diff options
author | Karel Kočí <cynerd@email.cz> | 2017-09-18 23:13:31 +0200 |
---|---|---|
committer | Karel Kočí <cynerd@email.cz> | 2017-09-18 23:13:31 +0200 |
commit | dd30417fdba18a97945459b29e88cbbedb07874c (patch) | |
tree | a87b8dc76ab4b7ea5298bb55dc9abb9b6cc7fb25 | |
parent | 3370e45b1c4a6c476827e9467fb1d313bb9a2319 (diff) | |
download | myconfigs-dd30417fdba18a97945459b29e88cbbedb07874c.tar.gz myconfigs-dd30417fdba18a97945459b29e88cbbedb07874c.tar.bz2 myconfigs-dd30417fdba18a97945459b29e88cbbedb07874c.zip |
Add openvpn to usbkey
-rw-r--r-- | bash_completions/usbkey | 11 | ||||
-rwxr-xr-x | local/bin/usbkey | 63 | ||||
-rw-r--r-- | zsh_completions/usbkey | 17 |
3 files changed, 72 insertions, 19 deletions
diff --git a/bash_completions/usbkey b/bash_completions/usbkey index 10cb0b9..acd6877 100644 --- a/bash_completions/usbkey +++ b/bash_completions/usbkey @@ -22,11 +22,20 @@ _usbkey() { done COMPREPLY+=($(compgen -W "${keys}" -- ${cur})) ;; + openvpn-get) + [ -d "/media/usbkey/openvpn" ] || return + local certs + for F in $(find "/media/usbkey/openvpn" -name 'ca.crt' -o -name '*.crt' -print); do + F="${F#/media/usbkey/openvpn/}" + certs="$certs ${F%.crt}" + done + COMPREPLY+=($(compgen -W "${certs}" -- ${cur})) + ;; esac else local ops="-h --help mount sync" if _usbkey_mounted; then - ops="$ops unmount ssh-list ssh-generate ssh-import" + ops="$ops unmount gpg-import ssh-list ssh-generate ssh-import openvpn-list openvpn-get openvpn-generate" fi COMPREPLY+=($(compgen -W "${ops}" -- ${cur})) fi diff --git a/local/bin/usbkey b/local/bin/usbkey index 3fe7336..85eff7f 100755 --- a/local/bin/usbkey +++ b/local/bin/usbkey @@ -97,7 +97,7 @@ ssh_list() { done } -check_ssh_nane() { +check_name() { if [ -z "$NAME" ]; then echo "You have to specify key name!" >&2 exit 1 @@ -105,8 +105,8 @@ check_ssh_nane() { } op_ssh_generate() { + check_name check_mount || op_mount - check_ssh_nane if [ -f "$MOUNT_PATH/ssh/$NAME" ]; then echo "Key $NAME seems to already exists." >&2 exit 1 @@ -119,8 +119,8 @@ op_ssh_generate() { } op_ssh_import() { + check_name check_mount || op_mount - check_ssh_nane if [ -f "$MOUNT_PATH/ssh/$NAME" ] && [ -f "$MOUNT_PATH/ssh/$NAME.pub" ]; then echo "There is no key named $NAME" >&2 exit 1 @@ -131,19 +131,51 @@ op_ssh_import() { echo "SSH key $NAME copied to local .ssh directory." >&2 } +# Note OpenVPN: CA generated using following command +# openssl req -nodes -new -x509 -keyout ca.key -out ca.crt -config openssl.cnf + op_openvpn_list() { check_mount || op_mount - # TODO + for KEY in $(find "$MOUNT_PATH/openvpn" -name 'ca.crt' -o -name '*.crt' -print); do + local N="${KEY#$MOUNT_PATH/openvpn/}" + echo "${N%.crt}" + done } op_openvpn_get() { + check_name check_mount || op_mount - # TODO + if [ ! -f "$MOUNT_PATH/openvpn/$NAME.key" ] || [ ! -f "$MOUNT_PATH/openvpn/$NAME.crt" ]; then + echo "There is no OpenVPN key $NAME" >&2 + exit 1 + fi + mkdir "openvpn-$NAME" + cp "$MOUNT_PATH/openvpn/$NAME.key" "openvpn-$NAME/" + cp "$MOUNT_PATH/openvpn/$NAME.crl" "openvpn-$NAME/" + cp "$MOUNT_PATH/openvpn/ca.crt" "openvpn-$NAME/" + cp "$MOUNT_PATH/openvpn/ta.key" "openvpn-$NAME/" + + echo "OpenVPN key $NAME copied to openvpn-$NAME directory." >&2 } op_openvpn_generate() { + check_name check_mount || op_mount - # TODO + if [ -f "$MOUNT_PATH/openvpn/$NAME.key" ] && [ -f "$MOUNT_PATH/openvpn/$NAME.crt" ]; then + echo "OpenVPN key $NAME seems to already exists" >&2 + exit 1 + fi + ( + cd "$MOUNT_PATH/openvpn" + # Build request + openssl req -batch -days 3650 -nodes -new -config "openssl.cnf" \ + -keyout "$NAME.key" -out "$NAME.csr" + # Sign request + openssl ca -days 3650 -config "openssl.cnf" \ + -out "$NAME.crt" -in "$NAME.csr" + ) + + echo "OpenVPN key $NAME was generated." >&2 } @@ -164,13 +196,13 @@ case "$1" in echo " gpg-import: Import gpg key" echo " ssh-import: Import ssh key" echo " ssh-generate: Generate new ssh key" - echo " ssh-list: List all keys in store" - echo " openvpn-list: List all keys" - echo " openvpn-get: Get keys for some host" - echo " openvpn-generate: Generate key for new host" + echo " ssh-list: List all ssh keys in store" + echo " openvpn-list: List all openvpn keys" + echo " openvpn-get: Get openvpn keys for some host" + echo " openvpn-generate: Generate openvpn key for new host" exit 0 ;; - mount|unmount|sync|gpg-import|ssh-import|ssh-generate|ssh-list|openvpn-get|openvpn-generate) + mount|unmount|sync|gpg-import|ssh-import|ssh-generate|ssh-list|openvpn-list|openvpn-get|openvpn-generate) OPERATION="$1" ;; *) @@ -184,10 +216,10 @@ while [ $# -gt 0 ]; do -h|--help) echo "Usb key manager" case "$OPERATION" in - mount|unmount|sync) + mount|unmount|sync|ssh-list|openvn-list) echo "Usage: usbkey $OPERATION [-h]" ;; - ssh-*) + ssh-*|openvpn-*) echo "Usage: usbkey $OPERATION NAME [-h]" ;; # TODO @@ -195,7 +227,10 @@ while [ $# -gt 0 ]; do exit 0 ;; *) - if [[ "$OPERATION" = ssh-* ]] && [ -z "$NAME" ]; then + if [ -z "$NAME" ] && \ + [ "$OPERATION" = "ssh-import" -o "$OPERATION" = "ssh-generate" -o \ + "$OPERATION" = "openvpn-get" -o "$OPERATION" = "openvpn-generate" ] \ + ; then NAME="$1" else unknown_argument "$1" diff --git a/zsh_completions/usbkey b/zsh_completions/usbkey index 0de1375..eada8f6 100644 --- a/zsh_completions/usbkey +++ b/zsh_completions/usbkey @@ -21,6 +21,15 @@ _usbkey () { done _describe -t keys 'usbkey' keys ;; + openvpn-get) + [ -d "/media/usbkey/openvpn" ] || return + local certs=() + for F in $(find "/media/usbkey/openvpn" -name 'ca.crt' -o -name '*.crt' -print); do + F="${F#/media/usbkey/openvpn/}" + certs+=("${F%.crt}") + done + _describe -t certificates 'usbkey' certs + ;; # TODO esac else @@ -34,10 +43,10 @@ _usbkey () { "gpg-import:Import gpg key" "ssh-import:Import ssh key" "ssh-generate:Generate new ssh key" - "ssh-list:List all keys in store" - "openvpn-list:List all keys" - "openvpn-get:Get keys for some host" - "openvpn-generate:Generate key for new host" + "ssh-list:List all SSH keys in store" + "openvpn-list:List all OpenVPN keys" + "openvpn-get:Get OpenVPN keys for some host" + "openvpn-generate:Generate OpenVPN key for new host" ) fi _describe -t operations 'usbkey' operations |