From c2207195ccd84f07126791c5540f0880d1cdda37 Mon Sep 17 00:00:00 2001
From: Disassembler <disassembler@dasm.cz>
Date: Sat, 4 Apr 2020 22:05:54 +0200
Subject: [PATCH] Add vmmgr init method and all files managed by vmmgr

---
 etc/init.d/vmmgr                     | 14 ++++++++--
 etc/nginx/vmmgr_common               | 14 ++++++++++
 etc/periodic/daily/acme.sh           |  5 ++++
 etc/wireguard/wg0.conf.disabled      |  4 +++
 sbin/vmtty                           |  8 ++++++
 usr/bin/vmmgr                        | 11 ++++++++
 usr/lib/python3.8/vmmgr/templates.py | 41 ++++------------------------
 usr/lib/python3.8/vmmgr/vmmgr.py     |  2 +-
 8 files changed, 60 insertions(+), 39 deletions(-)
 create mode 100644 etc/nginx/vmmgr_common
 create mode 100644 etc/periodic/daily/acme.sh
 create mode 100644 etc/wireguard/wg0.conf.disabled
 create mode 100755 sbin/vmtty

diff --git a/etc/init.d/vmmgr b/etc/init.d/vmmgr
index 4d7925d..278267d 100755
--- a/etc/init.d/vmmgr
+++ b/etc/init.d/vmmgr
@@ -1,6 +1,16 @@
 #!/sbin/openrc-run
 
-command=/usr/share/vmmgr/wsgi.py
+command="/usr/share/vmmgr/wsgi.py"
 description="VM manager"
-pidfile=/var/run/vmmgr.pid
+pidfile="/var/run/vmmgr.pid"
 start_stop_daemon_args="--background --make-pidfile --stdout /var/log/vmmgr.log --stderr /var/log/vmmgr.log"
+
+depend() {
+    before nginx
+}
+
+start_pre() {
+    if [ ! -f /etc/ssl/services.pem ]; then
+        /usr/bin/vmmgr init
+    fi
+}
diff --git a/etc/nginx/vmmgr_common b/etc/nginx/vmmgr_common
new file mode 100644
index 0000000..4883948
--- /dev/null
+++ b/etc/nginx/vmmgr_common
@@ -0,0 +1,14 @@
+error_page 502 /502.html;
+location = /502.html {
+    root /usr/share/vmmgr/templates;
+}
+
+error_page 503 /503.html;
+location = /503.html {
+    root /usr/share/vmmgr/templates;
+}
+
+location = /vm-ping {
+    add_header Content-Type text/plain;
+    return 200 "vm-pong";
+}
diff --git a/etc/periodic/daily/acme.sh b/etc/periodic/daily/acme.sh
new file mode 100644
index 0000000..61b9db2
--- /dev/null
+++ b/etc/periodic/daily/acme.sh
@@ -0,0 +1,5 @@
+#!/bin/sh
+
+# Sleep randomly up to 1hr to avoid peak on ACME server
+/bin/sleep $(/usr/bin/shuf -i 60-3600 -n 1)
+/usr/bin/acme.sh --home /etc/acme.sh.d --cron >/dev/null
diff --git a/etc/wireguard/wg0.conf.disabled b/etc/wireguard/wg0.conf.disabled
new file mode 100644
index 0000000..b080081
--- /dev/null
+++ b/etc/wireguard/wg0.conf.disabled
@@ -0,0 +1,4 @@
+[Interface]
+ListenPort = 51820
+PrivateKey = None
+
diff --git a/sbin/vmtty b/sbin/vmtty
new file mode 100755
index 0000000..5f476f1
--- /dev/null
+++ b/sbin/vmtty
@@ -0,0 +1,8 @@
+#!/bin/sh
+
+# Rebuild /etc/issue
+/usr/bin/vmmgr rebuild-issue
+# Print /etc/issue
+/bin/cat /etc/issue
+# Wait for key press
+read a
diff --git a/usr/bin/vmmgr b/usr/bin/vmmgr
index f9e608a..032e96d 100755
--- a/usr/bin/vmmgr
+++ b/usr/bin/vmmgr
@@ -17,6 +17,12 @@ def rebuild_issue():
     # Used by inittab on VM startup
     vmmgr.rebuild_issue()
 
+def init()
+    # Used during the very first vmmgr service startup
+    vmmgr.create_selfsigned_cert()
+    host = config.get_host()
+    vmmgr.update_host(host['domain'], host['port'])
+
 parser = argparse.ArgumentParser(description='VM application manager')
 parser.set_defaults(action=None)
 subparsers = parser.add_subparsers()
@@ -35,6 +41,9 @@ parser_unregister_app.add_argument('app', help='Application name')
 parser_rebuild_issue = subparsers.add_parser('rebuild-issue')
 parser_rebuild_issue.set_defaults(action=rebuild_issue)
 
+parser_init = subparsers.add_parser('init')
+parser_init.set_defaults(action=init)
+
 args = parser.parse_args()
 if args.action is register_app:
     register_app(args.app, args.host, args.login, args.password)
@@ -42,5 +51,7 @@ elif args.action is unregister_app:
     unregister_app(args.app)
 elif args.action is rebuild_issue:
     rebuild_issue()
+elif args.action is init:
+    init()
 else:
     parser.print_usage()
diff --git a/usr/lib/python3.8/vmmgr/templates.py b/usr/lib/python3.8/vmmgr/templates.py
index 079cf25..794e45d 100644
--- a/usr/lib/python3.8/vmmgr/templates.py
+++ b/usr/lib/python3.8/vmmgr/templates.py
@@ -11,15 +11,7 @@ NGINX = '''server {{
         proxy_pass http://{ip}:8080;
     }}
 
-    error_page 502 /502.html;
-    location = /502.html {{
-        root /usr/share/vmmgr/templates;
-    }}
-
-    location = /vm-ping {{
-        add_header Content-Type text/plain;
-        return 200 "vm-pong";
-    }}
+    include vmmgr_common;
 }}
 '''
 
@@ -34,10 +26,7 @@ NGINX_DEFAULT = '''server {{
         root /etc/acme.sh.d;
     }}
 
-    location = /vm-ping {{
-        add_header Content-Type text/plain;
-        return 200 "vm-pong";
-    }}
+    include vmmgr_common;
 }}
 
 server {{
@@ -51,38 +40,18 @@ server {{
         root /usr/share/vmmgr;
     }}
 
-    error_page 502 /502.html;
-    location = /502.html {{
-        root /usr/share/vmmgr/templates;
-    }}
-
-    location = /vm-ping {{
-        add_header Content-Type text/plain;
-        return 200 "vm-pong";
-    }}
+    include vmmgr_common;
 }}
 
 server {{
     listen [::]:{port} ssl http2;
-    server_name ~^(.*)\\.{domain_esc}$;
+    server_name *.{domain};
 
     location / {{
         return 503;
     }}
 
-    location /static {{
-        root /usr/share/vmmgr;
-    }}
-
-    error_page 503 /503.html;
-    location = /503.html {{
-        root /usr/share/vmmgr/templates;
-    }}
-
-    location = /vm-ping {{
-        add_header Content-Type text/plain;
-        return 200 "vm-pong";
-    }}
+    include vmmgr_common;
 }}
 '''
 
diff --git a/usr/lib/python3.8/vmmgr/vmmgr.py b/usr/lib/python3.8/vmmgr/vmmgr.py
index 49c0e85..2ff7b83 100644
--- a/usr/lib/python3.8/vmmgr/vmmgr.py
+++ b/usr/lib/python3.8/vmmgr/vmmgr.py
@@ -51,7 +51,7 @@ def update_host(domain, port):
     config.set_host('port', port)
     # Rebuild nginx config for the portal and existing apps. Web interface calls restart_nginx() in WSGI close handler
     with open(os.path.join(paths.NGINX_DIR, 'default.conf'), 'w') as f:
-        f.write(templates.NGINX_DEFAULT.format(port=port, domain_esc=domain.replace('.', '\\.')))
+        f.write(templates.NGINX_DEFAULT.format(port=port, domain=domain))
     for app in config.get_apps().keys():
         register_proxy(app)