Merge branch 'master' into 4.0-pre-not-stable

This commit is contained in:
Nico Schottelius 2014-03-31 22:16:30 +02:00
commit 84159d18e0
46 changed files with 672 additions and 74 deletions

View file

@ -175,7 +175,7 @@ eof
release-git-tag) release-git-tag)
target_version=$($0 changelog-version) target_version=$($0 changelog-version)
if git rev-parse --verify refs/tags/$target_version; then if git rev-parse --verify refs/tags/$target_version 2>/dev/null; then
echo "Tag for $target_version exists, aborting" echo "Tag for $target_version exists, aborting"
exit 1 exit 1
fi fi

31
cdist/conf/explorer/cpu_cores Executable file
View file

@ -0,0 +1,31 @@
#!/bin/sh
#
# 2014 Daniel Heule (hda at sfs.biz)
# 2014 Thomas Oettli (otho at sfs.biz)
#
# This file is part of cdist.
#
# cdist is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# cdist is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
#
#
# FIXME: other system types (not linux ...)
if [ -r /proc/cpuinfo ]; then
cores="$(cat /proc/cpuinfo | grep "core id" | sort | uniq | wc -l)"
if [ ${cores} -eq 0 ]; then
cores="1"
fi
echo "${cores}"
fi

31
cdist/conf/explorer/cpu_sockets Executable file
View file

@ -0,0 +1,31 @@
#!/bin/sh
#
# 2014 Daniel Heule (hda at sfs.biz)
# 2014 Thomas Oettli (otho at sfs.biz)
#
# This file is part of cdist.
#
# cdist is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# cdist is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
#
#
# FIXME: other system types (not linux ...)
if [ -r /proc/cpuinfo ]; then
sockets="$(cat /proc/cpuinfo | grep "physical id" | sort | uniq | wc -l)"
if [ ${sockets} -eq 0 ]; then
sockets="$(cat /proc/cpuinfo | grep "processor" | wc -l)"
fi
echo "${sockets}"
fi

View file

@ -0,0 +1,54 @@
#!/bin/sh
#
# 2014 Daniel Heule (hda at sfs.biz)
# 2014 Thomas Oettli (otho at sfs.biz)
#
# This file is part of cdist.
#
# cdist is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# cdist is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
#
#
# FIXME: other system types (not linux ...)
if [ -r /proc/cpuinfo ]; then
# this should only exist on virtual guest machines,
# tested on vmware, xen, kvm
if grep -q "hypervisor" /proc/cpuinfo; then
# this file is aviable in xen guest systems
if [ -r /sys/hypervisor/type ]; then
if grep -q -i "xen" /sys/hypervisor/type; then
echo virtual_by_xen
exit
fi
else
if [ -r /sys/class/dmi/id/product_name ]; then
if grep -q -i 'vmware' /sys/class/dmi/id/product_name; then
echo "virtual_by_vmware"
exit
else
if grep -q -i 'bochs' /sys/class/dmi/id/product_name; then
echo "virtual_by_kvm"
exit
fi
fi
fi
fi
echo "virtual_by_unknown"
else
echo "physical"
fi
else
echo "unknown"
fi

27
cdist/conf/explorer/memory Executable file
View file

@ -0,0 +1,27 @@
#!/bin/sh
#
# 2014 Daniel Heule (hda at sfs.biz)
# 2014 Thomas Oettli (otho at sfs.biz)
#
# This file is part of cdist.
#
# cdist is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# cdist is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
#
#
# FIXME: other system types (not linux ...)
if [ -r /proc/meminfo ]; then
echo "$(cat /proc/meminfo | grep "MemTotal:" | awk '{print $2}')"
fi

View file

@ -0,0 +1,23 @@
#!/bin/sh
#
# 2014 Nico Schottelius (nico-cdist at schottelius.org)
#
# This file is part of cdist.
#
# cdist is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# cdist is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
#
name="$__object_id"
dog vdi list -r "$name"

View file

@ -0,0 +1,42 @@
#!/bin/sh
#
# 2014 Nico Schottelius (nico-cdist at schottelius.org)
#
# This file is part of cdist.
#
# cdist is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# cdist is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
#
state_should="$(cat "$__object/parameter/state")"
num_vdi_lines=$(wc -l < "$__object/explorer/list")
name="$__object_id"
if [ "$num_vdi_lines" = 1 ]; then
state_is=present
else
state_is=absent
fi
[ "$state_is" = "$state_should" ] && exit 0
case "$state_should" in
present)
size="$(cat "$__object/parameter/size")"
echo "dog vdi create '$name' '$size'"
;;
absent)
echo "dog vdi delete '$name'"
;;
esac

View file

@ -0,0 +1,56 @@
cdist-type__dog_vdi(7)
======================
Nico Schottelius <nico-cdist--@--schottelius.org>
NAME
----
cdist-type__dog_vdi - Manage Sheepdog VM images
DESCRIPTION
-----------
The dog program is used to create images for sheepdog
to be used in qemu.
OPTIONAL PARAMETERS
-------------------
state::
Either "present" or "absent", defaults to "present"
size::
Size of the image in "dog vdi" compatible units.
Required if state is "present".
EXAMPLES
--------
--------------------------------------------------------------------------------
# Create a 50G size image
__dog_vdi nico-privat.sky.ungleich.ch --size 50G
# Create a 50G size image (more explicit)
__dog_vdi nico-privat.sky.ungleich.ch --size 50G --state present
# Remove image
__dog_vdi nico-privat.sky.ungleich.ch --state absent
# Remove image - keeping --size is ok
__dog_vdi nico-privat.sky.ungleich.ch --size 50G --state absent
--------------------------------------------------------------------------------
SEE ALSO
--------
- cdist-type(7)
- dog(8)
- qemu(1)
COPYING
-------
Copyright \(C) 2014 Nico Schottelius. Free use of this software is
granted under the terms of the GNU General Public License version 3 (GPLv3).

View file

@ -0,0 +1,36 @@
#!/bin/sh
#
# 2014 Nico Schottelius (nico-cdist at schottelius.org)
#
# This file is part of cdist.
#
# cdist is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# cdist is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
#
state_should="$(cat "$__object/parameter/state")"
case "$state_should" in
present)
if [ ! -f "$__object/parameter/size" ]; then
echo "Size is required when state is present" >&2
exit 1
fi
absent)
:
;;
*)
echo "Unsupported state: $state_should" >&2
exit 1
;;
esac

View file

@ -0,0 +1 @@
present

View file

@ -0,0 +1,2 @@
state
size

View file

@ -25,7 +25,7 @@ destination="/$__object_id"
os=$("$__explorer/os") os=$("$__explorer/os")
case "$os" in case "$os" in
"freebsd") "freebsd"|"openbsd")
# FIXME: should be something like this based on man page, but can not test # FIXME: should be something like this based on man page, but can not test
stat -f "type: %ST stat -f "type: %ST
owner: %Du %Su owner: %Du %Su

View file

@ -41,7 +41,7 @@ __iptables_rule established --rule "-A INPUT -m state --state RELATED,ESTABLISH
# Some service rules # Some service rules
__iptables_rule http --rule "-A INPUT -p tcp --dport 80 -j ACCEPT" __iptables_rule http --rule "-A INPUT -p tcp --dport 80 -j ACCEPT"
__iptables_rule ssh --rule "-A INPUT -p tcp --dport 80 -j ACCEPT" __iptables_rule ssh --rule "-A INPUT -p tcp --dport 22 -j ACCEPT"
__iptables_rule https --rule "-A INPUT -p tcp --dport 443 -j ACCEPT" __iptables_rule https --rule "-A INPUT -p tcp --dport 443 -j ACCEPT"
# Ensure some rules are not present anymore # Ensure some rules are not present anymore

View file

@ -26,7 +26,7 @@
#set -x #set -x
if [ -f "$__object/parameter/jaildir" ]; then if [ -f "$__object/parameter/jaildir" ]; then
jaildir="$(cat "$__object/parameter/name")" jaildir="$(cat "$__object/parameter/jaildir")"
else else
jaildir="/usr/jail" jaildir="/usr/jail"
fi fi

View file

@ -32,7 +32,7 @@ else
fi fi
if [ -f "$__object/parameter/jaildir" ]; then if [ -f "$__object/parameter/jaildir" ]; then
jaildir="$(cat "$__object/parameter/name")" jaildir="$(cat "$__object/parameter/jaildir")"
else else
jaildir="/usr/jail" jaildir="/usr/jail"
fi fi

View file

@ -32,7 +32,7 @@ else
fi fi
if [ -f "$__object/parameter/jaildir" ]; then if [ -f "$__object/parameter/jaildir" ]; then
jaildir="$(cat "$__object/parameter/name")" jaildir="$(cat "$__object/parameter/jaildir")"
else else
jaildir="/usr/jail" jaildir="/usr/jail"
fi fi

View file

@ -1,7 +1,7 @@
#!/bin/sh #!/bin/sh
# #
# 2011 Steven Armstrong (steven-cdist at armstrong.cc) # 2011 Steven Armstrong (steven-cdist at armstrong.cc)
# 2012 Nico Schottelius (nico-cdist at schottelius.org) # 2012-2014 Nico Schottelius (nico-cdist at schottelius.org)
# #
# This file is part of cdist. # This file is part of cdist.
# #
@ -42,12 +42,14 @@ cp -p "$file" "\$tmpfile"
sed '/^$key\($delimiter\+\)/d' "$file" > "\$tmpfile" sed '/^$key\($delimiter\+\)/d' "$file" > "\$tmpfile"
mv -f "\$tmpfile" "$file" mv -f "\$tmpfile" "$file"
DONE DONE
echo "remove" >> "$__messages_out"
;; ;;
present) present)
case "$state_is" in case "$state_is" in
absent) absent)
# add new key and value # add new key and value
printf 'echo "%s%s%s" >> "%s"' "$key" "$delimiter" "$value_escaped" "$file" printf 'echo "%s%s%s" >> "%s"' "$key" "$delimiter" "$value_escaped" "$file"
echo "add" >> "$__messages_out"
;; ;;
wrongvalue) wrongvalue)
# change exisiting value # change exisiting value
@ -58,6 +60,7 @@ cp -p "$file" "\$tmpfile"
sed "s|^$key\($delimiter\+\).*|$key\\1$value_escaped|" "$file" > "\$tmpfile" sed "s|^$key\($delimiter\+\).*|$key\\1$value_escaped|" "$file" > "\$tmpfile"
mv -f "\$tmpfile" "$file" mv -f "\$tmpfile" "$file"
DONE DONE
echo "changevalue" >> "$__messages_out"
;; ;;
*) *)
echo "Unknown explorer state: $state_is" >&2 echo "Unknown explorer state: $state_is" >&2

View file

@ -32,6 +32,15 @@ key::
value:: value::
The value for the key. Optional if state=absent, required otherwise. The value for the key. Optional if state=absent, required otherwise.
MESSAGES
--------
create::
Added key and value
change::
Changed value of existing key
remove::
Removed existing key and value
EXAMPLES EXAMPLES
-------- --------

View file

@ -1,6 +1,7 @@
#!/bin/sh #!/bin/sh
# #
# 2012 Nico Schottelius (nico-cdist at schottelius.org) # 2012 Nico Schottelius (nico-cdist at schottelius.org)
# 2014 Steven Armstrong (steven-cdist at armstrong.cc)
# #
# This file is part of cdist. # This file is part of cdist.
# #
@ -74,8 +75,13 @@ case "$state_should" in
fi fi
cat << eof cat << eof
tmp=\$(mktemp) tmpfile=\$(mktemp ${file}.cdist.XXXXXXXXXX)
grep -v $greparg '$regex' '$file' > \$tmp && cat "\$tmp" > '$file' && rm -f "\$tmp" # preserve ownership and permissions of existing file
if [ -f "$file" ]; then
cp -p "$file" "\$tmpfile"
fi
grep -v $greparg '$regex' '$file' > \$tmpfile || true
mv -f "\$tmpfile" "$file"
eof eof
;; ;;
*) *)

View file

@ -1,6 +1,6 @@
#!/bin/sh #!/bin/sh
# #
# 2012 Steven Armstrong (steven-cdist at armstrong.cc) # 2012-2014 Steven Armstrong (steven-cdist at armstrong.cc)
# #
# This file is part of cdist. # This file is part of cdist.
# #
@ -34,8 +34,13 @@ case "$type" in
symbolic) symbolic)
cd "$destination_dir" cd "$destination_dir"
source_is=$(ls -l "$destination" | sed 's/.*-> //g') source_is=$(ls -l "$destination" | sed 's/.*-> //g')
if [ -h "$destination" -a "$source_is" = "$source" ]; then if [ -h "$destination" ]; then
echo present # ignore trailing slashes for comparison
if [ "${source_is%/}" = "${source%/}" ]; then
echo present
else
echo wrongsource
fi
else else
echo absent echo absent
fi fi

View file

@ -1,7 +1,7 @@
#!/bin/sh #!/bin/sh
# #
# 2011-2012 Nico Schottelius (nico-cdist at schottelius.org) # 2011-2012 Nico Schottelius (nico-cdist at schottelius.org)
# 2013 Steven Armstrong (steven-cdist at armstrong.cc) # 2013-2014 Steven Armstrong (steven-cdist at armstrong.cc)
# #
# This file is part of cdist. # This file is part of cdist.
# #
@ -18,9 +18,6 @@
# You should have received a copy of the GNU General Public License # You should have received a copy of the GNU General Public License
# along with cdist. If not, see <http://www.gnu.org/licenses/>. # along with cdist. If not, see <http://www.gnu.org/licenses/>.
# #
#
# Mostly a wrapper for ln
#
destination="/$__object_id" destination="/$__object_id"
@ -50,20 +47,22 @@ case "$state_should" in
present) present)
if [ "$file_type" = "directory" ]; then if [ "$file_type" = "directory" ]; then
# our destination is currently a directory, delete it # our destination is currently a directory, delete it
cat << DONE printf 'rm -rf "%s" &&\n' "$destination"
rm -rf "$destination" else
DONE if [ "$state_is" = "wrongsource" ]; then
# our destination is a symlink but points to the wrong source,
# delete it
printf 'rm -f "%s" &&\n' "$destination"
fi
fi fi
# create our link # create our link
cat << DONE printf 'ln %s -f "%s" "%s"\n' "$lnopt" "$source" "$destination"
ln ${lnopt} -f "$source" "$destination"
DONE
;; ;;
absent) absent)
# only delete if it is a sym/hard link # only delete if it is a sym/hard link
if [ "$file_type" = "symlink" -o "$file_type" = "hardlink" ]; then if [ "$file_type" = "symlink" -o "$file_type" = "hardlink" ]; then
echo rm -f \"$destination\" printf 'rm -f "%s"\n' "$destination"
fi fi
;; ;;
*) *)

View file

@ -50,8 +50,11 @@ fi
pkg_version="$(cat "$__object/explorer/pkg_version")" pkg_version="$(cat "$__object/explorer/pkg_version")"
# TODO: Shouldn't be hardcoded if [ -f "$__object/parameter/pkg_path" ]; then
echo export PKG_PATH=ftp://ftp.openbsd.org/pub/OpenBSD/$os_version/packages/$machine/ pkg_path="$(cat "$__object/parameter/pkg_path")"
else
pkg_path="ftp://ftp.openbsd.org/pub/OpenBSD/$os_version/packages/$machine/"
fi
if [ "$pkg_version" ]; then if [ "$pkg_version" ]; then
state_is="present" state_is="present"
@ -65,12 +68,18 @@ case "$state_should" in
present) present)
# use this because pkg_add doesn't properly handle errors # use this because pkg_add doesn't properly handle errors
cat << eof cat << eof
status=\$(pkg_add "$pkgopts" "$name--$flavor") export PKG_PATH="$pkg_path"
status=\$(pkg_add "$pkgopts" "$name--$flavor" 2>&1)
pkg_info | grep "^${name}.*${flavor}" > /dev/null 2>&1
# no error # We didn't find the package in the list of 'installed packages', so it failed
if [ -n "\$status" ]; then # This is necessary because pkg_add doesn't return properly
if [ \$? -ne 0 ]; then
if [ -z "\${status}" ]; then
status="Failed to add package, uncaught exception."
fi
echo "Error: \$status" echo "Error: \$status"
exit 1 exit 1
fi fi
eof eof
;; ;;
@ -79,9 +88,14 @@ eof
# use this because pkg_add doesn't properly handle errors # use this because pkg_add doesn't properly handle errors
cat << eof cat << eof
status=\$(pkg_delete "$pkgopts" "$name--$flavor") status=\$(pkg_delete "$pkgopts" "$name--$flavor")
pkg_info | grep "^${name}.*${flavor}" > /dev/null 2>&1
# no error # We found the package in the list of 'installed packages'
if [ -n "\$status" ]; then # This would indicate that pkg_delete failed, send the output of pkg_delete
if [ \$? -eq 0 ]; then
if [ -z "\${status}" ]; then
status="Failed to remove package, uncaught exception."
fi
echo "Error: \$status" echo "Error: \$status"
exit 1 exit 1
fi fi

View file

@ -29,6 +29,8 @@ flavor::
state:: state::
Either "present" or "absent", defaults to "present" Either "present" or "absent", defaults to "present"
pkg_path::
Manually specify a PKG_PATH to add packages from.
EXAMPLES EXAMPLES
-------- --------
@ -45,6 +47,10 @@ __package_pkg_openbsd python --state present --name python2
# Remove obsolete package # Remove obsolete package
__package_pkg_openbsd puppet --state absent __package_pkg_openbsd puppet --state absent
# Add a package using a particular mirror
__package_pkg_openbsd bash \
--pkg_path http://openbsd.mirrorcatalogs.com/snapshots/packages/amd64
-------------------------------------------------------------------------------- --------------------------------------------------------------------------------

View file

@ -1,3 +1,4 @@
name name
flavor flavor
state state
pkg_path

View file

@ -14,17 +14,15 @@ The qemu-img program is used to create qemu images for
qemu and (qemu-)kvm. qemu and (qemu-)kvm.
REQUIRED PARAMETERS
-------------------
size::
Size of the image in qemu-img compatible units.
See qemu-img(1).
OPTIONAL PARAMETERS OPTIONAL PARAMETERS
------------------- -------------------
state:: state::
Either "present" or "absent", defaults to "present" Either "present" or "absent", defaults to "present"
size::
Size of the image in qemu-img compatible units.
Required if state is "present".
EXAMPLES EXAMPLES
@ -42,9 +40,10 @@ __qemu_img /home/services/kvm/vm/myoldvm/system-disk --state absent
SEE ALSO SEE ALSO
-------- --------
- cdist-type(7) - cdist-type(7)
- qemu-img(1)
COPYING COPYING
------- -------
Copyright \(C) 2012 Nico Schottelius. Free use of this software is Copyright \(C) 2012-2014 Nico Schottelius. Free use of this software is
granted under the terms of the GNU General Public License version 3 (GPLv3). granted under the terms of the GNU General Public License version 3 (GPLv3).

View file

@ -3,11 +3,23 @@
# #
format="$(cat "$__object/parameter/format")" format="$(cat "$__object/parameter/format")"
state="$(cat "$__object/parameter/state")" state_should="$(cat "$__object/parameter/state")"
diskimage="/$__object_id" diskimage="/$__object_id"
# Absent is ensured by __file, present by gencode-remote case "$state_should" in
if [ "$state" = "absent" ]; then present)
__file "$diskimage" --state absent if [ ! -f "$__object/parameter/size" ]; then
fi echo "Size is required when state is present" >&2
exit 1
fi
;;
absent)
# Absent is ensured by __file, present by gencode-remote
__file "$diskimage" --state absent
;;
*)
echo "Unsupported state: $state_should" >&2
exit 1
;;
esac

View file

@ -1,2 +1,3 @@
format format
state state
size

View file

@ -1 +0,0 @@
size

View file

@ -0,0 +1,49 @@
cdist-type__rbenv(7)
====================
Nico Schottelius <nico-cdist--@--schottelius.org>
NAME
----
cdist-type__rbenv - Manage rbenv installation
DESCRIPTION
-----------
This cdist type allows you to manage rbenv installations.
It also installs ruby-build.
OPTIONAL PARAMETERS
-------------------
state::
Either "present" or "absent", defaults to "present"
owner::
Which user should own the rbenv installation, defaults to root
EXAMPLES
--------
--------------------------------------------------------------------------------
# Install rbenv including ruby-build for nico
__rbenv /home/nico
# Install rbenv including ruby-build for nico
__rbenv /home/nico --owner nico
# Bastian does not need rbenv anymore, he began to code C99
__rbenv /home/bastian --state absent
--------------------------------------------------------------------------------
SEE ALSO
--------
- cdist-type(7)
COPYING
-------
Copyright \(C) 2012-2014 Nico Schottelius. Free use of this software is
granted under the terms of the GNU General Public License version 3 (GPLv3).

View file

@ -0,0 +1,38 @@
#!/bin/sh
#
# 2012-2014 Nico Schottelius (nico-cdist at schottelius.org)
#
# This file is part of cdist.
#
# cdist is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# cdist is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
#
#
homedir="$__object_id"
state_should="$(cat "$__object/parameter/state")"
owner="$(cat "$__object/parameter/owner")"
rbenvdir="$homedir/.rbenv"
rubybuilddir="$rbenvdir/plugins/ruby-build"
__git "$rbenvdir" \
--source git://github.com/sstephenson/rbenv.git \
--owner "$owner" \
--state "$state_should"
require="__git/$rbenvdir" __git "$rubybuilddir" \
--source git://github.com/sstephenson/ruby-build.git \
--owner "$owner" \
--state "$state_should"

View file

@ -0,0 +1 @@
present

View file

@ -0,0 +1 @@
state

View file

@ -0,0 +1 @@
owner

View file

@ -0,0 +1,22 @@
#!/bin/sh
#
# 2014 Steven Armstrong (steven-cdist at armstrong.cc)
#
# This file is part of cdist.
#
# cdist is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# cdist is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
#
gid="$("$__type_explorer/passwd" | cut -d':' -f 4)"
getent group "$gid" || true

View file

@ -40,9 +40,6 @@ state::
file:: file::
an alternative destination file, defaults to ~$owner/.ssh/authorized_keys an alternative destination file, defaults to ~$owner/.ssh/authorized_keys
comment::
an optional comment
BOOLEAN PARAMETERS BOOLEAN PARAMETERS
------------------ ------------------
@ -67,12 +64,11 @@ __ssh_authorized_keys root \
__ssh_authorized_keys user-name \ __ssh_authorized_keys user-name \
--key "ssh-rsa AXYZAAB3NzaC1yc2..." --key "ssh-rsa AXYZAAB3NzaC1yc2..."
# same as above, but with explicit owner, two keys and a comment # same as above, but with explicit owner and two keys
__ssh_authorized_keys some-fancy-id \ __ssh_authorized_keys some-fancy-id \
--owner user-name \ --owner user-name \
--key "ssh-rsa AXYZAAB3NzaC1yc2..." \ --key "ssh-rsa AXYZAAB3NzaC1yc2..." \
--key "ssh-rsa AZXYAAB3NzaC1yc2..." \ --key "ssh-rsa AZXYAAB3NzaC1yc2..."
--comment "allow the members of project foo to login"
# same as above, but authorized_keys file in non standard location # same as above, but authorized_keys file in non standard location
__ssh_authorized_keys some-fancy-id \ __ssh_authorized_keys some-fancy-id \
@ -97,5 +93,5 @@ SEE ALSO
COPYING COPYING
------- -------
Copyright \(C) 2012 Steven Armstrong. Free use of this software is Copyright \(C) 2012-2014 Steven Armstrong. Free use of this software is
granted under the terms of the GNU General Public License version 3 (GPLv3). granted under the terms of the GNU General Public License version 3 (GPLv3).

View file

@ -1,6 +1,7 @@
#!/bin/sh #!/bin/sh
# #
# 2012 Steven Armstrong (steven-cdist at armstrong.cc) # 2012-2014 Steven Armstrong (steven-cdist at armstrong.cc)
# 2014 Nico Schottelius (nico-cdist at schottelius.org)
# #
# This file is part of cdist. # This file is part of cdist.
# #
@ -32,7 +33,7 @@ else
fi fi
if [ ! -f "$__object/parameter/noparent" -o ! -f "$__object/parameter/nofile" ]; then if [ ! -f "$__object/parameter/noparent" -o ! -f "$__object/parameter/nofile" ]; then
group="$(cut -d':' -f 4 "$__object/explorer/passwd")" group="$(cut -d':' -f 1 "$__object/explorer/group")"
if [ -z "$group" ]; then if [ -z "$group" ]; then
echo "Failed to get owners group from explorer." >&2 echo "Failed to get owners group from explorer." >&2
exit 1 exit 1
@ -56,16 +57,32 @@ if [ ! -f "$__object/parameter/noparent" -o ! -f "$__object/parameter/nofile" ];
fi fi
fi fi
# Generate entry for inclusion in authorized_keys file # Remove legacy blocks created by old versions of this type
( # FIXME: remove me in 3.2+
if [ -f "$__object/parameter/comment" ]; then
echo "# $(cat "$__object/parameter/comment")"
fi
cat "$__object/parameter/key"
) | \
__block "$__object_name" \ __block "$__object_name" \
--file "$file" \ --file "$file" \
--prefix "#cdist:$__object_name" \ --prefix "#cdist:$__object_name" \
--suffix "#/cdist:$__object_name" \ --suffix "#/cdist:$__object_name" \
--state "$state" \ --state 'absent' \
--text - --text - << DONE
remove legacy block
DONE
_cksum() {
echo "$1" | cksum | cut -d' ' -f 1
}
while read key; do
cksum_key="$(_cksum "$key")"
line_id="${owner}-${cksum_key}"
set -- "$line_id"
set -- "$@" --file "$file"
set -- "$@" --regex ".*$key.*"
if [ "$state" = 'present' ]; then
set -- "$@" --line "$key"
fi
set -- "$@" --state "$state"
# Ensure __line does not read stdin
require="__block/$__object_name" __line "$@" < /dev/null
done < "$__object/parameter/key"

View file

@ -1,4 +1,3 @@
owner owner
state state
file file
comment

View file

@ -26,9 +26,10 @@ os="$($__explorer/os)"
# Default to using shadow passwords # Default to using shadow passwords
database="shadow" database="shadow"
if [ "$os" = "freebsd" ]; then case "$os" in
database="passwd" "freebsd"|"openbsd") database="passwd";;
fi esac
getent "$database" "$name" || true getent "$database" "$name" || true

View file

@ -2,6 +2,7 @@
# #
# 2011 Steven Armstrong (steven-cdist at armstrong.cc) # 2011 Steven Armstrong (steven-cdist at armstrong.cc)
# 2011-2013 Nico Schottelius (nico-cdist at schottelius.org) # 2011-2013 Nico Schottelius (nico-cdist at schottelius.org)
# 2014 Daniel Heule (hda at sfs.biz)
# #
# This file is part of cdist. # This file is part of cdist.
# #
@ -123,15 +124,27 @@ class Code(object):
self.remote.mkdir(destination) self.remote.mkdir(destination)
self.remote.transfer(source, destination) self.remote.transfer(source, destination)
def _run_code(self, cdist_object, which): def _run_code(self, cdist_object, which, env=None):
which_exec = getattr(self, which) which_exec = getattr(self, which)
script = os.path.join(which_exec.object_path, getattr(cdist_object, 'code_%s_path' % which)) script = os.path.join(which_exec.object_path, getattr(cdist_object, 'code_%s_path' % which))
return which_exec.run_script(script) return which_exec.run_script(script, env=env)
def run_code_local(self, cdist_object): def run_code_local(self, cdist_object):
"""Run the code-local script for the given cdist object.""" """Run the code-local script for the given cdist object."""
return self._run_code(cdist_object, 'local') # Put some env vars, to allow read only access to the parameters over $__object
env = os.environ.copy()
env.update(self.env)
env.update({
'__object': cdist_object.absolute_path,
'__object_id': cdist_object.object_id,
})
return self._run_code(cdist_object, 'local', env=env)
def run_code_remote(self, cdist_object): def run_code_remote(self, cdist_object):
"""Run the code-remote script for the given cdist object on the remote side.""" """Run the code-remote script for the given cdist object on the remote side."""
return self._run_code(cdist_object, 'remote') # Put some env vars, to allow read only access to the parameters over $__object which is already on the remote side
env = {
'__object': os.path.join(self.remote.object_path, cdist_object.path),
'__object_id': cdist_object.object_id,
}
return self._run_code(cdist_object, 'remote', env=env)

View file

@ -12,8 +12,30 @@ Changelog
* Core: Integrate initial preos support * Core: Integrate initial preos support
3.0.10: 3.1.2:
* Type __qemu_img: size is optional, if state is not present
* New Type: __dog_vdi
3.1.1: 2014-03-26
* Core: Make __object and __object_id available to code (Daniel Heule)
* New explorer: cpu_cores (Daniel Heule/Thomas Oettli)
* New explorer: cpu_sockets (Daniel Heule/Thomas Oettli)
* New explorer: machine_type (Daniel Heule/Thomas Oettli)
* New explorer: memory (Daniel Heule/Thomas Oettli)
* Type __jail: Fix parameter names in explorer (Jake Guffey)
* Type __line: Ensure permissions are kept (Steven Armstrong)
* Type __link: Do not create link in directory, if link exists (Steven Armstrong)
* Type __package_pkg_openbsd: Improve error handling (og)
3.1.0: 2014-03-19
* New Type: __rbenv
* Type __file: Enhance OpenBSD Support (og)
* Type __git: Pass onwer/group/mode values to __directory * Type __git: Pass onwer/group/mode values to __directory
* Type __iptable_rule: Fix example documentation (Antoine Catton)
* Type __key_value: Add messaging support
* Type __package_pkg_openbsd: Allow to change PKG_PATH (og)
* Type __ssh_authorized_keys: Allow managing existing keys (Steven Armstrong)
* Type __user: Enhance OpenBSD Support (og)
3.0.9: 2014-02-14 3.0.9: 2014-02-14
* Core: Ignore order dependencies if override is set (Daniel Heule) * Core: Ignore order dependencies if override is set (Daniel Heule)
@ -28,7 +50,6 @@ Changelog
* Type __rvm_gemset: Use default parameters for state (Daniel Heule) * Type __rvm_gemset: Use default parameters for state (Daniel Heule)
* Type __rvm_ruby: Use default parameters for state (Daniel Heule) * Type __rvm_ruby: Use default parameters for state (Daniel Heule)
3.0.8: 2014-02-11 3.0.8: 2014-02-11
* Core: Enhance object id verification (Daniel Heule) * Core: Enhance object id verification (Daniel Heule)
* Core: Add unit tests for dependencies based on execution order (Daniel Heule) * Core: Add unit tests for dependencies based on execution order (Daniel Heule)

View file

@ -5,3 +5,13 @@ implemented as a proof of concept at:
https://github.com/asteven/cdist/tree/type-namespaces https://github.com/asteven/cdist/tree/type-namespaces
Execute all global explorers only when needed #286
My intention is to create a brunch of global explorer which are of use in some cases and makes cdist more userfriendly. But now, all global explorers are allways executed, even the return value of the explorers is never used.
I think a possible approach can be to replace the result files with pipes, and on first read of the pipe, the explorer is executed by the core, all following read calls from the pipe are answered from the core with the result of the first real execute of the explorer.
So cdist can have an unlimited number of global explorers and only used explorers are executed on the target host, all other explorers laying around are simply ignored.
Also a possible approach would be to create a new explorer type (dynamic explorers) which are sitting in a different directory to (for example dynexploer) and only this ones are executed with the conditional approach explained above. So the overhead to create pipes and monitor it is only in place on explorers which are not interesting for everyone ...

View file

@ -0,0 +1,27 @@
Problem shown by using __rbenv:
__rbenv/nicotest
__git /home/nico/.rbenv
__package git
__directory /home/nico/.rbenv
require="__git/home/nico/.rbenv"
__git /home/nico/.rbenv/plugins/ruby-build
__package git
__directory /home/nico/.rbenv/plugins/ruby-build
1) if children do NOT automatically depend on their parents requiremnts
__directory /home/nico/.rbenv/plugins/ruby-build fails:
because __directory /home/nico/.rbenv/plugins is created by
__git /home/nico/.rbenv, but __directory /home/nico/.rbenv/plugins/ruby-build
does not depend on __git /home/nico/.rbenv
2) if children DO automatically depend on their parents requiremnts
__package git from __git /home/nico/.rbenv/plugins/ruby-build depends on __git /home/nico/.rbenv.
__git /home/nico/.rbenv depends on __package git (via autorequire)
=> circular dependency, they depend on each other

View file

@ -0,0 +1,18 @@
- we cannot install packages, which are not authenticated:
INFO: voicerepublic-staging.sky.ungleich.ch: Executing code for __package_apt/deb-multimedia-keyring
Reading package lists...
Building dependency tree...
Reading state information...
The following NEW packages will be installed:
deb-multimedia-keyring
0 upgraded, 1 newly installed, 0 to remove and 13 not upgraded.
Need to get 14.4 kB of archives.
After this operation, 46.1 kB of additional disk space will be used.
WARNING: The following packages cannot be authenticated!
deb-multimedia-keyring
E: There are problems and -y was used without --force-yes
ERROR: voicerepublic-staging.sky.ungleich.ch: Command failed: ssh -o User=root -q voicerepublic-staging.sky.ungleich.ch /bin/sh -e /var/lib/cdist/object/__package_apt/deb-multimedia-keyring/.cdist/code-remote
INFO: cdist: Total processing time for 1 host(s): 72.07943892478943
ERROR: cdist: Failed to configure the following hosts: voicerepublic-staging.sky.ungleich.ch

View file

@ -1,6 +1,7 @@
#!/bin/sh #!/bin/sh
# #
# 2010-2013 Nico Schottelius (nico-cdist at schottelius.org) # 2010-2013 Nico Schottelius (nico-cdist at schottelius.org)
# 2014 Daniel Heule (hda at sfs.biz)
# #
# This file is part of cdist. # This file is part of cdist.
# #
@ -209,10 +210,10 @@ __messages_out::
Available for: initial manifest, type manifest, type gencode Available for: initial manifest, type manifest, type gencode
__object:: __object::
Directory that contains the current object. Directory that contains the current object.
Available for: type manifest, type explorer, type gencode Available for: type manifest, type explorer, type gencode and code scripts
__object_id:: __object_id::
The type unique object id. The type unique object id.
Available for: type manifest, type explorer, type gencode Available for: type manifest, type explorer, type gencode and code scripts
Note: The leading and the trailing "/" will always be stripped (caused by Note: The leading and the trailing "/" will always be stripped (caused by
the filesystem database and ensured by the core). the filesystem database and ensured by the core).
Note: Double slashes ("//") will not be fixed and result in an error. Note: Double slashes ("//") will not be fixed and result in an error.

View file

@ -252,6 +252,27 @@ echo "touch /etc/cdist-configured"
-------------------------------------------------------------------------------- --------------------------------------------------------------------------------
VARIABLE ACCESS FROM THE GENERATED SCRIPTS
------------------------------------------
In the generated scripts, you have access to the following cdist variables
- __object
- __object_id
but only for read operations, means there is no back copy of this
files after the script execution.
So when you generate a script with the following content, it will work:
--------------------------------------------------------------------------------
if [ -f "$__object/parameter/name" ]; then
name="$(cat "$__object/parameter/name")"
else
name="$__object_id"
fi
--------------------------------------------------------------------------------
HINTS FOR TYPEWRITERS HINTS FOR TYPEWRITERS
---------------------- ----------------------
It must be assumed that the target is pretty dumb and thus does not have high It must be assumed that the target is pretty dumb and thus does not have high

View file

@ -55,6 +55,11 @@ To upgrade to the lastet version do
## General Update Instructions ## General Update Instructions
### Updating from 3.0 to 3.1
The type **\_\_ssh_authorized_keys** now also manages existing keys,
not only the ones added by cdist.
### Updating from 2.3 to 3.0 ### Updating from 2.3 to 3.0
The **changed** attribute of objects has been removed. The **changed** attribute of objects has been removed.