diff options
Diffstat (limited to 'cokiki.hs')
-rw-r--r-- | cokiki.hs | 13 |
1 files changed, 7 insertions, 6 deletions
@@ -19,6 +19,7 @@ import System.Exit | |||
19 | import System.IO | 19 | import System.IO |
20 | import System.Posix.User | 20 | import System.Posix.User |
21 | import CommandLine | 21 | import CommandLine |
22 | import Data.OpenPGP (SymmetricAlgorithm(Unencrypted)) | ||
22 | import qualified Hosts | 23 | import qualified Hosts |
23 | 24 | ||
24 | usage = unlines | 25 | usage = unlines |
@@ -66,7 +67,7 @@ main = do | |||
66 | ["ssh-server"] -> Just $ sshServer uid <$> Kiki.ㄧchroot <*> Kiki.ㄧhomedir | 67 | ["ssh-server"] -> Just $ sshServer uid <$> Kiki.ㄧchroot <*> Kiki.ㄧhomedir |
67 | ["strongswan"] -> Just $ strongswan uid <$> Kiki.ㄧchroot <*> Kiki.ㄧhomedir | 68 | ["strongswan"] -> Just $ strongswan uid <$> Kiki.ㄧchroot <*> Kiki.ㄧhomedir |
68 | ["tor"] -> Just $ configureTor uid <$> Kiki.ㄧchroot <*> Kiki.ㄧhomedir | 69 | ["tor"] -> Just $ configureTor uid <$> Kiki.ㄧchroot <*> Kiki.ㄧhomedir |
69 | ["hosts"] -> Just $ configureHosts uid <$> Kiki.ㄧchroot <*> Kiki.ㄧhomedir | 70 | ["hosts"] -> Just $ configureHosts uid <$> Kiki.ㄧchroot <*> Kiki.ㄧhomedir |
70 | _ -> Nothing | 71 | _ -> Nothing |
71 | spec = uncurry fancy Kiki.kikiOptions "" | 72 | spec = uncurry fancy Kiki.kikiOptions "" |
72 | errorQuit msg = do | 73 | errorQuit msg = do |
@@ -122,7 +123,7 @@ sshClient uid root cmn = whenRoot uid root cmn $ do | |||
122 | maybe (return ()) (myWriteFile (root "/etc/ssh/ssh_config") . unparseSshConfig) sshconfig' | 123 | maybe (return ()) (myWriteFile (root "/etc/ssh/ssh_config") . unparseSshConfig) sshconfig' |
123 | 124 | ||
124 | -- /var/cache/kiki/config/ssh_known_hosts <-- contains known hosts from /root/.gnupg/... | 125 | -- /var/cache/kiki/config/ssh_known_hosts <-- contains known hosts from /root/.gnupg/... |
125 | Kiki.importAndRefresh root cmn | 126 | Kiki.importAndRefresh root cmn Unencrypted |
126 | 127 | ||
127 | sshServer uid root cmn = whenRoot uid root cmn $ do | 128 | sshServer uid root cmn = whenRoot uid root cmn $ do |
128 | sshconfig <- parseSshConfig . fromMaybe "" <$> maybeReadFile (root "/etc/ssh/sshd_config") | 129 | sshconfig <- parseSshConfig . fromMaybe "" <$> maybeReadFile (root "/etc/ssh/sshd_config") |
@@ -135,7 +136,7 @@ sshServer uid root cmn = whenRoot uid root cmn $ do | |||
135 | hPutStrLn stderr "adding HostKey directive" | 136 | hPutStrLn stderr "adding HostKey directive" |
136 | myWriteFile (root "/etc/ssh/sshd_config") $ unparseSshConfig sshconfig' | 137 | myWriteFile (root "/etc/ssh/sshd_config") $ unparseSshConfig sshconfig' |
137 | -- /etc/ssh/sshd_config <-- 'HostKey /var/cache/kiki/config/ssh_host_ecdsa_key' etc. | 138 | -- /etc/ssh/sshd_config <-- 'HostKey /var/cache/kiki/config/ssh_host_ecdsa_key' etc. |
138 | Kiki.importAndRefresh root cmn | 139 | Kiki.importAndRefresh root cmn Unencrypted |
139 | 140 | ||
140 | strongswan uid root cmn = whenRoot uid root cmn $ do | 141 | strongswan uid root cmn = whenRoot uid root cmn $ do |
141 | -- (1) /etc/ipsec.conf <-- 'include /var/cache/kiki/config/ipsec.conf' | 142 | -- (1) /etc/ipsec.conf <-- 'include /var/cache/kiki/config/ipsec.conf' |
@@ -161,7 +162,7 @@ strongswan uid root cmn = whenRoot uid root cmn $ do | |||
161 | stmt = ["include", " ", "/var/cache/kiki/config/ipsec.secrets"] | 162 | stmt = ["include", " ", "/var/cache/kiki/config/ipsec.secrets"] |
162 | hPutStrLn stderr "adding include directive" | 163 | hPutStrLn stderr "adding include directive" |
163 | myWriteFile (root "/etc/ipsec.secrets") $ unparseSshConfig ipsecconf' | 164 | myWriteFile (root "/etc/ipsec.secrets") $ unparseSshConfig ipsecconf' |
164 | Kiki.importAndRefresh root cmn | 165 | Kiki.importAndRefresh root cmn Unencrypted |
165 | 166 | ||
166 | configureTor uid root cmn = whenRoot uid root cmn $ do | 167 | configureTor uid root cmn = whenRoot uid root cmn $ do |
167 | -- Parsing as if ssh config, that's not right, but good enough for now. | 168 | -- Parsing as if ssh config, that's not right, but good enough for now. |
@@ -215,11 +216,11 @@ configureTor uid root cmn = whenRoot uid root cmn $ do | |||
215 | , ["HiddenServicePort"," ","22"," ","127.0.0.1:22"] | 216 | , ["HiddenServicePort"," ","22"," ","127.0.0.1:22"] |
216 | , ["HiddenServicePort"," ","25"," ","127.0.0.1:25"] ] | 217 | , ["HiddenServicePort"," ","25"," ","127.0.0.1:25"] ] |
217 | myWriteFile (root "/etc/tor/torrc") $ unparseSshConfig torrc' | 218 | myWriteFile (root "/etc/tor/torrc") $ unparseSshConfig torrc' |
218 | Kiki.importAndRefresh root cmn | 219 | Kiki.importAndRefresh root cmn Unencrypted |
219 | return () | 220 | return () |
220 | 221 | ||
221 | configureHosts uid root cmn = whenRoot uid root cmn $ do | 222 | configureHosts uid root cmn = whenRoot uid root cmn $ do |
222 | Kiki.importAndRefresh root cmn | 223 | Kiki.importAndRefresh root cmn Unencrypted |
223 | hosts <- Hosts.decode . fromMaybe "" <$> maybeReadFile (root "/etc/hosts") | 224 | hosts <- Hosts.decode . fromMaybe "" <$> maybeReadFile (root "/etc/hosts") |
224 | kikihosts <- Hosts.decode . fromMaybe "" <$> maybeReadFile (root "/var/cache/kiki/config/hosts") | 225 | kikihosts <- Hosts.decode . fromMaybe "" <$> maybeReadFile (root "/var/cache/kiki/config/hosts") |
225 | let hosts' = hosts `Hosts.plus` kikihosts | 226 | let hosts' = hosts `Hosts.plus` kikihosts |