diff options
Diffstat (limited to 'provider_base')
-rw-r--r-- | provider_base/lib/macros/core.rb | 3 | ||||
-rw-r--r-- | provider_base/lib/macros/hosts.rb | 7 | ||||
-rw-r--r-- | provider_base/lib/macros/keys.rb | 19 | ||||
-rw-r--r-- | provider_base/provider.json | 2 | ||||
-rw-r--r-- | provider_base/services/monitor.json | 5 |
5 files changed, 23 insertions, 13 deletions
diff --git a/provider_base/lib/macros/core.rb b/provider_base/lib/macros/core.rb index 2ab2e71b..7de50f2f 100644 --- a/provider_base/lib/macros/core.rb +++ b/provider_base/lib/macros/core.rb @@ -22,6 +22,9 @@ module LeapCli keys.sort.each do |keyfile| ssh_type, ssh_key = File.read(keyfile, :encoding => 'UTF-8').strip.split(" ") name = File.basename(File.dirname(keyfile)) + until hash[name].nil? + i ||= 1; name = "#{name}#{i+=1}" + end hash[name] = { "type" => ssh_type, "key" => ssh_key diff --git a/provider_base/lib/macros/hosts.rb b/provider_base/lib/macros/hosts.rb index 8a4058a5..8281329f 100644 --- a/provider_base/lib/macros/hosts.rb +++ b/provider_base/lib/macros/hosts.rb @@ -42,7 +42,12 @@ module LeapCli hosts = {} my_location = @node['location'] ? @node['location']['name'] : nil nodes.each_node do |node| - hosts[node.name] = {'ip_address' => node.ip_address, 'domain_internal' => node.domain.internal, 'domain_full' => node.domain.full} + hosts[node.name] = { + 'ip_address' => node.ip_address, + 'domain_internal' => node.domain.internal, + 'domain_full' => node.domain.full, + 'port' => node.ssh.port + } node_location = node['location'] ? node['location']['name'] : nil if my_location == node_location if facts = @node.manager.facts[node.name] diff --git a/provider_base/lib/macros/keys.rb b/provider_base/lib/macros/keys.rb index ea4c3df2..0ed7ccd0 100644 --- a/provider_base/lib/macros/keys.rb +++ b/provider_base/lib/macros/keys.rb @@ -36,14 +36,15 @@ module LeapCli end # - # on the command line an onion address can be created - # from an rsa public key using this: + # Generates a onion_address from a public RSA key file. # - # base64 -d < ./pubkey | sha1sum | awk '{print $1}' | - # perl -e '$l=<>; chomp $l; print pack("H*", $l)' | - # python -c 'import base64, sys; t=sys.stdin.read(); print base64.b32encode(t[:10]).lower()' + # path_name is the named path of the Tor public key. # - # path_name is the named path of the tor public key. + # Basically, an onion address is nothing more than a base32 encoding + # of the first 10 bytes of a sha1 digest of the public key. + # + # Additionally, Tor ignores the 22 byte header of the public key + # before taking the sha1 digest. # def onion_address(path_name) require 'base32' @@ -53,9 +54,9 @@ module LeapCli if path && File.exists?(path) public_key_str = File.readlines(path).grep(/^[^-]/).join public_key = Base64.decode64(public_key_str) - sha1sum_string = Digest::SHA1.new.hexdigest(public_key) - sha1sum_binary = [sha1sum_string].pack('H*') - Base32.encode(sha1sum_binary.slice(0,10)).downcase + public_key = public_key.slice(22..-1) # Tor ignores the 22 byte SPKI header + sha1sum = Digest::SHA1.new.digest(public_key) + Base32.encode(sha1sum.slice(0,10)).downcase else LeapCli.log :warning, 'Tor public key file "%s" does not exist' % tor_public_key_path end diff --git a/provider_base/provider.json b/provider_base/provider.json index 9ef0f76a..77437935 100644 --- a/provider_base/provider.json +++ b/provider_base/provider.json @@ -1,6 +1,6 @@ { "domain": "REQUIRED", - "domain_internal": "= domain.sub(/\\..*$/,'.i')", + "domain_internal": "= domain.sub(/\\.[^\\.]*$/, '.i')", "name": { "en": "REQUIRED" }, diff --git a/provider_base/services/monitor.json b/provider_base/services/monitor.json index 56ca015b..10d5ac81 100644 --- a/provider_base/services/monitor.json +++ b/provider_base/services/monitor.json @@ -1,8 +1,9 @@ { "nagios": { "nagiosadmin_pw": "= secret :nagios_admin_password", - "domains_internal": "= global.tags.field('domain.internal_suffix').compact.uniq", - "hosts": "= (self.environment == 'local' ? nodes_like_me : nodes[:environment => '!local']).pick_fields('domain.internal', 'domain.full_suffix', 'ip_address', 'services', 'openvpn.gateway_address', 'ssh.port')" + "domains_internal": "= nagios.hosts.values.map{|h|h['domain_internal_suffix']}.uniq", + "environments": "= Hash[ nagios.hosts.values.map{|h|h['environment']}.uniq.map{|e| [e||'default',{'contact_emails'=>global.env(e).provider.contacts.default}]} ]", + "hosts": "= (self.environment == 'local' ? nodes_like_me : nodes[:environment => '!local']).pick_fields('environment', 'domain.internal', 'domain.internal_suffix', 'domain.full_suffix', 'ip_address', 'services', 'openvpn.gateway_address', 'ssh.port')" }, "hosts": "= self.environment == 'local' ? hosts_file(nodes_like_me) : hosts_file(nodes[:environment => '!local'])", "ssh": { |