gmj
/
home.public.bin


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418
							#! /bin/bash
# change credentials
#
# Usage: be [options] who

#    arguments
#      who               name of identity
#
#    options
#
#     Select credentials
#
#     -a|--aws		change/list aws credentials ONLY
#     -g|--gnupg		change/list gnupgcredentials ONLY
#     -p|--pass		change/list pas credentials ONLY
#     -s|--ssh		change/list ssh credentials ONLY
#
#     Select operation
#
#     -l|--list		list availabe credentials.
#     -w|--whoami        list current identities
#
#     Other
#
#     -d|--debug         debug output
#     -h|--help          print usage
#     -v|--verbose       verbose output
#
#  e.g.
#
#   If  ~/.gnupg.$1 exists, link to ~/.gnupg
#   If  ~/.ssh/id_{dsa,rsa}.$1 exists, link to ~/.ssh/id_{dsa,rsa} and add to ssh agent
#   If  ~/.aws/credentials.$1 exists, link to ~/.aws/credentials
#
# TODO
#  - deal with git identities
#     + Use XDG-CONFIG-HOME to switch identities?
#       http://git.661346.n2.nabble.com/What-is-XDG-CONFIG-HOME-for-exactly-td7627117.html
#    + See https://gist.github.com/jexchan/2351996
#  - Deal with .pem files


set -e; set -u

# Helper functions
PROG=`basename "$0" | tr -d '\n'`

function info()  { echo ${PROG}\: info: "$@" 1>&2; }
function warn()  { echo ${PROG}\: warning: "$@" 1>&2; }
function error() { echo ${PROG}\: error: "$@" 1>&2; }
function debug() { [[ -v DEBUG ]] && echo ${PROG}\: debug: "$@" 1>&2 || true ; }
function die()   { echo ${PROG}\: fatal: "$@" 1>&2 && exit 1; }

function usage() {
    debug "in ${FUNCNAME[0]}"

    if [[ "$#" -gt 0 ]]; then
        warn $@
    fi

    cat <<END 1>&2
Usage: be [options] who

   arguments
     who               name of identity

   options

    Select credentials

    -a|--aws		change/list aws credentials ONLY
    -g|--gnupg		change/list gnupgcredentials ONLY
    -p|--pass		change/list pas credentials ONLY
    -s|--ssh		change/list ssh credentials ONLY

    Select operation

    -l|--list		list availabe credentials.
    -w|--whoami        list current identities

    Other

    -d|--debug         debug output
    -h|--help          print usage
    -v|--verbose       verbose output
END
    exit 1
}


function gpg_list() {
    # list available gpg credentail sets (diretories)
    info available GPG credentials sets
    ls -ld ~/.gnupg.*
}

function gpg_whoami() {
    # list current gpg identity
    info Current gpg credential set
    info
    ls -ld ~/.gnupg
    info

}

function gpg_become() {
    # change gpg identity
    rm -f ~/.gnupg || true
    ln -s ~/.gnupg."${who}" ~/.gnupg
}

function aws_list() {
    # list available aws credentials
    cd ~/.aws || die "Error connecting to ~/.aws"

    info available AWS credentials and configs
    ls -1 credentials.* config.*
}

function aws_whoami() {
    # list current aws identity
    cd ~/.aws || die "Error connecting to ~/.aws"

    info Current aws credentials
    info
    ls -l credentials config
    info
}

function aws_become() {
    # change aws identity
    cd ~/.aws || die "Error connecting to ~/.aws"

    aws_creds="credentials.""${who}"
    if [ ! -f "${aws_creds}"  ]; then
        warn file "${aws_creds}" does not exist.  Not changing aws identity.
    else
        [[ -v VERBOSE ]] && set -x
        rm -f credentials || true
        ln -s "${aws_creds}" credentials
        [[ -v VERBOSE ]] && set +x
    fi

    aws_config="config.""${who}"
    if [ ! -f "${aws_config}"  ]; then
        warn file "${aws_config}" does not exist.  Not installing.
    else
        [[ -v VERBOSE ]] && set -x
        rm -f config || true
        ln -s "${aws_config}" config
        [[ -v VERBOSE ]] && set +x
    fi
}


function ssh_list() {
    # list available ssh credentials
    cd ~/.ssh || die "Error connecting to ~/.ssh"

    info available SSH credentials
    ls -1 id_rsa.* id_dsa.*
}

function ssh_whoami() {
    # list current ssh identity
    cd ~/.ssh || die "Error connecting to ~/.ssh"

    info Current SSH identities
    info
    ls -l id_???  || warn "no ~/.ssh/id_{rsa,dsa} file"
    info SSH Agent Identities
    ssh-add -l
    info
}

function ssh_become() {
    # change ssh identity
    cd ~/.ssh || die "Error connecting to ~/.ssh"

    rsa_creds="id_rsa.""${who}"
    dsa_creds="id_dsa.""${who}"

    if [ -f "${dsa_creds}" ]; then
        ssh_creds="${dsa_creds}"
    elif [ -f "${rsa_creds}" ]; then
        ssh_creds="${rsa_creds}"
    else
        echo "No ssh creds found. "${rsa_creds}" and "${dsa_creds}" do not exis."
        exit 1
    fi

    target=`basename $ssh_creds ".""${who}"`

    if [ -f "${ssh_creds}"  ]; then
        [[ -v VERBOSE ]] && set +x
        rm -f "${target}" || true
        ln -s "${ssh_creds}" "${target}"
        chmod 400 "${target}"
        ssh-add "${ssh_creds}"
        [[ -v VERBOSE ]] && set -x
    fi
}


function pass_list() {
    # list available pass credentail sets (diretories)
    info available pass credentials sets
    ls -ld ~/.password-store.*
}

function pass_whoami() {
    # list current pass identity
    info Current pass credential set
    info
    ls -ld ~/.password-store
    info
}

function pass_become() {
    # change pass identity
    rm -f ~/.password-store || true
    ln -s ~/.password-store."${who}" ~/.password-store
    gpg_become # need to switch GPG IDs too
}


function org_list() {
    # list available org credentail sets (diretories)
    info available org credentials sets
    ls -ld ~/Org.*
}

function org_whoami() {
    # list current org identity
    info Current org credential set
    info
    ls -ld ~/Org
    info
}

function org_become() {
    # change org identity
    rm -f ~/Org || true
    ln -s ~/Org."${who}" ~/Org
}

#
# "main()" begins here
#

# Defaults
SSH=1
AWS=1
GPG=1
PASSWORD=1
ORG=1


# parse global options

for i in "$@"
do
    case $i in
        -a|--aws)
            AWS=1
            unset SSH
            unset GPG
            unset PASSWORD
            unset ORG
            d_flag="-d"
            shift # past argument with no value
            ;;
        -d|--debug)
            DEBUG=1
            d_flag="-d"
            shift # past argument with no value
            ;;
        -g|--gnupg)
            GPG=1
            unset AWS
            unset SSH
            unset PASSWORD
            unset ORG
            g_flag="-g"
            shift # past argument with no value
            ;;
        -h|--help)
            usage
            ;;
        -l|--list)
            LIST=1
            d_flag="-d"
            shift # past argument with no value
            ;;
        -o|--org)
            unset PASSWORD
            unset AWS
            unset SSH
            unset GPG
            ORG=1
            p_flag="-p"
            shift # past argument with no value
            ;;
        -p|--pass)
            PASSWORD=1
            unset AWS
            unset SSH
            unset GPG
            unset ORG
            p_flag="-p"
            shift # past argument with no value
            ;;
        -s|--ssh)
            SSH=1
            unset AWS
            unset GPG
            unset PASSWORD
            unset ORG
            d_flag="-d"
            shift # past argument with no value
            ;;
        -v|--verbose)
            VERBOSE=1
            v_flag="-v"
            shift # past argument with no value
            ;;

        -w|--whoami)
            WHOAMI=1
            v_flag="-v"
            shift # past argument with no value
            ;;
        -*|--*)
            usage "Unknown state option: $i"
            ;;
    esac
done

# Pull off command line args

if [[ !  -v LIST  && ! -v WHOAMI ]]; then
    if [ "$#" -ne 1 ]; then
        usage need a username
    fi

    who="${1}"
fi

if [[ ! -v SSH && ! -v AWS && ! -v ORG && ! -v PASSWORD && ! -v GPG ]]; then
    die "Must specify at least one of '--aws' '--ssh' '--gnupg' '--pass'"
fi

# Change aws credentials

if [ -v AWS ]; then

    if [[ -v LIST ]]; then
        aws_list
    elif [[ -v WHOAMI ]]; then
        aws_whoami
    else
        aws_become
    fi
fi

# Change ssh credentials

if [ -v SSH ]; then

    if [[ -v LIST ]]; then
        ssh_list
    elif [[ -v WHOAMI ]]; then
        ssh_whoami
    else
        ssh_become
    fi
fi

# Change GPG credentials

if [ -v GPG ]; then

    if [[ -v LIST ]]; then
        echo GPG LIST
        gpg_list
    elif [[ -v WHOAMI ]]; then
        gpg_whoami
    else
        gpg_become
    fi
fi

# Change pass credentials

if [ -v PASSWORD ]; then
    if [[ -v LIST ]]; then
        echo PASSWORD LIST
        pass_list
    elif [[ -v WHOAMI ]]; then
        pass_whoami
    else
        pass_become
    fi
fi

# Change org credentials

if [ -v ORG ]; then
    if [[ -v LIST ]]; then
        echo ORG LIST
        org_list
    elif [[ -v WHOAMI ]]; then
        org_whoami
    else
        org_become
    fi
fi