utopiah
/
offline-octopus
1
0
Fork 0
Code Issues 23 Pull Requests Packages Projects Releases Wiki Activity

sshfs mount example

Browse Source
reverse-proxy
Fabien Benetou 1 year ago
parent 8ef9bf1abd
commit 3a3a682769
1 changed files with 50 additions and 26 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 76
      index.js

76
index.js
Unescape View File

@ -12,15 +12,10 @@ const port = process.env.PORT || 8082;
const protocol = 'https'
const subclass = '192.168.4.'
// Setup and configure Express http server.
const app = express();
app.use(express.static(path.resolve(__dirname, ".", "examples")));
const publicKeyPath = path.resolve(process.env.HOME,'.ssh','id_rsa_offlineoctopus.pub')
const publicKey = fs.readFileSync(publicKeyPath).toString().split(' ')[1]
app.use(function(req, res, next) {
res.header("Access-Control-Allow-Origin", "*");
res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
next();
});
const md5fromPub = fs.readFileSync( path.resolve(__dirname, ".keyfrommd5")).toString().replace('\n','')
process.title = 'offtopus' // offline-octopus seems too long
@ -69,16 +64,14 @@ const utilsCmd = { // security risk but for now not accepting user input so safe
// security risk if relying on user provided name, e.g replacing acorn by user input
// example that could be generalized to other package managers e.g .deb or opkg
}
// example to disentangle own work for cloning existing repositories
// find ~/Prototypes/ -depth -maxdepth 4 -wholename "*/.git/config" | xargs grep -l git.benetou.fr | sed "s|.*Prototypes/\(.*\)/.git/config|\1|"
// could be interesting to consider also recent containers and ~/.bashrc for services
const instructions = `
/home/deck/.ssh/
trusted context, i.e on closed WiFi and over https, still. could check as bearer
trusted context, i.e on closed WiFi and over https with bearer authorization
/home/deck/.ssh/config
could limit to known IP range or class e.g cat .ssh/config | grep 192.168.4. -C 3
limit to known IP subclass e.g cat .ssh/config | grep 192.168.4. -C 3
see /sshconfig
could also re-add new entries rather than extend the format
/home/deck/server.locatedb
seems to be plain text with metadata
@ -99,6 +92,17 @@ util functions
const auth_instructions = `generate md5 from pub offline-octopus then provide as bearer query param`
// Setup and configure Express http server.
const app = express();
app.use(express.static(path.resolve(__dirname, ".", "examples")));
// CORS
app.use(function(req, res, next) {
res.header("Access-Control-Allow-Origin", "*");
res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
next();
});
app.get('/', (req, res) => {
res.send( instructions )
})
@ -108,6 +112,7 @@ app.get('/authtestviaheader', (req, res) => {
res.sendStatus(200)
// fetch('/authtestviaheader', {headers: {'authorization': 'Bearer '+ bearer}}).then(r=>r.text()).then(t=>console.log(t))
// prevents from showing in browser history but also makes testing slightly harder
// consider next() for middleware instead of copy/pasting this line
})
app.get('/authtest', (req, res) => {
@ -270,18 +275,40 @@ app.get('/sshconfig', (req, res) => {
// should filter on foundPeers to avoid offline peers
})
// returns connections string for e.g sshfs
// note that stopping this process removes the mounts
function mountAll(){
getSshConfig().map( l => {
let cs = 'sshfs ' + l.name + ':'
if (l.custom)
cs+= l.custom
else
cs+='/home/'+l.user
return cs + ' ' + path.resolve(__dirname, "sshfsmounts", l.name)
} )
.map( l => execSync(l))
}
function getSshConfig(){
// here assume user deck
let txt = fs.readFileSync(sshconfigpath).toString()
return txt.split('Host ')
.filter( m => m.match(subclass) )
.map( c => {
p = c.replaceAll(' ','')
let all = c.replaceAll(' ','')
.split('\n')
let p = all
.filter(i=>i.match(/^[a-zA-Z]/));
return p.filter(pm=>pm.match('User '))[0].replace('User ','')+
p.filter(pm=>pm.match('HostName'))[0].replace('HostName ','@')
let custom = all
.filter(i=>i.match(/^#Dir /))[0]
?.split(' ')[1]
// custom ~/.ssh/config parameter as comment
// user here for home directory in termux
let user = p.filter(pm=>pm.match('User '))[0].replace('User ','')
let hostname = p.filter(pm=>pm.match('HostName'))[0].replace('HostName ','')
let connectionString = user + '@' + hostname
let port = p.filter(pm=>pm.match('Port'))[0]?.replace('Port ','')
if (port) connectionString += ':' + port
return {name: p[0], user, connectionString, custom}
})
}
@ -301,14 +328,11 @@ function getSshConfig(){
easier to revoke if need be
*/
const publicKeyPath = path.resolve(process.env.HOME,'.ssh','id_rsa_offlineoctopus.pub')
const publicKey = fs.readFileSync(publicKeyPath).toString().split(' ')[1]
const md5fromPub = fs.readFileSync( path.resolve(__dirname, ".keyfrommd5")).toString().replace('\n','')
app.get('/localprototypes', (req, res) => {
// res.json( spawn('find Prototypes/ -iwholename */.git/config | xargs grep git.benetou.fr') )
// should use execSync now
// examples to disentangle own work for cloned existing repositories :
// find Prototypes/ -iwholename */.git/config | xargs grep git.benetou.fr
// find ~/Prototypes/ -depth -maxdepth 4 -wholename "*/.git/config" | xargs grep -l git.benetou.fr | sed "s|.*Prototypes/\(.*\)/.git/config|\1|"
res.json( execConfiguredCommand('listprototypes') )
})
app.get('/editor/recover', (req, res) => {

Write Preview
Loading…
Cancel
Save