rebuild repo to ovhcli

Makefile

@@ -0,0 +1,59 @@
+NAME="ovhcli"
+VERSION="0.0.1"
+
+DIRS=etc bin
+INSTALL_DIRS=`find $(DIRS) -type d 2>/dev/null`
+INSTALL_FILES=`find $(DIRS) -type f 2>/dev/null`
+DOC_FILES=*.md
+PKG_DIR=pkg
+PKG_NAME=$(NAME)-$(VERSION)
+PKG=$(PKG_DIR)/$(PKG_NAME).tar.gz
+#SIG=$(PKG_DIR)/$(PKG_NAME).asc
+
+PREFIX?=/usr/local
+DOC_DIR=$(PREFIX)/share/doc/$(PKG_NAME)
+
+pkg:
+	@mkdir -p $(PKG_DIR)
+
+$(PKG): pkg
+	@echo "Create Package $(PKG)"
+	@tar -zcf $(PKG) $(DIRS) $(DOC_FILES)
+
+build: $(PKG)
+
+#$(SIG): $(PKG)
+#	gpg --sign --detach-sign --armor $(PKG)
+
+#sign: $(SIG)
+
+clean:
+#	rm -f $(PKG) $(SIG)
+	@echo "Remove $(PKG)"
+	@rm -f $(PKG)
+
+#all: $(PKG) $(SIG)
+all: $(PKG)
+
+tag:
+	@echo "Set Git Tag to v$(VERSION)"
+	@git tag v$(VERSION)
+	@git push --tags
+
+#release: $(PKG) $(SIG) tag
+release: $(PKG) tag
+
+install:
+	@echo "Install all files into $(PREFIX)/"
+	@for dir in $(INSTALL_DIRS); do sudo mkdir -p $(PREFIX)/$$dir; done
+	@for file in $(INSTALL_FILES); do sudo cp $$file $(PREFIX)/$$file; done
+	@sudo mkdir -p $(DOC_DIR)
+	@sudo cp -r README.md $(DOC_DIR)/
+	@echo -e "\nCongrats! Now you should be able to run '$(PKG_NAME)' from your PATH\n"
+
+uninstall:
+	@echo "Uninstall all files from $(PKG_NAME)-$(VERSION)"
+	@for file in $(INSTALL_FILES); do sudo rm -f $(PREFIX)/$$file; done
+	@sudo rm -r $(DOC_DIR)
+
+.PHONY: build clean test tag release install uninstall all

README.md

@@ -1,3 +1,87 @@
-# ovhcli
+# OVH-BASH
 
-this repository contains all needed bash functions to interact with OVH API 
+This is a simple **OVH API wrapper** in BASH
+
+All API specifications is here : [OVH API](https://eu.api.ovh.com/console/?section=%2FallDom&branch=v1)
+
+It use the same configuration file as for the [go-ovh](https://github.com/ovh/go-ovh?tab=readme-ov-file#application-keyapplication-secret) wrapper
+
+## Token creation
+
+You need to follow : [createApp](https://www.ovh.com/auth/api/createApp)
+And add the Application_key,secret_key and consumer_key to the [ovh.conf](/../golang/ovh.conf)
+
+## How to use
+
+**Examples**
+1. Get all VPS
+```bash
+./ovhcli get vps
+
+[
+  "vps-3e2da6b4.vps.ovh.net",
+  "vps-556c9180.vps.ovh.net",
+  "vps-59e2e922.vps.ovh.net",
+  "vps-76fdb68a.vps.ovh.net",
+  "vps-89819518.vps.ovh.net",
+  "vps-b280dcff.vps.ovh.net",
+  "vps-f31d3392.vps.ovh.net"
+]
+```
+2. Get all records for a DNS Zone "linuxforward.com"
+```bash
+./ovhcli get domain/zone/linuxforward.com/record/
+[
+  5344790631,
+  5344790632,
+  5344790633,
+  5344790634,
+  5344790635,
+  5344790636,
+  5344790637,
+  [...]
+  5344790668,
+  5344790669,
+  5344790670,
+  5344790671
+]
+```
+
+3. Get info from a specific DNS Zone record
+
+```bash
+./ovhcli get domain/zone/linuxforward.com/record/5344790650
+{
+  "fieldType": "A",
+  "id": 5344790650,
+  "subDomain": "demodev",
+  "target": "51.91.101.38",
+  "ttl": 0,
+  "zone": "linuxforward.com"
+}
+
+```
+
+4. List all details from all VPS
+```bash
+./ovhcli get vps | jq -r '.[]' | while read vps;  do ./ovhcli get vps/${vps} | jq  '[.name, .model.name, .model.version, .model.disk, .model.memory]|@tsv' ; done | column -t
+vps-3e2da6b4.vps.ovh.net  vps-value-1-2-40    2019v1  40  2048
+vps-556c9180.vps.ovh.net  vps-value-1-2-40    2019v1  40  2048
+vps-59e2e922.vps.ovh.net  vps-value-1-2-40    2019v1  40  2048
+vps-76fdb68a.vps.ovh.net  vps-starter-1-2-20  2019v1  20  2048
+vps-89819518.vps.ovh.net  vps-value-1-2-40    2019v1  40  2048
+vps-b280dcff.vps.ovh.net  vps-value-1-2-40    2019v1  40  2048
+vps-f31d3392.vps.ovh.net  vps-starter-1-2-20  2019v1  20  2048
+```
+
+5. If credentials are revoked
+
+```bash
+./ovhcli get vps
+{
+  "class": "Client::Forbidden",
+  "message": "This credential is not valid",
+  "httpCode": "403 Forbidden",
+  "errorCode": "INVALID_CREDENTIAL"
+}
+```

bin/delDNSName

@@ -0,0 +1,17 @@
+#!/bin/bash
+
+SUB_DOMAIN="${1:?Need customer subdomain code}"
+ZONE="linuxforward.com"
+
+# get subdomain record id
+record_id=$( ./ovhcli get "domain/zone/${ZONE}/record?fieldType=A&subDomain=${SUB_DOMAIN}" | jq -r '.[]' )
+
+if [ -n "${record_id}" ]; then
+  ./ovhcli delete "domain/zone/${ZONE}/record/${record_id}" | jq -r 'select(. != null)'
+  sleep 2
+  ./ovhcli post "domain/zone/${ZONE}/refresh" | jq -r 'select(. != null)'
+else
+  echo "Could not find any RecordID for ${SUB_DOMAIN}"
+fi
+
+exit $?

bin/delSSHKey

@@ -0,0 +1,7 @@
+#!/bin/bash
+
+KEY_NAME="${1:?need a SSHKey name from /me}"
+
+./ovhcli delete "me/sshKey/${KEY_NAME}" | jq -r 'select(. != null)'
+
+exit $?

bin/getImageDetails

@@ -0,0 +1,7 @@
+#!/bin/bash
+
+SRV="${1:?Need a fqdn}"
+
+./ovhcli get "vps/${SRV}/images/current" | jq -r '.'
+
+exit $?

bin/getSSHKeys

@@ -0,0 +1,7 @@
+#!/bin/bash
+
+KEY_NAME="${1:?need a SSHKey name from /me}"
+
+./ovhcli get "me/sshKey/${KEY_NAME}"
+
+exit $?

bin/getSecret

@@ -0,0 +1,10 @@
+#!/bin/bash
+
+# get Email Secret ID :
+last_id=$( ./ovhcli get me/notification/email/history | jq 'last(.[])' )
+secret_id=$( ./ovhcli get "me/notification/email/history/${last_id}"  | jq -r '.body' | awk '/secret/ { split($NF,a,"=") ; print a[2] }' )
+
+# retrieve or set Password from email link
+./ovhcli post secret/retrieve '{ "id": "'"${secret_id}"'" }' | jq -r '.secret'
+
+exit $?

bin/newSSHKey

@@ -0,0 +1,36 @@
+#!/bin/bash
+
+KEY_NAME="${1:?need a SSHKey name from /me}"
+KEY_DIR="${HOME}/.ssh/keys.d"
+
+# check if sshkey exists locally
+if [ -e "${KEY_DIR}/${KEY_NAME}" ] ; then
+  echo "SSH Key ${KEY_DIR}/${KEY_NAME} already exists locally"
+else
+  echo "SSH Key ${KEY_DIR}/${KEY_NAME} not found locally"
+  echo ">>> Creating it ..."
+  ssh-keygen -t ed25519 -f "${KEY_DIR}/${KEY_NAME}" -C "OVH_${KEY_NAME}" -q -N ""
+  ./delSSHKey "${KEY_NAME}"
+fi
+PUBKEY="$( cat "${KEY_DIR}/${KEY_NAME}.pub" )"
+
+# check if KEY_NAME exists into OVH User Account /me
+# remote_keyname = "string or empty"
+remote_keyname=$( ./ovhcli get "me/sshKey" | jq --arg v "${KEY_NAME}" -r '.|to_entries[]|select(.value == $v ).value' )
+
+# if remote_keyname exists check if pubkey is matching.
+remote_pubkey=$( ./ovhcli get "me/sshKey/${KEY_NAME}" | jq -r '.key' )
+  
+# if remote_keyname does not match KEY_NAME = this KEY_NAME is not already uploaded into OVH Account
+if [ -z "${remote_keyname}" ] || [ "${remote_pubkey}" != "${PUBKEY}" ] ; then
+  echo "SSH Keys does not exists remotely"
+  echo ">>> Uploading ${KEY_DIR}/${KEY_NAME} to OVH account"
+  HTTP_PAYLOAD='{ "key": "'${PUBKEY}'", "keyName": "'${KEY_NAME}'" }'
+
+  ./ovhcli post "me/sshKey" "${HTTP_PAYLOAD}" | jq -r 'select(. != null)'
+
+else
+  echo "SSH Keys are up-to-date"
+fi
+
+exit $?

bin/ovhcli

@@ -0,0 +1,47 @@
+#!/bin/bash
+# shellcheck disable=SC1090 # https://www.shellcheck.net/wiki/SC1090
+# shellcheck disable=SC2154 # https://www.shellcheck.net/wiki/SC2154
+# shellcheck disable=SC2016 # https://www.shellcheck.net/wiki/SC2016
+
+# main variables
+# using same config file than for Golang script
+OVH_CONF="${OVH_CONF:-../etc/ovh.conf}"
+OVH_API_VERSION="1.0"
+PATH="/usr/local/bin:${PATH}"
+#OUTPUT="${OUTPUT:-json}"
+
+# source all ovh keys
+source <( grep '=' "${OVH_CONF}" )
+
+# Create ENDPOINT
+case "${endpoint}" in
+  ovh-eu) ENDPOINT="https://eu.api.ovh.com/${OVH_API_VERSION}" ;;
+  ovh-us) ENDPOINT="https://us.api.ovh.com/${OVH_API_VERSION}" ;;
+  ovh-ca) ENDPOINT="https://ca.api.ovh.com/${OVH_API_VERSION}" ;;
+  *) echo "${endpoint} is not yet supported" ; exit ;;
+esac
+
+# Signing process
+# @"method" "url" "post_data" "timestamp"
+TIME=$( curl -s "${ENDPOINT}/auth/time" )
+
+# Method
+# ovhcli get vps
+HTTP_METHOD="${1:?need a http method}"
+HTTP_QUERY="${ENDPOINT}/${2:?need a query}"
+HTTP_PAYLOAD="${3}"
+
+CLEAR_SIGN="${application_secret}+${consumer_key}+${HTTP_METHOD^^}+${HTTP_QUERY}+${HTTP_PAYLOAD}+${TIME}"
+SIG='$1$'$( echo -n "${CLEAR_SIGN}" | sha1sum - | cut -d' ' -f1 )
+
+# curl call
+curl -sL -X "${HTTP_METHOD^^}" \
+	-H "Content-Type:application/json;charset=utf-8" \
+	-H "X-Ovh-Application:${application_key}" \
+	-H "X-Ovh-Timestamp:${TIME}" \
+	-H "X-Ovh-Signature:${SIG}" \
+	-H "X-Ovh-Consumer:${consumer_key}" \
+	--data "${HTTP_PAYLOAD}" "${HTTP_QUERY}" \
+	| jq '.'
+
+exit $?

bin/setDNSName

@@ -0,0 +1,17 @@
+#!/bin/bash
+
+SRV="${1:?Need a current server fqdn}"
+ZONE="linuxforward.com"
+TTL=0
+
+SRV_IP=$( host "${SRV}" | awk '!/:/ { print $NF }' )
+SUB_DOMAIN_1="$( awk '$0 ~ /^\w{5}$/ { print tolower($1) }' /usr/share/dict/words | sort -n | uniq | shuf -n 1 )"
+SUB_DOMAIN_2="$( awk '$0 ~ /^\w{5}$/ { print tolower($1) }' /usr/share/dict/words | sort -n | uniq | shuf -n 1 )"
+
+HTTP_PAYLOAD='{ "fieldType": "A", "subDomain": "'${SUB_DOMAIN_1}-${SUB_DOMAIN_2}'", "target": "'${SRV_IP}'", "ttl": '${TTL}' }'
+
+./ovhcli post "domain/zone/${ZONE}/record" "${HTTP_PAYLOAD}"
+sleep 2
+./ovhcli post "domain/zone/${ZONE}/refresh" | jq -r 'select(. != null)'
+
+exit $?

bin/setNewName

@@ -0,0 +1,9 @@
+#!/bin/bash
+
+SRV=${1:?need a fqdn}
+NEWDISPLAY_NAME=${2:?new display name, a human readable one}
+HTTP_PAYLOAD='{ "displayName": "'${NEWDISPLAY_NAME}'" }'
+
+./ovhcli put "vps/${SRV}" "${HTTP_PAYLOAD}" | jq -r 'select(. != null)'
+
+exit $?

bin/vpsReinstall

@@ -0,0 +1,14 @@
+#!/bin/bash
+
+SRV="${1:?Need a fqdn}"
+SSHKEY_NAME="${2:-vpsbot}"
+
+sshpubkey=$( ./getSSHKeys "${SSHKEY_NAME}" | jq -r '.key' )
+current_image_id=$( ./getImageDetails "${SRV}" | jq -r '.id' )
+
+IMAGE_ID="${3:-${current_image_id}}"
+HTTP_PAYLOAD='{ "doNotSendPassword": true, "publicSshKey": "'${sshpubkey}'", "imageId": "'${IMAGE_ID}'" }'
+
+./ovhcli post "vps/${SRV}/rebuild" "${HTTP_PAYLOAD}"
+
+exit $?

bin/vps_postinstall

@@ -0,0 +1,4 @@
+#!/bin/bash
+
+sudo apt update
+sudo apt -y install htop

etc/ovh.conf

@@ -0,0 +1,11 @@
+# https://github.com/ovh/go-ovh?tab=readme-ov-file#application-keyapplication-secret
+[default]
+; general configuration: default endpoint
+endpoint=ovh-eu
+
+[ovh-eu]
+; configuration specific to 'ovh-eu' endpoint
+application_key=94d2de428a9a9045
+application_secret=43e53c99e5f29f2e8f5cb53c5c1cb9f5
+consumer_key=b2643bfbd6ed0251cd5e032e77a869f2
+