restructuring III
This commit is contained in:
parent
6038faf4f6
commit
6cfc58e36e
11 changed files with 129 additions and 40 deletions
|
@ -37,9 +37,19 @@
|
|||
# the test-suite are deactivated, some packages get removed)
|
||||
#
|
||||
|
||||
|
||||
set -ue
|
||||
|
||||
# get the path of a configuration file - local configuration files
|
||||
# supersede default files
|
||||
# parameter: base name of the configuration file
|
||||
function get_config_file()
|
||||
{
|
||||
[ -e "$LOCALCONF_DIR/$1" ] && echo "$LOCALCONF_DIR/$1" && return 0
|
||||
[ -e "$DEFAULTCONF_DIR/$1" ] && echo "$DEFAULTCONF_DIR/$1" && return 0
|
||||
echo "configuration file ($1) not found!" >&2
|
||||
exit 1
|
||||
}
|
||||
|
||||
# the base directory of your local development files
|
||||
ROOT_DIR=$(dirname "$0")
|
||||
|
||||
|
@ -83,8 +93,11 @@ CHROOTSTART="/usr/lib/cryptobox/chroot-start.sh"
|
|||
# for burning a CD
|
||||
CDWRITER="0,0,0"
|
||||
|
||||
# for development diffs and merges from a running cryptobox
|
||||
SSH_CONFIG_FILE="$LOCALCONF_DIR/ssh_config"
|
||||
# qemu network configuration file
|
||||
QEMU_IFUP_FILE=$(get_config_file qemu-ifup)
|
||||
|
||||
# to connect to a development cryptobox with ssh
|
||||
SSH_CONFIG_FILE=$(get_config_file ssh_config)
|
||||
|
||||
# extract the hostname of the cryptobox from the ssh_config file
|
||||
SSH_HOST=$(grep "^Host " $SSH_CONFIG_FILE | head -1 | sed 's/^Host *\(.*\)$/\1/')
|
||||
|
@ -97,6 +110,8 @@ DEVEL_FEATURES_SCRIPT="/usr/lib/cryptobox/devel-features.sh"
|
|||
CUSTOM_CONFIGURE_DIR="$ROOT_DIR/configure-local.d"
|
||||
|
||||
|
||||
####################### functions ######################
|
||||
|
||||
function run_dfsbuild()
|
||||
{
|
||||
[ ! -e "$BUILDDIR" ] && mkdir -p "$BUILDDIR" && echo "das BuildDir ($BUILDDIR) wurde angelegt ..."
|
||||
|
@ -121,15 +136,10 @@ function qemu_boot()
|
|||
then echo "Creating temporary harddisk image ..."
|
||||
dd if=/dev/zero of="$HD_IMAGE" bs=1M count=20
|
||||
fi
|
||||
# create default qemu-ifup
|
||||
if [ ! -e "$LOCALCONF_DIR/qemu-ifup" ]
|
||||
then [ ! -d "$LOCALCONF_DIR" ] && mkdir "$LOCALCONF_DIR"
|
||||
cp "misc/qemu-ifup.default" "$LOCALCONF_DIR/qemu-ifup"
|
||||
fi
|
||||
echo "Starting qemu ..."
|
||||
qemu -cdrom "$IMAGE_FILE" -m 96 -hda "$IMAGE_FILE" -boot d -n "$LOCALCONF_DIR/qemu-ifup" || true
|
||||
qemu -cdrom "$IMAGE_FILE" -m 96 -hda "$IMAGE_FILE" -boot d -n "$QEMU_IFUP_FILE" || true
|
||||
# remove iptables rules
|
||||
"$LOCALCONF_DIR/qemu-ifup" stop
|
||||
"$QEMU_IFUP_FILE" stop
|
||||
}
|
||||
|
||||
|
||||
|
@ -181,17 +191,8 @@ function configure_cb()
|
|||
|
||||
function fetch_revision()
|
||||
{
|
||||
svn -R info| grep ^Revision| cut -f2 -d " " | sort | tail -1
|
||||
}
|
||||
|
||||
|
||||
function check_ssh_defaults()
|
||||
{
|
||||
[ ! -d "$LOCALCONF_DIR" ] && mkdir "$LOCALCONF_DIR"
|
||||
if [ ! -e "$SSH_CONFIG_FILE" ]
|
||||
then echo "Copying default ssh_config file to '$SSH_CONFIG_FILE' ..."
|
||||
cp misc/ssh-options.default "$SSH_CONFIG_FILE"
|
||||
fi
|
||||
svn -R info 2>&1 | grep ^Revision| cut -f2 -d " " | sort | tail -1 \
|
||||
|| echo "unknown release"
|
||||
}
|
||||
|
||||
|
||||
|
@ -204,7 +205,6 @@ function upload2devel()
|
|||
# of course, only the directories that are mapped to tmpfs can
|
||||
# be updated this way
|
||||
{
|
||||
check_ssh_defaults
|
||||
local DIRS="var/www usr/share/cryptobox usr/lib/cryptobox"
|
||||
[ -e "$TMP_DIR" ] || mkdir -p "$TMP_DIR"
|
||||
for a in $DIRS
|
||||
|
@ -217,7 +217,7 @@ function upload2devel()
|
|||
echo "Copying local files to the cryptobox ... "
|
||||
if scp -F "$SSH_CONFIG_FILE" -rpq "$TMP_DIR/." cryptobox:/tmp/mirror
|
||||
then echo "Set the base for future diffs to current state ..."
|
||||
ssh -F "$SSH_CONFIG_FILE" $SSH_HOST $DEVEL_FEATURES_SCRIPT set_diff_base
|
||||
ssh -F "$SSH_CONFIG_FILE" "$SSH_HOST" "$DEVEL_FEATURES_SCRIPT" set_diff_base
|
||||
else echo 'ERROR: copying failed!'
|
||||
fi
|
||||
rm -rf "$TMP_DIR"
|
||||
|
@ -228,20 +228,26 @@ function merge_from_devel()
|
|||
# merge a diff from a running development cryptobox into
|
||||
# this working directory
|
||||
{
|
||||
check_ssh_defaults
|
||||
echo "Check for collisions ... (dry-run)"
|
||||
if ssh -F "$SSH_CONFIG_FILE" $SSH_HOST $DEVEL_FEATURES_SCRIPT diff | patch --dry-run -p1 -d "$TEMPLATE_DIR"
|
||||
if devel_diff | patch --dry-run -p1 -d "$TEMPLATE_DIR"
|
||||
then echo
|
||||
echo "Applying diff ..."
|
||||
ssh -F "$SSH_CONFIG_FILE" $SSH_HOST $DEVEL_FEATURES_SCRIPT diff | patch -p1 -d "$TEMPLATE_DIR"
|
||||
devel_diff | patch -p1 -d "$TEMPLATE_DIR"
|
||||
echo
|
||||
echo "Set the base for future diffs to current state ..."
|
||||
ssh -F "$SSH_CONFIG_FILE" $SSH_HOST $DEVEL_FEATURES_SCRIPT set_diff_base
|
||||
ssh -F "$SSH_CONFIG_FILE" "$SSH_HOST" "$DEVEL_FEATURES_SCRIPT" set_diff_base
|
||||
else echo "Merging will fail - do it manually!"
|
||||
fi
|
||||
}
|
||||
|
||||
|
||||
# get the diff of a running cryptobox system between its current state
|
||||
# and its original content
|
||||
function devel_diff(
|
||||
{
|
||||
ssh -F "$SSH_CONFIG_FILE" "$SSH_HOST" "$DEVEL_FEATURES_SCRIPT" diff
|
||||
}
|
||||
|
||||
function blanknburn_cdrw()
|
||||
{
|
||||
cdrecord -v dev=$CDWRITER blank=fast
|
||||
|
@ -271,8 +277,7 @@ while [ $# -gt 0 ]
|
|||
;;
|
||||
diff )
|
||||
# get a diff from a running development cryptobox
|
||||
check_ssh_defaults
|
||||
ssh -F "$SSH_CONFIG_FILE" $SSH_HOST $DEVEL_FEATURES_SCRIPT diff
|
||||
devel_diff
|
||||
;;
|
||||
merge )
|
||||
merge_from_devel
|
||||
|
|
|
@ -33,15 +33,6 @@ function configure_normal()
|
|||
# change thttpd-user from www-data to root (permissions for mount, cryptsetup, ...)
|
||||
sed -i "s/^user=.*/user=root/" /etc/thttpd/thttpd.conf
|
||||
|
||||
######### bashrc ###########
|
||||
# remove dfshints from bashrc
|
||||
sed -i "/^dfshints$/d" "$RUNTIMEDIR/root/.bashrc"
|
||||
|
||||
########### TERM ###########
|
||||
# set a usable default
|
||||
sed -i '/^export TERM=/d' "$RUNTIMEDIR/root/.profile"
|
||||
echo 'export TERM=vt100' >>"$RUNTIMEDIR/root/.profile"
|
||||
|
||||
########## sshd ############
|
||||
if [ -e "/etc/ssh" ]; then
|
||||
# allow empty passwords for ssh
|
||||
|
|
|
@ -217,8 +217,7 @@ arch = amd64
|
|||
|
||||
/etc/issue = This is the CryptoBox!
|
||||
|
||||
/root/.bashrc = export WWW_HOME="file:///opt/dfsruntime/home.html"
|
||||
dfshints
|
||||
/etc/profile = export TERM=vt100
|
||||
|
||||
######################################################################
|
||||
# Files to create or truncate
|
55
etc-defaults.d/qemu-ifup.default
Executable file
55
etc-defaults.d/qemu-ifup.default
Executable file
|
@ -0,0 +1,55 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# this is the qemu-ifup script that should be run at qemu's boot
|
||||
#
|
||||
|
||||
# determine the interface to the outside
|
||||
IF_WORLD=`/sbin/route -n | grep " UG " | sed "s/ */ /g" | cut -d " " -f 8 | head -1`
|
||||
# nothing found? - sorry!
|
||||
[ -z "$IF_WORLD" ] && IF_WORLD=eth0
|
||||
|
||||
|
||||
if [ "$UID" -ne 0 ]
|
||||
then sudo $0 $*
|
||||
exit 0
|
||||
fi
|
||||
|
||||
echo "Laufe als root ..."
|
||||
|
||||
IPT=/sbin/iptables
|
||||
[ ! -x $IPT ] && IPT=/usr/sbin/iptables
|
||||
|
||||
IPT_RULES=" FORWARD -i tun0 -o $IF_WORLD -j ACCEPT
|
||||
FORWARD -i $IF_WORLD -o tun0 -m state --state ESTABLISHED,RELATED -j ACCEPT
|
||||
POSTROUTING -t nat -o $IF_WORLD -j MASQUERADE
|
||||
INPUT -i tun0 -j ACCEPT
|
||||
OUTPUT -o tun0 -j ACCEPT"
|
||||
|
||||
aktiviere_forward()
|
||||
{
|
||||
echo "$IPT_RULES" | while read a
|
||||
do $IPT -A $a
|
||||
done
|
||||
echo 1 >/proc/sys/net/ipv4/ip_forward
|
||||
}
|
||||
|
||||
deaktiviere_forward()
|
||||
{
|
||||
echo "$IPT_RULES" | while read a
|
||||
do $IPT -D $a
|
||||
done
|
||||
echo 0 >/proc/sys/net/ipv4/ip_forward
|
||||
}
|
||||
|
||||
case "$1" in
|
||||
stop )
|
||||
deaktiviere_forward
|
||||
#/etc/init.d/dhcp stop
|
||||
;;
|
||||
* )
|
||||
/sbin/ifconfig $1 192.168.0.1
|
||||
#/etc/init.d/dhcp start
|
||||
aktiviere_forward
|
||||
;;
|
||||
esac
|
||||
|
17
etc-defaults.d/ssh_config
Normal file
17
etc-defaults.d/ssh_config
Normal file
|
@ -0,0 +1,17 @@
|
|||
Host cryptobox
|
||||
|
||||
# change this part according to your needs
|
||||
HostName 192.168.0.23
|
||||
Port 22
|
||||
|
||||
# maybe you want to use rsa authentication?
|
||||
# see misc/custom-configure.s/README for examples
|
||||
#IdentityFile local.conf.d/id_rsa
|
||||
|
||||
# this should be valid for everyone
|
||||
User root
|
||||
CheckHostIP no
|
||||
StrictHostKeyChecking no
|
||||
|
||||
# nice for frequently changing server key due to a rebuild of the base system
|
||||
UserKnownHostsFile /tmp/cryptobox-ssh-known_hosts
|
22
etc-defaults.d/userdocexport.sh
Executable file
22
etc-defaults.d/userdocexport.sh
Executable file
|
@ -0,0 +1,22 @@
|
|||
#!/bin/sh
|
||||
set -u
|
||||
|
||||
## diese Seiten aus dem Wiki ziehen und entschlacken
|
||||
SITES="CryptoBox CryptoBoxDev"
|
||||
DEST_PATH="cryptobox.conf.d/var/www/userdoc/"
|
||||
[ ! -e $DEST_PATH ] && echo "$DEST_PATH does not exist" && exit
|
||||
|
||||
for SITE in $SITES; do
|
||||
SITE_SRC="https://systemausfall.org/wikis/howto/$SITE"
|
||||
SITE_TMP="/tmp/$SITE"
|
||||
SITE_DEST="${DEST_PATH}${SITE}.html"
|
||||
|
||||
[ -e $SITE_TMP ] && echo "$SITE_TMP exists" && exit
|
||||
wget -O $SITE_TMP $SITE_SRC || exit
|
||||
sed -n "1,/\<title\>/p" $SITE_TMP > $SITE_DEST
|
||||
echo "<link rel="stylesheet" type="text/css" charset="utf-8" media="all" href="../cryptobox.css">" >> $SITE_DEST
|
||||
echo -e "</head>\n<body>\n" >> $SITE_DEST
|
||||
sed -n /\<\!--\ start\ page\ --\>/,/\<\!--\ end\ page\ --\>/p $SITE_TMP >> $SITE_DEST
|
||||
echo -e "</body>\n</html>\n" >> $SITE_DEST
|
||||
rm $SITE_TMP
|
||||
done
|
Loading…
Reference in a new issue