391 lines
8.6 KiB
YAML
391 lines
8.6 KiB
YAML
|
|
providers:
|
|
|
|
# Provider: SSH
|
|
# ==================
|
|
ssh:
|
|
|
|
services:
|
|
local.ssh_key:
|
|
desc: Local ssh key
|
|
inputs:
|
|
ssh_key_secret: ""
|
|
ssh_key_alg: "ed25519"
|
|
|
|
commands:
|
|
|
|
ssh new:
|
|
desc: Create new SSH key
|
|
|
|
shell: |
|
|
SSH_KEY_ALG={{ssh_key_alg}}
|
|
|
|
SSH_KEY_VERSION="$(date +'%Y%m%d')"
|
|
SSH_KEY_HOST="$(hostname -f)"
|
|
|
|
SSH_KEY_FILE=$HOME/.ssh/{ident}/{user}_${SSH_KEY_ALG}_${SSH_KEY_VERSION}
|
|
SSH_KEY_COMMENT={user}@${SSH_KEY_HOST}:${SSH_KEY_ALG}_${SSH_KEY_VERSION}
|
|
|
|
ssh-keygen -f "{SSH_KEY_FILE}" \
|
|
-t ed25519 -a 100 \
|
|
-N "{{ssh_key_secret}}" \
|
|
-C "$SSH_KEY_COMMENT"
|
|
|
|
|
|
|
|
ssh delete:
|
|
desc: Delete existing SSH key
|
|
cmd: |
|
|
find $HOME/.ssh/{ident}/ -name "{user}_*"
|
|
|
|
|
|
|
|
|
|
resources_def:
|
|
|
|
|
|
auth.ssh_certificate:
|
|
desc: SSH Certificates
|
|
input:
|
|
ssh_cert_file: null
|
|
needs:
|
|
- auth.ssh_key
|
|
|
|
auth.ssh_key:
|
|
desc: SSH Keypair
|
|
input:
|
|
ssh_key_file: null
|
|
ssh_key_secret: null
|
|
needs:
|
|
- kind: auth.password
|
|
remap:
|
|
ssh_key_secret: passord
|
|
|
|
account.ssh:
|
|
desc: Unix account
|
|
input:
|
|
host: null
|
|
|
|
|
|
# service.local.ssh_key:
|
|
# desc: A local ssh key
|
|
|
|
|
|
|
|
# resources:
|
|
|
|
# service.local.ssh_agent:
|
|
# enabled: true
|
|
|
|
# service.local.ssh_agent_keys:
|
|
# enabled: true
|
|
# loop:
|
|
# - auth.ssh_key:{ident}/ed25519
|
|
# - auth.ssh_key:{ident}/rsa4096
|
|
# - auth.ssh_key:{ident}/rsa2048
|
|
# - auth.ssh_key:{ident}/rsa1024
|
|
# - auth.ssh_key:{ident}
|
|
# loop_limit: 3
|
|
|
|
|
|
|
|
|
|
# Provider: GPG Agent
|
|
# ==================
|
|
gpg_agent:
|
|
|
|
|
|
resources_def:
|
|
|
|
auth.gpg_key:
|
|
desc: GPG keypair
|
|
input:
|
|
gpg_key_file: null
|
|
gpg_key_secret: null
|
|
needs:
|
|
- kind: auth.password
|
|
remap:
|
|
gpg_key_secret: passord
|
|
|
|
|
|
# Provider: SSH Agent
|
|
# ==================
|
|
ssh_agent:
|
|
|
|
services:
|
|
|
|
local.ssh_agent:
|
|
desc: Local ssh-agent
|
|
input:
|
|
ssh_agent_socket_dir: /run/user/ssh-agent
|
|
ssh_agent_tmout: 7d
|
|
|
|
commands:
|
|
|
|
shell_start:
|
|
desc: Start ssh-agent
|
|
cmd: |
|
|
socket=$HOME/.local/state/ssh-agent/{{user}}
|
|
start=true
|
|
|
|
running=2
|
|
if [[ ! -e "$socket.env" ]]; then
|
|
running=2
|
|
elif [[ -e "$socket" ]]; then
|
|
running=$(SSH_AUTH_SOCK=$socket ssh-add -l &>/dev/null; echo $rc)
|
|
fi
|
|
|
|
if [[ "$running" -eq 2 ]]; then
|
|
# Start agent
|
|
>&2 echo "Start ssh-agent for {{ident}}"
|
|
mkdir -p "${socket%/*}"
|
|
ssh-agent -a $socket -t {{ssh_agent_tmout}} > $socket.env
|
|
fi
|
|
|
|
unset socket start running
|
|
|
|
# if [[ -d "/run/user/$(id -u)" ]]; then
|
|
# socket=/run/user/$(id -u)/ssh-agent/{{user}}
|
|
# else
|
|
|
|
# fi
|
|
|
|
|
|
shell_enable:
|
|
desc: Enable ssh-agent
|
|
|
|
cmd: |
|
|
socket=$HOME/.local/state/ssh-agent/{{user}}
|
|
|
|
if [[ -e "$socket.env" ]]; then
|
|
# >&2 echo "Enable ssh-agent for {{ident}}"
|
|
source "$socket.env" >/dev/null
|
|
fi
|
|
|
|
unset socket
|
|
|
|
|
|
|
|
shell_disable:
|
|
desc: Disable ssh-agent
|
|
cmd: |
|
|
unset SSH_AUTH_SOCK SSH_AGENT_PID
|
|
|
|
|
|
shell_stop:
|
|
desc: Kill ssh-agent
|
|
cmd: |
|
|
socket=$HOME/.local/state/ssh-agent/{{user}}
|
|
|
|
if [[ -e "$socket.env" ]]; then
|
|
# >&2 echo "Enable ssh-agent for {{ident}}"
|
|
source "$socket.env" >/dev/null
|
|
# fi
|
|
|
|
# if [[ -n "$SSH_AGENT_PID" ]]; then
|
|
>&2 echo "Kill ssh-agent for {{ident}}"
|
|
eval "(ssh-agent -k)" >/dev/null
|
|
[[ -e "$socket.env" ]] && rm "$socket.env" || true
|
|
fi
|
|
unset socket
|
|
|
|
# env_file="$HOME/.local/state/ssh-agent/{{user}}.env"
|
|
|
|
# if [[ -f "$env_file" ]]; then
|
|
# source "$env_file"
|
|
# fi
|
|
# if [[ -f "$env_file" ]]; then
|
|
# rm "$env_file"
|
|
# fi
|
|
|
|
|
|
local.ssh_agent_keys:
|
|
desc: Local ssh-agent keys
|
|
|
|
commands:
|
|
ssh add:
|
|
desc: Unload keys into ssh-agent
|
|
cmd: ssh-agent -d {ssh_key_file}
|
|
|
|
ssh rm:
|
|
desc: Load keys into ssh-agent
|
|
cmd: |
|
|
ssh-add {% for item in loop %} {{item.ssh_key_file}} {% endfor %}
|
|
|
|
|
|
required_services:
|
|
- local.ssh_agent
|
|
|
|
|
|
resources_def:
|
|
|
|
service.local.ssh_agent:
|
|
desc: Configure ssh-agent daemon
|
|
|
|
service.local.ssh_agent_keys:
|
|
desc: Configure ssh-agent keys autoloader
|
|
|
|
|
|
resources:
|
|
|
|
service.local.ssh_agent:
|
|
enabled: true
|
|
|
|
service.local.ssh_agent_keys:
|
|
enabled: true
|
|
loop:
|
|
- auth.ssh_key:{ident}/ed25519
|
|
- auth.ssh_key:{ident}/rsa4096
|
|
- auth.ssh_key:{ident}/rsa2048
|
|
- auth.ssh_key:{ident}/rsa1024
|
|
- auth.ssh_key:{ident}
|
|
loop_limit: 3
|
|
|
|
|
|
|
|
|
|
|
|
# Provider: Git Config
|
|
# ==================
|
|
git:
|
|
|
|
services:
|
|
|
|
local.git:
|
|
desc: Git identity
|
|
# input:
|
|
# ssh_agent_socket_dir: /run/user/ssh-agent
|
|
# ssh_agent_tmout: 7d
|
|
|
|
commands:
|
|
|
|
shell_enable:
|
|
desc: Enable git identity
|
|
cmd: |
|
|
export GIT_AUTHOR_NAME='{{ident}}'
|
|
export GIT_AUTHOR_EMAIL='{{email}}'
|
|
export GIT_COMMITTER_NAME='{{ident}}'
|
|
export GIT_COMMITTER_EMAIL='{{email}}'
|
|
|
|
|
|
shell_disable:
|
|
desc: Disable git identity
|
|
cmd: |
|
|
unset GIT_AUTHOR_NAME GIT_AUTHOR_EMAIL GIT_COMMITTER_NAME GIT_COMMITTER_EMAIL
|
|
|
|
|
|
local.git_home:
|
|
desc: Home as git repo
|
|
input:
|
|
git_dir: "$HOME"
|
|
git_work_tree: $HOME/.local/share/home_git
|
|
|
|
commands:
|
|
|
|
shell_enable:
|
|
desc: Enable git home management
|
|
cmd: |
|
|
export GIT_DIR="{{git_dir}}"
|
|
export GIT_WORK_TREE="{{git_work_tree}}/{{ ident }}"
|
|
|
|
shell_disable:
|
|
desc: Disable git home management
|
|
cmd: |
|
|
unset GIT_DIR GIT_WORK_TREE
|
|
|
|
required_services:
|
|
- local.git
|
|
|
|
resources_def:
|
|
|
|
service.local.git:
|
|
desc: Configure git
|
|
|
|
service.local.git_home:
|
|
desc: Configure home as git repo
|
|
|
|
resources:
|
|
|
|
service.local.git:
|
|
enabled: true
|
|
uses:
|
|
- account:{user}
|
|
|
|
# Disabled by default
|
|
service.local.git_home:
|
|
|
|
|
|
|
|
# Provider: PS1 Config
|
|
# ==================
|
|
ps1:
|
|
|
|
services:
|
|
|
|
local.ps1:
|
|
desc: PS1 prompt
|
|
input:
|
|
enabled: True
|
|
|
|
commands:
|
|
|
|
shell_enable:
|
|
desc: Enable PS1
|
|
cmd: |
|
|
export OLD_PS1=$PS1
|
|
export PS1="\033[0;34m\]({{ident}})\033[00m\] ${PS1}"
|
|
|
|
shell_disable:
|
|
desc: Disable PS1
|
|
cmd: |
|
|
export PS1='${debian_chroot:+($debian_chroot)}\u@\h:\w\$ '
|
|
# export PS1="$OLD_PS1"
|
|
|
|
|
|
|
|
|
|
resources_def:
|
|
service.local.ps1:
|
|
desc: PS1 prompt
|
|
|
|
|
|
resources:
|
|
|
|
service.local.ps1:
|
|
desc: Custom Ident PS1
|
|
|
|
|
|
|
|
# EXISTING
|
|
|
|
# WARN__: Your workspace is already activated
|
|
# NOTICE: Enabling id ...
|
|
# export SHELL_ID='mrjk'
|
|
# export GIT_AUTHOR_NAME='mrjk'
|
|
# export GIT_AUTHOR_EMAIL='mrjk.78@gmail.com'
|
|
# export GIT_COMMITTER_NAME='mrjk'
|
|
# export GIT_COMMITTER_EMAIL='mrjk.78@gmail.com'
|
|
|
|
# NOTICE: Enabling gpg ...
|
|
# export GNUPGHOME=/home/jez/.config/gpg/mrjk
|
|
# export GPG_AGENT_INFO=/run/user/1000/pgp-agent/mrjk/socket
|
|
# export GPG_DEFAULT_ID=mrjk
|
|
# export GPG_TTY=/dev/pts/48
|
|
# export GNUPGHOME=/home/jez/.config/gpg/mrjk
|
|
|
|
# NOTICE: Enabling ssh ...
|
|
# export SSH_AUTH_SOCK=/run/user/1000/ssh-agent/mrjk/socket
|
|
|
|
# NOTICE: Enabling gh ...
|
|
# export GH_TOKEN="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"
|
|
# export GH_REPO="mrjk"
|
|
|
|
# NOTICE: Enabling gitea ...
|
|
# export GITEA_SERVER_URL="ad808bc88fa37bce5e3bb963f1420aa575194d30"
|
|
# export GITEA_LOGIN="mrjk@git.jeznet.org"
|
|
|
|
# NOTICE: Enabling ps1 ...
|
|
# export PS1="\[\](mrjk)\[\] ${IDM_SHELL_PS1}"
|
|
|
|
# NOTICE: Identity 'mrjk' is loaded
|