diff options
author | Jesse Luehrs <doy@tozt.net> | 2018-10-17 04:17:18 -0400 |
---|---|---|
committer | Jesse Luehrs <doy@tozt.net> | 2018-10-17 04:17:18 -0400 |
commit | 0e6cde8ea6fa59435f89ad3511ac585286d4314e (patch) | |
tree | 850026a465f293e7b58b2ee4dc61d00761e0a87f /bin | |
parent | e59c5054873c8a5c99d2f4aa71e43ea262591041 (diff) | |
download | puppet-tozt-0e6cde8ea6fa59435f89ad3511ac585286d4314e.tar.gz puppet-tozt-0e6cde8ea6fa59435f89ad3511ac585286d4314e.zip |
install generated algo configs too
Diffstat (limited to 'bin')
-rwxr-xr-x | bin/algo-config | 38 | ||||
-rwxr-xr-x | bin/helpers/algo-virtualenv | 22 | ||||
-rwxr-xr-x | bin/helpers/launch-algo | 32 |
3 files changed, 68 insertions, 24 deletions
diff --git a/bin/algo-config b/bin/algo-config new file mode 100755 index 0000000..f7c96d2 --- /dev/null +++ b/bin/algo-config @@ -0,0 +1,38 @@ +#!/usr/bin/env bash +set -eu +set -o pipefail + +script_path="$(realpath "$(dirname "$0")")" +secrets_bin="${script_path}/secrets" +config_path=/mnt/algo/algo/configs/165.227.249.213/wireguard + +"$secrets_bin" open +trap '"$secrets_bin" close' EXIT + +if [ -z "${VIRTUAL_ENV:-}" ]; then + # shellcheck disable=SC1090 + . "${script_path}/helpers/algo-virtualenv" + : +fi + +# hush +sudo cp "$config_path"/hush.conf /etc/wireguard/algo-captive.conf +sed 's|^AllowedIPs.*|AllowedIPs = 10.19.49.0/24, fd9d:bc11:4021::/48, 172.16.0.1/32|' "$config_path/hush.conf" > "$config_path/hush-not-captive.conf" +sudo cp "$config_path/hush-not-captive.conf" /etc/wireguard/algo.conf + +# tozt +sed 's|^AllowedIPs.*|AllowedIPs = 10.19.49.0/24, fd9d:bc11:4021::/48, 172.16.0.1/32|' "$config_path/tozt.conf" > "$config_path/tozt-not-captive.conf" +scp "$config_path/tozt-not-captive.conf" root@tozt.net:/etc/wireguard/algo.conf + +# phone +echo "algo-captive" +sxiv "$config_path/phone.png" +echo "algo" +segno --scale=5 --output="$config_path/phone-not-captive.png" "$(sed 's|^AllowedIPs.*|AllowedIPs = 10.19.49.0/24, fd9d:bc11:4021::/48, 172.16.0.1/32|' "$config_path/phone.conf")" +sxiv "$config_path/phone-not-captive.png" + +# bishamon +# XXX todo + +# mail +# XXX todo diff --git a/bin/helpers/algo-virtualenv b/bin/helpers/algo-virtualenv new file mode 100755 index 0000000..531873f --- /dev/null +++ b/bin/helpers/algo-virtualenv @@ -0,0 +1,22 @@ +#!/usr/bin/env bash +set -eu +set -o pipefail + +# using tmpdir as a virtualenv because the tozt-secrets filesystem is too small +# to hold the whole python installation +envdir="$(mktemp --tmpdir -d launch-algo.XXXXXXXXXX)" +cleanup() { + if perl -e'exit 1 unless $ARGV[0] =~ m{^/tmp/launch-algo.*$}' "$envdir"; then + rm -rf "$envdir" + fi +} +trap cleanup EXIT + +python2 -m virtualenv --python="$(command -v python2)" "$envdir" +set +eu +# shellcheck disable=SC1090 +. "$envdir"/bin/activate +set -eu + +python -m pip install -U pip +python -m pip install -r /mnt/algo/algo/requirements.txt diff --git a/bin/helpers/launch-algo b/bin/helpers/launch-algo index b3849f7..bf32290 100755 --- a/bin/helpers/launch-algo +++ b/bin/helpers/launch-algo @@ -3,6 +3,12 @@ set -eu set -o pipefail script_path="$(realpath "$(dirname "$0")")" +logfile="/mnt/algo/algo-log-$(date +%s).log" +latest_logfile=/mnt/algo/algo-log-latest.log + +touch "$logfile" +ln -sf "$(basename "$logfile")" "$latest_logfile" +echo "Logging to $latest_logfile" cd /mnt/algo/algo git reset --hard @@ -10,31 +16,9 @@ git clean -dfx git pull git apply "${script_path}/algo-config.diff" -# using tmpdir as a virtualenv because the tozt-secrets filesystem is too small -# to hold the whole python installation -envdir="$(mktemp --tmpdir -d launch-algo.XXXXXXXXXX)" -cleanup() { - if perl -e'exit 1 unless $ARGV[0] =~ m{^/tmp/launch-algo.*$}' "$envdir"; then - rm -rf "$envdir" - fi -} -trap cleanup EXIT - -python2 -m virtualenv --python="$(command -v python2)" "$envdir" -set +eu -# shellcheck disable=SC1090 -. "$envdir"/bin/activate -set -eu - -logfile="/mnt/algo/algo-log-$(date +%s).log" -latest_logfile=/mnt/algo/algo-log-latest.log -touch "$logfile" -ln -sf "$(basename "$logfile")" "$latest_logfile" -echo "Logging to $latest_logfile" - echo "Installing dependencies..." -python -m pip install -U pip >> "$logfile" -python -m pip install -r requirements.txt >> "$logfile" +# shellcheck disable=SC1090 +. "${script_path}/algo-virtualenv" >> "$logfile" echo "done." echo "Running Ansible..." |