From: Clinton Ebadi Date: Sat, 26 Apr 2014 00:05:10 +0000 (-0400) Subject: merge toplevel-dynamic-environment X-Git-Tag: release_20140428~3 X-Git-Url: https://git.hcoop.net/hcoop/domtool2.git/commitdiff_plain/d63aa5e7b08630cc17a606e85e35acc5bd0041ee?hp=-c merge toplevel-dynamic-environment --- d63aa5e7b08630cc17a606e85e35acc5bd0041ee diff --combined configDefault/apache.cfg index 3d10c3a,a70a554..48d852a --- a/configDefault/apache.cfg +++ b/configDefault/apache.cfg @@@ -2,23 -2,21 +2,21 @@@ structure Apache :> APACHE_CONFIG = str open ConfigTypes -val reload = "/usr/bin/sudo /usr/local/sbin/domtool-publish apache" -val down = "/usr/bin/sudo /usr/local/sbin/domtool-publish apache-down" -val undown = "/usr/bin/sudo /usr/local/sbin/domtool-publish apache-undown" -val fixperms = "/usr/bin/sudo /usr/local/sbin/domtool-publish apache-fixperms" +val reload = ConfigCore.sudo ^ " " ^ ConfigCore.installPrefix ^ "/sbin/domtool-publish apache" +val down = ConfigCore.sudo ^ " " ^ ConfigCore.installPrefix ^ "/sbin/domtool-publish apache-down" +val undown = ConfigCore.sudo ^ " " ^ ConfigCore.installPrefix ^ "/sbin/domtool-publish apache-undown" +val fixperms = ConfigCore.sudo ^ " " ^ ConfigCore.installPrefix ^ "/sbin/domtool-publish apache-fixperms" -val reload1 = "/usr/bin/sudo /usr/local/sbin/domtool-publish apache1.3" -val down1 = "/usr/bin/sudo /usr/local/sbin/domtool-publish apache1.3-down" -val undown1 = "/usr/bin/sudo /usr/local/sbin/domtool-publish apache1.3-undown" -val fixperms1 = "/usr/bin/sudo /usr/local/sbin/domtool-publish apache1.3-fixperms" +val reload1 = ConfigCore.sudo ^ " " ^ ConfigCore.installPrefix ^ "/sbin/domtool-publish apache1.3" +val down1 = ConfigCore.sudo ^ " " ^ ConfigCore.installPrefix ^ "/sbin/domtool-publish apache1.3-down" +val undown1 = ConfigCore.sudo ^ " " ^ ConfigCore.installPrefix ^ "/sbin/domtool-publish apache1.3-undown" +val fixperms1 = ConfigCore.sudo ^ " " ^ ConfigCore.installPrefix ^ "/sbin/domtool-publish apache1.3-fixperms" -val confDir = "/var/domtool/vhosts" +val confDir = ConfigCore.localRoot ^ "/vhosts" val webNodes_all = [("navajos", {version = APACHE_2, auth = MOD_WAKLOG})] val webNodes_admin = [("deleuze", {version = APACHE_2, auth = MOD_WAKLOG})] - val webNodes_default = ["navajos"] - val proxyTargets = ["http://hcoop.net/cgi-bin/mailman", "http://hcoop.net/pipermail"] @@@ -41,7 -39,6 +39,7 @@@ fun logDirOf version1 user user, "/apache/log"] +(* FIXME: hcoop.net reference *) fun realLogDirOf user = if size user < 2 then "/bad_username" @@@ -56,12 -53,12 +54,12 @@@ fun backupLogDirOf version1 = if version1 then - "/afs/hcoop.net/common/etc/domtool/backup/apache/" + ConfigCore.sharedRoot ^ "/backup/apache/" else - "/afs/hcoop.net/common/etc/domtool/backup/apache2/" + ConfigCore.sharedRoot ^ "/backup/apache2/" val defaultPhpVersion = 5 -val waklogUserFile = "/var/domtool/waklog.conf" +val waklogUserFile = ConfigCore.localRoot ^ "/waklog.conf" end diff --combined configDefault/domtool.cfg index eeaebad,7fb4183..69dcf8a --- a/configDefault/domtool.cfg +++ b/configDefault/domtool.cfg @@@ -1,21 -1,23 +1,14 @@@ -val libRoot = "/afs/hcoop.net/common/etc/domtool/lib" -val resultRoot = "/afs/hcoop.net/common/etc/domtool/nodes" +open ConfigCore + +val libRoot = ConfigCore.sharedRoot ^ "/lib" +val resultRoot = ConfigCore.sharedRoot ^ "/nodes" val tmpDir = "/tmp/domtool" -val oldResultRoot = "/afs/hcoop.net/common/etc/domtool/nodes.old" +val oldResultRoot = ConfigCore.sharedRoot ^ "/nodes.old" -val cat = "/bin/cat" -val cp = "/bin/cp" -val diff = "/usr/bin/diff" -val rm = "/bin/rm" -val echo = "/bin/echo" -val grep = "/bin/grep" -val sudo = "/usr/bin/sudo" -val domtool_publish = "/usr/local/sbin/domtool-publish" +val domtool_publish = ConfigCore.installPrefix ^ "/sbin/domtool-publish" - val defaultNs = "ns1.hcoop.net" - - val defaultRefresh = 86400 - val defaultRetry = 1800 - val defaultExpiry = 1209600 - val defaultMinimum = 3600 - val nodeIps = [("deleuze", "69.90.123.67"), ("hopper", "69.90.123.74"), ("fritz", "69.90.123.75"), ("navajos", "69.90.123.70"), ("bog", "69.90.123.72"), ("outpost", "151.236.216.192")] -val defaultNode = "deleuze" - -val masterNode = "deleuze" -val slaveNodes = ["outpost"] -(* THESE ARE THE DNS MASTER/SLAVE, NOT DOMTOOL NODES *) +val dispatcherName = "fritz" val dnsNodes_all = ["deleuze", "outpost"] val dnsNodes_admin = [] @@@ -23,30 -25,33 +16,30 @@@ val mailNodes_all = ["deleuze"] val mailNodes_admin = [] -val aclFile = "/afs/hcoop.net/common/etc/domtool/acl" +val aclFile = ConfigCore.sharedRoot ^ "/acl" val testUser = "test" val defaultDomain = "hcoop.net" -val dispatcher = "deleuze.hcoop.net" val dispatcherPort = 1234 val slavePort = 1235 val queueSize = 5 val bufSize = 1024 -val trustStore = "/afs/hcoop.net/common/etc/domtool/TrustStore.pem" - -val certDir = "/afs/hcoop.net/common/etc/domtool/certs" -val keyDir = "/afs/hcoop.net/common/etc/domtool/keys" -val serialDir = "/afs/hcoop.net/common/etc/domtool/serials" +val trustStore = ConfigCore.sharedRoot ^ "/TrustStore.pem" -val dispatcherName = "deleuze" +val certDir = ConfigCore.sharedRoot ^ "/certs" +val keyDir = ConfigCore.sharedRoot ^ "/keys" +val caDir = "/etc/domtool/ca" fun domtoolDir user = case user of - "domtool" => "/afs/hcoop.net/common/etc/domtool/.domtool" + "domtool" => ConfigCore.sharedRoot ^ "/.domtool" | _ => OS.Path.joinDirFile {dir = Posix.SysDB.Passwd.home (Posix.SysDB.getpwnam user), file = ".domtool"} val worldReadable = ["/usr/share/moin", "/usr/share/apache/icons", "/afs/hcoop.net/common/app/moin/installed"] -val publish_reusers = "/usr/bin/sudo " ^ domtool_publish ^ " users" +val publish_reusers = ConfigCore.sudo ^ " " ^ domtool_publish ^ " users" diff --combined configDefault/domtool.cfs index 4cf7fee,b464d46..94b0076 --- a/configDefault/domtool.cfs +++ b/configDefault/domtool.cfs @@@ -11,18 -11,22 +11,11 @@@ val oldResultRoot : strin val tmpDir : string (* Filesystem location for creating temporary directories *) -(* Paths to standard UNIX utilities *) -val cat : string -val cp : string -val diff : string -val rm : string -val echo : string -val grep : string -val sudo : string val domtool_publish : string - (* DNS SOA parameter defaults *) - val defaultNs : string - val defaultRefresh : int - val defaultRetry : int - val defaultExpiry : int - val defaultMinimum : int - (* Names of machines who will receive configuration *) val nodeIps : (string * string) list -val defaultNode : string - -val masterNode : string -val slaveNodes : string list +val dispatcherName : string val aclFile : string (* Place to serialize ACL information *) @@@ -31,6 -35,7 +24,6 @@@ val testUser : strin val defaultDomain : string -val dispatcher : string val dispatcherPort : int val slavePort : int val queueSize : int @@@ -41,7 -46,9 +34,7 @@@ val trustStore : strin val certDir : string val keyDir : string -val serialDir : string - -val dispatcherName : string +val caDir : string val dnsNodes_all : string list val dnsNodes_admin : string list @@@ -54,5 -61,3 +47,5 @@@ val domtoolDir : string -> strin val worldReadable : string list val publish_reusers : string + +include CONFIG_CORE diff --combined configDefault/exim.cfg index db689ec,6a79253..4724054 --- a/configDefault/exim.cfg +++ b/configDefault/exim.cfg @@@ -1,14 -1,12 +1,12 @@@ structure Exim :> EXIM_CONFIG = struct -val aliases = "/var/domtool/aliases" -val aliasesDefault = "/var/domtool/aliases.default" -val handleDomains = "/var/domtool/local_domains.cfg" -val relayDomains = "/var/domtool/relay_domains.cfg" +val aliases = ConfigCore.localRoot ^ "/aliases" +val aliasesDefault = ConfigCore.localRoot ^ "/aliases.default" +val handleDomains = ConfigCore.localRoot ^ "/local_domains.cfg" +val relayDomains = ConfigCore.localRoot ^ "/relay_domains.cfg" -val reload = "/usr/bin/sudo /usr/local/sbin/domtool-publish exim" +val reload = ConfigCore.sudo ^ " " ^ ConfigCore.installPrefix ^ "/sbin/domtool-publish exim" - val aliasTo = ["deleuze"] - val mainLog = "/var/log/exim4/mainlog" end diff --combined src/domain.sml index 2b93535,7286b2e..affa1b1 --- a/src/domain.sml +++ b/src/domain.sml @@@ -70,8 -70,9 +70,9 @@@ fun setUser user class = "domain"}; your_usrs := Acl.class {user = getUser (), class = "user"}; - your_grps := Acl.class {user = getUser (), - class = "group"}; + your_grps := SS.add (Acl.class {user = getUser (), + class = "group"}, + "nogroup"); your_pths := your_paths; readable_pths := SS.union (your_paths, world_readable); your_ipss := Acl.class {user = getUser (), @@@ -133,15 -134,18 +134,18 @@@ fun validDomain s fun validNode s = List.exists (fn s' => s = s') nodes fun yourDomain s = !fakePrivs orelse SS.member (your_domains (), s) - fun yourUser s = SS.member (your_users (), s) - fun yourGroup s = SS.member (your_groups (), s) + fun yourUser s = !fakePrivs orelse SS.member (your_users (), s) + fun yourGroup s = !fakePrivs orelse SS.member (your_groups (), s) + fun checkPath paths path = + !fakePrivs orelse (List.all (fn s => s <> "..") (String.fields (fn ch => ch = #"/") path) andalso CharVector.all (fn ch => Char.isAlphaNum ch orelse ch = #"." orelse ch = #"/" orelse ch = #"-" orelse ch = #"_") path andalso SS.exists (fn s' => path = s' orelse String.isPrefix (s' ^ "/") path) (paths ())) val yourPath = checkPath your_paths val readablePath = checkPath readable_paths + fun yourIp s = !fakePrivs orelse SS.member (your_ips (), s) fun yourDomainHost s = @@@ -267,41 -271,14 +271,14 @@@ val _ = Env.registerFunction ("end_in_s | _ => NONE) - val nsD = (EString Config.defaultNs, dl) - val serialD = (EVar "serialAuto", dl) - val refD = (EInt Config.defaultRefresh, dl) - val retD = (EInt Config.defaultRetry, dl) - val expD = (EInt Config.defaultExpiry, dl) - val minD = (EInt Config.defaultMinimum, dl) - - val soaD = multiApp ((EVar "soa", dl), - dl, - [nsD, serialD, refD, retD, expD, minD]) - - val masterD = (EApp ((EVar "internalMaster", dl), - (EString Config.Bind.masterNode, dl)), - dl) + val _ = Env.registerFunction ("you", + fn [] => SOME (EString (getUser ()), dl) + | _ => NONE) - val slavesD = (EList (map (fn s => (EString s, dl)) - (List.filter (fn x => List.exists (fn y => y = x) (Config.dnsNodes_all @ Config.dnsNodes_admin)) Config.Bind.slaveNodes)), dl) - - val _ = Defaults.registerDefault ("Aliases", - (TList (TBase "your_domain", dl), dl), - (fn () => (EList [], dl))) - - val _ = Defaults.registerDefault ("Mailbox", - (TBase "email", dl), - (fn () => (EString (getUser ()), dl))) - - val _ = Defaults.registerDefault ("DNS", - (TBase "dnsKind", dl), - (fn () => multiApp ((EVar "useDns", dl), - dl, - [soaD, masterD, slavesD]))) + val _ = Env.registerFunction ("defaultMailbox", + fn [] => SOME (EString (getUser ()), dl) + | _ => NONE) - val _ = Defaults.registerDefault ("TTL", - (TBase "int", dl), - (fn () => (EInt Config.Bind.defaultTTL, dl))) type soa = {ns : string, serial : int option, @@@ -712,7 -689,7 +689,7 @@@ fun handleSite (site, files) in print ("New configuration for node " ^ site ^ "\n"); - if site = Config.defaultNode then + if site = Config.dispatcherName then Slave.handleChanges files else let val bio = OpenSSL.connect true (valOf (!ssl_context), @@@ -892,6 -869,7 +869,7 @@@ fun homedirOf uname Posix.SysDB.Passwd.home (Posix.SysDB.getpwnam uname) fun homedir () = homedirOf (getUser ()) + handle e => if !fakePrivs then "/tmp" else raise e type subject = {node : string, domain : string} diff --combined src/main.sml index 1552791,6cb3ef1..fe93791 --- a/src/main.sml +++ b/src/main.sml @@@ -51,7 -51,7 +51,7 @@@ fun check' G fname () else Option.app (Unused.check G) (#3 prog); - Tycheck.checkFile G (Defaults.tInit prog) prog) + Tycheck.checkFile G prog) end fun basis () = @@@ -101,7 -101,7 +101,7 @@@ fun check G fname raise ErrorMsg.Error else let - val G' = Tycheck.checkFile G (Defaults.tInit prog) prog + val G' = Tycheck.checkFile G prog in if !ErrorMsg.anyErrors then raise ErrorMsg.Error @@@ -208,7 -208,7 +208,7 @@@ fun eval G evs fname | (G, NONE) => (G, evs) val dispatcher = - Config.dispatcher ^ ":" ^ Int.toString Config.dispatcherPort + Domain.nodeIp Config.dispatcherName ^ ":" ^ Int.toString Config.dispatcherPort val self = "localhost:" ^ Int.toString Config.slavePort @@@ -1091,7 -1091,7 +1091,7 @@@ fun regenerateEither tc checker contex val ok = ref true fun contactNode (node, ip) = - if node = Config.defaultNode then + if node = Config.dispatcherName then Domain.resetLocal () else let val bio = OpenSSL.connect true (context, @@@ -1149,7 -1149,9 +1149,9 @@@ ok := false) else (); - ignore (foldl checker' (basis (), Defaults.eInit ()) files) + let val basis' = basis () in + ignore (foldl checker' (basis', Env.initialDynEnvVals basis') files) + end end else if String.isSuffix "_admin" user then () @@@ -1314,7 -1316,9 +1316,9 @@@ fun service () end in doIt (fn () => (Env.pre (); - ignore (foldl doOne (basis (), Defaults.eInit ()) codes); + let val basis' = basis () in + ignore (foldl doOne (basis', Env.initialDynEnvVals basis') codes) + end; Env.post (); Msg.send (bio, MsgOk); ("Configuration complete.", NONE))) diff --combined src/plugins/bind.sml index 4b9eccd,89e8b06..ca35c2c --- a/src/plugins/bind.sml +++ b/src/plugins/bind.sml @@@ -229,7 -229,7 +229,7 @@@ val () = Slave.registerFileHandler (fn val {dir, file} = OS.Path.splitDirFile (#file fs) fun dnsChanged () = - if #domain fs = !didDomain orelse Slave.hostname () <> Config.masterNode then + if #domain fs = !didDomain orelse Slave.hostname () <> Config.Bind.masterNode then () else if Slave.isDelete (#action fs) then let @@@ -257,7 -257,7 +257,7 @@@ val min = readILine inf val () = TextIO.closeIn inf - val serialPath = OS.Path.joinDirFile {dir = Config.serialDir, + val serialPath = OS.Path.joinDirFile {dir = Config.Bind.serialDir, file = #domain fs} val oldSerial = let @@@ -374,4 -374,12 +374,12 @@@ val _ = Env.type_one "srv_domain Env.string validSrvDomain + val _ = Env.registerFunction ("dns_master_node", - fn [] => SOME (EString Config.masterNode, dl) ++ fn [] => SOME (EString Config.Bind.masterNode, dl) + | _ => NONE) + + val _ = Env.registerFunction ("dns_slave_nodes", - fn [] => SOME (EList (map (fn n => (EString n, dl)) Config.slaveNodes), dl) ++ fn [] => SOME (EList (map (fn n => (EString n, dl)) Config.Bind.slaveNodes), dl) + | _ => NONE) + end diff --combined src/sources index 3c3ff42,3f72ec2..17a9fd4 --- a/src/sources +++ b/src/sources @@@ -7,8 -7,6 +7,8 @@@ ast.sm configTypes.sml +../config/core/core.sig +../config/core/core.sml ../configDefault/config.sig ../configDefault/configDefault.sml @@@ -50,9 -48,6 +50,6 @@@ acl.sm slave.sig slave.sml - defaults.sig - defaults.sml - pcre.sig pcre.sml @@@ -117,9 -112,6 +114,6 @@@ plugins/socketPerm.sm plugins/firewall.sig plugins/firewall.sml - plugins/easy_domain.sig - plugins/easy_domain.sml - mail/vmail.sig mail/vmail.sml