diff options
Diffstat (limited to 'os/runners/bash/sshtool')
| -rwxr-xr-x | os/runners/bash/sshtool | 109 |
1 files changed, 109 insertions, 0 deletions
diff --git a/os/runners/bash/sshtool b/os/runners/bash/sshtool new file mode 100755 index 0000000..58b00ef --- /dev/null +++ b/os/runners/bash/sshtool @@ -0,0 +1,109 @@ +#!/usr/bin/env bash + +cd $(dirname $0) + +CMDFILE="$1" +shift 1 + +CLUSTER="$1" +if [ -z "$CLUSTER" ] || [ ! -d "cluster/$CLUSTER" ]; then + echo "Usage: $CMDFILE <cluster name>" + echo "The cluster name must be the name of a subdirectory of cluster/" + exit 1 +fi +shift 1 + +if [ -z "$1" ]; then + NIXHOSTLIST=$(ls cluster/$CLUSTER/node | grep -v '\.site\.') +else + NIXHOSTLIST="$@" +fi + +if [ -z "$ROOT_PASS" ]; then + read -s -p "Enter remote sudo password: " ROOT_PASS + echo +fi + +SSH_CONFIG=cluster/$CLUSTER/ssh_config + +function header { + cat <<EOF +export DEPLOYTOOL_ROOT_PASSWORD=$ROOT_PASS +cat > /tmp/deploytool_askpass <<EOG +#!/usr/bin/env sh +echo \$DEPLOYTOOL_ROOT_PASSWORD +EOG +chmod +x /tmp/deploytool_askpass +export SUDO_ASKPASS=/tmp/deploytool_askpass +sudo -A sh - <<'EOEVERYTHING' +EOF +} + +function footer { + echo EOEVERYTHING +} + +function message { + echo "echo '$@'" +} + +function cmd { + echo "echo '- run $@'" + echo "$@" +} + +function set_env { + echo "echo '- set $@'" + echo "export $@" +} + +function copy { + local FROM=$1 + local TO=$2 + cat <<EOF +echo '- write $TO from $FROM' +base64 -d <<EOG | tee $TO > /dev/null +$(base64 <$FROM) +EOG +EOF +} + +function copy_secret { + local FROM=$1 + local TO=$2 + cat <<EOF +echo '- write secret $TO from $FROM' +base64 -d <<EOG | tee $TO > /dev/null +$(base64 <$FROM) +EOG +chown root:root $TO +chmod 0600 $TO +EOF +} + +function write_pass { + local PASSKEY=$1 + local TO=$2 + cat <<EOF +echo '- write secret $TO from pass $PASSKEY' +base64 -d <<EOG | tee $TO > /dev/null +$(pass $PASSKEY | base64) +EOG +chown root:root $TO +chmod 0600 $TO +EOF +} + +for NIXHOST in $NIXHOSTLIST; do + NIXHOST=${NIXHOST%.*} + + if [ -z "$SSH_USER" ]; then + SSH_DEST=$NIXHOST + else + SSH_DEST=$SSH_USER@$NIXHOST + fi + + echo "==== DOING $NIXHOST ====" + + (header; . $CMDFILE; footer) | ssh -F $SSH_CONFIG $SSH_DEST sh - +done |