git.rake revision 6f7e9c1bb73446dee89de2340a0806f5467d6bc4
4dce6aaa246a128bb68e0a7721b484ae48a157e6Eugen Kuksanamespace :git do
0f92c83be72626c93680facec849bb6ace681e2dEugen Kuksa def reconfigure_cp_keys(source_file)
0f92c83be72626c93680facec849bb6ace681e2dEugen Kuksa data_root = Ontohub::Application.config.data_root
b193b60354ad3bef7d3783b3bf676a5641362358Eugen Kuksa git_home = ENV['GIT_HOME']
0f92c83be72626c93680facec849bb6ace681e2dEugen Kuksa reconfigured_source = File.read(source_file).
0f92c83be72626c93680facec849bb6ace681e2dEugen Kuksa sub(/^#define DATA_ROOT .*$/, "#define DATA_ROOT \"#{data_root}\"").
0f92c83be72626c93680facec849bb6ace681e2dEugen Kuksa sub(/^#define GIT_HOME .*$/, "#define GIT_HOME \"#{git_home}\"")
0f92c83be72626c93680facec849bb6ace681e2dEugen Kuksa reconfigured_source_file = Tempfile.new(%w(cp_keys .c))
0f92c83be72626c93680facec849bb6ace681e2dEugen Kuksa reconfigured_source_file.write(reconfigured_source)
0f92c83be72626c93680facec849bb6ace681e2dEugen Kuksa puts "Copying #{source_file} to tempfile #{reconfigured_source_file.path}"
0f92c83be72626c93680facec849bb6ace681e2dEugen Kuksa puts "Reconfiguring DATA_ROOT in this tempfile to #{data_root}"
0f92c83be72626c93680facec849bb6ace681e2dEugen Kuksa puts "Reconfiguring GIT_HOME in this tempfile to #{git_home}"
0f92c83be72626c93680facec849bb6ace681e2dEugen Kuksa reconfigured_source_file
4dce6aaa246a128bb68e0a7721b484ae48a157e6Eugen Kuksa def compile_gcc(source_path, target_path)
4dce6aaa246a128bb68e0a7721b484ae48a157e6Eugen Kuksa command = ['gcc', source_path, '-o', target_path]
4dce6aaa246a128bb68e0a7721b484ae48a157e6Eugen Kuksa puts "Compiling #{target_path.split('/').last} with"
4dce6aaa246a128bb68e0a7721b484ae48a157e6Eugen Kuksa puts command.map { |c| c.match(/\s/) ? "'#{c}'" : c }.join(' ')
4dce6aaa246a128bb68e0a7721b484ae48a157e6Eugen Kuksa system(*command)
c4d7a0da5a4b9290095f82cc2af748d80ac035a1Eugen Kuksa def remove_symbols(target_path)
c4d7a0da5a4b9290095f82cc2af748d80ac035a1Eugen Kuksa command = ['strip', target_path]
c4d7a0da5a4b9290095f82cc2af748d80ac035a1Eugen Kuksa puts 'Removing symbols with'
c4d7a0da5a4b9290095f82cc2af748d80ac035a1Eugen Kuksa puts command.map { |c| c.match(/\s/) ? "'#{c}'" : c }.join(' ')
c4d7a0da5a4b9290095f82cc2af748d80ac035a1Eugen Kuksa system(*command)
c4d7a0da5a4b9290095f82cc2af748d80ac035a1Eugen Kuksa def set_permissions(mode, path, owner_group)
c4d7a0da5a4b9290095f82cc2af748d80ac035a1Eugen Kuksa command_chmod = ['chmod', mode, path]
c4d7a0da5a4b9290095f82cc2af748d80ac035a1Eugen Kuksa puts 'Changing owner with'
c4d7a0da5a4b9290095f82cc2af748d80ac035a1Eugen Kuksa puts command_chmod.map { |c| c.match(/\s/) ? "'#{c}'" : c }.join(' ')
c4d7a0da5a4b9290095f82cc2af748d80ac035a1Eugen Kuksa system(*command_chmod)
c4d7a0da5a4b9290095f82cc2af748d80ac035a1Eugen Kuksa puts "You need to manually set the owner/group of '#{path}' to #{owner_group}"
4dce6aaa246a128bb68e0a7721b484ae48a157e6Eugen Kuksa desc 'Compile cp_keys binary'
4dce6aaa246a128bb68e0a7721b484ae48a157e6Eugen Kuksa task :compile_cp_keys => :environment do
b193b60354ad3bef7d3783b3bf676a5641362358Eugen Kuksa unless ENV['GIT_HOME']
b193b60354ad3bef7d3783b3bf676a5641362358Eugen Kuksa $stderr.puts 'Please specify the environment variable GIT_HOME.'
b193b60354ad3bef7d3783b3bf676a5641362358Eugen Kuksa $stderr.puts "It must contain the absolute path to the git user's home."
4dce6aaa246a128bb68e0a7721b484ae48a157e6Eugen Kuksa source_file = Rails.root.join('script', 'cp_keys.c')
e24838dcf251e7011623d37ab97a23bb452befbfEugen Kuksa target_path = target_dir.join('cp_keys').to_s
0f92c83be72626c93680facec849bb6ace681e2dEugen Kuksa reconfigured_source_tempfile = reconfigure_cp_keys(source_file)
0f92c83be72626c93680facec849bb6ace681e2dEugen Kuksa compile_gcc(reconfigured_source_tempfile.path, target_path)
c4d7a0da5a4b9290095f82cc2af748d80ac035a1Eugen Kuksa remove_symbols(target_path)
c4d7a0da5a4b9290095f82cc2af748d80ac035a1Eugen Kuksa set_permissions('4500', target_path,
b3d093fdb6d89d331d581745a17be489b4bd8a06Eugen Kuksa 'the git user and the webserver-running group. Also, add '\
b3d093fdb6d89d331d581745a17be489b4bd8a06Eugen Kuksa 'execute-permissions for the webserver-running user with '\
b3d093fdb6d89d331d581745a17be489b4bd8a06Eugen Kuksa "ACLs, e.g.: setfacl -m u:ontohub:--x,m::rwx #{target_path}")
f6fd701c750b47c6c58a23b784d5b890317340a2Eugen Kuksa desc 'Create authorized_keys file and set its permissions'
f6fd701c750b47c6c58a23b784d5b890317340a2Eugen Kuksa task :prepare_authorized_keys => :environment do
6f7e9c1bb73446dee89de2340a0806f5467d6bc4Eugen Kuksa if !File.exists?(AuthorizedKeysManager.authorized_keys)
6f7e9c1bb73446dee89de2340a0806f5467d6bc4Eugen Kuksa puts "Creating the file #{AuthorizedKeysManager.authorized_keys}."
6f7e9c1bb73446dee89de2340a0806f5467d6bc4Eugen Kuksa FileUtils.touch(AuthorizedKeysManager.authorized_keys)
6f7e9c1bb73446dee89de2340a0806f5467d6bc4Eugen Kuksa set_permissions('0640', AuthorizedKeysManager.authorized_keys.to_s,
f6fd701c750b47c6c58a23b784d5b890317340a2Eugen Kuksa 'the webserver-running user.')