diff --git a/client/.gitignore b/client/.gitignore deleted file mode 100644 index 2cdfa72..0000000 --- a/client/.gitignore +++ /dev/null @@ -1 +0,0 @@ -flags diff --git a/client/fetch_and_update.sh b/client/fetch_and_update.sh index 0011327..b248fd4 100755 --- a/client/fetch_and_update.sh +++ b/client/fetch_and_update.sh @@ -1,15 +1,16 @@ -#!/bin/sh +#!/bin/bash set -ex BASE=$(dirname $0) -IMAGES=/isodevice/iconograph +IMAGES="/isodevice/iconograph" mkdir -p "${IMAGES}" -BOOT=/isodevice +BOOT="/isodevice" -FLAGS=$(cat ${BASE}/flags) +FLAGS="$(cat /icon/config/fetcher.flags)" +CA_CERT="/icon/config/ca.image.cert.pem" -${BASE}/fetcher.py --image-dir="${IMAGES}" --ca-cert=${BASE}/../config/ca.cert.pem ${FLAGS} -${BASE}/update_grub.py --image-dir="${IMAGES}" --boot-dir="${BOOT}" > ${BOOT}/grub/grub.cfg.tmp && mv ${BOOT}/grub/grub.cfg.tmp ${BOOT}/grub/grub.cfg +"${BASE}/fetcher.py" --image-dir="${IMAGES}" --ca-cert="${CA_CERT}" ${FLAGS} +"${BASE}/update_grub.py" --image-dir="${IMAGES}" --boot-dir="${BOOT}" > "${BOOT}/grub/grub.cfg.tmp" && mv "${BOOT}/grub/grub.cfg.tmp" "${BOOT}/grub/grub.cfg" diff --git a/server/modules/autoimage.py b/server/modules/autoimage.py index a91cd70..cb24ec0 100755 --- a/server/modules/autoimage.py +++ b/server/modules/autoimage.py @@ -65,21 +65,23 @@ def main(): '--assume-yes', 'git', 'grub-pc', 'python3-openssl', 'python3-requests') - ExecChroot( - 'git', - 'clone', - 'https://github.com/robot-tools/iconograph.git', - 'autoimage') + os.makedirs(os.path.join(FLAGS.chroot_path, 'icon', 'config'), exist_ok=True) + + if not os.path.exists(os.path.join(FLAGS.chroot_path, 'icon', 'iconograph')): + ExecChroot( + 'git', + 'clone', + 'https://github.com/robot-tools/iconograph.git', + 'icon/iconograph') - os.mkdir(os.path.join(FLAGS.chroot_path, 'autoimage', 'config')) shutil.copyfile( FLAGS.ca_cert, - os.path.join(FLAGS.chroot_path, 'autoimage', 'config', 'ca.cert.pem')) + os.path.join(FLAGS.chroot_path, 'icon', 'config', 'ca.image.cert.pem')) image_flags = [] if FLAGS.https_ca_cert: - https_ca_cert_path = os.path.join('autoimage', 'config', 'ca.https.cert.pem') + https_ca_cert_path = os.path.join('icon', 'config', 'ca.https.cert.pem') shutil.copyfile( FLAGS.https_ca_cert, os.path.join(FLAGS.chroot_path, https_ca_cert_path)) @@ -88,11 +90,11 @@ def main(): ]) if FLAGS.https_client_cert and FLAGS.https_client_key: - https_client_cert_path = os.path.join('autoimage', 'config', 'client.https.cert.pem') + https_client_cert_path = os.path.join('icon', 'config', 'client.https.cert.pem') shutil.copyfile( FLAGS.https_client_cert, os.path.join(FLAGS.chroot_path, https_client_cert_path)) - https_client_key_path = os.path.join('autoimage', 'config', 'client.https.key.pem') + https_client_key_path = os.path.join('icon', 'config', 'client.https.key.pem') shutil.copyfile( FLAGS.https_client_key, os.path.join(FLAGS.chroot_path, https_client_key_path)) @@ -114,9 +116,9 @@ start on runlevel [2345] script exec /dev/tty7 2>&1 chvt 7 - /autoimage/client/wait_for_service.py --host=%(host)s --service=%(service)s + /icon/iconograph/client/wait_for_service.py --host=%(host)s --service=%(service)s chvt 7 - /autoimage/imager/image.py --device=%(device)s --persistent-percent=%(persistent_percent)d --ca-cert=/autoimage/config/ca.cert.pem --base-url=%(base_url)s %(image_flags)s + /icon/iconograph/imager/image.py --device=%(device)s --persistent-percent=%(persistent_percent)d --ca-cert=/icon/config/ca.image.cert.pem --base-url=%(base_url)s %(image_flags)s chvt 7 echo @@ -124,7 +126,7 @@ script echo "autoimage complete" echo "==================" - /autoimage/client/alert.py --type=happy + /icon/iconograph/client/alert.py --type=happy end script """ % { 'host': parsed.hostname, diff --git a/server/modules/certclient.py b/server/modules/certclient.py index a0e1838..1e7a0a8 100755 --- a/server/modules/certclient.py +++ b/server/modules/certclient.py @@ -62,30 +62,32 @@ def main(): '--assume-yes', 'git', 'python3-requests', 'openssl') - ExecChroot( - 'git', - 'clone', - 'https://github.com/robot-tools/iconograph.git', - 'certclient-icon') + os.makedirs(os.path.join(FLAGS.chroot_path, 'icon', 'config'), exist_ok=True) - ExecChroot( - 'git', - 'clone', - 'https://github.com/robot-tools/certserver.git', - 'certserver') + if not os.path.exists(os.path.join(FLAGS.chroot_path, 'icon', 'iconograph')): + ExecChroot( + 'git', + 'clone', + 'https://github.com/robot-tools/iconograph.git', + 'icon/iconograph') - os.mkdir(os.path.join(FLAGS.chroot_path, 'certclient-icon', 'config')) + if not os.path.exists(os.path.join(FLAGS.chroot_path, 'icon', 'certserver')): + ExecChroot( + 'git', + 'clone', + 'https://github.com/robot-tools/certserver.git', + 'icon/certserver') - ca_cert_path = os.path.join('certclient-icon', 'config', 'ca.%s.certserver.cert.pem' % FLAGS.tag) + ca_cert_path = os.path.join('icon', 'config', 'ca.%s.certserver.cert.pem' % FLAGS.tag) shutil.copyfile( FLAGS.ca_cert, os.path.join(FLAGS.chroot_path, ca_cert_path)) - client_cert_path = os.path.join('certclient-icon', 'config', 'client.%s.certserver.cert.pem' % FLAGS.tag) + client_cert_path = os.path.join('icon', 'config', 'client.%s.certserver.cert.pem' % FLAGS.tag) shutil.copyfile( FLAGS.client_cert, os.path.join(FLAGS.chroot_path, client_cert_path)) - client_key_path = os.path.join('certclient-icon', 'config', 'client.%s.certserver.key.pem' % FLAGS.tag) + client_key_path = os.path.join('icon', 'config', 'client.%s.certserver.key.pem' % FLAGS.tag) shutil.copyfile( FLAGS.client_key, os.path.join(FLAGS.chroot_path, client_key_path)) @@ -110,9 +112,9 @@ script chmod 0400 "${KEY}" chvt 8 - /certclient-icon/client/wait_for_service.py --host=%(host)s --service=%(service)s + /icon/iconograph/client/wait_for_service.py --host=%(host)s --service=%(service)s chvt 8 - openssl req -new -key "${KEY}" -subj "${SUBJECT}" | /certserver/certclient.py --ca-cert=/certclient-icon/config/ca.%(tag)s.certserver.cert.pem --client-cert=/certclient-icon/config/client.%(tag)s.certserver.cert.pem --client-key=/certclient-icon/config/client.%(tag)s.certserver.key.pem --server=%(server)s > "${CERT}" + openssl req -new -key "${KEY}" -subj "${SUBJECT}" | /icon/certserver/certclient.py --ca-cert=/icon/config/ca.%(tag)s.certserver.cert.pem --client-cert=/icon/config/client.%(tag)s.certserver.cert.pem --client-key=/icon/config/client.%(tag)s.certserver.key.pem --server=%(server)s > "${CERT}" chmod 0444 "${CERT}" chvt 8 diff --git a/server/modules/iconograph.py b/server/modules/iconograph.py index 345e5e8..673c347 100755 --- a/server/modules/iconograph.py +++ b/server/modules/iconograph.py @@ -47,17 +47,20 @@ def main(): '--assume-yes', 'daemontools-run', 'git', 'python3-openssl') - ExecChroot( - 'git', - 'clone', - 'https://github.com/robot-tools/iconograph.git') + os.makedirs(os.path.join(FLAGS.chroot_path, 'icon', 'config'), exist_ok=True) + + if not os.path.exists(os.path.join(FLAGS.chroot_path, 'icon', 'iconograph')): + ExecChroot( + 'git', + 'clone', + 'https://github.com/robot-tools/iconograph.git', + 'icon/iconograph') - os.mkdir(os.path.join(FLAGS.chroot_path, 'iconograph', 'config')) shutil.copyfile( FLAGS.ca_cert, - os.path.join(FLAGS.chroot_path, 'iconograph', 'config', 'ca.cert.pem')) + os.path.join(FLAGS.chroot_path, 'icon', 'config', 'ca.image.cert.pem')) - path = os.path.join(FLAGS.chroot_path, 'iconograph', 'client', 'flags') + path = os.path.join(FLAGS.chroot_path, 'icon', 'config', 'fetcher.flags') with open(path, 'w') as fh: fh.write('--base-url=%(base_url)s --max-images=%(max_images)d\n' % { 'base_url': FLAGS.base_url, @@ -65,8 +68,8 @@ def main(): }) os.symlink( - '/iconograph/client', - os.path.join(FLAGS.chroot_path, 'etc', 'service', 'iconograph')) + '/icon/iconograph/client', + os.path.join(FLAGS.chroot_path, 'etc', 'service', 'iconograph-client')) if __name__ == '__main__':