ]]
|
||||
then
|
||||
|
||||
if [[ $USER != "root" && $USER != "local" && -f "$HOME/.config/warengroup/config.json" ]]
|
||||
if [[ $USER != "root" && $USER != "local" && -f "$HOME/.warengroup/config.json" ]]
|
||||
then
|
||||
TOKEN="$(cat $HOME/.config/warengroup/config.json | jq -r .login.$ORG)"
|
||||
if [[ $(cat $HOME/.warengroup/config.json | jq -r .login.$ORG.username) != "null" ]]
|
||||
then
|
||||
USERNAME="$(cat $HOME/.warengroup/config.json | jq -r .login.$ORG.username)"
|
||||
fi
|
||||
TOKEN="$(cat $HOME/.warengroup/config.json | jq -r .login.$ORG.token)"
|
||||
fi
|
||||
|
||||
VAULT_LOGIN=$(curl https://$VAULT_DOMAIN/v1/auth/token/renew -X POST --header "X-Vault-Token: $TOKEN" -d '{ "token": "'$TOKEN'" }' -s | jq -r '.auth.client_token')
|
||||
@ -282,8 +312,8 @@ wx-login(){
|
||||
config["login",${ORG}]=$VAULT_LOGIN
|
||||
if [[ $USER != "root" && $USER != "local" ]]
|
||||
then
|
||||
jq '.login.'$ORG' = "'$VAULT_LOGIN'"' $HOME/.config/warengroup/config.json 1> $HOME/.config/warengroup/config.json.tmp
|
||||
mv $HOME/.config/warengroup/config.json.tmp $HOME/.config/warengroup/config.json &> /dev/null
|
||||
jq '.login.'$ORG'.token = "'$VAULT_LOGIN'"' $HOME/.warengroup/config.json 1> $HOME/.warengroup/config.json.tmp
|
||||
mv $HOME/.warengroup/config.json.tmp $HOME/.warengroup/config.json &> /dev/null
|
||||
fi
|
||||
else
|
||||
IDM_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$IDM_DOMAIN)
|
||||
@ -292,7 +322,7 @@ wx-login(){
|
||||
wx-header "Login"
|
||||
echo $wxBold$ORG$wxNormal
|
||||
|
||||
if [[ -z $USERNAME || $USERNAME == "root" || $USERNAME == "local" ]]
|
||||
if [[ -z $USERNAME || $USERNAME == "root" || $USERNAME == "local" || $USERNAME == "nobody" ]]
|
||||
then
|
||||
echo -n "Username: "
|
||||
read USERNAME
|
||||
@ -300,6 +330,9 @@ wx-login(){
|
||||
echo "Username: $USERNAME"
|
||||
fi
|
||||
|
||||
jq '.login.'$ORG'.username = "'$USERNAME'"' $HOME/.warengroup/config.json 1> $HOME/.warengroup/config.json.tmp
|
||||
mv $HOME/.warengroup/config.json.tmp $HOME/.warengroup/config.json &> /dev/null
|
||||
|
||||
echo -n "Password: "
|
||||
read -s PASSWORD
|
||||
echo "****************"
|
||||
@ -320,8 +353,8 @@ wx-login(){
|
||||
|
||||
if [[ $USER != "root" && $USER != "local" ]]
|
||||
then
|
||||
jq '.login.'$ORG' = "'$VAULT_LOGIN'"' $HOME/.config/warengroup/config.json &> $HOME/.config/warengroup/config.json.tmp
|
||||
mv $HOME/.config/warengroup/config.json.tmp $HOME/.config/warengroup/config.json &> /dev/null
|
||||
jq '.login.'$ORG'.token = "'$VAULT_LOGIN'"' $HOME/.warengroup/config.json &> $HOME/.warengroup/config.json.tmp
|
||||
mv $HOME/.warengroup/config.json.tmp $HOME/.warengroup/config.json &> /dev/null
|
||||
fi
|
||||
fi
|
||||
else
|
||||
@ -349,8 +382,8 @@ wx-login(){
|
||||
|
||||
if [[ $USER != "root" && $USER != "local" ]]
|
||||
then
|
||||
jq '.login.'$ORG' = "'$VAULT_LOGIN'"' $HOME/.config/warengroup/config.json &> $HOME/.config/warengroup/config.json.tmp
|
||||
mv $HOME/.config/warengroup/config.json.tmp $HOME/.config/warengroup/config.json &> /dev/null
|
||||
jq '.login.'$ORG'.token = "'$VAULT_LOGIN'"' $HOME/.warengroup/config.json &> $HOME/.warengroup/config.json.tmp
|
||||
mv $HOME/.warengroup/config.json.tmp $HOME/.warengroup/config.json &> /dev/null
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
@ -364,14 +397,14 @@ wx-login(){
|
||||
|
||||
wx-logout(){
|
||||
wx-header "Logout"
|
||||
if [[ $USER != "root" && $USER != "local" && -f "$HOME/.config/warengroup/config.json" ]]
|
||||
if [[ $USER != "root" && $USER != "local" && -f "$HOME/.warengroup/config.json" ]]
|
||||
then
|
||||
VAULT_LOGIN=$(cat $HOME/.config/warengroup/config.json | jq -r .login)
|
||||
VAULT_LOGIN=$(cat $HOME/.warengroup/config.json | jq -r .login)
|
||||
if [[ $VAULT_LOGIN != null && $VAULT_LOGIN != "{}" ]]
|
||||
then
|
||||
wx-clean
|
||||
jq '.login = {}' $HOME/.config/warengroup/config.json &> $HOME/.config/warengroup/config.json.tmp
|
||||
mv $HOME/.config/warengroup/config.json.tmp $HOME/.config/warengroup/config.json &> /dev/null
|
||||
wx-clean &> /dev/null
|
||||
jq '.login = {}' $HOME/.warengroup/config.json &> $HOME/.warengroup/config.json.tmp
|
||||
mv $HOME/.warengroup/config.json.tmp $HOME/.warengroup/config.json &> /dev/null
|
||||
fi
|
||||
fi
|
||||
}
|
||||
@ -399,9 +432,9 @@ wx-install(){
|
||||
wx-uninstall(){
|
||||
wx-header "Uninstall"
|
||||
wx-logout
|
||||
if [[ ! -d "$HOME/.config/warengroup" ]]
|
||||
if [[ ! -d "$HOME/.warengroup" ]]
|
||||
then
|
||||
rm "$HOME/.config/warengroup" -rf
|
||||
rm "$HOME/.warengroup" -rf
|
||||
fi
|
||||
}
|
||||
|
||||
@ -474,8 +507,14 @@ wx-ssh-config-sync(){
|
||||
VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/config -X GET --header "X-Vault-Token: ${config["login",$ORG]}")
|
||||
if [[ $VAULT_STATUS -eq 200 ]]
|
||||
then
|
||||
echo $(curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/config -X GET --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.data.data') | base64 -d > ~/.ssh/config 2>&1
|
||||
chmod 700 ~/.ssh/config
|
||||
touch ~/.ssh/config
|
||||
SSH1_CONFIG_MD5=$(curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/config -X GET --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.data.data' | base64 -d | md5sum | base64)
|
||||
SSH2_CONFIG_MD5=$(cat ~/.ssh/config | md5sum | base64)
|
||||
if [[ $SSH1_CONFIG_MD5 != $SSH2_CONFIG_MD5 ]]
|
||||
then
|
||||
echo $(curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/config -X GET --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.data.data') | base64 -d > ~/.ssh/config 2>&1
|
||||
chmod 700 ~/.ssh/config
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
@ -538,13 +577,13 @@ wx-ssh-keys-sign(){
|
||||
wx-header "SSH / Keys / Sign"
|
||||
wx-restricted
|
||||
|
||||
if [[ $ORG == "warengroup" ]]
|
||||
if [[ $ORG == "warengroup" && $USERNAME != "cwchristerw" ]]
|
||||
then
|
||||
wx-ssh-keys-sign-create warengroup sysadmin 3600
|
||||
elif [[ $ORG == "cwinfo" ]]
|
||||
elif [[ $ORG == "cwinfo" && $USERNAME != "cwchristerw" ]]
|
||||
then
|
||||
wx-ssh-keys-sign-create cwinfo sysadmin 3600
|
||||
elif [[ $ORG == "cwchristerw" ]]
|
||||
elif [[ $ORG == "cwchristerw" || $USERNAME == "cwchristerw" ]]
|
||||
then
|
||||
wx-ssh-keys-sign-create warengroup sysadmin 3600
|
||||
wx-ssh-keys-sign-create cwinfo sysadmin 3600
|
||||
@ -585,7 +624,9 @@ wx-ssh-keys-retrieve(){
|
||||
if [[ $VAULT_STATUS -eq 200 ]]
|
||||
then
|
||||
echo $(curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/keys/$1 -X GET --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.data.private') | base64 -d > ~/.ssh/keys/$1 2>&1
|
||||
chmod 700 ~/.ssh/keys/$1
|
||||
echo $(curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/keys/$1 -X GET --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.data.public') | base64 -d > ~/.ssh/keys/$1.pub 2>&1
|
||||
chmod 700 ~/.ssh/keys/$1.pub
|
||||
fi
|
||||
fi
|
||||
}
|
||||
@ -633,13 +674,13 @@ wx-ssh-keys-clean(){
|
||||
rm "$HOME/.ssh/keys/$1.sig" &> /dev/null
|
||||
fi
|
||||
else
|
||||
if [[ $ORG == "warengroup" ]]
|
||||
if [[ $ORG == "warengroup" && $USERNAME != "cwchristerw" ]]
|
||||
then
|
||||
wx-ssh-keys-clean warengroup
|
||||
elif [[ $ORG == "cwinfo" ]]
|
||||
elif [[ $ORG == "cwinfo" && $USERNAME != "cwchristerw" ]]
|
||||
then
|
||||
wx-ssh-keys-clean cwinfo
|
||||
elif [[ $ORG == "cwchristerw" ]]
|
||||
elif [[ $ORG == "cwchristerw" || $USERNAME == "cwchristerw" ]]
|
||||
then
|
||||
wx-ssh-keys-clean warengroup
|
||||
wx-ssh-keys-clean cwinfo
|
||||
|
||||
Reference in New Issue
Block a user