Polissage : vm_hosted : chemins et droits.

author Julien Moutinho <julm+burette@autogeree.net>

Sat, 23 Mar 2013 20:38:23 +0000 (21:38 +0100)

committer Julien Moutinho <julm+burette@autogeree.net>

Sun, 24 Mar 2013 13:22:53 +0000 (14:22 +0100)
author Julien Moutinho <julm+burette@autogeree.net>
Sat, 23 Mar 2013 20:38:23 +0000 (21:38 +0100)
committer Julien Moutinho <julm+burette@autogeree.net>
Sun, 24 Mar 2013 13:22:53 +0000 (14:22 +0100)
diff --git a/etc/nginx/nginx.conf b/etc/nginx/nginx.conf

index b87bf14..6860ff1 100644 (file)
--- a/etc/nginx/nginx.conf
+++ b/etc/nginx/nginx.conf
@@ -81,7 +81,7 @@ http {
         types_hash_max_size 2048;
         include /etc/nginx/site.d/*/server.conf;
   }
-pid /var/run/nginx.pid;
+pid /run/nginx.pid;
  user www-data;
  worker_processes 2;
  
diff --git a/vm_hosted b/vm_hosted

index 21950b0..b68dc3d 100755 (executable)
--- a/vm_hosted
+++ b/vm_hosted
@@ -709,21 +709,39 @@ rule_mail_configure () {
   }
  rule_mysql_configure () {
         rule apt_get_install mysql-server-5.5
-       sudo install -m 644 -o root -g root \
+       rule adduser mysql \
+        --disabled-login \
+        --disabled-password \
+        --group \
+        --home /home/mysql \
+        --shell /bin/false \
+        --system
+       rule adduser mysql-data \
+        --disabled-login \
+        --disabled-password \
+        --group \
+        --home /home/mysql/data \
+        --shell /bin/false \
+        --system
+       sudo usermod --home /home/mysql mysql
+       sudo adduser mysql mysql-data
+       sudo install -m 640 -o mysql -g mysql \
          "$tool"/etc/mysql/my.cnf \
                 /etc/mysql/my.cnf
-       if test ! -d /home/mysql
+       sudo install -d -m 751 -o mysql -g mysql \
+        /home/mysql
+       sudo install -d -m 750 -o mysql-data -g mysql-data \
+        /home/mysql/data
+       if test ! -d /home/mysql/data
          then
-               sudo install -d -m 750 -o mysql -g mysql \
-                /home/mysql
-               sudo install -d -m 750 -o mysql -g mysql \
-                /home/mysql/data
                 sudo -u mysql mysql_install_db \
                  --no-defaults \
                  --datadir=/home/mysql/data
-               sudo usermod --home /home/mysql mysql
          fi
         sudo service tmpfs restart
+       case $(sudo sv status mysql || true) in
+        (run:*) sudo sv restart mysql
+        esac
   }
  rule_network_configure () {
         sudo install -m 644 -o root -g root /dev/stdin /etc/hostname <<-EOF
@@ -867,16 +885,13 @@ rule_nginx_configure () {
          done
         rule apt_get_install spawn-fcgi fcgiwrap
         sudo insserv --remove fcgiwrap
-       sudo insserv --remove nginx
+       #sudo insserv --remove nginx
         rule tmpfs_configure
         sudo service php5-fpm restart
                 # NOTE: relance les processus du pool
                 #       pour leur donner les droits
                 #       de leurs groupes supplémentaires.
         sudo service nginx restart
-       #case $(sv status nginx) in
-       # (run:*) sudo sv restart nginx
-       # esac
   }
  rule_php5_fpm_configure () {
         local -; set +f
@@ -979,7 +994,7 @@ rule_php5_fpm_configure () {
                 sudo install -m 664 -o php5 -g php5 \
                  "$tool"/etc/php5/fpm/php.ini \
                         /etc/php5/fpm/php.ini
-               case $(sv status php5-"$pool") in
+               case $(sudo sv status php5-"$pool") in
                  (run:*) sudo sv restart php5-"$pool"
                  esac
          done
@@ -1117,7 +1132,7 @@ rule_runit_configure () {
                 local sv_hash=$(printf %s "$sv" | sha1sum | cut -f 1 -d ' ')
                 local sv_status
                 IFS= read -r sv_status_$sv_hash <<-EOF
-                       $(sv status "$sv")
+                       $(sudo sv status "$sv")
                         EOF
                 rm -f /etc/service/"$sv"
          done
@@ -1139,12 +1154,12 @@ rule_runit_configure () {
                                 /etc/sv/"$sv"/log/run
                  fi
                 test ! -r "$tool"/etc/sv/"$sv"/configure.sh ||
-               . "$tool"/etc/sv/"$sv"/configure.sh
+               .         "$tool"/etc/sv/"$sv"/configure.sh
                 ln -fns ../sv/"$sv" /etc/service/"$sv"
                 eval local sv_status=\"\${sv_status_$sv_hash-}\"
                 case $sv_status in
                  ("") true;;
-                (run:*) sv restart "$sv";;
+                (run:*) sudo sv restart "$sv";;
                  esac
          done
   }
@@ -1203,7 +1218,7 @@ rule_ssh_configure () {
                         #Compression yes
                         #CompressionLevel 9
                         #ControlMaster auto
-                       #ControlPath ~/var/run/ssh/%h-%p-%r.sock
+                       #ControlPath ~/var/run/ssh/sock/%h-%p-%r
                         GSSAPIAuthentication no
                         GSSAPIDelegateCredentials no
                         HashKnownHosts yes
author	Julien Moutinho <julm+burette@autogeree.net>
	Sat, 23 Mar 2013 20:38:23 +0000 (21:38 +0100)
committer	Julien Moutinho <julm+burette@autogeree.net>
	Sun, 24 Mar 2013 13:22:53 +0000 (14:22 +0100)
etc/nginx/nginx.conf		patch \| blob \| history
vm_hosted		patch \| blob \| history