Merge pull request 'Add permissions function peach-config' (#56) from permissions into main

Reviewed-on: #56
2021-12-22 17:18:24 +00:00 · 2021-12-22 17:18:24 +00:00 · 068d3430d7
parent 9324b3ec0b 62793f401e
commit 068d3430d7
7 changed files with 74 additions and 15 deletions
--- a/Cargo.lock
+++ b/Cargo.lock
@ -2415,7 +2415,7 @@ dependencies = [

 [[package]]
 name = "peach-config"
-version = "0.1.14"
+version = "0.1.15"
 dependencies = [
 "clap",
 "env_logger 0.6.2",
--- a/peach-config/Cargo.toml
+++ b/peach-config/Cargo.toml
@ -1,6 +1,6 @@
 [package]
 name = "peach-config"
-version = "0.1.14"
+version = "0.1.15"
 authors = ["Andrew Reid <gnomad@cryptolab.net>", "Max Fowler <max@mfowler.info>"]
 edition = "2018"
 description = "Command line tool for installing, updating and configuring PeachCloud"
--- a/peach-config/src/change_password.rs
+++ b/peach-config/src/change_password.rs
@ -2,7 +2,6 @@ use crate::error::PeachConfigError;
 use crate::ChangePasswordOpts;
 use peach_lib::password_utils::set_new_password;

-
 ///  Utility function to set the admin password for peach-web from the command-line.
 pub fn set_peach_web_password(opts: ChangePasswordOpts) -> Result<(), PeachConfigError> {
    match opts.password {
--- a/peach-config/src/main.rs
+++ b/peach-config/src/main.rs
@ -2,6 +2,7 @@ mod change_password;
 mod constants;
 mod error;
 mod generate_manifest;
+mod set_permissions;
 mod setup_networking;
 mod setup_peach;
 mod setup_peach_deb;
@ -13,11 +14,6 @@ use log::error;
 use serde::{Deserialize, Serialize};
 use structopt::StructOpt;

-use crate::change_password::set_peach_web_password;
-use crate::generate_manifest::generate_manifest;
-use crate::setup_peach::setup_peach;
-use crate::update::update;
-
 #[derive(StructOpt, Debug)]
 #[structopt(
    name = "peach-config",
@ -50,6 +46,10 @@ enum PeachConfig {
    /// Changes the password for the peach-web interface
    #[structopt(name = "changepassword")]
    ChangePassword(ChangePasswordOpts),
+
+    /// Updates file permissions on PeachCloud device
+    #[structopt(name = "permissions")]
+    SetPermissions,
 }

 #[derive(StructOpt, Debug)]
@ -113,33 +113,44 @@ fn main() {
    if let Some(subcommand) = opt.commands {
        match subcommand {
            PeachConfig::Setup(cfg) => {
-                match setup_peach(cfg.no_input, cfg.default_locale, cfg.i2c, cfg.rtc) {
+                match setup_peach::setup_peach(cfg.no_input, cfg.default_locale, cfg.i2c, cfg.rtc) {
                    Ok(_) => {}
                    Err(err) => {
                        error!("peach-config encountered an error: {}", err)
                    }
                }
            }
-            PeachConfig::Manifest => match generate_manifest() {
+            PeachConfig::Manifest => match generate_manifest::generate_manifest() {
                Ok(_) => {}
                Err(err) => {
                    error!(
-                        "peach-config countered an error generating manifest: {}",
+                        "peach-config encountered an error generating manifest: {}",
                        err
                    )
                }
            },
-            PeachConfig::Update(opts) => match update(opts) {
+            PeachConfig::Update(opts) => match update::update(opts) {
                Ok(_) => {}
                Err(err) => {
                    error!("peach-config encountered an error during update: {}", err)
                }
            },
-            PeachConfig::ChangePassword(opts) => match set_peach_web_password(opts) {
+            PeachConfig::ChangePassword(opts) => {
+                match change_password::set_peach_web_password(opts) {
+                    Ok(_) => {}
+                    Err(err) => {
+                        error!(
+                            "peach-config encountered an error during password update: {}",
+                            err
+                        )
+                    }
+                }
+            }
+            PeachConfig::SetPermissions => match set_permissions::set_permissions() {
                Ok(_) => {}
                Err(err) => {
                    error!(
-                        "peach-config encountered an error during password update: {}",
+                        "peach-config ecountered an error updating file permissions: {}",
                        err
                    )
                }
--- a/peach-config/src/set_permissions.rs
+++ b/peach-config/src/set_permissions.rs
@ -0,0 +1,21 @@
+use crate::error::PeachConfigError;
+use crate::utils::cmd;
+
+/// All configs are stored in this folder, and should be read/writeable by peach group
+/// so they can be read and written by all PeachCloud services.
+pub const CONFIGS_DIR: &str = "/var/lib/peachcloud";
+pub const PEACH_WEB_DIR: &str = "/usr/share/peach-web";
+
+/// Utility function to set correct file permissions on the PeachCloud device.
+/// Accidentally changing file permissions is a fairly common thing to happen,
+/// so this is a useful CLI function for quickly correcting anything that may be out of order.
+pub fn set_permissions() -> Result<(), PeachConfigError> {
+    println!("[ UPDATING FILE PERMISSIONS ON PEACHCLOUD DEVICE ]");
+    cmd(&["chmod", "-R", "u+rwX,g+rwX", CONFIGS_DIR])?;
+    cmd(&["chown", "-R", "peach", CONFIGS_DIR])?;
+    cmd(&["chgrp", "-R", "peach", CONFIGS_DIR])?;
+    cmd(&["chmod", "-R", "u+rwX,g+rwX", PEACH_WEB_DIR])?;
+    cmd(&["chown", "-R", "peach-web:peach", PEACH_WEB_DIR])?;
+    println!("[ PERMISSIONS SUCCESSFULLY UPDATED ]");
+    Ok(())
+}
--- a/peach-config/src/setup_peach.rs
+++ b/peach-config/src/setup_peach.rs
@ -10,7 +10,6 @@ use crate::update::update_microservices;
 use crate::utils::{cmd, conf, create_group_if_doesnt_exist, does_user_exist, get_output};
 use crate::RtcOption;

-
 /// Idempotent setup of PeachCloud device which sets up networking configuration,
 /// configures the peachcloud apt repository, installs system dependencies,
 /// installs microservices, and creates necessary system groups and users.
--- a/peach-dyndns-updater/bindeploy.sh
+++ b/peach-dyndns-updater/bindeploy.sh
@ -0,0 +1,29 @@
+#!/usr/bin/env bash
+# exit when any command fails
+set -e
+
+KEYFILE=/Users/notplants/.ssh/id_rsa
+SERVICE=peach-dyndns-updater
+
+# deploy
+rsync -avzh --exclude target --exclude .idea --exclude .git -e "ssh -i $KEYFILE" . rust@167.99.136.83:/srv/peachcloud/automation/peach-workspace/$SERVICE/
+rsync -avzh --exclude target --exclude .idea --exclude .git -e "ssh -i $KEYFILE" ~/computer/projects/peachcloud/peach-workspace/peach-lib/ rust@167.99.136.83:/srv/peachcloud/automation/peach-workspace/peach-lib/
+
+echo "++ cross compiling on vps"
+BIN_PATH=$(ssh -i $KEYFILE rust@167.99.136.83 'cd /srv/peachcloud/automation/peach-workspace/peach-dyndns-updater; /home/rust/.cargo/bin/cargo clean -p peach-lib; /home/rust/.cargo/bin/cargo build --release --target=aarch64-unknown-linux-gnu')
+
+echo "++ copying ${BIN_PATH} to local"
+rm -f target/$SERVICE
+scp -i $KEYFILE rust@167.99.136.83:/srv/peachcloud/automation/peach-workspace/target/aarch64-unknown-linux-gnu/release/peach-dyndns-updater ../target/vps-bin-$SERVICE
+
+#echo "++ cross compiling"
+BINFILE="../target/vps-bin-$SERVICE"
+echo $BINFILE
+
+
+echo "++ build successful"
+
+echo "++ copying to pi"
+ssh -t -i $KEYFILE peach@peach.link 'mkdir -p /srv/dev/bins'
+scp -i $KEYFILE $BINFILE peach@peach.link:/srv/dev/bins/$SERVICE
+