164 lines
5.2 KiB
Markdown
164 lines
5.2 KiB
Markdown
# | nix-amer |
|
|
|
|
[![Go version](https://img.shields.io/badge/go_version-1.11-blue.svg)](https://golang.org/doc/go1.11)
|
|
[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
|
|
[![Go Report Card](https://goreportcard.com/badge/git.xdrm.io/go/nix-amer)](https://goreportcard.com/report/git.xdrm.io/go/nix-amer)
|
|
[![Go doc](https://godoc.org/git.xdrm.io/go/nix-amer?status.svg)](https://godoc.org/git.xdrm.io/go/nix-amer)
|
|
|
|
```yaml
|
|
name: nix-amer
|
|
version: 0.1.0
|
|
description: Configuration automation tool
|
|
author: xdrm-brackets
|
|
```
|
|
|
|
>Need to automate the setup of your linux server or desktop ? This tool is made for you.
|
|
|
|
|
|
|
|
[TOC]
|
|
|
|
|
|
|
|
----
|
|
|
|
|
|
|
|
### I. Build Format
|
|
|
|
Your whole setup remains in 1 only build file. Each line contains one instruction, the list of instructions is listed below.
|
|
|
|
|
|
|
|
#### 1) package management
|
|
|
|
These instructions allow you to interact with the package system available on your system.
|
|
|
|
```
|
|
ins <packages>
|
|
```
|
|
Install the listed packages. If more than one, use spaces to separate package names.
|
|
|
|
```
|
|
del <packages>
|
|
```
|
|
Remove the listed packages. If more than one, use spaces to separate package names.
|
|
|
|
|
|
|
|
#### 3) update configuration files
|
|
|
|
This instruction allow you to update configuration files without the need of an editor and in a developer-readable manner.
|
|
|
|
```
|
|
cnf <expr> <content>
|
|
```
|
|
Update a configuration file where \<expr\> is a dot-separated human-readable [path expression](#ii-path-expressions) and \<content\> is a string or a file. If a string is given, it will <u>override/add the field</u> ; if a file is given the configuration file will be <u>replaced</u> by it.
|
|
|
|
|
|
```
|
|
cnf <expr>
|
|
```
|
|
Remove a configuration field matching the \<expr\> path.
|
|
|
|
|
|
|
|
|
|
#### 4) service management
|
|
|
|
These instructions allow you to interact with the service system (_cf. systemd_).
|
|
|
|
```
|
|
ser [enable|start|stop|restart|reload] <services>
|
|
```
|
|
Perform the action on services. If more than one, use spaces to separate service names.
|
|
|
|
|
|
|
|
#### 5) custom scripts
|
|
|
|
These instructions allow you to use custom scripts for complex operations.
|
|
|
|
```
|
|
run <script>
|
|
```
|
|
|
|
Execute the \<script\> file.
|
|
|
|
|
|
|
|
----
|
|
|
|
|
|
|
|
### II. Path Expressions
|
|
|
|
The syntax is pretty fast-forward, it uses 2 levels (file, fields) to find your configuration line : `location/path@field.path`.
|
|
|
|
| Field | Description | Example |
|
|
| --------- | :----------------------------------- | -------------------------- |
|
|
| `location/path` | Path to the configuration file to edit. The file will be created if not found. | `/etc/ssh/sshd_config`, `/etc/nginx/nginx.conf`, `/etc/nginx/sites-available/default` |
|
|
| `field.path` | Dot-separated chain of strings that match a configuration field. If **omitted**, the \<value\> will just be added at the end of the configuration file. In the same way if the field does not point to a raw field but a parent or group containing fields, the \<value\> will be added to the group. | `/etc/ssh/sshd_config@AllowGroups`, `/etc/nginx/nginx.conf@http.gzip` |
|
|
|
|
> When a file is given as \<content\>, the `cnf` command acts as the shell command `mv` (copy).
|
|
|
|
|
|
|
|
#### File Formats
|
|
|
|
Configuration files can be written according to some standards or application-specific syntax. This tool uses standard and third-party to parse the following formats :
|
|
|
|
- [xml](https://fr.wikipedia.org/wiki/Extensible_Markup_Language) and [json](https://json.org/) are read/written using the go standard library (_cf. [json](https://golang.org/pkg/encoding/json/), [xml](https://golang.org/pkg/encoding/xml/)_).
|
|
|
|
> xml to do ; complex structure the library outputs (attributes vs. content) to understand better
|
|
|
|
- [yaml](https://en.wikipedia.org/wiki/YAML) with [go-yaml/yaml](https://github.com/go-yaml/yaml).
|
|
- [ini](https://en.wikipedia.org/wiki/INI_file) with [go-ini/ini](https://github.com/go-ini/ini).
|
|
- <strike>[toml](https://en.wikipedia.org/wiki/TOML)</strike> with [BurntSushi/toml](https://github.com/BurntSushi/toml).
|
|
|
|
> not consistent ; overriding a toml file with this can mess with comments and duplicate sections. Also there is type inference to do (strings are surrounded with `"`, there is `true`, `false`, etc)
|
|
|
|
- [nginx configurations](https://docs.nginx.com/nginx/admin-guide/basic-functionality/managing-configuration-files/) with [lytics/confl](https://github.com/lytics/confl).
|
|
|
|
> for now it does not work with real nginx configuration files ; must create my own driver to keep syntax and comments in place
|
|
|
|
- _and more to come..._
|
|
|
|
|
|
|
|
----
|
|
|
|
## Example
|
|
|
|
_myserver.build_
|
|
|
|
```
|
|
sys name ubuntu # required to choose which
|
|
sys version 18.4 # package-manager to use
|
|
|
|
[install]
|
|
upd
|
|
ins nginx ssh sslh
|
|
|
|
[nginx]
|
|
cnf /etc/nginx/nginx.conf@http.gzip on
|
|
cnf /etc/nginx/sites-available/new-site ./localConfFile
|
|
ser enable nginx
|
|
ser start nginx
|
|
|
|
[sshd]
|
|
cnf /etc/ssh/sshd_config@PermitRootLogin no
|
|
cnf /etc/ssh/sshd_config@PermitEmptyPasswords no
|
|
cnf /etc/ssh/sshd_config@StrictModes yes
|
|
cnf /etc/ssh/sshd_config@Port 22
|
|
ser enable sshd
|
|
ser enable ssh
|
|
|
|
[sslh]
|
|
cnf /etc/default/sslh@RUN yes
|
|
cnf /etc/default/sslh@DEAMON_OPTS "--user sslh --listen 0.0.0.0:443 --ssh 127.0.0.1:22 --ssl 127.0.0.1:44300 --pidfile /var/run/sslh/sslh.pid"
|
|
ser enable sslh
|
|
ser start sslh
|
|
```
|
|
|