diff options
Diffstat (limited to 'core/modules/dnbd3-proxy-mode/data')
7 files changed, 218 insertions, 0 deletions
diff --git a/core/modules/dnbd3-proxy-mode/data/etc/systemd/system/dnbd3-proxy.service b/core/modules/dnbd3-proxy-mode/data/etc/systemd/system/dnbd3-proxy.service new file mode 100644 index 00000000..5896a1db --- /dev/null +++ b/core/modules/dnbd3-proxy-mode/data/etc/systemd/system/dnbd3-proxy.service @@ -0,0 +1,11 @@ +[Unit] +Description=DNBD3 proxy server +After=setup-dnbd3-proxy.service + +[Service] +User=dnbd3 +ExecStart=/opt/openslx/scripts/systemd-dnbd3_proxy +Restart=always +RestartSec=3 +TimeoutStopSec=10 +LimitNOFILE=65536 diff --git a/core/modules/dnbd3-proxy-mode/data/etc/systemd/system/dnbd3-proxy.target b/core/modules/dnbd3-proxy-mode/data/etc/systemd/system/dnbd3-proxy.target new file mode 100644 index 00000000..2d96a143 --- /dev/null +++ b/core/modules/dnbd3-proxy-mode/data/etc/systemd/system/dnbd3-proxy.target @@ -0,0 +1,4 @@ +[Unit] +Description=DNBD3 server running +Requires=multi-user.target +After=multi-user.target diff --git a/core/modules/dnbd3-proxy-mode/data/etc/systemd/system/dnbd3-proxy.target.requires/dnbd3-proxy.service b/core/modules/dnbd3-proxy-mode/data/etc/systemd/system/dnbd3-proxy.target.requires/dnbd3-proxy.service new file mode 100644 index 00000000..5c401615 --- /dev/null +++ b/core/modules/dnbd3-proxy-mode/data/etc/systemd/system/dnbd3-proxy.target.requires/dnbd3-proxy.service @@ -0,0 +1,10 @@ +[Unit] +Description=DNBD3 proxy server +After=network.target multi-user.target setup-dnbd3-proxy.service + +[Service] +User=dnbd3 +ExecStart=/opt/openslx/bin/dnbd3-server -n -c /etc/dnbd3 +Restart=always +RestartSec=1 +TimeoutStopSec=10 diff --git a/core/modules/dnbd3-proxy-mode/data/etc/systemd/system/dnbd3-proxy.target.requires/setup-dnbd3-proxy.service b/core/modules/dnbd3-proxy-mode/data/etc/systemd/system/dnbd3-proxy.target.requires/setup-dnbd3-proxy.service new file mode 100644 index 00000000..194db999 --- /dev/null +++ b/core/modules/dnbd3-proxy-mode/data/etc/systemd/system/dnbd3-proxy.target.requires/setup-dnbd3-proxy.service @@ -0,0 +1,7 @@ +[Unit] +Description=Setup DNBD3 proxy server +After=network.target multi-user.target + +[Service] +Type=oneshot +ExecStart=/opt/openslx/scripts/systemd-setup_dnbd3_proxy diff --git a/core/modules/dnbd3-proxy-mode/data/etc/systemd/system/setup-dnbd3-proxy.service b/core/modules/dnbd3-proxy-mode/data/etc/systemd/system/setup-dnbd3-proxy.service new file mode 100644 index 00000000..a7e6daa4 --- /dev/null +++ b/core/modules/dnbd3-proxy-mode/data/etc/systemd/system/setup-dnbd3-proxy.service @@ -0,0 +1,8 @@ +[Unit] +Description=DNBD3 proxy server config generator +After=setup-partitions.service + +[Service] +Type=oneshot +ExecStart=/opt/openslx/scripts/systemd-setup_dnbd3_proxy +RemainAfterExit=true diff --git a/core/modules/dnbd3-proxy-mode/data/opt/openslx/scripts/systemd-dnbd3_proxy b/core/modules/dnbd3-proxy-mode/data/opt/openslx/scripts/systemd-dnbd3_proxy new file mode 100755 index 00000000..4fbe1e6b --- /dev/null +++ b/core/modules/dnbd3-proxy-mode/data/opt/openslx/scripts/systemd-dnbd3_proxy @@ -0,0 +1,12 @@ +#!/bin/ash + +ERRLOG="/run/dnbd3-proxy.err" + +if [ -s "$ERRLOG" ]; then + exec $(which dnbd3-server) -n --errormsg "$(cat "$ERRLOG")" -c /etc/dnbd3-server +fi + +exec $(which dnbd3-server) -n -c /etc/dnbd3-server + +exit 1 + diff --git a/core/modules/dnbd3-proxy-mode/data/opt/openslx/scripts/systemd-setup_dnbd3_proxy b/core/modules/dnbd3-proxy-mode/data/opt/openslx/scripts/systemd-setup_dnbd3_proxy new file mode 100755 index 00000000..d39cbbc2 --- /dev/null +++ b/core/modules/dnbd3-proxy-mode/data/opt/openslx/scripts/systemd-setup_dnbd3_proxy @@ -0,0 +1,166 @@ +#!/bin/ash +# This scripts runs as root and prepares the configuration +# for the dnbd3 server (...) + +ERRLOG="/run/dnbd3-proxy.err" + +[ -s "$ERRLOG" ] && exit 0 # already ran and failed, don't do it again + +errormsg () { + echo "$@" >> "$ERRLOG" + slxlog -s -e "dnbd3-setup" "$@" +} + +# Get size of disk/device at given path, in kb +disksize () { + df -k "$1" | tail -n 1 | awk '{print $2}' +} + +# Creates the DNBD3 server configuration under DNBD3_CONF_DIR +DNBD3_CONF_DIR="/etc/dnbd3-server" +if ! mkdir -p "${DNBD3_CONF_DIR}"; then + errormsg "Failed to create '${DNBD3_CONF_DIR}'." +fi + +# Checks if the persistent partition (MBR-ID 45 / GPT-LABEL OpenSLX-ID45) +# is present, fallback to /tmp +DNBD3_BASE_DIR="/opt/openslx/persistent" +if grep -q "^/dev/.* ${DNBD3_BASE_DIR} .*rw" /proc/mounts \ + && [ -k "${DNBD3_BASE_DIR}/data" ] \ + && [ "$(disksize "${DNBD3_BASE_DIR}/data")" -gt 40000000 ]; then + # setup_partitions creates a data folder in ID45 + DNBD3_BASE_DIR="${DNBD3_BASE_DIR}/data" +else + # try /tmp fallback + DNBD3_BASE_DIR="/tmp" + if ! grep -q '^/dev/.* '"${DNBD3_BASE_DIR}"' .*rw' /proc/mounts \ + || [ "$(disksize "${DNBD3_BASE_DIR}")" -lt 40000000 ]; then + # no sane fallback possible + errormsg "Neither a persistent part (ID45) nor /tmp (ID44) are available, or they are < 40GB" + fi +fi +# now try to create the actual folder used by the server +DNBD3_DATA_DIR="${DNBD3_BASE_DIR}/dnbd3" +if ! mkdir -p "${DNBD3_DATA_DIR}"; then + for i in 0 1 2 3 4 5 $RANDOM $RANDOM; do + if mkdir -p "${DNBD3_BASE_DIR}/dnbd3.$i"; then + DNBD3_DATA_DIR="${DNBD3_BASE_DIR}/dnbd3.$i" + break + fi + done +fi + +if [ ! -d "${DNBD3_DATA_DIR}" ]; then + errormsg "Failed to create '${DNBD3_BASE_DIR}(.[0-$i])'" +fi +if ! chown -R dnbd3:dnbd3 "${DNBD3_DATA_DIR}"; then + errormsg "Failed to chown '${DNBD3_DATA_DIR}' to dnbd3." +fi +if ! chmod -R go-w,u+rwX "${DNBD3_DATA_DIR}"; then + errormsg "Failed to chmod '${DNBD3_DATA_DIR}' to dnbd3." +fi + +# Done with sanity checks, now create configs: server.conf & alt-servers +# Using the information given by the server in /opt/openslx/config +. /opt/openslx/config + +DNBD3_BGR="false" +DNBD3_LOOKUP="false" +DNBD3_SERVER_PENALTY=2000 # no BGR = don't like other servers connecting so much +if [ -n "${SLX_DNBD3_BGR}" ]; then + DNBD3_BGR="true" + DNBD3_SERVER_PENALTY=500 # much better + # Only do chained lookup of image if we're a global proxy with BGR + [ -z "${SLX_DNBD3_WHITELIST}" ] && DNBD3_LOOKUP="true" +fi +DNBD3_PORT=5003 +rm -f "${DNBD3_CONF_DIR}/server.conf" +# Refer to http://git.openslx.org/dnbd3.git/tree/conf for configuration options +cat << EOF > "${DNBD3_CONF_DIR}/server.conf" +[dnbd3] +listenPort=${DNBD3_PORT} +basePath=${DNBD3_DATA_DIR} +serverPenalty=${DNBD3_SERVER_PENALTY} +clientPenalty=0 +isProxy=true +backgroundReplication=${DNBD3_BGR} +lookupMissingForProxy=${DNBD3_LOOKUP} +removeMissingImages=false +uplinkTimeout=5000 +clientTimeout=15000 + +[logging] +consoleMask=ERROR WARNING MINOR INFO +EOF + +MY_IPS=$(ip a | grep '^\s*inet\s' | awk '{print $2}') + +# helper to echo given list of IPs to ${DNBD3_CONF_DIR}/alt-servers +# optionally takes a single char prefix as first param and +# adds it to the IP (for private dnbd3 servers) +# Also sets FOUND_SAT if satellite IP was seen +add_alt_server() { + local PRE= + [ "x$1" = "x-" ] && PRE='-' && shift + for ALT in "$@"; do + for ip in $MY_IPS; do + [ "x$ALT" = "x${ip%/*}" ] && return 0 # Ignore self + done + echo "${PRE}${ALT}" >> "${DNBD3_CONF_DIR}/alt-servers" + [ "x${ALT}" = "x${SLX_PXE_SERVER_IP}" ] && FOUND_SAT="oui" + done + return 0 +} + +rm -f "${DNBD3_CONF_DIR}/alt-servers" +FOUND_SAT= +add_alt_server ${SLX_DNBD3_PUBLIC} +add_alt_server '-' ${SLX_DNBD3_PRIVATE} +# To this day, only the sat IP is in SLX_KCL_SERVERS afaik +[ -z "${FOUND_SAT}" ] && add_alt_server ${SLX_KCL_SERVERS} +chmod -R a+Xr "${DNBD3_CONF_DIR}" + +# create rpc.acl to allow the satellite only +rm -f "${DNBD3_CONF_DIR}/rpc.acl" +for SRV in ${SLX_KCL_SERVERS}; do + echo "$SRV ALL" >> "${DNBD3_CONF_DIR}/rpc.acl" +done + +rm -f "/opt/openslx/iptables/rules.d/99-dnbd3" +# now create iptables helper rules +if [ -n "${SLX_DNBD3_WHITELIST}" ]; then + DNBD3_IPTABLES_CONF="$(mktemp)" + echo '#!/bin/ash' > "${DNBD3_IPTABLES_CONF}" + for CIDR in ${SLX_DNBD3_WHITELIST}; do + echo "iptables -I ipt-helper-INPUT 1 -i br0 -p tcp -s ${CIDR} --dport ${DNBD3_PORT} -j ACCEPT" + done >> "${DNBD3_IPTABLES_CONF}" + echo "iptables -A ipt-helper-INPUT -i br0 -p tcp --dport ${DNBD3_PORT} -j REJECT" >> "${DNBD3_IPTABLES_CONF}" + chmod +x "${DNBD3_IPTABLES_CONF}" + mv -f "$DNBD3_IPTABLES_CONF" "/opt/openslx/iptables/rules.d/99-dnbd3" +fi + +( + echo "*******************" + echo "*** DNBD3 Proxy ***" + echo "*******************" +) | tee -a "/etc/issue" >> "/opt/openslx/etc/issue.template" + +# Create a crontab for rebooting - if everything is fine, once a weekend, +# on failure, reboot every night, hoping things will get better (...) +M=$(( RANDOM % 60 )) +H=$(( RANDOM % 5 )) +if [ -s "$ERRLOG" ]; then + W="*" +else + W="0" +fi +cat > "/etc/cron.d/dnbd3-reboot" <<EOF +# OpenSLX: Reboot proxy at night +SHELL=/bin/ash +PATH=/usr/sbin:/usr/bin:/sbin:/bin:/opt/openslx/sbin:/opt/openslx/bin + +$M $H * * $W root reboot +EOF + +exit 0 + |