From 1cc9bf14e9fa8faf5a94e6cb32002548477ac779 Mon Sep 17 00:00:00 2001 From: Vincent Vanwaelscappel Date: Thu, 18 Jan 2024 09:18:15 +0100 Subject: [PATCH] wait #6634 @1.5 --- .docker/config/cron/crontab | 1 + .docker/update.sh | 3 -- app/Fluidbook/Packager/WindowsZIP.php | 16 +++++------ bin/mount.sh | 40 +++++++++++++++++++++++++++ bin/startup.sh | 28 +------------------ scripts/fixrights.sh | 9 ++++++ 6 files changed, 58 insertions(+), 39 deletions(-) create mode 100644 bin/mount.sh diff --git a/.docker/config/cron/crontab b/.docker/config/cron/crontab index 5fc614e99..dc51d1cd2 100644 --- a/.docker/config/cron/crontab +++ b/.docker/config/cron/crontab @@ -4,4 +4,5 @@ PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin * * * * * runuser -l toolbox -c '/usr/bin/php /application/artisan schedule:run' > /proc/1/fd/1 2>/proc/1/fd/2 20 5 * * * /application/scripts/restartworkers > /proc/1/fd/1 2>/proc/1/fd/2 +*/15 * * * * /application/bin/mount.sh > /proc/1/fd/1 2>/proc/1/fd/2 diff --git a/.docker/update.sh b/.docker/update.sh index b25744609..d76ca21f9 100644 --- a/.docker/update.sh +++ b/.docker/update.sh @@ -1,7 +1,6 @@ #!/bin/sh cd /docker/fluidbook-toolbox docker plugin install ucphhpc/sshfs --grant-all-permissions -/home/toolbox/www/scripts/fixrights.sh chown root:root /home/toolbox/www/.docker/config/cron/host;ln -sf /home/toolbox/www/.docker/config/cron/host /etc/cron.d/toolbox chown root:root /home/toolbox/www/.docker/config/sudoers docker network create fluidbook-toolbox @@ -10,5 +9,3 @@ docker volume rm fluidbook-toolbox_sshfsusstorage docker volume rm fluidbook-toolbox_docs docker compose up -d /home/toolbox/www/scripts/fixrights.sh -docker exec -it fluidbook-toolbox /application/scripts/update.sh -find /home/toolbox/www/ -type d \( -path /home/toolbox/www/.docker \) -prune -o -exec chown -R toolbox:www-data {} \; diff --git a/app/Fluidbook/Packager/WindowsZIP.php b/app/Fluidbook/Packager/WindowsZIP.php index 138304797..de5999556 100644 --- a/app/Fluidbook/Packager/WindowsZIP.php +++ b/app/Fluidbook/Packager/WindowsZIP.php @@ -135,28 +135,26 @@ class WindowsZIP extends Packager function _sign($source, $symbolicLink = false) { $rand = 'sign-' . hash_file('sha256', $source) . '.exe'; - $remote = 'C:/Sign/' . $rand; + $remote = '/mnt/sign/' . $rand; + $local = $this->book->protected_path('signedexe/' . $rand); if (!file_exists($local)) { $ssh = new SSH2('paris.cubedesigners.com', 'vince', 'Y@mUC9mY2DOYWXkN', '22422'); - $ssh->send($source, $remote); - unlink($source); - if (!$ssh->file_exists($remote)) { - throw new \Exception("An error occured when sending exe to signing machine"); - } + copy($source, $remote); $cli = new CommandLine('C:/Program Files (x86)/Windows Kits/10/bin/10.0.18362.0/x64/signtool.exe'); - $cli->setManualArg("sign /f C:/Users/vince/OneDrive/Documents/Cubedesigners.cer /csp \"eToken Base Cryptographic Provider\" /k \"[SafeNet Token JC 0{{TYWjZacq%hAH98}}]=54C3F1B91759268A\" /tr http://timestamp.sectigo.com /td sha256 /fd sha256 /a $remote"); + $cli->setManualArg("sign /f C:/Users/vince/OneDrive/Documents/Cubedesigners.cer /csp \"eToken Base Cryptographic Provider\" /k \"[SafeNet Token JC 0{{TYWjZacq%hAH98}}]=54C3F1B91759268A\" /tr http://timestamp.sectigo.com /td sha256 /fd sha256 /a C:/Sign/$rand"); $cli->execute($ssh); if (!stristr($cli->getOutput(), 'Successfully signed')) { $ssh->unlink($remote); throw new \Exception('Error while signing exe ' . $rand . ' : ' . $cli->getCommand() . ' /// ' . $cli->getOutput()); } - $ssh->recv($remote, $local); - $ssh->unlink($remote); + copy($remote, $local); + unlink($remote); sleep(2); } + unlink($source); if ($symbolicLink) { symlink($local, $source); } else { diff --git a/bin/mount.sh b/bin/mount.sh new file mode 100644 index 000000000..ce514b2bb --- /dev/null +++ b/bin/mount.sh @@ -0,0 +1,40 @@ +#!/bin/sh +mkdir -p /mnt/hosting +if mountpoint -q "/mnt/hosting"; then + : +else + umount -l -q /mnt/hosting + sshfs -o reconnect,ServerAliveInterval=15,ServerAliveCountMax=3 -o uid=1001 -o gid=33 -o allow_other fluidbook@godzilla.cubedesigners.com:/data/fluidbook/hosting /mnt/hosting +fi + +mkdir -p /mnt/hosting2 +if mountpoint -q "/mnt/hosting2"; then + : +else + umount -l -q /mnt/hosting2 + sshfs -o reconnect,ServerAliveInterval=15,ServerAliveCountMax=3 -o uid=1001 -o gid=33 -o allow_other fluidbook@godzilla.cubedesigners.com:/data/fluidbook/hosting2 /mnt/hosting2 +fi + +mkdir -p /application/usstorage +if mountpoint -q "/application/usstorage"; then + : +else + umount -l -q /application/usstorage + sshfs -o reconnect,ServerAliveInterval=15,ServerAliveCountMax=3 -o uid=1001 -o gid=33 -o allow_other fluidbook@kingkong.cubedesigners.com:/home/fluidbook/data /application/usstorage +fi + +mkdir -p /application/protected/fluidbookpublication/docs +if mountpoint -q "/application/protected/fluidbookpublication/docs"; then + : +else + umount -l -q /application/protected/fluidbookpublication/docs + sshfs -o reconnect,ServerAliveInterval=15,ServerAliveCountMax=3 -o cache=no -o uid=1001 -o gid=33 -o allow_other root@dracula.cubedesigners.com:/data/fluidbook/docs /application/protected/fluidbookpublication/docs +fi + +mkdir -p /mnt/sign +if mountpoint -q "/mnt/sign"; then + : +else + umount -l -q /mnt/sign + sshfs -o reconnect,ServerAliveInterval=15,ServerAliveCountMax=3 -o cache=no -o uid=1001 -o gid=33 -o allow_other -o port=22422 vince@paris.cubedesigners.com:C:/Sign/ /mnt/sign +fi diff --git a/bin/startup.sh b/bin/startup.sh index 0cdc86c03..ad1cba5c6 100644 --- a/bin/startup.sh +++ b/bin/startup.sh @@ -40,33 +40,7 @@ chmod -R 700 /etc/monit;chown -R root:root /etc/monit;/usr/bin/monit chown -R root:root /etc/monit && /usr/bin/monit # Mounts -mkdir -p /mnt/hosting -if mountpoint -q "/mnt/hosting"; then - : -else - sshfs -o reconnect,ServerAliveInterval=15,ServerAliveCountMax=3 -o uid=1002 -o gid=33 -o allow_other fluidbook@godzilla.cubedesigners.com:/data/fluidbook/hosting /mnt/hosting -fi - -mkdir -p /mnt/hosting2 -if mountpoint -q "/mnt/hosting2"; then - : -else - sshfs -o reconnect,ServerAliveInterval=15,ServerAliveCountMax=3 -o uid=1002 -o gid=33 -o allow_other fluidbook@godzilla.cubedesigners.com:/data/fluidbook/hosting2 /mnt/hosting2 -fi - -mkdir -p /application/usstorage -if mountpoint -q "/application/usstorage"; then - : -else - sshfs -o reconnect,ServerAliveInterval=15,ServerAliveCountMax=3 -o uid=1002 -o gid=33 -o allow_other fluidbook@kingkong.cubedesigners.com:/home/fluidbook/data /application/usstorage -fi - -mkdir -p /application/protected/fluidbookpublication/docs -if mountpoint -q "/application/protected/fluidbookpublication/docs"; then - : -else - sshfs -o reconnect,ServerAliveInterval=15,ServerAliveCountMax=3 -o cache=no -o uid=1002 -o gid=33 -o allow_other root@dracula.cubedesigners.com:/data/fluidbook/docs /application/protected/fluidbookpublication/docs -fi +/application/bin/mount.sh # Launch PHP /usr/sbin/php-fpm8.2 -O diff --git a/scripts/fixrights.sh b/scripts/fixrights.sh index bda2abda4..a9c52cc69 100644 --- a/scripts/fixrights.sh +++ b/scripts/fixrights.sh @@ -1,4 +1,6 @@ #!/bin/sh + +find /home/toolbox/www/ -type d -prune -o -exec chown -R toolbox:www-data {} \; chown root:root /home/toolbox/www/.docker/config/sudoers chown root:root /home/toolbox/www/.docker/config/cron/host chmod -R 755 /home/toolbox/www/scripts @@ -6,6 +8,8 @@ chmod -R 775 /home/toolbox/www/protected chmod -R 775 /home/toolbox/www/public chmod -R 775 /home/toolbox/www/bin + +find /home/toolbox/dev/ -type d -prune -o -exec chown -R toolbox:www-data {} \; chown root:root /home/toolbox/dev/.docker/config/sudoers chown root:root /home/toolbox/dev/.docker/config/cron/host chmod -R 775 /home/toolbox/dev/scripts @@ -13,5 +17,10 @@ chmod -R 775 /home/toolbox/dev/protected chmod -R 775 /home/toolbox/dev/public chmod -R 775 /home/toolbox/dev/bin +find /home/toolbox/alpha/ -type d -prune -o -exec chown -R toolbox:www-data {} \; chown root:root /home/toolbox/alpha/.docker/config/sudoers chown root:root /home/toolbox/alpha/.docker/config/cron/host +chmod -R 775 /home/toolbox/alpha/scripts +chmod -R 775 /home/toolbox/alpha/protected +chmod -R 775 /home/toolbox/alpha/public +chmod -R 775 /home/toolbox/alpha/bin -- 2.39.5