From bcc7aefa1c6fb999992c07327e1df9456814a283 Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 19 Feb 2014 13:41:11 +0100 Subject: retiolum github hosts sync: initial commit --- retiolum/scripts/github_hosts_sync/index | 62 ++++++++++++++++++++++++++++++++ 1 file changed, 62 insertions(+) create mode 100755 retiolum/scripts/github_hosts_sync/index (limited to 'retiolum/scripts') diff --git a/retiolum/scripts/github_hosts_sync/index b/retiolum/scripts/github_hosts_sync/index new file mode 100755 index 00000000..31cbc763 --- /dev/null +++ b/retiolum/scripts/github_hosts_sync/index @@ -0,0 +1,62 @@ +#! /bin/sh +# TODO do_work should retry until success +set -euf + +port=1028 +local_painload=/krebs; remote_painload="git@github.com:krebscode/painload.git" +local_hosts=/tmp/hosts; remote_hosts="git@github.com:krebscode/hosts.git" + +main() { + ensure_local_painload + ensure_local_hosts + is_worker && do_work || become_server +} + +ensure_local_painload() { + test -d "$local_painload" || git clone "$remote_painload" "$local_painload" +} + +ensure_local_hosts() { + test -d "$local_hosts" || git clone "$remote_hosts" "$local_hosts" +} + +become_server() { + exec socat "TCP-LISTEN:$port,reuseaddr,fork" "EXEC:$0" +} + +is_worker() { + test "${SOCAT_SOCKPORT-}" = "$port" +} + +do_work() { + # read request + req_line="$(read line && echo "$line")" + req_hdrs="$(sed -n '/^\r$/q;p')" + + set -x + + cd "$local_hosts" + git pull >&2 + + cd "$local_hosts" + find . -name .git -prune -o -type f -exec git rm \{\} \; >/dev/null + + cd "$local_painload" + git pull >&2 + + find "$local_painload/retiolum/hosts" -type f -exec cp \{\} "$local_hosts" \; + + cd "$local_hosts" + find . -name .git -prune -o -type f -exec git add \{\} \; >&2 + if git status --porcelain | grep -q .; then + git commit -m bump >&2 + git push >&2 + fi + + echo "HTTP/1.1 200 OK" + echo + echo "https://github.com/krebscode/hosts/archive/master.tar.gz" + echo "https://github.com/krebscode/hosts/archive/master.zip" +} + +main "$@" -- cgit v1.2.3 From 2ce39803bf71bd49503ee8a6d81d73091883b465 Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 19 Feb 2014 13:48:03 +0100 Subject: hosts sync: add systemd files --- retiolum/scripts/github_hosts_sync/index | 2 +- .../scripts/github_hosts_sync/systemd/hosts-sync.conf | 1 + .../scripts/github_hosts_sync/systemd/hosts-sync.service | 15 +++++++++++++++ 3 files changed, 17 insertions(+), 1 deletion(-) create mode 100644 retiolum/scripts/github_hosts_sync/systemd/hosts-sync.conf create mode 100644 retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service (limited to 'retiolum/scripts') diff --git a/retiolum/scripts/github_hosts_sync/index b/retiolum/scripts/github_hosts_sync/index index 31cbc763..7b444ea4 100755 --- a/retiolum/scripts/github_hosts_sync/index +++ b/retiolum/scripts/github_hosts_sync/index @@ -2,7 +2,7 @@ # TODO do_work should retry until success set -euf -port=1028 +port=${port-1028} local_painload=/krebs; remote_painload="git@github.com:krebscode/painload.git" local_hosts=/tmp/hosts; remote_hosts="git@github.com:krebscode/hosts.git" diff --git a/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.conf b/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.conf new file mode 100644 index 00000000..606f17b4 --- /dev/null +++ b/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.conf @@ -0,0 +1 @@ +port=1028 diff --git a/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service b/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service new file mode 100644 index 00000000..60d4799f --- /dev/null +++ b/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service @@ -0,0 +1,15 @@ +[Unit] +Description=retiolum github hosts sync +After=network.target + +[Service] +EnvironmentFile=/etc/conf.d/retiolum-github-hosts-sync.conf +ExecStart=/krebs/retiolum/scripts/github_hosts_sync/index +KillMode=process +User=hosts-sync +Group=hosts-sync +Restart=yes + +[Install] +WantedBy=multi-user.target + -- cgit v1.2.3 From 69afd37b41d04b25a868da7d8fd2241b2a3aaa03 Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 19 Feb 2014 13:58:09 +0100 Subject: hosts sync: fix pasto --- retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'retiolum/scripts') diff --git a/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service b/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service index 60d4799f..16235a6d 100644 --- a/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service +++ b/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service @@ -3,7 +3,7 @@ Description=retiolum github hosts sync After=network.target [Service] -EnvironmentFile=/etc/conf.d/retiolum-github-hosts-sync.conf +EnvironmentFile=/etc/conf.d/hosts-sync.conf ExecStart=/krebs/retiolum/scripts/github_hosts_sync/index KillMode=process User=hosts-sync -- cgit v1.2.3 From fabc9fa4705f4d1ae08468957a5bf4a0ecae672a Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 19 Feb 2014 14:02:51 +0100 Subject: hosts sync: fix remote painload uri --- retiolum/scripts/github_hosts_sync/index | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'retiolum/scripts') diff --git a/retiolum/scripts/github_hosts_sync/index b/retiolum/scripts/github_hosts_sync/index index 7b444ea4..e4da9305 100755 --- a/retiolum/scripts/github_hosts_sync/index +++ b/retiolum/scripts/github_hosts_sync/index @@ -3,7 +3,7 @@ set -euf port=${port-1028} -local_painload=/krebs; remote_painload="git@github.com:krebscode/painload.git" +local_painload=/krebs; remote_painload="https://github.com/krebscode/painload" local_hosts=/tmp/hosts; remote_hosts="git@github.com:krebscode/hosts.git" main() { -- cgit v1.2.3 From 023e449de9e0f5731d9a88f7a9eacc18e1f9af96 Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 19 Feb 2014 14:03:04 +0100 Subject: hosts sync: fix service parse error --- retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service | 1 - 1 file changed, 1 deletion(-) (limited to 'retiolum/scripts') diff --git a/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service b/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service index 16235a6d..83609740 100644 --- a/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service +++ b/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service @@ -8,7 +8,6 @@ ExecStart=/krebs/retiolum/scripts/github_hosts_sync/index KillMode=process User=hosts-sync Group=hosts-sync -Restart=yes [Install] WantedBy=multi-user.target -- cgit v1.2.3 From 93c56cedd11be673176f1519fd17d05f67844e34 Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 19 Feb 2014 14:08:47 +0100 Subject: hosts sync: fix local repo uris --- retiolum/scripts/github_hosts_sync/index | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'retiolum/scripts') diff --git a/retiolum/scripts/github_hosts_sync/index b/retiolum/scripts/github_hosts_sync/index index e4da9305..53c96efd 100755 --- a/retiolum/scripts/github_hosts_sync/index +++ b/retiolum/scripts/github_hosts_sync/index @@ -3,8 +3,10 @@ set -euf port=${port-1028} -local_painload=/krebs; remote_painload="https://github.com/krebscode/painload" -local_hosts=/tmp/hosts; remote_hosts="git@github.com:krebscode/hosts.git" +local_painload=$HOME/painload +remote_painload="https://github.com/krebscode/painload" +local_hosts=$HOME/hosts +remote_hosts="git@github.com:krebscode/hosts.git" main() { ensure_local_painload -- cgit v1.2.3 From a265ea9d0693a25fffa2ed0eaa9622b91758f51a Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 19 Feb 2014 14:10:56 +0100 Subject: hosts sync: rename index for nicer journal --- retiolum/scripts/github_hosts_sync/hosts-sync | 64 ++++++++++++++++++++++ retiolum/scripts/github_hosts_sync/index | 64 ---------------------- .../github_hosts_sync/systemd/hosts-sync.service | 2 +- 3 files changed, 65 insertions(+), 65 deletions(-) create mode 100755 retiolum/scripts/github_hosts_sync/hosts-sync delete mode 100755 retiolum/scripts/github_hosts_sync/index (limited to 'retiolum/scripts') diff --git a/retiolum/scripts/github_hosts_sync/hosts-sync b/retiolum/scripts/github_hosts_sync/hosts-sync new file mode 100755 index 00000000..53c96efd --- /dev/null +++ b/retiolum/scripts/github_hosts_sync/hosts-sync @@ -0,0 +1,64 @@ +#! /bin/sh +# TODO do_work should retry until success +set -euf + +port=${port-1028} +local_painload=$HOME/painload +remote_painload="https://github.com/krebscode/painload" +local_hosts=$HOME/hosts +remote_hosts="git@github.com:krebscode/hosts.git" + +main() { + ensure_local_painload + ensure_local_hosts + is_worker && do_work || become_server +} + +ensure_local_painload() { + test -d "$local_painload" || git clone "$remote_painload" "$local_painload" +} + +ensure_local_hosts() { + test -d "$local_hosts" || git clone "$remote_hosts" "$local_hosts" +} + +become_server() { + exec socat "TCP-LISTEN:$port,reuseaddr,fork" "EXEC:$0" +} + +is_worker() { + test "${SOCAT_SOCKPORT-}" = "$port" +} + +do_work() { + # read request + req_line="$(read line && echo "$line")" + req_hdrs="$(sed -n '/^\r$/q;p')" + + set -x + + cd "$local_hosts" + git pull >&2 + + cd "$local_hosts" + find . -name .git -prune -o -type f -exec git rm \{\} \; >/dev/null + + cd "$local_painload" + git pull >&2 + + find "$local_painload/retiolum/hosts" -type f -exec cp \{\} "$local_hosts" \; + + cd "$local_hosts" + find . -name .git -prune -o -type f -exec git add \{\} \; >&2 + if git status --porcelain | grep -q .; then + git commit -m bump >&2 + git push >&2 + fi + + echo "HTTP/1.1 200 OK" + echo + echo "https://github.com/krebscode/hosts/archive/master.tar.gz" + echo "https://github.com/krebscode/hosts/archive/master.zip" +} + +main "$@" diff --git a/retiolum/scripts/github_hosts_sync/index b/retiolum/scripts/github_hosts_sync/index deleted file mode 100755 index 53c96efd..00000000 --- a/retiolum/scripts/github_hosts_sync/index +++ /dev/null @@ -1,64 +0,0 @@ -#! /bin/sh -# TODO do_work should retry until success -set -euf - -port=${port-1028} -local_painload=$HOME/painload -remote_painload="https://github.com/krebscode/painload" -local_hosts=$HOME/hosts -remote_hosts="git@github.com:krebscode/hosts.git" - -main() { - ensure_local_painload - ensure_local_hosts - is_worker && do_work || become_server -} - -ensure_local_painload() { - test -d "$local_painload" || git clone "$remote_painload" "$local_painload" -} - -ensure_local_hosts() { - test -d "$local_hosts" || git clone "$remote_hosts" "$local_hosts" -} - -become_server() { - exec socat "TCP-LISTEN:$port,reuseaddr,fork" "EXEC:$0" -} - -is_worker() { - test "${SOCAT_SOCKPORT-}" = "$port" -} - -do_work() { - # read request - req_line="$(read line && echo "$line")" - req_hdrs="$(sed -n '/^\r$/q;p')" - - set -x - - cd "$local_hosts" - git pull >&2 - - cd "$local_hosts" - find . -name .git -prune -o -type f -exec git rm \{\} \; >/dev/null - - cd "$local_painload" - git pull >&2 - - find "$local_painload/retiolum/hosts" -type f -exec cp \{\} "$local_hosts" \; - - cd "$local_hosts" - find . -name .git -prune -o -type f -exec git add \{\} \; >&2 - if git status --porcelain | grep -q .; then - git commit -m bump >&2 - git push >&2 - fi - - echo "HTTP/1.1 200 OK" - echo - echo "https://github.com/krebscode/hosts/archive/master.tar.gz" - echo "https://github.com/krebscode/hosts/archive/master.zip" -} - -main "$@" diff --git a/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service b/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service index 83609740..5fb9ed41 100644 --- a/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service +++ b/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service @@ -4,7 +4,7 @@ After=network.target [Service] EnvironmentFile=/etc/conf.d/hosts-sync.conf -ExecStart=/krebs/retiolum/scripts/github_hosts_sync/index +ExecStart=/krebs/retiolum/scripts/github_hosts_sync/hosts-sync KillMode=process User=hosts-sync Group=hosts-sync -- cgit v1.2.3 From 1cd304b57bc2ad725fa074d4537c2bdefa821085 Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 19 Feb 2014 14:23:13 +0100 Subject: hosts-sync: add #?-doc --- retiolum/scripts/github_hosts_sync/README | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 retiolum/scripts/github_hosts_sync/README (limited to 'retiolum/scripts') diff --git a/retiolum/scripts/github_hosts_sync/README b/retiolum/scripts/github_hosts_sync/README new file mode 100644 index 00000000..12aa8dfe --- /dev/null +++ b/retiolum/scripts/github_hosts_sync/README @@ -0,0 +1,26 @@ +#? /bin/sh + +useradd -m hosts-sync +cp systemd/hosts-sync.service /etc/systemd/system/ +cp systemd/hosts-sync.conf /etc/conf.d/ + +sudo -u hosts-sync -i ssh-keygen +add /home/hosts-sync/.ssh/id_rsa.pub as github/krebscode/hosts deploy key +sudo -u hosts-sync -i git clone git@github.com:krebscode/hosts.git ~hosts-sync/hosts # to accept the remote key (and have an initial copy) + +sudo -u hosts-sync -i git config --global user.email hosts-sync@ire.retiolum +sudo -u hosts-sync -i git config --global user.name hosts-sync +sudo -u hosts-sync -i git config --global push.default simple + +systemctl start hosts-sync +systemctl enable hosts-sync + +TODO firewall setup + +#? /bin/sh (update service) +git pull +cp retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service /etc/systemd/system/ +systemctl daemon-reload +systemctl restart hosts-sync + + -- cgit v1.2.3