Compare commits
6 commits
master
...
feature/py
Author | SHA1 | Date | |
---|---|---|---|
|
a9067aa846 | ||
|
66db5acc32 | ||
|
eb78d9b034 | ||
|
0e92f5bb0a | ||
|
a87a69e281 | ||
|
11974e5ed6 |
160 changed files with 2165 additions and 2648 deletions
2
.gitignore
vendored
2
.gitignore
vendored
|
@ -34,7 +34,7 @@ cdist/inventory/
|
|||
# Python: cache, distutils, distribution in general
|
||||
__pycache__/
|
||||
*.pyc
|
||||
/MANIFEST
|
||||
MANIFEST
|
||||
dist/
|
||||
cdist/version.py
|
||||
cdist.egg-info/
|
||||
|
|
6
Makefile
6
Makefile
|
@ -31,9 +31,9 @@ help:
|
|||
@echo "docs-clean clean documentation"
|
||||
@echo "clean clean"
|
||||
|
||||
DOCS_SRC_DIR=./docs/src
|
||||
SPEECHDIR=./docs/speeches
|
||||
TYPEDIR=./cdist/conf/type
|
||||
DOCS_SRC_DIR=docs/src
|
||||
SPEECHDIR=docs/speeches
|
||||
TYPEDIR=cdist/conf/type
|
||||
|
||||
SPHINXM=make -C $(DOCS_SRC_DIR) man
|
||||
SPHINXH=make -C $(DOCS_SRC_DIR) html
|
||||
|
|
147
bin/build-helper
147
bin/build-helper
|
@ -23,8 +23,9 @@
|
|||
#
|
||||
|
||||
usage() {
|
||||
printf "usage: %s TARGET [TARGET-ARGS...]
|
||||
printf "usage: %s TARGET RUN-AS
|
||||
Available targets:
|
||||
print-runas
|
||||
changelog-changes
|
||||
changelog-version
|
||||
check-date
|
||||
|
@ -57,29 +58,64 @@ usage() {
|
|||
version
|
||||
target-version
|
||||
clean
|
||||
distclean\n" "$1"
|
||||
distclean
|
||||
Run as:
|
||||
nico
|
||||
darko - default, if empty string specified\n" "$1"
|
||||
}
|
||||
|
||||
basename="${0##*/}"
|
||||
|
||||
if [ $# -lt 1 ]
|
||||
if [ $# -lt 2 ]
|
||||
then
|
||||
usage "${basename}"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
option=$1; shift
|
||||
run_as="$1"; shift
|
||||
|
||||
case "$run_as" in
|
||||
nico)
|
||||
from_a=nico.schottelius
|
||||
from_d=ungleich.ch
|
||||
ml_name="Nico Schottelius"
|
||||
ml_sig_name="Nico"
|
||||
;;
|
||||
darko|'')
|
||||
from_a=darko.poljak
|
||||
from_d=gmail.com
|
||||
ml_name="Darko Poljak"
|
||||
ml_sig_name="Darko"
|
||||
if [ -z "${run_as}" ]
|
||||
then
|
||||
run_as="darko"
|
||||
fi
|
||||
;;
|
||||
*)
|
||||
printf "Unsupported RUN-AS value: '%s'.\n" "${run_as}" >&2
|
||||
usage "${basename}"
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
|
||||
SHELLCHECKCMD="shellcheck -s sh -f gcc -x"
|
||||
# Skip SC2154 for variables starting with __ since such variables are cdist
|
||||
# environment variables.
|
||||
SHELLCHECK_SKIP=': __.*is referenced but not assigned.*\[SC2154\]'
|
||||
|
||||
to_a="cdist-configuration-management"
|
||||
to_d="googlegroups.com"
|
||||
|
||||
# Change to checkout directory
|
||||
basedir="${0%/*}/../"
|
||||
cd "$basedir"
|
||||
|
||||
case "$option" in
|
||||
print-runas)
|
||||
printf "run_as: '%s'\n" "$run_as"
|
||||
;;
|
||||
|
||||
changelog-changes)
|
||||
if [ "$#" -eq 1 ]; then
|
||||
start=$1
|
||||
|
@ -123,7 +159,7 @@ case "$option" in
|
|||
;;
|
||||
|
||||
check-unittest)
|
||||
"$0" test
|
||||
"$0" test "${run_as}"
|
||||
;;
|
||||
|
||||
ml-release)
|
||||
|
@ -132,10 +168,20 @@ case "$option" in
|
|||
exit 1
|
||||
fi
|
||||
|
||||
# Send mail only once - lock until new changelog things happened.
|
||||
[ ! -f .lock-ml ] && touch .lock-ml
|
||||
x=$(find 'docs' -name changelog -type f -newer .lock-ml)
|
||||
[ -z "${x}" ] && exit 0
|
||||
|
||||
version=$1; shift
|
||||
|
||||
to=${to_a}@${to_d}
|
||||
from=${from_a}@${from_d}
|
||||
|
||||
(
|
||||
cat << eof
|
||||
From: ${ml_name} <$from>
|
||||
To: cdist mailing list <$to>
|
||||
Subject: cdist $version has been released
|
||||
|
||||
Hello .*,
|
||||
|
@ -144,11 +190,23 @@ cdist $version has been released with the following changes:
|
|||
|
||||
eof
|
||||
|
||||
"$0" changelog-changes "$version"
|
||||
"$0" changelog-changes "${run_as}" "$version"
|
||||
cat << eof
|
||||
|
||||
Cheers,
|
||||
${ml_sig_name}
|
||||
|
||||
--
|
||||
Automatisation at its best level. With cdist.
|
||||
eof
|
||||
) > mailinglist.tmp
|
||||
|
||||
if [ "$run_as" = "nico" ]
|
||||
then
|
||||
/usr/sbin/sendmail -f "$from" "$to" < mailinglist.tmp && rm -f mailinglist.tmp
|
||||
fi
|
||||
|
||||
touch .lock-ml
|
||||
;;
|
||||
|
||||
archlinux-release)
|
||||
|
@ -167,7 +225,7 @@ eof
|
|||
|
||||
pypi-release)
|
||||
# Ensure that pypi release has the right version
|
||||
"$0" version
|
||||
"$0" version "${run_as}"
|
||||
|
||||
make docs-clean
|
||||
make docs
|
||||
|
@ -175,7 +233,7 @@ eof
|
|||
;;
|
||||
|
||||
release-git-tag)
|
||||
target_version=$($0 changelog-version)
|
||||
target_version=$($0 changelog-version "${run_as}")
|
||||
if git rev-parse --verify "refs/tags/${target_version}" 2>/dev/null; then
|
||||
printf "Tag for %s exists, aborting\n" "${target_version}"
|
||||
exit 1
|
||||
|
@ -229,7 +287,7 @@ eof
|
|||
git archive --prefix="cdist-${tag}/" -o "${archivename}" "${tag}" \
|
||||
|| exit 1
|
||||
# make sure target version is generated
|
||||
"$0" target-version
|
||||
"$0" target-version "${run_as}"
|
||||
tar -x -f "${archivename}" || exit 1
|
||||
cp cdist/version.py "cdist-${tag}/cdist/version.py" || exit 1
|
||||
tar -c -f "${archivename}" "cdist-${tag}/" || exit 1
|
||||
|
@ -259,7 +317,7 @@ eof
|
|||
| sed "${sed_cmd}") || exit 1
|
||||
|
||||
# make release
|
||||
changelog=$("$0" changelog-changes "$1" | sed 's/^[[:space:]]*//')
|
||||
changelog=$("$0" changelog-changes "${run_as}" "$1" | sed 's/^[[:space:]]*//')
|
||||
release_notes=$(
|
||||
printf "%s\n\n%s\n\n**Changelog**\n\n%s\n" \
|
||||
"${response_archive}" "${response_archive_sig}" "${changelog}"
|
||||
|
@ -280,19 +338,19 @@ eof
|
|||
|
||||
release)
|
||||
set -e
|
||||
target_version=$($0 changelog-version)
|
||||
target_branch=$($0 version-branch)
|
||||
target_version=$($0 changelog-version "${run_as}")
|
||||
target_branch=$($0 version-branch "${run_as}")
|
||||
|
||||
printf "Beginning release process for %s\n" "${target_version}"
|
||||
|
||||
# First check everything is sane
|
||||
"$0" check-date
|
||||
"$0" check-unittest
|
||||
"$0" check-pycodestyle
|
||||
"$0" check-shellcheck
|
||||
"$0" check-date "${run_as}"
|
||||
"$0" check-unittest "${run_as}"
|
||||
"$0" check-pycodestyle "${run_as}"
|
||||
"$0" check-shellcheck "${run_as}"
|
||||
|
||||
# Generate version file to be included in packaging
|
||||
"$0" target-version
|
||||
"$0" target-version "${run_as}"
|
||||
|
||||
# Ensure the git status is clean, else abort
|
||||
if ! git diff-index --name-only --exit-code HEAD ; then
|
||||
|
@ -327,8 +385,8 @@ eof
|
|||
fi
|
||||
|
||||
# Verify that after the merge everything works
|
||||
"$0" check-date
|
||||
"$0" check-unittest
|
||||
"$0" check-date "${run_as}"
|
||||
"$0" check-unittest "${run_as}"
|
||||
|
||||
# Generate documentation (man and html)
|
||||
# First, clean old generated docs
|
||||
|
@ -339,7 +397,7 @@ eof
|
|||
# Everything green, let's do the release
|
||||
|
||||
# Tag the current commit
|
||||
"$0" release-git-tag
|
||||
"$0" release-git-tag "${run_as}"
|
||||
|
||||
# Also merge back the version branch
|
||||
if [ "$masterbranch" = yes ]; then
|
||||
|
@ -348,28 +406,37 @@ eof
|
|||
fi
|
||||
|
||||
# Publish git changes
|
||||
# if you want to have mirror locally then uncomment this and comment below
|
||||
# if you want to have mirror locally then uncomment this support
|
||||
# if [ "$run_as" = "nico" ]
|
||||
# then
|
||||
# git push --mirror
|
||||
# else
|
||||
# if we are not Nico :) then just push, no mirror
|
||||
git push
|
||||
# push also new branch and set up tracking
|
||||
git push -u origin "${target_branch}"
|
||||
# fi
|
||||
|
||||
# Create and publish package for pypi
|
||||
"$0" pypi-release
|
||||
"$0" pypi-release "${run_as}"
|
||||
|
||||
if [ "$run_as" = "nico" ]
|
||||
then
|
||||
# Archlinux release is based on pypi
|
||||
"$0" archlinux-release "${run_as}"
|
||||
fi
|
||||
|
||||
# sign git tag
|
||||
printf "Enter upstream repository authentication token: "
|
||||
read -r token
|
||||
"$0" sign-git-release "${target_version}" "${token}"
|
||||
"$0" sign-git-release "${run_as}" "${target_version}" "${token}"
|
||||
|
||||
# Announce change on ML
|
||||
"$0" ml-release "${target_version}"
|
||||
"$0" ml-release "${run_as}" "${target_version}"
|
||||
|
||||
cat << eof
|
||||
Manual steps post release:
|
||||
- cdist-web
|
||||
- send mail body generated in mailinglist.tmp and inform Dmitry for deb
|
||||
- twitter
|
||||
eof
|
||||
;;
|
||||
|
@ -409,7 +476,7 @@ eof
|
|||
;;
|
||||
|
||||
check-pycodestyle)
|
||||
"$0" pycodestyle
|
||||
"$0" pycodestyle "${run_as}"
|
||||
printf "\\nPlease review pycodestyle report.\\n"
|
||||
while true
|
||||
do
|
||||
|
@ -451,24 +518,24 @@ eof
|
|||
;;
|
||||
|
||||
shellcheck-scripts)
|
||||
${SHELLCHECKCMD} scripts/cdist-dump scripts/cdist-new-type || exit 0
|
||||
${SHELLCHECKCMD} scripts/cdist-dump || exit 0
|
||||
;;
|
||||
|
||||
shellcheck-gencodes)
|
||||
"$0" shellcheck-local-gencodes
|
||||
"$0" shellcheck-remote-gencodes
|
||||
"$0" shellcheck-local-gencodes "${run_as}"
|
||||
"$0" shellcheck-remote-gencodes "${run_as}"
|
||||
;;
|
||||
|
||||
shellcheck-types)
|
||||
"$0" shellcheck-type-explorers
|
||||
"$0" shellcheck-manifests
|
||||
"$0" shellcheck-gencodes
|
||||
"$0" shellcheck-type-explorers "${run_as}"
|
||||
"$0" shellcheck-manifests "${run_as}"
|
||||
"$0" shellcheck-gencodes "${run_as}"
|
||||
;;
|
||||
|
||||
shellcheck)
|
||||
"$0" shellcheck-global-explorers
|
||||
"$0" shellcheck-types
|
||||
"$0" shellcheck-scripts
|
||||
"$0" shellcheck-global-explorers "${run_as}"
|
||||
"$0" shellcheck-types "${run_as}"
|
||||
"$0" shellcheck-scripts "${run_as}"
|
||||
;;
|
||||
|
||||
shellcheck-type-files)
|
||||
|
@ -476,8 +543,8 @@ eof
|
|||
;;
|
||||
|
||||
shellcheck-with-files)
|
||||
"$0" shellcheck
|
||||
"$0" shellcheck-type-files
|
||||
"$0" shellcheck "${run_as}"
|
||||
"$0" shellcheck-type-files "${run_as}"
|
||||
;;
|
||||
|
||||
shellcheck-build-helper)
|
||||
|
@ -485,7 +552,7 @@ eof
|
|||
;;
|
||||
|
||||
check-shellcheck)
|
||||
"$0" shellcheck
|
||||
"$0" shellcheck "${run_as}"
|
||||
printf "\\nPlease review shellcheck report.\\n"
|
||||
while true
|
||||
do
|
||||
|
@ -507,7 +574,7 @@ eof
|
|||
;;
|
||||
|
||||
version-branch)
|
||||
"$0" changelog-version | cut -d. -f '1,2'
|
||||
"$0" changelog-version "${run_as}" | cut -d. -f '1,2'
|
||||
;;
|
||||
|
||||
version)
|
||||
|
@ -515,7 +582,7 @@ eof
|
|||
;;
|
||||
|
||||
target-version)
|
||||
target_version=$($0 changelog-version)
|
||||
target_version=$($0 changelog-version "${run_as}")
|
||||
printf "VERSION = \"%s\"\n" "${target_version}" > cdist/version.py
|
||||
;;
|
||||
|
||||
|
@ -538,7 +605,7 @@ eof
|
|||
;;
|
||||
|
||||
distclean)
|
||||
"$0" clean
|
||||
"$0" clean "${run_as}"
|
||||
rm -f cdist/version.py
|
||||
;;
|
||||
*)
|
||||
|
|
|
@ -5,11 +5,12 @@ import logging
|
|||
import collections
|
||||
import functools
|
||||
import cdist.configuration
|
||||
import cdist.trigger
|
||||
import cdist.preos
|
||||
|
||||
|
||||
# set of beta sub-commands
|
||||
BETA_COMMANDS = set(('install', 'inventory', ))
|
||||
BETA_COMMANDS = set(('install', 'inventory', 'preos', 'trigger', ))
|
||||
# set of beta arguments for sub-commands
|
||||
BETA_ARGS = {
|
||||
'config': set(('tag', 'all_tagged_hosts', 'use_archiving', )),
|
||||
|
@ -21,7 +22,6 @@ parser = None
|
|||
|
||||
_verbosity_level_off = -2
|
||||
_verbosity_level = {
|
||||
None: logging.WARNING,
|
||||
_verbosity_level_off: logging.OFF,
|
||||
-1: logging.ERROR,
|
||||
0: logging.WARNING,
|
||||
|
@ -436,6 +436,28 @@ def get_parsers():
|
|||
' should be POSIX compatible shell.'))
|
||||
parser['shell'].set_defaults(func=cdist.shell.Shell.commandline)
|
||||
|
||||
# Trigger
|
||||
parser['trigger'] = parser['sub'].add_parser(
|
||||
'trigger', parents=[parser['loglevel'],
|
||||
parser['beta'],
|
||||
parser['common'],
|
||||
parser['config_main']])
|
||||
parser['trigger'].add_argument(
|
||||
'-D', '--directory', action='store', required=False,
|
||||
help=('Where to create local files'))
|
||||
parser['trigger'].add_argument(
|
||||
'-H', '--http-port', action='store', default=3000, required=False,
|
||||
help=('Create trigger listener via http on specified port'))
|
||||
parser['trigger'].add_argument(
|
||||
'--ipv6', default=False,
|
||||
help=('Listen to both IPv4 and IPv6 (instead of only IPv4)'),
|
||||
action='store_true')
|
||||
parser['trigger'].add_argument(
|
||||
'-O', '--source', action='store', required=False,
|
||||
help=('Which file to copy for creation'))
|
||||
|
||||
parser['trigger'].set_defaults(func=cdist.trigger.Trigger.commandline)
|
||||
|
||||
for p in parser:
|
||||
parser[p].epilog = EPILOG
|
||||
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
|
||||
# 2010-2014 Nico Schottelius (nico-cdist at schottelius.org)
|
||||
# 2012 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
|
@ -18,12 +19,7 @@
|
|||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
#
|
||||
# Retrieve the running hostname
|
||||
#
|
||||
|
||||
if command -v hostname >/dev/null
|
||||
then
|
||||
hostname
|
||||
else
|
||||
uname -n
|
||||
if command -v uname >/dev/null; then
|
||||
uname -n
|
||||
fi
|
||||
|
|
|
@ -18,11 +18,13 @@
|
|||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
if command -v ip >/dev/null
|
||||
if command -v ip > /dev/null
|
||||
then
|
||||
ip -o link show | sed -n 's/^[0-9]\+: \(.\+\): <.*/\1/p'
|
||||
elif command -v ifconfig >/dev/null
|
||||
ip -o link show | sed -n 's/^[0-9]\+: \(.\+\): <.*/\1/p'
|
||||
|
||||
elif command -v ifconfig > /dev/null
|
||||
then
|
||||
ifconfig -a | sed -n -E 's/^(.*)(:[[:space:]]*flags=|Link encap).*/\1/p'
|
||||
fi \
|
||||
| sort -u
|
||||
ifconfig -a \
|
||||
| sed -n -E 's/^(.*)(:[[:space:]]*flags=|Link encap).*/\1/p' \
|
||||
| sort -u
|
||||
fi
|
||||
|
|
|
@ -145,7 +145,7 @@ esac
|
|||
if [ -f /etc/os-release ]; then
|
||||
# already lowercase, according to:
|
||||
# https://www.freedesktop.org/software/systemd/man/os-release.html
|
||||
awk -F= '/^ID=/ { if ($2 ~ /^'"'"'(.*)'"'"'$/ || $2 ~ /^"(.*)"$/) { print substr($2, 2, length($2) - 2) } else { print $2 } }' /etc/os-release
|
||||
awk -F= '/^ID=/ {print $2;}' /etc/os-release
|
||||
exit 0
|
||||
fi
|
||||
|
||||
|
|
|
@ -18,22 +18,30 @@
|
|||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
# TODO check if filesystem has ACL turned on etc
|
||||
[ ! -e "/$__object_id" ] && exit 0
|
||||
|
||||
if [ -f "$__object/parameter/acl" ]
|
||||
then
|
||||
grep -E '^(default:)?(user|group):' "$__object/parameter/acl" \
|
||||
| while read -r acl
|
||||
for parameter in user group
|
||||
do
|
||||
if [ ! -f "$__object/parameter/$parameter" ]
|
||||
then
|
||||
continue
|
||||
fi
|
||||
|
||||
while read -r acl
|
||||
do
|
||||
param="$( echo "$acl" | awk -F: '{print $(NF-2)}' )"
|
||||
check="$( echo "$acl" | awk -F: '{print $(NF-1)}' )"
|
||||
check="$( echo "$acl" | awk -F: '{print $1}' )"
|
||||
|
||||
[ "$param" = 'user' ] && db=passwd || db="$param"
|
||||
|
||||
if ! getent "$db" "$check" > /dev/null
|
||||
if [ "$parameter" = 'user' ]
|
||||
then
|
||||
echo "missing $param '$check'" >&2
|
||||
exit 1
|
||||
getent_db=passwd
|
||||
else
|
||||
getent_db="$parameter"
|
||||
fi
|
||||
done
|
||||
fi
|
||||
|
||||
if ! getent "$getent_db" "$check" > /dev/null
|
||||
then
|
||||
echo "missing $parameter '$check'"
|
||||
fi
|
||||
done \
|
||||
< "$__object/parameter/$parameter"
|
||||
done
|
|
@ -20,65 +20,59 @@
|
|||
|
||||
file_is="$( cat "$__object/explorer/file_is" )"
|
||||
|
||||
[ "$file_is" = 'missing' ] && [ -z "$__cdist_dry_run" ] && exit 0
|
||||
[ "$file_is" = 'missing' ] && exit 0
|
||||
|
||||
os="$( cat "$__global/explorer/os" )"
|
||||
missing_users_groups="$( cat "$__object/explorer/missing_users_groups" )"
|
||||
|
||||
acl_path="/$__object_id"
|
||||
|
||||
acl_is="$( cat "$__object/explorer/acl_is" )"
|
||||
|
||||
if [ -f "$__object/parameter/acl" ]
|
||||
if [ -n "$missing_users_groups" ]
|
||||
then
|
||||
acl_should="$( cat "$__object/parameter/acl" )"
|
||||
elif
|
||||
[ -f "$__object/parameter/user" ] \
|
||||
|| [ -f "$__object/parameter/group" ] \
|
||||
|| [ -f "$__object/parameter/mask" ] \
|
||||
|| [ -f "$__object/parameter/other" ]
|
||||
then
|
||||
acl_should="$( for param in user group mask other
|
||||
do
|
||||
[ ! -f "$__object/parameter/$param" ] && continue
|
||||
|
||||
echo "$param" | grep -Eq 'mask|other' && sep=:: || sep=:
|
||||
|
||||
echo "$param$sep$( cat "$__object/parameter/$param" )"
|
||||
done )"
|
||||
else
|
||||
echo 'no parameters set' >&2
|
||||
echo "$missing_users_groups" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [ -f "$__object/parameter/default" ]
|
||||
os="$( cat "$__global/explorer/os" )"
|
||||
|
||||
acl_is="$( cat "$__object/explorer/acl_is" )"
|
||||
|
||||
acl_path="/$__object_id"
|
||||
|
||||
if [ -f "$__object/parameter/default" ] && [ "$file_is" = 'directory' ]
|
||||
then
|
||||
acl_should="$( echo "$acl_should" \
|
||||
| sed 's/^default://' \
|
||||
| sort -u \
|
||||
| sed 's/\(.*\)/default:\1\n\1/' )"
|
||||
set_default=1
|
||||
else
|
||||
set_default=0
|
||||
fi
|
||||
|
||||
if [ "$file_is" = 'regular' ] \
|
||||
&& echo "$acl_should" | grep -Eq '^default:'
|
||||
then
|
||||
# only directories can have default ACLs,
|
||||
# but instead of error,
|
||||
# let's just remove default entries
|
||||
acl_should="$( echo "$acl_should" | grep -Ev '^default:' )"
|
||||
fi
|
||||
acl_should="$( for parameter in user group mask other
|
||||
do
|
||||
if [ ! -f "$__object/parameter/$parameter" ]
|
||||
then
|
||||
continue
|
||||
fi
|
||||
|
||||
if echo "$acl_should" | awk -F: '{ print $NF }' | grep -Fq 'X'
|
||||
then
|
||||
[ "$file_is" = 'directory' ] && rep=x || rep=-
|
||||
while read -r acl
|
||||
do
|
||||
if echo "$acl" | awk -F: '{ print $NF }' | grep -Fq 'X'
|
||||
then
|
||||
[ "$file_is" = 'directory' ] && rep=x || rep=-
|
||||
|
||||
acl_should="$( echo "$acl_should" | sed "s/\\(.*\\)X/\\1$rep/" )"
|
||||
fi
|
||||
acl="$( echo "$acl" | sed "s/\(.*\)X/\1$rep/" )"
|
||||
fi
|
||||
|
||||
echo "$parameter" | grep -Eq '(mask|other)' && sep=:: || sep=:
|
||||
|
||||
echo "$parameter$sep$acl"
|
||||
|
||||
[ "$set_default" = '1' ] && echo "default:$parameter$sep$acl"
|
||||
done \
|
||||
< "$__object/parameter/$parameter"
|
||||
done )"
|
||||
|
||||
setfacl_exec='setfacl'
|
||||
|
||||
if [ -f "$__object/parameter/recursive" ]
|
||||
then
|
||||
if echo "$os" | grep -Fq 'freebsd'
|
||||
if echo "$os" | grep -Eq 'macosx|freebsd'
|
||||
then
|
||||
echo "$os setfacl do not support recursive operations" >&2
|
||||
else
|
||||
|
@ -88,36 +82,44 @@ fi
|
|||
|
||||
if [ -f "$__object/parameter/remove" ]
|
||||
then
|
||||
echo "$acl_is" | while read -r acl
|
||||
do
|
||||
# skip wanted ACL entries which already exist
|
||||
# and skip mask and other entries, because we
|
||||
# can't actually remove them, but only change.
|
||||
if echo "$acl_should" | grep -Eq "^$acl" \
|
||||
|| echo "$acl" | grep -Eq '^(default:)?(mask|other)'
|
||||
then continue
|
||||
fi
|
||||
if echo "$os" | grep -Fq 'solaris'
|
||||
then
|
||||
# Solaris setfacl behaves differently.
|
||||
# We will not support Solaris for now, because no way to test it.
|
||||
# But adding support should be easy (use -s instead of -m on modify).
|
||||
echo "$os setfacl do not support -x flag for ACL remove" >&2
|
||||
else
|
||||
echo "$acl_is" | while read -r acl
|
||||
do
|
||||
# Skip wanted ACL entries which already exist
|
||||
# and skip mask and other entries, because we
|
||||
# can't actually remove them, but only change.
|
||||
if echo "$acl_should" | grep -Eq "^$acl" \
|
||||
|| echo "$acl" | grep -Eq '^(default:)?(mask|other)'
|
||||
then continue
|
||||
fi
|
||||
|
||||
if echo "$os" | grep -Fq 'freebsd'
|
||||
then
|
||||
remove="$acl"
|
||||
else
|
||||
remove="$( echo "$acl" | sed 's/:...$//' )"
|
||||
fi
|
||||
if echo "$os" | grep -Eq 'macosx|freebsd'
|
||||
then
|
||||
remove="$acl"
|
||||
else
|
||||
remove="$( echo "$acl" | sed 's/:...$//' )"
|
||||
fi
|
||||
|
||||
echo "$setfacl_exec -x \"$remove\" \"$acl_path\""
|
||||
echo "removed '$remove'" >> "$__messages_out"
|
||||
done
|
||||
echo "$setfacl_exec -x \"$remove\" \"$acl_path\""
|
||||
echo "removed '$remove'" >> "$__messages_out"
|
||||
done
|
||||
fi
|
||||
fi
|
||||
|
||||
for acl in $acl_should
|
||||
do
|
||||
if ! echo "$acl_is" | grep -Eq "^$acl"
|
||||
then
|
||||
if echo "$os" | grep -Fq 'freebsd' \
|
||||
if echo "$os" | grep -Eq 'macosx|freebsd' \
|
||||
&& echo "$acl" | grep -Eq '^default:'
|
||||
then
|
||||
echo "setting default ACL in $os is currently not supported" >&2
|
||||
echo "setting default ACL in $os is currently not supported. sorry :(" >&2
|
||||
else
|
||||
echo "$setfacl_exec -m \"$acl\" \"$acl_path\""
|
||||
echo "added '$acl'" >> "$__messages_out"
|
||||
|
|
|
@ -8,36 +8,46 @@ cdist-type__acl - Set ACL entries
|
|||
|
||||
DESCRIPTION
|
||||
-----------
|
||||
Fully supported and tested on Linux (ext4 filesystem), partial support for FreeBSD.
|
||||
ACL must be defined as 3-symbol combination, using ``r``, ``w``, ``x`` and ``-``.
|
||||
|
||||
Fully supported on Linux (tested on Debian and CentOS).
|
||||
|
||||
Partial support for FreeBSD, OSX and Solaris.
|
||||
|
||||
OpenBSD and NetBSD support is not possible.
|
||||
|
||||
See ``setfacl`` and ``acl`` manpages for more details.
|
||||
|
||||
|
||||
REQUIRED MULTIPLE PARAMETERS
|
||||
OPTIONAL MULTIPLE PARAMETERS
|
||||
----------------------------
|
||||
acl
|
||||
Set ACL entry following ``getfacl`` output syntax.
|
||||
user
|
||||
Add user ACL entry.
|
||||
|
||||
group
|
||||
Add group ACL entry.
|
||||
|
||||
|
||||
OPTIONAL PARAMETERS
|
||||
-------------------
|
||||
mask
|
||||
Add mask ACL entry.
|
||||
|
||||
other
|
||||
Add other ACL entry.
|
||||
|
||||
|
||||
BOOLEAN PARAMETERS
|
||||
------------------
|
||||
default
|
||||
Set all ACL entries as default too.
|
||||
Only directories can have default ACLs.
|
||||
Setting default ACL in FreeBSD is currently not supported.
|
||||
|
||||
recursive
|
||||
Make ``setfacl`` recursive (Linux only), but not ``getfacl`` in explorer.
|
||||
|
||||
default
|
||||
Add default ACL entries (FreeBSD not supported).
|
||||
|
||||
remove
|
||||
Remove undefined ACL entries.
|
||||
``mask`` and ``other`` entries can't be removed, but only changed.
|
||||
|
||||
|
||||
DEPRECATED PARAMETERS
|
||||
---------------------
|
||||
Parameters ``user``, ``group``, ``mask`` and ``other`` are deprecated and they
|
||||
will be removed in future versions. Please use ``acl`` parameter instead.
|
||||
Remove undefined ACL entries (Solaris not supported).
|
||||
ACL entries for ``mask`` and ``other`` can't be removed.
|
||||
|
||||
|
||||
EXAMPLES
|
||||
|
@ -46,30 +56,15 @@ EXAMPLES
|
|||
.. code-block:: sh
|
||||
|
||||
__acl /srv/project \
|
||||
--default \
|
||||
--recursive \
|
||||
--remove \
|
||||
--acl user:alice:rwx \
|
||||
--acl user:bob:r-x \
|
||||
--acl group:project-group:rwx \
|
||||
--acl group:some-other-group:r-x \
|
||||
--acl mask::r-x \
|
||||
--acl other::r-x
|
||||
|
||||
# give Alice read-only access to subdir,
|
||||
# but don't allow her to see parent content.
|
||||
|
||||
__acl /srv/project2 \
|
||||
--remove \
|
||||
--acl default:group:secret-project:rwx \
|
||||
--acl group:secret-project:rwx \
|
||||
--acl user:alice:--x
|
||||
|
||||
__acl /srv/project2/subdir \
|
||||
--default \
|
||||
--remove \
|
||||
--acl group:secret-project:rwx \
|
||||
--acl user:alice:r-x
|
||||
--user alice:rwx \
|
||||
--user bob:r-x \
|
||||
--group project-group:rwx \
|
||||
--group some-other-group:r-x \
|
||||
--mask r-x \
|
||||
--other r-x
|
||||
|
||||
|
||||
AUTHORS
|
||||
|
|
|
@ -1 +0,0 @@
|
|||
see manual for details
|
|
@ -1 +0,0 @@
|
|||
see manual for details
|
|
@ -1 +0,0 @@
|
|||
see manual for details
|
|
@ -1 +0,0 @@
|
|||
see manual for details
|
|
@ -1,3 +1,2 @@
|
|||
acl
|
||||
user
|
||||
group
|
||||
|
|
|
@ -27,18 +27,6 @@ else
|
|||
keyid="$__object_id"
|
||||
fi
|
||||
|
||||
keydir="$(cat "$__object/parameter/keydir")"
|
||||
keyfile="$keydir/$__object_id.gpg"
|
||||
|
||||
if [ -d "$keydir" ]
|
||||
then
|
||||
if [ -f "$keyfile" ]
|
||||
then echo present
|
||||
else echo absent
|
||||
fi
|
||||
else
|
||||
# fallback to deprecated apt-key
|
||||
apt-key export "$keyid" | head -n 1 | grep -Fqe "BEGIN PGP PUBLIC KEY BLOCK" \
|
||||
&& echo present \
|
||||
|| echo absent
|
||||
fi
|
||||
apt-key export "$keyid" | head -n 1 | grep -Fqe "BEGIN PGP PUBLIC KEY BLOCK" \
|
||||
&& echo present \
|
||||
|| echo absent
|
||||
|
|
|
@ -31,82 +31,12 @@ if [ "$state_should" = "$state_is" ]; then
|
|||
exit 0
|
||||
fi
|
||||
|
||||
keydir="$(cat "$__object/parameter/keydir")"
|
||||
keyfile="$keydir/$__object_id.gpg"
|
||||
|
||||
case "$state_should" in
|
||||
present)
|
||||
keyserver="$(cat "$__object/parameter/keyserver")"
|
||||
|
||||
if [ -f "$__object/parameter/uri" ]; then
|
||||
uri="$(cat "$__object/parameter/uri")"
|
||||
|
||||
if [ -d "$keydir" ]; then
|
||||
cat << EOF
|
||||
|
||||
curl -s -L \\
|
||||
-o "$keyfile" \\
|
||||
"$uri"
|
||||
|
||||
key="\$( cat "$keyfile" )"
|
||||
|
||||
if echo "\$key" | grep -Fq 'BEGIN PGP PUBLIC KEY BLOCK'
|
||||
then
|
||||
echo "\$key" | gpg --dearmor > "$keyfile"
|
||||
fi
|
||||
|
||||
EOF
|
||||
else
|
||||
# fallback to deprecated apt-key
|
||||
echo "curl -s -L '$uri' | apt-key add -"
|
||||
fi
|
||||
elif [ -d "$keydir" ]; then
|
||||
# we need to kill gpg after 30 seconds, because gpg
|
||||
# can get stuck if keyserver is not responding.
|
||||
# exporting env var and not exit 1,
|
||||
# because we need to clean up and kill dirmngr.
|
||||
cat << EOF
|
||||
|
||||
gpgtmphome="\$( mktemp -d )"
|
||||
|
||||
if timeout 30s \\
|
||||
gpg --homedir "\$gpgtmphome" \\
|
||||
--keyserver "$keyserver" \\
|
||||
--recv-keys "$keyid"
|
||||
then
|
||||
gpg --homedir "\$gpgtmphome" \\
|
||||
--export "$keyid" \\
|
||||
> "$keyfile"
|
||||
else
|
||||
export GPG_GOT_STUCK=1
|
||||
fi
|
||||
|
||||
GNUPGHOME="\$gpgtmphome" gpgconf --kill dirmngr
|
||||
|
||||
rm -rf "\$gpgtmphome"
|
||||
|
||||
if [ -n "\$GPG_GOT_STUCK" ]
|
||||
then
|
||||
echo "GPG GOT STUCK - no response from keyserver after 30 seconds" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
EOF
|
||||
else
|
||||
# fallback to deprecated apt-key
|
||||
echo "apt-key adv --keyserver \"$keyserver\" --recv-keys \"$keyid\""
|
||||
fi
|
||||
|
||||
echo "added '$keyid'" >> "$__messages_out"
|
||||
echo "apt-key adv --keyserver \"$keyserver\" --recv-keys \"$keyid\""
|
||||
;;
|
||||
absent)
|
||||
if [ -f "$keyfile" ]; then
|
||||
echo "rm '$keyfile'"
|
||||
else
|
||||
# fallback to deprecated apt-key
|
||||
echo "apt-key del \"$keyid\""
|
||||
fi
|
||||
|
||||
echo "removed '$keyid'" >> "$__messages_out"
|
||||
echo "apt-key del \"$keyid\""
|
||||
;;
|
||||
esac
|
||||
|
|
|
@ -28,12 +28,6 @@ keyserver
|
|||
the keyserver from which to fetch the key. If omitted the default set
|
||||
in ./parameter/default/keyserver is used.
|
||||
|
||||
keydir
|
||||
key save location, defaults to ``/etc/apt/trusted.pgp.d``
|
||||
|
||||
uri
|
||||
the URI from which to download the key
|
||||
|
||||
|
||||
EXAMPLES
|
||||
--------
|
||||
|
@ -53,20 +47,15 @@ EXAMPLES
|
|||
# same thing with other keyserver
|
||||
__apt_key UbuntuArchiveKey --keyid 437D05B5 --keyserver keyserver.ubuntu.com
|
||||
|
||||
# download key from the internet
|
||||
__apt_key rabbitmq \
|
||||
--uri http://www.rabbitmq.com/rabbitmq-signing-key-public.asc
|
||||
|
||||
|
||||
AUTHORS
|
||||
-------
|
||||
Steven Armstrong <steven-cdist--@--armstrong.cc>
|
||||
Ander Punnar <ander-at-kvlt-dot-ee>
|
||||
|
||||
|
||||
COPYING
|
||||
-------
|
||||
Copyright \(C) 2011-2019 Steven Armstrong and Ander Punnar. You can
|
||||
redistribute it and/or modify it under the terms of the GNU General Public
|
||||
License as published by the Free Software Foundation, either version 3 of the
|
||||
Copyright \(C) 2011-2014 Steven Armstrong. You can redistribute it
|
||||
and/or modify it under the terms of the GNU General Public License as
|
||||
published by the Free Software Foundation, either version 3 of the
|
||||
License, or (at your option) any later version.
|
||||
|
|
|
@ -1,8 +0,0 @@
|
|||
#!/bin/sh -e
|
||||
|
||||
__package gnupg
|
||||
|
||||
if [ -f "$__object/parameter/uri" ]
|
||||
then __package curl
|
||||
else __package dirmngr
|
||||
fi
|
|
@ -1 +0,0 @@
|
|||
/etc/apt/trusted.gpg.d
|
|
@ -1,5 +1,3 @@
|
|||
state
|
||||
keyid
|
||||
keyserver
|
||||
keydir
|
||||
uri
|
||||
|
|
12
cdist/conf/type/__cdist_preos_trigger/gencode-remote
Normal file
12
cdist/conf/type/__cdist_preos_trigger/gencode-remote
Normal file
|
@ -0,0 +1,12 @@
|
|||
#!/bin/sh
|
||||
|
||||
os=$(cat "$__global/explorer/os")
|
||||
|
||||
case "$os" in
|
||||
devuan)
|
||||
echo "update-rc.d cdist-preos-trigger defaults > /dev/null"
|
||||
;;
|
||||
*)
|
||||
;;
|
||||
esac
|
||||
|
45
cdist/conf/type/__cdist_preos_trigger/man.rst
Normal file
45
cdist/conf/type/__cdist_preos_trigger/man.rst
Normal file
|
@ -0,0 +1,45 @@
|
|||
cdist-type__cdist_preos_trigger(7)
|
||||
==================================
|
||||
|
||||
NAME
|
||||
----
|
||||
cdist-type__cdist_preos_trigger - configure cdist preos trigger
|
||||
|
||||
|
||||
DESCRIPTION
|
||||
-----------
|
||||
Create cdist PreOS trigger by creating systemd unit file that will be started
|
||||
at boot and will execute trigger command - connect to specified host and port.
|
||||
|
||||
|
||||
REQUIRED PARAMETERS
|
||||
-------------------
|
||||
trigger-command
|
||||
Command that will be executed as a PreOS cdist trigger.
|
||||
|
||||
|
||||
OPTIONAL PARAMETERS
|
||||
-------------------
|
||||
None
|
||||
|
||||
|
||||
EXAMPLES
|
||||
--------
|
||||
|
||||
.. code-block:: sh
|
||||
|
||||
# Configure default curl trigger for host cdist.ungleich.ch at port 80.
|
||||
__cdist_preos_trigger http --trigger-command '/usr/bin/curl cdist.ungleich.ch:80'
|
||||
|
||||
|
||||
AUTHORS
|
||||
-------
|
||||
Darko Poljak <darko.poljak--@--ungleich.ch>
|
||||
|
||||
|
||||
COPYING
|
||||
-------
|
||||
Copyright \(C) 2016 Darko Poljak. You can redistribute it
|
||||
and/or modify it under the terms of the GNU General Public License as
|
||||
published by the Free Software Foundation, either version 3 of the
|
||||
License, or (at your option) any later version.
|
67
cdist/conf/type/__cdist_preos_trigger/manifest
Normal file
67
cdist/conf/type/__cdist_preos_trigger/manifest
Normal file
|
@ -0,0 +1,67 @@
|
|||
#!/bin/sh
|
||||
|
||||
os="$(cat "$__global/explorer/os")"
|
||||
trigger_command=$(cat "$__object/parameter/trigger-command")
|
||||
|
||||
case "$os" in
|
||||
devuan)
|
||||
__file /etc/init.d/cdist-preos-trigger --owner root \
|
||||
--group root \
|
||||
--mode 755 \
|
||||
--source - << EOF
|
||||
#!/bin/sh
|
||||
# /etc/init.d/cdist-preos-trigger
|
||||
|
||||
### BEGIN INIT INFO
|
||||
# Provides: cdist-preos-trigger
|
||||
# Required-Start: \$all
|
||||
# Required-Stop:
|
||||
# Default-Start: 2 3 4 5 S
|
||||
# Default-Stop: 0 1 6
|
||||
# Short-Description: Execute cdist preos trigger command
|
||||
# Description: Execute cdist preos trigger commnad.
|
||||
### END INIT INFO
|
||||
|
||||
case "\$1" in
|
||||
start)
|
||||
echo "Starting cdist-preos-trigger command"
|
||||
${trigger_command} &
|
||||
;;
|
||||
stop)
|
||||
# no-op
|
||||
;;
|
||||
*)
|
||||
echo "Usage: /etc/init.d/cdist-preos-trigger {start|stop}"
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
|
||||
exit 0
|
||||
EOF
|
||||
;;
|
||||
*)
|
||||
__file /etc/systemd/system/cdist-preos-trigger.service --owner root \
|
||||
--group root \
|
||||
--mode 644 \
|
||||
--source - << EOF
|
||||
[Unit]
|
||||
Description=preos trigger
|
||||
Wants=network-online.target
|
||||
After=network.target network-online.target
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
Restart=no
|
||||
# Broken systemd
|
||||
ExecStartPre=/bin/sleep 5
|
||||
ExecStart=${trigger_command}
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
EOF
|
||||
|
||||
require="__file/etc/systemd/system/cdist-preos-trigger.service" \
|
||||
__start_on_boot cdist-preos-trigger
|
||||
;;
|
||||
esac
|
||||
|
1
cdist/conf/type/__cdist_preos_trigger/parameter/required
Normal file
1
cdist/conf/type/__cdist_preos_trigger/parameter/required
Normal file
|
@ -0,0 +1 @@
|
|||
trigger-command
|
|
@ -1 +0,0 @@
|
|||
886614099 103959898 consul
|
|
@ -1 +0,0 @@
|
|||
https://releases.hashicorp.com/consul/1.5.0/consul_1.5.0_linux_amd64.zip
|
|
@ -42,7 +42,7 @@ source_file_name="${source##*/}"
|
|||
cksum_should=$(cut -d' ' -f1,2 "$version_dir/cksum")
|
||||
|
||||
cat << eof
|
||||
tmpdir=\$(mktemp -d -p /tmp "${__type##*/}.XXXXXXXXXX")
|
||||
tmpdir=\$(mktemp -d --tmpdir="/tmp" "${__type##*/}.XXXXXXXXXX")
|
||||
curl -s -L "$source" > "\$tmpdir/$source_file_name"
|
||||
unzip -p "\$tmpdir/$source_file_name" > "${destination}.tmp"
|
||||
rm -rf "\$tmpdir"
|
||||
|
|
|
@ -24,7 +24,7 @@
|
|||
os=$(cat "$__global/explorer/os")
|
||||
|
||||
case "$os" in
|
||||
alpine|scientific|centos|redhat|ubuntu|debian|devuan|archlinux|gentoo)
|
||||
scientific|centos|redhat|ubuntu|debian|devuan|archlinux|gentoo)
|
||||
# any linux should work
|
||||
:
|
||||
;;
|
||||
|
@ -47,7 +47,6 @@ fi
|
|||
|
||||
if [ -f "$__object/parameter/direct" ]; then
|
||||
__package unzip
|
||||
__package curl
|
||||
else
|
||||
__staged_file /usr/local/bin/consul \
|
||||
--source "$(cat "$version_dir/source")" \
|
||||
|
|
|
@ -1,38 +0,0 @@
|
|||
#!/sbin/openrc-run
|
||||
# 2019 Nico Schottelius (nico-cdist at schottelius.org)
|
||||
|
||||
description="consul agent"
|
||||
|
||||
pidfile="${CONSUL_PIDFILE:-"/var/run/$RC_SVCNAME/pidfile"}"
|
||||
command="${CONSUL_BINARY:-"/usr/local/bin/consul"}"
|
||||
|
||||
|
||||
checkconfig() {
|
||||
if [ ! -d /var/run/consul ] ; then
|
||||
mkdir -p /var/run/consul || return 1
|
||||
chown consul:consul /var/run/$NAME || return 1
|
||||
chmod 2770 /var/run/$NAME || return 1
|
||||
fi
|
||||
}
|
||||
|
||||
start() {
|
||||
need net
|
||||
|
||||
start-stop-daemon --start --quiet --oknodo \
|
||||
--pidfile "$pidfile" --background \
|
||||
--exec $command -- agent -pid-file="$pidfile" -config-dir /etc/consul/conf.d
|
||||
}
|
||||
start_pre() {
|
||||
checkconfig
|
||||
}
|
||||
|
||||
stop() {
|
||||
if [ "${RC_CMD}" = "restart" ] ; then
|
||||
checkconfig || return 1
|
||||
fi
|
||||
|
||||
ebegin "Stopping $RC_SVCNAME"
|
||||
start-stop-daemon --stop --exec "$command" \
|
||||
--pidfile "$pidfile" --quiet
|
||||
eend $?
|
||||
}
|
|
@ -1,7 +1,7 @@
|
|||
#!/bin/sh -e
|
||||
#
|
||||
# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||
# 2015-2019 Nico Schottelius (nico-cdist at schottelius.org)
|
||||
# 2015 Nico Schottelius (nico-cdist at schottelius.org)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
|
@ -23,7 +23,7 @@
|
|||
os=$(cat "$__global/explorer/os")
|
||||
|
||||
case "$os" in
|
||||
alpine|scientific|centos|debian|devuan|redhat|ubuntu)
|
||||
scientific|centos|debian|devuan|redhat|ubuntu)
|
||||
# whitelist safeguard
|
||||
:
|
||||
;;
|
||||
|
@ -181,25 +181,22 @@ init_upstart()
|
|||
|
||||
# Install init script to start on boot
|
||||
case "$os" in
|
||||
alpine|devuan)
|
||||
init_sysvinit debian
|
||||
;;
|
||||
centos|redhat)
|
||||
os_version="$(sed 's/[^0-9.]//g' "$__global/explorer/os_version")"
|
||||
major_version="${os_version%%.*}"
|
||||
case "$major_version" in
|
||||
[456])
|
||||
init_sysvinit redhat
|
||||
;;
|
||||
7)
|
||||
init_systemd
|
||||
;;
|
||||
*)
|
||||
echo "Unsupported CentOS/Redhat version: $os_version" >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
;;
|
||||
centos|redhat)
|
||||
os_version="$(sed 's/[^0-9.]//g' "$__global/explorer/os_version")"
|
||||
major_version="${os_version%%.*}"
|
||||
case "$major_version" in
|
||||
[456])
|
||||
init_sysvinit redhat
|
||||
;;
|
||||
7)
|
||||
init_systemd
|
||||
;;
|
||||
*)
|
||||
echo "Unsupported CentOS/Redhat version: $os_version" >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
;;
|
||||
|
||||
debian)
|
||||
os_version=$(cat "$__global/explorer/os_version")
|
||||
|
@ -217,9 +214,13 @@ case "$os" in
|
|||
exit 1
|
||||
;;
|
||||
esac
|
||||
;;
|
||||
;;
|
||||
|
||||
devuan)
|
||||
init_sysvinit debian
|
||||
;;
|
||||
|
||||
ubuntu)
|
||||
init_upstart
|
||||
;;
|
||||
;;
|
||||
esac
|
||||
|
|
|
@ -64,43 +64,6 @@ case "$os" in
|
|||
require="__apt_source/docker" __package docker-ce --state "${state}"
|
||||
fi
|
||||
;;
|
||||
devuan)
|
||||
os_version="$(cat "$__global/explorer/os_version")"
|
||||
|
||||
case "$os_version" in
|
||||
ascii)
|
||||
distribution="stretch"
|
||||
;;
|
||||
jessie)
|
||||
distribution="jessie"
|
||||
;;
|
||||
*)
|
||||
echo "Your devuan release ($os_version) is currently not supported by this type (${__type##*/}).">&2
|
||||
echo "Please contribute an implementation for it if you can." >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
|
||||
if [ "${state}" = "present" ]; then
|
||||
__package apt-transport-https
|
||||
__package ca-certificates
|
||||
__package gnupg2
|
||||
fi
|
||||
__apt_key_uri docker --name "Docker Release (CE deb) <docker@docker.com>" \
|
||||
--uri "https://download.docker.com/linux/${os}/gpg" --state "${state}"
|
||||
|
||||
require="__apt_key_uri/docker" __apt_source docker \
|
||||
--uri "https://download.docker.com/linux/${os}" \
|
||||
--distribution "${distribution}" \
|
||||
--state "${state}" \
|
||||
--component "stable"
|
||||
if [ "$version" != "latest" ]; then
|
||||
require="__apt_source/docker" __package docker-ce --version "${version}" --state "${state}"
|
||||
else
|
||||
require="__apt_source/docker" __package docker-ce --state "${state}"
|
||||
fi
|
||||
|
||||
;;
|
||||
*)
|
||||
echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2
|
||||
echo "Please contribute an implementation for it if you can." >&2
|
||||
|
|
|
@ -18,4 +18,4 @@
|
|||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
docker info 2>/dev/null | grep '^ *Swarm: ' | awk '{print $2}'
|
||||
docker info 2>/dev/null | grep "^Swarm: " | cut -d " " -f 2-
|
||||
|
|
103
cdist/conf/type/__file_py/__init__.py
Normal file
103
cdist/conf/type/__file_py/__init__.py
Normal file
|
@ -0,0 +1,103 @@
|
|||
import os
|
||||
import re
|
||||
import sys
|
||||
from cdist.core import PythonType
|
||||
|
||||
|
||||
class FileType(PythonType):
|
||||
def get_attribute(self, stat_file, attribute, value_should):
|
||||
if os.path.exists(stat_file):
|
||||
if re.match('[0-9]', value_should):
|
||||
index = 1
|
||||
else:
|
||||
index = 2
|
||||
with open(stat_file, 'r') as f:
|
||||
for line in f:
|
||||
if re.match(attribute + ":", line):
|
||||
fields = line.split()
|
||||
return fields[index]
|
||||
return None
|
||||
|
||||
def set_attribute(self, attribute, value_should, destination):
|
||||
cmd = {
|
||||
'group': 'chgrp',
|
||||
'owner': 'chown',
|
||||
'mode': 'chmod',
|
||||
}
|
||||
self.send_message("{} '{}'".format(cmd[attribute], value_should))
|
||||
return "{} '{}' '{}'".format(cmd[attribute], value_should, destination)
|
||||
|
||||
def type_manifest(self):
|
||||
yield from ()
|
||||
|
||||
def type_gencode(self):
|
||||
typeis = self.get_explorer('type')
|
||||
state_should = self.get_parameter('state')
|
||||
|
||||
if state_should == 'exists' and typeis == 'file':
|
||||
return
|
||||
|
||||
source = self.get_parameter('source')
|
||||
if source == '-':
|
||||
source = self.stdin_path
|
||||
destination = '/' + self.object_id
|
||||
if state_should == 'pre-exists':
|
||||
if source is not None:
|
||||
self.die('--source cannot be used with --state pre-exists')
|
||||
if typeis == 'file':
|
||||
return None
|
||||
else:
|
||||
self.die('File {} does not exist'.format(destination))
|
||||
|
||||
create_file = False
|
||||
upload_file = False
|
||||
set_attributes = False
|
||||
code = []
|
||||
if state_should == 'present' or state_should == 'exists':
|
||||
if source is None:
|
||||
remote_stat = self.get_explorer('stat')
|
||||
if not remote_stat:
|
||||
create_file = True
|
||||
else:
|
||||
if os.path.exists(source):
|
||||
if typeis == 'file':
|
||||
local_cksum = self.run_local(['cksum', source, ])
|
||||
local_cksum = local_cksum.split()[0]
|
||||
remote_cksum = self.get_explorer('cksum')
|
||||
remote_cksum = remote_cksum.split()[0]
|
||||
upload_file = local_cksum != remote_cksum
|
||||
else:
|
||||
upload_file = True
|
||||
else:
|
||||
self.die('Source {} does not exist'.format(source))
|
||||
if create_file or upload_file:
|
||||
set_attributes = True
|
||||
tempfile_template = '{}.cdist.XXXXXXXXXX'.format(destination)
|
||||
destination_upload = self.run_remote(
|
||||
["mktemp", tempfile_template, ])
|
||||
if upload_file:
|
||||
self.transfer(source, destination_upload)
|
||||
code.append('rm -rf {}'.format(destination))
|
||||
code.append('mv {} {}'.format(destination_upload, destination))
|
||||
|
||||
if state_should in ('present', 'exists', 'pre-exists', ):
|
||||
for attribute in ('group', 'owner', 'mode', ):
|
||||
if attribute in self.parameters:
|
||||
value_should = self.get_parameter(attribute)
|
||||
if attribute == 'mode':
|
||||
value_should = re.sub('^0', '', value_should)
|
||||
stat_file = self.get_explorer_file('stat')
|
||||
value_is = self.get_attribute(stat_file, attribute,
|
||||
value_should)
|
||||
if set_attributes or value_should != value_is:
|
||||
code.append(self.set_attribute(attribute,
|
||||
value_should,
|
||||
destination))
|
||||
elif state_should == 'absent':
|
||||
if typeis == 'file':
|
||||
code.append('rm -f {}'.format(destination))
|
||||
self.send_message('remove')
|
||||
else:
|
||||
self.die('Unknown state {}'.format(state_should))
|
||||
|
||||
return "\n".join(code)
|
23
cdist/conf/type/__xymon_config/gencode-remote → cdist/conf/type/__file_py/explorer/cksum
Normal file → Executable file
23
cdist/conf/type/__xymon_config/gencode-remote → cdist/conf/type/__file_py/explorer/cksum
Normal file → Executable file
|
@ -1,6 +1,6 @@
|
|||
#!/bin/sh -e
|
||||
#!/bin/sh
|
||||
#
|
||||
# 2018-2019 Thomas Eckert (tom at it-eckert.de)
|
||||
# 2011-2012 Nico Schottelius (nico-cdist at schottelius.org)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
|
@ -16,8 +16,19 @@
|
|||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
#
|
||||
# Retrieve the md5sum of a file to be created, if it is already existing.
|
||||
#
|
||||
|
||||
## to speed up config-reload we send a HUP to the server process:
|
||||
cat <<-EOT
|
||||
pkill -HUP xymond || { echo "HUPing xymond failed" >&2; exit 1; }
|
||||
EOT
|
||||
destination="/$__object_id"
|
||||
|
||||
if [ -e "$destination" ]; then
|
||||
if [ -f "$destination" ]; then
|
||||
cksum < "$destination"
|
||||
else
|
||||
echo "NO REGULAR FILE"
|
||||
fi
|
||||
else
|
||||
echo "NO FILE FOUND, NO CHECKSUM CALCULATED."
|
||||
fi
|
|
@ -1,6 +1,6 @@
|
|||
#!/bin/sh -e
|
||||
#!/bin/sh
|
||||
#
|
||||
# 2018-2019 Thomas Eckert (tom at it-eckert.de)
|
||||
# 2013 Steven Armstrong (steven-cdist armstrong.cc)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
|
@ -16,27 +16,41 @@
|
|||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
state=$(cat "$__object/parameter/state")
|
||||
destination="/$__object_id"
|
||||
|
||||
os=$(cat "$__global/explorer/os")
|
||||
# nothing to work with, nothing we could do
|
||||
[ -e "$destination" ] || exit 0
|
||||
|
||||
os=$("$__explorer/os")
|
||||
case "$os" in
|
||||
debian|ubuntu)
|
||||
:
|
||||
;;
|
||||
*)
|
||||
echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2
|
||||
echo "Please contribute an implementation for it if you can." >&2
|
||||
exit 1
|
||||
;;
|
||||
"freebsd"|"netbsd"|"openbsd")
|
||||
# FIXME: should be something like this based on man page, but can not test
|
||||
stat -f "type: %ST
|
||||
owner: %Du %Su
|
||||
group: %Dg %Sg
|
||||
mode: %Op %Sp
|
||||
size: %Dz
|
||||
links: %Dl
|
||||
" "$destination"
|
||||
;;
|
||||
"macosx")
|
||||
stat -f "type: %HT
|
||||
owner: %Du %Su
|
||||
group: %Dg %Sg
|
||||
mode: %Lp %Sp
|
||||
size: %Dz
|
||||
links: %Dl
|
||||
" "$destination"
|
||||
;;
|
||||
*)
|
||||
stat --printf="type: %F
|
||||
owner: %u %U
|
||||
group: %g %G
|
||||
mode: %a %A
|
||||
size: %s
|
||||
links: %h
|
||||
" "$destination"
|
||||
;;
|
||||
esac
|
||||
|
||||
__package apache2 --state "$state"
|
||||
|
||||
## edit xymon.conf IP-ranges
|
||||
if [ -f "$__object/parameter/ipacl" ]; then
|
||||
require="__package/xymon" __line /etc/apache2/conf-available/xymon.conf \
|
||||
--line " Require ip $(cat "$__object/parameter/ipacl")" \
|
||||
--after "^[[:space:]]*Require local" \
|
||||
--state "present"
|
||||
fi
|
21
cdist/conf/type/__podman_compose/gencode-remote → cdist/conf/type/__file_py/explorer/type
Normal file → Executable file
21
cdist/conf/type/__podman_compose/gencode-remote → cdist/conf/type/__file_py/explorer/type
Normal file → Executable file
|
@ -1,6 +1,6 @@
|
|||
#!/bin/sh -e
|
||||
#!/bin/sh
|
||||
#
|
||||
# 2019 Daniel Tschada
|
||||
# 2013 Steven Armstrong (steven-cdist armstrong.cc)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
|
@ -18,7 +18,16 @@
|
|||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
install="$(cat "$__object/parameter/install")"
|
||||
state="$(cat "$__object/parameter/state")"
|
||||
user="$(cat "$__object/parameter/user")"
|
||||
version="$(cat "$__object/parameter/version")"
|
||||
destination="/$__object_id"
|
||||
|
||||
if [ ! -e "$destination" ]; then
|
||||
echo none
|
||||
elif [ -h "$destination" ]; then
|
||||
echo symlink
|
||||
elif [ -f "$destination" ]; then
|
||||
echo file
|
||||
elif [ -d "$destination" ]; then
|
||||
echo directory
|
||||
else
|
||||
echo unknown
|
||||
fi
|
5
cdist/conf/type/__file_py/parameter/optional
Normal file
5
cdist/conf/type/__file_py/parameter/optional
Normal file
|
@ -0,0 +1,5 @@
|
|||
state
|
||||
group
|
||||
mode
|
||||
owner
|
||||
source
|
|
@ -19,34 +19,32 @@
|
|||
#
|
||||
#
|
||||
|
||||
state_is=$(cat "$__object/explorer/state")
|
||||
owner_is=$(cat "$__object/explorer/owner")
|
||||
group_is=$(cat "$__object/explorer/group")
|
||||
state_is="$(cat "$__object/explorer/state")"
|
||||
owner_is="$(cat "$__object/explorer/owner")"
|
||||
group_is="$(cat "$__object/explorer/group")"
|
||||
|
||||
state_should=$(cat "$__object/parameter/state")
|
||||
state_should="$(cat "$__object/parameter/state")"
|
||||
|
||||
branch=$(cat "$__object/parameter/branch")
|
||||
branch="$(cat "$__object/parameter/branch")"
|
||||
|
||||
source=$(cat "$__object/parameter/source")
|
||||
source="$(cat "$__object/parameter/source")"
|
||||
|
||||
destination="/$__object_id"
|
||||
|
||||
owner=$(cat "$__object/parameter/owner")
|
||||
group=$(cat "$__object/parameter/group")
|
||||
mode=$(cat "$__object/parameter/mode")
|
||||
owner="$(cat "$__object/parameter/owner")"
|
||||
group="$(cat "$__object/parameter/group")"
|
||||
mode="$(cat "$__object/parameter/mode")"
|
||||
|
||||
[ -f "$__object/parameter/recursive" ] && recursive='--recurse-submodules' || recursive=''
|
||||
[ -f "$__object/parameter/shallow" ] && shallow='--depth 1 --shallow-submodules' || shallow=''
|
||||
|
||||
[ "$state_should" = "$state_is" ] \
|
||||
&& [ "$owner" = "$owner_is" ] \
|
||||
&& [ "$group" = "$group_is" ] \
|
||||
&& [ -n "$mode" ] && exit 0
|
||||
[ "$state_should" = "$state_is" ] && \
|
||||
[ "$owner" = "$owner_is" ] && \
|
||||
[ "$group" = "$group_is" ] && \
|
||||
[ -n "$mode" ] && exit 0
|
||||
|
||||
case $state_should in
|
||||
present)
|
||||
|
||||
if [ "$state_should" != "$state_is" ]; then
|
||||
echo git clone --quiet "$recursive" "$shallow" --branch "$branch" "$source" "$destination"
|
||||
echo git clone --quiet --branch "$branch" "$source" "$destination"
|
||||
fi
|
||||
if { [ -n "$owner" ] && [ "$owner_is" != "$owner" ]; } || \
|
||||
{ [ -n "$group" ] && [ "$group_is" != "$group" ]; }; then
|
||||
|
@ -56,9 +54,8 @@ case $state_should in
|
|||
echo chmod -R "$mode" "$destination"
|
||||
fi
|
||||
;;
|
||||
|
||||
# Handled in manifest
|
||||
absent)
|
||||
# Handled in manifest
|
||||
;;
|
||||
|
||||
*)
|
||||
|
|
|
@ -35,12 +35,6 @@ mode
|
|||
owner
|
||||
User to chown to.
|
||||
|
||||
recursive
|
||||
Passes the --recurse-submodules flag to git when cloning the repository.
|
||||
|
||||
shallow
|
||||
Sets --depth=1 and --shallow-submodules for cloning repositories with big history.
|
||||
|
||||
|
||||
EXAMPLES
|
||||
--------
|
||||
|
|
|
@ -1,2 +0,0 @@
|
|||
recursive
|
||||
shallow
|
|
@ -8,16 +8,10 @@ case $os in
|
|||
debian|devuan)
|
||||
case $os_version in
|
||||
8*|jessie)
|
||||
# Differntation not needed anymore
|
||||
apt_source_distribution=stable
|
||||
apt_source_distribution=jessie
|
||||
;;
|
||||
9*|ascii/ceres|ascii)
|
||||
# Differntation not needed anymore
|
||||
apt_source_distribution=stable
|
||||
;;
|
||||
10*)
|
||||
# Differntation not needed anymore
|
||||
apt_source_distribution=stable
|
||||
apt_source_distribution=stretch
|
||||
;;
|
||||
*)
|
||||
echo "Don't know how to install Grafana on $os $os_version. Send us a pull request!" >&2
|
||||
|
@ -27,15 +21,16 @@ case $os in
|
|||
|
||||
__apt_key_uri grafana \
|
||||
--name 'Grafana Release Signing Key' \
|
||||
--uri https://packages.grafana.com/gpg.key
|
||||
--uri https://packagecloud.io/gpg.key
|
||||
|
||||
require="$require __apt_key_uri/grafana" __apt_source grafana \
|
||||
--uri https://packages.grafana.com/oss/deb \
|
||||
--uri https://packagecloud.io/grafana/stable/debian/ \
|
||||
--distribution $apt_source_distribution \
|
||||
--component main
|
||||
|
||||
__package apt-transport-https
|
||||
require="$require __apt_source/grafana" __apt_update_index
|
||||
require="$require __package/apt-transport-https __apt_update_index" __package grafana
|
||||
|
||||
require="$require __apt_source/grafana __package/apt-transport-https" __package grafana
|
||||
require="$require __package/grafana" __start_on_boot grafana-server
|
||||
require="$require __start_on_boot/grafana-server" __process grafana-server --start "service grafana-server start"
|
||||
;;
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# 2011-2015 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||
# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
|
@ -22,21 +21,7 @@
|
|||
# Get an existing groups group entry.
|
||||
#
|
||||
|
||||
not_supported() {
|
||||
echo "Your operating system ($("$__explorer/os")) is currently not supported." >&2
|
||||
echo "Cannot extract group information." >&2
|
||||
echo "Please contribute an implementation for it if you can." >&2
|
||||
exit 1
|
||||
}
|
||||
|
||||
name=$__object_id
|
||||
|
||||
if command -v getent >/dev/null
|
||||
then
|
||||
getent group "$name" || true
|
||||
elif [ -f /etc/group ]
|
||||
then
|
||||
grep "^${name}:" /etc/group || true
|
||||
else
|
||||
not_supported
|
||||
fi
|
||||
getent group "$name" || true
|
||||
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# 2011-2015 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||
# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
|
@ -23,28 +22,13 @@
|
|||
#
|
||||
|
||||
name=$__object_id
|
||||
os=$("$__explorer/os")
|
||||
os="$("$__explorer/os")"
|
||||
|
||||
not_supported() {
|
||||
echo "Your operating system ($os) is currently not supported." >&2
|
||||
echo "Cannot extract group information." >&2
|
||||
echo "Please contribute an implementation for it if you can." >&2
|
||||
exit 1
|
||||
}
|
||||
|
||||
case $os in
|
||||
"freebsd"|"netbsd")
|
||||
echo "$os does not have getent gshadow" >&2
|
||||
exit 0
|
||||
;;
|
||||
case "$os" in
|
||||
"freebsd"|"netbsd")
|
||||
echo "$os does not have getent gshadow"
|
||||
exit 0
|
||||
;;
|
||||
esac
|
||||
|
||||
if command -v getent >/dev/null
|
||||
then
|
||||
getent gshadow "$name" || true
|
||||
elif [ -f /etc/gshadow ]
|
||||
then
|
||||
grep "^${name}:" /etc/gshadow || true
|
||||
else
|
||||
not_supported
|
||||
fi
|
||||
getent gshadow "$name" || true
|
||||
|
|
|
@ -21,4 +21,4 @@
|
|||
# Check whether system has hostnamectl
|
||||
#
|
||||
|
||||
command -v hostnamectl 2>/dev/null || true
|
||||
command -v hostnamectl || true
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
#!/bin/sh -e
|
||||
#!/bin/sh
|
||||
#
|
||||
# 2018-2019 Thomas Eckert (tom at it-eckert.de)
|
||||
# 2014 Nico Schottelius (nico-cdist at schottelius.org)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
|
@ -16,7 +16,15 @@
|
|||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
#
|
||||
# Retrieve the contents of /etc/hostname
|
||||
#
|
||||
|
||||
if [ -d /etc/apache2/mods-enabled ]; then
|
||||
ls -1 /etc/apache2/conf-enabled/
|
||||
# Almost any distribution
|
||||
if [ -f /etc/hostname ]; then
|
||||
cat /etc/hostname
|
||||
# SuSE
|
||||
elif [ -f /etc/HOSTNAME ]; then
|
||||
cat /etc/HOSTNAME
|
||||
fi
|
20
cdist/conf/type/__user/manifest → cdist/conf/type/__hostname/explorer/hostname_sysconfig
Normal file → Executable file
20
cdist/conf/type/__user/manifest → cdist/conf/type/__hostname/explorer/hostname_sysconfig
Normal file → Executable file
|
@ -1,6 +1,6 @@
|
|||
#!/bin/sh -e
|
||||
#!/bin/sh
|
||||
#
|
||||
# 2019 Nico Schottelius (nico-cdist at schottelius.org)
|
||||
# 2014 Nico Schottelius (nico-cdist at schottelius.org)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
|
@ -18,15 +18,9 @@
|
|||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
#
|
||||
# Manage users.
|
||||
# Retrieve the contents of /etc/hostname
|
||||
#
|
||||
|
||||
os=$(cat "$__global/explorer/os")
|
||||
|
||||
case "$os" in
|
||||
alpine)
|
||||
__package shadow
|
||||
;;
|
||||
*)
|
||||
:
|
||||
;;
|
||||
esac
|
||||
if [ -f /etc/sysconfig/network ]; then
|
||||
awk -F= '/^HOSTNAME=/ { print $2 }' /etc/sysconfig/network
|
||||
fi
|
|
@ -1,10 +0,0 @@
|
|||
#!/bin/sh -e
|
||||
|
||||
command -v getconf >/dev/null || exit 0
|
||||
|
||||
val=$(getconf HOST_NAME_MAX 2>/dev/null) || exit 0
|
||||
|
||||
if test -n "${val}" -a "${val}" != 'undefined'
|
||||
then
|
||||
echo "${val}"
|
||||
fi
|
|
@ -2,7 +2,6 @@
|
|||
#
|
||||
# 2014-2017 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||
# 2014 Nico Schottelius (nico-cdist at schottelius.org)
|
||||
# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
|
@ -20,81 +19,60 @@
|
|||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
os=$(cat "$__global/explorer/os")
|
||||
name_running=$(cat "$__global/explorer/hostname")
|
||||
has_hostnamectl=$(cat "$__object/explorer/has_hostnamectl")
|
||||
|
||||
|
||||
if test -s "$__object/parameter/name"
|
||||
then
|
||||
name_should=$(cat "$__object/parameter/name")
|
||||
if [ -f "$__object/parameter/name" ]; then
|
||||
name_should="$(cat "$__object/parameter/name")"
|
||||
else
|
||||
case $os
|
||||
in
|
||||
# RedHat-derivatives and BSDs
|
||||
centos|fedora|redhat|scientific|freebsd|macosx|netbsd|openbsd)
|
||||
# Hostname is FQDN
|
||||
name_should="${__target_host}"
|
||||
;;
|
||||
*)
|
||||
# Hostname is only first component of FQDN
|
||||
name_should="${__target_host%%.*}"
|
||||
;;
|
||||
esac
|
||||
name_should="${__target_host%%.*}"
|
||||
fi
|
||||
|
||||
os=$(cat "$__global/explorer/os")
|
||||
name_running=$(cat "$__global/explorer/hostname")
|
||||
name_config=$(cat "$__object/explorer/hostname_file")
|
||||
name_sysconfig=$(cat "$__object/explorer/hostname_sysconfig")
|
||||
has_hostnamectl=$(cat "$__object/explorer/has_hostnamectl")
|
||||
|
||||
################################################################################
|
||||
# Check if the (running) hostname is already correct
|
||||
# If everything is ok -> exit
|
||||
#
|
||||
test "$name_running" != "$name_should" || exit 0
|
||||
|
||||
case "$os" in
|
||||
archlinux|debian|suse|ubuntu|devuan|coreos|alpine)
|
||||
if [ "$name_config" = "$name_should" ] && [ "$name_running" = "$name_should" ]; then
|
||||
exit 0
|
||||
fi
|
||||
;;
|
||||
scientific|centos|freebsd|openbsd)
|
||||
if [ "$name_sysconfig" = "$name_should" ] && [ "$name_running" = "$name_should" ]; then
|
||||
exit 0
|
||||
fi
|
||||
;;
|
||||
*)
|
||||
echo "Unsupported os: $os" >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
|
||||
################################################################################
|
||||
# Setup hostname
|
||||
#
|
||||
echo 'changed' >>"$__messages_out"
|
||||
echo changed >> "$__messages_out"
|
||||
|
||||
# Use the good old way to set the hostname.
|
||||
case $os
|
||||
in
|
||||
alpine|debian|devuan|ubuntu)
|
||||
echo 'hostname -F /etc/hostname'
|
||||
# Use the good old way to set the hostname even on machines running systemd.
|
||||
case "$os" in
|
||||
archlinux|debian|ubuntu|devuan|centos|coreos|alpine)
|
||||
printf "printf '%%s\\\\n' '$name_should' > /etc/hostname\\n"
|
||||
echo "hostname -F /etc/hostname"
|
||||
;;
|
||||
archlinux)
|
||||
echo 'command -v hostnamectl >/dev/null 2>&1' \
|
||||
"&& hostnamectl set-hostname '$name_should'" \
|
||||
"|| hostname '$name_should'"
|
||||
;;
|
||||
centos|fedora|redhat|scientific|freebsd|netbsd|openbsd|gentoo|void)
|
||||
freebsd|openbsd)
|
||||
echo "hostname '$name_should'"
|
||||
;;
|
||||
macosx)
|
||||
echo "scutil --set HostName '$name_should'"
|
||||
;;
|
||||
solaris)
|
||||
echo "uname -S '$name_should'"
|
||||
;;
|
||||
slackware|suse|opensuse-leap)
|
||||
# We do not read from /etc/HOSTNAME, because the running
|
||||
# hostname is the first component only while the file contains
|
||||
# the FQDN.
|
||||
suse)
|
||||
echo "hostname '$name_should'"
|
||||
;;
|
||||
*)
|
||||
# Fall back to set the hostname using hostnamectl, if available.
|
||||
if test -n "$has_hostnamectl"
|
||||
then
|
||||
# Don't use hostnamectl as the primary means to set the hostname for
|
||||
# systemd systems, because it cannot be trusted to work reliably and
|
||||
# exit with non-zero when it fails (e.g. hostname too long,
|
||||
# D-Bus failure, etc.).
|
||||
|
||||
echo "hostnamectl set-hostname \"\$(cat /etc/hostname)\""
|
||||
echo "test \"\$(hostname)\" = \"\$(cat /etc/hostname)\"" \
|
||||
" || hostname -F /etc/hostname"
|
||||
else
|
||||
printf "echo 'Unsupported OS: %s' >&2\nexit 1\n" "$os"
|
||||
fi
|
||||
printf "printf '%%s\\\\n' '$name_should' > /etc/HOSTNAME\\n"
|
||||
;;
|
||||
esac
|
||||
|
||||
if [ "$has_hostnamectl" ]; then
|
||||
# Allow hostnamectl set-hostname to fail silently.
|
||||
# Who the fuck invented a tool that needs dbus to set the hostname anyway ...
|
||||
echo "hostnamectl set-hostname '$name_should' || true"
|
||||
fi
|
||||
|
|
|
@ -8,10 +8,7 @@ cdist-type__hostname - Set the hostname
|
|||
|
||||
DESCRIPTION
|
||||
-----------
|
||||
Sets the hostname on various operating systems.
|
||||
|
||||
**Tip:** For advice on choosing a hostname, see
|
||||
`RFC 1178 <https://tools.ietf.org/html/rfc1178>`_.
|
||||
Set's the hostname on various operating systems.
|
||||
|
||||
|
||||
REQUIRED PARAMETERS
|
||||
|
@ -21,7 +18,7 @@ None.
|
|||
OPTIONAL PARAMETERS
|
||||
-------------------
|
||||
name
|
||||
The hostname to set. Defaults to the first segment of __target_host
|
||||
The hostname to set. Defaults to the first segment of __target_host
|
||||
(${__target_host%%.*})
|
||||
|
||||
|
||||
|
|
|
@ -2,7 +2,6 @@
|
|||
#
|
||||
# 2012 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||
# 2014 Nico Schottelius (nico-cdist at schottelius.org)
|
||||
# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
|
@ -20,170 +19,50 @@
|
|||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
not_supported() {
|
||||
echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2
|
||||
echo "Please contribute an implementation for it if you can." >&2
|
||||
exit 1
|
||||
}
|
||||
|
||||
set_hostname_systemd() {
|
||||
echo "$1" | __file /etc/hostname --source -
|
||||
}
|
||||
|
||||
os=$(cat "$__global/explorer/os")
|
||||
os_version=$(cat "$__global/explorer/os_version")
|
||||
os_major=$(echo "$os_version" | grep -o '^[0-9][0-9]*')
|
||||
|
||||
max_len=$(cat "$__object/explorer/max_len")
|
||||
has_hostnamectl=$(cat "$__object/explorer/has_hostnamectl")
|
||||
|
||||
if test -s "$__object/parameter/name"
|
||||
then
|
||||
name_should=$(cat "$__object/parameter/name")
|
||||
if [ -f "$__object/parameter/name" ]; then
|
||||
name_should="$(cat "$__object/parameter/name")"
|
||||
else
|
||||
case $os
|
||||
in
|
||||
# RedHat-derivatives and BSDs
|
||||
centos|fedora|redhat|scientific|freebsd|netbsd|openbsd|slackware)
|
||||
# Hostname is FQDN
|
||||
name_should="${__target_host}"
|
||||
;;
|
||||
suse|opensuse-leap)
|
||||
# Classic SuSE stores the FQDN in /etc/HOSTNAME, while
|
||||
# systemd does not. The running hostname is the first
|
||||
# component in both cases.
|
||||
# In versions before 15.x, the FQDN is stored in /etc/hostname.
|
||||
if test -n "$has_hostnamectl" && test "$os_major" -ge 15 \
|
||||
&& test "$os_major" -ne 42
|
||||
then
|
||||
name_should="${__target_host%%.*}"
|
||||
else
|
||||
name_should="${__target_host}"
|
||||
fi
|
||||
;;
|
||||
*)
|
||||
# Hostname is only first component of FQDN on all other systems.
|
||||
name_should="${__target_host%%.*}"
|
||||
;;
|
||||
case "$os" in
|
||||
openbsd)
|
||||
name_should="${__target_host}"
|
||||
;;
|
||||
*)
|
||||
name_should="${__target_host%%.*}"
|
||||
;;
|
||||
esac
|
||||
fi
|
||||
|
||||
if test -n "$max_len" && test "$(printf '%s' "$name_should" | wc -c)" -gt "$max_len"
|
||||
then
|
||||
printf "Host name too long. Up to %u characters allowed.\n" "${max_len}" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
case $os
|
||||
in
|
||||
alpine|debian|devuan|ubuntu|void)
|
||||
echo "$name_should" | __file /etc/hostname --source -
|
||||
;;
|
||||
archlinux)
|
||||
if test -n "$has_hostnamectl"
|
||||
then
|
||||
set_hostname_systemd "$name_should"
|
||||
else
|
||||
echo 'Ancient ArchLinux variants without hostnamectl are not supported.' >&2
|
||||
exit 1
|
||||
# Only for ancient ArchLinux, write to /etc/rc.conf on pre-systemd
|
||||
# versions. There are some versions which use /etc/hostname but not
|
||||
# systemd. It is unclear which ones these are.
|
||||
not_supported() {
|
||||
echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2
|
||||
echo "Please contribute an implementation for it if you can." >&2
|
||||
exit 1
|
||||
}
|
||||
|
||||
# __key_value '/etc/rc.conf:HOSTNAME' \
|
||||
# --file /etc/rc.conf \
|
||||
# --delimiter '=' --exact_delimiter \
|
||||
# --key 'HOSTNAME' \
|
||||
# --value "\"$name_should\""
|
||||
fi
|
||||
;;
|
||||
centos|fedora|redhat|scientific)
|
||||
if test -z "$has_hostnamectl"
|
||||
then
|
||||
# Only write to /etc/sysconfig/network on non-systemd versions.
|
||||
# On systemd-based versions this entry is ignored.
|
||||
__key_value '/etc/sysconfig/network:HOSTNAME' \
|
||||
--file /etc/sysconfig/network \
|
||||
--delimiter '=' --exact_delimiter \
|
||||
--key HOSTNAME \
|
||||
--value "\"$name_should\""
|
||||
else
|
||||
set_hostname_systemd "$name_should"
|
||||
fi
|
||||
;;
|
||||
gentoo)
|
||||
# Only write to /etc/conf.d/hostname on OpenRC-based installations.
|
||||
# On systemd use hostnamectl(1) in gencode-remote.
|
||||
if test -z "$has_hostnamectl"
|
||||
then
|
||||
__key_value '/etc/conf.d/hostname:hostname' \
|
||||
--file /etc/conf.d/hostname \
|
||||
--delimiter '=' --exact_delimiter \
|
||||
--key 'hostname' \
|
||||
--value "\"$name_should\""
|
||||
else
|
||||
set_hostname_systemd "$name_should"
|
||||
fi
|
||||
;;
|
||||
freebsd)
|
||||
__key_value '/etc/rc.conf:hostname' \
|
||||
--file /etc/rc.conf \
|
||||
--delimiter '=' --exact_delimiter \
|
||||
--key 'hostname' \
|
||||
--value "\"$name_should\""
|
||||
;;
|
||||
macosx)
|
||||
case "$os" in
|
||||
archlinux|debian|suse|ubuntu|devuan|coreos|alpine)
|
||||
# handled in gencode-remote
|
||||
:
|
||||
;;
|
||||
netbsd)
|
||||
__key_value '/etc/rc.conf:hostname' \
|
||||
scientific|centos)
|
||||
__key_value sysconfig-hostname \
|
||||
--file /etc/sysconfig/network \
|
||||
--delimiter '=' \
|
||||
--key HOSTNAME \
|
||||
--value "$name_should" --exact_delimiter
|
||||
;;
|
||||
freebsd)
|
||||
__key_value rcconf-hostname \
|
||||
--file /etc/rc.conf \
|
||||
--delimiter '=' --exact_delimiter \
|
||||
--delimiter '=' \
|
||||
--key 'hostname' \
|
||||
--value "\"$name_should\""
|
||||
|
||||
# To avoid confusion, ensure that the hostname is only stored once.
|
||||
__file /etc/myname --state absent
|
||||
--value "$name_should"
|
||||
;;
|
||||
openbsd)
|
||||
echo "$name_should" | __file /etc/myname --source -
|
||||
;;
|
||||
slackware)
|
||||
# We write the FQDN into /etc/HOSTNAME. But /etc/rc.d/rc.M will only
|
||||
# read the first component from this file and set it as the running
|
||||
# hostname on boot.
|
||||
echo "$name_should" | __file /etc/HOSTNAME --source -
|
||||
;;
|
||||
solaris)
|
||||
echo "$name_should" | __file /etc/nodename --source -
|
||||
;;
|
||||
suse|opensuse-leap)
|
||||
# Modern SuSE provides /etc/HOSTNAME as a symlink for
|
||||
# backwards-compatibility. Unfortunately it cannot be used
|
||||
# here as __file does not follow the symlink.
|
||||
# Therefore, we use the presence of the hostnamectl binary as
|
||||
# an indication of which file to use. This unfortunately does
|
||||
# not work correctly on openSUSE 12.x which provides
|
||||
# hostnamectl but not /etc/hostname.
|
||||
|
||||
if test -n "$has_hostnamectl" -a "$os_major" -gt 12
|
||||
then
|
||||
hostname_file='/etc/hostname'
|
||||
else
|
||||
hostname_file='/etc/HOSTNAME'
|
||||
fi
|
||||
|
||||
echo "$name_should" | __file "$hostname_file" --source -
|
||||
;;
|
||||
*)
|
||||
# On other operating systems we fall back to systemd's
|
||||
# hostnamectl if available…
|
||||
if test -n "$has_hostnamectl"
|
||||
then
|
||||
set_hostname_systemd "$name_should"
|
||||
else
|
||||
not_supported
|
||||
fi
|
||||
not_supported
|
||||
;;
|
||||
esac
|
||||
|
|
|
@ -7,12 +7,6 @@ if [ -z "${certbot_fullpath}" ]; then
|
|||
os_version="$(cat "${__global}/explorer/os_version")"
|
||||
|
||||
case "$os" in
|
||||
archlinux)
|
||||
__package certbot
|
||||
;;
|
||||
alpine)
|
||||
__package certbot
|
||||
;;
|
||||
debian)
|
||||
case "$os_version" in
|
||||
8*)
|
||||
|
@ -39,10 +33,6 @@ if [ -z "${certbot_fullpath}" ]; then
|
|||
require="__apt_source/stretch-backports" __package_apt certbot \
|
||||
--target-release stretch-backports
|
||||
;;
|
||||
10*)
|
||||
__package_apt certbot
|
||||
;;
|
||||
|
||||
*)
|
||||
echo "Unsupported OS version: $os_version" >&2
|
||||
exit 1
|
||||
|
@ -72,12 +62,11 @@ if [ -z "${certbot_fullpath}" ]; then
|
|||
--distribution ascii-backports \
|
||||
--component main
|
||||
|
||||
require="__apt_source/ascii-backports" __package_apt python-certbot \
|
||||
--target-release ascii-backports
|
||||
require="__apt_source/ascii-backports" __package_apt certbot \
|
||||
--target-release ascii-backports
|
||||
;;
|
||||
beowulf*)
|
||||
__package_apt certbot
|
||||
;;
|
||||
*)
|
||||
echo "Unsupported OS version: $os_version" >&2
|
||||
exit 1
|
||||
|
|
|
@ -27,10 +27,6 @@ else
|
|||
name="$__object_id"
|
||||
fi
|
||||
|
||||
# Remove the @.. repo tag for finding out whether it is installed
|
||||
# f.i. pass@testing => pass
|
||||
name="$(echo "$name" | sed 's/@.*//')"
|
||||
|
||||
if [ "$(apk list -I "$name")" ]; then
|
||||
echo present
|
||||
else
|
||||
|
|
|
@ -34,9 +34,6 @@ case "$type" in
|
|||
echo 0
|
||||
fi
|
||||
;;
|
||||
alpine)
|
||||
echo 0
|
||||
;;
|
||||
*) echo "Your specified type ($type) is currently not supported." >&2
|
||||
echo "Please contribute an implementation for it if you can." >&2
|
||||
;;
|
||||
|
|
|
@ -26,7 +26,6 @@ else
|
|||
amazon|scientific|centos|fedora|redhat) echo "yum" ;;
|
||||
debian|ubuntu|devuan) echo "apt" ;;
|
||||
archlinux) echo "pacman" ;;
|
||||
alpine) echo "apk" ;;
|
||||
*)
|
||||
echo "Don't know how to manage packages on: $os" >&2
|
||||
exit 1
|
||||
|
|
|
@ -47,10 +47,6 @@ case "$type" in
|
|||
echo "pacman --noprogressbar --sync --refresh"
|
||||
echo "pacman package database synced (age was: $currage)" >> "$__messages_out"
|
||||
;;
|
||||
alpine)
|
||||
echo "apk update"
|
||||
echo "apk package database updated."
|
||||
;;
|
||||
*)
|
||||
echo "Don't know how to manage packages for type: $type" >&2
|
||||
exit 1
|
||||
|
|
|
@ -1,61 +0,0 @@
|
|||
cdist-type__podman_compose(7)
|
||||
=============================
|
||||
|
||||
NAME
|
||||
----
|
||||
cdist-type__podman_compose - install podman-compose
|
||||
|
||||
|
||||
DESCRIPTION
|
||||
-----------
|
||||
Installs podman-compose package.
|
||||
State 'absent' will not remove podman binary itself,
|
||||
only podman-compose binary will be removed
|
||||
|
||||
|
||||
REQUIRED PARAMETERS
|
||||
-------------------
|
||||
install
|
||||
defaults to 'pip'
|
||||
|
||||
|
||||
OPTIONAL PARAMETERS
|
||||
-------------------
|
||||
state
|
||||
'present' or 'absent', defaults to 'present'
|
||||
user
|
||||
the user who owns the file, defaults to 'root'
|
||||
|
||||
|
||||
BOOLEAN PARAMETERS
|
||||
------------------
|
||||
None.
|
||||
|
||||
|
||||
EXAMPLES
|
||||
--------
|
||||
|
||||
.. code-block:: sh
|
||||
|
||||
# Install podman-compose
|
||||
__podman_compose
|
||||
|
||||
# Install latest version via pip
|
||||
__podman_compose --state present --install pip
|
||||
|
||||
# Install latest version via pip and change user
|
||||
__podman_compose --state present --install pip --user root
|
||||
|
||||
# Remove podman-compose
|
||||
__podman_compose --state absent
|
||||
|
||||
|
||||
AUTHORS
|
||||
-------
|
||||
Daniel Tschada <mail--@--moep.name>
|
||||
|
||||
|
||||
COPYING
|
||||
-------
|
||||
Copyright \(C) 2019 Daniel Tschada. Free use of this software is
|
||||
granted under the terms of the GNU General Public License version 3 or later (GPLv3+).
|
|
@ -1,50 +0,0 @@
|
|||
#!/bin/sh -e
|
||||
#
|
||||
# 2019 Daniel Tschada
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
# shellcheck disable=SC2154
|
||||
# shellcheck disable=SC2034
|
||||
install="$(cat "$__object/parameter/install")"
|
||||
state="$(cat "$__object/parameter/state")"
|
||||
user="$(cat "$__object/parameter/user")"
|
||||
version="$(cat "$__object/parameter/version")"
|
||||
|
||||
# install it with pip
|
||||
if [ "${install}" = "pip" ]; then
|
||||
|
||||
if [ "${state}" = "present" ]; then
|
||||
__package_pip podman-compose --state present --pip /usr/local/bin/podman-compose --runas "${user}"
|
||||
elif [ "${state}" = "absent" ]; then
|
||||
__package_pip podman-compose --state absent
|
||||
else
|
||||
if [ "${state}" != "present" ] -a [ "${state}" != "absent" ]; then
|
||||
echo "Unknown state: ${state}" >&2
|
||||
exit 1
|
||||
else
|
||||
echo "Unknown user: ${user}" >&2
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
|
||||
else
|
||||
|
||||
echo "Unknown user: ${install}" >&2
|
||||
exit 1
|
||||
|
||||
fi
|
|
@ -1 +0,0 @@
|
|||
pip
|
|
@ -1 +0,0 @@
|
|||
root
|
|
@ -1,4 +0,0 @@
|
|||
install
|
||||
state
|
||||
user
|
||||
version
|
|
@ -1 +0,0 @@
|
|||
install
|
|
@ -1,7 +1,6 @@
|
|||
#!/bin/sh -e
|
||||
#
|
||||
# 2012-2014 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||
# 2019 Nico Schottelius (nico-cdist at schottelius.org)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
|
@ -23,7 +22,7 @@
|
|||
os=$(cat "$__global/explorer/os")
|
||||
|
||||
case "$os" in
|
||||
alpine|ubuntu|debian|archlinux|suse|scientific|centos|devuan)
|
||||
ubuntu|debian|archlinux|suse|scientific|centos|devuan)
|
||||
__package postfix --state present
|
||||
;;
|
||||
*)
|
||||
|
|
|
@ -22,7 +22,7 @@
|
|||
os=$("$__explorer/os")
|
||||
|
||||
case "$os" in
|
||||
alpine|ubuntu|debian|archlinux|suse|scientific|centos|devuan)
|
||||
ubuntu|debian|archlinux|suse|scientific|centos|devuan)
|
||||
:
|
||||
;;
|
||||
*)
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
#!/bin/sh -e
|
||||
#
|
||||
# 2012-2014 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||
# 2019 Nico Schottelius (nico-cdist at schottelius.org)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
|
@ -22,7 +21,7 @@
|
|||
os=$(cat "$__global/explorer/os")
|
||||
|
||||
case "$os" in
|
||||
alpine|archlinux|centos|debian|devuan|suse|scientific|ubuntu)
|
||||
ubuntu|debian|archlinux|suse|scientific|centos|devuan)
|
||||
:
|
||||
;;
|
||||
*)
|
||||
|
|
|
@ -30,7 +30,6 @@ if [ -f "$__object/parameter/install-from-backports" ]; then
|
|||
*)
|
||||
echo "--install-from-backports is only supported on Devuan -- ignoring." >&2
|
||||
echo "Send a pull request if you require it." >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
else
|
||||
|
@ -61,5 +60,5 @@ require="$require __directory/$storage_path $require_pkg" \
|
|||
__config_file $CONF \
|
||||
--source "$config" \
|
||||
--group prometheus --mode 640 \
|
||||
--onchange "service prometheus-alertmanager restart" # TODO when a config-check tool is available, check config here
|
||||
--onchange "service prometheus-alertmanager reload" # TODO when a config-check tool is available, check config here
|
||||
|
||||
|
|
|
@ -5,11 +5,9 @@ export GOBIN=/opt/gocode/bin # where to find go binaries
|
|||
exporter="$(cat "$__object/parameter/exporter")"
|
||||
[ -z "$exporter" ] && exporter="$__object_id"
|
||||
|
||||
__user prometheus
|
||||
require="__user/prometheus" __group prometheus
|
||||
require="__group/prometheus" __user_groups prometheus --group prometheus
|
||||
__user prometheus --system
|
||||
|
||||
require="__user_groups/prometheus"
|
||||
require=""
|
||||
case $exporter in
|
||||
node)
|
||||
TEXTFILES=/service/node-exporter/textfiles # path for the textfiles collector
|
||||
|
|
|
@ -33,13 +33,11 @@ if [ -f "$__object/parameter/install-from-backports" ]; then
|
|||
*)
|
||||
echo "--install-from-backports is only supported on Devuan -- ignoring." >&2
|
||||
echo "Send a pull request if you require it." >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
else
|
||||
__package prometheus
|
||||
__package prometheus-blackbox-exporter
|
||||
require_pkg="__package/prometheus __package/prometheus-blackbox-exporter"
|
||||
require_pkg="__package/prometheus"
|
||||
fi
|
||||
|
||||
##### PREPARE PATHS AND SUCH ################################################
|
||||
|
@ -60,7 +58,7 @@ require="$require __directory/$storage_path $require_pkg" \
|
|||
__config_file $CONF \
|
||||
--source "$config" \
|
||||
--group prometheus --mode 640 \
|
||||
--onchange "promtool check config $CONF && service prometheus restart"
|
||||
--onchange "promtool check config $CONF && service prometheus reload"
|
||||
|
||||
for file in $rule_files; do
|
||||
dest=$CONF_DIR/$(basename "$file")
|
||||
|
@ -68,6 +66,6 @@ for file in $rule_files; do
|
|||
__config_file "$dest" \
|
||||
--source "$file" \
|
||||
--owner prometheus \
|
||||
--onchange "promtool check rules '$dest' && service prometheus restart"
|
||||
--onchange "promtool check rules '$dest' && service prometheus reload"
|
||||
done
|
||||
|
||||
|
|
|
@ -1,131 +0,0 @@
|
|||
#!/bin/sh -e
|
||||
#
|
||||
# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
#
|
||||
# Check if the given editor is present on the target system and determine its
|
||||
# absolute path.
|
||||
#
|
||||
|
||||
die() {
|
||||
echo "$@" >&2
|
||||
exit 1
|
||||
}
|
||||
|
||||
editor_missing() { die "Editor '$1' is missing on the target system."; }
|
||||
editor_no_alternative() {
|
||||
die "Editor '$1' is not in the alternatives list of the target system." \
|
||||
"$(test -n "${editors}" && printf '\nPlease choose one of:\n\n%s\n' "${editors}")"
|
||||
}
|
||||
|
||||
# No need to check for the path if the file is supposed to be removed.
|
||||
test "$(cat "${__object}/parameter/state")" != 'absent' || exit 0
|
||||
|
||||
|
||||
case $("${__explorer}/os")
|
||||
in
|
||||
debian|devuan|ubuntu)
|
||||
has_alternatives=true
|
||||
|
||||
# NOTE: Old versions do not support `--list`, in this case ignore the errors.
|
||||
# This will require an absolute path to be provided, though.
|
||||
editors=$(update-alternatives --list editor 2>/dev/null)
|
||||
;;
|
||||
*)
|
||||
# NOTE: RedHat has an alternatives system but it doesn't usually track
|
||||
# editors and it is a pain to extract the list.
|
||||
has_alternatives=false
|
||||
;;
|
||||
esac
|
||||
|
||||
# Read --editor parameter and check its value since it is "optional"
|
||||
editor=$(cat "${__object}/parameter/editor" 2>/dev/null) || true
|
||||
test -n "${editor}" || die 'Please provide an --editor to configure.'
|
||||
|
||||
case $editor
|
||||
in
|
||||
/*)
|
||||
is_abspath=true
|
||||
;;
|
||||
*/*)
|
||||
die 'Relative editor paths are not supported'
|
||||
;;
|
||||
*)
|
||||
is_abspath=false
|
||||
;;
|
||||
esac
|
||||
|
||||
|
||||
if $has_alternatives && test -n "${editors}"
|
||||
then
|
||||
IFS='
|
||||
'
|
||||
if ! $is_abspath
|
||||
then
|
||||
# First, try to resolve the absolute path using $editors.
|
||||
while true
|
||||
do
|
||||
for e in $editors
|
||||
do
|
||||
if test "$(basename "${e}")" = "${editor}"
|
||||
then
|
||||
editor="${e}"
|
||||
break 2 # break out of both loops
|
||||
fi
|
||||
done
|
||||
|
||||
# Iterating through alternatives did not yield a result
|
||||
editor_no_alternative "${editor}"
|
||||
break
|
||||
done
|
||||
fi
|
||||
|
||||
# Check if editor is present
|
||||
test -f "${editor}" || editor_missing "${editor}"
|
||||
|
||||
for e in $editors
|
||||
do
|
||||
if test "${editor}" = "${e}"
|
||||
then
|
||||
# Editor is part of the alternatives list -> use it!
|
||||
echo "${editor}"
|
||||
exit 0
|
||||
fi
|
||||
done
|
||||
|
||||
editor_no_alternative "${editor}"
|
||||
else
|
||||
# NOTE: This branch is mostly for RedHat-based systems which do
|
||||
# not track editor alternatives. To make this type useful
|
||||
# on RedHat at all we allow an absoloute path to be provided
|
||||
# in any case.
|
||||
|
||||
if $is_abspath
|
||||
then
|
||||
test -x "${editor}" || editor_missing "${editor}"
|
||||
|
||||
echo "${editor}"
|
||||
exit 0
|
||||
else
|
||||
die "The target doesn't list any editor alternatives. " \
|
||||
"Please specify an absolute path or populate the alternatives list."
|
||||
fi
|
||||
fi
|
||||
|
||||
# The script should never reach this statement!
|
||||
exit 1
|
|
@ -1,26 +0,0 @@
|
|||
#!/bin/sh -e
|
||||
#
|
||||
# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
#
|
||||
# Determines the primary group of the user.
|
||||
#
|
||||
|
||||
user=$__object_id
|
||||
|
||||
id -gn "${user}" 2>/dev/null
|
|
@ -1,33 +0,0 @@
|
|||
#!/bin/sh -e
|
||||
#
|
||||
# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
#
|
||||
# Determines the home folder of the target user.
|
||||
#
|
||||
|
||||
user=$__object_id
|
||||
home=$(getent passwd "${user}" | cut -d':' -f6)
|
||||
|
||||
if ! test -d "${home}"
|
||||
then
|
||||
echo "Cannot find home directory of user ${user}" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo "${home}"
|
|
@ -1,78 +0,0 @@
|
|||
cdist-type__sensible_editor(7)
|
||||
==============================
|
||||
|
||||
NAME
|
||||
----
|
||||
cdist-type__sensible_editor - Select the sensible-editor
|
||||
|
||||
|
||||
DESCRIPTION
|
||||
-----------
|
||||
This cdist type allows you to select the :strong:`sensible-editor` for
|
||||
a given user.
|
||||
|
||||
|
||||
REQUIRED PARAMETERS
|
||||
-------------------
|
||||
editor
|
||||
Name or path of the editor to be selected.
|
||||
On systems other than Debian derivatives an absolute path is required.
|
||||
|
||||
It is permissible to omit this parameter if --state is absent.
|
||||
|
||||
|
||||
OPTIONAL PARAMETERS
|
||||
-------------------
|
||||
state
|
||||
'present', 'absent', or 'exists'. Defaults to 'present', where:
|
||||
|
||||
present
|
||||
the sensible-editor is exactly what is specified in --editor.
|
||||
absent
|
||||
no sensible-editor configuration is present.
|
||||
exists
|
||||
the sensible-editor will be set to what is specified in --editor,
|
||||
unless there already is a configuration on the target system.
|
||||
|
||||
|
||||
EXAMPLES
|
||||
--------
|
||||
|
||||
.. code-block:: sh
|
||||
|
||||
__sensible_editor root --editor /bin/ed # ed(1) is the standard
|
||||
__sensible_editor noob --editor nano
|
||||
|
||||
|
||||
LIMITATIONS
|
||||
-----------
|
||||
|
||||
This type depends upon the :strong:`sensible-editor`\ (1) script which
|
||||
is part of the sensible-utils package.
|
||||
|
||||
Therefore, the following operating systems are supported:
|
||||
* Debian 8 (jessie) or later
|
||||
* Devuan
|
||||
* Ubuntu 8.10 (intrepid) or later
|
||||
* RHEL/CentOS 7 or later (EPEL repo required)
|
||||
* Fedora 21 or later
|
||||
|
||||
Note: on old versions of Ubuntu the sensible-* utils are part of the
|
||||
debianutils package.
|
||||
|
||||
SEE ALSO
|
||||
--------
|
||||
:strong:`select-editor`\ (1), :strong:`sensible-editor`\ (1).
|
||||
|
||||
|
||||
AUTHOR
|
||||
-------
|
||||
Dennis Camera <dennis.camera--@--ssrq-sds-fds.ch>
|
||||
|
||||
|
||||
COPYING
|
||||
-------
|
||||
Copyright \(C) 2019 Dennis Camera.
|
||||
You can redistribute it and/or modify it under the terms of the GNU General
|
||||
Public License as published by the Free Software Foundation, either version 3 of
|
||||
the License, or (at your option) any later version.
|
|
@ -1,94 +0,0 @@
|
|||
#!/bin/sh -e
|
||||
# -*- mode: sh; indent-tabs-mode: t -*-
|
||||
#
|
||||
# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
version_ge() {
|
||||
awk -F '[^0-9.]' -v target="${1:?}" '
|
||||
function max(x, y) { return x > y ? x : y; }
|
||||
BEGIN {
|
||||
getline;
|
||||
nx = split($1, x, ".");
|
||||
ny = split(target, y, ".");
|
||||
for (i = 1; i <= max(nx, ny); ++i) {
|
||||
diff = int(x[i]) - int(y[i]);
|
||||
if (diff < 0) exit 1;
|
||||
else if (diff > 0) exit 0;
|
||||
else continue;
|
||||
}
|
||||
}'
|
||||
}
|
||||
|
||||
not_supported() {
|
||||
echo "OS ${os} does not support __sensible_editor." >&2
|
||||
echo 'If it does, please provide a patch.' >&2
|
||||
exit 1
|
||||
}
|
||||
|
||||
os=$(cat "${__global}/explorer/os")
|
||||
os_version=$(cat "${__global}/explorer/os_version")
|
||||
|
||||
state=$(cat "${__object}/parameter/state")
|
||||
user=$__object_id
|
||||
|
||||
if test "${state}" != 'present' && test "${state}" != 'exists' && test "${state}" != 'absent'
|
||||
then
|
||||
echo 'Only "present", "exists", and "absent" are allowed for --state' >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
package_name='sensible-utils'
|
||||
|
||||
case $os
|
||||
in
|
||||
debian)
|
||||
pkg_type='apt'
|
||||
;;
|
||||
devuan)
|
||||
pkg_type='apt'
|
||||
;;
|
||||
ubuntu)
|
||||
(echo "${os_version}" | version_ge 10.04) || package_name='debianutils'
|
||||
pkg_type='apt'
|
||||
;;
|
||||
centos|fedora|redhat|scientific)
|
||||
pkg_type='yum'
|
||||
;;
|
||||
*)
|
||||
not_supported
|
||||
;;
|
||||
esac
|
||||
|
||||
if test "${state}" != 'absent'
|
||||
then
|
||||
__package "${package_name}" --state present \
|
||||
--type "${pkg_type}"
|
||||
export require="__package/${package_name}"
|
||||
fi
|
||||
|
||||
editor_path=$(cat "${__object}/explorer/editor_path")
|
||||
user_home=$(cat "${__object}/explorer/user_home")
|
||||
group=$(cat "${__object}/explorer/group")
|
||||
|
||||
__file "${user_home}/.selected_editor" --state "${state}" \
|
||||
--owner "${user}" --group "${group}" --mode 0644 \
|
||||
--source - <<EOF
|
||||
# Managed by cdist
|
||||
SELECTED_EDITOR="${editor_path}"
|
||||
EOF
|
|
@ -1 +0,0 @@
|
|||
present
|
|
@ -1,2 +0,0 @@
|
|||
editor
|
||||
state
|
|
@ -1,7 +1,6 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# 2014 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||
# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
|
@ -20,42 +19,9 @@
|
|||
#
|
||||
|
||||
if [ -f "$__object/parameter/file" ]; then
|
||||
cat "$__object/parameter/file"
|
||||
cat "$__object/parameter/file"
|
||||
else
|
||||
if [ -s "$__object/parameter/owner" ]
|
||||
then
|
||||
owner=$(cat "$__object/parameter/owner")
|
||||
else
|
||||
owner="$__object_id"
|
||||
fi
|
||||
|
||||
if command -v getent >/dev/null
|
||||
then
|
||||
owner_line=$(getent passwd "$owner")
|
||||
elif [ -f /etc/passwd ]
|
||||
then
|
||||
case $owner
|
||||
in
|
||||
[0-9][0-9]*)
|
||||
owner_line=$(awk -F: "\$3 == \"${owner}\" { print }" /etc/passwd)
|
||||
;;
|
||||
*)
|
||||
owner_line=$(awk -F: "\$1 == \"${owner}\" { print }" /etc/passwd)
|
||||
;;
|
||||
esac
|
||||
fi
|
||||
|
||||
if [ "$owner_line" ]
|
||||
then
|
||||
home=$(echo "$owner_line" | cut -d':' -f6)
|
||||
fi
|
||||
|
||||
if [ ! -d "$home" ]
|
||||
then
|
||||
# Don't know how to determine user's home directory, fall back to ~
|
||||
home="~$owner"
|
||||
command -v realpath >/dev/null && home=$(realpath "$home")
|
||||
fi
|
||||
|
||||
[ -d "$home" ] && echo "$home/.ssh/authorized_keys"
|
||||
owner="$(cat "$__object/parameter/owner" 2>/dev/null || echo "$__object_id")"
|
||||
home=$(getent passwd "$owner" | cut -d':' -f 6)
|
||||
echo "$home/.ssh/authorized_keys"
|
||||
fi
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# 2014 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||
# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
|
@ -19,28 +18,6 @@
|
|||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
if [ -s "$__object/parameter/owner" ]
|
||||
then
|
||||
owner=$(cat "$__object/parameter/owner")
|
||||
else
|
||||
owner="$__object_id"
|
||||
fi
|
||||
|
||||
if command -v getent >/dev/null
|
||||
then
|
||||
gid=$(getent passwd "$owner" | cut -d':' -f4)
|
||||
getent group "$gid" || true
|
||||
else
|
||||
# Fallback to local file scanning
|
||||
case $owner
|
||||
in
|
||||
[0-9][0-9]*)
|
||||
gid=$(awk -F: "\$3 == \"${owner}\" { print \$4 }" /etc/passwd)
|
||||
;;
|
||||
*)
|
||||
gid=$(awk -F: "\$1 == \"${owner}\" { print \$4 }" /etc/passwd)
|
||||
;;
|
||||
esac
|
||||
|
||||
awk -F: "\$3 == \"$gid\" { print }" /etc/group
|
||||
fi
|
||||
owner="$(cat "$__object/parameter/owner" 2>/dev/null || echo "$__object_id")"
|
||||
gid="$(getent passwd "$owner" | cut -d':' -f 4)"
|
||||
getent group "$gid" || true
|
||||
|
|
|
@ -23,12 +23,6 @@ owner="$(cat "$__object/parameter/owner" 2>/dev/null || echo "$__object_id")"
|
|||
state="$(cat "$__object/parameter/state" 2>/dev/null)"
|
||||
file="$(cat "$__object/explorer/file")"
|
||||
|
||||
if [ ! -f "$__object/parameter/nofile" ] && [ -z "$file" ]
|
||||
then
|
||||
echo "Cannot determine path of authorized_keys file" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [ ! -f "$__object/parameter/noparent" ] || [ ! -f "$__object/parameter/nofile" ]; then
|
||||
group="$(cut -d':' -f 1 "$__object/explorer/group")"
|
||||
if [ -z "$group" ]; then
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# 2014 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||
# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
|
@ -19,11 +18,5 @@
|
|||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
gid=$("$__type_explorer/passwd" | cut -d':' -f4)
|
||||
|
||||
if command -v getent >/dev/null
|
||||
then
|
||||
getent group "$gid" || true
|
||||
else
|
||||
awk -F: "\$3 == \"$gid\" { print }" /etc/group
|
||||
fi
|
||||
gid="$("$__type_explorer/passwd" | cut -d':' -f 4)"
|
||||
getent group "$gid" || true
|
||||
|
|
|
@ -2,7 +2,6 @@
|
|||
#
|
||||
# 2012 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||
# 2014 Nico Schottelius (nico-cdist at schottelius.org)
|
||||
# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
|
@ -22,16 +21,4 @@
|
|||
|
||||
owner="$__object_id"
|
||||
|
||||
if command -v getent >/dev/null
|
||||
then
|
||||
getent passwd "$owner" || true
|
||||
else
|
||||
case $owner in
|
||||
[0-9][0-9]*)
|
||||
awk -F: "\$3 == \"$owner\" { print }" /etc/passwd
|
||||
;;
|
||||
*)
|
||||
grep "^$owner:" /etc/passwd || true
|
||||
;;
|
||||
esac
|
||||
fi
|
||||
getent passwd "$owner" || true
|
||||
|
|
|
@ -2,7 +2,6 @@
|
|||
#
|
||||
# 2014 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||
# 2018 Takashi Yoshi (takashi at yoshi.email)
|
||||
# 2019 Nico Schottelius (nico-cdist at schottelius.org)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
|
@ -25,7 +24,7 @@ os=$(cat "$__global/explorer/os")
|
|||
|
||||
case "$os" in
|
||||
# Linux
|
||||
alpine|redhat|centos|ubuntu|debian|devuan|archlinux|coreos)
|
||||
redhat|centos|ubuntu|debian|devuan|archlinux|coreos)
|
||||
:
|
||||
;;
|
||||
# BSD
|
||||
|
|
|
@ -23,9 +23,11 @@
|
|||
|
||||
if [ -f "$__object/parameter/gid" ]; then
|
||||
gid=$(cat "$__object/parameter/gid")
|
||||
if command -v getent >/dev/null; then
|
||||
getent group "$gid" || true
|
||||
getent=$(command -v getent)
|
||||
if [ X != X"${getent}" ]; then
|
||||
"${getent}" group "$gid" || true
|
||||
elif [ -f /etc/group ]; then
|
||||
grep -E "^(${gid}|([^:]+:){2}${gid}):" /etc/group || true
|
||||
fi
|
||||
fi
|
||||
|
||||
|
|
|
@ -23,8 +23,9 @@
|
|||
|
||||
name=$__object_id
|
||||
|
||||
if command -v getent >/dev/null; then
|
||||
getent passwd "$name" || true
|
||||
getent=$(command -v getent)
|
||||
if [ X != X"${getent}" ]; then
|
||||
"${getent}" passwd "$name" || true
|
||||
elif [ -f /etc/passwd ]; then
|
||||
grep "^${name}:" /etc/passwd || true
|
||||
fi
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
#!/bin/sh -e
|
||||
#!/bin/sh
|
||||
#
|
||||
# 2011 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||
#
|
||||
|
@ -22,19 +22,18 @@
|
|||
#
|
||||
|
||||
name=$__object_id
|
||||
os="$("$__explorer/os")"
|
||||
# Default to using shadow passwords
|
||||
database="shadow"
|
||||
|
||||
case $("$__explorer/os") in
|
||||
'freebsd'|'netbsd'|'openbsd')
|
||||
database='passwd'
|
||||
;;
|
||||
# Default to using shadow passwords
|
||||
*)
|
||||
database='shadow'
|
||||
;;
|
||||
case "$os" in
|
||||
"freebsd"|"netbsd"|"openbsd") database="passwd";;
|
||||
esac
|
||||
|
||||
|
||||
if command -v getent >/dev/null; then
|
||||
getent "$database" "$name" || true
|
||||
getent=$(command -v getent)
|
||||
if [ X != X"${getent}" ]; then
|
||||
"${getent}" "$database" "$name" || true
|
||||
elif [ -f /etc/shadow ]; then
|
||||
grep "^${name}:" /etc/shadow || true
|
||||
fi
|
||||
|
|
|
@ -1,5 +0,0 @@
|
|||
#!/bin/sh -e
|
||||
|
||||
if [ -d /etc/apache2/mods-enabled ]; then
|
||||
/usr/sbin/apachectl -t -D DUMP_MODULES | awk '/.*_module/ { gsub(/_module.*$/, ""); gsub(/^ /, ""); print }'
|
||||
fi
|
|
@ -1,56 +0,0 @@
|
|||
#!/bin/sh -e
|
||||
#
|
||||
# 2018-2019 Thomas Eckert (tom at it-eckert.de)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
state=$(cat "$__object/parameter/state")
|
||||
|
||||
os=$(cat "$__global/explorer/os")
|
||||
case "$os" in
|
||||
debian|ubuntu)
|
||||
:
|
||||
;;
|
||||
*)
|
||||
echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2
|
||||
echo "Please contribute an implementation for it if you can." >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
|
||||
if [ "$state" = "present" ]; then
|
||||
if ! grep -q ^rewrite "$__object/explorer/active-modules"; then
|
||||
echo "a2enmod rewrite >/dev/null"
|
||||
echo "mod:rewrite enabled" >> "$__messages_out"
|
||||
fi
|
||||
if ! grep -q "^cgi$" "$__object/explorer/active-modules"; then
|
||||
echo "a2enmod cgi >/dev/null"
|
||||
echo "mod:cgi enabled" >> "$__messages_out"
|
||||
fi
|
||||
|
||||
if ! grep -q ^xymon.conf "$__object/explorer/active-conf"; then
|
||||
echo "a2enconf xymon >/dev/null"
|
||||
echo "conf:xymon enabled" >> "$__messages_out"
|
||||
fi
|
||||
fi
|
||||
|
||||
if grep -q "^mod:.* enabled" "$__messages_out"; then
|
||||
echo "systemctl restart apache2.service"
|
||||
echo "apache restarted" >> "$__messages_out"
|
||||
elif grep -q "^conf:xymon enabled" "$__messages_out"; then
|
||||
echo "systemctl reload apache2.service"
|
||||
echo "apache reloaded" >> "$__messages_out"
|
||||
fi
|
|
@ -1,79 +0,0 @@
|
|||
cdist-type__xymon_apache(7)
|
||||
===========================
|
||||
|
||||
NAME
|
||||
----
|
||||
cdist-type__xymon_apache - Configure apache2-webserver for Xymon
|
||||
|
||||
|
||||
DESCRIPTION
|
||||
-----------
|
||||
This cdist type installs and configures apache2 to be used "exclusively" (in
|
||||
the sense that no other use is taken care of) with Xymon (the systems and
|
||||
network monitor).
|
||||
|
||||
It depends on `__xymon_server`.
|
||||
|
||||
|
||||
REQUIRED PARAMETERS
|
||||
-------------------
|
||||
None.
|
||||
|
||||
|
||||
OPTIONAL PARAMETERS
|
||||
-------------------
|
||||
state
|
||||
'present', 'absent', defaults to 'present'.
|
||||
|
||||
ipacl
|
||||
IP(-ranges) that have access to the Xymon webpages and CGIs. Apache2-style
|
||||
syntax suitable for `Require ip ...`. Example: `192.168.1.0/24 10.0.0.0/8`
|
||||
|
||||
|
||||
MESSAGES
|
||||
--------
|
||||
mod:rewrite enabled
|
||||
apache module enabled
|
||||
conf:xymon enabled
|
||||
apache config for xymon enabled
|
||||
apache restarted
|
||||
apache2.service was reloaded
|
||||
apache reloaded
|
||||
apache2.service was restarted
|
||||
|
||||
|
||||
EXPLORERS
|
||||
---------
|
||||
active-conf
|
||||
lists apache2 `conf-enabled`
|
||||
active-modules
|
||||
lists active apache2-modules
|
||||
|
||||
|
||||
EXAMPLES
|
||||
--------
|
||||
|
||||
.. code-block:: sh
|
||||
|
||||
# minmal, only localhost-access:
|
||||
__xymon_apache
|
||||
# allow more IPs to access the Xymon-webinterface:
|
||||
__xymon_apache --ipacl "192.168.0.0/16 10.0.0.0/8" --state "present"
|
||||
|
||||
|
||||
SEE ALSO
|
||||
--------
|
||||
:strong:`cdist__xymon_server`\ (7)
|
||||
|
||||
|
||||
AUTHORS
|
||||
-------
|
||||
Thomas Eckert <tom--@--it-eckert.de>
|
||||
|
||||
|
||||
COPYING
|
||||
-------
|
||||
Copyright \(C) 2018-2019 Thomas Eckert. You can redistribute it
|
||||
and/or modify it under the terms of the GNU General Public License as
|
||||
published by the Free Software Foundation, either version 3 of the
|
||||
License, or (at your option) any later version.
|
|
@ -1 +0,0 @@
|
|||
present
|
|
@ -1,2 +0,0 @@
|
|||
state
|
||||
ipacl
|
|
@ -1,28 +0,0 @@
|
|||
#!/bin/sh -e
|
||||
#
|
||||
# 2018-2019 Thomas Eckert (tom at it-eckert.de)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
servers=$(cat "$__object/parameter/servers")
|
||||
|
||||
if grep -q ^__key_value/CLIENTHOSTNAME "$__messages_in" || grep -q ^__key_value/XYMONSERVERS "$__messages_in" ; then
|
||||
echo "systemctl restart xymon-client"
|
||||
echo "restarted" >> "$__messages_out"
|
||||
cat <<-EOT
|
||||
echo "xymon-client xymon-client/XYMONSERVERS string $servers" | debconf-set-selections
|
||||
EOT
|
||||
fi
|
|
@ -1,66 +0,0 @@
|
|||
cdist-type__xymon_client(7)
|
||||
===========================
|
||||
|
||||
NAME
|
||||
----
|
||||
cdist-type__xymon_client - Install the Xymon client
|
||||
|
||||
|
||||
DESCRIPTION
|
||||
-----------
|
||||
This cdist type installs the Xymon client and configures it to report with
|
||||
FQDN.
|
||||
|
||||
|
||||
REQUIRED PARAMETERS
|
||||
-------------------
|
||||
None.
|
||||
|
||||
|
||||
OPTIONAL PARAMETERS
|
||||
-------------------
|
||||
state
|
||||
'present', 'absent', defaults to 'present'.
|
||||
|
||||
servers
|
||||
One or more IP addresses (space separated) of the Xymon server(s) to report
|
||||
to. While DNS-names are ok it is discouraged, defaults to 127.0.0.1.
|
||||
|
||||
|
||||
BOOLEAN PARAMETERS
|
||||
------------------
|
||||
msgcache
|
||||
Enable xymon `msgcache`. Note: XYMONSERVER has to be `127.0.0.1` for using
|
||||
`msgcache` (see `msgcache (8)` of the xymon documentation for details).
|
||||
|
||||
EXAMPLES
|
||||
--------
|
||||
|
||||
.. code-block:: sh
|
||||
|
||||
# minimal, report to 127.0.0.1
|
||||
__xymon_client
|
||||
|
||||
# specify server:
|
||||
__xymon_client --servers "192.168.1.1"
|
||||
|
||||
# activate `msgcache` for passive client:
|
||||
__xymon_client --msgcache
|
||||
|
||||
|
||||
SEE ALSO
|
||||
--------
|
||||
:strong:`cdist__xymon_server`\ (7), :strong:`xymon`\ (7), :strong:`msgcache`\ (8)
|
||||
|
||||
|
||||
AUTHORS
|
||||
-------
|
||||
Thomas Eckert <tom--@--it-eckert.de>
|
||||
|
||||
|
||||
COPYING
|
||||
-------
|
||||
Copyright \(C) 2018-2019 Thomas Eckert. You can redistribute it
|
||||
and/or modify it under the terms of the GNU General Public License as
|
||||
published by the Free Software Foundation, either version 3 of the
|
||||
License, or (at your option) any later version.
|
|
@ -1,54 +0,0 @@
|
|||
#!/bin/sh -e
|
||||
#
|
||||
# 2018-2019 Thomas Eckert (tom at it-eckert.de)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
state=$(cat "$__object/parameter/state")
|
||||
servers=$(cat "$__object/parameter/servers")
|
||||
|
||||
os=$(cat "$__global/explorer/os")
|
||||
case "$os" in
|
||||
debian|ubuntu)
|
||||
:
|
||||
;;
|
||||
*)
|
||||
echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2
|
||||
echo "Please contribute an implementation for it if you can." >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
|
||||
__package xymon-client --state "$state"
|
||||
|
||||
if [ -f "$__object/parameter/msgcache" ]; then
|
||||
require="__package/xymon-client" __line /etc/xymon/clientlaunch.cfg \
|
||||
--regex DISABLED --state absent
|
||||
fi
|
||||
|
||||
require="__package/xymon-client" __key_value CLIENTHOSTNAME \
|
||||
--file /etc/default/xymon-client \
|
||||
--value "'$__target_hostname'" \
|
||||
--delimiter '=' \
|
||||
--state "$state"
|
||||
require="__package/xymon-client" __key_value XYMONSERVERS \
|
||||
--file /etc/default/xymon-client \
|
||||
--value "'$servers'" \
|
||||
--delimiter '=' \
|
||||
--state "$state"
|
||||
|
||||
## CLI-usage often requires a shell:
|
||||
require="__package/xymon-client" __user xymon --shell "/bin/bash" --state "$state"
|
|
@ -1 +0,0 @@
|
|||
msgcache
|
|
@ -1 +0,0 @@
|
|||
127.0.0.1
|
|
@ -1 +0,0 @@
|
|||
present
|
|
@ -1,2 +0,0 @@
|
|||
state
|
||||
servers
|
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue