Subversion Repositories ALCASAR

Rev

Rev 3294 | Rev 3314 | Go to most recent revision | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log

Rev 3294 Rev 3313
Line 8... Line 8...
8 
 
 8 
 
9 
# Constants
 9 
# Constants
10 
readonly ALCASAR_PWD="/root/ALCASAR-passwords.txt"
 10 
readonly ALCASAR_PWD="/root/ALCASAR-passwords.txt"
11 
readonly LOCALHOST="127.0.0.1"
 11 
readonly LOCALHOST="127.0.0.1"
12 
readonly DB_PORT=3306
 12 
readonly DB_PORT=3306
- 
 
 13 
readonly ALCASAR_CONF=/usr/local/etc/alcasar.conf
13 
 
 14 
 
14 
# Dynamically generated constants
 15 
# Dynamically generated constants
15 
DB_ROOT_PWD="$(grep db_root "$ALCASAR_PWD" | cut -d '=' -f 2-)"
 16 
DB_ROOT_PWD="$(grep db_root "$ALCASAR_PWD" | cut -d '=' -f 2-)"
16 
readonly DB_ROOT_PWD;
 17 
readonly DB_ROOT_PWD;
17 
 
 18 
 
Line 28... Line 29...
28 
 
 29 
 
29 
# Revert modifications already made while adding remote
 30 
# Revert modifications already made while adding remote
30 
# $1: previous error code
 31 
# $1: previous error code
31 
abort() {
 32 
abort() {
32 
	error_code="$1"
 33 
	error_code="$1"
33 
 
 - 
 
34 
	# Revert FW
 34 
	# Revert FW
35 
	tmp_disable_outbound_connection
 35 
	tmp_disable_outbound_connection
36 
 
 - 
 
37 
	# Delete SSH tunnel service file
 36 
	# Delete SSH tunnel service file
38 
	service_file="replication-$remote_name.service"
 37 
	service_file="replication-$remote_name.service"
39 
	service_path="/etc/systemd/system/$service_file"
 38 
	service_path="/etc/systemd/system/$service_file"
40 
	[ -f "$service_file" ] && rm "$service_file"
 39 
	[ -f "$service_file" ] && rm "$service_file"
41 
 
 - 
 
42 
	return "$error_code"
 40 
	return "$error_code"
43 
}
 41 
}
44 
 
 42 
 
45 
# Add remote as primary
 43 
# Add remote as primary
46 
add_remote_as_primary() {
 44 
add_remote_as_primary() {
Line 222... Line 220...
222 
	fi
 220 
	fi
223 
}
 221 
}
224 
 
 222 
 
225 
# Make a SSH tunnel to remote host
 223 
# Make a SSH tunnel to remote host
226 
create_ssh_tunnel() {
 224 
create_ssh_tunnel() {
227 
	# All fields must be filled
 - 
 
228 
	if [ -z "$remote_name"     ] ||
 - 
 
229 
	   [ -z "$remote_addr"     ] ||
 - 
 
230 
	   [ -z "$remote_ssh_port" ] ||
 - 
 
231 
	   [ -z "$remote_ssh_user" ]
 - 
 
232 
	then
 - 
 
233 
		echo "error: some args are missing" >&2
 - 
 
234 
		return 10
 - 
 
235 
	fi
 - 
 
236 
 
 - 
 
237 
	# Find a common binding port
 225 
	# Find a common binding port
238 
	find_common_free_port || return 11
 226 
	find_common_free_port || return 11
239 
 
 227 
 
240 
	service_file="replication-$remote_name.service"
 228 
	service_file="replication-$remote_name.service"
241 
	service_path="/etc/systemd/system/$service_file"
 229 
	service_path="/etc/systemd/system/$service_file"
Line 338... Line 326...
338 
# Allow outbound connection for testing connection
 326 
# Allow outbound connection for testing connection
339 
tmp_allow_outbound_connection() {
 327 
tmp_allow_outbound_connection() {
340 
	/usr/sbin/iptables -A OUTPUT -d "$remote_addr" -p tcp --dport "$remote_ssh_port" -j ACCEPT
 328 
	/usr/sbin/iptables -A OUTPUT -d "$remote_addr" -p tcp --dport "$remote_ssh_port" -j ACCEPT
341 
}
 329 
}
342 
 
 330 
 
343 
# Disable outbound connection which was used testing connection
 331 
# Disable outbound connection which that was used to test test connection
344 
tmp_disable_outbound_connection() {
 332 
tmp_disable_outbound_connection() {
345 
	/usr/sbin/iptables -D OUTPUT -d "$remote_addr" -p tcp --dport "$remote_ssh_port" -j ACCEPT
 333 
	/usr/sbin/iptables -D OUTPUT -d "$remote_addr" -p tcp --dport "$remote_ssh_port" -j ACCEPT
346 
}
 334 
}
347 
 
 335 
 
348 
# Print help message
 336 
# Print help message
Line 395... Line 383...
395 
esac
 383 
esac
396 
 
 384 
 
397 
# Set remote as master
 385 
# Set remote as master
398 
add_remote_as_primary || abort "$?" || exit
 386 
add_remote_as_primary || abort "$?" || exit
399 
 
 387 
 
- 
 
 388 
# Set Netfilter
- 
 
 389 
echo -n "Allowing outbound connection to remote SSH "
- 
 
 390 
# Get remote IP and port from its name
- 
 
 391 
port="$(grep "ExecStart" "$service_path" | cut -d ' ' -f 9)"
- 
 
 392 
ip="$(grep "ExecStart" "$service_path" | cut -d ' ' -f 14 | cut -d '@' -f2)"
- 
 
 393 
echo "($ip:$port)"
- 
 
 394 
/usr/bin/sed -i -E "/^REPLICATION_TO=/s/=(.*)/=\1$ip:$port,/" /usr/local/etc/alcasar.conf
- 
 
 395 
/usr/local/bin/alcasar-iptables.sh
- 
 
 396 
 
400 
# Start replication
 397 
# Start replication
401 
/usr/local/bin/alcasar-replication-start.sh --name="$remote_name"
 398 
# /usr/local/bin/alcasar-replication-start.sh --name="$remote_name"