From 76ddedbf1441ecd5ad97851f4656698d1b0ddb0d Mon Sep 17 00:00:00 2001 From: "Bastian (BaM)" Date: Sun, 14 Sep 2025 20:31:24 +0200 Subject: [PATCH] Add debug logging for SSH command execution Introduce a function to check the DEBUG environment variable and adjust logging behavior accordingly. When DEBUG is enabled, full SSH command details are logged; otherwise, only the command itself is logged to prevent exposure of sensitive information. --- scripts/ssh.lua | 34 ++++++++++++++++++++++++++-------- 1 file changed, 26 insertions(+), 8 deletions(-) diff --git a/scripts/ssh.lua b/scripts/ssh.lua index 8cbb80b..f5faefc 100644 --- a/scripts/ssh.lua +++ b/scripts/ssh.lua @@ -5,6 +5,12 @@ local utils = require("utils") local ssh_module = {} +-- Check if DEBUG environment variable is set to "true" +local function is_debug() + local debug_env = os.getenv("DEBUG") + return debug_env and (string.lower(debug_env) == "true" or debug_env == "1") +end + -- Execute a remote command over SSH -- Signature: ssh(command, user, host, port, identity_file) function ssh_module.execute(command, user, host, port, identity_file) @@ -35,7 +41,7 @@ function ssh_module.execute(command, user, host, port, identity_file) "-o", "UserKnownHostsFile=/root/.ssh/known_hosts", "-o", "StrictHostKeyChecking=yes", } - + if identity_file ~= "" then table.insert(pieces, "-i") table.insert(pieces, identity_file) @@ -54,8 +60,14 @@ function ssh_module.execute(command, user, host, port, identity_file) end local full = join(pieces) - utils.log("SSH exec: " .. full) - + + -- Log based on DEBUG environment variable + if is_debug() then + utils.log("SSH exec: " .. full) + else + utils.log("SSH exec: " .. "'" .. command:gsub("'", "'\\''") .. "'") + end + local ok, reason, code = os.execute(full) if ok == true or ok == 0 then utils.log("SSH command completed successfully") @@ -89,7 +101,7 @@ function ssh_module.execute_with_output(command, user, host, port, identity_file "-o", "UserKnownHostsFile=/root/.ssh/known_hosts", "-o", "StrictHostKeyChecking=yes", } - + if identity_file ~= "" then table.insert(pieces, "-i") table.insert(pieces, identity_file) @@ -107,17 +119,23 @@ function ssh_module.execute_with_output(command, user, host, port, identity_file end local full = join(pieces) - utils.log("SSH exec (with output): " .. full) - + + -- Log based on DEBUG environment variable + if is_debug() then + utils.log("SSH exec (with output): " .. full) + else + utils.log("SSH exec (with output): " .. "'" .. command:gsub("'", "'\\''") .. "'") + end + -- Use io.popen to capture output local fh = io.popen(full, "r") if not fh then return false, "", "Failed to open SSH command" end - + local output = fh:read("*a") local success, reason, code = fh:close() - + if success then utils.log("SSH command completed successfully with output") return true, output, nil