debug

.gitignore

@@ -24,8 +24,6 @@ docs/src/man1/*.1
 docs/src/man7/*.7
 docs/src/man7/cdist-type__*.rst
 docs/src/cdist-reference.rst
-docs/src/cdist-types.rst
-docs/src/cdist.cfg.skeleton
 
 # Ignore cdist cache for version control
 /cache/

Makefile

@@ -63,18 +63,6 @@ DOCSREFSH=$(DOCS_SRC_DIR)/cdist-reference.rst.sh
 $(DOCSREF): $(DOCSREFSH)
 	$(DOCSREFSH)
 
-# Html types list with references
-DOCSTYPESREF=$(MAN7DSTDIR)/cdist-types.rst
-DOCSTYPESREFSH=$(DOCS_SRC_DIR)/cdist-types.rst.sh
-
-$(DOCSTYPESREF): $(DOCSTYPESREFSH)
-	$(DOCSTYPESREFSH)
-
-DOCSCFGSKEL=./configuration/cdist.cfg.skeleton
-
-configskel: $(DOCSCFGSKEL)
-	cp -f "$(DOCSCFGSKEL)" "$(DOCS_SRC_DIR)/"
-
 version:
 	@[ -f "cdist/version.py" ] || { \
 		printf "Missing 'cdist/version.py', please generate it first.\n" && exit 1; \
@@ -84,7 +72,7 @@ version:
 man: version $(MANTYPES) $(DOCSREF)
 	$(SPHINXM)
 
-html: version configskel $(MANTYPES) $(DOCSREF) $(DOCSTYPESREF)
+html: version $(MANTYPES) $(DOCSREF)
 	$(SPHINXH)
 
 docs: man html
@@ -126,8 +114,6 @@ speeches: $(SPEECHES)
 #
 clean: docs-clean
 	rm -f $(DOCS_SRC_DIR)/cdist-reference.rst
-	rm -f $(DOCS_SRC_DIR)/cdist-types.rst
-	rm -f $(DOCS_SRC_DIR)/cdist.cfg.skeleton
 
 	find "$(DOCS_SRC_DIR)" -mindepth 2 -type l \
 	| xargs rm -f

bin/build-helper

@@ -74,7 +74,6 @@ SHELLCHECKCMD="shellcheck -s sh -f gcc -x"
 # Skip SC2154 for variables starting with __ since such variables are cdist
 # environment variables.
 SHELLCHECK_SKIP=': __.*is referenced but not assigned.*\[SC2154\]'
-SHELLCHECKTMP=".shellcheck.tmp"
 
 # Change to checkout directory
 basedir="${0%/*}/../"
@@ -370,7 +369,7 @@ eof
         cat << eof
 Manual steps post release:
     - cdist-web
-    - send generated mailinglist.tmp mail
+    - send mail body generated in mailinglist.tmp and inform Dmitry for deb
     - twitter
 eof
     ;;
@@ -432,67 +431,53 @@ eof
     ;;
 
     shellcheck-global-explorers)
-        # shellcheck disable=SC2086
-        find cdist/conf/explorer -type f -exec ${SHELLCHECKCMD} {} + | grep -v "${SHELLCHECK_SKIP}" > "${SHELLCHECKTMP}"
-        test ! -s "${SHELLCHECKTMP}" || { cat "${SHELLCHECKTMP}"; exit 1; }
+        find cdist/conf/explorer -type f -exec ${SHELLCHECKCMD} {} + | grep -v "${SHELLCHECK_SKIP}" || exit 0
     ;;
 
     shellcheck-type-explorers)
-        # shellcheck disable=SC2086
-        find cdist/conf/type -type f -path "*/explorer/*" -exec ${SHELLCHECKCMD} {} + | grep -v "${SHELLCHECK_SKIP}" > "${SHELLCHECKTMP}"
-        test ! -s "${SHELLCHECKTMP}" || { cat "${SHELLCHECKTMP}"; exit 1; }
+        find cdist/conf/type -type f -path "*/explorer/*" -exec ${SHELLCHECKCMD} {} + | grep -v "${SHELLCHECK_SKIP}" || exit 0
     ;;
 
     shellcheck-manifests)
-        # shellcheck disable=SC2086
-        find cdist/conf/type -type f -name manifest -exec ${SHELLCHECKCMD} {} + | grep -v "${SHELLCHECK_SKIP}" > "${SHELLCHECKTMP}"
-        test ! -s "${SHELLCHECKTMP}" || { cat "${SHELLCHECKTMP}"; exit 1; }
+        find cdist/conf/type -type f -name manifest -exec ${SHELLCHECKCMD} {} + | grep -v "${SHELLCHECK_SKIP}" || exit 0
     ;;
 
     shellcheck-local-gencodes)
-        # shellcheck disable=SC2086
-        find cdist/conf/type -type f -name gencode-local -exec ${SHELLCHECKCMD} {} + | grep -v "${SHELLCHECK_SKIP}" > "${SHELLCHECKTMP}"
-        test ! -s "${SHELLCHECKTMP}" || { cat "${SHELLCHECKTMP}"; exit 1; }
+        find cdist/conf/type -type f -name gencode-local -exec ${SHELLCHECKCMD} {} + | grep -v "${SHELLCHECK_SKIP}" || exit 0
     ;;
 
     shellcheck-remote-gencodes)
-        # shellcheck disable=SC2086
-        find cdist/conf/type -type f -name gencode-remote -exec ${SHELLCHECKCMD} {} + | grep -v "${SHELLCHECK_SKIP}" > "${SHELLCHECKTMP}"
-        test ! -s "${SHELLCHECKTMP}" || { cat "${SHELLCHECKTMP}"; exit 1; }
+        find cdist/conf/type -type f -name gencode-remote -exec ${SHELLCHECKCMD} {} + | grep -v "${SHELLCHECK_SKIP}" || exit 0
     ;;
 
     shellcheck-scripts)
-        # shellcheck disable=SC2086
-        ${SHELLCHECKCMD} scripts/cdist-dump scripts/cdist-new-type > "${SHELLCHECKTMP}"
-        test ! -s "${SHELLCHECKTMP}" || { cat "${SHELLCHECKTMP}"; exit 1; }
+        ${SHELLCHECKCMD} scripts/cdist-dump scripts/cdist-new-type || exit 0
     ;;
 
     shellcheck-gencodes)
-        "$0" shellcheck-local-gencodes || exit 1
-        "$0" shellcheck-remote-gencodes || exit 1
+        "$0" shellcheck-local-gencodes
+        "$0" shellcheck-remote-gencodes
     ;;
 
     shellcheck-types)
-        "$0" shellcheck-type-explorers || exit 1
-        "$0" shellcheck-manifests || exit 1
-        "$0" shellcheck-gencodes || exit 1
+        "$0" shellcheck-type-explorers
+        "$0" shellcheck-manifests
+        "$0" shellcheck-gencodes
     ;;
 
     shellcheck)
-        "$0" shellcheck-global-explorers || exit 1
-        "$0" shellcheck-types || exit 1
-        "$0" shellcheck-scripts || exit 1
+        "$0" shellcheck-global-explorers
+        "$0" shellcheck-types
+        "$0" shellcheck-scripts
     ;;
 
     shellcheck-type-files)
-        # shellcheck disable=SC2086
-        find cdist/conf/type -type f -path "*/files/*" -exec ${SHELLCHECKCMD} {} + | grep -v "${SHELLCHECK_SKIP}" > "${SHELLCHECKTMP}"
-        test ! -s "${SHELLCHECKTMP}" || { cat "${SHELLCHECKTMP}"; exit 1; }
+        find cdist/conf/type -type f -path "*/files/*" -exec ${SHELLCHECKCMD} {} + | grep -v "${SHELLCHECK_SKIP}" || exit 0
     ;;
 
     shellcheck-with-files)
-        "$0" shellcheck || exit 1
-        "$0" shellcheck-type-files || exit 1
+        "$0" shellcheck
+        "$0" shellcheck-type-files
     ;;
 
     shellcheck-build-helper)
@@ -550,7 +535,6 @@ eof
 
         # Temp files
         rm -f ./*.tmp
-        rm -f ./.*.tmp
     ;;
 
     distclean)

cdist/argparse.py

@@ -6,7 +6,6 @@ import collections
 import functools
 import cdist.configuration
 import cdist.preos
-import cdist.info
 
 
 # set of beta sub-commands
@@ -104,7 +103,7 @@ def get_parsers():
                                    name="log level"),
             help=('Set the specified verbosity level. '
                   'The levels, in order from the lowest to the highest, are: '
-                  'ERROR (-1), WARNING (0), INFO (1), VERBOSE (2), DEBUG (3), '
+                  'ERROR (-1), WARNING (0), INFO (1), VERBOSE (2), DEBUG (3) '
                   'TRACE (4 or higher). If used along with -v then -v '
                   'increases last set value and -l overwrites last set '
                   'value.'),
@@ -425,7 +424,7 @@ def get_parsers():
     parser['inventory'].set_defaults(
             func=cdist.inventory.Inventory.commandline)
 
-    # PreOS
+    # PreOs
     parser['preos'] = parser['sub'].add_parser('preos', add_help=False)
 
     # Shell
@@ -437,37 +436,6 @@ def get_parsers():
                   ' should be POSIX compatible shell.'))
     parser['shell'].set_defaults(func=cdist.shell.Shell.commandline)
 
-    # Info
-    parser['info'] = parser['sub'].add_parser('info')
-    parser['info'].add_argument(
-            '-a', '--all', help='Display all info. This is the default.',
-            action='store_true', default=False)
-    parser['info'].add_argument(
-            '-c', '--conf-dir',
-            help='Add configuration directory (can be repeated).',
-            action='append')
-    parser['info'].add_argument(
-            '-e', '--global-explorers',
-            help='Display info for global explorers.', action='store_true',
-            default=False)
-    parser['info'].add_argument(
-            '-F', '--fixed-string',
-            help='Interpret pattern as a fixed string.', action='store_true',
-            default=False)
-    parser['info'].add_argument(
-            '-f', '--full', help='Display full details.',
-            action='store_true', default=False)
-    parser['info'].add_argument(
-           '-g', '--config-file',
-           help='Use specified custom configuration file.',
-           dest="config_file", required=False)
-    parser['info'].add_argument(
-            '-t', '--types', help='Display info for types.',
-            action='store_true', default=False)
-    parser['info'].add_argument(
-            'pattern', nargs='?', help='Glob pattern.')
-    parser['info'].set_defaults(func=cdist.info.Info.commandline)
-
     for p in parser:
         parser[p].epilog = EPILOG
 

cdist/conf/explorer/disks

@@ -1,67 +1,27 @@
-#!/bin/sh -e
-#
-# based on previous work by other people, modified by:
-# 2020 Dennis Camera <dennis.camera at ssrq-sds-fds.ch>
-#
-# This file is part of cdist.
-#
-# cdist is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# cdist is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with cdist. If not, see <http://www.gnu.org/licenses/>.
-#
-# Finds disks of the system (excl. ram disks, floppy, cdrom)
+#!/bin/sh
 
 uname_s="$(uname -s)"
 
-case $uname_s in
+case "${uname_s}" in
     FreeBSD)
         sysctl -n kern.disks
     ;;
-    OpenBSD)
-        sysctl -n hw.disknames | grep -Eo '[lsw]d[0-9]+'
-    ;;
-    NetBSD)
-        PATH="${PATH}:/usr/local/sbin:/usr/sbin:/sbin"
-        sysctl -n hw.disknames \
-        | awk 'BEGIN { RS = " " } /^[lsw]d[0-9]+/'
+    OpenBSD|NetBSD)
+        sysctl -n hw.disknames | grep -Eo '[lsw]d[0-9]+' | xargs
     ;;
     Linux)
-        # list of major device numbers toexclude:
-        #  ram disks, floppies, cdroms
-        # https://www.kernel.org/doc/Documentation/admin-guide/devices.txt
-        ign_majors='1 2 11'
-
-        if command -v lsblk >/dev/null 2>&1
+        if command -v lsblk > /dev/null
         then
-            lsblk -e "$(echo "$ign_majors" | tr ' ' ',')" -dno name
-        elif test -d /sys/block/
-        then
-            # shellcheck disable=SC2012
-            ls -1 /sys/block/ \
-            | awk -v ign_majors="$(echo "$ign_majors" | tr ' ' '|')" '
-                {
-                  devfile = "/sys/block/" $0 "/dev"
-                  getline devno < devfile
-                  close(devfile)
-                  if (devno !~ "^(" ign_majors "):") print
-                }'
+            # exclude ram disks, floppies and cdroms
+            # https://www.kernel.org/doc/Documentation/admin-guide/devices.txt
+            lsblk -e 1,2,11 -dno name | xargs
         else
-            echo "Don't know how to list disks on Linux without lsblk and sysfs." >&2
-            echo 'If you can, please submit a patch.'>&2
+            printf "Don't know how to list disks for %s operating system without lsblk, if you can please submit a patch\n" "${uname_s}" >&2
         fi
     ;;
     *)
-        printf "Don't know how to list disks for %s operating system.\n" "${uname_s}" >&2
-        printf 'If you can please submit a patch\n' >&2
+        printf "Don't know how to list disks for %s operating system, if you can please submit a patch\n" "${uname_s}" >&2
     ;;
-esac \
-| xargs
+esac
+
+exit 0

cdist/conf/explorer/init

@@ -1,8 +1,7 @@
-#!/bin/sh -e
+#!/bin/sh
 #
 # 2016 Daniel Heule (hda at sfs.biz)
 # Copyright 2017, Philippe Gregoire <pg@pgregoire.xyz>
-# 2020 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
 #
 # This file is part of cdist.
 #
@@ -20,422 +19,21 @@
 # along with cdist. If not, see <http://www.gnu.org/licenses/>.
 #
 #
-# Returns the name of the init system (PID 1)
-
-# Expected values:
-# Linux:
-#  Adélie Linux:
-#    sysvinit+openrc
-#  Alpine Linux:
-#    busybox-init+openrc
-#  ArchLinux:
-#    systemd, sysvinit
-#  CRUX:
-#    sysvinit
-#  Debian:
-#    systemd, upstart, sysvinit, openrc, ???
-#  Devuan:
-#    sysvinit, sysvinit+openrc
-#  Gentoo:
-#    sysvinit+openrc, openrc-init, systemd
-#  OpenBMC:
-#    systemd
-#  OpenWrt:
-#    procd, init???
-#  RedHat (RHEL, CentOS, Fedora, RedHat Linux, ...):
-#    systemd, upstart, upstart-legacy, sysvinit
-#  Slackware:
-#    sysvinit
-#  SuSE:
-#    systemd, sysvinit
-#  Ubuntu:
-#    systemd, upstart, upstart-legacy, sysvinit
-#  VoidLinux:
-#    runit
+# Returns the process name of pid 1 ( normaly the init system )
+# for example at linux this value is "init" or "systemd" in most cases
 #
-# GNU:
-#   Debian:
-#     sysvinit, hurd-init
-#
-# BSD:
-#  {Free,Open,Net}BSD:
-#    init
-#
-# Mac OS X:
-#   launchd, init+SystemStarter
-#
-# Solaris/Illumos:
-#   smf, init???
 
-# NOTE: init systems can be stacked. This is popular to run OpenRC on top of
-# sysvinit (Gentoo) or busybox-init (Alpine), but can also be used to run runit
-# as a systemd service.  This makes init system detection very complicated
-# (which result is expected?)  This script tries to untangle some combinations,
-# OpenRC on top of sysv or busybox (X+openrc), but will ignore others (runit as
-# a systemd service)
+uname_s="$(uname -s)"
 
-# NOTE: When we have no idea, nothing will be printed!
-
-# NOTE:
-# When trying to gather information about the init system make sure to do so
-# without calling the binary!   On some systems this triggers a reinitialisation
-# of the system which we don't want (e.g. embedded systems).
-
-
-set -e
-
-KERNEL_NAME=$(uname -s)
-
-KNOWN_INIT_SYSTEMS=$(cat <<EOF
-systemd
-sysvinit
-upstart
-runit
-procd
-smf
-launchd
-init
-hurd_init
-systemstarter
-EOF
-)
-
-
-common_candidates_by_kernel() {
-	case $KERNEL_NAME
-	in
-		FreeBSD|NetBSD|OpenBSD)
-			echo init
-			;;
-		Linux)
-			echo systemd
-			echo sysvinit
-			echo upstart
-			;;
-		GNU)
-			echo sysvinit
-			echo hurd-init
-			;;
-		Darwin)
-			echo launchd
-			echo systemstarter
-			;;
-		SunOS)
-			echo smf
-			;;
-	esac
-}
-
-
-## Helpers
-
-trim() {
-	sed -e 's/^[[:blank:]]*//' -e 's/[[:blank:]]*$//' -e '/^[[:blank:]]*$/d'
-}
-
-unique() {
-	# Delete duplicate lines (keeping input order)
-	# NOTE: Solaris AWK breaks without if/print construct.
-	awk '{ if (!x[$0]++) print }'
-}
-
-
-## Check functions
-# These functions are used to verify if a guess is correct by checking some
-# common property of a running system (presence of a directory in /run etc.)
-
-check_busybox_init() (
-	busybox_path=${1:-/bin/busybox}
-	test -x "${busybox_path}" || return 1
-	grep -q 'BusyBox v[0-9]' "${busybox_path}" || return 1
-
-	# It is quite common to use Busybox init to stack other init systemd
-	# (like OpenRC) on top of it. So we check for that, too.
-	if stacked=$(check_openrc)
-	then
-		echo "busybox-init+${stacked}"
-	else
-		echo busybox-init
-	fi
-)
-
-check_hurd_init() (
-	init_exe=${1:-/hurd/init}
-	test -x "${init_exe}" || return 1
-	grep -q 'GNU Hurd' "${init_exe}" || return 1
-	echo hurd-init
-)
-
-check_init() {
-	# Checks for various BSD inits...
-	test -x /sbin/init || return 1
-
-	if grep -q -E '(Free|Net|Open)BSD' /sbin/init
-	then
-		echo init
-		return 0
-	fi
-}
-
-check_launchd() {
-	command -v launchctl >/dev/null 2>&1 || return 1
-	launchctl getenv PATH >/dev/null || return 1
-	echo launchd
-}
-
-check_openrc() {
-	test -f /run/openrc/softlevel || return 1
-	echo openrc
-}
-
-check_procd() (
-	procd_path=${1:-/sbin/procd}
-	test -x "${procd_path}" || return 1
-	grep -q 'procd' "${procd_path}" || return 1
-	echo procd
-)
-
-check_runit() {
-	test -d /run/runit || return 1
-	echo runit
-}
-
-check_smf() {
-	# XXX: Is this the correct way??
-	test -f /etc/svc/volatile/svc_nonpersist.db || return 1
-	echo smf
-}
-
-check_systemd() {
-	# NOTE: sd_booted(3)
-	test -d /run/systemd/system/ || return 1
-	# systemctl --version | sed -e '/^systemd/!d;s/^systemd //'
-	echo systemd
-}
-
-check_systemstarter() {
-	test -d /System/Library/StartupItems/ || return 1
-	test -f /System/Library/StartupItems/LoginWindow/StartupParameters.plist || return 1
-	echo init+SystemStarter
-}
-
-check_sysvinit() (
-	init_path=${1:-/sbin/init}
-	grep -q 'INIT_VERSION=sysvinit-[0-9.]*' "${init_path}" || return 1
-
-	# It is quite common to use SysVinit to stack other init systemd
-	# (like OpenRC) on top of it. So we check for that, too.
-	if stacked=$(check_openrc)
-	then
-		echo "sysvinit+${stacked}"
-	else
-		echo sysvinit
-	fi
-	unset stacked
-)
-
-check_upstart() {
-	test -x "$(command -v initctl)" || return 1
-	case $(initctl version)
-	in
-		*'(upstart '*')')
-			if test -d /etc/init
-			then
-				# modern (DBus-based?) upstart >= 0.5
-				echo upstart
-			elif test -d /etc/event.d
-			then
-				# ancient upstart
-				echo upstart-legacy
-			else
-				# whatever...
-				echo upstart
-			fi
-			;;
-		*)
-			return 1
-			;;
-	esac
-}
-
-find_init_procfs() (
-	# First, check if the required file in procfs exists...
-	test -h /proc/1/exe || return 1
-
-	# Find init executable
-	init_exe=$(ls -l /proc/1/exe 2>/dev/null) || return 1
-	init_exe=${init_exe#* -> }
-
-	if ! test -x "$init_exe"
-	then
-		# On some rare occasions it can happen that the
-		# running init's binary has been replaced. In this
-		# case Linux adjusts the symlink to "X (deleted)"
-
-		# [root@fedora-12 ~]# readlink /proc/1/exe
-		# /sbin/init (deleted)
-		# [root@fedora-12 ~]# ls -l /proc/1/exe
-		# lrwxrwxrwx. 1 root root 0 2020-01-30 23:00 /proc/1/exe -> /sbin/init (deleted)
-
-		init_exe=${init_exe% (deleted)}
-		test -x "$init_exe" || return 1
-	fi
-
-	echo "${init_exe}"
-)
-
-guess_by_path() {
-	case $1
-	in
-		/bin/busybox)
-			check_busybox_init "$1" && return
-			;;
-		/lib/systemd/systemd)
-			check_systemd "$1" && return
-			;;
-		/hurd/init)
-			check_hurd_init "$1" && return
-			;;
-		/sbin/launchd)
-			check_launchd "$1" && return
-			;;
-		/usr/bin/runit|/sbin/runit)
-			check_runit "$1" && return
-			;;
-		/sbin/openrc-init)
-			if check_openrc "$1" >/dev/null
-			then
-				echo openrc-init
-				return
-			fi
-			;;
-		/sbin/procd)
-			check_procd "$1" && return
-			;;
-		/sbin/init|*/init)
-			# init: it could be anything -> (explicit) no match
-			return 1
-			;;
-	esac
-
-	# No match
-	return 1
-}
-
-guess_by_comm_name() {
-	case $1
-	in
-		busybox)
-			check_busybox_init && return
-			;;
-		openrc-init)
-			if check_openrc >/dev/null
-			then
-				echo openrc-init
-				return 0
-			fi
-			;;
-		init)
-			# init could be anything -> no match
-			return 1
-			;;
-		*)
-			# Run check function by comm name if available.
-			# Fall back to comm name if either it does not exist or
-			# returns non-zero.
-			if type "check_$1" >/dev/null
-			then
-				"check_$1" && return
-			else
-				echo "$1" ; return 0
-			fi
-	esac
-
-	return 1
-}
-
-check_list() (
-	# List must be a multi-line input on stdin (one name per line)
-	while read -r init
-	do
-		"check_${init}" || continue
-		return 0
-	done
-	return 1
-)
-
-
-# BusyBox's versions of ps and pgrep do not support some options
-# depending on which compile-time options have been used.
-
-find_init_pgrep() {
-	pgrep -P0 -fl 2>/dev/null | awk -F '[[:blank:]]' '$1 == 1 { print $2 }'
-}
-
-find_init_ps() {
-	case $KERNEL_NAME
-	in
-		Darwin)
-			ps -o command -p 1 2>/dev/null | tail -n +2
-			;;
-		FreeBSD)
-			ps -o args= -p 1 2>/dev/null | cut -d ' ' -f 1
-			;;
-		Linux)
-			ps -o comm= -p 1 2>/dev/null
-			;;
-		NetBSD)
-			ps -o comm= -p 1 2>/dev/null
-			;;
-		OpenBSD)
-			ps -o args -p 1 2>/dev/null | tail -n +2 | cut -d ' ' -f 1
-			;;
-		*)
-			ps -o args= -p 1 2>/dev/null
-			;;
-	esac | trim  # trim trailing whitespace (some ps like Darwin add it)
-}
-
-find_init() {
-	case $KERNEL_NAME
-	in
-		Linux|GNU|NetBSD)
-			find_init_procfs || find_init_pgrep || find_init_ps
-			;;
-		FreeBSD)
-			find_init_procfs || find_init_ps
-			;;
-		OpenBSD)
-			find_init_pgrep || find_init_ps
-			;;
-		Darwin|SunOS)
-			find_init_ps
-			;;
-		*)
-			echo "Don't know how to determine init." >&2
-			echo 'Please send a patch.' >&2
-			exit 1
-	esac
-}
-
-# -----
-
-init=$(find_init)
-
-# If we got a path, guess by the path first (fall back to file name if no match)
-# else guess by file name directly.
-# shellcheck disable=SC2015
-{
-	test -x "${init}" \
-		&& guess_by_path "${init}" \
-		|| guess_by_comm_name "$(basename "${init}")"
-} && exit 0 || true
-
-
-# Guessing based on the file path and name didn’t lead to a definitive result.
-#
-# We go through all of the checks until we find a match. To speed up the
-# process, common cases will be checked first based on the underlying kernel.
-
-{ common_candidates_by_kernel; echo "${KNOWN_INIT_SYSTEMS}"; } \
-	| unique | check_list
+case "$uname_s" in
+    Linux)
+        (pgrep -P0 -l | awk '/^1[ \t]/ {print $2;}') || true
+    ;;
+    FreeBSD|OpenBSD)
+        ps -o comm= -p 1 || true
+    ;;
+    *)
+        # return a empty string as unknown value
+        echo ""
+    ;;
+esac

cdist/conf/explorer/os_release

@@ -1,7 +1,6 @@
 #!/bin/sh
 #
 # 2018 Adam Dej (dejko.a at gmail.com)
-# 2020 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
 #
 # This file is part of cdist.
 #
@@ -22,17 +21,6 @@
 
 # See os-release(5) and http://0pointer.de/blog/projects/os-release
 
-if test -f /etc/os-release
-then
-	# Linux and FreeBSD (usually a symlink)
-	cat /etc/os-release
-elif test -f /usr/lib/os-release
-then
-	# systemd
-	cat /usr/lib/os-release
-elif test -f /var/run/os-release
-then
-	# FreeBSD (created by os-release service)
-	cat /var/run/os-release
-fi
+set +e
 
+cat /etc/os-release || cat /usr/lib/os-release || true

cdist/conf/explorer/os_version

@@ -70,7 +70,4 @@ case "$("$__explorer/os")" in
    ubuntu)
       lsb_release -sr
    ;;
-   alpine)
-       cat /etc/alpine-release
-   ;;
-esac
+esac

cdist/conf/type/__acl/gencode-remote

@@ -20,13 +20,7 @@
 
 file_is="$( cat "$__object/explorer/file_is" )"
 
-if [ "$file_is" = 'missing' ] \
-    && [ -z "$__cdist_dry_run" ] \
-    && \( [ ! -f "$__object/parameter/file" ] \
-        || [ ! -f "$__object/parameter/directory" ] \)
-then
-    exit 0
-fi
+[ "$file_is" = 'missing' ] && [ -z "$__cdist_dry_run" ] && exit 0
 
 os="$( cat "$__global/explorer/os" )"
 
@@ -34,20 +28,7 @@ acl_path="/$__object_id"
 
 acl_is="$( cat "$__object/explorer/acl_is" )"
 
-if [ -f "$__object/parameter/source" ]
-then
-    acl_source="$( cat "$__object/parameter/source" )"
-
-    if [ "$acl_source" = '-' ]
-    then
-        acl_should="$( cat "$__object/stdin" )"
-    else
-        acl_should="$( grep -Ev '^#|^$' "$acl_source" )"
-    fi
-elif [ -f "$__object/parameter/entry" ]
-then
-    acl_should="$( cat "$__object/parameter/entry" )"
-elif [ -f "$__object/parameter/acl" ]
+if [ -f "$__object/parameter/acl" ]
 then
     acl_should="$( cat "$__object/parameter/acl" )"
 elif

cdist/conf/type/__acl/man.rst

@@ -15,24 +15,10 @@ See ``setfacl`` and ``acl`` manpages for more details.
 
 REQUIRED MULTIPLE PARAMETERS
 ----------------------------
-entry
+acl
    Set ACL entry following ``getfacl`` output syntax.
 
 
-OPTIONAL PARAMETERS
--------------------
-source
-   Read ACL entries from stdin or file.
-   Ordering of entries is not important.
-   When reading from file, comments and empty lines are ignored.
-
-file
-   Create/change file with ``__file`` using ``user:group:mode`` pattern.
-
-directory
-   Create/change directory with ``__directory`` using ``user:group:mode`` pattern.
-
-
 BOOLEAN PARAMETERS
 ------------------
 default
@@ -50,8 +36,8 @@ remove
 
 DEPRECATED PARAMETERS
 ---------------------
-Parameters ``acl``, ``user``, ``group``, ``mask`` and ``other`` are deprecated and they
-will be removed in future versions. Please use ``entry`` parameter instead.
+Parameters ``user``, ``group``, ``mask`` and ``other`` are deprecated and they
+will be removed in future versions. Please use ``acl`` parameter instead.
 
 
 EXAMPLES
@@ -63,38 +49,27 @@ EXAMPLES
         --default \
         --recursive \
         --remove \
-        --entry user:alice:rwx \
-        --entry user:bob:r-x \
-        --entry group:project-group:rwx \
-        --entry group:some-other-group:r-x \
-        --entry mask::r-x \
-        --entry other::r-x
+        --acl user:alice:rwx \
+        --acl user:bob:r-x \
+        --acl group:project-group:rwx \
+        --acl group:some-other-group:r-x \
+        --acl mask::r-x \
+        --acl other::r-x
 
     # give Alice read-only access to subdir,
     # but don't allow her to see parent content.
 
     __acl /srv/project2 \
         --remove \
-        --entry default:group:secret-project:rwx \
-        --entry group:secret-project:rwx \
-        --entry user:alice:--x
+        --acl default:group:secret-project:rwx \
+        --acl group:secret-project:rwx \
+        --acl user:alice:--x
 
     __acl /srv/project2/subdir \
         --default \
         --remove \
-        --entry group:secret-project:rwx \
-        --entry user:alice:r-x
-
-    # read acl from stdin
-    echo 'user:alice:rwx' \
-        | __acl /path/to/directory --source -
-
-    # create/change directory too
-    __acl /path/to/directory \
-        --default \
-        --remove \
-        --directory root:root:770 \
-        --entry user:nobody:rwx
+        --acl group:secret-project:rwx \
+        --acl user:alice:r-x
 
 
 AUTHORS

cdist/conf/type/__acl/manifest

@@ -1,11 +0,0 @@
-#!/bin/sh -e
-
-for p in file directory
-do
-    [ ! -f "$__object/parameter/$p" ] && continue
-
-    "__$p" "/$__object_id" \
-        --owner "$( awk -F: '{print $1}' "$__object/parameter/$p" )" \
-        --group "$( awk -F: '{print $2}' "$__object/parameter/$p" )" \
-        --mode  "$( awk -F: '{print $3}' "$__object/parameter/$p" )"
-done

cdist/conf/type/__acl/parameter/deprecated/acl

@@ -1 +0,0 @@
-see manual for details

cdist/conf/type/__acl/parameter/optional

@@ -1,5 +1,2 @@
 mask
 other
-source
-file
-directory

cdist/conf/type/__acl/parameter/optional_multiple

@@ -1,4 +1,3 @@
-entry
 acl
 user
 group

cdist/conf/type/__apt_unattended_upgrades/man.rst

@@ -1,68 +0,0 @@
-cdist-type__apt_unattended_upgrades(7)
-======================================
-
-NAME
-----
-cdist-type__apt_unattended_upgrades - automatic installation of updates
-
-
-DESCRIPTION
------------
-
-Install and configure unattended-upgrades package.
-
-For more information see https://wiki.debian.org/UnattendedUpgrades.
-
-
-OPTIONAL MULTIPLE PARAMETERS
-----------------------------
-option
-   Set options for unattended-upgrades. See examples.
-
-   Supported options with default values (as of 2020-01-17) are:
-
-   - AutoFixInterruptedDpkg, default is "true"
-   - MinimalSteps, default is "true"
-   - InstallOnShutdown, default is "false"
-   - Mail, default is "" (empty)
-   - MailOnlyOnError, default is "false"
-   - Remove-Unused-Kernel-Packages, default is "true"
-   - Remove-New-Unused-Dependencies, default is "true"
-   - Remove-Unused-Dependencies, default is "false"
-   - Automatic-Reboot, default is "false"
-   - Automatic-Reboot-WithUsers, default is "true"
-   - Automatic-Reboot-Time, default is "02:00"
-   - SyslogEnable, default is "false"
-   - SyslogFacility, default is "daemon"
-   - OnlyOnACPower, default is "true"
-   - Skip-Updates-On-Metered-Connections, default is "true"
-   - Verbose, default is "false"
-   - Debug, default is "false"
-
-blacklist
-   Python regular expressions, matching packages to exclude from upgrading.
-
-
-EXAMPLES
---------
-
-.. code-block:: sh
-
-    __apt_unattended_upgrades \
-        --option Mail=root \
-        --option MailOnlyOnError=true \
-        --blacklist multipath-tools \
-        --blacklist open-iscsi
-
-
-AUTHORS
--------
-Ander Punnar <ander-at-kvlt-dot-ee>
-
-
-COPYING
--------
-Copyright \(C) 2020 Ander Punnar. You can redistribute it and/or modify it
-under the terms of the GNU General Public License as published by the Free
-Software Foundation, either version 3 of the License, or (at your option) any
-later version.

cdist/conf/type/__apt_unattended_upgrades/manifest

@@ -1,80 +0,0 @@
-#!/bin/sh -e
-#
-# 2020 Ander Punnar (ander-at-kvlt-dot-ee)
-#
-# This file is part of cdist.
-#
-# cdist is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# cdist is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with cdist. If not, see <http://www.gnu.org/licenses/>.
-#
-
-__package unattended-upgrades
-
-export require='__package/unattended-upgrades'
-
-# in normal circumstances 20auto-upgrades is managed
-# by debconf and it can only contain these lines
-
-__file /etc/apt/apt.conf.d/20auto-upgrades \
-    --owner root \
-    --group root \
-    --mode 644 \
-    --source - << EOF
-APT::Periodic::Update-Package-Lists "1";
-APT::Periodic::Unattended-Upgrade "1";
-EOF
-
-# lets not write into upstream 50unattended-upgrades file,
-# but use our own config file to avoid clashes
-
-conf_file='/etc/apt/apt.conf.d/51unattended-upgrades-cdist'
-
-conf='# this file is managed by cdist'
-
-if [ -f "$__object/parameter/option" ]
-then
-    o=''
-
-    while read -r l
-    do
-        o="$( printf '%s\nUnattended-Upgrade::%s "%s";\n' "$o" "${l%%=*}" "${l#*=}" )"
-    done \
-        < "$__object/parameter/option"
-
-    conf="$( printf '%s\n%s\n' "$conf" "$o" )"
-fi
-
-if [ -f "$__object/parameter/blacklist" ]
-then
-    b='Unattended-Upgrade::Package-Blacklist {'
-
-    while read -r l
-    do
-        b="$( printf '%s\n"%s";\n' "$b" "$l" )"
-    done \
-        < "$__object/parameter/blacklist"
-
-    conf="$( printf '%s\n%s\n}\n' "$conf" "$b" )"
-fi
-
-if [ "$( echo "$conf" | wc -l )" -gt 1 ]
-then
-    echo "$conf" \
-        | __file "$conf_file" \
-            --owner root \
-            --group root \
-            --mode 644 \
-            --source -
-else
-    __file "$conf_file" --state absent
-fi

cdist/conf/type/__apt_unattended_upgrades/parameter/optional_multiple

@@ -1,2 +0,0 @@
-option
-blacklist

cdist/conf/type/__consul_agent/man.rst

@@ -116,9 +116,6 @@ verify-incoming
 verify-outgoing
    enforce the use of TLS and verify the peers authenticity on outgoing connections
 
-use-distribution-package
-   uses distribution package instead of upstream binary
-
 
 EXAMPLES
 --------

cdist/conf/type/__consul_agent/manifest

@@ -2,7 +2,6 @@
 #
 # 2015 Steven Armstrong (steven-cdist at armstrong.cc)
 # 2015-2019 Nico Schottelius (nico-cdist at schottelius.org)
-# 2019 Timothée Floure (timothee.floure at ungleich.ch)
 #
 # This file is part of cdist.
 #
@@ -20,75 +19,133 @@
 # along with cdist. If not, see <http://www.gnu.org/licenses/>.
 #
 
+
 os=$(cat "$__global/explorer/os")
 
-###
-# Type parameters.
+case "$os" in
+   alpine|scientific|centos|debian|devuan|redhat|ubuntu)
+      # whitelist safeguard
+      :
+   ;;
+   *)
+      echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2
+      echo "Please contribute an implementation for it if you can." >&2
+      exit 1
+   ;;
+esac
 
 state="$(cat "$__object/parameter/state")"
 user="$(cat "$__object/parameter/user")"
 group="$(cat "$__object/parameter/group")"
-release=$(cat "$__global/explorer/lsb_release")
-if [ -f "$__object/parameter/use-distribution-package" ]; then
-  use_distribution_package=1
-fi
-
-###
-# Those are default that might be overriden by os-specific logic.
-
 data_dir="/var/lib/consul"
 conf_dir="/etc/consul/conf.d"
 conf_file="config.json"
-tls_dir="$conf_dir/tls"
 
-###
-# Sane deployment, based on distribution package when available.
+# FIXME: there has got to be a better way to handle the dependencies in this case
+case "$state" in
+   present)
+      __group "$group" --system --state "$state"
+      require="__group/$group" \
+         __user "$user" --system --gid "$group" \
+            --home "$data_dir" --state "$state"
+      export require="__user/consul"
+   ;;
+   absent)
+      echo "Sorry, state=absent currently not supported :-(" >&2
+      exit 1
+      require="$__object_name" \
+         __user "$user" --system --gid "$group" --state "$state"
+      require="__user/$user" \
+         __group "$group" --system --state "$state"
+   ;;
+esac
 
-distribution_setup () {
-  case "$os" in
-     debian)
-       # consul is only available starting Debian 10 (buster).
-       # See https://packages.debian.org/buster/consul
-       if [ "$release" -lt 10 ]; then
-         echo "Consul is not available for your debian release." >&2
-         echo "Please use the 'manual' (i.e. non-package) installation or \
-           upgrade the target system." >&2
-         exit 1
-       fi
+__directory /etc/consul \
+   --owner root --group "$group" --mode 750 --state "$state"
+require="__directory/etc/consul" \
+   __directory "$conf_dir" \
+      --owner root --group "$group" --mode 750 --state "$state"
 
-       # Override previously defined environment to match debian packaging.
-       conf_dir='/etc/consul.d'
-       user='consul'
-       group='consul'
-     ;;
-     alpine)
-       # consul is only available starting Alpine 3.12 (= edge during the 3.11 cycle).
-       # See https://pkgs.alpinelinux.org/packages?name=consul&branch=edge
+if [ -f "$__object/parameter/ca-file-source" ] || [ -f "$__object/parameter/cert-file-source" ] || [ -f "$__object/parameter/key-file-source" ]; then
+   # create directory for ssl certs
+   require="__directory/etc/consul" \
+      __directory /etc/consul/ssl \
+         --owner root --group "$group" --mode 750 --state "$state"
+fi
 
-       # Override previously defined environment to match alpine packaging.
-       conf_dir='/etc/consul'
-       conf_file='server.json'
-       data_dir='/var/consul'
-       user='consul'
-       group='consul'
-     ;;
-     *)
-        echo "Your operating system ($os) is currently not supported with the \
-          --use-distribution-package flag (${__type##*/})." >&2
-        echo "Please use non-package installation or contribute an \
-          implementation for if you can." >&2
-        exit 1
-     ;;
-  esac
+__directory "$data_dir" \
+   --owner "$user" --group "$group" --mode 770 --state "$state"
 
-  # Install consul package.
-  __package consul --state "$state"
 
-  export config_deployment_requires="__package/consul"
-}
+# Generate json config file
+(
+echo "{"
 
-###
-# LEGACY manual deployment, kept for compatibility reasons.
+# parameters we define ourself
+printf '   "data_dir": "%s"\n' "$data_dir"
+
+cd "$__object/parameter/"
+for param in *; do
+   case "$param" in
+      state|user|group|json-config) continue ;;
+      ca-file-source|cert-file-source|key-file-source)
+         source="$(cat "$__object/parameter/$param")"
+         destination="/etc/consul/ssl/${source##*/}"
+         require="__directory/etc/consul/ssl" \
+            __file "$destination" \
+               --owner root --group consul --mode 640 \
+               --source "$source" \
+               --state "$state"
+         key="$(echo "${param%-*}" | tr '-' '_')"
+         printf '   ,"%s": "%s"\n' "$key" "$destination"
+      ;;
+      disable-remote-exec|disable-update-check|leave-on-terminate|rejoin-after-leave|server|enable-syslog|verify-incoming|verify-outgoing)
+         # handle boolean parameters
+         key="$(echo "$param" | tr '-' '_')"
+         printf '   ,"%s": true\n' "$key"
+      ;;
+      retry-join)
+         # join multiple parameters into json array
+         retry_join="$(awk '{printf "\""$1"\","}' "$__object/parameter/retry-join")"
+         # remove trailing ,
+         printf '   ,"retry_join": [%s]\n' "${retry_join%*,}"
+      ;;
+      retry-join-wan)
+         # join multiple parameters into json array over wan
+         retry_join_wan="$(awk '{printf "\""$1"\","}' "$__object/parameter/retry-join-wan")"
+         # remove trailing ,
+         printf '   ,"retry_join_wan": [%s]\n' "${retry_join_wan%*,}"
+      ;;
+      bootstrap-expect)
+         # integer key=value parameters
+         key="$(echo "$param" | tr '-' '_')"
+         printf '   ,"%s": %s\n' "$key" "$(cat "$__object/parameter/$param")"
+      ;;
+      *)
+         # string key=value parameters
+         key="$(echo "$param" | tr '-' '_')"
+         printf '   ,"%s": "%s"\n' "$key" "$(cat "$__object/parameter/$param")"
+      ;;
+   esac
+done
+if [ -f "$__object/parameter/json-config" ]; then
+   json_config="$(cat "$__object/parameter/json-config")"
+   if [ "$json_config" = "-" ]; then
+      json_config="$__object/stdin"
+   fi
+   # remove leading and trailing whitespace and commas from first and last line
+   # indent each line with 3 spaces for consistency
+   json=$(sed -e 's/^[ \t]*/   /' -e '1s/^[ \t,]*//' -e '$s/[ \t,]*$//' "$json_config")
+   printf '   ,%s\n' "$json"
+fi
+echo "}"
+) | \
+require="__directory${conf_dir}" \
+   __config_file "${conf_dir}/${conf_file}" \
+      --owner root --group "$group" --mode 640 \
+      --state "$state" \
+      --onchange 'service consul status >/dev/null && service consul reload || true' \
+      --source -
 
 init_sysvinit()
 {
@@ -122,186 +179,47 @@ init_upstart()
     require="__file/etc/init/consul.conf" __start_on_boot consul
 }
 
-manual_setup () {
-  case "$os" in
-     alpine|scientific|centos|debian|devuan|redhat|ubuntu)
-        # whitelist safeguard
-        :
-     ;;
-     *)
-        echo "Your operating system ($os) is currently not supported by this \
-          type (${__type##*/})." >&2
-        echo "Please contribute an implementation for it if you can." >&2
-        exit 1
-     ;;
-  esac
-
-  # FIXME: there has got to be a better way to handle the dependencies in this case
-  case "$state" in
-     present)
-        __group "$group" --system --state "$state"
-        require="__group/$group" __user "$user" \
-          --system --gid "$group" --home "$data_dir" --state "$state"
-     ;;
-     *)
-        echo "The $state state is not (yet?) supported by this type." >&2
-        exit 1
-     ;;
-  esac
-
-  # Create data directory.
-  require="__user/consul" __directory "$data_dir" \
-    --owner "$user" --group "$group" --mode 770 --state "$state"
-
-  # Create config directory.
-  require="__user/consul" __directory "$conf_dir" \
-    --parents --owner root --group "$group" --mode 750 --state "$state"
-
-  # Install init script to start on boot
-  case "$os" in
-      devuan)
-          init_sysvinit debian
-          ;;
-      centos|redhat)
-          os_version="$(sed 's/[^0-9.]//g' "$__global/explorer/os_version")"
-          major_version="${os_version%%.*}"
-          case "$major_version" in
-              [456])
-                  init_sysvinit redhat
-                  ;;
-              7)
-                  init_systemd
-                  ;;
-              *)
-                  echo "Unsupported CentOS/Redhat version: $os_version" >&2
-                  exit 1
-                  ;;
-          esac
-          ;;
-
-      debian)
-          os_version=$(cat "$__global/explorer/os_version")
-          major_version="${os_version%%.*}"
-
-          case "$major_version" in
-              [567])
-                  init_sysvinit debian
-              ;;
-              [89]|10)
-                  init_systemd
-              ;;
-              *)
-                  echo "Unsupported Debian version $os_version" >&2
-                  exit 1
-              ;;
-          esac
-          ;;
-
-      ubuntu)
-          init_upstart
-          ;;
-  esac
-
-  config_deployment_requires="__user/consul __directory/$conf_dir"
-}
-
-###
-# Trigger requested installation method.
-if [ $use_distribution_package ]; then
-  distribution_setup
-else
-  manual_setup
-fi
-
-###
-# Install TLS certificates.
-
-if [ -f "$__object/parameter/ca-file-source" ] || \
-   [ -f "$__object/parameter/cert-file-source" ] || \
-   [ -f "$__object/parameter/key-file-source" ]; then
-
-   requires="$config_deployment_requires" __directory $tls_dir \
-     --owner root --group "$group" --mode 750 --state "$state"
-
-   # Append to service restart requirements.
-   restart_requires="$restart_requires __directory/$conf_dir/tls"
-fi
-
-###
-# Generate and deploy configuration.
-
-json_configuration=$(
-  echo "{"
-
-  # parameters we define ourself
-  printf '   "data_dir": "%s"\n' "$data_dir"
-
-  cd "$__object/parameter/"
-  for param in *; do
-     case "$param" in
-        state|user|group|json-config|use-distribution-package) continue ;;
-        ca-file-source|cert-file-source|key-file-source)
-           source="$(cat "$__object/parameter/$param")"
-           destination="$tls_dir/${source##*/}"
-           require="__directory/$tls_dir" \
-              __file "$destination" \
-                 --owner root --group consul --mode 640 \
-                 --source "$source" \
-                 --state "$state"
-           key="$(echo "${param%-*}" | tr '-' '_')"
-           printf '   ,"%s": "%s"\n' "$key" "$destination"
+# Install init script to start on boot
+case "$os" in
+    alpine|devuan)
+        init_sysvinit debian
         ;;
-        disable-remote-exec|disable-update-check|leave-on-terminate\
-          |rejoin-after-leave|server|enable-syslog|verify-incoming|verify-outgoing)
-           # handle boolean parameters
-           key="$(echo "$param" | tr '-' '_')"
-           printf '   ,"%s": true\n' "$key"
+    centos|redhat)
+        os_version="$(sed 's/[^0-9.]//g' "$__global/explorer/os_version")"
+        major_version="${os_version%%.*}"
+        case "$major_version" in
+            [456])
+                init_sysvinit redhat
+                ;;
+            7)
+                init_systemd
+                ;;
+            *)
+                echo "Unsupported CentOS/Redhat version: $os_version" >&2
+                exit 1
+                ;;
+        esac
         ;;
-        retry-join)
-           # join multiple parameters into json array
-           retry_join="$(awk '{printf "\""$1"\","}' "$__object/parameter/retry-join")"
-           # remove trailing ,
-           printf '   ,"retry_join": [%s]\n' "${retry_join%*,}"
-        ;;
-        retry-join-wan)
-           # join multiple parameters into json array over wan
-           retry_join_wan="$(awk '{printf "\""$1"\","}' "$__object/parameter/retry-join-wan")"
-           # remove trailing ,
-           printf '   ,"retry_join_wan": [%s]\n' "${retry_join_wan%*,}"
-        ;;
-        bootstrap-expect)
-           # integer key=value parameters
-           key="$(echo "$param" | tr '-' '_')"
-           printf '   ,"%s": %s\n' "$key" "$(cat "$__object/parameter/$param")"
-        ;;
-        *)
-           # string key=value parameters
-           key="$(echo "$param" | tr '-' '_')"
-           printf '   ,"%s": "%s"\n' "$key" "$(cat "$__object/parameter/$param")"
-        ;;
-     esac
-  done
-  if [ -f "$__object/parameter/json-config" ]; then
-     json_config="$(cat "$__object/parameter/json-config")"
-     if [ "$json_config" = "-" ]; then
-        json_config="$__object/stdin"
-     fi
-     # remove leading and trailing whitespace and commas from first and last line
-     # indent each line with 3 spaces for consistency
-     json=$(sed -e 's/^[ \t]*/   /' -e '1s/^[ \t,]*//' -e '$s/[ \t,]*$//' "$json_config")
-     printf '   ,%s\n' "$json"
-  fi
-  echo "}"
-)
-echo "$json_configuration" | require="$config_deployment_requires" \
-  __file "$conf_dir/$conf_file" \
-      --owner root --group "$group" --mode 640 \
-      --state "$state" \
-      --source -
 
-# Set configuration deployment as requirement for service restart.
-restart_requires="__file/$conf_dir/$conf_file"
+    debian)
+        os_version=$(cat "$__global/explorer/os_version")
+        major_version="${os_version%%.*}"
 
-###
-# Restart consul agent after everything else.
-require="$restart_requires" __service consul --action restart
+        case "$major_version" in
+            [567])
+                init_sysvinit debian
+            ;;
+            [89])
+                init_systemd
+            ;;
+            *)
+                echo "Unsupported Debian version $os_version" >&2
+                exit 1
+            ;;
+        esac
+        ;;
+
+    ubuntu)
+        init_upstart
+        ;;
+esac

cdist/conf/type/__consul_agent/parameter/boolean

@@ -6,4 +6,3 @@ server
 enable-syslog
 verify-incoming
 verify-outgoing
-use-distribution-package

cdist/conf/type/__consul_check/explorer/conf-dir

@@ -1 +0,0 @@
-../../__consul_service/explorer/conf-dir

cdist/conf/type/__consul_check/manifest

@@ -19,7 +19,7 @@
 #
 
 name="$(cat "$__object/parameter/name" 2>/dev/null || echo "$__object_id")"
-conf_dir=$(cat "$__object/explorer/conf-dir")
+conf_dir="/etc/consul/conf.d"
 conf_file="check_${name}.json"
 state="$(cat "$__object/parameter/state")"
 

cdist/conf/type/__consul_service/explorer/conf-dir

@@ -1,15 +0,0 @@
-# Determine the configuration directory used by consul.
-
-check_dir () {
-  if [ -d "$1" ]; then
-    printf '%s' "$1"
-    exit
-  fi
-}
-
-check_dir '/etc/consul/conf.d'
-check_dir '/etc/consul.d'
-check_dir '/etc/consul'
-
-echo 'Could not determine consul configuration dir. Exiting.' >&2
-exit 1

cdist/conf/type/__consul_service/manifest

@@ -19,7 +19,7 @@
 #
 
 name="$(cat "$__object/parameter/name" 2>/dev/null || echo "$__object_id")"
-conf_dir=$(cat "$__object/explorer/conf-dir")
+conf_dir="/etc/consul/conf.d"
 conf_file="service_${name}.json"
 state="$(cat "$__object/parameter/state")"
 
@@ -45,7 +45,7 @@ printf '      "name": "%s"\n' "$name"
 cd "$__object/parameter/"
 for param in *; do
    case "$param" in
-      state|name|check-interval|conf-dir) continue ;;
+      state|name|check-interval) continue ;;
       check-script)
          printf '     ,"check": {\n'
          printf '         "script": "%s"\n' "$(cat "$__object/parameter/check-script")"
@@ -86,6 +86,7 @@ echo "   }"
 # end json file
 echo "}"
 ) | \
+require="__directory${conf_dir}" \
    __config_file "${conf_dir}/${conf_file}" \
       --owner root --group consul --mode 640 \
       --state "$state" \

cdist/conf/type/__consul_watch_checks/explorer/conf-dir

@@ -1 +0,0 @@
-../../__consul_service/explorer/conf-dir

cdist/conf/type/__consul_watch_checks/manifest

@@ -20,7 +20,7 @@
 
 cdist_type="${__type##*/}"
 watch_type="${cdist_type##*_}"
-conf_dir=$(cat "$__object/explorer/conf-dir")
+conf_dir="/etc/consul/conf.d"
 conf_file="watch_${watch_type}_${__object_id}.json"
 state="$(cat "$__object/parameter/state")"
 

cdist/conf/type/__consul_watch_event/explorer/conf-dir

@@ -1 +0,0 @@
-../../__consul_service/explorer/conf-dir

cdist/conf/type/__consul_watch_event/manifest

@@ -20,7 +20,7 @@
 
 cdist_type="${__type##*/}"
 watch_type="${cdist_type##*_}"
-conf_dir=$(cat "$__object/explorer/conf-dir")
+conf_dir="/etc/consul/conf.d"
 conf_file="watch_${watch_type}_${__object_id}.json"
 state="$(cat "$__object/parameter/state")"
 

cdist/conf/type/__consul_watch_key/explorer/conf-dir

@@ -1 +0,0 @@
-../../__consul_service/explorer/conf-dir

cdist/conf/type/__consul_watch_key/manifest

@@ -20,7 +20,7 @@
 
 cdist_type="${__type##*/}"
 watch_type="${cdist_type##*_}"
-conf_dir=$(cat "$__object/explorer/conf-dir")
+conf_dir="/etc/consul/conf.d"
 conf_file="watch_${watch_type}_${__object_id}.json"
 state="$(cat "$__object/parameter/state")"
 

cdist/conf/type/__consul_watch_keyprefix/explorer/conf-dir

@@ -1 +0,0 @@
-../../__consul_service/explorer/conf-dir

cdist/conf/type/__consul_watch_keyprefix/manifest

@@ -20,7 +20,7 @@
 
 cdist_type="${__type##*/}"
 watch_type="${cdist_type##*_}"
-conf_dir=$(cat "$__object/explorer/conf-dir")
+conf_dir="/etc/consul/conf.d"
 conf_file="watch_${watch_type}_${__object_id}.json"
 state="$(cat "$__object/parameter/state")"
 

cdist/conf/type/__consul_watch_nodes/explorer/conf-dir

@@ -1 +0,0 @@
-../../__consul_service/explorer/conf-dir

cdist/conf/type/__consul_watch_nodes/manifest

@@ -20,7 +20,7 @@
 
 cdist_type="${__type##*/}"
 watch_type="${cdist_type##*_}"
-conf_dir=$(cat "$__object/explorer/conf-dir")
+conf_dir="/etc/consul/conf.d"
 conf_file="watch_${watch_type}_${__object_id}.json"
 state="$(cat "$__object/parameter/state")"
 

cdist/conf/type/__consul_watch_service/explorer/conf-dir

@@ -1 +0,0 @@
-../../__consul_service/explorer/conf-dir

cdist/conf/type/__consul_watch_service/manifest

@@ -20,7 +20,7 @@
 
 cdist_type="${__type##*/}"
 watch_type="${cdist_type##*_}"
-conf_dir=$(cat "$__object/explorer/conf-dir")
+conf_dir="/etc/consul/conf.d"
 conf_file="watch_${watch_type}_${__object_id}.json"
 state="$(cat "$__object/parameter/state")"
 

cdist/conf/type/__consul_watch_services/explorer/conf-dir

@@ -1 +0,0 @@
-../../__consul_service/explorer/conf-dir

cdist/conf/type/__consul_watch_services/manifest

@@ -20,7 +20,7 @@
 
 cdist_type="${__type##*/}"
 watch_type="${cdist_type##*_}"
-conf_dir=$(cat "$__object/explorer/conf-dir")
+conf_dir="/etc/consul/conf.d"
 conf_file="watch_${watch_type}_${__object_id}.json"
 state="$(cat "$__object/parameter/state")"
 

cdist/conf/type/__cron/gencode-remote

@@ -31,28 +31,24 @@ if [ -f "$__object/parameter/raw" ]; then
 elif [ -f "$__object/parameter/raw_command" ]; then
    entry="$command"
 else
-   minute="$(cat "$__object/parameter/minute")"
-   hour="$(cat "$__object/parameter/hour")"
-   day_of_month="$(cat "$__object/parameter/day_of_month")"
-   month="$(cat "$__object/parameter/month")"
-   day_of_week="$(cat "$__object/parameter/day_of_week")"
+   minute="$(cat "$__object/parameter/minute" 2>/dev/null || echo "*")"
+   hour="$(cat "$__object/parameter/hour" 2>/dev/null || echo "*")"
+   day_of_month="$(cat "$__object/parameter/day_of_month" 2>/dev/null || echo "*")"
+   month="$(cat "$__object/parameter/month" 2>/dev/null || echo "*")"
+   day_of_week="$(cat "$__object/parameter/day_of_week" 2>/dev/null || echo "*")"
    entry="$minute $hour $day_of_month $month $day_of_week $command # $name"
 fi
 
 mkdir "$__object/files"
 echo "$entry" > "$__object/files/entry"
 
-if [ -s "$__object/explorer/entry" ]; then
-    if diff -q "$__object/files/entry" "$__object/explorer/entry" >/dev/null; then
-        state_is=present
-    else
-        state_is=modified
-    fi
+if diff -q "$__object/files/entry" "$__object/explorer/entry" >/dev/null; then
+    state_is=present
 else
     state_is=absent
 fi
 
-state_should="$(cat "$__object/parameter/state")"
+state_should="$(cat "$__object/parameter/state" 2>/dev/null || echo "present")"
 
 [ "$state_is" = "$state_should" ] && exit 0
 

cdist/conf/type/__cron/manifest

@@ -22,12 +22,3 @@ if [ -f "$__object/parameter/raw" ] && [ -f "$__object/parameter/raw_command" ];
     echo "ERROR: both raw and raw_command specified" >&2
     exit 1
 fi
-
-case "$(cat "$__object/parameter/state")" in
-    present) ;;
-    absent) ;;
-
-    *)
-        echo "ERROR: unkown cron state" >&2
-        exit 2
-esac

cdist/conf/type/__cron/parameter/default/day_of_month

@@ -1 +0,0 @@
-*

cdist/conf/type/__cron/parameter/default/day_of_week

@@ -1 +0,0 @@
-*

cdist/conf/type/__cron/parameter/default/hour

@@ -1 +0,0 @@
-*

cdist/conf/type/__cron/parameter/default/minute

@@ -1 +0,0 @@
-*

cdist/conf/type/__cron/parameter/default/month

@@ -1 +0,0 @@
-*

cdist/conf/type/__cron/parameter/default/state

@@ -1 +0,0 @@
-present

cdist/conf/type/__directory/explorer/stat

@@ -1,7 +1,6 @@
 #!/bin/sh
 #
 # 2013 Steven Armstrong (steven-cdist armstrong.cc)
-# 2020 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
 #
 # This file is part of cdist.
 #
@@ -21,43 +20,24 @@
 
 destination="/$__object_id"
 
-fallback() {
-   # Patch the output together, manually
-
-   ls_line=$(ls -ldn "$destination")
-
-   uid=$(echo "$ls_line" | awk '{ print $3 }')
-   gid=$(echo "$ls_line" | awk '{ print $4 }')
-
-   owner=$(awk -F: -v uid="$uid" '$3 == uid { print $1; f=1 } END { if (!f) print "UNKNOWN" }' /etc/passwd)
-   group=$(awk -F: -v uid="$uid" '$3 == uid { print $1; f=1 } END { if (!f) print "UNKNOWN" }' /etc/group)
-
-   mode_text=$(echo "$ls_line" | awk '{ print $1 }')
-   mode=$(echo "$mode_text" | awk '{ k=0; for (i=0; i<=8; i++) k += ((substr($1, i+2, 1) ~ /[rwx]/) * 2^(8-i)); printf("%0o", k) }')
-
-   printf 'type: %s\nowner: %d %s\ngroup: %d %s\nmode: %s %s\n' \
-      "$("$__type_explorer/type")" \
-      "$uid" "$owner" \
-      "$gid" "$group" \
-      "$mode" "$mode_text"
-}
-
 # nothing to work with, nothing we could do
 [ -e "$destination" ] || exit 0
 
-if ! command -v stat >/dev/null
-then
-   fallback
-   exit
-fi
-
-case $("$__explorer/os") in
+os=$("$__explorer/os")
+case "$os" in
    "freebsd"|"netbsd"|"openbsd"|"macosx")
       stat -f "type: %HT
 owner: %Du %Su
 group: %Dg %Sg
 mode: %Lp %Sp
-" "$destination" | awk '/^type/ { print tolower($0); next } { print }'
+" "$destination" | awk '/^type/ { print tolower($0); next; } { print; }'
+      ;;
+   alpine)
+      stat -c "type: %F
+owner: %u %U
+group: %g %G
+mode: %a %A
+" "$destination"
       ;;
     solaris)
         ls1="$( ls -ld "$destination" )"
@@ -89,12 +69,10 @@ mode: %Lp %Sp
         echo "mode: $octets $( echo "$ls1" | awk '{print $1}' )"
     ;;
    *)
-      # NOTE: Do not use --printf here as it is not supported by BusyBox stat.
-      # NOTE: BusyBox's stat might not support the "-c" option, in which case
-      #       we fall through to the shell fallback.
-       stat -c "type: %F
+       stat --printf="type: %F
 owner: %u %U
 group: %g %G
-mode: %a %A" "$destination" 2>/dev/null || fallback
+mode: %a %A
+" "$destination"
    ;;
 esac

cdist/conf/type/__directory/gencode-remote

@@ -3,7 +3,6 @@
 # 2011-2013 Nico Schottelius (nico-cdist at schottelius.org)
 # 2013 Steven Armstrong (steven-cdist armstrong.cc)
 # 2014 Daniel Heule (hda at sfs.biz)
-# 2020 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
 #
 # This file is part of cdist.
 #
@@ -22,8 +21,8 @@
 #
 
 destination="/$__object_id"
-state_should=$(cat "$__object/parameter/state")
-type=$(cat "$__object/explorer/type")
+state_should="$(cat "$__object/parameter/state")"
+type="$(cat "$__object/explorer/type")"
 stat_file="$__object/explorer/stat"
 
 # variable to keep track if we have to set directory attributes
@@ -73,7 +72,7 @@ set_mode() {
 }
 
 case "$state_should" in
-   present|exists)
+   present)
       if [ "$type" != "directory" ]; then
          set_attributes=1
          if [ "$type" != "none" ]; then
@@ -84,10 +83,6 @@ case "$state_should" in
          fi
          echo "mkdir $mkdiropt '$destination'"
          echo "create" >> "$__messages_out"
-      elif [ "$state_should" = 'exists' ]; then
-         # The type is directory and --state exists. We are done and do not
-         # check or set the attributes.
-         exit 0
       fi
 
       # Note: Mode - needs to happen last as a chown/chgrp can alter mode by
@@ -108,26 +103,6 @@ case "$state_should" in
          fi
       done
    ;;
-   pre-exists)
-      case $type in
-         directory)
-            # all good
-            exit 0
-         ;;
-         none)
-            printf 'Directory "%s" does not exist\n' "$destination" >&2
-            exit 1
-         ;;
-         file|symlink)
-            printf 'File "%s" exists and is a %s, but should be a directory\n' "$destination" "$type" >&2
-            exit 1
-         ;;
-         *)
-            printf 'File or directory "%s" is in an unknown state\n' "$destination" >&2
-            exit 1
-         ;;
-      esac
-   ;;
    absent)
         if [ "$type" = "directory" ]; then
             echo "rm -rf '$destination'"

cdist/conf/type/__directory/man.rst

@@ -19,18 +19,7 @@ None.
 OPTIONAL PARAMETERS
 -------------------
 state
-   'present', 'absent', 'exists' or 'pre-exists', defaults to 'present' where:
-
-   present
-      the directory exists and the given attributes are set.
-   absent
-      the directory does not exist.
-   exists
-      the directory exists, but its attributes are not altered if it already
-      existed.
-   pre-exists
-      check that the directory exists and is indeed a directory, but do not
-      create or modify it.
+   'present' or 'absent', defaults to 'present'
 
 group
    Group to chgrp to.
@@ -47,7 +36,7 @@ BOOLEAN PARAMETERS
 parents
    Whether to create parents as well (mkdir -p behaviour).
    Warning: all intermediate directory permissions default
-   to whatever mkdir -p does.
+   to whatever mkdir -p does. 
 
    Usually this means root:root, 0700.
 

cdist/conf/type/__file/explorer/stat

@@ -2,7 +2,6 @@
 #
 # 2013 Steven Armstrong (steven-cdist armstrong.cc)
 # 2019 Nico Schottelius (nico-cdist at schottelius.org)
-# 2020 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
 #
 # This file is part of cdist.
 #
@@ -22,54 +21,29 @@
 
 destination="/$__object_id"
 
-fallback() {
-   # Fallback: Patch the output together, manually.
-
-   ls_line=$(ls -ldn "$destination")
-
-   uid=$(echo "$ls_line" | awk '{ print $3 }')
-   gid=$(echo "$ls_line" | awk '{ print $4 }')
-
-   owner=$(awk -F: -v uid="$uid" '$3 == uid { print $1; f=1 } END { if (!f) print "UNKNOWN" }' /etc/passwd)
-   group=$(awk -F: -v uid="$uid" '$3 == uid { print $1; f=1 } END { if (!f) print "UNKNOWN" }' /etc/group)
-
-   mode_text=$(echo "$ls_line" | awk '{ print $1 }')
-   mode=$(echo "$mode_text" | awk '{ k=0; for (i=0; i<=8; i++) k += ((substr($1, i+2, 1) ~ /[rwx]/) * 2^(8-i)); printf("%0o", k) }')
-
-   size=$(echo "$ls_line" | awk '{ print $5 }')
-   links=$(echo "$ls_line" | awk '{ print $2 }')
-
-   printf 'type: %s\nowner: %d %s\ngroup: %d %s\nmode: %s %s\nsize: %d\nlinks: %d\n' \
-      "$("$__type_explorer/type")" \
-      "$uid" "$owner" \
-      "$gid" "$group" \
-      "$mode" "$mode_text" \
-      "$size" \
-      "$links"
-}
-
-
 # nothing to work with, nothing we could do
 [ -e "$destination" ] || exit 0
 
-
-if ! command -v stat >/dev/null
-then
-   fallback
-   exit
-fi
-
-
-case $("$__explorer/os")
-in
-   freebsd|netbsd|openbsd|macosx)
+os=$("$__explorer/os")
+case "$os" in
+   "freebsd"|"netbsd"|"openbsd"|"macosx")
       stat -f "type: %HT
 owner: %Du %Su
 group: %Dg %Sg
 mode: %Lp %Sp
 size: %Dz
 links: %Dl
-" "$destination" | awk '/^type/ { print tolower($0); next } { print }'
+" "$destination" | awk '/^type/ { print tolower($0); next; } { print; }'
+      ;;
+   alpine)
+       # busybox stat
+      stat -c "type: %F
+owner: %u %U
+group: %g %G
+mode: %a %A
+size: %s
+links: %h
+" "$destination"
       ;;
     solaris)
         ls1="$( ls -ld "$destination" )"
@@ -103,14 +77,12 @@ links: %Dl
         echo "links: $( echo "$ls1" | awk '{print $2}' )"
     ;;
    *)
-      # NOTE: Do not use --printf here as it is not supported by BusyBox stat.
-      # NOTE: BusyBox's stat might not support the "-c" option, in which case
-      #       we fall through to the shell fallback.
-      stat -c "type: %F
+      stat --printf="type: %F
 owner: %u %U
 group: %g %G
 mode: %a %A
 size: %s
-links: %h" "$destination" 2>/dev/null || fallback
-         ;;
+links: %h
+" "$destination"
+      ;;
 esac

cdist/conf/type/__file/gencode-local

@@ -31,24 +31,12 @@ if [ "$state_should" = "pre-exists" ]; then
       exit 1
    fi
 
-   case $type in
-      file)
-         # nothing to do
-         exit 0
-      ;;
-      none)
-         printf 'File "%s" does not exist\n' "$destination" >&2
-         exit 1
-      ;;
-      directory|symlink)
-         printf 'File "%s" exists and is a %s, but should be a regular file\n' "$destination" "$type" >&2
-         exit 1
-      ;;
-      *)
-         printf 'File or directory "%s" is in an unknown state\n' "$destination" >&2
-         exit 1
-      ;;
-   esac
+   if [ "$type" = "file" ]; then
+      exit 0 # nothing to do
+   else
+      echo "File \"$destination\" does not exist"
+      exit 1
+   fi
 fi
 
 upload_file=

cdist/conf/type/__file/gencode-remote

@@ -55,40 +55,36 @@ set_owner() {
 }
 
 set_mode() {
-    echo "chmod '$1' '$destination'"
-    echo "chmod '$1'" >> "$__messages_out"
-    fire_onchange=1
+   echo "chmod '$1' '$destination'"
+   echo "chmod '$1'" >> "$__messages_out"
+   fire_onchange=1
 }
 
 case "$state_should" in
-    present|exists)
-        # Note: Mode - needs to happen last as a chown/chgrp can alter mode by
-        #  clearing S_ISUID and S_ISGID bits (see chown(2))
-        for attribute in group owner mode; do
-            if [ -f "$__object/parameter/$attribute" ]; then
-                value_should="$(cat "$__object/parameter/$attribute")"
+    present|exists|pre-exists)
+    # Note: Mode - needs to happen last as a chown/chgrp can alter mode by
+    #  clearing S_ISUID and S_ISGID bits (see chown(2))
+    for attribute in group owner mode; do
+        if [ -f "$__object/parameter/$attribute" ]; then
+            value_should="$(cat "$__object/parameter/$attribute")"
 
-                # change 0xxx format to xxx format => same as stat returns
-                if [ "$attribute" = mode ]; then
-                    value_should="$(echo "$value_should" | sed 's/^0\(...\)/\1/')"
-                fi
-
-                value_is="$(get_current_value "$attribute" "$value_should")"
-                if [ -f "$__object/files/set-attributes" ] || [ "$value_should" != "$value_is" ]; then
-                    "set_$attribute" "$value_should"
-                fi
+            # change 0xxx format to xxx format => same as stat returns
+            if [ "$attribute" = mode ]; then
+                value_should="$(echo "$value_should" | sed 's/^0\(...\)/\1/')"
+            fi
+            
+            value_is="$(get_current_value "$attribute" "$value_should")"
+            if [ -f "$__object/files/set-attributes" ] || [ "$value_should" != "$value_is" ]; then
+                "set_$attribute" "$value_should"
             fi
-        done
-        if [ -f "$__object/files/set-attributes" ]; then
-            # set-attributes is created if file is created or uploaded in gencode-local
-            fire_onchange=1
         fi
-    ;;
+    done
+    if [ -f "$__object/files/set-attributes" ]; then
+        # set-attributes is created if file is created or uploaded in gencode-local
+        fire_onchange=1
+    fi
 
-    pre-exists)
-        # pre-exists should never reach gencode-remote…
-        exit 1
-   ;;
+    ;;
 
     absent)
         if [ "$type" = "file" ]; then
@@ -105,7 +101,7 @@ case "$state_should" in
 esac
 
 if [ -f "$__object/parameter/onchange" ]; then
-    if [ -n "$fire_onchange" ]; then
-        cat "$__object/parameter/onchange"
-    fi
+   if [ -n "$fire_onchange" ]; then
+      cat "$__object/parameter/onchange"
+   fi
 fi

cdist/conf/type/__install_chroot_umount/manifest

@@ -1 +0,0 @@
-../__chroot_umount/manifest

cdist/conf/type/__install_directory/man.rst

@@ -1,101 +0,0 @@
-cdist-type__install_directory(7)
-================================
-
-NAME
-----
-cdist-type__install_directory - Manage a directory with install command
-
-
-DESCRIPTION
------------
-This cdist type allows you to create or remove directories on the target.
-
-
-REQUIRED PARAMETERS
--------------------
-None.
-
-
-OPTIONAL PARAMETERS
--------------------
-state
-   'present' or 'absent', defaults to 'present'
-
-group
-   Group to chgrp to.
-
-mode
-   Unix permissions, suitable for chmod.
-
-owner
-   User to chown to.
-
-
-BOOLEAN PARAMETERS
-------------------
-parents
-   Whether to create parents as well (mkdir -p behaviour).
-   Warning: all intermediate directory permissions default
-   to whatever mkdir -p does. 
-
-   Usually this means root:root, 0700.
-
-recursive
-   If supplied the chgrp and chown call will run recursively.
-   This does *not* influence the behaviour of chmod.
-
-MESSAGES
---------
-chgrp <group>
-    Changed group membership
-chown <owner>
-    Changed owner
-chmod <mode>
-    Changed mode
-create
-    Empty directory was created
-remove
-    Directory exists, but state is absent, directory will be removed by generated code.
-remove non directory
-    Something other than a directory with the same name exists and was removed prior to create.
-
-
-EXAMPLES
---------
-
-.. code-block:: sh
-
-    # A silly example
-    __install_directory /tmp/foobar
-
-    # Remove a directory
-    __install_directory /tmp/foobar --state absent
-
-    # Ensure /etc exists correctly
-    __install_directory /etc --owner root --group root --mode 0755
-
-    # Create nfs service directory, including parents
-    __install_directory /home/services/nfs --parents
-
-    # Change permissions recursively
-    __install_directory /home/services --recursive --owner root --group root
-
-    # Setup a temp directory
-    __install_directory /local --mode 1777
-
-    # Take it all
-    __install_directory /home/services/kvm --recursive --parents \
-        --owner root --group root --mode 0755 --state present
-
-
-AUTHORS
--------
-Nico Schottelius <nico-cdist--@--schottelius.org>
-
-
-COPYING
--------
-Copyright \(C) 2011 Nico Schottelius. You can redistribute it
-and/or modify it under the terms of the GNU General Public License as
-published by the Free Software Foundation, either version 3 of the
-License, or (at your option) any later version.

cdist/conf/type/__install_directory/man.rst

@@ -0,0 +1 @@
+../__directory/man.rst

cdist/conf/type/__install_file/man.rst

@@ -23,10 +23,6 @@ symlink
 directory
   replace it with the source file
 
-One exception is that when state is pre-exists, an error is raised if
-the file would have been created otherwise (e.g. it is not present or
-not a regular file).
-
 In any case, make sure that the file attributes are as specified.
 
 
@@ -37,7 +33,7 @@ None.
 OPTIONAL PARAMETERS
 -------------------
 state
-   'present', 'absent', 'exists' or 'pre-exists', defaults to 'present' where:
+   'present', 'absent' or 'exists', defaults to 'present' where:
 
    present
       the file is exactly the one from source
@@ -45,9 +41,6 @@ state
       the file does not exist
    exists
       the file from source but only if it doesn't already exist
-   pre-exists
-      check that the file exists and is a regular file, but do not
-      create or modify it
 
 group
    Group to chgrp to.
@@ -63,9 +56,6 @@ source
    If not supplied, an empty file or directory will be created.
    If source is '-' (dash), take what was written to stdin as the file content.
 
-onchange
-   The code to run if file is modified.
-
 MESSAGES
 --------
 chgrp <group>
@@ -103,8 +93,6 @@ EXAMPLES
     __install_file /home/frodo/.bashrc --source "/etc/skel/.bashrc" \
        --state exists \
        --owner frodo --mode 0600
-    # Check that the file is present, show an error when it is not
-    __install_file /etc/somefile --state pre-exists
     # Take file content from stdin
     __install_file /tmp/whatever --owner root --group root --mode 644 --source - << DONE
         Here goes the content for /tmp/whatever

cdist/conf/type/__letsencrypt_cert/man.rst

@@ -59,13 +59,13 @@ MESSAGES
 --------
 
 change
-    Certificate was changed.
+    Certificte was changed.
 
 create
-    Certificate was created.
+    Certificte was created.
 
 remove
-    Certificate was removed.
+    Certificte was removed.
 
 EXAMPLES
 --------

cdist/conf/type/__line/explorer/state

@@ -1,7 +1,6 @@
 #!/bin/sh -e
 #
 # 2018 Steven Armstrong (steven-cdist at armstrong.cc)
-# 2020 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
 #
 # This file is part of cdist.
 #
@@ -19,14 +18,6 @@
 # along with cdist. If not, see <http://www.gnu.org/licenses/>.
 #
 
-if [ -f "$__object/parameter/file" ]; then
-   file=$(cat "$__object/parameter/file")
-else
-   file="/$__object_id"
-fi
-
-[ -f "$file" ] || exit 0
-
 if [ -f "$__object/parameter/before" ]; then
    position="before"
 elif [ -f "$__object/parameter/after" ]; then
@@ -42,56 +33,63 @@ else
    needle="line"
 fi
 
+if [ -f "$__object/parameter/file" ]; then
+   file="$(cat "$__object/parameter/file")"
+else
+   file="/$__object_id"
+fi
+
+if [ ! -f "$file" ]; then
+  echo "file_missing"
+  exit 0
+fi
+
 awk -v position="$position" -v needle="$needle" '
 function _find(_text, _pattern) {
    if (needle == "regex") {
       return match(_text, _pattern)
    } else {
-      return index(_text, _pattern) == 1
+      return index(_text, _pattern)
    }
 }
 BEGIN {
    getline anchor < (ENVIRON["__object"] "/parameter/" position)
    getline pattern < (ENVIRON["__object"] "/parameter/" needle)
-
-   found_line = 0
-   correct_pos = (position != "after" && position != "before")
+   state = "absent"
 }
 {
    if (position == "after") {
       if (match($0, anchor)) {
          getline
          if (_find($0, pattern)) {
-            found_line++
-            correct_pos = 1
-            exit 0
+            state = "present"
          }
-      } else if (_find($0, pattern)) {
-         found_line++
+         else {
+            state = "wrongposition"
+         }
+         exit 0
       }
-   } else if (position == "before") {
+   }
+   else if (position == "before") {
       if (_find($0, pattern)) {
-         found_line++
          getline
          if (match($0, anchor)) {
-            correct_pos = 1
-            exit 0
+            state = "present"
          }
+         else {
+            state = "wrongposition"
+         }
+         exit 0
       }
-   } else {
+   }
+   else {
       if (_find($0, pattern)) {
-         found_line++
+         state = "present"
          exit 0
       }
    }
 }
 END {
-   if (found_line && correct_pos) {
-      print "present"
-   } else if (found_line) {
-      print "wrongposition"
-   } else {
-      print "absent"
-   }
+   print state
 }
 ' "$file"

cdist/conf/type/__line/gencode-remote

@@ -1,7 +1,6 @@
 #!/bin/sh -e
 #
 # 2018 Steven Armstrong (steven-cdist at armstrong.cc)
-# 2020 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
 #
 # This file is part of cdist.
 #
@@ -24,20 +23,9 @@ if [ -f "$__object/parameter/before" ] && [ -f "$__object/parameter/after" ]; th
    exit 1
 fi
 
-if [ -f "$__object/parameter/file" ]; then
-   file="$(cat "$__object/parameter/file")"
-else
-   file="/$__object_id"
-fi
-
 state_should="$(cat "$__object/parameter/state")"
 state_is="$(cat "$__object/explorer/state")"
 
-if [ -z "$state_is" ]; then
-   printf 'The file "%s" is missing. Please create it before using %s on it.\n' "$file" "${__type##*/}" >&2
-   exit 1
-fi
-
 if [ "$state_should" = "$state_is" ]; then
    # nothing to do
    exit 0
@@ -58,6 +46,12 @@ else
    needle="line"
 fi
 
+if [ -f "$__object/parameter/file" ]; then
+   file="$(cat "$__object/parameter/file")"
+else
+   file="/$__object_id"
+fi
+
 add=0
 remove=0
 case "$state_should" in
@@ -110,12 +104,10 @@ BEGIN {
       if (anchor && match(\$0, anchor)) {
          if (position == "before") {
             print line
-            add = 0
             print
          } else if (position == "after") {
             print
             print line
-            add = 0
          }
          next
       }
@@ -123,7 +115,7 @@ BEGIN {
    print
 }
 END {
-   if (add) {
+   if (add && position == "end") {
       print line
    }
 }

cdist/conf/type/__mysql_database/explorer/state

@@ -1,33 +0,0 @@
-#!/bin/sh -e
-#
-# 2020 Ander Punnar (ander-at-kvlt-dot-ee)
-#
-# This file is part of cdist.
-#
-# cdist is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# cdist is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with cdist. If not, see <http://www.gnu.org/licenses/>.
-#
-
-if [ -f "$__object/parameter/name" ]
-then
-    name="$( cat "$__object/parameter/name" )"
-else
-    name="$__object_id"
-fi
-
-if [ -n "$( mysql -B -N -e "show databases like '$name'" )" ]
-then
-    echo 'present'
-else
-    echo 'absent'
-fi

cdist/conf/type/__mysql_database/gencode-remote

@@ -1,6 +1,6 @@
 #!/bin/sh -e
 #
-# 2020 Ander Punnar (ander-at-kvlt-dot-ee)
+# 2012 Benedikt Koeppel (code@benediktkoeppel.ch)
 #
 # This file is part of cdist.
 #
@@ -17,30 +17,38 @@
 # You should have received a copy of the GNU General Public License
 # along with cdist. If not, see <http://www.gnu.org/licenses/>.
 #
+#
 
-state_is="$( cat "$__object/explorer/state" )"
-
-state_should="$( cat "$__object/parameter/state" )"
-
-if [ "$state_is" = "$state_should" ]
-then
-    exit 0
+# if --database was specified
+if [ -f "$__object/parameter/name" ]; then
+   database="$(cat "$__object/parameter/name")"
+else # otherwise use the object id as database name
+   database="$__object_id"
 fi
 
-if [ -f "$__object/parameter/name" ]
-then
-    name="$( cat "$__object/parameter/name" )"
-else
-    name="$__object_id"
-fi
+cat <<-EOFF
+mysql -u root <<-EOF
+	CREATE DATABASE IF NOT EXISTS $database
+EOF
+EOFF
 
-case "$state_should" in
-    present)
-        echo "mysql -e 'create database \`$name\`'"
-        echo "create database $name" >> "$__messages_out"
-    ;;
-    absent)
-        echo "mysql -e 'drop database \`$name\`'"
-        echo "drop database $name" >> "$__messages_out"
-    ;;
-esac
+# if --user was specified
+if [ -f "$__object/parameter/user" ]; then
+   user="$(cat "$__object/parameter/user")"
+
+   # if --password was specified
+   if [ -f "$__object/parameter/password" ]; then
+      password="$(cat "$__object/parameter/password")"
+      cat <<-EOFF
+      mysql -u root <<-EOF
+      	GRANT ALL PRIVILEGES ON $database.* to '$user'@'localhost' IDENTIFIED BY '$password';
+EOF
+EOFF
+   else
+      cat <<-EOFF
+      mysql -u root <<-EOF
+      	GRANT ALL PRIVILEGES ON $database.* to '$user'@'localhost';
+EOF
+EOFF
+   fi
+fi

cdist/conf/type/__mysql_database/man.rst

@@ -8,24 +8,24 @@ cdist-type__mysql_database - Manage a MySQL database
 
 DESCRIPTION
 -----------
+This cdist type allows you to install a MySQL database.
 
-Create MySQL database and optionally user with all privileges.
 
+REQUIRED PARAMETERS
+-------------------
+None.
 
 OPTIONAL PARAMETERS
 -------------------
 name
-   Name of database. Defaults to object id.
+   The name of the database to install
+   defaults to the object id
 
 user
-   Create user and give all privileges to database.
+   A user that should have access to the database
 
 password
-   Password for user.
-
-state
-   Defaults to present.
-   If absent and user is also set, both will be removed (with privileges).
+   The password for the user who manages the database
 
 
 EXAMPLES
@@ -33,23 +33,17 @@ EXAMPLES
 
 .. code-block:: sh
 
-    # just create database
-    __mysql_database foo
-
-    # create database with respective user with all privileges to database
-    __mysql_database bar \
-        --user name \
-        --password secret
+    __mysql_database "cdist" --name "cdist" --user "myuser" --password "mypwd"
 
 
 AUTHORS
 -------
-Ander Punnar <ander-at-kvlt-dot-ee>
+Benedikt Koeppel <code@benediktkoeppel.ch>
 
 
 COPYING
 -------
-Copyright \(C) 2020 Ander Punnar. You can redistribute it and/or modify it
-under the terms of the GNU General Public License as published by the Free
-Software Foundation, either version 3 of the License, or (at your option) any
-later version.
+Copyright \(C) 2012 Benedikt Koeppel. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.

cdist/conf/type/__mysql_database/manifest

@@ -1,52 +0,0 @@
-#!/bin/sh -e
-#
-# 2020 Ander Punnar (ander-at-kvlt-dot-ee)
-#
-# This file is part of cdist.
-#
-# cdist is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# cdist is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with cdist. If not, see <http://www.gnu.org/licenses/>.
-#
-
-if [ -f "$__object/parameter/user" ]
-then
-    user="$( cat "$__object/parameter/user" )"
-fi
-
-if [ -f "$__object/parameter/password" ]
-then
-    password="$( cat "$__object/parameter/password" )"
-fi
-
-if [ -n "$user" ] && [ -n "$password" ]
-then
-    if [ -f "$__object/parameter/name" ]
-    then
-        database="$( cat "$__object/parameter/name" )"
-    else
-        database="$__object_id"
-    fi
-
-    state_should="$( cat "$__object/parameter/state" )"
-
-    __mysql_user "$user" \
-        --password "$password" \
-        --state "$state_should"
-
-    # removing user should remove all user's privileges
-    require="__mysql_user/$user" \
-        __mysql_privileges "$database/$user" \
-            --database "$database" \
-            --user "$user" \
-            --state "$state_should"
-fi

cdist/conf/type/__mysql_database/parameter/default/state

@@ -1 +0,0 @@
-present

cdist/conf/type/__mysql_database/parameter/optional

@@ -1,4 +1,3 @@
 name
 user
 password
-state

cdist/conf/type/__mysql_privileges/explorer/state

@@ -1,40 +0,0 @@
-#!/bin/sh -e
-#
-# 2020 Ander Punnar (ander-at-kvlt-dot-ee)
-#
-# This file is part of cdist.
-#
-# cdist is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# cdist is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with cdist. If not, see <http://www.gnu.org/licenses/>.
-#
-
-privileges="$( cat "$__object/parameter/privileges" )"
-
-database="$( cat "$__object/parameter/database" )"
-
-table="$( cat "$__object/parameter/table" )"
-
-user="$( cat "$__object/parameter/user" )"
-
-host="$( cat "$__object/parameter/host" )"
-
-check_privileges="$( 
-    mysql -B -N -e "show grants for '$user'@'$host'" \
-        | grep -Ei "^grant $privileges on .$database.\..?$table.? to " || true )"
-
-if [ -n "$check_privileges" ]
-then
-    echo 'present'
-else
-    echo 'absent'
-fi

cdist/conf/type/__mysql_privileges/gencode-remote

@@ -1,55 +0,0 @@
-#!/bin/sh -e
-#
-# 2020 Ander Punnar (ander-at-kvlt-dot-ee)
-#
-# This file is part of cdist.
-#
-# cdist is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# cdist is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with cdist. If not, see <http://www.gnu.org/licenses/>.
-#
-
-state_is="$( cat "$__object/explorer/state" )"
-
-state_should="$( cat "$__object/parameter/state" )"
-
-if [ "$state_is" = "$state_should" ]
-then
-    exit 0
-fi
-
-privileges="$( cat "$__object/parameter/privileges" )"
-
-database="$( cat "$__object/parameter/database" )"
-
-table="$( cat "$__object/parameter/table" )"
-
-user="$( cat "$__object/parameter/user" )"
-
-host="$( cat "$__object/parameter/host" )"
-
-if [ "$table" != '*' ]
-then
-    # shellcheck disable=SC2016
-    table="$( printf '`%s`' "$table" )"
-fi
-
-case "$state_should" in
-    present)
-        echo "mysql -e 'grant $privileges on \`$database\`.$table to \`$user\`@\`$host\`'"
-        echo "grant $privileges on $database.$table to $user@$host" >> "$__messages_out"
-    ;;
-    absent)
-        echo "mysql -e 'revoke $privileges on \`$database\`.$table from \`$user\`@\`$host\`'"
-        echo "revoke $privileges on $database.$table from $user@$host" >> "$__messages_out"
-    ;;
-esac

cdist/conf/type/__mysql_privileges/man.rst

@@ -1,57 +0,0 @@
-cdist-type__mysql_privileges(7)
-===============================
-
-NAME
-----
-cdist-type__mysql_privileges - Manage MySQL privileges
-
-
-DESCRIPTION
------------
-
-Grant and revoke privileges of MySQL user.
-
-
-REQUIRED PARAMETERS
--------------------
-database
-   Name of database.
-
-user
-   Name of user.
-
-
-OPTIONAL PARAMETERS
--------------------
-privileges
-   Defaults to "all".
-
-table
-   Defaults to "*".
-
-host
-   Defaults to localhost.
-
-state
-   "present" grants and "absent" revokes. Defaults to present.
-
-
-EXAMPLES
---------
-
-.. code-block:: sh
-
-    __mysql_privileges user-to-db --database db --user user
-
-
-AUTHORS
--------
-Ander Punnar <ander-at-kvlt-dot-ee>
-
-
-COPYING
--------
-Copyright \(C) 2020 Ander Punnar. You can redistribute it and/or modify it
-under the terms of the GNU General Public License as published by the Free
-Software Foundation, either version 3 of the License, or (at your option) any
-later version.

cdist/conf/type/__mysql_privileges/parameter/default/host

@@ -1 +0,0 @@
-localhost

cdist/conf/type/__mysql_privileges/parameter/default/privileges

@@ -1 +0,0 @@
-all privileges

cdist/conf/type/__mysql_privileges/parameter/default/state

@@ -1 +0,0 @@
-present

cdist/conf/type/__mysql_privileges/parameter/default/table

@@ -1 +0,0 @@
-*

cdist/conf/type/__mysql_privileges/parameter/optional

@@ -1,4 +0,0 @@
-privileges
-table
-host
-state

cdist/conf/type/__mysql_privileges/parameter/required

@@ -1,2 +0,0 @@
-database
-user

cdist/conf/type/__mysql_user/explorer/state

@@ -1,54 +0,0 @@
-#!/bin/sh -e
-#
-# 2020 Ander Punnar (ander-at-kvlt-dot-ee)
-#
-# This file is part of cdist.
-#
-# cdist is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# cdist is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with cdist. If not, see <http://www.gnu.org/licenses/>.
-#
-
-if [ -f "$__object/parameter/name" ]
-then
-    name="$( cat "$__object/parameter/name" )"
-else
-    name="$__object_id"
-fi
-
-if [ -f "$__object/parameter/password" ]
-then
-    password="$( cat "$__object/parameter/password" )"
-else
-    password=''
-fi
-
-host="$( cat "$__object/parameter/host" )"
-
-check_user="$( mysql -B -N -e "select user from mysql.user where user = '$name' and host = '$host'" )"
-
-if [ -n "$check_user" ]
-then
-    if [ -n "$password" ]
-    then
-        check_password="$( mysql -B -N -e "select user from mysql.user where user = '$name' and host = '$host' and password = password( '$password' )" )"
-    fi
-
-    if [ -n "$password" ] && [ -z "$check_password" ]
-    then
-        echo 'change-password'
-    else
-        echo 'present'
-    fi
-else
-    echo 'absent'
-fi

cdist/conf/type/__mysql_user/gencode-remote

@@ -1,68 +0,0 @@
-#!/bin/sh -e
-#
-# 2020 Ander Punnar (ander-at-kvlt-dot-ee)
-#
-# This file is part of cdist.
-#
-# cdist is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# cdist is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with cdist. If not, see <http://www.gnu.org/licenses/>.
-#
-
-state_is="$( cat "$__object/explorer/state" )"
-
-state_should="$( cat "$__object/parameter/state" )"
-
-if [ "$state_is" = "$state_should" ]
-then
-    exit 0
-fi
-
-if [ -f "$__object/parameter/name" ]
-then
-    name="$( cat "$__object/parameter/name" )"
-else
-    name="$__object_id"
-fi
-
-host="$( cat "$__object/parameter/host" )"
-
-if [ -f "$__object/parameter/password" ]
-then
-    password="$( cat "$__object/parameter/password" )"
-else
-    if [ "$state_should" = 'present' ]
-    then
-        echo '--password needed' >&2
-        exit 1
-    else
-        password=''
-    fi
-fi
-
-if [ "$state_is" = 'absent' ] && [ "$state_should" = 'present' ]
-then
-    echo "mysql -e 'create user \`$name\`@\`$host\` identified by \"$password\"'"
-    echo "create user $name@$host" >> "$__messages_out"
-
-elif [ "$state_is" != 'absent' ] && [ "$state_should" = 'absent' ]
-then
-    echo "mysql -e 'drop user \`$name\`@\`$host\`'"
-    echo "drop user $name@$host" >> "$__messages_out"
-
-elif [ "$state_is" = 'change-password' ]
-then
-    # this only works with MySQL 5.7.6 and later or MariaDB 10.1.20 and later
-    echo "mysql -e 'alter user \`$name\`@\`$host\` identified by \"$password\"'"
-    echo "mysql -e 'flush privileges'"
-    echo "change password $name@$host" >> "$__messages_out"
-fi

cdist/conf/type/__mysql_user/man.rst

@@ -1,48 +0,0 @@
-cdist-type__mysql_user(7)
-=========================
-
-NAME
-----
-cdist-type__mysql_user - Manage a MySQL user
-
-
-DESCRIPTION
------------
-
-Create MySQL user or change password for the user.
-
-
-OPTIONAL PARAMETERS
--------------------
-name
-   Name of user. Defaults to object id.
-
-host
-   Host of user. Defaults to localhost.
-
-password
-   Password of user.
-
-state
-   Defaults to present.
-
-
-EXAMPLES
---------
-
-.. code-block:: sh
-
-    __mysql_user user --password secret
-
-
-AUTHORS
--------
-Ander Punnar <ander-at-kvlt-dot-ee>
-
-
-COPYING
--------
-Copyright \(C) 2020 Ander Punnar. You can redistribute it and/or modify it
-under the terms of the GNU General Public License as published by the Free
-Software Foundation, either version 3 of the License, or (at your option) any
-later version.

cdist/conf/type/__mysql_user/parameter/default/host

@@ -1 +0,0 @@
-localhost

cdist/conf/type/__mysql_user/parameter/default/state

@@ -1 +0,0 @@
-present

cdist/conf/type/__mysql_user/parameter/optional

@@ -1,4 +0,0 @@
-name
-host
-password
-state

cdist/conf/type/__openldap_server/gencode-remote

@@ -1,44 +0,0 @@
-#!/bin/sh
-
-manager_dn=$(cat "${__object}/parameter/manager-dn")
-manager_password=$(cat "${__object}/parameter/manager-password")
-description=$(cat "${__object}/parameter/description")
-suffix=$(cat "${__object}/parameter/suffix")
-suffix_dc=$(printf "%s" "${suffix}" | awk -F',' '{print $1}' | awk -F'=' '{print $2}')
-
-SLAPD_IPC=$(tr '\n' ' ' < "${__object}/parameter/slapd-url" | awk '{ print $1}')
-
-cat <<DONE # | tee /dev/stderr
-# Restart service
-service slapd restart
-# It can sometimes take a tiny bit to bind
-sleep 1
-# Create or update base object
-if ldapsearch -xZ -D "${manager_dn}" -w "${manager_password}" -H '${SLAPD_IPC}' -b '${suffix}' -s base 2>&1 > /dev/null; then
-    # Already exists, use ldapmodify
-    ldapmodify -xZ -D "${manager_dn}" -w "${manager_password}" -H '${SLAPD_IPC}' <<EOF
-dn: ${suffix}
-changetype: modify
-replace: objectClass
-objectClass: top
-objectClass: dcObject
-objectClass: organization
--
-replace: o
-o: ${description}
--
-replace: dc
-dc: ${suffix_dc}
-EOF
-else
-    # Does not exist, use ldapadd
-    ldapadd -xZ -D "${manager_dn}" -w "${manager_password}" -H '${SLAPD_IPC}' <<EOF
-dn: ${suffix}
-objectClass: top
-objectClass: dcObject
-objectClass: organization
-o: ${description}
-dc: ${suffix_dc}
-EOF
-fi
-DONE

cdist/conf/type/__openldap_server/man.rst

@@ -1,212 +0,0 @@
-cdist-type__openldap_server(7)
-==============================
-
-NAME
-----
-cdist-type__openldap_server - Setup an openldap(4) server instance
-
-
-DESCRIPTION
------------
-This type can be used to bootstrap an LDAP environment using openldap as slapd.
-
-It bootstraps the LDAP server with sane defaults and creates and manages the
-base DN defined by `suffix`.
-
-
-REQUIRED PARAMETERS
--------------------
-manager-dn
-    The rootdn to set up in the directory.
-    E.g. `cn=manager,dc=ungleich,dc=ch`. See `slapd.conf(5)`.
-
-manager-password
-    The password for `manager-dn` in the directory.
-    This will be used to connect to the LDAP server on the first `slapd-url`
-    with the given `manager-dn`.
-
-manager-password-hash
-    The password for `manager-dn` in the directory.
-    This should be valid for `slapd.conf` like `{SSHA}qV+mCs3u8Q2sCmUXT4Ybw7MebHTASMyr`.
-    Generate e.g. with: `slappasswd -s weneedgoodsecurity`.
-    See `slappasswd(8C)`, `slapd.conf(5)`.
-    TODO: implement this: http://blog.adamsbros.org/2015/06/09/openldap-ssha-salted-hashes-by-hand/
-      to derive from the manager-password parameter and ensure idempotency (care with salts).
-      At that point, manager-password-hash should be deprecated and ignored.
-
-serverid
-    The server for the directory.
-    E.g. `dc=ungleich,dc=ch`. See `slapd.conf(5)`.
-
-suffix
-    The suffix for the directory.
-    E.g. `dc=ungleich,dc=ch`. See `slapd.conf(5)`.
-
-
-REQUIRED MULTIPLE PARAMETERS
-----------------------------
-slapd-url
-    A URL for slapd to listen on.
-    Pass once for each URL you want to support,
-    e.g.: `--slapd-url ldaps://my.fqdn/ --slapd-url ldap://my.fqdn/`.
-    The first instance that is passed will be used as the main URL to
-    connect to this LDAP server
-    See the `-h` flag in `slapd(8C)`.
-
-
-OPTIONAL PARAMETERS
--------------------
-syncrepl-credentials
-    Only has an effect if `replicate` is set; required in that case.
-    This secret is shared amongst the hosts that will replicate the directory.
-    Note that each replication server needs this secret and it is saved in
-    plain text in the directory.
-
-syncrepl-searchbase
-    Only has an effect if `replicate` is set; required in that case.
-    The searchbase to use for replication.
-    E.g. `dc=ungleich,dc=ch`. See `slapd.conf(5)`.
-
-admin-email
-    Passed to `cdist-type__letsencrypt_cert`; has otherwise no use.
-    Required if using `__letsencrypt_cert`.
-    Where to send Let's Encrypt emails like "certificate needs renewal".
-
-tls-cipher-suite
-    Setting for TLSCipherSuite.
-    Defaults to `NORMAL` in a Debian-like OS and `HIGH:MEDIUM:+SSLv2` on FreeBSD.
-    See `slapd.conf(5)`.
-
-tls-cert
-    If defined, `__letsencrypt_cert` is not used and this must be the path in
-    the remote hosts to the PEM-encoded TLS certificate.
-    Requires: `tls-privkey` and `tls-ca`.
-    Permissions, existence and renewal of these files are left up to the
-    type's user.
-
-tls-privkey
-    Required if `tls-cert` is defined.
-    Path in the remote hosts to the PEM-encoded private key file.
-
-tls-ca
-    Required if `tls-cert` is defined.
-    Path in the remote hosts to the PEM-encoded CA certificate file.
-
-
-OPTIONAL MULTIPLE PARAMETERS
-----------------------------
-syncrepl-host
-    Only has an effect if `replicate` is set; required in that case.
-    Set once per host that will replicate the directory.
-
-module
-    LDAP module to load. See `slapd.conf(5)`.
-    Default value is OS-dependent, see manifest.
-
-schema
-    Name of LDAP schema to load. Must be the name without extension of a
-    `.schema` file in slapd's schema directory (usually `/etc/slapd/schema` or
-    `/usr/local/etc/openldap/schema`).
-    Example value: `inetorgperson`
-    The type user must ensure that the schema file is deployed.
-    This defaults to a sensible subset, for details see the type definition.
-
-description
-    The description of the base DN passed in the `suffix` parameter.
-    Defaults to `Managed by cdist, do not edit manually.`
-
-
-BOOLEAN PARAMETERS
-------------------
-staging
-    Passed to `cdist-type__letsencrypt_cert`; has otherwise no use.
-    Obtain a test certificate from a staging server.
-
-replicate
-    Whether to setup replication or not.
-    If present `syncrepl-credentials` and `syncrepl-host` are also required.
-
-
-EXAMPLES
---------
-
-.. code-block:: sh
-
-    # Example of a simple server with manual certificate management.
-    pki_prefix="/usr/local/etc/pki/realms/ldap.camilion.cloud"
-    __openldap_server \
-        --manager-dn 'cn=manager,dc=camilion,dc=cloud' \
-        --manager-password "foo" \
-        --manager-password-hash '{SSHA}foo' \
-        --serverid 0 \
-        --suffix 'dc=camilion,dc=cloud' \
-        --slapd-url 'ldaps://ldap.camilion.cloud' \
-        --tls-cert "${pki_prefix}/default.crt" \
-        --tls-privkey "${pki_prefix}/default.key" \
-        --tls-ca "${pki_prefix}/CA.crt"
-
-    # The created basedn looks as follows:
-    #
-    # dn: dc=camilion,dc=cloud
-    # objectClass: top
-    # objectClass: dcObject
-    # objectClass: organization
-    # o: Managed by cdist, do not edit manually.
-    # dc: camilion
-    #
-    # Do not change it manually, the type will overwrite your changes.
-
-
-    #
-    # Changing to a replicated setup is a simple change to something like:
-    #
-    # Example for multiple servers with replication and automatic
-    # Let's Encrypt certificate management through certbot.
-    id=1
-    for host in ldap-test1.ungleich.ch ldap-test2.ungleich.ch; do
-        echo "__ungleich_ldap \
-            --manager-dn 'cn=manager,dc=ungleich,dc=ch' \
-            --manager-psasword 'foo' \
-            --manager-password-hash '{SSHA}fooo' \
-            --serverid '${id}' \
-            --suffix 'dc=ungleich,dc=ch' \
-            --slapd-url ldap://${host} \
-            --searchbase 'dc=ungleich,dc=ch' \
-            --syncrepl-credentials 'fooo' \
-            --syncrepl-host 'ldap-test1.ungleich.ch' \
-            --syncrepl-host 'ldap-test2.ungleich.ch' \
-            --description 'Ungleich LDAP server'" \
-            --staging \
-            | cdist config -i - -v ${host}
-        id=$((id + 1))
-    done
-
-    # The created basedn looks as follows:
-    #
-    # dn: dc=ungleich,dc=ch
-    # objectClass: top
-    # objectClass: dcObject
-    # objectClass: organization
-    # o: Ungleich LDAP server
-    # dc: ungleich
-    #
-    # Do not change it manually, the type will overwrite your changes.
-
-
-SEE ALSO
---------
-:strong:`cdist-type__letsencrypt_cert`\ (7)
-
-
-AUTHORS
--------
-ungleich <foss--@--ungleich.ch>
-Evilham <contact--@--evilham.com>
-
-
-COPYING
--------
-Copyright \(C) 2020 ungleich glarus ag. You can redistribute it
-and/or modify it under the terms of the GNU General Public License as
-published by the Free Software Foundation, either version 3 of the
-License, or (at your option) any later version.

cdist/conf/type/__openldap_server/manifest

@@ -1,263 +0,0 @@
-#!/bin/sh
-
-name="${__target_host}"
-manager_dn=$(cat "${__object}/parameter/manager-dn")
-manager_password_hash=$(cat "${__object}/parameter/manager-password-hash")
-serverid=$(cat "${__object}/parameter/serverid")
-suffix=$(cat "${__object}/parameter/suffix")
-slapd_modules=$(cat "${__object}/parameter/module" 2>/dev/null || true)
-schemas=$(cat "${__object}/parameter/schema")
-slapd_urls=$(tr '\n' ' ' < "${__object}/parameter/slapd-url")
-tls_cipher_suite=$(cat "${__object}/parameter/tls-cipher-suite" 2>/dev/null || true)
-
-
-os="$(cat "${__global}/explorer/os")"
-
-# Setup OS-dependent vars
-CONF_OWNER="root"
-CONF_GROUP="root"
-case "${os}" in
-    freebsd)
-        PKGS="openldap-server"
-        ETC="/usr/local/etc"
-        SLAPD_DIR="/usr/local/etc/openldap"
-        SLAPD_DATA_DIR="/var/db/openldap-data"
-        SLAPD_RUN_DIR="/var/run/openldap"
-        SLAPD_MODULE_PATH="/usr/local/libexec/openldap"
-        if [ -z "${slapd_modules}" ]; then
-            # It looks like ppolicy and syncprov must be compiled
-            slapd_modules="back_mdb back_monitor"
-        fi
-        CONF_OWNER="ldap"
-        CONF_GROUP="ldap"
-        if [ -z "${tls_cipher_suite}" ]; then
-            # TODO: research default for FreeBSD. 'NORMAL' appears to not work
-            tls_cipher_suite="HIGH:MEDIUM:+SSLv2"
-        fi
-        ;;
-    debian|ubuntu|devuan)
-        PKGS="slapd ldap-utils"
-        ETC="/etc"
-        SLAPD_DIR="/etc/ldap"
-        SLAPD_DATA_DIR="/var/lib/ldap"
-        SLAPD_RUN_DIR="/var/run/slapd"
-        SLAPD_MODULE_PATH="/usr/lib/ldap"
-        if [ -z "${slapd_modules}" ]; then
-            slapd_modules="back_mdb ppolicy syncprov back_monitor"
-        fi
-        if [ -z "${tls_cipher_suite}" ]; then
-            tls_cipher_suite="NORMAL"
-        fi
-        ;;
-    *)
-        echo "Don't know the openldap defaults for: $os" >&2
-        exit 1
-        ;;
-esac
-
-PKG_MAIN=$(echo "${PKGS}" | awk '{print $1;}')
-
-
-# Determine if __letsencrypt_cert is to be used and setup vars accordingly
-if [ -f "${__object}/parameter/tls-cert" ]; then
-    tls_cert=$(cat "${__object}/parameter/tls-cert")
-
-    if [ ! -f "${__object}/parameter/tls-privkey" ]; then
-        echo "When tls-cert is defined, tls-privkey is also required." >&2
-        exit 1
-    fi
-    tls_privkey=$(cat "${__object}/parameter/tls-privkey")
-
-    if [ ! -f "${__object}/parameter/tls-ca" ]; then
-        echo "When tls-cert is defined, tls-ca is also required." >&2
-        exit 1
-    fi
-    tls_ca=$(cat "${__object}/parameter/tls-ca")
-
-    _skip_letsencrypt_cert="YES"
-else
-    if [ ! -f "${__object}/parameter/admin-email" ]; then
-        echo "When using __letsencrypt_cert, admin-email is also required." >&2
-        exit 1
-    fi
-    admin_email=$(cat "${__object}/parameter/admin-email")
-
-    tls_cert="${SLAPD_DIR}/sasl2/cert.pem"
-    tls_privkey="${SLAPD_DIR}/sasl2/privkey.pem"
-    tls_ca="${SLAPD_DIR}/sasl2/chain.pem"
-fi
-
-mkdir "${__object}/files"
-ldapconf="${__object}/files/ldapconf"
-
-replication=""
-if [ -f "${__object}/parameter/replicate" ]; then
-    replication=yes
-
-    if [ ! -f "${__object}/parameter/syncrepl-searchbase" ]; then
-        echo "Requiring the searchbase for replication" >&2
-        exit 1
-    fi
-    syncrepl_searchbase=$(cat "${__object}/parameter/syncrepl-searchbase")
-
-    if [ ! -f "${__object}/parameter/syncrepl-credentials" ]; then
-        echo "Requiring credentials for replication" >&2
-        exit 1
-    fi
-
-    syncrepl_credentials=$(cat "${__object}/parameter/syncrepl-credentials")
-
-    if [ ! -f "${__object}/parameter/syncrepl-host" ]; then
-        echo "Requiring host(s) for replication" >&2
-        exit 1
-    fi
-    syncrepl_hosts=$(cat "${__object}/parameter/syncrepl-host")
-
-fi
-
-# Install required packages
-for pkg in ${PKGS}; do
-    __package "${pkg}"
-done
-
-
-require="__package/${PKG_MAIN}" __start_on_boot slapd
-
-# Setup -h flag for the listeners. See man slapd (-h flag).
-case "${os}" in
-    freebsd)
-        require="__start_on_boot/slapd" __key_value \
-               --file "/etc/rc.conf" \
-               --key "slapd_flags" \
-               --value "\"-h '${slapd_urls}'\"" \
-               --delimiter "=" \
-               --comment "# LDAP Listener URLs" \
-               "${__target_host}__slapd_flags"
-        ;;
-    debian|ubuntu|devuan)
-        require="__package/${PKG_MAIN}" __line rm_slapd_conf \
-               --file ${ETC}/default/slapd \
-               --regex 'SLAPD_CONF=.*' \
-               --state absent
-
-        require="__package/${PKG_MAIN}" __line rm_slapd_services \
-               --file ${ETC}/default/slapd \
-               --regex 'SLAPD_SERVICES=.*' \
-               --state absent
-
-        require="__line/rm_slapd_conf" __line add_slapd_conf \
-               --file ${ETC}/default/slapd \
-               --line "SLAPD_CONF=${SLAPD_DIR}/slapd.conf" \
-               --state present
-
-        require="__line/rm_slapd_services" __line add_slapd_services \
-               --file ${ETC}/default/slapd \
-               --line "SLAPD_SERVICES=\"${slapd_urls}\"" \
-               --state present
-        ;;
-    *)
-        # Nothing to do here, move on.
-        ;;
-esac
-
-
-if [ -z "${_skip_letsencrypt_cert}" ]; then
-    if [ -f "${__object}/parameter/staging" ]; then
-        staging="--staging"
-    else
-        staging=""
-    fi
-
-    __letsencrypt_cert "${name}" --admin-email "${admin_email}" \
-        --renew-hook "cp ${ETC}/letsencrypt/live/${name}/*.pem ${SLAPD_DIR}/sasl2 && chown -R openldap:openldap ${SLAPD_DIR}/sasl2 && service slapd restart" \
-        --automatic-renewal ${staging}
-fi
-
-require="__package/${PKG_MAIN}" __directory ${SLAPD_DIR}/slapd.d --state absent
-
-if [ -z "${_skip_letsencrypt_cert}" ]; then
-    require="__package/${PKG_MAIN} __letsencrypt_cert/${name}" \
-           __file ${SLAPD_DIR}/slapd.conf --owner ${CONF_OWNER} --group ${CONF_GROUP} --mode 644 \
-           --source "${ldapconf}"
-else
-    require="__package/${PKG_MAIN}" \
-           __file ${SLAPD_DIR}/slapd.conf --owner ${CONF_OWNER} --group ${CONF_GROUP} --mode 644 \
-           --source "${ldapconf}"
-fi
-
-# Start slapd.conf
-cat << EOF > "${ldapconf}"
-pidfile ${SLAPD_RUN_DIR}/slapd.pid
-argsfile ${SLAPD_RUN_DIR}/slapd.args
-
-TLSCipherSuite ${tls_cipher_suite}
-TLSCertificateFile ${tls_cert}
-TLSCertificateKeyFile ${tls_privkey}
-TLSCACertificateFile ${tls_ca}
-
-disallow bind_anon
-require bind
-security tls=1
-EOF
-
-# Add specified schemas
-for schema in ${schemas}; do
-    echo "include ${SLAPD_DIR}/schema/${schema}.schema" >> "${ldapconf}"
-done
-
-# Add specified modules
-echo "modulepath ${SLAPD_MODULE_PATH}" >> "${ldapconf}"
-for module in ${slapd_modules}; do
-    echo "moduleload ${module}.la" >> "${ldapconf}"
-done
-
-# Rest of the config
-cat << EOF >> "${ldapconf}"
-loglevel 1024
-
-database mdb
-maxsize 1073741824
-
-suffix "${suffix}"
-directory ${SLAPD_DATA_DIR}
-rootdn "${manager_dn}"
-rootpw "${manager_password_hash}"
-
-index objectClass eq,pres
-index ou,cn,mail,surname,givenname eq,pres,sub
-index uidNumber,gidNumber,loginShell eq,pres
-index uid,memberUid eq,pres,sub
-index nisMapName,nisMapEntry eq,pres,sub
-index entryCSN,entryUUID eq
-
-serverid ${serverid}
-EOF
-
-# Setup replication
-if [ "${replication}" ]; then
-    rid=1;
-    for syncrepl in ${syncrepl_hosts}; do
-    cat <<EOF >> "${ldapconf}"
-syncrepl rid=${rid}
- provider=ldap://${syncrepl}
- bindmethod=simple
- starttls=yes
- binddn="${manager_dn}"
- credentials=${syncrepl_credentials}
- searchbase="${syncrepl_searchbase}"
- type=refreshAndPersist
- retry="5 + 5 +"
- interval=00:00:00:05
-EOF
-    rid=$((rid + 1))
-    done
-    cat <<EOF >> "${ldapconf}"
-mirrormode true
-overlay syncprov
-syncprov-checkpoint 100 5
-syncprov-sessionlog 100
-
-database monitor
-limits dn.exact="${manager_dn}" time=unlimited size=unlimited
-EOF
-fi

cdist/conf/type/__openldap_server/parameter/boolean

@@ -1,2 +0,0 @@
-staging
-replicate

cdist/conf/type/__openldap_server/parameter/default/description

@@ -1 +0,0 @@
-Managed by cdist, do not edit manually.

cdist/conf/type/__openldap_server/parameter/default/schema

@@ -1,12 +0,0 @@
-corba
-core
-cosine
-duaconf
-dyngroup
-inetorgperson
-java
-misc
-nis
-openldap
-ppolicy
-collective

cdist/conf/type/__openldap_server/parameter/optional

@@ -1,8 +0,0 @@
-description
-syncrepl-credentials
-syncrepl-searchbase
-admin-email
-tls-cipher-suite
-tls-cert
-tls-privkey
-tls-ca

cdist/conf/type/__openldap_server/parameter/optional_multiple

@@ -1,3 +0,0 @@
-syncrepl-host
-module
-schema

cdist/conf/type/__openldap_server/parameter/required

@@ -1,5 +0,0 @@
-manager-dn
-manager-password
-manager-password-hash
-serverid
-suffix

cdist/conf/type/__openldap_server/parameter/required_multiple

@@ -1 +0,0 @@
-slapd-url

cdist/conf/type/__package_apt/gencode-remote

@@ -74,14 +74,6 @@ fi
 
 case "$state_should" in
     present)
-        # following is bit ugly, but important hack.
-        # due to how cdist config run works, there isn't
-        # currently better way to do it :(
-        cat << EOF
-if [ ! -f /var/cache/apt/pkgcache.bin ] || [ "\$( stat --format %Y /var/cache/apt/pkgcache.bin )" -lt "\$( date +%s -d '-1 day' )" ]
-then echo apt-get update > /dev/null 2>&1 || true
-fi
-EOF
         if [ -n "$version" ]; then
             name="${name}=${version}"
         fi

cdist/conf/type/__package_apt/man.rst

@@ -11,9 +11,6 @@ DESCRIPTION
 apt-get is usually used on Debian and variants (like Ubuntu) to
 manage packages.
 
-This type will also update package index, if it is older
-than one day, to avoid missing package error messages.
-
 
 REQUIRED PARAMETERS
 -------------------

cdist/conf/type/__package_update_index/gencode-remote

@@ -47,9 +47,9 @@ case "$type" in
         echo "pacman --noprogressbar --sync --refresh"
         echo "pacman package database synced (age was: $currage)" >> "$__messages_out"
         ;;
-    apk)
+    alpine)
         echo "apk update"
-        echo "apk package database updated." >>"$__messages_out"
+        echo "apk package database updated."
         ;;
     *)
         echo "Don't know how to manage packages for type: $type" >&2

cdist/conf/type/__postgres_database/gencode-remote

@@ -41,16 +41,12 @@ if [ "$state_should" != "$state_is" ]; then
       present)
          owner=""
          if [ -f "$__object/parameter/owner" ]; then
-            owner="-O \"$(cat "$__object/parameter/owner")\""
+            owner="-O '$(cat "$__object/parameter/owner")'"
          fi
-         cat << EOF
-su - '$postgres_user' -c "createdb $owner \"$name\""
-EOF
+         echo "su - '$postgres_user' -c \"createdb $owner '$name'\""
       ;;
       absent)
-         cat << EOF
-su - '$postgres_user' -c "dropdb \"$name\""
-EOF
+         echo "su - '$postgres_user' -c \"dropdb '$name'\""
       ;;
    esac
 fi

cdist/conf/type/__postgres_role/gencode-remote

@@ -53,13 +53,11 @@ case "$state_should" in
         done
 
         [ -n "$password" ] && password="PASSWORD '$password'"
-        cat << EOF
-su - '$postgres_user' -c "psql postgres -wc \"CREATE ROLE \\\\\"$name\\\\\" WITH $password $booleans;\""
-EOF
+
+        cmd="CREATE ROLE $name WITH $password $booleans"
+        echo "su - '$postgres_user' -c \"psql postgres -wc \\\"$cmd\\\"\""
     ;;
     absent)
-        cat << EOF
-su - '$postgres_user' -c "dropuser \"$name\""
-EOF
+        echo "su - '$postgres_user' -c \"dropuser \\\"$name\\\"\""
     ;;
 esac

cdist/conf/type/__service/explorer/service-manager

@@ -1,8 +0,0 @@
-#!/bin/sh
-
-# Assume systemd if systemctl is in PATH.
-if [ "$(command -v systemctl)" ]; then
-	printf "systemd"
-else
-	printf "unknown"
-fi

cdist/conf/type/__service/gencode-remote

@@ -1,9 +0,0 @@
-#!/bin/sh
-
-manager="$(cat "$__object/explorer/service-manager")"
-name=$__object_id
-action="$(cat "$__object/parameter/action")"
-
-if [ "$manager" = "unknown" ]; then
-	echo "service '$name' '$action'"
-fi

cdist/conf/type/__service/man.rst

@@ -1,51 +0,0 @@
-cdist-type__service(7)
-======================
-
-NAME
-----
-cdist-type__service - Run action on a system service
-
-
-DESCRIPTION
------------
-This type allows you to run an action against a system service.
-
-
-REQUIRED PARAMETERS
--------------------
-action
-  Arbitrary parameter passed as action. Usually 'start', 'stop', 'reload' or 'restart'.
-
-OPTIONAL PARAMETERS
--------------------
-None.
-
-
-BOOLEAN PARAMETERS
-------------------
-None.
-
-
-EXAMPLES
---------
-
-.. code-block:: sh
-
-    # Restart nginx service.
-    __service nginx --action restart
-
-    # Stop postfix service.
-    __service postfix --action stop
-
-
-AUTHORS
--------
-Timothée Floure <timothee.floure@ungleich.ch>
-
-
-COPYING
--------
-Copyright \(C) 2019 Timothée Floure. You can redistribute it
-and/or modify it under the terms of the GNU General Public License as
-published by the Free Software Foundation, either version 3 of the
-License, or (at your option) any later version.