diff --git a/src/builder.rs b/src/builder.rs index fddb7fa..5652a07 100644 --- a/src/builder.rs +++ b/src/builder.rs @@ -1,9 +1,9 @@ use crate::command_runner::{SetuidCommandRunner, StdCommandRunner}; use crate::resources::{ - AcmeAccountKey, AcmeChallengesDir, AcmeChallengesNginxSnippet, AcmeUser, Cert, - CertChain, Cron, Csr, DefaultServer, Dir, File, GitCheckout, Key, KeyAndCertBundle, - LoadedDirectory, MariaDbDatabase, MariaDbUser, NpmInstall, Owner, PhpFpmPool, PostgresqlDatabase, - Resource, ServeCustom, ServePhp, ServeRedir, ServeService, ServeStatic, StoredDirectory, + AcmeAccountKey, AcmeChallengesDir, AcmeChallengesNginxSnippet, AcmeUser, Cert, CertChain, Cron, + Csr, DefaultServer, Dir, File, GitCheckout, Key, KeyAndCertBundle, LoadedDirectory, + MariaDbDatabase, MariaDbUser, NpmInstall, Owner, PhpFpmPool, PostgresqlDatabase, Resource, + ServeCustom, ServePhp, ServeRedir, ServeService, ServeStatic, StoredDirectory, SystemdSocketService, User, UserForDomain, WordpressPlugin, WordpressTranslation, }; use crate::storage::SimpleStorage; diff --git a/src/command_runner.rs b/src/command_runner.rs index 75a1d3b..3ef8934 100644 --- a/src/command_runner.rs +++ b/src/command_runner.rs @@ -29,10 +29,19 @@ pub fn is_success(res: Result) -> Result Result, Box> { +pub fn get_stdout(output: Output) -> Result, Box> { Ok(check_success(output)?.stdout) } +pub fn get_stderr_or_stdout(output: Output) -> Result, Box> { + let output = check_success(output)?; + Ok(if output.stderr.is_empty() { + output.stdout + } else { + output.stderr + }) +} + #[async_trait(?Send)] pub trait CommandRunner { async fn run<'a>(&self, program: &str, args: &'a [&'a OsStr], input: &[u8]) -> IoResult; @@ -46,7 +55,7 @@ pub trait CommandRunner { args: &'a [&'a OsStr], ) -> Result, Box> { let output = self.run_with_args(program, args).await?; - get_output(output) + get_stdout(output) } async fn run_successfully<'a>( &self, diff --git a/src/locator.rs b/src/locator.rs index 277566b..4ad4fbf 100644 --- a/src/locator.rs +++ b/src/locator.rs @@ -3,10 +3,10 @@ use crate::artifacts::{ UserName as UserNameArtifact, }; use crate::resources::{ - AcmeAccountKey, AcmeChallengesDir, AcmeChallengesNginxSnippet, AcmeUser, Cert, - CertChain, Cron, Csr, DefaultServer, Dir, File, GitCheckout, Key, KeyAndCertBundle, - LoadedDirectory, MariaDbDatabase, MariaDbUser, NpmInstall, Owner, PhpFpmPool, PostgresqlDatabase, - Resource, ServeCustom, ServePhp, ServeRedir, ServeService, ServeStatic, StoredDirectory, + AcmeAccountKey, AcmeChallengesDir, AcmeChallengesNginxSnippet, AcmeUser, Cert, CertChain, Cron, + Csr, DefaultServer, Dir, File, GitCheckout, Key, KeyAndCertBundle, LoadedDirectory, + MariaDbDatabase, MariaDbUser, NpmInstall, Owner, PhpFpmPool, PostgresqlDatabase, Resource, + ServeCustom, ServePhp, ServeRedir, ServeService, ServeStatic, StoredDirectory, SystemdSocketService, User, UserForDomain, WordpressPlugin, WordpressTranslation, }; use crate::to_artifact::ToArtifact; @@ -198,7 +198,10 @@ impl ResourceLocator for DefaultLocator

{ fn locate(_resource: &AcmeUser) -> (::Artifact, Self::Prerequisites) { let user_name = P::acme_user(); let home = P::user_home(&user_name); - ((UserNameArtifact(user_name.into()), PathArtifact::from(home)), ()) + ( + (UserNameArtifact(user_name.into()), PathArtifact::from(home)), + (), + ) } } diff --git a/src/setup/util.rs b/src/setup/util.rs index 6951165..315958e 100644 --- a/src/setup/util.rs +++ b/src/setup/util.rs @@ -108,7 +108,9 @@ impl Recorder { slog_term::CompactFormat::new(decorator).build(), move |record| record.level().is_at_least(filter_level), ); - let Ok(mutex) = Arc::try_unwrap(self.0) else { panic!("cannot unwrap Arc") }; // AsyncRecord does not implement Debug, so we cannot unwrap + let Ok(mutex) = Arc::try_unwrap(self.0) else { + panic!("cannot unwrap Arc") + }; // AsyncRecord does not implement Debug, so we cannot unwrap for record in mutex.into_inner().unwrap() { record.log_to(&drain).unwrap(); } diff --git a/src/symbols/acme/cert.rs b/src/symbols/acme/cert.rs index 955606b..6330c40 100644 --- a/src/symbols/acme/cert.rs +++ b/src/symbols/acme/cert.rs @@ -66,12 +66,18 @@ impl<_C: CommandRunner, C: Borrow<_C>, D: AsRef, P: AsRef> Symbol for ) .await?; if output.status.success() - && output.stdout + && (output.stdout == format!( "subject=CN = {}\nCertificate will not expire\n", self.domain.as_ref() ) .as_bytes() + || output.stdout + == format!( + "subject=CN={}\nCertificate will not expire\n", + self.domain.as_ref() + ) + .as_bytes()) { Ok( self @@ -94,12 +100,18 @@ impl<_C: CommandRunner, C: Borrow<_C>, D: AsRef, P: AsRef> Symbol for .is_ok(), ) } else if output.status.code() == Some(1) - && output.stdout + && (output.stdout == format!( "subject=CN = {}\nCertificate will expire\n", self.domain.as_ref() ) .as_bytes() + || output.stdout + == format!( + "subject=CN={}\nCertificate will expire\n", + self.domain.as_ref() + ) + .as_bytes()) { Ok(false) } else { diff --git a/src/symbols/cron.rs b/src/symbols/cron.rs index 1152a30..86cfd9f 100644 --- a/src/symbols/cron.rs +++ b/src/symbols/cron.rs @@ -37,7 +37,7 @@ impl, U: AsRef, R: CommandRunner> Symbol for Cron<'_, C, U, .run( "crontab", args!["-u", self.user.as_ref(), "-",], - self.content.as_ref(), + self.content.as_ref(), // input ) .await, )?; diff --git a/src/symbols/tls/csr.rs b/src/symbols/tls/csr.rs index a5894fd..21f1959 100644 --- a/src/symbols/tls/csr.rs +++ b/src/symbols/tls/csr.rs @@ -1,4 +1,4 @@ -use crate::command_runner::CommandRunner; +use crate::command_runner::{get_stderr_or_stdout, CommandRunner}; use crate::symbols::Symbol; use async_trait::async_trait; use std::borrow::Borrow; @@ -32,13 +32,14 @@ impl, K: AsRef, P: AsRef> Symbol fo return Ok(false); } - let output = self + let result = self .command_runner - .get_stderr( + .run_with_args( "openssl", args!["req", "-in", self.csr_path.as_ref(), "-noout", "-verify",], ) .await?; + let output = get_stderr_or_stdout(result)?; Ok(output == b"verify OK\n" || output == b"Certificate request self-signature verify OK\n") } diff --git a/src/symbols/user.rs b/src/symbols/user.rs index c32bec3..ddde440 100644 --- a/src/symbols/user.rs +++ b/src/symbols/user.rs @@ -3,8 +3,8 @@ use crate::symbols::Symbol; use async_trait::async_trait; use once_cell::sync::Lazy; use std::error::Error; -use tokio::sync::Semaphore; use std::path::Path; +use tokio::sync::Semaphore; pub type Wait = Lazy; static WAIT: Wait = Lazy::new(|| Semaphore::new(1)); @@ -74,6 +74,7 @@ mod test { let symbol = User { user_name: "nonexisting", command_runner: StdCommandRunner, + home_path: "/home/nonexisting", }; assert_eq!(run(symbol.target_reached()).unwrap(), false); } @@ -83,6 +84,7 @@ mod test { let symbol = User { user_name: "root", command_runner: StdCommandRunner, + home_path: "/root", }; assert_eq!(run(symbol.target_reached()).unwrap(), true); } diff --git a/tests/setup.rs b/tests/setup.rs index 1603f86..2b2e856 100644 --- a/tests/setup.rs +++ b/tests/setup.rs @@ -61,7 +61,7 @@ fn test( #[test] fn can_create_an_acme_user() { let mut result = test(1, |setup| { - assert_eq!(&*(run(setup.add(AcmeUser)).unwrap().0).0, "acme"); + assert_eq!(((run(setup.add(AcmeUser)).unwrap().0).0).0.as_ref(), "acme"); }); let entry = result .pop() @@ -127,7 +127,7 @@ fn can_create_an_acme_cert() { .pop() .expect("log is empty but should contain one entry"); assert_eq!(entry.0, 3, "log entry has wrong level"); - assert_eq!(entry.1.matches("run_symbol").count(), 19); + assert_eq!(entry.1.matches("run_symbol").count(), 18); assert_eq!(result.len(), 0, "log has more than one entry"); }