#!/bin/sh _boxconf_try_files(){ # Get the highest precedence file for a given path. # $1 = target file path for _bcsf_file in \ "${BOXCONF_SITE_FILE_DIR}${1}.${BOXCONF_HOSTNAME}" \ "${BOXCONF_FILE_DIR}${1}.${BOXCONF_HOSTNAME}" \ "${BOXCONF_SITE_FILE_DIR}${1}.${BOXCONF_HOSTCLASS}.${BOXCONF_DISTRO}" \ "${BOXCONF_FILE_DIR}${1}.${BOXCONF_HOSTCLASS}.${BOXCONF_DISTRO}" \ "${BOXCONF_SITE_FILE_DIR}${1}.${BOXCONF_DISTRO}.${BOXCONF_HOSTCLASS}" \ "${BOXCONF_FILE_DIR}${1}.${BOXCONF_DISTRO}.${BOXCONF_HOSTCLASS}" \ "${BOXCONF_SITE_FILE_DIR}${1}.${BOXCONF_HOSTCLASS}.${BOXCONF_OS}" \ "${BOXCONF_FILE_DIR}${1}.${BOXCONF_HOSTCLASS}.${BOXCONF_OS}" \ "${BOXCONF_SITE_FILE_DIR}${1}.${BOXCONF_OS}.${BOXCONF_HOSTCLASS}" \ "${BOXCONF_FILE_DIR}${1}.${BOXCONF_OS}.${BOXCONF_HOSTCLASS}" \ "${BOXCONF_SITE_FILE_DIR}${1}.${BOXCONF_HOSTCLASS}" \ "${BOXCONF_FILE_DIR}${1}.${BOXCONF_HOSTCLASS}" \ "${BOXCONF_SITE_FILE_DIR}${1}.${BOXCONF_DISTRO}" \ "${BOXCONF_FILE_DIR}${1}.${BOXCONF_DISTRO}" \ "${BOXCONF_SITE_FILE_DIR}${1}.${BOXCONF_OS}" \ "${BOXCONF_FILE_DIR}${1}.${BOXCONF_OS}" \ "${BOXCONF_SITE_FILE_DIR}${1}.common" \ "${BOXCONF_FILE_DIR}${1}.common" do if [ -f "$_bcsf_file" ]; then echo "$_bcsf_file" return fi done bug "no source file found for ${1}" } install_file(){ # Install the files at the given paths into the target system. # The source file is chosen from the matching file in the boxconf directory with # the highest-precedence suffix. # Takes options similar to the `install` command. _bcif_install_args='-Cv' _bcif_mode=0644 while getopts m:o:g: _bcif_opt; do case $_bcif_opt in m) _bcif_mode=$OPTARG ;; o) _bcif_install_args="${_bcif_install_args} -o ${OPTARG}" ;; g) _bcif_install_args="${_bcif_install_args} -g ${OPTARG}" ;; esac done shift $((OPTIND - 1)) while [ $# -gt 0 ]; do _bcif_src=$(_boxconf_try_files "$1") install -m "$_bcif_mode" $_bcif_install_args "$_bcif_src" "$1" log "installed file ${1}" shift done } install_directory(){ # Create the specified directories in the target system. # Takes options similar to the `install` command. _bcid_install_args='-Cdv' _bcid_mode=0755 while getopts m:o:g: _bcid_opt; do case $_bcid_opt in m) _bcid_mode=$OPTARG ;; o) _bcid_install_args="${_bcid_install_args} -o ${OPTARG}" ;; g) _bcid_install_args="${_bcid_install_args} -g ${OPTARG}" ;; esac done shift $((OPTIND - 1)) while [ $# -gt 0 ]; do install -m "$_bcid_mode" $_bcid_install_args "$1" log "installed directory ${1}" shift done } install_template(){ # Install the templatess at the given paths into the target system. # The source template is chosen from the matching file in the boxconf directory # with the highest-precedence suffix. Template is rendered as a shell heredoc. # Takes options similar to the `install` command. _bcit_install_args='-Cv' _bcit_mode=0644 while getopts m:o:g: _bcit_opt; do case $_bcit_opt in m) _bcit_mode=$OPTARG ;; o) _bcit_install_args="${_bcit_install_args} -o ${OPTARG}" ;; g) _bcit_install_args="${_bcit_install_args} -g ${OPTARG}" ;; esac done shift $((OPTIND - 1 )) while [ $# -gt 0 ]; do _bcit_src=$(_boxconf_try_files "$1") eval "cat <<__BOXCONF_EOF__ >${_bcit_src}.render $(cat "$_bcit_src") __BOXCONF_EOF__ " [ -s "${_bcit_src}.render" ] || bug "failed to render template: ${_bcit_src}" install -m "$_bcit_mode" $_bcit_install_args "${_bcit_src}.render" "$1" log "installed template ${1}" shift done } install_certificate(){ # Install a certificate from the CA dir into the target system. # Takes options similar to the `install` command. # $1 = certificate name # $2 = target path _bcic_install_args='-Cv' _bcic_mode=0644 while getopts m:o:g: _bcic_opt; do case $_bcic_opt in m) _bcic_mode=$OPTARG ;; o) _bcic_install_args="${_bcic_install_args} -o ${OPTARG}" ;; g) _bcic_install_args="${_bcic_install_args} -g ${OPTARG}" ;; esac done shift $((OPTIND - 1)) [ -f "${BOXCONF_CA_DIR}/${BOXCONF_HOSTNAME}/${1}.fullchain.crt" ] \ || bug "no certificate exists for ${BOXCONF_HOSTNAME}/${1}" install -m "$_bcic_mode" $_bcic_install_args "${BOXCONF_CA_DIR}/${BOXCONF_HOSTNAME}/${1}.fullchain.crt" "$2" log "installed certificate ${2}" } install_certificate_key(){ # Install a certificate's private key from the CA dir into the target system. # Takes options similar to the `install` command. # $1 = certificate name # $2 = target path _bcick_install_args='-Cv' _bcick_mode=0600 while getopts m:o:g: _bcick_opt; do case $_bcick_opt in m) _bcick_mode=$OPTARG ;; o) _bcick_install_args="${_bcick_install_args} -o ${OPTARG}" ;; g) _bcick_install_args="${_bcick_install_args} -g ${OPTARG}" ;; esac done shift $((OPTIND - 1)) [ -f "${BOXCONF_CA_DIR}/${BOXCONF_HOSTNAME}/${1}.key" ] \ || bug "no key exists for ${BOXCONF_HOSTNAME}/${1}" install -m "$_bcick_mode" $_bcick_install_args "${BOXCONF_CA_DIR}/${BOXCONF_HOSTNAME}/${1}.key" "$2" log "installed certificate key ${2}" } install_ca_certificate(){ # Install a the root CA from the CA dir into the target system. # Takes options similar to the `install` command. # $1 = target path _bcicc_install_args='-Cv' _bcicc_mode=0644 while getopts m:o:g: _bcicc_opt; do case $_bcicc_opt in m) _bcicc_mode=$OPTARG ;; o) _bcicc_install_args="${_bcicc_install_args} -o ${OPTARG}" ;; g) _bcicc_install_args="${_bcicc_install_args} -g ${OPTARG}" ;; esac done shift $((OPTIND - 1)) [ -f "${BOXCONF_CA_DIR}/ca.crt" ] || bug 'CA certificate not found' install -m "$_bcicc_mode" $_bcicc_install_args "${BOXCONF_CA_DIR}/ca.crt" "$1" log "installed root CA to ${1}" } set_facl(){ # Replaces the NFSv4 ACL on a file with the specified ACL list. # $1 = path # $2-$N = ACL entries [ "$BOXCONF_OS" = freebsd ] || bug 'set_facl only supported on FreeBSD' _bcsetfacl_path=$1; shift setfacl -b -a 0 "$(join ',' "$@")" "$_bcsetfacl_path" }