Add automation scripts.
This commit is contained in:
Kevin Baensch
parent
40630b86b9
commit
d686edef9d
5 changed files with 121 additions and 4 deletions
|
|
@ -20,6 +20,7 @@ services:
|
||||||
- /var/run/docker.sock:/tmp/docker.sock:ro
|
- /var/run/docker.sock:/tmp/docker.sock:ro
|
||||||
- ./script/hostman.sh:/hostman.sh:ro
|
- ./script/hostman.sh:/hostman.sh:ro
|
||||||
- ./script/sqlproxy.sh:/sqlproxy.sh:ro
|
- ./script/sqlproxy.sh:/sqlproxy.sh:ro
|
||||||
|
- ./script/sqlproxy_cli.sh:/sqlproxy_cli.sh:ro
|
||||||
environment:
|
environment:
|
||||||
DISABLE_KEYGEN: true
|
DISABLE_KEYGEN: true
|
||||||
DISABLE_CONFIG_GEN: true
|
DISABLE_CONFIG_GEN: true
|
||||||
|
|
|
||||||
|
|
@ -8,6 +8,5 @@ AllowTcpForwarding yes
|
||||||
PermitOpen any
|
PermitOpen any
|
||||||
|
|
||||||
PidFile /config/sshd.pid
|
PidFile /config/sshd.pid
|
||||||
Subsystem sftp /usr/lib/ssh/sftp-server -u 022
|
|
||||||
|
|
||||||
AllowUsers sqlproxy
|
AllowUsers sqlproxy
|
||||||
|
|
|
||||||
99
script/myssh
Executable file
99
script/myssh
Executable file
|
|
@ -0,0 +1,99 @@
|
||||||
|
#!/usr/bin/env bash
|
||||||
|
|
||||||
|
[ -z $SQL_PROXY_HOST ] && SQL_PROXY_HOST="localhost"
|
||||||
|
CACHE_FILE="$HOME/.cache/sqlproxy_$SQL_PROXY_HOST"
|
||||||
|
|
||||||
|
HELP="Usage: myssh [ls|connect]
|
||||||
|
SUBCOMMANDS:
|
||||||
|
ls: list available database hosts
|
||||||
|
connect: connect to a database host
|
||||||
|
|
||||||
|
SYNTAX connect host [-u user] [-p password] [-c client]
|
||||||
|
"
|
||||||
|
|
||||||
|
ls() {
|
||||||
|
echo $(ssh $SQL_PROXY_HOST ls)
|
||||||
|
}
|
||||||
|
|
||||||
|
read_cache() {
|
||||||
|
if [ -f $CACHE_FILE ]
|
||||||
|
then
|
||||||
|
mapfile -t HOST_LIST < $CACHE_FILE
|
||||||
|
LAST_CHANGED=$(expr $(date +"%s") - "${HOST_LIST[0]}")
|
||||||
|
# Refresh cache if cache is older than a minute
|
||||||
|
if [ $LAST_CHANGED -gt 60 ]
|
||||||
|
then
|
||||||
|
write_cache $(ls)
|
||||||
|
read_cache
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
write_cache $(ls)
|
||||||
|
read_cache
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
write_cache() {
|
||||||
|
touch $CACHE_FILE
|
||||||
|
echo -e $(date +"%s")"\n"$1 > $CACHE_FILE
|
||||||
|
}
|
||||||
|
|
||||||
|
run_client() {
|
||||||
|
# wait for port to open
|
||||||
|
while ! nc -z localhost 3306 > /dev/null
|
||||||
|
do
|
||||||
|
sleep 0.1
|
||||||
|
done
|
||||||
|
|
||||||
|
if [ $(uname -s) = "Linux" ]
|
||||||
|
then
|
||||||
|
mysql --protocol=TCP -u $1 -p$2 -h localhost -P 3306
|
||||||
|
else
|
||||||
|
open "mysql://$1:$2@localhost:3306" -a "Sequel Ace"
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
MAIN_OPTION=$1
|
||||||
|
shift
|
||||||
|
|
||||||
|
case $MAIN_OPTION in
|
||||||
|
ls)
|
||||||
|
RESPONSE=$(ls)
|
||||||
|
write_cache $RESPONSE
|
||||||
|
echo $RESPONSE;;
|
||||||
|
connect)
|
||||||
|
# Kill open connections on exit
|
||||||
|
# https://stackoverflow.com/questions/360201/how-do-i-kill-background-processes-jobs-when-my-shell-script-exits
|
||||||
|
trap "trap - SIGTERM && kill -- -$$" SIGINT SIGTERM EXIT
|
||||||
|
|
||||||
|
# check/update cache
|
||||||
|
read_cache
|
||||||
|
|
||||||
|
# check if host is valid
|
||||||
|
TARGET_HOST=$1
|
||||||
|
shift
|
||||||
|
tail -n +2 $CACHE_FILE | grep -qe "^$TARGET_HOST$"
|
||||||
|
GREP_EXIT_CODE=$?
|
||||||
|
if [ $GREP_EXIT_CODE -eq 0 ]
|
||||||
|
then
|
||||||
|
while getopts "u:p:" o
|
||||||
|
do
|
||||||
|
case "$o" in
|
||||||
|
u) MYSQL_USERNAME="$OPTARG" ;;
|
||||||
|
p) MYSQL_PASSWORD="$OPTARG" ;;
|
||||||
|
esac
|
||||||
|
done
|
||||||
|
ssh -L 3306:$TARGET_HOST:3306 $SQL_PROXY_HOST > /dev/null 2>&1 &
|
||||||
|
if [ ! -z $MYSQL_USERNAME ] && [ ! -z $MYSQL_PASSWORD ]
|
||||||
|
then
|
||||||
|
run_client $MYSQL_USERNAME $MYSQL_PASSWORD
|
||||||
|
else
|
||||||
|
echo 'Press CTRL C to quit this connection'
|
||||||
|
wait
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
echo "Invalid Hostname: $2."
|
||||||
|
fi
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
echo -e "Usage: myssh [ls|connect]\n\n";;
|
||||||
|
esac
|
||||||
18
script/sqlproxy_cli.sh
Executable file
18
script/sqlproxy_cli.sh
Executable file
|
|
@ -0,0 +1,18 @@
|
||||||
|
#!/usr/bin/env sh
|
||||||
|
|
||||||
|
ls_hosts() {
|
||||||
|
# the containers version of grep does not support perl regex so "[^ ]*(?= # Added by hostman)" does not work
|
||||||
|
echo $(grep -e "# Added by hostman" /etc/hosts | grep -oe "^[^ ]* [^ ]*" | grep -oe "[^ ]*$")
|
||||||
|
}
|
||||||
|
|
||||||
|
idle() {
|
||||||
|
echo "Press CTRL C to quit this connection"
|
||||||
|
sleep infinity
|
||||||
|
}
|
||||||
|
|
||||||
|
if [ -z $SSH_ORIGINAL_COMMAND ]
|
||||||
|
then
|
||||||
|
idle
|
||||||
|
else
|
||||||
|
ls_hosts
|
||||||
|
fi
|
||||||
|
|
@ -9,10 +9,10 @@ case $GEN_KEYS in
|
||||||
[yY]*)
|
[yY]*)
|
||||||
mkdir -p ~/.ssh
|
mkdir -p ~/.ssh
|
||||||
read -r -p "Key Name (should not already exist in ~/.ssh): " KEY_NAME
|
read -r -p "Key Name (should not already exist in ~/.ssh): " KEY_NAME
|
||||||
ssh-keygen -t ed25519 -f ~/.ssh/$KEY_NAME.key
|
ssh-keygen -t ed25519 -f ~/.ssh/$KEY_NAME.key -C "$(date --iso-8601)_$(whoami)@$HOST"
|
||||||
read -r -p "Target Host: " HOST_NAME
|
read -r -p "Target Host: " HOST_NAME
|
||||||
echo -ne "\n\nHost $HOST_NAME\n User sqlproxy\n IdentityFile ~/.ssh/$KEY_NAME.key" >> ~/.ssh/config
|
echo -ne "\n\nHost $HOST_NAME\n User sqlproxy\n IdentityFile ~/.ssh/$KEY_NAME.key" >> ~/.ssh/config
|
||||||
cat ~/.ssh/$KEY_NAME.key.pub >> ./etc/ssh/.ssh/authorized_keys
|
echo -e command=\"/sqlproxy_cli.sh\" $(cat ~/.ssh/$KEY_NAME.key.pub) >> ./etc/ssh/.ssh/authorized_keys
|
||||||
break;;
|
break;;
|
||||||
*) echo "Not generating client ssh key.\nPlease put your desired public keys into ./etc/ssh/.ssh/authorized_keys";;
|
*) echo "Not generating client ssh key.\nPlease put your desired public keys into ./etc/ssh/.ssh/authorized_keys\nAlso add 'command=\"/sqlproxy_cli.sh\" ' in front of your key";;
|
||||||
esac
|
esac
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue