CloudyScripts 0.0.10 → 0.0.11
Sign up to get free protection for your applications and to get access to all the features.
- data/Rakefile +1 -1
- data/lib/help/dm_crypt_helper.rb +0 -150
- metadata +2 -2
data/Rakefile
CHANGED
@@ -12,7 +12,7 @@ require 'rake/testtask'
|
|
12
12
|
|
13
13
|
spec = Gem::Specification.new do |s|
|
14
14
|
s.name = 'CloudyScripts'
|
15
|
-
s.version = '0.0.
|
15
|
+
s.version = '0.0.11'
|
16
16
|
s.has_rdoc = true
|
17
17
|
s.extra_rdoc_files = ['README.rdoc', 'LICENSE']
|
18
18
|
s.summary = 'Scripts to facilitate programming for infrastructure clouds.'
|
data/lib/help/dm_crypt_helper.rb
CHANGED
@@ -4,153 +4,6 @@ require 'help/remote_command_handler'
|
|
4
4
|
# (see #Scripts::EC2::DmEncrypt)
|
5
5
|
|
6
6
|
class DmCryptHelper < RemoteCommandHandler
|
7
|
-
|
8
|
-
# Encrypts the device and mounting it using dm-crypt tools. Uses LVM to
|
9
|
-
# work with virtual devices.
|
10
|
-
# Params
|
11
|
-
# * name: name of the virtual volume
|
12
|
-
# * password: paraphrase to be used for encryption
|
13
|
-
# * device: device to be encrypted
|
14
|
-
# * path: path to which the encrypted device is mounted
|
15
|
-
def encrypt_storage_lvm(name, password, device, path)
|
16
|
-
# first: check if a file in /dev/mapper exists
|
17
|
-
if file_exists?("/dev/mapper/dm-#{name}")
|
18
|
-
mapper_exists = true
|
19
|
-
else
|
20
|
-
mapper_exists = false
|
21
|
-
end
|
22
|
-
@logger.info "mapper exists = #{mapper_exists}"
|
23
|
-
exec_string = "cryptsetup create dm-#{name} #{device}"
|
24
|
-
if !mapper_exists
|
25
|
-
#mapper does not exist, create it
|
26
|
-
channel = @ssh_session.open_channel do |ch|
|
27
|
-
ch.send_data("#{password}\n")
|
28
|
-
@logger.debug "execute #{exec_string}"
|
29
|
-
ch.exec exec_string do |ch, success|
|
30
|
-
@logger.debug "success = #{success}"
|
31
|
-
if !success
|
32
|
-
err = "Failed during creation of encrypted partition"
|
33
|
-
#puts "#{err}: #{data}"
|
34
|
-
raise Exception.new(err)
|
35
|
-
end
|
36
|
-
end
|
37
|
-
end
|
38
|
-
channel.wait
|
39
|
-
end
|
40
|
-
# now mapper is created
|
41
|
-
# second: check if pvscan sucessful
|
42
|
-
pv_exists = false
|
43
|
-
@ssh_session.exec! "/sbin/pvscan" do |ch, stream, data|
|
44
|
-
if stream == :stdout
|
45
|
-
if data.include?("vg-#{name}")
|
46
|
-
pv_exists = true
|
47
|
-
else
|
48
|
-
pv_exists = false
|
49
|
-
end
|
50
|
-
end
|
51
|
-
end
|
52
|
-
if !pv_exists
|
53
|
-
exec_string = "pvcreate /dev/mapper/dm-#{name}"
|
54
|
-
@logger.info "pv does not exist - execute: #{exec_string}"
|
55
|
-
#private volume does not exist, create it
|
56
|
-
channel = @ssh_session.open_channel do |ch|
|
57
|
-
ch.send_data("y\n")
|
58
|
-
ch.exec exec_string do |ch, success|
|
59
|
-
@logger.debug "success = #{success}"
|
60
|
-
if !success
|
61
|
-
err = "Failed during creation of physical volume"
|
62
|
-
#puts "#{err}: #{data}"
|
63
|
-
raise Exception.new(err)
|
64
|
-
end
|
65
|
-
end
|
66
|
-
end
|
67
|
-
channel.wait
|
68
|
-
end
|
69
|
-
# third: check if vgscan successful
|
70
|
-
vg_exists = false
|
71
|
-
@ssh_session.exec! "/sbin/vgscan" do |ch, stream, data|
|
72
|
-
if stream == :stdout
|
73
|
-
if data.include?("vg-#{name}")
|
74
|
-
vg_exists = true
|
75
|
-
else
|
76
|
-
vg_exists = false
|
77
|
-
end
|
78
|
-
end
|
79
|
-
end
|
80
|
-
if !vg_exists
|
81
|
-
exec_string = "vgcreate vg-#{name} /dev/mapper/dm-#{name}"
|
82
|
-
@logger.info "vg_exists == false; execute #{exec_string}"
|
83
|
-
@ssh_session.exec! exec_string do |ch, stream, data|
|
84
|
-
if stream == :stderr && data != nil
|
85
|
-
err = "Failed during creation of volume group"
|
86
|
-
@logger.warn "#{err}: #{data}"
|
87
|
-
raise Exception.new(err)
|
88
|
-
end
|
89
|
-
end
|
90
|
-
#exec_string = "lvcreate -n lv-#{name} -L#{size_in_mb.to_s}M vg-#{name}"
|
91
|
-
exec_string = "lvcreate -n lv-#{name} -l100%FREE vg-#{name}"
|
92
|
-
@logger.info "execute #{exec_string}"
|
93
|
-
@ssh_session.exec! exec_string do |ch, stream, data|
|
94
|
-
if stream == :stderr && data != nil
|
95
|
-
err = "Failed during creation of logical volume"
|
96
|
-
@logger.debug "#{err}: #{data}"
|
97
|
-
raise Exception.new(err)
|
98
|
-
end
|
99
|
-
end
|
100
|
-
exec_string = "mkfs -t ext3 /dev/vg-#{name}/lv-#{name}" #TODO: use method in remote_command_handler
|
101
|
-
@logger.info "execute #{exec_string}"
|
102
|
-
@ssh_session.exec! exec_string #do |ch, stream, data|
|
103
|
-
#if stream == :stderr && data != nil
|
104
|
-
#err = "Failed during creation of file-system"
|
105
|
-
#puts "#{err}: #{data}"
|
106
|
-
#raise Exception.new(err)
|
107
|
-
#end
|
108
|
-
#end
|
109
|
-
if !file_exists?("/dev/vg-#{name}/lv-#{name}")
|
110
|
-
err = "Missing file: /dev/vg-#{name}/lv-#{name}"
|
111
|
-
raise Exception.new(err)
|
112
|
-
end
|
113
|
-
else
|
114
|
-
exec_string = "/sbin/vgchange -a y vg-#{name}"
|
115
|
-
@logger.info "vg_exists == true; execute #{exec_string}"
|
116
|
-
@ssh_session.exec! exec_string do |ch, stream, data| #TODO: the right size instead L2G!
|
117
|
-
if stream == :stderr && data != nil
|
118
|
-
err = "Failed during re-activation of volume group"
|
119
|
-
@logger.info "#{err}: #{data}"
|
120
|
-
raise Exception.new(err)
|
121
|
-
end
|
122
|
-
end
|
123
|
-
end
|
124
|
-
end
|
125
|
-
|
126
|
-
# Undo encryption for the volume specified by name and path
|
127
|
-
def undo_encryption_lvm(name, path)
|
128
|
-
exec_string = "umount #{path}"
|
129
|
-
@logger.debug "going to execute #{exec_string}"
|
130
|
-
@ssh_session.exec! exec_string do |ch, stream, data|
|
131
|
-
@logger.debug "returns #{data}"
|
132
|
-
end
|
133
|
-
exec_string = "lvremove --verbose vg-#{name} -f" #[with confirmation?]
|
134
|
-
@logger.debug "going to execute #{exec_string}"
|
135
|
-
@ssh_session.exec! exec_string do |ch, stream, data|
|
136
|
-
@logger.debug "returns #{data}"
|
137
|
-
end
|
138
|
-
exec_string = "vgremove vg-#{name}"
|
139
|
-
@logger.debug "going to execute #{exec_string}"
|
140
|
-
@ssh_session.exec! exec_string do |ch, stream, data|
|
141
|
-
@logger.debug "returns #{data}"
|
142
|
-
end
|
143
|
-
exec_string = "pvremove /dev/mapper/dm-#{name}"
|
144
|
-
@logger.debug "going to execute #{exec_string}"
|
145
|
-
@ssh_session.exec! exec_string do |ch, stream, data|
|
146
|
-
@logger.debug "returns #{data}"
|
147
|
-
end
|
148
|
-
exec_string = "cryptsetup remove dm-#{name}"
|
149
|
-
@logger.debug "going to execute #{exec_string}"
|
150
|
-
@ssh_session.exec! exec_string do |ch, stream, data|
|
151
|
-
@logger.debug "returns #{data}"
|
152
|
-
end
|
153
|
-
end
|
154
7
|
|
155
8
|
# Encrypts the device and mounting it using dm-crypt tools.
|
156
9
|
# Params
|
@@ -159,9 +12,6 @@ class DmCryptHelper < RemoteCommandHandler
|
|
159
12
|
# * device: device to be encrypted
|
160
13
|
# * path: path to which the encrypted device is mounted
|
161
14
|
def encrypt_storage(name, password, device, path)
|
162
|
-
if remote_execute("cryptsetup isLuks #{device}")
|
163
|
-
raise Exception.new("device #{device} is already a configured device")
|
164
|
-
end
|
165
15
|
if file_exists?(device)
|
166
16
|
if !file_exists?("/dev/mapper/#{name}")
|
167
17
|
@logger.debug("mapper device #{name} not yet existing")
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: CloudyScripts
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.11
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Matthias Jung
|
@@ -9,7 +9,7 @@ autorequire:
|
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
11
|
|
12
|
-
date: 2010-02-
|
12
|
+
date: 2010-02-08 00:00:00 +01:00
|
13
13
|
default_executable:
|
14
14
|
dependencies:
|
15
15
|
- !ruby/object:Gem::Dependency
|