1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
|
#!/bin/bash
# always reset the lavaserver user, since its password could have been reseted in a "docker build --nocache"
if [ ! -e /root/pg_lava_password ];then
< /dev/urandom tr -dc A-Za-z0-9 | head -c16 > /root/pg_lava_password
fi
sudo -u postgres psql -c "ALTER USER lavaserver WITH PASSWORD '$(cat /root/pg_lava_password)';" || exit $?
sed -i "s,^LAVA_DB_PASSWORD=.*,LAVA_DB_PASSWORD='$(cat /root/pg_lava_password)'," /etc/lava-server/instance.conf || exit $?
if [ -e /root/backup/db_lavaserver.gz ];then
gunzip /root/backup/db_lavaserver.gz || exit $?
fi
if [ -e /root/backup/db_lavaserver ];then
echo "Restore database from backup"
sudo -u postgres psql < /root/backup/db_lavaserver || exit $?
yes yes | lava-server manage migrate || exit $?
echo "Restore jobs output from backup"
rm -r /var/lib/lava-server/default/media/job-output/*
tar xzf /root/backup/joboutput.tar.gz || exit $?
fi
lava-server manage makemigrations
yes yes | lava-server manage migrate || exit $?
if [ -e /root/backup/devices.tar.gz ];then
echo "INFO: Restoring devices files"
tar xzf /root/backup/devices.tar.gz
chown -R lavaserver:lavaserver /etc/lava-server/dispatcher-config/devices
fi
chown -R lavaserver:lavaserver /var/lib/lava-server/default/media/job-output/
# default site is set as example.com
if [ -e /root/lava_http_fqdn ];then
sudo -u postgres psql lavaserver -c "UPDATE django_site SET name = '$(cat /root/lava_http_fqdn)'" || exit $?
sudo -u postgres psql lavaserver -c "UPDATE django_site SET domain = '$(cat /root/lava_http_fqdn)'" || exit $?
fi
if [ -e /root/lava-users ];then
for ut in $(ls /root/lava-users)
do
# User is the filename
USER=$ut
USER_OPTION=""
STAFF=0
SUPERUSER=0
TOKEN=""
. /root/lava-users/$ut
if [ -z "$PASSWORD" -o "$PASSWORD" = "$TOKEN" ];then
echo "Generating password..."
#Could be very long, should be avoided
PASSWORD=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1)
fi
if [ $STAFF -eq 1 ];then
USER_OPTION="$USER_OPTION --staff"
fi
if [ $SUPERUSER -eq 1 ];then
USER_OPTION="$USER_OPTION --superuser"
fi
lava-server manage users list --all > /tmp/allusers
if [ $? -ne 0 ];then
echo "ERROR: cannot generate user list"
exit 1
fi
#filter first name/last name (enclose by "()")
sed -i 's,[[:space:]](.*$,,' /tmp/allusers
grep -q "[[:space:]]${USER}$" /tmp/allusers
if [ $? -eq 0 ];then
echo "Skip already existing $USER DEBUG(with $TOKEN / $PASSWORD / $USER_OPTION)"
else
echo "Adding username $USER DEBUG(with $TOKEN / $PASSWORD / $USER_OPTION)"
lava-server manage users add --passwd $PASSWORD $USER_OPTION $USER
if [ $? -ne 0 ];then
echo "ERROR: Adding user $USER"
cat /tmp/allusers
exit 1
fi
if [ ! -z "$TOKEN" ];then
echo "Adding token to user $USER"
lava-server manage tokens add --user $USER --secret $TOKEN || exit 1
fi
if [ ! -z "$EMAIL" ];then
echo "Adding email to user $USER"
lava-server manage users update --email $EMAIL $USER || exit 1
fi
fi
done
fi
if [ -e /root/lava-groups ];then
echo "======================================================"
echo "Handle groups"
echo "======================================================"
GROUP_CURRENT_LIST=/tmp/group.list
lava-server manage groups list > ${GROUP_CURRENT_LIST}.raw || exit 1
grep '^\*' ${GROUP_CURRENT_LIST}.raw > ${GROUP_CURRENT_LIST}
for group in $(ls /root/lava-groups/*group)
do
GROUPNAME=""
SUBMIT=0
OPTION_SUBMIT=""
. $group
grep -q $GROUPNAME $GROUP_CURRENT_LIST
if [ $? -eq 0 ];then
echo "DEBUG: SKIP creation of $GROUPNAME which already exists"
else
if [ $SUBMIT -eq 1 ];then
echo "DEBUG: $GROUPNAME can submit jobs"
OPTION_SUBMIT="--submitting"
fi
echo "DEBUG: Add group $GROUPNAME"
lava-server manage groups add $OPTION_SUBMIT $GROUPNAME || exit 1
fi
if [ -e ${group}.list ];then
echo "DEBUG: Found ${group}.list"
while read username
do
echo "DEBUG: Add user $username to group $GROUPNAME"
lava-server manage groups update --username $username $GROUPNAME || exit 1
done < ${group}.list
fi
done
fi
if [ -e /root/lava-callback-tokens ];then
for ct in $(ls /root/lava-callback-tokens)
do
. /root/lava-callback-tokens/$ct
if [ -z "$USER" ];then
echo "Missing USER"
exit 1
fi
if [ -z "$TOKEN" ];then
echo "Missing TOKEN for $USER"
exit 1
fi
if [ -z "$DESCRIPTION" ];then
echo "Missing DESCRIPTION for $USER"
exit 1
fi
lava-server manage tokens list --user $USER |grep -q $TOKEN
if [ $? -eq 0 ];then
echo "SKIP already present token for $USER"
else
echo "Adding $USER ($DESCRIPTION) DEBUG($TOKEN)"
lava-server manage tokens add --user $USER --secret $TOKEN --description "$DESCRIPTION" || exit 1
fi
done
fi
# This directory is used for storing device-types already added
mkdir -p /root/.lavadocker/
if [ -e /root/device-types ];then
for i in $(ls /root/device-types/*jinja2)
do
if [ -e /etc/lava-server/dispatcher-config/device-types/$(basename $i) ];then
echo "WARNING: overwriting device-type $i"
diff -u "/etc/lava-server/dispatcher-config/device-types/$(basename $i)" $i
fi
cp $i /etc/lava-server/dispatcher-config/device-types/
chown lavaserver:lavaserver /etc/lava-server/dispatcher-config/device-types/$(basename $i)
devicetype=$(basename $i |sed 's,.jinja2,,')
lava-server manage device-types list | grep -q "[[:space:]]$devicetype[[:space:]]"
if [ $? -eq 0 ];then
echo "Skip already known $devicetype"
else
echo "Adding custom $devicetype"
lava-server manage device-types add $devicetype || exit $?
touch /root/.lavadocker/devicetype-$devicetype
fi
done
fi
for worker in $(ls /root/devices/)
do
echo "Adding worker $worker"
lava-server manage workers add $worker || exit $?
for device in $(ls /root/devices/$worker/)
do
devicename=$(echo $device | sed 's,.jinja2,,')
devicetype=$(grep -h extends /root/devices/$worker/$device| grep -o '[a-zA-Z0-9_-]*.jinja2' | sed 's,.jinja2,,')
if [ -e /root/.lavadocker/devicetype-$devicetype ];then
echo "Skip devicetype $devicetype"
else
echo "Add devicetype $devicetype"
lava-server manage device-types add $devicetype || exit $?
touch /root/.lavadocker/devicetype-$devicetype
fi
echo "Add device $devicename on $worker"
cp /root/devices/$worker/$device /etc/lava-server/dispatcher-config/devices/ || exit $?
lava-server manage devices add --device-type $devicetype --worker $worker $devicename || exit $?
done
done
if [ -e /etc/lava-dispatcher/certificates.d/$(hostname).key ];then
echo "INFO: Enabling encryption"
sed -i 's,.*ENCRYPT=.*,ENCRYPT="--encrypt",' /etc/lava-server/lava-master || exit $?
sed -i 's,.*MASTER_CERT=.*,MASTER_CERT="--master-cert /etc/lava-dispatcher/certificates.d/$(hostname).key_secret",' /etc/lava-server/lava-master || exit $?
sed -i 's,.*ENCRYPT=.*,ENCRYPT="--encrypt",' /etc/lava-server/lava-logs || exit $?
sed -i 's,.*MASTER_CERT=.*,MASTER_CERT="--master-cert /etc/lava-dispatcher/certificates.d/$(hostname).key_secret",' /etc/lava-server/lava-logs || exit $?
fi
exit 0
|