56 lines
1.7 KiB
Bash
56 lines
1.7 KiB
Bash
#!/usr/bin/env bash
|
|
set -euo pipefail
|
|
|
|
TOKEN="${1:-}"
|
|
if [[ -z "${TOKEN}" ]]; then
|
|
echo "Missing token."
|
|
exit 1
|
|
fi
|
|
|
|
API_BASE="${PI_CONTROL_API_URL:-http://gui_nexus}"
|
|
API_BASE="${API_BASE%/}"
|
|
INFO_URL="${API_BASE}/module/pi_control/terminal_info?token=${TOKEN}"
|
|
|
|
AUTH_HEADER=()
|
|
if [[ -n "${STAGING_AUTH_USER:-}" && -n "${STAGING_AUTH_PASS:-}" ]]; then
|
|
BASIC="$(printf "%s:%s" "${STAGING_AUTH_USER}" "${STAGING_AUTH_PASS}" | base64)"
|
|
AUTH_HEADER=(-H "Authorization: Basic ${BASIC}")
|
|
fi
|
|
if [[ -n "${PI_CONTROL_SHARED_SECRET:-}" ]]; then
|
|
AUTH_HEADER+=(-H "X-Terminal-Secret: ${PI_CONTROL_SHARED_SECRET}")
|
|
fi
|
|
|
|
JSON="$(curl -sS "${AUTH_HEADER[@]}" "${INFO_URL}")"
|
|
OK="$(echo "${JSON}" | jq -r '.ok')"
|
|
if [[ "${OK}" != "true" ]]; then
|
|
echo "Invalid or expired token."
|
|
exit 1
|
|
fi
|
|
|
|
HOST="$(echo "${JSON}" | jq -r '.host.host')"
|
|
PORT="$(echo "${JSON}" | jq -r '.host.port')"
|
|
USER="$(echo "${JSON}" | jq -r '.host.username')"
|
|
AUTH_TYPE="$(echo "${JSON}" | jq -r '.host.auth_type')"
|
|
KEY_PATH="$(echo "${JSON}" | jq -r '.host.key_path')"
|
|
PASSWORD="$(echo "${JSON}" | jq -r '.host.password')"
|
|
|
|
if [[ -z "${HOST}" || -z "${USER}" ]]; then
|
|
echo "Host data incomplete."
|
|
exit 1
|
|
fi
|
|
|
|
SSH_OPTS=()
|
|
if [[ "${PI_CONTROL_STRICT_HOSTKEY:-}" == "1" ]]; then
|
|
SSH_OPTS=(-o StrictHostKeyChecking=accept-new -o UserKnownHostsFile=/root/.ssh/known_hosts)
|
|
else
|
|
SSH_OPTS=(-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null)
|
|
fi
|
|
|
|
if [[ "${AUTH_TYPE}" == "key" && -n "${KEY_PATH}" ]]; then
|
|
exec ssh "${SSH_OPTS[@]}" -i "${KEY_PATH}" -p "${PORT:-22}" "${USER}@${HOST}"
|
|
elif [[ "${AUTH_TYPE}" == "pass" && -n "${PASSWORD}" ]]; then
|
|
exec sshpass -p "${PASSWORD}" ssh "${SSH_OPTS[@]}" -p "${PORT:-22}" "${USER}@${HOST}"
|
|
else
|
|
exec ssh "${SSH_OPTS[@]}" -p "${PORT:-22}" "${USER}@${HOST}"
|
|
fi
|