Valentin Lab
9 years ago
3 changed files with 93 additions and 0 deletions
@ -0,0 +1,59 @@ |
|||
#!/bin/bash |
|||
|
|||
## Init is run on host |
|||
## For now it is run every time the script is launched, but |
|||
## it should be launched only once after build. |
|||
|
|||
## Accessible variables are: |
|||
## - SERVICE_NAME Name of current service |
|||
## - DOCKER_BASE_IMAGE Base image from which this service might be built if any |
|||
## - SERVICE_DATASTORE Location on host of the DATASTORE of this service |
|||
## - SERVICE_CONFIGSTORE Location on host of the CONFIGSTORE of this service |
|||
|
|||
|
|||
set -e |
|||
|
|||
service_def=$(get_compose_service_def "$SERVICE_NAME") |
|||
|
|||
users_def=$(echo "$service_def" | shyaml get-value options.users 2>/dev/null) || true |
|||
|
|||
users_file="$SERVICE_CONFIGSTORE/etc/sftp-users.conf" |
|||
echo | file_put "$users_file" |
|||
|
|||
[ "$users_def" ] || exit 0 |
|||
|
|||
rm -f "$users_file" |
|||
volume_keys=() |
|||
while read-0 login user_def; do |
|||
key_nb=0 |
|||
local_path_key="/home/$login/.ssh/keys" |
|||
host_path_key="$SERVICE_CONFIGSTORE${local_path_key}" |
|||
while read-0 key; do |
|||
debug "Creating login key ${key_nb} for '$login'" || true |
|||
echo "$key" | file_put "$host_path_key/key_${key_nb}.pub" |
|||
((key_nb++)) || true |
|||
done < <(echo "$user_def" | shyaml get-values-0 keys) |
|||
volume_keys+=("$host_path_key:$local_path_key:ro") |
|||
gids=() |
|||
while read-0 group; do |
|||
if ! group_ent=$(getent group "$group"); then |
|||
debug groupadd -K GID_MIN=3000 -K GID_MAX=4000 "$group" |
|||
groupadd -K GID_MIN=3000 -K GID_MAX=4000 "$group" |
|||
group_ent=$(getent group "$group") |
|||
fi |
|||
gids+=("$(echo "$group_ent" | cut -f3 -d:)") |
|||
done < <(echo "$user_def" | shyaml get-values-0 groups 2>/dev/null) |
|||
password=$(echo "$user_def" | shyaml get-value password 2>/dev/null) || |
|||
password=$(gen_password 14) |
|||
line="$login:$password::$(echo "${gids[@]}" | tr " " ",")" |
|||
debug "Adding line: $line" |
|||
echo "$line" >> "$users_file" |
|||
done < <(echo "$users_def" | shyaml key-values-0) |
|||
|
|||
init-config-add "\ |
|||
$SERVICE_NAME: |
|||
volumes: |
|||
$(for volume in "${volume_keys[@]}"; do |
|||
echo " - $volume" |
|||
done) |
|||
" |
@ -0,0 +1,26 @@ |
|||
#!/bin/bash |
|||
|
|||
## Should be executable N time in a row with same result. |
|||
|
|||
set -e |
|||
|
|||
VOLUMES=$(relation-get volumes 2>/dev/null) |
|||
GROUP=$(relation-get group 2>/dev/null) || true |
|||
|
|||
if test "$GROUP" && ! getent group "$GROUP" >/dev/null 2>&1; then |
|||
die "No group '$GROUP' found." |
|||
fi |
|||
|
|||
config-add "\ |
|||
$MASTER_TARGET_CHARM_NAME: |
|||
volumes: |
|||
$(while read-0 volume_def; do |
|||
IFS=: read src dst mode < <(echo "$volume_def:") |
|||
mode=${mode:-rw} |
|||
if [ "$mode" == "rw" -a "$GROUP" ]; then |
|||
debug setfacl -m "g:$GROUP:rwx" -R "$DATASTORE/$BASE_CHARM_NAME$src" |
|||
setfacl -m "g:$GROUP:rwx" -R "$DATASTORE/$BASE_CHARM_NAME$src" |
|||
fi |
|||
echo " - $DATASTORE/$BASE_CHARM_NAME$src:$dst:$mode" |
|||
done < <(echo "$VOLUMES" | shyaml get-values-0))" |
|||
|
@ -0,0 +1,8 @@ |
|||
docker-image: docker.0k.io/sftp:carif |
|||
config-resources: |
|||
- /etc/sftp-users.conf |
|||
data-resources: |
|||
- /home |
|||
provides: |
|||
sftp-access: |
|||
tech-dep: False |
Write
Preview
Loading…
Cancel
Save
Reference in new issue