#!/bin/bash set -e __PARENT_SHELL="$(ps -o comm= "$(ps -o ppid= $$ | xargs echo)")" __PARENT_SHELL="${__PARENT_SHELL//*\//}" __SCRIPT_NAME="$(basename "$0")" __COLOR_RED="\033[1;91m" __COLOR_GREEN="\033[1;32m" __COLOR_RESET="\033[0;0m" __VERSION="1.2.1" if [[ -z "$(tput colors)" ]]; then __COLOR_RED="" __COLOR_GREEN="" __COLOR_RESET="" fi ####################################### # Lists available environments configured for the current user. # Globals: # None # Arguments: # Any number of any type # Outputs: # Displays all arguments as an error, in red if colors are # supported. ####################################### error() { echo -e "${__COLOR_RED}$*${__COLOR_RESET}" } ####################################### # Shows how to use this script. Useful for "--help". # Globals: # None # Arguments: # $* - error message before usage instructions. The function # returns non-0 if any argument is provided ####################################### usage() { if [[ -n "$*" ]]; then error "$*" echo fi echo "Version: ${__VERSION}" echo echo "Usage:" echo " ${__SCRIPT_NAME} init --config --cert --key --ssh-key --license-file --version " echo " ${__SCRIPT_NAME} update --config --cert --key --ssh-key --license-file --version " echo " ${__SCRIPT_NAME} shell" echo echo "Commands:" echo " help Show this message." echo " init Starts a new wctl container with the given configuration." echo " update Updates the existing wctl container to a new version." echo " list Just lists all configured environments." echo " shell Starts shell in the environment, or the provided command." echo echo "Options:" echo " --name The name of the environment to install or upgrade (optional for update)." echo " --config Path to the configuration file (required for init and optional for update)." echo " --cert Path to the TLS certificate file (required for init and optional for update)." echo " --key Path to the TLS key file (required for init and optional for update)." echo " --ssh-key Path to the SSH private key file (required for init and optional for update)." echo " --license-file Path to the license key file (optional for init and update)" echo " --version Container version to init or update to (required for init and optional for update)." echo " --silent Suppress interactive confirmation prompts (optional)." echo echo "Examples:" echo " # Init a new management environment:" echo " ${__SCRIPT_NAME} init --config config.yaml \\" echo " --cert tls.crt --key tls.key \\" echo " --ssh-key ~/.ssh/id_rsa \\" echo " --license-file wallarm-license.txt \\" echo " --version ${__VERSION}" echo echo " # Update TLS certificates:" echo " ${__SCRIPT_NAME} update --cert tls.crt --key tls.key" echo echo " # Update license:" echo " ${__SCRIPT_NAME} update --license-file wallarm-license.txt" echo echo " # Update version:" echo " ${__SCRIPT_NAME} update --version ${__VERSION}" echo echo " # List, shell, and commands:" echo " ${__SCRIPT_NAME} list # List prepared environments" echo " ${__SCRIPT_NAME} shell # Enter the environment (interactively pick)" echo " ${__SCRIPT_NAME} shell dev # Enter the environment (no interactive pick, just shell)" echo " ${__SCRIPT_NAME} shell dev zsh # Enter the environment with zsh" echo echo " # Run the command in the specified environment:" echo " ${__SCRIPT_NAME} shell prod-cluster wctl status" if [[ -n "$*" ]]; then exit 1 fi exit 0 } ####################################### # Interactive confirm. # Globals: # None # Arguments: # $* - message ####################################### confirm() { if [[ "${WCTL_SILENT}" == "true" ]]; then return fi echo "$* [y/N]" read -rp "Enter your choice: " CONFIRM if [[ "${CONFIRM}" != "y" && "${CONFIRM}" != "Y" ]]; then error "Action aborted." exit 1 fi } ####################################### # Checks if all necessary software is available. # Globals: # None # Arguments: # None # Outputs: # Shows errors and exits if any. ####################################### preflight() { local _ERRORS="false" if ! which docker &>/dev/null; then error "No docker command available. Please install docker daemon." _ERRORS="true" fi if [[ "${_ERRORS}" != "false" ]]; then exit 1 fi } ####################################### # Checks if all necessary software is available. # Globals: # None # Arguments: # $2 - verb, usually "installed" or "updated" # Outputs: # Shows errors and exits if any. ####################################### report() { echo -e "${__COLOR_GREEN}Successfuly $2 \"$1\" wctl environment!${__COLOR_RESET}" echo -e "${__COLOR_GREEN}Now you can enter to the environment with the${__COLOR_RESET}" echo -e "${__COLOR_GREEN}following command:${__COLOR_RESET}" echo -e "${__COLOR_GREEN} ${__SCRIPT_NAME} shell $1${__COLOR_RESET}" echo -e } # Defaults WCTL_BASEDIR="${WCTL_BASEDIR:-"$(realpath ~)/.wctl"}" WCTL_REGISTRY="${WCTL_REGISTRY:-"registry.onprem.wallarm.com"}" WCTL_REGISTRY_USERNAME="__undefined__" # only from config WCTL_REGISTRY_PASSWORD="__undefined__" # only from config WCTL_NAME="${WCTL_NAME:-"__undefined__"}" WCTL_CONF_FILE="${WCTL_CONF_FILE:-"__undefined__"}" WCTL_CERT_FILE="${WCTL_CERT_FILE:-"__undefined__"}" WCTL_KEY_FILE="${WCTL_KEY_FILE:-"__undefined__"}" WCTL_SSH_KEY_FILE="${WCTL_SSH_KEY_FILE:-"__undefined__"}" WCTL_LICENSE_FILE="${WCTL_LICENSE_FILE:-"__undefined__"}" WCTL_VERSION="${WCTL_VERSION:-"__undefined__"}" WCTL_NETWORK="${WCTL_NETWORK:-"host"}" WCTL_SSH_AGENT="${WCTL_SSH_AGENT:-"__undefined__"}" WCTL_SILENT="${WCTL_SILENT:-"false"}" TERM="${TERM:-"dumb"}" _COMMAND="$1" # Parse CLI arguments case "${_COMMAND}" in "init"|"update") shift while [[ -n "$1" ]]; do case "$1" in "--name") WCTL_NAME="$2" shift 2 ;; "--config") WCTL_CONF_FILE="$2" shift 2 ;; "--cert") WCTL_CERT_FILE="$2" shift 2 ;; "--key") WCTL_KEY_FILE="$2" shift 2 ;; "--ssh-key") WCTL_SSH_KEY_FILE="$2" shift 2 ;; "--license-file") WCTL_LICENSE_FILE="$2" shift 2 ;; "--version") WCTL_VERSION="$2" shift 2 ;; "--silent") WCTL_SILENT="true" shift ;; *) usage "Invalid argument \"$1\"." ;; esac done ;; "list"|"shell") shift ;; ""|"help"|"-h"|"--help") usage ;; *) usage "Invalid argument \"$1\"." ;; esac # Validate and set defaults for other variables if [[ "${WCTL_NETWORK}" == "__undefined__" ]]; then WCTL_NETWORK=() else # shellcheck disable=SC2128 WCTL_NETWORK=("--network" "${WCTL_NETWORK}") fi if [[ "${WCTL_SSH_AGENT}" != "__undefined__" ]] && [[ -n "${SSH_AUTH_SOCK}" ]] && [[ -S "${SSH_AUTH_SOCK}" ]]; then WCTL_SSH_AGENT=("--volume" "${SSH_AUTH_SOCK}:/var/run/ssh-agent.sock" "-e" "SSH_AUTH_SOCK=/var/run/ssh-agent.sock") else WCTL_SSH_AGENT=() fi if [[ "${WCTL_CONF_FILE}" != "__undefined__" ]]; then if [[ "$(grep -Eo 'dr_mode:[ ]?[^ ]+' "$WCTL_CONF_FILE" | cut -d ':' -f 2 | xargs echo | cut -d ' ' -f 1 | xargs echo)" == "disabled" ]]; then WCTL_NAME="$(grep -Eo '^env:[ ]?[^ ]+' "$WCTL_CONF_FILE" | cut -d ':' -f 2 | xargs echo | cut -d ' ' -f 1 | xargs echo)-$(grep -Eo 'mode:[ ]?[^ ]+' "$WCTL_CONF_FILE" | cut -d ':' -f 2 | xargs echo | cut -d ' ' -f 1 | xargs echo)" else WCTL_NAME="$(grep -Eo '^env:[ ]?[^ ]+' "$WCTL_CONF_FILE" | cut -d ':' -f 2 | xargs echo | cut -d ' ' -f 1 | xargs echo)-$(grep -Eo 'mode:[ ]?[^ ]+' "$WCTL_CONF_FILE" | cut -d ':' -f 2 | xargs echo | cut -d ' ' -f 1 | xargs echo)-$(grep -Eo 'dr_mode:[ ]?[^ ]+' "$WCTL_CONF_FILE" | cut -d ':' -f 2 | xargs echo | cut -d ' ' -f 1 | xargs echo)" fi fi ####################################### # Performs authentication in container registry. # Globals: # WCTL_REGISTRY # Arguments: # $1 - config file path ####################################### login() { if grep -Eq '^username:[ ]?[^ ]+' "$1" &>/dev/null; then WCTL_REGISTRY_USERNAME="$(grep -Eo '^username:[ ]?[^ ]+' "$1" | cut -d ':' -f 2 | xargs echo | cut -d ' ' -f 1 | xargs echo)" else usage "Cannot parse config file. Is it YAML with \"username: something\" line?" fi if grep -Eq '^password:[ ]?[^ ]+' "$1" &>/dev/null; then WCTL_REGISTRY_PASSWORD="$(grep -Eo '^password:[ ]?[^ ]+' "$1" | cut -d ':' -f 2 | xargs echo | cut -d ' ' -f 1 | xargs echo)" else usage "Cannot parse config file. Is it YAML with \"password: something\" line?" fi if [[ -z "${WCTL_REGISTRY_USERNAME}" || -z "${WCTL_REGISTRY_PASSWORD}" ]]; then error "Unable to extract credentials from config file. Is it YAML with \"username\" and \"password\" keys?" exit 1 fi if ! docker login "${WCTL_REGISTRY}" -u "${WCTL_REGISTRY_USERNAME}" -p "${WCTL_REGISTRY_PASSWORD}" &>/dev/null; then error "Failed to authenticate in the container registry. Please ensure the credentials" error "in the configuration file are correct." exit 1 fi } ####################################### # Just pulls the container registry. # Globals: # WCTL_REGISTRY # Arguments: # $1 - version of the image (tag) ####################################### pull() { if ! docker pull "${WCTL_REGISTRY}/installer/wctl:$1"; then error "Failed to pull the container image. Please ensure you defined" error "the correct version." exit 1 fi } ####################################### # Detects the shell used for starting this script. # Globals: # None # Arguments: # None # Outputs: # Outputs to stdout just the shell type. Only "bash", "zsh", # and "sh" are supported. Fallbacks to "bash" in case of any # error or unknown shell. ####################################### detect_parent_shell() { _SHELL="bash" case "${__PARENT_SHELL}" in "zsh") _SHELL="zsh" ;; "bash") _SHELL="bash" ;; "sh") _SHELL="sh" ;; esac echo "${_SHELL}" } ####################################### # Lists available environments configured for the current user. # Globals: # WCTL_BASEDIR # Arguments: # None # Outputs: # Writes space-separated list of identified environments # to stdout or just "". Can output errors to stderr (in case # of no permissions to the base directory or so on). The list # is ordered by last modified time, the first is recent. ####################################### list() { # shellcheck disable=SC2011 items=$(ls -1At "${WCTL_BASEDIR}" 2>/dev/null) echo "List of environments:" for item in $items; do if [[ "$item" == .* ]]; then continue fi version_file="${WCTL_BASEDIR}/${item}/version" if [ -f "$version_file" ]; then version=$(cat "$version_file") echo "" echo "Name: ${item}" echo "Version: ${version}" else echo "" echo "Name: ${item}" echo "Version: Not found" fi done } list_identified() { # shellcheck disable=SC2011 ls -1At "${WCTL_BASEDIR}" 2>/dev/null | xargs echo } get_environment() { local _IDENTIFIED _IDENTIFIED="$(list_identified)" if [[ "${_IDENTIFIED}" == "" ]]; then error "No configured environments identified." exit 1 fi echo echo "Please specify which environment to use from the list below." echo echo "${_IDENTIFIED}" | tr ' ' '\n' _IDENTIFIED_FIRST=$(echo "${_IDENTIFIED}" | cut -d ' ' -f 1) echo read -rp "Environment name [${_IDENTIFIED_FIRST}]: " WCTL_NAME if [[ -z "${WCTL_NAME}" ]]; then WCTL_NAME="${_IDENTIFIED_FIRST}" fi if ! echo "${_IDENTIFIED}" | grep -Eq "(^| )${WCTL_NAME}( |$)"; then error "Invalid environment name." exit 1 fi # Check if exists if [[ ! -f "${WCTL_BASEDIR}/${WCTL_NAME}/version" ]]; then error "Environment \"${WCTL_NAME}\" not found or broken." exit 1 fi _ARGS=("$(detect_parent_shell)") } ####################################### # Creates the container with the corresponding volume and starts the # shell in there. The container terminates right after the command # finished or the shell closed. # Globals: # WCTL_BASEDIR # WCTL_NETWORK # hidden # WCTL_REGISTRY # hidden # Arguments: # ${@:2} - optional - subcommand to run in environment ####################################### shell() { if [[ -n "$1" ]]; then WCTL_NAME="$1" shift if [[ "$*" == "" ]]; then _ARGS=("$(detect_parent_shell)") else _ARGS=("${@}") fi else get_environment fi if [[ ! -f "${WCTL_BASEDIR}/${WCTL_NAME}/version" ]]; then error "Cannot shell into the specified environment. The environment" error "does not exist or outdated." error "" error "Please check the list of available environments:" error " ${__SCRIPT_NAME} list" error "" error "You can also reinitialize the environment with the new name (this" error "procedure will delete the environment):" error " sudo rm -rv \"${WCTL_BASEDIR}/${WCTL_NAME}\"" error " ${__SCRIPT_NAME} init \\"$'\n' \ " --config \"${WCTL_BASEDIR}/${WCTL_NAME}/conf/config.yaml\" \\"$'\n' \ " --cert \"${WCTL_BASEDIR}/${WCTL_NAME}/certs/tls.crt\" \\"$'\n' \ " --key \"${WCTL_BASEDIR}/${WCTL_NAME}/certs/tls.key\" \\"$'\n' \ " --ssh-key \"${WCTL_BASEDIR}/${WCTL_NAME}/ssh_key\" \\"$'\n' \ " --version \"\"" exit 1 fi WCTL_VERSION="$(cat "${WCTL_BASEDIR}/${WCTL_NAME}/version")" if [ -t 1 ]; then DOCKER_FLAGS=(-it) else DOCKER_FLAGS=(-i --privileged) fi if docker ps -a --filter "name=wctl-${WCTL_NAME}" --format '{{.Names}}' | grep -w "wctl-${WCTL_NAME}" > /dev/null; then docker exec "${DOCKER_FLAGS[@]}" "wctl-${WCTL_NAME}" init-via-user.sh "$(id -u)" "$(id -g)" "${_ARGS[@]}" else docker run --rm "${DOCKER_FLAGS[@]}" \ --name "wctl-${WCTL_NAME}" \ --volume "${WCTL_BASEDIR}/${WCTL_NAME}:/opt/wctl:rw" \ --volume "${WCTL_BASEDIR}/${WCTL_NAME}/cache/zsh:/opt/wctl/cache/zsh:rw" \ --volume "${WCTL_BASEDIR}/${WCTL_NAME}/cache/bash:/opt/wctl/cache/bash:rw" \ --hostname "wctl-${WCTL_NAME}" \ --add-host "wctl-${WCTL_NAME}:127.0.0.1" \ "${WCTL_NETWORK[@]}" \ "${WCTL_SSH_AGENT[@]}" \ "${WCTL_REGISTRY}/installer/wctl:${WCTL_VERSION}" \ init-via-user.sh "$(id -u)" "$(id -g)" "${_ARGS[@]}" fi exit } ####################################### # Performs the initial configuration of the necessary files and # directory tree in the corresponding directory. Also pulls the # image. # Globals: # WCTL_BASEDIR # WCTL_NAME # WCTL_CONF_FILE # WCTL_CERT_FILE # WCTL_KEY_FILE # WCTL_SSH_KEY_FILE # WCTL_VERSION # WCTL_REGISTRY # hidden ####################################### init() { # validate required if [[ "${WCTL_CONF_FILE}" == "__undefined__" ]]; then usage "You must specify config file." else if [[ ! -f "${WCTL_CONF_FILE}" ]]; then usage "File \"${WCTL_CONF_FILE}\" not found." fi fi if [[ "${WCTL_CERT_FILE}" == "__undefined__" ]] || [[ "${WCTL_KEY_FILE}" == "__undefined__" ]]; then usage "You must specify SSL certificate and key files to use." else if [[ ! -f "${WCTL_CERT_FILE}" ]] || [[ ! -f "${WCTL_KEY_FILE}" ]]; then usage "Files \"${WCTL_CERT_FILE}\" and/or \"${WCTL_KEY_FILE}\" not found." fi fi if [[ "${WCTL_SSH_KEY_FILE}" == "__undefined__" ]]; then usage "You must specify ssh key file." else if [[ ! -f "${WCTL_SSH_KEY_FILE}" ]]; then usage "File \"${WCTL_SSH_KEY_FILE}\" not found." fi fi if [[ "${WCTL_LICENSE_FILE}" != "__undefined__" ]]; then if [[ ! -f "${WCTL_LICENSE_FILE}" ]]; then usage "File \"${WCTL_LICENSE_FILE}\" not found." fi fi # Parse config for particular values if ! grep -Eq '^env:[ ]?[^ ]+' "${WCTL_CONF_FILE}" &>/dev/null; then # It will be overriden while initialization, but we need a place in config usage "Cannot parse config file. Is it YAML with \"env: something\" line?" fi # Check if already exists if [[ -d "${WCTL_BASEDIR}/${WCTL_NAME}" ]]; then error "Environment \"${WCTL_NAME}\" already exists. This procedure may" error "damage this management environment. Please consider using different" error "environment name. Aboring..." echo error "If you want to override existing management environment, please" error "remove the previous configuration with the command:" error " sudo rm -rv \"${WCTL_BASEDIR}/${WCTL_NAME}\"" sleep 1 exit 1 fi login "${WCTL_CONF_FILE}" if [[ "${WCTL_VERSION}" == "__undefined__" ]]; then WCTL_VERSION="latest" fi # Resolve version pull "${WCTL_VERSION}" if [[ "${WCTL_VERSION}" == "latest" ]]; then WCTL_VERSION=$(docker run --rm -i --entrypoint "" "${WCTL_REGISTRY}/installer/wctl:${WCTL_VERSION}" cat /version) pull "${WCTL_VERSION}" fi confirm "Proceed with the new management node \"${WCTL_NAME}\"?" # Transaction-wise set +e ( mkdir -p "${WCTL_BASEDIR}/${WCTL_NAME}/"{,conf,certs,kube,logs,values,cache/zsh,cache/bash} # Copy config file cp "${WCTL_CONF_FILE}" "${WCTL_BASEDIR}/${WCTL_NAME}/conf/config.yaml" # Copy remaining files and configs cp "${WCTL_CERT_FILE}" "${WCTL_BASEDIR}/${WCTL_NAME}/certs/tls.crt" cp "${WCTL_KEY_FILE}" "${WCTL_BASEDIR}/${WCTL_NAME}/certs/tls.key" cp "${WCTL_SSH_KEY_FILE}" "${WCTL_BASEDIR}/${WCTL_NAME}/ssh_key" cp "${WCTL_LICENSE_FILE}" "${WCTL_BASEDIR}/${WCTL_NAME}/wallarm-license.txt" chown -R "$(id -u):$(id -g)" "${WCTL_BASEDIR}/${WCTL_NAME}" echo "${WCTL_VERSION}" > "${WCTL_BASEDIR}/${WCTL_NAME}/version" ) # shellcheck disable=SC2181 if [[ "$?" != "0" ]]; then error "Failed to create the management environment. See output" error "above." echo error "You may want to remove this management environment to free" error "the envinment name and corresponding resources. If so, please" error "use the following command:" error " sudo rm -rv \"${WCTL_BASEDIR}/${WCTL_NAME}\"" sleep 1 exit 1 fi set -e report "${WCTL_NAME}" "installed" if [[ "${WCTL_SILENT}" == "true" ]]; then echo "export WCTL_NAME=\"${WCTL_NAME}\"" > "${WCTL_BASEDIR}/.context" return fi } ####################################### # Updates the configuration of the environment. Also pulls the # image. # Globals: # WCTL_BASEDIR # WCTL_NAME # WCTL_CONF_FILE # WCTL_CERT_FILE # WCTL_KEY_FILE # WCTL_SSH_KEY_FILE # WCTL_LICENSE_FILE # WCTL_VERSION # WCTL_REGISTRY # hidden ####################################### update() { local _U_CONFIG="false" local _U_CRT="false" local _U_KEY="false" local _U_SSH="false" local _U_LICENSE="false" local _U_VERSION="false" if [[ "${WCTL_NAME}" != "__undefined__" ]]; then if [[ ! -d "${WCTL_BASEDIR}/${WCTL_NAME}" ]]; then get_environment fi else get_environment fi # Mark config to update if [[ "${WCTL_CONF_FILE}" != "__undefined__" ]]; then if [[ ! -f "${WCTL_CONF_FILE}" ]]; then error "File \"${WCTL_CONF_FILE}\" not found." exit 1 else _U_CONFIG="true" fi fi # Mark TLS settings to update if [[ "${WCTL_CERT_FILE}" != "__undefined__" ]]; then if [[ ! -f "${WCTL_CERT_FILE}" ]]; then error "File \"${WCTL_CERT_FILE}\" not found." exit 1 else _U_CRT="true" fi fi if [[ "${WCTL_KEY_FILE}" != "__undefined__" ]]; then if [[ ! -f "${WCTL_KEY_FILE}" ]]; then error "File \"${WCTL_KEY_FILE}\" not found." exit 1 else _U_KEY="true" fi fi # Mark SSH key to update if [[ "${WCTL_SSH_KEY_FILE}" != "__undefined__" ]]; then if [[ ! -f "${WCTL_SSH_KEY_FILE}" ]]; then error "File \"${WCTL_SSH_KEY_FILE}\" not found." exit 1 else _U_SSH="true" fi fi # Mark license key file to update if [[ "${WCTL_LICENSE_FILE}" != "__undefined__" ]]; then if [[ ! -f "${WCTL_LICENSE_FILE}" ]]; then error "File \"${WCTL_LICENSE_FILE}\" not found." exit 1 else _U_LICENSE="true" fi fi # If no version provided, then use the existing one if [[ "${WCTL_VERSION}" == "__undefined__" ]]; then WCTL_VERSION="$(cat "${WCTL_BASEDIR}/${WCTL_NAME}/version")" else # Resolve version if [[ "${WCTL_CONF_FILE}" != "__undefined__" ]]; then login "${WCTL_CONF_FILE}" fi pull "${WCTL_VERSION}" if [[ "${WCTL_VERSION}" == "latest" ]]; then WCTL_VERSION=$(docker run --rm -i --entrypoint "" "${WCTL_REGISTRY}/installer/wctl:${WCTL_VERSION}" cat /version) pull "${WCTL_VERSION}" fi _U_VERSION="true" fi # If no arguments, then nothing to update if [[ "${_U_CONFIG}" == "false" ]] && [[ "${_U_CRT}" == "false" ]] && [[ "${_U_KEY}" == "false" ]] && [[ "${_U_SSH}" == "false" ]] && [[ "${WCTL_VERSION}" == "__undefined__" ]]; then echo "Nothing to update. Please provide arguments." exit 0 fi confirm "Proceed with update management node \"${WCTL_NAME}\"?" # Override config if [[ "${_U_CONFIG}" == "true" ]]; then if [[ -f "${WCTL_BASEDIR}/${WCTL_NAME}/conf/config.yaml" ]]; then cp "${WCTL_BASEDIR}/${WCTL_NAME}/conf/config.yaml" "${WCTL_BASEDIR}/${WCTL_NAME}/conf/config.backup.$(date +%s).yaml" fi cp "${WCTL_CONF_FILE}" "${WCTL_BASEDIR}/${WCTL_NAME}/conf/config.yaml" fi # Override TLS settings if [[ "${_U_CRT}" == "true" ]]; then if [[ -f "${WCTL_BASEDIR}/${WCTL_NAME}/certs/tls.crt" ]]; then cp "${WCTL_BASEDIR}/${WCTL_NAME}/certs/tls.crt" "${WCTL_BASEDIR}/${WCTL_NAME}/certs/tls.backup.$(date +%s).crt" fi cp "${WCTL_CERT_FILE}" "${WCTL_BASEDIR}/${WCTL_NAME}/certs/tls.crt" fi if [[ "${_U_KEY}" == "true" ]]; then if [[ -f "${WCTL_BASEDIR}/${WCTL_NAME}/certs/tls.key" ]]; then cp "${WCTL_BASEDIR}/${WCTL_NAME}/certs/tls.key" "${WCTL_BASEDIR}/${WCTL_NAME}/certs/tls.backup.$(date +%s).key" fi cp "${WCTL_KEY_FILE}" "${WCTL_BASEDIR}/${WCTL_NAME}/certs/tls.key" fi # Override SSH key if [[ "${_U_SSH}" == "true" ]]; then if [[ -f "${WCTL_BASEDIR}/${WCTL_NAME}/ssh_key" ]]; then cp "${WCTL_BASEDIR}/${WCTL_NAME}/ssh_key" "${WCTL_BASEDIR}/${WCTL_NAME}/ssh_key.backup.$(date +%s)" fi cp "${WCTL_SSH_KEY_FILE}" "${WCTL_BASEDIR}/${WCTL_NAME}/ssh_key" fi # Override license key file if [[ "${_U_LICENSE}" == "true" ]]; then if [[ -f "${WCTL_BASEDIR}/${WCTL_NAME}/wallarm-license.txt" ]]; then cp "${WCTL_BASEDIR}/${WCTL_NAME}/wallarm-license.txt" "${WCTL_BASEDIR}/${WCTL_NAME}/wallarm-license.txt.backup.$(date +%s)" fi cp "${WCTL_LICENSE_FILE}" "${WCTL_BASEDIR}/${WCTL_NAME}/wallarm-license.txt" fi # Update version if [[ "${_U_VERSION}" == "true" ]]; then if [[ -f "${WCTL_BASEDIR}/${WCTL_NAME}/version" ]]; then cp "${WCTL_BASEDIR}/${WCTL_NAME}/version" "${WCTL_BASEDIR}/${WCTL_NAME}/version.backup.$(date +%s)" fi echo "${WCTL_VERSION}" > "${WCTL_BASEDIR}/${WCTL_NAME}/version" fi chown -R "$(id -u):$(id -g)" "${WCTL_BASEDIR}/${WCTL_NAME}" report "${WCTL_NAME}" "updated" } preflight case "${_COMMAND}" in "init") init ;; "update") update ;; "list") list ;; "shell") shell "$@" ;; esac