0k
/
0k-charms
6
3
Fork 2
Code Issues 11 Pull Requests 6 Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
652 Commits
29 Branches
14 Tags
41 MiB
 
 
Tree: b377ed727c
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'b377ed727c'
${ noResults }
0k-charms/docker-host/hooks/install.d/90-ntfy.sh

100 lines
2.7 KiB
Raw Blame History

#!/bin/bash
set -eux
NTFY_BROKER="${NTFY_BROKER:-core-01.0k.io}"
## Uncipher ntfy key to destination
umask 077
ntfy_key_ciphered="src/etc/ssh/ntfy-key"
if [ ! -f "$ntfy_key_ciphered" ]; then
echo "Error: ciphered ntfy key not found" >&2
exit 1
fi
ntfy_key_dest=/etc/ssh/ntfy-key
if [ ! -f "$ntfy_key_dest" ]; then
cat "$ntfy_key_ciphered" |
gpg -d --batch --yes --passphrase 'uniquepass' > "$ntfy_key_dest" || {
echo "Error while unpacking ntfy key to '${ntfy_key_dest}'" >&2
exit 1
}
fi
## Request token to ntfy server and add to config file
known_host="/root/.ssh/known_hosts"
if ! ssh-keygen -F "$NTFY_BROKER" -f "$known_host" >/dev/null; then
ssh-keyscan -H "$NTFY_BROKER" >> "$known_host" || {
echo "Error while adding '$NTFY_BROKER' to known_hosts" >&2
exit 1
}
fi
config_file="/etc/ntfy/ntfy.conf"
mkdir -p "${config_file%/*}"
if ! [ -f "$config_file" ]; then
touch "$config_file" || {
echo "Error: couldn’t create config file '$config_file'" >&2;
exit 1
}
fi
LOGIN=""
PASSWORD=""
source "$config_file" || {
echo "Error: couldn't source config file '$config_file'" >&2
exit 1
}
## Note that we require the forcing of stdin to /dev/null to avoid
## the rest of the script to be vacuumed by the ssh command.
## This effect will only happen when launching this script in special
## conditions involving stdin.
cred=$(ssh -i "$ntfy_key_dest" ntfy@"${NTFY_BROKER}" \
request-token "$LOGIN" "$PASSWORD" </dev/null) || {
echo "Error while requesting token to ntfy server" >&2
exit 1
}
## XXXvlab: ideally it should be received from the last call
server="https://ntfy.0k.io/"
login=$(printf "%q" "${cred%$'\n'*}")
password=$(printf "%q" "${cred#*$'\n'}")
## check if password doesn't contain '%'
for var in server login password; do
if [ "${!var}" == "''" ] || [[ "${!var}" == *$'\n'* ]]; then
echo "Error: empty or invalid multi-line values retrieved for '$var'" \
"from ntfy server. Received:" >&2
printf "%s" "$cred" | sed -r 's/^/ | /g' >&2
exit 1
fi
if [[ "${!var}" == *%* ]]; then
## We need a separator char for sed replacement in the config file
echo "Error: forbidden character '%' found in $var" >&2
exit 1
fi
if grep -qE "^${var^^}=" "$config_file"; then
sed -ri "s%^${var^^}=.*$%${var^^}=\"${!var}\"%g" "$config_file"
else
echo "${var^^}=\"${!var}\"" >> "$config_file"
fi
done
if ! [ -f "/etc/ntfy/topics.yml" ]; then
cat <<'EOF' > /etc/ntfy/topics.yml
.*\.(emerg|alert|crit|err|warning|notice):
- ${LOGIN}_main
EOF
fi
## provide 'send' command
cp -f "$PWD/src/bin/send" /usr/local/bin/send