|
0
|
1 local Luan = require "luan:Luan.luan"
|
|
|
2 local error = Luan.error
|
|
|
3 local pairs = Luan.pairs or error()
|
|
|
4 local ipairs = Luan.ipairs or error()
|
|
|
5 local parse = Luan.parse or error()
|
|
|
6 local stringify = Luan.stringify or error()
|
|
|
7 local Io = require "luan:Io.luan"
|
|
|
8 local uri = Io.uri or error()
|
|
|
9 local output_of = Io.output_of or error()
|
|
|
10 local print_to = Io.print_to or error()
|
|
|
11 local String = require "luan:String.luan"
|
|
|
12 local trim = String.trim or error()
|
|
|
13 local Logging = require "luan:logging/Logging.luan"
|
|
|
14 local logger = Logging.logger "update_repositories"
|
|
|
15
|
|
|
16 uri("file:repos").mkdir()
|
|
|
17 uri("file:logs").mkdir()
|
|
|
18 uri("file:config").mkdir()
|
|
|
19
|
|
|
20 local config
|
|
|
21 local config_file = uri "file:config/config.luano"
|
|
|
22 if config_file.exists() then
|
|
|
23 config = parse( config_file.read_text() )
|
|
|
24 else
|
|
|
25 config = { users={}, repos={} }
|
|
|
26 config_file.write_text( stringify(config).."\n" )
|
|
|
27 end
|
|
|
28 local repos = config.repos
|
|
|
29 for name, repo in pairs(repos) do
|
|
|
30 repo.name = name
|
|
|
31 end
|
|
|
32
|
|
|
33 local ROOTPWD = uri("file:.").canonical().to_string()
|
|
|
34 local repohome = uri("file:repos").canonical().to_string()
|
|
|
35 local logsdir = uri("file:logs").canonical().to_string()
|
|
|
36 local nginxauthdir = uri("file:config/nginx").canonical().to_string()
|
|
|
37
|
|
|
38 -- init new repositories
|
|
|
39 for repo in pairs(repos) do
|
|
|
40 if not uri("file:repos/"..repo).exists() then
|
|
|
41 logger.info("creating repo "..repo)
|
|
9
|
42 uri("bash:/usr/local/bin/hg init 'repos/"..repo.."'").read_text()
|
|
0
|
43 end
|
|
|
44 end
|
|
|
45 -- delete unused repos
|
|
|
46 for _, child in ipairs( uri("file:repos").children() ) do
|
|
|
47 local name = child.name()
|
|
|
48 if repos[name] == nil then
|
|
|
49 logger.info("deleting repo "..name)
|
|
|
50 child.delete()
|
|
|
51 end
|
|
|
52 end
|
|
|
53
|
|
|
54 -- update hg config
|
|
|
55 uri("file:config/web.config").write_text( output_of( function() %>
|
|
|
56 [web]
|
|
|
57 allow_push = *
|
|
|
58 push_ssl = false
|
|
|
59 staticurl = /hg/static
|
|
|
60 [paths]
|
|
|
61 /repo/ = <%=repohome%>/*
|
|
|
62 <% end_function ) )
|
|
|
63
|
|
|
64 -- update nginx config
|
|
|
65 uri("file:config/nginx.conf").write_text( output_of( function() %>
|
|
|
66 location /hg/static/ {
|
|
|
67 alias <%=ROOTPWD%>/templates/static/;
|
|
|
68 }
|
|
|
69
|
|
|
70 location /admin/ {
|
|
|
71 auth_basic_user_file <%=nginxauthdir%>/_all.pass;
|
|
|
72 auth_basic "Restricted";
|
|
|
73 proxy_pass http://127.0.0.1:8080;
|
|
|
74 }
|
|
|
75
|
|
|
76 location /private/ {
|
|
|
77 auth_basic_user_file <%=nginxauthdir%>/_private.pass;
|
|
|
78 auth_basic "Restricted";
|
|
|
79 proxy_pass http://127.0.0.1:8080;
|
|
|
80 }
|
|
|
81
|
|
|
82 <% for _, repo in pairs(repos) do %>
|
|
|
83 location /repo/<%=repo.name%>/
|
|
|
84 {
|
|
|
85 set $auth "off";
|
|
|
86 auth_basic_user_file <%=nginxauthdir%>/<%=repo.name%>.pass;
|
|
|
87 if ($request_method = POST ) {
|
|
|
88 set $auth "Restricted";
|
|
|
89 }
|
|
|
90 access_log <%=logsdir%>/<%=repo.name%>_access_log;
|
|
|
91 error_log <%=logsdir%>/<%=repo.name%>_error_log;
|
|
|
92 <% if repo.mode=="private" then %>
|
|
|
93 if ($request_method = GET ) {
|
|
|
94 set $auth "Restricted";
|
|
|
95 }
|
|
|
96 <% end %>
|
|
|
97 auth_basic $auth;
|
|
|
98 proxy_pass http://127.0.0.1:8090;
|
|
|
99 }
|
|
|
100 <% end
|
|
|
101 end_function ) )
|
|
|
102
|
|
|
103 -- passwords
|
|
|
104 local nginx_dir = uri("file:config/nginx")
|
|
|
105 nginx_dir.delete()
|
|
|
106 nginx_dir.mkdir()
|
|
|
107 local htpasswds = {}
|
|
|
108 do
|
|
|
109 local writer = nginx_dir.child("_all.pass").text_writer()
|
|
|
110 for user, password in pairs(config.users) do
|
|
|
111 local htpasswd = uri("bash:htpasswd -nb "..user.." "..password).read_text()
|
|
|
112 htpasswd = trim(htpasswd)
|
|
|
113 print_to( writer, htpasswd )
|
|
|
114 htpasswds[user] = htpasswd
|
|
|
115 end
|
|
|
116 writer.close()
|
|
|
117 end
|
|
|
118 for _, repo in pairs(repos) do
|
|
|
119 local writer = nginx_dir.child(repo.name..".pass").text_writer()
|
|
|
120 for _, user_name in ipairs(repo.users) do
|
|
|
121 local htpasswd = htpasswds[user_name] or error(user_name)
|
|
|
122 print_to( writer, htpasswd )
|
|
|
123 end
|
|
|
124 writer.close()
|
|
|
125 end
|
|
|
126 local private = config.private
|
|
|
127 if private == nil then
|
|
|
128 local all = nginx_dir.child("_all.pass")
|
|
|
129 local private = nginx_dir.child("_private.pass")
|
|
|
130 all.copy_to(private)
|
|
|
131 else
|
|
|
132 local writer = nginx_dir.child("_private.pass").text_writer()
|
|
|
133 for _, user_name in ipairs(private) do
|
|
|
134 local htpasswd = htpasswds[user_name] or error(user_name)
|
|
|
135 print_to( writer, htpasswd )
|
|
|
136 end
|
|
|
137 writer.close()
|
|
|
138 end
|
|
|
139
|
|
|
140 -- private
|
|
|
141 uri("file:src/private").mkdir()
|
|
|
142 do
|
|
|
143 local private_logs = uri "file:src/private/logs"
|
|
|
144 if not private_logs.exists() then
|
|
|
145 local logs = uri("file:logs").canonical()
|
|
|
146 logs.symlink_from(private_logs)
|
|
|
147 logger.info "linked to logs"
|
|
|
148 end
|
|
|
149 end
|
|
|
150 do
|
|
|
151 local private_config = uri "file:src/private/config"
|
|
|
152 if not private_config.exists() then
|
|
|
153 local config = uri("file:config").canonical()
|
|
|
154 config.symlink_from(private_config)
|
|
|
155 logger.info "linked to config"
|
|
|
156 end
|
|
|
157 end
|
