sompani-toolbox/src/com/sompani/onboarding.clj

(ns com.sompani.onboarding
  (:require [clojure.java.shell :as sh]
            [clojure.java.io :as io]
            [clojure.string :as str]
            [vault.core :as vault]
            vault.client.http
            [clj-http.client :as http]
            [cljstache.core :as cljstache]
            [taoensso.timbre :as timbre
             :refer [log  trace  debug  info  warn  error  fatal  report
                     logf tracef debugf infof warnf errorf fatalf reportf
                     spy get-env]])
  (:import (java.nio.file Files
                          LinkOption)
           (java.nio.file.attribute PosixFileAttributeView)))

(def vault-client (vault/new-client "http://127.0.0.1:8200"))

;; # Webserver configuration

(defn- set-owner [path owner]
  (->
   (Files/getFileAttributeView path PosixFileAttributeView LinkOption/NOFOLLOW_LINKS)
   (.setOwner owner)))

(defn- set-group [path group]
  (->
   (Files/getFileAttributeView path PosixFileAttributeView LinkOption/NOFOLLOW_LINKS)
   (.setGroup group)))

(defn make-dirs! [{:keys [company-name]}]
  (let [attrs (Files/readAttributes (.toPath (io/file "srv/http/www.sompani.com"))
                                    PosixFileAttributeView
                                    LinkOption/NOFOLLOW_LINKS)
        group (.group attrs)
        owner (.owner attrs)]
    (doseq [dir-str ["/srv/http/staging.%s.talent.careers-cache"
                     "/srv/http/staging.%s.talent.careers-logs"
                     "/srv/http/staging.%s.talent.careers-sessions"
                     "/srv/http/staging.%s.talent.careers-uploads"
                     "/srv/http/staging.%s.talent.careers.1234"
                     "/srv/http/%s.talent.careers-cache"
                     "/srv/http/%s.talent.careers-logs"
                     "/srv/http/%s.talent.careers-sessions"
                     "/srv/http/%s.talent.careers-uploads"
                     "/srv/http/%s.talent.careers.1234"]
            :let [dir (.toPath (io/file (format dir-str company-name)))]]
      (Files/createDirectory dir nil)
      (set-owner dir owner)
      (set-group dir group)
      )
    (let [link (.toPath (io/file (format "/srv/http/staging.%s.talent.careers" company-name)))]
      (Files/createSymbolicLink link
                                (.toPath (io/file (format "/srv/http/staging.%s.talent.careers-1234" company-name)))
                                nil)
      (set-owner link owner)
      (set-group link group))

    (let [link (.toPath (io/file (format "/srv/http/%s.talent.careers" company-name)))]
      (Files/createSymbolicLink link
                                (.toPath (io/file (format "/srv/http/%s.talent.careers-1234" company-name)))
                                nil)
      (set-owner link owner)
      (set-group link group))))

(defn create-nginx-server! [datamap]
  (doseq [file ["resources/nginx/skel.talent.careers"
                "resources/nginx/staging.skel.talent.careers"]
          :let [out-file (format "/etc/nginx/servers-available/%s" (str/replace file #"skel" (:company-name datamap)))]]
    (info "using template" file "to create" out-file)
    (-> (slurp file)
        (cljstache/render datamap)
        (spit out-file))))

;; # DNS configuration

;; ## Basic cloudflare entries

(defn basic-dns-entries [company-name]
  [{:type "A" :name company-name :content "185.163.117.139"}
   {:type "A" :name (format "staging.%s" company-name) :content "185.163.117.139"}
   {:type "AAAA" :name company-name :content "2a03:4000:3b:2bb:18ea:e0ff:fe8c:aa9a"}
   {:type "AAAA" :name (format "staging.%s" company-name) :content "2a03:4000:3b:2bb:18ea:e0ff:fe8c:aa9a"}
   {:type "MX" :name company-name :content "mx.yandex.net."}
   {:type "MX" :name (format "m.%s.talent.careers" company-name) :content "feedback-smtp.eu-west-1.amazonses.com"}
   {:type "TXT" :name (format "m.%s.talent.careers" company-name) :content "v=spf1 include:amazonses.com ~all"}])

(defn make-basic-dns-entries! [{:keys [company-name]}]
  (let [uri "https://api.cloudflare.com/client/v4/zones/5cd643e7432d7cf69f44e268e32b5452/dns_records"
        headers {"Authorization" (str "Bearer " (:token (vault/read-secret vault-client "secret/cloudflare-api")))}
        entries (basic-dns-entries company-name)]
    (debug "Creating DNS entries for" company-name "; Headers: " headers)
    (doseq [entry entries]
      (info (http/post uri
                       {:headers headers
                        :content-type :json
                        :form-params entry})))))

(defn -main [& args]
  (let [datamap {:company-name (nth args 0)
                 :company-suffix (nth args 1)}]
    (vault/authenticate! vault-client :token (System/getenv "VAULT_TOKEN"))
    (info "Creating deploy directories.")
    (make-dirs! datamap)
    (info "Creating basic DNS entries.")
    (make-basic-dns-entries! datamap)
    (info "Creating nginx entries.")
    (create-nginx-server! datamap)
    (info "Done.")))