前言:
借助Expect处理交互的命令,可以将交互 过程如:ssh登录,ftp登录等写在一个脚本上,使之自动化完成.尤其适用于需 要对多台服务器执行相同操作的环境中,可以大大提高系统管理人员的工作效率
执行安装命令
1
| yum install expect tcl -y
|
命令说明
| 指令 |
功能说明 |
| spawn |
交互程序开始后面跟命令或者指定程序 |
| set timeout |
设置超时时间 |
| expect |
获取匹配信息匹配成功则执行expect后面的程序动作 |
| send |
用于向进程发送指定的字符串信息 |
| exp_continue |
在expect中多次匹配就需要用到 |
| eof |
expect执行结束 退出 |
1、自动生成ssh-keygen的脚本
1
2
3
4
5
6
7
8
9
10
11
| #!/bin/bash
expect <<EOF
set timeout 3
spawn ssh-keygen -t rsa
expect {
"Enter file in which to save the key (/root/.ssh/id_rsa):" { send "\r"; exp_continue}
"Enter passphrase (empty for no passphrase):" { send "\r"; exp_continue}
"Enter same passphrase again:" { send "\r"; exp_continue}
expect eof
}
EOF
|
2、使用docker无交互部署OpenVPN脚本
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
| $ cat install-openvpn.sh
#!/bin/bash
OpenVPN_data="/etc/openvpn/conf"
if [ -e $OpenVPN_data ]; then
echo "Notice!!! openvpn_Data dir is exist"
else
mkdir -p /data/openvpn && mkdir /data/openvpn/conf
fi
docker rm -f openvpn
docker run -v /data/openvpn:/etc/openvpn --rm kylemanna/openvpn ovpn_genconfig -u tcp://192.168.110.111
expect <<EOF
set timeout 60
spawn docker run -v /data/openvpn:/etc/openvpn --rm -it kylemanna/openvpn ovpn_initpki
expect {
"Enter New CA Key Passphrase:" { send "openvpn\r"; exp_continue}
"Re-Enter New CA Key Passphrase:" { send "openvpn\r" }
}
expect "Common Name (eg: your user, host, or server name)*:"
send "\r"
expect "Enter pass phrase for /etc/openvpn/pki/private/ca.key:"
send "openvpn\r"
expect "Enter pass phrase for /etc/openvpn/pki/private/ca.key:"
send "openvpn\r"
expect eof
EOF
#docker run -v /data/openvpn:/etc/openvpn --rm -it kylemanna/openvpn ovpn_initpki
#start openvpn
docker run --name openvpn -v /data/openvpn:/etc/openvpn -d -p 1194:1194/tcp --cap-add=NET_ADMIN kylemanna/openvpn
echo "openvpn install complate"
|
新增用户脚本
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
| $ cat addgenclinet-key.sh
#!/bin/bash
#read -p "please your username: " NAME
if [ $# -ne 1 ]
then
echo "Usage: $0 NAME"
exit
fi
NAME=$1
expect <<EOF
set timeout 10
spawn docker run -v /data/openvpn:/etc/openvpn --rm -it kylemanna/openvpn easyrsa build-client-full $NAME nopass
expect "Enter pass phrase for /etc/openvpn/pki/private/ca.key:"
send "openvpn\r"
expect eof
EOF
#docker run -v /data/openvpn:/etc/openvpn --rm -it kylemanna/openvpn easyrsa build-client-full $NAME nopass
docker run -v /data/openvpn:/etc/openvpn --rm kylemanna/openvpn ovpn_getclient $NAME > /data/openvpn/conf/"$NAME".ovpn
#docker restart openvpn
|
删除用户脚本
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
| cat remove-key.sh
#!/bin/bash
#read -p "Delete username: " DNAME
if [ $# -ne 1 ]
then
echo "Usage: $0 NAME"
exit
fi
NAME=$1
expect <<EOF
set timeout 20
spawn docker run -v /data/openvpn:/etc/openvpn --rm -it kylemanna/openvpn easyrsa revoke $NAME
expect "Continue with revocation:"
send "yes\r"
expect "Enter pass phrase for /etc/openvpn/pki/private/ca.key:"
send "openvpn\r"
expect <<EOF
set timeout 10
spawn docker run -v /data/openvpn:/etc/openvpn --rm -it kylemanna/openvpn easyrsa gen-crl
expect "Enter pass phrase for /etc/openvpn/pki/private/ca.key:"
send "openvpn\r"
expect eof
EOF
expect <<EOF
set timeout 20
spawn docker run -v /data/openvpn:/etc/openvpn --rm -it kylemanna/openvpn easyrsa gen-crl
expect "Enter pass phrase for /etc/openvpn/pki/private/ca.key:"
send "openvpn\r"
expect eof
EOF
docker run -v /data/openvpn:/etc/openvpn --rm -it kylemanna/openvpn rm -f /etc/openvpn/pki/reqs/"$DNAME".req
docker run -v /data/openvpn:/etc/openvpn --rm -it kylemanna/openvpn rm -f /etc/openvpn/pki/private/"$DNAME".key
docker run -v /data/openvpn:/etc/openvpn --rm -it kylemanna/openvpn rm -f /etc/openvpn/pki/issued/"$DNAME".crt
docker restart openvpn
|
