Implement password/key handling

This commit is contained in:
Luke Murphy 2020-11-05 15:56:31 +01:00
parent 74dfd75fb1
commit eec55896a4
No known key found for this signature in database
GPG Key ID: 5E2EF5A63E3718CC

54
abra
View File

@ -347,8 +347,18 @@ get_servers() {
}
get_app_secrets() {
get_app_passwords
get_app_keys
}
get_app_passwords() {
# FIXME 3wc: requires bash 4, use for loop instead
mapfile -t SECRETS < <(grep "PASSWORD.*VERSION" "$ENV_FILE" | cut -d' ' -f2)
mapfile -t PASSWORDS < <(grep "SECRET.*PASSWORD.*VERSION.*" "$ENV_FILE" | cut -d ' ' -f2-)
}
get_app_keys() {
# FIXME 3wc: requires bash 4, use for loop instead
mapfile -t KEYS < <(grep "SECRET.*KEY.*VERSION.*" "$ENV_FILE" | cut -d' ' -f2-)
}
load_instance() {
@ -399,6 +409,25 @@ prompt_confirm() {
esac
}
parse_secret() {
SECRET="$1"
if [[ "$SECRET" == *"length"* ]]; then
abra__length_="$(echo $SECRET | sed -e 's/.*[^0-9]\([0-9]\+\)[^0-9]*$/\1/')"
else
abra__length_=32
fi
abra__secret_="${SECRET%_VERSION=*}" # strip _VERSION=v1
abra__secret_="${abra__secret_#SECRET_}" # strip SECRET_
abra__secret_="${abra__secret_,,}" # lowercase
abra__version_="$(echo $SECRET | sed -n 's/.*\(v[0-9]\).*/\1/p')"
echo "Generating $abra__secret_, version: $abra__version_, length: $abra__length_"
sub_app_secret_generate
}
#######################################
# abra app ..
#######################################
@ -483,7 +512,8 @@ sub_app_new (){
abra__domain_="$DOMAIN"
get_app_secrets
if [ "${#SECRETS[@]}" -gt 0 ] && [ "$abra___auto" == "true" ]; then
if [ "${#PASSWORDS[@]}" -gt 0 ] || [ "${#KEYS[@]}" -gt 0 ] && [ "$abra___auto" == "true" ]; then
sub_app_secret_auto
fi
@ -636,8 +666,13 @@ sub_app_secret_generate(){
SECRET="$abra__secret_"
VERSION="$abra__version_"
PWGEN=${abra__cmd_:-pwgen}
LENGTH="$abra__length_"
if [[ "$SECRET" == *"password"* ]]; then
PWGEN="${abra__cmd_:-pwqgen}"
else
PWGEN=${abra__cmd_:-pwgen -n "$LENGTH"}
fi
if [ -z "$SECRET" ] || [ -z "$VERSION" ]; then
error "Required arguments missing"
@ -660,13 +695,12 @@ sub_app_secret_auto(){
get_app_secrets
for SECRET in "${SECRETS[@]}"; do
abra__secret_="${SECRET%=*}" # strip =v1
abra__secret_="${abra__secret_%_VERSION}" # strip VERSION_
abra__secret_="${abra__secret_,,}" # lowercase
abra__version_="${SECRET#*=}"
echo "Generating $abra__secret_"
sub_app_secret_generate
for PASSWORD in "${PASSWORDS[@]}"; do
parse_secret "$PASSWORD"
done
for KEY in "${KEYS[@]}"; do
parse_secret "$KEY"
done
}