From ca7a2ed839f8fec5a7d7abbf50fc2c031f192fb5 Mon Sep 17 00:00:00 2001 From: onefang Date: Wed, 22 May 2019 19:14:35 +1000 Subject: Major tweaking of the scripts to suit the new setup. --- scripts/backup-sims.sh | 4 +-- scripts/common.sh | 3 ++- scripts/install/create_sim.sh | 55 +++++++++++++++++++------------------- scripts/install/go_live.sh | 2 +- scripts/install/opensim-monit.conf | 17 ++++-------- scripts/install/secure.sh | 20 ++++++++++++++ scripts/start-sim | 18 ++++++------- 7 files changed, 66 insertions(+), 53 deletions(-) create mode 100755 scripts/install/secure.sh (limited to 'scripts') diff --git a/scripts/backup-sims.sh b/scripts/backup-sims.sh index b14acca..cadb9a2 100755 --- a/scripts/backup-sims.sh +++ b/scripts/backup-sims.sh @@ -6,9 +6,9 @@ getPrgDir for i in $(seq -w 1 99) do j=$(num2name ${i}) - if [ -e "${PRGDIR}/../config/${j}" ] + if [ -e "${PRGDIR}/../../config/${j}" ] then - pushd ${PRGDIR}/../config/${j} >/dev/null + pushd ${PRGDIR}/../../config/${j} >/dev/null # Find out the size of the last backup, base our later sleep on that, but do it now before backup-sim packs it away. sizeSleep=`sleepPerSize o "$(getSimName ${i})"` ./backup-sim diff --git a/scripts/common.sh b/scripts/common.sh index 2ec19ce..c5a86ab 100755 --- a/scripts/common.sh +++ b/scripts/common.sh @@ -1,5 +1,7 @@ #!/bin/echo Don't run this file, it's for common functions." +OS_PATH="/opt/opensim_SC" +OS_USER="opensimsc" # Figure out where we are, most of this mess is to troll through soft links. # PRGDIR=$(getPrgDir) @@ -73,4 +75,3 @@ sleepPerSize() echo 200 fi } - diff --git a/scripts/install/create_sim.sh b/scripts/install/create_sim.sh index 0681067..08cedba 100755 --- a/scripts/install/create_sim.sh +++ b/scripts/install/create_sim.sh @@ -1,6 +1,6 @@ #!/bin/bash -source common.sh +source ../common.sh getPrgDir NAME=$1 @@ -9,8 +9,7 @@ URL=$3 IP=$4 SIZE=$5 -OSPATH="/opt/opensim" -cd $OSPATH/config +cd ${OS_PATH}/config k=0 for i in $(seq -w 1 99) @@ -22,38 +21,37 @@ do fi done -if [ "x$NAME" = "x" ] +if [ "x${NAME}" = "x" ] then NAME="No name sim $RANDOM" # Should be unique per grid. - echo "WARNING setting the sim name to [$NAME], this may not be what you want." + echo "WARNING setting the sim name to [${NAME}], this may not be what you want." fi # Sanitize the name. Not removing [ or ], couldn't get that to work, only important for Windows. -sim=$(sanitize $NAME) +sim=$(sanitize ${NAME}) -if [ "x$LOCATION" = "x" ] +if [ "x${LOCATION}" = "x" ] then LOCATION="$RANDOM,$RANDOM" # again UNIQUE (i.e. ONLY ONE) per grid in THIS case! - echo "WARNING setting the Location to $LOCATION, this may not be what you want." + echo "WARNING setting the Location to ${LOCATION}, this may not be what you want." fi -if [ "x$IP" = "x" ] +if [ "x${IP}" = "x" ] then - # 0.0.0.0 will work for a single sim per physical machine, otherwise we need the real internal IP. IP="0.0.0.0" - echo "WARNING setting the InternalAddress to $IP, this may not be what you want." + echo "WARNING setting the InternalAddress to ${IP}, this may not be what you want." # echo " 0.0.0.0 will work for a single sim per physical machine, otherwise we need the real internal IP." # According to the OpenSim docs, 0.0.0.0 means to listen on all NICs the machine has, which should work fine. fi -if [ "x$URL" = "x" ] +if [ "x${URL}" = "x" ] then # Here we make use of an external IP finding service. Careful, it may move. # URL=$(wget -q http://automation.whatismyip.com/n09230945.asp -O -) # URL is best (without the HTTP://), but IP (e.g. 88.109.81.55) works too. URL="SYSTEMIP" - echo "WARNING setting the ExternalHostName to $URL, this may not be what you want." + echo "WARNING setting the ExternalHostName to ${URL}, this may not be what you want." fi -if [ "x$SIZE" = "x" ] +if [ "x${SIZE}" = "x" ] then SIZE="256" fi @@ -68,29 +66,30 @@ fi PORT=$(( 9005 + (10#$k * 5) )) # 9002 is used for HTTP/UDP so START with port 9003! CAUTION Diva/D2 starts at port 9000. UUID=$(uuidgen) -echo "Creating sim$NUM on port $PORT @ $LOCATION - $NAME." +echo "Creating sim${NUM} on port ${PORT} @ ${LOCATION} - ${NAME}." -cp -r sim_skeleton sim$NUM +cp -r sim_skeleton sim${NUM} -cd sim$NUM +cd sim${NUM} mv My_sim.xml ${sim}.xml -sed -i "s@SIM_NAME@$NAME@g" ${sim}.xml -sed -i "s@SIM_UUID@$UUID@g" ${sim}.xml -sed -i "s@SIM_POS@$LOCATION@g" ${sim}.xml -sed -i "s@SIM_IP@$IP@g" ${sim}.xml -sed -i "s@SIM_INT_PORT@$(( $PORT + 1 ))@g" ${sim}.xml -sed -i "s@SIM_URL@$URL@g" ${sim}.xml -sed -i "s@SIM_SIZE@$SIZE@g" ${sim}.xml +sed -i "s@SIM_NAME@${NAME}@g" ${sim}.xml +sed -i "s@SIM_UUID@${UUID}@g" ${sim}.xml +sed -i "s@SIM_POS@${LOCATION}@g" ${sim}.xml +sed -i "s@SIM_IP@${IP}@g" ${sim}.xml +sed -i "s@SIM_INT_PORT@$(( ${PORT} + 1 ))@g" ${sim}.xml +sed -i "s@SIM_URL@${URL}@g" ${sim}.xml +sed -i "s@SIM_SIZE@${SIZE}@g" ${sim}.xml ln -s ../../current/scripts/common.sh common.sh ln -s ../../current/scripts/start-sim start-sim cp -P start-sim backup-sim cp -P start-sim stop-sim -sed -i "s@SIM_NUMBER@$NUM@g" ThisSim.ini -sed -i "s@SIM_PORT@$PORT@g" ThisSim.ini +sed -i "s@SIM_NUMBER@${NUM}@g" ThisSim.ini +sed -i "s@SIM_PORT@${PORT}@g" ThisSim.ini -sed -i "s@SIM_NUMBER@$NUM@g" opensim-monit.conf +sed -i "s@OS_PATH@${OS_PATH}@g" opensim-monit.conf +sed -i "s@SIM_NUMBER@${NUM}@g" opensim-monit.conf -sudo chown -R opensim:opensim .. +sudo chown -R ${OS_USER}:${OS_USER} .. sudo chmod -R g+w .. diff --git a/scripts/install/go_live.sh b/scripts/install/go_live.sh index 21d7072..c5ce90e 100755 --- a/scripts/install/go_live.sh +++ b/scripts/install/go_live.sh @@ -1,6 +1,6 @@ #!/bin/bash -OSPATH="/opt/opensim" +source common.sh for i in $(seq 99) do diff --git a/scripts/install/opensim-monit.conf b/scripts/install/opensim-monit.conf index 7785056..409b69e 100644 --- a/scripts/install/opensim-monit.conf +++ b/scripts/install/opensim-monit.conf @@ -9,23 +9,16 @@ # on ubuntu/debian, this is overridden by the CHECK_INTERVALS var in # /etc/default/monit . the below assumes you've set it to 30 seconds. # -# if process dies, will restart sim within 30 seconds. if process -# dies 5 times in as many tries, will stop trying and send email -# alert. -# -# if SimFPS drops to 0 for 2 minutes, restart. -# -# if process CPU usage stays above 300% for 2 minutes, restart. -# # see ../README for configuration instructions. # # Hmmmm, seems that monit changing to a user and running bash -l is different from sudo changing to a user and running bash -l. # -check process sim01 with pidfile /var/run/opensim/sim01.pid - start program = "/usr/bin/sudo -Hu opensim /bin/bash -lc 'cd /opt/opensim/config/sim01 && /opt/opensim/config/sim01/start-sim -q'" +check process simSIM_NUMBER with pidfile /OS_PATH/caches/simSIM_NUMBER.pid + start program = "/usr/bin/sudo -Hu opensim /bin/bash -lc 'cd /OS_PATH/config/simSIM_NUMBER && /OS_PATH/config/simSIM_NUMBER/start-sim -q'" as uid root and gid root - stop program = "/usr/bin/sudo -Hu opensim /bin/bash -lc 'cd /opt/opensim/config/sim01 && /opt/opensim/config/sim01/stop-sim'" with timeout 600 seconds + stop program = "/usr/bin/sudo -Hu opensim /bin/bash -lc 'cd /OS_PATH/config/simSIM_NUMBER && /OS_PATH/config/simSIM_NUMBER/stop-sim'" with timeout 600 seconds if cpu usage > 50% for 4 cycles then restart + if MEMORY usage > 10% for 4 cycles then restart # if 5 restarts within 5 cycles then timeout # if failed url http://127.0.0.1:9005/jsonSimStats/ # and content != '"SimFPS":0.0,' for 4 cycles @@ -33,4 +26,4 @@ check process sim01 with pidfile /var/run/opensim/sim01.pid # if failed url http://127.0.0.1:9008/jsonSimStats/ # and content == '"SimFPS":' for 4 cycles # then restart - + depends on ROBUST diff --git a/scripts/install/secure.sh b/scripts/install/secure.sh new file mode 100755 index 0000000..48255b6 --- /dev/null +++ b/scripts/install/secure.sh @@ -0,0 +1,20 @@ +#!/bin/bash + +source ../common.sh + +echo "Securing OpenSim." +sudo chmod 600 ${OS_PATH}/config/*.ini +sudo chown -R ${OS_USER}:${OS_USER} ${OS_PATH} +sudo chmod -R 775 ${OS_PATH} +sudo chmod -R a-x ${OS_PATH} +sudo chmod -R a+X ${OS_PATH} +sudo chmod -R g+w ${OS_PATH} +sudo chmod -R a+x ${OS_PATH}/current/*.sh +sudo chmod -R a+x ${OS_PATH}/current/scripts/*.sh +sudo chmod -R a+x ${OS_PATH}/current/scripts/install/*.sh +sudo chmod a+x ${OS_PATH}/current/scripts/show-console +sudo chmod a+x ${OS_PATH}/current/scripts/start-sim + +sudo chmod ug+rwx ${OS_PATH}/config +sudo chmod g+s ${OS_PATH}/config +sudo chmod 600 ${OS_PATH}/config/*.ini diff --git a/scripts/start-sim b/scripts/start-sim index bd0815f..e82547a 100755 --- a/scripts/start-sim +++ b/scripts/start-sim @@ -38,11 +38,11 @@ fi if [ "x$1" = "x" ]; then tgt=$(basename $(pwd)) num="$(echo ${tgt} | cut -c 4-)" -elif [ -d "./$1" ]; then +elif [ -d "$1" ]; then tgt=$1 -elif [ -d "./sim$1" ]; then +elif [ -d "sim$1" ]; then num=$1 - tgt="./sim${num}" + tgt="sim${num}" else tgt=$1 inventory=$1 @@ -77,14 +77,14 @@ fi case $(basename $0) in "start-sim") - cmd="mono ${exe}.exe -inidirectory=${tgt} " + cmd="mono ${exe}.exe -inidirectory=../../config/${tgt} " # Check if it's already running. if [ -e /var/run/opensim/${tgt}.pid ] then # Double check if it's REALLY running. - if [ "x$(ps -p $(cat /var/run/opensim/${tgt}.pid) --no-headers -o comm)" = "x" ]; then - $SUDO rm -f /var/run/opensim/${tgt}.pid + if [ "x$(ps -p $(cat ${PRGDIR}/../../caches/${tgt}.pid) --no-headers -o comm)" = "x" ]; then + $SUDO rm -f ${PRGDIR}/../../caches/${tgt}.pid fi fi # Now see if it's really really running. lol @@ -92,9 +92,9 @@ case $(basename $0) in then if [ "x$tgt" = "xROBUST" ]; then # TODO - the problem here is that the > bit is executed as onefang, not as opensim. - $SUDO cat ../config/config.ini ../config/Robust.ini.template >../config/Robust.ini -# $SUDO chown -R opensim:opensim ../config/Robust.ini - chmod 640 ../config/Robust.ini + $SUDO cat ${PRGDIR}/../../config/config.ini ${PRGDIR}/../../config/Robust.ini.template >${PRGDIR}/../../config/Robust.ini +# $SUDO chown -R opensim:opensim ${PRGDIR}/../../config/Robust.ini + chmod 640 ${PRGDIR}/../../config/Robust.ini ${tmux_command} split-window -hp 50 -t "${tmux_session}:" "${cmd}" else ${tmux_command} new-window -dn "${title}" -t "${tmux_session}:${num}" "${cmd}" -- cgit v1.1