vagrant-ec2-metadata 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: '08b6abbac16a3fdadb55656647b4acd0952f98e6'
+  data.tar.gz: 83b6d82619f2fd7c971ed7cc1a9e8d46ef7072bd
+SHA512:
+  metadata.gz: aa220dab78420623cf19fb65a556708f9536fa44004d49db1dd0d4f331cd4b56f0576c0312387c62f691000beae76c37d8d4b6a5b2fd14fbd2a7b84ec4b929f5
+  data.tar.gz: bc06e5a696fa6128d351307353e36a4054d34dc27b566d64cd49885327debd9feb4d469e0a121255bfc5edf86133b77ff6407829e2beaa0765a87d406ae11f78

checksums.yaml.gz.sig

@@ -0,0 +1,2 @@
+C���[G=^8~Уs���9,V��Ş��z`_�2�i��_0�g�A�����~w�ɂdP-R廗T��W�"����Hb]�DCIE��c7��;�]�<J�P���D�p�s�T�|�} q���ãg̤{_�	��l��q�*�w���>5�p�ꠒ6��?@�މZỴv�|�}�1
+�M�����0/g�gn�y��%M	�Ȯ<( ���$���Z�^���Tv��Y�C1l��Y��G�;�Å$�]�_�(���=�

data/lib/vagrant-ec2-metadata/server.rb

@@ -0,0 +1,71 @@
+require "webrick"
+require "aws-sdk-core"
+require "socket"
+
+ENV["AWS_DEFAULT_REGION"] ||= "us-west-2"
+
+module VagrantEc2Metadata
+  class Server
+    def initialize(config, port, options, env)
+      @config = config
+      @port = port
+      @options = options
+      @env = env
+    end
+
+    def start
+      WEBrick::Daemon.start if @options[:daemonize]
+
+      host_ip = Socket.ip_address_list.detect(&:ipv4_private?).ip_address
+      server = WEBrick::HTTPServer.new(BindAddress: host_ip, Port: @port)
+
+      trap "INT" do
+        server.shutdown
+      end
+
+      server.mount_proc "/" do |req, res|
+        # Only allow requests from our own IP, which the VMs will normally share
+        if req.peeraddr[-1] != host_ip
+          res.status = 403 # Forbidden
+          next
+        end
+
+        # This endpoint is all we handle right now
+        next if !req.path.start_with?("/latest/meta-data/iam/security-credentials/")
+
+        if req.path == "/latest/meta-data/iam/security-credentials/"
+          res.body = "role"
+        else
+          sts = ::Aws::STS::Client.new(profile: @config.profile)
+          if @config.role_arn
+            resp = sts.assume_role({
+              duration_seconds: 3600,
+              role_arn: @config.role_arn,
+              role_session_name: "vagrant",
+            })
+            creds = resp.credentials
+          else
+            resp = sts.get_session_token({
+              duration_seconds: 3600,
+            })
+            creds = resp.credentials
+          end
+
+          res.body = <<EOF
+{
+  "Code" : "Success",
+  "LastUpdated" : "#{Time.now.strftime("%Y-%m-%dT%H:%M:%SZ")}",
+  "Type" : "AWS-HMAC",
+  "AccessKeyId" : "#{creds.access_key_id}",
+  "SecretAccessKey" : "#{creds.secret_access_key}",
+  "Token" : "#{creds.session_token}",
+  "Expiration" : "#{creds.expiration.strftime("%Y-%m-%dT%H:%M:%SZ")}"
+}
+EOF
+        end
+      end
+
+      server.start
+    end
+  end
+end

data/lib/vagrant-ec2-metadata/version.rb

@@ -0,0 +1,3 @@
+module VagrantEc2Metadata
+  VERSION = "0.0.1"
+end

data/lib/vagrant-ec2-metadata.rb

@@ -0,0 +1,111 @@
+require "vagrant"
+require "socket"
+require "optparse"
+
+module VagrantEc2Metadata
+  class Config < Vagrant.plugin("2", :config)
+    attr_accessor :profile
+    attr_accessor :role_arn
+    attr_accessor :port
+
+    def initialize
+      @profile = UNSET_VALUE
+    end
+
+    def finalize!
+      @profile = "default" if @profile == UNSET_VALUE
+    end
+
+    def self.port(machine)
+      return machine.config.ec2_metadata.port if machine.config.ec2_metadata.port
+      ec2_metadata_file = machine.data_dir.join("ec2-metadata-port")
+      if ec2_metadata_file.file?
+        port = ec2_metadata_file.read.chomp.to_i
+      else
+        # Generate a random port number that hopefully won't interfere with anything
+        port = 12000+Random.rand(1000)
+        ec2_metadata_file.open("w+") do |f|
+          f.write(port.to_s)
+        end
+      end
+      return port
+    end
+  end
+
+  class Provisioner < Vagrant.plugin("2", :provisioner)
+    def provision
+      host_ip = Socket.ip_address_list.detect(&:ipv4_private?).ip_address
+      port = Config.port(@machine)
+
+      # If you are having troubles with the iptables rule, you can flush it with:
+      # sudo iptables -t nat -F
+
+      cmd = <<EOF
+sudo iptables -t nat -A OUTPUT -p tcp -d 169.254.169.254 -j DNAT --to-destination #{host_ip}:#{port} || echo 'Error setting up iptables rule.'
+grep -q -F '169.254.169.254 instance-data' /etc/hosts || echo "# Added by vagrant-ec2-metadata:\n169.254.169.254 instance-data" | sudo tee -a /etc/hosts >/dev/null
+EOF
+
+      @machine.ui.info("Setting up an iptables rule for the EC2 metadata server (port #{port}).")
+      @machine.action(:ssh_run,
+                      ssh_run_command: cmd,
+                      ssh_opts: {extra_args: []})
+    end
+  end
+
+  class Command < Vagrant.plugin("2", :command)
+    def self.synopsis
+      "starts the EC2 metadata server"
+    end
+
+    def execute
+      options = {}
+      opts = OptionParser.new do |o|
+        o.banner = "Usage: vagrant ec2-metadata [options] [name|id]"
+        o.separator ""
+        o.separator "Options:"
+        o.separator ""
+        o.on("-d", "--daemonize", "Daemonize the servers") do |h|
+          options[:daemonize] = h
+        end
+      end
+      argv = parse_options(opts)
+      return if !argv
+
+      if options[:daemonize]
+        puts "Daemonizing servers."
+      end
+
+      argv = @env.active_machines.map(&:first).map(&:to_s) if argv.empty?
+      require_relative "vagrant-ec2-metadata/server"
+      threads = []
+      with_target_vms(argv) do |machine|
+        port = Config.port(machine)
+        config = machine.config.ec2_metadata
+        machine.ui.info("Using profile #{machine.config.ec2_metadata.profile}#{config.role_arn ? " with role #{config.role_arn}":""} (port #{port})")
+        thread = Thread.new do
+          server = VagrantEc2Metadata::Server.new(config, port, options, @env)
+          server.start
+        end
+        threads.push(thread)
+      end
+      threads.map(&:join)
+    end
+  end
+
+  class Plugin < Vagrant.plugin("2")
+    name "ec2-metadata"
+    description "Easily provide vagrant machines with AWS credentials by faking an EC2 metadata server."
+
+    config("ec2_metadata") do
+      Config
+    end
+
+    provisioner("ec2-metadata") do
+      Provisioner
+    end
+
+    command("ec2-metadata") do
+      Command
+    end
+  end
+end

data.tar.gz.sig

@@ -0,0 +1,2 @@
+���D�*��a�x�8�<�*9�o}�����T4J����f���jS�,�h)���g�ˑ+s��u�<I��Y���8�
+-�g]��MKj.������?��6��P3��v^_����

metadata

@@ -0,0 +1,71 @@
+--- !ruby/object:Gem::Specification
+name: vagrant-ec2-metadata
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- Stefan Sundin
+autorequire: 
+bindir: bin
+cert_chain:
+- |
+  -----BEGIN CERTIFICATE-----
+  MIIDjjCCAnagAwIBAgIBATANBgkqhkiG9w0BAQUFADBGMREwDwYDVQQDDAhydWJ5
+  Z2VtczEcMBoGCgmSJomT8ixkARkWDHN0ZWZhbnN1bmRpbjETMBEGCgmSJomT8ixk
+  ARkWA2NvbTAeFw0xNjEyMjUwNjE1MjVaFw0yNjEyMjMwNjE1MjVaMEYxETAPBgNV
+  BAMMCHJ1YnlnZW1zMRwwGgYKCZImiZPyLGQBGRYMc3RlZmFuc3VuZGluMRMwEQYK
+  CZImiZPyLGQBGRYDY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
+  w1R+aqbSeZjouJP4SvaMtqaJCMnJzpKo4JY6DL/nkqLxfiaTGWx+00mEZJVamdC2
+  JqkMIxdWuyyybJjg0X9xHRKEiTwC3GrEIZu9LmWhsul5i7vyOvddvlHROLHoYMS6
+  gpILOLkKrVCaDnRnOYDkCGDnu71++HOQHgx0CbnqdNegRmBN8WZRIb6H0jurZhsx
+  WepGRF1YjOJ2Q3UL6UNE0IjXTrUTO4QUOIekau53jT5eQYVZAt5x+9GIkPbjnUTU
+  D/2LMpfIDldot08FuVFkZ4WX8NiJALWw50R89v8Ua6fOhky87CleVjvxPbZrMHY7
+  rXJDhoB1S0l2tFH8vMIpnwIDAQABo4GGMIGDMAkGA1UdEwQCMAAwCwYDVR0PBAQD
+  AgSwMB0GA1UdDgQWBBQRpF7HGYIDKCp3AHIksBaEDHzM1zAkBgNVHREEHTAbgRly
+  dWJ5Z2Vtc0BzdGVmYW5zdW5kaW4uY29tMCQGA1UdEgQdMBuBGXJ1YnlnZW1zQHN0
+  ZWZhbnN1bmRpbi5jb20wDQYJKoZIhvcNAQEFBQADggEBAJWwHS8TyssFdfejrrUq
+  kpP0smaCG0hkfD5+xp29HIu4VPyQZIju4DnlnUcj8jCYrJXCwBe6nyx5WAPG3ZIY
+  TzwSKVajyJbfgB4NcIE8qSLktx+PgWigqlYQzioqMLNMDpxw558OyGRuEr5hItnN
+  SRG/mEUFyjtyl8YS7o5QnSQlR+ZPlOURsKxHsGH0oQtN1EXRpyYWoaCIYT9wfuwY
+  shCB2umA9buEFZkDDXDLn+xe8+ZwJHUngtkB6/T8yLUeqpwnVzaPTnhJJstYpxaa
+  E04BZKo2WzOTzSDymo97Yu4YFgyc98umMyeaCvPk4YmdNzqSanAXpY2bnsyu0CF5
+  Td0=
+  -----END CERTIFICATE-----
+date: 2017-10-29 00:00:00.000000000 Z
+dependencies: []
+description: Easily provide vagrant machines with AWS credentials by faking an EC2
+  metadata server.
+email:
+- rubygems@stefansundin.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- lib/vagrant-ec2-metadata.rb
+- lib/vagrant-ec2-metadata/server.rb
+- lib/vagrant-ec2-metadata/version.rb
+homepage: https://github.com/stefansundin/vagrant-ec2-metadata
+licenses:
+- GPL-3.0
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.6.13
+signing_key: 
+specification_version: 4
+summary: Easily provide vagrant machines with AWS credentials.
+test_files: []