commit - 0198b57b7982bc5d06019344844f34d18ff7cb90
commit + a4759196f3055028d778d80ffd3a502000ab3d9c
blob - ff703b5462b48a29ce68e1a316f888a0f2ece681
blob + a13cf411c927569a99d6769e6c362a01aa95b11d
--- r7
+++ r7
# Global configuration
# ====================
-VERSION=0.1.6
+VERSION=0.2.0
# shellcheck disable=SC2031
_init_env() {
import() {
cd "$R7_WORKDIR" || _fail "Unable to cd to '$R7_WORKDIR'"
target=$1
+ etc_ssh_files_to_import='
+ ssh/sshd_config
+ ssh/ssh_config
+ '
+ if test -n "$target"; then
+ echo >&2 "-> Importing target host: $target"
+ case $(ssh "$target" uname) in
+ Linux) _Linux_import ;;
+ SunOS) _SunOS_import ;;
+ OpenBSD) _OpenBSD_import ;;
+ FreeBSD) _FreeBSD_import ;;
+ NetBSD) _NetBSD_import ;;
+ DragonFly) _DragonFly_import ;;
+ *)
+ _error "Platform unsupported or host unavailable."
+ return 3
+ ;;
+ esac
+ echo >&2 "-> done: $target"
+ else
+ echo >&2 "usage: $0 target-host"
+ fi
+}
+
+_import_copy() (
+ src=$1
+ dst=$2
+ _debug "COPY $src $dst"
+ ssh "$target" command -v rsync >/dev/null && {
+ _debug "IMPORT $1 $2 USE RSYNC"
+ rsync -a "$src" "$dst" && return 0
+ }
+ _openrsync=$(ssh "$target" command -v openrsync) && {
+ _debug "IMPORT $1 $2 USE OPENRSYNC"
+ openrsync -e "/usr/bin/ssh -oConnectTimeout=$SSH_CONNECT_TIMEOUT -F $SSH_CONFIG_FILE" \
+ --rsync-path="$_openrsync" \
+ -a "$src" "$dst" && return 0
+ }
+ _debug "IMPORT $1 $2 USE SCP"
+ scp -r "$target:$src" "$dst" && return 0
+ _fail "IMPORT $1 $2 FAILED"
+)
+
+_import_ssh_authorized_keys() {
+ other_users=$(
+ ssh "$target" getent passwd | awk -F: '$3 >= 1000 { print $1 }' |
+ grep -v nobody
+ )
+
+ for user in root $other_users; do
+ # shellcheck disable=SC2029
+ home=$(ssh "$target" getent passwd "$user" | awk -F: '{ print $6 }')
+ authorized_keys="$home/.ssh/authorized_keys"
+ ssh "$target" test -f "$authorized_keys" || continue
+ mkdir -p "nodes/$target/ssh/"
+ echo >&2 "--> Importing $authorized_keys"
+ #_import_copy "root@$target:$authorized_keys" "nodes/$target/ssh/authorized_keys_$user"
+ scp "root@$target:$authorized_keys" "nodes/$target/ssh/authorized_keys_$user"
+ done
+}
+
+_import_etc_if_exists() {
+ mkdir -p nodes/"$target"
+ echo >&2 "--> Importing /etc"
+ for file in $etc_files_to_import; do
+ ssh "$target" test -f "'/etc/$file'" &&
+ _import_copy "$target:/etc/$file" "nodes/$target"
+ done
+}
+
+_import_etc_ssh_if_exists() {
+ mkdir -p nodes/"$target"
+ echo >&2 "--> Importing /etc/ssh"
+ for file in $etc_ssh_files_to_import; do
+ ssh "$target" test -f "'/etc/$file'" &&
+ _import_copy "$target:/etc/$file" "nodes/$target/ssh"
+ done
+}
+
+_import_modprobe() {
+ mkdir -p nodes/"$target"
+ echo >&2 "--> Importing /etc/modprobe.d"
+ for file in $etc_modprobe_files_to_import; do
+ ssh "$target" test -f "'/etc/modprobe.d/$file'" &&
+ _import_copy "$target:/etc/modprobe.d/$file" "nodes/$target/modprobe.d"
+ done
+}
+
+_Linux_import() {
+ etc_modprobe_files_to_import='
+ modprobe.d/*.conf
+ '
+ if _Linux_is_debian_based; then
+ _Linux_import_debian
+ elif _Linux_is_rhel_based; then
+ _Linux_import_rhel
+ elif _Linux_is_gentoo_based; then
+ _Linux_import_gentoo
+ elif ssh "$target" "grep -q 'ID=alpine' /etc/os-release"; then
+ _Linux_import_alpine
+ else
+ echo >&2 "Unsupported Linux distribution."
+ fi
+}
+
+_Linux_is_debian_based() (
+ ssh "$target" "grep -q 'ID=debian' /etc/os-release || grep -q 'ID_LIKE=.*debian' /etc/os-release || \
+ grep -qiE 'Debian|Ubuntu|Linux Mint' /etc/issue || \
+ test -f /etc/debian_version || test -d /etc/apt || command -v apt-get >/dev/null 2>&1"
+)
+
+_Linux_is_rhel_based() (
+ ssh "$target" "grep -qE 'ID=\"?(rhel|fedora|centos|ol|scientific)\"?' /etc/os-release || \
+ grep -qE 'ID_LIKE=\"?.*(rhel|fedora).*\"?' /etc/os-release || \
+ grep -qiE 'Red Hat|CentOS|Fedora|Scientific Linux|Oracle Linux|openSUSE|SUSE' /etc/issue || \
+ grep -qiE 'Red Hat|CentOS|Fedora|Scientific Linux|Oracle Linux|openSUSE|SUSE' /etc/redhat-release || \
+ test -f /etc/redhat-release || test -f /etc/system-release || test -f /etc/centos-release || \
+ test -f /etc/fedora-release || test -f /etc/oracle-release || \
+ (test -f /etc/os-release && grep -qi 'rhel' /etc/os-release) || test -d /etc/yum.repos.d"
+)
+
+_Linux_is_gentoo_based() (
+ ssh "$target" "test -f /etc/gentoo-release || \
+ grep -q 'ID=gentoo' /etc/os-release || \
+ grep -qi 'Gentoo' /etc/issue || \
+ command -v emerge >/dev/null 2>&1"
+)
+
+_Linux_import_gentoo() {
etc_files_to_import='
+ crontab
+ doas.conf
+ environment
+ fstab
+ hostname
+ hosts
+ hosts.denv
+ issue
+ locale.gen
+ machine-id
+ motd
+ nsswitch.conf
+ pam.conf
+ profile
+ resolv.conf
+ shells
+ sudo.conf
+ sudoers
+ sysctl.conf
+ '
+ _import_etc_if_exists
+ _import_etc_ssh_if_exists
+ _import_ssh_authorized_keys
+ _import_modprobe
+}
+
+_Linux_import_alpine() {
+ etc_files_to_import='
+ crontab
+ doas.conf
+ environment
+ fstab
+ hostname
+ hosts
+ hosts.denv
+ issue
+ motd
+ nsswitch.conf
+ pam.conf
+ profile
+ rc.conf
+ resolv.conf
+ shells
+ sysctl.conf
+ '
+ _import_etc_if_exists
+ _import_etc_ssh_if_exists
+ _import_ssh_authorized_keys
+ _import_modprobe
+}
+
+_Linux_import_rhel() {
+ etc_files_to_import='
+ crontab
+ environment
+ fstab
+ hostname
+ hosts
+ hosts.denv
+ issue
+ locale.gen
+ machine-id
+ motd
+ nsswitch.conf
+ pam.conf
+ profile
+ resolv.conf
+ shells
+ sudo.conf
+ sudoers
+ '
+ _import_etc_if_exists
+ _import_etc_ssh_if_exists
+ _import_ssh_authorized_keys
+ _import_modprobe
+}
+
+_Linux_import_debian() {
+ etc_files_to_import='
+ crontab
+ environment
+ fstab
+ hostname
+ hosts
+ hosts.denv
+ issue
+ locale.gen
+ machine-id
+ motd
+ nsswitch.conf
+ pam.conf
+ profile
+ resolv.conf
+ shells
+ sudo.conf
+ sudoers
+ '
+ _import_etc_if_exists
+ _import_etc_ssh_if_exists
+ _import_ssh_authorized_keys
+ _import_modprobe
+}
+
+_SunOS_import() {
+ etc_files_to_import='
+ crontab
+ environment
+ fstab
+ hostname
+ hosts
+ hosts.denv
+ issue
+ locale.gen
+ motd
+ nodename
+ nsswitch.conf
+ pam.conf
+ profile
+ profile
+ resolv.conf
+ rsyslog.conf
+ shells
+ sudo.conf
+ sudoers
+ '
+ _import_etc_if_exists
+ _import_etc_ssh_if_exists
+ _import_ssh_authorized_keys
+}
+
+_OpenBSD_import() {
+ etc_files_to_import='
acme-client.conf
- dhcpd.conf
+ boot.conf
dhcpcd.conf
+ dhcpd.conf
doas.conf
fstab
+ gotd.conf
+ gotwebd.conf
hosts
httpd.conf
installurl
+ locate.rc
login.conf
mygate
myname
+ newsyslog.conf
ntpd.conf
pf.conf
+ resolv.conf
sysctl.conf
unwind.conf
- resolv.conf
- gotd.conf
- gotwebd.conf
+ usermgt.conf
'
etc_mail_files_to_import='
mail/aliases
data/pg_hba.conf
data/postgresql.conf
'
- if test -n "$target"; then
- echo >&2 "-> Importing target host: $target"
- case $(ssh "$target" uname) in OpenBSD) : ;; *)
- _error "Platform unsupported or host unavailable."
- return 3
- ;;
- esac
- _OpenBSD_import_ssh_authorized_keys
- _OpenBSD_import_etc_if_exists
- _OpenBSD_import_etc_ssh_if_exists
- _OpenBSD_import_etc_mail_if_exists
- _OpenBSD_import_unbound_if_enabled
- _OpenBSD_import_nsd_if_enabled
- _OpenBSD_import_postgresql_if_installed
- echo >&2 "-> done: $target"
- else
- echo >&2 "usage: $0 target-host"
- fi
+ _import_ssh_authorized_keys
+ _OpenBSD_import_etc_if_exists
+ _import_etc_ssh_if_exists
+ _OpenBSD_import_etc_mail_if_exists
+ _OpenBSD_import_unbound_if_enabled
+ _OpenBSD_import_nsd_if_enabled
+ _OpenBSD_import_postgresql_if_installed
}
-_OpenBSD_import_ssh_authorized_keys() {
- other_users=$(
- ssh "$target" getent passwd | awk -F: '$3 >= 1000 { print $1 }' |
- grep -v nobody
- )
-
- for user in root $other_users; do
- # shellcheck disable=SC2029
- home=$(ssh "$target" getent passwd "$user" | awk -F: '{ print $6 }')
- authorized_keys="$home/.ssh/authorized_keys"
- ssh "$target" test -f "$authorized_keys" || continue
- mkdir -p "nodes/$target/ssh/"
- echo >&2 "--> Importing $authorized_keys"
- #_import_copy "root@$target:$authorized_keys" "nodes/$target/ssh/authorized_keys_$user"
- scp "root@$target:$authorized_keys" "nodes/$target/ssh/authorized_keys_$user"
- done
-}
-
_OpenBSD_import_etc_if_exists() {
mkdir -p nodes/"$target"
interfaces=$(ssh "$target" 'cd /etc && ls -1 hostname.*')
done
}
-_OpenBSD_import_etc_ssh_if_exists() {
- mkdir -p nodes/"$target"
- echo >&2 "--> Importing /etc/ssh"
- for file in $etc_ssh_files_to_import; do
- ssh "$target" test -f "'/etc/$file'" &&
- _import_copy "$target:/etc/$file" "nodes/$target/ssh"
- done
-}
-
_OpenBSD_import_etc_mail_if_exists() {
mkdir -p nodes/"$target"
echo >&2 "--> Importing /etc/mail"
}
}
-_import_copy() {
- _debug "IMPORT $1 $2 USE OPENRSYNC"
- openrsync -e "/usr/bin/ssh -oConnectTimeout=$SSH_CONNECT_TIMEOUT -F $SSH_CONFIG_FILE" \
- --rsync-path="/usr/bin/openrsync" \
- -a "$1" "$2" && return 0
+_FreeBSD_import() {
+ etc_files_to_import='
+ crontab
+ fbtab
+ fstab
+ hostname
+ hosts
+ login.conf
+ nsswitch.conf
+ ntp.conf
+ profile
+ resolv.conf
+ shells
+ sysctl.conf
+ syslog.conf
+ '
+ _import_ssh_authorized_keys
+ _import_etc_if_exists
+ _import_etc_ssh_if_exists
}
+_NetBSD_import() {
+ etc_files_to_import='
+ fstab
+ hosts
+ locate.conf
+ pf.conf
+ resolv.conf
+ shells
+ sysctl.conf
+ syslog.conf
+ usermgmt.conf
+ wscons.conf
+ '
+ _import_ssh_authorized_keys
+ _import_etc_if_exists
+ _import_etc_ssh_if_exists
+}
+
+_DragonFly_import() {
+ etc_files_to_import='
+ crontab
+ fstab
+ hosts
+ login.conf
+ pf.conf
+ resolv.conf
+ shells
+ sysctl.conf
+ syslog.conf
+ '
+ _import_ssh_authorized_keys
+ _import_etc_if_exists
+ _import_etc_ssh_if_exists
+}
+
# Main
# ====
