#!/usr/bin/env python3 from __future__ import annotations import os import re import secrets import sys import paramiko from load_dev_env import ssh_config HOST, USER, SSH_PASSWORD = ssh_config() def run(c: paramiko.SSHClient, cmd: str) -> str: print(f"\n$ {cmd.replace(PASSWORD, '***')}") _, o, e = c.exec_command(f"echo '{PASSWORD}' | sudo -S bash -lc \"{cmd}\"", timeout=120, get_pty=True) out = o.read().decode("utf-8", errors="replace") err = e.read().decode("utf-8", errors="replace") combined = out + err sys.stdout.buffer.write(combined.encode("utf-8", errors="replace")) return combined def main() -> None: api_pass = secrets.token_urlsafe(12) c = paramiko.SSHClient() c.set_missing_host_key_policy(paramiko.AutoAddPolicy()) c.connect(HOST, username=USER, password=PASSWORD, timeout=30) try: run(c, "docker exec nomadro-ntfy ntfy user list 2>&1") run(c, "docker exec nomadro-ntfy ntfy access --help 2>&1 | head -25") run(c, f"docker exec nomadro-ntfy ntfy user add --role=admin nomadcna-api --pass={api_pass} 2>&1") run(c, "docker exec nomadro-ntfy ntfy access nomadcna-* everyone read 2>&1") run(c, "docker exec nomadro-ntfy ntfy access nomadcna-* nomadcna-api write-only 2>&1") token_out = run(c, "docker exec nomadro-ntfy ntfy token add -l nomadcna-backend nomadcna-api 2>&1") token_match = re.search(r"tk_[a-zA-Z0-9_-]+", token_out) token = token_match.group(0) if token_match else "" if not token: run(c, "docker exec nomadro-ntfy ntfy token list nomadcna-api 2>&1") if token: repo_env = "/home/ubuntu/gitlab-instance-0a899031_cnomadcna/.env.local" run(c, f"grep -q '^NTFY_AUTH_TOKEN=' {repo_env} 2>/dev/null && sed -i 's/^NTFY_AUTH_TOKEN=.*/NTFY_AUTH_TOKEN={token}/' {repo_env} || echo 'NTFY_AUTH_TOKEN={token}' >> {repo_env}") run( c, f"curl -s -X POST https://ntfy.nomadro.cn/nomadcna-healthcheck " f"-H 'Authorization: Bearer {token}' -H 'Title: NomadCNA' -d 'push ok'", ) run(c, "systemctl restart cnomadcna-api.service 2>/dev/null || true") print(f"\nTOKEN={token}") finally: c.close() if __name__ == "__main__": main()