forked from ungleich-public/cdist
Merge branch 'master' into preos
This commit is contained in:
commit
c4301696b0
67 changed files with 1121 additions and 106 deletions
1
.version
1
.version
|
@ -1 +0,0 @@
|
|||
2.1.0-pre1
|
4
Makefile
4
Makefile
|
@ -186,7 +186,7 @@ ARCHLINUX_FILE=.lock-archlinux
|
|||
ARCHLINUXTAR=cdist-$(CHANGELOG_VERSION)-1.src.tar.gz
|
||||
|
||||
$(ARCHLINUXTAR): PKGBUILD
|
||||
umask 022; makepkg -c --source
|
||||
umask 022; mkaurball
|
||||
|
||||
PKGBUILD: PKGBUILD.in $(PYTHON_VERSION)
|
||||
./PKGBUILD.in $(CHANGELOG_VERSION)
|
||||
|
@ -243,7 +243,7 @@ distclean: clean
|
|||
|
||||
# The pub is Nico's "push to all git remotes" way ("make pub")
|
||||
pub:
|
||||
for remote in "" github sf; do \
|
||||
for remote in "" sf; do \
|
||||
echo "Pushing to $$remote"; \
|
||||
git push --mirror $$remote; \
|
||||
done
|
||||
|
|
|
@ -22,10 +22,19 @@
|
|||
|
||||
# FIXME: other system types (not linux ...)
|
||||
|
||||
if [ -r /proc/cpuinfo ]; then
|
||||
cores="$(cat /proc/cpuinfo | grep "core id" | sort | uniq | wc -l)"
|
||||
if [ ${cores} -eq 0 ]; then
|
||||
cores="1"
|
||||
fi
|
||||
echo "${cores}"
|
||||
fi
|
||||
os=$("$__explorer/os")
|
||||
case "$os" in
|
||||
"macosx")
|
||||
echo "$(sysctl -n hw.physicalcpu)"
|
||||
;;
|
||||
|
||||
*)
|
||||
if [ -r /proc/cpuinfo ]; then
|
||||
cores="$(grep "core id" /proc/cpuinfo | sort | uniq | wc -l)"
|
||||
if [ ${cores} -eq 0 ]; then
|
||||
cores="1"
|
||||
fi
|
||||
echo "$cores"
|
||||
fi
|
||||
;;
|
||||
esac
|
||||
|
|
|
@ -22,10 +22,19 @@
|
|||
|
||||
# FIXME: other system types (not linux ...)
|
||||
|
||||
if [ -r /proc/cpuinfo ]; then
|
||||
sockets="$(cat /proc/cpuinfo | grep "physical id" | sort | uniq | wc -l)"
|
||||
if [ ${sockets} -eq 0 ]; then
|
||||
sockets="$(cat /proc/cpuinfo | grep "processor" | wc -l)"
|
||||
os=$("$__explorer/os")
|
||||
case "$os" in
|
||||
"macosx")
|
||||
echo "$(system_profiler SPHardwareDataType | grep "Number of Processors" | awk -F': ' '{print $2}')"
|
||||
;;
|
||||
|
||||
*)
|
||||
if [ -r /proc/cpuinfo ]; then
|
||||
sockets="$(grep "physical id" /proc/cpuinfo | sort | uniq | wc -l)"
|
||||
if [ ${sockets} -eq 0 ]; then
|
||||
sockets="$(cat /proc/cpuinfo | grep "processor" | wc -l)"
|
||||
fi
|
||||
echo "${sockets}"
|
||||
fi
|
||||
echo "${sockets}"
|
||||
fi
|
||||
;;
|
||||
esac
|
||||
|
|
|
@ -22,6 +22,15 @@
|
|||
|
||||
# FIXME: other system types (not linux ...)
|
||||
|
||||
if [ -r /proc/meminfo ]; then
|
||||
echo "$(cat /proc/meminfo | grep "MemTotal:" | awk '{print $2}')"
|
||||
fi
|
||||
os=$("$__explorer/os")
|
||||
case "$os" in
|
||||
"macosx")
|
||||
echo "$(sysctl -n hw.memsize)/1024" | bc
|
||||
;;
|
||||
|
||||
*)
|
||||
if [ -r /proc/meminfo ]; then
|
||||
grep "MemTotal:" /proc/meminfo | awk '{print $2}'
|
||||
fi
|
||||
;;
|
||||
esac
|
||||
|
|
|
@ -5,7 +5,7 @@ Steven Armstrong <steven-cdist--@--armstrong.cc>
|
|||
|
||||
NAME
|
||||
----
|
||||
cdist-type__apt_update_index - update apt's package index
|
||||
cdist-type__apt_update_index - Update apt's package index
|
||||
|
||||
|
||||
DESCRIPTION
|
||||
|
|
|
@ -46,13 +46,13 @@ tmpfile=\$(mktemp ${file}.cdist.XXXXXXXXXX)
|
|||
if [ -f "$file" ]; then
|
||||
cp -p "$file" "\$tmpfile"
|
||||
fi
|
||||
awk -v prefix="^$prefix\\\$" -v suffix="^$suffix\\\$" '
|
||||
awk -v prefix="^$prefix\$" -v suffix="^$suffix\$" '
|
||||
{
|
||||
if (index(\$0,prefix)) {
|
||||
if (match(\$0,prefix)) {
|
||||
triggered=1
|
||||
}
|
||||
if (triggered) {
|
||||
if (index(\$0,suffix)) {
|
||||
if (match(\$0,suffix)) {
|
||||
triggered=0
|
||||
}
|
||||
} else {
|
||||
|
|
|
@ -67,7 +67,7 @@ DONE
|
|||
if [ "$upload_file" ]; then
|
||||
echo upload >> "$__messages_out"
|
||||
cat << DONE
|
||||
$__remote_copy $source ${__target_host}:\$destination_upload
|
||||
$__remote_copy "$source" "${__target_host}:\$destination_upload"
|
||||
DONE
|
||||
fi
|
||||
# move uploaded file into place
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# 2013-2014 Nico Schottelius (nico-cdist at schottelius.org)
|
||||
# 2013-2015 Nico Schottelius (nico-cdist at schottelius.org)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
|
@ -29,7 +29,7 @@ case "$os" in
|
|||
# Debian needs a seperate package
|
||||
__package locales --state present
|
||||
;;
|
||||
archlinux|suse)
|
||||
archlinux|suse|ubuntu)
|
||||
:
|
||||
;;
|
||||
*)
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# 2012 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||
# 2014 Jake Guffey (jake.guffey at eprotex.com)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
|
@ -17,7 +17,11 @@
|
|||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
#
|
||||
# Retrieve the status of a package - parsed dpkg output
|
||||
#
|
||||
|
||||
owner="$(cat "$__object/parameter/owner" 2>/dev/null || echo "$__object_id")"
|
||||
if [ "$($__explorer/os)" = "freebsd" ]; then
|
||||
command -v pkg
|
||||
fi
|
||||
|
||||
getent passwd "$owner" || true
|
|
@ -19,7 +19,7 @@
|
|||
#
|
||||
#
|
||||
# __package is an abstract type which dispatches to the lower level
|
||||
# __package_$name types which do the actual interaction with the packaging
|
||||
# __package_$type types which do the actual interaction with the packaging
|
||||
# system.
|
||||
#
|
||||
|
||||
|
@ -33,7 +33,13 @@ else
|
|||
amazon|centos|fedora|redhat) type="yum" ;;
|
||||
archlinux) type="pacman" ;;
|
||||
debian|ubuntu) type="apt" ;;
|
||||
freebsd) type="pkg_freebsd" ;;
|
||||
freebsd)
|
||||
if [ -n "$(cat "$__object/explorer/pkgng_exists")" ]; then
|
||||
type="pkgng_freebsd"
|
||||
else
|
||||
type="pkg_freebsd"
|
||||
fi
|
||||
;;
|
||||
gentoo) type="emerge" ;;
|
||||
suse) type="zypper" ;;
|
||||
openwrt) type="opkg" ;;
|
||||
|
|
|
@ -33,6 +33,14 @@ else
|
|||
state_should="present"
|
||||
fi
|
||||
|
||||
if [ -f "$__object/parameter/target-release" ]; then
|
||||
target_release="--target-release $(cat "$__object/parameter/target-release")"
|
||||
else
|
||||
target_release=""
|
||||
fi
|
||||
|
||||
|
||||
|
||||
# FIXME: use grep directly, state is a list, not a line!
|
||||
state_is="$(cat "$__object/explorer/state")"
|
||||
case "$state_is" in
|
||||
|
@ -44,13 +52,13 @@ esac
|
|||
|
||||
# Hint if we need to avoid questions at some point:
|
||||
# DEBIAN_PRIORITY=critical can reduce the number of questions
|
||||
aptget="DEBIAN_FRONTEND=noninteractive apt-get --quiet --yes --no-install-recommends -o DPkg::Options::=\"--force-confold\""
|
||||
aptget="DEBIAN_FRONTEND=noninteractive apt-get --quiet --yes --no-install-recommends -o Dpkg::Options::=\"--force-confdef\" -o Dpkg::Options::=\"--force-confold\""
|
||||
|
||||
[ "$state_is" = "$state_should" ] && exit 0
|
||||
|
||||
case "$state_should" in
|
||||
present)
|
||||
echo $aptget install \"$name\"
|
||||
echo $aptget install $target_release \"$name\"
|
||||
;;
|
||||
absent)
|
||||
echo $aptget remove \"$name\"
|
||||
|
|
|
@ -27,6 +27,9 @@ name::
|
|||
state::
|
||||
Either "present" or "absent", defaults to "present"
|
||||
|
||||
target-release::
|
||||
Passed on to apt-get install, see apt-get(8).
|
||||
Essentially allows you to retrieve packages from a different release
|
||||
|
||||
EXAMPLES
|
||||
--------
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
name
|
||||
version
|
||||
state
|
||||
target-release
|
||||
|
|
|
@ -27,37 +27,40 @@ else
|
|||
name="$__object_id"
|
||||
fi
|
||||
|
||||
if [ -f "$__object/parameter/state" ]; then
|
||||
state_should="$(cat "$__object/parameter/state")"
|
||||
else
|
||||
state_should="present"
|
||||
state_should="$(cat "$__object/parameter/state")"
|
||||
|
||||
version="$(cat "$__object/parameter/version")"
|
||||
|
||||
if [ -n "$version" ]; then
|
||||
name="=$name-$version"
|
||||
fi
|
||||
|
||||
pkg_version="$(cat "$__object/explorer/pkg_version")"
|
||||
if [ -z "$pkg_version" ]; then
|
||||
state_is="absent"
|
||||
elif [ $(echo "$pkg_version" | wc -l) -gt 1 ]; then
|
||||
elif [ -z "$version" -a $(echo "$pkg_version" | wc -l) -gt 1 ]; then
|
||||
echo "Package name is not unique! The following packages are installed:"
|
||||
echo "$pkg_version"
|
||||
exit 1
|
||||
elif [ -n "$version" -a $(echo "$pkg_version" | cut -d " " -f 1 | sort | uniq | wc -l) -gt 1 ]; then
|
||||
echo "Package name is not unique! The following packages are installed:"
|
||||
echo "$pkg_version"
|
||||
exit 1
|
||||
else
|
||||
state_is="present"
|
||||
installed_version="$(echo "$pkg_version" | cut -d " " -f 2)"
|
||||
if [ -n "$version" ] && echo "$pkg_version" | cut -d " " -f 2 | grep -q -x "$version"; then
|
||||
installed_version="$(echo "$pkg_version" | cut -d " " -f 2 | grep -x "$version")"
|
||||
else
|
||||
installed_version="$(echo "$pkg_version" | cut -d " " -f 2 | tail -n 1)"
|
||||
fi
|
||||
fi
|
||||
|
||||
if [ -f "$__object/parameter/version" ]; then
|
||||
version="$(cat "$__object/parameter/version")"
|
||||
if [ ! -z "$version" ]; then
|
||||
name="=$name-$version"
|
||||
fi
|
||||
else
|
||||
version=""
|
||||
fi
|
||||
|
||||
# Exit if nothing is needed to be done
|
||||
[ "$state_is" = "$state_should" ] && ( [ -z "$version" ] || [ "$installed_version" = "$version" ] ) && exit 0
|
||||
[ "$state_should" = "absent" ] && [ ! -z "$version" ] && [ "$installed_version" != "$version" ] && exit 0
|
||||
|
||||
|
||||
case "$state_should" in
|
||||
present)
|
||||
echo "emerge \"$name\" &>/dev/null || exit 1"
|
||||
|
|
1
cdist/conf/type/__package_emerge/parameter/default/state
Normal file
1
cdist/conf/type/__package_emerge/parameter/default/state
Normal file
|
@ -0,0 +1 @@
|
|||
present
|
37
cdist/conf/type/__package_pkgng_freebsd/explorer/pkg_version
Executable file
37
cdist/conf/type/__package_pkgng_freebsd/explorer/pkg_version
Executable file
|
@ -0,0 +1,37 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# 2014 Jake Guffey (jake.guffey at eprotex.com)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
#
|
||||
# Retrieve the status of a package - parsed dpkg output
|
||||
#
|
||||
|
||||
if [ -f "$__object/parameter/name" ]; then
|
||||
name="$(cat "$__object/parameter/name")"
|
||||
else
|
||||
name="$__object_id"
|
||||
fi
|
||||
|
||||
# Don't produce "no pkgs installed" output -- breaks things
|
||||
PKG_OUTPUT=$(pkg info 2>&1)
|
||||
echo -n "$(echo "$PKG_OUTPUT" \
|
||||
| awk '{print $1}' \
|
||||
| sed 's/^\(.*\)-\([^-]*\)$/name:\1 ver:\2/g' \
|
||||
| grep "name:$name ver:" \
|
||||
| sed 's/^.*ver:\(.*\)/\1/g')"
|
||||
|
139
cdist/conf/type/__package_pkgng_freebsd/gencode-remote
Executable file
139
cdist/conf/type/__package_pkgng_freebsd/gencode-remote
Executable file
|
@ -0,0 +1,139 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# 2014 Jake Guffey (jake.guffey at eprotex.com)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
#
|
||||
# Manage packages with pkg on FreeBSD
|
||||
#
|
||||
|
||||
# Debug
|
||||
#exec >&2
|
||||
#set -x
|
||||
|
||||
if [ -f "$__object/parameter/name" ]; then
|
||||
name="$(cat "$__object/parameter/name")"
|
||||
else
|
||||
name="$__object_id"
|
||||
fi
|
||||
|
||||
if [ -f "$__object/parameter/flavor" ]; then
|
||||
flavor="$(cat "$__object/parameter/flavor")"
|
||||
fi
|
||||
|
||||
if [ -f "$__object/parameter/version" ]; then
|
||||
version="$(cat "$__object/parameter/version")"
|
||||
fi
|
||||
|
||||
if [ -f "$__object/parameter/upgrade" ]; then
|
||||
upgrade="true"
|
||||
else
|
||||
upgrade="false"
|
||||
fi
|
||||
|
||||
if [ -f "$__object/parameter/repo" ]; then
|
||||
repo="$(cat "$__object/parameter/repo")"
|
||||
fi
|
||||
|
||||
if [ -f "$__object/parameter/state" ]; then
|
||||
state="$(cat "$__object/parameter/state")"
|
||||
else
|
||||
state="present"
|
||||
fi
|
||||
curr_version="$(cat "$__object/explorer/pkg_version")"
|
||||
add_cmd="pkg install -y"
|
||||
rm_cmd="pkg delete -y"
|
||||
upg_cmd="pkg upgrade -y"
|
||||
cmd=""
|
||||
|
||||
# Print the command to be executed
|
||||
# Parms: $1 -- mode, "rm", "add", or "upg"
|
||||
# $2 -- the command to be echoed
|
||||
execcmd(){
|
||||
local _cmd=""
|
||||
|
||||
case "$1" in
|
||||
add)
|
||||
_cmd="${add_cmd} $2"
|
||||
;;
|
||||
rm)
|
||||
_cmd="${rm_cmd} $2"
|
||||
;;
|
||||
upg)
|
||||
_cmd="${upg_cmd} $2"
|
||||
;;
|
||||
*)
|
||||
printf "Error. Don't understand command: %s" "$1" >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
|
||||
echo "$_cmd 2>&- >&-" # Silence the output of the command
|
||||
echo "status=\$?"
|
||||
echo "if [ \"\$status\" -ne \"0\" ]; then"
|
||||
echo " echo \"Error: ${_cmd} exited nonzero with \$status\"'!' >&2"
|
||||
echo " exit 1"
|
||||
echo "fi"
|
||||
}
|
||||
|
||||
if [ -n "$curr_version" ]; then # PKG *is* installed
|
||||
if [ -n "$repo" ]; then
|
||||
cmd="-r ${repo} ${name}"
|
||||
else
|
||||
cmd="${name}"
|
||||
fi
|
||||
if [ -n "$flavor" ]; then
|
||||
cmd="${cmd}-${flavor}"
|
||||
fi
|
||||
# PKG is supposed to be removed
|
||||
if [ "$state" = "absent" ]; then
|
||||
execcmd "rm" "${cmd}"
|
||||
# PKG is supposed to be installed to a particular version
|
||||
elif [ -n "$version" ] && [ "$version" != "$curr_version" ]; then
|
||||
if [ "$upgrade" = "true" ]; then
|
||||
execcmd "upg" "${cmd}"
|
||||
else
|
||||
printf "Version %s is already installed and pkg-ng can't upgrade directly to version %s.\nTo upgrade to the latest version, use the --upgrade flag.\n" "$curr_version" "$version" >&2
|
||||
exit 1
|
||||
fi
|
||||
# PKG is supposed to be installed to the latest version
|
||||
else
|
||||
: # Do nothing.
|
||||
fi
|
||||
else # PKG *isn't* installed
|
||||
if [ "$state" = "absent" ]; then # Shouldn't be installed
|
||||
exit 0
|
||||
else # Should be installed
|
||||
if [ -n "$repo" ]; then
|
||||
cmd="-r ${repo} ${name}"
|
||||
else
|
||||
cmd="${name}"
|
||||
fi
|
||||
if [ -n "$flavor" ]; then
|
||||
cmd="${cmd}-${flavor}"
|
||||
fi
|
||||
if [ -n "$version" ]; then
|
||||
cmd="${cmd}-${version}"
|
||||
fi
|
||||
|
||||
execcmd "add" "$cmd"
|
||||
exit 0
|
||||
fi
|
||||
fi
|
||||
|
||||
# Debug
|
||||
#set +x
|
97
cdist/conf/type/__package_pkgng_freebsd/man.text
Normal file
97
cdist/conf/type/__package_pkgng_freebsd/man.text
Normal file
|
@ -0,0 +1,97 @@
|
|||
cdist-type__package_pkgng_freebsd(7)
|
||||
==================================
|
||||
Jake Guffey <jake.guffey--@--eprotex.com>
|
||||
|
||||
|
||||
NAME
|
||||
----
|
||||
cdist-type__package_pkgng_freebsd - Manage FreeBSD packages with pkg-ng
|
||||
|
||||
|
||||
DESCRIPTION
|
||||
-----------
|
||||
This type is usually used on FreeBSD to manage packages.
|
||||
|
||||
|
||||
REQUIRED PARAMETERS
|
||||
-------------------
|
||||
None
|
||||
|
||||
|
||||
OPTIONAL PARAMETERS
|
||||
-------------------
|
||||
name::
|
||||
If supplied, use the name and not the object id as the package name.
|
||||
|
||||
flavor::
|
||||
If supplied, use to avoid ambiguity.
|
||||
|
||||
version::
|
||||
If supplied, use to install a specific version of the package named.
|
||||
|
||||
repo::
|
||||
If supplied, use to install the package named from a particular repo.
|
||||
|
||||
state::
|
||||
Either "present" or "absent", defaults to "present"
|
||||
|
||||
|
||||
BOOLEAN PARAMETERS
|
||||
------------------
|
||||
upgrade::
|
||||
If supplied, allow upgrading to the latest version of a package.
|
||||
|
||||
|
||||
CAVEATS
|
||||
-------
|
||||
This type requires that repository definitions already exist in /etc/pkg/*.conf.
|
||||
Ensure that they exist prior to use of this type with __file.
|
||||
|
||||
pkg-ng can't upgrade a package to a specific version. If this type needs to
|
||||
upgrade a package, it can only ugprade to the latest available version. If the
|
||||
"upgrade" parameter is not given and an upgrade needs to occur, an error will result.
|
||||
|
||||
|
||||
MESSAGES
|
||||
--------
|
||||
install::
|
||||
The package was installed
|
||||
remove::
|
||||
The package was removed
|
||||
upgrade::
|
||||
The package was upgraded
|
||||
exist::
|
||||
The package was already present and thus not installed
|
||||
|
||||
|
||||
EXAMPLES
|
||||
--------
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
# Ensure zsh is installed
|
||||
__package_pkgng_freebsd zsh --state present
|
||||
|
||||
# Ensure vim is installed, use flavor no_x11
|
||||
__package_pkgng_freebsd vim --state present --flavor no_x11
|
||||
|
||||
# If you don't want to follow pythonX packages, but always use python
|
||||
__package_pkgng_freebsd python --state present --name python2
|
||||
|
||||
# Install a package from a particular repository when multiples exist
|
||||
__package_pkgng_freebsd bash --state present --repo myrepo
|
||||
|
||||
# Remove obsolete package
|
||||
__package_pkgng_freebsd puppet --state absent
|
||||
--------------------------------------------------------------------------------
|
||||
|
||||
|
||||
SEE ALSO
|
||||
--------
|
||||
- cdist-type(7)
|
||||
- cdist-type__package(7)
|
||||
|
||||
|
||||
COPYING
|
||||
-------
|
||||
Copyright \(C) 2014 Jake Guffey. Free use of this software is
|
||||
granted under the terms of the GNU General Public License version 3 (GPLv3).
|
|
@ -0,0 +1 @@
|
|||
upgrade
|
|
@ -0,0 +1,5 @@
|
|||
name
|
||||
flavor
|
||||
version
|
||||
repo
|
||||
state
|
50
cdist/conf/type/__package_update_index/gencode-remote
Executable file
50
cdist/conf/type/__package_update_index/gencode-remote
Executable file
|
@ -0,0 +1,50 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# 2014 Ricardo Catalinas Jiménez (jimenezrick at gmail.com)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
#
|
||||
# Update the package index with the appropriate package manager
|
||||
#
|
||||
|
||||
type="$__object/parameter/type"
|
||||
|
||||
if [ -f "$type" ]; then
|
||||
type="$(cat "$type")"
|
||||
else
|
||||
# By default determine package manager based on operating system
|
||||
os="$(cat "$__global/explorer/os")"
|
||||
case "$os" in
|
||||
amazon|centos|fedora|redhat) type="yum" ;;
|
||||
debian|ubuntu) type="apt" ;;
|
||||
archlinux) type="pacman" ;;
|
||||
*)
|
||||
echo "Don't know how to manage packages on: $os" >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
fi
|
||||
|
||||
case "$type" in
|
||||
yum) ;;
|
||||
apt) echo "apt-get --quiet update" ;;
|
||||
pacman) echo "pacman --noprogressbar --sync --refresh" ;;
|
||||
*)
|
||||
echo "Don't know how to manage packages on: $os" >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
52
cdist/conf/type/__package_update_index/man.text
Normal file
52
cdist/conf/type/__package_update_index/man.text
Normal file
|
@ -0,0 +1,52 @@
|
|||
cdist-type__package_update_index(7)
|
||||
===================================
|
||||
Ricardo Catalinas Jiménez <jimenezrick--@--gmail.com>
|
||||
|
||||
|
||||
NAME
|
||||
----
|
||||
cdist-type__package_update_index - Update the package index
|
||||
|
||||
|
||||
DESCRIPTION
|
||||
-----------
|
||||
This cdist type allows you to update the package index on the target.
|
||||
It will automatically use the appropriate package manager.
|
||||
|
||||
|
||||
REQUIRED PARAMETERS
|
||||
-------------------
|
||||
None
|
||||
|
||||
|
||||
OPTIONAL PARAMETERS
|
||||
-------------------
|
||||
type::
|
||||
The package manager to use. Default is determined based on the $os
|
||||
explorer variable.
|
||||
e.g. apt for Debian
|
||||
yum for Red Hat
|
||||
pacman for Arch Linux
|
||||
|
||||
|
||||
EXAMPLES
|
||||
--------
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
# Update the package index on the target
|
||||
__package_update_index
|
||||
|
||||
# Force use of a specific package manager
|
||||
__package_update_index --type apt
|
||||
--------------------------------------------------------------------------------
|
||||
|
||||
|
||||
SEE ALSO
|
||||
--------
|
||||
- cdist-type(7)
|
||||
|
||||
|
||||
COPYING
|
||||
-------
|
||||
Copyright \(C) 2014 Ricardo Catalinas Jiménez. Free use of this software is
|
||||
granted under the terms of the GNU General Public License version 3 (GPLv3).
|
|
@ -0,0 +1 @@
|
|||
type
|
0
cdist/conf/type/__package_update_index/singleton
Normal file
0
cdist/conf/type/__package_update_index/singleton
Normal file
62
cdist/conf/type/__package_upgrade_all/gencode-remote
Executable file
62
cdist/conf/type/__package_upgrade_all/gencode-remote
Executable file
|
@ -0,0 +1,62 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# 2014 Ricardo Catalinas Jiménez (jimenezrick at gmail.com)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
#
|
||||
# Upgrade all the already installed packages with the appropriate package
|
||||
# manager
|
||||
#
|
||||
|
||||
type="$__object/parameter/type"
|
||||
|
||||
if [ -f "$type" ]; then
|
||||
type="$(cat "$type")"
|
||||
else
|
||||
# By default determine package manager based on operating system
|
||||
os="$(cat "$__global/explorer/os")"
|
||||
case "$os" in
|
||||
amazon|centos|fedora|redhat) type="yum" ;;
|
||||
debian|ubuntu) type="apt" ;;
|
||||
archlinux) type="pacman" ;;
|
||||
*)
|
||||
echo "Don't know how to manage packages on: $os" >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
fi
|
||||
|
||||
aptget="DEBIAN_FRONTEND=noninteractive apt-get --quiet --yes --no-install-recommends -o Dpkg::Options::=\"--force-confdef\" -o Dpkg::Options::=\"--force-confold\""
|
||||
|
||||
case "$type" in
|
||||
yum)
|
||||
echo "yum --quiet --assumeyes update"
|
||||
echo "yum --quiet clean all"
|
||||
;;
|
||||
apt)
|
||||
echo $aptget dist-upgrade
|
||||
echo "apt-get --quiet autoclean"
|
||||
;;
|
||||
pacman)
|
||||
echo "pacman --noprogressbar --noconfirm --sync --sysupgrade"
|
||||
echo "pacman --noprogressbar --noconfirm --sync --clean"
|
||||
;;
|
||||
*)
|
||||
echo "Don't know how to manage packages on: $os" >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
52
cdist/conf/type/__package_upgrade_all/man.text
Normal file
52
cdist/conf/type/__package_upgrade_all/man.text
Normal file
|
@ -0,0 +1,52 @@
|
|||
cdist-type__package_upgrade_all(7)
|
||||
==================================
|
||||
Ricardo Catalinas Jiménez <jimenezrick--@--gmail.com>
|
||||
|
||||
|
||||
NAME
|
||||
----
|
||||
cdist-type__package_upgrade_all - Upgrade all the installed packages
|
||||
|
||||
|
||||
DESCRIPTION
|
||||
-----------
|
||||
This cdist type allows you to upgrade all the installed packages on the
|
||||
target. It will automatically use the appropriate package manager.
|
||||
|
||||
|
||||
REQUIRED PARAMETERS
|
||||
-------------------
|
||||
None
|
||||
|
||||
|
||||
OPTIONAL PARAMETERS
|
||||
-------------------
|
||||
type::
|
||||
The package manager to use. Default is determined based on the $os
|
||||
explorer variable.
|
||||
e.g. apt for Debian
|
||||
yum for Red Hat
|
||||
pacman for Arch Linux
|
||||
|
||||
|
||||
EXAMPLES
|
||||
--------
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
# Upgrade all the installed packages on the target
|
||||
__package_upgrade_all
|
||||
|
||||
# Force use of a specific package manager
|
||||
__package_upgrade_all --type apt
|
||||
--------------------------------------------------------------------------------
|
||||
|
||||
|
||||
SEE ALSO
|
||||
--------
|
||||
- cdist-type(7)
|
||||
|
||||
|
||||
COPYING
|
||||
-------
|
||||
Copyright \(C) 2014 Ricardo Catalinas Jiménez. Free use of this software is
|
||||
granted under the terms of the GNU General Public License version 3 (GPLv3).
|
1
cdist/conf/type/__package_upgrade_all/parameter/optional
Normal file
1
cdist/conf/type/__package_upgrade_all/parameter/optional
Normal file
|
@ -0,0 +1 @@
|
|||
type
|
0
cdist/conf/type/__package_upgrade_all/singleton
Normal file
0
cdist/conf/type/__package_upgrade_all/singleton
Normal file
|
@ -1,5 +1,5 @@
|
|||
cdist-type__qemu_img(7)
|
||||
========================
|
||||
=======================
|
||||
Nico Schottelius <nico-cdist--@--schottelius.org>
|
||||
|
||||
|
||||
|
|
26
cdist/conf/type/__ssh_authorized_key/explorer/entry
Executable file
26
cdist/conf/type/__ssh_authorized_key/explorer/entry
Executable file
|
@ -0,0 +1,26 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# 2014 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
# extract the keytype and base64 encoded key ignoring any options and comment
|
||||
type_and_key="$(cat "$__object/parameter/key" | tr ' ' '\n' | awk '/^(ssh|ecdsa)-[^ ]+/ { printf $1" "; getline; printf $1 }')"
|
||||
file="$(cat $__object/parameter/file)"
|
||||
|
||||
# get any entries that match the type and key
|
||||
grep ".*$type_and_key[ \n]" "$file" || true
|
109
cdist/conf/type/__ssh_authorized_key/gencode-remote
Executable file
109
cdist/conf/type/__ssh_authorized_key/gencode-remote
Executable file
|
@ -0,0 +1,109 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# 2014 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
set -u
|
||||
|
||||
remove_line() {
|
||||
file="$1"
|
||||
line="$2"
|
||||
cat << DONE
|
||||
tmpfile=\$(mktemp ${file}.cdist.XXXXXXXXXX)
|
||||
# preserve ownership and permissions of existing file
|
||||
if [ -f "$file" ]; then
|
||||
cp -p "$file" "\$tmpfile"
|
||||
fi
|
||||
grep -v -F -x '$line' '$file' > \$tmpfile || true
|
||||
mv -f "\$tmpfile" "$file"
|
||||
DONE
|
||||
}
|
||||
|
||||
add_line() {
|
||||
file="$1"
|
||||
line="$2"
|
||||
# escape single quotes
|
||||
line_sanitised=$(echo "$line" | sed -e "s/'/'\"'\"'/g")
|
||||
printf '%s' "printf '%s\n' '$line_sanitised' >> $file"
|
||||
}
|
||||
|
||||
|
||||
file="$(cat "$__object/parameter/file")"
|
||||
mkdir "$__object/files"
|
||||
|
||||
# Generate the entry as it should be
|
||||
(
|
||||
if [ -f "$__object/parameter/option" ]; then
|
||||
# comma seperated list of options
|
||||
options="$(cat "$__object/parameter/option" | tr '\n' ',')"
|
||||
printf '%s ' "${options%*,}"
|
||||
fi
|
||||
if [ -f "$__object/parameter/comment" ]; then
|
||||
# extract the keytype and base64 encoded key ignoring any options and comment
|
||||
printf '%s ' "$(cat "$__object/parameter/key" | tr ' ' '\n' | awk '/^(ssh|ecdsa)-[^ ]+/ { printf $1" "; getline; printf $1 }')"
|
||||
# override the comment with the one explicitly given
|
||||
printf '%s' "$(cat "$__object/parameter/comment")"
|
||||
else
|
||||
printf '%s' "$(cat "$__object/parameter/key")"
|
||||
fi
|
||||
printf '\n'
|
||||
) > "$__object/files/should"
|
||||
|
||||
# Remove conflicting entries if any
|
||||
if [ -s "$__object/explorer/entry" ]; then
|
||||
# Note that the files have to be sorted for comparison with `comm`.
|
||||
sort "$__object/explorer/entry" > "$__object/files/is"
|
||||
comm -13 "$__object/files/should" "$__object/files/is" | {
|
||||
while read entry; do
|
||||
remove_line "$file" "$entry"
|
||||
done
|
||||
}
|
||||
fi
|
||||
|
||||
# Determine the current state
|
||||
entry="$(cat "$__object/files/should")"
|
||||
state_should="$(cat "$__object/parameter/state")"
|
||||
num_existing_entries=$(grep -c -F -x "$entry" "$__object/explorer/entry" || true)
|
||||
if [ $num_existing_entries -eq 1 ]; then
|
||||
state_is="present"
|
||||
else
|
||||
# Posix grep does not define the -m option, so we can not remove a single
|
||||
# occurence of a string from a file in the `remove_line` function. Instead
|
||||
# _all_ occurences are removed.
|
||||
# By using `comm` to detect conflicting entries this could lead to the
|
||||
# situation that the key we want to add is actually removed.
|
||||
# To workaround this we must treat 0 or more then 1 existing entries to
|
||||
# mean current state is 'absent'. By doing this, the key is readded
|
||||
# again after cleaning up conflicting entries.
|
||||
state_is="absent"
|
||||
fi
|
||||
|
||||
# Manage the actual entry as it should be
|
||||
if [ "$state_should" = "$state_is" ]; then
|
||||
# Nothing to do
|
||||
exit 0
|
||||
fi
|
||||
|
||||
case "$state_should" in
|
||||
present)
|
||||
add_line "$file" "$entry"
|
||||
;;
|
||||
absent)
|
||||
remove_line "$file" "$entry"
|
||||
;;
|
||||
esac
|
67
cdist/conf/type/__ssh_authorized_key/man.text
Normal file
67
cdist/conf/type/__ssh_authorized_key/man.text
Normal file
|
@ -0,0 +1,67 @@
|
|||
cdist-type__ssh_authorized_key(7)
|
||||
=================================
|
||||
Steven Armstrong <steven-cdist--@--armstrong.cc>
|
||||
|
||||
|
||||
NAME
|
||||
----
|
||||
cdist-type__ssh_authorized_key - manage a single ssh authorized key entry
|
||||
|
||||
|
||||
DESCRIPTION
|
||||
-----------
|
||||
Manage a single authorized key entry in an authorized_key file.
|
||||
This type was created to be used by the __ssh_authorized_keys type.
|
||||
|
||||
|
||||
REQUIRED PARAMETERS
|
||||
-------------------
|
||||
file::
|
||||
the authorized_keys file to which the given key should be added
|
||||
|
||||
key::
|
||||
a string containing the ssh keytype, base 64 encoded key and optional
|
||||
trailing comment which shall be added to the given authorized_keys file.
|
||||
|
||||
|
||||
OPTIONAL PARAMETERS
|
||||
-------------------
|
||||
comment::
|
||||
explicit comment instead of the one which may be trailing the given key
|
||||
|
||||
option::
|
||||
an option to set for this authorized_key entry.
|
||||
Can be specified multiple times.
|
||||
See sshd(8) for available options.
|
||||
|
||||
state::
|
||||
if the given keys should be 'present' or 'absent', defaults to 'present'.
|
||||
|
||||
|
||||
EXAMPLES
|
||||
--------
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
__ssh_authorized_key some-id \
|
||||
--file "/home/user/.ssh/autorized_keys" \
|
||||
--key "$(cat ~/.ssh/id_rsa.pub)"
|
||||
|
||||
__ssh_authorized_key some-id \
|
||||
--file "/home/user/.ssh/autorized_keys" \
|
||||
--key "$(cat ~/.ssh/id_rsa.pub)" \
|
||||
--option 'command="/path/to/script"' \
|
||||
--option 'environment="FOO=bar"' \
|
||||
--comment 'one to rule them all'
|
||||
--------------------------------------------------------------------------------
|
||||
|
||||
|
||||
SEE ALSO
|
||||
--------
|
||||
- cdist-type(7)
|
||||
- cdist__ssh_authorized_keys(7)
|
||||
- sshd(8)
|
||||
|
||||
COPYING
|
||||
-------
|
||||
Copyright \(C) 2014 Steven Armstrong. Free use of this software is
|
||||
granted under the terms of the GNU General Public License version 3 (GPLv3).
|
|
@ -0,0 +1 @@
|
|||
present
|
2
cdist/conf/type/__ssh_authorized_key/parameter/optional
Normal file
2
cdist/conf/type/__ssh_authorized_key/parameter/optional
Normal file
|
@ -0,0 +1,2 @@
|
|||
comment
|
||||
state
|
|
@ -0,0 +1 @@
|
|||
option
|
2
cdist/conf/type/__ssh_authorized_key/parameter/required
Normal file
2
cdist/conf/type/__ssh_authorized_key/parameter/required
Normal file
|
@ -0,0 +1,2 @@
|
|||
file
|
||||
key
|
27
cdist/conf/type/__ssh_authorized_keys/explorer/file
Executable file
27
cdist/conf/type/__ssh_authorized_keys/explorer/file
Executable file
|
@ -0,0 +1,27 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# 2014 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
if [ -f "$__object/parameter/file" ]; then
|
||||
cat "$__object/parameter/file"
|
||||
else
|
||||
owner="$(cat "$__object/parameter/owner" 2>/dev/null || echo "$__object_id")"
|
||||
home=$(getent passwd "$owner" | cut -d':' -f 6)
|
||||
echo "$home/.ssh/authorized_keys"
|
||||
fi
|
|
@ -18,5 +18,6 @@
|
|||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
gid="$("$__type_explorer/passwd" | cut -d':' -f 4)"
|
||||
owner="$(cat "$__object/parameter/owner" 2>/dev/null || echo "$__object_id")"
|
||||
gid="$(getent passwd "$owner" | cut -d':' -f 4)"
|
||||
getent group "$gid" || true
|
||||
|
|
|
@ -12,13 +12,13 @@ DESCRIPTION
|
|||
-----------
|
||||
Adds or removes ssh keys from a authorized_keys file.
|
||||
|
||||
This type uses the __ssh_dot_ssh type to the directory containing
|
||||
the authorized_keys file.
|
||||
You can disable this feature with the --noparent boolean parameter.
|
||||
This type uses the __ssh_dot_ssh type to manage the directory containing
|
||||
the authorized_keys file. You can disable this feature with the --noparent
|
||||
boolean parameter.
|
||||
|
||||
The existence, ownership and permissions of the authorized_keys file itself are
|
||||
also managed. This can be disabled with the --nofile boolean parameter. It is
|
||||
then left to the user to ensure that the file exists and that ownership and
|
||||
then left to the user to ensure that the file exists and that ownership and
|
||||
permissions work with ssh.
|
||||
|
||||
|
||||
|
@ -31,15 +31,23 @@ key::
|
|||
|
||||
OPTIONAL PARAMETERS
|
||||
-------------------
|
||||
comment::
|
||||
explicit comment instead of the one which may be trailing the given key
|
||||
|
||||
file::
|
||||
an alternative destination file, defaults to ~$owner/.ssh/authorized_keys
|
||||
|
||||
option::
|
||||
an option to set for all created authorized_key entries.
|
||||
Can be specified multiple times.
|
||||
See sshd(8) for available options.
|
||||
|
||||
owner::
|
||||
the user owning the authorized_keys file, defaults to object_id.
|
||||
|
||||
state::
|
||||
if the given keys should be 'present' or 'absent', defaults to 'present'.
|
||||
|
||||
file::
|
||||
an alternative destination file, defaults to ~$owner/.ssh/authorized_keys
|
||||
|
||||
|
||||
BOOLEAN PARAMETERS
|
||||
------------------
|
||||
|
@ -64,13 +72,24 @@ __ssh_authorized_keys root \
|
|||
__ssh_authorized_keys user-name \
|
||||
--key "ssh-rsa AXYZAAB3NzaC1yc2..."
|
||||
|
||||
# allow key to login as user-name with options and expicit comment
|
||||
__ssh_authorized_keys user-name \
|
||||
--key "ssh-rsa AXYZAAB3NzaC1yc2..." \
|
||||
--option no-agent-forwarding \
|
||||
--option 'from="*.example.com"' \
|
||||
--comment 'backup server'
|
||||
|
||||
# same as above, but with explicit owner and two keys
|
||||
# note that the options are set for all given keys
|
||||
__ssh_authorized_keys some-fancy-id \
|
||||
--owner user-name \
|
||||
--key "ssh-rsa AXYZAAB3NzaC1yc2..." \
|
||||
--key "ssh-rsa AZXYAAB3NzaC1yc2..."
|
||||
--key "ssh-rsa AZXYAAB3NzaC1yc2..." \
|
||||
--option no-agent-forwarding \
|
||||
--option 'from="*.example.com"' \
|
||||
--comment 'backup server'
|
||||
|
||||
# same as above, but authorized_keys file in non standard location
|
||||
# authorized_keys file in non standard location
|
||||
__ssh_authorized_keys some-fancy-id \
|
||||
--file /etc/ssh/keys/user-name/authorized_keys \
|
||||
--owner user-name \
|
||||
|
@ -89,6 +108,7 @@ __ssh_authorized_keys some-fancy-id \
|
|||
SEE ALSO
|
||||
--------
|
||||
- cdist-type(7)
|
||||
- sshd(8)
|
||||
|
||||
|
||||
COPYING
|
||||
|
|
|
@ -21,16 +21,7 @@
|
|||
|
||||
owner="$(cat "$__object/parameter/owner" 2>/dev/null || echo "$__object_id")"
|
||||
state="$(cat "$__object/parameter/state" 2>/dev/null)"
|
||||
if [ -f "$__object/parameter/file" ]; then
|
||||
file="$(cat "$__object/parameter/file")"
|
||||
else
|
||||
home="$(cut -d':' -f 6 "$__object/explorer/passwd")"
|
||||
if [ -z "$home" ]; then
|
||||
echo "Failed to get home directory from explorer." >&2
|
||||
exit 1
|
||||
fi
|
||||
file="$home/.ssh/authorized_keys"
|
||||
fi
|
||||
file="$(cat "$__object/explorer/file")"
|
||||
|
||||
if [ ! -f "$__object/parameter/noparent" -o ! -f "$__object/parameter/nofile" ]; then
|
||||
group="$(cut -d':' -f 1 "$__object/explorer/group")"
|
||||
|
@ -50,6 +41,7 @@ if [ ! -f "$__object/parameter/noparent" -o ! -f "$__object/parameter/nofile" ];
|
|||
--group "$group" \
|
||||
--mode 0600 \
|
||||
--state exists
|
||||
export require="__file/$file"
|
||||
fi
|
||||
fi
|
||||
|
||||
|
@ -63,22 +55,25 @@ __block "$__object_name" \
|
|||
--text - << DONE
|
||||
remove legacy block
|
||||
DONE
|
||||
export require="__block/$__object_name"
|
||||
|
||||
_cksum() {
|
||||
echo "$1" | cksum | cut -d' ' -f 1
|
||||
}
|
||||
|
||||
while read key; do
|
||||
cksum_key="$(_cksum "$key")"
|
||||
line_id="${owner}-${cksum_key}"
|
||||
|
||||
set -- "$line_id"
|
||||
type_and_key="$(echo "$key" | tr ' ' '\n' | awk '/^(ssh|ecdsa)-[^ ]+/ { printf $1" "; getline; printf $1 }')"
|
||||
object_id="$(_cksum "$file")-$(_cksum "$type_and_key")"
|
||||
set -- "$object_id"
|
||||
set -- "$@" --file "$file"
|
||||
set -- "$@" --regex ".*$key.*"
|
||||
if [ "$state" = 'present' ]; then
|
||||
set -- "$@" --line "$key"
|
||||
fi
|
||||
set -- "$@" --key "$key"
|
||||
set -- "$@" --state "$state"
|
||||
# Ensure __line does not read stdin
|
||||
require="__block/$__object_name" __line "$@" < /dev/null
|
||||
if [ -f "$__object/parameter/option" ]; then
|
||||
set -- "$@" --option "$(cat "$__object/parameter/option")"
|
||||
fi
|
||||
if [ -f "$__object/parameter/comment" ]; then
|
||||
set -- "$@" --comment "$(cat "$__object/parameter/comment")"
|
||||
fi
|
||||
# Ensure __ssh_authorized_key does not read stdin
|
||||
__ssh_authorized_key "$@" < /dev/null
|
||||
done < "$__object/parameter/key"
|
||||
|
|
|
@ -1,3 +1,5 @@
|
|||
comment
|
||||
file
|
||||
option
|
||||
owner
|
||||
state
|
||||
file
|
||||
|
|
|
@ -229,12 +229,12 @@ class Config(object):
|
|||
for requirement in cdist_object.requirements_unfinished(cdist_object.autorequire):
|
||||
autorequire_names.append(requirement.name)
|
||||
|
||||
requirements = ", ".join(requirement_names)
|
||||
autorequire = ", ".join(autorequire_names)
|
||||
info_string.append("%s requires: %s autorequires: %s" % (cdist_object.name, requirements, autorequire))
|
||||
requirements = "\n ".join(requirement_names)
|
||||
autorequire = "\n ".join(autorequire_names)
|
||||
info_string.append("%s requires:\n %s\n%s autorequires:\n %s" % (cdist_object.name, requirements, cdist_object.name, autorequire))
|
||||
|
||||
raise cdist.UnresolvableRequirementsError("The requirements of the following objects could not be resolved: %s" %
|
||||
("; ".join(info_string)))
|
||||
raise cdist.UnresolvableRequirementsError("The requirements of the following objects could not be resolved:\n%s" %
|
||||
("\n".join(info_string)))
|
||||
|
||||
def object_prepare(self, cdist_object):
|
||||
"""Prepare object: Run type explorer + manifest"""
|
||||
|
|
|
@ -204,11 +204,13 @@ class CdistType(object):
|
|||
try:
|
||||
defaults_dir = os.path.join(self.absolute_path, "parameter", "default")
|
||||
for name in os.listdir(defaults_dir):
|
||||
with open(os.path.join(defaults_dir, name)) as fd:
|
||||
defaults[name] = fd.read().strip()
|
||||
try:
|
||||
with open(os.path.join(defaults_dir, name)) as fd:
|
||||
defaults[name] = fd.read().strip()
|
||||
except EnvironmentError:
|
||||
pass # Swallow errors raised by open() or read()
|
||||
except EnvironmentError:
|
||||
# error ignored
|
||||
pass
|
||||
pass # Swallow error raised by os.listdir()
|
||||
finally:
|
||||
self.__parameter_defaults = defaults
|
||||
return self.__parameter_defaults
|
||||
|
|
|
@ -144,4 +144,4 @@ class Manifest(object):
|
|||
type_manifest = os.path.join(self.local.type_path, cdist_object.cdist_type.manifest_path)
|
||||
message_prefix = cdist_object.name
|
||||
if os.path.isfile(type_manifest):
|
||||
self.local.run_script(type_manifest, env=self.env_type_manifest(cdist_object))
|
||||
self.local.run_script(type_manifest, env=self.env_type_manifest(cdist_object), message_prefix=message_prefix)
|
||||
|
|
|
@ -37,12 +37,14 @@ class Message(object):
|
|||
self.prefix = prefix
|
||||
self.global_messages = messages
|
||||
|
||||
self.messages_in = tempfile.mkstemp(suffix='.cdist_message_in')[1]
|
||||
self.messages_out = tempfile.mkstemp(suffix='.cdist_message_out')[1]
|
||||
in_fd, self.messages_in = tempfile.mkstemp(suffix='.cdist_message_in')
|
||||
out_fd, self.messages_out = tempfile.mkstemp(suffix='.cdist_message_out')
|
||||
|
||||
os.close(in_fd)
|
||||
os.close(out_fd)
|
||||
|
||||
self._copy_messages()
|
||||
|
||||
|
||||
@property
|
||||
def env(self):
|
||||
env = {}
|
||||
|
|
|
@ -153,3 +153,10 @@ class TypeTestCase(test.CdistTestCase):
|
|||
self.assertFalse('optional2' in cdist_type.parameter_defaults)
|
||||
self.assertEqual(cdist_type.parameter_defaults['optional1'], 'value1')
|
||||
|
||||
def test_directory_in_default(self):
|
||||
base_path = fixtures
|
||||
cdist_type = core.CdistType(base_path, '__directory_in_default')
|
||||
self.assertEqual(
|
||||
list(sorted(cdist_type.parameter_defaults.keys())),
|
||||
['bar', 'foo']
|
||||
)
|
||||
|
|
|
@ -0,0 +1,2 @@
|
|||
foo
|
||||
bar
|
|
@ -5,6 +5,32 @@ Changelog
|
|||
* Exception: No braces means author == Nico Schottelius
|
||||
|
||||
|
||||
3.1.10: 2015-01-06
|
||||
* Core: Fix too many open files bug (#343)
|
||||
* Type __ssh_authorized_keys: Remove unneeded explorer (Steven Armstrong)
|
||||
* Type __ssh_authorized_keys: Fix empty output bug of entry explorer (Steven Armstrong)
|
||||
* Type __package_apt: Add support for --target-release
|
||||
* Type __locale: Add support for Ubuntu
|
||||
* Documentation: Fix typo in maintainer file (Stephan Kulla)
|
||||
|
||||
3.1.9: 2014-10-17
|
||||
* Type __package_emerge: Fix handling of slotted packages (Daniel Heule)
|
||||
* Type __package_apt: Use --force-confdef (Ricardo Catalinas Jiménez)
|
||||
* Type __package_update_index: Decrease verbosity (Ricardo Catalinas Jiménez)
|
||||
* Type __package_upgrade_all: Decrease verbosity (Ricardo Catalinas Jiménez)
|
||||
|
||||
3.1.8: 2014-10-01
|
||||
* New Type: __package_update_index (Ricardo Catalinas Jiménez)
|
||||
* New Type: __package_upgrade_all (Ricardo Catalinas Jiménez)
|
||||
|
||||
3.1.7: 2014-09-29
|
||||
* Type __cdistmarker: Fix typo (Ricardo Catalinas Jiménez)
|
||||
* Core: Bugfix: Export messaging to manifests (Ricardo Catalinas Jiménez)
|
||||
* Explorer cpu_cores, cpu_sockets, memory: Add Mac OS X support (Manuel Hutter)
|
||||
* Type __ssh_authorized_keys: Ensure keys are correctly added (Steven Armstrong)
|
||||
* New Type: __ssh_authorized_key (Steven Armstrong)
|
||||
* New Type: __package_pkgng_freebsd (Jake Guffey)
|
||||
|
||||
3.1.6: 2014-08-18
|
||||
* New Type: __ssh_dot_ssh
|
||||
* Type __package_yum: Support retrieving package via URL
|
||||
|
|
18
docs/dev/logs/2014-09-10.preos-keys
Normal file
18
docs/dev/logs/2014-09-10.preos-keys
Normal file
|
@ -0,0 +1,18 @@
|
|||
|
||||
cdist preos keyramfs --keyfile --keyfile
|
||||
|
||||
[17:51] freiheit:vcs% mkdir preos-keys
|
||||
[17:51] freiheit:vcs% mkdir -p preos-keys/root/.ssh
|
||||
[17:56] freiheit:vcs%
|
||||
|
||||
chown root:root -R preos-keys/
|
||||
chmod 0600 preos-keys/root/.ssh/authorized_keys
|
||||
|
||||
chmod 0700 preos-keys/root/
|
||||
chmod 0700 preos-keys/root/.ssh/
|
||||
|
||||
[18:20:17] freiheit:/home/users/nico/.ungleich/ungleich/vcs/preos-keys# find . | cpio -H newc -o | gzip -9 > ../initramfs.cpio.gz
|
||||
4 blocks
|
||||
[18:21:08] freiheit:/home/users/nico/.ungleich/ungleich/vcs/preos-keys#
|
||||
|
||||
|
104
docs/dev/logs/2014-11-11.discussion
Normal file
104
docs/dev/logs/2014-11-11.discussion
Normal file
|
@ -0,0 +1,104 @@
|
|||
- logging/cache destination
|
||||
local:
|
||||
~/.cdist/log/by-host/$__target/host/config/YYYY/MM/DD/hhmmss/
|
||||
~/.cdist/log/by-session/YYYY/MM/DD/hhmmss/$__target_host/
|
||||
config/
|
||||
install/
|
||||
export/
|
||||
remote:
|
||||
/var/lib/cdist/YYYY-MM-DD-hhmmss-$sourcehost.$pid
|
||||
|
||||
rm old directories on remote side
|
||||
|
||||
- support for tags
|
||||
- for partial configuration
|
||||
- supports also install
|
||||
- on object definition, define
|
||||
- a) don't care (i.e. no tags)
|
||||
- b) require tag (only if this tag is setup)
|
||||
- c) require not tag (only if this tag is *not* setup)
|
||||
- d) what if both given (conflicting)
|
||||
- names for parameters:
|
||||
- cdist config / cdist type
|
||||
--if-tag / --not-if-tag / --require-tag
|
||||
--not-if-tag
|
||||
|
||||
- logging
|
||||
- command line
|
||||
- stdin of cdist
|
||||
- stdout/stderr/stdin of types
|
||||
- new: stdout/stderr
|
||||
- initial manifest
|
||||
- if coming from stdin
|
||||
|
||||
- logging configurable
|
||||
- to be discussed
|
||||
|
||||
- sudo remote
|
||||
- cp to tmp & mv
|
||||
- umask issue?
|
||||
|
||||
- install
|
||||
- via tagged types
|
||||
-
|
||||
|
||||
- export
|
||||
- one /export script per type
|
||||
- exports of type running after object's code is done
|
||||
- global export should also exist after everything
|
||||
- PR & merge
|
||||
- change DONE status to CODE_DONE
|
||||
- introduce EXPORT_DONE
|
||||
|
||||
|
||||
- preos
|
||||
- merge with debian support only
|
||||
- we are open to support --os-type later
|
||||
|
||||
- stackable remotes
|
||||
- change API for remote_exec and remote_copy
|
||||
- new minor version
|
||||
- PR & merge
|
||||
|
||||
- locking
|
||||
- optional
|
||||
- remote lock
|
||||
- based on $(ls /var/lib/cdist/) > 0
|
||||
|
||||
- ideas for parallelisation
|
||||
- run explorer in parallel
|
||||
- type
|
||||
- object
|
||||
- objects without dependencies can be run in parallel
|
||||
|
||||
- connection test
|
||||
- just implement
|
||||
|
||||
- multi user environment
|
||||
- not really needed [at the moment]
|
||||
- can be implemented by
|
||||
- git branches
|
||||
- setting the output dir
|
||||
|
||||
- python2 support with __future__
|
||||
- steven votes against it
|
||||
- nico does not care too much to object
|
||||
|
||||
|
||||
- pull based
|
||||
- sshd / stdin + stdout
|
||||
- use Use ProxyCommand with stdin/stdout
|
||||
- http://www.nico.schottelius.org/blog/openssh-6.2-add-callback-functionality-using-dynamic-remote-port-forwarding/
|
||||
|
||||
- cdist grant-pull-access <targethost>
|
||||
- generate user
|
||||
- ssh pubkeypair
|
||||
- call wraper script on targethost
|
||||
- it is shell!
|
||||
- ssh cdistuser@controlhost
|
||||
|
||||
- config replay/redo/undo
|
||||
- not now
|
||||
|
||||
|
||||
- have a new discussion about handling uris
|
29
docs/dev/logs/dependency-tree-with-fruits
Normal file
29
docs/dev/logs/dependency-tree-with-fruits
Normal file
|
@ -0,0 +1,29 @@
|
|||
1. Manifests need type explorers to be run before
|
||||
Only this way the manifest can use the values
|
||||
|
||||
2. Type explorers can depend on the (successful) execution of other objects
|
||||
A type explorer may lookup values (ownership, size, processes, etc.)
|
||||
that are depending on the code of other objects.
|
||||
|
||||
3. The 'require="a" b' dependency specifies only that execution of b needs to wait until a is finished
|
||||
Other requirements given at another position may not be
|
||||
executed before b, as cdist interprets require="a" as
|
||||
"a is everything that is needed to realise b"
|
||||
|
||||
4. The 'require' state is thus *not* suitable to trigger reloads
|
||||
A type b, which uses the require="" statement to wait for all
|
||||
require="" dependencies, may be executed in an incomplete
|
||||
status.
|
||||
|
||||
5. Depending on multiple dependencies defined at different locations requires all objects to be present
|
||||
Because otherwise the dependent object cannot be sure that the
|
||||
list of objects it waits for is complete.
|
||||
|
||||
6. If a statement requires all objects to be present, all manifests must have run already.
|
||||
If all manifests have run already, also all type explorers have run already (#1).
|
||||
If all type explorers have run already, some objects may have been finished completly already (#2).
|
||||
|
||||
7. Because of #4 and #6, we need to introduce another dependency that allows reloading after
|
||||
|
||||
8. Because the object could be finished already due to a 'require' dependency, we need another script
|
||||
Maybe "gen-post-run-local", "gen-post-run-remote"
|
|
@ -203,10 +203,10 @@ __global::
|
|||
Directory that contains generic output like explorer.
|
||||
Available for: initial manifest, type manifest, type gencode, shell
|
||||
__messages_in::
|
||||
File to read messages from
|
||||
File to read messages from.
|
||||
Available for: initial manifest, type manifest, type gencode
|
||||
__messages_out::
|
||||
File to write messages
|
||||
File to write messages.
|
||||
Available for: initial manifest, type manifest, type gencode
|
||||
__object::
|
||||
Directory that contains the current object.
|
||||
|
|
|
@ -50,7 +50,7 @@ else
|
|||
name="$__object_id"
|
||||
fi
|
||||
|
||||
# Except dpkg failing, if package is not known / installed
|
||||
# Expect dpkg failing, if package is not known / installed
|
||||
dpkg -s "$name" 2>/dev/null || exit 0
|
||||
--------------------------------------------------------------------------------
|
||||
|
||||
|
@ -64,5 +64,5 @@ SEE ALSO
|
|||
|
||||
COPYING
|
||||
-------
|
||||
Copyright \(C) 2010-2012 Nico Schottelius. Free use of this software is
|
||||
Copyright \(C) 2010-2014 Nico Schottelius. Free use of this software is
|
||||
granted under the terms of the GNU General Public License version 3 (GPLv3).
|
||||
|
|
|
@ -110,6 +110,7 @@ setup the variable "require" to contain the requirements. Multiple
|
|||
requirements can be added white space separated.
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
|
||||
1 # No dependency
|
||||
2 __file /etc/cdist-configured
|
||||
3
|
||||
|
@ -121,21 +122,43 @@ requirements can be added white space separated.
|
|||
9 require="__file/etc/cdist-configured __link/tmp/cdist-testfile" \
|
||||
10 __file /tmp/cdist-another-testfile
|
||||
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
|
||||
Above the "require" variable is only set for the command that is
|
||||
immediately following it. Dependencies should allways be declared that way.
|
||||
immediately following it. Dependencies should always be declared that way.
|
||||
|
||||
On line 4 you can see that the instantion of a type "__link" object needs
|
||||
On line 4 you can see that the instantion of a type "\__link" object needs
|
||||
the object "__file/etc/cdist-configured" to be present, before it can proceed.
|
||||
|
||||
This also means that the "__link" command must make sure, that either
|
||||
"__file/etc/cdist-configured" allready is present, or, if it's not, it needs
|
||||
This also means that the "\__link" command must make sure, that either
|
||||
"\__file/etc/cdist-configured" allready is present, or, if it's not, it needs
|
||||
to be created. The task of cdist is to make sure, that the dependency will be
|
||||
resolved appropriately and thus "__file/etc/cdist-configured" be created
|
||||
resolved appropriately and thus "\__file/etc/cdist-configured" be created
|
||||
if necessary before "__link" proceeds (or to abort execution with an error).
|
||||
|
||||
If you really need to make all types depend on a common dependency, you can
|
||||
export the "require" variable as well. But then, if you need to add extra
|
||||
dependencies to a specific type, you have to make sure that you append these
|
||||
to the globally already defined one.
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
|
||||
# First of all, update the package index
|
||||
__package_update_index
|
||||
# Upgrade all the installed packages afterwards
|
||||
require="__package_update_index" __package_upgrade_all
|
||||
# Create a common dependency for all the next types so that they get to
|
||||
# be executed only after the package upgrade has finished
|
||||
export require="__package_upgrade_all"
|
||||
|
||||
# Ensure that lighttpd is installed after we have upgraded all the packages
|
||||
__package lighttpd --state present
|
||||
# Ensure that munin is installed after lighttpd is present and after all
|
||||
# the packages are upgraded
|
||||
require="$require __package/lighttpd" __package munin --state present
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
|
||||
All objects that are created in a type manifest are automatically required
|
||||
from the type that is calling them. This is called "autorequirement" in
|
||||
cdist jargon.
|
||||
|
|
|
@ -100,7 +100,7 @@ echo use_ssl >> cdist/conf/type/__nginx_vhost/parameter/boolean
|
|||
USING PARAMETERS
|
||||
----------------
|
||||
The parameters given to a type can be accessed and used in all type scripts
|
||||
(e.g manifest, gencode-*, explorer/*). Note that boolean parameters are
|
||||
(e.g manifest, gencode, explorer). Note that boolean parameters are
|
||||
represented by file existence. File exists -> True,
|
||||
file does not exist -> False
|
||||
|
||||
|
@ -281,7 +281,7 @@ on the target, there must be another type that provides this tool and the first
|
|||
type should create an object of the specific type.
|
||||
|
||||
If your type wants to save temporary data, that may be used by other types
|
||||
later on (for instance __file), you can save them in the subdirectory
|
||||
later on (for instance \__file), you can save them in the subdirectory
|
||||
"files" below $__object (but you must create it yourself).
|
||||
cdist will not touch this directory.
|
||||
|
||||
|
|
Binary file not shown.
BIN
docs/speeches/2014-11-07_sfs_linux_erfa_cdist4.odp
Normal file
BIN
docs/speeches/2014-11-07_sfs_linux_erfa_cdist4.odp
Normal file
Binary file not shown.
BIN
docs/speeches/2014-11-07_sfs_linux_erfa_cdist4.pdf
Normal file
BIN
docs/speeches/2014-11-07_sfs_linux_erfa_cdist4.pdf
Normal file
Binary file not shown.
BIN
docs/speeches/2014-11-07_sfs_linux_erfa_cdist_web_prototype.odp
Normal file
BIN
docs/speeches/2014-11-07_sfs_linux_erfa_cdist_web_prototype.odp
Normal file
Binary file not shown.
BIN
docs/speeches/2014-11-07_sfs_linux_erfa_cdist_web_prototype.pdf
Normal file
BIN
docs/speeches/2014-11-07_sfs_linux_erfa_cdist_web_prototype.pdf
Normal file
Binary file not shown.
|
@ -137,7 +137,7 @@ immediately.
|
|||
|
||||
To install cdist, execute the following commands:
|
||||
|
||||
git clone git://git.schottelius.org/cdist
|
||||
git clone https://github.com/telmich/cdist.git
|
||||
cd cdist
|
||||
export PATH=$PATH:$(pwd -P)/bin
|
||||
|
||||
|
|
|
@ -1 +1 @@
|
|||
This type is not maintained by anymore and has thus been removed from cdist.
|
||||
This type is not maintained anymore and has thus been removed from cdist.
|
||||
|
|
Loading…
Reference in a new issue