Ref
https://github.com/geofront-auth/geofront
geofront-auth/geofront
Simple SSH key management service. Contribute to geofront-auth/geofront development by creating an account on GitHub.
github.com
Colonize automation for geofront server
# colonize.py
import os
import json
# create public key
create_pub_key = os.popen("ssh-keygen -y -f /var/lib/geofront/id_rsa > /var/lib/geofront/id_rsa.pub").read()
# load server list
with open("/opt/geofront/server/server.json", 'r') as f:
ds = json.load(f)
hosts = list()
for k, v in ds.items():
hosts.append(k)
# get password from env variable
pw = os.environ['PASSWORD']
# start coping to remote authorized_key
for host in hosts:
remote = ds[host]["account"]+"@"+ds[host]["ip"]
try:
cmd = "sh /ssh-copy-id.sh " + remote + " " + pw
print("Executing ssh-copy-id on: " + host)
exec_cmd = os.popen(cmd).read()
except:
e = os.popen("echo "+remote+" >> /failed_ssh_host.log").read()
print("Exception error: check /failed_ssh_host.log")
date = os.popen("date").read()# ssh-copy-id.sh
#!/bin/bash
remote=$1
pw=$2
# spawn & expect: enter for command line interaction
#spawn ssh-copy-id -o StrictHostKeyChecking=no -i /var/lib/geofront/id_rsa.pub $remote
expect << EOF
spawn ssh-copy-id -i /var/lib/geofront/id_rsa.pub $remote
expect {
"(yes/no)?" { send "yes\n"; exp_continue }
"password:" { send "$pw\n"; exp_continue }
eof
}'Devops' 카테고리의 다른 글
| NFS & DRBD & HEARTBEAT: HA NFS server (0) | 2021.06.17 |
|---|---|
| LXD: Copy container to remote LXD server (0) | 2021.06.17 |
| Prometheus & Grafana: Docker swarm monitoring (0) | 2021.06.17 |
| Kubernetes: Create Cluster with HA in v1.13 (0) | 2020.05.25 |
| Jenkins: Restart the server with URL (0) | 2020.05.25 |