|
|
@ -54,7 +54,7 @@ impl<P, D: AsRef<str>> ResourceLocator<Key<D>> for DefaultLocator<P> { |
|
|
|
type Prerequisites = Dir<PathBuf>;
|
|
|
|
fn locate(resource: &Key<D>) -> (<Key<D> as Resource>::Artifact, Self::Prerequisites) {
|
|
|
|
(
|
|
|
|
PathArtifact(format!("/etc/ssl/private/{}.key", resource.0.as_ref()).into()),
|
|
|
|
PathArtifact::from(format!("/etc/ssl/private/{}.key", resource.0.as_ref())),
|
|
|
|
Dir("/etc/ssl/private".into()),
|
|
|
|
)
|
|
|
|
}
|
|
|
@ -64,7 +64,7 @@ impl<P, D: AsRef<str>> ResourceLocator<Csr<D>> for DefaultLocator<P> { |
|
|
|
type Prerequisites = Dir<PathBuf>;
|
|
|
|
fn locate(resource: &Csr<D>) -> (<Csr<D> as Resource>::Artifact, Self::Prerequisites) {
|
|
|
|
(
|
|
|
|
PathArtifact(format!("/etc/ssl/local_certs/{}.csr", resource.0.as_ref()).into()),
|
|
|
|
PathArtifact::from(format!("/etc/ssl/local_certs/{}.csr", resource.0.as_ref())),
|
|
|
|
Dir("/etc/ssl/local_certs".into()),
|
|
|
|
)
|
|
|
|
}
|
|
|
@ -74,7 +74,7 @@ impl<P, D: AsRef<str>> ResourceLocator<Cert<D>> for DefaultLocator<P> { |
|
|
|
type Prerequisites = Dir<PathBuf>;
|
|
|
|
fn locate(resource: &Cert<D>) -> (<Cert<D> as Resource>::Artifact, Self::Prerequisites) {
|
|
|
|
(
|
|
|
|
PathArtifact(format!("/etc/ssl/local_certs/{}.crt", resource.0.as_ref()).into()),
|
|
|
|
PathArtifact::from(format!("/etc/ssl/local_certs/{}.crt", resource.0.as_ref())),
|
|
|
|
Dir("/etc/ssl/local_certs".into()),
|
|
|
|
)
|
|
|
|
}
|
|
|
@ -86,7 +86,10 @@ impl<P, D: AsRef<str>> ResourceLocator<CertChain<D>> for DefaultLocator<P> { |
|
|
|
resource: &CertChain<D>,
|
|
|
|
) -> (<CertChain<D> as Resource>::Artifact, Self::Prerequisites) {
|
|
|
|
(
|
|
|
|
PathArtifact(format!("/etc/ssl/local_certs/{}.chained.crt", resource.0.as_ref()).into()),
|
|
|
|
PathArtifact::from(format!(
|
|
|
|
"/etc/ssl/local_certs/{}.chained.crt",
|
|
|
|
resource.0.as_ref()
|
|
|
|
)),
|
|
|
|
Dir("/etc/ssl/local_certs".into()),
|
|
|
|
)
|
|
|
|
}
|
|
|
@ -101,7 +104,10 @@ impl<P, D: AsRef<str>> ResourceLocator<KeyAndCertBundle<D>> for DefaultLocator<P |
|
|
|
Self::Prerequisites,
|
|
|
|
) {
|
|
|
|
(
|
|
|
|
PathArtifact(format!("/etc/ssl/private/{}.with_key.crt", resource.0.as_ref()).into()),
|
|
|
|
PathArtifact::from(format!(
|
|
|
|
"/etc/ssl/private/{}.with_key.crt",
|
|
|
|
resource.0.as_ref()
|
|
|
|
)),
|
|
|
|
Dir("/etc/ssl/private".into()),
|
|
|
|
)
|
|
|
|
}
|
|
|
@ -152,7 +158,7 @@ impl<POLICY: Policy, P: AsRef<Path>> ResourceLocator<StoredDirectory<P>> |
|
|
|
<StoredDirectory<P> as Resource>::Artifact,
|
|
|
|
Self::Prerequisites,
|
|
|
|
) {
|
|
|
|
(PathArtifact(POLICY::path_for_data(resource.0)), ())
|
|
|
|
(PathArtifact::from(POLICY::path_for_data(resource.0)), ())
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
@ -167,7 +173,7 @@ impl<POLICY: Policy, P: AsRef<Path>> ResourceLocator<LoadedDirectory<P>> |
|
|
|
Self::Prerequisites,
|
|
|
|
) {
|
|
|
|
(
|
|
|
|
PathArtifact(POLICY::path_for_data(resource.0)),
|
|
|
|
PathArtifact::from(POLICY::path_for_data(resource.0)),
|
|
|
|
Dir(resource.1.as_ref().parent().unwrap().into()),
|
|
|
|
)
|
|
|
|
}
|
|
|
@ -180,7 +186,7 @@ impl<P: Policy> ResourceLocator<AcmeAccountKey> for DefaultLocator<P> { |
|
|
|
) -> (<AcmeAccountKey as Resource>::Artifact, Self::Prerequisites) {
|
|
|
|
let acme_user = P::acme_user();
|
|
|
|
let home = P::user_home(acme_user);
|
|
|
|
(PathArtifact(home.join("account.key")), Dir(home))
|
|
|
|
(PathArtifact::from(home.join("account.key")), Dir(home))
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
@ -202,7 +208,7 @@ impl<P: Policy> ResourceLocator<AcmeChallengesDir> for DefaultLocator<P> { |
|
|
|
) {
|
|
|
|
let acme_user = P::acme_user();
|
|
|
|
let home = P::user_home(acme_user);
|
|
|
|
(PathArtifact(home.join("challenges")), Dir(home))
|
|
|
|
(PathArtifact::from(home.join("challenges")), Dir(home))
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
@ -215,7 +221,7 @@ impl<P: Policy> ResourceLocator<AcmeChallengesNginxSnippet> for DefaultLocator<P |
|
|
|
Self::Prerequisites,
|
|
|
|
) {
|
|
|
|
(
|
|
|
|
PathArtifact("/etc/nginx/snippets/acme-challenge.conf".into()),
|
|
|
|
PathArtifact::from("/etc/nginx/snippets/acme-challenge.conf"),
|
|
|
|
(),
|
|
|
|
)
|
|
|
|
}
|
|
|
@ -229,7 +235,7 @@ impl<P: Policy> ResourceLocator<AcmeRootCert> for DefaultLocator<P> { |
|
|
|
let acme_user = P::acme_user();
|
|
|
|
let home = P::user_home(acme_user);
|
|
|
|
(
|
|
|
|
PathArtifact(home.join("lets_encrypt_x3_cross_signed.pem")),
|
|
|
|
PathArtifact::from(home.join("lets_encrypt_x3_cross_signed.pem")),
|
|
|
|
Dir(home),
|
|
|
|
)
|
|
|
|
}
|
|
|
@ -245,7 +251,7 @@ impl<P: Policy, D: AsRef<str>> ResourceLocator<UserForDomain<D>> for DefaultLoca |
|
|
|
) {
|
|
|
|
let user_name = P::user_name_for_domain(resource.0.as_ref());
|
|
|
|
let home = P::user_home(&user_name);
|
|
|
|
((UserNameArtifact(user_name), PathArtifact(home)), ())
|
|
|
|
((UserNameArtifact(user_name), PathArtifact::from(home)), ())
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
@ -268,7 +274,7 @@ impl<P> ResourceLocator<DefaultServer> for DefaultLocator<P> { |
|
|
|
fn locate(
|
|
|
|
_resource: &DefaultServer,
|
|
|
|
) -> (<DefaultServer as Resource>::Artifact, Self::Prerequisites) {
|
|
|
|
(PathArtifact("/etc/nginx/sites-enabled/default".into()), ())
|
|
|
|
(PathArtifact::from("/etc/nginx/sites-enabled/default"), ())
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
@ -278,7 +284,7 @@ impl<D: AsRef<Path>, POLICY> ResourceLocator<ServeCustom<D>> for DefaultLocator< |
|
|
|
resource: &ServeCustom<D>,
|
|
|
|
) -> (<ServeCustom<D> as Resource>::Artifact, Self::Prerequisites) {
|
|
|
|
(
|
|
|
|
PathArtifact(("/etc/nginx/sites-enabled/".as_ref() as &Path).join(&resource.0)),
|
|
|
|
PathArtifact::from(("/etc/nginx/sites-enabled/".as_ref() as &Path).join(&resource.0)),
|
|
|
|
(),
|
|
|
|
)
|
|
|
|
}
|
|
|
@ -290,7 +296,7 @@ impl<D: AsRef<Path>, P, POLICY> ResourceLocator<ServePhp<D, P>> for DefaultLocat |
|
|
|
resource: &ServePhp<D, P>,
|
|
|
|
) -> (<ServePhp<D, P> as Resource>::Artifact, Self::Prerequisites) {
|
|
|
|
(
|
|
|
|
PathArtifact(("/etc/nginx/sites-enabled/".as_ref() as &Path).join(&resource.0)),
|
|
|
|
PathArtifact::from(("/etc/nginx/sites-enabled/".as_ref() as &Path).join(&resource.0)),
|
|
|
|
(),
|
|
|
|
)
|
|
|
|
}
|
|
|
@ -305,7 +311,7 @@ impl<D: AsRef<Path>, P, POLICY> ResourceLocator<ServeService<D, P>> for DefaultL |
|
|
|
Self::Prerequisites,
|
|
|
|
) {
|
|
|
|
(
|
|
|
|
PathArtifact(("/etc/nginx/sites-enabled/".as_ref() as &Path).join(&resource.0)),
|
|
|
|
PathArtifact::from(("/etc/nginx/sites-enabled/".as_ref() as &Path).join(&resource.0)),
|
|
|
|
(),
|
|
|
|
)
|
|
|
|
}
|
|
|
@ -317,7 +323,7 @@ impl<D: AsRef<Path>, POLICY> ResourceLocator<ServeRedir<D>> for DefaultLocator<P |
|
|
|
resource: &ServeRedir<D>,
|
|
|
|
) -> (<ServeRedir<D> as Resource>::Artifact, Self::Prerequisites) {
|
|
|
|
(
|
|
|
|
PathArtifact(("/etc/nginx/sites-enabled/".as_ref() as &Path).join(&resource.0)),
|
|
|
|
PathArtifact::from(("/etc/nginx/sites-enabled/".as_ref() as &Path).join(&resource.0)),
|
|
|
|
(),
|
|
|
|
)
|
|
|
|
}
|
|
|
@ -332,7 +338,7 @@ impl<D: AsRef<Path>, P, POLICY> ResourceLocator<ServeStatic<D, P>> for DefaultLo |
|
|
|
Self::Prerequisites,
|
|
|
|
) {
|
|
|
|
(
|
|
|
|
PathArtifact(("/etc/nginx/sites-enabled/".as_ref() as &Path).join(&resource.0)),
|
|
|
|
PathArtifact::from(("/etc/nginx/sites-enabled/".as_ref() as &Path).join(&resource.0)),
|
|
|
|
(),
|
|
|
|
)
|
|
|
|
}
|
|
|
@ -347,8 +353,11 @@ impl<D: Clone + AsRef<str>, P: Policy> ResourceLocator<PhpFpmPool<D>> for Defaul |
|
|
|
let php_version = P::php_version();
|
|
|
|
(
|
|
|
|
(
|
|
|
|
PathArtifact(format!("/run/php/{}.sock", user.0).into()),
|
|
|
|
PathArtifact(format!("/etc/php/{}/fpm/pool.d/{}.conf", php_version, user.0).into()),
|
|
|
|
PathArtifact::from(format!("/run/php/{}.sock", user.0)),
|
|
|
|
PathArtifact::from(format!(
|
|
|
|
"/etc/php/{}/fpm/pool.d/{}.conf",
|
|
|
|
php_version, user.0
|
|
|
|
)),
|
|
|
|
user,
|
|
|
|
ServiceNameArtifact(format!("php{}-fpm", php_version)),
|
|
|
|
),
|
|
|
@ -368,12 +377,12 @@ impl<D: Clone + AsRef<str>, P, POLICY: Policy> ResourceLocator<SystemdSocketServ |
|
|
|
Self::Prerequisites,
|
|
|
|
) {
|
|
|
|
let ((user_name, home_path), ()) = Self::locate(&UserForDomain(&resource.0));
|
|
|
|
let config = home_path.0.join(".config");
|
|
|
|
let config = home_path.as_ref().join(".config");
|
|
|
|
let service_dir_path = config.join("systemd/user");
|
|
|
|
(
|
|
|
|
(
|
|
|
|
PathArtifact(format!("/var/tmp/{}-{}.socket", user_name.0, resource.1).into()),
|
|
|
|
PathArtifact(service_dir_path.join(format!("{}.service", resource.1))),
|
|
|
|
PathArtifact::from(format!("/var/tmp/{}-{}.socket", user_name.0, resource.1)),
|
|
|
|
PathArtifact::from(service_dir_path.join(format!("{}.service", resource.1))),
|
|
|
|
user_name.clone(),
|
|
|
|
),
|
|
|
|
(Dir(service_dir_path), Owner(user_name.0, config)),
|
|
|
@ -394,7 +403,7 @@ impl<D: AsRef<str>, P: Policy> ResourceLocator<MariaDbDatabase<D>> for DefaultLo |
|
|
|
(
|
|
|
|
DatabaseNameArtifact(user_name.0.clone()),
|
|
|
|
user_name.clone(),
|
|
|
|
PathArtifact(P::path_for_data(format!("{}.sql", user_name.0))),
|
|
|
|
PathArtifact::from(P::path_for_data(format!("{}.sql", user_name.0))),
|
|
|
|
),
|
|
|
|
(),
|
|
|
|
)
|
|
|
|