Check IP before submission
This commit is contained in:
parent
188931f0d4
commit
9038f49904
@ -1,30 +1,58 @@
|
||||
#! /bin/bash
|
||||
|
||||
# Install missing packets
|
||||
PACKAGES_LIST="libnet-ldap-perl libxml-libxml-perl libgearman-client-perl libmailtools-perl libmail-sendmail-perl libdate-manip-perl"
|
||||
DEB_PACKAGES_LIST="libnet-ldap-perl libxml-libxml-perl libgearman-client-perl libmailtools-perl libmail-sendmail-perl libdate-manip-perl"
|
||||
ARCH_PACKAGES_LIST="perl-io-socket-ssl perl-email-simple perl-email-mime perl-term-readkey perl-ldap perl-lwp-protocol-https"
|
||||
|
||||
if ! whereis dpkg > /dev/null 2> /dev/null
|
||||
if [ -f "/etc/debian_version" ]
|
||||
then
|
||||
aptitude install dpkg
|
||||
fi
|
||||
|
||||
for PK in $PACKAGES_LIST
|
||||
do
|
||||
if ! dpkg -l | grep "^ii" | grep "$PK" > /dev/null 2> /dev/null
|
||||
if ! whereis dpkg > /dev/null 2> /dev/null
|
||||
then
|
||||
aptitude install "$PK"
|
||||
aptitude install dpkg
|
||||
fi
|
||||
done
|
||||
|
||||
for PK in $DEB_PACKAGES_LIST
|
||||
do
|
||||
if ! dpkg -l | grep "^ii" | grep "$PK" > /dev/null 2> /dev/null
|
||||
then
|
||||
aptitude install "$PK"
|
||||
fi
|
||||
done
|
||||
|
||||
|
||||
# Add intradmin user if missing
|
||||
if ! getent passwd | grep "intradmin:" > /dev/null 2> /dev/null
|
||||
# Add intradmin user if missing
|
||||
if ! getent passwd | grep "intradmin:" > /dev/null 2> /dev/null
|
||||
then
|
||||
useradd --shell /bin/false --uid 942 intradmin &&
|
||||
mkdir -p /home/intradmin
|
||||
fi
|
||||
|
||||
chown -R intradmin:intradmin /home/intradmin
|
||||
|
||||
elif [ -f "/etc/arch-release" ]
|
||||
then
|
||||
useradd --shell /bin/false --uid 942 intradmin &&
|
||||
mkdir -p /home/intradmin
|
||||
fi
|
||||
|
||||
chown -R intradmin:intradmin /home/intradmin
|
||||
for PK in $ARCH_PACKAGES_LIST
|
||||
do
|
||||
if ! pacman -Qi "$PK" > /dev/null 2> /dev/null
|
||||
then
|
||||
pacman -S "$PK"
|
||||
fi
|
||||
done
|
||||
|
||||
elif [ -f "/etc/freebsd-update.conf" ]
|
||||
then
|
||||
|
||||
echo "TODO: FreeBSD"
|
||||
exit 1;
|
||||
|
||||
else
|
||||
|
||||
echo "Unknown operating system :("
|
||||
exit 1;
|
||||
|
||||
fi
|
||||
|
||||
# Git ?
|
||||
if egrep '^git:' /etc/passwd > /dev/null
|
||||
@ -33,4 +61,4 @@ then
|
||||
chown git /var/log/hooks/
|
||||
fi
|
||||
|
||||
echo "System ready!"
|
||||
echo "System ready!"
|
||||
|
@ -2,6 +2,7 @@
|
||||
|
||||
cd $(dirname "$0")
|
||||
|
||||
WKS_LIST="apl"
|
||||
SRV_LIST="moore noyce hamano cpp"
|
||||
|
||||
ACTIONS="start stop restart update"
|
||||
@ -43,6 +44,16 @@ do
|
||||
echo
|
||||
done
|
||||
|
||||
for WKS in $WKS_LIST
|
||||
do
|
||||
echo -e "\e[1;34m>>>\e[0m $ACTION on $WKS"
|
||||
if [ "$ACTION" == "update" ]
|
||||
then
|
||||
ssh root@$SRV "make -C liblerdorf update upgrade"
|
||||
fi
|
||||
echo
|
||||
done
|
||||
|
||||
cat "$LOG"
|
||||
|
||||
exit $FAIL
|
||||
exit $FAIL
|
||||
|
@ -28,14 +28,26 @@ if ($ref =~ m<^refs/tags/(.+)$>)
|
||||
log DEBUG, "Pushed tag for repository $ENV{GL_REPO}: $tag with IP $ENV{'SSH_CLIENT'}";
|
||||
|
||||
my $ip = $1 if ($ENV{'SSH_CLIENT'} =~ m/([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}).*/);
|
||||
say "[ACU] Your IP is: $ENV{'SSH_CLIENT'}.";
|
||||
say "[ACU] Your IP is: $ip.";
|
||||
|
||||
$ip = ip2long($ip);
|
||||
|
||||
my $net = ip2long("10.41.0.0");
|
||||
my $mask = ip2long("255.255.0.0");
|
||||
|
||||
if (($ip & $mask) != ($net & $mask))
|
||||
{
|
||||
log ERROR, "[ACU] You are not authorized to push from this IP. This will be reported.";
|
||||
exit 1;
|
||||
}
|
||||
|
||||
# Get project informations
|
||||
my $project;
|
||||
eval {
|
||||
$project = API::Projects::get($id_project, $promo);
|
||||
};
|
||||
if ($@ or !$project) {
|
||||
if ($@ or !$project)
|
||||
{
|
||||
my $err = $@;
|
||||
log TRACE, $err;
|
||||
log ERROR, "Impossible d'envoyer de tags ; si le problème persiste, passez au laboratoire.";
|
||||
|
Reference in New Issue
Block a user