capistrano-one_time_key 0.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/.gitignore +17 -0
- data/Gemfile +4 -0
- data/LICENSE.txt +13 -0
- data/README.md +35 -0
- data/Rakefile +1 -0
- data/capistrano-one_time_key.gemspec +25 -0
- data/lib/capistrano/one_time_key/tasks/one_time_key.rake +5 -0
- data/lib/capistrano/one_time_key/version.rb +5 -0
- data/lib/capistrano/one_time_key.rb +63 -0
- data/spec/spec_helper.rb +9 -0
- metadata +111 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: 939b2c31402865d6fc47b342b49cf2036b61a5ca
|
4
|
+
data.tar.gz: 27d4763cc9247c3e5e81e669594f830c4c00dbfe
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: acb7cf8ed73e1ac0371ac6cb2f4d26b60d4ba2e204483448e0bd2d92a72fcee1fdc4303c3dde47ea9f3224da378ba3cd914f5db348b573643d1b668a56b587d3
|
7
|
+
data.tar.gz: f9afe8d2f44bec9d273604df3bb9bf177cf950c9e122cbce0c4f76b58b3ee1d565fea947cb88f9733eff263ed4fc39542d35c7af3681aeb7825949dbaf5bb1b7
|
data/.gitignore
ADDED
data/Gemfile
ADDED
data/LICENSE.txt
ADDED
@@ -0,0 +1,13 @@
|
|
1
|
+
Copyright (c) 2014 The Board of Trustees of the Leland Stanford Junior University
|
2
|
+
|
3
|
+
Licensed under the Apache License, Version 2.0 (the "License");
|
4
|
+
you may not use this file except in compliance with the License.
|
5
|
+
You may obtain a copy of the License at
|
6
|
+
|
7
|
+
http://www.apache.org/licenses/LICENSE-2.0
|
8
|
+
|
9
|
+
Unless required by applicable law or agreed to in writing, software
|
10
|
+
distributed under the License is distributed on an "AS IS" BASIS,
|
11
|
+
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
12
|
+
See the License for the specific language governing permissions and
|
13
|
+
limitations under the License.
|
data/README.md
ADDED
@@ -0,0 +1,35 @@
|
|
1
|
+
# Capistrano::OneTimeKey
|
2
|
+
|
3
|
+
Capistrano::OneTimeKey creates per-deploy ssh keys. This may be useful in SSH environments that use alternative authentication mechanisms (e.g. kerberos) that have no (reliably maintained) net-ssh equivalents.
|
4
|
+
|
5
|
+
## Installation
|
6
|
+
|
7
|
+
Add this line to your application's Gemfile:
|
8
|
+
|
9
|
+
gem 'capistrano-one_time_key'
|
10
|
+
|
11
|
+
And then execute:
|
12
|
+
|
13
|
+
$ bundle
|
14
|
+
|
15
|
+
Or install it yourself as:
|
16
|
+
|
17
|
+
$ gem install capistrano-one_time_key
|
18
|
+
|
19
|
+
## Usage
|
20
|
+
|
21
|
+
In your Capfile, require the gem:
|
22
|
+
|
23
|
+
require 'capistrano/one_time_key'
|
24
|
+
|
25
|
+
And in your deploy stage, after you register servers and services, create the one time keys:
|
26
|
+
|
27
|
+
Capistrano::OneTimeKey.generate_one_time_key!
|
28
|
+
|
29
|
+
## Contributing
|
30
|
+
|
31
|
+
1. Fork it ( http://github.com/cbeer/capistrano-one_time_key/fork )
|
32
|
+
2. Create your feature branch (`git checkout -b my-new-feature`)
|
33
|
+
3. Commit your changes (`git commit -am 'Add some feature'`)
|
34
|
+
4. Push to the branch (`git push origin my-new-feature`)
|
35
|
+
5. Create new Pull Request
|
data/Rakefile
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
require "bundler/gem_tasks"
|
@@ -0,0 +1,25 @@
|
|
1
|
+
# coding: utf-8
|
2
|
+
lib = File.expand_path('../lib', __FILE__)
|
3
|
+
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
4
|
+
require 'capistrano/one_time_key/version'
|
5
|
+
|
6
|
+
Gem::Specification.new do |spec|
|
7
|
+
spec.name = "capistrano-one_time_key"
|
8
|
+
spec.version = Capistrano::OneTimeKey::VERSION
|
9
|
+
spec.authors = ["Chris Beer"]
|
10
|
+
spec.email = ["cabeer@stanford.edu"]
|
11
|
+
spec.summary = %q{One time keys for capistrano}
|
12
|
+
spec.homepage = ""
|
13
|
+
spec.license = "APACHE2"
|
14
|
+
|
15
|
+
spec.files = `git ls-files`.split($/)
|
16
|
+
spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
|
17
|
+
spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
|
18
|
+
spec.require_paths = ["lib"]
|
19
|
+
|
20
|
+
spec.add_dependency "capistrano", "~> 3.0"
|
21
|
+
|
22
|
+
spec.add_development_dependency "bundler", "~> 1.5"
|
23
|
+
spec.add_development_dependency "rake"
|
24
|
+
spec.add_development_dependency "rspec"
|
25
|
+
end
|
@@ -0,0 +1,63 @@
|
|
1
|
+
require "capistrano/one_time_key/version"
|
2
|
+
require "tmpdir"
|
3
|
+
require "securerandom"
|
4
|
+
|
5
|
+
module Capistrano
|
6
|
+
module OneTimeKey
|
7
|
+
|
8
|
+
def self.tmpdir
|
9
|
+
@dirname ||= Dir.mktmpdir
|
10
|
+
end
|
11
|
+
|
12
|
+
def self.temporary_ssh_private_key_path
|
13
|
+
File.join(tmpdir, "capistrano_key")
|
14
|
+
end
|
15
|
+
|
16
|
+
def self.comment
|
17
|
+
@comment ||= "capistrano-otk-#{SecureRandom.hex(6)}"
|
18
|
+
end
|
19
|
+
|
20
|
+
def self.generate_private_key!
|
21
|
+
`ssh-keygen -f #{temporary_ssh_private_key_path} -N "" -C "#{comment}"`
|
22
|
+
return temporary_ssh_private_key_path
|
23
|
+
end
|
24
|
+
|
25
|
+
def self.generate_one_time_key!
|
26
|
+
|
27
|
+
path = generate_private_key!
|
28
|
+
|
29
|
+
public_key = File.read("#{path}.pub")
|
30
|
+
|
31
|
+
on roles(:all) do |host|
|
32
|
+
Capistrano::OneTimeKey.add_key_to_host host, public_key
|
33
|
+
end
|
34
|
+
|
35
|
+
at_exit do
|
36
|
+
# remove dirname locally
|
37
|
+
FileUtils.remove_entry Capistrano::OneTimeKey.temporary_ssh_private_key_path
|
38
|
+
on roles(:all) do |host|
|
39
|
+
Capistrano::OneTimeKey.remove_key_from_host host, public_key
|
40
|
+
end
|
41
|
+
end
|
42
|
+
end
|
43
|
+
|
44
|
+
def self.add_key_to_host capistrano_host, public_key
|
45
|
+
execute_on_remote capistrano_host, "mkdir -p ~/.ssh && \
|
46
|
+
chmod 700 ~/.ssh && \
|
47
|
+
touch ~/.ssh/authorized_keys && \
|
48
|
+
chmod 600 ~/.ssh/authorized_keys && \
|
49
|
+
echo '#{public_key}' >> ~/.ssh/authorized_keys"
|
50
|
+
end
|
51
|
+
|
52
|
+
def self.remove_key_from_host capistrano_host, public_key
|
53
|
+
execute_on_remote capistrano_host, "sed -i.bak -e '/#{comment}$/d' ~/.ssh/authorized_keys && rm ~/.ssh/authorized_keys.bak"
|
54
|
+
end
|
55
|
+
|
56
|
+
def self.execute_on_remote capistrano_host, command
|
57
|
+
`echo "#{command}" | ssh #{capistrano_host.user}@#{capistrano_host.hostname}`
|
58
|
+
end
|
59
|
+
end
|
60
|
+
end
|
61
|
+
|
62
|
+
|
63
|
+
load File.expand_path("../one_time_key/tasks/one_time_key.rake", __FILE__)
|
data/spec/spec_helper.rb
ADDED
metadata
ADDED
@@ -0,0 +1,111 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: capistrano-one_time_key
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.0.1
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Chris Beer
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
date: 2014-01-16 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: capistrano
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - "~>"
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '3.0'
|
20
|
+
type: :runtime
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - "~>"
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: '3.0'
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: bundler
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - "~>"
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: '1.5'
|
34
|
+
type: :development
|
35
|
+
prerelease: false
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - "~>"
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: '1.5'
|
41
|
+
- !ruby/object:Gem::Dependency
|
42
|
+
name: rake
|
43
|
+
requirement: !ruby/object:Gem::Requirement
|
44
|
+
requirements:
|
45
|
+
- - ">="
|
46
|
+
- !ruby/object:Gem::Version
|
47
|
+
version: '0'
|
48
|
+
type: :development
|
49
|
+
prerelease: false
|
50
|
+
version_requirements: !ruby/object:Gem::Requirement
|
51
|
+
requirements:
|
52
|
+
- - ">="
|
53
|
+
- !ruby/object:Gem::Version
|
54
|
+
version: '0'
|
55
|
+
- !ruby/object:Gem::Dependency
|
56
|
+
name: rspec
|
57
|
+
requirement: !ruby/object:Gem::Requirement
|
58
|
+
requirements:
|
59
|
+
- - ">="
|
60
|
+
- !ruby/object:Gem::Version
|
61
|
+
version: '0'
|
62
|
+
type: :development
|
63
|
+
prerelease: false
|
64
|
+
version_requirements: !ruby/object:Gem::Requirement
|
65
|
+
requirements:
|
66
|
+
- - ">="
|
67
|
+
- !ruby/object:Gem::Version
|
68
|
+
version: '0'
|
69
|
+
description:
|
70
|
+
email:
|
71
|
+
- cabeer@stanford.edu
|
72
|
+
executables: []
|
73
|
+
extensions: []
|
74
|
+
extra_rdoc_files: []
|
75
|
+
files:
|
76
|
+
- ".gitignore"
|
77
|
+
- Gemfile
|
78
|
+
- LICENSE.txt
|
79
|
+
- README.md
|
80
|
+
- Rakefile
|
81
|
+
- capistrano-one_time_key.gemspec
|
82
|
+
- lib/capistrano/one_time_key.rb
|
83
|
+
- lib/capistrano/one_time_key/tasks/one_time_key.rake
|
84
|
+
- lib/capistrano/one_time_key/version.rb
|
85
|
+
- spec/spec_helper.rb
|
86
|
+
homepage: ''
|
87
|
+
licenses:
|
88
|
+
- APACHE2
|
89
|
+
metadata: {}
|
90
|
+
post_install_message:
|
91
|
+
rdoc_options: []
|
92
|
+
require_paths:
|
93
|
+
- lib
|
94
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
95
|
+
requirements:
|
96
|
+
- - ">="
|
97
|
+
- !ruby/object:Gem::Version
|
98
|
+
version: '0'
|
99
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
100
|
+
requirements:
|
101
|
+
- - ">="
|
102
|
+
- !ruby/object:Gem::Version
|
103
|
+
version: '0'
|
104
|
+
requirements: []
|
105
|
+
rubyforge_project:
|
106
|
+
rubygems_version: 2.2.0
|
107
|
+
signing_key:
|
108
|
+
specification_version: 4
|
109
|
+
summary: One time keys for capistrano
|
110
|
+
test_files:
|
111
|
+
- spec/spec_helper.rb
|