smoser/README.md

## README.md

      
    Raw
  

              README.md
            
          
    Example contents of .euca directory for a user

This is example ~/.euca contents for a user.
Documentation on this is found at
upstream.
See also example in source.

defaults.ini: default region and user config (default-*) configuration
myaws-user.ini: example user stanza (providing credentials).  This should be readable only by you (chmod go-r myuser.ini).
generate-aws: script to generate the aws.ini file as it is repetitive.
aws.ini: example generated with generate-aws
novarc2eucad: script to convert an openstack novarc to .euca directory.


## aws.ini
[region aws:*]
; AWS (shared by all regions)
iam-url = use aws:us-east-1
sts-url = use aws:us-east-1
certificate = /usr/share/euca2ools/certs/cert-ec2.pem
verify-ssl = true

[region aws:ap-northeast-1]
iam-url = https://iam.amazon.aws.com/
ec2-url = https://ec2.ap-northeast-1.amazonaws.com/
autoscaling-url = https://autoscaling.ap-northeast-1.amazonaws.com/
elasticloadbalancing-url = https://elasticloadbalancing.ap-northeast-1.amazonaws.com/
monitoring-url = https://monitoring.ap-northeast-1.amazonaws.com/
s3-url = https://s3.ap-northeast-1.amazonaws.com/
s3-location-constraint = ap-northeast-1

[region aws:ap-southeast-1]
iam-url = https://iam.amazon.aws.com/
ec2-url = https://ec2.ap-southeast-1.amazonaws.com/
autoscaling-url = https://autoscaling.ap-southeast-1.amazonaws.com/
elasticloadbalancing-url = https://elasticloadbalancing.ap-southeast-1.amazonaws.com/
monitoring-url = https://monitoring.ap-southeast-1.amazonaws.com/
s3-url = https://s3.ap-southeast-1.amazonaws.com/
s3-location-constraint = ap-southeast-1

[region aws:ap-southeast-2]
iam-url = https://iam.amazon.aws.com/
ec2-url = https://ec2.ap-southeast-2.amazonaws.com/
autoscaling-url = https://autoscaling.ap-southeast-2.amazonaws.com/
elasticloadbalancing-url = https://elasticloadbalancing.ap-southeast-2.amazonaws.com/
monitoring-url = https://monitoring.ap-southeast-2.amazonaws.com/
s3-url = https://s3.ap-southeast-2.amazonaws.com/
s3-location-constraint = ap-southeast-2

[region aws:eu-west-1]
iam-url = https://iam.amazon.aws.com/
ec2-url = https://ec2.eu-west-1.amazonaws.com/
autoscaling-url = https://autoscaling.eu-west-1.amazonaws.com/
elasticloadbalancing-url = https://elasticloadbalancing.eu-west-1.amazonaws.com/
monitoring-url = https://monitoring.eu-west-1.amazonaws.com/
s3-url = https://s3.eu-west-1.amazonaws.com/
s3-location-constraint = EU

[region aws:sa-east-1]
iam-url = https://iam.amazon.aws.com/
ec2-url = https://ec2.sa-east-1.amazonaws.com/
autoscaling-url = https://autoscaling.sa-east-1.amazonaws.com/
elasticloadbalancing-url = https://elasticloadbalancing.sa-east-1.amazonaws.com/
monitoring-url = https://monitoring.sa-east-1.amazonaws.com/
s3-url = https://s3.sa-east-1.amazonaws.com/
s3-location-constraint = sa-east-1

[region aws:us-east-1]
iam-url = https://iam.amazon.aws.com/
ec2-url = https://ec2.us-east-1.amazonaws.com/
autoscaling-url = https://autoscaling.us-east-1.amazonaws.com/
elasticloadbalancing-url = https://elasticloadbalancing.us-east-1.amazonaws.com/
monitoring-url = https://monitoring.us-east-1.amazonaws.com/
s3-url = https://s3.us-east-1.amazonaws.com/
s3-location-constraint = US
; these are not per-region
iam-url = https://iam.amazonaws.com/
sts-url = https://sts.amazonaws.com/

[region aws:us-west-1]
iam-url = https://iam.amazon.aws.com/
ec2-url = https://ec2.us-west-1.amazonaws.com/
autoscaling-url = https://autoscaling.us-west-1.amazonaws.com/
elasticloadbalancing-url = https://elasticloadbalancing.us-west-1.amazonaws.com/
monitoring-url = https://monitoring.us-west-1.amazonaws.com/
s3-url = https://s3.us-west-1.amazonaws.com/
s3-location-constraint = us-west-1

[region aws:us-west-2]
iam-url = https://iam.amazon.aws.com/
ec2-url = https://ec2.us-west-2.amazonaws.com/
autoscaling-url = https://autoscaling.us-west-2.amazonaws.com/
elasticloadbalancing-url = https://elasticloadbalancing.us-west-2.amazonaws.com/
monitoring-url = https://monitoring.us-west-2.amazonaws.com/
s3-url = https://s3.us-west-2.amazonaws.com/
s3-location-constraint = us-west-2


## defaults.ini
[global]
default-region = us-east-1

[region aws:*]
user = myaws-user

## generate-aws
#!/bin/sh
#REGIONS=$(ec2-describe-regions | awk '$1 == "REGION" { print $2 }')
REGIONS="ap-northeast-1 ap-southeast-1 ap-southeast-2 eu-west-1
         sa-east-1 us-east-1 us-west-1 us-west-2"
output="${1:-aws.ini}"
{
cat <<EOF
[region aws:*]
; AWS (shared by all regions)
iam-url = use aws:us-east-1
sts-url = use aws:us-east-1
certificate = /usr/share/euca2ools/certs/cert-ec2.pem
verify-ssl = true

EOF

for region in $REGIONS; do
  constraint=$region
  [ "$region" = "eu-west-1" ] && constraint="EU"
  [ "$region" = "us-east-1" ] && constraint="US"
  cat <<EOF
[region aws:$region]
iam-url = https://iam.amazon.aws.com/
ec2-url = https://ec2.$region.amazonaws.com/
autoscaling-url = https://autoscaling.$region.amazonaws.com/
elasticloadbalancing-url = https://elasticloadbalancing.$region.amazonaws.com/
monitoring-url = https://monitoring.$region.amazonaws.com/
s3-url = https://s3.$region.amazonaws.com/
s3-location-constraint = $constraint
EOF
  [ "$region" = "us-east-1" ] && cat <<EOF
; these are not per-region
iam-url = https://iam.amazonaws.com/
sts-url = https://sts.amazonaws.com/
EOF
echo
done
} > aws.ini
echo "wrote $output" 1>&2

## myaws-user.ini
# customize this file for your user/creds.
[user myaws-user]
key-id = ABCDEFGHIJKLMNOPQRST
secret-key = 0123456789+abcdefghijklmnopqrstuvwxyz/XYZ
certificate = ~/creds/aws-smoser/cert.pem
private-key = ~/creds/aws-smoser/pk.pem
account-id = 012345678901
ec2-default-keypair = brickies

## novarc2eucad
#!/bin/bash

VERBOSITY=0

error() { echo "$@" 1>&2; }
fail() { [ $# -eq 0 ] || error "$@"; exit 1; }

Usage() {
	cat <<EOF
Usage: ${0##*/} [ options ] novarc [eucad]

   convert a novarc style file to a euca2ools ~/.eucad layout
   eucad defaults to ~/.eucad

   options:
      -D | --set-default    write 'default.cfg' in eucad to make this default
      -N | --name           name for the config
EOF
}

bad_Usage() { Usage 1>&2; [ $# -eq 0 ] || error "$@"; return 1; }
debug() {
	local level=${1}; shift;
	[ "${level}" -gt "${VERBOSITY}" ] && return
	error "${@}"
}

main() {
	local short_opts="hDN:v"
	local long_opts="help,name:,set-default,verbose"
	local getopt_out=$(getopt --name "${0##*/}" \
		--options "${short_opts}" --long "${long_opts}" -- "$@") &&
		eval set -- "${getopt_out}" ||
		{ bad_Usage; return; }

	local cur="" next=""
	local novarc="" eucad="" default=false name="nova"

	while [ $# -ne 0 ]; do
		cur="$1"; next="$2";
		case "$cur" in
			-h|--help) Usage ; exit 0;;
			-N|--name) name=$next; shift;;
			-D|--set-default) default=true;;
			-v|--verbose) VERBOSITY=$((${VERBOSITY}+1));;
			--) shift; break;;
		esac
		shift;
	done

	[ $# -eq 1 -o $# -eq 2 ] || {
		bad_Usage "got $# arguments. expected only novarc and eucad. [$*]";
		return 1;
	}
	novarc="$1"
	[ $# -eq 2 ] && eucad="$2" || eucad=$(echo ~/.eucad )

	[ -f "$novarc" ] || { error "$novarc: not a file"; return 1; }
	[ -d "$eucad" ] || mkdir -p "$eucad" ||
		{ error "failed to make eucadir '$eucad'"; return 1; }

	[ -f ~/.eucarc ] &&
		debug 1 "warning, you have ~/.eucarc. you may need to remove it"

	. "$novarc" || { error "failed to source $novarc"; return 1; }

	novauser=${OS_USERNAME:-nuser}
	cfg="$eucad/$name-$novauser.ini"
	eucad=$(cd "$eucad" && pwd)

	: > "$cfg" || { error "failed to open $cfg for writing"; return 1; }
	chmod go-rw "$cfg"
	cat > "$cfg" <<EOF
[user $novauser]
key-id = ${EC2_ACCESS_KEY}
secret-key = ${EC2_SECRET_KEY}
account-id = ${EC2_USER_ID:-42} ; euca-bundle requires a value
;ec2-default-keypair = default ; set to set default keypair to run-instances
EOF
	if [ -n "$EC2_PRIVATE_KEY" ]; then
		cp "$EC2_CERT" "$eucad/$name-$novauser-pk.pem" &&
			chmod go-rw "$eucad/$name-$novauser-pk.pem" ||
			{ error "failed to copy EC2_PRIVATE_KEY '$EC2_CERT'"; return 1; }
		echo "private-key = $eucad/$name-$novauser-pk.pem" >> "$cfg"
	fi
	if [ -n "$EC2_CERT" ]; then
		cp "$EC2_CERT" "$eucad/$name-$novauser-cert.pem" ||
			{ error "failed to copy EC2_CERT '$EC2_CERT'"; return 1; }
		echo "certificate = $eucad/$name-$novauser-pk.pem" >> "$cfg"
	fi

	cfg="$eucad/$name.ini"
	verify_ssl="false"
	{
	echo "[region $name:*]"
	echo "; shared by all '$name' regions"
	echo "verify-ssl = ${verify_ssl}"
	if [ -n "$NOVA_CERT" ]; then
		cp "$NOVA_CERT" "$eucad/$name-cacert.pem" ||
			{ error "failed copy NOVA_CERT '$NOVA_CERT'"; return 1; }
		echo "certificate = $eucad/$name-cacert.pem"
	fi
	echo
	echo "[region $name:${OS_REGION_NAME}]"
	[ -z "$S3_URL" ] || echo "s3-url = $S3_URL"
	[ -z "$EC2_URL" ] || echo "ec2-url = $EC2_URL"
	} > "$eucad/$name.ini"

	if $default; then
		cat > "$eucad/default.ini" <<EOF
[global]
default-region = ${OS_REGION_NAME}

[region $name:*]
user = ${novauser}
EOF
	fi

	debug 1 "wrote to $eucad"

	return 0
}

main "$@"

# vi: ts=4 noexpandtab
	[region aws:*]
	; AWS (shared by all regions)
	iam-url = use aws:us-east-1
	sts-url = use aws:us-east-1
	certificate = /usr/share/euca2ools/certs/cert-ec2.pem
	verify-ssl = true

	[region aws:ap-northeast-1]
	iam-url = https://iam.amazon.aws.com/
	ec2-url = https://ec2.ap-northeast-1.amazonaws.com/
	autoscaling-url = https://autoscaling.ap-northeast-1.amazonaws.com/
	elasticloadbalancing-url = https://elasticloadbalancing.ap-northeast-1.amazonaws.com/
	monitoring-url = https://monitoring.ap-northeast-1.amazonaws.com/
	s3-url = https://s3.ap-northeast-1.amazonaws.com/
	s3-location-constraint = ap-northeast-1

	[region aws:ap-southeast-1]
	iam-url = https://iam.amazon.aws.com/
	ec2-url = https://ec2.ap-southeast-1.amazonaws.com/
	autoscaling-url = https://autoscaling.ap-southeast-1.amazonaws.com/
	elasticloadbalancing-url = https://elasticloadbalancing.ap-southeast-1.amazonaws.com/
	monitoring-url = https://monitoring.ap-southeast-1.amazonaws.com/
	s3-url = https://s3.ap-southeast-1.amazonaws.com/
	s3-location-constraint = ap-southeast-1

	[region aws:ap-southeast-2]
	iam-url = https://iam.amazon.aws.com/
	ec2-url = https://ec2.ap-southeast-2.amazonaws.com/
	autoscaling-url = https://autoscaling.ap-southeast-2.amazonaws.com/
	elasticloadbalancing-url = https://elasticloadbalancing.ap-southeast-2.amazonaws.com/
	monitoring-url = https://monitoring.ap-southeast-2.amazonaws.com/
	s3-url = https://s3.ap-southeast-2.amazonaws.com/
	s3-location-constraint = ap-southeast-2

	[region aws:eu-west-1]
	iam-url = https://iam.amazon.aws.com/
	ec2-url = https://ec2.eu-west-1.amazonaws.com/
	autoscaling-url = https://autoscaling.eu-west-1.amazonaws.com/
	elasticloadbalancing-url = https://elasticloadbalancing.eu-west-1.amazonaws.com/
	monitoring-url = https://monitoring.eu-west-1.amazonaws.com/
	s3-url = https://s3.eu-west-1.amazonaws.com/
	s3-location-constraint = EU

	[region aws:sa-east-1]
	iam-url = https://iam.amazon.aws.com/
	ec2-url = https://ec2.sa-east-1.amazonaws.com/
	autoscaling-url = https://autoscaling.sa-east-1.amazonaws.com/
	elasticloadbalancing-url = https://elasticloadbalancing.sa-east-1.amazonaws.com/
	monitoring-url = https://monitoring.sa-east-1.amazonaws.com/
	s3-url = https://s3.sa-east-1.amazonaws.com/
	s3-location-constraint = sa-east-1

	[region aws:us-east-1]
	iam-url = https://iam.amazon.aws.com/
	ec2-url = https://ec2.us-east-1.amazonaws.com/
	autoscaling-url = https://autoscaling.us-east-1.amazonaws.com/
	elasticloadbalancing-url = https://elasticloadbalancing.us-east-1.amazonaws.com/
	monitoring-url = https://monitoring.us-east-1.amazonaws.com/
	s3-url = https://s3.us-east-1.amazonaws.com/
	s3-location-constraint = US
	; these are not per-region
	iam-url = https://iam.amazonaws.com/
	sts-url = https://sts.amazonaws.com/

	[region aws:us-west-1]
	iam-url = https://iam.amazon.aws.com/
	ec2-url = https://ec2.us-west-1.amazonaws.com/
	autoscaling-url = https://autoscaling.us-west-1.amazonaws.com/
	elasticloadbalancing-url = https://elasticloadbalancing.us-west-1.amazonaws.com/
	monitoring-url = https://monitoring.us-west-1.amazonaws.com/
	s3-url = https://s3.us-west-1.amazonaws.com/
	s3-location-constraint = us-west-1

	[region aws:us-west-2]
	iam-url = https://iam.amazon.aws.com/
	ec2-url = https://ec2.us-west-2.amazonaws.com/
	autoscaling-url = https://autoscaling.us-west-2.amazonaws.com/
	elasticloadbalancing-url = https://elasticloadbalancing.us-west-2.amazonaws.com/
	monitoring-url = https://monitoring.us-west-2.amazonaws.com/
	s3-url = https://s3.us-west-2.amazonaws.com/
	s3-location-constraint = us-west-2
	[global]
	default-region = us-east-1

	[region aws:*]
	user = myaws-user
	#!/bin/sh
	#REGIONS=$(ec2-describe-regions \| awk '$1 == "REGION" { print $2 }')
	REGIONS="ap-northeast-1 ap-southeast-1 ap-southeast-2 eu-west-1
	sa-east-1 us-east-1 us-west-1 us-west-2"
	output="${1:-aws.ini}"
	{
	cat <<EOF
	[region aws:*]
	; AWS (shared by all regions)
	iam-url = use aws:us-east-1
	sts-url = use aws:us-east-1
	certificate = /usr/share/euca2ools/certs/cert-ec2.pem
	verify-ssl = true

	EOF

	for region in $REGIONS; do
	constraint=$region
	[ "$region" = "eu-west-1" ] && constraint="EU"
	[ "$region" = "us-east-1" ] && constraint="US"
	cat <<EOF
	[region aws:$region]
	iam-url = https://iam.amazon.aws.com/
	ec2-url = https://ec2.$region.amazonaws.com/
	autoscaling-url = https://autoscaling.$region.amazonaws.com/
	elasticloadbalancing-url = https://elasticloadbalancing.$region.amazonaws.com/
	monitoring-url = https://monitoring.$region.amazonaws.com/
	s3-url = https://s3.$region.amazonaws.com/
	s3-location-constraint = $constraint
	EOF
	[ "$region" = "us-east-1" ] && cat <<EOF
	; these are not per-region
	iam-url = https://iam.amazonaws.com/
	sts-url = https://sts.amazonaws.com/
	EOF
	echo
	done
	} > aws.ini
	echo "wrote $output" 1>&2
	# customize this file for your user/creds.
	[user myaws-user]
	key-id = ABCDEFGHIJKLMNOPQRST
	secret-key = 0123456789+abcdefghijklmnopqrstuvwxyz/XYZ
	certificate = ~/creds/aws-smoser/cert.pem
	private-key = ~/creds/aws-smoser/pk.pem
	account-id = 012345678901
	ec2-default-keypair = brickies
	#!/bin/bash

	VERBOSITY=0

	error() { echo "$@" 1>&2; }
	fail() { [ $# -eq 0 ] \|\| error "$@"; exit 1; }

	Usage() {
	cat <<EOF
	Usage: ${0##*/} [ options ] novarc [eucad]

	convert a novarc style file to a euca2ools ~/.eucad layout
	eucad defaults to ~/.eucad

	options:
	-D \| --set-default write 'default.cfg' in eucad to make this default
	-N \| --name name for the config
	EOF
	}

	bad_Usage() { Usage 1>&2; [ $# -eq 0 ] \|\| error "$@"; return 1; }
	debug() {
	local level=${1}; shift;
	[ "${level}" -gt "${VERBOSITY}" ] && return
	error "${@}"
	}

	main() {
	local short_opts="hDN:v"
	local long_opts="help,name:,set-default,verbose"
	local getopt_out=$(getopt --name "${0##*/}" \
	--options "${short_opts}" --long "${long_opts}" -- "$@") &&
	eval set -- "${getopt_out}" \|\|
	{ bad_Usage; return; }

	local cur="" next=""
	local novarc="" eucad="" default=false name="nova"

	while [ $# -ne 0 ]; do
	cur="$1"; next="$2";
	case "$cur" in
	-h\|--help) Usage ; exit 0;;
	-N\|--name) name=$next; shift;;
	-D\|--set-default) default=true;;
	-v\|--verbose) VERBOSITY=$((${VERBOSITY}+1));;
	--) shift; break;;
	esac
	shift;
	done

	[ $# -eq 1 -o $# -eq 2 ] \|\| {
	bad_Usage "got $# arguments. expected only novarc and eucad. [$*]";
	return 1;
	}
	novarc="$1"
	[ $# -eq 2 ] && eucad="$2" \|\| eucad=$(echo ~/.eucad )

	[ -f "$novarc" ] \|\| { error "$novarc: not a file"; return 1; }
	[ -d "$eucad" ] \|\| mkdir -p "$eucad" \|\|
	{ error "failed to make eucadir '$eucad'"; return 1; }

	[ -f ~/.eucarc ] &&
	debug 1 "warning, you have ~/.eucarc. you may need to remove it"

	. "$novarc" \|\| { error "failed to source $novarc"; return 1; }

	novauser=${OS_USERNAME:-nuser}
	cfg="$eucad/$name-$novauser.ini"
	eucad=$(cd "$eucad" && pwd)

	: > "$cfg" \|\| { error "failed to open $cfg for writing"; return 1; }
	chmod go-rw "$cfg"
	cat > "$cfg" <<EOF
	[user $novauser]
	key-id = ${EC2_ACCESS_KEY}
	secret-key = ${EC2_SECRET_KEY}
	account-id = ${EC2_USER_ID:-42} ; euca-bundle requires a value
	;ec2-default-keypair = default ; set to set default keypair to run-instances
	EOF
	if [ -n "$EC2_PRIVATE_KEY" ]; then
	cp "$EC2_CERT" "$eucad/$name-$novauser-pk.pem" &&
	chmod go-rw "$eucad/$name-$novauser-pk.pem" \|\|
	{ error "failed to copy EC2_PRIVATE_KEY '$EC2_CERT'"; return 1; }
	echo "private-key = $eucad/$name-$novauser-pk.pem" >> "$cfg"
	fi
	if [ -n "$EC2_CERT" ]; then
	cp "$EC2_CERT" "$eucad/$name-$novauser-cert.pem" \|\|
	{ error "failed to copy EC2_CERT '$EC2_CERT'"; return 1; }
	echo "certificate = $eucad/$name-$novauser-pk.pem" >> "$cfg"
	fi

	cfg="$eucad/$name.ini"
	verify_ssl="false"
	{
	echo "[region $name:*]"
	echo "; shared by all '$name' regions"
	echo "verify-ssl = ${verify_ssl}"
	if [ -n "$NOVA_CERT" ]; then
	cp "$NOVA_CERT" "$eucad/$name-cacert.pem" \|\|
	{ error "failed copy NOVA_CERT '$NOVA_CERT'"; return 1; }
	echo "certificate = $eucad/$name-cacert.pem"
	fi
	echo
	echo "[region $name:${OS_REGION_NAME}]"
	[ -z "$S3_URL" ] \|\| echo "s3-url = $S3_URL"
	[ -z "$EC2_URL" ] \|\| echo "ec2-url = $EC2_URL"
	} > "$eucad/$name.ini"

	if $default; then
	cat > "$eucad/default.ini" <<EOF
	[global]
	default-region = ${OS_REGION_NAME}

	[region $name:*]
	user = ${novauser}
	EOF
	fi

	debug 1 "wrote to $eucad"

	return 0
	}

	main "$@"

	# vi: ts=4 noexpandtab