Skip to content

Commit b6a8922

Browse files
matyasselmecimatyasselmeci
committed
Allow having multiple keys for bosco
Keys will be looked for in the following order: - `/etc/osg/boscokeys/${ruser}@${rhost}.key` - `/etc/osg/boscokeys/${ruser}.key` - `/etc/osg/bosco.key`
1 parent 84b3cbd commit b6a8922

File tree

1 file changed

+21
-6
lines changed

1 file changed

+21
-6
lines changed

hosted-ce/30-remote-site-setup.sh

Lines changed: 21 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,8 @@ fi
1111

1212
set -e
1313

14-
BOSCO_KEY=/etc/osg/bosco.key
14+
DEFAULT_BOSCO_KEY=/etc/osg/bosco.key
15+
BOSCOKEYS_DIR=/etc/osg/boscokeys
1516
ENDPOINT_CONFIG=/etc/endpoints.ini
1617
SKIP_WN_INSTALL=no
1718

@@ -32,7 +33,19 @@ function debug_file_contents {
3233
function fetch_remote_os_info {
3334
ruser=$1
3435
rhost=$2
35-
ssh -q -i $BOSCO_KEY "$ruser@$rhost" "cat /etc/os-release"
36+
ssh -q -i "$(get_bosco_key "$ruser" "$rhost")" "$ruser@$rhost" "cat /etc/os-release"
37+
}
38+
39+
function get_bosco_key {
40+
ruser=$1
41+
rhost=$2
42+
if [[ -f $BOSCOKEYS_DIR/${ruser}@${rhost}.key ]]; then
43+
echo "$BOSCOKEYS_DIR/${ruser}@${rhost}.key"
44+
elif [[ -f $BOSCOKEYS_DIR/${ruser}.key ]]; then
45+
echo "$BOSCOKEYS_DIR/${ruser}.key"
46+
else
47+
echo "$DEFAULT_BOSCO_KEY"
48+
fi
3649
}
3750

3851
setup_ssh_config () {
@@ -45,7 +58,7 @@ setup_ssh_config () {
4558

4659
# copy Bosco key
4760
ssh_key=$ssh_dir/bosco_key.rsa
48-
cp $BOSCO_KEY $ssh_key
61+
cp "$(get_bosco_key "$ruser" "$remote_fqdn")" $ssh_key
4962
chmod 600 $ssh_key
5063
chown "${ruser}": $ssh_key
5164

@@ -77,10 +90,11 @@ EOF
7790
setup_endpoints_ini () {
7891
echo "Setting up endpoint.ini entry for ${ruser}@$remote_fqdn..."
7992
remote_os_major_ver=$1
93+
ssh_key=$(get_bosco_key "$ruser" "$remote_fqdn")
8094
# The WN client updater uses "remote_dir" for WN client
8195
# configuration and remote copy. We need the absolute path
8296
# specifically for fetch-crl
83-
remote_home_dir=$(ssh -q -i $BOSCO_KEY "${ruser}@$remote_fqdn" pwd)
97+
remote_home_dir=$(ssh -q -i $ssh_key "${ruser}@$remote_fqdn" pwd)
8498
osg_ver=3.4
8599
if [[ $remote_os_major_ver -gt 6 ]]; then
86100
osg_ver=3.5
@@ -91,6 +105,7 @@ local_user = ${ruser}
91105
remote_host = $remote_fqdn
92106
remote_user = ${ruser}
93107
remote_dir = $remote_home_dir/bosco-osg-wn-client
108+
ssh_key = $ssh_key
94109
upstream_url = https://repo.opensciencegrid.org/tarball-install/${osg_ver}/osg-wn-client-latest.el${remote_os_major_ver}.x86_64.tar.gz
95110
EOF
96111
}
@@ -111,12 +126,12 @@ REMOTE_HOST_KEY=`ssh-keyscan -p "$remote_port" "$remote_fqdn"`
111126
root_ssh_dir=/root/.ssh/
112127
mkdir -p $root_ssh_dir
113128
chmod 700 $root_ssh_dir
114-
ln -s $BOSCO_KEY $root_ssh_dir/bosco_key.rsa
129+
ln -s "$(get_bosco_key "root" "$remote_fqdn")" $root_ssh_dir/bosco_key.rsa
115130

116131
cat <<EOF > /etc/ssh/ssh_config
117132
Host $remote_fqdn
118133
Port $remote_port
119-
IdentityFile ${BOSCO_KEY}
134+
IdentityFile "$(get_bosco_key "root" "$remote_fqdn")"
120135
ControlMaster auto
121136
ControlPath /tmp/cm-%i-%r@%h:%p
122137
ControlPersist 15m

0 commit comments

Comments
 (0)