From ca7139c9c959f06cf0db4f852fd74680070ac58f Mon Sep 17 00:00:00 2001
From: Peter Palfrader <peter@palfrader.org>
Date: Mon, 2 Jan 2017 11:42:02 +0100
Subject: do ferm/iptables stuff better

---
 Push | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

(limited to 'Push')

diff --git a/Push b/Push
index 40303bd..3c4bd7d 100755
--- a/Push
+++ b/Push
@@ -81,6 +81,7 @@ hosts.each{ |hostname|
 	do_iptables = nil
 	do_ip6tables = nil
 	do_quagga = nil
+	do_ferm = nil
 	remote.each_pair{|f,h|
 		if ! local.has_key?(f)
 			delete << f
@@ -96,6 +97,8 @@ hosts.each{ |hostname|
 				do_iptables = f
 			elsif f =~ /\.ip6tables\.sh$/
 				do_ip6tables = f
+			elsif f =~ /\.ferm$/
+				do_ferm = f
 			elsif f =~ /\.quagga\.(bgpd|zebra|daemons)$/
 				do_quagga = true
 			elsif f =~ /\.conf$/
@@ -107,11 +110,12 @@ hosts.each{ |hostname|
 	dir = "#{$NAMESPACE}-#{hostname}/"
 	sys("scp -4 "+copy.collect{|f| dir+f }.join(' ')+" root@#{ssh_hostname}:/etc/openvpn/") if copy.size > 0
 	commands = []
-	commands << "sh ./#{do_iptables} &&\n"                                if do_iptables
-	commands << "sh ./#{do_ip6tables} &&\n"                               if do_ip6tables
+	commands << "[ -e /etc/ferm/ferm.conf ] || sh ./#{do_iptables} &&\n"           if do_iptables
+	commands << "[ -e /etc/ferm/ferm.conf ] || sh ./#{do_ip6tables} &&\n"          if do_ip6tables
+	commands << "(! [ -e /etc/ferm/ferm.conf ] || ferm /etc/ferm/ferm.conf ) &&\n" if do_ferm
 	#commands << "/etc/init.d/openvpn stop "+stop.join(' ')+"  &&\n"       if stop.size > 0
 	#commands << "/etc/init.d/openvpn restart "+restart.join(' ')+" && \n" if restart.size > 0
-	commands << "(systemctl daemon-reload || true ) && \n"
+	commands << "([ -e /bin/systemctl ] && systemctl daemon-reload || true ) && \n"
 	commands << "service openvpn restart && \n" if restart.size > 0 or stop.size > 0
 	commands << "rm "+delete.join(' ')+" &&\n"                            if delete.size > 0
 	command = "cd /etc/openvpn && \n";
@@ -124,7 +128,6 @@ hosts.each{ |hostname|
 		                                  cp -a /etc/openvpn/#{$NAMESPACE}.quagga.daemons /etc/quagga/daemons &&
 		                                  chmod 640 /etc/quagga/bgpd.conf /etc/quagga/zebra.conf &&
 		                                  chgrp quagga /etc/quagga/bgpd.conf /etc/quagga/zebra.conf &&
-		                                  service quagga restart &&
-		                                  ( ! [ -e /etc/ferm/ferm.conf ] || ferm /etc/ferm/ferm.conf )'")
+		                                  service quagga restart'")
 	end
 }
-- 
cgit v1.2.3