diff --git a/src/build.rs b/src/build.rs index b0cdc19..d61b81b 100644 --- a/src/build.rs +++ b/src/build.rs @@ -19,6 +19,6 @@ pub fn create_static_output_files(source_dir: &str) { let mut buffer = String::new(); File::open(file_path.clone()).unwrap().read_to_string(&mut buffer).unwrap(); let fence = buffer.chars().filter(|c| *c == '#').collect::() + "#"; - f.write_all(format!("pub const {}: &'static str = r{1}\"{2}\"{1};\n", get_const_name(&file_path), fence, buffer).as_bytes()).unwrap(); + f.write_all(format!("pub const {}: &str = r{1}\"{2}\"{1};\n", get_const_name(&file_path), fence, buffer).as_bytes()).unwrap(); } } diff --git a/src/symbols/factory.rs b/src/symbols/factory.rs index 59b793f..0d399ed 100644 --- a/src/symbols/factory.rs +++ b/src/symbols/factory.rs @@ -11,7 +11,7 @@ use symbols::git::checkout::GitCheckout; use symbols::hook::Hook; use symbols::list::ListAction; use symbols::mariadb::{DatabaseDump, MariaDBDatabase, MariaDBUser}; -use symbols::nginx::server::{NginxServer, server_config}; +use symbols::nginx::server::{NginxServer, server_config, php_server_config_snippet}; use symbols::owner::Owner; use symbols::stored_directory::{StoredDirectory, StorageDirection}; use symbols::systemd::reload::ReloadService; @@ -19,6 +19,9 @@ use symbols::tls::SelfSignedTlsCert; pub trait Policy { fn user_name_for_host(&self, host_name: &'static str) -> String; + fn home_for_user(&self, user_name: &str) -> String { + format!("/home/{}", user_name) + } } pub struct DefaultPolicy; @@ -115,6 +118,24 @@ pm.max_children = 10" ])) } + pub fn serve_wordpress<'a>(&'a self, host_name: &'static str, root_dir: Cow<'a, str>) -> Box { + let user_name = self.policy.user_name_for_host(host_name); + let socket = self.get_php_fpm_pool_socket_path(&user_name); + Box::new(ListAction::new(vec![ + self.get_php_fpm_pool(&user_name), + self.get_nginx_acme_server(host_name, + NginxServer::new( + host_name, + server_config(host_name, &format!("{} + location / {{ + try_files $uri $uri/ /index.php?$args; + }} + ", php_server_config_snippet(socket.into(), root_dir))), + self.command_runner + )) + ])) + } + pub fn serve_dokuwiki<'a>(&'a self, host_name: &'static str, root_dir: &'static str) -> Box { let user_name = self.policy.user_name_for_host(host_name); let socket = self.get_php_fpm_pool_socket_path(&user_name); @@ -123,7 +144,7 @@ pm.max_children = 10" self.get_nginx_acme_server(host_name, NginxServer::new( host_name, - server_config("hostname", &format!(" + server_config(host_name, &format!(" root {}; index doku.php; location ~ [^/]\\.php(/|$) {{ @@ -150,6 +171,68 @@ pm.max_children = 10" ])) } + pub fn serve_nextcloud<'a>(&'a self, host_name: &'static str, root_dir: Cow<'a, str>) -> Box { + let user_name = self.policy.user_name_for_host(host_name); + let socket = self.get_php_fpm_pool_socket_path(&user_name); + Box::new(ListAction::new(vec![ + self.get_php_fpm_pool(&user_name), + self.get_nginx_acme_server(host_name, + NginxServer::new( + host_name, + server_config(host_name, &format!("{} + client_max_body_size 500M; + + # Disable gzip to avoid the removal of the ETag header + gzip off; + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 /core/templates/403.php; + error_page 404 /core/templates/404.php; + + location = /robots.txt {{ + allow all; + log_not_found off; + access_log off; + }} + + location ~ ^/(?:\\.htaccess|data|config|db_structure\\.xml|README) {{ + deny all; + }} + + location / {{ + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + + rewrite ^(/core/doc/[^\\/]+/)$ $1/index.html; + + try_files $uri $uri/ /index.php; + }} + + # Adding the cache control header for js and css files + # Make sure it is BELOW the location ~ \\.php(?:$|/) {{ block + location ~* \\.(?:css|js)$ {{ + add_header Cache-Control \"public, max-age=7200\"; + # Optional: Don't log access to assets + access_log off; + }} + + # Optional: Don't log access to other assets + location ~* \\.(?:jpg|jpeg|gif|bmp|ico|png|swf)$ {{ + access_log off; + }} + ", php_server_config_snippet(socket.into(), root_dir))), + self.command_runner + )) + ])) + } + pub fn serve_redir<'a>(&'a self, host_name: &'static str, target: &'static str) -> Box { self.get_nginx_acme_server(host_name, NginxServer::new_redir(host_name, target, self.command_runner)) } diff --git a/src/symbols/mod.rs b/src/symbols/mod.rs index 875b389..44d79a2 100644 --- a/src/symbols/mod.rs +++ b/src/symbols/mod.rs @@ -74,8 +74,10 @@ pub mod hook; pub mod list; pub mod mariadb; pub mod nginx; +pub mod noop; pub mod npm; pub mod owner; +pub mod postgresql; pub mod stored_directory; pub mod systemd; pub mod tls; diff --git a/src/symbols/nginx/server.rs b/src/symbols/nginx/server.rs index 135da49..babb69a 100644 --- a/src/symbols/nginx/server.rs +++ b/src/symbols/nginx/server.rs @@ -50,17 +50,6 @@ use std::borrow::Cow; pub fn server_config(domain: &str, content: &str) -> String { format!("server {{ - listen 80; - server_name {0}; - include \"snippets/acme-challenge.conf\"; - - location / {{ - # Redirect all HTTP links to the matching HTTPS page - return 301 https://$host$request_uri; - }} -}} - -server {{ listen 443 ssl http2; server_name {0}; include \"snippets/acme-challenge.conf\"; @@ -71,9 +60,54 @@ server {{ {1} }} + +# Redirect all HTTP links to the matching HTTPS page +server {{ + listen 80; + server_name {0}; + include \"snippets/acme-challenge.conf\"; + + location / {{ + return 301 https://$host$request_uri; + }} +}} ", domain, content) } +pub fn php_server_config_snippet<'a>(socket_path: Cow<'a, str>, static_path: Cow<'a, str>) -> String { + format!(" + root {}; + index index.html index.php; + location ~ [^/]\\.php(/|$) {{ + fastcgi_pass unix:{}; + include \"snippets/fastcgi-php.conf\"; + }}", static_path, socket_path) +} + +pub trait SocketSpec { + fn to_nginx(&self) -> String; +} + +impl SocketSpec for &str { + fn to_nginx(&self) -> String { + format!("unix:{}:", self) + } +} + +pub struct LocalTcpSocket(usize); + +impl LocalTcpSocket { + pub fn new(x: usize) -> Self { + LocalTcpSocket(x) + } +} + +impl SocketSpec for LocalTcpSocket { + fn to_nginx(&self) -> String { + format!("localhost:{}", self.0) + } +} + impl<'a, C: CommandRunner> NginxServer<'a, C, String> { pub fn new_redir(domain: &'a str, target: &'a str, command_runner: &'a C) -> Self { let content = server_config(domain, &format!("location / {{ @@ -82,16 +116,16 @@ impl<'a, C: CommandRunner> NginxServer<'a, C, String> { NginxServer::new(domain, content, command_runner) } - pub fn new_proxy(domain: &'a str, socket_path: &'a str, static_path: &'a str, command_runner: &'a C) -> Self { + pub fn new_proxy(domain: &'a str, socket_path: S, static_path: &'a str, command_runner: &'a C) -> Self { let proxy_content = format!("location / {{ try_files $uri @proxy; }} location @proxy {{ include fastcgi_params; - proxy_pass http://unix:{}:; + proxy_pass http://{}; proxy_redirect off; -}}", socket_path); +}}", socket_path.to_nginx()); let content = server_config(domain, &format!(" root {}; @@ -101,14 +135,7 @@ location @proxy {{ } pub fn new_php(domain: &'a str, socket_path: Cow<'a, str>, static_path: Cow<'a, str>, command_runner: &'a C) -> Self { - let content = server_config(domain, &format!(" - root {}; - index index.html index.php; - location ~ [^/]\\.php(/|$) {{ - fastcgi_pass unix:{}; - include \"snippets/fastcgi-php.conf\"; - }} -", static_path, socket_path)); + let content = server_config(domain, &php_server_config_snippet(socket_path, static_path)); NginxServer::new(domain, content, command_runner) } diff --git a/src/symbols/noop.rs b/src/symbols/noop.rs new file mode 100644 index 0000000..62a07f1 --- /dev/null +++ b/src/symbols/noop.rs @@ -0,0 +1,29 @@ +use std::error::Error; +use std::fmt::{self, Display}; + +use symbols::{Action, OwnedSymbolAction, Symbol, SymbolAction, SymbolRunner}; + +pub struct NoopSymbol; + +impl Symbol for NoopSymbol { + fn target_reached(&self) -> Result> { + Ok(true) + } + fn execute(&self) -> Result<(), Box> { + Ok(()) + } + fn as_action<'a>(&'a self, runner: &'a SymbolRunner) -> Box { + Box::new(SymbolAction::new(runner, self)) + } + + fn into_action<'a>(self: Box, runner: &'a SymbolRunner) -> Box where Self: 'a { + Box::new(OwnedSymbolAction::new(runner, *self)) + } +} + +impl Display for NoopSymbol { + fn fmt(&self, f: &mut fmt::Formatter) -> Result<(), fmt::Error>{ + write!(f, "Noop") + } +} + diff --git a/src/symbols/postgresql/database.rs b/src/symbols/postgresql/database.rs new file mode 100644 index 0000000..9ed8535 --- /dev/null +++ b/src/symbols/postgresql/database.rs @@ -0,0 +1,53 @@ +use std::borrow::Cow; +use std::error::Error; +use std::fmt; + +use command_runner::CommandRunner; +use symbols::{Action, OwnedSymbolAction, Symbol, SymbolAction, SymbolRunner}; + +pub struct PostgreSQLDatabase<'a, C: 'a + CommandRunner> { + name: Cow<'a, str>, + seed_file: Cow<'a, str>, + command_runner: &'a C +} + +impl<'a, C: CommandRunner> PostgreSQLDatabase<'a, C> { + pub fn new(name: Cow<'a, str>, seed_file: Cow<'a, str>, command_runner: &'a C) -> Self { + PostgreSQLDatabase { name, seed_file, command_runner } + } + + fn run_sql(&self, sql: &str) -> Result> { + let b = try!(self.command_runner.get_output("su", &["-", "postgres", "-c", &format!("psql -t -c \"{}\"", sql)])); + Ok(try!(String::from_utf8(b))) + } +} + +impl<'a, C: CommandRunner> fmt::Display for PostgreSQLDatabase<'a, C> { + fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result { + write!(f, "PostgreSQL Database {}", self.name) + } +} + +impl<'a, C: CommandRunner> Symbol for PostgreSQLDatabase<'a, C> { + fn target_reached(&self) -> Result> { + Ok(try!(self.run_sql(&format!("SELECT datname FROM pg_database WHERE datname LIKE '{}'", self.name))).trim() == self.name) + } + + fn execute(&self) -> Result<(), Box> { + self.command_runner.run_successfully("su", &["-", "postgres", "-c", &format!("createuser {}", self.name)])?; + self.command_runner.run_successfully("su", &["-", "postgres", "-c", &format!("createdb -E UTF8 -T template0 -O {} {0}", self.name)])?; + self.command_runner.run_successfully("su", &["-", "postgres", "-c", &format!("psql '{}' < {}", self.name, self.seed_file)]) + } + + fn as_action<'b>(&'b self, runner: &'b SymbolRunner) -> Box { + Box::new(SymbolAction::new(runner, self)) + } + + fn into_action<'b>(self: Box, runner: &'b SymbolRunner) -> Box where Self: 'b { + Box::new(OwnedSymbolAction::new(runner, *self)) + } +} + +#[cfg(test)] +mod test { +} diff --git a/src/symbols/postgresql/database_dump.rs b/src/symbols/postgresql/database_dump.rs new file mode 100644 index 0000000..9098f6d --- /dev/null +++ b/src/symbols/postgresql/database_dump.rs @@ -0,0 +1,55 @@ +use std::error::Error; +use std::fmt; +use std::str::FromStr; + +use command_runner::CommandRunner; +use symbols::{Action, OwnedSymbolAction, Symbol, SymbolAction, SymbolRunner}; +use storage::Storage; + +pub struct DatabaseDump<'a, N, C, S> where N: 'a + AsRef, C: 'a + CommandRunner, S: Storage { + db_name: N, + storage: S, + command_runner: &'a C +} + +impl<'a, N: AsRef, C: CommandRunner, S: Storage> DatabaseDump<'a, N, C, S> { + pub fn new(db_name: N, storage: S, command_runner: &'a C) -> Self { + DatabaseDump { db_name, storage, command_runner } + } + + fn run_sql(&self, sql: &str) -> Result> { + let b = try!(self.command_runner.get_output("mariadb", &["--skip-column-names", "-B", "-e", sql])); + Ok(try!(String::from_utf8(b))) + } +} + +impl<'a, N: AsRef, C: CommandRunner, S: Storage> fmt::Display for DatabaseDump<'a, N, C, S> { + fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result { + write!(f, "Dump MariaDB Database {}", self.db_name.as_ref()) + } +} + +impl<'a, N: AsRef, C: CommandRunner, S: Storage> Symbol for DatabaseDump<'a, N, C, S> { + fn target_reached(&self) -> Result> { + let dump_date = try!(self.storage.recent_date()); + let modified_date = try!(self.run_sql(&format!("select UNIX_TIMESTAMP(MAX(UPDATE_TIME)) from information_schema.tables WHERE table_schema = '{}'", self.db_name.as_ref()))); + if modified_date.trim_right() == "NULL" { return Ok(false); } + Ok(try!(u64::from_str(modified_date.trim_right())) <= dump_date) + } + + fn execute(&self) -> Result<(), Box> { + self.command_runner.run_successfully("sh", &["-c", &format!("mysqldump '{}' > {}", self.db_name.as_ref(), self.storage.write_filename())]) + } + + fn as_action<'b>(&'b self, runner: &'b SymbolRunner) -> Box { + Box::new(SymbolAction::new(runner, self)) + } + + fn into_action<'b>(self: Box, runner: &'b SymbolRunner) -> Box where Self: 'b { + Box::new(OwnedSymbolAction::new(runner, *self)) + } +} + +#[cfg(test)] +mod test { +} diff --git a/src/symbols/postgresql/mod.rs b/src/symbols/postgresql/mod.rs new file mode 100644 index 0000000..4a2a535 --- /dev/null +++ b/src/symbols/postgresql/mod.rs @@ -0,0 +1,5 @@ +mod database; +mod database_dump; + +pub use self::database::PostgreSQLDatabase; +//pub use self::database_dump::PostgreSQLDump;