tsndr/sync-ssh-keys
1
1
Fork 0
Code Pull Requests Activity

Introduce groups to be able to manage more users

Browse Source
This commit is contained in:
Toby
2021-11-04 14:54:02 +01:00
parent ebf12ecada
commit dde8db9f13
3 changed files with 59 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
config-example.yaml
View File

@@ -1,15 +1,26 @@
keys:
john-doe: ssh-rsa XXXXXXXXX
jane-doe: ssh-rsa YYYYYYYYY
groups:
admin:
- john-doe
marketing:
- jane-doe
hosts: hosts:
- host: google.com - host: google.com
users: users:
- root root:
- admin groups:
- admin
other-ssh-user:
groups:
- marketing
keys:
- john-doe
- host: amazon.com - host: amazon.com
users: users:
- root root:
keys: groups:
- name: johndoe@gmail.com - admin
description: John Doe
key: ssh-rsa XXXXXXXXX
- name: janedoe@gmail.com
description: Jane Doe
key: ssh-rsa YYYYYYYYY

30
monitor.py
View File

@@ -5,14 +5,13 @@ import threading
import yaml import yaml
class task_thread(threading.Thread): class task_thread(threading.Thread):
def __init__(self, host, user, keys, host_length): def __init__(self, host, user, host_length):
threading.Thread.__init__(self) threading.Thread.__init__(self)
self.host = host self.host = host
self.user = user self.user = user
self.keys = keys
self.host_length = host_length self.host_length = host_length
def run(self): def run(self):
update_keys(self.host, self.user, self.keys, self.host_length) load_metrics(self.host, self.user, self.host_length)
def read_config(): def read_config():
with open('config.yaml', 'r') as stream: with open('config.yaml', 'r') as stream:
@@ -45,7 +44,7 @@ def parse_top_string(data):
return load, cpu_percent, ram_total, ram_free return load, cpu_percent, ram_total, ram_free
def update_keys(host, user, keys, host_length): def load_metrics(host, user, host_length):
try: try:
client = paramiko.SSHClient() client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.MissingHostKeyPolicy()) client.set_missing_host_key_policy(paramiko.MissingHostKeyPolicy())
@@ -70,27 +69,20 @@ def main():
host_length = 0 host_length = 0
for host in config['hosts']: for host in config['hosts']:
if host.get('users') == None: for user in host['users'].keys():
host['users'] = ['root']
for user in host['users']:
if len(user) + len(host['host']) > host_length: if len(user) + len(host['host']) > host_length:
host_length = len(user) + len(host['host']) host_length = len(user) + len(host['host'])
keys = []
for key in config['keys']:
keys.append(key['key'])
print('Host'.center(host_length + 3) + ' ' + 'Load'.center(25) + ' ' + 'Ram Usage'.center(26)) print('Host'.center(host_length + 3) + ' ' + 'Load'.center(25) + ' ' + 'Ram Usage'.center(26))
for host in config['hosts']: for host in config['hosts']:
if host.get('users') == None: if 'root' not in host['users'].keys():
host['users'] = ['root'] continue
for user in host['users']: try:
try: thread = task_thread(host['host'], 'root', host_length)
thread = task_thread(host['host'], user, keys, host_length) thread.start()
thread.start() except:
except: print('' + user + '@' + host['host'])
print('' + user + '@' + host['host'])
if __name__ == '__main__': if __name__ == '__main__':
main() main()

39
sync.py
View File

@@ -22,29 +22,44 @@ def update_keys(host, user, keys):
client = paramiko.SSHClient() client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.MissingHostKeyPolicy()) client.set_missing_host_key_policy(paramiko.MissingHostKeyPolicy())
client.connect(host, username = user, timeout = 1) client.connect(host, username = user, timeout = 1)
client.exec_command('echo "###\n# Warning this file has been generated and will be overwritten!\n###\n\n' + '\n'.join(keys) + '" > ~/.ssh/authorized_keys2') client.exec_command('echo "###\n# Warning this file has been generated and will be overwritten!\n###\n' + '\n'.join(keys) + '" > ~/.ssh/authorized_keys2')
client.close() client.close()
print('' + user + '@' + host) print('' + user + '@' + host)
except Exception: except Exception:
print('' + user + '@' + host) print('' + user + '@' + host)
def find_by_name(name, elements):
found = [element for element in elements if element['name'] == name]
if not found:
return False
return found[0]
def main(): def main():
config = read_config() config = read_config()
keys = []
for key in config['keys']:
keys.append(key['key'])
for host in config['hosts']: for host in config['hosts']:
if host.get('users') == None: for user_name, user_data in host['users'].items():
host['users'] = ['root'] host_keys = []
for user in host['users']: if 'groups' in user_data.keys():
for group in user_data['groups']:
if group not in config['groups'].keys():
print('WARNING: Key-group "' + group + '" not found!')
continue
for key_name in config['groups'][group]:
host_keys.append(config['keys'][key_name])
if 'keys' in user_data.keys():
for key_name in user_data['keys']:
if key_name not in config['keys'].keys():
print('WARNING: Key "' + key_name + '" not found!')
continue
host_keys.append(config['keys'][key_name])
host_keys = list(set(host_keys)) # Filter duplicates
if not host_keys:
continue
try: try:
thread = task_thread(host['host'], user, keys) thread = task_thread(host['host'], user_name, host_keys)
thread.start() thread.start()
except: except:
print('' + user + '@' + host['host']) print('' + user_name + '@' + host['host'])
if __name__ == '__main__': if __name__ == '__main__':
main() main()