diff options
| -rw-r--r-- | lib/leap_cli/commands/user.rb | 65 | ||||
| -rw-r--r-- | lib/leap_cli/commands/vagrant.rb | 4 | ||||
| -rw-r--r-- | lib/leap_cli/commands/vm.rb | 26 | ||||
| -rw-r--r-- | platform.rb | 1 | 
4 files changed, 76 insertions, 20 deletions
| diff --git a/lib/leap_cli/commands/user.rb b/lib/leap_cli/commands/user.rb index fb406dc7..a0569a4d 100644 --- a/lib/leap_cli/commands/user.rb +++ b/lib/leap_cli/commands/user.rb @@ -13,19 +13,49 @@  module LeapCli    module Commands -    desc 'Adds a new trusted sysadmin by adding public keys to the "users" directory.' -    arg_name 'USERNAME' #, :optional => false, :multiple => false -    command :'add-user' do |c| - +    desc 'Manage trusted sysadmins (DEPRECATED)' +    long_desc "Use `leap user add` instead" +    command :'user-add' do |c|        c.switch 'self', :desc => 'Add yourself as a trusted sysadmin by choosing among the public keys available for the current user.', :negatable => false        c.flag 'ssh-pub-key', :desc => 'SSH public key file for this new user'        c.flag 'pgp-pub-key', :desc => 'OpenPGP public key file for this new user' -        c.action do |global_options,options,args|          do_add_user(global_options, options, args)        end      end +    desc 'Manage trusted sysadmins' +    long_desc "Manage the trusted sysadmins that are configured in the 'users' directory." +    command :user do |user| + +      user.desc 'Adds a new trusted sysadmin' +      user.arg_name 'USERNAME' +      user.command :add do |c| +        c.switch 'self', :desc => 'Add yourself as a trusted sysadmin by choosing among the public keys available for the current user.', :negatable => false +        c.flag 'ssh-pub-key', :desc => 'SSH public key file for this new user' +        c.flag 'pgp-pub-key', :desc => 'OpenPGP public key file for this new user' +        c.action do |global_options,options,args| +          do_add_user(global_options, options, args) +        end +      end + +      user.desc 'Removes a trusted sysadmin' +      user.arg_name 'USERNAME' +      user.command :rm do |c| +        c.action do |global_options,options,args| +          do_rm_user(global_options, options, args) +        end +      end + +      user.desc 'Lists the configured sysadmins' +      user.command :ls do |c| +        c.action do |global_options,options,args| +          do_list_users(global_options, options, args) +        end +      end + +    end +      private      def do_add_user(global, options, args) @@ -70,6 +100,31 @@ module LeapCli        update_authorized_keys      end +    def do_rm_user(global, options, args) +      dir = [:user_dir, args.first] +      if Util.dir_exists?(dir) +        Util.remove_file!(dir) +        update_authorized_keys +      else +        bail! :error, 'There is no directory `%s`' % Path.named_path(dir) +      end +    end + +    def do_list_users(global, options, args) +      require 'leap_cli/ssh' + +      Dir.glob(path([:user_ssh, '*'])).each do |keyfile| +        username = File.basename(File.dirname(keyfile)) +        log username, :color => :cyan do +          log Path.relative_path(keyfile) +          key = SSH::Key.load(keyfile) +          log 'SSH MD5 fingerprint: ' + key.fingerprint(:digest => :md5, :type => :ssh, :encoding => :hex) +          log 'SSH SHA256 fingerprint: ' + key.fingerprint(:digest => :sha256, :type => :ssh, :encoding => :base64) +          log 'DER MD5 fingerprint: ' + key.fingerprint(:digest => :md5, :type => :der, :encoding => :hex) +        end +      end +    end +      #      # let the the user choose among the ssh public keys that we encounter, or      # just pick the key if there is only one. diff --git a/lib/leap_cli/commands/vagrant.rb b/lib/leap_cli/commands/vagrant.rb index b0ae1cf8..f8a75b61 100644 --- a/lib/leap_cli/commands/vagrant.rb +++ b/lib/leap_cli/commands/vagrant.rb @@ -35,7 +35,7 @@ module LeapCli; module Commands      local.desc 'Destroys the virtual machine(s), reclaiming the disk space'      local.arg_name 'FILTER', :optional => true #, :multiple => false -    local.command :destroy do |destroy| +    local.command [:rm, :destroy] do |destroy|        destroy.action do |global_options,options,args|          if global_options[:yes]            vagrant_command("destroy --force", args) @@ -47,7 +47,7 @@ module LeapCli; module Commands      local.desc 'Print the status of local virtual machine(s)'      local.arg_name 'FILTER', :optional => true #, :multiple => false -    local.command :status do |status| +    local.command [:ls, :status] do |status|        status.action do |global_options,options,args|          vagrant_command("status", args)        end diff --git a/lib/leap_cli/commands/vm.rb b/lib/leap_cli/commands/vm.rb index 4b9e3467..b1911596 100644 --- a/lib/leap_cli/commands/vm.rb +++ b/lib/leap_cli/commands/vm.rb @@ -1,6 +1,6 @@  module LeapCli; module Commands -  desc "Manage virtual machines." +  desc "Manage remote virtual machines (VMs)."    long_desc "This command provides a convenient way to manage virtual machines. " +              "FILTER may be a node filter or the ID of a virtual machine." @@ -11,8 +11,8 @@ module LeapCli; module Commands        :desc => "Choose which authentication credentials to use from the file cloud.json. "+                 "If omitted, will default to the node's `vm.auth` property, or the first credentials in cloud.json" -    vm.desc "Allocates a new virtual machine and/or associates it with node NAME. "+ -            "If node configuration file does not yet exist, "+ +    vm.desc "Allocates a new VM and/or associates it with node NAME." +    vm.long_desc "If node configuration file does not yet exist, "+              "it is created with the optional SEED values. "+              "You can run this command when the virtual machine already exists "+              "in order to update the node's `vm.id` property." @@ -23,7 +23,7 @@ module LeapCli; module Commands        end      end -    vm.desc 'Starts the virtual machine(s)' +    vm.desc 'Starts one or more VMs'      vm.arg_name 'FILTER', :optional => true      vm.command :start do |start|        start.action do |global, options, args| @@ -31,7 +31,8 @@ module LeapCli; module Commands        end      end -    vm.desc 'Shuts down the virtual machine(s), but keeps the storage allocated (to save resources, run `leap vm rm` instead).' +    vm.desc 'Shuts down one or more VMs' +    vm.long_desc 'This keeps the storage allocated. To save resources, run `leap vm rm` instead.'      vm.arg_name 'FILTER', :optional => true      vm.command :stop do |stop|        stop.action do |global, options, args| @@ -39,7 +40,7 @@ module LeapCli; module Commands        end      end -    vm.desc 'Destroys the virtual machine(s)' +    vm.desc 'Destroys one or more VMs'      vm.arg_name 'FILTER', :optional => true      vm.command :rm do |rm|        rm.action do |global, options, args| @@ -47,7 +48,7 @@ module LeapCli; module Commands        end      end -    vm.desc 'Print the status of virtual machine(s)' +    vm.desc 'Print the status of all VMs'      vm.arg_name 'FILTER', :optional => true      vm.command [:status, :ls] do |status|        status.action do |global, options, args| @@ -55,8 +56,8 @@ module LeapCli; module Commands        end      end -    vm.desc "Binds a running virtual machine instance to a node configuration. "+ -            "Afterwards, the VM will be assigned a label matching the node name, "+ +    vm.desc "Binds a running VM instance to a node configuration." +    vm.long_desc "Afterwards, the VM will be assigned a label matching the node name, "+              "and the node config will be updated with the instance ID."      vm.arg_name 'NODE_NAME INSTANCE_ID'      vm.command 'bind' do |cmd| @@ -65,8 +66,8 @@ module LeapCli; module Commands        end      end -    vm.desc "Registers a SSH public key for use when creating new virtual machines. "+ -            "Note that only people who are creating new VM instances need to "+ +    vm.desc "Registers a SSH public key for use when creating new VMs." +    vm.long_desc "Note that only people who are creating new VM instances need to "+              "have their key registered."      vm.command 'key-register' do |cmd|        cmd.action do |global, options, args| @@ -74,8 +75,7 @@ module LeapCli; module Commands        end      end -    vm.desc "Lists the registered SSH public keys for a particular virtual "+ -            "machine provider." +    vm.desc "Lists the registered SSH public keys for a particular VM provider."      vm.command 'key-list' do |cmd|        cmd.action do |global, options, args|          do_vm_key_list(global, options, args) diff --git a/platform.rb b/platform.rb index 9f5e7bfd..5a286589 100644 --- a/platform.rb +++ b/platform.rb @@ -66,6 +66,7 @@ Leap::Platform.define do      # output files      :facts            => 'facts.json', +    :user_dir         => 'users/#{arg}',      :user_ssh         => 'users/#{arg}/#{arg}_ssh.pub',      :user_pgp         => 'users/#{arg}/#{arg}_pgp.pub',      :known_hosts      => 'files/ssh/known_hosts', | 
