重装服务器真是一个耗精力的过程,尤其是用ghost做数据全盘备份,数据ghost恢复蜗牛一般的速度,再加上ghost居然人生第一次碰到了软件会异常问题,真的是让人痛苦不堪啊。从现在想来,可能不如用imagex来备份数据,imagex至少可以直接mount,省了我不断的恢复过程啊。回想起来,选ghost唯一的理由,应该是:全盘备份,可以必要时候全盘恢复。不过,这个不是这里的重点。这里主要讲服务安装时候,自动化脚本构建。当然,使用构建脚本的方法,可能真的不如直接手动操作,但是,万一需要第二台或第二次再来一遍呢。当然,程序员对于人肉方法,也是倾向于不屑一顾的。
1. 组织架构
公司转向了事业部制,大概的公司结构如下: 
基本SVN设计是,每个事业部有一个SVN库,下面设一级目录,HW/FPGA/FW/SW,分别授权不同的工程师访问。
2. 创建用户和用户组
用户归属于事业部,需要创建事业部组,事业部下根据研发性质,在细分成HW/FPGA/FW/SW用户组,创建用户用命令“net user”,从Excel生成命令脚本使用Excel的VBA生成,代码如下:
Sub CreateScript()
Dim row As Integer, i As Integer
Dim tsUsr As TextStream, tsSmtp As TextStream
Dim usr As String, grp As String, cmt As String
Dim outFolder As String
Set fso = CreateObject("Scripting.FileSystemObject")
outFolder = "D:\BYHX\Server\"
Set tsUsr = fso.OpenTextFile(outFolder & "0.servadmin.cmd", ForWriting, True)
Set tsSmtp = fso.OpenTextFile(outFolder & "0.sendmail.ps1", ForWriting, True)
' PowerShell,需要先执行以下的语句,才能执行ps1脚本
tsSmtp.WriteLine "# Execute below command first, then ps1 script will allowed."
tsSmtp.WriteLine "# Set-ExecutionPolicy -ExecutionPolicy Unrestricted -Scope CurrentUser"
' 创建事业部和大的用户性质用户组
For row = 2 To 18
grp = Range("L" & row)
If Left(grp, 2) <> "RD" Then grp = "BU-" & grp
tsUsr.WriteLine "net localgroup " & grp & " /add /comment:""" & Range("M" & row) & """"
Next row
' 创建事业部下研发分类用户组,以及列出同类研发事业部组列表
For row = 2 To 13
grp = Range("L" & row)
cmt = Range("M" & row)
If Left(grp, 2) <> "RD" Then grp = "BU-" & grp
tsUsr.WriteLine "net localgroup " & grp & "-HW /add /comment:""" & cmt & " 硬件"""
tsUsr.WriteLine "net localgroup " & grp & "-FPGA /add /comment:""" & cmt & " FPGA"""
tsUsr.WriteLine "net localgroup " & grp & "-FW /add /comment:""" & cmt & " 嵌入"""
tsUsr.WriteLine "net localgroup " & grp & "-SW /add /comment:""" & cmt & " 软件"""
Next row
For row = 2 To 1000
usr = Trim(Range("A" & row).Text)
grp = Trim(Range("D" & row).Text)
' 行的A列为空,表示处理结束
If usr = "" Then Exit For
' 非RD的,添加BU前缀
If Left(grp, 2) <> "RD" Then grp = "BU-" & grp
' 添加用户
tsUsr.WriteLine "net user " & usr & " """ & Range("B" & row) & """ /add /active:yes /expires:never /fullname:" & Range("C" & row)
' 用户密码永不过期
tsUsr.WriteLine "wmic useraccount where name='" & usr & "' set passwordexpires=false"
' 把用户添加到事业部
tsUsr.WriteLine "net localgroup " & grp & " " & usr & " /add"
' 根据研发内容,添加用户到事业部研发组
If Range("E" & row).Text = "Y" Then tsUsr.WriteLine "net localgroup " & grp & "-HW " & usr & " /add" & vbCrLf & "net localgroup RD-AllHW " & usr & " /add"
If Range("F" & row).Text = "Y" Then tsUsr.WriteLine "net localgroup " & grp & "-FPGA " & usr & " /add" & vbCrLf & "net localgroup RD-AllFPGA " & usr & " /add"
If Range("G" & row).Text = "Y" Then tsUsr.WriteLine "net localgroup " & grp & "-FW " & usr & " /add" & vbCrLf & "net localgroup RD-AllFW " & usr & " /add"
If Range("H" & row).Text = "Y" Then tsUsr.WriteLine "net localgroup " & grp & "-SW " & usr & " /add" & vbCrLf & "net localgroup RD-AllSW " & usr & " /add"
If Range("I" & row).Text = "Y" Then tsUsr.WriteLine "net localgroup BU-Leader " & usr & " /add"
Next row
tsUsr.Close
tsSmtp.Close
MsgBox "OK"
End Sub
3. 安装和配置SVN
3.1 建立SVN库
安装完毕之后,建立一个Demo库,手动添加管理账号的读写访问权限,拷贝出账号认证配置文件,再准备好需要的svn的hook文件。 准备好事业部列表文件“1.svn-repo.txt”,每行只有事业部的名称(从Excel拷贝出来即可),用批处理命令,生成SVN库,以及离线SVN配置。
for /f %%i in (1.svn-repo.txt) do (
svnadmin create E:\Repositories\%%i
mkdir %%i\conf\
mkdir %%i\hooks\
copy /y VisualSVN-WinAuthz.ini %%i\conf\
copy /y pre-commit.cmd %%i\hooks\
)
3.2 创建一级目录并配置
用svn命令,管理账号,创建各个库的一级目录:
for /f %%i in (1.svn-repo.txt) do (
svn mkdir https://BYHX-MasterServ:8443/svn/%%i/hw -m "Create hardware folder"
svn mkdir https://BYHX-MasterServ:8443/svn/%%i/fpga -m "Create FPGA folder"
svn mkdir https://BYHX-MasterServ:8443/svn/%%i/fw -m "Create firmware folder"
svn mkdir https://BYHX-MasterServ:8443/svn/%%i/sw -m "Create software folder"
)
用类似的循环,用“PsGetsid”工具,获取用户的SID信息文件,单个SID信息类似于
SID for my-co-server\whom:
S-1-5-21-316025195-1075053894-3005689260-1012
利用shell脚本,处理SID信息(注意先转换“sidresult.txt”为unix格式)
cat sidresult.txt | egrep "SID\ for|S\-1" | sed -e 'N;s/\n//g' | sed -e 's/^.*\\//g' > sidlist.txt
处理完信息类似于:
whom:S-1-5-21-316025195-1075053894-3005689260-1012
有了SID信息表之后,用Excel的VBA,处理权限信息:
Function GetSID(sName As String)
Dim sidFile As TextStream
Dim outFolder As String
Dim str As String, s1 As String
Dim pos As Integer
outFolder = "D:\BYHX\Server\"
Set sidFile = fso.OpenTextFile(outFolder & "sidlist.txt", ForReading)
Do While Not sidFile.AtEndOfStream
str = sidFile.ReadLine
pos = InStr(str, ":")
s1 = Left(str, pos - 1)
If s1 = sName Then
GetSID = mid(str, pos + 1)
Exit Do
End If
Loop
End Function
Sub ModiPrivilege()
Dim row As Integer, i As Integer
Dim outFolder As String
Dim authFile As TextStream
Dim str As String, s1 As String
Dim usr As String, grp As String
Set fso = CreateObject("Scripting.FileSystemObject")
outFolder = "D:\BYHX\Server\"
' 给负责人添加库的完全权限
For row = 2 To 1000
usr = Trim(Range("A" & row).Text)
grp = Trim(Range("D" & row).Text)
' 行的A列为空,表示处理结束
If usr = "" Then Exit For
' 非RD的,添加BU前缀
If Left(grp, 2) <> "RD" Then grp = "BU-" & grp
If Range("I" & row).Text = "Y" Then
str = outFolder & grp & "\conf\VisualSVN-WinAuthz.ini"
Set authFile = fso.OpenTextFile(str, ForAppending)
authFile.WriteLine GetSID(usr) & "=rw"
authFile.Close
End If
Next row
' 事业部下研发分类用户组,设置权限
For row = 2 To 13
grp = Range("L" & row)
If Left(grp, 2) <> "RD" Then grp = "BU-" & grp
Set authFile = fso.OpenTextFile(outFolder & grp & "\conf\VisualSVN-WinAuthz.ini", ForAppending)
authFile.WriteLine vbCrLf & "[/hw]"
authFile.WriteLine GetSID(grp & "-HW") & "=rw"
authFile.WriteLine vbCrLf & "[/fpga]"
authFile.WriteLine GetSID(grp & "-FPGA") & "=rw"
authFile.WriteLine vbCrLf & "[/fw]"
authFile.WriteLine GetSID(grp & "-FW") & "=rw"
authFile.WriteLine vbCrLf & "[/sw]"
authFile.WriteLine GetSID(grp & "-SW") & "=rw"
authFile.Close
Next row
MsgBox "OK"
End Sub
将离线的SVN配置文件,复制到SVN库目录,重启SVN服务,SVN配置完成。
4. 发送通知邮件
需要把各个账户的密码,通知到各位同仁。将Excel的用户名和密码这两列,复制到文本文件。转为unix格式。发送邮件脚本如下:
#!/usr/bin/bash
input="mailaccount.txt"
while IFS= read -r line
do
_usr=`echo -n $line | gawk '{printf "%s",$1}'`
_pwd=`echo -n $line | gawk '{printf "%s",$2}' | ./htmlenc.exe`
cat SwithMailSettings.xml | sed -e "s/__to_person__/$_usr/g" -e "s/__password__/$_pwd/g" > account.xml
./SwithMail.exe /s /x account.xml
done < "$input"
命令行邮件工具选择了“SwithMail”,依据的是7 Command Line Utilities to Easily Send Email Using SMTP的推荐。当然,用PowerShell也可以,就是比较麻烦一点点。
