restructuring III
This commit is contained in:
parent
6038faf4f6
commit
6cfc58e36e
|
@ -37,9 +37,19 @@
|
||||||
# the test-suite are deactivated, some packages get removed)
|
# the test-suite are deactivated, some packages get removed)
|
||||||
#
|
#
|
||||||
|
|
||||||
|
|
||||||
set -ue
|
set -ue
|
||||||
|
|
||||||
|
# get the path of a configuration file - local configuration files
|
||||||
|
# supersede default files
|
||||||
|
# parameter: base name of the configuration file
|
||||||
|
function get_config_file()
|
||||||
|
{
|
||||||
|
[ -e "$LOCALCONF_DIR/$1" ] && echo "$LOCALCONF_DIR/$1" && return 0
|
||||||
|
[ -e "$DEFAULTCONF_DIR/$1" ] && echo "$DEFAULTCONF_DIR/$1" && return 0
|
||||||
|
echo "configuration file ($1) not found!" >&2
|
||||||
|
exit 1
|
||||||
|
}
|
||||||
|
|
||||||
# the base directory of your local development files
|
# the base directory of your local development files
|
||||||
ROOT_DIR=$(dirname "$0")
|
ROOT_DIR=$(dirname "$0")
|
||||||
|
|
||||||
|
@ -83,8 +93,11 @@ CHROOTSTART="/usr/lib/cryptobox/chroot-start.sh"
|
||||||
# for burning a CD
|
# for burning a CD
|
||||||
CDWRITER="0,0,0"
|
CDWRITER="0,0,0"
|
||||||
|
|
||||||
# for development diffs and merges from a running cryptobox
|
# qemu network configuration file
|
||||||
SSH_CONFIG_FILE="$LOCALCONF_DIR/ssh_config"
|
QEMU_IFUP_FILE=$(get_config_file qemu-ifup)
|
||||||
|
|
||||||
|
# to connect to a development cryptobox with ssh
|
||||||
|
SSH_CONFIG_FILE=$(get_config_file ssh_config)
|
||||||
|
|
||||||
# extract the hostname of the cryptobox from the ssh_config file
|
# extract the hostname of the cryptobox from the ssh_config file
|
||||||
SSH_HOST=$(grep "^Host " $SSH_CONFIG_FILE | head -1 | sed 's/^Host *\(.*\)$/\1/')
|
SSH_HOST=$(grep "^Host " $SSH_CONFIG_FILE | head -1 | sed 's/^Host *\(.*\)$/\1/')
|
||||||
|
@ -97,6 +110,8 @@ DEVEL_FEATURES_SCRIPT="/usr/lib/cryptobox/devel-features.sh"
|
||||||
CUSTOM_CONFIGURE_DIR="$ROOT_DIR/configure-local.d"
|
CUSTOM_CONFIGURE_DIR="$ROOT_DIR/configure-local.d"
|
||||||
|
|
||||||
|
|
||||||
|
####################### functions ######################
|
||||||
|
|
||||||
function run_dfsbuild()
|
function run_dfsbuild()
|
||||||
{
|
{
|
||||||
[ ! -e "$BUILDDIR" ] && mkdir -p "$BUILDDIR" && echo "das BuildDir ($BUILDDIR) wurde angelegt ..."
|
[ ! -e "$BUILDDIR" ] && mkdir -p "$BUILDDIR" && echo "das BuildDir ($BUILDDIR) wurde angelegt ..."
|
||||||
|
@ -121,15 +136,10 @@ function qemu_boot()
|
||||||
then echo "Creating temporary harddisk image ..."
|
then echo "Creating temporary harddisk image ..."
|
||||||
dd if=/dev/zero of="$HD_IMAGE" bs=1M count=20
|
dd if=/dev/zero of="$HD_IMAGE" bs=1M count=20
|
||||||
fi
|
fi
|
||||||
# create default qemu-ifup
|
|
||||||
if [ ! -e "$LOCALCONF_DIR/qemu-ifup" ]
|
|
||||||
then [ ! -d "$LOCALCONF_DIR" ] && mkdir "$LOCALCONF_DIR"
|
|
||||||
cp "misc/qemu-ifup.default" "$LOCALCONF_DIR/qemu-ifup"
|
|
||||||
fi
|
|
||||||
echo "Starting qemu ..."
|
echo "Starting qemu ..."
|
||||||
qemu -cdrom "$IMAGE_FILE" -m 96 -hda "$IMAGE_FILE" -boot d -n "$LOCALCONF_DIR/qemu-ifup" || true
|
qemu -cdrom "$IMAGE_FILE" -m 96 -hda "$IMAGE_FILE" -boot d -n "$QEMU_IFUP_FILE" || true
|
||||||
# remove iptables rules
|
# remove iptables rules
|
||||||
"$LOCALCONF_DIR/qemu-ifup" stop
|
"$QEMU_IFUP_FILE" stop
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -181,17 +191,8 @@ function configure_cb()
|
||||||
|
|
||||||
function fetch_revision()
|
function fetch_revision()
|
||||||
{
|
{
|
||||||
svn -R info| grep ^Revision| cut -f2 -d " " | sort | tail -1
|
svn -R info 2>&1 | grep ^Revision| cut -f2 -d " " | sort | tail -1 \
|
||||||
}
|
|| echo "unknown release"
|
||||||
|
|
||||||
|
|
||||||
function check_ssh_defaults()
|
|
||||||
{
|
|
||||||
[ ! -d "$LOCALCONF_DIR" ] && mkdir "$LOCALCONF_DIR"
|
|
||||||
if [ ! -e "$SSH_CONFIG_FILE" ]
|
|
||||||
then echo "Copying default ssh_config file to '$SSH_CONFIG_FILE' ..."
|
|
||||||
cp misc/ssh-options.default "$SSH_CONFIG_FILE"
|
|
||||||
fi
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -204,7 +205,6 @@ function upload2devel()
|
||||||
# of course, only the directories that are mapped to tmpfs can
|
# of course, only the directories that are mapped to tmpfs can
|
||||||
# be updated this way
|
# be updated this way
|
||||||
{
|
{
|
||||||
check_ssh_defaults
|
|
||||||
local DIRS="var/www usr/share/cryptobox usr/lib/cryptobox"
|
local DIRS="var/www usr/share/cryptobox usr/lib/cryptobox"
|
||||||
[ -e "$TMP_DIR" ] || mkdir -p "$TMP_DIR"
|
[ -e "$TMP_DIR" ] || mkdir -p "$TMP_DIR"
|
||||||
for a in $DIRS
|
for a in $DIRS
|
||||||
|
@ -217,7 +217,7 @@ function upload2devel()
|
||||||
echo "Copying local files to the cryptobox ... "
|
echo "Copying local files to the cryptobox ... "
|
||||||
if scp -F "$SSH_CONFIG_FILE" -rpq "$TMP_DIR/." cryptobox:/tmp/mirror
|
if scp -F "$SSH_CONFIG_FILE" -rpq "$TMP_DIR/." cryptobox:/tmp/mirror
|
||||||
then echo "Set the base for future diffs to current state ..."
|
then echo "Set the base for future diffs to current state ..."
|
||||||
ssh -F "$SSH_CONFIG_FILE" $SSH_HOST $DEVEL_FEATURES_SCRIPT set_diff_base
|
ssh -F "$SSH_CONFIG_FILE" "$SSH_HOST" "$DEVEL_FEATURES_SCRIPT" set_diff_base
|
||||||
else echo 'ERROR: copying failed!'
|
else echo 'ERROR: copying failed!'
|
||||||
fi
|
fi
|
||||||
rm -rf "$TMP_DIR"
|
rm -rf "$TMP_DIR"
|
||||||
|
@ -228,20 +228,26 @@ function merge_from_devel()
|
||||||
# merge a diff from a running development cryptobox into
|
# merge a diff from a running development cryptobox into
|
||||||
# this working directory
|
# this working directory
|
||||||
{
|
{
|
||||||
check_ssh_defaults
|
|
||||||
echo "Check for collisions ... (dry-run)"
|
echo "Check for collisions ... (dry-run)"
|
||||||
if ssh -F "$SSH_CONFIG_FILE" $SSH_HOST $DEVEL_FEATURES_SCRIPT diff | patch --dry-run -p1 -d "$TEMPLATE_DIR"
|
if devel_diff | patch --dry-run -p1 -d "$TEMPLATE_DIR"
|
||||||
then echo
|
then echo
|
||||||
echo "Applying diff ..."
|
echo "Applying diff ..."
|
||||||
ssh -F "$SSH_CONFIG_FILE" $SSH_HOST $DEVEL_FEATURES_SCRIPT diff | patch -p1 -d "$TEMPLATE_DIR"
|
devel_diff | patch -p1 -d "$TEMPLATE_DIR"
|
||||||
echo
|
echo
|
||||||
echo "Set the base for future diffs to current state ..."
|
echo "Set the base for future diffs to current state ..."
|
||||||
ssh -F "$SSH_CONFIG_FILE" $SSH_HOST $DEVEL_FEATURES_SCRIPT set_diff_base
|
ssh -F "$SSH_CONFIG_FILE" "$SSH_HOST" "$DEVEL_FEATURES_SCRIPT" set_diff_base
|
||||||
else echo "Merging will fail - do it manually!"
|
else echo "Merging will fail - do it manually!"
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
# get the diff of a running cryptobox system between its current state
|
||||||
|
# and its original content
|
||||||
|
function devel_diff(
|
||||||
|
{
|
||||||
|
ssh -F "$SSH_CONFIG_FILE" "$SSH_HOST" "$DEVEL_FEATURES_SCRIPT" diff
|
||||||
|
}
|
||||||
|
|
||||||
function blanknburn_cdrw()
|
function blanknburn_cdrw()
|
||||||
{
|
{
|
||||||
cdrecord -v dev=$CDWRITER blank=fast
|
cdrecord -v dev=$CDWRITER blank=fast
|
||||||
|
@ -271,8 +277,7 @@ while [ $# -gt 0 ]
|
||||||
;;
|
;;
|
||||||
diff )
|
diff )
|
||||||
# get a diff from a running development cryptobox
|
# get a diff from a running development cryptobox
|
||||||
check_ssh_defaults
|
devel_diff
|
||||||
ssh -F "$SSH_CONFIG_FILE" $SSH_HOST $DEVEL_FEATURES_SCRIPT diff
|
|
||||||
;;
|
;;
|
||||||
merge )
|
merge )
|
||||||
merge_from_devel
|
merge_from_devel
|
||||||
|
|
|
@ -33,15 +33,6 @@ function configure_normal()
|
||||||
# change thttpd-user from www-data to root (permissions for mount, cryptsetup, ...)
|
# change thttpd-user from www-data to root (permissions for mount, cryptsetup, ...)
|
||||||
sed -i "s/^user=.*/user=root/" /etc/thttpd/thttpd.conf
|
sed -i "s/^user=.*/user=root/" /etc/thttpd/thttpd.conf
|
||||||
|
|
||||||
######### bashrc ###########
|
|
||||||
# remove dfshints from bashrc
|
|
||||||
sed -i "/^dfshints$/d" "$RUNTIMEDIR/root/.bashrc"
|
|
||||||
|
|
||||||
########### TERM ###########
|
|
||||||
# set a usable default
|
|
||||||
sed -i '/^export TERM=/d' "$RUNTIMEDIR/root/.profile"
|
|
||||||
echo 'export TERM=vt100' >>"$RUNTIMEDIR/root/.profile"
|
|
||||||
|
|
||||||
########## sshd ############
|
########## sshd ############
|
||||||
if [ -e "/etc/ssh" ]; then
|
if [ -e "/etc/ssh" ]; then
|
||||||
# allow empty passwords for ssh
|
# allow empty passwords for ssh
|
||||||
|
|
|
@ -217,8 +217,7 @@ arch = amd64
|
||||||
|
|
||||||
/etc/issue = This is the CryptoBox!
|
/etc/issue = This is the CryptoBox!
|
||||||
|
|
||||||
/root/.bashrc = export WWW_HOME="file:///opt/dfsruntime/home.html"
|
/etc/profile = export TERM=vt100
|
||||||
dfshints
|
|
||||||
|
|
||||||
######################################################################
|
######################################################################
|
||||||
# Files to create or truncate
|
# Files to create or truncate
|
55
etc-defaults.d/qemu-ifup.default
Executable file
55
etc-defaults.d/qemu-ifup.default
Executable file
|
@ -0,0 +1,55 @@
|
||||||
|
#!/bin/sh
|
||||||
|
#
|
||||||
|
# this is the qemu-ifup script that should be run at qemu's boot
|
||||||
|
#
|
||||||
|
|
||||||
|
# determine the interface to the outside
|
||||||
|
IF_WORLD=`/sbin/route -n | grep " UG " | sed "s/ */ /g" | cut -d " " -f 8 | head -1`
|
||||||
|
# nothing found? - sorry!
|
||||||
|
[ -z "$IF_WORLD" ] && IF_WORLD=eth0
|
||||||
|
|
||||||
|
|
||||||
|
if [ "$UID" -ne 0 ]
|
||||||
|
then sudo $0 $*
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "Laufe als root ..."
|
||||||
|
|
||||||
|
IPT=/sbin/iptables
|
||||||
|
[ ! -x $IPT ] && IPT=/usr/sbin/iptables
|
||||||
|
|
||||||
|
IPT_RULES=" FORWARD -i tun0 -o $IF_WORLD -j ACCEPT
|
||||||
|
FORWARD -i $IF_WORLD -o tun0 -m state --state ESTABLISHED,RELATED -j ACCEPT
|
||||||
|
POSTROUTING -t nat -o $IF_WORLD -j MASQUERADE
|
||||||
|
INPUT -i tun0 -j ACCEPT
|
||||||
|
OUTPUT -o tun0 -j ACCEPT"
|
||||||
|
|
||||||
|
aktiviere_forward()
|
||||||
|
{
|
||||||
|
echo "$IPT_RULES" | while read a
|
||||||
|
do $IPT -A $a
|
||||||
|
done
|
||||||
|
echo 1 >/proc/sys/net/ipv4/ip_forward
|
||||||
|
}
|
||||||
|
|
||||||
|
deaktiviere_forward()
|
||||||
|
{
|
||||||
|
echo "$IPT_RULES" | while read a
|
||||||
|
do $IPT -D $a
|
||||||
|
done
|
||||||
|
echo 0 >/proc/sys/net/ipv4/ip_forward
|
||||||
|
}
|
||||||
|
|
||||||
|
case "$1" in
|
||||||
|
stop )
|
||||||
|
deaktiviere_forward
|
||||||
|
#/etc/init.d/dhcp stop
|
||||||
|
;;
|
||||||
|
* )
|
||||||
|
/sbin/ifconfig $1 192.168.0.1
|
||||||
|
#/etc/init.d/dhcp start
|
||||||
|
aktiviere_forward
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
17
etc-defaults.d/ssh_config
Normal file
17
etc-defaults.d/ssh_config
Normal file
|
@ -0,0 +1,17 @@
|
||||||
|
Host cryptobox
|
||||||
|
|
||||||
|
# change this part according to your needs
|
||||||
|
HostName 192.168.0.23
|
||||||
|
Port 22
|
||||||
|
|
||||||
|
# maybe you want to use rsa authentication?
|
||||||
|
# see misc/custom-configure.s/README for examples
|
||||||
|
#IdentityFile local.conf.d/id_rsa
|
||||||
|
|
||||||
|
# this should be valid for everyone
|
||||||
|
User root
|
||||||
|
CheckHostIP no
|
||||||
|
StrictHostKeyChecking no
|
||||||
|
|
||||||
|
# nice for frequently changing server key due to a rebuild of the base system
|
||||||
|
UserKnownHostsFile /tmp/cryptobox-ssh-known_hosts
|
22
etc-defaults.d/userdocexport.sh
Executable file
22
etc-defaults.d/userdocexport.sh
Executable file
|
@ -0,0 +1,22 @@
|
||||||
|
#!/bin/sh
|
||||||
|
set -u
|
||||||
|
|
||||||
|
## diese Seiten aus dem Wiki ziehen und entschlacken
|
||||||
|
SITES="CryptoBox CryptoBoxDev"
|
||||||
|
DEST_PATH="cryptobox.conf.d/var/www/userdoc/"
|
||||||
|
[ ! -e $DEST_PATH ] && echo "$DEST_PATH does not exist" && exit
|
||||||
|
|
||||||
|
for SITE in $SITES; do
|
||||||
|
SITE_SRC="https://systemausfall.org/wikis/howto/$SITE"
|
||||||
|
SITE_TMP="/tmp/$SITE"
|
||||||
|
SITE_DEST="${DEST_PATH}${SITE}.html"
|
||||||
|
|
||||||
|
[ -e $SITE_TMP ] && echo "$SITE_TMP exists" && exit
|
||||||
|
wget -O $SITE_TMP $SITE_SRC || exit
|
||||||
|
sed -n "1,/\<title\>/p" $SITE_TMP > $SITE_DEST
|
||||||
|
echo "<link rel="stylesheet" type="text/css" charset="utf-8" media="all" href="../cryptobox.css">" >> $SITE_DEST
|
||||||
|
echo -e "</head>\n<body>\n" >> $SITE_DEST
|
||||||
|
sed -n /\<\!--\ start\ page\ --\>/,/\<\!--\ end\ page\ --\>/p $SITE_TMP >> $SITE_DEST
|
||||||
|
echo -e "</body>\n</html>\n" >> $SITE_DEST
|
||||||
|
rm $SITE_TMP
|
||||||
|
done
|
Loading…
Reference in a new issue