aa80c09c80
[__letsencrypt_cert] Move hook contents generation out of manifest
...
While there address some minor issues in the comments in the hook contents.
2021-02-10 10:10:21 +01:00
b832af5e3b
[__letsencrypt_cert] Don't mess with user script indentation
...
This could break in odd ways if they passed sth like:
cat <<eof
bla bla
eof
2021-02-09 20:53:58 +01:00
e49da474c4
[__letsencrypt_cert] Remove problematic trailing slash in sed.
...
Happy fingers are happy and like adding slashes places.
2021-02-09 20:29:17 +01:00
bc145bbc27
[__letsencrypt_cert] Fix various issues with hooks.
...
Closes #853 , see issue for full description / discussion.
Short summary:
- There was about 6.53% chances of `--renewal-hook` not being applied
- Using --automatic-renewal in one cert and not in another was an error.
- It was not possible to use different hooks for different certificates.
- FreeBSD support was utterly broken.
2021-02-09 19:58:47 +01:00
Darko Poljak
65a6a2ed52
++changelog
2021-02-08 08:28:31 +01:00
c8141d28c3
Merge branch 'fix/explorer/memory' into 'master'
...
explorer/memory: fix to return result in kiB for all systems and add support for Solaris
See merge request ungleich-public/cdist!967
2021-02-08 08:27:07 +01:00
cda17be38a
[explorer/memory] Clean up, return kiB for all systems, add SunOS
...
BSDs were MiB before.
2021-02-08 08:27:03 +01:00
73a03d75d7
__package_pip: fix shellcheck
2021-02-04 19:18:02 +01:00
8eccacec59
__package_pip: add optional dependencies
...
This is a poor implementation of optional dependencies for pip packages.
It ensures to install them if the package will be installed, but does
not take into account if they must be added/removed after the package is
already installed. Also, it will not be autoremoved, as all dependencies
will not be removed.
2021-02-04 19:09:26 +01:00
Dennis Camera
6b18cace75
[type/__postgres_conf] Catch connection errors early
2021-01-26 14:01:44 +01:00
Dennis Camera
f9ebb4333c
[type/__postgres_conf] Add NetBSD PostgreSQL UNIX user
2021-01-26 14:01:44 +01:00
Dennis Camera
4967c7ebbb
[type/__postgres_conf] Silence psql output
2021-01-26 14:01:44 +01:00
Dennis Camera
3f605c31ac
[type/__postgres_conf] Add support for more init systems to restart service
2021-01-26 14:01:44 +01:00
Dennis Camera
0f2ff47738
[type/__postgres_conf] Restart PostgreSQL server based on pending_restart column of pg_settings
2021-01-26 14:01:44 +01:00
Dennis Camera
5051d4f40b
[type/__postgres_conf] Catch invalid values
2021-01-26 14:01:44 +01:00
Dennis Camera
891c98567e
[type/__postgres_conf] Compare configuration parameter names case insensitively
2021-01-26 14:01:44 +01:00
Dennis Camera
803367b316
[type/__postgres_conf] Fix default detection when default is also set in config file
...
e.g. port is usually also set to the default value in postgresql.conf
2021-01-26 14:01:44 +01:00
Dennis Camera
1b49fec972
[type/__postgres_conf] Refactor
2021-01-26 14:01:43 +01:00
Beni Ruef
b4060720dc
[type/__postgres_conf] Fix psql options for ALTER command
2021-01-26 14:01:43 +01:00
Beni Ruef
50bcd95105
[type/__postgres_conf] Remove faulty quotes
2021-01-26 14:01:43 +01:00
Beni Ruef
534d5f6bb5
[type/__postgres_conf] Fix errors found by ShellCheck
2021-01-26 14:01:43 +01:00
Beni Ruef
c51d68a737
[type/__postgres_conf] New type based on ALTER SYSTEM command
2021-01-26 14:01:43 +01:00
Dennis Camera
35cde3e666
[type/__postgres_role] Fix state explorer when stored password is empty
2021-01-18 13:09:29 +01:00
Darko Poljak
92a50da487
Fix pycodestyle issues
2021-01-18 06:28:09 +01:00
Darko Poljak
6e9b13d949
++changelog
2021-01-18 06:22:32 +01:00
878a65a8b7
Merge branch 'fix/type/__sshd_config/error-on-invalid' into 'master'
...
sshd config: Produce error if invalid config is generated, fix processing of AuthenticationMethods and AuthorizedKeysFile, document explorer bug
See merge request ungleich-public/cdist!968
2021-01-18 06:22:02 +01:00
cce470b556
Merge branch 'bugfix/preos-debug' into 'master'
...
Fix debug parameter
Closes #849
See merge request ungleich-public/cdist!970
2021-01-18 06:17:36 +01:00
Dennis Camera
2954347771
[type/__postgres_role] Add note regarding empty passwords
2021-01-14 13:46:40 +01:00
Nico Schottelius
f0e1b3b849
Merge branch 'master' of code.ungleich.ch:ungleich-public/cdist
2021-01-11 22:20:50 +01:00
Darko Poljak
c819548343
Fix debug parameter
...
-d was removed from cdist in favor of mulitple -v and -l parameters, but
-d was not removed from preos.
Resolve #849 .
2021-01-11 09:51:52 +01:00
Dennis Camera
bd8ab8f26f
[type/__sshd_config] Document "bug" in state explorer
2021-01-05 17:02:42 +01:00
Dennis Camera
8753b7eedf
[type/__sshd_config] Make AuthenticationMethods and AuthorizedKeysFile singleton options
...
They were incorrectly treated as non-singleton options before.
cf. https://github.com/openssh/openssh-portable/blob/V_8_4/servconf.c#L2273
and https://github.com/openssh/openssh-portable/blob/V_8_4/servconf.c#L1899 resp.
2021-01-05 16:59:04 +01:00
Dennis Camera
766198912d
[type/__sshd_config] Produce error if invalid config file is generated
...
Previously, cdist would silently swallow the error (no invalid config file was
generated).
Reason: `set -e` does not exit if a command in a sub-command group fails,
it merely returns with a non-zero exit status.
e.g. the following snippet does not abort the script if sshd -t returns with a
non-zero exit status:
set -e
cmp -s old new || {
# check config file and update it
sshd -t -f new \
&& cat new >old
}
or compressed:
set -e
false || { false && true; }
echo $?
# prints 1
2021-01-05 15:50:21 +01:00
Darko Poljak
7cf85c4659
Release 6.9.4
2020-12-21 19:21:51 +01:00
Nico Schottelius
a10d43bc69
Merge branch 'master' of code.ungleich.ch:ungleich-public/cdist
2020-12-20 11:42:44 +01:00
Darko Poljak
4bae2863db
++changelog
2020-12-18 12:54:33 +01:00
3566901e1c
Merge branch '__dot_file-dirmode' into 'master'
...
Added optional dirmode parameter to set the mode of (optional) the directory.
See merge request ungleich-public/cdist!966
2020-12-18 12:50:30 +01:00
Mark Verboom
8dc2c4207c
Added optional dirmode parameter to set the mode of (optional) the directory.
2020-12-18 11:16:28 +01:00
Dennis Camera
99d82fd0d5
[type/__postgres_role] Always set psql -q
2020-12-17 17:05:58 +01:00
Dennis Camera
1180f13ed6
[type/__postgres_role] Fix setting password
...
We need to make sure that the password does not end up in ~/.psql_history.
2020-12-17 17:03:58 +01:00
Dennis Camera
4859c27900
[type/__postgres_role] Refactor gencode-remote
2020-12-17 16:57:43 +01:00
Dennis Camera
7b7ca4d385
[type/__postgres_role] Handle password changes
2020-12-16 19:07:05 +01:00
Dennis Camera
c36df82882
[type/__postgres_role] ALTER ROLE when parameters change
2020-12-15 21:11:48 +01:00
Dennis Camera
932e2496ed
[type/__postgres_role] Lint
2020-12-15 18:40:39 +01:00
Darko Poljak
71f2283117
++changelog
2020-12-13 16:03:39 +01:00
f87da8150c
Merge branch 'type/__debian_backports' into 'master'
...
__apt_backports type
See merge request ungleich-public/cdist!964
2020-12-13 16:03:31 +01:00
ae747ac021
Merge branch 'os_version-freebsd' into 'master'
...
[explorer/os_version] Improve FreeBSD support.
See merge request ungleich-public/cdist!965
2020-12-13 16:00:45 +01:00
27aca06fb8
__apt_backports: undo __apt_update_index call
...
Becuase it is already done by __apt_source.
2020-12-12 17:34:51 +01:00
fca35fc858
__apt_backports: fix explorer call
...
s/-/_/ because the explorers are following an other convention :-)
2020-12-12 17:29:58 +01:00
645734c629
[explorer/os_version] Improve FreeBSD support.
...
It looks like uname -r is not the most reliable way to get the target patch
level for the target system.
For more information see:
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=251743
2020-12-12 12:15:17 +01:00