onnimonni · November 28, 2016 10:13
diff --git a/flynn-login.sh b/flynn-login.sh
 #!/bin/bash

 ##
 # Login into any Flynn node without checking strict host key checking and run given command
 # $1 - address for the cluster
 # $2...n - command to run in server
 ##
 function flynn_ssh_helper() {
    cluster_domain=$1
    ssh -oStrictHostKeyChecking=no $(dig +short $cluster_domain | head -n1) "${@:2}" 2>/dev/null
 }

 ##
 # Helper to login to flynn
 # $1 - cluster name
 # $2 - cluster domain
 ##
 function flynn_login_helper() {
    export CLUSTER_NAME=$1
    export CLUSTER_DOMAIN=$2
    echo "---> Getting tls pin from $CLUSTER_DOMAIN with openssl..."
    tls_pin=$(openssl s_client -connect controller.$CLUSTER_DOMAIN:443 -servername controller.$CLUSTER_DOMAIN 2>/dev/null </dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' | openssl x509 -inform PEM -outform DER | openssl dgst -binary -sha256 | openssl base64)
    if [ -z $tls_pin ]; then
        echo "[ERROR]: Can't get tls pin from $CLUSTER_DOMAIN, is the certificate valid?"
        return 1
    fi

    echo "---> Getting password from $CLUSTER_DOMAIN with ssh..."
    dashboard_container_id=$(flynn_ssh_helper $CLUSTER_DOMAIN flynn-host ps | grep dashboard | head -n1 | cut -f1 -d ' ')
    password=$(flynn_ssh_helper $CLUSTER_DOMAIN flynn-host inspect $dashboard_container_id | grep CONTROLLER_KEY | xargs echo | cut -f2 -d ' ')

    if [ -z $password ]; then
        echo "[ERROR]: Can't get password from $CLUSTER_DOMAIN, do you have permissions to login?"
        return 1
    fi

    echo "[INFO]: Creating authentication into ~/.flynnrc for cluster $CLUSTER_NAME"
    flynn cluster add -p $tls_pin $CLUSTER_NAME $CLUSTER_DOMAIN $password --force
    RESULT=$?
    if [ $RESULT != 0 ]; then
        echo "[ERROR]: Something went wrong..."
    fi
 }

 if [ -z $1 ]; then
    echo "You need to provide name for the cluster as first parameter..."
    echo "usage: $0 stage stage.example.com"
    exit 1
 elif [ -z $2 ]; then
    echo "You need to provide the address of the cluster as second parameter..."
    echo "usage: $0 $1 $1.example.com"
    exit 1
 fi

 # Set name and domain from paramaters
 CLUSTER_NAME=$1
 CLUSTER_DOMAIN=$2

 echo "[INFO]: Setting up flynn environment..."

 if ! command -v flynn >/dev/null 2>&1 flynn; then
    echo "---> installing flynn cli..."
    L=/usr/local/bin/flynn
    curl -sSL -A "`uname -sp`" https://dl.flynn.io/cli | zcat >$L && chmod +x $L
 else
    echo "---> flynn binary is already installed"
 fi

 echo "[INFO]: Checking ssh connection..."
 ssh -q -oStrictHostKeyChecking=no $(dig +short $CLUSTER_DOMAIN | head -n1) exit 2>/dev/null
 RESULT=$?
 if [ $RESULT != 0 ]; then
    echo "[ERROR]: Can't login with ssh, do you have access for $USER@$CLUSTER_DOMAIN?"
    exit 1
 else
    echo "---> Success: SSH authentication works..."
 fi

 # Login to the environment
 flynn_login_helper $CLUSTER_NAME $CLUSTER_DOMAIN
	#!/bin/bash

	##
	# Login into any Flynn node without checking strict host key checking and run given command
	# $1 - address for the cluster
	# $2...n - command to run in server
	##
	function flynn_ssh_helper() {
	cluster_domain=$1
	ssh -oStrictHostKeyChecking=no $(dig +short $cluster_domain \| head -n1) "${@:2}" 2>/dev/null
	}

	##
	# Helper to login to flynn
	# $1 - cluster name
	# $2 - cluster domain
	##
	function flynn_login_helper() {
	export CLUSTER_NAME=$1
	export CLUSTER_DOMAIN=$2
	echo "---> Getting tls pin from $CLUSTER_DOMAIN with openssl..."
	tls_pin=$(openssl s_client -connect controller.$CLUSTER_DOMAIN:443 -servername controller.$CLUSTER_DOMAIN 2>/dev/null </dev/null \| sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' \| openssl x509 -inform PEM -outform DER \| openssl dgst -binary -sha256 \| openssl base64)
	if [ -z $tls_pin ]; then
	echo "[ERROR]: Can't get tls pin from $CLUSTER_DOMAIN, is the certificate valid?"
	return 1
	fi

	echo "---> Getting password from $CLUSTER_DOMAIN with ssh..."
	dashboard_container_id=$(flynn_ssh_helper $CLUSTER_DOMAIN flynn-host ps \| grep dashboard \| head -n1 \| cut -f1 -d ' ')
	password=$(flynn_ssh_helper $CLUSTER_DOMAIN flynn-host inspect $dashboard_container_id \| grep CONTROLLER_KEY \| xargs echo \| cut -f2 -d ' ')

	if [ -z $password ]; then
	echo "[ERROR]: Can't get password from $CLUSTER_DOMAIN, do you have permissions to login?"
	return 1
	fi

	echo "[INFO]: Creating authentication into ~/.flynnrc for cluster $CLUSTER_NAME"
	flynn cluster add -p $tls_pin $CLUSTER_NAME $CLUSTER_DOMAIN $password --force
	RESULT=$?
	if [ $RESULT != 0 ]; then
	echo "[ERROR]: Something went wrong..."
	fi
	}

	if [ -z $1 ]; then
	echo "You need to provide name for the cluster as first parameter..."
	echo "usage: $0 stage stage.example.com"
	exit 1
	elif [ -z $2 ]; then
	echo "You need to provide the address of the cluster as second parameter..."
	echo "usage: $0 $1 $1.example.com"
	exit 1
	fi

	# Set name and domain from paramaters
	CLUSTER_NAME=$1
	CLUSTER_DOMAIN=$2

	echo "[INFO]: Setting up flynn environment..."

	if ! command -v flynn >/dev/null 2>&1 flynn; then
	echo "---> installing flynn cli..."
	L=/usr/local/bin/flynn
	curl -sSL -A "`uname -sp`" https://dl.flynn.io/cli \| zcat >$L && chmod +x $L
	else
	echo "---> flynn binary is already installed"
	fi

	echo "[INFO]: Checking ssh connection..."
	ssh -q -oStrictHostKeyChecking=no $(dig +short $CLUSTER_DOMAIN \| head -n1) exit 2>/dev/null
	RESULT=$?
	if [ $RESULT != 0 ]; then
	echo "[ERROR]: Can't login with ssh, do you have access for $USER@$CLUSTER_DOMAIN?"
	exit 1
	else
	echo "---> Success: SSH authentication works..."
	fi

	# Login to the environment
	flynn_login_helper $CLUSTER_NAME $CLUSTER_DOMAIN