-
Notifications
You must be signed in to change notification settings - Fork 66
Expand file tree
/
Copy pathagent
More file actions
44 lines (39 loc) · 1.11 KB
/
agent
File metadata and controls
44 lines (39 loc) · 1.11 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
#!/bin/bash
set -eu
if [[ -z "${SHIELD_API:-}" ]]; then
echo >&2 "SHIELD_API not set in environment."
echo >&2
echo >&2 "Please set this to the full URL of your SHIELD core"
exit 1
fi
mkdir -p /etc/shield
if [[ ! -f /etc/shield/ssh.key ]]; then
ssh-keygen -m PEM -t rsa -f /etc/shield/ssh.key -N ''
rm -f /etc/shield/ssh.key.pub
fi
echo "waiting for SHIELD Core to spin up on ${SHIELD_API}..."
count=240
while ! curl -Ls ${SHIELD_API}/v2/info 2>/dev/null | grep -q '"api"'; do
sleep 1
count=$(( count - 1 ))
if [[ $count == 0 ]]; then
echo >&2 "failed to find SHIELD core after 4 minutes; giving up."
exit 2
fi
done
curl "${SHIELD_API}/v1/meta/pubkey" >> /etc/shield/authorized_keys
cat > /etc/shield/agent.conf <<EOF
---
authorized_keys_file: /etc/shield/authorized_keys
host_key_file: /etc/shield/ssh.key
listen_address: 0.0.0.0:5444
plugin_paths:
- /shield/plugins
name: ${SHIELD_AGENT_NAME:-$(hostname)}
registration:
url: ${SHIELD_API}
interval: ${SHIELD_REGISTRATION_INTERVAL:-15}
EOF
export PATH=$PATH:/shield/bin
exec /shield/bin/shield-agent --config "/etc/shield/agent.conf" "$@"
exit 1