hcoop/domtool2.git
7 years agoAdd navajos to library
Clinton Ebadi [Mon, 10 Dec 2012 01:40:09 +0000 (20:40 -0500)]
Add navajos to library

7 years agoEVar -> EString in default for DefaultWebNode
Clinton Ebadi [Sun, 9 Dec 2012 06:18:33 +0000 (01:18 -0500)]
EVar -> EString in default for DefaultWebNode
Even sml lets you do stupid things!

7 years agoRegister default value for DefaultWebNode environment variable release_20121208
Clinton Ebadi [Sun, 9 Dec 2012 02:02:22 +0000 (21:02 -0500)]
Register default value for DefaultWebNode environment variable
This will allow users to change the value used for the defaultA and vhost

7 years agoRemove automatic insserv in Makefile release_20121207-1
Clinton Ebadi [Fri, 7 Dec 2012 20:49:40 +0000 (15:49 -0500)]
Remove automatic insserv in Makefile
It was a bad idea. Added a --bootstrap option to the deploy script instead

7 years agoFirewell: Concat $WEBNODES list using space instead of comma release_20121207
Clinton Ebadi [Fri, 7 Dec 2012 20:25:04 +0000 (15:25 -0500)]
Firewell: Concat $WEBNODES list using space instead of comma

7 years agoUse jump instead of goto in firewall
Clinton Ebadi [Fri, 7 Dec 2012 20:19:48 +0000 (15:19 -0500)]
Use jump instead of goto in firewall
They do the same thing, but ferm renamed the keyword to reflect what
it does better.

7 years agobourne shell vs bashism fix
Clinton Ebadi [Fri, 7 Dec 2012 20:19:04 +0000 (15:19 -0500)]
bourne shell vs bashism fix

7 years agoCorrect location of firewall rules
Clinton Ebadi [Fri, 7 Dec 2012 19:20:19 +0000 (14:20 -0500)]
Correct location of firewall rules
Helps to use the right pathname, usually.

7 years agoRead ACL in slave service loop
Clinton Ebadi [Fri, 7 Dec 2012 16:42:32 +0000 (11:42 -0500)]
Read ACL in slave service loop
At least the firewall needs to query permissions. Acl.read has the
handy attribute of clearing the current ACL. I think the main service
function sould also be re-reading the permissions on each loop, or
perhaps not because it may call setupUser instead? Investigate.

7 years agoBetter error message for fwtool
Clinton Ebadi [Fri, 7 Dec 2012 16:22:29 +0000 (11:22 -0500)]
Better error message for fwtool

7 years agoGenerate config into domtool work directory and copy later
Clinton Ebadi [Fri, 7 Dec 2012 15:28:08 +0000 (10:28 -0500)]
Generate config into domtool work directory and copy later
Also update paths in the config to where the live files are

7 years agoOpen outgoing ports on web nodes for firewall ProxiedServer directive
Clinton Ebadi [Fri, 7 Dec 2012 15:27:02 +0000 (10:27 -0500)]
Open outgoing ports on web nodes for firewall ProxiedServer directive
Opens outgoing ports for user on all user-accessible web nodes, but
right now that's just one machine.

7 years agoFor install_{server,slave}, insserv so domtool starts on boot
Clinton Ebadi [Thu, 6 Dec 2012 08:29:27 +0000 (03:29 -0500)]
For install_{server,slave}, insserv so domtool starts on boot
Brave GNU dependency based boot future

7 years agoExpand valid proxyHosts
Clinton Ebadi [Fri, 14 Sep 2012 05:33:47 +0000 (01:33 -0400)]
Expand valid proxyHosts
* Instead of matching `localhost', match from a list of possible hosts

7 years agoFix firewall input rules, add ProxiedServer directive
Clinton Ebadi [Fri, 14 Sep 2012 05:27:07 +0000 (01:27 -0400)]
Fix firewall input rules, add ProxiedServer directive
* mod uid-owner only works for output connections, hack it for now and
  just open the ports for everyone
* ProxiedServer allows connections from all webNodes, but does not
  open up output ports from them

7 years agoAdd navajos to domtool reset global
Clinton Ebadi [Fri, 14 Sep 2012 05:21:10 +0000 (01:21 -0400)]
Add navajos to domtool reset global
* Should clean this up in general

7 years agoFix chown group in publish script
Clinton Ebadi [Fri, 14 Sep 2012 05:20:38 +0000 (01:20 -0400)]
Fix chown group in publish script

7 years agoAdd navajos as domtool slave and user web node release_20120902
Clinton Ebadi [Sun, 2 Sep 2012 22:17:09 +0000 (18:17 -0400)]
Add navajos as domtool slave and user web node
* A brave new future awaits us

8 years agoMerge branch 'master' of /afs/hcoop.net/user/h/hc/hcoop/.hcoop-git/domtool2
Clinton Ebadi [Tue, 31 Jul 2012 08:07:59 +0000 (04:07 -0400)]
Merge branch 'master' of /afs/hcoop.net/user/h/hc/hcoop/.hcoop-git/domtool2

8 years agoFix all domtool scripts for modern Debian and HCoop practices
Clinton Ebadi [Tue, 31 Jul 2012 07:37:41 +0000 (03:37 -0400)]
Fix all domtool scripts for modern Debian and HCoop practices
* There is no longer any local `domtool' group, use `nogroup' instead and
  chmod files user readable only
* The init scripts assumed `/usr/local/[s]bin' were in `$PATH', which
  is not true on a default Debian install. Rather than require
  customization of system defaults, just use long paths. It would be
  nice if the Makefile supported relocatable installs, but I also want
  a pony for xmas.
* `domtool-admin-sudo' never worked properly. It seems to rely on the
  mistaken assumption that starting a `pagsh' gives you a new
  PAG... when `pagsh' has the unintuitive behavior of adopting the
  current PAG instead of creating a new one if one should
  exist. Things appeared to work since there was always a local
  domtool user, and some interaction between the init scripts
  acquiring tokens outside of a PAG and sudo led to use of the uid
  ticket cache. The solution is just to use `k5start' instead of
  `kinit && aklog'

8 years agoFix unintentional punning of masterNode and dispatcherName
Clinton Ebadi [Sat, 14 Jul 2012 23:45:38 +0000 (19:45 -0400)]
Fix unintentional punning of masterNode and dispatcherName
* masterNode is the DNS master, not the domtool dispatcher, but it was
  overloaded
* Luckily, there is a dispatcherName and a simple substitution fixes it

8 years agoPer-host firewall rules
Clinton Ebadi [Tue, 27 Mar 2012 03:06:39 +0000 (23:06 -0400)]
Per-host firewall rules
* The implementation is ugly (terribleness with tuples, filtering at
  generation time, etc.), but my SML-fu is too weak to do this
  properly in a time efficient manner
* Needs to check if user has some domtool permission to that node, ideally

8 years ago`fwtool' main
Clinton Ebadi [Sat, 7 Jan 2012 19:42:49 +0000 (14:42 -0500)]
`fwtool' main
* Basic driver

8 years agoFirewall Regen Support
Clinton Ebadi [Thu, 29 Dec 2011 20:06:50 +0000 (15:06 -0500)]
Firewall Regen Support
* Clean up code slightly (still ugly, I'm no good with SML)
* Accept `MsgFirewallRegen' to regenerate firewall on slave
* Not tested much, should also generate the firewall elsewhere and
  copy to `/etc'

8 years agoPort firewall generation from Domtool1/fwtool
Clinton Ebadi [Tue, 29 Nov 2011 07:08:16 +0000 (02:08 -0500)]
Port firewall generation from Domtool1/fwtool
* fwtool was a bit of a hack -- try to clean things up...
* Parsing and generating the config are split (somewhat)
* Only one set of rules for all nodes with a firewall

9 years agovmailpasswd: actually call domtool-publish release_2011-03-19
Clinton Ebadi [Sat, 19 Mar 2011 23:11:22 +0000 (19:11 -0400)]
vmailpasswd: actually call domtool-publish

9 years agoMerge branch 'release'
Clinton Ebadi [Tue, 8 Mar 2011 16:35:23 +0000 (11:35 -0500)]
Merge branch 'release'

9 years agoRemove hopper from domtool email configuration release_2011-03-08
Clinton Ebadi [Tue, 8 Mar 2011 16:33:32 +0000 (11:33 -0500)]
Remove hopper from domtool email configuration

9 years agoForce use of actual echo instead of shell builtin
clinton_admin [Mon, 31 Jan 2011 19:00:03 +0000 (14:00 -0500)]
Force use of actual echo instead of shell builtin
* The default echo builtin used by make doesn't support -e any more!

9 years agoEnable fritz as an admin web node release_2011-01-31
Clinton Ebadi [Mon, 31 Jan 2011 18:52:00 +0000 (13:52 -0500)]
Enable fritz as an admin web node

9 years agoConfigure outpost as a dns slave release_2010-12-05
root [Sun, 5 Dec 2010 21:38:54 +0000 (21:38 +0000)]
Configure outpost as a dns slave
* And remove hopper as it is not in dnsNodes_all and does not have
  bind installed

9 years agoMerge branch 'dbms-in-slave' release-2010-12-01_1
clinton_admin [Wed, 1 Dec 2010 07:13:20 +0000 (02:13 -0500)]
Merge branch 'dbms-in-slave'

9 years agoMove Mysql-fixperms into slave dbms-in-slave
Clinton Ebadi [Wed, 1 Dec 2010 06:49:36 +0000 (01:49 -0500)]
Move Mysql-fixperms into slave
* Occurs on dbmsNode as with other database operations

9 years agoAdd fritz as a slave node release-2010-12-01
clinton_admin [Wed, 1 Dec 2010 06:02:53 +0000 (01:02 -0500)]
Add fritz as a slave node
* Not used for anything yet, ensuring that the slave is setup correctly

9 years agoReadd outpost_ip to hcoop base library release_2010-11-30
clinton_admin [Wed, 1 Dec 2010 03:12:42 +0000 (22:12 -0500)]
Readd outpost_ip to hcoop base library

9 years agoUpdate domtool-mysql script for local filesystem tablespaces
Clinton Ebadi [Thu, 25 Nov 2010 06:10:17 +0000 (01:10 -0500)]
Update domtool-mysql script for local filesystem tablespaces
* /afs/hcoop.net/common/databases -> /srv/databases
* ACL -> give group mysql rw permissions on all files

9 years agoAttempt to move Dbms handling into slave
Clinton Ebadi [Thu, 25 Nov 2010 06:03:40 +0000 (01:03 -0500)]
Attempt to move Dbms handling into slave
* It typechecks and compiles... and looks like it ought to work
* `requestDbFoo' functions make an ad-hoc connection to a slave. There
  is much room for cleanup here.
* /Factored/ doIt function from `service' so that the Dbms message
  handling could be cut and pasted into the slave function
* Added Dbms.dbmsNode configuration option
* Note that dbms operations *always* occur on a slave now--if the
  machine is also the dispatcher node it will now need to run a slave
  instance as well

9 years agoRemove outpost from domtool control hcoop outpost-interim-release release_2010-11-19
Clinton Ebadi [Tue, 2 Nov 2010 23:09:46 +0000 (19:09 -0400)]
Remove outpost from domtool control
* The domtool config for hcoop.net needs to be updated

9 years agoTemporary workaround to `domtool-postgres' script
clinton_admin [Mon, 4 Oct 2010 04:21:30 +0000 (00:21 -0400)]
Temporary workaround to `domtool-postgres' script
* Explicitly connect to `postgres' host until fritz has a slave
  installed and databases can be managed by slavesÃ

10 years agoFix pcre_sml.so paths origin
Davor Ocelic [Tue, 16 Feb 2010 17:39:13 +0000 (17:39 +0000)]
Fix pcre_sml.so paths

10 years agoAdd fritz_ip 69.90.123.75
Davor Ocelic [Wed, 6 Jan 2010 11:28:02 +0000 (11:28 +0000)]
Add fritz_ip 69.90.123.75

10 years agoChange deleuze back to default Mailman node
Adam Chlipala [Tue, 5 Jan 2010 19:13:55 +0000 (19:13 +0000)]
Change deleuze back to default Mailman node

10 years agoDon't send DNS info to servers that don't run DNS daemons
Adam Chlipala [Tue, 29 Sep 2009 14:32:23 +0000 (14:32 +0000)]
Don't send DNS info to servers that don't run DNS daemons

10 years agoFixing Courier userdb rsync commands
Adam Chlipala [Tue, 29 Sep 2009 14:09:49 +0000 (14:09 +0000)]
Fixing Courier userdb rsync commands

10 years agoChanges to support IMAP on hopper all compile but are not tested yet
Adam Chlipala [Sun, 27 Sep 2009 19:07:34 +0000 (19:07 +0000)]
Changes to support IMAP on hopper all compile but are not tested yet

10 years agoMake dynamic linking smarter, so this stuff works before running 'make install'
Adam Chlipala [Sun, 27 Sep 2009 17:02:49 +0000 (17:02 +0000)]
Make dynamic linking smarter, so this stuff works before running 'make install'

11 years agobpt's domtool-mode auto-mode suggestion
Adam Chlipala [Sun, 26 Jul 2009 17:05:26 +0000 (17:05 +0000)]
bpt's domtool-mode auto-mode suggestion

11 years agoDefaultA parameter to dom
Adam Chlipala [Sun, 17 May 2009 13:01:15 +0000 (13:01 +0000)]
DefaultA parameter to dom

11 years agoSome mod_expires support
Adam Chlipala [Tue, 14 Apr 2009 14:07:25 +0000 (14:07 +0000)]
Some mod_expires support

11 years agoCatch OpenSSL exceptions on slave connection acceptance
Adam Chlipala [Thu, 19 Feb 2009 14:19:56 +0000 (14:19 +0000)]
Catch OpenSSL exceptions on slave connection acceptance

11 years agoACL check on reusers requests
Adam Chlipala [Tue, 17 Feb 2009 16:46:03 +0000 (16:46 +0000)]
ACL check on reusers requests

11 years agoGeneration of slash-tilde waklog directives for each user
Adam Chlipala [Tue, 17 Feb 2009 16:30:21 +0000 (16:30 +0000)]
Generation of slash-tilde waklog directives for each user

11 years agoPrint on start of mysql-fixperms in domtool-server
Adam Chlipala [Mon, 24 Nov 2008 14:08:35 +0000 (14:08 +0000)]
Print on start of mysql-fixperms in domtool-server

11 years agoAdd Apache icons to readable paths
Adam Chlipala [Mon, 22 Sep 2008 15:05:13 +0000 (15:05 +0000)]
Add Apache icons to readable paths

12 years agoStop warning about silly DNS directives
Adam Chlipala [Thu, 14 Aug 2008 13:58:32 +0000 (13:58 +0000)]
Stop warning about silly DNS directives

12 years agoChange some node filenames to avoid clashes with subdomains
Adam Chlipala [Thu, 14 Aug 2008 13:07:24 +0000 (13:07 +0000)]
Change some node filenames to avoid clashes with subdomains

12 years agoOutput suPHP_UserGroup
Adam Chlipala [Sat, 26 Jul 2008 14:20:37 +0000 (14:20 +0000)]
Output suPHP_UserGroup

12 years agodomtool-addcert handles inability to set an ACL entry
Adam Chlipala [Wed, 16 Jul 2008 00:06:43 +0000 (00:06 +0000)]
domtool-addcert handles inability to set an ACL entry

12 years agodomtool-readdcerts
Adam Chlipala [Tue, 15 Jul 2008 20:11:28 +0000 (20:11 +0000)]
domtool-readdcerts

12 years agoMake domtool-tail actually work
Adam Chlipala [Tue, 15 Jul 2008 19:47:14 +0000 (19:47 +0000)]
Make domtool-tail actually work

12 years agodomtool-tail
Adam Chlipala [Tue, 15 Jul 2008 19:39:28 +0000 (19:39 +0000)]
domtool-tail

12 years agoFilesMatch directive
Adam Chlipala [Tue, 15 Jul 2008 15:45:36 +0000 (15:45 +0000)]
FilesMatch directive

12 years agoReduce set of ACL categories to which '-fake' applies
Adam Chlipala [Tue, 15 Jul 2008 14:58:54 +0000 (14:58 +0000)]
Reduce set of ACL categories to which '-fake' applies

12 years ago'-fake' flag added to 'domtool'
Adam Chlipala [Tue, 15 Jul 2008 14:55:19 +0000 (14:55 +0000)]
'-fake' flag added to 'domtool'

12 years agoChanging handling of Apache log rename/delete
Adam Chlipala [Tue, 15 Jul 2008 14:31:13 +0000 (14:31 +0000)]
Changing handling of Apache log rename/delete

12 years agoMore loading of lib.dtl
Adam Chlipala [Thu, 10 Jul 2008 23:38:53 +0000 (23:38 +0000)]
More loading of lib.dtl

12 years agoRemove silly special-case servercert stuff
Adam Chlipala [Sat, 28 Jun 2008 14:40:10 +0000 (14:40 +0000)]
Remove silly special-case servercert stuff

12 years agoChange default nameservers
Adam Chlipala [Fri, 20 Jun 2008 18:34:35 +0000 (18:34 +0000)]
Change default nameservers

12 years agoExpand allowed set of proxy_targets
Adam Chlipala [Fri, 23 May 2008 15:19:26 +0000 (15:19 +0000)]
Expand allowed set of proxy_targets

12 years agoAllow rmdom on subdomains of those on the user's ACL
Adam Chlipala [Mon, 12 May 2008 20:26:51 +0000 (20:26 +0000)]
Allow rmdom on subdomains of those on the user's ACL

12 years agoFix postgres DB creation
Adam Chlipala [Wed, 9 Apr 2008 14:33:42 +0000 (14:33 +0000)]
Fix postgres DB creation

12 years agoSpecifying encoding on database creation
Adam Chlipala [Wed, 9 Apr 2008 14:23:57 +0000 (14:23 +0000)]
Specifying encoding on database creation

12 years agoAdd dnsWildcardIP
Adam Chlipala [Sat, 5 Apr 2008 20:16:57 +0000 (20:16 +0000)]
Add dnsWildcardIP

12 years agolib/hcoop.dtl: Add outpost_ip.
Michael Olson [Mon, 31 Mar 2008 00:27:49 +0000 (00:27 +0000)]
lib/hcoop.dtl: Add outpost_ip.

12 years agoMake outpost a nameserver for [dom]
Adam Chlipala [Sun, 23 Mar 2008 21:29:19 +0000 (21:29 +0000)]
Make outpost a nameserver for [dom]

12 years agoDon't revoke ACL entries on rmdom
Adam Chlipala [Sun, 16 Mar 2008 00:07:02 +0000 (00:07 +0000)]
Don't revoke ACL entries on rmdom

12 years agoChanges while getting the slave on outpost working
Adam Chlipala [Sat, 15 Mar 2008 16:37:25 +0000 (16:37 +0000)]
Changes while getting the slave on outpost working

12 years agoAdditions while poking around people's configs
Adam Chlipala [Sat, 1 Mar 2008 21:17:28 +0000 (21:17 +0000)]
Additions while poking around people's configs

12 years agoFix regeneration of multi-file dependencies
Adam Chlipala [Mon, 25 Feb 2008 01:40:17 +0000 (01:40 +0000)]
Fix regeneration of multi-file dependencies

12 years agoLibrary goodies
Adam Chlipala [Mon, 25 Feb 2008 00:33:05 +0000 (00:33 +0000)]
Library goodies

12 years agoImprove one kind of error message
Adam Chlipala [Mon, 25 Feb 2008 00:32:30 +0000 (00:32 +0000)]
Improve one kind of error message

12 years agoNew vhost shortcut
Adam Chlipala [Sun, 24 Feb 2008 22:03:29 +0000 (22:03 +0000)]
New vhost shortcut

12 years agoImprove some error messages
Adam Chlipala [Sun, 24 Feb 2008 21:58:17 +0000 (21:58 +0000)]
Improve some error messages

12 years agoAdd back mistakenly removed default env var
Adam Chlipala [Sun, 24 Feb 2008 21:47:04 +0000 (21:47 +0000)]
Add back mistakenly removed default env var

12 years agoTweakier dom
Adam Chlipala [Sun, 24 Feb 2008 21:40:26 +0000 (21:40 +0000)]
Tweakier dom

12 years agoAdd new Easy_domain env defaults
Adam Chlipala [Sun, 24 Feb 2008 21:32:44 +0000 (21:32 +0000)]
Add new Easy_domain env defaults

12 years agotestNoHtaccess
Adam Chlipala [Sun, 24 Feb 2008 20:53:04 +0000 (20:53 +0000)]
testNoHtaccess

12 years agoLess noisy pinging and shutting down
Adam Chlipala [Sun, 24 Feb 2008 20:36:46 +0000 (20:36 +0000)]
Less noisy pinging and shutting down

12 years agoRemove dnsKerberos, at mwolson's request
Adam Chlipala [Sun, 24 Feb 2008 20:21:41 +0000 (20:21 +0000)]
Remove dnsKerberos, at mwolson's request

12 years agoSuppress unused env var warnings for lib.dtl
Adam Chlipala [Sun, 24 Feb 2008 20:13:45 +0000 (20:13 +0000)]
Suppress unused env var warnings for lib.dtl

12 years agoSaving environment variables across file executions
Adam Chlipala [Sun, 24 Feb 2008 20:10:15 +0000 (20:10 +0000)]
Saving environment variables across file executions

12 years agoRemove pesky infinite loop
Adam Chlipala [Sun, 24 Feb 2008 18:33:13 +0000 (18:33 +0000)]
Remove pesky infinite loop

12 years agoPut files called lib.dtl first in dependency orderings
Adam Chlipala [Sun, 24 Feb 2008 18:23:44 +0000 (18:23 +0000)]
Put files called lib.dtl first in dependency orderings

12 years agoExpanding TXT support
Adam Chlipala [Sun, 24 Feb 2008 15:50:24 +0000 (15:50 +0000)]
Expanding TXT support

12 years agoHCoop IP synonyms; PhpVersion env var
Adam Chlipala [Mon, 18 Feb 2008 17:17:43 +0000 (17:17 +0000)]
HCoop IP synonyms; PhpVersion env var

12 years agobind_patterns
Adam Chlipala [Mon, 18 Feb 2008 16:38:00 +0000 (16:38 +0000)]
bind_patterns

12 years agoSome more mod_autoindex directives
Adam Chlipala [Mon, 18 Feb 2008 15:52:40 +0000 (15:52 +0000)]
Some more mod_autoindex directives

12 years agoTwo mod_mime directives
Adam Chlipala [Mon, 18 Feb 2008 15:32:59 +0000 (15:32 +0000)]
Two mod_mime directives

12 years agoinit scripts: Fix bug with writing PID files
Michael Olson [Fri, 15 Feb 2008 04:35:18 +0000 (04:35 +0000)]
init scripts: Fix bug with writing PID files

12 years agoinit scripts: Don't error out when stopping in restart action
Michael Olson [Fri, 15 Feb 2008 04:19:36 +0000 (04:19 +0000)]
init scripts: Don't error out when stopping in restart action