From 0d03db771b48f7d90cf96560c32048001809e84f Mon Sep 17 00:00:00 2001 From: Lars Wirzenius Date: Wed, 10 Jan 2018 16:08:04 +0200 Subject: Add: a bunch of new scripts --- argv0 | 6 +++ build-deb-from-git | 10 +++++ jwt-decode | 38 ++++++++++++++++++ keepalive | 17 +++++++++ os-rchelper | 110 +++++++++++++++++++++++++++++++++++++++++++++++++++++ runql | 14 +++++++ ssl-cert-gen | 17 +++++++++ totp | 8 ++++ viewprof | 14 +++---- whatismyip | 4 ++ with | 35 +++++++++++++++++ 11 files changed, 266 insertions(+), 7 deletions(-) create mode 100755 argv0 create mode 100755 build-deb-from-git create mode 100755 jwt-decode create mode 100755 keepalive create mode 100755 os-rchelper create mode 100755 runql create mode 100755 ssl-cert-gen create mode 100755 totp create mode 100755 whatismyip create mode 100755 with diff --git a/argv0 b/argv0 new file mode 100755 index 0000000..f08a1ed --- /dev/null +++ b/argv0 @@ -0,0 +1,6 @@ +#!/usr/bin/python + +import sys, os + +argv = sys.argv[2:] +os.execvp(sys.argv[1], argv) diff --git a/build-deb-from-git b/build-deb-from-git new file mode 100755 index 0000000..91f4345 --- /dev/null +++ b/build-deb-from-git @@ -0,0 +1,10 @@ +#!/bin/sh + +set -eu + +pkg="$(dpkg-parsechangelog -S Source)" +version="$(dpkg-parsechangelog -S Version)" +upversion="$(echo "$version" | sed 's/-.*//')" +origtgz="../${pkg}_${upversion}.orig.tar.xz" +git archive HEAD | xz > "$origtgz" +debuild -us -uc diff --git a/jwt-decode b/jwt-decode new file mode 100755 index 0000000..b57362b --- /dev/null +++ b/jwt-decode @@ -0,0 +1,38 @@ +#!/usr/bin/python + +import json +import sys + +import Crypto.PublicKey.RSA + +import jwt + + +def catf(f): + return f.read() + + +def cat(filename): + with open(filename, 'r') as f: + return catf(f) + + +if len(sys.argv) == 1: + token = catf(sys.stdin).strip() + obj = jwt.decode(token, verify=False) +elif len(sys.argv) == 2: + token = cat(sys.argv[1]).strip() + obj = jwt.decode(token, verify=False) +elif len(sys.argv) == 3: + token = cat(sys.argv[1]).strip() + pubkey_text = cat(sys.argv[2]) + opts = { + 'verify_aud': False, + 'verify_iss': False, + } + obj = jwt.decode(token, verify=True, key=pubkey_text, options=opts) +else: + assert 0 + +json.dump(obj, sys.stdout, indent=4) +sys.stdout.write('\n') diff --git a/keepalive b/keepalive new file mode 100755 index 0000000..f264d26 --- /dev/null +++ b/keepalive @@ -0,0 +1,17 @@ +#!/bin/sh + +set -eu + +while true +do + if ping -c1 -t100 8.8.8.8 > /dev/null 2>&1 + then + sleep 5 + else + echo "No networking. Turning networking off and back on again. $(date)" + nmcli networking off + sleep 2 + nmcli networking on + sleep 20 + fi +done diff --git a/os-rchelper b/os-rchelper new file mode 100755 index 0000000..bc41b9d --- /dev/null +++ b/os-rchelper @@ -0,0 +1,110 @@ +#!/usr/bin/env python2 +# +# OpenStack allows a client to have multiple "projects". To access the +# OpenStack API, the client side libraries need some environment +# variables set (OS_AUTH_URL, OS_PROJECT_NAME, etc), to tell the +# libraries which OpenStack user and project, etc, are used. (As an +# aside, one of the environment variblaes is OS_PASSWORD, which is a +# bad idea, but we can't help that.) +# +# OpenStack allows you to download shell "rc" scripts that you source +# (". foorc.sh") to set up the environment variables. However, it gets +# a bit tedious to manage several such rc scripts. Also, each script +# wants you to enter the API password manually, which is just nasty. +# +# This is os-rchelper, which improves the situation a bit: +# +# * it reads the environment variables from a YAML file, indexed +# by a project name given on the command line (you'll need to +# download the rc script and copy the values to the config file) +# +# * it reads the password with pass(1) so nothing needs to be typed +# manually (i.e., don't put OS_PASSWORD in the config file) +# +# Additionally, this script unsets any pre-existing OS_* environment +# variables. +# +# To use this helper: +# +# 1. Save API password with pass: +# +# pass insert openstack-foo +# +# You need to have pass and gpg set up for this to work. +# +# 2. Create ~/.config/qvarnlabs/openstack.conf (see example below). Add +# the key openstack-pass-name in addition to the OS_* environment +# variables. Set openstack-pass-name to the key name you gave +# pass (openstack-foo above). +# +# 3. To set up a shell session: +# +# eval `os-rchelper foo` +# +# You may want to define a shell function to make this easier (put it +# in .bashrc or similar file): +# +# osrc() { eval `./os-rchelper "$1"`; } +# +# Example conf file (~/.config/qvarnlabs/openstack.conf): +# +# dev: +# openstack-pass-name: qvarnlabs-nebula-cloud +# OS_AUTH_URL: "https://identity.fi-1.nebulacloud.fi:5000/v3" +# OS_PROJECT_ID: "2603e0bfcf624053945a35afa1730dc8" +# OS_PROJECT_NAME: "QvarnLabs development" +# OS_USER_DOMAIN_NAME: "Default" +# OS_USERNAME: "liw@qvarnlabs.com" +# OS_REGION_NAME: "fi-1" +# OS_INTERFACE: "public" +# OS_IDENTITY_API_VERSION: 3 +# infra: +# openstack-pass-name: qvarnlabs-nebula-cloud +# OS_AUTH_URL: "https://identity.fi-1.nebulacloud.fi:5000/v3" +# OS_PROJECT_ID: "5b0e1abf166442f2967edc5233f2e6a6" +# OS_PROJECT_NAME: "QvarnLabs Infra" +# OS_USER_DOMAIN_NAME: "Default" +# OS_USERNAME: "liw@qvarnlabs.com" +# OS_REGION_NAME: "fi-1" +# OS_INTERFACE: "public" +# OS_IDENTITY_API_VERSION: 3 +# +# See: +# - https://control.nebulacloud.fi/project/access_and_security/ +# for downloading rc files (one per project in OpenStack) from the +# Nebula clou + + +import os +import pipes +import subprocess +import sys + +import yaml + + +def env(name, value): + sys.stdout.write('export {}={};\n'.format(name, pipes.quote(value))) + + +project_name = sys.argv[1] + +filename = os.path.expanduser('~/.config/qvarnlabs/openstack.conf') +with open(filename) as f: + conf = yaml.safe_load(f) + + +keyname = conf[project_name]['openstack-pass-name'] +p = subprocess.Popen(['pass', 'show', keyname], stdout=subprocess.PIPE) +password, stderr = p.communicate('') +password = password.rstrip() + +keys_to_remove = [x for x in os.environ if x.startswith('OS_')] +for key in keys_to_remove: + sys.stdout.write('unset {};\n'.format(key)) + +keys = conf[project_name].keys() +keys.remove('openstack-pass-name') +for key in sorted(keys): + env(key, conf[project_name][key]) +env('OS_PASSWORD', password) diff --git a/runql b/runql new file mode 100755 index 0000000..aeb759d --- /dev/null +++ b/runql @@ -0,0 +1,14 @@ +#!/bin/sh + +set -eu + +stack="$1" +playbook="$2" +shift 2 + +subdir="$OS_PROJECT_SHORTNAME" +export PASSWORD_STORE_DIR="$HOME/qvarnlabs/code/qvarnlabs-secrets/$subdir" + +CODE="$HOME/qvarnlabs/code/" + +"$CODE/qvarnlabs-openstack/run-playbook" "$stack" "$playbook" "$@" diff --git a/ssl-cert-gen b/ssl-cert-gen new file mode 100755 index 0000000..ce5dff8 --- /dev/null +++ b/ssl-cert-gen @@ -0,0 +1,17 @@ +#!/bin/sh + +set -eu + +basename="$1" + +openssl req \ + -subj '/CN=domain.com/O=My Company Name LTD./C=US' \ + -new -newkey rsa:2048 \ + -days 365 \ + -nodes \ + -x509 \ + -keyout "$basename.key" \ + -out "$basename.crt" +cat "$basename.key" "$basename.crt" > "$basename.pem" + +ls -l "$basename.key" "$basename.crt" "$basename.pem" diff --git a/totp b/totp new file mode 100755 index 0000000..a606d6b --- /dev/null +++ b/totp @@ -0,0 +1,8 @@ +#!/bin/sh + +set -eu + +name="$1" + +oathtool --base32 --totp "$(pass show "totp/$name")" + diff --git a/viewprof b/viewprof index 2c4a534..e570676 100755 --- a/viewprof +++ b/viewprof @@ -1,16 +1,16 @@ -#!/usr/bin/python -# Copyright 2010 Lars Wirzenius -# +#!/usr/bin/env python3 +# Copyright 2010-2014 Lars Wirzenius +# # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. -# +# # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. -# +# # You should have received a copy of the GNU General Public License # along with this program. If not, see . @@ -19,7 +19,7 @@ import pstats import sys if len(sys.argv) not in [2, 3]: - sys.stderr.write('Usage: viewprof foo.prof [sort-order]\n') + sys.stderr.write('Usage: obnam-viewprof foo.prof [sort-order]\n') sys.exit(1) if len(sys.argv) == 3: @@ -28,7 +28,7 @@ else: order = 'cumulative' p = pstats.Stats(sys.argv[1]) -p.strip_dirs() +#p.strip_dirs() p.sort_stats(order) p.print_stats() p.print_callees() diff --git a/whatismyip b/whatismyip new file mode 100755 index 0000000..c9ee00c --- /dev/null +++ b/whatismyip @@ -0,0 +1,4 @@ +#!/bin/sh + +set -eu +dig +short myip.opendns.com @resolver1.opendns.com diff --git a/with b/with new file mode 100755 index 0000000..469d6bd --- /dev/null +++ b/with @@ -0,0 +1,35 @@ +#!/usr/bin/python3 + + +import os + + +import cliapp +import yaml + + +class With(cliapp.Application): + + def add_settings(self): + self.settings.string( + ['env-file', 'e'], + 'read environment description from FILE', + metavar='FILE', + default=os.path.expanduser('~/.config/with-envs/environments.yaml')) + + def process_args(self, args): + env_name = args[0] + argv = args[1:] + + envs = self.get_environments() + print(envs) + env = dict(os.environ) + env.update(envs[env_name]) + cliapp.runcmd(argv, env=env, stdout=None, stderr=None) + + def get_environments(self): + filename = self.settings['env-file'] + return yaml.safe_load(open(filename)) + + +With().run() -- cgit v1.2.1