Everbrent/cis
8
0
Fork 0
mirror of https://github.com/m8tin/cis.git synced 2026-06-02 14:56:58 +02:00
Code Issues Packages Projects Releases Wiki Activity

setup composition-sync

Browse Source
This commit is contained in:
m8in
2026-04-19 23:09:15 +02:00
parent d16b2706d6
commit 65efb9481b
4 changed files with 75 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.gitignore
+3
View File
@@ -15,6 +15,9 @@
!/definitions/default/monitor/ !/definitions/default/monitor/
/definitions/default/monitor/* /definitions/default/monitor/*
!/definitions/default/monitor/checks/ !/definitions/default/monitor/checks/
!/definitions/default/script/
/definitions/default/script/*
!/definitions/default/script/all/
# 2.) Ignore all content of 'states', except file README.md # 2.) Ignore all content of 'states', except file README.md
/states/* /states/*
definitions/default/script/all/etc/sudoers.d/allow-composition-sync-send
+10
View File
@@ -0,0 +1,10 @@
# Definition: 2 mandantory parameter, 3. and 4. are optional
# [[:space:]]+ -> Expects at least on space character
# ( ... )? -> defines the group as optional
Cmnd_Alias C_COMPOSITION_SYNC = \
/cis/script/host/zfs/composition-sync/sync-send.sh \
^[a-zA-Z0-9][a-zA-Z0-9._-]* \
[a-zA-Z0-9][a-zA-Z0-9_-]* \
([a-zA-Z0-9][a-zA-Z0-9._:-]*)? \
([a-zA-Z0-9][a-zA-Z0-9._:-]*)?$
composition-sync ALL = (root) NOPASSWD: C_COMPOSITION_SYNC
script/host/zfs/composition-sync/setupCompositionReceivingHost.sh
Executable
+35
View File
@@ -0,0 +1,35 @@
#!/bin/bash
[ "$(id -u)" != "0" ] \
&& sudo "${0}" \
&& exit 0
_SETUP="$(readlink -f "${0}" 2> /dev/null)"
# Folders always ends with an tailing '/'
_CIS_ROOT="${_SETUP%%/script/host/zfs/composition-sync/*}/" #Removes longest matching pattern '/script/host/zfs/composition-sync/*' from the end
_DOMAIN="$("${_CIS_ROOT:?"Missing CIS_ROOT"}core/printOwnDomain.sh")"
_DEFINITIONS="${_CIS_ROOT:?"Missing CIS_ROOT"}definitions/${_DOMAIN:?"Missing DOMAIN"}/"
function checkPreconditions() {
[ -d "${_DEFINITIONS:?"Missing DEFINITIONS"}compositions" ] \
&& return 0
echo "No folder for your defined composition settings found: ${_DEFINITIONS:?"Missing DEFINITIONS"}compositions"
echo "Please create it and add your custom composition settings in there, following this convention:"
echo " 1.) './NAME_OF_THE_COMPOSITION/current-host' containing one line with the FQDN of the host running the composition."
echo " 2.) './NAME_OF_THE_COMPOSITION/composition-sync-hosts' containing a list of hosts receiving the composition, one host with its FQDN per line."
return 1
}
echo "Setup the host that receives the composition of others ... " \
&& checkPreconditions \
&& exit 0
exit 1
script/host/zfs/composition-sync/setupCompositionRunningHost.sh
Executable
+27
View File
@@ -0,0 +1,27 @@
#!/bin/bash
[ "$(id -u)" != "0" ] \
&& sudo "${0}" \
&& exit 0
_SETUP="$(readlink -f "${0}" 2> /dev/null)"
# Folders always ends with an tailing '/'
_CIS_ROOT="${_SETUP%%/script/host/zfs/composition-sync/*}/" #Removes longest matching pattern '/script/host/zfs/composition-sync/*' from the end
_CORE_SCRIPTS="${_CIS_ROOT:?"Missing CIS_ROOT"}core/"
_DOMAIN="$("${_CIS_ROOT:?"Missing CIS_ROOT"}core/printOwnDomain.sh")"
_DEFINITIONS="${_CIS_ROOT:?"Missing CIS_ROOT"}definitions/${_DOMAIN:?"Missing DOMAIN"}/"
echo "Setup the user and permission to enable syncing compositions of this host ... " \
&& "${_CORE_SCRIPTS:?"Missing CORE_SCRIPTS"}addNormalUser.sh" composition-sync \
&& echo \
&& "${_CORE_SCRIPTS:?"Missing CORE_SCRIPTS"}defineAuthorizedKeysOfUser.sh" "${_DEFINITIONS}" composition-sync \
&& echo \
&& "${_CORE_SCRIPTS:?"Missing CORE_SCRIPTS"}ensureUsageOfDefinitions.sh" "${_DEFINITIONS}" /etc/sudoers.d/allow-composition-sync-send \
&& exit 0
exit 1