bubblev
/
bubble-flexrouter
4
0
Разклонения 0
Код Задачи 0 Заявки за сливане 0 Версии 0 Уики Activity
Bubble proxy service
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
111 Ревизии
1 Клон
972 KiB
ИН на ревизия: 5118e91203
Клонове Маркери
${ item.name }
Create branch ${ searchTerm }
от '5118e91203'
${ noResults }
bubble-flexrouter/flex_init.sh

flex_init.sh 4.1 KiB
Директен файл Normal View История

fix windows route management and dns config, add utility scripts, add release script and instructions
преди 4 години
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126 
  1. #!/bin/bash

  2. #

  3. # Utility to initialize a bubble-flexrouter.

  4. #

  5. # Note: Initialization requires the `htpasswd` program to be installed, to compute the bcrypted password

  6. #

  7. # Usage:

  8. #

  9. #      flex_init.sh [-f|--force] [-b|--bcrypt] [flex-password-env-var]

  10. #

  11. #   -f or --force         : Recreate token file, password file and SSH key, even if present

  12. #

  13. #   -b or --bcrypt        : If set, this means that the contents of the flex-password-env-var

  14. #                           is a bcrypted password, not a plaintext password

  15. #

  16. #   flex-password-env-var : Name of environment variable containing password to bcrypt and write to password file

  17. #                           Default value is BUBBLE_FR_PASS

  18. #                           Ignored if password file already exists and -f / --force was not specified

  19. #

  20. #   The init command will create the following files:

  21. #      ${HOME}/.bfr_pass       # the bcrypted password

  22. #      ${HOME}/.bfr_token      # the flex router token

  23. #      ${HOME}/.ssh/flex.pub   # the SSH public key

  24. #      ${HOME}/.ssh/flex       # the SSH private key

  25. #

  26. 

  27. function die {

  28.   echo 1>&2 "${1}"

  29.   exit 1

  30. }

  31. 

  32. function rand_string() {

  33.   LEN=${1:-50}

  34.   cat /dev/random | strings | tr -d [[:space:]] | head -c ${LEN}

  35. }

  36. 

  37. function write_ssh_key() {

  38.   KEY_FILE="${1}"

  39.   KEY_DIR="$(dirname ${KEY_FILE})"

  40.   if [[ ! -d "${KEY_DIR}" ]] ; then

  41.     mkdir -p "${KEY_DIR}" && chmod 700 ${KEY_DIR} || die "Error creating SSH key directory: ${KEY_DIR}"

  42.   fi

  43.   ssh-keygen -t rsa  -q -N '' -C 'bubble-flexrouter' -f ${KEY_FILE} || die "Error generating SSH key: ${KEY_FILE}"

  44. }

  45. 

  46. echo "Initializing flex-router"

  47. 

  48. FORCE=0

  49. DO_BCRYPT=1

  50. 

  51. while [[ ! -z "${1}" && ${1} == -* ]] ; then

  52.   if [[ ${1} == "--force" || ${1} == "-f" ]] ; then

  53.     FORCE=1

  54.     shift

  55.   elif [[ ${1} == "--bcrypt" || ${1} == "-b" ]] ; then

  56.     DO_BCRYPT=0

  57.     shift

  58.   else

  59.     die "Only allowed options are: --force / -f and --bcrypt / -b"

  60.   fi

  61. done

  62. 

  63. BFR_PASSWORD_FILE="${HOME}/.bfr_pass"

  64. BFR_TOKEN_FILE="${HOME}/.bfr_token"

  65. BFR_SSH_KEY_FILE="${HOME}/.ssh/flex"

  66. 

  67. WRITE_PASS=0

  68. if [[ -s ${BFR_PASSWORD_FILE} ]] ; then

  69.   if [[ ${FORCE} -eq 1 ]] ; then

  70.     echo "Password file exists but -f / --force was set, overwriting: ${BFR_PASSWORD_FILE}"

  71.     WRITE_PASS=1

  72.   else

  73.     echo "Password file exists, not overwriting: ${BFR_PASSWORD_FILE}"

  74.   fi

  75. else

  76.   WRITE_PASS=1

  77. fi

  78. 

  79. if [[ ${WRITE_PASS} -eq 1 ]] ; then

  80.   if [[ $DO_BCRYPT -eq 1 ]] ; then

  81.     if [[ -z "$(which htpasswd)" ]] ; then

  82.       die "htpasswd command not found, cannot bcrypt password"

  83.     fi

  84.   fi

  85.   BFR_PASSWORD_VAR="${1}"

  86.   if [[ -z "${BFR_PASSWORD_VAR}" ]] ; then

  87.     BFR_PASSWORD_VAR="BUBBLE_FR_PASS"

  88.   fi

  89.   BFR_PASSWORD="${!BFR_PASSWORD_VAR}"

  90.   if [[ -z "${BFR_PASSWORD}" ]] ; then

  91.     die "Environment variable ${BFR_PASSWORD_VAR} was not defined or was empty"

  92.   fi

  93.   if [[ $DO_BCRYPT -eq 1 ]] ; then

  94.     echo "$(htpasswd -nbBC 12 USER "${BFR_PASSWORD}" | awk -F ':' '{print $2}')" > ${BFR_PASSWORD_FILE} || die "Error writing password file"

  95.   else

  96.     echo "${BFR_PASSWORD}" > ${BFR_PASSWORD_FILE} || die "Error writing password file"

  97.   fi

  98.   chmod 600 ${BFR_PASSWORD_FILE} || die "Error setting permission on password file: ${BFR_PASSWORD_FILE}"

  99.   echo "Wrote bcrypted password to ${BFR_PASSWORD_FILE}"

  100. fi

  101. 

  102. if [[ -s ${BFR_TOKEN_FILE} ]] ; then

  103.   if [[ ${FORCE} -eq 0 ]] ; then

  104.     echo "Token file exists, not overwriting: ${BFR_TOKEN_FILE}"

  105.   else

  106.     echo "Token file exists but -f / --force was set, overwriting: ${BFR_TOKEN_FILE}"

  107.     echo "$(rand_string)" > "${BFR_TOKEN_FILE}"

  108.   fi

  109. else

  110.   echo "Token file not found or empty, creating: ${BFR_TOKEN_FILE}"

  111.   echo "$(rand_string)" > "${BFR_TOKEN_FILE}"

  112. fi

  113. chmod 600 ${BFR_TOKEN_FILE} || die "Error setting permission on token file: ${BFR_TOKEN_FILE}"

  114. 

  115. if [[ -s ${BFR_SSH_KEY_FILE} ]] ; then

  116.   if [[ ${FORCE} -eq 0 ]] ; then

  117.     echo "SSH key file exists, not overwriting: ${BFR_SSH_KEY_FILE}"

  118.   else

  119.     rm -f ${BFR_SSH_KEY_FILE} ${BFR_SSH_KEY_FILE}.pub || die "Error removing existing key file: ${BFR_SSH_KEY_FILE} and ${BFR_SSH_KEY_FILE}.pub"

  120.     write_ssh_key ${BFR_SSH_KEY_FILE}

  121.   fi

  122. else

  123.   write_ssh_key ${BFR_SSH_KEY_FILE}

  124. fi

  125. 

  126. echo "Initialization completed successfully"