Auto-handling of ssh keys for Acquia Hosting

autokey-acquia.sh

#!/bin/bash

# Acquia

CLOUDAPI_ID='id'
CLOUDAPI_KEY='key'
DOCROOT="docroot"
CREDS="${CLOUDAPI_ID}:${CLOUDAPI_KEY}"

ssh-keygen -q -b 4096 -t rsa -N "" -f ./script.key

PUBKEY=`cat ./script.key.pub`

RESPONSE=`curl -s -u $CREDS \
  -X POST --data-binary "{\"ssh_pub_key\":\"${PUBKEY}\"}" \
  https://cloudapi.acquia.com/v1/sites/"${DOCROOT}"/sshkeys.json?nickname=script`

TASKID=`echo $RESPONSE \
  | grep -o '\"id.*' \
  | grep -o "[0-9]*" \
  | grep -m 1 "[0-9]*"`

STATUS='null'
until [[ $STATUS =~ ^error|done$ ]]; do
  STATUS=`curl -s -u $CREDS \
  https://cloudapi.acquia.com/v1/sites/"${DOCROOT}"/tasks/"${TASKID}".json \
  | grep -o 'state.*' \
  | grep -o '[a-z]*' \
  | sed -n 2p`
  echo "ADDING SSH KEY: ${STATUS}"
  sleep 5
done

SSHID=`echo $RESPONSE \
  | grep -o "sshkeyid.*" \
  | grep -o "[0-9]*" \
  | grep -m 1 "[0-9]*"`

# Do remote work over ssh here...

curl -s -u $CREDS -X DELETE \
  https://cloudapi.acquia.com/v1/sites/"${DOCROOT}"/sshkeys/"${SSHID}".json \
  -o /dev/null

rm -rf ./script.key*

autokey-github.sh

#!/bin/bash

# Github

TOKEN='your-token' # must have admin:public_key for DELETE

ssh-keygen -q -b 4096 -t rsa -N "" -f ./script.key

PUBKEY=`cat ./script.key.pub`

RESPONSE=`curl -s -H "Authorization: token ${TOKEN}" \
  -X POST --data-binary "{\"title\":\"nr@blackhole\",\"key\":\"${PUBKEY}\"}" \
  https://api.github.com/user/keys`

KEYID=`echo $RESPONSE \
  | grep -o '\"id.*' \
  | grep -o "[0-9]*" \
  | grep -m 1 "[0-9]*"`

echo "Public key deployed to remote service."

# do some work here

sleep 10

curl -s -H "Authorization: token ${TOKEN}" -X DELETE \
   https://api.github.com/user/keys/${KEYID} \
  -o /dev/null

echo "Public key removed from remote service."

rm -rf ./script.key*