Browse Source

Merge branch 'master' into 2.1

Conflicts:
	conf/type/__package/man.text
	conf/type/__package_apt/man.text
	conf/type/__package_luarocks/gencode-remote
	conf/type/__package_luarocks/man.text
	conf/type/__package_pacman/gencode-remote
	conf/type/__package_pacman/man.text
	conf/type/__package_pkg_openbsd/gencode-remote
	conf/type/__package_pkg_openbsd/man.text
	conf/type/__package_rubygem/gencode-remote
	conf/type/__package_rubygem/man.text
	conf/type/__package_yum/gencode-remote
	conf/type/__package_yum/man.text

Signed-off-by: Nico Schottelius <nico@brief.schottelius.org>
feature_files_export
Nico Schottelius 10 years ago
parent
commit
410e0ba8fa
  1. 2
      README
  2. 6
      conf/type/__package/man.text
  3. 1
      conf/type/__package/parameter/optional
  4. 6
      conf/type/__package_apt/gencode-remote
  5. 6
      conf/type/__package_apt/man.text
  6. 1
      conf/type/__package_apt/parameter/optional
  7. 1
      conf/type/__package_apt/parameter/required
  8. 6
      conf/type/__package_luarocks/gencode-remote
  9. 6
      conf/type/__package_luarocks/man.text
  10. 1
      conf/type/__package_luarocks/parameter/optional
  11. 1
      conf/type/__package_luarocks/parameter/required
  12. 7
      conf/type/__package_opkg/gencode-remote
  13. 6
      conf/type/__package_opkg/man.text
  14. 1
      conf/type/__package_opkg/parameter/optional
  15. 1
      conf/type/__package_opkg/parameter/required
  16. 6
      conf/type/__package_pacman/gencode-remote
  17. 6
      conf/type/__package_pacman/man.text
  18. 1
      conf/type/__package_pacman/parameter/optional
  19. 1
      conf/type/__package_pacman/parameter/required
  20. 6
      conf/type/__package_pip/gencode-remote
  21. 6
      conf/type/__package_pip/man.text
  22. 1
      conf/type/__package_pip/parameter/optional
  23. 1
      conf/type/__package_pip/parameter/required
  24. 6
      conf/type/__package_pkg_freebsd/gencode-remote
  25. 6
      conf/type/__package_pkg_freebsd/man.text
  26. 1
      conf/type/__package_pkg_freebsd/parameter/optional
  27. 1
      conf/type/__package_pkg_freebsd/parameter/required
  28. 6
      conf/type/__package_pkg_openbsd/gencode-remote
  29. 6
      conf/type/__package_pkg_openbsd/man.text
  30. 1
      conf/type/__package_pkg_openbsd/parameter/optional
  31. 1
      conf/type/__package_pkg_openbsd/parameter/required
  32. 6
      conf/type/__package_rubygem/gencode-remote
  33. 6
      conf/type/__package_rubygem/man.text
  34. 1
      conf/type/__package_rubygem/parameter/optional
  35. 1
      conf/type/__package_rubygem/parameter/required
  36. 6
      conf/type/__package_yum/gencode-remote
  37. 7
      conf/type/__package_yum/man.text
  38. 1
      conf/type/__package_yum/parameter/optional
  39. 1
      conf/type/__package_yum/parameter/required
  40. 6
      conf/type/__package_zypper/gencode-remote
  41. 6
      conf/type/__package_zypper/man.text
  42. 1
      conf/type/__package_zypper/parameter/optional
  43. 1
      conf/type/__package_zypper/parameter/required
  44. 36
      conf/type/__pf_apply/explorer/rcvar
  45. 51
      conf/type/__pf_apply/gencode-remote
  46. 52
      conf/type/__pf_apply/man.text
  47. 0
      conf/type/__pf_apply/singleton
  48. 41
      conf/type/__pf_ruleset/explorer/cksum
  49. 36
      conf/type/__pf_ruleset/explorer/rcvar
  50. 73
      conf/type/__pf_ruleset/gencode-local
  51. 49
      conf/type/__pf_ruleset/gencode-remote
  52. 51
      conf/type/__pf_ruleset/man.text
  53. 1
      conf/type/__pf_ruleset/parameter/optional
  54. 0
      conf/type/__pf_ruleset/parameter/required
  55. 0
      conf/type/__pf_ruleset/singleton
  56. 2
      conf/type/__qemu_img/man.text
  57. 16
      conf/type/__rvm/explorer/state
  58. 2
      conf/type/__rvm/gencode-remote
  59. 2
      conf/type/__rvm_gemset/gencode-remote
  60. 3
      conf/type/__rvm_ruby/gencode-remote
  61. 3
      doc/changelog
  62. 1
      doc/gfx/font-used

2
README

@ -350,4 +350,4 @@ with cdist on more than **60** production machines of the
The CBRG is managing most of their compute clusters with cdist.
[[!tag cdist unix]]

6
conf/type/__package/man.text

@ -16,8 +16,7 @@ It dispatches the actual work to the package system dependant types.
REQUIRED PARAMETERS
-------------------
state::
The state the package should be in, either "present" or "absent"
None
OPTIONAL PARAMETERS
@ -34,6 +33,9 @@ type::
e.g. __package_apt for Debian
__package_emerge for Gentoo
state::
The state the package should be in, either "present" or "absent"
EXAMPLES
--------

1
conf/type/__package/parameter/optional

@ -2,3 +2,4 @@ name
version
type
pkgsite
state

6
conf/type/__package_apt/gencode-remote

@ -27,7 +27,11 @@ else
name="$__object_id"
fi
state_should="$(cat "$__object/parameter/state")"
if [ -f "$__object/parameter/state" ]; then
state_should="$(cat "$__object/parameter/state")"
else
state_should="present"
fi
# FIXME: use grep directly, state is a list, not a line!
state_is="$(cat "$__object/explorer/state")"

6
conf/type/__package_apt/man.text

@ -16,8 +16,7 @@ manage packages.
REQUIRED PARAMETERS
-------------------
state::
The state the package should be in, either "present" or "absent"
None
OPTIONAL PARAMETERS
@ -25,6 +24,9 @@ OPTIONAL PARAMETERS
name::
If supplied, use the name and not the object id as the package name.
state::
The state the package should be in, either "present" or "absent"
EXAMPLES
--------

1
conf/type/__package_apt/parameter/optional

@ -1,2 +1,3 @@
name
version
state

1
conf/type/__package_apt/parameter/required

@ -1 +0,0 @@
state

6
conf/type/__package_luarocks/gencode-remote

@ -29,7 +29,11 @@ else
name="$__object_id"
fi
state_should="$(cat "$__object/parameter/state")"
if [ -f "$__object/parameter/state" ]; then
state_should="$(cat "$__object/parameter/state")"
else
state_should="present"
fi
if grep -q "(installed)" "$__object/explorer/pkg_status"; then
state_is="present"

6
conf/type/__package_luarocks/man.text

@ -15,8 +15,7 @@ LuaRocks is a deployment and management system for Lua modules.
REQUIRED PARAMETERS
-------------------
state::
The state the package should be in, either "present" or "absent"
None
OPTIONAL PARAMETERS
@ -24,6 +23,9 @@ OPTIONAL PARAMETERS
name::
If supplied, use the name and not the object id as the package name.
state::
The state the package should be in, either "present" or "absent"
EXAMPLES
--------

1
conf/type/__package_luarocks/parameter/optional

@ -1 +1,2 @@
name
state

1
conf/type/__package_luarocks/parameter/required

@ -1 +0,0 @@
state

7
conf/type/__package_opkg/gencode-remote

@ -28,7 +28,12 @@ else
name="$__object_id"
fi
state_should="$(cat "$__object/parameter/state")"
if [ -f "$__object/parameter/state" ]; then
state_should="$(cat "$__object/parameter/state")"
else
state_should="present"
fi
state_is="$(cat "$__object/explorer/pkg_status")"
case "$state_is" in
absent*)

6
conf/type/__package_opkg/man.text

@ -15,8 +15,7 @@ opkg is usually used on OpenWRT to manage packages.
REQUIRED PARAMETERS
-------------------
state::
The state the package should be in, either "present" or "absent"
None
OPTIONAL PARAMETERS
@ -24,6 +23,9 @@ OPTIONAL PARAMETERS
name::
If supplied, use the name and not the object id as the package name.
state::
The state the package should be in, either "present" or "absent"
EXAMPLES
--------

1
conf/type/__package_opkg/parameter/optional

@ -1 +1,2 @@
name
state

1
conf/type/__package_opkg/parameter/required

@ -1 +0,0 @@
state

6
conf/type/__package_pacman/gencode-remote

@ -31,7 +31,11 @@ else
name="$__object_id"
fi
state_should="$(cat "$__object/parameter/state")"
if [ -f "$__object/parameter/state" ]; then
state_should="$(cat "$__object/parameter/state")"
else
state_should="present"
fi
pkg_version="$(cat "$__object/explorer/pkg_version")"
if [ -z "$pkg_version" ]; then

6
conf/type/__package_pacman/man.text

@ -16,8 +16,7 @@ packages.
REQUIRED PARAMETERS
-------------------
state::
The state the package should be in, either "present" or "absent"
None
OPTIONAL PARAMETERS
@ -25,6 +24,9 @@ OPTIONAL PARAMETERS
name::
If supplied, use the name and not the object id as the package name.
state::
The state the package should be in, either "present" or "absent"
EXAMPLES
--------

1
conf/type/__package_pacman/parameter/optional

@ -1 +1,2 @@
name
state

1
conf/type/__package_pacman/parameter/required

@ -1 +0,0 @@
state

6
conf/type/__package_pip/gencode-remote

@ -22,7 +22,11 @@
#
state_is=$(cat "$__object/explorer/state")
state_should=$(cat "$__object/parameter/state")
if [ -f "$__object/parameter/state" ]; then
state_should="$(cat "$__object/parameter/state")"
else
state_should="present"
fi
[ "$state_is" = "$state_should" ] && exit 0

6
conf/type/__package_pip/man.text

@ -16,8 +16,7 @@ It is also included in the python virtualenv environment.
REQUIRED PARAMETERS
-------------------
state::
Either "present" or "absent".
None
OPTIONAL PARAMETERS
@ -28,6 +27,9 @@ name::
pip::
Instead of using pip from PATH, use the specific pip path.
state::
Either "present" or "absent".
EXAMPLES
--------

1
conf/type/__package_pip/parameter/optional

@ -1 +1,2 @@
pip
state

1
conf/type/__package_pip/parameter/required

@ -1 +0,0 @@
state

6
conf/type/__package_pkg_freebsd/gencode-remote

@ -63,7 +63,11 @@ if [ -f "$__object/parameter/pkgsite" ]; then
pkgsite="$(cat "$__object/parameter/pkgsite")"
fi
state="$(cat "$__object/parameter/state")"
if [ -f "$__object/parameter/state" ]; then
state="$(cat "$__object/parameter/state")"
else
state="present"
fi
curr_version="$(cat "$__object/explorer/pkg_version")"
add_cmd="pkg_add"
rm_cmd="pkg_delete"

6
conf/type/__package_pkg_freebsd/man.text

@ -15,8 +15,7 @@ This type is usually used on FreeBSD to manage packages.
REQUIRED PARAMETERS
-------------------
state::
Either "present" or "absent".
None
OPTIONAL PARAMETERS
@ -33,6 +32,9 @@ version::
pkgsite::
If supplied, use to install from a specific package repository.
state::
Either "present" or "absent".
EXAMPLES
--------

1
conf/type/__package_pkg_freebsd/parameter/optional

@ -2,3 +2,4 @@ name
flavor
version
pkgsite
state

1
conf/type/__package_pkg_freebsd/parameter/required

@ -1 +0,0 @@
state

6
conf/type/__package_pkg_openbsd/gencode-remote

@ -42,7 +42,11 @@ else
name="$__object_id"
fi
state_should="$(cat "$__object/parameter/state")"
if [ -f "$__object/parameter/state" ]; then
state_should="$(cat "$__object/parameter/state")"
else
state_should="present"
fi
pkg_version="$(cat "$__object/explorer/pkg_version")"

6
conf/type/__package_pkg_openbsd/man.text

@ -15,8 +15,7 @@ This type is usually used on OpenBSD to manage packages.
REQUIRED PARAMETERS
-------------------
state::
The state the package should be in, either "present" or "absent"
None
OPTIONAL PARAMETERS
@ -27,6 +26,9 @@ name::
flavor::
If supplied, use to avoid ambiguity.
state::
The state the package should be in, either "present" or "absent"
EXAMPLES
--------

1
conf/type/__package_pkg_openbsd/parameter/optional

@ -1,2 +1,3 @@
name
flavor
state

1
conf/type/__package_pkg_openbsd/parameter/required

@ -1 +0,0 @@
state

6
conf/type/__package_rubygem/gencode-remote

@ -27,7 +27,11 @@ else
name="$__object_id"
fi
state_should="$(cat "$__object/parameter/state")"
if [ -f "$__object/parameter/state" ]; then
state_should="$(cat "$__object/parameter/state")"
else
state_should="present"
fi
if grep -q true "$__object/explorer/pkg_status"; then
state_is="present"

6
conf/type/__package_rubygem/man.text

@ -15,8 +15,7 @@ Rubygems is the default package management system for the Ruby programming langu
REQUIRED PARAMETERS
-------------------
state::
The state the package should be in, either "present" or "absent"
None
OPTIONAL PARAMETERS
@ -24,6 +23,9 @@ OPTIONAL PARAMETERS
name::
If supplied, use the name and not the object id as the package name.
state::
The state the package should be in, either "present" or "absent"
EXAMPLES
--------

1
conf/type/__package_rubygem/parameter/optional

@ -1 +1,2 @@
name
state

1
conf/type/__package_rubygem/parameter/required

@ -1 +0,0 @@
state

6
conf/type/__package_yum/gencode-remote

@ -27,7 +27,11 @@ else
name="$__object_id"
fi
state_should="$(cat "$__object/parameter/state")"
if [ -f "$__object/parameter/state" ]; then
state_should="$(cat "$__object/parameter/state")"
else
state_should="present"
fi
if grep -q -E "(centos|redhat|amazon)" "$__global/explorer/os"; then
opts="-y --quiet"

7
conf/type/__package_yum/man.text

@ -17,8 +17,7 @@ slightly confusing error message "Error: Nothing to do".
REQUIRED PARAMETERS
-------------------
state::
The state the package should be in, either "present" or "absent"
None
OPTIONAL PARAMETERS
@ -26,6 +25,10 @@ OPTIONAL PARAMETERS
name::
If supplied, use the name and not the object id as the package name.
state::
The state the package should be in, either "present" or "absent"
(the old values "installed" or "removed" will be removed in cdist 2.1).
EXAMPLES
--------

1
conf/type/__package_yum/parameter/optional

@ -1 +1,2 @@
name
state

1
conf/type/__package_yum/parameter/required

@ -1 +0,0 @@
state

6
conf/type/__package_zypper/gencode-remote

@ -33,7 +33,11 @@ else
name="$__object_id"
fi
state_should="$(cat "$__object/parameter/state")"
if [ -f "$__object/parameter/state" ]; then
state_should="$(cat "$__object/parameter/state")"
else
state_should="present"
fi
# Exit if nothing is needed to be done
[ "$state_is" = "$state_should" ] && exit 0

6
conf/type/__package_zypper/man.text

@ -15,8 +15,7 @@ Zypper is usually used on the SuSE distribution to manage packages.
REQUIRED PARAMETERS
-------------------
state::
The state the package should be in, either "present" or "absent"
None
OPTIONAL PARAMETERS
@ -24,6 +23,9 @@ OPTIONAL PARAMETERS
name::
If supplied, use the name and not the object id as the package name.
state::
The state the package should be in, either "present" or "absent"
EXAMPLES
--------

1
conf/type/__package_zypper/parameter/optional

@ -1 +1,2 @@
name
state

1
conf/type/__package_zypper/parameter/required

@ -1 +0,0 @@
state

36
conf/type/__pf_apply/explorer/rcvar

@ -0,0 +1,36 @@
#!/bin/sh
#
# 2012 Jake Guffey (jake.guffey at eprotex.com)
#
# This file is part of cdist.
#
# cdist is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# cdist is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
#
#
# Get the location of the pf ruleset on the target host.
#
# Debug
#exec >&2
#set -x
# Check /etc/rc.conf for pf's configuration file name. Default to /etc/pf.conf
RC="/etc/rc.conf"
PFCONF="$(grep '^pf_rules=' ${RC} | cut -d= -f2 | sed 's/"//g')"
echo ${PFCONF:-"/etc/pf.conf"}
# Debug
#set +x

51
conf/type/__pf_apply/gencode-remote

@ -0,0 +1,51 @@
#!/bin/sh
#
# 2012 Jake Guffey (jake.guffey at eprotex.com)
#
# This file is part of cdist.
#
# cdist is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# cdist is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
#
#
# Apply pf(4) ruleset on *BSD
#
# Debug
#exec >&2
#set -x
rcvar=$(cat "$__object/explorer/rcvar")
cat <<EOF
if [ -f "${rcvar}.old" ]; then # rcvar.old exists, we must need to disable pf
# Disable pf
# If it already is disabled, pfctl -d returns 1, go on with life
pfctl -d || true
# Cleanup
rm -f "${rcvar}.old"
elif [ -f "${rcvar}.new" ]; then # rcvar.new exists, we must need to apply it
# Ensure that pf is enabled in the first place
# If it already is enabled, pfctl -e returns 1, go on with life
mv "${rcvar}.new" "${rcvar}"
pfctl -e || true
pfctl -f "${rcvar}"
if [ "\$?" -ne "0" ]; then # failed to configure new ruleset
echo "Failed to configure the new ruleset on ${__target_host}!" >&2
fi
fi
EOF
# Debug
#set +x

52
conf/type/__pf_apply/man.text

@ -0,0 +1,52 @@
cdist-type__pf_apply(7)
==================================
Jake Guffey <jake.guffey--@--eprotex.com>
NAME
----
cdist-type__pf_apply - Apply pf(4) ruleset on *BSD
DESCRIPTION
-----------
This type is used on *BSD systems to manage the pf firewall's active ruleset.
REQUIRED PARAMETERS
-------------------
NONE
OPTIONAL PARAMETERS
-------------------
NONE
EXAMPLES
--------
--------------------------------------------------------------------------------
# Modify the ruleset on $__target_host:
__pf_ruleset --state present --source /my/pf/ruleset.conf
require="__pf_ruleset" \
__pf_apply
# Remove the ruleset on $__target_host (implies disabling pf(4):
__pf_ruleset --state absent
require="__pf_ruleset" \
__pf_apply
--------------------------------------------------------------------------------
SEE ALSO
--------
- cdist-type(7)
- cdist-type__pf_ruleset(7)
- pf(4)
COPYING
-------
Copyright \(C) 2012 Jake Guffey. Free use of this software is
granted under the terms of the GNU General Public License version 3 (GPLv3).

0
conf/type/__pf_apply/singleton

41
conf/type/__pf_ruleset/explorer/cksum

@ -0,0 +1,41 @@
#!/bin/sh
#
# 2012 Jake Guffey (jake.guffey at eprotex.com)
#
# This file is part of cdist.
#
# cdist is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# cdist is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
#
#
# Get the 256 bit SHA2 checksum of the pf ruleset on the target host.
#
# Debug
#exec >&2
#set -x
# Check /etc/rc.conf for pf's configuration file name. Default to /etc/pf.conf
# See if file exists and if so, get checksum
RC="/etc/rc.conf"
TMP="$(grep '^pf_rules=' ${RC} | cut -d= -f2 | sed 's/"//g')"
PFCONF="${TMP:-"/etc/pf.conf"}"
if [ -f "${PFCONF}" ]; then # The pf config file exists, find its cksum.
cksum -o 1 ${PFCONF} | cut -d= -f2 | awk '{print $1}'
fi
# Debug
#set +x

36
conf/type/__pf_ruleset/explorer/rcvar

@ -0,0 +1,36 @@
#!/bin/sh
#
# 2012 Jake Guffey (jake.guffey at eprotex.com)
#
# This file is part of cdist.
#
# cdist is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# cdist is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
#
#
# Get the location of the pf ruleset on the target host.
#
# Debug
#exec >&2
#set -x
# Check /etc/rc.conf for pf's configuration file name. Default to /etc/pf.conf
RC="/etc/rc.conf"
PFCONF="$(grep '^pf_rules=' ${RC} | cut -d= -f2 | sed 's/"//g')"
echo ${PFCONF:-"/etc/pf.conf"}
# Debug
#set +x

73
conf/type/__pf_ruleset/gencode-local

@ -0,0 +1,73 @@
#!/bin/sh
#
# 2012 Jake Guffey (jake.guffey at eprotex.com)
#
# This file is part of cdist.
#
# cdist is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# cdist is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
#
#
# Manage pf(4) on *BSD
#
# Debug
#exec >&2
#set -x
# Send files to $__target_host via $__remote_copy
uname=$(uname) # Need to know what the cdist host is running so we know how to compute the ruleset's checksum
state=$(cat "$__object/parameter/state")
if [ "$state" = "absent" ]; then # There is nothing more for a *local* script to do
exit 0
fi
if [ -f "$__object/parameter/source" ]; then
source=$(cat "$__object/parameter/source")
fi
rcvar=$(cat "$__object/explorer/rcvar")
cksum=$(cat "$__object/explorer/cksum")
cat <<EOF
case $uname in
Darwin)
currentSum=\$(cksum -o 1 ${source} | cut '-d ' -f1)
;;
Linux)
currentSum=\$(cksum ${source} | cut '-d ' -f1)
;;
FreeBSD)
currentSum=\$(cksum -o 1 ${source} | cut -d= -f2 | sed 's/ //g')
;;
*)
echo "Sorry, I do not know how to find a cksum on ${UNAME}." >&2
exit 1
;;
esac
if [ -n "${cksum}" ]; then
if [ ! "\${currentSum}" = "${cksum}" ]; then
$__remote_copy "${source}" "$__target_host:${rcvar}.new"
fi
else # File just doesn't exist yet
$__remote_copy "${source}" "$__target_host:${rcvar}.new"
fi
EOF
# Debug
#exec +x

49
conf/type/__pf_ruleset/gencode-remote

@ -0,0 +1,49 @@
#!/bin/sh
#
# 2012 Jake Guffey (jake.guffey at eprotex.com)
#
# This file is part of cdist.
#
# cdist is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# cdist is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
#
#
# Manage pf(4) on *BSD
#
# Debug
#exec >&2
#set -x
# Remove ${rcvar} in the case of --state absent
state=$(cat "$__object/parameter/state")
rcvar=$(cat "$__object/explorer/rcvar")
if [ "$state" = "present" ]; then # There is nothing more for a *remote* script to do
exit 0
elif [ "$state" = "absent" ]; then
# --state absent, so ensure that .new doesn't exist and that conf is renamed to .old
cat <<EOF
if [ -f "${rcvar}.new" ]; then
rm "${rcvar}.new"
fi
if [ -f "${rcvar}" ]; then
mv "${rcvar}" "${rcvar}.old"
fi
EOF
else
echo "Unknown state ${state}!" >&2
exit 1
fi

51
conf/type/__pf_ruleset/man.text

@ -0,0 +1,51 @@
cdist-type__pf_ruleset(7)
==================================
Jake Guffey <jake.guffey--@--eprotex.com>
NAME
----
cdist-type__pf_ruleset - Copy a pf(4) ruleset to $__target_host
DESCRIPTION
-----------
This type is used on *BSD systems to manage the pf firewall's ruleset.
REQUIRED PARAMETERS
-------------------
state::
Either "absent" (no ruleset at all) or "present"
OPTIONAL PARAMETERS
-------------------
source::
If supplied, use to define the ruleset to load onto the $__target_host for pf(4).
Note that this type is almost useless without a ruleset defined, but it's technically not
needed, e.g. for the case of disabling the firewall temporarily.
EXAMPLES
--------
--------------------------------------------------------------------------------
# Remove the current ruleset in place
__pf_ruleset --state absent
# Enable the firewall with the ruleset defined in $__manifest/files/pf.conf
__pf_ruleset --state present --source $__manifest/files/pf.conf
--------------------------------------------------------------------------------
SEE ALSO
--------
- cdist-type(7)
- pf(4)
COPYING
-------
Copyright \(C) 2012 Jake Guffey. Free use of this software is
granted under the terms of the GNU General Public License version 3 (GPLv3).

1
conf/type/__pf_ruleset/parameter/optional

@ -0,0 +1 @@
source

0
conf/type/__package/parameter/required → conf/type/__pf_ruleset/parameter/required

0
conf/type/__pf_ruleset/singleton

2
conf/type/__qemu_img/man.text

@ -32,7 +32,7 @@ EXAMPLES
--------
--------------------------------------------------------------------------------
# Ensure zsh in installed
# Create a 50G size image
__qemu_img /home/services/kvm/vm/myvmname/system-disk --size 50G
# Remove image

16
conf/type/__rvm/explorer/state

@ -19,8 +19,18 @@
#
user="$__object_id"
if su - $user -c "[ -d \"\$HOME/.rvm\" ]" ; then
echo "present"
# RVM behaves differently if root is the username / uid == 0
if [ "$user" = "root" ]; then
if [ -d /usr/local/rvm ]; then
echo present
else
echo absent
fi
else
echo "absent"
if su - $user -c "[ -d \"\$HOME/.rvm\" ]" ; then
echo "present"
else
echo "absent"
fi
fi

2
conf/type/__rvm/gencode-remote

@ -25,7 +25,7 @@ if [ "$state_is" != "$state_should" ]; then
case "$state_should" in
present)
cat << DONE
su - $user -c "curl -L get.rvm.io | bash -s stable"
su - $user -c "unset rvm_path; unset rvm_bin_path; unset rvm_prefix; unset rvm_version; curl -L get.rvm.io | bash -s stable"
DONE
;;
absent)

2
conf/type/__rvm_gemset/gencode-remote

@ -23,7 +23,7 @@ ruby="$(echo "$gemset" | cut -d '@' -f 1)"
gemsetname="$(echo "$gemset" | cut -d '@' -f 2)"
state_is="$(cat "$__object/explorer/state")"
user="$(cat "$__object/parameter/user")"
default="$(cat "$__object/parameter/default")"
default="$(cat "$__object/parameter/default" 2>/dev/null || true)"
state_should="$(cat "$__object/parameter/state")"
if [ "$state_is" != "$state_should" ]; then
case "$state_should" in

3
conf/type/__rvm_ruby/gencode-remote

@ -21,8 +21,9 @@
ruby="$__object_id"
state_is="$(cat "$__object/explorer/state")"
user="$(cat "$__object/parameter/user")"
default="$(cat "$__object/parameter/default")"
default="$(cat "$__object/parameter/default" 2>/dev/null || true)"
state_should="$(cat "$__object/parameter/state")"
if [ "$state_is" != "$state_should" ]; then
case "$state_should" in
present)

3
doc/changelog

@ -8,6 +8,9 @@ Changelog
* Core: Make variable __object_name available in type explorers (Steven Armtrong)
* New Type: __qemu_img
* New Type: __line
* New Type: __pf_apply (Jake Guffey)
* New Type: __pf_ruleset (Jake Guffey)
* Bugfix Type: __rvm: Make type work if rvm is already installed
2.0.14: 2012-09-07
* Bugfix Type: __jail: Use correct variable (Jake Guffey)

1
doc/gfx/font-used

@ -0,0 +1 @@
fraktur
Loading…
Cancel
Save