41 lines
867 B
Bash
Executable file
41 lines
867 B
Bash
Executable file
#!/bin/bash
|
|
|
|
if ! ( which vault > /dev/null ); then
|
|
error "vault is required."
|
|
exit 2
|
|
fi
|
|
|
|
|
|
# If we can list the environments there is no need to unlock the database
|
|
if ( awsenv list > /dev/null 2>&1 ); then
|
|
echo "Database already unlocked."
|
|
exit 0
|
|
fi
|
|
|
|
# Retrieve key from LastPass
|
|
PWD=$(vault read -field=passphrase "/secret/private/awsenv")
|
|
|
|
# In case Vault exitted non-zero we have no password
|
|
if ! [ $? -eq 0 ]; then
|
|
echo "Unable to get password. Not trying to unlock."
|
|
exit 1
|
|
fi
|
|
|
|
# Fill password to ssh-add utility
|
|
expect <<EOF >/dev/null
|
|
spawn -ignore HUP awsenv unlock
|
|
expect "Password: "
|
|
send "$PWD\n"
|
|
expect "Database unlocked."
|
|
expect eof
|
|
EOF
|
|
|
|
# Check whether awsenv was unlocked
|
|
if ( awsenv list > /dev/null 2>&1 ); then
|
|
echo "Database unlocked successfully"
|
|
exit 0
|
|
else
|
|
echo "Found passphrase but could not unlock database."
|
|
exit 1
|
|
fi
|
|
|