warengroup/wx
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: warengroup:4e9ae9109e71740bfbae37ee249afa64669f3bda
Branches Tags
warengroup:master
..
compare: warengroup:13e0deb5f530f6e58615535bbeebb5de6020a630
Branches Tags
warengroup:master

No commits in common. "4e9ae9109e71740bfbae37ee249afa64669f3bda" and "13e0deb5f530f6e58615535bbeebb5de6020a630" have entirely different histories.
4e9ae9109e ... 13e0deb5f5

17 changed files with 170 additions and 361 deletions
Show Stats Expand all files Collapse all files

0
build.sh Executable file → Normal file
View File

13
src/commands/auth/logout.sh
View File

@ -1,13 +0,0 @@
wx-logout(){
wx-header "Logout"
if [[ $USER != "root" && $USER != "local" && -f "$HOME/.config/warengroup/config.json" ]]
then
VAULT_LOGIN=$(cat $HOME/.config/warengroup/config.json | jq -r .login)
if [[ $VAULT_LOGIN != null && $VAULT_LOGIN != "{}" ]]
then
wx-clean
jq '.login = {}' $HOME/.config/warengroup/config.json &> $HOME/.config/warengroup/config.json.tmp
mv $HOME/.config/warengroup/config.json.tmp $HOME/.config/warengroup/config.json &> /dev/null
fi
fi
}

2
src/commands/management/auto.sh → src/commands/auto.sh
View File

@ -4,5 +4,5 @@ wx-auto(){
wx-ssh-config-sync
wx-ssh-keys-sync
wx-ssh-keys-sign
wx-ssh-sign
}

13
src/commands/help.sh
View File

@ -13,15 +13,12 @@ Common Commands:
edit Edit
save Save
sync Sync
clean Clean
keys Keys
generate Generate
sign Sign
retrieve Retrieve
delete Delete
save Save
sync Sync
delete Delete
clean Clean
sign Certificates
Authentication Commands:
login Login
@ -29,12 +26,8 @@ Authentication Commands:
Management Commands:
auto Auto
clean Clean
settings Settings
Maintenance Commands:
install Install
update Update
settings Settings
";
}

2
src/commands/infra.sh
View File

@ -1,6 +1,6 @@
wx-infra(){
wx-login
wx-auto &> /dev/null
wx-ssh-sign &> /dev/null
wx-header "Infra"
wx-restricted

0
src/commands/maintenance/install.sh → src/commands/install.sh
View File

0
src/commands/auth/login.sh → src/commands/login.sh
View File

8
src/commands/logout.sh Normal file
View File

@ -0,0 +1,8 @@
wx-logout(){
wx-header "Logout"
if [[ $USER != "root" && $USER != "local" ]]
then
jq '.login = {}' $HOME/.config/warengroup/config.json &> $HOME/.config/warengroup/config.json.tmp
mv $HOME/.config/warengroup/config.json.tmp $HOME/.config/warengroup/config.json &> /dev/null
fi
}

8
src/commands/maintenance/uninstall.sh
View File

@ -1,8 +0,0 @@
wx-uninstall(){
wx-header "Uninstall"
wx-logout
if [[ ! -d "$HOME/.config/warengroup" ]]
then
rm "$HOME/.config/warengroup" -rf
fi
}

6
src/commands/management/clean.sh
View File

@ -1,6 +0,0 @@
wx-clean(){
wx-login
wx-header "Clean"
wx-ssh-config-clean
wx-ssh-keys-clean
}

0
src/commands/management/settings.sh → src/commands/settings.sh
View File

4
src/commands/ssh.sh
View File

@ -7,6 +7,9 @@ wx-ssh(){
chmod 700 -R $HOME/.ssh/multiplex
case $1 in
sign)
wx-ssh-sign
;;
keys)
wx-ssh-keys $2 $3
;;
@ -15,6 +18,7 @@ wx-ssh(){
;;
*)
wx-header "SSH"
wx-stop
;;
esac

20
src/commands/ssh/config.sh
View File

@ -13,9 +13,6 @@ wx-ssh-config(){
sync)
wx-ssh-config-sync
;;
clean)
wx-ssh-config-clean
;;
*)
wx-ssh-config-sync
wx-stop
@ -24,34 +21,23 @@ wx-ssh-config(){
}
wx-ssh-config-edit(){
wx-header "SSH / Config / Edit"
wx-header "SSH / Config"
wx-restricted
nano ~/.ssh/config
}
wx-ssh-config-save(){
wx-header "SSH / Config / Save"
wx-header "SSH / Config"
wx-restricted
curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/config -X POST --header "X-Vault-Token: ${config["login",$ORG]}" -d "{ \"data\": { \"data\": \"$(cat ~/.ssh/config | base64 -w 0)\" } }" -s &> /dev/null
}
wx-ssh-config-sync(){
wx-header "SSH / Config / Sync"
wx-header "SSH / Config"
wx-restricted
VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/config -X GET --header "X-Vault-Token: ${config["login",$ORG]}")
if [[ $VAULT_STATUS -eq 200 ]]
then
echo $(curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/config -X GET --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.data.data') | base64 -d > ~/.ssh/config 2>&1
chmod 700 ~/.ssh/config
fi
}
wx-ssh-config-clean(){
wx-header "SSH / Config / Clean"
wx-restricted
VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/config -X GET --header "X-Vault-Token: ${config["login",$ORG]}")
if [[ -f "$HOME/.ssh/config" && $VAULT_STATUS -eq 200 ]]
then
rm "$HOME/.ssh/config"
fi
}

110
src/commands/ssh/keys.sh
View File

@ -7,9 +7,6 @@ wx-ssh-keys(){
wx-ssh-keys-generate $2
wx-ssh-keys-save $2
;;
sign)
wx-ssh-keys-sign
;;
retrieve)
wx-ssh-keys-retrieve $2
;;
@ -20,19 +17,17 @@ wx-ssh-keys(){
wx-ssh-keys-sync $2
;;
delete)
wx-ssh-keys-delete $2
;;
clean)
wx-ssh-keys-clean $2
wx-ssh-keys-remove $2
;;
*)
wx-ssh-keys-sync
wx-stop
;;
esac
}
wx-ssh-keys-generate(){
wx-header "SSH / Keys / Generate"
wx-header "SSH / Keys"
wx-restricted
if [[ ! -z $1 ]]
then
@ -43,50 +38,8 @@ wx-ssh-keys-generate(){
fi
}
wx-ssh-keys-sign(){
wx-header "SSH / Keys / Sign"
wx-restricted
if [[ $ORG == "warengroup" ]]
then
wx-ssh-keys-sign-create warengroup sysadmin 3600
elif [[ $ORG == "cwinfo" ]]
then
wx-ssh-keys-sign-create cwinfo sysadmin 3600
elif [[ $ORG == "cwchristerw" ]]
then
wx-ssh-keys-sign-create warengroup sysadmin 3600
wx-ssh-keys-sign-create cwinfo sysadmin 3600
wx-ssh-keys-sign-create cwchristerw sysadmin 3600
fi
}
wx-ssh-keys-sign-create(){
wx-restricted
NAME=$1
ROLE=$2
PRINCIPALS=$2
TTL=$3
if [[ ! -f "$HOME/.ssh/keys/$NAME" ]]
then
ssh-keygen -t ed25519 -f $HOME/.ssh/keys/$NAME -q -N "" -C "$USERNAME" &> /dev/null
fi
if [[ -f "$HOME/.ssh/keys/$NAME" ]]
then
echo "$NAME/$ROLE"
echo $(curl https://$VAULT_DOMAIN/v1/ssh/sign/$ROLE -X POST --header "X-Vault-Token: ${config["login",$ORG]}" -d "{ \"public_key\": \"$(cat $HOME/.ssh/keys/$NAME.pub)\", \"valid_principals\": \"$PRINCIPALS,$USERNAME\", \"ttl\": \"$TTL\" }" -s | jq -r '.data.signed_key') > ~/.ssh/keys/$NAME.sig 2>&1
fi
}
wx-ssh-keys-retrieve(){
if [[ -z $2 ]]
then
wx-header "SSH / Keys / Retrieve"
fi
wx-header "SSH / Keys"
wx-restricted
if [[ ! -z $1 ]]
then
@ -100,7 +53,7 @@ wx-ssh-keys-retrieve(){
}
wx-ssh-keys-save(){
wx-header "SSH / Keys / Save"
wx-header "SSH / Keys"
wx-restricted
if [[ ! -z $1 ]]
then
@ -112,56 +65,7 @@ wx-ssh-keys-save(){
}
wx-ssh-keys-sync(){
wx-header "SSH / Keys / Sync"
wx-header "SSH / Keys"
wx-restricted
VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/cli/metadata/$USERNAME/settings/ssh/keys -X LIST --header "X-Vault-Token: ${config["login",$ORG]}")
if [[ $VAULT_STATUS -eq 200 ]]
then
for name in $(curl https://$VAULT_DOMAIN/v1/cli/metadata/$USERNAME/settings/ssh/keys -X LIST --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.keys | @sh' | tr -d \')
do
echo $name
wx-ssh-keys-retrieve $name --multiple
done
fi
}
wx-ssh-keys-clean(){
if [[ -z $1 ]]
then
wx-header "SSH / Keys / Clean"
fi
wx-restricted
if [[ ! -z $1 ]]
then
if [[ -f "$HOME/.ssh/keys/$1" && $(basename "$HOME/.ssh/keys/$1") != "legacy" ]]
then
rm "$HOME/.ssh/keys/$1" &> /dev/null
rm "$HOME/.ssh/keys/$1.pub" &> /dev/null
rm "$HOME/.ssh/keys/$1.sig" &> /dev/null
fi
else
if [[ $ORG == "warengroup" ]]
then
wx-ssh-keys-clean warengroup
elif [[ $ORG == "cwinfo" ]]
then
wx-ssh-keys-clean cwinfo
elif [[ $ORG == "cwchristerw" ]]
then
wx-ssh-keys-clean warengroup
wx-ssh-keys-clean cwinfo
wx-ssh-keys-clean cwchristerw
fi
for file in ~/.ssh/keys/*
do
VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/keys/$(basename "$file" .pub) -X GET --header "X-Vault-Token: ${config["login",$ORG]}")
if [[ $(basename "$file") != "legacy" && $VAULT_STATUS -eq 200 ]]
then
rm "$file" &> /dev/null
fi
done
fi
echo ""
}

37
src/commands/ssh/sign.sh Normal file
View File

@ -0,0 +1,37 @@
wx-ssh-sign(){
wx-header "SSH / Sign"
wx-restricted
if [[ $ORG == "warengroup" ]]
then
wx-ssh-sign-create warengroup sysadmin 3600
elif [[ $ORG == "cwinfo" ]]
then
wx-ssh-sign-create cwinfo sysadmin 3600
elif [[ $ORG == "cwchristerw" ]]
then
wx-ssh-sign-create warengroup sysadmin 3600
wx-ssh-sign-create cwinfo sysadmin 3600
wx-ssh-sign-create cwchristerw sysadmin 3600
fi
}
wx-ssh-sign-create(){
wx-restricted
NAME=$1
ROLE=$2
PRINCIPALS=$2
TTL=$3
if [[ ! -f "$HOME/.ssh/keys/$NAME" ]]
then
ssh-keygen -t ed25519 -f $HOME/.ssh/keys/$NAME -q -N "" -C "$USERNAME" &> /dev/null
fi
if [[ -f "$HOME/.ssh/keys/$NAME" ]]
then
echo "$NAME/$ROLE"
echo $(curl https://$VAULT_DOMAIN/v1/ssh/sign/$ROLE -X POST --header "X-Vault-Token: ${config["login",$ORG]}" -d "{ \"public_key\": \"$(cat $HOME/.ssh/keys/$NAME.pub)\", \"valid_principals\": \"$PRINCIPALS,$USERNAME\", \"ttl\": \"$TTL\" }" -s | jq -r '.data.signed_key') > ~/.ssh/keys/$NAME.sig 2>&1
fi
}

0
src/commands/maintenance/update.sh → src/commands/update.sh
View File

308
wx
View File

@ -85,6 +85,15 @@ wx-stop (){
exit 1
}
wx-auto(){
wx-login
wx-header "Auto"
wx-ssh-config-sync
wx-ssh-keys-sync
wx-ssh-sign
}
wx-help(){
wx-header "Help"
@ -100,15 +109,12 @@ Common Commands:
edit Edit
save Save
sync Sync
clean Clean
keys Keys
generate Generate
sign Sign
retrieve Retrieve
delete Delete
save Save
sync Sync
delete Delete
clean Clean
sign Certificates
Authentication Commands:
login Login
@ -116,19 +122,15 @@ Authentication Commands:
Management Commands:
auto Auto
clean Clean
settings Settings
Maintenance Commands:
install Install
update Update
settings Settings
";
}
wx-infra(){
wx-login
wx-auto &> /dev/null
wx-ssh-sign &> /dev/null
wx-header "Infra"
wx-restricted
@ -164,30 +166,24 @@ wx-infra(){
esac
}
wx-ssh(){
wx-login
wx-install(){
if [[ -z $1 ]]
then
wx-header "Install"
fi
mkdir -p $HOME/.ssh/keys
chmod 700 -R $HOME/.ssh/keys
mkdir -p $HOME/.ssh/multiplex
chmod 700 -R $HOME/.ssh/multiplex
wx-restricted
case $1 in
keys)
wx-ssh-keys $2 $3
;;
config)
wx-ssh-config $2
;;
*)
wx-header "SSH"
wx-stop
;;
esac
}
if [[ -f "./wx" ]] && [[ -d "./src" ]]
then
podman run -it --rm -v "$PWD":/usr/src/myapp -w /usr/src/myapp docker.io/library/php:8-cli php generator.php &> /dev/null
mv wx.tmp wx &> /dev/null
chmod +x wx &> /dev/null
fi
wx-welcome(){
wx-header "Welcome"
mkdir $HOME/bin &> /dev/null
curl https://git.waren.io/warengroup/wx/raw/branch/master/wx -o $HOME/bin/wx &> /dev/null
chmod +x $HOME/bin/wx &> /dev/null
}
wx-login(){
@ -364,45 +360,42 @@ wx-login(){
wx-logout(){
wx-header "Logout"
if [[ $USER != "root" && $USER != "local" && -f "$HOME/.config/warengroup/config.json" ]]
if [[ $USER != "root" && $USER != "local" ]]
then
VAULT_LOGIN=$(cat $HOME/.config/warengroup/config.json | jq -r .login)
if [[ $VAULT_LOGIN != null && $VAULT_LOGIN != "{}" ]]
then
wx-clean
jq '.login = {}' $HOME/.config/warengroup/config.json &> $HOME/.config/warengroup/config.json.tmp
mv $HOME/.config/warengroup/config.json.tmp $HOME/.config/warengroup/config.json &> /dev/null
fi
jq '.login = {}' $HOME/.config/warengroup/config.json &> $HOME/.config/warengroup/config.json.tmp
mv $HOME/.config/warengroup/config.json.tmp $HOME/.config/warengroup/config.json &> /dev/null
fi
}
wx-install(){
if [[ -z $1 ]]
then
wx-header "Install"
fi
wx-restricted
if [[ -f "./wx" ]] && [[ -d "./src" ]]
then
podman run -it --rm -v "$PWD":/usr/src/myapp -w /usr/src/myapp docker.io/library/php:8-cli php generator.php &> /dev/null
mv wx.tmp wx &> /dev/null
chmod +x wx &> /dev/null
fi
mkdir $HOME/bin &> /dev/null
curl https://git.waren.io/warengroup/wx/raw/branch/master/wx -o $HOME/bin/wx &> /dev/null
chmod +x $HOME/bin/wx &> /dev/null
wx-settings(){
wx-login
wx-header "Settings"
}
wx-uninstall(){
wx-header "Uninstall"
wx-logout
if [[ ! -d "$HOME/.config/warengroup" ]]
then
rm "$HOME/.config/warengroup" -rf
fi
wx-ssh(){
wx-login
mkdir -p $HOME/.ssh/keys
chmod 700 -R $HOME/.ssh/keys
mkdir -p $HOME/.ssh/multiplex
chmod 700 -R $HOME/.ssh/multiplex
case $1 in
sign)
wx-ssh-sign
;;
keys)
wx-ssh-keys $2 $3
;;
config)
wx-ssh-config $2
;;
*)
wx-header "SSH"
wx-stop
;;
esac
}
wx-update(){
@ -410,25 +403,8 @@ wx-update(){
wx-install --update
}
wx-auto(){
wx-login
wx-header "Auto"
wx-ssh-config-sync
wx-ssh-keys-sync
wx-ssh-keys-sign
}
wx-clean(){
wx-login
wx-header "Clean"
wx-ssh-config-clean
wx-ssh-keys-clean
}
wx-settings(){
wx-login
wx-header "Settings"
wx-welcome(){
wx-header "Welcome"
}
wx-ssh-config(){
@ -446,9 +422,6 @@ wx-ssh-config(){
sync)
wx-ssh-config-sync
;;
clean)
wx-ssh-config-clean
;;
*)
wx-ssh-config-sync
wx-stop
@ -457,35 +430,24 @@ wx-ssh-config(){
}
wx-ssh-config-edit(){
wx-header "SSH / Config / Edit"
wx-header "SSH / Config"
wx-restricted
nano ~/.ssh/config
}
wx-ssh-config-save(){
wx-header "SSH / Config / Save"
wx-header "SSH / Config"
wx-restricted
curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/config -X POST --header "X-Vault-Token: ${config["login",$ORG]}" -d "{ \"data\": { \"data\": \"$(cat ~/.ssh/config | base64 -w 0)\" } }" -s &> /dev/null
}
wx-ssh-config-sync(){
wx-header "SSH / Config / Sync"
wx-header "SSH / Config"
wx-restricted
VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/config -X GET --header "X-Vault-Token: ${config["login",$ORG]}")
if [[ $VAULT_STATUS -eq 200 ]]
then
echo $(curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/config -X GET --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.data.data') | base64 -d > ~/.ssh/config 2>&1
chmod 700 ~/.ssh/config
fi
}
wx-ssh-config-clean(){
wx-header "SSH / Config / Clean"
wx-restricted
VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/config -X GET --header "X-Vault-Token: ${config["login",$ORG]}")
if [[ -f "$HOME/.ssh/config" && $VAULT_STATUS -eq 200 ]]
then
rm "$HOME/.ssh/config"
fi
}
@ -498,9 +460,6 @@ wx-ssh-keys(){
wx-ssh-keys-generate $2
wx-ssh-keys-save $2
;;
sign)
wx-ssh-keys-sign
;;
retrieve)
wx-ssh-keys-retrieve $2
;;
@ -511,19 +470,17 @@ wx-ssh-keys(){
wx-ssh-keys-sync $2
;;
delete)
wx-ssh-keys-delete $2
;;
clean)
wx-ssh-keys-clean $2
wx-ssh-keys-remove $2
;;
*)
wx-ssh-keys-sync
wx-stop
;;
esac
}
wx-ssh-keys-generate(){
wx-header "SSH / Keys / Generate"
wx-header "SSH / Keys"
wx-restricted
if [[ ! -z $1 ]]
then
@ -534,25 +491,57 @@ wx-ssh-keys-generate(){
fi
}
wx-ssh-keys-sign(){
wx-header "SSH / Keys / Sign"
wx-ssh-keys-retrieve(){
wx-header "SSH / Keys"
wx-restricted
if [[ ! -z $1 ]]
then
VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/keys/$1 -X GET --header "X-Vault-Token: ${config["login",$ORG]}")
if [[ $VAULT_STATUS -eq 200 ]]
then
echo $(curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/keys/$1 -X GET --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.data.private') | base64 -d > ~/.ssh/keys/$1 2>&1
echo $(curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/keys/$1 -X GET --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.data.public') | base64 -d > ~/.ssh/keys/$1.pub 2>&1
fi
fi
}
wx-ssh-keys-save(){
wx-header "SSH / Keys"
wx-restricted
if [[ ! -z $1 ]]
then
if [[ -f "$HOME/.ssh/keys/$1" ]]
then
curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/keys/$1 -X POST --header "X-Vault-Token: ${config["login",$ORG]}" -d "{ \"data\": { \"private\": \"$(cat ~/.ssh/keys/$1 | base64 -w 0)\", \"public\": \"$(cat ~/.ssh/keys/$1.pub | base64 -w 0)\" } }" -s &> /dev/null
fi
fi
}
wx-ssh-keys-sync(){
wx-header "SSH / Keys"
wx-restricted
echo ""
}
wx-ssh-sign(){
wx-header "SSH / Sign"
wx-restricted
if [[ $ORG == "warengroup" ]]
then
wx-ssh-keys-sign-create warengroup sysadmin 3600
wx-ssh-sign-create warengroup sysadmin 3600
elif [[ $ORG == "cwinfo" ]]
then
wx-ssh-keys-sign-create cwinfo sysadmin 3600
wx-ssh-sign-create cwinfo sysadmin 3600
elif [[ $ORG == "cwchristerw" ]]
then
wx-ssh-keys-sign-create warengroup sysadmin 3600
wx-ssh-keys-sign-create cwinfo sysadmin 3600
wx-ssh-keys-sign-create cwchristerw sysadmin 3600
wx-ssh-sign-create warengroup sysadmin 3600
wx-ssh-sign-create cwinfo sysadmin 3600
wx-ssh-sign-create cwchristerw sysadmin 3600
fi
}
wx-ssh-keys-sign-create(){
wx-ssh-sign-create(){
wx-restricted
NAME=$1
@ -572,91 +561,6 @@ wx-ssh-keys-sign-create(){
fi
}
wx-ssh-keys-retrieve(){
if [[ -z $2 ]]
then
wx-header "SSH / Keys / Retrieve"
fi
wx-restricted
if [[ ! -z $1 ]]
then
VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/keys/$1 -X GET --header "X-Vault-Token: ${config["login",$ORG]}")
if [[ $VAULT_STATUS -eq 200 ]]
then
echo $(curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/keys/$1 -X GET --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.data.private') | base64 -d > ~/.ssh/keys/$1 2>&1
echo $(curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/keys/$1 -X GET --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.data.public') | base64 -d > ~/.ssh/keys/$1.pub 2>&1
fi
fi
}
wx-ssh-keys-save(){
wx-header "SSH / Keys / Save"
wx-restricted
if [[ ! -z $1 ]]
then
if [[ -f "$HOME/.ssh/keys/$1" ]]
then
curl https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/keys/$1 -X POST --header "X-Vault-Token: ${config["login",$ORG]}" -d "{ \"data\": { \"private\": \"$(cat ~/.ssh/keys/$1 | base64 -w 0)\", \"public\": \"$(cat ~/.ssh/keys/$1.pub | base64 -w 0)\" } }" -s &> /dev/null
fi
fi
}
wx-ssh-keys-sync(){
wx-header "SSH / Keys / Sync"
wx-restricted
VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/cli/metadata/$USERNAME/settings/ssh/keys -X LIST --header "X-Vault-Token: ${config["login",$ORG]}")
if [[ $VAULT_STATUS -eq 200 ]]
then
for name in $(curl https://$VAULT_DOMAIN/v1/cli/metadata/$USERNAME/settings/ssh/keys -X LIST --header "X-Vault-Token: ${config["login",$ORG]}" -s | jq -r '.data.keys | @sh' | tr -d \')
do
echo $name
wx-ssh-keys-retrieve $name --multiple
done
fi
}
wx-ssh-keys-clean(){
if [[ -z $1 ]]
then
wx-header "SSH / Keys / Clean"
fi
wx-restricted
if [[ ! -z $1 ]]
then
if [[ -f "$HOME/.ssh/keys/$1" && $(basename "$HOME/.ssh/keys/$1") != "legacy" ]]
then
rm "$HOME/.ssh/keys/$1" &> /dev/null
rm "$HOME/.ssh/keys/$1.pub" &> /dev/null
rm "$HOME/.ssh/keys/$1.sig" &> /dev/null
fi
else
if [[ $ORG == "warengroup" ]]
then
wx-ssh-keys-clean warengroup
elif [[ $ORG == "cwinfo" ]]
then
wx-ssh-keys-clean cwinfo
elif [[ $ORG == "cwchristerw" ]]
then
wx-ssh-keys-clean warengroup
wx-ssh-keys-clean cwinfo
wx-ssh-keys-clean cwchristerw
fi
for file in ~/.ssh/keys/*
do
VAULT_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://$VAULT_DOMAIN/v1/cli/data/$USERNAME/settings/ssh/keys/$(basename "$file" .pub) -X GET --header "X-Vault-Token: ${config["login",$ORG]}")
if [[ $(basename "$file") != "legacy" && $VAULT_STATUS -eq 200 ]]
then
rm "$file" &> /dev/null
fi
done
fi
}
if [[ ! -z $1 ]] && [[ $(type -t wx-$1) == function ]]
then