66 lines
3.1 KiB
Python
66 lines
3.1 KiB
Python
"""
|
|
Library for the CLI commands and the related classes and functions
|
|
"""
|
|
|
|
import click as cli
|
|
from custtypes import AnsibleScopes, VPS, VPSRegion, RootFate, UserName
|
|
from whereami import PROJ_ROOT, ANSIBLE_ROOTS
|
|
from servs import User
|
|
from pathlib import PurePath, Path
|
|
from sshkey import SSHKeyType
|
|
from ansible_vault import Vault
|
|
import yaml as yams
|
|
|
|
@cli.group()
|
|
@cli.option("-d", "--debug", type=bool, is_flag=True, default=False, help="Use debugging mode")
|
|
@cli.pass_context
|
|
def skansible(ctx, debug):
|
|
ctx.ensure_object(dict)
|
|
ctx.obj["DEBUG"] = debug
|
|
|
|
@skansible.command()
|
|
@cli.argument("api_key")
|
|
@cli.option("-s", "--vps", type=cli.Choice(VPS, case_sensitive=False), default="Linode", help="Set the type of VPS")
|
|
@cli.option("-r", "--region", type=cli.Choice(VPSRegion, case_sensitive=False), default="us_east", help="Set the VPS region")
|
|
@cli.option("-0", "--root", type=bool, is_flag=True, default=True, help="Declare root SSH login credentials")
|
|
@cli.option("-f", "--fate", type=cli.Choice(RootFate, case_sensitive=False), default="disposal", help="Choose the eventual fate of the root account")
|
|
@cli.option("-h", "--host", multiple=True, type=str, default="all", help="Specify what inventory host or group this is being set")
|
|
@cli.pass_context
|
|
def init(ctx, vps, region, root, fate, host, api_key):
|
|
if root:
|
|
password = cli.prompt("Please enter a password: ", type=str, hide_input=True, confirmation_prompt=True)
|
|
root = User(UserName.root.name.lower(), password)
|
|
pubkeys = root.ssh_keys.publish(SSHKeyType.pubkey.name.lower(), datatype=list)
|
|
pubkey_opts = map(lambda k: str(k), pubkeys)
|
|
chosen_pubkey = cli.prompt("Authorize one of the following SSH public keys: ", type=cli.Choice(pubkey_opts, case_sensitive=True), show_choices=True)
|
|
chosen_pubkey = Path(chosen_pubkey)
|
|
privkeys = root.ssh_keys.publish(SSHKeyType.privkey.name.lower(), datatype=list)[0]
|
|
chosen_privkey = tuple(filter(lambda k: k.stem == chosen_pubkey.stem, privkeys))[0]
|
|
|
|
inv_vars = []
|
|
for h in host:
|
|
inv_vars += list(ANSIBLE_ROOTS[AnsibleScopes.HOSTVARS.name.lower()].glob(h)) + list(ANSIBLE_ROOTS[AnsibleScopes.GROUPVARS.name.lower()].glob(h))
|
|
|
|
if len(inv_vars) > 0:
|
|
for p in inv_vars:
|
|
with open(str(p), "r+") as file:
|
|
content = yams.load(file.read(), Loader=yams.Loader)
|
|
|
|
if "vps_service" in content:
|
|
content["vps_service"]["exists"] = True
|
|
crypt_key = Vault(api_key)
|
|
content["vps_service"]["api_key"] = crypt_key.dump(api_key)
|
|
content["vps_service"]["type"] = vps.lower()
|
|
content["vps_service"]["region"] = region.replace("_", "-")
|
|
content["vps_service"]["root_fate"] = fate
|
|
crypt_key = Vault(root.password)
|
|
content["vps_service"]["password"] = crypt_key.dump(root.password)
|
|
else:
|
|
for h in host:
|
|
path = ANSIBLE_ROOTS[AnsibleScopes.GROUPVARS.name.lower()] / h
|
|
with open(str(path), "w") as file:
|
|
pass
|
|
|
|
if __name__ == "__main__":
|
|
skansible(obj={})
|