From 7192c3dc4c625a9e692927f34dcc3fd05d6e72ee Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Wed, 2 Oct 2013 18:55:40 +0200
Subject: [PATCH] Create a MySQL database, generate a random password and load
 the feed table structure

---
 createlinks                                   |  1 +
 .../configuration/defaults/ajaxplorer/DbName  |  1 +
 .../configuration/defaults/ajaxplorer/DbUser  |  1 +
 .../configuration/migrate/ajaxplorer-database | 27 +++++++++++
 .../templates/etc/e-smith/sql/init/ajaxplorer | 46 +++++++++++++++++++
 5 files changed, 76 insertions(+)
 create mode 100644 root/etc/e-smith/db/configuration/defaults/ajaxplorer/DbName
 create mode 100644 root/etc/e-smith/db/configuration/defaults/ajaxplorer/DbUser
 create mode 100644 root/etc/e-smith/db/configuration/migrate/ajaxplorer-database
 create mode 100644 root/etc/e-smith/templates/etc/e-smith/sql/init/ajaxplorer

diff --git a/createlinks b/createlinks
index 3167bc6..15f0b48 100644
--- a/createlinks
+++ b/createlinks
@@ -6,6 +6,7 @@ templates2events("/etc/ajaxplorer/bootstrap_plugins.php", qw(webapps-update boot
 templates2events("/var/cache/ajaxplorer/diag_result.php", qw(webapps-update bootstrap-console-save));
 templates2events("/var/cache/ajaxplorer/first_run_passed", qw(webapps-update bootstrap-console-save));
 templates2events("/var/cache/ajaxplorer/admin_counted", qw(webapps-update bootstrap-console-save));
+templates2events("/etc/e-smith/sql/init/ajaxplorer", qw(webapps-update bootstrap-console-save));
 templates2events("/etc/ajaxplorer/bootstrap_repositories.php", qw(webapps-update bootstrap-console-save share-create share-delete share-modify share-modify-servers));
 templates2events("/var/lib/ajaxplorer/plugins/auth.serial/roles.ser", qw(webapps-update bootstrap-console-save share-create share-delete share-modify share-modify-servers));
 templates2events("/var/lib/ajaxplorer/plugins/auth.serial/users.ser", qw(webapps-update bootstrap-console-save user-create user-delete));
diff --git a/root/etc/e-smith/db/configuration/defaults/ajaxplorer/DbName b/root/etc/e-smith/db/configuration/defaults/ajaxplorer/DbName
new file mode 100644
index 0000000..705e971
--- /dev/null
+++ b/root/etc/e-smith/db/configuration/defaults/ajaxplorer/DbName
@@ -0,0 +1 @@
+ajaxplorer
diff --git a/root/etc/e-smith/db/configuration/defaults/ajaxplorer/DbUser b/root/etc/e-smith/db/configuration/defaults/ajaxplorer/DbUser
new file mode 100644
index 0000000..705e971
--- /dev/null
+++ b/root/etc/e-smith/db/configuration/defaults/ajaxplorer/DbUser
@@ -0,0 +1 @@
+ajaxplorer
diff --git a/root/etc/e-smith/db/configuration/migrate/ajaxplorer-database b/root/etc/e-smith/db/configuration/migrate/ajaxplorer-database
new file mode 100644
index 0000000..3744447
--- /dev/null
+++ b/root/etc/e-smith/db/configuration/migrate/ajaxplorer-database
@@ -0,0 +1,27 @@
+{
+    my $rec = $DB->get('ajaxplorer')
+        || $DB->new_record('ajaxplorer', {type => 'webapp'});
+    my $pw = $rec->prop('DbPassword');
+    if (not $pw or length($pw) < 57){
+        use MIME::Base64 qw(encode_base64);
+
+        $pw = "not set due to error";
+        if ( open( RANDOM, "/dev/urandom" ) ){
+            my $buf;
+            # 57 bytes is a full line of Base64 coding, and contains
+            # 456 bits of randomness - given a perfectly random /dev/random
+            if ( read( RANDOM, $buf, 57 ) != 57 ){
+                warn("Short read from /dev/random: $!");
+            }
+            else{
+                $pw = encode_base64($buf);
+                chomp $pw;
+            }
+            close RANDOM;
+        }
+        else{
+            warn "Could not open /dev/urandom: $!";
+        }
+        $rec->set_prop('DbPassword', $pw);
+    }
+}
diff --git a/root/etc/e-smith/templates/etc/e-smith/sql/init/ajaxplorer b/root/etc/e-smith/templates/etc/e-smith/sql/init/ajaxplorer
new file mode 100644
index 0000000..7506d85
--- /dev/null
+++ b/root/etc/e-smith/templates/etc/e-smith/sql/init/ajaxplorer
@@ -0,0 +1,46 @@
+{
+my $db = ${'ajaxplorer'}{'DbName'} || 'ajaxplorer';
+my $user = ${'ajaxplorer'}{'DbUser'} || 'ajaxplorer';
+my $pass = ${'ajaxplorer'}{'DbPassword'} || 'secret';
+
+my $feed = "/usr/share/ajaxplorer/plugins/feed.sql/create.sql";
+
+$OUT .= <<"END";
+#! /bin/sh
+if [ ! -d /var/lib/mysql/$db ]; then
+        /usr/bin/mysql -e 'create database $db'
+        /usr/bin/mysql $db < $feed
+fi
+
+/usr/bin/mysql <<EOF
+USE mysql;
+
+REPLACE INTO user (  
+                     host,
+                     user,
+                     password)
+            VALUES ( 
+                     'localhost',
+                     '$user',
+                     PASSWORD ('$pass'));
+
+
+REPLACE INTO db (  
+                   host,
+                   db,
+                   user,
+                   select_priv, insert_priv, update_priv, delete_priv,
+                   create_priv, alter_priv, index_priv, drop_priv, create_tmp_table_priv,
+                   grant_priv, lock_tables_priv, references_priv)
+          VALUES ( 
+                   'localhost',
+                   '$db',
+                   '$user',
+                   'Y', 'Y', 'Y', 'Y',
+                   'Y', 'Y', 'Y', 'Y', 'Y',
+                   'N', 'Y', 'Y');
+
+FLUSH PRIVILEGES;
+EOF
+END
+}