From f57ce648a382171a145d11d98411f40ce5e1c587 Mon Sep 17 00:00:00 2001 From: Dennis Camera Date: Wed, 2 Oct 2019 15:38:38 +0200 Subject: [PATCH 01/53] [__ssh_authorized_keys] Fix incorrectly escaped variable --- cdist/conf/type/__ssh_authorized_keys/explorer/group | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cdist/conf/type/__ssh_authorized_keys/explorer/group b/cdist/conf/type/__ssh_authorized_keys/explorer/group index 1bd14840..d259050f 100755 --- a/cdist/conf/type/__ssh_authorized_keys/explorer/group +++ b/cdist/conf/type/__ssh_authorized_keys/explorer/group @@ -35,10 +35,10 @@ else case $owner in [0-9][0-9]*) - gid=$(awk -F: "\$3 == \"${owner}\" { print $4 }" /etc/passwd) + gid=$(awk -F: "\$3 == \"${owner}\" { print \$4 }" /etc/passwd) ;; *) - gid=$(awk -F: "\$1 == \"${owner}\" { print $4 }" /etc/passwd) + gid=$(awk -F: "\$1 == \"${owner}\" { print \$4 }" /etc/passwd) ;; esac From 55f8036377e5fa3a0ed504dd072c65ebfdecd40f Mon Sep 17 00:00:00 2001 From: Dennis Camera Date: Wed, 2 Oct 2019 18:09:39 +0200 Subject: [PATCH 02/53] [explorer/interfaces] Always sort output Before, only the output of ifconfig was sorted. --- cdist/conf/explorer/interfaces | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/cdist/conf/explorer/interfaces b/cdist/conf/explorer/interfaces index 55287971..aeb55ed0 100755 --- a/cdist/conf/explorer/interfaces +++ b/cdist/conf/explorer/interfaces @@ -18,13 +18,11 @@ # along with cdist. If not, see . # -if command -v ip > /dev/null +if command -v ip >/dev/null then - ip -o link show | sed -n 's/^[0-9]\+: \(.\+\): <.*/\1/p' - -elif command -v ifconfig > /dev/null + ip -o link show | sed -n 's/^[0-9]\+: \(.\+\): <.*/\1/p' +elif command -v ifconfig >/dev/null then - ifconfig -a \ - | sed -n -E 's/^(.*)(:[[:space:]]*flags=|Link encap).*/\1/p' \ - | sort -u -fi + ifconfig -a | sed -n -E 's/^(.*)(:[[:space:]]*flags=|Link encap).*/\1/p' +fi \ + | sort -u From bf400928e20f44a585d398f09aa759c729a9a24c Mon Sep 17 00:00:00 2001 From: Darko Poljak Date: Thu, 3 Oct 2019 07:56:36 +0200 Subject: [PATCH 03/53] ++changelog --- docs/changelog | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/changelog b/docs/changelog index 61dfe167..e63acd5d 100644 --- a/docs/changelog +++ b/docs/changelog @@ -6,6 +6,7 @@ next: * Type __user: Support OSes without getent (Dennis Camera) * Type __ssh_authorized_keys: Support OSes without getent (Dennis Camera) * Type __ssh_dot_ssh: Support OSes without getent (Dennis Camera) + * Explorer interfaces: Always sort output (Dennis Camera) 6.0.0: 2019-10-01 * Type __letsencrypt_cert: Fix beowulf's spelling (Mondi Ravi) From fba14496e7ea19e32bffb6991a3512da6c1a4288 Mon Sep 17 00:00:00 2001 From: Dennis Camera Date: Thu, 15 Aug 2019 16:12:56 +0200 Subject: [PATCH 04/53] [explorer/os] Unquote values from os-release file --- cdist/conf/explorer/os | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cdist/conf/explorer/os b/cdist/conf/explorer/os index d522300c..563fa4cf 100755 --- a/cdist/conf/explorer/os +++ b/cdist/conf/explorer/os @@ -145,7 +145,7 @@ esac if [ -f /etc/os-release ]; then # already lowercase, according to: # https://www.freedesktop.org/software/systemd/man/os-release.html - awk -F= '/^ID=/ {print $2;}' /etc/os-release + awk -F= '/^ID=/ { if ($2 ~ /^'"'"'(.*)'"'"'$/ || $2 ~ /^"(.*)"$/) { print substr($2, 2, length($2) - 2) } else { print $2 } }' /etc/os-release exit 0 fi From b039e4b1b4a4802059f8ed893c352d9f153734ae Mon Sep 17 00:00:00 2001 From: Darko Poljak Date: Thu, 3 Oct 2019 20:36:25 +0200 Subject: [PATCH 05/53] ++changelog --- docs/changelog | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/changelog b/docs/changelog index e63acd5d..b475af5b 100644 --- a/docs/changelog +++ b/docs/changelog @@ -7,6 +7,7 @@ next: * Type __ssh_authorized_keys: Support OSes without getent (Dennis Camera) * Type __ssh_dot_ssh: Support OSes without getent (Dennis Camera) * Explorer interfaces: Always sort output (Dennis Camera) + * Explorer os: Unquote value from os-release file (Dennis Camera) 6.0.0: 2019-10-01 * Type __letsencrypt_cert: Fix beowulf's spelling (Mondi Ravi) From 644768cc02a4bf0a58a9ae83d3aaa3a318f5f9c8 Mon Sep 17 00:00:00 2001 From: Dennis Camera Date: Wed, 2 Oct 2019 15:37:51 +0200 Subject: [PATCH 06/53] Add __select_editor type --- .../type/__select_editor/explorer/editor_path | 97 +++++++++++++++++++ .../conf/type/__select_editor/explorer/group | 26 +++++ .../type/__select_editor/explorer/user_home | 26 +++++ cdist/conf/type/__select_editor/man.rst | 51 ++++++++++ cdist/conf/type/__select_editor/manifest | 59 +++++++++++ .../__select_editor/parameter/default/state | 1 + .../type/__select_editor/parameter/optional | 1 + .../type/__select_editor/parameter/required | 1 + 8 files changed, 262 insertions(+) create mode 100644 cdist/conf/type/__select_editor/explorer/editor_path create mode 100644 cdist/conf/type/__select_editor/explorer/group create mode 100644 cdist/conf/type/__select_editor/explorer/user_home create mode 100644 cdist/conf/type/__select_editor/man.rst create mode 100644 cdist/conf/type/__select_editor/manifest create mode 100644 cdist/conf/type/__select_editor/parameter/default/state create mode 100644 cdist/conf/type/__select_editor/parameter/optional create mode 100644 cdist/conf/type/__select_editor/parameter/required diff --git a/cdist/conf/type/__select_editor/explorer/editor_path b/cdist/conf/type/__select_editor/explorer/editor_path new file mode 100644 index 00000000..88952e23 --- /dev/null +++ b/cdist/conf/type/__select_editor/explorer/editor_path @@ -0,0 +1,97 @@ +#!/bin/sh +# +# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch) +# +# This file is part of cdist. +# +# cdist is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# cdist is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with cdist. If not, see . +# +# +# Check if the given editor is present on the target system and determine its +# absolute path. +# + +case $("${__explorer}/os") +in + debian|devuan|ubuntu) + : # supported + ;; + *) + exit 0 # will produce an error message in the manifest + ;; +esac + + +editor=$(cat "${__object}/parameter/editor") +editors=$(update-alternatives --list editor) + +if test $(echo "${editors}" | wc -l) -lt 1 +then + echo 'No editors have been found on this system.' >&2 + exit 1 +fi + +case $editor +in + /*) + is_path=true + ;; + */*) + echo 'Relative editor paths are not supported' >&2 + exit 1 + ;; + *) + is_path=false + ;; +esac + + +IFS=' +' +if $is_path +then + if ! test -f "${editor}" + then + echo "Editor ${editor} is missing on the target system." >&2 + exit 1 + fi + + for e in $editors + do + if test "${editor}" = "${e}" + then + # Editor is present and part of the alternatives list -> use it! + echo "${editor}" + exit 0 + fi + done + + echo "Editor ${editor} is not in the alternatives list of the target system." >&2 + exit 1 +else + for e in $editors + do + if test "$(basename "${e}")" = "${editor}" + then + # Editor could be found by basename in the alternatives list -> use it! + echo "${e}" + exit 0 + fi + done + + echo "Editor ${editor} is missing on the target system." >&2 + exit 1 +fi + +exit 1 diff --git a/cdist/conf/type/__select_editor/explorer/group b/cdist/conf/type/__select_editor/explorer/group new file mode 100644 index 00000000..5d288189 --- /dev/null +++ b/cdist/conf/type/__select_editor/explorer/group @@ -0,0 +1,26 @@ +#!/bin/sh -e +# +# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch) +# +# This file is part of cdist. +# +# cdist is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# cdist is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with cdist. If not, see . +# +# +# Determines the primary group of the user. +# + +user=$__object_id + +id -gn "${user}" 2>/dev/null diff --git a/cdist/conf/type/__select_editor/explorer/user_home b/cdist/conf/type/__select_editor/explorer/user_home new file mode 100644 index 00000000..dc1725a0 --- /dev/null +++ b/cdist/conf/type/__select_editor/explorer/user_home @@ -0,0 +1,26 @@ +#!/bin/sh +# +# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch) +# +# This file is part of cdist. +# +# cdist is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# cdist is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with cdist. If not, see . +# +# +# Determines the home folder of the target user. +# + +user=$__object_id + +getent passwd "${user}" | cut -d':' -f6 diff --git a/cdist/conf/type/__select_editor/man.rst b/cdist/conf/type/__select_editor/man.rst new file mode 100644 index 00000000..98e5ef81 --- /dev/null +++ b/cdist/conf/type/__select_editor/man.rst @@ -0,0 +1,51 @@ +cdist-type__select_editor(7) +============================ + +NAME +---- +cdist-type__select_editor - Select the sensible-editor + + +DESCRIPTION +----------- +This cdist type allows you to select the sensible-editor on Debian-based systems +for a given user. + + +REQUIRED PARAMETERS +------------------- +editor + Name or path of the editor to be selected. + + +OPTIONAL PARAMETERS +------------------- +state + either "present" or "absent". Defaults to "present". + + +EXAMPLES +-------- + +.. code-block:: sh + + __select_editor root --editor /bin/ed # ed(1) is the standard + __select_editor noob --editor nano + + +SEE ALSO +-------- +none + + +AUTHOR +------- +Dennis Camera + + +COPYING +------- +Copyright \(C) 2019 Dennis Camera. +You can redistribute it and/or modify it under the terms of the GNU General +Public License as published by the Free Software Foundation, either version 3 of +the License, or (at your option) any later version. diff --git a/cdist/conf/type/__select_editor/manifest b/cdist/conf/type/__select_editor/manifest new file mode 100644 index 00000000..5ed97533 --- /dev/null +++ b/cdist/conf/type/__select_editor/manifest @@ -0,0 +1,59 @@ +#!/bin/sh -e +# -*- mode: sh; indent-tabs-mode: t -*- +# +# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch) +# +# This file is part of cdist. +# +# cdist is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# cdist is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with cdist. If not, see . +# + +os=$(cat "${__global}/explorer/os") + +state=$(cat "${__object}/parameter/state") +user=$__object_id + +editor_path=$(cat "${__object}/explorer/editor_path") +user_home=$(cat "${__object}/explorer/user_home") +group=$(cat "${__object}/explorer/group") + +case $os +in + debian|devuan|ubuntu) + test "${state}" = 'present' && __package_apt sensible-utils --state present + ;; + *) + echo "OS ${os} does not support select-editor." >&2 + exit 1 + ;; +esac + +if test -z "${user_home}" +then + echo "Could not find ${user}'s home directory." >&2 + exit 1 +fi + +if test -z "${editor_path}" +then + echo "Editor \"$(cat "${__object}/parameter/editor")\" is missing on the target system." >&2 + exit 1 +fi + +__file "${user_home}/.selected_editor" --state "${state}" \ + --owner "${user}" --group "${group}" --mode 0644 \ + --source - < Date: Fri, 4 Oct 2019 14:13:10 +0500 Subject: [PATCH 07/53] Support Added for Debian 10* in __letsencrypt_cert --- cdist/conf/type/__letsencrypt_cert/manifest | 3 +++ 1 file changed, 3 insertions(+) diff --git a/cdist/conf/type/__letsencrypt_cert/manifest b/cdist/conf/type/__letsencrypt_cert/manifest index f736f3f2..1d96ee1a 100755 --- a/cdist/conf/type/__letsencrypt_cert/manifest +++ b/cdist/conf/type/__letsencrypt_cert/manifest @@ -33,6 +33,9 @@ if [ -z "${certbot_fullpath}" ]; then require="__apt_source/stretch-backports" __package_apt certbot \ --target-release stretch-backports ;; + 10*) + __package_apt certbot + ;; *) echo "Unsupported OS version: $os_version" >&2 exit 1 From 9e9c3982a851195dc223c1c6d5d37f0d37fd697b Mon Sep 17 00:00:00 2001 From: Dennis Camera Date: Fri, 4 Oct 2019 14:04:17 +0200 Subject: [PATCH 08/53] Rename __select_editor to __sensible_editor --- .../explorer/editor_path | 0 .../explorer/group | 0 .../explorer/user_home | 0 .../{__select_editor => __sensible_editor}/man.rst | 10 +++++----- .../{__select_editor => __sensible_editor}/manifest | 0 .../parameter/default/state | 0 .../parameter/optional | 0 .../parameter/required | 0 8 files changed, 5 insertions(+), 5 deletions(-) rename cdist/conf/type/{__select_editor => __sensible_editor}/explorer/editor_path (100%) rename cdist/conf/type/{__select_editor => __sensible_editor}/explorer/group (100%) rename cdist/conf/type/{__select_editor => __sensible_editor}/explorer/user_home (100%) rename cdist/conf/type/{__select_editor => __sensible_editor}/man.rst (73%) rename cdist/conf/type/{__select_editor => __sensible_editor}/manifest (100%) rename cdist/conf/type/{__select_editor => __sensible_editor}/parameter/default/state (100%) rename cdist/conf/type/{__select_editor => __sensible_editor}/parameter/optional (100%) rename cdist/conf/type/{__select_editor => __sensible_editor}/parameter/required (100%) diff --git a/cdist/conf/type/__select_editor/explorer/editor_path b/cdist/conf/type/__sensible_editor/explorer/editor_path similarity index 100% rename from cdist/conf/type/__select_editor/explorer/editor_path rename to cdist/conf/type/__sensible_editor/explorer/editor_path diff --git a/cdist/conf/type/__select_editor/explorer/group b/cdist/conf/type/__sensible_editor/explorer/group similarity index 100% rename from cdist/conf/type/__select_editor/explorer/group rename to cdist/conf/type/__sensible_editor/explorer/group diff --git a/cdist/conf/type/__select_editor/explorer/user_home b/cdist/conf/type/__sensible_editor/explorer/user_home similarity index 100% rename from cdist/conf/type/__select_editor/explorer/user_home rename to cdist/conf/type/__sensible_editor/explorer/user_home diff --git a/cdist/conf/type/__select_editor/man.rst b/cdist/conf/type/__sensible_editor/man.rst similarity index 73% rename from cdist/conf/type/__select_editor/man.rst rename to cdist/conf/type/__sensible_editor/man.rst index 98e5ef81..4dd20a3e 100644 --- a/cdist/conf/type/__select_editor/man.rst +++ b/cdist/conf/type/__sensible_editor/man.rst @@ -1,9 +1,9 @@ -cdist-type__select_editor(7) +cdist-type__sensible_editor(7) ============================ NAME ---- -cdist-type__select_editor - Select the sensible-editor +cdist-type__sensible_editor - Select the sensible-editor DESCRIPTION @@ -21,7 +21,7 @@ editor OPTIONAL PARAMETERS ------------------- state - either "present" or "absent". Defaults to "present". + Either "present" or "absent". Defaults to "present". EXAMPLES @@ -29,8 +29,8 @@ EXAMPLES .. code-block:: sh - __select_editor root --editor /bin/ed # ed(1) is the standard - __select_editor noob --editor nano + __sensible_editor root --editor /bin/ed # ed(1) is the standard + __sensible_editor noob --editor nano SEE ALSO diff --git a/cdist/conf/type/__select_editor/manifest b/cdist/conf/type/__sensible_editor/manifest similarity index 100% rename from cdist/conf/type/__select_editor/manifest rename to cdist/conf/type/__sensible_editor/manifest diff --git a/cdist/conf/type/__select_editor/parameter/default/state b/cdist/conf/type/__sensible_editor/parameter/default/state similarity index 100% rename from cdist/conf/type/__select_editor/parameter/default/state rename to cdist/conf/type/__sensible_editor/parameter/default/state diff --git a/cdist/conf/type/__select_editor/parameter/optional b/cdist/conf/type/__sensible_editor/parameter/optional similarity index 100% rename from cdist/conf/type/__select_editor/parameter/optional rename to cdist/conf/type/__sensible_editor/parameter/optional diff --git a/cdist/conf/type/__select_editor/parameter/required b/cdist/conf/type/__sensible_editor/parameter/required similarity index 100% rename from cdist/conf/type/__select_editor/parameter/required rename to cdist/conf/type/__sensible_editor/parameter/required From 2eebc300cfe599f4d78ed8dfd2509594fe6836b1 Mon Sep 17 00:00:00 2001 From: Dennis Camera Date: Fri, 4 Oct 2019 14:50:20 +0200 Subject: [PATCH 09/53] Only ignore MANIFEST file in root directory On systems with case-insensitive file systems (like Mac OS X) the previous line also ignores all types' manifest files. This commit changes the .gitignore to only ignore the MANIFEST file in the root directory generated for the PyPI release. --- .gitignore | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index 4b80b425..ed8b453a 100644 --- a/.gitignore +++ b/.gitignore @@ -34,7 +34,7 @@ cdist/inventory/ # Python: cache, distutils, distribution in general __pycache__/ *.pyc -MANIFEST +/MANIFEST dist/ cdist/version.py cdist.egg-info/ From 69170b20f667b8fa3b2fd4424d60060dc1c5a149 Mon Sep 17 00:00:00 2001 From: Darko Poljak Date: Fri, 4 Oct 2019 20:07:28 +0200 Subject: [PATCH 10/53] ++changelog --- docs/changelog | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/changelog b/docs/changelog index b475af5b..e56bf3b5 100644 --- a/docs/changelog +++ b/docs/changelog @@ -8,6 +8,7 @@ next: * Type __ssh_dot_ssh: Support OSes without getent (Dennis Camera) * Explorer interfaces: Always sort output (Dennis Camera) * Explorer os: Unquote value from os-release file (Dennis Camera) + * Type __letsencrypt_cert: Support Debian 10* (Ahmed Bilal Khalid) 6.0.0: 2019-10-01 * Type __letsencrypt_cert: Fix beowulf's spelling (Mondi Ravi) From d106632b2fdd07f804af4c395fedc65b328e1dc7 Mon Sep 17 00:00:00 2001 From: Dominique Roux Date: Sat, 5 Oct 2019 07:48:58 +0200 Subject: [PATCH 11/53] Added missing exit 1 in __prometheus_server cdist type --- cdist/conf/type/__prometheus_server/manifest | 1 + 1 file changed, 1 insertion(+) diff --git a/cdist/conf/type/__prometheus_server/manifest b/cdist/conf/type/__prometheus_server/manifest index 8685130f..73a0799c 100755 --- a/cdist/conf/type/__prometheus_server/manifest +++ b/cdist/conf/type/__prometheus_server/manifest @@ -33,6 +33,7 @@ if [ -f "$__object/parameter/install-from-backports" ]; then *) echo "--install-from-backports is only supported on Devuan -- ignoring." >&2 echo "Send a pull request if you require it." >&2 + exit 1 ;; esac else From 4c21781c4beec7fae27a310991d12a1bd61c1309 Mon Sep 17 00:00:00 2001 From: Darko Poljak Date: Sat, 5 Oct 2019 07:52:34 +0200 Subject: [PATCH 12/53] ++changelog --- docs/changelog | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/changelog b/docs/changelog index e56bf3b5..5d9dab73 100644 --- a/docs/changelog +++ b/docs/changelog @@ -9,6 +9,7 @@ next: * Explorer interfaces: Always sort output (Dennis Camera) * Explorer os: Unquote value from os-release file (Dennis Camera) * Type __letsencrypt_cert: Support Debian 10* (Ahmed Bilal Khalid) + * Type __prometheus_server: Add missing exit after unsupported error message (Dominique Roux) 6.0.0: 2019-10-01 * Type __letsencrypt_cert: Fix beowulf's spelling (Mondi Ravi) From 9a6ca1a343d983cc9e838ee23776af31cb21cadd Mon Sep 17 00:00:00 2001 From: Dennis Camera Date: Sun, 6 Oct 2019 12:07:54 +0200 Subject: [PATCH 13/53] [__sensible_editor] Remove mixed error reporting from manifest --- .../__sensible_editor/explorer/editor_path | 2 +- .../type/__sensible_editor/explorer/user_home | 11 +++++++++-- cdist/conf/type/__sensible_editor/man.rst | 2 +- cdist/conf/type/__sensible_editor/manifest | 18 +++--------------- 4 files changed, 14 insertions(+), 19 deletions(-) diff --git a/cdist/conf/type/__sensible_editor/explorer/editor_path b/cdist/conf/type/__sensible_editor/explorer/editor_path index 88952e23..a1673a52 100644 --- a/cdist/conf/type/__sensible_editor/explorer/editor_path +++ b/cdist/conf/type/__sensible_editor/explorer/editor_path @@ -1,4 +1,4 @@ -#!/bin/sh +#!/bin/sh -e # # 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch) # diff --git a/cdist/conf/type/__sensible_editor/explorer/user_home b/cdist/conf/type/__sensible_editor/explorer/user_home index dc1725a0..b88243f7 100644 --- a/cdist/conf/type/__sensible_editor/explorer/user_home +++ b/cdist/conf/type/__sensible_editor/explorer/user_home @@ -1,4 +1,4 @@ -#!/bin/sh +#!/bin/sh -e # # 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch) # @@ -22,5 +22,12 @@ # user=$__object_id +home=$(getent passwd "${user}" | cut -d':' -f6) -getent passwd "${user}" | cut -d':' -f6 +if ! test -d "${home}" +then + echo "Cannot find home directory of user ${user}" >&2 + exit 1 +fi + +echo "${home}" diff --git a/cdist/conf/type/__sensible_editor/man.rst b/cdist/conf/type/__sensible_editor/man.rst index 4dd20a3e..2d7682a6 100644 --- a/cdist/conf/type/__sensible_editor/man.rst +++ b/cdist/conf/type/__sensible_editor/man.rst @@ -1,5 +1,5 @@ cdist-type__sensible_editor(7) -============================ +============================== NAME ---- diff --git a/cdist/conf/type/__sensible_editor/manifest b/cdist/conf/type/__sensible_editor/manifest index 5ed97533..b02625e2 100644 --- a/cdist/conf/type/__sensible_editor/manifest +++ b/cdist/conf/type/__sensible_editor/manifest @@ -24,10 +24,6 @@ os=$(cat "${__global}/explorer/os") state=$(cat "${__object}/parameter/state") user=$__object_id -editor_path=$(cat "${__object}/explorer/editor_path") -user_home=$(cat "${__object}/explorer/user_home") -group=$(cat "${__object}/explorer/group") - case $os in debian|devuan|ubuntu) @@ -39,17 +35,9 @@ in ;; esac -if test -z "${user_home}" -then - echo "Could not find ${user}'s home directory." >&2 - exit 1 -fi - -if test -z "${editor_path}" -then - echo "Editor \"$(cat "${__object}/parameter/editor")\" is missing on the target system." >&2 - exit 1 -fi +editor_path=$(cat "${__object}/explorer/editor_path") +user_home=$(cat "${__object}/explorer/user_home") +group=$(cat "${__object}/explorer/group") __file "${user_home}/.selected_editor" --state "${state}" \ --owner "${user}" --group "${group}" --mode 0644 \ From e1c08c25b5a821fc2b9a9094c5801440559087a5 Mon Sep 17 00:00:00 2001 From: Darko Poljak Date: Mon, 7 Oct 2019 11:29:28 +0200 Subject: [PATCH 14/53] Fix missed parameter file reading --- cdist/conf/type/__group/explorer/group | 2 +- cdist/conf/type/__group/explorer/gshadow | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/cdist/conf/type/__group/explorer/group b/cdist/conf/type/__group/explorer/group index dc673f61..8c8e840d 100755 --- a/cdist/conf/type/__group/explorer/group +++ b/cdist/conf/type/__group/explorer/group @@ -23,7 +23,7 @@ # not_supported() { - echo "Your operating system ($("$__explorer/os")) is currently not supported." >&2 + echo "Your operating system ($(cat "$__explorer/os")) is currently not supported." >&2 echo "Cannot extract group information." >&2 echo "Please contribute an implementation for it if you can." >&2 exit 1 diff --git a/cdist/conf/type/__group/explorer/gshadow b/cdist/conf/type/__group/explorer/gshadow index 05841d69..c0dce1e3 100755 --- a/cdist/conf/type/__group/explorer/gshadow +++ b/cdist/conf/type/__group/explorer/gshadow @@ -23,7 +23,7 @@ # name=$__object_id -os=$("$__explorer/os") +os=$(cat "$__explorer/os") not_supported() { echo "Your operating system ($os) is currently not supported." >&2 From 6d2e81d0dce0bbc41711aa2fa9dacdc5add44d2a Mon Sep 17 00:00:00 2001 From: Darko Poljak Date: Tue, 8 Oct 2019 08:30:27 +0200 Subject: [PATCH 15/53] Revert "Fix missed parameter file reading" This reverts commit e1c08c25b5a821fc2b9a9094c5801440559087a5. This fix was a mistake. No reading is needed, this is explorer execution on the remote. --- cdist/conf/type/__group/explorer/group | 2 +- cdist/conf/type/__group/explorer/gshadow | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/cdist/conf/type/__group/explorer/group b/cdist/conf/type/__group/explorer/group index 8c8e840d..dc673f61 100755 --- a/cdist/conf/type/__group/explorer/group +++ b/cdist/conf/type/__group/explorer/group @@ -23,7 +23,7 @@ # not_supported() { - echo "Your operating system ($(cat "$__explorer/os")) is currently not supported." >&2 + echo "Your operating system ($("$__explorer/os")) is currently not supported." >&2 echo "Cannot extract group information." >&2 echo "Please contribute an implementation for it if you can." >&2 exit 1 diff --git a/cdist/conf/type/__group/explorer/gshadow b/cdist/conf/type/__group/explorer/gshadow index c0dce1e3..05841d69 100755 --- a/cdist/conf/type/__group/explorer/gshadow +++ b/cdist/conf/type/__group/explorer/gshadow @@ -23,7 +23,7 @@ # name=$__object_id -os=$(cat "$__explorer/os") +os=$("$__explorer/os") not_supported() { echo "Your operating system ($os) is currently not supported." >&2 From 0c7d98e89e8c45cb3112bf5f5a8585b55d76b932 Mon Sep 17 00:00:00 2001 From: Jonas Hagen Date: Tue, 8 Oct 2019 11:22:04 +0200 Subject: [PATCH 16/53] Use --recurse-submodules instead of --recursive The option --recursive is not documented for git >2.11 (2016), instead --recurse-submodules should be used. --- cdist/conf/type/__git/gencode-remote | 2 +- cdist/conf/type/__git/man.rst | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/cdist/conf/type/__git/gencode-remote b/cdist/conf/type/__git/gencode-remote index 4de0f1c6..a36ff5cd 100755 --- a/cdist/conf/type/__git/gencode-remote +++ b/cdist/conf/type/__git/gencode-remote @@ -35,7 +35,7 @@ owner=$(cat "$__object/parameter/owner") group=$(cat "$__object/parameter/group") mode=$(cat "$__object/parameter/mode") -[ -f "$__object/parameter/recursive" ] && recursive='--recursive' || recursive='' +[ -f "$__object/parameter/recursive" ] && recursive='--recurse-submodules' || recursive='' [ "$state_should" = "$state_is" ] \ && [ "$owner" = "$owner_is" ] \ diff --git a/cdist/conf/type/__git/man.rst b/cdist/conf/type/__git/man.rst index 144eadda..f18a5a0e 100644 --- a/cdist/conf/type/__git/man.rst +++ b/cdist/conf/type/__git/man.rst @@ -36,7 +36,7 @@ owner User to chown to. recursive - Passes the --recursive flag to git when cloning the repository. + Passes the --recurse-submodules flag to git when cloning the repository. EXAMPLES -------- From 2abc34f92236d272f29cd8029bdec7fea8ae6455 Mon Sep 17 00:00:00 2001 From: Jonas Hagen Date: Tue, 8 Oct 2019 11:22:05 +0200 Subject: [PATCH 17/53] Add --shallow option Provides the capability to make shallow clones (including submodules) to deploy repositories with huge history. Note that this might not work with some servers (github.com) if the commit that is required by a submodule is too far away from any reference. --- cdist/conf/type/__git/gencode-remote | 3 ++- cdist/conf/type/__git/man.rst | 4 ++++ cdist/conf/type/__git/parameter/boolean | 1 + 3 files changed, 7 insertions(+), 1 deletion(-) diff --git a/cdist/conf/type/__git/gencode-remote b/cdist/conf/type/__git/gencode-remote index a36ff5cd..ab22655f 100755 --- a/cdist/conf/type/__git/gencode-remote +++ b/cdist/conf/type/__git/gencode-remote @@ -36,6 +36,7 @@ group=$(cat "$__object/parameter/group") mode=$(cat "$__object/parameter/mode") [ -f "$__object/parameter/recursive" ] && recursive='--recurse-submodules' || recursive='' +[ -f "$__object/parameter/shallow" ] && shallow='--depth 1 --shallow-submodules' || shallow='' [ "$state_should" = "$state_is" ] \ && [ "$owner" = "$owner_is" ] \ @@ -45,7 +46,7 @@ mode=$(cat "$__object/parameter/mode") case $state_should in present) if [ "$state_should" != "$state_is" ]; then - echo git clone --quiet "$recursive" --branch "$branch" "$source" "$destination" + echo git clone --quiet "$recursive" "$shallow" --branch "$branch" "$source" "$destination" fi if { [ -n "$owner" ] && [ "$owner_is" != "$owner" ]; } || \ { [ -n "$group" ] && [ "$group_is" != "$group" ]; }; then diff --git a/cdist/conf/type/__git/man.rst b/cdist/conf/type/__git/man.rst index f18a5a0e..d3e15f25 100644 --- a/cdist/conf/type/__git/man.rst +++ b/cdist/conf/type/__git/man.rst @@ -38,6 +38,10 @@ owner recursive Passes the --recurse-submodules flag to git when cloning the repository. +shallow + Sets --depth=1 and --shallow-submodules for cloning repositories with big history. + + EXAMPLES -------- diff --git a/cdist/conf/type/__git/parameter/boolean b/cdist/conf/type/__git/parameter/boolean index a633e659..d600d4ca 100644 --- a/cdist/conf/type/__git/parameter/boolean +++ b/cdist/conf/type/__git/parameter/boolean @@ -1 +1,2 @@ recursive +shallow From be756f218971918b91a7a2fcc0140cc56c956d3f Mon Sep 17 00:00:00 2001 From: Darko Poljak Date: Tue, 8 Oct 2019 13:48:51 +0200 Subject: [PATCH 18/53] ++changelog --- docs/changelog | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/changelog b/docs/changelog index 5d9dab73..089fd256 100644 --- a/docs/changelog +++ b/docs/changelog @@ -10,6 +10,8 @@ next: * Explorer os: Unquote value from os-release file (Dennis Camera) * Type __letsencrypt_cert: Support Debian 10* (Ahmed Bilal Khalid) * Type __prometheus_server: Add missing exit after unsupported error message (Dominique Roux) + * Type __git: Use --recurse-submodules instead of --recursive (Jonas Hagen) + * Type __git: Add --shallow option (Jonas Hagen) 6.0.0: 2019-10-01 * Type __letsencrypt_cert: Fix beowulf's spelling (Mondi Ravi) From d1f4657ed9e064fc00d457778162ce37d0396850 Mon Sep 17 00:00:00 2001 From: Darko Poljak Date: Tue, 8 Oct 2019 14:08:19 +0200 Subject: [PATCH 19/53] Release 6.0.1 --- docs/changelog | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/changelog b/docs/changelog index 089fd256..959ab8ae 100644 --- a/docs/changelog +++ b/docs/changelog @@ -1,7 +1,7 @@ Changelog --------- -next: +6.0.1: 2019-10-08 * Type __group: Support OSes without getent (Dennis Camera) * Type __user: Support OSes without getent (Dennis Camera) * Type __ssh_authorized_keys: Support OSes without getent (Dennis Camera) From 7d235fb013021d771c75479450e2e2dcda1426a3 Mon Sep 17 00:00:00 2001 From: Thomas Eckert Date: Tue, 8 Oct 2019 18:19:20 +0200 Subject: [PATCH 20/53] add new type `__xymon_server` This type installs a Xymon monitoring-server. See https://xymon.com/ for a demo and further information. --- cdist/conf/type/__xymon_server/gencode-remote | 25 ++++++ cdist/conf/type/__xymon_server/man.rst | 87 +++++++++++++++++++ cdist/conf/type/__xymon_server/manifest | 50 +++++++++++ .../type/__xymon_server/parameter/boolean | 1 + .../__xymon_server/parameter/default/state | 1 + .../type/__xymon_server/parameter/optional | 1 + cdist/conf/type/__xymon_server/singleton | 0 7 files changed, 165 insertions(+) create mode 100755 cdist/conf/type/__xymon_server/gencode-remote create mode 100644 cdist/conf/type/__xymon_server/man.rst create mode 100755 cdist/conf/type/__xymon_server/manifest create mode 100644 cdist/conf/type/__xymon_server/parameter/boolean create mode 100644 cdist/conf/type/__xymon_server/parameter/default/state create mode 100644 cdist/conf/type/__xymon_server/parameter/optional create mode 100644 cdist/conf/type/__xymon_server/singleton diff --git a/cdist/conf/type/__xymon_server/gencode-remote b/cdist/conf/type/__xymon_server/gencode-remote new file mode 100755 index 00000000..55451c42 --- /dev/null +++ b/cdist/conf/type/__xymon_server/gencode-remote @@ -0,0 +1,25 @@ +#!/bin/sh -e +# +# 2018-2019 Thomas Eckert (tom at it-eckert.de) +# +# This file is part of cdist. +# +# cdist is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# cdist is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with cdist. If not, see . + +## "move" user-modified dirs to /etc/xymon to be managed by __xymon_config: +if [ ! -L /usr/lib/xymon/server/ext ]; then + echo "mv /usr/lib/xymon/server/ext /etc/xymon" + echo "ln -s /etc/xymon/ext /usr/lib/xymon/server/" + echo "ext-dir moved and symlinked" >> "$__messages_out" +fi diff --git a/cdist/conf/type/__xymon_server/man.rst b/cdist/conf/type/__xymon_server/man.rst new file mode 100644 index 00000000..a9a180e1 --- /dev/null +++ b/cdist/conf/type/__xymon_server/man.rst @@ -0,0 +1,87 @@ +cdist-type__xymon_server(7) +=========================== + +NAME +---- +cdist-type__xymon_server - Install a Xymon server + + +DESCRIPTION +----------- +This cdist type installs a Xymon (https://www.xymon.com/) server and (optional) +required helper packages. + +This includes the Xymon client as a dependency, so NO NEED to install +`__xymon_client` separately. + +To access the webinterface a webserver is required. The cdist-type +`__xymon_apache` can be used to install and configure the apache webserver for +the use with Xymon. + +Further and day-to-day configuration of Xymon can either be done manually in +`/etc/xymon/` or the directory can be deployed and managed by `__xymon_config`. + + +REQUIRED PARAMETERS +------------------- +None. + + +OPTIONAL PARAMETERS +------------------- +state + 'present', 'absent', defaults to 'present'. If '--install_helpers' is + specified for 'absent' the helper packages will be un-installed. + + +BOOLEAN PARAMETERS +------------------ +install_helpers + Install helper packages used by Xymon (fping, heirloom-mailx, traceroute, + ntpdate). + + +EXAMPLES +-------- + +.. code-block:: sh + + # minmal + __xymon_server + + # the same + __xymon_server --state present + + # also install helper packages: + __xymon_server --install_helpers + + # examples to give a more complete picture: __xymon_server installed on + # `xymon.example.com` w/ IP 192.168.1.1: + # + # install webserver and grant 2 private subnets access to the webinterface: + __xymon_apache --ipacl "192.168.0.0/16 10.0.0.0/8" + # deploy server-configuration with __xymon_config: + __xymon_config --confdir=xymon.example.com + + # install xymon-client on other machines (not needed on the server): + __xymon_client --servers "192.168.1.1" + + + +SEE ALSO +-------- +:strong:`cdist__xymon_apache`\ (7), :strong:`cdist__xymon_config`\ (7), +:strong:`cdist__xymon_client`\ (7), :strong:`xymon`\ (7) + + +AUTHORS +------- +Thomas Eckert + + +COPYING +------- +Copyright \(C) 2018-2019 Thomas Eckert. You can redistribute it +and/or modify it under the terms of the GNU General Public License as +published by the Free Software Foundation, either version 3 of the +License, or (at your option) any later version. diff --git a/cdist/conf/type/__xymon_server/manifest b/cdist/conf/type/__xymon_server/manifest new file mode 100755 index 00000000..7cee0d23 --- /dev/null +++ b/cdist/conf/type/__xymon_server/manifest @@ -0,0 +1,50 @@ +#!/bin/sh -e +# +# 2018-2019 Thomas Eckert (tom at it-eckert.de) +# +# This file is part of cdist. +# +# cdist is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# cdist is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with cdist. If not, see . + +state=$(cat "$__object/parameter/state") +if [ -f "$__object/parameter/install_helpers" ]; then + install_helpers=1 +else + install_helpers=0 +fi + +os=$(cat "$__global/explorer/os") +case "$os" in + debian|ubuntu) + : + ;; + *) + echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2 + echo "Please contribute an implementation for it if you can." >&2 + exit 1 + ;; +esac + +__package xymon --state "$state" + +## install helper-packages/tools used by the xymon server if requested: +if [ "$install_helpers" = "1" ]; then + __package fping --state "$state" + __package heirloom-mailx --state "$state" + __package traceroute --state "$state" + __package ntpdate --state "$state" +fi + +## CLI-usage often requires a shell: +require="__package/xymon" __user xymon --shell "/bin/bash" --state "$state" diff --git a/cdist/conf/type/__xymon_server/parameter/boolean b/cdist/conf/type/__xymon_server/parameter/boolean new file mode 100644 index 00000000..56ebcb2c --- /dev/null +++ b/cdist/conf/type/__xymon_server/parameter/boolean @@ -0,0 +1 @@ +install_helpers diff --git a/cdist/conf/type/__xymon_server/parameter/default/state b/cdist/conf/type/__xymon_server/parameter/default/state new file mode 100644 index 00000000..e7f6134f --- /dev/null +++ b/cdist/conf/type/__xymon_server/parameter/default/state @@ -0,0 +1 @@ +present diff --git a/cdist/conf/type/__xymon_server/parameter/optional b/cdist/conf/type/__xymon_server/parameter/optional new file mode 100644 index 00000000..ff72b5c7 --- /dev/null +++ b/cdist/conf/type/__xymon_server/parameter/optional @@ -0,0 +1 @@ +state diff --git a/cdist/conf/type/__xymon_server/singleton b/cdist/conf/type/__xymon_server/singleton new file mode 100644 index 00000000..e69de29b From f35a1b9cdf6f91e49789f364cd5faeae01132c39 Mon Sep 17 00:00:00 2001 From: Thomas Eckert Date: Tue, 8 Oct 2019 18:32:26 +0200 Subject: [PATCH 21/53] add new type `__xymon_apache` as a helper for `__xymon_server` Details in `man.rst` --- .../type/__xymon_apache/explorer/active-conf | 22 ++++++ .../__xymon_apache/explorer/active-modules | 5 ++ cdist/conf/type/__xymon_apache/gencode-remote | 56 +++++++++++++ cdist/conf/type/__xymon_apache/man.rst | 79 +++++++++++++++++++ cdist/conf/type/__xymon_apache/manifest | 42 ++++++++++ .../__xymon_apache/parameter/default/state | 1 + .../type/__xymon_apache/parameter/optional | 2 + cdist/conf/type/__xymon_apache/singleton | 0 8 files changed, 207 insertions(+) create mode 100755 cdist/conf/type/__xymon_apache/explorer/active-conf create mode 100755 cdist/conf/type/__xymon_apache/explorer/active-modules create mode 100755 cdist/conf/type/__xymon_apache/gencode-remote create mode 100644 cdist/conf/type/__xymon_apache/man.rst create mode 100755 cdist/conf/type/__xymon_apache/manifest create mode 100644 cdist/conf/type/__xymon_apache/parameter/default/state create mode 100644 cdist/conf/type/__xymon_apache/parameter/optional create mode 100644 cdist/conf/type/__xymon_apache/singleton diff --git a/cdist/conf/type/__xymon_apache/explorer/active-conf b/cdist/conf/type/__xymon_apache/explorer/active-conf new file mode 100755 index 00000000..bd281e21 --- /dev/null +++ b/cdist/conf/type/__xymon_apache/explorer/active-conf @@ -0,0 +1,22 @@ +#!/bin/sh -e +# +# 2018-2019 Thomas Eckert (tom at it-eckert.de) +# +# This file is part of cdist. +# +# cdist is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# cdist is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with cdist. If not, see . + +if [ -d /etc/apache2/mods-enabled ]; then + ls -1 /etc/apache2/conf-enabled/ +fi diff --git a/cdist/conf/type/__xymon_apache/explorer/active-modules b/cdist/conf/type/__xymon_apache/explorer/active-modules new file mode 100755 index 00000000..4c745ced --- /dev/null +++ b/cdist/conf/type/__xymon_apache/explorer/active-modules @@ -0,0 +1,5 @@ +#!/bin/sh -e + +if [ -d /etc/apache2/mods-enabled ]; then + /usr/sbin/apachectl -t -D DUMP_MODULES | awk '/.*_module/ { gsub(/_module.*$/, ""); gsub(/^ /, ""); print }' +fi diff --git a/cdist/conf/type/__xymon_apache/gencode-remote b/cdist/conf/type/__xymon_apache/gencode-remote new file mode 100755 index 00000000..e7d8e344 --- /dev/null +++ b/cdist/conf/type/__xymon_apache/gencode-remote @@ -0,0 +1,56 @@ +#!/bin/sh -e +# +# 2018-2019 Thomas Eckert (tom at it-eckert.de) +# +# This file is part of cdist. +# +# cdist is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# cdist is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with cdist. If not, see . + +state=$(cat "$__object/parameter/state") + +os=$(cat "$__global/explorer/os") +case "$os" in + debian|ubuntu) + : + ;; + *) + echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2 + echo "Please contribute an implementation for it if you can." >&2 + exit 1 + ;; +esac + +if [ "$state" = "present" ]; then + if ! grep -q ^rewrite "$__object/explorer/active-modules"; then + echo "a2enmod rewrite >/dev/null" + echo "mod:rewrite enabled" >> "$__messages_out" + fi + if ! grep -q "^cgi$" "$__object/explorer/active-modules"; then + echo "a2enmod cgi >/dev/null" + echo "mod:cgi enabled" >> "$__messages_out" + fi + + if ! grep -q ^xymon.conf "$__object/explorer/active-conf"; then + echo "a2enconf xymon >/dev/null" + echo "conf:xymon enabled" >> "$__messages_out" + fi +fi + +if grep -q "^mod:.* enabled" "$__messages_out"; then + echo "systemctl restart apache2.service" + echo "apache restarted" >> "$__messages_out" +elif grep -q "^conf:xymon enabled" "$__messages_out"; then + echo "systemctl reload apache2.service" + echo "apache reloaded" >> "$__messages_out" +fi diff --git a/cdist/conf/type/__xymon_apache/man.rst b/cdist/conf/type/__xymon_apache/man.rst new file mode 100644 index 00000000..8358c821 --- /dev/null +++ b/cdist/conf/type/__xymon_apache/man.rst @@ -0,0 +1,79 @@ +cdist-type__xymon_apache(7) +=========================== + +NAME +---- +cdist-type__xymon_apache - Configure apache2-webserver for Xymon + + +DESCRIPTION +----------- +This cdist type installs and configures apache2 to be used "exclusively" (in +the sense that no other use is taken care of) with Xymon (the systems and +network monitor). + +It depends on `__xymon_server`. + + +REQUIRED PARAMETERS +------------------- +None. + + +OPTIONAL PARAMETERS +------------------- +state + 'present', 'absent', defaults to 'present'. + +ipacl + IP(-ranges) that have access to the Xymon webpages and CGIs. Apache2-style + syntax suitable for `Require ip ...`. Example: `192.168.1.0/24 10.0.0.0/8` + + +MESSAGES +-------- +mod:rewrite enabled + apache module enabled +conf:xymon enabled + apache config for xymon enabled +apache restarted + apache2.service was reloaded +apache reloaded + apache2.service was restarted + + +EXPLORERS +--------- +active-conf + lists apache2 `conf-enabled` +active-modules + lists active apache2-modules + + +EXAMPLES +-------- + +.. code-block:: sh + + # minmal, only localhost-access: + __xymon_apache + # allow more IPs to access the Xymon-webinterface: + __xymon_apache --ipacl "192.168.0.0/16 10.0.0.0/8" --state "present" + + +SEE ALSO +-------- +:strong:`cdist__xymon_server`\ (7) + + +AUTHORS +------- +Thomas Eckert + + +COPYING +------- +Copyright \(C) 2018-2019 Thomas Eckert. You can redistribute it +and/or modify it under the terms of the GNU General Public License as +published by the Free Software Foundation, either version 3 of the +License, or (at your option) any later version. diff --git a/cdist/conf/type/__xymon_apache/manifest b/cdist/conf/type/__xymon_apache/manifest new file mode 100755 index 00000000..bfd0af79 --- /dev/null +++ b/cdist/conf/type/__xymon_apache/manifest @@ -0,0 +1,42 @@ +#!/bin/sh -e +# +# 2018-2019 Thomas Eckert (tom at it-eckert.de) +# +# This file is part of cdist. +# +# cdist is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# cdist is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with cdist. If not, see . + +state=$(cat "$__object/parameter/state") + +os=$(cat "$__global/explorer/os") +case "$os" in + debian|ubuntu) + : + ;; + *) + echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2 + echo "Please contribute an implementation for it if you can." >&2 + exit 1 + ;; +esac + +__package apache2 --state "$state" + +## edit xymon.conf IP-ranges +if [ -f "$__object/parameter/ipacl" ]; then + require="__package/xymon" __line /etc/apache2/conf-available/xymon.conf \ + --line " Require ip $(cat "$__object/parameter/ipacl")" \ + --after "^[[:space:]]*Require local" \ + --state "present" +fi diff --git a/cdist/conf/type/__xymon_apache/parameter/default/state b/cdist/conf/type/__xymon_apache/parameter/default/state new file mode 100644 index 00000000..e7f6134f --- /dev/null +++ b/cdist/conf/type/__xymon_apache/parameter/default/state @@ -0,0 +1 @@ +present diff --git a/cdist/conf/type/__xymon_apache/parameter/optional b/cdist/conf/type/__xymon_apache/parameter/optional new file mode 100644 index 00000000..d374ec41 --- /dev/null +++ b/cdist/conf/type/__xymon_apache/parameter/optional @@ -0,0 +1,2 @@ +state +ipacl diff --git a/cdist/conf/type/__xymon_apache/singleton b/cdist/conf/type/__xymon_apache/singleton new file mode 100644 index 00000000..e69de29b From 48ed7f17541dfbdd3a1d1c17c2bbe8570f0b468f Mon Sep 17 00:00:00 2001 From: Thomas Eckert Date: Tue, 8 Oct 2019 18:38:33 +0200 Subject: [PATCH 22/53] correct condition -- should check on remote side --- cdist/conf/type/__xymon_server/gencode-remote | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/cdist/conf/type/__xymon_server/gencode-remote b/cdist/conf/type/__xymon_server/gencode-remote index 55451c42..0770e319 100755 --- a/cdist/conf/type/__xymon_server/gencode-remote +++ b/cdist/conf/type/__xymon_server/gencode-remote @@ -18,8 +18,9 @@ # along with cdist. If not, see . ## "move" user-modified dirs to /etc/xymon to be managed by __xymon_config: -if [ ! -L /usr/lib/xymon/server/ext ]; then - echo "mv /usr/lib/xymon/server/ext /etc/xymon" - echo "ln -s /etc/xymon/ext /usr/lib/xymon/server/" - echo "ext-dir moved and symlinked" >> "$__messages_out" -fi +cat <<-EOT + if [ ! -L /usr/lib/xymon/server/ext ]; then + mv /usr/lib/xymon/server/ext /etc/xymon + ln -s /etc/xymon/ext /usr/lib/xymon/server/ + fi +EOT From e9289abfabc2ac2dfd9c3466ab1592eb7033d8e1 Mon Sep 17 00:00:00 2001 From: Thomas Eckert Date: Tue, 8 Oct 2019 18:55:37 +0200 Subject: [PATCH 23/53] add new type `__xymon_config` to configure xymon-servers This allows configuration of a xymon-server. The server can be installed with `__xymon_server` or manually. In the latter case the `ext/`-dir symlink has to be added. --- cdist/conf/type/__xymon_config/files/.keep | 0 cdist/conf/type/__xymon_config/gencode-remote | 23 ++++++++ cdist/conf/type/__xymon_config/man.rst | 57 +++++++++++++++++++ cdist/conf/type/__xymon_config/manifest | 24 ++++++++ .../type/__xymon_config/parameter/required | 1 + cdist/conf/type/__xymon_config/singleton | 0 6 files changed, 105 insertions(+) create mode 100644 cdist/conf/type/__xymon_config/files/.keep create mode 100644 cdist/conf/type/__xymon_config/gencode-remote create mode 100644 cdist/conf/type/__xymon_config/man.rst create mode 100644 cdist/conf/type/__xymon_config/manifest create mode 100644 cdist/conf/type/__xymon_config/parameter/required create mode 100644 cdist/conf/type/__xymon_config/singleton diff --git a/cdist/conf/type/__xymon_config/files/.keep b/cdist/conf/type/__xymon_config/files/.keep new file mode 100644 index 00000000..e69de29b diff --git a/cdist/conf/type/__xymon_config/gencode-remote b/cdist/conf/type/__xymon_config/gencode-remote new file mode 100644 index 00000000..b25a0fda --- /dev/null +++ b/cdist/conf/type/__xymon_config/gencode-remote @@ -0,0 +1,23 @@ +#!/bin/sh -e +# +# 2018-2019 Thomas Eckert (tom at it-eckert.de) +# +# This file is part of cdist. +# +# cdist is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# cdist is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with cdist. If not, see . + +## to speed up config-reload we send a HUP to the server process: +cat <<-EOT + pkill -HUP xymond || { echo "HUPing xymond failed" >&2; exit 1; } +EOT diff --git a/cdist/conf/type/__xymon_config/man.rst b/cdist/conf/type/__xymon_config/man.rst new file mode 100644 index 00000000..8b427ca0 --- /dev/null +++ b/cdist/conf/type/__xymon_config/man.rst @@ -0,0 +1,57 @@ +cdist-type__xymon_config(7) +=========================== + +NAME +---- +cdist-type__xymon_config - Deploy a Xymon configuration-directory + + +DESCRIPTION +----------- +This cdist type deploys a full Xymon configuration directory from the files-dir +to the host. This type requires an installed Xymon server, e.g. deployed by +`__xymon_server`. + +WARNING: This type _replaces_ the `/etc/xymon/`-directory! The previous +contents is replaced/deleted! + + +REQUIRED PARAMETERS +------------------- +confdir + The directory in `./files/` that contains the `/etc/xymon/`-content to be + deployed. + + +REQUIRED FILES +-------------- +The directory specified by `confdir` has to contain a valid xymon-configuration +(`/etc/xymon/`) _plus_ the `ext/`-directory that normally resides in +`/usr/lib/xymon/server/`. + + +EXAMPLES +-------- + +.. code-block:: sh + + __xymon_config --confdir=xymon.example.com + # this will replace /etc/xymon/ on the target host with + # the contents from __xymon_config/files/xymon.example.com/ + + +SEE ALSO +-------- +:strong:`cdist__xymon_server`\ (7), :strong:`xymon`\ (7) + +AUTHORS +------- +Thomas Eckert + + +COPYING +------- +Copyright \(C) 2018-2019 Thomas Eckert. You can redistribute it +and/or modify it under the terms of the GNU General Public License as +published by the Free Software Foundation, either version 3 of the +License, or (at your option) any later version. diff --git a/cdist/conf/type/__xymon_config/manifest b/cdist/conf/type/__xymon_config/manifest new file mode 100644 index 00000000..fb1bce54 --- /dev/null +++ b/cdist/conf/type/__xymon_config/manifest @@ -0,0 +1,24 @@ +#!/bin/sh -e +# +# 2018-2019 Thomas Eckert (tom at it-eckert.de) +# +# This file is part of cdist. +# +# cdist is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# cdist is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with cdist. If not, see . + +confdir=$(cat "$__object/parameter/confdir") + +__rsync /etc/xymon/ \ + --source "$__type/files/$confdir/" \ + --rsync-opts "delete" diff --git a/cdist/conf/type/__xymon_config/parameter/required b/cdist/conf/type/__xymon_config/parameter/required new file mode 100644 index 00000000..43222f13 --- /dev/null +++ b/cdist/conf/type/__xymon_config/parameter/required @@ -0,0 +1 @@ +confdir diff --git a/cdist/conf/type/__xymon_config/singleton b/cdist/conf/type/__xymon_config/singleton new file mode 100644 index 00000000..e69de29b From 0bdc62482ac46d4238c4bb2389c66b40a62755c5 Mon Sep 17 00:00:00 2001 From: Thomas Eckert Date: Tue, 8 Oct 2019 19:03:38 +0200 Subject: [PATCH 24/53] add new type `__xymon_client` --- cdist/conf/type/__xymon_client/gencode-remote | 28 +++++++++ cdist/conf/type/__xymon_client/man.rst | 57 +++++++++++++++++++ cdist/conf/type/__xymon_client/manifest | 49 ++++++++++++++++ .../__xymon_client/parameter/default/servers | 1 + .../__xymon_client/parameter/default/state | 1 + .../type/__xymon_client/parameter/optional | 2 + cdist/conf/type/__xymon_client/singleton | 0 7 files changed, 138 insertions(+) create mode 100755 cdist/conf/type/__xymon_client/gencode-remote create mode 100644 cdist/conf/type/__xymon_client/man.rst create mode 100755 cdist/conf/type/__xymon_client/manifest create mode 100644 cdist/conf/type/__xymon_client/parameter/default/servers create mode 100644 cdist/conf/type/__xymon_client/parameter/default/state create mode 100644 cdist/conf/type/__xymon_client/parameter/optional create mode 100644 cdist/conf/type/__xymon_client/singleton diff --git a/cdist/conf/type/__xymon_client/gencode-remote b/cdist/conf/type/__xymon_client/gencode-remote new file mode 100755 index 00000000..49eed317 --- /dev/null +++ b/cdist/conf/type/__xymon_client/gencode-remote @@ -0,0 +1,28 @@ +#!/bin/sh -e +# +# 2018-2019 Thomas Eckert (tom at it-eckert.de) +# +# This file is part of cdist. +# +# cdist is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# cdist is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with cdist. If not, see . + +servers=$(cat "$__object/parameter/servers") + +if grep -q ^__key_value/CLIENTHOSTNAME "$__messages_in" || grep -q ^__key_value/XYMONSERVERS "$__messages_in" ; then + echo "systemctl restart xymon-client" + echo "restarted" >> "$__messages_out" + cat <<-EOT + echo "xymon-client xymon-client/XYMONSERVERS string $servers" | debconf-set-selections + EOT +fi diff --git a/cdist/conf/type/__xymon_client/man.rst b/cdist/conf/type/__xymon_client/man.rst new file mode 100644 index 00000000..6f90c15b --- /dev/null +++ b/cdist/conf/type/__xymon_client/man.rst @@ -0,0 +1,57 @@ +cdist-type__xymon_client(7) +=========================== + +NAME +---- +cdist-type__xymon_client - Install the Xymon client + + +DESCRIPTION +----------- +This cdist type installs the Xymon client and configures it to report with +FQDN. + + +REQUIRED PARAMETERS +------------------- +None. + + +OPTIONAL PARAMETERS +------------------- +state + 'present', 'absent', defaults to 'present'. + +servers + One or more IP adresses (space separated) of the Xymon server(s) to report + to. While DNS-names are ok it is discouraged, defaults to 127.0.0.1. + + +EXAMPLES +-------- + +.. code-block:: sh + + # minmal, report to 127.0.0.1 + __xymon_client + + # specify server: + __xymon_client --servers "192.168.1.1" + + +SEE ALSO +-------- +:strong:`cdist__xymon_server`\ (7), :strong:`xymon`\ (7) + + +AUTHORS +------- +Thomas Eckert + + +COPYING +------- +Copyright \(C) 2018-2019 Thomas Eckert. You can redistribute it +and/or modify it under the terms of the GNU General Public License as +published by the Free Software Foundation, either version 3 of the +License, or (at your option) any later version. diff --git a/cdist/conf/type/__xymon_client/manifest b/cdist/conf/type/__xymon_client/manifest new file mode 100755 index 00000000..92ad079e --- /dev/null +++ b/cdist/conf/type/__xymon_client/manifest @@ -0,0 +1,49 @@ +#!/bin/sh -e +# +# 2018-2019 Thomas Eckert (tom at it-eckert.de) +# +# This file is part of cdist. +# +# cdist is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# cdist is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with cdist. If not, see . + +state=$(cat "$__object/parameter/state") +servers=$(cat "$__object/parameter/servers") + +os=$(cat "$__global/explorer/os") +case "$os" in + debian|ubuntu) + : + ;; + *) + echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2 + echo "Please contribute an implementation for it if you can." >&2 + exit 1 + ;; +esac + +__package xymon-client --state "$state" + +require="__package/xymon-client" __key_value CLIENTHOSTNAME \ + --file /etc/default/xymon-client \ + --value "'$__target_hostname'" \ + --delimiter '=' \ + --state "$state" +require="__package/xymon-client" __key_value XYMONSERVERS \ + --file /etc/default/xymon-client \ + --value "'$servers'" \ + --delimiter '=' \ + --state "$state" + +## CLI-usage often requires a shell: +require="__package/xymon-client" __user xymon --shell "/bin/bash" --state "$state" diff --git a/cdist/conf/type/__xymon_client/parameter/default/servers b/cdist/conf/type/__xymon_client/parameter/default/servers new file mode 100644 index 00000000..7b9ad531 --- /dev/null +++ b/cdist/conf/type/__xymon_client/parameter/default/servers @@ -0,0 +1 @@ +127.0.0.1 diff --git a/cdist/conf/type/__xymon_client/parameter/default/state b/cdist/conf/type/__xymon_client/parameter/default/state new file mode 100644 index 00000000..e7f6134f --- /dev/null +++ b/cdist/conf/type/__xymon_client/parameter/default/state @@ -0,0 +1 @@ +present diff --git a/cdist/conf/type/__xymon_client/parameter/optional b/cdist/conf/type/__xymon_client/parameter/optional new file mode 100644 index 00000000..7c34489a --- /dev/null +++ b/cdist/conf/type/__xymon_client/parameter/optional @@ -0,0 +1,2 @@ +state +servers diff --git a/cdist/conf/type/__xymon_client/singleton b/cdist/conf/type/__xymon_client/singleton new file mode 100644 index 00000000..e69de29b From b6898b097f01941d68860c02118f5f5f2ddb8576 Mon Sep 17 00:00:00 2001 From: Dennis Camera Date: Tue, 8 Oct 2019 23:05:23 +0200 Subject: [PATCH 25/53] [__sensible_editor] Add support for RedHat derivatives They have added sensible-utils lately. select-editor(1) does not work because their alternatives system is broken, but sensible-editor(1) works just fine, so we can support it. --- .../__sensible_editor/explorer/editor_path | 84 +++++++++++-------- cdist/conf/type/__sensible_editor/man.rst | 15 +++- cdist/conf/type/__sensible_editor/manifest | 18 +++- 3 files changed, 78 insertions(+), 39 deletions(-) diff --git a/cdist/conf/type/__sensible_editor/explorer/editor_path b/cdist/conf/type/__sensible_editor/explorer/editor_path index a1673a52..8b10b17b 100644 --- a/cdist/conf/type/__sensible_editor/explorer/editor_path +++ b/cdist/conf/type/__sensible_editor/explorer/editor_path @@ -22,76 +22,92 @@ # absolute path. # +die() { + echo "$@" >&2 + exit 1 +} + +editor_missing() { die "Editor '$1' is missing on the target system."; } +editor_no_alternative() { die "Editor '$1' is not in the alternatives list of the target system."; } + + case $("${__explorer}/os") in debian|devuan|ubuntu) - : # supported + has_alternatives=true + editors=$(update-alternatives --list editor) ;; *) - exit 0 # will produce an error message in the manifest + # NOTE: RedHat has an alternatives system but it doesn't usually track + # editors and it is a pain to extract the list. + has_alternatives=false ;; esac - editor=$(cat "${__object}/parameter/editor") -editors=$(update-alternatives --list editor) - -if test $(echo "${editors}" | wc -l) -lt 1 -then - echo 'No editors have been found on this system.' >&2 - exit 1 -fi case $editor in /*) - is_path=true + is_abspath=true ;; */*) - echo 'Relative editor paths are not supported' >&2 - exit 1 + die 'Relative editor paths are not supported' ;; *) - is_path=false + is_abspath=false ;; esac -IFS=' -' -if $is_path +if $has_alternatives && test "$(echo "${editors}" | wc -l)" -gt 0 then - if ! test -f "${editor}" + IFS=' +' + if ! $is_abspath then - echo "Editor ${editor} is missing on the target system." >&2 - exit 1 + # First, try to resolve the absolute path using $editors. + for e in $editors + do + if test "$(basename "${e}")" = "${editor}" + then + editor="${e}" + break + fi + done fi + # Check if path is present + test -f "${editor}" || editor_missing "${editor}" + for e in $editors do if test "${editor}" = "${e}" then - # Editor is present and part of the alternatives list -> use it! + # Editor is part of the alternatives list -> use it! echo "${editor}" exit 0 fi done - echo "Editor ${editor} is not in the alternatives list of the target system." >&2 - exit 1 + editor_no_alternative "${editor}" else - for e in $editors - do - if test "$(basename "${e}")" = "${editor}" - then - # Editor could be found by basename in the alternatives list -> use it! - echo "${e}" - exit 0 - fi - done + # NOTE: This branch is mostly for RedHat-based systems which do + # not track editor alternatives. To make this type useful + # on RedHat at all we allow an absoloute path to be provided + # in any case. - echo "Editor ${editor} is missing on the target system." >&2 - exit 1 + if $is_abspath + then + test -x "${editor}" || editor_missing "${editor}" + + echo "${editor}" + exit 0 + else + die "The target doesn't list any editor alternatives. " \ + "Please specify an absolute path or populate the alternatives list." + fi fi +# The script should never reach this statement! exit 1 diff --git a/cdist/conf/type/__sensible_editor/man.rst b/cdist/conf/type/__sensible_editor/man.rst index 2d7682a6..9e2245ef 100644 --- a/cdist/conf/type/__sensible_editor/man.rst +++ b/cdist/conf/type/__sensible_editor/man.rst @@ -8,14 +8,15 @@ cdist-type__sensible_editor - Select the sensible-editor DESCRIPTION ----------- -This cdist type allows you to select the sensible-editor on Debian-based systems -for a given user. +This cdist type allows you to select the :strong:`sensible-editor` for +a given user. REQUIRED PARAMETERS ------------------- editor Name or path of the editor to be selected. + On systems other than Debian derivatives an absolute path is required. OPTIONAL PARAMETERS @@ -33,9 +34,17 @@ EXAMPLES __sensible_editor noob --editor nano +LIMITATIONS +----------- +This type only works on operating systems on which the sensible-utils package +is available. + +Hint: On RedHat-based systems setting up the EPEL repo might be necessary. + + SEE ALSO -------- -none +:strong:`select-editor`\ (1), :strong:`sensible-editor`\ (1). AUTHOR diff --git a/cdist/conf/type/__sensible_editor/manifest b/cdist/conf/type/__sensible_editor/manifest index b02625e2..56a6b02f 100644 --- a/cdist/conf/type/__sensible_editor/manifest +++ b/cdist/conf/type/__sensible_editor/manifest @@ -27,14 +27,28 @@ user=$__object_id case $os in debian|devuan|ubuntu) - test "${state}" = 'present' && __package_apt sensible-utils --state present + test "${state}" != 'absent' \ + && __package sensible-utils --state present --type apt + ;; + centos|fedora|redhat|scientific) + test "${state}" != 'absent' \ + && __package sensible-utils --state present --type yum ;; *) - echo "OS ${os} does not support select-editor." >&2 + echo "OS ${os} does not support sensible-editor." >&2 + echo "If it does, please provide a patch." >&2 exit 1 ;; esac +if test "${state}" != 'present' && test "${state}" != 'absent' +then + echo 'Only "present" and "absent" are allowed for --state' >&2 + exit 1 +fi + +test "${state}" = 'absent' || export __require='__package/sensible-utils' + editor_path=$(cat "${__object}/explorer/editor_path") user_home=$(cat "${__object}/explorer/user_home") group=$(cat "${__object}/explorer/group") From c3af8a0cc0a2d10a4456f0382f491d6108f54df4 Mon Sep 17 00:00:00 2001 From: Darko Poljak Date: Thu, 10 Oct 2019 11:19:00 +0200 Subject: [PATCH 26/53] ++changelog --- docs/changelog | 3 +++ 1 file changed, 3 insertions(+) diff --git a/docs/changelog b/docs/changelog index 959ab8ae..db67e173 100644 --- a/docs/changelog +++ b/docs/changelog @@ -1,6 +1,9 @@ Changelog --------- +next: + * New types: __xymon_server, __xymon_apache, __xymon_config, __xymon_client (Thomas Eckert) + 6.0.1: 2019-10-08 * Type __group: Support OSes without getent (Dennis Camera) * Type __user: Support OSes without getent (Dennis Camera) From 522100b9fb2f80a1fe9cf7b3d946a432957ec739 Mon Sep 17 00:00:00 2001 From: Dennis Camera Date: Sat, 12 Oct 2019 11:07:39 +0200 Subject: [PATCH 27/53] [__sensible_editor] Refactor --- .../__sensible_editor/explorer/editor_path | 5 +- cdist/conf/type/__sensible_editor/manifest | 48 ++++++++++++------- 2 files changed, 34 insertions(+), 19 deletions(-) diff --git a/cdist/conf/type/__sensible_editor/explorer/editor_path b/cdist/conf/type/__sensible_editor/explorer/editor_path index 8b10b17b..b0de2f0a 100644 --- a/cdist/conf/type/__sensible_editor/explorer/editor_path +++ b/cdist/conf/type/__sensible_editor/explorer/editor_path @@ -35,7 +35,10 @@ case $("${__explorer}/os") in debian|devuan|ubuntu) has_alternatives=true - editors=$(update-alternatives --list editor) + + # NOTE: Old versions do not support `--list`, in this case ignore the errors. + # This will require an absolute path to be provided, though. + editors=$(update-alternatives --list editor 2>/dev/null) ;; *) # NOTE: RedHat has an alternatives system but it doesn't usually track diff --git a/cdist/conf/type/__sensible_editor/manifest b/cdist/conf/type/__sensible_editor/manifest index 56a6b02f..2ad8c54e 100644 --- a/cdist/conf/type/__sensible_editor/manifest +++ b/cdist/conf/type/__sensible_editor/manifest @@ -19,35 +19,47 @@ # along with cdist. If not, see . # +not_supported() { + echo "OS ${os} does not support __sensible_editor." >&2 + echo 'If it does, please provide a patch.' >&2 + exit 1 +} + os=$(cat "${__global}/explorer/os") state=$(cat "${__object}/parameter/state") user=$__object_id -case $os -in - debian|devuan|ubuntu) - test "${state}" != 'absent' \ - && __package sensible-utils --state present --type apt - ;; - centos|fedora|redhat|scientific) - test "${state}" != 'absent' \ - && __package sensible-utils --state present --type yum - ;; - *) - echo "OS ${os} does not support sensible-editor." >&2 - echo "If it does, please provide a patch." >&2 - exit 1 - ;; -esac - if test "${state}" != 'present' && test "${state}" != 'absent' then echo 'Only "present" and "absent" are allowed for --state' >&2 exit 1 fi -test "${state}" = 'absent' || export __require='__package/sensible-utils' +case $os +in + debian) + pkg_type='apt' + ;; + devuan) + pkg_type='apt' + ;; + ubuntu) + pkg_type='apt' + ;; + centos|fedora|redhat|scientific) + pkg_type='yum' + ;; + *) + not_supported + ;; +esac + +if test "${state}" != 'absent' +then + __package sensible-utils --state present --type "${pkg_type}" + export __require='__package/sensible-utils' +fi editor_path=$(cat "${__object}/explorer/editor_path") user_home=$(cat "${__object}/explorer/user_home") From e64d1710b531cdb2db9a8a0bcb1c5dd7d287f3fb Mon Sep 17 00:00:00 2001 From: Dennis Camera Date: Sat, 12 Oct 2019 13:01:39 +0200 Subject: [PATCH 28/53] [__sensible_editor] Add support for old Ubuntu versions --- cdist/conf/type/__sensible_editor/manifest | 24 ++++++++++++++++++++-- 1 file changed, 22 insertions(+), 2 deletions(-) diff --git a/cdist/conf/type/__sensible_editor/manifest b/cdist/conf/type/__sensible_editor/manifest index 2ad8c54e..988f00e5 100644 --- a/cdist/conf/type/__sensible_editor/manifest +++ b/cdist/conf/type/__sensible_editor/manifest @@ -19,6 +19,21 @@ # along with cdist. If not, see . # +version_ge() { + awk -F '[^0-9.]' -v target="${1:?}" ' + function max(x, y) { return x > y ? x : y; } + BEGIN { + getline; + nx = split($1, x, "."); + ny = split(target, y, "."); + for (i = 1; i <= max(nx, ny); ++i) { + if (x[i] < y[i]) exit 1; + else if (x[i] > y[i]) exit 0; + else continue; + } + }' +} + not_supported() { echo "OS ${os} does not support __sensible_editor." >&2 echo 'If it does, please provide a patch.' >&2 @@ -26,6 +41,7 @@ not_supported() { } os=$(cat "${__global}/explorer/os") +os_version=$(cat "${__global}/explorer/os_version") state=$(cat "${__object}/parameter/state") user=$__object_id @@ -36,6 +52,8 @@ then exit 1 fi +package_name='sensible-utils' + case $os in debian) @@ -45,6 +63,7 @@ in pkg_type='apt' ;; ubuntu) + "${os_version}" | version_ge 10.04 || package_name='debianutils' pkg_type='apt' ;; centos|fedora|redhat|scientific) @@ -57,8 +76,9 @@ esac if test "${state}" != 'absent' then - __package sensible-utils --state present --type "${pkg_type}" - export __require='__package/sensible-utils' + __package "${package_name}" --state present \ + --type "${pkg_type}" + export __require="__package/${package_name}" fi editor_path=$(cat "${__object}/explorer/editor_path") From d11b1915471c5c0c0b530ae9cd022b293866e292 Mon Sep 17 00:00:00 2001 From: Dennis Camera Date: Sat, 12 Oct 2019 13:02:26 +0200 Subject: [PATCH 29/53] [__sensible_editor] Document supported operating systems in man page --- cdist/conf/type/__sensible_editor/man.rst | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/cdist/conf/type/__sensible_editor/man.rst b/cdist/conf/type/__sensible_editor/man.rst index 9e2245ef..d0f5356e 100644 --- a/cdist/conf/type/__sensible_editor/man.rst +++ b/cdist/conf/type/__sensible_editor/man.rst @@ -36,11 +36,19 @@ EXAMPLES LIMITATIONS ----------- -This type only works on operating systems on which the sensible-utils package -is available. -Hint: On RedHat-based systems setting up the EPEL repo might be necessary. +This type supports the following operating systems: +* Debian 8 (jessie) or later +* Devuan +* Ubuntu 8.10 (intrepid) or later +* RHEL/CentOS 7 or later (EPEL repo required) +* Fedora 21 or later +In general, this type could work on operating systems on which the +sensible-utils package is available. + +On old versions of Ubuntu the sensible-* utils are part of the +debianutils package. SEE ALSO -------- From f782a8547035decee53a745da56edb47490ba5a8 Mon Sep 17 00:00:00 2001 From: Dennis Camera Date: Sat, 12 Oct 2019 13:27:42 +0200 Subject: [PATCH 30/53] [__sensible_editor] Reword limitations paragraph of man page --- cdist/conf/type/__sensible_editor/man.rst | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/cdist/conf/type/__sensible_editor/man.rst b/cdist/conf/type/__sensible_editor/man.rst index d0f5356e..4260a369 100644 --- a/cdist/conf/type/__sensible_editor/man.rst +++ b/cdist/conf/type/__sensible_editor/man.rst @@ -37,17 +37,17 @@ EXAMPLES LIMITATIONS ----------- -This type supports the following operating systems: -* Debian 8 (jessie) or later -* Devuan -* Ubuntu 8.10 (intrepid) or later -* RHEL/CentOS 7 or later (EPEL repo required) -* Fedora 21 or later +This type depends upon the :strong:`sensible-editor`\ (1) script which +is part of the sensible-utils package. -In general, this type could work on operating systems on which the -sensible-utils package is available. +Therefore, the following operating systems are supported: + * Debian 8 (jessie) or later + * Devuan + * Ubuntu 8.10 (intrepid) or later + * RHEL/CentOS 7 or later (EPEL repo required) + * Fedora 21 or later -On old versions of Ubuntu the sensible-* utils are part of the +Note: on old versions of Ubuntu the sensible-* utils are part of the debianutils package. SEE ALSO From 00dd16d7c34f576e76893636dbffc3ea3091e62a Mon Sep 17 00:00:00 2001 From: Dennis Camera Date: Sun, 13 Oct 2019 10:13:20 +0200 Subject: [PATCH 31/53] [__sensible_editor] List available editors when an incorrect one is provided --- cdist/conf/type/__sensible_editor/explorer/editor_path | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/cdist/conf/type/__sensible_editor/explorer/editor_path b/cdist/conf/type/__sensible_editor/explorer/editor_path index b0de2f0a..b6230545 100644 --- a/cdist/conf/type/__sensible_editor/explorer/editor_path +++ b/cdist/conf/type/__sensible_editor/explorer/editor_path @@ -28,7 +28,10 @@ die() { } editor_missing() { die "Editor '$1' is missing on the target system."; } -editor_no_alternative() { die "Editor '$1' is not in the alternatives list of the target system."; } +editor_no_alternative() { + die "Editor '$1' is not in the alternatives list of the target system." \ + "$(test "${editors}" && echo "\nPlease choose one of:\n\n${editors}")" +} case $("${__explorer}/os") @@ -63,7 +66,7 @@ in esac -if $has_alternatives && test "$(echo "${editors}" | wc -l)" -gt 0 +if $has_alternatives && test -n "${editors}" then IFS=' ' From 3bbb7b02d2c41fa4ff141d7e2a68d820136c3cd7 Mon Sep 17 00:00:00 2001 From: Dennis Camera Date: Sun, 13 Oct 2019 10:14:05 +0200 Subject: [PATCH 32/53] [__sensible_editor] Allow to omit the --editor parameter if --state is absent --- cdist/conf/type/__sensible_editor/explorer/editor_path | 7 ++++++- cdist/conf/type/__sensible_editor/man.rst | 2 ++ cdist/conf/type/__sensible_editor/parameter/optional | 1 + cdist/conf/type/__sensible_editor/parameter/required | 1 - 4 files changed, 9 insertions(+), 2 deletions(-) delete mode 100644 cdist/conf/type/__sensible_editor/parameter/required diff --git a/cdist/conf/type/__sensible_editor/explorer/editor_path b/cdist/conf/type/__sensible_editor/explorer/editor_path index b6230545..d19a5b06 100644 --- a/cdist/conf/type/__sensible_editor/explorer/editor_path +++ b/cdist/conf/type/__sensible_editor/explorer/editor_path @@ -33,6 +33,9 @@ editor_no_alternative() { "$(test "${editors}" && echo "\nPlease choose one of:\n\n${editors}")" } +# No need to check for the path if the file is supposed to be removed. +test "$(cat "${__object}/parameter/state")" != 'absent' || exit 0 + case $("${__explorer}/os") in @@ -50,7 +53,9 @@ in ;; esac -editor=$(cat "${__object}/parameter/editor") +# Read --editor parameter and check its value since it is "optional" +editor=$(cat "${__object}/parameter/editor" 2>/dev/null) || true +test -n "${editor}" || die 'Please provide an --editor to configure.' case $editor in diff --git a/cdist/conf/type/__sensible_editor/man.rst b/cdist/conf/type/__sensible_editor/man.rst index 4260a369..b11aff46 100644 --- a/cdist/conf/type/__sensible_editor/man.rst +++ b/cdist/conf/type/__sensible_editor/man.rst @@ -18,6 +18,8 @@ editor Name or path of the editor to be selected. On systems other than Debian derivatives an absolute path is required. + It is permissible to omit this parameter if --state is absent. + OPTIONAL PARAMETERS ------------------- diff --git a/cdist/conf/type/__sensible_editor/parameter/optional b/cdist/conf/type/__sensible_editor/parameter/optional index ff72b5c7..ae55e240 100644 --- a/cdist/conf/type/__sensible_editor/parameter/optional +++ b/cdist/conf/type/__sensible_editor/parameter/optional @@ -1 +1,2 @@ +editor state diff --git a/cdist/conf/type/__sensible_editor/parameter/required b/cdist/conf/type/__sensible_editor/parameter/required deleted file mode 100644 index 85042acd..00000000 --- a/cdist/conf/type/__sensible_editor/parameter/required +++ /dev/null @@ -1 +0,0 @@ -editor From 8b0734f719de690742361a8756d25511f2c16029 Mon Sep 17 00:00:00 2001 From: Dennis Camera Date: Sun, 13 Oct 2019 10:14:27 +0200 Subject: [PATCH 33/53] [__sensible_editor] Improve error message when a basename of an editor not in the alternatives is provided --- .../__sensible_editor/explorer/editor_path | 21 ++++++++++++------- 1 file changed, 14 insertions(+), 7 deletions(-) diff --git a/cdist/conf/type/__sensible_editor/explorer/editor_path b/cdist/conf/type/__sensible_editor/explorer/editor_path index d19a5b06..8a5199c9 100644 --- a/cdist/conf/type/__sensible_editor/explorer/editor_path +++ b/cdist/conf/type/__sensible_editor/explorer/editor_path @@ -78,17 +78,24 @@ then if ! $is_abspath then # First, try to resolve the absolute path using $editors. - for e in $editors + while true do - if test "$(basename "${e}")" = "${editor}" - then - editor="${e}" - break - fi + for e in $editors + do + if test "$(basename "${e}")" = "${editor}" + then + editor="${e}" + break 2 # break out of both loops + fi + done + + # Iterating through alternatives did not yield a result + editor_no_alternative "${editor}" + break done fi - # Check if path is present + # Check if editor is present test -f "${editor}" || editor_missing "${editor}" for e in $editors From 9edf5e8fe03edbf01f2b02a2ab4a5643d31b21d2 Mon Sep 17 00:00:00 2001 From: Dennis Camera Date: Sun, 13 Oct 2019 10:39:50 +0200 Subject: [PATCH 34/53] [__sensible_utils] Fix Ubuntu version detection --- cdist/conf/type/__sensible_editor/manifest | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cdist/conf/type/__sensible_editor/manifest b/cdist/conf/type/__sensible_editor/manifest index 988f00e5..43344dac 100644 --- a/cdist/conf/type/__sensible_editor/manifest +++ b/cdist/conf/type/__sensible_editor/manifest @@ -63,7 +63,7 @@ in pkg_type='apt' ;; ubuntu) - "${os_version}" | version_ge 10.04 || package_name='debianutils' + (echo "${os_version}" | version_ge 10.04) || package_name='debianutils' pkg_type='apt' ;; centos|fedora|redhat|scientific) From 2bc26e398c33aa350b3fc214a6a1fc150f8f8f47 Mon Sep 17 00:00:00 2001 From: Nico Schottelius Date: Sun, 13 Oct 2019 11:15:53 +0200 Subject: [PATCH 35/53] [__letsencrypt_cert] Add Arch Linux support --- cdist/conf/type/__letsencrypt_cert/manifest | 3 +++ docs/changelog | 1 + 2 files changed, 4 insertions(+) diff --git a/cdist/conf/type/__letsencrypt_cert/manifest b/cdist/conf/type/__letsencrypt_cert/manifest index 1d96ee1a..35962d31 100755 --- a/cdist/conf/type/__letsencrypt_cert/manifest +++ b/cdist/conf/type/__letsencrypt_cert/manifest @@ -7,6 +7,9 @@ if [ -z "${certbot_fullpath}" ]; then os_version="$(cat "${__global}/explorer/os_version")" case "$os" in + archlinux) + __package certbot + ;; debian) case "$os_version" in 8*) diff --git a/docs/changelog b/docs/changelog index db67e173..f1b37065 100644 --- a/docs/changelog +++ b/docs/changelog @@ -3,6 +3,7 @@ Changelog next: * New types: __xymon_server, __xymon_apache, __xymon_config, __xymon_client (Thomas Eckert) + * Type __letsencrypt_cert: Add Arch Linux support (Nico Schottelius) 6.0.1: 2019-10-08 * Type __group: Support OSes without getent (Dennis Camera) From 365974c4471e0df503d771e9b0d604a8f1883af8 Mon Sep 17 00:00:00 2001 From: Dennis Camera Date: Sun, 13 Oct 2019 13:42:15 +0200 Subject: [PATCH 36/53] [__sensible_editor] Use int comparisons in version_ge --- cdist/conf/type/__sensible_editor/manifest | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/cdist/conf/type/__sensible_editor/manifest b/cdist/conf/type/__sensible_editor/manifest index 43344dac..3a1926b6 100644 --- a/cdist/conf/type/__sensible_editor/manifest +++ b/cdist/conf/type/__sensible_editor/manifest @@ -27,8 +27,9 @@ version_ge() { nx = split($1, x, "."); ny = split(target, y, "."); for (i = 1; i <= max(nx, ny); ++i) { - if (x[i] < y[i]) exit 1; - else if (x[i] > y[i]) exit 0; + diff = int(x[i]) - int(y[i]); + if (diff < 0) exit 1; + else if (diff > 0) exit 0; else continue; } }' From 58eb474b017813f1781cf31836018f40fdf2f0ae Mon Sep 17 00:00:00 2001 From: Dennis Camera Date: Sun, 13 Oct 2019 13:49:51 +0200 Subject: [PATCH 37/53] [__sensible_editor] Add exists as a possible --state value --- cdist/conf/type/__sensible_editor/man.rst | 10 +++++++++- cdist/conf/type/__sensible_editor/manifest | 4 ++-- 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/cdist/conf/type/__sensible_editor/man.rst b/cdist/conf/type/__sensible_editor/man.rst index b11aff46..9b805e06 100644 --- a/cdist/conf/type/__sensible_editor/man.rst +++ b/cdist/conf/type/__sensible_editor/man.rst @@ -24,7 +24,15 @@ editor OPTIONAL PARAMETERS ------------------- state - Either "present" or "absent". Defaults to "present". + 'present', 'absent', or 'exists'. Defaults to 'present', where: + + present + the sensible-editor is exactly what is specified in --editor. + absent + no sensible-editor configuration is present. + exists + the sensible-editor will be set to what is specified in --editor, + unless there already is a configuration on the target system. EXAMPLES diff --git a/cdist/conf/type/__sensible_editor/manifest b/cdist/conf/type/__sensible_editor/manifest index 3a1926b6..d4883403 100644 --- a/cdist/conf/type/__sensible_editor/manifest +++ b/cdist/conf/type/__sensible_editor/manifest @@ -47,9 +47,9 @@ os_version=$(cat "${__global}/explorer/os_version") state=$(cat "${__object}/parameter/state") user=$__object_id -if test "${state}" != 'present' && test "${state}" != 'absent' +if test "${state}" != 'present' && test "${state}" != 'exists' && test "${state}" != 'absent' then - echo 'Only "present" and "absent" are allowed for --state' >&2 + echo 'Only "present", "exists", and "absent" are allowed for --state' >&2 exit 1 fi From 9567826dc19526037219558ddd81912e1cdcf129 Mon Sep 17 00:00:00 2001 From: Dennis Camera Date: Mon, 14 Oct 2019 09:21:23 +0200 Subject: [PATCH 38/53] [__sensible_editor] Fix incorrect require variable --- cdist/conf/type/__sensible_editor/manifest | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cdist/conf/type/__sensible_editor/manifest b/cdist/conf/type/__sensible_editor/manifest index d4883403..1cdb0c2c 100644 --- a/cdist/conf/type/__sensible_editor/manifest +++ b/cdist/conf/type/__sensible_editor/manifest @@ -79,7 +79,7 @@ if test "${state}" != 'absent' then __package "${package_name}" --state present \ --type "${pkg_type}" - export __require="__package/${package_name}" + export require="__package/${package_name}" fi editor_path=$(cat "${__object}/explorer/editor_path") From e462821e469f0f81d56f11f3e8a1637d3b0e2291 Mon Sep 17 00:00:00 2001 From: Dennis Camera Date: Mon, 14 Oct 2019 11:29:49 +0200 Subject: [PATCH 39/53] [__sensible_editor] Fix SC2028 --- cdist/conf/type/__sensible_editor/explorer/editor_path | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cdist/conf/type/__sensible_editor/explorer/editor_path b/cdist/conf/type/__sensible_editor/explorer/editor_path index 8a5199c9..dcf63c9b 100644 --- a/cdist/conf/type/__sensible_editor/explorer/editor_path +++ b/cdist/conf/type/__sensible_editor/explorer/editor_path @@ -30,7 +30,7 @@ die() { editor_missing() { die "Editor '$1' is missing on the target system."; } editor_no_alternative() { die "Editor '$1' is not in the alternatives list of the target system." \ - "$(test "${editors}" && echo "\nPlease choose one of:\n\n${editors}")" + "$(test -n "${editors}" && printf '\nPlease choose one of:\n\n%s\n' "${editors}")" } # No need to check for the path if the file is supposed to be removed. From 3c86c175aa6c771dc4768214c7a3130aae932cb0 Mon Sep 17 00:00:00 2001 From: Darko Poljak Date: Mon, 14 Oct 2019 11:41:04 +0200 Subject: [PATCH 40/53] ++changelog --- docs/changelog | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/changelog b/docs/changelog index f1b37065..412614e5 100644 --- a/docs/changelog +++ b/docs/changelog @@ -4,6 +4,7 @@ Changelog next: * New types: __xymon_server, __xymon_apache, __xymon_config, __xymon_client (Thomas Eckert) * Type __letsencrypt_cert: Add Arch Linux support (Nico Schottelius) + * New type: __sensible_editor (Dennis Camera) 6.0.1: 2019-10-08 * Type __group: Support OSes without getent (Dennis Camera) From f5c725a57f212f733e0e73d238b64bf49feb5fce Mon Sep 17 00:00:00 2001 From: Ahmed Bilal <49-ahmedbilal@users.noreply.code.ungleich.ch> Date: Tue, 15 Oct 2019 20:19:04 +0200 Subject: [PATCH 41/53] Fix issues/Make prometheus+grafana+blackbox types compatible with Debian 10 --- cdist/conf/type/__grafana_dashboard/manifest | 9 ++++++--- cdist/conf/type/__letsencrypt_cert/manifest | 1 + cdist/conf/type/__prometheus_alertmanager/manifest | 3 ++- cdist/conf/type/__prometheus_exporter/manifest | 6 ++++-- cdist/conf/type/__prometheus_server/manifest | 7 ++++--- 5 files changed, 17 insertions(+), 9 deletions(-) diff --git a/cdist/conf/type/__grafana_dashboard/manifest b/cdist/conf/type/__grafana_dashboard/manifest index e652202b..d145c4c3 100755 --- a/cdist/conf/type/__grafana_dashboard/manifest +++ b/cdist/conf/type/__grafana_dashboard/manifest @@ -15,6 +15,10 @@ case $os in # Differntation not needed anymore apt_source_distribution=stable ;; + 10*) + # Differntation not needed anymore + apt_source_distribution=stable + ;; *) echo "Don't know how to install Grafana on $os $os_version. Send us a pull request!" >&2 exit 1 @@ -29,10 +33,9 @@ case $os in --uri https://packages.grafana.com/oss/deb \ --distribution $apt_source_distribution \ --component main - __package apt-transport-https - - require="$require __apt_source/grafana __package/apt-transport-https" __package grafana + require="$require __apt_source/grafana" __apt_update_index + require="$require __package/apt-transport-https __apt_update_index" __package grafana require="$require __package/grafana" __start_on_boot grafana-server require="$require __start_on_boot/grafana-server" __process grafana-server --start "service grafana-server start" ;; diff --git a/cdist/conf/type/__letsencrypt_cert/manifest b/cdist/conf/type/__letsencrypt_cert/manifest index 35962d31..bc039e44 100755 --- a/cdist/conf/type/__letsencrypt_cert/manifest +++ b/cdist/conf/type/__letsencrypt_cert/manifest @@ -39,6 +39,7 @@ if [ -z "${certbot_fullpath}" ]; then 10*) __package_apt certbot ;; + *) echo "Unsupported OS version: $os_version" >&2 exit 1 diff --git a/cdist/conf/type/__prometheus_alertmanager/manifest b/cdist/conf/type/__prometheus_alertmanager/manifest index 8ee818c3..cf410c44 100755 --- a/cdist/conf/type/__prometheus_alertmanager/manifest +++ b/cdist/conf/type/__prometheus_alertmanager/manifest @@ -30,6 +30,7 @@ if [ -f "$__object/parameter/install-from-backports" ]; then *) echo "--install-from-backports is only supported on Devuan -- ignoring." >&2 echo "Send a pull request if you require it." >&2 + exit 1 ;; esac else @@ -60,5 +61,5 @@ require="$require __directory/$storage_path $require_pkg" \ __config_file $CONF \ --source "$config" \ --group prometheus --mode 640 \ - --onchange "service prometheus-alertmanager reload" # TODO when a config-check tool is available, check config here + --onchange "service prometheus-alertmanager restart" # TODO when a config-check tool is available, check config here diff --git a/cdist/conf/type/__prometheus_exporter/manifest b/cdist/conf/type/__prometheus_exporter/manifest index b9e14531..f3930ac6 100644 --- a/cdist/conf/type/__prometheus_exporter/manifest +++ b/cdist/conf/type/__prometheus_exporter/manifest @@ -5,9 +5,11 @@ export GOBIN=/opt/gocode/bin # where to find go binaries exporter="$(cat "$__object/parameter/exporter")" [ -z "$exporter" ] && exporter="$__object_id" -__user prometheus --system +__user prometheus +require="__user/prometheus" __group prometheus +require="__group/prometheus" __user_groups prometheus --group prometheus -require="" +require="__user_groups/prometheus" case $exporter in node) TEXTFILES=/service/node-exporter/textfiles # path for the textfiles collector diff --git a/cdist/conf/type/__prometheus_server/manifest b/cdist/conf/type/__prometheus_server/manifest index 73a0799c..9756169e 100755 --- a/cdist/conf/type/__prometheus_server/manifest +++ b/cdist/conf/type/__prometheus_server/manifest @@ -38,7 +38,8 @@ if [ -f "$__object/parameter/install-from-backports" ]; then esac else __package prometheus - require_pkg="__package/prometheus" + __package prometheus-blackbox-exporter + require_pkg="__package/prometheus __package/prometheus-blackbox-exporter" fi ##### PREPARE PATHS AND SUCH ################################################ @@ -59,7 +60,7 @@ require="$require __directory/$storage_path $require_pkg" \ __config_file $CONF \ --source "$config" \ --group prometheus --mode 640 \ - --onchange "promtool check config $CONF && service prometheus reload" + --onchange "promtool check config $CONF && service prometheus restart" for file in $rule_files; do dest=$CONF_DIR/$(basename "$file") @@ -67,6 +68,6 @@ for file in $rule_files; do __config_file "$dest" \ --source "$file" \ --owner prometheus \ - --onchange "promtool check rules '$dest' && service prometheus reload" + --onchange "promtool check rules '$dest' && service prometheus restart" done From 6214408f2a44a53f848853b833a7b3a2d00ba813 Mon Sep 17 00:00:00 2001 From: Darko Poljak Date: Tue, 15 Oct 2019 20:19:57 +0200 Subject: [PATCH 42/53] ++changelog --- docs/changelog | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/changelog b/docs/changelog index 412614e5..24ba6b7e 100644 --- a/docs/changelog +++ b/docs/changelog @@ -5,6 +5,7 @@ next: * New types: __xymon_server, __xymon_apache, __xymon_config, __xymon_client (Thomas Eckert) * Type __letsencrypt_cert: Add Arch Linux support (Nico Schottelius) * New type: __sensible_editor (Dennis Camera) + * Types __grafana_dashboard, __prometheus_alertmanager, __prometheus_exporter, __prometheus_server: Support Debian 10 (Ahmed Bilal Khalid) 6.0.1: 2019-10-08 * Type __group: Support OSes without getent (Dennis Camera) From 778cd4ff0ecc2cdbdd5da1726621172ed6cc95e0 Mon Sep 17 00:00:00 2001 From: Darko Poljak Date: Thu, 17 Oct 2019 11:14:09 +0200 Subject: [PATCH 43/53] Release 6.0.2 --- docs/changelog | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/changelog b/docs/changelog index 24ba6b7e..8e6e56ca 100644 --- a/docs/changelog +++ b/docs/changelog @@ -1,7 +1,7 @@ Changelog --------- -next: +6.0.2: 2019-10-17 * New types: __xymon_server, __xymon_apache, __xymon_config, __xymon_client (Thomas Eckert) * Type __letsencrypt_cert: Add Arch Linux support (Nico Schottelius) * New type: __sensible_editor (Dennis Camera) From 689b5a299265ae4626348073afe409336893a175 Mon Sep 17 00:00:00 2001 From: Nico Schottelius Date: Thu, 17 Oct 2019 16:44:26 +0200 Subject: [PATCH 44/53] [letsencrypt_cert] add support for alpine --- cdist/conf/type/__letsencrypt_cert/manifest | 3 +++ 1 file changed, 3 insertions(+) diff --git a/cdist/conf/type/__letsencrypt_cert/manifest b/cdist/conf/type/__letsencrypt_cert/manifest index 35962d31..4fa5f119 100755 --- a/cdist/conf/type/__letsencrypt_cert/manifest +++ b/cdist/conf/type/__letsencrypt_cert/manifest @@ -8,6 +8,9 @@ if [ -z "${certbot_fullpath}" ]; then case "$os" in archlinux) + __package certbot + ;; + alpine) __package certbot ;; debian) From 076133028f181d2fe0811dc9d915cfba36d07421 Mon Sep 17 00:00:00 2001 From: Nico Schottelius Date: Thu, 17 Oct 2019 16:44:56 +0200 Subject: [PATCH 45/53] ++changelog --- docs/changelog | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/changelog b/docs/changelog index f1b37065..10aeafc9 100644 --- a/docs/changelog +++ b/docs/changelog @@ -4,6 +4,7 @@ Changelog next: * New types: __xymon_server, __xymon_apache, __xymon_config, __xymon_client (Thomas Eckert) * Type __letsencrypt_cert: Add Arch Linux support (Nico Schottelius) + * Type __letsencrypt_cert: Add Alpine support (Nico Schottelius) 6.0.1: 2019-10-08 * Type __group: Support OSes without getent (Dennis Camera) From fc28f58c77080e94215719ba4f2aa3f3162c8300 Mon Sep 17 00:00:00 2001 From: Darko Poljak Date: Thu, 17 Oct 2019 20:48:52 +0200 Subject: [PATCH 46/53] Generate version.py if it does not exist --- setup.py | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/setup.py b/setup.py index ae651125..ee823df9 100644 --- a/setup.py +++ b/setup.py @@ -1,7 +1,14 @@ from distutils.core import setup -import cdist import os import re +import subprocess + + +if not os.path.exists(os.path.join('cdist', 'version.py')): + subprocess.run([os.path.join('bin', 'build-helper'), 'version', ]) + + +import cdist def data_finder(data_dir): From 2d0af7b7ccc34d450a1b0cfb6532f6d2439ee7a4 Mon Sep 17 00:00:00 2001 From: Darko Poljak Date: Fri, 18 Oct 2019 10:24:11 +0200 Subject: [PATCH 47/53] Generate verions.py only if git cloned repo --- setup.py | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/setup.py b/setup.py index ee823df9..2bb1e16d 100644 --- a/setup.py +++ b/setup.py @@ -1,11 +1,24 @@ from distutils.core import setup +from distutils.errors import DistutilsError import os import re import subprocess -if not os.path.exists(os.path.join('cdist', 'version.py')): - subprocess.run([os.path.join('bin', 'build-helper'), 'version', ]) +# We have it only if it is a git cloned repo. +build_helper = os.path.join('bin', 'build-helper') +# Version file path. +version_file = os.path.join('cdist', 'version.py') +# If we have build-helper we could be a git repo. +if os.path.exists(build_helper): + # Try to generate version.py. + rv = subprocess.run([build_helper, 'version', ]) + if rv.returncode != 0: + raise DistutilsError("Failed to generate {}".format(version_file)) +else: + # Otherwise, version.py should be present. + if not os.path.exists(version_file): + raise DistutilsError("Missing version file {}".format(version_file)) import cdist From f6a45808f9796630aa415209d711424d570e145e Mon Sep 17 00:00:00 2001 From: Darko Poljak Date: Fri, 18 Oct 2019 13:11:59 +0200 Subject: [PATCH 48/53] Fix building man pages command --- docs/src/cdist-upgrade.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/src/cdist-upgrade.rst b/docs/src/cdist-upgrade.rst index e57ed63c..67fd4934 100644 --- a/docs/src/cdist-upgrade.rst +++ b/docs/src/cdist-upgrade.rst @@ -11,7 +11,7 @@ To upgrade cdist in the current branch use git pull # Also update the manpages - ./build man + make man export MANPATH=$MANPATH:$(pwd -P)/doc/man If you stay on a version branche (i.e. 1.0, 1.1., ...), nothing should break. From 32c15f2ecbc9a4cf29258f9d8e28ef537bcc2ac1 Mon Sep 17 00:00:00 2001 From: Dmitry Bogatov Date: Sun, 20 Oct 2019 18:59:48 +0000 Subject: [PATCH 49/53] Fix spelling error in manpage --- cdist/conf/type/__xymon_client/man.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cdist/conf/type/__xymon_client/man.rst b/cdist/conf/type/__xymon_client/man.rst index 6f90c15b..6660b0ef 100644 --- a/cdist/conf/type/__xymon_client/man.rst +++ b/cdist/conf/type/__xymon_client/man.rst @@ -23,7 +23,7 @@ state 'present', 'absent', defaults to 'present'. servers - One or more IP adresses (space separated) of the Xymon server(s) to report + One or more IP addresses (space separated) of the Xymon server(s) to report to. While DNS-names are ok it is discouraged, defaults to 127.0.0.1. From 50a3130b0ae280526ac13fd8a3619717d29c57ac Mon Sep 17 00:00:00 2001 From: Darko Poljak Date: Mon, 21 Oct 2019 12:02:53 +0200 Subject: [PATCH 50/53] ++changelog --- docs/changelog | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/changelog b/docs/changelog index 176c5d40..5020c3c2 100644 --- a/docs/changelog +++ b/docs/changelog @@ -3,6 +3,7 @@ Changelog next: * Type __letsencrypt_cert: Add Alpine support (Nico Schottelius) + * Type __xymon_client: Fix spelling error in manpage (Dmitry Bogatov) 6.0.2: 2019-10-17 * New types: __xymon_server, __xymon_apache, __xymon_config, __xymon_client (Thomas Eckert) From 00852cb17d375da39ae585ec337da18a4f63587d Mon Sep 17 00:00:00 2001 From: Darko Poljak Date: Fri, 25 Oct 2019 14:26:08 +0200 Subject: [PATCH 51/53] ++changelog --- docs/changelog | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/changelog b/docs/changelog index 5020c3c2..cdc4e8f5 100644 --- a/docs/changelog +++ b/docs/changelog @@ -4,6 +4,7 @@ Changelog next: * Type __letsencrypt_cert: Add Alpine support (Nico Schottelius) * Type __xymon_client: Fix spelling error in manpage (Dmitry Bogatov) + * Build: Support pip from git (Darko Poljak, Ľubomír Kučera) 6.0.2: 2019-10-17 * New types: __xymon_server, __xymon_apache, __xymon_config, __xymon_client (Thomas Eckert) From 0ec52fd1bd1a5b20aa5d8503da62d18b43399403 Mon Sep 17 00:00:00 2001 From: Ahmed Bilal <49-ahmedbilal@users.noreply.code.ungleich.ch> Date: Sun, 27 Oct 2019 18:11:08 +0100 Subject: [PATCH 52/53] alpine support added in __package_update_index --- cdist/conf/type/__package_update_index/explorer/currage | 3 +++ cdist/conf/type/__package_update_index/explorer/type | 1 + cdist/conf/type/__package_update_index/gencode-remote | 4 ++++ 3 files changed, 8 insertions(+) diff --git a/cdist/conf/type/__package_update_index/explorer/currage b/cdist/conf/type/__package_update_index/explorer/currage index 3539b8e1..cfb778d5 100644 --- a/cdist/conf/type/__package_update_index/explorer/currage +++ b/cdist/conf/type/__package_update_index/explorer/currage @@ -34,6 +34,9 @@ case "$type" in echo 0 fi ;; + alpine) + echo 0 + ;; *) echo "Your specified type ($type) is currently not supported." >&2 echo "Please contribute an implementation for it if you can." >&2 ;; diff --git a/cdist/conf/type/__package_update_index/explorer/type b/cdist/conf/type/__package_update_index/explorer/type index 35254c5f..c98e1e67 100644 --- a/cdist/conf/type/__package_update_index/explorer/type +++ b/cdist/conf/type/__package_update_index/explorer/type @@ -26,6 +26,7 @@ else amazon|scientific|centos|fedora|redhat) echo "yum" ;; debian|ubuntu|devuan) echo "apt" ;; archlinux) echo "pacman" ;; + alpine) echo "apk" ;; *) echo "Don't know how to manage packages on: $os" >&2 exit 1 diff --git a/cdist/conf/type/__package_update_index/gencode-remote b/cdist/conf/type/__package_update_index/gencode-remote index 738d38eb..9b2ecba2 100755 --- a/cdist/conf/type/__package_update_index/gencode-remote +++ b/cdist/conf/type/__package_update_index/gencode-remote @@ -47,6 +47,10 @@ case "$type" in echo "pacman --noprogressbar --sync --refresh" echo "pacman package database synced (age was: $currage)" >> "$__messages_out" ;; + alpine) + echo "apk update" + echo "apk package database updated." + ;; *) echo "Don't know how to manage packages for type: $type" >&2 exit 1 From 39b320a19a14c1e7653ff14e7e824f2d1ac762cb Mon Sep 17 00:00:00 2001 From: Darko Poljak Date: Sun, 27 Oct 2019 19:12:52 +0100 Subject: [PATCH 53/53] ++changelog --- docs/changelog | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/changelog b/docs/changelog index cdc4e8f5..d4b55336 100644 --- a/docs/changelog +++ b/docs/changelog @@ -5,6 +5,7 @@ next: * Type __letsencrypt_cert: Add Alpine support (Nico Schottelius) * Type __xymon_client: Fix spelling error in manpage (Dmitry Bogatov) * Build: Support pip from git (Darko Poljak, Ľubomír Kučera) + * Type __package_update_index: Add Alpine support (Ahmed Bilal Khalid) 6.0.2: 2019-10-17 * New types: __xymon_server, __xymon_apache, __xymon_config, __xymon_client (Thomas Eckert)