~paulgear/charms/trusty/quassel-core/trunk

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
#!/bin/sh
# This hook runs when the config has changed
set -eux

# A large portion of this script is derived from the package configure script.

# some variables - defined by quassel-core package
QUASSEL_GROUP=quassel
QUASSEL_USER=quasselcore
QUASSEL_HOME=/var/lib/quassel
QUASSEL_LOG=/var/log/quassel
CERT=$QUASSEL_HOME/quasselCert.pem
SVC=quasselcore
CFG=/etc/default/$SVC
LOGROT=/etc/logrotate.d/quassel-core


if [ ! -d "$QUASSEL_HOME" ]; then
    # called before package configuration has completed; do nothing
    echo "$QUASSEL_HOME directory does not exist; exiting"
    exit 1
fi

if [ -z "$(getent passwd $QUASSEL_USER)" ]; then
    # called before package configuration has completed; do nothing
    echo "$QUASSEL_USER user does not exist; exiting"
    exit 1
fi

if [ -z "$(getent group $QUASSEL_GROUP)" ]; then
    # called before package configuration has completed; do nothing
    echo "$QUASSEL_GROUP group does not exist; exiting"
    exit 1
fi

# check certificate - if number of key bits has changed, regenerate it
certificate_days=$(config-get certificate-days)
key_size=$(config-get key-size)

if [ -e $CERT ]; then
    bits=$(openssl rsa -in $CERT -text 2>&1 | grep '^Private-Key:' | grep -Eo '[0-9]+')
    if [ "$bits" -ne "$key_size" ]; then
	# key size changed - remove certificate
	echo "$CERT is $bits bits - need $key_size bits; removing"
	rm -f $CERT
    fi
fi

if [ ! -e $CERT ]; then
    echo "Generating SSL certificate $CERT - $key_size bits, validity $certificate_days days"
    openssl req -x509 -nodes -batch -days $certificate_days -newkey rsa:$key_size -keyout $CERT \
	-out $CERT
    chown $QUASSEL_USER:$QUASSEL_GROUP $CERT
    chmod 640 $CERT
fi

# check quassel configuration
listen_port=$(config-get listen-port)
log_level=$(config-get log-level)

newconfigreqd=0
if [ ! -e $CFG ]; then
    # new install - create configuration and open port
    newconfigreqd=1
    open-port $listen_port
else
    # existing configuration
    port=$(grep '^PORT=' $CFG | grep -Eo '[0-9]+')
    if [ "$port" -ne "$listen_port" ]; then
	close-port $port
	open-port $listen_port
	newconfigreqd=1
    fi
    levelnow=$(grep '^LOGLEVEL=' $CFG | cut -d= -f2 | cut -d\" -f2 | tr '[A-Z]' '[a-z]')
    levelcfg=$(echo $log_level | tr '[A-Z]' '[a-z]')
    if [ "$levelnow" != "$levelcfg" ]; then
	newconfigreqd=1
    fi
fi

# create a new configuration, if required
restartreqd=0
if [ "$newconfigreqd" -eq 1 ]; then
    restartreqd=1
    rm -f $CFG
    cat > $CFG <<EOF
# Defaults for $SVC initscript
# sourced by /etc/init.d/$SVC

# This file is managed by the quassel-core juju charm - do not edit here

# Loglevel Debug|Info|Warning|Error. Default is: Info
LOGLEVEL="$log_level"

# The port $SVC will listen at. Default is: 4242
PORT="$listen_port"
EOF
    chmod 644 $CFG
fi

# restart quassel-core, if required
if [ "$restartreqd" -eq 1 ]; then
    service $SVC restart || service $SVC start
fi

# overwrite logrotate configuration
log_keep_days=$(config-get log-keep-days)
rm -f $LOGROT
cat > $LOGROT <<EOF
# This file is managed by the quassel-core juju charm - do not edit here
/var/log/quassel/core.log {
        rotate $log_keep_days
	daily
	dateext
	compress
	delaycompress
	copytruncate
	missingok
	notifempty
}
EOF
chmod 644 $LOGROT