From c8e253cc1e38281f37db4439341c2629faae499f Mon Sep 17 00:00:00 2001
From: Klas Arvidsson <klas.arvidsson@liu.se>
Date: Tue, 22 Nov 2022 19:22:23 +0100
Subject: [PATCH] Ability to fetch TAL ics file
---
files/tal/on_update.sh | 2 ++
files/tal/tal-cli | 2 +-
files/tal/tal-export | 3 +++
manifests/aes_sw.pp | 19 ++++++++++++++++++-
manifests/autocorr.pp | 38 --------------------------------------
manifests/init.pp | 1 -
manifests/tal_cli.pp | 8 ++++++++
7 files changed, 32 insertions(+), 41 deletions(-)
create mode 100644 files/tal/tal-export
delete mode 100644 manifests/autocorr.pp
diff --git a/files/tal/on_update.sh b/files/tal/on_update.sh
index 1154371..aaca909 100644
--- a/files/tal/on_update.sh
+++ b/files/tal/on_update.sh
@@ -1,5 +1,7 @@
#!/usr/bin/bash
+python3 -m pip install --user -r scripts/requirements.txt
+
cd source
sed -i 's|url = \.\./database|url = https://oauth2:glpat-WeW_ytbQ83JMs2UnQmhe@gitlab.liu.se/upp-aes/database|' .gitmodules
diff --git a/files/tal/tal-cli b/files/tal/tal-cli
index 6e91c37..5cc1237 100644
--- a/files/tal/tal-cli
+++ b/files/tal/tal-cli
@@ -1,3 +1,3 @@
#!/usr/bin/bash
-exec sudo -u examadm /home/examadm/tal-cli/tal "$@"
+exec sudo -u examadm /home/examadm/tal-cli/scripts/tal-cli.py "$@"
diff --git a/files/tal/tal-export b/files/tal/tal-export
new file mode 100644
index 0000000..2b8dcbb
--- /dev/null
+++ b/files/tal/tal-export
@@ -0,0 +1,3 @@
+#!/usr/bin/bash
+
+exec sudo -u examadm /home/examadm/tal-cli/scripts/tal-export.py "$@"
diff --git a/manifests/aes_sw.pp b/manifests/aes_sw.pp
index d6be61e..dd2f7fa 100644
--- a/manifests/aes_sw.pp
+++ b/manifests/aes_sw.pp
@@ -18,7 +18,7 @@ class aes::aes_sw {
managehome => false,
membership => inclusive,
system => true,
- shell => '/sbin/nologin',
+ shell => '/bin/bash',
}
file { $examadm_home:
@@ -28,6 +28,23 @@ class aes::aes_sw {
group => $examadm_group,
}
+ file { "${examadm_home}/.ssh":
+ ensure => directory,
+ mode => '0700',
+ owner => $examadm_user,
+ group => $examadm_group,
+ }
+
+ file { "${examadm_home}/.ssh/authorized_keys":
+ ensure => file,
+ mode => '0600',
+ owner => $examadm_user,
+ group => $examadm_group,
+ content => @(SSHPUBKEY),
+command="/home/examadm/bin/tal-export --format ics --lookback 90 --lookahead 180",no-pty,no-user-rc,no-port-forwarding,no-agent-forwarding,no-X11-forwarding ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJW4LP0av20r7lPXNgsftF9oaAXK41AvHyuHwybciZC/QBfTcmYif83563cTg0OzR/p+OSobiDM0odaaFYtP/8xbuVRz87X5bGYm2m8yHHqPxobHkT5g/faMkl9Fef+Al4EsT5tiaYMOhG2lj8XRYuwAb7qjoz3FFbs8TEPE7Sv+4BUCCH94taCuNYLXSxN1EXvw7VW6Ld5QXRFP53l2QUeTqE9oSii3BVrXlqqrLvNV/7nwdwyse4uhff4QrM9o4oc9FaQr8PLlPGxdlbSfIQJMVzHGpeDu0WLw+NqtLO1hsdlvQm7GrT/v8N7GJNKlsvhwnwUuMhTrB0yPMbbub1 klaar36@upp
+ | SSHPUBKEY
+ }
+
file { '/etc/systemd/system/aes_login.service':
ensure => file,
owner => root,
diff --git a/manifests/autocorr.pp b/manifests/autocorr.pp
deleted file mode 100644
index 937f778..0000000
--- a/manifests/autocorr.pp
+++ /dev/null
@@ -1,38 +0,0 @@
-class aes::autocorr {
-
- $autocorr_user = autocorr
- $autocorr_group = $autocorr_user
- $autocorr_home = "/home/${autocorr_user}"
-
- user { 'autocorr' :
- ensure => present,
- managehome => false,
- membership => inclusive,
- system => true,
- shell => '/bin/bash',
- }
-
- file { $autocorr_home:
- ensure => directory,
- mode => '0755',
- owner => $autocorr_user,
- group => $autocorr_group,
- }
-
- file { "${autocorr_home}/.ssh":
- ensure => directory,
- mode => '0700',
- owner => $autocorr_user,
- group => $autocorr_group,
- }
-
- file { "${autocorr_home}/.ssh/authorized_keys":
- ensure => file,
- mode => '0600',
- owner => $autocorr_user,
- group => $autocorr_group,
- content => @(SSHPUBKEY),
-command="if [[ \"$SSH_ORIGINAL_COMMAND\" =~ ^scp[[:space:]]-f[[:space:]]/home/examadm/Version-3.1/exam/[[:space:]0-9a-zA-Z_/.-]*$ ]]; then $SSH_ORIGINAL_COMMAND; else >&2 echo \"ERROR Access Denied ('$SSH_ORIGINAL_COMMAND')\"; fi",no-pty,no-user-rc,no-port-forwarding,no-agent-forwarding,no-X11-forwarding ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCu/so6GPeUOpK0Zeiv8pM4UF4BAGnbjc92rYJP7PH2tnCvzTcj7Zx5fw6oyoFPw7SJ21ybIYHr1Eef7LsfJc6lOx/xNm8XABhOJw7Gy12WnjRF9SmsT7+YqJDvDOeN89PvzmHNdhpCerpdhDGvAKu2MjP2fAEW0eIgHWYfzFwQxXqfsEdKYAtIx0v/VTLxFjtZOz5PQGAPR28NZkffMt1ePaAO5WUwjkxcyIbrtrOWWYDtqa9G7gTwgdf7m9IG69G6sqKGzyZrfd0nrpMmtWmX6/9bWwUk1ADaLdEFiupsZ9k+QsLB7/v7fxzbPD61yAJ75JUecghlXFJ4ob9OsmPz torjo@upp
- | SSHPUBKEY
- }
-}
diff --git a/manifests/init.pp b/manifests/init.pp
index 9efa222..4165103 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -8,7 +8,6 @@ class aes {
include aes::broker
include aes::auth
include aes::auth_keydb
- include aes::autocorr
include liurepo::centos_sclo_rh
package {
diff --git a/manifests/tal_cli.pp b/manifests/tal_cli.pp
index 8ae2468..dfc6b2c 100644
--- a/manifests/tal_cli.pp
+++ b/manifests/tal_cli.pp
@@ -17,6 +17,14 @@ class aes::tal_cli(
source => "puppet:///modules/${module_name}/tal/tal-cli",
}
+ file { '/home/examadm/bin/tal-export' :
+ ensure => file,
+ owner => examadm,
+ group => examadm,
+ mode => '0755',
+ source => "puppet:///modules/${module_name}/tal/tal-export",
+ }
+
file { '/home/examadm/tal-cli/.tal' :
ensure => file,
owner => examadm,
--
GitLab