private/nexus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
85fdf3eacb80f71be67ebc5338f3a235a9e8a841
nexus/tools/pi_control/terminal_entry.sh
Lars Gebhardt-Kusche 706917ec7c dsds
2026-03-07 22:40:46 +01:00

91 lines
4.3 KiB
Bash
Raw Blame History

#!/usr/bin/env bash
set -euo pipefail
TOKEN="${1:-}"
ENC_COMMAND="${2:-}"
if [[ -z "${TOKEN}" ]]; then
echo "Missing token."
exit 1
fi
API_BASE="${PI_CONTROL_API_URL:-http://gui_nexus}"
API_BASE="${API_BASE%/}"
INFO_URL="${API_BASE}/module/pi_control/terminal_info?token=${TOKEN}"
AUTH_HEADER=()
if [[ -n "${STAGING_AUTH_USER:-}" && -n "${STAGING_AUTH_PASS:-}" ]]; then
BASIC="$(printf "%s:%s" "${STAGING_AUTH_USER}" "${STAGING_AUTH_PASS}" | base64)"
AUTH_HEADER=(-H "Authorization: Basic ${BASIC}")
fi
if [[ -n "${PI_CONTROL_SHARED_SECRET:-}" ]]; then
AUTH_HEADER+=(-H "X-Terminal-Secret: ${PI_CONTROL_SHARED_SECRET}")
fi
JSON="$(curl -sS "${AUTH_HEADER[@]}" "${INFO_URL}")"
OK="$(echo "${JSON}" | jq -r '.ok')"
if [[ "${OK}" != "true" ]]; then
echo "Invalid or expired token."
exit 1
fi
HOST="$(echo "${JSON}" | jq -r '.host.host')"
PORT="$(echo "${JSON}" | jq -r '.host.port')"
USER="$(echo "${JSON}" | jq -r '.host.username')"
AUTH_TYPE="$(echo "${JSON}" | jq -r '.host.auth_type')"
KEY_PATH="$(echo "${JSON}" | jq -r '.host.key_path')"
PASSWORD="$(echo "${JSON}" | jq -r '.host.password')"
STRICT_HOSTKEY="$(echo "${JSON}" | jq -r '.strict_hostkey // false')"
TMUX_SESSION_JSON="$(echo "${JSON}" | jq -r '.tmux_session // ""')"
COMMAND="$(echo "${JSON}" | jq -r '.command // ""')"
if [[ -z "${COMMAND}" && -n "${ENC_COMMAND}" ]]; then
COMMAND="$(printf '%s' "${ENC_COMMAND}" | base64 -d 2>/dev/null || true)"
fi
if [[ -z "${HOST}" || -z "${USER}" ]]; then
echo "Host data incomplete."
exit 1
fi
SSH_OPTS=()
if [[ "${STRICT_HOSTKEY}" == "true" || "${PI_CONTROL_STRICT_HOSTKEY:-}" == "1" ]]; then
SSH_OPTS=(-o StrictHostKeyChecking=accept-new -o UserKnownHostsFile=/root/.ssh/known_hosts)
else
SSH_OPTS=(-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null)
fi
SSH_TARGET="${USER}@${HOST}"
TMUX_SESSION="${TMUX_SESSION_JSON:-}"
if [[ -z "${TMUX_SESSION}" ]]; then
TMUX_SESSION="${PI_CONTROL_TMUX_SESSION:-nexus}"
fi
if [[ -n "${COMMAND}" ]]; then
COMMAND_B64="$(printf '%s' "${COMMAND}" | base64)"
REMOTE_CMD="CMD_B64='${COMMAND_B64}'; CMD=\"\$(printf '%s' \"\$CMD_B64\" | base64 -d)\"; if command -v tmux >/dev/null 2>&1; then SESSION=\"${TMUX_SESSION}\"; tmux has-session -t \"\$SESSION\" 2>/dev/null || tmux new-session -d -s \"\$SESSION\"; tmux send-keys -t \"\$SESSION\" \"\$CMD\" C-m; exec tmux attach -t \"\$SESSION\"; else eval \"\$CMD\"; exec /bin/bash -il; fi"
REMOTE_CMD_Q=$(printf "%s" "$REMOTE_CMD" | sed "s/'/'\\\\''/g")
if [[ "${AUTH_TYPE}" == "key" && -n "${KEY_PATH}" ]]; then
ssh "${SSH_OPTS[@]}" -i "${KEY_PATH}" -p "${PORT:-22}" -tt "${SSH_TARGET}" -- /bin/bash -lc "'${REMOTE_CMD_Q}'" || \
ssh "${SSH_OPTS[@]}" -i "${KEY_PATH}" -p "${PORT:-22}" -tt "${SSH_TARGET}" -- /bin/sh -lc "'${REMOTE_CMD_Q}'"
elif [[ "${AUTH_TYPE}" == "pass" && -n "${PASSWORD}" ]]; then
sshpass -p "${PASSWORD}" ssh "${SSH_OPTS[@]}" -p "${PORT:-22}" -tt "${SSH_TARGET}" -- /bin/bash -lc "'${REMOTE_CMD_Q}'" || \
sshpass -p "${PASSWORD}" ssh "${SSH_OPTS[@]}" -p "${PORT:-22}" -tt "${SSH_TARGET}" -- /bin/sh -lc "'${REMOTE_CMD_Q}'"
else
ssh "${SSH_OPTS[@]}" -p "${PORT:-22}" -tt "${SSH_TARGET}" -- /bin/bash -lc "'${REMOTE_CMD_Q}'" || \
ssh "${SSH_OPTS[@]}" -p "${PORT:-22}" -tt "${SSH_TARGET}" -- /bin/sh -lc "'${REMOTE_CMD_Q}'"
fi
exit $?
else
REMOTE_CMD="if command -v tmux >/dev/null 2>&1; then exec tmux new -A -s \"${TMUX_SESSION}\"; else exec /bin/bash -il; fi"
REMOTE_CMD_Q=$(printf "%s" "$REMOTE_CMD" | sed "s/'/'\\\\''/g")
if [[ "${AUTH_TYPE}" == "key" && -n "${KEY_PATH}" ]]; then
exec ssh "${SSH_OPTS[@]}" -i "${KEY_PATH}" -p "${PORT:-22}" -tt "${SSH_TARGET}" -- /bin/bash -lc "'${REMOTE_CMD_Q}'" || \
exec ssh "${SSH_OPTS[@]}" -i "${KEY_PATH}" -p "${PORT:-22}" -tt "${SSH_TARGET}" -- /bin/sh -lc "'${REMOTE_CMD_Q}'"
elif [[ "${AUTH_TYPE}" == "pass" && -n "${PASSWORD}" ]]; then
exec sshpass -p "${PASSWORD}" ssh "${SSH_OPTS[@]}" -p "${PORT:-22}" -tt "${SSH_TARGET}" -- /bin/bash -lc "'${REMOTE_CMD_Q}'" || \
exec sshpass -p "${PASSWORD}" ssh "${SSH_OPTS[@]}" -p "${PORT:-22}" -tt "${SSH_TARGET}" -- /bin/sh -lc "'${REMOTE_CMD_Q}'"
else
exec ssh "${SSH_OPTS[@]}" -p "${PORT:-22}" -tt "${SSH_TARGET}" -- /bin/bash -lc "'${REMOTE_CMD_Q}'" || \
exec ssh "${SSH_OPTS[@]}" -p "${PORT:-22}" -tt "${SSH_TARGET}" -- /bin/sh -lc "'${REMOTE_CMD_Q}'"
fi
fi
Reference in New Issue View Git Blame Copy Permalink