Skip to content

Instantly share code, notes, and snippets.

@sawanoboly

sawanoboly/auth_basic.rb-action-discard

Last active December 22, 2015 13:49
Show Gist options
  • Save sawanoboly/6481689 to your computer and use it in GitHub Desktop.
Save sawanoboly/6481689 to your computer and use it in GitHub Desktop.
Download ZIP
実践LWRP、HTTP認証用ファイル(htpasswd,htdigest)をChefのリソースとして管理する part.3 of 3 ref: http://qiita.com/sawanoboly/items/89095877826cab27c932
Raw
auth_basic.rb-action-discard
require 'webrick'
def whyrun_supported?
true
end
action :create do
if @current_resource.crypted_passwd
Chef::Log.warn "====== Found http_auth user #{@new_resource.user}"
salt = @current_resource.crypted_passwd[0..1]
if @current_resource.crypted_passwd == @new_resource.password.crypt(salt)
Chef::Log.warn "====== http_auth user #{@new_resource.user} was not modified. (up to date)"
else
converge_by("====== Update http_auth user #{@new_resource.user}") do
Chef::Log.warn "====== Update http_auth user #{@new_resource.user}"
update_user!
end
end
else
converge_by("====== Create http_auth user #{@new_resource.user}") do
Chef::Log.warn "====== Create http_auth user #{@new_resource.user}"
update_user!
end
end
end
action :delete do
unless @current_resource.crypted_passwd
Chef::Log.warn "====== http_auth user #{@new_resource.user} was not found. Nothing to do. (up to date)"
else
converge_by("====== Delete http_auth user #{@new_resource.user}") do
Chef::Log.warn "====== Delete http_auth user #{@new_resource.user}"
delete_user!
end
end
end
action :discard do
if @current_resource.db_exists
converge_by("====== Discard http_auth userdb #{@new_resource.path}") do
backup!
::File.unlink(@new_resource.path)
end
else
Chef::Log.warn "====== http_auth user database #{@new_resource.path} was not found. Nothing to do. (up to date)"
end
end
def update_user!
backup!
htpasswd = WEBrick::HTTPAuth::Htpasswd.new(@new_resource.path)
htpasswd.set_passwd nil, @new_resource.user, @new_resource.password
htpasswd.flush
fix_permission!
end
def delete_user!
backup!
htpasswd = WEBrick::HTTPAuth::Htpasswd.new(@new_resource.path)
htpasswd.delete_passwd nil, @new_resource.user
htpasswd.flush
fix_permission!
end
def fix_permission!
FileUtils.chmod(@new_resource.filemode.to_i, @new_resource.path)
end
def backup!
htpasswd_file = Chef::Resource::File.new(@new_resource.path)
htpasswd_file.instance_variable_set(:@backup, 30)
backup = Chef::Util::Backup.new(htpasswd_file)
backup.send(:backup_filename)
backup.instance_variable_set(:@backup_filename,backup.instance_variable_get(:@backup_filename).gsub(/[\d]+$/,Time.now.strftime("%Y%m%d%H%M%S.%6N")))
backup.backup!
end
def load_current_resource
@current_resource = Chef::Resource::HttpsvAuthBasic.new(@new_resource.name)
unless ::File.exists?(@new_resource.path)
@current_resource.db_exists = false
@current_resource.crypted_passwd = nil
return
end
htpasswd = WEBrick::HTTPAuth::Htpasswd.new(@new_resource.path)
@current_resource.crypted_passwd = htpasswd.get_passwd nil, @new_resource.user, true
@current_resource.db_exists = true
end
Raw
auth_basic.rb-add_backup
# --snip --
def update_user!
backup!
htpasswd = WEBrick::HTTPAuth::Htpasswd.new(@new_resource.path)
htpasswd.set_passwd nil, @new_resource.user, @new_resource.password
htpasswd.flush
fix_permission!
end
def delete_user!
backup!
htpasswd = WEBrick::HTTPAuth::Htpasswd.new(@new_resource.path)
htpasswd.delete_passwd nil, @new_resource.user
htpasswd.flush
fix_permission!
end
def fix_permission!
FileUtils.chmod(@new_resource.filemode.to_i, @new_resource.path)
end
def backup!
htpasswd_file = Chef::Resource::File.new(@new_resource.path)
backup = Chef::Util::Backup.new(htpasswd_file)
backup.backup!
end
# --snip --
Raw
auth_basic.rb-end_of_2
require 'webrick'
def whyrun_supported?
true
end
action :create do
if @current_resource.crypted_passwd
Chef::Log.warn "====== Found http_auth user #{@new_resource.user}"
salt = @current_resource.crypted_passwd[0..1]
if @current_resource.crypted_passwd == @new_resource.password.crypt(salt)
Chef::Log.warn "====== http_auth user #{@new_resource.user} was not modified. (up to date)"
else
converge_by("====== Update http_auth user #{@new_resource.user}") do
Chef::Log.warn "====== Update http_auth user #{@new_resource.user}"
update_user!
end
end
else
converge_by("====== Create http_auth user #{@new_resource.user}") do
Chef::Log.warn "====== Create http_auth user #{@new_resource.user}"
update_user!
end
end
end
action :delete do
unless @current_resource.crypted_passwd
Chef::Log.warn "====== http_auth user #{@new_resource.user} was not found. Nothing to do. (up to date)"
else
converge_by("====== Delete http_auth user #{@new_resource.user}") do
Chef::Log.warn "====== Delete http_auth user #{@new_resource.user}"
delete_user!
end
end
end
def update_user!
htpasswd = WEBrick::HTTPAuth::Htpasswd.new(@new_resource.path)
htpasswd.set_passwd nil, @new_resource.user, @new_resource.password
htpasswd.flush
fix_permission!
end
def delete_user!
htpasswd = WEBrick::HTTPAuth::Htpasswd.new(@new_resource.path)
htpasswd.delete_passwd nil, @new_resource.user
htpasswd.flush
fix_permission!
end
def fix_permission!
FileUtils.chmod(@new_resource.filemode.to_i, @new_resource.path)
end
def load_current_resource
@current_resource = Chef::Resource::HttpsvAuthBasic.new(@new_resource.name)
htpasswd = WEBrick::HTTPAuth::Htpasswd.new(@new_resource.path)
@current_resource.crypted_passwd = htpasswd.get_passwd nil, @new_resource.user, true
end
Raw
def_backup!-increase_generation
def backup!
htpasswd_file = Chef::Resource::File.new(@new_resource.path)
htpasswd_file.instance_variable_set(:@backup, 30)
backup = Chef::Util::Backup.new(htpasswd_file)
backup.backup!
end
Raw
def_backup!-use-micro_sec
def backup!
htpasswd_file = Chef::Resource::File.new(@new_resource.path)
htpasswd_file.instance_variable_set(:@backup, 30)
backup = Chef::Util::Backup.new(htpasswd_file)
backup.send(:backup_filename)
backup.instance_variable_set(:@backup_filename,backup.instance_variable_get(:@backup_filename).gsub(/[\d]+$/,Time.now.strftime("%Y%m%d%H%M%S.%6N")))
backup.backup!
end
Raw
run_chef-solo
$ chef-solo -c solo.rb -o 'httpsv::sample08'
Starting Chef Client, version 11.6.0
[2013-09-08T12:09:27+09:00] WARN: Run List override has been provided.
[2013-09-08T12:09:27+09:00] WARN: Original Run List: []
[2013-09-08T12:09:27+09:00] WARN: Overridden Run List: [recipe[httpsv::sample08]]
Compiling Cookbooks...
Converging 1 resources
Recipe: httpsv::sample08
* httpsv_auth_basic[var/www/site1:delete_dummy] action discard[2013-09-08T12:09:28+09:00] WARN: ====== http_auth user database /Users/sawanoboriyu/github/opsrockin/lwrp_http_userdb/var/www/site1/.htpasswd was not found. Nothing to do. (up to date)
(up to date)
Chef Client finished, 0 resources updated
Raw
sample08.rb
base_dir = ENV['PWD']
httpsv_auth_basic 'var/www/site1' do
action :discard
user 'delete_dummy'
path File.join(base_dir, self.name, '.htpasswd')
name [self.name, self.user].join(':')
end
Raw
tree_of_the_backup
$ tree -a backup/`pwd`
backup//Users/sawanoboriyu/github/opsrockin/lwrp_http_userdb
└── var
└── www
└── site1
└── .htpasswd.chef-20130908004517
3 directories, 1 file
Raw
tree_of_the_backup-micro_sec
$ tree -a backup/`pwd`
backup//Users/sawanoboriyu/github/opsrockin/lwrp_http_userdb
└── var
└── www
└── site1
├── .htpasswd.chef-20130908010118.944651
└── .htpasswd.chef-20130908010118.947960
3 directories, 2 files
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment