Mise à jour du script d'installation wg-portal #2

Merged
julien.escario merged 2 commits from julien into master 3 years ago
  1. 2
      foreman/altinea_puppet_install.sh
  2. 110
      wireguard/wgportal_peer_install.sh

2
foreman/altinea_puppet_install.sh

@ -20,4 +20,4 @@ echo "[agent]
listen = false listen = false
pluginsync = true pluginsync = true
report = true"> /etc/puppetlabs/puppet/puppet.conf report = true"> /etc/puppetlabs/puppet/puppet.conf
/opt/puppetlabs/bin/puppet resource service puppet ensure=running enable=true && source /etc/profile.d/puppet-agent.sh
/opt/puppetlabs/bin/puppet resource service puppet ensure=running enable=true

110
wireguard/wgportal_peer_install.sh

@ -3,6 +3,20 @@
# TODO : # TODO :
# - add root user detection # - add root user detection
# - verify curl output to prevent overwriting config file with an HTTP answer # - verify curl output to prevent overwriting config file with an HTTP answer
# - verify trailling slash existenz at the end of the URL param
VER=0.1
LOG_LEVEL_1=1
LOG_LEVEL_2=2
LOG_LEVEL_3=3
DEFAULT_LOG_LEVEL="$LOG_LEVEL_1"
DEBUG_LEVEL_1=1
DEBUG_LEVEL_2=2
DEBUG_LEVEL_3=3
DEBUG_LEVEL_DEFAULT=$DEBUG_LEVEL_1
DEBUG_LEVEL_NONE=0
_usage() { _usage() {
echo " echo "
@ -24,6 +38,67 @@ _version() {
printf "USE AT YOUR OWN RISK and read the code before\n" printf "USE AT YOUR OWN RISK and read the code before\n"
} }
_printargs() {
_exitstatus="$?"
if [ -z "$NO_TIMESTAMP" ] || [ "$NO_TIMESTAMP" = "0" ]; then
printf -- "%s" "[$(date)] "
fi
if [ -z "$2" ]; then
printf -- "%s" "$1"
else
printf -- "%s" "$1='$2'"
fi
printf "\n"
# return the saved exit status
return "$_exitstatus"
}
__debug_bash_helper() {
# At this point only do for --debug 3
if [ "${DEBUG:-$DEBUG_LEVEL_NONE}" -lt "$DEBUG_LEVEL_3" ]; then
return
fi
# Return extra debug info when running with bash, otherwise return empty
# string.
if [ -z "${BASH_VERSION}" ]; then
return
fi
# We are a bash shell at this point, return the filename, function name, and
# line number as a string
_dbh_saveIFS=$IFS
IFS=" "
# Must use eval or syntax error happens under dash. The eval should use
# single quotes as older versions of busybox had a bug with double quotes and
# eval.
# Use 'caller 1' as we want one level up the stack as we should be called
# by one of the _debug* functions
eval '_dbh_called=($(caller 1))'
IFS=$_dbh_saveIFS
eval '_dbh_file=${_dbh_called[2]}'
if [ -n "${_script_home}" ]; then
# Trim off the _script_home directory name
eval '_dbh_file=${_dbh_file#$_script_home/}'
fi
eval '_dbh_function=${_dbh_called[1]}'
eval '_dbh_lineno=${_dbh_called[0]}'
printf "%-40s " "$_dbh_file:${_dbh_function}:${_dbh_lineno}"
}
_debug() {
#  Log to file not implemented
# if [ "${LOG_LEVEL:-$DEFAULT_LOG_LEVEL}" -ge "$LOG_LEVEL_1" ]; then
# _log "$@"
# fi
# Sending log to syslog not implemented
# if [ "${SYS_LOG:-$SYSLOG_LEVEL_NONE}" -ge "$SYSLOG_LEVEL_DEBUG" ]; then
# _syslog "$SYSLOG_DEBUG" "$@"
# fi
if [ "${DEBUG:-$DEBUG_LEVEL_NONE}" -ge "$DEBUG_LEVEL_1" ]; then
_bash_debug=$(__debug_bash_helper)
_printargs "${_bash_debug}$@" >&2
fi
}
_startswith() { _startswith() {
_str="$1" _str="$1"
_sub="$2" _sub="$2"
@ -34,15 +109,20 @@ _download() {
[ -z "$WGPORTAL_URL" ] && printf "Please set wg-portal URL (see help)\n" && return 1 [ -z "$WGPORTAL_URL" ] && printf "Please set wg-portal URL (see help)\n" && return 1
[ -z "$WG_CONFFILE" ] && WG_CONFFILE=/etc/wireguard/wg0.conf [ -z "$WG_CONFFILE" ] && WG_CONFFILE=/etc/wireguard/wg0.conf
_debug "Using server: $WGPORTAL_URL"
trap 'stty echo; exit 99;' INT trap 'stty echo; exit 99;' INT
if [ -f $WG_CONFFILE -a "$OVERWRITE" != "on" ]; then
if [ -f $WG_CONFFILE ]; then
if [ "$__OVERWRITE" = "on" ]; then
_debug "File already exists but overwritting as requested"
else
printf "WARNING : Wireguard config file already exists\n" printf "WARNING : Wireguard config file already exists\n"
printf "Exiting now to prevent override of your actual parameters\n" printf "Exiting now to prevent override of your actual parameters\n"
printf "You can force config overwriting with :\n"
printf "OVERWRITE=on %s %s\n" "$0" "$_ARGS"
printf "You can force config overwriting with --overwrite parameter\n"
exit 1; exit 1;
fi fi
fi
printf "Username: " printf "Username: "
IFS= read -r username IFS= read -r username
@ -57,13 +137,18 @@ _download() {
IFS= read -r wgpubkey IFS= read -r wgpubkey
printf "\n" printf "\n"
HTTP_STATUS=$(curl -w "%{http_code}" -G -s -o $WG_CONFFILE --user $username:$password --data-urlencode "pkey=$wgpubkey" -X GET $WGPORTAL_URL"api/v1/provisioning/peer" -H "accept: text/plain")
WGPORTAL_APIURL=$WGPORTAL_URL"api/v1/provisioning/peer"
_debug "GET request to $WGPORTAL_APIURL"
HTTP_STATUS=$(curl -w "%{http_code}" -G -s -o $WG_CONFFILE --user $username:$password --data-urlencode "PublicKey=$wgpubkey" -X GET $WGPORTAL_APIURL -H "accept: text/plain")
res=$? res=$?
if [ "$res" != "0" ]; then if [ "$res" != "0" ]; then
echo "the curl command failed with: $res" echo "the curl command failed with: $res"
fi fi
[ $HTTP_STATUS -ne 200 ] && printf "Curl returned HTTP code %s\n" "$HTTP_STATUS" && exit 1
if [ $HTTP_STATUS -ne 200 ]; then
printf "Curl returned HTTP code %s\n" "$HTTP_STATUS"
exit 1;
fi
printf "WG config successfully download at %s\n" "$WG_CONFFILE" printf "WG config successfully download at %s\n" "$WG_CONFFILE"
} }
@ -97,6 +182,17 @@ _process() {
--install | -i) --install | -i)
_CMD="install" _CMD="install"
;; ;;
--debug)
if [ -z "$2" ] || _startswith "$2" "-"; then
DEBUG="$DEBUG_LEVEL_DEFAULT"
else
DEBUG="$2"
shift
fi
;;
--overwrite)
__OVERWRITE="on"
;;
*) *)
printf "Unknown parameter : %s\n" "$1" printf "Unknown parameter : %s\n" "$1"
return 1 return 1
@ -105,6 +201,10 @@ _process() {
shift 1 shift 1
done done
if [ ! "$_CMD" ]; then
printf "Nothing to do, please specify a command (see --help)\n"
fi
case "${_CMD}" in case "${_CMD}" in
download) download)
_download _download

Loading…
Cancel
Save