simonmenke-shuttle 0.1.07

data/lib/shuttle/server/security.rb

@@ -0,0 +1,113 @@
+
+module Shuttle
+  class Server
+    module Security # :nodoc:
+      
+      def self.included(base)
+        base.extend Shuttle::Server::Security::ClassMethods
+      end
+      
+      module ClassMethods
+        
+        def options_for_server
+          
+          config = {}
+          if Shuttle.system.use_ssl?
+            install_quick_cert!
+            dump_quick_cert_config!
+            run_quick_cert!
+            
+            keypair = Shuttle.system.path('quick_cert', 'shuttle', 'shuttle_keypair.pem')
+            cert    = Shuttle.system.path('quick_cert', 'shuttle', 'cert_shuttle.pem')
+            
+            config = {
+              :SSLPrivateKey  => OpenSSL::PKey::RSA.new(File.read(keypair)),
+              :SSLCertificate => OpenSSL::X509::Certificate.new(File.read(cert)),
+              :SSLVerifyMode  => OpenSSL::SSL::VERIFY_PEER | OpenSSL::SSL::VERIFY_FAIL_IF_NO_PEER_CERT,
+              :SSLCACertificateFile => Shuttle.system.path('quick_cert', 'CA', 'cacert.pem')
+            }
+          end
+          
+          config
+        end
+        
+        def install_quick_cert!
+          unless Shuttle.system.find_bin('QuickCert')
+            FileUtils.mkdir_p('/tmp/quick_cert')
+            File.chmod(0700, '/tmp/quick_cert')
+            
+            Dir.chdir('/tmp/quick_cert') do
+              Shuttle.system.run "curl -O #{Shuttle::QUICK_CERT}"
+              Shuttle.system.run "tar xzf QuickCert-1.0.2.tar.gz"
+              
+              Dir.chdir('/tmp/quick_cert/QuickCert-1.0.2') do
+                Shuttle.system.run "#{Shuttle.system.ruby_path} ./setup.rb config"
+                Shuttle.system.run "#{Shuttle.system.ruby_path} ./setup.rb setup"
+                Shuttle.system.run "#{Shuttle.system.ruby_path} ./setup.rb install"
+              end
+            end
+            
+            FileUtils.rm_rf('/tmp/quick_cert')
+          end
+        end
+        
+        def dump_quick_cert_config!
+          return if File.file? Shuttle.system.path('quick_cert', 'qc_config')
+          
+          config = %{
+full_hostname = `hostname`.strip
+domainname = full_hostname.split('.')[1..-1].join('.')
+hostname = full_hostname.split('.')[0]
+
+CA[:hostname] = hostname
+CA[:domainname] = domainname
+CA[:CA_dir] = File.join Dir.pwd, "CA"
+CA[:password] = '#{rand(100_000)}'
+
+CERTS << {
+:type => 'server',
+:hostname => 'shuttle',
+# :password => '#{rand(100_000)}',
+}
+
+CERTS << {
+:type => 'client',
+:user => 'core',
+:email => 'core@mrhenry.be',
+}
+}
+          FileUtils.mkdir_p(Shuttle.system.path('quick_cert'))
+          File.chmod(0700, Shuttle.system.path('quick_cert'))
+          File.open(Shuttle.system.path('quick_cert', 'qc_config'), 'w+') { |f| f.write config }
+        end
+        
+        def run_quick_cert!
+          return if File.directory? Shuttle.system.path('quick_cert', 'CA')
+          
+          Dir.chdir(Shuttle.system.path('quick_cert')) do
+            Shuttle.system.run Shuttle.system.find_bin('QuickCert')
+          end
+        end
+        
+        def make_client_cert_public!
+          token = nil
+          if Shuttle.system.use_ssl?
+            token = Shuttle::Client::AuthToken.new(
+              :target_uri => self.construct_uri(DRb.uri),
+              :verify_mode => OpenSSL::SSL::VERIFY_PEER,
+              :private_key_data => File.read(Shuttle.system.path('quick_cert', 'core', 'core_keypair.pem')),
+              :certificate_data => File.read(Shuttle.system.path('quick_cert', 'core', 'cert_core.pem')),
+              :ca_certificate_data => File.read(Shuttle.system.path('quick_cert', 'CA', 'cacert.pem'))
+            )
+          else
+            token = Shuttle::Client::AuthToken.new(
+              :target_uri => self.construct_uri(DRb.uri))
+          end
+          token.dump_file(Shuttle.system.path('core.token'))
+          FileUtils.chmod_R(0775, Shuttle.system.path('core.token'))
+        end
+        
+      end
+    end
+  end
+end

data/lib/shuttle/server.rb

@@ -0,0 +1,113 @@
+require 'drb'
+require 'drb/ssl'
+require 'simple-daemon'
+
+module Shuttle
+  
+  # the Server is supposed to be a simple DRb interface to the System.
+  class Server < SimpleDaemon::Base
+    include DRbUndumped
+    
+    autoload :Proxy,    File.dirname(__FILE__)+'/server/proxy'
+    autoload :Daemon,   File.dirname(__FILE__)+'/server/daemon'
+    autoload :Security, File.dirname(__FILE__)+'/server/security'
+    
+    include Shuttle::Server::Daemon
+    include Shuttle::Server::Security
+    
+    def self.shared
+      @shared ||= new
+    end
+    
+    def self.proxy
+      @proxy ||= Shuttle::Server::Proxy.new(self.shared)
+    end
+    
+    def stop_server
+      Shuttle.log "stopping the server..."
+      Thread.new { sleep(1) and exit(Shuttle::STOP_STATUS) }
+    end
+    
+    def restart_server
+      Shuttle.log "restarting the server..."
+      Thread.new { sleep(1) and exit(Shuttle::RESTART_STATUS) }
+    end
+    
+    def reload_server
+      Shuttle.log "reloading the server..."
+      Thread.new { sleep(1) and exit(Shuttle::RELOAD_STATUS) }
+    end
+    
+    def server_version
+      Shuttle.version
+    end
+    
+    def update_server
+      if Shuttle.system.gem_update('shuttle', :user => 'root')
+        reload_server
+      end
+    end
+    
+    def install_satellite(domain)
+      Shuttle.system.install_satellite(domain)
+    end
+    
+    def uninstall_satellite(domain)
+      satellite = Shuttle.system.find_satellite(domain)
+      if satellite
+        Shuttle.system.uninstall_satellite(satellite)
+      else
+        Shuttle.log "Satellite not found (#{domain})"
+      end
+    end
+    
+    def install_engine(domain, name, options={})
+      satellite = Shuttle.system.find_satellite(domain)
+      if satellite
+        Shuttle.system.install_engine(satellite, name, options)
+      else
+        Shuttle.log "Satellite not found (#{domain})"
+      end
+    end
+    
+    def update_engine(domain, name, options={})
+      satellite = Shuttle.system.find_satellite(domain)
+      if satellite
+        Shuttle.system.update_engine(satellite, name, options)
+      else
+        Shuttle.log "Satellite not found (#{domain})"
+      end
+    end
+    
+    def uninstall_engine(domain, name)
+      satellite = Shuttle.system.find_satellite(domain)
+      if satellite
+        Shuttle.system.uninstall_engine(satellite, name)
+      else
+        Shuttle.log "Satellite not found (#{domain})"
+      end
+    end
+    
+    def satellites
+      Shuttle.system.satellites
+    end
+    
+    def queued_jobs
+      queued_jobs = []
+      Shuttle.system.queue.each do |job, canceled, immediated|
+        job_delay = job.delay
+        queued_jobs.push([job.id, job.name, canceled, immediated, job.running?, job.waiting?, job_delay])
+      end
+      queued_jobs
+    end
+    
+    def cancel_job(id)
+      Shuttle.system.queue.cancel(id)
+    end
+    
+    def immediate_job(id)
+      Shuttle.system.queue.immediate(id)
+    end
+    
+  end
+end

data/lib/shuttle/system/config.rb

@@ -0,0 +1,36 @@
+
+module Shuttle
+  class System
+    module Config
+      
+      def use_development!
+        environment { 'development' }
+      end
+      
+      def development?
+        environment == 'development'
+      end
+      
+      def use_production!
+        environment { 'production' }
+      end
+      
+      def production?
+        environment == 'production'
+      end
+      
+      def environment(&block)
+        option(:environment, block) { |s,v| v or 'production' }
+      end
+      
+      def use_ssl!
+        option(:use_ssl, lambda { true })
+      end
+      
+      def use_ssl?
+        option(:use_ssl, nil)
+      end
+      
+    end
+  end
+end

data/lib/shuttle/system/helper.rb

@@ -0,0 +1,21 @@
+
+module Shuttle
+  class System
+    module Helper
+      
+      def use(actor)
+        actor_klass  = (Shuttle::Actors.const_get(actor) rescue nil)
+        raise "Actor not found! (#{actor})" unless actor_klass
+        
+        actor_helper = (actor_klass.const_get('Helper') rescue nil)
+        extend actor_helper if actor_helper
+        
+        actor_config = (actor_klass.const_get('Config') rescue nil)
+        extend actor_config if actor_config
+        
+        @actors.push(actor_klass)
+      end
+      
+    end
+  end
+end

data/lib/shuttle/system/options.rb

@@ -0,0 +1,79 @@
+
+module Shuttle
+  class System
+    module Options
+      
+      def option(name, proc, &handler)
+        if proc
+          @option_descriptors.push({
+            :name => name.to_sym,
+            :proc => proc,
+            :handler => handler
+          })
+        else
+          if handler && !@options.key?(name.to_sym)
+            @options[name.to_sym] = handler.call(nil)
+          end
+          @options[name.to_sym]
+        end
+      end
+      
+      def satellite_option(name, proc, &handler)
+        if proc
+          @satellite_option_descriptors.push({
+            :name => name.to_sym,
+            :proc => proc,
+            :handler => handler
+          })
+        else
+          if handler && !@satellite_options.key?(name.to_sym)
+            @satellite_options[name.to_sym] = handler.call(@current_satellite, nil)
+          end
+          @satellite_options[name.to_sym]
+        end
+      end
+      
+      def set_satellite_option(name, value)
+        @satellite_options[name.to_sym] = value
+      end
+      
+      def resolve_options_with(satellite)
+        @current_satellite = satellite
+        resolve_options!
+        
+        result = yield
+        
+        @current_satellite = nil
+        resolve_options!
+        
+        result
+      end
+      
+      def resolve_options!
+        resolve_options_for_system!
+        resolve_options_for_satellite!
+      end
+      
+      def resolve_options_for_system!
+        @options = {}
+        @option_descriptors.each do |option|
+          value = option[:proc].call           if option[:proc]
+          value = option[:handler].call(value) if option[:handler]
+          @options[option[:name]] = value
+        end
+      end
+      
+      def resolve_options_for_satellite!
+        @satellite_options = {}
+        if @current_satellite
+          @satellite_option_descriptors.each do |option|
+            value = option[:proc].call(@current_satellite)           if option[:proc]
+            value = option[:handler].call(@current_satellite, value) if option[:handler]
+            @satellite_options[option[:name]] = value
+          end
+        end
+      end
+      
+    end
+  end
+end

data/lib/shuttle/system/process_user.rb

@@ -0,0 +1,75 @@
+
+autoload :Etc, 'etc'
+
+module Shuttle
+  class System
+    module ProcessUser
+      
+      # get the uid for a user name
+      def get_uid(username)
+        return username if Numeric === username
+        Etc.getpwnam(username).uid
+      end
+      
+      # get the gid for a group name
+      def get_gid(groupname)
+        return groupname if Numeric === groupname
+        Etc.getgrnam(groupname).gid
+      end
+      
+      # get the user name for a uid (or the current process user)
+      def get_user_name(uid=Process.uid)
+        return uid if String === uid
+        Etc.getpwuid(uid).name
+      end
+      
+      # get the group name for a gid (or the current process group)
+      def get_group_name(gid=Process.gid)
+        return gid if String === gid
+        Etc.getgrgid(gid).name
+      end
+      
+      # is this process running as this user?
+      def is_user(username)
+        uid = get_uid(username)
+        Process.euid == uid and Process.uid == uid
+      end
+      
+      # is this process running as this group?
+      def is_group(groupname)
+        gid = get_gid(groupname)
+        Process.egid == gid and Process.gid == gid
+      end
+      
+      # switch this user to the specified user and group
+      def switch_to_user(username, groupname=nil)
+        different_uid = (Process.euid != get_uid(username))
+        different_gid = (Process.egid != get_gid(groupname)) if groupname
+        
+        if groupname and different_gid
+          Process.gid = Process.egid = get_gid(groupname)
+        end
+        
+        if different_uid
+          Process.uid = Process.euid = get_uid(username)
+        end
+      end
+      
+      # run the passed block as the specified user and group
+      def as_user(username, groupname=nil, &block)
+        euid = Process.euid
+        egid = Process.egid
+        
+        value = nil
+        begin
+          switch_to_user(username, groupname)
+          value = block.call
+        ensure
+          switch_to_user(euid, egid)
+        end
+        value
+      end
+      
+    end
+  end
+end

data/lib/shuttle/system/satellites.rb

@@ -0,0 +1,44 @@
+
+module Shuttle
+  class System
+    module Satellites
+      
+      def satellites_hash
+        @satellites || load_satellites
+      end
+      
+      def satellites
+        satellites_hash.values
+      end
+      
+      def find_satellite(domain)
+        satellites_hash[domain]
+      end
+      
+      def save_satellite!(satellite)
+        satellites_hash[satellite.domain] = satellite
+        satellite.dump_file(self.path('satellites', "#{satellite.domain}.yml"))
+      end
+      
+      def destroy_satellite!(satellite)
+        satellites_hash.delete(satellite.domain)
+        FileUtils.rm_f(self.path('satellites', "#{satellite.domain}.yml"))
+      end
+      
+      private
+      
+      def load_satellites
+        @satellites = {}
+        
+        FileUtils.mkdir_p(self.path('satellites'))
+        Dir.glob(self.path('satellites', '*.yml')).each do |yml|
+          satellite = Shuttle::Satellite.load_file(yml)
+          @satellites[satellite.domain] = satellite
+        end
+        
+        @satellites
+      end
+      
+    end
+  end
+end

data/lib/shuttle/system/shell.rb

@@ -0,0 +1,80 @@
+
+module Shuttle
+  class System
+    module Shell
+      
+      def run(cmd)
+        as_user 'root', 'wheel' do
+          Shuttle.log "[#{get_user_name}]> "+cmd
+          cmd = "bash -l -c #{cmd.inspect}"
+          output = %x[#{cmd} 2>&1]
+          Shuttle.log output if development?
+          output
+        end
+      end
+      
+      def user_run(username, cmd)
+        as_user 'root', 'wheel' do
+          Shuttle.log "[#{username}]> "+cmd
+          cmd = "su #{username} -l -c #{cmd.inspect}"
+          output = %x[#{cmd} 2>&1]
+          Shuttle.log output if development?
+          output
+        end
+      end
+      
+      def popen(cmd, *args, &block)
+        as_user 'root', 'wheel' do
+          Shuttle.log cmd
+          cmd = "bash -l -c #{cmd.inspect}"
+          IO.popen(cmd, *args, &block)
+        end
+      end
+      
+      def user_popen(username, cmd, *args, &block)
+        as_user 'root', 'wheel' do
+          Shuttle.log cmd
+          cmd = "su #{username} -l -c #{cmd.inspect}"
+          IO.popen(cmd, *args, &block)
+        end
+      end
+      
+      def find_bin(*names)
+        names = names.flatten.compact.uniq
+        unless names.empty?
+          names = names.join(' ')
+          popen("which #{names}", 'r') do |f|
+            
+            until f.eof?
+              path = f.readline
+              next unless path
+              path = path.strip
+              next if path =~ /(Last login)|(You have new)|(Using ruby)/
+              return path
+            end
+            
+          end
+        end
+      end
+      
+      def user_find_bin(username, *names)
+        names = names.flatten.compact.uniq
+        unless names.empty?
+          names = names.join(' ')
+          user_popen(username, "which #{names}", 'r') do |f|
+            
+            until f.eof?
+              path = f.readline
+              next unless path
+              path = path.strip
+              next if path =~ /(Last login)|(You have new)|(Using ruby)/
+              return path
+            end
+            
+          end
+        end
+      end
+      
+    end
+  end
+end