From 5b7112645be0fe41e4deecde0f86cac7ce4b79df Mon Sep 17 00:00:00 2001
From: notplants <mfowler.email@gmail.com>
Date: Wed, 19 May 2021 11:55:33 +0200
Subject: [PATCH 1/2] Add rocket.toml and peach-dyndns-server.service

---
 Cargo.lock                         |  2 +-
 Cargo.toml                         | 15 +++++++++++----
 Rocket.toml                        |  3 +++
 debian/peach-dyndns-server.service | 13 +++++++++++++
 src/main.rs                        |  9 ++++++++-
 5 files changed, 36 insertions(+), 6 deletions(-)
 create mode 100644 Rocket.toml
 create mode 100644 debian/peach-dyndns-server.service

diff --git a/Cargo.lock b/Cargo.lock
index 6b47eee..e76bfbd 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -1299,7 +1299,7 @@ dependencies = [
 ]
 
 [[package]]
-name = "peach-dyndns-host"
+name = "peach-dyndns-server"
 version = "0.1.0"
 dependencies = [
  "clap-log-flag",
diff --git a/Cargo.toml b/Cargo.toml
index 772d13d..76a495b 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -1,5 +1,5 @@
 [package]
-name = "peach-dyndns-host"
+name = "peach-dyndns-server"
 version = "0.1.0"
 authors = ["Michael Williams <michael.williams@enspiral.com>", "Max Fowler <notplants@mfowler.info>"]
 edition = "2018"
@@ -24,6 +24,13 @@ dotenv = "0.15.0"
 tera = "1"
 regex = "1"
 
-[[bin]]
-name = "main"
-path = "src/main.rs"
\ No newline at end of file
+[package.metadata.deb]
+depends = "$auto"
+extended-description = """\
+peach-dyndns is an http API to create dynamic-dns configurations for bind9."""
+maintainer-scripts="debian"
+systemd-units = { unit-name = "peach-dyndns-server" }
+assets = [
+    ["target/release/peach-dyndns-server", "usr/bin/", "755"],
+]
+
diff --git a/Rocket.toml b/Rocket.toml
new file mode 100644
index 0000000..39eb01a
--- /dev/null
+++ b/Rocket.toml
@@ -0,0 +1,3 @@
+[default]
+template_dir = "templates/"
+port = 3001
diff --git a/debian/peach-dyndns-server.service b/debian/peach-dyndns-server.service
new file mode 100644
index 0000000..9086591
--- /dev/null
+++ b/debian/peach-dyndns-server.service
@@ -0,0 +1,13 @@
+[Unit]
+Description=An http API to create dynamic-dns configurations for bind9.
+
+[Service]
+Type=simple
+User=peach-dyndns
+Group=bind
+Environment="RUST_LOG=info"
+ExecStart=/usr/bin/peach-dyndns-server
+Restart=always
+
+[Install]
+WantedBy=multi-user.target
diff --git a/src/main.rs b/src/main.rs
index 34a8770..17a32bd 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -4,6 +4,8 @@
 extern crate rocket;
 
 use crate::routes::{index, register_domain, check_available};
+use rocket::Config;
+use rocket::figment::{Figment, Profile, providers::{Format, Toml, Serialized, Env}};
 
 mod cli;
 mod routes;
@@ -15,7 +17,12 @@ mod generate_zone;
 async fn main() {
     let _args = cli::args().expect("error parsing args");
 
-    let rocket_result = rocket::build()
+    // the following config says to use all default rocket configs
+    // and then override them with any configs specified in Rocket.toml
+    let config = Figment::from(rocket::Config::default())
+      .merge(Toml::file("Rocket.toml").nested());
+
+    let rocket_result = rocket::custom(config)
         .mount("/", routes![index, register_domain, check_available])
         .launch()
         .await;

From 88cc73eb2c820b0e2999de0e521344c30a5cb38c Mon Sep 17 00:00:00 2001
From: notplants <mfowler.email@gmail.com>
Date: Wed, 19 May 2021 14:14:26 +0200
Subject: [PATCH 2/2] Add debian package configuration for deployment

---
 Cargo.toml                         |  6 ++++--
 README.md                          | 16 ++++++++++++----
 debian/bindctl                     | 12 ++++++++++++
 debian/peach-dyndns-server.service |  4 +++-
 debian/postinst                    | 15 +++++++++++++++
 debian/reloadbind                  |  2 ++
 deploy_prod.sh                     |  7 +++++++
 src/generate_zone.rs               |  2 +-
 src/main.rs                        |  8 ++++----
 9 files changed, 60 insertions(+), 12 deletions(-)
 create mode 100644 debian/bindctl
 create mode 100644 debian/postinst
 create mode 100644 debian/reloadbind
 create mode 100644 deploy_prod.sh

diff --git a/Cargo.toml b/Cargo.toml
index 76a495b..1151d6c 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -32,5 +32,7 @@ maintainer-scripts="debian"
 systemd-units = { unit-name = "peach-dyndns-server" }
 assets = [
     ["target/release/peach-dyndns-server", "usr/bin/", "755"],
-]
-
+    ["debian/reloadbind", "usr/bin/", "755"],
+    ["debian/bindctl", "/etc/sudoers.d/bindctl", "655"],
+    ["templates/*", "/srv/peachcloud/peach-dyndns-server/prod-peach-dyndns/templates/", "644"],
+]
\ No newline at end of file
diff --git a/README.md b/README.md
index bb0e290..4d47f66 100644
--- a/README.md
+++ b/README.md
@@ -4,23 +4,31 @@ a dynamic DNS server to host the names of guests with changing IP addresses
 by providing an http API for updating bind9 configurations. 
 
 
-## setup 
+## Setup
 
 The code in this repo assumes the existence of an installed and running bind9 server on the same 
 server as is running peach-dyndns-server. Documentation for setting up bind9 can be found [here](docs/setup-bind-for-peach-dyndns.md).
 
 The peach-dyndns-server code can be compiled with
 ```
-cargo build --release
+cargo deb; sudo dpkg -i target/debian/peach-dyndns-server_0.1.0_amd64.deb
 ```
 
-## run
+## Development
 
 ```
 sudo su peach-dyndns; ./target/release/main -vv
 ```
 
-## test
+## Prod Deployment 
+
+prod is deployed to /srv/peachcloud/peach-dyndns-server/prod-peach-dyndns
+
+## Staging Deployment 
+
+staging is deployed to /srv/peachcloud/peach-dyndns-server/dev-peach-dyndns
+
+## Test
 
 test peach-dyndns server is running,
 ```
diff --git a/debian/bindctl b/debian/bindctl
new file mode 100644
index 0000000..498fd05
--- /dev/null
+++ b/debian/bindctl
@@ -0,0 +1,12 @@
+#
+# Allow peach-dyndns to reload bind as sudo
+#
+
+# User alias for bind-ctl which can reload bind
+User_Alias  BIND_CTRL = peach-dyndns
+
+# Command alias for reboot and shutdown
+Cmnd_Alias  RELOADBIND = /usr/bin/reloadbind
+
+# Allow BIND_CTRL users to execute RELOADBIND command without password
+BIND_CTRL  ALL=(ALL) NOPASSWD: RELOADBIND
\ No newline at end of file
diff --git a/debian/peach-dyndns-server.service b/debian/peach-dyndns-server.service
index 9086591..29b738e 100644
--- a/debian/peach-dyndns-server.service
+++ b/debian/peach-dyndns-server.service
@@ -6,7 +6,9 @@ Type=simple
 User=peach-dyndns
 Group=bind
 Environment="RUST_LOG=info"
-ExecStart=/usr/bin/peach-dyndns-server
+Environment="ROCKET_PORT=3002"
+WorkingDirectory=/srv/peachcloud/peach-dyndns-server/prod-peach-dyndns
+ExecStart=/usr/bin/peach-dyndns-server -vv
 Restart=always
 
 [Install]
diff --git a/debian/postinst b/debian/postinst
new file mode 100644
index 0000000..b852074
--- /dev/null
+++ b/debian/postinst
@@ -0,0 +1,15 @@
+#!/bin/sh
+set -e
+
+# create user which peach-dyndns-server runs as
+adduser --quiet --system peach-dyndns
+
+# add user to bind group
+usermod -a -G bind peach-dyndns
+
+# set permissions
+chown peach-dyndns /usr/bin/peach-dyndns-server
+chown peach-dyndns /usr/bin/reloadbind
+
+# cargo deb automatically replaces this token below, see https://github.com/mmstick/cargo-deb/blob/master/systemd.md
+#DEBHELPER#
\ No newline at end of file
diff --git a/debian/reloadbind b/debian/reloadbind
new file mode 100644
index 0000000..e99b790
--- /dev/null
+++ b/debian/reloadbind
@@ -0,0 +1,2 @@
+#!/usr/bin/env bash
+/bin/systemctl reload bind9
\ No newline at end of file
diff --git a/deploy_prod.sh b/deploy_prod.sh
new file mode 100644
index 0000000..750c70d
--- /dev/null
+++ b/deploy_prod.sh
@@ -0,0 +1,7 @@
+#!/usr/bin/env bash
+# this script rebuilds the peach-dyndns-server for prod deployment using the dev folder as the source repo
+cd /srv/peachcloud/peach-dyndns-server/dev-peach-dyndns
+cargo deb
+sudo dpkg -i target/debian/peach-dyndns-server_0.1.0_amd64.deb
+sudo systemctl restart peach-dyndns-server
+sudo systemctl restart nginx
\ No newline at end of file
diff --git a/src/generate_zone.rs b/src/generate_zone.rs
index a5108d5..3fb1dcd 100644
--- a/src/generate_zone.rs
+++ b/src/generate_zone.rs
@@ -131,7 +131,7 @@ pub fn generate_zone(full_domain: &str) -> Result<String, PeachDynError> {
     // we use the /etc/sudoers.d/bindctl to allow peach-dyndns user to restart bind as sudo without entering a password
     // using a binary at /bin/reloadbind which runs 'systemctl reload bind9'
     let status = Command::new("sudo")
-        .arg("/bin/reloadbind")
+        .arg("/usr/bin/reloadbind")
         .status().expect("error restarting bind9");
     if !status.success() {
         return Err(PeachDynError::BindConfigurationError("There was an error in the bind configuration".to_string()));
diff --git a/src/main.rs b/src/main.rs
index 17a32bd..4b7750c 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -4,8 +4,7 @@
 extern crate rocket;
 
 use crate::routes::{index, register_domain, check_available};
-use rocket::Config;
-use rocket::figment::{Figment, Profile, providers::{Format, Toml, Serialized, Env}};
+use rocket::figment::{Figment, providers::{Format, Toml, Env}};
 
 mod cli;
 mod routes;
@@ -18,9 +17,10 @@ async fn main() {
     let _args = cli::args().expect("error parsing args");
 
     // the following config says to use all default rocket configs
-    // and then override them with any configs specified in Rocket.toml
+    // and then override them with any configs specified in Rocket.toml if found
+    // and then override with any configs specified as env variables prefixed with APP_
     let config = Figment::from(rocket::Config::default())
-      .merge(Toml::file("Rocket.toml").nested());
+      .merge(Toml::file("Rocket.toml").nested()).merge(Env::prefixed("ROCKET_").global());
 
     let rocket_result = rocket::custom(config)
         .mount("/", routes![index, register_domain, check_available])