git.rake revision b3d093fdb6d89d331d581745a17be489b4bd8a06
4dce6aaa246a128bb68e0a7721b484ae48a157e6Eugen Kuksanamespace :git do
0f92c83be72626c93680facec849bb6ace681e2dEugen Kuksa def reconfigure_cp_keys(source_file)
0f92c83be72626c93680facec849bb6ace681e2dEugen Kuksa data_root = Ontohub::Application.config.data_root
0f92c83be72626c93680facec849bb6ace681e2dEugen Kuksa git_home = Ontohub::Application.config.git_home
0f92c83be72626c93680facec849bb6ace681e2dEugen Kuksa reconfigured_source = File.read(source_file).
0f92c83be72626c93680facec849bb6ace681e2dEugen Kuksa sub(/^#define DATA_ROOT .*$/, "#define DATA_ROOT \"#{data_root}\"").
0f92c83be72626c93680facec849bb6ace681e2dEugen Kuksa sub(/^#define GIT_HOME .*$/, "#define GIT_HOME \"#{git_home}\"")
0f92c83be72626c93680facec849bb6ace681e2dEugen Kuksa reconfigured_source_file = Tempfile.new(%w(cp_keys .c))
0f92c83be72626c93680facec849bb6ace681e2dEugen Kuksa reconfigured_source_file.write(reconfigured_source)
0f92c83be72626c93680facec849bb6ace681e2dEugen Kuksa puts "Copying #{source_file} to tempfile #{reconfigured_source_file.path}"
0f92c83be72626c93680facec849bb6ace681e2dEugen Kuksa puts "Reconfiguring DATA_ROOT in this tempfile to #{data_root}"
0f92c83be72626c93680facec849bb6ace681e2dEugen Kuksa puts "Reconfiguring GIT_HOME in this tempfile to #{git_home}"
0f92c83be72626c93680facec849bb6ace681e2dEugen Kuksa reconfigured_source_file
4dce6aaa246a128bb68e0a7721b484ae48a157e6Eugen Kuksa def compile_gcc(source_path, target_path)
4dce6aaa246a128bb68e0a7721b484ae48a157e6Eugen Kuksa command = ['gcc', source_path, '-o', target_path]
4dce6aaa246a128bb68e0a7721b484ae48a157e6Eugen Kuksa puts "Compiling #{target_path.split('/').last} with"
4dce6aaa246a128bb68e0a7721b484ae48a157e6Eugen Kuksa puts command.map { |c| c.match(/\s/) ? "'#{c}'" : c }.join(' ')
4dce6aaa246a128bb68e0a7721b484ae48a157e6Eugen Kuksa system(*command)
c4d7a0da5a4b9290095f82cc2af748d80ac035a1Eugen Kuksa def remove_symbols(target_path)
c4d7a0da5a4b9290095f82cc2af748d80ac035a1Eugen Kuksa command = ['strip', target_path]
c4d7a0da5a4b9290095f82cc2af748d80ac035a1Eugen Kuksa puts 'Removing symbols with'
c4d7a0da5a4b9290095f82cc2af748d80ac035a1Eugen Kuksa puts command.map { |c| c.match(/\s/) ? "'#{c}'" : c }.join(' ')
c4d7a0da5a4b9290095f82cc2af748d80ac035a1Eugen Kuksa system(*command)
c4d7a0da5a4b9290095f82cc2af748d80ac035a1Eugen Kuksa def set_permissions(mode, path, owner_group)
c4d7a0da5a4b9290095f82cc2af748d80ac035a1Eugen Kuksa command_chmod = ['chmod', mode, path]
c4d7a0da5a4b9290095f82cc2af748d80ac035a1Eugen Kuksa puts 'Changing owner with'
c4d7a0da5a4b9290095f82cc2af748d80ac035a1Eugen Kuksa puts command_chmod.map { |c| c.match(/\s/) ? "'#{c}'" : c }.join(' ')
c4d7a0da5a4b9290095f82cc2af748d80ac035a1Eugen Kuksa system(*command_chmod)
c4d7a0da5a4b9290095f82cc2af748d80ac035a1Eugen Kuksa puts "You need to manually set the owner/group of '#{path}' to #{owner_group}"
4dce6aaa246a128bb68e0a7721b484ae48a157e6Eugen Kuksa desc 'Compile cp_keys binary'
4dce6aaa246a128bb68e0a7721b484ae48a157e6Eugen Kuksa task :compile_cp_keys => :environment do
4dce6aaa246a128bb68e0a7721b484ae48a157e6Eugen Kuksa source_file = Rails.root.join('script', 'cp_keys.c')
4dce6aaa246a128bb68e0a7721b484ae48a157e6Eugen Kuksa target_path = Rails.root.join('bin', 'cp_keys').to_s
0f92c83be72626c93680facec849bb6ace681e2dEugen Kuksa reconfigured_source_tempfile = reconfigure_cp_keys(source_file)
0f92c83be72626c93680facec849bb6ace681e2dEugen Kuksa compile_gcc(reconfigured_source_tempfile.path, target_path)
c4d7a0da5a4b9290095f82cc2af748d80ac035a1Eugen Kuksa remove_symbols(target_path)
c4d7a0da5a4b9290095f82cc2af748d80ac035a1Eugen Kuksa set_permissions('4500', target_path,
b3d093fdb6d89d331d581745a17be489b4bd8a06Eugen Kuksa 'the git user and the webserver-running group. Also, add '\
b3d093fdb6d89d331d581745a17be489b4bd8a06Eugen Kuksa 'execute-permissions for the webserver-running user with '\
b3d093fdb6d89d331d581745a17be489b4bd8a06Eugen Kuksa "ACLs, e.g.: setfacl -m u:ontohub:--x,m::rwx #{target_path}")
f6fd701c750b47c6c58a23b784d5b890317340a2Eugen Kuksa desc 'Create authorized_keys file and set its permissions'
f6fd701c750b47c6c58a23b784d5b890317340a2Eugen Kuksa task :prepare_authorized_keys => :environment do
f6fd701c750b47c6c58a23b784d5b890317340a2Eugen Kuksa SSH_DIR = Ontohub::Application.config.data_root.join('.ssh')
f6fd701c750b47c6c58a23b784d5b890317340a2Eugen Kuksa AUTHORIZED_KEYS = SSH_DIR.join('authorized_keys')
f6fd701c750b47c6c58a23b784d5b890317340a2Eugen Kuksa if !File.exists?(AUTHORIZED_KEYS)
f6fd701c750b47c6c58a23b784d5b890317340a2Eugen Kuksa puts "Creating the file #{AUTHORIZED_KEYS}."
f6fd701c750b47c6c58a23b784d5b890317340a2Eugen Kuksa FileUtils.touch(AUTHORIZED_KEYS)
f6fd701c750b47c6c58a23b784d5b890317340a2Eugen Kuksa set_permissions('0640', AUTHORIZED_KEYS.to_s,
f6fd701c750b47c6c58a23b784d5b890317340a2Eugen Kuksa 'the webserver-running user.')