Merge branch 'master' of https://git.schuerz.at/public/myshellconfig
This commit is contained in:
commit
6f00a477d5
45 changed files with 1047 additions and 194 deletions
|
@ -35,16 +35,16 @@
|
|||
sdiff = !"git diff && git submodule foreach 'git diff'"
|
||||
spush = push --recurse-submodules=on-demand
|
||||
supdate = submodule update --remote --merge
|
||||
pushup = "!gitbranchname() { git symbolic-ref --short HEAD; }; gitpushupstream() { git push --set-upstream origin `gitbranchname`; }; gitpushupstream"
|
||||
permission-reset = !git diff -p -R --no-ext-diff --no-color | grep -E \"^(diff|(old|new) mode)\" --color=never | git apply
|
||||
[merge]
|
||||
conflictstyle = diff3
|
||||
tool = vimdiff
|
||||
[mergetool]
|
||||
prompt = false
|
||||
|
||||
[alias]
|
||||
pushup = "!gitbranchname() { git symbolic-ref --short HEAD; }; gitpushupstream() { git push --set-upstream origin `gitbranchname`; }; gitpushupstream"
|
||||
|
||||
[include]
|
||||
path = ~/.gitconfig_local
|
||||
[status]
|
||||
submodulesummary = 1
|
||||
[pull]
|
||||
rebase = true
|
||||
|
|
1
.gitignore
vendored
1
.gitignore
vendored
|
@ -7,7 +7,6 @@ logs
|
|||
*.swp
|
||||
*.orig
|
||||
serverconfig.local.conf
|
||||
bashrc_local
|
||||
.local_scripts
|
||||
.git-token
|
||||
.last_update_submodules
|
||||
|
|
3
.gitmodules
vendored
3
.gitmodules
vendored
|
@ -58,3 +58,6 @@
|
|||
[submodule "vim/pack/plugins/start/vim-gnupg"]
|
||||
path = vim/pack/plugins/start/vim-gnupg
|
||||
url = https://github.com/jamessan/vim-gnupg
|
||||
[submodule "vim/pack/plugins/start/vim-soa"]
|
||||
path = vim/pack/plugins/start/vim-soa
|
||||
url = https://git.schuerz.at/public/vim-soa.git
|
||||
|
|
32
PS1
32
PS1
|
@ -18,23 +18,12 @@ set_label() {
|
|||
|
||||
# Labels: remote, tmpconfig, screen...
|
||||
if [ ! -z ${SSH_TTY:+x} ]; then
|
||||
# oritinal
|
||||
#LABEL="${LABEL} \[$On_IRed\]\[$BBlack\]remote\[$Color_Off\]"
|
||||
# use with echo ${LABEL@P}
|
||||
#LABEL="${LABEL} \[$On_IRed\]remote\[$Color_Off\]"
|
||||
# use with echo -e ${LABEL}
|
||||
LABEL="${LABEL} ${On_IRed}${BBlack}remote${Color_Off}"
|
||||
fi
|
||||
if $SSHS ; then
|
||||
# oritinal
|
||||
#LABEL="${LABEL} \[$On_IWhite\]\[$BBlack\]tmpconfig\[$Color_Off\]"
|
||||
# use with echo ${LABEL@P}
|
||||
#LABEL="${LABEL} \[$On_IWhite\]\[$BBlack\]tmpconfig\[$Color_Off\]"
|
||||
# use with echo -e ${LABEL}
|
||||
LABEL="${LABEL} ${On_IWhite}${BBlack}tmpconfig${Color_Off}"
|
||||
fi
|
||||
echo -e ${LABEL}
|
||||
#echo ${LABEL@P}
|
||||
}
|
||||
|
||||
if [ -x "/usr/bin/getsyssubvol" ]; then
|
||||
|
@ -138,20 +127,7 @@ case "$TERM" in
|
|||
*) SCREEN="";;
|
||||
esac
|
||||
|
||||
# Labels: remote, tmpconfig, screen...
|
||||
# if [ ! -z ${SSH_TTY:+x} ]; then
|
||||
# LABEL="${LABEL} \[$On_IRed\]\[$BBlack\]remote\[$Color_Off\]"
|
||||
# fi
|
||||
# if $SSHS ; then
|
||||
# LABEL="${LABEL} \[$On_IWhite\]\[$BBlack\]tmpconfig\[$Color_Off\]"
|
||||
# fi
|
||||
|
||||
# Base prompt
|
||||
# if [ "`id -u`" -eq 0 ]; then
|
||||
# PS1="\[$BRed\]$SCREEN\u@\h \[$BRed\]\[\e[m\]\[$IPurple\](\A)\[\e[m\]$LABEL\n\[$BRed\]${SYSSUBVOL}\w:\$(parse_git_branch) \[\e[m\]\[$BRed\]# "
|
||||
# else
|
||||
# PS1="\[$BIBlue\]$SCREEN\u@\h \[$BIBlue\]\[\e[m\]\[$IPurple\](\A)\[\e[m\]$LABEL\n\[$BIBlue\]${SYSSUBVOL}\w:\$(parse_git_branch) \[\e[m\]\[$BIBlue\]\$ "
|
||||
# fi
|
||||
if [ "`id -u`" -eq 0 ]; then
|
||||
PS1="\[$BRed\]$SCREEN\u@\h \[$BRed\]\[\e[m\]\[$IPurple\](\A)\[\e[m\]\$(set_label)\n\[$BRed\]${SYSSUBVOL}\w:\$(parse_git_branch) \[\e[m\]\[$BRed\]# "
|
||||
else
|
||||
|
@ -161,14 +137,6 @@ case "$TERM" in
|
|||
RETVALN0="\342\234\227 "
|
||||
;;
|
||||
*)
|
||||
# Labels: remote, tmpconfig, screen...
|
||||
# if [ ! -z ${SSH_TTY:+x} ]; then
|
||||
# LABEL="${LABEL} \[$On_Red\]\[$BWhite\]remote\[$Color_Off\]"
|
||||
# fi
|
||||
# if $SSHS ; then
|
||||
# LABEL="${LABEL} \[$On_White\]\[$BBlack\]tmpconfig\[$Color_Off\]"
|
||||
# fi
|
||||
|
||||
# Base prompt
|
||||
if [ "`id -u`" -eq 0 ]; then
|
||||
PS1="\[$BRed\][$SYSSUBVOL]\u@\h \[$BIBlue\]\[\e[m\]\[$BIPurple\](\A)\[\e[m\]\[$BBlue\]\$(set_label)\n\[$BRed\]${SYSSUBVOL}\w:\$(parse_git_branch) \$ \[\e[m\]\[$Blue\]"
|
||||
|
|
9
aliases
9
aliases
|
@ -13,6 +13,9 @@ alias cdlastfiledir='cd $(history -p \!\!:$:h)'
|
|||
#alias ssh='function f() { trap "reset; stty sane; tput rs1; clear; echo -e \"\033c\"" EXIT ; ssh $@; }; f $@'
|
||||
alias s='sshs $(history -p \!ssh:$:t)'
|
||||
alias sexit='ssh -O exit $(history -p \!ssh:$:t)'
|
||||
alias remountshared='sudo systemctl restart media-remote-sharefs-userdata.mount'
|
||||
alias umountshared='sudo systemctl stop media-remote-sharefs-userdata.mount'
|
||||
alias musictag='python3 -m music_tag'
|
||||
|
||||
|
||||
|
||||
|
@ -123,12 +126,16 @@ alias o='less -r'
|
|||
alias totem='VDPAU_DRIVER=va_gl totem'
|
||||
alias unetbootin='export QT_X11_NO_MITSHM=1 unetbootin'
|
||||
alias vi='/usr/bin/vim'
|
||||
#alias vi='/usr/bin/vimx'
|
||||
#alias vi='which vimx > /dev/null && vimx || vim'
|
||||
alias vlc='VDPAU_DRIVER=va_gl vlc'
|
||||
alias tmux='tmux -f ~/.tmux.conf'
|
||||
alias youtube-dl-whole-video="youtube-dl -i --no-overwrites --write-description --write-info-json --write-annotations --write-all-thumbnails -f 'mp4' -o '%(title)s-%(id)s.%(ext)s' -w -c "
|
||||
alias youtube-dl-audio-only="youtube-dl -i --no-overwrites --write-description --write-info-json --write-annotations --write-all-thumbnails -x -o '%(title)s-%(id)s.%(ext)s' -w -c "
|
||||
alias youtube-dl-whole-video-to-playlistdir="youtube-dl -i --no-overwrites --write-description --write-info-json --write-annotations --write-all-thumbnails -f 'mp4' -o '%(uploader)s/%(playlist)s/%(title)s-%(id)s.%(ext)s' -w -c "
|
||||
alias youtube-dl-whole-user="youtube-dl -i --no-overwrites --yes-playlist --write-description --write-info-json --write-annotations --write-all-thumbnails -f 'mp4' -o '%(uploader)s/%(playlist)s/%(title)s-%(id)s.%(ext)s' -w -c "
|
||||
alias youtube-dl-whole-playlist="youtube-dl -i --no-overwrites --yes-playlist --write-description --write-info-json --write-annotations --write-all-thumbnails -f 'mp4' -o '%(playlist)s/%(title)s-%(id)s.%(ext)s' -w -c "
|
||||
alias youtube-dl-whole-playlist-audio-only="youtube-dl -i --no-overwrites --yes-playlist --write-description --write-info-json --write-annotations --write-all-thumbnails -x -o '%(playlist)s/%(title)s-%(id)s.%(ext)s' -w -c "
|
||||
alias youtube-dl-mp4-best="youtube-dl -i --no-overwrites --yes-playlist --write-description --write-info-json --write-annotations --write-all-thumbnails -f 'mp4' -o '%(title)s-%(id)s.%(ext)s' -w -c "
|
||||
|
||||
# rock64
|
||||
|
@ -184,6 +191,7 @@ alias nextcloud-upgrade='docker-compose down && docker image rm nc_app:latest nc
|
|||
|
||||
#--- JIRA ---
|
||||
alias gojiralib='cd /opt/atlassian/jira/atlassian-jira/WEB-INF/lib/'
|
||||
alias gojiraclasses='cd /opt/atlassian/jira/atlassian-jira/WEB-INF/classes/'
|
||||
alias gojirainstall='cd /opt/atlassian/jira/'
|
||||
alias gojirahome='cd /var/atlassian/application-data/jira/'
|
||||
alias gojiralog='cd /var/atlassian/application-data/jira/log'
|
||||
|
@ -191,6 +199,7 @@ alias tailjra='cd /var/atlassian/application-data/jira/log; tail -F atlassian-ji
|
|||
|
||||
#--- CONFLUENCE ---
|
||||
alias gocnflib='cd /opt/atlassian/confluence/confluence/WEB-INF/lib/'
|
||||
alias gocnfclasses='cd /opt/atlassian/confluence/confluence/WEB-INF/classes/'
|
||||
alias gocnfinstall='cd /opt/atlassian/confluence/'
|
||||
alias gocnfhome='cd /var/atlassian/application-data/confluence/'
|
||||
alias gocnflog='cd /var/atlassian/application-data/confluence/logs'
|
||||
|
|
20
bash_completion.d/deploypvp
Normal file
20
bash_completion.d/deploypvp
Normal file
|
@ -0,0 +1,20 @@
|
|||
function _scppvpconfig() {
|
||||
CONFIG_DIRS=(~/.config/scppvp.d)
|
||||
KEYS=""
|
||||
for KEY_DIR in ${CONFIG_DIRS[*]};do
|
||||
KEYS="${KEYS} $(find ${CONFIG_DIRS[*]} -type f -name "*.conf" -exec basename {} \; 2>/dev/null |sed 's/\.conf$//' )"
|
||||
done
|
||||
echo $KEYS
|
||||
|
||||
}
|
||||
|
||||
function _scppvpfiles() {
|
||||
COMPREPLY=()
|
||||
local CUR KEYS
|
||||
CUR="${COMP_WORDS[COMP_CWORD]}"
|
||||
KEYS=$(_scppvpconfig)
|
||||
COMPREPLY=( $(compgen -W "${KEYS}" -- ${CUR}) )
|
||||
return 0
|
||||
}
|
||||
complete -F _scppvpfiles scppvp deploypvp
|
||||
|
14
bash_completion.d/trashmail
Normal file
14
bash_completion.d/trashmail
Normal file
|
@ -0,0 +1,14 @@
|
|||
#!/bin/bash
|
||||
|
||||
function _trashmail() {
|
||||
COMPREPLY=()
|
||||
local CUR KEYS
|
||||
CUR="${COMP_WORDS[COMP_CWORD]}"
|
||||
KEYS=$(ldapsearch -LLL -Z -H ldap://${LDAP_HOST_DEFAULT} -D ${LDAP_ADMIN_BIND_DN} -x -w $(pass ${PASS_ID_LDAP_ADMIN}|head -n 1) -b ou=mailaccounts,dc=schuerz,dc=at '(&(dcAccountStatus=active)(objectClass=dcExternalMailAccount))' dcSubMailAddress|grep "^dcSubMailAddress"|awk '{print $2}')
|
||||
COMPREPLY=( $(compgen -W "${KEYS}" -- ${CUR}) )
|
||||
return 0
|
||||
}
|
||||
complete -F _trashmail trashmail
|
||||
|
||||
|
||||
|
22
bashrc_add
22
bashrc_add
|
@ -11,7 +11,6 @@
|
|||
|
||||
# set some variables to defaults, if not set in .bashrc
|
||||
[ -z ${SSHS+x} ] && export SSHS=false
|
||||
[ -z ${STARTTMUX+x} ] && export STARTTMUX=false
|
||||
|
||||
# check if we are a interactive shell
|
||||
# https://guide.bash.academy/expansions/
|
||||
|
@ -68,8 +67,13 @@ if [[ $- = *i* ]] ; then
|
|||
# load logging functions
|
||||
. ${MSC_BASE}/logging
|
||||
|
||||
# PKCS11_MODULE for etoken/smartcard authentification
|
||||
[ -n "$(whereis p11-kit-proxy.so|awk '{print $2}')" ] && PKCS11_MODULE=$(whereis p11-kit-proxy.so|awk '{print $2}')
|
||||
# P11M for etoken/smartcard authentification
|
||||
|
||||
# which dnf >/dev/null 2>&1 [ -z "${P11M+x}" ] && P11M="$(dnf repoquery --installed -l p11-kit | grep \/p11-kit-proxy.so\$ | head -1)"
|
||||
# which dpkg >/dev/null 2>&1 && [ -z "${P11M+x}" ] && P11M="$(dpkg -L p11-kit-modules|grep \/p11-kit-proxy.so\$ | head -1)"
|
||||
|
||||
[ -z "${PKCS11_MODULE:+x}" ] && [ -n "$(whereis p11-kit-proxy.so|awk '{print $2}')" ] && export PKCS11_MODULE=$(whereis p11-kit-proxy.so|awk '{print $2}' || { echo "p11-kit-proxy not installed, unset KCS11_MODULE"; unset PKCS11_MODULE; })
|
||||
[ -z "${P11M:+x}" ] && [ -n "$(whereis p11-kit-proxy.so|awk '{print $2}')" ] && export P11M=$(whereis p11-kit-proxy.so|awk '{print $2}' || { echo "p11-kit-proxy not forwarded by ssh or installed, unset P11M"; unset P11M; })
|
||||
|
||||
# Basics
|
||||
[ -z "${VISUAL+x}" ] && export VISUAL=vim
|
||||
|
@ -100,7 +104,7 @@ EOF
|
|||
fi
|
||||
else
|
||||
local seconds=$(( $( date --date="@$(stat --printf %Y ${MSC_GIT_UPD_REPO_STATFILE} 2>/dev/null || echo 0 )" "+%s") - $(date --date="${MSC_GIT_REPO_UPDATE_INTERVALL-${MSC_GIT_REPO_UPDATE_INTERVALL_DEFAULT}} hours ago" "+%s") ))
|
||||
logwarn "sync-intervall (${MSC_GIT_REPO_UPDATE_INTERVALL-${MSC_GIT_REPO_UPDATE_INTERVALL_DEFAULT}} hours) not reached yet. $((seconds/86400)) days $(date -d "1970-01-01 + $seconds seconds" "+%H hours %M minutes %S seconds") left."
|
||||
logwarn "repo sync-intervall (${MSC_GIT_REPO_UPDATE_INTERVALL-${MSC_GIT_REPO_UPDATE_INTERVALL_DEFAULT}} hours) not reached yet. $((seconds/86400)) days $(date -d "1970-01-01 + $seconds seconds" "+%H hours %M minutes %S seconds") left."
|
||||
return 2
|
||||
fi
|
||||
else
|
||||
|
@ -111,13 +115,11 @@ EOF
|
|||
}
|
||||
|
||||
lastupdatesubmodules () {
|
||||
#date "+%s" > ${MSC_GIT_UPD_SUBMOD_STATFILE}
|
||||
touch ${MSC_GIT_UPD_REPO_STATFILE}
|
||||
touch ${MSC_GIT_UPD_SUBMOD_STATFILE}
|
||||
}
|
||||
export -f lastupdatesubmodules
|
||||
|
||||
lastupdaterepo () {
|
||||
#date "+%s" > ${MSC_GIT_UPD_REPO_STATFILE}
|
||||
touch ${MSC_GIT_UPD_REPO_STATFILE}
|
||||
}
|
||||
export -f lastupdaterepo
|
||||
|
@ -129,7 +131,7 @@ EOF
|
|||
if which git >/dev/null; then
|
||||
loginfo -n "Sync config with ${MSC_GIT_SERVER}: "
|
||||
# MSC_GITCHECKOUTSCRIPT_OPTIONS are options for bin/git-myshellconfig-checkout
|
||||
${MSC_BASE}/bin/git-myshellconfig-checkout ${MSC_GIT_CHECKOUTSCRIPT_OPTIONS:=${MSC_GIT_CHECKOUTSCRIPT_OPTIONS_DEFAULT}}|| nok="not " 1>>"${MSC_LOGFILE}" 2>&1
|
||||
${MSC_BASE}/bin/git-myshellconfig-checkout ${MSC_GIT_CHECKOUTSCRIPT_OPTIONS=${MSC_GIT_CHECKOUTSCRIPT_OPTIONS_DEFAULT}}|| nok="not " 1>>"${MSC_LOGFILE}" 2>&1
|
||||
loginfo "$(printf '%s\n' "${nok}synced" )"
|
||||
[ -z "$nok" ] && mkdir -pv "${MSC_LOGDIR}"
|
||||
|
||||
|
@ -206,8 +208,8 @@ EOF
|
|||
SCRIPTEXIT
|
||||
|
||||
# Start tmux if not defined as STARTTMUX in bashrc
|
||||
logdebug "start tmux ${STARTTMUXDEFAULT} - ${STARTTMUXDEFAULT-$STARTTMUX}"
|
||||
if ${STARTTMUXDEFAULT-$STARTTMUX} ; then
|
||||
logdebug "start tmux ${STARTTMUXDEFAULT} - ${STARTTMUXREMOTEDEFAULT} - ${STARTTMUX-$STARTTMUXDEFAULT}"
|
||||
if ${STARTTMUX-$STARTTMUXDEFAULT} ; then
|
||||
cat << EOF
|
||||
|
||||
"User: $USER - $UID"
|
||||
|
|
|
@ -1,10 +1,5 @@
|
|||
#!/bin/bash
|
||||
|
||||
|
||||
[ -e $(dirname $0)/../logging ] && . $(dirname $0)/../logging
|
||||
|
||||
export SCRIPT_LOG=./$(basename $0).log
|
||||
export LOGFILE=./$(basename $0).move.log
|
||||
[ -z "${move+x}" ] && move=false
|
||||
[ -z "${forcedate+x}" ] && forcedate=false
|
||||
[ -z "${setdate+x}" ] && setdate=true
|
||||
|
@ -100,7 +95,7 @@ parsedatetime() {
|
|||
# 2020.04.02_15-32-20+02:00.jpg
|
||||
# 2020.04.13_10-59-14+02:00.jpg
|
||||
# WhatsApp Image 2019-07-29 at 12.45.02.jpeg
|
||||
echo fn: $filename >&2
|
||||
loginfo "fn: $filename"
|
||||
if [[ $filename =~ ^.*([0-9]{4})(\.|-)([0-9]{2})(\.|-)([0-9]{2})( |_|-|" at ")([0-9]{2})(\.|-|:)([0-9]{2})(\.|-|:)([0-9]{2})(\.|-|\+|\(| ).*$ ]]; then
|
||||
result="$(printf "%04d:%02d:%02d %02d:%02d:%02d" "${BASH_REMATCH[1]#0}" "${BASH_REMATCH[3]#0}" "${BASH_REMATCH[5]#0}" "${BASH_REMATCH[7]#0}" "${BASH_REMATCH[9]#0}" "${BASH_REMATCH[11]#0}")"
|
||||
fi
|
||||
|
@ -236,6 +231,7 @@ run_fix () {
|
|||
|
||||
case $move in
|
||||
true)
|
||||
export UMASK=002
|
||||
echo move to ${dest}/${MIMEDEST}/%Y/%Y_%m
|
||||
if $movecreatedate ; then
|
||||
loginfo "$(exiftool '-Directory<CreateDate' -d ${dest}/${MIMEDEST}/%Y/%Y_%m -if '($CreateDate)' "$file" 2>&1 |tee -a ${LOGFILE})"
|
||||
|
@ -244,6 +240,7 @@ run_fix () {
|
|||
fi
|
||||
;;
|
||||
copy)
|
||||
export UMASK=002
|
||||
echo copy to ${dest}/${MIMEDEST}/%Y/%Y_%m
|
||||
if $movecreatedate ; then
|
||||
loginfo "$(exiftool -o . '-Directory<DateTimeOriginal' -d ${dest}/${MIMEDEST}/%Y/%Y_%m -if '($datetimeoriginal)' "$file" 2>&1 |tee -a ${LOGFILE})"
|
||||
|
@ -262,6 +259,7 @@ run_fix () {
|
|||
fi
|
||||
;;
|
||||
rename)
|
||||
export UMASK=002
|
||||
echo move to ${dest}/${MIMEDEST}/%Y/%Y_%m
|
||||
if $movecreatedate ; then
|
||||
loginfo "$(exiftool -v '-FileName<CreateDate' -d ${dest}/${MIMEDEST}/%Y/%Y_%m/%Y%m%d_%H%M%S%%-c.%%e -if '($CreateDate)' "$file" 2>&1 | tee -a ${LOGFILE})"
|
||||
|
@ -270,6 +268,7 @@ run_fix () {
|
|||
fi
|
||||
;;
|
||||
copyrename)
|
||||
export UMASK=002
|
||||
echo move to ${dest}/${MIMEDEST}/%Y/%Y_%m
|
||||
if $movecreatedate ; then
|
||||
loginfo "$(exiftool -o . '-FileName<CreateDate' -d ${dest}/${MIMEDEST}/%Y/%Y_%m/%Y%m%d_%H%M%S%%-c.%%e -if '($CreateDate)' "$file" 2>&1 | tee -a ${LOGFILE})"
|
||||
|
@ -327,6 +326,8 @@ else
|
|||
all=$(find ${maxdepth:+-maxdepth} ${maxdepth:+$maxdepth} -type f |grep -i ".jpg$\|.jpeg$\|.mp4$\|.mov$\|.png$\|.3gp$\|.gif$"|wc -l)
|
||||
find ${maxdepth:+-maxdepth} ${maxdepth:+$maxdepth} -type f |grep -i ".jpg$\|.jpeg$\|.mp4$\|.mov$\|.png$\|.3gp$\|.gif$"|while read file; do
|
||||
let "i=i+1"
|
||||
export SCRIPT_LOG=./$(basename $0).log
|
||||
export LOGFILE=./$(basename $0).move.log
|
||||
loginfo "$i/$all"
|
||||
run_fix "$file"
|
||||
done
|
||||
|
|
5
bin/getfreeip
Normal file
5
bin/getfreeip
Normal file
|
@ -0,0 +1,5 @@
|
|||
#!/bin/bash
|
||||
|
||||
N=$1
|
||||
|
||||
sudo nmap -v -sn -n $1 -oG - | awk '/Status: Down/{print $2}'
|
9
bin/getusedip
Normal file
9
bin/getusedip
Normal file
|
@ -0,0 +1,9 @@
|
|||
#!/bin/bash
|
||||
|
||||
N=$1
|
||||
DNS=$1
|
||||
|
||||
sudo nmap -v -sn -n $1 -oG - | awk '!/Status: Down/{print $2}'|while read i;do
|
||||
echo "$i: $(dig "$DNS" -x $i +short +search)"
|
||||
|
||||
done
|
7
bin/git-mergedetachedheadtomaster
Executable file
7
bin/git-mergedetachedheadtomaster
Executable file
|
@ -0,0 +1,7 @@
|
|||
#!/bin/bash
|
||||
|
||||
git checkout -b tmp
|
||||
git branch -f master tmp
|
||||
git checkout master
|
||||
git branch -d tmp
|
||||
git commit -m "Merged detached head into master" .
|
|
@ -18,7 +18,7 @@
|
|||
#MSC_LOGFILE="${MSC_LOGDIR}/git.log"
|
||||
[ -d "${MSC_LOGDIR}" ] || mkdir -p "${MSC_LOGDIR}"
|
||||
[ -z "${MSC_GIT_REMOTE_NAME+x}" ] && export MSC_GIT_REMOTE_NAME=origin
|
||||
[ -z "${MSC_GIT_BRANCH+x}" ] && export MSC_GIT_BRANCH=master
|
||||
[ -z "${MSC_GIT_BRANCH:+x}" ] && export MSC_GIT_BRANCH=master
|
||||
|
||||
|
||||
|
||||
|
@ -37,6 +37,7 @@ EOF
|
|||
|
||||
set -- $(getopt -u -o hrs --long headless,force-repo-update,force-submodules-update -- "$@" )
|
||||
|
||||
loginfo "git checkout-options: $@"
|
||||
while [ $# -gt 0 ]; do
|
||||
case $1 in
|
||||
-h|--headless)
|
||||
|
@ -45,45 +46,52 @@ while [ $# -gt 0 ]; do
|
|||
shift
|
||||
;;
|
||||
-r|--force-repo-update)
|
||||
dosubmodupdate="true"
|
||||
dorepomodupdate="true"
|
||||
shift
|
||||
;;
|
||||
-s|--force-submodules-update)
|
||||
dosubmodupdate="true"
|
||||
shift
|
||||
;;
|
||||
--)
|
||||
shift
|
||||
break
|
||||
;;
|
||||
*)
|
||||
echo "1: $1"
|
||||
PRE=""
|
||||
echo bla
|
||||
shift
|
||||
;;
|
||||
esac
|
||||
done
|
||||
# If TAG is set, checkout is always headless.
|
||||
[ -z "${MSC_GIT_TAG:+x}" ] || { export MSC_GIT_BRANCH=${MSC_GIT_TAG}; export PRE=""; }
|
||||
# If MSC_GIT_TAG is set, checkout is always headless.
|
||||
[ -z "${MSC_GIT_TAG:+x}" ] || { export MSC_GIT_BRANCH=${MSC_GIT_TAG}; export PRE=""; echo "DEBUG"; }
|
||||
|
||||
# Output
|
||||
#echo -n " remote: ${MSC_GIT_REMOTE_NAME}, branch: ${MSC_GIT_BRANCH}: "
|
||||
|
||||
# Check for updates in submodules only if last check was INTERVALL hours in the past
|
||||
#if [ $(cat ${MSC_BASE%/}${MSC_BASE:+/}.last_update_submodules 2>/dev/null || echo 0 ) \
|
||||
[ -z "${MSC_GIT_UPD_SUBMOD_STATFILE+x}" ] && export MSC_GIT_UPD_SUBMOD_STATFILE="${MSC_BASE%/}${MSC_BASE:+/}.last_update_submodules"
|
||||
[ -z "${MSC_GIT_UPD_REPO_STATFILE+x}" ] && export MSC_GIT_UPD_REPO_STATFILE="${MSC_BASE%/}${MSC_BASE:+/}.last_update_repo"
|
||||
|
||||
if [ $(stat --printf %Y ${MSC_GIT_UPD_SUBMOD_STATFILE} 2>/dev/null || echo 0 ) \
|
||||
-lt $(date --date="${MSC_GIT_SUBMODULES_UPDATE_INTERVALL-${MSC_GIT_SUBMODULES_UPDATE_INTERVALL_DEFAULT}} hours ago" "+%s") \
|
||||
-a ${MSC_GIT_SUBMODULES_UPDATE-${MSC_GIT_SUBMODULES_UPDATE_DEFAULT-true}} ]; then
|
||||
[ -z "${dorepoupdate+x}" ] && dorepoupdate="true"
|
||||
fi
|
||||
[ -z "${MSC_GIT_UPD_SUBMOD_STATFILE+x}" ] && export MSC_GIT_UPD_SUBMOD_STATFILE="${MSC_BASE%/}${MSC_BASE:+/}.last_update_submodules"
|
||||
|
||||
if [ $(stat --printf %Y ${MSC_GIT_UPD_REPO_STATFILE} 2>/dev/null || echo 0 ) \
|
||||
-lt $(date --date="${MSC_GIT_REPO_UPDATE_INTERVALL-${MSC_GIT_REPO_UPDATE_INTERVALL_DEFAULT}} hours ago" "+%s") \
|
||||
-a ${MSC_GIT_REPO_UPDATE-${MSC_GIT_REPO_UPDATE_DEFAULT-true}} ]; then
|
||||
[ -z "${dosubmodupdate+x}" ] && dosubmodupdate="true"
|
||||
[ -z "${dorepoupdate+x}" ] && dorepoupdate="true"
|
||||
fi
|
||||
|
||||
if [ $(stat --printf %Y ${MSC_GIT_UPD_SUBMOD_STATFILE} 2>/dev/null || echo 0 ) \
|
||||
-lt $(date --date="${MSC_GIT_SUBMODULES_UPDATE_INTERVALL-${MSC_GIT_SUBMODULES_UPDATE_INTERVALL_DEFAULT}} hours ago" "+%s") \
|
||||
-a ${MSC_GIT_SUBMODULES_UPDATE-${MSC_GIT_SUBMODULES_UPDATE_DEFAULT-true}} ]; then
|
||||
[ -z "${dosubmodupdate+x}" ] && dosubmodupdate="true"
|
||||
fi
|
||||
|
||||
#echo $SGIT fetch ${MSC_GIT_REMOTE_NAME} -p 1>&2
|
||||
if $dorepoupdate; then
|
||||
loginfo "fetch repo${dosubmodupdate:+ and submodules}"
|
||||
#$SGIT fetch ${dosubmodupdate:+--recurse-submodules} ${MSC_GIT_REMOTE_NAME} -p 2>>"${MSC_LOGFILE}"|| { logwarn fetch failed; gitupdateend; exit 1; }
|
||||
$SGIT fetch ${dosubmodupdate:+--recurse-submodules} ${MSC_GIT_REMOTE_NAME} -p 2>>"${MSC_LOGFILE}"|| { logwarn fetch failed; gitupdateend; exit 1; }
|
||||
if ${dosubmodupdate:-false}; then
|
||||
lastupdatesubmodules
|
||||
|
@ -93,8 +101,8 @@ if $dorepoupdate; then
|
|||
if $SGIT diff-index --ignore-submodules --exit-code HEAD -- >> "${MSC_LOGFILE}" ; then
|
||||
cat << EOF >> "${MSC_LOGFILE}"
|
||||
no changes in local repo
|
||||
$SGIT checkout repo ${PRE}${PRE:+/}${MSC_GIT_BRANCH}
|
||||
EOF
|
||||
$SGIT checkout ${PRE}${PRE:+/}${MSC_GIT_BRANCH}
|
||||
EOF
|
||||
$SGIT checkout ${PRE}${PRE:+/}${MSC_GIT_BRANCH} 1>>"${MSC_LOGFILE}" 2>>"${MSC_LOGFILE}"|| { gitupdateend; exit 2; }
|
||||
$SGIT merge FETCH_HEAD 1>>"${MSC_LOGFILE}" 2>>"${MSC_LOGFILE}"|| { gitupdateend; exit 3; }
|
||||
touch $MSC_GIT_UPD_REPO_STATFILE
|
||||
|
|
84
bin/git-proxy
Executable file
84
bin/git-proxy
Executable file
|
@ -0,0 +1,84 @@
|
|||
#! /bin/bash
|
||||
|
||||
# connect to the Git repository through a SOCKS proxy
|
||||
|
||||
|
||||
# default setting is to use port 1080 on the local host
|
||||
proxy="localhost:1080"
|
||||
from="default"
|
||||
|
||||
# check if there is a value in the git configuration
|
||||
if git config --get socks.proxy >& /dev/null; then
|
||||
proxy=`git config --get socks.proxy`
|
||||
from="git's socks.proxy"
|
||||
fi
|
||||
|
||||
# check if a generic proxy has been defined in the environment
|
||||
if [ -n "$ALL_PROXY" ]; then
|
||||
proxy="$ALL_PROXY"
|
||||
from="\$ALL_PROXY"
|
||||
fi
|
||||
if [ -n "$all_proxy" ]; then
|
||||
proxy="$all_proxy"
|
||||
from="\$all_proxy"
|
||||
fi
|
||||
|
||||
# check if a SOCKS proxy has been defined in the environment
|
||||
if [ -n "$SOCKS_PROXY" ]; then
|
||||
proxy="$SOCKS_PROXY"
|
||||
from="\$SOCKS_PROXY"
|
||||
fi
|
||||
if [ -n "$socks_proxy" ]; then
|
||||
proxy="$socks_proxy"
|
||||
from="\$socks_proxy"
|
||||
fi
|
||||
if [ -n "$SOCKS5_PROXY" ]; then
|
||||
proxy="$SOCKS5_PROXY"
|
||||
from="\$SOCKS5_PROXY"
|
||||
fi
|
||||
if [ -n "$socks5_proxy" ]; then
|
||||
proxy="$socks5_proxy"
|
||||
from="\$socks5_proxy"
|
||||
fi
|
||||
|
||||
# check if a git specific SOCKS proxy has been defined in the environment
|
||||
if [ -n "$GIT_SOCKS_PROXY" ]; then
|
||||
proxy="$GIT_SOCKS_PROXY"
|
||||
from="\$GIT_SOCKS_PROXY"
|
||||
fi
|
||||
|
||||
function usage() {
|
||||
cat << @EOF
|
||||
Usage:
|
||||
`basename $0` HOST PORT
|
||||
|
||||
Helper script to connect to a Git repository over the git:// protocol at host HOST and port PORT through a SOCKS proxy at $proxy ($from).
|
||||
|
||||
To use the proxy for all git:// traffic, set the core.gitproxy option to "git-proxy":
|
||||
|
||||
git config core.gitproxy "git-proxy"
|
||||
|
||||
|
||||
To use the proxy only for some reporitories, use the syntax explained in git-config(1).
|
||||
|
||||
To configure which proxy to use, set an appropriate environment variable (see below) or socks.proxy option to the proxy address, for example "localhost:1080":
|
||||
|
||||
git config socks.proxy "localhost:1080"
|
||||
|
||||
|
||||
The address of the proxy is read from (in order of priority):
|
||||
- the GIT_SOCKS_PROXY environment variable;
|
||||
- the SOCKS_PROXY or SOCKS5_PROXY environment variable;
|
||||
- the ALL_PROXY environment variable (see curl(1));
|
||||
- the socks.proxy git option;
|
||||
- the default value: localhost:1080 .
|
||||
@EOF
|
||||
}
|
||||
|
||||
if [ -z "$1" ] || [ -z "$2" ] || [ -n "$3" ]; then
|
||||
usage
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# connect through the specifid proxy
|
||||
nc -x "$proxy" "$1" "$2"
|
7
bin/git-submodule-fix
Executable file
7
bin/git-submodule-fix
Executable file
|
@ -0,0 +1,7 @@
|
|||
#!/bin/bash
|
||||
|
||||
for arg
|
||||
do
|
||||
echo $arg
|
||||
find . -name "`basename $arg`" | grep "$arg\$" | xargs rm -fr
|
||||
done
|
22
bin/ldap_createaccount
Executable file
22
bin/ldap_createaccount
Executable file
|
@ -0,0 +1,22 @@
|
|||
#!/bin/bash
|
||||
|
||||
|
||||
|
||||
USEROUS=( $(ldapsearch -LLL -Z -H ldap://${LDAP_HOST_DEFAULT} -D ${LDAP_ADMIN_BIND_DN} -x -w $(pass ${PASS_ID_LDAP_ADMIN}|head -n 1) -s one -b ou=users,dc=schuerz,dc=at '(objectClass=organizationalUnit)' ou|grep "^ou"|awk '{print $2}') )
|
||||
|
||||
for uou in ${USEROUS[@]} ; do
|
||||
|
||||
echo "User OU: $uou"
|
||||
UID_HIGHEST=$(ldapsearch -LLL -Z -H ldap://${LDAP_HOST_DEFAULT} -D ${LDAP_ADMIN_BIND_DN} -x -w $(pass ${PASS_ID_LDAP_ADMIN}|head -n 1) -b ou=$uou,ou=users,dc=schuerz,dc=at '(&(dcAccountStatus=active)(objectClass=posixAccount))' uidNumber|grep "^uidNumber"|awk '{print $2}'|sort|tail -n1)
|
||||
GID_HIGHEST=$(ldapsearch -LLL -Z -H ldap://${LDAP_HOST_DEFAULT} -D ${LDAP_ADMIN_BIND_DN} -x -w $(pass ${PASS_ID_LDAP_ADMIN}|head -n 1) -b ou=$uou,ou=users,dc=schuerz,dc=at '(&(dcAccountStatus=active)(objectClass=posixAccount))' gidNumber|grep "^gidNumber"|awk '{print $2}'|sort|tail -n1)
|
||||
|
||||
echo UID_HIGHEST: $UID_HIGHEST
|
||||
echo GID_HIGHEST: $GID_HIGHEST
|
||||
|
||||
let "UID_HIGHEST=UID_HIGHEST+1"
|
||||
let "GID_HIGHEST=GID_HIGHEST+1"
|
||||
|
||||
echo UID_NEXT: $UID_HIGHEST
|
||||
echo GID_NEXT: $GID_HIGHEST
|
||||
|
||||
done
|
95
bin/signpubkey
Executable file
95
bin/signpubkey
Executable file
|
@ -0,0 +1,95 @@
|
|||
#!/bin/bash
|
||||
|
||||
|
||||
usage() {
|
||||
cat << EOF
|
||||
|
||||
Usage: $(dirname $0) [-n|--principals] <principal>[,<principal>[,<principal>[,...]]] [-V|--valid-time] <TIME> [-s|--serialnumber] <INT> [-S|-serialnumber-file] <filename> [-I|--identity] <identity> publickey
|
||||
|
||||
|
||||
EOF
|
||||
|
||||
}
|
||||
default_serialnumberfile="${HOME}/ssh-ca/serialnumbers/serialnumber"
|
||||
|
||||
set -- $(getopt -u -o hHn:V:s:S:I:tU --long help,host,user,principals:,valid-time:,serialnumber:,serialnumber-file:,identity:,hms -- "$@"|| exit $?)
|
||||
|
||||
while : ;do
|
||||
case $1 in
|
||||
-h|--help)
|
||||
usage
|
||||
break
|
||||
;;
|
||||
-H|host)
|
||||
host_or_user=host
|
||||
shift
|
||||
;;
|
||||
-U|user)
|
||||
host_or_user=user
|
||||
shift
|
||||
;;
|
||||
-n|--principals)
|
||||
shift
|
||||
principals=$1
|
||||
shift
|
||||
;;
|
||||
-V|--valid-time)
|
||||
shift
|
||||
validtime="${1}"
|
||||
shift
|
||||
;;
|
||||
-S|--serialnumber)
|
||||
shift
|
||||
serialnumber=$1
|
||||
shift
|
||||
;;
|
||||
-s|--serialnumber-file)
|
||||
shift
|
||||
serialnumberfile="$1"
|
||||
shift
|
||||
;;
|
||||
-I|--identity)
|
||||
shift
|
||||
identity=${1}
|
||||
shift
|
||||
;;
|
||||
-t|--hms)
|
||||
# t wie token
|
||||
shift
|
||||
hms=true
|
||||
;;
|
||||
--)
|
||||
shift
|
||||
break
|
||||
;;
|
||||
*)
|
||||
echo wrong argument $1 >&2
|
||||
usage
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
done
|
||||
|
||||
[ -z "${validtime+x}" ] && validtime="+8W"
|
||||
[ -z "${identity+x}" ] && identity=${USER}@$(hostname -f)
|
||||
[ -z "${serialnumberfile+x}" ] && serialnumberfile=${default_serialnumberfile}
|
||||
[ -z "${serialnumber+x}" ] && serialnumber=$(sed -i -r 's/^([0-9]+)$/echo "$((\1+1))"/ge' "${serialnumberfile}"; cat "${serialnumberfile}" )
|
||||
[ -z "${principals+x}" ] && { echo "no principals given"; usage; exit 1; }
|
||||
|
||||
CABASE=~/ssh-ca
|
||||
host_or_user=user
|
||||
case $host_or_user in
|
||||
host)
|
||||
CAPATH=$CABASE/${host_or_user^^}_CA/${host_or_user}
|
||||
;;
|
||||
user)
|
||||
CAPATH=$CABASE/${host_or_user^^}_CA/${host_or_user}_ca.pub
|
||||
esac
|
||||
|
||||
if ${hms:-false};then
|
||||
echo ssh-keygen -s $CABASE/${host_or_user^^}_CA/${host_or_user}_ca.pub -n "${principals}" -V "${validtime}" -z $serialnumber -I "${identity}" "$1"
|
||||
ssh-keygen -s $CABASE/${host_or_user^^}_CA/${host_or_user}_ca.pub -D $P11M -n "${principals}" -V "${validtime}" -z $serialnumber -I "${identity}" "$1"
|
||||
else
|
||||
echo ssh-keygen -s $CABASE/${host_or_user^^}_CA/${host_or_user}_ca -n "${principals}" -V "${validtime}" -z $serialnumber -I "${identity}" "$1"
|
||||
ssh-keygen -s $CABASE/${host_or_user^^}_CA/${host_or_user}_ca -n "${principals}" -V "${validtime}" -z $serialnumber -I "${identity}" "$1"
|
||||
fi
|
|
@ -2,7 +2,9 @@
|
|||
|
||||
set -eu
|
||||
set -x
|
||||
[ -z "${PKCS11_MODULE+x}" ] && PKCS11_MODULE="$(dnf repoquery --installed -l p11-kit | grep \/p11-kit-proxy.so\$ | head -1)"
|
||||
which dnf >/dev/null 2>&1 [ -z "${P11M+x}" ] && P11M="$(dnf repoquery --installed -l p11-kit | grep \/p11-kit-proxy.so\$ | head -1)"
|
||||
which dpkg >/dev/null 2>&1 && [ -z "${P11M+x}" ] && P11M="$(dpkg -L p11-kit-modules|grep \/p11-kit-proxy.so\$ | head -1)"
|
||||
|
||||
|
||||
echo SSH_AGENT_PID before: $SSH_AGENT_PID
|
||||
|
||||
|
@ -11,13 +13,13 @@ echo SSH_AGENT_PID before: $SSH_AGENT_PID
|
|||
|
||||
echo SSH_AGENT_PID after: $SSH_AGENT_PID
|
||||
|
||||
#if ssh-add -l | grep -q "${PKCS11_MODULE}"; then
|
||||
#if ssh-add -l | grep -q "${P11M}"; then
|
||||
# # Remove any stale loaded keys from token, ssh-agent does not automatically
|
||||
# # reconnect with the token when you reinsert it.
|
||||
# ssh-add -e "${PKCS11_MODULE}"
|
||||
# ssh-add -e "${P11M}"
|
||||
#fi
|
||||
|
||||
ssh-add -e "${PKCS11_MODULE}" 2>/dev/null
|
||||
ssh-add -e "${P11M}" 2>/dev/null
|
||||
echo $?
|
||||
# Tell ssh-agent to use the keys on the token
|
||||
ssh-add -s "${PKCS11_MODULE}"
|
||||
ssh-add -s "${P11M}"
|
||||
|
|
115
bin/startagent
115
bin/startagent
|
@ -7,7 +7,7 @@ for f in logerror logwarn loginfo logdebug logtrace ENTRY EXIT SCRIPTENTRY SCRIP
|
|||
:
|
||||
else
|
||||
fx=${f//log/}
|
||||
#echo create function $f for $fx
|
||||
echo create function $f for $fx >&2
|
||||
eval "$f () { \
|
||||
local loglevels; \
|
||||
declare -a loglevels; \
|
||||
|
@ -73,6 +73,31 @@ EOF
|
|||
|
||||
}
|
||||
|
||||
check_token(){
|
||||
|
||||
# it's the same as "token" in functions.sh
|
||||
# defined here also, to work also in environments, where functions.sh couldn't be sourced
|
||||
[ -z "${P11M:+x}" ] && { P11M=$PKCS11_MODULE; export P11M; }
|
||||
|
||||
# If DISPLAY is set, ssh-add calls ssh-askpass, and if its in remote-terminal, it wont work
|
||||
# So remember and unset DISPLAY, and set it at the end again, if it was set before
|
||||
[ $DISPLAY ] && local DISPLAY_ORIG=$DISPLAY
|
||||
[ $DISPLAY ] && logtrace "unset DISPLAY: $DISPLAY"
|
||||
[ $DISPLAY ] && unset DISPLAY
|
||||
|
||||
# Write public keys of all in agent stored keys to a temporary file
|
||||
local tmppubkey="$(mktemp -p ${XDG_RUNTIME_DIR} pubkey.XXXXXX.pub)"
|
||||
logtrace "tmppubkey: $tmppubkey"
|
||||
loginfo "$(ssh-add -L > $tmppubkey)"
|
||||
# Check if public-keys in tmppubkey are working. They are not working, if you removed and add back hardware-token.
|
||||
loginfo "$(ssh-add -T ${tmppubkey}|| { ssh-add -e $P11M; ssh-add -s $P11M; } )"
|
||||
logdebug "$(rm "${tmppubkey}")"
|
||||
logdebug "$(ssh-add -l )"
|
||||
[ $DISPLAY_ORIG ] && logtrace "reset DISPLAY=$DISPLAY_ORIG"
|
||||
[ $DISPLAY_ORIG ] && export DISPLAY=$DISPLAY_ORIG
|
||||
|
||||
}
|
||||
|
||||
createonly=false
|
||||
tokenonly=false
|
||||
readd=false
|
||||
|
@ -117,16 +142,16 @@ while :; do
|
|||
done
|
||||
|
||||
SCRIPTENTRY
|
||||
[ -z "${SSH_IDENTITIES_DIR+x}" ] && { SSH_IDENTITIES_DIR="${SSH_IDENTITIES_DEFAULT_DIR-${HOME}/.ssh/identities}"; export SSH_IDENTITIES_DIR; }
|
||||
[ -z "${SSH_AGENTS_DIR+x}" ] && { SSH_AGENTS_DIR=${SSH_AGENTS_DEFAULT_DIR-~/.ssh/agents}; export SSH_AGENTS_DIR; }
|
||||
[ -z "${SSH_IDENTITIES_DIR+x}" ] && { SSH_IDENTITIES_DIR="${SSH_IDENTITIES_DEFAULT_DIR-${HOME}/.ssh/identities}"; export SSH_IDENTITIES_DIR; }
|
||||
[ -z "${SSH_AGENTS_DIR+x}" ] && { SSH_AGENTS_DIR=${SSH_AGENTS_DEFAULT_DIR-~/.ssh/agents}; export SSH_AGENTS_DIR; }
|
||||
[ -z "${SSH_AGENT_SOCKETS_DIR+x}" ] && { SSH_AGENT_SOCKETS_DIR=${SSH_AGENT_SOCKETS_DEFAULT_DIR-~/.ssh/agents}; export SSH_AGENT_SOCKETS_DIR; }
|
||||
[ -z "${SSH_AGENT_OPTIONS+x}" ] && { SSH_AGENT_OPTIONS=${SSH_AGENT_DEFAULT_OPTIONS--t 7200 }; export SSH_AGENT_OPTIONS; }
|
||||
logtrace "SSH_AGENTS_DIR: $SSH_AGENTS_DIR"
|
||||
[ -z "${SSH_AGENT_OPTIONS+x}" ] && { SSH_AGENT_OPTIONS=${SSH_AGENT_DEFAULT_OPTIONS--t 7200 }; export SSH_AGENT_OPTIONS; }
|
||||
logtrace " SSH_AGENTS_DIR: $SSH_AGENTS_DIR"
|
||||
logtrace "SSH_AGENT_SOCKETS_DIR: $SSH_AGENT_SOCKETS_DIR"
|
||||
logtrace "SSH_IDENTITIES_DIR: $SSH_IDENTITIES_DIR"
|
||||
[ -z "${SSH_AGENTS_DIR-x}" ] || mkdir -vp "$SSH_AGENTS_DIR"
|
||||
[ -z "${SSH_AGENT_SOCKETS_DIR-x}" ] || mkdir -vp "$SSH_AGENT_SOCKETS_DIR"
|
||||
[ -z "${SSH_IDENTITIES_DIR-x}" ] || mkdir -vp "$SSH_IDENTITIES_DIR"
|
||||
logtrace " SSH_IDENTITIES_DIR: $SSH_IDENTITIES_DIR"
|
||||
[ -z "${SSH_AGENTS_DIR-x}" ] || mkdir -vp "$SSH_AGENTS_DIR"
|
||||
[ -z "${SSH_AGENT_SOCKETS_DIR-x}" ] || mkdir -vp "$SSH_AGENT_SOCKETS_DIR"
|
||||
[ -z "${SSH_IDENTITIES_DIR-x}" ] || mkdir -vp "$SSH_IDENTITIES_DIR"
|
||||
|
||||
|
||||
agent-start-or-restart () {
|
||||
|
@ -227,6 +252,8 @@ agent-load-identity-keys () {
|
|||
local agentsocket
|
||||
local fingerprints
|
||||
declare -a fingerprints
|
||||
local pubkeysonly
|
||||
declare -a pubkeysonly
|
||||
local fingerprint
|
||||
local tokenfingerprint
|
||||
|
||||
|
@ -248,6 +275,7 @@ agent-load-identity-keys () {
|
|||
logdebug "$f"
|
||||
done
|
||||
if ! $tokenonly ; then
|
||||
# load keys
|
||||
for key in $(ls ${SSH_IDENTITIES_DIR}/${ssh_identity}/id_*|grep -v "pub$\|so$\|config$\|public$"); do
|
||||
fingerprint=$(ssh-keygen -l -f $key|awk '{print $2}')
|
||||
if [[ ${fingerprints[*]} =~ "$fingerprint" ]]; then
|
||||
|
@ -266,19 +294,52 @@ agent-load-identity-keys () {
|
|||
done
|
||||
fi
|
||||
if ! $keyonly ; then
|
||||
# load tokens
|
||||
for pubkey in $(ls ${SSH_IDENTITIES_DIR}/${ssh_identity}/id_*|grep "pub$\|public$"|grep -v "cert.pub"); do
|
||||
if $( ls ${pubkey%.pub} 1>/dev/null 2>&1);then
|
||||
echo "pubkey with privkey: $pubkey"
|
||||
else
|
||||
echo "pubkey without privkey: $pubkey"
|
||||
pubkeysonly+=($pubkey)
|
||||
fi
|
||||
if [ -e "${pubkey%.pub}-cert.pub" ]; then
|
||||
#logwarn "${pubkey%.pub}-cert.pub: $(date +%s -d $(ssh-keygen -L -f "${pubkey%.pub}-cert.pub"|awk '$1 == "Valid:"{print $5}'))"
|
||||
#logwarn "now: $(date +%s -d NOW)"
|
||||
cert_exp_date=$(ssh-keygen -L -f "${pubkey%.pub}-cert.pub"|awk '$1 == "Valid:"{print $5}')
|
||||
#[ $(date +%s -d $(ssh-keygen -L -f "${pubkey%.pub}-cert.pub"|awk '$1 == "Valid:"{print $5}')) -gt $(date +%s -d NOW) ] \
|
||||
[ $(date +%s -d $cert_exp_date) -gt $(date +%s -d NOW) ] \
|
||||
|| logwarn "CERTIFICATE IS NOT VALID ANYMORE: ${pubkey%.pub}-cert.pub"
|
||||
#[ $(date +%s -d $(ssh-keygen -L -f "${pubkey%.pub}-cert.pub"|awk '$1 == "Valid:"{print $5}')) -lt $(date +%s -d "$SSH_CERT_VALIDITY_WARN_SEC") ] \
|
||||
[ $(date +%s -d $cert_exp_date) -lt $(date +%s -d "$SSH_CERT_VALIDITY_WARN_SEC") ] \
|
||||
&& logwarn "CERTIFICATE expires in $(echo "scale=0; ( `date -d $cert_exp_date +%s` - `date -d now +%s`) / (24*3600)" | bc -l) days: ${pubkey%.pub}-cert.pub"
|
||||
fi
|
||||
done
|
||||
loginfo "pubkeysonly: ${pubkeysonly[@]} (count: ${#pubkeysonly[*]})"
|
||||
|
||||
|
||||
for key in $(ls ${SSH_IDENTITIES_DIR}/${ssh_identity}/*|grep "\.so$"); do
|
||||
logdebug "P11M: ${P11M:-not set} - key: $key"
|
||||
#[ -e "${P11M-x}" ] || [ "$(readlink - f $key)" == "$P11M" ] || key="$P11M"
|
||||
[ "$(readlink - f $key)" == "$P11M" ] || key="$P11M"
|
||||
logdebug "P11M: ${P11M:-not set} - key: $key"
|
||||
echo "P11M: ${P11M:-not set} - key: $key"
|
||||
|
||||
tokenfingerprint="$(ssh-keygen -l -D $key|tr -s ' '|awk '{print $2}')"
|
||||
|
||||
if [[ ${fingerprints[*]} =~ "$tokenfingerprint" ]]; then
|
||||
logdebug "token: $key ($tokenfingerprint) is loaded"
|
||||
check-pubkeysonly
|
||||
if $readd || $remove ; then
|
||||
$readd && logdebug "re-add token $key"
|
||||
$remove && logdebug "remove token $key"
|
||||
logdebug "$(ssh-runinagent $agentfile ssh-add ${SSH_ADD_OPTIONS} -e ${key} 2>&1)"
|
||||
$remove || logdebug "$(ssh-runinagent $agentfile ssh-add ${SSH_ADD_OPTIONS} -s ${key} 2>&1)"
|
||||
echo agentfile1 $agentfile \$SSH_ADD_OPTIONS $key >&2
|
||||
logdebug "$(ssh-runinagent $agentfile ssh-add ${SSH_ADD_OPTIONS} -e "${key}" 2>&1)"
|
||||
ssh-runinagent $agentfile echo $SSH_AUTH_SOCK >&2
|
||||
$remove || logdebug "$(ssh-runinagent $agentfile ssh-add ${SSH_ADD_OPTIONS} -s "${key}" 2>&1)"
|
||||
fi
|
||||
else
|
||||
logdebug "token: $key is not loaded -> load it"
|
||||
logdebug "$(ssh-runinagent $agentfile ssh-add ${SSH_ADD_OPTIONS} -e ${key} 2>&1)"
|
||||
logdebug "$(ssh-runinagent $agentfile ssh-add -v ${SSH_ADD_OPTIONS} -e ${key} 2>&1)"
|
||||
$remove || logdebug "$(ssh-runinagent $agentfile ssh-add ${SSH_ADD_OPTIONS} -s ${key} 2>&1)"
|
||||
fi
|
||||
done
|
||||
|
@ -292,6 +353,22 @@ agent-load-identity-keys () {
|
|||
EXIT
|
||||
}
|
||||
|
||||
function check-pubkeysonly () {
|
||||
if [ ${#pubkeysonly[*]} -gt 0 ] ; then
|
||||
for p in ${pubkeysonly[@]}; do
|
||||
ssh-runinagent $agentfile ssh-add -T ${p} 2>&1 || { $remove || readd=true; break; }
|
||||
done
|
||||
else
|
||||
logwarn "obviously there is no pubkey for the token in ${SSH_IDENTITIES_DIR}/${ssh_identity}/"
|
||||
logwarn "you can add the pubkey with"
|
||||
logwarn " ssh-add -L > ${SSH_IDENTITIES_DIR}/${ssh_identity}/id_etoken.pub"
|
||||
logwarn "make sure, only the token is loaded into ssh-agent with"
|
||||
logwarn " ssh-add -l"
|
||||
logwarn "only one line should be the output"
|
||||
fi
|
||||
logdebug "readd: $readd"
|
||||
}
|
||||
|
||||
ssh-runinagent () {
|
||||
|
||||
ENTRY
|
||||
|
@ -316,7 +393,15 @@ ssh-runinagent () {
|
|||
|
||||
}
|
||||
|
||||
agent-start-or-restart $ssh_identity
|
||||
! $createonly && agent-load-identity-keys $ssh_identity
|
||||
if [[ $SSH_TTY || $X2GO_SESSION ]] ; then
|
||||
logdebug "run with forwarded ssh-agent"
|
||||
check_token
|
||||
res=1
|
||||
else
|
||||
logdebug "run with local ssh-agent"
|
||||
agent-start-or-restart $ssh_identity
|
||||
! $createonly && agent-load-identity-keys $ssh_identity
|
||||
res=0
|
||||
fi
|
||||
SCRIPTEXIT
|
||||
exit $?
|
||||
exit $res
|
||||
|
|
240
bin/trashmail
Executable file
240
bin/trashmail
Executable file
|
@ -0,0 +1,240 @@
|
|||
#!/bin/bash
|
||||
|
||||
# creates trash email for registration for online-services
|
||||
# email is hashed from domain of service + login-username from linux-system
|
||||
# or only unhashed service-domain
|
||||
# this created email-address is added to LDAP target email als dcMailAlias
|
||||
# also added to pass passwordmanager of user
|
||||
|
||||
[ -e ${MSC_BASE}/defaults.conf ] && . ${MSC_BASE}/defaults.conf
|
||||
|
||||
LDAP_HOST=${LDAP_HOST_DEFAULT}
|
||||
BIND_DN=${LDAP_ADMIN_BIND_DN}
|
||||
PASS_ID=${PASS_ID_LDAP_ADMIN}
|
||||
OWN_DOMAIN=${TRASHMAIL_OWN_DOMAIN_DEFAULT}
|
||||
TARGET_MAIL=${TRASHMAIL_TARGET_MAIL_DEFAULT}
|
||||
HASHED_DEFAULT=${TRASHMAIL_HASHED_DEFAULT}
|
||||
HASHLENGTH_DEFAULT=8
|
||||
PWOPTS_DEFAULT="-c -n -s"
|
||||
PWLENGTH_DEFAULT=50
|
||||
|
||||
usage () {
|
||||
cat << EOF
|
||||
|
||||
usage: ${0} <OPTIONS> <URL> [<PWLENGTH>]
|
||||
|
||||
URL: https://target.domain.tld:8080/path/to/site | target.domain.tld
|
||||
PWLENGTH: Integer, count characters in generated password
|
||||
|
||||
OPTIONS:
|
||||
--delete delete trashmail from LDAP
|
||||
-d include domain from <URL> in username: 8ee948ae.target.domain.tld@mydomain.tld
|
||||
-f|--force force overwrite existing entry in pass
|
||||
-h|--hashed create hash from domain and linux-login-user (${USER})
|
||||
--help show this help/usage
|
||||
-l|--length <INTEGER>|full cut hashed part of username to <INTGER> characters from start (default: ${HASHLENGHT_DEFAULT})
|
||||
-n|--not-hashed do not hash username from targetdomain and linux-login-user
|
||||
-t|--target-mail <TARGET_MAIL> Emailadress for which trashmail is created
|
||||
-w|--full-hash do not cut hash (same as »-l full«)
|
||||
-y|--symbols same option as in pwgen. Include at least one special character in the password.
|
||||
|
||||
|
||||
EOF
|
||||
|
||||
}
|
||||
|
||||
# TODO: how exit main-shell from error in subshell???
|
||||
getopt -u -o dfhl:nt:wy --long delete,force,hashed,help,not-hashed,hashlength:,whole-hash,symblols,target-mail: -- "$@" || exit $?
|
||||
set -- $(getopt -u -o dfhl:nt:wy --long delete,force,hashed,help,not-hashed,hashlength:,whole-hash,symblols,target-mail: -- "$@"|| exit $?)
|
||||
|
||||
echo @: $@
|
||||
while : ; do
|
||||
case $1 in
|
||||
--delete)
|
||||
ACTION=delete
|
||||
shift
|
||||
;;
|
||||
-d)
|
||||
INCLUDE_DOMAIN=true
|
||||
shift
|
||||
;;
|
||||
-f|--force)
|
||||
FORCE=true
|
||||
shift
|
||||
;;
|
||||
-h|--hashed)
|
||||
HASHED=true
|
||||
shift
|
||||
;;
|
||||
--help)
|
||||
usage
|
||||
exit 0
|
||||
;;
|
||||
-l|--hashlength)
|
||||
HASHLENGTH=$2
|
||||
shift; shift;
|
||||
;;
|
||||
-n|--not-hashed)
|
||||
HASHED=false
|
||||
shift
|
||||
;;
|
||||
-t|--target-mail)
|
||||
TARGET_MAIL=$2
|
||||
shift; shift;
|
||||
;;
|
||||
-w|--full-hash)
|
||||
HASHLENGTH=full
|
||||
shift;
|
||||
;;
|
||||
-y)
|
||||
PWOPTS="${PWOPTS} -y"
|
||||
shift
|
||||
;;
|
||||
--)
|
||||
shift
|
||||
break
|
||||
;;
|
||||
*)
|
||||
echo wrong argument $1 >&2
|
||||
usage
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
done
|
||||
|
||||
# Urlparsing inspired by: https://gist.github.com/joshisa/297b0bc1ec0dcdda0d1625029711fa24
|
||||
# Referenced and tweaked from http://stackoverflow.com/questions/6174220/parse-url-in-shell-script#6174447
|
||||
|
||||
URL=$1
|
||||
protocol=$(echo "$1" | grep "://" | sed -e's,^\(.*://\).*,\1,g')
|
||||
# Remove the protocol
|
||||
url_no_protocol=$(echo "${1/$protocol/}")
|
||||
# Use tr: Make the protocol lower-case for easy string compare
|
||||
protocol=$(echo "$protocol" | tr '[:upper:]' '[:lower:]')
|
||||
|
||||
|
||||
# Extract the user and password (if any)
|
||||
# cut 1: Remove the path part to prevent @ in the querystring from breaking the next cut
|
||||
# rev: Reverse string so cut -f1 takes the (reversed) rightmost field, and -f2- is what we want
|
||||
# cut 2: Remove the host:port
|
||||
# rev: Undo the first rev above
|
||||
userpass=$(echo "$url_no_protocol" | grep "@" | cut -d"/" -f1 | rev | cut -d"@" -f2- | rev)
|
||||
pass=$(echo "$userpass" | grep ":" | cut -d":" -f2)
|
||||
if [ -n "$pass" ]; then
|
||||
user=$(echo "$userpass" | grep ":" | cut -d":" -f1)
|
||||
else
|
||||
user="$userpass"
|
||||
fi
|
||||
|
||||
# Extract the host
|
||||
hostport=$(echo "${url_no_protocol/$userpass@/}" | cut -d"/" -f1)
|
||||
host=$(echo "$hostport" | cut -d":" -f1)
|
||||
port=$(echo "$hostport" | grep ":" | cut -d":" -f2)
|
||||
path=$(echo "$url_no_protocol" | grep "/" | cut -d"/" -f2-)
|
||||
|
||||
echo "Create a trashmail-address for ${host}" >&2
|
||||
|
||||
|
||||
if ${HASHED:-$HASHED_DEFAULT}; then
|
||||
case $HASHLENGTH in
|
||||
full)
|
||||
TRASHUSER="$(echo ${host}${USER}|md5sum -|awk '{print $1}')"
|
||||
;;
|
||||
[0-9]|[0-9][0-9])
|
||||
TRASHUSER="$(echo ${host}${USER}|md5sum -|awk '{print $1}'|cut -c-${HASHLENGTH})"
|
||||
;;
|
||||
*)
|
||||
TRASHUSER="$(echo ${host}${USER}|md5sum -|awk '{print $1}'|cut -c-${HASHLENGTH_DEFAULT})"
|
||||
;;
|
||||
esac
|
||||
|
||||
if ${INCLUDE_DOMAIN:-false} ;then
|
||||
$INCLUDE_DOMAIN && TRASHUSER=${TRASHUSER}.${host}
|
||||
fi
|
||||
|
||||
|
||||
else
|
||||
TRASHUSER=${host}
|
||||
fi
|
||||
|
||||
TRASHMAIL=${TRASHUSER}@${OWN_DOMAIN}
|
||||
echo $TRASHMAIL
|
||||
|
||||
PASS_ENTRY="${PASS_PREFIX%/}${PASS_PREFIX:+/}${host}/${TRASHMAIL}"
|
||||
|
||||
case ${ACTION:-create} in
|
||||
create)
|
||||
#set -x
|
||||
echo "Add new trashmail to LDAP"
|
||||
cat << EOF |ldapmodify -Z -H ldap://${LDAP_HOST} -D ${BIND_DN} -x -w $(pass ${PASS_ID}|head -n 1)
|
||||
dn: dcSubMailAddress=${TARGET_MAIL},ou=mailaccounts,dc=schuerz,dc=at
|
||||
changetype: modify
|
||||
add: dcMailAlternateAddress
|
||||
dcMailAlternateAddress: ${TRASHMAIL}
|
||||
EOF
|
||||
|
||||
if [ $? -gt 0 ]; then
|
||||
echo pass find ${PASS_ENTRY}
|
||||
pass find ${TRASHMAIL}|grep -v "Search Terms"
|
||||
case $? in
|
||||
1)
|
||||
# returncode 1 from grep means, no line selected. so no entry exists, create new one
|
||||
echo "Entry not found --> create new pass-entry"
|
||||
CREATE=true
|
||||
;;
|
||||
0)
|
||||
if ${FORCE-false} ; then
|
||||
echo "Entry found but enforced to overwrite"
|
||||
CREATE=true
|
||||
else
|
||||
echo
|
||||
echo "Current password for ${PASS_ENTRY} is $(pass ${PASS_ENTRY} |head -n1)."
|
||||
read -p "Overwrite? [Y|n]: "
|
||||
echo ""
|
||||
case $REPLY in
|
||||
y|Y)
|
||||
CREATE=true
|
||||
;;
|
||||
*)
|
||||
CREATE=false
|
||||
;;
|
||||
esac
|
||||
fi
|
||||
;;
|
||||
*)
|
||||
echo "Something went wrong"
|
||||
exit 2
|
||||
;;
|
||||
esac
|
||||
else
|
||||
CREATE=true
|
||||
fi
|
||||
|
||||
if ${CREATE-false}; then
|
||||
cat << EOF |pass insert -m ${PASS_ENTRY}
|
||||
$(pwgen ${PWOPTS_DEFAULT} ${PWOPTS} ${2:-$PWLENGTH_DEFAULT} 1)
|
||||
email: ${TRASHMAIL}
|
||||
login: ${TRASHUSER}
|
||||
url: ${URL}
|
||||
comment: trashemail autogenerated md5-hash from »${host}${USER}« cut to ${HASHLENGTH}. Delete email, when account deleted!!!
|
||||
targetmail for this trashmail is ${TARGET_MAIL}
|
||||
EOF
|
||||
fi
|
||||
#set +x
|
||||
#pass git commit "${PASS_ENTRY}"
|
||||
pass -c ${PASS_ENTRY}
|
||||
;;
|
||||
delete)
|
||||
|
||||
cat << EOF |ldapmodify -Z -H ldap://${LDAP_HOST} -D ${BIND_DN} -x -w $(pass ${PASS_ID}|head -n 1)
|
||||
dn: dcSubMailAddress=${TARGET_MAIL},ou=mailaccounts,dc=schuerz,dc=at
|
||||
changetype: modify
|
||||
delete: dcMailAlternateAddress
|
||||
dcMailAlternateAddress: ${TRASHMAIL}
|
||||
EOF
|
||||
;;
|
||||
*)
|
||||
echo action $ACTION not known
|
||||
exit 1
|
||||
;;
|
||||
esac
|
|
@ -13,3 +13,14 @@ export MSC_LOGLEVEL_DEFAULT="INFO"
|
|||
export MSC_FILELOGLEVEL_DEFAULT="DEBUG"
|
||||
export LOGLEVEL_DEFAULT="${MSC_LOGLEVEL_DEFAULT}"
|
||||
export FILELOGLEVEL_DEFAULT="${MSC_FILELOGLEVEL_DEFAULT}"
|
||||
export STARTTMUXDEFAULT=false
|
||||
export STARTTMUXREMOTEDEFAULT=true
|
||||
|
||||
export LDAP_HOST_DEFAULT=ldap.schuerz.at
|
||||
export LDAP_ADMIN_BIND_DN=cn=admin,dc=schuerz,dc=at
|
||||
export PASS_ID_LDAP_ADMIN="LDAP/binddn-admin"
|
||||
export TRASHMAIL_OWN_DOMAIN_DEFAULT=schuerz.at
|
||||
export TRASHMAIL_TARGET_MAIL_DEFAULT=wertstoffe@xundeenergie.at
|
||||
export TRASHMAIL_HASHED_DEFAULT=true
|
||||
|
||||
export SSH_CERT_VALIDITY_WARN_SEC="14 days"
|
||||
|
|
26
defaults.conf.sample
Normal file
26
defaults.conf.sample
Normal file
|
@ -0,0 +1,26 @@
|
|||
### GIT ####
|
||||
export MSC_GIT_REPO_UPDATE_DEFAULT=true
|
||||
export MSC_GIT_REPO_UPDATE_INTERVALL_DEFAULT=48 #intervall in hours
|
||||
export MSC_GIT_SUBMODULES_UPDATE_DEFAULT=true
|
||||
export MSC_GIT_SUBMODULES_UPDATE_INTERVALL_DEFAULT=196 #intervall in hours
|
||||
export MSC_GIT_SUBMODULES_SERVER_DEFAULT="git://github.com/"
|
||||
export MSC_GIT_CHECKOUTSCRIPT_OPTIONS_DEFAULT="-h"
|
||||
export MSC_GIT_TIMEOUT_DEFAULT=5s
|
||||
export MSC_GIT_CHECKOUT_TIMEOUT_DEFAULT=20s
|
||||
### LOGGING ###
|
||||
# Possible loglevel-values: ERROR, WARN, INFO, DEBUG, TRACE
|
||||
export MSC_LOGLEVEL_DEFAULT="INFO"
|
||||
export MSC_FILELOGLEVEL_DEFAULT="DEBUG"
|
||||
export LOGLEVEL_DEFAULT="${MSC_LOGLEVEL_DEFAULT}"
|
||||
export FILELOGLEVEL_DEFAULT="${MSC_FILELOGLEVEL_DEFAULT}"
|
||||
export STARTTMUXDEFAULT=false
|
||||
export STARTTMUXREMOTEDEFAULT=true
|
||||
|
||||
export LDAP_HOST_DEFAULT=ldap.example.com
|
||||
export LDAP_ADMIN_BIND_DN=cn=admin,dc=example,dc=com
|
||||
export PASS_ID_LDAP_ADMIN="LDAP/binddn-admin"
|
||||
export TRASHMAIL_OWN_DOMAIN_DEFAULT=example.com
|
||||
export TRASHMAIL_TARGET_MAIL_DEFAULT=user@example.com
|
||||
export TRASHMAIL_HASHED_DEFAULT=true
|
||||
|
||||
export SSH_CERT_VALIDITY_WARN_SEC="14 days"
|
340
functions.sh
340
functions.sh
|
@ -20,7 +20,7 @@ promptcommandmunge () {
|
|||
esac
|
||||
EXIT
|
||||
}
|
||||
## this function updates in combination with PROMPT_COMMAND the shell-environment-variables in tmus-sessions,
|
||||
## this function updates in combination with PROMPT_COMMAND the shell-environment-variables in tmux-sessions,
|
||||
# every time prompt is called. It does it only, when called from tmux (Environment TMUX is set)
|
||||
function _tmux_hook() {
|
||||
# [ -z "${TMUX+x}" ] || eval "$(tmux show-environment -s)"
|
||||
|
@ -31,10 +31,6 @@ function _tmux_hook() {
|
|||
|
||||
}
|
||||
|
||||
# Append `;` if PROMPT_COMMAND is not empty
|
||||
#PROMPT_COMMAND="${PROMPT_COMMAND:+$PROMPT_COMMAND;}_tmux_hook"
|
||||
|
||||
|
||||
# To make the code more reliable on detecting the default umask
|
||||
function _umask_hook {
|
||||
# Record the default umask value on the 1st run
|
||||
|
@ -47,9 +43,6 @@ function _umask_hook {
|
|||
fi
|
||||
}
|
||||
|
||||
# Append `;` if PROMPT_COMMAND is not empty
|
||||
#PROMPT_COMMAND="${PROMPT_COMMAND:+$PROMPT_COMMAND;}_umask_hook"
|
||||
|
||||
cpb() {
|
||||
scp "$1" ${SSH_CLIENT%% *}:~/Work
|
||||
}
|
||||
|
@ -64,8 +57,10 @@ sudo() {
|
|||
GIT_COMMITTER_NAME="$GIT_COMMITTER_NAME" \
|
||||
TMUX="$TMUX" \
|
||||
SSHS="$SSHS" \
|
||||
P11M="$P11M" \
|
||||
SSH_TTY="$SSH_TTY" \
|
||||
SSH_AUTH_SOCK="$SSH_AUTH_SOCK" \
|
||||
http_proxy="$http_proxy" \
|
||||
"$@"
|
||||
|
||||
}
|
||||
|
@ -99,6 +94,7 @@ create_symlinks() {
|
|||
|
||||
setproxy () {
|
||||
|
||||
# https://gist.github.com/yougg/5d2b3353fc5e197a0917aae0b3287d64
|
||||
ENTRY
|
||||
local CONFIG
|
||||
case $# in
|
||||
|
@ -112,24 +108,60 @@ setproxy () {
|
|||
return 1
|
||||
else
|
||||
CONFIG=$(find ${SETPROXY_CREDS_DIRS[*]} -mindepth 1 -name "$1.conf" -print -quit 2>/dev/null )
|
||||
NO_PROXY=$(find ${SETPROXY_CREDS_DIRS[*]} -mindepth 1 -name "no_proxy.conf" -print -quit 2>/dev/null )
|
||||
fi
|
||||
;;
|
||||
esac
|
||||
|
||||
logwarn "CONFIG: ${CONFIG}"
|
||||
|
||||
if [ -e ${CONFIG} ]; then
|
||||
loginfo -n "${CONFIG} existing: "
|
||||
logdebug -n "${CONFIG} existing: "
|
||||
source "${CONFIG}"
|
||||
loginfo "sourced"
|
||||
export PROXY_CREDS="${PROXY_USER}:${PROXY_PASS}@"
|
||||
loginfo "read $CONFIG"
|
||||
export PROXY_CREDS="$(urlencode ${PROXY_USER})${PROXY_PASS:+:}$(urlencode ${PROXY_PASS})"
|
||||
else
|
||||
loginfo "${CONFIG} not existing"
|
||||
export PROXY_CREDS=""
|
||||
# export PROXY_CREDS=""
|
||||
fi
|
||||
export {http,https,ftp}_proxy="http://${PROXY_CREDS}${PROXY_SERVER}:${PROXY_PORT}"
|
||||
export {HTTP,HTTPS,FTP}_PROXY="http://${PROXY_CREDS}${PROXY_SERVER}:${PROXY_PORT}"
|
||||
export {http,https,ftp,rsync,all}_proxy="${PROXY_PROTO:-http}://${PROXY_CREDS}${PROXY_CREDS:+@}${PROXY_SERVER}${PROXY_PORT:+:}${PROXY_PORT}"
|
||||
export {HTTP,HTTPS,FTP,RSYNC,ALL}_PROXY="${PROXY_PROTO:-http}://${PROXY_CREDS}${PROXY_CREDS:+@}${PROXY_SERVER}${PROXY_PORT:+:}${PROXY_PORT}"
|
||||
no_proxy="127.0.0.1,localhost"
|
||||
#no_proxy=$no_proxy,$(echo 10.{0..255}.{0..255}.{0..255}|tr ' ' ',')
|
||||
#no_proxy=$no_proxy,$(echo 172.{16..31}.{0..255}.{0..255}|tr ' ' ',')
|
||||
#no_proxy=$no_proxy,$(echo 192.168.{0..255}.{0..255}|tr ' ' ',')
|
||||
# no_proxy=${no_proxy}${PROXY_IGNORE:+,}${PROXY_IGNORE}
|
||||
# . $NO_PROXY
|
||||
|
||||
export no_proxy
|
||||
|
||||
git config -f ~/.gitconfig_local http.sslverify false
|
||||
git config -f ~/.gitconfig_local http.proxy $http_proxy
|
||||
git config -f ~/.gitconfig_local https.proxy $http_proxy
|
||||
|
||||
# only for 'github.com'
|
||||
git config -f ~/.gitconfig_local http.https://github.com.proxy $http_proxy
|
||||
EXIT
|
||||
}
|
||||
|
||||
|
||||
unsetproxy () {
|
||||
ENTRY
|
||||
unset {HTTP,HTTPS,FTP,RSYNC,ALL}_PROXY
|
||||
unset PROXY_{CREDS,USER,PASS,SERVER,PORT,PROTO,IGNORE}
|
||||
unset {http,https,ftp,rsync,all}_proxy
|
||||
unset proxy_{creds,user,pass,server,port}
|
||||
unset no_proxy NO_PROXY
|
||||
|
||||
|
||||
git config -f ~/.gitconfig_local --unset http.proxy
|
||||
git config -f ~/.gitconfig_local --unset http.sslverify false
|
||||
git config -f ~/.gitconfig_local --unset https.proxy
|
||||
# git config -f ~/.gitconfig_local --unset core.sshCommand
|
||||
|
||||
git config -f ~/.gitconfig_local --unset http.https://github.com.proxy
|
||||
EXIT
|
||||
}
|
||||
mencfs () {
|
||||
|
||||
ENTRY
|
||||
|
@ -166,7 +198,7 @@ mencfs () {
|
|||
logdebug "DESTDIR: $DESTDIR"
|
||||
[ -d "$DESTDIR" ] || mkdir -p "$DESTDIR"
|
||||
$PASS "${PKEY}" 1>/dev/null 2>&1 || { logerror "entry $PKEY does not exist in passwordsotre"; return 5; }
|
||||
local ENCFS_PASSWORD=$($PASS "${PKEY}" | head -n1)
|
||||
local ENCFS_PASSWORD=$($PASS show "${PKEY}")
|
||||
|
||||
if [ -z ${ENCDIR+x} -a -d ${ENCDIR} ];then
|
||||
logerror "no encrypted directory found -> exit"
|
||||
|
@ -242,7 +274,7 @@ kinit-custom () {
|
|||
|
||||
[ -z ${PKEY+x} ] && return 3
|
||||
$PASS "${PKEY}" 1>/dev/null 2>&1 || return 3
|
||||
local KERBEROS_PASSWORD=$($PASS "${PKEY}" | head -n1)
|
||||
local KERBEROS_PASSWORD=$($PASS show "${PKEY}")
|
||||
local KERBEROS_USER=$($PASS "${PKEY}" | grep login | sed -e 's/^login: //' )
|
||||
#echo KERBEROS_PASSWORD: $KERBEROS_PASSWORD
|
||||
loginfo "Get kerberos-ticket for: $KERBEROS_USER@$REALM"
|
||||
|
@ -266,25 +298,17 @@ ${KERBEROS_PASSWORD}
|
|||
EXIT
|
||||
}
|
||||
|
||||
unsetproxy () {
|
||||
ENTRY
|
||||
unset {HTTP,HTTPS,FTP}_PROXY
|
||||
unset PROXY_{CREDS,USER,PASS,SERVER,PORT}
|
||||
unset {http,https,ftp}_proxy
|
||||
unset proxy_{creds,user,pass,server,port}
|
||||
EXIT
|
||||
}
|
||||
|
||||
git-mergedetachedheadtomaster () {
|
||||
ENTRY
|
||||
git checkout -b tmp
|
||||
git branch -f master tmp
|
||||
git checkout master
|
||||
git branch -d tmp
|
||||
git commit -m "Merged detached head into master" .
|
||||
#git push origin master
|
||||
EXIT
|
||||
}
|
||||
# transfered to bin
|
||||
#git-mergedetachedheadtomaster () {
|
||||
# ENTRY
|
||||
# git checkout -b tmp
|
||||
# git branch -f master tmp
|
||||
# git checkout master
|
||||
# git branch -d tmp
|
||||
# git commit -m "Merged detached head into master" .
|
||||
# #git push origin master
|
||||
# EXIT
|
||||
#}
|
||||
|
||||
pathmunge () {
|
||||
ENTRY
|
||||
|
@ -332,10 +356,13 @@ sshmyshellconfig() {
|
|||
echo
|
||||
echo cleanup from old config
|
||||
rm -rf ~/server-config && echo rm -rf ~/server-config
|
||||
echo git clone
|
||||
echo mkdir -p ~/.local
|
||||
mkdir -p ~/.local
|
||||
#echo git clone
|
||||
echo git clone --recurse-submodules $MSC_GIT_REMOTE \${HOME}/${MSC_SUBPATH}
|
||||
git clone --recurse-submodules $MSC_GIT_REMOTE \${HOME}/${MSC_SUBPATH}
|
||||
date "+%s" > \${HOME}/${MSC_SUBPATH}/.last_update_submodules
|
||||
date "+%s" > \${HOME}/${MSC_SUBPATH}/.last_update_repo
|
||||
# date "+%s" > \${HOME}/${MSC_SUBPATH}/.last_update_repo
|
||||
|
||||
EOF
|
||||
EXIT
|
||||
|
@ -345,6 +372,7 @@ EOF
|
|||
sshs() {
|
||||
ENTRY
|
||||
|
||||
|
||||
local LOGLEVEL="WARN"
|
||||
# MKTMPCMD='mktemp $(echo ${XDG_RUNTIME_DIR}/bashrc.XXXXXXXX.conf)'
|
||||
# VIMMKTMPCMD="mktemp ${XDG_RUNTIME_DIR}/vimrc.XXXXXXXX.conf"
|
||||
|
@ -353,17 +381,19 @@ sshs() {
|
|||
local TMPBASHCONFIG=$(mktemp -p ${XDG_RUNTIME_DIR} -t bashrc.XXXXXXXX --suffix=.conf)
|
||||
local FILELIST=( "${MSC_BASE}/functions.sh" "${MSC_BASE}/logging" "${MSC_BASE}/myshell_load_fortmpconfig" $(getbashrcfile) ~/.aliases "${MSC_BASE}/aliases" "${MSC_BASE}/PS1" "${MSC_BASE}/bash_completion.d/*" )
|
||||
|
||||
echo "FILELIST: $FILELIST"
|
||||
logdebug "FILELIST: ${FILELIST[@]}"
|
||||
if [ -e "${HOME}/.config/myshellconfig/sshs_addfiles.conf" ] ; then
|
||||
for f in $(cat "${HOME}/.config/myshellconfig/sshs_addfiles.conf");do
|
||||
[ -e "$f" ] && {\
|
||||
echo "add $f to FILELIST"; \
|
||||
logdebug "add $f to FILELIST"; \
|
||||
FILELIST+=("$f"); }
|
||||
done
|
||||
fi
|
||||
echo "FILELIST: $FILELIST"
|
||||
local SSH_OPTS="-o VisualHostKey=no -o ControlMaster=auto -o ControlPersist=15s -o ControlPath=~/.ssh/ssh-%r@%h:%p"
|
||||
logdebug "FILELIST1: ${FILELIST[@]}"
|
||||
local SSH_OPTS="-o VisualHostKey=no -o ControlMaster=auto -o ControlPersist=20s -o ControlPath=~/.ssh/master-%C"
|
||||
#local SSH_OPTS="-o VisualHostKey=no -o ControlMaster=yes -o ControlPersist=10s -o ControlPath=~/.ssh/ssh-%C"
|
||||
# Read /etc/bashrc or /etc/bash.bashrc (depending on distribution) and /etc/profile.d/*.sh first
|
||||
ssh -T ${SSH_OPTS} $@ "pwd" >/dev/null 2>/dev/null || { logerror "Server $@ not reachable -> exit"; return 1; }
|
||||
cat << EOF >> "${TMPBASHCONFIG}"
|
||||
[ -e /etc/bashrc ] && BASHRC=/etc/bashrc
|
||||
[ -e /etc/bash.bashrc ] && BASHRC=/etc/bash.bashrc
|
||||
|
@ -390,16 +420,22 @@ EOF
|
|||
|
||||
for f in ${FILELIST[*]}; do
|
||||
if [ -e $f ]; then
|
||||
echo add $f to tmpconfig
|
||||
logdebug "add $f to tmpconfig"
|
||||
cat "$f" >> "${TMPBASHCONFIG}";
|
||||
fi
|
||||
done
|
||||
|
||||
if [ $# -ge 1 ]; then
|
||||
if [ -e "${TMPBASHCONFIG}" ] ; then
|
||||
local RCMD="/bin/bash --noprofile --norc -c "
|
||||
local REMOTETMPBASHCONFIG=$(ssh -T ${SSH_OPTS} $@ "mktemp -p \${XDG_RUNTIME_DIR-~} -t bashrc.XXXXXXXX --suffix=.conf"| tr -d '[:space:]' )
|
||||
local REMOTETMPVIMCONFIG=$(ssh -T ${SSH_OPTS} $@ "mktemp -p \${XDG_RUNTIME_DIR-~} -t vimrc.XXXXXXXX --suffix=.conf"| tr -d '[:space:]')
|
||||
logdebug "create remote bashrc"
|
||||
logdebug "SSH_OPTS: $SSH_OPTS"
|
||||
local REMOTETMPBASHCONFIG=$(ssh -T ${SSH_OPTS} $@ "mktemp -p \${XDG_RUNTIME_DIR-~} -t bashrc.XXXXXXXX --suffix=.conf" | tr -d '[:space:]' )
|
||||
logdebug "REMOTETMPBASHCONFIG: $REMOTETMPBASHCONFIG"
|
||||
logdebug $(ssh -T ${SSH_OPTS} $@ "stat ${REMOTETMPBASHCONFIG}")
|
||||
logdebug $(ssh -T ${SSH_OPTS} $@ "hostnamectl")
|
||||
logdebug "create remote vimrc"
|
||||
local REMOTETMPVIMCONFIG=$(ssh -T ${SSH_OPTS} $@ "mktemp -p \${XDG_RUNTIME_DIR-~} -t vimrc.XXXXXXXX --suffix=.conf" | tr -d '[:space:]' )
|
||||
logdebug "REMOTETMPVIMCONFIG: $REMOTETMPVIMCONFIG"
|
||||
|
||||
# Add additional aliases to bashrc for remote-machine
|
||||
cat << EOF >> "${TMPBASHCONFIG}"
|
||||
|
@ -413,14 +449,19 @@ title "\$USER@\$HOSTNAME: \$PWD"
|
|||
loginfo "This bash runs with temporary config from \$BASHRC"
|
||||
EOF
|
||||
|
||||
logdebug "create fill remote bashrc"
|
||||
ssh -T ${SSH_OPTS} $@ "cat > ${REMOTETMPBASHCONFIG}" < "${TMPBASHCONFIG}"
|
||||
logdebug $(ssh -T ${SSH_OPTS} $@ "stat ${REMOTETMPBASHCONFIG}")
|
||||
logdebug "create fill remote vimrc"
|
||||
ssh -T ${SSH_OPTS} $@ "cat > ${REMOTETMPVIMCONFIG}" < "${MSC_BASE}/vimrc"
|
||||
local RCMD="/bin/bash --noprofile --norc -c "
|
||||
RCMD="
|
||||
trap \"rm -f ${REMOTETMPBASHCONFIG} ${REMOTETMPVIMCONFIG}\" EXIT " ;
|
||||
logdebug "run remote shell with temporary config"
|
||||
ssh -t ${SSH_OPTS} $@ "$RCMD; SSHS=true bash -c \"function bash () { /bin/bash --rcfile ${REMOTETMPBASHCONFIG} -i ; } ; export -f bash; exec bash --rcfile ${REMOTETMPBASHCONFIG}\""
|
||||
rm "${TMPBASHCONFIG}"
|
||||
else
|
||||
loginfo "${TMPBASHCONFIG} does not exist. Use »ssh $@«" >&2
|
||||
logwarn "${TMPBASHCONFIG} does not exist. Using »ssh -t $@«"
|
||||
ssh -t "$@"
|
||||
fi
|
||||
else
|
||||
|
@ -477,7 +518,7 @@ vim-repair-vundle () {
|
|||
getbashrcfile () {
|
||||
ENTRY
|
||||
if [ -z ${BASHRC+x} ] ; then
|
||||
echo "bash uses default" >&2
|
||||
loginfo "bash uses default"
|
||||
else
|
||||
cat /proc/$$/cmdline | xargs -0 echo|awk '{print $3}'
|
||||
fi
|
||||
|
@ -487,7 +528,7 @@ getbashrcfile () {
|
|||
catbashrcfile () {
|
||||
ENTRY
|
||||
if [ -z ${BASHRC+x} ] ; then
|
||||
echo "bash uses default" >&2
|
||||
loginfo "bash uses default"
|
||||
else
|
||||
#cat $(cat /proc/$$/cmdline | xargs -0 echo|awk '{print $3}')
|
||||
cat $(getbashrcfile)
|
||||
|
@ -556,14 +597,17 @@ cat << EOF
|
|||
EOF
|
||||
}
|
||||
|
||||
function pdsh-update-hetzner()
|
||||
function update-hetzner-serverlist()
|
||||
{
|
||||
curl -s -H "Authorization: Bearer $(pass hetzner.com/api-token | head -n1)" \
|
||||
https://api.hetzner.cloud/v1/servers \
|
||||
| /usr/bin/jq '.servers[].public_net.ipv4.ip'|sed -e 's/\"//g' \
|
||||
|while read i; do
|
||||
dig -x $i | awk '$0 !~ /^;/ && $4 == "PTR" {print $5}'
|
||||
done |sed -s -e 's/\.$//' > ~/.dsh/group/hetzner-servers
|
||||
for i in basic-services sc xe tu; do
|
||||
curl -s -H "Authorization: Bearer $(pass show hetzner.com/projects/${i}/api-token)" \
|
||||
https://api.hetzner.cloud/v1/servers \
|
||||
| /usr/bin/jq '.servers[].public_net.ipv4.ip'|sed -e 's/\"//g' \
|
||||
|while read i; do
|
||||
dig -x $i | awk '$0 !~ /^;/ && $4 == "PTR" {print $5}'
|
||||
done |sed -s -e 's/\.$//' > ~/.dsh/group/hetzner-servers-${i}
|
||||
done
|
||||
cat ~/.dsh/group/hetzner-servers-* > ~/.dsh/group/hetzner-servers
|
||||
}
|
||||
|
||||
function tmuxx() {
|
||||
|
@ -707,12 +751,14 @@ gnome-shell-extensions-make-actual-permanent-systemwide() {
|
|||
sudo mkdir -p "/etc/dconf/profile/"
|
||||
local line='user-db:user'
|
||||
if [ -e "${file}" ] ; then
|
||||
command="grep -xqF -- ${line} ${file} || echo $line >> $file"
|
||||
logtrace "$command"
|
||||
sudo sh -c "$command"
|
||||
fi
|
||||
local line='system-db:local'
|
||||
if [ -e "${file}" ] ; then
|
||||
command="grep -xqF -- ${line} ${file} || echo $line >> $file"
|
||||
logtrace "$command"
|
||||
sudo sh -c "$command"
|
||||
fi
|
||||
local line='enabled-extensions='
|
||||
|
@ -776,7 +822,7 @@ reachable () {
|
|||
local i
|
||||
loginfo -n "Try to connect to ${SERVER} (${IP}):${PORT} " >&2
|
||||
for i in $(seq 1 $SEC); do
|
||||
logdebug -n "." >&2
|
||||
loginfo -n "." >&2
|
||||
if reachable-default ${IP} ${PORT} 2>/dev/null; then
|
||||
res=0
|
||||
break
|
||||
|
@ -798,14 +844,14 @@ utoken () {
|
|||
ENTRY
|
||||
ssh_identity=$1
|
||||
|
||||
[ -z "${PKCS11_MODULE+x}" ] && { PKCS11_MODULE=/usr/lib64/p11-kit-proxy.so; export PKCS11_MODULE; }
|
||||
[ -z "${P11M+x}" ] && { P11M=$PKCS11_MODULE; export P11M; }
|
||||
|
||||
if [ -n "${ssh_identity+x}" ]; then
|
||||
agentfile="${HOME}/.ssh/agents/agent-${ssh_identity}-$(hostname)"
|
||||
if [ -e "$agentfile" ]; then
|
||||
local SSH_AUTH_SOCK
|
||||
local SSH_AGENT_PID
|
||||
/bin/sh -c ". $agentfile >/dev/null 2>/dev/null; ssh-add -l; ssh-add -e $PKCS11_MODULE; ssh-add -l"
|
||||
/bin/sh -c ". $agentfile >/dev/null 2>/dev/null; ssh-add -l; ssh-add -e $P11M; ssh-add -l"
|
||||
fi
|
||||
fi
|
||||
EXIT
|
||||
|
@ -813,28 +859,36 @@ utoken () {
|
|||
|
||||
token(){
|
||||
|
||||
[ -z "${PKCS11_MODULE+x}" ] && { PKCS11_MODULE=/usr/lib64/p11-kit-proxy.so; export PKCS11_MODULE; }
|
||||
|
||||
# Usage:
|
||||
# token <identity> will load token in agent. does nothing, if token is already loaded
|
||||
# token -r|-f|--reload-token <identity> will remove token from agent and add it again (if plugged off and plugged in again
|
||||
# startagent -t $@
|
||||
loadagent $@
|
||||
loginfo "$(ssh-add -s $PKCS11_MODULE)"
|
||||
loginfo "$(ssh-add -l)"
|
||||
[ -z "${P11M:+x}" ] && { P11M=$PKCS11_MODULE; export P11M; }
|
||||
|
||||
# If DISPLAY is set, ssh-add calls ssh-askpass, and if its in remote-terminal, it wont work
|
||||
# So remember and unset DISPLAY, and set it at the end again, if it was set before
|
||||
[ $DISPLAY ] && local DISPLAY_ORIG=$DISPLAY
|
||||
[ $DISPLAY ] && logtrace "unset DISPLAY: $DISPLAY"
|
||||
[ $DISPLAY ] && unset DISPLAY
|
||||
|
||||
# Write public keys of all in agent stored keys to a temporary file
|
||||
local tmppubkey="$(mktemp -p ${XDG_RUNTIME_DIR} pubkey.XXXXXX.pub)"
|
||||
logtrace "tmppubkey: $tmppubkey"
|
||||
loginfo "$(ssh-add -L > $tmppubkey)"
|
||||
# Check if public-keys in tmppubkey are working. They are not working, if you removed and add back hardware-token.
|
||||
loginfo "$(ssh-add -T ${tmppubkey}|| { ssh-add -e $P11M; ssh-add -s $P11M; } )"
|
||||
logdebug "$(rm "${tmppubkey}")"
|
||||
logdebug "$(ssh-add -l )"
|
||||
[ $DISPLAY_ORIG ] && logtrace "reset DISPLAY=$DISPLAY_ORIG"
|
||||
[ $DISPLAY_ORIG ] && export DISPLAY=$DISPLAY_ORIG
|
||||
|
||||
}
|
||||
|
||||
|
||||
token-extract-pubkey() {
|
||||
if pkcs11-tool --module $PKCS11_MODULE --list-token-slots >&2 ;then
|
||||
ssh-keygen -i -m pkcs8 -f <(pkcs11-tool --module $PKCS11_MODULE -r --type pubkey $1 $2 |openssl rsa -pubin -inform DER )
|
||||
if pkcs11-tool --module $P11M --list-token-slots >&2 ;then
|
||||
ssh-keygen -i -m pkcs8 -f <(pkcs11-tool --module $P11M -r --type pubkey ${1:+--label} ${1} |openssl rsa -pubin -inform DER )
|
||||
if [ $? -gt 0 ] ; then
|
||||
token-list-objects
|
||||
token-list-objects >&2
|
||||
fi
|
||||
else
|
||||
echo "Please insert token. Exit"
|
||||
echo "Please insert token. Exit" >&2
|
||||
return 1
|
||||
fi
|
||||
}
|
||||
|
@ -842,10 +896,10 @@ token-extract-pubkey() {
|
|||
token-list-objects() {
|
||||
case $1 in
|
||||
--login|-l)
|
||||
pkcs11-tool --module $PKCS11_MODULE --login --list-objects
|
||||
pkcs11-tool --module $P11M --login --list-objects
|
||||
;;
|
||||
*)
|
||||
pkcs11-tool --module $PKCS11_MODULE --list-objects
|
||||
pkcs11-tool --module $P11M --list-objects
|
||||
;;
|
||||
esac
|
||||
|
||||
|
@ -857,7 +911,7 @@ loadagent() {
|
|||
af=$(startagent --create-only $1 )
|
||||
loginfo "Load agent from $af"
|
||||
unset SSH_AUTH_SOCKET SSH_AGENT_PID
|
||||
eval $(<$af)
|
||||
[ -n "${af+x}" ] && eval $(<$af)
|
||||
logdebug "SSH_AUTH_SOCK: ${SSH_AUTH_SOCK-not set}"
|
||||
logdebug "SSH_AGENT_PID: ${SSH_AGENT_PID-not set}"
|
||||
loginfo "currently loaded keys in agent:
|
||||
|
@ -973,5 +1027,143 @@ convert_to_subvolume () {
|
|||
set +x
|
||||
return 0
|
||||
|
||||
|
||||
}
|
||||
|
||||
getfreeip () {
|
||||
local N=$1
|
||||
sudo nmap -v -sn -n $1 -oG - | awk '/Status: Down/{print $2}'
|
||||
}
|
||||
|
||||
cporig () {
|
||||
|
||||
cp -b -i "${1}" "${1}.orig"
|
||||
|
||||
}
|
||||
|
||||
vgrename_full () {
|
||||
|
||||
altevolumegroup="$1"
|
||||
neuevolumegroup="$2"
|
||||
|
||||
vgrename ${altevolumegroup} ${neuevolumegroup}
|
||||
sed -i "s/${altevolumegroup}/${neuevolumegroup}/g" /etc/fstab
|
||||
sed -i "s/${altevolumegroup}/${neuevolumegroup}/g" /boot/grub/grub.cfg
|
||||
sed -i "s/${altevolumegroup}/${neuevolumegroup}/g" /boot/grub/menu.lst
|
||||
sed -i "s/${altevolumegroup}/${neuevolumegroup}/g" /etc/initramfs-tools/conf.d/resume
|
||||
update-initramfs -c -k all
|
||||
}
|
||||
|
||||
getfreeip () {
|
||||
|
||||
local N=$1
|
||||
|
||||
sudo nmap -v -sn -n $1 -oG - | awk '/Status: Down/{print $2}'
|
||||
|
||||
}
|
||||
|
||||
getusedip () {
|
||||
|
||||
local N=$1
|
||||
local DNS=$2
|
||||
|
||||
sudo nmap -v -sn -n $1 -oG - | awk '!/Status: Down/{print $2}'|while read i;do
|
||||
echo "$i: $(dig "${DNS:+@}${DNS}" -x $i +short +search)"
|
||||
|
||||
done
|
||||
|
||||
}
|
||||
|
||||
function getdbcreds_jra () {
|
||||
case $# in
|
||||
0)
|
||||
gojirahome
|
||||
DB_FILE=dbconfig.xml
|
||||
#cd -
|
||||
;;
|
||||
1)
|
||||
DB_FILE=$1
|
||||
;;
|
||||
*)
|
||||
echo "wrong number of arguments"
|
||||
return 1
|
||||
;;
|
||||
esac
|
||||
|
||||
DB_URL="$(grep -oPm1 "(?<=<url>)[^<]+" ${DB_FILE})"
|
||||
DB_USER="$(grep -oPm1 "(?<=<username>)[^<]+" ${DB_FILE})"
|
||||
DB_PWD="$(grep -oPm1 "(?<=<password>)[^<]+" ${DB_FILE})"
|
||||
DB_HOST="$(echo $DB_URL|sed 's@^.*//@@;s@\(^.*\):\(.*\)/\(.*\)$@\1@')"
|
||||
DB_PORT="$(echo $DB_URL|sed 's@^.*//@@;s@\(^.*\):\(.*\)/\(.*\)$@\2@')"
|
||||
DB_NAME="$(echo $DB_URL|sed 's@^.*//@@;s@\(^.*\):\(.*\)/\(.*\)$@\3@')"
|
||||
|
||||
return 0
|
||||
}
|
||||
|
||||
function getdbcreds_cnf () {
|
||||
case $# in
|
||||
0)
|
||||
gocnfhome
|
||||
DB_FILE=confluence.cfg.xml
|
||||
;;
|
||||
1)
|
||||
DB_FILE=$1
|
||||
;;
|
||||
*)
|
||||
echo "wrong number of arguments"
|
||||
cd -
|
||||
return 1
|
||||
;;
|
||||
esac
|
||||
|
||||
DB_URL="$(grep -oPm1 "(?<=<property name=\"hibernate.connection.url\">)[^<]+" ${DB_FILE})"
|
||||
DB_USER="$(grep -oPm1 "(?<=<property name=\"hibernate.connection.username\">)[^<]+" ${DB_FILE})"
|
||||
DB_PWD="$(grep -oPm1 "(?<=<property name=\"hibernate.connection.password\">)[^<]+" ${DB_FILE})"
|
||||
DB_HOST="$(echo $DB_URL|sed 's@^.*//@@;s@\(^.*\):\(.*\)/\(.*\)$@\1@')"
|
||||
DB_PORT="$(echo $DB_URL|sed 's@^.*//@@;s@\(^.*\):\(.*\)/\(.*\)$@\2@')"
|
||||
DB_NAME="$(echo $DB_URL|sed 's@^.*//@@;s@\(^.*\):\(.*\)/\(.*\)$@\3@')"
|
||||
|
||||
cd -
|
||||
return 0
|
||||
}
|
||||
function connectdb () {
|
||||
|
||||
case $1 in
|
||||
jra|jira)
|
||||
getdbcreds_jra $2
|
||||
;;
|
||||
cnf|conf|confluence)
|
||||
getdbcreds_cnf $2
|
||||
;;
|
||||
*)
|
||||
echo "wrong argument"
|
||||
return 1
|
||||
;;
|
||||
esac
|
||||
|
||||
PGPASSWORD=$DB_PWD psql -h $DB_HOST -p $DB_PORT -U $DB_USER $DB_NAME
|
||||
}
|
||||
|
||||
|
||||
urlencode() {
|
||||
# urlencode <string>
|
||||
|
||||
local LANG=C
|
||||
local length="${#1}"
|
||||
for (( i = 0; i < length; i++ )); do
|
||||
local c="${1:i:1}"
|
||||
case $c in
|
||||
[a-zA-Z0-9.~_-]) printf "$c" ;;
|
||||
*) printf '%%%02X' "'$c" ;;
|
||||
esac
|
||||
done
|
||||
}
|
||||
|
||||
urldecode() {
|
||||
# urldecode <string>
|
||||
|
||||
local url_encoded="${1//+/ }"
|
||||
printf '%b' "${url_encoded//%/\\x}"
|
||||
}
|
||||
|
||||
#EOF
|
||||
|
|
5
logging
5
logging
|
@ -60,6 +60,7 @@ function logerror(){
|
|||
;;
|
||||
esac
|
||||
local msg="$1"
|
||||
[ -z "${msg:+x}" ] && return 0
|
||||
timeAndDate=`date`
|
||||
local loglevels
|
||||
declare -a loglevels
|
||||
|
@ -81,6 +82,7 @@ function logwarn(){
|
|||
;;
|
||||
esac
|
||||
local msg="$1"
|
||||
[ -z "${msg:+x}" ] && return 0
|
||||
timeAndDate=`date`
|
||||
local loglevels
|
||||
declare -a loglevels
|
||||
|
@ -102,6 +104,7 @@ function loginfo(){
|
|||
;;
|
||||
esac
|
||||
local msg="$1"
|
||||
[ -z "${msg:+x}" ] && return 0
|
||||
timeAndDate=`date`
|
||||
local loglevels
|
||||
declare -a loglevels
|
||||
|
@ -124,6 +127,7 @@ function logdebug(){
|
|||
;;
|
||||
esac
|
||||
local msg="$1"
|
||||
[ -z "${msg:+x}" ] && return 0
|
||||
timeAndDate=`date`
|
||||
local loglevels
|
||||
declare -a loglevels
|
||||
|
@ -145,6 +149,7 @@ function logtrace(){
|
|||
;;
|
||||
esac
|
||||
local msg="$1"
|
||||
[ -z "${msg:+x}" ] && return 0
|
||||
timeAndDate=`date`
|
||||
local loglevels
|
||||
declare -a loglevels
|
||||
|
|
|
@ -21,6 +21,14 @@ esac
|
|||
|
||||
# Load default values, functions, aliases for myshellconfig
|
||||
if ! $SSHS; then
|
||||
######################################################################################
|
||||
# ls is not in color on all systems
|
||||
export LS_OPTIONS='--color=auto'
|
||||
eval "`dircolors`"
|
||||
|
||||
#######################################################################################
|
||||
# User specific aliases and function
|
||||
logdebug "notmpconf"
|
||||
if [ -e ${MSC_BASE}/functions.sh ]; then
|
||||
. ${MSC_BASE}/functions.sh
|
||||
else
|
||||
|
@ -29,13 +37,6 @@ if ! $SSHS; then
|
|||
|
||||
|
||||
|
||||
######################################################################################
|
||||
# ls is not in color on all systems
|
||||
export LS_OPTIONS='--color=auto'
|
||||
eval "`dircolors`"
|
||||
|
||||
#######################################################################################
|
||||
# User specific aliases and function
|
||||
|
||||
|
||||
if [ -d "${MSC_BASE}/bin" ] ; then
|
||||
|
@ -80,15 +81,38 @@ if ! $SSHS; then
|
|||
#cd ${HOME}
|
||||
|
||||
# Start tmux if not defined as STARTTMUX in bashrc
|
||||
if test ! $TMUX && test $SSH_TTY && test $TERM != screen && test $(systemctl status tmux@${USER}.service 1>/dev/null 2>&1; echo $? ) -eq 0; then
|
||||
STARTTMUXDEFAULT=true
|
||||
logdebug "attach tmux?"
|
||||
logdebug "TMUX: $TMUX"
|
||||
logdebug "SSH_TTY: $SSH_TTY"
|
||||
logdebug "TERM: $TERM"
|
||||
logdebug "tmux@${USER}: $(systemctl status tmux@${USER}.service 1>/dev/null 2>&1; echo $? )"
|
||||
if test $SSH_TTY; then
|
||||
loginfo "i am remote"
|
||||
if test ! $TMUX && test $TERM != screen; then
|
||||
loginfo "no screen"
|
||||
# if test $(systemctl status tmux@${USER}.service 1>/dev/null 2>&1; echo $? ) -eq 0; then
|
||||
if tmux has-session -t User || tmux has-session -t "${USER}"; then
|
||||
loginfo "tmux@${USER} is running"
|
||||
STARTTMUXDEFAULT=${STARTTMUXREMOTEDEFAULT}
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
|
||||
# if test ! $TMUX && test $SSH_TTY && test $TERM != screen && test $(systemctl status tmux@${USER}.service 1>/dev/null 2>&1; echo $? ) -eq 0; then
|
||||
# : # STARTTMUXDEFAULT=${STARTTMUXREMOTEDEFAULT}
|
||||
# logwarn "TEST1"
|
||||
# else
|
||||
# logwarn "TEST2"
|
||||
# STARTTMUXDEFAULT=${STARTTMUXREMOTEDEFAULT}
|
||||
# fi
|
||||
logdebug "${STARTTMUXDEFAULT}"
|
||||
|
||||
unset -f pathmunge
|
||||
|
||||
else
|
||||
# run with temporary config
|
||||
|
||||
logdebug "tmpconf"
|
||||
case $TERM in
|
||||
*screen*)
|
||||
loginfo BASHRC: $BASHRC -> source it
|
||||
|
@ -117,7 +141,6 @@ export HISTTIMEFORMAT='%F %T '
|
|||
export HISTSIZE=999999
|
||||
|
||||
loginfo "bashrc_add sourced" 2>&1 |tee -a ${MSC_LOGFILE} >&2
|
||||
#echo "bashrc_add sourced" >&2
|
||||
|
||||
# Export several functions for being usable in subshells
|
||||
export -f token
|
||||
|
@ -138,8 +161,3 @@ export -f reachable-default
|
|||
[ -z "${SSH_AGENTS_DEFAULT_DIR+x}" ] || mkdir -p "${SSH_AGENTS_DEFAULT_DIR}"
|
||||
|
||||
|
||||
#cat << EOF > "${SSH_AGENTS_DEFAULT_DIR}/agent-default-$(hostname)"
|
||||
#SSH_AUTH_SOCK=${SSH_AUTH_SOCK}; export SSH_AUTH_SOCK;
|
||||
#SSH_AGENT_PID=${SSH_AGENT_PID}; export SSH_AGENT_PID;
|
||||
#loginfo Agent pid ${SSH_AGENT_PID};
|
||||
#EOF
|
||||
|
|
|
@ -14,7 +14,7 @@ if [ -n "$SSH_AUTH_SOCK" ] && \
|
|||
chmod 600 ~/.x2go/agentsocket
|
||||
chown $USER ~/.x2go/agentsocket
|
||||
# write file name of agent socket into file
|
||||
loginfo "old agentsock $( cat ~/.x2go/agentsocket)"
|
||||
logdebug "old agentsock $( cat ~/.x2go/agentsocket)"
|
||||
echo $SSH_AUTH_SOCK > ~/.x2go/agentsocket
|
||||
#rm ~/.x2go/agentsocket
|
||||
#ln -s $SSH_AUTH_SOCK ~/.x2go/agentsocket
|
||||
|
@ -28,10 +28,11 @@ fi
|
|||
# check our client DISPLAY and SSH client IP correspond to
|
||||
# a running X2Go session and
|
||||
# check ~/.x2go/agentsocket is a regular file
|
||||
|
||||
if which x2golistsessions >/dev/null && \
|
||||
[ -n "$DISPLAY" ] && \
|
||||
[ -n "$(x2golistsessions | \
|
||||
awk -F '|' '":"$3 == "'$DISPLAY'" && \
|
||||
awk -F '|' '$3 == "'${DISPLAY:1:2}'" && \
|
||||
$5 == "R" && \
|
||||
$8 == "'$(echo $SSH_CLIENT | \
|
||||
awk '{print $1}')'" { print $3 }')" ] && \
|
||||
|
@ -44,7 +45,7 @@ if which x2golistsessions >/dev/null && \
|
|||
if [ -S "$MIGHTBEOURAGENT" ]; then
|
||||
# export path to agent socket
|
||||
export SSH_AUTH_SOCK=$MIGHTBEOURAGENT
|
||||
logdebug "export it"
|
||||
logdebug "export SSH_AUTH_SOCK=$MIGHTBEOURAGENT"
|
||||
fi
|
||||
fi
|
||||
|
||||
|
|
7
sshs_addfiles.conf
Normal file
7
sshs_addfiles.conf
Normal file
|
@ -0,0 +1,7 @@
|
|||
${MSC_BASE}/functions.sh
|
||||
${MSC_BASE}/logging
|
||||
${MSC_BASE}/myshell_load_fortmpconfig
|
||||
$(getbashrcfile) ~/.aliases
|
||||
${MSC_BASE}/aliases
|
||||
${MSC_BASE}/PS1
|
||||
${MSC_BASE}/bash_completion.d/*
|
|
@ -1 +1 @@
|
|||
Subproject commit e91b178ff832b7bcbbf4d99d9f467f63fd1b76b5
|
||||
Subproject commit 5d089e418efb1a00f47654014ed085deb3d0c878
|
|
@ -1 +1 @@
|
|||
Subproject commit 1b1b8098419daacb92ca401ad6ee0ca6894a40ca
|
||||
Subproject commit 7c59902f64dcd7ea356e891274b21144d1ea5948
|
|
@ -177,7 +177,7 @@ source-file "${HOME}/.tmux/plugins/tmux-themepack/powerline/block/green.tmuxthem
|
|||
# source local tmux.config
|
||||
source-file -q "${HOME}/.local/share/tmux/tmux.conf"
|
||||
|
||||
set -g update-environment "SSH_ASKPASS WINDOWID SSH_CONNECTION XAUTHORITY SSH_TTY SSH_AUTH_SOCK DISPLAY"
|
||||
set -g update-environment "SSH_ASKPASS WINDOWID SSH_CONNECTION XAUTHORITY SSH_TTY SSH_AUTH_SOCK DISPLAY P11M"
|
||||
|
||||
#set-environment -g 'SSH_AUTH_SOCK' ~/.ssh/ssh_auth_sock
|
||||
|
||||
|
|
|
@ -1 +1 @@
|
|||
Subproject commit 33e67af2418e4775c2a7abc6e8fef401e697e1eb
|
||||
Subproject commit bdd9f58b969b153a586d22435c987a846da2922b
|
|
@ -1 +1 @@
|
|||
Subproject commit 3f90fb42d8871920138ace9878502f22a4d91e85
|
||||
Subproject commit 4138333f5cfb6e21b0f8d63a43add4c70c25cdaf
|
|
@ -1 +1 @@
|
|||
Subproject commit b1afeca8cc02030f450bf1feee015d40988f86e3
|
||||
Subproject commit 0452b71830b1a219b8cdc68141ee58ec288ea711
|
|
@ -1 +1 @@
|
|||
Subproject commit 0e71462f90fb4bd09121eeba829512cc24ab5c97
|
||||
Subproject commit 9310f91476a94ee9c2f3a587171893743a343e26
|
|
@ -1 +1 @@
|
|||
Subproject commit ff9b14f14dceecb6c08cb05053ad649c3b6ac250
|
||||
Subproject commit e1fe727127a813095854a5b063c15e955a77eafb
|
|
@ -1 +1 @@
|
|||
Subproject commit 7414f30365a342e1d89072d474a35913643b6eec
|
||||
Subproject commit 97bf9ec720662af51ae403b6dfe720d4a24bfcbc
|
|
@ -1 +1 @@
|
|||
Subproject commit 0de4c9df21abf9256091d205148601f718d3a12c
|
||||
Subproject commit 26f922753a288df639b8d05d13ed62b9b04a26bc
|
|
@ -1 +1 @@
|
|||
Subproject commit c4c639f3cacd1b874ed6f5f196fac772e089c932
|
||||
Subproject commit 1b320083dc0892b8a874a17c75abfea86c801434
|
|
@ -1 +1 @@
|
|||
Subproject commit 6c18adaf98f369fd302d131e046c92410b4709f0
|
||||
Subproject commit 4d29c1d6a0def18923b4762c8f85ca3ee5ae6c83
|
|
@ -1 +1 @@
|
|||
Subproject commit 549fb96d5890d5225afda070ca041468c2c770e5
|
||||
Subproject commit 256702dd1432894b3607d3de6cd660863b331818
|
|
@ -1 +1 @@
|
|||
Subproject commit 07d19f0299762669c6f93fbadb8249da6ba9de62
|
||||
Subproject commit 8eadb5bd8fead8594d201f7cd78aed912243fd9f
|
1
vim/pack/plugins/start/vim-soa
Submodule
1
vim/pack/plugins/start/vim-soa
Submodule
|
@ -0,0 +1 @@
|
|||
Subproject commit 429a874ac32d6e3c3cf117b2d83ed70212380ad9
|
|
@ -1 +1 @@
|
|||
Subproject commit 6aaddfde21fe9e7acbe448b92b3cbb67f2fe1fc1
|
||||
Subproject commit 3c6d80fc59d57ed2fbef14333c0efef02cbcf2f8
|
|
@ -17,3 +17,4 @@ install plugins https://github.com/junegunn/fzf.vim.git
|
|||
install plugins https://github.com/airblade/vim-gitgutter.git
|
||||
remove plugins https://github.com/Lokaltog/powerline.git
|
||||
install plugins https://github.com/jamessan/vim-gnupg
|
||||
install plugins git@git.schuerz.at:/public/vim-soa.git
|
||||
|
|
11
vimrc
11
vimrc
|
@ -468,9 +468,18 @@ let NERDTreeIgnore=['\.pyc$', '\~$'] "ignore files in NERDTree
|
|||
" write .netrwhist to cache-dir instead of ~/.vim to prevent configcheckout
|
||||
" problems
|
||||
let g:netrw_home=$XDG_CACHE_HOME.'/vim'
|
||||
|
||||
"let g:nerdtree_tabs_open_on_console_startup=1
|
||||
let g:nerdtree_tabs_open_on_console_startup=0
|
||||
|
||||
" Start NERDTree. If a file is specified, move the cursor to its window.
|
||||
"autocmd StdinReadPre * let s:std_in=1
|
||||
"autocmd VimEnter * NERDTree | if argc() > 0 || exists("s:std_in") | wincmd p | endif
|
||||
|
||||
" Start NERDTree when Vim is started without file arguments.
|
||||
autocmd StdinReadPre * let s:std_in=1
|
||||
autocmd VimEnter * if argc() == 0 && !exists('s:std_in') | NERDTree | endif
|
||||
|
||||
let g:NERDTreeGitStatusIndicatorMapCustom= {
|
||||
\ "Modified" : "✹",
|
||||
\ "Staged" : "✚",
|
||||
|
@ -530,3 +539,5 @@ let g:fzf_layout = { 'window': { 'width': 0.9, 'height': 0.6 } }
|
|||
" Configure Gitgutter
|
||||
nmap <Leader>hn <Plug>(GitGutterNextHunk)
|
||||
nmap <Leader>hp <Plug>(GitGutterPrevHunk)
|
||||
|
||||
autocmd BufWritePre /etc/bind/vpn/db.* Soa
|
||||
|
|
Loading…
Reference in a new issue