feat(ssh_locker): implement ssh locker helper scripts and configuration for Duo API integration

This commit is contained in:
2025-05-22 22:55:27 +02:00
parent f6be1d5dbe
commit 071b4eea9e
13 changed files with 360 additions and 3 deletions
-3
View File
@@ -1,3 +0,0 @@
#!/bin/bash
POD_NAME=$(kubectl get pods -n nextcloud -l app=nextcloud -o jsonpath="{.items[0].metadata.name}")
kubectl -n nextcloud exec -it $POD_NAME -- /bin/su -s /bin/bash www-data -c "/var/www/html/occ $*"
Executable
+15
View File
@@ -0,0 +1,15 @@
#bin/bash
function usage() {
echo "Usage: ssh_locker_helper <user> <action>"
echo "Actions:"
echo " lock - Lock the SSH locker"
echo " unlock - Unlock the SSH locker"
}
if [ -z "$1" ] || [ -z "$2" ]; then
usage
exit 1
fi
sectool exec bash -c "bin/ssh_locker_helper $1 $2"
+27
View File
@@ -0,0 +1,27 @@
#/!/bin/bash
function usage() {
echo "Usage: ssh_locker_helper <user> <action>"
echo "Actions:"
echo " lock - Lock the SSH locker"
echo " unlock - Unlock the SSH locker"
}
if [ -z "$SERVER_API_ACCESS_TOKEN" ]; then
echo "Please set the SERVER_API_ACCESS_TOKEN environment variable."
exit 1
fi
if [ -z "$1" ] || [ -z "$2" ]; then
usage
exit 1
fi
response=$(curl -s -o /dev/null -w "%{redirect_url}" \
-X POST https://alexpires.me/api/ssh_locker/action \
-H "Content-Type: application/json" \
-H "X-Auth-Token: $SERVER_API_ACCESS_TOKEN" \
-d '{"user":"'$1'","action":"'$2'"}')
if [ -n "$response" ]; then
xdg-open "$response"
else
echo "No redirect URL received."
fi