X-Git-Url: https://git.cyclocoop.org/?p=lhc%2Fateliers.git;a=blobdiff_plain;f=vm_remote;h=64f57dfbe3e4e0bfe09a65a663a8378706c53fe2;hp=b12b18084b2c19d8fd368c25aecc9ced8ffa6156;hb=eefc410c23df14d9e47bfc1eedcfb500d557c5a8;hpb=f1ea1df6ff4652bb89b232cb5fd5762c6fea4dcf diff --git a/vm_remote b/vm_remote index b12b180..64f57df 100755 --- a/vm_remote +++ b/vm_remote @@ -92,44 +92,6 @@ rule_luks_key_backup () { # SYNTAX: ${gpg_options:---recipient $USER@} DESCRIPTI done } -rule_apache2_key_send () { - local -; set +f - for conf in "$tool"/etc/nginx/site.d/*/key_send - do conf=${conf#"$tool"/etc/nginx/site.d/} - local site=${conf%/key_send} - rule _x509_site_key_decrypt \ - "$(cat "$tool"/etc/apache2/site.d/"$site"/x509_host)" | - rule ssh -l root ' \ - sudo install -d -m 770 -o '"$user"' -g '"$user"' \ - /etc/apache2 \ - /etc/apache2/x509.d \ - /etc/apache2/x509.d/'"$site"'; \ - sudo install -m 644 -o '"$user"' -g '"$user"' /dev/stdin \ - /etc/apache2/x509.d/'"$site"'/.gitignore <<-EOF - key.pem - EOF - sudo install -m 400 -o root -g root \ - /dev/stdin \ - /etc/apache2/x509.d/'"'$site'"'/key.pem - ' - done - } -rule_dovecot_key_send () { - rule _x509_site_key_decrypt imap."$vm_domainname" | - rule ssh -l root ' \ - sudo install -d -m 770 -o root -g root \ - /etc/dovecot/'"$vm_domainname"'/ \ - /etc/dovecot/'"$vm_domainname"'/imap \ - /etc/dovecot/'"$vm_domainname"'/imap/x509 ; \ - sudo install -m 644 -o root -g root /dev/stdin \ - /etc/dovecot/'"$vm_domainname"'/imap/x509/.gitignore <<-EOF - key.pem - EOF - sudo install -m 400 -o root -g root \ - /dev/stdin \ - /etc/dovecot/"$vm_domainname"/imap/x509/key.pem - ' - } rule_gitolite_git () { ( cd "$tool"/etc/gitolite @@ -141,51 +103,37 @@ rule_gitolite_git () { git '"$*" ) } -rule_nginx_configure () { - local -; set +f - for conf in "$tool"/etc/nginx/site.d/*/site.conf - do conf=${conf#"$tool"/etc/nginx/site.d/} - local site="${conf%/site.conf}" - if test -f "$tool"/etc/nginx/site.d/"$site"/x509_host - then - rule _x509_site_key_decrypt \ - "$(cat "$tool"/etc/nginx/site.d/"$site"/x509_host)" | - rule ssh -l root ' \ - sudo install -d -m 770 -o root -g root \ - /etc/nginx \ - /etc/nginx/x509.d \ - /etc/nginx/x509.d/'"'$site'"'; \ - sudo install -m 644 -o root -g root /dev/stdin \ - /etc/nginx/x509.d/'"'$site'"'/.gitignore <<-EOF - key.pem - EOF - sudo install -m 400 -o root -g root /dev/stdin \ - /etc/nginx/x509.d/'"'$site'"'/key.pem - ' - fi - test ! -r "$tool"/etc/nginx/site.d/"$site"/remote.sh || - . "$tool"/etc/nginx/site.d/"$site"/remote.sh - done +rule_runit_configure () { # SYNTAX: $sv [...] -- $configure_options + if test $# = 0 + then + set +x + rule ssh sudo sv status \ + $(sudo find /etc/sv \ + -mindepth 1 -maxdepth 1 -type d \ + -printf '%p\n' | sort) + else + local services= + while [ $# -gt 0 ] + do case $1 in + (--) shift; break;; + (*) services="$services $1"; shift;; + esac + done + for sv in $(find "$tool"/etc/sv \ + -mindepth 1 -maxdepth 1 -type d \ + -false $(printf -- '-or -name %s\n' $services) \ + -printf '%f\n') + do + rule _runit_sv_configure "$sv" "$@" + done + fi } -rule_postfix_key_send () { - rule _x509_site_key_decrypt smtpd."$vm_domainname" | - rule ssh -l root ' \ - sudo install -d -m 770 -o root -g root \ - /etc/postfix/'"$vm_domainname"'/ \ - /etc/postfix/'"$vm_domainname"'/smtpd \ - /etc/postfix/'"$vm_domainname"'/smtpd/x509; \ - sudo install -m 644 -o root -g root /dev/stdin \ - /etc/postfix/'"$vm_domainname"'/smtp/x509/.gitignore <<-EOF - key.pem - EOF - sudo install -m 644 -o root -g root /dev/stdin \ - /etc/postfix/'"$vm_domainname"'/smtpd/x509/.gitignore <<-EOF - key.pem - EOF - install -m 400 -o root -g root \ - /dev/stdin \ - /etc/postfix/'"'$vm_domainname'"'/smtpd/x509/key.pem - ' +rule__runit_sv_configure () { # SYNTAX: $sv $configure_options + local sv="$1"; shift + ( + test ! -r "$tool"/etc/sv/"$sv"/remote.sh || + . "$tool"/etc/sv/"$sv"/remote.sh || return 1 + ) } rule=${1:-help}