Merge branch 'preos' into 4.0-pre-not-stable

Signed-off-by: Nico Schottelius <nico@wurzel.schottelius.org>
This commit is contained in:
Nico Schottelius 2015-05-05 13:54:38 +02:00
commit bcaca9c268
188 changed files with 3777 additions and 424 deletions

View file

@ -109,8 +109,8 @@ man-dist: man check-date
man-latest-link: web-pub
# Fix ikiwiki, which does not like symlinks for pseudo security
ssh tee.schottelius.org \
"cd /home/services/www/nico/www.nico.schottelius.org/www/software/cdist/man && rm -f latest && ln -sf "$(CHANGELOG_VERSION)" latest"
ssh staticweb.ungleich.ch \
"cd /home/services/www/nico/nico.schottelius.org/www/software/cdist/man/ && rm -f latest && ln -sf "$(CHANGELOG_VERSION)" latest"
################################################################################
# Speeches
@ -243,10 +243,7 @@ distclean: clean
# The pub is Nico's "push to all git remotes" way ("make pub")
pub:
for remote in "" github sf; do \
echo "Pushing to $$remote"; \
git push --mirror $$remote; \
done
git push --mirror
test:
$(helper) $@

View file

@ -27,11 +27,9 @@ if [ -f "$__object/parameter/distribution" ]; then
else
distribution="$(cat "$__global/explorer/lsb_codename")"
fi
if [ -f "$__object/parameter/component" ]; then
component="$(cat "$__object/parameter/component")"
else
component=""
fi
component="$(cat "$__object/parameter/component")"
if [ -f "$__object/parameter/arch" ]; then
forcedarch="[arch=$(cat "$__object/parameter/arch")]"
else

View file

@ -0,0 +1,38 @@
cdist-type__cdist_preos(7)
==========================
Nico Schottelius <nico-cdist--@--schottelius.org>
NAME
----
cdist-type__cdist - Manage cdist installations
DESCRIPTION
-----------
This cdist type creates a directory containing an operating
suitable for installation using cdist.
REQUIRED PARAMETERS
-------------------
OPTIONAL PARAMETERS
-------------------
EXAMPLES
--------
--------------------------------------------------------------------------------
__cdist_preos /tmp/random_name_for_packaging
--------------------------------------------------------------------------------
SEE ALSO
--------
- cdist-type(7)
- cdist-type__cdist(7)
COPYING
-------
Copyright \(C) 2015 Nico Schottelius. Free use of this software is
granted under the terms of the GNU General Public License version 3 (GPLv3).

View file

@ -0,0 +1,79 @@
#!/bin/sh
#
# 2015 Nico Schottelius (nico-cdist at schottelius.org)
#
# This file is part of cdist.
#
# cdist is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# cdist is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
#
#
destination="/$__object_id"
os=$(cat "$__global/explorer/os")
case "$os" in
archlinux)
kernel=/boot/vmlinuz-linux
initramfs=/boot/initramfs-linux-fallback.img
required_pkg="cdrkit syslinux"
;;
*)
echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2
echo "Please contribute an implementation for it if you can." >&2
exit 1
;;
esac
# Our root
__directory "$destination" \
--mode 0755
for rootdir in boot bin etc lib; do
require="__directory/$destination" __directory "$destination/$rootdir" \
--mode 0755
done
require="__directory/$destination/etc" __cdistmarker \
--destination "$destination/etc/cdist-configured"
for pkg in $required_pkg; do
__package "$pkg" --state present
done
# Create full dependency chain, because we don't know which file depends on which package
export CDIST_ORDER_DEPENDENCY=1
require="__directory/$destination/boot" __file "$destination/boot/linux" \
--source "$kernel" --mode 0644
require="__directory/$destination/boot" __file "$destination/boot/initramfs" \
--source "$initramfs" --mode 0644
require="__directory/$destination/boot" __file "$destination/boot/syslinux.cfg" \
PROMPT 1
TIMEOUT 50
DEFAULT arch
LABEL arch
LINUX ../vmlinuz-linux
APPEND root=/dev/sda2 rw
INITRD ../initramfs-linux.img
LABEL archfallback
LINUX ../vmlinuz-linux
APPEND root=/dev/sda2 rw
INITRD ../initramfs-linux-fallback.img

View file

@ -0,0 +1 @@
master

View file

@ -0,0 +1 @@
git://github.com/telmich/cdist.git

View file

@ -0,0 +1 @@
cdist

View file

@ -0,0 +1,4 @@
branch
source
username
shell

View file

@ -19,19 +19,11 @@
#
# The marker file is established in the docs, but it isn't obligatory.
if [ -f "$__object/parameter/destination" ]; then
destination="$(cat "$__object/parameter/destination")"
else
destination='/etc/cdist-configured'
fi
destination="$(cat "$__object/parameter/destination")"
# The basic output of date is usually good enough, but variety is the
# spice of life...
if [ -f "$__object/parameter/format" ]; then
format="$(cat "$__object/parameter/format")"
else
format='-u'
fi
format="$(cat "$__object/parameter/format")"
# Dump the timestamp in UTC to the marker
echo "date $format > $destination"

View file

@ -0,0 +1 @@
/etc/cdist-configured

View file

@ -0,0 +1 @@
-u

View file

@ -0,0 +1,34 @@
#!/bin/sh
#
# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
#
# This file is part of cdist.
#
# cdist is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# cdist is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
#
destination="$__object_id"
state="$(cat "$__object/parameter/state")"
if [ "$state" = "absent" ]; then
# nothing to do
exit 0
fi
if [ -f "$__object/parameter/onchange" ]; then
if grep -q "^__file/${destination}" "$__messages_in"; then
cat "$__object/parameter/onchange"
fi
fi

View file

@ -0,0 +1,60 @@
cdist-type__config_file(7)
==========================
Steven Armstrong <steven-cdist--@--armstrong.cc>
NAME
----
cdist-type__config_file - manages config files
DESCRIPTION
-----------
Deploy config files using the file type.
Run the given code if the files changes.
REQUIRED PARAMETERS
-------------------
None.
OPTIONAL PARAMETERS
-------------------
group::
see cdist-type__file
mode::
see cdist-type__file
onchange::
the code to run if the file changes
owner::
see cdist-type__file
source::
Path to the config file.
If source is '-' (dash), take what was written to stdin as the config file content.
state::
see cdist-type__file
EXAMPLES
--------
--------------------------------------------------------------------------------
__config_file /etc/consul/conf.d/watch_foo.json \
--owner root --group consul --mode 640 \
--source "$__type/files/watch_foo.json" \
--state present \
--onchange 'service consul status >/dev/null && service consul reload || true'
--------------------------------------------------------------------------------
SEE ALSO
--------
- cdist-type(7)
- cdist-type__file(7)
COPYING
-------
Copyright \(C) 2015 Steven Armstrong. Free use of this software is
granted under the terms of the GNU General Public License version 3 (GPLv3).

View file

@ -0,0 +1,41 @@
#!/bin/sh
#
# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
#
# This file is part of cdist.
#
# cdist is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# cdist is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
#
set -- "/${__object_id}"
for param in $(ls "$__object/parameter/"); do
case "$param" in
source)
source="$(cat "$__object/parameter/source")"
if [ "$source" = "-" ]; then
source="$__object/stdin"
fi
set -- "$@" --source "$source"
;;
owner|group|mode|state)
set -- "$@" "--${param}" "$(cat "$__object/parameter/$param")"
;;
*)
# ignore unknown parameters
:
;;
esac
done
__file "$@"

View file

@ -0,0 +1 @@
present

View file

@ -0,0 +1,6 @@
group
mode
onchange
owner
source
state

View file

@ -0,0 +1 @@
428915666 15738724 consul

View file

@ -0,0 +1 @@
https://dl.bintray.com/mitchellh/consul/0.4.1_linux_amd64.zip

View file

@ -0,0 +1 @@
131560372 17734417 consul

View file

@ -0,0 +1 @@
https://dl.bintray.com/mitchellh/consul/0.5.0_linux_amd64.zip

View file

@ -0,0 +1,54 @@
cdist-type__consul(7)
=====================
Steven Armstrong <steven-cdist--@--armstrong.cc>
NAME
----
cdist-type__consul - install consul
DESCRIPTION
-----------
Downloads and installs the consul binary from https://dl.bintray.com/mitchellh/consul.
Note that the consul binary is downloaded on the server (the machine running
cdist) and then deployed to the target host using the __file type.
REQUIRED PARAMETERS
-------------------
None.
OPTIONAL PARAMETERS
-------------------
state::
either 'present' or 'absent'. Defaults to 'present'
version::
which version of consul to install. See ./files/versions for a list of
supported versions. Defaults to the latest known version.
EXAMPLES
--------
--------------------------------------------------------------------------------
# just install using defaults
__consul
# specific version
__consul \
--version 0.4.1
--------------------------------------------------------------------------------
SEE ALSO
--------
- cdist-type(7)
COPYING
-------
Copyright \(C) 2015 Steven Armstrong. Free use of this software is
granted under the terms of the GNU General Public License version 3 (GPLv3).

View file

@ -0,0 +1,54 @@
#!/bin/sh
#
# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
#
# This file is part of cdist.
#
# cdist is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# cdist is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
#
os=$(cat "$__global/explorer/os")
case "$os" in
centos|redhat|ubuntu|debian|archlinux|gentoo)
# any linux should work
:
;;
*)
echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2
echo "Please contribute an implementation for it if you can." >&2
exit 1
;;
esac
versions_dir="$__type/files/versions"
version="$(cat "$__object/parameter/version")"
version_dir="$versions_dir/$version"
if [ ! -d "$version_dir" ]; then
echo "Unknown consul version '$version'. Expected one of:" >&2
ls "$versions_dir" >&2
exit 1
fi
__staged_file /usr/local/bin/consul \
--source "$(cat "$version_dir/source")" \
--cksum "$(cat "$version_dir/cksum")" \
--fetch-command 'curl -s -L "%s"' \
--prepare-command 'unzip -p "%s"' \
--state "$(cat "$__object/parameter/state")" \
--group root \
--owner root \
--mode 755

View file

@ -0,0 +1 @@
present

View file

@ -0,0 +1 @@
0.5.0

View file

@ -0,0 +1,2 @@
state
version

View file

View file

@ -0,0 +1,17 @@
[Unit]
Description=Consul Agent
Wants=basic.target
After=basic.target network.target
[Service]
User=consul
Group=consul
Environment="GOMAXPROCS=2"
ExecStart=/usr/local/bin/consul agent -config-dir /etc/consul/conf.d
ExecReload=/bin/kill -HUP $MAINPID
KillMode=process
Restart=on-failure
RestartSec=42s
[Install]
WantedBy=multi-user.target

View file

@ -0,0 +1,76 @@
#!/bin/sh
#
# 2015 Nico Schottelius (nico-cdist at schottelius.org)
#
# This file is part of cdist.
#
# cdist is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# cdist is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
#
if [ -f "/etc/default/consul" ]; then
. /etc/default/consul
fi
. /lib/lsb/init-functions
NAME=consul
CONSUL=/usr/local/bin/consul
CONFIG=/etc/$NAME/conf.d
PID_FILE=/var/run/$NAME/pidfile
export PATH="${PATH:+$PATH:}/usr/sbin:/sbin"
case "$1" in
start)
log_daemon_msg "Starting consul agent" "consul" || true
if start-stop-daemon --start --quiet --oknodo \
--pidfile "$PID_FILE" --background \
--exec $CONSUL -- agent -pid-file="$PID_FILE" -config-dir "$CONFIG"; then
log_end_msg 0 || true
else
log_end_msg 1 || true
fi
;;
stop)
log_daemon_msg "Stopping consul agent" "consul" || true
if start-stop-daemon --stop --quiet --oknodo --pidfile $PID_FILE; then
log_end_msg 0 || true
else
log_end_msg 1 || true
fi
;;
reload)
log_daemon_msg "Reloading consul agent" "consul" || true
if start-stop-daemon --stop --signal HUP --quiet --oknodo --pidfile $PID_FILE --exec $CONSUL; then
log_end_msg 0 || true
else
log_end_msg 1 || true
fi
;;
restart)
$0 stop && $0 start
;;
status)
status_of_proc -p $PID_FILE $CONSUL consul && exit 0 || exit $?
;;
*)
log_action_msg "Usage: /etc/init.d/consul {start|stop|reload|restart|status}"
exit 1
;;
esac

View file

@ -0,0 +1,93 @@
#!/bin/bash
#
# /etc/rc.d/init.d/consul
#
# Daemonize the consul agent.
#
# chkconfig: 2345 95 95
# description: Service discovery and configuration made easy. \
# Distributed, highly available, and datacenter-aware.
# processname: consul
# pidfile: /var/run/consul/pidfile
# Source function library.
. /etc/init.d/functions
NAME=consul
CONSUL=/usr/local/bin/consul
CONFIG=/etc/$NAME/conf.d
PID_FILE=/var/run/$NAME/pidfile
LOG_FILE=/var/log/$NAME
[ -e /etc/sysconfig/$NAME ] && . /etc/sysconfig/$NAME
export GOMAXPROCS=${GOMAXPROCS:-2}
mkdir -p /var/run/$NAME
chown consul /var/run/$NAME
start() {
echo -n "Starting $NAME: "
daemon --user=consul \
--pidfile="$PID_FILE" \
"$CONSUL" agent -pid-file="$PID_FILE" -config-dir "$CONFIG" >> "$LOG_FILE" &
retcode=$?
touch /var/lock/subsys/$NAME
return $retcode
}
stop() {
echo -n "Shutting down $NAME: "
"$CONSUL" leave
retcode=$?
rm -f /var/lock/subsys/$NAME
return $retcode
}
case "$1" in
start)
if $(status -p "$PID_FILE" $NAME >/dev/null); then
echo "$NAME already running"
else
start
fi
;;
stop)
if $(status -p "$PID_FILE" $NAME >/dev/null); then
stop
else
echo "$NAME not running"
fi
;;
info)
"$CONSUL" info
;;
status)
status -p "$PID_FILE" $NAME
exit $?
;;
restart)
if $(status -p "$PID_FILE" $NAME >/dev/null); then
stop
fi
start
;;
reload)
if $(status -p "$PID_FILE" $NAME >/dev/null); then
kill -HUP `cat $PID_FILE`
else
echo "$NAME not running"
fi
;;
condrestart)
if [ -f /var/lock/subsys/$NAME ]; then
if $(status -p "$PID_FILE" $NAME >/dev/null); then
stop
fi
start
fi
;;
*)
echo "Usage: $NAME {start|stop|status|reload|restart}"
exit 1
;;
esac
exit $?

View file

@ -0,0 +1,13 @@
description "Consul Agent"
start on (local-filesystems and net-device-up IFACE!=lo)
stop on runlevel [06]
setuid consul
setgid consul
respawn
respawn limit 10 10
kill timeout 10
exec /usr/local/bin/consul agent -config-dir /etc/consul/conf.d

View file

@ -0,0 +1,31 @@
#!/bin/sh
#
# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
#
# This file is part of cdist.
#
# cdist is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# cdist is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
#
service="consul"
state="$(cat "$__object/parameter/state")"
case "$state" in
present)
:
;;
absent)
echo "service $service stop || true"
;;
esac

View file

@ -0,0 +1,152 @@
cdist-type__consul_agent(7)
===========================
Steven Armstrong <steven-cdist--@--armstrong.cc>
NAME
----
cdist-type__consul_agent - manage the consul agent
DESCRIPTION
-----------
Configure and manage the consul agent.
REQUIRED PARAMETERS
-------------------
None.
OPTIONAL PARAMETERS
-------------------
acl-datacenter::
only used by servers. This designates the datacenter which is authoritative
for ACL information.
acl-default-policy::
either "allow" or "deny"; defaults to "allow". The default policy controls the
behavior of a token when there is no matching rule.
acl-down-policy::
either "allow", "deny" or "extend-cache"; "extend-cache" is the default.
acl-master-token::
only used for servers in the acl_datacenter. This token will be created with
management-level permissions if it does not exist. It allows operators to
bootstrap the ACL system with a token ID that is well-known.
acl-token::
when provided, the agent will use this token when making requests to the
Consul servers.
acl-ttl::
used to control Time-To-Live caching of ACLs.
bind-addr::
sets the bind address for cluster communication
bootstrap-expect::
sets server to expect bootstrap mode
ca-file-source::
path to a PEM encoded certificate authority file which will be uploaded and
configure using the ca_file config option.
cert-file-source::
path to a PEM encoded certificate file which will be uploaded and
configure using the cert_file config option.
client-addr::
sets the address to bind for client access
datacenter::
datacenter of the agent
encrypt::
provides the gossip encryption key
group::
the primary group for the agent
json-config::
path to a partial json config file without leading { and trailing }.
If json-config is '-' (dash), take what was written to stdin as the file content.
key-file-source::
path to a PEM encoded private key file which will be uploaded and
configure using the key_file config option.
node-name::
name of this node. Must be unique in the cluster
retry-join::
address to attempt joining every retry_interval until at least one join works.
Can be specified multiple times.
user::
the user to run the agent as
state::
if the agent is 'present' or 'absent'. Defaults to 'present'.
Currently state=absent is not working due to some dependency issues.
BOOLEAN PARAMETERS
------------------
disable-remote-exec::
disables support for remote execution. When set to true, the agent will ignore any incoming remote exec requests.
disable-update-check::
disables automatic checking for security bulletins and new version releases
leave-on-terminate::
gracefully leave cluster on SIGTERM
rejoin-after-leave::
rejoin the cluster using the previous state after leaving
server::
used to control if an agent is in server or client mode
syslog::
enables logging to syslog
verify-incoming::
enforce the use of TLS and verify a client's authenticity on incomming connections
verify-outgoing::
enforce the use of TLS and verify the peers authenticity on outgoing connections
EXAMPLES
--------
--------------------------------------------------------------------------------
# configure as server, bootstrap and rejoin
hostname="$(cat "$__global/explorer/hostname")"
__consul_agent \
--datacenter dc1 \
--node-name "${hostname%%.*}" \
--disable-update-check \
--server \
--rejoin-after-leave \
--bootstrap-expect 3 \
--retry-join consul-01 \
--retry-join consul-02 \
--retry-join consul-03
# configure as server, bootstrap and rejoin with ssl support
hostname="$(cat "$__global/explorer/hostname")"
__consul_agent \
--datacenter dc1 \
--node-name "${hostname%%.*}" \
--disable-update-check \
--server \
--rejoin-after-leave \
--bootstrap-expect 3 \
--retry-join consul-01 \
--retry-join consul-02 \
--retry-join consul-03 \
--ca-file-source /path/to/ca.pem \
--cert-file-source /path/to/cert.pem \
--key-file-source /path/to/key.pem \
--verify-incoming \
--verify-outgoing
# configure as client and try joining existing cluster
__consul_agent \
--datacenter dc1 \
--node-name "${hostname%%.*}" \
--disable-update-check \
--retry-join consul-01 \
--retry-join consul-02 \
--retry-join consul-03
--------------------------------------------------------------------------------
SEE ALSO
--------
- cdist-type(7)
- http://www.consul.io/docs/agent/options.html
COPYING
-------
Copyright \(C) 2015 Steven Armstrong. Free use of this software is
granted under the terms of the GNU General Public License version 3 (GPLv3).

View file

@ -0,0 +1,210 @@
#!/bin/sh
#
# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
# 2015 Nico Schottelius (nico-cdist at schottelius.org)
#
# This file is part of cdist.
#
# cdist is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# cdist is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
#
os=$(cat "$__global/explorer/os")
case "$os" in
centos|debian|redhat|ubuntu)
# whitelist safeguard
:
;;
*)
echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2
echo "Please contribute an implementation for it if you can." >&2
exit 1
;;
esac
state="$(cat "$__object/parameter/state")"
user="$(cat "$__object/parameter/user")"
group="$(cat "$__object/parameter/group")"
data_dir="/var/lib/consul"
conf_dir="/etc/consul/conf.d"
conf_file="config.json"
# FIXME: there has got to be a better way to handle the dependencies in this case
case "$state" in
present)
__group "$group" --system --state "$state"
require="__group/$group" \
__user "$user" --system --gid "$group" \
--home "$data_dir" --state "$state"
export require="__user/consul"
;;
absent)
echo "Sorry, state=absent currently not supported :-(" >&2
exit 1
require="$__object_name" \
__user "$user" --system --gid "$group" --state "$state"
require="__user/$user" \
__group "$group" --system --state "$state"
;;
esac
__directory /etc/consul \
--owner root --group "$group" --mode 750 --state "$state"
require="__directory/etc/consul" \
__directory "$conf_dir" \
--owner root --group "$group" --mode 750 --state "$state"
if [ -f "$__object/parameter/ca-file-source" -o -f "$__object/parameter/cert-file-source" -o -f "$__object/parameter/key-file-source" ]; then
# create directory for ssl certs
require="__directory/etc/consul" \
__directory /etc/consul/ssl \
--owner root --group "$group" --mode 750 --state "$state"
fi
__directory "$data_dir" \
--owner "$user" --group "$group" --mode 770 --state "$state"
# Generate json config file
(
echo "{"
# parameters we define ourself
printf ' "data_dir": "%s"\n' "$data_dir"
for param in $(ls "$__object/parameter/"); do
case "$param" in
state|user|group|json-config) continue ;;
ca-file-source|cert-file-source|key-file-source)
source="$(cat "$__object/parameter/$param")"
destination="/etc/consul/ssl/${source##*/}"
require="__directory/etc/consul/ssl" \
__file "$destination" \
--owner root --group consul --mode 640 \
--source "$source" \
--state "$state"
key="$(echo "${param%-*}" | tr '-' '_')"
printf ' ,"%s": "%s"\n' "$key" "$destination"
;;
disable-remote-exec|disable-update-check|leave-on-terminate|rejoin-after-leave|server|syslog|verify-incoming|verify-outgoing)
# handle boolean parameters
key="$(echo "$param" | tr '-' '_')"
printf ' ,"%s": true\n' "$key"
;;
retry-join)
# join multiple parameters into json array
retry_join="$(awk '{printf "\""$1"\","}' "$__object/parameter/retry-join")"
# remove trailing ,
printf ' ,"retry_join": [%s]\n' "${retry_join%*,}"
;;
bootstrap-expect)
# integer key=value parameters
key="$(echo "$param" | tr '-' '_')"
printf ' ,"%s": %s\n' "$key" "$(cat "$__object/parameter/$param")"
;;
*)
# string key=value parameters
key="$(echo "$param" | tr '-' '_')"
printf ' ,"%s": "%s"\n' "$key" "$(cat "$__object/parameter/$param")"
;;
esac
done
if [ -f "$__object/parameter/json-config" ]; then
json_config="$(cat "$__object/parameter/json-config")"
if [ "$json_config" = "-" ]; then
json_config="$__object/stdin"
fi
printf ','
# remove trailing ,
json=$(cat "$json_config")
echo "${json%*,}"
fi
echo "}"
) | \
require="__directory${conf_dir}" \
__config_file "${conf_dir}/${conf_file}" \
--owner root --group "$group" --mode 640 \
--state "$state" \
--onchange 'service consul status >/dev/null && service consul reload || true' \
--source -
init_sysvinit()
{
__file /etc/init.d/consul \
--owner root --group root --mode 0755 \
--state "$state" \
--source "$__type/files/consul.sysv-$1"
require="__file/etc/init.d/consul" __start_on_boot consul
}
init_systemd()
{
__file /lib/systemd/system/consul.service \
--owner root --group root --mode 0644 \
--state "$state" \
--source "$__type/files/consul.systemd"
require="__file/lib/systemd/system/consul.service" __start_on_boot consul
}
init_upstart()
{
__file /etc/init/consul.conf \
--owner root --group root --mode 0644 \
--state "$state" \
--source "$__type/files/consul.upstart"
require="__file/etc/init/consul.conf" __start_on_boot consul
}
# Install init script to start on boot
case "$os" in
centos|redhat)
os_version="$(sed 's/[^0-9.]//g' "$__global/explorer/os_version")"
major_version="${os_version%%.*}"
case "$major_version" in
[456])
init_sysvinit redhat
;;
7)
init_systemd
;;
*)
echo "Unsupported CentOS/Redhat version: $os_version" >&2
exit 1
;;
esac
;;
debian)
os_version=$(cat "$__global/explorer/os_version")
major_version="${os_version%%.*}"
case "$major_version" in
[567])
init_sysvinit debian
;;
8)
init_sysvinit
;;
*)
echo "Unsupported Debian version $os_version" >&2
exit 1
;;
esac
;;
ubuntu)
init_upstart
;;
esac

View file

@ -0,0 +1,8 @@
disable-remote-exec
disable-update-check
leave-on-terminate
rejoin-after-leave
server
syslog
verify-incoming
verify-outgoing

View file

@ -0,0 +1 @@
consul

View file

@ -0,0 +1 @@
present

View file

@ -0,0 +1 @@
consul

View file

@ -0,0 +1,19 @@
acl-datacenter
acl-default-policy
acl-down-policy
acl-master-token
acl-token
acl-ttl
bind-addr
bootstrap-expect
ca-file-source
cert-file-source
client-addr
datacenter
encrypt
group
json-config
key-file-source
node-name
user
state

View file

@ -0,0 +1 @@
retry-join

View file

View file

@ -0,0 +1,68 @@
cdist-type__consul_check(7)
=============================
Steven Armstrong <steven-cdist--@--armstrong.cc>
NAME
----
cdist-type__consul_check - manages consul checks
DESCRIPTION
-----------
Generate and deploy check definitions for a consul agent.
See http://www.consul.io/docs/agent/checks.html for parameter documentation.
Use either script toghether with interval, or use ttl.
REQUIRED PARAMETERS
-------------------
None.
OPTIONAL PARAMETERS
-------------------
interval::
the interval in which the script given with --script should be run
script::
the shell command to run every --interval
ttl::
how long a check is considered healthy without being updated through the
HTTP interfave
id::
Defaults to --name
name::
The name of this check. Defaults to __object_id
notes::
human readable description
state::
if this check is 'present' or 'absent'. Defaults to 'present'.
EXAMPLES
--------
--------------------------------------------------------------------------------
__consul_check redis \
--script /usr/local/bin/check_redis.py \
--interval 10s
__consul_check some-object-id \
--id web-app \
--name "Web App Status" \
--notes "Web app does a curl internally every 10 seconds" \
--ttl 30s
--------------------------------------------------------------------------------
SEE ALSO
--------
- cdist-type(7)
- cdist-type__consul_agent(7)
COPYING
-------
Copyright \(C) 2015 Steven Armstrong. Free use of this software is
granted under the terms of the GNU General Public License version 3 (GPLv3).

View file

@ -0,0 +1,64 @@
#!/bin/sh
#
# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
#
# This file is part of cdist.
#
# cdist is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# cdist is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
#
name="$(cat "$__object/parameter/name" 2>/dev/null || echo "$__object_id")"
conf_dir="/etc/consul/conf.d"
conf_file="check_${name}.json"
state="$(cat "$__object/parameter/state")"
# Sanity checks
if [ -f "$__object/parameter/script" -a -f "$__object/parameter/ttl" ]; then
echo "Use either --script together with --interval OR --ttl, but not both" >&2
exit 1
fi
if [ -f "$__object/parameter/script" -a ! -f "$__object/parameter/interval" ]; then
echo "When using --script you must also define --interval" >&2
exit 1
fi
# Generate json config file
(
echo "{"
printf ' "check": {\n'
printf ' "name": "%s"\n' "$name"
for param in $(ls "$__object/parameter/"); do
case "$param" in
state|name|interval) continue ;;
script)
printf ' ,"script": "%s"\n' "$(cat "$__object/parameter/script")"
printf ' ,"interval": "%s"\n' "$(cat "$__object/parameter/interval")"
;;
*)
key="$(echo "$param" | tr '-' '_')"
printf ' ,"%s": "%s"\n' "$key" "$(cat "$__object/parameter/$param")"
;;
esac
done
# end check
echo " }"
# end json file
echo "}"
) | \
require="__directory${conf_dir}" \
__config_file "${conf_dir}/${conf_file}" \
--owner root --group consul --mode 640 \
--state "$state" \
--onchange 'service consul status >/dev/null && service consul reload || true' \
--source -

View file

@ -0,0 +1 @@
present

View file

@ -0,0 +1,7 @@
id
interval
name
notes
script
state
ttl

View file

@ -0,0 +1,24 @@
#!/bin/sh
#
# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
#
# This file is part of cdist.
#
# cdist is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# cdist is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
#
service="consul"
if grep -q "^__file/etc/consul/conf.d/" "$__messages_in"; then
echo "service $service status && service $service reload || true"
fi

View file

@ -0,0 +1,42 @@
cdist-type__consul_reload(7)
============================
Steven Armstrong <steven-cdist--@--armstrong.cc>
NAME
----
cdist-type__consul_reload - reload consul
DESCRIPTION
-----------
Reload consul after configuration changes.
REQUIRED PARAMETERS
-------------------
None.
OPTIONAL PARAMETERS
-------------------
None.
EXAMPLES
--------
--------------------------------------------------------------------------------
__consul_reload
--------------------------------------------------------------------------------
SEE ALSO
--------
- cdist-type(7)
COPYING
-------
Copyright \(C) 2015 Steven Armstrong. Free use of this software is
granted under the terms of the GNU General Public License version 3 (GPLv3).

View file

@ -0,0 +1,71 @@
cdist-type__consul_service(7)
=============================
Steven Armstrong <steven-cdist--@--armstrong.cc>
NAME
----
cdist-type__consul_service - manages consul services
DESCRIPTION
-----------
Generate and deploy service definitions for a consul agent.
See http://www.consul.io/docs/agent/services.html for parameter documentation.
Use either script together with interval, or use ttl.
REQUIRED PARAMETERS
-------------------
None.
OPTIONAL PARAMETERS
-------------------
check-interval::
the interval in which the script given with --check-script should be run
check-script::
the shell command to run every --check-interval
check-ttl::
how long a service is considered healthy without being updated through the
HTTP interfave
id::
Defaults to --name
name::
The name of this service. Defaults to __object_id
port::
the port at which this service can be reached
state::
if this service is 'present' or 'absent'. Defaults to 'present'.
tag::
a tag to add to this service. Can be specified multiple times.
EXAMPLES
--------
--------------------------------------------------------------------------------
__consul_service redis \
--tag master \
--tag production \
--port 8000 \
--check-script /usr/local/bin/check_redis.py \
--check-interval 10s
__consul_service webapp \
--port 80 \
--check-ttl 10s
--------------------------------------------------------------------------------
SEE ALSO
--------
- cdist-type(7)
- cdist-type__consul_agent(7)
COPYING
-------
Copyright \(C) 2015 Steven Armstrong. Free use of this software is
granted under the terms of the GNU General Public License version 3 (GPLv3).

View file

@ -0,0 +1,83 @@
#!/bin/sh
#
# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
#
# This file is part of cdist.
#
# cdist is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# cdist is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
#
name="$(cat "$__object/parameter/name" 2>/dev/null || echo "$__object_id")"
conf_dir="/etc/consul/conf.d"
conf_file="service_${name}.json"
state="$(cat "$__object/parameter/state")"
# Sanity checks
if [ -f "$__object/parameter/check-script" -a -f "$__object/parameter/check-ttl" ]; then
echo "Use either --check-script together with --check-interval OR --check-ttl, but not both" >&2
exit 1
fi
if [ -f "$__object/parameter/check-script" -a ! -f "$__object/parameter/check-interval" ]; then
echo "When using --check-script you must also define --check-interval" >&2
exit 1
fi
# Generate json config file
(
echo "{"
printf ' "service": {\n'
printf ' "name": "%s"\n' "$name"
for param in $(ls "$__object/parameter/"); do
case "$param" in
state|name|check-interval) continue ;;
check-script)
printf ' ,"check": {\n'
printf ' "script": "%s"\n' "$(cat "$__object/parameter/check-script")"
printf ' ,"interval": "%s"\n' "$(cat "$__object/parameter/check-interval")"
printf ' }\n'
;;
check-ttl)
printf ' ,"check": {\n'
printf ' "ttl": "%s"\n' "$(cat "$__object/parameter/check-ttl")"
printf ' }\n'
;;
tag)
# create json array from newline delimited file
tags="$(awk '{printf "\""$1"\","}' "$__object/parameter/tag")"
# remove trailing ,
printf ' ,"tags": [%s]\n' "${tags%*,}"
;;
port)
# integer key=value parameters
key="$(echo "$param" | tr '-' '_')"
printf ' ,"%s": %s\n' "$key" "$(cat "$__object/parameter/$param")"
;;
*)
# string key=value parameters
key="$(echo "$param" | tr '-' '_')"
printf ' ,"%s": "%s"\n' "$key" "$(cat "$__object/parameter/$param")"
;;
esac
done
# end service
echo " }"
# end json file
echo "}"
) | \
require="__directory${conf_dir}" \
__config_file "${conf_dir}/${conf_file}" \
--owner root --group consul --mode 640 \
--state "$state" \
--onchange 'service consul status >/dev/null && service consul reload || true' \
--source -

View file

@ -0,0 +1 @@
present

View file

@ -0,0 +1,7 @@
check-interval
check-script
check-ttl
id
name
port
state

View file

@ -0,0 +1 @@
tag

View file

@ -0,0 +1,19 @@
[Unit]
Description=Consul-Template Daemon
Wants=basic.target
After=basic.target network.target
[Service]
User=root
Group=root
Environment="CONSUL_TEMPLATE_LOG=info"
Environment="GOMAXPROCS=2"
ExecStart=/usr/local/bin/consul-template -config /etc/consul-template/conf.d
ExecReload=/bin/kill -HUP $MAINPID
KillMode=process
Restart=on-failure
RestartSec=10s
LimitNOFILE=4096
[Install]
WantedBy=multi-user.target

View file

@ -0,0 +1,89 @@
#!/bin/bash
#
# /etc/rc.d/init.d/consul-template
#
# Daemonize the consul-template agent.
#
# chkconfig: 2345 95 95
# description: Generic template rendering and notifications with Consul
# processname: consul-template
# pidfile: /var/run/consul-template/pidfile
# Source function library.
. /etc/init.d/functions
NAME=consul-template
CONSUL_TEMPLATE=/usr/local/bin/consul-template
CONFIG=/etc/$NAME/conf.d
PID_FILE=/var/run/$NAME/pidfile
LOG_FILE=/var/log/$NAME
[ -e /etc/sysconfig/$NAME ] && . /etc/sysconfig/$NAME
export CONSUL_TEMPLATE_LOG=${CONSUL_TEMPLATE_LOG:-info}
export GOMAXPROCS=${GOMAXPROCS:-2}
mkdir -p /var/run/$NAME
start() {
echo -n "Starting $NAME: "
daemon --pidfile="$PID_FILE" \
"$CONSUL_TEMPLATE" -config "$CONFIG" >> "$LOG_FILE" 2>&1 &
echo $! > "$PID_FILE"
retcode=$?
touch /var/lock/subsys/$NAME
return $retcode
}
stop() {
echo -n "Shutting down $NAME: "
killproc -p $PID_FILE $CONSUL_TEMPLATE
retcode=$?
rm -f /var/lock/subsys/$NAME
return $retcode
}
case "$1" in
start)
if $(status -p "$PID_FILE" $NAME >/dev/null); then
echo "$NAME already running"
else
start
fi
;;
stop)
if $(status -p "$PID_FILE" $NAME >/dev/null); then
stop
else
echo "$NAME not running"
fi
;;
status)
status -p "$PID_FILE" $NAME
exit $?
;;
restart)
if $(status -p "$PID_FILE" $NAME >/dev/null); then
stop
fi
start
;;
reload)
if $(status -p "$PID_FILE" $NAME >/dev/null); then
kill -HUP `cat $PID_FILE`
else
echo "$NAME not running"
fi
;;
condrestart)
if [ -f /var/lock/subsys/$NAME ]; then
if $(status -p "$PID_FILE" $NAME >/dev/null); then
stop
fi
start
fi
;;
*)
echo "Usage: $NAME {start|stop|status|reload|restart}"
exit 1
;;
esac
exit $?

View file

@ -0,0 +1,12 @@
description "Consul-Template Daemon"
start on (local-filesystems and net-device-up IFACE!=lo)
stop on runlevel [06]
env CONSUL_TEMPLATE_LOG=info
env GOMAXPROCS=${GOMAXPROCS}
exec /usr/local/bin/consul-template -config /etc/consul-template/conf.d >> /var/log/consul-template 2>&1
respawn
respawn limit 10 10
kill timeout 10

View file

@ -0,0 +1 @@
1356006333 8496656 consul-template

View file

@ -0,0 +1 @@
https://github.com/hashicorp/consul-template/releases/download/v0.6.5/consul-template_0.6.5_linux_amd64.tar.gz

View file

@ -0,0 +1,85 @@
cdist-type__consul_template(7)
==============================
Steven Armstrong <steven-cdist--@--armstrong.cc>
NAME
----
cdist-type__consul_template - manage the consul-template service
DESCRIPTION
-----------
Downloads and installs the consul-template binary from
https://github.com/hashicorp/consul-template/releases/download/.
Generates a global config file and creates directory for per template config files.
Note that the consul-template binary is downloaded on the server (the machine running
cdist) and then deployed to the target host using the __file type.
REQUIRED PARAMETERS
-------------------
None.
OPTIONAL PARAMETERS
-------------------
auth::
specify a username (and password) for basic authentication.
batch-size::
the size of the batch when polling multiple dependencies.
consul::
the location of the Consul instance to query (may be an IP address or FQDN) with port.
Defaults to 'localhost:8500'.
max-stale::
the maximum staleness of a query. If specified, Consul will distribute work among all
servers instead of just the leader.
retry::
the amount of time to wait if Consul returns an error when communicating
with the API.
state::
either 'present' or 'absent'. Defaults to 'present'
token::
the Consul API token.
version::
which version of consul-template to install. See ./files/versions for a list of
supported versions. Defaults to the latest known version.
wait::
the minimum(:maximum) to wait before rendering a new template to disk and
triggering a command, separated by a colon (:). If the optional maximum
value is omitted, it is assumed to be 4x the required minimum value.
BOOLEAN PARAMETERS
------------------
ssl::
use HTTPS while talking to Consul. Requires the Consul server to be configured to serve secure connections.
ssl-no-verify::
ignore certificate warnings. Only used if ssl is enabled.
EXAMPLES
--------
--------------------------------------------------------------------------------
__consul_template \
--consul consul.service.consul:8500 \
--retry 30s
# specific version
__consul_template \
--version 0.6.5 \
--retry 30s
--------------------------------------------------------------------------------
SEE ALSO
--------
- cdist-type(7)
- https://github.com/hashicorp/consul-template
COPYING
-------
Copyright \(C) 2015 Steven Armstrong. Free use of this software is
granted under the terms of the GNU General Public License version 3 (GPLv3).

View file

@ -0,0 +1,143 @@
#!/bin/sh
#
# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
#
# This file is part of cdist.
#
# cdist is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# cdist is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
#
os=$(cat "$__global/explorer/os")
case "$os" in
centos|redhat)
# whitelist safeguard
service_onchange='service consul-template status >/dev/null && service consul-template reload || true' \
;;
archlinux)
service_onchange="systemctl status consul-template >/dev/null && systemctl reload consul-template || true"
;;
*)
echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2
echo "Please contribute an implementation for it if you can." >&2
exit 1
;;
esac
versions_dir="$__type/files/versions"
version="$(cat "$__object/parameter/version")"
version_dir="$versions_dir/$version"
if [ ! -d "$version_dir" ]; then
echo "Unknown consul-template version '$version'. Expected one of:" >&2
ls "$versions_dir" >&2
exit 1
fi
state="$(cat "$__object/parameter/state")"
__staged_file /usr/local/bin/consul-template \
--source "$(cat "$version_dir/source")" \
--cksum "$(cat "$version_dir/cksum")" \
--fetch-command 'curl -s -L "%s"' \
--prepare-command 'tar -xzf "%s"; cat consul-template_*/consul-template' \
--state "$state" \
--group root \
--owner root \
--mode 755
conf_dir="/etc/consul-template/conf.d"
conf_file="config.hcl"
template_dir="/etc/consul-template/template"
__directory /etc/consul-template \
--owner root --group root --mode 750
require="__directory/etc/consul-template" \
__directory "$conf_dir" \
--owner root --group root --mode 750
require="__directory/etc/consul-template" \
__directory "$template_dir" \
--owner root --group root --mode 750
# Generate hcl config file
(
for param in $(ls "$__object/parameter/"); do
case "$param" in
ssl|ssl-no-verify) # boolean
key="$(echo "$param" | tr '-' '_')"
printf '%s = true\n' "$key"
;;
auth|batch-size|consul|max-stale|retry|token|wait)
key="$(echo "$param" | tr '-' '_')"
printf '%s = "%s"\n' "$key" "$(cat "$__object/parameter/$param")"
;;
*)
# ignore unknown parameters
:
;;
esac
done
) | \
require="__directory${conf_dir}" \
__config_file "${conf_dir}/${conf_file}" \
--owner root --group root --mode 640 \
--state "$state" \
--onchange "$service_onchange" \
--source -
# Install init script to start on boot
service="consul-template"
case "$os" in
centos|redhat)
os_version="$(sed 's/[^0-9.]//g' "$__global/explorer/os_version")"
major_version="${os_version%%.*}"
case "$major_version" in
7)
__file "/lib/systemd/system/${service}.service" \
--owner root --group root --mode 0555 \
--state "$state" \
--source "$__type/files/${service}.systemd"
export require="__file/lib/systemd/system/${service}.service"
;;
*)
__file "/etc/init.d/${service}" \
--owner root --group root --mode 0555 \
--state "$state" \
--source "$__type/files/${service}.sysv"
export require="__file/etc/init.d/${service}"
;;
esac
__start_on_boot "$service" --state "$state"
;;
ubuntu)
__file "/etc/init/${service}.conf" \
--owner root --group root --mode 0644 \
--state "$state" \
--source "$__type/files/${service}.upstart"
export require="__file/etc/init/${service}.conf"
__start_on_boot "$service" --state "$state"
;;
archlinux)
__file "/lib/systemd/system/${service}.service" \
--owner root --group root --mode 0555 \
--state "$state" \
--source "$__type/files/${service}.systemd"
export require="__file/lib/systemd/system/${service}.service"
__start_on_boot "$service" --state "$state"
;;
esac

View file

@ -0,0 +1,2 @@
ssl
ssl-no-verify

View file

@ -0,0 +1 @@
localhost:8500

View file

@ -0,0 +1 @@
present

View file

@ -0,0 +1 @@
0.6.5

View file

@ -0,0 +1,9 @@
auth
batch-size
consul
max-stale
retry
state
token
version
wait

View file

@ -0,0 +1,2 @@
- add support for latest version 0.7.0
- config file format has changed

View file

@ -0,0 +1,69 @@
cdist-type__consul_template_template(7)
=======================================
Steven Armstrong <steven-cdist--@--armstrong.cc>
NAME
----
cdist-type__consul_template_template - manage consul-template templates
DESCRIPTION
-----------
Generate and deploy template definitions for a consul-template.
See https://github.com/hashicorp/consul-template#examples for documentation.
Templates are written in the Go template format.
Either the --source or the --source-file parameter must be given.
REQUIRED PARAMETERS
-------------------
destination::
the destination where the generated file should go.
OPTIONAL PARAMETERS
-------------------
command::
an optional command to run after rendering the template to its destination.
source::
path to the template source. Conflicts --source-file.
source-file::
path to a local file which is uploaded using the __file type and configured
as the source.
If source is '-' (dash), take what was written to stdin as the file content.
Conflicts --source.
state::
if this template is 'present' or 'absent'. Defaults to 'present'.
EXAMPLES
--------
--------------------------------------------------------------------------------
# configure template on the target
__consul_template_template nginx \
--source /etc/my-consul-templates/nginx.ctmpl \
--destination /etc/nginx/nginx.conf \
--command 'service nginx restart'
# upload a local file to the target and configure it
__consul_template_template nginx \
--source-file "$__manifest/files/nginx.ctmpl" \
--destination /etc/nginx/nginx.conf \
--command 'service nginx restart'
--------------------------------------------------------------------------------
SEE ALSO
--------
- cdist-type(7)
- cdist-type__consul_template(7)
- cdist-type__consul_template_config(7)
COPYING
-------
Copyright \(C) 2015 Steven Armstrong. Free use of this software is
granted under the terms of the GNU General Public License version 3 (GPLv3).

View file

@ -0,0 +1,74 @@
#!/bin/sh
#
# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
#
# This file is part of cdist.
#
# cdist is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# cdist is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
#
name="$(cat "$__object/parameter/name" 2>/dev/null || echo "$__object_id")"
state="$(cat "$__object/parameter/state")"
conf_dir="/etc/consul-template/conf.d"
conf_file="template_${name}.hcl"
template_dir="/etc/consul-template/template"
require=""
# Sanity checks
if [ -f "$__object/parameter/source" -a -f "$__object/parameter/source-file" ]; then
echo "Use either --source OR --source-file, but not both." >&2
exit 1
fi
if [ ! -f "$__object/parameter/source" -a ! -f "$__object/parameter/source-file" ]; then
echo "Either --source OR --source-file must be given." >&2
exit 1
fi
# Generate hcl config file
(
printf 'template {\n'
for param in $(ls "$__object/parameter/"); do
case "$param" in
source-file)
source="$(cat "$__object/parameter/$param")"
if [ "$source" = "-" ]; then
source="$__object/stdin"
fi
destination="${template_dir}/${name}"
require="__directory${template_dir}" \
__file "$destination" \
--owner root --group root --mode 640 \
--source "$source" \
--state "$state"
export require="__file${destination}"
printf ' source = "%s"\n' "$destination"
;;
source|destination|command)
printf ' %s = "%s"\n' "$param" "$(cat "$__object/parameter/$param")"
;;
*)
# ignore unknown parameters
:
;;
esac
done
printf '}\n'
) | \
require="$require __directory${conf_dir}" \
__config_file "${conf_dir}/${conf_file}" \
--owner root --group root --mode 640 \
--state "$state" \
--onchange 'service consul-template status >/dev/null && service consul-template reload || true' \
--source -

View file

@ -0,0 +1 @@
present

View file

@ -0,0 +1,4 @@
command
source
source-file
state

View file

@ -0,0 +1 @@
destination

View file

@ -0,0 +1,64 @@
cdist-type__consul_watch_checks(7)
==================================
Steven Armstrong <steven-cdist--@--armstrong.cc>
NAME
----
cdist-type__consul_watch_checks - manages consul checks watches
DESCRIPTION
-----------
Generate and deploy watch definitions of type 'checks' for a consul agent.
See http://www.consul.io/docs/agent/watches.html for parameter documentation.
REQUIRED PARAMETERS
-------------------
handler::
the handler to invoke when the data view updates
OPTIONAL PARAMETERS
-------------------
datacenter::
can be provided to override the agent's default datacenter
filter-service::
filter to a specific service. Conflicts with --filter-state.
filter-state::
filter to a specific state. Conflicts with --filter-service.
state::
if this watch is 'present' or 'absent'. Defaults to 'present'.
token::
can be provided to override the agent's default ACL token
EXAMPLES
--------
--------------------------------------------------------------------------------
__consul_watch_checks some-id \
--handler /usr/bin/my-handler.sh
__consul_watch_checks some-id \
--filter-service consul \
--handler /usr/bin/my-handler.sh
__consul_watch_checks some-id \
--filter-state passing \
--handler /usr/bin/my-handler.sh
--------------------------------------------------------------------------------
SEE ALSO
--------
- cdist-type(7)
- cdist-type__consul_agent(7)
- http://www.consul.io/docs/agent/watches.html
COPYING
-------
Copyright \(C) 2015 Steven Armstrong. Free use of this software is
granted under the terms of the GNU General Public License version 3 (GPLv3).

View file

@ -0,0 +1,61 @@
#!/bin/sh
#
# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
#
# This file is part of cdist.
#
# cdist is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# cdist is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
#
cdist_type="${__type##*/}"
watch_type="${cdist_type##*_}"
conf_dir="/etc/consul/conf.d"
conf_file="watch_${watch_type}_${__object_id}.json"
state="$(cat "$__object/parameter/state")"
# Sanity checks
if [ -f "$__object/parameter/filter-service" -a -f "$__object/parameter/filter-state" ]; then
echo "Use either --filter-service or --filter-state but not both." >&2
exit 1
fi
# Generate json config file
(
echo "{"
printf ' "watches": [{\n'
printf ' "type": "%s"\n' "$watch_type"
for param in $(ls "$__object/parameter/"); do
case "$param" in
state) continue ;;
filter-*)
key="${param##*-}"
printf ' ,"%s": "%s"\n' "$key" "$(cat "$__object/parameter/$param")"
;;
*)
key="$(echo "$param" | tr '-' '_')"
printf ' ,"%s": "%s"\n' "$key" "$(cat "$__object/parameter/$param")"
;;
esac
done
# end watches
echo " }]"
# end json file
echo "}"
) | \
require="__directory${conf_dir}" \
__config_file "${conf_dir}/${conf_file}" \
--owner root --group consul --mode 640 \
--state "$state" \
--onchange 'service consul status >/dev/null && service consul reload || true' \
--source -

View file

@ -0,0 +1 @@
present

View file

@ -0,0 +1,5 @@
datacenter
filter-service
filter-state
state
token

View file

@ -0,0 +1 @@
handler

View file

@ -0,0 +1,58 @@
cdist-type__consul_watch_event(7)
=================================
Steven Armstrong <steven-cdist--@--armstrong.cc>
NAME
----
cdist-type__consul_watch_event - manages consul event watches
DESCRIPTION
-----------
Generate and deploy watch definitions of type 'event' for a consul agent.
See http://www.consul.io/docs/agent/watches.html for parameter documentation.
REQUIRED PARAMETERS
-------------------
handler::
the handler to invoke when the data view updates
OPTIONAL PARAMETERS
-------------------
datacenter::
can be provided to override the agent's default datacenter
name::
restrict the watch to only events with the given name
state::
if this watch is 'present' or 'absent'. Defaults to 'present'.
token::
can be provided to override the agent's default ACL token
EXAMPLES
--------
--------------------------------------------------------------------------------
__consul_watch_event some-id \
--handler /usr/bin/my-handler.sh
__consul_watch_event some-id \
--name web-deploy \
--handler /usr/bin/my-handler.sh
--------------------------------------------------------------------------------
SEE ALSO
--------
- cdist-type(7)
- cdist-type__consul_agent(7)
- http://www.consul.io/docs/agent/watches.html
COPYING
-------
Copyright \(C) 2015 Steven Armstrong. Free use of this software is
granted under the terms of the GNU General Public License version 3 (GPLv3).

View file

@ -0,0 +1,51 @@
#!/bin/sh
#
# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
#
# This file is part of cdist.
#
# cdist is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# cdist is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
#
cdist_type="${__type##*/}"
watch_type="${cdist_type##*_}"
conf_dir="/etc/consul/conf.d"
conf_file="watch_${watch_type}_${__object_id}.json"
state="$(cat "$__object/parameter/state")"
# Generate json config file
(
echo "{"
printf ' "watches": [{\n'
printf ' "type": "%s"\n' "$watch_type"
for param in $(ls "$__object/parameter/"); do
case "$param" in
state) continue ;;
*)
key="$(echo "$param" | tr '-' '_')"
printf ' ,"%s": "%s"\n' "$key" "$(cat "$__object/parameter/$param")"
;;
esac
done
# end watches
echo " }]"
# end json file
echo "}"
) | \
require="__directory${conf_dir}" \
__config_file "${conf_dir}/${conf_file}" \
--owner root --group consul --mode 640 \
--state "$state" \
--onchange 'service consul status >/dev/null && service consul reload || true' \
--source -

View file

@ -0,0 +1 @@
present

View file

@ -0,0 +1,4 @@
datacenter
name
state
token

View file

@ -0,0 +1 @@
handler

View file

@ -0,0 +1,55 @@
cdist-type__consul_watch_key(7)
===============================
Steven Armstrong <steven-cdist--@--armstrong.cc>
NAME
----
cdist-type__consul_watch_key - manages consul key watches
DESCRIPTION
-----------
Generate and deploy watch definitions of type 'key' for a consul agent.
See http://www.consul.io/docs/agent/watches.html for parameter documentation.
REQUIRED PARAMETERS
-------------------
handler::
the handler to invoke when the data view updates
key::
the key to watch for changes
OPTIONAL PARAMETERS
-------------------
datacenter::
can be provided to override the agent's default datacenter
state::
if this watch is 'present' or 'absent'. Defaults to 'present'.
token::
can be provided to override the agent's default ACL token
EXAMPLES
--------
--------------------------------------------------------------------------------
__consul_watch_key some-id \
--key foo/bar/baz \
--handler /usr/bin/my-key-handler.sh
--------------------------------------------------------------------------------
SEE ALSO
--------
- cdist-type(7)
- cdist-type__consul_agent(7)
- http://www.consul.io/docs/agent/watches.html
COPYING
-------
Copyright \(C) 2015 Steven Armstrong. Free use of this software is
granted under the terms of the GNU General Public License version 3 (GPLv3).

View file

@ -0,0 +1,51 @@
#!/bin/sh
#
# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
#
# This file is part of cdist.
#
# cdist is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# cdist is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
#
cdist_type="${__type##*/}"
watch_type="${cdist_type##*_}"
conf_dir="/etc/consul/conf.d"
conf_file="watch_${watch_type}_${__object_id}.json"
state="$(cat "$__object/parameter/state")"
# Generate json config file
(
echo "{"
printf ' "watches": [{\n'
printf ' "type": "%s"\n' "$watch_type"
for param in $(ls "$__object/parameter/"); do
case "$param" in
state) continue ;;
*)
key="$(echo "$param" | tr '-' '_')"
printf ' ,"%s": "%s"\n' "$key" "$(cat "$__object/parameter/$param")"
;;
esac
done
# end watches
echo " }]"
# end json file
echo "}"
) | \
require="__directory${conf_dir}" \
__config_file "${conf_dir}/${conf_file}" \
--owner root --group consul --mode 640 \
--state "$state" \
--onchange 'service consul status >/dev/null && service consul reload || true' \
--source -

View file

@ -0,0 +1 @@
present

View file

@ -0,0 +1,3 @@
datacenter
state
token

View file

@ -0,0 +1,2 @@
handler
key

View file

@ -0,0 +1,55 @@
cdist-type__consul_watch_keyprefix(7)
=====================================
Steven Armstrong <steven-cdist--@--armstrong.cc>
NAME
----
cdist-type__consul_watch_keyprefix - manages consul keyprefix watches
DESCRIPTION
-----------
Generate and deploy watch definitions of type 'keyprefix' for a consul agent.
See http://www.consul.io/docs/agent/watches.html for parameter documentation.
REQUIRED PARAMETERS
-------------------
handler::
the handler to invoke when the data view updates
prefix::
the prefix of keys to watch for changes
OPTIONAL PARAMETERS
-------------------
datacenter::
can be provided to override the agent's default datacenter
state::
if this watch is 'present' or 'absent'. Defaults to 'present'.
token::
can be provided to override the agent's default ACL token
EXAMPLES
--------
--------------------------------------------------------------------------------
__consul_watch_keyprefix some-id \
--prefix foo/ \
--handler /usr/bin/my-prefix-handler.sh
--------------------------------------------------------------------------------
SEE ALSO
--------
- cdist-type(7)
- cdist-type__consul_agent(7)
- http://www.consul.io/docs/agent/watches.html
COPYING
-------
Copyright \(C) 2015 Steven Armstrong. Free use of this software is
granted under the terms of the GNU General Public License version 3 (GPLv3).

View file

@ -0,0 +1,51 @@
#!/bin/sh
#
# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
#
# This file is part of cdist.
#
# cdist is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# cdist is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
#
cdist_type="${__type##*/}"
watch_type="${cdist_type##*_}"
conf_dir="/etc/consul/conf.d"
conf_file="watch_${watch_type}_${__object_id}.json"
state="$(cat "$__object/parameter/state")"
# Generate json config file
(
echo "{"
printf ' "watches": [{\n'
printf ' "type": "%s"\n' "$watch_type"
for param in $(ls "$__object/parameter/"); do
case "$param" in
state) continue ;;
*)
key="$(echo "$param" | tr '-' '_')"
printf ' ,"%s": "%s"\n' "$key" "$(cat "$__object/parameter/$param")"
;;
esac
done
# end watches
echo " }]"
# end json file
echo "}"
) | \
require="__directory${conf_dir}" \
__config_file "${conf_dir}/${conf_file}" \
--owner root --group consul --mode 640 \
--state "$state" \
--onchange 'service consul status >/dev/null && service consul reload || true' \
--source -

View file

@ -0,0 +1 @@
present

View file

@ -0,0 +1,3 @@
datacenter
state
token

View file

@ -0,0 +1,2 @@
handler
keyprefix

View file

@ -0,0 +1,52 @@
cdist-type__consul_watch_nodes(7)
=================================
Steven Armstrong <steven-cdist--@--armstrong.cc>
NAME
----
cdist-type__consul_watch_nodes - manages consul nodes watches
DESCRIPTION
-----------
Generate and deploy watch definitions of type 'nodes' for a consul agent.
See http://www.consul.io/docs/agent/watches.html for parameter documentation.
REQUIRED PARAMETERS
-------------------
handler::
the handler to invoke when the data view updates
OPTIONAL PARAMETERS
-------------------
datacenter::
can be provided to override the agent's default datacenter
state::
if this watch is 'present' or 'absent'. Defaults to 'present'.
token::
can be provided to override the agent's default ACL token
EXAMPLES
--------
--------------------------------------------------------------------------------
__consul_watch_nodes some-id \
--handler /usr/bin/my-key-handler.sh
--------------------------------------------------------------------------------
SEE ALSO
--------
- cdist-type(7)
- cdist-type__consul_agent(7)
- http://www.consul.io/docs/agent/watches.html
COPYING
-------
Copyright \(C) 2015 Steven Armstrong. Free use of this software is
granted under the terms of the GNU General Public License version 3 (GPLv3).

View file

@ -0,0 +1,51 @@
#!/bin/sh
#
# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
#
# This file is part of cdist.
#
# cdist is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# cdist is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
#
cdist_type="${__type##*/}"
watch_type="${cdist_type##*_}"
conf_dir="/etc/consul/conf.d"
conf_file="watch_${watch_type}_${__object_id}.json"
state="$(cat "$__object/parameter/state")"
# Generate json config file
(
echo "{"
printf ' "watches": [{\n'
printf ' "type": "%s"\n' "$watch_type"
for param in $(ls "$__object/parameter/"); do
case "$param" in
state) continue ;;
*)
key="$(echo "$param" | tr '-' '_')"
printf ' ,"%s": "%s"\n' "$key" "$(cat "$__object/parameter/$param")"
;;
esac
done
# end watches
echo " }]"
# end json file
echo "}"
) | \
require="__directory${conf_dir}" \
__config_file "${conf_dir}/${conf_file}" \
--owner root --group consul --mode 640 \
--state "$state" \
--onchange 'service consul status >/dev/null && service consul reload || true' \
--source -

View file

@ -0,0 +1 @@
present

View file

@ -0,0 +1,3 @@
datacenter
state
token

View file

@ -0,0 +1 @@
handler

View file

@ -0,0 +1,74 @@
cdist-type__consul_watch_service(7)
===================================
Steven Armstrong <steven-cdist--@--armstrong.cc>
NAME
----
cdist-type__consul_watch_service - manages consul service watches
DESCRIPTION
-----------
Generate and deploy watch definitions of type 'service' for a consul agent.
See http://www.consul.io/docs/agent/watches.html for parameter documentation.
REQUIRED PARAMETERS
-------------------
handler::
the handler to invoke when the data view updates
service::
the service to watch for changes
OPTIONAL PARAMETERS
-------------------
datacenter::
can be provided to override the agent's default datacenter
state::
if this watch is 'present' or 'absent'. Defaults to 'present'.
token::
can be provided to override the agent's default ACL token
tag::
filter by tag
BOOLEAN PARAMETERS
------------------
passingonly::
specifies if only hosts passing all checks are displayed
EXAMPLES
--------
--------------------------------------------------------------------------------
__consul_watch_service some-id \
--service consul \
--handler /usr/bin/my-handler.sh
__consul_watch_service some-id \
--service redis \
--tag production \
--handler /usr/bin/my-handler.sh
__consul_watch_service some-id \
--service redis \
--tag production \
--passingonly \
--handler /usr/bin/my-handler.sh
--------------------------------------------------------------------------------
SEE ALSO
--------
- cdist-type(7)
- cdist-type__consul_agent(7)
- http://www.consul.io/docs/agent/watches.html
COPYING
-------
Copyright \(C) 2015 Steven Armstrong. Free use of this software is
granted under the terms of the GNU General Public License version 3 (GPLv3).

View file

@ -0,0 +1,54 @@
#!/bin/sh
#
# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
#
# This file is part of cdist.
#
# cdist is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# cdist is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
#
cdist_type="${__type##*/}"
watch_type="${cdist_type##*_}"
conf_dir="/etc/consul/conf.d"
conf_file="watch_${watch_type}_${__object_id}.json"
state="$(cat "$__object/parameter/state")"
# Generate json config file
(
echo "{"
printf ' "watches": [{\n'
printf ' "type": "%s"\n' "$watch_type"
for param in $(ls "$__object/parameter/"); do
case "$param" in
state) continue ;;
passingonly)
printf ' ,"passingonly": true\n'
;;
*)
key="$(echo "$param" | tr '-' '_')"
printf ' ,"%s": "%s"\n' "$key" "$(cat "$__object/parameter/$param")"
;;
esac
done
# end watches
echo " }]"
# end json file
echo "}"
) | \
require="__directory${conf_dir}" \
__config_file "${conf_dir}/${conf_file}" \
--owner root --group consul --mode 640 \
--state "$state" \
--onchange 'service consul status >/dev/null && service consul reload || true' \
--source -

View file

@ -0,0 +1 @@
passingonly

Some files were not shown because too many files have changed in this diff Show more