MOIS3Y/isp-maintenance
2
0
Fork 0
forked from ISPsystem/isp-maintenance
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

merge into: MOIS3Y:api
Branches Tags
MOIS3Y:main
MOIS3Y:gogo
MOIS3Y:api
MOIS3Y:db_connection
MOIS3Y:cli_core
MOIS3Y:platform_settings
MOIS3Y:core
ISPsystem:main
...
pull from: ISPsystem:main
Branches Tags
ISPsystem:main
MOIS3Y:main
MOIS3Y:gogo
MOIS3Y:api
MOIS3Y:db_connection
MOIS3Y:cli_core
MOIS3Y:platform_settings
MOIS3Y:core

8 Commits
api ... main

Author SHA1 Message Date
MOIS3Y
99dd122262 docs: add gogo usage guide 2024-12-12 23:45:19 +09:00
MOIS3Y
b84ef86cd0 docs: add --de into help msg 2024-12-12 22:54:47 +09:00
MOIS3Y
ba6dd53f6c update: new config support DE go server and --test option 2024-12-12 21:29:22 +09:00
MOIS3Y
5815c84b07 Fix: help msg missing auth subcommand 2024-07-22 21:36:20 +09:00
MOIS3Y
6c6df42e7f Fix: help message, init func and ssh-add cmd in --crt 2024-06-09 16:43:31 +09:00
MOIS3Y
da3e61eccb Hotfix: some instances use dashes rather than underscores in container names 2024-06-09 16:41:55 +09:00
MOIS3Y
e0de805af7 Add: gogo.sh script for quick access from employee side 2024-06-08 16:47:12 +09:00
MOIS3Y
4cdf3b4539 Fix: platform_dummy import bugs 2024-06-08 14:40:36 +09:00
5 changed files with 722 additions and 18 deletions
Show Stats Expand all files Collapse all files

174
README.md
View File

@ -5,4 +5,176 @@ Maintenance application for quick access, check and resolve issues VM/DCImanager
### In progress
### See [CONTRIBUTING.md](CONTRIBUTING.md) for a general overview of how to contribute
### See [CONTRIBUTING.md](CONTRIBUTING.md) for a general overview of how to contribute
## How to use gogo companion:
#### Dependencies
ОС: Linux, Mac, Windows
Shell: bash
#### Installation
- download or copy the script from the root of the repository `/scripts/gogo/gogo.sh`
- to call the script without specifying the full path, put it in the directory that is in $PATH (in the future, I assume that you will have it `~/.local/bin/`)
```console
curl https://git.isptech.ru/ISPsystem/isp-maintenance/raw/branch/main/scripts/gogo/gogo.sh -o ~/.local/bin/gogo && chmod u+x ~/.local/bin/gogo
```
#### Configuration
For the script to work, you need a configuration file with settings `~/.config/gogo/gogo.conf`
This config contains the following fields that are read every time you start
```
GO_SERVER_ADDR_RUSSIAN=
GO_SERVER_ADDR_GERMANY=
GO_SERVER_ADDR_TEST=
VAULT_SERVER_ADDR=
SSH_PRIVATE_KEY_USER=
SSH_PRIVATE_KEY_PATH=
SSH_PUBLIC_KEY_PATH=
SSH_CRT_FILE=
MGRCTL_IMAGE=mois3y/mgrctl:latest
DEBUG_MODE=false
```
Please fill in the fields with current data, write the path to the keys and certificate in full `/home/username/.ssh/id_ecdsa` and so on.
For security reasons, server addresses and paths to keys are not indicated here.
For your convenience, the config can be filled out interactively
```console
gogo --init
```
#### Usage
- Get a temporary ssh certificate
```console
gogo --crt
```
- Check your connection to test servers in both locations
```console
gogo --test
```
- If the connection is successful, you can use the script. You are beautiful!
#### Examples
- Connect to BILLmanager 6 via ssh port 22 and interface port 443
```console
gogo --bill my.example.com
```
or
```console
gogo --bill my.example.com -p 22 -wp 443
```
- Connect to BILLmanager 6 again without generating an access key to the interface
```console
gogo --bill my.example.com --ssh
```
- Connect to DNSmanager 6 via ssh port 22 and interface port 1501
```console
gogo --dns my.example.com -p 22 -wp 1501
```
- Connect to DCImanager 6 via ssh port 2222 and interface 443 port
```console
gogo --dci vm.example.com -p 2222
```
- Connect to VMmanager 6 via ssh port 2222 and interface port 443
```console
gogo --vm 228.228.228.228 -p 2222
```
- Connect to VMmanager 6 via ssh port 22 and interface port 443, indicating the id of a specific user and generate 3 keys
```console
gogo --vm vm.example.com --mgrctl auth user access --id 1488 --count 1
```
- The same thing, just print the command that is executed on the server side into the console, you can run it later simply by copying it
```console
gogo --vm vm.example.com --tty --mgrctl auth user access --id 1488 --count 1
```
Connect to VMmanager 6 via ssh port 22 and interface port 443 via DE go3 server
```console
gogo --vm vm.example.com -p 22 --de
```
Connect to DCImanager 6 via ssh port 22 and interface port 443 via the old go method
```console
gogo --dci dci.example.com -p 22 --go
```
##### There are also examples in `help`
```console
gogo --help
Usage: gogo [options [parameters]]
Examples:
gogo --init | init config file
gogo --crt | get ssh certificate for go3 connections
gogo --test | check go3 connection availability
gogo --bill my.example.com
gogo --vm my.example.com --de | connect throw DE go3 server
gogo --vm 0.0.0.0 --ssh | only ssh access
gogo --vm 0.0.0.0 --tty | use mgrctl interactive
gogo --dci 0.0.0.0 --mgrctl auth user access --id 3 --count 5
gogo --dci 0.0.0.0 --mgrctl auth user ls --admins
gogo --vm 0.0.0.0 --port 22122 --mgrctl auth user ls --admins
gogo --vm 0.0.0.0 --tty --mgrctl auth user ls --admins
gogo --dns ns1.example.com --web-port 1501
gogo --dns ns1.example.com --port 22122 --web-port 1501
gogo --bill my.example.com --port 22 --web-port 1501
Options:
--vm[dci|bill|dns|ip] expected ip_addr required
--port | -p ssh port, default 22
--web-port | -wp web port, default 443
--go/--go3 go version, default go3
--de connect throw DE go3 server
--ssh open only ssh session
--tty for vm6/dci6 echo cmd for run container
--mgrctl [args] for vm6/dci6 customize access params
Single options:
--init | -i generate configuration
--crt | -c generate ssh cert
--test | -t check go3 connection availability
--version | -v print version
--help | -h print this message and exit
```

21
mgrctl/api/base.py
View File

@ -7,6 +7,7 @@ import requests
from time import sleep
from mgrctl.settings.api import (
API_INPUT_PORT,
API_URL,
API_HEADERS,
API_EMAIL,
@ -14,6 +15,7 @@ from mgrctl.settings.api import (
API_VERIFY_SSL,
API_COUNT_TRY_CONNECTIONS
)
from mgrctl.settings.platform import PLATFORM_TYPE
class BaseAPI(object):
@ -33,6 +35,7 @@ class BaseAPI(object):
def call_api(self, url, method='GET', headers={}, data={}):
attempt = API_COUNT_TRY_CONNECTIONS
while attempt:
attempt -= 1
try:
uri = self._gen_request_url(url)
headers = self.API_HEADERS if not headers else headers
@ -52,16 +55,25 @@ class BaseAPI(object):
verify=self.API_VERIFY_SSL
)
except Exception as error:
click.echo(f'Error: {type(error).__name__}')
sys.exit()
ConnectionError = requests.exceptions.ConnectionError
if type(error) is ConnectionError and PLATFORM_TYPE == 'dci':
# ? workaround if new docker version use dashes
# TODO: ISPsystem developers must set container_name !!!
self.API_URL = f'http://dci-input-1:{API_INPUT_PORT}'
if attempt == 0:
click.echo(f'Error: {type(error).__name__}')
sys.exit()
else:
continue
else:
click.echo(f'Error: {type(error).__name__}')
sys.exit()
# Get response:
response = self._parse_response(api_request)
# Validate response:
if self._error_handler(response):
attempt -= 1
sleep(2) # wait 2 second timeout
continue # new attempt connection
return response
@ -80,6 +92,7 @@ class BaseAPI(object):
def _is_error_3004(self, error):
if error.get('code') == 3004:
sleep(2) # wait 2 second timeout
return True
def _error_handler(self, response):

5
mgrctl/settings/api.py
View File

@ -42,5 +42,6 @@ if not PLATFORM_VERIFY_SSL_WARNING:
if PLATFORM_DUMMY:
API_URL = PLATFORM_DUMMY_API_URL
API_HEADERS = {'x-xsrf-token': PLATFORM_DUMMY_TOKEN}
API_EMAIL = PLATFORM_DUMMY_EMAIL
API_PASSWORD = PLATFORM_DUMMY_PASSWORD
API_EMAIL = PLATFORM_DUMMY_EMAIL
API_PASSWORD = PLATFORM_DUMMY_PASSWORD

28
mgrctl/settings/platform.py
View File

@ -22,14 +22,20 @@ PLATFORM_URL = env.str(
# Development mode:
PLATFORM_DUMMY = env.bool('PLATFORM_DUMMY', False)
if PLATFORM_DUMMY:
if PLATFORM_TYPE == 'vm':
PLATFORM_DUMMY_API_URL = env.str('PLATFORM_DUMMY_VM6_API_URL', '')
PLATFORM_DUMMY_EMAIL = env.str('PLATFORM_DUMMY_VM6_EMAIL', '')
PLATFORM_DUMMY_PASSWORD = env.str('PLATFORM_DUMMY_VM6_PASSWORD', '')
PLATFORM_DUMMY_TOKEN = env.str('PLATFORM_DUMMY_VM6_TOKEN', '')
if PLATFORM_TYPE == 'dci':
PLATFORM_DUMMY_API_URL = env.str('PLATFORM_DUMMY_DCI6_API_URL', '')
PLATFORM_DUMMY_EMAIL = env.str('PLATFORM_DUMMY_DCI6_EMAIL', '')
PLATFORM_DUMMY_PASSWORD = env.str('PLATFORM_DUMMY_DCI6_PASSWORD', '')
PLATFORM_DUMMY_TOKEN = env.str('PLATFORM_DUMMY_DCI6_TOKEN', '')
if PLATFORM_TYPE == 'vm':
PLATFORM_DUMMY_API_URL = env.str('PLATFORM_DUMMY_VM6_API_URL', '')
PLATFORM_DUMMY_EMAIL = env.str('PLATFORM_DUMMY_VM6_EMAIL', '')
PLATFORM_DUMMY_PASSWORD = env.str('PLATFORM_DUMMY_VM6_PASSWORD', '')
PLATFORM_DUMMY_TOKEN = env.str('PLATFORM_DUMMY_VM6_TOKEN', '')
elif PLATFORM_TYPE == 'dci':
PLATFORM_DUMMY_API_URL = env.str('PLATFORM_DUMMY_DCI6_API_URL', '')
PLATFORM_DUMMY_EMAIL = env.str('PLATFORM_DUMMY_DCI6_EMAIL', '')
PLATFORM_DUMMY_PASSWORD = env.str('PLATFORM_DUMMY_DCI6_PASSWORD', '')
PLATFORM_DUMMY_TOKEN = env.str('PLATFORM_DUMMY_DCI6_TOKEN', '')
else:
# ? guarantees that constants exist for import
# ? if the user has set the wrong PLATFORM_TYPE:
PLATFORM_DUMMY_API_URL = env.str('PLATFORM_DUMMY_API_URL', '')
PLATFORM_DUMMY_EMAIL = env.str('PLATFORM_DUMMY_EMAIL', '')
PLATFORM_DUMMY_PASSWORD = env.str('PLATFORM_DUMMY_PASSWORD', '')
PLATFORM_DUMMY_TOKEN = env.str('PLATFORM_DUMMY_TOKEN', '')

512
scripts/gogo/gogo.sh Executable file
View File

@ -0,0 +1,512 @@
#!/usr/bin/env bash
# █▀▀ █▀█ █▀▀ █▀█ ▀
# █▄█ █▄█ █▄█ █▄█ ▄
# -- -- -- -- -- --
# INIT GLOBAL VARIABLES:
_VERSION="0.1.1"
_SCRIPT_NAME="$(basename $0)"
_GO_CMD="go3"
_DEBUG_MODE=false
_CONFIG_DIR="${HOME}/.config/gogo"
_CONFIG="${_CONFIG_DIR}/gogo.conf"
_IS_TTY=false
_IS_SSH_ONLY=false
_IS_MGRCTL_ARGS=false
_MGRCTL_ARGS=""
_MGRCTL_BIN="mgrctl"
_MGRCTL_CMD=""
_MGRCTL_RUN=""
_MGRCTL_KEY=""
_PLATFORM_TYPE=""
_PLATFORM_GENERATION=6
_PLATFORM_SSH_PORT=22
_PLATFORM_WEB_PORT=443
_PLATFORM_IP_ADDR=""
_PLATFORM_CONFIG_FILE=""
_PLATFORM_NETWORK_NAME=""
_SSH_CONNECT_CMD=""
_SSH_REMOTE_CMD=""
_ACCESS_LINK=""
# Colorize output
# Usage - $(colorize CYAN "Hello, friend!")
colorize() {
local RED="\033[0;31m"
local GREEN="\033[0;32m" # <-- [0 means not bold
local YELLOW="\033[1;33m" # <-- [1 means bold
local BLUE="\033[0;34m"
local MAGNETA="\033[0;35"
local CYAN="\033[1;36m"
# ... Add more colors if you like
local NC="\033[0m" # No Color
# printf "${(P)1}${2} ${NC}\n" # <-- zsh
# printf "${!1}${2} ${NC}\n" # <-- bash
echo -e "${!1}${2}${NC}" # <-- all-purpose
}
# Print help message how used it script
help() {
# colorize value
local script=$(colorize GREEN "$_SCRIPT_NAME")
local required=$(colorize RED "required")
# help message
printf "Usage: $script [options [parameters]] \n"
printf " \n"
printf "Examples: \n"
printf " \n"
printf "${script} --init | init config file \n"
printf "${script} --crt | get ssh certificate for go3 connections \n"
printf "${script} --test | check go3 connection availability \n"
printf " \n"
printf "${script} --bill my.example.com \n"
printf "${script} --vm my.example.com --de | connect throw DE go3 server \n"
printf "${script} --vm 0.0.0.0 --ssh | only ssh access \n"
printf "${script} --vm 0.0.0.0 --tty | use mgrctl interactive \n"
printf " \n"
printf "${script} --dci 0.0.0.0 --mgrctl auth user access --id 3 --count 5 \n"
printf "${script} --dci 0.0.0.0 --mgrctl auth user ls --admins \n"
printf "${script} --vm 0.0.0.0 --port 22122 --mgrctl auth user ls --admins \n"
printf "${script} --vm 0.0.0.0 --tty --mgrctl auth user ls --admins \n"
printf "${script} --dns ns1.example.com --web-port 1501 \n"
printf "${script} --dns ns1.example.com --port 22122 --web-port 1501 \n"
printf "${script} --bill my.example.com --port 22 --web-port 1501 \n"
printf " \n"
printf "Options: \n"
printf " \n"
printf " --vm[dci|bill|dns|ip] expected ip_addr $required \n"
printf " --port | -p ssh port, default 22 \n"
printf " --web-port | -wp web port, default 443 \n"
printf " --go/--go3 go version, default go3 \n"
printf " --de connect throw DE go3 server \n"
printf " --ssh open only ssh session \n"
printf " --tty for vm6/dci6 echo cmd for run container \n"
printf " --mgrctl [args] for vm6/dci6 customize access params \n"
printf " \n"
printf "Single options: \n"
printf " --init | -i generate configuration \n"
printf " --crt | -c generate ssh cert \n"
printf " --test | -t check go3 connection availability \n"
printf " --version | -v print version \n"
printf " --help | -h print this message and exit \n"
}
# Ask confirmation user if No - exit with 1 state
continue_handler() {
read -p "Continue? (Y/N): " confirm \
&& [[ $confirm == [yY] || $confirm == [yY][eE][sS] ]] || exit 1
}
# Init script configuration file:
init_config() {
# Lables:
local warning=$(colorize RED "WARNING!")
local success=$(colorize GREEN "SUCCESS!")
local script_name=$(colorize GREEN "${_SCRIPT_NAME}")
# check if config file exists:
if [ -f $_CONFIG ]; then
echo "${warning} Config file is already exists"
echo "New initialization rewrites current config"
continue_handler
fi
# get user unputs:
read -p "Enter russian go server address: " _GO_SERVER_ADDR_RUSSIAN
read -p "Enter germany go server address: " _GO_SERVER_ADDR_GERMANY
read -p "Enter test go server address: " _GO_SERVER_ADDR_TEST
read -p "Enter vault server address: " _VAULT_SERVER_ADDR
read -p "Enter username: " _SSH_PRIVATE_KEY_USER
read -p "Enter full path to ssh private key: " _SSH_PRIVATE_KEY_PATH
read -p "Enter full path to ssh public key: " _SSH_PUBLIC_KEY_PATH
read -p "Enter full path to ssh certificate: " _SSH_CRT_FILE
read -p "Enter mgrctl image name: " _MGRCTL_IMAGE
# save config:
mkdir -p $_CONFIG_DIR
cat << EOF > "${_CONFIG}"
GO_SERVER_ADDR_RUSSIAN=$_GO_SERVER_ADDR_RUSSIAN
GO_SERVER_ADDR_GERMANY=$_GO_SERVER_ADDR_GERMANY
GO_SERVER_ADDR_TEST=$_GO_SERVER_ADDR_TEST
VAULT_SERVER_ADDR=$_VAULT_SERVER_ADDR
SSH_PRIVATE_KEY_USER=$_SSH_PRIVATE_KEY_USER
SSH_PRIVATE_KEY_PATH=$_SSH_PRIVATE_KEY_PATH
SSH_PUBLIC_KEY_PATH=$_SSH_PUBLIC_KEY_PATH
SSH_CRT_FILE=$_SSH_CRT_FILE
MGRCTL_IMAGE=$_MGRCTL_IMAGE
DEBUG_MODE=false
EOF
echo ""
echo "${success} Config file was created, run ${script_name} again"
echo ""
}
# Read config file that contains key=value params
load_config() {
local file="$_CONFIG"
if ! [ -f $_CONFIG ]; then
help
local warning=$(colorize RED "WARNING!")
echo ""
echo "${warning} Config file doesn't exist"
echo "Init new config: ${_CONFIG}"
continue_handler
init_config
fi
while IFS="=" read -r key value; do
case "$key" in
"GO_SERVER_ADDR_RUSSIAN")
_GO_SERVER_ADDR_RUSSIAN="$value"
_GO_SERVER_ADDR="$value"
;;
"GO_SERVER_ADDR_GERMANY")
_GO_SERVER_ADDR_GERMANY="$value"
;;
"GO_SERVER_ADDR_TEST")
_GO_SERVER_ADDR_TEST="$value"
;;
"VAULT_SERVER_ADDR")
_VAULT_SERVER_ADDR="$value"
;;
"SSH_PRIVATE_KEY_USER")
_SSH_PRIVATE_KEY_USER="$value"
;;
"SSH_PRIVATE_KEY_PATH")
_SSH_PRIVATE_KEY_PATH="$value"
;;
"SSH_PUBLIC_KEY_PATH")
_SSH_PUBLIC_KEY_PATH="$value"
_VAULT_SSH_PUBLIC_KEY="@$value" # @ sybol is important
;;
"SSH_CRT_FILE")
_SSH_CRT_FILE="$value"
;;
"MGRCTL_IMAGE")
_MGRCTL_IMAGE="$value"
;;
"DEBUG_MODE")
_DEBUG_MODE="$value"
;;
esac
done < "$file"
}
# Generate key for coremgr based platrorms access link:
gen_random_key() {
_MGRCTL_KEY=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1)
}
gen_coremgr_access_params() {
# get opt name:
local opt=$1
# gen access key:
gen_random_key
# fill current parametrs:
_PLATFORM_TYPE=$(sed 's~[^[:alpha:]/]\+~~g' <<< "$opt")
_PLATFORM_GENERATION=5
_MGRCTL_BIN="/usr/local/mgr5/sbin/mgrctl"
_MGRCTL_ARGS="-m ${_PLATFORM_TYPE}mgr session.newkey key=$_MGRCTL_KEY"
# override _PLATFORM_GENERATION for bill6 or dns6
if [[ $opt == "--bill" ]] || [[ $opt == "--dns" ]]; then
_PLATFORM_GENERATION=6
fi
# override _MGRCTL_BIN _MGRCTL_ARGS for dns6
if [[ $opt == "--dns" ]]; then
_MGRCTL_BIN="/opt/ispsystem/${_PLATFORM_TYPE}manager6/sbin/mgrctl"
_MGRCTL_ARGS="-m ${_PLATFORM_TYPE}mgr session.newkey key=$_MGRCTL_KEY"
fi
}
gen_docker_access_params(){
# get opt name:
local opt=$1
# fill current parametrs:
_PLATFORM_TYPE=$(sed 's~[^[:alpha:]/]\+~~g' <<< "$opt")
_PLATFORM_GENERATION=6
_PLATFORM_CONFIG_FILE="/opt/ispsystem/${_PLATFORM_TYPE}/config.json"
# set platform docker network name:
if [[ $_PLATFORM_TYPE == "vm" ]]; then
_PLATFORM_NETWORK_NAME="vm_vm_box_net"
else
_PLATFORM_NETWORK_NAME="dci_auth"
fi
}
gen_ssh_connect_cmd(){
# get params:
local go_server="${_GO_SERVER_ADDR}"
local go_cmd="${_GO_CMD}"
local address="${_PLATFORM_IP_ADDR}"
local port="${_PLATFORM_SSH_PORT}"
local key_path="${_SSH_PRIVATE_KEY_PATH}"
local key_user="${_SSH_PRIVATE_KEY_USER}"
local ssh_args="${key_user}@${go_server} ${go_cmd} ${address} -p ${port}"
# generate cmd:
_SSH_CONNECT_CMD="ssh -A -t -i ${key_path} ${ssh_args}"
}
gen_ssh_remote_cmd() {
# ? VMmanager6 || DCImanager6:
if [[ $_PLATFORM_TYPE == "vm" ]] || \
[[ $_PLATFORM_TYPE == "dci" ]] && \
[[ $_PLATFORM_GENERATION -eq 6 ]]; then
# use default mgrctl cmd if not set args:
if [ -z "${_MGRCTL_ARGS}" ]; then
_MGRCTL_ARGS="${_PLATFORM_TYPE}6 auth user access --random"
_MGRCTL_CMD="${_MGRCTL_BIN} ${_MGRCTL_ARGS}"
else
_MGRCTL_CMD="${_MGRCTL_BIN} ${_PLATFORM_TYPE}6 ${_MGRCTL_ARGS}"
fi
# silent mode:
local hide_output=">> /dev/null"
if $_DEBUG_MODE; then
hide_output=""
fi
# image:
local image=${_MGRCTL_IMAGE}
# docker cmd:
local docker_bin="/usr/bin/docker"
local docker_pull="${docker_bin} pull ${image} ${hide_output}"
local docker_rm="${docker_bin} image rm -f ${image} ${hide_output}"
local docker_run="${docker_bin} run"
# mount config:
local mount_src="source=${_PLATFORM_CONFIG_FILE}"
local mount_trg="target=${_PLATFORM_CONFIG_FILE}"
local mount_opt="type=bind,${mount_src},${mount_trg},readonly"
local mount="--mount ${mount_opt}"
# network config:
local network="--network=${_PLATFORM_NETWORK_NAME}"
# environment config:
local envs="-e PLATFORM_TYPE=${_PLATFORM_TYPE}"
# container args:
local args="${_MGRCTL_CMD}"
# mgrctl container params:
local container="${network} ${mount} ${envs} --rm ${image} ${args}"
# docker commands:
local cmd="${docker_pull} && ${docker_run} ${container} && ${docker_rm}"
# final cmd:
_SSH_REMOTE_CMD="${cmd}"
# set cmd for manual start container:
if $_IS_TTY; then
# override parammetrs if DEBUG_MODE=false add -it flag:
docker_pull="${docker_bin} pull ${image}"
docker_rm="${docker_bin} image rm -f ${image}"
container="${network} ${mount} ${envs} --rm -i -t ${image}"
cmd="${docker_pull} && ${docker_run} ${container} && ${docker_rm}"
_MGRCTL_RUN="${cmd}"
fi
# ? BILLmanager6 || DNSmanager6 || IP/DNS/DCI/VMmanager5:
else
# final cmd:
_SSH_REMOTE_CMD="${_MGRCTL_BIN} ${_MGRCTL_ARGS}"
echo_access_link
fi
}
gen_access_link() {
local url="https://${_PLATFORM_IP_ADDR}"
local port="${_PLATFORM_WEB_PORT}"
local platform="${_PLATFORM_TYPE}mgr"
local func="func=auth&key=${_MGRCTL_KEY}"
_ACCESS_LINK="${url}:${port}/${platform}?${func}"
}
echo_access_link() {
gen_access_link
echo "mgr link"
echo "----- -------------------------------------------------------------"
echo "${_PLATFORM_TYPE}${_PLATFORM_GENERATION} ${_ACCESS_LINK}"
echo ""
}
echo_mgrctl_run_msg() {
echo "--------------------------------------------------------------------"
echo "To run the mgrctl container manually on the client server:"
echo "copy and paste the command into the terminal."
echo "This will download the image and run the container interactively."
echo "After exiting the container and its image will be deleted."
echo "--------------------------------------------------------------------"
echo "${_MGRCTL_RUN}"
echo "--------------------------------------------------------------------"
}
get_access() {
gen_ssh_connect_cmd
if $_IS_SSH_ONLY; then
# run connection:
$_SSH_CONNECT_CMD
else
gen_ssh_remote_cmd
# run connection send remote cmd:
$_SSH_CONNECT_CMD "${_SSH_REMOTE_CMD}"
if [[ $_PLATFORM_TYPE == "vm" ]] || \
[[ $_PLATFORM_TYPE == "dci" ]] && \
[[ $_PLATFORM_GENERATION -eq 6 ]] && \
$_IS_TTY; then
echo_mgrctl_run_msg
fi
# use default mgrctl cmd if not set args:
# run connection again for ssh tty session:
$_SSH_CONNECT_CMD
fi
}
get_vault_crt() {
local public_key=$1
local crt_file=$2
vault login -method=oidc
if [ ! -f $crt_file ]; then
touch $crt_file
fi
vault write -field=signed_key ssh/sign/support \
public_key=$public_key valid_principals=root > $crt_file
}
set_ssh_agent() {
local secret_key=$1
ssh-add -D
ssh-add $secret_key
}
renewal_crt() {
export VAULT_ADDR=$_VAULT_SERVER_ADDR
get_vault_crt $_VAULT_SSH_PUBLIC_KEY $_SSH_CRT_FILE
set_ssh_agent $_SSH_PRIVATE_KEY_PATH
}
test_go3_connection() {
# force only ssh connections without platform features:
_IS_SSH_ONLY=true
# set fake client address:
_PLATFORM_IP_ADDR="${_GO_SERVER_ADDR_TEST}"
_PLATFORM_SSH_PORT=22
echo "Run TEST: $_GO_SERVER_ADDR_RUSSIAN connection"
get_access
echo "-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --"
echo "Run TEST: $_GO_SERVER_ADDR_GERMANY connection"
_GO_SERVER_ADDR="${_GO_SERVER_ADDR_GERMANY}"
get_access
}
# Parse user options
optparser() {
# count user-passed options:
local count_options=$#
# run help if empty and exit:
if [[ count_options -eq 0 ]]; then
help
exit 2
fi
# run init config if flag --init and exit:
if [[ "$1" == "--init" ]]; then
init_config
exit 0
fi
# load config from config file:
load_config
# parse opts:
while [ ! -z "$1" ]; do
case "$1" in
--vm|--dci)
gen_docker_access_params "$1"
shift
_PLATFORM_IP_ADDR="$1"
;;
--bill|--dns|--bill5|--ip5|--dns5|--vm5|--dci5)
gen_coremgr_access_params "$1"
shift
_PLATFORM_IP_ADDR="$1"
;;
--port|-p)
shift
_PLATFORM_SSH_PORT="$1"
;;
--web-port|-wp)
shift
_PLATFORM_WEB_PORT="$1"
;;
--go|--go3)
_GO_CMD=$(sed 's~[^[:alnum:]/]\+~~g' <<< "$1")
;;
--de)
_GO_SERVER_ADDR="${_GO_SERVER_ADDR_GERMANY}"
;;
--mgrctl|--tty|--ssh)
if [[ "$1" == "--mgrctl" ]]; then
_IS_MGRCTL_ARGS=true
shift
_MGRCTL_ARGS=$@
elif [[ "$1" == "--tty" ]]; then
if $_IS_MGRCTL_ARGS; then
local error=$(colorize RED "ERROR!")
echo "${error} $1 must be in before --mgrctl not after"
exit 1
fi
_IS_TTY=true
elif [[ "$1" == "--ssh" ]]; then
_IS_SSH_ONLY=true
fi
;;
--crt|-c)
renewal_crt
exit 0
;;
--test|-t)
test_go3_connection
exit 0
;;
--help|-h)
help
exit 0
;;
--version|-v)
printf "$_VERSION\n"
exit 0
;;
*)
if ! $_IS_MGRCTL_ARGS; then
help
exit 1
fi
;;
esac
shift
done
}
# Entrypoint:
main() {
optparser $@
get_access
}
# RUN IT:
main $@