435 lines
10 KiB

  1. #!/bin/bash
  2. exname=$(basename $0)
  3. compose_core=$(which compose-core) || {
  4. echo "Requires compose-core executable to be in \$PATH." >&2
  5. exit 1
  6. }
  7. fetch-def() {
  8. local path="$1" fname="$2"
  9. ( . "$path" 1>&2 || {
  10. echo "Failed to load '$path'." >&2
  11. exit 1
  12. }
  13. declare -f "$fname"
  14. )
  15. }
  16. prefix_cmd="
  17. . /etc/shlib
  18. include common
  19. include parse
  20. . ../lib/common
  21. $(fetch-def "$compose_core" yaml_get_values)
  22. $(fetch-def "$compose_core" yaml_get_interpret)
  23. " || {
  24. echo "Couldn't build prefix cmd" >&2
  25. exit 1
  26. }
  27. ##
  28. ## Mocks
  29. ##
  30. relation-get() {
  31. local key="$1"
  32. echo "$CFG" | shyaml get-value "$key" 2>/dev/null
  33. }
  34. export -f relation-get
  35. export RELATION_DATA_FILE=x
  36. relation-set() {
  37. local key="$1" value="$2"
  38. echo "relation-set $key:" >&2
  39. echo "$value" | prefix " | " >&2
  40. }
  41. export -f relation-set
  42. cfg-get-value() {
  43. local key="$1"
  44. shyaml get-value "$key" 2>/dev/null
  45. }
  46. export -f cfg-get-value
  47. get_service_relations() {
  48. printf "%s\0" "${RELATIONS[@]}"
  49. }
  50. export -f get_service_relations
  51. file_put() {
  52. echo "file_put $1"
  53. cat - | prefix " | "
  54. }
  55. export -f file_put
  56. docker() {
  57. echo "docker" "$@"
  58. echo stdin:
  59. cat - | prefix " | "
  60. }
  61. export -f docker
  62. config-add() {
  63. echo "config-add"
  64. echo "$1" | prefix " | "
  65. }
  66. export -f config-add
  67. init-config-add() {
  68. echo "init-config-add"
  69. echo "$1" | prefix " | "
  70. }
  71. export -f init-config-add
  72. mkdir() {
  73. echo "called: $FUNCNAME $@" >&2
  74. }
  75. export -f mkdir
  76. setfacl() {
  77. echo "called: $FUNCNAME $@" >&2
  78. }
  79. export -f setfacl
  80. chgrp() {
  81. echo "called: $FUNCNAME $@" >&2
  82. }
  83. export -f chgrp
  84. chmod() {
  85. echo "called: $FUNCNAME $@" >&2
  86. }
  87. export -f chmod
  88. merge_yaml_str() {
  89. local arg_hash="$(H "$@" | cut -c -16)"
  90. local i
  91. echo "Calling: merge_yaml_str" >&2
  92. ((i=0))
  93. for arg in "$@"; do
  94. echo " arg$((i++)):"
  95. echo "$arg" | prefix " | "
  96. done >&2
  97. echo " H> $arg_hash" >&2
  98. while read-0 h res; do
  99. if [[ "$arg_hash" == "$h" ]]; then
  100. echo "Mock hash matched, returning:" >&2
  101. echo "$res" | prefix " | " >&2
  102. echo "$res"
  103. return 0
  104. fi
  105. done < <(e "$MERGE_YAML_STR" | shyaml key-values-0)
  106. printf "<merge_yaml_str("
  107. printf "'%s', " "$@"
  108. printf ")>"
  109. }
  110. export -f merge_yaml_str
  111. yaml_get_interpret() {
  112. shyaml get-value
  113. }
  114. export -f yaml_get_interpret
  115. yaml_key_val_str() {
  116. printf "%s: %s" "$1" "$2"
  117. }
  118. export -f yaml_key_val_str
  119. cached_cmd_on_base_image() {
  120. echo "called: $FUNCNAME $@" >&2
  121. echo "stdout:" >&2
  122. echo "<GID>" | prefix " | " >&2
  123. echo "<GID>"
  124. }
  125. export -f cached_cmd_on_base_image
  126. export state_tmpdir=$(mktemp -d -t tmp.XXXXXXXXXX)
  127. trap "rm -rf \"$state_tmpdir\"" EXIT
  128. ##
  129. ## apache_vhost_create
  130. ##
  131. try "
  132. export SERVICE_CONFIGSTORE='\$SERVICE_CONFIGSTORE'
  133. apache_vhost_create publish_dir '
  134. domain: www.example.com
  135. '"
  136. is errlvl 0
  137. is err part "\
  138. relation-set url:
  139. | http://www.example.com"
  140. is out reg '^file_put \$SERVICE_CONFIGSTORE/.*/www.example.com.conf'
  141. try "
  142. export SERVICE_CONFIGSTORE='\$SERVICE_CONFIGSTORE'
  143. CFG='
  144. domain: www.example.com
  145. ssl: true
  146. '
  147. ADDITION='
  148. apache-custom-rules:
  149. - |
  150. ## Auto-redirection from http to https
  151. RewriteEngine On
  152. RewriteCond %{HTTPS} off
  153. RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=302,L,QSA]'
  154. MERGE_YAML_STR=\"
  155. 6b92a84e9d93e4a1: |
  156. \$(echo \"\$CFG\" | prefix ' ')
  157. \$(echo \"\$ADDITION\" | prefix ' ')
  158. \"
  159. apache_vhost_create publish_dir \"\$CFG\"
  160. "
  161. is errlvl 0
  162. is err part "## Auto-redirection from http to https"
  163. is err part "\
  164. relation-set url:
  165. | https://www.example.com"
  166. is out reg '^file_put \$SERVICE_CONFIGSTORE/.*/www.example.com.conf'
  167. try "
  168. export SERVICE_CONFIGSTORE='\$SERVICE_CONFIGSTORE'
  169. export CONFIGSTORE='\$CONFIGSTORE'
  170. export BASE_SERVICE_NAME='\$BASE_SERVICE_NAME'
  171. export MASTER_TARGET_SERVICE_NAME='\$MASTER_TARGET_SERVICE_NAME'
  172. CFG='
  173. domain: www.example.com
  174. ssl:
  175. key: |
  176. a
  177. b
  178. cert: c
  179. '
  180. ADDITION='
  181. apache-custom-rules:
  182. - |
  183. ## Auto-redirection from http to https
  184. RewriteEngine On
  185. RewriteCond %{HTTPS} off
  186. RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=302,L,QSA]'
  187. MERGE_YAML_STR=\"
  188. 3b76349cfba9d3f2: |
  189. \$(echo \"\$CFG\" | prefix ' ')
  190. \$(echo \"\$ADDITION\" | prefix ' ')
  191. \"
  192. apache_vhost_create publish_dir \"\$CFG\"
  193. "
  194. is errlvl 0
  195. is err part "## Auto-redirection from http to https"
  196. is err part "\
  197. relation-set url:
  198. | https://www.example.com"
  199. is out part 'file_put $CONFIGSTORE/$BASE_SERVICE_NAME/etc/ssl/certs/www.example.com.pem
  200. | c'
  201. is out part 'file_put $CONFIGSTORE/$BASE_SERVICE_NAME/etc/ssl/private/www.example.com.key
  202. | a
  203. | b'
  204. is out reg 'init-config-add'
  205. is out reg ' - \$CONFIGSTORE/\$BASE_SERVICE_NAME/etc/ssl/certs/www.example.com.pem:/etc/ssl/certs/www.example.com.pem:ro'
  206. is out reg ' - \$CONFIGSTORE/\$BASE_SERVICE_NAME/etc/ssl/private/www.example.com.key:/etc/ssl/private/www.example.com.key:ro'
  207. try "
  208. export DOCKER_BASE_IMAGE=docker/apache
  209. export SERVICE_CONFIGSTORE='\$SERVICE_CONFIGSTORE'
  210. export CONFIGSTORE='\$CONFIGSTORE'
  211. export BASE_SERVICE_NAME='\$BASE_SERVICE_NAME'
  212. export MASTER_TARGET_SERVICE_NAME='\$MASTER_TARGET_SERVICE_NAME'
  213. CFG='
  214. domain: www.example.com
  215. creds:
  216. toto: xxx
  217. '
  218. apache_vhost_create publish_dir \"\$CFG\"
  219. "
  220. is errlvl 0
  221. is err part "\
  222. relation-set url:
  223. | http://www.example.com"
  224. is out reg "htpasswd -bc '/etc/apache2/sites-enabled/www.example.com.passwd' 'toto' 'xxx'"
  225. is out reg 'docker run -i --entrypoint /bin/bash .* docker/apache'
  226. ## XXXvlab: we don't need this feature anymore it seems
  227. # try "
  228. # export SERVICE_CONFIGSTORE='\$SERVICE_CONFIGSTORE'
  229. # apache_vhost_create publish_dir '' ',http,' '000-default'"
  230. # is errlvl 0
  231. # is err part "\
  232. # relation-set url:
  233. # | http://" ## XXXvlab: this isn't right, is it ?
  234. # is out reg '^file_put \$SERVICE_CONFIGSTORE/.*/000-default.conf'
  235. ##
  236. ## apache_publish_dir
  237. ##
  238. try "
  239. export DOCKER_BASE_IMAGE=docker/apache
  240. export SERVICE_CONFIGSTORE='\$SERVICE_CONFIGSTORE'
  241. export CONFIGSTORE='\$CONFIGSTORE'
  242. export BASE_SERVICE_NAME='\$BASE_SERVICE_NAME'
  243. export MASTER_TARGET_SERVICE_NAME='\$MASTER_TARGET_SERVICE_NAME'
  244. apache_publish_dir '
  245. creds:
  246. toto: xxx
  247. '" "missing domain"
  248. is errlvl 1 ## no domain
  249. try "
  250. export DATASTORE='\$DATASTORE'
  251. export DOCKER_BASE_IMAGE=docker/apache
  252. export SERVICE_CONFIGSTORE='\$SERVICE_CONFIGSTORE'
  253. export CONFIGSTORE='\$CONFIGSTORE'
  254. export BASE_SERVICE_NAME='\$BASE_SERVICE_NAME'
  255. export MASTER_TARGET_SERVICE_NAME='\$MASTER_TARGET_SERVICE_NAME'
  256. apache_publish_dir '
  257. domain: www.example.com
  258. creds:
  259. toto: xxx
  260. '
  261. "
  262. is errlvl 0
  263. is err reg 'setfacl -R -m g:<GID>:rx \$DATASTORE/\$BASE_SERVICE_NAME/var/www/www.example.com'
  264. is err reg 'cached_cmd_on_base_image apache id -g www-data'
  265. try "
  266. export DATASTORE='\$DATASTORE'
  267. export DOCKER_BASE_IMAGE=docker/apache
  268. export SERVICE_CONFIGSTORE='\$SERVICE_CONFIGSTORE'
  269. export CONFIGSTORE='\$CONFIGSTORE'
  270. export BASE_SERVICE_NAME='\$BASE_SERVICE_NAME'
  271. export MASTER_TARGET_SERVICE_NAME='\$MASTER_TARGET_SERVICE_NAME'
  272. apache_publish_dir '
  273. domain: www.example.com
  274. creds:
  275. toto: xxx
  276. data-dirs:
  277. - a
  278. - b
  279. - c
  280. '
  281. "
  282. is errlvl 0
  283. is err reg 'setfacl -R -m g:<GID>:rwx \$DATASTORE/\$BASE_SERVICE_NAME/var/www/www.example.com/a \$DATASTORE/\$BASE_SERVICE_NAME/var/www/www.example.com/b \$DATASTORE/\$BASE_SERVICE_NAME/var/www/www.example.com/c'
  284. is err reg 'setfacl -R -d -m g:<GID>:rwx \$DATASTORE/\$BASE_SERVICE_NAME/var/www/www.example.com/a \$DATASTORE/\$BASE_SERVICE_NAME/var/www/www.example.com/b \$DATASTORE/\$BASE_SERVICE_NAME/var/www/www.example.com/c'
  285. try "
  286. export DATASTORE='\$DATASTORE'
  287. export DOCKER_BASE_IMAGE=docker/apache
  288. export SERVICE_CONFIGSTORE='\$SERVICE_CONFIGSTORE'
  289. export CONFIGSTORE='\$CONFIGSTORE'
  290. export SERVICE_NAME='\$SERVICE_NAME'
  291. export BASE_SERVICE_NAME='\$BASE_SERVICE_NAME'
  292. export MASTER_BASE_SERVICE_NAME='\$MASTER_BASE_SERVICE_NAME'
  293. export MASTER_TARGET_SERVICE_NAME='\$MASTER_TARGET_SERVICE_NAME'
  294. apache_publish_dir '
  295. domain: www.example.com
  296. location: /opt/apps/newlocation
  297. creds:
  298. toto: xxx
  299. data-dirs:
  300. - a
  301. - b
  302. - c
  303. '
  304. "
  305. is errlvl 0
  306. is err reg 'mkdir -p /opt/apps/newlocation'
  307. is err reg 'setfacl -R -m g:<GID>:rx /opt/apps/newlocation'
  308. is out part '
  309. init-config-add
  310. |
  311. | $SERVICE_NAME:
  312. | volumes:
  313. | - /opt/apps/newlocation:/var/www/www.example.com' RTRIM
  314. try "
  315. export DATASTORE='\$DATASTORE'
  316. export DOCKER_BASE_IMAGE=docker/apache
  317. export SERVICE_CONFIGSTORE='\$SERVICE_CONFIGSTORE'
  318. export CONFIGSTORE='\$CONFIGSTORE'
  319. export BASE_SERVICE_NAME='\$BASE_SERVICE_NAME'
  320. export MASTER_BASE_SERVICE_NAME='\$MASTER_BASE_SERVICE_NAME'
  321. export MASTER_TARGET_SERVICE_NAME='\$MASTER_TARGET_SERVICE_NAME'
  322. apache_ssh_tunnel '
  323. domain: www.example.com
  324. creds:
  325. toto: xxx
  326. '
  327. " "ssh tunnel without ssl"
  328. is errlvl 1
  329. is err 'Error: ssl must be valued in ssh-tunnel config.
  330. '
  331. is out ''
  332. try "
  333. export DATASTORE='\$DATASTORE'
  334. export DOCKER_BASE_IMAGE=docker/apache
  335. export SERVICE_CONFIGSTORE='\$SERVICE_CONFIGSTORE'
  336. export CONFIGSTORE='\$CONFIGSTORE'
  337. export BASE_SERVICE_NAME='\$BASE_SERVICE_NAME'
  338. export MASTER_BASE_SERVICE_NAME='\$MASTER_BASE_SERVICE_NAME'
  339. export MASTER_TARGET_SERVICE_NAME='\$MASTER_TARGET_SERVICE_NAME'
  340. apache_ssh_tunnel '
  341. ssl: true
  342. creds:
  343. toto: xxx
  344. '
  345. " "ssh tunnel without domain"
  346. is errlvl 1
  347. is err 'Error: domain must be valued in ssh-tunnel config.
  348. '
  349. is out ''
  350. try "
  351. export DATASTORE='\$DATASTORE'
  352. export DOCKER_BASE_IMAGE=docker/apache
  353. export SERVICE_CONFIGSTORE='\$SERVICE_CONFIGSTORE'
  354. export CONFIGSTORE='\$CONFIGSTORE'
  355. export BASE_SERVICE_NAME='\$BASE_SERVICE_NAME'
  356. export MASTER_BASE_SERVICE_NAME='\$MASTER_BASE_SERVICE_NAME'
  357. export MASTER_TARGET_SERVICE_NAME='\$MASTER_TARGET_SERVICE_NAME'
  358. apache_ssh_tunnel '
  359. domain: ssh.example.com
  360. ssl:
  361. key: a
  362. ca-cert: b
  363. creds:
  364. toto: xxx
  365. '
  366. " "ssh tunnel"
  367. is errlvl 0
  368. is err reg 'relation-set domain:
  369. | ssh.example.com'
  370. is out reg 'file_put \$SERVICE_CONFIGSTORE/etc/apache2/sites-enabled/000-ssh.example.com.conf'
  371. is out reg 'file_put \$CONFIGSTORE/\$BASE_SERVICE_NAME/etc/ssl/private/ssh.example.com.key'
  372. is out reg 'file_put \$CONFIGSTORE/\$BASE_SERVICE_NAME/etc/ssl/certs/ssh.example.com-ca.pem'
  373. is out reg 'AuthUserFile /etc/apache2/sites-enabled/ssh.example.com.passwd'
  374. is out reg "htpasswd -bc '/etc/apache2/sites-enabled/000-ssh.example.com.passwd' 'toto' 'xxx'"