createEnvService et findCert créés mais problème de \ à regler avec find Cert
This commit is contained in:
parent
04e1e1b964
commit
05d596286f
111
src/main.cpp
111
src/main.cpp
@ -6,12 +6,14 @@
|
|||||||
#include <cstdlib>
|
#include <cstdlib>
|
||||||
#include <iostream>
|
#include <iostream>
|
||||||
#include <cstring>
|
#include <cstring>
|
||||||
|
#include <unistd.h>
|
||||||
#include <filesystem>
|
#include <filesystem>
|
||||||
#include <fstream>
|
#include <fstream>
|
||||||
#include "Services.h"
|
#include "Services.h"
|
||||||
#include "Modules.h"
|
#include "Modules.h"
|
||||||
#include "BashManager.h"
|
#include "BashManager.h"
|
||||||
using namespace std;
|
using namespace std;
|
||||||
|
namespace fs=filesystem;
|
||||||
|
|
||||||
void help(char * argv0)
|
void help(char * argv0)
|
||||||
{
|
{
|
||||||
@ -60,35 +62,106 @@ int createUser(string serviceUsername)
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
string findCertificate(string serviceUsername)
|
||||||
|
{
|
||||||
|
//this method searches for a specific ssl certificate for the service, either in dns or http directories
|
||||||
|
//it would be under a serviceUsername* folder and named fullchain.perm
|
||||||
|
//if none is found, it returns the dummy certificate
|
||||||
|
|
||||||
|
//searching is dns_certs_path
|
||||||
|
string dns_certs_path=getenv("dns_certs_path"); //dns_certs_path is an environment variable
|
||||||
|
//finding the serviceUsername* directory
|
||||||
|
string cmd="ls $dns_certs_path/"+serviceUsername+" | grep \"^"+serviceUsername+"\(-[0-9]\{4\}\)\?$";
|
||||||
|
string name = BashManager::ExecuteAndReadResult(cmd);
|
||||||
|
if (!name.empty()){
|
||||||
|
//finding the certificate
|
||||||
|
string cert = dns_certs_path+"/"+name+"/fullchain.pem";
|
||||||
|
if (fs::exists(cert)){
|
||||||
|
return cert;
|
||||||
|
} else {
|
||||||
|
cout << "No certificate in " << dns_certs_path << endl;
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
cout << "No certificate in " << dns_certs_path << endl;
|
||||||
|
//searching in http_certs_path
|
||||||
|
string http_certs_path=getenv(("http_certs_path")); //http_certs_path is an environment variable
|
||||||
|
//finding the serviceUsername* directory
|
||||||
|
string cmd="ls $http_certs_path/"+serviceUsername+" | grep \"^"+serviceUsername+"\(-[0-9]\{4\}\)\?$";
|
||||||
|
string name = BashManager::ExecuteAndReadResult(cmd);
|
||||||
|
if (!name.empty()){
|
||||||
|
//finding the certificate
|
||||||
|
string cert = http_certs_path+"/"+name+"/fullchain.pem";
|
||||||
|
if (fs::exists(cert)){
|
||||||
|
return cert;
|
||||||
|
} else {
|
||||||
|
cout << "No certificate in " << http_certs_path << endl;
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
cout << "Using dummy certificate" << endl;
|
||||||
|
return getenv("dummy_cert_path");
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
int createEnvService(string serviceUsername)
|
int createEnvService(string serviceUsername)
|
||||||
{
|
{
|
||||||
|
//this method creates the environment variables of the service as well as its directories
|
||||||
Services services;
|
Services services;
|
||||||
//create directories
|
//environment variables creation
|
||||||
//filesystem::create_directories()
|
|
||||||
string http_dir="/srv/http/"+serviceUsername;
|
string http_dir="/srv/http/"+serviceUsername;
|
||||||
string data_dir="/data/"+serviceUsername;
|
string data_dir="/data/"+serviceUsername;
|
||||||
string secret_dir="/data/secrets/"+serviceUsername;
|
string secret_dir="/data/secrets/"+serviceUsername;
|
||||||
string docker_dir="/services/"+serviceUsername;
|
string docker_dir="/services/"+serviceUsername;
|
||||||
string jc_service=serviceUsername;
|
string jc_service=serviceUsername;
|
||||||
string home="/data/"+serviceUsername;
|
string home="/data/"+serviceUsername;
|
||||||
string net="172.29."+services.FindByUsername(serviceUsername)->GetUserID();
|
string jc_id=to_string(services.FindByUsername(serviceUsername)->GetUserID());
|
||||||
/*
|
string net="172.29."+jc_id;
|
||||||
"HTTP_DIR='/srv/http/$service'" "$dir/.env"
|
string jc_cert=findCertificate(serviceUsername);
|
||||||
|
|
||||||
cert="$(findcert.sh "$service")" || true
|
//create a .env file accessible outside the C++ program
|
||||||
if [ -n "$cert" ] ; then
|
string file = "/services/"+serviceUsername+"/.env";
|
||||||
line_in_file "JC_CERT='$cert'" "$dir/.env"
|
ofstream outfile(file);
|
||||||
fi*/
|
outfile << "http_dir=" << http_dir << endl;
|
||||||
|
outfile << "data_dir=" << data_dir << endl;
|
||||||
|
outfile << "secret_dir=" << secret_dir << endl;
|
||||||
|
outfile << "docker_dir=" << docker_dir << endl;
|
||||||
|
outfile << "jc_service=" << jc_service << endl;
|
||||||
|
outfile << "home=" << home << endl;
|
||||||
|
outfile << "jc_id=" << jc_id << endl;
|
||||||
|
outfile << "net=" << net << endl;
|
||||||
|
outfile << "jc_cert=" << jc_cert << endl;
|
||||||
|
|
||||||
/*
|
//setting the environment variables for all the shell commands called in this C++ programm
|
||||||
run mkdir -p "$DATA_DIR" "$HTTP_DIR"
|
setenv("http_dir",http_dir.c_str(),1);
|
||||||
run chown $uid "$DATA_DIR"
|
setenv("data_dir",data_dir.c_str(),1);
|
||||||
run chmod 751 "$DATA_DIR"
|
setenv("secret_dir",secret_dir.c_str(),1);
|
||||||
run chown $uid:www-data -R "$HTTP_DIR"
|
setenv("docker_dir",docker_dir.c_str(),1);
|
||||||
if [ -d "$SECRET_DIR" ] ; then
|
setenv("jc_service",jc_service.c_str(),1);
|
||||||
run chown $uid "$SECRET_DIR" -R
|
setenv("home",home.c_str(),1);
|
||||||
run chmod 751 "$SECRET_DIR" -R
|
setenv("jc_id",jc_id.c_str(),1);
|
||||||
fi*/ return 0;
|
setenv("net",net.c_str(),1);
|
||||||
|
setenv("jc_cert",jc_cert.c_str(),1);
|
||||||
|
|
||||||
|
//create the directories
|
||||||
|
//data_dir
|
||||||
|
fs::create_directories(data_dir);
|
||||||
|
if (chown(data_dir.c_str(), (unsigned int)stoi(jc_id),(unsigned int)stoi(jc_id)) != 0) {
|
||||||
|
cerr << "Error changing ownership of" << data_dir << endl;
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
fs::permissions(data_dir,fs::perms::owner_all|fs::perms::group_read|fs::perms::group_exec|fs::perms::others_exec,fs::perm_options::replace);
|
||||||
|
//http_dir
|
||||||
|
fs::create_directories(http_dir);
|
||||||
|
string cmd="chown "+ jc_id +":www-data -R "+http_dir;
|
||||||
|
BashManager::Execute(cmd);
|
||||||
|
//secret_dir
|
||||||
|
if (chown(secret_dir.c_str(), (unsigned int)stoi(jc_id),(unsigned int)stoi(jc_id)) != 0) {
|
||||||
|
cerr << "Error changing ownership of" << secret_dir << endl;
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
fs::permissions(secret_dir,fs::perms::owner_all|fs::perms::group_read|fs::perms::group_exec|fs::perms::others_exec,fs::perm_options::replace);
|
||||||
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
int removeEnvService()
|
int removeEnvService()
|
||||||
@ -197,7 +270,7 @@ int main(int argc, char *argv[])
|
|||||||
return -1;
|
return -1;
|
||||||
} else {
|
} else {
|
||||||
//check that data is mounted on the server
|
//check that data is mounted on the server
|
||||||
if (!(filesystem::exists("/data/mounted"))) {
|
if (!(fs::exists("/data/mounted"))) {
|
||||||
cerr << "Error. The data is not mounted on the server" << endl;
|
cerr << "Error. The data is not mounted on the server" << endl;
|
||||||
return -1;
|
return -1;
|
||||||
} else {
|
} else {
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
set -euo pipefail
|
set -euo pipefail
|
||||||
#git_update.sh -r -d "$HTTP_DIR" "$GIT_SOURCE_REPO"
|
#git_update.sh -r -d "$HTTP_DIR" "$GIT_SOURCE_REPO"
|
||||||
touch done2
|
|
||||||
|
Loading…
Reference in New Issue
Block a user