forked from Jibo-Revival-Group/JiboOs
Version 3.1 InDev
This commit is contained in:
99
V3.1/build/etc/init.d/S02jibo-skills-logd
Normal file
99
V3.1/build/etc/init.d/S02jibo-skills-logd
Normal file
@@ -0,0 +1,99 @@
|
||||
#!/bin/sh
|
||||
### BEGIN INIT INFO
|
||||
# Provides: jibo-skills-logd
|
||||
# Required-Start: $local_fs
|
||||
# Required-Stop: $local_fs
|
||||
# Default-Start: 2 3 4 5
|
||||
# Default-Stop: 0 1 6
|
||||
# Short-Description: UDP log daemon for Jibo Skills
|
||||
### END INIT INFO
|
||||
|
||||
# Install path on robot:
|
||||
# /etc/init.d/jibo-skills-logd (this file)
|
||||
# and ensure executable: chmod +x /etc/init.d/jibo-skills-logd
|
||||
# Enable (varies by distro):
|
||||
# update-rc.d jibo-skills-logd defaults
|
||||
# or (BusyBox init): create symlink in /etc/rc.d/rcS.d/ or /etc/rc?.d/
|
||||
|
||||
PYTHON_BIN=${PYTHON_BIN:-/usr/bin/python}
|
||||
DAEMON=${DAEMON:-/opt/jibo/Jibo/Skills/tools/robot/logd/jibo_logd.py}
|
||||
PIDFILE=${PIDFILE:-/tmp/jibo-skills-logd.pid}
|
||||
HOST=${JIBO_LOGD_HOST:-127.0.0.1}
|
||||
PORT=${JIBO_LOGD_PORT:-15140}
|
||||
LOGFILE=${JIBO_LOGD_FILE:-/tmp/jibo-skills.log}
|
||||
|
||||
start() {
|
||||
echo "Starting jibo-skills-logd"
|
||||
if [ -f "$PIDFILE" ]; then
|
||||
PID=$(cat "$PIDFILE" 2>/dev/null)
|
||||
if [ -n "$PID" ] && kill -0 "$PID" 2>/dev/null; then
|
||||
echo "Already running (pid $PID)"
|
||||
return 0
|
||||
fi
|
||||
fi
|
||||
|
||||
# best effort: ensure logfile dir exists
|
||||
mkdir -p "$(dirname "$LOGFILE")" 2>/dev/null
|
||||
|
||||
"$PYTHON_BIN" "$DAEMON" --host "$HOST" --port "$PORT" --logfile "$LOGFILE" --daemonize --pidfile "$PIDFILE"
|
||||
sleep 1
|
||||
if [ -f "$PIDFILE" ]; then
|
||||
echo "Started (pid $(cat "$PIDFILE" 2>/dev/null))"
|
||||
return 0
|
||||
fi
|
||||
echo "Failed to start"
|
||||
return 1
|
||||
}
|
||||
|
||||
stop() {
|
||||
echo "Stopping jibo-skills-logd"
|
||||
if [ ! -f "$PIDFILE" ]; then
|
||||
echo "Not running (no pidfile)"
|
||||
return 0
|
||||
fi
|
||||
PID=$(cat "$PIDFILE" 2>/dev/null)
|
||||
if [ -z "$PID" ]; then
|
||||
rm -f "$PIDFILE"
|
||||
return 0
|
||||
fi
|
||||
kill "$PID" 2>/dev/null
|
||||
sleep 1
|
||||
kill -9 "$PID" 2>/dev/null
|
||||
rm -f "$PIDFILE"
|
||||
echo "Stopped"
|
||||
return 0
|
||||
}
|
||||
|
||||
status() {
|
||||
if [ -f "$PIDFILE" ]; then
|
||||
PID=$(cat "$PIDFILE" 2>/dev/null)
|
||||
if [ -n "$PID" ] && kill -0 "$PID" 2>/dev/null; then
|
||||
echo "Running (pid $PID)"
|
||||
return 0
|
||||
fi
|
||||
fi
|
||||
echo "Not running"
|
||||
return 3
|
||||
}
|
||||
|
||||
case "$1" in
|
||||
start)
|
||||
start
|
||||
;;
|
||||
stop)
|
||||
stop
|
||||
;;
|
||||
restart)
|
||||
stop
|
||||
start
|
||||
;;
|
||||
status)
|
||||
status
|
||||
;;
|
||||
*)
|
||||
echo "Usage: $0 {start|stop|restart|status}"
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
|
||||
exit $?
|
||||
90
V3.1/build/etc/init.d/S03jibo-skills-logpanel
Normal file
90
V3.1/build/etc/init.d/S03jibo-skills-logpanel
Normal file
@@ -0,0 +1,90 @@
|
||||
#!/bin/sh
|
||||
### BEGIN INIT INFO
|
||||
# Provides: jibo-skills-logpanel
|
||||
# Required-Start: $local_fs
|
||||
# Required-Stop: $local_fs
|
||||
# Default-Start: 2 3 4 5
|
||||
# Default-Stop: 0 1 6
|
||||
# Short-Description: HTTP panel for live Jibo Skills logs
|
||||
### END INIT INFO
|
||||
|
||||
PYTHON_BIN=${PYTHON_BIN:-/usr/bin/python}
|
||||
DAEMON=${DAEMON:-/opt/jibo/Jibo/Skills/tools/robot/logpanel/jibo_logpanel.py}
|
||||
PIDFILE=${PIDFILE:-/tmp/jibo-skills-logpanel.pid}
|
||||
BIND=${JIBO_LOGPANEL_BIND:-0.0.0.0}
|
||||
PORT=${JIBO_LOGPANEL_PORT:-15150}
|
||||
LOGFILE=${JIBO_LOGD_FILE:-/tmp/jibo-skills.log}
|
||||
|
||||
start() {
|
||||
echo "Starting jibo-skills-logpanel"
|
||||
if [ -f "$PIDFILE" ]; then
|
||||
PID=$(cat "$PIDFILE" 2>/dev/null)
|
||||
if [ -n "$PID" ] && kill -0 "$PID" 2>/dev/null; then
|
||||
echo "Already running (pid $PID)"
|
||||
return 0
|
||||
fi
|
||||
fi
|
||||
|
||||
"$PYTHON_BIN" "$DAEMON" --bind "$BIND" --port "$PORT" --logfile "$LOGFILE" >/tmp/jibo-skills-logpanel.log 2>&1 &
|
||||
echo $! > "$PIDFILE"
|
||||
sleep 1
|
||||
if [ -f "$PIDFILE" ]; then
|
||||
echo "Started (pid $(cat "$PIDFILE" 2>/dev/null))"
|
||||
return 0
|
||||
fi
|
||||
echo "Failed to start"
|
||||
return 1
|
||||
}
|
||||
|
||||
stop() {
|
||||
echo "Stopping jibo-skills-logpanel"
|
||||
if [ ! -f "$PIDFILE" ]; then
|
||||
echo "Not running (no pidfile)"
|
||||
return 0
|
||||
fi
|
||||
PID=$(cat "$PIDFILE" 2>/dev/null)
|
||||
if [ -z "$PID" ]; then
|
||||
rm -f "$PIDFILE"
|
||||
return 0
|
||||
fi
|
||||
kill "$PID" 2>/dev/null
|
||||
sleep 1
|
||||
kill -9 "$PID" 2>/dev/null
|
||||
rm -f "$PIDFILE"
|
||||
echo "Stopped"
|
||||
return 0
|
||||
}
|
||||
|
||||
status() {
|
||||
if [ -f "$PIDFILE" ]; then
|
||||
PID=$(cat "$PIDFILE" 2>/dev/null)
|
||||
if [ -n "$PID" ] && kill -0 "$PID" 2>/dev/null; then
|
||||
echo "Running (pid $PID)"
|
||||
return 0
|
||||
fi
|
||||
fi
|
||||
echo "Not running"
|
||||
return 3
|
||||
}
|
||||
|
||||
case "$1" in
|
||||
start)
|
||||
start
|
||||
;;
|
||||
stop)
|
||||
stop
|
||||
;;
|
||||
restart)
|
||||
stop
|
||||
start
|
||||
;;
|
||||
status)
|
||||
status
|
||||
;;
|
||||
*)
|
||||
echo "Usage: $0 {start|stop|restart|status}"
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
|
||||
exit $?
|
||||
127
V3.1/build/etc/init.d/S21firewall
Normal file
127
V3.1/build/etc/init.d/S21firewall
Normal file
@@ -0,0 +1,127 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# Jibo Firewall init script
|
||||
#
|
||||
|
||||
set -e
|
||||
|
||||
IPTABLES_CMDS="/usr/sbin/iptables /usr/sbin/ip6tables"
|
||||
|
||||
flush_rules() {
|
||||
for iptables in $IPTABLES_CMDS; do
|
||||
$iptables -t filter -F
|
||||
$iptables -t filter -P INPUT ACCEPT
|
||||
$iptables -t filter -P FORWARD ACCEPT
|
||||
$iptables -t filter -P OUTPUT ACCEPT
|
||||
# add the DYNAMIC_ACCESS chain unconditionally
|
||||
$iptables -t filter -X
|
||||
$iptables -t filter -N DYNAMIC_ACCESS
|
||||
done
|
||||
}
|
||||
|
||||
normal_rules() {
|
||||
for iptables in $IPTABLES_CMDS; do
|
||||
$iptables -t filter -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
|
||||
$iptables -t filter -A INPUT -p icmp -j ACCEPT
|
||||
$iptables -t filter -A INPUT -i lo -j ACCEPT
|
||||
|
||||
# --- Custom Allowed Ports ---
|
||||
# Allow SSH
|
||||
$iptables -t filter -A INPUT -p tcp --dport 22 -j ACCEPT
|
||||
# Allow Jibo Skills Service panel at 8779
|
||||
$iptables -t filter -A INPUT -p tcp --dport 8779 -j ACCEPT
|
||||
# Allow Custom Port 15150 for loggging
|
||||
$iptables -t filter -A INPUT -p tcp --dport 15150 -j ACCEPT
|
||||
# ----------------------------
|
||||
|
||||
# allow dynamic access rules from system-manager
|
||||
$iptables -t filter -A INPUT -j DYNAMIC_ACCESS
|
||||
|
||||
# Reject everything else
|
||||
$iptables -t filter -A INPUT -j REJECT
|
||||
$iptables -t filter -A FORWARD -j REJECT
|
||||
done
|
||||
}
|
||||
developer_rules() {
|
||||
for iptables in $IPTABLES_CMDS; do
|
||||
# jibo-dev-shell
|
||||
$iptables -t filter -A INPUT -p tcp --syn --dport 8686 -j ACCEPT
|
||||
# jibo-skills-service
|
||||
$iptables -t filter -A INPUT -p tcp --syn --dport 8779 -j ACCEPT
|
||||
# jibo-sync
|
||||
$iptables -t filter -A INPUT -p tcp --syn --dport 8989 -j ACCEPT
|
||||
# jibo-debug-proxy
|
||||
$iptables -t filter -A INPUT -p tcp --syn --dport 9191 -j ACCEPT
|
||||
# avahi
|
||||
$iptables -t filter -A INPUT -p udp --dport 5353 -j ACCEPT
|
||||
done
|
||||
normal_rules
|
||||
}
|
||||
|
||||
certification_rules() {
|
||||
for iptables in $IPTABLES_CMDS; do
|
||||
# jibo-certification-service
|
||||
$iptables -t filter -A INPUT -p tcp --syn --dport 9292 -j ACCEPT
|
||||
done
|
||||
normal_rules
|
||||
}
|
||||
|
||||
service_rules() {
|
||||
for iptables in $IPTABLES_CMDS; do
|
||||
# jibo-certification-service
|
||||
$iptables -t filter -A INPUT -p tcp --syn --dport 9292 -j ACCEPT
|
||||
# jibo-service-center-service
|
||||
$iptables -t filter -A INPUT -p tcp --syn --dport 9797 -j ACCEPT
|
||||
# avahi
|
||||
$iptables -t filter -A INPUT -p udp --dport 5353 -j ACCEPT
|
||||
done
|
||||
normal_rules
|
||||
}
|
||||
|
||||
start() {
|
||||
echo -n "Configuring firewall: "
|
||||
flush_rules
|
||||
my_mode=$(/usr/bin/jibo-getmode)
|
||||
if [ $? -ne 0 ]; then
|
||||
echo "Unspecified mode. SKIP"
|
||||
elif [ "$my_mode" == "identified" ]; then
|
||||
echo "IDENTIFIED"
|
||||
elif [ "$my_mode" == "int-developer" ]; then
|
||||
echo "INT-DEVELOPER"
|
||||
elif [ "$my_mode" == "developer" ]; then
|
||||
developer_rules
|
||||
test $? -eq 0 && echo "DEVELOPER" || echo "ERROR"
|
||||
elif [ "$my_mode" == "certification" ]; then
|
||||
certification_rules
|
||||
test $? -eq 0 && echo "CERTIFICATION" || echo "ERROR"
|
||||
elif [ "$my_mode" == "service" ]; then
|
||||
service_rules
|
||||
test $? -eq 0 && echo "SERVICE" || echo "ERROR"
|
||||
else
|
||||
normal_rules
|
||||
test $? -eq 0 && echo "OK" || echo "ERROR"
|
||||
fi
|
||||
}
|
||||
|
||||
stop() {
|
||||
echo -n "Unconfiguring firewall: "
|
||||
flush_rules
|
||||
test $? -eq 0 && echo "OK" || echo "ERROR"
|
||||
}
|
||||
|
||||
case "$1" in
|
||||
start)
|
||||
start
|
||||
;;
|
||||
stop)
|
||||
stop
|
||||
;;
|
||||
restart)
|
||||
stop
|
||||
start
|
||||
;;
|
||||
*)
|
||||
echo "Usage: $0 {start|stop|restart}" >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
Reference in New Issue
Block a user