restructuring III

This commit is contained in:
lars 2005-08-03 23:03:14 +00:00
parent 6038faf4f6
commit 6cfc58e36e
11 changed files with 129 additions and 40 deletions

View File

@ -37,9 +37,19 @@
# the test-suite are deactivated, some packages get removed) # the test-suite are deactivated, some packages get removed)
# #
set -ue set -ue
# get the path of a configuration file - local configuration files
# supersede default files
# parameter: base name of the configuration file
function get_config_file()
{
[ -e "$LOCALCONF_DIR/$1" ] && echo "$LOCALCONF_DIR/$1" && return 0
[ -e "$DEFAULTCONF_DIR/$1" ] && echo "$DEFAULTCONF_DIR/$1" && return 0
echo "configuration file ($1) not found!" >&2
exit 1
}
# the base directory of your local development files # the base directory of your local development files
ROOT_DIR=$(dirname "$0") ROOT_DIR=$(dirname "$0")
@ -83,8 +93,11 @@ CHROOTSTART="/usr/lib/cryptobox/chroot-start.sh"
# for burning a CD # for burning a CD
CDWRITER="0,0,0" CDWRITER="0,0,0"
# for development diffs and merges from a running cryptobox # qemu network configuration file
SSH_CONFIG_FILE="$LOCALCONF_DIR/ssh_config" QEMU_IFUP_FILE=$(get_config_file qemu-ifup)
# to connect to a development cryptobox with ssh
SSH_CONFIG_FILE=$(get_config_file ssh_config)
# extract the hostname of the cryptobox from the ssh_config file # extract the hostname of the cryptobox from the ssh_config file
SSH_HOST=$(grep "^Host " $SSH_CONFIG_FILE | head -1 | sed 's/^Host *\(.*\)$/\1/') SSH_HOST=$(grep "^Host " $SSH_CONFIG_FILE | head -1 | sed 's/^Host *\(.*\)$/\1/')
@ -97,6 +110,8 @@ DEVEL_FEATURES_SCRIPT="/usr/lib/cryptobox/devel-features.sh"
CUSTOM_CONFIGURE_DIR="$ROOT_DIR/configure-local.d" CUSTOM_CONFIGURE_DIR="$ROOT_DIR/configure-local.d"
####################### functions ######################
function run_dfsbuild() function run_dfsbuild()
{ {
[ ! -e "$BUILDDIR" ] && mkdir -p "$BUILDDIR" && echo "das BuildDir ($BUILDDIR) wurde angelegt ..." [ ! -e "$BUILDDIR" ] && mkdir -p "$BUILDDIR" && echo "das BuildDir ($BUILDDIR) wurde angelegt ..."
@ -121,15 +136,10 @@ function qemu_boot()
then echo "Creating temporary harddisk image ..." then echo "Creating temporary harddisk image ..."
dd if=/dev/zero of="$HD_IMAGE" bs=1M count=20 dd if=/dev/zero of="$HD_IMAGE" bs=1M count=20
fi fi
# create default qemu-ifup
if [ ! -e "$LOCALCONF_DIR/qemu-ifup" ]
then [ ! -d "$LOCALCONF_DIR" ] && mkdir "$LOCALCONF_DIR"
cp "misc/qemu-ifup.default" "$LOCALCONF_DIR/qemu-ifup"
fi
echo "Starting qemu ..." echo "Starting qemu ..."
qemu -cdrom "$IMAGE_FILE" -m 96 -hda "$IMAGE_FILE" -boot d -n "$LOCALCONF_DIR/qemu-ifup" || true qemu -cdrom "$IMAGE_FILE" -m 96 -hda "$IMAGE_FILE" -boot d -n "$QEMU_IFUP_FILE" || true
# remove iptables rules # remove iptables rules
"$LOCALCONF_DIR/qemu-ifup" stop "$QEMU_IFUP_FILE" stop
} }
@ -181,17 +191,8 @@ function configure_cb()
function fetch_revision() function fetch_revision()
{ {
svn -R info| grep ^Revision| cut -f2 -d " " | sort | tail -1 svn -R info 2>&1 | grep ^Revision| cut -f2 -d " " | sort | tail -1 \
} || echo "unknown release"
function check_ssh_defaults()
{
[ ! -d "$LOCALCONF_DIR" ] && mkdir "$LOCALCONF_DIR"
if [ ! -e "$SSH_CONFIG_FILE" ]
then echo "Copying default ssh_config file to '$SSH_CONFIG_FILE' ..."
cp misc/ssh-options.default "$SSH_CONFIG_FILE"
fi
} }
@ -204,7 +205,6 @@ function upload2devel()
# of course, only the directories that are mapped to tmpfs can # of course, only the directories that are mapped to tmpfs can
# be updated this way # be updated this way
{ {
check_ssh_defaults
local DIRS="var/www usr/share/cryptobox usr/lib/cryptobox" local DIRS="var/www usr/share/cryptobox usr/lib/cryptobox"
[ -e "$TMP_DIR" ] || mkdir -p "$TMP_DIR" [ -e "$TMP_DIR" ] || mkdir -p "$TMP_DIR"
for a in $DIRS for a in $DIRS
@ -217,7 +217,7 @@ function upload2devel()
echo "Copying local files to the cryptobox ... " echo "Copying local files to the cryptobox ... "
if scp -F "$SSH_CONFIG_FILE" -rpq "$TMP_DIR/." cryptobox:/tmp/mirror if scp -F "$SSH_CONFIG_FILE" -rpq "$TMP_DIR/." cryptobox:/tmp/mirror
then echo "Set the base for future diffs to current state ..." then echo "Set the base for future diffs to current state ..."
ssh -F "$SSH_CONFIG_FILE" $SSH_HOST $DEVEL_FEATURES_SCRIPT set_diff_base ssh -F "$SSH_CONFIG_FILE" "$SSH_HOST" "$DEVEL_FEATURES_SCRIPT" set_diff_base
else echo 'ERROR: copying failed!' else echo 'ERROR: copying failed!'
fi fi
rm -rf "$TMP_DIR" rm -rf "$TMP_DIR"
@ -228,20 +228,26 @@ function merge_from_devel()
# merge a diff from a running development cryptobox into # merge a diff from a running development cryptobox into
# this working directory # this working directory
{ {
check_ssh_defaults
echo "Check for collisions ... (dry-run)" echo "Check for collisions ... (dry-run)"
if ssh -F "$SSH_CONFIG_FILE" $SSH_HOST $DEVEL_FEATURES_SCRIPT diff | patch --dry-run -p1 -d "$TEMPLATE_DIR" if devel_diff | patch --dry-run -p1 -d "$TEMPLATE_DIR"
then echo then echo
echo "Applying diff ..." echo "Applying diff ..."
ssh -F "$SSH_CONFIG_FILE" $SSH_HOST $DEVEL_FEATURES_SCRIPT diff | patch -p1 -d "$TEMPLATE_DIR" devel_diff | patch -p1 -d "$TEMPLATE_DIR"
echo echo
echo "Set the base for future diffs to current state ..." echo "Set the base for future diffs to current state ..."
ssh -F "$SSH_CONFIG_FILE" $SSH_HOST $DEVEL_FEATURES_SCRIPT set_diff_base ssh -F "$SSH_CONFIG_FILE" "$SSH_HOST" "$DEVEL_FEATURES_SCRIPT" set_diff_base
else echo "Merging will fail - do it manually!" else echo "Merging will fail - do it manually!"
fi fi
} }
# get the diff of a running cryptobox system between its current state
# and its original content
function devel_diff(
{
ssh -F "$SSH_CONFIG_FILE" "$SSH_HOST" "$DEVEL_FEATURES_SCRIPT" diff
}
function blanknburn_cdrw() function blanknburn_cdrw()
{ {
cdrecord -v dev=$CDWRITER blank=fast cdrecord -v dev=$CDWRITER blank=fast
@ -271,8 +277,7 @@ while [ $# -gt 0 ]
;; ;;
diff ) diff )
# get a diff from a running development cryptobox # get a diff from a running development cryptobox
check_ssh_defaults devel_diff
ssh -F "$SSH_CONFIG_FILE" $SSH_HOST $DEVEL_FEATURES_SCRIPT diff
;; ;;
merge ) merge )
merge_from_devel merge_from_devel

View File

@ -33,15 +33,6 @@ function configure_normal()
# change thttpd-user from www-data to root (permissions for mount, cryptsetup, ...) # change thttpd-user from www-data to root (permissions for mount, cryptsetup, ...)
sed -i "s/^user=.*/user=root/" /etc/thttpd/thttpd.conf sed -i "s/^user=.*/user=root/" /etc/thttpd/thttpd.conf
######### bashrc ###########
# remove dfshints from bashrc
sed -i "/^dfshints$/d" "$RUNTIMEDIR/root/.bashrc"
########### TERM ###########
# set a usable default
sed -i '/^export TERM=/d' "$RUNTIMEDIR/root/.profile"
echo 'export TERM=vt100' >>"$RUNTIMEDIR/root/.profile"
########## sshd ############ ########## sshd ############
if [ -e "/etc/ssh" ]; then if [ -e "/etc/ssh" ]; then
# allow empty passwords for ssh # allow empty passwords for ssh

View File

@ -217,8 +217,7 @@ arch = amd64
/etc/issue = This is the CryptoBox! /etc/issue = This is the CryptoBox!
/root/.bashrc = export WWW_HOME="file:///opt/dfsruntime/home.html" /etc/profile = export TERM=vt100
dfshints
###################################################################### ######################################################################
# Files to create or truncate # Files to create or truncate

View File

@ -0,0 +1,55 @@
#!/bin/sh
#
# this is the qemu-ifup script that should be run at qemu's boot
#
# determine the interface to the outside
IF_WORLD=`/sbin/route -n | grep " UG " | sed "s/ */ /g" | cut -d " " -f 8 | head -1`
# nothing found? - sorry!
[ -z "$IF_WORLD" ] && IF_WORLD=eth0
if [ "$UID" -ne 0 ]
then sudo $0 $*
exit 0
fi
echo "Laufe als root ..."
IPT=/sbin/iptables
[ ! -x $IPT ] && IPT=/usr/sbin/iptables
IPT_RULES=" FORWARD -i tun0 -o $IF_WORLD -j ACCEPT
FORWARD -i $IF_WORLD -o tun0 -m state --state ESTABLISHED,RELATED -j ACCEPT
POSTROUTING -t nat -o $IF_WORLD -j MASQUERADE
INPUT -i tun0 -j ACCEPT
OUTPUT -o tun0 -j ACCEPT"
aktiviere_forward()
{
echo "$IPT_RULES" | while read a
do $IPT -A $a
done
echo 1 >/proc/sys/net/ipv4/ip_forward
}
deaktiviere_forward()
{
echo "$IPT_RULES" | while read a
do $IPT -D $a
done
echo 0 >/proc/sys/net/ipv4/ip_forward
}
case "$1" in
stop )
deaktiviere_forward
#/etc/init.d/dhcp stop
;;
* )
/sbin/ifconfig $1 192.168.0.1
#/etc/init.d/dhcp start
aktiviere_forward
;;
esac

17
etc-defaults.d/ssh_config Normal file
View File

@ -0,0 +1,17 @@
Host cryptobox
# change this part according to your needs
HostName 192.168.0.23
Port 22
# maybe you want to use rsa authentication?
# see misc/custom-configure.s/README for examples
#IdentityFile local.conf.d/id_rsa
# this should be valid for everyone
User root
CheckHostIP no
StrictHostKeyChecking no
# nice for frequently changing server key due to a rebuild of the base system
UserKnownHostsFile /tmp/cryptobox-ssh-known_hosts

22
etc-defaults.d/userdocexport.sh Executable file
View File

@ -0,0 +1,22 @@
#!/bin/sh
set -u
## diese Seiten aus dem Wiki ziehen und entschlacken
SITES="CryptoBox CryptoBoxDev"
DEST_PATH="cryptobox.conf.d/var/www/userdoc/"
[ ! -e $DEST_PATH ] && echo "$DEST_PATH does not exist" && exit
for SITE in $SITES; do
SITE_SRC="https://systemausfall.org/wikis/howto/$SITE"
SITE_TMP="/tmp/$SITE"
SITE_DEST="${DEST_PATH}${SITE}.html"
[ -e $SITE_TMP ] && echo "$SITE_TMP exists" && exit
wget -O $SITE_TMP $SITE_SRC || exit
sed -n "1,/\<title\>/p" $SITE_TMP > $SITE_DEST
echo "<link rel="stylesheet" type="text/css" charset="utf-8" media="all" href="../cryptobox.css">" >> $SITE_DEST
echo -e "</head>\n<body>\n" >> $SITE_DEST
sed -n /\<\!--\ start\ page\ --\>/,/\<\!--\ end\ page\ --\>/p $SITE_TMP >> $SITE_DEST
echo -e "</body>\n</html>\n" >> $SITE_DEST
rm $SITE_TMP
done