X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;ds=sidebyside;f=modules%2Froles%2Ffiles%2Fstatic-mirroring%2Fstatic-master-ssh-wrap;h=625d3d9b5df10229db79bf5637f68714f5784b8d;hb=c884c33d52f570673980578d2e43312004eda8ee;hp=2b2ddea7fdbb90825379844e7f7fe2e8ca9580d0;hpb=d6e20ea4c083d9978ad4c3e5eccaffa2e887698a;p=mirror%2Fdsa-puppet.git diff --git a/modules/roles/files/static-mirroring/static-master-ssh-wrap b/modules/roles/files/static-mirroring/static-master-ssh-wrap index 2b2ddea7f..625d3d9b5 100755 --- a/modules/roles/files/static-mirroring/static-master-ssh-wrap +++ b/modules/roles/files/static-mirroring/static-master-ssh-wrap @@ -26,6 +26,7 @@ set -u MYLOGNAME="`basename "$0"`[$$]" BASEDIR="/home/staticsync/static-master" +COMPONENTLIST=/etc/static-components.conf usage() { echo "local Usage: $0 " @@ -69,32 +70,19 @@ lock() { fi } -serve_dir() { - local remote_host="$1"; shift - local path="$1"; shift - - local sender='rsync --server --sender -vlogDtprze.iLsf . ' - - if [ -e "$path" ]; then - info "serving $remote_host with $path" - $sender "$path/" - else - info "$remote_host wants non-existing $path" - echo >&2 "$path does not exist." - exit 1 - fi -} - do_rsync() { local remote_host="$1"; shift - if [ "$*" = "--server --sender -vlogDtprze.iLsf . -new-/" ] ; then - serve_dir "$remote_host" "$BASEDIR/current-push" - elif [ "$*" = "--server --sender -vlogDtprze.iLsf . -live-/" ] ; then - local p="$BASEDIR/current-live" - info "host $remote_host wants $p, acquiring lock" - lock 200 "$p" 0 - serve_dir "$remote_host" "$p" + local args="--server --sender -vlHtrze.iLsf --safe-links ." + if [ "$*" = "$args -new-/" ] || [ "$*" = "$args ./-new-/" ] ; then + local path="$BASEDIR/current-push" + info "serving $remote_host with $path" + rsync $args "$path/." + elif [ "$*" = "$args . -live-/" ] || [ "$*" = "$args . ./-live-/" ] ; then + local path="$BASEDIR/current-live" + info "host $remote_host wants $path, acquiring lock" + lock 200 "$path" 0 + rsync $args "$path/." else info "NOT allowed for $remote_host: rsync $*" echo >&2 "This rsync command ($@) not allowed." @@ -109,15 +97,32 @@ do_update_component() { component="$1" shift - #if [ "$component" = "www.torproject.org" ] && [ "$remote_host" = "vescum.torproject.org" ]; then - # exec static-master-update-component "$component" - # echo >&2 "Exec failed" - # croak "exec failed" - #else + hit="$( + awk -v component="$component" -v host="$remote_host" ' + $1 == component { + if ($2 == host) { + print $3 + exit + } + split($4,extra,",") + for (i in extra) { + if (host == extra[i]) { + printf "%s:%s\n", $2, $3 + exit + } + } + exit + }' "$COMPONENTLIST" + )" + if [ -n "$hit" ]; then + exec static-master-update-component "$component" + echo >&2 "Exec failed" + croak "exec failed" + else info "Not whitelisted: $remote_host update $component" echo >&2 "Not whitelisted: $remote_host update $component" exit 1 - #fi + fi }