Further development into CIS (core infrastructure system)

2025-12-06 07:48:26 +01:00 · 2025-11-27 20:42:38 +01:00
parent 3ea1ac0915
commit 0998b59fa7
15 changed files with 570 additions and 267 deletions
--- a/setupCoreOntoThisHost.sh
+++ b/setupCoreOntoThisHost.sh
@@ -6,6 +6,12 @@



+# Folders always ends with an tailing '/'
+_SETUP="$(readlink -f "${0}" 2> /dev/null)"
+_CIS_ROOT="${_SETUP%/setupCoreOntoThisHost.sh}/"             #Removes shortest matching pattern '/setupCoreOntoThisHost.sh' from the end
+_CORE_SCRIPTS="${_CIS_ROOT:?"Missing CIS_ROOT"}core/"
+
+

 function checkPathsAreAvaiable() {
    grep --version &> /dev/null \
@@ -31,22 +37,21 @@ function checkGitIsAvailable() {
 }

 function checkPreconditions() {
-    local _ROOT _DOMAIN
-    _ROOT="${1:?"Missing parameter ROOT"}"
-    _DOMAIN="${2}" # Optional parameter DOMAIN
-    readonly _ROOT _DOMAIN
+    local _DOMAIN
+    _DOMAIN="${1}" # Optional parameter DOMAIN
+    readonly _DOMAIN

    ! [ -z "${_DOMAIN}" ] \
        && [ "$(hostname -d)" != "${_DOMAIN}" ] \
        && echo \
-        && echo "WARNING: system-domain DOES NOT MATCH domainOfHostOwner: '$(hostname -d)' != '${_DOMAIN}'" \
+        && echo "WARNING: system-domain DOES NOT MATCH overrideOwnDomain: '$(hostname -d)' != '${_DOMAIN}'" \
        && echo

    # Given domain verfügbar (nicht leer)
    ! [ -z "${_DOMAIN}" ] \
        && checkPathsAreAvaiable \
        && checkGitIsAvailable \
-        && git -C "${_ROOT}" pull &> /dev/null \
+        && git -C "${_CIS_ROOT:?"Missing CIS_ROOT"}" pull &> /dev/null \
        && return 0

    echo
@@ -69,63 +74,65 @@ function checkPreconditions() {
 }

 function getOrSetDomain() {
-    local _ROOT _DOMAIN_FILE _GIVEN_DOMAIN
-    _ROOT="${1:?"Missing parameter ROOT"}"
-    _DOMAIN_FILE="${_ROOT:?"Missing ROOT"}domainOfHostOwner"
-    _GIVEN_DOMAIN="${2}" # Optional parameter DOMAIN
-    readonly _ROOT _DOMAIN_FILE _GIVEN_DOMAIN
+    local _CURRENT_DOMAIN _GIVEN_DOMAIN _OVERRIDE_DOMAIN_FILE
+    _CURRENT_DOMAIN="$("${_CORE_SCRIPTS:?"Missing CORE_SCRIPTS"}printOwnDomain.sh")"
+    _GIVEN_DOMAIN="${1}" # Optional parameter DOMAIN
+    _OVERRIDE_DOMAIN_FILE="${_CIS_ROOT:?"Missing CIS_ROOT"}overrideOwnDomain"
+    readonly _CURRENT_DOMAIN _GIVEN_DOMAIN _OVERRIDE_DOMAIN_FILE

-    # Wenn DOMAIN_FILE enhält lesbare Daten
-    grep '[^[:space:]]' "${_DOMAIN_FILE:?"Missing DOMAIN_FILE"}" &> /dev/null \
-        && cat "${_DOMAIN_FILE}" \
+    ! [ -z "${_CURRENT_DOMAIN}" ] \
+        && [ -z "${_GIVEN_DOMAIN}" ] \
+        && echo "${_CURRENT_DOMAIN}" \
        && return 0

-    # Der boot-hostname muss mindestens einen Punkt enthalten, dann wird die hintere Hälfte als Domain genommen
-    hostname -b | grep "\." | cut -d. -f2- > "${_DOMAIN_FILE}"
-    grep '[^[:space:]]' "${_DOMAIN_FILE}" &> /dev/null \
-        && cat "${_DOMAIN_FILE}" \
+    ! [ -z "${_CURRENT_DOMAIN}" ] \
+        && [ "${_CURRENT_DOMAIN}" == "${_GIVEN_DOMAIN}" ] \
+        && echo "${_CURRENT_DOMAIN}" \
        && return 0

-    # Given domain is set (nicht leer)
-    ! [ -z "${_GIVEN_DOMAIN}" ] \
+    # If there is a given domain it will be set or it will override the current one
+    [ -z "${_CURRENT_DOMAIN}" ] \
+        && ! [ -z "${_GIVEN_DOMAIN}" ] \
        && [ "$(id -u)" == "0" ] \
+        && echo "Setting hostname to: $(hostname -s).${_GIVEN_DOMAIN}" >&2 \
        && hostnamectl set-hostname "$(hostname -s).${_GIVEN_DOMAIN}" \
-        && hostname -b | grep "\." | cut -d. -f2- > "${_DOMAIN_FILE}" \
-        && grep '[^[:space:]]' "${_DOMAIN_FILE}" &> /dev/null \
-        && cat "${_DOMAIN_FILE}" \
+        && echo "${_GIVEN_DOMAIN}" \
+        && return 0
+
+    ! [ -z "${_GIVEN_DOMAIN}" ] \
+        && echo "Overwriting domain to: ${_GIVEN_DOMAIN}" >&2 \
+        && echo "${_GIVEN_DOMAIN}" > "${_OVERRIDE_DOMAIN_FILE}" \
+        && echo "${_GIVEN_DOMAIN}" \
        && return 0

    return 1
 }

 function getRemoteRepositoryPath() {
-    local _ROOT
-    _ROOT="${1:?"Missing parameter ROOT"}"
-    readonly _ROOT
-
-    _RESULT="$(git -C "${_ROOT:?"Missing ROOT"}" remote show origin | grep -i 'fetch' | xargs -n 1 | grep -i 'ssh://')"
-    _RESULT="${_RESULT%/*}"                        #Removes shortest matching pattern '/*' from the end
-    ! [ -z "${_RESULT}" ] \
-        && echo "${_RESULT}" \
+    _REPOSITORY="$(git -C "${_CIS_ROOT:?"Missing CIS_ROOT"}" config --get remote.origin.url 2> /dev/null | grep -i 'git@')"
+    _PATH="${_REPOSITORY%/*}"                        #Removes shortest matching pattern '/*' from the end
+    ! [ -z "${_PATH}" ] \
+        && echo "${_PATH}/" \
        && return 0

    return 1
 }

 function addDefinition(){
-    local _ROOT _CORE_SCRIPTS _DEFINITIONS _REPOSITORY
-    _DEFINITIONS="${1:?"Missing parameter DEFINITIONS"}"
-    _REPOSITORY="${2:?"Missing parameter REPOSITORY"}"
-    _ROOT="${_DEFINITIONS%%/definitions/*}/"   #Removes longest  matching pattern '/definitions/*' from the end
-    _CORE_SCRIPTS="${_ROOT:?"Missing ROOT"}core/"
-    readonly _ROOT _CORE_SCRIPTS _DEFINITIONS _REPOSITORY
+    local _DEFINITIONS _REPOSITORY
+    _DEFINITIONS="${1:?"Missing first parameter DEFINITIONS"}"
+    _REPOSITORY="$(getRemoteRepositoryPath)cis-definition-${2:?"Missing second parameter DOMAIN"}.git"
+    readonly _DEFINITIONS _REPOSITORY
+
    [ "$(id -u)" == "0" ] \
-        && "${_CORE_SCRIPTS:?"Missing CORE_SCRIPTS"}addAndCheckGitRepository.sh" "${_DEFINITIONS}" "${_REPOSITORY}" readonly \
+        && echo "Running setup as 'root' trying to add definition repository:" \
+        && "${_CORE_SCRIPTS:?"Missing CORE_SCRIPTS"}addAndCheckGitRepository.sh" "${_DEFINITIONS}" readonly "${_REPOSITORY}" \
        && echo "  - definitions are usable for this host." \
        && return 0

    [ "$(id -u)" != "0" ] \
-        && "${_CORE_SCRIPTS:?"Missing CORE_SCRIPTS"}addAndCheckGitRepository.sh" "${_DEFINITIONS}" "${_REPOSITORY}" writable \
+        && echo "Running setup as 'user' trying to add definition repository:" \
+        && "${_CORE_SCRIPTS:?"Missing CORE_SCRIPTS"}addAndCheckGitRepository.sh" "${_DEFINITIONS}" writable "${_REPOSITORY}" \
        && echo "  - definitions are usable, as working copy." \
        && return 0

@@ -133,20 +140,22 @@ function addDefinition(){
 }

 function addState() {
-    local _ROOT _CORE_SCRIPTS _STATES _REPOSITORY
-    _STATES="${1:?"Missing parameter STATES"}"
-    _REPOSITORY="${2:?"Missing parameter REPOSITORY"}"
-    _ROOT="${_STATES%%/states/*}/"             #Removes longest  matching pattern '/states/*' from the end
-    _CORE_SCRIPTS="${_ROOT:?"Missing ROOT"}core/"
-    readonly _ROOT _CORE_SCRIPTS _STATES _REPOSITORY
+    local _STATES _REPOSITORY
+    _STATES="${1:?"Missing first parameter STATES"}"
+    _REPOSITORY="$(getRemoteRepositoryPath)cis-state-${2:?"Missing second parameter DOMAIN"}.git"
+    readonly _STATES _REPOSITORY

    [ "$(id -u)" == "0" ] \
-        && "${_CORE_SCRIPTS:?"Missing CORE_SCRIPTS"}addAndCheckGitRepository.sh" "${_STATES}" "${_REPOSITORY}" writable \
+        && echo "Running setup as 'root' trying to add state repository:" \
+        && echo \
+        && "${_CORE_SCRIPTS:?"Missing CORE_SCRIPTS"}addAndCheckGitRepository.sh" "${_STATES}" writable "${_REPOSITORY}" \
        && echo "  - states are usable for this host." \
        && return 0

    [ "$(id -u)" != "0" ] \
-        && "${_CORE_SCRIPTS:?"Missing CORE_SCRIPTS"}addAndCheckGitRepository.sh" "${_STATES}" "${_REPOSITORY}" writable \
+        && echo "Running setup as 'user' trying to add state repository:" \
+        && echo \
+        && "${_CORE_SCRIPTS:?"Missing CORE_SCRIPTS"}addAndCheckGitRepository.sh" "${_STATES}" writable "${_REPOSITORY}" \
        && echo "  - states are usable, as working copy." \
        && return 0

@@ -154,13 +163,10 @@ function addState() {
 }

 function setupCoreFunctionality() {
-    local _ROOT _CORE_SCRIPTS _DEFINITIONS _MINUTE_FROM_OWN_IP _SETUP
+    local _DEFINITIONS _MINUTE_FROM_OWN_IP
    _DEFINITIONS="${1:?"Missing DEFINITIONS: 'ROOT/definitions/DOMAIN'"}"
-    _ROOT="${_DEFINITIONS%%/definitions/*}/"   #Removes longest  matching pattern '/definitions/*' from the end
-    _CORE_SCRIPTS="${_ROOT:?"Missing ROOT"}core/"
-    _MINUTE_FROM_OWN_IP="$(hostname -I | xargs -n 1 | grep -F . | head -n 1 | cut -d. -f4 || echo 0)" #uses last value from first own ipv4 or 0 as minute value
-    _SETUP="${2:?"Missing SETUP"}"
-    readonly _ROOT _CORE_SCRIPTS _DEFINITIONS _MINUTE_FROM_OWN_IP _SETUP
+    _MINUTE_FROM_OWN_IP="$(hostname -I | xargs -n 1 | grep -F '.' | head -n 1 | cut -d. -f4 || echo 0)" #uses last value from first own ipv4 or 0 as minute value
+    readonly _DEFINITIONS _MINUTE_FROM_OWN_IP

    [ "$(id -u)" != "0" ] \
        && echo "Configuration of host skipped because of insufficient rights." \
@@ -176,45 +182,39 @@ function setupCoreFunctionality() {
        && echo \
        && "${_CORE_SCRIPTS:?"Missing CORE_SCRIPTS"}ensureUsageOfDefinitions.sh" "${_DEFINITIONS}" /etc/sudoers.d/allow-jenkins-updateRepositories \
        && echo \
-        && "${_CORE_SCRIPTS:?"Missing CORE_SCRIPTS"}addToCrontabEveryHour.sh" "${_SETUP}" "${_MINUTE_FROM_OWN_IP}" \
+        && "${_CORE_SCRIPTS:?"Missing CORE_SCRIPTS"}addToCrontabEveryHour.sh" "${_SETUP:?"Missing SETUP"}" "${_MINUTE_FROM_OWN_IP}" \
        && return 0

    return 1
 }

 function setup() {
-    local _ROOT _DEFINITIONS _DEFINITIONS_REPOSITORY _DOMAIN _REPOSITORY_PATH _SETUP _STATES _STATES_REPOSITORY
-    _SETUP="$(readlink -f "${0}" 2> /dev/null)"
-    _ROOT="$(dirname ${_SETUP:?"Missing SETUP"} 2> /dev/null || echo "/iss")/"
-    _DOMAIN="$(getOrSetDomain "${_ROOT:?"Missing ROOT"}" "${1}")"
-    _REPOSITORY_PATH="$(getRemoteRepositoryPath "${_ROOT:?"Missing ROOT"}")"
+    local _DEFINITIONS _DOMAIN _STATES
+    _DOMAIN="$(getOrSetDomain "${1}")"

-    ! checkPreconditions "${_ROOT:?"Missing ROOT"}" "${_DOMAIN}" \
+    ! checkPreconditions "${_DOMAIN}" \
        && return 1

-    _DEFINITIONS="${_ROOT:?"Missing ROOT"}definitions/${_DOMAIN:?"Missing DOMAIN"}"
-    _DEFINITIONS_REPOSITORY="${_REPOSITORY_PATH:?"Missing REPOSITORY_PATH"}/iss-definition-${_DOMAIN:?"Missing DOMAIN"}.git"
-    _STATES="${_ROOT:?"Missing ROOT"}states/${_DOMAIN:?"Missing DOMAIN"}"
-    _STATES_REPOSITORY="${_REPOSITORY_PATH:?"Missing REPOSITORY_PATH"}/iss-state-${_DOMAIN:?"Missing DOMAIN"}.git"
-    readonly _ROOT _DEFINITIONS _DEFINITIONS_REPOSITORY _DOMAIN _REPOSITORY_PATH _SETUP _STATES _STATES_REPOSITORY
+    _DEFINITIONS="${_CIS_ROOT:?"Missing CIS_ROOT"}definitions/${_DOMAIN:?"Missing DOMAIN"}"
+    _STATES="${_CIS_ROOT:?"Missing CIS_ROOT"}states/${_DOMAIN:?"Missing DOMAIN"}"
+    readonly _DEFINITIONS _DOMAIN _STATES

    echo \
-        && echo "Running setup using repositories of: '${_REPOSITORY_PATH:?"Missing REPOSITORY_PATH"}' ..." \
+        && addDefinition "${_DEFINITIONS:?"Missing DEFINITIONS"}" "${_DOMAIN:?"Missing DOMAIN"}" \
        && echo \
-        && addDefinition "${_DEFINITIONS:?"Missing DEFINITIONS"}" "${_DEFINITIONS_REPOSITORY:?"Missing DEFINITIONS_REPOSITORY"}" \
-        && echo \
-        && addState "${_STATES:?"Missing STATES"}" "${_STATES_REPOSITORY:?"Missing STATES_REPOSITORY"}" \
+        && addState "${_STATES:?"Missing STATES"}" "${_DOMAIN:?"Missing DOMAIN"}" \
        && echo \
        && echo "Using definitions: '${_DEFINITIONS:?"Missing DEFINITIONS"}' ..." \
-        && setupCoreFunctionality "${_DEFINITIONS:?"Missing DEFINITIONS"}" "${_SETUP:?"Missing SETUP"}" \
+        && setupCoreFunctionality "${_DEFINITIONS:?"Missing DEFINITIONS"}" \
        && return 0

-    echo "FAIL: setup is incomplete:                        ("$(readlink -f ${0})")"
-    echo "  - due to an error or insufficient rights."
+    echo "FAIL: setup is incomplete:                         ("$(readlink -f ${0})")" >&2
+    echo "  - due to an error or insufficient rights." >&2
    return 1
 }

 # sanitizes all parameters
-setup \
-    "$(echo ${1} | sed -E 's|[^a-zA-Z0-9/:@._-]*||g')" \
-    && exit 0 || exit 1
+setup "$(echo ${1} | sed -E 's|[^a-zA-Z0-9/:@._-]*||g')" \
+    && exit 0
+
+exit 1