63 lines
2.1 KiB

  1. #!/bin/bash
  2. ## Init is run on host
  3. ## For now it is run every time the script is launched, but
  4. ## it should be launched only once after build.
  5. ## Accessible variables are:
  6. ## - SERVICE_NAME Name of current service
  7. ## - DOCKER_BASE_IMAGE Base image from which this service might be built if any
  8. ## - SERVICE_DATASTORE Location on host of the DATASTORE of this service
  9. ## - SERVICE_CONFIGSTORE Location on host of the CONFIGSTORE of this service
  10. set -e
  11. service_def=$(get_compose_service_def "$SERVICE_NAME")
  12. users_def=$(echo "$service_def" | shyaml get-value options.users 2>/dev/null) || true
  13. users_file="$SERVICE_CONFIGSTORE/etc/sftp-users.conf"
  14. echo | file_put "$users_file"
  15. rm -f "$SERVICE_DATASTORE/home/"*"/.ssh/authorized_keys"
  16. [ "$users_def" ] || exit 0
  17. rm -f "$users_file"
  18. volume_keys=()
  19. while read-0 login user_def; do
  20. key_nb=0
  21. local_path_key="/home/$login/.ssh/keys"
  22. host_path_key="$SERVICE_CONFIGSTORE${local_path_key}"
  23. while read-0 key; do
  24. debug "Creating login key ${key_nb} for '$login'" || true
  25. echo "$key" | file_put "$host_path_key/key_${key_nb}.pub"
  26. ((key_nb++)) || true
  27. done < <(echo "$user_def" | shyaml get-values-0 keys)
  28. volume_keys+=("$host_path_key:$local_path_key:ro")
  29. gids=()
  30. while read-0 group; do
  31. if ! group_ent=$(getent group "$group"); then
  32. debug groupadd -K GID_MIN=3000 -K GID_MAX=4000 "$group"
  33. groupadd -K GID_MIN=3000 -K GID_MAX=4000 "$group"
  34. group_ent=$(getent group "$group")
  35. fi
  36. gids+=("$(echo "$group_ent" | cut -f3 -d:)")
  37. done < <(echo "$user_def" | shyaml get-values-0 groups 2>/dev/null)
  38. password=$(echo "$user_def" | shyaml get-value password 2>/dev/null) ||
  39. password=$(gen_password 14)
  40. line="$login:$password::$(echo "${gids[@]}" | tr " " ",")"
  41. debug "Adding line: $line"
  42. echo "$line" >> "$users_file"
  43. done < <(echo "$users_def" | shyaml key-values-0)
  44. init-config-add "\
  45. $SERVICE_NAME:
  46. volumes:
  47. $(for volume in "${volume_keys[@]}"; do
  48. echo " - $volume"
  49. done)
  50. "