From 4ae3ec5ec4199c33ba4e1e3dcec741c3d2777937 Mon Sep 17 00:00:00 2001
From: Knut Ahlers <knut@ahlers.me>
Date: Sat, 11 Jan 2020 13:49:05 +0100
Subject: [PATCH] Add shareport wrapper

Signed-off-by: Knut Ahlers <knut@ahlers.me>
---
 .config/shareport.remote.sh | 59 +++++++++++++++++++++++++++++++++++++
 bin/shareport               | 31 +++++++++++++++++++
 2 files changed, 90 insertions(+)
 create mode 100644 .config/shareport.remote.sh
 create mode 100755 bin/shareport

diff --git a/.config/shareport.remote.sh b/.config/shareport.remote.sh
new file mode 100644
index 0000000..b7ac35d
--- /dev/null
+++ b/.config/shareport.remote.sh
@@ -0,0 +1,59 @@
+function gen_prefix() {
+	cat /dev/urandom | tr -dc 'a-z0-9' | head -c 8 || true
+}
+
+# Generate an unique ID and set config path for it
+share_id=${FQDN_PREFIX:-}
+while :; do
+	config_file="/home/shareport/nginx/shareport_${share_id}.conf"
+
+	if [[ -z $share_id ]] || [[ -e $config_file ]]; then
+		share_id=$(gen_prefix)
+		continue
+	fi
+
+	break
+done
+
+# Ensure configuration directory is there
+mkdir -p $(dirname ${config_file})
+
+# Create nginx configuration for new share
+cat -s <<EOF >${config_file}
+server {
+  listen        443 ssl http2;
+  server_name   ${share_id}.knut.dev;
+  
+  ssl_certificate     /data/ssl/nginxle/knut.dev.pem;
+  ssl_certificate_key /data/ssl/nginxle/knut.dev.key;
+  
+  location / {
+    proxy_pass          http://${LISTEN};
+    proxy_set_header    Upgrade \$http_upgrade;
+    proxy_set_header    Connection "Upgrade";
+    proxy_set_header    Host \$host;
+    proxy_set_header    X-Real-IP \$remote_addr;
+    proxy_set_header    X-Forwarded-For \$proxy_add_x_forwarded_for;
+    proxy_set_header    X-Forwarded-Proto \$scheme;
+  }
+}
+EOF
+
+# Register cleanup for script exit
+function cleanup() {
+	rm -f \
+		${config_file}
+	sudo /bin/systemctl reload nginx.service
+}
+trap cleanup EXIT
+
+# Reload nginx to apply new config
+sudo /bin/systemctl reload nginx.service
+
+# Let user know where to look
+echo
+echo "Listening on https://${share_id}.knut.dev/"
+echo
+
+# Keep active until program exits
+while :; do sleep 5m; done
diff --git a/bin/shareport b/bin/shareport
new file mode 100755
index 0000000..b05a182
--- /dev/null
+++ b/bin/shareport
@@ -0,0 +1,31 @@
+#!/bin/bash
+set -euo pipefail
+
+source "${HOME}/bin/script_framework.sh"
+
+port="${1:-}"
+[[ -n $port ]] || fatal "Missing local port as first argument"
+
+# Get real shareport command
+shareport=$(which -a shareport | grep -v $0 | head -n1)
+
+step "Fetching secrets..."
+export IDENTITY_FILE=$(mktemp)
+export IDENTITY_FILE_PASSWORD=$(vault read -field=passphrase secret/ssh-key/shareport)
+
+vault read -field=private secret/ssh-key/shareport >${IDENTITY_FILE}
+
+# Configure remote
+export REMOTE_HOST=knut.dev:22
+export REMOTE_SCRIPT="${HOME}/.config/shareport.remote.sh"
+export REMOTE_USER=shareport
+
+# Setup removal of SSH key after exit
+function cleanup() {
+	step "Cleaning up..."
+	rm -f ${IDENTITY_FILE}
+}
+trap cleanup EXIT
+
+step "Starting shareport..."
+$shareport --local-addr "localhost:$1"