forked from GeoCENS/dokku-deployment-keys
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathcommands
executable file
·102 lines (90 loc) · 2.64 KB
/
commands
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
#!/usr/bin/env bash
set -eo pipefail; [[ $DOKKU_TRACE ]] && set -x
APP="$2"
APP_SPECIFIC_KEY_FOLDER="$DOKKU_ROOT/.deployment-keys/$APP/.ssh"
SHARED_KEY_FOLDER="$DOKKU_ROOT/.deployment-keys/shared/.ssh"
check_exists() {
if [[ ! -d "$DOKKU_ROOT/$APP" ]]; then
echo "App must exist before you can operate on private deployment keys for it"
exit 1
fi
}
check_app() {
if [[ -z "$APP" ]]; then
echo "You must specify an app name"
exit 1
fi
}
check_app_has_keys() {
if [[ -f "$APP_SPECIFIC_KEY_FOLDER/id_rsa.pub" ]]; then
echo "This app already has a pair of keys. Delete them first to create new ones";
exit 1
fi
}
create_private_key_folder() {
if [[ ! -d "$APP_SPECIFIC_KEY_FOLDER" ]]; then
mkdir -p "$APP_SPECIFIC_KEY_FOLDER"
chown -R dokku:dokku "$DOKKU_ROOT/.deployment-keys/$APP"
fi
}
case "$1" in
deploymentkeys:create)
check_app
check_exists
check_app_has_keys
create_private_key_folder
ssh-keygen -q -t rsa -b 2048 -f "$APP_SPECIFIC_KEY_FOLDER/id_rsa" -N ""
chown -R dokku:dokku "$DOKKU_ROOT/.deployment-keys"
echo "Keys created, here is the public key for $APP:"
cat "$APP_SPECIFIC_KEY_FOLDER/id_rsa.pub";
echo "They will be baked into the container on next push/rebuild"
;;
deploymentkeys:delete)
check_app
check_exists
rm -Rf "$APP_SPECIFIC_KEY_FOLDER/id_rsa*"
echo "Removed deployment keys for $APP"
;;
deploymentkeys:shared)
echo "This is the current shared public key:"
cat "$SHARED_KEY_FOLDER/id_rsa.pub";
;;
deploymentkeys:show)
check_app
check_exists
if [[ -f "$APP_SPECIFIC_KEY_FOLDER/id_rsa.pub" ]]
then
echo "Private keys created, here is the public key for $APP:"
cat "$APP_SPECIFIC_KEY_FOLDER/id_rsa.pub";
else
echo "No private key for $APP. This is the shared public key:"
cat "$SHARED_KEY_FOLDER/id_rsa.pub"
fi
;;
deploymentkeys:status)
check_app
check_exists
if [[ -f "$APP_SPECIFIC_KEY_FOLDER/id_rsa.pub" ]]; then
echo "This app uses a private set of deployment keys."
else
echo "This app uses the shared set of deployment keys."
fi
;;
help | deploymentkeys:help)
HELP=$(cat<<EOF
deploymentkeys:create <app>, Create a pair of app-specific deployment keys
deploymentkeys:delete <app>, Delete the current pair of deployment keys
deploymentkeys:shared, Shows the current shared public key
deploymentkeys:show <app>, Shows the current public key to add to your VCS
EOF
)
if [[ -n $DOKKU_API_VERSION ]]; then
echo "$HELP"
else
cat && echo "$HELP"
fi
;;
*)
exit "$DOKKU_NOT_IMPLEMENTED_EXIT"
;;
esac