234 lines
5 KiB
Python
Executable file
234 lines
5 KiB
Python
Executable file
import sys as _sys
|
|
import os as _os
|
|
import json as _json
|
|
import shutil as _shutil
|
|
import argparse as _argparse
|
|
|
|
import helpers.misc as __helpers_misc
|
|
import helpers.ssh as __helpers_ssh
|
|
import helpers.keepass as __helpers_keepass
|
|
|
|
|
|
def action_init(
|
|
source_directory
|
|
):
|
|
keepass_db_path = _os.path.join(source_directory, "private_keys.kdbx")
|
|
keepass_authfile_path = _os.path.join(source_directory, "private_keys.keyx")
|
|
__helpers_misc.directory_create(source_directory)
|
|
__helpers_misc.shell_exec(
|
|
__helpers_misc.string_coin(
|
|
"openssl rand -out {{authfile_path}} 256",
|
|
{
|
|
"authfile_path": keepass_authfile_path,
|
|
}
|
|
)
|
|
)
|
|
__helpers_keepass.action_db_create(
|
|
keepass_db_path,
|
|
{
|
|
"key_file": keepass_authfile_path,
|
|
}
|
|
)
|
|
|
|
|
|
def action_key_add(
|
|
source_directory,
|
|
group,
|
|
name
|
|
):
|
|
directory_key = _os.path.join(source_directory, group, "keys")
|
|
path_key_private = _os.path.join(directory_key, name)
|
|
path_key_public = ("%s.pub" % path_key_private)
|
|
__helpers_misc.directory_create(directory_key)
|
|
## generate
|
|
__helpers_misc.shell_exec(
|
|
__helpers_misc.string_coin(
|
|
"ssh-keygen -t {{encryption_type}} -f {{path}}",
|
|
{
|
|
"encryption_type": "ed25519",
|
|
"path": path_key_private,
|
|
}
|
|
)
|
|
)
|
|
## transfer private key to keepass database
|
|
if True:
|
|
keepass_db_path = _os.path.join(source_directory, "private_keys.kdbx")
|
|
keepass_authfile_path = _os.path.join(source_directory, "private_keys.keyx")
|
|
__helpers_keepass.action_mkdir(
|
|
keepass_db_path,
|
|
group,
|
|
{
|
|
"key_file": keepass_authfile_path,
|
|
}
|
|
)
|
|
__helpers_keepass.action_add(
|
|
keepass_db_path,
|
|
group,
|
|
name,
|
|
{
|
|
"key_file": keepass_authfile_path,
|
|
}
|
|
)
|
|
__helpers_keepass.action_attachment_import(
|
|
keepass_db_path,
|
|
group,
|
|
name,
|
|
'ssh private key',
|
|
path_key_private,
|
|
{
|
|
"key_file": keepass_authfile_path,
|
|
}
|
|
)
|
|
## remove private key file
|
|
__helpers_misc.shell_exec(
|
|
__helpers_misc.string_coin(
|
|
"rm --force {{path}}",
|
|
{
|
|
"path": path_key_private,
|
|
}
|
|
)
|
|
)
|
|
|
|
def action_key_remove(
|
|
source_directory,
|
|
group,
|
|
name
|
|
):
|
|
path_key_private = _os.path.join(source_directory, group, "keys", name)
|
|
path_key_public = ("%s.pub" % path_key_private)
|
|
## remove private key from keepass database
|
|
if True:
|
|
keepass_db_path = _os.path.join(source_directory, "private_keys.kdbx")
|
|
keepass_authfile_path = _os.path.join(source_directory, "private_keys.keyx")
|
|
__helpers_keepass.action_rm(
|
|
keepass_db_path,
|
|
group,
|
|
name,
|
|
{
|
|
"key_file": keepass_authfile_path,
|
|
}
|
|
)
|
|
## remove public key file
|
|
__helpers_misc.shell_exec(
|
|
__helpers_misc.string_coin(
|
|
"rm --force {{path}}",
|
|
{
|
|
"path": path_key_public,
|
|
}
|
|
)
|
|
)
|
|
|
|
|
|
'''
|
|
todo: backup (see old put script)
|
|
'''
|
|
def action_put(
|
|
source_directory,
|
|
target_directory
|
|
):
|
|
sshconf = ""
|
|
for group in _os.listdir(source_directory):
|
|
conf_path = _os.path.join(source_directory, group, "conf.json")
|
|
conf_content = __helpers_misc.file_read(conf_path)
|
|
conf_data = _json.loads(conf_content)
|
|
# conf
|
|
if True:
|
|
sshconf = (sshconf + "\n" + __helpers_ssh.sshconf_encode(conf_data))
|
|
# public keys
|
|
if True:
|
|
__helpers_misc.directory_create(target_directory)
|
|
for name in _os.listdir(_os.path.join(source_directory, group, "keys")):
|
|
_shutil.copy(
|
|
_os.path.join(source_directory, group, "keys", name),
|
|
_os.path.join(target_directory, "%s%s" % (conf_data["settings"]["prefix"], name, ))
|
|
)
|
|
# private keys
|
|
if True:
|
|
keepass_db_path = _os.path.join(source_directory, "private_keys.kdbx")
|
|
_shutil.copy(
|
|
keepass_db_path,
|
|
_os.path.join(target_directory, "private_keys.kdbx")
|
|
)
|
|
## todo: keyfile
|
|
__helpers_misc.file_write(_os.path.join(target_directory, "config"), sshconf)
|
|
|
|
|
|
def main():
|
|
## consts
|
|
dir_conf = "source/conf"
|
|
path_build = "build/config"
|
|
|
|
## args
|
|
argument_parser = _argparse.ArgumentParser(
|
|
prog = "bifroyst",
|
|
description = "SSH connection manager",
|
|
)
|
|
argument_parser.add_argument(
|
|
"action",
|
|
type = str,
|
|
choices = [
|
|
"init",
|
|
"key-add",
|
|
"key-remove",
|
|
"put",
|
|
],
|
|
default = "put",
|
|
metavar = "<action>",
|
|
help = "options: init | key-add | key-remove | put",
|
|
)
|
|
argument_parser.add_argument(
|
|
"-s",
|
|
"--source-directory",
|
|
type = str,
|
|
default = ".",
|
|
metavar = "<source-directory>",
|
|
)
|
|
argument_parser.add_argument(
|
|
"-t",
|
|
"--target-directory",
|
|
type = str,
|
|
default = "~/.ssh",
|
|
metavar = "<target-directory>",
|
|
)
|
|
argument_parser.add_argument(
|
|
"-g",
|
|
"--group",
|
|
type = str,
|
|
default = "default",
|
|
metavar = "<group>",
|
|
)
|
|
argument_parser.add_argument(
|
|
"-n",
|
|
"--name",
|
|
type = str,
|
|
default = None,
|
|
metavar = "<name>",
|
|
)
|
|
args = argument_parser.parse_args()
|
|
|
|
## exec
|
|
if (args.action == "init"):
|
|
action_init(
|
|
args.source_directory
|
|
)
|
|
elif (args.action == "key-add"):
|
|
action_key_add(
|
|
args.source_directory,
|
|
args.group,
|
|
args.name
|
|
)
|
|
elif (args.action == "key-remove"):
|
|
action_key_remove(
|
|
args.source_directory,
|
|
args.group,
|
|
args.name
|
|
)
|
|
elif (args.action == "put"):
|
|
action_put(
|
|
args.source_directory,
|
|
args.target_directory
|
|
)
|
|
else:
|
|
raise ValueError("invalid action: %s", args.action)
|
|
|