sipwise
/
ngcpcfg
mirror of https://github.com/sipwise/ngcpcfg.git
1
0
Fork 0
Code Issues Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'mr10.5'
${ noResults }
ngcpcfg/scripts/decrypt

126 lines
3.2 KiB
Raw Permalink Blame History

#!/bin/bash
# Purpose: decrypt ngcp configuration archive
################################################################################
set -e
set -u
set -o pipefail
# helper functions {{{
# sadly we can't source ${FUNCTIONS}/main as we are missing a bunch of
# configuration files that are supposed to be available, therefore
# provide the main functions we need for successful execution of the
# decrypt function
# support for testsuite, assume defaults if unset
FUNCTIONS="${FUNCTIONS:-/usr/share/ngcp-ngcpcfg/functions/}"
HELPER="${HELPER:-/usr/share/ngcp-ngcpcfg/helper/}"
timestamp_replacementchars='' # unset by default
console_output() {
if [ -z "${TIME_FORMAT:-}" ] ; then
printf -- "%b" "$*"
return 0
fi
local timestamp
timestamp="$(date "${TIME_FORMAT}")"
# indent depending on number of characters in date output
timestamp_replacementchars="$(printf -- "%s: " "${timestamp}" | sed 's/./ /g')"
printf -- "%b" "${timestamp}: $*"
}
log_info() {
logger -t ngcpcfg --id="${NGCPCFG_PID}" -- "$*"
console_output "$*\n"
}
# info without ending newline
log_info_n() {
logger -t ngcpcfg --id="${NGCPCFG_PID}" -- "$*"
console_output "$*"
}
log_warn() {
logger -t ngcpcfg --id="${NGCPCFG_PID}" -- "Warning: $*"
console_output "Warning: $*\n"
}
log_error() {
logger -t ngcpcfg --id="${NGCPCFG_PID}" -- "Error: $*"
console_output "Error: $*\n" >&2
}
log_debug() {
if [ -n "${DEBUG:-}" ] ; then
logger -t ngcpcfg --id="${NGCPCFG_PID}" -- "Debug: $*"
console_output "DEBUG: $*\n"
fi
}
# }}}
setup_shared_config() {
if ! [ -d /mnt/glusterfs/mgmt-share ] ; then
log_warn "Looks like glusterfs is not running, can not install it automatically.
Please execute the following command on one node
as soon as glusterfs share is mounted again:
git clone --bare /etc/ngcp-config /mnt/glusterfs/ngcpcfg-share
${HELPER}/restore-permissions /mnt/glusterfs/ngcpcfg-share
"
return 0
fi
if [ -d /mnt/glusterfs/ngcpcfg-share ] ; then
log_info "Shared storage exists already, ignoring request to (re)install it."
else
log_info "Copying git repository to shared storage."
git clone --bare /etc/ngcp-config /mnt/glusterfs/ngcpcfg-share | sed "s/^/${timestamp_replacementchars}/"
"${HELPER}"/restore-permissions /mnt/glusterfs/ngcpcfg-share
fi
}
# main script
if ! type -p gpg &>/dev/null ; then
log_error "gpg binary not found, exiting."
exit 1
fi
RC=0
TARGZ=/etc/ngcp-config-crypted.tgz
# ensure created files can be read by root only
umask 066
if ! gpg -d "${TARGZ}".gpg > "${TARGZ}" ; then
log_error "Error while decrypting ${TARGZ}.gpg"
RC=1
else
cd / # important to extract files at according place
if tar zxf "${TARGZ}" ; then
log_info "Successfully restored configuration archive ${TARGZ}.gpg"
log_info "Now you should be able to run 'ngcpcfg apply' again."
else
log_error "Error while restoring ${TARGZ}.gpg"
RC=1
fi
fi
# only for PRO/CARRIER
if [ -r "${FUNCTIONS}"/ha_features ] ; then
setup_shared_config
else
log_info "Ignoring shared configuration (PRO/CARRIER only)."
fi
# don't leave the unencrypted archive behind
rm -f "${TARGZ}"
exit "${RC}"
## END OF FILE #################################################################
Reference in new issue View Git Blame Copy Permalink