Store generated configs in $HOME
And move app to ~/app.
This commit is contained in:
parent
0afcd33a99
commit
931cd3f8c1
4
pusher
4
pusher
|
@ -1,6 +1,8 @@
|
||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
|
|
||||||
(echo ; inotifywait -m --include '[0-9]*\.tar\.gz' -e create config) |
|
cd ~/app
|
||||||
|
|
||||||
|
(echo ; inotifywait -m --include '[0-9]*\.tar\.gz' -e create ~/config) |
|
||||||
while read ; do
|
while read ; do
|
||||||
FLASK_APP=web python3 -m flask push
|
FLASK_APP=web python3 -m flask push
|
||||||
done
|
done
|
||||||
|
|
|
@ -3,6 +3,7 @@
|
||||||
import collections
|
import collections
|
||||||
import multiprocessing
|
import multiprocessing
|
||||||
import os
|
import os
|
||||||
|
import pathlib
|
||||||
import shutil
|
import shutil
|
||||||
import subprocess
|
import subprocess
|
||||||
import syslog
|
import syslog
|
||||||
|
@ -60,7 +61,7 @@ def save_config():
|
||||||
ipsets[network].add(f'{ip}/32')
|
ipsets[network].add(f'{ip}/32')
|
||||||
|
|
||||||
# Create config files.
|
# Create config files.
|
||||||
output = f'config/{version}'
|
output = pathlib.Path.home() / 'config' / f'{version}'
|
||||||
shutil.rmtree(output, ignore_errors=True)
|
shutil.rmtree(output, ignore_errors=True)
|
||||||
os.makedirs(f'{output}/etc/nftables.d', exist_ok=True)
|
os.makedirs(f'{output}/etc/nftables.d', exist_ok=True)
|
||||||
os.makedirs(f'{output}/etc/wireguard', exist_ok=True)
|
os.makedirs(f'{output}/etc/wireguard', exist_ok=True)
|
||||||
|
@ -108,10 +109,10 @@ PrivateKey = {settings.get('wg_key')}
|
||||||
|
|
||||||
# Make a config archive in a temporary place, so we don’t send
|
# Make a config archive in a temporary place, so we don’t send
|
||||||
# incomplete tars.
|
# incomplete tars.
|
||||||
tarfile = shutil.make_archive(f'{output}-tmp', 'gztar', root_dir=output, owner='root', group='root')
|
tar_file = shutil.make_archive(f'{output}-tmp', 'gztar', root_dir=output, owner='root', group='root')
|
||||||
|
|
||||||
# Move config archive to the final destination.
|
# Move config archive to the final destination.
|
||||||
os.rename(tarfile, f'{output}.tar.gz')
|
os.rename(tar_file, f'{output}.tar.gz')
|
||||||
|
|
||||||
# If we get here, write settings with the new version.
|
# If we get here, write settings with the new version.
|
||||||
db.write('settings', settings)
|
db.write('settings', settings)
|
||||||
|
@ -143,16 +144,17 @@ def push(version=None):
|
||||||
version = db.load('settings').get('version', 0)
|
version = db.load('settings').get('version', 0)
|
||||||
|
|
||||||
# Write wanted version to file for uploading to firewall nodes.
|
# Write wanted version to file for uploading to firewall nodes.
|
||||||
with open('config/version', 'w') as f:
|
version_file = pathlib.Path.home() / 'config' / 'version'
|
||||||
|
with open(version_file, 'w') as f:
|
||||||
print(version, file=f)
|
print(version, file=f)
|
||||||
|
|
||||||
nodes = db.read('nodes')
|
nodes = db.read('nodes')
|
||||||
tarfile = f'config/{version}.tar.gz'
|
tar_file = pathlib.Path.home() / 'config' / f'{version}.tar.gz'
|
||||||
|
|
||||||
done = True
|
done = True
|
||||||
for node, node_version in nodes.items():
|
for node, node_version in nodes.items():
|
||||||
if node_version != version:
|
if node_version != version:
|
||||||
if not os.path.exists(tarfile):
|
if not os.path.exists(tar_file):
|
||||||
syslog.syslog(f'wanted to push version {version} but {version}.tar.gz doesn’t exist')
|
syslog.syslog(f'wanted to push version {version} but {version}.tar.gz doesn’t exist')
|
||||||
return
|
return
|
||||||
|
|
||||||
|
@ -160,7 +162,7 @@ def push(version=None):
|
||||||
syslog.syslog(f'updating {node} from {node_version} to {version}')
|
syslog.syslog(f'updating {node} from {node_version} to {version}')
|
||||||
result = subprocess.run([f'sftp -o ConnectTimeout=10 root@{node}'],
|
result = subprocess.run([f'sftp -o ConnectTimeout=10 root@{node}'],
|
||||||
shell=True, text=True, capture_output=True,
|
shell=True, text=True, capture_output=True,
|
||||||
input=f'put {tarfile}\nput config/version\n')
|
input=f'put {tar_file}\nput {version_file}\n')
|
||||||
if result.returncode == 0:
|
if result.returncode == 0:
|
||||||
nodes[node] = version
|
nodes[node] = version
|
||||||
db.write('nodes', nodes)
|
db.write('nodes', nodes)
|
||||||
|
|
Loading…
Reference in a new issue