mirror of
https://github.com/DictXiong/dotfiles.git
synced 2024-11-24 05:07:02 +08:00
[dev] enhance riot; ddns avoid burst (#38)
* riot: add . for .ibd and non for proxied * riot: 'user@..' to overwrite username, '...:22' to overwrite port, treat the arg as server name if it doesn't match any preset, sshl can accept only a port number and default to use localhost * update.sh: ddns sleep for random seconds to avoid burst * riot: support zssh and sftp, and set ssh options according to trust settings * riot: add scp * riot: support jump servers, sep by commas * common.sh: argparser supports -d/--dev and -D/--dry-run * install.sh: remove -s/--secure because of no use * riot: if remote ends with dot, treat it as a full-hostname; add tests * sagent.sh: refuse to work on windows --------- Co-authored-by: xiongdian.me <xiongdian.me@bytedance.com>
This commit is contained in:
parent
37bf1fa1f0
commit
2cc2ab48b8
|
@ -13,6 +13,11 @@ apost_beacon "sys.online"
|
|||
# update dns
|
||||
if [[ "$DFS_DDNS_ENABLE" == "1" ]]; then
|
||||
fmt_info "updating dns ..."
|
||||
if ! is_tty; then
|
||||
time_to_sleep=$((RANDOM%600))
|
||||
fmt_note "sleep for $time_to_sleep seconds"
|
||||
sleep $time_to_sleep
|
||||
fi
|
||||
"$THIS_DIR/tools/frigg-client.sh" ddns || (fmt_error "failed to update dns" && apost_beacon "dfs.ddns.fail")
|
||||
fi
|
||||
|
||||
|
|
|
@ -319,9 +319,7 @@ for i in ${GOT_OPTS[@]}; do
|
|||
case $i in
|
||||
-i ) FUNC=install ;;
|
||||
-r ) FUNC=uninstall ;;
|
||||
-d|--dev ) export DFS_DEV=1; set -x ;;
|
||||
-a|--auto ) INSTALL_DEP=1 ;;
|
||||
-s|--secure ) export DFS_DEV=0 ;;
|
||||
-H|--hist|--history ) store_hist=1 ;;
|
||||
-x ) store_config=1 ;;
|
||||
* ) fmt_fatal "unknown option \"$i\"" ;;
|
||||
|
|
190
scripts/riot
190
scripts/riot
|
@ -2,57 +2,141 @@
|
|||
# connect to iot services
|
||||
THIS_DIR=$( cd "$( dirname "${BASH_SOURCE[0]:-${(%):-%x}}" )" && pwd )
|
||||
source "$THIS_DIR/../tools/common.sh"
|
||||
RIOT_TRUST_CLIENT=${RIOT_TRUST_CLIENT:-${DFS_TRUST:-0}}
|
||||
RIOT_TRUST_SERVER=${RIOT_TRUST_SERVER:-0}
|
||||
|
||||
# get target settings
|
||||
# provides:
|
||||
SERVER=""
|
||||
PORT=""
|
||||
SSH_USERNAME=""
|
||||
SSH_OPTIONS=""
|
||||
get_server_meta()
|
||||
{
|
||||
local domain=${1##*.}
|
||||
local host=${1%.*}
|
||||
# get single server setting
|
||||
# may be called more than once
|
||||
get_server_meta() {
|
||||
# returns:
|
||||
RET_HOSTNAME=""
|
||||
RET_TRUST_SERVER=0
|
||||
RET_PORT="" # optional
|
||||
RET_USERNAME="" # optional
|
||||
RET_JUMP_SERVER="" # optional
|
||||
# body
|
||||
local remote="$1"
|
||||
# if in the form user@...
|
||||
if [[ "$remote" == *@* ]]; then
|
||||
RET_USERNAME=${remote%%@*}
|
||||
remote=${remote#*@}
|
||||
fi
|
||||
# if in the form ...:22
|
||||
if [[ "$remote" == *:* ]]; then
|
||||
RET_PORT=${remote##*:}
|
||||
remote=${remote%:*}
|
||||
fi
|
||||
# presets -- match domain
|
||||
local domain=${remote##*.}
|
||||
local host=${remote%.*}
|
||||
# if there's no dot
|
||||
if [[ "$host" == "$domain" ]]; then
|
||||
domain=""
|
||||
domain="ibd"
|
||||
fi
|
||||
case $domain in
|
||||
ibd|ebd )
|
||||
SERVER=$host.$domain.ink
|
||||
PORT=12022
|
||||
SSH_USERNAME=root
|
||||
RET_HOSTNAME=$host.$domain.ink
|
||||
RET_PORT=${RET_PORT:-12022}
|
||||
RET_USERNAME=${RET_USERNAME:-root}
|
||||
RET_TRUST_SERVER=1
|
||||
;;
|
||||
nasp )
|
||||
SERVER=$host
|
||||
PORT=12022
|
||||
SSH_USERNAME=dictxiong
|
||||
SSH_OPTIONS='-o ProxyJump="ssh@nasp.ob.ac.cn:36022"'
|
||||
RET_HOSTNAME=$host
|
||||
RET_PORT=${RET_PORT:-12022}
|
||||
RET_USERNAME=${RET_USERNAME:-dictxiong}
|
||||
RET_JUMP_SERVER="ssh@nasp.ob.ac.cn:36022"
|
||||
RET_TRUST_SERVER=1
|
||||
;;
|
||||
"" )
|
||||
SERVER=proxy.beardic.cn
|
||||
x|proxied )
|
||||
RET_HOSTNAME=proxy.beardic.cn
|
||||
local tmp=$(sha256sum <<< "$host" | tr -cd "[:digit:]")
|
||||
tmp=${tmp:0:4}
|
||||
PORT=$((10#$tmp+36000))
|
||||
SSH_USERNAME=root
|
||||
RET_PORT=$((10#$tmp+36000))
|
||||
RET_USERNAME=root
|
||||
RET_TRUST_SERVER=1
|
||||
;;
|
||||
* )
|
||||
fmt_fatal "unknown domain: $domain"
|
||||
test -z "$domain" || fmt_warning "unknown domain: \"$domain\". will try as host name"
|
||||
RET_HOSTNAME="$remote"
|
||||
esac
|
||||
}
|
||||
|
||||
# remote setting, including jump servers
|
||||
# will be called only once
|
||||
# provides:
|
||||
SERVER=""
|
||||
TRUST_SERVER=1
|
||||
PORT="" # optional
|
||||
USERNAME="" # optional
|
||||
SSH_OPTIONS="" # optional
|
||||
if [[ "$RIOT_TRUST_CLIENT" == "1" ]]; then
|
||||
SSH_OPTIONS='-o ControlMaster=auto -o ControlPath=/tmp/sshcm-%C -o PermitLocalCommand=yes'
|
||||
fi
|
||||
parse_remote() {
|
||||
local remote="$1"
|
||||
local jump_servers=""
|
||||
# loop for jump servers
|
||||
while [[ -n $remote ]]; do
|
||||
local server=${remote%%,*}
|
||||
remote=${remote#*,}
|
||||
get_server_meta "$server"
|
||||
if [[ -n "$RET_JUMP_SERVER" ]]; then
|
||||
jump_servers="$jump_servers${jump_servers:+,}$RET_JUMP_SERVER"
|
||||
fi
|
||||
# only if all servers are trusted
|
||||
TRUST_SERVER=$((TRUST_SERVER*RET_TRUST_SERVER))
|
||||
if [[ "$server" == "$remote" || -z "$remote" ]]; then
|
||||
SERVER="$RET_HOSTNAME"
|
||||
PORT="$RET_PORT"
|
||||
USERNAME="$RET_USERNAME"
|
||||
remote=""
|
||||
else
|
||||
jump_servers="$jump_servers${jump_servers:+,}$RET_USERNAME${RET_USERNAME:+@}$RET_HOSTNAME${RET_PORT:+:}$RET_PORT"
|
||||
fi
|
||||
done
|
||||
# construct cmd
|
||||
if [[ "$RIOT_TRUST_SERVER" == "1" || "$TRUST_SERVER" == "1" ]]; then
|
||||
SSH_OPTIONS="$SSH_OPTIONS -o ForwardX11=yes -o ForwardAgent=yes"
|
||||
fi
|
||||
if [[ -n "$jump_servers" ]]; then
|
||||
SSH_OPTIONS="$SSH_OPTIONS -o ProxyJump=$jump_servers"
|
||||
fi
|
||||
}
|
||||
|
||||
eval_or_echo() {
|
||||
if [[ "$DFS_DRY_RUN" == "1" ]]; then
|
||||
echo $@
|
||||
else
|
||||
eval $@
|
||||
fi
|
||||
}
|
||||
|
||||
# ssh series
|
||||
prepare_ssh_cmd() {
|
||||
local ssh_bin="${1:-ssh}"
|
||||
if [[ "$ssh_bin" == "scp" || "$ssh_bin" == "sftp" ]]; then
|
||||
local port_param='-P'
|
||||
else
|
||||
local port_param='-p'
|
||||
fi
|
||||
echo "$ssh_bin ${PORT:+$port_param} $PORT $SSH_OPTIONS $SCP_SRC $USERNAME${USERNAME:+@}$SERVER $SCP_DST"
|
||||
}
|
||||
|
||||
# ssh
|
||||
run_ssh()
|
||||
{
|
||||
CMD="ssh -p $PORT $SSH_OPTIONS $SSH_USERNAME@$SERVER"
|
||||
fmt_note "-->" $CMD
|
||||
eval $CMD
|
||||
local cmd="$(prepare_ssh_cmd $1)"
|
||||
fmt_note "-->" $cmd
|
||||
eval_or_echo $cmd
|
||||
}
|
||||
|
||||
# sshl
|
||||
run_sshl()
|
||||
{
|
||||
if [[ -z "$1" || "$1" != *":"* ]]; then
|
||||
fmt_fatal "invalid remote address: $1"
|
||||
local arg="$1"
|
||||
if [[ "$arg" != *":"* ]]; then
|
||||
# treat as a port number
|
||||
arg=localhost:$arg
|
||||
fi
|
||||
while
|
||||
local port=$(shuf -n 1 -i 49152-65535)
|
||||
|
@ -60,26 +144,50 @@ run_sshl()
|
|||
do
|
||||
continue
|
||||
done
|
||||
CMD="ssh -p $PORT $SSH_OPTIONS -NC -L $port:$1 $SSH_USERNAME@$SERVER"
|
||||
fmt_note "-->" $CMD
|
||||
|
||||
SSH_OPTIONS="$SSH_OPTIONS -NC -L $port:$arg"
|
||||
local cmd="$(prepare_ssh_cmd ssh)"
|
||||
fmt_note "-->" $cmd
|
||||
fmt_note " > please access localhost:$port"
|
||||
eval $CMD
|
||||
eval_or_echo $cmd
|
||||
}
|
||||
|
||||
# scp
|
||||
run_scp() {
|
||||
local src="$1"
|
||||
local dst="$2"
|
||||
local dst_is_remote=1
|
||||
# whoever is ./*, it can't be the remote; whoever not exists on local, it's possible the remote.
|
||||
# it is suggested to use ./* for local files.
|
||||
if [[ "$src" != "./"* && ( "$dst" == "./"* || ( ! -e "$src" && -e "$dst" ) ) ]]; then
|
||||
dst_is_remote=0
|
||||
fi
|
||||
if [[ "$dst_is_remote" == "1" ]]; then
|
||||
SCP_SRC=\""$src"\"
|
||||
SERVER="$SERVER":\""$dst"\"
|
||||
else
|
||||
SERVER="$SERVER":\""$src"\"
|
||||
SCP_DST=\""$dst"\"
|
||||
fi
|
||||
SSH_OPTIONS="$SSH_OPTIONS -r"
|
||||
local cmd="$(prepare_ssh_cmd scp)"
|
||||
fmt_note "-->" $cmd
|
||||
eval_or_echo $cmd
|
||||
}
|
||||
|
||||
# main
|
||||
print_help()
|
||||
{
|
||||
fmt_info "usage: $0 <service> [command] [options]"
|
||||
echo "available commands: ssh (default), sshl (ssh -L)"
|
||||
echo "available commands: ssh (default), sshl (ssh -L), zssh, sftp"
|
||||
}
|
||||
|
||||
router()
|
||||
{
|
||||
router() {
|
||||
if [[ -z "$1" || "$1" == "-h" || "$1" == "--help" ]]; then
|
||||
print_help
|
||||
exit
|
||||
fi
|
||||
get_server_meta "$1"
|
||||
parse_remote "$1"
|
||||
case $2 in
|
||||
-h|--help)
|
||||
print_help
|
||||
|
@ -88,9 +196,21 @@ router()
|
|||
ssh|"" )
|
||||
run_ssh
|
||||
;;
|
||||
zssh )
|
||||
run_ssh zssh
|
||||
;;
|
||||
sftp )
|
||||
run_ssh sftp
|
||||
;;
|
||||
sshl )
|
||||
test -n "$3" || fmt_fatal "no target address provided"
|
||||
run_sshl "$3"
|
||||
;;
|
||||
scp )
|
||||
test -n "$3" || fmt_fatal "no source path specified"
|
||||
test -n "$4" || fmt_fatal "no destination path specified"
|
||||
run_scp "$3" "$4"
|
||||
;;
|
||||
* )
|
||||
print_help
|
||||
fmt_fatal "unknown command: $2"
|
||||
|
|
|
@ -3,7 +3,7 @@ set -e
|
|||
THIS_DIR_COMMON_SH=$( cd "$( dirname "${BASH_SOURCE[0]:-${(%):-%x}}" )" && pwd )
|
||||
export DOTFILES=$( cd "$THIS_DIR_COMMON_SH/.." && pwd )
|
||||
if [[ -f ~/.config/dotfiles/env ]]; then set -a; source ~/.config/dotfiles/env; set +a; fi
|
||||
if [[ "$DFS_DEBUG" == "1" ]]; then set -x; fi
|
||||
if [[ "$DFS_DEV" == "1" ]]; then set -x; fi
|
||||
DFS_CURL_OPTIONS="--retry 2 --max-time 20"
|
||||
|
||||
# parse args and set env, when it is sourced
|
||||
|
@ -17,8 +17,9 @@ if [[ "${BASH_SOURCE[0]}" != "${0}" ]]; then
|
|||
case $ARG in
|
||||
-q*|--quite ) export DFS_QUIET=1 ;;
|
||||
-l*|--lite ) export DFS_LITE=1 ;;
|
||||
-d*|--dev ) export DFS_DEV=1; set -x ;;
|
||||
-D*|--dry-run ) export DFS_DRY_RUN=1 ;;
|
||||
--color ) export DFS_COLOR=1 ;;
|
||||
--dry-run ) export DFS_DRY_RUN=1 ;; # TODO!!!
|
||||
--*=* ) GOT_OPTS+=("${ARG%%=*}" "${ARG#*=}") ;;
|
||||
--* ) GOT_OPTS+=("$ARG") ;;
|
||||
-* ) GOT_OPTS+=("${ARG:0:2}") ;;
|
||||
|
|
|
@ -79,6 +79,10 @@ all()
|
|||
|
||||
route()
|
||||
{
|
||||
os_type="$(get_os_type)"
|
||||
if [[ "$os_type" == "msys" || "$os_type" == "cygwin" ]]; then
|
||||
fmt_fatal "unsupported platform: $os_type. you may use WinCryptSSHAgent."
|
||||
fi
|
||||
if [[ $# -eq 0 ]]; then
|
||||
all
|
||||
return
|
||||
|
|
|
@ -31,6 +31,7 @@ test $(echo n | tools/common.sh ask_for_yN "test") = "0"
|
|||
test $(echo | tools/common.sh ask_for_yN "test") = "0"
|
||||
test $(echo | tools/common.sh ask_for_Yn "test") = "1"
|
||||
test $(DFS_QUIET=1 tools/common.sh ask_for_Yn "test") = "1"
|
||||
test "$(DFS_TRUST=1 riot time@is.impt:2222,yes@you-r.right,you@are.really.recht.,ibd.,try@it scp /tmp/ ./tmp -D 2>/dev/null)" = 'scp -P 12022 -o ControlMaster=auto -o ControlPath=/tmp/sshcm-%C -o PermitLocalCommand=yes -o ProxyJump=time@is.impt:2222,yes@you-r.right,you@are.really.recht.,ibd. -r try@it.ibd.ink:"/tmp/" "./tmp"'
|
||||
|
||||
# check alias
|
||||
alias p114
|
||||
|
|
Loading…
Reference in New Issue
Block a user