diff --git a/build/Makefile b/build/Makefile index dc8a11f..a83936e 100644 --- a/build/Makefile +++ b/build/Makefile @@ -3,6 +3,7 @@ MODE = minimal PROXY = $(shell ifconfig eth0 | grep 'inet addr:' | cut -d: -f2 | cut -d' ' -f1) TIMEZONE = Europe/London JOBS = 2 +CLEANUP = true ARGS = --rm=false --no-cache=false include $(wildcard $(DOCKER_HOME)/build/make/*.mk) diff --git a/build/boot/csync.sh b/build/boot/csync.sh index dd4d046..d61eef3 100644 --- a/build/boot/csync.sh +++ b/build/boot/csync.sh @@ -1,11 +1,18 @@ #!/bin/bash set -e + +# Config HOST_DIR=`dirname $CSYNC_CONFIG` CONTAINER_DIR=/usr/local/etc if [ ! -e $HOST_DIR/csync2.pem ]; then + mkdir -p $HOST_DIR csync2 -k $HOST_DIR/csync2.pem cp -f $CONTAINER_DIR/csync2* $HOST_DIR/ fi rm -r $CONTAINER_DIR ln -sf $HOST_DIR/ $CONTAINER_DIR -cp -f $HOST_DIR/csync2_$HOSTNAME.cfg $HOST_DIR/csync2.cfg \ No newline at end of file + +# Database +CONTAINER_DIR=/usr/local/var/lib/csync2 +rm -r $CONTAINER_DIR +ln -sf $CSYNC_DATABASE/ $CONTAINER_DIR \ No newline at end of file diff --git a/build/boot/lsync.sh b/build/boot/lsyncd.sh similarity index 95% rename from build/boot/lsync.sh rename to build/boot/lsyncd.sh index f263654..61246eb 100644 --- a/build/boot/lsync.sh +++ b/build/boot/lsyncd.sh @@ -70,7 +70,7 @@ initSync = { error("Missing 'syncid' parameter.", 4) end local c = "csync2_" .. config.syncid .. ".cfg" - local f, err = io.open("$CSYNC_CONFIG_DIR" .. c, "r") + local f, err = io.open("$CSYNC_CONFIG_DIR/" .. c, "r") if not f then error("Invalid 'syncid' parameter: " .. err, 4) end @@ -78,11 +78,13 @@ initSync = { end } local sources = { - -- change the node1 value with respective host - -- ["/home/website/public_html"] = "node1" + -- ["/host/srv/data"] = "default" } for key, value in pairs(sources) do sync {initSync, source=key, syncid=value} end EOF +fi +if [ ! -e $LSYNC_LOG ]; then + mkdir -p `dirname $LSYNC_LOG` fi \ No newline at end of file diff --git a/build/files/addr_aliases.c b/build/files/addr_aliases.c index 6230a08..9eeac59 100644 --- a/build/files/addr_aliases.c +++ b/build/files/addr_aliases.c @@ -8,6 +8,8 @@ #include #include +const char* filename = "/host/etc/addr_aliases"; + const char* getfield(char* line, int num) { char* tmp = strdup(line); const char* tok; @@ -22,23 +24,51 @@ const char* getfield(char* line, int num) { } int getaddrinfo(const char *node, const char *service, const struct addrinfo *hints, struct addrinfo **res) { - FILE* stream = fopen("/host/etc/addr_aliases", "r"); - char line[1024]; - while (fgets(line, 1024, stream)) { - const char* host_from = getfield(line, 0); - const char* port_from = getfield(line, 1); - const char* host_to = getfield(line, 2); - const char* port_to = getfield(line, 3); - if (strcmp(node, host_from) == 0 && strcmp(service, port_from) == 0) { - fprintf(stderr, "%s:%s => %s:%s\n", host_from, port_from, host_to, port_to); - node = host_to; - service = host_to; + FILE* stream = fopen(filename, "r"); + fprintf(stderr, "> %s:%s\n", node, service); + if (node) { + char noservice = 0; + if (!service) { + noservice = 1; + service = "0"; } + fprintf(stderr, "> %s:%s\n", node, service); + if (stream) { + char line[1024]; + while (fgets(line, 1024, stream)) { + const char* host_from = getfield(line, 0); + const char* port_from = getfield(line, 1); + const char* host_to = getfield(line, 2); + const char* port_to = getfield(line, 3); + if (strcmp(node, host_from) == 0 && strcmp(service, port_from) == 0) { + fprintf(stderr, "%s:%s => %s:%s\n", host_from, port_from, host_to, port_to); + node = strdup(host_to); + service = strdup(port_to); + } + } + } else { + fprintf(stderr, "Failed to open file: %s\n", filename); + } + if (noservice) { + service = NULL; + } + fprintf(stderr, "> %s:%s\n", node, service); } - if (res_init () < 0) { + if (res_init() < 0) { return EAI_SYSTEM; } else { int (*f)() = dlsym (RTLD_NEXT, "getaddrinfo"); return f(node, service, hints, res); } +} + +typedef union address { + struct sockaddr sa; + struct sockaddr_in sa_in; + struct sockaddr_in6 sa_in6; + struct sockaddr_storage ss; +} address_t; + +int verify_peername(const char *name, address_t *peeraddr) { + return 1; } \ No newline at end of file diff --git a/build/make/csync.mk b/build/make/csync.mk index 51295f2..8128037 100644 --- a/build/make/csync.mk +++ b/build/make/csync.mk @@ -1,7 +1,7 @@ csync: base sshd compile $(call aux,addr_aliases.c) $(call script,$@) - $(call runit,xinetd) + $(call runit,csync) $(call runit,lsyncd) $(call boot,02,$@) - $(call boot,02,lsync) + $(call boot,03,lsyncd) diff --git a/build/runit/csync b/build/runit/csync new file mode 100644 index 0000000..9d86238 --- /dev/null +++ b/build/runit/csync @@ -0,0 +1,3 @@ +#!/bin/bash +set -e +/usr/local/sbin/csync2 -iiv > $CSYNC_LOG \ No newline at end of file diff --git a/build/runit/xinetd b/build/runit/xinetd deleted file mode 100644 index 7519fb2..0000000 --- a/build/runit/xinetd +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash -set -e -/usr/sbin/xinetd -dontfork \ No newline at end of file diff --git a/build/scripts/csync.sh b/build/scripts/csync.sh index 7926e71..be6c269 100644 --- a/build/scripts/csync.sh +++ b/build/scripts/csync.sh @@ -1,10 +1,12 @@ ## Configuration export_env CSYNC_VERSION 2.0 export_env CSYNC_CONFIG /host/etc/csync/csync2.cfg +export_env CSYNC_DATABASE /host/var/lib/csync +export_env CSYNC_LOG /host/var/log/csync.log export_env LSYNC_CONFIG /host/etc/lsyncd.conf export_env LSYNC_LOG /host/var/log/lsyncd.log export_env LSYNC_STATUS /host/var/log/lsyncd_status.log -export_env HOSTALIASES /host/etc/host.aliases +export_env HOSTALIASES /host/etc/host_aliases ## Dependencies apt_install_permanent librsync-dev libsqlite3-dev libgnutls28-dev pkg-config @@ -15,6 +17,7 @@ wget http://oss.linbit.com/csync2/csync2-$CSYNC_VERSION.tar.gz tar xzvf csync2-$CSYNC_VERSION.tar.gz cd csync2-$CSYNC_VERSION ./configure +sed -i 's/\(verify_peername(\(const[^)]*\))\)/\1 {return 1;} int disabled(\2)/' daemon.c make make install make cert @@ -22,29 +25,11 @@ make cert ## Address aliases cd /opt mv /addr_aliases.c . -gcc -fPIC -shared -o addr_aliases.so addr_aliases.c +gcc -fPIC -shared -o addr_aliases.so addr_aliases.c -ldl mkdir -p /host/etc/ touch /host/etc/addr_aliases echo /opt/addr_aliases.so >> /etc/ld.so.preload -## Xinetd -apt_install_permanent xinetd - -## Configuration -cat << EOF > /etc/xinetd.d/csync2 -service csync2 -{ - disable = no - protocol = tcp - socket_type = stream - wait = no - user = root - server = /usr/local/sbin/csync2 - server_args = -i -} -EOF -echo "csync2 30865/tcp" >> /etc/services - ## Lsyncd dependencies apt_install_permanent lua5.2 liblua5.2-dev bash-completion diff --git a/build/scripts/sshd.sh b/build/scripts/sshd.sh index fd643ea..f3c347d 100644 --- a/build/scripts/sshd.sh +++ b/build/scripts/sshd.sh @@ -6,16 +6,18 @@ mkdir /var/run/sshd cd /opt AUTHORIZED_KEYS=/root/.ssh/authorized_keys DIR=`dirname "$AUTHORIZED_KEYS"` -mkdir -p "$DIR" -chmod 700 "$DIR" -chown root:root "$DIR" -pwd ssh-keygen -t rsa -N "" -f id_rsa -cat /opt/id_rsa.pub >> "$AUTHORIZED_KEYS" +mkdir -p $DIR +chmod 700 $DIR +cp /opt/id_rsa $DIR +cat /opt/id_rsa.pub >> $AUTHORIZED_KEYS ## X11 forwarding apt_install_permanent xauth +## Configuration +echo "ListenAddress 0.0.0.0" >> /etc/ssh/sshd_config + ## Setup environment -sed -i "1iexport HOME=/root" /root/.profile -sed -i "1isource /etc/container_environment.sh" /root/.profile +echo "export HOME=/root" >> /root/.profile +echo "source /etc/container_environment.sh" >> /root/.profile \ No newline at end of file