kienan
/
AlternC
mirror of https://github.com/kienanstewart/AlternC.git
1
0
Fork 0
Code Issues Releases Wiki Activity

remote master-key variable: it's configured on the master and propagated to the slave through /var/alternc now

This commit is contained in:
Antoine Beaupré 2009-08-04 20:09:12 +00:00
parent ab5397d2d0
commit c0a7de7ae8
3 changed files with 18 additions and 46 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
debian/alternc-slave.config vendored
View File

@ -148,10 +148,6 @@ if [ -z "$RET" ]
db_set alternc-slave/alternc_location "$ALTERNC_LOC" db_set alternc-slave/alternc_location "$ALTERNC_LOC"
fi fi
# backward compatbility
db_get alternc-slave/mergelog-key || true
[ -z "$RET" ] || db_set alternc-slave/master-key "$RET"
db_input medium alternc-slave/desktopname || true db_input medium alternc-slave/desktopname || true
db_input medium alternc-slave/hostingname || true db_input medium alternc-slave/hostingname || true
db_input medium alternc-slave/internal_ip || true db_input medium alternc-slave/internal_ip || true
@ -168,7 +164,6 @@ db_input low alternc-slave/mysql/client || true
db_input low alternc-slave/sql/backup_type || true db_input low alternc-slave/sql/backup_type || true
db_input low alternc-slave/sql/overwrite || true db_input low alternc-slave/sql/overwrite || true
db_input low alternc-slave/monitor_ip || true db_input low alternc-slave/monitor_ip || true
db_input low alternc-slave/master-key || true
db_go db_go
# vim: et sw=4 # vim: et sw=4

48
debian/alternc-slave.postinst vendored
View File

@ -151,36 +151,24 @@ EOF
. $CONFIGFILE . $CONFIGFILE
fi fi
# multi-server configuration if grep -q alternc-mergelog /etc/passwd ; then
db_get "alternc-slave/master-key" echo "Reusing the alternc-mergelog account as a generic alternc account"
key="$RET" # the uid is ugly. we should request allocation from
if [ "X$key" != "" ]; then # base-passwd instead
if grep -q alternc-mergelog /etc/passwd ; then usermod --quiet --uid 342 --shell /usr/bin/rbash --login alternc alternc-mergelog
echo "Reusing the alternc-mergelog account as a generic alternc account" # this is a separate step otherwise usermod will look for
# the uid is ugly. we should request allocation from # files to chown in /var/alternc, which takes a long time
# base-passwd instead usermod --quiet --home $ALTERNC_LOC alternc
usermod --quiet --uid 342 --shell /usr/bin/rbash --login alternc alternc-mergelog fi
# this is a separate step otherwise usermod will look for if [ -d /var/run/alternc-mergelog/.ssh ]; then
# files to chown in /var/alternc, which takes a long time echo "Cleaning up old alternc-mergelog home"
usermod --quiet --home $ALTERNC_LOC alternc mv /var/run/alternc-mergelog/.ssh $ALTERNC_LOC/.ssh && rmdir /var/run/alternc-mergelog
fi fi
if [ -d /var/run/alternc-mergelog/.ssh ]; then if ! grep -q alternc /etc/passwd ; then
echo "Cleaning up old alternc-mergelog home" echo "Creating alternc account"
mv /var/run/alternc-mergelog/.ssh $ALTERNC_LOC/.ssh && rmdir /var/run/alternc-mergelog # this uid is ugly. we should request allocation from
fi # base-password instead
if ! grep -q alternc /etc/passwd ; then adduser --quiet --system --uid 342 --home $ALTERNC_LOC --shell /usr/bin/rbash --ingroup adm alternc
echo "Creating alternc account"
# this uid is ugly. we should request allocation from
# base-password instead
adduser --quiet --system --uid 342 --home $ALTERNC_LOC --shell /usr/bin/rbash --ingroup adm alternc
fi
if ! grep -q "$key" $ALTERNC_LOC/.ssh/authorized_keys ; then
echo "Authorizing requested key to access alternc-mergelog account"
mkdir -p $ALTERNC_LOC/.ssh
echo "$key" >> $ALTERNC_LOC/.ssh/authorized_keys
chown -R alternc:adm $ALTERNC_LOC/.ssh
chmod -R og-rwx $ALTERNC_LOC/.ssh
fi
fi fi
echo "checking for upgrades" echo "checking for upgrades"

11
debian/alternc-slave.templates vendored
View File

@ -176,14 +176,3 @@ Type: boolean
_Description: Should AlternC remove bind mailboxes ? _Description: Should AlternC remove bind mailboxes ?
If you accept all users e-mails will be deleted If you accept all users e-mails will be deleted
Template:alternc-slave/master-key
Type: string
_Description: SSH key of the master server:
The slave nodes can be configured to accept connexions from a central
server (the master server) that will operate various maintenance tasks
on the slave. This currently includes logfile centralisation and
service reloading but may be expanded to other domains.
.
To configure this, the server needs to have an account created and a
public key. Enter the public key here and the account will be created.
If this field is left empty, no account will be created.