Merge lost Sweeden commits.

author: joe <joe@jerkface.net> 2016-08-30 04:23:05 -0400
committer: joe <joe@jerkface.net> 2016-08-30 04:23:05 -0400
commit: 78e4b9e9281560d0949af913ea01460eb9295af9 (patch)
tree: bd924c1961f72997d37701fb9d5cf4d602ab5033 /cokiki.hs
parent: f49d101051e109be3d8c9a75730f42b999e0f110 (diff)
parent: c4a01a2f5f8021f390c4f58b6e4ebc6a62557b9b (diff)
1 files changed, 31 insertions, 5 deletions
diff --git a/cokiki.hs b/cokiki.hs
index 54cc4ba..b6d94a0 100644
--- a/cokiki.hs
+++ b/cokiki.hs
@@ -20,6 +20,7 @@ import System.IO
 import System.Posix.User
 import CommandLine
 import Data.OpenPGP (SymmetricAlgorithm(Unencrypted))
+import qualified Hosts
 usage = unlines
    [ "cokiki <command> [--chroot=ROOTDIR]"
@@ -42,17 +43,20 @@ usage = unlines
    , "COMMANDS"
    , ""
    , "  ssh-client   Modify system ssh configuration to respect"
-    , "               /var/cache/kiki/ssh_known_hosts."
+    , "               /var/cache/kiki/config/ssh_known_hosts."
    , ""
    , "  ssh-server   Modify system ssh configuration to use the"
    , "               kiki-managed host key at"
-    , "               /var/cache/kiki/ssh_host_rsa_key."
+    , "               /var/cache/kiki/config/ssh_host_rsa_key."
    , ""
    , "  strongswan   Modify /etc/ipsec.conf to include settings from"
-    , "               /var/cache/kiki/ipsec.conf."
+    , "               /var/cache/kiki/config/ipsec.conf."
    , ""
    , "  tor          Modify /etc/tor/torrc to configure a tor hidden"
    , "               service for email (smtp), ssh, and http ports."
+    , ""
+    , "  hosts        Merge hostnames from /var/cache/kiki/config/hosts"
+    , "               into system file /etc/hosts."
    ]
 main = do
@@ -63,6 +67,7 @@ main = do
                ["ssh-server"] -> Just $ sshServer  uid <$> Kiki.ㄧchroot <*> Kiki.ㄧhomedir
                ["strongswan"] -> Just $ strongswan uid <$> Kiki.ㄧchroot <*> Kiki.ㄧhomedir
                ["tor"]        -> Just $ configureTor uid <$> Kiki.ㄧchroot <*> Kiki.ㄧhomedir
+                ["hosts"]      -> Just $ configureHosts uid <$> Kiki.ㄧchroot <*> Kiki.ㄧhomedir
                _ -> Nothing
        spec = uncurry fancy Kiki.kikiOptions ""
        errorQuit msg = do
@@ -78,6 +83,7 @@ main = do
 maybeReadFile :: FilePath -> IO (Maybe L.ByteString)
 maybeReadFile path = do
    doesFileExist path >>= bool (return Nothing) (Just <$> L.readFile path)
 myWriteFile f bs = do
    createDirectoryIfMissing True (takeDirectory f)
    hPutStrLn stderr $ "Writing "++f
@@ -133,17 +139,29 @@ sshServer uid root cmn = whenRoot uid root cmn $ do
    Kiki.importAndRefresh root cmn Unencrypted
 strongswan uid root cmn = whenRoot uid root cmn $ do
+    -- (1) /etc/ipsec.conf    <--  'include /var/cache/kiki/config/ipsec.conf'
    -- Parsing as if ssh config, that's not right, but good enough for now.
    ipsecconf <- parseSshConfig . fromMaybe "" <$> maybeReadFile (root "/etc/ipsec.conf")
    let p:gs = groupBy (\_ d -> not $ sshIsDirective "include" d) $ ["#"]:ipsecconf
        got = filter (\(d:ds) -> elem "/var/cache/kiki/config/ipsec.conf" d) gs
    case got of
-        _:_ -> do hPutStrLn stderr "ipsec already configured."
+        _:_ -> do hPutStrLn stderr "ipsec.conf already configured."
        [] -> do let ipsecconf' = drop 1 $ ipsecconf ++ [stmt]
                     stmt = ["include", " ", "/var/cache/kiki/config/ipsec.conf"]
                 hPutStrLn stderr "adding include directive"
                 myWriteFile (root "/etc/ipsec.conf") $ unparseSshConfig ipsecconf'
-    -- etc/ipsec.conf    <--  'include /var/cache/kiki/ipsec.conf'
+    -- (2) /etc/ipsec.secrets/ <- include /var/cache/kiki/config/ipsec.secrets
+    -- Parsing as if ssh config, that's not right, but good enough for now.
+    ipsecconf <- parseSshConfig . fromMaybe "" <$> maybeReadFile (root "/etc/ipsec.secrets")
+    let p:gs = groupBy (\_ d -> not $ sshIsDirective "include" d) $ ["#"]:ipsecconf
+        got = filter (\(d:ds) -> elem "/var/cache/kiki/config/ipsec.secrets" d) gs
+    case got of
+        _:_ -> do hPutStrLn stderr "ipsec.secrets already configured."
+        [] -> do let ipsecconf' = drop 1 $ ipsecconf ++ [stmt]
+                     stmt = ["include", " ", "/var/cache/kiki/config/ipsec.secrets"]
+                 hPutStrLn stderr "adding include directive"
+                 myWriteFile (root "/etc/ipsec.secrets") $ unparseSshConfig ipsecconf'
    Kiki.importAndRefresh root cmn Unencrypted
 configureTor uid root cmn = whenRoot uid root cmn $ do
@@ -201,6 +219,14 @@ configureTor uid root cmn = whenRoot uid root cmn $ do
    Kiki.importAndRefresh root cmn Unencrypted
    return ()
+configureHosts uid root cmn = whenRoot uid root cmn $ do
+    Kiki.importAndRefresh root cmn Unencrypted
+    hosts <- Hosts.decode . fromMaybe "" <$> maybeReadFile (root "/etc/hosts")
+    kikihosts <- Hosts.decode . fromMaybe "" <$> maybeReadFile (root "/var/cache/kiki/config/hosts")
+    let hosts' = hosts `Hosts.plus` kikihosts
+    case Hosts.diff hosts hosts' of
+        [] -> hPutStrLn stderr "kiki hosts are already merged."
+        _ -> myWriteFile (root "/etc/hosts") $ Hosts.encode hosts'
 parseSshConfig :: L.ByteString -> [[L.ByteString]]
 parseSshConfig bs = map tokenize $ L8.lines bs
author	joe <joe@jerkface.net>	2016-08-30 04:23:05 -0400
committer	joe <joe@jerkface.net>	2016-08-30 04:23:05 -0400
commit	78e4b9e9281560d0949af913ea01460eb9295af9 (patch)
tree	bd924c1961f72997d37701fb9d5cf4d602ab5033 /cokiki.hs
parent	f49d101051e109be3d8c9a75730f42b999e0f110 (diff)
parent	c4a01a2f5f8021f390c4f58b6e4ebc6a62557b9b (diff)

diff --git a/cokiki.hs b/cokiki.hs index 54cc4ba..b6d94a0 100644 --- a/cokiki.hs +++ b/cokiki.hs
@@ -20,6 +20,7 @@ import System.IO
20	import System.Posix.User	20	import System.Posix.User
21	import CommandLine	21	import CommandLine
22	import Data.OpenPGP (SymmetricAlgorithm(Unencrypted))	22	import Data.OpenPGP (SymmetricAlgorithm(Unencrypted))
		23	import qualified Hosts
23		24
24	usage = unlines	25	usage = unlines
25	[ "cokiki <command> [--chroot=ROOTDIR]"	26	[ "cokiki <command> [--chroot=ROOTDIR]"
@@ -42,17 +43,20 @@ usage = unlines
42	, "COMMANDS"	43	, "COMMANDS"
43	, ""	44	, ""
44	, " ssh-client Modify system ssh configuration to respect"	45	, " ssh-client Modify system ssh configuration to respect"
45	, " /var/cache/kiki/ssh_known_hosts."	46	, " /var/cache/kiki/config/ssh_known_hosts."
46	, ""	47	, ""
47	, " ssh-server Modify system ssh configuration to use the"	48	, " ssh-server Modify system ssh configuration to use the"
48	, " kiki-managed host key at"	49	, " kiki-managed host key at"
49	, " /var/cache/kiki/ssh_host_rsa_key."	50	, " /var/cache/kiki/config/ssh_host_rsa_key."
50	, ""	51	, ""
51	, " strongswan Modify /etc/ipsec.conf to include settings from"	52	, " strongswan Modify /etc/ipsec.conf to include settings from"
52	, " /var/cache/kiki/ipsec.conf."	53	, " /var/cache/kiki/config/ipsec.conf."
53	, ""	54	, ""
54	, " tor Modify /etc/tor/torrc to configure a tor hidden"	55	, " tor Modify /etc/tor/torrc to configure a tor hidden"
55	, " service for email (smtp), ssh, and http ports."	56	, " service for email (smtp), ssh, and http ports."
		57	, ""
		58	, " hosts Merge hostnames from /var/cache/kiki/config/hosts"
		59	, " into system file /etc/hosts."
56	]	60	]
57		61
58	main = do	62	main = do
@@ -63,6 +67,7 @@ main = do
63	["ssh-server"] -> Just $ sshServer uid <$> Kiki.ㄧchroot <*> Kiki.ㄧhomedir	67	["ssh-server"] -> Just $ sshServer uid <$> Kiki.ㄧchroot <*> Kiki.ㄧhomedir
64	["strongswan"] -> Just $ strongswan uid <$> Kiki.ㄧchroot <*> Kiki.ㄧhomedir	68	["strongswan"] -> Just $ strongswan uid <$> Kiki.ㄧchroot <*> Kiki.ㄧhomedir
65	["tor"] -> Just $ configureTor uid <$> Kiki.ㄧchroot <*> Kiki.ㄧhomedir	69	["tor"] -> Just $ configureTor uid <$> Kiki.ㄧchroot <*> Kiki.ㄧhomedir
		70	["hosts"] -> Just $ configureHosts uid <$> Kiki.ㄧchroot <*> Kiki.ㄧhomedir
66	_ -> Nothing	71	_ -> Nothing
67	spec = uncurry fancy Kiki.kikiOptions ""	72	spec = uncurry fancy Kiki.kikiOptions ""
68	errorQuit msg = do	73	errorQuit msg = do
@@ -78,6 +83,7 @@ main = do
78	maybeReadFile :: FilePath -> IO (Maybe L.ByteString)	83	maybeReadFile :: FilePath -> IO (Maybe L.ByteString)
79	maybeReadFile path = do	84	maybeReadFile path = do
80	doesFileExist path >>= bool (return Nothing) (Just <$> L.readFile path)	85	doesFileExist path >>= bool (return Nothing) (Just <$> L.readFile path)
		86
81	myWriteFile f bs = do	87	myWriteFile f bs = do
82	createDirectoryIfMissing True (takeDirectory f)	88	createDirectoryIfMissing True (takeDirectory f)
83	hPutStrLn stderr $ "Writing "++f	89	hPutStrLn stderr $ "Writing "++f
@@ -133,17 +139,29 @@ sshServer uid root cmn = whenRoot uid root cmn $ do
133	Kiki.importAndRefresh root cmn Unencrypted	139	Kiki.importAndRefresh root cmn Unencrypted
134		140
135	strongswan uid root cmn = whenRoot uid root cmn $ do	141	strongswan uid root cmn = whenRoot uid root cmn $ do
		142	-- (1) /etc/ipsec.conf <-- 'include /var/cache/kiki/config/ipsec.conf'
136	-- Parsing as if ssh config, that's not right, but good enough for now.	143	-- Parsing as if ssh config, that's not right, but good enough for now.
137	ipsecconf <- parseSshConfig . fromMaybe "" <$> maybeReadFile (root "/etc/ipsec.conf")	144	ipsecconf <- parseSshConfig . fromMaybe "" <$> maybeReadFile (root "/etc/ipsec.conf")
138	let p:gs = groupBy (\_ d -> not $ sshIsDirective "include" d) $ ["#"]:ipsecconf	145	let p:gs = groupBy (\_ d -> not $ sshIsDirective "include" d) $ ["#"]:ipsecconf
139	got = filter (\(d:ds) -> elem "/var/cache/kiki/config/ipsec.conf" d) gs	146	got = filter (\(d:ds) -> elem "/var/cache/kiki/config/ipsec.conf" d) gs
140	case got of	147	case got of
141	_:_ -> do hPutStrLn stderr "ipsec already configured."	148	_:_ -> do hPutStrLn stderr "ipsec.conf already configured."
142	[] -> do let ipsecconf' = drop 1 $ ipsecconf ++ [stmt]	149	[] -> do let ipsecconf' = drop 1 $ ipsecconf ++ [stmt]
143	stmt = ["include", " ", "/var/cache/kiki/config/ipsec.conf"]	150	stmt = ["include", " ", "/var/cache/kiki/config/ipsec.conf"]
144	hPutStrLn stderr "adding include directive"	151	hPutStrLn stderr "adding include directive"
145	myWriteFile (root "/etc/ipsec.conf") $ unparseSshConfig ipsecconf'	152	myWriteFile (root "/etc/ipsec.conf") $ unparseSshConfig ipsecconf'
146	-- etc/ipsec.conf <-- 'include /var/cache/kiki/ipsec.conf'	153
		154	-- (2) /etc/ipsec.secrets/ <- include /var/cache/kiki/config/ipsec.secrets
		155	-- Parsing as if ssh config, that's not right, but good enough for now.
		156	ipsecconf <- parseSshConfig . fromMaybe "" <$> maybeReadFile (root "/etc/ipsec.secrets")
		157	let p:gs = groupBy (\_ d -> not $ sshIsDirective "include" d) $ ["#"]:ipsecconf
		158	got = filter (\(d:ds) -> elem "/var/cache/kiki/config/ipsec.secrets" d) gs
		159	case got of
		160	_:_ -> do hPutStrLn stderr "ipsec.secrets already configured."
		161	[] -> do let ipsecconf' = drop 1 $ ipsecconf ++ [stmt]
		162	stmt = ["include", " ", "/var/cache/kiki/config/ipsec.secrets"]
		163	hPutStrLn stderr "adding include directive"
		164	myWriteFile (root "/etc/ipsec.secrets") $ unparseSshConfig ipsecconf'
147	Kiki.importAndRefresh root cmn Unencrypted	165	Kiki.importAndRefresh root cmn Unencrypted
148		166
149	configureTor uid root cmn = whenRoot uid root cmn $ do	167	configureTor uid root cmn = whenRoot uid root cmn $ do
@@ -201,6 +219,14 @@ configureTor uid root cmn = whenRoot uid root cmn $ do
201	Kiki.importAndRefresh root cmn Unencrypted	219	Kiki.importAndRefresh root cmn Unencrypted
202	return ()	220	return ()
203		221
		222	configureHosts uid root cmn = whenRoot uid root cmn $ do
		223	Kiki.importAndRefresh root cmn Unencrypted
		224	hosts <- Hosts.decode . fromMaybe "" <$> maybeReadFile (root "/etc/hosts")
		225	kikihosts <- Hosts.decode . fromMaybe "" <$> maybeReadFile (root "/var/cache/kiki/config/hosts")
		226	let hosts' = hosts `Hosts.plus` kikihosts
		227	case Hosts.diff hosts hosts' of
		228	[] -> hPutStrLn stderr "kiki hosts are already merged."
		229	_ -> myWriteFile (root "/etc/hosts") $ Hosts.encode hosts'
204		230
205	parseSshConfig :: L.ByteString -> [[L.ByteString]]	231	parseSshConfig :: L.ByteString -> [[L.ByteString]]
206	parseSshConfig bs = map tokenize $ L8.lines bs	232	parseSshConfig bs = map tokenize $ L8.lines bs