. "$tool"/lib/functions.sh
. "$tool"/etc/vm.sh
-rule_help () {
+rule_help () { # SYNTAX: [--hidden]
+ local hidden; [ ${1:+set} ] || hidden=set
cat >&2 <<-EOF
- DESCRIPTION: ce script regroupe des fonctions utilitaires
- pour gérer la VM _depuis_ la VM hébergée ;
- il sert à la fois d'outil et de documentation.
- Voir \`$tool/vm_host' pour les utilitaires côté machine hôte.
+ DESCRIPTION:
+ ce script regroupe des règles pour administrer la VM ($vm_fqdn)
+ _depuis_ la VM hébergée ($vm_fqdn) ;
+ il sert à la fois d'outil (aisément bidouillable)
+ et de documentation (préçise).
+ Voir \`$tool/vm_host' pour les règles côté machine hôte ($vm_host).
SYNTAX: $0 \$RULE \${RULE}_SYNTAX
RULES:
- $(sed -ne 's/^rule_\([^_][^ ]*\) () {\( *#.*\|\)/\t\1\2/p' "$tool"/etc/vm.sh "$0")
+ $(sed -ne "s/^rule_\(${hidden:+[^_]}[^ ]*\) () {\( *#.*\|\)/ \1\2/p" "$tool"/etc/vm.sh "$0")
ENVIRONMENT:
TRACE # affiche les commandes avant leur exécution
$(sed -ne 's/^readonly \([^ ][^ =]*\).*}\( *#.*\|\)$/\t$\1\2/p' "$tool"/etc/vm.sh "$0")
EOF
}
+rule_git_config () {
+ (
+ cd "$tool"
+ git config --replace branch.master.remote .
+ git config --replace branch.master.merge refs/remotes/master
+ )
+ }
rule_git_reset () {
(
cd "$tool"
- git checkout -f -B master origin
+ git checkout -f -B master remotes/master
git clean -f -d -x
)
}
-rule_chrooted () {
+rule__chrooted_configure () { # NOTE: est-ce bien utile à un moment ?
export LANG=C
export LC_CTYPE=C
. /etc/profile
}
-rule_apt_init () {
+rule_apt_configure () {
mk_reg mod= own= /etc/apt/sources.list <<-EOF
deb http://ftp.fr.debian.org/debian $vm_lsb_name main contrib non-free
EOF
deb http://nightly.openerp.com/trunk/nightly/deb/ ./
EOF
}
-rule_apticron_init () {
+rule_apticron_configure () {
sudo apt-get install --reinstall apticron
- mk_reg mod=644 own=root:root /etc/default/grub <<-EOF
+ mk_reg mod=644 own=root:root /etc/apticron/apticron.conf <<-EOF
EMAIL="admin@heureux-cyclage.org"
# DIFF_ONLY="1"
# LISTCHANGES_PROFILE="apticron"
EOF
sudo service apticron restart
}
-rule_boot_init () {
+rule_boot_configure () {
sudo apt-get install --reinstall grub-pc # XXX: attention à n'installer GRUB sur AUCUN disque proposé !
mk_dir mod=644 own=root:root /boot/grub
sudo apt-get install --reinstall linux-image-$vm_arch
(hd0) /dev/mapper/domU-$(printf %s $vm_fqdn-disk | sed -e 's/-/--/g')
EOF
sudo update-grub2 # NOTE: prend en compte /boot/grub/device.map
- rule initramfs_init
+ rule initramfs_configure
}
-rule_etckeeper_init () {
+rule_etckeeper_configure () {
mk_reg mod=644 own=root:root /etc/etckeeper/etckeeper.conf <<-EOF
VCS=git
GIT_COMMIT_OPTIONS=""
LOWLEVEL_PACKAGE_MANAGER=dpkg
EOF
}
-rule_filesystem_init () {
+rule_filesystem_configure () {
mk_reg mod=644 own=root:root /etc/fstab <<-EOF
# <file system> <mount point> <type> <options> <dump> <pass>
LABEL=${vm_lvm_lv}_boot /boot ext2 defaults 0 0
vm.vfs_cache_pressure=50
EOF
}
-rule_initramfs_init () {
+rule_initramfs_configure () {
mk_reg mod=644 own=root:root /etc/initramfs-tools/initramfs.conf <<-EOF
MODULES=most
BUSYBOX=y
# NOTE: clefs générées par Debian
sudo update-initramfs -u
}
-rule_locale_init () {
+rule_locale_configure () {
mk_reg mod=644 own=root:root /etc/locale.gen <<-EOF
fr_FR.UTF-8 UTF-8
EOF
sudo update-locale
}
-rule_login_init () {
+rule_login_configure () {
grep -q '^hvc0$' /etc/securetty ||
mk_reg mod= own= --append /etc/securetty <<-EOF
hvc0
session optional pam_umask.so
EOF
}
-rule_network_init () {
+rule_network_configure () {
mk_reg mod= own= /etc/hostname <<-EOF
$vm
EOF
pre-down ip address delete $vm_ipv4/32 dev \$IFACE
EOF
}
-rule_user_init () {
+rule_user_configure () {
mk_dir mod=750 own="root:adm" /etc/skel/etc
mk_dir mod=770 own="root:adm" /etc/skel/etc/apache2
mk_dir mod=770 own="root:adm" /etc/skel/etc/ssh
'case \$(/usr/bin/passwd --status "\$SUDO_USER") in ("\$SUDO_USER L "*) /usr/bin/passwd \$SUDO_USER;; esac'
EOF
}
-rule_user_root_init () {
+rule_user_root_configure () {
mk_dir mod=750 own=root:root /root/etc
mk_dir mod=750 own=root:root /root/etc/ssh
mk_dir mod=750 own=root:root /root/etc/gpg
mk_lnk etc/gpg /root/.gnupg
mk_lnk etc/ssh /root/.ssh
getent group sudo |
- while test -n "$users" && IFS=: read -r group x x users
- do while IFS=, read -r user users <<-EOF
+ while IFS=: read -r group x x users
+ do while test -n "$users" && IFS=, read -r user users <<-EOF
$users
EOF
do eval local home\; home="~$user"
do sudo gpg --import "$key"
done
}
-rule__bin_init () {
+rule_bin_configure () {
mk_lnk "$tool"/vm_hosted /usr/local/sbin/
}
-rule_init () {
- rule etckeeper_init
- rule locale_init
- rule network_init
- rule apt_init
- rule filesystem_init
- rule login_init
- rule user_root_init
- rule boot_init
- rule bin_init
+rule_configure () {
+ rule etckeeper_configure
+ rule locale_configure
+ rule network_configure
+ rule apt_configure
+ rule filesystem_configure
+ rule login_configure
+ rule user_root_configure
+ rule boot_configure
+ rule bin_configure
}
rule_disk_key_change () {
sudo adduser "$user" sudo
mk_reg mod=640 own=$user:$user "$home"/etc/ssh/authorized_keys \
<"$tool"/var/pub/ssh/"$user".key
- rule initramfs_init
- rule user_root_init
+ rule initramfs_configure
+ rule user_root_configure
local key; local -; set +f
for key in "$tool"/var/pub/openpgp/*.key
do sudo -u "$user" gpg --import "$key"
mk_reg mod=664 own=root:root /etc/postgrey/whitelist_recipients.local <<-EOF
EOF
}
-rule_mail_init () {
+rule_mail_configure () {
sudo apt-get install postfix postgrey dovecot
}
(help);;
(*)
assert 'test "$(hostname --fqdn)" = "$vm_fqdn"' vm_fqdn
- ${TRACE:+set -x}
;;
esac
rule $rule "$@"