111 lines
4.8 KiB
Clojure
111 lines
4.8 KiB
Clojure
(ns com.sompani.onboarding
|
|
(:require [clojure.java.shell :as sh]
|
|
[clojure.java.io :as io]
|
|
[clojure.string :as str]
|
|
[vault.core :as vault]
|
|
vault.client.http
|
|
[clj-http.client :as http]
|
|
[cljstache.core :as cljstache]
|
|
[taoensso.timbre :as timbre
|
|
:refer [log trace debug info warn error fatal report
|
|
logf tracef debugf infof warnf errorf fatalf reportf
|
|
spy get-env]])
|
|
(:import (java.nio.file Files
|
|
LinkOption)
|
|
(java.nio.file.attribute PosixFileAttributeView)))
|
|
|
|
(def vault-client (vault/new-client "http://127.0.0.1:8200"))
|
|
|
|
;; # Webserver configuration
|
|
|
|
(defn- set-owner [path owner]
|
|
(->
|
|
(Files/getFileAttributeView path PosixFileAttributeView LinkOption/NOFOLLOW_LINKS)
|
|
(.setOwner owner)))
|
|
|
|
(defn- set-group [path group]
|
|
(->
|
|
(Files/getFileAttributeView path PosixFileAttributeView LinkOption/NOFOLLOW_LINKS)
|
|
(.setGroup group)))
|
|
|
|
(defn make-dirs! [{:keys [company-name]}]
|
|
(let [attrs (Files/readAttributes (.toPath (io/file "srv/http/www.sompani.com"))
|
|
PosixFileAttributeView
|
|
LinkOption/NOFOLLOW_LINKS)
|
|
group (.group attrs)
|
|
owner (.owner attrs)]
|
|
(doseq [dir-str ["/srv/http/staging.%s.talent.careers-cache"
|
|
"/srv/http/staging.%s.talent.careers-logs"
|
|
"/srv/http/staging.%s.talent.careers-sessions"
|
|
"/srv/http/staging.%s.talent.careers-uploads"
|
|
"/srv/http/staging.%s.talent.careers.1234"
|
|
"/srv/http/%s.talent.careers-cache"
|
|
"/srv/http/%s.talent.careers-logs"
|
|
"/srv/http/%s.talent.careers-sessions"
|
|
"/srv/http/%s.talent.careers-uploads"
|
|
"/srv/http/%s.talent.careers.1234"]
|
|
:let [dir (.toPath (io/file (format dir-str company-name)))]]
|
|
(Files/createDirectory dir nil)
|
|
(set-owner dir owner)
|
|
(set-group dir group)
|
|
)
|
|
(let [link (.toPath (io/file (format "/srv/http/staging.%s.talent.careers" company-name)))]
|
|
(Files/createSymbolicLink link
|
|
(.toPath (io/file (format "/srv/http/staging.%s.talent.careers-1234" company-name)))
|
|
nil)
|
|
(set-owner link owner)
|
|
(set-group link group))
|
|
|
|
(let [link (.toPath (io/file (format "/srv/http/%s.talent.careers" company-name)))]
|
|
(Files/createSymbolicLink link
|
|
(.toPath (io/file (format "/srv/http/%s.talent.careers-1234" company-name)))
|
|
nil)
|
|
(set-owner link owner)
|
|
(set-group link group))))
|
|
|
|
(defn create-nginx-server! [datamap]
|
|
(doseq [file ["resources/nginx/skel.talent.careers"
|
|
"resources/nginx/staging.skel.talent.careers"]
|
|
:let [out-file (format "/etc/nginx/servers-available/%s" (str/replace file #"skel" (:company-name datamap)))]]
|
|
(info "using template" file "to create" out-file)
|
|
(-> (slurp file)
|
|
(cljstache/render datamap)
|
|
(spit out-file))))
|
|
|
|
;; # DNS configuration
|
|
|
|
;; ## Basic cloudflare entries
|
|
|
|
(defn basic-dns-entries [company-name]
|
|
[{:type "A" :name company-name :content "185.163.117.139"}
|
|
{:type "A" :name (format "staging.%s" company-name) :content "185.163.117.139"}
|
|
{:type "AAAA" :name company-name :content "2a03:4000:3b:2bb:18ea:e0ff:fe8c:aa9a"}
|
|
{:type "AAAA" :name (format "staging.%s" company-name) :content "2a03:4000:3b:2bb:18ea:e0ff:fe8c:aa9a"}
|
|
{:type "MX" :name company-name :content "mx.yandex.net."}
|
|
{:type "MX" :name (format "m.%s.talent.careers" company-name) :content "feedback-smtp.eu-west-1.amazonses.com"}
|
|
{:type "TXT" :name (format "m.%s.talent.careers" company-name) :content "v=spf1 include:amazonses.com ~all"}])
|
|
|
|
(defn make-basic-dns-entries! [{:keys [company-name]}]
|
|
(let [uri "https://api.cloudflare.com/client/v4/zones/5cd643e7432d7cf69f44e268e32b5452/dns_records"
|
|
headers {"Authorization" (str "Bearer " (:token (vault/read-secret vault-client "secret/cloudflare-api")))}
|
|
entries (basic-dns-entries company-name)]
|
|
(debug "Creating DNS entries for" company-name "; Headers: " headers)
|
|
(doseq [entry entries]
|
|
(info (http/post uri
|
|
{:headers headers
|
|
:content-type :json
|
|
:form-params entry})))))
|
|
|
|
(defn -main [& args]
|
|
(let [datamap {:company-name (nth args 0)
|
|
:company-suffix (nth args 1)}]
|
|
(vault/authenticate! vault-client :token (System/getenv "VAULT_TOKEN"))
|
|
(info "Creating deploy directories.")
|
|
(make-dirs! datamap)
|
|
(info "Creating basic DNS entries.")
|
|
(make-basic-dns-entries! datamap)
|
|
(info "Creating nginx entries.")
|
|
(create-nginx-server! datamap)
|
|
(info "Done.")))
|
|
|