diff options
Diffstat (limited to 'cokiki.hs')
| -rw-r--r-- | cokiki.hs | 13 |
1 files changed, 7 insertions, 6 deletions
| @@ -19,6 +19,7 @@ import System.Exit | |||
| 19 | import System.IO | 19 | import System.IO |
| 20 | import System.Posix.User | 20 | import System.Posix.User |
| 21 | import CommandLine | 21 | import CommandLine |
| 22 | import Data.OpenPGP (SymmetricAlgorithm(Unencrypted)) | ||
| 22 | import qualified Hosts | 23 | import qualified Hosts |
| 23 | 24 | ||
| 24 | usage = unlines | 25 | usage = unlines |
| @@ -66,7 +67,7 @@ main = do | |||
| 66 | ["ssh-server"] -> Just $ sshServer uid <$> Kiki.ㄧchroot <*> Kiki.ㄧhomedir | 67 | ["ssh-server"] -> Just $ sshServer uid <$> Kiki.ㄧchroot <*> Kiki.ㄧhomedir |
| 67 | ["strongswan"] -> Just $ strongswan uid <$> Kiki.ㄧchroot <*> Kiki.ㄧhomedir | 68 | ["strongswan"] -> Just $ strongswan uid <$> Kiki.ㄧchroot <*> Kiki.ㄧhomedir |
| 68 | ["tor"] -> Just $ configureTor uid <$> Kiki.ㄧchroot <*> Kiki.ㄧhomedir | 69 | ["tor"] -> Just $ configureTor uid <$> Kiki.ㄧchroot <*> Kiki.ㄧhomedir |
| 69 | ["hosts"] -> Just $ configureHosts uid <$> Kiki.ㄧchroot <*> Kiki.ㄧhomedir | 70 | ["hosts"] -> Just $ configureHosts uid <$> Kiki.ㄧchroot <*> Kiki.ㄧhomedir |
| 70 | _ -> Nothing | 71 | _ -> Nothing |
| 71 | spec = uncurry fancy Kiki.kikiOptions "" | 72 | spec = uncurry fancy Kiki.kikiOptions "" |
| 72 | errorQuit msg = do | 73 | errorQuit msg = do |
| @@ -122,7 +123,7 @@ sshClient uid root cmn = whenRoot uid root cmn $ do | |||
| 122 | maybe (return ()) (myWriteFile (root "/etc/ssh/ssh_config") . unparseSshConfig) sshconfig' | 123 | maybe (return ()) (myWriteFile (root "/etc/ssh/ssh_config") . unparseSshConfig) sshconfig' |
| 123 | 124 | ||
| 124 | -- /var/cache/kiki/config/ssh_known_hosts <-- contains known hosts from /root/.gnupg/... | 125 | -- /var/cache/kiki/config/ssh_known_hosts <-- contains known hosts from /root/.gnupg/... |
| 125 | Kiki.importAndRefresh root cmn | 126 | Kiki.importAndRefresh root cmn Unencrypted |
| 126 | 127 | ||
| 127 | sshServer uid root cmn = whenRoot uid root cmn $ do | 128 | sshServer uid root cmn = whenRoot uid root cmn $ do |
| 128 | sshconfig <- parseSshConfig . fromMaybe "" <$> maybeReadFile (root "/etc/ssh/sshd_config") | 129 | sshconfig <- parseSshConfig . fromMaybe "" <$> maybeReadFile (root "/etc/ssh/sshd_config") |
| @@ -135,7 +136,7 @@ sshServer uid root cmn = whenRoot uid root cmn $ do | |||
| 135 | hPutStrLn stderr "adding HostKey directive" | 136 | hPutStrLn stderr "adding HostKey directive" |
| 136 | myWriteFile (root "/etc/ssh/sshd_config") $ unparseSshConfig sshconfig' | 137 | myWriteFile (root "/etc/ssh/sshd_config") $ unparseSshConfig sshconfig' |
| 137 | -- /etc/ssh/sshd_config <-- 'HostKey /var/cache/kiki/config/ssh_host_ecdsa_key' etc. | 138 | -- /etc/ssh/sshd_config <-- 'HostKey /var/cache/kiki/config/ssh_host_ecdsa_key' etc. |
| 138 | Kiki.importAndRefresh root cmn | 139 | Kiki.importAndRefresh root cmn Unencrypted |
| 139 | 140 | ||
| 140 | strongswan uid root cmn = whenRoot uid root cmn $ do | 141 | strongswan uid root cmn = whenRoot uid root cmn $ do |
| 141 | -- (1) /etc/ipsec.conf <-- 'include /var/cache/kiki/config/ipsec.conf' | 142 | -- (1) /etc/ipsec.conf <-- 'include /var/cache/kiki/config/ipsec.conf' |
| @@ -161,7 +162,7 @@ strongswan uid root cmn = whenRoot uid root cmn $ do | |||
| 161 | stmt = ["include", " ", "/var/cache/kiki/config/ipsec.secrets"] | 162 | stmt = ["include", " ", "/var/cache/kiki/config/ipsec.secrets"] |
| 162 | hPutStrLn stderr "adding include directive" | 163 | hPutStrLn stderr "adding include directive" |
| 163 | myWriteFile (root "/etc/ipsec.secrets") $ unparseSshConfig ipsecconf' | 164 | myWriteFile (root "/etc/ipsec.secrets") $ unparseSshConfig ipsecconf' |
| 164 | Kiki.importAndRefresh root cmn | 165 | Kiki.importAndRefresh root cmn Unencrypted |
| 165 | 166 | ||
| 166 | configureTor uid root cmn = whenRoot uid root cmn $ do | 167 | configureTor uid root cmn = whenRoot uid root cmn $ do |
| 167 | -- Parsing as if ssh config, that's not right, but good enough for now. | 168 | -- Parsing as if ssh config, that's not right, but good enough for now. |
| @@ -215,11 +216,11 @@ configureTor uid root cmn = whenRoot uid root cmn $ do | |||
| 215 | , ["HiddenServicePort"," ","22"," ","127.0.0.1:22"] | 216 | , ["HiddenServicePort"," ","22"," ","127.0.0.1:22"] |
| 216 | , ["HiddenServicePort"," ","25"," ","127.0.0.1:25"] ] | 217 | , ["HiddenServicePort"," ","25"," ","127.0.0.1:25"] ] |
| 217 | myWriteFile (root "/etc/tor/torrc") $ unparseSshConfig torrc' | 218 | myWriteFile (root "/etc/tor/torrc") $ unparseSshConfig torrc' |
| 218 | Kiki.importAndRefresh root cmn | 219 | Kiki.importAndRefresh root cmn Unencrypted |
| 219 | return () | 220 | return () |
| 220 | 221 | ||
| 221 | configureHosts uid root cmn = whenRoot uid root cmn $ do | 222 | configureHosts uid root cmn = whenRoot uid root cmn $ do |
| 222 | Kiki.importAndRefresh root cmn | 223 | Kiki.importAndRefresh root cmn Unencrypted |
| 223 | hosts <- Hosts.decode . fromMaybe "" <$> maybeReadFile (root "/etc/hosts") | 224 | hosts <- Hosts.decode . fromMaybe "" <$> maybeReadFile (root "/etc/hosts") |
| 224 | kikihosts <- Hosts.decode . fromMaybe "" <$> maybeReadFile (root "/var/cache/kiki/config/hosts") | 225 | kikihosts <- Hosts.decode . fromMaybe "" <$> maybeReadFile (root "/var/cache/kiki/config/hosts") |
| 225 | let hosts' = hosts `Hosts.plus` kikihosts | 226 | let hosts' = hosts `Hosts.plus` kikihosts |