forked from ungleich-public/cdist
Merge branch 'master' into feature_files_export
This commit is contained in:
commit
e3636e6ffc
475 changed files with 10788 additions and 3878 deletions
7
.gitignore
vendored
7
.gitignore
vendored
|
@ -8,8 +8,8 @@ docs/man/man7/*.7
|
|||
docs/man/man*/*.html
|
||||
docs/man/man*/*.xml
|
||||
docs/man/man*/docbook-xsl.css
|
||||
docs/man/man7/cdist-type__*.text
|
||||
docs/man/man7/cdist-reference.text
|
||||
docs/man/man7/cdist-type__*.rst
|
||||
docs/man/man7/cdist-reference.rst
|
||||
|
||||
# Ignore cdist cache for version control
|
||||
/cache/
|
||||
|
@ -20,6 +20,9 @@ MANIFEST
|
|||
dist/
|
||||
cdist/version.py
|
||||
|
||||
#sphinx build dir
|
||||
_build/
|
||||
|
||||
# Packaging: Archlinux
|
||||
/PKGBUILD
|
||||
/cdist-*.pkg.tar.xz
|
||||
|
|
1
.version
1
.version
|
@ -1 +0,0 @@
|
|||
2.1.0-pre1
|
92
Makefile
92
Makefile
|
@ -18,8 +18,6 @@
|
|||
#
|
||||
#
|
||||
|
||||
A2XM=a2x -f manpage --no-xmllint -a encoding=UTF-8
|
||||
A2XH=a2x -f xhtml --no-xmllint -a encoding=UTF-8
|
||||
helper=./bin/build-helper
|
||||
|
||||
MANDIR=docs/man
|
||||
|
@ -28,7 +26,7 @@ TYPEDIR=cdist/conf/type
|
|||
|
||||
WEBSRCDIR=docs/web
|
||||
|
||||
WEBDIR=$$HOME/www.nico.schottelius.org
|
||||
WEBDIR=$$HOME/vcs/www.nico.schottelius.org
|
||||
WEBBLOG=$(WEBDIR)/blog
|
||||
WEBBASE=$(WEBDIR)/software/cdist
|
||||
WEBPAGE=$(WEBBASE).mdwn
|
||||
|
@ -38,6 +36,8 @@ CHANGELOG_FILE=docs/changelog
|
|||
|
||||
PYTHON_VERSION=cdist/version.py
|
||||
|
||||
SPHINXM=make -C $(MANDIR) man
|
||||
SPHINXH=make -C $(MANDIR) html
|
||||
################################################################################
|
||||
# Manpages
|
||||
#
|
||||
|
@ -45,64 +45,48 @@ MAN1DSTDIR=$(MANDIR)/man1
|
|||
MAN7DSTDIR=$(MANDIR)/man7
|
||||
|
||||
# Manpages #1: Types
|
||||
# Use shell / ls to get complete list - $(TYPEDIR)/*/man.text does not work
|
||||
MANTYPESRC=$(shell ls $(TYPEDIR)/*/man.text)
|
||||
|
||||
# replace first path component
|
||||
# Use shell / ls to get complete list - $(TYPEDIR)/*/man.rst does not work
|
||||
MANTYPESRC=$(shell ls $(TYPEDIR)/*/man.rst)
|
||||
MANTYPEPREFIX=$(subst $(TYPEDIR)/,$(MAN7DSTDIR)/cdist-type,$(MANTYPESRC))
|
||||
MANTYPES=$(subst /man.rst,.rst,$(MANTYPEPREFIX))
|
||||
|
||||
# replace man.text with .7 or .html
|
||||
MANTYPEMAN=$(subst /man.text,.7,$(MANTYPEPREFIX))
|
||||
MANTYPEHTML=$(subst /man.text,.html,$(MANTYPEPREFIX))
|
||||
MANTYPEALL=$(MANTYPEMAN) $(MANTYPEHTML)
|
||||
|
||||
# Link manpage so A2XH does not create man.html but correct named file
|
||||
$(MAN7DSTDIR)/cdist-type%.text: $(TYPEDIR)/%/man.text
|
||||
# Link manpage: do not create man.html but correct named file
|
||||
$(MAN7DSTDIR)/cdist-type%.rst: $(TYPEDIR)/%/man.rst
|
||||
ln -sf "../../../$^" $@
|
||||
|
||||
# Manpages #2: reference
|
||||
MANREF=$(MAN7DSTDIR)/cdist-reference.text
|
||||
MANREFSH=$(MANDIR)/cdist-reference.text.sh
|
||||
MANREFMAN=$(MANREF:.text=.7)
|
||||
MANREFHTML=$(MANREF:.text=.html)
|
||||
MANREFALL=$(MANREFMAN) $(MANREFHTML)
|
||||
MANREF=$(MAN7DSTDIR)/cdist-reference.rst
|
||||
MANREFSH=$(MANDIR)/cdist-reference.rst.sh
|
||||
|
||||
$(MANREF): $(MANREFSH)
|
||||
$(MANREFSH)
|
||||
|
||||
# Manpages #3: static pages
|
||||
MAN1STATIC=$(shell ls $(MAN1DSTDIR)/*.text)
|
||||
MAN7STATIC=$(shell ls $(MAN7DSTDIR)/*.text)
|
||||
MANSTATICMAN=$(MAN1STATIC:.text=.1) $(MAN7STATIC:.text=.7)
|
||||
MANSTATICHTML=$(MAN1STATIC:.text=.html) $(MAN7STATIC:.text=.html)
|
||||
MANSTATICALL=$(MANSTATICMAN) $(MANSTATICHTML)
|
||||
# Manpages #3: generic part
|
||||
mansphinxman: $(MANTYPES) $(MANREF)
|
||||
$(SPHINXM)
|
||||
|
||||
# Manpages #4: generic part
|
||||
mansphinxhtml: $(MANTYPES) $(MANREF)
|
||||
$(SPHINXH)
|
||||
|
||||
# Creating the type manpage
|
||||
%.1 %.7: %.text
|
||||
$(A2XM) $^
|
||||
|
||||
# Creating the type html page
|
||||
%.html: %.text
|
||||
$(A2XH) $^
|
||||
|
||||
man: $(MANTYPEALL) $(MANREFALL) $(MANSTATICALL)
|
||||
man: mansphinxman mansphinxhtml
|
||||
|
||||
# Manpages #5: release part
|
||||
MANWEBDIR=$(WEBBASE)/man/$(CHANGELOG_VERSION)
|
||||
MANBUILDDIR=$(MANDIR)/_build/html
|
||||
|
||||
man-dist: man check-date
|
||||
man-dist: man
|
||||
rm -rf "${MANWEBDIR}"
|
||||
mkdir -p "${MANWEBDIR}/man1" "${MANWEBDIR}/man7"
|
||||
cp ${MAN1DSTDIR}/*.html ${MAN1DSTDIR}/*.css ${MANWEBDIR}/man1
|
||||
cp ${MAN7DSTDIR}/*.html ${MAN7DSTDIR}/*.css ${MANWEBDIR}/man7
|
||||
mkdir -p "${MANWEBDIR}"
|
||||
# mkdir -p "${MANWEBDIR}/man1" "${MANWEBDIR}/man7"
|
||||
# cp ${MAN1DSTDIR}/*.html ${MAN1DSTDIR}/*.css ${MANWEBDIR}/man1
|
||||
# cp ${MAN7DSTDIR}/*.html ${MAN7DSTDIR}/*.css ${MANWEBDIR}/man7
|
||||
cp -R ${MANBUILDDIR}/* ${MANWEBDIR}
|
||||
cd ${MANWEBDIR} && git add . && git commit -m "cdist manpages update: $(CHANGELOG_VERSION)" || true
|
||||
|
||||
man-latest-link: web-pub
|
||||
# Fix ikiwiki, which does not like symlinks for pseudo security
|
||||
ssh tee.schottelius.org \
|
||||
"cd /home/services/www/nico/www.nico.schottelius.org/www/software/cdist/man && rm -f latest && ln -sf "$(CHANGELOG_VERSION)" latest"
|
||||
ssh staticweb.ungleich.ch \
|
||||
"cd /home/services/www/nico/nico.schottelius.org/www/software/cdist/man/ && rm -f latest && ln -sf "$(CHANGELOG_VERSION)" latest"
|
||||
|
||||
################################################################################
|
||||
# Speeches
|
||||
|
@ -162,17 +146,6 @@ $(ML_FILE): $(CHANGELOG_FILE)
|
|||
ml-release: $(ML_FILE)
|
||||
|
||||
|
||||
################################################################################
|
||||
# Release: Freecode
|
||||
#
|
||||
FREECODE_FILE=.lock-freecode
|
||||
|
||||
$(FREECODE_FILE): $(CHANGELOG_FILE)
|
||||
$(helper) freecode-release $(CHANGELOG_VERSION)
|
||||
touch $@
|
||||
|
||||
freecode-release: $(FREECODE_FILE)
|
||||
|
||||
################################################################################
|
||||
# pypi
|
||||
#
|
||||
|
@ -189,7 +162,7 @@ ARCHLINUX_FILE=.lock-archlinux
|
|||
ARCHLINUXTAR=cdist-$(CHANGELOG_VERSION)-1.src.tar.gz
|
||||
|
||||
$(ARCHLINUXTAR): PKGBUILD
|
||||
makepkg -c --source
|
||||
umask 022; mkaurball
|
||||
|
||||
PKGBUILD: PKGBUILD.in $(PYTHON_VERSION)
|
||||
./PKGBUILD.in $(CHANGELOG_VERSION)
|
||||
|
@ -219,15 +192,13 @@ release:
|
|||
#
|
||||
|
||||
clean:
|
||||
rm -f $(MAN7DSTDIR)/cdist-reference.text
|
||||
rm -f $(MAN7DSTDIR)/cdist-reference.rst
|
||||
|
||||
find "$(MANDIR)" -mindepth 2 -type l \
|
||||
-o -name "*.1" \
|
||||
-o -name "*.7" \
|
||||
-o -name "*.html" \
|
||||
-o -name "*.xml" \
|
||||
| xargs rm -f
|
||||
|
||||
make -C $(MANDIR) clean
|
||||
|
||||
find * -name __pycache__ | xargs rm -rf
|
||||
|
||||
# Archlinux
|
||||
|
@ -246,10 +217,7 @@ distclean: clean
|
|||
|
||||
# The pub is Nico's "push to all git remotes" way ("make pub")
|
||||
pub:
|
||||
for remote in "" github sf; do \
|
||||
echo "Pushing to $$remote"; \
|
||||
git push --mirror $$remote; \
|
||||
done
|
||||
git push --mirror
|
||||
|
||||
test:
|
||||
$(helper) $@
|
||||
|
|
|
@ -17,7 +17,13 @@ source=("http://pypi.python.org/packages/source/c/cdist/cdist-\${pkgver}.tar.gz"
|
|||
package() {
|
||||
cd cdist-\${pkgver}
|
||||
python3 setup.py build install --root="\${pkgdir}"
|
||||
find "\$pkgdir" -type d -exec chmod 0755 {} \;
|
||||
find "\$pkgdir" -type f -exec chmod a+r {} \;
|
||||
}
|
||||
eof
|
||||
|
||||
makepkg -g >> "${outfile}"
|
||||
|
||||
# Fix this issue:
|
||||
# error: failed to upload cdist-3.1.6-1.src.tar.gz: Error - all files must have permissions of 644 or 755.
|
||||
chmod a+r "${outfile}"
|
||||
|
|
|
@ -104,6 +104,11 @@ eof
|
|||
;;
|
||||
|
||||
ml-release)
|
||||
if [ $# -ne 1 ]; then
|
||||
echo "$0 ml-release version" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
version=$1; shift
|
||||
|
||||
to_a=cdist
|
||||
|
@ -140,39 +145,6 @@ eof
|
|||
;;
|
||||
|
||||
|
||||
freecode-release)
|
||||
version=$1; shift
|
||||
api_token=$(awk '/machine freecode login/ { print $8 }' ~/.netrc)
|
||||
|
||||
printf "Enter tag list for freecode release %s> " "$version"
|
||||
read taglist
|
||||
|
||||
printf "Enter changelog for freecode release %s> " "$version"
|
||||
read changelog
|
||||
|
||||
echo "Submit preview"
|
||||
cat << eof
|
||||
tag_list = $taglist
|
||||
changelog = $changelog
|
||||
version = $version
|
||||
eof
|
||||
printf "Press enter to submit to freecode> "
|
||||
read dummy
|
||||
|
||||
cat << eof | cfreecode-api release-add cdist
|
||||
{
|
||||
"auth_code": "$api_token",
|
||||
"release": {
|
||||
"tag_list": "$taglist",
|
||||
"version": "$version",
|
||||
"changelog": "$changelog",
|
||||
"hidden_from_frontpage": false
|
||||
}
|
||||
}
|
||||
eof
|
||||
|
||||
;;
|
||||
|
||||
release-git-tag)
|
||||
target_version=$($0 changelog-version)
|
||||
if git rev-parse --verify refs/tags/$target_version 2>/dev/null; then
|
||||
|
@ -271,9 +243,6 @@ eof
|
|||
# Archlinux release is based on pypi
|
||||
make archlinux-release
|
||||
|
||||
# Announce change on Freecode
|
||||
make freecode-release
|
||||
|
||||
# Announce change on ML
|
||||
make ml-release
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
# -*- coding: utf-8 -*-
|
||||
#
|
||||
# 2010-2012 Nico Schottelius (nico-cdist at schottelius.org)
|
||||
# 2010-2015 Nico Schottelius (nico-cdist at schottelius.org)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
|
@ -41,8 +41,6 @@ BANNER = """
|
|||
"P' "" ""
|
||||
"""
|
||||
|
||||
DOT_CDIST = ".cdist"
|
||||
|
||||
REMOTE_COPY = "scp -o User=root -q"
|
||||
REMOTE_EXEC = "ssh -o User=root -q"
|
||||
|
||||
|
|
|
@ -22,10 +22,19 @@
|
|||
|
||||
# FIXME: other system types (not linux ...)
|
||||
|
||||
if [ -r /proc/cpuinfo ]; then
|
||||
cores="$(cat /proc/cpuinfo | grep "core id" | sort | uniq | wc -l)"
|
||||
os=$("$__explorer/os")
|
||||
case "$os" in
|
||||
"macosx")
|
||||
echo "$(sysctl -n hw.physicalcpu)"
|
||||
;;
|
||||
|
||||
*)
|
||||
if [ -r /proc/cpuinfo ]; then
|
||||
cores="$(grep "core id" /proc/cpuinfo | sort | uniq | wc -l)"
|
||||
if [ ${cores} -eq 0 ]; then
|
||||
cores="1"
|
||||
fi
|
||||
echo "${cores}"
|
||||
fi
|
||||
echo "$cores"
|
||||
fi
|
||||
;;
|
||||
esac
|
||||
|
|
|
@ -22,10 +22,19 @@
|
|||
|
||||
# FIXME: other system types (not linux ...)
|
||||
|
||||
if [ -r /proc/cpuinfo ]; then
|
||||
sockets="$(cat /proc/cpuinfo | grep "physical id" | sort | uniq | wc -l)"
|
||||
os=$("$__explorer/os")
|
||||
case "$os" in
|
||||
"macosx")
|
||||
echo "$(system_profiler SPHardwareDataType | grep "Number of Processors" | awk -F': ' '{print $2}')"
|
||||
;;
|
||||
|
||||
*)
|
||||
if [ -r /proc/cpuinfo ]; then
|
||||
sockets="$(grep "physical id" /proc/cpuinfo | sort | uniq | wc -l)"
|
||||
if [ ${sockets} -eq 0 ]; then
|
||||
sockets="$(cat /proc/cpuinfo | grep "processor" | wc -l)"
|
||||
fi
|
||||
echo "${sockets}"
|
||||
fi
|
||||
fi
|
||||
;;
|
||||
esac
|
||||
|
|
35
cdist/conf/explorer/init
Executable file
35
cdist/conf/explorer/init
Executable file
|
@ -0,0 +1,35 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# 2016 Daniel Heule (hda at sfs.biz)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
#
|
||||
# Returns the process name of pid 1 ( normaly the init system )
|
||||
# for example at linux this value is "init" or "systemd" in most cases
|
||||
#
|
||||
|
||||
uname_s="$(uname -s)"
|
||||
|
||||
case "$uname_s" in
|
||||
Linux|FreeBSD)
|
||||
ps -o comm= -p 1 || true
|
||||
;;
|
||||
*)
|
||||
# return a empty string as unknown value
|
||||
echo ""
|
||||
;;
|
||||
esac
|
|
@ -24,12 +24,12 @@
|
|||
#
|
||||
|
||||
# Use ip, if available
|
||||
if command -v ip; then
|
||||
if command -v ip >/dev/null; then
|
||||
ip -o link show | sed -n 's/^[0-9]\+: \(.\+\): <.*/\1/p'
|
||||
exit 0
|
||||
fi
|
||||
|
||||
if ! command -v ifconfig; then
|
||||
if ! command -v ifconfig >/dev/null; then
|
||||
# no ifconfig, nothing we could do
|
||||
exit 0
|
||||
fi
|
||||
|
|
|
@ -22,6 +22,15 @@
|
|||
|
||||
# FIXME: other system types (not linux ...)
|
||||
|
||||
if [ -r /proc/meminfo ]; then
|
||||
echo "$(cat /proc/meminfo | grep "MemTotal:" | awk '{print $2}')"
|
||||
fi
|
||||
os=$("$__explorer/os")
|
||||
case "$os" in
|
||||
"macosx")
|
||||
echo "$(sysctl -n hw.memsize)/1024" | bc
|
||||
;;
|
||||
|
||||
*)
|
||||
if [ -r /proc/meminfo ]; then
|
||||
grep "MemTotal:" /proc/meminfo | awk '{print $2}'
|
||||
fi
|
||||
;;
|
||||
esac
|
||||
|
|
|
@ -49,6 +49,11 @@ if [ -f /etc/debian_version ]; then
|
|||
echo debian
|
||||
exit 0
|
||||
fi
|
||||
|
||||
if [ -f /etc/devuan_version ]; then
|
||||
echo devuan
|
||||
exit 0
|
||||
fi
|
||||
###
|
||||
|
||||
if [ -f /etc/gentoo-release ]; then
|
||||
|
@ -77,6 +82,11 @@ if grep -q ^Fedora /etc/redhat-release 2>/dev/null; then
|
|||
exit 0
|
||||
fi
|
||||
|
||||
if grep -q ^Mitel /etc/redhat-release 2>/dev/null; then
|
||||
echo mitel
|
||||
exit 0
|
||||
fi
|
||||
|
||||
if [ -f /etc/redhat-release ]; then
|
||||
echo redhat
|
||||
exit 0
|
||||
|
|
|
@ -33,6 +33,9 @@ case "$($__explorer/os)" in
|
|||
debian)
|
||||
cat /etc/debian_version
|
||||
;;
|
||||
devuan)
|
||||
cat /etc/devuan_version
|
||||
;;
|
||||
fedora)
|
||||
cat /etc/fedora-release
|
||||
;;
|
||||
|
@ -51,7 +54,7 @@ case "$($__explorer/os)" in
|
|||
owl)
|
||||
cat /etc/owl-release
|
||||
;;
|
||||
redhat|centos)
|
||||
redhat|centos|mitel)
|
||||
cat /etc/redhat-release
|
||||
;;
|
||||
slackware)
|
||||
|
|
|
@ -1,13 +1,10 @@
|
|||
cdist-type__apt_key(7)
|
||||
======================
|
||||
Manage the list of keys used by apt
|
||||
|
||||
Steven Armstrong <steven-cdist--@--armstrong.cc>
|
||||
|
||||
|
||||
NAME
|
||||
----
|
||||
cdist-type__apt_key - manage the list of keys used by apt
|
||||
|
||||
|
||||
DESCRIPTION
|
||||
-----------
|
||||
Manages the list of keys used by apt to authenticate packages.
|
||||
|
@ -20,13 +17,13 @@ None.
|
|||
|
||||
OPTIONAL PARAMETERS
|
||||
-------------------
|
||||
state::
|
||||
state
|
||||
'present' or 'absent'. Defaults to 'present'
|
||||
|
||||
keyid::
|
||||
keyid
|
||||
the id of the key to add. Defaults to __object_id
|
||||
|
||||
keyserver::
|
||||
keyserver
|
||||
the keyserver from which to fetch the key. If omitted the default set in
|
||||
./parameter/default/keyserver is used.
|
||||
|
||||
|
@ -34,25 +31,25 @@ keyserver::
|
|||
EXAMPLES
|
||||
--------
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
# Add Ubuntu Archive Automatic Signing Key
|
||||
__apt_key 437D05B5
|
||||
# Same thing
|
||||
__apt_key 437D05B5 --state present
|
||||
# Get rid of it
|
||||
__apt_key 437D05B5 --state absent
|
||||
.. code-block:: sh
|
||||
|
||||
# same thing with human readable name and explicit keyid
|
||||
__apt_key UbuntuArchiveKey --keyid 437D05B5
|
||||
# Add Ubuntu Archive Automatic Signing Key
|
||||
__apt_key 437D05B5
|
||||
# Same thing
|
||||
__apt_key 437D05B5 --state present
|
||||
# Get rid of it
|
||||
__apt_key 437D05B5 --state absent
|
||||
|
||||
# same thing with other keyserver
|
||||
__apt_key UbuntuArchiveKey --keyid 437D05B5 --keyserver keyserver.ubuntu.com
|
||||
--------------------------------------------------------------------------------
|
||||
# same thing with human readable name and explicit keyid
|
||||
__apt_key UbuntuArchiveKey --keyid 437D05B5
|
||||
|
||||
# same thing with other keyserver
|
||||
__apt_key UbuntuArchiveKey --keyid 437D05B5 --keyserver keyserver.ubuntu.com
|
||||
|
||||
|
||||
SEE ALSO
|
||||
--------
|
||||
- cdist-type(7)
|
||||
- `cdist-type(7) <cdist-type.html>`_
|
||||
|
||||
|
||||
COPYING
|
|
@ -1 +1 @@
|
|||
subkeys.pgp.net
|
||||
pool.sks-keyservers.net
|
||||
|
|
|
@ -1,13 +1,10 @@
|
|||
cdist-type__apt_key_uri(7)
|
||||
==========================
|
||||
Add apt key from uri
|
||||
|
||||
Steven Armstrong <steven-cdist--@--armstrong.cc>
|
||||
|
||||
|
||||
NAME
|
||||
----
|
||||
cdist-type__apt_key_uri - add apt key from uri
|
||||
|
||||
|
||||
DESCRIPTION
|
||||
-----------
|
||||
Download a key from an uri and add it to the apt keyring.
|
||||
|
@ -15,16 +12,16 @@ Download a key from an uri and add it to the apt keyring.
|
|||
|
||||
REQUIRED PARAMETERS
|
||||
-------------------
|
||||
uri::
|
||||
uri
|
||||
the uri from which to download the key
|
||||
|
||||
|
||||
OPTIONAL PARAMETERS
|
||||
-------------------
|
||||
state::
|
||||
state
|
||||
'present' or 'absent', defaults to 'present'
|
||||
|
||||
name::
|
||||
name
|
||||
a name for this key, used when testing if it is already installed.
|
||||
Defaults to __object_id
|
||||
|
||||
|
@ -32,17 +29,17 @@ name::
|
|||
EXAMPLES
|
||||
--------
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
__apt_key_uri rabbitmq \
|
||||
.. code-block:: sh
|
||||
|
||||
__apt_key_uri rabbitmq \
|
||||
--name 'RabbitMQ Release Signing Key <info@rabbitmq.com>' \
|
||||
--uri http://www.rabbitmq.com/rabbitmq-signing-key-public.asc \
|
||||
--state present
|
||||
--------------------------------------------------------------------------------
|
||||
|
||||
|
||||
SEE ALSO
|
||||
--------
|
||||
- cdist-type(7)
|
||||
- `cdist-type(7) <cdist-type.html>`_
|
||||
|
||||
|
||||
COPYING
|
|
@ -1,13 +1,10 @@
|
|||
cdist-type__apt_norecommends(7)
|
||||
===============================
|
||||
Configure apt to not install recommended packages
|
||||
|
||||
Steven Armstrong <steven-cdist--@--armstrong.cc>
|
||||
|
||||
|
||||
NAME
|
||||
----
|
||||
cdist-type__apt_norecommends - configure apt to not install recommended packages
|
||||
|
||||
|
||||
DESCRIPTION
|
||||
-----------
|
||||
Configure apt to not install any recommended or suggested packages.
|
||||
|
@ -26,14 +23,14 @@ None.
|
|||
EXAMPLES
|
||||
--------
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
__apt_norecommends
|
||||
--------------------------------------------------------------------------------
|
||||
.. code-block:: sh
|
||||
|
||||
__apt_norecommends
|
||||
|
||||
|
||||
SEE ALSO
|
||||
--------
|
||||
- cdist-type(7)
|
||||
- `cdist-type(7) <cdist-type.html>`_
|
||||
|
||||
|
||||
COPYING
|
|
@ -22,7 +22,7 @@
|
|||
os=$(cat "$__global/explorer/os")
|
||||
|
||||
case "$os" in
|
||||
ubuntu|debian)
|
||||
ubuntu|debian|devuan)
|
||||
# No stinking recommends thank you very much.
|
||||
# If I want something installed I will do so myself.
|
||||
__file /etc/apt/apt.conf.d/99-no-recommends \
|
||||
|
@ -30,6 +30,8 @@ case "$os" in
|
|||
--source - << DONE
|
||||
APT::Install-Recommends "0";
|
||||
APT::Install-Suggests "0";
|
||||
APT::AutoRemove::RecommendsImportant "0";
|
||||
APT::AutoRemove::SuggestsImportant "0";
|
||||
DONE
|
||||
;;
|
||||
*)
|
||||
|
|
|
@ -1,13 +1,10 @@
|
|||
cdist-type__apt_ppa(7)
|
||||
======================
|
||||
Manage ppa repositories
|
||||
|
||||
Steven Armstrong <steven-cdist--@--armstrong.cc>
|
||||
|
||||
|
||||
NAME
|
||||
----
|
||||
cdist-type__apt_ppa - Manage ppa repositories
|
||||
|
||||
|
||||
DESCRIPTION
|
||||
-----------
|
||||
This cdist type allows manage ubuntu ppa repositories.
|
||||
|
@ -15,7 +12,7 @@ This cdist type allows manage ubuntu ppa repositories.
|
|||
|
||||
REQUIRED PARAMETERS
|
||||
-------------------
|
||||
state::
|
||||
state
|
||||
The state the ppa should be in, either 'present' or 'absent'.
|
||||
Defaults to 'present'
|
||||
|
||||
|
@ -28,20 +25,20 @@ None.
|
|||
EXAMPLES
|
||||
--------
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
# Enable a ppa repository
|
||||
__apt_ppa ppa:sans-intern/missing-bits
|
||||
# same as
|
||||
__apt_ppa ppa:sans-intern/missing-bits --state present
|
||||
.. code-block:: sh
|
||||
|
||||
# Disable a ppa repository
|
||||
__apt_ppa ppa:sans-intern/missing-bits --state absent
|
||||
--------------------------------------------------------------------------------
|
||||
# Enable a ppa repository
|
||||
__apt_ppa ppa:sans-intern/missing-bits
|
||||
# same as
|
||||
__apt_ppa ppa:sans-intern/missing-bits --state present
|
||||
|
||||
# Disable a ppa repository
|
||||
__apt_ppa ppa:sans-intern/missing-bits --state absent
|
||||
|
||||
|
||||
SEE ALSO
|
||||
--------
|
||||
- cdist-type(7)
|
||||
- `cdist-type(7) <cdist-type.html>`_
|
||||
|
||||
|
||||
COPYING
|
|
@ -1,6 +1,6 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# 2011-2014 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||
# 2011-2016 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
|
@ -21,9 +21,8 @@
|
|||
name="$__object_id"
|
||||
|
||||
__package software-properties-common
|
||||
__package python-software-properties
|
||||
|
||||
require="__package/software-properties-common __package/python-software-properties" \
|
||||
require="__package/software-properties-common" \
|
||||
__file /usr/local/bin/remove-apt-repository \
|
||||
--source "$__type/files/remove-apt-repository" \
|
||||
--mode 0755
|
||||
|
|
|
@ -1,13 +1,10 @@
|
|||
cdist-type__apt_source(7)
|
||||
=========================
|
||||
Manage apt sources
|
||||
|
||||
Steven Armstrong <steven-cdist--@--armstrong.cc>
|
||||
|
||||
|
||||
NAME
|
||||
----
|
||||
cdist-type__apt_source - manage apt sources
|
||||
|
||||
|
||||
DESCRIPTION
|
||||
-----------
|
||||
This cdist type allows you to manage apt sources.
|
||||
|
@ -15,52 +12,52 @@ This cdist type allows you to manage apt sources.
|
|||
|
||||
REQUIRED PARAMETERS
|
||||
-------------------
|
||||
uri::
|
||||
uri
|
||||
the uri to the apt repository
|
||||
|
||||
|
||||
OPTIONAL PARAMETERS
|
||||
-------------------
|
||||
arch::
|
||||
arch
|
||||
set this if you need to force and specific arch (ubuntu specific)
|
||||
|
||||
state::
|
||||
state
|
||||
'present' or 'absent', defaults to 'present'
|
||||
|
||||
distribution::
|
||||
distribution
|
||||
the distribution codename to use. Defaults to DISTRIB_CODENAME from
|
||||
the targets /etc/lsb-release
|
||||
|
||||
component::
|
||||
component
|
||||
space delimited list of components to enable. Defaults to an empty string.
|
||||
|
||||
|
||||
BOOLEAN PARAMETERS
|
||||
------------------
|
||||
include-src::
|
||||
include-src
|
||||
include deb-src entries
|
||||
|
||||
|
||||
EXAMPLES
|
||||
--------
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
__apt_source rabbitmq \
|
||||
.. code-block:: sh
|
||||
|
||||
__apt_source rabbitmq \
|
||||
--uri http://www.rabbitmq.com/debian/ \
|
||||
--distribution testing \
|
||||
--component main \
|
||||
--include-src \
|
||||
--state present
|
||||
|
||||
__apt_source canonical_partner \
|
||||
__apt_source canonical_partner \
|
||||
--uri http://archive.canonical.com/ \
|
||||
--component partner --state present
|
||||
--------------------------------------------------------------------------------
|
||||
|
||||
|
||||
SEE ALSO
|
||||
--------
|
||||
- cdist-type(7)
|
||||
- `cdist-type(7) <cdist-type.html>`_
|
||||
|
||||
|
||||
COPYING
|
|
@ -27,11 +27,9 @@ if [ -f "$__object/parameter/distribution" ]; then
|
|||
else
|
||||
distribution="$(cat "$__global/explorer/lsb_codename")"
|
||||
fi
|
||||
if [ -f "$__object/parameter/component" ]; then
|
||||
component="$(cat "$__object/parameter/component")"
|
||||
else
|
||||
component=""
|
||||
fi
|
||||
|
||||
component="$(cat "$__object/parameter/component")"
|
||||
|
||||
if [ -f "$__object/parameter/arch" ]; then
|
||||
forcedarch="[arch=$(cat "$__object/parameter/arch")]"
|
||||
else
|
||||
|
|
|
@ -1,13 +1,10 @@
|
|||
cdist-type__apt_update_index(7)
|
||||
===============================
|
||||
Update apt's package index
|
||||
|
||||
Steven Armstrong <steven-cdist--@--armstrong.cc>
|
||||
|
||||
|
||||
NAME
|
||||
----
|
||||
cdist-type__apt_update_index - update apt's package index
|
||||
|
||||
|
||||
DESCRIPTION
|
||||
-----------
|
||||
This cdist type runs apt-get update whenever any apt sources have changed.
|
||||
|
@ -25,14 +22,14 @@ None.
|
|||
EXAMPLES
|
||||
--------
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
__apt_update_index
|
||||
--------------------------------------------------------------------------------
|
||||
.. code-block:: sh
|
||||
|
||||
__apt_update_index
|
||||
|
||||
|
||||
SEE ALSO
|
||||
--------
|
||||
- cdist-type(7)
|
||||
- `cdist-type(7) <cdist-type.html>`_
|
||||
|
||||
|
||||
COPYING
|
|
@ -1,5 +1,24 @@
|
|||
#!/bin/sh
|
||||
# 2013 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||
#
|
||||
# 2013 Steven Armstrong (steven-cdist armstrong.cc)
|
||||
# 2014 Nico Schottelius (nico-cdist at schottelius.org)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
|
||||
file="$(cat "$__object/parameter/file" 2>/dev/null || echo "/$__object_id")"
|
||||
|
||||
|
@ -8,12 +27,12 @@ file="$(cat "$__object/parameter/file" 2>/dev/null || echo "/$__object_id")"
|
|||
|
||||
prefix=$(cat "$__object/parameter/prefix" 2>/dev/null || echo "#cdist:__block/$__object_id")
|
||||
suffix=$(cat "$__object/parameter/suffix" 2>/dev/null || echo "#/cdist:__block/$__object_id")
|
||||
awk -v prefix="$prefix" -v suffix="$suffix" '{
|
||||
if (index($0,prefix)) {
|
||||
awk -v prefix="^$prefix\$" -v suffix="^$suffix\$" '{
|
||||
if (match($0,prefix)) {
|
||||
triggered=1
|
||||
}
|
||||
if (triggered) {
|
||||
if (index($0,suffix)) {
|
||||
if (match($0,suffix)) {
|
||||
triggered=0
|
||||
}
|
||||
print
|
||||
|
|
|
@ -46,13 +46,13 @@ tmpfile=\$(mktemp ${file}.cdist.XXXXXXXXXX)
|
|||
if [ -f "$file" ]; then
|
||||
cp -p "$file" "\$tmpfile"
|
||||
fi
|
||||
awk -v prefix="$prefix" -v suffix="$suffix" '
|
||||
awk -v prefix="^$prefix\$" -v suffix="^$suffix\$" '
|
||||
{
|
||||
if (index(\$0,prefix)) {
|
||||
if (match(\$0,prefix)) {
|
||||
triggered=1
|
||||
}
|
||||
if (triggered) {
|
||||
if (index(\$0,suffix)) {
|
||||
if (match(\$0,suffix)) {
|
||||
triggered=0
|
||||
}
|
||||
} else {
|
||||
|
|
|
@ -1,13 +1,10 @@
|
|||
cdist-type__block(7)
|
||||
====================
|
||||
Manage blocks of text in files
|
||||
|
||||
Steven Armstrong <steven-cdist--@--armstrong.cc>
|
||||
|
||||
|
||||
NAME
|
||||
----
|
||||
cdist-type__block - Manage blocks of text in files
|
||||
|
||||
|
||||
DESCRIPTION
|
||||
-----------
|
||||
Manage a block of text in an existing file.
|
||||
|
@ -18,62 +15,62 @@ of text.
|
|||
|
||||
REQUIRED PARAMETERS
|
||||
-------------------
|
||||
text::
|
||||
text
|
||||
the text to manage.
|
||||
If text is '-' (dash), take what was written to stdin as the text.
|
||||
|
||||
|
||||
OPTIONAL PARAMETERS
|
||||
-------------------
|
||||
file::
|
||||
file
|
||||
the file in which to manage the text block.
|
||||
Defaults to object_id.
|
||||
|
||||
prefix::
|
||||
prefix
|
||||
the prefix to add before the text.
|
||||
Defaults to #cdist:__block/$__object_id
|
||||
|
||||
suffix::
|
||||
the prefix to add after the text.
|
||||
suffix
|
||||
the suffix to add after the text.
|
||||
Defaults to #/cdist:__block/$__object_id
|
||||
|
||||
state::
|
||||
state
|
||||
'present' or 'absent', defaults to 'present'
|
||||
|
||||
|
||||
MESSAGES
|
||||
--------
|
||||
add::
|
||||
add
|
||||
block was added
|
||||
update::
|
||||
update
|
||||
block was updated/changed
|
||||
remove::
|
||||
remove
|
||||
block was removed
|
||||
|
||||
|
||||
EXAMPLES
|
||||
--------
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
# text from argument
|
||||
__block /path/to/file \
|
||||
.. code-block:: sh
|
||||
|
||||
# text from argument
|
||||
__block /path/to/file \
|
||||
--prefix '#start' \
|
||||
--suffix '#end' \
|
||||
--text 'some\nblock of\ntext'
|
||||
|
||||
# text from stdin
|
||||
__block some-id \
|
||||
# text from stdin
|
||||
__block some-id \
|
||||
--file /path/to/file \
|
||||
--text - << DONE
|
||||
here some block
|
||||
of text
|
||||
DONE
|
||||
--------------------------------------------------------------------------------
|
||||
here some block
|
||||
of text
|
||||
DONE
|
||||
|
||||
|
||||
SEE ALSO
|
||||
--------
|
||||
- cdist-type(7)
|
||||
- `cdist-type(7) <cdist-type.html>`_
|
||||
|
||||
|
||||
COPYING
|
|
@ -31,6 +31,6 @@ echo "$prefix" > "$block"
|
|||
if [ "$text" = "-" ]; then
|
||||
cat "$__object/stdin" >> "$block"
|
||||
else
|
||||
cat "$text" >> "$block"
|
||||
echo "$text" >> "$block"
|
||||
fi
|
||||
echo "$suffix" >> "$block"
|
||||
|
|
|
@ -25,7 +25,7 @@ destination="/$__object_id"
|
|||
|
||||
os=$("$__explorer/os")
|
||||
case "$os" in
|
||||
"freebsd")
|
||||
"freebsd"|"netbsd"|"openbsd")
|
||||
# FIXME: should be something like this based on man page, but can not test
|
||||
stat -f "type: %ST
|
||||
owner: %Du %Su
|
||||
|
@ -34,6 +34,15 @@ mode: %Op %Sp
|
|||
size: %Dz
|
||||
links: %Dl
|
||||
" "$destination"
|
||||
;;
|
||||
"macosx")
|
||||
stat -f "type: %HT
|
||||
owner: %Du %Su
|
||||
group: %Dg %Sg
|
||||
mode: %Lp %Sp
|
||||
size: %Dz
|
||||
links: %Dl
|
||||
" "$destination"
|
||||
;;
|
||||
*)
|
||||
stat --printf="type: %F
|
||||
|
|
|
@ -1,59 +1,58 @@
|
|||
cdist-type__ccollect_source(7)
|
||||
==============================
|
||||
Manage ccollect sources
|
||||
|
||||
Nico Schottelius <nico-cdist--@--schottelius.org>
|
||||
|
||||
|
||||
NAME
|
||||
----
|
||||
cdist-type__ccollect_source - Manage ccollect sources
|
||||
|
||||
|
||||
DESCRIPTION
|
||||
-----------
|
||||
This cdist type allows you to create or delete ccollect sources.
|
||||
|
||||
|
||||
REQUIRED PARAMETERS
|
||||
-------------------
|
||||
source::
|
||||
source
|
||||
The source from which to backup
|
||||
destination::
|
||||
destination
|
||||
The destination directory
|
||||
|
||||
|
||||
OPTIONAL PARAMETERS
|
||||
-------------------
|
||||
state::
|
||||
state
|
||||
'present' or 'absent', defaults to 'present'
|
||||
ccollectconf::
|
||||
ccollectconf
|
||||
The CCOLLECT_CONF directory. Defaults to /etc/ccollect.
|
||||
|
||||
|
||||
OPTIONAL MULTIPLE PARAMETERS
|
||||
----------------------------
|
||||
exclude::
|
||||
exclude
|
||||
Paths to exclude of backup
|
||||
|
||||
|
||||
BOOLEAN PARAMETERS
|
||||
------------------
|
||||
verbose::
|
||||
verbose
|
||||
Whether to report backup verbosely
|
||||
|
||||
|
||||
EXAMPLES
|
||||
--------
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
__ccollect_source doc.ungleich.ch \
|
||||
.. code-block:: sh
|
||||
|
||||
__ccollect_source doc.ungleich.ch \
|
||||
--source doc.ungleich.ch:/ \
|
||||
--destination /backup/doc.ungleich.ch \
|
||||
--exclude '/proc/*' --exclude '/sys/*' \
|
||||
--verbose
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
|
||||
|
||||
SEE ALSO
|
||||
--------
|
||||
- cdist-type(7)
|
||||
- `cdist-type(7) <cdist-type.html>`_
|
||||
- ccollect(1)
|
||||
- http://www.nico.schottelius.org/software/ccollect/
|
||||
|
|
@ -1,13 +1,10 @@
|
|||
cdist-type__cdist(7)
|
||||
====================
|
||||
Manage cdist installations
|
||||
|
||||
Nico Schottelius <nico-cdist--@--schottelius.org>
|
||||
|
||||
|
||||
NAME
|
||||
----
|
||||
cdist-type__cdist - Manage cdist installations
|
||||
|
||||
|
||||
DESCRIPTION
|
||||
-----------
|
||||
This cdist type allows you to easily setup cdist
|
||||
|
@ -26,16 +23,16 @@ REQUIRED PARAMETERS
|
|||
|
||||
OPTIONAL PARAMETERS
|
||||
-------------------
|
||||
username::
|
||||
username
|
||||
Select the user to create for the cdist installation.
|
||||
Defaults to "cdist".
|
||||
|
||||
source::
|
||||
source
|
||||
Select the source from which to clone cdist from.
|
||||
Defaults to "git://github.com/telmich/cdist.git".
|
||||
|
||||
|
||||
branch::
|
||||
branch
|
||||
Select the branch to checkout from.
|
||||
Defaults to "master".
|
||||
|
||||
|
@ -43,18 +40,18 @@ branch::
|
|||
EXAMPLES
|
||||
--------
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
# Install cdist for user cdist in her home as subfolder cdist
|
||||
__cdist /home/cdist/cdist
|
||||
.. code-block:: sh
|
||||
|
||||
# Use alternative source
|
||||
__cdist --source "git://git.schottelius.org/cdist" /home/cdist/cdist
|
||||
--------------------------------------------------------------------------------
|
||||
# Install cdist for user cdist in her home as subfolder cdist
|
||||
__cdist /home/cdist/cdist
|
||||
|
||||
# Use alternative source
|
||||
__cdist --source "git://git.schottelius.org/cdist" /home/cdist/cdist
|
||||
|
||||
|
||||
SEE ALSO
|
||||
--------
|
||||
- cdist-type(7)
|
||||
- `cdist-type(7) <cdist-type.html>`_
|
||||
|
||||
|
||||
COPYING
|
|
@ -19,19 +19,11 @@
|
|||
#
|
||||
|
||||
# The marker file is established in the docs, but it isn't obligatory.
|
||||
if [ -f "$__object/parameter/destination" ]; then
|
||||
destination="$(cat "$__object/parameter/destination")"
|
||||
else
|
||||
destination='/etc/cdist-configured'
|
||||
fi
|
||||
destination="$(cat "$__object/parameter/destination")"
|
||||
|
||||
# The basic output of date is usually good enough, but variety is the
|
||||
# spice of life...
|
||||
if [ -f "$__object/parameter/format" ]; then
|
||||
format="$(cat "$__object/parameter/format")"
|
||||
else
|
||||
format='-u'
|
||||
fi
|
||||
format="$(cat "$__object/parameter/format")"
|
||||
|
||||
# Dump the timestamp in UTC to the marker
|
||||
echo "date $format > $destination"
|
||||
|
|
|
@ -1,13 +1,10 @@
|
|||
cdist-type__cdistmarker(7)
|
||||
==========================
|
||||
Add a timestamped cdist marker.
|
||||
|
||||
Daniel Maher <phrawzty+cdist--@--gmail.com>
|
||||
|
||||
|
||||
NAME
|
||||
----
|
||||
cdist-type__cdistmarker - Add a timestamped cdist marker.
|
||||
|
||||
|
||||
DESCRIPTION
|
||||
-----------
|
||||
This type is used to add a common marker file which indicates that a given
|
||||
|
@ -23,11 +20,11 @@ None.
|
|||
|
||||
OPTIONAL PARAMETERS
|
||||
-------------------
|
||||
destination::
|
||||
destination
|
||||
The path and filename of the marker.
|
||||
Default: /etc/cdist-configured
|
||||
|
||||
format::
|
||||
format
|
||||
The format of the timestamp. This is passed directly to system 'date'.
|
||||
Default: -u
|
||||
|
||||
|
@ -35,18 +32,18 @@ format::
|
|||
EXAMPLES
|
||||
--------
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
# Creates the marker as normal.
|
||||
__cdistmarker
|
||||
.. code-block:: sh
|
||||
|
||||
# Creates the marker differently.
|
||||
__cdistmarker --file /tmp/cdist_marker --format '+%s'
|
||||
--------------------------------------------------------------------------------
|
||||
# Creates the marker as normal.
|
||||
__cdistmarker
|
||||
|
||||
# Creates the marker differently.
|
||||
__cdistmarker --destination /tmp/cdist_marker --format '+%s'
|
||||
|
||||
|
||||
SEE ALSO
|
||||
--------
|
||||
- cdist-type(7)
|
||||
- `cdist-type(7) <cdisty-type.html>`_
|
||||
|
||||
|
||||
COPYING
|
|
@ -0,0 +1 @@
|
|||
/etc/cdist-configured
|
1
cdist/conf/type/__cdistmarker/parameter/default/format
Normal file
1
cdist/conf/type/__cdistmarker/parameter/default/format
Normal file
|
@ -0,0 +1 @@
|
|||
-u
|
34
cdist/conf/type/__config_file/gencode-remote
Executable file
34
cdist/conf/type/__config_file/gencode-remote
Executable file
|
@ -0,0 +1,34 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
destination="$__object_id"
|
||||
state="$(cat "$__object/parameter/state")"
|
||||
|
||||
if [ "$state" = "absent" ]; then
|
||||
# nothing to do
|
||||
exit 0
|
||||
fi
|
||||
|
||||
if [ -f "$__object/parameter/onchange" ]; then
|
||||
if grep -q "^__file/${destination}" "$__messages_in"; then
|
||||
cat "$__object/parameter/onchange"
|
||||
fi
|
||||
fi
|
||||
|
57
cdist/conf/type/__config_file/man.rst
Normal file
57
cdist/conf/type/__config_file/man.rst
Normal file
|
@ -0,0 +1,57 @@
|
|||
cdist-type__config_file(7)
|
||||
==========================
|
||||
Manages config files
|
||||
|
||||
Steven Armstrong <steven-cdist--@--armstrong.cc>
|
||||
|
||||
|
||||
DESCRIPTION
|
||||
-----------
|
||||
Deploy config files using the file type.
|
||||
Run the given code if the files changes.
|
||||
|
||||
|
||||
REQUIRED PARAMETERS
|
||||
-------------------
|
||||
None.
|
||||
|
||||
|
||||
OPTIONAL PARAMETERS
|
||||
-------------------
|
||||
group
|
||||
see cdist-type__file
|
||||
mode
|
||||
see cdist-type__file
|
||||
onchange
|
||||
the code to run if the file changes
|
||||
owner
|
||||
see cdist-type__file
|
||||
source
|
||||
Path to the config file.
|
||||
If source is '-' (dash), take what was written to stdin as the config file content.
|
||||
state
|
||||
see cdist-type__file
|
||||
|
||||
|
||||
EXAMPLES
|
||||
--------
|
||||
|
||||
.. code-block:: sh
|
||||
|
||||
__config_file /etc/consul/conf.d/watch_foo.json \
|
||||
--owner root --group consul --mode 640 \
|
||||
--source "$__type/files/watch_foo.json" \
|
||||
--state present \
|
||||
--onchange 'service consul status >/dev/null && service consul reload || true'
|
||||
|
||||
|
||||
SEE ALSO
|
||||
--------
|
||||
- `cdist-type(7) <cdist-type.html>`_
|
||||
- `cdist-type__file(7) <cdist-type__file.html>`_
|
||||
|
||||
|
||||
COPYING
|
||||
-------
|
||||
Copyright \(C) 2015 Steven Armstrong. Free use of this software is
|
||||
granted under the terms of the GNU General Public License version 3 (GPLv3).
|
41
cdist/conf/type/__config_file/manifest
Executable file
41
cdist/conf/type/__config_file/manifest
Executable file
|
@ -0,0 +1,41 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
set -- "/${__object_id}"
|
||||
for param in $(ls "$__object/parameter/"); do
|
||||
case "$param" in
|
||||
source)
|
||||
source="$(cat "$__object/parameter/source")"
|
||||
if [ "$source" = "-" ]; then
|
||||
source="$__object/stdin"
|
||||
fi
|
||||
set -- "$@" --source "$source"
|
||||
;;
|
||||
owner|group|mode|state)
|
||||
set -- "$@" "--${param}" "$(cat "$__object/parameter/$param")"
|
||||
;;
|
||||
*)
|
||||
# ignore unknown parameters
|
||||
:
|
||||
;;
|
||||
esac
|
||||
done
|
||||
|
||||
__file "$@"
|
1
cdist/conf/type/__config_file/parameter/default/state
Normal file
1
cdist/conf/type/__config_file/parameter/default/state
Normal file
|
@ -0,0 +1 @@
|
|||
present
|
6
cdist/conf/type/__config_file/parameter/optional
Normal file
6
cdist/conf/type/__config_file/parameter/optional
Normal file
|
@ -0,0 +1,6 @@
|
|||
group
|
||||
mode
|
||||
onchange
|
||||
owner
|
||||
source
|
||||
state
|
1
cdist/conf/type/__consul/files/versions/0.4.1/cksum
Normal file
1
cdist/conf/type/__consul/files/versions/0.4.1/cksum
Normal file
|
@ -0,0 +1 @@
|
|||
428915666 15738724 consul
|
1
cdist/conf/type/__consul/files/versions/0.4.1/source
Normal file
1
cdist/conf/type/__consul/files/versions/0.4.1/source
Normal file
|
@ -0,0 +1 @@
|
|||
https://dl.bintray.com/mitchellh/consul/0.4.1_linux_amd64.zip
|
1
cdist/conf/type/__consul/files/versions/0.5.0/cksum
Normal file
1
cdist/conf/type/__consul/files/versions/0.5.0/cksum
Normal file
|
@ -0,0 +1 @@
|
|||
131560372 17734417 consul
|
1
cdist/conf/type/__consul/files/versions/0.5.0/source
Normal file
1
cdist/conf/type/__consul/files/versions/0.5.0/source
Normal file
|
@ -0,0 +1 @@
|
|||
https://dl.bintray.com/mitchellh/consul/0.5.0_linux_amd64.zip
|
1
cdist/conf/type/__consul/files/versions/0.5.1/cksum
Normal file
1
cdist/conf/type/__consul/files/versions/0.5.1/cksum
Normal file
|
@ -0,0 +1 @@
|
|||
2564582176 18232733 consul
|
1
cdist/conf/type/__consul/files/versions/0.5.1/source
Normal file
1
cdist/conf/type/__consul/files/versions/0.5.1/source
Normal file
|
@ -0,0 +1 @@
|
|||
https://dl.bintray.com/mitchellh/consul/0.5.1_linux_amd64.zip
|
1
cdist/conf/type/__consul/files/versions/0.5.2/cksum
Normal file
1
cdist/conf/type/__consul/files/versions/0.5.2/cksum
Normal file
|
@ -0,0 +1 @@
|
|||
2207534901 18245010 consul
|
1
cdist/conf/type/__consul/files/versions/0.5.2/source
Normal file
1
cdist/conf/type/__consul/files/versions/0.5.2/source
Normal file
|
@ -0,0 +1 @@
|
|||
https://releases.hashicorp.com/consul/0.5.2/consul_0.5.2_linux_amd64.zip
|
1
cdist/conf/type/__consul/files/versions/0.6.0/cksum
Normal file
1
cdist/conf/type/__consul/files/versions/0.6.0/cksum
Normal file
|
@ -0,0 +1 @@
|
|||
688442448 19798264 consul
|
1
cdist/conf/type/__consul/files/versions/0.6.0/source
Normal file
1
cdist/conf/type/__consul/files/versions/0.6.0/source
Normal file
|
@ -0,0 +1 @@
|
|||
https://releases.hashicorp.com/consul/0.6.0/consul_0.6.0_linux_amd64.zip
|
1
cdist/conf/type/__consul/files/versions/0.6.1/cksum
Normal file
1
cdist/conf/type/__consul/files/versions/0.6.1/cksum
Normal file
|
@ -0,0 +1 @@
|
|||
3100584780 20416856 consul
|
1
cdist/conf/type/__consul/files/versions/0.6.1/source
Normal file
1
cdist/conf/type/__consul/files/versions/0.6.1/source
Normal file
|
@ -0,0 +1 @@
|
|||
https://releases.hashicorp.com/consul/0.6.1/consul_0.6.1_linux_amd64.zip
|
1
cdist/conf/type/__consul/files/versions/0.6.2/cksum
Normal file
1
cdist/conf/type/__consul/files/versions/0.6.2/cksum
Normal file
|
@ -0,0 +1 @@
|
|||
2124180907 20416920 consul
|
1
cdist/conf/type/__consul/files/versions/0.6.2/source
Normal file
1
cdist/conf/type/__consul/files/versions/0.6.2/source
Normal file
|
@ -0,0 +1 @@
|
|||
https://releases.hashicorp.com/consul/0.6.2/consul_0.6.2_linux_amd64.zip
|
1
cdist/conf/type/__consul/files/versions/0.6.3/cksum
Normal file
1
cdist/conf/type/__consul/files/versions/0.6.3/cksum
Normal file
|
@ -0,0 +1 @@
|
|||
1832669072 20417720 consul
|
1
cdist/conf/type/__consul/files/versions/0.6.3/source
Normal file
1
cdist/conf/type/__consul/files/versions/0.6.3/source
Normal file
|
@ -0,0 +1 @@
|
|||
https://releases.hashicorp.com/consul/0.6.3/consul_0.6.3_linux_amd64.zip
|
1
cdist/conf/type/__consul/files/versions/0.6.4/cksum
Normal file
1
cdist/conf/type/__consul/files/versions/0.6.4/cksum
Normal file
|
@ -0,0 +1 @@
|
|||
3832641574 23002736 consul
|
1
cdist/conf/type/__consul/files/versions/0.6.4/source
Normal file
1
cdist/conf/type/__consul/files/versions/0.6.4/source
Normal file
|
@ -0,0 +1 @@
|
|||
https://releases.hashicorp.com/consul/0.6.4/consul_0.6.4_linux_amd64.zip
|
51
cdist/conf/type/__consul/man.rst
Normal file
51
cdist/conf/type/__consul/man.rst
Normal file
|
@ -0,0 +1,51 @@
|
|||
cdist-type__consul(7)
|
||||
=====================
|
||||
Install consul
|
||||
|
||||
Steven Armstrong <steven-cdist--@--armstrong.cc>
|
||||
|
||||
|
||||
DESCRIPTION
|
||||
-----------
|
||||
Downloads and installs the consul binary from https://dl.bintray.com/mitchellh/consul.
|
||||
Note that the consul binary is downloaded on the server (the machine running
|
||||
cdist) and then deployed to the target host using the __file type.
|
||||
|
||||
|
||||
REQUIRED PARAMETERS
|
||||
-------------------
|
||||
None.
|
||||
|
||||
|
||||
OPTIONAL PARAMETERS
|
||||
-------------------
|
||||
state
|
||||
either 'present' or 'absent'. Defaults to 'present'
|
||||
|
||||
version
|
||||
which version of consul to install. See ./files/versions for a list of
|
||||
supported versions. Defaults to the latest known version.
|
||||
|
||||
|
||||
EXAMPLES
|
||||
--------
|
||||
|
||||
.. code-block:: sh
|
||||
|
||||
# just install using defaults
|
||||
__consul
|
||||
|
||||
# specific version
|
||||
__consul \
|
||||
--version 0.4.1
|
||||
|
||||
|
||||
SEE ALSO
|
||||
--------
|
||||
- `cdist-type(7) <cdist-type.html>`_
|
||||
|
||||
|
||||
COPYING
|
||||
-------
|
||||
Copyright \(C) 2015 Steven Armstrong. Free use of this software is
|
||||
granted under the terms of the GNU General Public License version 3 (GPLv3).
|
55
cdist/conf/type/__consul/manifest
Executable file
55
cdist/conf/type/__consul/manifest
Executable file
|
@ -0,0 +1,55 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||
# 2016 Nico Schottelius (nico-cdist at schottelius.org)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
|
||||
os=$(cat "$__global/explorer/os")
|
||||
|
||||
case "$os" in
|
||||
centos|redhat|ubuntu|debian|archlinux|gentoo)
|
||||
# any linux should work
|
||||
:
|
||||
;;
|
||||
*)
|
||||
echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2
|
||||
echo "Please contribute an implementation for it if you can." >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
|
||||
versions_dir="$__type/files/versions"
|
||||
version="$(cat "$__object/parameter/version")"
|
||||
version_dir="$versions_dir/$version"
|
||||
|
||||
if [ ! -d "$version_dir" ]; then
|
||||
echo "Unknown consul version '$version'. Expected one of:" >&2
|
||||
ls "$versions_dir" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
__staged_file /usr/local/bin/consul \
|
||||
--source "$(cat "$version_dir/source")" \
|
||||
--cksum "$(cat "$version_dir/cksum")" \
|
||||
--fetch-command 'curl -s -L "%s"' \
|
||||
--prepare-command 'unzip -p "%s"' \
|
||||
--state "$(cat "$__object/parameter/state")" \
|
||||
--group root \
|
||||
--owner root \
|
||||
--mode 755
|
1
cdist/conf/type/__consul/parameter/default/state
Normal file
1
cdist/conf/type/__consul/parameter/default/state
Normal file
|
@ -0,0 +1 @@
|
|||
present
|
1
cdist/conf/type/__consul/parameter/default/version
Normal file
1
cdist/conf/type/__consul/parameter/default/version
Normal file
|
@ -0,0 +1 @@
|
|||
0.6.4
|
2
cdist/conf/type/__consul/parameter/optional
Normal file
2
cdist/conf/type/__consul/parameter/optional
Normal file
|
@ -0,0 +1,2 @@
|
|||
state
|
||||
version
|
|
@ -0,0 +1,9 @@
|
|||
start on starting consul
|
||||
|
||||
task
|
||||
|
||||
script
|
||||
mkdir -p /var/run/consul
|
||||
chown consul:consul /var/run/consul
|
||||
chmod 2770 /var/run/consul
|
||||
end script
|
22
cdist/conf/type/__consul_agent/files/consul.systemd
Normal file
22
cdist/conf/type/__consul_agent/files/consul.systemd
Normal file
|
@ -0,0 +1,22 @@
|
|||
[Unit]
|
||||
Description=Consul Agent
|
||||
Wants=basic.target
|
||||
After=basic.target network.target
|
||||
|
||||
[Service]
|
||||
User=consul
|
||||
Group=consul
|
||||
Environment="GOMAXPROCS=2"
|
||||
# Run ExecStartPre with root-permissions
|
||||
PermissionsStartOnly=true
|
||||
ExecStartPre=/usr/bin/mkdir -p /var/run/consul
|
||||
ExecStartPre=/usr/bin/chown consul:consul /var/run/consul
|
||||
ExecStartPre=/usr/bin/chmod 2770 /var/run/consul
|
||||
ExecStart=/usr/local/bin/consul agent -config-dir /etc/consul/conf.d
|
||||
ExecReload=/bin/kill -HUP $MAINPID
|
||||
KillMode=process
|
||||
Restart=on-failure
|
||||
RestartSec=42s
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
81
cdist/conf/type/__consul_agent/files/consul.sysv-debian
Normal file
81
cdist/conf/type/__consul_agent/files/consul.sysv-debian
Normal file
|
@ -0,0 +1,81 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# 2015 Nico Schottelius (nico-cdist at schottelius.org)
|
||||
# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
if [ -f "/etc/default/consul" ]; then
|
||||
. /etc/default/consul
|
||||
fi
|
||||
|
||||
. /lib/lsb/init-functions
|
||||
|
||||
NAME=consul
|
||||
CONSUL=/usr/local/bin/consul
|
||||
CONFIG=/etc/$NAME/conf.d
|
||||
PID_FILE=/var/run/$NAME/pidfile
|
||||
|
||||
mkdir -p /var/run/$NAME
|
||||
chown consul:consul /var/run/$NAME
|
||||
chmod 2770 /var/run/$NAME
|
||||
|
||||
export PATH="${PATH:+$PATH:}/usr/sbin:/sbin"
|
||||
|
||||
case "$1" in
|
||||
start)
|
||||
log_daemon_msg "Starting consul agent" "consul" || true
|
||||
if start-stop-daemon --start --quiet --oknodo \
|
||||
--pidfile "$PID_FILE" --background \
|
||||
--exec $CONSUL -- agent -pid-file="$PID_FILE" -config-dir "$CONFIG"; then
|
||||
log_end_msg 0 || true
|
||||
else
|
||||
log_end_msg 1 || true
|
||||
fi
|
||||
;;
|
||||
|
||||
stop)
|
||||
log_daemon_msg "Stopping consul agent" "consul" || true
|
||||
if start-stop-daemon --stop --quiet --oknodo --pidfile $PID_FILE; then
|
||||
log_end_msg 0 || true
|
||||
else
|
||||
log_end_msg 1 || true
|
||||
fi
|
||||
;;
|
||||
|
||||
reload)
|
||||
log_daemon_msg "Reloading consul agent" "consul" || true
|
||||
if start-stop-daemon --stop --signal HUP --quiet --oknodo --pidfile $PID_FILE --exec $CONSUL; then
|
||||
log_end_msg 0 || true
|
||||
else
|
||||
log_end_msg 1 || true
|
||||
fi
|
||||
;;
|
||||
|
||||
restart)
|
||||
$0 stop && $0 start
|
||||
;;
|
||||
|
||||
status)
|
||||
status_of_proc -p $PID_FILE $CONSUL consul && exit 0 || exit $?
|
||||
;;
|
||||
|
||||
*)
|
||||
log_action_msg "Usage: /etc/init.d/consul {start|stop|reload|restart|status}"
|
||||
exit 1
|
||||
;;
|
||||
esac
|
95
cdist/conf/type/__consul_agent/files/consul.sysv-redhat
Normal file
95
cdist/conf/type/__consul_agent/files/consul.sysv-redhat
Normal file
|
@ -0,0 +1,95 @@
|
|||
#!/bin/bash
|
||||
#
|
||||
# /etc/rc.d/init.d/consul
|
||||
#
|
||||
# Daemonize the consul agent.
|
||||
#
|
||||
# chkconfig: 2345 95 95
|
||||
# description: Service discovery and configuration made easy. \
|
||||
# Distributed, highly available, and datacenter-aware.
|
||||
# processname: consul
|
||||
# pidfile: /var/run/consul/pidfile
|
||||
|
||||
# Source function library.
|
||||
. /etc/init.d/functions
|
||||
NAME=consul
|
||||
CONSUL=/usr/local/bin/consul
|
||||
CONFIG=/etc/$NAME/conf.d
|
||||
PID_FILE=/var/run/$NAME/pidfile
|
||||
LOG_FILE=/var/log/$NAME
|
||||
|
||||
[ -e /etc/sysconfig/$NAME ] && . /etc/sysconfig/$NAME
|
||||
export GOMAXPROCS=${GOMAXPROCS:-2}
|
||||
|
||||
mkdir -p /var/run/$NAME
|
||||
chown consul:consul /var/run/$NAME
|
||||
chmod 2770 /var/run/$NAME
|
||||
|
||||
|
||||
start() {
|
||||
echo -n "Starting $NAME: "
|
||||
daemon --user=consul \
|
||||
--pidfile="$PID_FILE" \
|
||||
"$CONSUL" agent -pid-file="$PID_FILE" -config-dir "$CONFIG" >> "$LOG_FILE" &
|
||||
retcode=$?
|
||||
touch /var/lock/subsys/$NAME
|
||||
return $retcode
|
||||
}
|
||||
|
||||
stop() {
|
||||
echo -n "Shutting down $NAME: "
|
||||
killproc -p "$PID_FILE" $NAME
|
||||
retcode=$?
|
||||
rm -f /var/lock/subsys/$NAME
|
||||
return $retcode
|
||||
}
|
||||
|
||||
case "$1" in
|
||||
start)
|
||||
if $(status -p "$PID_FILE" $NAME >/dev/null); then
|
||||
echo "$NAME already running"
|
||||
else
|
||||
start
|
||||
fi
|
||||
;;
|
||||
stop)
|
||||
if $(status -p "$PID_FILE" $NAME >/dev/null); then
|
||||
stop
|
||||
else
|
||||
echo "$NAME not running"
|
||||
fi
|
||||
;;
|
||||
info)
|
||||
"$CONSUL" info
|
||||
;;
|
||||
status)
|
||||
status -p "$PID_FILE" $NAME
|
||||
exit $?
|
||||
;;
|
||||
restart)
|
||||
if $(status -p "$PID_FILE" $NAME >/dev/null); then
|
||||
stop
|
||||
fi
|
||||
start
|
||||
;;
|
||||
reload)
|
||||
if $(status -p "$PID_FILE" $NAME >/dev/null); then
|
||||
kill -HUP `cat $PID_FILE`
|
||||
else
|
||||
echo "$NAME not running"
|
||||
fi
|
||||
;;
|
||||
condrestart)
|
||||
if [ -f /var/lock/subsys/$NAME ]; then
|
||||
if $(status -p "$PID_FILE" $NAME >/dev/null); then
|
||||
stop
|
||||
fi
|
||||
start
|
||||
fi
|
||||
;;
|
||||
*)
|
||||
echo "Usage: $NAME {start|stop|status|reload|restart|condrestart|info}"
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
exit $?
|
13
cdist/conf/type/__consul_agent/files/consul.upstart
Normal file
13
cdist/conf/type/__consul_agent/files/consul.upstart
Normal file
|
@ -0,0 +1,13 @@
|
|||
description "Consul Agent"
|
||||
start on (local-filesystems and net-device-up IFACE!=lo)
|
||||
stop on runlevel [06]
|
||||
|
||||
setuid consul
|
||||
setgid consul
|
||||
|
||||
respawn
|
||||
respawn limit 10 10
|
||||
kill timeout 10
|
||||
|
||||
exec /usr/local/bin/consul agent -config-dir /etc/consul/conf.d
|
||||
|
31
cdist/conf/type/__consul_agent/gencode-remote
Executable file
31
cdist/conf/type/__consul_agent/gencode-remote
Executable file
|
@ -0,0 +1,31 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
service="consul"
|
||||
state="$(cat "$__object/parameter/state")"
|
||||
|
||||
case "$state" in
|
||||
present)
|
||||
:
|
||||
;;
|
||||
absent)
|
||||
echo "service $service stop || true"
|
||||
;;
|
||||
esac
|
174
cdist/conf/type/__consul_agent/man.rst
Normal file
174
cdist/conf/type/__consul_agent/man.rst
Normal file
|
@ -0,0 +1,174 @@
|
|||
cdist-type__consul_agent(7)
|
||||
===========================
|
||||
Manage the consul agent
|
||||
|
||||
Steven Armstrong <steven-cdist--@--armstrong.cc>
|
||||
|
||||
|
||||
DESCRIPTION
|
||||
-----------
|
||||
Configure and manage the consul agent.
|
||||
|
||||
|
||||
REQUIRED PARAMETERS
|
||||
-------------------
|
||||
None.
|
||||
|
||||
|
||||
OPTIONAL PARAMETERS
|
||||
-------------------
|
||||
acl-datacenter
|
||||
only used by servers. This designates the datacenter which is authoritative
|
||||
for ACL information.
|
||||
|
||||
acl-default-policy
|
||||
either "allow" or "deny"; defaults to "allow". The default policy controls the
|
||||
behavior of a token when there is no matching rule.
|
||||
|
||||
acl-down-policy
|
||||
either "allow", "deny" or "extend-cache"; "extend-cache" is the default.
|
||||
|
||||
acl-master-token
|
||||
only used for servers in the acl_datacenter. This token will be created with
|
||||
management-level permissions if it does not exist. It allows operators to
|
||||
bootstrap the ACL system with a token ID that is well-known.
|
||||
|
||||
acl-token
|
||||
when provided, the agent will use this token when making requests to the
|
||||
Consul servers.
|
||||
|
||||
acl-ttl
|
||||
used to control Time-To-Live caching of ACLs.
|
||||
|
||||
bind-addr
|
||||
sets the bind address for cluster communication
|
||||
|
||||
bootstrap-expect
|
||||
sets server to expect bootstrap mode
|
||||
|
||||
ca-file-source
|
||||
path to a PEM encoded certificate authority file which will be uploaded and
|
||||
configure using the ca_file config option.
|
||||
|
||||
cert-file-source
|
||||
path to a PEM encoded certificate file which will be uploaded and
|
||||
configure using the cert_file config option.
|
||||
|
||||
client-addr
|
||||
sets the address to bind for client access
|
||||
|
||||
datacenter
|
||||
datacenter of the agent
|
||||
|
||||
encrypt
|
||||
provides the gossip encryption key
|
||||
|
||||
group
|
||||
the primary group for the agent
|
||||
|
||||
json-config
|
||||
path to a partial json config file without leading { and trailing }.
|
||||
If json-config is '-' (dash), take what was written to stdin as the file content.
|
||||
|
||||
key-file-source
|
||||
path to a PEM encoded private key file which will be uploaded and
|
||||
configure using the key_file config option.
|
||||
|
||||
node-name
|
||||
name of this node. Must be unique in the cluster
|
||||
|
||||
retry-join
|
||||
address to attempt joining every retry_interval until at least one join works.
|
||||
Can be specified multiple times.
|
||||
|
||||
user
|
||||
the user to run the agent as
|
||||
|
||||
state
|
||||
if the agent is 'present' or 'absent'. Defaults to 'present'.
|
||||
Currently state=absent is not working due to some dependency issues.
|
||||
|
||||
|
||||
BOOLEAN PARAMETERS
|
||||
------------------
|
||||
disable-remote-exec
|
||||
disables support for remote execution. When set to true, the agent will ignore any incoming remote exec requests.
|
||||
|
||||
disable-update-check
|
||||
disables automatic checking for security bulletins and new version releases
|
||||
|
||||
leave-on-terminate
|
||||
gracefully leave cluster on SIGTERM
|
||||
|
||||
rejoin-after-leave
|
||||
rejoin the cluster using the previous state after leaving
|
||||
|
||||
server
|
||||
used to control if an agent is in server or client mode
|
||||
|
||||
syslog
|
||||
enables logging to syslog
|
||||
|
||||
verify-incoming
|
||||
enforce the use of TLS and verify a client's authenticity on incomming connections
|
||||
|
||||
verify-outgoing
|
||||
enforce the use of TLS and verify the peers authenticity on outgoing connections
|
||||
|
||||
|
||||
EXAMPLES
|
||||
--------
|
||||
|
||||
.. code-block:: sh
|
||||
|
||||
# configure as server, bootstrap and rejoin
|
||||
hostname="$(cat "$__global/explorer/hostname")"
|
||||
__consul_agent \
|
||||
--datacenter dc1 \
|
||||
--node-name "${hostname%%.*}" \
|
||||
--disable-update-check \
|
||||
--server \
|
||||
--rejoin-after-leave \
|
||||
--bootstrap-expect 3 \
|
||||
--retry-join consul-01 \
|
||||
--retry-join consul-02 \
|
||||
--retry-join consul-03
|
||||
|
||||
# configure as server, bootstrap and rejoin with ssl support
|
||||
hostname="$(cat "$__global/explorer/hostname")"
|
||||
__consul_agent \
|
||||
--datacenter dc1 \
|
||||
--node-name "${hostname%%.*}" \
|
||||
--disable-update-check \
|
||||
--server \
|
||||
--rejoin-after-leave \
|
||||
--bootstrap-expect 3 \
|
||||
--retry-join consul-01 \
|
||||
--retry-join consul-02 \
|
||||
--retry-join consul-03 \
|
||||
--ca-file-source /path/to/ca.pem \
|
||||
--cert-file-source /path/to/cert.pem \
|
||||
--key-file-source /path/to/key.pem \
|
||||
--verify-incoming \
|
||||
--verify-outgoing
|
||||
|
||||
# configure as client and try joining existing cluster
|
||||
__consul_agent \
|
||||
--datacenter dc1 \
|
||||
--node-name "${hostname%%.*}" \
|
||||
--disable-update-check \
|
||||
--retry-join consul-01 \
|
||||
--retry-join consul-02 \
|
||||
--retry-join consul-03
|
||||
|
||||
|
||||
SEE ALSO
|
||||
--------
|
||||
- `cdist-type(7) <cdist-type.html>`_
|
||||
- http://www.consul.io/docs/agent/options.html
|
||||
|
||||
|
||||
COPYING
|
||||
-------
|
||||
Copyright \(C) 2015 Steven Armstrong. Free use of this software is
|
||||
granted under the terms of the GNU General Public License version 3 (GPLv3).
|
221
cdist/conf/type/__consul_agent/manifest
Executable file
221
cdist/conf/type/__consul_agent/manifest
Executable file
|
@ -0,0 +1,221 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||
# 2015 Nico Schottelius (nico-cdist at schottelius.org)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
|
||||
os=$(cat "$__global/explorer/os")
|
||||
|
||||
case "$os" in
|
||||
centos|debian|redhat|ubuntu)
|
||||
# whitelist safeguard
|
||||
:
|
||||
;;
|
||||
*)
|
||||
echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2
|
||||
echo "Please contribute an implementation for it if you can." >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
|
||||
state="$(cat "$__object/parameter/state")"
|
||||
user="$(cat "$__object/parameter/user")"
|
||||
group="$(cat "$__object/parameter/group")"
|
||||
data_dir="/var/lib/consul"
|
||||
conf_dir="/etc/consul/conf.d"
|
||||
conf_file="config.json"
|
||||
|
||||
# FIXME: there has got to be a better way to handle the dependencies in this case
|
||||
case "$state" in
|
||||
present)
|
||||
__group "$group" --system --state "$state"
|
||||
require="__group/$group" \
|
||||
__user "$user" --system --gid "$group" \
|
||||
--home "$data_dir" --state "$state"
|
||||
export require="__user/consul"
|
||||
;;
|
||||
absent)
|
||||
echo "Sorry, state=absent currently not supported :-(" >&2
|
||||
exit 1
|
||||
require="$__object_name" \
|
||||
__user "$user" --system --gid "$group" --state "$state"
|
||||
require="__user/$user" \
|
||||
__group "$group" --system --state "$state"
|
||||
;;
|
||||
esac
|
||||
|
||||
__directory /etc/consul \
|
||||
--owner root --group "$group" --mode 750 --state "$state"
|
||||
require="__directory/etc/consul" \
|
||||
__directory "$conf_dir" \
|
||||
--owner root --group "$group" --mode 750 --state "$state"
|
||||
|
||||
if [ -f "$__object/parameter/ca-file-source" -o -f "$__object/parameter/cert-file-source" -o -f "$__object/parameter/key-file-source" ]; then
|
||||
# create directory for ssl certs
|
||||
require="__directory/etc/consul" \
|
||||
__directory /etc/consul/ssl \
|
||||
--owner root --group "$group" --mode 750 --state "$state"
|
||||
fi
|
||||
|
||||
__directory "$data_dir" \
|
||||
--owner "$user" --group "$group" --mode 770 --state "$state"
|
||||
|
||||
|
||||
# Generate json config file
|
||||
(
|
||||
echo "{"
|
||||
|
||||
# parameters we define ourself
|
||||
printf ' "data_dir": "%s"\n' "$data_dir"
|
||||
|
||||
for param in $(ls "$__object/parameter/"); do
|
||||
case "$param" in
|
||||
state|user|group|json-config) continue ;;
|
||||
ca-file-source|cert-file-source|key-file-source)
|
||||
source="$(cat "$__object/parameter/$param")"
|
||||
destination="/etc/consul/ssl/${source##*/}"
|
||||
require="__directory/etc/consul/ssl" \
|
||||
__file "$destination" \
|
||||
--owner root --group consul --mode 640 \
|
||||
--source "$source" \
|
||||
--state "$state"
|
||||
key="$(echo "${param%-*}" | tr '-' '_')"
|
||||
printf ' ,"%s": "%s"\n' "$key" "$destination"
|
||||
;;
|
||||
disable-remote-exec|disable-update-check|leave-on-terminate|rejoin-after-leave|server|syslog|verify-incoming|verify-outgoing)
|
||||
# handle boolean parameters
|
||||
key="$(echo "$param" | tr '-' '_')"
|
||||
printf ' ,"%s": true\n' "$key"
|
||||
;;
|
||||
retry-join)
|
||||
# join multiple parameters into json array
|
||||
retry_join="$(awk '{printf "\""$1"\","}' "$__object/parameter/retry-join")"
|
||||
# remove trailing ,
|
||||
printf ' ,"retry_join": [%s]\n' "${retry_join%*,}"
|
||||
;;
|
||||
retry-join-wan)
|
||||
# join multiple parameters into json array over wan
|
||||
retry_join_wan="$(awk '{printf "\""$1"\","}' "$__object/parameter/retry-join-wan")"
|
||||
# remove trailing ,
|
||||
printf ' ,"retry_join_wan": [%s]\n' "${retry_join_wan%*,}"
|
||||
;;
|
||||
bootstrap-expect)
|
||||
# integer key=value parameters
|
||||
key="$(echo "$param" | tr '-' '_')"
|
||||
printf ' ,"%s": %s\n' "$key" "$(cat "$__object/parameter/$param")"
|
||||
;;
|
||||
*)
|
||||
# string key=value parameters
|
||||
key="$(echo "$param" | tr '-' '_')"
|
||||
printf ' ,"%s": "%s"\n' "$key" "$(cat "$__object/parameter/$param")"
|
||||
;;
|
||||
esac
|
||||
done
|
||||
if [ -f "$__object/parameter/json-config" ]; then
|
||||
json_config="$(cat "$__object/parameter/json-config")"
|
||||
if [ "$json_config" = "-" ]; then
|
||||
json_config="$__object/stdin"
|
||||
fi
|
||||
# remove leading and trailing whitespace and commas from first and last line
|
||||
# indent each line with 3 spaces for consistency
|
||||
json=$(sed -e 's/^[ \t]*/ /' -e '1s/^[ \t,]*//' -e '$s/[ \t,]*$//' "$json_config")
|
||||
printf ' ,%s\n' "$json"
|
||||
fi
|
||||
echo "}"
|
||||
) | \
|
||||
require="__directory${conf_dir}" \
|
||||
__config_file "${conf_dir}/${conf_file}" \
|
||||
--owner root --group "$group" --mode 640 \
|
||||
--state "$state" \
|
||||
--onchange 'service consul status >/dev/null && service consul reload || true' \
|
||||
--source -
|
||||
|
||||
init_sysvinit()
|
||||
{
|
||||
__file /etc/init.d/consul \
|
||||
--owner root --group root --mode 0755 \
|
||||
--state "$state" \
|
||||
--source "$__type/files/consul.sysv-$1"
|
||||
require="__file/etc/init.d/consul" __start_on_boot consul
|
||||
}
|
||||
|
||||
init_systemd()
|
||||
{
|
||||
__file /lib/systemd/system/consul.service \
|
||||
--owner root --group root --mode 0644 \
|
||||
--state "$state" \
|
||||
--source "$__type/files/consul.systemd"
|
||||
require="__file/lib/systemd/system/consul.service" __start_on_boot consul
|
||||
}
|
||||
|
||||
init_upstart()
|
||||
{
|
||||
__file /etc/init/consul-prepare.conf \
|
||||
--owner root --group root --mode 0644 \
|
||||
--state "$state" \
|
||||
--source "$__type/files/consul-prepare.upstart"
|
||||
require="__file/etc/init/consul-prepare.conf" \
|
||||
__file /etc/init/consul.conf \
|
||||
--owner root --group root --mode 0644 \
|
||||
--state "$state" \
|
||||
--source "$__type/files/consul.upstart"
|
||||
require="__file/etc/init/consul.conf" __start_on_boot consul
|
||||
}
|
||||
|
||||
# Install init script to start on boot
|
||||
case "$os" in
|
||||
centos|redhat)
|
||||
os_version="$(sed 's/[^0-9.]//g' "$__global/explorer/os_version")"
|
||||
major_version="${os_version%%.*}"
|
||||
case "$major_version" in
|
||||
[456])
|
||||
init_sysvinit redhat
|
||||
;;
|
||||
7)
|
||||
init_systemd
|
||||
;;
|
||||
*)
|
||||
echo "Unsupported CentOS/Redhat version: $os_version" >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
;;
|
||||
|
||||
debian)
|
||||
os_version=$(cat "$__global/explorer/os_version")
|
||||
major_version="${os_version%%.*}"
|
||||
|
||||
case "$major_version" in
|
||||
[567])
|
||||
init_sysvinit debian
|
||||
;;
|
||||
8)
|
||||
init_systemd
|
||||
;;
|
||||
*)
|
||||
echo "Unsupported Debian version $os_version" >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
;;
|
||||
|
||||
ubuntu)
|
||||
init_upstart
|
||||
;;
|
||||
esac
|
8
cdist/conf/type/__consul_agent/parameter/boolean
Normal file
8
cdist/conf/type/__consul_agent/parameter/boolean
Normal file
|
@ -0,0 +1,8 @@
|
|||
disable-remote-exec
|
||||
disable-update-check
|
||||
leave-on-terminate
|
||||
rejoin-after-leave
|
||||
server
|
||||
syslog
|
||||
verify-incoming
|
||||
verify-outgoing
|
1
cdist/conf/type/__consul_agent/parameter/default/group
Normal file
1
cdist/conf/type/__consul_agent/parameter/default/group
Normal file
|
@ -0,0 +1 @@
|
|||
consul
|
1
cdist/conf/type/__consul_agent/parameter/default/state
Normal file
1
cdist/conf/type/__consul_agent/parameter/default/state
Normal file
|
@ -0,0 +1 @@
|
|||
present
|
1
cdist/conf/type/__consul_agent/parameter/default/user
Normal file
1
cdist/conf/type/__consul_agent/parameter/default/user
Normal file
|
@ -0,0 +1 @@
|
|||
consul
|
20
cdist/conf/type/__consul_agent/parameter/optional
Normal file
20
cdist/conf/type/__consul_agent/parameter/optional
Normal file
|
@ -0,0 +1,20 @@
|
|||
acl-datacenter
|
||||
acl-default-policy
|
||||
acl-down-policy
|
||||
acl-master-token
|
||||
acl-token
|
||||
acl-ttl
|
||||
bind-addr
|
||||
bootstrap-expect
|
||||
ca-file-source
|
||||
cert-file-source
|
||||
client-addr
|
||||
datacenter
|
||||
encrypt
|
||||
group
|
||||
json-config
|
||||
key-file-source
|
||||
node-name
|
||||
user
|
||||
state
|
||||
advertise-wan
|
|
@ -0,0 +1,2 @@
|
|||
retry-join
|
||||
retry-join-wan
|
71
cdist/conf/type/__consul_check/man.rst
Normal file
71
cdist/conf/type/__consul_check/man.rst
Normal file
|
@ -0,0 +1,71 @@
|
|||
cdist-type__consul_check(7)
|
||||
=============================
|
||||
Manages consul checks
|
||||
|
||||
Steven Armstrong <steven-cdist--@--armstrong.cc>
|
||||
|
||||
|
||||
DESCRIPTION
|
||||
-----------
|
||||
Generate and deploy check definitions for a consul agent.
|
||||
See http://www.consul.io/docs/agent/checks.html for parameter documentation.
|
||||
|
||||
Use either script toghether with interval, or use ttl.
|
||||
|
||||
|
||||
REQUIRED PARAMETERS
|
||||
-------------------
|
||||
None.
|
||||
|
||||
|
||||
OPTIONAL PARAMETERS
|
||||
-------------------
|
||||
interval
|
||||
the interval in which the script given with --script should be run
|
||||
|
||||
script
|
||||
the shell command to run every --interval
|
||||
|
||||
ttl
|
||||
how long a check is considered healthy without being updated through the
|
||||
HTTP interfave
|
||||
|
||||
id
|
||||
Defaults to --name
|
||||
|
||||
name
|
||||
The name of this check. Defaults to __object_id
|
||||
|
||||
notes
|
||||
human readable description
|
||||
|
||||
state
|
||||
if this check is 'present' or 'absent'. Defaults to 'present'.
|
||||
|
||||
|
||||
EXAMPLES
|
||||
--------
|
||||
|
||||
.. code-block:: sh
|
||||
|
||||
__consul_check redis \
|
||||
--script /usr/local/bin/check_redis.py \
|
||||
--interval 10s
|
||||
|
||||
__consul_check some-object-id \
|
||||
--id web-app \
|
||||
--name "Web App Status" \
|
||||
--notes "Web app does a curl internally every 10 seconds" \
|
||||
--ttl 30s
|
||||
|
||||
|
||||
SEE ALSO
|
||||
--------
|
||||
- `cdist-type(7) <cdist-type.html>`_
|
||||
- `cdist-type__consul_agent(7) <cdist-type__consul_agent.html>`_
|
||||
|
||||
|
||||
COPYING
|
||||
-------
|
||||
Copyright \(C) 2015 Steven Armstrong. Free use of this software is
|
||||
granted under the terms of the GNU General Public License version 3 (GPLv3).
|
64
cdist/conf/type/__consul_check/manifest
Executable file
64
cdist/conf/type/__consul_check/manifest
Executable file
|
@ -0,0 +1,64 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
name="$(cat "$__object/parameter/name" 2>/dev/null || echo "$__object_id")"
|
||||
conf_dir="/etc/consul/conf.d"
|
||||
conf_file="check_${name}.json"
|
||||
state="$(cat "$__object/parameter/state")"
|
||||
|
||||
# Sanity checks
|
||||
if [ -f "$__object/parameter/script" -a -f "$__object/parameter/ttl" ]; then
|
||||
echo "Use either --script together with --interval OR --ttl, but not both" >&2
|
||||
exit 1
|
||||
fi
|
||||
if [ -f "$__object/parameter/script" -a ! -f "$__object/parameter/interval" ]; then
|
||||
echo "When using --script you must also define --interval" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Generate json config file
|
||||
(
|
||||
echo "{"
|
||||
printf ' "check": {\n'
|
||||
printf ' "name": "%s"\n' "$name"
|
||||
for param in $(ls "$__object/parameter/"); do
|
||||
case "$param" in
|
||||
state|name|interval) continue ;;
|
||||
script)
|
||||
printf ' ,"script": "%s"\n' "$(cat "$__object/parameter/script")"
|
||||
printf ' ,"interval": "%s"\n' "$(cat "$__object/parameter/interval")"
|
||||
;;
|
||||
*)
|
||||
key="$(echo "$param" | tr '-' '_')"
|
||||
printf ' ,"%s": "%s"\n' "$key" "$(cat "$__object/parameter/$param")"
|
||||
;;
|
||||
esac
|
||||
done
|
||||
# end check
|
||||
echo " }"
|
||||
# end json file
|
||||
echo "}"
|
||||
) | \
|
||||
require="__directory${conf_dir}" \
|
||||
__config_file "${conf_dir}/${conf_file}" \
|
||||
--owner root --group consul --mode 640 \
|
||||
--state "$state" \
|
||||
--onchange 'service consul status >/dev/null && service consul reload || true' \
|
||||
--source -
|
1
cdist/conf/type/__consul_check/parameter/default/state
Normal file
1
cdist/conf/type/__consul_check/parameter/default/state
Normal file
|
@ -0,0 +1 @@
|
|||
present
|
7
cdist/conf/type/__consul_check/parameter/optional
Normal file
7
cdist/conf/type/__consul_check/parameter/optional
Normal file
|
@ -0,0 +1,7 @@
|
|||
id
|
||||
interval
|
||||
name
|
||||
notes
|
||||
script
|
||||
state
|
||||
ttl
|
24
cdist/conf/type/__consul_reload/gencode-remote
Executable file
24
cdist/conf/type/__consul_reload/gencode-remote
Executable file
|
@ -0,0 +1,24 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
service="consul"
|
||||
if grep -q "^__file/etc/consul/conf.d/" "$__messages_in"; then
|
||||
echo "service $service status && service $service reload || true"
|
||||
fi
|
39
cdist/conf/type/__consul_reload/man.rst
Normal file
39
cdist/conf/type/__consul_reload/man.rst
Normal file
|
@ -0,0 +1,39 @@
|
|||
cdist-type__consul_reload(7)
|
||||
============================
|
||||
Reload consul
|
||||
|
||||
Steven Armstrong <steven-cdist--@--armstrong.cc>
|
||||
|
||||
|
||||
DESCRIPTION
|
||||
-----------
|
||||
Reload consul after configuration changes.
|
||||
|
||||
|
||||
REQUIRED PARAMETERS
|
||||
-------------------
|
||||
None.
|
||||
|
||||
|
||||
OPTIONAL PARAMETERS
|
||||
-------------------
|
||||
None.
|
||||
|
||||
|
||||
EXAMPLES
|
||||
--------
|
||||
|
||||
.. code-block:: sh
|
||||
|
||||
__consul_reload
|
||||
|
||||
|
||||
SEE ALSO
|
||||
--------
|
||||
- `cdist-type(7) <cdist-type.html>`_
|
||||
|
||||
|
||||
COPYING
|
||||
-------
|
||||
Copyright \(C) 2015 Steven Armstrong. Free use of this software is
|
||||
granted under the terms of the GNU General Public License version 3 (GPLv3).
|
75
cdist/conf/type/__consul_service/man.rst
Normal file
75
cdist/conf/type/__consul_service/man.rst
Normal file
|
@ -0,0 +1,75 @@
|
|||
cdist-type__consul_service(7)
|
||||
=============================
|
||||
Manages consul services
|
||||
|
||||
Steven Armstrong <steven-cdist--@--armstrong.cc>
|
||||
|
||||
|
||||
DESCRIPTION
|
||||
-----------
|
||||
Generate and deploy service definitions for a consul agent.
|
||||
See http://www.consul.io/docs/agent/services.html for parameter documentation.
|
||||
|
||||
Use either script together with interval, or use ttl.
|
||||
|
||||
|
||||
REQUIRED PARAMETERS
|
||||
-------------------
|
||||
None.
|
||||
|
||||
|
||||
OPTIONAL PARAMETERS
|
||||
-------------------
|
||||
check-interval
|
||||
the interval in which the script given with --check-script should be run
|
||||
|
||||
check-script
|
||||
the shell command to run every --check-interval
|
||||
|
||||
check-ttl
|
||||
how long a service is considered healthy without being updated through the
|
||||
HTTP interfave
|
||||
|
||||
id
|
||||
Defaults to --name
|
||||
|
||||
name
|
||||
The name of this service. Defaults to __object_id
|
||||
|
||||
port
|
||||
the port at which this service can be reached
|
||||
|
||||
state
|
||||
if this service is 'present' or 'absent'. Defaults to 'present'.
|
||||
|
||||
tag
|
||||
a tag to add to this service. Can be specified multiple times.
|
||||
|
||||
|
||||
EXAMPLES
|
||||
--------
|
||||
|
||||
.. code-block:: sh
|
||||
|
||||
__consul_service redis \
|
||||
--tag master \
|
||||
--tag production \
|
||||
--port 8000 \
|
||||
--check-script /usr/local/bin/check_redis.py \
|
||||
--check-interval 10s
|
||||
|
||||
__consul_service webapp \
|
||||
--port 80 \
|
||||
--check-ttl 10s
|
||||
|
||||
|
||||
SEE ALSO
|
||||
--------
|
||||
- `cdist-type(7) <cdist-type.html>`_
|
||||
- `cdist-type__consul_agent(7) <cdist-type__consul_agent.html>`_
|
||||
|
||||
|
||||
COPYING
|
||||
-------
|
||||
Copyright \(C) 2015 Steven Armstrong. Free use of this software is
|
||||
granted under the terms of the GNU General Public License version 3 (GPLv3).
|
83
cdist/conf/type/__consul_service/manifest
Executable file
83
cdist/conf/type/__consul_service/manifest
Executable file
|
@ -0,0 +1,83 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
name="$(cat "$__object/parameter/name" 2>/dev/null || echo "$__object_id")"
|
||||
conf_dir="/etc/consul/conf.d"
|
||||
conf_file="service_${name}.json"
|
||||
state="$(cat "$__object/parameter/state")"
|
||||
|
||||
# Sanity checks
|
||||
if [ -f "$__object/parameter/check-script" -a -f "$__object/parameter/check-ttl" ]; then
|
||||
echo "Use either --check-script together with --check-interval OR --check-ttl, but not both" >&2
|
||||
exit 1
|
||||
fi
|
||||
if [ -f "$__object/parameter/check-script" -a ! -f "$__object/parameter/check-interval" ]; then
|
||||
echo "When using --check-script you must also define --check-interval" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Generate json config file
|
||||
(
|
||||
echo "{"
|
||||
printf ' "service": {\n'
|
||||
printf ' "name": "%s"\n' "$name"
|
||||
for param in $(ls "$__object/parameter/"); do
|
||||
case "$param" in
|
||||
state|name|check-interval) continue ;;
|
||||
check-script)
|
||||
printf ' ,"check": {\n'
|
||||
printf ' "script": "%s"\n' "$(cat "$__object/parameter/check-script")"
|
||||
printf ' ,"interval": "%s"\n' "$(cat "$__object/parameter/check-interval")"
|
||||
printf ' }\n'
|
||||
;;
|
||||
check-ttl)
|
||||
printf ' ,"check": {\n'
|
||||
printf ' "ttl": "%s"\n' "$(cat "$__object/parameter/check-ttl")"
|
||||
printf ' }\n'
|
||||
;;
|
||||
tag)
|
||||
# create json array from newline delimited file
|
||||
tags="$(awk '{printf "\""$1"\","}' "$__object/parameter/tag")"
|
||||
# remove trailing ,
|
||||
printf ' ,"tags": [%s]\n' "${tags%*,}"
|
||||
;;
|
||||
port)
|
||||
# integer key=value parameters
|
||||
key="$(echo "$param" | tr '-' '_')"
|
||||
printf ' ,"%s": %s\n' "$key" "$(cat "$__object/parameter/$param")"
|
||||
;;
|
||||
*)
|
||||
# string key=value parameters
|
||||
key="$(echo "$param" | tr '-' '_')"
|
||||
printf ' ,"%s": "%s"\n' "$key" "$(cat "$__object/parameter/$param")"
|
||||
;;
|
||||
esac
|
||||
done
|
||||
# end service
|
||||
echo " }"
|
||||
# end json file
|
||||
echo "}"
|
||||
) | \
|
||||
require="__directory${conf_dir}" \
|
||||
__config_file "${conf_dir}/${conf_file}" \
|
||||
--owner root --group consul --mode 640 \
|
||||
--state "$state" \
|
||||
--onchange 'service consul status >/dev/null && service consul reload || true' \
|
||||
--source -
|
1
cdist/conf/type/__consul_service/parameter/default/state
Normal file
1
cdist/conf/type/__consul_service/parameter/default/state
Normal file
|
@ -0,0 +1 @@
|
|||
present
|
7
cdist/conf/type/__consul_service/parameter/optional
Normal file
7
cdist/conf/type/__consul_service/parameter/optional
Normal file
|
@ -0,0 +1,7 @@
|
|||
check-interval
|
||||
check-script
|
||||
check-ttl
|
||||
id
|
||||
name
|
||||
port
|
||||
state
|
|
@ -0,0 +1 @@
|
|||
tag
|
|
@ -0,0 +1,19 @@
|
|||
[Unit]
|
||||
Description=Consul-Template Daemon
|
||||
Wants=basic.target
|
||||
After=basic.target network.target
|
||||
|
||||
[Service]
|
||||
User=root
|
||||
Group=root
|
||||
Environment="CONSUL_TEMPLATE_LOG=info"
|
||||
Environment="GOMAXPROCS=2"
|
||||
ExecStart=/usr/local/bin/consul-template -config /etc/consul-template/conf.d
|
||||
ExecReload=/bin/kill -HUP $MAINPID
|
||||
KillMode=process
|
||||
Restart=on-failure
|
||||
RestartSec=10s
|
||||
LimitNOFILE=4096
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
89
cdist/conf/type/__consul_template/files/consul-template.sysv
Normal file
89
cdist/conf/type/__consul_template/files/consul-template.sysv
Normal file
|
@ -0,0 +1,89 @@
|
|||
#!/bin/bash
|
||||
#
|
||||
# /etc/rc.d/init.d/consul-template
|
||||
#
|
||||
# Daemonize the consul-template agent.
|
||||
#
|
||||
# chkconfig: 2345 95 95
|
||||
# description: Generic template rendering and notifications with Consul
|
||||
# processname: consul-template
|
||||
# pidfile: /var/run/consul-template/pidfile
|
||||
|
||||
# Source function library.
|
||||
. /etc/init.d/functions
|
||||
NAME=consul-template
|
||||
CONSUL_TEMPLATE=/usr/local/bin/consul-template
|
||||
CONFIG=/etc/$NAME/conf.d
|
||||
PID_FILE=/var/run/$NAME/pidfile
|
||||
LOG_FILE=/var/log/$NAME
|
||||
|
||||
[ -e /etc/sysconfig/$NAME ] && . /etc/sysconfig/$NAME
|
||||
export CONSUL_TEMPLATE_LOG=${CONSUL_TEMPLATE_LOG:-info}
|
||||
export GOMAXPROCS=${GOMAXPROCS:-2}
|
||||
|
||||
mkdir -p /var/run/$NAME
|
||||
|
||||
start() {
|
||||
echo -n "Starting $NAME: "
|
||||
daemon --pidfile="$PID_FILE" \
|
||||
"$CONSUL_TEMPLATE" -config "$CONFIG" >> "$LOG_FILE" 2>&1 &
|
||||
echo $! > "$PID_FILE"
|
||||
retcode=$?
|
||||
touch /var/lock/subsys/$NAME
|
||||
return $retcode
|
||||
}
|
||||
|
||||
stop() {
|
||||
echo -n "Shutting down $NAME: "
|
||||
killproc -p $PID_FILE $CONSUL_TEMPLATE
|
||||
retcode=$?
|
||||
rm -f /var/lock/subsys/$NAME
|
||||
return $retcode
|
||||
}
|
||||
|
||||
case "$1" in
|
||||
start)
|
||||
if $(status -p "$PID_FILE" $NAME >/dev/null); then
|
||||
echo "$NAME already running"
|
||||
else
|
||||
start
|
||||
fi
|
||||
;;
|
||||
stop)
|
||||
if $(status -p "$PID_FILE" $NAME >/dev/null); then
|
||||
stop
|
||||
else
|
||||
echo "$NAME not running"
|
||||
fi
|
||||
;;
|
||||
status)
|
||||
status -p "$PID_FILE" $NAME
|
||||
exit $?
|
||||
;;
|
||||
restart)
|
||||
if $(status -p "$PID_FILE" $NAME >/dev/null); then
|
||||
stop
|
||||
fi
|
||||
start
|
||||
;;
|
||||
reload)
|
||||
if $(status -p "$PID_FILE" $NAME >/dev/null); then
|
||||
kill -HUP `cat $PID_FILE`
|
||||
else
|
||||
echo "$NAME not running"
|
||||
fi
|
||||
;;
|
||||
condrestart)
|
||||
if [ -f /var/lock/subsys/$NAME ]; then
|
||||
if $(status -p "$PID_FILE" $NAME >/dev/null); then
|
||||
stop
|
||||
fi
|
||||
start
|
||||
fi
|
||||
;;
|
||||
*)
|
||||
echo "Usage: $NAME {start|stop|status|reload|restart}"
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
exit $?
|
|
@ -0,0 +1,12 @@
|
|||
description "Consul-Template Daemon"
|
||||
start on (local-filesystems and net-device-up IFACE!=lo)
|
||||
stop on runlevel [06]
|
||||
|
||||
env CONSUL_TEMPLATE_LOG=info
|
||||
env GOMAXPROCS=${GOMAXPROCS}
|
||||
|
||||
exec /usr/local/bin/consul-template -config /etc/consul-template/conf.d >> /var/log/consul-template 2>&1
|
||||
|
||||
respawn
|
||||
respawn limit 10 10
|
||||
kill timeout 10
|
|
@ -0,0 +1 @@
|
|||
3401777891 9273880 consul-template
|
|
@ -0,0 +1 @@
|
|||
https://github.com/hashicorp/consul-template/releases/download/v0.10.0/consul-template_0.10.0_linux_amd64.tar.gz
|
134
cdist/conf/type/__consul_template/man.rst
Normal file
134
cdist/conf/type/__consul_template/man.rst
Normal file
|
@ -0,0 +1,134 @@
|
|||
cdist-type__consul_template(7)
|
||||
==============================
|
||||
Manage the consul-template service
|
||||
|
||||
Steven Armstrong <steven-cdist--@--armstrong.cc>
|
||||
|
||||
|
||||
DESCRIPTION
|
||||
-----------
|
||||
Downloads and installs the consul-template binary from
|
||||
https://github.com/hashicorp/consul-template/releases/download/.
|
||||
Generates a global config file and creates directory for per template config files.
|
||||
Note that the consul-template binary is downloaded on the server (the machine running
|
||||
cdist) and then deployed to the target host using the __file type.
|
||||
|
||||
|
||||
REQUIRED PARAMETERS
|
||||
-------------------
|
||||
None.
|
||||
|
||||
|
||||
OPTIONAL PARAMETERS
|
||||
-------------------
|
||||
auth-username
|
||||
specify a username for basic authentication.
|
||||
|
||||
auth-password
|
||||
specify a password for basic authentication.
|
||||
|
||||
batch-size
|
||||
the size of the batch when polling multiple dependencies.
|
||||
|
||||
consul
|
||||
the location of the Consul instance to query (may be an IP address or FQDN) with port.
|
||||
Defaults to 'localhost:8500'.
|
||||
|
||||
log-level
|
||||
The log level for output. This applies to the stdout/stderr logging as well
|
||||
as syslog logging (if enabled). Valid values are "debug", "info", "warn",
|
||||
and "err". The default value is "warn".
|
||||
|
||||
max-stale
|
||||
the maximum staleness of a query. If specified, Consul will distribute work among all
|
||||
servers instead of just the leader.
|
||||
|
||||
retry
|
||||
the amount of time to wait if Consul returns an error when communicating
|
||||
with the API.
|
||||
|
||||
state
|
||||
either 'present' or 'absent'. Defaults to 'present'
|
||||
|
||||
ssl-cert
|
||||
Path to an SSL client certificate to use to authenticate to the consul server.
|
||||
Useful if the consul server "verify_incoming" option is set.
|
||||
|
||||
ssl-ca-cert
|
||||
Path to a CA certificate file, containing one or more CA certificates to
|
||||
use to validate the certificate sent by the consul server to us. This is a
|
||||
handy alternative to setting --ssl-no-verify if you are using your own CA.
|
||||
|
||||
syslog-facility
|
||||
The facility to use when sending to syslog. This requires the use of --syslog.
|
||||
The default value is LOCAL0.
|
||||
|
||||
token
|
||||
the Consul API token.
|
||||
|
||||
vault-address
|
||||
the location of the Vault instance to query (may be an IP address or FQDN) with port.
|
||||
|
||||
vault-token
|
||||
the Vault API token.
|
||||
|
||||
vault-ssl-cert
|
||||
Path to an SSL client certificate to use to authenticate to the vault server.
|
||||
|
||||
vault-ssl-ca-cert
|
||||
Path to a CA certificate file, containing one or more CA certificates to
|
||||
use to validate the certificate sent by the vault server to us.
|
||||
|
||||
version
|
||||
which version of consul-template to install. See ./files/versions for a list of
|
||||
supported versions. Defaults to the latest known version.
|
||||
|
||||
wait
|
||||
the minimum(:maximum) to wait before rendering a new template to disk and
|
||||
triggering a command, separated by a colon (:). If the optional maximum
|
||||
value is omitted, it is assumed to be 4x the required minimum value.
|
||||
|
||||
|
||||
BOOLEAN PARAMETERS
|
||||
------------------
|
||||
ssl
|
||||
use HTTPS while talking to Consul. Requires the Consul server to be configured to serve secure connections.
|
||||
|
||||
ssl-no-verify
|
||||
ignore certificate warnings. Only used if ssl is enabled.
|
||||
|
||||
syslog
|
||||
Send log output to syslog (in addition to stdout and stderr).
|
||||
|
||||
vault-ssl
|
||||
use HTTPS while talking to Vault. Requires the Vault server to be configured to serve secure connections.
|
||||
|
||||
vault-ssl-no-verify
|
||||
ignore certificate warnings. Only used if vault is enabled.
|
||||
|
||||
|
||||
EXAMPLES
|
||||
--------
|
||||
|
||||
.. code-block:: sh
|
||||
|
||||
__consul_template \
|
||||
--consul consul.service.consul:8500 \
|
||||
--retry 30s
|
||||
|
||||
# specific version
|
||||
__consul_template \
|
||||
--version 0.6.5 \
|
||||
--retry 30s
|
||||
|
||||
|
||||
SEE ALSO
|
||||
--------
|
||||
- `cdist-type(7) <cdist-type.html>`_
|
||||
- https://github.com/hashicorp/consul-template
|
||||
|
||||
|
||||
COPYING
|
||||
-------
|
||||
Copyright \(C) 2015 Steven Armstrong. Free use of this software is
|
||||
granted under the terms of the GNU General Public License version 3 (GPLv3).
|
190
cdist/conf/type/__consul_template/manifest
Executable file
190
cdist/conf/type/__consul_template/manifest
Executable file
|
@ -0,0 +1,190 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
|
||||
os=$(cat "$__global/explorer/os")
|
||||
|
||||
case "$os" in
|
||||
centos|redhat)
|
||||
# whitelist safeguard
|
||||
service_onchange='service consul-template status >/dev/null && service consul-template reload || true' \
|
||||
;;
|
||||
archlinux)
|
||||
service_onchange="systemctl status consul-template >/dev/null && systemctl reload consul-template || true"
|
||||
;;
|
||||
*)
|
||||
echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2
|
||||
echo "Please contribute an implementation for it if you can." >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
|
||||
versions_dir="$__type/files/versions"
|
||||
version="$(cat "$__object/parameter/version")"
|
||||
version_dir="$versions_dir/$version"
|
||||
|
||||
if [ ! -d "$version_dir" ]; then
|
||||
echo "Unknown consul-template version '$version'. Expected one of:" >&2
|
||||
ls "$versions_dir" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
state="$(cat "$__object/parameter/state")"
|
||||
|
||||
__staged_file /usr/local/bin/consul-template \
|
||||
--source "$(cat "$version_dir/source")" \
|
||||
--cksum "$(cat "$version_dir/cksum")" \
|
||||
--fetch-command 'curl -s -L "%s"' \
|
||||
--prepare-command 'tar -xzf "%s"; cat consul-template_*/consul-template' \
|
||||
--state "$state" \
|
||||
--group root \
|
||||
--owner root \
|
||||
--mode 755
|
||||
|
||||
|
||||
conf_dir="/etc/consul-template/conf.d"
|
||||
conf_file="config.hcl"
|
||||
template_dir="/etc/consul-template/template"
|
||||
|
||||
__directory /etc/consul-template \
|
||||
--owner root --group root --mode 750
|
||||
require="__directory/etc/consul-template" \
|
||||
__directory "$conf_dir" \
|
||||
--owner root --group root --mode 750
|
||||
require="__directory/etc/consul-template" \
|
||||
__directory "$template_dir" \
|
||||
--owner root --group root --mode 750
|
||||
|
||||
|
||||
# Generate hcl config file
|
||||
(
|
||||
for param in $(ls "$__object/parameter/"); do
|
||||
case "$param" in
|
||||
auth-password|state|ssl-*|syslog-*|version|vault-token|vault-ssl*) continue ;;
|
||||
auth-username)
|
||||
printf 'auth {\n'
|
||||
printf ' enabled = true\n'
|
||||
printf ' username = "%s"\n' "$(cat "$__object/parameter/auth-username")"
|
||||
if [ -f "$__object/parameter/auth-password" ]; then
|
||||
printf ' password = %s\n' "$(cat "$__object/parameter/auth-password")"
|
||||
fi
|
||||
printf '}\n'
|
||||
;;
|
||||
ssl)
|
||||
printf 'ssl {\n'
|
||||
printf ' enabled = true\n'
|
||||
if [ -f "$__object/parameter/ssl-no-verify" ]; then
|
||||
printf ' verify = false\n'
|
||||
fi
|
||||
if [ -f "$__object/parameter/ssl-cert" ]; then
|
||||
printf ' cert = "%s"\n' "$(cat "$__object/parameter/ssl-cert")"
|
||||
fi
|
||||
if [ -f "$__object/parameter/ssl-ca-cert" ]; then
|
||||
printf ' ca_cert = "%s"\n' "$(cat "$__object/parameter/ssl-ca-cert")"
|
||||
fi
|
||||
printf '}\n'
|
||||
;;
|
||||
syslog)
|
||||
printf 'syslog {\n'
|
||||
printf ' enabled = true\n'
|
||||
if [ -f "$__object/parameter/syslog-facility" ]; then
|
||||
printf ' facility = "%s"\n' "$(cat "$__object/parameter/syslog-facility")"
|
||||
fi
|
||||
printf '}\n'
|
||||
;;
|
||||
vault-address)
|
||||
printf 'vault {\n'
|
||||
printf ' address = "%s"\n' "$(cat "$__object/parameter/vault-address")"
|
||||
if [ -f "$__object/parameter/vault-token" ]; then
|
||||
printf ' token = "%s"\n' "$(cat "$__object/parameter/vault-token")"
|
||||
fi
|
||||
if [ -f "$__object/parameter/vault-ssl" ]; then
|
||||
printf ' ssl {\n'
|
||||
printf ' enabled = true\n'
|
||||
if [ -f "$__object/parameter/vault-ssl-no-verify" ]; then
|
||||
printf ' verify = false\n'
|
||||
fi
|
||||
if [ -f "$__object/parameter/vault-ssl-cert" ]; then
|
||||
printf ' cert = "%s"\n' "$(cat "$__object/parameter/vault-ssl-cert")"
|
||||
fi
|
||||
if [ -f "$__object/parameter/vault-ssl-ca-cert" ]; then
|
||||
printf ' ca_cert = "%s"\n' "$(cat "$__object/parameter/vault-ssl-ca-cert")"
|
||||
fi
|
||||
printf ' }\n'
|
||||
fi
|
||||
printf '}\n'
|
||||
;;
|
||||
*)
|
||||
# string key=value parameters
|
||||
key="$(echo "$param" | tr '-' '_')"
|
||||
printf '%s = "%s"\n' "$key" "$(cat "$__object/parameter/$param")"
|
||||
;;
|
||||
esac
|
||||
done
|
||||
) | \
|
||||
require="__directory${conf_dir}" \
|
||||
__config_file "${conf_dir}/${conf_file}" \
|
||||
--owner root --group root --mode 640 \
|
||||
--state "$state" \
|
||||
--onchange "$service_onchange" \
|
||||
--source -
|
||||
|
||||
|
||||
# Install init script to start on boot
|
||||
service="consul-template"
|
||||
case "$os" in
|
||||
centos|redhat)
|
||||
os_version="$(sed 's/[^0-9.]//g' "$__global/explorer/os_version")"
|
||||
major_version="${os_version%%.*}"
|
||||
case "$major_version" in
|
||||
7)
|
||||
__file "/lib/systemd/system/${service}.service" \
|
||||
--owner root --group root --mode 0555 \
|
||||
--state "$state" \
|
||||
--source "$__type/files/${service}.systemd"
|
||||
export require="__file/lib/systemd/system/${service}.service"
|
||||
;;
|
||||
*)
|
||||
__file "/etc/init.d/${service}" \
|
||||
--owner root --group root --mode 0555 \
|
||||
--state "$state" \
|
||||
--source "$__type/files/${service}.sysv"
|
||||
export require="__file/etc/init.d/${service}"
|
||||
;;
|
||||
esac
|
||||
__start_on_boot "$service" --state "$state"
|
||||
;;
|
||||
ubuntu)
|
||||
__file "/etc/init/${service}.conf" \
|
||||
--owner root --group root --mode 0644 \
|
||||
--state "$state" \
|
||||
--source "$__type/files/${service}.upstart"
|
||||
export require="__file/etc/init/${service}.conf"
|
||||
__start_on_boot "$service" --state "$state"
|
||||
;;
|
||||
archlinux)
|
||||
__file "/lib/systemd/system/${service}.service" \
|
||||
--owner root --group root --mode 0555 \
|
||||
--state "$state" \
|
||||
--source "$__type/files/${service}.systemd"
|
||||
export require="__file/lib/systemd/system/${service}.service"
|
||||
__start_on_boot "$service" --state "$state"
|
||||
;;
|
||||
esac
|
93
cdist/conf/type/__consul_template/notes
Normal file
93
cdist/conf/type/__consul_template/notes
Normal file
|
@ -0,0 +1,93 @@
|
|||
# < 0.7.0
|
||||
ssl = true
|
||||
ssl_no_verify = true
|
||||
|
||||
# >= 0.7.0
|
||||
ssl {
|
||||
enabled = true
|
||||
verify = false
|
||||
}
|
||||
|
||||
# >= 0.9.0
|
||||
ssl-cert
|
||||
ssl-ca-cert
|
||||
|
||||
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
### from docs
|
||||
|
||||
|
||||
ssl {
|
||||
enabled = true
|
||||
verify = false
|
||||
cert = "/path/to/client/cert.pem"
|
||||
ca_cert = "/path/to/ca/cert.pem"
|
||||
}
|
||||
|
||||
|
||||
ssl
|
||||
Use HTTPS while talking to Consul. Requires the Consul server to be configured to serve secure connections. The default value is false.
|
||||
|
||||
ssl-verify
|
||||
Verify certificates when connecting via SSL. This requires the use of -ssl. The default value is true.
|
||||
|
||||
ssl-cert
|
||||
Path to an SSL client certificate to use to authenticate to the consul server. Useful if the consul server "verify_incoming" option is set.
|
||||
|
||||
ssl-ca-cert
|
||||
Path to a CA certificate file, containing one or more CA certificates to use to validate the certificate sent by the consul server to us. This is a handy alternative to setting --ssl-verify=false if you are using your own CA.
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
|
||||
### example config file from docs
|
||||
|
||||
consul = "127.0.0.1:8500"
|
||||
token = "abcd1234" // May also be specified via the envvar CONSUL_TOKEN
|
||||
retry = "10s"
|
||||
max_stale = "10m"
|
||||
log_level = "warn"
|
||||
pid_file = "/path/to/pid"
|
||||
|
||||
vault {
|
||||
address = "https://vault.service.consul:8200"
|
||||
token = "abcd1234" // May also be specified via the envvar VAULT_TOKEN
|
||||
ssl {
|
||||
enabled = true
|
||||
verify = true
|
||||
cert = "/path/to/client/cert.pem"
|
||||
ca_cert = "/path/to/ca/cert.pem"
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
--auth-username
|
||||
--auth-password
|
||||
# if any are given enabled = true
|
||||
auth {
|
||||
enabled = true
|
||||
username = "test"
|
||||
password = "test"
|
||||
}
|
||||
|
||||
ssl {
|
||||
enabled = true
|
||||
verify = false
|
||||
cert = "/path/to/client/cert.pem"
|
||||
ca_cert = "/path/to/ca/cert.pem"
|
||||
}
|
||||
|
||||
syslog {
|
||||
enabled = true
|
||||
facility = "LOCAL5"
|
||||
}
|
||||
|
||||
template {
|
||||
source = "/path/on/disk/to/template"
|
||||
destination = "/path/on/disk/where/template/will/render"
|
||||
command = "optional command to run when the template is updated"
|
||||
}
|
||||
|
||||
template {
|
||||
// Multiple template definitions are supported
|
||||
}
|
5
cdist/conf/type/__consul_template/parameter/boolean
Normal file
5
cdist/conf/type/__consul_template/parameter/boolean
Normal file
|
@ -0,0 +1,5 @@
|
|||
ssl
|
||||
ssl-no-verify
|
||||
syslog
|
||||
vault-ssl
|
||||
vault-ssl-no-verify
|
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue