remote-config

Remote administration scripts for Arch Linux
git clone git://git.danielmoch.com/remote-config.git
Log | Files | Refs

commit c79aabe6d246f934c9cc7c3cd8eace12d65b1ce5
Author: Daniel Moch <daniel@danielmoch.com>
Date:   Fri,  8 Feb 2019 12:55:34 -0500

Initial commit

Diffstat:
A.gitignore | 1+
AMakefile | 14++++++++++++++
Acommon.sh | 64++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Aremotecfg.in | 72++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
4 files changed, 151 insertions(+), 0 deletions(-)

diff --git a/.gitignore b/.gitignore @@ -0,0 +1 @@ +remotecfg diff --git a/Makefile b/Makefile @@ -0,0 +1,14 @@ +.PHONY: install +.DEFAULT_GOAL := remotecfg +LIB:=/usr/lib/remotecfg +BIN:=/usr/bin + +install: remotecfg + install -Dm644 remotecfg ${BIN} + install -Dm644 common.sh ${LIB} + +remotecfg: remotecfg.in + sed "s#{{ prefix }}#${LIB}#" remotecfg.in > remotecfg + +clean: + -rm remotecfg diff --git a/common.sh b/common.sh @@ -0,0 +1,64 @@ +# +# common.sh +# +# This file contains utility functions and is sourced by remote scripts +compare() +{ + one=`sha1sum /tmp/remote.$remotenum/$1 | awk '{print $1}'` + two=`sha1sum $2 | awk '{print $1}'` + + if [ "$one" = "$two" ] + then + return 0 + else + return 1 + fi +} + +redeploy() +{ + cp /tmp/remote.$remotenum/$1 $2 + chown `id -un`:`id -gn` $2 + if [ -n "$3" ] + then + if [ -z "$restart" ] + then + restart=$3 + else + echo $restart | grep $3 || restart="$restart $3" + fi + fi +} + +restart_services() +{ + if [ -n "$restart" ] + then + echo "Restarting services: $restart" + set -- $restart + systemctl restart "$@" + fi +} + +install_packages() +{ + for package + do + if ! pacman -Q $package > /dev/null 2>&1 + then + if [ -z "$packages" ] + then + packages=package + else + packages="$packages $package" + fi + fi + done + + if [ -n "$packages" ] + then + echo "Installing packages: $packages" + set -- $packages + pacman -S --noconfirm "$@" + fi +} diff --git a/remotecfg.in b/remotecfg.in @@ -0,0 +1,72 @@ +#!/bin/sh +if [ "$1" = "-s" ] +then + sudo=1 + host=$2 + config=$3 +else + host=$1 + config=$2 +fi + +# Read secret string +# This function cribbed from: +# https://stackoverflow.com/questions/3980668/how-to-get-a-password-from-a-shell-script-without-echoing +read_secret() +{ + # Disable echo. + stty -echo + + # Set up trap to ensure echo is enabled before exiting if the script + # is terminated while echo is disabled. + trap 'stty echo' EXIT + + # Read secret. + read "$@" + + # Enable echo. + stty echo + trap - EXIT + + # Print a newline because the newline entered by the user after + # entering the passcode is not echoed. This ensures that the + # next line of output begins at a new line. + echo +} + +message() +{ + printf '\033[1;32m==> \033[1;37m%s\033[0m\n' "$1" +} + +if [ -n "$sudo" ] +then + echo -n "SUDO Password: " + read_secret password +fi + +message "Creating remote command" +cat <<-EOF > files/$config/cmd + #!/bin/sh + exec 2>&1 + `cat {{ prefix }}/common.sh` + remotenum=$$ + `cat remote/$config` +EOF +chmod a+x files/$config/cmd +message "Creating remote temporary directory" +ssh -T $host mkdir /tmp/remote.$$ +message "Recursively copying files/$config to $host" +scp -r files/$config/* $host:/tmp/remote.$$/ > /dev/null 2>&1 +rm files/$config/cmd + +message "Running remote command" +if [ -n "$sudo" ] +then + ssh -T $host "echo -n \"$password\" | sudo -S /tmp/remote.$$/cmd 2>/dev/null" +else + ssh -T $host /tmp/remote.$$/cmd +fi + +message "Cleaning up" +ssh -T $host rm -r /tmp/remote.$$