summaryrefslogblamecommitdiffstats
path: root/src/main/java/org/openslx/taskmanager/tasks/SshdConfigGenerator.java
blob: 09c32f72642e585c784aac48f3e8736b62c196a5 (plain) (tree) 
2eb5cea ^



















































































1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83



















































































                                                                                                                                         
package org.openslx.taskmanager.tasks;

import java.io.File;
import java.io.IOException;
import java.nio.charset.StandardCharsets;

import org.apache.commons.compress.archivers.tar.TarArchiveOutputStream;
import org.apache.commons.io.FileUtils;
import org.openslx.satserver.util.Archive;
import org.openslx.satserver.util.Util;
import org.openslx.taskmanager.api.AbstractTask;

import com.google.gson.annotations.Expose;

public class SshdConfigGenerator extends AbstractTask
{
	@Expose
	private int listenPort = 0;
	@Expose
	private String allowPasswordLogin = "no";
	@Expose
	private String publicKey = "";
	@Expose
	private String filename = null;

	private Output status = new Output();

	@Override
	protected boolean initTask()
	{
		this.setStatusObject( status );
		if ( !Util.isAllowedDir( this.filename ) )
			status.error = "Invalid directory for " + this.filename;
		if ( allowPasswordLogin == null || ( !allowPasswordLogin.equals( "yes" ) && !allowPasswordLogin.equals( "no" ) ) )
			status.error = "Invalid value for allowPasswordLogin: " + allowPasswordLogin;
		if ( listenPort > 65535 || listenPort < 1 )
			status.error = "Invalid value for listenPort: " + listenPort;
		if ( publicKey != null && !publicKey.isEmpty() && !publicKey.matches( "^[a-z0-9\\-]+ [A-Za-z0-9=/\\+]+ " ) )
			status.error = "Invalid public key: '" + publicKey + "'";
		return status.error == null;
	}

	@Override
	protected boolean execute()
	{
		TarArchiveOutputStream outArchive = null;
		// Prepare sshd config
		String template;
		try {
			template = FileUtils.readFileToString( new File( "./data/sshd_config.template" ), StandardCharsets.UTF_8 );
		} catch ( IOException e ) {
			status.error = e.toString();
			return false;
		}
		template.replace( "%PORT%", Integer.toString( this.listenPort ) );
		template.replace( "%PASSWORDLOGIN%", allowPasswordLogin );
		try {
			outArchive = Archive.createTarArchive( this.filename );
		} catch ( IOException e ) {
			status.error = "Could not create archive at " + this.filename;
			return false;
		}
		boolean ok = Archive.tarCreateFileFromString( outArchive, "/etc/ssh/sshd_config", template, 0644 );
		if ( publicKey != null && !publicKey.isEmpty() )
			ok |= Archive.tarCreateFileFromString( outArchive, "/root/.ssh/authorized_keys", publicKey, 0600 );
		ok |= Archive.tarCreateSymlink( outArchive, "../sshd.service", "/etc/systemd/system/network.target.wants/sshd.service" );
		if ( !ok ) {
			status.error = "Could not create module archive contents";
			return false;
		}
		return true;
	}

	/**
	 * Output - contains additional status data of this task
	 */
	@SuppressWarnings( "unused" )
	private static class Output
	{
		protected String error = null;
	}

}
generated by cgit v1.2.3-55-g7522 (git 2.39.0) at 2024-05-29 08:14:34 +0200