Various fixes

2015-01-16 21:01:42 +01:00 · 2015-01-16 21:01:42 +01:00 · 7aec6ec98a
commit 7aec6ec98a
parent 8336f82311
6 changed files with 25 additions and 11 deletions
--- a/4
+++ b/4
@ -20,6 +20,8 @@ RUN apt-get -y update && \
 	    pwgen \
 	    curl \
 	    openssl \
+	    rsync \
+	    openssh-client \
    && \
    apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*

@ -55,5 +57,5 @@ ENTRYPOINT ["/var/www/fic-server/entrypoint.sh"]
 CMD    service nginx start && \
       service php5-fpm start && \
       ./nginx_gen_team.sh > ./shared/nginx-teams.conf && \
-       (./launch_local.sh &); \
+       (./launch.sh &); \
       /bin/bash
--- a/README.md
+++ b/README.md
@ -235,7 +235,7 @@ Keep in mind that this is the machine exposed to participant.
 1. Generate the synchronization SSH key on the backend:

 ```
-sudo su -c "ssh-keygen -t rsa -b 8192 -N '' -f ~synchro/.ssh/id_rsa" synchro
+sudo su -c "ssh-keygen -t rsa -b 8192 -N '' -f /var/www/fic_server/.ssh/id_rsa" synchro
 ```

 2. Copy `~synchro/.ssh/id_rsa.pub` into `front_synchro/authorized_keys` file.
@ -247,11 +247,17 @@ docker build -t synchro front_synchro/
 docker run -d --name fsync -p 2242:22 synchro
 ```

-4. Run the frontend container:
+4. Run the backend.
+
+A first synchronization have to be made before the next step. This
+synchronization will copy the frontend private key and various required
+certificates.
+
+5. Run the frontend container:

 ```
 docker build -t frontend front/
-docker run --rm -p 80:80 -p 443:443 --volumes-from fsync front
+docker run --rm -it -p 80:80 -p 443:443 --volumes-from fsync frontend
 ```


--- a/entrypoint.sh
+++ b/entrypoint.sh
@ -11,6 +11,7 @@ mkdir -p ${BASEDIR}/logs
 chown -R www-data:www-data ${BASEDIR}/shared ${BASEDIR}/PKI
 chown -R ${SYNCHRO_USER}:www-data ${BASEDIR}/submission ${BASEDIR}/logs ${BASEDIR}/out
 chmod 770 ${BASEDIR}/submission
+chown ${SYNCHRO_USER} ${BASEDIR}/.ssh/id_rsa

 # Update database profile
 cat <<EOF > ${BASEDIR}/onyx/db/docker.profile.php &&
--- a/front_synchro/Dockerfile
+++ b/front_synchro/Dockerfile
@ -16,7 +16,7 @@ RUN useradd -d /var/www/fic-server/ -M -N -g nogroup synchro
 # Configure softwares #################################################

 COPY sshd_config /etc/ssh/sshd_config
-#COPY authorized_keys /var/www/fic-server/.ssh/authorized_keys
+COPY authorized_keys /var/www/fic-server/.ssh/authorized_keys

 # ENVIRONNEMENT #######################################################

@ -24,5 +24,7 @@ VOLUME ["/var/www/fic-server/out","/var/www/fic-server/files","/var/www/fic-serv

 EXPOSE 22/tcp

-CMD  service ssh start && \
+CMD  chown -R synchro /var/www/fic-server/ && \
+     chmod 755 /var/www/fic-server/ && \
+     service ssh start && \
     tail -F /var/log/auth.log
--- a/onyx/modules/templates/smarty/plugins/function.link.php
+++ b/onyx/modules/templates/smarty/plugins/function.link.php
@ -34,6 +34,8 @@ function smarty_function_link($params, $template)

      if (!empty($params['href_suffix']))
 	$href = $href . $params['href_suffix'];
+      else
+        $href .= "/";
    }

    $urls = Cache::read("urls");
--- a/synchro.sh
+++ b/synchro.sh
@ -14,6 +14,7 @@ then
    exit $?
 fi

+SSH_OPTS="ssh -p 2242 -o 'UserKnownHostsFile=/dev/null' -o 'StrictHostKeyChecking=no' -i .ssh/id_rsa"
 OPTS=
 if [ "$1" = "delete" ]
 then
@ -21,12 +22,12 @@ then
 fi

 # Synchronize HTML pages
-rsync -e ssh -av  $OPTS out "$FRONTEND_HOSTNAME":~/
-rsync -e ssh -avL $OPTS files "$FRONTEND_HOSTNAME":~/
-rsync -e ssh -av  $OPTS front/ shared/ "$FRONTEND_HOSTNAME":~/
+rsync -e "$SSH_OPTS" -av  $OPTS out "$FRONTEND_HOSTNAME":~/
+rsync -e "$SSH_OPTS" -avL $OPTS files "$FRONTEND_HOSTNAME":~/
+rsync -e "$SSH_OPTS" -av  $OPTS front shared "$FRONTEND_HOSTNAME":~/

 # Synchronize submissions
-rsync -e ssh -av "$FRONTEND_HOSTNAME":~/submission/ submission/
-ssh "$FRONTEND_HOSTNAME" "rm -fv ~/submission/*"
+rsync -e "$SSH_OPTS" -av "$FRONTEND_HOSTNAME":~/submission/ submission/
+ssh -p 2242 -i .ssh/id_rsa "$FRONTEND_HOSTNAME" "rm -fv ~/submission/*"

 exit $?