Initial commit: loc_az_hci (smom-dbis-138 excluded via .gitignore)
Some checks failed
Test / test (push) Has been cancelled
Some checks failed
Test / test (push) Has been cancelled
Co-authored-by: Cursor <cursoragent@cursor.com>
This commit is contained in:
defiQUG
167
scripts/utils/enable-ssh-via-api.sh
Executable file
167
scripts/utils/enable-ssh-via-api.sh
Executable file
@@ -0,0 +1,167 @@
|
||||
#!/bin/bash
|
||||
source ~/.bashrc
|
||||
# Enable SSH via Proxmox API
|
||||
# Attempts to enable SSH service and configure root login via API
|
||||
|
||||
set -e
|
||||
|
||||
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
|
||||
PROJECT_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)"
|
||||
|
||||
# Load environment variables
|
||||
if [ -f "$PROJECT_ROOT/.env" ]; then
|
||||
set -a
|
||||
source <(grep -v '^#' "$PROJECT_ROOT/.env" | grep -v '^$' | sed 's/#.*$//' | grep '=')
|
||||
set +a
|
||||
fi
|
||||
|
||||
# Colors
|
||||
RED='\033[0;31m'
|
||||
GREEN='\033[0;32m'
|
||||
YELLOW='\033[1;33m'
|
||||
BLUE='\033[0;34m'
|
||||
NC='\033[0m'
|
||||
|
||||
log_info() {
|
||||
echo -e "${GREEN}[INFO]${NC} $1"
|
||||
}
|
||||
|
||||
log_warn() {
|
||||
echo -e "${YELLOW}[WARN]${NC} $1"
|
||||
}
|
||||
|
||||
log_error() {
|
||||
echo -e "${RED}[ERROR]${NC} $1"
|
||||
}
|
||||
|
||||
PVE_USERNAME="${PVE_USERNAME:-root@pam}"
|
||||
PVE_PASSWORD="${PVE_ROOT_PASS:-}"
|
||||
PROXMOX_URL="${PROXMOX_ML110_URL:-https://192.168.1.206:8006}"
|
||||
PROXMOX_NODE="${PROXMOX_NODE:-pve}"
|
||||
|
||||
get_api_token() {
|
||||
local response=$(curl -s -k --connect-timeout 10 --max-time 15 \
|
||||
-d "username=$PVE_USERNAME&password=$PVE_PASSWORD" \
|
||||
"$PROXMOX_URL/api2/json/access/ticket" 2>&1)
|
||||
|
||||
if echo "$response" | grep -q '"data"'; then
|
||||
local ticket=$(echo "$response" | grep -o '"ticket":"[^"]*' | cut -d'"' -f4)
|
||||
local csrf_token=$(echo "$response" | grep -o '"CSRFPreventionToken":"[^"]*' | cut -d'"' -f4)
|
||||
echo "$ticket|$csrf_token"
|
||||
else
|
||||
echo ""
|
||||
fi
|
||||
}
|
||||
|
||||
check_ssh_service() {
|
||||
local tokens=$(get_api_token)
|
||||
local ticket=$(echo "$tokens" | cut -d'|' -f1)
|
||||
local csrf_token=$(echo "$tokens" | cut -d'|' -f2)
|
||||
|
||||
log_info "Checking SSH service status..."
|
||||
|
||||
local services=$(curl -s -k -H "Cookie: PVEAuthCookie=$ticket" \
|
||||
-H "CSRFPreventionToken: $csrf_token" \
|
||||
"$PROXMOX_URL/api2/json/nodes/$PROXMOX_NODE/services" 2>&1)
|
||||
|
||||
if echo "$services" | grep -q '"data"'; then
|
||||
local ssh_status=$(echo "$services" | python3 -c "
|
||||
import sys, json
|
||||
r = json.load(sys.stdin)
|
||||
services = r.get('data', [])
|
||||
ssh = [s for s in services if 'ssh' in s.get('name', '').lower()]
|
||||
if ssh:
|
||||
s = ssh[0]
|
||||
print(f\"{s.get('name', 'N/A')}|{s.get('state', 'N/A')}|{s.get('enabled', 'N/A')}\")
|
||||
" 2>/dev/null)
|
||||
|
||||
if [ -n "$ssh_status" ]; then
|
||||
local name=$(echo "$ssh_status" | cut -d'|' -f1)
|
||||
local state=$(echo "$ssh_status" | cut -d'|' -f2)
|
||||
local enabled=$(echo "$ssh_status" | cut -d'|' -f3)
|
||||
|
||||
echo " Service: $name"
|
||||
echo " State: $state"
|
||||
echo " Enabled: $enabled"
|
||||
|
||||
if [ "$state" = "running" ] && [ "$enabled" = "1" ]; then
|
||||
log_info "✓ SSH service is running and enabled"
|
||||
return 0
|
||||
else
|
||||
log_warn "SSH service needs to be started/enabled"
|
||||
return 1
|
||||
fi
|
||||
else
|
||||
log_warn "SSH service not found in services list"
|
||||
return 1
|
||||
fi
|
||||
else
|
||||
log_error "Could not query services via API"
|
||||
return 1
|
||||
fi
|
||||
}
|
||||
|
||||
enable_ssh_service() {
|
||||
local tokens=$(get_api_token)
|
||||
local ticket=$(echo "$tokens" | cut -d'|' -f1)
|
||||
local csrf_token=$(echo "$tokens" | cut -d'|' -f2)
|
||||
|
||||
log_info "Attempting to enable SSH service via API..."
|
||||
|
||||
# Try to start SSH service
|
||||
local start_result=$(curl -s -k -X POST -H "Cookie: PVEAuthCookie=$ticket" \
|
||||
-H "CSRFPreventionToken: $csrf_token" \
|
||||
"$PROXMOX_URL/api2/json/nodes/$PROXMOX_NODE/services/ssh/start" 2>&1)
|
||||
|
||||
if echo "$start_result" | grep -q '"data"'; then
|
||||
log_info "✓ SSH service started"
|
||||
else
|
||||
log_warn "Could not start SSH via API: $start_result"
|
||||
fi
|
||||
|
||||
# Try to enable SSH service
|
||||
local enable_result=$(curl -s -k -X POST -H "Cookie: PVEAuthCookie=$ticket" \
|
||||
-H "CSRFPreventionToken: $csrf_token" \
|
||||
"$PROXMOX_URL/api2/json/nodes/$PROXMOX_NODE/services/ssh/start" 2>&1)
|
||||
|
||||
if echo "$enable_result" | grep -q '"data"'; then
|
||||
log_info "✓ SSH service enabled"
|
||||
else
|
||||
log_warn "Could not enable SSH via API: $enable_result"
|
||||
fi
|
||||
}
|
||||
|
||||
main() {
|
||||
echo "========================================="
|
||||
echo "Enable SSH via Proxmox API"
|
||||
echo "========================================="
|
||||
echo ""
|
||||
|
||||
log_warn "Note: SSH configuration changes typically require shell access"
|
||||
log_warn "This script will attempt to enable SSH service, but root login"
|
||||
log_warn "configuration may need to be done via Web UI or console"
|
||||
echo ""
|
||||
|
||||
# Check current status
|
||||
check_ssh_service
|
||||
|
||||
echo ""
|
||||
|
||||
# Try to enable
|
||||
enable_ssh_service
|
||||
|
||||
echo ""
|
||||
log_info "Summary:"
|
||||
log_warn "SSH service management via API is limited"
|
||||
log_info "Recommended: Enable SSH via Proxmox Web UI:"
|
||||
log_info " 1. Node → System → Services → ssh → Start & Enable"
|
||||
log_info " 2. Node → System → Shell → Enable root login"
|
||||
log_info ""
|
||||
log_info "Or use console/physical access to run:"
|
||||
log_info " systemctl enable ssh && systemctl start ssh"
|
||||
log_info " sed -i 's/#PermitRootLogin.*/PermitRootLogin yes/' /etc/ssh/sshd_config"
|
||||
log_info " systemctl restart sshd"
|
||||
}
|
||||
|
||||
main "$@"
|
||||
|
||||
Reference in New Issue
Block a user