Verified Commit 3e6a8432 authored by Florian Pritz's avatar Florian Pritz
Browse files

dbscripts: Generate rsyncd.secrets from DB



Signed-off-by: Florian Pritz's avatarFlorian Pritz <bluewind@xinu.at>
parent 2e0cd7f8
......@@ -5,6 +5,8 @@ use warnings;
use DBI;
use Data::Dumper;
umask 077;
# TODO put these into credentials.ini and use Config::Simple to read it
my $user = '{{ archweb_db_dbscripts_user }}';
my $pass = '{{ vault_archweb_db_dbscripts_password }}';
......@@ -13,6 +15,7 @@ my $db = 'DBI:Pg:dbname={{ archweb_db }};host={{ archweb_db_host }}{% if postgre
my $scriptdir="/etc/rsyncd-conf-genscripts";
my $infile="$scriptdir/rsyncd.conf.proto";
my $outfile="/etc/rsyncd.conf";
my $secrets_file = "/etc/rsyncd.secrets";
my $query = 'SELECT mrs.ip FROM mirrors_mirrorrsync mrs LEFT JOIN mirrors_mirror m ON mrs.mirror_id = m.id WHERE tier = 1 ORDER BY ip';
......@@ -35,7 +38,6 @@ while (my @ipaddr = $sth->fetchrow_array) {
push @whitelist_ips, $ipaddr[0]
}
$dbh->disconnect;
open (my $fh, "<", $infile) or die "Failed to open '$infile': $!";
my @data = <$fh>;
......@@ -47,3 +49,13 @@ for (@data) {
}
burp($outfile, @data);
my @credentials = @{$dbh->selectall_arrayref("SELECT rsync_user, rsync_password FROM mirrors_mirror where tier = 1 and rsync_user != ''", {Slice=>{}})};
my $secrets_data = "";
for my $elem (@credentials) {
$secrets_data .= sprintf "%s:%s\n", @{$elem}{qw(rsync_user rsync_password)};
}
burp($secrets_file, $secrets_data);
$dbh->disconnect;
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment