diff options
| author | Lars Wirzenius <liw@liw.fi> | 2023-07-09 10:28:12 +0300 |
|---|---|---|
| committer | Lars Wirzenius <liw@liw.fi> | 2023-07-09 10:28:12 +0300 |
| commit | 6114382855a59cfeaf49f2ac5f9c83ca298e7d2f (patch) | |
| tree | e136cdb17224970783f750a30551f67be30fdab3 /v-i | |
| parent | 445c5d7116ea362b82f56dd758b5949b50e0a0e9 (diff) | |
| download | ansibleness-6114382855a59cfeaf49f2ac5f9c83ca298e7d2f.tar.gz | |
restore accidentally deleted hostid.py
Diffstat (limited to 'v-i')
| -rwxr-xr-x | v-i/hostid.py | 73 |
1 files changed, 73 insertions, 0 deletions
diff --git a/v-i/hostid.py b/v-i/hostid.py index e69de29..e816721 100755 --- a/v-i/hostid.py +++ b/v-i/hostid.py @@ -0,0 +1,73 @@ +#!/usr/bin/python3 + +import argparse +import yaml +import sys +from subprocess import run, PIPE + + +DEFAULT_HOST_CA = "liw.fi/ca/host/v5" +DEFAULT_USER_CA = "liw.fi/ca/user/v5" + + +class HostId: + def __init__(self): + self.user_ca_pubkey = None + self.host_key = None + self.host_cert = None + + def set_user_ca_pubkey(self, value): + self.user_ca_pubkey = value + + def set_host_key(self, value): + self.host_key = value + + def set_host_cert(self, value): + self.host_cert = value + + def to_dict(self): + return { + "user_ca_pubkey": self.user_ca_pubkey, + "host_key": self.host_key, + "host_cert": self.host_cert, + } + + +def sshca(args): + p = run(["sshca"] + args, capture_output=True, check=True) + return p.stdout.decode().strip() + + +def user_ca_pubkey(ca_name): + return sshca(["ca", "public-key", ca_name]).strip() + + +def host_key(hostname): + sshca(["host", "regenerate", hostname]) + return sshca(["host", "private-key", hostname]).strip() + + +def host_cert(ca_name, hostname): + return sshca(["host", "certify", ca_name, hostname]).strip() + + +def main(): + parser = argparse.ArgumentParser() + parser.add_argument("--hostname", required=True) + parser.add_argument("--host-ca", default=DEFAULT_HOST_CA) + parser.add_argument("--user-ca", default=DEFAULT_USER_CA) + values = parser.parse_args() + + hostname = values.hostname + host_ca = values.host_ca + user_ca = values.user_ca + + hostid = HostId() + hostid.set_user_ca_pubkey(user_ca_pubkey(user_ca)) + hostid.set_host_key(host_key(hostname)) + hostid.set_host_cert(host_cert(host_ca, hostname)) + yaml.safe_dump(hostid.to_dict(), stream=sys.stdout, indent=4) + + +if __name__ == "__main__": + main() |