Skip to content

Instantly share code, notes, and snippets.

@double-z

double-z/recon.sh

Created March 19, 2016 23:21
Show Gist options
  • Save double-z/eec7c6568ae38cf45f8a to your computer and use it in GitHub Desktop.
Save double-z/eec7c6568ae38cf45f8a to your computer and use it in GitHub Desktop.
Download ZIP
get specs
Raw
recon.sh
#!/bin/bash
set -ox pipefail
##############
# GET OUR SPEC
#
ARGS_IN="$@"
argone="$1"
[ -n $2 ] && argtwo="$2"
UBUNTU=$(uname -a |
grep -i ubuntu > /dev/null
)
# ASSIGN ANY ARGUEMENTS
CENTOS=false
POLICY_GROUP=$2
POLICY_NAME=$3
FORCE=true
###
# * DERIVE PATHS
POLICY_GROUP_PATH=${POLICY_GROUP:=CLUSTER_NAME}
POLICY_NAME_PATH=${POLICY_GROUP}/${POLICY_NAME:-}
CLUSTER_NAMESERVERS=(8.8.8.8, 8.8.4.4)
CLUSTER_REGISTRY_URL=${CLUSTER_REGISTRY_URL:-127.0.0.1}
CLUSTER_USER_NAME=${CLUSTER_USER_NAME:$(whoami)}
CLUSTER_USER_HOME=${CLUSTER_USER_HOME:=CLUSTER_ROOT}
PASSWORD=$(
cat /dev/urandom \
| tr -dc 'a-zA-Z0-9' \
| fold -w 8 \
| head -n 1
)
###
# GATHER SYSTEM LEVEL SPECS
if [ -d "/home/vagrant/" ];then VAGRANT_DIR="/home/vagrant/"; DEFAULT_GW_IFACE='eth1';
else; DEFAULT_GW_IFACE=$(route -n | grep UG | awk '{print $8}');fi
DEFAULT_IFACE_IP=$(
ifconfig \
| grep -A 1 ^$DEFAULT_GW_IFACE \
| grep addr
| awk -Faddr: '{print $2}' \
| awk '{print $1}' \
| grep -v '^$'
)
DEFAULT_IFACE_SUBNET=$(
ifconfig \
| grep -A 1 ^$DEFAULT_GW_IFACE \
| grep addr \
| awk -FMask: '{print $2}' \
| awk '{print $1}' \
| grep -v '^$'
)
DEFAULT_IFACE_BROADCAST=$(
ifconfig \
| grep -A 1 ^$DEFAULT_GW_IFACE \
| grep addr \
| awk -FBcast: '{print $2}' \
| awk '{print $1}' \
| grep -v '^$'
)
DEFAULT_IFACE_MAC=$(
ifconfig |
grep ^$DEFAULT_GW_IFACE |
awk '{print $5}'
)
# TOTAL ALLOCATED CPU COUNT
export TOTAL_CPU=$(
grep '^processor' /proc/cpuinfo \
| sort -u \
| wc -l
)
# TOTAL ALLOCATED MEMORY
export MEMORY=$(free -m | grep Mem)
# FREE SWAP
export SWAP=$(free -m | grep Swap)
export TOTAL_MEM=$(echo $MEMORY | cut -f2 -d' ' )
export TOTAL_SWAP=$(echo $SWAP | cut -f2 -d' ')
export ARCH=`uname -p`
export ROOT_DISK_SPACE=$(
df -lh |
awk '{if ($6 == "/") { print $5 }}' |
head -1 |
cut -d'%' -f1
)
export REGISTRY_NAME=$(echo $DEFAULT_IFACE_IP | sed 's/\./_/g')
export NAME=$REGISTRY_NAME
##############
# FUNCTIONS
#
add_user_and_group() (
if [ ! -z ${CLUSTER_USER_HOME} ];
then
echo "USER: $CLUSTER_USER_NAME EXISTS"
else
echo "ADDING USER: $CLUSTER_USER_NAME"
useradd -d $CLUSTER_USER_HOME -m -s /bin/bash $CLUSTER_USER_NAME
chown -R $CLUSTER_USER_NAME.$CLUSTER_USER_NAME $CLUSTER_USER_HOME
printf "$PASSWORD\n$PASSWORD" | passwd $CLUSTER_USER_NAME
fi
)
set_sudo() (
echo "$(grep "$CLUSTER_USER_NAME ALL=(ALL) NOPASSWD: ALL" /etc/sudoers)"
if ! grep $CLUSTER_USER_NAME /etc/sudoers;
then
if ! grep "$CLUSTER_USER_NAME ALL=(ALL) NOPASSWD: ALL" /etc/sudoers;
then
echo "ADDING TO SUDOERS"
echo "$CLUSTER_USER_NAME ALL=(ALL) NOPASSWD: ALL" | tee -a /etc/sudoers
else
echo "SUDOERS ENTRY EXISTS"
fi
fi
)
install_curl() (
if ! $(which curl > /dev/null);
then
echo "INSTALLING CURL DEPENDENCY..."
if $UBUNTU;then
$PKG_MGR install curl -y
elif [ -z $CENTOS ]; then
echo "CENTOS"
fi
else
echo "NOT INSTALLING CURL DEPENDENCY..."
fi
)
install_unzip() (
if ! $(which unzip) > /dev/null;then
echo "INSTALLING UNZIP DEPENDENCY..."
if $UBUNTU;then
$PKG_MGR install unzip -y
elif [ -z $CENTOS ]; then
echo "CENTOS"
fi
else
echo "NOT INSTALLING UNZIP DEPENDENCY..."
fi
)
# TODO replace with runit
install_daemon() (
if ! which daemon > /dev/null;then
echo "INSTALLING DAEMON DEPENDENCY..."
if $UBUNTU;then
$PKG_MGR install daemon -y
elif [ -z $CENTOS ]; then
echo "CENTOS"
fi
else
echo "NOT INSTALLING DAEMON DEPENDENCY..."
fi
)
install_consul() (
if [ ! -f /usr/bin/consul ]; then
echo "INSTALLING CONSUL DEPENDENCY..."
echo Fetching Consul...
cd /tmp/
wget https://dl.bintray.com/mitchellh/consul/0.5.2_linux_amd64.zip -O consul.zip
wget https://releases.hashicorp.com/consul/0.5.2/consul_0.5.2_web_ui.zip -O consul_ui.zip
echo Installing Consul...
sudo mkdir /etc/consul.d
sudo chmod 777 /etc/consul.d
sudo mkdir /etc/consul_ui
sudo chmod 777 /etc/consul.d
unzip consul.zip
unzip consul_ui.zip
chmod +x consul
sudo mv dist /etc/consul_ui/
sudo mv consul /usr/bin/consul
else
echo "NOT INSTALLING CONSUL DEPENDENCY..."
fi
)
# consul_hash() (
# $(curl -X PUT http://localhost:8500/v1/kv/provisioning_registry/available/$NAME -d "{
# \"id\": \"$NAME\",
# \"ssh_user\": \"$CLUSTER_USER_NAME\",
# \"username\": \"$CLUSTER_USER_NAME\",
# \"machine_types\": [\"$MACHINE_TYPE\"],
# \"password\": \"$PASSWORD\",
# \"memory\": \"$TOTAL_MEM\",
# \"swap\": \"$TOTAL_SWAP\",
# \"cpu_count\": \"$TOTAL_CPU\"
# \"ip_address\": \"$DEFAULT_IFACE_IP\",
# \"subnet\": \"$DEFAULT_IFACE_SUBNET\",
# \"broadcast\": \"$DEFAULT_IFACE_BROADCAST\",
# \"mac_address\": \"$DEFAULT_IFACE_MAC\",
# \"root_disk_space\": \"$ROOT_DISK_SPACE\"
# }")
# )
start_consul() (
if ! pgrep consul > /dev/null;
then
echo "STARTING CONSUL..."
daemon -X "consul agent \
-data-dir /etc/consul.d \
-ui-dir /etc/consul_ui/dist \
-node $NAME \
-advertise $DEFAULT_IFACE_IP \
-syslog \
-bootstrap-expect 1 \
-server"
else
echo "CONSUL ALREADY RUNNING"
fi
)
CLUSTER_join() (
# wget http://$CLUSTER_IP:4567/v1/CLUSTER/register/$NAME
# Sleep to Allow time for Consul to settle
sleep 5
consul join $NAME
echo "RC: $(echo $?)"
)
create_registry_entry() (
# echo curl -X PUT http://localhost:8500/v1/kv/provisioning_registry/available/$NAME -d "$("eval consul_hash")"
curl -X PUT http://localhost:8500/v1/kv/provisioning_registry/available/$NAME -d "{
\"id\": \"$NAME\",
\"ssh_user\": \"$CLUSTER_USER_NAME\",
\"username\": \"$CLUSTER_USER_NAME\",
\"machine_types\": [\"$MACHINE_TYPE\"],
\"password\": \"$PASSWORD\",
\"memory\": \"$TOTAL_MEM\",
\"swap\": \"$TOTAL_SWAP\",
\"cpu_count\": \"$TOTAL_CPU\"
\"ip_address\": \"$DEFAULT_IFACE_IP\",
\"subnet\": \"$DEFAULT_IFACE_SUBNET\",
\"broadcast\": \"$DEFAULT_IFACE_BROADCAST\",
\"mac_address\": \"$DEFAULT_IFACE_MAC\",
\"root_disk_space\": \"$ROOT_DISK_SPACE\"
}"
echo "REGISTRATION EXIT CODE $(echo $?)"
)
# curl -X PUT http://localhost:8500/v1/kv/provisioning_registry/available/$NAME -d "{
# \"id\": \"$NAME\",
# \"ssh_user\": \"$CLUSTER_USER_NAME\",
# \"username\": \"$CLUSTER_USER_NAME\",
# \"machine_types\": [\"$MACHINE_TYPE\"],
# \"password\": \"$PASSWORD\",
# \"memory\": \"$TOTAL_MEM\",
# \"swap\": \"$TOTAL_SWAP\",
# \"cpu_count\": \"$TOTAL_CPU\"
# \"ip_address\": \"$DEFAULT_IFACE_IP\",
# \"subnet\": \"$DEFAULT_IFACE_SUBNET\",
# \"broadcast\": \"$DEFAULT_IFACE_BROADCAST\",
# \"mac_address\": \"$DEFAULT_IFACE_MAC\",
# \"root_disk_space\": \"$ROOT_DISK_SPACE\"
# }"
create_hosts_file_entry()(
echo "$CLUSTER_IP REGISTRY_URL" >> tee -a /etc/hosts
)
apt_get_update() (
$PKG_MGR update -qq > /dev/null
)
delete_existing_user() (
"DELETING USER $CLUSTER_USER_NAME..."
userdel -r CLUSTER
)
###
# Aight. Lets Party.
registry_run() (
if $UBUNTU ;then
log_cmd 'apt-get update'
apt_get_update
fi
add_user_and_group
set_sudo
install_curl
install_unzip
install_daemon
##
# Create Registry
install_consul
start_consul
log_info "JOINING CLUSTER CLUSTER..."
CLUSTER_join
log_info "REGISTERING $NAME WITH CLUSTER..."
create_registry_entry
)
###
# RED TEAM GO
main() {
if [ ! -z $CLUSTER_USER_HOME ];then
if [ ! -z $FORCE ]; then
delete_existing_user
registry_run
else
log_bold_info "ALREADY REGISTERED"
fi
else
registry_run
fi
}
parse_opts "$@"
main "$@"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment