vasceannie/code-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
9701a6ed896b9c8d2ffbcb8ee64ceb6ab42b8e40
code-tools/cert-mgmt/scripts/create_inventory.sh
Travis Vasceannie 9701a6ed89 stuff
2025-09-29 14:14:30 +00:00

80 lines
2.9 KiB
Bash
Raw Blame History

#!/bin/zsh
# Network inventory generator for TLS certificate deployment
set -e
INVENTORY_FILE="inventory/network_inventory.yaml"
echo "Creating network inventory for certificate deployment..."
# Initialize inventory file
cat > "$INVENTORY_FILE" << 'YAML_START'
# TLS Certificate Deployment Inventory
# Generated: $(date -Iseconds)
network_info:
primary_ip: "192.168.50.210"
subnets:
- "192.168.50.0/24"
- "10.0.32.0/24"
- "10.0.43.0/24"
- "10.0.15.0/24"
# SSH-accessible hosts (exclude current host)
hosts:
YAML_START
# Scan for SSH-accessible hosts in the primary subnet
echo "Scanning for SSH-accessible hosts on 192.168.50.x..."
for i in {1..254}; do
ip="192.168.50.$i"
if [[ "$ip" != "192.168.50.210" ]]; then # Skip current host
if timeout 2 nc -z "$ip" 22 2>/dev/null; then
# Try to identify OS type
os_info=$(timeout 5 ssh -o StrictHostKeyChecking=no -o BatchMode=yes -o ConnectTimeout=3 "$ip" 'uname -s 2>/dev/null || echo "unknown"' 2>/dev/null || echo "ssh_failed")
echo " - ip: \"$ip\"" >> "$INVENTORY_FILE"
echo " ssh_accessible: true" >> "$INVENTORY_FILE"
echo " os_type: \"$os_info\"" >> "$INVENTORY_FILE"
echo " cert_paths:" >> "$INVENTORY_FILE"
echo " ca_certificates: \"/usr/local/share/ca-certificates/\"" >> "$INVENTORY_FILE"
echo " ssl_certs: \"/etc/ssl/git.lab/\"" >> "$INVENTORY_FILE"
echo "Found SSH host: $ip ($os_info)"
fi
fi
done
# Add Docker containers section
echo "" >> "$INVENTORY_FILE"
echo "# Docker containers (excluding Coolify-managed)" >> "$INVENTORY_FILE"
echo "containers:" >> "$INVENTORY_FILE"
# Get running containers, excluding Coolify-managed ones
docker ps --format "{{.Names}}\t{{.Image}}\t{{.ID}}" | while IFS=$'\t' read -r name image id; do
# Skip containers that appear to be Coolify-managed
if [[ ! "$name" =~ "vsgoso0skoo8ss08kg0ogcgo" ]] && [[ ! "$image" =~ "coolify" ]]; then
# Check if container has bash/sh
shell="sh"
if docker exec "$id" which bash >/dev/null 2>&1; then
shell="bash"
fi
echo " - name: \"$name\"" >> "$INVENTORY_FILE"
echo " id: \"$id\"" >> "$INVENTORY_FILE"
echo " image: \"$image\"" >> "$INVENTORY_FILE"
echo " shell: \"$shell\"" >> "$INVENTORY_FILE"
echo " cert_paths:" >> "$INVENTORY_FILE"
echo " ca_certificates: \"/usr/local/share/ca-certificates/\"" >> "$INVENTORY_FILE"
echo "Found container: $name ($image)"
fi
done
echo "" >> "$INVENTORY_FILE"
echo "# Certificate configuration" >> "$INVENTORY_FILE"
echo "certificate:" >> "$INVENTORY_FILE"
echo " domain: \"git.lab\"" >> "$INVENTORY_FILE"
echo " cert_file: \"git.lab.crt\"" >> "$INVENTORY_FILE"
echo " key_file: \"git.lab.key\"" >> "$INVENTORY_FILE"
echo " validity_days: 365" >> "$INVENTORY_FILE"
echo "Inventory created: $INVENTORY_FILE"
Reference in New Issue View Git Blame Copy Permalink