createEnvService et findCert créés mais problème de \ à regler avec find Cert

This commit is contained in:
eleonore12345 2024-08-12 18:22:24 +02:00
parent 04e1e1b964
commit 05d596286f
2 changed files with 93 additions and 20 deletions

View File

@ -6,12 +6,14 @@
#include <cstdlib> #include <cstdlib>
#include <iostream> #include <iostream>
#include <cstring> #include <cstring>
#include <unistd.h>
#include <filesystem> #include <filesystem>
#include <fstream> #include <fstream>
#include "Services.h" #include "Services.h"
#include "Modules.h" #include "Modules.h"
#include "BashManager.h" #include "BashManager.h"
using namespace std; using namespace std;
namespace fs=filesystem;
void help(char * argv0) void help(char * argv0)
{ {
@ -60,35 +62,106 @@ int createUser(string serviceUsername)
return 0; return 0;
} }
string findCertificate(string serviceUsername)
{
//this method searches for a specific ssl certificate for the service, either in dns or http directories
//it would be under a serviceUsername* folder and named fullchain.perm
//if none is found, it returns the dummy certificate
//searching is dns_certs_path
string dns_certs_path=getenv("dns_certs_path"); //dns_certs_path is an environment variable
//finding the serviceUsername* directory
string cmd="ls $dns_certs_path/"+serviceUsername+" | grep \"^"+serviceUsername+"\(-[0-9]\{4\}\)\?$";
string name = BashManager::ExecuteAndReadResult(cmd);
if (!name.empty()){
//finding the certificate
string cert = dns_certs_path+"/"+name+"/fullchain.pem";
if (fs::exists(cert)){
return cert;
} else {
cout << "No certificate in " << dns_certs_path << endl;
}
} else {
cout << "No certificate in " << dns_certs_path << endl;
//searching in http_certs_path
string http_certs_path=getenv(("http_certs_path")); //http_certs_path is an environment variable
//finding the serviceUsername* directory
string cmd="ls $http_certs_path/"+serviceUsername+" | grep \"^"+serviceUsername+"\(-[0-9]\{4\}\)\?$";
string name = BashManager::ExecuteAndReadResult(cmd);
if (!name.empty()){
//finding the certificate
string cert = http_certs_path+"/"+name+"/fullchain.pem";
if (fs::exists(cert)){
return cert;
} else {
cout << "No certificate in " << http_certs_path << endl;
}
} else {
cout << "Using dummy certificate" << endl;
return getenv("dummy_cert_path");
}
}
}
int createEnvService(string serviceUsername) int createEnvService(string serviceUsername)
{ {
//this method creates the environment variables of the service as well as its directories
Services services; Services services;
//create directories //environment variables creation
//filesystem::create_directories()
string http_dir="/srv/http/"+serviceUsername; string http_dir="/srv/http/"+serviceUsername;
string data_dir="/data/"+serviceUsername; string data_dir="/data/"+serviceUsername;
string secret_dir="/data/secrets/"+serviceUsername; string secret_dir="/data/secrets/"+serviceUsername;
string docker_dir="/services/"+serviceUsername; string docker_dir="/services/"+serviceUsername;
string jc_service=serviceUsername; string jc_service=serviceUsername;
string home="/data/"+serviceUsername; string home="/data/"+serviceUsername;
string net="172.29."+services.FindByUsername(serviceUsername)->GetUserID(); string jc_id=to_string(services.FindByUsername(serviceUsername)->GetUserID());
/* string net="172.29."+jc_id;
"HTTP_DIR='/srv/http/$service'" "$dir/.env" string jc_cert=findCertificate(serviceUsername);
cert="$(findcert.sh "$service")" || true //create a .env file accessible outside the C++ program
if [ -n "$cert" ] ; then string file = "/services/"+serviceUsername+"/.env";
line_in_file "JC_CERT='$cert'" "$dir/.env" ofstream outfile(file);
fi*/ outfile << "http_dir=" << http_dir << endl;
outfile << "data_dir=" << data_dir << endl;
outfile << "secret_dir=" << secret_dir << endl;
outfile << "docker_dir=" << docker_dir << endl;
outfile << "jc_service=" << jc_service << endl;
outfile << "home=" << home << endl;
outfile << "jc_id=" << jc_id << endl;
outfile << "net=" << net << endl;
outfile << "jc_cert=" << jc_cert << endl;
/* //setting the environment variables for all the shell commands called in this C++ programm
run mkdir -p "$DATA_DIR" "$HTTP_DIR" setenv("http_dir",http_dir.c_str(),1);
run chown $uid "$DATA_DIR" setenv("data_dir",data_dir.c_str(),1);
run chmod 751 "$DATA_DIR" setenv("secret_dir",secret_dir.c_str(),1);
run chown $uid:www-data -R "$HTTP_DIR" setenv("docker_dir",docker_dir.c_str(),1);
if [ -d "$SECRET_DIR" ] ; then setenv("jc_service",jc_service.c_str(),1);
run chown $uid "$SECRET_DIR" -R setenv("home",home.c_str(),1);
run chmod 751 "$SECRET_DIR" -R setenv("jc_id",jc_id.c_str(),1);
fi*/ return 0; setenv("net",net.c_str(),1);
setenv("jc_cert",jc_cert.c_str(),1);
//create the directories
//data_dir
fs::create_directories(data_dir);
if (chown(data_dir.c_str(), (unsigned int)stoi(jc_id),(unsigned int)stoi(jc_id)) != 0) {
cerr << "Error changing ownership of" << data_dir << endl;
return -1;
}
fs::permissions(data_dir,fs::perms::owner_all|fs::perms::group_read|fs::perms::group_exec|fs::perms::others_exec,fs::perm_options::replace);
//http_dir
fs::create_directories(http_dir);
string cmd="chown "+ jc_id +":www-data -R "+http_dir;
BashManager::Execute(cmd);
//secret_dir
if (chown(secret_dir.c_str(), (unsigned int)stoi(jc_id),(unsigned int)stoi(jc_id)) != 0) {
cerr << "Error changing ownership of" << secret_dir << endl;
return -1;
}
fs::permissions(secret_dir,fs::perms::owner_all|fs::perms::group_read|fs::perms::group_exec|fs::perms::others_exec,fs::perm_options::replace);
return 0;
} }
int removeEnvService() int removeEnvService()
@ -197,7 +270,7 @@ int main(int argc, char *argv[])
return -1; return -1;
} else { } else {
//check that data is mounted on the server //check that data is mounted on the server
if (!(filesystem::exists("/data/mounted"))) { if (!(fs::exists("/data/mounted"))) {
cerr << "Error. The data is not mounted on the server" << endl; cerr << "Error. The data is not mounted on the server" << endl;
return -1; return -1;
} else { } else {

View File

@ -1,4 +1,4 @@
#!/bin/bash #!/bin/bash
set -euo pipefail set -euo pipefail
#git_update.sh -r -d "$HTTP_DIR" "$GIT_SOURCE_REPO" #git_update.sh -r -d "$HTTP_DIR" "$GIT_SOURCE_REPO"
touch done2