Browse Source

chg: [vps] domain check supports ``server-aliases`` and service name as domain

Signed-off-by: Valentin Lab <valentin.lab@kalysto.org>
rc1
Valentin Lab 4 years ago
parent
commit
8bfb8fa80b
  1. 55
      bin/vps

55
bin/vps

@ -244,28 +244,58 @@ mailcow:install-backup() {
echo "ssh ${ssh_options[@]} myadmin@$dest ssh-key add \"$(cat /var/lib/rsync/.ssh/id_rsa.pub)\"" echo "ssh ${ssh_options[@]} myadmin@$dest ssh-key add \"$(cat /var/lib/rsync/.ssh/id_rsa.pub)\""
} }
compose:has_domain() {
local compose_file="$1" host="$2" name conf relation relation_value domain server_aliases
while read-0 name conf ; do
name=$(e "$name" | shyaml get-value)
if [[ "$name" =~ ^[a-zA-Z0-9-]+\.[a-zA-Z0-9-]+ ]]; then
[ "$host" == "$name" ] && return 0
fi
rel=$(e "$conf" | shyaml -y get-value relations 2>/dev/null) || continue
for relation in web-proxy publish-dir; do
relation_value=$(e "$rel" | shyaml -y get-value "$relation" 2>/dev/null) || continue
while read-0 label conf_relation; do
domain=$(e "$conf_relation" | shyaml get-value "domain" 2>/dev/null) && {
[ "$host" == "$domain" ] && return 0
}
server_aliases=$(e "$conf_relation" | shyaml get-values "server-aliases" 2>/dev/null) && {
[[ $'\n'"$server_aliases" == *$'\n'"$host"$'\n'* ]] && return 0
}
done < <(e "$relation_value" | shyaml -y key-values-0)
done
done < <(shyaml -y key-values-0 < "$compose_file")
return 1
}
compose:install-backup() { compose:install-backup() {
local BACKUP_SERVER="$1" service_name="$2" compose_file="$3" force="$4"
local BACKUP_SERVER="$1" service_name="$2" compose_file="$3" ignore_ping_check="$4" ignore_domain_check="$5"
## XXXvlab: far from perfect as it mimics and depends internal ## XXXvlab: far from perfect as it mimics and depends internal
## logic of current default way to get a domain in compose-core ## logic of current default way to get a domain in compose-core
host=$(hostname) host=$(hostname)
if ! egrep "^$host:" "$compose_file" >/dev/null &&
! egrep "^\s+domain:\s+$host\s*$" "$compose_file" >/dev/null; then
err "Can't find domain '$host' in compose file '$compose_file'."
if ! compose:has_domain "$compose_file" "$host"; then
if [ -n "$ignore_domain_check" ]; then
warn "domain of '$host' not found in compose file '$compose_file'. Ignoring due to ``--ignore-domain-check`` option."
else
err "domain of '$host' not found in compose file '$compose_file'. Use ``--ignore-domain-check`` to ignore check."
return 1 return 1
fi fi
fi
ip=$(getent ahosts "$host" | egrep "^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+\s+" | ip=$(getent ahosts "$host" | egrep "^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+\s+" |
head -n 1 | cut -f 1 -d " ") || return 1 head -n 1 | cut -f 1 -d " ") || return 1
my_ip=$(curl -s myip.kal.fr) my_ip=$(curl -s myip.kal.fr)
if [ "$ip" != "$my_ip" ]; then if [ "$ip" != "$my_ip" ]; then
if [ -n "$force" ]; then
warn "IP of '$host' ($ip) doesn't match mine ($my_ip). Ignoring due to ``-f`` option."
if [ -n "$ignore_ping_check" ]; then
warn "IP of '$host' ($ip) doesn't match mine ($my_ip). Ignoring due to ``--ignore-ping-check`` option."
else else
err "IP of '$host' ($ip) doesn't match mine ($my_ip). Use ``-f`` to force."
err "IP of '$host' ($ip) doesn't match mine ($my_ip). Use ``--ignore-ping-check`` to ignore check."
return 1 return 1
fi fi
fi fi
@ -373,6 +403,7 @@ cmdline.spec:install:cmd:backup:run() {
DEFAULT_BACKUP_SERVICE_NAME=rsync-backup DEFAULT_BACKUP_SERVICE_NAME=rsync-backup
cmdline.spec.gnu compose-backup
cmdline.spec:install:cmd:compose-backup:run() { cmdline.spec:install:cmd:compose-backup:run() {
: :posarg: BACKUP_SERVER 'Target backup server' : :posarg: BACKUP_SERVER 'Target backup server'
@ -383,8 +414,11 @@ cmdline.spec:install:cmd:compose-backup:run() {
: :optval: --compose-file,-f "Compose file location. Defaults to : :optval: --compose-file,-f "Compose file location. Defaults to
the value of '\$DEFAULT_COMPOSE_FILE'" the value of '\$DEFAULT_COMPOSE_FILE'"
: :optval: --force,-F "Compose file location. Defaults to
the value of '\$DEFAULT_COMPOSE_FILE'"
: :optfla: --ignore-domain-check \
"Allow to bypass the domain check in
compose file."
: :optfla: --ignore-ping-check "Allow to bypass the ping check of host."
local service_name compose_file local service_name compose_file
@ -399,7 +433,8 @@ cmdline.spec:install:cmd:compose-backup:run() {
return 1 return 1
fi fi
compose:install-backup "$BACKUP_SERVER" "$service_name" "$compose_file" "$opt_force"
compose:install-backup "$BACKUP_SERVER" "$service_name" "$compose_file" \
"$opt_ignore_ping_check" "$opt_ignore_domain_check"
} }

Loading…
Cancel
Save