Page MenuHomeDevCentral
Files F11723543

No OneTemporary
Actions

View Options

diff --git a/roles/core/certificates/files/acmesh-nginxCheck.sh b/roles/core/certificates/files/acmesh-nginxCheck.sh
index 3471179..9e02170 100644
--- a/roles/core/certificates/files/acmesh-nginxCheck.sh
+++ b/roles/core/certificates/files/acmesh-nginxCheck.sh
@@ -1,29 +1,29 @@
#!/bin/sh
# -------------------------------------------------------------
# Let's encrypt
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# License: Trivial work, not eligible to copyright
# Source file: roles/core/certificates/files/acmesh-nginxCheck.sh
# -------------------------------------------------------------
#
# <auto-generated>
# This file is managed by our rOPS SaltStack repository.
#
# Changes to this file may cause incorrect behavior
# and will be lost if the state is redeployed.
# </auto-generated>
nginx_test() {
- nginx_output="$(nginx -t 2>&1)"
- nginx_return_code="$?"
+ nginx_output="$(nginx -t 2>&1)"
+ nginx_return_code="$?"
- if [ "$nginx_return_code" -eq 0 ] && echo "${nginx_output}" | grep warn >&2; then
- return 2;
- else
- return "$nginx_return_code";
- fi;
+ if [ "$nginx_return_code" -eq 0 ] && echo "${nginx_output}" | grep warn >&2; then
+ return 2;
+ else
+ return "$nginx_return_code";
+ fi;
}
nginx_test && nginx -s reload
diff --git a/roles/core/certificates/files/letsencrypt-renewal.sh b/roles/core/certificates/files/letsencrypt-renewal.sh
index 354fce5..e919663 100644
--- a/roles/core/certificates/files/letsencrypt-renewal.sh
+++ b/roles/core/certificates/files/letsencrypt-renewal.sh
@@ -1,29 +1,29 @@
#!/bin/sh
# -------------------------------------------------------------
# Let's encrypt
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# License: Trivial work, not eligible to copyright
# Source file: roles/core/certificates/files/letsencrypt-renewal.sh
# -------------------------------------------------------------
#
# <auto-generated>
# This file is managed by our rOPS SaltStack repository.
#
# Changes to this file may cause incorrect behavior
# and will be lost if the state is redeployed.
# </auto-generated>
nginx_test() {
- nginx_output="$(nginx -t 2>&1)"
- nginx_return_code="$?"
+ nginx_output="$(nginx -t 2>&1)"
+ nginx_return_code="$?"
- if [ "$nginx_return_code" -eq 0 ] && echo "${nginx_output}" | grep warn >&2; then
- return 2;
- else
- return "$nginx_return_code";
- fi;
+ if [ "$nginx_return_code" -eq 0 ] && echo "${nginx_output}" | grep warn >&2; then
+ return 2;
+ else
+ return "$nginx_return_code";
+ fi;
}
certbot renew && nginx_test && nginx -s reload
diff --git a/roles/core/motd/files/motd.sh b/roles/core/motd/files/motd.sh
index 9357ed1..39c8e38 100644
--- a/roles/core/motd/files/motd.sh
+++ b/roles/core/motd/files/motd.sh
@@ -1,23 +1,23 @@
#!/bin/sh
# -------------------------------------------------------------
# MOTD
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# Created: 2017-01-10
# License: Trivial work, not eligible to copyright
# Source file: roles/core/motd/files/motd.sh
# -------------------------------------------------------------
#
# <auto-generated>
# This file is managed by our rOPS SaltStack repository.
#
# Changes to this file may cause incorrect behavior
# and will be lost if the state is redeployed.
# </auto-generated>
if [ -f /etc/motd ]; then
- cat /etc/motd
+ cat /etc/motd
else
- echo "No MOTD."
+ echo "No MOTD."
fi
diff --git a/roles/core/network/files/Linux/routes.sh b/roles/core/network/files/Linux/routes.sh
index 8da47d8..d94cd30 100755
--- a/roles/core/network/files/Linux/routes.sh
+++ b/roles/core/network/files/Linux/routes.sh
@@ -1,37 +1,37 @@
#!/bin/sh
# -------------------------------------------------------------
# Network — routes configuration for Linux systems
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# License: Trivial work, not eligible to copyright
# Source file: roles/core/network/files/Linux/routes.sh
# Dependencies: iproute
# GNU xargs for -r
# -------------------------------------------------------------
#
# <auto-generated>
# This file is managed by our rOPS SaltStack repository.
#
# Changes to this file may cause incorrect behavior
# and will be lost if the state is redeployed.
# </auto-generated>
ROUTES_CONFIG_PATH=/etc/routes.conf
# Runs as root only
test -z $UID && UID=$(id -u)
if [ "$UID" -ne 0 ]; then
- echo This script must be run as root. >&2
- exit 1
+ echo This script must be run as root. >&2
+ exit 1
fi
# Warn about configuration missing
if [ ! -f $ROUTES_CONFIG_PATH ]; then
- echo No routes configuration file found at $ROUTES_CONFIG_PATH >&2
- exit 2
+ echo No routes configuration file found at $ROUTES_CONFIG_PATH >&2
+ exit 2
fi
# Apply routes
# Ignore comments and blank line, pass the remaining lines to `ip route`
grep '^[^#]' $ROUTES_CONFIG_PATH | xargs -L 1 -r ip route replace
diff --git a/roles/mailserver/dkim/files/bin/get-dkim-dns-entries.sh b/roles/mailserver/dkim/files/bin/get-dkim-dns-entries.sh
index c57004e..622ffa1 100755
--- a/roles/mailserver/dkim/files/bin/get-dkim-dns-entries.sh
+++ b/roles/mailserver/dkim/files/bin/get-dkim-dns-entries.sh
@@ -1,38 +1,38 @@
#!/bin/sh
# -------------------------------------------------------------
# Nasqueron mail services
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# Created: 2017-01-14
# License: Trivial work, not eligible to copyright
# Source file: roles/mailserver/dkim/files/bin/get-dkim-dns-entries.sh
# -------------------------------------------------------------
#
# <auto-generated>
# This file is managed by our rOPS SaltStack repository.
#
# Changes to this file may cause incorrect behavior
# and will be lost if the state is redeployed.
# </auto-generated>
# Parses arguments
if [ $# -eq 0 ]
then
- echo "Usage: $(basename "$0") <domain>"
- exit 1
+ echo "Usage: $(basename "$0") <domain>"
+ exit 1
fi
DOMAIN=$1
DIR=/usr/local/etc/opendkim/keys/$DOMAIN
if [ ! -d "$DIR" ]
then
- echo "Directory not found: $DIR"
- exit 2
+ echo "Directory not found: $DIR"
+ exit 2
fi
for f in "$DIR"/*.txt
do
- get-dkim-dns-entry "$f"
+ get-dkim-dns-entry "$f"
done
diff --git a/roles/mailserver/dkim/files/bin/get-dkim-key-table.sh b/roles/mailserver/dkim/files/bin/get-dkim-key-table.sh
index 3ad45bb..0182ddf 100755
--- a/roles/mailserver/dkim/files/bin/get-dkim-key-table.sh
+++ b/roles/mailserver/dkim/files/bin/get-dkim-key-table.sh
@@ -1,28 +1,28 @@
#!/bin/sh
# -------------------------------------------------------------
# Nasqueron mail services
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# Created: 2017-01-14
# License: Trivial work, not eligible to copyright
# Source file: roles/mailserver/dkim/files/bin/get-dkim-key-table.sh
# -------------------------------------------------------------
#
# <auto-generated>
# This file is managed by our rOPS SaltStack repository.
#
# Changes to this file may cause incorrect behavior
# and will be lost if the state is redeployed.
# </auto-generated>
for d in /usr/local/etc/opendkim/keys/*
do
- DOMAIN=$(basename "$d")
+ DOMAIN=$(basename "$d")
- for f in "$d"/*.private
- do
- SELECTOR=$(basename "$f" .private)
- echo "$SELECTOR._domainkey.$DOMAIN $DOMAIN:$SELECTOR:$f"
- done
+ for f in "$d"/*.private
+ do
+ SELECTOR=$(basename "$f" .private)
+ echo "$SELECTOR._domainkey.$DOMAIN $DOMAIN:$SELECTOR:$f"
+ done
done
diff --git a/roles/mailserver/dkim/files/bin/get-dkim-signing-table.sh b/roles/mailserver/dkim/files/bin/get-dkim-signing-table.sh
index e1527c5..66f5284 100755
--- a/roles/mailserver/dkim/files/bin/get-dkim-signing-table.sh
+++ b/roles/mailserver/dkim/files/bin/get-dkim-signing-table.sh
@@ -1,28 +1,28 @@
#!/bin/sh
# -------------------------------------------------------------
# Nasqueron mail services
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# Created: 2017-01-14
# License: Trivial work, not eligible to copyright
# Source file: roles/mailserver/dkim/files/bin/get-dkim-signing-table.sh
# -------------------------------------------------------------
#
# <auto-generated>
# This file is managed by our rOPS SaltStack repository.
#
# Changes to this file may cause incorrect behavior
# and will be lost if the state is redeployed.
# </auto-generated>
for d in /usr/local/etc/opendkim/keys/*
do
- DOMAIN=$(basename "$d")
+ DOMAIN=$(basename "$d")
- for f in "$d"/*.private
- do
- SELECTOR=$(basename "$f" .private)
- echo "$DOMAIN $SELECTOR._domainkey.$DOMAIN"
- done
+ for f in "$d"/*.private
+ do
+ SELECTOR=$(basename "$f" .private)
+ echo "$DOMAIN $SELECTOR._domainkey.$DOMAIN"
+ done
done
diff --git a/roles/paas-docker/devel/files/arc.sh b/roles/paas-docker/devel/files/arc.sh
index 0de0e9b..633367b 100755
--- a/roles/paas-docker/devel/files/arc.sh
+++ b/roles/paas-docker/devel/files/arc.sh
@@ -1,117 +1,117 @@
#!/usr/bin/env bash
# -------------------------------------------------------------
# Phabricator — Arcanist Docker container wrapper
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Author: Sébastien Santoro aka Dereckson
# Project: Nasqueron
# Created: 2016-01-01
# Description: Wrapper to run Arcanist as a Docker container
# License: Trivial work, not eligible to copyright
# If copyright eligible, BSD-2-Clause
# Image: nasqueron/arcanist
# Source file: roles/paas-docker/devel/files/arc.sh
# -------------------------------------------------------------
#
# <auto-generated>
# This file is managed by our rOPS SaltStack repository.
#
# Changes to this file may cause incorrect behavior
# and will be lost if the state is redeployed.
# </auto-generated>
BASE_IMAGE=nasqueron/arcanist
# -------------------------------------------------------------
# Parse arguments
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
if [ -t 0 ]; then
- # If a stdin entry is available
- # launch the container in the
- # interactive mode
- FLAGS=-it
+ # If a stdin entry is available
+ # launch the container in the
+ # interactive mode
+ FLAGS=-it
fi
# Logs are default disabled
PRINT_LOG=0
UPDATE_MODE=0
if [ "$1" = "shell" ]; then
- # Launch commands
- # in the container bash shell
- shift
- COMMAND=bash
+ # Launch commands
+ # in the container bash shell
+ shift
+ COMMAND=bash
elif [ "$1" = "update" ]; then
- UPDATE_MODE=1
+ UPDATE_MODE=1
else
- # Launch arc
- mkdir -p ~/.arc
- COMMAND=arc
-
- if [ "$1" = "call-conduit" ]; then
- # Enable log printing
- PRINT_LOG=1
- # Set a random name for the container
- INSTANCE="arc-"$(openssl rand -hex 21)
- FLAGS="-i -a=stdin --name=$INSTANCE"
- fi
+ # Launch arc
+ mkdir -p ~/.arc
+ COMMAND=arc
+
+ if [ "$1" = "call-conduit" ]; then
+ # Enable log printing
+ PRINT_LOG=1
+ # Set a random name for the container
+ INSTANCE="arc-"$(openssl rand -hex 21)
+ FLAGS="-i -a=stdin --name=$INSTANCE"
+ fi
fi
# -------------------------------------------------------------
# Build image
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
build_user_image () {
- BUILD_DIR=$(mktemp -d -t arc-build-XXXXXXXXXX)
- pushd "$BUILD_DIR" > /dev/null || exit 1
- >&2 echo "🔨 Building user-specific image $IMAGE for $USER"
- echo "FROM $BASE_IMAGE" > Dockerfile
- echo "RUN groupadd -r $USER -g $GID && mkdir /home/$USER && useradd -u $UID -r -g $USER -d /home/$USER -s /bin/bash $USER && cp /root/.bashrc /home/$USER/ && chown -R $USER:$USER /home/$USER && ln -s /opt/config/gitconfig /home/$USER/.gitconfig && ln -s /opt/config/arcrc /home/$USER/.arcrc" >> Dockerfile
- docker build -t "$IMAGE" .
- popd > /dev/null
- rm -rf "$BUILD_DIR"
+ BUILD_DIR=$(mktemp -d -t arc-build-XXXXXXXXXX)
+ pushd "$BUILD_DIR" > /dev/null || exit 1
+ >&2 echo "🔨 Building user-specific image $IMAGE for $USER"
+ echo "FROM $BASE_IMAGE" > Dockerfile
+ echo "RUN groupadd -r $USER -g $GID && mkdir /home/$USER && useradd -u $UID -r -g $USER -d /home/$USER -s /bin/bash $USER && cp /root/.bashrc /home/$USER/ && chown -R $USER:$USER /home/$USER && ln -s /opt/config/gitconfig /home/$USER/.gitconfig && ln -s /opt/config/arcrc /home/$USER/.arcrc" >> Dockerfile
+ docker build -t "$IMAGE" .
+ popd > /dev/null
+ rm -rf "$BUILD_DIR"
}
test -v $UID && UID=$(id -u)
test -v $GID && GID=$(id -g)
if [ $UPDATE_MODE -eq 1 ]; then
- docker pull $BASE_IMAGE
+ docker pull $BASE_IMAGE
- # Rebuild user image
- IMAGE=$BASE_IMAGE:$UID-$GID
- test $UID -eq 0 || build_user_image
+ # Rebuild user image
+ IMAGE=$BASE_IMAGE:$UID-$GID
+ test $UID -eq 0 || build_user_image
- exit
+ exit
fi
if [ $UID -eq 0 ]; then
- IMAGE=$BASE_IMAGE
- CONTAINER_USER_HOME=/root
+ IMAGE=$BASE_IMAGE
+ CONTAINER_USER_HOME=/root
else
- IMAGE=$BASE_IMAGE:$UID-$GID
- test ! -z $(docker images -q "$IMAGE") || build_user_image
- CONTAINER_USER_HOME="/home/$USER"
+ IMAGE=$BASE_IMAGE:$UID-$GID
+ test ! -z $(docker images -q "$IMAGE") || build_user_image
+ CONTAINER_USER_HOME="/home/$USER"
fi
# -------------------------------------------------------------
# Run container
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
if [ -d ~/.arc/ssh ]; then
- VOLUME_SSH="-v $HOME/.arc/ssh:$CONTAINER_USER_HOME/.ssh"
+ VOLUME_SSH="-v $HOME/.arc/ssh:$CONTAINER_USER_HOME/.ssh"
else
- VOLUME_SSH=""
+ VOLUME_SSH=""
fi
if [ $PRINT_LOG -eq 0 ]; then
- docker run $FLAGS --rm --user $UID:$GID -v ~/.arc:/opt/config -v "$PWD:/opt/workspace" $VOLUME_SSH $IMAGE $COMMAND "$@"
+ docker run $FLAGS --rm --user $UID:$GID -v ~/.arc:/opt/config -v "$PWD:/opt/workspace" $VOLUME_SSH $IMAGE $COMMAND "$@"
else
- docker run $FLAGS --user $UID:$GID -v ~/.arc:/opt/config -v "$PWD:/opt/workspace" $VOLUME_SSH $IMAGE $COMMAND "$@" > /dev/null
- sleep 3
- docker logs "$INSTANCE"
- docker rm "$INSTANCE" >/dev/null
+ docker run $FLAGS --user $UID:$GID -v ~/.arc:/opt/config -v "$PWD:/opt/workspace" $VOLUME_SSH $IMAGE $COMMAND "$@" > /dev/null
+ sleep 3
+ docker logs "$INSTANCE"
+ docker rm "$INSTANCE" >/dev/null
fi
diff --git a/roles/phabricator/arcanist/files/arc.sh b/roles/phabricator/arcanist/files/arc.sh
index 7e4706c..e91687a 100755
--- a/roles/phabricator/arcanist/files/arc.sh
+++ b/roles/phabricator/arcanist/files/arc.sh
@@ -1,73 +1,73 @@
#!/bin/sh
# -------------------------------------------------------------
# Phabricator — Arcanist Docker container wrapper
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Author: Sébastien Santoro aka Dereckson
# Project: Nasqueron
# Created: 2016-01-01
# Description: Wrapper to run Arcanist as a Docker container
# License: Trivial work, not eligible to copyright
# Image: nasqueron/arcanist
# Source file: roles/phabricator/arcanist/files/arc.sh
# -------------------------------------------------------------
#
# <auto-generated>
# This file is managed by our rOPS SaltStack repository.
#
# Changes to this file may cause incorrect behavior
# and will be lost if the state is redeployed.
# </auto-generated>
# -------------------------------------------------------------
# Parse arguments
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
if [ -t 0 ]; then
- # If a stdin entry is available
- # launch the container in the
- # interactive mode
- FLAGS=-it
+ # If a stdin entry is available
+ # launch the container in the
+ # interactive mode
+ FLAGS=-it
fi
# Logs are default disabled
PRINT_LOG=0
if [ "$1" = "shell" ]; then
- # Launch commands
- # in the container bash shell
- shift
- COMMAND=bash
+ # Launch commands
+ # in the container bash shell
+ shift
+ COMMAND=bash
else
- # Launch arc
- mkdir -p ~/.arc
- COMMAND=arc
+ # Launch arc
+ mkdir -p ~/.arc
+ COMMAND=arc
- if [ "$1" = "call-conduit" ]; then
- # Enable log printing
- PRINT_LOG=1
- # Set a random name for the container
- INSTANCE="arc-"$(openssl rand -hex 21)
- FLAGS="-i -a=stdin --name=$INSTANCE"
- fi
+ if [ "$1" = "call-conduit" ]; then
+ # Enable log printing
+ PRINT_LOG=1
+ # Set a random name for the container
+ INSTANCE="arc-"$(openssl rand -hex 21)
+ FLAGS="-i -a=stdin --name=$INSTANCE"
+ fi
fi
if [ -d ~/.arc/ssh ]; then
- VOLUME_SSH="-v $HOME/.arc/ssh:/root/.ssh"
+ VOLUME_SSH="-v $HOME/.arc/ssh:/root/.ssh"
else
- VOLUME_SSH=""
+ VOLUME_SSH=""
fi
# -------------------------------------------------------------
# Run container
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
if [ $PRINT_LOG -eq 0 ]; then
- docker run "$FLAGS" --rm -v ~/.arc:/opt/config -v "$PWD":/opt/workspace "$VOLUME_SSH" nasqueron/arcanist $COMMAND "$@"
+ docker run "$FLAGS" --rm -v ~/.arc:/opt/config -v "$PWD":/opt/workspace "$VOLUME_SSH" nasqueron/arcanist $COMMAND "$@"
else
- docker run "$FLAGS" -v ~/.arc:/opt/config -v "$PWD":/opt/workspace "$VOLUME_SSH" nasqueron/arcanist $COMMAND "$@" > /dev/null
- sleep 3
- docker logs "$INSTANCE"
- docker rm "$INSTANCE" >/dev/null
+ docker run "$FLAGS" -v ~/.arc:/opt/config -v "$PWD":/opt/workspace "$VOLUME_SSH" nasqueron/arcanist $COMMAND "$@" > /dev/null
+ sleep 3
+ docker logs "$INSTANCE"
+ docker rm "$INSTANCE" >/dev/null
fi
diff --git a/roles/phabricator/containers/files/run-devcentral.sh b/roles/phabricator/containers/files/run-devcentral.sh
index ac5b796..edd2aae 100755
--- a/roles/phabricator/containers/files/run-devcentral.sh
+++ b/roles/phabricator/containers/files/run-devcentral.sh
@@ -1,100 +1,100 @@
#!/bin/sh
# -------------------------------------------------------------
# Phabricator — Nasqueron instance
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Author: Sébastien Santoro aka Dereckson
# Project: Nasqueron
# Created: 2015-04-22
# Description: Phabricator instance for Nasqueron
# License: Trivial work, not eligible to copyright
# Image: nasqueron/phabricator
# Source file: roles/phabricator/containers/files/run-devcentral.sh
# -------------------------------------------------------------
#
# <auto-generated>
# This file is managed by our rOPS SaltStack repository.
#
# Changes to this file may cause incorrect behavior
# and will be lost if the state is redeployed.
# </auto-generated>
# -------------------------------------------------------------
# Container parameters
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
#IMAGE=nasqueron/phabricator
IMAGE=nasqueron/devcentral:2022-03-28.init-fix
INSTANCE_NAME=devcentral
PORT=31080
DOMAIN=$INSTANCE_NAME.nasqueron.org
DATA_DIRECTORY=/srv/phabricator/$INSTANCE_NAME
MYSQL_INSTANCE=acquisitariat
# -------------------------------------------------------------
# Phabricator parameters
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
PHABRICATOR_URL=http://$DOMAIN
PHABRICATOR_TITLE="Nasqueron DevCentral"
PHABRICATOR_ALT_FILE_DOMAIN="https://devcentral.nasqueron-user-content.org/"
# -------------------------------------------------------------
# Deployment of our Phabricator code parameters
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
REPO_LOGIN=git
REPO_HOST=bitbucket.org
PHABRICATOR_PROD_REPO="ssh://git@bitbucket.org/nasqueron/devcentral-phabricator"
PHABRICATOR_PROD_BRANCH=production
# -------------------------------------------------------------
# Ensure container isn't already running
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
docker-container-status $INSTANCE_NAME > /dev/null
if [ "$?" -lt 2 ]; then
- echo "Container is already running."
- echo "To force relaunch, try docker stop $INSTANCE_NAME ; docker rm $INSTANCE_NAME ; $0"
- exit 1
+ echo "Container is already running."
+ echo "To force relaunch, try docker stop $INSTANCE_NAME ; docker rm $INSTANCE_NAME ; $0"
+ exit 1
fi
# -------------------------------------------------------------
# Container launch
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
docker run -t -d \
- --link $MYSQL_INSTANCE:mysql \
- -v $DATA_DIRECTORY/repo:/var/repo \
- -v $DATA_DIRECTORY/conf:/opt/phabricator/conf \
- -p $PORT:80 \
+ --link $MYSQL_INSTANCE:mysql \
+ -v $DATA_DIRECTORY/repo:/var/repo \
+ -v $DATA_DIRECTORY/conf:/opt/phabricator/conf \
+ -p $PORT:80 \
-p 5022:5022 \
- -e PHABRICATOR_URL=$PHABRICATOR_URL \
- -e PHABRICATOR_TITLE="$PHABRICATOR_TITLE" \
- -e PHABRICATOR_ALT_FILE_DOMAIN="$PHABRICATOR_ALT_FILE_DOMAIN" \
- -e PHABRICATOR_PROD_REPO=$PHABRICATOR_PROD_REPO \
- -e PHABRICATOR_PROD_BRANCH=$PHABRICATOR_PROD_BRANCH \
- -e PHABRICATOR_USE_MAILGUN=1 \
- -e PHABRICATOR_DOMAIN=$DOMAIN \
- --name $INSTANCE_NAME $IMAGE /usr/local/sbin/runsvdir-init
+ -e PHABRICATOR_URL=$PHABRICATOR_URL \
+ -e PHABRICATOR_TITLE="$PHABRICATOR_TITLE" \
+ -e PHABRICATOR_ALT_FILE_DOMAIN="$PHABRICATOR_ALT_FILE_DOMAIN" \
+ -e PHABRICATOR_PROD_REPO=$PHABRICATOR_PROD_REPO \
+ -e PHABRICATOR_PROD_BRANCH=$PHABRICATOR_PROD_BRANCH \
+ -e PHABRICATOR_USE_MAILGUN=1 \
+ -e PHABRICATOR_DOMAIN=$DOMAIN \
+ --name $INSTANCE_NAME $IMAGE /usr/local/sbin/runsvdir-init
# -------------------------------------------------------------
# DevCentral specific branch deployment
#
# Deploys our version
# As we change static resources, restart php-fpm is a good idea:
# if someone asks the page while we were pulling our version,
# the old celerity map would be kept by APCu.
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
docker exec $INSTANCE_NAME sh -c 'mkdir -p /root/.ssh && \
- cp /opt/phabricator/conf/deploy-keys/* /root/.ssh'
+ cp /opt/phabricator/conf/deploy-keys/* /root/.ssh'
docker exec $INSTANCE_NAME ssh -o StrictHostKeyChecking=no ${REPO_LOGIN}@${REPO_HOST}
docker exec $INSTANCE_NAME sh -c 'cd /opt/phabricator && \
- git remote add private "$PHABRICATOR_PROD_REPO" && \
- git fetch --all && \
- git checkout $PHABRICATOR_PROD_BRANCH && \
- sv restart php-fpm && sv restart phd'
+ git remote add private "$PHABRICATOR_PROD_REPO" && \
+ git fetch --all && \
+ git checkout $PHABRICATOR_PROD_BRANCH && \
+ sv restart php-fpm && sv restart phd'
echo "Deployment done at $(date)."
exit 0
diff --git a/roles/shellserver/user-session/files/whom-diff.sh b/roles/shellserver/user-session/files/whom-diff.sh
index eb5e66c..e3a084e 100755
--- a/roles/shellserver/user-session/files/whom-diff.sh
+++ b/roles/shellserver/user-session/files/whom-diff.sh
@@ -1,77 +1,77 @@
#!/bin/sh
# -------------------------------------------------------------
# whom-diff
#
# Computes the diff between two `whom` invoke.
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Author: Sébastien Santoro aka Dereckson
# Created: 2015-12-30
# Licence: BSD-2-Clause
# Source file: roles/shellserver/user-session/files/whom-diff.sh
# -------------------------------------------------------------
#
# <auto-generated>
# This file is managed by our rOPS SaltStack repository.
#
# Changes to this file may cause incorrect behavior
# and will be lost if the state is redeployed.
# </auto-generated>
# -------------------------------------------------------------
# Determines session identifier and directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
if [ "$SESSION_ID" = "" ]; then
- SESSION_ID=$(who am I | md5 | cut -c1-8)
+ SESSION_ID=$(who am I | md5 | cut -c1-8)
fi
DIR=/var/tmp/whom/$USER/$SESSION_ID
# -------------------------------------------------------------
# -s / --session
# Prints the session identifier
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
if [ "$1" = "--session" ] || [ "$1" = "-s" ]; then
- echo "$SESSION_ID"
- exit 0
+ echo "$SESSION_ID"
+ exit 0
fi
# -------------------------------------------------------------
# Default mode
# Prints the diff between current `whom` and previous output
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
if [ $# -eq 0 ]; then
- # Creates working directory if needed
- if [ ! -d "$DIR" ]; then
- mkdir -p "$DIR"
- touch "$DIR"/old
- fi
+ # Creates working directory if needed
+ if [ ! -d "$DIR" ]; then
+ mkdir -p "$DIR"
+ touch "$DIR"/old
+ fi
- # Let's diff
- cd "$DIR" || exit
- whom > current
- diff old current | tail -n +2
- mv current old
+ # Let's diff
+ cd "$DIR" || exit
+ whom > current
+ diff old current | tail -n +2
+ mv current old
- exit 0
+ exit 0
fi
# -------------------------------------------------------------
# -c / --clean
# Cleans directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
if [ "$1" = "--clean" ] || [ "$1" = "-c" ]; then
- rm -rf "$DIR"
- exit $?
+ rm -rf "$DIR"
+ exit $?
fi
# -------------------------------------------------------------
# Usage
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
>&2 echo "Usage: $0 [--setup|--clean|-s|-c]"
exit 1
diff --git a/roles/shellserver/userland-software/files/install-eggdrop.sh b/roles/shellserver/userland-software/files/install-eggdrop.sh
index b9a6b34..c3cda67 100644
--- a/roles/shellserver/userland-software/files/install-eggdrop.sh
+++ b/roles/shellserver/userland-software/files/install-eggdrop.sh
@@ -1,58 +1,58 @@
#!/bin/sh
# -------------------------------------------------------------
# Install an eggdrop
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Eglide
# Created: 2016-11-06
# License: Trivial work, not eligible to copyright
# Source file: roles/shellserver/userland-software/files/install-eggdrop.sh
# -------------------------------------------------------------
#
# <auto-generated>
# This file is managed by our rOPS SaltStack repository.
#
# Changes to this file may cause incorrect behavior
# and will be lost if the state is redeployed.
# </auto-generated>
# -------------------------------------------------------------
# TCL and eggdrop versions
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
EGGDROP_VERSION_MAJOR=1.9
EGGDROP_VERSION=1.9.2rc2
TCL_VERSION=8.6
# -------------------------------------------------------------
# Fetch, extract
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
wget https://ftp.eggheads.org/pub/eggdrop/source/${EGGDROP_VERSION_MAJOR}/eggdrop-${EGGDROP_VERSION}.tar.gz
tar xzf eggdrop-${EGGDROP_VERSION}.tar.gz
cd eggdrop-${EGGDROP_VERSION} || exit 1
# -------------------------------------------------------------
# Configure step
#
# This is the tricky part, as we need to provide path to TCL
# header and library files, heavily OS/distro/arch dependant.
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
if [ -f /etc/debian_version ]; then
- ARCH=$(dpkg-architecture -qDEB_HOST_MULTIARCH)
- CFLAGS="-std=gnu99" ./configure --with-tclinc=/usr/include/tcl${TCL_VERSION}/tcl.h --with-tcllib="/usr/lib/$ARCH/libtcl${TCL_VERSION}.so"
+ ARCH=$(dpkg-architecture -qDEB_HOST_MULTIARCH)
+ CFLAGS="-std=gnu99" ./configure --with-tclinc=/usr/include/tcl${TCL_VERSION}/tcl.h --with-tcllib="/usr/lib/$ARCH/libtcl${TCL_VERSION}.so"
elif [ "$(uname)" = "FreeBSD" ]; then
- TCL_VERSION_LIB=$(echo $TCL_VERSION | tr -d .)
- ./configure --with-tclinc=/usr/local/include/tcl${TCL_VERSION}/tcl.h -with-tcllib="/usr/local/lib/libtcl${TCL_VERSION_LIB}.so"
+ TCL_VERSION_LIB=$(echo $TCL_VERSION | tr -d .)
+ ./configure --with-tclinc=/usr/local/include/tcl${TCL_VERSION}/tcl.h -with-tcllib="/usr/local/lib/libtcl${TCL_VERSION_LIB}.so"
else
- ./configure
+ ./configure
fi
# -------------------------------------------------------------
# Build, install
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
make config
make
make install
diff --git a/roles/shellserver/vhosts/files/vhosts.sh b/roles/shellserver/vhosts/files/vhosts.sh
index 87b3b6f..8f6e30e 100644
--- a/roles/shellserver/vhosts/files/vhosts.sh
+++ b/roles/shellserver/vhosts/files/vhosts.sh
@@ -1,23 +1,23 @@
#!/bin/sh
# -------------------------------------------------------------
# List IP and reverse DNS
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Eglide
# Created: 2017-01-10
# License: Trivial work, not eligible to copyright
# Source file: roles/shellserver/vhosts/files/vhosts.sh
# -------------------------------------------------------------
#
# <auto-generated>
# This file is managed by our rOPS SaltStack repository.
#
# Changes to this file may cause incorrect behavior
# and will be lost if the state is redeployed.
# </auto-generated>
if [ -f /etc/vhosts ]; then
- cat /etc/vhosts
+ cat /etc/vhosts
else
- echo "No vhosts data file found. Please create /etc/vhosts file."
+ echo "No vhosts data file found. Please create /etc/vhosts file."
fi
diff --git a/roles/vault/bootstrap/files/vault-initialize.sh b/roles/vault/bootstrap/files/vault-initialize.sh
index b060aa6..4d7b9c6 100755
--- a/roles/vault/bootstrap/files/vault-initialize.sh
+++ b/roles/vault/bootstrap/files/vault-initialize.sh
@@ -1,111 +1,111 @@
#!/usr/bin/env bash
# -------------------------------------------------------------
# Vault initialize script
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# License: Trivial work, not eligible to copyright
# Description: Recreate the engines and configure them.
#
# Should be run only once for the cluster
# for disaster recovery purpose if the storage
# back-end can't be restored.
#
# Will issue a new root CA certificate.
#
# Dependencies: bash is used as shebang to allow >() process
# execution, undefined in POSIX sh.
# To sync with: roles/vault/policies/files/vault_bootstrap.hcl
# Source file: roles/vault/vault/files/vault-initialize.sh
# -------------------------------------------------------------
#
# <auto-generated>
# This file is managed by our rOPS SaltStack repository.
#
# Changes to this file may cause incorrect behavior
# and will be lost if the state is redeployed.
# </auto-generated>
set -e
PREFIX_PKI=pki_
DOMAIN=nasqueron.drake
CERTS_PATH=/usr/local/share/certs
PUBLIC_URL=https://api.nasqueron.org/infra/security/pki
VAULT_CERTS_PATH=/usr/local/etc/certificates/vault
# -------------------------------------------------------------
# Authentication :: token roles
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
vault write auth/token/roles/salt-node allowed_policies_glob="salt-node-*" token_bound_cidrs="127.0.0.1,172.27.27.0/24"
vault write auth/token/roles/admin allowed_policies=admin period=30d
# -------------------------------------------------------------
# PKI :: root CA
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
CA_ROOT_NAME=root
CA_ROOT_PATH=$PREFIX_PKI$CA_ROOT_NAME
vault secrets enable -path=$CA_ROOT_PATH pki
vault secrets tune -max-lease-ttl=87600h
vault write -field=certificate $CA_ROOT_PATH/root/generate/internal \
- common_name=$DOMAIN \
- ttl=87600h > $CERTS_PATH/nasqueron-vault-ca.crt
+ common_name=$DOMAIN \
+ ttl=87600h > $CERTS_PATH/nasqueron-vault-ca.crt
vault write $CA_ROOT_PATH/config/urls \
- issuing_certificates="$PUBLIC_URL/$CA_ROOT_NAME/ca" \
- crl_distribution_points="$PUBLIC_URL/$CA_ROOT_NAME/crl"
+ issuing_certificates="$PUBLIC_URL/$CA_ROOT_NAME/ca" \
+ crl_distribution_points="$PUBLIC_URL/$CA_ROOT_NAME/crl"
# -------------------------------------------------------------
# PKI :: intermediate CA for Vault own certificates
#
# Intermediate certificate is signed by the root CA one.
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
CA_VAULT_NAME=vault
CA_VAULT_PATH=$PREFIX_PKI$CA_VAULT_NAME
vault secrets enable -path=$CA_VAULT_PATH pki
vault secrets tune -max-lease-ttl=2160h "$CA_VAULT"
CSR=$(mktemp /tmp/csr.XXXX)
vault write -format=json $CA_VAULT_PATH/intermediate/generate/internal \
- common_name="$DOMAIN Intermediate Authority" \
- | jq -r '.data.csr' > "$CSR"
+ common_name="$DOMAIN Intermediate Authority" \
+ | jq -r '.data.csr' > "$CSR"
vault write -format=json $CA_ROOT_PATH/root/sign-intermediate csr=@"$CSR" \
- format=pem_bundle ttl="2160h" \
- | jq -r '.data.certificate' > $CERTS_PATH/nasqueron-vault-intermediate.crt
+ format=pem_bundle ttl="2160h" \
+ | jq -r '.data.certificate' > $CERTS_PATH/nasqueron-vault-intermediate.crt
rm "$CSR"
vault write $CA_VAULT_PATH/intermediate/set-signed \
- certificate=@$CERTS_PATH/nasqueron-vault-intermediate.crt
+ certificate=@$CERTS_PATH/nasqueron-vault-intermediate.crt
vault write $CA_VAULT_PATH/config/urls \
- issuing_certificates="$PUBLIC_URL/$CA_VAULT_NAME/ca" \
- crl_distribution_points="$PUBLIC_URL/$CA_VAULT_NAME/crl"
+ issuing_certificates="$PUBLIC_URL/$CA_VAULT_NAME/ca" \
+ crl_distribution_points="$PUBLIC_URL/$CA_VAULT_NAME/crl"
vault write $CA_VAULT_PATH/roles/nasqueron-drake \
- allowed_domains="nasqueron.drake" \
- allow_subdomains=true \
- max_ttl="2160h"
+ allowed_domains="nasqueron.drake" \
+ allow_subdomains=true \
+ max_ttl="2160h"
# -------------------------------------------------------------
# Vault configuration artifacts
#
# :: TLS certificate generated by intermediate PKI
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
mkdir -p $VAULT_CERTS_PATH
vault write -format=json $CA_VAULT_PATH/issue/nasqueron-drake \
- common_name="complector.nasqueron.drake" ttl="2160h" \
- ip_sans="127.0.0.1,172.27.27.7" | tee \
- >(jq -r .data.certificate > $VAULT_CERTS_PATH/certificate.pem) \
- >(jq -r .data.issuing_ca > $VAULT_CERTS_PATH/ca.pem) \
- >(jq -r .data.private_key > $VAULT_CERTS_PATH/private.key)
+ common_name="complector.nasqueron.drake" ttl="2160h" \
+ ip_sans="127.0.0.1,172.27.27.7" | tee \
+ >(jq -r .data.certificate > $VAULT_CERTS_PATH/certificate.pem) \
+ >(jq -r .data.issuing_ca > $VAULT_CERTS_PATH/ca.pem) \
+ >(jq -r .data.private_key > $VAULT_CERTS_PATH/private.key)
cat $VAULT_CERTS_PATH/certificate.pem $VAULT_CERTS_PATH/ca.pem > $VAULT_CERTS_PATH/fullchain.pem
diff --git a/roles/webserver-content/org/nasqueron/files/recipes/admin.mail.nasqueron.org/update.sh b/roles/webserver-content/org/nasqueron/files/recipes/admin.mail.nasqueron.org/update.sh
index 7b5a9c3..ed0c51c 100644
--- a/roles/webserver-content/org/nasqueron/files/recipes/admin.mail.nasqueron.org/update.sh
+++ b/roles/webserver-content/org/nasqueron/files/recipes/admin.mail.nasqueron.org/update.sh
@@ -1,41 +1,41 @@
#!/bin/sh
# -------------------------------------------------------------
# Nasqueron PaaS :: Alkane :: Recipe for deployment
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# License: Trivial work, not eligible to copyright
# Source file: roles/webserver-content/org/nasqueron/files/recipes/admin.mail.nasqueron.org/update.sh
# Action: update
# -------------------------------------------------------------
#
# <auto-generated>
# This file is managed by our rOPS SaltStack repository.
#
# Changes to this file may cause incorrect behavior
# and will be lost if the state is redeployed.
# </auto-generated>
set -e
cd "$ALKANE_SITE_PATH"
# -------------------------------------------------------------
# Update git
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
CURRENT_BRANCH=$(git rev-parse --abbrev-ref HEAD)
if [ "$CURRENT_BRANCH" != "production" ]; then
- echo "Code isn't in the production branch." >&2
- exit 1
+ echo "Code isn't in the production branch." >&2
+ exit 1
fi
git fetch --all
git diff-index --quiet HEAD && git pull --rebase
# -------------------------------------------------------------
# Update composer
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
composer update --prefer-dist --no-dev

File Metadata

Mime Type
text/x-diff
Expires
Thu, Sep 18, 10:35 (13 h, 45 s)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2989459
Default Alt Text
(36 KB)

Event Timeline

Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator