dotfiles/scripts/riot

#!/bin/bash
# connect to iot services
THIS_DIR=$( cd "$( dirname "${BASH_SOURCE[0]:-${(%):-%x}}" )" && pwd )
source "$THIS_DIR/../tools/common.sh"
RIOT_TRUST_CLIENT=${RIOT_TRUST_CLIENT:-${DFS_TRUST:-0}}
RIOT_TRUST_SERVER=${RIOT_TRUST_SERVER:-0}

# get target settings
# provides:
SERVER=""
PORT=""  # optional
USERNAME=""  # optional
SSH_OPTIONS=""
if [[ "$RIOT_TRUST_CLIENT" == "1" ]]; then
    SSH_OPTIONS='-o ControlMaster=auto -o ControlPath=/tmp/sshcm-%C -o PermitLocalCommand=yes'
fi
get_server_meta()
{
    local trust_server="$RIOT_TRUST_SERVER"
    local arg="$1"
    # overwrite
    if [[ "$arg" == *@* ]]; then
        USERNAME=${arg%%@*}
        arg=${arg#*@}
    fi
    if [[ "$arg" == *:* ]]; then
        PORT=${arg##*:}
        arg=${arg%:*}
    fi
    # presets
    local domain=${arg##*.}
    local host=${arg%.*}
    if [[ -z "$domain" ]]; then
        domain="ibd"
    fi
    if [[ "$host" == "$domain" ]]; then
        domain="proxied"
    fi
    case $domain in
        ibd|ebd )
            SERVER=$host.$domain.ink
            PORT=${PORT:-12022}
            USERNAME=${USERNAME:-root}
            trust_server=1
            ;;
        nasp )
            SERVER=$host
            PORT=${PORT:-12022}
            USERNAME=${USERNAME:-dictxiong}
            SSH_OPTIONS=$SSH_OPTIONS' -o ProxyJump="ssh@nasp.ob.ac.cn:36022"'
            trust_server=1
            ;;
        proxied )
            SERVER=proxy.beardic.cn
            local tmp=$(sha256sum <<< "$host" | tr -cd "[:digit:]")
            tmp=${tmp:0:4}
            PORT=$((10#$tmp+36000))
            USERNAME=root
            trust_server=1
            ;;
        * )
            fmt_warning "unknown domain: $domain. will try as server name"
            SERVER="$arg"
    esac
    if [[ "$trust_server" == "1" ]]; then
        SSH_OPTIONS=$SSH_OPTIONS' -o ForwardX11=yes -o ForwardAgent=yes'
    fi
}

# ssh
SSH_BIN=ssh
SSH_PORT_PARAM='-p'
run_ssh()
{
    CMD="$SSH_BIN ${PORT:+$SSH_PORT_PARAM} $PORT $SSH_OPTIONS $USERNAME${USERNAME:+@}$SERVER"
    fmt_note "-->" $CMD
    if [[ "$DFS_DRY_RUN" == "1" ]]; then
        echo $CMD
    else
        eval $CMD
    fi
}

# sshl
run_sshl()
{
    if [[ -z "$1" ]]; then
        fmt_fatal "invalid remote address: $1"
    fi
    arg="$1"
    if [[ "$arg" != *":"* ]]; then
        # treat as a port number
        arg=localhost:$arg
    fi
    while
        local port=$(shuf -n 1 -i 49152-65535)
        netstat -atun | grep -q "$port"
    do
        continue
    done
    CMD="ssh ${PORT:+-p} $PORT $SSH_OPTIONS -NC -L $port:$arg $USERNAME${USERNAME:+@}$SERVER"
    fmt_note "-->" $CMD
    fmt_note "  > please access localhost:$port"
    if [[ "$DFS_DRY_RUN" == "1" ]]; then
        echo $CMD
    else
        eval $CMD
    fi
}

# main
print_help()
{
    fmt_info "usage: $0 <service> [command] [options]"
    echo "available commands: ssh (default), sshl (ssh -L)"
}

router()
{
    if [[ -z "$1" || "$1" == "-h" || "$1" == "--help" ]]; then
        print_help
        exit
    fi
    get_server_meta "$1"
    case $2 in
        -h|--help)
            print_help
            exit
            ;;
        ssh|"" )
            run_ssh
            ;;
        zssh )
            SSH_BIN=zssh
            run_ssh
            ;;
        sftp )
            SSH_BIN=sftp
            SSH_PORT_PARAM='-P'
            run_ssh
            ;;
        sshl )
            run_sshl "$3"
            ;;
        * )
            print_help
            fmt_fatal "unknown command: $2"
            ;;
    esac
}

router "${GOT_OPTS[@]}"