cronekorkn/bundlewrap
1
0
Fork 0
Code Issues Pull requests 8 Projects Releases Wiki Activity

wip

Browse source
This commit is contained in:
mwiegand 2021-06-14 21:44:27 +02:00
parent e46a1e3161
commit d2e5f06413
5 changed files with 68 additions and 30 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

62
bundles/mailserver/items.py
View file

@ -3,9 +3,12 @@ assert node.has_bundle('dovecot')
assert node.has_bundle('letsencrypt') assert node.has_bundle('letsencrypt')
assert node.has_bundle('roundcube') assert node.has_bundle('roundcube')
from hashlib import md5
from shlex import quote from shlex import quote
setup = ''' db_data = node.metadata.get('mailserver/database')
test_password = str(node.metadata.get('mailserver/test_password'))
setup = f"""
CREATE TABLE domains ( CREATE TABLE domains (
"id" BIGSERIAL PRIMARY KEY, "id" BIGSERIAL PRIMARY KEY,
"name" varchar(255) UNIQUE NOT NULL "name" varchar(255) UNIQUE NOT NULL
@ -20,25 +23,54 @@ setup = '''
"redirect" varchar(255) DEFAULT NULL "redirect" varchar(255) DEFAULT NULL
); );
CREATE UNIQUE INDEX ON users ("name", "domain_id") WHERE "redirect" IS NULL; CREATE UNIQUE INDEX ON users ("name", "domain_id") WHERE "redirect" IS NULL;
'''
-- OWNERSHIPS
ALTER TABLE domains OWNER TO {db_data['user']};
ALTER TABLE users OWNER TO {db_data['user']};
-- TEST DATA
INSERT INTO domains (name) VALUES ('example.com');
INSERT INTO users (name, domain_id, password)
SELECT 'bw_test_user', domains.id, MD5('{test_password}')
FROM domains
WHERE domains.name = 'example.com';
INSERT INTO users (name, domain_id, redirect)
SELECT 'bw_test_alias', domains.id, 'irgendweo@gmail.com'
FROM domains
WHERE domains.name = 'example.com';
"""
actions['initialize_mailserver_db'] = { actions['initialize_mailserver_db'] = {
'command': f'psql -d mailserver -c {quote(setup)}', 'command': f"psql -d {db_data['name']} -c {quote(setup)}",
'unless': f'psql -At -d mailserver -c "SELECT to_regclass(\'public.users\')" | grep -q \'^users$\'', 'unless': f"psql -At -d {db_data['name']} -c \"SELECT to_regclass(\'public.users\')\" | grep -q '^users$'",
'needs': [ 'needs': [
'postgres_db:mailserver', 'postgres_db:mailserver',
], ],
} }
# testuser
# TEST test_password_md5 = md5(str(test_password).encode()).hexdigest()
''' check_query = """
DROP TABLE users; DROP TABLE domains; SELECT password
FROM users
INSERT INTO domains (id, name) WHERE name = 'bw_test_user'
VALUES (1, 'mails2.sublimity.de'); AND domain_id = (SELECT id FROM domains WHERE name = 'example.com')
INSERT INTO users (id, name, domain_id, password) """
VALUES (1, 'ckn', 1, MD5('test123')); update_query = f"""
INSERT INTO users (id, name, domain_id, redirect) UPDATE users
VALUES (2, 'weg', 1, 'irgendweo@gmail.com'); SET password = MD5('{test_password}')
''' WHERE name = 'bw_test_user'
AND domain_id = (SELECT id FROM domains WHERE name = 'example.com')
"""
actions['mailserver_update_test_pw'] = {
'command': f"psql -d {db_data['name']} -c {quote(update_query)}",
'unless': f"psql -At -d {db_data['name']} -c {quote(check_query)} | grep -q '^{test_password_md5}$\'",
'needs': [
'action:initialize_mailserver_db',
],
}

3
bundles/mailserver/metadata.py
View file

@ -4,11 +4,12 @@ defaults = {
'mailserver': { 'mailserver': {
'maildir': '/var/vmail', 'maildir': '/var/vmail',
'database': { 'database': {
'host': '127.0.0.1', 'host': 'localhost',
'name': 'mailserver', 'name': 'mailserver',
'user': 'mailserver', 'user': 'mailserver',
'password': database_password, 'password': database_password,
}, },
'test_password': repo.vault.password_for(f'{node.name} test_pw mailserver'),
}, },
'postgresql': { 'postgresql': {
'roles': { 'roles': {

28
bundles/postgresql/items.py
View file

@ -1,14 +1,22 @@
from bundlewrap.utils.dicts import merge_dict
svc_systemd['postgresql'] = {
'needs': [
'pkg_apt:postgresql',
],
}
for user, config in node.metadata.get('postgresql/roles').items(): for user, config in node.metadata.get('postgresql/roles').items():
postgres_roles[user] = { postgres_roles[user] = merge_dict(config, {
'password': config['password'], 'needs': [
'needs': {
'svc_systemd:postgresql', 'svc_systemd:postgresql',
}, ],
} })
for database, config in node.metadata.get('postgresql/databases').items(): for database, config in node.metadata.get('postgresql/databases').items():
postgres_dbs[database] = config postgres_dbs[database] = merge_dict(config, {
'needs': [
svc_systemd = { 'svc_systemd:postgresql',
'postgresql': {}, ],
} })

3
bundles/postgresql/metadata.py
View file

@ -4,9 +4,6 @@ defaults = {
'root': { 'root': {
'password': repo.vault.password_for(f'{node.name} postgresql root'), 'password': repo.vault.password_for(f'{node.name} postgresql root'),
'superuser': True, 'superuser': True,
'needs': {
'svc_systemd:postgresql',
},
}, },
}, },
'databases': {}, 'databases': {},

2
requirements.txt
View file

@ -1 +1 @@
bundlewrap>=4.4.2 bundlewrap>=4.8.0