diff options
| -rw-r--r-- | Makefile | 22 | ||||
| -rw-r--r-- | bin/gitano-auth.in | 1 | ||||
| -rw-r--r-- | bin/gitano-post-receive-hook.in | 3 | ||||
| -rw-r--r-- | bin/gitano-setup.in | 155 | ||||
| -rw-r--r-- | bin/gitano-update-hook.in | 1 | ||||
| -rw-r--r-- | bin/gitano-update-ssh.in | 1 | ||||
| -rw-r--r-- | example/gitano-admin/groups/gitano-admin.conf | 4 | ||||
| -rw-r--r-- | example/gitano-admin/site.conf | 5 | ||||
| -rw-r--r-- | example/gitano-admin/users/dsilvers/torpor.key | 1 | ||||
| -rw-r--r-- | example/gitano-admin/users/dsilvers/user.conf | 2 | ||||
| -rw-r--r-- | lib/gitano/config.lua | 32 | ||||
| -rw-r--r-- | lib/gitano/repository.lua | 2 | ||||
| -rw-r--r-- | skel/gitano-admin/rules/adminchecks.lace (renamed from example/gitano-admin/rules/adminchecks.lace) | 0 | ||||
| -rw-r--r-- | skel/gitano-admin/rules/aschecks.lace (renamed from example/gitano-admin/rules/aschecks.lace) | 0 | ||||
| -rw-r--r-- | skel/gitano-admin/rules/core.lace (renamed from example/gitano-admin/rules/core.lace) | 0 | ||||
| -rw-r--r-- | skel/gitano-admin/rules/createrepo.lace (renamed from example/gitano-admin/rules/createrepo.lace) | 0 | ||||
| -rw-r--r-- | skel/gitano-admin/rules/defines.lace (renamed from example/gitano-admin/rules/defines.lace) | 0 | ||||
| -rw-r--r-- | skel/gitano-admin/rules/destroyrepo.lace (renamed from example/gitano-admin/rules/destroyrepo.lace) | 0 | ||||
| -rw-r--r-- | skel/gitano-admin/rules/project.lace (renamed from example/gitano-admin/rules/project.lace) | 0 | ||||
| -rw-r--r-- | skel/gitano-admin/rules/remoteconfigchecks.lace (renamed from example/gitano-admin/rules/remoteconfigchecks.lace) | 0 | ||||
| -rw-r--r-- | skel/gitano-admin/rules/renamerepo.lace (renamed from example/gitano-admin/rules/renamerepo.lace) | 0 | ||||
| -rw-r--r-- | skel/gitano-admin/rules/selfchecks.lace (renamed from example/gitano-admin/rules/selfchecks.lace) | 0 | ||||
| -rw-r--r-- | skel/gitano-admin/rules/siteadmin.lace (renamed from example/gitano-admin/rules/siteadmin.lace) | 0 | ||||
| -rw-r--r-- | utils/install-lua-bin | 2 |
24 files changed, 194 insertions, 37 deletions
@@ -15,6 +15,7 @@ LIB_BIN_PATH := $(INST_ROOT)/lib/gitano/bin LIB_BIN_INST_PATH := $(DESTDIR)$(LIB_BIN_PATH) SHARE_PATH := $(INST_ROOT)/share/gitano SHARE_INST_PATH := $(DESTDIR)$(SHARE_PATH) +SKEL_INST_PATH := $(SHARE_INST_PATH)/skel LIB_BINS := gitano-auth gitano-post-receive-hook gitano-update-hook \ gitano-update-ssh @@ -31,6 +32,19 @@ MODS := gitano \ gitano.git gitano.git.commit gitano.git.ll gitano.git.object \ gitano.git.repository gitano.git.tag gitano.git.tree +SKEL_FILES := gitano-admin/rules/selfchecks.lace \ + gitano-admin/rules/aschecks.lace \ + gitano-admin/rules/siteadmin.lace \ + gitano-admin/rules/destroyrepo.lace \ + gitano-admin/rules/remoteconfigchecks.lace \ + gitano-admin/rules/core.lace \ + gitano-admin/rules/renamerepo.lace \ + gitano-admin/rules/defines.lace \ + gitano-admin/rules/project.lace \ + gitano-admin/rules/adminchecks.lace \ + gitano-admin/rules/createrepo.lace + + MOD_DIRS := gitano gitano/git MOD_FILES := $(patsubst %,%.lua,$(subst .,/,$(MODS))) SRC_MOD_FILES := $(patsubst %,lib/%,$(MOD_FILES)) @@ -69,7 +83,7 @@ clean: bin/%: bin/%.in $(GEN_BIN) $(call GEN_LOCAL_BIN,$<,$@) -install: install-bins install-lib-bins install-mods +install: install-bins install-lib-bins install-mods install-skel install-bins: $(BIN_SRCS) $(GEN_BIN) mkdir -p $(BIN_INST_PATH) @@ -82,3 +96,9 @@ install-lib-bins: $(LIB_BIN_SRCS) $(GEN_BIN) install-mods: $(SRC_MOD_FILES) mkdir -p $(patsubst %,$(LUA_MOD_INST_PATH)/%,$(MOD_DIRS)) $(foreach MOD,$(MOD_FILES),$(call GEN_INSTALL_MOD,lib/$(MOD),$(LUA_MOD_INST_PATH)/$(MOD))) + +install-skel: + mkdir -p $(SKEL_INST_PATH)/gitano-admin/rules + for SKELFILE in $(SKEL_FILES); do \ + install -m 644 skel/$$SKELFILE $(SKEL_INST_PATH)/$$SKELFILE; \ + done
\ No newline at end of file diff --git a/bin/gitano-auth.in b/bin/gitano-auth.in index 4679732..d21e85b 100644 --- a/bin/gitano-auth.in +++ b/bin/gitano-auth.in @@ -16,6 +16,7 @@ local sio = require "luxio.simple" local sp = require "luxio.subprocess" -- @@GITANO_BIN_PATH +-- @@GITANO_SHARE_PATH local repo_root, username, keytag = ... diff --git a/bin/gitano-post-receive-hook.in b/bin/gitano-post-receive-hook.in index 6354592..45a1b7e 100644 --- a/bin/gitano-post-receive-hook.in +++ b/bin/gitano-post-receive-hook.in @@ -16,6 +16,7 @@ local sio = require "luxio.simple" local sp = require "luxio.subprocess" -- @@GITANO_BIN_PATH +-- @@GITANO_SHARE_PATH local start_log_level = gitano.log.get_level() -- Clamp level at info until we have checked if the caller @@ -110,7 +111,7 @@ if repo.name == "gitano-admin" and updates[admin_repo.HEAD] then end gitano.log.chat("All repositories updated where possible.") local proc = sp.spawn({ - config.global.bin_path .. "/gitano-update-ssh", + gitano.config.lib_bin_path() .. "/gitano-update-ssh", config.global.repository_root }) local how, why = proc:wait() diff --git a/bin/gitano-setup.in b/bin/gitano-setup.in index 8edaf60..211f669 100644 --- a/bin/gitano-setup.in +++ b/bin/gitano-setup.in @@ -16,6 +16,7 @@ local sio = require "luxio.simple" local clod = require "clod" -- @@GITANO_BIN_PATH +-- @@GITANO_SHARE_PATH local possible_answers = {...} @@ -85,7 +86,7 @@ function look_for_path(path) if ret ~= 0 then return false, path .. ": " .. luxio.strerror(stat) end - if not luxio.S_ISDIR(stat.mode) then + if luxio.S_ISDIR(stat.mode) == 0 then return false, path .. ": not a directory" end return true @@ -107,9 +108,9 @@ function file_exists(path) return true end -function validate_username(n) +function validate_name(n) if not n:match("^[a-z_][a-z0-9_%-]*$") then - error("Invalid username: " .. n, 2) + error("Invalid name: " .. n, 2) end end @@ -119,16 +120,19 @@ else gitano.log.info("Interactive mode engaged") end -gitano.log.info("Step 1: Determine everything") +gitano.log.chat("Step 1: Determine everything") validate_path(ask_for("paths.home", "Home directory for new Gitano user", os.getenv "HOME")) +ask_for("paths.ssh", "SSH directory for new Gitano user", + get("paths.home") .. "/.ssh") + local pubkey_path -if look_for_path(get("paths.home") .. "/.ssh") then +if look_for_path(get("paths.ssh")) then -- Try and find a pubkey to use for _, ktype in ipairs { "rsa", "ecdsa" } do - local pk = get("paths.home") .. "/.ssh/id_" .. ktype .. ".pub" + local pk = get("paths.ssh") .. "/id_" .. ktype .. ".pub" if file_exists(pk) then pubkey_path = pk break @@ -136,7 +140,7 @@ if look_for_path(get("paths.home") .. "/.ssh") then end end -assert(file_exists(ask_for("paths.pubkey", "Public key for admin user", +assert(file_exists(ask_for("paths.pubkey", "Public key file for admin user", pubkey_path)), "Cannot find public key") @@ -145,19 +149,146 @@ ask_for("paths.repos", "Repository path for new Gitano instance", ask_for("paths.graveyard", "Graveyard path for new Gitano instance", get("paths.home") .. "/graveyard") -validate_username(ask_for("admin.username", "User name for admin user", - os.getenv "USER" or "admin")) +validate_name(ask_for("admin.username", "User name for admin user", + os.getenv "USER" or "admin")) ask_for("admin.realname", "Real name for admin user", "Administrator") ask_for("admin.email", "Email address for admin user", "admin@administrator.local") -gitano.log.info("Step 2: Set up the respositories") +validate_name(ask_for("admin.keyname", "Key name for administrator", + "default")) + +ask_for("site.name", "Site name", "a random Gitano instance") +ask_for("log.prefix", "Site log prefix", "gitano") +gitano.log.chat("Step 2: Gather required content") + +gitano.log.info("=> Prepare site config") local completely_flat = {} local site_conf = clod.parse("") ---site_conf.settings[ +site_conf.settings["site_name"] = get "site.name" +site_conf.settings["repository_root"] = get "paths.repos" +site_conf.settings["graveyard_root"] = get "paths.graveyard" +site_conf.settings["log.prefix"] = get "log.prefix" +completely_flat["site.conf"] = site_conf:serialise() + +-- Acquire the contents of the skeleton gitano-admin repository +gitano.log.info("=> Acquire skeleton gitano-admin") +local skel_path = gitano.config.share_path() .. "/skel/gitano-admin" +local skel = assert(sio.opendir(skel_path)) +local function acquire(dir, base, path) + gitano.log.ddebug("Acquire skeleton in:", path) + for ent in dir:iterate() do + if not (ent == "." or ent == "..") then + local entpath = path .. "/" .. ent + local treeent = base .. ent + if look_for_path(entpath) then + local subdir = assert(sio.opendir(entpath)) + acquire(subdir, treeent .. "/", entpath) + subdir:close() + else + local fh = io.open(entpath, "r") + completely_flat[treeent] = fh:read "*a" + fh:close() + end + end + end +end +acquire(skel, "", skel_path) +skel:close() + +-- Now build the user files +gitano.log.info("=> Preparing administration user (" .. get("admin.username") .. ")") +local userpath = "users/" .. get("admin.username") .. "/user.conf" +local keypath = "users/" .. get("admin.username") .. "/" .. get("admin.keyname") .. ".key" +local userconf = clod.parse("") +userconf.settings.real_name = get("admin.realname") +userconf.settings.email_address = get("admin.email") +completely_flat[userpath] = userconf:serialise() +completely_flat[keypath] = assert(sio.open(get("paths.pubkey"), "r")):read "*a" + +-- And now the gitano-admin group +gitano.log.info("=> Preparing gitano-admin group") +local groupconf = clod.parse("") +groupconf.settings.description = "Gitano Instance Administrators" +groupconf.settings["members.*"] = get("admin.username") +completely_flat["groups/gitano-admin.conf"] = groupconf:serialise() + +gitano.log.chat("Step 3: Write out paths and gitano-admin.git") + +function mkdir_p(path) + if look_for_path(path) then + return + end + local parent = path:match("^(.+)/.*") + if not look_for_path(parent) then + mkdir_p(parent) + end + assert(sio.mkdir(path)) +end + +gitano.log.info("=> Make paths") +mkdir_p(get "paths.repos") +mkdir_p(get "paths.graveyard") +mkdir_p(get "paths.ssh") +assert(sio.chmod(get "paths.ssh", "0700")) + +gitano.log.info("=> Prepare repository") + +local raw_repo = assert(gitano.git.repository.create(get("paths.repos") .. + "/gitano-admin.git")) + +gitano.log.info("=> Create a flattened tree") +for k, v in pairs(completely_flat) do + gitano.log.debug(" => Make object", k) + completely_flat[k] = gitano.git.object.create(raw_repo, "blob", v) +end + +gitano.log.info("=> Commit that tree") +local real_tree = assert(gitano.git.tree.create(raw_repo, completely_flat)) + +local person = { + realname = get "admin.realname", + email = get "admin.email", +} +local commit_data = { + author = person, + committer = person, + tree = real_tree, + message = "Initial setup", +} + +local commit_obj = assert(gitano.git.commit.create(raw_repo, commit_data)) + +gitano.log.info("=> Attach that commit to master") + +assert(raw_repo:update_ref("refs/heads/master", commit_obj.sha, + "Create initial master ref")) + +gitano.log.info("=> Ensure we can parse our resultant admin repository") + +local admin_head = raw_repo:get(raw_repo.HEAD) + +if not admin_head then + gitano.log.fatal("Unable to find the HEAD of the administration repository. Cannot continue"); +end + +local config = assert(gitano.config.parse(admin_head)) +-- Restore the prefix for our logging +gitano.log.set_prefix("gitano-setup") +-- Verify that our user exists + +assert(config.users[get "admin.username"], "Could not find user") +assert(config.groups["gitano-admin"].filtered_members[get "admin.username"], + "User was not a gitano-admin") + +gitano.log.info("=> Change the admin ref for gitano-admin.git") +config.repo:set_description("Instance administration repository") +config.repo:set_owner(get "admin.username") -gitano.log.info("Step 3: Hook into SSH") +gitano.log.info("=> Write the SSH authorized_keys file out") +gitano.config.writessh(config, get("paths.ssh") .. "/authorized_keys") +assert(sio.chmod(get("paths.ssh") .. "/authorized_keys", "0600")) diff --git a/bin/gitano-update-hook.in b/bin/gitano-update-hook.in index 806a35b..0e8af59 100644 --- a/bin/gitano-update-hook.in +++ b/bin/gitano-update-hook.in @@ -16,6 +16,7 @@ local sio = require "luxio.simple" local sp = require "luxio.subprocess" -- @@GITANO_BIN_PATH +-- @@GITANO_SHARE_PATH local refname, oldsha, newsha = ... diff --git a/bin/gitano-update-ssh.in b/bin/gitano-update-ssh.in index d4bf54d..4794074 100644 --- a/bin/gitano-update-ssh.in +++ b/bin/gitano-update-ssh.in @@ -16,6 +16,7 @@ local sio = require "luxio.simple" local sp = require "luxio.subprocess" -- @@GITANO_BIN_PATH +-- @@GITANO_SHARE_PATH local repo_root = ... diff --git a/example/gitano-admin/groups/gitano-admin.conf b/example/gitano-admin/groups/gitano-admin.conf deleted file mode 100644 index 959690d..0000000 --- a/example/gitano-admin/groups/gitano-admin.conf +++ /dev/null @@ -1,4 +0,0 @@ -description = "Gitano Administrators" -members = { "dsilvers" } -subgroups = {} - diff --git a/example/gitano-admin/site.conf b/example/gitano-admin/site.conf deleted file mode 100644 index bec6f3e..0000000 --- a/example/gitano-admin/site.conf +++ /dev/null @@ -1,5 +0,0 @@ --- Sample configuration for Gitano -site_name = "Gitano pre-alpha repository server (Laced)" -repository_root = "/home/gitano/repos" -bin_path = "/home/gitano/bin" -graveyard_root = "/home/gitano/graveyard" diff --git a/example/gitano-admin/users/dsilvers/torpor.key b/example/gitano-admin/users/dsilvers/torpor.key deleted file mode 100644 index 973e0f9..0000000 --- a/example/gitano-admin/users/dsilvers/torpor.key +++ /dev/null @@ -1 +0,0 @@ -ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDmFPyhleGHuoWGgMWZWxZujNM6S4gwxx/FZw94d5ZBiRAQ2miKemdhQxoPnVhzLzx4CX0sFfU1P7HUEx+6xigf8EjrHxBYTgjh7JSCR0apcExoAVihVG+pnMDCf+CqueIbUMVRm7PEmTcg4NNMx7f60Y0zrUa3iNnU8flA+28IkrCz0RVycAKT418337PqRBaXBbnCprNkF2gOHj1mLymsE0ehwiQOd2+ocjHdxSwDayJ2OwNAIdPcb/78RixH12d5F7r3cdNNFjuXuXwSrG+ILEtbXFJEvEXnccOARMeW7uzlZsSkfeNivU3nyxJ8ZxDAFSL8JHi8edBwON6qr7+r danielsilverstone@torpor diff --git a/example/gitano-admin/users/dsilvers/user.conf b/example/gitano-admin/users/dsilvers/user.conf deleted file mode 100644 index 971d92d..0000000 --- a/example/gitano-admin/users/dsilvers/user.conf +++ /dev/null @@ -1,2 +0,0 @@ -real_name = "Daniel Silverstone" -email_address = "dsilvers@digital-scurf.org" diff --git a/lib/gitano/config.lua b/lib/gitano/config.lua index 5eac287..e279878 100644 --- a/lib/gitano/config.lua +++ b/lib/gitano/config.lua @@ -19,6 +19,7 @@ local pairs = pairs local tconcat = table.concat local lib_bin_path = "/tmp/DOES_NOT_EXIST" +local share_path = "/tmp/DOES_NOT_EXIST" local admin_name = { realname = "Gitano", @@ -301,16 +302,18 @@ local function generate_ssh_config(conf) return tconcat(ret, "\n") end -local function update_ssh_keys(conf) +local function update_ssh_keys(conf, ssh_path) local ssh_config = generate_ssh_config(conf) - local home = luxio.getenv "HOME" + if not ssh_path then + local home = luxio.getenv "HOME" - if not home then - log.fatal("Unable to find HOME") - end + if not home then + log.fatal("Unable to find HOME") + end - local ssh_path = home .. "/.ssh/authorized_keys" + ssh_path = home .. "/.ssh/authorized_keys" + end local create_path = ssh_path .. ".new" @@ -439,8 +442,18 @@ local function commit_config_changes(conf, desc, username) return true, commit end -local function set_lib_bin_path(p) - lib_bin_path = p +local function get_set_lib_bin_path(p) + if p then + lib_bin_path = p + end + return lib_bin_path +end + +local function get_set_share_path(p) + if p then + share_path = p + end + return share_path end return { @@ -452,5 +465,6 @@ return { load_file_content = load_file_content, get_default_hook_content = get_default_hook_content, has_global_hook = has_global_hook, - lib_bin_path = set_lib_bin_path, + lib_bin_path = get_set_lib_bin_path, + share_path = get_set_share_path, } diff --git a/lib/gitano/repository.lua b/lib/gitano/repository.lua index a5919a8..0ba3acc 100644 --- a/lib/gitano/repository.lua +++ b/lib/gitano/repository.lua @@ -285,7 +285,7 @@ function repo_method:check_and_upgrade_hook(hook) #!/bin/sh exec %q/gitano-%s-hook "$@" -]]):format(self.config.global.bin_path, hook) +]]):format(config.lib_bin_path(), hook) local hookfile = ("%s/hooks/%s"):format(self:fs_path(), hook) log.ddebug(" => Checking hook", hook) local fh = sio.open(hookfile, "r") diff --git a/example/gitano-admin/rules/adminchecks.lace b/skel/gitano-admin/rules/adminchecks.lace index 75ca753..75ca753 100644 --- a/example/gitano-admin/rules/adminchecks.lace +++ b/skel/gitano-admin/rules/adminchecks.lace diff --git a/example/gitano-admin/rules/aschecks.lace b/skel/gitano-admin/rules/aschecks.lace index 3623709..3623709 100644 --- a/example/gitano-admin/rules/aschecks.lace +++ b/skel/gitano-admin/rules/aschecks.lace diff --git a/example/gitano-admin/rules/core.lace b/skel/gitano-admin/rules/core.lace index c54dcba..c54dcba 100644 --- a/example/gitano-admin/rules/core.lace +++ b/skel/gitano-admin/rules/core.lace diff --git a/example/gitano-admin/rules/createrepo.lace b/skel/gitano-admin/rules/createrepo.lace index 9085706..9085706 100644 --- a/example/gitano-admin/rules/createrepo.lace +++ b/skel/gitano-admin/rules/createrepo.lace diff --git a/example/gitano-admin/rules/defines.lace b/skel/gitano-admin/rules/defines.lace index 64af8ca..64af8ca 100644 --- a/example/gitano-admin/rules/defines.lace +++ b/skel/gitano-admin/rules/defines.lace diff --git a/example/gitano-admin/rules/destroyrepo.lace b/skel/gitano-admin/rules/destroyrepo.lace index fd02547..fd02547 100644 --- a/example/gitano-admin/rules/destroyrepo.lace +++ b/skel/gitano-admin/rules/destroyrepo.lace diff --git a/example/gitano-admin/rules/project.lace b/skel/gitano-admin/rules/project.lace index 26729d6..26729d6 100644 --- a/example/gitano-admin/rules/project.lace +++ b/skel/gitano-admin/rules/project.lace diff --git a/example/gitano-admin/rules/remoteconfigchecks.lace b/skel/gitano-admin/rules/remoteconfigchecks.lace index 7c6a317..7c6a317 100644 --- a/example/gitano-admin/rules/remoteconfigchecks.lace +++ b/skel/gitano-admin/rules/remoteconfigchecks.lace diff --git a/example/gitano-admin/rules/renamerepo.lace b/skel/gitano-admin/rules/renamerepo.lace index 946d544..946d544 100644 --- a/example/gitano-admin/rules/renamerepo.lace +++ b/skel/gitano-admin/rules/renamerepo.lace diff --git a/example/gitano-admin/rules/selfchecks.lace b/skel/gitano-admin/rules/selfchecks.lace index 300bb91..300bb91 100644 --- a/example/gitano-admin/rules/selfchecks.lace +++ b/skel/gitano-admin/rules/selfchecks.lace diff --git a/example/gitano-admin/rules/siteadmin.lace b/skel/gitano-admin/rules/siteadmin.lace index bf72bb2..bf72bb2 100644 --- a/example/gitano-admin/rules/siteadmin.lace +++ b/skel/gitano-admin/rules/siteadmin.lace diff --git a/utils/install-lua-bin b/utils/install-lua-bin index 71d4a14..4d7322c 100644 --- a/utils/install-lua-bin +++ b/utils/install-lua-bin @@ -37,7 +37,7 @@ while line do elseif token == "GITANO_BIN_PATH" then output_fh:write(("gitano.config.lib_bin_path(%q)\n"):format(inst_bin_path)) elseif token == "GITANO_SHARE_PATH" then - output_fh:write(("gitano.config.share_path = %q\n"):format(inst_share_path)) + output_fh:write(("gitano.config.share_path(%q)\n"):format(inst_share_path)) else output_fh:write("-- Unknown token: " .. token .. "\n") end |