From 7313fbbd10b0321c3e460639137f0e0e9ed9dcad Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Thu, 21 Feb 2013 10:50:44 +0100 Subject: [PATCH] Polissage. --- lib/functions.sh | 4 ---- lib/rule.sh | 2 ++ vm_ssh => lib/ssh | 0 vm_host | 6 ++---- vm_hosted | 7 ++++--- vm_remote | 21 ++++++++++++--------- 6 files changed, 20 insertions(+), 20 deletions(-) rename vm_ssh => lib/ssh (100%) diff --git a/lib/functions.sh b/lib/functions.sh index 16c62b5..1a24852 100644 --- a/lib/functions.sh +++ b/lib/functions.sh @@ -1,5 +1 @@ #!/bin/sh - -. "$tool"/lib/mk.sh -. "$tool"/lib/log.sh -. "$tool"/lib/rule.sh diff --git a/lib/rule.sh b/lib/rule.sh index b30218d..9990962 100644 --- a/lib/rule.sh +++ b/lib/rule.sh @@ -1,5 +1,7 @@ #!/bin/sh +. "$tool"/lib/log.sh + rule () { local - local rule="$1"; shift diff --git a/vm_ssh b/lib/ssh similarity index 100% rename from vm_ssh rename to lib/ssh diff --git a/vm_host b/vm_host index ba6461d..de458ef 100755 --- a/vm_host +++ b/vm_host @@ -1,8 +1,9 @@ #!/bin/sh set -e -f ${DRY_RUN:+-n} -u tool=${0%/*} -. "$tool"/lib/functions.sh +. "$tool"/lib/rule.sh . "$tool"/etc/vm.sh +. "$tool"/lib/mk.sh rule_help () { # SYNTAX: [--hidden] local hidden; [ ${1:+set} ] || hidden=set @@ -281,9 +282,6 @@ rule_part_root_umount () { ! test -e /dev/mapper/${vm_lvm_lv}_root_deciphered || sudo cryptsetup luksClose ${vm_lvm_lv}_root_deciphered } -rule_part_root_backup_luks () { - sudo cryptsetup luksHeaderBackup $vm_dev_disk_root --header-backup-file ./root.luks - } rule_part_swap_format () { rule _part_encrypted_format swap rule _part_encrypted_mount swap diff --git a/vm_hosted b/vm_hosted index 9121320..847b818 100755 --- a/vm_hosted +++ b/vm_hosted @@ -1,8 +1,9 @@ #!/bin/sh set -e -f ${DRY_RUN:+-n} -u tool=${0%/*} -. "$tool"/lib/functions.sh +. "$tool"/lib/rule.sh . "$tool"/etc/vm.sh +. "$tool"/lib/mk.sh rule_help () { # SYNTAX: [--hidden] local hidden; [ ${1:+set} ] || hidden=set @@ -90,7 +91,6 @@ rule_apticron_configure () { # CUSTOM_NO_UPDATES_SUBJECT="" # CUSTOM_FROM="root@ateliers.heureux-cyclage.org" EOF - sudo service apticron restart } rule_boot_configure () { warn "attention à n'installer GRUB sur AUCUN disque proposé !" @@ -449,10 +449,11 @@ rule_configure () { rule login_configure rule user_root_configure rule boot_configure + rule apticron_configure rule bin_configure } -rule_disk_key_change () { +rule_luks_key_change () { sudo cryptsetup luksChangeKey /dev/$vm_lvm_vg/${vm_lvm_lv}_root } diff --git a/vm_remote b/vm_remote index 7601a01..5877802 100755 --- a/vm_remote +++ b/vm_remote @@ -1,7 +1,7 @@ #!/bin/sh set -e -f ${DRY_RUN:+-n} -u tool=${0%/*} -. "$tool"/lib/functions.sh +. "$tool"/lib/rule.sh . "$tool"/etc/vm.sh rule_help () { # SYNTAX: [--hidden] @@ -23,7 +23,7 @@ rule_help () { # SYNTAX: [--hidden] EOF } -rule_git_config () { # DESCRIPTION: configure le .git local pour bien pousser +rule_git_configure () { # DESCRIPTION: configure ./.git correctement ( cd "$tool" git remote rm host || true @@ -35,16 +35,19 @@ rule_git_config () { # DESCRIPTION: configure le .git local pour bien pousser ) } rule_git_push () { # SYNTAX: {host|hosted} $git_push_options + ( + cd "$tool" local remote=${1#remote=}; shift - GIT_SSH=./vm_ssh git push -v "$remote" "$@" + GIT_SSH=./lib/ssh git push -v "$remote" "$@" info "penser à faire : vm_hosted git_reset" + ) } rule_ssh () { - "$tool"/vm_ssh $vm_fqdn "$@" + "$tool"/lib/ssh $vm_fqdn "$@" } rule_mosh () { - mosh --ssh="$tool/vm_ssh $*" $vm_fqdn + mosh --ssh="$tool/lib/ssh $*" $vm_fqdn } rule__ssh_known_hosts_update () { rule ssh \ @@ -53,14 +56,14 @@ rule__ssh_known_hosts_update () { -o HashKnownHosts=no \ whoami } -rule_key_disk_send () { +rule_luks_key_send () { # NOTE: envoie la clef de déchiffrement des partitions au démarrage de la VM. gpg --decrypt var/sec/luks/$vm_fqdn.key.gpg | - "$tool"/vm_ssh root@$vm_fqdn "$@" \ + "$tool"/lib/ssh root@$vm_fqdn "$@" \ -o CheckHostIP=no \ -o HostKeyAlias=init.$vm_fqdn \ tee /lib/cryptsetup/passfifo \>/dev/null } -rule_key_disk_backup () { +rule_luks_key_backup () { # NOTE: sauvegarde localement les entêtes des partitions chiffrées. ENVIRONMENT: $gpg_recipient for part in root var home do mkdir -p var/sec/luks @@ -74,7 +77,7 @@ rule_key_disk_backup () { cat "$tmp"; shred >/dev/null --remove "$tmp"; \ ' | - gpg --encrypt --recipient $USER@ \ + gpg --encrypt --recipient "${gpg_recipient:-$USER@}" \ -o var/sec/luks/${vm_lvm_lv}_${part}.luks.gpg done } -- 2.20.1