From 125f9d846b8706e5c431f5c318590c910f4f5432 Mon Sep 17 00:00:00 2001 From: Hiroyuki Terauchi <44413241+hiroTochigi@users.noreply.github.com> Date: Fri, 5 Jan 2024 22:18:26 -0600 Subject: [PATCH] first scripting azure experiments (fixes #42) (#41) --- .gitignore | 1 + init.sh => src/aws/init.sh | 108 +++++++++++++++---------------- src/azure/auth/driver.sh | 26 ++++++++ src/azure/auth/load.sh | 2 + src/azure/auth/login.sh | 8 +++ src/azure/config.sh | 7 ++ src/azure/credential/driver.sh | 35 ++++++++++ src/azure/credential/load.sh | 5 ++ src/azure/credential/retrieve.sh | 14 ++++ src/azure/credential/setup.sh | 36 +++++++++++ src/azure/credential/show.sh | 19 ++++++ src/azure/credential/update.sh | 31 +++++++++ src/azure/driver.sh | 31 +++++++++ src/azure/init.sh | 5 ++ src/azure/load.sh | 3 + 15 files changed, 277 insertions(+), 54 deletions(-) rename init.sh => src/aws/init.sh (69%) create mode 100644 src/azure/auth/driver.sh create mode 100644 src/azure/auth/load.sh create mode 100644 src/azure/auth/login.sh create mode 100644 src/azure/config.sh create mode 100644 src/azure/credential/driver.sh create mode 100644 src/azure/credential/load.sh create mode 100644 src/azure/credential/retrieve.sh create mode 100755 src/azure/credential/setup.sh create mode 100644 src/azure/credential/show.sh create mode 100644 src/azure/credential/update.sh create mode 100644 src/azure/driver.sh create mode 100644 src/azure/init.sh create mode 100644 src/azure/load.sh diff --git a/.gitignore b/.gitignore index 8d8c2ab7..71f9bc7f 100644 --- a/.gitignore +++ b/.gitignore @@ -4,3 +4,4 @@ /vpn/conf/* *.conf !vpn/templates/*.conf +.treehouses diff --git a/init.sh b/src/aws/init.sh similarity index 69% rename from init.sh rename to src/aws/init.sh index bc20db9e..9747b9fc 100644 --- a/init.sh +++ b/src/aws/init.sh @@ -134,73 +134,73 @@ function usage { exit 1 } -while getopts 'n:pN:a:' OPTION; do - case "$OPTION" in - n) - keyname=$OPTARG - ;; - p) - portConfigArray=$(getArrayValueAsStringByKey $instanceName tcpPortArray) - udpPortConfigArray=$(getArrayValueAsStringByKey $instanceName udpPortArray) - if [ -z "$portConfigArray" ] - then - echo "There is no stored port numbers. The default port numbers are used" - fi - if [ -z "$udpPortConfigArray" ] - then - echo "There is no stored udp port numbers. The default port numbers are used" - fi - ;; - a) - groupName=$OPTARG-sg - instanceName=$OPTARG - keyname=$OPTARG - ;; - ?) - usage - ;; - esac -done -shift "$(($OPTIND -1))" - - -if [ -z $keyname ] -then - keyname=luftballon -fi +function init { + while getopts 'n:pN:a:' OPTION; do + case "$OPTION" in + n) + keyname=$OPTARG + ;; + p) + portConfigArray=$(getArrayValueAsStringByKey $instanceName tcpPortArray) + udpPortConfigArray=$(getArrayValueAsStringByKey $instanceName udpPortArray) + if [ -z "$portConfigArray" ] + then + echo "There is no stored port numbers. The default port numbers are used" + fi + if [ -z "$udpPortConfigArray" ] + then + echo "There is no stored udp port numbers. The default port numbers are used" + fi + ;; + a) + groupName=$OPTARG-sg + instanceName=$OPTARG + keyname=$OPTARG + ;; + ?) + usage + ;; + esac + done + shift "$(($OPTIND -1))" -keyName=$(importSshKey | getValueByKeyword KeyName ) + if [ -z $keyname ] + then + keyname=luftballon + fi -if [ -z $keyName ] -then - exit 1 -fi -echo "Success to add ssh key: $keyName" + keyName=$(importSshKey | getValueByKeyword KeyName ) -createSecurityGroups -echo "Add security group" + if [ -z $keyName ] + then + exit 1 + fi -instanceId=$(createEc2 | getValueByKeyword InstanceId ) -echo "Create EC2 Instance" -echo "Instance id is $instanceId" + echo "Success to add ssh key: $keyName" + createSecurityGroups + echo "Add security group" -aws ec2 create-tags --resources $instanceId --tags Key=Name,Value=$instanceName -aws ec2 create-tags --resources $instanceId --tags Key=Class,Value=treehouses + instanceId=$(createEc2 | getValueByKeyword InstanceId ) + echo "Create EC2 Instance" + echo "Instance id is $instanceId" -publicIp=$(waitForOutput "getLatestIpAddress $instanceId") -echo "Public IP Address is $publicIp" + aws ec2 create-tags --resources $instanceId --tags Key=Name,Value=$instanceName + aws ec2 create-tags --resources $instanceId --tags Key=Class,Value=treehouses -echo "Will open ssh tunnel soon" -isOpen=$(waitForOutput "ssh-keyscan -H $publicIp | grep ecdsa-sha2-nistp256") -echo "Opened ssh tunnel" -openSSHTunnel $publicIp $portConfigArray -storeConfigIntoTreehousesConfigAsStringfiedJson $instanceName $keyName $instanceId $publicIp $groupName + publicIp=$(waitForOutput "getLatestIpAddress $instanceId") + echo "Public IP Address is $publicIp" + echo "Will open ssh tunnel soon" + isOpen=$(waitForOutput "ssh-keyscan -H $publicIp | grep ecdsa-sha2-nistp256") + echo "Opened ssh tunnel" + openSSHTunnel $publicIp $portConfigArray + storeConfigIntoTreehousesConfigAsStringfiedJson $instanceName $keyName $instanceId $publicIp $groupName +} diff --git a/src/azure/auth/driver.sh b/src/azure/auth/driver.sh new file mode 100644 index 00000000..44c42c0e --- /dev/null +++ b/src/azure/auth/driver.sh @@ -0,0 +1,26 @@ +authUsage() { + echo "Usage: $0 credential [command]" + echo "Commands:" + echo " login - Login azure as service-principal" + exit 1 +} + +function auth(){ + + # Check if at least one argument is provided + if [ $# -eq 0 ]; then + authUsage + fi + + # Execute the appropriate command + case "$1" in + login) + login + ;; + *) + echo "Error: Invalid command." + authUsage + ;; + esac + +} \ No newline at end of file diff --git a/src/azure/auth/load.sh b/src/azure/auth/load.sh new file mode 100644 index 00000000..bdeab91a --- /dev/null +++ b/src/azure/auth/load.sh @@ -0,0 +1,2 @@ +source auth/login.sh +source auth/driver.sh \ No newline at end of file diff --git a/src/azure/auth/login.sh b/src/azure/auth/login.sh new file mode 100644 index 00000000..f8fe9476 --- /dev/null +++ b/src/azure/auth/login.sh @@ -0,0 +1,8 @@ +function login(){ + + username=$(retrieveCred username) + password=$(retrieveCred password) + tenant=$(retrieveCred tenant_name) + + az login --service-principal --username $username --password $password --tenant $tenant +} \ No newline at end of file diff --git a/src/azure/config.sh b/src/azure/config.sh new file mode 100644 index 00000000..b96fd76d --- /dev/null +++ b/src/azure/config.sh @@ -0,0 +1,7 @@ +# Directory and file names +DIR_NAME=".luftballon" +FILE_NAME="credentials.txt" + +# Full path of the directory and the file +DIR_PATH="$HOME/$DIR_NAME" +FILE_PATH="$DIR_PATH/$FILE_NAME" diff --git a/src/azure/credential/driver.sh b/src/azure/credential/driver.sh new file mode 100644 index 00000000..93b202a9 --- /dev/null +++ b/src/azure/credential/driver.sh @@ -0,0 +1,35 @@ + +credentialUsage() { + echo "Usage: $0 credential [command]" + echo "Commands:" + echo " init - Initialize and store new credentials" + echo " update - Update existing credentials" + echo " show - Display current credentials" + exit 1 +} + +function credential(){ + + # Check if at least one argument is provided + if [ $# -eq 0 ]; then + credentialUsage + fi + + # Execute the appropriate command + case "$1" in + init) + initCreds + ;; + update) + updateCreds + ;; + show) + showCreds + ;; + *) + echo "Error: Invalid command." + credentialUsage + ;; + esac + +} \ No newline at end of file diff --git a/src/azure/credential/load.sh b/src/azure/credential/load.sh new file mode 100644 index 00000000..4a2990d9 --- /dev/null +++ b/src/azure/credential/load.sh @@ -0,0 +1,5 @@ +source credential/driver.sh +source credential/setup.sh +source credential/show.sh +source credential/update.sh +source credential/retrieve.sh \ No newline at end of file diff --git a/src/azure/credential/retrieve.sh b/src/azure/credential/retrieve.sh new file mode 100644 index 00000000..2c61cfd0 --- /dev/null +++ b/src/azure/credential/retrieve.sh @@ -0,0 +1,14 @@ +#!/bin/bash + +retrieveCred() { + local key=$1 + local file=$FILE_PATH + + local value=$(grep "^$key=" "$file" | cut -d'=' -f2) + + if [ -z "$value" ]; then + echo "" + else + echo $value + fi +} diff --git a/src/azure/credential/setup.sh b/src/azure/credential/setup.sh new file mode 100755 index 00000000..e5738bb1 --- /dev/null +++ b/src/azure/credential/setup.sh @@ -0,0 +1,36 @@ +#!/bin/bash + +saveCreds() { + read -p "Enter your username: " username + read -sp "Enter your password: " password + echo + read -p "Enter your tenant name: " tenant_name + + # Storing credentials in the file + echo "username=$username" > "$FILE_PATH" + echo "password=$password" >> "$FILE_PATH" + echo "tenant_name=$tenant_name" >> "$FILE_PATH" + + echo "Credentials stored successfully in $FILE_PATH." +} + +checkDirFile() { + if [ ! -d "$DIR_PATH" ]; then + echo "Directory $DIR_PATH does not exist. Creating now." + mkdir "$DIR_PATH" + else + echo "Directory $DIR_PATH already exists." + fi + + if [ ! -f "$FILE_PATH" ]; then + echo "Creating credentials file at $FILE_PATH." + touch "$FILE_PATH" + else + echo "Credentials file already exists at $FILE_PATH." + fi +} + +initCreds() { + checkDirFile + saveCreds +} diff --git a/src/azure/credential/show.sh b/src/azure/credential/show.sh new file mode 100644 index 00000000..22e62e1c --- /dev/null +++ b/src/azure/credential/show.sh @@ -0,0 +1,19 @@ +#!/bin/bash + +showCreds() { + if [ ! -f "$FILE_PATH" ]; then + echo "Credentials file not found." + exit 1 + fi + + echo "Current credentials:" + while IFS= read -r line; do + if [[ $line == password=* ]]; then + password=${line#password=} + masked_password="${password:0:6}*****" + echo "password=$masked_password" + else + echo "$line" + fi + done < "$FILE_PATH" +} diff --git a/src/azure/credential/update.sh b/src/azure/credential/update.sh new file mode 100644 index 00000000..887858bd --- /dev/null +++ b/src/azure/credential/update.sh @@ -0,0 +1,31 @@ +#!/bin/bash + +updateCreds() { + if [ ! -f "$FILE_PATH" ]; then + echo "Credentials file not found. Please run the setup script first." + exit 1 + fi + + echo "Updating credentials..." + + # Update username + read -p "Enter your new username (leave blank to keep current): " new_username + if [ -n "$new_username" ]; then + sed -i "s/^username=.*/username=$new_username/" "$FILE_PATH" + fi + + # Update password + read -sp "Enter your new password (leave blank to keep current): " new_password + echo + if [ -n "$new_password" ]; then + sed -i "s/^password=.*/password=$new_password/" "$FILE_PATH" + fi + + # Update tenant name + read -p "Enter your new tenant name (leave blank to keep current): " new_tenant_name + if [ -n "$new_tenant_name" ]; then + sed -i "s/^tenant_name=.*/tenant_name=$new_tenant_name/" "$FILE_PATH" + fi + + echo "Credentials updated successfully." +} diff --git a/src/azure/driver.sh b/src/azure/driver.sh new file mode 100644 index 00000000..9730738f --- /dev/null +++ b/src/azure/driver.sh @@ -0,0 +1,31 @@ +#!/bin/bash + +source config.sh +source load.sh + +rootUsage() { + echo "Usage: $0 [command group] [command]" + echo "Command groups:" + echo " credential - Manage credentials (init, update, show)" + echo " auth - Authentication management (login)" + exit 1 +} + +# Check if at least one argument is provided +if [ $# -eq 0 ]; then + rootUsage +fi + +# Execute the appropriate command +case "$1" in + credential) + credential "$2" + ;; + auth) + auth "$2" + ;; + *) + echo "Error: Invalid command." + rootUsage + ;; +esac diff --git a/src/azure/init.sh b/src/azure/init.sh new file mode 100644 index 00000000..39203478 --- /dev/null +++ b/src/azure/init.sh @@ -0,0 +1,5 @@ +az group create --name luftballon --location eastus +az vm create --resource-group luftballon --name luftballon --image Ubuntu2204 --admin-username hiroyuki --generate-ssh-keys --public-ip-sku Standard +echo $(az vm show --show-details --resource-group luftballon --name luftballon --query publicIps --output tsv) +az vm run-command invoke --resource-group luftballon --name luftballon --command-id RunShellScript --scripts "sudo apt-get update && sudo apt-get install -y nginx" +az vm open-port --port 80 --resource-group luftballon --name luftballon diff --git a/src/azure/load.sh b/src/azure/load.sh new file mode 100644 index 00000000..c4d7dbde --- /dev/null +++ b/src/azure/load.sh @@ -0,0 +1,3 @@ +source credential/load.sh +source auth/load.sh +