Merge branch 'master' into no-dot-cdist

docs/dev/logs/2014-09-10.preos-keys

@@ -0,0 +1,18 @@
+
+cdist preos keyramfs --keyfile --keyfile
+
+[17:51] freiheit:vcs% mkdir preos-keys
+[17:51] freiheit:vcs% mkdir -p preos-keys/root/.ssh 
+[17:56] freiheit:vcs% 
+
+chown root:root -R preos-keys/
+chmod 0600 preos-keys/root/.ssh/authorized_keys 
+
+chmod 0700 preos-keys/root/
+chmod 0700 preos-keys/root/.ssh/
+
+[18:20:17] freiheit:/home/users/nico/.ungleich/ungleich/vcs/preos-keys# find . | cpio -H newc -o | gzip -9 >  ../initramfs.cpio.gz
+4 blocks
+[18:21:08] freiheit:/home/users/nico/.ungleich/ungleich/vcs/preos-keys# 
+
+

docs/dev/logs/2014-11-11.discussion

@@ -0,0 +1,104 @@
+- logging/cache destination
+    local:
+        ~/.cdist/log/by-host/$__target/host/config/YYYY/MM/DD/hhmmss/
+        ~/.cdist/log/by-session/YYYY/MM/DD/hhmmss/$__target_host/
+            config/
+            install/
+            export/
+    remote:
+        /var/lib/cdist/YYYY-MM-DD-hhmmss-$sourcehost.$pid
+
+    rm old directories on remote side
+
+- support for tags
+    - for partial configuration
+    - supports also install
+    - on object definition, define
+        - a) don't care (i.e. no tags)
+        - b) require tag (only if this tag is setup)
+        - c) require not tag (only if this tag is *not* setup)
+        - d) what if both given (conflicting)
+    - names for parameters:
+        - cdist config / cdist type
+            --if-tag / --not-if-tag / --require-tag
+            --not-if-tag
+
+- logging
+    - command line
+    - stdin of cdist
+    - stdout/stderr/stdin of types
+        - new: stdout/stderr
+    - initial manifest
+        - if coming from stdin
+
+- logging configurable
+    - to be discussed
+
+- sudo remote
+    - cp to tmp & mv
+    - umask issue?
+
+- install
+    - via tagged types
+    - 
+
+- export
+    - one /export script per type
+    - exports of type running after object's code is done
+    - global export should also exist after everything
+    - PR & merge
+    - change DONE status to CODE_DONE
+    - introduce EXPORT_DONE
+
+
+- preos
+    - merge with debian support only
+    - we are open to support --os-type later
+
+- stackable remotes
+    - change API for remote_exec and remote_copy
+    - new minor version
+    - PR & merge
+
+- locking
+    - optional
+    - remote lock
+    - based on $(ls /var/lib/cdist/) > 0
+
+- ideas for parallelisation
+    - run explorer in parallel
+        - type
+        - object
+    - objects without dependencies can be run in parallel
+
+- connection test
+    - just implement
+
+- multi user environment
+    - not really needed [at the moment]
+    - can be implemented by 
+        - git branches
+        - setting the output dir
+
+- python2 support with __future__
+    - steven votes against it
+    - nico does not care too much to object
+
+
+- pull based
+    - sshd / stdin + stdout
+    - use Use ProxyCommand with stdin/stdout
+        - http://www.nico.schottelius.org/blog/openssh-6.2-add-callback-functionality-using-dynamic-remote-port-forwarding/
+
+    - cdist grant-pull-access <targethost>
+        - generate user
+        - ssh pubkeypair
+    - call wraper script on targethost
+        - it is shell!
+        - ssh cdistuser@controlhost 
+
+- config replay/redo/undo
+    - not now
+
+
+- have a new discussion about handling uris

docs/dev/logs/dependency-tree-with-fruits

@@ -0,0 +1,29 @@
+1. Manifests need type explorers to be run before
+    Only this way the manifest can use the values
+
+2. Type explorers can depend on the (successful) execution of other objects
+    A type explorer may lookup values (ownership, size, processes, etc.)
+    that are depending on the code of other objects.
+
+3. The 'require="a" b' dependency specifies only that execution of b needs to wait until a is finished
+    Other requirements given at another position may not be
+    executed before b, as cdist interprets require="a" as 
+    "a is everything that is needed to realise b"
+ 
+4. The 'require' state is thus *not* suitable to trigger reloads
+    A type b, which uses the require="" statement to wait for all
+    require="" dependencies, may be executed in an incomplete
+    status.
+
+5. Depending on multiple dependencies defined at different locations requires all objects to be present
+    Because otherwise the dependent object cannot be sure that the
+    list of objects it waits for is complete.
+
+6. If a statement requires all objects to be present, all manifests must have run already.
+    If all manifests have run already, also all type explorers have run already (#1).
+    If all type explorers have run already, some objects may have been finished completly already (#2).
+
+7. Because of #4 and #6, we need to introduce another dependency that allows reloading after
+
+8. Because the object could be finished already due to a 'require' dependency, we need another script
+    Maybe "gen-post-run-local", "gen-post-run-remote"

docs/dev/todo/TAKEME

@@ -5,10 +5,6 @@ Feel free to pick one!
 
 CORE
 ----
-- support default parameter
-- document and add paremeters for remote-copy and remote-exec!
-    - remove hack, make a feature of it
-
 - remove var=foo calls on remote side. Use -o SendEnv (yeah, see ssh_config(5))
 
 TESTS
@@ -23,9 +19,6 @@ TESTS
 
 USER INTERFACE
 --------------
-- How to cleanly implement "restart service if config file changed"
-    -> document
-
 - Cache
    - add example how to use 
    - export variable $__cache
@@ -45,7 +38,6 @@ TYPES
 - Add testing framework (proposed by Evax Software)
 - __user
    add option to include --create-home
-- Merge __addifnosuchline and __removeline into __line + --state present|absent
 - __cron: Support --file to be used instead of user cron (probably direct support
     of /etc/cron.d)