From 73427b9aa4eccc21c3a88a48a4f460a3fff5f5d6 Mon Sep 17 00:00:00 2001 From: Justin Wind Date: Mon, 24 Apr 2017 13:33:18 -0700 Subject: [PATCH] try to reuse quagga password --- ansible.cfg | 2 +- generate-ansible-vpcaccess-vars.sh | 17 ++++++++++++++++- 2 files changed, 17 insertions(+), 2 deletions(-) diff --git a/ansible.cfg b/ansible.cfg index de5f2b3..03122cf 100644 --- a/ansible.cfg +++ b/ansible.cfg @@ -3,4 +3,4 @@ retry_files_enabled = False host_key_checking = False inventory = inventory remote_user = ec2-user -private_key_file = keys/management.pem +private_key_file = keys/management diff --git a/generate-ansible-vpcaccess-vars.sh b/generate-ansible-vpcaccess-vars.sh index 0a5d14a..e951308 100755 --- a/generate-ansible-vpcaccess-vars.sh +++ b/generate-ansible-vpcaccess-vars.sh @@ -1,6 +1,7 @@ #!/bin/sh set -e +set -o pipefail if [ $# -ne 2 ] then @@ -14,6 +15,20 @@ cert="${1}_ca/pki/issued/${2}.${1}.crt" key="${1}_ca/pki/private/${2}.${1}.key" ta_secret="${1}_ca/pki/ta.key" +# reuse any extant quagga password +for v in "${1}"/group_vars/*vpcaccess* +do + if [ -n "${quagga_password}" ] + then + echo "found multiple potential quagga passwords; the chosen one may not be correct" 1>&2 + fi + quagga_password=$(awk '/QUAGGA_PASSWORD:/{print $2}' "${v}") +done +if [ -z "${quagga_password}" ] +then + quagga_password=$(pwgen -y 16) +fi + function onlycert(){ sed -n '/-----BEGIN /,/-----END /p' "$@" } @@ -23,7 +38,7 @@ function indent(){ cat<