diff options
author | joe <joe@jerkface.net> | 2016-05-01 22:51:52 +0000 |
---|---|---|
committer | joe <joe@jerkface.net> | 2016-05-01 22:51:52 +0000 |
commit | 1822704b7cb39eb890b81b270143e7d9eb319f2b (patch) | |
tree | 69577e12c3eb10321f5ee1fadbbdaaf75e23e1ed /cokiki.hs | |
parent | 0350974ec8a91127d0c43dc826234774181544b7 (diff) |
Handle ipsec.secret
Diffstat (limited to 'cokiki.hs')
-rw-r--r-- | cokiki.hs | 16 |
1 files changed, 14 insertions, 2 deletions
@@ -132,17 +132,29 @@ sshServer uid root cmn = whenRoot uid root cmn $ do | |||
132 | Kiki.importAndRefresh root cmn | 132 | Kiki.importAndRefresh root cmn |
133 | 133 | ||
134 | strongswan uid root cmn = whenRoot uid root cmn $ do | 134 | strongswan uid root cmn = whenRoot uid root cmn $ do |
135 | -- (1) /etc/ipsec.conf <-- 'include /var/cache/kiki/config/ipsec.conf' | ||
135 | -- Parsing as if ssh config, that's not right, but good enough for now. | 136 | -- Parsing as if ssh config, that's not right, but good enough for now. |
136 | ipsecconf <- parseSshConfig . fromMaybe "" <$> maybeReadFile (root "/etc/ipsec.conf") | 137 | ipsecconf <- parseSshConfig . fromMaybe "" <$> maybeReadFile (root "/etc/ipsec.conf") |
137 | let p:gs = groupBy (\_ d -> not $ sshIsDirective "include" d) $ ["#"]:ipsecconf | 138 | let p:gs = groupBy (\_ d -> not $ sshIsDirective "include" d) $ ["#"]:ipsecconf |
138 | got = filter (\(d:ds) -> elem "/var/cache/kiki/config/ipsec.conf" d) gs | 139 | got = filter (\(d:ds) -> elem "/var/cache/kiki/config/ipsec.conf" d) gs |
139 | case got of | 140 | case got of |
140 | _:_ -> do hPutStrLn stderr "ipsec already configured." | 141 | _:_ -> do hPutStrLn stderr "ipsec.conf already configured." |
141 | [] -> do let ipsecconf' = drop 1 $ ipsecconf ++ [stmt] | 142 | [] -> do let ipsecconf' = drop 1 $ ipsecconf ++ [stmt] |
142 | stmt = ["include", " ", "/var/cache/kiki/config/ipsec.conf"] | 143 | stmt = ["include", " ", "/var/cache/kiki/config/ipsec.conf"] |
143 | hPutStrLn stderr "adding include directive" | 144 | hPutStrLn stderr "adding include directive" |
144 | myWriteFile (root "/etc/ipsec.conf") $ unparseSshConfig ipsecconf' | 145 | myWriteFile (root "/etc/ipsec.conf") $ unparseSshConfig ipsecconf' |
145 | -- etc/ipsec.conf <-- 'include /var/cache/kiki/ipsec.conf' | 146 | |
147 | -- (2) /etc/ipsec.secrets/ <- include /var/cache/kiki/config/ipsec.secrets | ||
148 | -- Parsing as if ssh config, that's not right, but good enough for now. | ||
149 | ipsecconf <- parseSshConfig . fromMaybe "" <$> maybeReadFile (root "/etc/ipsec.secrets") | ||
150 | let p:gs = groupBy (\_ d -> not $ sshIsDirective "include" d) $ ["#"]:ipsecconf | ||
151 | got = filter (\(d:ds) -> elem "/var/cache/kiki/config/ipsec.secrets" d) gs | ||
152 | case got of | ||
153 | _:_ -> do hPutStrLn stderr "ipsec.secrets already configured." | ||
154 | [] -> do let ipsecconf' = drop 1 $ ipsecconf ++ [stmt] | ||
155 | stmt = ["include", " ", "/var/cache/kiki/config/ipsec.secrets"] | ||
156 | hPutStrLn stderr "adding include directive" | ||
157 | myWriteFile (root "/etc/ipsec.secrets") $ unparseSshConfig ipsecconf' | ||
146 | Kiki.importAndRefresh root cmn | 158 | Kiki.importAndRefresh root cmn |
147 | 159 | ||
148 | configureTor uid root cmn = whenRoot uid root cmn $ do | 160 | configureTor uid root cmn = whenRoot uid root cmn $ do |