fix: grand ssh, provisioning, perms refactor

See coop-cloud/organising#280. See coop-cloud/organising#273.
2021-12-22 20:08:15 +01:00
parent 4c6d52c426
commit a07e71f7df
13 changed files with 106 additions and 118 deletions
--- a/pkg/catalogue/catalogue.go
+++ b/pkg/catalogue/catalogue.go
@ -209,7 +209,7 @@ func readRecipeCatalogueWeb(target interface{}) error {
 		return err
 	}

-	if err := ioutil.WriteFile(config.APPS_JSON, recipesJSON, 0644); err != nil {
+	if err := ioutil.WriteFile(config.APPS_JSON, recipesJSON, 0764); err != nil {
 		return err
 	}

--- a/pkg/compose/compose.go
+++ b/pkg/compose/compose.go
@ -71,7 +71,7 @@ func UpdateTag(pattern, image, tag, recipeName string) error {

 				logrus.Debugf("updating '%s' to '%s' in '%s'", old, new, compose.Filename)

-				if err := ioutil.WriteFile(compose.Filename, []byte(replacedBytes), 0644); err != nil {
+				if err := ioutil.WriteFile(compose.Filename, []byte(replacedBytes), 0764); err != nil {
 					return err
 				}
 			}
@ -137,7 +137,7 @@ func UpdateLabel(pattern, serviceName, label, recipeName string) error {

 				logrus.Debugf("updating %s to %s in %s", old, label, compose.Filename)

-				if err := ioutil.WriteFile(compose.Filename, []byte(replacedBytes), 0644); err != nil {
+				if err := ioutil.WriteFile(compose.Filename, []byte(replacedBytes), 0764); err != nil {
 					return err
 				}

--- a/pkg/config/app.go
+++ b/pkg/config/app.go
@ -248,22 +248,22 @@ func GetAppNames() ([]string, error) {
 }

 // TemplateAppEnvSample copies the example env file for the app into the users env files
-func TemplateAppEnvSample(appType, appName, server, domain, recipe string) error {
-	envSamplePath := path.Join(ABRA_DIR, "apps", appType, ".env.sample")
+func TemplateAppEnvSample(recipe, appName, server, domain string) error {
+	envSamplePath := path.Join(ABRA_DIR, "apps", recipe, ".env.sample")
 	envSample, err := ioutil.ReadFile(envSamplePath)
 	if err != nil {
 		return err
 	}

 	appEnvPath := path.Join(ABRA_DIR, "servers", server, fmt.Sprintf("%s.env", appName))
-	if _, err := os.Stat(appEnvPath); err == nil {
+	if _, err := os.Stat(appEnvPath); os.IsExist(err) {
 		return fmt.Errorf("%s already exists?", appEnvPath)
 	}

 	envSample = []byte(strings.Replace(string(envSample), fmt.Sprintf("%s.example.com", recipe), domain, -1))
 	envSample = []byte(strings.Replace(string(envSample), "example.com", domain, -1))

-	err = ioutil.WriteFile(appEnvPath, envSample, 0644)
+	err = ioutil.WriteFile(appEnvPath, envSample, 0664)
 	if err != nil {
 		return err
 	}
--- a/pkg/config/env.go
+++ b/pkg/config/env.go
@ -128,7 +128,7 @@ func GetAllFoldersInDirectory(directory string) ([]string, error) {
 func EnsureAbraDirExists() error {
 	if _, err := os.Stat(ABRA_DIR); os.IsNotExist(err) {
 		logrus.Debugf("%s does not exist, creating it", ABRA_DIR)
-		if err := os.Mkdir(ABRA_DIR, 0777); err != nil {
+		if err := os.Mkdir(ABRA_DIR, 0764); err != nil {
 			return err
 		}
 	}
--- a/pkg/server/server.go
+++ b/pkg/server/server.go
@ -12,7 +12,7 @@ import (
 func CreateServerDir(serverName string) error {
 	serverPath := path.Join(config.ABRA_DIR, "servers", serverName)

-	if err := os.Mkdir(serverPath, 0644); err != nil {
+	if err := os.Mkdir(serverPath, 0764); err != nil {
 		if !os.IsExist(err) {
 			return err
 		}
--- a/pkg/ssh/ssh.go
+++ b/pkg/ssh/ssh.go
@ -111,7 +111,7 @@ type sudoWriter struct {

 // Write satisfies the write interface for sudoWriter
 func (w *sudoWriter) Write(p []byte) (int, error) {
-	if string(p) == "sudo_password" {
+	if strings.Contains(string(p), "sudo_password") {
 		w.stdin.Write([]byte(w.pw + "\n"))
 		w.pw = ""
 		return len(p), nil
@ -131,11 +131,9 @@ func RunSudoCmd(cmd, passwd string, cl *Client) error {
 	}
 	defer session.Close()

-	cmd = "sudo -p " + "sudo_password" + " -S " + cmd
+	sudoCmd := fmt.Sprintf("SSH_ASKPASS=/usr/bin/ssh-askpass; sudo -p sudo_password -S %s", cmd)

-	w := &sudoWriter{
-		pw: passwd,
-	}
+	w := &sudoWriter{pw: passwd}
 	w.stdin, err = session.StdinPipe()
 	if err != nil {
 		return err
@ -144,79 +142,19 @@ func RunSudoCmd(cmd, passwd string, cl *Client) error {
 	session.Stdout = w
 	session.Stderr = w

-	done := make(chan struct{})
-	scanner := bufio.NewScanner(session.Stdin)
-
-	go func() {
-		for scanner.Scan() {
-			line := scanner.Text()
-			fmt.Println(line)
-		}
-		done <- struct{}{}
-	}()
-
-	if err := session.Start(cmd); err != nil {
-		return err
+	modes := ssh.TerminalModes{
+		ssh.ECHO:          0,
+		ssh.TTY_OP_ISPEED: 14400,
+		ssh.TTY_OP_OSPEED: 14400,
 	}

-	<-done
-
-	if err := session.Wait(); err != nil {
-		return err
-	}
-
-	return err
-}
-
-// Exec runs a command on a remote and streams output
-func Exec(cmd string, cl *Client) error {
-	session, err := cl.SSHClient.NewSession()
-	if err != nil {
-		return err
-	}
-	defer session.Close()
-
-	stdout, err := session.StdoutPipe()
+	err = session.RequestPty("xterm", 80, 40, modes)
 	if err != nil {
 		return err
 	}

-	stderr, err := session.StdoutPipe()
-	if err != nil {
-		return err
-	}
-
-	stdoutDone := make(chan struct{})
-	stdoutScanner := bufio.NewScanner(stdout)
-
-	go func() {
-		for stdoutScanner.Scan() {
-			line := stdoutScanner.Text()
-			fmt.Println(line)
-		}
-		stdoutDone <- struct{}{}
-	}()
-
-	stderrDone := make(chan struct{})
-	stderrScanner := bufio.NewScanner(stderr)
-
-	go func() {
-		for stderrScanner.Scan() {
-			line := stderrScanner.Text()
-			fmt.Println(line)
-		}
-		stderrDone <- struct{}{}
-	}()
-
-	if err := session.Start(cmd); err != nil {
-		return err
-	}
-
-	<-stdoutDone
-	<-stderrDone
-
-	if err := session.Wait(); err != nil {
-		return err
+	if err := session.Run(sudoCmd); err != nil {
+		return fmt.Errorf("%s", string(w.b.Bytes()))
 	}

 	return nil
@ -320,7 +258,7 @@ func HostKeyAddCallback(hostnameAndPort string, remote net.Addr, pubKey ssh.Publ

 	if exists {
 		hostname := strings.Split(hostnameAndPort, ":")[0]
-		logrus.Debugf("server SSH host key found for %s, moving on", hostname)
+		logrus.Debugf("server SSH host key found for %s", hostname)
 		return nil
 	}