remote-config

Remote administration scripts for Arch Linux
git clone git://git.danielmoch.com/remote-config.git
Log | Files | Refs

commit 0dd25108de1a62e611116b0a28100549f96dc531
parent 3895ea85fa0778ce63baf1e0282214a5c9bb9f1b
Author: Daniel Moch <daniel@danielmoch.com>
Date:   Fri,  8 Feb 2019 15:26:34 -0500

Add support for secrets

Diffstat:
MMakefile | 6+++++-
Mremotecfg.in | 41++++++++++++++++++++++++++++++++++++-----
2 files changed, 41 insertions(+), 6 deletions(-)

diff --git a/Makefile b/Makefile @@ -5,7 +5,11 @@ BIN:=/usr/bin install: remotecfg install -Dm755 remotecfg ${BIN} - install -Dm644 common.sh ${LIB} + install -Dm644 common.sh ${LIB}/common.sh + +uninstall: + rm ${BIN}/remotecfg + rm -rf ${LIB} remotecfg: remotecfg.in sed "s#{{ prefix }}#${LIB}#" remotecfg.in > remotecfg diff --git a/remotecfg.in b/remotecfg.in @@ -36,7 +36,12 @@ read_secret() message() { - printf '\033[1;32m==> \033[1;37m%s\033[0m\n' "$1" + if [ -t 1 ] + then + printf '\033[1;32m==> \033[1;37m%s\033[0m\n' "$1" + else + echo $1 + fi } if [ -n "$sudo" ] @@ -45,20 +50,45 @@ then read_secret password fi +message "Staging files for transfer" +mkdir transfer +cp -r files/$config/* transfer + +if [ -f secrets/$config ] +then + secrets=1 + message "Decrypting secrets" + gpg --quiet --output transfer/secrets --decrypt secrets/$config + + if [ -d templates/$config ] + then + . transfer/secrets + for f in `find templates/$config -type f` + do + file=`echo $f | sed "s#templates/$config/##"` + sedcmd=`head -n1 $f` + eval sedcmd=$sedcmd + cat $f | awk 'BEGIN{getline}{print}' | sed $sedcmd > transfer/$file + done + fi +fi + message "Creating remote command" -cat <<-EOF > files/$config/cmd +cat <<-EOF > transfer/cmd #!/bin/sh exec 2>&1 + [ -f secrets ] && . secrets `cat {{ prefix }}/common.sh` remotenum=$$ `cat remote/$config` EOF -chmod a+x files/$config/cmd +chmod a+x transfer/cmd + message "Creating remote temporary directory" ssh -T $host mkdir /tmp/remote.$$ + message "Recursively copying files/$config to $host" -scp -r files/$config/* $host:/tmp/remote.$$/ > /dev/null 2>&1 -rm files/$config/cmd +scp -r transfer/* $host:/tmp/remote.$$/ > /dev/null 2>&1 message "Running remote command" if [ -n "$sudo" ] @@ -70,3 +100,4 @@ fi message "Cleaning up" ssh -T $host rm -r /tmp/remote.$$ +rm -r transfer