|
| 1 | +#!/bin/bash |
| 2 | +# Licensed to the Apache Software Foundation (ASF) under one |
| 3 | +# or more contributor license agreements. See the NOTICE file |
| 4 | +# distributed with this work for additional information |
| 5 | +# regarding copyright ownership. The ASF licenses this file |
| 6 | +# to you under the Apache License, Version 2.0 (the |
| 7 | +# "License"); you may not use this file except in compliance |
| 8 | +# with the License. You may obtain a copy of the License at |
| 9 | +# |
| 10 | +# http://www.apache.org/licenses/LICENSE-2.0 |
| 11 | +# |
| 12 | +# Unless required by applicable law or agreed to in writing, |
| 13 | +# software distributed under the License is distributed on an |
| 14 | +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| 15 | +# KIND, either express or implied. See the License for the |
| 16 | +# specific language governing permissions and limitations |
| 17 | +# under the License. |
| 18 | + |
| 19 | + |
| 20 | +# $Id: vm_data.sh 9307 2010-06-08 00:43:08Z chiradeep $ $HeadURL: svn://svn.lab.vmops.com/repos/vmdev/java/scripts/vm/hypervisor/xenserver/patch/vm_data.sh $ |
| 21 | +# @VERSION@ |
| 22 | + |
| 23 | +usage() { |
| 24 | + printf "Usage: %s: -r <domr-ip> -v <vm ip> -F <vm data folder> -f <vm data file> -d <data to put in file> \n" $(basename $0) >&2 |
| 25 | + exit 2 |
| 26 | +} |
| 27 | + |
| 28 | +set -x |
| 29 | +cert="/root/.ssh/id_rsa.cloud" |
| 30 | +PORT=3922 |
| 31 | + |
| 32 | +create_htaccess() { |
| 33 | + local domrIp=$1 |
| 34 | + local vmIp=$2 |
| 35 | + local folder=$3 |
| 36 | + local file=$4 |
| 37 | + |
| 38 | + local result=0 |
| 39 | + #rewrite rule in top level /latest folder to redirect |
| 40 | + #to vm specific folder based on source ip |
| 41 | + entry="RewriteRule ^$file$ ../$folder/%{REMOTE_ADDR}/$file [L,NC,QSA]" |
| 42 | + htaccessFolder="/var/www/html/latest" |
| 43 | + htaccessFile=$htaccessFolder/.htaccess |
| 44 | + ssh -p $PORT -o StrictHostKeyChecking=no -i $cert root@$domrIp "mkdir -p $htaccessFolder; touch $htaccessFile; grep -F \"$entry\" $htaccessFile; if [ \$? -gt 0 ]; then echo -e \"$entry\" >> $htaccessFile; fi" >/dev/null |
| 45 | + result=$? |
| 46 | + |
| 47 | + if [ $result -eq 0 ] |
| 48 | + then |
| 49 | + #ensure that vm specific folder cannot be listed and that only |
| 50 | + #the vm that owns the data can access the items in this directory |
| 51 | + entry="Options -Indexes\\nOrder Deny,Allow\\nDeny from all\\nAllow from $vmIp" |
| 52 | + htaccessFolder="/var/www/html/$folder/$vmIp" |
| 53 | + htaccessFile=$htaccessFolder/.htaccess |
| 54 | + ssh -p $PORT -o StrictHostKeyChecking=no -i $cert root@$domrIp "mkdir -p $htaccessFolder; echo -e \"$entry\" > $htaccessFile" >/dev/null |
| 55 | + result=$? |
| 56 | + fi |
| 57 | + |
| 58 | + #support access by http://<dhcp server>/latest/<metadata key> (legacy, see above) also |
| 59 | + # http://<dhcp server>/latest/meta-data/<metadata key> (correct) |
| 60 | + if [ "$folder" == "metadata" ] || [ "$folder" == "meta-data" ] |
| 61 | + then |
| 62 | + entry="RewriteRule ^meta-data/(.+)$ ../$folder/%{REMOTE_ADDR}/\\\$1 [L,NC,QSA]" |
| 63 | + htaccessFolder="/var/www/html/latest" |
| 64 | + htaccessFile=$htaccessFolder/.htaccess |
| 65 | + ssh -p $PORT -o StrictHostKeyChecking=no -i $cert root@$domrIp "grep -F \"$entry\" $htaccessFile; if [ \$? -gt 0 ]; then echo -e \"$entry\" >> $htaccessFile; fi" >/dev/null |
| 66 | + entry="RewriteRule ^meta-data/$ ../$folder/%{REMOTE_ADDR}/meta-data [L,NC,QSA]" |
| 67 | + ssh -p $PORT -o StrictHostKeyChecking=no -i $cert root@$domrIp "grep -F \"$entry\" $htaccessFile; if [ \$? -gt 0 ]; then echo -e \"$entry\" >> $htaccessFile; fi" >/dev/null |
| 68 | + result=$? |
| 69 | + fi |
| 70 | + |
| 71 | + return $result |
| 72 | +} |
| 73 | + |
| 74 | +copy_vm_data_file() { |
| 75 | + local domrIp=$1 |
| 76 | + local vmIp=$2 |
| 77 | + local folder=$3 |
| 78 | + local file=$4 |
| 79 | + local dataFile=$5 |
| 80 | + |
| 81 | + dest=/var/www/html/$folder/$vmIp/$file |
| 82 | + metamanifest=/var/www/html/$folder/$vmIp/meta-data |
| 83 | + scp -P $PORT -o StrictHostKeyChecking=no -i $cert $dataFile root@$domrIp:$dest >/dev/null |
| 84 | + ssh -p $PORT -o StrictHostKeyChecking=no -i $cert root@$domrIp "chmod 644 $dest" > /dev/null |
| 85 | + ssh -p $PORT -o StrictHostKeyChecking=no -i $cert root@$domrIp "touch $metamanifest; chmod 644 $metamanifest" > /dev/null |
| 86 | + if [ "$folder" == "metadata" ] || [ "$folder" == "meta-data" ] |
| 87 | + then |
| 88 | + ssh -p $PORT -o StrictHostKeyChecking=no -i $cert root@$domrIp "sed -i '/$file/d' $metamanifest; echo $file >> $metamanifest" > /dev/null |
| 89 | + fi |
| 90 | + |
| 91 | + return $? |
| 92 | +} |
| 93 | + |
| 94 | +delete_vm_data_file() { |
| 95 | + local domrIp=$1 |
| 96 | + local vmIp=$2 |
| 97 | + local folder=$3 |
| 98 | + local file=$4 |
| 99 | + |
| 100 | + vmDataFilePath="/var/www/html/$folder/$vmIp/$file" |
| 101 | + ssh -p $PORT -o StrictHostKeyChecking=no -i $cert root@$domrIp "if [ -f $vmDataFilePath ]; then rm -rf $vmDataFilePath; fi" >/dev/null |
| 102 | + return $? |
| 103 | +} |
| 104 | + |
| 105 | +domrIp= |
| 106 | +vmIp= |
| 107 | +folder= |
| 108 | +file= |
| 109 | +dataFile= |
| 110 | + |
| 111 | +while getopts 'r:v:F:f:d:' OPTION |
| 112 | +do |
| 113 | + case $OPTION in |
| 114 | + r) domrIp="$OPTARG" |
| 115 | + ;; |
| 116 | + v) vmIp="$OPTARG" |
| 117 | + ;; |
| 118 | + F) folder="$OPTARG" |
| 119 | + ;; |
| 120 | + f) file="$OPTARG" |
| 121 | + ;; |
| 122 | + d) dataFile="$OPTARG" |
| 123 | + ;; |
| 124 | + ?) usage |
| 125 | + exit 1 |
| 126 | + ;; |
| 127 | + esac |
| 128 | +done |
| 129 | + |
| 130 | +[ "$domrIp" == "" ] || [ "$vmIp" == "" ] || [ "$folder" == "" ] || [ "$file" == "" ] && usage |
| 131 | +[ "$folder" != "userdata" ] && [ "$folder" != "metadata" ] && usage |
| 132 | + |
| 133 | +if [ "$dataFile" != "" ] |
| 134 | +then |
| 135 | + create_htaccess $domrIp $vmIp $folder $file |
| 136 | + |
| 137 | + if [ $? -gt 0 ] |
| 138 | + then |
| 139 | + exit 1 |
| 140 | + fi |
| 141 | + |
| 142 | + copy_vm_data_file $domrIp $vmIp $folder $file $dataFile |
| 143 | +else |
| 144 | + delete_vm_data_file $domrIp $vmIp $folder $file |
| 145 | +fi |
| 146 | + |
| 147 | +exit $? |
0 commit comments