adrian
/
schematics
1
0
Fork 0
Code Issues Pull Requests Releases Activity
A library for writing host-specific, single-binary configuration management and deployment tools
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
55 Commits
1 Branch
0 Tags
810 KiB
Tree: cbb5742ac3
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'cbb5742ac3'
${ noResults }
schematics/src/symbols/factory.rs

198 lines
7.4 KiB
Raw Normal View History

Don't require static lifetime in serve_php
5 years ago
Update
6 years ago
Add factory
7 years ago
Update
6 years ago
Add factory
7 years ago
Update
7 years ago
Update
6 years ago
Add factory
7 years ago
Update
6 years ago
Update
6 years ago
Add factory
7 years ago
Update
6 years ago
Add factory
7 years ago
Update
6 years ago
Add factory
7 years ago
Update
6 years ago
Add factory
7 years ago
Update
6 years ago
Add factory
7 years ago
Update
7 years ago
Add PHP-related factory functions
6 years ago
Update
6 years ago
Add PHP-related factory functions
6 years ago
Update
6 years ago
Add PHP-related factory functions
6 years ago
Don't require static lifetime in serve_php
5 years ago
Update
6 years ago
Add PHP-related factory functions
6 years ago
Update
6 years ago
Update
6 years ago
Update
6 years ago
Update
6 years ago
Update
6 years ago
Add factory
7 years ago
  1. use std::borrow::Cow;
  2. use std::ops::Deref;
  3. use std::path::Path;
  5. use command_runner::{CommandRunner, SetuidCommandRunner};
  6. use storage::{SimpleStorage, Storage};
  7. use symbols::{Action, Symbol, SymbolRunner};
  8. use symbols::acme::{AcmeCert, AcmeCertChain};
  9. use symbols::file::File;
  10. use symbols::git::checkout::GitCheckout;
  11. use symbols::hook::Hook;
  12. use symbols::list::ListAction;
  13. use symbols::mariadb::{DatabaseDump, MariaDBDatabase, MariaDBUser};
  14. use symbols::nginx::server::{NginxServer, server_config};
  15. use symbols::owner::Owner;
  16. use symbols::stored_directory::{StoredDirectory, StorageDirection};
  17. use symbols::systemd::reload::ReloadService;
  18. use symbols::tls::SelfSignedTlsCert;
  20. pub trait Policy {
  21. fn user_name_for_host(&self, host_name: &'static str) -> String;
  22. }
  24. pub struct DefaultPolicy;
  26. impl Policy for DefaultPolicy {
  27. fn user_name_for_host(&self, host_name: &'static str) -> String {
  28. host_name.split('.').rev().fold(String::new(), |result, part| if result.len() > 0 { result + "_" } else { result } + part)
  29. }
  30. }
  32. pub struct SymbolFactory<'a, C: 'a + CommandRunner, R: 'a + SymbolRunner, P: 'a + Policy>{
  33. command_runner: &'a C,
  34. acme_command_runner: SetuidCommandRunner<'a, C>,
  35. symbol_runner: &'a R,
  36. policy: &'a P
  37. }
  39. impl<'b, C: 'b + CommandRunner, R: 'b + SymbolRunner, P: 'b + Policy> SymbolFactory<'b, C, R, P> {
  40. pub fn new(command_runner: &'b C, symbol_runner: &'b R, policy: &'b P) -> Self {
  41. let acme_user = "acme"; // FIXME: CONFIG
  43. let acme_command_runner = SetuidCommandRunner::new(acme_user, command_runner);
  44. SymbolFactory {
  45. command_runner: command_runner,
  46. acme_command_runner: acme_command_runner,
  47. symbol_runner: symbol_runner,
  48. policy: policy
  49. }
  50. }
  52. pub fn get_nginx_acme_server<'a, 'c: 'a, S: 'a + Symbol>(&'c self, host: &'static str, nginx_server_symbol: S) -> Box<Action + 'a> {
  53. Box::new(ListAction::new(vec![
  54. Box::new(SelfSignedTlsCert::new(
  55. host.into(),
  56. self.command_runner
  57. )).into_action(self.symbol_runner),
  58. Box::new(Hook::new(
  59. nginx_server_symbol,
  60. ReloadService::new("nginx", self.command_runner)
  61. )).into_action(self.symbol_runner),
  62. Box::new(AcmeCert::new(
  63. host.into(),
  64. &self.acme_command_runner
  65. )).into_action(self.symbol_runner),
  66. Box::new(Hook::new(
  67. AcmeCertChain::new(
  68. host.into(),
  69. &self.acme_command_runner
  70. ),
  71. ReloadService::new("nginx", self.command_runner)
  72. )).into_action(self.symbol_runner)
  73. ]))
  74. }
  75. pub fn get_nginx_acme_challenge_config<'a>(&'a self) -> Box<Action + 'a> {
  76. Box::new(File::new(
  77. "/etc/nginx/snippets/acme-challenge.conf", "location ^~ /.well-known/acme-challenge/ {
  78. alias /home/acme/challenges/;
  79. try_files $uri =404;
  80. }"
  81. )).into_action(self.symbol_runner)
  82. }
  84. fn get_php_fpm_pool_socket_path<'a>(&'a self, user_name: &str) -> String {
  85. format!("/run/php/{}.sock", user_name)
  86. }
  88. fn get_php_fpm_pool<'a>(&'a self, user_name: &str) -> Box<Action + 'a> {
  89. let socket = self.get_php_fpm_pool_socket_path(user_name);
  90. Box::new(Hook::new(
  91. File::new(
  92. format!("/etc/php/7.0/fpm/pool.d/{}.conf", user_name),
  93. format!(
  94. "[{0}]
  96. user = {0}
  97. group = www-data
  98. listen = {1}
  99. listen.owner = www-data
  100. pm = ondemand
  101. pm.max_children = 10"
  102. , user_name, socket)),
  103. ReloadService::new("php7.0-fpm", self.command_runner)
  104. )).into_action(self.symbol_runner)
  105. }
  107. pub fn serve_php<'a>(&'a self, host_name: &'static str, root_dir: Cow<'a, str>) -> Box<Action + 'a> {
  108. let user_name = self.policy.user_name_for_host(host_name);
  109. let socket = self.get_php_fpm_pool_socket_path(&user_name);
  110. Box::new(ListAction::new(vec![
  111. self.get_php_fpm_pool(&user_name),
  112. self.get_nginx_acme_server(host_name,
  113. NginxServer::new_php(
  114. host_name,
  115. socket.into(),
  116. root_dir,
  117. self.command_runner
  118. )
  119. )
  120. ]))
  121. }
  123. pub fn serve_dokuwiki<'a>(&'a self, host_name: &'static str, root_dir: &'static str) -> Box<Action + 'a> {
  124. let user_name = self.policy.user_name_for_host(host_name);
  125. let socket = self.get_php_fpm_pool_socket_path(&user_name);
  126. Box::new(ListAction::new(vec![
  127. self.get_php_fpm_pool(&user_name),
  128. self.get_nginx_acme_server(host_name,
  129. NginxServer::new(
  130. host_name,
  131. server_config("hostname", &format!("
  132. root {};
  133. index doku.php;
  134. location ~ [^/]\\.php(/|$) {{
  135. fastcgi_pass unix:{};
  136. include \"snippets/fastcgi-php.conf\";
  137. }}
  139. location ~ /(data/|conf/|bin/|inc/|install.php) {{ deny all; }}
  141. location / {{ try_files $uri $uri/ @dokuwiki; }}
  143. location @dokuwiki {{
  144. # rewrites \"doku.php/\" out of the URLs if you set the userewrite setting to .htaccess in dokuwiki config page
  145. rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last;
  146. rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last;
  147. rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last;
  148. rewrite ^/(.*) /doku.php?id=$1&$args last;
  149. }}
  150. ",
  151. root_dir,
  152. socket)),
  153. self.command_runner
  154. ))
  155. ]))
  156. }
  158. pub fn serve_redir<'a>(&'a self, host_name: &'static str, target: &'static str) -> Box<Action + 'a> {
  159. self.get_nginx_acme_server(host_name, NginxServer::new_redir(host_name, target, self.command_runner))
  160. }
  162. pub fn serve_static<'a>(&'a self, host_name: &'static str, dir: &'a str) -> Box<Action + 'a> {
  163. self.get_nginx_acme_server(host_name, NginxServer::new_static(host_name, dir, self.command_runner))
  164. }
  166. pub fn get_stored_directory<'a, T: Into<String>>(&'a self, storage_name: &'static str, target: T) -> (Box<Action + 'a>, Box<Action + 'a>) {
  167. let data = SimpleStorage::new("/root/data".to_string(), storage_name.to_string());
  168. let string_target = target.into();
  169. (
  170. Box::new(StoredDirectory::new(string_target.clone().into(), data.clone(), StorageDirection::Save, self.command_runner)).into_action(self.symbol_runner),
  171. Box::new(StoredDirectory::new(string_target.into(), data.clone(), StorageDirection::Load, self.command_runner)).into_action(self.symbol_runner)
  172. )
  173. }
  175. pub fn get_mariadb_database<'a>(&'a self, name: &'static str) -> Box<Action + 'a> {
  176. let db_dump = SimpleStorage::new("/root/data".to_string(), format!("{}.sql", name));
  177. Box::new(ListAction::new(vec![
  178. Box::new(MariaDBDatabase::new(name.into(), db_dump.read_filename().unwrap().into(), self.command_runner)).into_action(self.symbol_runner),
  179. Box::new(DatabaseDump::new(name, db_dump, self.command_runner)).into_action(self.symbol_runner)
  180. ]))
  181. }
  183. pub fn get_mariadb_user<'a>(&'a self, user_name: &'static str) -> Box<Action + 'a> {
  184. Box::new(MariaDBUser::new(user_name.into(), self.command_runner)).into_action(self.symbol_runner)
  185. }
  187. pub fn get_git_checkout<'a, T: 'a + AsRef<str>>(&'a self, target: T, source: &'a str, branch: &'a str) -> Box<Action + 'a> {
  188. Box::new(GitCheckout::new(target, source, branch, self.command_runner)).into_action(self.symbol_runner)
  189. }
  191. pub fn get_owner<'a, F: 'a + AsRef<str>>(&'a self, file: F, user: &'a str) -> Box<Action + 'a> {
  192. Box::new(Owner::new(file, user.into(), self.command_runner)).into_action(self.symbol_runner)
  193. }
  195. pub fn get_file<'a, F: 'a + Deref<Target=str>, Q: 'a + AsRef<Path>>(&'a self, path: Q, content: F) -> Box<Action + 'a> {
  196. Box::new(File::new(path, content)).into_action(self.symbol_runner)
  197. }
  198. }