dyokunev
/
openstack-gateway


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137
							#!/bin/bash
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin

ZONE="private.os.mephi.ru"
ZONE_PUBLIC="public.os.mephi.ru"
MY_IP=85.143.112.100

DOMAIN_ID=$(mysql --defaults-file=/etc/mysql/debian.cnf pdns -Ne "SELECT id FROM domains WHERE name='$ZONE'")
cd ~/reload-instance-list-workdir
CURRENT_INSTANCES=($(~/go/bin/openstack-instance-list | sort))

OLD_HASH="$(cat /run/reload-instance-list.sh.hash)"
CURRENT_HASH="$(echo "$CURRENT_INSTANCES" | md5sum | awk '{print $1}')"

if [ "$CURRENT_HASH" = "$OLD_HASH" ]; then
	exit
fi
echo "$CURRENT_HASH" > /run/reload-instance-list.sh.hash
timeout 600 lockfile-create /run/reload-instance-list.sh.lock
trap 'lockfile-remove /run/reload-instance-list.sh.lock' SIGINT SIGTERM SIGHUP SIGQUIT SIGALRM SIGILL SIGABRT SIGPIPE EXIT

oldIFS="$IFS"

# updating the domain zone

declare -A OLD_IDS_IP
declare -A OLD_IDS_ID

for LINE in $(pdnsutil list-zone "$ZONE" 2>/dev/null | sed -e "s/\\.$ZONE//g" | tr "\t" "@"); do
	IFS="@"; WORDS=($LINE); IFS="$oldIFS"
	ID="${WORDS[0]}"
	IP="${WORDS[4]}"
	if [ "$IP" = '' ]; then
		continue
	fi
	if [ "$ID" = "$ZONE" ]; then
		continue
	fi
	OLD_IDS_IP[$ID]="$IP"
	OLD_IDS_ID[$ID]="$ID"
done

for LINE in ${CURRENT_INSTANCES[@]}; do
	IFS=","; WORDS=($LINE); IFS="$oldIFS"
	ID="${WORDS[0]}"
	IP="${WORDS[1]}"
	if [ "${OLD_IDS_IP[$ID]}" = '' ]; then
		pdnsutil add-record "$ZONE" "$ID" A "$IP"
		continue
	fi
	if [ "${OLD_IDS_IP[$ID]}" != "$IP" ]; then
		mysql --defaults-file=/etc/mysql/debian.cnf pdns -Ne "DELETE FROM records WHERE domain_id='$DOMAIN_ID' AND name='$ID.$ZONE'"
		pdnsutil add-record "$ZONE" "$ID" A "$IP"
	fi
	OLD_IDS_IP[$ID]=""
	OLD_IDS_ID[$ID]=""
done

for OLD_ID in ${OLD_IDS_ID[@]}; do
	if [ "$OLD_ID" = '' ]; then
		continue
	fi
	mysql --defaults-file=/etc/mysql/debian.cnf pdns -Ne "DELETE FROM records WHERE domain_id='$DOMAIN_ID' AND name='$OLD_ID.$ZONE'"
done

# generating the certificate

GENCERT_ARGS=()

for LINE in ${CURRENT_INSTANCES[@]}; do
	IFS=","; WORDS=($LINE); IFS="$oldIFS"
	ID="${WORDS[0]}"
	GENCERT_ARGS+=" -d ${ID}.${ZONE_PUBLIC} "
done

for LINE in $(cat /etc/webaliases); do
	IFS=":"; WORDS=($LINE); IFS="$oldIFS"
	HOST="${WORDS[0]}"
	GENCERT_ARGS+=" -d ${HOST} "
done

/root/bin/generate-certificate.sh ${GENCERT_ARGS[@]}

# generating haproxy config

	cat > /etc/haproxy/gen-conf.d/050-frontends.conf <<EOF

# Automatically generated frontend configuration:

EOF
	cat > /etc/haproxy/gen-conf.d/060-backends.conf <<EOF

# Automatically generated backends configuration:

EOF

for LINE in ${CURRENT_INSTANCES[@]}; do
	IFS=","; WORDS=($LINE); IFS="$oldIFS"
	ID="${WORDS[0]}"
	IP="${WORDS[1]}"

	cat >> /etc/haproxy/gen-conf.d/050-frontends.conf <<EOF
	acl host_${ID} hdr(host) -i ${ID}.${ZONE}
	acl host_${ID} hdr(host) -i ${ID}.${ZONE_PUBLIC}
	use_backend backend_${ID} if host_${ID}
EOF
	cat >> /etc/haproxy/gen-conf.d/060-backends.conf <<EOF
backend backend_${ID}
	mode http
	server primary ${IP}:80
EOF
	#option httpchk GET / "HTTP/1.0\r\nX-Forwarded-Proto: https"
	#option redispatch
	#http-send-name-header Host
	#http-check expect rstatus ((2|3)[0-9][0-9]|40[13])
	#server primary 192.168.3.132:80 check inter 25s
	#server backup0 192.168.0.132:80 check backup inter 25s
	#server backup1 192.168.1.132:80 check backup inter 25s
done

for LINE in $(cat /etc/webaliases); do
	IFS=":"; WORDS=($LINE); IFS="$oldIFS"
	HOST="${WORDS[0]}"
	ID="${WORDS[1]}"
	IP="$(host "$HOST" | awk '{if($2=="has" && $3=="address"){print $4}}')"

	if [ "$IP" != "$MY_IP" ]; then
		continue
	fi

	cat >> /etc/haproxy/gen-conf.d/050-frontends.conf <<EOF
	acl host_${ID} hdr(host) -i ${HOST}
EOF
done

cat /etc/haproxy/gen-conf.d/* > /etc/haproxy/haproxy.cfg