CloudyScripts 0.0.10 → 0.0.11
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/Rakefile +1 -1
- data/lib/help/dm_crypt_helper.rb +0 -150
- metadata +2 -2
data/Rakefile
CHANGED
@@ -12,7 +12,7 @@ require 'rake/testtask'
|
|
12
12
|
|
13
13
|
spec = Gem::Specification.new do |s|
|
14
14
|
s.name = 'CloudyScripts'
|
15
|
-
s.version = '0.0.
|
15
|
+
s.version = '0.0.11'
|
16
16
|
s.has_rdoc = true
|
17
17
|
s.extra_rdoc_files = ['README.rdoc', 'LICENSE']
|
18
18
|
s.summary = 'Scripts to facilitate programming for infrastructure clouds.'
|
data/lib/help/dm_crypt_helper.rb
CHANGED
@@ -4,153 +4,6 @@ require 'help/remote_command_handler'
|
|
4
4
|
# (see #Scripts::EC2::DmEncrypt)
|
5
5
|
|
6
6
|
class DmCryptHelper < RemoteCommandHandler
|
7
|
-
|
8
|
-
# Encrypts the device and mounting it using dm-crypt tools. Uses LVM to
|
9
|
-
# work with virtual devices.
|
10
|
-
# Params
|
11
|
-
# * name: name of the virtual volume
|
12
|
-
# * password: paraphrase to be used for encryption
|
13
|
-
# * device: device to be encrypted
|
14
|
-
# * path: path to which the encrypted device is mounted
|
15
|
-
def encrypt_storage_lvm(name, password, device, path)
|
16
|
-
# first: check if a file in /dev/mapper exists
|
17
|
-
if file_exists?("/dev/mapper/dm-#{name}")
|
18
|
-
mapper_exists = true
|
19
|
-
else
|
20
|
-
mapper_exists = false
|
21
|
-
end
|
22
|
-
@logger.info "mapper exists = #{mapper_exists}"
|
23
|
-
exec_string = "cryptsetup create dm-#{name} #{device}"
|
24
|
-
if !mapper_exists
|
25
|
-
#mapper does not exist, create it
|
26
|
-
channel = @ssh_session.open_channel do |ch|
|
27
|
-
ch.send_data("#{password}\n")
|
28
|
-
@logger.debug "execute #{exec_string}"
|
29
|
-
ch.exec exec_string do |ch, success|
|
30
|
-
@logger.debug "success = #{success}"
|
31
|
-
if !success
|
32
|
-
err = "Failed during creation of encrypted partition"
|
33
|
-
#puts "#{err}: #{data}"
|
34
|
-
raise Exception.new(err)
|
35
|
-
end
|
36
|
-
end
|
37
|
-
end
|
38
|
-
channel.wait
|
39
|
-
end
|
40
|
-
# now mapper is created
|
41
|
-
# second: check if pvscan sucessful
|
42
|
-
pv_exists = false
|
43
|
-
@ssh_session.exec! "/sbin/pvscan" do |ch, stream, data|
|
44
|
-
if stream == :stdout
|
45
|
-
if data.include?("vg-#{name}")
|
46
|
-
pv_exists = true
|
47
|
-
else
|
48
|
-
pv_exists = false
|
49
|
-
end
|
50
|
-
end
|
51
|
-
end
|
52
|
-
if !pv_exists
|
53
|
-
exec_string = "pvcreate /dev/mapper/dm-#{name}"
|
54
|
-
@logger.info "pv does not exist - execute: #{exec_string}"
|
55
|
-
#private volume does not exist, create it
|
56
|
-
channel = @ssh_session.open_channel do |ch|
|
57
|
-
ch.send_data("y\n")
|
58
|
-
ch.exec exec_string do |ch, success|
|
59
|
-
@logger.debug "success = #{success}"
|
60
|
-
if !success
|
61
|
-
err = "Failed during creation of physical volume"
|
62
|
-
#puts "#{err}: #{data}"
|
63
|
-
raise Exception.new(err)
|
64
|
-
end
|
65
|
-
end
|
66
|
-
end
|
67
|
-
channel.wait
|
68
|
-
end
|
69
|
-
# third: check if vgscan successful
|
70
|
-
vg_exists = false
|
71
|
-
@ssh_session.exec! "/sbin/vgscan" do |ch, stream, data|
|
72
|
-
if stream == :stdout
|
73
|
-
if data.include?("vg-#{name}")
|
74
|
-
vg_exists = true
|
75
|
-
else
|
76
|
-
vg_exists = false
|
77
|
-
end
|
78
|
-
end
|
79
|
-
end
|
80
|
-
if !vg_exists
|
81
|
-
exec_string = "vgcreate vg-#{name} /dev/mapper/dm-#{name}"
|
82
|
-
@logger.info "vg_exists == false; execute #{exec_string}"
|
83
|
-
@ssh_session.exec! exec_string do |ch, stream, data|
|
84
|
-
if stream == :stderr && data != nil
|
85
|
-
err = "Failed during creation of volume group"
|
86
|
-
@logger.warn "#{err}: #{data}"
|
87
|
-
raise Exception.new(err)
|
88
|
-
end
|
89
|
-
end
|
90
|
-
#exec_string = "lvcreate -n lv-#{name} -L#{size_in_mb.to_s}M vg-#{name}"
|
91
|
-
exec_string = "lvcreate -n lv-#{name} -l100%FREE vg-#{name}"
|
92
|
-
@logger.info "execute #{exec_string}"
|
93
|
-
@ssh_session.exec! exec_string do |ch, stream, data|
|
94
|
-
if stream == :stderr && data != nil
|
95
|
-
err = "Failed during creation of logical volume"
|
96
|
-
@logger.debug "#{err}: #{data}"
|
97
|
-
raise Exception.new(err)
|
98
|
-
end
|
99
|
-
end
|
100
|
-
exec_string = "mkfs -t ext3 /dev/vg-#{name}/lv-#{name}" #TODO: use method in remote_command_handler
|
101
|
-
@logger.info "execute #{exec_string}"
|
102
|
-
@ssh_session.exec! exec_string #do |ch, stream, data|
|
103
|
-
#if stream == :stderr && data != nil
|
104
|
-
#err = "Failed during creation of file-system"
|
105
|
-
#puts "#{err}: #{data}"
|
106
|
-
#raise Exception.new(err)
|
107
|
-
#end
|
108
|
-
#end
|
109
|
-
if !file_exists?("/dev/vg-#{name}/lv-#{name}")
|
110
|
-
err = "Missing file: /dev/vg-#{name}/lv-#{name}"
|
111
|
-
raise Exception.new(err)
|
112
|
-
end
|
113
|
-
else
|
114
|
-
exec_string = "/sbin/vgchange -a y vg-#{name}"
|
115
|
-
@logger.info "vg_exists == true; execute #{exec_string}"
|
116
|
-
@ssh_session.exec! exec_string do |ch, stream, data| #TODO: the right size instead L2G!
|
117
|
-
if stream == :stderr && data != nil
|
118
|
-
err = "Failed during re-activation of volume group"
|
119
|
-
@logger.info "#{err}: #{data}"
|
120
|
-
raise Exception.new(err)
|
121
|
-
end
|
122
|
-
end
|
123
|
-
end
|
124
|
-
end
|
125
|
-
|
126
|
-
# Undo encryption for the volume specified by name and path
|
127
|
-
def undo_encryption_lvm(name, path)
|
128
|
-
exec_string = "umount #{path}"
|
129
|
-
@logger.debug "going to execute #{exec_string}"
|
130
|
-
@ssh_session.exec! exec_string do |ch, stream, data|
|
131
|
-
@logger.debug "returns #{data}"
|
132
|
-
end
|
133
|
-
exec_string = "lvremove --verbose vg-#{name} -f" #[with confirmation?]
|
134
|
-
@logger.debug "going to execute #{exec_string}"
|
135
|
-
@ssh_session.exec! exec_string do |ch, stream, data|
|
136
|
-
@logger.debug "returns #{data}"
|
137
|
-
end
|
138
|
-
exec_string = "vgremove vg-#{name}"
|
139
|
-
@logger.debug "going to execute #{exec_string}"
|
140
|
-
@ssh_session.exec! exec_string do |ch, stream, data|
|
141
|
-
@logger.debug "returns #{data}"
|
142
|
-
end
|
143
|
-
exec_string = "pvremove /dev/mapper/dm-#{name}"
|
144
|
-
@logger.debug "going to execute #{exec_string}"
|
145
|
-
@ssh_session.exec! exec_string do |ch, stream, data|
|
146
|
-
@logger.debug "returns #{data}"
|
147
|
-
end
|
148
|
-
exec_string = "cryptsetup remove dm-#{name}"
|
149
|
-
@logger.debug "going to execute #{exec_string}"
|
150
|
-
@ssh_session.exec! exec_string do |ch, stream, data|
|
151
|
-
@logger.debug "returns #{data}"
|
152
|
-
end
|
153
|
-
end
|
154
7
|
|
155
8
|
# Encrypts the device and mounting it using dm-crypt tools.
|
156
9
|
# Params
|
@@ -159,9 +12,6 @@ class DmCryptHelper < RemoteCommandHandler
|
|
159
12
|
# * device: device to be encrypted
|
160
13
|
# * path: path to which the encrypted device is mounted
|
161
14
|
def encrypt_storage(name, password, device, path)
|
162
|
-
if remote_execute("cryptsetup isLuks #{device}")
|
163
|
-
raise Exception.new("device #{device} is already a configured device")
|
164
|
-
end
|
165
15
|
if file_exists?(device)
|
166
16
|
if !file_exists?("/dev/mapper/#{name}")
|
167
17
|
@logger.debug("mapper device #{name} not yet existing")
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: CloudyScripts
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.11
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Matthias Jung
|
@@ -9,7 +9,7 @@ autorequire:
|
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
11
|
|
12
|
-
date: 2010-02-
|
12
|
+
date: 2010-02-08 00:00:00 +01:00
|
13
13
|
default_executable:
|
14
14
|
dependencies:
|
15
15
|
- !ruby/object:Gem::Dependency
|