Commit graph

1391 commits

Author SHA1 Message Date
Dennis Camera
a9778965be [type/__package_opkg] Use mkdir(1) to lock instead of noclobber
noclobber is potentially unsafe, because it relies on the underlying shell to
implement noclobber in a safe way that avoids race conditions between multiple
processes.
mkdir is safer because it is mandated by POSIX to "fail" if the target already
exists.
2020-06-24 08:47:22 +02:00
Dennis Camera
3649555f35 [type/__package_opkg] Do not lock execution of code-remote (revert)
Instead, rely on `nonparallel`.
In any case cdist should never run explorer and code concurrently even if the
dependency graph would allow to do so as it would result in many more
synchronization issues than this one.
2020-06-22 09:32:57 +02:00
Dennis Camera
6aae58dea7 [type/__package_opkg] Mark lock variables readonly 2020-06-21 17:35:28 +02:00
Dennis Camera
e79b26a61f [type/__package_opkg] Also lock execution of code-remote 2020-06-21 15:53:01 +02:00
Dennis Camera
97e48be39e [type/__package_opkg] Fix explorer running in parallel 2020-06-21 15:52:57 +02:00
Darko Poljak
a251e53495 Merge branch 'fix_os_explorer_sles15' of https://github.com/dheule/cdist into dheule-fix_os_explorer_sles15 2020-06-08 13:43:41 +02:00
Daniel Heule
6a611e556a fix os explorer for sles15 2020-06-02 13:40:21 +02:00
Darko Poljak
988190363a Resolve shellcheck SC1090 2020-05-30 15:10:13 +02:00
29c0180204 [__ssh_authorized_keys] add --remove-unknown parameter 2020-05-28 23:31:13 +03:00
716d3554f3 [__user] fix user delete on freebsd 2020-05-23 00:48:35 +03:00
dab32b0cb6 Merge branch '__group_freebsd_fix' into 'master'
[__group] fix --gid on freebsd

See merge request ungleich-public/cdist!881
2020-05-22 10:08:29 +02:00
3bcbd95269 [__motd] debian|ubuntu|devuan use /etc/motd 2020-05-22 02:36:49 +03:00
bf25a18a04 [__group] fix --gid on freebsd 2020-05-22 02:31:38 +03:00
ad58ea79c2 [__ssh_authorized_keys] Fix bug where --option was not multiple
This went against both documentation and intent.
2020-05-18 20:01:01 +02:00
8d639d54d0 Merge branch 'evilham-authorized_keys-man' into 'master'
[__ssh_authorizedkey{,s}] Improve documentation.

See merge request ungleich-public/cdist!877
2020-05-18 19:49:50 +02:00
2362d89976 Merge branch 'evilham-machine_type-explorer-simplify-linux-add-openbsd' into 'master'
[explorer/machine_type] simplify linux add openbsd

See merge request ungleich-public/cdist!876
2020-05-18 19:48:47 +02:00
c5454afc72 Merge branch 'evilham-machine_type-explorer-freebsd' into 'master'
[explorer/machine_type] Add support for FreeBSD.

See merge request ungleich-public/cdist!875
2020-05-18 19:46:47 +02:00
6d502f737a [__ssh_authorizedkey{,s}] Improve documentation. 2020-05-18 18:37:16 +02:00
8b790b0a54 [explorer/machine_type] Make shellcheck happy! 2020-05-18 16:47:20 +02:00
cf44c4a01b [explorer/machine_type] Simplify Linux + basic OpenBSD support.
By abstracting away vendor-dependent pattern matching for the linux code, we can
re-use that and be reasonably sure about OpenBSD machines being virtualised when
we can identify the undelrying virtualisation technology.
It remains to be solved how to tell if an OpenBSD machine is physical; in that
case previous cdist behaviour ("unknown") remains.

For NetBSD something similar to OpenBSD could be done, with different sysctls:
hw.machine and hw.model wary of adding those without testing though, so for
NetBSD previous cdist behaviour ("unknown") remains.
https://netbsd.gw.com/cgi-bin/man-cgi?sysctl+7.i386+NetBSD-9.0
2020-05-18 16:35:50 +02:00
7ca2bfc14a [explorer/machine_type] Add support for FreeBSD.
More research is needed for {Net,Open}BSD support.

Indentation is left as-is for the linux code as I intend to simplify it in a
future MR, this way the diff is minimal.
2020-05-18 16:00:23 +02:00
086e683c99 [__file] add "default values" in manual for group, mode and owner
Because at least the --mode default value may not be expected, the
manual lists the "default values". As they are not explicitly set in the
`__file` type, it is a bit more difficult, but should resolve to
following:
  - the mode comes from the umask set in the cdist code to protect file
    creation and uses the strongest umask possible.
  - the owner and group comes from the ssh user, which should always be
    the root user. (I think this can be swaped, too, but who will?)

At the owner and group parameter, it could be replaced with something
like "the ssh user and group", which would be more correct, but less
understandable.
2020-05-16 16:33:38 +02:00
dcfabf9268 [__cron] add hint for default values of time-related parameters
This should resolve some misunderstanding when leave a time-related
parameter with it's default value.
2020-05-16 14:00:02 +02:00
42f2dceeb1 [__link] fix typo in the manual 2020-05-09 18:40:44 +02:00
Nico Schottelius
d4059fd29e [__letsencrypt_cert] whitelist Ubuntu 2020-05-01 15:31:23 +02:00
Nico Schottelius
f58d662b32 [__pyvenv] Switch to python3 -m venv for ubuntu 2020-05-01 15:28:01 +02:00
678df1ec8a [explorers] Improve *BSD support.
cpu_cores and memory did lacked support for other BSDs.
2020-04-27 01:29:37 +02:00
8074f02bb3 Merge branch 'evilham-pf' into 'master'
[__pf*] (~) __pf_ruleset (+)__pf_apply_anchor, deprecate __pf_apply

See merge request ungleich-public/cdist!867
2020-04-26 09:59:24 +02:00
71156258a4 Merge branch 'evilham-postfix' into 'master'
[__postfix] Automagically support more OSs by not checking too much.

See merge request ungleich-public/cdist!866
2020-04-26 09:52:08 +02:00
c13608fab5 Merge branch 'evilham-openldap_server' into 'master'
[__openldap_server] Support extra config parameter.

See merge request ungleich-public/cdist!865
2020-04-26 09:50:21 +02:00
b40b95d758 Merge branch 'evilham-motd' into 'master'
[__motd] Improve documentation and support for FreeBSD

See merge request ungleich-public/cdist!864
2020-04-26 09:47:54 +02:00
6ec3274598 Merge branch 'postgres-database-args' into 'master'
Add --template, --encoding, --lc-collate, --lc-support to __postgres_database type

See merge request ungleich-public/cdist!859
2020-04-26 09:41:30 +02:00
2928795441 [__pf_ruleset] Fix shellcheck issue. 2020-04-25 14:54:29 +02:00
fefe90e9c9 [__pf*] (~) __pf_ruleset (+)__pf_apply_anchor, deprecate __pf_apply
__pf_apply the way it exists on cdist is not really useful and __pf_ruleset does
not take advantage of other types as it should, being instead overly complex and
not as reliable.

The new __pf_ruleset is compatible with the previous one, and __pf_apply_anchors
allows for a simple and powerful way of managing pf anchors.
The functionality previously provided by __pf_apply is still possible out of the
box in __pf_ruleset.

These patches were mostly contributed by Kamila Součková and made fit for
upstreaming by Evilham.
2020-04-25 12:23:27 +02:00
5981d0a5f1 [__postfix] Automagically support more OSs by not checking too much.
It is quite likely that the package is going to be called postfix, rather
than trying to have an exhaustive "allow list" for this package, we can
just add special cases for OSs where that is not the case (not aware of any
atm).
2020-04-25 00:22:28 +02:00
056c7c5400 [__openldap_server] Support extra config parameter.
This allows the user to, e.g. manually define ACLs, while this type does not
support that.
2020-04-25 00:12:24 +02:00
de37b0ce45 [__motd] Improve documentation and support for FreeBSD
This makes it easier to use the type just by reading the man page and also
treats FreeBSD's MOTD better.
2020-04-24 20:26:44 +02:00
Darko Poljak
38ccdfda32 Fix newly found shellcheck issues 2020-04-22 23:21:34 +02:00
c3f924d350 Add --template flag to __postgres_database type 2020-04-14 10:23:08 +02:00
Steven Armstrong
76d978d3d8 explorer/init: do not grep on non-existent init
Signed-off-by: Steven Armstrong <steven@icarus.ethz.ch>
2020-04-10 10:51:17 +02:00
d53077f4e8 Add --encoding, --lc-collate, --lc-support to __postgres_database type 2020-04-06 09:30:01 +02:00
Darko Poljak
890c73f6bd Fix shellcheck issues 2020-04-02 20:18:04 +02:00
Nico Schottelius
d034fe9369 [__pyvenv] use python3 -m venv on alpine
Until python4 comes, this will work
2020-04-02 18:24:13 +02:00
Nico Schottelius
0f639a9278 Make __cron nonparallel
It fails due to removal / edit of crontab at the same time

VERBOSE: [18331]: uncloud.ungleich.ch: Running object __cron/pg_dump_cleanup
VERBOSE: [18332]: uncloud.ungleich.ch: Running object __ungleich_packages/server
VERBOSE: [18335]: uncloud.ungleich.ch: Running object __postgres_role/app
INFO: [18335]: uncloud.ungleich.ch: Processing __postgres_role/app
INFO: [18331]: uncloud.ungleich.ch: Processing __cron/pg_dump_cleanup
ERROR: [16451]: uncloud.ungleich.ch: ssh -o User=root -o ControlPath=/tmp/tmp_8eu4oep/s -o ControlMaster=auto -o ControlPersist=2h uncloud.ungleich.ch /bin/sh -c ' export __object=/var/lib/cdist/object/__cron/pg_dumpall_under_day/.cdist-mfd00npk;  export __object_id=pg_dumpall_under_day;/bin/sh -e /var/lib/cdist/object/__cron/pg_dumpall_under_day/.cdist-mfd00npk/code-remote': ['ssh', '-o', 'User=root', '-o', 'ControlPath=/tmp/tmp_8eu4oep/s', '-o', 'ControlMaster=auto', '-o', 'ControlPersist=2h', 'uncloud.ungleich.ch', "/bin/sh -c ' export __object=/var/lib/cdist/object/__cron/pg_dumpall_under_day/.cdist-mfd00npk;  export __object_id=pg_dumpall_under_day;/bin/sh -e /var/lib/cdist/object/__cron/pg_dumpall_under_day/.cdist-mfd00npk/code-remote'"]

Error processing object '__cron/pg_dumpall_under_day'
=====================================================
name: __cron/pg_dumpall_under_day
path: /tmp/tmplaq9cwdh/6318c251013a449595327745daacf3ee/data/object/__cron/pg_dumpall_under_day/.cdist-mfd00npk
source: /tmp/tmplaq9cwdh/6318c251013a449595327745daacf3ee/data/conf/type/__ungleich_postgresql/manifest
type: /home/nico/vcs/cdist/cdist/conf/type/__cron

code-remote:stderr
------------------
crontab: can't move 'postgres.new' to 'postgres': No such file or directory

VERBOSE: [16451]: config: Total processing time for 1 host(s): 13.98031210899353
[18:09] line:~%
2020-04-02 18:14:09 +02:00
1eb02f908b Merge branch 'fix/__package_update_index' into 'master'
[__package_update_index] Fix maxage false-positives on brand-new installations

See merge request ungleich-public/cdist!858
2020-03-29 13:53:55 +02:00
Darko Poljak
b25939cdd6 Fix shellcheck 2020-03-27 13:30:52 +01:00
11148995d1 Merge branch 'master' into 'master'
fix typo

See merge request ungleich-public/cdist!857
2020-03-27 08:50:29 +01:00
Nico Schottelius
66d9905029 [__consul_agent] make conf_dir depent on the OS 2020-03-26 21:48:17 +01:00
f00e4af5f0 fix typo 2020-03-26 21:17:32 +08:00
358e04b2af Handle specially if no time about the last index update found.
The explorer 'currage' now returns -1 if he can not find any value about
this. The gencode-remote script handle this value special to not exit if
-1 given as value.

This fixes the bug
  ungleich-public/cdist#803
2020-03-14 09:58:38 +01:00