module: add mysql
diff --git a/module/mysql/holder.sh b/module/mysql/holder.sh
new file mode 100644
index 0000000..0f459ab
--- /dev/null
+++ b/module/mysql/holder.sh
@@ -0,0 +1,75 @@
+#!/bin/bash
+#
+# holder.sh - mysql
+#
+# Copyright 2019 Luigi Santivetti <luigi.santivetti@gmail.com>
+
+# Permission is hereby granted, free of charge, to any person obtaining a
+# copy of this software and associated documentation files (the "Software"),
+# to deal in the Software without restriction, including without limitation
+# the rights to use, copy, modify, merge, publish, distribute, sublicense,
+# and/or sell copies of the Software, and to permit persons to whom the
+# Software is furnished to do so, subject to the following conditions:
+
+# The above copyright notice and this permission notice (including the next
+# paragraph) shall be included in all copies or substantial portions of the
+# Software.
+
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+# ITS SUPPLIERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+# IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+# Placeholders must follow a special syntax in order to be considered valid.
+# If they don't, then validation will fail and the process exits with error.
+# These restrictions are described below, so that a holders.sh is considered
+# valid as described below.
+
+_MYSQL_DKRC_SERVICE_="${module}"
+_MYSQL_DKRC_VERSION_="5.7.26"
+_MYSQL_DKRC_IMAGE_="${host_name}-img-${_MYSQL_DKRC_SERVICE_}"
+_MYSQL_DKRC_CONTAINER_="${host_name}-con-${_MYSQL_DKRC_SERVICE_}"
+_MYSQL_DKRC_BACKEND_IP_="172.27.0.2"
+_MYSQL_DKRC_CONTEXT_="$mod_docker_d"
+_MYSQL_DKRC_DOCKERFILE_="$dockerfile"
+_MYSQL_DB_FIELD_USERNAME_="username"
+_MYSQL_DB_FIELD_PASSWORD_="password"
+_MYSQL_DB_FIELD_KEY_="key"
+_MYSQL_DB_FIELD_EXPIRY_="expiry"
+_MYSQL_DB_FIELD_VALUE_="value"
+_MYSQL_DB_TABLE_SESSIONS_="sessions"
+_MYSQL_DB_TABLE_USERS_="users"
+_MYSQL_DB_NAME_="${host_name}_db"
+_MYSQL_DB_PORT_="3306"
+_MYSQL_INITDB_F_="$initdb_f"
+_MYSQL_MYCONF_F_="$mycnf_f"
+_MYSQL_MYSQL_D_="$mysql_d"
+_MYSQL_LOG_D_="$log_d"
+_MYSQL_BACKUP_PATH_="/var/lib/mysql"
+if [ "${mod_mode}" = "${release}" ]; then
+ _MYSQL_GENERAL_LOG_="0"
+ _MYSQL_SLOW_QUERY_LOG_="0"
+ _MYSQL_LOG_OUTPUT_="NONE"
+else
+ _MYSQL_GENERAL_LOG_="1"
+ _MYSQL_SLOW_QUERY_LOG_="1"
+ _MYSQL_LOG_OUTPUT_="FILE"
+fi
+_MYSQL_CON_LOG_D_="/var/log/mysql"
+_MYSQL_CON_ERROR_LOG_F_="${_MYSQL_CON_LOG_D_}/$(basename "$log_error_f")"
+_MYSQL_CON_GENERAL_LOG_F_="${_MYSQL_CON_LOG_D_}/$(basename "$log_general_f")"
+_MYSQL_CON_SLOW_QUERY_LOG_F_="${_MYSQL_CON_LOG_D_}/$(basename "$log_query_f")"
+if [ "$mysql_has_dummy_certs" -eq 1 ]; then
+ _MYSQL_ROOTFS_SSL_D_="$certificates_l"
+ _MYSQL_CON_SSL_D_="/etc/mysql_ssl"
+
+ _MYSQL_SSL_SERVER_CERT_F_="${_MYSQL_CON_SSL_D_}/$(basename "$server_cert_f")"
+ _MYSQL_SSL_SERVER_KEY_F_="${_MYSQL_CON_SSL_D_}/$(basename "$server_key_f")"
+ _MYSQL_SSL_SERVER_CA_F_="${_MYSQL_CON_SSL_D_}/$(basename "$ca_f")"
+
+ _MYSQL_SSL_CLIENT_CERT_F_="${_MYSQL_CON_SSL_D_}/$(basename "$client_cert_f")"
+ _MYSQL_SSL_CLIENT_KEY_F_="${_MYSQL_CON_SSL_D_}/$(basename "$client_key_f")"
+ _MYSQL_SSL_CLIENT_CA_F_="${_MYSQL_CON_SSL_D_}/$(basename "$ca_dup_f")"
+fi
diff --git a/module/mysql/module.sh b/module/mysql/module.sh
new file mode 100644
index 0000000..11215bd
--- /dev/null
+++ b/module/mysql/module.sh
@@ -0,0 +1,223 @@
+#!/bin/bash
+#
+# module.sh - mysql
+#
+# Copyright 2019 Luigi Santivetti <luigi.santivetti@gmail.com>
+
+# Permission is hereby granted, free of charge, to any person obtaining a
+# copy of this software and associated documentation files (the "Software"),
+# to deal in the Software without restriction, including without limitation
+# the rights to use, copy, modify, merge, publish, distribute, sublicense,
+# and/or sell copies of the Software, and to permit persons to whom the
+# Software is furnished to do so, subject to the following conditions:
+
+# The above copyright notice and this permission notice (including the next
+# paragraph) shall be included in all copies or substantial portions of the
+# Software.
+
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+# ITS SUPPLIERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+# IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+declare -r module="mysql"
+source $common_sh
+
+module_enable $module
+
+declare -r etc_d="$mod_rootfs_d/etc"
+declare -r initdb_d="$mod_docker_d"
+declare -r var_d="$mod_rootfs_d/var"
+
+declare -r mycnf_d="$etc_d/mysql"
+declare -r mysql_d="$var_d/lib/mysql"
+declare -r log_d="$var_d/log/mysql"
+
+declare -ir mysql_uid="999"
+
+declare -ir mysql_has_dummy_certs=1
+if [ $mysql_has_dummy_certs -eq 1 ]; then
+ declare -r certificates_d="$mod_staging_d/${module}_dummy_cert"
+ declare -r ca_key_f="$certificates_d/${module}_dummy-ca-key.pem"
+ declare -r ca_f="$certificates_d/${module}_dummy-ca.pem"
+
+ declare -r server_key_f="$certificates_d/${module}_dummy-server-key.pem"
+ declare -r server_req_f="$certificates_d/${module}_dummy-server-req.pem"
+ declare -r server_cert_f="$certificates_d/${module}_dummy-server-cert.pem"
+
+ declare -r client_key_f="$certificates_d/${module}_dummy-client-key.pem"
+ declare -r client_req_f="$certificates_d/${module}_dummy-client-req.pem"
+ declare -r client_cert_f="$certificates_d/${module}_dummy-client-cert.pem"
+
+ # Dup ca to avoid bind mounting the same file twice
+ declare -r ca_dup_f="$certificates_d/${module}_dummy-ca-dup.pem"
+else
+ lets -l -e "official CA certificates not supported"
+ exit 1
+fi
+declare -r certificates_l="$etc_d/mysql_ssl"
+
+# Output files
+declare -r dockerfile="Dockerfile"
+declare -r dockerfile_f="$mod_docker_d/$dockerfile"
+declare -r initdb_f="$initdb_d/initdb.sql"
+declare -r mycnf_f="$mycnf_d/my.cnf"
+declare -r log_error_f="$log_d/error.txt"
+declare -r log_general_f="$log_d/general.txt"
+declare -r log_query_f="$log_d/query.txt"
+declare -r mysql_cli_bang_f="$mod_docker_d/mysql-cli.sh"
+
+declare -ar mod_more_dirs=( \
+ $etc_d $initdb_d $var_d $mycnf_d $log_d $mysql_d \
+)
+
+declare -ar mod_more_files=( $mycnf_f $initdb_f $dockerfile_f $mysql_cli_bang_f )
+declare -ar mod_more_trefs=( mycnf_t initdb_t dockerfile_t mysql_cli_bang_t )
+
+function tod_watch
+{
+ __watch_module_common || return $s_err
+}
+
+function tod_doins
+{
+ __doins_module_common || return $s_err
+ __mysql_do_log_files || return $s_err
+
+ # Use certificates provided by Apache
+ __mysql_do_dummy_cert || return $s_err
+ __mysql_do_links || return $s_err
+}
+
+function tod_clins
+{
+ __clins_module_common || return $s_err
+ __mysql_undo_log_files || return $s_err
+}
+
+function tod_upins
+{
+ __upins_module_common || return $s_err
+
+ # Use ceritificates provided by Apache
+ __mysql_do_dummy_cert || return $s_err
+}
+
+function tod_doall
+{
+ tod_doins
+}
+
+function tod_upall
+{
+ tod_upins
+}
+
+function __mysql_do_dummy_cert_helper
+{
+ # Credits:
+ # https://techsparx.com/software-development/docker/damp/mysql-ssl-connection.html
+
+ local -r OPENSSL_SUBJ="/C=US/ST=Utopia/L=Neverland"
+ local -r OPENSSL_CA="${OPENSSL_SUBJ}/CN=dummy-CA"
+ local -r OPENSSL_SERVER="${OPENSSL_SUBJ}/CN=dummy-server"
+ local -r OPENSSL_CLIENT="${OPENSSL_SUBJ}/CN=dummy-client"
+
+ # Generate new CA certificate ca.pem file.
+ openssl genrsa 2048 > $ca_key_f
+
+ # TODO This has interaction that must be automated
+ openssl req -new -x509 -nodes -days 3600 \
+ -subj "${OPENSSL_CA}" \
+ -key $ca_key_f -out $ca_f
+
+ # Create the server-side certificates
+ # This has more interaction that must be automated
+
+ openssl req -newkey rsa:2048 -days 3600 -nodes \
+ -subj "${OPENSSL_SERVER}" \
+ -keyout $server_key_f -out $server_req_f
+ openssl rsa -in $server_key_f -out $server_key_f
+
+ openssl x509 -req -in $server_req_f -days 3600 \
+ -CA $ca_f -CAkey $ca_key_f -set_serial 01 -out $server_cert_f
+
+ # Create the client-side certificates
+ openssl req -newkey rsa:2048 -days 3600 -nodes \
+ -subj "${OPENSSL_CLIENT}" \
+ -keyout $client_key_f -out $client_req_f
+ openssl rsa -in $client_key_f -out $client_key_f
+
+ openssl x509 -req -in $client_req_f -days 3600 \
+ -CA $ca_f -CAkey $ca_key_f -set_serial 01 -out $client_cert_f
+
+ # Verify the certificates are correct
+ openssl verify -CAfile \
+ $ca_f $server_cert_f $client_cert_f || return $s_err
+
+ # Duplicate ca as it needs to be mounted client side
+ cp -ar $ca_f $ca_dup_f
+
+ set_mode "0644" $mysql_uid \
+ $ca_f $ca_dup_f \
+ $server_key_f $server_req_f $server_cert_f \
+ $client_key_f $client_req_f $client_cert_f || return $s_err
+
+ set_mode "0600" $mysql_uid $ca_key_f || return $s_err
+}
+
+function __mysql_do_dummy_cert
+{
+ if [ $mysql_has_dummy_certs -eq 1 ]; then
+ if [ ! -d $certificates_d ]; then
+ mkdir -p $certificates_d && \
+ pushd $certificates_d >/dev/null || return $s_err
+ __mysql_do_dummy_cert_helper 2>&1 | lets -l -x "openssl"
+ case "${PIPESTATUS[0]}" in
+ $s_err ) lets -l -e "failed to make dummy certificates"
+ popd >/dev/null; return $s_err ;;
+ esac
+ popd >/dev/null
+ fi
+ fi;
+
+ lets -l -i "$module SSL cert from: ${certificates_d#$script_dir/}"
+ return $s_ok
+}
+
+function __mysql_do_links
+{
+ # NOTE: container path must match localhost path
+ #
+ # i.e.
+ # localhost:/etc container:/etc OK
+ # localhost:/home/luigi container:/home/??? NOT OK
+ #
+ ln -sf "${certificates_d}" "${certificates_l}"
+}
+
+function __mysql_do_log_files
+{
+ sudo touch $log_error_f $log_general_f $log_query_f || {
+ lets -l -e "failed to touch log files"; return $s_err
+ }
+
+ set_mode "0755" $mysql_uid $log_d || {
+ lets -l -e "failed to set mode $log_d"; return $s_err
+ }
+
+ set_mode "0644" $mysql_uid $log_error_f $log_general_f $log_query_f || {
+ lets -l -e "failed to set mode log files"; return $s_err
+ }
+}
+
+function __mysql_undo_log_files
+{
+ sudo rm -f $log_error_f $log_general_f $log_query_f || {
+ lets -l -e "failed remove log files"; return $s_err
+ }
+
+ __mysql_do_log_files
+}
diff --git a/module/mysql/scheme.sh b/module/mysql/scheme.sh
new file mode 100644
index 0000000..994152a
--- /dev/null
+++ b/module/mysql/scheme.sh
@@ -0,0 +1,255 @@
+#!/bin/bash
+#
+# mysql templates
+#
+# Copyright 2019 Luigi Santivetti <luigi.santivetti@gmail.com>
+
+# Permission is hereby granted, free of charge, to any person obtaining a
+# copy of this software and associated documentation files (the "Software"),
+# to deal in the Software without restriction, including without limitation
+# the rights to use, copy, modify, merge, publish, distribute, sublicense,
+# and/or sell copies of the Software, and to permit persons to whom the
+# Software is furnished to do so, subject to the following conditions:
+
+# The above copyright notice and this permission notice (including the next
+# paragraph) shall be included in all copies or substantial portions of the
+# Software.
+
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+# ITS SUPPLIERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+# IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+declare -r mycnf_t="\
+# Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved.
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; version 2 of the License.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
+#
+# https://dev.mysql.com/doc/refman/${_MYSQL_DKRC_VERSION_:0:3}/en/server-system-variables.html
+
+!includedir /etc/mysql/conf.d/
+!includedir /etc/mysql/mysql.conf.d/
+
+[mysqld]
+
+# Always enable SSL
+require_secure_transport = ON
+
+# Certificates (use self signed)
+ssl-cert=${_MYSQL_SSL_SERVER_CERT_F_}
+ssl-key=${_MYSQL_SSL_SERVER_KEY_F_}
+ssl-ca=${_MYSQL_SSL_SERVER_CA_F_}
+
+# Logs
+general_log = ${_MYSQL_GENERAL_LOG_}
+log_output = ${_MYSQL_LOG_OUTPUT_}
+slow_query_log = ${_MYSQL_SLOW_QUERY_LOG_}
+long_query_time = 2
+log_error_verbosity = 3
+general_log_file = ${_MYSQL_CON_GENERAL_LOG_F_}
+slow_query_log_file = ${_MYSQL_CON_SLOW_QUERY_LOG_F_}
+log_error = ${_MYSQL_CON_ERROR_LOG_F_}
+
+port=${_MYSQL_DB_PORT_}
+explicit_defaults_for_timestamp = TRUE
+#connect_timeout = 1000000
+#net_write_timeout = 1000000
+#wait_timeout = 1000000
+#max_allowed_packet = 1024M
+#interactive_timeout = 1000000
+#net_buffer_length = 200M
+#net_read_timeout = 1000000
+#bind-address = *
+#innodb_data_file_path=
+
+#[mysqld_safe]"
+
+declare -r initdb_t="\
+CREATE DATABASE IF NOT EXISTS \`${_MYSQL_DB_NAME_}\`;
+
+use ${_MYSQL_DB_NAME_};
+
+CREATE TABLE IF NOT EXISTS \`${_MYSQL_DB_TABLE_USERS_}\` (
+\`id\` int(10) unsigned NOT NULL AUTO_INCREMENT,
+\`${_MYSQL_DB_FIELD_USERNAME_}\` varchar(20) NOT NULL,
+\`group\` int(10) unsigned NOT NULL default 1,
+\`status\` int(5) unsigned NOT NULL default 0,
+\`email\` varchar(50) NOT NULL,
+\`${_MYSQL_DB_FIELD_PASSWORD_}\` varchar(64) NOT NULL,
+\`created\` datetime NOT NULL default current_timestamp,
+\`updated\` timestamp NOT NULL default current_timestamp on update current_timestamp,
+PRIMARY KEY (\`id\`),
+UNIQUE KEY useremail (\`email\`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+CREATE TABLE IF NOT EXISTS \`${_MYSQL_DB_TABLE_SESSIONS_}\` (
+\`id\` varchar(128) NOT NULL,
+\`ip_address\` varchar(45) NOT NULL,
+\`timestamp\` int(10) unsigned DEFAULT 0 NOT NULL,
+\`data\` blob NOT NULL,
+PRIMARY KEY \`ci_sessions_id\` (\`id\`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;"
+
+if [ "${mod_mode}" = "${release}" ]; then
+ declare -rg dockerfile_debug_tools_t=""
+else
+ declare -rg dockerfile_debug_tools_t="\
+# debug only
+RUN apt-get -y install nmap
+RUN apt-get -y install net-tools"
+fi
+
+declare -r dockerfile_t="\
+ARG VERSION=${_MYSQL_DKRC_VERSION_}
+FROM mysql:\$VERSION
+
+RUN apt-get update
+${dockerfile_debug_tools_t}
+
+# Add SQL configuration file into autoloaded default location
+COPY initdb.sql /docker-entrypoint-initdb.d/
+
+# MYSQL seems quite strict about files mode
+RUN mkdir -p ${_MYSQL_CON_LOG_D_} && \\
+ chown mysql:mysql /var/log/mysql && \\
+ touch ${_MYSQL_CON_GENERAL_LOG_F_} && \\
+ chown mysql:mysql ${_MYSQL_CON_GENERAL_LOG_F_} && \\
+ touch ${_MYSQL_CON_ERROR_LOG_F_} && \\
+ chown mysql:mysql ${_MYSQL_CON_ERROR_LOG_F_} && \\
+ touch ${_MYSQL_CON_SLOW_QUERY_LOG_F_} && \\
+ chown mysql:mysql ${_MYSQL_CON_SLOW_QUERY_LOG_F_}"
+
+declare -r mysql_cli_bang_t="\
+#!/bin/bash
+
+if (return 0 2>/dev/null); then
+ echo \"You must run this script\" >&2
+ return 1
+fi
+
+declare -r running_services=\\
+\"sudo -E docker-compose ps --services --filter \\\"status=running\\\"\"
+
+function source_passwd_file
+{
+ sudo whoami >/dev/null # cache password
+
+ if [ ! -f \"\${PASSWD_F}\" ]; then
+ echo \"error: PASSWD file not found\" >&2
+ exit 1
+ fi
+
+ if ! source \"\${PASSWD_F}\"; then
+ echo \"error: PASSWD file not sourced\" >&2
+ exit 1
+ fi
+}
+
+set -eu
+
+case \"\$1\" in
+ --help ) cat <<EOF; exit 0
+`printf \"\\033[1m%s\\033[0m\\n\" \"NAME\"`
+
+ \${BASH_SOURCE[0]//.\//} - Mysql CLI for ${host_name}
+
+`printf \"\\033[1m%s\\033[0m\\n\" \"USAGE\"`
+
+ \$ \${BASH_SOURCE[0]} [ OPTION ] [ ARGS ... ]
+
+`printf \"\\033[1m%s\\033[0m\\n\" \"ENVIRONMENT\"`
+
+ PASSWD_F path to file containing runtime credentials
+
+`printf \"\\033[1m%s\\033[0m\\n\" \"OPTION\"`
+
+ --set-status string <email> integer <status>. Set the status
+ field for a user given its email
+ --export export mysql database to utf-8 text file
+ --import import a mysql database from an utf-8 text file
+ --help show this help
+
+`printf \"\\033[1m%s\\033[0m\\n\" \"END\"`
+EOF
+ ;;
+ --export )
+ source_passwd_file
+ declare -r now=\"\$(date +'%d%m%Y%H%M%S')\"
+ declare -r backup_name=\"${_MYSQL_DKRC_CONTAINER_}_${_MYSQL_DB_NAME_}-\${now}.sql\"
+ declare -r backup_path=\"${_MYSQL_BACKUP_PATH_}\"
+ declare -r backup_file=\"\${backup_path}/\${backup_name}\"
+
+ pushd \"${instance_d}\" >/dev/null || exit 1
+ if eval \"\${running_services}\" | grep -q -- \"${_MYSQL_DKRC_SERVICE_}\"; then
+ if ! (sudo -E docker exec ${_MYSQL_DKRC_CONTAINER_} /usr/bin/mysqldump \\
+ -u root --password=\${_PASSWD_MYSQL_DB_PASSWORD_ROOT_} \\
+ --databases ${_MYSQL_DB_NAME_} --result-file=\${backup_file}); then
+ echo \"error: cannot export database\"
+ popd >/dev/null
+ exit 1
+ fi
+ sudo chmod 0400 ${_MYSQL_MYSQL_D_}/\${backup_name}
+ suod mv ${_MYSQL_MYSQL_D_}/\${backup_name} \$(pwd)
+ echo \"success: \$(pwd)/\${backup_name}\"
+ else
+ echo \"error: ${_MYSQL_DKRC_SERVICE_} not running\"
+ popd >/dev/null
+ exit 1
+ fi ;;
+ --import )
+ source_passwd_file
+ declare -r input_sql_bkp=\"\$(realpath \"\$2\")\"
+ if [ ! -f \"\${input_sql_bkp}\" ]; then
+ echo \"error: \${input_sql_bkp:-undefined}: file not found\"
+ exit 1
+ fi
+
+ pushd \"${instance_d}\" >/dev/null || exit 1
+ if eval \"\${running_services}\" | grep -q -- \"${_MYSQL_DKRC_SERVICE_}\"; then
+ if ! (sudo cat \"\${input_sql_bkp}\" | sudo -E docker exec -i ${_MYSQL_DKRC_CONTAINER_} \\
+ /usr/bin/mysql -u root --password=\${_PASSWD_MYSQL_DB_PASSWORD_ROOT_} ${_MYSQL_DB_NAME_}); then
+ echo \"error: cannot import database\"
+ popd >/dev/null
+ exit 1
+ fi
+ echo \"success: \${input_sql_bkp}\"
+ else
+ echo \"error: ${_MYSQL_DKRC_SERVICE_} not running\"
+ popd >/dev/null
+ exit 1
+ fi ;;
+ --set-status )
+ source_passwd_file
+ declare -r email=\"\$2\"
+ declare -r status=\"\$3\"
+ declare -r query=\"UPDATE users SET status = \${status} WHERE email = '\${email}'\"
+
+ pushd \"${instance_d}\" >/dev/null || exit 1
+ if eval \"\${running_services}\" | grep -q -- \"${_MYSQL_DKRC_SERVICE_}\"; then
+ if ! (sudo -E docker exec -i ${_MYSQL_DKRC_CONTAINER_} \\
+ /usr/bin/mysql -u root --password=\${_PASSWD_MYSQL_DB_PASSWORD_ROOT_} \\
+ -D ${_MYSQL_DB_NAME_} -e \"\${query}\"); then
+ echo \"error: cannot update status\"
+ popd >/dev/null
+ exit 1
+ fi
+ echo \"success: status updated\"
+ else
+ echo \"error: ${_MYSQL_DKRC_SERVICE_} not running\"
+ popd >/dev/null
+ exit 1
+ fi ;;
+esac"