123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418 |
- #! /bin/bash
- # change credentials
- #
- # Usage: be [options] who
- # arguments
- # who name of identity
- #
- # options
- #
- # Select credentials
- #
- # -a|--aws change/list aws credentials ONLY
- # -g|--gnupg change/list gnupgcredentials ONLY
- # -p|--pass change/list pas credentials ONLY
- # -s|--ssh change/list ssh credentials ONLY
- #
- # Select operation
- #
- # -l|--list list availabe credentials.
- # -w|--whoami list current identities
- #
- # Other
- #
- # -d|--debug debug output
- # -h|--help print usage
- # -v|--verbose verbose output
- #
- # e.g.
- #
- # If ~/.gnupg.$1 exists, link to ~/.gnupg
- # If ~/.ssh/id_{dsa,rsa}.$1 exists, link to ~/.ssh/id_{dsa,rsa} and add to ssh agent
- # If ~/.aws/credentials.$1 exists, link to ~/.aws/credentials
- #
- # TODO
- # - deal with git identities
- # + Use XDG-CONFIG-HOME to switch identities?
- # http://git.661346.n2.nabble.com/What-is-XDG-CONFIG-HOME-for-exactly-td7627117.html
- # + See https://gist.github.com/jexchan/2351996
- # - Deal with .pem files
- set -e; set -u
- # Helper functions
- PROG=`basename "$0" | tr -d '\n'`
- function info() { echo ${PROG}\: info: "$@" 1>&2; }
- function warn() { echo ${PROG}\: warning: "$@" 1>&2; }
- function error() { echo ${PROG}\: error: "$@" 1>&2; }
- function debug() { [[ -v DEBUG ]] && echo ${PROG}\: debug: "$@" 1>&2 || true ; }
- function die() { echo ${PROG}\: fatal: "$@" 1>&2 && exit 1; }
- function usage() {
- debug "in ${FUNCNAME[0]}"
- if [[ "$#" -gt 0 ]]; then
- warn $@
- fi
- cat <<END 1>&2
- Usage: be [options] who
- arguments
- who name of identity
- options
- Select credentials
- -a|--aws change/list aws credentials ONLY
- -g|--gnupg change/list gnupgcredentials ONLY
- -p|--pass change/list pas credentials ONLY
- -s|--ssh change/list ssh credentials ONLY
- Select operation
- -l|--list list availabe credentials.
- -w|--whoami list current identities
- Other
- -d|--debug debug output
- -h|--help print usage
- -v|--verbose verbose output
- END
- exit 1
- }
- function gpg_list() {
- # list available gpg credentail sets (diretories)
- info available GPG credentials sets
- ls -ld ~/.gnupg.*
- }
- function gpg_whoami() {
- # list current gpg identity
- info Current gpg credential set
- info
- ls -ld ~/.gnupg
- info
- }
- function gpg_become() {
- # change gpg identity
- rm -f ~/.gnupg || true
- ln -s ~/.gnupg."${who}" ~/.gnupg
- }
- function aws_list() {
- # list available aws credentials
- cd ~/.aws || die "Error connecting to ~/.aws"
- info available AWS credentials and configs
- ls -1 credentials.* config.*
- }
- function aws_whoami() {
- # list current aws identity
- cd ~/.aws || die "Error connecting to ~/.aws"
- info Current aws credentials
- info
- ls -l credentials config
- info
- }
- function aws_become() {
- # change aws identity
- cd ~/.aws || die "Error connecting to ~/.aws"
- aws_creds="credentials.""${who}"
- if [ ! -f "${aws_creds}" ]; then
- warn file "${aws_creds}" does not exist. Not changing aws identity.
- else
- [[ -v VERBOSE ]] && set -x
- rm -f credentials || true
- ln -s "${aws_creds}" credentials
- [[ -v VERBOSE ]] && set +x
- fi
- aws_config="config.""${who}"
- if [ ! -f "${aws_config}" ]; then
- warn file "${aws_config}" does not exist. Not installing.
- else
- [[ -v VERBOSE ]] && set -x
- rm -f config || true
- ln -s "${aws_config}" config
- [[ -v VERBOSE ]] && set +x
- fi
- }
- function ssh_list() {
- # list available ssh credentials
- cd ~/.ssh || die "Error connecting to ~/.ssh"
- info available SSH credentials
- ls -1 id_rsa.* id_dsa.*
- }
- function ssh_whoami() {
- # list current ssh identity
- cd ~/.ssh || die "Error connecting to ~/.ssh"
- info Current SSH identities
- info
- ls -l id_??? || warn "no ~/.ssh/id_{rsa,dsa} file"
- info SSH Agent Identities
- ssh-add -l
- info
- }
- function ssh_become() {
- # change ssh identity
- cd ~/.ssh || die "Error connecting to ~/.ssh"
- rsa_creds="id_rsa.""${who}"
- dsa_creds="id_dsa.""${who}"
- if [ -f "${dsa_creds}" ]; then
- ssh_creds="${dsa_creds}"
- elif [ -f "${rsa_creds}" ]; then
- ssh_creds="${rsa_creds}"
- else
- echo "No ssh creds found. "${rsa_creds}" and "${dsa_creds}" do not exis."
- exit 1
- fi
- target=`basename $ssh_creds ".""${who}"`
- if [ -f "${ssh_creds}" ]; then
- [[ -v VERBOSE ]] && set +x
- rm -f "${target}" || true
- ln -s "${ssh_creds}" "${target}"
- chmod 400 "${target}"
- ssh-add "${ssh_creds}"
- [[ -v VERBOSE ]] && set -x
- fi
- }
- function pass_list() {
- # list available pass credentail sets (diretories)
- info available pass credentials sets
- ls -ld ~/.password-store.*
- }
- function pass_whoami() {
- # list current pass identity
- info Current pass credential set
- info
- ls -ld ~/.password-store
- info
- }
- function pass_become() {
- # change pass identity
- rm -f ~/.password-store || true
- ln -s ~/.password-store."${who}" ~/.password-store
- gpg_become # need to switch GPG IDs too
- }
- function org_list() {
- # list available org credentail sets (diretories)
- info available org credentials sets
- ls -ld ~/Org.*
- }
- function org_whoami() {
- # list current org identity
- info Current org credential set
- info
- ls -ld ~/Org
- info
- }
- function org_become() {
- # change org identity
- rm -f ~/Org || true
- ln -s ~/Org."${who}" ~/Org
- }
- #
- # "main()" begins here
- #
- # Defaults
- SSH=1
- AWS=1
- GPG=1
- PASSWORD=1
- ORG=1
- # parse global options
- for i in "$@"
- do
- case $i in
- -a|--aws)
- AWS=1
- unset SSH
- unset GPG
- unset PASSWORD
- unset ORG
- d_flag="-d"
- shift # past argument with no value
- ;;
- -d|--debug)
- DEBUG=1
- d_flag="-d"
- shift # past argument with no value
- ;;
- -g|--gnupg)
- GPG=1
- unset AWS
- unset SSH
- unset PASSWORD
- unset ORG
- g_flag="-g"
- shift # past argument with no value
- ;;
- -h|--help)
- usage
- ;;
- -l|--list)
- LIST=1
- d_flag="-d"
- shift # past argument with no value
- ;;
- -o|--org)
- unset PASSWORD
- unset AWS
- unset SSH
- unset GPG
- ORG=1
- p_flag="-p"
- shift # past argument with no value
- ;;
- -p|--pass)
- PASSWORD=1
- unset AWS
- unset SSH
- unset GPG
- unset ORG
- p_flag="-p"
- shift # past argument with no value
- ;;
- -s|--ssh)
- SSH=1
- unset AWS
- unset GPG
- unset PASSWORD
- unset ORG
- d_flag="-d"
- shift # past argument with no value
- ;;
- -v|--verbose)
- VERBOSE=1
- v_flag="-v"
- shift # past argument with no value
- ;;
- -w|--whoami)
- WHOAMI=1
- v_flag="-v"
- shift # past argument with no value
- ;;
- -*|--*)
- usage "Unknown state option: $i"
- ;;
- esac
- done
- # Pull off command line args
- if [[ ! -v LIST && ! -v WHOAMI ]]; then
- if [ "$#" -ne 1 ]; then
- usage need a username
- fi
- who="${1}"
- fi
- if [[ ! -v SSH && ! -v AWS && ! -v ORG && ! -v PASSWORD && ! -v GPG ]]; then
- die "Must specify at least one of '--aws' '--ssh' '--gnupg' '--pass'"
- fi
- # Change aws credentials
- if [ -v AWS ]; then
- if [[ -v LIST ]]; then
- aws_list
- elif [[ -v WHOAMI ]]; then
- aws_whoami
- else
- aws_become
- fi
- fi
- # Change ssh credentials
- if [ -v SSH ]; then
- if [[ -v LIST ]]; then
- ssh_list
- elif [[ -v WHOAMI ]]; then
- ssh_whoami
- else
- ssh_become
- fi
- fi
- # Change GPG credentials
- if [ -v GPG ]; then
- if [[ -v LIST ]]; then
- echo GPG LIST
- gpg_list
- elif [[ -v WHOAMI ]]; then
- gpg_whoami
- else
- gpg_become
- fi
- fi
- # Change pass credentials
- if [ -v PASSWORD ]; then
- if [[ -v LIST ]]; then
- echo PASSWORD LIST
- pass_list
- elif [[ -v WHOAMI ]]; then
- pass_whoami
- else
- pass_become
- fi
- fi
- # Change org credentials
- if [ -v ORG ]; then
- if [[ -v LIST ]]; then
- echo ORG LIST
- org_list
- elif [[ -v WHOAMI ]]; then
- org_whoami
- else
- org_become
- fi
- fi
|