begin to implement user service

author: Andrew Cady <d@jerkface.net> 2023-05-27 15:55:07 -0400
committer: Andrew Cady <d@jerkface.net> 2023-05-27 15:55:07 -0400
commit: f2ac2fe76e6d8fcad24daa1f8c16e207e95465f1 (patch)
tree: cb512e4ccc8c66f24ed2619b40f6a9e355e2f92e
parent: c9316cfc8e206a54973976eae71649007eef2720 (diff)
4 files changed, 62 insertions, 1 deletions
diff --git a/Makefile b/Makefile
index e8c4a45..12b9329 100644
--- a/Makefile
+++ b/Makefile
@@ -1,4 +1,6 @@
+ifneq (0,$(shell id -u))
 fossil_database = db
+unitdir = "$${XDG_CONFIG_HOME:-$$HOME/.config}/systemd/user"
 unit_instance_name != systemd-escape "$$(realpath "$(fossil_database)")"
 our_name = fossil-sync
 unit_files_basenames = $(addprefix $(our_name)@.,service path timer)
@@ -8,7 +10,9 @@ unit_instance = $(our_name)@$(unit_instance_name).service
 default: install start ui
 install:
-        systemctl --user link $(addprefix ./, $(unit_files))
+        install -m644 -t $(unitdir) -- $(unit_files)
+        systemctl --user daemon-reload
+        sudo make $@
 start stop restart status show: | $(fossil_database)
        systemctl --user $@ $(unit_instances)
 follow:
@@ -29,3 +33,20 @@ work:
        mkdir -p $@
 work/.fslckout: | work $(fossil_database)
        cd work && fossil open ../$(fossil_database)
+else
+unitdir = /etc/systemd/system
+unit_files = $(addprefix src/fossil-user,@.service .socket)
+units = $(filter-out %@.service,$(notdir $(unit_files)))
+executables = src/endofossil
+bindir = /usr/local/bin
+default: install start follow
+install:
+        install -m644 -t $(unitdir) -- $(unit_files)
+        install -t $(bindir) -- $(executables)
+        systemctl daemon-reload
+start stop restart status show:
+        systemctl $@ $(units)
+follow:
+        journalctl $(addprefix -u , $(units)) -f
+endif
diff --git a/src/endofossil b/src/endofossil
new file mode 100644
index 0000000..401806f
--- /dev/null
+++ b/src/endofossil
@@ -0,0 +1,29 @@
+#!/bin/bash
+set -e
+IFS=/ read n pid uid <<< "$1"
+[ "$pid" ]
+authtype=
+while read -d ''
+do
+    case "${REPLY%%=*}" in
+        'SSH_USER_AUTH' ) read authtype keytype keyvalue < "${REPLY#*=}" ;;
+    esac
+done < /proc/$pid/environ
+[ "$authtype" = publickey ]
+keyhash=
+while read
+do
+    set -- $REPLY
+    if [ "$3 $5" = 'SSHFP 2' ]
+    then
+        keyhash=$6
+        break
+    fi
+done < <(ssh-keygen -f <(printf '%s\n' "$keytype $keyvalue") -r .)
+[ "$keyhash" ]
+printf '%s\n' "$keyhash"
diff --git a/src/fossil-user.socket b/src/fossil-user.socket
new file mode 100644
index 0000000..eab5a51
--- /dev/null
+++ b/src/fossil-user.socket
@@ -0,0 +1,5 @@
+[Socket]
+Accept = yes
+ListenStream = /run/fossil-user.S
+SocketUser = d
+SocketMode = 0600
diff --git a/src/fossil-user@.service b/src/fossil-user@.service
new file mode 100644
index 0000000..1b70358
--- /dev/null
+++ b/src/fossil-user@.service
@@ -0,0 +1,6 @@
+[Unit]
+Description = Fossil server process
+[Service]
+StandardInput=socket
+ExecStart = endofossil '%I'
author	Andrew Cady <d@jerkface.net>	2023-05-27 15:55:07 -0400
committer	Andrew Cady <d@jerkface.net>	2023-05-27 15:55:07 -0400
commit	f2ac2fe76e6d8fcad24daa1f8c16e207e95465f1 (patch)
tree	cb512e4ccc8c66f24ed2619b40f6a9e355e2f92e
parent	c9316cfc8e206a54973976eae71649007eef2720 (diff)

diff --git a/Makefile b/Makefile index e8c4a45..12b9329 100644 --- a/Makefile +++ b/Makefile
@@ -1,4 +1,6 @@
		1	ifneq (0,$(shell id -u))
1	fossil_database = db	2	fossil_database = db
		3	unitdir = "$${XDG_CONFIG_HOME:-$$HOME/.config}/systemd/user"
2	unit_instance_name != systemd-escape "$$(realpath "$(fossil_database)")"	4	unit_instance_name != systemd-escape "$$(realpath "$(fossil_database)")"
3	our_name = fossil-sync	5	our_name = fossil-sync
4	unit_files_basenames = $(addprefix $(our_name)@.,service path timer)	6	unit_files_basenames = $(addprefix $(our_name)@.,service path timer)
@@ -8,7 +10,9 @@ unit_instance = $(our_name)@$(unit_instance_name).service
8		10
9	default: install start ui	11	default: install start ui
10	install:	12	install:
11	systemctl --user link $(addprefix ./, $(unit_files))	13	install -m644 -t $(unitdir) -- $(unit_files)
		14	systemctl --user daemon-reload
		15	sudo make $@
12	start stop restart status show: \| $(fossil_database)	16	start stop restart status show: \| $(fossil_database)
13	systemctl --user $@ $(unit_instances)	17	systemctl --user $@ $(unit_instances)
14	follow:	18	follow:
@@ -29,3 +33,20 @@ work:
29	mkdir -p $@	33	mkdir -p $@
30	work/.fslckout: \| work $(fossil_database)	34	work/.fslckout: \| work $(fossil_database)
31	cd work && fossil open ../$(fossil_database)	35	cd work && fossil open ../$(fossil_database)
		36	else
		37	unitdir = /etc/systemd/system
		38	unit_files = $(addprefix src/fossil-user,@.service .socket)
		39	units = $(filter-out %@.service,$(notdir $(unit_files)))
		40	executables = src/endofossil
		41	bindir = /usr/local/bin
		42
		43	default: install start follow
		44	install:
		45	install -m644 -t $(unitdir) -- $(unit_files)
		46	install -t $(bindir) -- $(executables)
		47	systemctl daemon-reload
		48	start stop restart status show:
		49	systemctl $@ $(units)
		50	follow:
		51	journalctl $(addprefix -u , $(units)) -f
		52	endif


diff --git a/src/endofossil b/src/endofossil new file mode 100644 index 0000000..401806f --- /dev/null +++ b/src/endofossil
@@ -0,0 +1,29 @@
		1	#!/bin/bash
		2	set -e
		3
		4
		5	IFS=/ read n pid uid <<< "$1"
		6	[ "$pid" ]
		7
		8	authtype=
		9	while read -d ''
		10	do
		11	case "${REPLY%%=*}" in
		12	'SSH_USER_AUTH' ) read authtype keytype keyvalue < "${REPLY#*=}" ;;
		13	esac
		14	done < /proc/$pid/environ
		15	[ "$authtype" = publickey ]
		16
		17	keyhash=
		18	while read
		19	do
		20	set -- $REPLY
		21	if [ "$3 $5" = 'SSHFP 2' ]
		22	then
		23	keyhash=$6
		24	break
		25	fi
		26	done < <(ssh-keygen -f <(printf '%s\n' "$keytype $keyvalue") -r .)
		27	[ "$keyhash" ]
		28
		29	printf '%s\n' "$keyhash"


diff --git a/src/fossil-user.socket b/src/fossil-user.socket new file mode 100644 index 0000000..eab5a51 --- /dev/null +++ b/src/fossil-user.socket
@@ -0,0 +1,5 @@
		1	[Socket]
		2	Accept = yes
		3	ListenStream = /run/fossil-user.S
		4	SocketUser = d
		5	SocketMode = 0600


diff --git a/src/fossil-user@.service b/src/fossil-user@.service new file mode 100644 index 0000000..1b70358 --- /dev/null +++ b/src/fossil-user@.service
@@ -0,0 +1,6 @@
		1	[Unit]
		2	Description = Fossil server process
		3
		4	[Service]
		5	StandardInput=socket
		6	ExecStart = endofossil '%I'