open ConfigTypes
-val reload = "/usr/bin/sudo /usr/local/sbin/domtool-publish apache"
-val down = "/usr/bin/sudo /usr/local/sbin/domtool-publish apache-down"
-val undown = "/usr/bin/sudo /usr/local/sbin/domtool-publish apache-undown"
-val fixperms = "/usr/bin/sudo /usr/local/sbin/domtool-publish apache-fixperms"
+val reload = ConfigCore.sudo ^ " " ^ ConfigCore.installPrefix ^ "/sbin/domtool-publish apache"
+val down = ConfigCore.sudo ^ " " ^ ConfigCore.installPrefix ^ "/sbin/domtool-publish apache-down"
+val undown = ConfigCore.sudo ^ " " ^ ConfigCore.installPrefix ^ "/sbin/domtool-publish apache-undown"
+val fixperms = ConfigCore.sudo ^ " " ^ ConfigCore.installPrefix ^ "/sbin/domtool-publish apache-fixperms"
-val reload1 = "/usr/bin/sudo /usr/local/sbin/domtool-publish apache1.3"
-val down1 = "/usr/bin/sudo /usr/local/sbin/domtool-publish apache1.3-down"
-val undown1 = "/usr/bin/sudo /usr/local/sbin/domtool-publish apache1.3-undown"
-val fixperms1 = "/usr/bin/sudo /usr/local/sbin/domtool-publish apache1.3-fixperms"
+val reload1 = ConfigCore.sudo ^ " " ^ ConfigCore.installPrefix ^ "/sbin/domtool-publish apache1.3"
+val down1 = ConfigCore.sudo ^ " " ^ ConfigCore.installPrefix ^ "/sbin/domtool-publish apache1.3-down"
+val undown1 = ConfigCore.sudo ^ " " ^ ConfigCore.installPrefix ^ "/sbin/domtool-publish apache1.3-undown"
+val fixperms1 = ConfigCore.sudo ^ " " ^ ConfigCore.installPrefix ^ "/sbin/domtool-publish apache1.3-fixperms"
-val confDir = "/var/domtool/vhosts"
+val confDir = ConfigCore.localRoot ^ "/vhosts"
val webNodes_all = [("navajos", {version = APACHE_2, auth = MOD_WAKLOG})]
val webNodes_admin = [("deleuze", {version = APACHE_2, auth = MOD_WAKLOG})]
- val webNodes_default = ["navajos"]
-
val proxyTargets = ["http://hcoop.net/cgi-bin/mailman",
"http://hcoop.net/pipermail"]
user,
"/apache/log"]
+(* FIXME: hcoop.net reference *)
fun realLogDirOf user =
if size user < 2 then
"/bad_username"
fun backupLogDirOf version1 =
if version1 then
- "/afs/hcoop.net/common/etc/domtool/backup/apache/"
+ ConfigCore.sharedRoot ^ "/backup/apache/"
else
- "/afs/hcoop.net/common/etc/domtool/backup/apache2/"
+ ConfigCore.sharedRoot ^ "/backup/apache2/"
val defaultPhpVersion = 5
-val waklogUserFile = "/var/domtool/waklog.conf"
+val waklogUserFile = ConfigCore.localRoot ^ "/waklog.conf"
end
-val libRoot = "/afs/hcoop.net/common/etc/domtool/lib"
-val resultRoot = "/afs/hcoop.net/common/etc/domtool/nodes"
+open ConfigCore
+
+val libRoot = ConfigCore.sharedRoot ^ "/lib"
+val resultRoot = ConfigCore.sharedRoot ^ "/nodes"
val tmpDir = "/tmp/domtool"
-val oldResultRoot = "/afs/hcoop.net/common/etc/domtool/nodes.old"
+val oldResultRoot = ConfigCore.sharedRoot ^ "/nodes.old"
-val cat = "/bin/cat"
-val cp = "/bin/cp"
-val diff = "/usr/bin/diff"
-val rm = "/bin/rm"
-val echo = "/bin/echo"
-val grep = "/bin/grep"
-val sudo = "/usr/bin/sudo"
-val domtool_publish = "/usr/local/sbin/domtool-publish"
+val domtool_publish = ConfigCore.installPrefix ^ "/sbin/domtool-publish"
- val defaultNs = "ns1.hcoop.net"
-
- val defaultRefresh = 86400
- val defaultRetry = 1800
- val defaultExpiry = 1209600
- val defaultMinimum = 3600
-
val nodeIps = [("deleuze", "69.90.123.67"), ("hopper", "69.90.123.74"), ("fritz", "69.90.123.75"), ("navajos", "69.90.123.70"), ("bog", "69.90.123.72"), ("outpost", "151.236.216.192")]
-val defaultNode = "deleuze"
-
-val masterNode = "deleuze"
-val slaveNodes = ["outpost"]
-(* THESE ARE THE DNS MASTER/SLAVE, NOT DOMTOOL NODES *)
+val dispatcherName = "fritz"
val dnsNodes_all = ["deleuze", "outpost"]
val dnsNodes_admin = []
val mailNodes_all = ["deleuze"]
val mailNodes_admin = []
-val aclFile = "/afs/hcoop.net/common/etc/domtool/acl"
+val aclFile = ConfigCore.sharedRoot ^ "/acl"
val testUser = "test"
val defaultDomain = "hcoop.net"
-val dispatcher = "deleuze.hcoop.net"
val dispatcherPort = 1234
val slavePort = 1235
val queueSize = 5
val bufSize = 1024
-val trustStore = "/afs/hcoop.net/common/etc/domtool/TrustStore.pem"
-
-val certDir = "/afs/hcoop.net/common/etc/domtool/certs"
-val keyDir = "/afs/hcoop.net/common/etc/domtool/keys"
-val serialDir = "/afs/hcoop.net/common/etc/domtool/serials"
+val trustStore = ConfigCore.sharedRoot ^ "/TrustStore.pem"
-val dispatcherName = "deleuze"
+val certDir = ConfigCore.sharedRoot ^ "/certs"
+val keyDir = ConfigCore.sharedRoot ^ "/keys"
+val caDir = "/etc/domtool/ca"
fun domtoolDir user =
case user of
- "domtool" => "/afs/hcoop.net/common/etc/domtool/.domtool"
+ "domtool" => ConfigCore.sharedRoot ^ "/.domtool"
| _ => OS.Path.joinDirFile {dir = Posix.SysDB.Passwd.home (Posix.SysDB.getpwnam user),
file = ".domtool"}
val worldReadable = ["/usr/share/moin", "/usr/share/apache/icons", "/afs/hcoop.net/common/app/moin/installed"]
-val publish_reusers = "/usr/bin/sudo " ^ domtool_publish ^ " users"
+val publish_reusers = ConfigCore.sudo ^ " " ^ domtool_publish ^ " users"
val tmpDir : string
(* Filesystem location for creating temporary directories *)
-(* Paths to standard UNIX utilities *)
-val cat : string
-val cp : string
-val diff : string
-val rm : string
-val echo : string
-val grep : string
-val sudo : string
val domtool_publish : string
- (* DNS SOA parameter defaults *)
- val defaultNs : string
- val defaultRefresh : int
- val defaultRetry : int
- val defaultExpiry : int
- val defaultMinimum : int
-
(* Names of machines who will receive configuration *)
val nodeIps : (string * string) list
-val defaultNode : string
-
-val masterNode : string
-val slaveNodes : string list
+val dispatcherName : string
val aclFile : string
(* Place to serialize ACL information *)
val defaultDomain : string
-val dispatcher : string
val dispatcherPort : int
val slavePort : int
val queueSize : int
val certDir : string
val keyDir : string
-val serialDir : string
-
-val dispatcherName : string
+val caDir : string
val dnsNodes_all : string list
val dnsNodes_admin : string list
val worldReadable : string list
val publish_reusers : string
+
+include CONFIG_CORE
structure Exim :> EXIM_CONFIG = struct
-val aliases = "/var/domtool/aliases"
-val aliasesDefault = "/var/domtool/aliases.default"
-val handleDomains = "/var/domtool/local_domains.cfg"
-val relayDomains = "/var/domtool/relay_domains.cfg"
+val aliases = ConfigCore.localRoot ^ "/aliases"
+val aliasesDefault = ConfigCore.localRoot ^ "/aliases.default"
+val handleDomains = ConfigCore.localRoot ^ "/local_domains.cfg"
+val relayDomains = ConfigCore.localRoot ^ "/relay_domains.cfg"
-val reload = "/usr/bin/sudo /usr/local/sbin/domtool-publish exim"
+val reload = ConfigCore.sudo ^ " " ^ ConfigCore.installPrefix ^ "/sbin/domtool-publish exim"
- val aliasTo = ["deleuze"]
-
val mainLog = "/var/log/exim4/mainlog"
end
class = "domain"};
your_usrs := Acl.class {user = getUser (),
class = "user"};
- your_grps := Acl.class {user = getUser (),
- class = "group"};
+ your_grps := SS.add (Acl.class {user = getUser (),
+ class = "group"},
+ "nogroup");
your_pths := your_paths;
readable_pths := SS.union (your_paths, world_readable);
your_ipss := Acl.class {user = getUser (),
fun validNode s = List.exists (fn s' => s = s') nodes
fun yourDomain s = !fakePrivs orelse SS.member (your_domains (), s)
- fun yourUser s = SS.member (your_users (), s)
- fun yourGroup s = SS.member (your_groups (), s)
+ fun yourUser s = !fakePrivs orelse SS.member (your_users (), s)
+ fun yourGroup s = !fakePrivs orelse SS.member (your_groups (), s)
+
fun checkPath paths path =
+ !fakePrivs orelse
(List.all (fn s => s <> "..") (String.fields (fn ch => ch = #"/") path)
andalso CharVector.all (fn ch => Char.isAlphaNum ch orelse ch = #"." orelse ch = #"/"
orelse ch = #"-" orelse ch = #"_") path
andalso SS.exists (fn s' => path = s' orelse String.isPrefix (s' ^ "/") path) (paths ()))
val yourPath = checkPath your_paths
val readablePath = checkPath readable_paths
+
fun yourIp s = !fakePrivs orelse SS.member (your_ips (), s)
fun yourDomainHost s =
| _ => NONE)
- val nsD = (EString Config.defaultNs, dl)
- val serialD = (EVar "serialAuto", dl)
- val refD = (EInt Config.defaultRefresh, dl)
- val retD = (EInt Config.defaultRetry, dl)
- val expD = (EInt Config.defaultExpiry, dl)
- val minD = (EInt Config.defaultMinimum, dl)
-
- val soaD = multiApp ((EVar "soa", dl),
- dl,
- [nsD, serialD, refD, retD, expD, minD])
-
- val masterD = (EApp ((EVar "internalMaster", dl),
- (EString Config.Bind.masterNode, dl)),
- dl)
+ val _ = Env.registerFunction ("you",
+ fn [] => SOME (EString (getUser ()), dl)
+ | _ => NONE)
- val slavesD = (EList (map (fn s => (EString s, dl))
- (List.filter (fn x => List.exists (fn y => y = x) (Config.dnsNodes_all @ Config.dnsNodes_admin)) Config.Bind.slaveNodes)), dl)
-
- val _ = Defaults.registerDefault ("Aliases",
- (TList (TBase "your_domain", dl), dl),
- (fn () => (EList [], dl)))
-
- val _ = Defaults.registerDefault ("Mailbox",
- (TBase "email", dl),
- (fn () => (EString (getUser ()), dl)))
-
- val _ = Defaults.registerDefault ("DNS",
- (TBase "dnsKind", dl),
- (fn () => multiApp ((EVar "useDns", dl),
- dl,
- [soaD, masterD, slavesD])))
+ val _ = Env.registerFunction ("defaultMailbox",
+ fn [] => SOME (EString (getUser ()), dl)
+ | _ => NONE)
- val _ = Defaults.registerDefault ("TTL",
- (TBase "int", dl),
- (fn () => (EInt Config.Bind.defaultTTL, dl)))
type soa = {ns : string,
serial : int option,
in
print ("New configuration for node " ^ site ^ "\n");
- if site = Config.defaultNode then
+ if site = Config.dispatcherName then
Slave.handleChanges files
else let
val bio = OpenSSL.connect true (valOf (!ssl_context),
Posix.SysDB.Passwd.home (Posix.SysDB.getpwnam uname)
fun homedir () = homedirOf (getUser ())
+ handle e => if !fakePrivs then "/tmp" else raise e
type subject = {node : string, domain : string}
()
else
Option.app (Unused.check G) (#3 prog);
- Tycheck.checkFile G (Defaults.tInit prog) prog)
+ Tycheck.checkFile G prog)
end
fun basis () =
raise ErrorMsg.Error
else
let
- val G' = Tycheck.checkFile G (Defaults.tInit prog) prog
+ val G' = Tycheck.checkFile G prog
in
if !ErrorMsg.anyErrors then
raise ErrorMsg.Error
| (G, NONE) => (G, evs)
val dispatcher =
- Config.dispatcher ^ ":" ^ Int.toString Config.dispatcherPort
+ Domain.nodeIp Config.dispatcherName ^ ":" ^ Int.toString Config.dispatcherPort
val self =
"localhost:" ^ Int.toString Config.slavePort
val ok = ref true
fun contactNode (node, ip) =
- if node = Config.defaultNode then
+ if node = Config.dispatcherName then
Domain.resetLocal ()
else let
val bio = OpenSSL.connect true (context,
ok := false)
else
();
- ignore (foldl checker' (basis (), Defaults.eInit ()) files)
+ let val basis' = basis () in
+ ignore (foldl checker' (basis', Env.initialDynEnvVals basis') files)
+ end
end
else if String.isSuffix "_admin" user then
()
end
in
doIt (fn () => (Env.pre ();
- ignore (foldl doOne (basis (), Defaults.eInit ()) codes);
+ let val basis' = basis () in
+ ignore (foldl doOne (basis', Env.initialDynEnvVals basis') codes)
+ end;
Env.post ();
Msg.send (bio, MsgOk);
("Configuration complete.", NONE)))
val {dir, file} = OS.Path.splitDirFile (#file fs)
fun dnsChanged () =
- if #domain fs = !didDomain orelse Slave.hostname () <> Config.masterNode then
+ if #domain fs = !didDomain orelse Slave.hostname () <> Config.Bind.masterNode then
()
else if Slave.isDelete (#action fs) then
let
val min = readILine inf
val () = TextIO.closeIn inf
- val serialPath = OS.Path.joinDirFile {dir = Config.serialDir,
+ val serialPath = OS.Path.joinDirFile {dir = Config.Bind.serialDir,
file = #domain fs}
val oldSerial = let
Env.string
validSrvDomain
- fn [] => SOME (EString Config.masterNode, dl)
+ val _ = Env.registerFunction ("dns_master_node",
- fn [] => SOME (EList (map (fn n => (EString n, dl)) Config.slaveNodes), dl)
++ fn [] => SOME (EString Config.Bind.masterNode, dl)
+ | _ => NONE)
+
+ val _ = Env.registerFunction ("dns_slave_nodes",
++ fn [] => SOME (EList (map (fn n => (EString n, dl)) Config.Bind.slaveNodes), dl)
+ | _ => NONE)
+
end
configTypes.sml
+../config/core/core.sig
+../config/core/core.sml
../configDefault/config.sig
../configDefault/configDefault.sml
slave.sig
slave.sml
- defaults.sig
- defaults.sml
-
pcre.sig
pcre.sml
plugins/firewall.sig
plugins/firewall.sml
- plugins/easy_domain.sig
- plugins/easy_domain.sml
-
mail/vmail.sig
mail/vmail.sml
HCoop / clinton / domtool2.git / commitdiff