Add: gogo.sh script for quick access from employee side

.dockerignore

@@ -0,0 +1,5 @@
+docker-compose.yml
+.gitignore
+.env
+.git
+.cache

.gitignore

@@ -163,3 +163,4 @@ cython_debug/
 
 # Project specific
 config.json
+**/dummy_platform

Dockerfile

@@ -1,10 +1,59 @@
+# app/Dockerfile
+
+# pull the official docker image
+FROM python:3.11-alpine as poetry-base
+
+# default build args
+ARG APP_VERSION=0.1.0 \
+    APP_DIR=/app \
+    SRC_DIR=./mgrctl \
+    PKG_NAME=mgrctl \
+    PKG_VERSION=0.1.0
+
+# set env variables
+ENV APP_NAME=mgrctl \
+    # Python3:
+    PYTHONFAULTHANDLER=1 \
+    PYTHONUNBUFFERED=1 \
+    PYTHONHASHSEED=random \
+    # Pip:
+    PIP_NO_CACHE_DIR=on \
+    PIP_DISABLE_PIP_VERSION_CHECK=on \
+    PIP_ROOT_USER_ACTION=ignore \
+    PIP_DEFAULT_TIMEOUT=100 \
+    # Poetry:
+    POETRY_NO_INTERACTION=1 \
+    POETRY_VIRTUALENVS_CREATE=false \
+    POETRY_CACHE_DIR='/var/cache/pypoetry' \
+    POETRY_HOME='/usr/local' \
+    POETRY_VERSION=1.7.1
+
+# install system deps
+RUN apk --no-cache add curl \
+    && curl -sSL https://install.python-poetry.org | python3 - \
+    && mkdir ${APP_DIR}
+
+COPY ./pyproject.toml ./poetry.lock ./README.md ${APP_DIR}
+COPY ${SRC_DIR} ${APP_DIR}/${PKG_NAME}
+
+# set workdir
+WORKDIR ${APP_DIR}
+
+# build pkg whl
+RUN poetry build --format wheel \
+    && pip install ${APP_DIR}/dist/${PKG_NAME}-${PKG_VERSION}-py3-none-any.whl \
+    && rm -r /usr/local/venv
+
+# now multistage builds
 FROM python:3.11-alpine
 
-WORKDIR /app
+# copy app and dependences
+COPY --from=poetry-base /usr/local/ /usr/local/
 
-COPY requirements.txt ./
-RUN pip install --no-cache-dir --root-user-action=ignore -r requirements.txt
+# install bash and mgrctl shell completion
+RUN apk --no-cache add bash \
+    && echo 'eval "$(_MGRCTL_COMPLETE=bash_source mgrctl)"' > ~/.bashrc
 
-COPY main.py .
-
-CMD [ "python", "-u", "main.py" ]
+# "demonize" container
+# use docker attach mgrctl or docker exec -it mgrctl mgrctl --help for example
+CMD [ "bash"]

Makefile

@@ -0,0 +1,13 @@
+build:
+	python3 ./scripts/devtools/dev.py builder docker-compose build
+destroy:
+	python3 ./scripts/devtools/dev.py builder docker-compose destroy
+up:
+	python3 ./scripts/devtools/dev.py runner docker-compose up
+down:
+	python3 ./scripts/devtools/dev.py runner docker-compose down
+restart:
+	python3 ./scripts/devtools/dev.py runner docker-compose restart
+setup: build up
+
+.PHONY: exec setup build

docker-compose.yml

@@ -0,0 +1,60 @@
+# ? docker-compose.yml for development environment
+
+# ! To start development you need to create a directory ./dummy_platform.
+# ? Place files from the test platform into it:
+# ? VM6:
+# ?    ./dummy_platform/opt/ispsystem/vm/config.json - configuration file
+# ?    ./dummy_platform/opt/ispsystem/vm/mysql - database directory
+# ? DCI6:
+# ?    ./dummy_platform/opt/ispsystem/dci/config.json - configuration file
+# ?    ./dummy_platform/opt/ispsystem/dci/mysql - database directory
+
+# ? Create ./.env file and fill it with required vars:
+# ? PLATFORM_TYPE='vm'
+# ? Database container:
+# ? MYSQL_DATABASE="database name"
+# ? MYSQL_ROOT_PASSWORD="super secret password from config.json"
+
+# ? Launch: 
+# ?     docker-compose up -d --force-recreate
+# ?     docker attach mgrctl
+
+services:
+  mgrctl:
+    container_name: mgrctl
+    restart: unless-stopped
+    build:
+      context: .
+      args:
+        - APP_VERSION=${APP_VERSION}
+        - APP_DIR=${APP_DIR}
+        - SRC_DIR=${SRC_DIR}
+        - PKG_NAME=${PKG_NAME}
+        - PKG_VERSION=${PKG_VERSION}
+    networks:
+      vm_box_net: null
+    volumes:
+      - type: bind
+        source: ./dummy_platform/opt/ispsystem/${PLATFORM_TYPE}/config.json
+        target: /opt/ispsystem/${PLATFORM_TYPE}/config.json
+    env_file:
+      - ./.env
+    tty: true
+    stdin_open: true
+  mysql:
+    container_name: mysql
+    image: docker-registry.ispsystem.com/mysql:5
+    volumes:
+      - ./dummy_platform/opt/ispsystem/${PLATFORM_TYPE}/mysql:/var/lib/mysql
+    env_file:
+      - ./.env
+    labels:
+      autoconf_mysql: "true"
+    networks:
+      vm_box_net: null
+    command: --group-concat-max-len=131072 --max-connections=1000 --optimizer-search-depth=0
+
+networks:
+  vm_box_net:
+    name: vm_box_net
+    driver: bridge

isp_maintenance/apps/dci6/access/commands.py

@@ -1,12 +0,0 @@
-import click
-
-
-@click.group(help='access command for lazy example')
-@click.option('--debug/--no-debug', default=False)
-def cli(debug):
-    click.echo(f"Debug mode is {'on' if debug else 'off'}")
-
-
-@cli.command()
-def enable():
-    click.echo('Access granted')

isp_maintenance/apps/dci6/commands.py

@@ -1,13 +0,0 @@
-import click
-
-from core.cli.lazy_group import LazyGroup
-from settings.general import INSTALLED_APPS
-
-
-@click.group(
-    cls=LazyGroup,
-    lazy_subcommands=INSTALLED_APPS['dci6'],
-    help='dci6 command for lazy example',
-)
-def cli():
-    pass

isp_maintenance/apps/vm6/access/commands.py

@@ -1,24 +0,0 @@
-import click
-
-from db.vm6.databases import isp_database
-from db.vm6.models import AuthUser
-
-
-@click.group(help='access command for lazy example')
-def cli():
-    pass
-
-
-@cli.command(help='show all users and their roles on platform (DEMO EXAMPLE)')
-def users():
-    # check and init connection to db:
-    isp_database.connect()
-    # get all fields from auth_user table
-    # SELECT * FROM auth_user;
-    all_users = AuthUser.select()
-    # Iterate fields and print to console users' email and role
-    for user in all_users:
-        result = f'{user.email} | {user.roles[0]}'
-        click.echo(result)
-    # Close connection
-    isp_database.close()

isp_maintenance/apps/vm6/commands.py

@@ -1,12 +0,0 @@
-import click
-from core.cli.lazy_group import LazyGroup
-from settings.general import INSTALLED_APPS
-
-
-@click.group(
-    cls=LazyGroup,
-    lazy_subcommands=INSTALLED_APPS['vm6'],
-    help='vm6 command for lazy example',
-)
-def cli():
-    pass

isp_maintenance/apps/vm6/nodes/commands.py

@@ -1,13 +0,0 @@
-import click
-
-
-@click.group(help='nodes command for lazy example')
-def cli():
-    pass
-
-
-@cli.command(name='list')
-def nodes_list():
-    click.echo('NODES LIST: etc...')
-    for num in range(1, 10):
-        click.echo(num)

isp_maintenance/ispmgr.py

@@ -1,21 +0,0 @@
-#!/usr/bin/env python3
-# -*- coding: utf-8 -*-
-import click
-
-from core.cli.lazy_group import LazyGroup
-
-
-@click.group(
-    cls=LazyGroup,
-    lazy_subcommands={
-        'vm6': 'apps.vm6.commands.cli',
-        'dci6': 'apps.dci6.commands.cli',
-    },
-    help='main CLI command for lazy example',
-)
-def cli():
-    pass
-
-
-if __name__ == '__main__':
-    cli()

isp_maintenance/settings/platform.py

@@ -1,13 +0,0 @@
-from settings.environment import env
-from settings.general import BASE_DIR
-from utils.helpers import parse_json_file
-
-
-PLATFORM_TYPE = env.str('PLATFORM_TYPE', 'vm')
-
-PLATFORM_CONFIG = parse_json_file(f'{BASE_DIR}/config.json')
-
-PLATFORM_URL = env.url(
-    'PLATFORM_URL',
-    f"https://{PLATFORM_CONFIG.get('DomainName' ,'replace.me')}"
-)

mgrctl/__init__.py

@@ -0,0 +1,15 @@
+# █▀▄▀█ █▀▀ ▀█▀ ▄▀█ ▀
+# █░▀░█ ██▄ ░█░ █▀█ ▄
+# -- -- -- -- -- -- -
+__author__ = "MOIS3Y, a.garaev, Failak3, Ann_M"
+__credits__ = [
+    "Stepan Zhukovsky",
+    "Arthur Garaev",
+    "Vladislav Shmidt",
+    "Anna Moskovkina"
+]
+__license__ = "MIT"
+__version__ = "0.1.0"
+__maintainer__ = "Stepan Zhukovsky"
+__email__ = "stepan@zhukovsky.me"
+__status__ = "Development"

mgrctl/api/base.py

@@ -0,0 +1,140 @@
+import sys
+import json
+import click
+import urllib
+import requests
+
+from time import sleep
+
+from mgrctl.settings.api import (
+    API_URL,
+    API_HEADERS,
+    API_EMAIL,
+    API_PASSWORD,
+    API_VERIFY_SSL,
+    API_COUNT_TRY_CONNECTIONS
+)
+
+
+class BaseAPI(object):
+    def __init__(self):
+        """Announces required parameters"""
+        self.API_URL = API_URL
+        self.API_HEADERS = API_HEADERS
+        self.API_EMAIL = API_EMAIL
+        self.API_PASSWORD = API_PASSWORD
+        self.API_VERIFY_SSL = API_VERIFY_SSL
+        self.API_VERSION = 'v3'
+        self.API_DEFINITION = 'api'
+
+    def _gen_request_url(self, url):
+        return f'{self.API_URL}/{self.API_DEFINITION}/{self.API_VERSION}{url}'
+
+    def call_api(self, url, method='GET', headers={}, data={}):
+        attempt = API_COUNT_TRY_CONNECTIONS
+        while attempt:
+            try:
+                uri = self._gen_request_url(url)
+                headers = self.API_HEADERS if not headers else headers
+                params_str = urllib.parse.urlencode(data, safe="+'()")
+                if method == 'POST':
+                    api_request = requests.post(
+                        url=uri,
+                        json=data,
+                        headers=headers,
+                        verify=self.API_VERIFY_SSL
+                    )
+                if method == 'GET':
+                    uri = f'{uri}?{params_str}' if params_str else uri
+                    api_request = requests.get(
+                        url=uri,
+                        headers=headers,
+                        verify=self.API_VERIFY_SSL
+                    )
+            except Exception as error:
+                click.echo(f'Error: {type(error).__name__}')
+                sys.exit()
+
+            # Get response:
+            response = self._parse_response(api_request)
+
+            # Validate response:
+            if self._error_handler(response):
+                attempt -= 1
+                sleep(2)  # wait 2 second timeout
+                continue  # new attempt connection
+
+            return response
+
+    def _parse_response(self, api_request):
+        try:
+            response = json.loads(api_request.text)
+            return response
+        except json.decoder.JSONDecodeError:
+            click.echo('Error: Invalid API response')
+            raise sys.exit()
+
+    def _is_error(self, response):
+        if response.get('error'):
+            return True
+
+    def _is_error_3004(self, error):
+        if error.get('code') == 3004:
+            return True
+
+    def _error_handler(self, response):
+        if self._is_error(response):
+            error = response.get('error')
+            if self._is_error_3004(error):
+                return True
+            else:
+                click.echo(f'Error: API return {response}')
+                raise sys.exit()
+
+
+class BaseAuthAPI(BaseAPI):
+    def __init__(self):
+        super().__init__()
+        self.API_VERSION = 'v4'
+        self.API_DEFINITION = 'auth'
+
+    def get_auth_token(self, email=None, password=None) -> dict:
+        email = self.API_EMAIL if not email else email
+        password = self.API_PASSWORD if not password else password
+        return self.call_api(
+            url='/public/token',
+            method='POST',
+            data={'email': email, 'password': password}
+        )
+
+    def get_auth_key(self, token=None, user=None) -> dict:
+        headers = {}
+        user = self.API_EMAIL if not user else user
+        if token:
+            headers = self.make_auth_header(token)
+        return self.call_api(
+            url=f'/user/{user}/key',
+            method='POST',
+            headers=headers
+        )
+
+    def make_auth_header(self, token: str) -> dict:
+        return {'x-xsrf-token': token}
+
+    def whoami(self) -> dict:
+        return self.call_api(
+            url='/whoami',
+            method='GET'
+        )
+
+
+class BaseIpAPI(BaseAPI):
+    def __init__(self):
+        super().__init__()
+        self.API_DEFINITION = 'ip'
+
+
+class BaseDnsProxyAPI(BaseAPI):
+    def __init__(self):
+        super().__init__()
+        self.API_DEFINITION = 'dnsproxy'

mgrctl/api/dci6.py

@@ -0,0 +1,51 @@
+from mgrctl.api.base import BaseAPI, BaseAuthAPI, BaseDnsProxyAPI, BaseIpAPI
+
+
+class AuthAPI(BaseAuthAPI):
+    pass
+
+
+class BackupAPI(BaseAPI):
+    def __init__(self):
+        super().__init__()
+        self.API_VERSION = 'v4'
+        self.API_DEFINITION = 'backup'
+
+
+class DnsProxyAPI(BaseDnsProxyAPI):
+    pass
+
+
+class EserviceAPI(BaseAPI):
+    def __init__(self):
+        super().__init__()
+        self.API_DEFINITION = 'eservice'
+
+
+class IsoAPI(BaseAPI):
+    def __init__(self):
+        super().__init__()
+        self.API_DEFINITION = 'iso'
+
+
+class IpmiAPI(BaseAPI):
+    def __init__(self):
+        super().__init__()
+        self.API_DEFINITION = 'ipmiproxy'
+
+
+class IpAPI(BaseIpAPI):
+    pass
+
+
+class ReportAPI(BaseAPI):
+    def __init__(self):
+        super().__init__()
+        self.API_VERSION = 'v4'
+        self.API_DEFINITION = 'report'
+
+
+class UpdaterAPI(BaseAPI):
+    def __init__(self):
+        super().__init__()
+        self.API_DEFINITION = 'updater'

mgrctl/api/vm6.py

@@ -0,0 +1,19 @@
+from mgrctl.api.base import BaseAPI, BaseAuthAPI, BaseDnsProxyAPI, BaseIpAPI
+
+
+class AuthAPI(BaseAuthAPI):
+    pass
+
+
+class DnsProxyAPI(BaseDnsProxyAPI):
+    pass
+
+
+class IpAPI(BaseIpAPI):
+    pass
+
+
+class VmAPI(BaseAPI):
+    def __init__(self):
+        super().__init__()
+        self.API_DEFINITION = 'vm'

mgrctl/apps/__init__.py

@@ -0,0 +1,15 @@
+# █▀▄▀█ █▀▀ ▀█▀ ▄▀█ ▀
+# █░▀░█ ██▄ ░█░ █▀█ ▄
+# -- -- -- -- -- -- -
+__author__ = "MOIS3Y, a.garaev, Failak3, Ann_M"
+__credits__ = [
+    "Stepan Zhukovsky",
+    "Arthur Garaev",
+    "Vladislav Shmidt",
+    "Anna Moskovkina"
+]
+__license__ = "MIT"
+__version__ = "0.1.0"
+__maintainer__ = "Stepan Zhukovsky"
+__email__ = "stepan@zhukovsky.me"
+__status__ = "Development"

mgrctl/apps/dci6/__init__.py

@@ -0,0 +1,15 @@
+# █▀▄▀█ █▀▀ ▀█▀ ▄▀█ ▀
+# █░▀░█ ██▄ ░█░ █▀█ ▄
+# -- -- -- -- -- -- -
+__author__ = "MOIS3Y, a.garaev, Failak3, Ann_M"
+__credits__ = [
+    "Stepan Zhukovsky",
+    "Arthur Garaev",
+    "Vladislav Shmidt",
+    "Anna Moskovkina"
+]
+__license__ = "MIT"
+__version__ = "0.1.0"
+__maintainer__ = "Stepan Zhukovsky"
+__email__ = "stepan@zhukovsky.me"
+__status__ = "Development"

mgrctl/apps/dci6/auth/__init__.py

@@ -0,0 +1,10 @@
+# █▀▄▀█ █▀▀ ▀█▀ ▄▀█ ▀
+# █░▀░█ ██▄ ░█░ █▀█ ▄
+# -- -- -- -- -- -- -
+__author__ = "MOIS3Y"
+__credits__ = ["Stepan Zhukovsky"]
+__license__ = "MIT"
+__version__ = "0.1.0"
+__maintainer__ = "Stepan Zhukovsky"
+__email__ = "stepan@zhukovsky.me"
+__status__ = "Development"

mgrctl/apps/dci6/auth/commands.py

@@ -0,0 +1,99 @@
+import click
+
+from mgrctl.apps.dci6.auth import __version__
+from mgrctl.api.dci6 import AuthAPI
+from mgrctl.utils.api_users import UserAPI
+
+
+user_cursor = UserAPI(callback_class=AuthAPI)
+
+
+@click.group(help='auth cmd for auth in DCImanager 6')
+@click.version_option(
+    version=__version__,
+    package_name='mgrctl.apps.dci6.auth',
+    message=__version__
+)
+def cli():
+    pass
+
+
+@cli.group(help='Manage users')
+def user():
+    pass
+
+
+@user.command(help='List users')
+@click.option(
+    '--all',
+    is_flag=True,
+    required=False,
+    help='Show all users'
+)
+@click.option(
+    '--admins',
+    is_flag=True,
+    required=False,
+    help='Show all active admins',
+)
+def ls(all, admins):
+    if all:
+        users = user_cursor.get_users(role='all')
+    elif admins:
+        users = user_cursor.get_users(role='admin')
+    else:
+        users = user_cursor.get_users(role='all')
+    # print users:
+    user_cursor.echo_users(users)
+
+
+@user.command(
+    help='Generate an access key and return auth link(s)',
+    no_args_is_help=True
+)
+@click.option(
+    '--id',
+    '_id',
+    required=False,
+    type=int,
+    help='User id'
+)
+@click.option(
+    '--count',
+    required=False,
+    type=int,
+    help='Number of access keys generated',
+)
+@click.option(
+    '--random',
+    is_flag=True,
+    required=False,
+    help='Generate access key for the first available admin'
+)
+@click.option(
+    '--interactive',
+    is_flag=True,
+    required=False,
+    help='Interactive mode, ignores other keys'
+)
+def access(_id, count, interactive, random):
+    if _id and not count:
+        keys = user_cursor.get_access_keys(user=_id, count=1)
+    elif _id and count:
+        keys = user_cursor.get_access_keys(user=_id, count=count)
+    elif random:
+        admin = user_cursor.get_first_random_admin()
+        keys = user_cursor.get_access_keys(user=admin.get('id', 3))
+    elif interactive:
+        user_cursor.gen_access_links_interactive()
+        return  # exit from func
+    else:
+        pass
+    links = user_cursor.gen_access_links(keys)
+    user_cursor.echo_access_links(links)
+
+
+@user.command(help='Generate API token for mgrctl user')
+def token():
+    token = user_cursor.gen_api_token()
+    user_cursor.echo_api_token(token)

mgrctl/apps/dci6/commands.py

@@ -0,0 +1,13 @@
+import click
+
+from mgrctl.cli.lazy_group import LazyGroup
+from mgrctl.settings.general import INSTALLED_APPS
+
+
+@click.group(
+    cls=LazyGroup,
+    lazy_subcommands=INSTALLED_APPS['dci6'],
+    help='dci6 command for DCI6manager management',
+)
+def cli():
+    pass

mgrctl/apps/vm6/__init__.py

@@ -0,0 +1,15 @@
+# █▀▄▀█ █▀▀ ▀█▀ ▄▀█ ▀
+# █░▀░█ ██▄ ░█░ █▀█ ▄
+# -- -- -- -- -- -- -
+__author__ = "MOIS3Y, a.garaev, Failak3, Ann_M"
+__credits__ = [
+    "Stepan Zhukovsky",
+    "Arthur Garaev",
+    "Vladislav Shmidt",
+    "Anna Moskovkina"
+]
+__license__ = "MIT"
+__version__ = "0.1.0"
+__maintainer__ = "Stepan Zhukovsky"
+__email__ = "stepan@zhukovsky.me"
+__status__ = "Development"

mgrctl/apps/vm6/auth/__init__.py

@@ -0,0 +1,10 @@
+# █▀▄▀█ █▀▀ ▀█▀ ▄▀█ ▀
+# █░▀░█ ██▄ ░█░ █▀█ ▄
+# -- -- -- -- -- -- -
+__author__ = "MOIS3Y"
+__credits__ = ["Stepan Zhukovsky"]
+__license__ = "MIT"
+__version__ = "0.1.0"
+__maintainer__ = "Stepan Zhukovsky"
+__email__ = "stepan@zhukovsky.me"
+__status__ = "Development"

mgrctl/apps/vm6/auth/commands.py

@@ -0,0 +1,99 @@
+import click
+
+from mgrctl.apps.vm6.auth import __version__
+from mgrctl.api.vm6 import AuthAPI
+from mgrctl.utils.api_users import UserAPI
+
+
+user_cursor = UserAPI(callback_class=AuthAPI)
+
+
+@click.group(help='auth cmd for auth in VMmanager 6')
+@click.version_option(
+    version=__version__,
+    package_name='mgrctl.apps.vm6.auth',
+    message=__version__
+)
+def cli():
+    pass
+
+
+@cli.group(help='Manage users')
+def user():
+    pass
+
+
+@user.command(help='List users')
+@click.option(
+    '--all',
+    is_flag=True,
+    required=False,
+    help='Show all users'
+)
+@click.option(
+    '--admins',
+    is_flag=True,
+    required=False,
+    help='Show all active admins',
+)
+def ls(all, admins):
+    if all:
+        users = user_cursor.get_users(role='all')
+    elif admins:
+        users = user_cursor.get_users(role='admin')
+    else:
+        users = user_cursor.get_users(role='all')
+    # print users:
+    user_cursor.echo_users(users)
+
+
+@user.command(
+    help='Generate an access key and return auth link(s)',
+    no_args_is_help=True
+)
+@click.option(
+    '--id',
+    '_id',
+    required=False,
+    type=int,
+    help='User id'
+)
+@click.option(
+    '--count',
+    required=False,
+    type=int,
+    help='Number of access keys generated',
+)
+@click.option(
+    '--random',
+    is_flag=True,
+    required=False,
+    help='Generate access key for the first available admin'
+)
+@click.option(
+    '--interactive',
+    is_flag=True,
+    required=False,
+    help='Interactive mode, ignores other keys'
+)
+def access(_id, count, interactive, random):
+    if _id and not count:
+        keys = user_cursor.get_access_keys(user=_id, count=1)
+    elif _id and count:
+        keys = user_cursor.get_access_keys(user=_id, count=count)
+    elif random:
+        admin = user_cursor.get_first_random_admin()
+        keys = user_cursor.get_access_keys(user=admin.get('id', 3))
+    elif interactive:
+        user_cursor.gen_access_links_interactive()
+        return  # exit from func
+    else:
+        pass
+    links = user_cursor.gen_access_links(keys)
+    user_cursor.echo_access_links(links)
+
+
+@user.command(help='Generate API token for mgrctl user')
+def token():
+    token = user_cursor.gen_api_token()
+    user_cursor.echo_api_token(token)

mgrctl/apps/vm6/commands.py

@@ -0,0 +1,19 @@
+import click
+
+from mgrctl.cli.lazy_group import LazyGroup
+from mgrctl.settings.general import INSTALLED_APPS
+from mgrctl.apps.vm6 import __version__
+
+
+@click.group(
+    cls=LazyGroup,
+    lazy_subcommands=INSTALLED_APPS['vm6'],
+    help='vm6 command for VM6manager management',
+)
+@click.version_option(
+    version=__version__,
+    package_name='mgrctl',
+    message=__version__
+)
+def cli():
+    pass

mgrctl/db/connection.py

@@ -1,5 +1,5 @@
 from peewee import MySQLDatabase, PostgresqlDatabase
-from settings.db import (
+from mgrctl.settings.db import (
     DB_ENGINE,
     DB_HOST,
     DB_PORT,

mgrctl/db/dci6/databases.py

@@ -1,4 +1,4 @@
-from db.connection import guess_database
+from mgrctl.db.connection import guess_database
 
 
 # The variable will contain an object of

mgrctl/db/dci6/models.py

@@ -11,8 +11,8 @@ from peewee import (
     TextField,
     SQL
 )
-from db.common import UnknownField
-from db.dci6.databases import auth_database
+from mgrctl.db.common import UnknownField
+from mgrctl.db.dci6.databases import auth_database
 
 
 class BaseModel(Model):

mgrctl/db/vm6/databases.py

@@ -1,4 +1,4 @@
-from db.connection import guess_database
+from mgrctl.db.connection import guess_database
 
 
 # The variable will contain an object of

mgrctl/db/vm6/models.py

@@ -12,8 +12,8 @@ from peewee import (
     TextField,
     SQL
 )
-from db.common import UnknownField, JSONField
-from db.vm6.databases import isp_database
+from mgrctl.db.common import UnknownField, JSONField
+from mgrctl.db.vm6.databases import isp_database
 
 
 class BaseModel(Model):

mgrctl/mgrctl.py

@@ -0,0 +1,32 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+
+# █▀▄▀█ █▀▀ █▀█ █▀▀ ▀█▀ █░░ ▀
+# █░▀░█ █▄█ █▀▄ █▄▄ ░█░ █▄▄ ▄
+# -- -- -- -- -- -- -- -- --
+
+import click
+
+from mgrctl import __version__
+from mgrctl.cli.lazy_group import LazyGroup
+
+
+@click.group(
+    cls=LazyGroup,
+    lazy_subcommands={
+        'vm6': 'mgrctl.apps.vm6.commands.cli',
+        'dci6': 'mgrctl.apps.dci6.commands.cli',
+    },
+    help='main CLI command for mgrctl app',
+)
+@click.version_option(
+    version=__version__,
+    package_name='mgrctl',
+    message=__version__
+)
+def cli():
+    pass
+
+
+if __name__ == '__main__':
+    cli()

mgrctl/settings/__init__.py

@@ -1,12 +1,12 @@
-from settings.general import BASE_DIR
+from mgrctl.settings.general import BASE_DIR
 
-from settings.platform import (
+from mgrctl.settings.platform import (
     PLATFORM_TYPE,
     PLATFORM_URL,
     PLATFORM_CONFIG
 )
 
-from settings.db import(
+from mgrctl.settings.db import(
     DB_ENGINE,
     DB_HOST,
     DB_PORT,

mgrctl/settings/api.py

@@ -0,0 +1,47 @@
+from requests.packages import urllib3
+
+from mgrctl.settings.environment import env
+from mgrctl.settings.platform import (
+    PLATFORM_TYPE,
+    PLATFORM_VERIFY_SSL,
+    PLATFORM_VERIFY_SSL_WARNING,
+    PLATFORM_DUMMY,
+    PLATFORM_DUMMY_API_URL,
+    PLATFORM_DUMMY_EMAIL,
+    PLATFORM_DUMMY_PASSWORD,
+    PLATFORM_DUMMY_TOKEN,
+)
+
+# Name of nginx container:
+API_INPUT_HOSTNAME = 'input' if PLATFORM_TYPE == 'vm' else 'dci_input_1'
+
+# Port that nginx container is listening:
+API_INPUT_PORT = '1500'
+
+# Internal API url:
+API_URL = f'http://{API_INPUT_HOSTNAME}:{API_INPUT_PORT}'
+
+# Headers for internal auth:
+API_HEADERS = {"Internal-Auth": "on", "Accept": "application/json"}
+
+# Alias for import:
+API_VERIFY_SSL = PLATFORM_VERIFY_SSL
+
+# API 3004 Unavailable error handler:
+API_COUNT_TRY_CONNECTIONS = env.int('API_COUNT_TRY_CONNECTIONS', 3)
+
+# Suppress warning from urllib3:
+if not PLATFORM_VERIFY_SSL_WARNING:
+    # ! This is not recommended,
+    # ! the user will not see a message about an untrusted SSL connection
+    urllib3.disable_warnings(
+        category=urllib3.exceptions.InsecureRequestWarning
+    )
+
+# Development mode:
+if PLATFORM_DUMMY:
+    API_URL = PLATFORM_DUMMY_API_URL
+    API_HEADERS = {'x-xsrf-token': PLATFORM_DUMMY_TOKEN}
+
+API_EMAIL = PLATFORM_DUMMY_EMAIL
+API_PASSWORD = PLATFORM_DUMMY_PASSWORD

mgrctl/settings/db.py

@@ -1,5 +1,5 @@
-from settings.environment import env
-from settings.platform import PLATFORM_CONFIG
+from mgrctl.settings.environment import env
+from mgrctl.settings.platform import PLATFORM_CONFIG
 
 
 # ! Required because some instance use psql db:

mgrctl/settings/general.py

@@ -6,10 +6,9 @@ BASE_DIR = pathlib.Path(__file__).resolve().parent.parent
 
 INSTALLED_APPS = {
     'vm6': {
-        'access': 'apps.vm6.access.commands.cli',
-        'nodes': 'apps.vm6.nodes.commands.cli',
+        'auth': 'mgrctl.apps.vm6.auth.commands.cli',
     },
     'dci6': {
-        'access': 'apps.dci6.access.commands.cli',
+        'auth': 'mgrctl.apps.dci6.auth.commands.cli',
     },
 }

mgrctl/settings/platform.py

@@ -0,0 +1,41 @@
+from mgrctl.settings.environment import env
+from mgrctl.utils.helpers import parse_json_file
+
+
+PLATFORM_TYPE = env.str('PLATFORM_TYPE', 'vm')
+
+PLATFORM_VERIFY_SSL = env.bool('PLATFORM_VERIFY_SSL', True)
+PLATFORM_VERIFY_SSL_WARNING = env.bool('PLATFORM_VERIFY_SSL_WARNING', True)
+
+PLATFORM_CONFIG = env.str(
+    'PLATFORM_CONFIG',
+    f'/opt/ispsystem/{PLATFORM_TYPE}/config.json'
+)
+
+PLATFORM_CONFIG = parse_json_file(PLATFORM_CONFIG)
+
+PLATFORM_URL = env.str(
+    'PLATFORM_URL',
+    f"https://{PLATFORM_CONFIG.get('DomainName' ,'replace.me')}"
+)
+
+# Development mode:
+PLATFORM_DUMMY = env.bool('PLATFORM_DUMMY', False)
+
+if PLATFORM_TYPE == 'vm':
+    PLATFORM_DUMMY_API_URL = env.str('PLATFORM_DUMMY_VM6_API_URL', '')
+    PLATFORM_DUMMY_EMAIL = env.str('PLATFORM_DUMMY_VM6_EMAIL', '')
+    PLATFORM_DUMMY_PASSWORD = env.str('PLATFORM_DUMMY_VM6_PASSWORD', '')
+    PLATFORM_DUMMY_TOKEN = env.str('PLATFORM_DUMMY_VM6_TOKEN', '')
+elif PLATFORM_TYPE == 'dci':
+    PLATFORM_DUMMY_API_URL = env.str('PLATFORM_DUMMY_DCI6_API_URL', '')
+    PLATFORM_DUMMY_EMAIL = env.str('PLATFORM_DUMMY_DCI6_EMAIL', '')
+    PLATFORM_DUMMY_PASSWORD = env.str('PLATFORM_DUMMY_DCI6_PASSWORD', '')
+    PLATFORM_DUMMY_TOKEN = env.str('PLATFORM_DUMMY_DCI6_TOKEN', '')
+else:
+    # ? guarantees that constants exist for import
+    # ? if the user has set the wrong PLATFORM_TYPE:
+    PLATFORM_DUMMY_API_URL = env.str('PLATFORM_DUMMY_API_URL', '')
+    PLATFORM_DUMMY_EMAIL = env.str('PLATFORM_DUMMY_EMAIL', '')
+    PLATFORM_DUMMY_PASSWORD = env.str('PLATFORM_DUMMY_PASSWORD', '')
+    PLATFORM_DUMMY_TOKEN = env.str('PLATFORM_DUMMY_TOKEN', '')

mgrctl/utils/api_users.py

@@ -0,0 +1,92 @@
+import click
+from tabulate import tabulate
+
+from mgrctl.settings.platform import PLATFORM_URL
+
+
+class UserAPI(object):
+    def __init__(self, callback_class):
+        """Announces required parameters"""
+        self.callback_class = callback_class
+        self.callback = callback_class()
+
+    def get_users(self, role: str) -> list:
+        data = {}
+        if role == 'admin':
+            data = {"where": "((roles+CP+'%@admin%')+AND+(state+EQ+'active'))"}
+        response = self.callback.call_api(
+            url='/user',
+            method='GET',
+            data=data
+        )
+        users = self._extract_users(users=response)
+        return users
+
+    def _extract_users(self, users: dict) -> list:
+        return users.get('list', [])
+
+    def _format_users(self, users: list) -> list:
+        output = []
+        for user in users:
+            output.append({
+                'id': user.get('id', ''),
+                'email': user.get('email', ''),
+                'roles': user.get('roles', []),
+                'state': user.get('state', ''),
+                # add more fields here...
+            })
+        return output
+
+    def get_first_random_admin(self):
+        users = self.get_users(role='admin')
+        admin = {}
+        for user in users:
+            if '@admin' in user.get('roles', []):
+                admin = user
+                break
+        return admin
+
+    def echo_users(self, users: list) -> None:
+        output = self._format_users(users)
+        click.echo(tabulate(output, headers='keys'))
+
+    def get_access_keys(self, user, count=1):
+        keys = []
+        while count >= 1:
+            count -= 1
+            key = self.callback.get_auth_key(user=user)
+            check = key.get('key', '')
+            if check:
+                keys.append(key)
+        return keys
+
+    def gen_access_links(self, keys: list) -> list:
+        links = []
+        for key in keys:
+            _id = key.get('id', '')
+            link = f"{PLATFORM_URL}/auth/key/{key.get('key', '')}"
+            links.append({'id': _id, 'link': link})
+        return links
+
+    def echo_access_links(self, links: list) -> None:
+        click.echo(tabulate(links, headers='keys'))
+
+    def gen_access_links_interactive(self) -> None:
+        users = self.get_users(role='admin')
+        self.echo_users(users)
+        try:
+            click.echo('Choose user id and count of keys')
+            _id = int(input('User ID: '))
+            count = int(input('Count of keys: '))
+            keys = self.get_access_keys(user=_id, count=count)
+            links = self.gen_access_links(keys)
+            self.echo_access_links(links)
+        except ValueError:
+            click.echo('Error: Invalid, value is not a valid integer')
+
+    def gen_api_token(self, email=None, password=None):
+        token = self.callback.get_auth_token(email, password)
+        return token
+
+    def echo_api_token(self, token: dict) -> None:
+        click.echo(tabulate([token], headers='keys'))

mgrctl/utils/helpers.py

@@ -1,8 +1,9 @@
 import json
 import sys
+import click
 
 
-def parse_json_file(file_path): 
+def parse_json_file(file_path: str) -> dict:
     """
     Function read json file as usual config.json then parse it to python dict
 
@@ -16,5 +17,7 @@ def parse_json_file(file_path):
         with open(file_path, 'r') as f:
             return json.load(f)
     except Exception as error:
-        print(error)
+        click.echo(error)
+        click.echo("Required: /opt/ispsystem/PLATFORM_TYPE/config.json")
+        click.echo("Note: don't forget to mount this file into the container")
         sys.exit(1)

poetry.lock

@@ -1066,6 +1066,17 @@ files = [
 cryptography = ">=2.0"
 jeepney = ">=0.6"
 
+[[package]]
+name = "sh"
+version = "2.0.7"
+description = "Python subprocess replacement"
+optional = false
+python-versions = "<4.0,>=3.8.1"
+files = [
+    {file = "sh-2.0.7-py3-none-any.whl", hash = "sha256:2f2f79a65abd00696cf2e9ad26508cf8abb6dba5745f40255f1c0ded2876926d"},
+    {file = "sh-2.0.7.tar.gz", hash = "sha256:029d45198902bfb967391eccfd13a88d92f7cebd200411e93f99ebacc6afbb35"},
+]
+
 [[package]]
 name = "shellingham"
 version = "1.5.4"
@@ -1077,6 +1088,20 @@ files = [
     {file = "shellingham-1.5.4.tar.gz", hash = "sha256:8dbca0739d487e5bd35ab3ca4b36e11c4078f3a234bfce294b0a0291363404de"},
 ]
 
+[[package]]
+name = "tabulate"
+version = "0.9.0"
+description = "Pretty-print tabular data"
+optional = false
+python-versions = ">=3.7"
+files = [
+    {file = "tabulate-0.9.0-py3-none-any.whl", hash = "sha256:024ca478df22e9340661486f85298cff5f6dcdba14f3813e8830015b9ed1948f"},
+    {file = "tabulate-0.9.0.tar.gz", hash = "sha256:0095b12bf5966de529c0feb1fa08671671b3368eec77d7ef7ab114be2c068b3c"},
+]
+
+[package.extras]
+widechars = ["wcwidth"]
+
 [[package]]
 name = "tomlkit"
 version = "0.12.3"
@@ -1238,4 +1263,4 @@ testing = ["big-O", "jaraco.functools", "jaraco.itertools", "more-itertools", "p
 [metadata]
 lock-version = "2.0"
 python-versions = "^3.11"
-content-hash = "8c1b8d4cae2524776d0d04253f6067ca4a2282d0681677df78afbc5437b0dea5"
+content-hash = "ae5af366753982ef73f90fc9f4d59b03db4fb597e31bd88f445423837288f3e1"

pyproject.toml

@@ -1,8 +1,13 @@
 [tool.poetry]
-name = "isp-maintenance"
+name = "mgrctl"
 version = "0.1.0"
 description = "Maintenance service for ISPsystem platforms"
-authors = ["MOIS3Y <s.zhukovskii@ispsystem.com>", "Failak3 <v.shmidt@ispsystem.com>", "a.garaev <a.garaev@ispsystem.com>", "Ann_M <a.moskovkina@ispsystem.com>"]
+authors = [
+    "MOIS3Y <s.zhukovskii@ispsystem.com>",
+    "Failak3 <v.shmidt@ispsystem.com>",
+    "a.garaev <a.garaev@ispsystem.com>",
+    "Ann_M <a.moskovkina@ispsystem.com>"
+]
 license = "MIT"
 readme = "README.md"
 
@@ -14,11 +19,15 @@ requests = "^2.31.0"
 environs = "^10.3.0"
 pymysql = {extras = ["rsa"], version = "^1.1.0"}
 poetry-plugin-export = "^1.6.0"
+sh = "^2.0.7"
+tabulate = "^0.9.0"
 
 [tool.poetry.group.dev.dependencies]
 flake8 = "^7.0.0"
 
+[tool.poetry.scripts]
+mgrctl = 'mgrctl.mgrctl:cli'
+
 [build-system]
 requires = ["poetry-core"]
 build-backend = "poetry.core.masonry.api"
-

requirements.txt

@@ -500,9 +500,15 @@ requests==2.31.0 ; python_version >= "3.11" and python_version < "4.0" \
 secretstorage==3.3.3 ; python_version >= "3.11" and python_version < "4.0" and sys_platform == "linux" \
     --hash=sha256:2403533ef369eca6d2ba81718576c5e0f564d5cca1b58f73a8b23e7d4eeebd77 \
     --hash=sha256:f356e6628222568e3af06f2eba8df495efa13b3b63081dafd4f7d9a7b7bc9f99
+sh==2.0.7 ; python_version >= "3.11" and python_version < "4.0" \
+    --hash=sha256:029d45198902bfb967391eccfd13a88d92f7cebd200411e93f99ebacc6afbb35 \
+    --hash=sha256:2f2f79a65abd00696cf2e9ad26508cf8abb6dba5745f40255f1c0ded2876926d
 shellingham==1.5.4 ; python_version >= "3.11" and python_version < "4.0" \
     --hash=sha256:7ecfff8f2fd72616f7481040475a65b2bf8af90a56c89140852d1120324e8686 \
     --hash=sha256:8dbca0739d487e5bd35ab3ca4b36e11c4078f3a234bfce294b0a0291363404de
+tabulate==0.9.0 ; python_version >= "3.11" and python_version < "4.0" \
+    --hash=sha256:0095b12bf5966de529c0feb1fa08671671b3368eec77d7ef7ab114be2c068b3c \
+    --hash=sha256:024ca478df22e9340661486f85298cff5f6dcdba14f3813e8830015b9ed1948f
 tomlkit==0.12.3 ; python_version >= "3.11" and python_version < "4.0" \
     --hash=sha256:75baf5012d06501f07bee5bf8e801b9f343e7aac5a92581f20f80ce632e6b5a4 \
     --hash=sha256:b0a645a9156dc7cb5d3a1f0d4bab66db287fcb8e0430bdd4664a095ea16414ba

scripts/devtools/cli/__init__.py

@@ -0,0 +1,10 @@
+# █▀▄▀█ █▀▀ ▀█▀ ▄▀█ ▀
+# █░▀░█ ██▄ ░█░ █▀█ ▄
+# -- -- -- -- -- -- -
+__author__ = "MOIS3Y"
+__credits__ = ["Stepan Zhukovsky"]
+__license__ = "MIT"
+__version__ = "0.1.0"
+__maintainer__ = "Stepan Zhukovsky"
+__email__ = "stepan@zhukovsky.me"
+__status__ = "Development"

scripts/devtools/cli/builder.py

@@ -0,0 +1,50 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+import click
+import sh
+
+from .lazy_group import LazyGroup
+from .utils import abort_if_false
+from . import settings
+
+
+@click.group()
+def cli1():
+    pass
+
+
+@click.group(
+    cls=LazyGroup,
+    lazy_subcommands={'docker-compose': 'cli.builder.docker_compose'},
+)
+def cli2():
+    pass
+
+
+@click.group(help='cmd for build/destroy project in docker containers')
+def docker_compose():
+    pass
+
+
+@docker_compose.command(help='cmd for build project in docker containers')
+def build():
+    with sh.contrib.sudo(password=settings.SUDO_PASSWORD, _with=True):
+        sh.docker_compose('-f', settings.COMPOSE_FILE, 'build', _fg=True)
+
+
+@docker_compose.command(help='cmd for destroy project in docker containers')
+@click.option(
+    '--yes',
+    is_flag=True,
+    callback=abort_if_false,
+    expose_value=False,
+    prompt='Are you sure you want to destroy docker containers')
+def destroy():
+    with sh.contrib.sudo(password=settings.SUDO_PASSWORD, _with=True):
+        sh.docker_compose('-f', settings.COMPOSE_FILE, 'down',  _fg=True)
+
+
+cli = click.CommandCollection(
+    sources=[cli1, cli2],
+    help='cmd for building the project'
+)

scripts/devtools/cli/lazy_group.py

@@ -0,0 +1,39 @@
+import importlib
+import click
+
+
+class LazyGroup(click.Group):
+    def __init__(self, *args, lazy_subcommands=None, **kwargs):
+        super().__init__(*args, **kwargs)
+        # lazy_subcommands is a map of the form:
+        #
+        #   {command-name} -> {module-name}.{command-object-name}
+        #
+        self.lazy_subcommands = lazy_subcommands or {}
+
+    def list_commands(self, ctx):
+        base = super().list_commands(ctx)
+        lazy = sorted(self.lazy_subcommands.keys())
+        return base + lazy
+
+    def get_command(self, ctx, cmd_name):
+        if cmd_name in self.lazy_subcommands:
+            return self._lazy_load(cmd_name)
+        return super().get_command(ctx, cmd_name)
+
+    def _lazy_load(self, cmd_name):
+        # lazily loading a command,
+        # first get the module name and attribute name
+        import_path = self.lazy_subcommands[cmd_name]
+        modname, cmd_object_name = import_path.rsplit(".", 1)
+        # do the import
+        mod = importlib.import_module(modname)
+        # get the Command object from that module
+        cmd_object = getattr(mod, cmd_object_name)
+        # check the result to make debugging easier
+        if not isinstance(cmd_object, click.BaseCommand):
+            raise ValueError(
+                f"Lazy loading of {import_path} failed by returning "
+                "a non-command object"
+            )
+        return cmd_object

scripts/devtools/cli/runner.py

@@ -0,0 +1,57 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+import click
+import sh
+
+from .lazy_group import LazyGroup
+from . import settings
+
+
+@click.group()
+def cli1():
+    pass
+
+
+@click.group(
+    cls=LazyGroup,
+    lazy_subcommands={'docker-compose': 'cli.runner.docker_compose'},
+)
+def cli2():
+    pass
+
+
+@click.group(help='cmd for run/stop/restart project in docker containers')
+def docker_compose():
+    pass
+
+
+@docker_compose.command(help='cmd for run project docker containers')
+def up():
+    with sh.contrib.sudo(password=settings.SUDO_PASSWORD, _with=True):
+        sh.docker_compose('-f', settings.COMPOSE_FILE, 'up', '-d', _fg=True)
+
+
+@docker_compose.command(help='cmd for down project docker containers')
+def down():
+    with sh.contrib.sudo(password=settings.SUDO_PASSWORD, _with=True):
+        sh.docker_compose('-f', settings.COMPOSE_FILE, 'down', _fg=True)
+
+
+@docker_compose.command(help='cmd for restart project docker containers')
+def restart():
+    with sh.contrib.sudo(password=settings.SUDO_PASSWORD, _with=True):
+        sh.docker_compose(
+            '-f',
+            settings.COMPOSE_FILE,
+            'up',
+            '-d',
+            '--build',
+            '--force-recreate',
+            _fg=True
+        )
+
+
+cli = click.CommandCollection(
+    sources=[cli1, cli2],
+    help='cmd for running the project standalone or docker-compose'
+)

scripts/devtools/cli/settings.py

@@ -0,0 +1,18 @@
+import pathlib
+from environs import Env
+
+
+# Path:
+ROOT_DIR = pathlib.Path(__file__).resolve().parent.parent.parent.parent
+PROJECT_DIR = ROOT_DIR / 'mgrctl'
+COMPOSE_FILE = ROOT_DIR / 'docker-compose.yml'
+
+# Init environment:
+env = Env()
+
+# read .env file, if it exists
+# reed more about .env file here: https://github.com/sloria/environs
+env.read_env(path=ROOT_DIR / '.env')
+
+# ! insecure save sudo password wherever
+SUDO_PASSWORD = env.str('SUDO_PASSWORD', None)

scripts/devtools/cli/utils.py

@@ -0,0 +1,15 @@
+import click
+
+from . import __version__
+
+
+def print_version(ctx, param, value):
+    if not value or ctx.resilient_parsing:
+        return
+    click.echo(__version__)
+    ctx.exit()
+
+
+def abort_if_false(ctx, param, value):
+    if not value:
+        ctx.abort()

scripts/devtools/dev.py

@@ -0,0 +1,30 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+import click
+
+from cli.lazy_group import LazyGroup
+from cli.utils import print_version
+
+
+@click.group(
+    cls=LazyGroup,
+    lazy_subcommands={
+        'builder': 'cli.builder.cli',
+        'runner': 'cli.runner.cli',
+    },
+    help='dev.py CLI tool for dev actions',
+)
+@click.option(
+    '--version',
+    is_flag=True,
+    callback=print_version,
+    expose_value=False,
+    is_eager=True,
+    help='Print version and exit'
+)
+def cli():
+    pass
+
+
+if __name__ == '__main__':
+    cli()

scripts/gogo/gogo.sh

@@ -0,0 +1,466 @@
+#!/usr/bin/env bash
+
+# █▀▀ █▀█ █▀▀ █▀█ ▀
+# █▄█ █▄█ █▄█ █▄█ ▄
+# -- -- -- -- -- --
+
+# INIT GLOBAL VARIABLES:
+_VERSION="0.1.0"
+_SCRIPT_NAME="$0"
+_GO_CMD="go3"
+_DEBUG_MODE=false
+
+_CONFIG_DIR="${HOME}/.config/gogo"
+_CONFIG="${_CONFIG_DIR}/gogo.conf"
+
+_IS_TTY=false
+_IS_SSH_ONLY=false
+_IS_MGRCTL_ARGS=false
+_MGRCTL_ARGS=""
+_MGRCTL_BIN="mgrctl"
+_MGRCTL_CMD=""
+_MGRCTL_RUN=""
+_MGRCTL_KEY=""
+
+_PLATFORM_TYPE=""
+_PLATFORM_GENERATION=6
+_PLATFORM_SSH_PORT=22
+_PLATFORM_WEB_PORT=443
+_PLATFORM_IP_ADDR=""
+_PLATFORM_CONFIG_FILE=""
+_PLATFORM_NETWORK_NAME=""
+
+_SSH_CONNECT_CMD=""
+_SSH_REMOTE_CMD=""
+
+_ACCESS_LINK=""
+
+
+# Colorize output
+# Usage - $(colorize CYAN "Hello, friend!")
+colorize() {
+	local RED="\033[0;31m"
+	local GREEN="\033[0;32m"  # <-- [0 means not bold
+	local YELLOW="\033[1;33m" # <-- [1 means bold
+	local BLUE="\033[0;34m"
+	local MAGNETA="\033[0;35"
+	local CYAN="\033[1;36m"
+	# ... Add more colors if you like
+
+	local NC="\033[0m" # No Color
+
+	# printf "${(P)1}${2} ${NC}\n" # <-- zsh
+	# printf "${!1}${2} ${NC}\n"   # <-- bash
+	echo -e "${!1}${2}${NC}"       # <-- all-purpose
+}
+
+
+# Print help message how used it script
+help() {
+	# colorize value
+	local script=$(colorize GREEN "$_SCRIPT_NAME")
+	local required=$(colorize RED "required")
+	# help message
+	printf "Usage: $script [options [parameters]]                         \n"
+	printf "                                                              \n"
+	printf "Examples:                                                     \n"
+	printf "                                                              \n"
+	printf "./gogo.sh --init | init config file                           \n"
+	printf "./gogo.sh --crt  | get ssh certificate for go3 connections    \n"
+	printf "                                                              \n"
+	printf "./gogo.sh --bill my.example.com                               \n"
+	printf "./gogo.sh --vm 0.0.0.0 --ssh | only ssh access                \n"
+	printf "./gogo.sh --vm 0.0.0.0 --tty | use mgrctl interactive         \n"
+	printf "                                                              \n"
+	printf "./gogo.sh --dci 0.0.0.0 --mgrctl user access --id 3 --count 5 \n"
+	printf "./gogo.sh --dci 0.0.0.0 --mgrctl user ls --admins             \n"
+	printf "./gogo.sh --dci 0.0.0.0 --mgrctl user --help                  \n"
+	printf "./gogo.sh --vm 0.0.0.0 --port 22122 --mgrctl user ls --admins \n"
+	printf "./gogo.sh --dns ns1.example.com --web-port 1501               \n"
+	printf "./gogo.sh --dns ns1.example.com --port 22122 --web-port 1501  \n"
+	printf "./gogo.sh --bill my.example.com --port 22 --web-port 1501     \n"
+	printf "                                                              \n"
+	printf "Options:                                                      \n"
+	printf "                                                              \n"
+	printf " --vm[dci|bill|dns|ip] expected ip_addr             $required \n"
+	printf " --port     | -p       ssh port,   default 22                 \n"
+	printf " --web-port | -wp      web port,   default 443                \n"
+	printf " --go/--go3            go version, default go3                \n"
+	printf " --tty                 for vm6/dci6 echo cmd for run container\n"
+	printf " --mgrctl [args]       for vm6/dci6 customize access params   \n"
+	printf "                                                              \n"
+	printf " --init     | -i  generate configuration                      \n"
+	printf " --crt      | -c  generate ssh cert                           \n"
+	printf " --version  | -v  print version                               \n"
+	printf " --help     | -h  print this message and exit                 \n"
+}
+
+# Ask confirmation user if No - exit with 1 state
+continue_handler() {
+	read -p "Continue? (Y/N): " confirm \
+	&& [[ $confirm == [yY] || $confirm == [yY][eE][sS] ]] || exit 1
+}
+
+# Init script configuration file:
+init_config() {
+	# Lables:
+	local warning=$(colorize RED "WARNING! ")
+	local success=$(colorize GREEN "SUCCESS! ")
+	local script_name=$(colorize GREEN "${_SCRIPT_NAME}")
+	# check if config file exists:
+	if [ -f $_CONFIG ]; then
+		echo "${warning}: Config file is already exists"
+		echo "New initialization rewrites current config"
+		continue_handler
+	fi
+	# get user unputs:
+	read -p "Enter go server address: "            _GO_SERVER_ADDR
+	read -p "Enter vault server address: "         _VAULT_SERVER_ADDR
+	read -p "Enter username: "                     _SSH_PRIVATE_KEY_USER
+	read -p "Enter full path to ssh private key: " _SSH_PRIVATE_KEY_PATH
+	read -p "Enter full path to ssh public key: "  _SSH_PUBLIC_KEY_PATH
+	read -p "Enter full path to ssh certificate: " _SSH_CRT_FILE
+	read -p "Enter mgrctl image name: "            _MGRCTL_IMAGE
+	# save config:
+	mkdir -p $_CONFIG_DIR
+	cat << EOF > "${_CONFIG}"
+GO_SERVER_ADDR=$_GO_SERVER_ADDR
+VAULT_SERVER_ADDR=$_VAULT_SERVER_ADDR
+SSH_PRIVATE_KEY_USER=$_SSH_PRIVATE_KEY_USER
+SSH_PRIVATE_KEY_PATH=$_SSH_PRIVATE_KEY_PATH
+SSH_PUBLIC_KEY_PATH=$_SSH_PUBLIC_KEY_PATH
+SSH_CRT_FILE=$_SSH_CRT_FILE
+MGRCTL_IMAGE=$_MGRCTL_IMAGE
+DEBUG_MODE=false
+EOF
+	echo "${success}: Config file was created, run ${script_name} again"
+}
+
+
+# Read config file that contains key=value params
+load_config() {
+	local file="$_CONFIG"
+
+	if ! [ -f $_CONFIG ]; then
+		help
+		local warning=$(colorize RED "WARNING!")
+		echo ""
+		echo "${warning} Config file doesn't exist"
+		echo "Init new config: ${_CONFIG}"
+		continue_handler
+		init_config
+	fi
+	
+	while IFS="=" read -r key value; do
+		case "$key" in
+			"GO_SERVER_ADDR") 
+				_GO_SERVER_ADDR="$value"
+				;;
+			"VAULT_SERVER_ADDR") 
+				_VAULT_SERVER_ADDR="$value"
+				;;
+			"SSH_PRIVATE_KEY_USER")
+				_SSH_PRIVATE_KEY_USER="$value"
+				;;
+			"SSH_PRIVATE_KEY_PATH")
+				_SSH_PRIVATE_KEY_PATH="$value"
+				;;
+			"SSH_PUBLIC_KEY_PATH")
+				_SSH_PUBLIC_KEY_PATH="$value"
+				_VAULT_SSH_PUBLIC_KEY="@$value"  # @ sybol is important
+				;;
+			"SSH_CRT_FILE")
+				_SSH_CRT_FILE="$value"
+				;;
+			"MGRCTL_IMAGE")
+				_MGRCTL_IMAGE="$value"
+				;;
+			"DEBUG_MODE")
+				_DEBUG_MODE="$value"
+				;;
+		esac
+	done < "$file"
+}
+
+# Generate key for coremgr based platrorms access link:
+gen_random_key() {
+	_MGRCTL_KEY=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1)
+}
+
+
+gen_coremgr_access_params() {
+	# get opt name:
+	local opt=$1
+	# gen access key:
+	gen_random_key
+	# fill current parametrs:
+	_PLATFORM_TYPE=$(sed 's~[^[:alpha:]/]\+~~g' <<< "$opt")
+	_PLATFORM_GENERATION=5
+	_MGRCTL_BIN="/usr/local/mgr5/sbin/mgrctl"
+	_MGRCTL_ARGS="-m ${_PLATFORM_TYPE}mgr session.newkey key=$_MGRCTL_KEY"	
+
+	# override _PLATFORM_GENERATION for bill6 or dns6
+	if [[ $opt == "--bill" ]] || [[ $opt == "--dns" ]]; then
+		_PLATFORM_GENERATION=6
+	fi
+	# override _MGRCTL_BIN _MGRCTL_ARGS for dns6
+	if [[ $opt == "--dns" ]]; then
+		_MGRCTL_BIN="/opt/ispsystem/${_PLATFORM_TYPE}manager6/sbin/mgrctl"
+		_MGRCTL_ARGS="-m ${_PLATFORM_TYPE}mgr session.newkey key=$_MGRCTL_KEY"	
+	fi
+}
+
+
+gen_docker_access_params(){
+	# get opt name:
+	local opt=$1
+	# fill current parametrs:
+	_PLATFORM_TYPE=$(sed 's~[^[:alpha:]/]\+~~g' <<< "$opt")
+	_PLATFORM_GENERATION=6
+	_PLATFORM_CONFIG_FILE="/opt/ispsystem/${_PLATFORM_TYPE}/config.json"
+	# set platform docker network name:
+	if [[ $_PLATFORM_TYPE == "vm" ]]; then
+		_PLATFORM_NETWORK_NAME="vm_vm_box_net"
+	else
+		_PLATFORM_NETWORK_NAME="dci_auth"
+	fi
+}
+
+
+gen_ssh_connect_cmd(){
+	# get params:
+	local go_server="${_GO_SERVER_ADDR}"
+	local go_cmd="${_GO_CMD}"
+	local address="${_PLATFORM_IP_ADDR}"
+	local port="${_PLATFORM_SSH_PORT}"
+	local key_path="${_SSH_PRIVATE_KEY_PATH}"
+	local key_user="${_SSH_PRIVATE_KEY_USER}"
+	local ssh_args="${key_user}@${go_server} ${go_cmd} ${address} -p ${port}"
+	# generate cmd:
+	_SSH_CONNECT_CMD="ssh -A -t -i ${key_path} ${ssh_args}"
+}
+
+
+gen_ssh_remote_cmd() {
+	# ? VMmanager6 || DCImanager6:
+	if [[ $_PLATFORM_TYPE == "vm" ]] || \
+		[[ $_PLATFORM_TYPE == "dci" ]] && \
+		[[ $_PLATFORM_GENERATION -eq 6 ]]; then
+		# use default mgrctl cmd if not set args:
+		if [ -z "${_MGRCTL_ARGS}" ]; then
+			_MGRCTL_ARGS="${_PLATFORM_TYPE}6 auth user access --random"
+			_MGRCTL_CMD="${_MGRCTL_BIN} ${_MGRCTL_ARGS}"
+		else
+			_MGRCTL_CMD="${_MGRCTL_BIN} ${_PLATFORM_TYPE}6 ${_MGRCTL_ARGS}"
+		fi
+		# silent mode:
+		local hide_output=">> /dev/null"
+		if $_DEBUG_MODE; then
+			hide_output=""
+		fi
+		# image:
+		local image=${_MGRCTL_IMAGE}
+		# docker cmd:
+		local docker_bin="/usr/bin/docker"
+		local docker_pull="${docker_bin} pull ${image} ${hide_output}"
+		local docker_rm="${docker_bin} image rm -f ${image} ${hide_output}"
+		local docker_run="${docker_bin} run"
+		# mount config:
+		local mount_src="source=${_PLATFORM_CONFIG_FILE}"
+		local mount_trg="target=${_PLATFORM_CONFIG_FILE}"
+		local mount_opt="type=bind,${mount_src},${mount_trg},readonly"
+		local mount="--mount ${mount_opt}"
+		# network config:
+		local network="--network=${_PLATFORM_NETWORK_NAME}"
+		# environment config:
+		local envs="-e PLATFORM_TYPE=${_PLATFORM_TYPE}"
+		# container args:
+		local args="${_MGRCTL_CMD}"
+		# mgrctl container params:
+		local container="${network} ${mount} ${envs} --rm ${image} ${args}"
+		# docker commands:
+		local cmd="${docker_pull} && ${docker_run} ${container} && ${docker_rm}"
+		# final cmd:
+		_SSH_REMOTE_CMD="${cmd}"
+		# set cmd for manual start container:
+		if $_IS_TTY; then
+			# override parammetrs if DEBUG_MODE=false add -it flag:
+			docker_pull="${docker_bin} pull ${image}"
+			docker_rm="${docker_bin} image rm -f ${image}"
+			container="${network} ${mount} ${envs} --rm -i -t ${image}"
+			cmd="${docker_pull} && ${docker_run} ${container} && ${docker_rm}"
+			_MGRCTL_RUN="${cmd}"
+		fi
+	# ? BILLmanager6 ||  DNSmanager6 || IP/DNS/DCI/VMmanager5:
+	else 
+		# final cmd:
+		_SSH_REMOTE_CMD="${_MGRCTL_BIN} ${_MGRCTL_ARGS}"
+		echo_access_link
+	fi
+}
+
+
+gen_access_link() {
+	local url="https://${_PLATFORM_IP_ADDR}"
+	local port="${_PLATFORM_WEB_PORT}"
+	local platform="${_PLATFORM_TYPE}mgr"
+	local func="func=auth&key=${_MGRCTL_KEY}"
+	_ACCESS_LINK="${url}:${port}/${platform}?${func}"
+}
+
+
+echo_access_link() {
+	gen_access_link
+	echo "mgr    link"
+	echo "-----  -------------------------------------------------------------"
+	echo "${_PLATFORM_TYPE}${_PLATFORM_GENERATION}  ${_ACCESS_LINK}"
+	echo ""
+}
+
+echo_mgrctl_run_msg() {
+	echo "--------------------------------------------------------------------"
+	echo "To run the mgrctl container manually on the client server:" 
+	echo "copy and paste the command into the terminal."
+	echo "This will download the image and run the container interactively."
+	echo "After exiting the container and its image will be deleted."
+	echo "--------------------------------------------------------------------"
+	echo "${_MGRCTL_RUN}"
+	echo "--------------------------------------------------------------------"
+}
+
+
+get_access() {
+	gen_ssh_connect_cmd
+	if $_IS_SSH_ONLY; then
+		# run connection:
+		$_SSH_CONNECT_CMD
+	else
+		gen_ssh_remote_cmd
+		# run connection send remote cmd:
+		$_SSH_CONNECT_CMD "${_SSH_REMOTE_CMD}"
+		if [[ $_PLATFORM_TYPE == "vm" ]] || \
+			[[ $_PLATFORM_TYPE == "dci" ]] && \
+			[[ $_PLATFORM_GENERATION -eq 6 ]] && \
+			$_IS_TTY; then
+			echo_mgrctl_run_msg
+		fi
+		# use default mgrctl cmd if not set args:
+		# run connection again for ssh tty session:
+		$_SSH_CONNECT_CMD
+	fi
+}
+
+
+get_vault_crt() {
+	local public_key=$1
+	local crt_file=$2
+	vault login -method=oidc
+	if [ ! -f $crt_file ]; then
+		touch $crt_file
+	fi
+	vault write -field=signed_key ssh/sign/support \
+	public_key=$public_key valid_principals=root > $crt_file
+}
+
+
+set_ssh_agent() {
+	local secret_key=$1
+	ssh-add -D
+	ssh-add $secret_key
+}
+
+
+renewal_crt() {
+	export VAULT_ADDR=$_VAULT_SERVER_ADDR
+	get_vault_crt $_VAULT_SSH_PUBLIC_KEY $_SSH_CRT_FILE
+	set_ssh_agent $SSH_PRIVATE_KEY_PATH
+}
+
+
+# Parse user options
+optparser() {
+	# count user-passed options:
+	local count_options=$#
+	# run help if empty and exit:
+	if [[ count_options -eq 0 ]]; then
+		help
+		exit 2
+	fi
+	# parse opts:
+	while [ ! -z "$1" ]; do
+		case "$1" in
+			--vm|--dci)
+				gen_docker_access_params "$1"
+				shift
+				_PLATFORM_IP_ADDR="$1"
+				;;
+			--bill|--dns|--bill5|--ip5|--dns5|--vm5|--dci5)
+				gen_coremgr_access_params "$1"
+				shift
+				_PLATFORM_IP_ADDR="$1"
+				;;
+			--port|-p)
+				shift
+				_PLATFORM_SSH_PORT="$1"
+				;;
+			--web-port|-wp)
+				shift
+				_PLATFORM_WEB_PORT="$1"
+				;;
+			--go|--go3)
+				_GO_CMD=$(sed 's~[^[:alnum:]/]\+~~g' <<< "$1")
+				;;
+			--mgrctl|--tty|--ssh)
+				if [[ "$1" == "--mgrctl" ]]; then
+					_IS_MGRCTL_ARGS=true
+					shift
+					_MGRCTL_ARGS=$@
+				elif [[ "$1" == "--tty" ]]; then
+					if $_IS_MGRCTL_ARGS; then
+						local error=$(colorize RED "ERROR!")
+						echo "${error} $1 must be in before --mgrctl not after"
+						exit 1
+					fi
+					_IS_TTY=true
+				elif [[ "$1" == "--ssh" ]]; then
+					_IS_SSH_ONLY=true
+				fi
+				;;
+			--init|-i)
+				init_config
+				exit 0
+				;;
+			--crt|-c)
+				renewal_crt
+				exit 0
+				;;
+			--help|-h)
+				help
+				exit 0
+				;;
+			--version|-v)
+				printf "$_VERSION\n"
+				exit 0
+				;;
+			*)
+				if ! $_IS_MGRCTL_ARGS; then
+					help
+					exit 1
+				fi
+				;;
+		esac
+	shift
+	done
+}
+
+
+# Entrypoint:
+main() {
+	load_config
+	optparser $@
+	get_access
+}
+
+
+# RUN IT:
+main $@