Valentin Lab
9 months ago
2 changed files with 89 additions and 0 deletions
@ -0,0 +1,89 @@ |
|||
#!/bin/bash |
|||
|
|||
set -eux |
|||
|
|||
|
|||
NTFY_BROKER="${NTFY_BROKER:-core-01.0k.io}" |
|||
|
|||
## Copy Ntfy key to root/.ssh/ |
|||
|
|||
umask 077 |
|||
ntfy_key="src/etc/ssh/ntfy-key" |
|||
if [ ! -f "$ntfy_key" ]; then |
|||
echo "Error: ntfy key not found" >&2 |
|||
exit 1 |
|||
fi |
|||
|
|||
ntfy_key_dest=/etc/ssh/ntfy-key |
|||
if [ ! -f "$ntfy_key_dest" ]; then |
|||
cat "$ntfy_key" | |
|||
gpg -d --batch --yes --passphrase 'uniquepass' > "$ntfy_key_dest" || { |
|||
echo "Error while unpacking ntfy key to '${ntfy_key_dest}'" >&2 |
|||
exit 1 |
|||
} |
|||
fi |
|||
|
|||
## Request token to ntfy server and add to config file |
|||
known_host="/root/.ssh/known_hosts" |
|||
if ! ssh-keygen -F "$NTFY_BROKER" -f "$known_host" >/dev/null; then |
|||
ssh-keyscan -H "$NTFY_BROKER" >> "$known_host" || { |
|||
echo "Error while adding '$NTFY_BROKER' to known_hosts" >&2 |
|||
exit 1 |
|||
} |
|||
fi |
|||
|
|||
config_file="/etc/ntfy/ntfy.conf" |
|||
mkdir -p "${config_file%/*}" |
|||
if ! [ -f "$config_file" ]; then |
|||
touch "$config_file" || { |
|||
echo "Error: couldn’t create config file $config_file" >&2; |
|||
exit 1 |
|||
} |
|||
fi |
|||
|
|||
LOGIN="" |
|||
PASSWORD="" |
|||
source "$config_file" |
|||
|
|||
## Note that we reauire the forcing of stdin to /dev/null to avoid |
|||
## the rest of the script to be vacuumed by the ssh command. |
|||
## This effect will only happen when launching this script in special |
|||
## conditions involving stdin. |
|||
cred=$(ssh -i "$ntfy_key_dest" ntfy@"${NTFY_BROKER}" \ |
|||
request-token "$LOGIN" "$PASSWORD" </dev/null) || { |
|||
echo "Error while requesting token to ntfy server" >&2 |
|||
exit 1 |
|||
} |
|||
|
|||
## XXXvlab: ideally it should be received from the last call |
|||
server="https://ntfy.0k.io/" |
|||
login=$(printf "%q" "${cred%$'\n'*}") |
|||
password=$(printf "%q" "${cred#*$'\n'}") |
|||
|
|||
## check if password doesn't contain '%' |
|||
|
|||
for var in server login password; do |
|||
if [ -z "${!var}" ] || [[ "${!var}" == *$'\n'* ]]; then |
|||
echo "Error: couldn't infer $var from ntfy server. Received:" >&2 |
|||
printf "%s" "$cred" | sed -r 's/^/ | /g' >&2 |
|||
exit 1 |
|||
fi |
|||
if [[ "${!var}" == *%* ]]; then |
|||
## We need a separator char for sed replacement in the config file |
|||
echo "Error: forbidden character '%' found in $var" >&2 |
|||
exit 1 |
|||
fi |
|||
if grep -qE "^${var^^}=" "$config_file"; then |
|||
sed -ri "s%^${var^^}=.*$%${var^^}=\"${!var}\"%g" "$config_file" |
|||
else |
|||
echo "${var^^}=\"${!var}\"" >> "$config_file" |
|||
fi |
|||
done |
|||
|
|||
|
|||
if ! [ -f "/etc/ntfy/topics.yml" ]; then |
|||
cat <<EOF > /etc/ntfy/topics.yml |
|||
main: |
|||
- \${LOGIN}_main |
|||
EOF |
|||
fi |
Write
Preview
Loading…
Cancel
Save
Reference in new issue