capistrano-one_time_key 0.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: 939b2c31402865d6fc47b342b49cf2036b61a5ca
4
+ data.tar.gz: 27d4763cc9247c3e5e81e669594f830c4c00dbfe
5
+ SHA512:
6
+ metadata.gz: acb7cf8ed73e1ac0371ac6cb2f4d26b60d4ba2e204483448e0bd2d92a72fcee1fdc4303c3dde47ea9f3224da378ba3cd914f5db348b573643d1b668a56b587d3
7
+ data.tar.gz: f9afe8d2f44bec9d273604df3bb9bf177cf950c9e122cbce0c4f76b58b3ee1d565fea947cb88f9733eff263ed4fc39542d35c7af3681aeb7825949dbaf5bb1b7
data/.gitignore ADDED
@@ -0,0 +1,17 @@
1
+ *.gem
2
+ *.rbc
3
+ .bundle
4
+ .config
5
+ .yardoc
6
+ Gemfile.lock
7
+ InstalledFiles
8
+ _yardoc
9
+ coverage
10
+ doc/
11
+ lib/bundler/man
12
+ pkg
13
+ rdoc
14
+ spec/reports
15
+ test/tmp
16
+ test/version_tmp
17
+ tmp
data/Gemfile ADDED
@@ -0,0 +1,4 @@
1
+ source 'https://rubygems.org'
2
+
3
+ # Specify your gem's dependencies in capistrano-one_time_key.gemspec
4
+ gemspec
data/LICENSE.txt ADDED
@@ -0,0 +1,13 @@
1
+ Copyright (c) 2014 The Board of Trustees of the Leland Stanford Junior University
2
+
3
+ Licensed under the Apache License, Version 2.0 (the "License");
4
+ you may not use this file except in compliance with the License.
5
+ You may obtain a copy of the License at
6
+
7
+ http://www.apache.org/licenses/LICENSE-2.0
8
+
9
+ Unless required by applicable law or agreed to in writing, software
10
+ distributed under the License is distributed on an "AS IS" BASIS,
11
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
+ See the License for the specific language governing permissions and
13
+ limitations under the License.
data/README.md ADDED
@@ -0,0 +1,35 @@
1
+ # Capistrano::OneTimeKey
2
+
3
+ Capistrano::OneTimeKey creates per-deploy ssh keys. This may be useful in SSH environments that use alternative authentication mechanisms (e.g. kerberos) that have no (reliably maintained) net-ssh equivalents.
4
+
5
+ ## Installation
6
+
7
+ Add this line to your application's Gemfile:
8
+
9
+ gem 'capistrano-one_time_key'
10
+
11
+ And then execute:
12
+
13
+ $ bundle
14
+
15
+ Or install it yourself as:
16
+
17
+ $ gem install capistrano-one_time_key
18
+
19
+ ## Usage
20
+
21
+ In your Capfile, require the gem:
22
+
23
+ require 'capistrano/one_time_key'
24
+
25
+ And in your deploy stage, after you register servers and services, create the one time keys:
26
+
27
+ Capistrano::OneTimeKey.generate_one_time_key!
28
+
29
+ ## Contributing
30
+
31
+ 1. Fork it ( http://github.com/cbeer/capistrano-one_time_key/fork )
32
+ 2. Create your feature branch (`git checkout -b my-new-feature`)
33
+ 3. Commit your changes (`git commit -am 'Add some feature'`)
34
+ 4. Push to the branch (`git push origin my-new-feature`)
35
+ 5. Create new Pull Request
data/Rakefile ADDED
@@ -0,0 +1 @@
1
+ require "bundler/gem_tasks"
@@ -0,0 +1,25 @@
1
+ # coding: utf-8
2
+ lib = File.expand_path('../lib', __FILE__)
3
+ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
4
+ require 'capistrano/one_time_key/version'
5
+
6
+ Gem::Specification.new do |spec|
7
+ spec.name = "capistrano-one_time_key"
8
+ spec.version = Capistrano::OneTimeKey::VERSION
9
+ spec.authors = ["Chris Beer"]
10
+ spec.email = ["cabeer@stanford.edu"]
11
+ spec.summary = %q{One time keys for capistrano}
12
+ spec.homepage = ""
13
+ spec.license = "APACHE2"
14
+
15
+ spec.files = `git ls-files`.split($/)
16
+ spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
17
+ spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
18
+ spec.require_paths = ["lib"]
19
+
20
+ spec.add_dependency "capistrano", "~> 3.0"
21
+
22
+ spec.add_development_dependency "bundler", "~> 1.5"
23
+ spec.add_development_dependency "rake"
24
+ spec.add_development_dependency "rspec"
25
+ end
@@ -0,0 +1,5 @@
1
+ set :ssh_options, {
2
+ keys: [Capistrano::OneTimeKey.temporary_ssh_private_key_path],
3
+ forward_agent: false,
4
+ auth_methods: %w(publickey password)
5
+ }
@@ -0,0 +1,5 @@
1
+ module Capistrano
2
+ module OneTimeKey
3
+ VERSION = "0.0.1"
4
+ end
5
+ end
@@ -0,0 +1,63 @@
1
+ require "capistrano/one_time_key/version"
2
+ require "tmpdir"
3
+ require "securerandom"
4
+
5
+ module Capistrano
6
+ module OneTimeKey
7
+
8
+ def self.tmpdir
9
+ @dirname ||= Dir.mktmpdir
10
+ end
11
+
12
+ def self.temporary_ssh_private_key_path
13
+ File.join(tmpdir, "capistrano_key")
14
+ end
15
+
16
+ def self.comment
17
+ @comment ||= "capistrano-otk-#{SecureRandom.hex(6)}"
18
+ end
19
+
20
+ def self.generate_private_key!
21
+ `ssh-keygen -f #{temporary_ssh_private_key_path} -N "" -C "#{comment}"`
22
+ return temporary_ssh_private_key_path
23
+ end
24
+
25
+ def self.generate_one_time_key!
26
+
27
+ path = generate_private_key!
28
+
29
+ public_key = File.read("#{path}.pub")
30
+
31
+ on roles(:all) do |host|
32
+ Capistrano::OneTimeKey.add_key_to_host host, public_key
33
+ end
34
+
35
+ at_exit do
36
+ # remove dirname locally
37
+ FileUtils.remove_entry Capistrano::OneTimeKey.temporary_ssh_private_key_path
38
+ on roles(:all) do |host|
39
+ Capistrano::OneTimeKey.remove_key_from_host host, public_key
40
+ end
41
+ end
42
+ end
43
+
44
+ def self.add_key_to_host capistrano_host, public_key
45
+ execute_on_remote capistrano_host, "mkdir -p ~/.ssh && \
46
+ chmod 700 ~/.ssh && \
47
+ touch ~/.ssh/authorized_keys && \
48
+ chmod 600 ~/.ssh/authorized_keys && \
49
+ echo '#{public_key}' >> ~/.ssh/authorized_keys"
50
+ end
51
+
52
+ def self.remove_key_from_host capistrano_host, public_key
53
+ execute_on_remote capistrano_host, "sed -i.bak -e '/#{comment}$/d' ~/.ssh/authorized_keys && rm ~/.ssh/authorized_keys.bak"
54
+ end
55
+
56
+ def self.execute_on_remote capistrano_host, command
57
+ `echo "#{command}" | ssh #{capistrano_host.user}@#{capistrano_host.hostname}`
58
+ end
59
+ end
60
+ end
61
+
62
+
63
+ load File.expand_path("../one_time_key/tasks/one_time_key.rake", __FILE__)
@@ -0,0 +1,9 @@
1
+ $LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
2
+ $LOAD_PATH.unshift(File.dirname(__FILE__))
3
+
4
+ require 'rspec/autorun'
5
+ require 'capistrano/one_time_key'
6
+
7
+ RSpec.configure do |config|
8
+
9
+ end
metadata ADDED
@@ -0,0 +1,111 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: capistrano-one_time_key
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.0.1
5
+ platform: ruby
6
+ authors:
7
+ - Chris Beer
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2014-01-16 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: capistrano
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - "~>"
18
+ - !ruby/object:Gem::Version
19
+ version: '3.0'
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - "~>"
25
+ - !ruby/object:Gem::Version
26
+ version: '3.0'
27
+ - !ruby/object:Gem::Dependency
28
+ name: bundler
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - "~>"
32
+ - !ruby/object:Gem::Version
33
+ version: '1.5'
34
+ type: :development
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - "~>"
39
+ - !ruby/object:Gem::Version
40
+ version: '1.5'
41
+ - !ruby/object:Gem::Dependency
42
+ name: rake
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - ">="
46
+ - !ruby/object:Gem::Version
47
+ version: '0'
48
+ type: :development
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - ">="
53
+ - !ruby/object:Gem::Version
54
+ version: '0'
55
+ - !ruby/object:Gem::Dependency
56
+ name: rspec
57
+ requirement: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - ">="
60
+ - !ruby/object:Gem::Version
61
+ version: '0'
62
+ type: :development
63
+ prerelease: false
64
+ version_requirements: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - ">="
67
+ - !ruby/object:Gem::Version
68
+ version: '0'
69
+ description:
70
+ email:
71
+ - cabeer@stanford.edu
72
+ executables: []
73
+ extensions: []
74
+ extra_rdoc_files: []
75
+ files:
76
+ - ".gitignore"
77
+ - Gemfile
78
+ - LICENSE.txt
79
+ - README.md
80
+ - Rakefile
81
+ - capistrano-one_time_key.gemspec
82
+ - lib/capistrano/one_time_key.rb
83
+ - lib/capistrano/one_time_key/tasks/one_time_key.rake
84
+ - lib/capistrano/one_time_key/version.rb
85
+ - spec/spec_helper.rb
86
+ homepage: ''
87
+ licenses:
88
+ - APACHE2
89
+ metadata: {}
90
+ post_install_message:
91
+ rdoc_options: []
92
+ require_paths:
93
+ - lib
94
+ required_ruby_version: !ruby/object:Gem::Requirement
95
+ requirements:
96
+ - - ">="
97
+ - !ruby/object:Gem::Version
98
+ version: '0'
99
+ required_rubygems_version: !ruby/object:Gem::Requirement
100
+ requirements:
101
+ - - ">="
102
+ - !ruby/object:Gem::Version
103
+ version: '0'
104
+ requirements: []
105
+ rubyforge_project:
106
+ rubygems_version: 2.2.0
107
+ signing_key:
108
+ specification_version: 4
109
+ summary: One time keys for capistrano
110
+ test_files:
111
+ - spec/spec_helper.rb