initial commit: add scritps

This commit is contained in:
Maximilian Keßler 2023-10-17 17:28:19 +02:00
commit 3e167269c6
Signed by: max
GPG key ID: BCC5A619923C0BA5
2 changed files with 99 additions and 0 deletions

56
deploy.sh Executable file
View file

@ -0,0 +1,56 @@
#! /bin/bash
#
# This script reads a gzipped tar archive from stdin and deploys it to a
# specified location. Contents of the archive are assumed to be relative to
# some root, and will be deployed relative to the specified path in the first argument.
#
# Example usage:
# tar -C <deploy_root> -cf - <list of files> | ./deploy.sh <path>
# Abort deploy on any mistake
set -e
WEB_ROOT=/var/www/pages.abstractnonsen.se/
STORAGE_ROOT=/var/lib/pages/
PAGES_USER=pages
if [ "$#" -ne 1 ]; then
echo "Usage: $0 DEPLOY_SUBDIR"
exit 1
fi
if [ "$(whoami)" != "${PAGES_USER}" ]; then
echo "Script must be run as user '${PAGES_USER}'"
exit 1
fi
LINK="${WEB_ROOT}/$1"
LINK_DIRECTORY=$(dirname "${LINK}")
STORAGE_NEW="${STORAGE_ROOT}/$1/$(date +%s)"
# ensure root paths exist
mkdir -p "${LINK_DIRECTORY}"
mkdir -p "${STORAGE_NEW}"
# extract to new storage location (this reads from stdin)
echo "Extracting tar files..."
tar -C "${STORAGE_NEW}" -xvzf -
echo "...extracting done"
if [ ! -e "${LINK}" ]; then
# link does not exist, create it
ln -s "${STORAGE_NEW}" "${LINK}"
else
# read old link
STORAGE_OLD=$(readlink "${LINK}")
# link already exists, repoint it
rm -f "${LINK_DIRECTORY}/tmp"
ln -s "${STORAGE_NEW}" "${LINK_DIRECTORY}/tmp"
mv -T "${LINK_DIRECTORY}/tmp" "${LINK}"
# remove old deployment
rm -rf "${STORAGE_OLD}"
fi
echo "Successfully deployed to https://pages.abstractnonsen.se/$1"

43
setup-key.sh Executable file
View file

@ -0,0 +1,43 @@
#! /bin/bash
# This script creates a new ssh key-pair and sets it up to be able to deploy to a specific directory only
# Abort on any mistake
set -e
# configurable constants for this script
KEY_DIR=/var/lib/pages-manager/keys/
PAGES_USER=pages
DEPLOY_SCRIPT=/home/${PAGES_USER}/deploy.sh
mkdir -p "${KEY_DIR}"
if [ "$#" -ne 1 ]; then
echo "Usage: $0 DEPLOY_SUBDIR"
fi
KEYNAME=$1
KEYFILE="${KEY_DIR}/id_${KEYNAME/\//.}"
if [ -e "${KEYFILE}" ]; then
echo "Found existing key in ${KEYFILE}, aborting."
echo "Printing private key:"
cat "${KEYFILE}"
exit 1
fi
mkdir -p "${KEY_DIR}"
chmod 700 "${KEY_DIR}"
# generate key
ssh-keygen -t ed25519 -f "${KEYFILE}" -N "" -C "deployment key for ${KEYNAME}" > /dev/null
# add public key
echo "command=\"${DEPLOY_SCRIPT} ${KEYNAME}\",no-port-forwarding,no-agent-forwarding,no-X11-forwarding,no-pty,no-user-rc,restrict $(cat ${KEYFILE}.pub)" >> "/home/${PAGES_USER}/.ssh/authorized_keys"
echo "Generate and configured new key in ${KEYFILE}"
echo "Printing private key:"
cat "${KEYFILE}"
exit 0