Skip to content

Commit

Permalink
feat: change ssh key handling (#665)
Browse files Browse the repository at this point in the history 
Signed-off-by: Engin Diri <[email protected]>

Signed-off-by: Engin Diri <[email protected]>
  • Loading branch information
@dirien
dirien authored Nov 20, 2022
1 parent 1d14178 commit a645d73
Show file tree
Hide file tree
Showing 110 changed files with 302 additions and 720 deletions.
20 changes: 16 additions & 4 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -536,7 +536,7 @@ spec:
size: <cloud provider plan>
ssh:
port: 22 | or your custom port
keyfolder: "<path to ssh public and private key>/ssh"
publickeyfile: "<path to ssh public key>.pub"
fail2ban:
bantime: "<ban time in seconds>"
maxretry: "<max retry>"
Expand Down Expand Up @@ -580,7 +580,7 @@ spec:
volumeSize: 100
ssh:
port: 22 | or your custom port
keyfolder: "<path to ssh public and private key>/ssh"
publickeyfile: "<path to ssh public key>.pub"
fail2ban:
bantime: "<ban time in seconds>"
maxretry: "<max retry>"
Expand Down Expand Up @@ -742,6 +742,7 @@ Flags:
-f, --filename string Location of the manifest file
-h, --help help for update
--id string contains the server id
-k, --ssh-key string specify a specific path for the SSH key
Global Flags:
--headless Set this value to if mincetl is called by a CI system. Enables logging and disables human-readable output rendering (default: false)
Expand Down Expand Up @@ -798,6 +799,7 @@ Flags:
-h, --help help for plugins
--id string contains the server id
-p, --plugin string Location of the plugin
-k, --ssh-key string specify a specific path for the SSH key
Global Flags:
--headless Set this value to if mincetl is called by a CI system. Enables logging and disables human-readable output rendering (default: false)
Expand Down Expand Up @@ -860,7 +862,7 @@ spec:
volumeSize: 100
ssh:
port: 22 | or your custom port
keyfolder: "<path to ssh public and private key>/ssh"
publickeyfile: "<path to ssh public and private key>/ssh"
fail2ban:
bantime: "<ban time in seconds>"
maxretry: "<max retry>"
Expand All @@ -886,7 +888,17 @@ port is 22. This helps a lot, to avoid hackers to bruteforce your server.

##### SSH Key

With the `keyfolder` property, you can define the location of your SSH public and private key on your local machine.
With the `publickeyfile` property, you can define the location of your SSH public key on your local machine.

With the `publickey` property, you can define the content of your SSH public key.

```yaml
...
publickey: "ssh-rsa AAAAB3 ... xxx"
```

If you need to update or upload a plugin to your server, you need to provide the SSH private key in the command with the
new flag `--ssh-key`.

##### Fail2Ban

Expand Down
34 changes: 34 additions & 0 deletions cmd/minectl/minectl.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@ import (

"github.com/blang/semver/v4"
"github.com/dirien/minectl/internal/logging"
"github.com/dirien/minectl/internal/provisioner"
"github.com/mitchellh/go-homedir"
"github.com/morikuni/aec"
"github.com/pkg/errors"
Expand All @@ -29,6 +30,39 @@ var (
Date string
)

func createUpdatePluginProvisioner(cmd *cobra.Command) (provisioner.Provisioner, error) {
filename, err := cmd.Flags().GetString("filename")
if err != nil {
return nil, errors.Wrap(err, "Please provide a valid manifest file")
}
if len(filename) == 0 {
return nil, errors.New("Please provide a valid manifest file via -f|--filename flag")
}
id, err := cmd.Flags().GetString("id")
if err != nil {
return nil, err
}
if len(id) == 0 {
return nil, errors.New("Please provide a valid id")
}
sshKey, err := cmd.Flags().GetString("ssh-key")
if err != nil {
return nil, err
}
if len(sshKey) == 0 {
return nil, errors.New("Please provide a valid ssh key path")
}
p, err := provisioner.NewProvisioner(&provisioner.MinectlProvisionerOpts{
ManifestPath: filename,
ID: id,
SSHPrivateKeyPath: sshKey,
}, minectlLog)
if err != nil {
return nil, err
}
return p, nil
}

func isDevVersion(s semver.Version) bool {
if len(s.Pre) == 0 {
return false
Expand Down
22 changes: 2 additions & 20 deletions cmd/minectl/plugins.go
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,6 @@
package minectl

import (
"github.com/dirien/minectl/internal/provisioner"
"github.com/pkg/errors"
"github.com/spf13/cobra"
)

Expand All @@ -14,6 +12,7 @@ func init() {
pluginCmd.Flags().SetAnnotation("plugin", cobra.BashCompFilenameExt, []string{"jar"}) //nolint:errcheck
pluginCmd.Flags().StringP("destination", "d", "", "Plugin destination folder")
pluginCmd.Flags().SetAnnotation("destination", cobra.BashCompSubdirsInDir, []string{}) //nolint:errcheck
pluginCmd.Flags().StringP("ssh-key", "k", "", "specify a specific path for the SSH key")
}

type ModType string
Expand Down Expand Up @@ -55,24 +54,7 @@ var _ = []Plugin{
}

func runPlugin(cmd *cobra.Command, _ []string) error {
filename, err := cmd.Flags().GetString("filename")
if err != nil {
return errors.Wrap(err, "Please provide a valid manifest file")
}
if len(filename) == 0 {
return errors.New("Please provide a valid manifest file via -f|--filename flag")
}
id, err := cmd.Flags().GetString("id")
if err != nil {
return err
}
if len(id) == 0 {
return errors.New("Please provide a valid id")
}
p, err := provisioner.NewProvisioner(&provisioner.MinectlProvisionerOpts{
ManifestPath: filename,
ID: id,
}, minectlLog)
p, err := createUpdatePluginProvisioner(cmd)
if err != nil {
return err
}
Expand Down
22 changes: 2 additions & 20 deletions cmd/minectl/update.go
View file
Original file line number Diff line number Diff line change
@@ -1,13 +1,12 @@
package minectl

import (
"github.com/dirien/minectl/internal/provisioner"
"github.com/pkg/errors"
"github.com/spf13/cobra"
)

func init() {
updateCmd.Flags().StringP("filename", "f", "", "Location of the manifest file")
updateCmd.Flags().StringP("ssh-key", "k", "", "specify a specific path for the SSH key")
updateCmd.Flags().SetAnnotation("filename", cobra.BashCompFilenameExt, []string{"yaml"}) //nolint:errcheck
updateCmd.Flags().String("id", "", "contains the server id")
}
Expand All @@ -24,24 +23,7 @@ var updateCmd = &cobra.Command{
}

func runUpdate(cmd *cobra.Command, _ []string) error {
filename, err := cmd.Flags().GetString("filename")
if len(filename) == 0 {
return errors.New("Please provide a valid manifest file")
}
if err != nil {
return errors.Wrap(err, "Please provide a valid manifest file via -f|--filename flag")
}
id, err := cmd.Flags().GetString("id")
if err != nil {
return err
}
if len(id) == 0 {
return errors.New("Please provide a valid id")
}
p, err := provisioner.NewProvisioner(&provisioner.MinectlProvisionerOpts{
ManifestPath: filename,
ID: id,
}, minectlLog)
p, err := createUpdatePluginProvisioner(cmd)
if err != nil {
return err
}
Expand Down
4 changes: 2 additions & 2 deletions cmd/minectl/wizard.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -77,8 +77,8 @@ var wizardQuestions = []*survey.Question{
Name: "ssh",
Validate: survey.Required,
Prompt: &survey.Input{
Message: "Enter a full path to ssh private key (like /f/a/key):",
Help: "Please enter the full path to ssh private key like this -> /Users/dirien/Tools/repos/stackit-minecraft/minecraft/ssh/minecraft-be",
Message: "Enter a full path to ssh private public key (like /f/a/key.pub):",
Help: "Please enter the full path to ssh public key like this -> /Users/dirien/Tools/repos/stackit-minecraft/minecraft/ssh/minecraft-be.pub",
},
},
{
Expand Down
4 changes: 2 additions & 2 deletions config/bedrock/server-aws.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,14 +9,14 @@ spec:
size: t3.xlarge
ssh:
port: 22
keyfolder: "/Users/dirien/Tools/repos/stackit-minecraft/minecraft/ssh/minecraft-be"
publickeyfile: "/root/.ssh/id_rsa.pub"
fail2ban:
bantime: 1000
maxretry: 3
port: 19132
minecraft:
edition: bedrock
version: 1.19.20.02
version: 1.19.41.01
eula: true
properties: |
server-name=Azure Minecraft - Bedrock edition
Expand Down
2 changes: 1 addition & 1 deletion config/bedrock/server-civo.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ spec:
size: g3.large
ssh:
port: 22
keyfolder: "/Users/dirien/Tools/repos/stackit-minecraft/minecraft/ssh/minecraft-be"
publickeyfile: "/Users/dirien/Tools/repos/stackit-minecraft/minecraft/ssh/minecraft-be.pub"
fail2ban:
bantime: 1000
maxretry: 3
Expand Down
2 changes: 1 addition & 1 deletion config/bedrock/server-do.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ spec:
size: s-4vcpu-8gb
ssh:
port: 22
keyfolder: "/Users/dirien/Tools/repos/stackit-minecraft/minecraft/ssh/minecraft-be"
publickeyfile: "/Users/dirien/Tools/repos/stackit-minecraft/minecraft/ssh/minecraft-be.pub"
fail2ban:
bantime: 1000
maxretry: 3
Expand Down
2 changes: 1 addition & 1 deletion config/bedrock/server-equinix.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ spec:
size: c3.small.x86
ssh:
port: 22
keyfolder: "/Users/dirien/Tools/repos/stackit-minecraft/minecraft/ssh/minecraft-be"
publickeyfile: "/Users/dirien/Tools/repos/stackit-minecraft/minecraft/ssh/minecraft-be.pub"
fail2ban:
bantime: 1000
maxretry: 3
Expand Down
2 changes: 1 addition & 1 deletion config/bedrock/server-exoscale.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ spec:
size: medium
ssh:
port: 22
keyfolder: "/Users/dirien/Tools/repos/stackit-minecraft/minecraft/ssh/minecraft-be"
publickeyfile: "/Users/dirien/Tools/repos/stackit-minecraft/minecraft/ssh/minecraft-be.pub"
fail2ban:
bantime: 1000
maxretry: 3
Expand Down
2 changes: 1 addition & 1 deletion config/bedrock/server-gce.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ spec:
size: e2-standard-2
ssh:
port: 22
keyfolder: "/Users/dirien/Tools/repos/stackit-minecraft/minecraft/ssh/minecraft-be"
publickeyfile: "/Users/dirien/Tools/repos/stackit-minecraft/minecraft/ssh/minecraft-be.pub"
fail2ban:
bantime: 1000
maxretry: 3
Expand Down
2 changes: 1 addition & 1 deletion config/bedrock/server-hetzner.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ spec:
size: cpx31
ssh:
port: 22
keyfolder: "/Users/dirien/Tools/repos/stackit-minecraft/minecraft/ssh/minecraft-be"
publickeyfile: "/Users/dirien/Tools/repos/stackit-minecraft/minecraft/ssh/minecraft-be.pub"
fail2ban:
bantime: 1000
maxretry: 3
Expand Down
2 changes: 1 addition & 1 deletion config/bedrock/server-ionos.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ spec:
size: 1-4096-INTEL_SKYLAKE
ssh:
port: 22
keyfolder: "/Users/dirien/Tools/repos/stackit-minecraft/minecraft/ssh/minecraft-be"
publickeyfile: "/Users/dirien/Tools/repos/stackit-minecraft/minecraft/ssh/minecraft-be.pub"
fail2ban:
bantime: 1000
maxretry: 3
Expand Down
2 changes: 1 addition & 1 deletion config/bedrock/server-linode.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ spec:
size: g6-standard-4
ssh:
port: 22
keyfolder: "/Users/dirien/Tools/repos/stackit-minecraft/minecraft/ssh/minecraft-be"
publickeyfile: "/Users/dirien/Tools/repos/stackit-minecraft/minecraft/ssh/minecraft-be.pub"
fail2ban:
bantime: 1000
maxretry: 3
Expand Down
2 changes: 1 addition & 1 deletion config/bedrock/server-oci.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ spec:
size: VM.Standard2.2
ssh:
port: 22
keyfolder: "/Users/dirien/Tools/repos/stackit-minecraft/minecraft/ssh/minecraft-be"
publickeyfile: "/Users/dirien/Tools/repos/stackit-minecraft/minecraft/ssh/minecraft-be.pub"
fail2ban:
bantime: 1000
maxretry: 3
Expand Down
2 changes: 1 addition & 1 deletion config/bedrock/server-ovh.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ spec:
size: b2-7
ssh:
port: 22
keyfolder: "/Users/dirien/Tools/repos/stackit-minecraft/minecraft/ssh/minecraft-be"
publickeyfile: "/Users/dirien/Tools/repos/stackit-minecraft/minecraft/ssh/minecraft-be.pub"
fail2ban:
bantime: 1000
maxretry: 3
Expand Down
2 changes: 1 addition & 1 deletion config/bedrock/server-scaleway.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ spec:
size: GP1-XS
ssh:
port: 22
keyfolder: "/Users/dirien/Tools/repos/stackit-minecraft/minecraft/ssh/minecraft-be"
publickeyfile: "/Users/dirien/Tools/repos/stackit-minecraft/minecraft/ssh/minecraft-be.pub"
fail2ban:
bantime: 1000
maxretry: 3
Expand Down
2 changes: 1 addition & 1 deletion config/bedrock/server-vexxhost.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ spec:
size: "v3-starter-2"
ssh:
port: 22
keyfolder: "/Users/dirien/Tools/repos/stackit-minecraft/minecraft/ssh/minecraft-be"
publickeyfile: "/Users/dirien/Tools/repos/stackit-minecraft/minecraft/ssh/minecraft-be.pub"
fail2ban:
bantime: 1000
maxretry: 3
Expand Down
2 changes: 1 addition & 1 deletion config/bungeecord/proxy-civo.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ spec:
size: g3.xsmall
ssh:
port: 22
keyfolder: "/Users/dirien/Tools/repos/stackit-minecraft/minecraft/ssh/minecraft"
publickeyfile: "/Users/dirien/Tools/repos/stackit-minecraft/minecraft/ssh/minecraft.pub"
fail2ban:
bantime: 1000
maxretry: 3
Expand Down
2 changes: 1 addition & 1 deletion config/bungeecord/proxy-do.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ spec:
size: s-1vcpu-1gb
ssh:
port: 22
keyfolder: "/Users/dirien/Tools/repos/stackit-minecraft/minecraft/ssh/minecraft"
publickeyfile: "/Users/dirien/Tools/repos/stackit-minecraft/minecraft/ssh/minecraft.pub"
fail2ban:
bantime: 1000
maxretry: 3
Expand Down
2 changes: 1 addition & 1 deletion config/bungeecord/proxy-vultr.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ spec:
size: "vc2-1c-1gb"
ssh:
port: 22
keyfolder: "/Users/dirien/Tools/repos/stackit-minecraft/minecraft/ssh/minecraft"
publickeyfile: "/Users/dirien/Tools/repos/stackit-minecraft/minecraft/ssh/minecraft.pub"
fail2ban:
bantime: 1000
maxretry: 3
Expand Down
2 changes: 1 addition & 1 deletion config/craftbukkit/server-do.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ spec:
size: s-4vcpu-8gb
ssh:
port: 22
keyfolder: "/Users/dirien/Tools/repos/stackit-minecraft/minecraft/ssh/minecraft"
publickeyfile: "/Users/dirien/Tools/repos/stackit-minecraft/minecraft/ssh/minecraft.pub"
fail2ban:
bantime: 1000
maxretry: 3
Expand Down
2 changes: 1 addition & 1 deletion config/craftbukkit/server-linode.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ spec:
size: g6-standard-4
ssh:
port: 22
keyfolder: "/Users/dirien/Tools/repos/stackit-minecraft/minecraft/ssh/minecraft"
publickeyfile: "/Users/dirien/Tools/repos/stackit-minecraft/minecraft/ssh/minecraft.pub"
fail2ban:
bantime: 1000
maxretry: 3
Expand Down
2 changes: 1 addition & 1 deletion config/fabric/server-civo.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ spec:
size: g3.large
ssh:
port: 22
keyfolder: "/Users/dirien/Tools/repos/stackit-minecraft/minecraft/ssh/minecraft"
publickeyfile: "/Users/dirien/Tools/repos/stackit-minecraft/minecraft/ssh/minecraft.pub"
fail2ban:
bantime: 1000
maxretry: 3
Expand Down
2 changes: 1 addition & 1 deletion config/fabric/server-do.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ spec:
size: s-4vcpu-8gb
ssh:
port: 22
keyfolder: "/Users/dirien/Tools/repos/stackit-minecraft/minecraft/ssh/minecraft"
publickeyfile: "/Users/dirien/Tools/repos/stackit-minecraft/minecraft/ssh/minecraft.pub"
fail2ban:
bantime: 1000
maxretry: 3
Expand Down
Loading

0 comments on commit a645d73

Please sign in to comment.