aboutsummaryrefslogtreecommitdiff
path: root/scripts
diff options
context:
space:
mode:
authorKarel Kočí <cynerd@email.cz>2017-09-20 21:19:05 +0200
committerKarel Kočí <cynerd@email.cz>2017-09-20 21:22:36 +0200
commitf287ecedc78c0cc8fb485c5995b8d1cfae9f0fe8 (patch)
tree5025b33a8c3d4c69ad2b62e1169b669c56f712f9 /scripts
parent65f52ead41dc6df73671ddd3a8c6a2edecb6dfb3 (diff)
downloadmulticonfig-complicated.tar.gz
multiconfig-complicated.tar.bz2
multiconfig-complicated.zip
Commit current statecomplicated
Diffstat (limited to 'scripts')
-rwxr-xr-xscripts/encrypt_file.sh12
-rw-r--r--scripts/multiconfig-cron.sh2
-rwxr-xr-xscripts/multiconfig.sh73
-rwxr-xr-xscripts/setup.sh38
4 files changed, 125 insertions, 0 deletions
diff --git a/scripts/encrypt_file.sh b/scripts/encrypt_file.sh
new file mode 100755
index 0000000..cee8c86
--- /dev/null
+++ b/scripts/encrypt_file.sh
@@ -0,0 +1,12 @@
+#!/bin/sh
+set -e
+
+F="$(readlink -f "$1")"
+
+cd "$(dirname "$0")/.."
+
+TMP="$(mktemp)"
+KEY="$(gpg2 --decrypt files/keys/primary.gpg)"
+
+PASS_ENC="$KEY" openssl aes-192-cbc -e -a -pass env:PASS_ENC -in "$F" -out "$TMP"
+mv "$TMP" "$F"
diff --git a/scripts/multiconfig-cron.sh b/scripts/multiconfig-cron.sh
new file mode 100644
index 0000000..97bd82d
--- /dev/null
+++ b/scripts/multiconfig-cron.sh
@@ -0,0 +1,2 @@
+#!/bin/sh
+/usr/local/bin/multiconfig.sh --syslog -v -v
diff --git a/scripts/multiconfig.sh b/scripts/multiconfig.sh
new file mode 100755
index 0000000..1519e48
--- /dev/null
+++ b/scripts/multiconfig.sh
@@ -0,0 +1,73 @@
+#!/bin/sh
+set -e
+
+ARGS=""
+LOCAL=false
+SYSLOG=false
+
+# TODO email notifications
+
+while [ $# -gt 0 ]; do
+ case "$1" in
+ -h|--help)
+ echo "Multiconfig system call script"
+ echo "Usage: multiconfig.sh [OPTION]..."
+ echo
+ echo "Options:"
+ echo "--local - Use current working directory as multiconfig source."
+ echo "--syslog - pipe output to syslog"
+ echo "Passed options:"
+ echo "--verbose - Make output more verbose"
+ echo "--quiet - Make output more quiet"
+ echo "--operation OPT - run only given operation"
+ exit 0
+ ;;
+ --verbose|-v|--quiet|-q)
+ ARGS="$ARGS $1"
+ ;;
+ --operation|-o)
+ ARGS="$ARGS $1 $2"
+ shift
+ ;;
+ --local)
+ LOCAL=true
+ ;;
+ --syslog)
+ SYSLOG=true
+ ;;
+ esac
+ shift
+done
+
+[ "$(id -u)" == 0 ] || {
+ echo "Please run this script only as root."
+ exit 1
+}
+
+PREFIX="/root/.multiconfig"
+
+# Check if we have key
+if [ ! -f "$PREFIX/key" ]; then
+ echo "Key is not in expected path. Please setup this host for multiconfig."
+ exit 1
+fi
+
+# TODO check key access rights
+
+if ! $LOCAL; then
+ if [ -d "$PREFIX/repo" ]; then
+ true
+ # TODO git clone
+ fi
+ cd "$PREFIX/repo"
+ # Pull git repository
+ git fetch
+ git reset --hard origin/master
+ git clean -xdf
+fi
+
+# TODO check repository signature
+
+CMD="./run.sh --key $PREFIX/key $ARGS"
+# Run command
+$CMD
diff --git a/scripts/setup.sh b/scripts/setup.sh
new file mode 100755
index 0000000..5ca4211
--- /dev/null
+++ b/scripts/setup.sh
@@ -0,0 +1,38 @@
+#!/bin/sh
+set -e
+
+while [ $# -gt 0 ]; do
+ case "$1" in
+ -h|--help)
+ echo "Multiconfig system setup script"
+ echo "Usage: setup.sh"
+ exit 0
+ ;;
+ esac
+ shift
+done
+
+# Move to multiconfig root
+cd "$(dirname "$(dirname "$(readlink -f "$1")")")"
+
+PREFIX="/root/.multiconfig"
+
+echo "Creating directory $PREFIX"
+sudo mkdir -p "$PREFIX"
+
+# Manage new key
+echo "Generating new key for this host"
+KEY="$(tr -dc A-Za-z0-9_ < /dev/urandom | head -c 128 | xargs)"
+sudo -- sh -c "echo -n '$KEY' > '$PREFIX/key'"
+# TODO setup access rights
+
+echo -n "$KEY" > wkey
+FKEY="files/keys/$(hostname)"
+echo "Writing key to repository"
+gpg2 --decrypt files/keys/primary.gpg | \
+ openssl aes-192-cbc -e -a -kfile wkey -out "$FKEY"
+rm -f wkey
+echo "Don't forget to add key to git!"
+
+# Deploy multiconfig script
+sudo cp scripts/multiconfig.sh /usr/local/bin/multiconfig.sh