remote-config

Remote administration scripts for Arch Linux
git clone git://git.danielmoch.com/remote-config.git
Log | Files | Refs
commit 0dd25108de1a62e611116b0a28100549f96dc531
parent 3895ea85fa0778ce63baf1e0282214a5c9bb9f1b
Author: Daniel Moch <daniel@danielmoch.com>
Date:   Fri,  8 Feb 2019 15:26:34 -0500

Add support for secrets

Diffstat:

MMakefile | 6+++++-


Mremotecfg.in | 41++++++++++++++++++++++++++++++++++++-----


2 files changed, 41 insertions(+), 6 deletions(-)

diff --git a/Makefile b/Makefile
@@ -5,7 +5,11 @@ BIN:=/usr/bin
 
 install: remotecfg
 	install -Dm755 remotecfg ${BIN}
-	install -Dm644 common.sh ${LIB}
+	install -Dm644 common.sh ${LIB}/common.sh
+
+uninstall:
+	rm ${BIN}/remotecfg
+	rm -rf ${LIB}
 
 remotecfg: remotecfg.in
 	sed "s#{{ prefix }}#${LIB}#" remotecfg.in > remotecfg
diff --git a/remotecfg.in b/remotecfg.in
@@ -36,7 +36,12 @@ read_secret()
 
 message()
 {
-	printf '\033[1;32m==> \033[1;37m%s\033[0m\n' "$1"
+	if [ -t 1 ]
+	then
+		printf '\033[1;32m==> \033[1;37m%s\033[0m\n' "$1"
+	else
+		echo $1
+	fi
 }
 
 if [ -n "$sudo" ]
@@ -45,20 +50,45 @@ then
 	read_secret password
 fi
 
+message "Staging files for transfer"
+mkdir transfer
+cp -r files/$config/* transfer
+
+if [ -f secrets/$config ]
+then
+	secrets=1
+	message "Decrypting secrets"
+	gpg --quiet --output transfer/secrets --decrypt secrets/$config
+
+	if [ -d templates/$config ]
+	then
+		. transfer/secrets
+		for f in `find templates/$config -type f`
+		do
+			file=`echo $f | sed "s#templates/$config/##"`
+			sedcmd=`head -n1 $f`
+			eval sedcmd=$sedcmd
+			cat $f | awk 'BEGIN{getline}{print}' | sed $sedcmd > transfer/$file
+		done
+	fi
+fi
+
 message "Creating remote command"
-cat <<-EOF > files/$config/cmd
+cat <<-EOF > transfer/cmd
 	#!/bin/sh
 	exec 2>&1
+	[ -f secrets ] && . secrets
 	`cat {{ prefix }}/common.sh`
 	remotenum=$$
 	`cat remote/$config`
 EOF
-chmod a+x files/$config/cmd
+chmod a+x transfer/cmd
+
 message "Creating remote temporary directory"
 ssh -T $host mkdir /tmp/remote.$$
+
 message "Recursively copying files/$config to $host"
-scp -r files/$config/* $host:/tmp/remote.$$/ > /dev/null 2>&1
-rm files/$config/cmd
+scp -r transfer/* $host:/tmp/remote.$$/ > /dev/null 2>&1
 
 message "Running remote command"
 if [ -n "$sudo" ]
@@ -70,3 +100,4 @@ fi
 
 message "Cleaning up"
 ssh -T $host rm -r /tmp/remote.$$
+rm -r transfer