this repo has no description
tangled.org
1// This program must be configured to run as the sshd AuthorizedKeysCommand.
2// The format looks something like this:
3// Match User git
4// AuthorizedKeysCommand /keyfetch -internal-api http://localhost:5444 -repoguard-path /home/git/repoguard
5// AuthorizedKeysCommandUser nobody
6//
7// The command and its parent directories must be owned by root and set to 0755. Hence, the ideal location for this is
8// somewhere already owned by root so you don't have to mess with directory perms.
9
10package main
11
12import (
13 "encoding/json"
14 "flag"
15 "fmt"
16 "io"
17 "log"
18 "net/http"
19)
20
21func main() {
22 endpoint := flag.String("internal-api", "http://localhost:5444", "Internal API endpoint")
23 repoguardPath := flag.String("repoguard-path", "/home/git/repoguard", "Path to the repoguard binary")
24 gitDir := flag.String("git-dir", "/home/git", "Path to the git directory")
25 flag.Parse()
26
27 resp, err := http.Get(*endpoint + "/keys")
28 if err != nil {
29 log.Fatalf("error fetching keys: %v", err)
30 }
31 defer resp.Body.Close()
32
33 body, err := io.ReadAll(resp.Body)
34 if err != nil {
35 log.Fatalf("error reading response body: %v", err)
36 }
37
38 var data []map[string]interface{}
39 err = json.Unmarshal(body, &data)
40 if err != nil {
41 log.Fatalf("error unmarshalling response body: %v", err)
42 }
43
44 fmt.Print(formatKeyData(*repoguardPath, *gitDir, data))
45}