Add script for creating new hosts

2025-02-12 19:30:10 +01:00
parent 03d7816617
commit 95e1bd1299
2 changed files with 78 additions and 0 deletions
--- a/scripts/add_new_host_keys.sh
+++ b/scripts/add_new_host_keys.sh
@@ -0,0 +1,76 @@
+set -o errexit
+set -o pipefail
+
+dbpath="./machines/secrets/keys/itag.kdbx"
+
+if [ ! -e flake.nix ]
+    then
+    echo "flake.nix not found. Searching down."
+    while [ ! -e flake.nix ]
+        do
+        if [ $PWD = "/" ]
+            then
+            echo "Found root. Aborting."
+            exit 1
+            else
+            cd ..
+        fi
+    done
+fi
+
+if [ "$1" = "list" ]; then
+    read -sp "Enter password for keepassxc: " pw
+    echo "$pw" | keepassxc-cli ls -R $dbpath hosts
+    exit 0
+    
+elif [ "$1" = "add" ]; then
+    read -p "Enter new host name: " host
+    read -sp "Enter password for keepassxc: " pw
+
+    # Create a temporary directory
+    temp=$(mktemp -d)
+
+    # Function to cleanup temporary directory on exit
+    cleanup() {
+    rm -rf "$temp"
+    }
+    trap cleanup EXIT
+
+    # Generate SSH keys
+    ssh-keygen -f $temp/"$host" -t ed25519 -N ""
+    ssh-keygen -f $temp/"$host"-init -t ed25519 -N ""
+
+    ls $temp
+
+    # add folder
+    echo "$pw" | keepassxc-cli mkdir $dbpath hosts/$host
+
+    # add entries
+    echo "$pw" | keepassxc-cli add $dbpath hosts/$host/sshkey
+    echo "$pw" | keepassxc-cli add $dbpath hosts/$host/sshkey-init
+    echo "$pw" | keepassxc-cli add -glUn -L 20 $dbpath hosts/$host/encryption
+
+    # Import keys
+    echo "$pw" | keepassxc-cli attachment-import $dbpath hosts/$host/sshkey private "$temp/$host"
+    echo "$pw" | keepassxc-cli attachment-import $dbpath hosts/$host/sshkey public "$temp/$host.pub"
+
+    # Import init keys
+    echo "$pw" | keepassxc-cli attachment-import $dbpath hosts/$host/sshkey-init private "$temp/$host-init"
+    echo "$pw" | keepassxc-cli attachment-import $dbpath hosts/$host/sshkey-init public "$temp/$host-init.pub"
+
+    # Show entries
+    echo "$pw" | keepassxc-cli show -a Title --show-attachments $dbpath hosts/$host/sshkey
+    echo "$pw" | keepassxc-cli show -a Title --show-attachments $dbpath hosts/$host/sshkey-init
+
+    # Create mac-address
+    echo "Hier ist eine reproduzierbare mac-addresse:"
+    echo "$host"|md5sum|sed 's/^\(..\)\(..\)\(..\)\(..\)\(..\).*$/02:\1:\2:\3:\4:\5/'
+
+    exit 0
+    
+else
+    echo
+    echo "Add a new host to the DB and generate ssh keys and encryption key."
+    echo "Usage: $0 [list|add]"
+    exit 1
+fi