1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
|
#!/usr/bin/env python3
# SPDX-FileCopyrightText: 2024 Matthew Fennell <matthew@fennell.dev>
#
# SPDX-License-Identifier: AGPL-3.0-only
import argparse
import itertools
import os
import subprocess
parser = argparse.ArgumentParser()
parser.add_argument("identity_file")
parser.add_argument("--prosody", nargs=1, default = [])
parser.add_argument("--forgejo", nargs=1, default = [])
args = parser.parse_args()
ssh_args = f"-o IdentitiesOnly=yes -F /dev/null -i {args.identity_file}"
commands = {
"prosody": [
"sudo chmod 640 ~/*.crt ~/*.key",
"sudo mv ~/*.crt ~/*.key /etc/prosody/certs",
"sudo chown -R root:prosody /etc/prosody/certs",
"sudo service nginx restart",
"sudo service prosody restart",
],
"forgejo": [
"sudo chown root:root ~/*.crt ~/*.key",
"sudo mv ~/*.crt ~/*.key /etc/nginx/ssl/",
"sudo service forgejo restart",
"sudo service nginx restart",
],
}
possible_services = {
"prosody": next(iter(args.prosody), None),
"forgejo": next(iter(args.forgejo), None),
}
services = dict(filter(lambda service: service[1] is not None, possible_services.items()))
files_to_copy = {os.environ["LEGO_CERT_PATH"], os.environ["LEGO_CERT_KEY_PATH"]}
def scp_commands(files: set[str], host:str) -> list[str]:
return [f"scp {ssh_args} {' '.join(files)} {host}:~"]
def ssh_commands(service: str, host: str) -> list[str]:
return list(map(lambda command: f"ssh {ssh_args} -tt {host} '{command}'", commands[service]))
for service, host in services.items():
commands_to_run = itertools.chain(scp_commands(files_to_copy, host), ssh_commands(service, host))
for command in commands_to_run:
print(command)
subprocess.run(command, shell=True)
|
