opengnsys
/
ogboot
2
0
Fork 0
Code Issues Pull Requests 2 Packages Projects Releases Wiki Activity

refs #401 adds functions for oglivecli and add composer.json and config dir for symfony

pull/4/head
qindel 2024-05-30 18:25:39 +00:00
parent a00b646804
commit bad709c0af
27 changed files with 629 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
.env 100644
View File

@ -0,0 +1,41 @@
# In all environments, the following files are loaded if they exist,
# the latter taking precedence over the former:
#
# * .env contains default values for the environment variables needed by the app
# * .env.local uncommitted file with local overrides
# * .env.$APP_ENV committed environment-specific defaults
# * .env.$APP_ENV.local uncommitted environment-specific overrides
#
# Real environment variables win over .env files.
#
# DO NOT DEFINE PRODUCTION SECRETS IN THIS FILE NOR IN ANY OTHER COMMITTED FILES.
# https://symfony.com/doc/current/configuration/secrets.html
#
# Run "composer dump-env prod" to compile .env files for production use (requires symfony/flex >=1.2).
# https://symfony.com/doc/current/best_practices.html#use-environment-variables-for-infrastructure-configuration
###> symfony/framework-bundle ###
APP_ENV=dev
APP_SECRET=d423d1302b974417d415b10bcde25767
###< symfony/framework-bundle ###
###> doctrine/doctrine-bundle ###
# Format described at https://www.doctrine-project.org/projects/doctrine-dbal/en/latest/reference/configuration.html#connecting-using-a-url
# IMPORTANT: You MUST configure your server version, either here or in config/packages/doctrine.yaml
#
# DATABASE_URL="sqlite:///%kernel.project_dir%/var/data.db"
# DATABASE_URL="mysql://app:!ChangeMe!@127.0.0.1:3306/app?serverVersion=8&charset=utf8mb4"
DATABASE_URL="postgresql://app:!ChangeMe!@127.0.0.1:5432/app?serverVersion=15&charset=utf8"
###< doctrine/doctrine-bundle ###
###> symfony/messenger ###
# Choose one of the transports below
# MESSENGER_TRANSPORT_DSN=amqp://guest:guest@localhost:5672/%2f/messages
# MESSENGER_TRANSPORT_DSN=redis://localhost:6379/messages
MESSENGER_TRANSPORT_DSN=doctrine://default?auto_setup=0
###< symfony/messenger ###
###> symfony/mailer ###
# MAILER_DSN=null://null
###< symfony/mailer ###

119
bin/setsmbpass 100755
View File

@ -0,0 +1,119 @@
#!/bin/bash
#/**
#@file setsmbpass [ogLive]
#@brief Cambia la contraseña de los clientes para acceder a los servicios principales.
#@usage setsmbpass [ogLive]
#@param ogLive solo modifica la clave del cliente indicado (puede crear inconsistencias)
#@warning Se modifica el Initrd del cliente y se cambia la clave en el servidor.
#@warning No se modifica el usuario de acceso (usuario "opengnsys").
#@version 1.0.2 - Versión inicial.
#@author Ramón M. Gómez - ETSII Univ. Sevilla
#@date 2011-07-28
#@version 1.1.0 - Soporte para varios clientes ogLive.
#@author Ramón M. Gómez - ETSII Univ. Sevilla
#@date 2017-06-20
#@version 1.2.0 - Soporte para varios compresores de Initrd.
#@author Ramón M. Gómez - ETSII Univ. Sevilla
#@date 2020-09-02
#*/ ##
# Variables y funciones globales.
PROG="$(basename "$0")"
OPENGNSYS=${OPENGNSYS:-"/opt/ogboot"}
PATH=$PATH:$OPENGNSYS/bin
SAMBAUSER="opengnsys" # Usuario por defecto.
TFTPDIR=$OPENGNSYS/tftpboot
INITRD=oginitrd.img
TMPDIR=/tmp/oglive$$
let CHANGES=0
source $OPENGNSYS/lib/ogfunctions.sh || exit 1
# Control de parámetros.
[ "$*" == "help" ] && help
[ "$*" == "version" ] && version
[ "$USER" != "root" ] && raiseError access "Solo ejecutable por root"
case $# in
0) # Cambios en todos los clientes ogLive instalados.
echolog "Cambiando contraseña en todos los clientes ogLive instalados"
if which oglivecli &>/dev/null; then
LIST=$(oglivecli list | awk '{print $2}')
else
LIST="ogclient"
fi ;;
1) # Cambios en único ogLive (AVISO: puede crear inconsistencias con otros ogLive).
echolog "Cambiando contraseña en un solo ogLive"
LIST="$1" ;;
*) # Error de formato.
raiseError usage ;;
esac
# Recuperar eco de consola si se corta el proceso.
trap "stty echo 2>/dev/null" KILL
# Buscar todos los clients ogLive instalados.
for OGLIVE in $LIST; do
# Crear clave para usuario de acceso a los recursos.
CLIENTINITRD="$TFTPDIR/$OGLIVE/$INITRD"
if [ -r "$CLIENTINITRD" ]; then
if [ -z "$SAMBAPASS" ]; then
# Obtener clave del teclado sin eco en pantalla.
stty -echo 2>/dev/null
echo -n "Clave del usuario Samba: "
read -r SAMBAPASS
# Solo se deben aceptar números y letras para la clave de acceso.
if [[ "$SAMBAPASS" =~ [^a-zA-Z0-9] ]]; then
echo
stty echo 2>/dev/null
raiseError cancel "La clave solo debe contener caracteres alfanuméricos"
fi
echo
# Obtener confirmación clave sin eco en pantalla.
echo -n "Confirmar clave: "
read -r SAMBAPASS2
echo
stty echo 2>/dev/null
[ "$SAMBAPASS" != "$SAMBAPASS2" ] && raiseError cancel "Las claves no coinciden"
fi
# Editar la parte de acceso del cliente:
# descomprimir Initrd, sustituir clave y recomprimir Initrd).
echolog "Configurando cliente \"$OGLIVE\" ..."
mkdir -p $TMPDIR
cd $TMPDIR || ogRaiseError access "Directorio temporal"
COMPRESS=$(file -b "$CLIENTINITRD" | awk '{print tolower($1);}')
$COMPRESS -dc "$CLIENTINITRD" | cpio -im
if [ -f scripts/ogfunctions ]; then
sed -i "s/OPTIONS=\(.*\)user=\w*\(.*\)pass=\w*\(.*\)/OPTIONS=\1user=$SAMBAUSER\2pass=$SAMBAPASS\3/" scripts/ogfunctions
# TEMPORAL: solución ticket 554, actualizar cliente en caché (ogLive r3257).
sed -i "s/busybox reboot/reboot/" scripts/ogfunctions
# FIN CÓDIGO TEMPORAL.
# Ticket 565, preparar acceso Rsync cliente.
echo "$SAMBAPASS" > scripts/passrsync
chown root.root scripts/passrsync
chmod 400 scripts/passrsync
# Generar Initrd del cliente (siempre comprimido con gzip).
find . | cpio -H newc -oa | gzip -9c > "$CLIENTINITRD"
else
echolog "$PROG: Aviso: no se ha modificado la clave del cliente \"$OGLIVE\"."
fi
rm -fr $TMPDIR
# Calcular suma de comprobación.
md5sum "$CLIENTINITRD" | cut -f1 -d" " > "$CLIENTINITRD.sum"
let CHANGES++
else
echolog "$PROG: Cliente \"$OGLIVE\" no accesible."
fi
done
if [[ $CHANGES != 0 ]]; then
# Ticket 565, preparar acceso Rsync servidor.
[ -e /etc/rsyncd.secrets ] && sed -i -n -e "/^$SAMBAUSER:/!p" -e "$ a$SAMBAUSER:$SAMBAPASS" /etc/rsyncd.secrets || echo "$SAMBAUSER:$SAMBAPASS" > /etc/rsyncd.secrets
chown root.root /etc/rsyncd.secrets
chmod 600 /etc/rsyncd.secrets
# Cambiar clave Samba.
echo -ne "$SAMBAPASS\n$SAMBAPASS\n" | smbpasswd -a -s $SAMBAUSER
else
echolog "$PROG: Aviso: no se ha modificado la clave de ningún cliente."
fi

107
composer.json 100644
View File

@ -0,0 +1,107 @@
{
"type": "project",
"license": "proprietary",
"minimum-stability": "stable",
"prefer-stable": true,
"require": {
"php": ">=7.2.0",
"ext-ctype": "*",
"ext-iconv": "*",
"doctrine/annotations": "^1.6",
"doctrine/doctrine-bundle": "^2.0",
"doctrine/doctrine-migrations-bundle": "^3.0",
"doctrine/orm": "^2.7",
"phpdocumentor/reflection-docblock": "^5.0",
"phpstan/phpdoc-parser": "^0.4",
"zircote/swagger-php": "3.*",
"symfony/runtime": "5.*",
"symfony/asset": "5.*",
"symfony/console": "5.*",
"symfony/doctrine-messenger": "5.*",
"symfony/dotenv": "5.*",
"symfony/expression-language": "5.*",
"symfony/flex": "^1.17",
"symfony/form": "5.*",
"symfony/framework-bundle": "5.*",
"symfony/http-client": "5.*",
"symfony/intl": "5.*",
"symfony/mailer": "5.*",
"symfony/mime": "5.*",
"symfony/monolog-bundle": "^3.0",
"symfony/notifier": "5.*",
"symfony/process": "5.*",
"symfony/property-access": "5.*",
"symfony/property-info": "5.*",
"symfony/security-bundle": "5.*",
"symfony/serializer": "5.*",
"symfony/string": "5.*",
"symfony/translation": "5.*",
"symfony/twig-bundle": "5.*",
"symfony/validator": "5.*",
"symfony/web-link": "5.*",
"symfony/yaml": "5.*",
"twig/extra-bundle": "^2.12|^3.0",
"twig/twig": "^2.12|^3.0"
},
"require-dev": {
"phpunit/phpunit": "^8.5",
"symfony/browser-kit": "5.*",
"symfony/css-selector": "5.*",
"symfony/debug-bundle": "5.*",
"symfony/maker-bundle": "^1.0",
"symfony/phpunit-bridge": "^5.0",
"symfony/stopwatch": "5.*",
"symfony/web-profiler-bundle": "5.*"
},
"config": {
"platform": {
"php": "7.2.24"
},
"allow-plugins": {
"composer/package-versions-deprecated": true,
"symfony/flex": true,
"symfony/runtime": true
},
"optimize-autoloader": true,
"preferred-install": {
"*": "dist"
},
"sort-packages": true
},
"autoload": {
"psr-4": {
"App\\": "src/"
}
},
"autoload-dev": {
"psr-4": {
"App\\Tests\\": "tests/"
}
},
"replace": {
"symfony/polyfill-ctype": "*",
"symfony/polyfill-iconv": "*",
"symfony/polyfill-php72": "*"
},
"scripts": {
"auto-scripts": {
"cache:clear": "symfony-cmd",
"assets:install %PUBLIC_DIR%": "symfony-cmd"
},
"post-install-cmd": [
"@auto-scripts"
],
"post-update-cmd": [
"@auto-scripts"
]
},
"conflict": {
"symfony/symfony": "*"
},
"extra": {
"symfony": {
"allow-contrib": false,
"require": "5.*"
}
}
}

15
config/bundles.php 100644
View File

@ -0,0 +1,15 @@
<?php
return [
Symfony\Bundle\FrameworkBundle\FrameworkBundle::class => ['all' => true],
Doctrine\Bundle\DoctrineBundle\DoctrineBundle::class => ['all' => true],
Doctrine\Bundle\MigrationsBundle\DoctrineMigrationsBundle::class => ['all' => true],
Symfony\Bundle\DebugBundle\DebugBundle::class => ['dev' => true],
Symfony\Bundle\MakerBundle\MakerBundle::class => ['dev' => true],
Symfony\Bundle\MonologBundle\MonologBundle::class => ['all' => true],
Symfony\Bundle\SecurityBundle\SecurityBundle::class => ['all' => true],
Symfony\Bundle\TwigBundle\TwigBundle::class => ['all' => true],
Symfony\Bundle\WebProfilerBundle\WebProfilerBundle::class => ['dev' => true, 'test' => true],
Twig\Extra\TwigExtraBundle\TwigExtraBundle::class => ['all' => true],
App\OgBootBundle\OgBootBundle::class => ['all' => true],
];

19
config/packages/cache.yaml 100644
View File

@ -0,0 +1,19 @@
framework:
cache:
# Unique name of your app: used to compute stable namespaces for cache keys.
#prefix_seed: your_vendor_name/app_name
# The "app" cache stores to the filesystem by default.
# The data in this cache should persist between deploys.
# Other options include:
# Redis
#app: cache.adapter.redis
#default_redis_provider: redis://localhost
# APCu (not recommended with heavy random-write workloads as memory fragmentation can cause perf issues)
#app: cache.adapter.apcu
# Namespaced pools use the above "app" backend by default
#pools:
#my.dedicated.cache: null

5
config/packages/debug.yaml 100644
View File

@ -0,0 +1,5 @@
when@dev:
debug:
# Forwards VarDumper Data clones to a centralized server allowing to inspect dumps on CLI or in your browser.
# See the "server:dump" command to start a new server.
dump_destination: "tcp://%env(VAR_DUMPER_SERVER)%"

44
config/packages/doctrine.yaml 100644
View File

@ -0,0 +1,44 @@
doctrine:
dbal:
url: '%env(resolve:DATABASE_URL)%'
# IMPORTANT: You MUST configure your server version,
# either here or in the DATABASE_URL env var (see .env file)
#server_version: '16'
use_savepoints: true
orm:
auto_generate_proxy_classes: true
naming_strategy: doctrine.orm.naming_strategy.underscore_number_aware
auto_mapping: true
mappings:
App:
is_bundle: false
dir: '%kernel.project_dir%/src/Entity'
prefix: 'App\Entity'
alias: App
when@test:
doctrine:
dbal:
# "TEST_TOKEN" is typically set by ParaTest
dbname_suffix: '_test%env(default::TEST_TOKEN)%'
when@prod:
doctrine:
orm:
auto_generate_proxy_classes: false
proxy_dir: '%kernel.build_dir%/doctrine/orm/Proxies'
query_cache_driver:
type: pool
pool: doctrine.system_cache_pool
result_cache_driver:
type: pool
pool: doctrine.result_cache_pool
framework:
cache:
pools:
doctrine.result_cache_pool:
adapter: cache.app
doctrine.system_cache_pool:
adapter: cache.system

6
config/packages/doctrine_migrations.yaml 100644
View File

@ -0,0 +1,6 @@
doctrine_migrations:
migrations_paths:
# namespace is arbitrary but should be different from App\Migrations
# as migrations classes should NOT be autoloaded
'DoctrineMigrations': '%kernel.project_dir%/migrations'
enable_profiler: false

24
config/packages/framework.yaml 100644
View File

@ -0,0 +1,24 @@
# see https://symfony.com/doc/current/reference/configuration/framework.html
framework:
secret: '%env(APP_SECRET)%'
#csrf_protection: true
http_method_override: false
# Enables session support. Note that the session will ONLY be started if you read or write from it.
# Remove or comment this section to explicitly disable session support.
session:
handler_id: null
cookie_secure: auto
cookie_samesite: lax
storage_factory_id: session.storage.factory.native
#esi: true
#fragments: true
php_errors:
log: true
when@test:
framework:
test: true
session:
storage_factory_id: session.storage.factory.mock_file

3
config/packages/mailer.yaml 100644
View File

@ -0,0 +1,3 @@
framework:
mailer:
dsn: '%env(MAILER_DSN)%'

17
config/packages/messenger.yaml 100644
View File

@ -0,0 +1,17 @@
framework:
messenger:
# reset services after consuming messages
reset_on_message: true
# Uncomment this (and the failed transport below) to send failed messages to this transport for later handling.
# failure_transport: failed
transports:
# https://symfony.com/doc/current/messenger.html#transport-configuration
# async: '%env(MESSENGER_TRANSPORT_DSN)%'
# failed: 'doctrine://default?queue_name=failed'
# sync: 'sync://'
routing:
# Route your messages to the transports
# 'App\Message\YourMessage': async

62
config/packages/monolog.yaml 100644
View File

@ -0,0 +1,62 @@
monolog:
channels:
- deprecation # Deprecations are logged in the dedicated "deprecation" channel when it exists
when@dev:
monolog:
handlers:
main:
type: stream
path: "%kernel.logs_dir%/%kernel.environment%.log"
level: debug
channels: ["!event"]
# uncomment to get logging in your browser
# you may have to allow bigger header sizes in your Web server configuration
#firephp:
# type: firephp
# level: info
#chromephp:
# type: chromephp
# level: info
console:
type: console
process_psr_3_messages: false
channels: ["!event", "!doctrine", "!console"]
when@test:
monolog:
handlers:
main:
type: fingers_crossed
action_level: error
handler: nested
excluded_http_codes: [404, 405]
channels: ["!event"]
nested:
type: stream
path: "%kernel.logs_dir%/%kernel.environment%.log"
level: debug
when@prod:
monolog:
handlers:
main:
type: fingers_crossed
action_level: error
handler: nested
excluded_http_codes: [404, 405]
buffer_size: 50 # How many messages should be saved? Prevent memory leaks
nested:
type: stream
path: php://stderr
level: debug
formatter: monolog.formatter.json
console:
type: console
process_psr_3_messages: false
channels: ["!event", "!doctrine"]
deprecation:
type: stream
channels: [deprecation]
path: php://stderr
formatter: monolog.formatter.json

12
config/packages/notifier.yaml 100644
View File

@ -0,0 +1,12 @@
framework:
notifier:
chatter_transports:
texter_transports:
channel_policy:
# use chat/slack, chat/telegram, sms/twilio or sms/nexmo
urgent: ['email']
high: ['email']
medium: ['email']
low: ['email']
admin_recipients:
- { email: admin@example.com }

12
config/packages/routing.yaml 100644
View File

@ -0,0 +1,12 @@
framework:
router:
utf8: true
# Configure how to generate URLs in non-HTTP contexts, such as CLI commands.
# See https://symfony.com/doc/current/routing.html#generating-urls-in-commands
#default_uri: http://localhost
when@prod:
framework:
router:
strict_requirements: null

40
config/packages/security.yaml 100644
View File

@ -0,0 +1,40 @@
security:
enable_authenticator_manager: true
# https://symfony.com/doc/current/security.html#registering-the-user-hashing-passwords
password_hashers:
Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface: 'auto'
# https://symfony.com/doc/current/security.html#loading-the-user-the-user-provider
providers:
users_in_memory: { memory: null }
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
lazy: true
provider: users_in_memory
# activate different ways to authenticate
# https://symfony.com/doc/current/security.html#the-firewall
# https://symfony.com/doc/current/security/impersonating_user.html
# switch_user: true
# Easy way to control access for large sections of your site
# Note: Only the *first* access control that matches will be used
access_control:
# - { path: ^/admin, roles: ROLE_ADMIN }
# - { path: ^/profile, roles: ROLE_USER }
when@test:
security:
password_hashers:
# By default, password hashers are resource intensive and take time. This is
# important to generate secure password hashes. In tests however, secure hashes
# are not important, waste resources and increase test times. The following
# reduces the work factor to the lowest possible values.
Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface:
algorithm: auto
cost: 4 # Lowest possible value for bcrypt
time_cost: 3 # Lowest possible value for argon
memory_cost: 10 # Lowest possible value for argon

7
config/packages/translation.yaml 100644
View File

@ -0,0 +1,7 @@
framework:
default_locale: en
translator:
default_path: '%kernel.project_dir%/translations'
fallbacks:
- en
providers:

6
config/packages/twig.yaml 100644
View File

@ -0,0 +1,6 @@
twig:
default_path: '%kernel.project_dir%/templates'
when@test:
twig:
strict_variables: true

13
config/packages/validator.yaml 100644
View File

@ -0,0 +1,13 @@
framework:
validation:
email_validation_mode: html5
# Enables validator auto-mapping support.
# For instance, basic validation constraints will be inferred from Doctrine's metadata.
#auto_mapping:
# App\Entity\: []
when@test:
framework:
validation:
not_compromised_password: false

15
config/packages/web_profiler.yaml 100644
View File

@ -0,0 +1,15 @@
when@dev:
web_profiler:
toolbar: true
intercept_redirects: false
framework:
profiler: { only_exceptions: false }
when@test:
web_profiler:
toolbar: false
intercept_redirects: false
framework:
profiler: { collect: false }

5
config/preload.php 100644
View File

@ -0,0 +1,5 @@
<?php
if (file_exists(dirname(__DIR__).'/var/cache/prod/App_KernelProdContainer.preload.php')) {
require dirname(__DIR__).'/var/cache/prod/App_KernelProdContainer.preload.php';
}

3
config/routes.yaml 100644
View File

@ -0,0 +1,3 @@
#index:
# path: /
# controller: App\Controller\DefaultController::index

6
config/routes/annotations.yaml 100644
View File

@ -0,0 +1,6 @@
controllers:
resource: ../../src/OgBootBundle/Controller/
type: annotation
kernel:
resource: ../../src/Kernel.php
type: annotation

4
config/routes/framework.yaml 100644
View File

@ -0,0 +1,4 @@
when@dev:
_errors:
resource: '@FrameworkBundle/Resources/config/routing/errors.xml'
prefix: /_error

8
config/routes/web_profiler.yaml 100644
View File

@ -0,0 +1,8 @@
when@dev:
web_profiler_wdt:
resource: '@WebProfilerBundle/Resources/config/routing/wdt.xml'
prefix: /_wdt
web_profiler_profiler:
resource: '@WebProfilerBundle/Resources/config/routing/profiler.xml'
prefix: /_profiler

27
config/services.yaml 100644
View File

@ -0,0 +1,27 @@
# This file is the entry point to configure your own services.
# Files in the packages/ subdirectory configure your dependencies.
# Put parameters here that don't need to change on each machine where the app is deployed
# https://symfony.com/doc/current/best_practices.html#use-parameters-for-application-configuration
parameters:
services:
# default configuration for services in *this* file
_defaults:
autowire: true # Automatically injects dependencies in your services.
autoconfigure: true # Automatically registers your services as commands, event subscribers, etc.
# makes classes in src/ available to be used as services
# this creates a service per class whose id is the fully-qualified class name
App\:
resource: '../src/'
exclude:
- '../src/DependencyInjection/'
- '../src/Entity/'
- '../src/Kernel.php'
# add more service definitions when explicit configuration is needed
# please note that last definitions always *replace* previous ones
App\OgBootBundle\Controller\:
resource: '../src/OgBootBundle/Controller'
tags: ['controller.service_arguments']

0
lib/ogfunctions.sh 100644 → 100755
View File

9
tftpboot/ipxe_scripts/templates/pxe 100644
View File

@ -0,0 +1,9 @@
#!ipxe
set timeout 0
set timeout-style hidden
set ISODIR ogLive
set default 0
set kernelargs __INFOHOST__
kernel tftp://__SERVERIP__/ogLive/ogvmlinuz ${kernelargs}
initrd tftp://__SERVERIP__/ogLive/oginitrd.img