diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 00000000..45c10d7b
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,8 @@
+.gitignore export-ignore
+.gitattributes export-ignore
+.gitkeep export-ignore
+docs/speeches export-ignore
+docs/video export-ignore
+docs/src/man7 export-ignore
+bin/build-helper export-ignore
+README-maintainers export-ignore
diff --git a/.gitignore b/.gitignore
index 76ed1fcb..85a8ccc7 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,24 +1,54 @@
# -vim
-.*.swp
+# Swap
+[._]*.s[a-v][a-z]
+[._]*.sw[a-p]
+[._]s[a-rt-v][a-z]
+[._]ss[a-gi-z]
+[._]sw[a-p]
+
+# Session
+Session.vim
+
+# Temporary
+.netrwhist
+*~
+*.tmp
+# Auto-generated tag files
+tags
+# Persistent undo
+[._]*.un~
# Ignore generated manpages
-docs/man/.marker
-docs/man/man1/*.1
-docs/man/man7/*.7
-docs/man/man*/*.html
-docs/man/man*/*.xml
-docs/man/man*/docbook-xsl.css
-docs/man/man7/cdist-type__*.text
-docs/man/man7/cdist-reference.text
+docs/src/.marker
+docs/src/man1/*.1
+docs/src/man7/*.7
+docs/src/man7/cdist-type__*.rst
+docs/src/cdist-reference.rst
+docs/src/cdist-types.rst
+docs/src/cdist.cfg.skeleton
# Ignore cdist cache for version control
/cache/
+# Ignore inventory basedir
+cdist/inventory/
+
# Python: cache, distutils, distribution in general
__pycache__/
-MANIFEST
+*.pyc
+/MANIFEST
dist/
cdist/version.py
+cdist.egg-info/
+
+# sphinx build dirs, cache
+_build/
+docs/dist
+
+# Ignore temp files used for signing
+cdist-*.tar
+cdist-*.tar.gz
+cdist-*.tar.gz.asc
# Packaging: Archlinux
/PKGBUILD
@@ -29,3 +59,5 @@ cdist/version.py
build
.lock-*
.git-current-branch
+.lock*
+.pypi-release
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
new file mode 100644
index 00000000..e215652c
--- /dev/null
+++ b/.gitlab-ci.yml
@@ -0,0 +1,20 @@
+stages:
+ - test
+
+image: code.ungleich.ch:5050/ungleich-public/cdist/cdist-ci:latest
+
+unit_tests:
+ stage: test
+ script:
+ - ./bin/build-helper version
+ - ./bin/build-helper test
+
+pycodestyle:
+ stage: test
+ script:
+ - ./bin/build-helper pycodestyle
+
+shellcheck:
+ stage: test
+ script:
+ - ./bin/build-helper shellcheck
diff --git a/.version b/.version
deleted file mode 100644
index 71f08595..00000000
--- a/.version
+++ /dev/null
@@ -1 +0,0 @@
-2.1.0-pre1
diff --git a/LICENSE b/LICENSE
new file mode 100644
index 00000000..14682ad6
--- /dev/null
+++ b/LICENSE
@@ -0,0 +1,674 @@
+ GNU GENERAL PUBLIC LICENSE
+ Version 3, 29 June 2007
+
+ Copyright (C) 2007 Free Software Foundation, Inc.
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+
+ Preamble
+
+ The GNU General Public License is a free, copyleft license for
+software and other kinds of works.
+
+ The licenses for most software and other practical works are designed
+to take away your freedom to share and change the works. By contrast,
+the GNU General Public License is intended to guarantee your freedom to
+share and change all versions of a program--to make sure it remains free
+software for all its users. We, the Free Software Foundation, use the
+GNU General Public License for most of our software; it applies also to
+any other work released this way by its authors. You can apply it to
+your programs, too.
+
+ When we speak of free software, we are referring to freedom, not
+price. Our General Public Licenses are designed to make sure that you
+have the freedom to distribute copies of free software (and charge for
+them if you wish), that you receive source code or can get it if you
+want it, that you can change the software or use pieces of it in new
+free programs, and that you know you can do these things.
+
+ To protect your rights, we need to prevent others from denying you
+these rights or asking you to surrender the rights. Therefore, you have
+certain responsibilities if you distribute copies of the software, or if
+you modify it: responsibilities to respect the freedom of others.
+
+ For example, if you distribute copies of such a program, whether
+gratis or for a fee, you must pass on to the recipients the same
+freedoms that you received. You must make sure that they, too, receive
+or can get the source code. And you must show them these terms so they
+know their rights.
+
+ Developers that use the GNU GPL protect your rights with two steps:
+(1) assert copyright on the software, and (2) offer you this License
+giving you legal permission to copy, distribute and/or modify it.
+
+ For the developers' and authors' protection, the GPL clearly explains
+that there is no warranty for this free software. For both users' and
+authors' sake, the GPL requires that modified versions be marked as
+changed, so that their problems will not be attributed erroneously to
+authors of previous versions.
+
+ Some devices are designed to deny users access to install or run
+modified versions of the software inside them, although the manufacturer
+can do so. This is fundamentally incompatible with the aim of
+protecting users' freedom to change the software. The systematic
+pattern of such abuse occurs in the area of products for individuals to
+use, which is precisely where it is most unacceptable. Therefore, we
+have designed this version of the GPL to prohibit the practice for those
+products. If such problems arise substantially in other domains, we
+stand ready to extend this provision to those domains in future versions
+of the GPL, as needed to protect the freedom of users.
+
+ Finally, every program is threatened constantly by software patents.
+States should not allow patents to restrict development and use of
+software on general-purpose computers, but in those that do, we wish to
+avoid the special danger that patents applied to a free program could
+make it effectively proprietary. To prevent this, the GPL assures that
+patents cannot be used to render the program non-free.
+
+ The precise terms and conditions for copying, distribution and
+modification follow.
+
+ TERMS AND CONDITIONS
+
+ 0. Definitions.
+
+ "This License" refers to version 3 of the GNU General Public License.
+
+ "Copyright" also means copyright-like laws that apply to other kinds of
+works, such as semiconductor masks.
+
+ "The Program" refers to any copyrightable work licensed under this
+License. Each licensee is addressed as "you". "Licensees" and
+"recipients" may be individuals or organizations.
+
+ To "modify" a work means to copy from or adapt all or part of the work
+in a fashion requiring copyright permission, other than the making of an
+exact copy. The resulting work is called a "modified version" of the
+earlier work or a work "based on" the earlier work.
+
+ A "covered work" means either the unmodified Program or a work based
+on the Program.
+
+ To "propagate" a work means to do anything with it that, without
+permission, would make you directly or secondarily liable for
+infringement under applicable copyright law, except executing it on a
+computer or modifying a private copy. Propagation includes copying,
+distribution (with or without modification), making available to the
+public, and in some countries other activities as well.
+
+ To "convey" a work means any kind of propagation that enables other
+parties to make or receive copies. Mere interaction with a user through
+a computer network, with no transfer of a copy, is not conveying.
+
+ An interactive user interface displays "Appropriate Legal Notices"
+to the extent that it includes a convenient and prominently visible
+feature that (1) displays an appropriate copyright notice, and (2)
+tells the user that there is no warranty for the work (except to the
+extent that warranties are provided), that licensees may convey the
+work under this License, and how to view a copy of this License. If
+the interface presents a list of user commands or options, such as a
+menu, a prominent item in the list meets this criterion.
+
+ 1. Source Code.
+
+ The "source code" for a work means the preferred form of the work
+for making modifications to it. "Object code" means any non-source
+form of a work.
+
+ A "Standard Interface" means an interface that either is an official
+standard defined by a recognized standards body, or, in the case of
+interfaces specified for a particular programming language, one that
+is widely used among developers working in that language.
+
+ The "System Libraries" of an executable work include anything, other
+than the work as a whole, that (a) is included in the normal form of
+packaging a Major Component, but which is not part of that Major
+Component, and (b) serves only to enable use of the work with that
+Major Component, or to implement a Standard Interface for which an
+implementation is available to the public in source code form. A
+"Major Component", in this context, means a major essential component
+(kernel, window system, and so on) of the specific operating system
+(if any) on which the executable work runs, or a compiler used to
+produce the work, or an object code interpreter used to run it.
+
+ The "Corresponding Source" for a work in object code form means all
+the source code needed to generate, install, and (for an executable
+work) run the object code and to modify the work, including scripts to
+control those activities. However, it does not include the work's
+System Libraries, or general-purpose tools or generally available free
+programs which are used unmodified in performing those activities but
+which are not part of the work. For example, Corresponding Source
+includes interface definition files associated with source files for
+the work, and the source code for shared libraries and dynamically
+linked subprograms that the work is specifically designed to require,
+such as by intimate data communication or control flow between those
+subprograms and other parts of the work.
+
+ The Corresponding Source need not include anything that users
+can regenerate automatically from other parts of the Corresponding
+Source.
+
+ The Corresponding Source for a work in source code form is that
+same work.
+
+ 2. Basic Permissions.
+
+ All rights granted under this License are granted for the term of
+copyright on the Program, and are irrevocable provided the stated
+conditions are met. This License explicitly affirms your unlimited
+permission to run the unmodified Program. The output from running a
+covered work is covered by this License only if the output, given its
+content, constitutes a covered work. This License acknowledges your
+rights of fair use or other equivalent, as provided by copyright law.
+
+ You may make, run and propagate covered works that you do not
+convey, without conditions so long as your license otherwise remains
+in force. You may convey covered works to others for the sole purpose
+of having them make modifications exclusively for you, or provide you
+with facilities for running those works, provided that you comply with
+the terms of this License in conveying all material for which you do
+not control copyright. Those thus making or running the covered works
+for you must do so exclusively on your behalf, under your direction
+and control, on terms that prohibit them from making any copies of
+your copyrighted material outside their relationship with you.
+
+ Conveying under any other circumstances is permitted solely under
+the conditions stated below. Sublicensing is not allowed; section 10
+makes it unnecessary.
+
+ 3. Protecting Users' Legal Rights From Anti-Circumvention Law.
+
+ No covered work shall be deemed part of an effective technological
+measure under any applicable law fulfilling obligations under article
+11 of the WIPO copyright treaty adopted on 20 December 1996, or
+similar laws prohibiting or restricting circumvention of such
+measures.
+
+ When you convey a covered work, you waive any legal power to forbid
+circumvention of technological measures to the extent such circumvention
+is effected by exercising rights under this License with respect to
+the covered work, and you disclaim any intention to limit operation or
+modification of the work as a means of enforcing, against the work's
+users, your or third parties' legal rights to forbid circumvention of
+technological measures.
+
+ 4. Conveying Verbatim Copies.
+
+ You may convey verbatim copies of the Program's source code as you
+receive it, in any medium, provided that you conspicuously and
+appropriately publish on each copy an appropriate copyright notice;
+keep intact all notices stating that this License and any
+non-permissive terms added in accord with section 7 apply to the code;
+keep intact all notices of the absence of any warranty; and give all
+recipients a copy of this License along with the Program.
+
+ You may charge any price or no price for each copy that you convey,
+and you may offer support or warranty protection for a fee.
+
+ 5. Conveying Modified Source Versions.
+
+ You may convey a work based on the Program, or the modifications to
+produce it from the Program, in the form of source code under the
+terms of section 4, provided that you also meet all of these conditions:
+
+ a) The work must carry prominent notices stating that you modified
+ it, and giving a relevant date.
+
+ b) The work must carry prominent notices stating that it is
+ released under this License and any conditions added under section
+ 7. This requirement modifies the requirement in section 4 to
+ "keep intact all notices".
+
+ c) You must license the entire work, as a whole, under this
+ License to anyone who comes into possession of a copy. This
+ License will therefore apply, along with any applicable section 7
+ additional terms, to the whole of the work, and all its parts,
+ regardless of how they are packaged. This License gives no
+ permission to license the work in any other way, but it does not
+ invalidate such permission if you have separately received it.
+
+ d) If the work has interactive user interfaces, each must display
+ Appropriate Legal Notices; however, if the Program has interactive
+ interfaces that do not display Appropriate Legal Notices, your
+ work need not make them do so.
+
+ A compilation of a covered work with other separate and independent
+works, which are not by their nature extensions of the covered work,
+and which are not combined with it such as to form a larger program,
+in or on a volume of a storage or distribution medium, is called an
+"aggregate" if the compilation and its resulting copyright are not
+used to limit the access or legal rights of the compilation's users
+beyond what the individual works permit. Inclusion of a covered work
+in an aggregate does not cause this License to apply to the other
+parts of the aggregate.
+
+ 6. Conveying Non-Source Forms.
+
+ You may convey a covered work in object code form under the terms
+of sections 4 and 5, provided that you also convey the
+machine-readable Corresponding Source under the terms of this License,
+in one of these ways:
+
+ a) Convey the object code in, or embodied in, a physical product
+ (including a physical distribution medium), accompanied by the
+ Corresponding Source fixed on a durable physical medium
+ customarily used for software interchange.
+
+ b) Convey the object code in, or embodied in, a physical product
+ (including a physical distribution medium), accompanied by a
+ written offer, valid for at least three years and valid for as
+ long as you offer spare parts or customer support for that product
+ model, to give anyone who possesses the object code either (1) a
+ copy of the Corresponding Source for all the software in the
+ product that is covered by this License, on a durable physical
+ medium customarily used for software interchange, for a price no
+ more than your reasonable cost of physically performing this
+ conveying of source, or (2) access to copy the
+ Corresponding Source from a network server at no charge.
+
+ c) Convey individual copies of the object code with a copy of the
+ written offer to provide the Corresponding Source. This
+ alternative is allowed only occasionally and noncommercially, and
+ only if you received the object code with such an offer, in accord
+ with subsection 6b.
+
+ d) Convey the object code by offering access from a designated
+ place (gratis or for a charge), and offer equivalent access to the
+ Corresponding Source in the same way through the same place at no
+ further charge. You need not require recipients to copy the
+ Corresponding Source along with the object code. If the place to
+ copy the object code is a network server, the Corresponding Source
+ may be on a different server (operated by you or a third party)
+ that supports equivalent copying facilities, provided you maintain
+ clear directions next to the object code saying where to find the
+ Corresponding Source. Regardless of what server hosts the
+ Corresponding Source, you remain obligated to ensure that it is
+ available for as long as needed to satisfy these requirements.
+
+ e) Convey the object code using peer-to-peer transmission, provided
+ you inform other peers where the object code and Corresponding
+ Source of the work are being offered to the general public at no
+ charge under subsection 6d.
+
+ A separable portion of the object code, whose source code is excluded
+from the Corresponding Source as a System Library, need not be
+included in conveying the object code work.
+
+ A "User Product" is either (1) a "consumer product", which means any
+tangible personal property which is normally used for personal, family,
+or household purposes, or (2) anything designed or sold for incorporation
+into a dwelling. In determining whether a product is a consumer product,
+doubtful cases shall be resolved in favor of coverage. For a particular
+product received by a particular user, "normally used" refers to a
+typical or common use of that class of product, regardless of the status
+of the particular user or of the way in which the particular user
+actually uses, or expects or is expected to use, the product. A product
+is a consumer product regardless of whether the product has substantial
+commercial, industrial or non-consumer uses, unless such uses represent
+the only significant mode of use of the product.
+
+ "Installation Information" for a User Product means any methods,
+procedures, authorization keys, or other information required to install
+and execute modified versions of a covered work in that User Product from
+a modified version of its Corresponding Source. The information must
+suffice to ensure that the continued functioning of the modified object
+code is in no case prevented or interfered with solely because
+modification has been made.
+
+ If you convey an object code work under this section in, or with, or
+specifically for use in, a User Product, and the conveying occurs as
+part of a transaction in which the right of possession and use of the
+User Product is transferred to the recipient in perpetuity or for a
+fixed term (regardless of how the transaction is characterized), the
+Corresponding Source conveyed under this section must be accompanied
+by the Installation Information. But this requirement does not apply
+if neither you nor any third party retains the ability to install
+modified object code on the User Product (for example, the work has
+been installed in ROM).
+
+ The requirement to provide Installation Information does not include a
+requirement to continue to provide support service, warranty, or updates
+for a work that has been modified or installed by the recipient, or for
+the User Product in which it has been modified or installed. Access to a
+network may be denied when the modification itself materially and
+adversely affects the operation of the network or violates the rules and
+protocols for communication across the network.
+
+ Corresponding Source conveyed, and Installation Information provided,
+in accord with this section must be in a format that is publicly
+documented (and with an implementation available to the public in
+source code form), and must require no special password or key for
+unpacking, reading or copying.
+
+ 7. Additional Terms.
+
+ "Additional permissions" are terms that supplement the terms of this
+License by making exceptions from one or more of its conditions.
+Additional permissions that are applicable to the entire Program shall
+be treated as though they were included in this License, to the extent
+that they are valid under applicable law. If additional permissions
+apply only to part of the Program, that part may be used separately
+under those permissions, but the entire Program remains governed by
+this License without regard to the additional permissions.
+
+ When you convey a copy of a covered work, you may at your option
+remove any additional permissions from that copy, or from any part of
+it. (Additional permissions may be written to require their own
+removal in certain cases when you modify the work.) You may place
+additional permissions on material, added by you to a covered work,
+for which you have or can give appropriate copyright permission.
+
+ Notwithstanding any other provision of this License, for material you
+add to a covered work, you may (if authorized by the copyright holders of
+that material) supplement the terms of this License with terms:
+
+ a) Disclaiming warranty or limiting liability differently from the
+ terms of sections 15 and 16 of this License; or
+
+ b) Requiring preservation of specified reasonable legal notices or
+ author attributions in that material or in the Appropriate Legal
+ Notices displayed by works containing it; or
+
+ c) Prohibiting misrepresentation of the origin of that material, or
+ requiring that modified versions of such material be marked in
+ reasonable ways as different from the original version; or
+
+ d) Limiting the use for publicity purposes of names of licensors or
+ authors of the material; or
+
+ e) Declining to grant rights under trademark law for use of some
+ trade names, trademarks, or service marks; or
+
+ f) Requiring indemnification of licensors and authors of that
+ material by anyone who conveys the material (or modified versions of
+ it) with contractual assumptions of liability to the recipient, for
+ any liability that these contractual assumptions directly impose on
+ those licensors and authors.
+
+ All other non-permissive additional terms are considered "further
+restrictions" within the meaning of section 10. If the Program as you
+received it, or any part of it, contains a notice stating that it is
+governed by this License along with a term that is a further
+restriction, you may remove that term. If a license document contains
+a further restriction but permits relicensing or conveying under this
+License, you may add to a covered work material governed by the terms
+of that license document, provided that the further restriction does
+not survive such relicensing or conveying.
+
+ If you add terms to a covered work in accord with this section, you
+must place, in the relevant source files, a statement of the
+additional terms that apply to those files, or a notice indicating
+where to find the applicable terms.
+
+ Additional terms, permissive or non-permissive, may be stated in the
+form of a separately written license, or stated as exceptions;
+the above requirements apply either way.
+
+ 8. Termination.
+
+ You may not propagate or modify a covered work except as expressly
+provided under this License. Any attempt otherwise to propagate or
+modify it is void, and will automatically terminate your rights under
+this License (including any patent licenses granted under the third
+paragraph of section 11).
+
+ However, if you cease all violation of this License, then your
+license from a particular copyright holder is reinstated (a)
+provisionally, unless and until the copyright holder explicitly and
+finally terminates your license, and (b) permanently, if the copyright
+holder fails to notify you of the violation by some reasonable means
+prior to 60 days after the cessation.
+
+ Moreover, your license from a particular copyright holder is
+reinstated permanently if the copyright holder notifies you of the
+violation by some reasonable means, this is the first time you have
+received notice of violation of this License (for any work) from that
+copyright holder, and you cure the violation prior to 30 days after
+your receipt of the notice.
+
+ Termination of your rights under this section does not terminate the
+licenses of parties who have received copies or rights from you under
+this License. If your rights have been terminated and not permanently
+reinstated, you do not qualify to receive new licenses for the same
+material under section 10.
+
+ 9. Acceptance Not Required for Having Copies.
+
+ You are not required to accept this License in order to receive or
+run a copy of the Program. Ancillary propagation of a covered work
+occurring solely as a consequence of using peer-to-peer transmission
+to receive a copy likewise does not require acceptance. However,
+nothing other than this License grants you permission to propagate or
+modify any covered work. These actions infringe copyright if you do
+not accept this License. Therefore, by modifying or propagating a
+covered work, you indicate your acceptance of this License to do so.
+
+ 10. Automatic Licensing of Downstream Recipients.
+
+ Each time you convey a covered work, the recipient automatically
+receives a license from the original licensors, to run, modify and
+propagate that work, subject to this License. You are not responsible
+for enforcing compliance by third parties with this License.
+
+ An "entity transaction" is a transaction transferring control of an
+organization, or substantially all assets of one, or subdividing an
+organization, or merging organizations. If propagation of a covered
+work results from an entity transaction, each party to that
+transaction who receives a copy of the work also receives whatever
+licenses to the work the party's predecessor in interest had or could
+give under the previous paragraph, plus a right to possession of the
+Corresponding Source of the work from the predecessor in interest, if
+the predecessor has it or can get it with reasonable efforts.
+
+ You may not impose any further restrictions on the exercise of the
+rights granted or affirmed under this License. For example, you may
+not impose a license fee, royalty, or other charge for exercise of
+rights granted under this License, and you may not initiate litigation
+(including a cross-claim or counterclaim in a lawsuit) alleging that
+any patent claim is infringed by making, using, selling, offering for
+sale, or importing the Program or any portion of it.
+
+ 11. Patents.
+
+ A "contributor" is a copyright holder who authorizes use under this
+License of the Program or a work on which the Program is based. The
+work thus licensed is called the contributor's "contributor version".
+
+ A contributor's "essential patent claims" are all patent claims
+owned or controlled by the contributor, whether already acquired or
+hereafter acquired, that would be infringed by some manner, permitted
+by this License, of making, using, or selling its contributor version,
+but do not include claims that would be infringed only as a
+consequence of further modification of the contributor version. For
+purposes of this definition, "control" includes the right to grant
+patent sublicenses in a manner consistent with the requirements of
+this License.
+
+ Each contributor grants you a non-exclusive, worldwide, royalty-free
+patent license under the contributor's essential patent claims, to
+make, use, sell, offer for sale, import and otherwise run, modify and
+propagate the contents of its contributor version.
+
+ In the following three paragraphs, a "patent license" is any express
+agreement or commitment, however denominated, not to enforce a patent
+(such as an express permission to practice a patent or covenant not to
+sue for patent infringement). To "grant" such a patent license to a
+party means to make such an agreement or commitment not to enforce a
+patent against the party.
+
+ If you convey a covered work, knowingly relying on a patent license,
+and the Corresponding Source of the work is not available for anyone
+to copy, free of charge and under the terms of this License, through a
+publicly available network server or other readily accessible means,
+then you must either (1) cause the Corresponding Source to be so
+available, or (2) arrange to deprive yourself of the benefit of the
+patent license for this particular work, or (3) arrange, in a manner
+consistent with the requirements of this License, to extend the patent
+license to downstream recipients. "Knowingly relying" means you have
+actual knowledge that, but for the patent license, your conveying the
+covered work in a country, or your recipient's use of the covered work
+in a country, would infringe one or more identifiable patents in that
+country that you have reason to believe are valid.
+
+ If, pursuant to or in connection with a single transaction or
+arrangement, you convey, or propagate by procuring conveyance of, a
+covered work, and grant a patent license to some of the parties
+receiving the covered work authorizing them to use, propagate, modify
+or convey a specific copy of the covered work, then the patent license
+you grant is automatically extended to all recipients of the covered
+work and works based on it.
+
+ A patent license is "discriminatory" if it does not include within
+the scope of its coverage, prohibits the exercise of, or is
+conditioned on the non-exercise of one or more of the rights that are
+specifically granted under this License. You may not convey a covered
+work if you are a party to an arrangement with a third party that is
+in the business of distributing software, under which you make payment
+to the third party based on the extent of your activity of conveying
+the work, and under which the third party grants, to any of the
+parties who would receive the covered work from you, a discriminatory
+patent license (a) in connection with copies of the covered work
+conveyed by you (or copies made from those copies), or (b) primarily
+for and in connection with specific products or compilations that
+contain the covered work, unless you entered into that arrangement,
+or that patent license was granted, prior to 28 March 2007.
+
+ Nothing in this License shall be construed as excluding or limiting
+any implied license or other defenses to infringement that may
+otherwise be available to you under applicable patent law.
+
+ 12. No Surrender of Others' Freedom.
+
+ If conditions are imposed on you (whether by court order, agreement or
+otherwise) that contradict the conditions of this License, they do not
+excuse you from the conditions of this License. If you cannot convey a
+covered work so as to satisfy simultaneously your obligations under this
+License and any other pertinent obligations, then as a consequence you may
+not convey it at all. For example, if you agree to terms that obligate you
+to collect a royalty for further conveying from those to whom you convey
+the Program, the only way you could satisfy both those terms and this
+License would be to refrain entirely from conveying the Program.
+
+ 13. Use with the GNU Affero General Public License.
+
+ Notwithstanding any other provision of this License, you have
+permission to link or combine any covered work with a work licensed
+under version 3 of the GNU Affero General Public License into a single
+combined work, and to convey the resulting work. The terms of this
+License will continue to apply to the part which is the covered work,
+but the special requirements of the GNU Affero General Public License,
+section 13, concerning interaction through a network will apply to the
+combination as such.
+
+ 14. Revised Versions of this License.
+
+ The Free Software Foundation may publish revised and/or new versions of
+the GNU General Public License from time to time. Such new versions will
+be similar in spirit to the present version, but may differ in detail to
+address new problems or concerns.
+
+ Each version is given a distinguishing version number. If the
+Program specifies that a certain numbered version of the GNU General
+Public License "or any later version" applies to it, you have the
+option of following the terms and conditions either of that numbered
+version or of any later version published by the Free Software
+Foundation. If the Program does not specify a version number of the
+GNU General Public License, you may choose any version ever published
+by the Free Software Foundation.
+
+ If the Program specifies that a proxy can decide which future
+versions of the GNU General Public License can be used, that proxy's
+public statement of acceptance of a version permanently authorizes you
+to choose that version for the Program.
+
+ Later license versions may give you additional or different
+permissions. However, no additional obligations are imposed on any
+author or copyright holder as a result of your choosing to follow a
+later version.
+
+ 15. Disclaimer of Warranty.
+
+ THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
+APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
+HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
+OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
+THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
+IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
+ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
+
+ 16. Limitation of Liability.
+
+ IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
+WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
+THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
+GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
+USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
+DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
+PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
+EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
+SUCH DAMAGES.
+
+ 17. Interpretation of Sections 15 and 16.
+
+ If the disclaimer of warranty and limitation of liability provided
+above cannot be given local legal effect according to their terms,
+reviewing courts shall apply local law that most closely approximates
+an absolute waiver of all civil liability in connection with the
+Program, unless a warranty or assumption of liability accompanies a
+copy of the Program in return for a fee.
+
+ END OF TERMS AND CONDITIONS
+
+ How to Apply These Terms to Your New Programs
+
+ If you develop a new program, and you want it to be of the greatest
+possible use to the public, the best way to achieve this is to make it
+free software which everyone can redistribute and change under these terms.
+
+ To do so, attach the following notices to the program. It is safest
+to attach them to the start of each source file to most effectively
+state the exclusion of warranty; and each file should have at least
+the "copyright" line and a pointer to where the full notice is found.
+
+ cdist
+ Copyright (C) 2019 ungleich-public
+
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see .
+
+Also add information on how to contact you by electronic and paper mail.
+
+ If the program does terminal interaction, make it output a short
+notice like this when it starts in an interactive mode:
+
+ cdist Copyright (C) 2019 ungleich-public
+ This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
+ This is free software, and you are welcome to redistribute it
+ under certain conditions; type `show c' for details.
+
+The hypothetical commands `show w' and `show c' should show the appropriate
+parts of the General Public License. Of course, your program's commands
+might be different; for a GUI interface, you would use an "about box".
+
+ You should also get your employer (if you work as a programmer) or school,
+if any, to sign a "copyright disclaimer" for the program, if necessary.
+For more information on this, and how to apply and follow the GNU GPL, see
+.
+
+ The GNU General Public License does not permit incorporating your program
+into proprietary programs. If your program is a subroutine library, you
+may consider it more useful to permit linking proprietary applications with
+the library. If this is what you want to do, use the GNU Lesser General
+Public License instead of this License. But first, please read
+.
diff --git a/Makefile b/Makefile
index 0fa6965d..f89ac1e7 100644
--- a/Makefile
+++ b/Makefile
@@ -18,101 +18,100 @@
#
#
-# dist = local
-# release = remote
+.PHONY: help
+help:
+ @echo "Please use \`make ' where is one of"
+ @echo "man build only man user documentation"
+ @echo "html build only html user documentation"
+ @echo "docs build both man and html user documentation"
+ @echo "dotman build man pages for types in your ~/.cdist directory"
+ @echo "speeches build speeches pdf files"
+ @echo "install install in the system site-packages directory"
+ @echo "install-user install in the user site-packages directory"
+ @echo "docs-clean clean documentation"
+ @echo "clean clean"
-A2XM=a2x -f manpage --no-xmllint -a encoding=UTF-8
-A2XH=a2x -f xhtml --no-xmllint -a encoding=UTF-8
-helper=./bin/build-helper
+DOCS_SRC_DIR=./docs/src
+SPEECHDIR=./docs/speeches
+TYPEDIR=./cdist/conf/type
-MANDIR=docs/man
-SPEECHDIR=docs/speeches
-TYPEDIR=cdist/conf/type
-
-WEBSRCDIR=docs/web
-
-WEBDIR=$$HOME/www.nico.schottelius.org
-WEBBLOG=$(WEBDIR)/blog
-WEBBASE=$(WEBDIR)/software/cdist
-WEBPAGE=$(WEBBASE).mdwn
-
-CHANGELOG_VERSION=$(shell $(helper) changelog-version)
-CHANGELOG_FILE=docs/changelog
-
-VERSION_FILE=cdist/version.py
+SPHINXM=make -C $(DOCS_SRC_DIR) man
+SPHINXH=make -C $(DOCS_SRC_DIR) html
+SPHINXC=make -C $(DOCS_SRC_DIR) clean
################################################################################
# Manpages
#
-MAN1DSTDIR=$(MANDIR)/man1
-MAN7DSTDIR=$(MANDIR)/man7
+MAN7DSTDIR=$(DOCS_SRC_DIR)/man7
# Manpages #1: Types
-# Use shell / ls to get complete list - $(TYPEDIR)/*/man.text does not work
-MANTYPESRC=$(shell ls $(TYPEDIR)/*/man.text)
-
-# replace first path component
+# Use shell / ls to get complete list - $(TYPEDIR)/*/man.rst does not work
+# Using ls does not work if no file with given pattern exist, so use wildcard
+MANTYPESRC=$(wildcard $(TYPEDIR)/*/man.rst)
MANTYPEPREFIX=$(subst $(TYPEDIR)/,$(MAN7DSTDIR)/cdist-type,$(MANTYPESRC))
+MANTYPES=$(subst /man.rst,.rst,$(MANTYPEPREFIX))
-# replace man.text with .7 or .html
-MANTYPEMAN=$(subst /man.text,.7,$(MANTYPEPREFIX))
-MANTYPEHTML=$(subst /man.text,.html,$(MANTYPEPREFIX))
-MANTYPEALL=$(MANTYPEMAN) $(MANTYPEHTML)
-
-# Link manpage so A2XH does not create man.html but correct named file
-$(MAN7DSTDIR)/cdist-type%.text: $(TYPEDIR)/%/man.text
+# Link manpage: do not create man.html but correct named file
+$(MAN7DSTDIR)/cdist-type%.rst: $(TYPEDIR)/%/man.rst
+ mkdir -p $(MAN7DSTDIR)
ln -sf "../../../$^" $@
# Manpages #2: reference
-MANREF=$(MAN7DSTDIR)/cdist-reference.text
-MANREFSH=$(MANDIR)/cdist-reference.text.sh
-MANREFMAN=$(MANREF:.text=.7)
-MANREFHTML=$(MANREF:.text=.html)
-MANREFALL=$(MANREFMAN) $(MANREFHTML)
+DOCSREF=$(MAN7DSTDIR)/cdist-reference.rst
+DOCSREFSH=$(DOCS_SRC_DIR)/cdist-reference.rst.sh
-$(MANREF): $(MANREFSH)
- $(MANREFSH)
+$(DOCSREF): $(DOCSREFSH)
+ $(DOCSREFSH)
-# Manpages #3: static pages
-MAN1STATIC=$(shell ls $(MAN1DSTDIR)/*.text)
-MAN7STATIC=$(shell ls $(MAN7DSTDIR)/*.text)
-MANSTATICMAN=$(MAN1STATIC:.text=.1) $(MAN7STATIC:.text=.7)
-MANSTATICHTML=$(MAN1STATIC:.text=.html) $(MAN7STATIC:.text=.html)
-MANSTATICALL=$(MANSTATICMAN) $(MANSTATICHTML)
+# Html types list with references
+DOCSTYPESREF=$(MAN7DSTDIR)/cdist-types.rst
+DOCSTYPESREFSH=$(DOCS_SRC_DIR)/cdist-types.rst.sh
-# Manpages #4: generic part
+$(DOCSTYPESREF): $(DOCSTYPESREFSH)
+ $(DOCSTYPESREFSH)
-# Creating the type manpage
-%.1 %.7: %.text
- $(A2XM) $^
+DOCSCFGSKEL=./configuration/cdist.cfg.skeleton
-# Creating the type html page
-%.html: %.text
- $(A2XH) $^
+configskel: $(DOCSCFGSKEL)
+ cp -f "$(DOCSCFGSKEL)" "$(DOCS_SRC_DIR)/"
-man: $(MANTYPEALL) $(MANREFALL) $(MANSTATICALL)
+version:
+ @[ -f "cdist/version.py" ] || { \
+ printf "Missing 'cdist/version.py', please generate it first.\n" && exit 1; \
+ }
-# Manpages #5: release part
-MANWEBDIR=$(WEBBASE)/man/$(CHANGELOG_VERSION)
+# Manpages #3: generic part
+man: version $(MANTYPES) $(DOCSREF)
+ $(SPHINXM)
-man-dist: man
- rm -rf "${MANWEBDIR}"
- mkdir -p "${MANWEBDIR}/man1" "${MANWEBDIR}/man7"
- cp ${MAN1DSTDIR}/*.html ${MAN1DSTDIR}/*.css ${MANWEBDIR}/man1
- cp ${MAN7DSTDIR}/*.html ${MAN7DSTDIR}/*.css ${MANWEBDIR}/man7
- cd ${MANWEBDIR} && git add . && git commit -m "cdist manpages update: $(CHANGELOG_VERSION)"
+html: version configskel $(MANTYPES) $(DOCSREF) $(DOCSTYPESREF)
+ $(SPHINXH)
-man-release: web-release
- # Fix ikiwiki, which does not like symlinks for pseudo security
- ssh tee.schottelius.org \
- "cd /home/services/www/nico/www.nico.schottelius.org/www/software/cdist/man && rm -f latest && ln -sf "$(CHANGELOG_VERSION)" latest"
+docs: man html
+
+docs-clean:
+ $(SPHINXC)
+
+# Manpages: .cdist Types
+DOT_CDIST_PATH=${HOME}/.cdist
+DOTMAN7DSTDIR=$(MAN7DSTDIR)
+DOTTYPEDIR=$(DOT_CDIST_PATH)/type
+DOTMANTYPESRC=$(wildcard $(DOTTYPEDIR)/*/man.rst)
+DOTMANTYPEPREFIX=$(subst $(DOTTYPEDIR)/,$(DOTMAN7DSTDIR)/cdist-type,$(DOTMANTYPESRC))
+DOTMANTYPES=$(subst /man.rst,.rst,$(DOTMANTYPEPREFIX))
+
+# Link manpage: do not create man.html but correct named file
+$(DOTMAN7DSTDIR)/cdist-type%.rst: $(DOTTYPEDIR)/%/man.rst
+ ln -sf "$^" $@
+
+dotman: version $(DOTMANTYPES)
+ $(SPHINXM)
################################################################################
# Speeches
#
SPEECHESOURCES=$(SPEECHDIR)/*.tex
SPEECHES=$(SPEECHESOURCES:.tex=.pdf)
-SPEECHESWEBDIR=$(WEBBASE)/speeches
# Create speeches and ensure Toc is up-to-date
$(SPEECHDIR)/%.pdf: $(SPEECHDIR)/%.tex
@@ -122,171 +121,28 @@ $(SPEECHDIR)/%.pdf: $(SPEECHDIR)/%.tex
speeches: $(SPEECHES)
-speeches-dist: speeches
- rm -rf "${SPEECHESWEBDIR}"
- mkdir -p "${SPEECHESWEBDIR}"
- cp ${SPEECHES} "${SPEECHESWEBDIR}"
- cd ${SPEECHESWEBDIR} && git add . && git commit -m "cdist speeches updated" || true
-
################################################################################
-# Website
+# Misc
#
+clean: docs-clean
+ rm -f $(DOCS_SRC_DIR)/cdist-reference.rst
+ rm -f $(DOCS_SRC_DIR)/cdist-types.rst
+ rm -f $(DOCS_SRC_DIR)/cdist.cfg.skeleton
-BLOGFILE=$(WEBBLOG)/cdist-$(CHANGELOG_VERSION)-released.mdwn
-
-$(BLOGFILE): $(CHANGELOG_FILE)
- $(helper) blog $(CHANGELOG_VERSION) $(BLOGFILE)
-
-web-blog: $(BLOGFILE)
-
-web-doc:
- # Go to top level, because of cdist.mdwn
- rsync -av "$(WEBSRCDIR)/" "${WEBBASE}/.."
- cd "${WEBBASE}/.." && git add cdist* && git commit -m "cdist doc update" cdist* || true
-
-web-dist: web-blog web-doc
-
-web-release: web-dist man-dist speeches-dist
- cd "${WEBDIR}" && make pub
-
-################################################################################
-# Release: Mailinglist
-#
-ML_FILE=.lock-ml
-
-# Only send mail once - lock until new changelog things happened
-$(ML_FILE): $(CHANGELOG_FILE)
- $(helper) ml-release $(CHANGELOG_VERSION)
- touch $@
-
-ml-release: $(ML_FILE)
-
-
-################################################################################
-# Release: Freecode
-#
-FREECODE_FILE=.lock-freecode
-
-$(FREECODE_FILE): $(CHANGELOG_FILE)
- $(helper) freecode-release $(CHANGELOG_VERSION)
- touch $@
-
-freecode-release: $(FREECODE_FILE)
-
-################################################################################
-# git and git dependent stuff
-#
-
-GIT_TAG_FILE=.git/refs/tags/$(CHANGELOG_VERSION)
-GIT_SRC_BRANCH=master
-GIT_DST_BRANCH=$(shell echo $(CHANGELOG_VERSION) | cut -d. -f '1,2')
-GIT_CURRENT=.git-current-branch
-
-git-tag: $(GIT_TAG_FILE)
-
-$(GIT_TAG_FILE):
- @printf "Enter tag description for $(CHANGELOG_VERSION)> "
- @read tagmessage; git tag "$(CHANGELOG_VERSION)" -m "$$tagmessage"
-
-git-branch-merge: git-checkout-stable
- git merge "$(CHANGELOG_VERSION)"
-
-git-checkout-stable: git-tag
- @git rev-parse --abbrev-ref HEAD > $(GIT_CURRENT)
- @git checkout "$(GIT_DST_BRANCH)"
-
-git-checkout-current:
- git checkout "$$(cat $(GIT_CURRENT))"
-
-$(VERSION_FILE): .git/refs/heads/* .git/refs/tags/* .git/HEAD
- echo "VERSION = \"$$(git describe)\"" > $@
-
-git-release: git-tag git-branch-merge
- make pub
-
-################################################################################
-# pypi
-#
-PYPI_FILE=.lock-pypi
-
-pypi-release: $(PYPI_FILE)
-
-$(PYPI_FILE): man $(VERSION_FILE)
- make git-checkout-stable
- python3 setup.py sdist upload
- touch $@
- make git-checkout-current
-
-################################################################################
-# archlinux
-#
-ARCHLINUX_FILE=.lock-archlinux
-ARCHLINUXTAR=cdist-$(CHANGELOG_VERSION)-1.src.tar.gz
-
-$(ARCHLINUXTAR): PKGBUILD pypi-release
- makepkg -c --source
-
-PKGBUILD: PKGBUILD.in $(VERSION_FILE)
- ./PKGBUILD.in
-
-$(ARCHLINUX_FILE): $(ARCHLINUXTAR) $(VERSION_FILE)
- burp -c system $(ARCHLINUXTAR)
- touch $@
-
-archlinux-release: $(ARCHLINUX_FILE)
-
-################################################################################
-# Release
-#
-
-CHECKS=check-date check-unittest
-
-RELEASE=speeches-dist web-release
-RELEASE+=ml-release freecode-release
-RELEASE+=man-dist pypi-release git-release
-RELEASE+=archlinux-release
-
-release: $(CHECKS) $(RELEASE)
- echo "Manual steps: linkedin, twitter"
-
-# Code that is better handled in a shell script
-check-%:
- $(helper) $@
-
-################################################################################
-# Cleanup
-#
-
-clean:
- rm -f $(MAN7DSTDIR)/cdist-reference.text
-
- find "$(MANDIR)" -mindepth 2 -type l \
- -o -name "*.1" \
- -o -name "*.7" \
- -o -name "*.html" \
- -o -name "*.xml" \
+ find "$(DOCS_SRC_DIR)" -mindepth 2 -type l \
| xargs rm -f
find * -name __pycache__ | xargs rm -rf
-distclean: clean
- rm -f cdist/version.py MANIFEST PKGBUILD
- rm -rf dist/
-
- # Archlinux
- rm -f cdist-*.pkg.tar.xz cdist-*.tar.gz
- rm -rf pkg/ src/
+ # distutils
+ rm -rf ./build
################################################################################
-# Misc
+# install
#
-# The pub is Nico's "push to all git remotes" way ("make pub")
-pub:
- for remote in "" github sf; do \
- echo "Pushing to $$remote"; \
- git push --mirror $$remote; \
- done
+install:
+ python3 setup.py install
-test:
- $(helper) $@
+install-user:
+ python3 setup.py install --user
diff --git a/PKGBUILD.in b/PKGBUILD.in
index e3ae4619..c0188e68 100755
--- a/PKGBUILD.in
+++ b/PKGBUILD.in
@@ -9,7 +9,7 @@ pkgver=$version
pkgrel=1
pkgdesc='A Usable Configuration Management System"'
arch=('any')
-url='http://www.nico.schottelius.org/software/cdist/'
+url='https://www.cdi.st/'
license=('GPL3')
depends=('python>=3.2.0')
source=("http://pypi.python.org/packages/source/c/cdist/cdist-\${pkgver}.tar.gz")
@@ -17,7 +17,13 @@ source=("http://pypi.python.org/packages/source/c/cdist/cdist-\${pkgver}.tar.gz"
package() {
cd cdist-\${pkgver}
python3 setup.py build install --root="\${pkgdir}"
+ find "\$pkgdir" -type d -exec chmod 0755 {} \;
+ find "\$pkgdir" -type f -exec chmod a+r {} \;
}
eof
makepkg -g >> "${outfile}"
+
+# Fix this issue:
+# error: failed to upload cdist-3.1.6-1.src.tar.gz: Error - all files must have permissions of 644 or 755.
+chmod a+r "${outfile}"
diff --git a/README b/README
index a67e25e3..caf2dac8 100644
--- a/README
+++ b/README
@@ -3,4 +3,5 @@ cdist
cdist is a usable configuration management system.
-For the web documentation have a look at docs/web/.
+For the web documentation have a look at https://www.cdi.st/
+or at docs/src for reStructuredText manual.
diff --git a/README-maintainers b/README-maintainers
new file mode 100644
index 00000000..af57f475
--- /dev/null
+++ b/README-maintainers
@@ -0,0 +1,4 @@
+Maintainers should use ./bin/build-helper script.
+
+Makefile is intended for end users. It can be used for non-maintaining
+targets that can be run from pure source (without git repository).
diff --git a/bin/build-helper b/bin/build-helper
index 54940ab2..ed41e438 100755
--- a/bin/build-helper
+++ b/bin/build-helper
@@ -1,6 +1,7 @@
#!/bin/sh
#
# 2011-2013 Nico Schottelius (nico-cdist at schottelius.org)
+# 2016-2019 Darko Poljak (darko.poljak at gmail.com)
#
# This file is part of cdist.
#
@@ -18,17 +19,67 @@
# along with cdist. If not, see .
#
#
-# This file contains the heavy lifting found usually in the Makefile
+# This file contains the heavy lifting found usually in the Makefile.
#
-basedir=${0%/*}/../
-# Change to checkout directory
-cd "$basedir"
+usage() {
+ printf "usage: %s TARGET [TARGET-ARGS...]
+ Available targets:
+ changelog-changes
+ changelog-version
+ check-date
+ check-unittest
+ ml-release
+ archlinux-release
+ pypi-release
+ release-git-tag
+ sign-git-release
+ release
+ test
+ test-remote
+ pycodestyle
+ pep8
+ check-pycodestyle
+ shellcheck-global-explorers
+ shellcheck-type-explorers
+ shellcheck-manifests
+ shellcheck-local-gencodes
+ shellcheck-remote-gencodes
+ shellcheck-scripts
+ shellcheck-gencodes
+ shellcheck-types
+ shellcheck
+ shellcheck-type-files
+ shellcheck-with-files
+ shellcheck-build-helper
+ check-shellcheck
+ version-branch
+ version
+ target-version
+ clean
+ distclean\n" "$1"
+}
-version=$(git describe)
+basename="${0##*/}"
+
+if [ $# -lt 1 ]
+then
+ usage "${basename}"
+ exit 1
+fi
option=$1; shift
+SHELLCHECKCMD="shellcheck -s sh -f gcc -x"
+# Skip SC2154 for variables starting with __ since such variables are cdist
+# environment variables.
+SHELLCHECK_SKIP=': __.*is referenced but not assigned.*\[SC2154\]'
+SHELLCHECKTMP=".shellcheck.tmp"
+
+# Change to checkout directory
+basedir="${0%/*}/../"
+cd "$basedir"
+
case "$option" in
changelog-changes)
if [ "$#" -eq 1 ]; then
@@ -66,8 +117,8 @@ case "$option" in
date_changelog=$(grep '^[[:digit:]]' "$basedir/docs/changelog" | head -n1 | sed 's/.*: //')
if [ "$date_today" != "$date_changelog" ]; then
- echo "Date in changelog is not today"
- echo "Changelog: $date_changelog"
+ printf "Date in changelog is not today\n"
+ printf "Changelog date: %s\n" "${date_changelog}"
exit 1
fi
;;
@@ -76,49 +127,17 @@ case "$option" in
"$0" test
;;
- blog)
- version=$1; shift
- blogfile=$1; shift
- dir=${blogfile%/*}
- file=${blogfile##*/}
-
-
- cat << eof > "$blogfile"
-[[!meta title="Cdist $version released"]]
-
-Here's a short overview about the changes found in version ${version}:
-
-eof
-
- $0 changelog-changes "$version" >> "$blogfile"
-
- cat << eof >> "$blogfile"
-For more information visit the [[cdist homepage|software/cdist]].
-
-[[!tag cdist config unix]]
-eof
- cd "$dir"
- git add "$file"
- # Allow git commit to fail if there are no changes
- git commit -m "cdist blog update: $version" "$blogfile" || true
- ;;
-
ml-release)
+ if [ $# -ne 1 ]; then
+ printf "%s ml-release version\n" "$0" >&2
+ exit 1
+ fi
+
version=$1; shift
- to_a=cdist
- to_d=l.schottelius.org
- to=${to_a}@${to_d}
-
- from_a=nico-cdist
- from_d=schottelius.org
- from=${from_a}@${from_d}
-
(
cat << eof
-From: Nico -telmich- Schottelius <$from>
-To: cdist mailing list <$to>
-Subject: cdist $version released
+Subject: cdist $version has been released
Hello .*,
@@ -129,52 +148,242 @@ eof
"$0" changelog-changes "$version"
cat << eof
-Cheers,
-
-Nico
-
---
-Automatisation at its best level. With cdist.
eof
- ) | /usr/sbin/sendmail -f "$from" "$to"
+ ) > mailinglist.tmp
;;
-
- freecode-release)
+ archlinux-release)
+ if [ $# -ne 1 ]; then
+ printf "%s archlinux-release version\n" "$0" >&2
+ exit 1
+ fi
version=$1; shift
- api_token=$(awk '/machine freecode login/ { print $8 }' ~/.netrc)
- printf "Enter tag list for freecode release %s> " "$version"
- read taglist
+ ARCHLINUXTAR="cdist-${version}-1.src.tar.gz"
+ ./PKGBUILD.in "${version}"
+ umask 022
+ mkaurball
+ burp -c system "${ARCHLINUXTAR}"
+ ;;
- printf "Enter changelog for freecode release %s> " "$version"
- read changelog
+ pypi-release)
+ # Ensure that pypi release has the right version
+ "$0" version
+
+ make docs-clean
+ make docs
+ python3 setup.py sdist upload
+ ;;
+
+ release-git-tag)
+ target_version=$($0 changelog-version)
+ if git rev-parse --verify "refs/tags/${target_version}" 2>/dev/null; then
+ printf "Tag for %s exists, aborting\n" "${target_version}"
+ exit 1
+ fi
+ printf "Enter tag description for %s: " "${target_version}"
+ read -r tagmessage
+
+ # setup for signed tags:
+ # gpg --fulL-gen-key
+ # gpg --list-secret-keys --keyid-format LONG
+ # git config --local user.signingkey
+ # for exporting pub key:
+ # gpg --armor --export > pubkey.asc
+ # gpg --output pubkey.gpg --export
+ # show tag with signature
+ # git show
+ # verify tag signature
+ # git tag -v
+ #
+ # gpg verify signature
+ # gpg --verify
+ # gpg --no-default-keyring --keyring --verify
+ # Ensure gpg-agent is running.
+ GPG_TTY=$(tty)
+ export GPG_TTY
+ gpg-agent
+
+ git tag -s "$target_version" -m "$tagmessage"
+ git push --tags
+ ;;
+
+ sign-git-release)
+ if [ $# -lt 2 ]
+ then
+ printf "usage: %s sign-git-release TAG TOKEN [ARCHIVE]\n" "$0"
+ printf " if ARCHIVE is not specified then it is created\n"
+ exit 1
+ fi
+ tag="$1"
+ if ! git rev-parse -q --verify "${tag}" >/dev/null 2>&1
+ then
+ printf "Tag \"%s\" not found.\n" "${tag}"
+ exit 1
+ fi
+ token="$2"
+ if [ $# -gt 2 ]
+ then
+ archivename="$3"
+ else
+ archivename="cdist-${tag}.tar"
+ git archive --prefix="cdist-${tag}/" -o "${archivename}" "${tag}" \
+ || exit 1
+ # make sure target version is generated
+ "$0" target-version
+ tar -x -f "${archivename}" || exit 1
+ cp cdist/version.py "cdist-${tag}/cdist/version.py" || exit 1
+ tar -c -f "${archivename}" "cdist-${tag}/" || exit 1
+ rm -r -f "cdist-${tag}/"
+ gzip "${archivename}" || exit 1
+ archivename="${archivename}.gz"
+ fi
+ gpg --armor --detach-sign "${archivename}" || exit 1
+
+ project="ungleich-public%2Fcdist"
+ sed_cmd='s/^.*"markdown":"\([^"]*\)".*$/\1/'
+
+ # upload archive
+ response_archive=$(curl -f -X POST \
+ --http1.1 \
+ -H "PRIVATE-TOKEN: ${token}" \
+ -F "file=@${archivename}" \
+ "https://code.ungleich.ch/api/v4/projects/${project}/uploads" \
+ | sed "${sed_cmd}") || exit 1
+
+ # upload archive signature
+ response_archive_sig=$(curl -f -X POST \
+ --http1.1 \
+ -H "PRIVATE-TOKEN: ${token}" \
+ -F "file=@${archivename}.asc" \
+ "https://code.ungleich.ch/api/v4/projects/${project}/uploads" \
+ | sed "${sed_cmd}") || exit 1
+
+ # make release
+ changelog=$("$0" changelog-changes "$1" | sed 's/^[[:space:]]*//')
+ release_notes=$(
+ printf "%s\n\n%s\n\n**Changelog**\n\n%s\n" \
+ "${response_archive}" "${response_archive_sig}" "${changelog}"
+ )
+ curl -f -X POST \
+ -H "PRIVATE-TOKEN: ${token}" \
+ -F "description=${release_notes}" \
+ "https://code.ungleich.ch/api/v4/projects/${project}/repository/tags/${tag}/release" \
+ || exit 1
+
+ # remove generated files (archive and asc)
+ if [ $# -eq 2 ]
+ then
+ rm -f "${archivename}"
+ fi
+ rm -f "${archivename}.asc"
+ ;;
+
+ release)
+ set -e
+ target_version=$($0 changelog-version)
+ target_branch=$($0 version-branch)
+
+ printf "Beginning release process for %s\n" "${target_version}"
+
+ # First check everything is sane
+ "$0" check-date
+ "$0" check-unittest
+ "$0" check-pycodestyle
+ "$0" check-shellcheck
+
+ # Generate version file to be included in packaging
+ "$0" target-version
+
+ # Ensure the git status is clean, else abort
+ if ! git diff-index --name-only --exit-code HEAD ; then
+ printf "Unclean tree, see files above, aborting.\n"
+ exit 1
+ fi
+
+ # Ensure we are on the master branch
+ masterbranch=yes
+ if [ "$(git rev-parse --abbrev-ref HEAD)" != "master" ]; then
+ printf "Releases are happening from the master branch, aborting.\n"
+
+ printf "Enter the magic word to release anyway:"
+ read -r magicword
+
+ if [ "$magicword" = "iknowwhatido" ]; then
+ masterbranch=no
+ else
+ exit 1
+ fi
+ fi
+
+ if [ "$masterbranch" = yes ]; then
+ # Ensure version branch exists
+ if ! git rev-parse --verify "refs/heads/${target_branch}" 2>/dev/null; then
+ git branch "$target_branch"
+ fi
+
+ # Merge master branch into version branch
+ git checkout "$target_branch"
+ git merge master
+ fi
+
+ # Verify that after the merge everything works
+ "$0" check-date
+ "$0" check-unittest
+
+ # Generate documentation (man and html)
+ # First, clean old generated docs
+ make docs-clean
+ make docs
+
+ #############################################################
+ # Everything green, let's do the release
+
+ # Tag the current commit
+ "$0" release-git-tag
+
+ # Also merge back the version branch
+ if [ "$masterbranch" = yes ]; then
+ git checkout master
+ git merge "$target_branch"
+ fi
+
+ # Publish git changes
+ # if you want to have mirror locally then uncomment this and comment below
+ # git push --mirror
+ git push
+ # push also new branch and set up tracking
+ git push -u origin "${target_branch}"
+ # fi
+
+ # Create and publish package for pypi
+ "$0" pypi-release
+
+ # sign git tag
+ printf "Enter upstream repository authentication token: "
+ read -r token
+ "$0" sign-git-release "${target_version}" "${token}"
+
+ # Announce change on ML
+ "$0" ml-release "${target_version}"
- echo "Submit preview"
cat << eof
-tag_list = $taglist
-changelog = $changelog
-version = $version
+Manual steps post release:
+ - cdist-web
+ - send generated mailinglist.tmp mail
+ - twitter
eof
- printf "Press enter to submit to freecode> "
- read dummy
-
- cat << eof | cfreecode-api release-add cdist
- {
- "auth_code": "$api_token",
- "release": {
- "tag_list": "$taglist",
- "version": "$version",
- "changelog": "$changelog",
- "hidden_from_frontpage": false
- }
- }
-eof
-
;;
test)
- export PYTHONPATH="$(pwd -P)"
+ if [ ! -f "cdist/version.py" ]
+ then
+ printf "cdist/version.py is missing, generate it first.\n"
+ exit 1
+ fi
+
+ PYTHONPATH="$(pwd -P)"
+ export PYTHONPATH
if [ $# -lt 1 ]; then
python3 -m cdist.test
@@ -183,12 +392,174 @@ eof
fi
;;
- version)
- echo "VERSION = \"$(git describe)\"" > cdist/version.py
+ test-remote)
+ if [ ! -f "cdist/version.py" ]
+ then
+ printf "cdist/version.py is missing, generate it first.\n"
+ exit 1
+ fi
+
+ PYTHONPATH="$(pwd -P)"
+ export PYTHONPATH
+
+ python3 -m cdist.test.exec.remote
;;
+ pycodestyle|pep8)
+ pycodestyle "${basedir}" "${basedir}/scripts/cdist"
+ ;;
+
+ check-pycodestyle)
+ "$0" pycodestyle
+ printf "\\nPlease review pycodestyle report.\\n"
+ while true
+ do
+ printf "Continue (yes/no)?\n"
+ any=
+ read -r any
+ case "$any" in
+ yes)
+ break
+ ;;
+ no)
+ exit 1
+ ;;
+ *)
+ printf "Please answer with 'yes' or 'no' explicitly.\n"
+ ;;
+ esac
+ done
+ ;;
+
+ shellcheck-global-explorers)
+ # shellcheck disable=SC2086
+ find cdist/conf/explorer -type f -exec ${SHELLCHECKCMD} {} + | grep -v "${SHELLCHECK_SKIP}" > "${SHELLCHECKTMP}"
+ test ! -s "${SHELLCHECKTMP}" || { cat "${SHELLCHECKTMP}"; exit 1; }
+ ;;
+
+ shellcheck-type-explorers)
+ # shellcheck disable=SC2086
+ find cdist/conf/type -type f -path "*/explorer/*" -exec ${SHELLCHECKCMD} {} + | grep -v "${SHELLCHECK_SKIP}" > "${SHELLCHECKTMP}"
+ test ! -s "${SHELLCHECKTMP}" || { cat "${SHELLCHECKTMP}"; exit 1; }
+ ;;
+
+ shellcheck-manifests)
+ # shellcheck disable=SC2086
+ find cdist/conf/type -type f -name manifest -exec ${SHELLCHECKCMD} {} + | grep -v "${SHELLCHECK_SKIP}" > "${SHELLCHECKTMP}"
+ test ! -s "${SHELLCHECKTMP}" || { cat "${SHELLCHECKTMP}"; exit 1; }
+ ;;
+
+ shellcheck-local-gencodes)
+ # shellcheck disable=SC2086
+ find cdist/conf/type -type f -name gencode-local -exec ${SHELLCHECKCMD} {} + | grep -v "${SHELLCHECK_SKIP}" > "${SHELLCHECKTMP}"
+ test ! -s "${SHELLCHECKTMP}" || { cat "${SHELLCHECKTMP}"; exit 1; }
+ ;;
+
+ shellcheck-remote-gencodes)
+ # shellcheck disable=SC2086
+ find cdist/conf/type -type f -name gencode-remote -exec ${SHELLCHECKCMD} {} + | grep -v "${SHELLCHECK_SKIP}" > "${SHELLCHECKTMP}"
+ test ! -s "${SHELLCHECKTMP}" || { cat "${SHELLCHECKTMP}"; exit 1; }
+ ;;
+
+ shellcheck-scripts)
+ # shellcheck disable=SC2086
+ ${SHELLCHECKCMD} scripts/cdist-dump scripts/cdist-new-type > "${SHELLCHECKTMP}"
+ test ! -s "${SHELLCHECKTMP}" || { cat "${SHELLCHECKTMP}"; exit 1; }
+ ;;
+
+ shellcheck-gencodes)
+ "$0" shellcheck-local-gencodes || exit 1
+ "$0" shellcheck-remote-gencodes || exit 1
+ ;;
+
+ shellcheck-types)
+ "$0" shellcheck-type-explorers || exit 1
+ "$0" shellcheck-manifests || exit 1
+ "$0" shellcheck-gencodes || exit 1
+ ;;
+
+ shellcheck)
+ "$0" shellcheck-global-explorers || exit 1
+ "$0" shellcheck-types || exit 1
+ "$0" shellcheck-scripts || exit 1
+ ;;
+
+ shellcheck-type-files)
+ # shellcheck disable=SC2086
+ find cdist/conf/type -type f -path "*/files/*" -exec ${SHELLCHECKCMD} {} + | grep -v "${SHELLCHECK_SKIP}" > "${SHELLCHECKTMP}"
+ test ! -s "${SHELLCHECKTMP}" || { cat "${SHELLCHECKTMP}"; exit 1; }
+ ;;
+
+ shellcheck-with-files)
+ "$0" shellcheck || exit 1
+ "$0" shellcheck-type-files || exit 1
+ ;;
+
+ shellcheck-build-helper)
+ ${SHELLCHECKCMD} ./bin/build-helper
+ ;;
+
+ check-shellcheck)
+ "$0" shellcheck
+ printf "\\nPlease review shellcheck report.\\n"
+ while true
+ do
+ printf "Continue (yes/no)?\n"
+ any=
+ read -r any
+ case "$any" in
+ yes)
+ break
+ ;;
+ no)
+ exit 1
+ ;;
+ *)
+ printf "Please answer with 'yes' or 'no' explicitly.\n"
+ ;;
+ esac
+ done
+ ;;
+
+ version-branch)
+ "$0" changelog-version | cut -d. -f '1,2'
+ ;;
+
+ version)
+ printf "VERSION = \"%s\"\n" "$(git describe)" > cdist/version.py
+ ;;
+
+ target-version)
+ target_version=$($0 changelog-version)
+ printf "VERSION = \"%s\"\n" "${target_version}" > cdist/version.py
+ ;;
+
+ clean)
+ make clean
+
+ # Archlinux
+ rm -f cdist-*.pkg.tar.xz cdist-*.tar.gz
+ rm -rf pkg/ src/
+
+ rm -f MANIFEST PKGBUILD
+ rm -rf dist/
+
+ # Signed release
+ rm -f cdist-*.tar.gz
+ rm -f cdist-*.tar.gz.asc
+
+ # Temp files
+ rm -f ./*.tmp
+ rm -f ./.*.tmp
+ ;;
+
+ distclean)
+ "$0" clean
+ rm -f cdist/version.py
+ ;;
*)
- echo "Unknown helper target $@ - aborting"
+ printf "Unknown target: '%s'.\n" "${option}" >&2
+ usage "${basename}"
exit 1
;;
diff --git a/cdist/__init__.py b/cdist/__init__.py
index bd45e740..c673b3ba 100644
--- a/cdist/__init__.py
+++ b/cdist/__init__.py
@@ -1,6 +1,7 @@
# -*- coding: utf-8 -*-
#
-# 2010-2012 Nico Schottelius (nico-cdist at schottelius.org)
+# 2010-2015 Nico Schottelius (nico-cdist at schottelius.org)
+# 2012-2017 Steven Armstrong (steven-cdist at armstrong.cc)
#
# This file is part of cdist.
#
@@ -20,8 +21,9 @@
#
import os
-import subprocess
+import hashlib
+import cdist.log
import cdist.version
VERSION = cdist.version.VERSION
@@ -40,28 +42,199 @@ BANNER = """
"8888P' `"888*"" R888" ` ^"F 'Y"
"P' "" ""
"""
-DOT_CDIST = ".cdist"
+
+REMOTE_COPY = "scp -o User=root -q"
+REMOTE_EXEC = "ssh -o User=root"
+REMOTE_CMDS_CLEANUP_PATTERN = "ssh -o User=root -O exit -S {}"
class Error(Exception):
"""Base exception class for this project"""
pass
+
class UnresolvableRequirementsError(cdist.Error):
"""Resolving requirements failed"""
pass
-class CdistObjectError(Error):
- """Something went wrong with an object"""
-
- def __init__(self, cdist_object, message):
- self.name = cdist_object.name
- self.source = " ".join(cdist_object.source)
- self.message = message
+class CdistBetaRequired(cdist.Error):
+ """Beta functionality is used but beta is not enabled"""
+
+ def __init__(self, command, arg=None):
+ self.command = command
+ self.arg = arg
def __str__(self):
- return '%s: %s (defined at %s)' % (self.name, self.message, self.source)
+ if self.arg is None:
+ err_msg = ("\'{}\' command is beta, but beta is "
+ "not enabled. If you want to use it please enable beta "
+ "functionalities by using the -b/--beta command "
+ "line flag or setting CDIST_BETA env var.")
+ fmt_args = [self.command, ]
+ else:
+ err_msg = ("\'{}\' argument of \'{}\' command is beta, but beta "
+ "is not enabled. If you want to use it please enable "
+ "beta functionalities by using the -b/--beta "
+ "command line flag or setting CDIST_BETA env var.")
+ fmt_args = [self.arg, self.command, ]
+ return err_msg.format(*fmt_args)
+
+
+class CdistEntityError(Error):
+ """Something went wrong while executing cdist entity"""
+ def __init__(self, entity_name, entity_params, stdout_paths,
+ stderr_paths, subject=''):
+ self.entity_name = entity_name
+ self.entity_params = entity_params
+ self.stderr_paths = stderr_paths
+ self.stdout_paths = stdout_paths
+ if isinstance(subject, Error):
+ self.original_error = subject
+ else:
+ self.original_error = None
+ self.message = str(subject)
+
+ def _stdpath(self, stdpaths, header_name):
+ result = {}
+ for name, path in stdpaths:
+ if name not in result:
+ result[name] = []
+ try:
+ if os.path.exists(path) and os.path.getsize(path) > 0:
+ output = []
+ label_begin = name + ":" + header_name
+ output.append(label_begin)
+ output.append('\n')
+ output.append('-' * len(label_begin))
+ output.append('\n')
+ with open(path, 'r') as fd:
+ output.append(fd.read())
+ output.append('\n')
+ result[name].append(''.join(output))
+ except UnicodeError as ue:
+ result[name].append(('Cannot output {}:{} due to: {}.\n'
+ 'You can try to read the error file "{}"'
+ ' yourself.').format(
+ name, header_name, ue, path))
+ return result
+
+ def _stderr(self):
+ return self._stdpath(self.stderr_paths, 'stderr')
+
+ def _stdout(self):
+ return self._stdpath(self.stdout_paths, 'stdout')
+
+ def _update_dict_list(self, target, source):
+ for x in source:
+ if x not in target:
+ target[x] = []
+ target[x].extend(source[x])
+
+ @property
+ def std_streams(self):
+ std_dict = {}
+ self._update_dict_list(std_dict, self._stdout())
+ self._update_dict_list(std_dict, self._stderr())
+ return std_dict
+
+ def __str__(self):
+ output = []
+ output.append(self.message)
+ output.append('\n\n')
+ header = "Error processing " + self.entity_name
+ under_header = '=' * len(header)
+ output.append(header)
+ output.append('\n')
+ output.append(under_header)
+ output.append('\n')
+ for param_name, param_value in self.entity_params:
+ output.append(param_name + ': ' + str(param_value))
+ output.append('\n')
+ output.append('\n')
+ for x in self.std_streams:
+ output.append(''.join(self.std_streams[x]))
+ return ''.join(output)
+
+
+class CdistObjectError(CdistEntityError):
+ """Something went wrong while working on a specific cdist object"""
+ def __init__(self, cdist_object, subject=''):
+ params = [
+ ('name', cdist_object.name, ),
+ ('path', cdist_object.absolute_path, ),
+ ('source', " ".join(cdist_object.source), ),
+ ('type', os.path.realpath(
+ cdist_object.cdist_type.absolute_path), ),
+ ]
+ stderr_paths = []
+ for stderr_name in os.listdir(cdist_object.stderr_path):
+ stderr_path = os.path.join(cdist_object.stderr_path,
+ stderr_name)
+ stderr_paths.append((stderr_name, stderr_path, ))
+ stdout_paths = []
+ for stdout_name in os.listdir(cdist_object.stdout_path):
+ stdout_path = os.path.join(cdist_object.stdout_path,
+ stdout_name)
+ stdout_paths.append((stdout_name, stdout_path, ))
+ super().__init__("object '{}'".format(cdist_object.name),
+ params, stdout_paths, stderr_paths, subject)
+
+
+class CdistObjectExplorerError(CdistEntityError):
+ """
+ Something went wrong while working on a specific
+ cdist object explorer
+ """
+ def __init__(self, cdist_object, explorer_name, explorer_path,
+ stderr_path, subject=''):
+ params = [
+ ('object name', cdist_object.name, ),
+ ('object path', cdist_object.absolute_path, ),
+ ('object source', " ".join(cdist_object.source), ),
+ ('object type', os.path.realpath(
+ cdist_object.cdist_type.absolute_path), ),
+ ('explorer name', explorer_name, ),
+ ('explorer path', explorer_path, ),
+ ]
+ stdout_paths = []
+ stderr_paths = [
+ ('remote', stderr_path, ),
+ ]
+ super().__init__("explorer '{}' of object '{}'".format(
+ explorer_name, cdist_object.name), params, stdout_paths,
+ stderr_paths, subject)
+
+
+class InitialManifestError(CdistEntityError):
+ """Something went wrong while executing initial manifest"""
+ def __init__(self, initial_manifest, stdout_path, stderr_path, subject=''):
+ params = [
+ ('path', initial_manifest, ),
+ ]
+ stdout_paths = [
+ ('init', stdout_path, ),
+ ]
+ stderr_paths = [
+ ('init', stderr_path, ),
+ ]
+ super().__init__('initial manifest', params, stdout_paths,
+ stderr_paths, subject)
+
+
+class GlobalExplorerError(CdistEntityError):
+ """Something went wrong while executing global explorer"""
+ def __init__(self, name, path, stderr_path, subject=''):
+ params = [
+ ('name', name, ),
+ ('path', path, ),
+ ]
+ stderr_paths = [
+ ('remote', stderr_path, ),
+ ]
+ super().__init__("global explorer '{}'".format(name),
+ params, [], stderr_paths, subject)
+
def file_to_list(filename):
"""Return list from \n seperated file"""
@@ -76,3 +249,23 @@ def file_to_list(filename):
lines = []
return lines
+
+
+def str_hash(s):
+ """Return hash of string s"""
+ if isinstance(s, str):
+ return hashlib.md5(s.encode('utf-8')).hexdigest()
+ else:
+ raise Error("Param should be string")
+
+
+def home_dir():
+ if 'HOME' in os.environ:
+ home = os.environ['HOME']
+ if home:
+ rv = os.path.join(home, ".cdist")
+ else:
+ rv = None
+ else:
+ rv = None
+ return rv
diff --git a/cdist/argparse.py b/cdist/argparse.py
new file mode 100644
index 00000000..611c484a
--- /dev/null
+++ b/cdist/argparse.py
@@ -0,0 +1,505 @@
+import argparse
+import cdist
+import multiprocessing
+import logging
+import collections
+import functools
+import cdist.configuration
+import cdist.preos
+import cdist.info
+
+
+# set of beta sub-commands
+BETA_COMMANDS = set(('install', 'inventory', ))
+# set of beta arguments for sub-commands
+BETA_ARGS = {
+ 'config': set(('tag', 'all_tagged_hosts', 'use_archiving', )),
+}
+EPILOG = "Get cdist at https://code.ungleich.ch/ungleich-public/cdist"
+# Parser others can reuse
+parser = None
+
+
+_verbosity_level_off = -2
+_verbosity_level = {
+ None: logging.WARNING,
+ _verbosity_level_off: logging.OFF,
+ -1: logging.ERROR,
+ 0: logging.WARNING,
+ 1: logging.INFO,
+ 2: logging.VERBOSE,
+ 3: logging.DEBUG,
+ 4: logging.TRACE,
+}
+
+
+# Generate verbosity level constants:
+# VERBOSE_OFF, VERBOSE_ERROR, VERBOSE_WARNING, VERBOSE_INFO, VERBOSE_VERBOSE,
+# VERBOSE_DEBUG, VERBOSE_TRACE.
+this_globals = globals()
+for level in _verbosity_level:
+ const = 'VERBOSE_' + logging.getLevelName(_verbosity_level[level])
+ this_globals[const] = level
+
+
+# All verbosity levels above 4 are TRACE.
+_verbosity_level = collections.defaultdict(
+ lambda: logging.TRACE, _verbosity_level)
+
+
+def add_beta_command(cmd):
+ BETA_COMMANDS.add(cmd)
+
+
+def add_beta_arg(cmd, arg):
+ if cmd in BETA_ARGS:
+ if arg not in BETA_ARGS[cmd]:
+ BETA_ARGS[cmd].append(arg)
+ else:
+ BETA_ARGS[cmd] = set((arg, ))
+
+
+def check_beta(args_dict):
+ if 'beta' not in args_dict:
+ args_dict['beta'] = False
+ # Check only if beta is not enabled: if beta option is specified then
+ # raise error.
+ if not args_dict['beta']:
+ cmd = args_dict['command']
+ # first check if command is beta
+ if cmd in BETA_COMMANDS:
+ raise cdist.CdistBetaRequired(cmd)
+ # then check if some command's argument is beta
+ if cmd in BETA_ARGS:
+ for arg in BETA_ARGS[cmd]:
+ if arg in args_dict and args_dict[arg]:
+ raise cdist.CdistBetaRequired(cmd, arg)
+
+
+def check_lower_bounded_int(value, lower_bound, name):
+ try:
+ val = int(value)
+ except ValueError:
+ raise argparse.ArgumentTypeError(
+ "{} is invalid int value".format(value))
+ if val < lower_bound:
+ raise argparse.ArgumentTypeError(
+ "{} is invalid {} value".format(val, name))
+ return val
+
+
+def get_parsers():
+ global parser
+
+ # Construct parser others can reuse
+ if parser:
+ return parser
+ else:
+ parser = {}
+ # Options _all_ parsers have in common
+ parser['loglevel'] = argparse.ArgumentParser(add_help=False)
+ parser['loglevel'].add_argument(
+ '-l', '--log-level', metavar='LOGLEVEL',
+ type=functools.partial(check_lower_bounded_int, lower_bound=-1,
+ name="log level"),
+ help=('Set the specified verbosity level. '
+ 'The levels, in order from the lowest to the highest, are: '
+ 'ERROR (-1), WARNING (0), INFO (1), VERBOSE (2), DEBUG (3), '
+ 'TRACE (4 or higher). If used along with -v then -v '
+ 'increases last set value and -l overwrites last set '
+ 'value.'),
+ action='store', dest='verbose', required=False)
+ parser['loglevel'].add_argument(
+ '-q', '--quiet',
+ help='Quiet mode: disables logging, including WARNING and ERROR.',
+ action='store_true', default=False)
+ parser['loglevel'].add_argument(
+ '-v', '--verbose',
+ help=('Increase the verbosity level. Every instance of -v '
+ 'increments the verbosity level by one. Its default value '
+ 'is 0 which includes ERROR and WARNING levels. '
+ 'The levels, in order from the lowest to the highest, are: '
+ 'ERROR (-1), WARNING (0), INFO (1), VERBOSE (2), DEBUG (3) '
+ 'TRACE (4 or higher). If used along with -l then -l '
+ 'overwrites last set value and -v increases last set '
+ 'value.'),
+ action='count', default=None)
+
+ parser['beta'] = argparse.ArgumentParser(add_help=False)
+ parser['beta'].add_argument(
+ '-b', '--beta',
+ help=('Enable beta functionality. '),
+ action='store_true', dest='beta', default=None)
+
+ # Main subcommand parser
+ parser['main'] = argparse.ArgumentParser(
+ description='cdist ' + cdist.VERSION)
+ parser['main'].add_argument(
+ '-V', '--version', help='Show version.', action='version',
+ version='%(prog)s ' + cdist.VERSION)
+ parser['sub'] = parser['main'].add_subparsers(
+ title="Commands", dest="command")
+
+ # Banner
+ parser['banner'] = parser['sub'].add_parser(
+ 'banner', parents=[parser['loglevel']])
+ parser['banner'].set_defaults(func=cdist.banner.banner)
+
+ parser['inventory_common'] = argparse.ArgumentParser(add_help=False)
+ parser['inventory_common'].add_argument(
+ '-I', '--inventory',
+ help=('Use specified custom inventory directory. '
+ 'Inventory directory is set up by the following rules: '
+ 'if cdist configuration resolves this value then specified '
+ 'directory is used, '
+ 'if HOME env var is set then ~/.cdist/inventory is '
+ 'used, otherwise distribution inventory directory is used.'),
+ dest="inventory_dir", required=False)
+
+ parser['common'] = argparse.ArgumentParser(add_help=False)
+ parser['common'].add_argument(
+ '-g', '--config-file',
+ help=('Use specified custom configuration file.'),
+ dest="config_file", required=False)
+
+ # Config
+ parser['config_main'] = argparse.ArgumentParser(add_help=False)
+ parser['config_main'].add_argument(
+ '-4', '--force-ipv4',
+ help=('Force to use IPv4 addresses only. No influence for custom'
+ ' remote commands.'),
+ action='store_const', dest='force_ipv', const=4)
+ parser['config_main'].add_argument(
+ '-6', '--force-ipv6',
+ help=('Force to use IPv6 addresses only. No influence for custom'
+ ' remote commands.'),
+ action='store_const', dest='force_ipv', const=6)
+ parser['config_main'].add_argument(
+ '-C', '--cache-path-pattern',
+ help=('Specify custom cache path pattern. If '
+ 'it is not set then default hostdir is used.'),
+ dest='cache_path_pattern',
+ default=None)
+ parser['config_main'].add_argument(
+ '-c', '--conf-dir',
+ help=('Add configuration directory (can be repeated, '
+ 'last one wins).'), action='append')
+ parser['config_main'].add_argument(
+ '-i', '--initial-manifest',
+ help='Path to a cdist manifest or \'-\' to read from stdin.',
+ dest='manifest', required=False)
+ parser['config_main'].add_argument(
+ '-j', '--jobs', nargs='?',
+ type=functools.partial(check_lower_bounded_int, lower_bound=1,
+ name="positive int"),
+ help=('Operate in parallel in specified maximum number of jobs. '
+ 'Global explorers, object prepare and object run are '
+ 'supported. Without argument CPU count is used by default. '),
+ action='store', dest='jobs',
+ const=multiprocessing.cpu_count())
+ parser['config_main'].add_argument(
+ '-n', '--dry-run',
+ help='Do not execute code.', action='store_true')
+ parser['config_main'].add_argument(
+ '-o', '--out-dir',
+ help='Directory to save cdist output in.', dest="out_path")
+ parser['config_main'].add_argument(
+ '-P', '--timestamp',
+ help=('Timestamp log messages with the current local date and time '
+ 'in the format: YYYYMMDDHHMMSS.us.'),
+ action='store_true', dest='timestamp')
+ parser['config_main'].add_argument(
+ '-R', '--use-archiving', nargs='?',
+ choices=('tar', 'tgz', 'tbz2', 'txz',),
+ help=('Operate by using archiving with compression where '
+ 'appropriate. Supported values are: tar - tar archive, '
+ 'tgz - gzip tar archive (the default), '
+ 'tbz2 - bzip2 tar archive and txz - lzma tar archive. '
+ 'Currently in beta.'),
+ action='store', dest='use_archiving',
+ const='tgz')
+
+ # remote-copy and remote-exec defaults are environment variables
+ # if set; if not then None - these will be futher handled after
+ # parsing to determine implementation default
+ parser['config_main'].add_argument(
+ '-r', '--remote-out-dir',
+ help='Directory to save cdist output in on the target host.',
+ dest="remote_out_path")
+ parser['config_main'].add_argument(
+ '--remote-copy',
+ help='Command to use for remote copy (should behave like scp).',
+ action='store', dest='remote_copy',
+ default=None)
+ parser['config_main'].add_argument(
+ '--remote-exec',
+ help=('Command to use for remote execution '
+ '(should behave like ssh).'),
+ action='store', dest='remote_exec',
+ default=None)
+ parser['config_main'].add_argument(
+ '-S', '--disable-saving-output-streams',
+ help='Disable saving output streams.',
+ action='store_false', dest='save_output_streams', default=True)
+
+ # Config
+ parser['config_args'] = argparse.ArgumentParser(add_help=False)
+ parser['config_args'].add_argument(
+ '-A', '--all-tagged',
+ help=('Use all hosts present in tags db. Currently in beta.'),
+ action="store_true", dest="all_tagged_hosts", default=False)
+ parser['config_args'].add_argument(
+ '-a', '--all',
+ help=('List hosts that have all specified tags, '
+ 'if -t/--tag is specified.'),
+ action="store_true", dest="has_all_tags", default=False)
+ parser['config_args'].add_argument(
+ '-f', '--file',
+ help=('Read specified file for a list of additional hosts to '
+ 'operate on or if \'-\' is given, read stdin (one host per '
+ 'line). If no host or host file is specified then, by '
+ 'default, read hosts from stdin.'),
+ dest='hostfile', required=False)
+ parser['config_args'].add_argument(
+ '-p', '--parallel', nargs='?', metavar='HOST_MAX',
+ type=functools.partial(check_lower_bounded_int, lower_bound=1,
+ name="positive int"),
+ help=('Operate on multiple hosts in parallel for specified maximum '
+ 'hosts at a time. Without argument CPU count is used by '
+ 'default.'),
+ action='store', dest='parallel',
+ const=multiprocessing.cpu_count())
+ parser['config_args'].add_argument(
+ '-s', '--sequential',
+ help='Operate on multiple hosts sequentially (default).',
+ action='store_const', dest='parallel', const=0)
+ parser['config_args'].add_argument(
+ '-t', '--tag',
+ help=('Host is specified by tag, not hostname/address; '
+ 'list all hosts that contain any of specified tags. '
+ 'Currently in beta.'),
+ dest='tag', required=False, action="store_true", default=False)
+ parser['config_args'].add_argument(
+ 'host', nargs='*', help='Host(s) to operate on.')
+ parser['config'] = parser['sub'].add_parser(
+ 'config', parents=[parser['loglevel'], parser['beta'],
+ parser['common'],
+ parser['config_main'],
+ parser['inventory_common'],
+ parser['config_args']])
+ parser['config'].set_defaults(func=cdist.config.Config.commandline)
+
+ # Install
+ parser['install'] = parser['sub'].add_parser('install', add_help=False,
+ parents=[parser['config']])
+ parser['install'].set_defaults(func=cdist.install.Install.commandline)
+
+ # Inventory
+ parser['inventory'] = parser['sub'].add_parser('inventory')
+ parser['invsub'] = parser['inventory'].add_subparsers(
+ title="Inventory commands", dest="subcommand")
+
+ parser['add-host'] = parser['invsub'].add_parser(
+ 'add-host', parents=[parser['loglevel'], parser['beta'],
+ parser['common'],
+ parser['inventory_common']])
+ parser['add-host'].add_argument(
+ 'host', nargs='*', help='Host(s) to add.')
+ parser['add-host'].add_argument(
+ '-f', '--file',
+ help=('Read additional hosts to add from specified file '
+ 'or from stdin if \'-\' (each host on separate line). '
+ 'If no host or host file is specified then, by default, '
+ 'read from stdin.'),
+ dest='hostfile', required=False)
+
+ parser['add-tag'] = parser['invsub'].add_parser(
+ 'add-tag', parents=[parser['loglevel'], parser['beta'],
+ parser['common'],
+ parser['inventory_common']])
+ parser['add-tag'].add_argument(
+ 'host', nargs='*',
+ help='List of host(s) for which tags are added.')
+ parser['add-tag'].add_argument(
+ '-f', '--file',
+ help=('Read additional hosts to add tags from specified file '
+ 'or from stdin if \'-\' (each host on separate line). '
+ 'If no host or host file is specified then, by default, '
+ 'read from stdin. If no tags/tagfile nor hosts/hostfile'
+ ' are specified then tags are read from stdin and are'
+ ' added to all hosts.'),
+ dest='hostfile', required=False)
+ parser['add-tag'].add_argument(
+ '-T', '--tag-file',
+ help=('Read additional tags to add from specified file '
+ 'or from stdin if \'-\' (each tag on separate line). '
+ 'If no tag or tag file is specified then, by default, '
+ 'read from stdin. If no tags/tagfile nor hosts/hostfile'
+ ' are specified then tags are read from stdin and are'
+ ' added to all hosts.'),
+ dest='tagfile', required=False)
+ parser['add-tag'].add_argument(
+ '-t', '--taglist',
+ help=("Tag list to be added for specified host(s), comma separated"
+ " values."),
+ dest="taglist", required=False)
+
+ parser['del-host'] = parser['invsub'].add_parser(
+ 'del-host', parents=[parser['loglevel'], parser['beta'],
+ parser['common'],
+ parser['inventory_common']])
+ parser['del-host'].add_argument(
+ 'host', nargs='*', help='Host(s) to delete.')
+ parser['del-host'].add_argument(
+ '-a', '--all', help=('Delete all hosts.'),
+ dest='all', required=False, action="store_true", default=False)
+ parser['del-host'].add_argument(
+ '-f', '--file',
+ help=('Read additional hosts to delete from specified file '
+ 'or from stdin if \'-\' (each host on separate line). '
+ 'If no host or host file is specified then, by default, '
+ 'read from stdin.'),
+ dest='hostfile', required=False)
+
+ parser['del-tag'] = parser['invsub'].add_parser(
+ 'del-tag', parents=[parser['loglevel'], parser['beta'],
+ parser['common'],
+ parser['inventory_common']])
+ parser['del-tag'].add_argument(
+ 'host', nargs='*',
+ help='List of host(s) for which tags are deleted.')
+ parser['del-tag'].add_argument(
+ '-a', '--all',
+ help=('Delete all tags for specified host(s).'),
+ dest='all', required=False, action="store_true", default=False)
+ parser['del-tag'].add_argument(
+ '-f', '--file',
+ help=('Read additional hosts to delete tags for from specified '
+ 'file or from stdin if \'-\' (each host on separate line). '
+ 'If no host or host file is specified then, by default, '
+ 'read from stdin. If no tags/tagfile nor hosts/hostfile'
+ ' are specified then tags are read from stdin and are'
+ ' deleted from all hosts.'),
+ dest='hostfile', required=False)
+ parser['del-tag'].add_argument(
+ '-T', '--tag-file',
+ help=('Read additional tags from specified file '
+ 'or from stdin if \'-\' (each tag on separate line). '
+ 'If no tag or tag file is specified then, by default, '
+ 'read from stdin. If no tags/tagfile nor'
+ ' hosts/hostfile are specified then tags are read from'
+ ' stdin and are added to all hosts.'),
+ dest='tagfile', required=False)
+ parser['del-tag'].add_argument(
+ '-t', '--taglist',
+ help=("Tag list to be deleted for specified host(s), "
+ "comma separated values."),
+ dest="taglist", required=False)
+
+ parser['list'] = parser['invsub'].add_parser(
+ 'list', parents=[parser['loglevel'], parser['beta'],
+ parser['common'],
+ parser['inventory_common']])
+ parser['list'].add_argument(
+ 'host', nargs='*', help='Host(s) to list.')
+ parser['list'].add_argument(
+ '-a', '--all',
+ help=('List hosts that have all specified tags, '
+ 'if -t/--tag is specified.'),
+ action="store_true", dest="has_all_tags", default=False)
+ parser['list'].add_argument(
+ '-f', '--file',
+ help=('Read additional hosts to list from specified file '
+ 'or from stdin if \'-\' (each host on separate line). '
+ 'If no host or host file is specified then, by default, '
+ 'list all.'), dest='hostfile', required=False)
+ parser['list'].add_argument(
+ '-H', '--host-only', help=('Suppress tags listing.'),
+ action="store_true", dest="list_only_host", default=False)
+ parser['list'].add_argument(
+ '-t', '--tag',
+ help=('Host is specified by tag, not hostname/address; '
+ 'list all hosts that contain any of specified tags.'),
+ action="store_true", default=False)
+
+ parser['inventory'].set_defaults(
+ func=cdist.inventory.Inventory.commandline)
+
+ # PreOS
+ parser['preos'] = parser['sub'].add_parser('preos', add_help=False)
+
+ # Shell
+ parser['shell'] = parser['sub'].add_parser(
+ 'shell', parents=[parser['loglevel']])
+ parser['shell'].add_argument(
+ '-s', '--shell',
+ help=('Select shell to use, defaults to current shell. Used shell'
+ ' should be POSIX compatible shell.'))
+ parser['shell'].set_defaults(func=cdist.shell.Shell.commandline)
+
+ # Info
+ parser['info'] = parser['sub'].add_parser('info')
+ parser['info'].add_argument(
+ '-a', '--all', help='Display all info. This is the default.',
+ action='store_true', default=False)
+ parser['info'].add_argument(
+ '-c', '--conf-dir',
+ help='Add configuration directory (can be repeated).',
+ action='append')
+ parser['info'].add_argument(
+ '-e', '--global-explorers',
+ help='Display info for global explorers.', action='store_true',
+ default=False)
+ parser['info'].add_argument(
+ '-F', '--fixed-string',
+ help='Interpret pattern as a fixed string.', action='store_true',
+ default=False)
+ parser['info'].add_argument(
+ '-f', '--full', help='Display full details.',
+ action='store_true', default=False)
+ parser['info'].add_argument(
+ '-g', '--config-file',
+ help='Use specified custom configuration file.',
+ dest="config_file", required=False)
+ parser['info'].add_argument(
+ '-t', '--types', help='Display info for types.',
+ action='store_true', default=False)
+ parser['info'].add_argument(
+ 'pattern', nargs='?', help='Glob pattern.')
+ parser['info'].set_defaults(func=cdist.info.Info.commandline)
+
+ for p in parser:
+ parser[p].epilog = EPILOG
+
+ return parser
+
+
+def handle_loglevel(args):
+ if hasattr(args, 'quiet') and args.quiet:
+ args.verbose = _verbosity_level_off
+
+ logging.root.setLevel(_verbosity_level[args.verbose])
+
+
+def parse_and_configure(argv, singleton=True):
+ parser = get_parsers()
+ parser_args = parser['main'].parse_args(argv)
+ try:
+ cfg = cdist.configuration.Configuration(parser_args,
+ singleton=singleton)
+ args = cfg.get_args()
+ except ValueError as e:
+ raise cdist.Error(str(e))
+ # Loglevels are handled globally in here
+ handle_loglevel(args)
+
+ log = logging.getLogger("cdist")
+
+ log.verbose("version %s" % cdist.VERSION)
+ log.trace('command line args: {}'.format(cfg.command_line_args))
+ log.trace('configuration: {}'.format(cfg.get_config()))
+ log.trace('configured args: {}'.format(args))
+
+ check_beta(vars(args))
+
+ return parser, cfg
diff --git a/cdist/autil.py b/cdist/autil.py
new file mode 100644
index 00000000..d16d147e
--- /dev/null
+++ b/cdist/autil.py
@@ -0,0 +1,71 @@
+# -*- coding: utf-8 -*-
+#
+# 2017 Darko Poljak (darko.poljak at gmail.com)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+
+
+import cdist
+import tarfile
+import os
+import glob
+import tempfile
+
+
+_ARCHIVING_MODES = {
+ 'tar': '',
+ 'tgz': 'gz',
+ 'tbz2': 'bz2',
+ 'txz': 'xz',
+}
+
+
+_UNARCHIVE_OPT = {
+ 'tar': None,
+ 'tgz': '-z',
+ 'tbz2': '-j',
+ 'txz': '-J',
+}
+
+
+# Archiving will be enabled if directory contains more than FILES_LIMIT files.
+FILES_LIMIT = 1
+
+
+def get_extract_option(mode):
+ return _UNARCHIVE_OPT[mode]
+
+
+def tar(source, mode="tgz"):
+ if mode not in _ARCHIVING_MODES:
+ raise cdist.Error("Unsupported archiving mode {}.".format(mode))
+
+ files = glob.glob1(source, '*')
+ fcnt = len(files)
+ if fcnt <= FILES_LIMIT:
+ return None, fcnt
+
+ tarmode = 'w:{}'.format(_ARCHIVING_MODES[mode])
+ _, tarpath = tempfile.mkstemp(suffix='.' + mode)
+ with tarfile.open(tarpath, tarmode, dereference=True) as tar:
+ if os.path.isdir(source):
+ for f in files:
+ tar.add(os.path.join(source, f), arcname=f)
+ else:
+ tar.add(source)
+ return tarpath, fcnt
diff --git a/cdist/banner.py b/cdist/banner.py
index edfa72e8..da4dea5d 100644
--- a/cdist/banner.py
+++ b/cdist/banner.py
@@ -20,8 +20,6 @@
#
import logging
-import sys
-
import cdist
log = logging.getLogger(__name__)
diff --git a/cdist/conf/explorer/cpu_cores b/cdist/conf/explorer/cpu_cores
new file mode 100755
index 00000000..a52bddac
--- /dev/null
+++ b/cdist/conf/explorer/cpu_cores
@@ -0,0 +1,44 @@
+#!/bin/sh
+#
+# 2014 Daniel Heule (hda at sfs.biz)
+# 2014 Thomas Oettli (otho at sfs.biz)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+
+# FIXME: other system types (not linux ...)
+
+os=$("$__explorer/os")
+case "$os" in
+ "macosx")
+ sysctl -n hw.physicalcpu
+ ;;
+
+ "openbsd")
+ sysctl -n hw.ncpuonline
+ ;;
+
+ *)
+ if [ -r /proc/cpuinfo ]; then
+ cores="$(grep "core id" /proc/cpuinfo | sort | uniq | wc -l)"
+ if [ "${cores}" -eq 0 ]; then
+ cores="1"
+ fi
+ echo "$cores"
+ fi
+ ;;
+esac
diff --git a/cdist/conf/explorer/cpu_sockets b/cdist/conf/explorer/cpu_sockets
new file mode 100755
index 00000000..a32e2f00
--- /dev/null
+++ b/cdist/conf/explorer/cpu_sockets
@@ -0,0 +1,40 @@
+#!/bin/sh
+#
+# 2014 Daniel Heule (hda at sfs.biz)
+# 2014 Thomas Oettli (otho at sfs.biz)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+
+# FIXME: other system types (not linux ...)
+
+os=$("$__explorer/os")
+case "$os" in
+ "macosx")
+ system_profiler SPHardwareDataType | grep "Number of Processors" | awk -F': ' '{print $2}'
+ ;;
+
+ *)
+ if [ -r /proc/cpuinfo ]; then
+ sockets="$(grep "physical id" /proc/cpuinfo | sort -u | wc -l)"
+ if [ "${sockets}" -eq 0 ]; then
+ sockets="$(grep -c "processor" /proc/cpuinfo)"
+ fi
+ echo "${sockets}"
+ fi
+ ;;
+esac
diff --git a/cdist/conf/explorer/disks b/cdist/conf/explorer/disks
new file mode 100755
index 00000000..24540601
--- /dev/null
+++ b/cdist/conf/explorer/disks
@@ -0,0 +1,67 @@
+#!/bin/sh -e
+#
+# based on previous work by other people, modified by:
+# 2020 Dennis Camera
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+# Finds disks of the system (excl. ram disks, floppy, cdrom)
+
+uname_s="$(uname -s)"
+
+case $uname_s in
+ FreeBSD)
+ sysctl -n kern.disks
+ ;;
+ OpenBSD)
+ sysctl -n hw.disknames | grep -Eo '[lsw]d[0-9]+'
+ ;;
+ NetBSD)
+ PATH="${PATH}:/usr/local/sbin:/usr/sbin:/sbin"
+ sysctl -n hw.disknames \
+ | awk 'BEGIN { RS = " " } /^[lsw]d[0-9]+/'
+ ;;
+ Linux)
+ # list of major device numbers toexclude:
+ # ram disks, floppies, cdroms
+ # https://www.kernel.org/doc/Documentation/admin-guide/devices.txt
+ ign_majors='1 2 11'
+
+ if command -v lsblk >/dev/null 2>&1
+ then
+ lsblk -e "$(echo "$ign_majors" | tr ' ' ',')" -dno name
+ elif test -d /sys/block/
+ then
+ # shellcheck disable=SC2012
+ ls -1 /sys/block/ \
+ | awk -v ign_majors="$(echo "$ign_majors" | tr ' ' '|')" '
+ {
+ devfile = "/sys/block/" $0 "/dev"
+ getline devno < devfile
+ close(devfile)
+ if (devno !~ "^(" ign_majors "):") print
+ }'
+ else
+ echo "Don't know how to list disks on Linux without lsblk and sysfs." >&2
+ echo 'If you can, please submit a patch.'>&2
+ fi
+ ;;
+ *)
+ printf "Don't know how to list disks for %s operating system.\n" "${uname_s}" >&2
+ printf 'If you can please submit a patch\n' >&2
+ ;;
+esac \
+| xargs
diff --git a/cdist/conf/explorer/hostname b/cdist/conf/explorer/hostname
index 881c910a..dca004d1 100755
--- a/cdist/conf/explorer/hostname
+++ b/cdist/conf/explorer/hostname
@@ -1,7 +1,6 @@
#!/bin/sh
#
-# 2010-2011 Nico Schottelius (nico-cdist at schottelius.org)
-# 2012 Steven Armstrong (steven-cdist at armstrong.cc)
+# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
#
# This file is part of cdist.
#
@@ -19,7 +18,12 @@
# along with cdist. If not, see .
#
#
+# Retrieve the running hostname
+#
-if command -v hostname >/dev/null; then
- hostname -f
+if command -v hostname >/dev/null
+then
+ hostname
+else
+ uname -n
fi
diff --git a/cdist/conf/explorer/init b/cdist/conf/explorer/init
new file mode 100755
index 00000000..f27c77ef
--- /dev/null
+++ b/cdist/conf/explorer/init
@@ -0,0 +1,442 @@
+#!/bin/sh -e
+#
+# 2016 Daniel Heule (hda at sfs.biz)
+# Copyright 2017, Philippe Gregoire
+# 2020 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# Returns the name of the init system (PID 1)
+
+# Expected values:
+# Linux:
+# Adélie Linux:
+# sysvinit+openrc
+# Alpine Linux:
+# busybox-init+openrc
+# ArchLinux:
+# systemd, sysvinit
+# CRUX:
+# sysvinit
+# Debian:
+# systemd, upstart, sysvinit, openrc, ???
+# Devuan:
+# sysvinit, sysvinit+openrc
+# Gentoo:
+# sysvinit+openrc, openrc-init, systemd
+# OpenBMC:
+# systemd
+# OpenWrt:
+# procd, init???
+# RedHat (RHEL, CentOS, Fedora, RedHat Linux, ...):
+# systemd, upstart, upstart-legacy, sysvinit
+# Slackware:
+# sysvinit
+# SuSE:
+# systemd, sysvinit
+# Ubuntu:
+# systemd, upstart, upstart-legacy, sysvinit
+# VoidLinux:
+# runit
+#
+# GNU:
+# Debian:
+# sysvinit, hurd-init
+#
+# BSD:
+# {Free,Open,Net}BSD:
+# init
+#
+# Mac OS X:
+# launchd, init+SystemStarter
+#
+# Solaris/Illumos:
+# smf, init???
+
+# NOTE: init systems can be stacked. This is popular to run OpenRC on top of
+# sysvinit (Gentoo) or busybox-init (Alpine), but can also be used to run runit
+# as a systemd service. This makes init system detection very complicated
+# (which result is expected?) This script tries to untangle some combinations,
+# OpenRC on top of sysv or busybox (X+openrc), but will ignore others (runit as
+# a systemd service)
+
+# NOTE: When we have no idea, nothing will be printed!
+
+# NOTE:
+# When trying to gather information about the init system make sure to do so
+# without calling the binary! On some systems this triggers a reinitialisation
+# of the system which we don't want (e.g. embedded systems).
+
+
+set -e
+
+KERNEL_NAME=$(uname -s)
+
+KNOWN_INIT_SYSTEMS=$(cat </dev/null 2>&1 || return 1
+ launchctl getenv PATH >/dev/null || return 1
+ echo launchd
+}
+
+check_openrc() {
+ test -f /run/openrc/softlevel || return 1
+ echo openrc
+}
+
+check_procd() (
+ procd_path=${1:-/sbin/procd}
+ test -x "${procd_path}" || return 1
+ grep -q 'procd' "${procd_path}" || return 1
+ echo procd
+)
+
+check_runit() {
+ test -d /run/runit || return 1
+ echo runit
+}
+
+check_smf() {
+ # XXX: Is this the correct way??
+ test -f /etc/svc/volatile/svc_nonpersist.db || return 1
+ echo smf
+}
+
+check_systemd() {
+ # NOTE: sd_booted(3)
+ test -d /run/systemd/system/ || return 1
+ # systemctl --version | sed -e '/^systemd/!d;s/^systemd //'
+ echo systemd
+}
+
+check_systemstarter() {
+ test -d /System/Library/StartupItems/ || return 1
+ test -f /System/Library/StartupItems/LoginWindow/StartupParameters.plist || return 1
+ echo init+SystemStarter
+}
+
+check_sysvinit() (
+ init_path=${1:-/sbin/init}
+ test -x "${init_path}" || return 1
+ grep -q 'INIT_VERSION=sysvinit-[0-9.]*' "${init_path}" || return 1
+
+ # It is quite common to use SysVinit to stack other init systemd
+ # (like OpenRC) on top of it. So we check for that, too.
+ if stacked=$(check_openrc)
+ then
+ echo "sysvinit+${stacked}"
+ else
+ echo sysvinit
+ fi
+ unset stacked
+)
+
+check_upstart() {
+ test -x "$(command -v initctl)" || return 1
+ case $(initctl version)
+ in
+ *'(upstart '*')')
+ if test -d /etc/init
+ then
+ # modern (DBus-based?) upstart >= 0.5
+ echo upstart
+ elif test -d /etc/event.d
+ then
+ # ancient upstart
+ echo upstart-legacy
+ else
+ # whatever...
+ echo upstart
+ fi
+ ;;
+ *)
+ return 1
+ ;;
+ esac
+}
+
+find_init_procfs() (
+ # First, check if the required file in procfs exists...
+ test -h /proc/1/exe || return 1
+
+ # Find init executable
+ init_exe=$(ls -l /proc/1/exe 2>/dev/null) || return 1
+ init_exe=${init_exe#* -> }
+
+ if ! test -x "$init_exe"
+ then
+ # On some rare occasions it can happen that the
+ # running init's binary has been replaced. In this
+ # case Linux adjusts the symlink to "X (deleted)"
+
+ # [root@fedora-12 ~]# readlink /proc/1/exe
+ # /sbin/init (deleted)
+ # [root@fedora-12 ~]# ls -l /proc/1/exe
+ # lrwxrwxrwx. 1 root root 0 2020-01-30 23:00 /proc/1/exe -> /sbin/init (deleted)
+
+ init_exe=${init_exe% (deleted)}
+ test -x "$init_exe" || return 1
+ fi
+
+ echo "${init_exe}"
+)
+
+guess_by_path() {
+ case $1
+ in
+ /bin/busybox)
+ check_busybox_init "$1" && return
+ ;;
+ /lib/systemd/systemd)
+ check_systemd "$1" && return
+ ;;
+ /hurd/init)
+ check_hurd_init "$1" && return
+ ;;
+ /sbin/launchd)
+ check_launchd "$1" && return
+ ;;
+ /usr/bin/runit|/sbin/runit)
+ check_runit "$1" && return
+ ;;
+ /sbin/openrc-init)
+ if check_openrc "$1" >/dev/null
+ then
+ echo openrc-init
+ return
+ fi
+ ;;
+ /sbin/procd)
+ check_procd "$1" && return
+ ;;
+ /sbin/init|*/init)
+ # init: it could be anything -> (explicit) no match
+ return 1
+ ;;
+ esac
+
+ # No match
+ return 1
+}
+
+guess_by_comm_name() {
+ case $1
+ in
+ busybox)
+ check_busybox_init && return
+ ;;
+ openrc-init)
+ if check_openrc >/dev/null
+ then
+ echo openrc-init
+ return 0
+ fi
+ ;;
+ init)
+ # init could be anything -> no match
+ return 1
+ ;;
+ *)
+ # Run check function by comm name if available.
+ # Fall back to comm name if either it does not exist or
+ # returns non-zero.
+ if type "check_$1" >/dev/null
+ then
+ "check_$1" && return
+ else
+ echo "$1" ; return 0
+ fi
+ esac
+
+ return 1
+}
+
+check_list() (
+ # List must be a multi-line input on stdin (one name per line)
+ while read -r init
+ do
+ "check_${init}" || continue
+ return 0
+ done
+ return 1
+)
+
+
+# BusyBox's versions of ps and pgrep do not support some options
+# depending on which compile-time options have been used.
+
+find_init_pgrep() {
+ pgrep -P0 -fl 2>/dev/null | awk -F '[[:blank:]]' '$1 == 1 { print $2 }'
+}
+
+find_init_ps() {
+ case $KERNEL_NAME
+ in
+ Darwin)
+ ps -o command -p 1 2>/dev/null | tail -n +2
+ ;;
+ FreeBSD)
+ ps -o args= -p 1 2>/dev/null | cut -d ' ' -f 1
+ ;;
+ Linux)
+ ps -o comm= -p 1 2>/dev/null
+ ;;
+ NetBSD)
+ ps -o comm= -p 1 2>/dev/null
+ ;;
+ OpenBSD)
+ ps -o args -p 1 2>/dev/null | tail -n +2 | cut -d ' ' -f 1
+ ;;
+ *)
+ ps -o args= -p 1 2>/dev/null
+ ;;
+ esac | trim # trim trailing whitespace (some ps like Darwin add it)
+}
+
+find_init() {
+ case $KERNEL_NAME
+ in
+ Linux|GNU|NetBSD)
+ find_init_procfs || find_init_pgrep || find_init_ps
+ ;;
+ FreeBSD)
+ find_init_procfs || find_init_ps
+ ;;
+ OpenBSD)
+ find_init_pgrep || find_init_ps
+ ;;
+ Darwin|SunOS)
+ find_init_ps
+ ;;
+ *)
+ echo "Don't know how to determine init." >&2
+ echo 'Please send a patch.' >&2
+ exit 1
+ esac
+}
+
+# -----
+
+init=$(find_init)
+
+# If we got a path, guess by the path first (fall back to file name if no match)
+# else guess by file name directly.
+# shellcheck disable=SC2015
+{
+ test -x "${init}" \
+ && guess_by_path "${init}" \
+ || guess_by_comm_name "$(basename "${init}")"
+} && exit 0 || true
+
+
+# Guessing based on the file path and name didn’t lead to a definitive result.
+#
+# We go through all of the checks until we find a match. To speed up the
+# process, common cases will be checked first based on the underlying kernel.
+
+{ common_candidates_by_kernel; echo "${KNOWN_INIT_SYSTEMS}"; } \
+ | unique | check_list
diff --git a/cdist/conf/explorer/interfaces b/cdist/conf/explorer/interfaces
index 6804f2db..aeb55ed0 100755
--- a/cdist/conf/explorer/interfaces
+++ b/cdist/conf/explorer/interfaces
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/sh -e
#
-# 2012 Sébastien Gross
+# 2019 Ander Punnar (ander-at-kvlt-dot-ee)
#
# This file is part of cdist.
#
@@ -17,35 +17,12 @@
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see .
#
-#
-# List all network interfaces in explorer/ifaces. One interface per line.
-#
-# If your OS is not supported please provide a ifconfig output
-#
-# Use ip, if available
-if command -v ip; then
- ip -o link show | sed -n 's/^[0-9]\+: \(.\+\): <.*/\1/p'
- exit 0
-fi
-
-if ! command -v ifconfig; then
- # no ifconfig, nothing we could do
- exit 0
-fi
-
-uname_s="$(uname -s)"
-REGEXP='s/^(.*)(:[[:space:]]*flags=|Link encap).*/\1/p'
-
-case "$uname_s" in
- Darwin)
- ifconfig -a | sed -n -E "$REGEXP"
- ;;
- Linux|*BSD)
- ifconfig -a | sed -n -r "$REGEXP"
- ;;
- *)
- echo "Unsupported ifconfig output for $uname_s" >&2
- exit 1
- ;;
-esac
+if command -v ip >/dev/null
+then
+ ip -o link show | sed -n 's/^[0-9]\+: \(.\+\): <.*/\1/p'
+elif command -v ifconfig >/dev/null
+then
+ ifconfig -a | sed -n -E 's/^(.*)(:[[:space:]]*flags=|Link encap).*/\1/p'
+fi \
+ | sort -u
diff --git a/cdist/conf/explorer/is-freebsd-jail b/cdist/conf/explorer/is-freebsd-jail
new file mode 100755
index 00000000..010917f5
--- /dev/null
+++ b/cdist/conf/explorer/is-freebsd-jail
@@ -0,0 +1,2 @@
+#!/bin/sh
+sysctl -n security.jail.jailed 2>/dev/null | grep "1" || true
diff --git a/cdist/conf/explorer/kernel_name b/cdist/conf/explorer/kernel_name
new file mode 100755
index 00000000..1f9cfca4
--- /dev/null
+++ b/cdist/conf/explorer/kernel_name
@@ -0,0 +1,2 @@
+#!/bin/sh
+uname -s
diff --git a/cdist/conf/explorer/lsb_codename b/cdist/conf/explorer/lsb_codename
index eebd3e0f..26bb8e3d 100755
--- a/cdist/conf/explorer/lsb_codename
+++ b/cdist/conf/explorer/lsb_codename
@@ -20,8 +20,9 @@
#
set +e
-case "$($__explorer/os)" in
+case "$("$__explorer/os")" in
openwrt)
+ # shellcheck disable=SC1091
(. /etc/openwrt_release && echo "$DISTRIB_CODENAME")
;;
*)
diff --git a/cdist/conf/explorer/lsb_description b/cdist/conf/explorer/lsb_description
index 23f45421..b1009627 100755
--- a/cdist/conf/explorer/lsb_description
+++ b/cdist/conf/explorer/lsb_description
@@ -20,8 +20,9 @@
#
set +e
-case "$($__explorer/os)" in
+case "$("$__explorer/os")" in
openwrt)
+ # shellcheck disable=SC1091
(. /etc/openwrt_release && echo "$DISTRIB_DESCRIPTION")
;;
*)
diff --git a/cdist/conf/explorer/lsb_id b/cdist/conf/explorer/lsb_id
index 9754eb63..82ff9977 100755
--- a/cdist/conf/explorer/lsb_id
+++ b/cdist/conf/explorer/lsb_id
@@ -20,8 +20,9 @@
#
set +e
-case "$($__explorer/os)" in
+case "$("$__explorer/os")" in
openwrt)
+ # shellcheck disable=SC1091
(. /etc/openwrt_release && echo "$DISTRIB_ID")
;;
*)
diff --git a/cdist/conf/explorer/lsb_release b/cdist/conf/explorer/lsb_release
index 35b5547c..5ebfff1a 100755
--- a/cdist/conf/explorer/lsb_release
+++ b/cdist/conf/explorer/lsb_release
@@ -20,8 +20,9 @@
#
set +e
-case "$($__explorer/os)" in
+case "$("$__explorer/os")" in
openwrt)
+ # shellcheck disable=SC1091
(. /etc/openwrt_release && echo "$DISTRIB_RELEASE")
;;
*)
diff --git a/cdist/conf/explorer/machine b/cdist/conf/explorer/machine
index d4a0e106..7ecb67e3 100755
--- a/cdist/conf/explorer/machine
+++ b/cdist/conf/explorer/machine
@@ -22,6 +22,6 @@
#
#
-if command -v uname 2>&1 >/dev/null; then
+if command -v uname >/dev/null 2>&1 ; then
uname -m
fi
diff --git a/cdist/conf/explorer/machine_type b/cdist/conf/explorer/machine_type
new file mode 100755
index 00000000..bb21f69c
--- /dev/null
+++ b/cdist/conf/explorer/machine_type
@@ -0,0 +1,80 @@
+#!/bin/sh
+#
+# 2014 Daniel Heule (hda at sfs.biz)
+# 2014 Thomas Oettli (otho at sfs.biz)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+
+# FIXME: other system types (not linux ...)
+
+if [ -d "/proc/vz" ] && [ ! -d "/proc/bc" ]; then
+ echo openvz
+ exit
+fi
+
+if [ -e "/proc/1/environ" ] &&
+ tr '\000' '\n' < "/proc/1/environ" | grep -Eiq '^container='; then
+ echo lxc
+ exit
+fi
+
+if [ -r /proc/cpuinfo ]; then
+ # this should only exist on virtual guest machines,
+ # tested on vmware, xen, kvm
+ if grep -q "hypervisor" /proc/cpuinfo; then
+ # this file is aviable in xen guest systems
+ if [ -r /sys/hypervisor/type ]; then
+ if grep -q -i "xen" /sys/hypervisor/type; then
+ echo virtual_by_xen
+ exit
+ fi
+ else
+ if [ -r /sys/class/dmi/id/product_name ]; then
+ if grep -q -i 'vmware' /sys/class/dmi/id/product_name; then
+ echo "virtual_by_vmware"
+ exit
+ elif grep -q -i 'bochs' /sys/class/dmi/id/product_name; then
+ echo "virtual_by_kvm"
+ exit
+ elif grep -q -i 'virtualbox' /sys/class/dmi/id/product_name; then
+ echo "virtual_by_virtualbox"
+ exit
+ fi
+ fi
+
+ if [ -r /sys/class/dmi/id/sys_vendor ]; then
+ if grep -q -i 'qemu' /sys/class/dmi/id/sys_vendor; then
+ echo "virtual_by_kvm"
+ exit
+ fi
+ fi
+
+ if [ -r /sys/class/dmi/id/chassis_vendor ]; then
+ if grep -q -i 'qemu' /sys/class/dmi/id/chassis_vendor; then
+ echo "virtual_by_kvm"
+ exit
+ fi
+ fi
+ fi
+ echo "virtual_by_unknown"
+ else
+ echo "physical"
+ fi
+else
+ echo "unknown"
+fi
diff --git a/cdist/conf/explorer/memory b/cdist/conf/explorer/memory
new file mode 100755
index 00000000..4e3efff8
--- /dev/null
+++ b/cdist/conf/explorer/memory
@@ -0,0 +1,41 @@
+#!/bin/sh
+#
+# 2014 Daniel Heule (hda at sfs.biz)
+# 2014 Thomas Oettli (otho at sfs.biz)
+# Copyright 2017, Philippe Gregoire
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+
+# FIXME: other system types (not linux ...)
+
+os=$("$__explorer/os")
+case "$os" in
+ "macosx")
+ echo "$(sysctl -n hw.memsize)/1024" | bc
+ ;;
+
+ "openbsd")
+ echo "$(sysctl -n hw.physmem) / 1048576" | bc
+ ;;
+
+ *)
+ if [ -r /proc/meminfo ]; then
+ grep "MemTotal:" /proc/meminfo | awk '{print $2}'
+ fi
+ ;;
+esac
diff --git a/cdist/conf/explorer/os b/cdist/conf/explorer/os
index 053177eb..563fa4cf 100755
--- a/cdist/conf/explorer/os
+++ b/cdist/conf/explorer/os
@@ -1,6 +1,7 @@
#!/bin/sh
#
# 2010-2011 Nico Schottelius (nico-cdist at schottelius.org)
+# Copyright 2017, Philippe Gregoire
#
# This file is part of cdist.
#
@@ -39,16 +40,28 @@ if [ -f /etc/cdist-preos ]; then
exit 0
fi
+if [ -d /gnu/store ]; then
+ echo guixsd
+ exit 0
+fi
+
### Debian and derivatives
if grep -q ^DISTRIB_ID=Ubuntu /etc/lsb-release 2>/dev/null; then
echo ubuntu
exit 0
fi
+# devuan ascii has both devuan_version and debian_version, so we need to check devuan_version first!
+if [ -f /etc/devuan_version ]; then
+ echo devuan
+ exit 0
+fi
+
if [ -f /etc/debian_version ]; then
echo debian
exit 0
fi
+
###
if [ -f /etc/gentoo-release ]; then
@@ -67,6 +80,11 @@ if [ -f /etc/owl-release ]; then
fi
### Redhat and derivatives
+if grep -q ^Scientific /etc/redhat-release 2>/dev/null; then
+ echo scientific
+ exit 0
+fi
+
if grep -q ^CentOS /etc/redhat-release 2>/dev/null; then
echo centos
exit 0
@@ -77,6 +95,11 @@ if grep -q ^Fedora /etc/redhat-release 2>/dev/null; then
exit 0
fi
+if grep -q ^Mitel /etc/redhat-release 2>/dev/null; then
+ echo mitel
+ exit 0
+fi
+
if [ -f /etc/redhat-release ]; then
echo redhat
exit 0
@@ -119,5 +142,12 @@ case "$uname_s" in
;;
esac
+if [ -f /etc/os-release ]; then
+ # already lowercase, according to:
+ # https://www.freedesktop.org/software/systemd/man/os-release.html
+ awk -F= '/^ID=/ { if ($2 ~ /^'"'"'(.*)'"'"'$/ || $2 ~ /^"(.*)"$/) { print substr($2, 2, length($2) - 2) } else { print $2 } }' /etc/os-release
+ exit 0
+fi
+
echo "Unknown OS" >&2
exit 1
diff --git a/cdist/conf/explorer/os_release b/cdist/conf/explorer/os_release
new file mode 100644
index 00000000..6489446b
--- /dev/null
+++ b/cdist/conf/explorer/os_release
@@ -0,0 +1,38 @@
+#!/bin/sh
+#
+# 2018 Adam Dej (dejko.a at gmail.com)
+# 2020 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+
+# See os-release(5) and http://0pointer.de/blog/projects/os-release
+
+if test -f /etc/os-release
+then
+ # Linux and FreeBSD (usually a symlink)
+ cat /etc/os-release
+elif test -f /usr/lib/os-release
+then
+ # systemd
+ cat /usr/lib/os-release
+elif test -f /var/run/os-release
+then
+ # FreeBSD (created by os-release service)
+ cat /var/run/os-release
+fi
+
diff --git a/cdist/conf/explorer/os_version b/cdist/conf/explorer/os_version
index 50889429..1d54ea60 100755
--- a/cdist/conf/explorer/os_version
+++ b/cdist/conf/explorer/os_version
@@ -22,7 +22,7 @@
#
#
-case "$($__explorer/os)" in
+case "$("$__explorer/os")" in
amazon)
cat /etc/system-release
;;
@@ -33,6 +33,9 @@ case "$($__explorer/os)" in
debian)
cat /etc/debian_version
;;
+ devuan)
+ cat /etc/devuan_version
+ ;;
fedora)
cat /etc/fedora-release
;;
@@ -51,16 +54,23 @@ case "$($__explorer/os)" in
owl)
cat /etc/owl-release
;;
- redhat|centos)
+ redhat|centos|mitel|scientific)
cat /etc/redhat-release
;;
slackware)
cat /etc/slackware-version
;;
suse)
- cat /etc/SuSE-release
+ if [ -f /etc/os-release ]; then
+ cat /etc/os-release
+ else
+ cat /etc/SuSE-release
+ fi
;;
ubuntu)
lsb_release -sr
;;
-esac
+ alpine)
+ cat /etc/alpine-release
+ ;;
+esac
\ No newline at end of file
diff --git a/cdist/conf/type/__acl/explorer/acl_is b/cdist/conf/type/__acl/explorer/acl_is
new file mode 100755
index 00000000..a693c023
--- /dev/null
+++ b/cdist/conf/type/__acl/explorer/acl_is
@@ -0,0 +1,31 @@
+#!/bin/sh -e
+#
+# 2018 Ander Punnar (ander-at-kvlt-dot-ee)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+[ ! -e "/$__object_id" ] && exit 0
+
+if ! command -v getfacl > /dev/null
+then
+ echo 'getfacl not available' >&2
+ exit 1
+fi
+
+getfacl "/$__object_id" 2>/dev/null \
+ | grep -Eo '^(default:)?(user|group|(mask|other):):[^:][[:graph:]]+' \
+ || true
diff --git a/cdist/conf/type/__acl/explorer/checks b/cdist/conf/type/__acl/explorer/checks
new file mode 100755
index 00000000..70bb0412
--- /dev/null
+++ b/cdist/conf/type/__acl/explorer/checks
@@ -0,0 +1,39 @@
+#!/bin/sh -e
+#
+# 2019 Ander Punnar (ander-at-kvlt-dot-ee)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+# TODO check if filesystem has ACL turned on etc
+
+if [ -f "$__object/parameter/acl" ]
+then
+ grep -E '^(default:)?(user|group):' "$__object/parameter/acl" \
+ | while read -r acl
+ do
+ param="$( echo "$acl" | awk -F: '{print $(NF-2)}' )"
+ check="$( echo "$acl" | awk -F: '{print $(NF-1)}' )"
+
+ [ "$param" = 'user' ] && db=passwd || db="$param"
+
+ if ! getent "$db" "$check" > /dev/null
+ then
+ echo "missing $param '$check'" >&2
+ exit 1
+ fi
+ done
+fi
diff --git a/cdist/conf/type/__acl/explorer/file_is b/cdist/conf/type/__acl/explorer/file_is
new file mode 100755
index 00000000..096cffd1
--- /dev/null
+++ b/cdist/conf/type/__acl/explorer/file_is
@@ -0,0 +1,31 @@
+#!/bin/sh -e
+#
+# 2018 Ander Punnar (ander-at-kvlt-dot-ee)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+if [ -e "/$__object_id" ]
+then
+ if [ -d "/$__object_id" ]
+ then echo directory
+ elif [ -f "/$__object_id" ]
+ then echo regular
+ else echo other
+ fi
+else
+ echo missing
+fi
diff --git a/cdist/conf/type/__acl/gencode-remote b/cdist/conf/type/__acl/gencode-remote
new file mode 100755
index 00000000..e5404a9d
--- /dev/null
+++ b/cdist/conf/type/__acl/gencode-remote
@@ -0,0 +1,145 @@
+#!/bin/sh -e
+#
+# 2018 Ander Punnar (ander-at-kvlt-dot-ee)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+file_is="$( cat "$__object/explorer/file_is" )"
+
+if [ "$file_is" = 'missing' ] \
+ && [ -z "$__cdist_dry_run" ] \
+ && \( [ ! -f "$__object/parameter/file" ] \
+ || [ ! -f "$__object/parameter/directory" ] \)
+then
+ exit 0
+fi
+
+os="$( cat "$__global/explorer/os" )"
+
+acl_path="/$__object_id"
+
+acl_is="$( cat "$__object/explorer/acl_is" )"
+
+if [ -f "$__object/parameter/source" ]
+then
+ acl_source="$( cat "$__object/parameter/source" )"
+
+ if [ "$acl_source" = '-' ]
+ then
+ acl_should="$( cat "$__object/stdin" )"
+ else
+ acl_should="$( grep -Ev '^#|^$' "$acl_source" )"
+ fi
+elif [ -f "$__object/parameter/entry" ]
+then
+ acl_should="$( cat "$__object/parameter/entry" )"
+elif [ -f "$__object/parameter/acl" ]
+then
+ acl_should="$( cat "$__object/parameter/acl" )"
+elif
+ [ -f "$__object/parameter/user" ] \
+ || [ -f "$__object/parameter/group" ] \
+ || [ -f "$__object/parameter/mask" ] \
+ || [ -f "$__object/parameter/other" ]
+then
+ acl_should="$( for param in user group mask other
+ do
+ [ ! -f "$__object/parameter/$param" ] && continue
+
+ echo "$param" | grep -Eq 'mask|other' && sep=:: || sep=:
+
+ echo "$param$sep$( cat "$__object/parameter/$param" )"
+ done )"
+else
+ echo 'no parameters set' >&2
+ exit 1
+fi
+
+if [ -f "$__object/parameter/default" ]
+then
+ acl_should="$( echo "$acl_should" \
+ | sed 's/^default://' \
+ | sort -u \
+ | sed 's/\(.*\)/default:\1\n\1/' )"
+fi
+
+if [ "$file_is" = 'regular' ] \
+ && echo "$acl_should" | grep -Eq '^default:'
+then
+ # only directories can have default ACLs,
+ # but instead of error,
+ # let's just remove default entries
+ acl_should="$( echo "$acl_should" | grep -Ev '^default:' )"
+fi
+
+if echo "$acl_should" | awk -F: '{ print $NF }' | grep -Fq 'X'
+then
+ [ "$file_is" = 'directory' ] && rep=x || rep=-
+
+ acl_should="$( echo "$acl_should" | sed "s/\\(.*\\)X/\\1$rep/" )"
+fi
+
+setfacl_exec='setfacl'
+
+if [ -f "$__object/parameter/recursive" ]
+then
+ if echo "$os" | grep -Fq 'freebsd'
+ then
+ echo "$os setfacl do not support recursive operations" >&2
+ else
+ setfacl_exec="$setfacl_exec -R"
+ fi
+fi
+
+if [ -f "$__object/parameter/remove" ]
+then
+ echo "$acl_is" | while read -r acl
+ do
+ # skip wanted ACL entries which already exist
+ # and skip mask and other entries, because we
+ # can't actually remove them, but only change.
+ if echo "$acl_should" | grep -Eq "^$acl" \
+ || echo "$acl" | grep -Eq '^(default:)?(mask|other)'
+ then continue
+ fi
+
+ if echo "$os" | grep -Fq 'freebsd'
+ then
+ remove="$acl"
+ else
+ remove="$( echo "$acl" | sed 's/:...$//' )"
+ fi
+
+ echo "$setfacl_exec -x \"$remove\" \"$acl_path\""
+ echo "removed '$remove'" >> "$__messages_out"
+ done
+fi
+
+for acl in $acl_should
+do
+ if ! echo "$acl_is" | grep -Eq "^$acl"
+ then
+ if echo "$os" | grep -Fq 'freebsd' \
+ && echo "$acl" | grep -Eq '^default:'
+ then
+ echo "setting default ACL in $os is currently not supported" >&2
+ else
+ echo "$setfacl_exec -m \"$acl\" \"$acl_path\""
+ echo "added '$acl'" >> "$__messages_out"
+ fi
+ fi
+done
diff --git a/cdist/conf/type/__acl/man.rst b/cdist/conf/type/__acl/man.rst
new file mode 100644
index 00000000..28412871
--- /dev/null
+++ b/cdist/conf/type/__acl/man.rst
@@ -0,0 +1,110 @@
+cdist-type__acl(7)
+==================
+
+NAME
+----
+cdist-type__acl - Set ACL entries
+
+
+DESCRIPTION
+-----------
+Fully supported and tested on Linux (ext4 filesystem), partial support for FreeBSD.
+
+See ``setfacl`` and ``acl`` manpages for more details.
+
+
+REQUIRED MULTIPLE PARAMETERS
+----------------------------
+entry
+ Set ACL entry following ``getfacl`` output syntax.
+
+
+OPTIONAL PARAMETERS
+-------------------
+source
+ Read ACL entries from stdin or file.
+ Ordering of entries is not important.
+ When reading from file, comments and empty lines are ignored.
+
+file
+ Create/change file with ``__file`` using ``user:group:mode`` pattern.
+
+directory
+ Create/change directory with ``__directory`` using ``user:group:mode`` pattern.
+
+
+BOOLEAN PARAMETERS
+------------------
+default
+ Set all ACL entries as default too.
+ Only directories can have default ACLs.
+ Setting default ACL in FreeBSD is currently not supported.
+
+recursive
+ Make ``setfacl`` recursive (Linux only), but not ``getfacl`` in explorer.
+
+remove
+ Remove undefined ACL entries.
+ ``mask`` and ``other`` entries can't be removed, but only changed.
+
+
+DEPRECATED PARAMETERS
+---------------------
+Parameters ``acl``, ``user``, ``group``, ``mask`` and ``other`` are deprecated and they
+will be removed in future versions. Please use ``entry`` parameter instead.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __acl /srv/project \
+ --default \
+ --recursive \
+ --remove \
+ --entry user:alice:rwx \
+ --entry user:bob:r-x \
+ --entry group:project-group:rwx \
+ --entry group:some-other-group:r-x \
+ --entry mask::r-x \
+ --entry other::r-x
+
+ # give Alice read-only access to subdir,
+ # but don't allow her to see parent content.
+
+ __acl /srv/project2 \
+ --remove \
+ --entry default:group:secret-project:rwx \
+ --entry group:secret-project:rwx \
+ --entry user:alice:--x
+
+ __acl /srv/project2/subdir \
+ --default \
+ --remove \
+ --entry group:secret-project:rwx \
+ --entry user:alice:r-x
+
+ # read acl from stdin
+ echo 'user:alice:rwx' \
+ | __acl /path/to/directory --source -
+
+ # create/change directory too
+ __acl /path/to/directory \
+ --default \
+ --remove \
+ --directory root:root:770 \
+ --entry user:nobody:rwx
+
+
+AUTHORS
+-------
+Ander Punnar
+
+
+COPYING
+-------
+Copyright \(C) 2018 Ander Punnar. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__acl/manifest b/cdist/conf/type/__acl/manifest
new file mode 100755
index 00000000..5fd23110
--- /dev/null
+++ b/cdist/conf/type/__acl/manifest
@@ -0,0 +1,11 @@
+#!/bin/sh -e
+
+for p in file directory
+do
+ [ ! -f "$__object/parameter/$p" ] && continue
+
+ "__$p" "/$__object_id" \
+ --owner "$( awk -F: '{print $1}' "$__object/parameter/$p" )" \
+ --group "$( awk -F: '{print $2}' "$__object/parameter/$p" )" \
+ --mode "$( awk -F: '{print $3}' "$__object/parameter/$p" )"
+done
diff --git a/cdist/conf/type/__acl/parameter/boolean b/cdist/conf/type/__acl/parameter/boolean
new file mode 100644
index 00000000..8b96693f
--- /dev/null
+++ b/cdist/conf/type/__acl/parameter/boolean
@@ -0,0 +1,3 @@
+recursive
+default
+remove
diff --git a/cdist/conf/type/__acl/parameter/deprecated/acl b/cdist/conf/type/__acl/parameter/deprecated/acl
new file mode 100644
index 00000000..94e14159
--- /dev/null
+++ b/cdist/conf/type/__acl/parameter/deprecated/acl
@@ -0,0 +1 @@
+see manual for details
diff --git a/cdist/conf/type/__acl/parameter/deprecated/group b/cdist/conf/type/__acl/parameter/deprecated/group
new file mode 100644
index 00000000..94e14159
--- /dev/null
+++ b/cdist/conf/type/__acl/parameter/deprecated/group
@@ -0,0 +1 @@
+see manual for details
diff --git a/cdist/conf/type/__acl/parameter/deprecated/mask b/cdist/conf/type/__acl/parameter/deprecated/mask
new file mode 100644
index 00000000..94e14159
--- /dev/null
+++ b/cdist/conf/type/__acl/parameter/deprecated/mask
@@ -0,0 +1 @@
+see manual for details
diff --git a/cdist/conf/type/__acl/parameter/deprecated/other b/cdist/conf/type/__acl/parameter/deprecated/other
new file mode 100644
index 00000000..94e14159
--- /dev/null
+++ b/cdist/conf/type/__acl/parameter/deprecated/other
@@ -0,0 +1 @@
+see manual for details
diff --git a/cdist/conf/type/__acl/parameter/deprecated/user b/cdist/conf/type/__acl/parameter/deprecated/user
new file mode 100644
index 00000000..94e14159
--- /dev/null
+++ b/cdist/conf/type/__acl/parameter/deprecated/user
@@ -0,0 +1 @@
+see manual for details
diff --git a/cdist/conf/type/__acl/parameter/optional b/cdist/conf/type/__acl/parameter/optional
new file mode 100644
index 00000000..cdcbc0b8
--- /dev/null
+++ b/cdist/conf/type/__acl/parameter/optional
@@ -0,0 +1,5 @@
+mask
+other
+source
+file
+directory
diff --git a/cdist/conf/type/__acl/parameter/optional_multiple b/cdist/conf/type/__acl/parameter/optional_multiple
new file mode 100644
index 00000000..c615d507
--- /dev/null
+++ b/cdist/conf/type/__acl/parameter/optional_multiple
@@ -0,0 +1,4 @@
+entry
+acl
+user
+group
diff --git a/cdist/conf/type/__apt_default_release/man.rst b/cdist/conf/type/__apt_default_release/man.rst
new file mode 100644
index 00000000..0277a06f
--- /dev/null
+++ b/cdist/conf/type/__apt_default_release/man.rst
@@ -0,0 +1,46 @@
+cdist-type__apt_default_release(7)
+==================================
+
+NAME
+----
+cdist-type__apt_default_release - Configure the default release for apt
+
+
+DESCRIPTION
+-----------
+Configure the default release for apt, using the APT::Default-Release
+configuration value.
+
+REQUIRED PARAMETERS
+-------------------
+release
+ The value to set APT::Default-Release to.
+
+ This can contain release name, codename or release version. Examples:
+ 'stable', 'testing', 'unstable', 'stretch', 'buster', '4.0', '5.0*'.
+
+
+OPTIONAL PARAMETERS
+-------------------
+None.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __apt_default_release --release stretch
+
+
+AUTHORS
+-------
+Matthijs Kooijman
+
+
+COPYING
+-------
+Copyright \(C) 2017 Matthijs Kooijman. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__apt_default_release/manifest b/cdist/conf/type/__apt_default_release/manifest
new file mode 100755
index 00000000..1232efb5
--- /dev/null
+++ b/cdist/conf/type/__apt_default_release/manifest
@@ -0,0 +1,41 @@
+#!/bin/sh -e
+#
+# 2014 Steven Armstrong (steven-cdist at armstrong.cc)
+# 2017 Matthijs Kooijman (matthijs at stdin.nl)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+
+os=$(cat "$__global/explorer/os")
+release="$(cat "$__object/parameter/release")"
+
+case "$os" in
+ ubuntu|debian|devuan)
+ __file /etc/apt/apt.conf.d/99-default-release \
+ --owner root --group root --mode 644 \
+ --source - << DONE
+APT::Default-Release "$release";
+DONE
+ ;;
+ *)
+ cat >&2 << DONE
+The developer of this type (${__type##*/}) did not think your operating system
+($os) would have any use for it. If you think otherwise please submit a patch.
+DONE
+ exit 1
+ ;;
+esac
diff --git a/cdist/conf/type/__apt_default_release/parameter/required b/cdist/conf/type/__apt_default_release/parameter/required
new file mode 100644
index 00000000..d7025695
--- /dev/null
+++ b/cdist/conf/type/__apt_default_release/parameter/required
@@ -0,0 +1 @@
+release
diff --git a/cdist/test/config_install/fixtures/type/__singleton_test/singleton b/cdist/conf/type/__apt_default_release/singleton
similarity index 100%
rename from cdist/test/config_install/fixtures/type/__singleton_test/singleton
rename to cdist/conf/type/__apt_default_release/singleton
diff --git a/cdist/conf/type/__apt_key/explorer/state b/cdist/conf/type/__apt_key/explorer/state
new file mode 100755
index 00000000..38f1bd3c
--- /dev/null
+++ b/cdist/conf/type/__apt_key/explorer/state
@@ -0,0 +1,44 @@
+#!/bin/sh
+#
+# 2011-2014 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# Get the current state of the apt key.
+#
+
+if [ -f "$__object/parameter/keyid" ]; then
+ keyid="$(cat "$__object/parameter/keyid")"
+else
+ keyid="$__object_id"
+fi
+
+keydir="$(cat "$__object/parameter/keydir")"
+keyfile="$keydir/$__object_id.gpg"
+
+if [ -d "$keydir" ]
+then
+ if [ -f "$keyfile" ]
+ then echo present
+ else echo absent
+ fi
+else
+ # fallback to deprecated apt-key
+ apt-key export "$keyid" | head -n 1 | grep -Fqe "BEGIN PGP PUBLIC KEY BLOCK" \
+ && echo present \
+ || echo absent
+fi
diff --git a/cdist/conf/type/__apt_key/gencode-remote b/cdist/conf/type/__apt_key/gencode-remote
new file mode 100755
index 00000000..0c96ff67
--- /dev/null
+++ b/cdist/conf/type/__apt_key/gencode-remote
@@ -0,0 +1,112 @@
+#!/bin/sh -e
+#
+# 2011-2014 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+if [ -f "$__object/parameter/keyid" ]; then
+ keyid="$(cat "$__object/parameter/keyid")"
+else
+ keyid="$__object_id"
+fi
+state_should="$(cat "$__object/parameter/state")"
+state_is="$(cat "$__object/explorer/state")"
+
+if [ "$state_should" = "$state_is" ]; then
+ # nothing to do
+ exit 0
+fi
+
+keydir="$(cat "$__object/parameter/keydir")"
+keyfile="$keydir/$__object_id.gpg"
+
+case "$state_should" in
+ present)
+ keyserver="$(cat "$__object/parameter/keyserver")"
+
+ if [ -f "$__object/parameter/uri" ]; then
+ uri="$(cat "$__object/parameter/uri")"
+
+ if [ -d "$keydir" ]; then
+ cat << EOF
+
+curl -s -L \\
+ -o "$keyfile" \\
+ "$uri"
+
+key="\$( cat "$keyfile" )"
+
+if echo "\$key" | grep -Fq 'BEGIN PGP PUBLIC KEY BLOCK'
+then
+ echo "\$key" | gpg --dearmor > "$keyfile"
+fi
+
+EOF
+ else
+ # fallback to deprecated apt-key
+ echo "curl -s -L '$uri' | apt-key add -"
+ fi
+ elif [ -d "$keydir" ]; then
+ # we need to kill gpg after 30 seconds, because gpg
+ # can get stuck if keyserver is not responding.
+ # exporting env var and not exit 1,
+ # because we need to clean up and kill dirmngr.
+ cat << EOF
+
+gpgtmphome="\$( mktemp -d )"
+
+if timeout 30s \\
+ gpg --homedir "\$gpgtmphome" \\
+ --keyserver "$keyserver" \\
+ --recv-keys "$keyid"
+then
+ gpg --homedir "\$gpgtmphome" \\
+ --export "$keyid" \\
+ > "$keyfile"
+else
+ export GPG_GOT_STUCK=1
+fi
+
+GNUPGHOME="\$gpgtmphome" gpgconf --kill dirmngr
+
+rm -rf "\$gpgtmphome"
+
+if [ -n "\$GPG_GOT_STUCK" ]
+then
+ echo "GPG GOT STUCK - no response from keyserver after 30 seconds" >&2
+ exit 1
+fi
+
+EOF
+ else
+ # fallback to deprecated apt-key
+ echo "apt-key adv --keyserver \"$keyserver\" --recv-keys \"$keyid\""
+ fi
+
+ echo "added '$keyid'" >> "$__messages_out"
+ ;;
+ absent)
+ if [ -f "$keyfile" ]; then
+ echo "rm '$keyfile'"
+ else
+ # fallback to deprecated apt-key
+ echo "apt-key del \"$keyid\""
+ fi
+
+ echo "removed '$keyid'" >> "$__messages_out"
+ ;;
+esac
diff --git a/cdist/conf/type/__apt_key/man.rst b/cdist/conf/type/__apt_key/man.rst
new file mode 100644
index 00000000..234bc715
--- /dev/null
+++ b/cdist/conf/type/__apt_key/man.rst
@@ -0,0 +1,72 @@
+cdist-type__apt_key(7)
+======================
+
+NAME
+----
+cdist-type__apt_key - Manage the list of keys used by apt
+
+
+DESCRIPTION
+-----------
+Manages the list of keys used by apt to authenticate packages.
+
+
+REQUIRED PARAMETERS
+-------------------
+None.
+
+
+OPTIONAL PARAMETERS
+-------------------
+state
+ 'present' or 'absent'. Defaults to 'present'
+
+keyid
+ the id of the key to add. Defaults to __object_id
+
+keyserver
+ the keyserver from which to fetch the key. If omitted the default set
+ in ./parameter/default/keyserver is used.
+
+keydir
+ key save location, defaults to ``/etc/apt/trusted.pgp.d``
+
+uri
+ the URI from which to download the key
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Add Ubuntu Archive Automatic Signing Key
+ __apt_key 437D05B5
+ # Same thing
+ __apt_key 437D05B5 --state present
+ # Get rid of it
+ __apt_key 437D05B5 --state absent
+
+ # same thing with human readable name and explicit keyid
+ __apt_key UbuntuArchiveKey --keyid 437D05B5
+
+ # same thing with other keyserver
+ __apt_key UbuntuArchiveKey --keyid 437D05B5 --keyserver keyserver.ubuntu.com
+
+ # download key from the internet
+ __apt_key rabbitmq \
+ --uri http://www.rabbitmq.com/rabbitmq-signing-key-public.asc
+
+
+AUTHORS
+-------
+Steven Armstrong
+Ander Punnar
+
+
+COPYING
+-------
+Copyright \(C) 2011-2019 Steven Armstrong and Ander Punnar. You can
+redistribute it and/or modify it under the terms of the GNU General Public
+License as published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__apt_key/manifest b/cdist/conf/type/__apt_key/manifest
new file mode 100755
index 00000000..010357cd
--- /dev/null
+++ b/cdist/conf/type/__apt_key/manifest
@@ -0,0 +1,8 @@
+#!/bin/sh -e
+
+__package gnupg
+
+if [ -f "$__object/parameter/uri" ]
+then __package curl
+else __package dirmngr
+fi
diff --git a/cdist/conf/type/__apt_key/parameter/default/keydir b/cdist/conf/type/__apt_key/parameter/default/keydir
new file mode 100644
index 00000000..190eb2de
--- /dev/null
+++ b/cdist/conf/type/__apt_key/parameter/default/keydir
@@ -0,0 +1 @@
+/etc/apt/trusted.gpg.d
diff --git a/cdist/conf/type/__apt_key/parameter/default/keyserver b/cdist/conf/type/__apt_key/parameter/default/keyserver
new file mode 100644
index 00000000..0d189916
--- /dev/null
+++ b/cdist/conf/type/__apt_key/parameter/default/keyserver
@@ -0,0 +1 @@
+pool.sks-keyservers.net
diff --git a/cdist/conf/type/__apt_key/parameter/default/state b/cdist/conf/type/__apt_key/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__apt_key/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__apt_key/parameter/optional b/cdist/conf/type/__apt_key/parameter/optional
new file mode 100644
index 00000000..de647375
--- /dev/null
+++ b/cdist/conf/type/__apt_key/parameter/optional
@@ -0,0 +1,5 @@
+state
+keyid
+keyserver
+keydir
+uri
diff --git a/cdist/conf/type/__package_pkg_openbsd/explorer/pkg_version b/cdist/conf/type/__apt_key_uri/explorer/state
similarity index 78%
rename from cdist/conf/type/__package_pkg_openbsd/explorer/pkg_version
rename to cdist/conf/type/__apt_key_uri/explorer/state
index bc23a85d..6f607607 100755
--- a/cdist/conf/type/__package_pkg_openbsd/explorer/pkg_version
+++ b/cdist/conf/type/__apt_key_uri/explorer/state
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# 2011 Andi Brönnimann (andi-cdist at v-net.ch)
+# 2011-2014 Steven Armstrong (steven-cdist at armstrong.cc)
#
# This file is part of cdist.
#
@@ -18,7 +18,7 @@
# along with cdist. If not, see .
#
#
-# Retrieve the status of a package - parsed dpkg output
+# Get the current state of the apt key.
#
if [ -f "$__object/parameter/name" ]; then
@@ -27,5 +27,6 @@ else
name="$__object_id"
fi
-#TODO: Is there a better way?
-pkg_info | grep "$name" | sed 's .*\(-[0-9.][0-9.]*\).* \1 ' | sed 's/-//'
+apt-key list 2> /dev/null | grep -Fqe "$name" \
+ && echo present \
+ || echo absent
diff --git a/cdist/conf/type/__apt_key_uri/gencode-remote b/cdist/conf/type/__apt_key_uri/gencode-remote
new file mode 100755
index 00000000..229b6564
--- /dev/null
+++ b/cdist/conf/type/__apt_key_uri/gencode-remote
@@ -0,0 +1,45 @@
+#!/bin/sh -e
+#
+# 2011-2014 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+if [ -f "$__object/parameter/name" ]; then
+ name="$(cat "$__object/parameter/name")"
+else
+ name="$__object_id"
+fi
+state_should="$(cat "$__object/parameter/state")"
+state_is="$(cat "$__object/explorer/state")"
+
+if [ "$state_should" = "$state_is" ]; then
+ # nothing to do
+ exit 0
+fi
+
+case "$state_should" in
+ present)
+ uri="$(cat "$__object/parameter/uri")"
+ printf 'curl -s -L "%s" | apt-key add -\n' "$uri"
+ ;;
+ absent)
+ cat << DONE
+keyid=\$(apt-key list | grep -B1 "$name" | awk '/pub/ { print \$2 }' | cut -d'/' -f 2)
+apt-key del \$keyid
+DONE
+ ;;
+esac
diff --git a/cdist/conf/type/__apt_key_uri/man.rst b/cdist/conf/type/__apt_key_uri/man.rst
new file mode 100644
index 00000000..82a191b9
--- /dev/null
+++ b/cdist/conf/type/__apt_key_uri/man.rst
@@ -0,0 +1,51 @@
+cdist-type__apt_key_uri(7)
+==========================
+
+NAME
+----
+cdist-type__apt_key_uri - Add apt key from uri
+
+
+DESCRIPTION
+-----------
+Download a key from an uri and add it to the apt keyring.
+
+
+REQUIRED PARAMETERS
+-------------------
+uri
+ the uri from which to download the key
+
+
+OPTIONAL PARAMETERS
+-------------------
+state
+ 'present' or 'absent', defaults to 'present'
+
+name
+ a name for this key, used when testing if it is already installed.
+ Defaults to __object_id
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __apt_key_uri rabbitmq \
+ --name 'RabbitMQ Release Signing Key ' \
+ --uri http://www.rabbitmq.com/rabbitmq-signing-key-public.asc \
+ --state present
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2011-2014 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__apt_key_uri/manifest b/cdist/conf/type/__apt_key_uri/manifest
new file mode 100755
index 00000000..bf7b267d
--- /dev/null
+++ b/cdist/conf/type/__apt_key_uri/manifest
@@ -0,0 +1,21 @@
+#!/bin/sh -e
+#
+# 2013-2014 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+__package curl
diff --git a/cdist/conf/type/__apt_key_uri/parameter/default/state b/cdist/conf/type/__apt_key_uri/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__apt_key_uri/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__apt_key_uri/parameter/optional b/cdist/conf/type/__apt_key_uri/parameter/optional
new file mode 100644
index 00000000..72c84b88
--- /dev/null
+++ b/cdist/conf/type/__apt_key_uri/parameter/optional
@@ -0,0 +1,2 @@
+state
+name
diff --git a/cdist/conf/type/__apt_key_uri/parameter/required b/cdist/conf/type/__apt_key_uri/parameter/required
new file mode 100644
index 00000000..c7954952
--- /dev/null
+++ b/cdist/conf/type/__apt_key_uri/parameter/required
@@ -0,0 +1 @@
+uri
diff --git a/cdist/conf/type/__apt_mark/explorer/apt_version b/cdist/conf/type/__apt_mark/explorer/apt_version
new file mode 100755
index 00000000..7bb90cc2
--- /dev/null
+++ b/cdist/conf/type/__apt_mark/explorer/apt_version
@@ -0,0 +1,31 @@
+#!/bin/sh -e
+#
+# 2016 Ander Punnar (cdist at kvlt.ee)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+apt_version_is=$(dpkg-query --show --showformat '${Version}' apt)
+
+# from APT changelog:
+# apt (0.8.14.2) UNRELEASED; urgency=low
+# provide a 'dpkg --set-selections' wrapper to set/release holds
+
+apt_version_should=0.8.14.2
+
+dpkg --compare-versions "$apt_version_should" le "$apt_version_is" \
+ && echo 0 \
+ || echo 1
diff --git a/cdist/conf/type/__apt_mark/explorer/package_installed b/cdist/conf/type/__apt_mark/explorer/package_installed
new file mode 100755
index 00000000..0b072cbc
--- /dev/null
+++ b/cdist/conf/type/__apt_mark/explorer/package_installed
@@ -0,0 +1,30 @@
+#!/bin/sh -e
+#
+# 2016 Ander Punnar (cdist at kvlt.ee)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+if [ -f "$__object/parameter/name" ]; then
+ name="$(cat "$__object/parameter/name")"
+else
+ name="$__object_id"
+fi
+
+dpkg-query --show --showformat '${Status}' "$name" 2>/dev/null \
+ | grep -Fq 'ok installed' \
+ && echo 0 \
+ || echo 1
diff --git a/cdist/conf/type/__apt_mark/explorer/state b/cdist/conf/type/__apt_mark/explorer/state
new file mode 100755
index 00000000..b7fe08fa
--- /dev/null
+++ b/cdist/conf/type/__apt_mark/explorer/state
@@ -0,0 +1,27 @@
+#!/bin/sh -e
+#
+# 2016 Ander Punnar (cdist at kvlt.ee)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+if [ -f "$__object/parameter/name" ]; then
+ name="$(cat "$__object/parameter/name")"
+else
+ name="$__object_id"
+fi
+
+apt-mark showhold | grep -Fq "$name" && echo hold || echo unhold
diff --git a/cdist/conf/type/__apt_mark/gencode-remote b/cdist/conf/type/__apt_mark/gencode-remote
new file mode 100755
index 00000000..bc995444
--- /dev/null
+++ b/cdist/conf/type/__apt_mark/gencode-remote
@@ -0,0 +1,56 @@
+#!/bin/sh -e
+#
+# 2016 Ander Punnar (cdist at kvlt.ee)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+if [ -f "$__object/parameter/name" ]; then
+ name="$(cat "$__object/parameter/name")"
+else
+ name="$__object_id"
+fi
+
+apt_version="$(cat "$__object/explorer/apt_version")"
+
+if [ "$apt_version" != '0' ]; then
+ echo 'APT version not supported' >&2
+ exit 1
+fi
+
+package_installed="$(cat "$__object/explorer/package_installed")"
+
+if [ "$package_installed" != '0' ]; then
+ exit 0
+fi
+
+state_should="$(cat "$__object/parameter/state")"
+
+state_is="$(cat "$__object/explorer/state")"
+
+if [ "$state_should" = "$state_is" ]; then
+ exit 0
+fi
+
+case "$state_should" in
+ hold|unhold)
+ echo "apt-mark $state_should $name > /dev/null"
+ ;;
+ *)
+ echo "Unknown state: $state_should" >&2
+ exit 1
+ ;;
+esac
diff --git a/cdist/conf/type/__apt_mark/man.rst b/cdist/conf/type/__apt_mark/man.rst
new file mode 100644
index 00000000..7aa2a519
--- /dev/null
+++ b/cdist/conf/type/__apt_mark/man.rst
@@ -0,0 +1,47 @@
+cdist-type__apt_mark(7)
+=======================
+
+NAME
+----
+cdist-type__apt_mark - set package state as 'hold' or 'unhold'
+
+
+DESCRIPTION
+-----------
+See apt-mark(8) for details.
+
+
+REQUIRED PARAMETERS
+-------------------
+state
+ Either "hold" or "unhold".
+
+
+OPTIONAL PARAMETERS
+-------------------
+name
+ If supplied, use the name and not the object id as the package name.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # hold package
+ __apt_mark quagga --state hold
+ # unhold package
+ __apt_mark quagga --state unhold
+
+
+AUTHORS
+-------
+Ander Punnar
+
+
+COPYING
+-------
+Copyright \(C) 2016 Ander Punnar. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__apt_mark/parameter/optional b/cdist/conf/type/__apt_mark/parameter/optional
new file mode 100644
index 00000000..f121bdbf
--- /dev/null
+++ b/cdist/conf/type/__apt_mark/parameter/optional
@@ -0,0 +1 @@
+name
diff --git a/cdist/conf/type/__apt_ppa/parameter/required b/cdist/conf/type/__apt_mark/parameter/required
similarity index 100%
rename from cdist/conf/type/__apt_ppa/parameter/required
rename to cdist/conf/type/__apt_mark/parameter/required
diff --git a/cdist/conf/type/__apt_norecommends/man.rst b/cdist/conf/type/__apt_norecommends/man.rst
new file mode 100644
index 00000000..001fffe4
--- /dev/null
+++ b/cdist/conf/type/__apt_norecommends/man.rst
@@ -0,0 +1,42 @@
+cdist-type__apt_norecommends(7)
+===============================
+
+NAME
+----
+cdist-type__apt_norecommends - Configure apt to not install recommended packages
+
+
+DESCRIPTION
+-----------
+Configure apt to not install any recommended or suggested packages.
+
+
+REQUIRED PARAMETERS
+-------------------
+None.
+
+
+OPTIONAL PARAMETERS
+-------------------
+None.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __apt_norecommends
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2014 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__apt_norecommends/manifest b/cdist/conf/type/__apt_norecommends/manifest
new file mode 100755
index 00000000..e737df89
--- /dev/null
+++ b/cdist/conf/type/__apt_norecommends/manifest
@@ -0,0 +1,44 @@
+#!/bin/sh -e
+#
+# 2014 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+
+os=$(cat "$__global/explorer/os")
+
+case "$os" in
+ ubuntu|debian|devuan)
+ # No stinking recommends thank you very much.
+ # If I want something installed I will do so myself.
+ __file /etc/apt/apt.conf.d/99-no-recommends \
+ --owner root --group root --mode 644 \
+ --source - << DONE
+APT::Install-Recommends "0";
+APT::Install-Suggests "0";
+APT::AutoRemove::RecommendsImportant "0";
+APT::AutoRemove::SuggestsImportant "0";
+DONE
+ ;;
+ *)
+ cat >&2 << DONE
+The developer of this type (${__type##*/}) did not think your operating system
+($os) would have any use for it. If you think otherwise please submit a patch.
+DONE
+ exit 1
+ ;;
+esac
diff --git a/cdist/test/cdist_object/fixtures/object/__first/.keep b/cdist/conf/type/__apt_norecommends/singleton
similarity index 100%
rename from cdist/test/cdist_object/fixtures/object/__first/.keep
rename to cdist/conf/type/__apt_norecommends/singleton
diff --git a/cdist/conf/type/__apt_ppa/explorer/state b/cdist/conf/type/__apt_ppa/explorer/state
index 2bb4f65a..d47e7d20 100755
--- a/cdist/conf/type/__apt_ppa/explorer/state
+++ b/cdist/conf/type/__apt_ppa/explorer/state
@@ -23,10 +23,11 @@
name="$__object_id"
+# shellcheck disable=SC1091
. /etc/lsb-release
repo_name="${name#ppa:}"
-repo_file_name="$(echo "$repo_name" | sed -e "s|[/:]|-|" -e "s|\.|_|")-${DISTRIB_CODENAME}.list"
+repo_file_name="$(echo "$repo_name" | sed -e 's|[/:]|-|' -e 's|\.|_|')-${DISTRIB_CODENAME}.list"
[ -s "/etc/apt/sources.list.d/${repo_file_name}" ] \
&& echo present || echo absent
diff --git a/cdist/conf/type/__apt_ppa/gencode-remote b/cdist/conf/type/__apt_ppa/gencode-remote
index 300a0e1e..84ebebfe 100755
--- a/cdist/conf/type/__apt_ppa/gencode-remote
+++ b/cdist/conf/type/__apt_ppa/gencode-remote
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/sh -e
#
# 2011 Steven Armstrong (steven-cdist at armstrong.cc)
#
@@ -29,9 +29,9 @@ fi
case "$state_should" in
present)
- echo add-apt-repository \"$name\"
+ echo "add-apt-repository '$name'"
;;
absent)
- echo remove-apt-repository \"$name\"
+ echo "remove-apt-repository '$name'"
;;
esac
diff --git a/cdist/conf/type/__apt_ppa/man.rst b/cdist/conf/type/__apt_ppa/man.rst
new file mode 100644
index 00000000..8347c908
--- /dev/null
+++ b/cdist/conf/type/__apt_ppa/man.rst
@@ -0,0 +1,50 @@
+cdist-type__apt_ppa(7)
+======================
+
+NAME
+----
+cdist-type__apt_ppa - Manage ppa repositories
+
+
+DESCRIPTION
+-----------
+This cdist type allows manage ubuntu ppa repositories.
+
+
+REQUIRED PARAMETERS
+-------------------
+state
+ The state the ppa should be in, either 'present' or 'absent'.
+ Defaults to 'present'
+
+
+OPTIONAL PARAMETERS
+-------------------
+None.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Enable a ppa repository
+ __apt_ppa ppa:sans-intern/missing-bits
+ # same as
+ __apt_ppa ppa:sans-intern/missing-bits --state present
+
+ # Disable a ppa repository
+ __apt_ppa ppa:sans-intern/missing-bits --state absent
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2011-2014 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__apt_ppa/man.text b/cdist/conf/type/__apt_ppa/man.text
deleted file mode 100644
index 6a5990d5..00000000
--- a/cdist/conf/type/__apt_ppa/man.text
+++ /dev/null
@@ -1,47 +0,0 @@
-cdist-type__apt_ppa(7)
-======================
-Steven Armstrong
-
-
-NAME
-----
-cdist-type__apt_ppa - Manage ppa repositories
-
-
-DESCRIPTION
------------
-This cdist type allows manage ubuntu ppa repositories.
-
-
-REQUIRED PARAMETERS
--------------------
-state::
- The state the ppa should be in, either "present" or "absent".
-
-
-OPTIONAL PARAMETERS
--------------------
-None.
-
-
-EXAMPLES
---------
-
---------------------------------------------------------------------------------
-# Enable a ppa repository
-__apt_ppa ppa:sans-intern/missing-bits --state present
-
-# Disable a ppa repository
-__apt_ppa ppa:sans-intern/missing-bits --state absent
---------------------------------------------------------------------------------
-
-
-SEE ALSO
---------
-- cdist-type(7)
-
-
-COPYING
--------
-Copyright \(C) 2011 Steven Armstrong. Free use of this software is
-granted under the terms of the GNU General Public License version 3 (GPLv3).
diff --git a/cdist/conf/type/__apt_ppa/manifest b/cdist/conf/type/__apt_ppa/manifest
index e7ad0c26..c6f4e876 100755
--- a/cdist/conf/type/__apt_ppa/manifest
+++ b/cdist/conf/type/__apt_ppa/manifest
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/sh -e
#
-# 2011 Steven Armstrong (steven-cdist at armstrong.cc)
+# 2011-2016 Steven Armstrong (steven-cdist at armstrong.cc)
#
# This file is part of cdist.
#
@@ -18,11 +18,9 @@
# along with cdist. If not, see .
#
-name="$__object_id"
+__package software-properties-common
-__package python-software-properties --state present
-
-require="__package/python-software-properties" \
+require="__package/software-properties-common" \
__file /usr/local/bin/remove-apt-repository \
--source "$__type/files/remove-apt-repository" \
--mode 0755
diff --git a/cdist/conf/type/__apt_ppa/parameter/default/state b/cdist/conf/type/__apt_ppa/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__apt_ppa/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__jail/parameter/required b/cdist/conf/type/__apt_ppa/parameter/optional
similarity index 100%
rename from cdist/conf/type/__jail/parameter/required
rename to cdist/conf/type/__apt_ppa/parameter/optional
diff --git a/cdist/conf/type/__apt_source/files/source.list.template b/cdist/conf/type/__apt_source/files/source.list.template
new file mode 100755
index 00000000..d4420e96
--- /dev/null
+++ b/cdist/conf/type/__apt_source/files/source.list.template
@@ -0,0 +1,15 @@
+#!/bin/sh
+set -u
+
+entry="$uri $distribution $component"
+cat << DONE
+# Created by cdist ${__type##*/}
+# Do not change. Changes will be overwritten.
+#
+
+# $name
+deb ${forcedarch} $entry
+DONE
+if [ -f "$__object/parameter/include-src" ]; then
+ echo "deb-src $entry"
+fi
diff --git a/cdist/conf/type/__apt_source/gencode-remote b/cdist/conf/type/__apt_source/gencode-remote
new file mode 100755
index 00000000..1e8592c6
--- /dev/null
+++ b/cdist/conf/type/__apt_source/gencode-remote
@@ -0,0 +1,28 @@
+#!/bin/sh -e
+#
+# 2018 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+
+name="$__object_id"
+destination="/etc/apt/sources.list.d/${name}.list"
+
+if grep -q "^__file${destination}" "$__messages_in"; then
+ printf 'apt-get update || apt-get update\n'
+fi
+
diff --git a/cdist/conf/type/__apt_source/man.rst b/cdist/conf/type/__apt_source/man.rst
new file mode 100644
index 00000000..d1acb388
--- /dev/null
+++ b/cdist/conf/type/__apt_source/man.rst
@@ -0,0 +1,70 @@
+cdist-type__apt_source(7)
+=========================
+
+NAME
+----
+cdist-type__apt_source - Manage apt sources
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to manage apt sources. It invokes index update
+internally when needed so call of index updating type is not needed.
+
+
+REQUIRED PARAMETERS
+-------------------
+uri
+ the uri to the apt repository
+
+
+OPTIONAL PARAMETERS
+-------------------
+arch
+ set this if you need to force and specific arch (ubuntu specific)
+
+state
+ 'present' or 'absent', defaults to 'present'
+
+distribution
+ the distribution codename to use. Defaults to DISTRIB_CODENAME from
+ the targets /etc/lsb-release
+
+component
+ space delimited list of components to enable. Defaults to an empty string.
+
+
+BOOLEAN PARAMETERS
+------------------
+include-src
+ include deb-src entries
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __apt_source rabbitmq \
+ --uri http://www.rabbitmq.com/debian/ \
+ --distribution testing \
+ --component main \
+ --include-src \
+ --state present
+
+ __apt_source canonical_partner \
+ --uri http://archive.canonical.com/ \
+ --component partner --state present
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2011-2018 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__apt_source/manifest b/cdist/conf/type/__apt_source/manifest
new file mode 100755
index 00000000..35f15909
--- /dev/null
+++ b/cdist/conf/type/__apt_source/manifest
@@ -0,0 +1,52 @@
+#!/bin/sh -e
+#
+# 2011-2018 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+name="$__object_id"
+state="$(cat "$__object/parameter/state")"
+uri="$(cat "$__object/parameter/uri")"
+
+if [ -f "$__object/parameter/distribution" ]; then
+ distribution="$(cat "$__object/parameter/distribution")"
+else
+ distribution="$(cat "$__global/explorer/lsb_codename")"
+fi
+
+component="$(cat "$__object/parameter/component")"
+
+if [ -f "$__object/parameter/arch" ]; then
+ forcedarch="[arch=$(cat "$__object/parameter/arch")]"
+else
+ forcedarch=""
+fi
+
+# export variables for use in template
+export name
+export uri
+export distribution
+export component
+export forcedarch
+
+# generate file from template
+mkdir "$__object/files"
+"$__type/files/source.list.template" > "$__object/files/source.list"
+__file "/etc/apt/sources.list.d/${name}.list" \
+ --source "$__object/files/source.list" \
+ --owner root --group root --mode 0644 \
+ --state "$state"
diff --git a/cdist/test/cdist_object/fixtures/object/__first/child/.cdist/.keep b/cdist/conf/type/__apt_source/nonparallel
similarity index 100%
rename from cdist/test/cdist_object/fixtures/object/__first/child/.cdist/.keep
rename to cdist/conf/type/__apt_source/nonparallel
diff --git a/cdist/conf/type/__apt_source/parameter/boolean b/cdist/conf/type/__apt_source/parameter/boolean
new file mode 100644
index 00000000..8fa49177
--- /dev/null
+++ b/cdist/conf/type/__apt_source/parameter/boolean
@@ -0,0 +1 @@
+include-src
diff --git a/cdist/test/cdist_object/fixtures/object/__first/dog/.cdist/.keep b/cdist/conf/type/__apt_source/parameter/default/component
similarity index 100%
rename from cdist/test/cdist_object/fixtures/object/__first/dog/.cdist/.keep
rename to cdist/conf/type/__apt_source/parameter/default/component
diff --git a/cdist/conf/type/__apt_source/parameter/default/state b/cdist/conf/type/__apt_source/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__apt_source/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__apt_source/parameter/optional b/cdist/conf/type/__apt_source/parameter/optional
new file mode 100644
index 00000000..87537335
--- /dev/null
+++ b/cdist/conf/type/__apt_source/parameter/optional
@@ -0,0 +1,4 @@
+state
+distribution
+component
+arch
\ No newline at end of file
diff --git a/cdist/conf/type/__apt_source/parameter/required b/cdist/conf/type/__apt_source/parameter/required
new file mode 100644
index 00000000..c7954952
--- /dev/null
+++ b/cdist/conf/type/__apt_source/parameter/required
@@ -0,0 +1 @@
+uri
diff --git a/cdist/conf/type/__apt_unattended_upgrades/man.rst b/cdist/conf/type/__apt_unattended_upgrades/man.rst
new file mode 100644
index 00000000..2231b5f9
--- /dev/null
+++ b/cdist/conf/type/__apt_unattended_upgrades/man.rst
@@ -0,0 +1,68 @@
+cdist-type__apt_unattended_upgrades(7)
+======================================
+
+NAME
+----
+cdist-type__apt_unattended_upgrades - automatic installation of updates
+
+
+DESCRIPTION
+-----------
+
+Install and configure unattended-upgrades package.
+
+For more information see https://wiki.debian.org/UnattendedUpgrades.
+
+
+OPTIONAL MULTIPLE PARAMETERS
+----------------------------
+option
+ Set options for unattended-upgrades. See examples.
+
+ Supported options with default values (as of 2020-01-17) are:
+
+ - AutoFixInterruptedDpkg, default is "true"
+ - MinimalSteps, default is "true"
+ - InstallOnShutdown, default is "false"
+ - Mail, default is "" (empty)
+ - MailOnlyOnError, default is "false"
+ - Remove-Unused-Kernel-Packages, default is "true"
+ - Remove-New-Unused-Dependencies, default is "true"
+ - Remove-Unused-Dependencies, default is "false"
+ - Automatic-Reboot, default is "false"
+ - Automatic-Reboot-WithUsers, default is "true"
+ - Automatic-Reboot-Time, default is "02:00"
+ - SyslogEnable, default is "false"
+ - SyslogFacility, default is "daemon"
+ - OnlyOnACPower, default is "true"
+ - Skip-Updates-On-Metered-Connections, default is "true"
+ - Verbose, default is "false"
+ - Debug, default is "false"
+
+blacklist
+ Python regular expressions, matching packages to exclude from upgrading.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __apt_unattended_upgrades \
+ --option Mail=root \
+ --option MailOnlyOnError=true \
+ --blacklist multipath-tools \
+ --blacklist open-iscsi
+
+
+AUTHORS
+-------
+Ander Punnar
+
+
+COPYING
+-------
+Copyright \(C) 2020 Ander Punnar. You can redistribute it and/or modify it
+under the terms of the GNU General Public License as published by the Free
+Software Foundation, either version 3 of the License, or (at your option) any
+later version.
diff --git a/cdist/conf/type/__apt_unattended_upgrades/manifest b/cdist/conf/type/__apt_unattended_upgrades/manifest
new file mode 100755
index 00000000..3c00e2f4
--- /dev/null
+++ b/cdist/conf/type/__apt_unattended_upgrades/manifest
@@ -0,0 +1,80 @@
+#!/bin/sh -e
+#
+# 2020 Ander Punnar (ander-at-kvlt-dot-ee)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+__package unattended-upgrades
+
+export require='__package/unattended-upgrades'
+
+# in normal circumstances 20auto-upgrades is managed
+# by debconf and it can only contain these lines
+
+__file /etc/apt/apt.conf.d/20auto-upgrades \
+ --owner root \
+ --group root \
+ --mode 644 \
+ --source - << EOF
+APT::Periodic::Update-Package-Lists "1";
+APT::Periodic::Unattended-Upgrade "1";
+EOF
+
+# lets not write into upstream 50unattended-upgrades file,
+# but use our own config file to avoid clashes
+
+conf_file='/etc/apt/apt.conf.d/51unattended-upgrades-cdist'
+
+conf='# this file is managed by cdist'
+
+if [ -f "$__object/parameter/option" ]
+then
+ o=''
+
+ while read -r l
+ do
+ o="$( printf '%s\nUnattended-Upgrade::%s "%s";\n' "$o" "${l%%=*}" "${l#*=}" )"
+ done \
+ < "$__object/parameter/option"
+
+ conf="$( printf '%s\n%s\n' "$conf" "$o" )"
+fi
+
+if [ -f "$__object/parameter/blacklist" ]
+then
+ b='Unattended-Upgrade::Package-Blacklist {'
+
+ while read -r l
+ do
+ b="$( printf '%s\n"%s";\n' "$b" "$l" )"
+ done \
+ < "$__object/parameter/blacklist"
+
+ conf="$( printf '%s\n%s\n}\n' "$conf" "$b" )"
+fi
+
+if [ "$( echo "$conf" | wc -l )" -gt 1 ]
+then
+ echo "$conf" \
+ | __file "$conf_file" \
+ --owner root \
+ --group root \
+ --mode 644 \
+ --source -
+else
+ __file "$conf_file" --state absent
+fi
diff --git a/cdist/conf/type/__apt_unattended_upgrades/parameter/optional_multiple b/cdist/conf/type/__apt_unattended_upgrades/parameter/optional_multiple
new file mode 100644
index 00000000..ea4fba2b
--- /dev/null
+++ b/cdist/conf/type/__apt_unattended_upgrades/parameter/optional_multiple
@@ -0,0 +1,2 @@
+option
+blacklist
diff --git a/cdist/test/cdist_object/fixtures/object/__first/man/.cdist/.keep b/cdist/conf/type/__apt_unattended_upgrades/singleton
similarity index 100%
rename from cdist/test/cdist_object/fixtures/object/__first/man/.cdist/.keep
rename to cdist/conf/type/__apt_unattended_upgrades/singleton
diff --git a/cdist/conf/type/__apt_update_index/gencode-remote b/cdist/conf/type/__apt_update_index/gencode-remote
index 61ce11a9..70b59710 100755
--- a/cdist/conf/type/__apt_update_index/gencode-remote
+++ b/cdist/conf/type/__apt_update_index/gencode-remote
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/sh -e
#
# 2011 Steven Armstrong (steven-cdist at armstrong.cc)
#
diff --git a/cdist/conf/type/__apt_update_index/man.rst b/cdist/conf/type/__apt_update_index/man.rst
new file mode 100644
index 00000000..3031902f
--- /dev/null
+++ b/cdist/conf/type/__apt_update_index/man.rst
@@ -0,0 +1,41 @@
+cdist-type__apt_update_index(7)
+===============================
+
+NAME
+----
+cdist-type__apt_update_index - Update apt's package index
+
+
+DESCRIPTION
+-----------
+This cdist type runs apt-get update whenever any apt sources have changed.
+
+
+REQUIRED PARAMETERS
+-------------------
+None.
+
+OPTIONAL PARAMETERS
+-------------------
+None.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __apt_update_index
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2011 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__apt_update_index/man.text b/cdist/conf/type/__apt_update_index/man.text
deleted file mode 100644
index 778af508..00000000
--- a/cdist/conf/type/__apt_update_index/man.text
+++ /dev/null
@@ -1,41 +0,0 @@
-cdist-type__apt_update_index(7)
-===============================
-Steven Armstrong
-
-
-NAME
-----
-cdist-type__apt_update_index - update apt's package index
-
-
-DESCRIPTION
------------
-This cdist type runs apt-get update whenever any apt sources have changed.
-
-
-REQUIRED PARAMETERS
--------------------
-None.
-
-OPTIONAL PARAMETERS
--------------------
-None.
-
-
-EXAMPLES
---------
-
---------------------------------------------------------------------------------
-__apt_update_index
---------------------------------------------------------------------------------
-
-
-SEE ALSO
---------
-- cdist-type(7)
-
-
-COPYING
--------
-Copyright \(C) 2011 Steven Armstrong. Free use of this software is
-granted under the terms of the GNU General Public License version 3 (GPLv3).
diff --git a/cdist/conf/type/__block/explorer/block b/cdist/conf/type/__block/explorer/block
new file mode 100755
index 00000000..e1ca3441
--- /dev/null
+++ b/cdist/conf/type/__block/explorer/block
@@ -0,0 +1,40 @@
+#!/bin/sh
+#
+# 2013 Steven Armstrong (steven-cdist armstrong.cc)
+# 2014 Nico Schottelius (nico-cdist at schottelius.org)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+
+file="$(cat "$__object/parameter/file" 2>/dev/null || echo "/$__object_id")"
+
+# file does not exist, nothing we could do
+[ -f "$file" ] || exit 0
+
+prefix=$(cat "$__object/parameter/prefix" 2>/dev/null || echo "#cdist:__block/$__object_id")
+suffix=$(cat "$__object/parameter/suffix" 2>/dev/null || echo "#/cdist:__block/$__object_id")
+awk -v prefix="^$prefix\$" -v suffix="^$suffix\$" '{
+ if (match($0,prefix)) {
+ triggered=1
+ }
+ if (triggered) {
+ if (match($0,suffix)) {
+ triggered=0
+ }
+ print
+ }
+}' "$file"
diff --git a/cdist/conf/type/__block/gencode-remote b/cdist/conf/type/__block/gencode-remote
new file mode 100755
index 00000000..1f5cc033
--- /dev/null
+++ b/cdist/conf/type/__block/gencode-remote
@@ -0,0 +1,89 @@
+#!/bin/sh -e
+#
+# 2013 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+# quote function from http://www.etalabs.net/sh_tricks.html
+quote() {
+ printf '%s\n' "$1" | sed "s/'/'\\\\''/g;1s/^/'/;\$s/\$/'/"
+}
+
+file="$(cat "$__object/parameter/file" 2>/dev/null || echo "/$__object_id")"
+state_should=$(cat "$__object/parameter/state")
+prefix=$(cat "$__object/parameter/prefix" 2>/dev/null || echo "#cdist:__block/$__object_id")
+suffix=$(cat "$__object/parameter/suffix" 2>/dev/null || echo "#/cdist:__block/$__object_id")
+
+block="$__object/files/block"
+if [ ! -s "$__object/explorer/block" ]; then
+ state_is='absent'
+else
+ state_is=$(diff -q "$block" "$__object/explorer/block" >/dev/null \
+ && echo present \
+ || echo changed
+ )
+fi
+
+state_should="$(cat "$__object/parameter/state")"
+if [ "$state_should" = "$state_is" ]; then
+ # Nothing to do, move along
+ exit 0
+fi
+
+remove_block() {
+ cat << DONE
+tmpfile=\$(mktemp ${file}.cdist.XXXXXXXXXX)
+# preserve ownership and permissions of existing file
+if [ -f "$file" ]; then
+ cp -p "$file" "\$tmpfile"
+fi
+awk -v prefix=^$(quote "$prefix")\$ -v suffix=^$(quote "$suffix")\$ '
+{
+ if (match(\$0,prefix)) {
+ triggered=1
+ }
+ if (triggered) {
+ if (match(\$0,suffix)) {
+ triggered=0
+ }
+ } else {
+ print
+ }
+}' "$file" > "\$tmpfile"
+mv -f "\$tmpfile" "$file"
+DONE
+}
+
+case "$state_should" in
+ present)
+ if [ "$state_is" = "changed" ]; then
+ echo update >> "$__messages_out"
+ remove_block
+ else
+ echo add >> "$__messages_out"
+ fi
+ cat << DONE
+cat >> "$file" << ${__type##*/}_DONE
+$(cat "$block")
+${__type##*/}_DONE
+DONE
+ ;;
+ absent)
+ echo remove >> "$__messages_out"
+ remove_block
+ ;;
+esac
diff --git a/cdist/conf/type/__block/man.rst b/cdist/conf/type/__block/man.rst
new file mode 100644
index 00000000..90e50381
--- /dev/null
+++ b/cdist/conf/type/__block/man.rst
@@ -0,0 +1,82 @@
+cdist-type__block(7)
+====================
+
+NAME
+----
+cdist-type__block - Manage blocks of text in files
+
+
+DESCRIPTION
+-----------
+Manage a block of text in an existing file.
+The block is identified using the prefix and suffix parameters.
+Everything between prefix and suffix is considered to be a managed block
+of text.
+
+
+REQUIRED PARAMETERS
+-------------------
+text
+ the text to manage.
+ If text is '-' (dash), take what was written to stdin as the text.
+
+
+OPTIONAL PARAMETERS
+-------------------
+file
+ the file in which to manage the text block.
+ Defaults to object_id.
+
+prefix
+ the prefix to add before the text.
+ Defaults to #cdist:__block/$__object_id
+
+suffix
+ the suffix to add after the text.
+ Defaults to #/cdist:__block/$__object_id
+
+state
+ 'present' or 'absent', defaults to 'present'
+
+
+MESSAGES
+--------
+add
+ block was added
+update
+ block was updated/changed
+remove
+ block was removed
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # text from argument
+ __block /path/to/file \
+ --prefix '#start' \
+ --suffix '#end' \
+ --text 'some\nblock of\ntext'
+
+ # text from stdin
+ __block some-id \
+ --file /path/to/file \
+ --text - << DONE
+ here some block
+ of text
+ DONE
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2013 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__block/manifest b/cdist/conf/type/__block/manifest
new file mode 100755
index 00000000..726950d3
--- /dev/null
+++ b/cdist/conf/type/__block/manifest
@@ -0,0 +1,34 @@
+#!/bin/sh -e
+#
+# 2013-2014 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+prefix=$(cat "$__object/parameter/prefix" 2>/dev/null || echo "#cdist:__block/$__object_id")
+suffix=$(cat "$__object/parameter/suffix" 2>/dev/null || echo "#/cdist:__block/$__object_id")
+text=$(cat "$__object/parameter/text")
+
+mkdir "$__object/files"
+# Generate text block for inclusion in file
+block="$__object/files/block"
+echo "$prefix" > "$block"
+if [ "$text" = "-" ]; then
+ cat "$__object/stdin" >> "$block"
+else
+ echo "$text" >> "$block"
+fi
+echo "$suffix" >> "$block"
diff --git a/cdist/conf/type/__block/parameter/default/state b/cdist/conf/type/__block/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__block/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__block/parameter/optional b/cdist/conf/type/__block/parameter/optional
new file mode 100644
index 00000000..fa3abebf
--- /dev/null
+++ b/cdist/conf/type/__block/parameter/optional
@@ -0,0 +1,4 @@
+file
+prefix
+state
+suffix
diff --git a/cdist/conf/type/__block/parameter/required b/cdist/conf/type/__block/parameter/required
new file mode 100644
index 00000000..8e27be7d
--- /dev/null
+++ b/cdist/conf/type/__block/parameter/required
@@ -0,0 +1 @@
+text
diff --git a/cdist/conf/type/__directory/explorer/owner b/cdist/conf/type/__ccollect_source/explorer/cksum
old mode 100644
new mode 100755
similarity index 70%
rename from cdist/conf/type/__directory/explorer/owner
rename to cdist/conf/type/__ccollect_source/explorer/cksum
index cebd199b..335e4e7a
--- a/cdist/conf/type/__directory/explorer/owner
+++ b/cdist/conf/type/__ccollect_source/explorer/cksum
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# 2011 Nico Schottelius (nico-cdist at schottelius.org)
+# 2011-2012 Nico Schottelius (nico-cdist at schottelius.org)
#
# This file is part of cdist.
#
@@ -18,22 +18,17 @@
# along with cdist. If not, see .
#
#
-# Check whether file exists or not
+# Retrieve the md5sum of a file to be created, if it is already existing.
#
destination="/$__object_id"
-os=$("$__explorer/os")
-
-case "$os" in
- "freebsd")
- cmd="stat -f %Su"
- ;;
- *)
- cmd="stat -c %U"
- ;;
-esac
if [ -e "$destination" ]; then
- $cmd "$destination"
+ if [ -f "$destination" ]; then
+ cksum < "$destination"
+ else
+ echo "NO REGULAR FILE"
+ fi
+else
+ echo "NO FILE FOUND, NO CHECKSUM CALCULATED."
fi
-
diff --git a/cdist/conf/type/__ccollect_source/explorer/stat b/cdist/conf/type/__ccollect_source/explorer/stat
new file mode 100755
index 00000000..9b5ad75b
--- /dev/null
+++ b/cdist/conf/type/__ccollect_source/explorer/stat
@@ -0,0 +1,56 @@
+#!/bin/sh
+#
+# 2013 Steven Armstrong (steven-cdist armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+destination="/$__object_id"
+
+# nothing to work with, nothing we could do
+[ -e "$destination" ] || exit 0
+
+os=$("$__explorer/os")
+case "$os" in
+ "freebsd"|"netbsd"|"openbsd")
+ # FIXME: should be something like this based on man page, but can not test
+ stat -f "type: %ST
+owner: %Du %Su
+group: %Dg %Sg
+mode: %Op %Sp
+size: %Dz
+links: %Dl
+" "$destination"
+ ;;
+ "macosx")
+ stat -f "type: %HT
+ owner: %Du %Su
+ group: %Dg %Sg
+ mode: %Lp %Sp
+ size: %Dz
+ links: %Dl
+ " "$destination"
+ ;;
+ *)
+ stat --printf="type: %F
+owner: %u %U
+group: %g %G
+mode: %a %A
+size: %s
+links: %h
+" "$destination"
+ ;;
+esac
diff --git a/cdist/conf/type/__directory/explorer/group b/cdist/conf/type/__ccollect_source/explorer/type
old mode 100644
new mode 100755
similarity index 71%
rename from cdist/conf/type/__directory/explorer/group
rename to cdist/conf/type/__ccollect_source/explorer/type
index e5be37da..e723047c
--- a/cdist/conf/type/__directory/explorer/group
+++ b/cdist/conf/type/__ccollect_source/explorer/type
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# 2011 Nico Schottelius (nico-cdist at schottelius.org)
+# 2013 Steven Armstrong (steven-cdist armstrong.cc)
#
# This file is part of cdist.
#
@@ -17,23 +17,17 @@
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see .
#
-#
-# Check whether file exists or not
-#
destination="/$__object_id"
-os=$("$__explorer/os")
-case "$os" in
- "freebsd")
- cmd="stat -f %Sg"
- ;;
- *)
- cmd="stat -c %G"
- ;;
-esac
-
-if [ -e "$destination" ]; then
- $cmd "$destination"
+if [ ! -e "$destination" ]; then
+ echo none
+elif [ -h "$destination" ]; then
+ echo symlink
+elif [ -f "$destination" ]; then
+ echo file
+elif [ -d "$destination" ]; then
+ echo directory
+else
+ echo unknown
fi
-
diff --git a/cdist/conf/type/__ccollect_source/gencode-remote b/cdist/conf/type/__ccollect_source/gencode-remote
new file mode 100755
index 00000000..57353c24
--- /dev/null
+++ b/cdist/conf/type/__ccollect_source/gencode-remote
@@ -0,0 +1,92 @@
+#!/bin/sh -e
+#
+# 2014 Nico Schottelius (nico-cdist at schottelius.org)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+destination="/$__object_id"
+state_should="$(cat "$__object/parameter/state")"
+type="$(cat "$__object/explorer/type")"
+stat_file="$__object/explorer/stat"
+
+
+get_current_value() {
+ if [ -s "$stat_file" ]; then
+ _name="$1"
+ _value="$2"
+ case "$_value" in
+ [0-9]*)
+ _index=2
+ ;;
+ *)
+ _index=3
+ ;;
+ esac
+ awk '/'"$_name"':/ { print $'$_index' }' "$stat_file"
+ unset _name _value _index
+ fi
+}
+
+set_group() {
+ echo "chgrp '$1' '$destination'"
+ echo "chgrp '$1'" >> "$__messages_out"
+}
+
+set_owner() {
+ echo "chown '$1' '$destination'"
+ echo "chown '$1'" >> "$__messages_out"
+}
+
+set_mode() {
+ echo "chmod '$1' '$destination'"
+ echo "chmod '$1'" >> "$__messages_out"
+}
+
+case "$state_should" in
+ present|exists)
+ # Note: Mode - needs to happen last as a chown/chgrp can alter mode by
+ # clearing S_ISUID and S_ISGID bits (see chown(2))
+ for attribute in group owner mode; do
+ if [ -f "$__object/parameter/$attribute" ]; then
+ value_should="$(cat "$__object/parameter/$attribute")"
+
+ # change 0xxx format to xxx format => same as stat returns
+ if [ "$attribute" = mode ]; then
+ value_should="$(echo "$value_should" | sed 's/^0\(...\)/\1/')"
+ fi
+
+ value_is="$(get_current_value "$attribute" "$value_should")"
+ if [ -f "$__object/files/set-attributes" ] || [ "$value_should" != "$value_is" ]; then
+ "set_$attribute" "$value_should"
+ fi
+ fi
+ done
+
+ ;;
+
+ absent)
+ if [ "$type" = "file" ]; then
+ echo "rm -f '$destination'"
+ echo remove >> "$__messages_out"
+ fi
+ ;;
+
+ *)
+ echo "Unknown state: $state_should" >&2
+ exit 1
+ ;;
+esac
diff --git a/cdist/conf/type/__ccollect_source/man.rst b/cdist/conf/type/__ccollect_source/man.rst
new file mode 100644
index 00000000..b0c23482
--- /dev/null
+++ b/cdist/conf/type/__ccollect_source/man.rst
@@ -0,0 +1,78 @@
+cdist-type__ccollect_source(7)
+==============================
+
+NAME
+----
+cdist-type__ccollect_source - Manage ccollect sources
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to create or delete ccollect sources.
+
+
+REQUIRED PARAMETERS
+-------------------
+source
+ The source from which to backup
+destination
+ The destination directory
+
+
+OPTIONAL PARAMETERS
+-------------------
+state
+ 'present' or 'absent', defaults to 'present'
+ccollectconf
+ The CCOLLECT_CONF directory. Defaults to /etc/ccollect.
+
+
+OPTIONAL MULTIPLE PARAMETERS
+----------------------------
+exclude
+ Paths to exclude of backup
+
+
+BOOLEAN PARAMETERS
+------------------
+verbose
+ Whether to report backup verbosely
+
+create-destination
+ Create the directory specified in the destination parameter on the remote host
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __ccollect_source doc.ungleich.ch \
+ --source doc.ungleich.ch:/ \
+ --destination /backup/doc.ungleich.ch \
+ --exclude '/proc/*' --exclude '/sys/*' \
+ --verbose
+
+ __ccollect_source doc.ungleich.ch \
+ --source doc.ungleich.ch:/ \
+ --destination /backup/doc.ungleich.ch \
+ --exclude '/proc/*' --exclude '/sys/*' \
+ --verbose \
+ --create-destination
+
+
+SEE ALSO
+--------
+:strong:`ccollect`\ (1)
+
+
+AUTHORS
+-------
+Nico Schottelius
+
+
+COPYING
+-------
+Copyright \(C) 2014 Nico Schottelius. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__ccollect_source/manifest b/cdist/conf/type/__ccollect_source/manifest
new file mode 100755
index 00000000..727a4c97
--- /dev/null
+++ b/cdist/conf/type/__ccollect_source/manifest
@@ -0,0 +1,59 @@
+#!/bin/sh -e
+#
+# 2014 Nico Schottelius (nico-cdist at schottelius.org)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+name="$__object_id"
+state="$(cat "$__object/parameter/state")"
+source="$(cat "$__object/parameter/source")"
+destination="$(cat "$__object/parameter/destination")"
+ccollectconf="$(sed 's,/$,,' "$__object/parameter/ccollectconf")"
+
+sourcedir="$ccollectconf/sources"
+basedir="$sourcedir/$name"
+
+destination_file="$basedir/destination"
+source_file="$basedir/source"
+exclude_file="$basedir/exclude"
+verbose_file="$basedir/verbose"
+
+__directory "$basedir" --state "$state"
+
+export require="__directory$basedir"
+echo "$destination" | __file "$destination_file" --source - --state "$state"
+echo "$source" | __file "$source_file" --source - --state "$state"
+
+################################################################################
+# Booleans
+if [ "${state}" = "absent" ]; then
+ verbosestate="absent"
+elif [ -f "$__object/parameter/verbose" ]; then
+ verbosestate="present"
+else
+ verbosestate="absent"
+fi
+__file "$verbose_file" --state "$verbosestate"
+
+if [ -f "$__object/parameter/exclude" ]; then
+ __file "$exclude_file" --source - --state "$state" \
+ < "$__object/parameter/exclude"
+fi
+
+if [ -f "$__object/parameter/create-destination" ]; then
+ __directory "${destination}" --parents --state "${state}"
+fi
diff --git a/cdist/conf/type/__ccollect_source/parameter/boolean b/cdist/conf/type/__ccollect_source/parameter/boolean
new file mode 100644
index 00000000..434c644f
--- /dev/null
+++ b/cdist/conf/type/__ccollect_source/parameter/boolean
@@ -0,0 +1,2 @@
+verbose
+create-destination
diff --git a/cdist/conf/type/__ccollect_source/parameter/default/ccollectconf b/cdist/conf/type/__ccollect_source/parameter/default/ccollectconf
new file mode 100644
index 00000000..a9fda009
--- /dev/null
+++ b/cdist/conf/type/__ccollect_source/parameter/default/ccollectconf
@@ -0,0 +1 @@
+/etc/ccollect
diff --git a/cdist/conf/type/__ccollect_source/parameter/default/state b/cdist/conf/type/__ccollect_source/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__ccollect_source/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__ccollect_source/parameter/optional b/cdist/conf/type/__ccollect_source/parameter/optional
new file mode 100644
index 00000000..0249d11e
--- /dev/null
+++ b/cdist/conf/type/__ccollect_source/parameter/optional
@@ -0,0 +1,2 @@
+ccollectconf
+state
diff --git a/cdist/conf/type/__ccollect_source/parameter/optional_multiple b/cdist/conf/type/__ccollect_source/parameter/optional_multiple
new file mode 100644
index 00000000..9ba870ea
--- /dev/null
+++ b/cdist/conf/type/__ccollect_source/parameter/optional_multiple
@@ -0,0 +1 @@
+exclude
diff --git a/cdist/conf/type/__ccollect_source/parameter/required b/cdist/conf/type/__ccollect_source/parameter/required
new file mode 100644
index 00000000..9239646e
--- /dev/null
+++ b/cdist/conf/type/__ccollect_source/parameter/required
@@ -0,0 +1,2 @@
+source
+destination
diff --git a/cdist/conf/type/__cdist/man.text b/cdist/conf/type/__cdist/man.rst
similarity index 55%
rename from cdist/conf/type/__cdist/man.text
rename to cdist/conf/type/__cdist/man.rst
index 0805598e..be082781 100644
--- a/cdist/conf/type/__cdist/man.text
+++ b/cdist/conf/type/__cdist/man.rst
@@ -1,7 +1,5 @@
cdist-type__cdist(7)
====================
-Nico Schottelius
-
NAME
----
@@ -26,16 +24,16 @@ REQUIRED PARAMETERS
OPTIONAL PARAMETERS
-------------------
-username::
+username
Select the user to create for the cdist installation.
Defaults to "cdist".
-source::
+source
Select the source from which to clone cdist from.
- Defaults to "git://github.com/telmich/cdist.git".
+ Defaults to "git@code.ungleich.ch:ungleich-public/cdist.git".
-branch::
+branch
Select the branch to checkout from.
Defaults to "master".
@@ -43,21 +41,23 @@ branch::
EXAMPLES
--------
---------------------------------------------------------------------------------
-# Install cdist for user cdist in her home as subfolder cdist
-__cdist /home/cdist/cdist
+.. code-block:: sh
-# Use alternative source
-__cdist --source "git://git.schottelius.org/cdist" /home/cdist/cdist
---------------------------------------------------------------------------------
+ # Install cdist for user cdist in her home as subfolder cdist
+ __cdist /home/cdist/cdist
+
+ # Use alternative source
+ __cdist --source "git@code.ungleich.ch:ungleich-public/cdist.git" /home/cdist/cdist
-SEE ALSO
---------
-- cdist-type(7)
+AUTHORS
+-------
+Nico Schottelius
COPYING
-------
-Copyright \(C) 2013 Nico Schottelius. Free use of this software is
-granted under the terms of the GNU General Public License version 3 (GPLv3).
+Copyright \(C) 2013 Nico Schottelius. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__cdist/manifest b/cdist/conf/type/__cdist/manifest
index 16498c95..0b0f1263 100755
--- a/cdist/conf/type/__cdist/manifest
+++ b/cdist/conf/type/__cdist/manifest
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/sh -e
#
# 2013 Nico Schottelius (nico-cdist at schottelius.org)
#
@@ -21,26 +21,28 @@
directory="$__object_id"
-if [ -f "$__object/parameter/username" ]; then
- username="$(cat "$__object/parameter/username")"
+if [ -f "$__object/parameter/shell" ]; then
+ shell="--shell $(cat "$__object/parameter/shell")"
else
- username="cdist"
+ shell=""
fi
-if [ -f "$__object/parameter/branch" ]; then
- branch="$(cat "$__object/parameter/branch")"
-else
- branch="master"
-fi
+username="$(cat "$__object/parameter/username")"
-if [ -f "$__object/parameter/source" ]; then
- source="$(cat "$__object/parameter/source")"
-else
- source="git://github.com/telmich/cdist.git"
-fi
+branch="$(cat "$__object/parameter/branch")"
-__user "$username"
+source="$(cat "$__object/parameter/source")"
-require="__user/$username" __git "$directory" \
+# Currently hardcoded - if anyone cares, make a parameter
+# out of it
+home=/home/$username
+
+# shellcheck disable=SC2086
+__user "$username" --home "$home" $shell
+
+require="__user/$username" __directory "$home" \
+ --owner "$username"
+
+require="__user/$username __directory/$home" __git "$directory" \
--source "$source" \
--owner "$username" --branch "$branch"
diff --git a/cdist/conf/type/__cdist/parameter/default/branch b/cdist/conf/type/__cdist/parameter/default/branch
new file mode 100644
index 00000000..1f7391f9
--- /dev/null
+++ b/cdist/conf/type/__cdist/parameter/default/branch
@@ -0,0 +1 @@
+master
diff --git a/cdist/conf/type/__cdist/parameter/default/source b/cdist/conf/type/__cdist/parameter/default/source
new file mode 100644
index 00000000..1ad3a250
--- /dev/null
+++ b/cdist/conf/type/__cdist/parameter/default/source
@@ -0,0 +1 @@
+git@code.ungleich.ch:ungleich-public/cdist.git
diff --git a/cdist/conf/type/__cdist/parameter/default/username b/cdist/conf/type/__cdist/parameter/default/username
new file mode 100644
index 00000000..a585e141
--- /dev/null
+++ b/cdist/conf/type/__cdist/parameter/default/username
@@ -0,0 +1 @@
+cdist
diff --git a/cdist/conf/type/__cdist/parameter/optional b/cdist/conf/type/__cdist/parameter/optional
index d6582730..a5f14343 100644
--- a/cdist/conf/type/__cdist/parameter/optional
+++ b/cdist/conf/type/__cdist/parameter/optional
@@ -1,3 +1,4 @@
branch
source
username
+shell
diff --git a/cdist/conf/type/__cdistmarker/gencode-remote b/cdist/conf/type/__cdistmarker/gencode-remote
index e332df38..e71955c4 100755
--- a/cdist/conf/type/__cdistmarker/gencode-remote
+++ b/cdist/conf/type/__cdistmarker/gencode-remote
@@ -1,8 +1,8 @@
-#!/bin/sh
+#!/bin/sh -e
#
# Copyright (C) 2011 Daniel Maher (phrawzty+cdist at gmail.com)
#
-# This file is part of cdist (https://github.com/telmich/cdist/).
+# This file is part of cdist.
#
# cdist is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@@ -19,19 +19,11 @@
#
# The marker file is established in the docs, but it isn't obligatory.
-if [ -f "$__object/parameter/destination" ]; then
- destination="$(cat "$__object/parameter/destination")"
-else
- destination='/etc/cdist-configured'
-fi
+destination="$(cat "$__object/parameter/destination")"
# The basic output of date is usually good enough, but variety is the
# spice of life...
-if [ -f "$__object/parameter/format" ]; then
- format="$(cat "$__object/parameter/format")"
-else
- format='-u'
-fi
+format="$(cat "$__object/parameter/format")"
# Dump the timestamp in UTC to the marker
echo "date $format > $destination"
diff --git a/cdist/conf/type/__cdistmarker/man.text b/cdist/conf/type/__cdistmarker/man.rst
similarity index 60%
rename from cdist/conf/type/__cdistmarker/man.text
rename to cdist/conf/type/__cdistmarker/man.rst
index ca5611a7..f3a8bafe 100644
--- a/cdist/conf/type/__cdistmarker/man.text
+++ b/cdist/conf/type/__cdistmarker/man.rst
@@ -1,7 +1,5 @@
cdist-type__cdistmarker(7)
==========================
-Daniel Maher
-
NAME
----
@@ -23,11 +21,11 @@ None.
OPTIONAL PARAMETERS
-------------------
-destination::
+destination
The path and filename of the marker.
Default: /etc/cdist-configured
-format::
+format
The format of the timestamp. This is passed directly to system 'date'.
Default: -u
@@ -35,21 +33,23 @@ format::
EXAMPLES
--------
---------------------------------------------------------------------------------
-# Creates the marker as normal.
-__cdistmarker
+.. code-block:: sh
-# Creates the marker differently.
-__cdistmarker --file /tmp/cdist_marker --format '+%s'
---------------------------------------------------------------------------------
+ # Creates the marker as normal.
+ __cdistmarker
+
+ # Creates the marker differently.
+ __cdistmarker --destination /tmp/cdist_marker --format '+%s'
-SEE ALSO
---------
-- cdist-type(7)
+AUTHORS
+-------
+Daniel Maher
COPYING
-------
-Copyright \(C) 2011 Daniel Maher. Free use of this software is granted under
-the terms of the GNU General Public License version 3 (GPLv3).
+Copyright \(C) 2011 Daniel Maher. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__cdistmarker/parameter/default/destination b/cdist/conf/type/__cdistmarker/parameter/default/destination
new file mode 100644
index 00000000..bd3a112f
--- /dev/null
+++ b/cdist/conf/type/__cdistmarker/parameter/default/destination
@@ -0,0 +1 @@
+/etc/cdist-configured
diff --git a/cdist/conf/type/__cdistmarker/parameter/default/format b/cdist/conf/type/__cdistmarker/parameter/default/format
new file mode 100644
index 00000000..5dc9e6ec
--- /dev/null
+++ b/cdist/conf/type/__cdistmarker/parameter/default/format
@@ -0,0 +1 @@
+-u
diff --git a/cdist/conf/type/__check_messages/gencode-remote b/cdist/conf/type/__check_messages/gencode-remote
new file mode 100755
index 00000000..ec36cecc
--- /dev/null
+++ b/cdist/conf/type/__check_messages/gencode-remote
@@ -0,0 +1,26 @@
+#!/bin/sh -e
+#
+# 2019 Ander Punnar (ander-at-kvlt-dot-ee)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+if grep -Eq \
+ "$( cat "$__object/parameter/pattern" )" \
+ "$__messages_in"
+then
+ tee "$__messages_out" < "$__object/parameter/execute"
+fi
diff --git a/cdist/conf/type/__check_messages/man.rst b/cdist/conf/type/__check_messages/man.rst
new file mode 100644
index 00000000..5c80a0ae
--- /dev/null
+++ b/cdist/conf/type/__check_messages/man.rst
@@ -0,0 +1,52 @@
+cdist-type__check_messages(7)
+=============================
+
+NAME
+----
+cdist-type__check_messages - Check messages for pattern and execute command on match.
+
+
+DESCRIPTION
+-----------
+Check messages for pattern and execute command on match.
+
+This type is useful if you chain together multiple related types using
+dependencies and want to restart service if at least one type changes
+something.
+
+For more information about messages see `cdist messaging `_.
+
+For more information about dependencies and execution order see
+`cdist manifest `_ documentation.
+
+
+REQUIRED PARAMETERS
+-------------------
+pattern
+ Extended regular expression pattern for search (passed to ``grep -E``).
+
+execute
+ Command to execute on pattern match.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __check_messages munin \
+ --pattern '^__(file|link|line)/etc/munin/' \
+ --execute 'service munin-node restart'
+
+
+AUTHORS
+-------
+Ander Punnar
+
+
+COPYING
+-------
+Copyright \(C) 2019 Ander Punnar. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__check_messages/parameter/required b/cdist/conf/type/__check_messages/parameter/required
new file mode 100644
index 00000000..374363cb
--- /dev/null
+++ b/cdist/conf/type/__check_messages/parameter/required
@@ -0,0 +1,2 @@
+pattern
+execute
diff --git a/cdist/conf/type/__chroot_mount/gencode-local b/cdist/conf/type/__chroot_mount/gencode-local
new file mode 100755
index 00000000..b131346c
--- /dev/null
+++ b/cdist/conf/type/__chroot_mount/gencode-local
@@ -0,0 +1,36 @@
+#!/bin/sh -e
+#
+# 2016 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+chroot="/$__object_id"
+
+if [ -f "$__object/parameter/manage-resolv-conf" ]; then
+ suffix="$(cat "$__object/parameter/manage-resolv-conf")"
+ resolv_conf="${chroot}/etc/resolv.conf"
+ original_resolv_conf="${resolv_conf}.${suffix}"
+ cat << DONE
+$__remote_exec $__target_host << EOSSH
+if [ -f "${resolv_conf}" ]; then
+ mv "${resolv_conf}" "${original_resolv_conf}"
+fi
+# copy hosts resolv.conf into chroot
+cp /etc/resolv.conf "${resolv_conf}"
+EOSSH
+DONE
+fi
diff --git a/cdist/conf/type/__chroot_mount/gencode-remote b/cdist/conf/type/__chroot_mount/gencode-remote
new file mode 100755
index 00000000..4fbb3ffc
--- /dev/null
+++ b/cdist/conf/type/__chroot_mount/gencode-remote
@@ -0,0 +1,44 @@
+#!/bin/sh -e
+#
+# 2012 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+chroot="/$__object_id"
+
+cat << DONE
+# Prepare chroot
+[ -d "${chroot}/proc" ] || mkdir "${chroot}/proc"
+mountpoint -q "${chroot}/proc" \
+ || mount -t proc -o nosuid,noexec,nodev proc "${chroot}/proc"
+
+[ -d "${chroot}/sys" ] || mkdir "${chroot}/sys"
+mountpoint -q "${chroot}/sys" \
+ || mount -t sysfs -o nosuid,noexec,nodev sys "${chroot}/sys"
+
+[ -d "${chroot}/dev" ] || mkdir "${chroot}/dev"
+mountpoint -q "${chroot}/dev" \
+ || mount -t devtmpfs -o mode=0755,nosuid udev "${chroot}/dev"
+
+[ -d "${chroot}/dev/pts" ] || mkdir "${chroot}/dev/pts"
+mountpoint -q "${chroot}/dev/pts" \
+ || mount -t devpts -o mode=0620,gid=5,nosuid,noexec devpts "${chroot}/dev/pts"
+
+[ -d "${chroot}/tmp" ] || mkdir -m 1777 "${chroot}/tmp"
+mountpoint -q "${chroot}/tmp" \
+ || mount -t tmpfs -o mode=1777,strictatime,nodev,nosuid tmpfs "${chroot}/tmp"
+DONE
diff --git a/cdist/conf/type/__chroot_mount/man.rst b/cdist/conf/type/__chroot_mount/man.rst
new file mode 100644
index 00000000..41fd496b
--- /dev/null
+++ b/cdist/conf/type/__chroot_mount/man.rst
@@ -0,0 +1,55 @@
+cdist-type__chroot_mount(7)
+===========================
+
+NAME
+----
+cdist-type__chroot_mount - mount a chroot
+
+
+DESCRIPTION
+-----------
+Mount and prepare a chroot for running commands within it.
+
+
+REQUIRED PARAMETERS
+-------------------
+None
+
+
+OPTIONAL PARAMETERS
+-------------------
+manage-resolv-conf
+ manage /etc/resolv.conf inside the chroot.
+ Use the value of this parameter as the suffix to save a copy
+ of the current /etc/resolv.conf to /etc/resolv.conf.$suffix.
+ This is used by the __chroot_umount type to restore the initial
+ file content when unmounting the chroot.
+
+
+BOOLEAN PARAMETERS
+------------------
+None.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __chroot_mount /path/to/chroot
+
+ __chroot_mount /path/to/chroot \
+ --manage-resolv-conf "some-known-string"
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2012-2017 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__chroot_mount/parameter/optional b/cdist/conf/type/__chroot_mount/parameter/optional
new file mode 100644
index 00000000..27928f2c
--- /dev/null
+++ b/cdist/conf/type/__chroot_mount/parameter/optional
@@ -0,0 +1 @@
+manage-resolv-conf
diff --git a/cdist/conf/type/__chroot_umount/gencode-local b/cdist/conf/type/__chroot_umount/gencode-local
new file mode 100755
index 00000000..b3cb69c6
--- /dev/null
+++ b/cdist/conf/type/__chroot_umount/gencode-local
@@ -0,0 +1,36 @@
+#!/bin/sh -e
+#
+# 2016 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+chroot="/$__object_id"
+
+if [ -f "$__object/parameter/manage-resolv-conf" ]; then
+ suffix="$(cat "$__object/parameter/manage-resolv-conf")"
+ resolv_conf="${chroot}/etc/resolv.conf"
+ original_resolv_conf="${resolv_conf}.${suffix}"
+cat << DONE
+$__remote_exec $__target_host << EOSSH
+if [ -f "${original_resolv_conf}" ]; then
+ # restore original /etc/resolv.conf that we moved out of the way
+ # in __chroot_mount/gencode-local
+ mv -f "${original_resolv_conf}" "${resolv_conf}"
+fi
+EOSSH
+DONE
+fi
diff --git a/cdist/conf/type/__chroot_umount/gencode-remote b/cdist/conf/type/__chroot_umount/gencode-remote
new file mode 100755
index 00000000..ff669e1b
--- /dev/null
+++ b/cdist/conf/type/__chroot_umount/gencode-remote
@@ -0,0 +1,35 @@
+#!/bin/sh -e
+#
+# 2012 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+chroot="/$__object_id"
+
+cat << DONE
+umount -l "${chroot}/tmp"
+umount -l "${chroot}/dev/pts"
+umount -l "${chroot}/dev"
+umount -l "${chroot}/sys"
+umount -l "${chroot}/proc"
+if [ -d "${chroot}/etc/resolvconf/resolv.conf.d" ]; then
+ # ensure /etc/resolvconf/resolv.conf.d/tail is not linked to \
+ # e.g. /etc/resolvconf/resolv.conf.d/original
+ rm -f "${chroot}/etc/resolvconf/resolv.conf.d/tail"
+ touch "${chroot}/etc/resolvconf/resolv.conf.d/tail"
+fi
+DONE
diff --git a/cdist/conf/type/__chroot_umount/man.rst b/cdist/conf/type/__chroot_umount/man.rst
new file mode 100644
index 00000000..2a15f362
--- /dev/null
+++ b/cdist/conf/type/__chroot_umount/man.rst
@@ -0,0 +1,60 @@
+cdist-type__chroot_umount(7)
+============================
+
+NAME
+----
+cdist-type__chroot_umount - unmount a chroot mounted by __chroot_mount
+
+
+DESCRIPTION
+-----------
+Undo what __chroot_mount did.
+
+
+REQUIRED PARAMETERS
+-------------------
+None
+
+
+OPTIONAL PARAMETERS
+-------------------
+manage-resolv-conf
+ manage /etc/resolv.conf inside the chroot.
+ Use the value of this parameter as the suffix to find the backup file
+ that was saved by the __chroot_mount.
+ This is used by the to restore the initial file content when unmounting
+ the chroot.
+
+
+BOOLEAN PARAMETERS
+------------------
+None.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __chroot_umount /path/to/chroot
+
+ __chroot_umount /path/to/chroot \
+ --manage-resolv-conf "some-known-string"
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__chroot_mount`\ (7)
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2012-2017 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__chroot_umount/manifest b/cdist/conf/type/__chroot_umount/manifest
new file mode 100755
index 00000000..b3cb69c6
--- /dev/null
+++ b/cdist/conf/type/__chroot_umount/manifest
@@ -0,0 +1,36 @@
+#!/bin/sh -e
+#
+# 2016 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+chroot="/$__object_id"
+
+if [ -f "$__object/parameter/manage-resolv-conf" ]; then
+ suffix="$(cat "$__object/parameter/manage-resolv-conf")"
+ resolv_conf="${chroot}/etc/resolv.conf"
+ original_resolv_conf="${resolv_conf}.${suffix}"
+cat << DONE
+$__remote_exec $__target_host << EOSSH
+if [ -f "${original_resolv_conf}" ]; then
+ # restore original /etc/resolv.conf that we moved out of the way
+ # in __chroot_mount/gencode-local
+ mv -f "${original_resolv_conf}" "${resolv_conf}"
+fi
+EOSSH
+DONE
+fi
diff --git a/cdist/conf/type/__chroot_umount/parameter/optional b/cdist/conf/type/__chroot_umount/parameter/optional
new file mode 100644
index 00000000..27928f2c
--- /dev/null
+++ b/cdist/conf/type/__chroot_umount/parameter/optional
@@ -0,0 +1 @@
+manage-resolv-conf
diff --git a/cdist/conf/type/__clean_path/explorer/list b/cdist/conf/type/__clean_path/explorer/list
new file mode 100755
index 00000000..07d38127
--- /dev/null
+++ b/cdist/conf/type/__clean_path/explorer/list
@@ -0,0 +1,35 @@
+#!/bin/sh -e
+#
+# 2019 Ander Punnar (ander-at-kvlt-dot-ee)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+path="/$__object_id"
+
+[ ! -d "$path" ] && exit 0
+
+pattern="$( cat "$__object/parameter/pattern" )"
+
+if [ -f "$__object/parameter/exclude" ]
+then
+ exclude="$( cat "$__object/parameter/exclude" )"
+
+ find "$path" -mindepth 1 -maxdepth 1 -regex "$pattern" \
+ -and -not -regex "$exclude"
+else
+ find "$path" -mindepth 1 -maxdepth 1 -regex "$pattern"
+fi
diff --git a/cdist/conf/type/__clean_path/gencode-remote b/cdist/conf/type/__clean_path/gencode-remote
new file mode 100755
index 00000000..998a70d8
--- /dev/null
+++ b/cdist/conf/type/__clean_path/gencode-remote
@@ -0,0 +1,48 @@
+#!/bin/sh -e
+#
+# 2019 Ander Punnar (ander-at-kvlt-dot-ee)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+[ ! -s "$__object/explorer/list" ] && exit 0
+
+path="/$__object_id"
+
+pattern="$( cat "$__object/parameter/pattern" )"
+
+if [ -f "$__object/parameter/exclude" ]
+then
+ exclude="$( cat "$__object/parameter/exclude" )"
+
+ echo "find '$path' -mindepth 1 -maxdepth 1 -regex '$pattern'" \
+ "-and -not -regex '$exclude'" \
+ '-exec rm -rf {} \;'
+else
+ echo "find '$path' -mindepth 1 -maxdepth 1 -regex '$pattern'" \
+ '-exec rm -rf {} \;'
+fi
+
+while read -r f
+do
+ echo "removed '$f'" >> "$__messages_out"
+done \
+< "$__object/explorer/list"
+
+if [ -f "$__object/parameter/onchange" ]
+then
+ cat "$__object/parameter/onchange"
+fi
diff --git a/cdist/conf/type/__clean_path/man.rst b/cdist/conf/type/__clean_path/man.rst
new file mode 100644
index 00000000..826f4589
--- /dev/null
+++ b/cdist/conf/type/__clean_path/man.rst
@@ -0,0 +1,60 @@
+cdist-type__clean_path(7)
+=========================
+
+NAME
+----
+cdist-type__clean_path - Remove files and directories which match the pattern.
+
+
+DESCRIPTION
+-----------
+Remove files and directories which match the pattern.
+
+Provided path (as __object_id) must be a directory.
+
+Patterns are passed to ``find``'s ``-regex`` - see ``find(1)`` for more details.
+
+Look up of files and directories is non-recursive (``-maxdepth 1``).
+
+Parent directory is excluded (``-mindepth 1``).
+
+This type is not POSIX compatible (sorry, Solaris users).
+
+
+REQUIRED PARAMETERS
+-------------------
+pattern
+ Pattern of files which are removed from path.
+
+
+OPTIONAL PARAMETERS
+-------------------
+exclude
+ Pattern of files which are excluded from removal.
+
+onchange
+ The code to run if files or directories were removed.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __clean_path /etc/apache2/conf-enabled \
+ --pattern '.+' \
+ --exclude '.+\(charset\.conf\|security\.conf\)' \
+ --onchange 'service apache2 restart'
+
+
+AUTHORS
+-------
+Ander Punnar
+
+
+COPYING
+-------
+Copyright \(C) 2019 Ander Punnar. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__clean_path/parameter/optional b/cdist/conf/type/__clean_path/parameter/optional
new file mode 100644
index 00000000..6f313474
--- /dev/null
+++ b/cdist/conf/type/__clean_path/parameter/optional
@@ -0,0 +1,2 @@
+exclude
+onchange
diff --git a/cdist/conf/type/__clean_path/parameter/required b/cdist/conf/type/__clean_path/parameter/required
new file mode 100644
index 00000000..54774947
--- /dev/null
+++ b/cdist/conf/type/__clean_path/parameter/required
@@ -0,0 +1 @@
+pattern
diff --git a/cdist/conf/type/__config_file/gencode-remote b/cdist/conf/type/__config_file/gencode-remote
new file mode 100755
index 00000000..5f1626be
--- /dev/null
+++ b/cdist/conf/type/__config_file/gencode-remote
@@ -0,0 +1,27 @@
+#!/bin/sh -e
+#
+# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+destination="$__object_id"
+
+if [ -f "$__object/parameter/onchange" ]; then
+ if grep -q "^__file/${destination}" "$__messages_in"; then
+ cat "$__object/parameter/onchange"
+ fi
+fi
diff --git a/cdist/conf/type/__config_file/man.rst b/cdist/conf/type/__config_file/man.rst
new file mode 100644
index 00000000..5e0e58bd
--- /dev/null
+++ b/cdist/conf/type/__config_file/man.rst
@@ -0,0 +1,64 @@
+cdist-type__config_file(7)
+==========================
+
+NAME
+----
+cdist-type__config_file - _Manages config files
+
+
+DESCRIPTION
+-----------
+Deploy config files using the file type.
+Run the given code if the files changes.
+
+
+REQUIRED PARAMETERS
+-------------------
+None.
+
+
+OPTIONAL PARAMETERS
+-------------------
+group
+ see cdist-type__file
+mode
+ see cdist-type__file
+onchange
+ the code to run if the file changes
+owner
+ see cdist-type__file
+source
+ Path to the config file.
+ If source is '-' (dash), take what was written to stdin as the config file content.
+state
+ see cdist-type__file
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __config_file /etc/consul/conf.d/watch_foo.json \
+ --owner root --group consul --mode 640 \
+ --source "$__type/files/watch_foo.json" \
+ --state present \
+ --onchange 'service consul status >/dev/null && service consul reload || true'
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__file`\ (7)
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2015 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__config_file/manifest b/cdist/conf/type/__config_file/manifest
new file mode 100755
index 00000000..be8f9f67
--- /dev/null
+++ b/cdist/conf/type/__config_file/manifest
@@ -0,0 +1,42 @@
+#!/bin/sh -e
+#
+# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+set -- "/${__object_id}"
+cd "$__object/parameter/"
+for param in *; do
+ case "$param" in
+ source)
+ source="$(cat "$__object/parameter/source")"
+ if [ "$source" = "-" ]; then
+ source="$__object/stdin"
+ fi
+ set -- "$@" --source "$source"
+ ;;
+ owner|group|mode|state)
+ set -- "$@" "--${param}" "$(cat "$__object/parameter/$param")"
+ ;;
+ *)
+ # ignore unknown parameters
+ :
+ ;;
+ esac
+done
+
+__file "$@"
diff --git a/cdist/conf/type/__config_file/parameter/default/state b/cdist/conf/type/__config_file/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__config_file/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__config_file/parameter/optional b/cdist/conf/type/__config_file/parameter/optional
new file mode 100644
index 00000000..085c7725
--- /dev/null
+++ b/cdist/conf/type/__config_file/parameter/optional
@@ -0,0 +1,6 @@
+group
+mode
+onchange
+owner
+source
+state
diff --git a/cdist/conf/type/__consul/files/versions/0.4.1/cksum b/cdist/conf/type/__consul/files/versions/0.4.1/cksum
new file mode 100644
index 00000000..edba1a68
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/0.4.1/cksum
@@ -0,0 +1 @@
+428915666 15738724 consul
diff --git a/cdist/conf/type/__consul/files/versions/0.4.1/source b/cdist/conf/type/__consul/files/versions/0.4.1/source
new file mode 100644
index 00000000..b1e9908d
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/0.4.1/source
@@ -0,0 +1 @@
+https://dl.bintray.com/mitchellh/consul/0.4.1_linux_amd64.zip
diff --git a/cdist/conf/type/__consul/files/versions/0.5.0/cksum b/cdist/conf/type/__consul/files/versions/0.5.0/cksum
new file mode 100644
index 00000000..fe9888ae
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/0.5.0/cksum
@@ -0,0 +1 @@
+131560372 17734417 consul
diff --git a/cdist/conf/type/__consul/files/versions/0.5.0/source b/cdist/conf/type/__consul/files/versions/0.5.0/source
new file mode 100644
index 00000000..00a209a5
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/0.5.0/source
@@ -0,0 +1 @@
+https://dl.bintray.com/mitchellh/consul/0.5.0_linux_amd64.zip
diff --git a/cdist/conf/type/__consul/files/versions/0.5.1/cksum b/cdist/conf/type/__consul/files/versions/0.5.1/cksum
new file mode 100644
index 00000000..a176ed43
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/0.5.1/cksum
@@ -0,0 +1 @@
+2564582176 18232733 consul
diff --git a/cdist/conf/type/__consul/files/versions/0.5.1/source b/cdist/conf/type/__consul/files/versions/0.5.1/source
new file mode 100644
index 00000000..f02a1103
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/0.5.1/source
@@ -0,0 +1 @@
+https://dl.bintray.com/mitchellh/consul/0.5.1_linux_amd64.zip
diff --git a/cdist/conf/type/__consul/files/versions/0.5.2/cksum b/cdist/conf/type/__consul/files/versions/0.5.2/cksum
new file mode 100644
index 00000000..1c077266
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/0.5.2/cksum
@@ -0,0 +1 @@
+2207534901 18245010 consul
diff --git a/cdist/conf/type/__consul/files/versions/0.5.2/source b/cdist/conf/type/__consul/files/versions/0.5.2/source
new file mode 100644
index 00000000..43b43d55
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/0.5.2/source
@@ -0,0 +1 @@
+https://releases.hashicorp.com/consul/0.5.2/consul_0.5.2_linux_amd64.zip
diff --git a/cdist/conf/type/__consul/files/versions/0.6.0/cksum b/cdist/conf/type/__consul/files/versions/0.6.0/cksum
new file mode 100644
index 00000000..bf41a9b8
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/0.6.0/cksum
@@ -0,0 +1 @@
+688442448 19798264 consul
diff --git a/cdist/conf/type/__consul/files/versions/0.6.0/source b/cdist/conf/type/__consul/files/versions/0.6.0/source
new file mode 100644
index 00000000..691f2a87
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/0.6.0/source
@@ -0,0 +1 @@
+https://releases.hashicorp.com/consul/0.6.0/consul_0.6.0_linux_amd64.zip
diff --git a/cdist/conf/type/__consul/files/versions/0.6.1/cksum b/cdist/conf/type/__consul/files/versions/0.6.1/cksum
new file mode 100644
index 00000000..aa354351
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/0.6.1/cksum
@@ -0,0 +1 @@
+3100584780 20416856 consul
diff --git a/cdist/conf/type/__consul/files/versions/0.6.1/source b/cdist/conf/type/__consul/files/versions/0.6.1/source
new file mode 100644
index 00000000..3b20388f
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/0.6.1/source
@@ -0,0 +1 @@
+https://releases.hashicorp.com/consul/0.6.1/consul_0.6.1_linux_amd64.zip
diff --git a/cdist/conf/type/__consul/files/versions/0.6.2/cksum b/cdist/conf/type/__consul/files/versions/0.6.2/cksum
new file mode 100644
index 00000000..9c0b35c5
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/0.6.2/cksum
@@ -0,0 +1 @@
+2124180907 20416920 consul
diff --git a/cdist/conf/type/__consul/files/versions/0.6.2/source b/cdist/conf/type/__consul/files/versions/0.6.2/source
new file mode 100644
index 00000000..b0c6eeed
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/0.6.2/source
@@ -0,0 +1 @@
+https://releases.hashicorp.com/consul/0.6.2/consul_0.6.2_linux_amd64.zip
diff --git a/cdist/conf/type/__consul/files/versions/0.6.3/cksum b/cdist/conf/type/__consul/files/versions/0.6.3/cksum
new file mode 100644
index 00000000..886d01bb
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/0.6.3/cksum
@@ -0,0 +1 @@
+1832669072 20417720 consul
diff --git a/cdist/conf/type/__consul/files/versions/0.6.3/source b/cdist/conf/type/__consul/files/versions/0.6.3/source
new file mode 100644
index 00000000..fef668be
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/0.6.3/source
@@ -0,0 +1 @@
+https://releases.hashicorp.com/consul/0.6.3/consul_0.6.3_linux_amd64.zip
diff --git a/cdist/conf/type/__consul/files/versions/0.6.4/cksum b/cdist/conf/type/__consul/files/versions/0.6.4/cksum
new file mode 100644
index 00000000..1124b7aa
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/0.6.4/cksum
@@ -0,0 +1 @@
+3832641574 23002736 consul
diff --git a/cdist/conf/type/__consul/files/versions/0.6.4/source b/cdist/conf/type/__consul/files/versions/0.6.4/source
new file mode 100644
index 00000000..96879b8d
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/0.6.4/source
@@ -0,0 +1 @@
+https://releases.hashicorp.com/consul/0.6.4/consul_0.6.4_linux_amd64.zip
diff --git a/cdist/conf/type/__consul/files/versions/0.7.0/cksum b/cdist/conf/type/__consul/files/versions/0.7.0/cksum
new file mode 100644
index 00000000..3bffeedb
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/0.7.0/cksum
@@ -0,0 +1 @@
+695240564 24003648 consul
diff --git a/cdist/conf/type/__consul/files/versions/0.7.0/source b/cdist/conf/type/__consul/files/versions/0.7.0/source
new file mode 100644
index 00000000..ad610fc7
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/0.7.0/source
@@ -0,0 +1 @@
+https://releases.hashicorp.com/consul/0.7.0/consul_0.7.0_linux_amd64.zip
diff --git a/cdist/conf/type/__consul/files/versions/0.7.1/cksum b/cdist/conf/type/__consul/files/versions/0.7.1/cksum
new file mode 100644
index 00000000..476bd9f6
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/0.7.1/cksum
@@ -0,0 +1 @@
+3128343188 28402769 consul
diff --git a/cdist/conf/type/__consul/files/versions/0.7.1/source b/cdist/conf/type/__consul/files/versions/0.7.1/source
new file mode 100644
index 00000000..6ba2e7bf
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/0.7.1/source
@@ -0,0 +1 @@
+https://releases.hashicorp.com/consul/0.7.1/consul_0.7.1_linux_amd64.zip
diff --git a/cdist/conf/type/__consul/files/versions/0.8.1/cksum b/cdist/conf/type/__consul/files/versions/0.8.1/cksum
new file mode 100644
index 00000000..9125cc8f
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/0.8.1/cksum
@@ -0,0 +1 @@
+283033689 36101209 consul
diff --git a/cdist/conf/type/__consul/files/versions/0.8.1/source b/cdist/conf/type/__consul/files/versions/0.8.1/source
new file mode 100644
index 00000000..92386c7c
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/0.8.1/source
@@ -0,0 +1 @@
+https://releases.hashicorp.com/consul/0.8.1/consul_0.8.1_linux_amd64.zip
diff --git a/cdist/conf/type/__consul/files/versions/1.0.6/cksum b/cdist/conf/type/__consul/files/versions/1.0.6/cksum
new file mode 100644
index 00000000..b70b55f4
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/1.0.6/cksum
@@ -0,0 +1 @@
+4120550353 48801129 consul
diff --git a/cdist/conf/type/__consul/files/versions/1.0.6/source b/cdist/conf/type/__consul/files/versions/1.0.6/source
new file mode 100644
index 00000000..769d3134
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/1.0.6/source
@@ -0,0 +1 @@
+https://releases.hashicorp.com/consul/1.0.6/consul_1.0.6_linux_amd64.zip
diff --git a/cdist/conf/type/__consul/files/versions/1.2.3/cksum b/cdist/conf/type/__consul/files/versions/1.2.3/cksum
new file mode 100644
index 00000000..6352409e
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/1.2.3/cksum
@@ -0,0 +1 @@
+191982 110369685
diff --git a/cdist/conf/type/__consul/files/versions/1.2.3/source b/cdist/conf/type/__consul/files/versions/1.2.3/source
new file mode 100644
index 00000000..5e67bc37
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/1.2.3/source
@@ -0,0 +1 @@
+https://releases.hashicorp.com/consul/1.2.3/consul_1.2.3_linux_amd64.zip
diff --git a/cdist/conf/type/__consul/files/versions/1.3.0/cksum b/cdist/conf/type/__consul/files/versions/1.3.0/cksum
new file mode 100644
index 00000000..7a885378
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/1.3.0/cksum
@@ -0,0 +1 @@
+1714523667 98363467 consul
diff --git a/cdist/conf/type/__consul/files/versions/1.3.0/source b/cdist/conf/type/__consul/files/versions/1.3.0/source
new file mode 100644
index 00000000..18a1ba8e
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/1.3.0/source
@@ -0,0 +1 @@
+https://releases.hashicorp.com/consul/1.3.0/consul_1.3.0_linux_amd64.zip
diff --git a/cdist/conf/type/__consul/files/versions/1.5.0/cksum b/cdist/conf/type/__consul/files/versions/1.5.0/cksum
new file mode 100644
index 00000000..efca9caa
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/1.5.0/cksum
@@ -0,0 +1 @@
+886614099 103959898 consul
diff --git a/cdist/conf/type/__consul/files/versions/1.5.0/source b/cdist/conf/type/__consul/files/versions/1.5.0/source
new file mode 100644
index 00000000..cafa9248
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/1.5.0/source
@@ -0,0 +1 @@
+https://releases.hashicorp.com/consul/1.5.0/consul_1.5.0_linux_amd64.zip
diff --git a/cdist/conf/type/__consul/gencode-remote b/cdist/conf/type/__consul/gencode-remote
new file mode 100755
index 00000000..2a21054f
--- /dev/null
+++ b/cdist/conf/type/__consul/gencode-remote
@@ -0,0 +1,63 @@
+#!/bin/sh -e
+#
+# 2018 Darko Poljak (darko.poljak at gmail.com)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+#set -x
+
+if [ ! -f "$__object/parameter/direct" ]; then
+ # Nothing here, staged file is used.
+ exit 0
+fi
+
+state=$(cat "$__object/parameter/state")
+destination="/usr/local/bin/consul"
+
+if [ "$state" = "absent" ]; then
+ printf 'rm -f "%s"' "$destination"
+ exit 0
+fi
+
+versions_dir="$__type/files/versions"
+version="$(cat "$__object/parameter/version")"
+version_dir="$versions_dir/$version"
+
+source=$(cat "$version_dir/source")
+source_file_name="${source##*/}"
+cksum_should=$(cut -d' ' -f1,2 "$version_dir/cksum")
+
+cat << eof
+ tmpdir=\$(mktemp -d -p /tmp "${__type##*/}.XXXXXXXXXX")
+ curl -s -L "$source" > "\$tmpdir/$source_file_name"
+ unzip -p "\$tmpdir/$source_file_name" > "${destination}.tmp"
+ rm -rf "\$tmpdir"
+
+ cksum_is=\$(cksum "${destination}.tmp" | cut -d' ' -f1,2)
+ if [ "\$cksum_is" = "$cksum_should" ]; then
+ rm -f "${destination}"
+ mv "${destination}.tmp" "${destination}"
+ chown root:root "$destination"
+ chmod 755 "$destination"
+ else
+ rm -f "${destination}.tmp"
+ echo "Failed to verify checksum for $__object_name" >&2
+ exit 1
+ fi
+eof
+
+echo "/usr/local/bin/consul created" >> "$__messages_out"
diff --git a/cdist/conf/type/__consul/man.rst b/cdist/conf/type/__consul/man.rst
new file mode 100644
index 00000000..5b2db50a
--- /dev/null
+++ b/cdist/conf/type/__consul/man.rst
@@ -0,0 +1,75 @@
+cdist-type__consul(7)
+=====================
+
+NAME
+----
+cdist-type__consul - Install consul
+
+
+DESCRIPTION
+-----------
+Downloads and installs the consul binary from https://dl.bintray.com/mitchellh/consul.
+Note that the consul binary is downloaded on the server (the machine running
+cdist) and then deployed to the target host using the __file type unless --direct
+parameter is used.
+
+
+REQUIRED PARAMETERS
+-------------------
+None.
+
+
+OPTIONAL PARAMETERS
+-------------------
+state
+ either 'present' or 'absent'. Defaults to 'present'
+
+version
+ which version of consul to install. See ./files/versions for a list of
+ supported versions. Defaults to the latest known version.
+
+
+BOOLEAN PARAMETERS
+------------------
+direct
+ Download and deploy consul binary directly on the target machine.
+
+
+MESSAGES
+--------
+If consul binary is created using __staged_file then underlaying __file type messages are emitted.
+
+If consul binary is created by direct method then the following messages are emitted:
+
+/usr/local/bin/consul created
+ consul binary was created
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # just install using defaults
+ __consul
+
+ # install by downloading consul binary directly on the target machine
+ __consul --direct
+
+ # specific version
+ __consul \
+ --version 0.4.1
+
+
+AUTHORS
+-------
+| Steven Armstrong
+| Darko Poljak
+
+
+COPYING
+-------
+Copyright \(C) 2015 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__consul/manifest b/cdist/conf/type/__consul/manifest
new file mode 100755
index 00000000..156eb667
--- /dev/null
+++ b/cdist/conf/type/__consul/manifest
@@ -0,0 +1,61 @@
+#!/bin/sh -e
+#
+# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
+# 2016 Nico Schottelius (nico-cdist at schottelius.org)
+# 2018 Darko Poljak (darko.poljak at gmail.com)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+
+os=$(cat "$__global/explorer/os")
+
+case "$os" in
+ alpine|scientific|centos|redhat|ubuntu|debian|devuan|archlinux|gentoo)
+ # any linux should work
+ :
+ ;;
+ *)
+ echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2
+ echo "Please contribute an implementation for it if you can." >&2
+ exit 1
+ ;;
+esac
+
+versions_dir="$__type/files/versions"
+version="$(cat "$__object/parameter/version")"
+version_dir="$versions_dir/$version"
+
+if [ ! -d "$version_dir" ]; then
+ echo "Unknown consul version '$version'. Expected one of:" >&2
+ ls "$versions_dir" >&2
+ exit 1
+fi
+
+if [ -f "$__object/parameter/direct" ]; then
+ __package unzip
+ __package curl
+else
+ __staged_file /usr/local/bin/consul \
+ --source "$(cat "$version_dir/source")" \
+ --cksum "$(cat "$version_dir/cksum")" \
+ --fetch-command 'curl -s -L "%s"' \
+ --prepare-command 'unzip -p "%s"' \
+ --state "$(cat "$__object/parameter/state")" \
+ --group root \
+ --owner root \
+ --mode 755
+fi
diff --git a/cdist/conf/type/__consul/parameter/boolean b/cdist/conf/type/__consul/parameter/boolean
new file mode 100644
index 00000000..aa81b5e0
--- /dev/null
+++ b/cdist/conf/type/__consul/parameter/boolean
@@ -0,0 +1 @@
+direct
diff --git a/cdist/conf/type/__consul/parameter/default/state b/cdist/conf/type/__consul/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__consul/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__consul/parameter/default/version b/cdist/conf/type/__consul/parameter/default/version
new file mode 100644
index 00000000..af0b7ddb
--- /dev/null
+++ b/cdist/conf/type/__consul/parameter/default/version
@@ -0,0 +1 @@
+1.0.6
diff --git a/cdist/conf/type/__consul/parameter/optional b/cdist/conf/type/__consul/parameter/optional
new file mode 100644
index 00000000..4d595ed7
--- /dev/null
+++ b/cdist/conf/type/__consul/parameter/optional
@@ -0,0 +1,2 @@
+state
+version
diff --git a/cdist/test/cdist_object/fixtures/object/__first/woman/.cdist/.keep b/cdist/conf/type/__consul/singleton
similarity index 100%
rename from cdist/test/cdist_object/fixtures/object/__first/woman/.cdist/.keep
rename to cdist/conf/type/__consul/singleton
diff --git a/cdist/conf/type/__consul_agent/files/consul-prepare.upstart b/cdist/conf/type/__consul_agent/files/consul-prepare.upstart
new file mode 100644
index 00000000..569220d1
--- /dev/null
+++ b/cdist/conf/type/__consul_agent/files/consul-prepare.upstart
@@ -0,0 +1,9 @@
+start on starting consul
+
+task
+
+script
+ mkdir -p /var/run/consul
+ chown consul:consul /var/run/consul
+ chmod 2770 /var/run/consul
+end script
diff --git a/cdist/conf/type/__consul_agent/files/consul.sys-openrc b/cdist/conf/type/__consul_agent/files/consul.sys-openrc
new file mode 100644
index 00000000..1dbe9375
--- /dev/null
+++ b/cdist/conf/type/__consul_agent/files/consul.sys-openrc
@@ -0,0 +1,38 @@
+#!/sbin/openrc-run
+# 2019 Nico Schottelius (nico-cdist at schottelius.org)
+
+description="consul agent"
+
+pidfile="${CONSUL_PIDFILE:-"/var/run/$RC_SVCNAME/pidfile"}"
+command="${CONSUL_BINARY:-"/usr/local/bin/consul"}"
+
+
+checkconfig() {
+ if [ ! -d /var/run/consul ] ; then
+ mkdir -p /var/run/consul || return 1
+ chown consul:consul /var/run/$NAME || return 1
+ chmod 2770 /var/run/$NAME || return 1
+ fi
+}
+
+start() {
+ need net
+
+ start-stop-daemon --start --quiet --oknodo \
+ --pidfile "$pidfile" --background \
+ --exec $command -- agent -pid-file="$pidfile" -config-dir /etc/consul/conf.d
+}
+start_pre() {
+ checkconfig
+}
+
+stop() {
+ if [ "${RC_CMD}" = "restart" ] ; then
+ checkconfig || return 1
+ fi
+
+ ebegin "Stopping $RC_SVCNAME"
+ start-stop-daemon --stop --exec "$command" \
+ --pidfile "$pidfile" --quiet
+ eend $?
+}
diff --git a/cdist/conf/type/__consul_agent/files/consul.systemd b/cdist/conf/type/__consul_agent/files/consul.systemd
new file mode 100644
index 00000000..8d5fd323
--- /dev/null
+++ b/cdist/conf/type/__consul_agent/files/consul.systemd
@@ -0,0 +1,22 @@
+[Unit]
+Description=Consul Agent
+Wants=basic.target
+After=basic.target network.target
+
+[Service]
+User=consul
+Group=consul
+Environment="GOMAXPROCS=2"
+# Run ExecStartPre with root-permissions
+PermissionsStartOnly=true
+ExecStartPre=/usr/bin/mkdir -p /var/run/consul
+ExecStartPre=/usr/bin/chown consul:consul /var/run/consul
+ExecStartPre=/usr/bin/chmod 2770 /var/run/consul
+ExecStart=/usr/local/bin/consul agent -config-dir /etc/consul/conf.d
+ExecReload=/bin/kill -HUP $MAINPID
+KillMode=process
+Restart=on-failure
+RestartSec=42s
+
+[Install]
+WantedBy=multi-user.target
diff --git a/cdist/conf/type/__consul_agent/files/consul.sysv-debian b/cdist/conf/type/__consul_agent/files/consul.sysv-debian
new file mode 100644
index 00000000..4f43c000
--- /dev/null
+++ b/cdist/conf/type/__consul_agent/files/consul.sysv-debian
@@ -0,0 +1,94 @@
+#!/bin/sh
+#
+# 2015-2018 Nico Schottelius (nico-cdist at schottelius.org)
+# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+### BEGIN INIT INFO
+# Provides: consul
+# Required-Start: $network $local_fs $remote_fs
+# Required-Stop: $local_fs
+# Should-Start:
+# Should-Stop:
+# Short-Description: consul
+# Description: consul agent
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+### END INIT INFO
+
+if [ -f "/etc/default/consul" ]; then
+ # shellcheck disable=SC1091
+ . /etc/default/consul
+fi
+
+# shellcheck disable=SC1091
+. /lib/lsb/init-functions
+
+NAME=consul
+CONSUL=/usr/local/bin/consul
+CONFIG=/etc/$NAME/conf.d
+PID_FILE=/var/run/$NAME/pidfile
+
+mkdir -p /var/run/$NAME
+chown consul:consul /var/run/$NAME
+chmod 2770 /var/run/$NAME
+
+export PATH="${PATH:+$PATH:}/usr/sbin:/sbin"
+
+case "$1" in
+ start)
+ log_daemon_msg "Starting consul agent" "consul" || true
+ if start-stop-daemon --start --quiet --oknodo \
+ --pidfile "$PID_FILE" --background \
+ --exec $CONSUL -- agent -pid-file="$PID_FILE" -config-dir "$CONFIG"; then
+ log_end_msg 0 || true
+ else
+ log_end_msg 1 || true
+ fi
+ ;;
+
+ stop)
+ log_daemon_msg "Stopping consul agent" "consul" || true
+ if start-stop-daemon --stop --quiet --oknodo --pidfile $PID_FILE; then
+ log_end_msg 0 || true
+ else
+ log_end_msg 1 || true
+ fi
+ ;;
+
+ reload)
+ log_daemon_msg "Reloading consul agent" "consul" || true
+ if start-stop-daemon --stop --signal HUP --quiet --oknodo --pidfile $PID_FILE --exec $CONSUL; then
+ log_end_msg 0 || true
+ else
+ log_end_msg 1 || true
+ fi
+ ;;
+
+ restart)
+ $0 stop && $0 start
+ ;;
+
+ status)
+ status_of_proc -p $PID_FILE $CONSUL consul && exit 0 || exit $?
+ ;;
+
+ *)
+ log_action_msg "Usage: /etc/init.d/consul {start|stop|reload|restart|status}"
+ exit 1
+ ;;
+esac
diff --git a/cdist/conf/type/__consul_agent/files/consul.sysv-redhat b/cdist/conf/type/__consul_agent/files/consul.sysv-redhat
new file mode 100644
index 00000000..58fc9bd9
--- /dev/null
+++ b/cdist/conf/type/__consul_agent/files/consul.sysv-redhat
@@ -0,0 +1,98 @@
+#!/bin/bash
+#
+# /etc/rc.d/init.d/consul
+#
+# Daemonize the consul agent.
+#
+# chkconfig: 2345 95 95
+# description: Service discovery and configuration made easy. \
+# Distributed, highly available, and datacenter-aware.
+# processname: consul
+# pidfile: /var/run/consul/pidfile
+
+# Source function library.
+
+# shellcheck disable=SC1091
+. /etc/init.d/functions
+NAME=consul
+CONSUL=/usr/local/bin/consul
+CONFIG="/etc/$NAME/conf.d"
+PID_FILE="/var/run/$NAME/pidfile"
+LOG_FILE="/var/log/$NAME"
+
+# shellcheck disable=SC1090
+[ -e "/etc/sysconfig/$NAME" ] && . "/etc/sysconfig/$NAME"
+export GOMAXPROCS="${GOMAXPROCS:-2}"
+
+mkdir -p "/var/run/$NAME"
+chown consul:consul "/var/run/$NAME"
+chmod 2770 "/var/run/$NAME"
+
+
+start() {
+ printf "Starting %s: " "$NAME"
+ daemon --user=consul \
+ --pidfile="$PID_FILE" \
+ "$CONSUL" agent -pid-file="$PID_FILE" -config-dir "$CONFIG" >> "$LOG_FILE" &
+ retcode=$?
+ touch "/var/lock/subsys/$NAME"
+ return "$retcode"
+}
+
+stop() {
+ printf "Shutting down %s: " "$NAME"
+ killproc -p "$PID_FILE" "$NAME"
+ retcode=$?
+ rm -f "/var/lock/subsys/$NAME"
+ return "$retcode"
+}
+
+case "$1" in
+ start)
+ if status -p "$PID_FILE" "$NAME" >/dev/null; then
+ echo "$NAME already running"
+ else
+ start
+ fi
+ ;;
+ stop)
+ if status -p "$PID_FILE" "$NAME" >/dev/null; then
+ stop
+ else
+ echo "$NAME not running"
+ fi
+ ;;
+ info)
+ "$CONSUL" info
+ ;;
+ status)
+ status -p "$PID_FILE" "$NAME"
+ exit $?
+ ;;
+ restart)
+ if status -p "$PID_FILE" "$NAME" >/dev/null; then
+ stop
+ fi
+ start
+ ;;
+ reload)
+ if status -p "$PID_FILE" "$NAME" >/dev/null; then
+ kill -HUP "$(cat "$PID_FILE")"
+ else
+ echo "$NAME not running"
+ fi
+ ;;
+ condrestart)
+ if [ -f "/var/lock/subsys/$NAME" ]; then
+ if status -p "$PID_FILE" "$NAME" >/dev/null; then
+ stop
+ fi
+ start
+ fi
+ ;;
+ *)
+ echo "Usage: $NAME {start|stop|status|reload|restart|condrestart|info}"
+ exit 1
+ ;;
+esac
+exit $?
diff --git a/cdist/conf/type/__consul_agent/files/consul.upstart b/cdist/conf/type/__consul_agent/files/consul.upstart
new file mode 100644
index 00000000..ed0c7b8e
--- /dev/null
+++ b/cdist/conf/type/__consul_agent/files/consul.upstart
@@ -0,0 +1,13 @@
+description "Consul Agent"
+start on (local-filesystems and net-device-up IFACE!=lo)
+stop on runlevel [06]
+
+setuid consul
+setgid consul
+
+respawn
+respawn limit 10 10
+kill timeout 10
+
+exec /usr/local/bin/consul agent -config-dir /etc/consul/conf.d
+
diff --git a/cdist/conf/type/__consul_agent/gencode-remote b/cdist/conf/type/__consul_agent/gencode-remote
new file mode 100755
index 00000000..997aa831
--- /dev/null
+++ b/cdist/conf/type/__consul_agent/gencode-remote
@@ -0,0 +1,31 @@
+#!/bin/sh -e
+#
+# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+service="consul"
+state="$(cat "$__object/parameter/state")"
+
+case "$state" in
+ present)
+ :
+ ;;
+ absent)
+ echo "service $service stop || true"
+ ;;
+esac
diff --git a/cdist/conf/type/__consul_agent/man.rst b/cdist/conf/type/__consul_agent/man.rst
new file mode 100644
index 00000000..62ee70bb
--- /dev/null
+++ b/cdist/conf/type/__consul_agent/man.rst
@@ -0,0 +1,184 @@
+cdist-type__consul_agent(7)
+===========================
+
+NAME
+----
+cdist-type__consul_agent - Manage the consul agent
+
+
+DESCRIPTION
+-----------
+Configure and manage the consul agent.
+
+
+REQUIRED PARAMETERS
+-------------------
+None.
+
+
+OPTIONAL PARAMETERS
+-------------------
+acl-datacenter
+ only used by servers. This designates the datacenter which is authoritative
+ for ACL information.
+
+acl-default-policy
+ either "allow" or "deny"; defaults to "allow". The default policy controls the
+ behavior of a token when there is no matching rule.
+
+acl-down-policy
+ either "allow", "deny" or "extend-cache"; "extend-cache" is the default.
+
+acl-master-token
+ only used for servers in the acl_datacenter. This token will be created with
+ management-level permissions if it does not exist. It allows operators to
+ bootstrap the ACL system with a token ID that is well-known.
+
+acl-token
+ when provided, the agent will use this token when making requests to the
+ Consul servers.
+
+acl-ttl
+ used to control Time-To-Live caching of ACLs.
+
+bind-addr
+ sets the bind address for cluster communication
+
+bootstrap-expect
+ sets server to expect bootstrap mode
+
+ca-file-source
+ path to a PEM encoded certificate authority file which will be uploaded and
+ configure using the ca_file config option.
+
+cert-file-source
+ path to a PEM encoded certificate file which will be uploaded and
+ configure using the cert_file config option.
+
+client-addr
+ sets the address to bind for client access
+
+datacenter
+ datacenter of the agent
+
+encrypt
+ provides the gossip encryption key
+
+group
+ the primary group for the agent
+
+json-config
+ path to a partial json config file without leading { and trailing }.
+ If json-config is '-' (dash), take what was written to stdin as the file content.
+
+key-file-source
+ path to a PEM encoded private key file which will be uploaded and
+ configure using the key_file config option.
+
+node-name
+ name of this node. Must be unique in the cluster
+
+retry-join
+ address to attempt joining every retry_interval until at least one join works.
+ Can be specified multiple times.
+
+user
+ the user to run the agent as
+
+state
+ if the agent is 'present' or 'absent'. Defaults to 'present'.
+ Currently state=absent is not working due to some dependency issues.
+
+
+BOOLEAN PARAMETERS
+------------------
+disable-remote-exec
+ disables support for remote execution. When set to true, the agent will ignore any incoming remote exec requests.
+
+disable-update-check
+ disables automatic checking for security bulletins and new version releases
+
+leave-on-terminate
+ gracefully leave cluster on SIGTERM
+
+rejoin-after-leave
+ rejoin the cluster using the previous state after leaving
+
+server
+ used to control if an agent is in server or client mode
+
+enable-syslog
+ enables logging to syslog
+
+verify-incoming
+ enforce the use of TLS and verify a client's authenticity on incoming connections
+
+verify-outgoing
+ enforce the use of TLS and verify the peers authenticity on outgoing connections
+
+use-distribution-package
+ uses distribution package instead of upstream binary
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # configure as server, bootstrap and rejoin
+ hostname="$(cat "$__global/explorer/hostname")"
+ __consul_agent \
+ --datacenter dc1 \
+ --node-name "${hostname%%.*}" \
+ --disable-update-check \
+ --server \
+ --rejoin-after-leave \
+ --bootstrap-expect 3 \
+ --retry-join consul-01 \
+ --retry-join consul-02 \
+ --retry-join consul-03
+
+ # configure as server, bootstrap and rejoin with ssl support
+ hostname="$(cat "$__global/explorer/hostname")"
+ __consul_agent \
+ --datacenter dc1 \
+ --node-name "${hostname%%.*}" \
+ --disable-update-check \
+ --server \
+ --rejoin-after-leave \
+ --bootstrap-expect 3 \
+ --retry-join consul-01 \
+ --retry-join consul-02 \
+ --retry-join consul-03 \
+ --ca-file-source /path/to/ca.pem \
+ --cert-file-source /path/to/cert.pem \
+ --key-file-source /path/to/key.pem \
+ --verify-incoming \
+ --verify-outgoing
+
+ # configure as client and try joining existing cluster
+ __consul_agent \
+ --datacenter dc1 \
+ --node-name "${hostname%%.*}" \
+ --disable-update-check \
+ --retry-join consul-01 \
+ --retry-join consul-02 \
+ --retry-join consul-03
+
+
+SEE ALSO
+--------
+consul documentation at: .
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2015 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__consul_agent/manifest b/cdist/conf/type/__consul_agent/manifest
new file mode 100755
index 00000000..7b54529c
--- /dev/null
+++ b/cdist/conf/type/__consul_agent/manifest
@@ -0,0 +1,319 @@
+#!/bin/sh -e
+#
+# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
+# 2015-2020 Nico Schottelius (nico-cdist at schottelius.org)
+# 2019 Timothée Floure (timothee.floure at ungleich.ch)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+os=$(cat "$__global/explorer/os")
+
+###
+# Type parameters.
+
+state="$(cat "$__object/parameter/state")"
+user="$(cat "$__object/parameter/user")"
+group="$(cat "$__object/parameter/group")"
+release=$(cat "$__global/explorer/lsb_release")
+if [ -f "$__object/parameter/use-distribution-package" ]; then
+ use_distribution_package=1
+fi
+
+###
+# Those are default that might be overriden by os-specific logic.
+
+data_dir="/var/lib/consul"
+
+
+
+tls_dir="$conf_dir/tls"
+
+case "$os" in
+ alpine)
+ conf_dir="/etc/consul"
+ conf_file="server.json"
+ ;;
+ *)
+ conf_dir="/etc/consul/conf.d"
+ conf_file="config.json"
+ ;;
+esac
+
+###
+# Sane deployment, based on distribution package when available.
+
+distribution_setup () {
+ case "$os" in
+ debian)
+ # consul is only available starting Debian 10 (buster).
+ # See https://packages.debian.org/buster/consul
+ if [ "$release" -lt 10 ]; then
+ echo "Consul is not available for your debian release." >&2
+ echo "Please use the 'manual' (i.e. non-package) installation or \
+ upgrade the target system." >&2
+ exit 1
+ fi
+
+ # Override previously defined environment to match debian packaging.
+ conf_dir='/etc/consul.d'
+ user='consul'
+ group='consul'
+ ;;
+ alpine)
+ # consul is only available starting Alpine 3.12 (= edge during the 3.11 cycle).
+ # See https://pkgs.alpinelinux.org/packages?name=consul&branch=edge
+
+ # Override previously defined environment to match alpine packaging.
+ conf_dir='/etc/consul'
+ conf_file='server.json'
+ data_dir='/var/consul'
+ user='consul'
+ group='consul'
+ ;;
+ *)
+ echo "Your operating system ($os) is currently not supported with the \
+ --use-distribution-package flag (${__type##*/})." >&2
+ echo "Please use non-package installation or contribute an \
+ implementation for if you can." >&2
+ exit 1
+ ;;
+ esac
+
+ # Install consul package.
+ __package consul --state "$state"
+
+ export config_deployment_requires="__package/consul"
+}
+
+###
+# LEGACY manual deployment, kept for compatibility reasons.
+
+init_sysvinit()
+{
+ __file /etc/init.d/consul \
+ --owner root --group root --mode 0755 \
+ --state "$state" \
+ --source "$__type/files/consul.sysv-$1"
+ require="__file/etc/init.d/consul" __start_on_boot consul
+}
+
+init_systemd()
+{
+ __file /lib/systemd/system/consul.service \
+ --owner root --group root --mode 0644 \
+ --state "$state" \
+ --source "$__type/files/consul.systemd"
+ require="__file/lib/systemd/system/consul.service" __start_on_boot consul
+}
+
+init_upstart()
+{
+ __file /etc/init/consul-prepare.conf \
+ --owner root --group root --mode 0644 \
+ --state "$state" \
+ --source "$__type/files/consul-prepare.upstart"
+ require="__file/etc/init/consul-prepare.conf" \
+ __file /etc/init/consul.conf \
+ --owner root --group root --mode 0644 \
+ --state "$state" \
+ --source "$__type/files/consul.upstart"
+ require="__file/etc/init/consul.conf" __start_on_boot consul
+}
+
+manual_setup () {
+ case "$os" in
+ alpine|scientific|centos|debian|devuan|redhat|ubuntu)
+ # whitelist safeguard
+ :
+ ;;
+ *)
+ echo "Your operating system ($os) is currently not supported by this \
+ type (${__type##*/})." >&2
+ echo "Please contribute an implementation for it if you can." >&2
+ exit 1
+ ;;
+ esac
+
+ # FIXME: there has got to be a better way to handle the dependencies in this case
+ case "$state" in
+ present)
+ __group "$group" --system --state "$state"
+ require="__group/$group" __user "$user" \
+ --system --gid "$group" --home "$data_dir" --state "$state"
+ ;;
+ *)
+ echo "The $state state is not (yet?) supported by this type." >&2
+ exit 1
+ ;;
+ esac
+
+ # Create data directory.
+ require="__user/consul" __directory "$data_dir" \
+ --owner "$user" --group "$group" --mode 770 --state "$state"
+
+ # Create config directory.
+ require="__user/consul" __directory "$conf_dir" \
+ --parents --owner root --group "$group" --mode 750 --state "$state"
+
+ # Install init script to start on boot
+ case "$os" in
+ devuan)
+ init_sysvinit debian
+ ;;
+ centos|redhat)
+ os_version="$(sed 's/[^0-9.]//g' "$__global/explorer/os_version")"
+ major_version="${os_version%%.*}"
+ case "$major_version" in
+ [456])
+ init_sysvinit redhat
+ ;;
+ 7)
+ init_systemd
+ ;;
+ *)
+ echo "Unsupported CentOS/Redhat version: $os_version" >&2
+ exit 1
+ ;;
+ esac
+ ;;
+
+ debian)
+ os_version=$(cat "$__global/explorer/os_version")
+ major_version="${os_version%%.*}"
+
+ case "$major_version" in
+ [567])
+ init_sysvinit debian
+ ;;
+ [89]|10)
+ init_systemd
+ ;;
+ *)
+ echo "Unsupported Debian version $os_version" >&2
+ exit 1
+ ;;
+ esac
+ ;;
+
+ ubuntu)
+ init_upstart
+ ;;
+ esac
+
+ config_deployment_requires="__user/consul __directory/$conf_dir"
+}
+
+###
+# Trigger requested installation method.
+if [ $use_distribution_package ]; then
+ distribution_setup
+else
+ manual_setup
+fi
+
+###
+# Install TLS certificates.
+
+if [ -f "$__object/parameter/ca-file-source" ] || \
+ [ -f "$__object/parameter/cert-file-source" ] || \
+ [ -f "$__object/parameter/key-file-source" ]; then
+
+ requires="$config_deployment_requires" __directory "$tls_dir" \
+ --owner root --group "$group" --mode 750 --state "$state"
+
+ # Append to service restart requirements.
+ restart_requires="$restart_requires __directory/$conf_dir/tls"
+fi
+
+###
+# Generate and deploy configuration.
+
+json_configuration=$(
+ echo "{"
+
+ # parameters we define ourself
+ printf ' "data_dir": "%s"\n' "$data_dir"
+
+ cd "$__object/parameter/"
+ for param in *; do
+ case "$param" in
+ state|user|group|json-config|use-distribution-package) continue ;;
+ ca-file-source|cert-file-source|key-file-source)
+ source="$(cat "$__object/parameter/$param")"
+ destination="$tls_dir/${source##*/}"
+ require="__directory/$tls_dir" \
+ __file "$destination" \
+ --owner root --group consul --mode 640 \
+ --source "$source" \
+ --state "$state"
+ key="$(echo "${param%-*}" | tr '-' '_')"
+ printf ' ,"%s": "%s"\n' "$key" "$destination"
+ ;;
+ disable-remote-exec|disable-update-check|leave-on-terminate\
+ |rejoin-after-leave|server|enable-syslog|verify-incoming|verify-outgoing)
+ # handle boolean parameters
+ key="$(echo "$param" | tr '-' '_')"
+ printf ' ,"%s": true\n' "$key"
+ ;;
+ retry-join)
+ # join multiple parameters into json array
+ retry_join="$(awk '{printf "\""$1"\","}' "$__object/parameter/retry-join")"
+ # remove trailing ,
+ printf ' ,"retry_join": [%s]\n' "${retry_join%*,}"
+ ;;
+ retry-join-wan)
+ # join multiple parameters into json array over wan
+ retry_join_wan="$(awk '{printf "\""$1"\","}' "$__object/parameter/retry-join-wan")"
+ # remove trailing ,
+ printf ' ,"retry_join_wan": [%s]\n' "${retry_join_wan%*,}"
+ ;;
+ bootstrap-expect)
+ # integer key=value parameters
+ key="$(echo "$param" | tr '-' '_')"
+ printf ' ,"%s": %s\n' "$key" "$(cat "$__object/parameter/$param")"
+ ;;
+ *)
+ # string key=value parameters
+ key="$(echo "$param" | tr '-' '_')"
+ printf ' ,"%s": "%s"\n' "$key" "$(cat "$__object/parameter/$param")"
+ ;;
+ esac
+ done
+ if [ -f "$__object/parameter/json-config" ]; then
+ json_config="$(cat "$__object/parameter/json-config")"
+ if [ "$json_config" = "-" ]; then
+ json_config="$__object/stdin"
+ fi
+ # remove leading and trailing whitespace and commas from first and last line
+ # indent each line with 3 spaces for consistency
+ json=$(sed -e 's/^[ \t]*/ /' -e '1s/^[ \t,]*//' -e '$s/[ \t,]*$//' "$json_config")
+ printf ' ,%s\n' "$json"
+ fi
+ echo "}"
+)
+echo "$json_configuration" | require="$config_deployment_requires" \
+ __file "$conf_dir/$conf_file" \
+ --owner root --group "$group" --mode 640 \
+ --state "$state" \
+ --source -
+
+# Set configuration deployment as requirement for service restart.
+restart_requires="__file/$conf_dir/$conf_file"
+
+###
+# Restart consul agent after everything else.
+require="$restart_requires" __service consul --action restart
diff --git a/cdist/conf/type/__consul_agent/parameter/boolean b/cdist/conf/type/__consul_agent/parameter/boolean
new file mode 100644
index 00000000..c86853c3
--- /dev/null
+++ b/cdist/conf/type/__consul_agent/parameter/boolean
@@ -0,0 +1,9 @@
+disable-remote-exec
+disable-update-check
+leave-on-terminate
+rejoin-after-leave
+server
+enable-syslog
+verify-incoming
+verify-outgoing
+use-distribution-package
diff --git a/cdist/conf/type/__consul_agent/parameter/default/group b/cdist/conf/type/__consul_agent/parameter/default/group
new file mode 100644
index 00000000..7d22c92b
--- /dev/null
+++ b/cdist/conf/type/__consul_agent/parameter/default/group
@@ -0,0 +1 @@
+consul
diff --git a/cdist/conf/type/__consul_agent/parameter/default/state b/cdist/conf/type/__consul_agent/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__consul_agent/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__consul_agent/parameter/default/user b/cdist/conf/type/__consul_agent/parameter/default/user
new file mode 100644
index 00000000..7d22c92b
--- /dev/null
+++ b/cdist/conf/type/__consul_agent/parameter/default/user
@@ -0,0 +1 @@
+consul
diff --git a/cdist/conf/type/__consul_agent/parameter/optional b/cdist/conf/type/__consul_agent/parameter/optional
new file mode 100644
index 00000000..37aad8c1
--- /dev/null
+++ b/cdist/conf/type/__consul_agent/parameter/optional
@@ -0,0 +1,20 @@
+acl-datacenter
+acl-default-policy
+acl-down-policy
+acl-master-token
+acl-token
+acl-ttl
+bind-addr
+bootstrap-expect
+ca-file-source
+cert-file-source
+client-addr
+datacenter
+encrypt
+group
+json-config
+key-file-source
+node-name
+user
+state
+advertise-wan
diff --git a/cdist/conf/type/__consul_agent/parameter/optional_multiple b/cdist/conf/type/__consul_agent/parameter/optional_multiple
new file mode 100644
index 00000000..740e4d7f
--- /dev/null
+++ b/cdist/conf/type/__consul_agent/parameter/optional_multiple
@@ -0,0 +1,2 @@
+retry-join
+retry-join-wan
diff --git a/cdist/test/cdist_object/fixtures/object/__second/.keep b/cdist/conf/type/__consul_agent/singleton
similarity index 100%
rename from cdist/test/cdist_object/fixtures/object/__second/.keep
rename to cdist/conf/type/__consul_agent/singleton
diff --git a/cdist/conf/type/__consul_check/explorer/conf-dir b/cdist/conf/type/__consul_check/explorer/conf-dir
new file mode 120000
index 00000000..daa712c3
--- /dev/null
+++ b/cdist/conf/type/__consul_check/explorer/conf-dir
@@ -0,0 +1 @@
+../../__consul_service/explorer/conf-dir
\ No newline at end of file
diff --git a/cdist/conf/type/__consul_check/man.rst b/cdist/conf/type/__consul_check/man.rst
new file mode 100644
index 00000000..9694c7af
--- /dev/null
+++ b/cdist/conf/type/__consul_check/man.rst
@@ -0,0 +1,102 @@
+cdist-type__consul_check(7)
+=============================
+
+NAME
+----
+cdist-type__consul_check - Manages consul checks
+
+
+DESCRIPTION
+-----------
+Generate and deploy check definitions for a consul agent.
+See http://www.consul.io/docs/agent/checks.html for parameter documentation.
+
+Use either script together with interval, or use ttl.
+
+
+REQUIRED PARAMETERS
+-------------------
+None.
+
+
+OPTIONAL PARAMETERS
+-------------------
+docker-container-id
+ the id of the docker container to run
+
+http
+ the url to check
+
+id
+ The id of this check.
+
+interval
+ the interval in which the check should run
+
+name
+ The name of this check. Defaults to __object_id
+
+notes
+ human readable description
+
+script
+ the shell command to run
+
+service-id
+ the id of the service this check is bound to
+
+shell
+ the shell to run inside the docker container
+
+state
+ if this check is 'present' or 'absent'. Defaults to 'present'.
+
+status
+ specify the initial state of this health check
+
+tcp
+ the host and port to check
+
+timeout
+ after how long to timeout checks which take to long
+
+token
+ ACL token to use for interacting with the catalog
+
+ttl
+ how long a TTL check is considered healthy without being updated through the
+ HTTP interface
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __consul_check redis \
+ --script /usr/local/bin/check_redis.py \
+ --interval 10s
+
+ __consul_check some-object-id \
+ --id web-app \
+ --name "Web App Status" \
+ --notes "Web app does a curl internally every 10 seconds" \
+ --ttl 30s
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__consul_agent`\ (7)
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2015-2016 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__consul_check/manifest b/cdist/conf/type/__consul_check/manifest
new file mode 100755
index 00000000..522aa1a9
--- /dev/null
+++ b/cdist/conf/type/__consul_check/manifest
@@ -0,0 +1,73 @@
+#!/bin/sh -e
+#
+# 2015-2016 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+name="$(cat "$__object/parameter/name" 2>/dev/null || echo "$__object_id")"
+conf_dir=$(cat "$__object/explorer/conf-dir")
+conf_file="check_${name}.json"
+state="$(cat "$__object/parameter/state")"
+
+# Sanity checks
+if [ -f "$__object/parameter/ttl" ]; then
+ for conflicts_ttl in 'docker-container-id' 'http' 'script' 'tcp' 'timeout'; do
+ if [ -f "$__object/parameter/${conflicts_ttl}" ]; then
+ echo "Can not use --ttl together with --${conflicts_ttl}." >&2
+ exit 1
+ fi
+ done
+fi
+if [ ! -f "$__object/parameter/interval" ]; then
+ for requires_interval in 'docker-id' 'http' 'script' 'tcp'; do
+ if [ -f "$__object/parameter/${requires_interval}" ]; then
+ echo "When using --${requires_interval} you must also define --interval." >&2
+ exit 1
+ fi
+ done
+fi
+if [ -f "$__object/parameter/docker-container-id" ] && [ ! -f "$__object/parameter/script" ]; then
+ echo "When using --docker-container-id you must also define --script." >&2
+ exit 1
+fi
+
+# Generate json config file
+(
+echo "{"
+printf ' "check": {\n'
+printf ' "name": "%s"\n' "$name"
+cd "$__object/parameter/"
+for param in *; do
+ case "$param" in
+ state|name) continue ;;
+ *)
+ key="$(echo "$param" | tr '-' '_')"
+ printf ' ,"%s": "%s"\n' "$key" "$(cat "$__object/parameter/$param")"
+ ;;
+ esac
+done
+# end check
+echo " }"
+# end json file
+echo "}"
+) | \
+require="__directory${conf_dir}" \
+ __config_file "${conf_dir}/${conf_file}" \
+ --owner root --group consul --mode 640 \
+ --state "$state" \
+ --onchange 'service consul status >/dev/null && service consul reload || true' \
+ --source -
diff --git a/cdist/conf/type/__consul_check/parameter/default/state b/cdist/conf/type/__consul_check/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__consul_check/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__consul_check/parameter/optional b/cdist/conf/type/__consul_check/parameter/optional
new file mode 100644
index 00000000..0e392956
--- /dev/null
+++ b/cdist/conf/type/__consul_check/parameter/optional
@@ -0,0 +1,15 @@
+docker-container-id
+http
+id
+interval
+name
+notes
+script
+service-id
+shell
+state
+status
+tcp
+timeout
+token
+ttl
diff --git a/cdist/conf/type/__consul_reload/gencode-remote b/cdist/conf/type/__consul_reload/gencode-remote
new file mode 100755
index 00000000..839fd0c3
--- /dev/null
+++ b/cdist/conf/type/__consul_reload/gencode-remote
@@ -0,0 +1,24 @@
+#!/bin/sh -e
+#
+# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+service="consul"
+if grep -q "^__file/etc/consul/conf.d/" "$__messages_in"; then
+ echo "service $service status && service $service reload || true"
+fi
diff --git a/cdist/conf/type/__consul_reload/man.rst b/cdist/conf/type/__consul_reload/man.rst
new file mode 100644
index 00000000..f48a041a
--- /dev/null
+++ b/cdist/conf/type/__consul_reload/man.rst
@@ -0,0 +1,42 @@
+cdist-type__consul_reload(7)
+============================
+
+NAME
+----
+cdist-type__consul_reload - Reload consul
+
+
+DESCRIPTION
+-----------
+Reload consul after configuration changes.
+
+
+REQUIRED PARAMETERS
+-------------------
+None.
+
+
+OPTIONAL PARAMETERS
+-------------------
+None.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __consul_reload
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2015 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/test/cdist_object/fixtures/object/__second/on-the/.cdist/.keep b/cdist/conf/type/__consul_reload/singleton
similarity index 100%
rename from cdist/test/cdist_object/fixtures/object/__second/on-the/.cdist/.keep
rename to cdist/conf/type/__consul_reload/singleton
diff --git a/cdist/conf/type/__consul_service/explorer/conf-dir b/cdist/conf/type/__consul_service/explorer/conf-dir
new file mode 100644
index 00000000..0fc9ef84
--- /dev/null
+++ b/cdist/conf/type/__consul_service/explorer/conf-dir
@@ -0,0 +1,15 @@
+# Determine the configuration directory used by consul.
+
+check_dir () {
+ if [ -d "$1" ]; then
+ printf '%s' "$1"
+ exit
+ fi
+}
+
+check_dir '/etc/consul/conf.d'
+check_dir '/etc/consul.d'
+check_dir '/etc/consul'
+
+echo 'Could not determine consul configuration dir. Exiting.' >&2
+exit 1
diff --git a/cdist/conf/type/__consul_service/man.rst b/cdist/conf/type/__consul_service/man.rst
new file mode 100644
index 00000000..510be3d5
--- /dev/null
+++ b/cdist/conf/type/__consul_service/man.rst
@@ -0,0 +1,85 @@
+cdist-type__consul_service(7)
+=============================
+
+NAME
+----
+cdist-type__consul_service - Manages consul services
+
+
+DESCRIPTION
+-----------
+Generate and deploy service definitions for a consul agent.
+See http://www.consul.io/docs/agent/services.html for parameter documentation.
+
+Use either script together with interval, or use ttl.
+
+
+REQUIRED PARAMETERS
+-------------------
+None.
+
+
+OPTIONAL PARAMETERS
+-------------------
+check-interval
+ the interval in which the script given with --check-script should be run
+
+check-http
+ the URL to check for HTTP 200-ish status every --check-interval
+
+check-script
+ the shell command to run every --check-interval
+
+check-ttl
+ how long a service is considered healthy without being updated through the
+ HTTP interfave
+
+id
+ Defaults to --name
+
+name
+ The name of this service. Defaults to __object_id
+
+port
+ the port at which this service can be reached
+
+state
+ if this service is 'present' or 'absent'. Defaults to 'present'.
+
+tag
+ a tag to add to this service. Can be specified multiple times.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __consul_service redis \
+ --tag master \
+ --tag production \
+ --port 8000 \
+ --check-script /usr/local/bin/check_redis.py \
+ --check-interval 10s
+
+ __consul_service webapp \
+ --port 80 \
+ --check-ttl 10s
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__consul_agent`\ (7)
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2015 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__consul_service/manifest b/cdist/conf/type/__consul_service/manifest
new file mode 100755
index 00000000..d16f18e0
--- /dev/null
+++ b/cdist/conf/type/__consul_service/manifest
@@ -0,0 +1,93 @@
+#!/bin/sh -e
+#
+# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+name="$(cat "$__object/parameter/name" 2>/dev/null || echo "$__object_id")"
+conf_dir=$(cat "$__object/explorer/conf-dir")
+conf_file="service_${name}.json"
+state="$(cat "$__object/parameter/state")"
+
+# Sanity checks
+if [ -f "$__object/parameter/check-script" ] && [ -f "$__object/parameter/check-ttl" ]; then
+ echo "Use either --check-script together with --check-interval OR --check-ttl, but not both" >&2
+ exit 1
+fi
+if [ -f "$__object/parameter/check-script" ] && [ ! -f "$__object/parameter/check-interval" ]; then
+ echo "When using --check-script you must also define --check-interval" >&2
+ exit 1
+fi
+if [ -f "$__object/parameter/check-http" ] && [ ! -f "$__object/parameter/check-interval" ]; then
+ echo "When using --check-http you must also define --check-interval" >&2
+ exit 1
+fi
+
+# Generate json config file
+(
+echo "{"
+printf ' "service": {\n'
+printf ' "name": "%s"\n' "$name"
+cd "$__object/parameter/"
+for param in *; do
+ case "$param" in
+ state|name|check-interval|conf-dir) continue ;;
+ check-script)
+ printf ' ,"check": {\n'
+ printf ' "script": "%s"\n' "$(cat "$__object/parameter/check-script")"
+ printf ' ,"interval": "%s"\n' "$(cat "$__object/parameter/check-interval")"
+ printf ' }\n'
+ ;;
+ check-ttl)
+ printf ' ,"check": {\n'
+ printf ' "ttl": "%s"\n' "$(cat "$__object/parameter/check-ttl")"
+ printf ' }\n'
+ ;;
+ check-http)
+ printf ' ,"check": {\n'
+ printf ' "http": "%s"\n' "$(cat "$__object/parameter/check-http")"
+ printf ' ,"interval": "%s"\n' "$(cat "$__object/parameter/check-interval")"
+ printf ' }\n'
+ ;;
+ tag)
+ # create json array from newline delimited file
+ tags="$(awk '{printf "\""$1"\","}' "$__object/parameter/tag")"
+ # remove trailing ,
+ printf ' ,"tags": [%s]\n' "${tags%*,}"
+ ;;
+ port)
+ # integer key=value parameters
+ key="$(echo "$param" | tr '-' '_')"
+ printf ' ,"%s": %s\n' "$key" "$(cat "$__object/parameter/$param")"
+ ;;
+ *)
+ # string key=value parameters
+ key="$(echo "$param" | tr '-' '_')"
+ printf ' ,"%s": "%s"\n' "$key" "$(cat "$__object/parameter/$param")"
+ ;;
+ esac
+done
+# end service
+echo " }"
+# end json file
+echo "}"
+) | \
+ __config_file "${conf_dir}/${conf_file}" \
+ --owner root --group consul --mode 640 \
+ --state "$state" \
+ --onchange 'service consul status >/dev/null && service consul reload || true' \
+ --source -
diff --git a/cdist/conf/type/__consul_service/parameter/default/state b/cdist/conf/type/__consul_service/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__consul_service/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__consul_service/parameter/optional b/cdist/conf/type/__consul_service/parameter/optional
new file mode 100644
index 00000000..2e3e8b63
--- /dev/null
+++ b/cdist/conf/type/__consul_service/parameter/optional
@@ -0,0 +1,8 @@
+check-http
+check-interval
+check-script
+check-ttl
+id
+name
+port
+state
diff --git a/cdist/conf/type/__consul_service/parameter/optional_multiple b/cdist/conf/type/__consul_service/parameter/optional_multiple
new file mode 100644
index 00000000..42c7c82c
--- /dev/null
+++ b/cdist/conf/type/__consul_service/parameter/optional_multiple
@@ -0,0 +1 @@
+tag
diff --git a/cdist/conf/type/__consul_template/files/consul-template.systemd b/cdist/conf/type/__consul_template/files/consul-template.systemd
new file mode 100644
index 00000000..c67eaab5
--- /dev/null
+++ b/cdist/conf/type/__consul_template/files/consul-template.systemd
@@ -0,0 +1,19 @@
+[Unit]
+Description=Consul-Template Daemon
+Wants=basic.target
+After=basic.target network.target
+
+[Service]
+User=root
+Group=root
+Environment="CONSUL_TEMPLATE_LOG=info"
+Environment="GOMAXPROCS=2"
+ExecStart=/usr/local/bin/consul-template -config /etc/consul-template/conf.d
+ExecReload=/bin/kill -HUP $MAINPID
+KillMode=process
+Restart=on-failure
+RestartSec=10s
+LimitNOFILE=4096
+
+[Install]
+WantedBy=multi-user.target
diff --git a/cdist/conf/type/__consul_template/files/consul-template.sysv b/cdist/conf/type/__consul_template/files/consul-template.sysv
new file mode 100644
index 00000000..b263915a
--- /dev/null
+++ b/cdist/conf/type/__consul_template/files/consul-template.sysv
@@ -0,0 +1,92 @@
+#!/bin/bash
+#
+# /etc/rc.d/init.d/consul-template
+#
+# Daemonize the consul-template agent.
+#
+# chkconfig: 2345 95 95
+# description: Generic template rendering and notifications with Consul
+# processname: consul-template
+# pidfile: /var/run/consul-template/pidfile
+
+# Source function library.
+
+# shellcheck disable=SC1091
+. /etc/init.d/functions
+NAME=consul-template
+CONSUL_TEMPLATE=/usr/local/bin/consul-template
+CONFIG="/etc/$NAME/conf.d"
+PID_FILE="/var/run/$NAME/pidfile"
+LOG_FILE="/var/log/$NAME"
+
+# shellcheck disable=SC1090
+[ -e "/etc/sysconfig/$NAME" ] && . "/etc/sysconfig/$NAME"
+export CONSUL_TEMPLATE_LOG="${CONSUL_TEMPLATE_LOG:-info}"
+export GOMAXPROCS="${GOMAXPROCS:-2}"
+
+mkdir -p "/var/run/$NAME"
+
+start() {
+ printf "Starting %s: " "$NAME"
+ daemon --pidfile="$PID_FILE" \
+ "$CONSUL_TEMPLATE" -config "$CONFIG" >> "$LOG_FILE" 2>&1 &
+ echo "$!" > "$PID_FILE"
+ retcode=$?
+ touch "/var/lock/subsys/$NAME"
+ return "$retcode"
+}
+
+stop() {
+ printf "Shutting down %s: " "$NAME"
+ killproc -p "$PID_FILE" "$CONSUL_TEMPLATE"
+ retcode=$?
+ rm -f "/var/lock/subsys/$NAME"
+ return "$retcode"
+}
+
+case "$1" in
+ start)
+ if status -p "$PID_FILE" "$NAME" >/dev/null; then
+ echo "$NAME already running"
+ else
+ start
+ fi
+ ;;
+ stop)
+ if status -p "$PID_FILE" "$NAME" >/dev/null; then
+ stop
+ else
+ echo "$NAME not running"
+ fi
+ ;;
+ status)
+ status -p "$PID_FILE" "$NAME"
+ exit $?
+ ;;
+ restart)
+ if status -p "$PID_FILE" "$NAME" >/dev/null; then
+ stop
+ fi
+ start
+ ;;
+ reload)
+ if status -p "$PID_FILE" "$NAME" >/dev/null; then
+ kill -HUP "$(cat "$PID_FILE")"
+ else
+ echo "$NAME not running"
+ fi
+ ;;
+ condrestart)
+ if [ -f "/var/lock/subsys/$NAME" ]; then
+ if status -p "$PID_FILE" "$NAME" >/dev/null; then
+ stop
+ fi
+ start
+ fi
+ ;;
+ *)
+ echo "Usage: $NAME {start|stop|status|reload|restart}"
+ exit 1
+ ;;
+esac
+exit $?
diff --git a/cdist/conf/type/__consul_template/files/consul-template.upstart b/cdist/conf/type/__consul_template/files/consul-template.upstart
new file mode 100644
index 00000000..b81a2818
--- /dev/null
+++ b/cdist/conf/type/__consul_template/files/consul-template.upstart
@@ -0,0 +1,12 @@
+description "Consul-Template Daemon"
+start on (local-filesystems and net-device-up IFACE!=lo)
+stop on runlevel [06]
+
+env CONSUL_TEMPLATE_LOG=info
+env GOMAXPROCS=${GOMAXPROCS}
+
+exec /usr/local/bin/consul-template -config /etc/consul-template/conf.d >> /var/log/consul-template 2>&1
+
+respawn
+respawn limit 10 10
+kill timeout 10
diff --git a/cdist/conf/type/__consul_template/files/versions/0.10.0/cksum b/cdist/conf/type/__consul_template/files/versions/0.10.0/cksum
new file mode 100644
index 00000000..bbf394db
--- /dev/null
+++ b/cdist/conf/type/__consul_template/files/versions/0.10.0/cksum
@@ -0,0 +1 @@
+3401777891 9273880 consul-template
diff --git a/cdist/conf/type/__consul_template/files/versions/0.10.0/source b/cdist/conf/type/__consul_template/files/versions/0.10.0/source
new file mode 100644
index 00000000..031b1155
--- /dev/null
+++ b/cdist/conf/type/__consul_template/files/versions/0.10.0/source
@@ -0,0 +1 @@
+https://releases.hashicorp.com/consul-template/0.10.0/consul-template_0.10.0_linux_amd64.zip
diff --git a/cdist/conf/type/__consul_template/files/versions/0.15.0/cksum b/cdist/conf/type/__consul_template/files/versions/0.15.0/cksum
new file mode 100644
index 00000000..426338bd
--- /dev/null
+++ b/cdist/conf/type/__consul_template/files/versions/0.15.0/cksum
@@ -0,0 +1 @@
+2643547924 12487232 consul-template
diff --git a/cdist/conf/type/__consul_template/files/versions/0.15.0/source b/cdist/conf/type/__consul_template/files/versions/0.15.0/source
new file mode 100644
index 00000000..fdf1fccf
--- /dev/null
+++ b/cdist/conf/type/__consul_template/files/versions/0.15.0/source
@@ -0,0 +1 @@
+https://releases.hashicorp.com/consul-template/0.15.0/consul-template_0.15.0_linux_amd64.zip
diff --git a/cdist/conf/type/__consul_template/man.rst b/cdist/conf/type/__consul_template/man.rst
new file mode 100644
index 00000000..f13c699d
--- /dev/null
+++ b/cdist/conf/type/__consul_template/man.rst
@@ -0,0 +1,141 @@
+cdist-type__consul_template(7)
+==============================
+
+NAME
+----
+cdist-type__consul_template - Manage the consul-template service
+
+
+DESCRIPTION
+-----------
+Downloads and installs the consul-template binary from
+https://github.com/hashicorp/consul-template/releases/download/.
+Generates a global config file and creates directory for per template config files.
+Note that the consul-template binary is downloaded on the server (the machine running
+cdist) and then deployed to the target host using the __file type.
+
+
+REQUIRED PARAMETERS
+-------------------
+None.
+
+
+OPTIONAL PARAMETERS
+-------------------
+auth-username
+ specify a username for basic authentication.
+
+auth-password
+ specify a password for basic authentication.
+
+batch-size
+ the size of the batch when polling multiple dependencies.
+
+consul
+ the location of the Consul instance to query (may be an IP address or FQDN) with port.
+ Defaults to 'localhost:8500'.
+
+log-level
+ The log level for output. This applies to the stdout/stderr logging as well
+ as syslog logging (if enabled). Valid values are "debug", "info", "warn",
+ and "err". The default value is "warn".
+
+max-stale
+ the maximum staleness of a query. If specified, Consul will distribute work among all
+ servers instead of just the leader.
+
+retry
+ the amount of time to wait if Consul returns an error when communicating
+ with the API.
+
+state
+ either 'present' or 'absent'. Defaults to 'present'
+
+ssl-cert
+ Path to an SSL client certificate to use to authenticate to the consul server.
+ Useful if the consul server "verify_incoming" option is set.
+
+ssl-ca-cert
+ Path to a CA certificate file, containing one or more CA certificates to
+ use to validate the certificate sent by the consul server to us. This is a
+ handy alternative to setting --ssl-no-verify if you are using your own CA.
+
+syslog-facility
+ The facility to use when sending to syslog. This requires the use of --syslog.
+ The default value is LOCAL0.
+
+token
+ the Consul API token.
+
+vault-address
+ the location of the Vault instance to query (may be an IP address or FQDN) with port.
+
+vault-token
+ the Vault API token.
+
+vault-ssl-cert
+ Path to an SSL client certificate to use to authenticate to the vault server.
+
+vault-ssl-ca-cert
+ Path to a CA certificate file, containing one or more CA certificates to
+ use to validate the certificate sent by the vault server to us.
+
+version
+ which version of consul-template to install. See ./files/versions for a list of
+ supported versions. Defaults to the latest known version.
+
+wait
+ the minimum(:maximum) to wait before rendering a new template to disk and
+ triggering a command, separated by a colon (:). If the optional maximum
+ value is omitted, it is assumed to be 4x the required minimum value.
+
+
+BOOLEAN PARAMETERS
+------------------
+ssl
+ use HTTPS while talking to Consul. Requires the Consul server to be configured to serve secure connections.
+
+ssl-no-verify
+ ignore certificate warnings. Only used if ssl is enabled.
+
+syslog
+ Send log output to syslog (in addition to stdout and stderr).
+
+vault-ssl
+ use HTTPS while talking to Vault. Requires the Vault server to be configured to serve secure connections.
+
+vault-ssl-no-verify
+ ignore certificate warnings. Only used if vault is enabled.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __consul_template \
+ --consul consul.service.consul:8500 \
+ --retry 30s
+
+ # specific version
+ __consul_template \
+ --version 0.6.5 \
+ --retry 30s
+
+
+SEE ALSO
+--------
+consul documentation at: .
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2015 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__consul_template/manifest b/cdist/conf/type/__consul_template/manifest
new file mode 100755
index 00000000..b02fc332
--- /dev/null
+++ b/cdist/conf/type/__consul_template/manifest
@@ -0,0 +1,191 @@
+#!/bin/sh -e
+#
+# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+
+os=$(cat "$__global/explorer/os")
+
+case "$os" in
+ scientific|centos|redhat)
+ # whitelist safeguard
+ service_onchange='service consul-template status >/dev/null && service consul-template reload || true' \
+ ;;
+ archlinux)
+ service_onchange="systemctl status consul-template >/dev/null && systemctl reload consul-template || true"
+ ;;
+ *)
+ echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2
+ echo "Please contribute an implementation for it if you can." >&2
+ exit 1
+ ;;
+esac
+
+versions_dir="$__type/files/versions"
+version="$(cat "$__object/parameter/version")"
+version_dir="$versions_dir/$version"
+
+if [ ! -d "$version_dir" ]; then
+ echo "Unknown consul-template version '$version'. Expected one of:" >&2
+ ls "$versions_dir" >&2
+ exit 1
+fi
+
+state="$(cat "$__object/parameter/state")"
+
+__staged_file /usr/local/bin/consul-template \
+ --source "$(cat "$version_dir/source")" \
+ --cksum "$(cat "$version_dir/cksum")" \
+ --fetch-command 'curl -s -L "%s"' \
+ --prepare-command 'unzip -p "%s"' \
+ --state "$state" \
+ --group root \
+ --owner root \
+ --mode 755
+
+
+conf_dir="/etc/consul-template/conf.d"
+conf_file="config.hcl"
+template_dir="/etc/consul-template/template"
+
+__directory /etc/consul-template \
+ --owner root --group root --mode 750
+require="__directory/etc/consul-template" \
+ __directory "$conf_dir" \
+ --owner root --group root --mode 750
+require="__directory/etc/consul-template" \
+ __directory "$template_dir" \
+ --owner root --group root --mode 750
+
+
+# Generate hcl config file
+(
+cd "$__object/parameter/"
+for param in *; do
+ case "$param" in
+ auth-password|state|ssl-*|syslog-*|version|vault-token|vault-ssl*) continue ;;
+ auth-username)
+ printf 'auth {\n'
+ printf ' enabled = true\n'
+ printf ' username = "%s"\n' "$(cat "$__object/parameter/auth-username")"
+ if [ -f "$__object/parameter/auth-password" ]; then
+ printf ' password = %s\n' "$(cat "$__object/parameter/auth-password")"
+ fi
+ printf '}\n'
+ ;;
+ ssl)
+ printf 'ssl {\n'
+ printf ' enabled = true\n'
+ if [ -f "$__object/parameter/ssl-no-verify" ]; then
+ printf ' verify = false\n'
+ fi
+ if [ -f "$__object/parameter/ssl-cert" ]; then
+ printf ' cert = "%s"\n' "$(cat "$__object/parameter/ssl-cert")"
+ fi
+ if [ -f "$__object/parameter/ssl-ca-cert" ]; then
+ printf ' ca_cert = "%s"\n' "$(cat "$__object/parameter/ssl-ca-cert")"
+ fi
+ printf '}\n'
+ ;;
+ syslog)
+ printf 'syslog {\n'
+ printf ' enabled = true\n'
+ if [ -f "$__object/parameter/syslog-facility" ]; then
+ printf ' facility = "%s"\n' "$(cat "$__object/parameter/syslog-facility")"
+ fi
+ printf '}\n'
+ ;;
+ vault-address)
+ printf 'vault {\n'
+ printf ' address = "%s"\n' "$(cat "$__object/parameter/vault-address")"
+ if [ -f "$__object/parameter/vault-token" ]; then
+ printf ' token = "%s"\n' "$(cat "$__object/parameter/vault-token")"
+ fi
+ if [ -f "$__object/parameter/vault-ssl" ]; then
+ printf ' ssl {\n'
+ printf ' enabled = true\n'
+ if [ -f "$__object/parameter/vault-ssl-no-verify" ]; then
+ printf ' verify = false\n'
+ fi
+ if [ -f "$__object/parameter/vault-ssl-cert" ]; then
+ printf ' cert = "%s"\n' "$(cat "$__object/parameter/vault-ssl-cert")"
+ fi
+ if [ -f "$__object/parameter/vault-ssl-ca-cert" ]; then
+ printf ' ca_cert = "%s"\n' "$(cat "$__object/parameter/vault-ssl-ca-cert")"
+ fi
+ printf ' }\n'
+ fi
+ printf '}\n'
+ ;;
+ *)
+ # string key=value parameters
+ key="$(echo "$param" | tr '-' '_')"
+ printf '%s = "%s"\n' "$key" "$(cat "$__object/parameter/$param")"
+ ;;
+ esac
+done
+) | \
+require="__directory${conf_dir}" \
+ __config_file "${conf_dir}/${conf_file}" \
+ --owner root --group root --mode 640 \
+ --state "$state" \
+ --onchange "$service_onchange" \
+ --source -
+
+
+# Install init script to start on boot
+service="consul-template"
+case "$os" in
+ centos|redhat)
+ os_version="$(sed 's/[^0-9.]//g' "$__global/explorer/os_version")"
+ major_version="${os_version%%.*}"
+ case "$major_version" in
+ 7)
+ __file "/lib/systemd/system/${service}.service" \
+ --owner root --group root --mode 0555 \
+ --state "$state" \
+ --source "$__type/files/${service}.systemd"
+ export require="__file/lib/systemd/system/${service}.service"
+ ;;
+ *)
+ __file "/etc/init.d/${service}" \
+ --owner root --group root --mode 0555 \
+ --state "$state" \
+ --source "$__type/files/${service}.sysv"
+ export require="__file/etc/init.d/${service}"
+ ;;
+ esac
+ __start_on_boot "$service" --state "$state"
+ ;;
+ ubuntu)
+ __file "/etc/init/${service}.conf" \
+ --owner root --group root --mode 0644 \
+ --state "$state" \
+ --source "$__type/files/${service}.upstart"
+ export require="__file/etc/init/${service}.conf"
+ __start_on_boot "$service" --state "$state"
+ ;;
+ archlinux)
+ __file "/lib/systemd/system/${service}.service" \
+ --owner root --group root --mode 0555 \
+ --state "$state" \
+ --source "$__type/files/${service}.systemd"
+ export require="__file/lib/systemd/system/${service}.service"
+ __start_on_boot "$service" --state "$state"
+ ;;
+esac
diff --git a/cdist/conf/type/__consul_template/notes b/cdist/conf/type/__consul_template/notes
new file mode 100644
index 00000000..fc7cca11
--- /dev/null
+++ b/cdist/conf/type/__consul_template/notes
@@ -0,0 +1,93 @@
+# < 0.7.0
+ssl = true
+ssl_no_verify = true
+
+# >= 0.7.0
+ssl {
+ enabled = true
+ verify = false
+}
+
+# >= 0.9.0
+ssl-cert
+ssl-ca-cert
+
+
+
+--------------------------------------------------------------------------------
+### from docs
+
+
+ssl {
+ enabled = true
+ verify = false
+ cert = "/path/to/client/cert.pem"
+ ca_cert = "/path/to/ca/cert.pem"
+}
+
+
+ssl
+ Use HTTPS while talking to Consul. Requires the Consul server to be configured to serve secure connections. The default value is false.
+
+ssl-verify
+ Verify certificates when connecting via SSL. This requires the use of -ssl. The default value is true.
+
+ssl-cert
+ Path to an SSL client certificate to use to authenticate to the consul server. Useful if the consul server "verify_incoming" option is set.
+
+ssl-ca-cert
+ Path to a CA certificate file, containing one or more CA certificates to use to validate the certificate sent by the consul server to us. This is a handy alternative to setting --ssl-verify=false if you are using your own CA.
+
+--------------------------------------------------------------------------------
+
+### example config file from docs
+
+consul = "127.0.0.1:8500"
+token = "abcd1234" // May also be specified via the envvar CONSUL_TOKEN
+retry = "10s"
+max_stale = "10m"
+log_level = "warn"
+pid_file = "/path/to/pid"
+
+vault {
+ address = "https://vault.service.consul:8200"
+ token = "abcd1234" // May also be specified via the envvar VAULT_TOKEN
+ ssl {
+ enabled = true
+ verify = true
+ cert = "/path/to/client/cert.pem"
+ ca_cert = "/path/to/ca/cert.pem"
+ }
+}
+
+
+--auth-username
+--auth-password
+# if any are given enabled = true
+auth {
+ enabled = true
+ username = "test"
+ password = "test"
+}
+
+ssl {
+ enabled = true
+ verify = false
+ cert = "/path/to/client/cert.pem"
+ ca_cert = "/path/to/ca/cert.pem"
+}
+
+syslog {
+ enabled = true
+ facility = "LOCAL5"
+}
+
+template {
+ source = "/path/on/disk/to/template"
+ destination = "/path/on/disk/where/template/will/render"
+ command = "optional command to run when the template is updated"
+}
+
+template {
+ // Multiple template definitions are supported
+}
diff --git a/cdist/conf/type/__consul_template/parameter/boolean b/cdist/conf/type/__consul_template/parameter/boolean
new file mode 100644
index 00000000..10057e46
--- /dev/null
+++ b/cdist/conf/type/__consul_template/parameter/boolean
@@ -0,0 +1,5 @@
+ssl
+ssl-no-verify
+syslog
+vault-ssl
+vault-ssl-no-verify
diff --git a/cdist/conf/type/__consul_template/parameter/default/consul b/cdist/conf/type/__consul_template/parameter/default/consul
new file mode 100644
index 00000000..42dfa616
--- /dev/null
+++ b/cdist/conf/type/__consul_template/parameter/default/consul
@@ -0,0 +1 @@
+localhost:8500
diff --git a/cdist/conf/type/__consul_template/parameter/default/log-level b/cdist/conf/type/__consul_template/parameter/default/log-level
new file mode 100644
index 00000000..1ef71804
--- /dev/null
+++ b/cdist/conf/type/__consul_template/parameter/default/log-level
@@ -0,0 +1 @@
+warn
diff --git a/cdist/conf/type/__consul_template/parameter/default/state b/cdist/conf/type/__consul_template/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__consul_template/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__consul_template/parameter/default/syslog-facility b/cdist/conf/type/__consul_template/parameter/default/syslog-facility
new file mode 100644
index 00000000..f32df182
--- /dev/null
+++ b/cdist/conf/type/__consul_template/parameter/default/syslog-facility
@@ -0,0 +1 @@
+LOCAL0
diff --git a/cdist/conf/type/__consul_template/parameter/default/version b/cdist/conf/type/__consul_template/parameter/default/version
new file mode 100644
index 00000000..a5510516
--- /dev/null
+++ b/cdist/conf/type/__consul_template/parameter/default/version
@@ -0,0 +1 @@
+0.15.0
diff --git a/cdist/conf/type/__consul_template/parameter/optional b/cdist/conf/type/__consul_template/parameter/optional
new file mode 100644
index 00000000..8bc528ac
--- /dev/null
+++ b/cdist/conf/type/__consul_template/parameter/optional
@@ -0,0 +1,18 @@
+auth-username
+auth-password
+batch-size
+consul
+log-level
+max-stale
+retry
+state
+ssl-cert
+ssl-ca-cert
+syslog-facility
+token
+vault-address
+vault-token
+vault-ssl-cert
+vault-ssl-ca-cert
+version
+wait
diff --git a/cdist/test/cdist_object/fixtures/object/__second/under-the/.cdist/.keep b/cdist/conf/type/__consul_template/singleton
similarity index 100%
rename from cdist/test/cdist_object/fixtures/object/__second/under-the/.cdist/.keep
rename to cdist/conf/type/__consul_template/singleton
diff --git a/cdist/conf/type/__consul_template_template/man.rst b/cdist/conf/type/__consul_template_template/man.rst
new file mode 100644
index 00000000..b2e3820b
--- /dev/null
+++ b/cdist/conf/type/__consul_template_template/man.rst
@@ -0,0 +1,84 @@
+cdist-type__consul_template_template(7)
+=======================================
+
+NAME
+----
+cdist-type__consul_template_template - Manage consul-template templates
+
+
+DESCRIPTION
+-----------
+Generate and deploy template definitions for a consul-template.
+See https://github.com/hashicorp/consul-template#examples for documentation.
+Templates are written in the Go template format.
+Either the --source or the --source-file parameter must be given.
+
+
+REQUIRED PARAMETERS
+-------------------
+destination
+ the destination where the generated file should go.
+
+
+OPTIONAL PARAMETERS
+-------------------
+command
+ an optional command to run after rendering the template to its destination.
+
+source
+ path to the template source. Conflicts --source-file.
+
+source-file
+ path to a local file which is uploaded using the __file type and configured
+ as the source.
+ If source is '-' (dash), take what was written to stdin as the file content.
+ Conflicts --source.
+
+state
+ if this template is 'present' or 'absent'. Defaults to 'present'.
+
+wait
+ The `minimum(:maximum)` time to wait before rendering a new template to
+ disk and triggering a command, separated by a colon (`:`). If the optional
+ maximum value is omitted, it is assumed to be 4x the required minimum value.
+ This is a numeric time with a unit suffix ("5s"). There is no default value.
+ The wait value for a template takes precedence over any globally-configured
+ wait.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # configure template on the target
+ __consul_template_template nginx \
+ --source /etc/my-consul-templates/nginx.ctmpl \
+ --destination /etc/nginx/nginx.conf \
+ --command 'service nginx restart'
+
+
+ # upload a local file to the target and configure it
+ __consul_template_template nginx \
+ --wait '2s:6s' \
+ --source-file "$__manifest/files/nginx.ctmpl" \
+ --destination /etc/nginx/nginx.conf \
+ --command 'service nginx restart'
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__consul_template`\ (7), :strong:`cdist-type__consul_template_config`\ (7)
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2015-2016 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__consul_template_template/manifest b/cdist/conf/type/__consul_template_template/manifest
new file mode 100755
index 00000000..1eae1fad
--- /dev/null
+++ b/cdist/conf/type/__consul_template_template/manifest
@@ -0,0 +1,78 @@
+#!/bin/sh -e
+#
+# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+name="$(cat "$__object/parameter/name" 2>/dev/null || echo "$__object_id")"
+state="$(cat "$__object/parameter/state")"
+conf_dir="/etc/consul-template/conf.d"
+conf_file="template_${name}.hcl"
+template_dir="/etc/consul-template/template"
+require=""
+
+# Sanity checks
+if [ -f "$__object/parameter/source" ] && [ -f "$__object/parameter/source-file" ]; then
+ echo "Use either --source OR --source-file, but not both." >&2
+ exit 1
+fi
+if [ ! -f "$__object/parameter/source" ] && [ ! -f "$__object/parameter/source-file" ]; then
+ echo "Either --source OR --source-file must be given." >&2
+ exit 1
+fi
+
+if [ -f "$__object/parameter/source-file" ]; then
+ destination="${template_dir}/${name}"
+ require="__file${destination}"
+fi
+
+# Generate hcl config file
+{
+printf 'template {\n'
+cd "$__object/parameter/"
+for param in *; do
+ case "$param" in
+ source-file)
+ source="$(cat "$__object/parameter/$param")"
+ if [ "$source" = "-" ]; then
+ source="$__object/stdin"
+ fi
+ require="__directory${template_dir}" \
+ __file "$destination" \
+ --owner root --group root --mode 640 \
+ --source "$source" \
+ --state "$state"
+ printf ' source = "%s"\n' "$destination"
+
+ ;;
+ source|destination|command|wait)
+ printf ' %s = "%s"\n' "$param" "$(cat "$__object/parameter/$param")"
+ ;;
+ *)
+ # ignore unknown parameters
+ :
+ ;;
+ esac
+done
+printf '}\n'
+} | \
+require="$require __directory${conf_dir}" \
+ __config_file "${conf_dir}/${conf_file}" \
+ --owner root --group root --mode 640 \
+ --state "$state" \
+ --onchange 'service consul-template status >/dev/null && service consul-template reload || true' \
+ --source -
diff --git a/cdist/conf/type/__consul_template_template/parameter/default/state b/cdist/conf/type/__consul_template_template/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__consul_template_template/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__consul_template_template/parameter/optional b/cdist/conf/type/__consul_template_template/parameter/optional
new file mode 100644
index 00000000..3e55fbb7
--- /dev/null
+++ b/cdist/conf/type/__consul_template_template/parameter/optional
@@ -0,0 +1,5 @@
+command
+source
+source-file
+state
+wait
diff --git a/cdist/conf/type/__consul_template_template/parameter/required b/cdist/conf/type/__consul_template_template/parameter/required
new file mode 100644
index 00000000..ac459b09
--- /dev/null
+++ b/cdist/conf/type/__consul_template_template/parameter/required
@@ -0,0 +1 @@
+destination
diff --git a/cdist/conf/type/__consul_watch_checks/explorer/conf-dir b/cdist/conf/type/__consul_watch_checks/explorer/conf-dir
new file mode 120000
index 00000000..daa712c3
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_checks/explorer/conf-dir
@@ -0,0 +1 @@
+../../__consul_service/explorer/conf-dir
\ No newline at end of file
diff --git a/cdist/conf/type/__consul_watch_checks/man.rst b/cdist/conf/type/__consul_watch_checks/man.rst
new file mode 100644
index 00000000..a9a9f58d
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_checks/man.rst
@@ -0,0 +1,73 @@
+cdist-type__consul_watch_checks(7)
+==================================
+
+NAME
+----
+cdist-type__consul_watch_checks - Manages consul checks watches
+
+
+DESCRIPTION
+-----------
+Generate and deploy watch definitions of type 'checks' for a consul agent.
+See http://www.consul.io/docs/agent/watches.html for parameter documentation.
+
+
+REQUIRED PARAMETERS
+-------------------
+handler
+ the handler to invoke when the data view updates
+
+
+OPTIONAL PARAMETERS
+-------------------
+datacenter
+ can be provided to override the agent's default datacenter
+
+filter-service
+ filter to a specific service. Conflicts with --filter-state.
+
+filter-state
+ filter to a specific state. Conflicts with --filter-service.
+
+state
+ if this watch is 'present' or 'absent'. Defaults to 'present'.
+
+token
+ can be provided to override the agent's default ACL token
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __consul_watch_checks some-id \
+ --handler /usr/bin/my-handler.sh
+
+ __consul_watch_checks some-id \
+ --filter-service consul \
+ --handler /usr/bin/my-handler.sh
+
+ __consul_watch_checks some-id \
+ --filter-state passing \
+ --handler /usr/bin/my-handler.sh
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__consul_agent`\ (7)
+
+consul documentation at: .
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2015 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__consul_watch_checks/manifest b/cdist/conf/type/__consul_watch_checks/manifest
new file mode 100755
index 00000000..4976b25a
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_checks/manifest
@@ -0,0 +1,62 @@
+#!/bin/sh -e
+#
+# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+cdist_type="${__type##*/}"
+watch_type="${cdist_type##*_}"
+conf_dir=$(cat "$__object/explorer/conf-dir")
+conf_file="watch_${watch_type}_${__object_id}.json"
+state="$(cat "$__object/parameter/state")"
+
+# Sanity checks
+if [ -f "$__object/parameter/filter-service" ] && [ -f "$__object/parameter/filter-state" ]; then
+ echo "Use either --filter-service or --filter-state but not both." >&2
+ exit 1
+fi
+
+# Generate json config file
+(
+echo "{"
+printf ' "watches": [{\n'
+printf ' "type": "%s"\n' "$watch_type"
+cd "$__object/parameter/"
+for param in *; do
+ case "$param" in
+ state) continue ;;
+ filter-*)
+ key="${param##*-}"
+ printf ' ,"%s": "%s"\n' "$key" "$(cat "$__object/parameter/$param")"
+ ;;
+ *)
+ key="$(echo "$param" | tr '-' '_')"
+ printf ' ,"%s": "%s"\n' "$key" "$(cat "$__object/parameter/$param")"
+ ;;
+ esac
+done
+# end watches
+echo " }]"
+# end json file
+echo "}"
+) | \
+require="__directory${conf_dir}" \
+ __config_file "${conf_dir}/${conf_file}" \
+ --owner root --group consul --mode 640 \
+ --state "$state" \
+ --onchange 'service consul status >/dev/null && service consul reload || true' \
+ --source -
diff --git a/cdist/conf/type/__consul_watch_checks/parameter/default/state b/cdist/conf/type/__consul_watch_checks/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_checks/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__consul_watch_checks/parameter/optional b/cdist/conf/type/__consul_watch_checks/parameter/optional
new file mode 100644
index 00000000..d37fd557
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_checks/parameter/optional
@@ -0,0 +1,5 @@
+datacenter
+filter-service
+filter-state
+state
+token
diff --git a/cdist/conf/type/__consul_watch_checks/parameter/required b/cdist/conf/type/__consul_watch_checks/parameter/required
new file mode 100644
index 00000000..64b916c1
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_checks/parameter/required
@@ -0,0 +1 @@
+handler
diff --git a/cdist/conf/type/__consul_watch_event/explorer/conf-dir b/cdist/conf/type/__consul_watch_event/explorer/conf-dir
new file mode 120000
index 00000000..daa712c3
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_event/explorer/conf-dir
@@ -0,0 +1 @@
+../../__consul_service/explorer/conf-dir
\ No newline at end of file
diff --git a/cdist/conf/type/__consul_watch_event/man.rst b/cdist/conf/type/__consul_watch_event/man.rst
new file mode 100644
index 00000000..6fe60d40
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_event/man.rst
@@ -0,0 +1,66 @@
+cdist-type__consul_watch_event(7)
+=================================
+
+NAME
+----
+cdist-type__consul_watch_event - Manages consul event watches
+
+
+DESCRIPTION
+-----------
+Generate and deploy watch definitions of type 'event' for a consul agent.
+See http://www.consul.io/docs/agent/watches.html for parameter documentation.
+
+
+REQUIRED PARAMETERS
+-------------------
+handler
+ the handler to invoke when the data view updates
+
+
+OPTIONAL PARAMETERS
+-------------------
+datacenter
+ can be provided to override the agent's default datacenter
+
+name
+ restrict the watch to only events with the given name
+
+state
+ if this watch is 'present' or 'absent'. Defaults to 'present'.
+
+token
+ can be provided to override the agent's default ACL token
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __consul_watch_event some-id \
+ --handler /usr/bin/my-handler.sh
+
+ __consul_watch_event some-id \
+ --name web-deploy \
+ --handler /usr/bin/my-handler.sh
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__consul_agent`\ (7)
+
+consul documentation at: .
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2015 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__consul_watch_event/manifest b/cdist/conf/type/__consul_watch_event/manifest
new file mode 100755
index 00000000..b17680c1
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_event/manifest
@@ -0,0 +1,52 @@
+#!/bin/sh -e
+#
+# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+cdist_type="${__type##*/}"
+watch_type="${cdist_type##*_}"
+conf_dir=$(cat "$__object/explorer/conf-dir")
+conf_file="watch_${watch_type}_${__object_id}.json"
+state="$(cat "$__object/parameter/state")"
+
+# Generate json config file
+(
+echo "{"
+printf ' "watches": [{\n'
+printf ' "type": "%s"\n' "$watch_type"
+cd "$__object/parameter/"
+for param in *; do
+ case "$param" in
+ state) continue ;;
+ *)
+ key="$(echo "$param" | tr '-' '_')"
+ printf ' ,"%s": "%s"\n' "$key" "$(cat "$__object/parameter/$param")"
+ ;;
+ esac
+done
+# end watches
+echo " }]"
+# end json file
+echo "}"
+) | \
+require="__directory${conf_dir}" \
+ __config_file "${conf_dir}/${conf_file}" \
+ --owner root --group consul --mode 640 \
+ --state "$state" \
+ --onchange 'service consul status >/dev/null && service consul reload || true' \
+ --source -
diff --git a/cdist/conf/type/__consul_watch_event/parameter/default/state b/cdist/conf/type/__consul_watch_event/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_event/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__consul_watch_event/parameter/optional b/cdist/conf/type/__consul_watch_event/parameter/optional
new file mode 100644
index 00000000..ac808c47
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_event/parameter/optional
@@ -0,0 +1,4 @@
+datacenter
+name
+state
+token
diff --git a/cdist/conf/type/__consul_watch_event/parameter/required b/cdist/conf/type/__consul_watch_event/parameter/required
new file mode 100644
index 00000000..64b916c1
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_event/parameter/required
@@ -0,0 +1 @@
+handler
diff --git a/cdist/conf/type/__consul_watch_key/explorer/conf-dir b/cdist/conf/type/__consul_watch_key/explorer/conf-dir
new file mode 120000
index 00000000..daa712c3
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_key/explorer/conf-dir
@@ -0,0 +1 @@
+../../__consul_service/explorer/conf-dir
\ No newline at end of file
diff --git a/cdist/conf/type/__consul_watch_key/man.rst b/cdist/conf/type/__consul_watch_key/man.rst
new file mode 100644
index 00000000..a12f8425
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_key/man.rst
@@ -0,0 +1,63 @@
+cdist-type__consul_watch_key(7)
+===============================
+
+NAME
+----
+cdist-type__consul_watch_key - Manages consul key watches
+
+
+DESCRIPTION
+-----------
+Generate and deploy watch definitions of type 'key' for a consul agent.
+See http://www.consul.io/docs/agent/watches.html for parameter documentation.
+
+
+REQUIRED PARAMETERS
+-------------------
+handler
+ the handler to invoke when the data view updates
+
+key
+ the key to watch for changes
+
+
+OPTIONAL PARAMETERS
+-------------------
+datacenter
+ can be provided to override the agent's default datacenter
+
+state
+ if this watch is 'present' or 'absent'. Defaults to 'present'.
+
+token
+ can be provided to override the agent's default ACL token
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __consul_watch_key some-id \
+ --key foo/bar/baz \
+ --handler /usr/bin/my-key-handler.sh
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__consul_agent`\ (7)
+
+consul documentation at: .
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2015 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__consul_watch_key/manifest b/cdist/conf/type/__consul_watch_key/manifest
new file mode 100755
index 00000000..b17680c1
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_key/manifest
@@ -0,0 +1,52 @@
+#!/bin/sh -e
+#
+# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+cdist_type="${__type##*/}"
+watch_type="${cdist_type##*_}"
+conf_dir=$(cat "$__object/explorer/conf-dir")
+conf_file="watch_${watch_type}_${__object_id}.json"
+state="$(cat "$__object/parameter/state")"
+
+# Generate json config file
+(
+echo "{"
+printf ' "watches": [{\n'
+printf ' "type": "%s"\n' "$watch_type"
+cd "$__object/parameter/"
+for param in *; do
+ case "$param" in
+ state) continue ;;
+ *)
+ key="$(echo "$param" | tr '-' '_')"
+ printf ' ,"%s": "%s"\n' "$key" "$(cat "$__object/parameter/$param")"
+ ;;
+ esac
+done
+# end watches
+echo " }]"
+# end json file
+echo "}"
+) | \
+require="__directory${conf_dir}" \
+ __config_file "${conf_dir}/${conf_file}" \
+ --owner root --group consul --mode 640 \
+ --state "$state" \
+ --onchange 'service consul status >/dev/null && service consul reload || true' \
+ --source -
diff --git a/cdist/conf/type/__consul_watch_key/parameter/default/state b/cdist/conf/type/__consul_watch_key/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_key/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__consul_watch_key/parameter/optional b/cdist/conf/type/__consul_watch_key/parameter/optional
new file mode 100644
index 00000000..bfce8305
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_key/parameter/optional
@@ -0,0 +1,3 @@
+datacenter
+state
+token
diff --git a/cdist/conf/type/__consul_watch_key/parameter/required b/cdist/conf/type/__consul_watch_key/parameter/required
new file mode 100644
index 00000000..a7ae5b65
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_key/parameter/required
@@ -0,0 +1,2 @@
+handler
+key
diff --git a/cdist/conf/type/__consul_watch_keyprefix/explorer/conf-dir b/cdist/conf/type/__consul_watch_keyprefix/explorer/conf-dir
new file mode 120000
index 00000000..daa712c3
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_keyprefix/explorer/conf-dir
@@ -0,0 +1 @@
+../../__consul_service/explorer/conf-dir
\ No newline at end of file
diff --git a/cdist/conf/type/__consul_watch_keyprefix/man.rst b/cdist/conf/type/__consul_watch_keyprefix/man.rst
new file mode 100644
index 00000000..c600323c
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_keyprefix/man.rst
@@ -0,0 +1,63 @@
+cdist-type__consul_watch_keyprefix(7)
+=====================================
+
+NAME
+----
+cdist-type__consul_watch_keyprefix - Manages consul keyprefix watches
+
+
+DESCRIPTION
+-----------
+Generate and deploy watch definitions of type 'keyprefix' for a consul agent.
+See http://www.consul.io/docs/agent/watches.html for parameter documentation.
+
+
+REQUIRED PARAMETERS
+-------------------
+handler
+ the handler to invoke when the data view updates
+
+prefix
+ the prefix of keys to watch for changes
+
+
+OPTIONAL PARAMETERS
+-------------------
+datacenter
+ can be provided to override the agent's default datacenter
+
+state
+ if this watch is 'present' or 'absent'. Defaults to 'present'.
+
+token
+ can be provided to override the agent's default ACL token
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __consul_watch_keyprefix some-id \
+ --prefix foo/ \
+ --handler /usr/bin/my-prefix-handler.sh
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__consul_agent`\ (7)
+
+consul documentation at: .
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2015 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__consul_watch_keyprefix/manifest b/cdist/conf/type/__consul_watch_keyprefix/manifest
new file mode 100755
index 00000000..b17680c1
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_keyprefix/manifest
@@ -0,0 +1,52 @@
+#!/bin/sh -e
+#
+# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+cdist_type="${__type##*/}"
+watch_type="${cdist_type##*_}"
+conf_dir=$(cat "$__object/explorer/conf-dir")
+conf_file="watch_${watch_type}_${__object_id}.json"
+state="$(cat "$__object/parameter/state")"
+
+# Generate json config file
+(
+echo "{"
+printf ' "watches": [{\n'
+printf ' "type": "%s"\n' "$watch_type"
+cd "$__object/parameter/"
+for param in *; do
+ case "$param" in
+ state) continue ;;
+ *)
+ key="$(echo "$param" | tr '-' '_')"
+ printf ' ,"%s": "%s"\n' "$key" "$(cat "$__object/parameter/$param")"
+ ;;
+ esac
+done
+# end watches
+echo " }]"
+# end json file
+echo "}"
+) | \
+require="__directory${conf_dir}" \
+ __config_file "${conf_dir}/${conf_file}" \
+ --owner root --group consul --mode 640 \
+ --state "$state" \
+ --onchange 'service consul status >/dev/null && service consul reload || true' \
+ --source -
diff --git a/cdist/conf/type/__consul_watch_keyprefix/parameter/default/state b/cdist/conf/type/__consul_watch_keyprefix/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_keyprefix/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__consul_watch_keyprefix/parameter/optional b/cdist/conf/type/__consul_watch_keyprefix/parameter/optional
new file mode 100644
index 00000000..bfce8305
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_keyprefix/parameter/optional
@@ -0,0 +1,3 @@
+datacenter
+state
+token
diff --git a/cdist/conf/type/__consul_watch_keyprefix/parameter/required b/cdist/conf/type/__consul_watch_keyprefix/parameter/required
new file mode 100644
index 00000000..6223b4de
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_keyprefix/parameter/required
@@ -0,0 +1,2 @@
+handler
+keyprefix
diff --git a/cdist/conf/type/__consul_watch_nodes/explorer/conf-dir b/cdist/conf/type/__consul_watch_nodes/explorer/conf-dir
new file mode 120000
index 00000000..daa712c3
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_nodes/explorer/conf-dir
@@ -0,0 +1 @@
+../../__consul_service/explorer/conf-dir
\ No newline at end of file
diff --git a/cdist/conf/type/__consul_watch_nodes/man.rst b/cdist/conf/type/__consul_watch_nodes/man.rst
new file mode 100644
index 00000000..d886a586
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_nodes/man.rst
@@ -0,0 +1,59 @@
+cdist-type__consul_watch_nodes(7)
+=================================
+
+NAME
+----
+cdist-type__consul_watch_nodes - Manages consul nodes watches
+
+
+DESCRIPTION
+-----------
+Generate and deploy watch definitions of type 'nodes' for a consul agent.
+See http://www.consul.io/docs/agent/watches.html for parameter documentation.
+
+
+REQUIRED PARAMETERS
+-------------------
+handler
+ the handler to invoke when the data view updates
+
+
+OPTIONAL PARAMETERS
+-------------------
+datacenter
+ can be provided to override the agent's default datacenter
+
+state
+ if this watch is 'present' or 'absent'. Defaults to 'present'.
+
+token
+ can be provided to override the agent's default ACL token
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __consul_watch_nodes some-id \
+ --handler /usr/bin/my-key-handler.sh
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__consul_agent`\ (7)
+
+consul documentation at: .
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2015 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__consul_watch_nodes/manifest b/cdist/conf/type/__consul_watch_nodes/manifest
new file mode 100755
index 00000000..b17680c1
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_nodes/manifest
@@ -0,0 +1,52 @@
+#!/bin/sh -e
+#
+# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+cdist_type="${__type##*/}"
+watch_type="${cdist_type##*_}"
+conf_dir=$(cat "$__object/explorer/conf-dir")
+conf_file="watch_${watch_type}_${__object_id}.json"
+state="$(cat "$__object/parameter/state")"
+
+# Generate json config file
+(
+echo "{"
+printf ' "watches": [{\n'
+printf ' "type": "%s"\n' "$watch_type"
+cd "$__object/parameter/"
+for param in *; do
+ case "$param" in
+ state) continue ;;
+ *)
+ key="$(echo "$param" | tr '-' '_')"
+ printf ' ,"%s": "%s"\n' "$key" "$(cat "$__object/parameter/$param")"
+ ;;
+ esac
+done
+# end watches
+echo " }]"
+# end json file
+echo "}"
+) | \
+require="__directory${conf_dir}" \
+ __config_file "${conf_dir}/${conf_file}" \
+ --owner root --group consul --mode 640 \
+ --state "$state" \
+ --onchange 'service consul status >/dev/null && service consul reload || true' \
+ --source -
diff --git a/cdist/conf/type/__consul_watch_nodes/parameter/default/state b/cdist/conf/type/__consul_watch_nodes/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_nodes/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__consul_watch_nodes/parameter/optional b/cdist/conf/type/__consul_watch_nodes/parameter/optional
new file mode 100644
index 00000000..bfce8305
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_nodes/parameter/optional
@@ -0,0 +1,3 @@
+datacenter
+state
+token
diff --git a/cdist/conf/type/__consul_watch_nodes/parameter/required b/cdist/conf/type/__consul_watch_nodes/parameter/required
new file mode 100644
index 00000000..64b916c1
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_nodes/parameter/required
@@ -0,0 +1 @@
+handler
diff --git a/cdist/conf/type/__consul_watch_service/explorer/conf-dir b/cdist/conf/type/__consul_watch_service/explorer/conf-dir
new file mode 120000
index 00000000..daa712c3
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_service/explorer/conf-dir
@@ -0,0 +1 @@
+../../__consul_service/explorer/conf-dir
\ No newline at end of file
diff --git a/cdist/conf/type/__consul_watch_service/man.rst b/cdist/conf/type/__consul_watch_service/man.rst
new file mode 100644
index 00000000..37cabcc9
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_service/man.rst
@@ -0,0 +1,83 @@
+cdist-type__consul_watch_service(7)
+===================================
+
+NAME
+----
+cdist-type__consul_watch_service - Manages consul service watches
+
+
+DESCRIPTION
+-----------
+Generate and deploy watch definitions of type 'service' for a consul agent.
+See http://www.consul.io/docs/agent/watches.html for parameter documentation.
+
+
+REQUIRED PARAMETERS
+-------------------
+handler
+ the handler to invoke when the data view updates
+
+service
+ the service to watch for changes
+
+
+OPTIONAL PARAMETERS
+-------------------
+datacenter
+ can be provided to override the agent's default datacenter
+
+state
+ if this watch is 'present' or 'absent'. Defaults to 'present'.
+
+token
+ can be provided to override the agent's default ACL token
+
+tag
+ filter by tag
+
+
+BOOLEAN PARAMETERS
+------------------
+passingonly
+ specifies if only hosts passing all checks are displayed
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __consul_watch_service some-id \
+ --service consul \
+ --handler /usr/bin/my-handler.sh
+
+ __consul_watch_service some-id \
+ --service redis \
+ --tag production \
+ --handler /usr/bin/my-handler.sh
+
+ __consul_watch_service some-id \
+ --service redis \
+ --tag production \
+ --passingonly \
+ --handler /usr/bin/my-handler.sh
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__consul_agent`\ (7)
+
+consul documentation at: .
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2015 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__consul_watch_service/manifest b/cdist/conf/type/__consul_watch_service/manifest
new file mode 100755
index 00000000..e8d18328
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_service/manifest
@@ -0,0 +1,55 @@
+#!/bin/sh -e
+#
+# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+cdist_type="${__type##*/}"
+watch_type="${cdist_type##*_}"
+conf_dir=$(cat "$__object/explorer/conf-dir")
+conf_file="watch_${watch_type}_${__object_id}.json"
+state="$(cat "$__object/parameter/state")"
+
+# Generate json config file
+(
+echo "{"
+printf ' "watches": [{\n'
+printf ' "type": "%s"\n' "$watch_type"
+cd "$__object/parameter/"
+for param in *; do
+ case "$param" in
+ state) continue ;;
+ passingonly)
+ printf ' ,"passingonly": true\n'
+ ;;
+ *)
+ key="$(echo "$param" | tr '-' '_')"
+ printf ' ,"%s": "%s"\n' "$key" "$(cat "$__object/parameter/$param")"
+ ;;
+ esac
+done
+# end watches
+echo " }]"
+# end json file
+echo "}"
+) | \
+require="__directory${conf_dir}" \
+ __config_file "${conf_dir}/${conf_file}" \
+ --owner root --group consul --mode 640 \
+ --state "$state" \
+ --onchange 'service consul status >/dev/null && service consul reload || true' \
+ --source -
diff --git a/cdist/conf/type/__consul_watch_service/parameter/boolean b/cdist/conf/type/__consul_watch_service/parameter/boolean
new file mode 100644
index 00000000..4c1e4b3f
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_service/parameter/boolean
@@ -0,0 +1 @@
+passingonly
diff --git a/cdist/conf/type/__consul_watch_service/parameter/default/state b/cdist/conf/type/__consul_watch_service/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_service/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__consul_watch_service/parameter/optional b/cdist/conf/type/__consul_watch_service/parameter/optional
new file mode 100644
index 00000000..a81860ac
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_service/parameter/optional
@@ -0,0 +1,4 @@
+datacenter
+state
+tag
+token
diff --git a/cdist/conf/type/__consul_watch_service/parameter/required b/cdist/conf/type/__consul_watch_service/parameter/required
new file mode 100644
index 00000000..e1ffa4d6
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_service/parameter/required
@@ -0,0 +1,2 @@
+handler
+service
diff --git a/cdist/conf/type/__consul_watch_services/explorer/conf-dir b/cdist/conf/type/__consul_watch_services/explorer/conf-dir
new file mode 120000
index 00000000..daa712c3
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_services/explorer/conf-dir
@@ -0,0 +1 @@
+../../__consul_service/explorer/conf-dir
\ No newline at end of file
diff --git a/cdist/conf/type/__consul_watch_services/man.rst b/cdist/conf/type/__consul_watch_services/man.rst
new file mode 100644
index 00000000..cea5f901
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_services/man.rst
@@ -0,0 +1,59 @@
+cdist-type__consul_watch_services(7)
+====================================
+
+NAME
+----
+cdist-type__consul_watch_services - Manages consul services watches
+
+
+DESCRIPTION
+-----------
+Generate and deploy watch definitions of type 'services' for a consul agent.
+See http://www.consul.io/docs/agent/watches.html for parameter documentation.
+
+
+REQUIRED PARAMETERS
+-------------------
+handler
+ the handler to invoke when the data view updates
+
+
+OPTIONAL PARAMETERS
+-------------------
+datacenter
+ can be provided to override the agent's default datacenter
+
+state
+ if this watch is 'present' or 'absent'. Defaults to 'present'.
+
+token
+ can be provided to override the agent's default ACL token
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __consul_watch_services some-id \
+ --handler /usr/bin/my-key-handler.sh
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__consul_agent`\ (7)
+
+consul documentation at: .
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2015 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__consul_watch_services/manifest b/cdist/conf/type/__consul_watch_services/manifest
new file mode 100755
index 00000000..b17680c1
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_services/manifest
@@ -0,0 +1,52 @@
+#!/bin/sh -e
+#
+# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+cdist_type="${__type##*/}"
+watch_type="${cdist_type##*_}"
+conf_dir=$(cat "$__object/explorer/conf-dir")
+conf_file="watch_${watch_type}_${__object_id}.json"
+state="$(cat "$__object/parameter/state")"
+
+# Generate json config file
+(
+echo "{"
+printf ' "watches": [{\n'
+printf ' "type": "%s"\n' "$watch_type"
+cd "$__object/parameter/"
+for param in *; do
+ case "$param" in
+ state) continue ;;
+ *)
+ key="$(echo "$param" | tr '-' '_')"
+ printf ' ,"%s": "%s"\n' "$key" "$(cat "$__object/parameter/$param")"
+ ;;
+ esac
+done
+# end watches
+echo " }]"
+# end json file
+echo "}"
+) | \
+require="__directory${conf_dir}" \
+ __config_file "${conf_dir}/${conf_file}" \
+ --owner root --group consul --mode 640 \
+ --state "$state" \
+ --onchange 'service consul status >/dev/null && service consul reload || true' \
+ --source -
diff --git a/cdist/conf/type/__consul_watch_services/parameter/default/state b/cdist/conf/type/__consul_watch_services/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_services/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__consul_watch_services/parameter/optional b/cdist/conf/type/__consul_watch_services/parameter/optional
new file mode 100644
index 00000000..bfce8305
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_services/parameter/optional
@@ -0,0 +1,3 @@
+datacenter
+state
+token
diff --git a/cdist/conf/type/__consul_watch_services/parameter/required b/cdist/conf/type/__consul_watch_services/parameter/required
new file mode 100644
index 00000000..64b916c1
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_services/parameter/required
@@ -0,0 +1 @@
+handler
diff --git a/cdist/conf/type/__cron/explorer/entry b/cdist/conf/type/__cron/explorer/entry
old mode 100755
new mode 100644
index c3bf02d2..801861a3
--- a/cdist/conf/type/__cron/explorer/entry
+++ b/cdist/conf/type/__cron/explorer/entry
@@ -22,4 +22,9 @@
name="$__object_name"
user="$(cat "$__object/parameter/user")"
-crontab -u $user -l 2>/dev/null | grep "# $name\$" || true
+if [ -f "$__object/parameter/raw_command" ]; then
+ command="$(cat "$__object/parameter/command")"
+ crontab -u "$user" -l 2>/dev/null | grep "^$command\$" || true
+else
+ crontab -u "$user" -l 2>/dev/null | grep "# $name\$" || true
+fi
diff --git a/cdist/conf/type/__cron/gencode-remote b/cdist/conf/type/__cron/gencode-remote
index c04a7245..9debbc47 100755
--- a/cdist/conf/type/__cron/gencode-remote
+++ b/cdist/conf/type/__cron/gencode-remote
@@ -1,7 +1,9 @@
-#!/bin/sh
+#!/bin/sh -e
#
# 2011 Steven Armstrong (steven-cdist at armstrong.cc)
# 2013 Nico Schottelius (nico-cdist at schottelius.org)
+# 2013 Thomas Oettli (otho at sfs.biz)
+# 2017 Daniel Heule (hda at sfs.biz)
#
# This file is part of cdist.
#
@@ -25,27 +27,32 @@ command="$(cat "$__object/parameter/command")"
if [ -f "$__object/parameter/raw" ]; then
raw="$(cat "$__object/parameter/raw")"
- entry="$raw $command"
+ entry="$raw $command # $name"
+elif [ -f "$__object/parameter/raw_command" ]; then
+ entry="$command"
else
- minute="$(cat "$__object/parameter/minute" 2>/dev/null || echo "*")"
- hour="$(cat "$__object/parameter/hour" 2>/dev/null || echo "*")"
- day_of_month="$(cat "$__object/parameter/day_of_month" 2>/dev/null || echo "*")"
- month="$(cat "$__object/parameter/month" 2>/dev/null || echo "*")"
- day_of_week="$(cat "$__object/parameter/day_of_week" 2>/dev/null || echo "*")"
- entry="$minute $hour $day_of_month $month $day_of_week $command"
+ minute="$(cat "$__object/parameter/minute")"
+ hour="$(cat "$__object/parameter/hour")"
+ day_of_month="$(cat "$__object/parameter/day_of_month")"
+ month="$(cat "$__object/parameter/month")"
+ day_of_week="$(cat "$__object/parameter/day_of_week")"
+ entry="$minute $hour $day_of_month $month $day_of_week $command # $name"
fi
-entry="$entry # $name"
mkdir "$__object/files"
echo "$entry" > "$__object/files/entry"
-if diff -q "$__object/files/entry" "$__object/explorer/entry" >/dev/null; then
- state_is=present
+if [ -s "$__object/explorer/entry" ]; then
+ if diff -q "$__object/files/entry" "$__object/explorer/entry" >/dev/null; then
+ state_is=present
+ else
+ state_is=modified
+ fi
else
state_is=absent
fi
-state_should="$(cat "$__object/parameter/state" 2>/dev/null || echo "present")"
+state_should="$(cat "$__object/parameter/state")"
[ "$state_is" = "$state_should" ] && exit 0
@@ -55,8 +62,9 @@ state_should="$(cat "$__object/parameter/state" 2>/dev/null || echo "present")"
# These are the old markers
prefix="#cdist:__cron/$__object_id"
suffix="#/cdist:__cron/$__object_id"
+filter='^# DO NOT EDIT THIS FILE|^# \(.* installed on |^# \(Cron version V|^# \(Cronie version .\..\)$'
cat << DONE
-crontab -u $user -l | awk -v prefix="$prefix" -v suffix="$suffix" '
+crontab -u $user -l 2>/dev/null | grep -v -E "$filter" | awk -v prefix="$prefix" -v suffix="$suffix" '
{
if (index(\$0,prefix)) {
triggered=1
@@ -74,13 +82,19 @@ DONE
case "$state_should" in
present)
+ # if we insert new entry, filter also all entrys out with the same id
echo "("
- echo "crontab -u $user -l 2>/dev/null || true"
+ echo "crontab -u $user -l 2>/dev/null | grep -v -E \"$filter\" | grep -v \"# $name\\$\" 2>/dev/null || true"
echo "echo '$entry'"
echo ") | crontab -u $user -"
;;
absent)
- echo "( crontab -u $user -l 2>/dev/null || true ) | \\"
- echo "grep -v \"# $name\\$\" | crontab -u $user -"
+ if [ -f "$__object/parameter/raw_command" ]; then
+ echo "( crontab -u $user -l 2>/dev/null | grep -v -E \"$filter\" 2>/dev/null || true ) | \\"
+ echo "grep -v \"^$entry\\$\" | crontab -u $user -"
+ else
+ echo "( crontab -u $user -l 2>/dev/null | grep -v -E \"$filter\" 2>/dev/null || true ) | \\"
+ echo "grep -v \"# $name\\$\" | crontab -u $user -"
+ fi
;;
esac
diff --git a/cdist/conf/type/__cron/man.rst b/cdist/conf/type/__cron/man.rst
new file mode 100644
index 00000000..d0694738
--- /dev/null
+++ b/cdist/conf/type/__cron/man.rst
@@ -0,0 +1,84 @@
+cdist-type__cron(7)
+===================
+
+NAME
+----
+cdist-type__cron - Installs and manages cron jobs
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to manage entries in a users crontab.
+
+
+REQUIRED PARAMETERS
+-------------------
+user
+ The user who's crontab is edited
+command
+ The command to run.
+
+
+OPTIONAL PARAMETERS
+-------------------
+state
+ Either present or absent. Defaults to present.
+minute
+ See crontab(5). Defaults to *
+hour
+ See crontab(5). Defaults to *
+day_of_month
+ See crontab(5). Defaults to *
+month
+ See crontab(5). Defaults to *
+day_of_week
+ See crontab(5). Defaults to *
+raw
+ Take whatever the user has given instead of time and date fields.
+ If given, all other time and date fields are ignored.
+ Can for example be used to specify cron EXTENSIONS like reboot, yearly etc.
+ See crontab(5) for the extensions if any that your cron implementation
+ implements.
+raw_command
+ Take whatever the user has given in the command and ignore everything else.
+ If given, the command will be added to crontab.
+ Can for example be used to define variables like SHELL or MAILTO.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # run Monday to Saturday at 23:15
+ __cron some-id --user root --command "/path/to/script" \
+ --hour 23 --minute 15 --day_of_week 1-6
+
+ # run on reboot
+ __cron some-id --user root --command "/path/to/script" \
+ --raw @reboot
+
+ # remove cronjob
+ __cron some-id --user root --command "/path/to/script" --state absent
+
+ # define default shell
+ __cron some-id --user root --raw_command --command "SHELL=/bin/bash" \
+ --state present
+
+
+SEE ALSO
+--------
+:strong:`crontab`\ (5)
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2011-2013 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__cron/man.text b/cdist/conf/type/__cron/man.text
deleted file mode 100644
index 22627234..00000000
--- a/cdist/conf/type/__cron/man.text
+++ /dev/null
@@ -1,72 +0,0 @@
-cdist-type__cron(7)
-===================
-Steven Armstrong
-
-
-NAME
-----
-cdist-type__cron - installs and manages cron jobs
-
-
-DESCRIPTION
------------
-This cdist type allows you to manage entries in a users crontab.
-
-
-REQUIRED PARAMETERS
--------------------
-user::
- The user who's crontab is edited
-command::
- The command to run.
-
-
-OPTIONAL PARAMETERS
--------------------
-state::
- Either present or absent. Defaults to present.
-minute::
- See crontab(5). Defaults to *
-hour::
- See crontab(5). Defaults to *
-day_of_month::
- See crontab(5). Defaults to *
-month::
- See crontab(5). Defaults to *
-day_of_week::
- See crontab(5). Defaults to *
-raw::
- Take whatever the user has given instead of time and date fields.
- If given, all other time and date fields are ignored.
- Can for example be used to specify cron EXTENSIONS like reboot, yearly etc.
- See crontab(5) for the extensions if any that your cron implementation
- implements.
-
-
-EXAMPLES
---------
-
---------------------------------------------------------------------------------
-# run Monday to Saturday at 23:15
-__cron some-id --user root --command "/path/to/script" \
- --hour 23 --minute 15 --day_of_week 1-6
-
-# run on reboot
-__cron some-id --user root --command "/path/to/script" \
- --raw @reboot
-
-# remove cronjob
-__cron some-id --user root --command "/path/to/script" --state absent
---------------------------------------------------------------------------------
-
-
-SEE ALSO
---------
-- cdist-type(7)
-- crontab(5)
-
-
-COPYING
--------
-Copyright \(C) 2011-2013 Steven Armstrong. Free use of this software is
-granted under the terms of the GNU General Public License version 3 (GPLv3).
diff --git a/cdist/conf/type/__cron/manifest b/cdist/conf/type/__cron/manifest
new file mode 100755
index 00000000..e7b51863
--- /dev/null
+++ b/cdist/conf/type/__cron/manifest
@@ -0,0 +1,33 @@
+#!/bin/sh -e
+#
+# 2013 Thomas Oettli (otho at sfs.biz)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+if [ -f "$__object/parameter/raw" ] && [ -f "$__object/parameter/raw_command" ]; then
+ echo "ERROR: both raw and raw_command specified" >&2
+ exit 1
+fi
+
+case "$(cat "$__object/parameter/state")" in
+ present) ;;
+ absent) ;;
+
+ *)
+ echo "ERROR: unkown cron state" >&2
+ exit 2
+esac
diff --git a/cdist/test/cdist_object/fixtures/object/__third/.keep b/cdist/conf/type/__cron/nonparallel
similarity index 100%
rename from cdist/test/cdist_object/fixtures/object/__third/.keep
rename to cdist/conf/type/__cron/nonparallel
diff --git a/cdist/conf/type/__cron/parameter/boolean b/cdist/conf/type/__cron/parameter/boolean
new file mode 100644
index 00000000..54cfb0b3
--- /dev/null
+++ b/cdist/conf/type/__cron/parameter/boolean
@@ -0,0 +1 @@
+raw_command
diff --git a/cdist/conf/type/__cron/parameter/default/day_of_month b/cdist/conf/type/__cron/parameter/default/day_of_month
new file mode 100644
index 00000000..72e8ffc0
--- /dev/null
+++ b/cdist/conf/type/__cron/parameter/default/day_of_month
@@ -0,0 +1 @@
+*
diff --git a/cdist/conf/type/__cron/parameter/default/day_of_week b/cdist/conf/type/__cron/parameter/default/day_of_week
new file mode 100644
index 00000000..72e8ffc0
--- /dev/null
+++ b/cdist/conf/type/__cron/parameter/default/day_of_week
@@ -0,0 +1 @@
+*
diff --git a/cdist/conf/type/__cron/parameter/default/hour b/cdist/conf/type/__cron/parameter/default/hour
new file mode 100644
index 00000000..72e8ffc0
--- /dev/null
+++ b/cdist/conf/type/__cron/parameter/default/hour
@@ -0,0 +1 @@
+*
diff --git a/cdist/conf/type/__cron/parameter/default/minute b/cdist/conf/type/__cron/parameter/default/minute
new file mode 100644
index 00000000..72e8ffc0
--- /dev/null
+++ b/cdist/conf/type/__cron/parameter/default/minute
@@ -0,0 +1 @@
+*
diff --git a/cdist/conf/type/__cron/parameter/default/month b/cdist/conf/type/__cron/parameter/default/month
new file mode 100644
index 00000000..72e8ffc0
--- /dev/null
+++ b/cdist/conf/type/__cron/parameter/default/month
@@ -0,0 +1 @@
+*
diff --git a/cdist/conf/type/__cron/parameter/default/state b/cdist/conf/type/__cron/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__cron/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__daemontools/files/init.d-svscan b/cdist/conf/type/__daemontools/files/init.d-svscan
new file mode 100644
index 00000000..996eb4e8
--- /dev/null
+++ b/cdist/conf/type/__daemontools/files/init.d-svscan
@@ -0,0 +1,68 @@
+#!/bin/bash
+### BEGIN INIT INFO
+# Provides: svscan
+# Required-Start:
+# Required-Stop:
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: svscan
+# Description: djb svscan
+### END INIT INFO
+# from https://gist.githubusercontent.com/pacojp/5766990/raw/2ed009ab19515afc9e58291b636d673c5ca864b3/init.d.svscan
+# written by Adam McKenna
+# edited by Kamila Součková
+
+export PATH=$PATH:/usr/local/bin
+
+l=/var/log/svscan
+
+if [ ! -d $l ]; then
+ mkdir $l
+ chown daemon $l
+fi
+
+case "$1" in
+ start)
+ printf "Starting daemontools: "
+ if ! pidof svscan > /dev/null 2>&1; then
+ printf "svscan "
+ env - PATH="$PATH" svscan /service 2>&1 | setuidgid daemon multilog t /var/log/svscan &
+ echo "."
+ else
+ echo "already running."
+ fi
+ ;;
+ stop)
+ printf "Stopping daemontools: "
+ pids="$(pidof svscan)"
+ if [ -n "${pids}" ]
+ then
+ printf "svscan"
+ while [ -n "${pids}" ]
+ do
+ # shellcheck disable=SC2086
+ kill ${pids}
+ printf "."
+ pids="$(pidof svscan)"
+ done
+ fi
+ printf " services"
+ for i in /service/*; do
+ svc -dx "$i"
+ printf "."
+ done
+ printf " logging "
+ for i in /service/*/log; do
+ svc -dx "$i"
+ printf "."
+ done
+ echo ""
+ ;;
+ restart|force-reload)
+ $0 stop
+ $0 start
+ ;;
+ *)
+ echo 'Usage: /etc/init.d/svscan {start|stop|restart|force-reload}'
+ exit 1
+esac
diff --git a/cdist/conf/type/__daemontools/man.rst b/cdist/conf/type/__daemontools/man.rst
new file mode 100644
index 00000000..bc1b4d33
--- /dev/null
+++ b/cdist/conf/type/__daemontools/man.rst
@@ -0,0 +1,54 @@
+cdist-type__daemontools(7)
+==========================
+
+NAME
+----
+cdist-type__daemontools - Install daemontools
+
+
+DESCRIPTION
+-----------
+Install djb daemontools and (optionally) an init script.
+
+
+REQUIRED PARAMETERS
+-------------------
+None.
+
+
+OPTIONAL PARAMETERS
+-------------------
+from-package
+ Package to install. Must be compatible with the original daemontools. Example: daemontools-encore. Default: daemontools.
+
+servicedir
+ Directory to scan for services. Default: `/service`
+
+
+BOOLEAN PARAMETERS
+------------------
+install-init-script
+ Add an init script and set it to start on boot.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __daemontools --from-package daemontools-encore # if you prefer
+
+SEE ALSO
+--------
+:strong:`cdist-type__daemontools_service`\ (7)
+
+AUTHORS
+-------
+Kamila Součková
+
+COPYING
+-------
+Copyright \(C) 2017 Kamila Součková. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__daemontools/manifest b/cdist/conf/type/__daemontools/manifest
new file mode 100755
index 00000000..b04c7e07
--- /dev/null
+++ b/cdist/conf/type/__daemontools/manifest
@@ -0,0 +1,40 @@
+#!/bin/sh -e
+
+pkg=$(cat "$__object/parameter/from-package")
+servicedir=$(cat "$__object/parameter/servicedir")
+
+__package "$pkg"
+__directory "$servicedir" --mode 700
+
+os=$(cat "$__global/explorer/os")
+init=$(cat "$__global/explorer/init")
+
+require=""
+case $os in
+ freebsd)
+ # TODO change to __start_on_boot once it supports freebsd
+ __config_file /etc/rc.conf.d/svscan --source - <<-EOT
+ svscan_enable="YES"
+ svscan_servicedir="$servicedir"
+ EOT
+ require="$require __package/$pkg __directory/$servicedir __config_file/etc/rc.conf.d/svscan" \
+ __process svscan --name ".*/svscan $servicedir" --start 'service svscan start'
+ ;;
+ *)
+ case $init in
+ init)
+ if [ -f "$__object/parameter/install-init-script" ]; then
+ __config_file /etc/init.d/svscan --mode 755 --source "$__type/files/init.d-svscan"
+ REQUIREEXTRA="__config_file/etc/init.d/svscan"
+ fi
+ require="$require $REQUIREEXTRA" __start_on_boot svscan
+ require="$require __package/$pkg __directory/$servicedir __start_on_boot/svscan" \
+ __process svscan --name ".*/svscan $servicedir" --start 'service svscan start'
+ ;;
+ *)
+ echo "Your init system ($init) is not supported by this type. Submit a patch at github.com/ungleich/cdist!"
+ exit 1
+ ;;
+ esac
+ ;;
+esac
diff --git a/cdist/conf/type/__daemontools/parameter/boolean b/cdist/conf/type/__daemontools/parameter/boolean
new file mode 100644
index 00000000..99a1cefd
--- /dev/null
+++ b/cdist/conf/type/__daemontools/parameter/boolean
@@ -0,0 +1 @@
+install-init-script
diff --git a/cdist/conf/type/__daemontools/parameter/default/from-package b/cdist/conf/type/__daemontools/parameter/default/from-package
new file mode 100644
index 00000000..598dd40a
--- /dev/null
+++ b/cdist/conf/type/__daemontools/parameter/default/from-package
@@ -0,0 +1 @@
+daemontools
diff --git a/cdist/conf/type/__daemontools/parameter/default/servicedir b/cdist/conf/type/__daemontools/parameter/default/servicedir
new file mode 100644
index 00000000..b74e27f6
--- /dev/null
+++ b/cdist/conf/type/__daemontools/parameter/default/servicedir
@@ -0,0 +1 @@
+/service
diff --git a/cdist/conf/type/__daemontools/parameter/optional b/cdist/conf/type/__daemontools/parameter/optional
new file mode 100644
index 00000000..22c0805d
--- /dev/null
+++ b/cdist/conf/type/__daemontools/parameter/optional
@@ -0,0 +1,2 @@
+from-package
+servicedir
diff --git a/cdist/test/cdist_object/fixtures/object/__third/moon/.cdist/.keep b/cdist/conf/type/__daemontools/singleton
similarity index 100%
rename from cdist/test/cdist_object/fixtures/object/__third/moon/.cdist/.keep
rename to cdist/conf/type/__daemontools/singleton
diff --git a/cdist/conf/type/__daemontools_service/explorer/svc b/cdist/conf/type/__daemontools_service/explorer/svc
new file mode 100755
index 00000000..9ba462f2
--- /dev/null
+++ b/cdist/conf/type/__daemontools_service/explorer/svc
@@ -0,0 +1,2 @@
+#!/bin/sh
+command -v svc || true
diff --git a/cdist/conf/type/__daemontools_service/man.rst b/cdist/conf/type/__daemontools_service/man.rst
new file mode 100644
index 00000000..9bbbe2f8
--- /dev/null
+++ b/cdist/conf/type/__daemontools_service/man.rst
@@ -0,0 +1,78 @@
+cdist-type__daemontools_service(7)
+==================================
+
+NAME
+----
+cdist-type__daemontools_service - Create a daemontools-compatible service dir.
+
+
+DESCRIPTION
+-----------
+Create a directory structure compatible with daemontools-like service management.
+
+Note that svc must be present on the target system.
+
+The object ID will be used as the service name.
+
+REQUIRED PARAMETERS
+-------------------
+None.
+
+OPTIONAL PARAMETERS
+-------------------
+run
+ Command to run. exec-ing and stderr redirection will be added. One of run, run-file must be specified.
+
+ Example: `my-program`
+
+run-file
+ File to save as /run. One of run, run-file must be specified.
+
+ Example:
+
+.. code-block:: sh
+
+ #!/bin/sh
+ exec 2>&1
+ exec my_program
+
+
+log-run
+ Command to run for log consumption. Default: `multilog t ./main`
+
+owner
+ User to chown to.
+
+group
+ User to chgrp to.
+
+servicedir
+ Directory to install into. Default: `/service`
+
+BOOLEAN PARAMETERS
+------------------
+None.
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ require="__daemontools" __daemontools_service prometheus --run "setuidgid prometheus $GOBIN/prometheus $FLAGS"
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__daemontools`\ (7)
+
+
+AUTHORS
+-------
+Kamila Součková
+
+COPYING
+-------
+Copyright \(C) 2017 Kamila Součková. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__daemontools_service/manifest b/cdist/conf/type/__daemontools_service/manifest
new file mode 100755
index 00000000..8a81b5f5
--- /dev/null
+++ b/cdist/conf/type/__daemontools_service/manifest
@@ -0,0 +1,48 @@
+#!/bin/sh -e
+
+RUN_PREFIX="#!/bin/sh
+exec 2>&1
+exec " # mind the space :D
+
+name=$__object_id
+servicedir=$(cat "$__object/parameter/servicedir")
+run=$(cat "$__object/parameter/run")
+runfile=$(cat "$__object/parameter/run-file")
+logrun=$(cat "$__object/parameter/log-run")
+owner=$(cat "$__object/parameter/owner")
+group=$(cat "$__object/parameter/group")
+
+svc=$(cat "$__type/explorer/svc")
+
+if [ -z "$svc" ]; then
+ echo "svc not found! Install daemontools first: see __daemontools"
+ exit 1
+fi
+
+badusage() {
+ echo "__daemontools_service/$__object_id: exactly one of --run, --run-file must be set" >&2
+ exit 1
+}
+
+[ -z "$run$runfile" ] && badusage
+[ -n "$run" ] && [ -n "$runfile" ] && badusage
+
+flags=""
+if [ -n "$owner" ]; then
+ flags="$flags --owner $owner"
+fi
+if [ -n "$group" ]; then
+ flags="$flags --group $group"
+fi
+
+__directory "$servicedir/$name/log/main" --parents $flags
+
+echo "$RUN_PREFIX$run" | require="__directory/$servicedir/$name/log/main" __config_file "$servicedir/$name/run" \
+ --onchange "svc -t '$servicedir/$name' 2>/dev/null" \
+ --mode 755 $flags \
+ --source "${runfile:--}"
+
+echo "$RUN_PREFIX$logrun" | require="__directory/$servicedir/$name/log/main" __config_file "$servicedir/$name/log/run" \
+ --onchange "svc -t '$servicedir/$name/log' 2>/dev/null" \
+ --mode 755 $flags \
+ --source "-"
diff --git a/cdist/test/config_install/fixtures/object/__first/.keep b/cdist/conf/type/__daemontools_service/parameter/default/group
similarity index 100%
rename from cdist/test/config_install/fixtures/object/__first/.keep
rename to cdist/conf/type/__daemontools_service/parameter/default/group
diff --git a/cdist/conf/type/__daemontools_service/parameter/default/log-run b/cdist/conf/type/__daemontools_service/parameter/default/log-run
new file mode 100644
index 00000000..80d57a74
--- /dev/null
+++ b/cdist/conf/type/__daemontools_service/parameter/default/log-run
@@ -0,0 +1 @@
+multilog t ./main
diff --git a/cdist/test/config_install/fixtures/object/__first/man/.cdist/.keep b/cdist/conf/type/__daemontools_service/parameter/default/owner
similarity index 100%
rename from cdist/test/config_install/fixtures/object/__first/man/.cdist/.keep
rename to cdist/conf/type/__daemontools_service/parameter/default/owner
diff --git a/cdist/test/config_install/fixtures/object/__second/.keep b/cdist/conf/type/__daemontools_service/parameter/default/run
similarity index 100%
rename from cdist/test/config_install/fixtures/object/__second/.keep
rename to cdist/conf/type/__daemontools_service/parameter/default/run
diff --git a/cdist/test/config_install/fixtures/object/__second/on-the/.cdist/.keep b/cdist/conf/type/__daemontools_service/parameter/default/run-file
similarity index 100%
rename from cdist/test/config_install/fixtures/object/__second/on-the/.cdist/.keep
rename to cdist/conf/type/__daemontools_service/parameter/default/run-file
diff --git a/cdist/conf/type/__daemontools_service/parameter/default/servicedir b/cdist/conf/type/__daemontools_service/parameter/default/servicedir
new file mode 100644
index 00000000..b74e27f6
--- /dev/null
+++ b/cdist/conf/type/__daemontools_service/parameter/default/servicedir
@@ -0,0 +1 @@
+/service
diff --git a/cdist/conf/type/__daemontools_service/parameter/optional b/cdist/conf/type/__daemontools_service/parameter/optional
new file mode 100644
index 00000000..7c66b514
--- /dev/null
+++ b/cdist/conf/type/__daemontools_service/parameter/optional
@@ -0,0 +1,6 @@
+group
+log-run
+owner
+run
+run-file
+servicedir
diff --git a/cdist/conf/type/__debconf_set_selections/gencode-remote b/cdist/conf/type/__debconf_set_selections/gencode-remote
index 62be6a12..e99aef40 100755
--- a/cdist/conf/type/__debconf_set_selections/gencode-remote
+++ b/cdist/conf/type/__debconf_set_selections/gencode-remote
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/sh -e
#
-# 2011 Nico Schottelius (nico-cdist at schottelius.org)
+# 2011-2014 Nico Schottelius (nico-cdist at schottelius.org)
#
# This file is part of cdist.
#
@@ -21,6 +21,12 @@
# Setup selections
#
+filename="$(cat "$__object/parameter/file")"
+
+if [ "$filename" = "-" ]; then
+ filename="$__object/stdin"
+fi
+
echo "debconf-set-selections << __file-eof"
-cat "$(cat "$__object/parameter/file")"
+cat "$filename"
echo "__file-eof"
diff --git a/cdist/conf/type/__debconf_set_selections/man.rst b/cdist/conf/type/__debconf_set_selections/man.rst
new file mode 100644
index 00000000..58c25b81
--- /dev/null
+++ b/cdist/conf/type/__debconf_set_selections/man.rst
@@ -0,0 +1,53 @@
+cdist-type__debconf_set_selections(7)
+=====================================
+
+NAME
+----
+cdist-type__debconf_set_selections - Setup debconf selections
+
+
+DESCRIPTION
+-----------
+On Debian and alike systems debconf-set-selections(1) can be used
+to setup configuration parameters.
+
+
+REQUIRED PARAMETERS
+-------------------
+file
+ Use the given filename as input for debconf-set-selections(1)
+ If filename is "-", read from stdin.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Setup configuration for nslcd
+ __debconf_set_selections nslcd --file /path/to/file
+
+ # Setup configuration for nslcd from another type
+ __debconf_set_selections nslcd --file "$__type/files/preseed/nslcd"
+
+ __debconf_set_selections nslcd --file - << eof
+ gitolite gitolite/gituser string git
+ eof
+
+
+SEE ALSO
+--------
+:strong:`debconf-set-selections`\ (1), :strong:`cdist-type__update_alternatives`\ (7)
+
+
+AUTHORS
+-------
+Nico Schottelius
+
+
+COPYING
+-------
+Copyright \(C) 2011-2014 Nico Schottelius. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__debconf_set_selections/man.text b/cdist/conf/type/__debconf_set_selections/man.text
deleted file mode 100644
index f1e13a8e..00000000
--- a/cdist/conf/type/__debconf_set_selections/man.text
+++ /dev/null
@@ -1,45 +0,0 @@
-cdist-type__debconf_set_selections(7)
-=====================================
-Nico Schottelius
-
-
-NAME
-----
-cdist-type__debconf_set_selections - Setup debconf selections
-
-
-DESCRIPTION
------------
-On Debian and alike systems debconf-set-selections(1) can be used
-to setup configuration parameters.
-
-
-REQUIRED PARAMETERS
--------------------
-file::
- Use the given filename as input for debconf-set-selections(1)
-
-
-EXAMPLES
---------
-
---------------------------------------------------------------------------------
-# Setup configuration for nslcd
-__debconf_set_selections nslcd --file /path/to/file
-
-# Setup configuration for nslcd from another type
-__debconf_set_selections nslcd --file "$__type/files/preseed/nslcd"
---------------------------------------------------------------------------------
-
-
-SEE ALSO
---------
-- cdist-type(7)
-- cdist-type__update_alternatives(7)
-- debconf-set-selections(1)
-
-
-COPYING
--------
-Copyright \(C) 2011-2013 Nico Schottelius. Free use of this software is
-granted under the terms of the GNU General Public License version 3 (GPLv3).
diff --git a/cdist/conf/type/__directory/explorer/stat b/cdist/conf/type/__directory/explorer/stat
new file mode 100755
index 00000000..105d894f
--- /dev/null
+++ b/cdist/conf/type/__directory/explorer/stat
@@ -0,0 +1,100 @@
+#!/bin/sh
+#
+# 2013 Steven Armstrong (steven-cdist armstrong.cc)
+# 2020 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+destination="/$__object_id"
+
+fallback() {
+ # Patch the output together, manually
+
+ ls_line=$(ls -ldn "$destination")
+
+ uid=$(echo "$ls_line" | awk '{ print $3 }')
+ gid=$(echo "$ls_line" | awk '{ print $4 }')
+
+ owner=$(awk -F: -v uid="$uid" '$3 == uid { print $1; f=1 } END { if (!f) print "UNKNOWN" }' /etc/passwd)
+ group=$(awk -F: -v uid="$uid" '$3 == uid { print $1; f=1 } END { if (!f) print "UNKNOWN" }' /etc/group)
+
+ mode_text=$(echo "$ls_line" | awk '{ print $1 }')
+ mode=$(echo "$mode_text" | awk '{ k=0; for (i=0; i<=8; i++) k += ((substr($1, i+2, 1) ~ /[rwx]/) * 2^(8-i)); printf("%0o", k) }')
+
+ printf 'type: %s\nowner: %d %s\ngroup: %d %s\nmode: %s %s\n' \
+ "$("$__type_explorer/type")" \
+ "$uid" "$owner" \
+ "$gid" "$group" \
+ "$mode" "$mode_text"
+}
+
+# nothing to work with, nothing we could do
+[ -e "$destination" ] || exit 0
+
+if ! command -v stat >/dev/null
+then
+ fallback
+ exit
+fi
+
+case $("$__explorer/os") in
+ "freebsd"|"netbsd"|"openbsd"|"macosx")
+ stat -f "type: %HT
+owner: %Du %Su
+group: %Dg %Sg
+mode: %Lp %Sp
+" "$destination" | awk '/^type/ { print tolower($0); next } { print }'
+ ;;
+ solaris)
+ ls1="$( ls -ld "$destination" )"
+ ls2="$( ls -ldn "$destination" )"
+
+ if [ -f "$__object/parameter/mode" ]
+ then mode_should="$( cat "$__object/parameter/mode" )"
+ fi
+
+ # yes, it is ugly hack, but if you know better way...
+ if [ -z "$( find "$destination" -perm "$mode_should" )" ]
+ then octets=888
+ else octets="$( echo "$mode_should" | sed 's/^0//' )"
+ fi
+
+ case "$( echo "$ls1" | cut -c1-1 )" in
+ -) echo 'type: regular file' ;;
+ d) echo 'type: directory' ;;
+ esac
+
+ echo "owner: $( echo "$ls2" \
+ | awk '{print $3}' ) $( echo "$ls1" \
+ | awk '{print $3}' )"
+
+ echo "group: $( echo "$ls2" \
+ | awk '{print $4}' ) $( echo "$ls1" \
+ | awk '{print $4}' )"
+
+ echo "mode: $octets $( echo "$ls1" | awk '{print $1}' )"
+ ;;
+ *)
+ # NOTE: Do not use --printf here as it is not supported by BusyBox stat.
+ # NOTE: BusyBox's stat might not support the "-c" option, in which case
+ # we fall through to the shell fallback.
+ stat -c "type: %F
+owner: %u %U
+group: %g %G
+mode: %a %A" "$destination" 2>/dev/null || fallback
+ ;;
+esac
diff --git a/cdist/conf/type/__directory/explorer/mode b/cdist/conf/type/__directory/explorer/type
old mode 100644
new mode 100755
similarity index 71%
rename from cdist/conf/type/__directory/explorer/mode
rename to cdist/conf/type/__directory/explorer/type
index f75b282b..e723047c
--- a/cdist/conf/type/__directory/explorer/mode
+++ b/cdist/conf/type/__directory/explorer/type
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# 2011 Nico Schottelius (nico-cdist at schottelius.org)
+# 2013 Steven Armstrong (steven-cdist armstrong.cc)
#
# This file is part of cdist.
#
@@ -17,23 +17,17 @@
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see .
#
-#
-# Check whether file exists or not
-#
destination="/$__object_id"
-os=$("$__explorer/os")
-case "$os" in
- "freebsd")
- cmd="stat -f %Op"
- ;;
- *)
- cmd="stat -c %a"
- ;;
-esac
-
-if [ -e "$destination" ]; then
- $cmd "$destination"
+if [ ! -e "$destination" ]; then
+ echo none
+elif [ -h "$destination" ]; then
+ echo symlink
+elif [ -f "$destination" ]; then
+ echo file
+elif [ -d "$destination" ]; then
+ echo directory
+else
+ echo unknown
fi
-
diff --git a/cdist/conf/type/__directory/gencode-remote b/cdist/conf/type/__directory/gencode-remote
index f46a5967..a1a32ea2 100755
--- a/cdist/conf/type/__directory/gencode-remote
+++ b/cdist/conf/type/__directory/gencode-remote
@@ -1,6 +1,9 @@
-#!/bin/sh
+#!/bin/sh -e
#
-# 2011-2012 Nico Schottelius (nico-cdist at schottelius.org)
+# 2011-2013 Nico Schottelius (nico-cdist at schottelius.org)
+# 2013 Steven Armstrong (steven-cdist armstrong.cc)
+# 2014 Daniel Heule (hda at sfs.biz)
+# 2020 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
#
# This file is part of cdist.
#
@@ -19,53 +22,120 @@
#
destination="/$__object_id"
+state_should=$(cat "$__object/parameter/state")
+type=$(cat "$__object/explorer/type")
+stat_file="$__object/explorer/stat"
-state_is="$(cat "$__object/explorer/state")"
-owner_is="$(cat "$__object/explorer/owner")"
-group_is="$(cat "$__object/explorer/group")"
-mode_is="$(cat "$__object/explorer/mode")"
+# variable to keep track if we have to set directory attributes
+set_attributes=
-state_should="present"
-[ -f "$__object/parameter/state" ] && state_should="$(cat "$__object/parameter/state")"
-mode=""
-[ -f "$__object/parameter/mode" ] && mode="$(cat "$__object/parameter/mode")"
-owner=""
-[ -f "$__object/parameter/owner" ] && owner="$(cat "$__object/parameter/owner")"
-group=""
-[ -f "$__object/parameter/group" ] && group="$(cat "$__object/parameter/group")"
mkdiropt=""
-[ -f "$__object/parameter/parents" ] && mkdiropt="-p"
+[ -f "$__object/parameter/parents" ] && mkdiropt="-p"
+
recursive=""
-[ -f "$__object/parameter/recursive" ] && recursive="-R"
+if [ -f "$__object/parameter/recursive" ]; then
+ recursive="-R"
+ # need to allways set attributes when recursive is given
+ # as we don't want to check all subfolders/files
+ set_attributes=1
+fi
+
+get_current_value() {
+ if [ -s "$stat_file" ]; then
+ _name="$1"
+ _value="$2"
+ case "$_value" in
+ [0-9]*)
+ _index=2
+ ;;
+ *)
+ _index=3
+ ;;
+ esac
+ awk '/'"$_name"':/ { print $'$_index' }' "$stat_file"
+ unset _name _value _index
+ fi
+}
+
+set_group() {
+ echo "chgrp $recursive '$1' '$destination'"
+ echo "chgrp $recursive '$1'" >> "$__messages_out"
+}
+
+set_owner() {
+ echo "chown $recursive '$1' '$destination'"
+ echo "chown $recursive '$1'" >> "$__messages_out"
+}
+
+set_mode() {
+ echo "chmod $recursive '$1' '$destination'"
+ echo "chmod $recursive '$1'" >> "$__messages_out"
+}
case "$state_should" in
- present)
- if [ "$state_is" != "present" ]; then
- echo mkdir $mkdiropt \"$destination\"
- fi
+ present|exists)
+ if [ "$type" != "directory" ]; then
+ set_attributes=1
+ if [ "$type" != "none" ]; then
+ # our destination is not a directory, remove whatever is there
+ # and then create our directory and set all attributes
+ echo "rm -f '$destination'"
+ echo "remove non directory" >> "$__messages_out"
+ fi
+ echo "mkdir $mkdiropt '$destination'"
+ echo "create" >> "$__messages_out"
+ elif [ "$state_should" = 'exists' ]; then
+ # The type is directory and --state exists. We are done and do not
+ # check or set the attributes.
+ exit 0
+ fi
- # Mode settings
- if [ "$mode" ] && [ "$mode_is" != "$mode" -o -n "$recursive" ]; then
- echo chmod $recursive \"$mode\" \"$destination\"
- fi
+ # Note: Mode - needs to happen last as a chown/chgrp can alter mode by
+ # clearing S_ISUID and S_ISGID bits (see chown(2))
+ for attribute in group owner mode; do
+ if [ -f "$__object/parameter/$attribute" ]; then
+ value_should="$(cat "$__object/parameter/$attribute")"
+ value_is="$(get_current_value "$attribute" "$value_should")"
- # Group
- if [ "$group" ] && [ "$group_is" != "$group" -o -n "$recursive" ]; then
- echo chgrp $recursive \"$group\" \"$destination\"
- fi
+ # change 0xxx format to xxx format => same as stat returns
+ if [ "$attribute" = mode ]; then
+ value_should="$(echo "$value_should" | sed 's/^0\(...\)/\1/')"
+ fi
- # Owner
- if [ "$owner" ] && [ "$owner_is" != "$owner" -o -n "$recursive" ]; then
- echo chown $recursive \"$owner\" \"$destination\"
+ if [ "$set_attributes" = 1 ] || [ "$value_should" != "$value_is" ]; then
+ "set_$attribute" "$value_should"
+ fi
+ fi
+ done
+ ;;
+ pre-exists)
+ case $type in
+ directory)
+ # all good
+ exit 0
+ ;;
+ none)
+ printf 'Directory "%s" does not exist\n' "$destination" >&2
+ exit 1
+ ;;
+ file|symlink)
+ printf 'File "%s" exists and is a %s, but should be a directory\n' "$destination" "$type" >&2
+ exit 1
+ ;;
+ *)
+ printf 'File or directory "%s" is in an unknown state\n' "$destination" >&2
+ exit 1
+ ;;
+ esac
+ ;;
+ absent)
+ if [ "$type" = "directory" ]; then
+ echo "rm -rf '$destination'"
+ echo remove >> "$__messages_out"
fi
- ;;
- absent)
- if [ "$state_is" != "absent" ]; then
- echo rm -rf \"$destination\"
- fi
- ;;
- *)
- echo "Unknown state: $state_should" >&2
- exit 1
- ;;
+ ;;
+ *)
+ echo "Unknown state: $state_should" >&2
+ exit 1
+ ;;
esac
diff --git a/cdist/conf/type/__directory/man.rst b/cdist/conf/type/__directory/man.rst
new file mode 100644
index 00000000..7755334c
--- /dev/null
+++ b/cdist/conf/type/__directory/man.rst
@@ -0,0 +1,112 @@
+cdist-type__directory(7)
+========================
+
+NAME
+----
+cdist-type__directory - Manage a directory
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to create or remove directories on the target.
+
+
+REQUIRED PARAMETERS
+-------------------
+None.
+
+
+OPTIONAL PARAMETERS
+-------------------
+state
+ 'present', 'absent', 'exists' or 'pre-exists', defaults to 'present' where:
+
+ present
+ the directory exists and the given attributes are set.
+ absent
+ the directory does not exist.
+ exists
+ the directory exists, but its attributes are not altered if it already
+ existed.
+ pre-exists
+ check that the directory exists and is indeed a directory, but do not
+ create or modify it.
+
+group
+ Group to chgrp to.
+
+mode
+ Unix permissions, suitable for chmod.
+
+owner
+ User to chown to.
+
+
+BOOLEAN PARAMETERS
+------------------
+parents
+ Whether to create parents as well (mkdir -p behaviour).
+ Warning: all intermediate directory permissions default
+ to whatever mkdir -p does.
+
+ Usually this means root:root, 0700.
+
+recursive
+ If supplied the chgrp and chown call will run recursively.
+ This does *not* influence the behaviour of chmod.
+
+MESSAGES
+--------
+chgrp
+ Changed group membership
+chown
+ Changed owner
+chmod
+ Changed mode
+create
+ Empty directory was created
+remove
+ Directory exists, but state is absent, directory will be removed by generated code.
+remove non directory
+ Something other than a directory with the same name exists and was removed prior to create.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # A silly example
+ __directory /tmp/foobar
+
+ # Remove a directory
+ __directory /tmp/foobar --state absent
+
+ # Ensure /etc exists correctly
+ __directory /etc --owner root --group root --mode 0755
+
+ # Create nfs service directory, including parents
+ __directory /home/services/nfs --parents
+
+ # Change permissions recursively
+ __directory /home/services --recursive --owner root --group root
+
+ # Setup a temp directory
+ __directory /local --mode 1777
+
+ # Take it all
+ __directory /home/services/kvm --recursive --parents \
+ --owner root --group root --mode 0755 --state present
+
+
+AUTHORS
+-------
+Nico Schottelius
+
+
+COPYING
+-------
+Copyright \(C) 2011 Nico Schottelius. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__directory/man.text b/cdist/conf/type/__directory/man.text
deleted file mode 100644
index cc327af2..00000000
--- a/cdist/conf/type/__directory/man.text
+++ /dev/null
@@ -1,87 +0,0 @@
-cdist-type__directory(7)
-========================
-Nico Schottelius
-
-
-NAME
-----
-cdist-type__directory - Manage a directory
-
-
-DESCRIPTION
------------
-This cdist type allows you to create or remove directories on the target.
-
-
-REQUIRED PARAMETERS
--------------------
-None.
-
-
-OPTIONAL PARAMETERS
--------------------
-state::
- 'present' or 'absent', defaults to 'present'
-
-group::
- Group to chgrp to.
-
-mode::
- Unix permissions, suitable for chmod.
-
-owner::
- User to chown to.
-
-
-BOOLEAN PARAMETERS
-------------------
-parents::
- Whether to create parents as well (mkdir -p behaviour).
- Warning: all intermediate directory permissions default
- to whatever mkdir -p does.
-
- Usually this means root:root, 0700.
-
-recursive::
- If supplied the chgrp and chown call will run recursively.
- This does *not* influence the behaviour of chmod.
-
-
-EXAMPLES
---------
-
---------------------------------------------------------------------------------
-# A silly example
-__directory /tmp/foobar
-
-# Remove a directory
-__directory /tmp/foobar --state absent
-
-# Ensure /etc exists correctly
-__directory /etc --owner root --group root --mode 0755
-
-# Create nfs service directory, including parents
-__directory /home/services/nfs --parents
-
-# Change permissions recursively
-__directory /home/services --recursive --owner root --group root
-
-# Setup a temp directory
-__directory /local --mode 1777
-
-# Take it all
-__directory /home/services/kvm --recursive --parents \
- --owner root --group root --mode 0755 --state present
-
---------------------------------------------------------------------------------
-
-
-SEE ALSO
---------
-- cdist-type(7)
-
-
-COPYING
--------
-Copyright \(C) 2011 Nico Schottelius. Free use of this software is
-granted under the terms of the GNU General Public License version 3 (GPLv3).
diff --git a/cdist/conf/type/__directory/parameter/default/state b/cdist/conf/type/__directory/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__directory/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__docker/man.rst b/cdist/conf/type/__docker/man.rst
new file mode 100644
index 00000000..718543a8
--- /dev/null
+++ b/cdist/conf/type/__docker/man.rst
@@ -0,0 +1,55 @@
+cdist-type__docker(7)
+=====================
+
+NAME
+----
+cdist-type__docker - install Docker CE
+
+
+DESCRIPTION
+-----------
+Installs latest Docker Community Edition package.
+
+
+REQUIRED PARAMETERS
+-------------------
+None.
+
+
+OPTIONAL PARAMETERS
+-------------------
+state
+ 'present' or 'absent', defaults to 'present'
+version
+ The specific version to install. Defaults to the special value 'latest',
+ meaning the version the package manager will install by default.
+
+
+BOOLEAN PARAMETERS
+------------------
+None.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Install docker
+ __docker
+
+ # Remove docker
+ __docker --state absent
+
+ # Install specific version
+ __docker --state present --version 18.03.0.ce
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2016 Steven Armstrong. Free use of this software is
+granted under the terms of the GNU General Public License version 3 (GPLv3).
diff --git a/cdist/conf/type/__docker/manifest b/cdist/conf/type/__docker/manifest
new file mode 100755
index 00000000..6a57d85a
--- /dev/null
+++ b/cdist/conf/type/__docker/manifest
@@ -0,0 +1,109 @@
+#!/bin/sh -e
+#
+# 2016 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+
+os=$(cat "$__global/explorer/os")
+state=$(cat "$__object/parameter/state")
+version=$(cat "$__object/parameter/version")
+
+case "$os" in
+ centos)
+ # shellcheck source=/dev/null
+ if (. "$__global/explorer/os_release" && [ "${VERSION_ID}" = "7" ]); then
+ __yum_repo docker-ce-stable \
+ --name 'Docker CE Stable' \
+ --baseurl "https://download.docker.com/linux/centos/7/\$basearch/stable" \
+ --enabled \
+ --gpgcheck 1 \
+ --gpgkey 'https://download.docker.com/linux/centos/gpg' \
+ --state "${state}"
+ if [ "$version" != "latest" ]; then
+ require="__yum_repo/docker-ce-stable" __package docker-ce --version "${version}" --state "${state}"
+ else
+ require="__yum_repo/docker-ce-stable" __package docker-ce --state "${state}"
+ fi
+ else
+ echo "CentOS version 7 is required!" >&2
+ exit 1
+ fi
+ ;;
+ ubuntu|debian)
+ if [ "${state}" = "present" ]; then
+ __package apt-transport-https
+ __package ca-certificates
+ __package gnupg2
+ fi
+ __apt_key_uri docker --name "Docker Release (CE deb) " \
+ --uri "https://download.docker.com/linux/${os}/gpg" --state "${state}"
+
+ require="__apt_key_uri/docker" __apt_source docker \
+ --uri "https://download.docker.com/linux/${os}" \
+ --distribution "$(cat "$__global/explorer/lsb_codename")" \
+ --state "${state}" \
+ --component "stable"
+ if [ "$version" != "latest" ]; then
+ require="__apt_source/docker" __package docker-ce --version "${version}" --state "${state}"
+ else
+ require="__apt_source/docker" __package docker-ce --state "${state}"
+ fi
+ ;;
+ devuan)
+ os_version="$(cat "$__global/explorer/os_version")"
+
+ case "$os_version" in
+ ascii)
+ distribution="stretch"
+ ;;
+ jessie)
+ distribution="jessie"
+ ;;
+ *)
+ echo "Your devuan release ($os_version) is currently not supported by this type (${__type##*/}).">&2
+ echo "Please contribute an implementation for it if you can." >&2
+ exit 1
+ ;;
+ esac
+
+ if [ "${state}" = "present" ]; then
+ __package apt-transport-https
+ __package ca-certificates
+ __package gnupg2
+ fi
+ __apt_key_uri docker --name "Docker Release (CE deb) " \
+ --uri "https://download.docker.com/linux/${os}/gpg" --state "${state}"
+
+ require="__apt_key_uri/docker" __apt_source docker \
+ --uri "https://download.docker.com/linux/${os}" \
+ --distribution "${distribution}" \
+ --state "${state}" \
+ --component "stable"
+ if [ "$version" != "latest" ]; then
+ require="__apt_source/docker" __package docker-ce --version "${version}" --state "${state}"
+ else
+ require="__apt_source/docker" __package docker-ce --state "${state}"
+ fi
+
+ ;;
+ *)
+ echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2
+ echo "Please contribute an implementation for it if you can." >&2
+ exit 1
+ ;;
+esac
diff --git a/cdist/conf/type/__docker/parameter/default/state b/cdist/conf/type/__docker/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__docker/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__docker/parameter/default/version b/cdist/conf/type/__docker/parameter/default/version
new file mode 100644
index 00000000..a0f9a4b4
--- /dev/null
+++ b/cdist/conf/type/__docker/parameter/default/version
@@ -0,0 +1 @@
+latest
diff --git a/cdist/conf/type/__docker/parameter/optional b/cdist/conf/type/__docker/parameter/optional
new file mode 100644
index 00000000..4d595ed7
--- /dev/null
+++ b/cdist/conf/type/__docker/parameter/optional
@@ -0,0 +1,2 @@
+state
+version
diff --git a/cdist/test/config_install/fixtures/object/__third/.keep b/cdist/conf/type/__docker/singleton
similarity index 100%
rename from cdist/test/config_install/fixtures/object/__third/.keep
rename to cdist/conf/type/__docker/singleton
diff --git a/cdist/conf/type/__docker_compose/gencode-remote b/cdist/conf/type/__docker_compose/gencode-remote
new file mode 100755
index 00000000..77fc2fdf
--- /dev/null
+++ b/cdist/conf/type/__docker_compose/gencode-remote
@@ -0,0 +1,32 @@
+#!/bin/sh -e
+#
+# 2016 Dominique Roux (dominique.roux at ungleich.ch)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+# Variables
+version="$(cat "$__object/parameter/version")"
+state="$(cat "$__object/parameter/state")"
+
+if [ "${state}" = "present" ]; then
+ # Download docker-compose file
+ #shellcheck disable=SC2016
+ echo 'curl -L "https://github.com/docker/compose/releases/download/'"${version}"'/docker-compose-$(uname -s)-$(uname -m)" -o /tmp/docker-compose'
+ echo 'mv /tmp/docker-compose /usr/local/bin/docker-compose'
+ # Change permissions
+ echo 'chmod +x /usr/local/bin/docker-compose'
+fi
diff --git a/cdist/conf/type/__docker_compose/man.rst b/cdist/conf/type/__docker_compose/man.rst
new file mode 100644
index 00000000..7386e737
--- /dev/null
+++ b/cdist/conf/type/__docker_compose/man.rst
@@ -0,0 +1,58 @@
+cdist-type__docker_compose(7)
+=============================
+
+NAME
+----
+cdist-type__docker_compose - install docker-compose
+
+
+DESCRIPTION
+-----------
+Installs docker-compose package.
+State 'absent' will not remove docker binary itself,
+only docker-compose binary will be removed
+
+
+REQUIRED PARAMETERS
+-------------------
+None.
+
+
+OPTIONAL PARAMETERS
+-------------------
+version
+ Define docker_compose version, defaults to "1.9.0"
+
+state
+ 'present' or 'absent', defaults to 'present'
+
+
+BOOLEAN PARAMETERS
+------------------
+None.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Install docker-compose
+ __docker_compose
+
+ # Install version 1.9.0-rc4
+ __docker_compose --version 1.9.0-rc4
+
+ # Remove docker-compose
+ __docker_compose --state absent
+
+
+AUTHORS
+-------
+Dominique Roux
+
+
+COPYING
+-------
+Copyright \(C) 2016 Dominique Roux. Free use of this software is
+granted under the terms of the GNU General Public License version 3 or later (GPLv3+).
diff --git a/cdist/conf/type/__docker_compose/manifest b/cdist/conf/type/__docker_compose/manifest
new file mode 100755
index 00000000..f7de3a76
--- /dev/null
+++ b/cdist/conf/type/__docker_compose/manifest
@@ -0,0 +1,33 @@
+#!/bin/sh -e
+#
+# 2016 Dominique Roux (dominique.roux at ungleich.ch)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+
+state="$(cat "$__object/parameter/state")"
+
+# Needed packages
+if [ "${state}" = "present" ]; then
+ __docker
+ __package curl
+elif [ "${state}" = "absent" ]; then
+ __file /usr/local/bin/docker-compose --state absent
+else
+ echo "Unknown state: ${state}" >&2
+ exit 1
+fi
diff --git a/cdist/conf/type/__docker_compose/parameter/default/state b/cdist/conf/type/__docker_compose/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__docker_compose/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__docker_compose/parameter/default/version b/cdist/conf/type/__docker_compose/parameter/default/version
new file mode 100644
index 00000000..850e7424
--- /dev/null
+++ b/cdist/conf/type/__docker_compose/parameter/default/version
@@ -0,0 +1 @@
+1.14.0
diff --git a/cdist/conf/type/__docker_compose/parameter/optional b/cdist/conf/type/__docker_compose/parameter/optional
new file mode 100644
index 00000000..4d595ed7
--- /dev/null
+++ b/cdist/conf/type/__docker_compose/parameter/optional
@@ -0,0 +1,2 @@
+state
+version
diff --git a/cdist/test/config_install/fixtures/object/__third/moon/.cdist/.keep b/cdist/conf/type/__docker_compose/singleton
similarity index 100%
rename from cdist/test/config_install/fixtures/object/__third/moon/.cdist/.keep
rename to cdist/conf/type/__docker_compose/singleton
diff --git a/cdist/conf/type/__docker_config/explorer/config-data b/cdist/conf/type/__docker_config/explorer/config-data
new file mode 100755
index 00000000..b4bb0e11
--- /dev/null
+++ b/cdist/conf/type/__docker_config/explorer/config-data
@@ -0,0 +1,22 @@
+#!/bin/sh -e
+#
+# 2018 Ľubomír Kučera
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+docker config inspect "${__object_id:?}" --format '{{json .Spec.Data}}' \
+ 2>/dev/null | tr -d '"' | base64 -d
diff --git a/cdist/conf/type/__docker_config/explorer/config-exists b/cdist/conf/type/__docker_config/explorer/config-exists
new file mode 100755
index 00000000..58c207d4
--- /dev/null
+++ b/cdist/conf/type/__docker_config/explorer/config-exists
@@ -0,0 +1,25 @@
+#!/bin/sh -e
+#
+# 2018 Ľubomír Kučera
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+if docker config ls | grep -q " ${__object_id:?} "; then
+ echo yes
+else
+ echo no
+fi
diff --git a/cdist/conf/type/__docker_config/gencode-remote b/cdist/conf/type/__docker_config/gencode-remote
new file mode 100755
index 00000000..65497b7e
--- /dev/null
+++ b/cdist/conf/type/__docker_config/gencode-remote
@@ -0,0 +1,69 @@
+#!/bin/sh -e
+#
+# 2018 Ľubomír Kučera
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+config="${__object_id:?}"
+config_exists=$(cat "${__object:?}/explorer/config-exists")
+state=$(cat "${__object:?}/parameter/state")
+
+case "${state}" in
+ absent)
+ if [ "${config_exists}" != "yes" ]; then
+ exit 0
+ fi
+
+ echo "docker config rm \"${config}\""
+ ;;
+ present)
+ source=$(cat "${__object}/parameter/source")
+
+ if [ -z "${source}" ]; then
+ exit 0
+ fi
+
+ if [ "${source}" = "-" ]; then
+ source="${__object}/stdin"
+ fi
+
+ if [ "${config_exists}" = "yes" ]; then
+ if cmp -s "${source}" "${__object}/explorer/config-data"; then
+ exit 0
+ else
+ echo "docker config rm \"${config}\""
+ fi
+ fi
+
+ cat <<-EOF
+ source_file="\$(mktemp cdist.XXXXXXXXXX)"
+
+ base64 -d > "\${source_file}" << eof
+ $(base64 "${source}")
+ eof
+
+ docker config create "${config}" "\${source_file}"
+
+ rm "\${source_file}"
+ EOF
+ ;;
+ *)
+ echo "Unsupported state: ${state}" >&2
+
+ exit 1
+ ;;
+esac
diff --git a/cdist/conf/type/__docker_config/man.rst b/cdist/conf/type/__docker_config/man.rst
new file mode 100644
index 00000000..7c74c8af
--- /dev/null
+++ b/cdist/conf/type/__docker_config/man.rst
@@ -0,0 +1,55 @@
+cdist-type__docker_config(7)
+============================
+
+NAME
+----
+
+cdist-type__docker_config - Manage Docker configs
+
+DESCRIPTION
+-----------
+
+This type manages Docker configs.
+
+OPTIONAL PARAMETERS
+-------------------
+
+source
+ Path to the source file. If it is '-' (dash), read standard input.
+
+state
+ 'present' or 'absent', defaults to 'present' where:
+
+ present
+ if the config does not exist, it is created
+ absent
+ the config is removed
+
+CAVEATS
+-------
+
+Since Docker configs cannot be updated once created, this type tries removing
+and recreating the config if it changes. If the config is used by a service at
+the time of removing, then this type will fail.
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Creates "foo" config from "bar" source file
+ __docker_config foo --source bar
+
+
+AUTHORS
+-------
+
+Ľubomír Kučera
+
+COPYING
+-------
+
+Copyright \(C) 2018 Ľubomír Kučera. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/test/config_install/fixtures/type/__first/.keep b/cdist/conf/type/__docker_config/parameter/default/source
similarity index 100%
rename from cdist/test/config_install/fixtures/type/__first/.keep
rename to cdist/conf/type/__docker_config/parameter/default/source
diff --git a/cdist/conf/type/__docker_config/parameter/default/state b/cdist/conf/type/__docker_config/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__docker_config/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__docker_config/parameter/optional b/cdist/conf/type/__docker_config/parameter/optional
new file mode 100644
index 00000000..d77f3048
--- /dev/null
+++ b/cdist/conf/type/__docker_config/parameter/optional
@@ -0,0 +1,2 @@
+source
+state
diff --git a/cdist/conf/type/__docker_secret/explorer/secret-exists b/cdist/conf/type/__docker_secret/explorer/secret-exists
new file mode 100755
index 00000000..1405f8bc
--- /dev/null
+++ b/cdist/conf/type/__docker_secret/explorer/secret-exists
@@ -0,0 +1,25 @@
+#!/bin/sh -e
+#
+# 2018 Ľubomír Kučera
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+if docker secret ls | grep -q " ${__object_id:?} "; then
+ echo yes
+else
+ echo no
+fi
diff --git a/cdist/conf/type/__docker_secret/gencode-remote b/cdist/conf/type/__docker_secret/gencode-remote
new file mode 100755
index 00000000..c75e91d9
--- /dev/null
+++ b/cdist/conf/type/__docker_secret/gencode-remote
@@ -0,0 +1,65 @@
+#!/bin/sh -e
+#
+# 2018 Ľubomír Kučera
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+secret="${__object_id:?}"
+secret_exists=$(cat "${__object:?}/explorer/secret-exists")
+state=$(cat "${__object:?}/parameter/state")
+
+case "${state}" in
+ absent)
+ if [ "${secret_exists}" != "yes" ]; then
+ exit 0
+ fi
+
+ echo "docker secret rm ${secret}"
+ ;;
+ present)
+ if [ "${secret_exists}" = "yes" ]; then
+ exit 0
+ fi
+
+ source=$(cat "${__object}/parameter/source")
+
+ if [ -z "${source}" ]; then
+ exit 0
+ fi
+
+ if [ "${source}" = "-" ]; then
+ source="${__object}/stdin"
+ fi
+
+ cat <<-EOF
+ source_file="\$(mktemp cdist.XXXXXXXXXX)"
+
+ base64 -d > "\${source_file}" << eof
+ $(base64 "${source}")
+ eof
+
+ docker secret create "${secret}" "\${source_file}"
+
+ rm "\${source_file}"
+ EOF
+ ;;
+ *)
+ echo "Unsupported state: ${state}" >&2
+
+ exit 1
+ ;;
+esac
diff --git a/cdist/conf/type/__docker_secret/man.rst b/cdist/conf/type/__docker_secret/man.rst
new file mode 100644
index 00000000..7fe69623
--- /dev/null
+++ b/cdist/conf/type/__docker_secret/man.rst
@@ -0,0 +1,54 @@
+cdist-type__docker_secret(7)
+============================
+
+NAME
+----
+
+cdist-type__docker_secret - Manage Docker secrets
+
+DESCRIPTION
+-----------
+
+This type manages Docker secrets.
+
+OPTIONAL PARAMETERS
+-------------------
+
+source
+ Path to the source file. If it is '-' (dash), read standard input.
+
+state
+ 'present' or 'absent', defaults to 'present' where:
+
+ present
+ if the secret does not exist, it is created
+ absent
+ the secret is removed
+
+CAVEATS
+-------
+
+Since Docker secrets cannot be updated once created, this type takes no action
+if the specified secret already exists.
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Creates "foo" secret from "bar" source file
+ __docker_secret foo --source bar
+
+
+AUTHORS
+-------
+
+Ľubomír Kučera
+
+COPYING
+-------
+
+Copyright \(C) 2018 Ľubomír Kučera. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/test/config_install/fixtures/type/__second/.keep b/cdist/conf/type/__docker_secret/parameter/default/source
similarity index 100%
rename from cdist/test/config_install/fixtures/type/__second/.keep
rename to cdist/conf/type/__docker_secret/parameter/default/source
diff --git a/cdist/conf/type/__docker_secret/parameter/default/state b/cdist/conf/type/__docker_secret/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__docker_secret/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__docker_secret/parameter/optional b/cdist/conf/type/__docker_secret/parameter/optional
new file mode 100644
index 00000000..d77f3048
--- /dev/null
+++ b/cdist/conf/type/__docker_secret/parameter/optional
@@ -0,0 +1,2 @@
+source
+state
diff --git a/cdist/conf/type/__docker_stack/explorer/stack-exists b/cdist/conf/type/__docker_stack/explorer/stack-exists
new file mode 100755
index 00000000..4f511821
--- /dev/null
+++ b/cdist/conf/type/__docker_stack/explorer/stack-exists
@@ -0,0 +1,25 @@
+#!/bin/sh -e
+#
+# 2018 Ľubomír Kučera
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+if docker stack ls | grep -q "^${__object_id:?} "; then
+ echo 1
+else
+ echo 0
+fi
diff --git a/cdist/conf/type/__docker_stack/gencode-remote b/cdist/conf/type/__docker_stack/gencode-remote
new file mode 100755
index 00000000..586271d0
--- /dev/null
+++ b/cdist/conf/type/__docker_stack/gencode-remote
@@ -0,0 +1,63 @@
+#!/bin/sh -e
+#
+# 2018 Ľubomír Kučera
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+stack="${__object_id:?}"
+state=$(cat "${__object:?}/parameter/state")
+
+case "${state}" in
+ absent)
+ stack_exists=$(cat "${__object:?}/explorer/stack-exists")
+
+ if [ "${stack_exists}" -ne 1 ]; then
+ exit 0
+ fi
+
+ echo "docker stack rm ${stack}"
+ ;;
+ present)
+ compose_file=$(cat "${__object}/parameter/compose-file")
+
+ if [ -z "${compose_file}" ]; then
+ exit 0
+ fi
+
+ if [ "${compose_file}" = "-" ]; then
+ compose_file="${__object}/stdin"
+ fi
+
+ cat <<-EOF
+ compose_file="\$(mktemp cdist.XXXXXXXXXX)"
+
+ base64 -d > "\${compose_file}" << eof
+ $(base64 "${compose_file}")
+ eof
+
+ docker stack deploy --compose-file "\${compose_file}" \
+ --prune --with-registry-auth ${stack}
+
+ rm "\${compose_file}"
+ EOF
+ ;;
+ *)
+ echo "Unsupported state: ${state}" >&2
+
+ exit 1
+ ;;
+esac
diff --git a/cdist/conf/type/__docker_stack/man.rst b/cdist/conf/type/__docker_stack/man.rst
new file mode 100644
index 00000000..d0597c25
--- /dev/null
+++ b/cdist/conf/type/__docker_stack/man.rst
@@ -0,0 +1,54 @@
+cdist-type__docker_stack(7)
+===========================
+
+NAME
+----
+
+cdist-type__docker_stack - Manage Docker stacks
+
+DESCRIPTION
+-----------
+
+This type manages service stacks.
+
+.. note::
+ Since there is no easy way to tell whether a stack needs to be updated,
+ `docker stack deploy` is being run every time this type is invoked.
+ However, it does not mean this type is not idempotent. If Docker does not
+ detect changes, the existing stack will not be updated.
+
+OPTIONAL PARAMETERS
+-------------------
+
+compose-file
+ Path to the compose file. If it is '-' (dash), read standard input.
+
+state
+ 'present' or 'absent', defaults to 'present' where:
+
+ present
+ the stack is deployed
+ absent
+ the stack is removed
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Deploys 'foo' stack defined in 'docker-compose.yml' compose file
+ __docker_stack foo --compose-file docker-compose.yml
+
+
+AUTHORS
+-------
+
+Ľubomír Kučera
+
+COPYING
+-------
+
+Copyright \(C) 2018 Ľubomír Kučera. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/test/config_install/fixtures/type/__third/.keep b/cdist/conf/type/__docker_stack/parameter/default/compose-file
similarity index 100%
rename from cdist/test/config_install/fixtures/type/__third/.keep
rename to cdist/conf/type/__docker_stack/parameter/default/compose-file
diff --git a/cdist/conf/type/__docker_stack/parameter/default/state b/cdist/conf/type/__docker_stack/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__docker_stack/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__docker_stack/parameter/optional b/cdist/conf/type/__docker_stack/parameter/optional
new file mode 100644
index 00000000..b3457bd3
--- /dev/null
+++ b/cdist/conf/type/__docker_stack/parameter/optional
@@ -0,0 +1,2 @@
+compose-file
+state
diff --git a/cdist/conf/type/__docker_swarm/explorer/swarm-state b/cdist/conf/type/__docker_swarm/explorer/swarm-state
new file mode 100755
index 00000000..2c9fd598
--- /dev/null
+++ b/cdist/conf/type/__docker_swarm/explorer/swarm-state
@@ -0,0 +1,21 @@
+#!/bin/sh -e
+#
+# 2018 Ľubomír Kučera
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+docker info 2>/dev/null | grep '^ *Swarm: ' | awk '{print $2}'
diff --git a/cdist/conf/type/__docker_swarm/gencode-remote b/cdist/conf/type/__docker_swarm/gencode-remote
new file mode 100755
index 00000000..4b199a02
--- /dev/null
+++ b/cdist/conf/type/__docker_swarm/gencode-remote
@@ -0,0 +1,46 @@
+#!/bin/sh -e
+#
+# 2018 Ľubomír Kučera
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+state=$(cat "${__object:?}/parameter/state")
+swarm_state="$(cat "${__object}/explorer/swarm-state")"
+
+if [ -z "${swarm_state}" ]; then
+ echo "Unable to determine Swarm state. Is compatible version of Docker installed?" >&2
+
+ exit 1
+fi
+
+case "${state}" in
+ absent)
+ if [ "${swarm_state}" = "active" ]; then
+ echo "docker swarm leave --force"
+ fi
+ ;;
+ present)
+ if [ "${swarm_state}" = "inactive" ]; then
+ echo "docker swarm init"
+ fi
+ ;;
+ *)
+ echo "Unsupported state: ${state}" >&2
+
+ exit 1
+ ;;
+esac
diff --git a/cdist/conf/type/__docker_swarm/man.rst b/cdist/conf/type/__docker_swarm/man.rst
new file mode 100644
index 00000000..4dc408f0
--- /dev/null
+++ b/cdist/conf/type/__docker_swarm/man.rst
@@ -0,0 +1,49 @@
+cdist-type__docker_swarm(7)
+===========================
+
+NAME
+----
+
+cdist-type__docker_swarm - Manage Swarm
+
+DESCRIPTION
+-----------
+
+This type can initialize Docker swarm mode. For more information about swarm
+mode, see `Swarm mode overview `_.
+
+OPTIONAL PARAMETERS
+-------------------
+
+state
+ 'present' or 'absent', defaults to 'present' where:
+
+ present
+ Swarm is initialized
+ absent
+ Swarm is left
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Initializes a swarm
+ __docker_swarm
+
+ # Leaves a swarm
+ __docker_swarm --state absent
+
+
+AUTHORS
+-------
+
+Ľubomír Kučera
+
+COPYING
+-------
+
+Copyright \(C) 2018 Ľubomír Kučera. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__docker_swarm/parameter/default/state b/cdist/conf/type/__docker_swarm/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__docker_swarm/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__pf_ruleset/parameter/required b/cdist/conf/type/__docker_swarm/parameter/optional
similarity index 100%
rename from cdist/conf/type/__pf_ruleset/parameter/required
rename to cdist/conf/type/__docker_swarm/parameter/optional
diff --git a/cdist/conf/type/__docker_swarm/singleton b/cdist/conf/type/__docker_swarm/singleton
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__dog_vdi/explorer/list b/cdist/conf/type/__dog_vdi/explorer/list
new file mode 100755
index 00000000..856c86fc
--- /dev/null
+++ b/cdist/conf/type/__dog_vdi/explorer/list
@@ -0,0 +1,23 @@
+#!/bin/sh
+#
+# 2014 Nico Schottelius (nico-cdist at schottelius.org)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+name="$__object_id"
+
+dog vdi list -r "$name"
diff --git a/cdist/conf/type/__dog_vdi/gencode-remote b/cdist/conf/type/__dog_vdi/gencode-remote
new file mode 100755
index 00000000..9d49506c
--- /dev/null
+++ b/cdist/conf/type/__dog_vdi/gencode-remote
@@ -0,0 +1,42 @@
+#!/bin/sh -e
+#
+# 2014 Nico Schottelius (nico-cdist at schottelius.org)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+state_should="$(cat "$__object/parameter/state")"
+num_vdi_lines=$(wc -l < "$__object/explorer/list")
+name="$__object_id"
+
+
+if [ "$num_vdi_lines" = 1 ]; then
+ state_is=present
+else
+ state_is=absent
+fi
+
+[ "$state_is" = "$state_should" ] && exit 0
+
+case "$state_should" in
+ present)
+ size="$(cat "$__object/parameter/size")"
+ echo "dog vdi create '$name' '$size'"
+ ;;
+ absent)
+ echo "dog vdi delete '$name'"
+ ;;
+esac
diff --git a/cdist/conf/type/__dog_vdi/man.rst b/cdist/conf/type/__dog_vdi/man.rst
new file mode 100644
index 00000000..4be1920d
--- /dev/null
+++ b/cdist/conf/type/__dog_vdi/man.rst
@@ -0,0 +1,59 @@
+cdist-type__dog_vdi(7)
+======================
+
+NAME
+----
+cdist-type__dog_vdi - Manage Sheepdog VM images
+
+
+DESCRIPTION
+-----------
+The dog program is used to create images for sheepdog
+to be used in qemu.
+
+
+OPTIONAL PARAMETERS
+-------------------
+state
+ Either "present" or "absent", defaults to "present"
+size
+ Size of the image in "dog vdi" compatible units.
+
+ Required if state is "present".
+
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Create a 50G size image
+ __dog_vdi nico-privat.sky.ungleich.ch --size 50G
+
+ # Create a 50G size image (more explicit)
+ __dog_vdi nico-privat.sky.ungleich.ch --size 50G --state present
+
+ # Remove image
+ __dog_vdi nico-privat.sky.ungleich.ch --state absent
+
+ # Remove image - keeping --size is ok
+ __dog_vdi nico-privat.sky.ungleich.ch --size 50G --state absent
+
+
+SEE ALSO
+--------
+:strong:`qemu`\ (1), :strong:`dog`\ (8)
+
+
+AUTHORS
+-------
+Nico Schottelius
+
+
+COPYING
+-------
+Copyright \(C) 2014 Nico Schottelius. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__dog_vdi/manifest b/cdist/conf/type/__dog_vdi/manifest
new file mode 100755
index 00000000..869bdede
--- /dev/null
+++ b/cdist/conf/type/__dog_vdi/manifest
@@ -0,0 +1,37 @@
+#!/bin/sh -e
+#
+# 2014 Nico Schottelius (nico-cdist at schottelius.org)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+state_should="$(cat "$__object/parameter/state")"
+
+case "$state_should" in
+ present)
+ if [ ! -f "$__object/parameter/size" ]; then
+ echo "Size is required when state is present" >&2
+ exit 1
+ fi
+ ;;
+ absent)
+ :
+ ;;
+ *)
+ echo "Unsupported state: $state_should" >&2
+ exit 1
+ ;;
+esac
diff --git a/cdist/conf/type/__dog_vdi/parameter/default/state b/cdist/conf/type/__dog_vdi/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__dog_vdi/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__dog_vdi/parameter/optional b/cdist/conf/type/__dog_vdi/parameter/optional
new file mode 100644
index 00000000..c3ac4490
--- /dev/null
+++ b/cdist/conf/type/__dog_vdi/parameter/optional
@@ -0,0 +1,2 @@
+state
+size
diff --git a/cdist/conf/type/__dot_file/explorer/home b/cdist/conf/type/__dot_file/explorer/home
new file mode 100755
index 00000000..08d941bf
--- /dev/null
+++ b/cdist/conf/type/__dot_file/explorer/home
@@ -0,0 +1,27 @@
+#!/bin/sh
+# Copyright (C) 2016 Dmitry Bogatov
+
+# Author: Dmitry Bogatov
+
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 3
+# of the License, or (at your option) any later version.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see .
+set -eu
+
+user="$(cat "${__object}/parameter/user")"
+
+if command -v getent >/dev/null 2>&1; then
+ line=$(getent passwd "${user}")
+else
+ line=$(grep "^${user}:" /etc/passwd)
+fi
+printf '%s' "$line" | cut -d: -f6
diff --git a/cdist/conf/type/__dot_file/explorer/primary_group b/cdist/conf/type/__dot_file/explorer/primary_group
new file mode 100755
index 00000000..30b303ac
--- /dev/null
+++ b/cdist/conf/type/__dot_file/explorer/primary_group
@@ -0,0 +1,21 @@
+#!/bin/sh
+# Copyright (C) 2016 Dmitry Bogatov
+
+# Author: Dmitry Bogatov
+
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 3
+# of the License, or (at your option) any later version.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see .
+set -eu
+
+user="$(cat "${__object}/parameter/user")"
+id -gn "${user}"
diff --git a/cdist/conf/type/__dot_file/man.rst b/cdist/conf/type/__dot_file/man.rst
new file mode 100644
index 00000000..ae65eb95
--- /dev/null
+++ b/cdist/conf/type/__dot_file/man.rst
@@ -0,0 +1,71 @@
+cdist-type__dot_file(7)
+========================
+
+NAME
+----
+
+cdist-type__dot_file - install file under user's home directory
+
+DESCRIPTION
+-----------
+
+This type installs a file (=\ *__object_id*) under user's home directory,
+providing a way to install per-user configuration files. File owner
+and group is deduced from user, for who file is installed.
+
+Unlike regular __file type, you do not need make any assumptions,
+where user's home directory is.
+
+REQUIRED PARAMETERS
+-------------------
+
+user
+ User, for who file is installed
+
+OPTIONAL PARAMETERS
+-------------------
+
+mode
+ forwarded to :strong:`__file` type
+
+state
+ forwarded to :strong:`__file` type
+
+source
+ forwarded to :strong:`__file` type
+
+MESSAGES
+--------
+
+This type inherits all messages from :strong:`file` type, and do not add
+any new.
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Install .forward file for user 'alice'. Since state is 'present',
+ # user is not meant to edit this file, all changes will be overridden.
+ # It is good idea to put warning about it in file itself.
+ __dot_file .forward --user alice --source "$__files/forward"
+
+ # Install .muttrc for user 'bob', if not already present. User can safely
+ # edit it, his changes will not be overwritten.
+ __dot_file .muttrc --user bob --source "$__files/recommended_mutt_config" --state exists
+
+
+ # Install default xmonad config for user 'eve'. Parent directory is created automatically.
+ __dot_file .xmonad/xmonad.hs --user eve --state exists --source "$__files/xmonad.hs"
+
+SEE ALSO
+--------
+
+**cdist-type__file**\ (7)
+
+COPYING
+-------
+
+Copyright (C) 2015 Dmitry Bogatov. Free use of this software is granted
+under the terms of the GNU General Public License version 3 or later
+(GPLv3+).
diff --git a/cdist/conf/type/__dot_file/manifest b/cdist/conf/type/__dot_file/manifest
new file mode 100755
index 00000000..5e4957e5
--- /dev/null
+++ b/cdist/conf/type/__dot_file/manifest
@@ -0,0 +1,65 @@
+#!/bin/sh -e
+#
+# Copyright (C) 2016 Bogatov Dmitry
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see .
+set -eu
+
+user="$(cat "${__object}/parameter/user")"
+home="$(cat "${__object}/explorer/home")"
+primary_group="$(cat "${__object}/explorer/primary_group")"
+
+# Create parent directory. Type __directory has flag 'parents', but it
+# will leave us with root-owned directory in user home, which is not
+# acceptable. So we create parent directories one-by-one. XXX: maybe
+# it should be fixed in '__directory'?
+set --
+subpath=${__object_id}
+while subpath="$(dirname "${subpath}")" ; do
+ [ "${subpath}" = . ] && break
+ set -- "${subpath}" "$@"
+done
+unset subpath
+
+export CDIST_ORDER_DEPENDENCY
+for dir ; do
+ __directory "${home}/${dir}" \
+ --group "${primary_group}" \
+ --owner "${user}"
+done
+
+# These parameters are forwarded to __file type. 'mode' is always
+# present, since it have been given default.
+
+set --
+for p in state mode source ; do
+ if [ -f "${__object}/parameter/${p}" ] ; then
+ value="$(cat "${__object}/parameter/${p}")"
+ set -- "$@" "--${p}" "${value}"
+ unset value
+ fi
+done
+
+# If source is `-' we can't just forward it, since stdin is already
+# captured by __dot_file. So, we replace '-' with "$__object/stdin".
+#
+# It means that it is possible for __file to receive --source
+# parameter twice, but, since latest wins, it is okay.
+source="$(cat "${__object}/parameter/source")"
+if [ "${source}" = "-" ] ; then
+ set -- "$@" --source "${__object}/stdin"
+fi
+unset source
+
+__file "${home}/${__object_id}" --owner "$user" --group "$primary_group" "$@"
diff --git a/cdist/conf/type/__dot_file/parameter/default/mode b/cdist/conf/type/__dot_file/parameter/default/mode
new file mode 100644
index 00000000..e9f960cf
--- /dev/null
+++ b/cdist/conf/type/__dot_file/parameter/default/mode
@@ -0,0 +1 @@
+600
diff --git a/cdist/conf/type/__dot_file/parameter/optional b/cdist/conf/type/__dot_file/parameter/optional
new file mode 100644
index 00000000..ccab9fa6
--- /dev/null
+++ b/cdist/conf/type/__dot_file/parameter/optional
@@ -0,0 +1,3 @@
+state
+mode
+source
diff --git a/cdist/conf/type/__dot_file/parameter/required b/cdist/conf/type/__dot_file/parameter/required
new file mode 100644
index 00000000..4eb8387f
--- /dev/null
+++ b/cdist/conf/type/__dot_file/parameter/required
@@ -0,0 +1 @@
+user
diff --git a/cdist/conf/type/__file/explorer/stat b/cdist/conf/type/__file/explorer/stat
new file mode 100755
index 00000000..91c8cc84
--- /dev/null
+++ b/cdist/conf/type/__file/explorer/stat
@@ -0,0 +1,116 @@
+#!/bin/sh
+#
+# 2013 Steven Armstrong (steven-cdist armstrong.cc)
+# 2019 Nico Schottelius (nico-cdist at schottelius.org)
+# 2020 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+destination="/$__object_id"
+
+fallback() {
+ # Fallback: Patch the output together, manually.
+
+ ls_line=$(ls -ldn "$destination")
+
+ uid=$(echo "$ls_line" | awk '{ print $3 }')
+ gid=$(echo "$ls_line" | awk '{ print $4 }')
+
+ owner=$(awk -F: -v uid="$uid" '$3 == uid { print $1; f=1 } END { if (!f) print "UNKNOWN" }' /etc/passwd)
+ group=$(awk -F: -v uid="$uid" '$3 == uid { print $1; f=1 } END { if (!f) print "UNKNOWN" }' /etc/group)
+
+ mode_text=$(echo "$ls_line" | awk '{ print $1 }')
+ mode=$(echo "$mode_text" | awk '{ k=0; for (i=0; i<=8; i++) k += ((substr($1, i+2, 1) ~ /[rwx]/) * 2^(8-i)); printf("%0o", k) }')
+
+ size=$(echo "$ls_line" | awk '{ print $5 }')
+ links=$(echo "$ls_line" | awk '{ print $2 }')
+
+ printf 'type: %s\nowner: %d %s\ngroup: %d %s\nmode: %s %s\nsize: %d\nlinks: %d\n' \
+ "$("$__type_explorer/type")" \
+ "$uid" "$owner" \
+ "$gid" "$group" \
+ "$mode" "$mode_text" \
+ "$size" \
+ "$links"
+}
+
+
+# nothing to work with, nothing we could do
+[ -e "$destination" ] || exit 0
+
+
+if ! command -v stat >/dev/null
+then
+ fallback
+ exit
+fi
+
+
+case $("$__explorer/os")
+in
+ freebsd|netbsd|openbsd|macosx)
+ stat -f "type: %HT
+owner: %Du %Su
+group: %Dg %Sg
+mode: %Lp %Sp
+size: %Dz
+links: %Dl
+" "$destination" | awk '/^type/ { print tolower($0); next } { print }'
+ ;;
+ solaris)
+ ls1="$( ls -ld "$destination" )"
+ ls2="$( ls -ldn "$destination" )"
+
+ if [ -f "$__object/parameter/mode" ]
+ then mode_should="$( cat "$__object/parameter/mode" )"
+ fi
+
+ # yes, it is ugly hack, but if you know better way...
+ if [ -z "$( find "$destination" -perm "$mode_should" )" ]
+ then octets=888
+ else octets="$( echo "$mode_should" | sed 's/^0//' )"
+ fi
+
+ case "$( echo "$ls1" | cut -c1-1 )" in
+ -) echo 'type: regular file' ;;
+ d) echo 'type: directory' ;;
+ esac
+
+ echo "owner: $( echo "$ls2" \
+ | awk '{print $3}' ) $( echo "$ls1" \
+ | awk '{print $3}' )"
+
+ echo "group: $( echo "$ls2" \
+ | awk '{print $4}' ) $( echo "$ls1" \
+ | awk '{print $4}' )"
+
+ echo "mode: $octets $( echo "$ls1" | awk '{print $1}' )"
+ echo "size: $( echo "$ls1" | awk '{print $5}' )"
+ echo "links: $( echo "$ls1" | awk '{print $2}' )"
+ ;;
+ *)
+ # NOTE: Do not use --printf here as it is not supported by BusyBox stat.
+ # NOTE: BusyBox's stat might not support the "-c" option, in which case
+ # we fall through to the shell fallback.
+ stat -c "type: %F
+owner: %u %U
+group: %g %G
+mode: %a %A
+size: %s
+links: %h" "$destination" 2>/dev/null || fallback
+ ;;
+esac
diff --git a/cdist/conf/type/__file/explorer/type b/cdist/conf/type/__file/explorer/type
new file mode 100755
index 00000000..e723047c
--- /dev/null
+++ b/cdist/conf/type/__file/explorer/type
@@ -0,0 +1,33 @@
+#!/bin/sh
+#
+# 2013 Steven Armstrong (steven-cdist armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+destination="/$__object_id"
+
+if [ ! -e "$destination" ]; then
+ echo none
+elif [ -h "$destination" ]; then
+ echo symlink
+elif [ -f "$destination" ]; then
+ echo file
+elif [ -d "$destination" ]; then
+ echo directory
+else
+ echo unknown
+fi
diff --git a/cdist/conf/type/__file/gencode-local b/cdist/conf/type/__file/gencode-local
index 087011c4..231b6927 100755
--- a/cdist/conf/type/__file/gencode-local
+++ b/cdist/conf/type/__file/gencode-local
@@ -1,6 +1,7 @@
-#!/bin/sh
+#!/bin/sh -e
#
# 2011-2012 Nico Schottelius (nico-cdist at schottelius.org)
+# 2013 Steven Armstrong (steven-cdist armstrong.cc)
#
# This file is part of cdist.
#
@@ -17,34 +18,97 @@
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see .
#
-#
-# __file is a very basic type, which will probably be reused quite often
-#
destination="/$__object_id"
-state_should=present
-[ -f "$__object/parameter/state" ] && state_should="$(cat "$__object/parameter/state")"
-exists="$(cat "$__object/explorer/exists")"
+state_should="$(cat "$__object/parameter/state")"
+type="$(cat "$__object/explorer/type")"
-[ "$state_should" = "exists" -a "$exists" = "yes" ] && exit 0 # nothing to do
+[ "$state_should" = "exists" ] && [ "$type" = "file" ] && exit 0 # nothing to do
-if [ "$state_should" = "present" -o "$state_should" = "exists" ]; then
+if [ "$state_should" = "pre-exists" ]; then
if [ -f "$__object/parameter/source" ]; then
+ echo "--source cannot be used with --state pre-exists"
+ exit 1
+ fi
+
+ case $type in
+ file)
+ # nothing to do
+ exit 0
+ ;;
+ none)
+ printf 'File "%s" does not exist\n' "$destination" >&2
+ exit 1
+ ;;
+ directory|symlink)
+ printf 'File "%s" exists and is a %s, but should be a regular file\n' "$destination" "$type" >&2
+ exit 1
+ ;;
+ *)
+ printf 'File or directory "%s" is in an unknown state\n' "$destination" >&2
+ exit 1
+ ;;
+ esac
+fi
+
+upload_file=
+create_file=
+if [ "$state_should" = "present" ] || [ "$state_should" = "exists" ]; then
+ if [ ! -f "$__object/parameter/source" ]; then
+ remote_stat="$(cat "$__object/explorer/stat")"
+ if [ -z "$remote_stat" ]; then
+ create_file=1
+ echo create >> "$__messages_out"
+ fi
+ else
source="$(cat "$__object/parameter/source")"
if [ "$source" = "-" ]; then
source="$__object/stdin"
fi
-
- if [ -f "$source" ]; then
- local_cksum="$(cksum < "$source")"
- remote_cksum="$(cat "$__object/explorer/cksum")"
-
- if [ "$local_cksum" != "$remote_cksum" ]; then
- echo "$__remote_copy" "$source" "${__target_host}:${destination}"
- fi
- else
+ if [ ! -f "$source" ]; then
echo "Source \"$source\" does not exist." >&2
exit 1
+ else
+ if [ "$type" != "file" ]; then
+ # destination is not a regular file, upload source to replace it
+ upload_file=1
+ else
+ local_cksum="$(cksum < "$source")"
+ remote_cksum="$(cat "$__object/explorer/cksum")"
+ if [ "$local_cksum" != "$remote_cksum" ]; then
+ # destination is a regular file, but not the right one
+ upload_file=1
+ fi
+ fi
fi
fi
+ if [ "$create_file" ] || [ "$upload_file" ]; then
+ # tell gencode-remote that we created or uploaded a file and that it must
+ # set all attributes no matter what the explorer retreived
+ mkdir "$__object/files"
+ touch "$__object/files/set-attributes"
+
+ # upload file to temp location
+ tempfile_template="${destination}.cdist.XXXXXXXXXX"
+ cat << DONE
+destination_upload="\$($__remote_exec $__target_host "mktemp $tempfile_template")"
+DONE
+ if [ "$upload_file" ]; then
+ echo upload >> "$__messages_out"
+ # IPv6 fix
+ if echo "${__target_host}" | grep -q -E '^[0-9a-fA-F:]+$'
+ then
+ my_target_host="[${__target_host}]"
+ else
+ my_target_host="${__target_host}"
+ fi
+ cat << DONE
+$__remote_copy "$source" "${my_target_host}:\$destination_upload"
+DONE
+ fi
+# move uploaded file into place
+cat << DONE
+$__remote_exec $__target_host "rm -rf \"$destination\"; mv \"\$destination_upload\" \"$destination\""
+DONE
+ fi
fi
diff --git a/cdist/conf/type/__file/gencode-remote b/cdist/conf/type/__file/gencode-remote
index 8b03e919..815593bd 100755
--- a/cdist/conf/type/__file/gencode-remote
+++ b/cdist/conf/type/__file/gencode-remote
@@ -1,6 +1,7 @@
-#!/bin/sh
+#!/bin/sh -e
#
-# 2011-2012 Nico Schottelius (nico-cdist at schottelius.org)
+# 2011-2013 Nico Schottelius (nico-cdist at schottelius.org)
+# 2013 Steven Armstrong (steven-cdist armstrong.cc)
#
# This file is part of cdist.
#
@@ -17,52 +18,94 @@
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see .
#
-#
-# __file is a very basic type, which will probably be reused quite often
-#
destination="/$__object_id"
-state_should=present
-[ -f "$__object/parameter/state" ] && state_should="$(cat "$__object/parameter/state")"
-exists="$(cat "$__object/explorer/exists")"
+state_should="$(cat "$__object/parameter/state")"
+type="$(cat "$__object/explorer/type")"
+stat_file="$__object/explorer/stat"
+fire_onchange=''
+
+get_current_value() {
+ if [ -s "$stat_file" ]; then
+ _name="$1"
+ _value="$2"
+ case "$_value" in
+ [0-9]*)
+ _index=2
+ ;;
+ *)
+ _index=3
+ ;;
+ esac
+ awk '/'"$_name"':/ { print $'$_index' }' "$stat_file"
+ unset _name _value _index
+ fi
+}
+
+set_group() {
+ echo "chgrp '$1' '$destination'"
+ echo "chgrp '$1'" >> "$__messages_out"
+ fire_onchange=1
+}
+
+set_owner() {
+ echo "chown '$1' '$destination'"
+ echo "chown '$1'" >> "$__messages_out"
+ fire_onchange=1
+}
+
+set_mode() {
+ echo "chmod '$1' '$destination'"
+ echo "chmod '$1'" >> "$__messages_out"
+ fire_onchange=1
+}
case "$state_should" in
- present|exists)
- # No source? Create empty file
- if [ ! -f "$__object/parameter/source" ]; then
- if [ "$exists" = "no" ]; then
- echo touch \"$destination\"
- fi
- fi
+ present|exists)
+ # Note: Mode - needs to happen last as a chown/chgrp can alter mode by
+ # clearing S_ISUID and S_ISGID bits (see chown(2))
+ for attribute in group owner mode; do
+ if [ -f "$__object/parameter/$attribute" ]; then
+ value_should="$(cat "$__object/parameter/$attribute")"
- # Group
- if [ -f "$__object/parameter/group" ]; then
- echo chgrp \"$(cat "$__object/parameter/group")\" \"$destination\"
- fi
+ # change 0xxx format to xxx format => same as stat returns
+ if [ "$attribute" = mode ]; then
+ value_should="$(echo "$value_should" | sed 's/^0\(...\)/\1/')"
+ fi
- # Owner
- if [ -f "$__object/parameter/owner" ]; then
- echo chown \"$(cat "$__object/parameter/owner")\" \"$destination\"
- fi
+ value_is="$(get_current_value "$attribute" "$value_should")"
+ if [ -f "$__object/files/set-attributes" ] || [ "$value_should" != "$value_is" ]; then
+ "set_$attribute" "$value_should"
+ fi
+ fi
+ done
+ if [ -f "$__object/files/set-attributes" ]; then
+ # set-attributes is created if file is created or uploaded in gencode-local
+ fire_onchange=1
+ fi
+ ;;
- # Mode - needs to happen last as a chown/chgrp can alter mode by
- # clearing S_ISUID and S_ISGID bits (see chown(2))
- if [ -f "$__object/parameter/mode" ]; then
- echo chmod \"$(cat "$__object/parameter/mode")\" \"$destination\"
- fi
+ pre-exists)
+ # pre-exists should never reach gencode-remote…
+ exit 1
;;
- absent)
-
- if [ "$exists" = "yes" ]; then
- echo rm -f \"$destination\"
- fi
-
- ;;
-
- *)
- echo "Unknown state: $state_should" >&2
- exit 1
- ;;
+ absent)
+ if [ "$type" = "file" ]; then
+ echo "rm -f '$destination'"
+ echo remove >> "$__messages_out"
+ fire_onchange=1
+ fi
+ ;;
+ *)
+ echo "Unknown state: $state_should" >&2
+ exit 1
+ ;;
esac
+
+if [ -f "$__object/parameter/onchange" ]; then
+ if [ -n "$fire_onchange" ]; then
+ cat "$__object/parameter/onchange"
+ fi
+fi
diff --git a/cdist/conf/type/__file/man.rst b/cdist/conf/type/__file/man.rst
new file mode 100644
index 00000000..7a0603bb
--- /dev/null
+++ b/cdist/conf/type/__file/man.rst
@@ -0,0 +1,124 @@
+cdist-type__file(7)
+===================
+
+NAME
+----
+cdist-type__file - Manage files.
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to create files, remove files and set file
+attributes on the target.
+
+If the file already exists on the target, then if it is a:
+
+regular file, and state is:
+ present
+ replace it with the source file if they are not equal
+ exists
+ do nothing
+symlink
+ replace it with the source file
+directory
+ replace it with the source file
+
+One exception is that when state is pre-exists, an error is raised if
+the file would have been created otherwise (e.g. it is not present or
+not a regular file).
+
+In any case, make sure that the file attributes are as specified.
+
+
+REQUIRED PARAMETERS
+-------------------
+None.
+
+OPTIONAL PARAMETERS
+-------------------
+state
+ 'present', 'absent', 'exists' or 'pre-exists', defaults to 'present' where:
+
+ present
+ the file is exactly the one from source
+ absent
+ the file does not exist
+ exists
+ the file from source but only if it doesn't already exist
+ pre-exists
+ check that the file exists and is a regular file, but do not
+ create or modify it
+
+group
+ Group to chgrp to.
+
+mode
+ Unix permissions, suitable for chmod.
+
+owner
+ User to chown to.
+
+source
+ If supplied, copy this file from the host running cdist to the target.
+ If not supplied, an empty file or directory will be created.
+ If source is '-' (dash), take what was written to stdin as the file content.
+
+onchange
+ The code to run if file is modified.
+
+MESSAGES
+--------
+chgrp
+ Changed group membership
+chown
+ Changed owner
+chmod
+ Changed mode
+create
+ Empty file was created (no --source specified)
+remove
+ File exists, but state is absent, file will be removed by generated code.
+upload
+ File was uploaded
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Create /etc/cdist-configured as an empty file
+ __file /etc/cdist-configured
+ # The same thing
+ __file /etc/cdist-configured --state present
+ # Use __file from another type
+ __file /etc/issue --source "$__type/files/archlinux" --state present
+ # Delete existing file
+ __file /etc/cdist-configured --state absent
+ # Supply some more settings
+ __file /etc/shadow --source "$__type/files/shadow" \
+ --owner root --group shadow --mode 0640 \
+ --state present
+ # Provide a default file, but let the user change it
+ __file /home/frodo/.bashrc --source "/etc/skel/.bashrc" \
+ --state exists \
+ --owner frodo --mode 0600
+ # Check that the file is present, show an error when it is not
+ __file /etc/somefile --state pre-exists
+ # Take file content from stdin
+ __file /tmp/whatever --owner root --group root --mode 644 --source - << DONE
+ Here goes the content for /tmp/whatever
+ DONE
+
+
+AUTHORS
+-------
+Nico Schottelius
+
+
+COPYING
+-------
+Copyright \(C) 2011-2013 Nico Schottelius. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__file/man.text b/cdist/conf/type/__file/man.text
deleted file mode 100644
index 1c61fd51..00000000
--- a/cdist/conf/type/__file/man.text
+++ /dev/null
@@ -1,85 +0,0 @@
-cdist-type__file(7)
-===================
-Nico Schottelius
-
-
-NAME
-----
-cdist-type__file - Manage files
-
-
-DESCRIPTION
------------
-This cdist type allows you to create files, remove files and set file
-attributes on the target.
-
-
-REQUIRED PARAMETERS
--------------------
-None.
-
-OPTIONAL PARAMETERS
--------------------
-state::
- 'present', 'absent' or 'exists', defaults to 'present'
- where:
- present: the file is exactly the one from source
- absent: the file does not exist
- exists: the file from source but only if it doesn't already exist
-
-group::
- Group to chgrp to.
-
-mode::
- Unix permissions, suitable for chmod.
-
-owner::
- User to chown to.
-
-source::
- If supplied, copy this file from the host running cdist to the target.
- If not supplied, an empty file or directory will be created.
- If source is '-' (dash), take what was written to stdin as the file content.
-
-
-EXAMPLES
---------
-
---------------------------------------------------------------------------------
-# Create /etc/cdist-configured as an empty file
-__file /etc/cdist-configured
-# The same thing
-__file /etc/cdist-configured --state present
-# Delete existing file
-__file /etc/cdist-configured --state absent
-
-# Use __file from another type
-__file /etc/issue --source "$__type/files/archlinux" --state present
-
-# Supply some more settings
-__file /etc/shadow --source "$__type/files/shadow" \
- --owner root --group shadow --mode 0640 \
- --state present
-
-# Provide a default file, but let the user change it
-__file /home/frodo/.bashrc --source "/etc/skel/.bashrc" \
- --state exists \
- --owner frodo --mode 0600
-
-# Take file content from stdin
-__file /tmp/whatever --owner root --group root --mode 644 --source - << DONE
-Here goes the content for /tmp/whatever
-DONE
-
---------------------------------------------------------------------------------
-
-
-SEE ALSO
---------
-- cdist-type(7)
-
-
-COPYING
--------
-Copyright \(C) 2011-2012 Nico Schottelius. Free use of this software is
-granted under the terms of the GNU General Public License version 3 (GPLv3).
diff --git a/cdist/conf/type/__file/parameter/default/state b/cdist/conf/type/__file/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__file/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__file/parameter/optional b/cdist/conf/type/__file/parameter/optional
index c696d592..9b98352c 100644
--- a/cdist/conf/type/__file/parameter/optional
+++ b/cdist/conf/type/__file/parameter/optional
@@ -3,3 +3,4 @@ group
mode
owner
source
+onchange
diff --git a/cdist/conf/type/__filesystem/explorer/lsblk b/cdist/conf/type/__filesystem/explorer/lsblk
new file mode 100644
index 00000000..9ae544ac
--- /dev/null
+++ b/cdist/conf/type/__filesystem/explorer/lsblk
@@ -0,0 +1,43 @@
+#!/bin/sh
+#
+# 2016 - 2016 Daniel Heule (hda at sfs.biz)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+os=$("$__explorer/os")
+
+if [ -f "$__object/parameter/device" ]; then
+ blkdev="$(cat "$__object/parameter/device")"
+else
+ blkdev="$__object_id"
+fi
+
+case "$os" in
+ centos|fedora|redhat|suse|gentoo)
+ if [ ! -x "$(command -v lsblk)" ]; then
+ echo "lsblk is required for __filesystem type" >&2
+ exit 1
+ else
+ #echo -n $(lsblk -nd -P -o NAME,FSTYPE,LABEL,MOUNTPOINT "$blkdev" 2>/dev/null)
+ lsblk -nd -P -o NAME,FSTYPE,LABEL,MOUNTPOINT "$blkdev" 2>/dev/null
+ fi
+ ;;
+ *)
+ echo "__filesystem type lacks implementation for os: $os" >&2
+ exit 1
+ ;;
+esac
diff --git a/cdist/conf/type/__filesystem/gencode-remote b/cdist/conf/type/__filesystem/gencode-remote
new file mode 100755
index 00000000..0bcdc13c
--- /dev/null
+++ b/cdist/conf/type/__filesystem/gencode-remote
@@ -0,0 +1,102 @@
+#!/bin/sh -e
+#
+# 2016 - 2016 Daniel Heule (hda at sfs.biz)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+
+fstype="$(cat "$__object/parameter/fstype")"
+
+if [ -f "$__object/parameter/device" ]; then
+ mydev="$(cat "$__object/parameter/device")"
+else
+ mydev="$__object_id"
+fi
+
+label="$(cat "$__object/parameter/label")"
+mkfsoptions="$(cat "$__object/parameter/mkfsoptions")"
+
+
+if [ -f "$__object/parameter/force" ]; then
+ # create filesystem even an other filesystem is on disk or the label is not correct, use with caution !
+ forcefs="true"
+else
+ forcefs="false"
+fi
+
+
+
+blkdev_devname="$(grep -P -o 'NAME="\K[^"]*' "$__object/explorer/lsblk")"
+blkdev_fstype="$(grep -P -o 'FSTYPE="\K[^"]*' "$__object/explorer/lsblk")"
+blkdev_label="$(grep -P -o 'LABEL="\K[^"]*' "$__object/explorer/lsblk")"
+blkdev_mountpoint="$(grep -P -o 'MOUNTPOINT="\K[^"]*' "$__object/explorer/lsblk")"
+
+if [ -z "$blkdev_devname" ]; then
+ echo "Specified device $mydev not found on target system" >&2
+ exit 1
+fi
+
+[ "$blkdev_label" = "$label" ] && [ "$blkdev_fstype" = "$fstype" ] && exit 0
+
+if [ -n "$blkdev_mountpoint" ]; then
+ echo "Specified device $mydev is mounted on $blkdev_mountpoint, __filesystem does NOTHING with mountd devices" >&2
+ exit 0
+fi
+
+if [ -n "$blkdev_fstype" ] && [ "$forcefs" != "true" ]; then
+ if [ "$blkdev_label" != "$label" ]; then
+ echo "Specified device $mydev has not the spezified label: $blkdev_label, but __filesystem does NOTHING in this case without the --force option" >&2
+ exit 0
+ fi
+ if [ "$blkdev_fstype" != "$fstype" ]; then
+ echo "Specified device $mydev has not the spezified filesystem: $blkdev_fstype, but __filesystem does NOTHING in this case without the --force option" >&2
+ exit 0
+ fi
+fi
+
+
+# ok, all conditions checked, we need to format the device, lets go
+opts="$mkfsoptions"
+if [ -n "$label" ]; then
+ opts="$opts -L '$label'"
+fi
+
+case "$fstype" in
+ ext2|ext3|ext4)
+ if [ "$forcefs" = "true" ]; then
+ opts="$opts -F"
+ fi
+ echo "mkfs.$fstype $opts /dev/$blkdev_devname"
+ ;;
+ btrfs)
+ if [ "$forcefs" = "true" ]; then
+ opts="$opts --force"
+ fi
+ echo "mkfs.btrfs $opts /dev/$blkdev_devname"
+ ;;
+ xfs)
+ if [ "$forcefs" = "true" ]; then
+ opts="$opts -f"
+ fi
+ echo "mkfs.xfs $opts /dev/$blkdev_devname"
+ ;;
+ *)
+ echo "__filesystem type lacks implementation for filesystem: $fstype" >&2
+ exit 1
+ ;;
+esac
+echo "filesystem $fstype on $mydev : /dev/$blkdev_devname created" >> "$__messages_out"
diff --git a/cdist/conf/type/__filesystem/man.rst b/cdist/conf/type/__filesystem/man.rst
new file mode 100644
index 00000000..1c103ac9
--- /dev/null
+++ b/cdist/conf/type/__filesystem/man.rst
@@ -0,0 +1,81 @@
+cdist-type__filesystem(7)
+=========================
+
+NAME
+----
+cdist-type__filesystem - Create Filesystems.
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to create filesystems on devices.
+
+If the device is mounted on target, it refuses to do anything.
+
+If the device has a filesystem other then the specified and/or
+the label is not correct, it only makes a new filesystem
+if you have specified --force option.
+
+
+REQUIRED PARAMETERS
+-------------------
+fstype
+ Filesystem type, for example 'ext3', 'btrfs' or 'xfs'.
+
+
+
+OPTIONAL PARAMETERS
+-------------------
+device
+ Blockdevice for filesystem, Defaults to object_id.
+ On linux, it can be any lsblk accepted device notation.
+
+ |
+ | For example:
+ | /dev/sdx
+ | or /dev/disk/by-xxxx/xxx
+ | or /dev/mapper/xxxx
+
+label
+ Label which should be applied on the filesystem.
+
+mkfsoptions
+ Additional options which are inserted to the mkfs.xxx call.
+
+
+BOOLEAN PARAMETERS
+------------------
+force
+ Normally, this type does nothing if a filesystem is found
+ on the target device. If you specify force, it's formatted
+ if the filesystem type or label differs from parameters.
+ Warning: This option can easily lead into data loss!
+
+MESSAGES
+--------
+filesystem on \: created
+ Filesystem was created on
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Ensures that device /dev/sdb is formatted with xfs
+ __filesystem /dev/sdb --fstype xfs --label Testdisk1
+ # The same thing with btrfs and disk spezified by pci path to disk 1:0 on vmware
+ __filesystem dev_sdb --fstype btrfs --device /dev/disk/by-path/pci-0000:0b:00.0-scsi-0:0:0:0 --label Testdisk2
+ # Make sure that a multipath san device has a filesystem ...
+ __filesystem dev_sdb --fstype xfs --device /dev/mapper/360060e80432f560050202f22000023ff --label Testdisk3
+
+
+AUTHORS
+-------
+Daniel Heule
+
+
+COPYING
+-------
+Copyright \(C) 2016 Daniel Heule. Free use of this software is
+granted under the terms of the GNU General Public License version 3 or any later version (GPLv3+).
diff --git a/cdist/conf/type/__filesystem/parameter/boolean b/cdist/conf/type/__filesystem/parameter/boolean
new file mode 100644
index 00000000..14b33226
--- /dev/null
+++ b/cdist/conf/type/__filesystem/parameter/boolean
@@ -0,0 +1 @@
+force
diff --git a/cdist/conf/type/__filesystem/parameter/default/label b/cdist/conf/type/__filesystem/parameter/default/label
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__filesystem/parameter/default/mkfsoptions b/cdist/conf/type/__filesystem/parameter/default/mkfsoptions
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__filesystem/parameter/optional b/cdist/conf/type/__filesystem/parameter/optional
new file mode 100644
index 00000000..79dddc21
--- /dev/null
+++ b/cdist/conf/type/__filesystem/parameter/optional
@@ -0,0 +1,3 @@
+device
+label
+mkfsoptions
diff --git a/cdist/conf/type/__filesystem/parameter/required b/cdist/conf/type/__filesystem/parameter/required
new file mode 100644
index 00000000..98f8b69f
--- /dev/null
+++ b/cdist/conf/type/__filesystem/parameter/required
@@ -0,0 +1 @@
+fstype
diff --git a/cdist/conf/type/__firewalld_rule/explorer/rule b/cdist/conf/type/__firewalld_rule/explorer/rule
new file mode 100644
index 00000000..0234e5b6
--- /dev/null
+++ b/cdist/conf/type/__firewalld_rule/explorer/rule
@@ -0,0 +1,32 @@
+#!/bin/sh
+#
+# 2015 Nico Schottelius (nico-cdist at schottelius.org)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+
+protocol="$(cat "$__object/parameter/protocol")"
+table="$(cat "$__object/parameter/table")"
+chain="$(cat "$__object/parameter/chain")"
+priority="$(cat "$__object/parameter/priority")"
+rule="$(cat "$__object/parameter/rule")"
+
+if firewall-cmd --permanent --direct --query-rule "$protocol" "$table" "$chain" "$priority" "$rule" >/dev/null; then
+ echo present
+else
+ echo absent
+fi
diff --git a/cdist/conf/type/__firewalld_rule/gencode-remote b/cdist/conf/type/__firewalld_rule/gencode-remote
new file mode 100755
index 00000000..bd6d13e5
--- /dev/null
+++ b/cdist/conf/type/__firewalld_rule/gencode-remote
@@ -0,0 +1,47 @@
+#!/bin/sh -e
+#
+# 2015 Nico Schottelius (nico-cdist at schottelius.org)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+
+state_should="$(cat "$__object/parameter/state")"
+state_is="$(cat "$__object/explorer/rule")"
+
+[ "$state_is" = "$state_should" ] && exit 0
+
+protocol="$(cat "$__object/parameter/protocol")"
+table="$(cat "$__object/parameter/table")"
+chain="$(cat "$__object/parameter/chain")"
+priority="$(cat "$__object/parameter/priority")"
+rule="$(cat "$__object/parameter/rule")"
+
+case "$state_should" in
+ present)
+ echo "firewall-cmd --quiet --permanent --direct --add-rule '$protocol' '$table' '$chain' '$priority' $rule"
+ echo "firewall-cmd --quiet --direct --add-rule '$protocol' '$table' '$chain' '$priority' $rule"
+ ;;
+
+ absent)
+ echo "firewall-cmd --quiet --permanent --direct --remove-rule '$protocol' '$table' '$chain' '$priority' $rule"
+ echo "firewall-cmd --quiet --direct --remove-rule '$protocol' '$table' '$chain' '$priority' $rule"
+ ;;
+ *)
+ echo "Unknown state $state_should" >&2
+ exit 1
+ ;;
+esac
diff --git a/cdist/conf/type/__firewalld_rule/man.rst b/cdist/conf/type/__firewalld_rule/man.rst
new file mode 100644
index 00000000..5de5d15c
--- /dev/null
+++ b/cdist/conf/type/__firewalld_rule/man.rst
@@ -0,0 +1,81 @@
+cdist-type__firewalld_rule(7)
+=============================
+
+NAME
+----
+cdist-type__firewalld_rule - Configure firewalld rules
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to manage rules in firewalld
+using the *direct* way (i.e. no zone support).
+
+
+REQUIRED PARAMETERS
+-------------------
+rule
+ The rule to apply. Essentially an firewalld command
+ line without firewalld in front of it.
+protocol
+ Either ipv4, ipv4 or eb. See firewall-cmd(1)
+table
+ The table to use (like filter or nat). See firewall-cmd(1).
+chain
+ The chain to use (like INPUT_direct or FORWARD_direct). See firewall-cmd(1).
+priority
+ The priority to use (0 is topmost). See firewall-cmd(1).
+
+
+OPTIONAL PARAMETERS
+-------------------
+state
+ 'present' or 'absent', defaults to 'present'
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Allow access from entrance.place4.ungleich.ch
+ __firewalld_rule entrance \
+ --protocol ipv4 \
+ --table filter \
+ --chain INPUT_direct \
+ --priority 0 \
+ --rule '-s entrance.place4.ungleich.ch -j ACCEPT'
+
+ # Allow forwarding of traffic from br0
+ __firewalld_rule vm-forward --protocol ipv4 \
+ --table filter \
+ --chain FORWARD_direct \
+ --priority 0 \
+ --rule '-i br0 -j ACCEPT'
+
+ # Ensure old rule is absent - warning, the rule part must stay the same!
+ __firewalld_rule vm-forward
+ --protocol ipv4 \
+ --table filter \
+ --chain FORWARD_direct \
+ --priority 0 \
+ --rule '-i br0 -j ACCEPT' \
+ --state absent
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__iptables_rule`\ (7), :strong:`firewalld`\ (8)
+
+
+AUTHORS
+-------
+Nico Schottelius
+
+
+COPYING
+-------
+Copyright \(C) 2015 Nico Schottelius. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__firewalld_rule/manifest b/cdist/conf/type/__firewalld_rule/manifest
new file mode 100755
index 00000000..71156329
--- /dev/null
+++ b/cdist/conf/type/__firewalld_rule/manifest
@@ -0,0 +1,23 @@
+#!/bin/sh -e
+#
+# 2015 David Hürlimann (david at ungleich.ch)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# This type allows to configure the desired localtime timezone.
+
+__package firewalld
diff --git a/cdist/conf/type/__firewalld_rule/parameter/default/state b/cdist/conf/type/__firewalld_rule/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__firewalld_rule/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__rvm/parameter/required b/cdist/conf/type/__firewalld_rule/parameter/optional
similarity index 100%
rename from cdist/conf/type/__rvm/parameter/required
rename to cdist/conf/type/__firewalld_rule/parameter/optional
diff --git a/cdist/conf/type/__firewalld_rule/parameter/required b/cdist/conf/type/__firewalld_rule/parameter/required
new file mode 100644
index 00000000..58def7e4
--- /dev/null
+++ b/cdist/conf/type/__firewalld_rule/parameter/required
@@ -0,0 +1,5 @@
+chain
+priority
+protocol
+rule
+table
diff --git a/cdist/conf/type/__firewalld_start/gencode-remote b/cdist/conf/type/__firewalld_start/gencode-remote
new file mode 100755
index 00000000..3e767f68
--- /dev/null
+++ b/cdist/conf/type/__firewalld_start/gencode-remote
@@ -0,0 +1,84 @@
+#!/bin/sh -e
+#
+# 2016 Darko Poljak(darko.poljak at ungleich.ch)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+
+startstate="$(cat "$__object/parameter/startstate")"
+init=$(cat "$__global/explorer/init")
+
+os=$(cat "$__global/explorer/os")
+os_version=$(cat "$__global/explorer/os_version")
+name="firewalld"
+
+case "${startstate}" in
+ present)
+ cmd="start"
+ ;;
+ absent)
+ cmd="stop"
+ ;;
+ *)
+ echo "Unknown startstate: ${startstate}" >&2
+ exit 1
+ ;;
+esac
+
+if [ "$init" = 'systemd' ]; then
+ # this handles ALL linux distros with systemd
+ # e.g. archlinux, gentoo in some cases, new RHEL and SLES versions
+ echo "systemctl \"$cmd\" \"$name\""
+else
+ case "$os" in
+ debian)
+ case "$os_version" in
+ [1-7]*)
+ echo "service \"$name\" \"$cmd\""
+ ;;
+ 8*)
+ echo "systemctl \"$cmd\" \"$name\""
+ ;;
+ *)
+ echo "Unsupported version $os_version of $os" >&2
+ exit 1
+ ;;
+ esac
+ ;;
+
+ gentoo)
+ echo service \"$name\" \"$cmd\"
+ ;;
+
+ amazon|scientific|centos|fedora|owl|redhat|suse)
+ echo service \"$name\" \"$cmd\"
+ ;;
+
+ openwrt)
+ echo "/etc/init.d/\"$name\" \"$cmd\""
+ ;;
+
+ ubuntu)
+ echo "service \"$name\" \"$cmd\""
+ ;;
+
+ *)
+ echo "Unsupported os: $os" >&2
+ exit 1
+ ;;
+ esac
+fi
diff --git a/cdist/conf/type/__firewalld_start/man.rst b/cdist/conf/type/__firewalld_start/man.rst
new file mode 100644
index 00000000..74199cd6
--- /dev/null
+++ b/cdist/conf/type/__firewalld_start/man.rst
@@ -0,0 +1,53 @@
+cdist-type__firewalld_start(7)
+==============================
+
+NAME
+----
+cdist-type__firewalld_start - start and enable firewalld
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to start and enable firewalld.
+
+
+REQUIRED PARAMETERS
+-------------------
+None
+
+OPTIONAL PARAMETERS
+-------------------
+startstate
+ 'present' or 'absent', start/stop firewalld. Default is 'present'.
+bootstate
+ 'present' or 'absent', enable/disable firewalld on boot. Default is 'present'.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # start and enable firewalld
+ __firewalld_start
+
+ # only enable firewalld to start on boot
+ __firewalld_start --startstate present --bootstate absent
+
+
+SEE ALSO
+--------
+:strong:`firewalld`\ (8)
+
+
+AUTHORS
+-------
+Darko Poljak
+
+
+COPYING
+-------
+Copyright \(C) 2016 Darko Poljak. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__firewalld_start/manifest b/cdist/conf/type/__firewalld_start/manifest
new file mode 100755
index 00000000..98caaad9
--- /dev/null
+++ b/cdist/conf/type/__firewalld_start/manifest
@@ -0,0 +1,23 @@
+#!/bin/sh -e
+#
+# 2016 Darko Poljak (darko.poljak at ungleich.ch)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+
+bootstate="$(cat "$__object/parameter/bootstate")"
+
+__package firewalld
+require="__package/firewalld" __start_on_boot firewalld --state "${bootstate}"
diff --git a/cdist/conf/type/__firewalld_start/parameter/default/bootstate b/cdist/conf/type/__firewalld_start/parameter/default/bootstate
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__firewalld_start/parameter/default/bootstate
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__firewalld_start/parameter/default/startstate b/cdist/conf/type/__firewalld_start/parameter/default/startstate
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__firewalld_start/parameter/default/startstate
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__firewalld_start/parameter/optional b/cdist/conf/type/__firewalld_start/parameter/optional
new file mode 100644
index 00000000..934c7d0d
--- /dev/null
+++ b/cdist/conf/type/__firewalld_start/parameter/optional
@@ -0,0 +1,2 @@
+bootstate
+startstate
diff --git a/cdist/conf/type/__firewalld_start/singleton b/cdist/conf/type/__firewalld_start/singleton
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__git/explorer/group b/cdist/conf/type/__git/explorer/group
index 1308c710..3ddf9656 100644
--- a/cdist/conf/type/__git/explorer/group
+++ b/cdist/conf/type/__git/explorer/group
@@ -2,4 +2,4 @@
destination="/$__object_id/.git"
-stat --print "%G" ${destination} 2>/dev/null || exit 0
+stat --print "%G" "${destination}" 2>/dev/null || exit 0
diff --git a/cdist/conf/type/__git/explorer/owner b/cdist/conf/type/__git/explorer/owner
index 8c36b035..4c3cd431 100644
--- a/cdist/conf/type/__git/explorer/owner
+++ b/cdist/conf/type/__git/explorer/owner
@@ -2,4 +2,4 @@
destination="/$__object_id/.git"
-stat --print "%U" ${destination} 2>/dev/null || exit 0
+stat --print "%U" "${destination}" 2>/dev/null || exit 0
diff --git a/cdist/conf/type/__git/gencode-remote b/cdist/conf/type/__git/gencode-remote
old mode 100644
new mode 100755
index d719a492..ab22655f
--- a/cdist/conf/type/__git/gencode-remote
+++ b/cdist/conf/type/__git/gencode-remote
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/sh -e
#
# 2012 Nico Schottelius (nico-cdist at schottelius.org)
#
@@ -19,48 +19,46 @@
#
#
-state_is="$(cat "$__object/explorer/state")"
-owner_is="$(cat "$__object/explorer/owner")"
-group_is="$(cat "$__object/explorer/group")"
+state_is=$(cat "$__object/explorer/state")
+owner_is=$(cat "$__object/explorer/owner")
+group_is=$(cat "$__object/explorer/group")
-state_should=present
-[ -f "$__object/parameter/state" ] && state_should="$(cat "$__object/parameter/state")"
+state_should=$(cat "$__object/parameter/state")
-branch=master
-[ -f "$__object/parameter/branch" ] && branch="$(cat "$__object/parameter/branch")"
+branch=$(cat "$__object/parameter/branch")
-source="$(cat "$__object/parameter/source")"
+source=$(cat "$__object/parameter/source")
destination="/$__object_id"
-owner=""
-[ -f "$__object/parameter/owner" ] && owner="$(cat "$__object/parameter/owner")"
-group=""
-[ -f "$__object/parameter/group" ] && group="$(cat "$__object/parameter/group")"
-mode=""
-[ -f "$__object/parameter/mode" ] && mode="$(cat "$__object/parameter/mode")"
+owner=$(cat "$__object/parameter/owner")
+group=$(cat "$__object/parameter/group")
+mode=$(cat "$__object/parameter/mode")
-[ "$state_should" = "$state_is" -a \
- "$owner" = "$owner_is" -a \
- "$group" = "$group_is" -a \
- -n "$mode" ] && exit 0
+[ -f "$__object/parameter/recursive" ] && recursive='--recurse-submodules' || recursive=''
+[ -f "$__object/parameter/shallow" ] && shallow='--depth 1 --shallow-submodules' || shallow=''
+
+[ "$state_should" = "$state_is" ] \
+ && [ "$owner" = "$owner_is" ] \
+ && [ "$group" = "$group_is" ] \
+ && [ -n "$mode" ] && exit 0
case $state_should in
present)
-
if [ "$state_should" != "$state_is" ]; then
- echo git clone --quiet --branch "$branch" "$source" "$destination"
+ echo git clone --quiet "$recursive" "$shallow" --branch "$branch" "$source" "$destination"
fi
- if [ \( -n "$owner" -a "$owner_is" != "$owner" \) -o \
- \( -n "$group" -a "$group_is" != "$group" \) ]; then
+ if { [ -n "$owner" ] && [ "$owner_is" != "$owner" ]; } || \
+ { [ -n "$group" ] && [ "$group_is" != "$group" ]; }; then
echo chown -R "${owner}:${group}" "$destination"
fi
if [ -n "$mode" ]; then
echo chmod -R "$mode" "$destination"
fi
;;
- # Handled in manifest
+
absent)
+ # Handled in manifest
;;
*)
diff --git a/cdist/conf/type/__git/man.rst b/cdist/conf/type/__git/man.rst
new file mode 100644
index 00000000..d3e15f25
--- /dev/null
+++ b/cdist/conf/type/__git/man.rst
@@ -0,0 +1,66 @@
+cdist-type__git(7)
+==================
+
+NAME
+----
+cdist-type__git - Get and or keep git repositories up-to-date
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to clone git repositories
+
+
+REQUIRED PARAMETERS
+-------------------
+source
+ Specifies the git remote to clone from
+
+
+OPTIONAL PARAMETERS
+-------------------
+state
+ Either "present" or "absent", defaults to "present"
+
+branch
+ Create this branch by checking out the remote branch of this name
+ Default branch is "master"
+
+group
+ Group to chgrp to.
+
+mode
+ Unix permissions, suitable for chmod.
+
+owner
+ User to chown to.
+
+recursive
+ Passes the --recurse-submodules flag to git when cloning the repository.
+
+shallow
+ Sets --depth=1 and --shallow-submodules for cloning repositories with big history.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __git /home/services/dokuwiki --source git://github.com/splitbrain/dokuwiki.git
+
+ # Checkout cdist, stay on branch 2.1
+ __git /home/nico/cdist --source git@code.ungleich.ch:ungleich-public/cdist.git --branch 2.1
+
+
+AUTHORS
+-------
+Nico Schottelius
+
+
+COPYING
+-------
+Copyright \(C) 2012 Nico Schottelius. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__git/man.text b/cdist/conf/type/__git/man.text
deleted file mode 100644
index 7c6b83cd..00000000
--- a/cdist/conf/type/__git/man.text
+++ /dev/null
@@ -1,59 +0,0 @@
-cdist-type__git(7)
-==================
-Nico Schottelius
-
-
-NAME
-----
-cdist-type__git - Get and or keep git repositories up-to-date
-
-
-DESCRIPTION
------------
-This cdist type allows you to clone git repositories
-
-
-REQUIRED PARAMETERS
--------------------
-source::
- Specifies the git remote to clone from
-
-
-OPTIONAL PARAMETERS
--------------------
-state::
- Either "present" or "absent", defaults to "present"
-
-branch::
- Create this branch by checking out the remote branch of this name
-
-group::
- Group to chgrp to.
-
-mode::
- Unix permissions, suitable for chmod.
-
-owner::
- User to chown to.
-
-
-EXAMPLES
---------
-
---------------------------------------------------------------------------------
-__git /home/services/dokuwiki --source git://github.com/splitbrain/dokuwiki.git
-
-# Checkout cdist, stay on branch 2.1
-__git /home/nico/cdist --source git://github.com/telmich/cdist.git --branch 2.1
---------------------------------------------------------------------------------
-
-
-SEE ALSO
---------
-- cdist-type(7)
-
-
-COPYING
--------
-Copyright \(C) 2012 Nico Schottelius. Free use of this software is
-granted under the terms of the GNU General Public License version 3 (GPLv3).
diff --git a/cdist/conf/type/__git/manifest b/cdist/conf/type/__git/manifest
old mode 100644
new mode 100755
index 8d6a29e4..6fb870f4
--- a/cdist/conf/type/__git/manifest
+++ b/cdist/conf/type/__git/manifest
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/sh -e
#
# 2012 Nico Schottelius (nico-cdist at schottelius.org)
#
@@ -23,8 +23,10 @@
__package git --state present
-state_should=present
-[ -f "$__object/parameter/state" ] && state_should="$(cat "$__object/parameter/state")"
+state_should="$(cat "$__object/parameter/state")"
+owner="$(cat "$__object/parameter/owner")"
+group="$(cat "$__object/parameter/group")"
+mode="$(cat "$__object/parameter/mode")"
# Let __directory handle removal of git repos
@@ -34,7 +36,10 @@ case "$state_should" in
;;
absent)
- __directory "$__object_id" --state absent
+ __directory "$__object_id" --state absent \
+ --owner "$owner" \
+ --group "$group" \
+ --mode "$mode"
;;
*)
diff --git a/cdist/conf/type/__git/parameter/boolean b/cdist/conf/type/__git/parameter/boolean
new file mode 100644
index 00000000..d600d4ca
--- /dev/null
+++ b/cdist/conf/type/__git/parameter/boolean
@@ -0,0 +1,2 @@
+recursive
+shallow
diff --git a/cdist/conf/type/__git/parameter/default/branch b/cdist/conf/type/__git/parameter/default/branch
new file mode 100644
index 00000000..1f7391f9
--- /dev/null
+++ b/cdist/conf/type/__git/parameter/default/branch
@@ -0,0 +1 @@
+master
diff --git a/cdist/conf/type/__git/parameter/default/group b/cdist/conf/type/__git/parameter/default/group
new file mode 100644
index 00000000..8b137891
--- /dev/null
+++ b/cdist/conf/type/__git/parameter/default/group
@@ -0,0 +1 @@
+
diff --git a/cdist/conf/type/__git/parameter/default/mode b/cdist/conf/type/__git/parameter/default/mode
new file mode 100644
index 00000000..8b137891
--- /dev/null
+++ b/cdist/conf/type/__git/parameter/default/mode
@@ -0,0 +1 @@
+
diff --git a/cdist/conf/type/__git/parameter/default/owner b/cdist/conf/type/__git/parameter/default/owner
new file mode 100644
index 00000000..8b137891
--- /dev/null
+++ b/cdist/conf/type/__git/parameter/default/owner
@@ -0,0 +1 @@
+
diff --git a/cdist/conf/type/__git/parameter/default/state b/cdist/conf/type/__git/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__git/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__go_get/explorer/go-executable b/cdist/conf/type/__go_get/explorer/go-executable
new file mode 100755
index 00000000..87182282
--- /dev/null
+++ b/cdist/conf/type/__go_get/explorer/go-executable
@@ -0,0 +1,6 @@
+#!/bin/sh
+# shellcheck disable=SC1091
+[ -f /etc/environment ] && . /etc/environment
+# shellcheck disable=SC1091
+[ -f /etc/profile ] && . /etc/profile
+go version 2>/dev/null || true
diff --git a/cdist/conf/type/__go_get/gencode-remote b/cdist/conf/type/__go_get/gencode-remote
new file mode 100755
index 00000000..4c47a70e
--- /dev/null
+++ b/cdist/conf/type/__go_get/gencode-remote
@@ -0,0 +1,10 @@
+#!/bin/sh -e
+
+package=$__object_id
+
+cat<
+
+
+COPYING
+-------
+Copyright \(C) 2017 Kamila Součková. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__go_get/manifest b/cdist/conf/type/__go_get/manifest
new file mode 100755
index 00000000..a5cc4c80
--- /dev/null
+++ b/cdist/conf/type/__go_get/manifest
@@ -0,0 +1,18 @@
+#!/bin/sh -e
+
+go_executable=$(cat "$__object/explorer/go-executable")
+[ -z "$go_executable" ] && echo "__go_get: Cannot find go executable; make sure it is installed and in PATH" >&2 && exit 1
+
+os=$(cat "$__global/explorer/os")
+case $os in
+ debian|devuan|ubuntu)
+ __package build-essential
+ ;;
+ *)
+ echo "__go_get: Don't know how to install g++ on $os" >&2
+ echo "__go_get: Send a pull request or contact to add support for $os." >&2
+ exit 1
+ ;;
+esac
+
+__package git
diff --git a/cdist/conf/type/__golang_from_vendor/gencode-remote b/cdist/conf/type/__golang_from_vendor/gencode-remote
new file mode 100755
index 00000000..5200e9e3
--- /dev/null
+++ b/cdist/conf/type/__golang_from_vendor/gencode-remote
@@ -0,0 +1,26 @@
+#!/bin/sh -e
+
+version=$(cat "$__object/parameter/version")
+
+kernel_name=$(tr '[:upper:]' '[:lower:]' < "$__global/explorer/kernel_name")
+machine=$(cat "$__global/explorer/machine")
+case $machine in
+ x86_64|amd64)
+ arch=amd64
+ ;;
+ x86)
+ arch=386
+ ;;
+ *)
+ arch=$machine # at least try...
+ ;;
+esac
+
+PACKAGE="go${version}.${kernel_name}-${arch}"
+URL="https://storage.googleapis.com/golang/${PACKAGE}.tar.gz"
+cat </dev/null)" = "xgo$version" ] && exit 0 # already there
+wget --no-verbose "$URL" -O "/tmp/${PACKAGE}.tar.gz"
+rm -rf /usr/local/go
+tar -C /usr/local -xzf /tmp/${PACKAGE}.tar.gz
+EOF
diff --git a/cdist/conf/type/__golang_from_vendor/man.rst b/cdist/conf/type/__golang_from_vendor/man.rst
new file mode 100644
index 00000000..2b4f065e
--- /dev/null
+++ b/cdist/conf/type/__golang_from_vendor/man.rst
@@ -0,0 +1,48 @@
+cdist-type__golang_from_vendor(7)
+=================================
+
+NAME
+----
+cdist-type__golang_from_vendor - Install any version of golang from golang.org
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to install golang from archives provided by https://golang.org/dl/.
+
+See https://golang.org/dl/ for the list of supported versions, operating systems and architectures.
+
+This is a singleton type.
+
+
+REQUIRED PARAMETERS
+-------------------
+None.
+
+
+OPTIONAL PARAMETERS
+-------------------
+version
+ The golang version to install, defaults to 1.8.1
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __golang_from_vendor --version 1.8.1
+
+
+
+AUTHORS
+-------
+Kamila Součková
+
+
+COPYING
+-------
+Copyright \(C) 2017 Kamila Součková. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__golang_from_vendor/manifest b/cdist/conf/type/__golang_from_vendor/manifest
new file mode 100755
index 00000000..ad39ddfb
--- /dev/null
+++ b/cdist/conf/type/__golang_from_vendor/manifest
@@ -0,0 +1,4 @@
+#!/bin/sh -e
+
+# shellcheck disable=SC2016
+__line go_in_path --line 'export PATH=/usr/local/go/bin:$PATH' --file /etc/profile
diff --git a/cdist/conf/type/__golang_from_vendor/parameter/default/version b/cdist/conf/type/__golang_from_vendor/parameter/default/version
new file mode 100644
index 00000000..a8fdfda1
--- /dev/null
+++ b/cdist/conf/type/__golang_from_vendor/parameter/default/version
@@ -0,0 +1 @@
+1.8.1
diff --git a/cdist/conf/type/__golang_from_vendor/parameter/optional b/cdist/conf/type/__golang_from_vendor/parameter/optional
new file mode 100644
index 00000000..088eda41
--- /dev/null
+++ b/cdist/conf/type/__golang_from_vendor/parameter/optional
@@ -0,0 +1 @@
+version
diff --git a/cdist/conf/type/__golang_from_vendor/singleton b/cdist/conf/type/__golang_from_vendor/singleton
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__grafana_dashboard/man.rst b/cdist/conf/type/__grafana_dashboard/man.rst
new file mode 100644
index 00000000..b3974028
--- /dev/null
+++ b/cdist/conf/type/__grafana_dashboard/man.rst
@@ -0,0 +1,43 @@
+cdist-type__grafana_dashboard(7)
+================================
+
+NAME
+----
+cdist-type__grafana_dashboard - Install Grafana (https://grafana.com)
+
+
+DESCRIPTION
+-----------
+This cdist type adds the Grafana repository, installs the grafana package, and sets the server to start on boot.
+
+This is a singleton type.
+
+REQUIRED PARAMETERS
+-------------------
+None.
+
+
+OPTIONAL PARAMETERS
+-------------------
+None.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __grafana_dashboard
+
+
+AUTHORS
+-------
+Kamila Součková
+
+
+COPYING
+-------
+Copyright \(C) 2017 Kamila Součková. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__grafana_dashboard/manifest b/cdist/conf/type/__grafana_dashboard/manifest
new file mode 100755
index 00000000..d145c4c3
--- /dev/null
+++ b/cdist/conf/type/__grafana_dashboard/manifest
@@ -0,0 +1,46 @@
+#!/bin/sh -e
+
+os=$(cat "$__global/explorer/os")
+os_version=$(cat "$__global/explorer/os_version")
+
+require=""
+case $os in
+ debian|devuan)
+ case $os_version in
+ 8*|jessie)
+ # Differntation not needed anymore
+ apt_source_distribution=stable
+ ;;
+ 9*|ascii/ceres|ascii)
+ # Differntation not needed anymore
+ apt_source_distribution=stable
+ ;;
+ 10*)
+ # Differntation not needed anymore
+ apt_source_distribution=stable
+ ;;
+ *)
+ echo "Don't know how to install Grafana on $os $os_version. Send us a pull request!" >&2
+ exit 1
+ ;;
+ esac
+
+ __apt_key_uri grafana \
+ --name 'Grafana Release Signing Key' \
+ --uri https://packages.grafana.com/gpg.key
+
+ require="$require __apt_key_uri/grafana" __apt_source grafana \
+ --uri https://packages.grafana.com/oss/deb \
+ --distribution $apt_source_distribution \
+ --component main
+ __package apt-transport-https
+ require="$require __apt_source/grafana" __apt_update_index
+ require="$require __package/apt-transport-https __apt_update_index" __package grafana
+ require="$require __package/grafana" __start_on_boot grafana-server
+ require="$require __start_on_boot/grafana-server" __process grafana-server --start "service grafana-server start"
+ ;;
+ *)
+ echo "Don't know how to install Grafana on $os. Send us a pull request!" >&2
+ exit 1
+ ;;
+esac
diff --git a/cdist/conf/type/__grafana_dashboard/singleton b/cdist/conf/type/__grafana_dashboard/singleton
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__group/TODO b/cdist/conf/type/__group/TODO
deleted file mode 100644
index c20a5d21..00000000
--- a/cdist/conf/type/__group/TODO
+++ /dev/null
@@ -1,2 +0,0 @@
-- delete groups
-
diff --git a/cdist/conf/type/__group/explorer/group b/cdist/conf/type/__group/explorer/group
index 4c1e6ac0..dc673f61 100755
--- a/cdist/conf/type/__group/explorer/group
+++ b/cdist/conf/type/__group/explorer/group
@@ -1,6 +1,7 @@
#!/bin/sh
#
-# 2011 Steven Armstrong (steven-cdist at armstrong.cc)
+# 2011-2015 Steven Armstrong (steven-cdist at armstrong.cc)
+# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
#
# This file is part of cdist.
#
@@ -21,7 +22,21 @@
# Get an existing groups group entry.
#
+not_supported() {
+ echo "Your operating system ($("$__explorer/os")) is currently not supported." >&2
+ echo "Cannot extract group information." >&2
+ echo "Please contribute an implementation for it if you can." >&2
+ exit 1
+}
+
name=$__object_id
-getent group "$name" || true
-
+if command -v getent >/dev/null
+then
+ getent group "$name" || true
+elif [ -f /etc/group ]
+then
+ grep "^${name}:" /etc/group || true
+else
+ not_supported
+fi
diff --git a/cdist/conf/type/__group/explorer/gshadow b/cdist/conf/type/__group/explorer/gshadow
index 5ab4ed80..05841d69 100755
--- a/cdist/conf/type/__group/explorer/gshadow
+++ b/cdist/conf/type/__group/explorer/gshadow
@@ -1,6 +1,7 @@
#!/bin/sh
#
-# 2011 Steven Armstrong (steven-cdist at armstrong.cc)
+# 2011-2015 Steven Armstrong (steven-cdist at armstrong.cc)
+# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
#
# This file is part of cdist.
#
@@ -22,21 +23,28 @@
#
name=$__object_id
-os_version="$($__explorer/os_version)"
-os="$($__explorer/os)"
+os=$("$__explorer/os")
-if [ "$os" = "freebsd" ]; then
- echo "FreeBSD does not have getent gshadow"
- exit 0
-fi
+not_supported() {
+ echo "Your operating system ($os) is currently not supported." >&2
+ echo "Cannot extract group information." >&2
+ echo "Please contribute an implementation for it if you can." >&2
+ exit 1
+}
-case "$os_version" in
- "Red Hat Enterprise Linux Server release "[45]*|"CentOS release "[45]*)
- # TODO: find a way to get this information
- echo "$os_version does not have getent gshadow"
- ;;
- *)
- getent gshadow "$name" || true
- ;;
+case $os in
+ "freebsd"|"netbsd")
+ echo "$os does not have getent gshadow" >&2
+ exit 0
+ ;;
esac
+if command -v getent >/dev/null
+then
+ getent gshadow "$name" || true
+elif [ -f /etc/gshadow ]
+then
+ grep "^${name}:" /etc/gshadow || true
+else
+ not_supported
+fi
diff --git a/cdist/conf/type/__group/gencode-remote b/cdist/conf/type/__group/gencode-remote
index bb6797c2..6091c548 100755
--- a/cdist/conf/type/__group/gencode-remote
+++ b/cdist/conf/type/__group/gencode-remote
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/sh -e
#
-# 2011 Steven Armstrong (steven-cdist at armstrong.cc)
+# 2011-2015 Steven Armstrong (steven-cdist at armstrong.cc)
# 2011 Nico Schottelius (nico-cdist at schottelius.org)
#
# This file is part of cdist.
@@ -23,87 +23,84 @@
#
name="$__object_id"
-os_version="$(cat "$__global/explorer/os_version")"
os="$(cat "$__global/explorer/os")"
+state="$(cat "$__object/parameter/state")"
-cd "$__object/parameter"
-if grep -q "^${name}:" "$__object/explorer/group"; then
- for property in $(ls .); do
- new_value="$(cat "$property")"
- # argument to pass the groupmod command for this property (exceptions
- # are made in the case statement below)
- proparg="--$property"
- case "$property" in
- password)
- if [ "$os" = "freebsd" ]; then
- echo "group/$name: FreeBSD doesn't support password modification" >&2
- exit 1
- fi
- case "$os_version" in
- "Red Hat Enterprise Linux Server release "[45]*|"CentOS release "[45]*)
- # TODO: Use gpasswd? Need to fix gshadow explorer first.
- echo "group/$name: '$os_version' groupmod does not support password modification" >&2
- exit 1
+# Use short option names for portability
+shorten_property() {
+ case "$1" in
+ gid) echo " -g";;
+ password) echo " -p";;
+ system) echo " -r";;
+ esac
+}
+
+
+if [ "$state" = "present" ]; then
+ case "$os" in
+ freebsd)
+ supported_change_properties="gid"
+ ;;
+ *)
+ supported_change_properties="gid password"
+ ;;
+ esac
+ if grep -q "^${name}:" "$__object/explorer/group"; then
+ # change existing
+ for property in $supported_change_properties; do
+ if [ -f "$__object/parameter/$property" ]; then
+ new_value="$(cat "$__object/parameter/$property")"
+ unset current_value
+ case "$property" in
+ password)
+ current_value="$(awk -F: '{ print $2 }' "$__object/explorer/gshadow")"
+ ;;
+ gid)
+ current_value="$(awk -F: '{ print $3 }' "$__object/explorer/group")"
;;
esac
- current_value="$(awk -F: '{ print $2 }' < "$__object/explorer/gshadow")"
- ;;
- gid)
- # set to -g to support older redhat/centos
- proparg="-g"
- current_value="$(awk -F: '{ print $3 }' < "$__object/explorer/group")"
- ;;
- esac
-
- if [ "$new_value" != "$current_value" ]; then
- set -- "$@" "$proparg" \"$new_value\"
- fi
- done
-
- if [ $# -gt 0 ]; then
- case $os in
- freebsd)
- echo pw group mod "$@" "$name"
- ;;
- *)
+ if [ "$new_value" != "$current_value" ]; then
+ set -- "$@" "$(shorten_property "$property")" \'"$new_value"\'
+ echo "change $property $new_value $current_value" >> "$__messages_out"
+ fi
+ fi
+ done
+ if [ $# -gt 0 ]; then
+ if [ "$os" = "freebsd" ]; then
+ echo pw groupmod "$@" "$name"
+ else
echo groupmod "$@" "$name"
- ;;
- esac
+ fi
+ echo mod >> "$__messages_out"
+ fi
+ else
+ # create new
+ for property in $supported_change_properties; do
+ if [ -f "$__object/parameter/$property" ]; then
+ new_value="$(cat "$__object/parameter/$property")"
+ if [ -z "$new_value" ]; then
+ # Boolean parameters have no value
+ set -- "$@" "$(shorten_property "$property")"
+ else
+ set -- "$@" "$(shorten_property "$property")" \'"$new_value"\'
+ fi
+ fi
+ done
+ if [ "$os" = "freebsd" ]; then
+ echo pw groupadd "$@" "$name"
+ else
+ echo groupadd "$@" "$name"
+ fi
fi
else
- for property in $(ls .); do
- new_value="$(cat "$property")"
+ # delete existing
+ if grep -q "^${name}:" "$__object/explorer/group"; then
if [ "$os" = "freebsd" ]; then
- case $property in
- gid)
- proparg="-g"
- ;;
- password)
- echo "group/$name: FreeBSD doesn't support password setting" >&2
- exit 1
- ;;
- *)
- # The type has been updated to support more properties than it knows how to handle for FreeBSD
- # tell the user about this.
- echo "Currently unknown property: $property" >&2
- exit 1
- ;;
- esac
+ echo pw groupdel "$name"
else
- proparg="--$property"
+ echo groupdel "$name"
fi
-
- set -- "$@" "$proparg" \"$new_value\"
- done
-
- case $os in
- freebsd)
- echo pw group add "$@" "$name"
- ;;
- *)
- echo groupadd "$@" "$name"
- ;;
- esac
+ echo remove >> "$__messages_out"
+ fi
fi
-
diff --git a/cdist/conf/type/__group/man.rst b/cdist/conf/type/__group/man.rst
new file mode 100644
index 00000000..614f3d57
--- /dev/null
+++ b/cdist/conf/type/__group/man.rst
@@ -0,0 +1,80 @@
+cdist-type__group(7)
+====================
+
+NAME
+----
+cdist-type__group - Manage groups
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to create or modify groups on the target.
+
+
+REQUIRED PARAMETERS
+-------------------
+None.
+
+
+OPTIONAL PARAMETERS
+-------------------
+state
+ absent or present, defaults to present
+gid
+ see groupmod(8)
+password
+ see above
+
+
+BOOLEAN PARAMETERS
+------------------
+system
+ see groupadd(8), apply only on group creation
+
+
+MESSAGES
+--------
+mod
+ group is modified
+add
+ New group added
+remove
+ group is removed
+change
+ Changed group property from current_value to new_value
+set
+ set property to new value, property was not set before
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Create a group 'foobar' with operating system default settings
+ __group foobar
+
+ # Remove the 'foobar' group
+ __group foobar --state absent
+
+ # Create a system group 'myservice' with operating system default settings
+ __group myservice --system
+
+ # Same but with a specific gid
+ __group foobar --gid 1234
+
+ # Same but with a gid and password
+ __group foobar --gid 1234 --password 'crypted-password-string'
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2011-2015 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__group/man.text b/cdist/conf/type/__group/man.text
deleted file mode 100644
index c57ae337..00000000
--- a/cdist/conf/type/__group/man.text
+++ /dev/null
@@ -1,52 +0,0 @@
-cdist-type__group(7)
-====================
-Steven Armstrong
-
-
-NAME
-----
-cdist-type__group - Manage groups
-
-
-DESCRIPTION
------------
-This cdist type allows you to create or modify groups on the target.
-
-
-REQUIRED PARAMETERS
--------------------
-None.
-
-
-OPTIONAL PARAMETERS
--------------------
-gid::
- see groupmod(8)
-password::
- see above
-
-
-EXAMPLES
---------
-
---------------------------------------------------------------------------------
-# Create a group 'foobar' with operating system default settings
-__group foobar
-
-# Same but with a specific gid
-__group foobar --gid 1234
-
-# Same but with a gid and password
-__group foobar --gid 1234 --password 'crypted-password-string'
---------------------------------------------------------------------------------
-
-
-SEE ALSO
---------
-- cdist-type(7)
-
-
-COPYING
--------
-Copyright \(C) 2011 Steven Armstrong. Free use of this software is
-granted under the terms of the GNU General Public License version 3 (GPLv3).
diff --git a/cdist/conf/type/__group/parameter/boolean b/cdist/conf/type/__group/parameter/boolean
new file mode 100644
index 00000000..bec3a35e
--- /dev/null
+++ b/cdist/conf/type/__group/parameter/boolean
@@ -0,0 +1 @@
+system
diff --git a/cdist/conf/type/__group/parameter/default/state b/cdist/conf/type/__group/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__group/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__group/parameter/optional b/cdist/conf/type/__group/parameter/optional
index 4c661c8f..dd51c173 100644
--- a/cdist/conf/type/__group/parameter/optional
+++ b/cdist/conf/type/__group/parameter/optional
@@ -1,2 +1,3 @@
gid
password
+state
diff --git a/docs/dev/show_all_exported_variables b/cdist/conf/type/__hostname/explorer/has_hostnamectl
similarity index 81%
rename from docs/dev/show_all_exported_variables
rename to cdist/conf/type/__hostname/explorer/has_hostnamectl
index 18acceca..2f531f30 100755
--- a/docs/dev/show_all_exported_variables
+++ b/cdist/conf/type/__hostname/explorer/has_hostnamectl
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# 2010-2011 Nico Schottelius (nico-cdist at schottelius.org)
+# 2014 Nico Schottelius (nico-cdist at schottelius.org)
#
# This file is part of cdist.
#
@@ -18,8 +18,7 @@
# along with cdist. If not, see .
#
#
-# Generate documentation of exported variables
+# Check whether system has hostnamectl
#
-
-cat bin/* | awk '/^export/ { print $2 }'
+command -v hostnamectl 2>/dev/null || true
diff --git a/cdist/conf/type/__hostname/explorer/max_len b/cdist/conf/type/__hostname/explorer/max_len
new file mode 100644
index 00000000..fb863949
--- /dev/null
+++ b/cdist/conf/type/__hostname/explorer/max_len
@@ -0,0 +1,10 @@
+#!/bin/sh -e
+
+command -v getconf >/dev/null || exit 0
+
+val=$(getconf HOST_NAME_MAX 2>/dev/null) || exit 0
+
+if test -n "${val}" -a "${val}" != 'undefined'
+then
+ echo "${val}"
+fi
diff --git a/cdist/conf/type/__hostname/gencode-remote b/cdist/conf/type/__hostname/gencode-remote
new file mode 100755
index 00000000..ae224611
--- /dev/null
+++ b/cdist/conf/type/__hostname/gencode-remote
@@ -0,0 +1,100 @@
+#!/bin/sh -e
+#
+# 2014-2017 Steven Armstrong (steven-cdist at armstrong.cc)
+# 2014 Nico Schottelius (nico-cdist at schottelius.org)
+# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+os=$(cat "$__global/explorer/os")
+name_running=$(cat "$__global/explorer/hostname")
+has_hostnamectl=$(cat "$__object/explorer/has_hostnamectl")
+
+
+if test -s "$__object/parameter/name"
+then
+ name_should=$(cat "$__object/parameter/name")
+else
+ case $os
+ in
+ # RedHat-derivatives and BSDs
+ centos|fedora|redhat|scientific|freebsd|macosx|netbsd|openbsd)
+ # Hostname is FQDN
+ name_should="${__target_host}"
+ ;;
+ *)
+ # Hostname is only first component of FQDN
+ name_should="${__target_host%%.*}"
+ ;;
+ esac
+fi
+
+
+################################################################################
+# Check if the (running) hostname is already correct
+#
+test "$name_running" != "$name_should" || exit 0
+
+
+################################################################################
+# Setup hostname
+#
+echo 'changed' >>"$__messages_out"
+
+# Use the good old way to set the hostname.
+case $os
+in
+ alpine|debian|devuan|ubuntu)
+ echo 'hostname -F /etc/hostname'
+ ;;
+ archlinux)
+ echo 'command -v hostnamectl >/dev/null 2>&1' \
+ "&& hostnamectl set-hostname '$name_should'" \
+ "|| hostname '$name_should'"
+ ;;
+ centos|fedora|redhat|scientific|freebsd|netbsd|openbsd|gentoo|void)
+ echo "hostname '$name_should'"
+ ;;
+ macosx)
+ echo "scutil --set HostName '$name_should'"
+ ;;
+ solaris)
+ echo "uname -S '$name_should'"
+ ;;
+ slackware|suse|opensuse-leap)
+ # We do not read from /etc/HOSTNAME, because the running
+ # hostname is the first component only while the file contains
+ # the FQDN.
+ echo "hostname '$name_should'"
+ ;;
+ *)
+ # Fall back to set the hostname using hostnamectl, if available.
+ if test -n "$has_hostnamectl"
+ then
+ # Don't use hostnamectl as the primary means to set the hostname for
+ # systemd systems, because it cannot be trusted to work reliably and
+ # exit with non-zero when it fails (e.g. hostname too long,
+ # D-Bus failure, etc.).
+
+ echo "hostnamectl set-hostname \"\$(cat /etc/hostname)\""
+ echo "test \"\$(hostname)\" = \"\$(cat /etc/hostname)\"" \
+ " || hostname -F /etc/hostname"
+ else
+ printf "echo 'Unsupported OS: %s' >&2\nexit 1\n" "$os"
+ fi
+ ;;
+esac
diff --git a/cdist/conf/type/__hostname/man.rst b/cdist/conf/type/__hostname/man.rst
new file mode 100644
index 00000000..72aefbab
--- /dev/null
+++ b/cdist/conf/type/__hostname/man.rst
@@ -0,0 +1,55 @@
+cdist-type__hostname(7)
+=======================
+
+NAME
+----
+cdist-type__hostname - Set the hostname
+
+
+DESCRIPTION
+-----------
+Sets the hostname on various operating systems.
+
+**Tip:** For advice on choosing a hostname, see
+`RFC 1178 `_.
+
+
+REQUIRED PARAMETERS
+-------------------
+None.
+
+OPTIONAL PARAMETERS
+-------------------
+name
+ The hostname to set. Defaults to the first segment of __target_host
+ (${__target_host%%.*})
+
+
+MESSAGES
+--------
+changed
+ Changed the hostname
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # take hostname from __target_host
+ __hostname
+
+ # set hostname explicitly
+ __hostname --name some-static-hostname
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2012 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__hostname/manifest b/cdist/conf/type/__hostname/manifest
new file mode 100755
index 00000000..e1e356a0
--- /dev/null
+++ b/cdist/conf/type/__hostname/manifest
@@ -0,0 +1,189 @@
+#!/bin/sh -e
+#
+# 2012 Steven Armstrong (steven-cdist at armstrong.cc)
+# 2014 Nico Schottelius (nico-cdist at schottelius.org)
+# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+not_supported() {
+ echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2
+ echo "Please contribute an implementation for it if you can." >&2
+ exit 1
+}
+
+set_hostname_systemd() {
+ echo "$1" | __file /etc/hostname --source -
+}
+
+os=$(cat "$__global/explorer/os")
+os_version=$(cat "$__global/explorer/os_version")
+os_major=$(echo "$os_version" | grep -o '^[0-9][0-9]*' || true)
+
+max_len=$(cat "$__object/explorer/max_len")
+has_hostnamectl=$(cat "$__object/explorer/has_hostnamectl")
+
+if test -s "$__object/parameter/name"
+then
+ name_should=$(cat "$__object/parameter/name")
+else
+ case $os
+ in
+ # RedHat-derivatives and BSDs
+ centos|fedora|redhat|scientific|freebsd|netbsd|openbsd|slackware)
+ # Hostname is FQDN
+ name_should="${__target_host}"
+ ;;
+ suse|opensuse-leap)
+ # Classic SuSE stores the FQDN in /etc/HOSTNAME, while
+ # systemd does not. The running hostname is the first
+ # component in both cases.
+ # In versions before 15.x, the FQDN is stored in /etc/hostname.
+ if test -n "$has_hostnamectl" && test "$os_major" -ge 15 \
+ && test "$os_major" -ne 42
+ then
+ name_should="${__target_host%%.*}"
+ else
+ name_should="${__target_host}"
+ fi
+ ;;
+ *)
+ # Hostname is only first component of FQDN on all other systems.
+ name_should="${__target_host%%.*}"
+ ;;
+ esac
+fi
+
+if test -n "$max_len" && test "$(printf '%s' "$name_should" | wc -c)" -gt "$max_len"
+then
+ printf "Host name too long. Up to %u characters allowed.\n" "${max_len}" >&2
+ exit 1
+fi
+
+case $os
+in
+ alpine|debian|devuan|ubuntu|void)
+ echo "$name_should" | __file /etc/hostname --source -
+ ;;
+ archlinux)
+ if test -n "$has_hostnamectl"
+ then
+ set_hostname_systemd "$name_should"
+ else
+ echo 'Ancient ArchLinux variants without hostnamectl are not supported.' >&2
+ exit 1
+ # Only for ancient ArchLinux, write to /etc/rc.conf on pre-systemd
+ # versions. There are some versions which use /etc/hostname but not
+ # systemd. It is unclear which ones these are.
+
+ # __key_value '/etc/rc.conf:HOSTNAME' \
+ # --file /etc/rc.conf \
+ # --delimiter '=' --exact_delimiter \
+ # --key 'HOSTNAME' \
+ # --value "\"$name_should\""
+ fi
+ ;;
+ centos|fedora|redhat|scientific)
+ if test -z "$has_hostnamectl"
+ then
+ # Only write to /etc/sysconfig/network on non-systemd versions.
+ # On systemd-based versions this entry is ignored.
+ __key_value '/etc/sysconfig/network:HOSTNAME' \
+ --file /etc/sysconfig/network \
+ --delimiter '=' --exact_delimiter \
+ --key HOSTNAME \
+ --value "\"$name_should\""
+ else
+ set_hostname_systemd "$name_should"
+ fi
+ ;;
+ gentoo)
+ # Only write to /etc/conf.d/hostname on OpenRC-based installations.
+ # On systemd use hostnamectl(1) in gencode-remote.
+ if test -z "$has_hostnamectl"
+ then
+ __key_value '/etc/conf.d/hostname:hostname' \
+ --file /etc/conf.d/hostname \
+ --delimiter '=' --exact_delimiter \
+ --key 'hostname' \
+ --value "\"$name_should\""
+ else
+ set_hostname_systemd "$name_should"
+ fi
+ ;;
+ freebsd)
+ __key_value '/etc/rc.conf:hostname' \
+ --file /etc/rc.conf \
+ --delimiter '=' --exact_delimiter \
+ --key 'hostname' \
+ --value "\"$name_should\""
+ ;;
+ macosx)
+ # handled in gencode-remote
+ :
+ ;;
+ netbsd)
+ __key_value '/etc/rc.conf:hostname' \
+ --file /etc/rc.conf \
+ --delimiter '=' --exact_delimiter \
+ --key 'hostname' \
+ --value "\"$name_should\""
+
+ # To avoid confusion, ensure that the hostname is only stored once.
+ __file /etc/myname --state absent
+ ;;
+ openbsd)
+ echo "$name_should" | __file /etc/myname --source -
+ ;;
+ slackware)
+ # We write the FQDN into /etc/HOSTNAME. But /etc/rc.d/rc.M will only
+ # read the first component from this file and set it as the running
+ # hostname on boot.
+ echo "$name_should" | __file /etc/HOSTNAME --source -
+ ;;
+ solaris)
+ echo "$name_should" | __file /etc/nodename --source -
+ ;;
+ suse|opensuse-leap)
+ # Modern SuSE provides /etc/HOSTNAME as a symlink for
+ # backwards-compatibility. Unfortunately it cannot be used
+ # here as __file does not follow the symlink.
+ # Therefore, we use the presence of the hostnamectl binary as
+ # an indication of which file to use. This unfortunately does
+ # not work correctly on openSUSE 12.x which provides
+ # hostnamectl but not /etc/hostname.
+
+ if test -n "$has_hostnamectl" -a "$os_major" -gt 12
+ then
+ hostname_file='/etc/hostname'
+ else
+ hostname_file='/etc/HOSTNAME'
+ fi
+
+ echo "$name_should" | __file "$hostname_file" --source -
+ ;;
+ *)
+ # On other operating systems we fall back to systemd's
+ # hostnamectl if available…
+ if test -n "$has_hostnamectl"
+ then
+ set_hostname_systemd "$name_should"
+ else
+ not_supported
+ fi
+ ;;
+esac
diff --git a/cdist/conf/type/__hostname/parameter/optional b/cdist/conf/type/__hostname/parameter/optional
new file mode 100644
index 00000000..f121bdbf
--- /dev/null
+++ b/cdist/conf/type/__hostname/parameter/optional
@@ -0,0 +1 @@
+name
diff --git a/cdist/conf/type/__hostname/singleton b/cdist/conf/type/__hostname/singleton
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__hosts/man.rst b/cdist/conf/type/__hosts/man.rst
new file mode 100644
index 00000000..bece7967
--- /dev/null
+++ b/cdist/conf/type/__hosts/man.rst
@@ -0,0 +1,55 @@
+cdist-type__hosts(7)
+====================
+
+NAME
+----
+
+cdist-type__hosts - manage entries in /etc/hosts
+
+DESCRIPTION
+-----------
+
+Add or remove entries from */etc/hosts* file.
+
+OPTIONAL PARAMETERS
+-------------------
+
+state
+ If state is ``present``, make *object_id* resolve to *ip*. If
+ state is ``absent``, *object_id* will no longer resolve via
+ */etc/hosts*, if it was previously configured with this type.
+ Manually inserted entries are unaffected.
+
+ip
+ IP address, to which hostname (=\ *object_id*) must resolve. If
+ state is ``present``, this parameter is mandatory, if state is
+ ``absent``, this parameter is silently ignored.
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Now `funny' resolves to 192.168.1.76,
+ __hosts funny --ip 192.168.1.76
+ # and `happy' no longer resolve via /etc/hosts if it was
+ # previously configured via __hosts.
+ __hosts happy --state absent
+
+SEE ALSO
+--------
+
+:strong:`hosts`\ (5)
+
+AUTHORS
+-------
+
+Dmitry Bogatov
+
+
+COPYING
+-------
+
+Copyright (C) 2015,2016 Dmitry Bogatov. Free use of this software is granted
+under the terms of the GNU General Public License version 3 or later
+(GPLv3+).
diff --git a/cdist/conf/type/__hosts/manifest b/cdist/conf/type/__hosts/manifest
new file mode 100755
index 00000000..c536b83b
--- /dev/null
+++ b/cdist/conf/type/__hosts/manifest
@@ -0,0 +1,29 @@
+#!/bin/sh -e
+# Copyright (C) 2015 Bogatov Dmitry
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see .
+set -ue
+
+hostname="$__object_id"
+state="$(cat "$__object/parameter/state")"
+marker="# __hosts/$hostname"
+
+set -- "__hosts/$hostname" --file /etc/hosts --state "$state"
+
+if [ "$state" = absent ] ; then
+ __line "$@" --regex "$marker"
+else
+ ip="$(cat "$__object/parameter/ip")"
+ __line "$@" --line "$ip $hostname $marker"
+fi
diff --git a/cdist/conf/type/__hosts/parameter/default/state b/cdist/conf/type/__hosts/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__hosts/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__hosts/parameter/optional b/cdist/conf/type/__hosts/parameter/optional
new file mode 100644
index 00000000..411fc5d2
--- /dev/null
+++ b/cdist/conf/type/__hosts/parameter/optional
@@ -0,0 +1,2 @@
+state
+ip
diff --git a/cdist/conf/type/__install_bootloader_grub/explorer/target_os b/cdist/conf/type/__install_bootloader_grub/explorer/target_os
new file mode 100755
index 00000000..f235710a
--- /dev/null
+++ b/cdist/conf/type/__install_bootloader_grub/explorer/target_os
@@ -0,0 +1,100 @@
+#!/bin/sh
+#
+# 2010-2011 Nico Schottelius (nico-cdist at schottelius.org)
+# 2014 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# All os variables are lower case. Keep this file in alphabetical
+# order by os variable except in cases where order otherwise matters,
+# in which case keep the primary os and its derivatives together in
+# a block (see Debian and Redhat examples below).
+#
+
+chroot="$(cat "$__object/parameter/chroot")"
+
+if grep -q ^Amazon "$chroot/etc/system-release" 2>/dev/null; then
+ echo amazon
+ exit 0
+fi
+
+if [ -f "$chroot/etc/arch-release" ]; then
+ echo archlinux
+ exit 0
+fi
+
+if [ -f "$chroot/etc/cdist-preos" ]; then
+ echo cdist-preos
+ exit 0
+fi
+
+### Debian and derivatives
+if grep -q ^DISTRIB_ID=Ubuntu "$chroot/etc/lsb-release" 2>/dev/null; then
+ echo ubuntu
+ exit 0
+fi
+
+if [ -f "$chroot/etc/debian_version" ]; then
+ echo debian
+ exit 0
+fi
+###
+
+if [ -f "$chroot/etc/gentoo-release" ]; then
+ echo gentoo
+ exit 0
+fi
+
+if [ -f "$chroot/etc/openwrt_version" ]; then
+ echo openwrt
+ exit 0
+fi
+
+if [ -f "$chroot/etc/owl-release" ]; then
+ echo owl
+ exit 0
+fi
+
+### Redhat and derivatives
+if grep -q ^CentOS "$chroot/etc/redhat-release" 2>/dev/null; then
+ echo centos
+ exit 0
+fi
+
+if grep -q ^Fedora "$chroot/etc/redhat-release" 2>/dev/null; then
+ echo fedora
+ exit 0
+fi
+
+if [ -f "$chroot/etc/redhat-release" ]; then
+ echo redhat
+ exit 0
+fi
+###
+
+if [ -f "$chroot/etc/SuSE-release" ]; then
+ echo suse
+ exit 0
+fi
+
+if [ -f "$chroot/etc/slackware-version" ]; then
+ echo slackware
+ exit 0
+fi
+
+echo "Unknown OS" >&2
+exit 1
diff --git a/cdist/conf/type/__install_bootloader_grub/gencode-remote b/cdist/conf/type/__install_bootloader_grub/gencode-remote
new file mode 100755
index 00000000..1caebbbf
--- /dev/null
+++ b/cdist/conf/type/__install_bootloader_grub/gencode-remote
@@ -0,0 +1,97 @@
+#!/bin/sh -e
+#
+# 2011-2015 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+device="$(cat "$__object/parameter/device" 2>/dev/null || echo "/$__object_id")"
+chroot="$(cat "$__object/parameter/chroot")"
+
+target_os=$(cat "$__object/explorer/target_os")
+
+mkdir "$__object/files"
+install_script="$__object/files/install_script"
+# Link file descriptor #6 with stdout
+exec 6>&1
+# Link stdout with $install_script
+exec > "$install_script"
+
+# Generate script to install bootloader on distro
+printf '#!/bin/sh -l\n'
+
+case "$target_os" in
+ ubuntu|debian)
+ if [ -s "$__global/explorer/efi" ]; then
+ # FIXME: untested. maybe also just run update-grub for EFI system?
+ printf 'grub-mkconfig --output=/boot/efi/EFI/%s/grub.cfg\n' "$target_os"
+ printf 'mkdir -p /boot/efi/EFI/BOOT\n'
+ printf 'cp /boot/efi/EFI/%s/grubx64.efi /boot/efi/EFI/BOOT/bootx64.efi' "$target_os"
+ else
+ printf 'grub-install "%s"\n' "$device"
+ printf 'update-grub\n'
+ fi
+ ;;
+ archlinux)
+ if [ -s "$__global/explorer/efi" ]; then
+ echo "EFI boot loader installation is on your operating system ($target_os) is currently not supported by this type (${__type##*/})." >&2
+ echo "Please contribute an implementation for it if you can." >&2
+ exit 1
+ else
+ printf 'grub-install "%s"\n' "$device"
+ # bugfix/workarround: rebuild initramfs
+ # FIXME: doesn't belong here
+ printf 'mkinitcpio -p linux\n'
+ printf 'grub-mkconfig -o /boot/grub/grub.cfg\n'
+ fi
+ ;;
+ centos)
+ if [ -s "$__global/explorer/efi" ]; then
+ printf 'grub2-mkconfig --output=/boot/efi/EFI/%s/grub.cfg\n' "$target_os"
+ printf 'mkdir -p /boot/efi/EFI/BOOT\n'
+ printf 'cp /boot/efi/EFI/%s/grubx64.efi /boot/efi/EFI/BOOT/bootx64.efi' "$target_os"
+ else
+ printf 'grub2-install "%s"\n' "$device"
+ printf 'grub2-mkconfig --output=/boot/grub2/grub.cfg\n'
+ fi
+ ;;
+ *)
+ echo "Your operating system ($target_os) is currently not supported by this type (${__type##*/})." >&2
+ echo "If you can, please contribute an implementation for it." >&2
+ exit 1
+ ;;
+esac
+# Restore stdout and close file descriptor #6.
+exec 1>&6 6>&-
+
+
+cat << DONE
+# Ensure /tmp exists
+[ -d "${chroot}/tmp" ] || mkdir -m 1777 "${chroot}/tmp"
+# Generate script to run in chroot
+script=\$(mktemp "${chroot}/tmp/${__type##*/}.XXXXXXXXXX")
+cat > \$script << script_DONE
+$(cat "$install_script")
+script_DONE
+
+# Make script executable
+chmod +x "\$script"
+
+# Run script in chroot
+relative_script="\${script#$chroot}"
+chroot "$chroot" "\$relative_script"
+rm -rf \$script
+DONE
diff --git a/cdist/conf/type/__install_bootloader_grub/install b/cdist/conf/type/__install_bootloader_grub/install
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__install_bootloader_grub/man.rst b/cdist/conf/type/__install_bootloader_grub/man.rst
new file mode 100644
index 00000000..625db1d2
--- /dev/null
+++ b/cdist/conf/type/__install_bootloader_grub/man.rst
@@ -0,0 +1,48 @@
+cdist-type__install_bootloader_grub(7)
+======================================
+
+NAME
+----
+cdist-type__install_bootloader_grub - install grub2 bootloader on given disk
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to install grub2 bootloader on given disk.
+
+
+REQUIRED PARAMETERS
+-------------------
+None
+
+
+OPTIONAL PARAMETERS
+-------------------
+device
+ The device to install grub to. Defaults to object_id
+
+chroot
+ where to chroot before running grub-install. Defaults to /target.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __install_bootloader_grub /dev/sda
+
+ __install_bootloader_grub /dev/sda --chroot /mnt/foobar
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2011 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__install_bootloader_grub/parameter/default/chroot b/cdist/conf/type/__install_bootloader_grub/parameter/default/chroot
new file mode 100644
index 00000000..ea8c4bf7
--- /dev/null
+++ b/cdist/conf/type/__install_bootloader_grub/parameter/default/chroot
@@ -0,0 +1 @@
+/target
diff --git a/cdist/conf/type/__install_bootloader_grub/parameter/optional b/cdist/conf/type/__install_bootloader_grub/parameter/optional
new file mode 100644
index 00000000..0bd1ce46
--- /dev/null
+++ b/cdist/conf/type/__install_bootloader_grub/parameter/optional
@@ -0,0 +1,2 @@
+device
+chroot
diff --git a/cdist/conf/type/__install_chroot_mount/gencode-local b/cdist/conf/type/__install_chroot_mount/gencode-local
new file mode 120000
index 00000000..68dcbd6a
--- /dev/null
+++ b/cdist/conf/type/__install_chroot_mount/gencode-local
@@ -0,0 +1 @@
+../__chroot_mount/gencode-local
\ No newline at end of file
diff --git a/cdist/conf/type/__install_chroot_mount/gencode-remote b/cdist/conf/type/__install_chroot_mount/gencode-remote
new file mode 120000
index 00000000..b1a5485e
--- /dev/null
+++ b/cdist/conf/type/__install_chroot_mount/gencode-remote
@@ -0,0 +1 @@
+../__chroot_mount/gencode-remote
\ No newline at end of file
diff --git a/cdist/conf/type/__install_chroot_mount/install b/cdist/conf/type/__install_chroot_mount/install
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__install_chroot_mount/man.rst b/cdist/conf/type/__install_chroot_mount/man.rst
new file mode 100644
index 00000000..4054c4c4
--- /dev/null
+++ b/cdist/conf/type/__install_chroot_mount/man.rst
@@ -0,0 +1,42 @@
+cdist-type__install_chroot_mount(7)
+===================================
+
+NAME
+----
+cdist-type__install_chroot_mount - mount a chroot with install command
+
+
+DESCRIPTION
+-----------
+Mount and prepare a chroot for running commands within it.
+
+
+REQUIRED PARAMETERS
+-------------------
+None
+
+
+OPTIONAL PARAMETERS
+-------------------
+None
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __install_chroot_mount /path/to/chroot
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2012 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__install_chroot_mount/parameter b/cdist/conf/type/__install_chroot_mount/parameter
new file mode 120000
index 00000000..5b5c9e20
--- /dev/null
+++ b/cdist/conf/type/__install_chroot_mount/parameter
@@ -0,0 +1 @@
+../__chroot_mount/parameter
\ No newline at end of file
diff --git a/cdist/conf/type/__install_chroot_umount/gencode-remote b/cdist/conf/type/__install_chroot_umount/gencode-remote
new file mode 120000
index 00000000..f2bd2681
--- /dev/null
+++ b/cdist/conf/type/__install_chroot_umount/gencode-remote
@@ -0,0 +1 @@
+../__chroot_umount/gencode-remote
\ No newline at end of file
diff --git a/cdist/conf/type/__install_chroot_umount/install b/cdist/conf/type/__install_chroot_umount/install
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__install_chroot_umount/man.rst b/cdist/conf/type/__install_chroot_umount/man.rst
new file mode 100644
index 00000000..2e020c01
--- /dev/null
+++ b/cdist/conf/type/__install_chroot_umount/man.rst
@@ -0,0 +1,47 @@
+cdist-type__install_chroot_umount(7)
+====================================
+
+NAME
+----
+cdist-type__install_chroot_umount - unmount a chroot mounted by __install_chroot_mount
+
+
+DESCRIPTION
+-----------
+Undo what __install_chroot_mount did.
+
+
+REQUIRED PARAMETERS
+-------------------
+None
+
+
+OPTIONAL PARAMETERS
+-------------------
+None
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __install_chroot_umount /path/to/chroot
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__install_chroot_mount`\ (7)
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2012 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__install_chroot_umount/manifest b/cdist/conf/type/__install_chroot_umount/manifest
new file mode 120000
index 00000000..f17af67a
--- /dev/null
+++ b/cdist/conf/type/__install_chroot_umount/manifest
@@ -0,0 +1 @@
+../__chroot_umount/manifest
\ No newline at end of file
diff --git a/cdist/conf/type/__install_chroot_umount/parameter b/cdist/conf/type/__install_chroot_umount/parameter
new file mode 120000
index 00000000..4148bcd0
--- /dev/null
+++ b/cdist/conf/type/__install_chroot_umount/parameter
@@ -0,0 +1 @@
+../__chroot_umount/parameter
\ No newline at end of file
diff --git a/cdist/conf/type/__install_config/files/remote/copy b/cdist/conf/type/__install_config/files/remote/copy
new file mode 100755
index 00000000..fa7fa9b7
--- /dev/null
+++ b/cdist/conf/type/__install_config/files/remote/copy
@@ -0,0 +1,48 @@
+#!/bin/sh -e
+#
+# 2011-2017 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# __remote_copy script to run cdist against a chroot on a remote host via ssh.
+#
+# Usage:
+# __remote_copy="/path/to/this/script /path/to/your/chroot" cdist config target-id
+#
+
+log() {
+ #echo "$@" | logger -t "__install_config copy"
+ :
+}
+
+chroot="$1"; shift
+target_host="$__target_host"
+
+# postfix target_host with chroot location
+code="$(echo "$@" | sed "s|$target_host:|$target_host:$chroot|g")"
+
+log "target_host: $target_host"
+log "chroot: $chroot"
+log "@: $*"
+log "code: $code"
+
+# copy files into chroot
+# __default_remote_copy and code should be split
+# shellcheck disable=SC2086
+$__default_remote_copy $code
+
+log "-----"
diff --git a/cdist/conf/type/__install_config/files/remote/exec b/cdist/conf/type/__install_config/files/remote/exec
new file mode 100755
index 00000000..c2057ebf
--- /dev/null
+++ b/cdist/conf/type/__install_config/files/remote/exec
@@ -0,0 +1,52 @@
+#!/bin/sh -e
+#
+# 2011-2017 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# __remote_exec script to run cdist against a chroot on a remote host via ssh.
+#
+# Usage:
+# __remote_exec="/path/to/this/script /path/to/your/chroot" cdist config target-id
+#
+
+log() {
+ #echo "$@" | logger -t "__install_config exec"
+ :
+}
+
+chroot="$1"; shift
+target_host="$__target_host"
+# In exec mode the first argument is the __target_host which we already got from env. Get rid of it.
+shift
+
+# escape ' with '"'"'
+code="$(echo "$@" | sed -e "s/'/'\"'\"'/g")"
+# shellcheck disable=SC2089
+code="chroot $chroot sh -e -c '$code'"
+
+log "target_host: $target_host"
+log "chroot: $chroot"
+log "@: $*"
+log "code: $code"
+
+# Run the code
+# __default_remote_exec and code should be split
+# shellcheck disable=SC2086,SC2090
+$__default_remote_exec "$target_host" $code
+
+log "-----"
diff --git a/cdist/conf/type/__install_config/gencode-local b/cdist/conf/type/__install_config/gencode-local
new file mode 100755
index 00000000..dd4f2a78
--- /dev/null
+++ b/cdist/conf/type/__install_config/gencode-local
@@ -0,0 +1,35 @@
+#!/bin/sh -e
+#
+# 2011-2018 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+chroot="$(cat "$__object/parameter/chroot")"
+remote_exec="$__type/files/remote/exec"
+remote_copy="$__type/files/remote/copy"
+
+cat << DONE
+export __cdist_install_config=yes
+export __cdist_log_level=$__cdist_log_level
+export __default_remote_exec="$__remote_exec"
+export __default_remote_copy="$__remote_copy"
+cdist config \
+ --remote-exec="$remote_exec $chroot" \
+ --remote-copy="$remote_copy $chroot" \
+ $__target_host
+DONE
+
diff --git a/cdist/conf/type/__install_config/install b/cdist/conf/type/__install_config/install
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__install_config/man.rst b/cdist/conf/type/__install_config/man.rst
new file mode 100644
index 00000000..0034e85d
--- /dev/null
+++ b/cdist/conf/type/__install_config/man.rst
@@ -0,0 +1,47 @@
+cdist-type__install_config(7)
+=============================
+
+NAME
+----
+cdist-type__install_config - run cdist config as part of the installation
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to run cdist config as part of the installation.
+It does this by using a custom __remote_{copy,exec} prefix which runs
+cdist config against the /target chroot on the remote host.
+
+
+REQUIRED PARAMETERS
+-------------------
+None
+
+
+OPTIONAL PARAMETERS
+-------------------
+chroot
+ where to chroot before running grub-install. Defaults to /target.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __install_config
+
+ __install_config --chroot /mnt/somewhere
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2011 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__install_config/parameter/default/chroot b/cdist/conf/type/__install_config/parameter/default/chroot
new file mode 100644
index 00000000..ea8c4bf7
--- /dev/null
+++ b/cdist/conf/type/__install_config/parameter/default/chroot
@@ -0,0 +1 @@
+/target
diff --git a/cdist/conf/type/__install_config/parameter/optional b/cdist/conf/type/__install_config/parameter/optional
new file mode 100644
index 00000000..fa32393d
--- /dev/null
+++ b/cdist/conf/type/__install_config/parameter/optional
@@ -0,0 +1 @@
+chroot
diff --git a/cdist/conf/type/__install_config/singleton b/cdist/conf/type/__install_config/singleton
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__install_coreos/gencode-remote b/cdist/conf/type/__install_coreos/gencode-remote
new file mode 100755
index 00000000..f550b5a5
--- /dev/null
+++ b/cdist/conf/type/__install_coreos/gencode-remote
@@ -0,0 +1,19 @@
+#!/bin/sh -e
+
+device=$(cat "${__object:?}/parameter/device")
+ignition=$(cat "${__object}/parameter/ignition")
+
+cat < "\${ignition_file}" << eof
+$(base64 "${ignition}")
+eof
+
+coreos-install -d "${device}" \
+ \$(if [ -s "\${ignition_file}" ]; then
+ printf -- "-i \${ignition_file}\\n"
+ fi)
+
+rm "\${ignition_file}"
+EOF
diff --git a/cdist/conf/type/__install_coreos/install b/cdist/conf/type/__install_coreos/install
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__install_coreos/man.rst b/cdist/conf/type/__install_coreos/man.rst
new file mode 100644
index 00000000..314f9f2a
--- /dev/null
+++ b/cdist/conf/type/__install_coreos/man.rst
@@ -0,0 +1,50 @@
+cdist-type__install_coreos(7)
+=============================
+
+NAME
+----
+
+cdist-type__install_coreos - Install CoreOS
+
+DESCRIPTION
+-----------
+
+This type installs CoreOS to a given device using coreos-install_, which is
+present in CoreOS ISO by default.
+
+.. _coreos-install: https://raw.githubusercontent.com/coreos/init/master/bin/coreos-install
+
+REQUIRED PARAMETERS
+-------------------
+
+device
+ A device CoreOS will be installed to.
+
+OPTIONAL PARAMETERS
+-------------------
+
+ignition
+ Path to ignition config.
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __install_coreos \
+ --device /dev/sda \
+ --ignition ignition.json
+
+
+AUTHORS
+-------
+
+Ľubomír Kučera
+
+COPYING
+-------
+
+Copyright \(C) 2018 Ľubomír Kučera. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__install_coreos/parameter/default/ignition b/cdist/conf/type/__install_coreos/parameter/default/ignition
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__install_coreos/parameter/optional b/cdist/conf/type/__install_coreos/parameter/optional
new file mode 100644
index 00000000..df284caa
--- /dev/null
+++ b/cdist/conf/type/__install_coreos/parameter/optional
@@ -0,0 +1 @@
+ignition
diff --git a/cdist/conf/type/__install_coreos/parameter/required b/cdist/conf/type/__install_coreos/parameter/required
new file mode 100644
index 00000000..f89ee6a8
--- /dev/null
+++ b/cdist/conf/type/__install_coreos/parameter/required
@@ -0,0 +1 @@
+device
diff --git a/cdist/conf/type/__install_coreos/singleton b/cdist/conf/type/__install_coreos/singleton
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__install_directory/explorer b/cdist/conf/type/__install_directory/explorer
new file mode 120000
index 00000000..ba2591e1
--- /dev/null
+++ b/cdist/conf/type/__install_directory/explorer
@@ -0,0 +1 @@
+../__directory/explorer
\ No newline at end of file
diff --git a/cdist/conf/type/__install_directory/gencode-remote b/cdist/conf/type/__install_directory/gencode-remote
new file mode 120000
index 00000000..c86d61c9
--- /dev/null
+++ b/cdist/conf/type/__install_directory/gencode-remote
@@ -0,0 +1 @@
+../__directory/gencode-remote
\ No newline at end of file
diff --git a/cdist/conf/type/__install_directory/install b/cdist/conf/type/__install_directory/install
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__install_directory/man.rst b/cdist/conf/type/__install_directory/man.rst
new file mode 100644
index 00000000..c402cbad
--- /dev/null
+++ b/cdist/conf/type/__install_directory/man.rst
@@ -0,0 +1,101 @@
+cdist-type__install_directory(7)
+================================
+
+NAME
+----
+cdist-type__install_directory - Manage a directory with install command
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to create or remove directories on the target.
+
+
+REQUIRED PARAMETERS
+-------------------
+None.
+
+
+OPTIONAL PARAMETERS
+-------------------
+state
+ 'present' or 'absent', defaults to 'present'
+
+group
+ Group to chgrp to.
+
+mode
+ Unix permissions, suitable for chmod.
+
+owner
+ User to chown to.
+
+
+BOOLEAN PARAMETERS
+------------------
+parents
+ Whether to create parents as well (mkdir -p behaviour).
+ Warning: all intermediate directory permissions default
+ to whatever mkdir -p does.
+
+ Usually this means root:root, 0700.
+
+recursive
+ If supplied the chgrp and chown call will run recursively.
+ This does *not* influence the behaviour of chmod.
+
+MESSAGES
+--------
+chgrp
+ Changed group membership
+chown
+ Changed owner
+chmod
+ Changed mode
+create
+ Empty directory was created
+remove
+ Directory exists, but state is absent, directory will be removed by generated code.
+remove non directory
+ Something other than a directory with the same name exists and was removed prior to create.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # A silly example
+ __install_directory /tmp/foobar
+
+ # Remove a directory
+ __install_directory /tmp/foobar --state absent
+
+ # Ensure /etc exists correctly
+ __install_directory /etc --owner root --group root --mode 0755
+
+ # Create nfs service directory, including parents
+ __install_directory /home/services/nfs --parents
+
+ # Change permissions recursively
+ __install_directory /home/services --recursive --owner root --group root
+
+ # Setup a temp directory
+ __install_directory /local --mode 1777
+
+ # Take it all
+ __install_directory /home/services/kvm --recursive --parents \
+ --owner root --group root --mode 0755 --state present
+
+
+AUTHORS
+-------
+Nico Schottelius
+
+
+COPYING
+-------
+Copyright \(C) 2011 Nico Schottelius. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__install_directory/parameter b/cdist/conf/type/__install_directory/parameter
new file mode 120000
index 00000000..e23d9672
--- /dev/null
+++ b/cdist/conf/type/__install_directory/parameter
@@ -0,0 +1 @@
+../__directory/parameter
\ No newline at end of file
diff --git a/cdist/conf/type/__install_file/explorer b/cdist/conf/type/__install_file/explorer
new file mode 120000
index 00000000..8479ee44
--- /dev/null
+++ b/cdist/conf/type/__install_file/explorer
@@ -0,0 +1 @@
+../__file/explorer
\ No newline at end of file
diff --git a/cdist/conf/type/__install_file/gencode-local b/cdist/conf/type/__install_file/gencode-local
new file mode 120000
index 00000000..9ce4e805
--- /dev/null
+++ b/cdist/conf/type/__install_file/gencode-local
@@ -0,0 +1 @@
+../__file/gencode-local
\ No newline at end of file
diff --git a/cdist/conf/type/__install_file/gencode-remote b/cdist/conf/type/__install_file/gencode-remote
new file mode 120000
index 00000000..f390bba4
--- /dev/null
+++ b/cdist/conf/type/__install_file/gencode-remote
@@ -0,0 +1 @@
+../__file/gencode-remote
\ No newline at end of file
diff --git a/cdist/conf/type/__install_file/install b/cdist/conf/type/__install_file/install
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__install_file/man.rst b/cdist/conf/type/__install_file/man.rst
new file mode 100644
index 00000000..977ed77c
--- /dev/null
+++ b/cdist/conf/type/__install_file/man.rst
@@ -0,0 +1,124 @@
+cdist-type__install_file(7)
+===========================
+
+NAME
+----
+cdist-type__install_file - Manage files with install command.
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to create files, remove files and set file
+attributes on the target.
+
+If the file already exists on the target, then if it is a:
+
+regular file, and state is:
+ present
+ replace it with the source file if they are not equal
+ exists
+ do nothing
+symlink
+ replace it with the source file
+directory
+ replace it with the source file
+
+One exception is that when state is pre-exists, an error is raised if
+the file would have been created otherwise (e.g. it is not present or
+not a regular file).
+
+In any case, make sure that the file attributes are as specified.
+
+
+REQUIRED PARAMETERS
+-------------------
+None.
+
+OPTIONAL PARAMETERS
+-------------------
+state
+ 'present', 'absent', 'exists' or 'pre-exists', defaults to 'present' where:
+
+ present
+ the file is exactly the one from source
+ absent
+ the file does not exist
+ exists
+ the file from source but only if it doesn't already exist
+ pre-exists
+ check that the file exists and is a regular file, but do not
+ create or modify it
+
+group
+ Group to chgrp to.
+
+mode
+ Unix permissions, suitable for chmod.
+
+owner
+ User to chown to.
+
+source
+ If supplied, copy this file from the host running cdist to the target.
+ If not supplied, an empty file or directory will be created.
+ If source is '-' (dash), take what was written to stdin as the file content.
+
+onchange
+ The code to run if file is modified.
+
+MESSAGES
+--------
+chgrp
+ Changed group membership
+chown
+ Changed owner
+chmod
+ Changed mode
+create
+ Empty file was created (no --source specified)
+remove
+ File exists, but state is absent, file will be removed by generated code.
+upload
+ File was uploaded
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Create /etc/cdist-configured as an empty file
+ __install_file /etc/cdist-configured
+ # The same thing
+ __install_file /etc/cdist-configured --state present
+ # Use __file from another type
+ __install_file /etc/issue --source "$__type/files/archlinux" --state present
+ # Delete existing file
+ __install_file /etc/cdist-configured --state absent
+ # Supply some more settings
+ __install_file /etc/shadow --source "$__type/files/shadow" \
+ --owner root --group shadow --mode 0640 \
+ --state present
+ # Provide a default file, but let the user change it
+ __install_file /home/frodo/.bashrc --source "/etc/skel/.bashrc" \
+ --state exists \
+ --owner frodo --mode 0600
+ # Check that the file is present, show an error when it is not
+ __install_file /etc/somefile --state pre-exists
+ # Take file content from stdin
+ __install_file /tmp/whatever --owner root --group root --mode 644 --source - << DONE
+ Here goes the content for /tmp/whatever
+ DONE
+
+
+AUTHORS
+-------
+Nico Schottelius
+
+
+COPYING
+-------
+Copyright \(C) 2011-2013 Nico Schottelius. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__install_file/parameter b/cdist/conf/type/__install_file/parameter
new file mode 120000
index 00000000..e5099e86
--- /dev/null
+++ b/cdist/conf/type/__install_file/parameter
@@ -0,0 +1 @@
+../__file/parameter
\ No newline at end of file
diff --git a/cdist/conf/type/__install_fstab/install b/cdist/conf/type/__install_fstab/install
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__install_fstab/man.rst b/cdist/conf/type/__install_fstab/man.rst
new file mode 100644
index 00000000..5562c139
--- /dev/null
+++ b/cdist/conf/type/__install_fstab/man.rst
@@ -0,0 +1,53 @@
+cdist-type__install_fstab(7)
+============================
+
+NAME
+----
+cdist-type__install_fstab - generate /etc/fstab during installation
+
+
+DESCRIPTION
+-----------
+Uses __install_generate_fstab to generate a /etc/fstab file and uploads it
+to the target machine at ${prefix}/etc/fstab.
+
+
+REQUIRED PARAMETERS
+-------------------
+None
+
+
+OPTIONAL PARAMETERS
+-------------------
+prefix
+ The prefix under which to generate the /etc/fstab file.
+ Defaults to /target.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __install_fstab
+
+ __install_fstab --prefix /mnt/target
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__install_generate_fstab`\ (7),
+:strong:`cdist-type__install_mount`\ (7)
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2011 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__install_fstab/manifest b/cdist/conf/type/__install_fstab/manifest
new file mode 100755
index 00000000..c5d24f3c
--- /dev/null
+++ b/cdist/conf/type/__install_fstab/manifest
@@ -0,0 +1,29 @@
+#!/bin/sh -e
+#
+# 2011 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+prefix="$(cat "$__object/parameter/prefix" 2>/dev/null || echo "/target")"
+
+[ -d "$__object/files" ] || mkdir "$__object/files"
+__install_generate_fstab --uuid --destination "$__object/files/fstab"
+require="__install_generate_fstab" \
+ __install_file "${prefix}/etc/fstab" --source "$__object/files/fstab" \
+ --mode 644 \
+ --owner root \
+ --group root
diff --git a/cdist/conf/type/__install_fstab/parameter/optional b/cdist/conf/type/__install_fstab/parameter/optional
new file mode 100644
index 00000000..f73f3093
--- /dev/null
+++ b/cdist/conf/type/__install_fstab/parameter/optional
@@ -0,0 +1 @@
+file
diff --git a/cdist/conf/type/__install_fstab/singleton b/cdist/conf/type/__install_fstab/singleton
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__install_generate_fstab/files/fstab.header b/cdist/conf/type/__install_generate_fstab/files/fstab.header
new file mode 100644
index 00000000..7653cc78
--- /dev/null
+++ b/cdist/conf/type/__install_generate_fstab/files/fstab.header
@@ -0,0 +1 @@
+# Generated by cdist __install_generate_fstab
diff --git a/cdist/conf/type/__install_generate_fstab/gencode-local b/cdist/conf/type/__install_generate_fstab/gencode-local
new file mode 100755
index 00000000..80455aaa
--- /dev/null
+++ b/cdist/conf/type/__install_generate_fstab/gencode-local
@@ -0,0 +1,65 @@
+#!/bin/sh -e
+#
+# 2011 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+destination="$(cat "$__object/parameter/destination")"
+cat "$__type/files/fstab.header" > "$destination"
+
+mkdir "$__object/files"
+# get current UUID's from target_host
+$__remote_exec "$__target_host" blkid > "$__object/files/blkid"
+
+find "$__global/object/__install_mount" -type d -name "$__cdist_object_marker" |
+while IFS= read -r object
+do
+ device="$(cat "$object/parameter/device")"
+ dir="$(cat "$object/parameter/dir")"
+ type="$(cat "$object/parameter/type")"
+ if [ -f "$object/parameter/options" ]; then
+ options="$(cat "$object/parameter/options")"
+ else
+ options="defaults"
+ fi
+ dump=0
+ case "$type" in
+ swap)
+ pass=0
+ dir="$type"
+ ;;
+ tmpfs)
+ pass=0
+ ;;
+ bind)
+ pass=0
+ type=none
+ options="bind,$options"
+ ;;
+ *)
+ pass=1
+ ;;
+ esac
+ if [ -f "$__object/parameter/uuid" ]; then
+ uuid="$(grep -w "$device" "$__object/files/blkid" | awk '{print $2}')"
+ if [ -n "$uuid" ]; then
+ echo "# $dir was on $device during installation" >> "$destination"
+ device="$uuid"
+ fi
+ fi
+ echo "$device $dir $type $options $dump $pass" >> "$destination"
+done
diff --git a/cdist/conf/type/__install_generate_fstab/install b/cdist/conf/type/__install_generate_fstab/install
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__install_generate_fstab/man.rst b/cdist/conf/type/__install_generate_fstab/man.rst
new file mode 100644
index 00000000..b38f8876
--- /dev/null
+++ b/cdist/conf/type/__install_generate_fstab/man.rst
@@ -0,0 +1,53 @@
+cdist-type__install_generate_fstab(7)
+=====================================
+
+NAME
+----
+cdist-type__install_generate_fstab - generate /etc/fstab during installation
+
+
+DESCRIPTION
+-----------
+Generates a /etc/fstab file from information retrieved from
+__install_mount definitions.
+
+
+REQUIRED PARAMETERS
+-------------------
+destination
+ The path where to store the generated fstab file.
+ Note that this is a path on the server, where cdist is running, not the target host.
+
+
+OPTIONAL PARAMETERS
+-------------------
+None
+
+
+BOOLEAN PARAMETERS
+-------------------
+uuid
+ use UUID instead of device in fstab
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __install_generate_fstab --destination /path/where/you/want/fstab
+
+ __install_generate_fstab --uuid --destination /path/where/you/want/fstab
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2012 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__install_generate_fstab/parameter/boolean b/cdist/conf/type/__install_generate_fstab/parameter/boolean
new file mode 100644
index 00000000..43ab6159
--- /dev/null
+++ b/cdist/conf/type/__install_generate_fstab/parameter/boolean
@@ -0,0 +1 @@
+uuid
diff --git a/cdist/conf/type/__install_generate_fstab/parameter/required b/cdist/conf/type/__install_generate_fstab/parameter/required
new file mode 100644
index 00000000..ac459b09
--- /dev/null
+++ b/cdist/conf/type/__install_generate_fstab/parameter/required
@@ -0,0 +1 @@
+destination
diff --git a/cdist/conf/type/__install_generate_fstab/singleton b/cdist/conf/type/__install_generate_fstab/singleton
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__install_mkfs/gencode-remote b/cdist/conf/type/__install_mkfs/gencode-remote
new file mode 100755
index 00000000..8fc2c98e
--- /dev/null
+++ b/cdist/conf/type/__install_mkfs/gencode-remote
@@ -0,0 +1,53 @@
+#!/bin/sh -e
+#
+# 2011-2013 Steven Armstrong (steven-cdist at armstrong.cc)
+# 2017 Nico Schottelius (nico-cdist at schottelius.org)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+device="$(cat "$__object/parameter/device")"
+type="$(cat "$__object/parameter/type")"
+
+case "$type" in
+ swap)
+ echo "mkswap -f $device"
+ exit 0
+ ;;
+ xfs)
+ command="mkfs.xfs -f -q"
+ ;;
+
+ vfat)
+ command="mkfs.vfat"
+ ;;
+
+ *)
+ command="mkfs -t $type -q"
+ ;;
+esac
+
+if [ -f "$__object/parameter/options" ]; then
+ options="$(cat "$__object/parameter/options")"
+ command="$command $options"
+fi
+
+command="$command $device"
+if [ -f "$__object/parameter/blocks" ]; then
+ blocks="$(cat "$__object/parameter/blocks")"
+ command="$command $blocks"
+fi
+echo "$command"
diff --git a/cdist/conf/type/__install_mkfs/install b/cdist/conf/type/__install_mkfs/install
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__install_mkfs/man.rst b/cdist/conf/type/__install_mkfs/man.rst
new file mode 100644
index 00000000..6e5c9aa9
--- /dev/null
+++ b/cdist/conf/type/__install_mkfs/man.rst
@@ -0,0 +1,62 @@
+cdist-type__install_mkfs(7)
+===========================
+
+NAME
+----
+cdist-type__install_mkfs - build a linux file system
+
+
+DESCRIPTION
+-----------
+This cdist type is a wrapper for the mkfs command.
+
+
+REQUIRED PARAMETERS
+-------------------
+type
+ The filesystem type to use. Same as used with mkfs -t.
+
+
+OPTIONAL PARAMETERS
+-------------------
+device
+ defaults to object_id
+
+options
+ file system-specific options to be passed to the mkfs command
+
+blocks
+ the number of blocks to be used for the file system
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # reiserfs /dev/sda5
+ __install_mkfs /dev/sda5 --type reiserfs
+
+ # same thing with explicit device
+ __install_mkfs whatever --device /dev/sda5 --type reiserfs
+
+ # jfs with journal on /dev/sda2
+ __install_mkfs /dev/sda1 --type jfs --options "-j /dev/sda2"
+
+
+SEE ALSO
+--------
+:strong:`mkfs`\ (8)
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2011 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__install_mkfs/manifest b/cdist/conf/type/__install_mkfs/manifest
new file mode 100755
index 00000000..b0a21dae
--- /dev/null
+++ b/cdist/conf/type/__install_mkfs/manifest
@@ -0,0 +1,25 @@
+#!/bin/sh -e
+#
+# 2011 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+# set defaults
+if [ ! -f "$__object/parameter/device" ]; then
+ device="/$__object_id"
+ echo "$device" > "$__object/parameter/device"
+fi
diff --git a/cdist/conf/type/__install_mkfs/parameter/optional b/cdist/conf/type/__install_mkfs/parameter/optional
new file mode 100644
index 00000000..86aeae30
--- /dev/null
+++ b/cdist/conf/type/__install_mkfs/parameter/optional
@@ -0,0 +1,3 @@
+device
+options
+blocks
diff --git a/cdist/conf/type/__install_mkfs/parameter/required b/cdist/conf/type/__install_mkfs/parameter/required
new file mode 100644
index 00000000..aa80e646
--- /dev/null
+++ b/cdist/conf/type/__install_mkfs/parameter/required
@@ -0,0 +1 @@
+type
diff --git a/cdist/conf/type/__install_mount/gencode-remote b/cdist/conf/type/__install_mount/gencode-remote
new file mode 100755
index 00000000..4415f0ff
--- /dev/null
+++ b/cdist/conf/type/__install_mount/gencode-remote
@@ -0,0 +1,68 @@
+#!/bin/sh -e
+#
+# 2011-2013 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+get_type_from_mkfs() {
+ _device="$1"
+ find "$__global/object/__install_mkfs" -type d -name "$__cdist_object_marker" |
+ while IFS= read -r mkfs_object
+ do
+ mkfs_device="$(cat "$mkfs_object/parameter/device")"
+ if [ "$_device" = "$mkfs_device" ]; then
+ cat "$mkfs_object/parameter/type"
+ break
+ fi
+ done
+ unset _device
+ unset mkfs_device
+ unset mkfs_object
+}
+
+device="$(cat "$__object/parameter/device")"
+dir="$(cat "$__object/parameter/dir")"
+prefix="$(cat "$__object/parameter/prefix")"
+if [ -f "$__object/parameter/type" ]; then
+ type="$(cat "$__object/parameter/type")"
+else
+ type="$(get_type_from_mkfs "$device")"
+ # store for later use by others
+ echo "$type" > "$__object/parameter/type"
+fi
+[ -n "$type" ] || {
+ echo "Can't determine type for $__object" >&2
+ exit 1
+}
+if [ "$type" = "swap" ]; then
+ printf 'swapon "%s"\n' "$device"
+else
+ mount_point="${prefix}${dir}"
+ printf '[ -d "%s" ] || mkdir -p "%s"\n' "$mount_point" "$mount_point"
+ printf 'mount'
+ if [ "$type" = "bind" ]; then
+ printf ' --bind'
+ device="${prefix}${device}"
+ else
+ printf ' -t "%s"' "$type"
+ fi
+ if [ -f "$__object/parameter/options" ]; then
+ printf ' -o %s' "$(cat "$__object/parameter/options")"
+ fi
+ printf ' "%s"' "$device"
+ printf ' "%s"\n' "$mount_point"
+fi
diff --git a/cdist/conf/type/__install_mount/install b/cdist/conf/type/__install_mount/install
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__install_mount/man.rst b/cdist/conf/type/__install_mount/man.rst
new file mode 100644
index 00000000..256cef53
--- /dev/null
+++ b/cdist/conf/type/__install_mount/man.rst
@@ -0,0 +1,65 @@
+cdist-type__install_mount(7)
+============================
+
+NAME
+----
+cdist-type__install_mount - mount filesystems in the installer
+
+
+DESCRIPTION
+-----------
+Mounts filesystems in the installer. Collects data to generate /etc/fstab.
+
+
+REQUIRED PARAMETERS
+-------------------
+device
+ the device to mount
+
+
+OPTIONAL PARAMETERS
+-------------------
+dir
+ where to mount device. Defaults to object_id.
+
+options
+ mount options passed to mount(8) and used in /etc/fstab
+
+type
+ filesystem type passed to mount(8) and used in /etc/fstab.
+ If type is swap, 'dir' is ignored.
+ Defaults to the filesystem used in __install_mkfs for the same 'device'.
+
+prefix
+ the prefix to prepend to 'dir' when mounting in the installer.
+ Defaults to /target.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __install_mount slash --dir / --device /dev/sda5 --options noatime
+ require="__install_mount/slash" __install_mount /boot --device /dev/sda1
+ __install_mount swap --device /dev/sda2 --type swap
+ require="__install_mount/slash" __install_mount /tmp --device tmpfs --type tmpfs
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__install_mkfs`\ (7),
+:strong:`cdist-type__install_mount_apply` (7)
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2011 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__install_mount/manifest b/cdist/conf/type/__install_mount/manifest
new file mode 100755
index 00000000..72fc26e2
--- /dev/null
+++ b/cdist/conf/type/__install_mount/manifest
@@ -0,0 +1,29 @@
+#!/bin/sh -e
+#
+# 2011 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+# set defaults
+if [ ! -f "$__object/parameter/dir" ]; then
+ dir="/$__object_id"
+ echo "$dir" > "$__object/parameter/dir"
+fi
+if [ ! -f "$__object/parameter/prefix" ]; then
+ prefix="/target"
+ echo "$prefix" > "$__object/parameter/prefix"
+fi
diff --git a/cdist/conf/type/__install_mount/parameter/optional b/cdist/conf/type/__install_mount/parameter/optional
new file mode 100644
index 00000000..08b6ad04
--- /dev/null
+++ b/cdist/conf/type/__install_mount/parameter/optional
@@ -0,0 +1,3 @@
+dir
+type
+options
diff --git a/cdist/conf/type/__install_mount/parameter/required b/cdist/conf/type/__install_mount/parameter/required
new file mode 100644
index 00000000..f89ee6a8
--- /dev/null
+++ b/cdist/conf/type/__install_mount/parameter/required
@@ -0,0 +1 @@
+device
diff --git a/cdist/conf/type/__install_partition_msdos/install b/cdist/conf/type/__install_partition_msdos/install
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__install_partition_msdos/man.rst b/cdist/conf/type/__install_partition_msdos/man.rst
new file mode 100644
index 00000000..c408a614
--- /dev/null
+++ b/cdist/conf/type/__install_partition_msdos/man.rst
@@ -0,0 +1,72 @@
+cdist-type__install_partition_msdos(7)
+======================================
+
+NAME
+----
+cdist-type__install_partition_msdos - creates msdos partitions
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to create msdos paritions.
+
+
+REQUIRED PARAMETERS
+-------------------
+type
+ the partition type used in fdisk (such as 82 or 83) or "extended"
+
+
+OPTIONAL PARAMETERS
+-------------------
+device
+ the device we're working on. Defaults to the string prefix of --partition
+
+minor
+ the partition number we're working on. Defaults to the numeric suffix of --partition
+
+partition
+ defaults to object_id
+
+bootable
+ mark partition as bootable, true or false, defaults to false
+
+size
+ the size of the partition (such as 32M or 15G, whole numbers
+ only), '+' for remaining space, or 'n%' for percentage of remaining
+ (these should only be used after all specific partition sizes are
+ specified). Defaults to +.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # 128MB, linux, bootable
+ __install_partition_msdos /dev/sda1 --type 83 --size 128M --bootable true
+ # 512MB, swap
+ __install_partition_msdos /dev/sda2 --type 82 --size 512M
+ # 100GB, extended
+ __install_partition_msdos /dev/sda3 --type extended --size 100G
+ # 10GB, linux
+ __install_partition_msdos /dev/sda5 --type 83 --size 10G
+ # 50% of the free space of the extended partition, linux
+ __install_partition_msdos /dev/sda6 --type 83 --size 50%
+ # rest of the extended partition, linux
+ __install_partition_msdos /dev/sda7 --type 83 --size +
+ # nvm device partition 2
+ __install_partition_msdos /dev/nvme0n1p2 --device /dev/nvme0n1 --minor 2 --type 83 --size 128M --bootable true
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2011-2017 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__install_partition_msdos/manifest b/cdist/conf/type/__install_partition_msdos/manifest
new file mode 100755
index 00000000..b32605fa
--- /dev/null
+++ b/cdist/conf/type/__install_partition_msdos/manifest
@@ -0,0 +1,46 @@
+#!/bin/sh -e
+#
+# 2011 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+# set defaults
+if [ -f "$__object/parameter/partition" ]; then
+ partition="(cat "$__object/parameter/partition")"
+else
+ partition="/$__object_id"
+ echo "$partition" > "$__object/parameter/partition"
+fi
+
+if [ ! -f "$__object/parameter/device" ]; then
+ device="$(echo "$partition" | sed 's/[0-9]//g')"
+ echo "$device" > "$__object/parameter/device"
+fi
+if [ ! -f "$__object/parameter/minor" ]; then
+ minor="$(echo "$partition" | sed 's/[^0-9]//g')"
+ echo "$minor" > "$__object/parameter/minor"
+fi
+
+if [ ! -f "$__object/parameter/bootable" ]; then
+ echo "false" > "$__object/parameter/bootable"
+fi
+if [ ! -f "$__object/parameter/size" ]; then
+ echo "+" > "$__object/parameter/size"
+fi
+
+# pull in the type that actually does something with the above parameters
+require="$__object_name" __install_partition_msdos_apply
diff --git a/cdist/conf/type/__install_partition_msdos/parameter/optional b/cdist/conf/type/__install_partition_msdos/parameter/optional
new file mode 100644
index 00000000..3b3f2083
--- /dev/null
+++ b/cdist/conf/type/__install_partition_msdos/parameter/optional
@@ -0,0 +1,5 @@
+device
+minor
+partition
+bootable
+size
diff --git a/cdist/conf/type/__install_partition_msdos/parameter/required b/cdist/conf/type/__install_partition_msdos/parameter/required
new file mode 100644
index 00000000..aa80e646
--- /dev/null
+++ b/cdist/conf/type/__install_partition_msdos/parameter/required
@@ -0,0 +1 @@
+type
diff --git a/cdist/conf/type/__install_partition_msdos_apply/explorer/partitions b/cdist/conf/type/__install_partition_msdos_apply/explorer/partitions
new file mode 100755
index 00000000..6be61af4
--- /dev/null
+++ b/cdist/conf/type/__install_partition_msdos_apply/explorer/partitions
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+cat /proc/partitions
diff --git a/cdist/conf/type/__install_partition_msdos_apply/files/lib.sh b/cdist/conf/type/__install_partition_msdos_apply/files/lib.sh
new file mode 100644
index 00000000..2db9a441
--- /dev/null
+++ b/cdist/conf/type/__install_partition_msdos_apply/files/lib.sh
@@ -0,0 +1,70 @@
+#!/bin/sh
+
+die() {
+ echo "[__install_partition_msdos_apply] $*" >&2
+ exit 1
+}
+debug() {
+ #echo "[__install_partition_msdos_apply] $*" >&2
+ :
+}
+
+fdisk_command() {
+ device="$1"
+ cmd="$2"
+
+ debug fdisk_command "running fdisk command '${cmd}' on device ${device}"
+ printf '%s\nw\n' "${cmd}" | fdisk -c -u "$device"
+ ret=$?
+ # give disk some time
+ sleep 1
+ return $ret
+}
+
+create_disklabel() {
+ device=$1
+
+ debug create_disklabel "creating new msdos disklabel"
+ fdisk_command "${device}" "o"
+ return $?
+}
+
+toggle_bootable() {
+ device="$1"
+ minor="$2"
+ fdisk_command "${device}" "a\\n${minor}\\n"
+ return $?
+}
+
+create_partition() {
+ device="$1"
+ minor="$2"
+ size="$3"
+ type="$4"
+ primary_count="$5"
+
+ if [ "$type" = "extended" ] || [ "$type" = "5" ]; then
+ # Extended partition
+ primary_extended='e\n'
+ first_minor="${minor}\\n"
+ [ "${minor}" = "4" ] && first_minor=""
+ type_minor="${minor}\\n"
+ [ "${minor}" = "1" ] && type_minor=""
+ type="5"
+ elif [ "${minor}" -lt "5" ]; then
+ primary_extended='p\n'
+ first_minor="${minor}\\n"
+ [ "${minor}" = "4" ] && first_minor=""
+ type_minor="${minor}\\n"
+ [ "${minor}" = "1" ] && type_minor=""
+ else
+ # Logical partitions
+ first_minor="${minor}\\n"
+ type_minor="${minor}\\n"
+ primary_extended='l\n'
+ [ "$primary_count" -gt "3" ] && primary_extended=""
+ fi
+ [ -n "${size}" ] && size="+${size}M"
+ fdisk_command "${device}" "n\\n${primary_extended}${first_minor}\\n${size}\\nt\\n${type_minor}${type}\\n"
+ return $?
+}
diff --git a/cdist/conf/type/__install_partition_msdos_apply/gencode-remote b/cdist/conf/type/__install_partition_msdos_apply/gencode-remote
new file mode 100755
index 00000000..a0b46b2d
--- /dev/null
+++ b/cdist/conf/type/__install_partition_msdos_apply/gencode-remote
@@ -0,0 +1,163 @@
+#!/bin/sh -e
+#
+# 2011-2013 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+#set -x
+
+die() {
+ echo "[__install_partition_msdos_apply] $*" >&2
+ exit 1
+}
+debug() {
+ #echo "[__install_partition_msdos_apply] $*" >&2
+ :
+}
+
+# Convert a size specifier 1G 100M or 50% into the corresponding numeric MB.
+size_to_mb() {
+ size=$1
+ available_size="$2"
+
+ number_suffix="$(echo "${size}" | sed -e 's:\.[0-9]\+::' -e 's:\([0-9]\+\)\([KkMmGg%]\)[Bb]\?:\1|\2:')"
+ number="$(echo "${number_suffix}" | cut -d '|' -f1)"
+ suffix="$(echo "${number_suffix}" | cut -d '|' -f2)"
+
+ case "$suffix" in
+ K|k)
+ size="$(( number / 1024 ))"
+ ;;
+ M|m)
+ size="$number"
+ ;;
+ G|g)
+ size="$(( number * 1024 ))"
+ ;;
+ %)
+ size="$(( available_size * number / 100 ))"
+ ;;
+ *)
+ size="-1"
+ esac
+ echo "$size"
+}
+
+get_objects() {
+ objects_file=$(mktemp)
+ find "$__global/object/__install_partition_msdos" -type d -name "$__cdist_object_marker" |
+ while IFS= read -r object
+ do
+ object_device="$(cat "$object/parameter/device")"
+ object_minor="$(cat "$object/parameter/minor")"
+ echo "$object_device $object_minor $object" >> "$objects_file"
+ done
+ sort -k 1,2 "$objects_file" | cut -d' ' -f 3
+ rm "$objects_file"
+ unset objects_file
+ unset object
+ unset object_device
+ unset object_minor
+}
+
+# include function library for use on target
+cat "$__type/files/lib.sh"
+
+partitions="$__object/explorer/partitions"
+objects=$(get_objects)
+current_device=""
+available_device_size=
+available_extended_size=
+available_size=
+primary_count=0
+for object in $objects; do
+ device="$(cat "$object/parameter/device")"
+ if [ "$current_device" != "$device" ]; then
+ echo "create_disklabel '$device' || die 'Failed to create disklabel for $device'"
+ current_device="$device"
+ device_name=$(echo "${device}" | sed -e 's:^/dev/::;s:/:\\/:g')
+ available_device_size=$(( $(awk "/${device_name}\$/ { print \$3; }" "$partitions") / 1024))
+ # make sure we don't go past the end of the drive
+ available_device_size=$((available_device_size - 2))
+ available_extended_size=0
+ primary_count=0
+ debug "----- $device"
+ debug "current_device=$current_device"
+ debug "available_device_size=$available_device_size"
+ fi
+
+ type="$(cat "$object/parameter/type")"
+ partition="$(cat "$object/parameter/partition")"
+ minor="$(cat "$object/parameter/minor")"
+
+ bootable="$(cat "$object/parameter/bootable")"
+ size="$(cat "$object/parameter/size")"
+
+
+ if [ "${minor}" -lt "5" ]; then
+ # Primary partitions
+ primary_count=$(( primary_count + 1 ))
+ available_size=$available_device_size
+ else
+ # Logical partitions
+ available_size=$available_extended_size
+ fi
+
+ if [ "$size" = "+" ]; then
+ # use rest of device
+ partition_size=""
+ available_size=0
+ else
+ partition_size=$(size_to_mb "$size" "$available_size")
+ available_size="$(( available_size - partition_size ))"
+ fi
+
+ if [ "${minor}" -lt "5" ]; then
+ # Primary partitions
+ available_device_size=$available_size
+ if [ "$type" = "extended" ] || [ "$type" = "5" ]; then
+ # Extended partition
+ available_extended_size=$partition_size
+ fi
+ else
+ # Logical paritions
+ available_extended_size=$available_size
+ fi
+
+ [ "$partition_size" = "-1" ] && die "could not translate size '$size' to a usable value"
+ debug "----- $partition"
+ debug "primary_count=$primary_count"
+ debug "current_device=$current_device"
+ debug "device=$device"
+ debug "type=$type"
+ debug "partition=$partition"
+ debug "minor=$minor"
+ debug "bootable=$bootable"
+ debug "size=$size"
+ debug "partition_size=$partition_size"
+ debug "available_size=$available_size"
+ debug "available_device_size=$available_device_size"
+ debug "available_extended_size=$available_extended_size"
+ debug "----------"
+
+ echo "create_partition '$device' '$minor' '$partition_size' '$type' '$primary_count' \
+ || die 'Failed to create partition: $partition'"
+
+ if [ "$bootable" = "true" ]; then
+ echo "toggle_bootable '$device' '$minor' || die 'Failed to toogle bootable flag for partition: $partition'"
+ fi
+done
diff --git a/cdist/conf/type/__install_partition_msdos_apply/install b/cdist/conf/type/__install_partition_msdos_apply/install
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__install_partition_msdos_apply/man.rst b/cdist/conf/type/__install_partition_msdos_apply/man.rst
new file mode 100644
index 00000000..80740fde
--- /dev/null
+++ b/cdist/conf/type/__install_partition_msdos_apply/man.rst
@@ -0,0 +1,47 @@
+cdist-type__install_partition_msdos_apply(7)
+============================================
+
+NAME
+----
+cdist-type__install_partition_msdos_apply - Apply dos partition settings
+
+
+DESCRIPTION
+-----------
+Create the partitions defined with __install_partition_msdos
+
+
+REQUIRED PARAMETERS
+-------------------
+None
+
+
+OPTIONAL PARAMETERS
+-------------------
+None
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __install_partition_msdos_apply
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__install_partition_msdos_apply`\ (7)
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2011 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__install_partition_msdos_apply/singleton b/cdist/conf/type/__install_partition_msdos_apply/singleton
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__install_reboot/gencode-remote b/cdist/conf/type/__install_reboot/gencode-remote
new file mode 100755
index 00000000..9a6322c1
--- /dev/null
+++ b/cdist/conf/type/__install_reboot/gencode-remote
@@ -0,0 +1,30 @@
+#!/bin/sh -e
+#
+# 2011 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+#echo "reboot $options"
+cat << DONE
+echo 1 > /proc/sys/kernel/sysrq
+echo s > /proc/sysrq-trigger
+
+# close file descriptors to detach from ssh
+sh -c 'sleep 3; echo b > /proc/sysrq-trigger' > /dev/null 2>&1
+
+
+COPYING
+-------
+Copyright \(C) 2011 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__install_reboot/singleton b/cdist/conf/type/__install_reboot/singleton
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__install_reset_disk/gencode-remote b/cdist/conf/type/__install_reset_disk/gencode-remote
new file mode 100755
index 00000000..ac9ae6cf
--- /dev/null
+++ b/cdist/conf/type/__install_reset_disk/gencode-remote
@@ -0,0 +1,71 @@
+#!/bin/sh -e
+#
+# 2012 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+disk="/$__object_id"
+disk_name="${disk##*/}"
+
+cat << DONE
+
+debug() {
+ echo "[DEBUG] \$@" >&2
+}
+
+find_md_device_names() {
+ local disk_name="\$1"
+ for slave in \$(find /sys/devices/virtual/block/*/slaves/ -name "\${disk_name}*"); do
+ debug "slave: \$slave"
+ for holder in \$slave/holders/*; do
+ debug "holder: \$holder"
+ if [ -d "\$holder/md" ]; then
+ debug "mdadm found at \$holder"
+ holder_name="\${holder##*/}"
+ echo "\$holder_name"
+ fi
+ done
+ done
+}
+
+# disable any enabled volume group
+if command -v vgchange >/dev/null; then
+ vgchange -a n
+else
+ echo "WARNING: vgchange command not found" >&2
+fi
+
+# disable any running mdadm arrays related to $disk
+for md_name in \$(find_md_device_names "$disk_name" | sort | uniq); do
+ echo "md_name: \$md_name"
+ if command -v mdadm >/dev/null; then
+ mdadm --stop "/dev/\$md_name"
+ else
+ echo "WARNING: mdadm command not found" >&2
+ echo "WARNING: could not stop active mdadm raid for disk $disk" >&2
+ fi
+done
+
+# clean disks from any legacy signatures
+if command -v wipefs >/dev/null; then
+ wipefs -a "$disk" || true
+fi
+
+# erase partition table
+dd if=/dev/zero of=$disk bs=512 count=1
+printf 'w\\n' | fdisk -u -c $disk || true
+DONE
diff --git a/cdist/conf/type/__install_reset_disk/install b/cdist/conf/type/__install_reset_disk/install
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__install_reset_disk/man.rst b/cdist/conf/type/__install_reset_disk/man.rst
new file mode 100644
index 00000000..fadeec71
--- /dev/null
+++ b/cdist/conf/type/__install_reset_disk/man.rst
@@ -0,0 +1,43 @@
+cdist-type__install_reset_disk(7)
+=================================
+
+NAME
+----
+cdist-type__install_reset_disk - reset a disk
+
+
+DESCRIPTION
+-----------
+Remove partition table.
+Remove all lvm labels.
+Remove mdadm superblock.
+
+
+REQUIRED PARAMETERS
+-------------------
+None
+
+OPTIONAL PARAMETERS
+-------------------
+None
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __install_reset_disk /dev/sdb
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2012 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__install_stage/gencode-remote b/cdist/conf/type/__install_stage/gencode-remote
new file mode 100755
index 00000000..776e9fd5
--- /dev/null
+++ b/cdist/conf/type/__install_stage/gencode-remote
@@ -0,0 +1,38 @@
+#!/bin/sh -e
+#
+# 2011-2013 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+uri="$(cat "$__object/parameter/uri" 2>/dev/null \
+ || echo "$__object_id")"
+target="$(cat "$__object/parameter/target")"
+
+if [ "$__cdist_log_level" -le "10" ]
+then
+ curl="curl"
+ tar="tar -xvzp"
+else
+ curl="curl -s"
+ tar="tar -xzp"
+fi
+
+if [ -f "$__object/parameter/insecure" ] ; then
+ curl="$curl -k"
+fi
+
+echo "$curl '$uri' | $tar -C '$target'"
diff --git a/cdist/conf/type/__install_stage/install b/cdist/conf/type/__install_stage/install
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__install_stage/man.rst b/cdist/conf/type/__install_stage/man.rst
new file mode 100644
index 00000000..fd764693
--- /dev/null
+++ b/cdist/conf/type/__install_stage/man.rst
@@ -0,0 +1,58 @@
+cdist-type__install_stage(7)
+============================
+
+NAME
+----
+cdist-type__install_stage - download and unpack a stage file
+
+
+DESCRIPTION
+-----------
+Downloads a operating system stage using curl and unpacks it to /target
+using tar. The stage tarball is expected to be gzip compressed.
+
+
+REQUIRED PARAMETERS
+-------------------
+uri
+ The uri from which to fetch the tarball.
+ Can be anything understood by curl, e.g:
+ | http://path/to/stage.tgz
+ | tftp:///path/to/stage.tgz
+ | file:///local/path/stage.tgz
+
+
+OPTIONAL PARAMETERS
+-------------------
+target
+ where to unpack the tarball to. Defaults to /target.
+
+
+BOOLEAN PARAMETERS
+------------------
+insecure
+ run curl in insecure mode so it does not check the servers ssl certificate
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __install_stage --uri tftp:///path/to/stage.tgz
+ __install_stage --uri http://path/to/stage.tgz --target /mnt/foobar
+ __install_stage --uri file:///path/to/stage.tgz --target /target
+ __install_stage --uri https://path/to/stage.tgz --target /mnt/foobar --insecure
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2011 - 2013 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__install_stage/parameter/boolean b/cdist/conf/type/__install_stage/parameter/boolean
new file mode 100644
index 00000000..e86bf3fc
--- /dev/null
+++ b/cdist/conf/type/__install_stage/parameter/boolean
@@ -0,0 +1 @@
+insecure
diff --git a/cdist/conf/type/__install_stage/parameter/default/target b/cdist/conf/type/__install_stage/parameter/default/target
new file mode 100644
index 00000000..ea8c4bf7
--- /dev/null
+++ b/cdist/conf/type/__install_stage/parameter/default/target
@@ -0,0 +1 @@
+/target
diff --git a/cdist/conf/type/__install_stage/parameter/optional b/cdist/conf/type/__install_stage/parameter/optional
new file mode 100644
index 00000000..eb5a316c
--- /dev/null
+++ b/cdist/conf/type/__install_stage/parameter/optional
@@ -0,0 +1 @@
+target
diff --git a/cdist/conf/type/__install_stage/parameter/required b/cdist/conf/type/__install_stage/parameter/required
new file mode 100644
index 00000000..c7954952
--- /dev/null
+++ b/cdist/conf/type/__install_stage/parameter/required
@@ -0,0 +1 @@
+uri
diff --git a/cdist/conf/type/__install_stage/singleton b/cdist/conf/type/__install_stage/singleton
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__install_umount/gencode-remote b/cdist/conf/type/__install_umount/gencode-remote
new file mode 100755
index 00000000..8dcfb253
--- /dev/null
+++ b/cdist/conf/type/__install_umount/gencode-remote
@@ -0,0 +1,25 @@
+#!/bin/sh -e
+#
+# 2011 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+target="$(cat "$__object/parameter/target")"
+
+echo "swapoff -a"
+echo "umount -l ${target}/* || true"
+echo "umount -l ${target}"
diff --git a/cdist/conf/type/__install_umount/install b/cdist/conf/type/__install_umount/install
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__install_umount/man.rst b/cdist/conf/type/__install_umount/man.rst
new file mode 100644
index 00000000..59f63449
--- /dev/null
+++ b/cdist/conf/type/__install_umount/man.rst
@@ -0,0 +1,43 @@
+cdist-type__install_umount(7)
+=============================
+
+NAME
+----
+cdist-type__install_umount - umount target directory
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to recursively umount the given target directory.
+
+
+REQUIRED PARAMETERS
+-------------------
+None
+
+
+OPTIONAL PARAMETERS
+-------------------
+target
+ the mount point to umount. Defaults to object_id
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __install_umount /target
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2011 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__install_umount/parameter/default/target b/cdist/conf/type/__install_umount/parameter/default/target
new file mode 100644
index 00000000..ea8c4bf7
--- /dev/null
+++ b/cdist/conf/type/__install_umount/parameter/default/target
@@ -0,0 +1 @@
+/target
diff --git a/cdist/conf/type/__install_umount/parameter/optional b/cdist/conf/type/__install_umount/parameter/optional
new file mode 100644
index 00000000..eb5a316c
--- /dev/null
+++ b/cdist/conf/type/__install_umount/parameter/optional
@@ -0,0 +1 @@
+target
diff --git a/cdist/conf/type/__iocage_clone/gencode-remote b/cdist/conf/type/__iocage_clone/gencode-remote
new file mode 100755
index 00000000..30d77099
--- /dev/null
+++ b/cdist/conf/type/__iocage_clone/gencode-remote
@@ -0,0 +1,152 @@
+#!/bin/sh
+
+state="$(cat $__object/parameter/state)"
+template="$(cat $__object/parameter/template)"
+ip4_addr="$(cat $__object/parameter/bridge)|$(cat $__object/parameter/ip)"
+interfaces="none:none"
+defaultrouter="none"
+vnet="off"
+jail_zfs_dataset="$(cat $__object/parameter/jail_zfs_dataset)"
+devfs_ruleset="$(cat $__object/parameter/devfs_ruleset)"
+allow_socket_af="$(cat $__object/parameter/allow_socket_af)"
+mount_procfs="$(cat $__object/parameter/mount_procfs)"
+mount_linprocfs="$(cat $__object/parameter/mount_linprocfs)"
+
+if [ "X$state" = "Xabsent" ]; then
+ cat <&2
+ create_new=1
+ fi
+fi
+
+if [ \$create_new -eq 0 ]; then
+ if [ "off" == "\$(get_property_iocage jail_zfs "$__object_id")" ]; then
+ current_jail_zfs_dataset=""
+ else
+ current_jail_zfs_dataset="\$(get_property_iocage jail_zfs_dataset "$__object_id")"
+ fi
+fi
+
+configure=0
+if [ \$create_new -eq 1 ]; then
+ configure=1
+elif [ "X$vnet" != "X\$(get_property_iocage vnet "$__object_id")" ]; then
+ configure=1
+elif [ "X$ip4_addr" != "X\$(get_property_iocage ip4_addr "$__object_id")" ]; then
+ configure=1
+elif [ "X$interfaces" != "X\$(get_property_iocage interfaces "$__object_id")" ]; then
+ configure=1
+elif [ "X$defaultrouter" != "X\$(get_property_iocage defaultrouter "$__object_id")" ]; then
+ configure=1
+elif [ "X$mount_procfs" != "X\$(get_property_iocage mount_procfs "$__object_id")" ]; then
+ configure=1
+elif [ "X$devfs_ruleset" != "X\$(get_property_iocage devfs_ruleset "$__object_id")" ]; then
+ configure=1
+elif [ "X$allow_socket_af" != "X\$(get_property_iocage allow_socket_af "$__object_id")" ]; then
+ configure=1
+elif [ "X$jail_zfs_dataset" != "X\$current_jail_zfs_dataset" ]; then
+ configure=1
+fi
+
+if [ \$create_new -eq 1 ]; then
+ echo "Creating jail $__object_id" >&2
+
+ iocage stop $__object_id || true
+ iocage destroy -f $__object_id || true
+ # Without VNETs, we should not need this.
+ # TODO(riso): Use nicer path
+ # /root/cdist/ioc deconfigure $__object_id
+
+ rm -f /iocage/jails/$__object_id
+
+ iocage clone $template tag=$__object_id
+ iocage set boot=on $__object_id
+ UUID=\$(iocage list | grep " $__object_id " | awk "{ print \\\$2; }")
+ rm -f /iocage/jails/$__object_id
+ ln -s /iocage/jails/\$UUID /iocage/jails/$__object_id
+else
+ UUID=\$(iocage list | grep " $__object_id " | awk "{ print \\\$2; }")
+ echo "Jail $__object_id already exists, UUID=\$UUID" >&2
+fi
+
+ROOT="/iocage/jails/\$UUID/root"
+FSTAB="/iocage/jails/\$UUID/fstab"
+rm -f \$FSTAB.new
+touch \$FSTAB.new
+cat $__object/parameter/mount 2>/dev/null | \\
+while read mount; do
+ src=\$(echo \$mount | awk -F: "{ print \\\$1; }")
+ dst_rel=\$(echo \$mount | awk -F: "{ print \\\$2; }")
+ dst="/iocage/jails/\$UUID/root/\$dst_rel"
+ mkdir -p "\$dst"
+ echo "\$src \$dst nullfs rw 0 0" >>\$FSTAB.new
+done
+if [ $mount_linprocfs -eq 1 ]; then
+ echo "linproc /iocage/jails/\$UUID/root/compat/linux/proc linprocfs rw 0 0" >>\$FSTAB.new
+fi
+
+fstab_changed=0
+if diff -q \$FSTAB \$FSTAB.new >/dev/null; then
+ # pass
+else
+ configure=1
+ fstab_changed=1
+fi
+
+if [ \$configure -eq 1 ]; then
+ echo "Configuring jail $__object_id." >&2
+ iocage stop $__object_id || true
+
+ iocage set vnet="$vnet" $__object_id
+ iocage set interfaces="$interfaces" $__object_id
+ iocage set hostname="$__object_id" $__object_id
+ iocage set ip4_addr="$ip4_addr" $__object_id
+ iocage set defaultrouter="$defaultrouter" $__object_id
+ iocage set mount_procfs="$mount_procfs" $__object_id
+ iocage set devfs_ruleset="$devfs_ruleset" $__object_id
+ iocage set allow_socket_af="$allow_socket_af" $__object_id
+ if [ -n "$jail_zfs_dataset" ]; then
+ iocage set jail_zfs=on $__object_id
+ iocage set jail_zfs_dataset="$jail_zfs_dataset" $__object_id
+ else
+ iocage set jail_zfs=off $__object_id
+ fi
+
+ if [ \$fstab_changed -eq 1 ]; then
+ umount -afF \$FSTAB || true
+ mv \$FSTAB.new \$FSTAB
+ fi
+
+ iocage start $__object_id || true
+
+ # Iocage creates new mac address, but arp can have an old mac cached.
+ # TODO(riso): Is this true without VNETs?
+ arp -d -a
+else
+ echo "Jail $__object_id is already configured." >&2
+fi
+rm -f \$FSTAB.new
+EOF
+fi
diff --git a/cdist/conf/type/__iocage_clone/manifest b/cdist/conf/type/__iocage_clone/manifest
new file mode 100644
index 00000000..0684fce8
--- /dev/null
+++ b/cdist/conf/type/__iocage_clone/manifest
@@ -0,0 +1 @@
+__package iocage
diff --git a/cdist/conf/type/__iocage_clone/parameter/default/allow_socket_af b/cdist/conf/type/__iocage_clone/parameter/default/allow_socket_af
new file mode 100644
index 00000000..573541ac
--- /dev/null
+++ b/cdist/conf/type/__iocage_clone/parameter/default/allow_socket_af
@@ -0,0 +1 @@
+0
diff --git a/cdist/conf/type/__iocage_clone/parameter/default/bridge b/cdist/conf/type/__iocage_clone/parameter/default/bridge
new file mode 100644
index 00000000..092f51c8
--- /dev/null
+++ b/cdist/conf/type/__iocage_clone/parameter/default/bridge
@@ -0,0 +1 @@
+bridge0
diff --git a/cdist/conf/type/__iocage_clone/parameter/default/devfs_ruleset b/cdist/conf/type/__iocage_clone/parameter/default/devfs_ruleset
new file mode 100644
index 00000000..b8626c4c
--- /dev/null
+++ b/cdist/conf/type/__iocage_clone/parameter/default/devfs_ruleset
@@ -0,0 +1 @@
+4
diff --git a/cdist/conf/type/__iocage_clone/parameter/default/jail_zfs_dataset b/cdist/conf/type/__iocage_clone/parameter/default/jail_zfs_dataset
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__iocage_clone/parameter/default/mount_linprocfs b/cdist/conf/type/__iocage_clone/parameter/default/mount_linprocfs
new file mode 100644
index 00000000..573541ac
--- /dev/null
+++ b/cdist/conf/type/__iocage_clone/parameter/default/mount_linprocfs
@@ -0,0 +1 @@
+0
diff --git a/cdist/conf/type/__iocage_clone/parameter/default/mount_procfs b/cdist/conf/type/__iocage_clone/parameter/default/mount_procfs
new file mode 100644
index 00000000..573541ac
--- /dev/null
+++ b/cdist/conf/type/__iocage_clone/parameter/default/mount_procfs
@@ -0,0 +1 @@
+0
diff --git a/cdist/conf/type/__iocage_clone/parameter/default/net b/cdist/conf/type/__iocage_clone/parameter/default/net
new file mode 100644
index 00000000..a45fd52c
--- /dev/null
+++ b/cdist/conf/type/__iocage_clone/parameter/default/net
@@ -0,0 +1 @@
+24
diff --git a/cdist/conf/type/__iocage_clone/parameter/default/state b/cdist/conf/type/__iocage_clone/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__iocage_clone/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__iocage_clone/parameter/optional b/cdist/conf/type/__iocage_clone/parameter/optional
new file mode 100644
index 00000000..8ca73ed9
--- /dev/null
+++ b/cdist/conf/type/__iocage_clone/parameter/optional
@@ -0,0 +1,7 @@
+state
+bridge
+jail_zfs_dataset
+mount_procfs
+mount_linprocfs
+devfs_ruleset
+allow_socket_af
diff --git a/cdist/conf/type/__iocage_clone/parameter/optional_multiple b/cdist/conf/type/__iocage_clone/parameter/optional_multiple
new file mode 100644
index 00000000..fde64773
--- /dev/null
+++ b/cdist/conf/type/__iocage_clone/parameter/optional_multiple
@@ -0,0 +1 @@
+mount
diff --git a/cdist/conf/type/__iocage_clone/parameter/required b/cdist/conf/type/__iocage_clone/parameter/required
new file mode 100644
index 00000000..209d1544
--- /dev/null
+++ b/cdist/conf/type/__iocage_clone/parameter/required
@@ -0,0 +1,2 @@
+ip
+template
diff --git a/cdist/conf/type/__iptables_apply/files/init-script b/cdist/conf/type/__iptables_apply/files/init-script
new file mode 100644
index 00000000..d9c79ef7
--- /dev/null
+++ b/cdist/conf/type/__iptables_apply/files/init-script
@@ -0,0 +1,60 @@
+#!/bin/sh
+# Nico Schottelius
+# Zürisee, Mon Sep 2 18:38:27 CEST 2013
+#
+### BEGIN INIT INFO
+# Provides: iptables
+# Required-Start: $local_fs $remote_fs
+# Required-Stop: $local_fs $remote_fs
+# X-Start-Before: fail2ban
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Applies iptables ruleset
+# Description: Applies all rules found in /etc/iptables.d
+# and saves/restores previous status
+### END INIT INFO
+
+
+basedir=/etc/iptables.d
+status="${basedir}/.pre-start"
+
+case $1 in
+ start)
+ # Save status
+ iptables-save > "$status"
+
+ # Apply our ruleset
+ cd "$basedir" || exit
+ count="$(find . ! -name . -prune | wc -l)"
+
+ # Only do something if there are rules
+ if [ "$count" -ge 1 ]; then
+ for rule in *; do
+ echo "Applying iptables rule $rule ..."
+ # Rule should be split.
+ # shellcheck disable=SC2046
+ iptables $(cat "$rule")
+ done
+ fi
+ ;;
+
+ stop)
+ # Restore from status before, if there is something to restore
+ if [ -f "$status" ]; then
+ iptables-restore < "$status"
+ fi
+ ;;
+ restart)
+ "$0" stop && "$0" start
+ ;;
+ reset)
+ for table in INPUT FORWARD OUTPUT; do
+ iptables -P "$table" ACCEPT
+ iptables -F "$table"
+ done
+ for table in PREROUTING POSTROUTING OUTPUT; do
+ iptables -t nat -P "$table" ACCEPT
+ iptables -t nat -F "$table"
+ done
+ ;;
+esac
diff --git a/cdist/conf/type/__iptables_apply/gencode-remote b/cdist/conf/type/__iptables_apply/gencode-remote
new file mode 100755
index 00000000..a80cb936
--- /dev/null
+++ b/cdist/conf/type/__iptables_apply/gencode-remote
@@ -0,0 +1,5 @@
+#!/bin/sh -e
+
+if grep -q "^__file/etc/iptables.d/" "$__messages_in"; then
+ echo /etc/init.d/iptables restart
+fi
diff --git a/cdist/conf/type/__iptables_apply/man.rst b/cdist/conf/type/__iptables_apply/man.rst
new file mode 100644
index 00000000..76e1f6bf
--- /dev/null
+++ b/cdist/conf/type/__iptables_apply/man.rst
@@ -0,0 +1,45 @@
+cdist-type__iptables_apply(7)
+=============================
+
+NAME
+----
+cdist-type__iptables_apply - Apply the rules
+
+
+DESCRIPTION
+-----------
+This cdist type deploys an init script that triggers
+the configured rules and also re-applies them on
+configuration.
+
+
+REQUIRED PARAMETERS
+-------------------
+None
+
+OPTIONAL PARAMETERS
+-------------------
+None
+
+EXAMPLES
+--------
+
+None (__iptables_apply is used by __iptables_rule)
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__iptables_rule`\ (7), :strong:`iptables`\ (8)
+
+
+AUTHORS
+-------
+Nico Schottelius
+
+
+COPYING
+-------
+Copyright \(C) 2013 Nico Schottelius. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__iptables_apply/manifest b/cdist/conf/type/__iptables_apply/manifest
new file mode 100755
index 00000000..0061d3de
--- /dev/null
+++ b/cdist/conf/type/__iptables_apply/manifest
@@ -0,0 +1,27 @@
+#!/bin/sh -e
+#
+# 2013 Nico Schottelius (nico-cdist at schottelius.org)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+
+__file /etc/init.d/iptables \
+ --source "$__type/files/init-script" \
+ --state present \
+ --mode 0755
+
+require="__file/etc/init.d/iptables" __start_on_boot iptables
diff --git a/cdist/conf/type/__iptables_apply/singleton b/cdist/conf/type/__iptables_apply/singleton
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__iptables_rule/man.rst b/cdist/conf/type/__iptables_rule/man.rst
new file mode 100644
index 00000000..92d8859f
--- /dev/null
+++ b/cdist/conf/type/__iptables_rule/man.rst
@@ -0,0 +1,66 @@
+cdist-type__iptables_rule(7)
+============================
+
+NAME
+----
+cdist-type__iptables_rule - Deploy iptable rulesets
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to manage iptable rules
+in a distribution independent manner.
+
+
+REQUIRED PARAMETERS
+-------------------
+rule
+ The rule to apply. Essentially an iptables command
+ line without iptables in front of it.
+
+
+OPTIONAL PARAMETERS
+-------------------
+state
+ 'present' or 'absent', defaults to 'present'
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Deploy some policies
+ __iptables_rule policy-in --rule "-P INPUT DROP"
+ __iptables_rule policy-out --rule "-P OUTPUT ACCEPT"
+ __iptables_rule policy-fwd --rule "-P FORWARD DROP"
+
+ # The usual established rule
+ __iptables_rule established --rule "-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT"
+
+ # Some service rules
+ __iptables_rule http --rule "-A INPUT -p tcp --dport 80 -j ACCEPT"
+ __iptables_rule ssh --rule "-A INPUT -p tcp --dport 22 -j ACCEPT"
+ __iptables_rule https --rule "-A INPUT -p tcp --dport 443 -j ACCEPT"
+
+ # Ensure some rules are not present anymore
+ __iptables_rule munin --rule "-A INPUT -p tcp --dport 4949 -j ACCEPT" \
+ --state absent
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__iptables_apply`\ (7), :strong:`iptables`\ (8)
+
+
+AUTHORS
+-------
+Nico Schottelius
+
+
+COPYING
+-------
+Copyright \(C) 2013 Nico Schottelius. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__iptables_rule/manifest b/cdist/conf/type/__iptables_rule/manifest
new file mode 100755
index 00000000..ed78787f
--- /dev/null
+++ b/cdist/conf/type/__iptables_rule/manifest
@@ -0,0 +1,42 @@
+#!/bin/sh -e
+#
+# 2013 Nico Schottelius (nico-cdist at schottelius.org)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+
+base_dir=/etc/iptables.d
+
+name="$__object_id"
+state="$(cat "$__object/parameter/state")"
+
+################################################################################
+# Basic setup
+#
+
+__directory "$base_dir" --state present
+
+# Have apply do the real job
+require="$__object_name" __iptables_apply
+
+################################################################################
+# The rule
+#
+
+require="__directory/$base_dir" __file "$base_dir/${name}" \
+ --source "$__object/parameter/rule" \
+ --state "$state"
diff --git a/cdist/conf/type/__iptables_rule/parameter/default/state b/cdist/conf/type/__iptables_rule/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__iptables_rule/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__iptables_rule/parameter/optional b/cdist/conf/type/__iptables_rule/parameter/optional
new file mode 100644
index 00000000..ff72b5c7
--- /dev/null
+++ b/cdist/conf/type/__iptables_rule/parameter/optional
@@ -0,0 +1 @@
+state
diff --git a/cdist/conf/type/__iptables_rule/parameter/required b/cdist/conf/type/__iptables_rule/parameter/required
new file mode 100644
index 00000000..2b254dff
--- /dev/null
+++ b/cdist/conf/type/__iptables_rule/parameter/required
@@ -0,0 +1 @@
+rule
diff --git a/cdist/conf/type/__issue/man.rst b/cdist/conf/type/__issue/man.rst
new file mode 100644
index 00000000..097f2c01
--- /dev/null
+++ b/cdist/conf/type/__issue/man.rst
@@ -0,0 +1,47 @@
+cdist-type__issue(7)
+====================
+
+NAME
+----
+cdist-type__issue - Manage issue
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to easily setup /etc/issue.
+
+
+REQUIRED PARAMETERS
+-------------------
+None.
+
+
+OPTIONAL PARAMETERS
+-------------------
+source
+ If supplied, use this file as /etc/issue instead of default.
+
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __issue
+
+ # When called from another type
+ __issue --source "$__type/files/myfancyissue"
+
+
+AUTHORS
+-------
+Nico Schottelius
+
+
+COPYING
+-------
+Copyright \(C) 2011 Nico Schottelius. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__issue/man.text b/cdist/conf/type/__issue/man.text
deleted file mode 100644
index 40ed920e..00000000
--- a/cdist/conf/type/__issue/man.text
+++ /dev/null
@@ -1,47 +0,0 @@
-cdist-type__issue(7)
-====================
-Nico Schottelius
-
-
-NAME
-----
-cdist-type__issue - Manage issue
-
-
-DESCRIPTION
------------
-This cdist type allows you to easily setup /etc/issue.
-
-
-REQUIRED PARAMETERS
--------------------
-None.
-
-
-OPTIONAL PARAMETERS
--------------------
-source::
- If supplied, use this file as /etc/issue instead of default.
-
-
-
-EXAMPLES
---------
-
---------------------------------------------------------------------------------
-__issue
-
-# When called from another type
-__issue --source "$__type/files/myfancyissue"
---------------------------------------------------------------------------------
-
-
-SEE ALSO
---------
-- cdist-type(7)
-
-
-COPYING
--------
-Copyright \(C) 2011 Nico Schottelius. Free use of this software is
-granted under the terms of the GNU General Public License version 3 (GPLv3).
diff --git a/cdist/conf/type/__issue/manifest b/cdist/conf/type/__issue/manifest
index d2720f2d..0f0b3d83 100755
--- a/cdist/conf/type/__issue/manifest
+++ b/cdist/conf/type/__issue/manifest
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/sh -e
#
# 2011-2012 Nico Schottelius (nico-cdist at schottelius.org)
#
@@ -25,6 +25,9 @@ os="$(cat "$__global/explorer/os")"
if [ -f "$__object/parameter/source" ]; then
source="$(cat "$__object/parameter/source")"
+ if [ "$source" = "-" ]; then
+ source="${__object}/stdin"
+ fi
else
case "$os" in
archlinux|redhat)
diff --git a/cdist/conf/type/__jail/man.text b/cdist/conf/type/__jail/man.rst
similarity index 50%
rename from cdist/conf/type/__jail/man.text
rename to cdist/conf/type/__jail/man.rst
index b439e0f5..7fc8f455 100644
--- a/cdist/conf/type/__jail/man.text
+++ b/cdist/conf/type/__jail/man.rst
@@ -1,7 +1,5 @@
cdist-type__jail(7)
===================
-Jake Guffey
-
NAME
----
@@ -10,52 +8,52 @@ cdist-type__jail - Manage FreeBSD jails
DESCRIPTION
-----------
-This type is used on FreeBSD to manage jails.
+This type is used on FreeBSD to manage jails by calling the appropriate per-version subtype.
REQUIRED PARAMETERS
-------------------
-state::
- Either "present" or "absent."
+state
+ Either "present" or "absent", defaults to "present".
-jailbase::
+jailbase
The location of the .tgz archive containing the base fs for your jails.
OPTIONAL PARAMETERS
-------------------
-name::
+name
The name of the jail. Default is to use the object_id as the jail name.
-ip::
+ip
The ifconfig style IP/netmask combination to use for the jail guest. If
the state parameter is "present," this parameter is required.
-hostname::
+hostname
The FQDN to use for the jail guest. Defaults to the name parameter.
-interface::
+interface
The name of the physical interface on the jail server to bind the jail to.
Defaults to the first interface found in the output of ifconfig -l.
-devfs-ruleset::
+devfs-ruleset
The name of the devfs ruleset to associate with the jail. Defaults to
"jailrules." This ruleset must be copied to the server via another type.
To use this option, devfs-enable must be "true."
-jaildir::
+jaildir
The location on the remote server to use for hosting jail filesystems.
Defaults to /usr/jail.
BOOLEAN PARAMETERS
------------------
-stopped::
+stopped
Do not start the jail
-devfs-disable::
+devfs-disable
Whether to disallow devfs mounting within the jail
-onboot::
+onboot
Whether to add the jail to rc.conf's jail_list variable.
@@ -67,40 +65,60 @@ be removed then re-added with the correct IP address/netmask or the appropriate
line (jail__ip="...") modified within rc.conf through some alternate
means.
+MESSAGES
+--------
+start
+ The jail was started
+stop
+ The jail was stopped
+create:
+ The jail was created
+delete
+ The jail was deleted
+onboot
+ The jail was configured to start on boot
+
EXAMPLES
--------
---------------------------------------------------------------------------------
-# Create a jail called www
-__jail www --state present --ip "192.168.1.2" --jailbase /my/jail/base.tgz
+.. code-block:: sh
-# Remove the jail called www
-__jail www --state absent --jailbase /my/jail/base.tgz
+ # Create a jail called www
+ __jail www --state present --ip "192.168.1.2" --jailbase /my/jail/base.tgz
-# The jail www should not be started
-__jail www --state present --stopped \
- --ip "192.168.1.2 netmask 255.255.255.0" \
- --jailbase /my/jail/base.tgz
+ # Remove the jail called www
+ __jail www --state absent --jailbase /my/jail/base.tgz
-# Use the name variable explicitly
-__jail thisjail --state present --name www \
- --ip "192.168.1.2" \
- --jailbase /my/jail/base.tgz
+ # The jail www should not be started
+ __jail www --state present --stopped \
+ --ip "192.168.1.2 netmask 255.255.255.0" \
+ --jailbase /my/jail/base.tgz
-# Go nuts
-__jail lotsofoptions --state present --name testjail \
- --ip "192.168.1.100 netmask 255.255.255.0" \
- --hostname "testjail.example.com" --interface "em0" \
- --onboot --jailbase /my/jail/base.tgz --jaildir /jails
---------------------------------------------------------------------------------
+ # Use the name variable explicitly
+ __jail thisjail --state present --name www \
+ --ip "192.168.1.2" \
+ --jailbase /my/jail/base.tgz
+
+ # Go nuts
+ __jail lotsofoptions --state present --name testjail \
+ --ip "192.168.1.100 netmask 255.255.255.0" \
+ --hostname "testjail.example.com" --interface "em0" \
+ --onboot --jailbase /my/jail/base.tgz --jaildir /jails
SEE ALSO
--------
-- cdist-type(7)
+:strong:`jail`\ (8)
+
+
+AUTHORS
+-------
+Jake Guffey
COPYING
-------
-Copyright \(C) 2012 Jake Guffey. Free use of this software is
-granted under the terms of the GNU General Public License version 3 (GPLv3).
+Copyright \(C) 2012,2016 Jake Guffey. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__jail/manifest b/cdist/conf/type/__jail/manifest
index 0570d62d..fad6a3a1 100755
--- a/cdist/conf/type/__jail/manifest
+++ b/cdist/conf/type/__jail/manifest
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/sh -e
#
# 2012 Jake Guffey (jake.guffey at eprotex.com)
#
@@ -29,18 +29,26 @@
# Can only be used on FreeBSD
os="$(cat "$__global/explorer/os")"
if [ ! "$os" = "freebsd" ]; then
- echo "__jail can only be used on FreeBSD targets!" >&2
- exit 1
+ echo "__jail can only be used on FreeBSD targets!" >&2
+ exit 1
fi
-if [ -f "$__object/parameter/jaildir" ]; then
- jaildir="$(cat "$__object/parameter/name")"
+jaildir="$(cat "$__object/parameter/jaildir")"
+
+__directory "${jaildir}" --parents
+
+set -- "$@" "$__object_id"
+cd "$__object/parameter"
+for property in *; do
+ set -- "$@" "--$property" "$(cat "$property")"
+done
+
+if grep -q '^10\.' "$(cat "$__global/explorer/os_version")" ; then # Version is 10.x
+ __jail_freebsd10 "$@"
else
- jaildir="/usr/jail"
+ __jail_freebsd9 "$@"
fi
-__directory ${jaildir} --parents
-
# Debug
#set +x
diff --git a/cdist/conf/type/__jail/parameter/default/devfs-ruleset b/cdist/conf/type/__jail/parameter/default/devfs-ruleset
new file mode 100644
index 00000000..f602aa0a
--- /dev/null
+++ b/cdist/conf/type/__jail/parameter/default/devfs-ruleset
@@ -0,0 +1 @@
+jailrules
diff --git a/cdist/conf/type/__jail/parameter/default/jailbase b/cdist/conf/type/__jail/parameter/default/jailbase
new file mode 100644
index 00000000..8b137891
--- /dev/null
+++ b/cdist/conf/type/__jail/parameter/default/jailbase
@@ -0,0 +1 @@
+
diff --git a/cdist/conf/type/__jail/parameter/default/jaildir b/cdist/conf/type/__jail/parameter/default/jaildir
new file mode 100644
index 00000000..ec7d86c6
--- /dev/null
+++ b/cdist/conf/type/__jail/parameter/default/jaildir
@@ -0,0 +1 @@
+/usr/jail
diff --git a/cdist/conf/type/__jail/parameter/default/state b/cdist/conf/type/__jail/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__jail/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__jail/parameter/optional b/cdist/conf/type/__jail/parameter/optional
index 08ecd469..b36f0fa5 100644
--- a/cdist/conf/type/__jail/parameter/optional
+++ b/cdist/conf/type/__jail/parameter/optional
@@ -5,3 +5,4 @@ interface
devfs-ruleset
jaildir
jailbase
+state
diff --git a/cdist/conf/type/__jail/explorer/basepresent b/cdist/conf/type/__jail_freebsd10/explorer/basepresent
similarity index 95%
rename from cdist/conf/type/__jail/explorer/basepresent
rename to cdist/conf/type/__jail_freebsd10/explorer/basepresent
index f167a19c..034128d5 100755
--- a/cdist/conf/type/__jail/explorer/basepresent
+++ b/cdist/conf/type/__jail_freebsd10/explorer/basepresent
@@ -26,7 +26,7 @@
#set -x
if [ -f "$__object/parameter/jaildir" ]; then
- jaildir="$(cat "$__object/parameter/name")"
+ jaildir="$(cat "$__object/parameter/jaildir")"
else
jaildir="/usr/jail"
fi
diff --git a/cdist/conf/type/__jail/explorer/present b/cdist/conf/type/__jail_freebsd10/explorer/present
similarity index 95%
rename from cdist/conf/type/__jail/explorer/present
rename to cdist/conf/type/__jail_freebsd10/explorer/present
index 2ba3b2af..ddfb805c 100755
--- a/cdist/conf/type/__jail/explorer/present
+++ b/cdist/conf/type/__jail_freebsd10/explorer/present
@@ -32,7 +32,7 @@ else
fi
if [ -f "$__object/parameter/jaildir" ]; then
- jaildir="$(cat "$__object/parameter/name")"
+ jaildir="$(cat "$__object/parameter/jaildir")"
else
jaildir="/usr/jail"
fi
diff --git a/cdist/conf/type/__jail/explorer/status b/cdist/conf/type/__jail_freebsd10/explorer/status
similarity index 90%
rename from cdist/conf/type/__jail/explorer/status
rename to cdist/conf/type/__jail_freebsd10/explorer/status
index fe81eaf7..c8039f21 100755
--- a/cdist/conf/type/__jail/explorer/status
+++ b/cdist/conf/type/__jail_freebsd10/explorer/status
@@ -32,14 +32,14 @@ else
fi
if [ -f "$__object/parameter/jaildir" ]; then
- jaildir="$(cat "$__object/parameter/name")"
+ jaildir="$(cat "$__object/parameter/jaildir")"
else
jaildir="/usr/jail"
fi
# backslash-escaped $jaildir
sjaildir="$(echo ${jaildir} | sed 's#/#\\/#g')"
-jls_output="$(jls | grep "[ ^I]${sjaildir}\/${name}\$")" || true
+jls_output="$(jls | grep "[ ]${sjaildir}\\/${name}\$")" || true
if [ -n "${jls_output}" ]; then
echo "STARTED"
diff --git a/cdist/conf/type/__jail_freebsd10/gencode-local b/cdist/conf/type/__jail_freebsd10/gencode-local
new file mode 100755
index 00000000..f163cad3
--- /dev/null
+++ b/cdist/conf/type/__jail_freebsd10/gencode-local
@@ -0,0 +1,59 @@
+#!/bin/sh -e
+#
+# 2012 Jake Guffey (jake.guffey at eprotex.com)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# The __jail type creates, configures, and deletes FreeBSD jails for use as
+# virtual machines.
+#
+
+# Debug
+#exec >&2
+#set -x
+
+jaildir="$(cat "$__object/parameter/jaildir")"
+
+jailbase="$(cat "$__object/parameter/jailbase")"
+
+state="$(cat "$__object/parameter/state")"
+
+if [ "$state" = "present" ] && [ -z "$jailbase" ]; then
+ exec >&2
+ echo "jailbase is a REQUIRED parameter when state=present!"
+ exit 1
+fi
+
+remotebase="${jaildir}/jailbase.tgz"
+basepresent="$(cat "$__object/explorer/basepresent")"
+
+if [ "$state" = "present" ]; then
+ if [ "$basepresent" = "NONE" ]; then
+ # IPv6 fix
+ if echo "${__target_host}" | grep -q -E '^[0-9a-fA-F:]+$'
+ then
+ my_target_host="[${__target_host}]"
+ else
+ my_target_host="${__target_host}"
+ fi
+ echo "$__remote_copy" "${jailbase}" "${my_target_host}:${remotebase}"
+ fi # basepresent=NONE
+fi # state=present
+
+# Debug
+#set +x
+
diff --git a/cdist/conf/type/__jail_freebsd10/gencode-remote b/cdist/conf/type/__jail_freebsd10/gencode-remote
new file mode 100755
index 00000000..4f376c25
--- /dev/null
+++ b/cdist/conf/type/__jail_freebsd10/gencode-remote
@@ -0,0 +1,362 @@
+#!/bin/sh -e
+#
+# 2012,2014,2016 Jake Guffey (jake.guffey at jointheirstm.org)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# The __jail_freebsd10 type creates, configures, and deletes FreeBSD
+# jails for use as virtual machines on FreeBSD 10.x.
+#
+
+# Debug
+#exec >&2
+#set -x
+
+if [ -f "$__object/parameter/name" ]; then
+ name="$(cat "$__object/parameter/name")"
+else
+ name="$__object_id"
+fi
+
+state="$(cat "$__object/parameter/state")"
+
+started="true"
+# If the user wants the jail gone, it implies it shouldn't be started.
+{ [ -f "$__object/parameter/stopped" ] || [ "$state" = "absent" ]; } && started="false"
+
+if [ -f "$__object/parameter/ip" ]; then
+ ip="$(cat "$__object/parameter/ip")"
+else
+# IP is an optional param when $state=absent, but
+# when $state=present, it's required. Enforce this.
+ if [ "$state" = "present" ]; then
+ exec >&2
+ printf 'If --state is "present", --ip must be given\!\n'
+ exit 1
+ fi
+fi
+
+if [ -f "$__object/parameter/hostname" ]; then
+ hostname="$(cat "$__object/parameter/hostname")"
+else
+ hostname="$name"
+fi
+
+if [ -f "$__object/parameter/devfs-disable" ]; then
+ devfsenable="false"
+else
+ devfsenable="true"
+fi
+
+devfsruleset="$(cat "$__object/parameter/devfs-ruleset")"
+
+# devfs_ruleset being defined without devfs_enable being true
+# is pointless. Treat this as an error.
+if [ -n "$devfsruleset" ] && [ "$devfsenable" = "false" ]; then
+ exec >&2
+ echo "Can't have --devfs-ruleset defined with --devfs-disable"
+ exit 1
+fi
+
+if [ -f "$__object/parameter/onboot" ]; then
+ onboot="true"
+fi
+
+jaildir="$(cat "$__object/parameter/jaildir")"
+
+present="$(cat "$__object/explorer/present")"
+#present="$(cat "$__type/explorer/present")"
+status="$(cat "$__object/explorer/status")"
+
+# Handle ip="addr, addr" format
+if [ "$(expr "${ip}" : ".*, .*")" -gt "0" ]; then
+ SAVE_IFS="$IFS"
+ IFS=", "
+ for cur_ip in ${ip}; do
+ # Just get the last IP address for SSH to listen on
+ mgmt_ip=$(echo "${cur_ip}" | cut '-d ' -f1) # In case using "ip netmask" format rather than CIDR
+ done
+ IFS="$SAVE_IFS"
+else
+ mgmt_ip=$(echo "${ip}" | cut '-d ' -f1) # In case using "ip netmask" format rather than CIDR
+fi
+
+stopJail() {
+# Check $status before issuing command
+ if [ "$status" = "STARTED" ]; then
+ echo "/etc/rc.d/jail stop ${name}"
+ echo "stop" >> "$__messages_out"
+ fi
+}
+
+startJail() {
+# Check $status before issuing command
+ if [ "$status" = "NOTSTART" ]; then
+ echo "/etc/rc.d/jail start ${name}"
+ echo "start" >> "$__messages_out"
+ fi
+}
+
+deleteJail() {
+# Unmount the jail's mountpoints if necessary
+ cat <=1 rw mount is mounted still
+ for DIR in "\${output}"; do
+ umount -F "/etc/fstab.${name}" "\$(echo "${DIR}" | awk '{print \$3}')"
+ done
+ fi
+ output="\$(mount | grep "\\/${name} (")" || true
+ if [ -n "\${output}" ]; then # ro mount is mounted still
+ umount -F "/etc/fstab.${name}" "\$(echo "\${output}" | awk '{print \$3}')"
+ fi
+EOF
+# Remove the jail's rw mountpoints
+ echo "rm -rf \"${jaildir}/rw/${name}\""
+# Remove the jail directory
+ echo "rm -rf \"${jaildir}/${name}\""
+# Remove the jail's fstab
+ echo "rm -f \"/etc/fstab.${name}\""
+# Remove jail entry from jail.conf
+ cat <> "$__messages_out"
+}
+
+createJail() {
+# Create the jail directory
+cat <> "$__messages_out"
+
+# Create the ro+rw mountpoint entries in fstab
+cat </etc/fstab.${name} <>/etc/rc.conf
+ elif [ ! "\$(echo \$jail_enable | tr '[a-z]' '[A-Z]' | tr -d '"')" = "YES" ]; then # jail_enable="NO"
+ sed -i '.bak' 's/^jail_enable=.*$/jail_enable="YES"/g' /etc/rc.conf # fix this -^
+ rm -f /etc/rc.conf.bak
+ fi
+
+ jailfile=/etc/jail.conf
+ jailheader="${name} {"
+
+ jaildata="path=\"${jaildir}/${name}\";"
+
+ if [ "$devfsenable" = "true" ]; then
+ jaildata="\$jaildata
+ mount.devfs;"
+ else
+ jaildata="\$jaildata
+ mount.nodevfs;"
+ fi
+
+ jaildata="\$jaildata
+ host.hostname=\"${hostname}\";
+ ip4.addr=\"${ip}\";
+ exec.start=\"/bin/sh /etc/rc\";
+ exec.stop=\"/bin/sh /etc/rc.shutdown\";
+ exec.consolelog=\"/var/log/jail_${name}_console.log\";
+ mount.fstab=\"/etc/fstab.${name}\";
+ allow.mount;
+ exec.clean;
+ allow.set_hostname=0;
+ allow.sysvipc=0;
+ allow.raw_sockets=0;"
+
+ jailtrailer="}"
+
+ if [ "$devfsenable" = "true" ] && [ "${devfsruleset}" = "jailrules" ]; then # The default ruleset is to be used
+ if [ ! -f /etc/devfs.rules ]; then
+ touch /etc/devfs.rules
+ fi
+ if [ -z "\$(grep '\\[jailrules=' /etc/devfs.rules)" ]; then # The default ruleset doesn't exist
+ # Get the highest-numbered ruleset
+ highest="\$(sed -n 's/\\[.*=\\([0-9]*\\)\\]/\\1/pg' /etc/devfs.rules | sort -u | tail -n 1)" || true
+ # increment by 1
+ [ -z "\$highest" ] && highest=10
+ let num="\${highest}+1" 2>&1 >/dev/null # Close the FD==fail...
+ # add default ruleset
+ cat >>/etc/devfs.rules <>\"\$jailfile\""
+
+# Add $name to jail_list if $onboot=yes
+if [ "$onboot" = "yes" ]; then
+
+ # first check to see whether jail_enable="YES" exists in rc.conf or not and add it
+ # if necessary
+
+ cat <> "$__messages_out"
+fi
+
+# Add the normal entries into the jail's rc.conf
+cat <"${jaildir}/rw/${name}/etc/rc.conf"
+echo sshd_enable=\"YES\" >>"${jaildir}/rw/${name}/etc/rc.conf"
+echo sendmail_enable=\"NONE\" >>"${jaildir}/rw/${name}/etc/rc.conf"
+echo syslogd_enable=\"YES\" >>"${jaildir}/rw/${name}/etc/rc.conf"
+echo syslogd_flags=\"-ss\" >>"${jaildir}/rw/${name}/etc/rc.conf"
+
+EOF
+# Configure SSHd's listening address
+cat <= 10.0 to manage jails.
+
+
+REQUIRED PARAMETERS
+-------------------
+state
+ Either "present" or "absent", defaults to "present".
+
+jailbase
+ The location of the .tgz archive containing the base fs for your jails.
+
+
+OPTIONAL PARAMETERS
+-------------------
+name
+ The name of the jail. Default is to use the object_id as the jail name.
+
+ip
+ The ifconfig style IP/netmask combination to use for the jail guest. If
+ the state parameter is "present," this parameter is required.
+
+hostname
+ The FQDN to use for the jail guest. Defaults to the name parameter.
+
+interface
+ The name of the physical interface on the jail server to bind the jail to.
+ Defaults to the first interface found in the output of ifconfig -l.
+
+devfs-ruleset
+ The name of the devfs ruleset to associate with the jail. Defaults to
+ "jailrules." This ruleset must be copied to the server via another type.
+ To use this option, devfs-enable must be "true."
+
+jaildir
+ The location on the remote server to use for hosting jail filesystems.
+ Defaults to /usr/jail.
+
+BOOLEAN PARAMETERS
+------------------
+stopped
+ Do not start the jail
+
+devfs-disable
+ Whether to disallow devfs mounting within the jail
+
+onboot
+ Whether to add the jail to rc.conf's jail_list variable.
+
+
+CAVEATS
+-------
+This type does not currently support modification of jail options. If, for
+example a jail needs to have its IP address or netmask changed, the jail must
+be removed then re-added with the correct IP address/netmask or the appropriate
+modifications to jail.conf need to be made through alternate means.
+
+MESSAGES
+--------
+start
+ The jail was started
+stop
+ The jail was stopped
+create:
+ The jail was created
+delete
+ The jail was deleted
+onboot
+ The jail was configured to start on boot
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Create a jail called www
+ __jail_freebsd10 www --state present --ip "192.168.1.2" --jailbase /my/jail/base.tgz
+
+ # Remove the jail called www
+ __jail_freebsd10 www --state absent --jailbase /my/jail/base.tgz
+
+ # The jail www should not be started
+ __jail_freebsd10 www --state present --stopped \
+ --ip "192.168.1.2 netmask 255.255.255.0" \
+ --jailbase /my/jail/base.tgz
+
+ # Use the name variable explicitly
+ __jail_freebsd10 thisjail --state present --name www \
+ --ip "192.168.1.2" \
+ --jailbase /my/jail/base.tgz
+
+ # Go nuts
+ __jail_freebsd10 lotsofoptions --state present --name testjail \
+ --ip "192.168.1.100 netmask 255.255.255.0" \
+ --hostname "testjail.example.com" --interface "em0" \
+ --onboot --jailbase /my/jail/base.tgz --jaildir /jails
+
+
+SEE ALSO
+--------
+:strong:`jail`\ (8)
+
+
+AUTHORS
+-------
+Jake Guffey
+
+
+COPYING
+-------
+Copyright \(C) 2012-2016 Jake Guffey. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__jail_freebsd10/parameter/boolean b/cdist/conf/type/__jail_freebsd10/parameter/boolean
new file mode 100644
index 00000000..39144f6f
--- /dev/null
+++ b/cdist/conf/type/__jail_freebsd10/parameter/boolean
@@ -0,0 +1,3 @@
+onboot
+stopped
+devfs-disable
diff --git a/cdist/conf/type/__jail_freebsd10/parameter/default/devfs-ruleset b/cdist/conf/type/__jail_freebsd10/parameter/default/devfs-ruleset
new file mode 100644
index 00000000..f602aa0a
--- /dev/null
+++ b/cdist/conf/type/__jail_freebsd10/parameter/default/devfs-ruleset
@@ -0,0 +1 @@
+jailrules
diff --git a/cdist/conf/type/__jail_freebsd10/parameter/default/jailbase b/cdist/conf/type/__jail_freebsd10/parameter/default/jailbase
new file mode 100644
index 00000000..8b137891
--- /dev/null
+++ b/cdist/conf/type/__jail_freebsd10/parameter/default/jailbase
@@ -0,0 +1 @@
+
diff --git a/cdist/conf/type/__jail_freebsd10/parameter/default/jaildir b/cdist/conf/type/__jail_freebsd10/parameter/default/jaildir
new file mode 100644
index 00000000..ec7d86c6
--- /dev/null
+++ b/cdist/conf/type/__jail_freebsd10/parameter/default/jaildir
@@ -0,0 +1 @@
+/usr/jail
diff --git a/cdist/conf/type/__jail_freebsd10/parameter/default/state b/cdist/conf/type/__jail_freebsd10/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__jail_freebsd10/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__jail_freebsd10/parameter/optional b/cdist/conf/type/__jail_freebsd10/parameter/optional
new file mode 100644
index 00000000..b36f0fa5
--- /dev/null
+++ b/cdist/conf/type/__jail_freebsd10/parameter/optional
@@ -0,0 +1,8 @@
+name
+ip
+hostname
+interface
+devfs-ruleset
+jaildir
+jailbase
+state
diff --git a/cdist/conf/type/__pf_ruleset/explorer/cksum b/cdist/conf/type/__jail_freebsd9/explorer/basepresent
similarity index 63%
rename from cdist/conf/type/__pf_ruleset/explorer/cksum
rename to cdist/conf/type/__jail_freebsd9/explorer/basepresent
index f8679836..034128d5 100755
--- a/cdist/conf/type/__pf_ruleset/explorer/cksum
+++ b/cdist/conf/type/__jail_freebsd9/explorer/basepresent
@@ -18,22 +18,35 @@
# along with cdist. If not, see .
#
#
-# Get the 256 bit SHA2 checksum of the pf ruleset on the target host.
+# See if the jailbase.tgz or $jaildir/base dir exists
#
# Debug
#exec >&2
#set -x
-# Check /etc/rc.conf for pf's configuration file name. Default to /etc/pf.conf
-# See if file exists and if so, get checksum
+if [ -f "$__object/parameter/jaildir" ]; then
+ jaildir="$(cat "$__object/parameter/jaildir")"
+else
+ jaildir="/usr/jail"
+fi
-RC="/etc/rc.conf"
-TMP="$(grep '^pf_rules=' ${RC} | cut -d= -f2 | sed 's/"//g')"
-PFCONF="${TMP:-"/etc/pf.conf"}"
+name="base:jailbase.tgz"
+out=""
-if [ -f "${PFCONF}" ]; then # The pf config file exists, find its cksum.
- cksum -o 1 ${PFCONF} | cut -d= -f2 | awk '{print $1}'
+save_IFS="$IFS"
+IFS=":"
+for cur in $name; do
+ if [ -e "${jaildir}/$cur" ]; then
+ out="${out}:${cur}"
+ fi
+done
+IFS="$save_IFS"
+
+if [ -z "$out" ]; then
+ echo "NONE"
+else
+ echo "${out}"
fi
# Debug
diff --git a/cdist/conf/type/__jail_freebsd9/explorer/present b/cdist/conf/type/__jail_freebsd9/explorer/present
new file mode 100755
index 00000000..ddfb805c
--- /dev/null
+++ b/cdist/conf/type/__jail_freebsd9/explorer/present
@@ -0,0 +1,43 @@
+#!/bin/sh
+#
+# 2012 Jake Guffey (jake.guffey at eprotex.com)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# See if the requested jail exists
+#
+
+# Debug
+#exec >&2
+#set -x
+
+if [ -f "$__object/parameter/name" ]; then
+ name="$(cat "$__object/parameter/name")"
+else
+ name=$__object_id
+fi
+
+if [ -f "$__object/parameter/jaildir" ]; then
+ jaildir="$(cat "$__object/parameter/jaildir")"
+else
+ jaildir="/usr/jail"
+fi
+
+[ -d "${jaildir}/$name" ] && echo "EXISTS" || echo "NOTEXIST"
+
+#set +x
+
diff --git a/cdist/conf/type/__jail_freebsd9/explorer/status b/cdist/conf/type/__jail_freebsd9/explorer/status
new file mode 100755
index 00000000..c8039f21
--- /dev/null
+++ b/cdist/conf/type/__jail_freebsd9/explorer/status
@@ -0,0 +1,52 @@
+#!/bin/sh
+#
+# 2012 Jake Guffey (jake.guffey at eprotex.com)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# See if the requested jail is started
+#
+
+# Debug
+#exec >&2
+#set -x
+
+if [ -f "$__object/parameter/name" ]; then
+ name="$(cat "$__object/parameter/name")"
+else
+ name="$__object_id"
+fi
+
+if [ -f "$__object/parameter/jaildir" ]; then
+ jaildir="$(cat "$__object/parameter/jaildir")"
+else
+ jaildir="/usr/jail"
+fi
+# backslash-escaped $jaildir
+sjaildir="$(echo ${jaildir} | sed 's#/#\\/#g')"
+
+jls_output="$(jls | grep "[ ]${sjaildir}\\/${name}\$")" || true
+
+if [ -n "${jls_output}" ]; then
+ echo "STARTED"
+else
+ echo "NOTSTART"
+fi
+
+# Debug
+#set +x
+
diff --git a/cdist/conf/type/__jail/gencode-local b/cdist/conf/type/__jail_freebsd9/gencode-local
similarity index 76%
rename from cdist/conf/type/__jail/gencode-local
rename to cdist/conf/type/__jail_freebsd9/gencode-local
index 075a6ef1..bbdc9fcc 100755
--- a/cdist/conf/type/__jail/gencode-local
+++ b/cdist/conf/type/__jail_freebsd9/gencode-local
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/sh -e
#
# 2012 Jake Guffey (jake.guffey at eprotex.com)
#
@@ -22,17 +22,9 @@
# virtual machines.
#
-if [ -f "$__object/parameter/jaildir" ]; then
- jaildir="$(cat "$__object/parameter/name")"
-else
- jaildir="/usr/jail"
-fi
+jaildir="$(cat "$__object/parameter/jaildir")"
-if [ -f "$__object/parameter/jailbase" ]; then
- jailbase="$(cat "$__object/parameter/jailbase")"
-else
- jailbase=""
-fi
+jailbase="$(cat "$__object/parameter/jailbase")"
state="$(cat "$__object/parameter/state")"
@@ -47,7 +39,14 @@ basepresent="$(cat "$__object/explorer/basepresent")"
if [ "$state" = "present" ]; then
if [ "$basepresent" = "NONE" ]; then
- echo "$__remote_copy" "${jailbase}" "$__target_host:${remotebase}"
+ # IPv6 fix
+ if echo "${__target_host}" | grep -q -E '^[0-9a-fA-F:]+$'
+ then
+ my_target_host="[${__target_host}]"
+ else
+ my_target_host="${__target_host}"
+ fi
+ echo "$__remote_copy" "${jailbase}" "${my_target_host}:${remotebase}"
fi # basepresent=NONE
fi # state=present
diff --git a/cdist/conf/type/__jail/gencode-remote b/cdist/conf/type/__jail_freebsd9/gencode-remote
similarity index 87%
rename from cdist/conf/type/__jail/gencode-remote
rename to cdist/conf/type/__jail_freebsd9/gencode-remote
index b044e4b0..68229d3e 100755
--- a/cdist/conf/type/__jail/gencode-remote
+++ b/cdist/conf/type/__jail_freebsd9/gencode-remote
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/sh -e
#
-# 2012 Jake Guffey (jake.guffey at eprotex.com)
+# 2012,2014,2016 Jake Guffey (jake.guffey at jointheirstm.org)
#
# This file is part of cdist.
#
@@ -18,8 +18,8 @@
# along with cdist. If not, see .
#
#
-# The __jail type creates, configures, and deletes FreeBSD jails for use as
-# virtual machines.
+# The __jail_freebsd9 type creates, configures, and deletes FreeBSD jails
+# for use as virtual machines on FreeBSD 9.x and before.
#
# Debug
@@ -36,7 +36,7 @@ state="$(cat "$__object/parameter/state")"
started="true"
# If the user wants the jail gone, it implies it shouldn't be started.
-[ -f "$__object/parameter/stopped" -o "$state" = "absent" ] && started="false"
+{ [ -f "$__object/parameter/stopped" ] || [ "$state" = "absent" ]; } && started="false"
if [ -f "$__object/parameter/ip" ]; then
ip="$(cat "$__object/parameter/ip")"
@@ -45,7 +45,7 @@ else
# when $state=present, it's required. Enforce this.
if [ "$state" = "present" ]; then
exec >&2
- echo "If --state is 'present,' --ip must be given\!"
+ printf 'If --state is "present", --ip must be given\!\n'
exit 1
fi
fi
@@ -66,15 +66,11 @@ else
devfsenable="true"
fi
-if [ -f "$__object/parameter/devfs-ruleset" ]; then
- devfsruleset="$(cat "$__object/parameter/devfs-ruleset")"
-else
- devfsruleset="jailrules"
-fi
+devfsruleset="$(cat "$__object/parameter/devfs-ruleset")"
# devfs_ruleset being defined without devfs_enable being true
# is pointless. Treat this as an error.
-if [ -n "$devfsruleset" -a "$devfsenable" = "false" ]; then
+if [ -n "$devfsruleset" ] && [ "$devfsenable" = "false" ]; then
exec >&2
echo "Can't have --devfs-ruleset defined with --devfs-disable"
exit 1
@@ -84,23 +80,20 @@ if [ -f "$__object/parameter/onboot" ]; then
onboot="true"
fi
-if [ -f "$__object/parameter/jaildir" ]; then
- jaildir="$(cat "$__object/parameter/name")"
-else
- jaildir="/usr/jail"
-fi
+jaildir="$(cat "$__object/parameter/jaildir")"
present="$(cat "$__object/explorer/present")"
status="$(cat "$__object/explorer/status")"
+
# Handle ip="iface|addr, iface|addr" format
-if [ $(expr "${ip}" : ".*|.*") -gt "0" ]; then
+if [ "$(expr "${ip}" : ".*|.*")" -gt "0" ]; then
# If we have multiple IPs defined, $interface doesn't make sense because ip="iface|addr, iface|addr" implies it
interface=""
SAVE_IFS="$IFS"
IFS=", "
for cur_ip in ${ip}; do
# Just get the last IP address for SSH to listen on
- mgmt_ip=$(echo "${ip}" | sed -E -e 's/^.*\|(.*)\/[0-9]+$/\1/')
+ mgmt_ip=$(echo "${cur_ip}" | sed -E -e 's/^.*\|(.*)\/[0-9]+$/\1/')
done
IFS="$SAVE_IFS"
else
@@ -111,6 +104,7 @@ stopJail() {
# Check $status before issuing command
if [ "$status" = "STARTED" ]; then
echo "/etc/rc.d/jail stop ${name}"
+ echo "stop" >> "$__messages_out"
fi
}
@@ -118,25 +112,26 @@ startJail() {
# Check $status before issuing command
if [ "$status" = "NOTSTART" ]; then
echo "/etc/rc.d/jail start ${name}"
+ echo "start" >> "$__messages_out"
fi
}
deleteJail() {
# Unmount the jail's mountpoints if necessary
cat <=1 rw mount is mounted still
- for DIR in "${output}"; do
- umount -F "/etc/fstab.${name}" "\$(echo "${DIR}" | awk '{print $3}')"
+ for DIR in "\${output}"; do
+ umount -F "/etc/fstab.${name}" "\$(echo "${DIR}" | awk '{print \$3}')"
done
fi
- output="\$(mount | grep "\/${name} (")" || true
+ output="\$(mount | grep "\\/${name} (")" || true
if [ -n "\${output}" ]; then # ro mount is mounted still
- umount -F "/etc/fstab.${name}" "\$(echo "${output}" | awk '{print $3}')"
+ umount -F "/etc/fstab.${name}" "\$(echo "\${output}" | awk '{print \$3}')"
fi
EOF
# Remove the jail's rw mountpoints
@@ -169,6 +164,7 @@ EOF
rm -f /etc/rc.conf.bak
fi
EOF
+ echo "delete" >> "$__messages_out"
}
createJail() {
@@ -222,6 +218,7 @@ cat <> "$__messages_out"
# Create the ro+rw mountpoint entries in fstab
cat <&- >&-
# add default ruleset
@@ -317,6 +314,7 @@ if [ "$onboot" = "yes" ]; then
fi
unset jail_list
EOF
+ echo "onboot" >> "$__messages_out"
fi
# Add the normal entries into the jail's rc.conf
@@ -356,3 +354,4 @@ else # The jail does not currently exist
exit 0
fi
fi
+
diff --git a/cdist/conf/type/__jail_freebsd9/man.rst b/cdist/conf/type/__jail_freebsd9/man.rst
new file mode 100644
index 00000000..cc79c785
--- /dev/null
+++ b/cdist/conf/type/__jail_freebsd9/man.rst
@@ -0,0 +1,124 @@
+cdist-type__jail_freebsd9(7)
+============================
+
+NAME
+----
+cdist-type__jail_freebsd9 - Manage FreeBSD jails
+
+
+DESCRIPTION
+-----------
+This type is used on FreeBSD <= 9.x to manage jails.
+
+
+REQUIRED PARAMETERS
+-------------------
+state
+ Either "present" or "absent", defaults to "present".
+
+jailbase
+ The location of the .tgz archive containing the base fs for your jails.
+
+
+OPTIONAL PARAMETERS
+-------------------
+name
+ The name of the jail. Default is to use the object_id as the jail name.
+
+ip
+ The ifconfig style IP/netmask combination to use for the jail guest. If
+ the state parameter is "present," this parameter is required.
+
+hostname
+ The FQDN to use for the jail guest. Defaults to the name parameter.
+
+interface
+ The name of the physical interface on the jail server to bind the jail to.
+ Defaults to the first interface found in the output of ifconfig -l.
+
+devfs-ruleset
+ The name of the devfs ruleset to associate with the jail. Defaults to
+ "jailrules." This ruleset must be copied to the server via another type.
+ To use this option, devfs-enable must be "true."
+
+jaildir
+ The location on the remote server to use for hosting jail filesystems.
+ Defaults to /usr/jail.
+
+BOOLEAN PARAMETERS
+------------------
+stopped
+ Do not start the jail
+
+devfs-disable
+ Whether to disallow devfs mounting within the jail
+
+onboot
+ Whether to add the jail to rc.conf's jail_list variable.
+
+
+CAVEATS
+-------
+This type does not currently support modification of jail options. If, for
+example a jail needs to have its IP address or netmask changed, the jail must
+be removed then re-added with the correct IP address/netmask or the appropriate
+line (jail__ip="...") modified within rc.conf through some alternate
+means.
+
+MESSAGES
+--------
+start
+ The jail was started
+stop
+ The jail was stopped
+create:
+ The jail was created
+delete
+ The jail was deleted
+onboot
+ The jail was configured to start on boot
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Create a jail called www
+ __jail_freebsd9 www --state present --ip "192.168.1.2" --jailbase /my/jail/base.tgz
+
+ # Remove the jail called www
+ __jail_freebsd9 www --state absent --jailbase /my/jail/base.tgz
+
+ # The jail www should not be started
+ __jail_freebsd9 www --state present --stopped \
+ --ip "192.168.1.2 netmask 255.255.255.0" \
+ --jailbase /my/jail/base.tgz
+
+ # Use the name variable explicitly
+ __jail_freebsd9 thisjail --state present --name www \
+ --ip "192.168.1.2" \
+ --jailbase /my/jail/base.tgz
+
+ # Go nuts
+ __jail_freebsd9 lotsofoptions --state present --name testjail \
+ --ip "192.168.1.100 netmask 255.255.255.0" \
+ --hostname "testjail.example.com" --interface "em0" \
+ --onboot --jailbase /my/jail/base.tgz --jaildir /jails
+
+
+SEE ALSO
+--------
+:strong:`jail`\ (8)
+
+
+AUTHORS
+-------
+Jake Guffey
+
+
+COPYING
+-------
+Copyright \(C) 2012-2016 Jake Guffey. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__jail_freebsd9/parameter/boolean b/cdist/conf/type/__jail_freebsd9/parameter/boolean
new file mode 100644
index 00000000..39144f6f
--- /dev/null
+++ b/cdist/conf/type/__jail_freebsd9/parameter/boolean
@@ -0,0 +1,3 @@
+onboot
+stopped
+devfs-disable
diff --git a/cdist/conf/type/__jail_freebsd9/parameter/default/devfs-ruleset b/cdist/conf/type/__jail_freebsd9/parameter/default/devfs-ruleset
new file mode 100644
index 00000000..f602aa0a
--- /dev/null
+++ b/cdist/conf/type/__jail_freebsd9/parameter/default/devfs-ruleset
@@ -0,0 +1 @@
+jailrules
diff --git a/cdist/conf/type/__jail_freebsd9/parameter/default/jailbase b/cdist/conf/type/__jail_freebsd9/parameter/default/jailbase
new file mode 100644
index 00000000..8b137891
--- /dev/null
+++ b/cdist/conf/type/__jail_freebsd9/parameter/default/jailbase
@@ -0,0 +1 @@
+
diff --git a/cdist/conf/type/__jail_freebsd9/parameter/default/jaildir b/cdist/conf/type/__jail_freebsd9/parameter/default/jaildir
new file mode 100644
index 00000000..ec7d86c6
--- /dev/null
+++ b/cdist/conf/type/__jail_freebsd9/parameter/default/jaildir
@@ -0,0 +1 @@
+/usr/jail
diff --git a/cdist/conf/type/__jail_freebsd9/parameter/default/state b/cdist/conf/type/__jail_freebsd9/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__jail_freebsd9/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__jail_freebsd9/parameter/optional b/cdist/conf/type/__jail_freebsd9/parameter/optional
new file mode 100644
index 00000000..b36f0fa5
--- /dev/null
+++ b/cdist/conf/type/__jail_freebsd9/parameter/optional
@@ -0,0 +1,8 @@
+name
+ip
+hostname
+interface
+devfs-ruleset
+jaildir
+jailbase
+state
diff --git a/cdist/conf/type/__key_value/explorer/state b/cdist/conf/type/__key_value/explorer/state
index 94a5ea7f..7b2de1df 100755
--- a/cdist/conf/type/__key_value/explorer/state
+++ b/cdist/conf/type/__key_value/explorer/state
@@ -1,6 +1,7 @@
#!/bin/sh
#
# 2011 Steven Armstrong (steven-cdist at armstrong.cc)
+# 2014 Daniel Heule (hda at sfs.biz)
#
# This file is part of cdist.
#
@@ -20,34 +21,84 @@
key="$(cat "$__object/parameter/key" 2>/dev/null \
|| echo "$__object_id")"
-state="$(cat "$__object/parameter/state" 2>/dev/null \
- || echo "present")"
+state="$(cat "$__object/parameter/state")"
+
file="$(cat "$__object/parameter/file")"
+
+if [ ! -f "$file" ]; then
+ echo "nosuchfile"
+ exit
+fi
+
delimiter="$(cat "$__object/parameter/delimiter")"
value="$(cat "$__object/parameter/value" 2>/dev/null \
|| echo "__CDIST_NOTSET__")"
+if [ -f "$__object/parameter/exact_delimiter" ]; then
+ exact_delimiter=1
+else
+ exact_delimiter=0
+fi
+export key state delimiter value exact_delimiter
-case "$state" in
- absent)
- if grep -q -E "^$key$delimiter+" "$file"; then
- # if the key exists, with whatever value, we will have to remove it
- # so report it as present
- echo present
- else
- # key does not exist
- echo absent
- fi
- ;;
- present)
- if grep -q -E "^$key$delimiter+$value$" "$file"; then
- # key exists and value is same
- echo present
- elif grep -q -E "^$key$delimiter+" "$file"; then
- # key exists, but value is empty or different
- echo wrongvalue
- else
- # key does not exist
- echo absent
- fi
- ;;
-esac
+awk -f - "$file" <<"AWK_EOF"
+BEGIN {
+ state=ENVIRON["state"]
+ key=ENVIRON["key"]
+ delimiter=ENVIRON["delimiter"]
+ value=ENVIRON["value"]
+ exact_delimiter=ENVIRON["exact_delimiter"]
+ found=0
+}
+# enter the main loop
+{
+ i = index($0,key)
+ if(i == 1) {
+ delval = substr($0,length(key)+1)
+ delpos = index(delval,delimiter)
+ if(delpos == 0) {
+ # in this case, the delimiter was not found
+ next
+ }
+ if(delpos > 1) {
+ spaces = substr(delval,1,delpos-1)
+ sub(/[ \t]*/,"",spaces)
+ if( length(spaces) > 0 ) {
+ # if there are not only spaces between key and delimiter,
+ # continue since we we are on the wrong line
+ next
+ }
+ if( exact_delimiter == 1) {
+ # we have key and delimiter, but since additional spaces are not alowed
+ # return wrongformat
+ found=1
+ print "wrongformat"
+ exit
+ }
+ }
+ found=1
+ if(state == "absent") {
+ # on state absent, only the ocurance is relevant, so exit here
+ print "present"
+ exit
+ }
+ linevalue=substr(delval,delpos + length(delimiter))
+ if(exact_delimiter == 0){
+ #ok, now strip tabs and whitespaces at the beginning of the value
+ sub(/[ \t]*/,"",linevalue)
+ }
+ # Key with separator found
+ if(linevalue == value) {
+ # exact match found, so state is present
+ print "present"
+ }
+ else {
+ print "wrongvalue"
+ }
+ exit
+ }
+}
+END {
+ if(found == 0)
+ print "absent"
+}
+AWK_EOF
diff --git a/cdist/conf/type/__key_value/files/remote_script.sh b/cdist/conf/type/__key_value/files/remote_script.sh
new file mode 100644
index 00000000..f7a1add5
--- /dev/null
+++ b/cdist/conf/type/__key_value/files/remote_script.sh
@@ -0,0 +1,106 @@
+#!/bin/sh
+
+key="$(cat "$__object/parameter/key" 2>/dev/null \
+ || echo "$__object_id")"
+state="$(cat "$__object/parameter/state")"
+
+file="$(cat "$__object/parameter/file")"
+
+delimiter="$(cat "$__object/parameter/delimiter")"
+value="$(cat "$__object/parameter/value" 2>/dev/null \
+ || echo "__CDIST_NOTSET__")"
+export key state delimiter value
+if [ -f "$__object/parameter/exact_delimiter" ]; then
+ exact_delimiter=1
+else
+ exact_delimiter=0
+fi
+export exact_delimiter
+
+tmpfile=$(mktemp "${file}.cdist.XXXXXXXXXX")
+# preserve ownership and permissions by copying existing file over tmpfile
+if [ -f "$file" ]; then
+ cp -p "$file" "$tmpfile"
+else
+ touch "$file"
+fi
+awk -f - "$file" >"$tmpfile" <<"AWK_EOF"
+BEGIN {
+ # import variables in a secure way ..
+ state=ENVIRON["state"]
+ key=ENVIRON["key"]
+ delimiter=ENVIRON["delimiter"]
+ value=ENVIRON["value"]
+ comment=ENVIRON["comment"]
+ exact_delimiter=ENVIRON["exact_delimiter"]
+ inserted=0
+ lastline=""
+ lastlinepopulated=0
+ line=key delimiter value
+}
+# enter the main loop
+{
+ # I dont use regex, this is by design, so we can match against every value without special meanings of chars ...
+ i = index($0,key)
+ if(i == 1) {
+ delval = substr($0,length(key)+1)
+ delpos = index(delval,delimiter)
+ if(delpos > 1) {
+ spaces = substr(delval,1,delpos-1)
+ sub(/[ \t]*/,"",spaces)
+ if( length(spaces) > 0 ) {
+ # if there are not only spaces between key and delimiter,
+ # continue since we we are on the wrong line
+ if(lastlinepopulated == 1) {
+ print lastline
+ }
+ lastline=$0
+ lastlinepopulated=1
+ next
+ }
+ }
+ if(state == "absent") {
+ if(lastline == comment) {
+ # if comment is present, clear lastlinepopulated flag
+ lastlinepopulated=0
+ }
+ # if absent, simple yump over this line
+ next
+ }
+ else {
+ # if comment is present and not present in last line
+ if (lastlinepopulated == 1) {
+ print lastline
+ if( comment != "" && lastline != comment) {
+ print comment
+ }
+ lastlinepopulated=0
+ }
+ inserted=1
+ # state is present, so insert correct line here
+ print line
+ lastline=line
+ next
+ }
+ }
+ else {
+ if(lastlinepopulated == 1) {
+ print lastline
+ }
+ lastline=$0
+ lastlinepopulated=1
+ }
+}
+END {
+ if(lastlinepopulated == 1) {
+ print lastline
+ }
+ if(inserted == 0 && state == "present" ) {
+ if(comment != "" && lastline != comment){
+ print comment
+ }
+ print line
+ }
+}
+AWK_EOF
+mv -f "$tmpfile" "$file"
diff --git a/cdist/conf/type/__key_value/gencode-remote b/cdist/conf/type/__key_value/gencode-remote
index 5fa24d5b..13cc27c7 100755
--- a/cdist/conf/type/__key_value/gencode-remote
+++ b/cdist/conf/type/__key_value/gencode-remote
@@ -1,7 +1,8 @@
-#!/bin/sh
+#!/bin/sh -e
#
# 2011 Steven Armstrong (steven-cdist at armstrong.cc)
-# 2012 Nico Schottelius (nico-cdist at schottelius.org)
+# 2012-2014 Nico Schottelius (nico-cdist at schottelius.org)
+# 2014 Daniel Heule (hda at sfs.biz)
#
# This file is part of cdist.
#
@@ -19,42 +20,65 @@
# along with cdist. If not, see .
#
-key="$__object_id"
-[ -f "$__object/parameter/key" ] && key="$(cat "$__object/parameter/key")"
-state_should=present
-[ -f "$__object/parameter/state" ] && state_should="$(cat "$__object/parameter/state")"
-
-file="$(cat "$__object/parameter/file")"
-delimiter="$(cat "$__object/parameter/delimiter")"
-value="$(cat "$__object/parameter/value")"
+state_should="$(cat "$__object/parameter/state")"
state_is="$(cat "$__object/explorer/state")"
+fire_onchange=''
-[ "$state_is" = "$state_should" ] && exit 0
+if [ "$state_is" = "$state_should" ]; then
+ exit 0
+fi
+# here we check only if the states are valid,
+# emit messages and
+# let awk do the work ...
case "$state_should" in
absent)
- # remove lines starting with key
- echo "sed '/^$key\($delimiter\+\)/d' \"$file\" > \"$file.cdist-tmp\""
- echo "mv \"$file.cdist-tmp\" \"$file\""
- ;;
- present)
case "$state_is" in
- absent)
- # add new key and value
- echo "echo \"${key}${delimiter}${value}\" >> \"$file\""
+ absent|nosuchfile)
+ # nothing to do
;;
- wrongvalue)
- # change exisiting value
- echo "sed \"s|^$key\($delimiter\+\).*|$key\1$value|\" \"$file\" > \"$file.cdist-tmp\""
- echo "mv \"$file.cdist-tmp\" \"$file\""
+ wrongformat|wrongvalue|present)
+ echo "remove" >> "$__messages_out"
+ fire_onchange=1
;;
*)
echo "Unknown explorer state: $state_is" >&2
exit 1
+ ;;
+ esac
+ ;;
+ present)
+ case "$state_is" in
+ nosuchfile)
+ echo "create" >> "$__messages_out"
+ fire_onchange=1
+ ;;
+ absent)
+ echo "insert" >> "$__messages_out"
+ fire_onchange=1
+ ;;
+ wrongformated|wrongvalue)
+ echo "change" >> "$__messages_out"
+ fire_onchange=1
+ ;;
+ present)
+ # nothing to do
+ ;;
+ *)
+ echo "Unknown explorer state: $state_is" >&2
+ exit 1
+ ;;
esac
;;
*)
- echo "Unknown state: $state_should" >&2
- exit 1
-esac
+ echo "Unknown state: $state_should" >&2
+ exit 1
+ ;;
+esac
+
+cat "$__type/files/remote_script.sh"
+
+if [ -n "$fire_onchange" ]; then
+ cat "$__object/parameter/onchange"
+fi
diff --git a/cdist/conf/type/__key_value/man.rst b/cdist/conf/type/__key_value/man.rst
new file mode 100644
index 00000000..34e4aab2
--- /dev/null
+++ b/cdist/conf/type/__key_value/man.rst
@@ -0,0 +1,96 @@
+cdist-type__key_value(7)
+========================
+
+NAME
+----
+cdist-type__key_value - Change property values in files
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to change values in a key value based config
+file.
+
+
+REQUIRED PARAMETERS
+-------------------
+file
+ The file to operate on.
+delimiter
+ The delimiter which separates the key from the value.
+
+
+OPTIONAL PARAMETERS
+-------------------
+state
+ present or absent, defaults to present. If present, sets the key to value,
+ if absent, removes the key from the file.
+key
+ The key to change. Defaults to object_id.
+value
+ The value for the key. Optional if state=absent, required otherwise.
+comment
+ If supplied, the value will be inserted before the line with the key,
+ but only if the key or value must be changed.
+ You need to ensure yourself that the line is prefixed with the correct
+ comment sign. (for example # or ; or wathever ..)
+onchange
+ The code to run if the key or value changes (i.e. is inserted, removed or replaced).
+
+
+BOOLEAN PARAMETERS
+------------------
+exact_delimiter
+ If supplied, treat additional whitespaces between key, delimiter and value
+ as wrong value.
+
+
+MESSAGES
+--------
+remove
+ Removed existing key and value
+insert
+ Added key and value
+change
+ Changed value of existing key
+create
+ A new line was inserted in a new file
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Set the maximum system user id
+ __key_value SYS_UID_MAX --file /etc/login.defs --value 666 --delimiter ' '
+
+ # Same with fancy id
+ __key_value my-fancy-id --file /etc/login.defs --key SYS_UID_MAX --value 666 \
+ --delimiter ' '
+
+ # Enable packet forwarding
+ __key_value net.ipv4.ip_forward --file /etc/sysctl.conf --value 1 \
+ --delimiter ' = ' --comment '# my linux kernel should act as a router'
+
+ # Remove existing key/value
+ __key_value LEGACY_KEY --file /etc/somefile --state absent --delimiter '='
+
+
+MORE INFORMATION
+----------------
+This type try to handle as many values as possible, so it doesn't use regexes.
+So you need to exactly specify the key and delimiter. Delimiter can be of any length.
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2011 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__key_value/man.text b/cdist/conf/type/__key_value/man.text
deleted file mode 100644
index 1423fc7d..00000000
--- a/cdist/conf/type/__key_value/man.text
+++ /dev/null
@@ -1,64 +0,0 @@
-cdist-type__key_value(7)
-========================
-Steven Armstrong
-
-
-NAME
-----
-cdist-type__key_value - Change property values in files
-
-
-DESCRIPTION
------------
-This cdist type allows you to change values in a key value based config
-file.
-
-
-REQUIRED PARAMETERS
--------------------
-file::
- The file to operate on.
-delimiter::
- The delimiter which seperates the key from the value.
-
-
-OPTIONAL PARAMETERS
--------------------
-state::
- present or absent, defaults to present. If present, sets the key to value,
- if absent, removes the key from the file.
-key::
- The key to change. Defaults to object_id.
-value::
- The value for the key. Optional if state=absent, required otherwise.
-
-
-EXAMPLES
---------
-
---------------------------------------------------------------------------------
-# Set the maximum system user id
-__key_value SYS_UID_MAX --file /etc/login.defs --value 666 --delimiter ' '
-
-# Same with fancy id
-__key_value my-fancy-id --file /etc/login.defs --key SYS_UID_MAX --value 666 \
- --delimiter ' '
-
-# Enable packet forwarding
-__key_value net.ipv4.ip_forward --file /etc/sysctl.conf --value 1 \
- --delimiter '='
-
-# Remove existing key/value
-__key_value LEGACY_KEY --file /etc/somefile --state absent --delimiter '='
---------------------------------------------------------------------------------
-
-
-SEE ALSO
---------
-- cdist-type(7)
-
-
-COPYING
--------
-Copyright \(C) 2011 Steven Armstrong. Free use of this software is
-granted under the terms of the GNU General Public License version 3 (GPLv3).
diff --git a/cdist/conf/type/__key_value/manifest b/cdist/conf/type/__key_value/manifest
index 8ed9cc9c..5a91f60c 100755
--- a/cdist/conf/type/__key_value/manifest
+++ b/cdist/conf/type/__key_value/manifest
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/sh -e
#
# 2011 Steven Armstrong (steven-cdist at armstrong.cc)
# 2012 Nico Schottelius (nico-cdist at schottelius.org)
@@ -19,10 +19,9 @@
# along with cdist. If not, see .
#
-state_should=present
-[ -f "$__object/parameter/state" ] && state_should="$(cat "$__object/parameter/state")"
+state_should="$(cat "$__object/parameter/state")"
-if [ "$state_should" = "present" -a ! -f "$__object/parameter/value" ]; then
+if [ "$state_should" = "present" ] && [ ! -f "$__object/parameter/value" ]; then
echo "Missing required parameter 'value'" >&2
exit 1
fi
diff --git a/cdist/conf/type/__key_value/parameter/boolean b/cdist/conf/type/__key_value/parameter/boolean
new file mode 100644
index 00000000..190831c1
--- /dev/null
+++ b/cdist/conf/type/__key_value/parameter/boolean
@@ -0,0 +1 @@
+exact_delimiter
diff --git a/cdist/conf/type/__key_value/parameter/default/comment b/cdist/conf/type/__key_value/parameter/default/comment
new file mode 100644
index 00000000..8b137891
--- /dev/null
+++ b/cdist/conf/type/__key_value/parameter/default/comment
@@ -0,0 +1 @@
+
diff --git a/cdist/conf/type/__key_value/parameter/default/onchange b/cdist/conf/type/__key_value/parameter/default/onchange
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__key_value/parameter/default/state b/cdist/conf/type/__key_value/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__key_value/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__key_value/parameter/optional b/cdist/conf/type/__key_value/parameter/optional
index 483e3192..d4b8cac0 100644
--- a/cdist/conf/type/__key_value/parameter/optional
+++ b/cdist/conf/type/__key_value/parameter/optional
@@ -1,3 +1,5 @@
key
value
state
+comment
+onchange
diff --git a/cdist/conf/type/__keyboard/man.rst b/cdist/conf/type/__keyboard/man.rst
new file mode 100644
index 00000000..0eb4cde9
--- /dev/null
+++ b/cdist/conf/type/__keyboard/man.rst
@@ -0,0 +1,37 @@
+cdist-type__keyboard(7)
+=======================
+
+NAME
+----
+cdit-type__keyboard - Set keyboard layout
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to modify keyboard layout.
+
+
+REQUIRED PARAMETERS
+-------------------
+type
+ Any valid type, for example "us"
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Set keyboard type to "us"
+ __keyboard --type "us"
+
+
+AUTHORS
+-------
+Carlos Ortigoza
+
+
+COPYING
+-------
+Copyright \(C) 2016 Carlos Ortigoza. Free use of this software is
+granted under the terms of the GNU General Public License v3 or later (GPLv3+).
diff --git a/cdist/conf/type/__keyboard/manifest b/cdist/conf/type/__keyboard/manifest
new file mode 100755
index 00000000..80cd4819
--- /dev/null
+++ b/cdist/conf/type/__keyboard/manifest
@@ -0,0 +1,50 @@
+#!/bin/sh -e
+#
+# Carlos Ortigoza (carlos.ortigoza at ungleich.ch)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# Configure keyboard type by modifying /etc/sysconfig/keyboard file.
+#
+
+os=$(cat "$__global/explorer/os")
+keyboard_type="$(cat "$__object/parameter/type")"
+
+case "$os" in
+ centos)
+ __file /etc/sysconfig/keyboard \
+ --owner root --group root --mode 644 \
+ --state exists
+
+ require="__file/etc/sysconfig/keyboard" \
+ __key_value KEYTABLE \
+ --file /etc/sysconfig/keyboard \
+ --delimiter '=' \
+ --value "\"$keyboard_type\""
+
+ require="__file/etc/sysconfig/keyboard" \
+ __key_value LAYOUT \
+ --file /etc/sysconfig/keyboard \
+ --delimiter '=' \
+ --value "\"$keyboard_type\""
+ ;;
+ *)
+ echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2
+ echo "Please contribute an implementation for it if you can." >&2
+ exit 1
+ ;;
+esac
diff --git a/cdist/conf/type/__keyboard/parameter/required b/cdist/conf/type/__keyboard/parameter/required
new file mode 100644
index 00000000..aa80e646
--- /dev/null
+++ b/cdist/conf/type/__keyboard/parameter/required
@@ -0,0 +1 @@
+type
diff --git a/cdist/conf/type/__keyboard/singleton b/cdist/conf/type/__keyboard/singleton
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__letsencrypt_acmetiny/gencode-remote b/cdist/conf/type/__letsencrypt_acmetiny/gencode-remote
new file mode 100644
index 00000000..9243acc9
--- /dev/null
+++ b/cdist/conf/type/__letsencrypt_acmetiny/gencode-remote
@@ -0,0 +1,112 @@
+#!/bin/sh -e
+
+ACME_TINY_CERT_REQUEST_DIR="/var/acme-tiny/cert-requests"
+ACME_TINY_ACCOUNT_KEY="/var/acme-tiny/account.key"
+ACME_CHALLENGE_DIR="/srv/www/sites/acme/public/.well-known/acme-challenge"
+
+REALM="${__object_id}"
+EXTRA_DOMAINS=""
+if [ -f "${__object}/parameter/extra-domain" ]; then
+ EXTRA_DOMAINS="$(cat "${__object}/parameter/extra-domain")"
+fi
+
+#TODO: support linux too
+REALMS_DIR="/usr/local/etc/pki/realms"
+REALM_DIR="${REALMS_DIR}/${REALM}"
+REALM_CERT="${REALM_DIR}/default.crt"
+REALM_KEY="${REALM_DIR}/default.key"
+REALM_CERT_REQUEST="${ACME_TINY_CERT_REQUEST_DIR}/${REALM}.csr"
+REALM_CERT_REQUEST_CNF="${ACME_TINY_CERT_REQUEST_DIR}/${REALM}.cnf"
+
+CSR_ALT_NAMES=""
+REALM_CERT_REQUEST_CNF_LINE=""
+if [ -n "${EXTRA_DOMAINS}" ]; then
+ CSR_ALT_NAMES="DNS:${REALM}"
+ for domain in ${EXTRA_DOMAINS}; do
+ CSR_ALT_NAMES="${CSR_ALT_NAMES},DNS:${domain}"
+ done
+ # CSR requests are executed always against .new, only after succeeding .new replaces the .cnf
+ REALM_CERT_REQUEST_CNF_LINE="-reqexts SAN -config '${REALM_CERT_REQUEST_CNF}.new'"
+fi
+
+cat << EOF
+if [ ! -d '${REALM_DIR}' ]; then
+ mkdir -p '${REALM_DIR}'
+fi
+if [ ! -f '${REALM_KEY}' ]; then
+ openssl genrsa 4096 > '${REALM_KEY}'
+fi
+
+if [ ! -d '${ACME_TINY_CERT_REQUEST_DIR}' ]; then
+ mkdir '${ACME_TINY_CERT_REQUEST_DIR}'
+fi
+
+FORCE_CSR_REGEN=""
+if [ -n '${CSR_ALT_NAMES}' ]; then
+ # Generate new config
+ cat /etc/ssl/openssl.cnf > '${REALM_CERT_REQUEST_CNF}.new'
+ printf '[SAN]\nsubjectAltName=${CSR_ALT_NAMES}' >> '${REALM_CERT_REQUEST_CNF}.new'
+ # Compare to previous config if necessary
+ if [ -f '${REALM_CERT_REQUEST_CNF}' ]; then
+ CNF_DIFF=\$(diff -q '${REALM_CERT_REQUEST_CNF}' '${REALM_CERT_REQUEST_CNF}.new' || true)
+ if [ -n "\${CNF_DIFF}" ]; then
+ # Options have changed
+ FORCE_CSR_REGEN="YES"
+ else
+ # Since they match, we won't be using this, clean it
+ rm '${REALM_CERT_REQUEST_CNF}.new'
+ fi
+ else
+ # We never used SAN here, CSR regen needed.
+ FORCE_CSR_REGEN="YES"
+ fi
+else
+ # We used SAN at some point, not any more
+ if [ -f '${REALM_CERT_REQUEST_CNF}' ]; then
+ rm '${REALM_CERT_REQUEST_CNF}'
+ FORCE_CSR_REGEN="YES"
+ fi
+fi
+
+# Create or re-create when params have changed
+if [ ! -f '${REALM_CERT_REQUEST}' -o -n "\${FORCE_CSR_REGEN}" ]; then
+ openssl req -new -sha256 -key '${REALM_KEY}' -subj '/CN=${REALM}' -out '${REALM_CERT_REQUEST}' ${REALM_CERT_REQUEST_CNF_LINE}
+fi
+
+# Check if cert exists, and if so whether or not it's older than a month
+if [ -f '${REALM_CERT}' ]; then
+ MODIFIED_IN_30d="\$(find '${REALM_CERT}' -mtime -30d)"
+ if [ -z "\${MODIFIED_IN_30d}" ]; then
+ # Cert is over a month old, it's fine to regenerate
+ FORCE_CRT_REGEN="YES"
+ fi
+else
+ # This cert doesn't exist
+ FORCE_CRT_REGEN="YES"
+fi
+
+
+# Only request certificate when needed
+# TODO: support linux too
+if [ -n "\${FORCE_CSR_REGEN}" -o -n "\${FORCE_CRT_REGEN}" ]; then
+ doas -u acme-tiny -- acme_tiny \
+ --account '${ACME_TINY_ACCOUNT_KEY}' \
+ --csr '${REALM_CERT_REQUEST}' \
+ --acme-dir '${ACME_CHALLENGE_DIR}' > '${REALM_CERT}.new'
+
+ if [ -s '${REALM_CERT}.new' ]; then
+ mv '${REALM_CERT}.new' '${REALM_CERT}'
+ else
+ echo "Failed to generate cert for realm '${REALM}'."
+ exit 1
+ fi
+fi
+
+cat "${REALM_CERT}" "${REALMS_DIR}/chain.pem" > ${REALM_DIR}/fullchain.pem
+
+if [ -n '${REALM_CERT_REQUEST_CNF_LINE}' -a -f '${REALM_CERT_REQUEST_CNF}.new' ]; then
+ # CSR and cert generation succeded with a new config, put new config in-place.
+ # This is the last thing we do, so we try again next time if sth fails.
+ mv '${REALM_CERT_REQUEST_CNF}.new' '${REALM_CERT_REQUEST_CNF}'
+fi
+EOF
diff --git a/cdist/conf/type/__letsencrypt_acmetiny/manifest b/cdist/conf/type/__letsencrypt_acmetiny/manifest
new file mode 100644
index 00000000..48438abb
--- /dev/null
+++ b/cdist/conf/type/__letsencrypt_acmetiny/manifest
@@ -0,0 +1 @@
+#__letsencrypt_acmetiny_base
diff --git a/cdist/conf/type/__letsencrypt_acmetiny/nonparallel b/cdist/conf/type/__letsencrypt_acmetiny/nonparallel
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__letsencrypt_acmetiny/parameter/optional_multiple b/cdist/conf/type/__letsencrypt_acmetiny/parameter/optional_multiple
new file mode 100644
index 00000000..7bfb11da
--- /dev/null
+++ b/cdist/conf/type/__letsencrypt_acmetiny/parameter/optional_multiple
@@ -0,0 +1 @@
+extra-domain
diff --git a/cdist/conf/type/__letsencrypt_acmetiny_base/gencode-remote b/cdist/conf/type/__letsencrypt_acmetiny_base/gencode-remote
new file mode 100644
index 00000000..1e4174a4
--- /dev/null
+++ b/cdist/conf/type/__letsencrypt_acmetiny_base/gencode-remote
@@ -0,0 +1,12 @@
+#!/bin/sh -e
+
+ACME_HOME="/var/acme-tiny"
+ACME_ACCOUNT_KEY="${ACME_HOME}/account.key"
+
+cat << EOF
+if [ ! -f '${ACME_ACCOUNT_KEY}' ]; then
+ openssl genrsa 4096 > '${ACME_ACCOUNT_KEY}'
+ chown acme-tiny:acme-tiny '${ACME_ACCOUNT_KEY}'
+ chmod 640 '${ACME_ACCOUNT_KEY}'
+fi
+EOF
diff --git a/cdist/conf/type/__letsencrypt_acmetiny_base/manifest b/cdist/conf/type/__letsencrypt_acmetiny_base/manifest
new file mode 100644
index 00000000..cbedcdff
--- /dev/null
+++ b/cdist/conf/type/__letsencrypt_acmetiny_base/manifest
@@ -0,0 +1,227 @@
+# Arguments
+ACME_DOMAIN="$(cat "${__object}/parameter/acme_domain" || true)"
+
+if [ -z "${ACME_DOMAIN}" ]; then
+ ACME_DOMAIN="${__target_host}"
+fi
+
+
+# Install needed stuffz
+
+## TODO: consider not depending on nginx? It is... practical though.
+## TODO: Maybe just move this out to a sepecial type?
+__package "nginx"
+
+NGINX_ETC="/usr/local/etc/nginx"
+
+# Setup the acme-challenge snippet
+require="__package/nginx" __directory "${NGINX_ETC}/snippets" --state present
+require="__directory${NGINX_ETC}/snippets" __file "${NGINX_ETC}/snippets/acme-challenge.conf" \
+ --mode 644 \
+ --source - << EOF
+# This file is managed remotely, all changes will be lost
+
+# This was heavily inspired by debops.org.
+
+# Automatic Certificate Management Environment (ACME) support.
+# https://tools.ietf.org/html/draft-ietf-acme-acme-01
+# https://en.wikipedia.org/wiki/Automated_Certificate_Management_Environment
+
+
+# Return the ACME challenge present in the server public root.
+# If not found, switch to global web server root.
+location ^~ /.well-known/acme-challenge/ {
+ default_type "text/plain";
+ try_files \$uri @well-known-acme-challenge;
+}
+
+# Return the ACME challenge present in the global server public root.
+# If not present, redirect request to a specified domain.
+location @well-known-acme-challenge {
+ root /srv/www/sites/acme/public;
+ default_type "text/plain";
+ try_files \$uri @redirect-acme-challenge;
+}
+
+# Redirect the ACME challenge to a different host. If a redirect loop is
+# detected, return 404.
+location @redirect-acme-challenge {
+ if (\$arg_redirect) {
+ return 404;
+ }
+ return 307 \$scheme://${ACME_DOMAIN}\$request_uri?redirect=yes;
+}
+
+# Return 404 if ACME challenge well known path is accessed directly.
+location = /.well-known/acme-challenge/ {
+ return 404;
+}
+EOF
+
+require="__package/nginx" __directory "${NGINX_ETC}/sites-enabled" --state present
+require="__directory${NGINX_ETC}/sites-enabled" __file "${NGINX_ETC}/nginx.conf" \
+ --mode 644 \
+ --source - << EOF
+# This file is managed remotely, all changes will be lost
+
+worker_processes 1;
+
+# This default error log path is compiled-in to make sure configuration parsing
+# errors are logged somewhere, especially during unattended boot when stderr
+# isn't normally logged anywhere. This path will be touched on every nginx
+# start regardless of error log location configured here. See
+# https://trac.nginx.org/nginx/ticket/147 for more info.
+#
+#error_log /var/log/nginx/error.log;
+#
+
+#pid logs/nginx.pid;
+
+
+events {
+ worker_connections 1024;
+}
+
+
+http {
+
+ include mime.types;
+ default_type application/octet-stream;
+
+ server_tokens off;
+
+ ssl_session_cache shared:SSL:10m;
+ ssl_session_timeout 5m;
+ sendfile on;
+ tcp_nopush on;
+ tcp_nodelay on;
+ types_hash_max_size 2048;
+ gzip on;
+ gzip_disable "msie6";
+ gzip_comp_level 5;
+ gzip_min_length 256;
+ gzip_proxied any;
+ gzip_vary on;
+ gzip_types
+ application/atom+xml
+ application/javascript
+ application/json
+ application/ld+json
+ application/manifest+json
+ application/rss+xml
+ application/vnd.geo+json
+ application/vnd.ms-fontobject
+ application/x-font-ttf
+ application/x-web-app-manifest+json
+ application/xhtml+xml
+ application/xml
+ font/opentype
+ image/bmp
+ image/svg+xml
+ image/x-icon
+ text/cache-manifest
+ text/css
+ text/plain
+ text/vcard
+ text/vnd.rim.location.xloc
+ text/vtt
+ text/x-component
+ text/x-cross-domain-policy;
+
+ # Logging
+ access_log /var/log/nginx/access.log;
+ error_log /var/log/nginx/error.log;
+
+ #add_header X-Clacks-Overhead "GNU Terry Pratchett";
+
+ # Virtual Hosts Configs
+ include ${NGINX_ETC}/sites-enabled/*.conf;
+}
+EOF
+
+require="__directory${NGINX_ETC}/sites-enabled" __file "${NGINX_ETC}/sites-enabled/welcome.conf" \
+ --mode 644 \
+ --source - << EOF
+# This file is managed remotely, all changes will be lost
+
+# nginx server configuration for:
+# - https://welcome/
+
+server {
+
+ listen [::]:80;
+
+ server_name welcome;
+
+ root /srv/www/sites/welcome/public;
+
+ include snippets/acme-challenge.conf;
+
+ location / {
+ return 301 https://\$host\$request_uri;
+ }
+}
+EOF
+
+## TODO: this is kinda bad, don't restart every time.
+## Otherwise this isn't idempotent.
+require="__package/nginx" __service nginx --action onerestart
+require="__package/nginx" __start_on_boot nginx
+
+
+__package "acme-tiny"
+
+# Create acme-tiny user and secure home dir
+ACME_TINY_HOME="/var/acme-tiny"
+require="__package/acme-tiny" __user acme-tiny --system --home ${ACME_TINY_HOME} --comment "acme-tiny client"
+require="__user/acme-tiny" __directory "${ACME_TINY_HOME}" --state present --mode 0750 --owner acme-tiny --group acme-tiny
+
+# Create ACME challenge dirs to be served by nginx
+ACME_PUBLIC_DIR="/srv/www/sites/acme/public"
+ACME_WELLKNOWN_DIR="${ACME_PUBLIC_DIR}/.well-known"
+ACME_CHALLENGE_DIR="${ACME_WELLKNOWN_DIR}/acme-challenge"
+__directory "${ACME_PUBLIC_DIR}" \
+ --parents \
+ --state present \
+ --owner acme-tiny --group www \
+ --mode 2750 # TODO: check whether this does require gid?
+require="__directory${ACME_PUBLIC_DIR}" __directory "${ACME_WELLKNOWN_DIR}" \
+ --state present \
+ --owner acme-tiny --group www \
+ --mode 0750
+require="__directory${ACME_WELLKNOWN_DIR}" __directory "${ACME_CHALLENGE_DIR}" \
+ --state present \
+ --owner acme-tiny --group www \
+ --mode 0750
+
+__package doas
+DOAS_CONF="/usr/local/etc/doas.conf"
+require="__package/doas" __file "${DOAS_CONF}" --mode 0640
+require="__file${DOAS_CONF}" __line "${DOAS_CONF}" \
+ --regex 'root as acme-tiny' \
+ --line 'permit nopass root as acme-tiny'
+
+# Setup CA
+REALMS_DIR="/usr/local/etc/pki/realms"
+__directory "${REALMS_DIR}" \
+ --parents \
+ --state present \
+ --mode 0755
+
+require="__directory${REALMS_DIR}" __file ${REALMS_DIR}/intermediate.pem \
+ --mode 0644 \
+ --source - << EOF
+$(curl -s https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.pem.txt)
+EOF
+require="__directory${REALMS_DIR}" __file ${REALMS_DIR}/root.pem \
+ --mode 0644 \
+ --source - << EOF
+$(curl -s https://letsencrypt.org/certs/trustid-x3-root.pem.txt)
+EOF
+require="__directory${REALMS_DIR}" __file ${REALMS_DIR}/chain.pem \
+ --mode 0644 \
+ --source - << EOF
+$(curl -s https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.pem.txt)
+$(curl -s https://letsencrypt.org/certs/trustid-x3-root.pem.txt)
+EOF
+
diff --git a/cdist/conf/type/__letsencrypt_acmetiny_base/parameter/optional b/cdist/conf/type/__letsencrypt_acmetiny_base/parameter/optional
new file mode 100644
index 00000000..fb20814d
--- /dev/null
+++ b/cdist/conf/type/__letsencrypt_acmetiny_base/parameter/optional
@@ -0,0 +1 @@
+acme_domain
diff --git a/cdist/conf/type/__letsencrypt_acmetiny_base/singleton b/cdist/conf/type/__letsencrypt_acmetiny_base/singleton
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__letsencrypt_cert/explorer/certbot-path b/cdist/conf/type/__letsencrypt_cert/explorer/certbot-path
new file mode 100755
index 00000000..3c6076df
--- /dev/null
+++ b/cdist/conf/type/__letsencrypt_cert/explorer/certbot-path
@@ -0,0 +1,3 @@
+#!/bin/sh -e
+
+command -v certbot 2>/dev/null || true
diff --git a/cdist/conf/type/__letsencrypt_cert/explorer/certificate-domains b/cdist/conf/type/__letsencrypt_cert/explorer/certificate-domains
new file mode 100755
index 00000000..db605b63
--- /dev/null
+++ b/cdist/conf/type/__letsencrypt_cert/explorer/certificate-domains
@@ -0,0 +1,8 @@
+#!/bin/sh -e
+
+certbot_path=$("${__type_explorer}/certbot-path")
+if [ -n "${certbot_path}" ]
+then
+ certbot certificates --cert-name "${__object_id:?}" | grep ' Domains: ' | \
+ cut -d ' ' -f 6- | tr ' ' '\n'
+fi
diff --git a/cdist/conf/type/__letsencrypt_cert/explorer/certificate-exists b/cdist/conf/type/__letsencrypt_cert/explorer/certificate-exists
new file mode 100755
index 00000000..4e6f44db
--- /dev/null
+++ b/cdist/conf/type/__letsencrypt_cert/explorer/certificate-exists
@@ -0,0 +1,13 @@
+#!/bin/sh -e
+
+certbot_path=$("${__type_explorer}/certbot-path")
+if [ -n "${certbot_path}" ]
+then
+ if certbot certificates | grep -q " Certificate Name: ${__object_id:?}$"; then
+ echo yes
+ else
+ echo no
+ fi
+else
+ echo no
+fi
diff --git a/cdist/conf/type/__letsencrypt_cert/explorer/certificate-is-test b/cdist/conf/type/__letsencrypt_cert/explorer/certificate-is-test
new file mode 100755
index 00000000..9b445059
--- /dev/null
+++ b/cdist/conf/type/__letsencrypt_cert/explorer/certificate-is-test
@@ -0,0 +1,14 @@
+#!/bin/sh -e
+
+certbot_path=$("${__type_explorer}/certbot-path")
+if [ -n "${certbot_path}" ]
+then
+ if certbot certificates --cert-name "${__object_id:?}" | \
+ grep -q 'INVALID: TEST_CERT'; then
+ echo yes
+ else
+ echo no
+ fi
+else
+ echo no
+fi
diff --git a/cdist/conf/type/__letsencrypt_cert/gencode-remote b/cdist/conf/type/__letsencrypt_cert/gencode-remote
new file mode 100755
index 00000000..375570a4
--- /dev/null
+++ b/cdist/conf/type/__letsencrypt_cert/gencode-remote
@@ -0,0 +1,82 @@
+#!/bin/sh -e
+
+certificate_exists=$(cat "${__object:?}/explorer/certificate-exists")
+name="${__object_id:?}"
+state=$(cat "${__object}/parameter/state")
+
+case "${state}" in
+ absent)
+ if [ "${certificate_exists}" = "no" ]; then
+ exit 0
+ fi
+
+ echo "certbot delete --cert-name '${name}' --quiet"
+
+ echo remove >> "${__messages_out:?}"
+ ;;
+ present)
+ domain_param_file="${__object}/parameter/domain"
+ requested_domains=$(mktemp "${TMPDIR:-/tmp}/domain.cdist.XXXXXXXXXX")
+ if [ -f "${domain_param_file}" ]; then
+ cp "${domain_param_file}" "${requested_domains}"
+ else
+ echo "$__object_id" >> "${requested_domains}"
+ fi
+
+ staging=no
+ if [ -f "${__object}/parameter/staging" ]; then
+ staging=yes
+ fi
+
+ if [ "${certificate_exists}" = "yes" ]; then
+ existing_domains="${__object}/explorer/certificate-domains"
+ certificate_is_test=$(cat "${__object}/explorer/certificate-is-test")
+
+ sort -uo "${requested_domains}" "${requested_domains}"
+ sort -uo "${existing_domains}" "${existing_domains}"
+
+ if [ -z "$(comm -23 "${requested_domains}" "${existing_domains}")" ] && \
+ [ "${certificate_is_test}" = "${staging}" ]; then
+ exit 0
+ fi
+ fi
+
+ admin_email="$(cat "$__object/parameter/admin-email")"
+ webroot="$(cat "$__object/parameter/webroot")"
+
+ cat <<-EOF
+ certbot certonly \
+ --agree-tos \
+ --cert-name '${name}' \
+ --email '${admin_email}' \
+ --expand \
+ --non-interactive \
+ --quiet \
+ $(if [ "${staging}" = "yes" ]; then
+ echo "--staging"
+ elif [ "${certificate_is_test}" != "${staging}" ]; then
+ echo "--force-renewal"
+ fi) \
+ $(if [ -z "${webroot}" ]; then
+ echo "--standalone"
+ else
+ echo "--webroot --webroot-path '${webroot}'"
+ fi) \
+ $(while read -r domain; do
+ echo "--domain '${domain}' \\"
+ done < "${requested_domains}")
+ EOF
+ rm -f "${requested_domains}"
+
+ if [ "${certificate_exists}" = "no" ]; then
+ echo create >> "${__messages_out}"
+ else
+ echo change >> "${__messages_out}"
+ fi
+ ;;
+ *)
+ echo "Unsupported state: ${state}" >&2
+
+ exit 1
+ ;;
+esac
diff --git a/cdist/conf/type/__letsencrypt_cert/man.rst b/cdist/conf/type/__letsencrypt_cert/man.rst
new file mode 100644
index 00000000..85eb88ea
--- /dev/null
+++ b/cdist/conf/type/__letsencrypt_cert/man.rst
@@ -0,0 +1,109 @@
+cdist-type__letsencrypt_cert(7)
+===============================
+
+NAME
+----
+
+cdist-type__letsencrypt_cert - Get an SSL certificate from Let's Encrypt
+
+DESCRIPTION
+-----------
+
+Automatically obtain a Let's Encrypt SSL certificate using Certbot.
+
+REQUIRED PARAMETERS
+-------------------
+
+object id
+ A cert name. If domain parameter is not specified then it is used
+ as a domain to be included in the certificate.
+
+admin-email
+ Where to send Let's Encrypt emails like "certificate needs renewal".
+
+OPTIONAL PARAMETERS
+-------------------
+
+state
+ 'present' or 'absent', defaults to 'present' where:
+
+ present
+ if the certificate does not exist, it will be obtained
+ absent
+ the certificate will be removed
+
+webroot
+ The path to your webroot, as set up in your webserver config. If this
+ parameter is not present, Certbot will be run in standalone mode.
+
+OPTIONAL MULTIPLE PARAMETERS
+----------------------------
+
+renew-hook
+ Renew hook command directly passed to Certbot in cron job.
+
+domain
+ Domains to be included in the certificate. When specified then object id
+ is not used as a domain.
+
+BOOLEAN PARAMETERS
+------------------
+
+automatic-renewal
+ Install a cron job, which attempts to renew certificates daily.
+
+staging
+ Obtain a test certificate from a staging server.
+
+MESSAGES
+--------
+
+change
+ Certificate was changed.
+
+create
+ Certificate was created.
+
+remove
+ Certificate was removed.
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # use object id as domain
+ __letsencrypt_cert example.com \
+ --admin-email root@example.com \
+ --automatic-renewal \
+ --renew-hook "service nginx reload" \
+ --webroot /data/letsencrypt/root
+
+.. code-block:: sh
+
+ # domain parameter is specified so object id is not used as domain
+ # and example.com needs to be included again with domain parameter
+ __letsencrypt_cert example.com \
+ --admin-email root@example.com \
+ --automatic-renewal \
+ --domain example.com \
+ --domain foo.example.com \
+ --domain bar.example.com \
+ --renew-hook "service nginx reload" \
+ --webroot /data/letsencrypt/root
+
+AUTHORS
+-------
+
+| Nico Schottelius
+| Kamila Součková
+| Darko Poljak
+| Ľubomír Kučera
+
+COPYING
+-------
+
+Copyright \(C) 2017-2018 Nico Schottelius, Kamila Součková, Darko Poljak and
+Ľubomír Kučera. You can redistribute it and/or modify it under the terms of
+the GNU General Public License as published by the Free Software Foundation,
+either version 3 of the License, or (at your option) any later version.
diff --git a/cdist/conf/type/__letsencrypt_cert/manifest b/cdist/conf/type/__letsencrypt_cert/manifest
new file mode 100755
index 00000000..68ecf9d4
--- /dev/null
+++ b/cdist/conf/type/__letsencrypt_cert/manifest
@@ -0,0 +1,115 @@
+#!/bin/sh
+
+certbot_fullpath="$(cat "${__object:?}/explorer/certbot-path")"
+
+if [ -z "${certbot_fullpath}" ]; then
+ os="$(cat "${__global:?}/explorer/os")"
+ os_version="$(cat "${__global}/explorer/os_version")"
+
+ case "$os" in
+ archlinux)
+ __package certbot
+ ;;
+ alpine)
+ __package certbot
+ ;;
+ debian)
+ case "$os_version" in
+ 8*)
+ __apt_source jessie-backports \
+ --uri http://http.debian.net/debian \
+ --distribution jessie-backports \
+ --component main
+
+ require="__apt_source/jessie-backports" __package_apt python-certbot \
+ --target-release jessie-backports
+ require="__apt_source/jessie-backports" __package_apt certbot \
+ --target-release jessie-backports
+ # Seems to be a missing dependency on debian 8
+ __package python-ndg-httpsclient
+ ;;
+ 9*)
+ __apt_source stretch-backports \
+ --uri http://http.debian.net/debian \
+ --distribution stretch-backports \
+ --component main
+
+ require="__apt_source/stretch-backports" __package_apt python-certbot \
+ --target-release stretch-backports
+ require="__apt_source/stretch-backports" __package_apt certbot \
+ --target-release stretch-backports
+ ;;
+ 10*)
+ __package_apt certbot
+ ;;
+
+ *)
+ echo "Unsupported OS version: $os_version" >&2
+ exit 1
+ ;;
+ esac
+
+ certbot_fullpath=/usr/bin/certbot
+ ;;
+ devuan)
+ case "$os_version" in
+ jessie)
+ __apt_source jessie-backports \
+ --uri http://auto.mirror.devuan.org/merged \
+ --distribution jessie-backports \
+ --component main
+
+ require="__apt_source/jessie-backports" __package_apt python-certbot \
+ --target-release jessie-backports
+ require="__apt_source/jessie-backports" __package_apt certbot \
+ --target-release jessie-backports
+ # Seems to be a missing dependency on debian 8
+ __package python-ndg-httpsclient
+ ;;
+ ascii*)
+ __apt_source ascii-backports \
+ --uri http://auto.mirror.devuan.org/merged \
+ --distribution ascii-backports \
+ --component main
+
+ require="__apt_source/ascii-backports" __package_apt certbot \
+ --target-release ascii-backports
+ ;;
+ beowulf*)
+ __package_apt certbot
+ ;;
+ *)
+ echo "Unsupported OS version: $os_version" >&2
+ exit 1
+ ;;
+ esac
+
+ certbot_fullpath=/usr/bin/certbot
+ ;;
+ freebsd)
+ __package py27-certbot
+
+ certbot_fullpath=/usr/local/bin/certbot
+ ;;
+ *)
+ echo "Unsupported os: $os" >&2
+ exit 1
+ ;;
+ esac
+fi
+
+if [ -f "${__object}/parameter/automatic-renewal" ]; then
+ renew_hook_param="${__object}/parameter/renew-hook"
+ renew_hook=""
+ if [ -f "${renew_hook_param}" ]; then
+ while read -r hook; do
+ renew_hook="${renew_hook} --renew-hook \"${hook}\""
+ done < "${renew_hook_param}"
+ fi
+
+ __cron letsencrypt-certbot \
+ --user root \
+ --command "${certbot_fullpath} renew -q ${renew_hook}" \
+ --hour 0 \
+ --minute 47
+fi
diff --git a/cdist/conf/type/__letsencrypt_cert/nonparallel b/cdist/conf/type/__letsencrypt_cert/nonparallel
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__letsencrypt_cert/parameter/boolean b/cdist/conf/type/__letsencrypt_cert/parameter/boolean
new file mode 100644
index 00000000..d5b8be99
--- /dev/null
+++ b/cdist/conf/type/__letsencrypt_cert/parameter/boolean
@@ -0,0 +1,2 @@
+automatic-renewal
+staging
diff --git a/cdist/conf/type/__letsencrypt_cert/parameter/default/state b/cdist/conf/type/__letsencrypt_cert/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__letsencrypt_cert/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__letsencrypt_cert/parameter/default/webroot b/cdist/conf/type/__letsencrypt_cert/parameter/default/webroot
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__letsencrypt_cert/parameter/optional b/cdist/conf/type/__letsencrypt_cert/parameter/optional
new file mode 100644
index 00000000..0a63b11e
--- /dev/null
+++ b/cdist/conf/type/__letsencrypt_cert/parameter/optional
@@ -0,0 +1,2 @@
+state
+webroot
diff --git a/cdist/conf/type/__letsencrypt_cert/parameter/optional_multiple b/cdist/conf/type/__letsencrypt_cert/parameter/optional_multiple
new file mode 100644
index 00000000..0e866d45
--- /dev/null
+++ b/cdist/conf/type/__letsencrypt_cert/parameter/optional_multiple
@@ -0,0 +1,2 @@
+domain
+renew-hook
diff --git a/cdist/conf/type/__letsencrypt_cert/parameter/required b/cdist/conf/type/__letsencrypt_cert/parameter/required
new file mode 100644
index 00000000..bfe77226
--- /dev/null
+++ b/cdist/conf/type/__letsencrypt_cert/parameter/required
@@ -0,0 +1 @@
+admin-email
diff --git a/cdist/conf/type/__line/explorer/state b/cdist/conf/type/__line/explorer/state
index d240bf4d..e8fc3630 100755
--- a/cdist/conf/type/__line/explorer/state
+++ b/cdist/conf/type/__line/explorer/state
@@ -1,6 +1,7 @@
-#!/bin/sh
+#!/bin/sh -e
#
-# 2012 Nico Schottelius (nico-cdist at schottelius.org)
+# 2018 Steven Armstrong (steven-cdist at armstrong.cc)
+# 2020 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
#
# This file is part of cdist.
#
@@ -17,24 +18,80 @@
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see .
#
-#
-file="/$__object_id"
-[ -f "$__object/parameter/file" ] && file=$(cat "$__object/parameter/file")
+if [ -f "$__object/parameter/file" ]; then
+ file=$(cat "$__object/parameter/file")
+else
+ file="/$__object_id"
+fi
+
+[ -f "$file" ] || exit 0
+
+if [ -f "$__object/parameter/before" ]; then
+ position="before"
+elif [ -f "$__object/parameter/after" ]; then
+ position="after"
+else
+ # By default we append to the end of the file.
+ position="end"
+fi
if [ -f "$__object/parameter/regex" ]; then
- regex=$(cat "$__object/parameter/regex")
+ needle="regex"
else
- if [ ! -f "$__object/parameter/line" ]; then
- echo "Parameter line and regex missing - cannot explore" >&2
- exit 1
- fi
- regex="^$(cat "$__object/parameter/line")\$"
+ needle="line"
fi
-# Allow missing file - thus 2>/dev/null
-if grep -q "$regex" "$file" 2>/dev/null; then
- echo present
-else
- echo absent
-fi
+awk -v position="$position" -v needle="$needle" '
+function _find(_text, _pattern) {
+ if (needle == "regex") {
+ return match(_text, _pattern)
+ } else {
+ return index(_text, _pattern) == 1
+ }
+}
+BEGIN {
+ getline anchor < (ENVIRON["__object"] "/parameter/" position)
+ getline pattern < (ENVIRON["__object"] "/parameter/" needle)
+
+ found_line = 0
+ correct_pos = (position != "after" && position != "before")
+}
+{
+ if (position == "after") {
+ if (match($0, anchor)) {
+ getline
+ if (_find($0, pattern)) {
+ found_line++
+ correct_pos = 1
+ exit 0
+ }
+ } else if (_find($0, pattern)) {
+ found_line++
+ }
+ } else if (position == "before") {
+ if (_find($0, pattern)) {
+ found_line++
+ getline
+ if (match($0, anchor)) {
+ correct_pos = 1
+ exit 0
+ }
+ }
+ } else {
+ if (_find($0, pattern)) {
+ found_line++
+ exit 0
+ }
+ }
+}
+END {
+ if (found_line && correct_pos) {
+ print "present"
+ } else if (found_line) {
+ print "wrongposition"
+ } else {
+ print "absent"
+ }
+}
+' "$file"
diff --git a/cdist/conf/type/__line/gencode-remote b/cdist/conf/type/__line/gencode-remote
index 8ac273e2..88cae68b 100755
--- a/cdist/conf/type/__line/gencode-remote
+++ b/cdist/conf/type/__line/gencode-remote
@@ -1,6 +1,7 @@
-#!/bin/sh
+#!/bin/sh -e
#
-# 2012 Nico Schottelius (nico-cdist at schottelius.org)
+# 2018 Steven Armstrong (steven-cdist at armstrong.cc)
+# 2020 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
#
# This file is part of cdist.
#
@@ -17,46 +18,119 @@
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see .
#
-#
-file="/$__object_id"
-regex=""
-state_should="present"
-[ -f "$__object/parameter/file" ] && file=$(cat "$__object/parameter/file")
-[ -f "$__object/parameter/regex" ] && regex=$(cat "$__object/parameter/regex")
-[ -f "$__object/parameter/state" ] && state_should=$(cat "$__object/parameter/state")
-[ -f "$__object/parameter/line" ] && line=$(cat "$__object/parameter/line")
+if [ -f "$__object/parameter/before" ] && [ -f "$__object/parameter/after" ]; then
+ echo "Use either --before OR --after but not both." >&2
+ exit 1
+fi
+if [ -f "$__object/parameter/file" ]; then
+ file="$(cat "$__object/parameter/file")"
+else
+ file="/$__object_id"
+fi
+
+state_should="$(cat "$__object/parameter/state")"
state_is="$(cat "$__object/explorer/state")"
-[ "$state_should" = "$state_is" ] && exit 0
+if [ -z "$state_is" ]; then
+ printf 'The file "%s" is missing. Please create it before using %s on it.\n' "$file" "${__type##*/}" >&2
+ exit 1
+fi
+if [ "$state_should" = "$state_is" ]; then
+ # nothing to do
+ exit 0
+fi
+
+if [ -f "$__object/parameter/before" ]; then
+ position="before"
+elif [ -f "$__object/parameter/after" ]; then
+ position="after"
+else
+ # By default we append to the end of the file.
+ position="end"
+fi
+
+if [ -f "$__object/parameter/regex" ]; then
+ needle="regex"
+else
+ needle="line"
+fi
+
+add=0
+remove=0
case "$state_should" in
- present)
- if [ ! "$line" ]; then
- echo "Required parameter \"line\" is missing" >&2
- exit 1
- fi
-
- echo "echo \"$line\" >> $file"
-
- ;;
- absent)
- if [ "$regex" -a "$line" ]; then
- echo "Mutally exclusive parameters regex and line given for state absent" >&2
- exit 1
- fi
-
- [ "$line" ] && regex="^$line\$"
-
- cat << eof
-tmp=\$(mktemp)
-sed '/$regex/d' "$file" > \$tmp && cat "\$tmp" > "$file" && rm -f "\$tmp"
-eof
- #echo "echo q | ex -c \"/${line}/d|w|q\" \"${file}\""
- ;;
- *)
- echo "Unknown state: $state_should" >&2
- exit 1
- ;;
+ present)
+ if [ "$state_is" = "wrongposition" ]; then
+ echo updated >> "$__messages_out"
+ remove=1
+ else
+ echo added >> "$__messages_out"
+ fi
+ add=1
+ ;;
+ absent)
+ echo removed >> "$__messages_out"
+ remove=1
+ ;;
esac
+
+cat << DONE
+tmpfile=\$(mktemp ${file}.cdist.XXXXXXXXXX)
+# preserve ownership and permissions of existing file
+if [ -f "$file" ]; then
+ cp -p "$file" "\$tmpfile"
+fi
+
+awk -v position="$position" -v needle="$needle" -v remove=$remove -v add=$add '
+function _find(_text, _pattern) {
+ if (needle == "regex") {
+ return match(_text, _pattern)
+ } else {
+ return index(_text, _pattern)
+ }
+}
+BEGIN {
+ line_file = ENVIRON["__object"] "/parameter/line"
+ getline line < line_file
+ # Need to close line file as it may be re-read as pattern below.
+ close(line_file)
+ getline pattern < (ENVIRON["__object"] "/parameter/" needle)
+ getline anchor < (ENVIRON["__object"] "/parameter/" position)
+}
+{
+ if (remove) {
+ if (_find(\$0, pattern)) {
+ # skip over this line -> remove it
+ next
+ }
+ }
+ if (add) {
+ if (anchor && match(\$0, anchor)) {
+ if (position == "before") {
+ print line
+ add = 0
+ print
+ } else if (position == "after") {
+ print
+ print line
+ add = 0
+ }
+ next
+ }
+ }
+ print
+}
+END {
+ if (add) {
+ print line
+ }
+}
+' "$file" > "\$tmpfile"
+mv -f "\$tmpfile" "$file"
+DONE
+
+if [ -f "$__object/parameter/onchange" ]; then
+ cat "$__object/parameter/onchange"
+fi
diff --git a/cdist/conf/type/__line/man.rst b/cdist/conf/type/__line/man.rst
new file mode 100644
index 00000000..f76cab64
--- /dev/null
+++ b/cdist/conf/type/__line/man.rst
@@ -0,0 +1,116 @@
+cdist-type__line(7)
+===================
+
+NAME
+----
+cdist-type__line - Manage lines in files
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to add lines and remove lines from files.
+
+
+REQUIRED PARAMETERS
+-------------------
+None.
+
+
+OPTIONAL PARAMETERS
+-------------------
+after
+ Insert the given line after this pattern.
+
+before
+ Insert the given line before this pattern.
+
+file
+ If supplied, use this as the destination file.
+ Otherwise the object_id is used.
+
+line
+ Specifies the line which should be absent or present.
+
+ Must be present, if state is 'present'.
+ Ignored if regex is given and state is 'absent'.
+
+regex
+ If state is 'present', search for this pattern and if it matches add
+ the given line.
+
+ If state is 'absent', ensure all lines matching the regular expression
+ are absent.
+
+ The regular expression is interpreted by awk's match function.
+
+state
+ 'present' or 'absent', defaults to 'present'
+
+onchange
+ The code to run if line is added, removed or updated.
+
+
+BOOLEAN PARAMETERS
+------------------
+None.
+
+
+MESSAGES
+--------
+added
+ The line was added.
+
+updated
+ The line or its position was changed.
+
+removed
+ The line was removed.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Manage a hosts entry for www.example.com.
+ __line /etc/hosts \
+ --line '127.0.0.2 www.example.com'
+
+ # Manage another hosts entry for test.example.com.
+ __line hosts:test.example.com \
+ --file /etc/hosts \
+ --line '127.0.0.3 test.example.com'
+
+ # Remove the line starting with TIMEZONE from the /etc/rc.conf file.
+ __line legacy_timezone \
+ --file /etc/rc.conf \
+ --regex 'TIMEZONE=.*' \
+ --state absent
+
+ # Insert a line before another one.
+ __line password-auth-local:classify \
+ --file /etc/pam.d/password-auth-local \
+ --line '-session required pam_exec.so debug log=/tmp/classify.log /usr/local/libexec/classify' \
+ --before '^session[[:space:]]+include[[:space:]]+password-auth-ac$'
+
+ # Insert a line after another one.
+ __line password-auth-local:classify \
+ --file /etc/pam.d/password-auth-local \
+ --line '-session required pam_exec.so debug log=/tmp/classify.log /usr/local/libexec/classify' \
+ --after '^session[[:space:]]+include[[:space:]]+password-auth-ac$'
+
+
+SEE ALSO
+--------
+:strong:`cdist-type`\ (7)
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2018 Steven Armstrong. Free use of this software is
+granted under the terms of the GNU General Public License version 3 (GPLv3).
diff --git a/cdist/conf/type/__line/man.text b/cdist/conf/type/__line/man.text
deleted file mode 100644
index e1a5941c..00000000
--- a/cdist/conf/type/__line/man.text
+++ /dev/null
@@ -1,72 +0,0 @@
-cdist-type__line(7)
-===================
-Nico Schottelius
-
-
-NAME
-----
-cdist-type__line - Manage lines in files
-
-
-DESCRIPTION
------------
-This cdist type allows you to add lines and remove lines from files.
-
-
-REQUIRED PARAMETERS
--------------------
-
-OPTIONAL PARAMETERS
--------------------
-state::
- 'present' or 'absent', defaults to 'present'
-
-line::
- Specifies the line which should be absent or present
-
- Must be present, if state is present.
- Must not be combined with regex, if state is absent.
-
-regex::
- If state is present, search for this pattern and add
- given line, if the given regular expression does not match.
-
- In case of absent, ensure all lines matching the
- regular expression are absent (cannot be combined with
- the line parameter, if state is absent).
-
- If the regular expression contains / (slashes), they need
- to be escaped with \ (backslash): / becomes \/.
-
-file::
- If supplied, use this as the destination file.
- Otherwise the object_id is used.
-
-
-EXAMPLES
---------
-
---------------------------------------------------------------------------------
-# Manage the DAEMONS line in rc.conf
-__line daemons --file /etc/rc.conf --line 'DAEMONS=(hwclock !network sshd crond postfix)'
-
-# Ensure the home mount is present in /etc/fstab - explicitly make it present
-__line home-fstab \
- --file /etc/fstab \
- --line 'filer.fs:/vol/home /home nfs defaults 0 0' \
- --state present
-
-# Removes the line specifiend in "include_www" from the file "lighttpd.conf"
-__line legacy_timezone --file /etc/rc.conf --regex 'TIMEZONE=.*' --state absent
---------------------------------------------------------------------------------
-
-
-SEE ALSO
---------
-- cdist-type(7)
-
-
-COPYING
--------
-Copyright \(C) 2012 Nico Schottelius. Free use of this software is
-granted under the terms of the GNU General Public License version 3 (GPLv3).
diff --git a/cdist/conf/type/__line/parameter/default/state b/cdist/conf/type/__line/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__line/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__line/parameter/optional b/cdist/conf/type/__line/parameter/optional
index 604a203e..1c34c699 100644
--- a/cdist/conf/type/__line/parameter/optional
+++ b/cdist/conf/type/__line/parameter/optional
@@ -1,4 +1,7 @@
-state
-regex
+after
+before
file
line
+regex
+state
+onchange
diff --git a/cdist/conf/type/__link/explorer/state b/cdist/conf/type/__link/explorer/state
index a9220a3c..7150df25 100755
--- a/cdist/conf/type/__link/explorer/state
+++ b/cdist/conf/type/__link/explorer/state
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# 2012 Steven Armstrong (steven-cdist at armstrong.cc)
+# 2012-2014 Steven Armstrong (steven-cdist at armstrong.cc)
#
# This file is part of cdist.
#
@@ -32,22 +32,33 @@ destination_dir="${destination%/*}"
case "$type" in
symbolic)
- cd "$destination_dir"
- source_is=$(ls -l "$destination" | sed 's/.*-> //g')
- if [ -h "$destination" -a "$source_is" = "$source" ]; then
- echo present
+ cd "$destination_dir" || exit 1
+ if [ -h "$destination" ]; then
+ source_is=$(readlink "$destination")
+ # ignore trailing slashes for comparison
+ if [ "${source_is%/}" = "${source%/}" ]; then
+ echo present
+ else
+ echo wrongsource
+ fi
else
echo absent
fi
;;
hard)
- cd "$destination_dir"
+ cd "$destination_dir" || exit 1
# check source relative to destination_dir
if [ ! -e "$source" ]; then
echo sourcemissing
exit 0
fi
+ # Currently not worth the effor to change it, stat is not defined by POSIX
+ # and different OSes has different implementations for it.
+ # shellcheck disable=SC2012
destination_inode=$(ls -i "$destination" | awk '{print $1}')
+ # Currently not worth the effor to change it, stat is not defined by POSIX
+ # and different OSes has different implementations for it.
+ # shellcheck disable=SC2012
source_inode=$(ls -i "$source" | awk '{print $1}')
if [ "$destination_inode" -eq "$source_inode" ]; then
echo present
diff --git a/cdist/conf/type/__link/explorer/type b/cdist/conf/type/__link/explorer/type
new file mode 100755
index 00000000..b322bf42
--- /dev/null
+++ b/cdist/conf/type/__link/explorer/type
@@ -0,0 +1,49 @@
+#!/bin/sh
+#
+# 2013 Steven Armstrong (steven-cdist armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# Mostly a wrapper for ln
+#
+
+destination="/$__object_id"
+
+if [ ! -e "$destination" ]; then
+ echo none
+elif [ -h "$destination" ]; then
+ echo symlink
+elif [ -f "$destination" ]; then
+ type="$(cat "$__object/parameter/type")"
+ case "$type" in
+ hard)
+ # Currently not worth the effor to change it, stat is not defined by POSIX
+ # and different OSes has different implementations for it.
+ # shellcheck disable=SC2012
+ link_count=$(ls -l "$destination" | awk '{ print $2 }')
+ if [ "$link_count" -gt 1 ]; then
+ echo hardlink
+ exit 0
+ fi
+ ;;
+ esac
+ echo file
+elif [ -d "$destination" ]; then
+ echo directory
+else
+ echo unknown
+fi
diff --git a/cdist/conf/type/__link/gencode-remote b/cdist/conf/type/__link/gencode-remote
index 2975ef69..45c22fcc 100755
--- a/cdist/conf/type/__link/gencode-remote
+++ b/cdist/conf/type/__link/gencode-remote
@@ -1,6 +1,7 @@
-#!/bin/sh
+#!/bin/sh -e
#
# 2011-2012 Nico Schottelius (nico-cdist at schottelius.org)
+# 2013-2014 Steven Armstrong (steven-cdist at armstrong.cc)
#
# This file is part of cdist.
#
@@ -17,9 +18,6 @@
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see .
#
-#
-# Mostly a wrapper for ln
-#
destination="/$__object_id"
@@ -40,17 +38,36 @@ case "$type" in
esac
state_is="$(cat "$__object/explorer/state")"
-state_should=present
-[ -f "$__object/parameter/state" ] && state_should="$(cat "$__object/parameter/state")"
+state_should="$(cat "$__object/parameter/state")"
[ "$state_should" = "$state_is" ] && exit 0
+file_type="$(cat "$__object/explorer/type")"
case "$state_should" in
present)
- echo ln ${lnopt} -f \"$source\" \"$destination\"
+ if [ "$file_type" = "directory" ]; then
+ # our destination is currently a directory, delete it
+ printf 'rm -rf "%s" &&\n' "$destination"
+ echo "removed '$destination' (directory)" >> "$__messages_out"
+ else
+ if [ "$state_is" = "wrongsource" ]; then
+ # our destination is a symlink but points to the wrong source,
+ # delete it
+ printf 'rm -f "%s" &&\n' "$destination"
+ echo "removed '$destination' (wrongsource)" >> "$__messages_out"
+ fi
+ fi
+
+ # create our link
+ printf 'ln %s -f "%s" "%s"\n' "$lnopt" "$source" "$destination"
+ echo "created '$destination'" >> "$__messages_out"
;;
absent)
- echo rm -f \"$destination\"
+ # only delete if it is a sym/hard link
+ if [ "$file_type" = "symlink" ] || [ "$file_type" = "hardlink" ]; then
+ printf 'rm -f "%s"\n' "$destination"
+ echo "removed '$destination'" >> "$__messages_out"
+ fi
;;
*)
echo "Unknown state: $state_should" >&2
diff --git a/cdist/conf/type/__link/man.rst b/cdist/conf/type/__link/man.rst
new file mode 100644
index 00000000..fe0ce425
--- /dev/null
+++ b/cdist/conf/type/__link/man.rst
@@ -0,0 +1,76 @@
+cdist-type__link(7)
+===================
+
+NAME
+----
+cdist-type__link - Manage links (hard and symbolic)
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to manage hard and symbolic links.
+The given object id is the destination for the link.
+
+
+REQUIRED PARAMETERS
+-------------------
+source
+ Specifies the link source.
+
+type
+ Specifies the link type: Either hard or symoblic.
+
+
+OPTIONAL PARAMETERS
+-------------------
+state
+ 'present' or 'absent', defaults to 'present'
+
+
+MESSAGES
+--------
+
+created
+ Link to destination was created.
+
+removed
+ Link to destination was removed.
+
+removed (directory)
+ Destination was removed because state is ``present`` and destination was directory.
+
+removed (wrongsource)
+ Destination was removed because state is ``present`` and destination link source was wrong.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Create hard link of /etc/shadow
+ __link /root/shadow --source /etc/shadow --type hard
+
+ # Relative symbolic link
+ __link /etc/apache2/sites-enabled/www.test.ch \
+ --source ../sites-available/www.test.ch \
+ --type symbolic
+
+ # Absolute symbolic link
+ __link /opt/plone --source /home/services/plone --type symbolic
+
+ # Remove link
+ __link /opt/plone --state absent
+
+
+AUTHORS
+-------
+Nico Schottelius
+
+
+COPYING
+-------
+Copyright \(C) 2011-2012 Nico Schottelius. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__link/man.text b/cdist/conf/type/__link/man.text
deleted file mode 100644
index 663087db..00000000
--- a/cdist/conf/type/__link/man.text
+++ /dev/null
@@ -1,60 +0,0 @@
-cdist-type__link(7)
-===================
-Nico Schottelius
-
-
-NAME
-----
-cdist-type__link - Manage links (hard and symbolic)
-
-
-DESCRIPTION
------------
-This cdist type allows you to manage hard and symbolic links.
-The given object id is the destination for the link.
-
-
-REQUIRED PARAMETERS
--------------------
-source::
- Specifies the link source.
-
-type::
- Specifies the link type: Either hard or symoblic.
-
-
-OPTIONAL PARAMETERS
--------------------
-state::
- 'present' or 'absent', defaults to 'present'
-
-
-EXAMPLES
---------
-
---------------------------------------------------------------------------------
-# Create hard link of /etc/shadow
-__link /root/shadow --source /etc/shadow --type hard
-
-# Relative symbolic link
-__link /etc/apache2/sites-enabled/www.test.ch \
- --source ../sites-available/www.test.ch \
- --type symbolic
-
-# Absolute symbolic link
-__link /opt/plone --source /home/services/plone --type symbolic
-
-# Remove link
-__link /opt/plone --state absent
---------------------------------------------------------------------------------
-
-
-SEE ALSO
---------
-- cdist-type(7)
-
-
-COPYING
--------
-Copyright \(C) 2011-2012 Nico Schottelius. Free use of this software is
-granted under the terms of the GNU General Public License version 3 (GPLv3).
diff --git a/cdist/conf/type/__link/parameter/default/state b/cdist/conf/type/__link/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__link/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__locale/files/locale.gen b/cdist/conf/type/__locale/files/locale.gen
new file mode 100644
index 00000000..cf8e8651
--- /dev/null
+++ b/cdist/conf/type/__locale/files/locale.gen
@@ -0,0 +1,3 @@
+de_CH.UTF-8 UTF-8
+de_DE.UTF-8 UTF-8
+en_US.UTF-8 UTF-8
diff --git a/cdist/conf/type/__locale/gencode-remote b/cdist/conf/type/__locale/gencode-remote
new file mode 100755
index 00000000..1feb9884
--- /dev/null
+++ b/cdist/conf/type/__locale/gencode-remote
@@ -0,0 +1,60 @@
+#!/bin/sh -e
+#
+# 2013-2019 Nico Schottelius (nico-cdist at schottelius.org)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# Let localedef do the magic
+#
+
+locale="$__object_id"
+
+# Hardcoded, create a pull request with
+# branching on $os in case it is at another location
+alias=/usr/share/locale/locale.alias
+
+input=$(echo "$locale" | cut -d . -f 1)
+charmap=$(echo "$locale" | cut -d . -f 2)
+
+# Adding locale? The name is de_CH.UTF-8
+# Removing locale? The name is de_CH.utf8.
+# W-T-F!
+locale_remove=$(echo "$locale" | sed 's/UTF-8/utf8/')
+
+state=$(cat "$__object/parameter/state")
+
+os=$(cat "$__global/explorer/os")
+
+# Nothing to be done on alpine
+case "$os" in
+ alpine)
+ exit 0
+ ;;
+esac
+
+case "$state" in
+ present)
+ echo localedef -A "$alias" -f "$charmap" -i "$input" "$locale"
+ ;;
+ absent)
+ echo localedef --delete-from-archive "$locale_remove"
+ ;;
+ *)
+ echo "Unsupported state: $state" >&2
+ exit 1
+ ;;
+esac
diff --git a/cdist/conf/type/__locale/man.rst b/cdist/conf/type/__locale/man.rst
new file mode 100644
index 00000000..e36ab061
--- /dev/null
+++ b/cdist/conf/type/__locale/man.rst
@@ -0,0 +1,50 @@
+cdist-type__locale(7)
+=====================
+
+NAME
+----
+cdist-type__locale - Configure locales
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to setup locales. On systems that don't
+support locale setting like alpine/musl libc, it is a no-op.
+
+
+OPTIONAL PARAMETERS
+-------------------
+state
+ 'present' or 'absent', defaults to present
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Add locale de_CH.UTF-8
+ __locale de_CH.UTF-8
+
+ # Same as above, but more explicit
+ __locale de_CH.UTF-8 --state present
+
+ # Remove colourful British English
+ __locale en_GB.UTF-8 --state absent
+
+
+SEE ALSO
+--------
+:strong:`locale`\ (1), :strong:`localedef`\ (1), :strong:`cdist-type__locale_system`\ (7)
+
+
+AUTHORS
+-------
+Nico Schottelius
+
+
+COPYING
+-------
+Copyright \(C) 2013-2019 Nico Schottelius. Free use of this software is
+granted under the terms of the GNU General Public License version 3 or
+later (GPLv3+).
diff --git a/cdist/conf/type/__locale/manifest b/cdist/conf/type/__locale/manifest
new file mode 100755
index 00000000..9f1e17ac
--- /dev/null
+++ b/cdist/conf/type/__locale/manifest
@@ -0,0 +1,41 @@
+#!/bin/sh -e
+#
+# 2013-2019 Nico Schottelius (nico-cdist at schottelius.org)
+# 2015 David Hürlimann (david at ungleich.ch)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# Install required packages
+#
+
+os=$(cat "$__global/explorer/os")
+
+
+case "$os" in
+ debian|devuan)
+ # Debian needs a seperate package
+ __package locales --state present
+ ;;
+ archlinux|suse|ubuntu|scientific|centos|alpine)
+ :
+ ;;
+ *)
+ echo "Sorry, do not know how to handle os: $os" >&2
+ echo "Please edit the type ${__type##*/} to fix this." >&2
+ exit 1
+ ;;
+esac
diff --git a/cdist/conf/type/__locale/parameter/default/state b/cdist/conf/type/__locale/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__locale/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__locale/parameter/optional b/cdist/conf/type/__locale/parameter/optional
new file mode 100644
index 00000000..ff72b5c7
--- /dev/null
+++ b/cdist/conf/type/__locale/parameter/optional
@@ -0,0 +1 @@
+state
diff --git a/cdist/conf/type/__locale_system/man.rst b/cdist/conf/type/__locale_system/man.rst
new file mode 100644
index 00000000..03d36960
--- /dev/null
+++ b/cdist/conf/type/__locale_system/man.rst
@@ -0,0 +1,64 @@
+cdist-type__locale_system(7)
+============================
+
+NAME
+----
+cdist-type__locale_system - Set system-wide locale
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to modify system-wide locale.
+The name of the locale category is given as the object id
+(usually you are probably interested in using LANG).
+
+
+OPTIONAL PARAMETERS
+-------------------
+
+state
+ present or absent, defaults to present.
+ If present, sets the locale category to the given value.
+ If absent, removes the locale category from the system file.
+
+value
+ The value for the locale category.
+ Defaults to en_US.UTF-8.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Set LANG to en_US.UTF-8
+ __locale_system LANG
+
+ # Same as above, but more explicit
+ __locale_system LANG --value en_US.UTF-8
+
+ # Set category LC_MESSAGES to de_CH.UTF-8
+ __locale_system LC_MESSAGES --value de_CH.UTF-8
+
+ # Remove setting for LC_ALL
+ __locale_system LC_ALL --state absent
+
+
+
+SEE ALSO
+--------
+:strong:`locale`\ (1), :strong:`localedef`\ (1), :strong:`cdist-type__locale`\ (7)
+
+
+AUTHORS
+-------
+| Steven Armstrong
+| Carlos Ortigoza
+| Nico Schottelius
+
+
+COPYING
+-------
+Copyright \(C) 2016 Nico Schottelius. Free use of this software is
+granted under the terms of the GNU General Public License version 3 or
+later (GPLv3+).
diff --git a/cdist/conf/type/__locale_system/manifest b/cdist/conf/type/__locale_system/manifest
new file mode 100755
index 00000000..80f7401b
--- /dev/null
+++ b/cdist/conf/type/__locale_system/manifest
@@ -0,0 +1,55 @@
+#!/bin/sh -e
+#
+# 2012-2016 Steven Armstrong (steven-cdist at armstrong.cc)
+# 2016 Carlos Ortigoza (carlos.ortigoza at ungleich.ch)
+# 2016 Nico Schottelius (nico.schottelius at ungleich.ch)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# Configure system-wide locale by modifying i18n file.
+#
+
+os=$(cat "$__global/explorer/os")
+
+case "$os" in
+ debian|ubuntu)
+ locale_conf="/etc/default/locale"
+ ;;
+ archlinux)
+ locale_conf="/etc/locale.conf"
+ ;;
+ redhat|centos)
+ locale_conf="/etc/sysconfig/i18n"
+ ;;
+ *)
+ echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2
+ echo "Please contribute an implementation for it if you can." >&2
+ exit 1
+ ;;
+esac
+
+__file "$locale_conf" \
+ --owner root --group root --mode 644 \
+ --state exists
+
+require="__file/$locale_conf" \
+ __key_value "$locale_conf:$__object_id" \
+ --file "$locale_conf" \
+ --key "$__object_id" \
+ --delimiter = \
+ --state "$(cat "$__object/parameter/state")" \
+ --value "$(cat "$__object/parameter/value")"
diff --git a/cdist/conf/type/__locale_system/parameter/default/state b/cdist/conf/type/__locale_system/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__locale_system/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__locale_system/parameter/default/value b/cdist/conf/type/__locale_system/parameter/default/value
new file mode 100644
index 00000000..927508f3
--- /dev/null
+++ b/cdist/conf/type/__locale_system/parameter/default/value
@@ -0,0 +1 @@
+en_US.UTF-8
diff --git a/cdist/conf/type/__locale_system/parameter/optional b/cdist/conf/type/__locale_system/parameter/optional
new file mode 100644
index 00000000..d0460d86
--- /dev/null
+++ b/cdist/conf/type/__locale_system/parameter/optional
@@ -0,0 +1,2 @@
+state
+value
diff --git a/cdist/conf/type/__motd/gencode-remote b/cdist/conf/type/__motd/gencode-remote
new file mode 100755
index 00000000..738ea834
--- /dev/null
+++ b/cdist/conf/type/__motd/gencode-remote
@@ -0,0 +1,46 @@
+#!/bin/sh -e
+#
+# 2013 Nico Schottelius (nico-cdist at schottelius.org)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+
+os=$(cat "$__global/explorer/os")
+
+case "$os" in
+ debian|ubuntu|devuan)
+
+ # Debian and Ubuntu need to be updated,
+ # as seen in /etc/init.d/bootlogs
+ echo "uname -snrvm > /var/run/motd"
+ echo "cat /etc/motd.tail >> /var/run/motd"
+ ;;
+ freebsd)
+ # FreeBSD only updates /etc/motd on boot,
+ # as seen in /etc/rc.d/motd
+ echo "uname -sri > /etc/motd"
+ echo "cat /etc/motd.template >> /etc/motd"
+ # FreeBSD 13 starts treating motd slightly different from previous
+ # versions this ensures hosts have the expected config.
+ echo "rm /etc/motd.template || true"
+ echo "service motd start"
+ ;;
+ *)
+ # Other OS tend to treat /etc/motd statically
+ exit 0
+ ;;
+esac
diff --git a/cdist/conf/type/__motd/man.rst b/cdist/conf/type/__motd/man.rst
new file mode 100644
index 00000000..a567dc80
--- /dev/null
+++ b/cdist/conf/type/__motd/man.rst
@@ -0,0 +1,65 @@
+cdist-type__motd(7)
+===================
+
+NAME
+----
+cdist-type__motd - Manage message of the day
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to easily setup /etc/motd.
+
+.. note::
+ In some OS, motd is a bit special, check `motd(5)`.
+ Currently Debian, Devuan, Ubuntu and FreeBSD are taken into account.
+ If your OS of choice does something besides /etc/motd, check the source
+ and contribute support for it.
+ Otherwise it will likely just work.
+
+
+REQUIRED PARAMETERS
+-------------------
+None.
+
+
+OPTIONAL PARAMETERS
+-------------------
+source
+ If supplied, copy this file from the host running cdist to the target.
+ If source is '-' (dash), take what was written to stdin as the file content.
+ If not supplied, a default message will be placed onto the target.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Use cdist defaults
+ __motd
+
+ # Supply source file from a different type
+ __motd --source "$__type/files/my-motd"
+
+ # Supply source from stdin
+ __motd --source "-" <
+
+
+COPYING
+-------
+Copyright \(C) 2020 Nico Schottelius. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__motd/man.text b/cdist/conf/type/__motd/man.text
deleted file mode 100644
index a4ca80b5..00000000
--- a/cdist/conf/type/__motd/man.text
+++ /dev/null
@@ -1,48 +0,0 @@
-cdist-type__motd(7)
-===================
-Nico Schottelius
-
-
-NAME
-----
-cdist-type__motd - Manage message of the day
-
-
-DESCRIPTION
------------
-This cdist type allows you to easily setup /etc/motd.
-
-
-REQUIRED PARAMETERS
--------------------
-None.
-
-
-OPTIONAL PARAMETERS
--------------------
-source::
- If supplied, copy this file from the host running cdist to the target.
- If not supplied, a default message will be placed onto the target.
-
-
-EXAMPLES
---------
-
---------------------------------------------------------------------------------
-# Use cdist defaults
-__motd
-
-# Supply source file from a different type
-__motd --source "$__type/files/my-motd"
---------------------------------------------------------------------------------
-
-
-SEE ALSO
---------
-- cdist-type(7)
-
-
-COPYING
--------
-Copyright \(C) 2011 Nico Schottelius. Free use of this software is
-granted under the terms of the GNU General Public License version 3 (GPLv3).
diff --git a/cdist/conf/type/__motd/manifest b/cdist/conf/type/__motd/manifest
index 286d1ff3..ded734d7 100755
--- a/cdist/conf/type/__motd/manifest
+++ b/cdist/conf/type/__motd/manifest
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/sh -e
#
# 2011 Nico Schottelius (nico-cdist at schottelius.org)
#
@@ -22,6 +22,9 @@
# Select motd source
if [ -f "$__object/parameter/source" ]; then
source="$(cat "$__object/parameter/source")"
+ if [ "$source" = "-" ]; then
+ source="${__object}/stdin"
+ fi
else
source="$__type/files/motd"
fi
@@ -30,10 +33,18 @@ os=$(cat "$__global/explorer/os")
case "$os" in
- debian|ubuntu)
+ debian|ubuntu|devuan)
+ # Debian-based systems use /etc/motd.tail as a template
destination=/etc/motd.tail
;;
+ freebsd)
+ # FreeBSD uses motd.template to prepend system information on boot
+ # (this actually only applies starting with version 13,
+ # but we fix that for whatever version in gencode-remote)
+ destination=/etc/motd.template
+ ;;
*)
+ # Most UNIX systems, including other Linux and OpenBSD just use /etc/motd
destination=/etc/motd
;;
esac
diff --git a/cdist/conf/type/__directory/explorer/state b/cdist/conf/type/__mount/explorer/mounted
similarity index 78%
rename from cdist/conf/type/__directory/explorer/state
rename to cdist/conf/type/__mount/explorer/mounted
index 9bdd9024..81f8e454 100755
--- a/cdist/conf/type/__directory/explorer/state
+++ b/cdist/conf/type/__mount/explorer/mounted
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# 2011 Nico Schottelius (nico-cdist at schottelius.org)
+# 2014 Steven Armstrong (steven-cdist at armstrong.cc)
#
# This file is part of cdist.
#
@@ -17,14 +17,11 @@
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see .
#
-#
-# Check whether file exists or not
-#
-destination="/$__object_id"
+path="$(cat "$__object/parameter/path" 2>/dev/null || echo "/$__object_id")"
-if [ -e "$destination" ]; then
- echo present
+if mountpoint -q "$path"; then
+ echo yes
else
- echo absent
+ echo no
fi
diff --git a/cdist/conf/type/__mount/gencode-remote b/cdist/conf/type/__mount/gencode-remote
new file mode 100755
index 00000000..b2096764
--- /dev/null
+++ b/cdist/conf/type/__mount/gencode-remote
@@ -0,0 +1,51 @@
+#!/bin/sh -e
+#
+# 2014 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+path="$(cat "$__object/parameter/path" 2>/dev/null || echo "/$__object_id")"
+state_should="$(cat "$__object/parameter/state")"
+state_is="$(grep -q -x yes "$__object/explorer/mounted" && echo present || echo absent)"
+
+if [ "$state_should" = "$state_is" ]; then
+ # nothing to do
+ exit 0
+fi
+
+case "$state_should" in
+ present)
+ if [ -f "$__object/parameter/nofstab" ]; then
+ # mount manually
+ printf 'mount'
+ if [ -f "$__object/parameter/type" ]; then
+ printf ' -t %s' "$(cat "$__object/parameter/type")"
+ fi
+ if [ -f "$__object/parameter/options" ]; then
+ printf ' -o %s' "$(cat "$__object/parameter/options")"
+ fi
+ printf ' %s' "$(cat "$__object/parameter/device")"
+ printf ' %s\n' "$path"
+ else
+ # mount using existing fstab entry
+ printf 'mount "%s"\n' "$path"
+ fi
+ ;;
+ absent)
+ printf 'umount "%s"\n' "$path"
+ ;;
+esac
diff --git a/cdist/conf/type/__mount/man.rst b/cdist/conf/type/__mount/man.rst
new file mode 100644
index 00000000..d719a1cd
--- /dev/null
+++ b/cdist/conf/type/__mount/man.rst
@@ -0,0 +1,84 @@
+cdist-type__mount(7)
+====================
+
+NAME
+----
+cdit-type__mount - Manage filesystem mounts
+
+
+DESCRIPTION
+-----------
+Manage filesystem mounts either via /etc/fstab or manually.
+
+
+REQUIRED PARAMETERS
+-------------------
+None.
+
+
+OPTIONAL PARAMETERS
+-------------------
+device
+ device to mount at path, defaults to 'none'. see mount(8)
+
+dump
+ value for the dump field in fstab. see fstab(5)
+ defaults to 0.
+
+ This parameter is ignored, if the nofstab parameter is given.
+
+options
+ comma separated string of options, see mount(8)
+
+pass
+ value for the pass field in fstab. see fstab(5)
+ defaults to 0.
+
+ This parameter is ignored, if the nofstab parameter is given.
+
+path
+ mount point where to mount the device, see mount(8).
+ Defaults to __object_id
+
+state
+ either present or absent. Defaults to present.
+
+type
+ vfstype, see mount(8)
+
+
+BOOLEAN PARAMETERS
+------------------
+nofstab
+ do not manage an entry in /etc/fstab
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __mount /some/dir \
+ --device /dev/sdc3 \
+ --type xfs \
+ --options "defaults,ro"
+ --dump 0 \
+ --pass 1
+
+ __mount /var/lib/one \
+ --device mfsmount \
+ --type fuse \
+ --options "mfsmaster=mfsmaster.domain.tld,mfssubfolder=/one,nonempty,_netdev"
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2014 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__mount/manifest b/cdist/conf/type/__mount/manifest
new file mode 100755
index 00000000..999d806c
--- /dev/null
+++ b/cdist/conf/type/__mount/manifest
@@ -0,0 +1,42 @@
+#!/bin/sh -e
+#
+# 2014 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+path="$(cat "$__object/parameter/path" 2>/dev/null || echo "/$__object_id")"
+state="$(cat "$__object/parameter/state")"
+
+if [ ! -f "$__object/parameter/nofstab" ]; then
+ # Generate an entry for /etc/fstab
+ (
+printf "%s" "$(cat "$__object/parameter/device")"
+printf " %s" "$path"
+type="$(cat "$__object/parameter/type")"
+printf " %s" "$type"
+options="$(cat "$__object/parameter/options")"
+printf " %s" "$options"
+printf " %s" "$(cat "$__object/parameter/dump")"
+printf ' %s\n' "$(cat "$__object/parameter/pass")"
+) | \
+__block "$__object_name" \
+ --file "/etc/fstab" \
+ --prefix "#cdist:$__object_name" \
+ --suffix "#/cdist:$__object_name" \
+ --state "$state" \
+ --text -
+fi
diff --git a/cdist/conf/type/__mount/parameter/boolean b/cdist/conf/type/__mount/parameter/boolean
new file mode 100644
index 00000000..ac6f41a8
--- /dev/null
+++ b/cdist/conf/type/__mount/parameter/boolean
@@ -0,0 +1 @@
+nofstab
diff --git a/cdist/conf/type/__mount/parameter/default/device b/cdist/conf/type/__mount/parameter/default/device
new file mode 100644
index 00000000..621e94f0
--- /dev/null
+++ b/cdist/conf/type/__mount/parameter/default/device
@@ -0,0 +1 @@
+none
diff --git a/cdist/conf/type/__mount/parameter/default/dump b/cdist/conf/type/__mount/parameter/default/dump
new file mode 100644
index 00000000..573541ac
--- /dev/null
+++ b/cdist/conf/type/__mount/parameter/default/dump
@@ -0,0 +1 @@
+0
diff --git a/cdist/conf/type/__mount/parameter/default/options b/cdist/conf/type/__mount/parameter/default/options
new file mode 100644
index 00000000..e94f8140
--- /dev/null
+++ b/cdist/conf/type/__mount/parameter/default/options
@@ -0,0 +1 @@
+defaults
diff --git a/cdist/conf/type/__mount/parameter/default/pass b/cdist/conf/type/__mount/parameter/default/pass
new file mode 100644
index 00000000..573541ac
--- /dev/null
+++ b/cdist/conf/type/__mount/parameter/default/pass
@@ -0,0 +1 @@
+0
diff --git a/cdist/conf/type/__mount/parameter/default/state b/cdist/conf/type/__mount/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__mount/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__mount/parameter/default/type b/cdist/conf/type/__mount/parameter/default/type
new file mode 100644
index 00000000..865faf10
--- /dev/null
+++ b/cdist/conf/type/__mount/parameter/default/type
@@ -0,0 +1 @@
+auto
diff --git a/cdist/conf/type/__mount/parameter/optional b/cdist/conf/type/__mount/parameter/optional
new file mode 100644
index 00000000..29d3e5ef
--- /dev/null
+++ b/cdist/conf/type/__mount/parameter/optional
@@ -0,0 +1,7 @@
+device
+dump
+options
+pass
+path
+state
+type
diff --git a/cdist/conf/type/__mysql_database/explorer/state b/cdist/conf/type/__mysql_database/explorer/state
new file mode 100755
index 00000000..79858695
--- /dev/null
+++ b/cdist/conf/type/__mysql_database/explorer/state
@@ -0,0 +1,33 @@
+#!/bin/sh -e
+#
+# 2020 Ander Punnar (ander-at-kvlt-dot-ee)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+if [ -f "$__object/parameter/name" ]
+then
+ name="$( cat "$__object/parameter/name" )"
+else
+ name="$__object_id"
+fi
+
+if [ -n "$( mysql -B -N -e "show databases like '$name'" )" ]
+then
+ echo 'present'
+else
+ echo 'absent'
+fi
diff --git a/cdist/conf/type/__mysql_database/gencode-remote b/cdist/conf/type/__mysql_database/gencode-remote
index 7cd32242..1bdb2b11 100755
--- a/cdist/conf/type/__mysql_database/gencode-remote
+++ b/cdist/conf/type/__mysql_database/gencode-remote
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/sh -e
#
-# 2012 Benedikt Koeppel (code@benediktkoeppel.ch)
+# 2020 Ander Punnar (ander-at-kvlt-dot-ee)
#
# This file is part of cdist.
#
@@ -17,39 +17,30 @@
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see .
#
-#
-# if --database was specified
-if [ -f "$__object/parameter/name" ]; then
- database="$(cat "$__object/parameter/name")"
-else # otherwise use the object id as database name
- database="$__object_id"
+state_is="$( cat "$__object/explorer/state" )"
+
+state_should="$( cat "$__object/parameter/state" )"
+
+if [ "$state_is" = "$state_should" ]
+then
+ exit 0
fi
-cat <<-EOFF
-mysql -u root <<-EOF
- CREATE DATABASE IF NOT EXISTS $database
-EOF
-EOFF
-
-# if --user was specified
-if [ -f "$__object/parameter/user" ]; then
- user="$(cat "$__object/parameter/user")"
-
- # if --password was specified
- if [ -f "$__object/parameter/password" ]; then
- password="$(cat "$__object/parameter/password")"
- cat <<-EOFF
- mysql -u root <<-EOF
- GRANT ALL PRIVILEGES ON $database.* to '$user'@'localhost' IDENTIFIED BY '$password';
-EOF
-EOFF
- else
- password=""
- cat <<-EOFF
- mysql -u root <<-EOF
- GRANT ALL PRIVILEGES ON $database.* to '$user'@'localhost';
-EOF
-EOFF
- fi
+if [ -f "$__object/parameter/name" ]
+then
+ name="$( cat "$__object/parameter/name" )"
+else
+ name="$__object_id"
fi
+
+case "$state_should" in
+ present)
+ echo "mysql -e 'create database \`$name\`'"
+ echo "create database $name" >> "$__messages_out"
+ ;;
+ absent)
+ echo "mysql -e 'drop database \`$name\`'"
+ echo "drop database $name" >> "$__messages_out"
+ ;;
+esac
diff --git a/cdist/conf/type/__mysql_database/man.rst b/cdist/conf/type/__mysql_database/man.rst
new file mode 100644
index 00000000..b3b56b5f
--- /dev/null
+++ b/cdist/conf/type/__mysql_database/man.rst
@@ -0,0 +1,55 @@
+cdist-type__mysql_database(7)
+=============================
+
+NAME
+----
+cdist-type__mysql_database - Manage a MySQL database
+
+
+DESCRIPTION
+-----------
+
+Create MySQL database and optionally user with all privileges.
+
+
+OPTIONAL PARAMETERS
+-------------------
+name
+ Name of database. Defaults to object id.
+
+user
+ Create user and give all privileges to database.
+
+password
+ Password for user.
+
+state
+ Defaults to present.
+ If absent and user is also set, both will be removed (with privileges).
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # just create database
+ __mysql_database foo
+
+ # create database with respective user with all privileges to database
+ __mysql_database bar \
+ --user name \
+ --password secret
+
+
+AUTHORS
+-------
+Ander Punnar
+
+
+COPYING
+-------
+Copyright \(C) 2020 Ander Punnar. You can redistribute it and/or modify it
+under the terms of the GNU General Public License as published by the Free
+Software Foundation, either version 3 of the License, or (at your option) any
+later version.
diff --git a/cdist/conf/type/__mysql_database/man.text b/cdist/conf/type/__mysql_database/man.text
deleted file mode 100644
index f184a30e..00000000
--- a/cdist/conf/type/__mysql_database/man.text
+++ /dev/null
@@ -1,49 +0,0 @@
-cdist-type__mysql_database(7)
-=============================
-Benedikt Koeppel
-
-
-NAME
-----
-cdist-type__mysql_database - Manage a MySQL database
-
-
-DESCRIPTION
------------
-This cdist type allows you to install a MySQL database.
-
-
-REQUIRED PARAMETERS
--------------------
-None.
-
-OPTIONAL PARAMETERS
--------------------
-name::
- The name of the database to install
- defaults to the object id
-
-user::
- A user that should have access to the database
-
-password::
- The password for the user who manages the database
-
-
-EXAMPLES
---------
-
---------------------------------------------------------------------------------
-__mysql_database "cdist" --name "cdist" --user "myuser" --password "mypwd"
---------------------------------------------------------------------------------
-
-
-SEE ALSO
---------
-- cdist-type(7)
-
-
-COPYING
--------
-Copyright \(C) 2012 Benedikt Koeppel. Free use of this software is
-granted under the terms of the GNU General Public License version 3 (GPLv3).
diff --git a/cdist/conf/type/__mysql_database/manifest b/cdist/conf/type/__mysql_database/manifest
new file mode 100755
index 00000000..a3c9ed5d
--- /dev/null
+++ b/cdist/conf/type/__mysql_database/manifest
@@ -0,0 +1,52 @@
+#!/bin/sh -e
+#
+# 2020 Ander Punnar (ander-at-kvlt-dot-ee)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+if [ -f "$__object/parameter/user" ]
+then
+ user="$( cat "$__object/parameter/user" )"
+fi
+
+if [ -f "$__object/parameter/password" ]
+then
+ password="$( cat "$__object/parameter/password" )"
+fi
+
+if [ -n "$user" ] && [ -n "$password" ]
+then
+ if [ -f "$__object/parameter/name" ]
+ then
+ database="$( cat "$__object/parameter/name" )"
+ else
+ database="$__object_id"
+ fi
+
+ state_should="$( cat "$__object/parameter/state" )"
+
+ __mysql_user "$user" \
+ --password "$password" \
+ --state "$state_should"
+
+ # removing user should remove all user's privileges
+ require="__mysql_user/$user" \
+ __mysql_privileges "$database/$user" \
+ --database "$database" \
+ --user "$user" \
+ --state "$state_should"
+fi
diff --git a/cdist/conf/type/__mysql_database/parameter/default/state b/cdist/conf/type/__mysql_database/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__mysql_database/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__mysql_database/parameter/optional b/cdist/conf/type/__mysql_database/parameter/optional
index 756afee7..6c0b1e85 100644
--- a/cdist/conf/type/__mysql_database/parameter/optional
+++ b/cdist/conf/type/__mysql_database/parameter/optional
@@ -1,3 +1,4 @@
name
user
password
+state
diff --git a/cdist/conf/type/__mysql_privileges/explorer/state b/cdist/conf/type/__mysql_privileges/explorer/state
new file mode 100755
index 00000000..4f13a70c
--- /dev/null
+++ b/cdist/conf/type/__mysql_privileges/explorer/state
@@ -0,0 +1,40 @@
+#!/bin/sh -e
+#
+# 2020 Ander Punnar (ander-at-kvlt-dot-ee)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+privileges="$( cat "$__object/parameter/privileges" )"
+
+database="$( cat "$__object/parameter/database" )"
+
+table="$( cat "$__object/parameter/table" )"
+
+user="$( cat "$__object/parameter/user" )"
+
+host="$( cat "$__object/parameter/host" )"
+
+check_privileges="$(
+ mysql -B -N -e "show grants for '$user'@'$host'" \
+ | grep -Ei "^grant $privileges on .$database.\..?$table.? to " || true )"
+
+if [ -n "$check_privileges" ]
+then
+ echo 'present'
+else
+ echo 'absent'
+fi
diff --git a/cdist/conf/type/__mysql_privileges/gencode-remote b/cdist/conf/type/__mysql_privileges/gencode-remote
new file mode 100755
index 00000000..0656699f
--- /dev/null
+++ b/cdist/conf/type/__mysql_privileges/gencode-remote
@@ -0,0 +1,55 @@
+#!/bin/sh -e
+#
+# 2020 Ander Punnar (ander-at-kvlt-dot-ee)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+state_is="$( cat "$__object/explorer/state" )"
+
+state_should="$( cat "$__object/parameter/state" )"
+
+if [ "$state_is" = "$state_should" ]
+then
+ exit 0
+fi
+
+privileges="$( cat "$__object/parameter/privileges" )"
+
+database="$( cat "$__object/parameter/database" )"
+
+table="$( cat "$__object/parameter/table" )"
+
+user="$( cat "$__object/parameter/user" )"
+
+host="$( cat "$__object/parameter/host" )"
+
+if [ "$table" != '*' ]
+then
+ # shellcheck disable=SC2016
+ table="$( printf '`%s`' "$table" )"
+fi
+
+case "$state_should" in
+ present)
+ echo "mysql -e 'grant $privileges on \`$database\`.$table to \`$user\`@\`$host\`'"
+ echo "grant $privileges on $database.$table to $user@$host" >> "$__messages_out"
+ ;;
+ absent)
+ echo "mysql -e 'revoke $privileges on \`$database\`.$table from \`$user\`@\`$host\`'"
+ echo "revoke $privileges on $database.$table from $user@$host" >> "$__messages_out"
+ ;;
+esac
diff --git a/cdist/conf/type/__mysql_privileges/man.rst b/cdist/conf/type/__mysql_privileges/man.rst
new file mode 100644
index 00000000..b72c9eba
--- /dev/null
+++ b/cdist/conf/type/__mysql_privileges/man.rst
@@ -0,0 +1,57 @@
+cdist-type__mysql_privileges(7)
+===============================
+
+NAME
+----
+cdist-type__mysql_privileges - Manage MySQL privileges
+
+
+DESCRIPTION
+-----------
+
+Grant and revoke privileges of MySQL user.
+
+
+REQUIRED PARAMETERS
+-------------------
+database
+ Name of database.
+
+user
+ Name of user.
+
+
+OPTIONAL PARAMETERS
+-------------------
+privileges
+ Defaults to "all".
+
+table
+ Defaults to "*".
+
+host
+ Defaults to localhost.
+
+state
+ "present" grants and "absent" revokes. Defaults to present.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __mysql_privileges user-to-db --database db --user user
+
+
+AUTHORS
+-------
+Ander Punnar
+
+
+COPYING
+-------
+Copyright \(C) 2020 Ander Punnar. You can redistribute it and/or modify it
+under the terms of the GNU General Public License as published by the Free
+Software Foundation, either version 3 of the License, or (at your option) any
+later version.
diff --git a/cdist/conf/type/__mysql_privileges/parameter/default/host b/cdist/conf/type/__mysql_privileges/parameter/default/host
new file mode 100644
index 00000000..2fbb50c4
--- /dev/null
+++ b/cdist/conf/type/__mysql_privileges/parameter/default/host
@@ -0,0 +1 @@
+localhost
diff --git a/cdist/conf/type/__mysql_privileges/parameter/default/privileges b/cdist/conf/type/__mysql_privileges/parameter/default/privileges
new file mode 100644
index 00000000..5472efad
--- /dev/null
+++ b/cdist/conf/type/__mysql_privileges/parameter/default/privileges
@@ -0,0 +1 @@
+all privileges
diff --git a/cdist/conf/type/__mysql_privileges/parameter/default/state b/cdist/conf/type/__mysql_privileges/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__mysql_privileges/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__mysql_privileges/parameter/default/table b/cdist/conf/type/__mysql_privileges/parameter/default/table
new file mode 100644
index 00000000..72e8ffc0
--- /dev/null
+++ b/cdist/conf/type/__mysql_privileges/parameter/default/table
@@ -0,0 +1 @@
+*
diff --git a/cdist/conf/type/__mysql_privileges/parameter/optional b/cdist/conf/type/__mysql_privileges/parameter/optional
new file mode 100644
index 00000000..d4ed5bc5
--- /dev/null
+++ b/cdist/conf/type/__mysql_privileges/parameter/optional
@@ -0,0 +1,4 @@
+privileges
+table
+host
+state
diff --git a/cdist/conf/type/__mysql_privileges/parameter/required b/cdist/conf/type/__mysql_privileges/parameter/required
new file mode 100644
index 00000000..152b4a1e
--- /dev/null
+++ b/cdist/conf/type/__mysql_privileges/parameter/required
@@ -0,0 +1,2 @@
+database
+user
diff --git a/cdist/conf/type/__mysql_user/explorer/state b/cdist/conf/type/__mysql_user/explorer/state
new file mode 100755
index 00000000..6817ee9d
--- /dev/null
+++ b/cdist/conf/type/__mysql_user/explorer/state
@@ -0,0 +1,54 @@
+#!/bin/sh -e
+#
+# 2020 Ander Punnar (ander-at-kvlt-dot-ee)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+if [ -f "$__object/parameter/name" ]
+then
+ name="$( cat "$__object/parameter/name" )"
+else
+ name="$__object_id"
+fi
+
+if [ -f "$__object/parameter/password" ]
+then
+ password="$( cat "$__object/parameter/password" )"
+else
+ password=''
+fi
+
+host="$( cat "$__object/parameter/host" )"
+
+check_user="$( mysql -B -N -e "select user from mysql.user where user = '$name' and host = '$host'" )"
+
+if [ -n "$check_user" ]
+then
+ if [ -n "$password" ]
+ then
+ check_password="$( mysql -B -N -e "select user from mysql.user where user = '$name' and host = '$host' and password = password( '$password' )" )"
+ fi
+
+ if [ -n "$password" ] && [ -z "$check_password" ]
+ then
+ echo 'change-password'
+ else
+ echo 'present'
+ fi
+else
+ echo 'absent'
+fi
diff --git a/cdist/conf/type/__mysql_user/gencode-remote b/cdist/conf/type/__mysql_user/gencode-remote
new file mode 100755
index 00000000..5f13bc87
--- /dev/null
+++ b/cdist/conf/type/__mysql_user/gencode-remote
@@ -0,0 +1,68 @@
+#!/bin/sh -e
+#
+# 2020 Ander Punnar (ander-at-kvlt-dot-ee)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+state_is="$( cat "$__object/explorer/state" )"
+
+state_should="$( cat "$__object/parameter/state" )"
+
+if [ "$state_is" = "$state_should" ]
+then
+ exit 0
+fi
+
+if [ -f "$__object/parameter/name" ]
+then
+ name="$( cat "$__object/parameter/name" )"
+else
+ name="$__object_id"
+fi
+
+host="$( cat "$__object/parameter/host" )"
+
+if [ -f "$__object/parameter/password" ]
+then
+ password="$( cat "$__object/parameter/password" )"
+else
+ if [ "$state_should" = 'present' ]
+ then
+ echo '--password needed' >&2
+ exit 1
+ else
+ password=''
+ fi
+fi
+
+if [ "$state_is" = 'absent' ] && [ "$state_should" = 'present' ]
+then
+ echo "mysql -e 'create user \`$name\`@\`$host\` identified by \"$password\"'"
+ echo "create user $name@$host" >> "$__messages_out"
+
+elif [ "$state_is" != 'absent' ] && [ "$state_should" = 'absent' ]
+then
+ echo "mysql -e 'drop user \`$name\`@\`$host\`'"
+ echo "drop user $name@$host" >> "$__messages_out"
+
+elif [ "$state_is" = 'change-password' ]
+then
+ # this only works with MySQL 5.7.6 and later or MariaDB 10.1.20 and later
+ echo "mysql -e 'alter user \`$name\`@\`$host\` identified by \"$password\"'"
+ echo "mysql -e 'flush privileges'"
+ echo "change password $name@$host" >> "$__messages_out"
+fi
diff --git a/cdist/conf/type/__mysql_user/man.rst b/cdist/conf/type/__mysql_user/man.rst
new file mode 100644
index 00000000..c2b222d5
--- /dev/null
+++ b/cdist/conf/type/__mysql_user/man.rst
@@ -0,0 +1,48 @@
+cdist-type__mysql_user(7)
+=========================
+
+NAME
+----
+cdist-type__mysql_user - Manage a MySQL user
+
+
+DESCRIPTION
+-----------
+
+Create MySQL user or change password for the user.
+
+
+OPTIONAL PARAMETERS
+-------------------
+name
+ Name of user. Defaults to object id.
+
+host
+ Host of user. Defaults to localhost.
+
+password
+ Password of user.
+
+state
+ Defaults to present.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __mysql_user user --password secret
+
+
+AUTHORS
+-------
+Ander Punnar
+
+
+COPYING
+-------
+Copyright \(C) 2020 Ander Punnar. You can redistribute it and/or modify it
+under the terms of the GNU General Public License as published by the Free
+Software Foundation, either version 3 of the License, or (at your option) any
+later version.
diff --git a/cdist/conf/type/__mysql_user/parameter/default/host b/cdist/conf/type/__mysql_user/parameter/default/host
new file mode 100644
index 00000000..2fbb50c4
--- /dev/null
+++ b/cdist/conf/type/__mysql_user/parameter/default/host
@@ -0,0 +1 @@
+localhost
diff --git a/cdist/conf/type/__mysql_user/parameter/default/state b/cdist/conf/type/__mysql_user/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__mysql_user/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__mysql_user/parameter/optional b/cdist/conf/type/__mysql_user/parameter/optional
new file mode 100644
index 00000000..a286266c
--- /dev/null
+++ b/cdist/conf/type/__mysql_user/parameter/optional
@@ -0,0 +1,4 @@
+name
+host
+password
+state
diff --git a/cdist/conf/type/__openldap_server/gencode-remote b/cdist/conf/type/__openldap_server/gencode-remote
new file mode 100644
index 00000000..b1e98f8c
--- /dev/null
+++ b/cdist/conf/type/__openldap_server/gencode-remote
@@ -0,0 +1,44 @@
+#!/bin/sh
+
+manager_dn=$(cat "${__object}/parameter/manager-dn")
+manager_password=$(cat "${__object}/parameter/manager-password")
+description=$(cat "${__object}/parameter/description")
+suffix=$(cat "${__object}/parameter/suffix")
+suffix_dc=$(printf "%s" "${suffix}" | awk -F',' '{print $1}' | awk -F'=' '{print $2}')
+
+SLAPD_IPC=$(tr '\n' ' ' < "${__object}/parameter/slapd-url" | awk '{ print $1}')
+
+cat <&1 > /dev/null; then
+ # Already exists, use ldapmodify
+ ldapmodify -xZ -D "${manager_dn}" -w "${manager_password}" -H '${SLAPD_IPC}' <
+Evilham
+
+
+COPYING
+-------
+Copyright \(C) 2020 ungleich glarus ag. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__openldap_server/manifest b/cdist/conf/type/__openldap_server/manifest
new file mode 100644
index 00000000..84ba176f
--- /dev/null
+++ b/cdist/conf/type/__openldap_server/manifest
@@ -0,0 +1,267 @@
+#!/bin/sh
+
+name="${__target_host}"
+manager_dn=$(cat "${__object}/parameter/manager-dn")
+manager_password_hash=$(cat "${__object}/parameter/manager-password-hash")
+serverid=$(cat "${__object}/parameter/serverid")
+suffix=$(cat "${__object}/parameter/suffix")
+slapd_modules=$(cat "${__object}/parameter/module" 2>/dev/null || true)
+schemas=$(cat "${__object}/parameter/schema")
+slapd_urls=$(tr '\n' ' ' < "${__object}/parameter/slapd-url")
+tls_cipher_suite=$(cat "${__object}/parameter/tls-cipher-suite" 2>/dev/null || true)
+extra_config=$(cat "${__object}/parameter/extra-config" || true)
+
+
+os="$(cat "${__global}/explorer/os")"
+
+# Setup OS-dependent vars
+CONF_OWNER="root"
+CONF_GROUP="root"
+case "${os}" in
+ freebsd)
+ PKGS="openldap-server"
+ ETC="/usr/local/etc"
+ SLAPD_DIR="/usr/local/etc/openldap"
+ SLAPD_DATA_DIR="/var/db/openldap-data"
+ SLAPD_RUN_DIR="/var/run/openldap"
+ SLAPD_MODULE_PATH="/usr/local/libexec/openldap"
+ if [ -z "${slapd_modules}" ]; then
+ # It looks like ppolicy and syncprov must be compiled
+ slapd_modules="back_mdb back_monitor"
+ fi
+ CONF_OWNER="ldap"
+ CONF_GROUP="ldap"
+ if [ -z "${tls_cipher_suite}" ]; then
+ # TODO: research default for FreeBSD. 'NORMAL' appears to not work
+ tls_cipher_suite="HIGH:MEDIUM:+SSLv2"
+ fi
+ ;;
+ debian|ubuntu|devuan)
+ PKGS="slapd ldap-utils"
+ ETC="/etc"
+ SLAPD_DIR="/etc/ldap"
+ SLAPD_DATA_DIR="/var/lib/ldap"
+ SLAPD_RUN_DIR="/var/run/slapd"
+ SLAPD_MODULE_PATH="/usr/lib/ldap"
+ if [ -z "${slapd_modules}" ]; then
+ slapd_modules="back_mdb ppolicy syncprov back_monitor"
+ fi
+ if [ -z "${tls_cipher_suite}" ]; then
+ tls_cipher_suite="NORMAL"
+ fi
+ ;;
+ *)
+ echo "Don't know the openldap defaults for: $os" >&2
+ exit 1
+ ;;
+esac
+
+PKG_MAIN=$(echo "${PKGS}" | awk '{print $1;}')
+
+
+# Determine if __letsencrypt_cert is to be used and setup vars accordingly
+if [ -f "${__object}/parameter/tls-cert" ]; then
+ tls_cert=$(cat "${__object}/parameter/tls-cert")
+
+ if [ ! -f "${__object}/parameter/tls-privkey" ]; then
+ echo "When tls-cert is defined, tls-privkey is also required." >&2
+ exit 1
+ fi
+ tls_privkey=$(cat "${__object}/parameter/tls-privkey")
+
+ if [ ! -f "${__object}/parameter/tls-ca" ]; then
+ echo "When tls-cert is defined, tls-ca is also required." >&2
+ exit 1
+ fi
+ tls_ca=$(cat "${__object}/parameter/tls-ca")
+
+ _skip_letsencrypt_cert="YES"
+else
+ if [ ! -f "${__object}/parameter/admin-email" ]; then
+ echo "When using __letsencrypt_cert, admin-email is also required." >&2
+ exit 1
+ fi
+ admin_email=$(cat "${__object}/parameter/admin-email")
+
+ tls_cert="${SLAPD_DIR}/sasl2/cert.pem"
+ tls_privkey="${SLAPD_DIR}/sasl2/privkey.pem"
+ tls_ca="${SLAPD_DIR}/sasl2/chain.pem"
+fi
+
+mkdir "${__object}/files"
+ldapconf="${__object}/files/ldapconf"
+
+replication=""
+if [ -f "${__object}/parameter/replicate" ]; then
+ replication=yes
+
+ if [ ! -f "${__object}/parameter/syncrepl-searchbase" ]; then
+ echo "Requiring the searchbase for replication" >&2
+ exit 1
+ fi
+ syncrepl_searchbase=$(cat "${__object}/parameter/syncrepl-searchbase")
+
+ if [ ! -f "${__object}/parameter/syncrepl-credentials" ]; then
+ echo "Requiring credentials for replication" >&2
+ exit 1
+ fi
+
+ syncrepl_credentials=$(cat "${__object}/parameter/syncrepl-credentials")
+
+ if [ ! -f "${__object}/parameter/syncrepl-host" ]; then
+ echo "Requiring host(s) for replication" >&2
+ exit 1
+ fi
+ syncrepl_hosts=$(cat "${__object}/parameter/syncrepl-host")
+
+fi
+
+# Install required packages
+for pkg in ${PKGS}; do
+ __package "${pkg}"
+done
+
+
+require="__package/${PKG_MAIN}" __start_on_boot slapd
+
+# Setup -h flag for the listeners. See man slapd (-h flag).
+case "${os}" in
+ freebsd)
+ require="__start_on_boot/slapd" __key_value \
+ --file "/etc/rc.conf" \
+ --key "slapd_flags" \
+ --value "\"-h '${slapd_urls}'\"" \
+ --delimiter "=" \
+ --comment "# LDAP Listener URLs" \
+ "${__target_host}__slapd_flags"
+ ;;
+ debian|ubuntu|devuan)
+ require="__package/${PKG_MAIN}" __line rm_slapd_conf \
+ --file ${ETC}/default/slapd \
+ --regex 'SLAPD_CONF=.*' \
+ --state absent
+
+ require="__package/${PKG_MAIN}" __line rm_slapd_services \
+ --file ${ETC}/default/slapd \
+ --regex 'SLAPD_SERVICES=.*' \
+ --state absent
+
+ require="__line/rm_slapd_conf" __line add_slapd_conf \
+ --file ${ETC}/default/slapd \
+ --line "SLAPD_CONF=${SLAPD_DIR}/slapd.conf" \
+ --state present
+
+ require="__line/rm_slapd_services" __line add_slapd_services \
+ --file ${ETC}/default/slapd \
+ --line "SLAPD_SERVICES=\"${slapd_urls}\"" \
+ --state present
+ ;;
+ *)
+ # Nothing to do here, move on.
+ ;;
+esac
+
+
+if [ -z "${_skip_letsencrypt_cert}" ]; then
+ if [ -f "${__object}/parameter/staging" ]; then
+ staging="--staging"
+ else
+ staging=""
+ fi
+
+ # shellcheck disable=SC2086
+ __letsencrypt_cert "${name}" --admin-email "${admin_email}" \
+ --renew-hook "cp ${ETC}/letsencrypt/live/${name}/*.pem ${SLAPD_DIR}/sasl2 && chown -R openldap:openldap ${SLAPD_DIR}/sasl2 && service slapd restart" \
+ --automatic-renewal ${staging}
+fi
+
+require="__package/${PKG_MAIN}" __directory ${SLAPD_DIR}/slapd.d --state absent
+
+if [ -z "${_skip_letsencrypt_cert}" ]; then
+ require="__package/${PKG_MAIN} __letsencrypt_cert/${name}" \
+ __file ${SLAPD_DIR}/slapd.conf --owner ${CONF_OWNER} --group ${CONF_GROUP} --mode 644 \
+ --source "${ldapconf}"
+else
+ require="__package/${PKG_MAIN}" \
+ __file ${SLAPD_DIR}/slapd.conf --owner ${CONF_OWNER} --group ${CONF_GROUP} --mode 644 \
+ --source "${ldapconf}"
+fi
+
+# Start slapd.conf
+cat << EOF > "${ldapconf}"
+pidfile ${SLAPD_RUN_DIR}/slapd.pid
+argsfile ${SLAPD_RUN_DIR}/slapd.args
+
+TLSCipherSuite ${tls_cipher_suite}
+TLSCertificateFile ${tls_cert}
+TLSCertificateKeyFile ${tls_privkey}
+TLSCACertificateFile ${tls_ca}
+
+disallow bind_anon
+require bind
+security tls=1
+EOF
+
+# Add specified schemas
+for schema in ${schemas}; do
+ echo "include ${SLAPD_DIR}/schema/${schema}.schema" >> "${ldapconf}"
+done
+
+# Add specified modules
+echo "modulepath ${SLAPD_MODULE_PATH}" >> "${ldapconf}"
+for module in ${slapd_modules}; do
+ echo "moduleload ${module}.la" >> "${ldapconf}"
+done
+
+# Rest of the config
+cat << EOF >> "${ldapconf}"
+loglevel 1024
+
+database mdb
+maxsize 1073741824
+
+suffix "${suffix}"
+directory ${SLAPD_DATA_DIR}
+rootdn "${manager_dn}"
+rootpw "${manager_password_hash}"
+
+index objectClass eq,pres
+index ou,cn,mail,surname,givenname eq,pres,sub
+index uidNumber,gidNumber,loginShell eq,pres
+index uid,memberUid eq,pres,sub
+index nisMapName,nisMapEntry eq,pres,sub
+index entryCSN,entryUUID eq
+
+${extra_config}
+
+serverid ${serverid}
+EOF
+
+# Setup replication
+if [ "${replication}" ]; then
+ rid=1;
+ for syncrepl in ${syncrepl_hosts}; do
+ cat <> "${ldapconf}"
+syncrepl rid=${rid}
+ provider=ldap://${syncrepl}
+ bindmethod=simple
+ starttls=yes
+ binddn="${manager_dn}"
+ credentials=${syncrepl_credentials}
+ searchbase="${syncrepl_searchbase}"
+ type=refreshAndPersist
+ retry="5 + 5 +"
+ interval=00:00:00:05
+EOF
+ rid=$((rid + 1))
+ done
+ cat <> "${ldapconf}"
+mirrormode true
+overlay syncprov
+syncprov-checkpoint 100 5
+syncprov-sessionlog 100
+
+database monitor
+limits dn.exact="${manager_dn}" time=unlimited size=unlimited
+EOF
+fi
diff --git a/cdist/conf/type/__openldap_server/parameter/boolean b/cdist/conf/type/__openldap_server/parameter/boolean
new file mode 100644
index 00000000..45056fe9
--- /dev/null
+++ b/cdist/conf/type/__openldap_server/parameter/boolean
@@ -0,0 +1,2 @@
+staging
+replicate
diff --git a/cdist/conf/type/__openldap_server/parameter/default/description b/cdist/conf/type/__openldap_server/parameter/default/description
new file mode 100644
index 00000000..6d8e37e1
--- /dev/null
+++ b/cdist/conf/type/__openldap_server/parameter/default/description
@@ -0,0 +1 @@
+Managed by cdist, do not edit manually.
diff --git a/cdist/conf/type/__openldap_server/parameter/default/schema b/cdist/conf/type/__openldap_server/parameter/default/schema
new file mode 100644
index 00000000..825bdb15
--- /dev/null
+++ b/cdist/conf/type/__openldap_server/parameter/default/schema
@@ -0,0 +1,12 @@
+corba
+core
+cosine
+duaconf
+dyngroup
+inetorgperson
+java
+misc
+nis
+openldap
+ppolicy
+collective
diff --git a/cdist/conf/type/__openldap_server/parameter/optional b/cdist/conf/type/__openldap_server/parameter/optional
new file mode 100644
index 00000000..71c64659
--- /dev/null
+++ b/cdist/conf/type/__openldap_server/parameter/optional
@@ -0,0 +1,9 @@
+description
+syncrepl-credentials
+syncrepl-searchbase
+admin-email
+tls-cipher-suite
+tls-cert
+tls-privkey
+tls-ca
+extra-config
diff --git a/cdist/conf/type/__openldap_server/parameter/optional_multiple b/cdist/conf/type/__openldap_server/parameter/optional_multiple
new file mode 100644
index 00000000..52a83d5c
--- /dev/null
+++ b/cdist/conf/type/__openldap_server/parameter/optional_multiple
@@ -0,0 +1,3 @@
+syncrepl-host
+module
+schema
diff --git a/cdist/conf/type/__openldap_server/parameter/required b/cdist/conf/type/__openldap_server/parameter/required
new file mode 100644
index 00000000..ff58158d
--- /dev/null
+++ b/cdist/conf/type/__openldap_server/parameter/required
@@ -0,0 +1,5 @@
+manager-dn
+manager-password
+manager-password-hash
+serverid
+suffix
diff --git a/cdist/conf/type/__openldap_server/parameter/required_multiple b/cdist/conf/type/__openldap_server/parameter/required_multiple
new file mode 100644
index 00000000..848b8dc2
--- /dev/null
+++ b/cdist/conf/type/__openldap_server/parameter/required_multiple
@@ -0,0 +1 @@
+slapd-url
\ No newline at end of file
diff --git a/cdist/conf/type/__openldap_server/singleton b/cdist/conf/type/__openldap_server/singleton
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__file/explorer/exists b/cdist/conf/type/__package/explorer/pkgng_exists
similarity index 78%
rename from cdist/conf/type/__file/explorer/exists
rename to cdist/conf/type/__package/explorer/pkgng_exists
index c319cb5d..6d69ba14 100755
--- a/cdist/conf/type/__file/explorer/exists
+++ b/cdist/conf/type/__package/explorer/pkgng_exists
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# 2011-2012 Nico Schottelius (nico-cdist at schottelius.org)
+# 2014 Jake Guffey (jake.guffey at eprotex.com)
#
# This file is part of cdist.
#
@@ -18,13 +18,10 @@
# along with cdist. If not, see .
#
#
-# Check whether file exists or not
+# Retrieve the status of a package - parsed dpkg output
#
-destination="/$__object_id"
-
-if [ -e "$destination" ]; then
- echo yes
-else
- echo no
+if [ "$("$__explorer/os")" = "freebsd" ]; then
+ command -v pkg
fi
+
diff --git a/cdist/conf/type/__package/man.rst b/cdist/conf/type/__package/man.rst
new file mode 100644
index 00000000..fc36402b
--- /dev/null
+++ b/cdist/conf/type/__package/man.rst
@@ -0,0 +1,64 @@
+cdist-type__package(7)
+======================
+
+NAME
+----
+cdist-type__package - Manage packages
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to install or uninstall packages on the target.
+It dispatches the actual work to the package system dependent types.
+
+
+REQUIRED PARAMETERS
+-------------------
+None
+
+
+OPTIONAL PARAMETERS
+-------------------
+name
+ The name of the package to install. Default is to use the object_id as the
+ package name.
+version
+ The version of the package to install. Default is to install the version
+ chosen by the local package manager.
+type
+ The package type to use. Default is determined based on the $os explorer
+ variable.
+ e.g.
+ * __package_apt for Debian
+ * __package_emerge for Gentoo
+
+state
+ Either "present" or "absent", defaults to "present"
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Install the package vim on the target
+ __package vim --state present
+
+ # Same but install specific version
+ __package vim --state present --version 7.3.50
+
+ # Force use of a specific package type
+ __package vim --state present --type __package_apt
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2011 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__package/man.text b/cdist/conf/type/__package/man.text
deleted file mode 100644
index b656c890..00000000
--- a/cdist/conf/type/__package/man.text
+++ /dev/null
@@ -1,63 +0,0 @@
-cdist-type__package(7)
-======================
-Steven Armstrong
-
-
-NAME
-----
-cdist-type__package - Manage packages
-
-
-DESCRIPTION
------------
-This cdist type allows you to install or uninstall packages on the target.
-It dispatches the actual work to the package system dependant types.
-
-
-REQUIRED PARAMETERS
--------------------
-None
-
-
-OPTIONAL PARAMETERS
--------------------
-name::
- The name of the package to install. Default is to use the object_id as the
- package name.
-version::
- The version of the package to install. Default is to install the version
- choosen by the local package manager.
-type::
- The package type to use. Default is determined based on the $os explorer
- variable.
- e.g. __package_apt for Debian
- __package_emerge for Gentoo
-
-state::
- Either "present" or "absent", defaults to "present"
-
-
-EXAMPLES
---------
-
---------------------------------------------------------------------------------
-# Install the package vim on the target
-__package vim --state present
-
-# Same but install specific version
-__package vim --state present --version 7.3.50
-
-# Force use of a specific package type
-__package vim --state present --type __package_apt
---------------------------------------------------------------------------------
-
-
-SEE ALSO
---------
-- cdist-type(7)
-
-
-COPYING
--------
-Copyright \(C) 2011 Steven Armstrong. Free use of this software is
-granted under the terms of the GNU General Public License version 3 (GPLv3).
diff --git a/cdist/conf/type/__package/manifest b/cdist/conf/type/__package/manifest
index 6a84cb7f..a453c32b 100755
--- a/cdist/conf/type/__package/manifest
+++ b/cdist/conf/type/__package/manifest
@@ -1,6 +1,7 @@
-#!/bin/sh
+#!/bin/sh -e
#
-# 2011 Steven Armstrong (steven-cdist at armstrong.cc)
+# 2011-2013 Steven Armstrong (steven-cdist at armstrong.cc)
+# 2019 Nico Schottelius (nico-cdist at schottelius.org)
#
# This file is part of cdist.
#
@@ -19,7 +20,7 @@
#
#
# __package is an abstract type which dispatches to the lower level
-# __package_$name types which do the actual interaction with the packaging
+# __package_$type types which do the actual interaction with the packaging
# system.
#
@@ -30,13 +31,21 @@ else
# By default determine package manager based on operating system
os="$(cat "$__global/explorer/os")"
case "$os" in
- amazon|centos|fedora|redhat) type="yum" ;;
+ amazon|scientific|centos|fedora|redhat) type="yum" ;;
archlinux) type="pacman" ;;
- debian|ubuntu) type="apt" ;;
- freebsd) type="pkg_freebsd" ;;
+ debian|ubuntu|devuan) type="apt" ;;
+ freebsd)
+ if [ -n "$(cat "$__object/explorer/pkgng_exists")" ]; then
+ type="pkgng_freebsd"
+ else
+ type="pkg_freebsd"
+ fi
+ ;;
gentoo) type="emerge" ;;
suse) type="zypper" ;;
openwrt) type="opkg" ;;
+ openbsd) type="pkg_openbsd" ;;
+ alpine) type="apk" ;;
*)
echo "Don't know how to manage packages on: $os" >&2
exit 1
@@ -44,10 +53,12 @@ else
esac
fi
-set -- "$@" "$__object_id"
+state="$(cat "$__object/parameter/state")"
+
+set -- "$@" "$__object_id" "--state" "$state"
cd "$__object/parameter"
-for property in $(ls .); do
- if [ "$property" != "type" ]; then
+for property in *; do
+ if [ "$property" != "type" ] && [ "$property" != "state" ]; then
set -- "$@" "--$property" "$(cat "$property")"
fi
done
diff --git a/cdist/conf/type/__package/nonparallel b/cdist/conf/type/__package/nonparallel
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__package/parameter/boolean b/cdist/conf/type/__package/parameter/boolean
new file mode 100644
index 00000000..effcb218
--- /dev/null
+++ b/cdist/conf/type/__package/parameter/boolean
@@ -0,0 +1 @@
+upgrade
diff --git a/cdist/conf/type/__package/parameter/default/state b/cdist/conf/type/__package/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__package/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__package/parameter/optional b/cdist/conf/type/__package/parameter/optional
index 9982507e..bb3f5154 100644
--- a/cdist/conf/type/__package/parameter/optional
+++ b/cdist/conf/type/__package/parameter/optional
@@ -3,3 +3,5 @@ version
type
pkgsite
state
+ptype
+repo
diff --git a/cdist/conf/type/__package_apk/explorer/state b/cdist/conf/type/__package_apk/explorer/state
new file mode 100755
index 00000000..b477ca7c
--- /dev/null
+++ b/cdist/conf/type/__package_apk/explorer/state
@@ -0,0 +1,38 @@
+#!/bin/sh
+#
+# 2019 Nico Schottelius (nico-cdist at schottelius.org)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# Retrieve the status of a package - parsed apk output
+#
+
+if [ -f "$__object/parameter/name" ]; then
+ name="$(cat "$__object/parameter/name")"
+else
+ name="$__object_id"
+fi
+
+# Remove the @.. repo tag for finding out whether it is installed
+# f.i. pass@testing => pass
+name="$(echo "$name" | sed 's/@.*//')"
+
+if [ "$(apk list -I "$name")" ]; then
+ echo present
+else
+ echo absent
+fi
diff --git a/cdist/conf/type/__package_apk/gencode-remote b/cdist/conf/type/__package_apk/gencode-remote
new file mode 100755
index 00000000..79e3d2b6
--- /dev/null
+++ b/cdist/conf/type/__package_apk/gencode-remote
@@ -0,0 +1,49 @@
+#!/bin/sh -e
+#
+# 2019 Nico Schottelius (nico-cdist at schottelius.org)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# Manage packages on Debian and co.
+#
+
+if [ -f "$__object/parameter/name" ]; then
+ name="$(cat "$__object/parameter/name")"
+else
+ name="$__object_id"
+fi
+
+state_should="$(cat "$__object/parameter/state")"
+state_is="$(cat "$__object/explorer/state")"
+
+# Nothing to be done
+[ "$state_is" = "$state_should" ] && exit 0
+
+case "$state_should" in
+ present)
+ echo "apk add -q '$name'"
+ echo "installed" >> "$__messages_out"
+ ;;
+ absent)
+ echo "apk del -q '$name'"
+ echo "removed" >> "$__messages_out"
+ ;;
+ *)
+ echo "Unknown state: $state_should" >&2
+ exit 1
+ ;;
+esac
diff --git a/cdist/conf/type/__package_apk/man.rst b/cdist/conf/type/__package_apk/man.rst
new file mode 100644
index 00000000..bc2408b4
--- /dev/null
+++ b/cdist/conf/type/__package_apk/man.rst
@@ -0,0 +1,55 @@
+cdist-type__package_akp(7)
+==========================
+
+NAME
+----
+cdist-type__package_akp - Manage packages with akp
+
+
+DESCRIPTION
+-----------
+apk is usually used on Alpine to manage packages.
+
+
+REQUIRED PARAMETERS
+-------------------
+None
+
+
+OPTIONAL PARAMETERS
+-------------------
+name
+ If supplied, use the name and not the object id as the package name.
+
+state
+ Either "present" or "absent", defaults to "present"
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Ensure zsh in installed
+ __package_apk zsh --state present
+
+ # Remove package
+ __package_apk apache2 --state absent
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__package`\ (7)
+
+
+AUTHORS
+-------
+Nico Schottelius
+
+
+COPYING
+-------
+Copyright \(C) 2019 Nico Schottelius. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__package_apk/nonparallel b/cdist/conf/type/__package_apk/nonparallel
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__package_apk/parameter/default/state b/cdist/conf/type/__package_apk/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__package_apk/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__package_apk/parameter/optional b/cdist/conf/type/__package_apk/parameter/optional
new file mode 100644
index 00000000..1b423dc4
--- /dev/null
+++ b/cdist/conf/type/__package_apk/parameter/optional
@@ -0,0 +1,2 @@
+name
+state
diff --git a/cdist/conf/type/__package_apt/explorer/state b/cdist/conf/type/__package_apt/explorer/state
index 04926b60..7ccd6fce 100755
--- a/cdist/conf/type/__package_apt/explorer/state
+++ b/cdist/conf/type/__package_apt/explorer/state
@@ -30,8 +30,9 @@ fi
# Except dpkg failing, if package is not known / installed
packages="$(apt-cache showpkg "$name" | sed -e "1,/Reverse Provides:/d" | cut -d ' ' -f 1) $name"
for p in $packages; do
- if [ -n "$(dpkg -s "$p" 2>/dev/null | grep "^Status: install ok installed$")" ]; then
- echo "present $p"
+ if dpkg -s "$p" 2>/dev/null | grep --quiet "^Status: install ok installed$" ; then
+ version=$(dpkg -s "$p" 2>/dev/null | grep "^Version:" | cut -d ' ' -f 2)
+ echo "present $p $version"
exit 0
fi
done
diff --git a/cdist/conf/type/__package_apt/gencode-remote b/cdist/conf/type/__package_apt/gencode-remote
index a80d707e..e02564a2 100755
--- a/cdist/conf/type/__package_apt/gencode-remote
+++ b/cdist/conf/type/__package_apt/gencode-remote
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/sh -e
#
-# 2011-2012 Nico Schottelius (nico-cdist at schottelius.org)
+# 2011-2013 Nico Schottelius (nico-cdist at schottelius.org)
#
# This file is part of cdist.
#
@@ -27,31 +27,70 @@ else
name="$__object_id"
fi
-if [ -f "$__object/parameter/state" ]; then
- state_should="$(cat "$__object/parameter/state")"
-else
- state_should="present"
+state_should="$(cat "$__object/parameter/state")"
+
+version_param="$__object/parameter/version"
+
+version=""
+if [ -f "$version_param" ]; then
+ version="$(cat "$version_param")"
fi
+if [ -f "$__object/parameter/target-release" ]; then
+ target_release="--target-release $(cat "$__object/parameter/target-release")"
+else
+ target_release=""
+fi
+
+if [ -f "$__object/parameter/purge-if-absent" ]; then
+ purgeparam="--purge"
+else
+ purgeparam=""
+fi
+
+
# FIXME: use grep directly, state is a list, not a line!
state_is="$(cat "$__object/explorer/state")"
case "$state_is" in
present*)
name="$(echo "$state_is" | cut -d ' ' -f 2)"
+ version_is="$(echo "$state_is" | cut -d ' ' -f 3)"
state_is="present"
;;
+ *)
+ version_is=""
+ ;;
esac
-aptget="DEBIAN_FRONTEND=noninteractive apt-get --quiet --yes"
+# Hint if we need to avoid questions at some point:
+# DEBIAN_PRIORITY=critical can reduce the number of questions
+aptget="DEBIAN_FRONTEND=noninteractive apt-get --quiet --yes --no-install-recommends -o Dpkg::Options::=\"--force-confdef\" -o Dpkg::Options::=\"--force-confold\""
-[ "$state_is" = "$state_should" ] && exit 0
+if [ "$state_is" = "$state_should" ]; then
+ if [ -z "$version" ] || [ "$version" = "$version_is" ]; then
+ exit 0;
+ fi
+fi
case "$state_should" in
present)
- echo $aptget install \"$name\"
+ # following is bit ugly, but important hack.
+ # due to how cdist config run works, there isn't
+ # currently better way to do it :(
+ cat << EOF
+if [ ! -f /var/cache/apt/pkgcache.bin ] || [ "\$( stat --format %Y /var/cache/apt/pkgcache.bin )" -lt "\$( date +%s -d '-1 day' )" ]
+then echo apt-get update > /dev/null 2>&1 || true
+fi
+EOF
+ if [ -n "$version" ]; then
+ name="${name}=${version}"
+ fi
+ echo "$aptget install $target_release '$name'"
+ echo "installed" >> "$__messages_out"
;;
absent)
- echo $aptget remove \"$name\"
+ echo "$aptget remove $purgeparam '$name'"
+ echo "removed" >> "$__messages_out"
;;
*)
echo "Unknown state: $state_should" >&2
diff --git a/cdist/conf/type/__package_apt/man.rst b/cdist/conf/type/__package_apt/man.rst
new file mode 100644
index 00000000..a1691eac
--- /dev/null
+++ b/cdist/conf/type/__package_apt/man.rst
@@ -0,0 +1,77 @@
+cdist-type__package_apt(7)
+==========================
+
+NAME
+----
+cdist-type__package_apt - Manage packages with apt-get
+
+
+DESCRIPTION
+-----------
+apt-get is usually used on Debian and variants (like Ubuntu) to
+manage packages.
+
+This type will also update package index, if it is older
+than one day, to avoid missing package error messages.
+
+
+REQUIRED PARAMETERS
+-------------------
+None
+
+
+OPTIONAL PARAMETERS
+-------------------
+name
+ If supplied, use the name and not the object id as the package name.
+
+state
+ Either "present" or "absent", defaults to "present"
+
+target-release
+ Passed on to apt-get install, see apt-get(8).
+ Essentially allows you to retrieve packages from a different release
+
+version
+ The version of the package to install. Default is to install the version
+ chosen by the local package manager.
+
+
+BOOLEAN PARAMETERS
+------------------
+purge-if-absent
+ If this parameter is given when state is `absent`, the package is
+ purged from the system (using `--purge`).
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Ensure zsh in installed
+ __package_apt zsh --state present
+
+ # In case you only want *a* webserver, but don't care which one
+ __package_apt webserver --state present --name nginx
+
+ # Remove obsolete package
+ __package_apt puppet --state absent
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__package`\ (7)
+
+
+AUTHORS
+-------
+Nico Schottelius
+
+
+COPYING
+-------
+Copyright \(C) 2011-2012 Nico Schottelius. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__package_apt/man.text b/cdist/conf/type/__package_apt/man.text
deleted file mode 100644
index 5d4656c1..00000000
--- a/cdist/conf/type/__package_apt/man.text
+++ /dev/null
@@ -1,55 +0,0 @@
-cdist-type__package_apt(7)
-==========================
-Nico Schottelius
-
-
-NAME
-----
-cdist-type__package_apt - Manage packages with apt-get
-
-
-DESCRIPTION
------------
-apt-get is usually used on Debian and variants (like Ubuntu) to
-manage packages.
-
-
-REQUIRED PARAMETERS
--------------------
-None
-
-
-OPTIONAL PARAMETERS
--------------------
-name::
- If supplied, use the name and not the object id as the package name.
-
-state::
- Either "present" or "absent", defaults to "present"
-
-
-EXAMPLES
---------
-
---------------------------------------------------------------------------------
-# Ensure zsh in installed
-__package_apt zsh --state present
-
-# In case you only want *a* webserver, but don't care which one
-__package_apt webserver --state present --name nginx
-
-# Remove obsolete package
-__package_apt puppet --state absent
---------------------------------------------------------------------------------
-
-
-SEE ALSO
---------
-- cdist-type(7)
-- cdist-type__package(7)
-
-
-COPYING
--------
-Copyright \(C) 2011-2012 Nico Schottelius. Free use of this software is
-granted under the terms of the GNU General Public License version 3 (GPLv3).
diff --git a/cdist/conf/type/__package_apt/nonparallel b/cdist/conf/type/__package_apt/nonparallel
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__package_apt/parameter/boolean b/cdist/conf/type/__package_apt/parameter/boolean
new file mode 100644
index 00000000..f9a0f6b0
--- /dev/null
+++ b/cdist/conf/type/__package_apt/parameter/boolean
@@ -0,0 +1 @@
+purge-if-absent
diff --git a/cdist/conf/type/__package_apt/parameter/default/state b/cdist/conf/type/__package_apt/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__package_apt/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__package_apt/parameter/optional b/cdist/conf/type/__package_apt/parameter/optional
index 41b8e6cf..d6674f95 100644
--- a/cdist/conf/type/__package_apt/parameter/optional
+++ b/cdist/conf/type/__package_apt/parameter/optional
@@ -1,3 +1,4 @@
name
version
state
+target-release
diff --git a/cdist/conf/type/__package_dpkg/explorer/pkg_state b/cdist/conf/type/__package_dpkg/explorer/pkg_state
new file mode 100644
index 00000000..d7487ed8
--- /dev/null
+++ b/cdist/conf/type/__package_dpkg/explorer/pkg_state
@@ -0,0 +1,11 @@
+#!/bin/sh -e
+
+package=$( basename "$__object_id" )
+
+dpkg_status="$(dpkg-query --show --showformat='${db:Status-Abbrev} ${binary:Package}_${Version}_${Architecture}.deb\n' "${package%%_*}" 2>/dev/null || true)"
+
+if echo "$dpkg_status" | grep -q '^ii'; then
+ echo "${dpkg_status##* }"
+fi
+
+
diff --git a/cdist/conf/type/__package_dpkg/gencode-remote b/cdist/conf/type/__package_dpkg/gencode-remote
new file mode 100755
index 00000000..1c271748
--- /dev/null
+++ b/cdist/conf/type/__package_dpkg/gencode-remote
@@ -0,0 +1,51 @@
+#!/bin/sh -e
+#
+# 2013 Tomas Pospisek (tpo_deb sourcepole.ch)
+# 2018 Thomas Eckert (tom at it-eckert.de)
+#
+# This file is based on cdist's __file/gencode-local and part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# This __package_dpkg type does not check whether a *.deb package is
+# allready installed. It just copies the *.deb package over to the
+# destination and installs it. We could use __package_apt to check
+# whether a *.deb package is allready installed and only install it
+# if we're given a --force argument or similar (would be clever not
+# to conflict with dpkg's --force options). But currently we don't
+# do any checks or --force'ing.
+#
+state=$( cat "$__object/parameter/state" )
+package=$( basename "$__object_id" )
+state_is="$(cat "$__object/explorer/pkg_state")"
+state_should=""
+
+[ "$state" = "absent" ] || state_should="$package"
+[ "$state_is" = "$state_should" ] && exit 0
+
+case "$state" in
+ present)
+ echo "dpkg --install /var/cache/apt/archives/$__object_id"
+ echo "installed" >> "$__messages_out"
+ ;;
+ absent)
+ [ -f "$__object/parameter/purge-if-absent" ] \
+ && action="--purge" \
+ || action="--remove"
+ echo "dpkg $action ${__object_id%%_*}"
+ echo "removed ($action)" >> "$__messages_out"
+ ;;
+ *) echo "ERROR: unknown state '$state'" >&2 ;;
+esac
diff --git a/cdist/conf/type/__package_dpkg/man.rst b/cdist/conf/type/__package_dpkg/man.rst
new file mode 100644
index 00000000..828d8cdd
--- /dev/null
+++ b/cdist/conf/type/__package_dpkg/man.rst
@@ -0,0 +1,93 @@
+cdist-type__package_dpkg(7)
+===========================
+
+NAME
+----
+cdist-type__package_dpkg - Manage packages with dpkg
+
+
+DESCRIPTION
+-----------
+This type is used on Debian and variants (like Ubuntu) to
+install packages that are provided locally as \*.deb files.
+
+The object given to this type must be the name of the deb package.
+The filename of the deb package has to follow Debian naming conventions, i.e.
+`${binary:Package}_${Version}_${Architecture}.deb` (see `dpkg-query(1)` for
+details).
+
+
+OPTIONAL PARAMETERS
+-------------------
+state
+ `present` or `absent`, defaults to `present`.
+
+REQUIRED PARAMETERS
+-------------------
+source
+ path to the \*.deb package
+
+
+BOOLEAN PARAMETERS
+------------------
+purge-if-absent
+ If this parameter is given when state is `absent`, the package is
+ purged from the system (using `--purge`).
+
+
+EXPLORER
+--------
+pkg_state
+ Returns the full package name if package is installed, empty otherwise.
+
+
+MESSAGES
+--------
+installed
+ The deb-file was installed.
+
+removed (--remove)
+ The package was removed, keeping config.
+
+removed (--purge)
+ The package was removed including config (purged).
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Install foo and bar packages
+ __package_dpkg foo_0.1_all.deb --source /tmp/foo_0.1_all.deb
+ __package_dpkg bar_1.4.deb --source $__type/files/bar_1.4.deb
+
+ # uninstall baz:
+ __package_dpkg baz_1.4_amd64.deb \
+ --source $__type/files/baz_1.4_amd64.deb \
+ --state "absent"
+ # uninstall baz and also purge config-files:
+ __package_dpkg baz_1.4_amd64.deb \
+ --source $__type/files/baz_1.4_amd64.deb \
+ --purge-if-absent \
+ --state "absent"
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__package`\ (7), :strong:`dpkg-query`\ (1)
+
+
+AUTHORS
+-------
+| Tomas Pospisek
+| Thomas Eckert
+
+
+COPYING
+-------
+Copyright \(C) 2013 Tomas Pospisek. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
+This type is based on __package_apt.
diff --git a/cdist/conf/type/__package_dpkg/manifest b/cdist/conf/type/__package_dpkg/manifest
new file mode 100755
index 00000000..6d228d8e
--- /dev/null
+++ b/cdist/conf/type/__package_dpkg/manifest
@@ -0,0 +1,40 @@
+#!/bin/sh -e
+#
+# 2013 Tomas Pospisek (tpo_deb sourcepole.ch)
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# This __package_dpkg type does not check whether a *.deb package is
+# allready installed. It just copies the *.deb package over to the
+# destination and installs it. We could use __package_apt to check
+# whether a *.deb package is allready installed and only install it
+# if we're given a --force argument or similar (would be clever not
+# to conflict with dpkg's --force options). But currently we don't
+# do any checks or --force'ing.
+
+
+state=$( cat "$__object/parameter/state" )
+package_path=$( cat "$__object/parameter/source" )
+package=$( basename "$__object_id" )
+state_is="$(cat "$__object/explorer/pkg_state")"
+state_should=""
+
+[ "$state" = "absent" ] || state_should="$package"
+[ "$state_is" = "$state_should" ] && exit 0
+
+__file "/var/cache/apt/archives/$package" \
+ --source "$package_path" \
+ --state "$state"
+
diff --git a/cdist/conf/type/__package_dpkg/nonparallel b/cdist/conf/type/__package_dpkg/nonparallel
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__package_dpkg/parameter/boolean b/cdist/conf/type/__package_dpkg/parameter/boolean
new file mode 100644
index 00000000..f9a0f6b0
--- /dev/null
+++ b/cdist/conf/type/__package_dpkg/parameter/boolean
@@ -0,0 +1 @@
+purge-if-absent
diff --git a/cdist/conf/type/__package_dpkg/parameter/default/state b/cdist/conf/type/__package_dpkg/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__package_dpkg/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__package_dpkg/parameter/optional b/cdist/conf/type/__package_dpkg/parameter/optional
new file mode 100644
index 00000000..ff72b5c7
--- /dev/null
+++ b/cdist/conf/type/__package_dpkg/parameter/optional
@@ -0,0 +1 @@
+state
diff --git a/cdist/conf/type/__package_dpkg/parameter/required b/cdist/conf/type/__package_dpkg/parameter/required
new file mode 100644
index 00000000..5a18cd2f
--- /dev/null
+++ b/cdist/conf/type/__package_dpkg/parameter/required
@@ -0,0 +1 @@
+source
diff --git a/cdist/conf/type/__package_emerge/explorer/pkg_version b/cdist/conf/type/__package_emerge/explorer/pkg_version
new file mode 100644
index 00000000..d02b9d6b
--- /dev/null
+++ b/cdist/conf/type/__package_emerge/explorer/pkg_version
@@ -0,0 +1,36 @@
+#!/bin/sh
+#
+# 2013 Thomas Oettli (otho at sfs.biz)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# Retrieve the status of a package
+#
+
+if [ ! -x /usr/bin/equery ]; then
+ echo "gentoolkit not installed!" 1>&2
+ exit 1
+fi
+
+if [ -f "$__object/parameter/name" ]; then
+ name="$(cat "$__object/parameter/name")"
+else
+ name="$__object_id"
+fi
+
+# shellcheck disable=SC2016
+equery -q l -F '$cp $fullversion' "$name" || true
diff --git a/cdist/conf/type/__package_emerge/gencode-remote b/cdist/conf/type/__package_emerge/gencode-remote
new file mode 100755
index 00000000..e1b85ebb
--- /dev/null
+++ b/cdist/conf/type/__package_emerge/gencode-remote
@@ -0,0 +1,77 @@
+#!/bin/sh -e
+#
+# 2013 Thomas Oettli (otho at sfs.biz)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# Manage packages with Portage (mostly gentoo)
+#
+
+if [ -f "$__object/parameter/name" ]; then
+ name="$__object/parameter/name"
+else
+ name="$__object_id"
+fi
+
+state_should="$(cat "$__object/parameter/state")"
+
+version="$(cat "$__object/parameter/version")"
+
+if [ -n "$version" ]; then
+ name="=$name-$version"
+fi
+
+pkg_version="$(cat "$__object/explorer/pkg_version")"
+if [ -z "$pkg_version" ]; then
+ state_is="absent"
+elif [ -z "$version" ] && [ "$(echo "$pkg_version" | wc -l)" -gt 1 ]; then
+ echo "Package name is not unique! The following packages are installed:" >&2
+ echo "$pkg_version" >&2
+ exit 1
+elif [ -n "$version" ] && [ "$(echo "$pkg_version" | cut -d " " -f 1 | sort | uniq | wc -l)" -gt 1 ]; then
+ echo "Package name is not unique! The following packages are installed:" >&2
+ echo "$pkg_version" >&2
+ exit 1
+else
+ state_is="present"
+ if [ -n "$version" ] && echo "$pkg_version" | cut -d " " -f 2 | grep -q -x "$version"; then
+ installed_version="$(echo "$pkg_version" | cut -d " " -f 2 | grep -x "$version")"
+ else
+ installed_version="$(echo "$pkg_version" | cut -d " " -f 2 | tail -n 1)"
+ fi
+fi
+
+
+# Exit if nothing is needed to be done
+[ "$state_is" = "$state_should" ] && { [ -z "$version" ] || [ "$installed_version" = "$version" ]; } && exit 0
+[ "$state_should" = "absent" ] && [ -n "$version" ] && [ "$installed_version" != "$version" ] && exit 0
+
+
+case "$state_should" in
+ present)
+ echo "emerge '$name' &>/dev/null || exit 1"
+ echo "installed" >> "$__messages_out"
+ ;;
+ absent)
+ echo "emerge -C '$name' &>/dev/null || exit 1"
+ echo "removed" >> "$__messages_out"
+ ;;
+ *)
+ echo "Unknown state: $state_should" >&2
+ exit 1
+ ;;
+esac
diff --git a/cdist/conf/type/__package_emerge/man.rst b/cdist/conf/type/__package_emerge/man.rst
new file mode 100644
index 00000000..88adaff0
--- /dev/null
+++ b/cdist/conf/type/__package_emerge/man.rst
@@ -0,0 +1,63 @@
+cdist-type__package_emerge(7)
+=============================
+
+NAME
+----
+cdist-type__package_emerge - Manage packages with portage
+
+
+DESCRIPTION
+-----------
+Portage is usually used on the gentoo distribution to manage packages.
+This type requires app-portage/gentoolkit installed on the target host.
+cdist-type__package_emerge_dependencies is supposed to install the needed
+packages on the target host.
+
+
+REQUIRED PARAMETERS
+-------------------
+None
+
+
+OPTIONAL PARAMETERS
+-------------------
+name
+ If supplied, use the name and not the object id as the package name.
+
+state
+ Either "present" or "absent", defaults to "present".
+
+version
+ If supplied, use to install or uninstall a specific version of the package named.
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Ensure sys-devel/gcc is installed
+ __package_emerge sys-devel/gcc --state present
+
+ # If you want a specific version of a package
+ __package_emerge app-portage/gentoolkit --state present --version 0.3.0.8-r2
+
+ # Remove package
+ __package_emerge sys-devel/gcc --state absent
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__package`\ (7), :strong:`cdist-type__package_emerge_dependencies`\ (7)
+
+
+AUTHORS
+-------
+Thomas Oettli
+
+
+COPYING
+-------
+Copyright \(C) 2013 Thomas Oettli. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__package_emerge/nonparallel b/cdist/conf/type/__package_emerge/nonparallel
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__package_emerge/parameter/default/state b/cdist/conf/type/__package_emerge/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__package_emerge/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__package_emerge/parameter/default/version b/cdist/conf/type/__package_emerge/parameter/default/version
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__package_emerge/parameter/optional b/cdist/conf/type/__package_emerge/parameter/optional
new file mode 100644
index 00000000..f5c897df
--- /dev/null
+++ b/cdist/conf/type/__package_emerge/parameter/optional
@@ -0,0 +1,3 @@
+name
+state
+version
diff --git a/cdist/conf/type/__package_emerge_dependencies/explorer/flaggie_installed b/cdist/conf/type/__package_emerge_dependencies/explorer/flaggie_installed
new file mode 100644
index 00000000..1652ffc3
--- /dev/null
+++ b/cdist/conf/type/__package_emerge_dependencies/explorer/flaggie_installed
@@ -0,0 +1,7 @@
+#!/bin/sh
+
+if [ -x /usr/bin/flaggie ]; then
+ echo "true"
+else
+ echo "false"
+fi
diff --git a/cdist/conf/type/__package_emerge_dependencies/explorer/gentoolkit_installed b/cdist/conf/type/__package_emerge_dependencies/explorer/gentoolkit_installed
new file mode 100644
index 00000000..74c2378d
--- /dev/null
+++ b/cdist/conf/type/__package_emerge_dependencies/explorer/gentoolkit_installed
@@ -0,0 +1,7 @@
+#!/bin/sh
+
+if [ -x /usr/bin/q ]; then
+ echo "true"
+else
+ echo "false"
+fi
diff --git a/cdist/conf/type/__package_emerge_dependencies/gencode-remote b/cdist/conf/type/__package_emerge_dependencies/gencode-remote
new file mode 100755
index 00000000..f3e6f76e
--- /dev/null
+++ b/cdist/conf/type/__package_emerge_dependencies/gencode-remote
@@ -0,0 +1,16 @@
+#!/bin/sh -e
+
+gentoolkit_installed="$(cat "$__object/explorer/gentoolkit_installed")"
+flaggie_installed="$(cat "$__object/explorer/flaggie_installed")"
+
+if [ "${gentoolkit_installed}" != "true" ]; then
+ # emerge app-portage/gentoolkit
+ echo "emerge app-portage/gentoolkit &> /dev/null || exit 1"
+ echo "installed app-portage/gentoolkit" >> "$__messages_out"
+fi
+
+if [ "${flaggie_installed}" != "true" ]; then
+ # emerge app-portage/flaggie
+ echo "emerge app-portage/flaggie &> /dev/null || exit 1"
+ echo "installed app-portage/flaggie" >> "$__messages_out"
+fi
diff --git a/cdist/conf/type/__package_emerge_dependencies/man.rst b/cdist/conf/type/__package_emerge_dependencies/man.rst
new file mode 100644
index 00000000..598d31f1
--- /dev/null
+++ b/cdist/conf/type/__package_emerge_dependencies/man.rst
@@ -0,0 +1,52 @@
+cdist-type__package_emerge_dependencies(7)
+==========================================
+
+NAME
+----
+cdist-type__package_emerge_dependencies - Install dependencies for __package_emerge
+
+
+DESCRIPTION
+-----------
+Portage is usually used on the gentoo distribution to manage packages.
+This type installs the following tools which are required by __package_emerge to work:
+
+* app-portage/flaggie
+* app-portage/gentoolkit
+
+
+REQUIRED PARAMETERS
+-------------------
+None
+
+
+OPTIONAL PARAMETERS
+-------------------
+None
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Ensure app-portage/flaggie and app-portage/gentoolkit are installed
+ __package_emerge_dependencies
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__package`\ (7), :strong:`cdist-type__package_emerge`\ (7)
+
+
+AUTHORS
+-------
+Thomas Oettli
+
+
+COPYING
+-------
+Copyright \(C) 2013 Thomas Oettli. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__package_emerge_dependencies/nonparallel b/cdist/conf/type/__package_emerge_dependencies/nonparallel
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__package_emerge_dependencies/singleton b/cdist/conf/type/__package_emerge_dependencies/singleton
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__package_luarocks/explorer/pkg_status b/cdist/conf/type/__package_luarocks/explorer/pkg_status
index 3eb73298..e83e8ce6 100755
--- a/cdist/conf/type/__package_luarocks/explorer/pkg_status
+++ b/cdist/conf/type/__package_luarocks/explorer/pkg_status
@@ -28,4 +28,4 @@ else
fi
# Accept luarocks failing if package is not known/installed
-luarocks list "$name" | egrep -A1 "^$name$" || exit 0
+luarocks list "$name" | grep -E -A1 "^$name$" || exit 0
diff --git a/cdist/conf/type/__package_luarocks/gencode-remote b/cdist/conf/type/__package_luarocks/gencode-remote
index 7a5a5b04..d83b3c3a 100755
--- a/cdist/conf/type/__package_luarocks/gencode-remote
+++ b/cdist/conf/type/__package_luarocks/gencode-remote
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/sh -e
#
# 2012 SwellPath, Inc.
# Christian G. Warden
@@ -29,11 +29,7 @@ else
name="$__object_id"
fi
-if [ -f "$__object/parameter/state" ]; then
- state_should="$(cat "$__object/parameter/state")"
-else
- state_should="present"
-fi
+state_should="$(cat "$__object/parameter/state")"
if grep -q "(installed)" "$__object/explorer/pkg_status"; then
state_is="present"
@@ -46,10 +42,12 @@ fi
case "$state_should" in
present)
- echo luarocks install \"$name\"
+ echo "luarocks install '$name'"
+ echo "installed" >> "$__messages_out"
;;
absent)
- echo luarocks remove \"$name\"
+ echo "luarocks remove '$name'"
+ echo "removed" >> "$__messages_out"
;;
*)
echo "Unknown state: $state_should" >&2
diff --git a/cdist/conf/type/__package_luarocks/man.text b/cdist/conf/type/__package_luarocks/man.rst
similarity index 52%
rename from cdist/conf/type/__package_luarocks/man.text
rename to cdist/conf/type/__package_luarocks/man.rst
index 657f68e5..5dc10195 100644
--- a/cdist/conf/type/__package_luarocks/man.text
+++ b/cdist/conf/type/__package_luarocks/man.rst
@@ -1,7 +1,5 @@
cdist-type__package_luarocks(7)
===============================
-Christian G. Warden
-
NAME
----
@@ -20,32 +18,38 @@ None
OPTIONAL PARAMETERS
-------------------
-name::
+name
If supplied, use the name and not the object id as the package name.
-state::
+state
Either "present" or "absent", defaults to "present"
EXAMPLES
--------
---------------------------------------------------------------------------------
-# Ensure luasocket is installed
-__package_luarocks luasocket --state present
+.. code-block:: sh
-# Remove package
-__package_luarocks luasocket --state absent
---------------------------------------------------------------------------------
+ # Ensure luasocket is installed
+ __package_luarocks luasocket --state present
+
+ # Remove package
+ __package_luarocks luasocket --state absent
SEE ALSO
--------
-- cdist-type(7)
-- cdist-type__package(7)
+:strong:`cdist-type__package`\ (7)
+
+
+AUTHORS
+-------
+Christian G. Warden
COPYING
-------
-Copyright \(C) 2012 SwellPath, Inc. Free use of this software is
-granted under the terms of the GNU General Public License version 3 (GPLv3).
+Copyright \(C) 2012 SwellPath, Inc. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__package_luarocks/manifest b/cdist/conf/type/__package_luarocks/manifest
old mode 100644
new mode 100755
index 8e626714..7d8262ca
--- a/cdist/conf/type/__package_luarocks/manifest
+++ b/cdist/conf/type/__package_luarocks/manifest
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/sh -e
#
# 2012 SwellPath, Inc.
# Christian G. Warden
diff --git a/cdist/conf/type/__package_luarocks/nonparallel b/cdist/conf/type/__package_luarocks/nonparallel
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__package_luarocks/parameter/default/state b/cdist/conf/type/__package_luarocks/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__package_luarocks/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__package_opkg/gencode-remote b/cdist/conf/type/__package_opkg/gencode-remote
index 1fb78fbe..269d5f49 100755
--- a/cdist/conf/type/__package_opkg/gencode-remote
+++ b/cdist/conf/type/__package_opkg/gencode-remote
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/sh -e
#
# 2011,2013 Nico Schottelius (nico-cdist at schottelius.org)
# 2012 Giel van Schijndel (giel plus cdist at mortis dot eu)
@@ -28,11 +28,7 @@ else
name="$__object_id"
fi
-if [ -f "$__object/parameter/state" ]; then
- state_should="$(cat "$__object/parameter/state")"
-else
- state_should="present"
-fi
+state_should="$(cat "$__object/parameter/state")"
state_is="$(cat "$__object/explorer/pkg_status")"
case "$state_is" in
@@ -47,15 +43,17 @@ esac
case "$state_should" in
present)
if [ "$present" = "notpresent" ]; then
- echo opkg --verbosity=0 update
+ echo "opkg --verbosity=0 update"
fi
- echo opkg --verbosity=0 install \"$name\"
+ echo "opkg --verbosity=0 install '$name'"
+ echo "installed" >> "$__messages_out"
;;
absent)
- echo opkg --verbosity=0 remove \"$name\"
+ echo "opkg --verbosity=0 remove '$name'"
+ echo "removed" >> "$__messages_out"
;;
*)
- echo "Unknown state: $state" >&2
+ echo "Unknown state: ${state_should}" >&2
exit 1
;;
esac
diff --git a/cdist/conf/type/__package_opkg/man.rst b/cdist/conf/type/__package_opkg/man.rst
new file mode 100644
index 00000000..0fd40b33
--- /dev/null
+++ b/cdist/conf/type/__package_opkg/man.rst
@@ -0,0 +1,55 @@
+cdist-type__package_opkg(7)
+===========================
+
+NAME
+----
+cdist-type__package_opkg - Manage packages with opkg
+
+
+DESCRIPTION
+-----------
+opkg is usually used on OpenWRT to manage packages.
+
+
+REQUIRED PARAMETERS
+-------------------
+None
+
+
+OPTIONAL PARAMETERS
+-------------------
+name
+ If supplied, use the name and not the object id as the package name.
+
+state
+ Either "present" or "absent", defaults to "present"
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Ensure lsof is installed
+ __package_opkg lsof --state present
+
+ # Remove obsolete package
+ __package_opkg dnsmasq --state absent
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__package`\ (7)
+
+
+AUTHORS
+-------
+Giel van Schijndel
+
+
+COPYING
+-------
+Copyright \(C) 2012 Giel van Schijndel. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__package_opkg/man.text b/cdist/conf/type/__package_opkg/man.text
deleted file mode 100644
index aeb0a1c5..00000000
--- a/cdist/conf/type/__package_opkg/man.text
+++ /dev/null
@@ -1,51 +0,0 @@
-cdist-type__package_opkg(7)
-==========================
-Giel van Schijndel
-
-
-NAME
-----
-cdist-type__package_opkg - Manage packages with opkg
-
-
-DESCRIPTION
------------
-opkg is usually used on OpenWRT to manage packages.
-
-
-REQUIRED PARAMETERS
--------------------
-None
-
-
-OPTIONAL PARAMETERS
--------------------
-name::
- If supplied, use the name and not the object id as the package name.
-
-state::
- Either "present" or "absent", defaults to "present"
-
-
-EXAMPLES
---------
-
---------------------------------------------------------------------------------
-# Ensure lsof is installed
-__package_opkg lsof --state present
-
-# Remove obsolete package
-__package_opkg dnsmasq --state absent
---------------------------------------------------------------------------------
-
-
-SEE ALSO
---------
-- cdist-type(7)
-- cdist-type__package(7)
-
-
-COPYING
--------
-Copyright \(C) 2012 Giel van Schijndel. Free use of this software is
-granted under the terms of the GNU General Public License version 3 (GPLv3).
diff --git a/cdist/conf/type/__package_opkg/nonparallel b/cdist/conf/type/__package_opkg/nonparallel
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__package_opkg/parameter/default/state b/cdist/conf/type/__package_opkg/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__package_opkg/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__package_pacman/gencode-remote b/cdist/conf/type/__package_pacman/gencode-remote
index 02744fa8..2e076ec3 100755
--- a/cdist/conf/type/__package_pacman/gencode-remote
+++ b/cdist/conf/type/__package_pacman/gencode-remote
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/sh -e
#
# 2011-2012 Nico Schottelius (nico-cdist at schottelius.org)
#
@@ -31,11 +31,7 @@ else
name="$__object_id"
fi
-if [ -f "$__object/parameter/state" ]; then
- state_should="$(cat "$__object/parameter/state")"
-else
- state_should="present"
-fi
+state_should="$(cat "$__object/parameter/state")"
pkg_version="$(cat "$__object/explorer/pkg_version")"
if [ -z "$pkg_version" ]; then
@@ -49,10 +45,12 @@ fi
case "$state_should" in
present)
- echo pacman --needed --noconfirm --noprogressbar -S \"$name\"
+ echo "pacman --needed --noconfirm --noprogressbar -S '$name'"
+ echo "installed" >> "$__messages_out"
;;
absent)
- echo pacman --noconfirm --noprogressbar -R \"$name\"
+ echo "pacman --noconfirm --noprogressbar -R '$name'"
+ echo "removed" >> "$__messages_out"
;;
*)
echo "Unknown state: $state_should" >&2
diff --git a/cdist/conf/type/__package_pacman/man.rst b/cdist/conf/type/__package_pacman/man.rst
new file mode 100644
index 00000000..2686202d
--- /dev/null
+++ b/cdist/conf/type/__package_pacman/man.rst
@@ -0,0 +1,58 @@
+cdist-type__package_pacman(7)
+=============================
+
+NAME
+----
+cdist-type__package_pacman - Manage packages with pacman
+
+
+DESCRIPTION
+-----------
+Pacman is usually used on the Archlinux distribution to manage packages.
+
+
+REQUIRED PARAMETERS
+-------------------
+None
+
+
+OPTIONAL PARAMETERS
+-------------------
+name
+ If supplied, use the name and not the object id as the package name.
+
+state
+ Either "present" or "absent", defaults to "present"
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Ensure zsh in installed
+ __package_pacman zsh --state present
+
+ # If you don't want to follow pythonX packages, but always use python
+ __package_pacman python --state present --name python2
+
+ # Remove obsolete package
+ __package_pacman puppet --state absent
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__package`\ (7)
+
+
+AUTHORS
+-------
+Nico Schottelius
+
+
+COPYING
+-------
+Copyright \(C) 2011-2012 Nico Schottelius. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__package_pacman/man.text b/cdist/conf/type/__package_pacman/man.text
deleted file mode 100644
index 2e24ecd9..00000000
--- a/cdist/conf/type/__package_pacman/man.text
+++ /dev/null
@@ -1,54 +0,0 @@
-cdist-type__package_pacman(7)
-=============================
-Nico Schottelius
-
-
-NAME
-----
-cdist-type__package_pacman - Manage packages with pacman
-
-
-DESCRIPTION
------------
-Pacman is usually used on the Archlinux distribution to manage packages.
-
-
-REQUIRED PARAMETERS
--------------------
-None
-
-
-OPTIONAL PARAMETERS
--------------------
-name::
- If supplied, use the name and not the object id as the package name.
-
-state::
- Either "present" or "absent", defaults to "present"
-
-
-EXAMPLES
---------
-
---------------------------------------------------------------------------------
-# Ensure zsh in installed
-__package_pacman zsh --state present
-
-# If you don't want to follow pythonX packages, but always use python
-__package_pacman python --state present --name python2
-
-# Remove obsolete package
-__package_pacman puppet --state absent
---------------------------------------------------------------------------------
-
-
-SEE ALSO
---------
-- cdist-type(7)
-- cdist-type__package(7)
-
-
-COPYING
--------
-Copyright \(C) 2011-2012 Nico Schottelius. Free use of this software is
-granted under the terms of the GNU General Public License version 3 (GPLv3).
diff --git a/cdist/conf/type/__package_pacman/nonparallel b/cdist/conf/type/__package_pacman/nonparallel
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__package_pacman/parameter/default/state b/cdist/conf/type/__package_pacman/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__package_pacman/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__package_pip/gencode-remote b/cdist/conf/type/__package_pip/gencode-remote
old mode 100644
new mode 100755
index ec1c89f8..dcc4fdf9
--- a/cdist/conf/type/__package_pip/gencode-remote
+++ b/cdist/conf/type/__package_pip/gencode-remote
@@ -1,6 +1,7 @@
-#!/bin/sh
+#!/bin/sh -e
#
# 2012 Nico Schottelius (nico-cdist at schottelius.org)
+# 2016 Darko Poljak (darko.poljak at gmail.com)
#
# This file is part of cdist.
#
@@ -22,11 +23,7 @@
#
state_is=$(cat "$__object/explorer/state")
-if [ -f "$__object/parameter/state" ]; then
- state_should="$(cat "$__object/parameter/state")"
-else
- state_should="present"
-fi
+state_should="$(cat "$__object/parameter/state")"
[ "$state_is" = "$state_should" ] && exit 0
@@ -44,12 +41,32 @@ else
pip="pip"
fi
+runasparam="$__object/parameter/runas"
+if [ -f "$runasparam" ]
+then
+ runas=$(cat "$runasparam")
+else
+ runas=""
+fi
+
case "$state_should" in
present)
- echo $pip install -q "$name"
+ if [ "$runas" ]
+ then
+ echo "su -c '$pip install -q $name' $runas"
+ else
+ echo $pip install -q "$name"
+ fi
+ echo "installed" >> "$__messages_out"
;;
absent)
- echo $pip uninstall -q -y "$name"
+ if [ "$runas" ]
+ then
+ echo "su -c '$pip uninstall -q -y $name' $runas"
+ else
+ echo $pip uninstall -q -y "$name"
+ fi
+ echo "removed" >> "$__messages_out"
;;
*)
echo "Unknown state: $state_should" >&2
diff --git a/cdist/conf/type/__package_pip/man.rst b/cdist/conf/type/__package_pip/man.rst
new file mode 100644
index 00000000..234ceee2
--- /dev/null
+++ b/cdist/conf/type/__package_pip/man.rst
@@ -0,0 +1,65 @@
+cdist-type__package_pip(7)
+==========================
+
+NAME
+----
+cdist-type__package_pip - Manage packages with pip
+
+
+DESCRIPTION
+-----------
+Pip is used in Python environments to install packages.
+It is also included in the python virtualenv environment.
+
+
+REQUIRED PARAMETERS
+-------------------
+None
+
+
+OPTIONAL PARAMETERS
+-------------------
+name
+ If supplied, use the name and not the object id as the package name.
+
+pip
+ Instead of using pip from PATH, use the specific pip path.
+
+state
+ Either "present" or "absent", defaults to "present"
+
+runas
+ Run pip as specified user. By default it runs as root.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Install a package
+ __package_pip pyro --state present
+
+ # Use pip in a virtualenv located at /root/shinken_virtualenv
+ __package_pip pyro --state present --pip /root/shinken_virtualenv/bin/pip
+
+ # Use pip in a virtualenv located at /foo/shinken_virtualenv as user foo
+ __package_pip pyro --state present --pip /foo/shinken_virtualenv/bin/pip --runas foo
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__package`\ (7)
+
+
+AUTHORS
+-------
+Nico Schottelius
+
+
+COPYING
+-------
+Copyright \(C) 2012 Nico Schottelius. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__package_pip/man.text b/cdist/conf/type/__package_pip/man.text
deleted file mode 100644
index 5f619871..00000000
--- a/cdist/conf/type/__package_pip/man.text
+++ /dev/null
@@ -1,55 +0,0 @@
-cdist-type__package_pip(7)
-==========================
-Nico Schottelius
-
-
-NAME
-----
-cdist-type__package_pip - Manage packages with pip
-
-
-DESCRIPTION
------------
-Pip is used in Python environments to install packages.
-It is also included in the python virtualenv environment.
-
-
-REQUIRED PARAMETERS
--------------------
-None
-
-
-OPTIONAL PARAMETERS
--------------------
-name::
- If supplied, use the name and not the object id as the package name.
-
-pip::
- Instead of using pip from PATH, use the specific pip path.
-
-state::
- Either "present" or "absent", defaults to "present"
-
-
-EXAMPLES
---------
-
---------------------------------------------------------------------------------
-# Install a package
-__package_pip pyro --state present
-
-# Use pip in a virtualenv located at /root/shinken_virtualenv
-__package_pip pyro --state present --pip /root/shinken_virtualenv/bin/pip
---------------------------------------------------------------------------------
-
-
-SEE ALSO
---------
-- cdist-type(7)
-- cdist-type__package(7)
-
-
-COPYING
--------
-Copyright \(C) 2012 Nico Schottelius. Free use of this software is
-granted under the terms of the GNU General Public License version 3 (GPLv3).
diff --git a/cdist/conf/type/__package_pip/nonparallel b/cdist/conf/type/__package_pip/nonparallel
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__package_pip/parameter/default/state b/cdist/conf/type/__package_pip/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__package_pip/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__package_pip/parameter/optional b/cdist/conf/type/__package_pip/parameter/optional
index f32876f7..d909e790 100644
--- a/cdist/conf/type/__package_pip/parameter/optional
+++ b/cdist/conf/type/__package_pip/parameter/optional
@@ -1,2 +1,4 @@
+name
pip
state
+runas
diff --git a/cdist/conf/type/__package_pkg_freebsd/explorer/pkg_version b/cdist/conf/type/__package_pkg_freebsd/explorer/pkg_version
index 1335ba79..0a1ab75c 100755
--- a/cdist/conf/type/__package_pkg_freebsd/explorer/pkg_version
+++ b/cdist/conf/type/__package_pkg_freebsd/explorer/pkg_version
@@ -30,7 +30,7 @@ fi
# Don't produce "no pkgs installed" output -- breaks things
PKG_OUTPUT=$(pkg_info 2>&1)
if [ ! "$PKG_OUTPUT" = "pkg_info: no packages installed" ]; then
- echo -n "$(echo "$PKG_OUTPUT" \
+ printf "%s" "$(echo "$PKG_OUTPUT" \
| awk '{print $1}' \
| sed 's/^\(.*\)-\([^-]*\)$/name:\1 ver:\2/g' \
| grep "name:$name ver:" \
diff --git a/cdist/conf/type/__package_pkg_freebsd/gencode-remote b/cdist/conf/type/__package_pkg_freebsd/gencode-remote
index 3f5ebde7..3f88f6bc 100755
--- a/cdist/conf/type/__package_pkg_freebsd/gencode-remote
+++ b/cdist/conf/type/__package_pkg_freebsd/gencode-remote
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/sh -e
#
# 2012 Jake Guffey (jake.guffey at eprotex.com)
#
@@ -33,12 +33,13 @@ assert () # If condition false,
lineno=$2
- if [ ! $1 ]
+ if [ ! "$1" ]
then
echo "Assertion failed: \"$1\""
+ # shellcheck disable=SC2039
echo "File \"$0\", line $lineno, called by $(caller 0)"
exit $E_ASSERT_FAILED
- fi
+ fi
}
# Debug
@@ -51,23 +52,10 @@ else
name="$__object_id"
fi
-if [ -f "$__object/parameter/flavor" ]; then
- flavor="$(cat "$__object/parameter/flavor")"
-fi
-
-if [ -f "$__object/parameter/version" ]; then
- version="$(cat "$__object/parameter/version")"
-fi
-
-if [ -f "$__object/parameter/pkgsite" ]; then
- pkgsite="$(cat "$__object/parameter/pkgsite")"
-fi
-
-if [ -f "$__object/parameter/state" ]; then
- state="$(cat "$__object/parameter/state")"
-else
- state="present"
-fi
+flavor="$(cat "$__object/parameter/flavor")"
+version="$(cat "$__object/parameter/version")"
+pkgsite="$(cat "$__object/parameter/pkgsite")"
+state="$(cat "$__object/parameter/state")"
curr_version="$(cat "$__object/explorer/pkg_version")"
add_cmd="pkg_add"
rm_cmd="pkg_delete"
@@ -79,7 +67,7 @@ cmd=""
# FIXME: This is ugly.
execcmd(){
# Set the PACKAGESITE if we're ADDing a new package
- if [ "$1" = "add" -a -n "$pkgsite" ]; then
+ if [ "$1" = "add" ] && [ -n "$pkgsite" ]; then
# Use http.../All/ if we know the exact version we want, use .../Latest/ otherwise
pkgsite="export PACKAGESITE=${pkgsite}"
[ -n "$version" ] && pkgsite="${pkgsite}/All/" || pkgsite="${pkgsite}/Latest/"
@@ -101,6 +89,7 @@ if [ -n "$curr_version" ]; then # PKG *is* installed
cmd="${rm_cmd} ${name}-${curr_version}"
fi
execcmd "remove" "${cmd}"
+ echo "removed" >> "$__messages_out"
exit 0
else # Should be installed
if [ -n "$version" ]; then # Want a specific version
@@ -108,11 +97,13 @@ if [ -n "$curr_version" ]; then # PKG *is* installed
exit 0
else # Current version is wrong, fix
#updatepkg "$name" "$version"
+ # shellcheck disable=SC2039
assert "! ${version} = ${curr_version}" $LINENO
cmd="${rm_cmd} ${name}-${curr_version}"
execcmd "remove" "${cmd}"
cmd="${add_cmd} -r ${name}-${version}"
execcmd "add" "${cmd}"
+ echo "installed" >> "$__messages_out"
fi
else # Don't care what version to use
exit 0
@@ -131,6 +122,7 @@ else # PKG *isn't* installed
cmd="${cmd}-${version}"
fi
execcmd "add" "${cmd}"
+ echo "installed" >> "$__messages_out"
exit 0
fi
fi
diff --git a/cdist/conf/type/__package_pkg_freebsd/man.rst b/cdist/conf/type/__package_pkg_freebsd/man.rst
new file mode 100644
index 00000000..b06c7faf
--- /dev/null
+++ b/cdist/conf/type/__package_pkg_freebsd/man.rst
@@ -0,0 +1,70 @@
+cdist-type__package_pkg_freebsd(7)
+==================================
+
+NAME
+----
+cdist-type__package_pkg_freebsd - Manage FreeBSD packages
+
+
+DESCRIPTION
+-----------
+This type is usually used on FreeBSD to manage packages.
+
+
+REQUIRED PARAMETERS
+-------------------
+None
+
+
+OPTIONAL PARAMETERS
+-------------------
+name
+ If supplied, use the name and not the object id as the package name.
+
+flavor
+ If supplied, use to avoid ambiguity.
+
+version
+ If supplied, use to install a specific version of the package named.
+
+pkgsite
+ If supplied, use to install from a specific package repository.
+
+state
+ Either "present" or "absent", defaults to "present"
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Ensure zsh is installed
+ __package_pkg_freebsd zsh --state present
+
+ # Ensure vim is installed, use flavor no_x11
+ __package_pkg_freebsd vim --state present --flavor no_x11
+
+ # If you don't want to follow pythonX packages, but always use python
+ __package_pkg_freebsd python --state present --name python2
+
+ # Remove obsolete package
+ __package_pkg_freebsd puppet --state absent
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__package`\ (7)
+
+
+AUTHORS
+-------
+Jake Guffey
+
+
+COPYING
+-------
+Copyright \(C) 2012 Jake Guffey. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__package_pkg_freebsd/man.text b/cdist/conf/type/__package_pkg_freebsd/man.text
deleted file mode 100644
index 71387148..00000000
--- a/cdist/conf/type/__package_pkg_freebsd/man.text
+++ /dev/null
@@ -1,66 +0,0 @@
-cdist-type__package_pkg_freebsd(7)
-==================================
-Jake Guffey
-
-
-NAME
-----
-cdist-type__package_pkg_freebsd - Manage FreeBSD packages
-
-
-DESCRIPTION
------------
-This type is usually used on FreeBSD to manage packages.
-
-
-REQUIRED PARAMETERS
--------------------
-None
-
-
-OPTIONAL PARAMETERS
--------------------
-name::
- If supplied, use the name and not the object id as the package name.
-
-flavor::
- If supplied, use to avoid ambiguity.
-
-version::
- If supplied, use to install a specific version of the package named.
-
-pkgsite::
- If supplied, use to install from a specific package repository.
-
-state::
- Either "present" or "absent", defaults to "present"
-
-
-EXAMPLES
---------
-
---------------------------------------------------------------------------------
-# Ensure zsh is installed
-__package_pkg_freebsd zsh --state present
-
-# Ensure vim is installed, use flavor no_x11
-__package_pkg_freebsd vim --state present --flavor no_x11
-
-# If you don't want to follow pythonX packages, but always use python
-__package_pkg_freebsd python --state present --name python2
-
-# Remove obsolete package
-__package_pkg_freebsd puppet --state absent
---------------------------------------------------------------------------------
-
-
-SEE ALSO
---------
-- cdist-type(7)
-- cdist-type__package(7)
-
-
-COPYING
--------
-Copyright \(C) 2012 Jake Guffey. Free use of this software is
-granted under the terms of the GNU General Public License version 3 (GPLv3).
diff --git a/cdist/conf/type/__package_pkg_freebsd/nonparallel b/cdist/conf/type/__package_pkg_freebsd/nonparallel
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__package_pkg_freebsd/parameter/default/flavor b/cdist/conf/type/__package_pkg_freebsd/parameter/default/flavor
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__package_pkg_freebsd/parameter/default/pkgsite b/cdist/conf/type/__package_pkg_freebsd/parameter/default/pkgsite
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__package_pkg_freebsd/parameter/default/state b/cdist/conf/type/__package_pkg_freebsd/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__package_pkg_freebsd/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__package_pkg_freebsd/parameter/default/version b/cdist/conf/type/__package_pkg_freebsd/parameter/default/version
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__package_pkg_openbsd/explorer/has_installurl b/cdist/conf/type/__package_pkg_openbsd/explorer/has_installurl
new file mode 100755
index 00000000..68337cbb
--- /dev/null
+++ b/cdist/conf/type/__package_pkg_openbsd/explorer/has_installurl
@@ -0,0 +1,36 @@
+#!/bin/sh
+#
+# Copyright 2017, Philippe Gregoire
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+#
+# Retrieve the installurl(5), as introduced in OpenBSD 6.1
+#
+# As of 6.1, the file is supposed to contained a single line
+# with the URL used to install from during install or upgrade.
+#
+# Allow for expansion and take the first non-commented (#) line.
+#
+
+if [ -f /etc/installurl ]; then
+ printf 'yes'
+else
+ printf 'no'
+fi
+
+exit 0
diff --git a/cdist/conf/type/__package_pkg_openbsd/explorer/pkg_state b/cdist/conf/type/__package_pkg_openbsd/explorer/pkg_state
new file mode 100755
index 00000000..9cd17787
--- /dev/null
+++ b/cdist/conf/type/__package_pkg_openbsd/explorer/pkg_state
@@ -0,0 +1,49 @@
+#!/bin/sh
+#
+# Copyright 2018, Takashi Yoshi
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# Retrieve the status of a package - parsed pkg_info output
+#
+
+if [ -f "${__object}/parameter/name" ]
+then
+ pkgid="$(cat "${__object}/parameter/name")"
+else
+ pkgid="${__object_id}"
+fi
+
+if [ -f "${__object}/parameter/version" ]
+then
+ pkgid="${pkgid}-$(cat "${__object}/parameter/version")"
+fi
+
+if [ -f "${__object}/parameter/flavor" ]
+then
+ # If a flavor but no version is given we need to add another -,
+ # otherwise pkg_info confuses the flavor with the version.
+ [ -f "${__object}/parameter/version" ] || pkgid="${pkgid}-"
+
+ pkgid="${pkgid}-$(cat "${__object}/parameter/flavor")"
+fi
+
+
+pkg_info -q -I "inst:${pkgid}" >/dev/null 2>&1 \
+ && echo 'present' || echo 'absent'
+
+exit 0
diff --git a/cdist/conf/type/__package_pkg_openbsd/gencode-remote b/cdist/conf/type/__package_pkg_openbsd/gencode-remote
index 1df87997..5a21ce12 100755
--- a/cdist/conf/type/__package_pkg_openbsd/gencode-remote
+++ b/cdist/conf/type/__package_pkg_openbsd/gencode-remote
@@ -1,7 +1,8 @@
-#!/bin/sh
+#!/bin/sh -e
#
# 2011 Andi Brönnimann (andi-cdist at v-net.ch)
# 2012 Nico Schottelius (nico-cdist at schottelius.org)
+# 2018 Takashi Yoshi
#
# This file is part of cdist.
#
@@ -22,73 +23,96 @@
# Manage packages with pkg on OpenBSD
#
-# Debug
-# exec >&2
-# set -x
+os_version=$(cat "${__global}/explorer/os_version")
+machine=$(cat "${__global}/explorer/machine")
-os_version="$(cat "$__global/explorer/os_version")"
-machine="$(cat "$__global/explorer/machine")"
-
-if [ -f "$__object/parameter/flavor" ]; then
- flavor="$(cat "$__object/parameter/flavor")"
+if [ -f "${__object}/parameter/version" ]; then
+ version=$(cat "${__object}/parameter/version")
fi
-# do not show progress bar
-pkgopts="-x"
+if [ -f "${__object}/parameter/flavor" ]; then
+ flavor=$(cat "${__object}/parameter/flavor")
+fi
-if [ -f "$__object/parameter/name" ]; then
- name="$__object/parameter/name"
+# Do not show progress bar
+pkgopts='-x'
+
+name="${__object_id}"
+if [ -f "${__object}/parameter/name" ]; then
+ name=$(cat "${__object}/parameter/name")
+fi
+
+if [ -n "${version}" ] && [ -n "${flavor}" ]; then
+ pkgid="${name}-${version}-${flavor}"
+elif [ -n "${version}" ]; then
+ pkgid="${name}-${version}"
+elif [ -f "${__object}/parameter/flavor" ]; then
+ pkgid="${name}--${flavor}"
else
- name="$__object_id"
+ pkgid="${name}"
fi
-if [ -f "$__object/parameter/state" ]; then
- state_should="$(cat "$__object/parameter/state")"
+state_should=$(cat "${__object}/parameter/state")
+
+if [ -f "${__object}/parameter/pkg_path" ]; then
+ pkg_path=$(cat "${__object}/parameter/pkg_path")
else
- state_should="present"
+ has_installurl=$(cat "${__object}/explorer/has_installurl")
+ if [ 'yes' != "${has_installurl}" ]; then
+ # There is no default PKG_PATH, try to provide one
+ pkg_path="ftp://ftp.openbsd.org/pub/OpenBSD/${os_version}/packages/${machine}/"
+ fi
fi
-pkg_version="$(cat "$__object/explorer/pkg_version")"
+state_is=$(cat "${__object}/explorer/pkg_state")
+[ "${state_is}" = "${state_should}" ] && exit 0
-# TODO: Shouldn't be hardcoded
-echo export PKG_PATH=ftp://ftp.openbsd.org/pub/OpenBSD/$os_version/packages/$machine/
+case "${state_should}" in
+ present)
+ if [ -n "${pkg_path}" ]; then
+ echo "export PKG_PATH='${pkg_path}'"
+ fi
-if [ "$pkg_version" ]; then
- state_is="present"
-else
- state_is="absent"
-fi
+ # Use this because pkg_add doesn't properly handle errors
+ cat <&1 || true)
-[ "$state_is" = "$state_should" ] && exit 0
+if ! pkg_info -q -I 'inst:${pkgid}' | grep -q '^${name}-${version}.*${flavor}$' 2>/dev/null
+then
+ # We didn't find the package in the list of 'installed packages', so it failed.
+ # This is necessary because pkg_add doesn't return properly
-case "$state_should" in
- present)
- # use this because pkg_add doesn't properly handle errors
- cat << eof
-status=\$(pkg_add "$pkgopts" "$name--$flavor")
-
-# no error
-if [ -n "\$status" ]; then
- echo "Error: \$status"
+ if [ -z "\${status}" ]; then
+ status='Failed to add package, uncaught exception.'
+ fi
+ echo "Error: \${status}" >&2
exit 1
fi
-eof
- ;;
+EOF
+ echo 'installed' >> "${__messages_out}"
+ ;;
- absent)
- # use this because pkg_add doesn't properly handle errors
- cat << eof
-status=\$(pkg_delete "$pkgopts" "$name--$flavor")
+ absent)
+ # Use this because pkg_delete doesn't properly handle errors
+ cat <&1 || true)
-# no error
-if [ -n "\$status" ]; then
- echo "Error: \$status"
- exit 1
+if pkg_info -q -I 'inst:${pkgid}' | grep -q '^${name}-${version}.*${flavor}' 2>/dev/null
+then
+ # We found the package in the list of 'installed packages'.
+ # This would indicate that pkg_delete failed, send the output of pkg_delete
+
+ if [ -z "\${status}" ]; then
+ status='Failed to remove package, uncaught exception.'
+ fi
+ echo "Error: \${status}" >&2
+ exit 1
fi
-eof
- ;;
- *)
- echo "Unknown state: $state_should" >&2
+EOF
+ echo 'removed' >> "${__messages_out}"
+ ;;
+ *)
+ echo "Unknown state: ${state_should}" >&2
exit 1
- ;;
+ ;;
esac
diff --git a/cdist/conf/type/__package_pkg_openbsd/man.rst b/cdist/conf/type/__package_pkg_openbsd/man.rst
new file mode 100644
index 00000000..dcfd0719
--- /dev/null
+++ b/cdist/conf/type/__package_pkg_openbsd/man.rst
@@ -0,0 +1,71 @@
+cdist-type__package_pkg(7)
+==========================
+
+NAME
+----
+cdist-type__package_pkg - Manage OpenBSD packages
+
+
+DESCRIPTION
+-----------
+This type is usually used on OpenBSD to manage packages.
+
+
+REQUIRED PARAMETERS
+-------------------
+None
+
+
+OPTIONAL PARAMETERS
+-------------------
+name
+ If supplied, use the name and not the object id as the package name.
+
+flavor
+ If supplied, use to avoid ambiguity.
+
+version
+ If supplied, use to avoid ambiguity.
+
+state
+ Either "present" or "absent", defaults to "present"
+
+pkg_path
+ Manually specify a PKG_PATH to add packages from.
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Ensure zsh is installed
+ __package_pkg_openbsd zsh --state present
+
+ # Ensure vim is installed, use flavor no_x11
+ __package_pkg_openbsd vim --state present --flavor no_x11
+
+ # If you don't want to follow pythonX packages, but always use python
+ __package_pkg_openbsd python --state present --name python2
+
+ # Remove obsolete package
+ __package_pkg_openbsd puppet --state absent
+
+ # Add a package using a particular mirror
+ __package_pkg_openbsd bash \
+ --pkg_path http://openbsd.mirrorcatalogs.com/snapshots/packages/amd64
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__package`\ (7)
+
+
+AUTHORS
+-------
+Andi Brönnimann
+
+
+COPYING
+-------
+Copyright \(C) 2011 Andi Brönnimann. Free use of this software is
+granted under the terms of the GNU General Public License version 3 (GPLv3).
diff --git a/cdist/conf/type/__package_pkg_openbsd/man.text b/cdist/conf/type/__package_pkg_openbsd/man.text
deleted file mode 100644
index f523a892..00000000
--- a/cdist/conf/type/__package_pkg_openbsd/man.text
+++ /dev/null
@@ -1,60 +0,0 @@
-cdist-type__package_pkg(7)
-==========================
-Andi Brönnimann
-
-
-NAME
-----
-cdist-type__package_pkg_openbsd - Manage OpenBSD packages
-
-
-DESCRIPTION
------------
-This type is usually used on OpenBSD to manage packages.
-
-
-REQUIRED PARAMETERS
--------------------
-None
-
-
-OPTIONAL PARAMETERS
--------------------
-name::
- If supplied, use the name and not the object id as the package name.
-
-flavor::
- If supplied, use to avoid ambiguity.
-
-state::
- Either "present" or "absent", defaults to "present"
-
-
-EXAMPLES
---------
-
---------------------------------------------------------------------------------
-# Ensure zsh is installed
-__package_pkg_openbsd zsh --state present
-
-# Ensure vim is installed, use flavor no_x11
-__package_pkg_openbsd vim --state present --flavor no_x11
-
-# If you don't want to follow pythonX packages, but always use python
-__package_pkg_openbsd python --state present --name python2
-
-# Remove obsolete package
-__package_pkg_openbsd puppet --state absent
---------------------------------------------------------------------------------
-
-
-SEE ALSO
---------
-- cdist-type(7)
-- cdist-type__package(7)
-
-
-COPYING
--------
-Copyright \(C) 2011 Andi Brönnimann. Free use of this software is
-granted under the terms of the GNU General Public License version 3 (GPLv3).
diff --git a/cdist/conf/type/__package_pkg_openbsd/nonparallel b/cdist/conf/type/__package_pkg_openbsd/nonparallel
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__package_pkg_openbsd/parameter/default/state b/cdist/conf/type/__package_pkg_openbsd/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__package_pkg_openbsd/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__package_pkg_openbsd/parameter/optional b/cdist/conf/type/__package_pkg_openbsd/parameter/optional
index 77fd22b3..6a5f9277 100644
--- a/cdist/conf/type/__package_pkg_openbsd/parameter/optional
+++ b/cdist/conf/type/__package_pkg_openbsd/parameter/optional
@@ -1,3 +1,5 @@
name
+version
flavor
state
+pkg_path
diff --git a/cdist/conf/type/__package_pkgng_freebsd/explorer/pkg_version b/cdist/conf/type/__package_pkgng_freebsd/explorer/pkg_version
new file mode 100755
index 00000000..92ce0623
--- /dev/null
+++ b/cdist/conf/type/__package_pkgng_freebsd/explorer/pkg_version
@@ -0,0 +1,37 @@
+#!/bin/sh
+#
+# 2014 Jake Guffey (jake.guffey at eprotex.com)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# Retrieve the status of a package - parsed dpkg output
+#
+
+if [ -f "$__object/parameter/name" ]; then
+ name="$(cat "$__object/parameter/name")"
+else
+ name="$__object_id"
+fi
+
+# Don't produce "no pkgs installed" output -- breaks things
+PKG_OUTPUT=$(pkg info 2>&1)
+printf "%s" "$(echo "$PKG_OUTPUT" \
+ | awk '{print $1}' \
+ | sed 's/^\(.*\)-\([^-]*\)$/name:\1 ver:\2/g' \
+ | grep "name:$name ver:" \
+ | sed 's/^.*ver:\(.*\)/\1/g')"
+
diff --git a/cdist/conf/type/__package_pkgng_freebsd/gencode-remote b/cdist/conf/type/__package_pkgng_freebsd/gencode-remote
new file mode 100755
index 00000000..dd36efda
--- /dev/null
+++ b/cdist/conf/type/__package_pkgng_freebsd/gencode-remote
@@ -0,0 +1,130 @@
+#!/bin/sh -e
+#
+# 2014 Jake Guffey (jake.guffey at eprotex.com)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# Manage packages with pkg on FreeBSD
+#
+
+# Debug
+#exec >&2
+#set -x
+
+if [ -f "$__object/parameter/name" ]; then
+ name="$(cat "$__object/parameter/name")"
+else
+ name="$__object_id"
+fi
+
+flavor="$(cat "$__object/parameter/flavor")"
+version="$(cat "$__object/parameter/version")"
+
+if [ -f "$__object/parameter/upgrade" ]; then
+ upgrade="true"
+else
+ upgrade="false"
+fi
+
+repo="$(cat "$__object/parameter/repo")"
+state="$(cat "$__object/parameter/state")"
+curr_version="$(cat "$__object/explorer/pkg_version")"
+add_cmd="pkg install -y"
+rm_cmd="pkg delete -y"
+upg_cmd="pkg upgrade -y"
+cmd=""
+
+# Print the command to be executed
+# Parms: $1 -- mode, "rm", "add", or "upg"
+# $2 -- the command to be echoed
+execcmd(){
+ _cmd=""
+
+ case "$1" in
+ add)
+ _cmd="${add_cmd} $2"
+ echo "installed" >> "$__messages_out"
+ ;;
+ rm)
+ _cmd="${rm_cmd} $2"
+ echo "removed" >> "$__messages_out"
+ ;;
+ upg)
+ _cmd="${upg_cmd} $2"
+ echo "installed" >> "$__messages_out"
+ ;;
+ *)
+ printf "Error. Don't understand command: %s" "$1" >&2
+ exit 1
+ ;;
+ esac
+
+ echo "$_cmd >/dev/null 2>&1" # Silence the output of the command
+ echo "status=\$?"
+ echo "if [ \"\$status\" -ne \"0\" ]; then"
+ echo " echo \"Error: ${_cmd} exited nonzero with \$status\"'!' >&2"
+ echo " exit 1"
+ echo "fi"
+}
+
+if [ -n "$curr_version" ]; then # PKG *is* installed
+ if [ -n "$repo" ]; then
+ cmd="-r ${repo} ${name}"
+ else
+ cmd="${name}"
+ fi
+ if [ -n "$flavor" ]; then
+ cmd="${cmd}-${flavor}"
+ fi
+ # PKG is supposed to be removed
+ if [ "$state" = "absent" ]; then
+ execcmd "rm" "${cmd}"
+ # PKG is supposed to be installed to a particular version
+ elif [ -n "$version" ] && [ "$version" != "$curr_version" ]; then
+ if [ "$upgrade" = "true" ]; then
+ execcmd "upg" "${cmd}"
+ else
+ printf 'Version %s is already installed and pkg-ng cannot upgrade directly to version %s.\nTo upgrade to the latest version, use the --upgrade flag.\n' "$curr_version" "$version" >&2
+ exit 1
+ fi
+ # PKG is supposed to be installed to the latest version
+ else
+ : # Do nothing.
+ fi
+else # PKG *isn't* installed
+ if [ "$state" = "absent" ]; then # Shouldn't be installed
+ exit 0
+ else # Should be installed
+ if [ -n "$repo" ]; then
+ cmd="-r ${repo} ${name}"
+ else
+ cmd="${name}"
+ fi
+ if [ -n "$flavor" ]; then
+ cmd="${cmd}-${flavor}"
+ fi
+ if [ -n "$version" ]; then
+ cmd="${cmd}-${version}"
+ fi
+
+ execcmd "add" "$cmd"
+ exit 0
+ fi
+fi
+
+# Debug
+#set +x
diff --git a/cdist/conf/type/__package_pkgng_freebsd/man.rst b/cdist/conf/type/__package_pkgng_freebsd/man.rst
new file mode 100644
index 00000000..251e2c5f
--- /dev/null
+++ b/cdist/conf/type/__package_pkgng_freebsd/man.rst
@@ -0,0 +1,101 @@
+cdist-type__package_pkgng_freebsd(7)
+====================================
+
+NAME
+----
+cdist-type__package_pkgng_freebsd - Manage FreeBSD packages with pkg-ng
+
+
+DESCRIPTION
+-----------
+This type is usually used on FreeBSD to manage packages.
+
+
+REQUIRED PARAMETERS
+-------------------
+None
+
+
+OPTIONAL PARAMETERS
+-------------------
+name
+ If supplied, use the name and not the object id as the package name.
+
+flavor
+ If supplied, use to avoid ambiguity.
+
+version
+ If supplied, use to install a specific version of the package named.
+
+repo
+ If supplied, use to install the package named from a particular repo.
+
+state
+ Either "present" or "absent", defaults to "present"
+
+
+BOOLEAN PARAMETERS
+------------------
+upgrade
+ If supplied, allow upgrading to the latest version of a package.
+
+
+CAVEATS
+-------
+This type requires that repository definitions already exist in /etc/pkg/\*.conf.
+Ensure that they exist prior to use of this type with __file.
+
+pkg-ng can't upgrade a package to a specific version. If this type needs to
+upgrade a package, it can only ugprade to the latest available version. If the
+"upgrade" parameter is not given and an upgrade needs to occur, an error will result.
+
+
+MESSAGES
+--------
+install
+ The package was installed
+remove
+ The package was removed
+upgrade
+ The package was upgraded
+exist
+ The package was already present and thus not installed
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Ensure zsh is installed
+ __package_pkgng_freebsd zsh --state present
+
+ # Ensure vim is installed, use flavor no_x11
+ __package_pkgng_freebsd vim --state present --flavor no_x11
+
+ # If you don't want to follow pythonX packages, but always use python
+ __package_pkgng_freebsd python --state present --name python2
+
+ # Install a package from a particular repository when multiples exist
+ __package_pkgng_freebsd bash --state present --repo myrepo
+
+ # Remove obsolete package
+ __package_pkgng_freebsd puppet --state absent
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__package`\ (7)
+
+
+AUTHORS
+-------
+Jake Guffey
+
+
+COPYING
+-------
+Copyright \(C) 2014 Jake Guffey. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__package_pkgng_freebsd/nonparallel b/cdist/conf/type/__package_pkgng_freebsd/nonparallel
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__package_pkgng_freebsd/parameter/boolean b/cdist/conf/type/__package_pkgng_freebsd/parameter/boolean
new file mode 100644
index 00000000..007ead00
--- /dev/null
+++ b/cdist/conf/type/__package_pkgng_freebsd/parameter/boolean
@@ -0,0 +1 @@
+upgrade
\ No newline at end of file
diff --git a/cdist/conf/type/__package_pkgng_freebsd/parameter/default/flavor b/cdist/conf/type/__package_pkgng_freebsd/parameter/default/flavor
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__package_pkgng_freebsd/parameter/default/repo b/cdist/conf/type/__package_pkgng_freebsd/parameter/default/repo
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__package_pkgng_freebsd/parameter/default/state b/cdist/conf/type/__package_pkgng_freebsd/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__package_pkgng_freebsd/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__package_pkgng_freebsd/parameter/default/version b/cdist/conf/type/__package_pkgng_freebsd/parameter/default/version
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__package_pkgng_freebsd/parameter/optional b/cdist/conf/type/__package_pkgng_freebsd/parameter/optional
new file mode 100644
index 00000000..6e67f838
--- /dev/null
+++ b/cdist/conf/type/__package_pkgng_freebsd/parameter/optional
@@ -0,0 +1,5 @@
+name
+flavor
+version
+repo
+state
diff --git a/cdist/conf/type/__package_rubygem/gencode-remote b/cdist/conf/type/__package_rubygem/gencode-remote
index 6256e308..abb40653 100755
--- a/cdist/conf/type/__package_rubygem/gencode-remote
+++ b/cdist/conf/type/__package_rubygem/gencode-remote
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/sh -e
#
# 2011 Chase Allen James
#
@@ -27,11 +27,7 @@ else
name="$__object_id"
fi
-if [ -f "$__object/parameter/state" ]; then
- state_should="$(cat "$__object/parameter/state")"
-else
- state_should="present"
-fi
+state_should="$(cat "$__object/parameter/state")"
if grep -q true "$__object/explorer/pkg_status"; then
state_is="present"
@@ -43,10 +39,12 @@ fi
case "$state_should" in
present)
- echo gem install \"$name\" --no-ri --no-rdoc
+ echo "gem install '$name' --no-ri --no-rdoc"
+ echo "installed" >> "$__messages_out"
;;
absent)
- echo gem uninstall \"$name\"
+ echo "gem uninstall '$name'"
+ echo "removed" >> "$__messages_out"
;;
*)
echo "Unknown state: $state_should" >&2
diff --git a/cdist/conf/type/__package_rubygem/man.text b/cdist/conf/type/__package_rubygem/man.rst
similarity index 53%
rename from cdist/conf/type/__package_rubygem/man.text
rename to cdist/conf/type/__package_rubygem/man.rst
index a808c2aa..96ad21f7 100644
--- a/cdist/conf/type/__package_rubygem/man.text
+++ b/cdist/conf/type/__package_rubygem/man.rst
@@ -1,7 +1,5 @@
cdist-type__package_rubygem(7)
==============================
-Chase Allen James
-
NAME
----
@@ -20,32 +18,39 @@ None
OPTIONAL PARAMETERS
-------------------
-name::
+name
If supplied, use the name and not the object id as the package name.
-state::
+state
Either "present" or "absent", defaults to "present"
EXAMPLES
--------
---------------------------------------------------------------------------------
-# Ensure sinatra is installed
-__package_rubygem sinatra --state present
+.. code-block:: sh
-# Remove package
-__package_rubygem rails --state absent
---------------------------------------------------------------------------------
+ # Ensure sinatra is installed
+ __package_rubygem sinatra --state present
+
+ # Remove package
+ __package_rubygem rails --state absent
SEE ALSO
--------
-- cdist-type(7)
-- cdist-type__package(7)
+:strong:`cdist-type__package`\ (7)
+
+
+AUTHORS
+-------
+Chase Allen James
COPYING
-------
-Copyright \(C) 2011 Chase Allen James. Free use of this software is
-granted under the terms of the GNU General Public License version 3 (GPLv3).
+
+Copyright \(C) 2011 Chase Allen James. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__package_rubygem/nonparallel b/cdist/conf/type/__package_rubygem/nonparallel
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__package_rubygem/parameter/default/state b/cdist/conf/type/__package_rubygem/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__package_rubygem/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__package_update_index/explorer/currage b/cdist/conf/type/__package_update_index/explorer/currage
new file mode 100644
index 00000000..8eadaf53
--- /dev/null
+++ b/cdist/conf/type/__package_update_index/explorer/currage
@@ -0,0 +1,43 @@
+#!/bin/sh
+#
+# 2018 Thomas Eckert (tom at it-eckert.de)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+
+type="$("$__type_explorer/type")"
+
+case "$type" in
+ apt)
+ if [ -f "/var/cache/apt/pkgcache.bin" ]; then
+ echo $(($(date +"%s")-$(stat --format '%Y' /var/cache/apt/pkgcache.bin)))
+ else
+ echo -- -1
+ fi
+ ;;
+ pacman)
+ if [ -d "/var/lib/pacman/sync" ]; then
+ echo $(($(date +"%s")-$(stat --format '%Y' /var/lib/pacman/sync)))
+ else
+ echo -- -1
+ fi
+ ;;
+ alpine)
+ echo -- -1
+ ;;
+ *) echo "Your specified type ($type) is currently not supported." >&2
+ echo "Please contribute an implementation for it if you can." >&2
+ ;;
+esac
diff --git a/cdist/conf/type/__package_update_index/explorer/type b/cdist/conf/type/__package_update_index/explorer/type
new file mode 100644
index 00000000..c98e1e67
--- /dev/null
+++ b/cdist/conf/type/__package_update_index/explorer/type
@@ -0,0 +1,35 @@
+#!/bin/sh
+#
+# 2018 Stu Zhao (z12y12l12 at gmail.com)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+
+if [ -f "$__object/parameter/type" ]; then
+ cat "$__object/parameter/type"
+else
+ # By default determine package manager based on operating system
+ os="$("$__explorer/os")"
+ case "$os" in
+ amazon|scientific|centos|fedora|redhat) echo "yum" ;;
+ debian|ubuntu|devuan) echo "apt" ;;
+ archlinux) echo "pacman" ;;
+ alpine) echo "apk" ;;
+ *)
+ echo "Don't know how to manage packages on: $os" >&2
+ exit 1
+ ;;
+ esac
+fi
diff --git a/cdist/conf/type/__package_update_index/gencode-remote b/cdist/conf/type/__package_update_index/gencode-remote
new file mode 100755
index 00000000..803468b5
--- /dev/null
+++ b/cdist/conf/type/__package_update_index/gencode-remote
@@ -0,0 +1,59 @@
+#!/bin/sh -e
+#
+# 2014 Ricardo Catalinas Jiménez (jimenezrick at gmail.com)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# Update the package index with the appropriate package manager
+#
+
+type=$(cat "$__object/explorer/type")
+currage="$(cat "$__object/explorer/currage")"
+if [ -f "$__object/parameter/maxage" ]; then
+ maxage="$(cat "$__object/parameter/maxage")"
+fi
+
+if [ -n "$maxage" ]; then
+ if [ "$type" != "apt" ] && [ "$type" != "pacman" ]; then
+ echo "ERROR: \"--maxage\" only supported for \"apt\" or \"pacman\" pkg-manager." >&2
+ exit 1
+ # do not exit if no value found (represented as -1)
+ elif [ "$currage" -ne -1 ] && [ "$currage" -lt "$maxage" ]; then
+ exit 0 # no need to update
+ fi
+fi
+
+
+case "$type" in
+ yum) ;;
+ apt)
+ echo "apt-get --quiet update"
+ echo "apt-cache updated (age was: $currage)" >> "$__messages_out"
+ ;;
+ pacman)
+ echo "pacman --noprogressbar --sync --refresh"
+ echo "pacman package database synced (age was: $currage)" >> "$__messages_out"
+ ;;
+ apk)
+ echo "apk update"
+ echo "apk package database updated." >>"$__messages_out"
+ ;;
+ *)
+ echo "Don't know how to manage packages for type: $type" >&2
+ exit 1
+ ;;
+esac
diff --git a/cdist/conf/type/__package_update_index/man.rst b/cdist/conf/type/__package_update_index/man.rst
new file mode 100644
index 00000000..3cd787b9
--- /dev/null
+++ b/cdist/conf/type/__package_update_index/man.rst
@@ -0,0 +1,71 @@
+cdist-type__package_update_index(7)
+===================================
+
+NAME
+----
+cdist-type__update_index - Update the package index
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to update the package index on the target.
+It will automatically use the appropriate package manager.
+
+
+REQUIRED PARAMETERS
+-------------------
+None
+
+
+OPTIONAL PARAMETERS
+-------------------
+type
+ The package manager to use. Default is determined based on the $os
+ explorer variable.
+ e.g.
+ * apt for Debian
+ * yum for Red Hat
+ * pacman for Arch Linux
+
+maxage
+ Available for package manager apt and pacman, max time in seconds since
+ last update. Repo update is skipped if maxage is not reached yet.
+
+MESSAGES
+--------
+apt-cache updated (age was: currage)
+ apt-cache was updated (run of `apt-get update`). `currage` is the time
+ in seconds since the previous run.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Update the package index on the target
+ __package_update_index
+
+ # Force use of a specific package manager
+ __package_update_index --type apt
+
+ # Only update every hour:
+ __package_update_index --maxage 3600 --type apt
+
+ # same as above (on apt-type systems):
+ __package_update_index --maxage 3600
+
+AUTHORS
+-------
+| Ricardo Catalinas Jiménez
+| Thomas Eckert
+| Stu Zhao
+
+
+COPYING
+-------
+
+Copyright \(C) 2014 Ricardo Catalinas Jiménez. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__package_update_index/nonparallel b/cdist/conf/type/__package_update_index/nonparallel
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__package_update_index/parameter/optional b/cdist/conf/type/__package_update_index/parameter/optional
new file mode 100644
index 00000000..7a0be716
--- /dev/null
+++ b/cdist/conf/type/__package_update_index/parameter/optional
@@ -0,0 +1,2 @@
+type
+maxage
diff --git a/cdist/conf/type/__package_update_index/singleton b/cdist/conf/type/__package_update_index/singleton
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__package_upgrade_all/gencode-remote b/cdist/conf/type/__package_upgrade_all/gencode-remote
new file mode 100755
index 00000000..38aa001e
--- /dev/null
+++ b/cdist/conf/type/__package_upgrade_all/gencode-remote
@@ -0,0 +1,73 @@
+#!/bin/sh -e
+#
+# 2014 Ricardo Catalinas Jiménez (jimenezrick at gmail.com)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# Upgrade all the already installed packages with the appropriate package
+# manager
+#
+
+type="$__object/parameter/type"
+
+apt_clean="$__object/parameter/apt-clean"
+
+apt_dist_upgrade="$__object/parameter/apt-dist-upgrade"
+
+if [ -f "$type" ]; then
+ type="$(cat "$type")"
+else
+ # By default determine package manager based on operating system
+ os="$(cat "$__global/explorer/os")"
+ case "$os" in
+ amazon|scientific|centos|fedora|redhat) type="yum" ;;
+ debian|ubuntu|devuan) type="apt" ;;
+ archlinux) type="pacman" ;;
+ *)
+ echo "Don't know how to manage packages on: $os" >&2
+ exit 1
+ ;;
+ esac
+fi
+
+aptget="DEBIAN_FRONTEND=noninteractive apt-get --quiet --yes --no-install-recommends -o Dpkg::Options::=\"--force-confdef\" -o Dpkg::Options::=\"--force-confold\""
+
+case "$type" in
+ yum)
+ echo "yum --quiet --assumeyes update"
+ echo "yum --quiet clean all"
+ ;;
+ apt)
+ if [ -f "$apt_dist_upgrade" ]
+ then echo "$aptget dist-upgrade"
+ else echo "$aptget upgrade"
+ fi
+
+ if [ -f "$apt_clean" ]
+ then echo "apt-get --quiet clean"
+ else echo "apt-get --quiet autoclean"
+ fi
+ ;;
+ pacman)
+ echo "pacman --noprogressbar --noconfirm --sync --sysupgrade"
+ echo "pacman --noprogressbar --noconfirm --sync --clean"
+ ;;
+ *)
+ echo "Don't know how to manage packages on: $os" >&2
+ exit 1
+ ;;
+esac
diff --git a/cdist/conf/type/__package_upgrade_all/man.rst b/cdist/conf/type/__package_upgrade_all/man.rst
new file mode 100644
index 00000000..e9e2b8ce
--- /dev/null
+++ b/cdist/conf/type/__package_upgrade_all/man.rst
@@ -0,0 +1,62 @@
+cdist-type__package_upgrade_all(7)
+==================================
+
+NAME
+----
+cdist-type__package_upgrade_all - Upgrade all the installed packages
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to upgrade all the installed packages on the
+target. It will automatically use the appropriate package manager.
+
+
+REQUIRED PARAMETERS
+-------------------
+None
+
+
+OPTIONAL PARAMETERS
+-------------------
+type
+ The package manager to use. Default is determined based on the $os
+ explorer variable.
+ e.g.
+ * apt for Debian
+ * yum for Red Hat
+ * pacman for Arch Linux
+
+
+BOOLEAN PARAMETERS
+------------------
+apt-dist-upgrade
+ Do dist-upgrade instead of upgrade.
+
+apt-clean
+ Clean out the local repository of retrieved package files.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Upgrade all the installed packages on the target
+ __package_upgrade_all
+
+ # Force use of a specific package manager
+ __package_upgrade_all --type apt
+
+
+AUTHORS
+-------
+Ricardo Catalinas Jiménez
+
+COPYING
+-------
+
+Copyright \(C) 2014 Ricardo Catalinas Jiménez. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__package_upgrade_all/nonparallel b/cdist/conf/type/__package_upgrade_all/nonparallel
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__package_upgrade_all/parameter/boolean b/cdist/conf/type/__package_upgrade_all/parameter/boolean
new file mode 100644
index 00000000..7a56a34b
--- /dev/null
+++ b/cdist/conf/type/__package_upgrade_all/parameter/boolean
@@ -0,0 +1,2 @@
+apt-clean
+apt-dist-upgrade
diff --git a/cdist/conf/type/__package_upgrade_all/parameter/optional b/cdist/conf/type/__package_upgrade_all/parameter/optional
new file mode 100644
index 00000000..aa80e646
--- /dev/null
+++ b/cdist/conf/type/__package_upgrade_all/parameter/optional
@@ -0,0 +1 @@
+type
diff --git a/cdist/conf/type/__package_upgrade_all/singleton b/cdist/conf/type/__package_upgrade_all/singleton
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__package_yum/explorer/pkg_version b/cdist/conf/type/__package_yum/explorer/pkg_version
index fb3b7753..b81b0fe9 100755
--- a/cdist/conf/type/__package_yum/explorer/pkg_version
+++ b/cdist/conf/type/__package_yum/explorer/pkg_version
@@ -27,4 +27,4 @@ else
name="$__object_id"
fi
-rpm -q --whatprovides "$name" 2>/dev/null || true
+rpm -q "$name" 2>/dev/null || rpm -q --whatprovides "$name" 2>/dev/null || true
diff --git a/cdist/conf/type/__package_yum/gencode-remote b/cdist/conf/type/__package_yum/gencode-remote
index 9c98c257..b52953f6 100755
--- a/cdist/conf/type/__package_yum/gencode-remote
+++ b/cdist/conf/type/__package_yum/gencode-remote
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/sh -e
#
-# 2011 Nico Schottelius (nico-cdist at schottelius.org)
+# 2011-2014 Nico Schottelius (nico-cdist at schottelius.org)
#
# This file is part of cdist.
#
@@ -27,22 +27,31 @@ else
name="$__object_id"
fi
-if [ -f "$__object/parameter/state" ]; then
- state_should="$(cat "$__object/parameter/state")"
+# Support installing from an URL
+if [ -f "$__object/parameter/url" ]; then
+ install_name="$(cat "$__object/parameter/url")"
else
- state_should="present"
+ install_name="$name"
fi
-if grep -q -E "(centos|redhat|amazon)" "$__global/explorer/os"; then
+
+state_should="$(cat "$__object/parameter/state")"
+
+if grep -q -E "(scientific|centos|redhat|amazon)" "$__global/explorer/os"; then
opts="-y --quiet"
else
opts="--assumeyes --quiet"
fi
-not_installed="^no package provides"
+not_provided="^no package provides"
+not_installed='is not installed$'
-if grep -q "$not_installed" "$__object/explorer/pkg_version"; then
- state_is="absent"
+if grep -q "$not_provided" "$__object/explorer/pkg_version"; then
+ if grep -q "$not_installed" "$__object/explorer/pkg_version"; then
+ state_is="absent"
+ else
+ state_is="present"
+ fi
else
state_is="present"
fi
@@ -51,10 +60,12 @@ fi
case "$state_should" in
present)
- echo yum $opts install \"$name\"
+ echo "yum $opts install '$install_name'"
+ echo "installed" >> "$__messages_out"
;;
absent)
- echo yum $opts remove \"$name\"
+ echo "yum $opts remove '$name'"
+ echo "removed" >> "$__messages_out"
;;
*)
echo "Unknown state: $state_should" >&2
diff --git a/cdist/conf/type/__package_yum/man.rst b/cdist/conf/type/__package_yum/man.rst
new file mode 100644
index 00000000..45ad9a55
--- /dev/null
+++ b/cdist/conf/type/__package_yum/man.rst
@@ -0,0 +1,65 @@
+cdist-type__package_yum(7)
+==========================
+
+NAME
+----
+cdist-type__package_yum - Manage packages with yum
+
+
+DESCRIPTION
+-----------
+Yum is usually used on the Fedora distribution to manage packages.
+If you specify an unknown package, yum will display the
+slightly confusing error message "Error: Nothing to do".
+
+
+REQUIRED PARAMETERS
+-------------------
+None
+
+
+OPTIONAL PARAMETERS
+-------------------
+name
+ If supplied, use the name and not the object id as the package name.
+
+state
+ Either "present" or "absent", defaults to "present"
+url
+ URL to use for the package
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Ensure zsh in installed
+ __package_yum zsh --state present
+
+ # If you don't want to follow pythonX packages, but always use python
+ __package_yum python --state present --name python2
+
+ # Remove obsolete package
+ __package_yum puppet --state absent
+
+ __package epel-release-6-8 \
+ --url http://mirror.switch.ch/ftp/mirror/epel/6/i386/epel-release-6-8.noarch.rpm
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__package`\ (7)
+
+
+AUTHORS
+-------
+Nico Schottelius
+
+
+COPYING
+-------
+Copyright \(C) 2011-2012 Nico Schottelius. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__package_yum/man.text b/cdist/conf/type/__package_yum/man.text
deleted file mode 100644
index d958dd1e..00000000
--- a/cdist/conf/type/__package_yum/man.text
+++ /dev/null
@@ -1,56 +0,0 @@
-cdist-type__package_yum(7)
-==========================
-Nico Schottelius
-
-
-NAME
-----
-cdist-type__package_yum - Manage packages with yum
-
-
-DESCRIPTION
------------
-Yum is usually used on the Fedora distribution to manage packages.
-If you specify an unknown package, yum will display the
-slightly confusing error message "Error: Nothing to do".
-
-
-REQUIRED PARAMETERS
--------------------
-None
-
-
-OPTIONAL PARAMETERS
--------------------
-name::
- If supplied, use the name and not the object id as the package name.
-
-state::
- Either "present" or "absent", defaults to "present"
-
-
-EXAMPLES
---------
-
---------------------------------------------------------------------------------
-# Ensure zsh in installed
-__package_yum zsh --state present
-
-# If you don't want to follow pythonX packages, but always use python
-__package_yum python --state present --name python2
-
-# Remove obsolete package
-__package_yum puppet --state absent
---------------------------------------------------------------------------------
-
-
-SEE ALSO
---------
-- cdist-type(7)
-- cdist-type__package(7)
-
-
-COPYING
--------
-Copyright \(C) 2011-2012 Nico Schottelius. Free use of this software is
-granted under the terms of the GNU General Public License version 3 (GPLv3).
diff --git a/cdist/conf/type/__package_yum/nonparallel b/cdist/conf/type/__package_yum/nonparallel
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__package_yum/parameter/default/state b/cdist/conf/type/__package_yum/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__package_yum/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__package_yum/parameter/optional b/cdist/conf/type/__package_yum/parameter/optional
index 1b423dc4..9293119d 100644
--- a/cdist/conf/type/__package_yum/parameter/optional
+++ b/cdist/conf/type/__package_yum/parameter/optional
@@ -1,2 +1,3 @@
name
state
+url
diff --git a/cdist/conf/type/__package_zypper/explorer/pkg_version b/cdist/conf/type/__package_zypper/explorer/pkg_version
old mode 100755
new mode 100644
index fb3b7753..83bf6dab
--- a/cdist/conf/type/__package_zypper/explorer/pkg_version
+++ b/cdist/conf/type/__package_zypper/explorer/pkg_version
@@ -1,6 +1,7 @@
#!/bin/sh
#
# 2011-2012 Nico Schottelius (nico-cdist at schottelius.org)
+# 2013 Daniel Heule (hda at sfs.biz)
#
# This file is part of cdist.
#
@@ -18,7 +19,7 @@
# along with cdist. If not, see .
#
#
-# Retrieve the status of a package
+# Retrieve the status of a package of different types
#
if [ -f "$__object/parameter/name" ]; then
@@ -27,4 +28,21 @@ else
name="$__object_id"
fi
-rpm -q --whatprovides "$name" 2>/dev/null || true
+if [ -f "$__object/parameter/ptype" ]; then
+ ptype="$(cat "$__object/parameter/ptype")"
+else
+ ptype="package"
+fi
+
+case "$ptype" in
+ package)
+ zypper search --details --match-exact --installed-only --type "$ptype" "$name" | grep -E '^i' | cut -d " " -f 3,7 || true
+ ;;
+ patch|pattern|product|srcpackage)
+ zypper search --match-exact --installed-only --type "$ptype" "$name" | grep -E '^i' | cut -d " " -f 3 || true
+ ;;
+ *)
+ echo "unknown ptype in __package_zypper explorer" >&2
+ exit 1
+ ;;
+esac
diff --git a/cdist/conf/type/__package_zypper/gencode-remote b/cdist/conf/type/__package_zypper/gencode-remote
index ca9aec33..e45dd9ff 100755
--- a/cdist/conf/type/__package_zypper/gencode-remote
+++ b/cdist/conf/type/__package_zypper/gencode-remote
@@ -1,6 +1,7 @@
-#!/bin/sh
+#!/bin/sh -e
#
# 2012 Nico Schottelius (nico-cdist at schottelius.org)
+# 2013 Daniel Heule (hda at sfs.biz)
#
# This file is part of cdist.
#
@@ -28,29 +29,53 @@
globalopts="--quiet --non-interactive"
if [ -f "$__object/parameter/name" ]; then
- name="$__object/parameter/name"
+ name="$__object/parameter/name"
else
- name="$__object_id"
+ name="$__object_id"
fi
-if [ -f "$__object/parameter/state" ]; then
- state_should="$(cat "$__object/parameter/state")"
+state_should="$(cat "$__object/parameter/state")"
+ptype="$(cat "$__object/parameter/ptype")"
+
+if [ -f "$__object/parameter/version" ]; then
+ version_should="$(cat "$__object/parameter/version")"
+ if [ "$ptype" != "package" ]; then
+ echo "version support only for type package implemented" >&2
+ exit 2
+ fi
else
- state_should="present"
+ version_should=""
+fi
+
+pkg_version="$(cat "$__object/explorer/pkg_version")"
+if [ -z "$pkg_version" ]; then
+ state_is="absent"
+ version_is=""
+else
+ state_is="present"
+ version_is=${pkg_version##* }
fi
-# Exit if nothing is needed to be done
-[ "$state_is" = "$state_should" ] && exit 0
case "$state_should" in
- present)
- echo zypper "$globalopts" install --auto-agree-with-licenses \"$name\"
- ;;
- absent)
- echo pacman "$globalopts" remove \"$name\"
- ;;
- *)
- echo "Unknown state: $state_should" >&2
- exit 1
- ;;
+ present)
+ if [ -z "$version_should" ]; then
+ [ "$state_is" = "present" ] && exit 0 # if state is present, we dont need to do anything
+ echo "zypper $globalopts install --type '$ptype' --auto-agree-with-licenses '$name' >/dev/null"
+ echo "removed" >> "$__messages_out"
+ else
+ [ "$state_is" = "present" ] && [ "$version_should" = "$version_is" ] && exit 0 # if state is present and version is correct, we dont need to do anything
+ echo "zypper $globalopts install --oldpackage --type '$ptype' --auto-agree-with-licenses '$name' = '$version_should' >/dev/null"
+ echo "installed" >> "$__messages_out"
+ fi
+ ;;
+ absent)
+ [ "$state_is" = "absent" ] && exit 0 # if state is absent, we dont need to do anything
+ echo "zypper $globalopts remove --type '$ptype' '$name' >/dev/null"
+ echo "removed" >> "$__messages_out"
+ ;;
+ *)
+ echo "Unknown state: $state_should" >&2
+ exit 1
+ ;;
esac
diff --git a/cdist/conf/type/__package_zypper/man.rst b/cdist/conf/type/__package_zypper/man.rst
new file mode 100644
index 00000000..0051359b
--- /dev/null
+++ b/cdist/conf/type/__package_zypper/man.rst
@@ -0,0 +1,73 @@
+cdist-type__package_zypper(7)
+=============================
+
+NAME
+----
+cdist-type__package_zypper - Manage packages with zypper
+
+
+DESCRIPTION
+-----------
+Zypper is usually used on the SuSE distribution to manage packages.
+
+
+REQUIRED PARAMETERS
+-------------------
+None
+
+
+OPTIONAL PARAMETERS
+-------------------
+name
+ If supplied, use the name and not the object id as the package name.
+
+state
+ Either "present" or "absent", defaults to "present"
+
+version
+ The version of the package to install. Default is to install the version
+ chosen by the local package manager. For a list of available versions,
+ have a look at the output of "zypper se -s packagename"
+
+ptype
+ Either "package", "patch", "pattern", "product" or "srcpackage", defaults to "package". For a description see man zypper.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Ensure zsh is installed
+ __package_zypper zsh --state present
+
+ # If you don't want to follow pythonX packages, but always use python
+ __package_zypper python --state present --name python2
+
+ # Ensure binutils is installed and the version is forced to be 2.23.1-0.19.2
+ __package_zypper binutils --state present --version 2.23.1-0.19.2
+
+ # Remove package
+ __package_zypper cfengine --state absent
+
+ # install all packages which belongs to pattern x11
+ __package_zypper x11 --ptype pattern --state present
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__package`\ (7)
+
+
+AUTHORS
+-------
+Daniel Heule
+
+
+COPYING
+-------
+Copyright \(C) 2012 Nico Schottelius.
+Copyright \(C) 2013 Daniel Heule.
+You can redistribute it and/or modify it under the terms of the
+GNU General Public License as published by the Free Software Foundation,
+either version 3 of the License, or (at your option) any later version.
diff --git a/cdist/conf/type/__package_zypper/man.text b/cdist/conf/type/__package_zypper/man.text
deleted file mode 100644
index e2261d33..00000000
--- a/cdist/conf/type/__package_zypper/man.text
+++ /dev/null
@@ -1,54 +0,0 @@
-cdist-type__package_zypper(7)
-=============================
-Nico Schottelius