Deployment script draft (including openrc, user and group management).
This commit is contained in:
parent
e723717d53
commit
bd11b4bdef
47
makefile
Normal file
47
makefile
Normal file
@ -0,0 +1,47 @@
|
||||
all:
|
||||
|
||||
deploy: create-users deploy-openrc
|
||||
undeploy: remove-users remove-openrc
|
||||
|
||||
remove-users:
|
||||
@grep _auth /etc/passwd >/dev/null && \
|
||||
deluser _auth && echo "user _auth has been removed" || \
|
||||
echo "user _auth already was deleted"
|
||||
@grep _filestorage /etc/passwd >/dev/null && \
|
||||
deluser _filestorage && echo "user _filestorage has been removed" || \
|
||||
echo "user _filestorage already was deleted"
|
||||
@grep _ipc /etc/group >/dev/null && \
|
||||
delgroup _ipc && echo "group _ipc has been removed" || \
|
||||
echo "group _ipc already was deleted"
|
||||
|
||||
remove-openrc:
|
||||
rm /etc/init.d/authd
|
||||
rm /etc/init.d/filestoraged
|
||||
|
||||
GROUP ?= _ipc
|
||||
# BusyBox addgroup [-g GID] [-S] [USER] GROUP
|
||||
# -g GID -S (system group)
|
||||
group-ipc:
|
||||
@grep $(GROUP) /etc/group >/dev/null && echo "group $(GROUP) already exists" || \
|
||||
(addgroup -S $(GROUP) && echo "group $(GROUP) has been created")
|
||||
|
||||
# BusyBox adduser [OPTIONS] USER [GROUP]
|
||||
# -S (system user) -H (no mkdir) -s SHELL -g GECOS -G GROUP -D (no pass) -h HOME
|
||||
user-auth: group-ipc
|
||||
@grep _auth /etc/passwd >/dev/null && echo "user _auth already exists" || \
|
||||
(adduser -S -H -s /bin/false -g "IPC auth daemon" -G $(GROUP) -D _auth && \
|
||||
echo "user _auth has been created")
|
||||
|
||||
user-filestorage: group-ipc
|
||||
@grep _filestorage /etc/passwd >/dev/null && echo "user _filestorage already exists" || \
|
||||
(adduser -S -H -s /bin/false -g "IPC filestorage daemon" -G $(GROUP) -D _filestorage && \
|
||||
echo "user _filestorage has been created")
|
||||
|
||||
create-users: user-auth user-filestorage
|
||||
|
||||
deploy-openrc-authd:
|
||||
install -m0400 openrc/authd /etc/init.d/
|
||||
deploy-openrc-filestoraged:
|
||||
install -m0400 openrc/filestoraged /etc/init.d/
|
||||
|
||||
deploy-openrc: deploy-openrc-authd deploy-openrc-filestoraged
|
66
openrc/authd
Executable file
66
openrc/authd
Executable file
@ -0,0 +1,66 @@
|
||||
#!/sbin/openrc-run
|
||||
|
||||
: ${cfgfile:="/etc/baguette/auth.yml"}
|
||||
: ${auth_password_file:="/etc/baguette/auth-password"}
|
||||
|
||||
command_user="_auth:_ipc"
|
||||
|
||||
# The command cannot go background by itself and cannot write its own PID.
|
||||
command_background=true
|
||||
|
||||
description="Authentication daemon"
|
||||
description_checkconfig="Verify configuration file (TODO)"
|
||||
description_reload="Reload configuration (TODO)"
|
||||
description_debug="Print actual command line to run (TODO)"
|
||||
|
||||
extra_commands="checkconfig debug"
|
||||
extra_started_commands="reload"
|
||||
|
||||
pidfile="${AUTHD_PIDFILE:-"/run/$RC_SVCNAME.pid"}"
|
||||
command="${AUTHD_BINARY:-"/usr/local/bin/authd"}"
|
||||
command_args="${command_args:-${AUTHD_OPTS:- -k $auth_password_file}}"
|
||||
|
||||
depend() {
|
||||
provide auth
|
||||
}
|
||||
|
||||
required_files="$cfgfile $auth_password_file"
|
||||
|
||||
debug() {
|
||||
ewarn Hello this is debug.
|
||||
ewarn auth_password_file: $auth_password_file
|
||||
ewarn pidfile: $pidfile
|
||||
ewarn command: $command
|
||||
ewarn command_args: $command_args
|
||||
}
|
||||
|
||||
checkconfig() {
|
||||
if [ ! -d /run/ipc ] ; then
|
||||
mkdir -p /run/ipc || return 1
|
||||
fi
|
||||
|
||||
# "$command" -t $command_args || return 1
|
||||
ewarn "authd cannot check its own configuration files, yet"
|
||||
return 0
|
||||
}
|
||||
|
||||
start_pre() {
|
||||
checkconfig
|
||||
}
|
||||
|
||||
stop_pre() {
|
||||
if [ "${RC_CMD}" = "restart" ] ; then
|
||||
checkconfig || return 1
|
||||
fi
|
||||
}
|
||||
|
||||
reload() {
|
||||
ewarn "Reloading: not available, let's just restart."
|
||||
# checkconfig || return 1
|
||||
restart || return 1
|
||||
|
||||
# ebegin "Reloading $RC_SVCNAME"
|
||||
# start-stop-daemon --signal HUP \
|
||||
# --exec "$command" --pidfile "$pidfile"
|
||||
# eend $?
|
||||
}
|
Loading…
Reference in New Issue
Block a user