Dennis Camera
8ef19d47f6
[type/__pyvenv] Fix example (--user -> --owner)
2021-03-01 17:59:45 +01:00
Darko Poljak
5e0572189f
++changelog
2021-02-22 09:11:22 +01:00
b3a9c907ad
Merge branch '__letsencrypt_cert-fix-hooks' into 'master'
...
[__letsencrypt_cert] Fix various issues with hooks.
Closes #853
See merge request ungleich-public/cdist!977
2021-02-22 09:09:45 +01:00
e854db096e
Merge branch 'fix/type/__postgres_role/implement-alter' into 'master'
...
__postgres_role: implement modification of roles
See merge request ungleich-public/cdist!973
2021-02-22 08:58:58 +01:00
aa80c09c80
[__letsencrypt_cert] Move hook contents generation out of manifest
...
While there address some minor issues in the comments in the hook contents.
2021-02-10 10:10:21 +01:00
b832af5e3b
[__letsencrypt_cert] Don't mess with user script indentation
...
This could break in odd ways if they passed sth like:
cat <<eof
bla bla
eof
2021-02-09 20:53:58 +01:00
e49da474c4
[__letsencrypt_cert] Remove problematic trailing slash in sed.
...
Happy fingers are happy and like adding slashes places.
2021-02-09 20:29:17 +01:00
bc145bbc27
[__letsencrypt_cert] Fix various issues with hooks.
...
Closes #853 , see issue for full description / discussion.
Short summary:
- There was about 6.53% chances of `--renewal-hook` not being applied
- Using --automatic-renewal in one cert and not in another was an error.
- It was not possible to use different hooks for different certificates.
- FreeBSD support was utterly broken.
2021-02-09 19:58:47 +01:00
Darko Poljak
65a6a2ed52
++changelog
2021-02-08 08:28:31 +01:00
c8141d28c3
Merge branch 'fix/explorer/memory' into 'master'
...
explorer/memory: fix to return result in kiB for all systems and add support for Solaris
See merge request ungleich-public/cdist!967
2021-02-08 08:27:07 +01:00
cda17be38a
[explorer/memory] Clean up, return kiB for all systems, add SunOS
...
BSDs were MiB before.
2021-02-08 08:27:03 +01:00
Dennis Camera
35cde3e666
[type/__postgres_role] Fix state explorer when stored password is empty
2021-01-18 13:09:29 +01:00
Darko Poljak
92a50da487
Fix pycodestyle issues
2021-01-18 06:28:09 +01:00
Darko Poljak
6e9b13d949
++changelog
2021-01-18 06:22:32 +01:00
878a65a8b7
Merge branch 'fix/type/__sshd_config/error-on-invalid' into 'master'
...
sshd config: Produce error if invalid config is generated, fix processing of AuthenticationMethods and AuthorizedKeysFile, document explorer bug
See merge request ungleich-public/cdist!968
2021-01-18 06:22:02 +01:00
cce470b556
Merge branch 'bugfix/preos-debug' into 'master'
...
Fix debug parameter
Closes #849
See merge request ungleich-public/cdist!970
2021-01-18 06:17:36 +01:00
Dennis Camera
2954347771
[type/__postgres_role] Add note regarding empty passwords
2021-01-14 13:46:40 +01:00
Nico Schottelius
f0e1b3b849
Merge branch 'master' of code.ungleich.ch:ungleich-public/cdist
2021-01-11 22:20:50 +01:00
Darko Poljak
c819548343
Fix debug parameter
...
-d was removed from cdist in favor of mulitple -v and -l parameters, but
-d was not removed from preos.
Resolve #849 .
2021-01-11 09:51:52 +01:00
Dennis Camera
bd8ab8f26f
[type/__sshd_config] Document "bug" in state explorer
2021-01-05 17:02:42 +01:00
Dennis Camera
8753b7eedf
[type/__sshd_config] Make AuthenticationMethods and AuthorizedKeysFile singleton options
...
They were incorrectly treated as non-singleton options before.
cf. https://github.com/openssh/openssh-portable/blob/V_8_4/servconf.c#L2273
and https://github.com/openssh/openssh-portable/blob/V_8_4/servconf.c#L1899 resp.
2021-01-05 16:59:04 +01:00
Dennis Camera
766198912d
[type/__sshd_config] Produce error if invalid config file is generated
...
Previously, cdist would silently swallow the error (no invalid config file was
generated).
Reason: `set -e` does not exit if a command in a sub-command group fails,
it merely returns with a non-zero exit status.
e.g. the following snippet does not abort the script if sshd -t returns with a
non-zero exit status:
set -e
cmp -s old new || {
# check config file and update it
sshd -t -f new \
&& cat new >old
}
or compressed:
set -e
false || { false && true; }
echo $?
# prints 1
2021-01-05 15:50:21 +01:00
Darko Poljak
7cf85c4659
Release 6.9.4
2020-12-21 19:21:51 +01:00
Nico Schottelius
a10d43bc69
Merge branch 'master' of code.ungleich.ch:ungleich-public/cdist
2020-12-20 11:42:44 +01:00
Darko Poljak
4bae2863db
++changelog
2020-12-18 12:54:33 +01:00
3566901e1c
Merge branch '__dot_file-dirmode' into 'master'
...
Added optional dirmode parameter to set the mode of (optional) the directory.
See merge request ungleich-public/cdist!966
2020-12-18 12:50:30 +01:00
Mark Verboom
8dc2c4207c
Added optional dirmode parameter to set the mode of (optional) the directory.
2020-12-18 11:16:28 +01:00
Dennis Camera
99d82fd0d5
[type/__postgres_role] Always set psql -q
2020-12-17 17:05:58 +01:00
Dennis Camera
1180f13ed6
[type/__postgres_role] Fix setting password
...
We need to make sure that the password does not end up in ~/.psql_history.
2020-12-17 17:03:58 +01:00
Dennis Camera
4859c27900
[type/__postgres_role] Refactor gencode-remote
2020-12-17 16:57:43 +01:00
Dennis Camera
7b7ca4d385
[type/__postgres_role] Handle password changes
2020-12-16 19:07:05 +01:00
Dennis Camera
c36df82882
[type/__postgres_role] ALTER ROLE when parameters change
2020-12-15 21:11:48 +01:00
Dennis Camera
932e2496ed
[type/__postgres_role] Lint
2020-12-15 18:40:39 +01:00
Darko Poljak
71f2283117
++changelog
2020-12-13 16:03:39 +01:00
f87da8150c
Merge branch 'type/__debian_backports' into 'master'
...
__apt_backports type
See merge request ungleich-public/cdist!964
2020-12-13 16:03:31 +01:00
ae747ac021
Merge branch 'os_version-freebsd' into 'master'
...
[explorer/os_version] Improve FreeBSD support.
See merge request ungleich-public/cdist!965
2020-12-13 16:00:45 +01:00
27aca06fb8
__apt_backports: undo __apt_update_index call
...
Becuase it is already done by __apt_source.
2020-12-12 17:34:51 +01:00
fca35fc858
__apt_backports: fix explorer call
...
s/-/_/ because the explorers are following an other convention :-)
2020-12-12 17:29:58 +01:00
645734c629
[explorer/os_version] Improve FreeBSD support.
...
It looks like uname -r is not the most reliable way to get the target patch
level for the target system.
For more information see:
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=251743
2020-12-12 12:15:17 +01:00
fafa3d9ea5
__apt_backports: update index if required
...
This type now automatically calls the type __apt_update_index to update
the package index if something changed.
2020-12-12 10:00:23 +01:00
49aec0b5e4
__apt_backports: list supported OSes
...
The manpage now lists all OSes where this type supports backports.
2020-12-12 09:40:47 +01:00
c4d19a2319
__debian_backports -> __apt_backports; add wider os support
...
As discussed in the chat, this type now supports a broader list of OSes
which it supports backports for. Because of this, it was renamed to
something more generic. "apt" should fit in.
2020-12-12 09:36:17 +01:00
Nico Schottelius
69b8bc9af0
Merge branch 'master' of code.ungleich.ch:ungleich-public/cdist
2020-12-11 19:38:03 +01:00
Nico Schottelius
bc2948a8a5
++scan stuff
2020-12-11 19:37:53 +01:00
0d96b31b56
__debian_backports: pass shellcheck for sourced file
...
Because the sourced explorer can't be detected by shellcheck, it will be
completely disabled. Changing the path to /etc/os-release isn't
deterministic either.
The shellcheck wiki page suggests to use `source=/dev/null` instead of
`disable=SC1090`, but it was choosen to completely avoid that check ..
2020-12-11 18:13:44 +01:00
a5169ad858
new type __debian_backports
...
This new type will setup the backports distribution for the current
Debian release.
2020-12-10 21:24:26 +01:00
Darko Poljak
a58f5ffa7f
++changelog
2020-12-08 19:36:44 +01:00
0546d6e476
Merge branch 'fix/__block/escape' into 'master'
...
__block: fix escaping in here-doc
Closes #838
See merge request ungleich-public/cdist!962
2020-12-08 19:36:45 +01:00
Darko Poljak
14c81d6c7e
++changelog
2020-12-08 07:16:26 +01:00
a1987fe410
Merge branch 'feature/__iptables_rule/ipv6' into 'master'
...
__iptables*: add IPv6 support
See merge request ungleich-public/cdist!959
2020-12-08 07:10:29 +01:00
