wallenstein/algo
1
0
Fork 0
mirror of https://github.com/trailofbits/algo.git synced 2025-05-13 19:34:12 +02:00
Code Issues Projects Releases Wiki Activity

additional prompts #289

Browse source
This commit is contained in:
Jack Ivanov 2017-04-08 10:06:54 +02:00
parent b918fad669
commit 7214f41cfc
1 changed files with 24 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

30
algo
View file

@ -3,6 +3,7 @@
set -e set -e
SKIP_TAGS="_null encrypted" SKIP_TAGS="_null encrypted"
ADDITIONAL_PROMPT="[pasted values will not be displayed]"
additional_roles () { additional_roles () {
@ -68,32 +69,38 @@ azure () {
read -p " read -p "
Enter your azure secret id (https://github.com/trailofbits/algo/blob/master/docs/AZURE.md) Enter your azure secret id (https://github.com/trailofbits/algo/blob/master/docs/AZURE.md)
You can skip this step if you want to use your defaults credentials from ~/.azure/credentials You can skip this step if you want to use your defaults credentials from ~/.azure/credentials
$ADDITIONAL_PROMPT
[...]: " -rs azure_secret [...]: " -rs azure_secret
read -p " read -p "
Enter your azure tenant id (https://github.com/trailofbits/algo/blob/master/docs/AZURE.md) Enter your azure tenant id (https://github.com/trailofbits/algo/blob/master/docs/AZURE.md)
You can skip this step if you want to use your defaults credentials from ~/.azure/credentials You can skip this step if you want to use your defaults credentials from ~/.azure/credentials
$ADDITIONAL_PROMPT
[...]: " -rs azure_tenant [...]: " -rs azure_tenant
read -p " read -p "
Enter your azure client id (application id) (https://github.com/trailofbits/algo/blob/master/docs/AZURE.md) Enter your azure client id (application id) (https://github.com/trailofbits/algo/blob/master/docs/AZURE.md)
You can skip this step if you want to use your defaults credentials from ~/.azure/credentials You can skip this step if you want to use your defaults credentials from ~/.azure/credentials
$ADDITIONAL_PROMPT
[...]: " -rs azure_client_id [...]: " -rs azure_client_id
read -p " read -p "
Enter your azure subscription id (https://github.com/trailofbits/algo/blob/master/docs/AZURE.md) Enter your azure subscription id (https://github.com/trailofbits/algo/blob/master/docs/AZURE.md)
You can skip this step if you want to use your defaults credentials from ~/.azure/credentials You can skip this step if you want to use your defaults credentials from ~/.azure/credentials
$ADDITIONAL_PROMPT
[...]: " -rs azure_subscription_id [...]: " -rs azure_subscription_id
read -p " read -p "
Name the vpn server: Name the vpn server:
[algo]: " -r azure_server_name [algo]: " -r azure_server_name
azure_server_name=${azure_server_name:-algo} azure_server_name=${azure_server_name:-algo}
read -p " read -p "
What region should the server be located in? (https://azure.microsoft.com/en-us/regions/) What region should the server be located in? (https://azure.microsoft.com/en-us/regions/)
1. South Central US 1. South Central US
2. Central US 2. Central US
@ -161,16 +168,18 @@ Enter the number of your desired region:
digitalocean () { digitalocean () {
read -p " read -p "
Enter your API token (https://cloud.digitalocean.com/settings/api/tokens): Enter your API token. The token must have read and write permissions (https://cloud.digitalocean.com/settings/api/tokens):
[pasted values will not be displayed] $ADDITIONAL_PROMPT
: " -rs do_access_token : " -rs do_access_token
read -p " read -p "
Name the vpn server: Name the vpn server:
[algo.local]: " -r do_server_name [algo.local]: " -r do_server_name
do_server_name=${do_server_name:-algo.local} do_server_name=${do_server_name:-algo.local}
read -p " read -p "
What region should the server be located in? What region should the server be located in?
1. Amsterdam (Datacenter 2) 1. Amsterdam (Datacenter 2)
2. Amsterdam (Datacenter 3) 2. Amsterdam (Datacenter 3)
@ -211,21 +220,24 @@ ec2 () {
read -p " read -p "
Enter your aws_access_key (http://docs.aws.amazon.com/general/latest/gr/managing-aws-access-keys.html) Enter your aws_access_key (http://docs.aws.amazon.com/general/latest/gr/managing-aws-access-keys.html)
Note: Make sure to use either your root key (recommended) or an IAM user with an acceptable policy attached Note: Make sure to use either your root key (recommended) or an IAM user with an acceptable policy attached
[pasted values will not be displayed] $ADDITIONAL_PROMPT
[AKIA...]: " -rs aws_access_key [AKIA...]: " -rs aws_access_key
read -p " read -p "
Enter your aws_secret_key (http://docs.aws.amazon.com/general/latest/gr/managing-aws-access-keys.html) Enter your aws_secret_key (http://docs.aws.amazon.com/general/latest/gr/managing-aws-access-keys.html)
Note: Make sure to use either your root key (recommended) or an IAM user with an acceptable policy attached Note: Make sure to use either your root key (recommended) or an IAM user with an acceptable policy attached
[pasted values will not be displayed] $ADDITIONAL_PROMPT
[ABCD...]: " -rs aws_secret_key [ABCD...]: " -rs aws_secret_key
read -p " read -p "
Name the vpn server: Name the vpn server:
[algo]: " -r aws_server_name [algo]: " -r aws_server_name
aws_server_name=${aws_server_name:-algo} aws_server_name=${aws_server_name:-algo}
read -p " read -p "
What region should the server be located in? What region should the server be located in?
1. us-east-1 US East (N. Virginia) 1. us-east-1 US East (N. Virginia)
2. us-east-2 US East (Ohio) 2. us-east-2 US East (Ohio)
@ -271,11 +283,13 @@ Enter the local path to your credentials JSON file (https://support.google.com/c
: " -r credentials_file : " -r credentials_file
read -p " read -p "
Name the vpn server: Name the vpn server:
[algo]: " -r server_name [algo]: " -r server_name
server_name=${server_name:-algo} server_name=${server_name:-algo}
read -p " read -p "
What zone should the server be located in? What zone should the server be located in?
1. Western US (Oregon A) 1. Western US (Oregon A)
2. Western US (Oregon B) 2. Western US (Oregon B)
@ -324,11 +338,13 @@ Enter the IP address of your server: (or use localhost for local installation)
: " -r server_ip : " -r server_ip
read -p " read -p "
What user should we use to login on the server? (note: passwordless login required, or ignore if you're deploying to localhost) What user should we use to login on the server? (note: passwordless login required, or ignore if you're deploying to localhost)
[root]: " -r server_user [root]: " -r server_user
server_user=${server_user:-root} server_user=${server_user:-root}
read -p " read -p "
Enter the public IP address of your server: (IMPORTANT! This IP is used to verify the certificate) Enter the public IP address of your server: (IMPORTANT! This IP is used to verify the certificate)
[$server_ip]: " -r IP_subject [$server_ip]: " -r IP_subject
IP_subject=${IP_subject:-$server_ip} IP_subject=${IP_subject:-$server_ip}
@ -338,6 +354,7 @@ Enter the public IP address of your server: (IMPORTANT! This IP is used to verif
SKIP_TAGS+=" cloud update-alternatives" SKIP_TAGS+=" cloud update-alternatives"
read -p " read -p "
Was this server deployed by Algo previously? Was this server deployed by Algo previously?
[y/N]: " -r Deployed_By_Algo [y/N]: " -r Deployed_By_Algo
Deployed_By_Algo=${Deployed_By_Algo:-n} Deployed_By_Algo=${Deployed_By_Algo:-n}
@ -390,11 +407,12 @@ ssh_tunneling_enabled=${ssh_tunneling_enabled:-n}
read -p " read -p "
Enter the public IP address of your server: (IMPORTANT! This IP is used to verify the certificate) Enter the public IP address of your server: (IMPORTANT! This IP is used to verify the certificate)
: " -r IP_subject [$server_ip]: " -r IP_subject
IP_subject=${IP_subject:-$server_ip}
read -p " read -p "
Enter the password for the private CA key: Enter the password for the private CA key:
[pasted values will not be displayed] $ADDITIONAL_PROMPT
: " -rs easyrsa_CA_password : " -rs easyrsa_CA_password
ansible-playbook users.yml -e "server_ip=$server_ip server_user=$server_user ssh_tunneling_enabled=$ssh_tunneling_enabled IP_subject=$IP_subject easyrsa_CA_password=$easyrsa_CA_password" ansible-playbook users.yml -e "server_ip=$server_ip server_user=$server_user ssh_tunneling_enabled=$ssh_tunneling_enabled IP_subject=$IP_subject easyrsa_CA_password=$easyrsa_CA_password"