move proftpd- and apache2-virtual to salt, move pacadmin-sudo to salt

This commit is contained in:
Peter Hormanns 2022-12-15 19:22:13 +01:00
parent 0a010f6581
commit 246a5192d6
6 changed files with 5 additions and 107 deletions

View File

@ -12,7 +12,6 @@ import javax.persistence.Query;
import de.hsadmin.core.model.AbstractEntity; import de.hsadmin.core.model.AbstractEntity;
import de.hsadmin.core.qserv.CompoundProcessor; import de.hsadmin.core.qserv.CompoundProcessor;
import de.hsadmin.core.qserv.CreateFileProcessor;
import de.hsadmin.core.qserv.EntityProcessorFactory; import de.hsadmin.core.qserv.EntityProcessorFactory;
import de.hsadmin.core.qserv.NullProcessor; import de.hsadmin.core.qserv.NullProcessor;
import de.hsadmin.core.qserv.Processor; import de.hsadmin.core.qserv.Processor;
@ -46,11 +45,8 @@ public class PacProcessorFactory implements EntityProcessorFactory {
createNetworkInterfacesProc(hive), createNetworkInterfacesProc(hive),
createIPTablesProc(), createIPTablesProc(),
createZonefileProc(em, pac), createZonefileProc(em, pac),
createSudouersProc(hive),
createProftpdConfProc(hive),
createMakePacDirectoryStructure(unixUser), createMakePacDirectoryStructure(unixUser),
createIfUp(pac), createIfUp(pac),
createHttpdVirtualProc(hive),
createSaltCallProc(), createSaltCallProc(),
createLinkSiteProc(pac.getName() + ".hostsharing.net"), createLinkSiteProc(pac.getName() + ".hostsharing.net"),
createAccountingRulesProc())); createAccountingRulesProc()));
@ -74,8 +70,6 @@ public class PacProcessorFactory implements EntityProcessorFactory {
final WaitingTasksProcessor mainProcessor = new WaitingTasksProcessor( new CompoundProcessor( final WaitingTasksProcessor mainProcessor = new WaitingTasksProcessor( new CompoundProcessor(
createEtcHostsProc(hive), createEtcHostsProc(hive),
createNetworkInterfacesProc(hive), createNetworkInterfacesProc(hive),
createProftpdConfProc(hive),
createHttpdVirtualProc(hive),
createSaltCallProc() createSaltCallProc()
)); ));
final Config config = Config.getInstance(); final Config config = Config.getInstance();
@ -101,9 +95,6 @@ public class PacProcessorFactory implements EntityProcessorFactory {
createIfDown(pac), createIfDown(pac),
createEtcHostsProc(hive), createEtcHostsProc(hive),
createNetworkInterfacesProc(hive), createNetworkInterfacesProc(hive),
createSudouersProc(hive),
createProftpdConfProc(hive),
createHttpdVirtualProc(hive),
createUnlinkSiteProc(pac.getName() + ".hostsharing.net"), createUnlinkSiteProc(pac.getName() + ".hostsharing.net"),
createHiveDNSRemoveProcessor(domainName), createHiveDNSRemoveProcessor(domainName),
createAccountingRulesProc(), createAccountingRulesProc(),
@ -129,17 +120,6 @@ public class PacProcessorFactory implements EntityProcessorFactory {
return new ShellProcessor("mk-iptables-rules Accounting"); return new ShellProcessor("mk-iptables-rules Accounting");
} }
private Processor createHttpdVirtualProc(Hive hive) throws HSAdminException {
Processor domSetupProcessor = new CompoundProcessor(
new CreateFileProcessor("/de/hsadmin/mods/pac/httpd-virtual.vm", hive,
"/etc/apache2/conf.d/virtual.conf.tmp", "root", "root", "644", true),
new ShellProcessor("(diff -q /etc/apache2/conf.d/virtual.conf.tmp /etc/apache2/conf.d/virtual.conf"
+ " && rm /etc/apache2/conf.d/virtual.conf.tmp )"
+ " || ( mv /etc/apache2/conf.d/virtual.conf.tmp /etc/apache2/conf.d/virtual.conf "
+ " && invoke-rc.d apache2 reload >/dev/null 2>&1 ) "));
return domSetupProcessor;
}
private Processor createEtcHostsProc(Hive hive) throws ProcessorException { private Processor createEtcHostsProc(Hive hive) throws ProcessorException {
return new VelocityProcessor("/de/hsadmin/mods/pac/hosts.vm", hive, "/etc/hosts", true); return new VelocityProcessor("/de/hsadmin/mods/pac/hosts.vm", hive, "/etc/hosts", true);
} }
@ -216,14 +196,6 @@ public class PacProcessorFactory implements EntityProcessorFactory {
return dnsSetupProcessor; return dnsSetupProcessor;
} }
private Processor createSudouersProc(Hive hive) throws ProcessorException {
return new VelocityProcessor("/de/hsadmin/mods/pac/sudoers-pacs.vm", hive, "/etc/sudoers.d/pacs", true);
}
private Processor createProftpdConfProc(Hive hive) throws ProcessorException {
return new VelocityProcessor("/de/hsadmin/mods/pac/proftpd-pacs-conf.vm", hive, "/etc/proftpd/pacs.conf", true);
}
private Processor createAddUserProc(String pacName, UnixUser unixUser, String password) { private Processor createAddUserProc(String pacName, UnixUser unixUser, String password) {
return new ShellProcessor( return new ShellProcessor(
"newusers", pacName + ":" + password + ":" "newusers", pacName + ":" + password + ":"

View File

@ -1,35 +0,0 @@
#
# This file is managed by HSAdmin.
# Do not edit manually. Changes will be overwritten.
#
#foreach( $pac in ${hive.pacsWithIPAddress} )
<VirtualHost ${pac.curINetAddr.inet4Addr}:80 [${pac.curINetAddr.inet6Addr}]:80>
ServerName _
ServerAdmin webmaster@${pac.name}.hostsharing.net
<Directory />
Redirect 404 /
ErrorDocument 404 "No virtual host configured for this host name."
</Directory>
</VirtualHost>
<VirtualHost ${pac.curINetAddr.inet4Addr}:443 [${pac.curINetAddr.inet6Addr}]:443>
ServerName _
ServerAdmin webmaster@${pac.name}.hostsharing.net
SSLEngine On
SSLCertificateFile /etc/apache2/pems-custom/_.hostsharing.net.crt
SSLCertificateKeyFile /etc/apache2/pems-custom/_.hostsharing.net.key
SSLCertificateChainFile /etc/apache2/pems-custom/_.hostsharing.net.chain
<Directory />
SSLRequireSSL On
Redirect 404 /
ErrorDocument 404 "No virtual host configured for this host name."
</Directory>
</VirtualHost>
#end

View File

@ -1,32 +0,0 @@
#
# This file is managed by HSAdmin.
# Do not edit manually. Changes will be overwritten.
#
#foreach( $pac in ${hive.webpacs} )
<VirtualHost ${pac.curINetAddr.inet4Addr} ${pac.curINetAddr.inet6Addr}>
DefaultRoot ~ ${pac.name}
ServerName "${pac.name}.hostsharing.net"
AllowOverwrite on
AllowForeignAddress on
<Limit LOGIN>
Order allow,deny
AllowGroup ${pac.name}
DenyAll
</Limit>
<Anonymous /home/pacs/${pac.name}/ftp>
User ${pac.name}
Group ${pac.name}
UserAlias anonymous ${pac.name}
UserAlias ftp ${pac.name}
DirFakeUser on ftp
DirFakeGroup on ftp
DirFakeMode 000
AuthAliasOnly on
<Limit WRITE>
DenyAll
</Limit>
</Anonymous>
</VirtualHost>
#end

View File

@ -1,8 +0,0 @@
#
# This file is managed by HSAdmin.
# Do not edit manually. Changes will be overwritten.
#
#foreach( $pac in ${hive.webpacs} )
${pac.name} ALL = (%${pac.name}) NOPASSWD: ALL
#end

View File

@ -53,7 +53,7 @@ public class UnixUser extends AbstractEntity implements Serializable {
@ManyToOne(fetch = FetchType.LAZY) @ManyToOne(fetch = FetchType.LAZY)
private Pac pac; private Pac pac;
@AnnFieldIO(validation="[a-zA-Z0-9\\_\\-\\.\\,\\ ]*", rw=ReadWriteAccess.READWRITE) @AnnFieldIO(validation="[a-zA-Z0-9\\_\\-\\.\\ ]*", rw=ReadWriteAccess.READWRITE)
@Column(name = "comment", columnDefinition = "character varying(128)") @Column(name = "comment", columnDefinition = "character varying(128)")
private String comment; private String comment;

View File

@ -41,9 +41,9 @@ public class UnixUserProcessorFactory implements EntityProcessorFactory {
"usermod -c '" + user.getComment() + "'" + " -d '" "usermod -c '" + user.getComment() + "'" + " -d '"
+ user.getHomedir() + "'" + " -s '" + user.getShell() + user.getHomedir() + "'" + " -s '" + user.getShell()
+ "' " + user.getName())); + "' " + user.getName()));
if (user.getPassword() != null && user.getPassword().length() > 0) if (user.getPassword() != null && user.getPassword().length() > 0) {
aCP.appendProcessor(new ShellProcessor("chpasswd ", user.getName() aCP.appendProcessor(new ShellProcessor("chpasswd ", user.getName() + ":" + user.getPassword() + "\n"));
+ ":" + user.getPassword() + "\n")); }
aCP.appendProcessor(new ShellProcessor("salt-call state.sls pacs >/dev/null 2>&1")); aCP.appendProcessor(new ShellProcessor("salt-call state.sls pacs >/dev/null 2>&1"));
return aCP; return aCP;
} }
@ -66,6 +66,7 @@ public class UnixUserProcessorFactory implements EntityProcessorFactory {
CompoundProcessor proc = new CompoundProcessor(killProcessesProc, userdelProc); CompoundProcessor proc = new CompoundProcessor(killProcessesProc, userdelProc);
proc.appendProcessor(new ShellProcessor("rm -f '/var/spool/cron/crontabs/" + uid + "'")); proc.appendProcessor(new ShellProcessor("rm -f '/var/spool/cron/crontabs/" + uid + "'"));
proc.appendProcessor(new ShellProcessor("rm -f '/var/mail/" + uid + "'")); proc.appendProcessor(new ShellProcessor("rm -f '/var/mail/" + uid + "'"));
proc.appendProcessor(new ShellProcessor("rm -f '/var/lib/systemd/linger/" + uid + "'"));
proc.appendProcessor(new ShellProcessor("rm -rf '/home/storage/" + pac + "/users/" + ( uid.length() > 6 ? uid.substring(6) : '_' ) + "/'")); proc.appendProcessor(new ShellProcessor("rm -rf '/home/storage/" + pac + "/users/" + ( uid.length() > 6 ? uid.substring(6) : '_' ) + "/'"));
proc.appendProcessor(new ShellProcessor("salt-call state.sls pacs >/dev/null 2>&1")); proc.appendProcessor(new ShellProcessor("salt-call state.sls pacs >/dev/null 2>&1"));
return proc; return proc;