diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 00000000..45c10d7b
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,8 @@
+.gitignore export-ignore
+.gitattributes export-ignore
+.gitkeep export-ignore
+docs/speeches export-ignore
+docs/video export-ignore
+docs/src/man7 export-ignore
+bin/build-helper export-ignore
+README-maintainers export-ignore
diff --git a/.gitignore b/.gitignore
index 6e2d4437..ed8b453a 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,24 +1,52 @@
# -vim
-.*.swp
+# Swap
+[._]*.s[a-v][a-z]
+[._]*.sw[a-p]
+[._]s[a-rt-v][a-z]
+[._]ss[a-gi-z]
+[._]sw[a-p]
+
+# Session
+Session.vim
+
+# Temporary
+.netrwhist
+*~
+*.tmp
+# Auto-generated tag files
+tags
+# Persistent undo
+[._]*.un~
# Ignore generated manpages
-docs/man/.marker
-docs/man/man1/*.1
-docs/man/man7/*.7
-docs/man/man*/*.html
-docs/man/man*/*.xml
-docs/man/man*/docbook-xsl.css
-docs/man/man7/cdist-type__*.text
-docs/man/man7/cdist-reference.text
+docs/src/.marker
+docs/src/man1/*.1
+docs/src/man7/*.7
+docs/src/man7/cdist-type__*.rst
+docs/src/cdist-reference.rst
# Ignore cdist cache for version control
/cache/
+# Ignore inventory basedir
+cdist/inventory/
+
# Python: cache, distutils, distribution in general
__pycache__/
-MANIFEST
+*.pyc
+/MANIFEST
dist/
cdist/version.py
+cdist.egg-info/
+
+# sphinx build dirs, cache
+_build/
+docs/dist
+
+# Ignore temp files used for signing
+cdist-*.tar
+cdist-*.tar.gz
+cdist-*.tar.gz.asc
# Packaging: Archlinux
/PKGBUILD
@@ -26,3 +54,8 @@ cdist/version.py
/cdist-*.tar.gz
/pkg
/src
+build
+.lock-*
+.git-current-branch
+.lock*
+.pypi-release
diff --git a/.version b/.version
deleted file mode 100644
index 71f08595..00000000
--- a/.version
+++ /dev/null
@@ -1 +0,0 @@
-2.1.0-pre1
diff --git a/Makefile b/Makefile
new file mode 100644
index 00000000..fa3327d1
--- /dev/null
+++ b/Makefile
@@ -0,0 +1,134 @@
+#
+# 2013 Nico Schottelius (nico-cdist at schottelius.org)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+
+.PHONY: help
+help:
+ @echo "Please use \`make ' where is one of"
+ @echo "man build only man user documentation"
+ @echo "html build only html user documentation"
+ @echo "docs build both man and html user documentation"
+ @echo "dotman build man pages for types in your ~/.cdist directory"
+ @echo "speeches build speeches pdf files"
+ @echo "install install in the system site-packages directory"
+ @echo "install-user install in the user site-packages directory"
+ @echo "docs-clean clean documentation"
+ @echo "clean clean"
+
+DOCS_SRC_DIR=./docs/src
+SPEECHDIR=./docs/speeches
+TYPEDIR=./cdist/conf/type
+
+SPHINXM=make -C $(DOCS_SRC_DIR) man
+SPHINXH=make -C $(DOCS_SRC_DIR) html
+SPHINXC=make -C $(DOCS_SRC_DIR) clean
+
+################################################################################
+# Manpages
+#
+MAN7DSTDIR=$(DOCS_SRC_DIR)/man7
+
+# Manpages #1: Types
+# Use shell / ls to get complete list - $(TYPEDIR)/*/man.rst does not work
+# Using ls does not work if no file with given pattern exist, so use wildcard
+MANTYPESRC=$(wildcard $(TYPEDIR)/*/man.rst)
+MANTYPEPREFIX=$(subst $(TYPEDIR)/,$(MAN7DSTDIR)/cdist-type,$(MANTYPESRC))
+MANTYPES=$(subst /man.rst,.rst,$(MANTYPEPREFIX))
+
+# Link manpage: do not create man.html but correct named file
+$(MAN7DSTDIR)/cdist-type%.rst: $(TYPEDIR)/%/man.rst
+ mkdir -p $(MAN7DSTDIR)
+ ln -sf "../../../$^" $@
+
+# Manpages #2: reference
+DOCSREF=$(MAN7DSTDIR)/cdist-reference.rst
+DOCSREFSH=$(DOCS_SRC_DIR)/cdist-reference.rst.sh
+
+$(DOCSREF): $(DOCSREFSH)
+ $(DOCSREFSH)
+
+version:
+ @[ -f "cdist/version.py" ] || { \
+ printf "Missing 'cdist/version.py', please generate it first.\n" && exit 1; \
+ }
+
+# Manpages #3: generic part
+man: version $(MANTYPES) $(DOCSREF)
+ $(SPHINXM)
+
+html: version $(MANTYPES) $(DOCSREF)
+ $(SPHINXH)
+
+docs: man html
+
+docs-clean:
+ $(SPHINXC)
+
+# Manpages: .cdist Types
+DOT_CDIST_PATH=${HOME}/.cdist
+DOTMAN7DSTDIR=$(MAN7DSTDIR)
+DOTTYPEDIR=$(DOT_CDIST_PATH)/type
+DOTMANTYPESRC=$(wildcard $(DOTTYPEDIR)/*/man.rst)
+DOTMANTYPEPREFIX=$(subst $(DOTTYPEDIR)/,$(DOTMAN7DSTDIR)/cdist-type,$(DOTMANTYPESRC))
+DOTMANTYPES=$(subst /man.rst,.rst,$(DOTMANTYPEPREFIX))
+
+# Link manpage: do not create man.html but correct named file
+$(DOTMAN7DSTDIR)/cdist-type%.rst: $(DOTTYPEDIR)/%/man.rst
+ ln -sf "$^" $@
+
+dotman: version $(DOTMANTYPES)
+ $(SPHINXM)
+
+################################################################################
+# Speeches
+#
+SPEECHESOURCES=$(SPEECHDIR)/*.tex
+SPEECHES=$(SPEECHESOURCES:.tex=.pdf)
+
+# Create speeches and ensure Toc is up-to-date
+$(SPEECHDIR)/%.pdf: $(SPEECHDIR)/%.tex
+ pdflatex -output-directory $(SPEECHDIR) $^
+ pdflatex -output-directory $(SPEECHDIR) $^
+ pdflatex -output-directory $(SPEECHDIR) $^
+
+speeches: $(SPEECHES)
+
+################################################################################
+# Misc
+#
+clean: docs-clean
+ rm -f $(DOCS_SRC_DIR)/cdist-reference.rst
+
+ find "$(DOCS_SRC_DIR)" -mindepth 2 -type l \
+ | xargs rm -f
+
+ find * -name __pycache__ | xargs rm -rf
+
+ # distutils
+ rm -rf ./build
+
+################################################################################
+# install
+#
+
+install:
+ python3 setup.py install
+
+install-user:
+ python3 setup.py install --user
diff --git a/PKGBUILD.in b/PKGBUILD.in
index a4e744ae..c0188e68 100755
--- a/PKGBUILD.in
+++ b/PKGBUILD.in
@@ -1,6 +1,6 @@
#!/bin/sh
-version=$(git describe)
+version="$1"
outfile=${0%.in}
cat << eof > "${outfile}"
@@ -9,7 +9,7 @@ pkgver=$version
pkgrel=1
pkgdesc='A Usable Configuration Management System"'
arch=('any')
-url='http://www.nico.schottelius.org/software/cdist/'
+url='https://www.cdi.st/'
license=('GPL3')
depends=('python>=3.2.0')
source=("http://pypi.python.org/packages/source/c/cdist/cdist-\${pkgver}.tar.gz")
@@ -17,10 +17,13 @@ source=("http://pypi.python.org/packages/source/c/cdist/cdist-\${pkgver}.tar.gz"
package() {
cd cdist-\${pkgver}
python3 setup.py build install --root="\${pkgdir}"
- mv "\${pkgdir}"/usr/bin/cdist.py "\${pkgdir}"/usr/bin/cdist
-
- #install -Dm644 offlineimap.1 "\${pkgdir}"/usr/share/man/man1/offlineimap.1
+ find "\$pkgdir" -type d -exec chmod 0755 {} \;
+ find "\$pkgdir" -type f -exec chmod a+r {} \;
}
eof
makepkg -g >> "${outfile}"
+
+# Fix this issue:
+# error: failed to upload cdist-3.1.6-1.src.tar.gz: Error - all files must have permissions of 644 or 755.
+chmod a+r "${outfile}"
diff --git a/README b/README
index a67e25e3..caf2dac8 100644
--- a/README
+++ b/README
@@ -3,4 +3,5 @@ cdist
cdist is a usable configuration management system.
-For the web documentation have a look at docs/web/.
+For the web documentation have a look at https://www.cdi.st/
+or at docs/src for reStructuredText manual.
diff --git a/README-maintainers b/README-maintainers
new file mode 100644
index 00000000..af57f475
--- /dev/null
+++ b/README-maintainers
@@ -0,0 +1,4 @@
+Maintainers should use ./bin/build-helper script.
+
+Makefile is intended for end users. It can be used for non-maintaining
+targets that can be run from pure source (without git repository).
diff --git a/bin/build-helper b/bin/build-helper
new file mode 100755
index 00000000..9a776491
--- /dev/null
+++ b/bin/build-helper
@@ -0,0 +1,550 @@
+#!/bin/sh
+#
+# 2011-2013 Nico Schottelius (nico-cdist at schottelius.org)
+# 2016-2019 Darko Poljak (darko.poljak at gmail.com)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# This file contains the heavy lifting found usually in the Makefile.
+#
+
+usage() {
+ printf "usage: %s TARGET [TARGET-ARGS...]
+ Available targets:
+ changelog-changes
+ changelog-version
+ check-date
+ check-unittest
+ ml-release
+ archlinux-release
+ pypi-release
+ release-git-tag
+ sign-git-release
+ release
+ test
+ test-remote
+ pycodestyle
+ pep8
+ check-pycodestyle
+ shellcheck-global-explorers
+ shellcheck-type-explorers
+ shellcheck-manifests
+ shellcheck-local-gencodes
+ shellcheck-remote-gencodes
+ shellcheck-scripts
+ shellcheck-gencodes
+ shellcheck-types
+ shellcheck
+ shellcheck-type-files
+ shellcheck-with-files
+ shellcheck-build-helper
+ check-shellcheck
+ version-branch
+ version
+ target-version
+ clean
+ distclean\n" "$1"
+}
+
+basename="${0##*/}"
+
+if [ $# -lt 1 ]
+then
+ usage "${basename}"
+ exit 1
+fi
+
+option=$1; shift
+
+SHELLCHECKCMD="shellcheck -s sh -f gcc -x"
+# Skip SC2154 for variables starting with __ since such variables are cdist
+# environment variables.
+SHELLCHECK_SKIP=': __.*is referenced but not assigned.*\[SC2154\]'
+
+# Change to checkout directory
+basedir="${0%/*}/../"
+cd "$basedir"
+
+case "$option" in
+ changelog-changes)
+ if [ "$#" -eq 1 ]; then
+ start=$1
+ else
+ start="[[:digit:]]"
+ fi
+
+ end="[[:digit:]]"
+
+ awk -F: "BEGIN { start=0 }
+ {
+ if(start == 0) {
+ if (\$0 ~ /^$start/) {
+ start = 1
+ }
+ } else {
+ if (\$0 ~ /^$end/) {
+ exit
+ } else {
+ print \$0
+ }
+ }
+ }" "$basedir/docs/changelog"
+ ;;
+
+ changelog-version)
+ # get version from changelog
+ grep '^[[:digit:]]' "$basedir/docs/changelog" | head -n1 | sed 's/:.*//'
+ ;;
+
+ check-date)
+ # verify date in changelog is today
+ date_today="$(date +%Y-%m-%d)"
+ date_changelog=$(grep '^[[:digit:]]' "$basedir/docs/changelog" | head -n1 | sed 's/.*: //')
+
+ if [ "$date_today" != "$date_changelog" ]; then
+ printf "Date in changelog is not today\n"
+ printf "Changelog date: %s\n" "${date_changelog}"
+ exit 1
+ fi
+ ;;
+
+ check-unittest)
+ "$0" test
+ ;;
+
+ ml-release)
+ if [ $# -ne 1 ]; then
+ printf "%s ml-release version\n" "$0" >&2
+ exit 1
+ fi
+
+ version=$1; shift
+
+ (
+ cat << eof
+Subject: cdist $version has been released
+
+Hello .*,
+
+cdist $version has been released with the following changes:
+
+eof
+
+ "$0" changelog-changes "$version"
+ cat << eof
+
+eof
+ ) > mailinglist.tmp
+ ;;
+
+ archlinux-release)
+ if [ $# -ne 1 ]; then
+ printf "%s archlinux-release version\n" "$0" >&2
+ exit 1
+ fi
+ version=$1; shift
+
+ ARCHLINUXTAR="cdist-${version}-1.src.tar.gz"
+ ./PKGBUILD.in "${version}"
+ umask 022
+ mkaurball
+ burp -c system "${ARCHLINUXTAR}"
+ ;;
+
+ pypi-release)
+ # Ensure that pypi release has the right version
+ "$0" version
+
+ make docs-clean
+ make docs
+ python3 setup.py sdist upload
+ ;;
+
+ release-git-tag)
+ target_version=$($0 changelog-version)
+ if git rev-parse --verify "refs/tags/${target_version}" 2>/dev/null; then
+ printf "Tag for %s exists, aborting\n" "${target_version}"
+ exit 1
+ fi
+ printf "Enter tag description for %s: " "${target_version}"
+ read -r tagmessage
+
+ # setup for signed tags:
+ # gpg --fulL-gen-key
+ # gpg --list-secret-keys --keyid-format LONG
+ # git config --local user.signingkey
+ # for exporting pub key:
+ # gpg --armor --export > pubkey.asc
+ # gpg --output pubkey.gpg --export
+ # show tag with signature
+ # git show
+ # verify tag signature
+ # git tag -v
+ #
+ # gpg verify signature
+ # gpg --verify
+ # gpg --no-default-keyring --keyring --verify
+ # Ensure gpg-agent is running.
+ GPG_TTY=$(tty)
+ export GPG_TTY
+ gpg-agent
+
+ git tag -s "$target_version" -m "$tagmessage"
+ git push --tags
+ ;;
+
+ sign-git-release)
+ if [ $# -lt 2 ]
+ then
+ printf "usage: %s sign-git-release TAG TOKEN [ARCHIVE]\n" "$0"
+ printf " if ARCHIVE is not specified then it is created\n"
+ exit 1
+ fi
+ tag="$1"
+ if ! git rev-parse -q --verify "${tag}" >/dev/null 2>&1
+ then
+ printf "Tag \"%s\" not found.\n" "${tag}"
+ exit 1
+ fi
+ token="$2"
+ if [ $# -gt 2 ]
+ then
+ archivename="$3"
+ else
+ archivename="cdist-${tag}.tar"
+ git archive --prefix="cdist-${tag}/" -o "${archivename}" "${tag}" \
+ || exit 1
+ # make sure target version is generated
+ "$0" target-version
+ tar -x -f "${archivename}" || exit 1
+ cp cdist/version.py "cdist-${tag}/cdist/version.py" || exit 1
+ tar -c -f "${archivename}" "cdist-${tag}/" || exit 1
+ rm -r -f "cdist-${tag}/"
+ gzip "${archivename}" || exit 1
+ archivename="${archivename}.gz"
+ fi
+ gpg --armor --detach-sign "${archivename}" || exit 1
+
+ project="ungleich-public%2Fcdist"
+ sed_cmd='s/^.*"markdown":"\([^"]*\)".*$/\1/'
+
+ # upload archive
+ response_archive=$(curl -f -X POST \
+ --http1.1 \
+ -H "PRIVATE-TOKEN: ${token}" \
+ -F "file=@${archivename}" \
+ "https://code.ungleich.ch/api/v4/projects/${project}/uploads" \
+ | sed "${sed_cmd}") || exit 1
+
+ # upload archive signature
+ response_archive_sig=$(curl -f -X POST \
+ --http1.1 \
+ -H "PRIVATE-TOKEN: ${token}" \
+ -F "file=@${archivename}.asc" \
+ "https://code.ungleich.ch/api/v4/projects/${project}/uploads" \
+ | sed "${sed_cmd}") || exit 1
+
+ # make release
+ changelog=$("$0" changelog-changes "$1" | sed 's/^[[:space:]]*//')
+ release_notes=$(
+ printf "%s\n\n%s\n\n**Changelog**\n\n%s\n" \
+ "${response_archive}" "${response_archive_sig}" "${changelog}"
+ )
+ curl -f -X POST \
+ -H "PRIVATE-TOKEN: ${token}" \
+ -F "description=${release_notes}" \
+ "https://code.ungleich.ch/api/v4/projects/${project}/repository/tags/${tag}/release" \
+ || exit 1
+
+ # remove generated files (archive and asc)
+ if [ $# -eq 2 ]
+ then
+ rm -f "${archivename}"
+ fi
+ rm -f "${archivename}.asc"
+ ;;
+
+ release)
+ set -e
+ target_version=$($0 changelog-version)
+ target_branch=$($0 version-branch)
+
+ printf "Beginning release process for %s\n" "${target_version}"
+
+ # First check everything is sane
+ "$0" check-date
+ "$0" check-unittest
+ "$0" check-pycodestyle
+ "$0" check-shellcheck
+
+ # Generate version file to be included in packaging
+ "$0" target-version
+
+ # Ensure the git status is clean, else abort
+ if ! git diff-index --name-only --exit-code HEAD ; then
+ printf "Unclean tree, see files above, aborting.\n"
+ exit 1
+ fi
+
+ # Ensure we are on the master branch
+ masterbranch=yes
+ if [ "$(git rev-parse --abbrev-ref HEAD)" != "master" ]; then
+ printf "Releases are happening from the master branch, aborting.\n"
+
+ printf "Enter the magic word to release anyway:"
+ read -r magicword
+
+ if [ "$magicword" = "iknowwhatido" ]; then
+ masterbranch=no
+ else
+ exit 1
+ fi
+ fi
+
+ if [ "$masterbranch" = yes ]; then
+ # Ensure version branch exists
+ if ! git rev-parse --verify "refs/heads/${target_branch}" 2>/dev/null; then
+ git branch "$target_branch"
+ fi
+
+ # Merge master branch into version branch
+ git checkout "$target_branch"
+ git merge master
+ fi
+
+ # Verify that after the merge everything works
+ "$0" check-date
+ "$0" check-unittest
+
+ # Generate documentation (man and html)
+ # First, clean old generated docs
+ make docs-clean
+ make docs
+
+ #############################################################
+ # Everything green, let's do the release
+
+ # Tag the current commit
+ "$0" release-git-tag
+
+ # Also merge back the version branch
+ if [ "$masterbranch" = yes ]; then
+ git checkout master
+ git merge "$target_branch"
+ fi
+
+ # Publish git changes
+ # if you want to have mirror locally then uncomment this and comment below
+ # git push --mirror
+ git push
+ # push also new branch and set up tracking
+ git push -u origin "${target_branch}"
+ # fi
+
+ # Create and publish package for pypi
+ "$0" pypi-release
+
+ # sign git tag
+ printf "Enter upstream repository authentication token: "
+ read -r token
+ "$0" sign-git-release "${target_version}" "${token}"
+
+ # Announce change on ML
+ "$0" ml-release "${target_version}"
+
+ cat << eof
+Manual steps post release:
+ - cdist-web
+ - send mail body generated in mailinglist.tmp and inform Dmitry for deb
+ - twitter
+eof
+ ;;
+
+ test)
+ if [ ! -f "cdist/version.py" ]
+ then
+ printf "cdist/version.py is missing, generate it first.\n"
+ exit 1
+ fi
+
+ PYTHONPATH="$(pwd -P)"
+ export PYTHONPATH
+
+ if [ $# -lt 1 ]; then
+ python3 -m cdist.test
+ else
+ python3 -m unittest "$@"
+ fi
+ ;;
+
+ test-remote)
+ if [ ! -f "cdist/version.py" ]
+ then
+ printf "cdist/version.py is missing, generate it first.\n"
+ exit 1
+ fi
+
+ PYTHONPATH="$(pwd -P)"
+ export PYTHONPATH
+
+ python3 -m cdist.test.exec.remote
+ ;;
+
+ pycodestyle|pep8)
+ pycodestyle "${basedir}" "${basedir}/scripts/cdist" | less
+ ;;
+
+ check-pycodestyle)
+ "$0" pycodestyle
+ printf "\\nPlease review pycodestyle report.\\n"
+ while true
+ do
+ printf "Continue (yes/no)?\n"
+ any=
+ read -r any
+ case "$any" in
+ yes)
+ break
+ ;;
+ no)
+ exit 1
+ ;;
+ *)
+ printf "Please answer with 'yes' or 'no' explicitly.\n"
+ ;;
+ esac
+ done
+ ;;
+
+ shellcheck-global-explorers)
+ find cdist/conf/explorer -type f -exec ${SHELLCHECKCMD} {} + | grep -v "${SHELLCHECK_SKIP}" || exit 0
+ ;;
+
+ shellcheck-type-explorers)
+ find cdist/conf/type -type f -path "*/explorer/*" -exec ${SHELLCHECKCMD} {} + | grep -v "${SHELLCHECK_SKIP}" || exit 0
+ ;;
+
+ shellcheck-manifests)
+ find cdist/conf/type -type f -name manifest -exec ${SHELLCHECKCMD} {} + | grep -v "${SHELLCHECK_SKIP}" || exit 0
+ ;;
+
+ shellcheck-local-gencodes)
+ find cdist/conf/type -type f -name gencode-local -exec ${SHELLCHECKCMD} {} + | grep -v "${SHELLCHECK_SKIP}" || exit 0
+ ;;
+
+ shellcheck-remote-gencodes)
+ find cdist/conf/type -type f -name gencode-remote -exec ${SHELLCHECKCMD} {} + | grep -v "${SHELLCHECK_SKIP}" || exit 0
+ ;;
+
+ shellcheck-scripts)
+ ${SHELLCHECKCMD} scripts/cdist-dump scripts/cdist-new-type || exit 0
+ ;;
+
+ shellcheck-gencodes)
+ "$0" shellcheck-local-gencodes
+ "$0" shellcheck-remote-gencodes
+ ;;
+
+ shellcheck-types)
+ "$0" shellcheck-type-explorers
+ "$0" shellcheck-manifests
+ "$0" shellcheck-gencodes
+ ;;
+
+ shellcheck)
+ "$0" shellcheck-global-explorers
+ "$0" shellcheck-types
+ "$0" shellcheck-scripts
+ ;;
+
+ shellcheck-type-files)
+ find cdist/conf/type -type f -path "*/files/*" -exec ${SHELLCHECKCMD} {} + | grep -v "${SHELLCHECK_SKIP}" || exit 0
+ ;;
+
+ shellcheck-with-files)
+ "$0" shellcheck
+ "$0" shellcheck-type-files
+ ;;
+
+ shellcheck-build-helper)
+ ${SHELLCHECKCMD} ./bin/build-helper
+ ;;
+
+ check-shellcheck)
+ "$0" shellcheck
+ printf "\\nPlease review shellcheck report.\\n"
+ while true
+ do
+ printf "Continue (yes/no)?\n"
+ any=
+ read -r any
+ case "$any" in
+ yes)
+ break
+ ;;
+ no)
+ exit 1
+ ;;
+ *)
+ printf "Please answer with 'yes' or 'no' explicitly.\n"
+ ;;
+ esac
+ done
+ ;;
+
+ version-branch)
+ "$0" changelog-version | cut -d. -f '1,2'
+ ;;
+
+ version)
+ printf "VERSION = \"%s\"\n" "$(git describe)" > cdist/version.py
+ ;;
+
+ target-version)
+ target_version=$($0 changelog-version)
+ printf "VERSION = \"%s\"\n" "${target_version}" > cdist/version.py
+ ;;
+
+ clean)
+ make clean
+
+ # Archlinux
+ rm -f cdist-*.pkg.tar.xz cdist-*.tar.gz
+ rm -rf pkg/ src/
+
+ rm -f MANIFEST PKGBUILD
+ rm -rf dist/
+
+ # Signed release
+ rm -f cdist-*.tar.gz
+ rm -f cdist-*.tar.gz.asc
+
+ # Temp files
+ rm -f ./*.tmp
+ ;;
+
+ distclean)
+ "$0" clean
+ rm -f cdist/version.py
+ ;;
+ *)
+ printf "Unknown target: '%s'.\n" "${option}" >&2
+ usage "${basename}"
+ exit 1
+ ;;
+
+esac
diff --git a/bin/cdist b/bin/cdist
index dfe4fa00..645020a1 100755
--- a/bin/cdist
+++ b/bin/cdist
@@ -25,7 +25,7 @@ dir=${0%/*}
# Ensure version is present - the bundled/shipped version contains a static version,
# the git version contains a dynamic version
-"$dir/../build" version
+"$dir/build-helper" version
libdir=$(cd "${dir}/../" && pwd -P)
export PYTHONPATH="${libdir}"
diff --git a/build b/build
deleted file mode 100755
index b19be55a..00000000
--- a/build
+++ /dev/null
@@ -1,408 +0,0 @@
-#!/bin/sh
-#
-# 2011-2012 Nico Schottelius (nico-cdist at schottelius.org)
-#
-# This file is part of cdist.
-#
-# cdist is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# cdist is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with cdist. If not, see .
-#
-#
-# Push a directory to a target, both sides have the same name (i.e. explorers)
-# or
-# Pull a directory from a target, both sides have the same name (i.e. explorers)
-#
-
-# exit on any error
-#set -e
-
-basedir=${0%/*}
-version=$(git describe)
-
-# Manpage and HTML
-A2XM="a2x -f manpage --no-xmllint -a encoding=UTF-8"
-A2XH="a2x -f xhtml --no-xmllint -a encoding=UTF-8"
-
-# Developer webbase
-WEBDIR=$HOME/www.nico.schottelius.org
-WEBBLOG=$WEBDIR/blog
-WEBTOPDIR=$WEBDIR/software
-WEBBASE=$WEBTOPDIR/cdist
-WEBMAN=$WEBBASE/man/$version
-WEBPAGE=${WEBBASE}.mdwn
-
-# Documentation
-MANDIR=docs/man
-MAN1DSTDIR=${MANDIR}/man1
-MAN7DSTDIR=${MANDIR}/man7
-SPEECHESDIR=docs/speeches
-
-# Change to checkout directory
-cd "$basedir"
-
-case "$1" in
- man)
- set -e
- "$0" mangen
- "$0" mantype
- "$0" manbuild
- ;;
-
- manbuild)
- trap abort INT
- abort() {
- kill 0
- }
- for section in 1 7; do
- for src in ${MANDIR}/man${section}/*.text; do
- manpage="${src%.text}.$section"
- if [ ! -f "$manpage" -o "$manpage" -ot "$src" ]; then
- echo "Compiling man page for $src"
- $A2XM "$src"
- fi
- htmlpage="${src%.text}.html"
- if [ ! -f "$htmlpage" -o "$htmlpage" -ot "$src" ]; then
- echo "Compiling html page for $src"
- $A2XH "$src"
- fi
- done
- done
- ;;
-
- mantype)
- for mansrc in cdist/conf/type/*/man.text; do
- dst="$(echo $mansrc | sed -e 's;cdist/conf/;cdist-;' -e 's;/;;' -e 's;/man;;' -e 's;^;docs/man/man7/;')"
- ln -sf "../../../$mansrc" "$dst"
- done
- ;;
-
- mangen)
- ${MANDIR}/cdist-reference.text.sh
- ;;
-
- man-pub)
- $0 man
-
- rm -rf "${WEBMAN}"
- mkdir -p "${WEBMAN}/man1" "${WEBMAN}/man7"
- cp ${MAN1DSTDIR}/*.html ${MAN1DSTDIR}/*.css ${WEBMAN}/man1
- cp ${MAN7DSTDIR}/*.html ${MAN7DSTDIR}/*.css ${WEBMAN}/man7
- ;;
-
- dist)
- set -e
- # Do the checks
- $0 dist-check
-
- # Git changes - everything depends on this
- $0 dist-tag
- $0 dist-branch-merge
-
- # Pypi first - is the base for others
- $0 dist-pypi
-
- # Archlinux depends on successful pypi ;-)
- $0 dist-archlinux
-
- # Update website (includes documentation)
- $0 web
-
- # Update manpages on website
- $0 man-pub
-
- # update git repos
- $0 pub
-
- $0 dist-blog
- $0 dist-freecode
- $0 dist-ml
- $0 dist-manual
- ;;
-
- changelog-changes)
- awk -F: 'BEGIN { start=0 } { if ($0 ~ /^[[:digit:]]/) { if(start == 0) {start = 1 } else { exit } } else { if(start==1) {print $0 }} }' "$basedir/docs/changelog"
- ;;
-
- changelog-version)
- # get version from changelog and ensure it's not already present
- grep '^[[:digit:]]' "$basedir/docs/changelog" | head -n1 | sed 's/:.*//'
- ;;
-
- dist-check)
- set -e
- echo "Verifying documentation building works ..."
- $0 clean
- $0 man
-
- changelog_version=$($0 changelog-version)
- echo "Target version from changelog: $changelog_version"
-
- if git show --quiet $changelog_version >/dev/null 2>&1; then
- echo "Version $changelog_version already exists, aborting."
- exit 1
- fi
-
- # verify date in changelog
- date_today="$(date +%Y-%m-%d)"
- date_changelog=$(grep '^[[:digit:]]' "$basedir/docs/changelog" | head -n1 | sed 's/.*: //')
-
- if [ "$date_today" != "$date_changelog" ]; then
- echo "Date in changelog is not today"
- echo "Changelog: $date_changelog"
- exit 1
- fi
-
- ;;
-
- blog)
- version=$($0 changelog-version)
- blogfile=$WEBBLOG/cdist-${version}-released.mdwn
- cat << eof > "$blogfile"
-[[!meta title="Cdist $version released"]]
-
-Here's a short overview about the changes found in this release:
-
-eof
-
- $0 changelog-changes >> "$blogfile"
-
- cat << eof >> "$blogfile"
-For more information visit the [[cdist homepage|software/cdist]].
-
-[[!tag cdist config unix]]
-eof
- ;;
-
- dist-blog)
- $0 blog
- version=$($0 changelog-version)
- file=cdist-${version}-released.mdwn
- cd "$WEBBLOG"
- git add "$file"
- git commit -m "New cdist version (blogentry): $version" "$file"
- git push
- ;;
-
- dist-ml)
- $0 blog
- version=$($0 changelog-version)
- to_a=cdist
- to_d=l.schottelius.org
- to=${to_a}@${to_d}
-
- from_a=nico-cdist
- from_d=schottelius.org
- from=${from_a}@${from_d}
-
- (
- cat << eof
-From: Nico -telmich- Schottelius <$from>
-To: cdist mailing list <$to>
-Subject: cdist $version released
-
-Hello .*,
-
-cdist $version has been released with the following changes:
-
-eof
-
- "$0" changelog-changes
- cat << eof
-
-Cheers,
-
-Nico
-
---
-Automatisation at its best level. With cdist.
-eof
- ) | /usr/sbin/sendmail -f "$from" "$to"
- ;;
-
-
- dist-manual)
- cat << notes
-
- To be done manually...
-
- - linkedin entry
-notes
-
- ;;
-
- dist-tag)
- version=$($0 changelog-version)
- # add tag
- printf "Enter tag description for %s> " "$version"
- read tagmessage
- git tag "$version" -m "$tagmessage"
- ;;
-
- dist-branch-merge)
- version=$($0 changelog-version)
- target_branch=${version%\.*}
- current_branch=$(git rev-parse --abbrev-ref HEAD)
-
- if [ "$target_branch" = "$current_branch" ]; then
- echo "Skipping merge, already on destination branch"
- else
- printf "Press enter to git merge $current_branch into \"$target_branch\" > "
- read prompt
- git checkout "$target_branch"
- git merge "$current_branch"
- git checkout "$current_branch"
- fi
- ;;
-
- dist-archlinux)
- $0 dist-archlinux-makepkg
- $0 dist-archlinux-aur-upload
- ;;
-
- dist-archlinux-makepkg)
- ./PKGBUILD.in
- makepkg -c --source
- ;;
-
- dist-archlinux-aur-upload)
- version=$($0 changelog-version)
- tar=cdist-${version}-1.src.tar.gz
- burp -c system "$tar"
- ;;
-
- dist-freecode)
- version=$($0 changelog-version)
- api_token=$(awk '/machine freecode login/ { print $8 }' ~/.netrc)
-
- printf "Enter tag list for freecode release %s> " "$version"
- read taglist
-
- printf "Enter changelog for freecode release %s> " "$version"
- read changelog
-
- echo "Submit preview"
- cat << eof
-tag_list = $taglist
-changelog = $changelog
-version = $version
-eof
- printf "Press enter to submit to freecode> "
- read dummy
-
- cat << eof | cfreecode-api release-add cdist
- {
- "auth_code": "$api_token",
- "release": {
- "tag_list": "$taglist",
- "version": "$version",
- "changelog": "$changelog",
- "hidden_from_frontpage": false
- }
- }
-eof
-
- ;;
-
- dist-pypi)
- $0 man
- $0 version
- python3 setup.py sdist upload
- ;;
-
- speeches)
- cd "$SPEECHESDIR"
- for speech in *tex; do
- pdflatex "$speech"
- pdflatex "$speech"
- pdflatex "$speech"
- done
- ;;
-
- web)
- set -e
- rsync -av "${basedir}/docs/web/" "${WEBTOPDIR}"
-
- cd "${WEBDIR}" && git add "${WEBBASE}"
- cd "${WEBDIR}" && git commit -m "cdist update" "${WEBBASE}" "${WEBPAGE}"
- cd "${WEBDIR}" && make pub
-
- # Fix ikiwiki, which does not like symlinks for pseudo security
- ssh tee.schottelius.org \
- "cd /home/services/www/nico/www.nico.schottelius.org/www/software/cdist/man &&
- rm -f latest && ln -sf "$version" latest"
- ;;
-
- p|pu|pub)
- for remote in "" github sf ethz; do
- echo "Pushing to $remote"
- git push --mirror $remote
- done
- ;;
-
- clean)
- rm -f ${MAN7DSTDIR}/cdist-reference.text
-
- find "${MANDIR}" -mindepth 2 -type l \
- -o -name "*.1" \
- -o -name "*.7" \
- -o -name "*.html" \
- -o -name "*.xml" \
- | xargs rm -f
-
- find * -name __pycache__ | xargs rm -rf
- ;;
- clean-dist)
- rm -f cdist/version.py MANIFEST PKGBUILD
- rm -rf cache/ dist/
-
- # Archlinux
- rm -f cdist-*.pkg.tar.xz cdist-*.tar.gz
- rm -rf pkg/ src/
- ;;
-
- very-clean)
- $0 clean
- $0 clean-dist
- ;;
-
- test)
- shift # skip t
- export PYTHONPATH="$(pwd -P)"
-
- if [ $# -lt 1 ]; then
- python3 -m cdist.test
- else
- python3 -m unittest "$@"
- fi
- ;;
-
- version)
- echo "VERSION=\"$version\"" > cdist/version.py
- ;;
-
- *)
- echo ''
- echo 'Welcome to cdist!'
- echo ''
- echo 'Here are the possible targets:'
- echo ''
- echo ' clean: Remove build stuff'
- echo ' man: Build manpages (requires Asciidoc)'
- echo ' test: Run tests'
- echo ''
- echo ''
- echo "Unknown target, \"$1\"" >&2
- exit 1
- ;;
-
-esac
diff --git a/cdist/__init__.py b/cdist/__init__.py
index 02d708b1..c673b3ba 100644
--- a/cdist/__init__.py
+++ b/cdist/__init__.py
@@ -1,6 +1,7 @@
# -*- coding: utf-8 -*-
#
-# 2010-2012 Nico Schottelius (nico-cdist at schottelius.org)
+# 2010-2015 Nico Schottelius (nico-cdist at schottelius.org)
+# 2012-2017 Steven Armstrong (steven-cdist at armstrong.cc)
#
# This file is part of cdist.
#
@@ -20,8 +21,9 @@
#
import os
-import subprocess
+import hashlib
+import cdist.log
import cdist.version
VERSION = cdist.version.VERSION
@@ -40,24 +42,199 @@ BANNER = """
"8888P' `"888*"" R888" ` ^"F 'Y"
"P' "" ""
"""
-DOT_CDIST = ".cdist"
+
+REMOTE_COPY = "scp -o User=root -q"
+REMOTE_EXEC = "ssh -o User=root"
+REMOTE_CMDS_CLEANUP_PATTERN = "ssh -o User=root -O exit -S {}"
class Error(Exception):
"""Base exception class for this project"""
pass
-class CdistObjectError(Error):
- """Something went wrong with an object"""
-
- def __init__(self, cdist_object, message):
- self.name = cdist_object.name
- self.source = " ".join(cdist_object.source)
- self.message = message
+class UnresolvableRequirementsError(cdist.Error):
+ """Resolving requirements failed"""
+ pass
+
+
+class CdistBetaRequired(cdist.Error):
+ """Beta functionality is used but beta is not enabled"""
+
+ def __init__(self, command, arg=None):
+ self.command = command
+ self.arg = arg
def __str__(self):
- return '%s: %s (defined at %s)' % (self.name, self.message, self.source)
+ if self.arg is None:
+ err_msg = ("\'{}\' command is beta, but beta is "
+ "not enabled. If you want to use it please enable beta "
+ "functionalities by using the -b/--beta command "
+ "line flag or setting CDIST_BETA env var.")
+ fmt_args = [self.command, ]
+ else:
+ err_msg = ("\'{}\' argument of \'{}\' command is beta, but beta "
+ "is not enabled. If you want to use it please enable "
+ "beta functionalities by using the -b/--beta "
+ "command line flag or setting CDIST_BETA env var.")
+ fmt_args = [self.arg, self.command, ]
+ return err_msg.format(*fmt_args)
+
+
+class CdistEntityError(Error):
+ """Something went wrong while executing cdist entity"""
+ def __init__(self, entity_name, entity_params, stdout_paths,
+ stderr_paths, subject=''):
+ self.entity_name = entity_name
+ self.entity_params = entity_params
+ self.stderr_paths = stderr_paths
+ self.stdout_paths = stdout_paths
+ if isinstance(subject, Error):
+ self.original_error = subject
+ else:
+ self.original_error = None
+ self.message = str(subject)
+
+ def _stdpath(self, stdpaths, header_name):
+ result = {}
+ for name, path in stdpaths:
+ if name not in result:
+ result[name] = []
+ try:
+ if os.path.exists(path) and os.path.getsize(path) > 0:
+ output = []
+ label_begin = name + ":" + header_name
+ output.append(label_begin)
+ output.append('\n')
+ output.append('-' * len(label_begin))
+ output.append('\n')
+ with open(path, 'r') as fd:
+ output.append(fd.read())
+ output.append('\n')
+ result[name].append(''.join(output))
+ except UnicodeError as ue:
+ result[name].append(('Cannot output {}:{} due to: {}.\n'
+ 'You can try to read the error file "{}"'
+ ' yourself.').format(
+ name, header_name, ue, path))
+ return result
+
+ def _stderr(self):
+ return self._stdpath(self.stderr_paths, 'stderr')
+
+ def _stdout(self):
+ return self._stdpath(self.stdout_paths, 'stdout')
+
+ def _update_dict_list(self, target, source):
+ for x in source:
+ if x not in target:
+ target[x] = []
+ target[x].extend(source[x])
+
+ @property
+ def std_streams(self):
+ std_dict = {}
+ self._update_dict_list(std_dict, self._stdout())
+ self._update_dict_list(std_dict, self._stderr())
+ return std_dict
+
+ def __str__(self):
+ output = []
+ output.append(self.message)
+ output.append('\n\n')
+ header = "Error processing " + self.entity_name
+ under_header = '=' * len(header)
+ output.append(header)
+ output.append('\n')
+ output.append(under_header)
+ output.append('\n')
+ for param_name, param_value in self.entity_params:
+ output.append(param_name + ': ' + str(param_value))
+ output.append('\n')
+ output.append('\n')
+ for x in self.std_streams:
+ output.append(''.join(self.std_streams[x]))
+ return ''.join(output)
+
+
+class CdistObjectError(CdistEntityError):
+ """Something went wrong while working on a specific cdist object"""
+ def __init__(self, cdist_object, subject=''):
+ params = [
+ ('name', cdist_object.name, ),
+ ('path', cdist_object.absolute_path, ),
+ ('source', " ".join(cdist_object.source), ),
+ ('type', os.path.realpath(
+ cdist_object.cdist_type.absolute_path), ),
+ ]
+ stderr_paths = []
+ for stderr_name in os.listdir(cdist_object.stderr_path):
+ stderr_path = os.path.join(cdist_object.stderr_path,
+ stderr_name)
+ stderr_paths.append((stderr_name, stderr_path, ))
+ stdout_paths = []
+ for stdout_name in os.listdir(cdist_object.stdout_path):
+ stdout_path = os.path.join(cdist_object.stdout_path,
+ stdout_name)
+ stdout_paths.append((stdout_name, stdout_path, ))
+ super().__init__("object '{}'".format(cdist_object.name),
+ params, stdout_paths, stderr_paths, subject)
+
+
+class CdistObjectExplorerError(CdistEntityError):
+ """
+ Something went wrong while working on a specific
+ cdist object explorer
+ """
+ def __init__(self, cdist_object, explorer_name, explorer_path,
+ stderr_path, subject=''):
+ params = [
+ ('object name', cdist_object.name, ),
+ ('object path', cdist_object.absolute_path, ),
+ ('object source', " ".join(cdist_object.source), ),
+ ('object type', os.path.realpath(
+ cdist_object.cdist_type.absolute_path), ),
+ ('explorer name', explorer_name, ),
+ ('explorer path', explorer_path, ),
+ ]
+ stdout_paths = []
+ stderr_paths = [
+ ('remote', stderr_path, ),
+ ]
+ super().__init__("explorer '{}' of object '{}'".format(
+ explorer_name, cdist_object.name), params, stdout_paths,
+ stderr_paths, subject)
+
+
+class InitialManifestError(CdistEntityError):
+ """Something went wrong while executing initial manifest"""
+ def __init__(self, initial_manifest, stdout_path, stderr_path, subject=''):
+ params = [
+ ('path', initial_manifest, ),
+ ]
+ stdout_paths = [
+ ('init', stdout_path, ),
+ ]
+ stderr_paths = [
+ ('init', stderr_path, ),
+ ]
+ super().__init__('initial manifest', params, stdout_paths,
+ stderr_paths, subject)
+
+
+class GlobalExplorerError(CdistEntityError):
+ """Something went wrong while executing global explorer"""
+ def __init__(self, name, path, stderr_path, subject=''):
+ params = [
+ ('name', name, ),
+ ('path', path, ),
+ ]
+ stderr_paths = [
+ ('remote', stderr_path, ),
+ ]
+ super().__init__("global explorer '{}'".format(name),
+ params, [], stderr_paths, subject)
+
def file_to_list(filename):
"""Return list from \n seperated file"""
@@ -72,3 +249,23 @@ def file_to_list(filename):
lines = []
return lines
+
+
+def str_hash(s):
+ """Return hash of string s"""
+ if isinstance(s, str):
+ return hashlib.md5(s.encode('utf-8')).hexdigest()
+ else:
+ raise Error("Param should be string")
+
+
+def home_dir():
+ if 'HOME' in os.environ:
+ home = os.environ['HOME']
+ if home:
+ rv = os.path.join(home, ".cdist")
+ else:
+ rv = None
+ else:
+ rv = None
+ return rv
diff --git a/cdist/argparse.py b/cdist/argparse.py
new file mode 100644
index 00000000..ca69cdae
--- /dev/null
+++ b/cdist/argparse.py
@@ -0,0 +1,473 @@
+import argparse
+import cdist
+import multiprocessing
+import logging
+import collections
+import functools
+import cdist.configuration
+import cdist.preos
+
+
+# set of beta sub-commands
+BETA_COMMANDS = set(('install', 'inventory', ))
+# set of beta arguments for sub-commands
+BETA_ARGS = {
+ 'config': set(('tag', 'all_tagged_hosts', 'use_archiving', )),
+}
+EPILOG = "Get cdist at https://code.ungleich.ch/ungleich-public/cdist"
+# Parser others can reuse
+parser = None
+
+
+_verbosity_level_off = -2
+_verbosity_level = {
+ None: logging.WARNING,
+ _verbosity_level_off: logging.OFF,
+ -1: logging.ERROR,
+ 0: logging.WARNING,
+ 1: logging.INFO,
+ 2: logging.VERBOSE,
+ 3: logging.DEBUG,
+ 4: logging.TRACE,
+}
+
+
+# Generate verbosity level constants:
+# VERBOSE_OFF, VERBOSE_ERROR, VERBOSE_WARNING, VERBOSE_INFO, VERBOSE_VERBOSE,
+# VERBOSE_DEBUG, VERBOSE_TRACE.
+this_globals = globals()
+for level in _verbosity_level:
+ const = 'VERBOSE_' + logging.getLevelName(_verbosity_level[level])
+ this_globals[const] = level
+
+
+# All verbosity levels above 4 are TRACE.
+_verbosity_level = collections.defaultdict(
+ lambda: logging.TRACE, _verbosity_level)
+
+
+def add_beta_command(cmd):
+ BETA_COMMANDS.add(cmd)
+
+
+def add_beta_arg(cmd, arg):
+ if cmd in BETA_ARGS:
+ if arg not in BETA_ARGS[cmd]:
+ BETA_ARGS[cmd].append(arg)
+ else:
+ BETA_ARGS[cmd] = set((arg, ))
+
+
+def check_beta(args_dict):
+ if 'beta' not in args_dict:
+ args_dict['beta'] = False
+ # Check only if beta is not enabled: if beta option is specified then
+ # raise error.
+ if not args_dict['beta']:
+ cmd = args_dict['command']
+ # first check if command is beta
+ if cmd in BETA_COMMANDS:
+ raise cdist.CdistBetaRequired(cmd)
+ # then check if some command's argument is beta
+ if cmd in BETA_ARGS:
+ for arg in BETA_ARGS[cmd]:
+ if arg in args_dict and args_dict[arg]:
+ raise cdist.CdistBetaRequired(cmd, arg)
+
+
+def check_lower_bounded_int(value, lower_bound, name):
+ try:
+ val = int(value)
+ except ValueError:
+ raise argparse.ArgumentTypeError(
+ "{} is invalid int value".format(value))
+ if val < lower_bound:
+ raise argparse.ArgumentTypeError(
+ "{} is invalid {} value".format(val, name))
+ return val
+
+
+def get_parsers():
+ global parser
+
+ # Construct parser others can reuse
+ if parser:
+ return parser
+ else:
+ parser = {}
+ # Options _all_ parsers have in common
+ parser['loglevel'] = argparse.ArgumentParser(add_help=False)
+ parser['loglevel'].add_argument(
+ '-l', '--log-level', metavar='LOGLEVEL',
+ type=functools.partial(check_lower_bounded_int, lower_bound=-1,
+ name="log level"),
+ help=('Set the specified verbosity level. '
+ 'The levels, in order from the lowest to the highest, are: '
+ 'ERROR (-1), WARNING (0), INFO (1), VERBOSE (2), DEBUG (3) '
+ 'TRACE (4 or higher). If used along with -v then -v '
+ 'increases last set value and -l overwrites last set '
+ 'value.'),
+ action='store', dest='verbose', required=False)
+ parser['loglevel'].add_argument(
+ '-q', '--quiet',
+ help='Quiet mode: disables logging, including WARNING and ERROR.',
+ action='store_true', default=False)
+ parser['loglevel'].add_argument(
+ '-v', '--verbose',
+ help=('Increase the verbosity level. Every instance of -v '
+ 'increments the verbosity level by one. Its default value '
+ 'is 0 which includes ERROR and WARNING levels. '
+ 'The levels, in order from the lowest to the highest, are: '
+ 'ERROR (-1), WARNING (0), INFO (1), VERBOSE (2), DEBUG (3) '
+ 'TRACE (4 or higher). If used along with -l then -l '
+ 'overwrites last set value and -v increases last set '
+ 'value.'),
+ action='count', default=None)
+
+ parser['beta'] = argparse.ArgumentParser(add_help=False)
+ parser['beta'].add_argument(
+ '-b', '--beta',
+ help=('Enable beta functionality. '),
+ action='store_true', dest='beta', default=None)
+
+ # Main subcommand parser
+ parser['main'] = argparse.ArgumentParser(
+ description='cdist ' + cdist.VERSION)
+ parser['main'].add_argument(
+ '-V', '--version', help='Show version.', action='version',
+ version='%(prog)s ' + cdist.VERSION)
+ parser['sub'] = parser['main'].add_subparsers(
+ title="Commands", dest="command")
+
+ # Banner
+ parser['banner'] = parser['sub'].add_parser(
+ 'banner', parents=[parser['loglevel']])
+ parser['banner'].set_defaults(func=cdist.banner.banner)
+
+ parser['inventory_common'] = argparse.ArgumentParser(add_help=False)
+ parser['inventory_common'].add_argument(
+ '-I', '--inventory',
+ help=('Use specified custom inventory directory. '
+ 'Inventory directory is set up by the following rules: '
+ 'if cdist configuration resolves this value then specified '
+ 'directory is used, '
+ 'if HOME env var is set then ~/.cdist/inventory is '
+ 'used, otherwise distribution inventory directory is used.'),
+ dest="inventory_dir", required=False)
+
+ parser['common'] = argparse.ArgumentParser(add_help=False)
+ parser['common'].add_argument(
+ '-g', '--config-file',
+ help=('Use specified custom configuration file.'),
+ dest="config_file", required=False)
+
+ # Config
+ parser['config_main'] = argparse.ArgumentParser(add_help=False)
+ parser['config_main'].add_argument(
+ '-4', '--force-ipv4',
+ help=('Force to use IPv4 addresses only. No influence for custom'
+ ' remote commands.'),
+ action='store_const', dest='force_ipv', const=4)
+ parser['config_main'].add_argument(
+ '-6', '--force-ipv6',
+ help=('Force to use IPv6 addresses only. No influence for custom'
+ ' remote commands.'),
+ action='store_const', dest='force_ipv', const=6)
+ parser['config_main'].add_argument(
+ '-C', '--cache-path-pattern',
+ help=('Specify custom cache path pattern. If '
+ 'it is not set then default hostdir is used.'),
+ dest='cache_path_pattern',
+ default=None)
+ parser['config_main'].add_argument(
+ '-c', '--conf-dir',
+ help=('Add configuration directory (can be repeated, '
+ 'last one wins).'), action='append')
+ parser['config_main'].add_argument(
+ '-i', '--initial-manifest',
+ help='Path to a cdist manifest or \'-\' to read from stdin.',
+ dest='manifest', required=False)
+ parser['config_main'].add_argument(
+ '-j', '--jobs', nargs='?',
+ type=functools.partial(check_lower_bounded_int, lower_bound=1,
+ name="positive int"),
+ help=('Operate in parallel in specified maximum number of jobs. '
+ 'Global explorers, object prepare and object run are '
+ 'supported. Without argument CPU count is used by default. '),
+ action='store', dest='jobs',
+ const=multiprocessing.cpu_count())
+ parser['config_main'].add_argument(
+ '-n', '--dry-run',
+ help='Do not execute code.', action='store_true')
+ parser['config_main'].add_argument(
+ '-o', '--out-dir',
+ help='Directory to save cdist output in.', dest="out_path")
+ parser['config_main'].add_argument(
+ '-P', '--timestamp',
+ help=('Timestamp log messages with the current local date and time '
+ 'in the format: YYYYMMDDHHMMSS.us.'),
+ action='store_true', dest='timestamp')
+ parser['config_main'].add_argument(
+ '-R', '--use-archiving', nargs='?',
+ choices=('tar', 'tgz', 'tbz2', 'txz',),
+ help=('Operate by using archiving with compression where '
+ 'appropriate. Supported values are: tar - tar archive, '
+ 'tgz - gzip tar archive (the default), '
+ 'tbz2 - bzip2 tar archive and txz - lzma tar archive. '
+ 'Currently in beta.'),
+ action='store', dest='use_archiving',
+ const='tgz')
+
+ # remote-copy and remote-exec defaults are environment variables
+ # if set; if not then None - these will be futher handled after
+ # parsing to determine implementation default
+ parser['config_main'].add_argument(
+ '-r', '--remote-out-dir',
+ help='Directory to save cdist output in on the target host.',
+ dest="remote_out_path")
+ parser['config_main'].add_argument(
+ '--remote-copy',
+ help='Command to use for remote copy (should behave like scp).',
+ action='store', dest='remote_copy',
+ default=None)
+ parser['config_main'].add_argument(
+ '--remote-exec',
+ help=('Command to use for remote execution '
+ '(should behave like ssh).'),
+ action='store', dest='remote_exec',
+ default=None)
+ parser['config_main'].add_argument(
+ '-S', '--disable-saving-output-streams',
+ help='Disable saving output streams.',
+ action='store_false', dest='save_output_streams', default=True)
+
+ # Config
+ parser['config_args'] = argparse.ArgumentParser(add_help=False)
+ parser['config_args'].add_argument(
+ '-A', '--all-tagged',
+ help=('Use all hosts present in tags db. Currently in beta.'),
+ action="store_true", dest="all_tagged_hosts", default=False)
+ parser['config_args'].add_argument(
+ '-a', '--all',
+ help=('List hosts that have all specified tags, '
+ 'if -t/--tag is specified.'),
+ action="store_true", dest="has_all_tags", default=False)
+ parser['config_args'].add_argument(
+ '-f', '--file',
+ help=('Read specified file for a list of additional hosts to '
+ 'operate on or if \'-\' is given, read stdin (one host per '
+ 'line). If no host or host file is specified then, by '
+ 'default, read hosts from stdin.'),
+ dest='hostfile', required=False)
+ parser['config_args'].add_argument(
+ '-p', '--parallel', nargs='?', metavar='HOST_MAX',
+ type=functools.partial(check_lower_bounded_int, lower_bound=1,
+ name="positive int"),
+ help=('Operate on multiple hosts in parallel for specified maximum '
+ 'hosts at a time. Without argument CPU count is used by '
+ 'default.'),
+ action='store', dest='parallel',
+ const=multiprocessing.cpu_count())
+ parser['config_args'].add_argument(
+ '-s', '--sequential',
+ help='Operate on multiple hosts sequentially (default).',
+ action='store_const', dest='parallel', const=0)
+ parser['config_args'].add_argument(
+ '-t', '--tag',
+ help=('Host is specified by tag, not hostname/address; '
+ 'list all hosts that contain any of specified tags. '
+ 'Currently in beta.'),
+ dest='tag', required=False, action="store_true", default=False)
+ parser['config_args'].add_argument(
+ 'host', nargs='*', help='Host(s) to operate on.')
+ parser['config'] = parser['sub'].add_parser(
+ 'config', parents=[parser['loglevel'], parser['beta'],
+ parser['common'],
+ parser['config_main'],
+ parser['inventory_common'],
+ parser['config_args']])
+ parser['config'].set_defaults(func=cdist.config.Config.commandline)
+
+ # Install
+ parser['install'] = parser['sub'].add_parser('install', add_help=False,
+ parents=[parser['config']])
+ parser['install'].set_defaults(func=cdist.install.Install.commandline)
+
+ # Inventory
+ parser['inventory'] = parser['sub'].add_parser('inventory')
+ parser['invsub'] = parser['inventory'].add_subparsers(
+ title="Inventory commands", dest="subcommand")
+
+ parser['add-host'] = parser['invsub'].add_parser(
+ 'add-host', parents=[parser['loglevel'], parser['beta'],
+ parser['common'],
+ parser['inventory_common']])
+ parser['add-host'].add_argument(
+ 'host', nargs='*', help='Host(s) to add.')
+ parser['add-host'].add_argument(
+ '-f', '--file',
+ help=('Read additional hosts to add from specified file '
+ 'or from stdin if \'-\' (each host on separate line). '
+ 'If no host or host file is specified then, by default, '
+ 'read from stdin.'),
+ dest='hostfile', required=False)
+
+ parser['add-tag'] = parser['invsub'].add_parser(
+ 'add-tag', parents=[parser['loglevel'], parser['beta'],
+ parser['common'],
+ parser['inventory_common']])
+ parser['add-tag'].add_argument(
+ 'host', nargs='*',
+ help='List of host(s) for which tags are added.')
+ parser['add-tag'].add_argument(
+ '-f', '--file',
+ help=('Read additional hosts to add tags from specified file '
+ 'or from stdin if \'-\' (each host on separate line). '
+ 'If no host or host file is specified then, by default, '
+ 'read from stdin. If no tags/tagfile nor hosts/hostfile'
+ ' are specified then tags are read from stdin and are'
+ ' added to all hosts.'),
+ dest='hostfile', required=False)
+ parser['add-tag'].add_argument(
+ '-T', '--tag-file',
+ help=('Read additional tags to add from specified file '
+ 'or from stdin if \'-\' (each tag on separate line). '
+ 'If no tag or tag file is specified then, by default, '
+ 'read from stdin. If no tags/tagfile nor hosts/hostfile'
+ ' are specified then tags are read from stdin and are'
+ ' added to all hosts.'),
+ dest='tagfile', required=False)
+ parser['add-tag'].add_argument(
+ '-t', '--taglist',
+ help=("Tag list to be added for specified host(s), comma separated"
+ " values."),
+ dest="taglist", required=False)
+
+ parser['del-host'] = parser['invsub'].add_parser(
+ 'del-host', parents=[parser['loglevel'], parser['beta'],
+ parser['common'],
+ parser['inventory_common']])
+ parser['del-host'].add_argument(
+ 'host', nargs='*', help='Host(s) to delete.')
+ parser['del-host'].add_argument(
+ '-a', '--all', help=('Delete all hosts.'),
+ dest='all', required=False, action="store_true", default=False)
+ parser['del-host'].add_argument(
+ '-f', '--file',
+ help=('Read additional hosts to delete from specified file '
+ 'or from stdin if \'-\' (each host on separate line). '
+ 'If no host or host file is specified then, by default, '
+ 'read from stdin.'),
+ dest='hostfile', required=False)
+
+ parser['del-tag'] = parser['invsub'].add_parser(
+ 'del-tag', parents=[parser['loglevel'], parser['beta'],
+ parser['common'],
+ parser['inventory_common']])
+ parser['del-tag'].add_argument(
+ 'host', nargs='*',
+ help='List of host(s) for which tags are deleted.')
+ parser['del-tag'].add_argument(
+ '-a', '--all',
+ help=('Delete all tags for specified host(s).'),
+ dest='all', required=False, action="store_true", default=False)
+ parser['del-tag'].add_argument(
+ '-f', '--file',
+ help=('Read additional hosts to delete tags for from specified '
+ 'file or from stdin if \'-\' (each host on separate line). '
+ 'If no host or host file is specified then, by default, '
+ 'read from stdin. If no tags/tagfile nor hosts/hostfile'
+ ' are specified then tags are read from stdin and are'
+ ' deleted from all hosts.'),
+ dest='hostfile', required=False)
+ parser['del-tag'].add_argument(
+ '-T', '--tag-file',
+ help=('Read additional tags from specified file '
+ 'or from stdin if \'-\' (each tag on separate line). '
+ 'If no tag or tag file is specified then, by default, '
+ 'read from stdin. If no tags/tagfile nor'
+ ' hosts/hostfile are specified then tags are read from'
+ ' stdin and are added to all hosts.'),
+ dest='tagfile', required=False)
+ parser['del-tag'].add_argument(
+ '-t', '--taglist',
+ help=("Tag list to be deleted for specified host(s), "
+ "comma separated values."),
+ dest="taglist", required=False)
+
+ parser['list'] = parser['invsub'].add_parser(
+ 'list', parents=[parser['loglevel'], parser['beta'],
+ parser['common'],
+ parser['inventory_common']])
+ parser['list'].add_argument(
+ 'host', nargs='*', help='Host(s) to list.')
+ parser['list'].add_argument(
+ '-a', '--all',
+ help=('List hosts that have all specified tags, '
+ 'if -t/--tag is specified.'),
+ action="store_true", dest="has_all_tags", default=False)
+ parser['list'].add_argument(
+ '-f', '--file',
+ help=('Read additional hosts to list from specified file '
+ 'or from stdin if \'-\' (each host on separate line). '
+ 'If no host or host file is specified then, by default, '
+ 'list all.'), dest='hostfile', required=False)
+ parser['list'].add_argument(
+ '-H', '--host-only', help=('Suppress tags listing.'),
+ action="store_true", dest="list_only_host", default=False)
+ parser['list'].add_argument(
+ '-t', '--tag',
+ help=('Host is specified by tag, not hostname/address; '
+ 'list all hosts that contain any of specified tags.'),
+ action="store_true", default=False)
+
+ parser['inventory'].set_defaults(
+ func=cdist.inventory.Inventory.commandline)
+
+ # PreOs
+ parser['preos'] = parser['sub'].add_parser('preos', add_help=False)
+
+ # Shell
+ parser['shell'] = parser['sub'].add_parser(
+ 'shell', parents=[parser['loglevel']])
+ parser['shell'].add_argument(
+ '-s', '--shell',
+ help=('Select shell to use, defaults to current shell. Used shell'
+ ' should be POSIX compatible shell.'))
+ parser['shell'].set_defaults(func=cdist.shell.Shell.commandline)
+
+ for p in parser:
+ parser[p].epilog = EPILOG
+
+ return parser
+
+
+def handle_loglevel(args):
+ if hasattr(args, 'quiet') and args.quiet:
+ args.verbose = _verbosity_level_off
+
+ logging.root.setLevel(_verbosity_level[args.verbose])
+
+
+def parse_and_configure(argv, singleton=True):
+ parser = get_parsers()
+ parser_args = parser['main'].parse_args(argv)
+ try:
+ cfg = cdist.configuration.Configuration(parser_args,
+ singleton=singleton)
+ args = cfg.get_args()
+ except ValueError as e:
+ raise cdist.Error(str(e))
+ # Loglevels are handled globally in here
+ handle_loglevel(args)
+
+ log = logging.getLogger("cdist")
+
+ log.verbose("version %s" % cdist.VERSION)
+ log.trace('command line args: {}'.format(cfg.command_line_args))
+ log.trace('configuration: {}'.format(cfg.get_config()))
+ log.trace('configured args: {}'.format(args))
+
+ check_beta(vars(args))
+
+ return parser, cfg
diff --git a/cdist/autil.py b/cdist/autil.py
new file mode 100644
index 00000000..d16d147e
--- /dev/null
+++ b/cdist/autil.py
@@ -0,0 +1,71 @@
+# -*- coding: utf-8 -*-
+#
+# 2017 Darko Poljak (darko.poljak at gmail.com)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+
+
+import cdist
+import tarfile
+import os
+import glob
+import tempfile
+
+
+_ARCHIVING_MODES = {
+ 'tar': '',
+ 'tgz': 'gz',
+ 'tbz2': 'bz2',
+ 'txz': 'xz',
+}
+
+
+_UNARCHIVE_OPT = {
+ 'tar': None,
+ 'tgz': '-z',
+ 'tbz2': '-j',
+ 'txz': '-J',
+}
+
+
+# Archiving will be enabled if directory contains more than FILES_LIMIT files.
+FILES_LIMIT = 1
+
+
+def get_extract_option(mode):
+ return _UNARCHIVE_OPT[mode]
+
+
+def tar(source, mode="tgz"):
+ if mode not in _ARCHIVING_MODES:
+ raise cdist.Error("Unsupported archiving mode {}.".format(mode))
+
+ files = glob.glob1(source, '*')
+ fcnt = len(files)
+ if fcnt <= FILES_LIMIT:
+ return None, fcnt
+
+ tarmode = 'w:{}'.format(_ARCHIVING_MODES[mode])
+ _, tarpath = tempfile.mkstemp(suffix='.' + mode)
+ with tarfile.open(tarpath, tarmode, dereference=True) as tar:
+ if os.path.isdir(source):
+ for f in files:
+ tar.add(os.path.join(source, f), arcname=f)
+ else:
+ tar.add(source)
+ return tarpath, fcnt
diff --git a/cdist/banner.py b/cdist/banner.py
index edfa72e8..da4dea5d 100644
--- a/cdist/banner.py
+++ b/cdist/banner.py
@@ -20,8 +20,6 @@
#
import logging
-import sys
-
import cdist
log = logging.getLogger(__name__)
diff --git a/cdist/conf/explorer/cpu_cores b/cdist/conf/explorer/cpu_cores
new file mode 100755
index 00000000..a52bddac
--- /dev/null
+++ b/cdist/conf/explorer/cpu_cores
@@ -0,0 +1,44 @@
+#!/bin/sh
+#
+# 2014 Daniel Heule (hda at sfs.biz)
+# 2014 Thomas Oettli (otho at sfs.biz)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+
+# FIXME: other system types (not linux ...)
+
+os=$("$__explorer/os")
+case "$os" in
+ "macosx")
+ sysctl -n hw.physicalcpu
+ ;;
+
+ "openbsd")
+ sysctl -n hw.ncpuonline
+ ;;
+
+ *)
+ if [ -r /proc/cpuinfo ]; then
+ cores="$(grep "core id" /proc/cpuinfo | sort | uniq | wc -l)"
+ if [ "${cores}" -eq 0 ]; then
+ cores="1"
+ fi
+ echo "$cores"
+ fi
+ ;;
+esac
diff --git a/cdist/conf/explorer/cpu_sockets b/cdist/conf/explorer/cpu_sockets
new file mode 100755
index 00000000..a32e2f00
--- /dev/null
+++ b/cdist/conf/explorer/cpu_sockets
@@ -0,0 +1,40 @@
+#!/bin/sh
+#
+# 2014 Daniel Heule (hda at sfs.biz)
+# 2014 Thomas Oettli (otho at sfs.biz)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+
+# FIXME: other system types (not linux ...)
+
+os=$("$__explorer/os")
+case "$os" in
+ "macosx")
+ system_profiler SPHardwareDataType | grep "Number of Processors" | awk -F': ' '{print $2}'
+ ;;
+
+ *)
+ if [ -r /proc/cpuinfo ]; then
+ sockets="$(grep "physical id" /proc/cpuinfo | sort -u | wc -l)"
+ if [ "${sockets}" -eq 0 ]; then
+ sockets="$(grep -c "processor" /proc/cpuinfo)"
+ fi
+ echo "${sockets}"
+ fi
+ ;;
+esac
diff --git a/cdist/conf/explorer/disks b/cdist/conf/explorer/disks
new file mode 100755
index 00000000..87a6b5c6
--- /dev/null
+++ b/cdist/conf/explorer/disks
@@ -0,0 +1,27 @@
+#!/bin/sh
+
+uname_s="$(uname -s)"
+
+case "${uname_s}" in
+ FreeBSD)
+ sysctl -n kern.disks
+ ;;
+ OpenBSD|NetBSD)
+ sysctl -n hw.disknames | grep -Eo '[lsw]d[0-9]+' | xargs
+ ;;
+ Linux)
+ if command -v lsblk > /dev/null
+ then
+ # exclude ram disks, floppies and cdroms
+ # https://www.kernel.org/doc/Documentation/admin-guide/devices.txt
+ lsblk -e 1,2,11 -dno name | xargs
+ else
+ printf "Don't know how to list disks for %s operating system without lsblk, if you can please submit a patch\n" "${uname_s}" >&2
+ fi
+ ;;
+ *)
+ printf "Don't know how to list disks for %s operating system, if you can please submit a patch\n" "${uname_s}" >&2
+ ;;
+esac
+
+exit 0
diff --git a/cdist/conf/explorer/hostname b/cdist/conf/explorer/hostname
index 2ae23759..dca004d1 100755
--- a/cdist/conf/explorer/hostname
+++ b/cdist/conf/explorer/hostname
@@ -1,7 +1,6 @@
#!/bin/sh
#
-# 2010-2011 Nico Schottelius (nico-cdist at schottelius.org)
-# 2012 Steven Armstrong (steven-cdist at armstrong.cc)
+# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
#
# This file is part of cdist.
#
@@ -19,7 +18,12 @@
# along with cdist. If not, see .
#
#
+# Retrieve the running hostname
+#
-if command -v hostname; then
- hostname
+if command -v hostname >/dev/null
+then
+ hostname
+else
+ uname -n
fi
diff --git a/cdist/conf/explorer/init b/cdist/conf/explorer/init
new file mode 100755
index 00000000..a8a7857e
--- /dev/null
+++ b/cdist/conf/explorer/init
@@ -0,0 +1,39 @@
+#!/bin/sh
+#
+# 2016 Daniel Heule (hda at sfs.biz)
+# Copyright 2017, Philippe Gregoire
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# Returns the process name of pid 1 ( normaly the init system )
+# for example at linux this value is "init" or "systemd" in most cases
+#
+
+uname_s="$(uname -s)"
+
+case "$uname_s" in
+ Linux)
+ (pgrep -P0 -l | awk '/^1[ \t]/ {print $2;}') || true
+ ;;
+ FreeBSD|OpenBSD)
+ ps -o comm= -p 1 || true
+ ;;
+ *)
+ # return a empty string as unknown value
+ echo ""
+ ;;
+esac
diff --git a/cdist/conf/explorer/interfaces b/cdist/conf/explorer/interfaces
index 6804f2db..aeb55ed0 100755
--- a/cdist/conf/explorer/interfaces
+++ b/cdist/conf/explorer/interfaces
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/sh -e
#
-# 2012 Sébastien Gross
+# 2019 Ander Punnar (ander-at-kvlt-dot-ee)
#
# This file is part of cdist.
#
@@ -17,35 +17,12 @@
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see .
#
-#
-# List all network interfaces in explorer/ifaces. One interface per line.
-#
-# If your OS is not supported please provide a ifconfig output
-#
-# Use ip, if available
-if command -v ip; then
- ip -o link show | sed -n 's/^[0-9]\+: \(.\+\): <.*/\1/p'
- exit 0
-fi
-
-if ! command -v ifconfig; then
- # no ifconfig, nothing we could do
- exit 0
-fi
-
-uname_s="$(uname -s)"
-REGEXP='s/^(.*)(:[[:space:]]*flags=|Link encap).*/\1/p'
-
-case "$uname_s" in
- Darwin)
- ifconfig -a | sed -n -E "$REGEXP"
- ;;
- Linux|*BSD)
- ifconfig -a | sed -n -r "$REGEXP"
- ;;
- *)
- echo "Unsupported ifconfig output for $uname_s" >&2
- exit 1
- ;;
-esac
+if command -v ip >/dev/null
+then
+ ip -o link show | sed -n 's/^[0-9]\+: \(.\+\): <.*/\1/p'
+elif command -v ifconfig >/dev/null
+then
+ ifconfig -a | sed -n -E 's/^(.*)(:[[:space:]]*flags=|Link encap).*/\1/p'
+fi \
+ | sort -u
diff --git a/cdist/conf/explorer/is-freebsd-jail b/cdist/conf/explorer/is-freebsd-jail
new file mode 100755
index 00000000..010917f5
--- /dev/null
+++ b/cdist/conf/explorer/is-freebsd-jail
@@ -0,0 +1,2 @@
+#!/bin/sh
+sysctl -n security.jail.jailed 2>/dev/null | grep "1" || true
diff --git a/cdist/conf/explorer/kernel_name b/cdist/conf/explorer/kernel_name
new file mode 100755
index 00000000..1f9cfca4
--- /dev/null
+++ b/cdist/conf/explorer/kernel_name
@@ -0,0 +1,2 @@
+#!/bin/sh
+uname -s
diff --git a/cdist/conf/explorer/lsb_codename b/cdist/conf/explorer/lsb_codename
index eebd3e0f..26bb8e3d 100755
--- a/cdist/conf/explorer/lsb_codename
+++ b/cdist/conf/explorer/lsb_codename
@@ -20,8 +20,9 @@
#
set +e
-case "$($__explorer/os)" in
+case "$("$__explorer/os")" in
openwrt)
+ # shellcheck disable=SC1091
(. /etc/openwrt_release && echo "$DISTRIB_CODENAME")
;;
*)
diff --git a/cdist/conf/explorer/lsb_description b/cdist/conf/explorer/lsb_description
index 23f45421..b1009627 100755
--- a/cdist/conf/explorer/lsb_description
+++ b/cdist/conf/explorer/lsb_description
@@ -20,8 +20,9 @@
#
set +e
-case "$($__explorer/os)" in
+case "$("$__explorer/os")" in
openwrt)
+ # shellcheck disable=SC1091
(. /etc/openwrt_release && echo "$DISTRIB_DESCRIPTION")
;;
*)
diff --git a/cdist/conf/explorer/lsb_id b/cdist/conf/explorer/lsb_id
index 9754eb63..82ff9977 100755
--- a/cdist/conf/explorer/lsb_id
+++ b/cdist/conf/explorer/lsb_id
@@ -20,8 +20,9 @@
#
set +e
-case "$($__explorer/os)" in
+case "$("$__explorer/os")" in
openwrt)
+ # shellcheck disable=SC1091
(. /etc/openwrt_release && echo "$DISTRIB_ID")
;;
*)
diff --git a/cdist/conf/explorer/lsb_release b/cdist/conf/explorer/lsb_release
index 35b5547c..5ebfff1a 100755
--- a/cdist/conf/explorer/lsb_release
+++ b/cdist/conf/explorer/lsb_release
@@ -20,8 +20,9 @@
#
set +e
-case "$($__explorer/os)" in
+case "$("$__explorer/os")" in
openwrt)
+ # shellcheck disable=SC1091
(. /etc/openwrt_release && echo "$DISTRIB_RELEASE")
;;
*)
diff --git a/cdist/conf/explorer/machine b/cdist/conf/explorer/machine
index bb6e0beb..7ecb67e3 100755
--- a/cdist/conf/explorer/machine
+++ b/cdist/conf/explorer/machine
@@ -22,6 +22,6 @@
#
#
-if command -v uname; then
+if command -v uname >/dev/null 2>&1 ; then
uname -m
fi
diff --git a/cdist/conf/explorer/machine_type b/cdist/conf/explorer/machine_type
new file mode 100755
index 00000000..bb21f69c
--- /dev/null
+++ b/cdist/conf/explorer/machine_type
@@ -0,0 +1,80 @@
+#!/bin/sh
+#
+# 2014 Daniel Heule (hda at sfs.biz)
+# 2014 Thomas Oettli (otho at sfs.biz)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+
+# FIXME: other system types (not linux ...)
+
+if [ -d "/proc/vz" ] && [ ! -d "/proc/bc" ]; then
+ echo openvz
+ exit
+fi
+
+if [ -e "/proc/1/environ" ] &&
+ tr '\000' '\n' < "/proc/1/environ" | grep -Eiq '^container='; then
+ echo lxc
+ exit
+fi
+
+if [ -r /proc/cpuinfo ]; then
+ # this should only exist on virtual guest machines,
+ # tested on vmware, xen, kvm
+ if grep -q "hypervisor" /proc/cpuinfo; then
+ # this file is aviable in xen guest systems
+ if [ -r /sys/hypervisor/type ]; then
+ if grep -q -i "xen" /sys/hypervisor/type; then
+ echo virtual_by_xen
+ exit
+ fi
+ else
+ if [ -r /sys/class/dmi/id/product_name ]; then
+ if grep -q -i 'vmware' /sys/class/dmi/id/product_name; then
+ echo "virtual_by_vmware"
+ exit
+ elif grep -q -i 'bochs' /sys/class/dmi/id/product_name; then
+ echo "virtual_by_kvm"
+ exit
+ elif grep -q -i 'virtualbox' /sys/class/dmi/id/product_name; then
+ echo "virtual_by_virtualbox"
+ exit
+ fi
+ fi
+
+ if [ -r /sys/class/dmi/id/sys_vendor ]; then
+ if grep -q -i 'qemu' /sys/class/dmi/id/sys_vendor; then
+ echo "virtual_by_kvm"
+ exit
+ fi
+ fi
+
+ if [ -r /sys/class/dmi/id/chassis_vendor ]; then
+ if grep -q -i 'qemu' /sys/class/dmi/id/chassis_vendor; then
+ echo "virtual_by_kvm"
+ exit
+ fi
+ fi
+ fi
+ echo "virtual_by_unknown"
+ else
+ echo "physical"
+ fi
+else
+ echo "unknown"
+fi
diff --git a/cdist/conf/explorer/memory b/cdist/conf/explorer/memory
new file mode 100755
index 00000000..4e3efff8
--- /dev/null
+++ b/cdist/conf/explorer/memory
@@ -0,0 +1,41 @@
+#!/bin/sh
+#
+# 2014 Daniel Heule (hda at sfs.biz)
+# 2014 Thomas Oettli (otho at sfs.biz)
+# Copyright 2017, Philippe Gregoire
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+
+# FIXME: other system types (not linux ...)
+
+os=$("$__explorer/os")
+case "$os" in
+ "macosx")
+ echo "$(sysctl -n hw.memsize)/1024" | bc
+ ;;
+
+ "openbsd")
+ echo "$(sysctl -n hw.physmem) / 1048576" | bc
+ ;;
+
+ *)
+ if [ -r /proc/meminfo ]; then
+ grep "MemTotal:" /proc/meminfo | awk '{print $2}'
+ fi
+ ;;
+esac
diff --git a/cdist/conf/explorer/os b/cdist/conf/explorer/os
index e67d87ab..563fa4cf 100755
--- a/cdist/conf/explorer/os
+++ b/cdist/conf/explorer/os
@@ -1,6 +1,7 @@
#!/bin/sh
#
# 2010-2011 Nico Schottelius (nico-cdist at schottelius.org)
+# Copyright 2017, Philippe Gregoire
#
# This file is part of cdist.
#
@@ -39,16 +40,28 @@ if [ -f /etc/cdist-preos ]; then
exit 0
fi
+if [ -d /gnu/store ]; then
+ echo guixsd
+ exit 0
+fi
+
### Debian and derivatives
if grep -q ^DISTRIB_ID=Ubuntu /etc/lsb-release 2>/dev/null; then
echo ubuntu
exit 0
fi
+# devuan ascii has both devuan_version and debian_version, so we need to check devuan_version first!
+if [ -f /etc/devuan_version ]; then
+ echo devuan
+ exit 0
+fi
+
if [ -f /etc/debian_version ]; then
echo debian
exit 0
fi
+
###
if [ -f /etc/gentoo-release ]; then
@@ -67,6 +80,11 @@ if [ -f /etc/owl-release ]; then
fi
### Redhat and derivatives
+if grep -q ^Scientific /etc/redhat-release 2>/dev/null; then
+ echo scientific
+ exit 0
+fi
+
if grep -q ^CentOS /etc/redhat-release 2>/dev/null; then
echo centos
exit 0
@@ -77,6 +95,11 @@ if grep -q ^Fedora /etc/redhat-release 2>/dev/null; then
exit 0
fi
+if grep -q ^Mitel /etc/redhat-release 2>/dev/null; then
+ echo mitel
+ exit 0
+fi
+
if [ -f /etc/redhat-release ]; then
echo redhat
exit 0
@@ -88,6 +111,11 @@ if [ -f /etc/SuSE-release ]; then
exit 0
fi
+if [ -f /etc/slackware-version ]; then
+ echo slackware
+ exit 0
+fi
+
uname_s="$(uname -s)"
# Assume there is no tr on the client -> do lower case ourselves
@@ -114,5 +142,12 @@ case "$uname_s" in
;;
esac
+if [ -f /etc/os-release ]; then
+ # already lowercase, according to:
+ # https://www.freedesktop.org/software/systemd/man/os-release.html
+ awk -F= '/^ID=/ { if ($2 ~ /^'"'"'(.*)'"'"'$/ || $2 ~ /^"(.*)"$/) { print substr($2, 2, length($2) - 2) } else { print $2 } }' /etc/os-release
+ exit 0
+fi
+
echo "Unknown OS" >&2
exit 1
diff --git a/cdist/conf/explorer/os_release b/cdist/conf/explorer/os_release
new file mode 100644
index 00000000..cfc01004
--- /dev/null
+++ b/cdist/conf/explorer/os_release
@@ -0,0 +1,26 @@
+#!/bin/sh
+#
+# 2018 Adam Dej (dejko.a at gmail.com)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+
+# See os-release(5) and http://0pointer.de/blog/projects/os-release
+
+set +e
+
+cat /etc/os-release || cat /usr/lib/os-release || true
diff --git a/cdist/conf/explorer/os_version b/cdist/conf/explorer/os_version
index 8e6d37d3..4c41695b 100755
--- a/cdist/conf/explorer/os_version
+++ b/cdist/conf/explorer/os_version
@@ -22,7 +22,7 @@
#
#
-case "$($__explorer/os)" in
+case "$("$__explorer/os")" in
amazon)
cat /etc/system-release
;;
@@ -33,6 +33,9 @@ case "$($__explorer/os)" in
debian)
cat /etc/debian_version
;;
+ devuan)
+ cat /etc/devuan_version
+ ;;
fedora)
cat /etc/fedora-release
;;
@@ -51,11 +54,18 @@ case "$($__explorer/os)" in
owl)
cat /etc/owl-release
;;
- redhat|centos)
+ redhat|centos|mitel|scientific)
cat /etc/redhat-release
;;
+ slackware)
+ cat /etc/slackware-version
+ ;;
suse)
- cat /etc/SuSE-release
+ if [ -f /etc/os-release ]; then
+ cat /etc/os-release
+ else
+ cat /etc/SuSE-release
+ fi
;;
ubuntu)
lsb_release -sr
diff --git a/cdist/conf/type/__acl/explorer/acl_is b/cdist/conf/type/__acl/explorer/acl_is
new file mode 100755
index 00000000..a693c023
--- /dev/null
+++ b/cdist/conf/type/__acl/explorer/acl_is
@@ -0,0 +1,31 @@
+#!/bin/sh -e
+#
+# 2018 Ander Punnar (ander-at-kvlt-dot-ee)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+[ ! -e "/$__object_id" ] && exit 0
+
+if ! command -v getfacl > /dev/null
+then
+ echo 'getfacl not available' >&2
+ exit 1
+fi
+
+getfacl "/$__object_id" 2>/dev/null \
+ | grep -Eo '^(default:)?(user|group|(mask|other):):[^:][[:graph:]]+' \
+ || true
diff --git a/cdist/conf/type/__acl/explorer/checks b/cdist/conf/type/__acl/explorer/checks
new file mode 100755
index 00000000..70bb0412
--- /dev/null
+++ b/cdist/conf/type/__acl/explorer/checks
@@ -0,0 +1,39 @@
+#!/bin/sh -e
+#
+# 2019 Ander Punnar (ander-at-kvlt-dot-ee)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+# TODO check if filesystem has ACL turned on etc
+
+if [ -f "$__object/parameter/acl" ]
+then
+ grep -E '^(default:)?(user|group):' "$__object/parameter/acl" \
+ | while read -r acl
+ do
+ param="$( echo "$acl" | awk -F: '{print $(NF-2)}' )"
+ check="$( echo "$acl" | awk -F: '{print $(NF-1)}' )"
+
+ [ "$param" = 'user' ] && db=passwd || db="$param"
+
+ if ! getent "$db" "$check" > /dev/null
+ then
+ echo "missing $param '$check'" >&2
+ exit 1
+ fi
+ done
+fi
diff --git a/cdist/conf/type/__acl/explorer/file_is b/cdist/conf/type/__acl/explorer/file_is
new file mode 100755
index 00000000..096cffd1
--- /dev/null
+++ b/cdist/conf/type/__acl/explorer/file_is
@@ -0,0 +1,31 @@
+#!/bin/sh -e
+#
+# 2018 Ander Punnar (ander-at-kvlt-dot-ee)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+if [ -e "/$__object_id" ]
+then
+ if [ -d "/$__object_id" ]
+ then echo directory
+ elif [ -f "/$__object_id" ]
+ then echo regular
+ else echo other
+ fi
+else
+ echo missing
+fi
diff --git a/cdist/conf/type/__acl/gencode-remote b/cdist/conf/type/__acl/gencode-remote
new file mode 100755
index 00000000..6dab4d09
--- /dev/null
+++ b/cdist/conf/type/__acl/gencode-remote
@@ -0,0 +1,126 @@
+#!/bin/sh -e
+#
+# 2018 Ander Punnar (ander-at-kvlt-dot-ee)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+file_is="$( cat "$__object/explorer/file_is" )"
+
+[ "$file_is" = 'missing' ] && [ -z "$__cdist_dry_run" ] && exit 0
+
+os="$( cat "$__global/explorer/os" )"
+
+acl_path="/$__object_id"
+
+acl_is="$( cat "$__object/explorer/acl_is" )"
+
+if [ -f "$__object/parameter/acl" ]
+then
+ acl_should="$( cat "$__object/parameter/acl" )"
+elif
+ [ -f "$__object/parameter/user" ] \
+ || [ -f "$__object/parameter/group" ] \
+ || [ -f "$__object/parameter/mask" ] \
+ || [ -f "$__object/parameter/other" ]
+then
+ acl_should="$( for param in user group mask other
+ do
+ [ ! -f "$__object/parameter/$param" ] && continue
+
+ echo "$param" | grep -Eq 'mask|other' && sep=:: || sep=:
+
+ echo "$param$sep$( cat "$__object/parameter/$param" )"
+ done )"
+else
+ echo 'no parameters set' >&2
+ exit 1
+fi
+
+if [ -f "$__object/parameter/default" ]
+then
+ acl_should="$( echo "$acl_should" \
+ | sed 's/^default://' \
+ | sort -u \
+ | sed 's/\(.*\)/default:\1\n\1/' )"
+fi
+
+if [ "$file_is" = 'regular' ] \
+ && echo "$acl_should" | grep -Eq '^default:'
+then
+ # only directories can have default ACLs,
+ # but instead of error,
+ # let's just remove default entries
+ acl_should="$( echo "$acl_should" | grep -Ev '^default:' )"
+fi
+
+if echo "$acl_should" | awk -F: '{ print $NF }' | grep -Fq 'X'
+then
+ [ "$file_is" = 'directory' ] && rep=x || rep=-
+
+ acl_should="$( echo "$acl_should" | sed "s/\\(.*\\)X/\\1$rep/" )"
+fi
+
+setfacl_exec='setfacl'
+
+if [ -f "$__object/parameter/recursive" ]
+then
+ if echo "$os" | grep -Fq 'freebsd'
+ then
+ echo "$os setfacl do not support recursive operations" >&2
+ else
+ setfacl_exec="$setfacl_exec -R"
+ fi
+fi
+
+if [ -f "$__object/parameter/remove" ]
+then
+ echo "$acl_is" | while read -r acl
+ do
+ # skip wanted ACL entries which already exist
+ # and skip mask and other entries, because we
+ # can't actually remove them, but only change.
+ if echo "$acl_should" | grep -Eq "^$acl" \
+ || echo "$acl" | grep -Eq '^(default:)?(mask|other)'
+ then continue
+ fi
+
+ if echo "$os" | grep -Fq 'freebsd'
+ then
+ remove="$acl"
+ else
+ remove="$( echo "$acl" | sed 's/:...$//' )"
+ fi
+
+ echo "$setfacl_exec -x \"$remove\" \"$acl_path\""
+ echo "removed '$remove'" >> "$__messages_out"
+ done
+fi
+
+for acl in $acl_should
+do
+ if ! echo "$acl_is" | grep -Eq "^$acl"
+ then
+ if echo "$os" | grep -Fq 'freebsd' \
+ && echo "$acl" | grep -Eq '^default:'
+ then
+ echo "setting default ACL in $os is currently not supported" >&2
+ else
+ echo "$setfacl_exec -m \"$acl\" \"$acl_path\""
+ echo "added '$acl'" >> "$__messages_out"
+ fi
+ fi
+done
diff --git a/cdist/conf/type/__acl/man.rst b/cdist/conf/type/__acl/man.rst
new file mode 100644
index 00000000..85e946ce
--- /dev/null
+++ b/cdist/conf/type/__acl/man.rst
@@ -0,0 +1,85 @@
+cdist-type__acl(7)
+==================
+
+NAME
+----
+cdist-type__acl - Set ACL entries
+
+
+DESCRIPTION
+-----------
+Fully supported and tested on Linux (ext4 filesystem), partial support for FreeBSD.
+
+See ``setfacl`` and ``acl`` manpages for more details.
+
+
+REQUIRED MULTIPLE PARAMETERS
+----------------------------
+acl
+ Set ACL entry following ``getfacl`` output syntax.
+
+
+BOOLEAN PARAMETERS
+------------------
+default
+ Set all ACL entries as default too.
+ Only directories can have default ACLs.
+ Setting default ACL in FreeBSD is currently not supported.
+
+recursive
+ Make ``setfacl`` recursive (Linux only), but not ``getfacl`` in explorer.
+
+remove
+ Remove undefined ACL entries.
+ ``mask`` and ``other`` entries can't be removed, but only changed.
+
+
+DEPRECATED PARAMETERS
+---------------------
+Parameters ``user``, ``group``, ``mask`` and ``other`` are deprecated and they
+will be removed in future versions. Please use ``acl`` parameter instead.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __acl /srv/project \
+ --default \
+ --recursive \
+ --remove \
+ --acl user:alice:rwx \
+ --acl user:bob:r-x \
+ --acl group:project-group:rwx \
+ --acl group:some-other-group:r-x \
+ --acl mask::r-x \
+ --acl other::r-x
+
+ # give Alice read-only access to subdir,
+ # but don't allow her to see parent content.
+
+ __acl /srv/project2 \
+ --remove \
+ --acl default:group:secret-project:rwx \
+ --acl group:secret-project:rwx \
+ --acl user:alice:--x
+
+ __acl /srv/project2/subdir \
+ --default \
+ --remove \
+ --acl group:secret-project:rwx \
+ --acl user:alice:r-x
+
+
+AUTHORS
+-------
+Ander Punnar
+
+
+COPYING
+-------
+Copyright \(C) 2018 Ander Punnar. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__acl/parameter/boolean b/cdist/conf/type/__acl/parameter/boolean
new file mode 100644
index 00000000..8b96693f
--- /dev/null
+++ b/cdist/conf/type/__acl/parameter/boolean
@@ -0,0 +1,3 @@
+recursive
+default
+remove
diff --git a/cdist/conf/type/__acl/parameter/deprecated/group b/cdist/conf/type/__acl/parameter/deprecated/group
new file mode 100644
index 00000000..94e14159
--- /dev/null
+++ b/cdist/conf/type/__acl/parameter/deprecated/group
@@ -0,0 +1 @@
+see manual for details
diff --git a/cdist/conf/type/__acl/parameter/deprecated/mask b/cdist/conf/type/__acl/parameter/deprecated/mask
new file mode 100644
index 00000000..94e14159
--- /dev/null
+++ b/cdist/conf/type/__acl/parameter/deprecated/mask
@@ -0,0 +1 @@
+see manual for details
diff --git a/cdist/conf/type/__acl/parameter/deprecated/other b/cdist/conf/type/__acl/parameter/deprecated/other
new file mode 100644
index 00000000..94e14159
--- /dev/null
+++ b/cdist/conf/type/__acl/parameter/deprecated/other
@@ -0,0 +1 @@
+see manual for details
diff --git a/cdist/conf/type/__acl/parameter/deprecated/user b/cdist/conf/type/__acl/parameter/deprecated/user
new file mode 100644
index 00000000..94e14159
--- /dev/null
+++ b/cdist/conf/type/__acl/parameter/deprecated/user
@@ -0,0 +1 @@
+see manual for details
diff --git a/cdist/conf/type/__acl/parameter/optional b/cdist/conf/type/__acl/parameter/optional
new file mode 100644
index 00000000..4b32086b
--- /dev/null
+++ b/cdist/conf/type/__acl/parameter/optional
@@ -0,0 +1,2 @@
+mask
+other
diff --git a/cdist/conf/type/__acl/parameter/optional_multiple b/cdist/conf/type/__acl/parameter/optional_multiple
new file mode 100644
index 00000000..95c25d55
--- /dev/null
+++ b/cdist/conf/type/__acl/parameter/optional_multiple
@@ -0,0 +1,3 @@
+acl
+user
+group
diff --git a/cdist/conf/type/__apt_default_release/man.rst b/cdist/conf/type/__apt_default_release/man.rst
new file mode 100644
index 00000000..0277a06f
--- /dev/null
+++ b/cdist/conf/type/__apt_default_release/man.rst
@@ -0,0 +1,46 @@
+cdist-type__apt_default_release(7)
+==================================
+
+NAME
+----
+cdist-type__apt_default_release - Configure the default release for apt
+
+
+DESCRIPTION
+-----------
+Configure the default release for apt, using the APT::Default-Release
+configuration value.
+
+REQUIRED PARAMETERS
+-------------------
+release
+ The value to set APT::Default-Release to.
+
+ This can contain release name, codename or release version. Examples:
+ 'stable', 'testing', 'unstable', 'stretch', 'buster', '4.0', '5.0*'.
+
+
+OPTIONAL PARAMETERS
+-------------------
+None.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __apt_default_release --release stretch
+
+
+AUTHORS
+-------
+Matthijs Kooijman
+
+
+COPYING
+-------
+Copyright \(C) 2017 Matthijs Kooijman. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__apt_default_release/manifest b/cdist/conf/type/__apt_default_release/manifest
new file mode 100755
index 00000000..1232efb5
--- /dev/null
+++ b/cdist/conf/type/__apt_default_release/manifest
@@ -0,0 +1,41 @@
+#!/bin/sh -e
+#
+# 2014 Steven Armstrong (steven-cdist at armstrong.cc)
+# 2017 Matthijs Kooijman (matthijs at stdin.nl)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+
+os=$(cat "$__global/explorer/os")
+release="$(cat "$__object/parameter/release")"
+
+case "$os" in
+ ubuntu|debian|devuan)
+ __file /etc/apt/apt.conf.d/99-default-release \
+ --owner root --group root --mode 644 \
+ --source - << DONE
+APT::Default-Release "$release";
+DONE
+ ;;
+ *)
+ cat >&2 << DONE
+The developer of this type (${__type##*/}) did not think your operating system
+($os) would have any use for it. If you think otherwise please submit a patch.
+DONE
+ exit 1
+ ;;
+esac
diff --git a/cdist/conf/type/__apt_default_release/parameter/required b/cdist/conf/type/__apt_default_release/parameter/required
new file mode 100644
index 00000000..d7025695
--- /dev/null
+++ b/cdist/conf/type/__apt_default_release/parameter/required
@@ -0,0 +1 @@
+release
diff --git a/cdist/test/type/fixtures/__singleton/singleton b/cdist/conf/type/__apt_default_release/singleton
similarity index 100%
rename from cdist/test/type/fixtures/__singleton/singleton
rename to cdist/conf/type/__apt_default_release/singleton
diff --git a/cdist/conf/type/__apt_key/explorer/state b/cdist/conf/type/__apt_key/explorer/state
new file mode 100755
index 00000000..38f1bd3c
--- /dev/null
+++ b/cdist/conf/type/__apt_key/explorer/state
@@ -0,0 +1,44 @@
+#!/bin/sh
+#
+# 2011-2014 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# Get the current state of the apt key.
+#
+
+if [ -f "$__object/parameter/keyid" ]; then
+ keyid="$(cat "$__object/parameter/keyid")"
+else
+ keyid="$__object_id"
+fi
+
+keydir="$(cat "$__object/parameter/keydir")"
+keyfile="$keydir/$__object_id.gpg"
+
+if [ -d "$keydir" ]
+then
+ if [ -f "$keyfile" ]
+ then echo present
+ else echo absent
+ fi
+else
+ # fallback to deprecated apt-key
+ apt-key export "$keyid" | head -n 1 | grep -Fqe "BEGIN PGP PUBLIC KEY BLOCK" \
+ && echo present \
+ || echo absent
+fi
diff --git a/cdist/conf/type/__apt_key/gencode-remote b/cdist/conf/type/__apt_key/gencode-remote
new file mode 100755
index 00000000..e9daa524
--- /dev/null
+++ b/cdist/conf/type/__apt_key/gencode-remote
@@ -0,0 +1,114 @@
+#!/bin/sh -e
+#
+# 2011-2014 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+if [ -f "$__object/parameter/keyid" ]; then
+ keyid="$(cat "$__object/parameter/keyid")"
+else
+ keyid="$__object_id"
+fi
+state_should="$(cat "$__object/parameter/state")"
+state_is="$(cat "$__object/explorer/state")"
+
+if [ "$state_should" = "$state_is" ]; then
+ # nothing to do
+ exit 0
+fi
+
+keydir="$(cat "$__object/parameter/keydir")"
+keyfile="$keydir/$__object_id.gpg"
+
+case "$state_should" in
+ present)
+ keyserver="$(cat "$__object/parameter/keyserver")"
+
+ if [ -f "$__object/parameter/uri" ]; then
+ uri="$(cat "$__object/parameter/uri")"
+
+ if [ -d "$keydir" ]; then
+ cat << EOF
+
+curl -s -L \\
+ -o "$keyfile" \\
+ "$uri"
+
+key="\$( cat "$keyfile" )"
+
+if echo "\$key" | grep -Fq 'BEGIN PGP PUBLIC KEY BLOCK'
+then
+ echo "\$key" | gpg --dearmor > "$keyfile"
+fi
+
+EOF
+ else
+ # fallback to deprecated apt-key
+ echo "curl -s -L '$uri' | apt-key add -"
+ fi
+ elif [ -d "$keydir" ]; then
+ tmp='/tmp/cdist_apt_key_tmp'
+
+ # we need to kill gpg after 30 seconds, because gpg
+ # can get stuck if keyserver is not responding.
+ # exporting env var and not exit 1,
+ # because we need to clean up and kill dirmngr.
+ cat << EOF
+
+mkdir -m 700 -p "$tmp"
+
+if timeout 30s \\
+ gpg --homedir "$tmp" \\
+ --keyserver "$keyserver" \\
+ --recv-keys "$keyid"
+then
+ gpg --homedir "$tmp" \\
+ --export "$keyid" \\
+ > "$keyfile"
+else
+ export GPG_GOT_STUCK=1
+fi
+
+GNUPGHOME="$tmp" gpgconf --kill dirmngr
+
+rm -rf "$tmp"
+
+if [ -n "\$GPG_GOT_STUCK" ]
+then
+ echo "GPG GOT STUCK - no response from keyserver after 30 seconds" >&2
+ exit 1
+fi
+
+EOF
+ else
+ # fallback to deprecated apt-key
+ echo "apt-key adv --keyserver \"$keyserver\" --recv-keys \"$keyid\""
+ fi
+
+ echo "added '$keyid'" >> "$__messages_out"
+ ;;
+ absent)
+ if [ -f "$keyfile" ]; then
+ echo "rm '$keyfile'"
+ else
+ # fallback to deprecated apt-key
+ echo "apt-key del \"$keyid\""
+ fi
+
+ echo "removed '$keyid'" >> "$__messages_out"
+ ;;
+esac
diff --git a/cdist/conf/type/__apt_key/man.rst b/cdist/conf/type/__apt_key/man.rst
new file mode 100644
index 00000000..234bc715
--- /dev/null
+++ b/cdist/conf/type/__apt_key/man.rst
@@ -0,0 +1,72 @@
+cdist-type__apt_key(7)
+======================
+
+NAME
+----
+cdist-type__apt_key - Manage the list of keys used by apt
+
+
+DESCRIPTION
+-----------
+Manages the list of keys used by apt to authenticate packages.
+
+
+REQUIRED PARAMETERS
+-------------------
+None.
+
+
+OPTIONAL PARAMETERS
+-------------------
+state
+ 'present' or 'absent'. Defaults to 'present'
+
+keyid
+ the id of the key to add. Defaults to __object_id
+
+keyserver
+ the keyserver from which to fetch the key. If omitted the default set
+ in ./parameter/default/keyserver is used.
+
+keydir
+ key save location, defaults to ``/etc/apt/trusted.pgp.d``
+
+uri
+ the URI from which to download the key
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Add Ubuntu Archive Automatic Signing Key
+ __apt_key 437D05B5
+ # Same thing
+ __apt_key 437D05B5 --state present
+ # Get rid of it
+ __apt_key 437D05B5 --state absent
+
+ # same thing with human readable name and explicit keyid
+ __apt_key UbuntuArchiveKey --keyid 437D05B5
+
+ # same thing with other keyserver
+ __apt_key UbuntuArchiveKey --keyid 437D05B5 --keyserver keyserver.ubuntu.com
+
+ # download key from the internet
+ __apt_key rabbitmq \
+ --uri http://www.rabbitmq.com/rabbitmq-signing-key-public.asc
+
+
+AUTHORS
+-------
+Steven Armstrong
+Ander Punnar
+
+
+COPYING
+-------
+Copyright \(C) 2011-2019 Steven Armstrong and Ander Punnar. You can
+redistribute it and/or modify it under the terms of the GNU General Public
+License as published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__apt_key/manifest b/cdist/conf/type/__apt_key/manifest
new file mode 100755
index 00000000..010357cd
--- /dev/null
+++ b/cdist/conf/type/__apt_key/manifest
@@ -0,0 +1,8 @@
+#!/bin/sh -e
+
+__package gnupg
+
+if [ -f "$__object/parameter/uri" ]
+then __package curl
+else __package dirmngr
+fi
diff --git a/cdist/conf/type/__apt_key/parameter/default/keydir b/cdist/conf/type/__apt_key/parameter/default/keydir
new file mode 100644
index 00000000..190eb2de
--- /dev/null
+++ b/cdist/conf/type/__apt_key/parameter/default/keydir
@@ -0,0 +1 @@
+/etc/apt/trusted.gpg.d
diff --git a/cdist/conf/type/__apt_key/parameter/default/keyserver b/cdist/conf/type/__apt_key/parameter/default/keyserver
new file mode 100644
index 00000000..0d189916
--- /dev/null
+++ b/cdist/conf/type/__apt_key/parameter/default/keyserver
@@ -0,0 +1 @@
+pool.sks-keyservers.net
diff --git a/cdist/conf/type/__apt_key/parameter/default/state b/cdist/conf/type/__apt_key/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__apt_key/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__apt_key/parameter/optional b/cdist/conf/type/__apt_key/parameter/optional
new file mode 100644
index 00000000..de647375
--- /dev/null
+++ b/cdist/conf/type/__apt_key/parameter/optional
@@ -0,0 +1,5 @@
+state
+keyid
+keyserver
+keydir
+uri
diff --git a/cdist/conf/type/__package_pkg_openbsd/explorer/pkg_version b/cdist/conf/type/__apt_key_uri/explorer/state
similarity index 78%
rename from cdist/conf/type/__package_pkg_openbsd/explorer/pkg_version
rename to cdist/conf/type/__apt_key_uri/explorer/state
index bc23a85d..6f607607 100755
--- a/cdist/conf/type/__package_pkg_openbsd/explorer/pkg_version
+++ b/cdist/conf/type/__apt_key_uri/explorer/state
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# 2011 Andi Brönnimann (andi-cdist at v-net.ch)
+# 2011-2014 Steven Armstrong (steven-cdist at armstrong.cc)
#
# This file is part of cdist.
#
@@ -18,7 +18,7 @@
# along with cdist. If not, see .
#
#
-# Retrieve the status of a package - parsed dpkg output
+# Get the current state of the apt key.
#
if [ -f "$__object/parameter/name" ]; then
@@ -27,5 +27,6 @@ else
name="$__object_id"
fi
-#TODO: Is there a better way?
-pkg_info | grep "$name" | sed 's .*\(-[0-9.][0-9.]*\).* \1 ' | sed 's/-//'
+apt-key list 2> /dev/null | grep -Fqe "$name" \
+ && echo present \
+ || echo absent
diff --git a/cdist/conf/type/__apt_key_uri/gencode-remote b/cdist/conf/type/__apt_key_uri/gencode-remote
new file mode 100755
index 00000000..229b6564
--- /dev/null
+++ b/cdist/conf/type/__apt_key_uri/gencode-remote
@@ -0,0 +1,45 @@
+#!/bin/sh -e
+#
+# 2011-2014 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+if [ -f "$__object/parameter/name" ]; then
+ name="$(cat "$__object/parameter/name")"
+else
+ name="$__object_id"
+fi
+state_should="$(cat "$__object/parameter/state")"
+state_is="$(cat "$__object/explorer/state")"
+
+if [ "$state_should" = "$state_is" ]; then
+ # nothing to do
+ exit 0
+fi
+
+case "$state_should" in
+ present)
+ uri="$(cat "$__object/parameter/uri")"
+ printf 'curl -s -L "%s" | apt-key add -\n' "$uri"
+ ;;
+ absent)
+ cat << DONE
+keyid=\$(apt-key list | grep -B1 "$name" | awk '/pub/ { print \$2 }' | cut -d'/' -f 2)
+apt-key del \$keyid
+DONE
+ ;;
+esac
diff --git a/cdist/conf/type/__apt_key_uri/man.rst b/cdist/conf/type/__apt_key_uri/man.rst
new file mode 100644
index 00000000..82a191b9
--- /dev/null
+++ b/cdist/conf/type/__apt_key_uri/man.rst
@@ -0,0 +1,51 @@
+cdist-type__apt_key_uri(7)
+==========================
+
+NAME
+----
+cdist-type__apt_key_uri - Add apt key from uri
+
+
+DESCRIPTION
+-----------
+Download a key from an uri and add it to the apt keyring.
+
+
+REQUIRED PARAMETERS
+-------------------
+uri
+ the uri from which to download the key
+
+
+OPTIONAL PARAMETERS
+-------------------
+state
+ 'present' or 'absent', defaults to 'present'
+
+name
+ a name for this key, used when testing if it is already installed.
+ Defaults to __object_id
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __apt_key_uri rabbitmq \
+ --name 'RabbitMQ Release Signing Key ' \
+ --uri http://www.rabbitmq.com/rabbitmq-signing-key-public.asc \
+ --state present
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2011-2014 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__apt_key_uri/manifest b/cdist/conf/type/__apt_key_uri/manifest
new file mode 100755
index 00000000..bf7b267d
--- /dev/null
+++ b/cdist/conf/type/__apt_key_uri/manifest
@@ -0,0 +1,21 @@
+#!/bin/sh -e
+#
+# 2013-2014 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+__package curl
diff --git a/cdist/conf/type/__apt_key_uri/parameter/default/state b/cdist/conf/type/__apt_key_uri/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__apt_key_uri/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__apt_key_uri/parameter/optional b/cdist/conf/type/__apt_key_uri/parameter/optional
new file mode 100644
index 00000000..72c84b88
--- /dev/null
+++ b/cdist/conf/type/__apt_key_uri/parameter/optional
@@ -0,0 +1,2 @@
+state
+name
diff --git a/cdist/conf/type/__apt_key_uri/parameter/required b/cdist/conf/type/__apt_key_uri/parameter/required
new file mode 100644
index 00000000..c7954952
--- /dev/null
+++ b/cdist/conf/type/__apt_key_uri/parameter/required
@@ -0,0 +1 @@
+uri
diff --git a/cdist/conf/type/__apt_mark/explorer/apt_version b/cdist/conf/type/__apt_mark/explorer/apt_version
new file mode 100755
index 00000000..7bb90cc2
--- /dev/null
+++ b/cdist/conf/type/__apt_mark/explorer/apt_version
@@ -0,0 +1,31 @@
+#!/bin/sh -e
+#
+# 2016 Ander Punnar (cdist at kvlt.ee)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+apt_version_is=$(dpkg-query --show --showformat '${Version}' apt)
+
+# from APT changelog:
+# apt (0.8.14.2) UNRELEASED; urgency=low
+# provide a 'dpkg --set-selections' wrapper to set/release holds
+
+apt_version_should=0.8.14.2
+
+dpkg --compare-versions "$apt_version_should" le "$apt_version_is" \
+ && echo 0 \
+ || echo 1
diff --git a/cdist/conf/type/__apt_mark/explorer/package_installed b/cdist/conf/type/__apt_mark/explorer/package_installed
new file mode 100755
index 00000000..0b072cbc
--- /dev/null
+++ b/cdist/conf/type/__apt_mark/explorer/package_installed
@@ -0,0 +1,30 @@
+#!/bin/sh -e
+#
+# 2016 Ander Punnar (cdist at kvlt.ee)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+if [ -f "$__object/parameter/name" ]; then
+ name="$(cat "$__object/parameter/name")"
+else
+ name="$__object_id"
+fi
+
+dpkg-query --show --showformat '${Status}' "$name" 2>/dev/null \
+ | grep -Fq 'ok installed' \
+ && echo 0 \
+ || echo 1
diff --git a/cdist/conf/type/__apt_mark/explorer/state b/cdist/conf/type/__apt_mark/explorer/state
new file mode 100755
index 00000000..b7fe08fa
--- /dev/null
+++ b/cdist/conf/type/__apt_mark/explorer/state
@@ -0,0 +1,27 @@
+#!/bin/sh -e
+#
+# 2016 Ander Punnar (cdist at kvlt.ee)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+if [ -f "$__object/parameter/name" ]; then
+ name="$(cat "$__object/parameter/name")"
+else
+ name="$__object_id"
+fi
+
+apt-mark showhold | grep -Fq "$name" && echo hold || echo unhold
diff --git a/cdist/conf/type/__apt_mark/gencode-remote b/cdist/conf/type/__apt_mark/gencode-remote
new file mode 100755
index 00000000..bc995444
--- /dev/null
+++ b/cdist/conf/type/__apt_mark/gencode-remote
@@ -0,0 +1,56 @@
+#!/bin/sh -e
+#
+# 2016 Ander Punnar (cdist at kvlt.ee)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+if [ -f "$__object/parameter/name" ]; then
+ name="$(cat "$__object/parameter/name")"
+else
+ name="$__object_id"
+fi
+
+apt_version="$(cat "$__object/explorer/apt_version")"
+
+if [ "$apt_version" != '0' ]; then
+ echo 'APT version not supported' >&2
+ exit 1
+fi
+
+package_installed="$(cat "$__object/explorer/package_installed")"
+
+if [ "$package_installed" != '0' ]; then
+ exit 0
+fi
+
+state_should="$(cat "$__object/parameter/state")"
+
+state_is="$(cat "$__object/explorer/state")"
+
+if [ "$state_should" = "$state_is" ]; then
+ exit 0
+fi
+
+case "$state_should" in
+ hold|unhold)
+ echo "apt-mark $state_should $name > /dev/null"
+ ;;
+ *)
+ echo "Unknown state: $state_should" >&2
+ exit 1
+ ;;
+esac
diff --git a/cdist/conf/type/__apt_mark/man.rst b/cdist/conf/type/__apt_mark/man.rst
new file mode 100644
index 00000000..7aa2a519
--- /dev/null
+++ b/cdist/conf/type/__apt_mark/man.rst
@@ -0,0 +1,47 @@
+cdist-type__apt_mark(7)
+=======================
+
+NAME
+----
+cdist-type__apt_mark - set package state as 'hold' or 'unhold'
+
+
+DESCRIPTION
+-----------
+See apt-mark(8) for details.
+
+
+REQUIRED PARAMETERS
+-------------------
+state
+ Either "hold" or "unhold".
+
+
+OPTIONAL PARAMETERS
+-------------------
+name
+ If supplied, use the name and not the object id as the package name.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # hold package
+ __apt_mark quagga --state hold
+ # unhold package
+ __apt_mark quagga --state unhold
+
+
+AUTHORS
+-------
+Ander Punnar
+
+
+COPYING
+-------
+Copyright \(C) 2016 Ander Punnar. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__apt_mark/parameter/optional b/cdist/conf/type/__apt_mark/parameter/optional
new file mode 100644
index 00000000..f121bdbf
--- /dev/null
+++ b/cdist/conf/type/__apt_mark/parameter/optional
@@ -0,0 +1 @@
+name
diff --git a/cdist/conf/type/__apt_ppa/parameter/required b/cdist/conf/type/__apt_mark/parameter/required
similarity index 100%
rename from cdist/conf/type/__apt_ppa/parameter/required
rename to cdist/conf/type/__apt_mark/parameter/required
diff --git a/cdist/conf/type/__apt_norecommends/man.rst b/cdist/conf/type/__apt_norecommends/man.rst
new file mode 100644
index 00000000..001fffe4
--- /dev/null
+++ b/cdist/conf/type/__apt_norecommends/man.rst
@@ -0,0 +1,42 @@
+cdist-type__apt_norecommends(7)
+===============================
+
+NAME
+----
+cdist-type__apt_norecommends - Configure apt to not install recommended packages
+
+
+DESCRIPTION
+-----------
+Configure apt to not install any recommended or suggested packages.
+
+
+REQUIRED PARAMETERS
+-------------------
+None.
+
+
+OPTIONAL PARAMETERS
+-------------------
+None.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __apt_norecommends
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2014 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__apt_norecommends/manifest b/cdist/conf/type/__apt_norecommends/manifest
new file mode 100755
index 00000000..e737df89
--- /dev/null
+++ b/cdist/conf/type/__apt_norecommends/manifest
@@ -0,0 +1,44 @@
+#!/bin/sh -e
+#
+# 2014 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+
+os=$(cat "$__global/explorer/os")
+
+case "$os" in
+ ubuntu|debian|devuan)
+ # No stinking recommends thank you very much.
+ # If I want something installed I will do so myself.
+ __file /etc/apt/apt.conf.d/99-no-recommends \
+ --owner root --group root --mode 644 \
+ --source - << DONE
+APT::Install-Recommends "0";
+APT::Install-Suggests "0";
+APT::AutoRemove::RecommendsImportant "0";
+APT::AutoRemove::SuggestsImportant "0";
+DONE
+ ;;
+ *)
+ cat >&2 << DONE
+The developer of this type (${__type##*/}) did not think your operating system
+($os) would have any use for it. If you think otherwise please submit a patch.
+DONE
+ exit 1
+ ;;
+esac
diff --git a/cdist/test/autorequire/fixtures/conf/explorer/.keep b/cdist/conf/type/__apt_norecommends/singleton
similarity index 100%
rename from cdist/test/autorequire/fixtures/conf/explorer/.keep
rename to cdist/conf/type/__apt_norecommends/singleton
diff --git a/cdist/conf/type/__apt_ppa/explorer/state b/cdist/conf/type/__apt_ppa/explorer/state
index 8a5638b2..d47e7d20 100755
--- a/cdist/conf/type/__apt_ppa/explorer/state
+++ b/cdist/conf/type/__apt_ppa/explorer/state
@@ -23,11 +23,12 @@
name="$__object_id"
+# shellcheck disable=SC1091
. /etc/lsb-release
repo_name="${name#ppa:}"
-repo_file_name="$(echo "$repo_name" | sed "s:\/:\-:")-${DISTRIB_CODENAME}.list"
+repo_file_name="$(echo "$repo_name" | sed -e 's|[/:]|-|' -e 's|\.|_|')-${DISTRIB_CODENAME}.list"
[ -s "/etc/apt/sources.list.d/${repo_file_name}" ] \
- && echo enabled || echo disabled
+ && echo present || echo absent
diff --git a/cdist/conf/type/__apt_ppa/gencode-remote b/cdist/conf/type/__apt_ppa/gencode-remote
index 0e7fe163..84ebebfe 100755
--- a/cdist/conf/type/__apt_ppa/gencode-remote
+++ b/cdist/conf/type/__apt_ppa/gencode-remote
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/sh -e
#
# 2011 Steven Armstrong (steven-cdist at armstrong.cc)
#
@@ -22,14 +22,16 @@ name="$__object_id"
state_should="$(cat "$__object/parameter/state")"
state_is="$(cat "$__object/explorer/state")"
-if [ "$state_should" != "$state_is" ]; then
- case "$state_should" in
- enabled)
- echo add-apt-repository \"$name\"
- ;;
- disabled)
- echo remove-apt-repository \"$name\"
- ;;
- esac
+if [ "$state_should" = "$state_is" ]; then
+ # Nothing to do, move along
+ exit 0
fi
+case "$state_should" in
+ present)
+ echo "add-apt-repository '$name'"
+ ;;
+ absent)
+ echo "remove-apt-repository '$name'"
+ ;;
+esac
diff --git a/cdist/conf/type/__apt_ppa/man.rst b/cdist/conf/type/__apt_ppa/man.rst
new file mode 100644
index 00000000..8347c908
--- /dev/null
+++ b/cdist/conf/type/__apt_ppa/man.rst
@@ -0,0 +1,50 @@
+cdist-type__apt_ppa(7)
+======================
+
+NAME
+----
+cdist-type__apt_ppa - Manage ppa repositories
+
+
+DESCRIPTION
+-----------
+This cdist type allows manage ubuntu ppa repositories.
+
+
+REQUIRED PARAMETERS
+-------------------
+state
+ The state the ppa should be in, either 'present' or 'absent'.
+ Defaults to 'present'
+
+
+OPTIONAL PARAMETERS
+-------------------
+None.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Enable a ppa repository
+ __apt_ppa ppa:sans-intern/missing-bits
+ # same as
+ __apt_ppa ppa:sans-intern/missing-bits --state present
+
+ # Disable a ppa repository
+ __apt_ppa ppa:sans-intern/missing-bits --state absent
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2011-2014 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__apt_ppa/man.text b/cdist/conf/type/__apt_ppa/man.text
deleted file mode 100644
index f986eb2d..00000000
--- a/cdist/conf/type/__apt_ppa/man.text
+++ /dev/null
@@ -1,47 +0,0 @@
-cdist-type__apt_ppa(7)
-======================
-Steven Armstrong
-
-
-NAME
-----
-cdist-type__apt_ppa - Manage ppa repositories
-
-
-DESCRIPTION
------------
-This cdist type allows manage ubuntu ppa repositories.
-
-
-REQUIRED PARAMETERS
--------------------
-state::
- The state the ppa should be in, either "enabled" or "disabled".
-
-
-OPTIONAL PARAMETERS
--------------------
-None.
-
-
-EXAMPLES
---------
-
---------------------------------------------------------------------------------
-# Enable a ppa repository
-__apt_ppa ppa:sans-intern/missing-bits --state enabled
-
-# Disable a ppa repository
-__apt_ppa ppa:sans-intern/missing-bits --state disabled
---------------------------------------------------------------------------------
-
-
-SEE ALSO
---------
-- cdist-type(7)
-
-
-COPYING
--------
-Copyright \(C) 2011 Steven Armstrong. Free use of this software is
-granted under the terms of the GNU General Public License version 3 (GPLv3).
diff --git a/cdist/conf/type/__apt_ppa/manifest b/cdist/conf/type/__apt_ppa/manifest
index e7ad0c26..c6f4e876 100755
--- a/cdist/conf/type/__apt_ppa/manifest
+++ b/cdist/conf/type/__apt_ppa/manifest
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/sh -e
#
-# 2011 Steven Armstrong (steven-cdist at armstrong.cc)
+# 2011-2016 Steven Armstrong (steven-cdist at armstrong.cc)
#
# This file is part of cdist.
#
@@ -18,11 +18,9 @@
# along with cdist. If not, see .
#
-name="$__object_id"
+__package software-properties-common
-__package python-software-properties --state present
-
-require="__package/python-software-properties" \
+require="__package/software-properties-common" \
__file /usr/local/bin/remove-apt-repository \
--source "$__type/files/remove-apt-repository" \
--mode 0755
diff --git a/cdist/conf/type/__apt_ppa/parameter/default/state b/cdist/conf/type/__apt_ppa/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__apt_ppa/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__jail/parameter/required b/cdist/conf/type/__apt_ppa/parameter/optional
similarity index 100%
rename from cdist/conf/type/__jail/parameter/required
rename to cdist/conf/type/__apt_ppa/parameter/optional
diff --git a/cdist/conf/type/__apt_source/files/source.list.template b/cdist/conf/type/__apt_source/files/source.list.template
new file mode 100755
index 00000000..d4420e96
--- /dev/null
+++ b/cdist/conf/type/__apt_source/files/source.list.template
@@ -0,0 +1,15 @@
+#!/bin/sh
+set -u
+
+entry="$uri $distribution $component"
+cat << DONE
+# Created by cdist ${__type##*/}
+# Do not change. Changes will be overwritten.
+#
+
+# $name
+deb ${forcedarch} $entry
+DONE
+if [ -f "$__object/parameter/include-src" ]; then
+ echo "deb-src $entry"
+fi
diff --git a/cdist/conf/type/__apt_source/gencode-remote b/cdist/conf/type/__apt_source/gencode-remote
new file mode 100755
index 00000000..1e8592c6
--- /dev/null
+++ b/cdist/conf/type/__apt_source/gencode-remote
@@ -0,0 +1,28 @@
+#!/bin/sh -e
+#
+# 2018 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+
+name="$__object_id"
+destination="/etc/apt/sources.list.d/${name}.list"
+
+if grep -q "^__file${destination}" "$__messages_in"; then
+ printf 'apt-get update || apt-get update\n'
+fi
+
diff --git a/cdist/conf/type/__apt_source/man.rst b/cdist/conf/type/__apt_source/man.rst
new file mode 100644
index 00000000..d1acb388
--- /dev/null
+++ b/cdist/conf/type/__apt_source/man.rst
@@ -0,0 +1,70 @@
+cdist-type__apt_source(7)
+=========================
+
+NAME
+----
+cdist-type__apt_source - Manage apt sources
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to manage apt sources. It invokes index update
+internally when needed so call of index updating type is not needed.
+
+
+REQUIRED PARAMETERS
+-------------------
+uri
+ the uri to the apt repository
+
+
+OPTIONAL PARAMETERS
+-------------------
+arch
+ set this if you need to force and specific arch (ubuntu specific)
+
+state
+ 'present' or 'absent', defaults to 'present'
+
+distribution
+ the distribution codename to use. Defaults to DISTRIB_CODENAME from
+ the targets /etc/lsb-release
+
+component
+ space delimited list of components to enable. Defaults to an empty string.
+
+
+BOOLEAN PARAMETERS
+------------------
+include-src
+ include deb-src entries
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __apt_source rabbitmq \
+ --uri http://www.rabbitmq.com/debian/ \
+ --distribution testing \
+ --component main \
+ --include-src \
+ --state present
+
+ __apt_source canonical_partner \
+ --uri http://archive.canonical.com/ \
+ --component partner --state present
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2011-2018 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__apt_source/manifest b/cdist/conf/type/__apt_source/manifest
new file mode 100755
index 00000000..35f15909
--- /dev/null
+++ b/cdist/conf/type/__apt_source/manifest
@@ -0,0 +1,52 @@
+#!/bin/sh -e
+#
+# 2011-2018 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+name="$__object_id"
+state="$(cat "$__object/parameter/state")"
+uri="$(cat "$__object/parameter/uri")"
+
+if [ -f "$__object/parameter/distribution" ]; then
+ distribution="$(cat "$__object/parameter/distribution")"
+else
+ distribution="$(cat "$__global/explorer/lsb_codename")"
+fi
+
+component="$(cat "$__object/parameter/component")"
+
+if [ -f "$__object/parameter/arch" ]; then
+ forcedarch="[arch=$(cat "$__object/parameter/arch")]"
+else
+ forcedarch=""
+fi
+
+# export variables for use in template
+export name
+export uri
+export distribution
+export component
+export forcedarch
+
+# generate file from template
+mkdir "$__object/files"
+"$__type/files/source.list.template" > "$__object/files/source.list"
+__file "/etc/apt/sources.list.d/${name}.list" \
+ --source "$__object/files/source.list" \
+ --owner root --group root --mode 0644 \
+ --state "$state"
diff --git a/cdist/test/autorequire/fixtures/conf/type/__addifnosuchline/.keep b/cdist/conf/type/__apt_source/nonparallel
similarity index 100%
rename from cdist/test/autorequire/fixtures/conf/type/__addifnosuchline/.keep
rename to cdist/conf/type/__apt_source/nonparallel
diff --git a/cdist/conf/type/__apt_source/parameter/boolean b/cdist/conf/type/__apt_source/parameter/boolean
new file mode 100644
index 00000000..8fa49177
--- /dev/null
+++ b/cdist/conf/type/__apt_source/parameter/boolean
@@ -0,0 +1 @@
+include-src
diff --git a/cdist/test/autorequire/fixtures/conf/type/__directory/.keep b/cdist/conf/type/__apt_source/parameter/default/component
similarity index 100%
rename from cdist/test/autorequire/fixtures/conf/type/__directory/.keep
rename to cdist/conf/type/__apt_source/parameter/default/component
diff --git a/cdist/conf/type/__apt_source/parameter/default/state b/cdist/conf/type/__apt_source/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__apt_source/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__apt_source/parameter/optional b/cdist/conf/type/__apt_source/parameter/optional
new file mode 100644
index 00000000..87537335
--- /dev/null
+++ b/cdist/conf/type/__apt_source/parameter/optional
@@ -0,0 +1,4 @@
+state
+distribution
+component
+arch
\ No newline at end of file
diff --git a/cdist/conf/type/__apt_source/parameter/required b/cdist/conf/type/__apt_source/parameter/required
new file mode 100644
index 00000000..c7954952
--- /dev/null
+++ b/cdist/conf/type/__apt_source/parameter/required
@@ -0,0 +1 @@
+uri
diff --git a/cdist/conf/type/__apt_update_index/gencode-remote b/cdist/conf/type/__apt_update_index/gencode-remote
index 61ce11a9..70b59710 100755
--- a/cdist/conf/type/__apt_update_index/gencode-remote
+++ b/cdist/conf/type/__apt_update_index/gencode-remote
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/sh -e
#
# 2011 Steven Armstrong (steven-cdist at armstrong.cc)
#
diff --git a/cdist/conf/type/__apt_update_index/man.rst b/cdist/conf/type/__apt_update_index/man.rst
new file mode 100644
index 00000000..3031902f
--- /dev/null
+++ b/cdist/conf/type/__apt_update_index/man.rst
@@ -0,0 +1,41 @@
+cdist-type__apt_update_index(7)
+===============================
+
+NAME
+----
+cdist-type__apt_update_index - Update apt's package index
+
+
+DESCRIPTION
+-----------
+This cdist type runs apt-get update whenever any apt sources have changed.
+
+
+REQUIRED PARAMETERS
+-------------------
+None.
+
+OPTIONAL PARAMETERS
+-------------------
+None.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __apt_update_index
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2011 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__apt_update_index/man.text b/cdist/conf/type/__apt_update_index/man.text
deleted file mode 100644
index 778af508..00000000
--- a/cdist/conf/type/__apt_update_index/man.text
+++ /dev/null
@@ -1,41 +0,0 @@
-cdist-type__apt_update_index(7)
-===============================
-Steven Armstrong
-
-
-NAME
-----
-cdist-type__apt_update_index - update apt's package index
-
-
-DESCRIPTION
------------
-This cdist type runs apt-get update whenever any apt sources have changed.
-
-
-REQUIRED PARAMETERS
--------------------
-None.
-
-OPTIONAL PARAMETERS
--------------------
-None.
-
-
-EXAMPLES
---------
-
---------------------------------------------------------------------------------
-__apt_update_index
---------------------------------------------------------------------------------
-
-
-SEE ALSO
---------
-- cdist-type(7)
-
-
-COPYING
--------
-Copyright \(C) 2011 Steven Armstrong. Free use of this software is
-granted under the terms of the GNU General Public License version 3 (GPLv3).
diff --git a/cdist/conf/type/__block/explorer/block b/cdist/conf/type/__block/explorer/block
new file mode 100755
index 00000000..e1ca3441
--- /dev/null
+++ b/cdist/conf/type/__block/explorer/block
@@ -0,0 +1,40 @@
+#!/bin/sh
+#
+# 2013 Steven Armstrong (steven-cdist armstrong.cc)
+# 2014 Nico Schottelius (nico-cdist at schottelius.org)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+
+file="$(cat "$__object/parameter/file" 2>/dev/null || echo "/$__object_id")"
+
+# file does not exist, nothing we could do
+[ -f "$file" ] || exit 0
+
+prefix=$(cat "$__object/parameter/prefix" 2>/dev/null || echo "#cdist:__block/$__object_id")
+suffix=$(cat "$__object/parameter/suffix" 2>/dev/null || echo "#/cdist:__block/$__object_id")
+awk -v prefix="^$prefix\$" -v suffix="^$suffix\$" '{
+ if (match($0,prefix)) {
+ triggered=1
+ }
+ if (triggered) {
+ if (match($0,suffix)) {
+ triggered=0
+ }
+ print
+ }
+}' "$file"
diff --git a/cdist/conf/type/__block/gencode-remote b/cdist/conf/type/__block/gencode-remote
new file mode 100755
index 00000000..1f5cc033
--- /dev/null
+++ b/cdist/conf/type/__block/gencode-remote
@@ -0,0 +1,89 @@
+#!/bin/sh -e
+#
+# 2013 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+# quote function from http://www.etalabs.net/sh_tricks.html
+quote() {
+ printf '%s\n' "$1" | sed "s/'/'\\\\''/g;1s/^/'/;\$s/\$/'/"
+}
+
+file="$(cat "$__object/parameter/file" 2>/dev/null || echo "/$__object_id")"
+state_should=$(cat "$__object/parameter/state")
+prefix=$(cat "$__object/parameter/prefix" 2>/dev/null || echo "#cdist:__block/$__object_id")
+suffix=$(cat "$__object/parameter/suffix" 2>/dev/null || echo "#/cdist:__block/$__object_id")
+
+block="$__object/files/block"
+if [ ! -s "$__object/explorer/block" ]; then
+ state_is='absent'
+else
+ state_is=$(diff -q "$block" "$__object/explorer/block" >/dev/null \
+ && echo present \
+ || echo changed
+ )
+fi
+
+state_should="$(cat "$__object/parameter/state")"
+if [ "$state_should" = "$state_is" ]; then
+ # Nothing to do, move along
+ exit 0
+fi
+
+remove_block() {
+ cat << DONE
+tmpfile=\$(mktemp ${file}.cdist.XXXXXXXXXX)
+# preserve ownership and permissions of existing file
+if [ -f "$file" ]; then
+ cp -p "$file" "\$tmpfile"
+fi
+awk -v prefix=^$(quote "$prefix")\$ -v suffix=^$(quote "$suffix")\$ '
+{
+ if (match(\$0,prefix)) {
+ triggered=1
+ }
+ if (triggered) {
+ if (match(\$0,suffix)) {
+ triggered=0
+ }
+ } else {
+ print
+ }
+}' "$file" > "\$tmpfile"
+mv -f "\$tmpfile" "$file"
+DONE
+}
+
+case "$state_should" in
+ present)
+ if [ "$state_is" = "changed" ]; then
+ echo update >> "$__messages_out"
+ remove_block
+ else
+ echo add >> "$__messages_out"
+ fi
+ cat << DONE
+cat >> "$file" << ${__type##*/}_DONE
+$(cat "$block")
+${__type##*/}_DONE
+DONE
+ ;;
+ absent)
+ echo remove >> "$__messages_out"
+ remove_block
+ ;;
+esac
diff --git a/cdist/conf/type/__block/man.rst b/cdist/conf/type/__block/man.rst
new file mode 100644
index 00000000..90e50381
--- /dev/null
+++ b/cdist/conf/type/__block/man.rst
@@ -0,0 +1,82 @@
+cdist-type__block(7)
+====================
+
+NAME
+----
+cdist-type__block - Manage blocks of text in files
+
+
+DESCRIPTION
+-----------
+Manage a block of text in an existing file.
+The block is identified using the prefix and suffix parameters.
+Everything between prefix and suffix is considered to be a managed block
+of text.
+
+
+REQUIRED PARAMETERS
+-------------------
+text
+ the text to manage.
+ If text is '-' (dash), take what was written to stdin as the text.
+
+
+OPTIONAL PARAMETERS
+-------------------
+file
+ the file in which to manage the text block.
+ Defaults to object_id.
+
+prefix
+ the prefix to add before the text.
+ Defaults to #cdist:__block/$__object_id
+
+suffix
+ the suffix to add after the text.
+ Defaults to #/cdist:__block/$__object_id
+
+state
+ 'present' or 'absent', defaults to 'present'
+
+
+MESSAGES
+--------
+add
+ block was added
+update
+ block was updated/changed
+remove
+ block was removed
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # text from argument
+ __block /path/to/file \
+ --prefix '#start' \
+ --suffix '#end' \
+ --text 'some\nblock of\ntext'
+
+ # text from stdin
+ __block some-id \
+ --file /path/to/file \
+ --text - << DONE
+ here some block
+ of text
+ DONE
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2013 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__block/manifest b/cdist/conf/type/__block/manifest
new file mode 100755
index 00000000..726950d3
--- /dev/null
+++ b/cdist/conf/type/__block/manifest
@@ -0,0 +1,34 @@
+#!/bin/sh -e
+#
+# 2013-2014 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+prefix=$(cat "$__object/parameter/prefix" 2>/dev/null || echo "#cdist:__block/$__object_id")
+suffix=$(cat "$__object/parameter/suffix" 2>/dev/null || echo "#/cdist:__block/$__object_id")
+text=$(cat "$__object/parameter/text")
+
+mkdir "$__object/files"
+# Generate text block for inclusion in file
+block="$__object/files/block"
+echo "$prefix" > "$block"
+if [ "$text" = "-" ]; then
+ cat "$__object/stdin" >> "$block"
+else
+ echo "$text" >> "$block"
+fi
+echo "$suffix" >> "$block"
diff --git a/cdist/conf/type/__block/parameter/default/state b/cdist/conf/type/__block/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__block/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__block/parameter/optional b/cdist/conf/type/__block/parameter/optional
new file mode 100644
index 00000000..fa3abebf
--- /dev/null
+++ b/cdist/conf/type/__block/parameter/optional
@@ -0,0 +1,4 @@
+file
+prefix
+state
+suffix
diff --git a/cdist/conf/type/__block/parameter/required b/cdist/conf/type/__block/parameter/required
new file mode 100644
index 00000000..8e27be7d
--- /dev/null
+++ b/cdist/conf/type/__block/parameter/required
@@ -0,0 +1 @@
+text
diff --git a/cdist/conf/type/__ccollect_source/explorer/cksum b/cdist/conf/type/__ccollect_source/explorer/cksum
new file mode 100755
index 00000000..335e4e7a
--- /dev/null
+++ b/cdist/conf/type/__ccollect_source/explorer/cksum
@@ -0,0 +1,34 @@
+#!/bin/sh
+#
+# 2011-2012 Nico Schottelius (nico-cdist at schottelius.org)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# Retrieve the md5sum of a file to be created, if it is already existing.
+#
+
+destination="/$__object_id"
+
+if [ -e "$destination" ]; then
+ if [ -f "$destination" ]; then
+ cksum < "$destination"
+ else
+ echo "NO REGULAR FILE"
+ fi
+else
+ echo "NO FILE FOUND, NO CHECKSUM CALCULATED."
+fi
diff --git a/cdist/conf/type/__ccollect_source/explorer/stat b/cdist/conf/type/__ccollect_source/explorer/stat
new file mode 100755
index 00000000..9b5ad75b
--- /dev/null
+++ b/cdist/conf/type/__ccollect_source/explorer/stat
@@ -0,0 +1,56 @@
+#!/bin/sh
+#
+# 2013 Steven Armstrong (steven-cdist armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+destination="/$__object_id"
+
+# nothing to work with, nothing we could do
+[ -e "$destination" ] || exit 0
+
+os=$("$__explorer/os")
+case "$os" in
+ "freebsd"|"netbsd"|"openbsd")
+ # FIXME: should be something like this based on man page, but can not test
+ stat -f "type: %ST
+owner: %Du %Su
+group: %Dg %Sg
+mode: %Op %Sp
+size: %Dz
+links: %Dl
+" "$destination"
+ ;;
+ "macosx")
+ stat -f "type: %HT
+ owner: %Du %Su
+ group: %Dg %Sg
+ mode: %Lp %Sp
+ size: %Dz
+ links: %Dl
+ " "$destination"
+ ;;
+ *)
+ stat --printf="type: %F
+owner: %u %U
+group: %g %G
+mode: %a %A
+size: %s
+links: %h
+" "$destination"
+ ;;
+esac
diff --git a/cdist/conf/type/__ccollect_source/explorer/type b/cdist/conf/type/__ccollect_source/explorer/type
new file mode 100755
index 00000000..e723047c
--- /dev/null
+++ b/cdist/conf/type/__ccollect_source/explorer/type
@@ -0,0 +1,33 @@
+#!/bin/sh
+#
+# 2013 Steven Armstrong (steven-cdist armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+destination="/$__object_id"
+
+if [ ! -e "$destination" ]; then
+ echo none
+elif [ -h "$destination" ]; then
+ echo symlink
+elif [ -f "$destination" ]; then
+ echo file
+elif [ -d "$destination" ]; then
+ echo directory
+else
+ echo unknown
+fi
diff --git a/cdist/conf/type/__ccollect_source/gencode-remote b/cdist/conf/type/__ccollect_source/gencode-remote
new file mode 100755
index 00000000..57353c24
--- /dev/null
+++ b/cdist/conf/type/__ccollect_source/gencode-remote
@@ -0,0 +1,92 @@
+#!/bin/sh -e
+#
+# 2014 Nico Schottelius (nico-cdist at schottelius.org)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+destination="/$__object_id"
+state_should="$(cat "$__object/parameter/state")"
+type="$(cat "$__object/explorer/type")"
+stat_file="$__object/explorer/stat"
+
+
+get_current_value() {
+ if [ -s "$stat_file" ]; then
+ _name="$1"
+ _value="$2"
+ case "$_value" in
+ [0-9]*)
+ _index=2
+ ;;
+ *)
+ _index=3
+ ;;
+ esac
+ awk '/'"$_name"':/ { print $'$_index' }' "$stat_file"
+ unset _name _value _index
+ fi
+}
+
+set_group() {
+ echo "chgrp '$1' '$destination'"
+ echo "chgrp '$1'" >> "$__messages_out"
+}
+
+set_owner() {
+ echo "chown '$1' '$destination'"
+ echo "chown '$1'" >> "$__messages_out"
+}
+
+set_mode() {
+ echo "chmod '$1' '$destination'"
+ echo "chmod '$1'" >> "$__messages_out"
+}
+
+case "$state_should" in
+ present|exists)
+ # Note: Mode - needs to happen last as a chown/chgrp can alter mode by
+ # clearing S_ISUID and S_ISGID bits (see chown(2))
+ for attribute in group owner mode; do
+ if [ -f "$__object/parameter/$attribute" ]; then
+ value_should="$(cat "$__object/parameter/$attribute")"
+
+ # change 0xxx format to xxx format => same as stat returns
+ if [ "$attribute" = mode ]; then
+ value_should="$(echo "$value_should" | sed 's/^0\(...\)/\1/')"
+ fi
+
+ value_is="$(get_current_value "$attribute" "$value_should")"
+ if [ -f "$__object/files/set-attributes" ] || [ "$value_should" != "$value_is" ]; then
+ "set_$attribute" "$value_should"
+ fi
+ fi
+ done
+
+ ;;
+
+ absent)
+ if [ "$type" = "file" ]; then
+ echo "rm -f '$destination'"
+ echo remove >> "$__messages_out"
+ fi
+ ;;
+
+ *)
+ echo "Unknown state: $state_should" >&2
+ exit 1
+ ;;
+esac
diff --git a/cdist/conf/type/__ccollect_source/man.rst b/cdist/conf/type/__ccollect_source/man.rst
new file mode 100644
index 00000000..b0c23482
--- /dev/null
+++ b/cdist/conf/type/__ccollect_source/man.rst
@@ -0,0 +1,78 @@
+cdist-type__ccollect_source(7)
+==============================
+
+NAME
+----
+cdist-type__ccollect_source - Manage ccollect sources
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to create or delete ccollect sources.
+
+
+REQUIRED PARAMETERS
+-------------------
+source
+ The source from which to backup
+destination
+ The destination directory
+
+
+OPTIONAL PARAMETERS
+-------------------
+state
+ 'present' or 'absent', defaults to 'present'
+ccollectconf
+ The CCOLLECT_CONF directory. Defaults to /etc/ccollect.
+
+
+OPTIONAL MULTIPLE PARAMETERS
+----------------------------
+exclude
+ Paths to exclude of backup
+
+
+BOOLEAN PARAMETERS
+------------------
+verbose
+ Whether to report backup verbosely
+
+create-destination
+ Create the directory specified in the destination parameter on the remote host
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __ccollect_source doc.ungleich.ch \
+ --source doc.ungleich.ch:/ \
+ --destination /backup/doc.ungleich.ch \
+ --exclude '/proc/*' --exclude '/sys/*' \
+ --verbose
+
+ __ccollect_source doc.ungleich.ch \
+ --source doc.ungleich.ch:/ \
+ --destination /backup/doc.ungleich.ch \
+ --exclude '/proc/*' --exclude '/sys/*' \
+ --verbose \
+ --create-destination
+
+
+SEE ALSO
+--------
+:strong:`ccollect`\ (1)
+
+
+AUTHORS
+-------
+Nico Schottelius
+
+
+COPYING
+-------
+Copyright \(C) 2014 Nico Schottelius. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__ccollect_source/manifest b/cdist/conf/type/__ccollect_source/manifest
new file mode 100755
index 00000000..727a4c97
--- /dev/null
+++ b/cdist/conf/type/__ccollect_source/manifest
@@ -0,0 +1,59 @@
+#!/bin/sh -e
+#
+# 2014 Nico Schottelius (nico-cdist at schottelius.org)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+name="$__object_id"
+state="$(cat "$__object/parameter/state")"
+source="$(cat "$__object/parameter/source")"
+destination="$(cat "$__object/parameter/destination")"
+ccollectconf="$(sed 's,/$,,' "$__object/parameter/ccollectconf")"
+
+sourcedir="$ccollectconf/sources"
+basedir="$sourcedir/$name"
+
+destination_file="$basedir/destination"
+source_file="$basedir/source"
+exclude_file="$basedir/exclude"
+verbose_file="$basedir/verbose"
+
+__directory "$basedir" --state "$state"
+
+export require="__directory$basedir"
+echo "$destination" | __file "$destination_file" --source - --state "$state"
+echo "$source" | __file "$source_file" --source - --state "$state"
+
+################################################################################
+# Booleans
+if [ "${state}" = "absent" ]; then
+ verbosestate="absent"
+elif [ -f "$__object/parameter/verbose" ]; then
+ verbosestate="present"
+else
+ verbosestate="absent"
+fi
+__file "$verbose_file" --state "$verbosestate"
+
+if [ -f "$__object/parameter/exclude" ]; then
+ __file "$exclude_file" --source - --state "$state" \
+ < "$__object/parameter/exclude"
+fi
+
+if [ -f "$__object/parameter/create-destination" ]; then
+ __directory "${destination}" --parents --state "${state}"
+fi
diff --git a/cdist/conf/type/__ccollect_source/parameter/boolean b/cdist/conf/type/__ccollect_source/parameter/boolean
new file mode 100644
index 00000000..434c644f
--- /dev/null
+++ b/cdist/conf/type/__ccollect_source/parameter/boolean
@@ -0,0 +1,2 @@
+verbose
+create-destination
diff --git a/cdist/conf/type/__ccollect_source/parameter/default/ccollectconf b/cdist/conf/type/__ccollect_source/parameter/default/ccollectconf
new file mode 100644
index 00000000..a9fda009
--- /dev/null
+++ b/cdist/conf/type/__ccollect_source/parameter/default/ccollectconf
@@ -0,0 +1 @@
+/etc/ccollect
diff --git a/cdist/conf/type/__ccollect_source/parameter/default/state b/cdist/conf/type/__ccollect_source/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__ccollect_source/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__ccollect_source/parameter/optional b/cdist/conf/type/__ccollect_source/parameter/optional
new file mode 100644
index 00000000..0249d11e
--- /dev/null
+++ b/cdist/conf/type/__ccollect_source/parameter/optional
@@ -0,0 +1,2 @@
+ccollectconf
+state
diff --git a/cdist/conf/type/__ccollect_source/parameter/optional_multiple b/cdist/conf/type/__ccollect_source/parameter/optional_multiple
new file mode 100644
index 00000000..9ba870ea
--- /dev/null
+++ b/cdist/conf/type/__ccollect_source/parameter/optional_multiple
@@ -0,0 +1 @@
+exclude
diff --git a/cdist/conf/type/__ccollect_source/parameter/required b/cdist/conf/type/__ccollect_source/parameter/required
new file mode 100644
index 00000000..9239646e
--- /dev/null
+++ b/cdist/conf/type/__ccollect_source/parameter/required
@@ -0,0 +1,2 @@
+source
+destination
diff --git a/cdist/conf/type/__cdist/man.rst b/cdist/conf/type/__cdist/man.rst
new file mode 100644
index 00000000..be082781
--- /dev/null
+++ b/cdist/conf/type/__cdist/man.rst
@@ -0,0 +1,63 @@
+cdist-type__cdist(7)
+====================
+
+NAME
+----
+cdist-type__cdist - Manage cdist installations
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to easily setup cdist
+on another box, to allow the other box to configure
+systems.
+
+This type is *NOT* required by target hosts.
+It is only helpful to build FROM which you configure
+other hosts.
+
+This type will use git to clone
+
+
+REQUIRED PARAMETERS
+-------------------
+
+OPTIONAL PARAMETERS
+-------------------
+username
+ Select the user to create for the cdist installation.
+ Defaults to "cdist".
+
+source
+ Select the source from which to clone cdist from.
+ Defaults to "git@code.ungleich.ch:ungleich-public/cdist.git".
+
+
+branch
+ Select the branch to checkout from.
+ Defaults to "master".
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Install cdist for user cdist in her home as subfolder cdist
+ __cdist /home/cdist/cdist
+
+ # Use alternative source
+ __cdist --source "git@code.ungleich.ch:ungleich-public/cdist.git" /home/cdist/cdist
+
+
+AUTHORS
+-------
+Nico Schottelius
+
+
+COPYING
+-------
+Copyright \(C) 2013 Nico Schottelius. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__cdist/manifest b/cdist/conf/type/__cdist/manifest
new file mode 100755
index 00000000..a97cf288
--- /dev/null
+++ b/cdist/conf/type/__cdist/manifest
@@ -0,0 +1,47 @@
+#!/bin/sh -e
+#
+# 2013 Nico Schottelius (nico-cdist at schottelius.org)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+
+directory="$__object_id"
+
+if [ -f "$__object/parameter/shell" ]; then
+ shell="--shell $(cat "$__object/parameter/shell")"
+else
+ shell=""
+fi
+
+username="$(cat "$__object/parameter/username")"
+
+branch="$(cat "$__object/parameter/branch")"
+
+source="$(cat "$__object/parameter/source")"
+
+# Currently hardcoded - if anyone cares, make a parameter
+# out of it
+home=/home/$username
+
+__user "$username" --home "$home" $shell
+
+require="__user/$username" __directory "$home" \
+ --owner "$username"
+
+require="__user/$username __directory/$home" __git "$directory" \
+ --source "$source" \
+ --owner "$username" --branch "$branch"
diff --git a/cdist/conf/type/__cdist/parameter/default/branch b/cdist/conf/type/__cdist/parameter/default/branch
new file mode 100644
index 00000000..1f7391f9
--- /dev/null
+++ b/cdist/conf/type/__cdist/parameter/default/branch
@@ -0,0 +1 @@
+master
diff --git a/cdist/conf/type/__cdist/parameter/default/source b/cdist/conf/type/__cdist/parameter/default/source
new file mode 100644
index 00000000..1ad3a250
--- /dev/null
+++ b/cdist/conf/type/__cdist/parameter/default/source
@@ -0,0 +1 @@
+git@code.ungleich.ch:ungleich-public/cdist.git
diff --git a/cdist/conf/type/__cdist/parameter/default/username b/cdist/conf/type/__cdist/parameter/default/username
new file mode 100644
index 00000000..a585e141
--- /dev/null
+++ b/cdist/conf/type/__cdist/parameter/default/username
@@ -0,0 +1 @@
+cdist
diff --git a/cdist/conf/type/__cdist/parameter/optional b/cdist/conf/type/__cdist/parameter/optional
new file mode 100644
index 00000000..a5f14343
--- /dev/null
+++ b/cdist/conf/type/__cdist/parameter/optional
@@ -0,0 +1,4 @@
+branch
+source
+username
+shell
diff --git a/cdist/conf/type/__cdistmarker/gencode-remote b/cdist/conf/type/__cdistmarker/gencode-remote
index e332df38..e71955c4 100755
--- a/cdist/conf/type/__cdistmarker/gencode-remote
+++ b/cdist/conf/type/__cdistmarker/gencode-remote
@@ -1,8 +1,8 @@
-#!/bin/sh
+#!/bin/sh -e
#
# Copyright (C) 2011 Daniel Maher (phrawzty+cdist at gmail.com)
#
-# This file is part of cdist (https://github.com/telmich/cdist/).
+# This file is part of cdist.
#
# cdist is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@@ -19,19 +19,11 @@
#
# The marker file is established in the docs, but it isn't obligatory.
-if [ -f "$__object/parameter/destination" ]; then
- destination="$(cat "$__object/parameter/destination")"
-else
- destination='/etc/cdist-configured'
-fi
+destination="$(cat "$__object/parameter/destination")"
# The basic output of date is usually good enough, but variety is the
# spice of life...
-if [ -f "$__object/parameter/format" ]; then
- format="$(cat "$__object/parameter/format")"
-else
- format='-u'
-fi
+format="$(cat "$__object/parameter/format")"
# Dump the timestamp in UTC to the marker
echo "date $format > $destination"
diff --git a/cdist/conf/type/__cdistmarker/man.text b/cdist/conf/type/__cdistmarker/man.rst
similarity index 60%
rename from cdist/conf/type/__cdistmarker/man.text
rename to cdist/conf/type/__cdistmarker/man.rst
index ca5611a7..f3a8bafe 100644
--- a/cdist/conf/type/__cdistmarker/man.text
+++ b/cdist/conf/type/__cdistmarker/man.rst
@@ -1,7 +1,5 @@
cdist-type__cdistmarker(7)
==========================
-Daniel Maher
-
NAME
----
@@ -23,11 +21,11 @@ None.
OPTIONAL PARAMETERS
-------------------
-destination::
+destination
The path and filename of the marker.
Default: /etc/cdist-configured
-format::
+format
The format of the timestamp. This is passed directly to system 'date'.
Default: -u
@@ -35,21 +33,23 @@ format::
EXAMPLES
--------
---------------------------------------------------------------------------------
-# Creates the marker as normal.
-__cdistmarker
+.. code-block:: sh
-# Creates the marker differently.
-__cdistmarker --file /tmp/cdist_marker --format '+%s'
---------------------------------------------------------------------------------
+ # Creates the marker as normal.
+ __cdistmarker
+
+ # Creates the marker differently.
+ __cdistmarker --destination /tmp/cdist_marker --format '+%s'
-SEE ALSO
---------
-- cdist-type(7)
+AUTHORS
+-------
+Daniel Maher
COPYING
-------
-Copyright \(C) 2011 Daniel Maher. Free use of this software is granted under
-the terms of the GNU General Public License version 3 (GPLv3).
+Copyright \(C) 2011 Daniel Maher. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__cdistmarker/parameter/default/destination b/cdist/conf/type/__cdistmarker/parameter/default/destination
new file mode 100644
index 00000000..bd3a112f
--- /dev/null
+++ b/cdist/conf/type/__cdistmarker/parameter/default/destination
@@ -0,0 +1 @@
+/etc/cdist-configured
diff --git a/cdist/conf/type/__cdistmarker/parameter/default/format b/cdist/conf/type/__cdistmarker/parameter/default/format
new file mode 100644
index 00000000..5dc9e6ec
--- /dev/null
+++ b/cdist/conf/type/__cdistmarker/parameter/default/format
@@ -0,0 +1 @@
+-u
diff --git a/cdist/conf/type/__check_messages/gencode-remote b/cdist/conf/type/__check_messages/gencode-remote
new file mode 100755
index 00000000..ec36cecc
--- /dev/null
+++ b/cdist/conf/type/__check_messages/gencode-remote
@@ -0,0 +1,26 @@
+#!/bin/sh -e
+#
+# 2019 Ander Punnar (ander-at-kvlt-dot-ee)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+if grep -Eq \
+ "$( cat "$__object/parameter/pattern" )" \
+ "$__messages_in"
+then
+ tee "$__messages_out" < "$__object/parameter/execute"
+fi
diff --git a/cdist/conf/type/__check_messages/man.rst b/cdist/conf/type/__check_messages/man.rst
new file mode 100644
index 00000000..5c80a0ae
--- /dev/null
+++ b/cdist/conf/type/__check_messages/man.rst
@@ -0,0 +1,52 @@
+cdist-type__check_messages(7)
+=============================
+
+NAME
+----
+cdist-type__check_messages - Check messages for pattern and execute command on match.
+
+
+DESCRIPTION
+-----------
+Check messages for pattern and execute command on match.
+
+This type is useful if you chain together multiple related types using
+dependencies and want to restart service if at least one type changes
+something.
+
+For more information about messages see `cdist messaging `_.
+
+For more information about dependencies and execution order see
+`cdist manifest `_ documentation.
+
+
+REQUIRED PARAMETERS
+-------------------
+pattern
+ Extended regular expression pattern for search (passed to ``grep -E``).
+
+execute
+ Command to execute on pattern match.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __check_messages munin \
+ --pattern '^__(file|link|line)/etc/munin/' \
+ --execute 'service munin-node restart'
+
+
+AUTHORS
+-------
+Ander Punnar
+
+
+COPYING
+-------
+Copyright \(C) 2019 Ander Punnar. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__check_messages/parameter/required b/cdist/conf/type/__check_messages/parameter/required
new file mode 100644
index 00000000..374363cb
--- /dev/null
+++ b/cdist/conf/type/__check_messages/parameter/required
@@ -0,0 +1,2 @@
+pattern
+execute
diff --git a/cdist/conf/type/__chroot_mount/gencode-local b/cdist/conf/type/__chroot_mount/gencode-local
new file mode 100755
index 00000000..b131346c
--- /dev/null
+++ b/cdist/conf/type/__chroot_mount/gencode-local
@@ -0,0 +1,36 @@
+#!/bin/sh -e
+#
+# 2016 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+chroot="/$__object_id"
+
+if [ -f "$__object/parameter/manage-resolv-conf" ]; then
+ suffix="$(cat "$__object/parameter/manage-resolv-conf")"
+ resolv_conf="${chroot}/etc/resolv.conf"
+ original_resolv_conf="${resolv_conf}.${suffix}"
+ cat << DONE
+$__remote_exec $__target_host << EOSSH
+if [ -f "${resolv_conf}" ]; then
+ mv "${resolv_conf}" "${original_resolv_conf}"
+fi
+# copy hosts resolv.conf into chroot
+cp /etc/resolv.conf "${resolv_conf}"
+EOSSH
+DONE
+fi
diff --git a/cdist/conf/type/__chroot_mount/gencode-remote b/cdist/conf/type/__chroot_mount/gencode-remote
new file mode 100755
index 00000000..4fbb3ffc
--- /dev/null
+++ b/cdist/conf/type/__chroot_mount/gencode-remote
@@ -0,0 +1,44 @@
+#!/bin/sh -e
+#
+# 2012 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+chroot="/$__object_id"
+
+cat << DONE
+# Prepare chroot
+[ -d "${chroot}/proc" ] || mkdir "${chroot}/proc"
+mountpoint -q "${chroot}/proc" \
+ || mount -t proc -o nosuid,noexec,nodev proc "${chroot}/proc"
+
+[ -d "${chroot}/sys" ] || mkdir "${chroot}/sys"
+mountpoint -q "${chroot}/sys" \
+ || mount -t sysfs -o nosuid,noexec,nodev sys "${chroot}/sys"
+
+[ -d "${chroot}/dev" ] || mkdir "${chroot}/dev"
+mountpoint -q "${chroot}/dev" \
+ || mount -t devtmpfs -o mode=0755,nosuid udev "${chroot}/dev"
+
+[ -d "${chroot}/dev/pts" ] || mkdir "${chroot}/dev/pts"
+mountpoint -q "${chroot}/dev/pts" \
+ || mount -t devpts -o mode=0620,gid=5,nosuid,noexec devpts "${chroot}/dev/pts"
+
+[ -d "${chroot}/tmp" ] || mkdir -m 1777 "${chroot}/tmp"
+mountpoint -q "${chroot}/tmp" \
+ || mount -t tmpfs -o mode=1777,strictatime,nodev,nosuid tmpfs "${chroot}/tmp"
+DONE
diff --git a/cdist/conf/type/__chroot_mount/man.rst b/cdist/conf/type/__chroot_mount/man.rst
new file mode 100644
index 00000000..41fd496b
--- /dev/null
+++ b/cdist/conf/type/__chroot_mount/man.rst
@@ -0,0 +1,55 @@
+cdist-type__chroot_mount(7)
+===========================
+
+NAME
+----
+cdist-type__chroot_mount - mount a chroot
+
+
+DESCRIPTION
+-----------
+Mount and prepare a chroot for running commands within it.
+
+
+REQUIRED PARAMETERS
+-------------------
+None
+
+
+OPTIONAL PARAMETERS
+-------------------
+manage-resolv-conf
+ manage /etc/resolv.conf inside the chroot.
+ Use the value of this parameter as the suffix to save a copy
+ of the current /etc/resolv.conf to /etc/resolv.conf.$suffix.
+ This is used by the __chroot_umount type to restore the initial
+ file content when unmounting the chroot.
+
+
+BOOLEAN PARAMETERS
+------------------
+None.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __chroot_mount /path/to/chroot
+
+ __chroot_mount /path/to/chroot \
+ --manage-resolv-conf "some-known-string"
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2012-2017 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__chroot_mount/parameter/optional b/cdist/conf/type/__chroot_mount/parameter/optional
new file mode 100644
index 00000000..27928f2c
--- /dev/null
+++ b/cdist/conf/type/__chroot_mount/parameter/optional
@@ -0,0 +1 @@
+manage-resolv-conf
diff --git a/cdist/conf/type/__chroot_umount/gencode-local b/cdist/conf/type/__chroot_umount/gencode-local
new file mode 100755
index 00000000..b3cb69c6
--- /dev/null
+++ b/cdist/conf/type/__chroot_umount/gencode-local
@@ -0,0 +1,36 @@
+#!/bin/sh -e
+#
+# 2016 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+chroot="/$__object_id"
+
+if [ -f "$__object/parameter/manage-resolv-conf" ]; then
+ suffix="$(cat "$__object/parameter/manage-resolv-conf")"
+ resolv_conf="${chroot}/etc/resolv.conf"
+ original_resolv_conf="${resolv_conf}.${suffix}"
+cat << DONE
+$__remote_exec $__target_host << EOSSH
+if [ -f "${original_resolv_conf}" ]; then
+ # restore original /etc/resolv.conf that we moved out of the way
+ # in __chroot_mount/gencode-local
+ mv -f "${original_resolv_conf}" "${resolv_conf}"
+fi
+EOSSH
+DONE
+fi
diff --git a/cdist/conf/type/__chroot_umount/gencode-remote b/cdist/conf/type/__chroot_umount/gencode-remote
new file mode 100755
index 00000000..ff669e1b
--- /dev/null
+++ b/cdist/conf/type/__chroot_umount/gencode-remote
@@ -0,0 +1,35 @@
+#!/bin/sh -e
+#
+# 2012 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+chroot="/$__object_id"
+
+cat << DONE
+umount -l "${chroot}/tmp"
+umount -l "${chroot}/dev/pts"
+umount -l "${chroot}/dev"
+umount -l "${chroot}/sys"
+umount -l "${chroot}/proc"
+if [ -d "${chroot}/etc/resolvconf/resolv.conf.d" ]; then
+ # ensure /etc/resolvconf/resolv.conf.d/tail is not linked to \
+ # e.g. /etc/resolvconf/resolv.conf.d/original
+ rm -f "${chroot}/etc/resolvconf/resolv.conf.d/tail"
+ touch "${chroot}/etc/resolvconf/resolv.conf.d/tail"
+fi
+DONE
diff --git a/cdist/conf/type/__chroot_umount/man.rst b/cdist/conf/type/__chroot_umount/man.rst
new file mode 100644
index 00000000..2a15f362
--- /dev/null
+++ b/cdist/conf/type/__chroot_umount/man.rst
@@ -0,0 +1,60 @@
+cdist-type__chroot_umount(7)
+============================
+
+NAME
+----
+cdist-type__chroot_umount - unmount a chroot mounted by __chroot_mount
+
+
+DESCRIPTION
+-----------
+Undo what __chroot_mount did.
+
+
+REQUIRED PARAMETERS
+-------------------
+None
+
+
+OPTIONAL PARAMETERS
+-------------------
+manage-resolv-conf
+ manage /etc/resolv.conf inside the chroot.
+ Use the value of this parameter as the suffix to find the backup file
+ that was saved by the __chroot_mount.
+ This is used by the to restore the initial file content when unmounting
+ the chroot.
+
+
+BOOLEAN PARAMETERS
+------------------
+None.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __chroot_umount /path/to/chroot
+
+ __chroot_umount /path/to/chroot \
+ --manage-resolv-conf "some-known-string"
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__chroot_mount`\ (7)
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2012-2017 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__chroot_umount/manifest b/cdist/conf/type/__chroot_umount/manifest
new file mode 100755
index 00000000..b3cb69c6
--- /dev/null
+++ b/cdist/conf/type/__chroot_umount/manifest
@@ -0,0 +1,36 @@
+#!/bin/sh -e
+#
+# 2016 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+chroot="/$__object_id"
+
+if [ -f "$__object/parameter/manage-resolv-conf" ]; then
+ suffix="$(cat "$__object/parameter/manage-resolv-conf")"
+ resolv_conf="${chroot}/etc/resolv.conf"
+ original_resolv_conf="${resolv_conf}.${suffix}"
+cat << DONE
+$__remote_exec $__target_host << EOSSH
+if [ -f "${original_resolv_conf}" ]; then
+ # restore original /etc/resolv.conf that we moved out of the way
+ # in __chroot_mount/gencode-local
+ mv -f "${original_resolv_conf}" "${resolv_conf}"
+fi
+EOSSH
+DONE
+fi
diff --git a/cdist/conf/type/__chroot_umount/parameter/optional b/cdist/conf/type/__chroot_umount/parameter/optional
new file mode 100644
index 00000000..27928f2c
--- /dev/null
+++ b/cdist/conf/type/__chroot_umount/parameter/optional
@@ -0,0 +1 @@
+manage-resolv-conf
diff --git a/cdist/conf/type/__clean_path/explorer/list b/cdist/conf/type/__clean_path/explorer/list
new file mode 100755
index 00000000..07d38127
--- /dev/null
+++ b/cdist/conf/type/__clean_path/explorer/list
@@ -0,0 +1,35 @@
+#!/bin/sh -e
+#
+# 2019 Ander Punnar (ander-at-kvlt-dot-ee)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+path="/$__object_id"
+
+[ ! -d "$path" ] && exit 0
+
+pattern="$( cat "$__object/parameter/pattern" )"
+
+if [ -f "$__object/parameter/exclude" ]
+then
+ exclude="$( cat "$__object/parameter/exclude" )"
+
+ find "$path" -mindepth 1 -maxdepth 1 -regex "$pattern" \
+ -and -not -regex "$exclude"
+else
+ find "$path" -mindepth 1 -maxdepth 1 -regex "$pattern"
+fi
diff --git a/cdist/conf/type/__clean_path/gencode-remote b/cdist/conf/type/__clean_path/gencode-remote
new file mode 100755
index 00000000..998a70d8
--- /dev/null
+++ b/cdist/conf/type/__clean_path/gencode-remote
@@ -0,0 +1,48 @@
+#!/bin/sh -e
+#
+# 2019 Ander Punnar (ander-at-kvlt-dot-ee)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+[ ! -s "$__object/explorer/list" ] && exit 0
+
+path="/$__object_id"
+
+pattern="$( cat "$__object/parameter/pattern" )"
+
+if [ -f "$__object/parameter/exclude" ]
+then
+ exclude="$( cat "$__object/parameter/exclude" )"
+
+ echo "find '$path' -mindepth 1 -maxdepth 1 -regex '$pattern'" \
+ "-and -not -regex '$exclude'" \
+ '-exec rm -rf {} \;'
+else
+ echo "find '$path' -mindepth 1 -maxdepth 1 -regex '$pattern'" \
+ '-exec rm -rf {} \;'
+fi
+
+while read -r f
+do
+ echo "removed '$f'" >> "$__messages_out"
+done \
+< "$__object/explorer/list"
+
+if [ -f "$__object/parameter/onchange" ]
+then
+ cat "$__object/parameter/onchange"
+fi
diff --git a/cdist/conf/type/__clean_path/man.rst b/cdist/conf/type/__clean_path/man.rst
new file mode 100644
index 00000000..826f4589
--- /dev/null
+++ b/cdist/conf/type/__clean_path/man.rst
@@ -0,0 +1,60 @@
+cdist-type__clean_path(7)
+=========================
+
+NAME
+----
+cdist-type__clean_path - Remove files and directories which match the pattern.
+
+
+DESCRIPTION
+-----------
+Remove files and directories which match the pattern.
+
+Provided path (as __object_id) must be a directory.
+
+Patterns are passed to ``find``'s ``-regex`` - see ``find(1)`` for more details.
+
+Look up of files and directories is non-recursive (``-maxdepth 1``).
+
+Parent directory is excluded (``-mindepth 1``).
+
+This type is not POSIX compatible (sorry, Solaris users).
+
+
+REQUIRED PARAMETERS
+-------------------
+pattern
+ Pattern of files which are removed from path.
+
+
+OPTIONAL PARAMETERS
+-------------------
+exclude
+ Pattern of files which are excluded from removal.
+
+onchange
+ The code to run if files or directories were removed.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __clean_path /etc/apache2/conf-enabled \
+ --pattern '.+' \
+ --exclude '.+\(charset\.conf\|security\.conf\)' \
+ --onchange 'service apache2 restart'
+
+
+AUTHORS
+-------
+Ander Punnar
+
+
+COPYING
+-------
+Copyright \(C) 2019 Ander Punnar. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__clean_path/parameter/optional b/cdist/conf/type/__clean_path/parameter/optional
new file mode 100644
index 00000000..6f313474
--- /dev/null
+++ b/cdist/conf/type/__clean_path/parameter/optional
@@ -0,0 +1,2 @@
+exclude
+onchange
diff --git a/cdist/conf/type/__clean_path/parameter/required b/cdist/conf/type/__clean_path/parameter/required
new file mode 100644
index 00000000..54774947
--- /dev/null
+++ b/cdist/conf/type/__clean_path/parameter/required
@@ -0,0 +1 @@
+pattern
diff --git a/cdist/conf/type/__config_file/gencode-remote b/cdist/conf/type/__config_file/gencode-remote
new file mode 100755
index 00000000..5f1626be
--- /dev/null
+++ b/cdist/conf/type/__config_file/gencode-remote
@@ -0,0 +1,27 @@
+#!/bin/sh -e
+#
+# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+destination="$__object_id"
+
+if [ -f "$__object/parameter/onchange" ]; then
+ if grep -q "^__file/${destination}" "$__messages_in"; then
+ cat "$__object/parameter/onchange"
+ fi
+fi
diff --git a/cdist/conf/type/__config_file/man.rst b/cdist/conf/type/__config_file/man.rst
new file mode 100644
index 00000000..5e0e58bd
--- /dev/null
+++ b/cdist/conf/type/__config_file/man.rst
@@ -0,0 +1,64 @@
+cdist-type__config_file(7)
+==========================
+
+NAME
+----
+cdist-type__config_file - _Manages config files
+
+
+DESCRIPTION
+-----------
+Deploy config files using the file type.
+Run the given code if the files changes.
+
+
+REQUIRED PARAMETERS
+-------------------
+None.
+
+
+OPTIONAL PARAMETERS
+-------------------
+group
+ see cdist-type__file
+mode
+ see cdist-type__file
+onchange
+ the code to run if the file changes
+owner
+ see cdist-type__file
+source
+ Path to the config file.
+ If source is '-' (dash), take what was written to stdin as the config file content.
+state
+ see cdist-type__file
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __config_file /etc/consul/conf.d/watch_foo.json \
+ --owner root --group consul --mode 640 \
+ --source "$__type/files/watch_foo.json" \
+ --state present \
+ --onchange 'service consul status >/dev/null && service consul reload || true'
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__file`\ (7)
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2015 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__config_file/manifest b/cdist/conf/type/__config_file/manifest
new file mode 100755
index 00000000..be8f9f67
--- /dev/null
+++ b/cdist/conf/type/__config_file/manifest
@@ -0,0 +1,42 @@
+#!/bin/sh -e
+#
+# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+set -- "/${__object_id}"
+cd "$__object/parameter/"
+for param in *; do
+ case "$param" in
+ source)
+ source="$(cat "$__object/parameter/source")"
+ if [ "$source" = "-" ]; then
+ source="$__object/stdin"
+ fi
+ set -- "$@" --source "$source"
+ ;;
+ owner|group|mode|state)
+ set -- "$@" "--${param}" "$(cat "$__object/parameter/$param")"
+ ;;
+ *)
+ # ignore unknown parameters
+ :
+ ;;
+ esac
+done
+
+__file "$@"
diff --git a/cdist/conf/type/__config_file/parameter/default/state b/cdist/conf/type/__config_file/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__config_file/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__config_file/parameter/optional b/cdist/conf/type/__config_file/parameter/optional
new file mode 100644
index 00000000..085c7725
--- /dev/null
+++ b/cdist/conf/type/__config_file/parameter/optional
@@ -0,0 +1,6 @@
+group
+mode
+onchange
+owner
+source
+state
diff --git a/cdist/conf/type/__consul/files/versions/0.4.1/cksum b/cdist/conf/type/__consul/files/versions/0.4.1/cksum
new file mode 100644
index 00000000..edba1a68
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/0.4.1/cksum
@@ -0,0 +1 @@
+428915666 15738724 consul
diff --git a/cdist/conf/type/__consul/files/versions/0.4.1/source b/cdist/conf/type/__consul/files/versions/0.4.1/source
new file mode 100644
index 00000000..b1e9908d
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/0.4.1/source
@@ -0,0 +1 @@
+https://dl.bintray.com/mitchellh/consul/0.4.1_linux_amd64.zip
diff --git a/cdist/conf/type/__consul/files/versions/0.5.0/cksum b/cdist/conf/type/__consul/files/versions/0.5.0/cksum
new file mode 100644
index 00000000..fe9888ae
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/0.5.0/cksum
@@ -0,0 +1 @@
+131560372 17734417 consul
diff --git a/cdist/conf/type/__consul/files/versions/0.5.0/source b/cdist/conf/type/__consul/files/versions/0.5.0/source
new file mode 100644
index 00000000..00a209a5
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/0.5.0/source
@@ -0,0 +1 @@
+https://dl.bintray.com/mitchellh/consul/0.5.0_linux_amd64.zip
diff --git a/cdist/conf/type/__consul/files/versions/0.5.1/cksum b/cdist/conf/type/__consul/files/versions/0.5.1/cksum
new file mode 100644
index 00000000..a176ed43
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/0.5.1/cksum
@@ -0,0 +1 @@
+2564582176 18232733 consul
diff --git a/cdist/conf/type/__consul/files/versions/0.5.1/source b/cdist/conf/type/__consul/files/versions/0.5.1/source
new file mode 100644
index 00000000..f02a1103
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/0.5.1/source
@@ -0,0 +1 @@
+https://dl.bintray.com/mitchellh/consul/0.5.1_linux_amd64.zip
diff --git a/cdist/conf/type/__consul/files/versions/0.5.2/cksum b/cdist/conf/type/__consul/files/versions/0.5.2/cksum
new file mode 100644
index 00000000..1c077266
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/0.5.2/cksum
@@ -0,0 +1 @@
+2207534901 18245010 consul
diff --git a/cdist/conf/type/__consul/files/versions/0.5.2/source b/cdist/conf/type/__consul/files/versions/0.5.2/source
new file mode 100644
index 00000000..43b43d55
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/0.5.2/source
@@ -0,0 +1 @@
+https://releases.hashicorp.com/consul/0.5.2/consul_0.5.2_linux_amd64.zip
diff --git a/cdist/conf/type/__consul/files/versions/0.6.0/cksum b/cdist/conf/type/__consul/files/versions/0.6.0/cksum
new file mode 100644
index 00000000..bf41a9b8
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/0.6.0/cksum
@@ -0,0 +1 @@
+688442448 19798264 consul
diff --git a/cdist/conf/type/__consul/files/versions/0.6.0/source b/cdist/conf/type/__consul/files/versions/0.6.0/source
new file mode 100644
index 00000000..691f2a87
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/0.6.0/source
@@ -0,0 +1 @@
+https://releases.hashicorp.com/consul/0.6.0/consul_0.6.0_linux_amd64.zip
diff --git a/cdist/conf/type/__consul/files/versions/0.6.1/cksum b/cdist/conf/type/__consul/files/versions/0.6.1/cksum
new file mode 100644
index 00000000..aa354351
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/0.6.1/cksum
@@ -0,0 +1 @@
+3100584780 20416856 consul
diff --git a/cdist/conf/type/__consul/files/versions/0.6.1/source b/cdist/conf/type/__consul/files/versions/0.6.1/source
new file mode 100644
index 00000000..3b20388f
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/0.6.1/source
@@ -0,0 +1 @@
+https://releases.hashicorp.com/consul/0.6.1/consul_0.6.1_linux_amd64.zip
diff --git a/cdist/conf/type/__consul/files/versions/0.6.2/cksum b/cdist/conf/type/__consul/files/versions/0.6.2/cksum
new file mode 100644
index 00000000..9c0b35c5
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/0.6.2/cksum
@@ -0,0 +1 @@
+2124180907 20416920 consul
diff --git a/cdist/conf/type/__consul/files/versions/0.6.2/source b/cdist/conf/type/__consul/files/versions/0.6.2/source
new file mode 100644
index 00000000..b0c6eeed
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/0.6.2/source
@@ -0,0 +1 @@
+https://releases.hashicorp.com/consul/0.6.2/consul_0.6.2_linux_amd64.zip
diff --git a/cdist/conf/type/__consul/files/versions/0.6.3/cksum b/cdist/conf/type/__consul/files/versions/0.6.3/cksum
new file mode 100644
index 00000000..886d01bb
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/0.6.3/cksum
@@ -0,0 +1 @@
+1832669072 20417720 consul
diff --git a/cdist/conf/type/__consul/files/versions/0.6.3/source b/cdist/conf/type/__consul/files/versions/0.6.3/source
new file mode 100644
index 00000000..fef668be
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/0.6.3/source
@@ -0,0 +1 @@
+https://releases.hashicorp.com/consul/0.6.3/consul_0.6.3_linux_amd64.zip
diff --git a/cdist/conf/type/__consul/files/versions/0.6.4/cksum b/cdist/conf/type/__consul/files/versions/0.6.4/cksum
new file mode 100644
index 00000000..1124b7aa
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/0.6.4/cksum
@@ -0,0 +1 @@
+3832641574 23002736 consul
diff --git a/cdist/conf/type/__consul/files/versions/0.6.4/source b/cdist/conf/type/__consul/files/versions/0.6.4/source
new file mode 100644
index 00000000..96879b8d
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/0.6.4/source
@@ -0,0 +1 @@
+https://releases.hashicorp.com/consul/0.6.4/consul_0.6.4_linux_amd64.zip
diff --git a/cdist/conf/type/__consul/files/versions/0.7.0/cksum b/cdist/conf/type/__consul/files/versions/0.7.0/cksum
new file mode 100644
index 00000000..3bffeedb
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/0.7.0/cksum
@@ -0,0 +1 @@
+695240564 24003648 consul
diff --git a/cdist/conf/type/__consul/files/versions/0.7.0/source b/cdist/conf/type/__consul/files/versions/0.7.0/source
new file mode 100644
index 00000000..ad610fc7
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/0.7.0/source
@@ -0,0 +1 @@
+https://releases.hashicorp.com/consul/0.7.0/consul_0.7.0_linux_amd64.zip
diff --git a/cdist/conf/type/__consul/files/versions/0.7.1/cksum b/cdist/conf/type/__consul/files/versions/0.7.1/cksum
new file mode 100644
index 00000000..476bd9f6
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/0.7.1/cksum
@@ -0,0 +1 @@
+3128343188 28402769 consul
diff --git a/cdist/conf/type/__consul/files/versions/0.7.1/source b/cdist/conf/type/__consul/files/versions/0.7.1/source
new file mode 100644
index 00000000..6ba2e7bf
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/0.7.1/source
@@ -0,0 +1 @@
+https://releases.hashicorp.com/consul/0.7.1/consul_0.7.1_linux_amd64.zip
diff --git a/cdist/conf/type/__consul/files/versions/0.8.1/cksum b/cdist/conf/type/__consul/files/versions/0.8.1/cksum
new file mode 100644
index 00000000..9125cc8f
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/0.8.1/cksum
@@ -0,0 +1 @@
+283033689 36101209 consul
diff --git a/cdist/conf/type/__consul/files/versions/0.8.1/source b/cdist/conf/type/__consul/files/versions/0.8.1/source
new file mode 100644
index 00000000..92386c7c
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/0.8.1/source
@@ -0,0 +1 @@
+https://releases.hashicorp.com/consul/0.8.1/consul_0.8.1_linux_amd64.zip
diff --git a/cdist/conf/type/__consul/files/versions/1.0.6/cksum b/cdist/conf/type/__consul/files/versions/1.0.6/cksum
new file mode 100644
index 00000000..b70b55f4
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/1.0.6/cksum
@@ -0,0 +1 @@
+4120550353 48801129 consul
diff --git a/cdist/conf/type/__consul/files/versions/1.0.6/source b/cdist/conf/type/__consul/files/versions/1.0.6/source
new file mode 100644
index 00000000..769d3134
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/1.0.6/source
@@ -0,0 +1 @@
+https://releases.hashicorp.com/consul/1.0.6/consul_1.0.6_linux_amd64.zip
diff --git a/cdist/conf/type/__consul/files/versions/1.2.3/cksum b/cdist/conf/type/__consul/files/versions/1.2.3/cksum
new file mode 100644
index 00000000..6352409e
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/1.2.3/cksum
@@ -0,0 +1 @@
+191982 110369685
diff --git a/cdist/conf/type/__consul/files/versions/1.2.3/source b/cdist/conf/type/__consul/files/versions/1.2.3/source
new file mode 100644
index 00000000..5e67bc37
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/1.2.3/source
@@ -0,0 +1 @@
+https://releases.hashicorp.com/consul/1.2.3/consul_1.2.3_linux_amd64.zip
diff --git a/cdist/conf/type/__consul/files/versions/1.3.0/cksum b/cdist/conf/type/__consul/files/versions/1.3.0/cksum
new file mode 100644
index 00000000..7a885378
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/1.3.0/cksum
@@ -0,0 +1 @@
+1714523667 98363467 consul
diff --git a/cdist/conf/type/__consul/files/versions/1.3.0/source b/cdist/conf/type/__consul/files/versions/1.3.0/source
new file mode 100644
index 00000000..18a1ba8e
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/1.3.0/source
@@ -0,0 +1 @@
+https://releases.hashicorp.com/consul/1.3.0/consul_1.3.0_linux_amd64.zip
diff --git a/cdist/conf/type/__consul/files/versions/1.5.0/cksum b/cdist/conf/type/__consul/files/versions/1.5.0/cksum
new file mode 100644
index 00000000..efca9caa
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/1.5.0/cksum
@@ -0,0 +1 @@
+886614099 103959898 consul
diff --git a/cdist/conf/type/__consul/files/versions/1.5.0/source b/cdist/conf/type/__consul/files/versions/1.5.0/source
new file mode 100644
index 00000000..cafa9248
--- /dev/null
+++ b/cdist/conf/type/__consul/files/versions/1.5.0/source
@@ -0,0 +1 @@
+https://releases.hashicorp.com/consul/1.5.0/consul_1.5.0_linux_amd64.zip
diff --git a/cdist/conf/type/__consul/gencode-remote b/cdist/conf/type/__consul/gencode-remote
new file mode 100755
index 00000000..2a21054f
--- /dev/null
+++ b/cdist/conf/type/__consul/gencode-remote
@@ -0,0 +1,63 @@
+#!/bin/sh -e
+#
+# 2018 Darko Poljak (darko.poljak at gmail.com)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+#set -x
+
+if [ ! -f "$__object/parameter/direct" ]; then
+ # Nothing here, staged file is used.
+ exit 0
+fi
+
+state=$(cat "$__object/parameter/state")
+destination="/usr/local/bin/consul"
+
+if [ "$state" = "absent" ]; then
+ printf 'rm -f "%s"' "$destination"
+ exit 0
+fi
+
+versions_dir="$__type/files/versions"
+version="$(cat "$__object/parameter/version")"
+version_dir="$versions_dir/$version"
+
+source=$(cat "$version_dir/source")
+source_file_name="${source##*/}"
+cksum_should=$(cut -d' ' -f1,2 "$version_dir/cksum")
+
+cat << eof
+ tmpdir=\$(mktemp -d -p /tmp "${__type##*/}.XXXXXXXXXX")
+ curl -s -L "$source" > "\$tmpdir/$source_file_name"
+ unzip -p "\$tmpdir/$source_file_name" > "${destination}.tmp"
+ rm -rf "\$tmpdir"
+
+ cksum_is=\$(cksum "${destination}.tmp" | cut -d' ' -f1,2)
+ if [ "\$cksum_is" = "$cksum_should" ]; then
+ rm -f "${destination}"
+ mv "${destination}.tmp" "${destination}"
+ chown root:root "$destination"
+ chmod 755 "$destination"
+ else
+ rm -f "${destination}.tmp"
+ echo "Failed to verify checksum for $__object_name" >&2
+ exit 1
+ fi
+eof
+
+echo "/usr/local/bin/consul created" >> "$__messages_out"
diff --git a/cdist/conf/type/__consul/man.rst b/cdist/conf/type/__consul/man.rst
new file mode 100644
index 00000000..5b2db50a
--- /dev/null
+++ b/cdist/conf/type/__consul/man.rst
@@ -0,0 +1,75 @@
+cdist-type__consul(7)
+=====================
+
+NAME
+----
+cdist-type__consul - Install consul
+
+
+DESCRIPTION
+-----------
+Downloads and installs the consul binary from https://dl.bintray.com/mitchellh/consul.
+Note that the consul binary is downloaded on the server (the machine running
+cdist) and then deployed to the target host using the __file type unless --direct
+parameter is used.
+
+
+REQUIRED PARAMETERS
+-------------------
+None.
+
+
+OPTIONAL PARAMETERS
+-------------------
+state
+ either 'present' or 'absent'. Defaults to 'present'
+
+version
+ which version of consul to install. See ./files/versions for a list of
+ supported versions. Defaults to the latest known version.
+
+
+BOOLEAN PARAMETERS
+------------------
+direct
+ Download and deploy consul binary directly on the target machine.
+
+
+MESSAGES
+--------
+If consul binary is created using __staged_file then underlaying __file type messages are emitted.
+
+If consul binary is created by direct method then the following messages are emitted:
+
+/usr/local/bin/consul created
+ consul binary was created
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # just install using defaults
+ __consul
+
+ # install by downloading consul binary directly on the target machine
+ __consul --direct
+
+ # specific version
+ __consul \
+ --version 0.4.1
+
+
+AUTHORS
+-------
+| Steven Armstrong
+| Darko Poljak
+
+
+COPYING
+-------
+Copyright \(C) 2015 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__consul/manifest b/cdist/conf/type/__consul/manifest
new file mode 100755
index 00000000..156eb667
--- /dev/null
+++ b/cdist/conf/type/__consul/manifest
@@ -0,0 +1,61 @@
+#!/bin/sh -e
+#
+# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
+# 2016 Nico Schottelius (nico-cdist at schottelius.org)
+# 2018 Darko Poljak (darko.poljak at gmail.com)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+
+os=$(cat "$__global/explorer/os")
+
+case "$os" in
+ alpine|scientific|centos|redhat|ubuntu|debian|devuan|archlinux|gentoo)
+ # any linux should work
+ :
+ ;;
+ *)
+ echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2
+ echo "Please contribute an implementation for it if you can." >&2
+ exit 1
+ ;;
+esac
+
+versions_dir="$__type/files/versions"
+version="$(cat "$__object/parameter/version")"
+version_dir="$versions_dir/$version"
+
+if [ ! -d "$version_dir" ]; then
+ echo "Unknown consul version '$version'. Expected one of:" >&2
+ ls "$versions_dir" >&2
+ exit 1
+fi
+
+if [ -f "$__object/parameter/direct" ]; then
+ __package unzip
+ __package curl
+else
+ __staged_file /usr/local/bin/consul \
+ --source "$(cat "$version_dir/source")" \
+ --cksum "$(cat "$version_dir/cksum")" \
+ --fetch-command 'curl -s -L "%s"' \
+ --prepare-command 'unzip -p "%s"' \
+ --state "$(cat "$__object/parameter/state")" \
+ --group root \
+ --owner root \
+ --mode 755
+fi
diff --git a/cdist/conf/type/__consul/parameter/boolean b/cdist/conf/type/__consul/parameter/boolean
new file mode 100644
index 00000000..aa81b5e0
--- /dev/null
+++ b/cdist/conf/type/__consul/parameter/boolean
@@ -0,0 +1 @@
+direct
diff --git a/cdist/conf/type/__consul/parameter/default/state b/cdist/conf/type/__consul/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__consul/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__consul/parameter/default/version b/cdist/conf/type/__consul/parameter/default/version
new file mode 100644
index 00000000..af0b7ddb
--- /dev/null
+++ b/cdist/conf/type/__consul/parameter/default/version
@@ -0,0 +1 @@
+1.0.6
diff --git a/cdist/conf/type/__consul/parameter/optional b/cdist/conf/type/__consul/parameter/optional
new file mode 100644
index 00000000..4d595ed7
--- /dev/null
+++ b/cdist/conf/type/__consul/parameter/optional
@@ -0,0 +1,2 @@
+state
+version
diff --git a/cdist/test/autorequire/fixtures/conf/type/__package_special/.keep b/cdist/conf/type/__consul/singleton
similarity index 100%
rename from cdist/test/autorequire/fixtures/conf/type/__package_special/.keep
rename to cdist/conf/type/__consul/singleton
diff --git a/cdist/conf/type/__consul_agent/files/consul-prepare.upstart b/cdist/conf/type/__consul_agent/files/consul-prepare.upstart
new file mode 100644
index 00000000..569220d1
--- /dev/null
+++ b/cdist/conf/type/__consul_agent/files/consul-prepare.upstart
@@ -0,0 +1,9 @@
+start on starting consul
+
+task
+
+script
+ mkdir -p /var/run/consul
+ chown consul:consul /var/run/consul
+ chmod 2770 /var/run/consul
+end script
diff --git a/cdist/conf/type/__consul_agent/files/consul.sys-openrc b/cdist/conf/type/__consul_agent/files/consul.sys-openrc
new file mode 100644
index 00000000..1dbe9375
--- /dev/null
+++ b/cdist/conf/type/__consul_agent/files/consul.sys-openrc
@@ -0,0 +1,38 @@
+#!/sbin/openrc-run
+# 2019 Nico Schottelius (nico-cdist at schottelius.org)
+
+description="consul agent"
+
+pidfile="${CONSUL_PIDFILE:-"/var/run/$RC_SVCNAME/pidfile"}"
+command="${CONSUL_BINARY:-"/usr/local/bin/consul"}"
+
+
+checkconfig() {
+ if [ ! -d /var/run/consul ] ; then
+ mkdir -p /var/run/consul || return 1
+ chown consul:consul /var/run/$NAME || return 1
+ chmod 2770 /var/run/$NAME || return 1
+ fi
+}
+
+start() {
+ need net
+
+ start-stop-daemon --start --quiet --oknodo \
+ --pidfile "$pidfile" --background \
+ --exec $command -- agent -pid-file="$pidfile" -config-dir /etc/consul/conf.d
+}
+start_pre() {
+ checkconfig
+}
+
+stop() {
+ if [ "${RC_CMD}" = "restart" ] ; then
+ checkconfig || return 1
+ fi
+
+ ebegin "Stopping $RC_SVCNAME"
+ start-stop-daemon --stop --exec "$command" \
+ --pidfile "$pidfile" --quiet
+ eend $?
+}
diff --git a/cdist/conf/type/__consul_agent/files/consul.systemd b/cdist/conf/type/__consul_agent/files/consul.systemd
new file mode 100644
index 00000000..8d5fd323
--- /dev/null
+++ b/cdist/conf/type/__consul_agent/files/consul.systemd
@@ -0,0 +1,22 @@
+[Unit]
+Description=Consul Agent
+Wants=basic.target
+After=basic.target network.target
+
+[Service]
+User=consul
+Group=consul
+Environment="GOMAXPROCS=2"
+# Run ExecStartPre with root-permissions
+PermissionsStartOnly=true
+ExecStartPre=/usr/bin/mkdir -p /var/run/consul
+ExecStartPre=/usr/bin/chown consul:consul /var/run/consul
+ExecStartPre=/usr/bin/chmod 2770 /var/run/consul
+ExecStart=/usr/local/bin/consul agent -config-dir /etc/consul/conf.d
+ExecReload=/bin/kill -HUP $MAINPID
+KillMode=process
+Restart=on-failure
+RestartSec=42s
+
+[Install]
+WantedBy=multi-user.target
diff --git a/cdist/conf/type/__consul_agent/files/consul.sysv-debian b/cdist/conf/type/__consul_agent/files/consul.sysv-debian
new file mode 100644
index 00000000..4f43c000
--- /dev/null
+++ b/cdist/conf/type/__consul_agent/files/consul.sysv-debian
@@ -0,0 +1,94 @@
+#!/bin/sh
+#
+# 2015-2018 Nico Schottelius (nico-cdist at schottelius.org)
+# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+### BEGIN INIT INFO
+# Provides: consul
+# Required-Start: $network $local_fs $remote_fs
+# Required-Stop: $local_fs
+# Should-Start:
+# Should-Stop:
+# Short-Description: consul
+# Description: consul agent
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+### END INIT INFO
+
+if [ -f "/etc/default/consul" ]; then
+ # shellcheck disable=SC1091
+ . /etc/default/consul
+fi
+
+# shellcheck disable=SC1091
+. /lib/lsb/init-functions
+
+NAME=consul
+CONSUL=/usr/local/bin/consul
+CONFIG=/etc/$NAME/conf.d
+PID_FILE=/var/run/$NAME/pidfile
+
+mkdir -p /var/run/$NAME
+chown consul:consul /var/run/$NAME
+chmod 2770 /var/run/$NAME
+
+export PATH="${PATH:+$PATH:}/usr/sbin:/sbin"
+
+case "$1" in
+ start)
+ log_daemon_msg "Starting consul agent" "consul" || true
+ if start-stop-daemon --start --quiet --oknodo \
+ --pidfile "$PID_FILE" --background \
+ --exec $CONSUL -- agent -pid-file="$PID_FILE" -config-dir "$CONFIG"; then
+ log_end_msg 0 || true
+ else
+ log_end_msg 1 || true
+ fi
+ ;;
+
+ stop)
+ log_daemon_msg "Stopping consul agent" "consul" || true
+ if start-stop-daemon --stop --quiet --oknodo --pidfile $PID_FILE; then
+ log_end_msg 0 || true
+ else
+ log_end_msg 1 || true
+ fi
+ ;;
+
+ reload)
+ log_daemon_msg "Reloading consul agent" "consul" || true
+ if start-stop-daemon --stop --signal HUP --quiet --oknodo --pidfile $PID_FILE --exec $CONSUL; then
+ log_end_msg 0 || true
+ else
+ log_end_msg 1 || true
+ fi
+ ;;
+
+ restart)
+ $0 stop && $0 start
+ ;;
+
+ status)
+ status_of_proc -p $PID_FILE $CONSUL consul && exit 0 || exit $?
+ ;;
+
+ *)
+ log_action_msg "Usage: /etc/init.d/consul {start|stop|reload|restart|status}"
+ exit 1
+ ;;
+esac
diff --git a/cdist/conf/type/__consul_agent/files/consul.sysv-redhat b/cdist/conf/type/__consul_agent/files/consul.sysv-redhat
new file mode 100644
index 00000000..58fc9bd9
--- /dev/null
+++ b/cdist/conf/type/__consul_agent/files/consul.sysv-redhat
@@ -0,0 +1,98 @@
+#!/bin/bash
+#
+# /etc/rc.d/init.d/consul
+#
+# Daemonize the consul agent.
+#
+# chkconfig: 2345 95 95
+# description: Service discovery and configuration made easy. \
+# Distributed, highly available, and datacenter-aware.
+# processname: consul
+# pidfile: /var/run/consul/pidfile
+
+# Source function library.
+
+# shellcheck disable=SC1091
+. /etc/init.d/functions
+NAME=consul
+CONSUL=/usr/local/bin/consul
+CONFIG="/etc/$NAME/conf.d"
+PID_FILE="/var/run/$NAME/pidfile"
+LOG_FILE="/var/log/$NAME"
+
+# shellcheck disable=SC1090
+[ -e "/etc/sysconfig/$NAME" ] && . "/etc/sysconfig/$NAME"
+export GOMAXPROCS="${GOMAXPROCS:-2}"
+
+mkdir -p "/var/run/$NAME"
+chown consul:consul "/var/run/$NAME"
+chmod 2770 "/var/run/$NAME"
+
+
+start() {
+ printf "Starting %s: " "$NAME"
+ daemon --user=consul \
+ --pidfile="$PID_FILE" \
+ "$CONSUL" agent -pid-file="$PID_FILE" -config-dir "$CONFIG" >> "$LOG_FILE" &
+ retcode=$?
+ touch "/var/lock/subsys/$NAME"
+ return "$retcode"
+}
+
+stop() {
+ printf "Shutting down %s: " "$NAME"
+ killproc -p "$PID_FILE" "$NAME"
+ retcode=$?
+ rm -f "/var/lock/subsys/$NAME"
+ return "$retcode"
+}
+
+case "$1" in
+ start)
+ if status -p "$PID_FILE" "$NAME" >/dev/null; then
+ echo "$NAME already running"
+ else
+ start
+ fi
+ ;;
+ stop)
+ if status -p "$PID_FILE" "$NAME" >/dev/null; then
+ stop
+ else
+ echo "$NAME not running"
+ fi
+ ;;
+ info)
+ "$CONSUL" info
+ ;;
+ status)
+ status -p "$PID_FILE" "$NAME"
+ exit $?
+ ;;
+ restart)
+ if status -p "$PID_FILE" "$NAME" >/dev/null; then
+ stop
+ fi
+ start
+ ;;
+ reload)
+ if status -p "$PID_FILE" "$NAME" >/dev/null; then
+ kill -HUP "$(cat "$PID_FILE")"
+ else
+ echo "$NAME not running"
+ fi
+ ;;
+ condrestart)
+ if [ -f "/var/lock/subsys/$NAME" ]; then
+ if status -p "$PID_FILE" "$NAME" >/dev/null; then
+ stop
+ fi
+ start
+ fi
+ ;;
+ *)
+ echo "Usage: $NAME {start|stop|status|reload|restart|condrestart|info}"
+ exit 1
+ ;;
+esac
+exit $?
diff --git a/cdist/conf/type/__consul_agent/files/consul.upstart b/cdist/conf/type/__consul_agent/files/consul.upstart
new file mode 100644
index 00000000..ed0c7b8e
--- /dev/null
+++ b/cdist/conf/type/__consul_agent/files/consul.upstart
@@ -0,0 +1,13 @@
+description "Consul Agent"
+start on (local-filesystems and net-device-up IFACE!=lo)
+stop on runlevel [06]
+
+setuid consul
+setgid consul
+
+respawn
+respawn limit 10 10
+kill timeout 10
+
+exec /usr/local/bin/consul agent -config-dir /etc/consul/conf.d
+
diff --git a/cdist/conf/type/__consul_agent/gencode-remote b/cdist/conf/type/__consul_agent/gencode-remote
new file mode 100755
index 00000000..997aa831
--- /dev/null
+++ b/cdist/conf/type/__consul_agent/gencode-remote
@@ -0,0 +1,31 @@
+#!/bin/sh -e
+#
+# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+service="consul"
+state="$(cat "$__object/parameter/state")"
+
+case "$state" in
+ present)
+ :
+ ;;
+ absent)
+ echo "service $service stop || true"
+ ;;
+esac
diff --git a/cdist/conf/type/__consul_agent/man.rst b/cdist/conf/type/__consul_agent/man.rst
new file mode 100644
index 00000000..966abc60
--- /dev/null
+++ b/cdist/conf/type/__consul_agent/man.rst
@@ -0,0 +1,181 @@
+cdist-type__consul_agent(7)
+===========================
+
+NAME
+----
+cdist-type__consul_agent - Manage the consul agent
+
+
+DESCRIPTION
+-----------
+Configure and manage the consul agent.
+
+
+REQUIRED PARAMETERS
+-------------------
+None.
+
+
+OPTIONAL PARAMETERS
+-------------------
+acl-datacenter
+ only used by servers. This designates the datacenter which is authoritative
+ for ACL information.
+
+acl-default-policy
+ either "allow" or "deny"; defaults to "allow". The default policy controls the
+ behavior of a token when there is no matching rule.
+
+acl-down-policy
+ either "allow", "deny" or "extend-cache"; "extend-cache" is the default.
+
+acl-master-token
+ only used for servers in the acl_datacenter. This token will be created with
+ management-level permissions if it does not exist. It allows operators to
+ bootstrap the ACL system with a token ID that is well-known.
+
+acl-token
+ when provided, the agent will use this token when making requests to the
+ Consul servers.
+
+acl-ttl
+ used to control Time-To-Live caching of ACLs.
+
+bind-addr
+ sets the bind address for cluster communication
+
+bootstrap-expect
+ sets server to expect bootstrap mode
+
+ca-file-source
+ path to a PEM encoded certificate authority file which will be uploaded and
+ configure using the ca_file config option.
+
+cert-file-source
+ path to a PEM encoded certificate file which will be uploaded and
+ configure using the cert_file config option.
+
+client-addr
+ sets the address to bind for client access
+
+datacenter
+ datacenter of the agent
+
+encrypt
+ provides the gossip encryption key
+
+group
+ the primary group for the agent
+
+json-config
+ path to a partial json config file without leading { and trailing }.
+ If json-config is '-' (dash), take what was written to stdin as the file content.
+
+key-file-source
+ path to a PEM encoded private key file which will be uploaded and
+ configure using the key_file config option.
+
+node-name
+ name of this node. Must be unique in the cluster
+
+retry-join
+ address to attempt joining every retry_interval until at least one join works.
+ Can be specified multiple times.
+
+user
+ the user to run the agent as
+
+state
+ if the agent is 'present' or 'absent'. Defaults to 'present'.
+ Currently state=absent is not working due to some dependency issues.
+
+
+BOOLEAN PARAMETERS
+------------------
+disable-remote-exec
+ disables support for remote execution. When set to true, the agent will ignore any incoming remote exec requests.
+
+disable-update-check
+ disables automatic checking for security bulletins and new version releases
+
+leave-on-terminate
+ gracefully leave cluster on SIGTERM
+
+rejoin-after-leave
+ rejoin the cluster using the previous state after leaving
+
+server
+ used to control if an agent is in server or client mode
+
+enable-syslog
+ enables logging to syslog
+
+verify-incoming
+ enforce the use of TLS and verify a client's authenticity on incoming connections
+
+verify-outgoing
+ enforce the use of TLS and verify the peers authenticity on outgoing connections
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # configure as server, bootstrap and rejoin
+ hostname="$(cat "$__global/explorer/hostname")"
+ __consul_agent \
+ --datacenter dc1 \
+ --node-name "${hostname%%.*}" \
+ --disable-update-check \
+ --server \
+ --rejoin-after-leave \
+ --bootstrap-expect 3 \
+ --retry-join consul-01 \
+ --retry-join consul-02 \
+ --retry-join consul-03
+
+ # configure as server, bootstrap and rejoin with ssl support
+ hostname="$(cat "$__global/explorer/hostname")"
+ __consul_agent \
+ --datacenter dc1 \
+ --node-name "${hostname%%.*}" \
+ --disable-update-check \
+ --server \
+ --rejoin-after-leave \
+ --bootstrap-expect 3 \
+ --retry-join consul-01 \
+ --retry-join consul-02 \
+ --retry-join consul-03 \
+ --ca-file-source /path/to/ca.pem \
+ --cert-file-source /path/to/cert.pem \
+ --key-file-source /path/to/key.pem \
+ --verify-incoming \
+ --verify-outgoing
+
+ # configure as client and try joining existing cluster
+ __consul_agent \
+ --datacenter dc1 \
+ --node-name "${hostname%%.*}" \
+ --disable-update-check \
+ --retry-join consul-01 \
+ --retry-join consul-02 \
+ --retry-join consul-03
+
+
+SEE ALSO
+--------
+consul documentation at: .
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2015 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__consul_agent/manifest b/cdist/conf/type/__consul_agent/manifest
new file mode 100755
index 00000000..a88d26ed
--- /dev/null
+++ b/cdist/conf/type/__consul_agent/manifest
@@ -0,0 +1,225 @@
+#!/bin/sh -e
+#
+# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
+# 2015-2019 Nico Schottelius (nico-cdist at schottelius.org)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+
+os=$(cat "$__global/explorer/os")
+
+case "$os" in
+ alpine|scientific|centos|debian|devuan|redhat|ubuntu)
+ # whitelist safeguard
+ :
+ ;;
+ *)
+ echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2
+ echo "Please contribute an implementation for it if you can." >&2
+ exit 1
+ ;;
+esac
+
+state="$(cat "$__object/parameter/state")"
+user="$(cat "$__object/parameter/user")"
+group="$(cat "$__object/parameter/group")"
+data_dir="/var/lib/consul"
+conf_dir="/etc/consul/conf.d"
+conf_file="config.json"
+
+# FIXME: there has got to be a better way to handle the dependencies in this case
+case "$state" in
+ present)
+ __group "$group" --system --state "$state"
+ require="__group/$group" \
+ __user "$user" --system --gid "$group" \
+ --home "$data_dir" --state "$state"
+ export require="__user/consul"
+ ;;
+ absent)
+ echo "Sorry, state=absent currently not supported :-(" >&2
+ exit 1
+ require="$__object_name" \
+ __user "$user" --system --gid "$group" --state "$state"
+ require="__user/$user" \
+ __group "$group" --system --state "$state"
+ ;;
+esac
+
+__directory /etc/consul \
+ --owner root --group "$group" --mode 750 --state "$state"
+require="__directory/etc/consul" \
+ __directory "$conf_dir" \
+ --owner root --group "$group" --mode 750 --state "$state"
+
+if [ -f "$__object/parameter/ca-file-source" ] || [ -f "$__object/parameter/cert-file-source" ] || [ -f "$__object/parameter/key-file-source" ]; then
+ # create directory for ssl certs
+ require="__directory/etc/consul" \
+ __directory /etc/consul/ssl \
+ --owner root --group "$group" --mode 750 --state "$state"
+fi
+
+__directory "$data_dir" \
+ --owner "$user" --group "$group" --mode 770 --state "$state"
+
+
+# Generate json config file
+(
+echo "{"
+
+# parameters we define ourself
+printf ' "data_dir": "%s"\n' "$data_dir"
+
+cd "$__object/parameter/"
+for param in *; do
+ case "$param" in
+ state|user|group|json-config) continue ;;
+ ca-file-source|cert-file-source|key-file-source)
+ source="$(cat "$__object/parameter/$param")"
+ destination="/etc/consul/ssl/${source##*/}"
+ require="__directory/etc/consul/ssl" \
+ __file "$destination" \
+ --owner root --group consul --mode 640 \
+ --source "$source" \
+ --state "$state"
+ key="$(echo "${param%-*}" | tr '-' '_')"
+ printf ' ,"%s": "%s"\n' "$key" "$destination"
+ ;;
+ disable-remote-exec|disable-update-check|leave-on-terminate|rejoin-after-leave|server|enable-syslog|verify-incoming|verify-outgoing)
+ # handle boolean parameters
+ key="$(echo "$param" | tr '-' '_')"
+ printf ' ,"%s": true\n' "$key"
+ ;;
+ retry-join)
+ # join multiple parameters into json array
+ retry_join="$(awk '{printf "\""$1"\","}' "$__object/parameter/retry-join")"
+ # remove trailing ,
+ printf ' ,"retry_join": [%s]\n' "${retry_join%*,}"
+ ;;
+ retry-join-wan)
+ # join multiple parameters into json array over wan
+ retry_join_wan="$(awk '{printf "\""$1"\","}' "$__object/parameter/retry-join-wan")"
+ # remove trailing ,
+ printf ' ,"retry_join_wan": [%s]\n' "${retry_join_wan%*,}"
+ ;;
+ bootstrap-expect)
+ # integer key=value parameters
+ key="$(echo "$param" | tr '-' '_')"
+ printf ' ,"%s": %s\n' "$key" "$(cat "$__object/parameter/$param")"
+ ;;
+ *)
+ # string key=value parameters
+ key="$(echo "$param" | tr '-' '_')"
+ printf ' ,"%s": "%s"\n' "$key" "$(cat "$__object/parameter/$param")"
+ ;;
+ esac
+done
+if [ -f "$__object/parameter/json-config" ]; then
+ json_config="$(cat "$__object/parameter/json-config")"
+ if [ "$json_config" = "-" ]; then
+ json_config="$__object/stdin"
+ fi
+ # remove leading and trailing whitespace and commas from first and last line
+ # indent each line with 3 spaces for consistency
+ json=$(sed -e 's/^[ \t]*/ /' -e '1s/^[ \t,]*//' -e '$s/[ \t,]*$//' "$json_config")
+ printf ' ,%s\n' "$json"
+fi
+echo "}"
+) | \
+require="__directory${conf_dir}" \
+ __config_file "${conf_dir}/${conf_file}" \
+ --owner root --group "$group" --mode 640 \
+ --state "$state" \
+ --onchange 'service consul status >/dev/null && service consul reload || true' \
+ --source -
+
+init_sysvinit()
+{
+ __file /etc/init.d/consul \
+ --owner root --group root --mode 0755 \
+ --state "$state" \
+ --source "$__type/files/consul.sysv-$1"
+ require="__file/etc/init.d/consul" __start_on_boot consul
+}
+
+init_systemd()
+{
+ __file /lib/systemd/system/consul.service \
+ --owner root --group root --mode 0644 \
+ --state "$state" \
+ --source "$__type/files/consul.systemd"
+ require="__file/lib/systemd/system/consul.service" __start_on_boot consul
+}
+
+init_upstart()
+{
+ __file /etc/init/consul-prepare.conf \
+ --owner root --group root --mode 0644 \
+ --state "$state" \
+ --source "$__type/files/consul-prepare.upstart"
+ require="__file/etc/init/consul-prepare.conf" \
+ __file /etc/init/consul.conf \
+ --owner root --group root --mode 0644 \
+ --state "$state" \
+ --source "$__type/files/consul.upstart"
+ require="__file/etc/init/consul.conf" __start_on_boot consul
+}
+
+# Install init script to start on boot
+case "$os" in
+ alpine|devuan)
+ init_sysvinit debian
+ ;;
+ centos|redhat)
+ os_version="$(sed 's/[^0-9.]//g' "$__global/explorer/os_version")"
+ major_version="${os_version%%.*}"
+ case "$major_version" in
+ [456])
+ init_sysvinit redhat
+ ;;
+ 7)
+ init_systemd
+ ;;
+ *)
+ echo "Unsupported CentOS/Redhat version: $os_version" >&2
+ exit 1
+ ;;
+ esac
+ ;;
+
+ debian)
+ os_version=$(cat "$__global/explorer/os_version")
+ major_version="${os_version%%.*}"
+
+ case "$major_version" in
+ [567])
+ init_sysvinit debian
+ ;;
+ [89])
+ init_systemd
+ ;;
+ *)
+ echo "Unsupported Debian version $os_version" >&2
+ exit 1
+ ;;
+ esac
+ ;;
+
+ ubuntu)
+ init_upstart
+ ;;
+esac
diff --git a/cdist/conf/type/__consul_agent/parameter/boolean b/cdist/conf/type/__consul_agent/parameter/boolean
new file mode 100644
index 00000000..91f7f17e
--- /dev/null
+++ b/cdist/conf/type/__consul_agent/parameter/boolean
@@ -0,0 +1,8 @@
+disable-remote-exec
+disable-update-check
+leave-on-terminate
+rejoin-after-leave
+server
+enable-syslog
+verify-incoming
+verify-outgoing
diff --git a/cdist/conf/type/__consul_agent/parameter/default/group b/cdist/conf/type/__consul_agent/parameter/default/group
new file mode 100644
index 00000000..7d22c92b
--- /dev/null
+++ b/cdist/conf/type/__consul_agent/parameter/default/group
@@ -0,0 +1 @@
+consul
diff --git a/cdist/conf/type/__consul_agent/parameter/default/state b/cdist/conf/type/__consul_agent/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__consul_agent/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__consul_agent/parameter/default/user b/cdist/conf/type/__consul_agent/parameter/default/user
new file mode 100644
index 00000000..7d22c92b
--- /dev/null
+++ b/cdist/conf/type/__consul_agent/parameter/default/user
@@ -0,0 +1 @@
+consul
diff --git a/cdist/conf/type/__consul_agent/parameter/optional b/cdist/conf/type/__consul_agent/parameter/optional
new file mode 100644
index 00000000..37aad8c1
--- /dev/null
+++ b/cdist/conf/type/__consul_agent/parameter/optional
@@ -0,0 +1,20 @@
+acl-datacenter
+acl-default-policy
+acl-down-policy
+acl-master-token
+acl-token
+acl-ttl
+bind-addr
+bootstrap-expect
+ca-file-source
+cert-file-source
+client-addr
+datacenter
+encrypt
+group
+json-config
+key-file-source
+node-name
+user
+state
+advertise-wan
diff --git a/cdist/conf/type/__consul_agent/parameter/optional_multiple b/cdist/conf/type/__consul_agent/parameter/optional_multiple
new file mode 100644
index 00000000..740e4d7f
--- /dev/null
+++ b/cdist/conf/type/__consul_agent/parameter/optional_multiple
@@ -0,0 +1,2 @@
+retry-join
+retry-join-wan
diff --git a/cdist/test/autorequire/fixtures/conf/type/__user/.keep b/cdist/conf/type/__consul_agent/singleton
similarity index 100%
rename from cdist/test/autorequire/fixtures/conf/type/__user/.keep
rename to cdist/conf/type/__consul_agent/singleton
diff --git a/cdist/conf/type/__consul_check/man.rst b/cdist/conf/type/__consul_check/man.rst
new file mode 100644
index 00000000..9694c7af
--- /dev/null
+++ b/cdist/conf/type/__consul_check/man.rst
@@ -0,0 +1,102 @@
+cdist-type__consul_check(7)
+=============================
+
+NAME
+----
+cdist-type__consul_check - Manages consul checks
+
+
+DESCRIPTION
+-----------
+Generate and deploy check definitions for a consul agent.
+See http://www.consul.io/docs/agent/checks.html for parameter documentation.
+
+Use either script together with interval, or use ttl.
+
+
+REQUIRED PARAMETERS
+-------------------
+None.
+
+
+OPTIONAL PARAMETERS
+-------------------
+docker-container-id
+ the id of the docker container to run
+
+http
+ the url to check
+
+id
+ The id of this check.
+
+interval
+ the interval in which the check should run
+
+name
+ The name of this check. Defaults to __object_id
+
+notes
+ human readable description
+
+script
+ the shell command to run
+
+service-id
+ the id of the service this check is bound to
+
+shell
+ the shell to run inside the docker container
+
+state
+ if this check is 'present' or 'absent'. Defaults to 'present'.
+
+status
+ specify the initial state of this health check
+
+tcp
+ the host and port to check
+
+timeout
+ after how long to timeout checks which take to long
+
+token
+ ACL token to use for interacting with the catalog
+
+ttl
+ how long a TTL check is considered healthy without being updated through the
+ HTTP interface
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __consul_check redis \
+ --script /usr/local/bin/check_redis.py \
+ --interval 10s
+
+ __consul_check some-object-id \
+ --id web-app \
+ --name "Web App Status" \
+ --notes "Web app does a curl internally every 10 seconds" \
+ --ttl 30s
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__consul_agent`\ (7)
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2015-2016 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__consul_check/manifest b/cdist/conf/type/__consul_check/manifest
new file mode 100755
index 00000000..c9f7add9
--- /dev/null
+++ b/cdist/conf/type/__consul_check/manifest
@@ -0,0 +1,73 @@
+#!/bin/sh -e
+#
+# 2015-2016 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+name="$(cat "$__object/parameter/name" 2>/dev/null || echo "$__object_id")"
+conf_dir="/etc/consul/conf.d"
+conf_file="check_${name}.json"
+state="$(cat "$__object/parameter/state")"
+
+# Sanity checks
+if [ -f "$__object/parameter/ttl" ]; then
+ for conflicts_ttl in 'docker-container-id' 'http' 'script' 'tcp' 'timeout'; do
+ if [ -f "$__object/parameter/${conflicts_ttl}" ]; then
+ echo "Can not use --ttl together with --${conflicts_ttl}." >&2
+ exit 1
+ fi
+ done
+fi
+if [ ! -f "$__object/parameter/interval" ]; then
+ for requires_interval in 'docker-id' 'http' 'script' 'tcp'; do
+ if [ -f "$__object/parameter/${requires_interval}" ]; then
+ echo "When using --${requires_interval} you must also define --interval." >&2
+ exit 1
+ fi
+ done
+fi
+if [ -f "$__object/parameter/docker-container-id" ] && [ ! -f "$__object/parameter/script" ]; then
+ echo "When using --docker-container-id you must also define --script." >&2
+ exit 1
+fi
+
+# Generate json config file
+(
+echo "{"
+printf ' "check": {\n'
+printf ' "name": "%s"\n' "$name"
+cd "$__object/parameter/"
+for param in *; do
+ case "$param" in
+ state|name) continue ;;
+ *)
+ key="$(echo "$param" | tr '-' '_')"
+ printf ' ,"%s": "%s"\n' "$key" "$(cat "$__object/parameter/$param")"
+ ;;
+ esac
+done
+# end check
+echo " }"
+# end json file
+echo "}"
+) | \
+require="__directory${conf_dir}" \
+ __config_file "${conf_dir}/${conf_file}" \
+ --owner root --group consul --mode 640 \
+ --state "$state" \
+ --onchange 'service consul status >/dev/null && service consul reload || true' \
+ --source -
diff --git a/cdist/conf/type/__consul_check/parameter/default/state b/cdist/conf/type/__consul_check/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__consul_check/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__consul_check/parameter/optional b/cdist/conf/type/__consul_check/parameter/optional
new file mode 100644
index 00000000..0e392956
--- /dev/null
+++ b/cdist/conf/type/__consul_check/parameter/optional
@@ -0,0 +1,15 @@
+docker-container-id
+http
+id
+interval
+name
+notes
+script
+service-id
+shell
+state
+status
+tcp
+timeout
+token
+ttl
diff --git a/cdist/conf/type/__consul_reload/gencode-remote b/cdist/conf/type/__consul_reload/gencode-remote
new file mode 100755
index 00000000..839fd0c3
--- /dev/null
+++ b/cdist/conf/type/__consul_reload/gencode-remote
@@ -0,0 +1,24 @@
+#!/bin/sh -e
+#
+# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+service="consul"
+if grep -q "^__file/etc/consul/conf.d/" "$__messages_in"; then
+ echo "service $service status && service $service reload || true"
+fi
diff --git a/cdist/conf/type/__consul_reload/man.rst b/cdist/conf/type/__consul_reload/man.rst
new file mode 100644
index 00000000..f48a041a
--- /dev/null
+++ b/cdist/conf/type/__consul_reload/man.rst
@@ -0,0 +1,42 @@
+cdist-type__consul_reload(7)
+============================
+
+NAME
+----
+cdist-type__consul_reload - Reload consul
+
+
+DESCRIPTION
+-----------
+Reload consul after configuration changes.
+
+
+REQUIRED PARAMETERS
+-------------------
+None.
+
+
+OPTIONAL PARAMETERS
+-------------------
+None.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __consul_reload
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2015 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/test/object/fixtures/object/__first/.keep b/cdist/conf/type/__consul_reload/singleton
similarity index 100%
rename from cdist/test/object/fixtures/object/__first/.keep
rename to cdist/conf/type/__consul_reload/singleton
diff --git a/cdist/conf/type/__consul_service/man.rst b/cdist/conf/type/__consul_service/man.rst
new file mode 100644
index 00000000..510be3d5
--- /dev/null
+++ b/cdist/conf/type/__consul_service/man.rst
@@ -0,0 +1,85 @@
+cdist-type__consul_service(7)
+=============================
+
+NAME
+----
+cdist-type__consul_service - Manages consul services
+
+
+DESCRIPTION
+-----------
+Generate and deploy service definitions for a consul agent.
+See http://www.consul.io/docs/agent/services.html for parameter documentation.
+
+Use either script together with interval, or use ttl.
+
+
+REQUIRED PARAMETERS
+-------------------
+None.
+
+
+OPTIONAL PARAMETERS
+-------------------
+check-interval
+ the interval in which the script given with --check-script should be run
+
+check-http
+ the URL to check for HTTP 200-ish status every --check-interval
+
+check-script
+ the shell command to run every --check-interval
+
+check-ttl
+ how long a service is considered healthy without being updated through the
+ HTTP interfave
+
+id
+ Defaults to --name
+
+name
+ The name of this service. Defaults to __object_id
+
+port
+ the port at which this service can be reached
+
+state
+ if this service is 'present' or 'absent'. Defaults to 'present'.
+
+tag
+ a tag to add to this service. Can be specified multiple times.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __consul_service redis \
+ --tag master \
+ --tag production \
+ --port 8000 \
+ --check-script /usr/local/bin/check_redis.py \
+ --check-interval 10s
+
+ __consul_service webapp \
+ --port 80 \
+ --check-ttl 10s
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__consul_agent`\ (7)
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2015 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__consul_service/manifest b/cdist/conf/type/__consul_service/manifest
new file mode 100755
index 00000000..60397db7
--- /dev/null
+++ b/cdist/conf/type/__consul_service/manifest
@@ -0,0 +1,94 @@
+#!/bin/sh -e
+#
+# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+name="$(cat "$__object/parameter/name" 2>/dev/null || echo "$__object_id")"
+conf_dir="/etc/consul/conf.d"
+conf_file="service_${name}.json"
+state="$(cat "$__object/parameter/state")"
+
+# Sanity checks
+if [ -f "$__object/parameter/check-script" ] && [ -f "$__object/parameter/check-ttl" ]; then
+ echo "Use either --check-script together with --check-interval OR --check-ttl, but not both" >&2
+ exit 1
+fi
+if [ -f "$__object/parameter/check-script" ] && [ ! -f "$__object/parameter/check-interval" ]; then
+ echo "When using --check-script you must also define --check-interval" >&2
+ exit 1
+fi
+if [ -f "$__object/parameter/check-http" ] && [ ! -f "$__object/parameter/check-interval" ]; then
+ echo "When using --check-http you must also define --check-interval" >&2
+ exit 1
+fi
+
+# Generate json config file
+(
+echo "{"
+printf ' "service": {\n'
+printf ' "name": "%s"\n' "$name"
+cd "$__object/parameter/"
+for param in *; do
+ case "$param" in
+ state|name|check-interval) continue ;;
+ check-script)
+ printf ' ,"check": {\n'
+ printf ' "script": "%s"\n' "$(cat "$__object/parameter/check-script")"
+ printf ' ,"interval": "%s"\n' "$(cat "$__object/parameter/check-interval")"
+ printf ' }\n'
+ ;;
+ check-ttl)
+ printf ' ,"check": {\n'
+ printf ' "ttl": "%s"\n' "$(cat "$__object/parameter/check-ttl")"
+ printf ' }\n'
+ ;;
+ check-http)
+ printf ' ,"check": {\n'
+ printf ' "http": "%s"\n' "$(cat "$__object/parameter/check-http")"
+ printf ' ,"interval": "%s"\n' "$(cat "$__object/parameter/check-interval")"
+ printf ' }\n'
+ ;;
+ tag)
+ # create json array from newline delimited file
+ tags="$(awk '{printf "\""$1"\","}' "$__object/parameter/tag")"
+ # remove trailing ,
+ printf ' ,"tags": [%s]\n' "${tags%*,}"
+ ;;
+ port)
+ # integer key=value parameters
+ key="$(echo "$param" | tr '-' '_')"
+ printf ' ,"%s": %s\n' "$key" "$(cat "$__object/parameter/$param")"
+ ;;
+ *)
+ # string key=value parameters
+ key="$(echo "$param" | tr '-' '_')"
+ printf ' ,"%s": "%s"\n' "$key" "$(cat "$__object/parameter/$param")"
+ ;;
+ esac
+done
+# end service
+echo " }"
+# end json file
+echo "}"
+) | \
+require="__directory${conf_dir}" \
+ __config_file "${conf_dir}/${conf_file}" \
+ --owner root --group consul --mode 640 \
+ --state "$state" \
+ --onchange 'service consul status >/dev/null && service consul reload || true' \
+ --source -
diff --git a/cdist/conf/type/__consul_service/parameter/default/state b/cdist/conf/type/__consul_service/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__consul_service/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__consul_service/parameter/optional b/cdist/conf/type/__consul_service/parameter/optional
new file mode 100644
index 00000000..2e3e8b63
--- /dev/null
+++ b/cdist/conf/type/__consul_service/parameter/optional
@@ -0,0 +1,8 @@
+check-http
+check-interval
+check-script
+check-ttl
+id
+name
+port
+state
diff --git a/cdist/conf/type/__consul_service/parameter/optional_multiple b/cdist/conf/type/__consul_service/parameter/optional_multiple
new file mode 100644
index 00000000..42c7c82c
--- /dev/null
+++ b/cdist/conf/type/__consul_service/parameter/optional_multiple
@@ -0,0 +1 @@
+tag
diff --git a/cdist/conf/type/__consul_template/files/consul-template.systemd b/cdist/conf/type/__consul_template/files/consul-template.systemd
new file mode 100644
index 00000000..c67eaab5
--- /dev/null
+++ b/cdist/conf/type/__consul_template/files/consul-template.systemd
@@ -0,0 +1,19 @@
+[Unit]
+Description=Consul-Template Daemon
+Wants=basic.target
+After=basic.target network.target
+
+[Service]
+User=root
+Group=root
+Environment="CONSUL_TEMPLATE_LOG=info"
+Environment="GOMAXPROCS=2"
+ExecStart=/usr/local/bin/consul-template -config /etc/consul-template/conf.d
+ExecReload=/bin/kill -HUP $MAINPID
+KillMode=process
+Restart=on-failure
+RestartSec=10s
+LimitNOFILE=4096
+
+[Install]
+WantedBy=multi-user.target
diff --git a/cdist/conf/type/__consul_template/files/consul-template.sysv b/cdist/conf/type/__consul_template/files/consul-template.sysv
new file mode 100644
index 00000000..b263915a
--- /dev/null
+++ b/cdist/conf/type/__consul_template/files/consul-template.sysv
@@ -0,0 +1,92 @@
+#!/bin/bash
+#
+# /etc/rc.d/init.d/consul-template
+#
+# Daemonize the consul-template agent.
+#
+# chkconfig: 2345 95 95
+# description: Generic template rendering and notifications with Consul
+# processname: consul-template
+# pidfile: /var/run/consul-template/pidfile
+
+# Source function library.
+
+# shellcheck disable=SC1091
+. /etc/init.d/functions
+NAME=consul-template
+CONSUL_TEMPLATE=/usr/local/bin/consul-template
+CONFIG="/etc/$NAME/conf.d"
+PID_FILE="/var/run/$NAME/pidfile"
+LOG_FILE="/var/log/$NAME"
+
+# shellcheck disable=SC1090
+[ -e "/etc/sysconfig/$NAME" ] && . "/etc/sysconfig/$NAME"
+export CONSUL_TEMPLATE_LOG="${CONSUL_TEMPLATE_LOG:-info}"
+export GOMAXPROCS="${GOMAXPROCS:-2}"
+
+mkdir -p "/var/run/$NAME"
+
+start() {
+ printf "Starting %s: " "$NAME"
+ daemon --pidfile="$PID_FILE" \
+ "$CONSUL_TEMPLATE" -config "$CONFIG" >> "$LOG_FILE" 2>&1 &
+ echo "$!" > "$PID_FILE"
+ retcode=$?
+ touch "/var/lock/subsys/$NAME"
+ return "$retcode"
+}
+
+stop() {
+ printf "Shutting down %s: " "$NAME"
+ killproc -p "$PID_FILE" "$CONSUL_TEMPLATE"
+ retcode=$?
+ rm -f "/var/lock/subsys/$NAME"
+ return "$retcode"
+}
+
+case "$1" in
+ start)
+ if status -p "$PID_FILE" "$NAME" >/dev/null; then
+ echo "$NAME already running"
+ else
+ start
+ fi
+ ;;
+ stop)
+ if status -p "$PID_FILE" "$NAME" >/dev/null; then
+ stop
+ else
+ echo "$NAME not running"
+ fi
+ ;;
+ status)
+ status -p "$PID_FILE" "$NAME"
+ exit $?
+ ;;
+ restart)
+ if status -p "$PID_FILE" "$NAME" >/dev/null; then
+ stop
+ fi
+ start
+ ;;
+ reload)
+ if status -p "$PID_FILE" "$NAME" >/dev/null; then
+ kill -HUP "$(cat "$PID_FILE")"
+ else
+ echo "$NAME not running"
+ fi
+ ;;
+ condrestart)
+ if [ -f "/var/lock/subsys/$NAME" ]; then
+ if status -p "$PID_FILE" "$NAME" >/dev/null; then
+ stop
+ fi
+ start
+ fi
+ ;;
+ *)
+ echo "Usage: $NAME {start|stop|status|reload|restart}"
+ exit 1
+ ;;
+esac
+exit $?
diff --git a/cdist/conf/type/__consul_template/files/consul-template.upstart b/cdist/conf/type/__consul_template/files/consul-template.upstart
new file mode 100644
index 00000000..b81a2818
--- /dev/null
+++ b/cdist/conf/type/__consul_template/files/consul-template.upstart
@@ -0,0 +1,12 @@
+description "Consul-Template Daemon"
+start on (local-filesystems and net-device-up IFACE!=lo)
+stop on runlevel [06]
+
+env CONSUL_TEMPLATE_LOG=info
+env GOMAXPROCS=${GOMAXPROCS}
+
+exec /usr/local/bin/consul-template -config /etc/consul-template/conf.d >> /var/log/consul-template 2>&1
+
+respawn
+respawn limit 10 10
+kill timeout 10
diff --git a/cdist/conf/type/__consul_template/files/versions/0.10.0/cksum b/cdist/conf/type/__consul_template/files/versions/0.10.0/cksum
new file mode 100644
index 00000000..bbf394db
--- /dev/null
+++ b/cdist/conf/type/__consul_template/files/versions/0.10.0/cksum
@@ -0,0 +1 @@
+3401777891 9273880 consul-template
diff --git a/cdist/conf/type/__consul_template/files/versions/0.10.0/source b/cdist/conf/type/__consul_template/files/versions/0.10.0/source
new file mode 100644
index 00000000..031b1155
--- /dev/null
+++ b/cdist/conf/type/__consul_template/files/versions/0.10.0/source
@@ -0,0 +1 @@
+https://releases.hashicorp.com/consul-template/0.10.0/consul-template_0.10.0_linux_amd64.zip
diff --git a/cdist/conf/type/__consul_template/files/versions/0.15.0/cksum b/cdist/conf/type/__consul_template/files/versions/0.15.0/cksum
new file mode 100644
index 00000000..426338bd
--- /dev/null
+++ b/cdist/conf/type/__consul_template/files/versions/0.15.0/cksum
@@ -0,0 +1 @@
+2643547924 12487232 consul-template
diff --git a/cdist/conf/type/__consul_template/files/versions/0.15.0/source b/cdist/conf/type/__consul_template/files/versions/0.15.0/source
new file mode 100644
index 00000000..fdf1fccf
--- /dev/null
+++ b/cdist/conf/type/__consul_template/files/versions/0.15.0/source
@@ -0,0 +1 @@
+https://releases.hashicorp.com/consul-template/0.15.0/consul-template_0.15.0_linux_amd64.zip
diff --git a/cdist/conf/type/__consul_template/man.rst b/cdist/conf/type/__consul_template/man.rst
new file mode 100644
index 00000000..f13c699d
--- /dev/null
+++ b/cdist/conf/type/__consul_template/man.rst
@@ -0,0 +1,141 @@
+cdist-type__consul_template(7)
+==============================
+
+NAME
+----
+cdist-type__consul_template - Manage the consul-template service
+
+
+DESCRIPTION
+-----------
+Downloads and installs the consul-template binary from
+https://github.com/hashicorp/consul-template/releases/download/.
+Generates a global config file and creates directory for per template config files.
+Note that the consul-template binary is downloaded on the server (the machine running
+cdist) and then deployed to the target host using the __file type.
+
+
+REQUIRED PARAMETERS
+-------------------
+None.
+
+
+OPTIONAL PARAMETERS
+-------------------
+auth-username
+ specify a username for basic authentication.
+
+auth-password
+ specify a password for basic authentication.
+
+batch-size
+ the size of the batch when polling multiple dependencies.
+
+consul
+ the location of the Consul instance to query (may be an IP address or FQDN) with port.
+ Defaults to 'localhost:8500'.
+
+log-level
+ The log level for output. This applies to the stdout/stderr logging as well
+ as syslog logging (if enabled). Valid values are "debug", "info", "warn",
+ and "err". The default value is "warn".
+
+max-stale
+ the maximum staleness of a query. If specified, Consul will distribute work among all
+ servers instead of just the leader.
+
+retry
+ the amount of time to wait if Consul returns an error when communicating
+ with the API.
+
+state
+ either 'present' or 'absent'. Defaults to 'present'
+
+ssl-cert
+ Path to an SSL client certificate to use to authenticate to the consul server.
+ Useful if the consul server "verify_incoming" option is set.
+
+ssl-ca-cert
+ Path to a CA certificate file, containing one or more CA certificates to
+ use to validate the certificate sent by the consul server to us. This is a
+ handy alternative to setting --ssl-no-verify if you are using your own CA.
+
+syslog-facility
+ The facility to use when sending to syslog. This requires the use of --syslog.
+ The default value is LOCAL0.
+
+token
+ the Consul API token.
+
+vault-address
+ the location of the Vault instance to query (may be an IP address or FQDN) with port.
+
+vault-token
+ the Vault API token.
+
+vault-ssl-cert
+ Path to an SSL client certificate to use to authenticate to the vault server.
+
+vault-ssl-ca-cert
+ Path to a CA certificate file, containing one or more CA certificates to
+ use to validate the certificate sent by the vault server to us.
+
+version
+ which version of consul-template to install. See ./files/versions for a list of
+ supported versions. Defaults to the latest known version.
+
+wait
+ the minimum(:maximum) to wait before rendering a new template to disk and
+ triggering a command, separated by a colon (:). If the optional maximum
+ value is omitted, it is assumed to be 4x the required minimum value.
+
+
+BOOLEAN PARAMETERS
+------------------
+ssl
+ use HTTPS while talking to Consul. Requires the Consul server to be configured to serve secure connections.
+
+ssl-no-verify
+ ignore certificate warnings. Only used if ssl is enabled.
+
+syslog
+ Send log output to syslog (in addition to stdout and stderr).
+
+vault-ssl
+ use HTTPS while talking to Vault. Requires the Vault server to be configured to serve secure connections.
+
+vault-ssl-no-verify
+ ignore certificate warnings. Only used if vault is enabled.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __consul_template \
+ --consul consul.service.consul:8500 \
+ --retry 30s
+
+ # specific version
+ __consul_template \
+ --version 0.6.5 \
+ --retry 30s
+
+
+SEE ALSO
+--------
+consul documentation at: .
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2015 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__consul_template/manifest b/cdist/conf/type/__consul_template/manifest
new file mode 100755
index 00000000..b02fc332
--- /dev/null
+++ b/cdist/conf/type/__consul_template/manifest
@@ -0,0 +1,191 @@
+#!/bin/sh -e
+#
+# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+
+os=$(cat "$__global/explorer/os")
+
+case "$os" in
+ scientific|centos|redhat)
+ # whitelist safeguard
+ service_onchange='service consul-template status >/dev/null && service consul-template reload || true' \
+ ;;
+ archlinux)
+ service_onchange="systemctl status consul-template >/dev/null && systemctl reload consul-template || true"
+ ;;
+ *)
+ echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2
+ echo "Please contribute an implementation for it if you can." >&2
+ exit 1
+ ;;
+esac
+
+versions_dir="$__type/files/versions"
+version="$(cat "$__object/parameter/version")"
+version_dir="$versions_dir/$version"
+
+if [ ! -d "$version_dir" ]; then
+ echo "Unknown consul-template version '$version'. Expected one of:" >&2
+ ls "$versions_dir" >&2
+ exit 1
+fi
+
+state="$(cat "$__object/parameter/state")"
+
+__staged_file /usr/local/bin/consul-template \
+ --source "$(cat "$version_dir/source")" \
+ --cksum "$(cat "$version_dir/cksum")" \
+ --fetch-command 'curl -s -L "%s"' \
+ --prepare-command 'unzip -p "%s"' \
+ --state "$state" \
+ --group root \
+ --owner root \
+ --mode 755
+
+
+conf_dir="/etc/consul-template/conf.d"
+conf_file="config.hcl"
+template_dir="/etc/consul-template/template"
+
+__directory /etc/consul-template \
+ --owner root --group root --mode 750
+require="__directory/etc/consul-template" \
+ __directory "$conf_dir" \
+ --owner root --group root --mode 750
+require="__directory/etc/consul-template" \
+ __directory "$template_dir" \
+ --owner root --group root --mode 750
+
+
+# Generate hcl config file
+(
+cd "$__object/parameter/"
+for param in *; do
+ case "$param" in
+ auth-password|state|ssl-*|syslog-*|version|vault-token|vault-ssl*) continue ;;
+ auth-username)
+ printf 'auth {\n'
+ printf ' enabled = true\n'
+ printf ' username = "%s"\n' "$(cat "$__object/parameter/auth-username")"
+ if [ -f "$__object/parameter/auth-password" ]; then
+ printf ' password = %s\n' "$(cat "$__object/parameter/auth-password")"
+ fi
+ printf '}\n'
+ ;;
+ ssl)
+ printf 'ssl {\n'
+ printf ' enabled = true\n'
+ if [ -f "$__object/parameter/ssl-no-verify" ]; then
+ printf ' verify = false\n'
+ fi
+ if [ -f "$__object/parameter/ssl-cert" ]; then
+ printf ' cert = "%s"\n' "$(cat "$__object/parameter/ssl-cert")"
+ fi
+ if [ -f "$__object/parameter/ssl-ca-cert" ]; then
+ printf ' ca_cert = "%s"\n' "$(cat "$__object/parameter/ssl-ca-cert")"
+ fi
+ printf '}\n'
+ ;;
+ syslog)
+ printf 'syslog {\n'
+ printf ' enabled = true\n'
+ if [ -f "$__object/parameter/syslog-facility" ]; then
+ printf ' facility = "%s"\n' "$(cat "$__object/parameter/syslog-facility")"
+ fi
+ printf '}\n'
+ ;;
+ vault-address)
+ printf 'vault {\n'
+ printf ' address = "%s"\n' "$(cat "$__object/parameter/vault-address")"
+ if [ -f "$__object/parameter/vault-token" ]; then
+ printf ' token = "%s"\n' "$(cat "$__object/parameter/vault-token")"
+ fi
+ if [ -f "$__object/parameter/vault-ssl" ]; then
+ printf ' ssl {\n'
+ printf ' enabled = true\n'
+ if [ -f "$__object/parameter/vault-ssl-no-verify" ]; then
+ printf ' verify = false\n'
+ fi
+ if [ -f "$__object/parameter/vault-ssl-cert" ]; then
+ printf ' cert = "%s"\n' "$(cat "$__object/parameter/vault-ssl-cert")"
+ fi
+ if [ -f "$__object/parameter/vault-ssl-ca-cert" ]; then
+ printf ' ca_cert = "%s"\n' "$(cat "$__object/parameter/vault-ssl-ca-cert")"
+ fi
+ printf ' }\n'
+ fi
+ printf '}\n'
+ ;;
+ *)
+ # string key=value parameters
+ key="$(echo "$param" | tr '-' '_')"
+ printf '%s = "%s"\n' "$key" "$(cat "$__object/parameter/$param")"
+ ;;
+ esac
+done
+) | \
+require="__directory${conf_dir}" \
+ __config_file "${conf_dir}/${conf_file}" \
+ --owner root --group root --mode 640 \
+ --state "$state" \
+ --onchange "$service_onchange" \
+ --source -
+
+
+# Install init script to start on boot
+service="consul-template"
+case "$os" in
+ centos|redhat)
+ os_version="$(sed 's/[^0-9.]//g' "$__global/explorer/os_version")"
+ major_version="${os_version%%.*}"
+ case "$major_version" in
+ 7)
+ __file "/lib/systemd/system/${service}.service" \
+ --owner root --group root --mode 0555 \
+ --state "$state" \
+ --source "$__type/files/${service}.systemd"
+ export require="__file/lib/systemd/system/${service}.service"
+ ;;
+ *)
+ __file "/etc/init.d/${service}" \
+ --owner root --group root --mode 0555 \
+ --state "$state" \
+ --source "$__type/files/${service}.sysv"
+ export require="__file/etc/init.d/${service}"
+ ;;
+ esac
+ __start_on_boot "$service" --state "$state"
+ ;;
+ ubuntu)
+ __file "/etc/init/${service}.conf" \
+ --owner root --group root --mode 0644 \
+ --state "$state" \
+ --source "$__type/files/${service}.upstart"
+ export require="__file/etc/init/${service}.conf"
+ __start_on_boot "$service" --state "$state"
+ ;;
+ archlinux)
+ __file "/lib/systemd/system/${service}.service" \
+ --owner root --group root --mode 0555 \
+ --state "$state" \
+ --source "$__type/files/${service}.systemd"
+ export require="__file/lib/systemd/system/${service}.service"
+ __start_on_boot "$service" --state "$state"
+ ;;
+esac
diff --git a/cdist/conf/type/__consul_template/notes b/cdist/conf/type/__consul_template/notes
new file mode 100644
index 00000000..fc7cca11
--- /dev/null
+++ b/cdist/conf/type/__consul_template/notes
@@ -0,0 +1,93 @@
+# < 0.7.0
+ssl = true
+ssl_no_verify = true
+
+# >= 0.7.0
+ssl {
+ enabled = true
+ verify = false
+}
+
+# >= 0.9.0
+ssl-cert
+ssl-ca-cert
+
+
+
+--------------------------------------------------------------------------------
+### from docs
+
+
+ssl {
+ enabled = true
+ verify = false
+ cert = "/path/to/client/cert.pem"
+ ca_cert = "/path/to/ca/cert.pem"
+}
+
+
+ssl
+ Use HTTPS while talking to Consul. Requires the Consul server to be configured to serve secure connections. The default value is false.
+
+ssl-verify
+ Verify certificates when connecting via SSL. This requires the use of -ssl. The default value is true.
+
+ssl-cert
+ Path to an SSL client certificate to use to authenticate to the consul server. Useful if the consul server "verify_incoming" option is set.
+
+ssl-ca-cert
+ Path to a CA certificate file, containing one or more CA certificates to use to validate the certificate sent by the consul server to us. This is a handy alternative to setting --ssl-verify=false if you are using your own CA.
+
+--------------------------------------------------------------------------------
+
+### example config file from docs
+
+consul = "127.0.0.1:8500"
+token = "abcd1234" // May also be specified via the envvar CONSUL_TOKEN
+retry = "10s"
+max_stale = "10m"
+log_level = "warn"
+pid_file = "/path/to/pid"
+
+vault {
+ address = "https://vault.service.consul:8200"
+ token = "abcd1234" // May also be specified via the envvar VAULT_TOKEN
+ ssl {
+ enabled = true
+ verify = true
+ cert = "/path/to/client/cert.pem"
+ ca_cert = "/path/to/ca/cert.pem"
+ }
+}
+
+
+--auth-username
+--auth-password
+# if any are given enabled = true
+auth {
+ enabled = true
+ username = "test"
+ password = "test"
+}
+
+ssl {
+ enabled = true
+ verify = false
+ cert = "/path/to/client/cert.pem"
+ ca_cert = "/path/to/ca/cert.pem"
+}
+
+syslog {
+ enabled = true
+ facility = "LOCAL5"
+}
+
+template {
+ source = "/path/on/disk/to/template"
+ destination = "/path/on/disk/where/template/will/render"
+ command = "optional command to run when the template is updated"
+}
+
+template {
+ // Multiple template definitions are supported
+}
diff --git a/cdist/conf/type/__consul_template/parameter/boolean b/cdist/conf/type/__consul_template/parameter/boolean
new file mode 100644
index 00000000..10057e46
--- /dev/null
+++ b/cdist/conf/type/__consul_template/parameter/boolean
@@ -0,0 +1,5 @@
+ssl
+ssl-no-verify
+syslog
+vault-ssl
+vault-ssl-no-verify
diff --git a/cdist/conf/type/__consul_template/parameter/default/consul b/cdist/conf/type/__consul_template/parameter/default/consul
new file mode 100644
index 00000000..42dfa616
--- /dev/null
+++ b/cdist/conf/type/__consul_template/parameter/default/consul
@@ -0,0 +1 @@
+localhost:8500
diff --git a/cdist/conf/type/__consul_template/parameter/default/log-level b/cdist/conf/type/__consul_template/parameter/default/log-level
new file mode 100644
index 00000000..1ef71804
--- /dev/null
+++ b/cdist/conf/type/__consul_template/parameter/default/log-level
@@ -0,0 +1 @@
+warn
diff --git a/cdist/conf/type/__consul_template/parameter/default/state b/cdist/conf/type/__consul_template/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__consul_template/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__consul_template/parameter/default/syslog-facility b/cdist/conf/type/__consul_template/parameter/default/syslog-facility
new file mode 100644
index 00000000..f32df182
--- /dev/null
+++ b/cdist/conf/type/__consul_template/parameter/default/syslog-facility
@@ -0,0 +1 @@
+LOCAL0
diff --git a/cdist/conf/type/__consul_template/parameter/default/version b/cdist/conf/type/__consul_template/parameter/default/version
new file mode 100644
index 00000000..a5510516
--- /dev/null
+++ b/cdist/conf/type/__consul_template/parameter/default/version
@@ -0,0 +1 @@
+0.15.0
diff --git a/cdist/conf/type/__consul_template/parameter/optional b/cdist/conf/type/__consul_template/parameter/optional
new file mode 100644
index 00000000..8bc528ac
--- /dev/null
+++ b/cdist/conf/type/__consul_template/parameter/optional
@@ -0,0 +1,18 @@
+auth-username
+auth-password
+batch-size
+consul
+log-level
+max-stale
+retry
+state
+ssl-cert
+ssl-ca-cert
+syslog-facility
+token
+vault-address
+vault-token
+vault-ssl-cert
+vault-ssl-ca-cert
+version
+wait
diff --git a/cdist/test/object/fixtures/object/__first/man/.cdist/.keep b/cdist/conf/type/__consul_template/singleton
similarity index 100%
rename from cdist/test/object/fixtures/object/__first/man/.cdist/.keep
rename to cdist/conf/type/__consul_template/singleton
diff --git a/cdist/conf/type/__consul_template_template/man.rst b/cdist/conf/type/__consul_template_template/man.rst
new file mode 100644
index 00000000..b2e3820b
--- /dev/null
+++ b/cdist/conf/type/__consul_template_template/man.rst
@@ -0,0 +1,84 @@
+cdist-type__consul_template_template(7)
+=======================================
+
+NAME
+----
+cdist-type__consul_template_template - Manage consul-template templates
+
+
+DESCRIPTION
+-----------
+Generate and deploy template definitions for a consul-template.
+See https://github.com/hashicorp/consul-template#examples for documentation.
+Templates are written in the Go template format.
+Either the --source or the --source-file parameter must be given.
+
+
+REQUIRED PARAMETERS
+-------------------
+destination
+ the destination where the generated file should go.
+
+
+OPTIONAL PARAMETERS
+-------------------
+command
+ an optional command to run after rendering the template to its destination.
+
+source
+ path to the template source. Conflicts --source-file.
+
+source-file
+ path to a local file which is uploaded using the __file type and configured
+ as the source.
+ If source is '-' (dash), take what was written to stdin as the file content.
+ Conflicts --source.
+
+state
+ if this template is 'present' or 'absent'. Defaults to 'present'.
+
+wait
+ The `minimum(:maximum)` time to wait before rendering a new template to
+ disk and triggering a command, separated by a colon (`:`). If the optional
+ maximum value is omitted, it is assumed to be 4x the required minimum value.
+ This is a numeric time with a unit suffix ("5s"). There is no default value.
+ The wait value for a template takes precedence over any globally-configured
+ wait.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # configure template on the target
+ __consul_template_template nginx \
+ --source /etc/my-consul-templates/nginx.ctmpl \
+ --destination /etc/nginx/nginx.conf \
+ --command 'service nginx restart'
+
+
+ # upload a local file to the target and configure it
+ __consul_template_template nginx \
+ --wait '2s:6s' \
+ --source-file "$__manifest/files/nginx.ctmpl" \
+ --destination /etc/nginx/nginx.conf \
+ --command 'service nginx restart'
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__consul_template`\ (7), :strong:`cdist-type__consul_template_config`\ (7)
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2015-2016 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__consul_template_template/manifest b/cdist/conf/type/__consul_template_template/manifest
new file mode 100755
index 00000000..1eae1fad
--- /dev/null
+++ b/cdist/conf/type/__consul_template_template/manifest
@@ -0,0 +1,78 @@
+#!/bin/sh -e
+#
+# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+name="$(cat "$__object/parameter/name" 2>/dev/null || echo "$__object_id")"
+state="$(cat "$__object/parameter/state")"
+conf_dir="/etc/consul-template/conf.d"
+conf_file="template_${name}.hcl"
+template_dir="/etc/consul-template/template"
+require=""
+
+# Sanity checks
+if [ -f "$__object/parameter/source" ] && [ -f "$__object/parameter/source-file" ]; then
+ echo "Use either --source OR --source-file, but not both." >&2
+ exit 1
+fi
+if [ ! -f "$__object/parameter/source" ] && [ ! -f "$__object/parameter/source-file" ]; then
+ echo "Either --source OR --source-file must be given." >&2
+ exit 1
+fi
+
+if [ -f "$__object/parameter/source-file" ]; then
+ destination="${template_dir}/${name}"
+ require="__file${destination}"
+fi
+
+# Generate hcl config file
+{
+printf 'template {\n'
+cd "$__object/parameter/"
+for param in *; do
+ case "$param" in
+ source-file)
+ source="$(cat "$__object/parameter/$param")"
+ if [ "$source" = "-" ]; then
+ source="$__object/stdin"
+ fi
+ require="__directory${template_dir}" \
+ __file "$destination" \
+ --owner root --group root --mode 640 \
+ --source "$source" \
+ --state "$state"
+ printf ' source = "%s"\n' "$destination"
+
+ ;;
+ source|destination|command|wait)
+ printf ' %s = "%s"\n' "$param" "$(cat "$__object/parameter/$param")"
+ ;;
+ *)
+ # ignore unknown parameters
+ :
+ ;;
+ esac
+done
+printf '}\n'
+} | \
+require="$require __directory${conf_dir}" \
+ __config_file "${conf_dir}/${conf_file}" \
+ --owner root --group root --mode 640 \
+ --state "$state" \
+ --onchange 'service consul-template status >/dev/null && service consul-template reload || true' \
+ --source -
diff --git a/cdist/conf/type/__consul_template_template/parameter/default/state b/cdist/conf/type/__consul_template_template/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__consul_template_template/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__consul_template_template/parameter/optional b/cdist/conf/type/__consul_template_template/parameter/optional
new file mode 100644
index 00000000..3e55fbb7
--- /dev/null
+++ b/cdist/conf/type/__consul_template_template/parameter/optional
@@ -0,0 +1,5 @@
+command
+source
+source-file
+state
+wait
diff --git a/cdist/conf/type/__consul_template_template/parameter/required b/cdist/conf/type/__consul_template_template/parameter/required
new file mode 100644
index 00000000..ac459b09
--- /dev/null
+++ b/cdist/conf/type/__consul_template_template/parameter/required
@@ -0,0 +1 @@
+destination
diff --git a/cdist/conf/type/__consul_watch_checks/man.rst b/cdist/conf/type/__consul_watch_checks/man.rst
new file mode 100644
index 00000000..a9a9f58d
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_checks/man.rst
@@ -0,0 +1,73 @@
+cdist-type__consul_watch_checks(7)
+==================================
+
+NAME
+----
+cdist-type__consul_watch_checks - Manages consul checks watches
+
+
+DESCRIPTION
+-----------
+Generate and deploy watch definitions of type 'checks' for a consul agent.
+See http://www.consul.io/docs/agent/watches.html for parameter documentation.
+
+
+REQUIRED PARAMETERS
+-------------------
+handler
+ the handler to invoke when the data view updates
+
+
+OPTIONAL PARAMETERS
+-------------------
+datacenter
+ can be provided to override the agent's default datacenter
+
+filter-service
+ filter to a specific service. Conflicts with --filter-state.
+
+filter-state
+ filter to a specific state. Conflicts with --filter-service.
+
+state
+ if this watch is 'present' or 'absent'. Defaults to 'present'.
+
+token
+ can be provided to override the agent's default ACL token
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __consul_watch_checks some-id \
+ --handler /usr/bin/my-handler.sh
+
+ __consul_watch_checks some-id \
+ --filter-service consul \
+ --handler /usr/bin/my-handler.sh
+
+ __consul_watch_checks some-id \
+ --filter-state passing \
+ --handler /usr/bin/my-handler.sh
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__consul_agent`\ (7)
+
+consul documentation at: .
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2015 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__consul_watch_checks/manifest b/cdist/conf/type/__consul_watch_checks/manifest
new file mode 100755
index 00000000..5fdd7a74
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_checks/manifest
@@ -0,0 +1,62 @@
+#!/bin/sh -e
+#
+# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+cdist_type="${__type##*/}"
+watch_type="${cdist_type##*_}"
+conf_dir="/etc/consul/conf.d"
+conf_file="watch_${watch_type}_${__object_id}.json"
+state="$(cat "$__object/parameter/state")"
+
+# Sanity checks
+if [ -f "$__object/parameter/filter-service" ] && [ -f "$__object/parameter/filter-state" ]; then
+ echo "Use either --filter-service or --filter-state but not both." >&2
+ exit 1
+fi
+
+# Generate json config file
+(
+echo "{"
+printf ' "watches": [{\n'
+printf ' "type": "%s"\n' "$watch_type"
+cd "$__object/parameter/"
+for param in *; do
+ case "$param" in
+ state) continue ;;
+ filter-*)
+ key="${param##*-}"
+ printf ' ,"%s": "%s"\n' "$key" "$(cat "$__object/parameter/$param")"
+ ;;
+ *)
+ key="$(echo "$param" | tr '-' '_')"
+ printf ' ,"%s": "%s"\n' "$key" "$(cat "$__object/parameter/$param")"
+ ;;
+ esac
+done
+# end watches
+echo " }]"
+# end json file
+echo "}"
+) | \
+require="__directory${conf_dir}" \
+ __config_file "${conf_dir}/${conf_file}" \
+ --owner root --group consul --mode 640 \
+ --state "$state" \
+ --onchange 'service consul status >/dev/null && service consul reload || true' \
+ --source -
diff --git a/cdist/conf/type/__consul_watch_checks/parameter/default/state b/cdist/conf/type/__consul_watch_checks/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_checks/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__consul_watch_checks/parameter/optional b/cdist/conf/type/__consul_watch_checks/parameter/optional
new file mode 100644
index 00000000..d37fd557
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_checks/parameter/optional
@@ -0,0 +1,5 @@
+datacenter
+filter-service
+filter-state
+state
+token
diff --git a/cdist/conf/type/__consul_watch_checks/parameter/required b/cdist/conf/type/__consul_watch_checks/parameter/required
new file mode 100644
index 00000000..64b916c1
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_checks/parameter/required
@@ -0,0 +1 @@
+handler
diff --git a/cdist/conf/type/__consul_watch_event/man.rst b/cdist/conf/type/__consul_watch_event/man.rst
new file mode 100644
index 00000000..6fe60d40
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_event/man.rst
@@ -0,0 +1,66 @@
+cdist-type__consul_watch_event(7)
+=================================
+
+NAME
+----
+cdist-type__consul_watch_event - Manages consul event watches
+
+
+DESCRIPTION
+-----------
+Generate and deploy watch definitions of type 'event' for a consul agent.
+See http://www.consul.io/docs/agent/watches.html for parameter documentation.
+
+
+REQUIRED PARAMETERS
+-------------------
+handler
+ the handler to invoke when the data view updates
+
+
+OPTIONAL PARAMETERS
+-------------------
+datacenter
+ can be provided to override the agent's default datacenter
+
+name
+ restrict the watch to only events with the given name
+
+state
+ if this watch is 'present' or 'absent'. Defaults to 'present'.
+
+token
+ can be provided to override the agent's default ACL token
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __consul_watch_event some-id \
+ --handler /usr/bin/my-handler.sh
+
+ __consul_watch_event some-id \
+ --name web-deploy \
+ --handler /usr/bin/my-handler.sh
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__consul_agent`\ (7)
+
+consul documentation at: .
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2015 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__consul_watch_event/manifest b/cdist/conf/type/__consul_watch_event/manifest
new file mode 100755
index 00000000..61934656
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_event/manifest
@@ -0,0 +1,52 @@
+#!/bin/sh -e
+#
+# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+cdist_type="${__type##*/}"
+watch_type="${cdist_type##*_}"
+conf_dir="/etc/consul/conf.d"
+conf_file="watch_${watch_type}_${__object_id}.json"
+state="$(cat "$__object/parameter/state")"
+
+# Generate json config file
+(
+echo "{"
+printf ' "watches": [{\n'
+printf ' "type": "%s"\n' "$watch_type"
+cd "$__object/parameter/"
+for param in *; do
+ case "$param" in
+ state) continue ;;
+ *)
+ key="$(echo "$param" | tr '-' '_')"
+ printf ' ,"%s": "%s"\n' "$key" "$(cat "$__object/parameter/$param")"
+ ;;
+ esac
+done
+# end watches
+echo " }]"
+# end json file
+echo "}"
+) | \
+require="__directory${conf_dir}" \
+ __config_file "${conf_dir}/${conf_file}" \
+ --owner root --group consul --mode 640 \
+ --state "$state" \
+ --onchange 'service consul status >/dev/null && service consul reload || true' \
+ --source -
diff --git a/cdist/conf/type/__consul_watch_event/parameter/default/state b/cdist/conf/type/__consul_watch_event/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_event/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__consul_watch_event/parameter/optional b/cdist/conf/type/__consul_watch_event/parameter/optional
new file mode 100644
index 00000000..ac808c47
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_event/parameter/optional
@@ -0,0 +1,4 @@
+datacenter
+name
+state
+token
diff --git a/cdist/conf/type/__consul_watch_event/parameter/required b/cdist/conf/type/__consul_watch_event/parameter/required
new file mode 100644
index 00000000..64b916c1
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_event/parameter/required
@@ -0,0 +1 @@
+handler
diff --git a/cdist/conf/type/__consul_watch_key/man.rst b/cdist/conf/type/__consul_watch_key/man.rst
new file mode 100644
index 00000000..a12f8425
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_key/man.rst
@@ -0,0 +1,63 @@
+cdist-type__consul_watch_key(7)
+===============================
+
+NAME
+----
+cdist-type__consul_watch_key - Manages consul key watches
+
+
+DESCRIPTION
+-----------
+Generate and deploy watch definitions of type 'key' for a consul agent.
+See http://www.consul.io/docs/agent/watches.html for parameter documentation.
+
+
+REQUIRED PARAMETERS
+-------------------
+handler
+ the handler to invoke when the data view updates
+
+key
+ the key to watch for changes
+
+
+OPTIONAL PARAMETERS
+-------------------
+datacenter
+ can be provided to override the agent's default datacenter
+
+state
+ if this watch is 'present' or 'absent'. Defaults to 'present'.
+
+token
+ can be provided to override the agent's default ACL token
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __consul_watch_key some-id \
+ --key foo/bar/baz \
+ --handler /usr/bin/my-key-handler.sh
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__consul_agent`\ (7)
+
+consul documentation at: .
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2015 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__consul_watch_key/manifest b/cdist/conf/type/__consul_watch_key/manifest
new file mode 100755
index 00000000..61934656
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_key/manifest
@@ -0,0 +1,52 @@
+#!/bin/sh -e
+#
+# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+cdist_type="${__type##*/}"
+watch_type="${cdist_type##*_}"
+conf_dir="/etc/consul/conf.d"
+conf_file="watch_${watch_type}_${__object_id}.json"
+state="$(cat "$__object/parameter/state")"
+
+# Generate json config file
+(
+echo "{"
+printf ' "watches": [{\n'
+printf ' "type": "%s"\n' "$watch_type"
+cd "$__object/parameter/"
+for param in *; do
+ case "$param" in
+ state) continue ;;
+ *)
+ key="$(echo "$param" | tr '-' '_')"
+ printf ' ,"%s": "%s"\n' "$key" "$(cat "$__object/parameter/$param")"
+ ;;
+ esac
+done
+# end watches
+echo " }]"
+# end json file
+echo "}"
+) | \
+require="__directory${conf_dir}" \
+ __config_file "${conf_dir}/${conf_file}" \
+ --owner root --group consul --mode 640 \
+ --state "$state" \
+ --onchange 'service consul status >/dev/null && service consul reload || true' \
+ --source -
diff --git a/cdist/conf/type/__consul_watch_key/parameter/default/state b/cdist/conf/type/__consul_watch_key/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_key/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__consul_watch_key/parameter/optional b/cdist/conf/type/__consul_watch_key/parameter/optional
new file mode 100644
index 00000000..bfce8305
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_key/parameter/optional
@@ -0,0 +1,3 @@
+datacenter
+state
+token
diff --git a/cdist/conf/type/__consul_watch_key/parameter/required b/cdist/conf/type/__consul_watch_key/parameter/required
new file mode 100644
index 00000000..a7ae5b65
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_key/parameter/required
@@ -0,0 +1,2 @@
+handler
+key
diff --git a/cdist/conf/type/__consul_watch_keyprefix/man.rst b/cdist/conf/type/__consul_watch_keyprefix/man.rst
new file mode 100644
index 00000000..c600323c
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_keyprefix/man.rst
@@ -0,0 +1,63 @@
+cdist-type__consul_watch_keyprefix(7)
+=====================================
+
+NAME
+----
+cdist-type__consul_watch_keyprefix - Manages consul keyprefix watches
+
+
+DESCRIPTION
+-----------
+Generate and deploy watch definitions of type 'keyprefix' for a consul agent.
+See http://www.consul.io/docs/agent/watches.html for parameter documentation.
+
+
+REQUIRED PARAMETERS
+-------------------
+handler
+ the handler to invoke when the data view updates
+
+prefix
+ the prefix of keys to watch for changes
+
+
+OPTIONAL PARAMETERS
+-------------------
+datacenter
+ can be provided to override the agent's default datacenter
+
+state
+ if this watch is 'present' or 'absent'. Defaults to 'present'.
+
+token
+ can be provided to override the agent's default ACL token
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __consul_watch_keyprefix some-id \
+ --prefix foo/ \
+ --handler /usr/bin/my-prefix-handler.sh
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__consul_agent`\ (7)
+
+consul documentation at: .
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2015 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__consul_watch_keyprefix/manifest b/cdist/conf/type/__consul_watch_keyprefix/manifest
new file mode 100755
index 00000000..61934656
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_keyprefix/manifest
@@ -0,0 +1,52 @@
+#!/bin/sh -e
+#
+# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+cdist_type="${__type##*/}"
+watch_type="${cdist_type##*_}"
+conf_dir="/etc/consul/conf.d"
+conf_file="watch_${watch_type}_${__object_id}.json"
+state="$(cat "$__object/parameter/state")"
+
+# Generate json config file
+(
+echo "{"
+printf ' "watches": [{\n'
+printf ' "type": "%s"\n' "$watch_type"
+cd "$__object/parameter/"
+for param in *; do
+ case "$param" in
+ state) continue ;;
+ *)
+ key="$(echo "$param" | tr '-' '_')"
+ printf ' ,"%s": "%s"\n' "$key" "$(cat "$__object/parameter/$param")"
+ ;;
+ esac
+done
+# end watches
+echo " }]"
+# end json file
+echo "}"
+) | \
+require="__directory${conf_dir}" \
+ __config_file "${conf_dir}/${conf_file}" \
+ --owner root --group consul --mode 640 \
+ --state "$state" \
+ --onchange 'service consul status >/dev/null && service consul reload || true' \
+ --source -
diff --git a/cdist/conf/type/__consul_watch_keyprefix/parameter/default/state b/cdist/conf/type/__consul_watch_keyprefix/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_keyprefix/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__consul_watch_keyprefix/parameter/optional b/cdist/conf/type/__consul_watch_keyprefix/parameter/optional
new file mode 100644
index 00000000..bfce8305
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_keyprefix/parameter/optional
@@ -0,0 +1,3 @@
+datacenter
+state
+token
diff --git a/cdist/conf/type/__consul_watch_keyprefix/parameter/required b/cdist/conf/type/__consul_watch_keyprefix/parameter/required
new file mode 100644
index 00000000..6223b4de
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_keyprefix/parameter/required
@@ -0,0 +1,2 @@
+handler
+keyprefix
diff --git a/cdist/conf/type/__consul_watch_nodes/man.rst b/cdist/conf/type/__consul_watch_nodes/man.rst
new file mode 100644
index 00000000..d886a586
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_nodes/man.rst
@@ -0,0 +1,59 @@
+cdist-type__consul_watch_nodes(7)
+=================================
+
+NAME
+----
+cdist-type__consul_watch_nodes - Manages consul nodes watches
+
+
+DESCRIPTION
+-----------
+Generate and deploy watch definitions of type 'nodes' for a consul agent.
+See http://www.consul.io/docs/agent/watches.html for parameter documentation.
+
+
+REQUIRED PARAMETERS
+-------------------
+handler
+ the handler to invoke when the data view updates
+
+
+OPTIONAL PARAMETERS
+-------------------
+datacenter
+ can be provided to override the agent's default datacenter
+
+state
+ if this watch is 'present' or 'absent'. Defaults to 'present'.
+
+token
+ can be provided to override the agent's default ACL token
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __consul_watch_nodes some-id \
+ --handler /usr/bin/my-key-handler.sh
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__consul_agent`\ (7)
+
+consul documentation at: .
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2015 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__consul_watch_nodes/manifest b/cdist/conf/type/__consul_watch_nodes/manifest
new file mode 100755
index 00000000..61934656
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_nodes/manifest
@@ -0,0 +1,52 @@
+#!/bin/sh -e
+#
+# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+cdist_type="${__type##*/}"
+watch_type="${cdist_type##*_}"
+conf_dir="/etc/consul/conf.d"
+conf_file="watch_${watch_type}_${__object_id}.json"
+state="$(cat "$__object/parameter/state")"
+
+# Generate json config file
+(
+echo "{"
+printf ' "watches": [{\n'
+printf ' "type": "%s"\n' "$watch_type"
+cd "$__object/parameter/"
+for param in *; do
+ case "$param" in
+ state) continue ;;
+ *)
+ key="$(echo "$param" | tr '-' '_')"
+ printf ' ,"%s": "%s"\n' "$key" "$(cat "$__object/parameter/$param")"
+ ;;
+ esac
+done
+# end watches
+echo " }]"
+# end json file
+echo "}"
+) | \
+require="__directory${conf_dir}" \
+ __config_file "${conf_dir}/${conf_file}" \
+ --owner root --group consul --mode 640 \
+ --state "$state" \
+ --onchange 'service consul status >/dev/null && service consul reload || true' \
+ --source -
diff --git a/cdist/conf/type/__consul_watch_nodes/parameter/default/state b/cdist/conf/type/__consul_watch_nodes/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_nodes/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__consul_watch_nodes/parameter/optional b/cdist/conf/type/__consul_watch_nodes/parameter/optional
new file mode 100644
index 00000000..bfce8305
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_nodes/parameter/optional
@@ -0,0 +1,3 @@
+datacenter
+state
+token
diff --git a/cdist/conf/type/__consul_watch_nodes/parameter/required b/cdist/conf/type/__consul_watch_nodes/parameter/required
new file mode 100644
index 00000000..64b916c1
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_nodes/parameter/required
@@ -0,0 +1 @@
+handler
diff --git a/cdist/conf/type/__consul_watch_service/man.rst b/cdist/conf/type/__consul_watch_service/man.rst
new file mode 100644
index 00000000..37cabcc9
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_service/man.rst
@@ -0,0 +1,83 @@
+cdist-type__consul_watch_service(7)
+===================================
+
+NAME
+----
+cdist-type__consul_watch_service - Manages consul service watches
+
+
+DESCRIPTION
+-----------
+Generate and deploy watch definitions of type 'service' for a consul agent.
+See http://www.consul.io/docs/agent/watches.html for parameter documentation.
+
+
+REQUIRED PARAMETERS
+-------------------
+handler
+ the handler to invoke when the data view updates
+
+service
+ the service to watch for changes
+
+
+OPTIONAL PARAMETERS
+-------------------
+datacenter
+ can be provided to override the agent's default datacenter
+
+state
+ if this watch is 'present' or 'absent'. Defaults to 'present'.
+
+token
+ can be provided to override the agent's default ACL token
+
+tag
+ filter by tag
+
+
+BOOLEAN PARAMETERS
+------------------
+passingonly
+ specifies if only hosts passing all checks are displayed
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __consul_watch_service some-id \
+ --service consul \
+ --handler /usr/bin/my-handler.sh
+
+ __consul_watch_service some-id \
+ --service redis \
+ --tag production \
+ --handler /usr/bin/my-handler.sh
+
+ __consul_watch_service some-id \
+ --service redis \
+ --tag production \
+ --passingonly \
+ --handler /usr/bin/my-handler.sh
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__consul_agent`\ (7)
+
+consul documentation at: .
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2015 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__consul_watch_service/manifest b/cdist/conf/type/__consul_watch_service/manifest
new file mode 100755
index 00000000..db38eb18
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_service/manifest
@@ -0,0 +1,55 @@
+#!/bin/sh -e
+#
+# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+cdist_type="${__type##*/}"
+watch_type="${cdist_type##*_}"
+conf_dir="/etc/consul/conf.d"
+conf_file="watch_${watch_type}_${__object_id}.json"
+state="$(cat "$__object/parameter/state")"
+
+# Generate json config file
+(
+echo "{"
+printf ' "watches": [{\n'
+printf ' "type": "%s"\n' "$watch_type"
+cd "$__object/parameter/"
+for param in *; do
+ case "$param" in
+ state) continue ;;
+ passingonly)
+ printf ' ,"passingonly": true\n'
+ ;;
+ *)
+ key="$(echo "$param" | tr '-' '_')"
+ printf ' ,"%s": "%s"\n' "$key" "$(cat "$__object/parameter/$param")"
+ ;;
+ esac
+done
+# end watches
+echo " }]"
+# end json file
+echo "}"
+) | \
+require="__directory${conf_dir}" \
+ __config_file "${conf_dir}/${conf_file}" \
+ --owner root --group consul --mode 640 \
+ --state "$state" \
+ --onchange 'service consul status >/dev/null && service consul reload || true' \
+ --source -
diff --git a/cdist/conf/type/__consul_watch_service/parameter/boolean b/cdist/conf/type/__consul_watch_service/parameter/boolean
new file mode 100644
index 00000000..4c1e4b3f
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_service/parameter/boolean
@@ -0,0 +1 @@
+passingonly
diff --git a/cdist/conf/type/__consul_watch_service/parameter/default/state b/cdist/conf/type/__consul_watch_service/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_service/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__consul_watch_service/parameter/optional b/cdist/conf/type/__consul_watch_service/parameter/optional
new file mode 100644
index 00000000..a81860ac
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_service/parameter/optional
@@ -0,0 +1,4 @@
+datacenter
+state
+tag
+token
diff --git a/cdist/conf/type/__consul_watch_service/parameter/required b/cdist/conf/type/__consul_watch_service/parameter/required
new file mode 100644
index 00000000..e1ffa4d6
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_service/parameter/required
@@ -0,0 +1,2 @@
+handler
+service
diff --git a/cdist/conf/type/__consul_watch_services/man.rst b/cdist/conf/type/__consul_watch_services/man.rst
new file mode 100644
index 00000000..cea5f901
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_services/man.rst
@@ -0,0 +1,59 @@
+cdist-type__consul_watch_services(7)
+====================================
+
+NAME
+----
+cdist-type__consul_watch_services - Manages consul services watches
+
+
+DESCRIPTION
+-----------
+Generate and deploy watch definitions of type 'services' for a consul agent.
+See http://www.consul.io/docs/agent/watches.html for parameter documentation.
+
+
+REQUIRED PARAMETERS
+-------------------
+handler
+ the handler to invoke when the data view updates
+
+
+OPTIONAL PARAMETERS
+-------------------
+datacenter
+ can be provided to override the agent's default datacenter
+
+state
+ if this watch is 'present' or 'absent'. Defaults to 'present'.
+
+token
+ can be provided to override the agent's default ACL token
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __consul_watch_services some-id \
+ --handler /usr/bin/my-key-handler.sh
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__consul_agent`\ (7)
+
+consul documentation at: .
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2015 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__consul_watch_services/manifest b/cdist/conf/type/__consul_watch_services/manifest
new file mode 100755
index 00000000..61934656
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_services/manifest
@@ -0,0 +1,52 @@
+#!/bin/sh -e
+#
+# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+cdist_type="${__type##*/}"
+watch_type="${cdist_type##*_}"
+conf_dir="/etc/consul/conf.d"
+conf_file="watch_${watch_type}_${__object_id}.json"
+state="$(cat "$__object/parameter/state")"
+
+# Generate json config file
+(
+echo "{"
+printf ' "watches": [{\n'
+printf ' "type": "%s"\n' "$watch_type"
+cd "$__object/parameter/"
+for param in *; do
+ case "$param" in
+ state) continue ;;
+ *)
+ key="$(echo "$param" | tr '-' '_')"
+ printf ' ,"%s": "%s"\n' "$key" "$(cat "$__object/parameter/$param")"
+ ;;
+ esac
+done
+# end watches
+echo " }]"
+# end json file
+echo "}"
+) | \
+require="__directory${conf_dir}" \
+ __config_file "${conf_dir}/${conf_file}" \
+ --owner root --group consul --mode 640 \
+ --state "$state" \
+ --onchange 'service consul status >/dev/null && service consul reload || true' \
+ --source -
diff --git a/cdist/conf/type/__consul_watch_services/parameter/default/state b/cdist/conf/type/__consul_watch_services/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_services/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__consul_watch_services/parameter/optional b/cdist/conf/type/__consul_watch_services/parameter/optional
new file mode 100644
index 00000000..bfce8305
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_services/parameter/optional
@@ -0,0 +1,3 @@
+datacenter
+state
+token
diff --git a/cdist/conf/type/__consul_watch_services/parameter/required b/cdist/conf/type/__consul_watch_services/parameter/required
new file mode 100644
index 00000000..64b916c1
--- /dev/null
+++ b/cdist/conf/type/__consul_watch_services/parameter/required
@@ -0,0 +1 @@
+handler
diff --git a/cdist/conf/type/__cron/explorer/entry b/cdist/conf/type/__cron/explorer/entry
old mode 100755
new mode 100644
index 1b4bec42..801861a3
--- a/cdist/conf/type/__cron/explorer/entry
+++ b/cdist/conf/type/__cron/explorer/entry
@@ -1,6 +1,7 @@
#!/bin/sh
#
-# 2011 Steven Armstrong (steven-cdist at armstrong.cc)
+# 2011-2013 Steven Armstrong (steven-cdist at armstrong.cc)
+# 2013 Nico Schottelius (nico-cdist at schottelius.org)
#
# This file is part of cdist.
#
@@ -18,22 +19,12 @@
# along with cdist. If not, see .
#
-name="$__object_id"
+name="$__object_name"
user="$(cat "$__object/parameter/user")"
-prefix="#cdist:__cron/$name"
-suffix="#/cdist:__cron/$name"
-
-crontab -u $user -l 2>/dev/null | awk -v prefix="$prefix" -v suffix="$suffix" '
-{
- if (index($0,prefix)) {
- triggered=1
- }
- if (triggered) {
- if (index($0,suffix)) {
- triggered=0
- }
- print
- }
-}
-'
+if [ -f "$__object/parameter/raw_command" ]; then
+ command="$(cat "$__object/parameter/command")"
+ crontab -u "$user" -l 2>/dev/null | grep "^$command\$" || true
+else
+ crontab -u "$user" -l 2>/dev/null | grep "# $name\$" || true
+fi
diff --git a/cdist/conf/type/__cron/gencode-remote b/cdist/conf/type/__cron/gencode-remote
index 37e0dc15..59398058 100755
--- a/cdist/conf/type/__cron/gencode-remote
+++ b/cdist/conf/type/__cron/gencode-remote
@@ -1,6 +1,9 @@
-#!/bin/sh
+#!/bin/sh -e
#
# 2011 Steven Armstrong (steven-cdist at armstrong.cc)
+# 2013 Nico Schottelius (nico-cdist at schottelius.org)
+# 2013 Thomas Oettli (otho at sfs.biz)
+# 2017 Daniel Heule (hda at sfs.biz)
#
# This file is part of cdist.
#
@@ -18,40 +21,46 @@
# along with cdist. If not, see .
#
-os="$(cat "$__global/explorer/os")"
+name="$__object_name"
user="$(cat "$__object/parameter/user")"
-state_should="$(cat "$__object/parameter/state")"
-state_is=$(diff -q "$__object/parameter/entry" "$__object/explorer/entry" \
- && echo present \
- || echo absent
-)
+command="$(cat "$__object/parameter/command")"
-# FreeBSD mktemp doesn't allow execution without at least one param
-if [ "$os" = "freebsd" ]; then
- mktemp="mktemp -t tmp"
+if [ -f "$__object/parameter/raw" ]; then
+ raw="$(cat "$__object/parameter/raw")"
+ entry="$raw $command # $name"
+elif [ -f "$__object/parameter/raw_command" ]; then
+ entry="$command"
else
- mktemp="mktemp"
+ minute="$(cat "$__object/parameter/minute" 2>/dev/null || echo "*")"
+ hour="$(cat "$__object/parameter/hour" 2>/dev/null || echo "*")"
+ day_of_month="$(cat "$__object/parameter/day_of_month" 2>/dev/null || echo "*")"
+ month="$(cat "$__object/parameter/month" 2>/dev/null || echo "*")"
+ day_of_week="$(cat "$__object/parameter/day_of_week" 2>/dev/null || echo "*")"
+ entry="$minute $hour $day_of_month $month $day_of_week $command # $name"
fi
-if [ "$state_is" != "$state_should" ]; then
- case "$state_should" in
- present)
- cat << DONE
-tmp=\$($mktemp)
-crontab -u $user -l > \$tmp
-cat >> \$tmp << EOC
-$(cat "$__object/parameter/entry")
-EOC
-crontab -u $user \$tmp
-rm \$tmp
-DONE
- ;;
- absent)
- # defined in type manifest
- prefix="$(cat "$__object/parameter/prefix")"
- suffix="$(cat "$__object/parameter/suffix")"
- cat << DONE
-crontab -u $user -l | awk -v prefix="$prefix" -v suffix="$suffix" '
+mkdir "$__object/files"
+echo "$entry" > "$__object/files/entry"
+
+if diff -q "$__object/files/entry" "$__object/explorer/entry" >/dev/null; then
+ state_is=present
+else
+ state_is=absent
+fi
+
+state_should="$(cat "$__object/parameter/state" 2>/dev/null || echo "present")"
+
+[ "$state_is" = "$state_should" ] && exit 0
+
+# If anything is going to change, ensure the old entries are
+# not present anymore
+
+# These are the old markers
+prefix="#cdist:__cron/$__object_id"
+suffix="#/cdist:__cron/$__object_id"
+filter='^# DO NOT EDIT THIS FILE|^# \(.* installed on |^# \(Cron version V|^# \(Cronie version .\..\)$'
+cat << DONE
+crontab -u $user -l 2>/dev/null | grep -v -E "$filter" | awk -v prefix="$prefix" -v suffix="$suffix" '
{
if (index(\$0,prefix)) {
triggered=1
@@ -66,6 +75,22 @@ crontab -u $user -l | awk -v prefix="$prefix" -v suffix="$suffix" '
}
' | crontab -u $user -
DONE
- ;;
- esac
-fi
+
+case "$state_should" in
+ present)
+ # if we insert new entry, filter also all entrys out with the same id
+ echo "("
+ echo "crontab -u $user -l 2>/dev/null | grep -v -E \"$filter\" | grep -v \"# $name\\$\" 2>/dev/null || true"
+ echo "echo '$entry'"
+ echo ") | crontab -u $user -"
+ ;;
+ absent)
+ if [ -f "$__object/parameter/raw_command" ]; then
+ echo "( crontab -u $user -l 2>/dev/null | grep -v -E \"$filter\" 2>/dev/null || true ) | \\"
+ echo "grep -v \"^$entry\\$\" | crontab -u $user -"
+ else
+ echo "( crontab -u $user -l 2>/dev/null | grep -v -E \"$filter\" 2>/dev/null || true ) | \\"
+ echo "grep -v \"# $name\\$\" | crontab -u $user -"
+ fi
+ ;;
+esac
diff --git a/cdist/conf/type/__cron/man.rst b/cdist/conf/type/__cron/man.rst
new file mode 100644
index 00000000..d0694738
--- /dev/null
+++ b/cdist/conf/type/__cron/man.rst
@@ -0,0 +1,84 @@
+cdist-type__cron(7)
+===================
+
+NAME
+----
+cdist-type__cron - Installs and manages cron jobs
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to manage entries in a users crontab.
+
+
+REQUIRED PARAMETERS
+-------------------
+user
+ The user who's crontab is edited
+command
+ The command to run.
+
+
+OPTIONAL PARAMETERS
+-------------------
+state
+ Either present or absent. Defaults to present.
+minute
+ See crontab(5). Defaults to *
+hour
+ See crontab(5). Defaults to *
+day_of_month
+ See crontab(5). Defaults to *
+month
+ See crontab(5). Defaults to *
+day_of_week
+ See crontab(5). Defaults to *
+raw
+ Take whatever the user has given instead of time and date fields.
+ If given, all other time and date fields are ignored.
+ Can for example be used to specify cron EXTENSIONS like reboot, yearly etc.
+ See crontab(5) for the extensions if any that your cron implementation
+ implements.
+raw_command
+ Take whatever the user has given in the command and ignore everything else.
+ If given, the command will be added to crontab.
+ Can for example be used to define variables like SHELL or MAILTO.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # run Monday to Saturday at 23:15
+ __cron some-id --user root --command "/path/to/script" \
+ --hour 23 --minute 15 --day_of_week 1-6
+
+ # run on reboot
+ __cron some-id --user root --command "/path/to/script" \
+ --raw @reboot
+
+ # remove cronjob
+ __cron some-id --user root --command "/path/to/script" --state absent
+
+ # define default shell
+ __cron some-id --user root --raw_command --command "SHELL=/bin/bash" \
+ --state present
+
+
+SEE ALSO
+--------
+:strong:`crontab`\ (5)
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2011-2013 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__cron/man.text b/cdist/conf/type/__cron/man.text
deleted file mode 100644
index 47f47456..00000000
--- a/cdist/conf/type/__cron/man.text
+++ /dev/null
@@ -1,72 +0,0 @@
-cdist-type__cron(7)
-===================
-Steven Armstrong
-
-
-NAME
-----
-cdist-type__cron - installs and manages cron jobs
-
-
-DESCRIPTION
------------
-This cdist type allows you to manage entries in a users crontab.
-
-
-REQUIRED PARAMETERS
--------------------
-user::
- The user who's crontab is edited
-command::
- The command to run.
-
-
-OPTIONAL PARAMETERS
--------------------
-state::
- Either present or absent. Defaults to present.
-minute::
- See crontab(5). Defaults to *
-hour::
- See crontab(5). Defaults to *
-day_of_month::
- See crontab(5). Defaults to *
-month::
- See crontab(5). Defaults to *
-day_of_week::
- See crontab(5). Defaults to *
-raw::
- Take whatever the user has given instead of time and date fields.
- If given, all other time and date fields are ignored.
- Can for example be used to specify cron EXTENSIONS like reboot, yearly etc.
- See crontab(5) for the extensions if any that your cron implementation
- implements.
-
-
-EXAMPLES
---------
-
---------------------------------------------------------------------------------
-# run Monday to Saturday at 23:15
-__cron some-id --user root --command "/path/to/script" \
- --hour 23 --minute 15 --day_of_week 1-6
-
-# run on reboot
-__cron some-id --user root --command "/path/to/script" \
- --raw @reboot
-
-# remove cronjob
-__cron some-id --user root --command "/path/to/script" --state absent
---------------------------------------------------------------------------------
-
-
-SEE ALSO
---------
-- cdist-type(7)
-- crontab(5)
-
-
-COPYING
--------
-Copyright \(C) 2011 Steven Armstrong. Free use of this software is
-granted under the terms of the GNU General Public License version 3 (GPLv3).
diff --git a/cdist/conf/type/__cron/manifest b/cdist/conf/type/__cron/manifest
index 7aca41ff..53973e07 100755
--- a/cdist/conf/type/__cron/manifest
+++ b/cdist/conf/type/__cron/manifest
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/sh -e
#
-# 2011 Steven Armstrong (steven-cdist at armstrong.cc)
+# 2013 Thomas Oettli (otho at sfs.biz)
#
# This file is part of cdist.
#
@@ -18,28 +18,7 @@
# along with cdist. If not, see .
#
-name="$__object_id"
-user="$(cat "$__object/parameter/user")"
-command="$(cat "$__object/parameter/command")"
-
-# set defaults
-test -f "$__object/parameter/state" || echo "present" > "$__object/parameter/state"
-
-if [ -f "$__object/parameter/raw" ]; then
- raw="$(cat "$__object/parameter/raw")"
- entry="$raw $command"
-else
- minute="$(cat "$__object/parameter/minute" 2>/dev/null || echo "*")"
- hour="$(cat "$__object/parameter/hour" 2>/dev/null || echo "*")"
- day_of_month="$(cat "$__object/parameter/day_of_month" 2>/dev/null || echo "*")"
- month="$(cat "$__object/parameter/month" 2>/dev/null || echo "*")"
- day_of_week="$(cat "$__object/parameter/day_of_week" 2>/dev/null || echo "*")"
- entry="$minute $hour $day_of_month $month $day_of_week $command"
+if [ -f "$__object/parameter/raw" ] && [ -f "$__object/parameter/raw_command" ]; then
+ echo "ERROR: both raw and raw_command specified" >&2
+ exit 1
fi
-
-# NOTE: if changed, also change in explorers
-prefix="#cdist:__cron/$name"
-suffix="#/cdist:__cron/$name"
-echo "$prefix" | tee "$__object/parameter/prefix" > "$__object/parameter/entry"
-echo "$entry" >> "$__object/parameter/entry"
-echo "$suffix" | tee "$__object/parameter/suffix" >> "$__object/parameter/entry"
diff --git a/cdist/conf/type/__cron/parameter/boolean b/cdist/conf/type/__cron/parameter/boolean
new file mode 100644
index 00000000..54cfb0b3
--- /dev/null
+++ b/cdist/conf/type/__cron/parameter/boolean
@@ -0,0 +1 @@
+raw_command
diff --git a/cdist/conf/type/__daemontools/files/init.d-svscan b/cdist/conf/type/__daemontools/files/init.d-svscan
new file mode 100644
index 00000000..996eb4e8
--- /dev/null
+++ b/cdist/conf/type/__daemontools/files/init.d-svscan
@@ -0,0 +1,68 @@
+#!/bin/bash
+### BEGIN INIT INFO
+# Provides: svscan
+# Required-Start:
+# Required-Stop:
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: svscan
+# Description: djb svscan
+### END INIT INFO
+# from https://gist.githubusercontent.com/pacojp/5766990/raw/2ed009ab19515afc9e58291b636d673c5ca864b3/init.d.svscan
+# written by Adam McKenna
+# edited by Kamila Součková
+
+export PATH=$PATH:/usr/local/bin
+
+l=/var/log/svscan
+
+if [ ! -d $l ]; then
+ mkdir $l
+ chown daemon $l
+fi
+
+case "$1" in
+ start)
+ printf "Starting daemontools: "
+ if ! pidof svscan > /dev/null 2>&1; then
+ printf "svscan "
+ env - PATH="$PATH" svscan /service 2>&1 | setuidgid daemon multilog t /var/log/svscan &
+ echo "."
+ else
+ echo "already running."
+ fi
+ ;;
+ stop)
+ printf "Stopping daemontools: "
+ pids="$(pidof svscan)"
+ if [ -n "${pids}" ]
+ then
+ printf "svscan"
+ while [ -n "${pids}" ]
+ do
+ # shellcheck disable=SC2086
+ kill ${pids}
+ printf "."
+ pids="$(pidof svscan)"
+ done
+ fi
+ printf " services"
+ for i in /service/*; do
+ svc -dx "$i"
+ printf "."
+ done
+ printf " logging "
+ for i in /service/*/log; do
+ svc -dx "$i"
+ printf "."
+ done
+ echo ""
+ ;;
+ restart|force-reload)
+ $0 stop
+ $0 start
+ ;;
+ *)
+ echo 'Usage: /etc/init.d/svscan {start|stop|restart|force-reload}'
+ exit 1
+esac
diff --git a/cdist/conf/type/__daemontools/man.rst b/cdist/conf/type/__daemontools/man.rst
new file mode 100644
index 00000000..bc1b4d33
--- /dev/null
+++ b/cdist/conf/type/__daemontools/man.rst
@@ -0,0 +1,54 @@
+cdist-type__daemontools(7)
+==========================
+
+NAME
+----
+cdist-type__daemontools - Install daemontools
+
+
+DESCRIPTION
+-----------
+Install djb daemontools and (optionally) an init script.
+
+
+REQUIRED PARAMETERS
+-------------------
+None.
+
+
+OPTIONAL PARAMETERS
+-------------------
+from-package
+ Package to install. Must be compatible with the original daemontools. Example: daemontools-encore. Default: daemontools.
+
+servicedir
+ Directory to scan for services. Default: `/service`
+
+
+BOOLEAN PARAMETERS
+------------------
+install-init-script
+ Add an init script and set it to start on boot.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __daemontools --from-package daemontools-encore # if you prefer
+
+SEE ALSO
+--------
+:strong:`cdist-type__daemontools_service`\ (7)
+
+AUTHORS
+-------
+Kamila Součková
+
+COPYING
+-------
+Copyright \(C) 2017 Kamila Součková. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__daemontools/manifest b/cdist/conf/type/__daemontools/manifest
new file mode 100755
index 00000000..b04c7e07
--- /dev/null
+++ b/cdist/conf/type/__daemontools/manifest
@@ -0,0 +1,40 @@
+#!/bin/sh -e
+
+pkg=$(cat "$__object/parameter/from-package")
+servicedir=$(cat "$__object/parameter/servicedir")
+
+__package "$pkg"
+__directory "$servicedir" --mode 700
+
+os=$(cat "$__global/explorer/os")
+init=$(cat "$__global/explorer/init")
+
+require=""
+case $os in
+ freebsd)
+ # TODO change to __start_on_boot once it supports freebsd
+ __config_file /etc/rc.conf.d/svscan --source - <<-EOT
+ svscan_enable="YES"
+ svscan_servicedir="$servicedir"
+ EOT
+ require="$require __package/$pkg __directory/$servicedir __config_file/etc/rc.conf.d/svscan" \
+ __process svscan --name ".*/svscan $servicedir" --start 'service svscan start'
+ ;;
+ *)
+ case $init in
+ init)
+ if [ -f "$__object/parameter/install-init-script" ]; then
+ __config_file /etc/init.d/svscan --mode 755 --source "$__type/files/init.d-svscan"
+ REQUIREEXTRA="__config_file/etc/init.d/svscan"
+ fi
+ require="$require $REQUIREEXTRA" __start_on_boot svscan
+ require="$require __package/$pkg __directory/$servicedir __start_on_boot/svscan" \
+ __process svscan --name ".*/svscan $servicedir" --start 'service svscan start'
+ ;;
+ *)
+ echo "Your init system ($init) is not supported by this type. Submit a patch at github.com/ungleich/cdist!"
+ exit 1
+ ;;
+ esac
+ ;;
+esac
diff --git a/cdist/conf/type/__daemontools/parameter/boolean b/cdist/conf/type/__daemontools/parameter/boolean
new file mode 100644
index 00000000..99a1cefd
--- /dev/null
+++ b/cdist/conf/type/__daemontools/parameter/boolean
@@ -0,0 +1 @@
+install-init-script
diff --git a/cdist/conf/type/__daemontools/parameter/default/from-package b/cdist/conf/type/__daemontools/parameter/default/from-package
new file mode 100644
index 00000000..598dd40a
--- /dev/null
+++ b/cdist/conf/type/__daemontools/parameter/default/from-package
@@ -0,0 +1 @@
+daemontools
diff --git a/cdist/conf/type/__daemontools/parameter/default/servicedir b/cdist/conf/type/__daemontools/parameter/default/servicedir
new file mode 100644
index 00000000..b74e27f6
--- /dev/null
+++ b/cdist/conf/type/__daemontools/parameter/default/servicedir
@@ -0,0 +1 @@
+/service
diff --git a/cdist/conf/type/__daemontools/parameter/optional b/cdist/conf/type/__daemontools/parameter/optional
new file mode 100644
index 00000000..22c0805d
--- /dev/null
+++ b/cdist/conf/type/__daemontools/parameter/optional
@@ -0,0 +1,2 @@
+from-package
+servicedir
diff --git a/cdist/test/object/fixtures/object/__second/.keep b/cdist/conf/type/__daemontools/singleton
similarity index 100%
rename from cdist/test/object/fixtures/object/__second/.keep
rename to cdist/conf/type/__daemontools/singleton
diff --git a/cdist/conf/type/__daemontools_service/explorer/svc b/cdist/conf/type/__daemontools_service/explorer/svc
new file mode 100755
index 00000000..9ba462f2
--- /dev/null
+++ b/cdist/conf/type/__daemontools_service/explorer/svc
@@ -0,0 +1,2 @@
+#!/bin/sh
+command -v svc || true
diff --git a/cdist/conf/type/__daemontools_service/man.rst b/cdist/conf/type/__daemontools_service/man.rst
new file mode 100644
index 00000000..ec1d20ff
--- /dev/null
+++ b/cdist/conf/type/__daemontools_service/man.rst
@@ -0,0 +1,72 @@
+cdist-type__daemontools_service(7)
+==================================
+
+NAME
+----
+cdist-type__daemontools_service - Create a daemontools-compatible service dir.
+
+
+DESCRIPTION
+-----------
+Create a directory structure compatible with daemontools-like service management.
+
+Note that svc must be present on the target system.
+
+The object ID will be used as the service name.
+
+REQUIRED PARAMETERS
+-------------------
+None.
+
+OPTIONAL PARAMETERS
+-------------------
+run
+ Command to run. exec-ing and stderr redirection will be added. One of run, run-file must be specified.
+
+ Example: `my-program`
+
+run-file
+ File to save as /run. One of run, run-file must be specified.
+
+ Example:
+
+.. code-block:: sh
+
+ #!/bin/sh
+ exec 2>&1
+ exec my_program
+
+
+log-run
+ Command to run for log consumption. Default: `multilog t ./main`
+
+servicedir
+ Directory to install into. Default: `/service`
+
+BOOLEAN PARAMETERS
+------------------
+None.
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ require="__daemontools" __daemontools_service prometheus --run "setuidgid prometheus $GOBIN/prometheus $FLAGS"
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__daemontools`\ (7)
+
+
+AUTHORS
+-------
+Kamila Součková
+
+COPYING
+-------
+Copyright \(C) 2017 Kamila Součková. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__daemontools_service/manifest b/cdist/conf/type/__daemontools_service/manifest
new file mode 100755
index 00000000..78bae285
--- /dev/null
+++ b/cdist/conf/type/__daemontools_service/manifest
@@ -0,0 +1,38 @@
+#!/bin/sh -e
+
+RUN_PREFIX="#!/bin/sh
+exec 2>&1
+exec " # mind the space :D
+
+name=$__object_id
+servicedir=$(cat "$__object/parameter/servicedir")
+run=$(cat "$__object/parameter/run")
+runfile=$(cat "$__object/parameter/run-file")
+logrun=$(cat "$__object/parameter/log-run")
+
+svc=$(cat "$__type/explorer/svc")
+
+if [ -z "$svc" ]; then
+ echo "svc not found! Install daemontools first: see __daemontools"
+ exit 1
+fi
+
+badusage() {
+ echo "__daemontools_service/$__object_id: exactly one of --run, --run-file must be set" >&2
+ exit 1
+}
+
+[ -z "$run$runfile" ] && badusage
+[ -n "$run" ] && [ -n "$runfile" ] && badusage
+
+__directory "$servicedir/$name/log/main" --parents
+
+echo "$RUN_PREFIX$run" | require="__directory/$servicedir/$name/log/main" __config_file "$servicedir/$name/run" \
+ --onchange "svc -t '$servicedir/$name' 2>/dev/null" \
+ --mode 755 \
+ --source "${runfile:--}"
+
+echo "$RUN_PREFIX$logrun" | require="__directory/$servicedir/$name/log/main" __config_file "$servicedir/$name/log/run" \
+ --onchange "svc -t '$servicedir/$name/log' 2>/dev/null" \
+ --mode 755 \
+ --source "-"
diff --git a/cdist/conf/type/__daemontools_service/parameter/default/log-run b/cdist/conf/type/__daemontools_service/parameter/default/log-run
new file mode 100644
index 00000000..80d57a74
--- /dev/null
+++ b/cdist/conf/type/__daemontools_service/parameter/default/log-run
@@ -0,0 +1 @@
+multilog t ./main
diff --git a/cdist/test/object/fixtures/object/__second/on-the/.cdist/.keep b/cdist/conf/type/__daemontools_service/parameter/default/run
similarity index 100%
rename from cdist/test/object/fixtures/object/__second/on-the/.cdist/.keep
rename to cdist/conf/type/__daemontools_service/parameter/default/run
diff --git a/cdist/test/object/fixtures/object/__third/.keep b/cdist/conf/type/__daemontools_service/parameter/default/run-file
similarity index 100%
rename from cdist/test/object/fixtures/object/__third/.keep
rename to cdist/conf/type/__daemontools_service/parameter/default/run-file
diff --git a/cdist/conf/type/__daemontools_service/parameter/default/servicedir b/cdist/conf/type/__daemontools_service/parameter/default/servicedir
new file mode 100644
index 00000000..b74e27f6
--- /dev/null
+++ b/cdist/conf/type/__daemontools_service/parameter/default/servicedir
@@ -0,0 +1 @@
+/service
diff --git a/cdist/conf/type/__daemontools_service/parameter/optional b/cdist/conf/type/__daemontools_service/parameter/optional
new file mode 100644
index 00000000..7e54985f
--- /dev/null
+++ b/cdist/conf/type/__daemontools_service/parameter/optional
@@ -0,0 +1,4 @@
+log-run
+run
+run-file
+servicedir
diff --git a/cdist/conf/type/__debconf_set_selections/gencode-remote b/cdist/conf/type/__debconf_set_selections/gencode-remote
index 62be6a12..e99aef40 100755
--- a/cdist/conf/type/__debconf_set_selections/gencode-remote
+++ b/cdist/conf/type/__debconf_set_selections/gencode-remote
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/sh -e
#
-# 2011 Nico Schottelius (nico-cdist at schottelius.org)
+# 2011-2014 Nico Schottelius (nico-cdist at schottelius.org)
#
# This file is part of cdist.
#
@@ -21,6 +21,12 @@
# Setup selections
#
+filename="$(cat "$__object/parameter/file")"
+
+if [ "$filename" = "-" ]; then
+ filename="$__object/stdin"
+fi
+
echo "debconf-set-selections << __file-eof"
-cat "$(cat "$__object/parameter/file")"
+cat "$filename"
echo "__file-eof"
diff --git a/cdist/conf/type/__debconf_set_selections/man.rst b/cdist/conf/type/__debconf_set_selections/man.rst
new file mode 100644
index 00000000..58c25b81
--- /dev/null
+++ b/cdist/conf/type/__debconf_set_selections/man.rst
@@ -0,0 +1,53 @@
+cdist-type__debconf_set_selections(7)
+=====================================
+
+NAME
+----
+cdist-type__debconf_set_selections - Setup debconf selections
+
+
+DESCRIPTION
+-----------
+On Debian and alike systems debconf-set-selections(1) can be used
+to setup configuration parameters.
+
+
+REQUIRED PARAMETERS
+-------------------
+file
+ Use the given filename as input for debconf-set-selections(1)
+ If filename is "-", read from stdin.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Setup configuration for nslcd
+ __debconf_set_selections nslcd --file /path/to/file
+
+ # Setup configuration for nslcd from another type
+ __debconf_set_selections nslcd --file "$__type/files/preseed/nslcd"
+
+ __debconf_set_selections nslcd --file - << eof
+ gitolite gitolite/gituser string git
+ eof
+
+
+SEE ALSO
+--------
+:strong:`debconf-set-selections`\ (1), :strong:`cdist-type__update_alternatives`\ (7)
+
+
+AUTHORS
+-------
+Nico Schottelius
+
+
+COPYING
+-------
+Copyright \(C) 2011-2014 Nico Schottelius. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__debconf_set_selections/man.text b/cdist/conf/type/__debconf_set_selections/man.text
deleted file mode 100644
index b6b2ad18..00000000
--- a/cdist/conf/type/__debconf_set_selections/man.text
+++ /dev/null
@@ -1,43 +0,0 @@
-cdist-type__debconf_set_selections(7)
-=====================================
-Nico Schottelius
-
-
-NAME
-----
-cdist-type__debconf_set_selections - Setup debconf selections
-
-
-DESCRIPTION
------------
-On Debian and alike systems debconf-set-selections(1) can be used
-to setup configuration parameters.
-
-
-REQUIRED PARAMETERS
--------------------
-file::
- If supplied, use the given filename as input for debconf-set-selections(1)
-
-
-EXAMPLES
---------
-
---------------------------------------------------------------------------------
-# Setup configuration for nslcd
-__debconf_set_selections nslcd --file /path/to/file
-
-# Setup configuration for nslcd from another type
-__debconf_set_selections nslcd --file "$__type/files/preseed/nslcd"
---------------------------------------------------------------------------------
-
-
-SEE ALSO
---------
-- cdist-type(7)
-
-
-COPYING
--------
-Copyright \(C) 2011 Nico Schottelius. Free use of this software is
-granted under the terms of the GNU General Public License version 3 (GPLv3).
diff --git a/cdist/conf/type/__directory/explorer/stat b/cdist/conf/type/__directory/explorer/stat
new file mode 100755
index 00000000..03d466ba
--- /dev/null
+++ b/cdist/conf/type/__directory/explorer/stat
@@ -0,0 +1,78 @@
+#!/bin/sh
+#
+# 2013 Steven Armstrong (steven-cdist armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+destination="/$__object_id"
+
+# nothing to work with, nothing we could do
+[ -e "$destination" ] || exit 0
+
+os=$("$__explorer/os")
+case "$os" in
+ "freebsd"|"netbsd"|"openbsd"|"macosx")
+ stat -f "type: %HT
+owner: %Du %Su
+group: %Dg %Sg
+mode: %Lp %Sp
+" "$destination" | awk '/^type/ { print tolower($0); next; } { print; }'
+ ;;
+ alpine)
+ stat -c "type: %F
+owner: %u %U
+group: %g %G
+mode: %a %A
+" "$destination"
+ ;;
+ solaris)
+ ls1="$( ls -ld "$destination" )"
+ ls2="$( ls -ldn "$destination" )"
+
+ if [ -f "$__object/parameter/mode" ]
+ then mode_should="$( cat "$__object/parameter/mode" )"
+ fi
+
+ # yes, it is ugly hack, but if you know better way...
+ if [ -z "$( find "$destination" -perm "$mode_should" )" ]
+ then octets=888
+ else octets="$( echo "$mode_should" | sed 's/^0//' )"
+ fi
+
+ case "$( echo "$ls1" | cut -c1-1 )" in
+ -) echo 'type: regular file' ;;
+ d) echo 'type: directory' ;;
+ esac
+
+ echo "owner: $( echo "$ls2" \
+ | awk '{print $3}' ) $( echo "$ls1" \
+ | awk '{print $3}' )"
+
+ echo "group: $( echo "$ls2" \
+ | awk '{print $4}' ) $( echo "$ls1" \
+ | awk '{print $4}' )"
+
+ echo "mode: $octets $( echo "$ls1" | awk '{print $1}' )"
+ ;;
+ *)
+ stat --printf="type: %F
+owner: %u %U
+group: %g %G
+mode: %a %A
+" "$destination"
+ ;;
+esac
diff --git a/cdist/conf/type/__directory/explorer/type b/cdist/conf/type/__directory/explorer/type
new file mode 100755
index 00000000..e723047c
--- /dev/null
+++ b/cdist/conf/type/__directory/explorer/type
@@ -0,0 +1,33 @@
+#!/bin/sh
+#
+# 2013 Steven Armstrong (steven-cdist armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+destination="/$__object_id"
+
+if [ ! -e "$destination" ]; then
+ echo none
+elif [ -h "$destination" ]; then
+ echo symlink
+elif [ -f "$destination" ]; then
+ echo file
+elif [ -d "$destination" ]; then
+ echo directory
+else
+ echo unknown
+fi
diff --git a/cdist/conf/type/__directory/gencode-remote b/cdist/conf/type/__directory/gencode-remote
index 21f4c5b6..374db47a 100755
--- a/cdist/conf/type/__directory/gencode-remote
+++ b/cdist/conf/type/__directory/gencode-remote
@@ -1,6 +1,8 @@
-#!/bin/sh
+#!/bin/sh -e
#
-# 2011-2012 Nico Schottelius (nico-cdist at schottelius.org)
+# 2011-2013 Nico Schottelius (nico-cdist at schottelius.org)
+# 2013 Steven Armstrong (steven-cdist armstrong.cc)
+# 2014 Daniel Heule (hda at sfs.biz)
#
# This file is part of cdist.
#
@@ -18,42 +20,97 @@
# along with cdist. If not, see .
#
-state_should="present"
-[ -f "$__object/parameter/state" ] && state_should="$(cat "$__object/parameter/state")"
-state_is="$(cat "$__object/explorer/state")"
-[ "$state_should" = "$state_is" ] && exit 0
-
destination="/$__object_id"
+state_should="$(cat "$__object/parameter/state")"
+type="$(cat "$__object/explorer/type")"
+stat_file="$__object/explorer/stat"
+
+# variable to keep track if we have to set directory attributes
+set_attributes=
mkdiropt=""
[ -f "$__object/parameter/parents" ] && mkdiropt="-p"
+
recursive=""
-[ -f "$__object/parameter/recursive" ] && recursive="-R"
+if [ -f "$__object/parameter/recursive" ]; then
+ recursive="-R"
+ # need to allways set attributes when recursive is given
+ # as we don't want to check all subfolders/files
+ set_attributes=1
+fi
+
+get_current_value() {
+ if [ -s "$stat_file" ]; then
+ _name="$1"
+ _value="$2"
+ case "$_value" in
+ [0-9]*)
+ _index=2
+ ;;
+ *)
+ _index=3
+ ;;
+ esac
+ awk '/'"$_name"':/ { print $'$_index' }' "$stat_file"
+ unset _name _value _index
+ fi
+}
+
+set_group() {
+ echo "chgrp $recursive '$1' '$destination'"
+ echo "chgrp $recursive '$1'" >> "$__messages_out"
+}
+
+set_owner() {
+ echo "chown $recursive '$1' '$destination'"
+ echo "chown $recursive '$1'" >> "$__messages_out"
+}
+
+set_mode() {
+ echo "chmod $recursive '$1' '$destination'"
+ echo "chmod $recursive '$1'" >> "$__messages_out"
+}
case "$state_should" in
- present)
- echo mkdir $mkdiropt \"$destination\"
+ present)
+ if [ "$type" != "directory" ]; then
+ set_attributes=1
+ if [ "$type" != "none" ]; then
+ # our destination is not a directory, remove whatever is there
+ # and then create our directory and set all attributes
+ echo "rm -f '$destination'"
+ echo "remove non directory" >> "$__messages_out"
+ fi
+ echo "mkdir $mkdiropt '$destination'"
+ echo "create" >> "$__messages_out"
+ fi
- # Mode settings
- if [ -f "$__object/parameter/mode" ]; then
- echo chmod \"$(cat "$__object/parameter/mode")\" \"$destination\"
- fi
+ # Note: Mode - needs to happen last as a chown/chgrp can alter mode by
+ # clearing S_ISUID and S_ISGID bits (see chown(2))
+ for attribute in group owner mode; do
+ if [ -f "$__object/parameter/$attribute" ]; then
+ value_should="$(cat "$__object/parameter/$attribute")"
+ value_is="$(get_current_value "$attribute" "$value_should")"
- # Group
- if [ -f "$__object/parameter/group" ]; then
- echo chgrp $recursive \"$(cat "$__object/parameter/group")\" \"$destination\"
- fi
+ # change 0xxx format to xxx format => same as stat returns
+ if [ "$attribute" = mode ]; then
+ value_should="$(echo "$value_should" | sed 's/^0\(...\)/\1/')"
+ fi
- # Owner
- if [ -f "$__object/parameter/owner" ]; then
- echo chown $recursive \"$(cat "$__object/parameter/owner")\" \"$destination\"
+ if [ "$set_attributes" = 1 ] || [ "$value_should" != "$value_is" ]; then
+ "set_$attribute" "$value_should"
+ fi
+ fi
+ done
+ ;;
+ absent)
+ if [ "$type" = "directory" ]; then
+ echo "rm -rf '$destination'"
+ echo remove >> "$__messages_out"
fi
- ;;
- absent)
- echo rm -rf \"$destination\"
- ;;
- *)
- echo "Unknown state: $state_should" >&2
- exit 1
- ;;
+ ;;
+ *)
+ echo "Unknown state: $state_should" >&2
+ exit 1
+ ;;
esac
diff --git a/cdist/conf/type/__directory/man.rst b/cdist/conf/type/__directory/man.rst
new file mode 100644
index 00000000..74b00afe
--- /dev/null
+++ b/cdist/conf/type/__directory/man.rst
@@ -0,0 +1,101 @@
+cdist-type__directory(7)
+========================
+
+NAME
+----
+cdist-type__directory - Manage a directory
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to create or remove directories on the target.
+
+
+REQUIRED PARAMETERS
+-------------------
+None.
+
+
+OPTIONAL PARAMETERS
+-------------------
+state
+ 'present' or 'absent', defaults to 'present'
+
+group
+ Group to chgrp to.
+
+mode
+ Unix permissions, suitable for chmod.
+
+owner
+ User to chown to.
+
+
+BOOLEAN PARAMETERS
+------------------
+parents
+ Whether to create parents as well (mkdir -p behaviour).
+ Warning: all intermediate directory permissions default
+ to whatever mkdir -p does.
+
+ Usually this means root:root, 0700.
+
+recursive
+ If supplied the chgrp and chown call will run recursively.
+ This does *not* influence the behaviour of chmod.
+
+MESSAGES
+--------
+chgrp
+ Changed group membership
+chown
+ Changed owner
+chmod
+ Changed mode
+create
+ Empty directory was created
+remove
+ Directory exists, but state is absent, directory will be removed by generated code.
+remove non directory
+ Something other than a directory with the same name exists and was removed prior to create.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # A silly example
+ __directory /tmp/foobar
+
+ # Remove a directory
+ __directory /tmp/foobar --state absent
+
+ # Ensure /etc exists correctly
+ __directory /etc --owner root --group root --mode 0755
+
+ # Create nfs service directory, including parents
+ __directory /home/services/nfs --parents
+
+ # Change permissions recursively
+ __directory /home/services --recursive --owner root --group root
+
+ # Setup a temp directory
+ __directory /local --mode 1777
+
+ # Take it all
+ __directory /home/services/kvm --recursive --parents \
+ --owner root --group root --mode 0755 --state present
+
+
+AUTHORS
+-------
+Nico Schottelius
+
+
+COPYING
+-------
+Copyright \(C) 2011 Nico Schottelius. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__directory/man.text b/cdist/conf/type/__directory/man.text
deleted file mode 100644
index 1f4def7d..00000000
--- a/cdist/conf/type/__directory/man.text
+++ /dev/null
@@ -1,83 +0,0 @@
-cdist-type__directory(7)
-========================
-Nico Schottelius
-
-
-NAME
-----
-cdist-type__directory - Manage a directory
-
-
-DESCRIPTION
------------
-This cdist type allows you to create or remove directories on the target.
-
-
-REQUIRED PARAMETERS
--------------------
-None.
-
-
-OPTIONAL PARAMETERS
--------------------
-state::
- 'present' or 'absent', defaults to 'present'
-
-group::
- Group to chgrp to.
-
-mode::
- Unix permissions, suitable for chmod.
-
-owner::
- User to chown to.
-
-
-BOOLEAN PARAMETERS
-------------------
-parents::
- Whether to create parents as well (mkdir -p behaviour)
-
-recursive::
- If supplied the chgrp and chown call will run recursively.
- This does *not* influence the behaviour of chmod.
-
-
-EXAMPLES
---------
-
---------------------------------------------------------------------------------
-# A silly example
-__directory /tmp/foobar
-
-# Remove a directory
-__directory /tmp/foobar --state absent
-
-# Ensure /etc exists correctly
-__directory /etc --owner root --group root --mode 0755
-
-# Create nfs service directory, including parents
-__directory /home/services/nfs --parents
-
-# Change permissions recursively
-__directory /home/services --recursive --owner root --group root
-
-# Setup a temp directory
-__directory /local --mode 1777
-
-# Take it all
-__directory /home/services/kvm --recursive --parents \
- --owner root --group root --mode 0755 --state present
-
---------------------------------------------------------------------------------
-
-
-SEE ALSO
---------
-- cdist-type(7)
-
-
-COPYING
--------
-Copyright \(C) 2011 Nico Schottelius. Free use of this software is
-granted under the terms of the GNU General Public License version 3 (GPLv3).
diff --git a/cdist/conf/type/__directory/parameter/default/state b/cdist/conf/type/__directory/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__directory/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__docker/man.rst b/cdist/conf/type/__docker/man.rst
new file mode 100644
index 00000000..718543a8
--- /dev/null
+++ b/cdist/conf/type/__docker/man.rst
@@ -0,0 +1,55 @@
+cdist-type__docker(7)
+=====================
+
+NAME
+----
+cdist-type__docker - install Docker CE
+
+
+DESCRIPTION
+-----------
+Installs latest Docker Community Edition package.
+
+
+REQUIRED PARAMETERS
+-------------------
+None.
+
+
+OPTIONAL PARAMETERS
+-------------------
+state
+ 'present' or 'absent', defaults to 'present'
+version
+ The specific version to install. Defaults to the special value 'latest',
+ meaning the version the package manager will install by default.
+
+
+BOOLEAN PARAMETERS
+------------------
+None.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Install docker
+ __docker
+
+ # Remove docker
+ __docker --state absent
+
+ # Install specific version
+ __docker --state present --version 18.03.0.ce
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2016 Steven Armstrong. Free use of this software is
+granted under the terms of the GNU General Public License version 3 (GPLv3).
diff --git a/cdist/conf/type/__docker/manifest b/cdist/conf/type/__docker/manifest
new file mode 100755
index 00000000..6a57d85a
--- /dev/null
+++ b/cdist/conf/type/__docker/manifest
@@ -0,0 +1,109 @@
+#!/bin/sh -e
+#
+# 2016 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+
+os=$(cat "$__global/explorer/os")
+state=$(cat "$__object/parameter/state")
+version=$(cat "$__object/parameter/version")
+
+case "$os" in
+ centos)
+ # shellcheck source=/dev/null
+ if (. "$__global/explorer/os_release" && [ "${VERSION_ID}" = "7" ]); then
+ __yum_repo docker-ce-stable \
+ --name 'Docker CE Stable' \
+ --baseurl "https://download.docker.com/linux/centos/7/\$basearch/stable" \
+ --enabled \
+ --gpgcheck 1 \
+ --gpgkey 'https://download.docker.com/linux/centos/gpg' \
+ --state "${state}"
+ if [ "$version" != "latest" ]; then
+ require="__yum_repo/docker-ce-stable" __package docker-ce --version "${version}" --state "${state}"
+ else
+ require="__yum_repo/docker-ce-stable" __package docker-ce --state "${state}"
+ fi
+ else
+ echo "CentOS version 7 is required!" >&2
+ exit 1
+ fi
+ ;;
+ ubuntu|debian)
+ if [ "${state}" = "present" ]; then
+ __package apt-transport-https
+ __package ca-certificates
+ __package gnupg2
+ fi
+ __apt_key_uri docker --name "Docker Release (CE deb) " \
+ --uri "https://download.docker.com/linux/${os}/gpg" --state "${state}"
+
+ require="__apt_key_uri/docker" __apt_source docker \
+ --uri "https://download.docker.com/linux/${os}" \
+ --distribution "$(cat "$__global/explorer/lsb_codename")" \
+ --state "${state}" \
+ --component "stable"
+ if [ "$version" != "latest" ]; then
+ require="__apt_source/docker" __package docker-ce --version "${version}" --state "${state}"
+ else
+ require="__apt_source/docker" __package docker-ce --state "${state}"
+ fi
+ ;;
+ devuan)
+ os_version="$(cat "$__global/explorer/os_version")"
+
+ case "$os_version" in
+ ascii)
+ distribution="stretch"
+ ;;
+ jessie)
+ distribution="jessie"
+ ;;
+ *)
+ echo "Your devuan release ($os_version) is currently not supported by this type (${__type##*/}).">&2
+ echo "Please contribute an implementation for it if you can." >&2
+ exit 1
+ ;;
+ esac
+
+ if [ "${state}" = "present" ]; then
+ __package apt-transport-https
+ __package ca-certificates
+ __package gnupg2
+ fi
+ __apt_key_uri docker --name "Docker Release (CE deb) " \
+ --uri "https://download.docker.com/linux/${os}/gpg" --state "${state}"
+
+ require="__apt_key_uri/docker" __apt_source docker \
+ --uri "https://download.docker.com/linux/${os}" \
+ --distribution "${distribution}" \
+ --state "${state}" \
+ --component "stable"
+ if [ "$version" != "latest" ]; then
+ require="__apt_source/docker" __package docker-ce --version "${version}" --state "${state}"
+ else
+ require="__apt_source/docker" __package docker-ce --state "${state}"
+ fi
+
+ ;;
+ *)
+ echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2
+ echo "Please contribute an implementation for it if you can." >&2
+ exit 1
+ ;;
+esac
diff --git a/cdist/conf/type/__docker/parameter/default/state b/cdist/conf/type/__docker/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__docker/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__docker/parameter/default/version b/cdist/conf/type/__docker/parameter/default/version
new file mode 100644
index 00000000..a0f9a4b4
--- /dev/null
+++ b/cdist/conf/type/__docker/parameter/default/version
@@ -0,0 +1 @@
+latest
diff --git a/cdist/conf/type/__docker/parameter/optional b/cdist/conf/type/__docker/parameter/optional
new file mode 100644
index 00000000..4d595ed7
--- /dev/null
+++ b/cdist/conf/type/__docker/parameter/optional
@@ -0,0 +1,2 @@
+state
+version
diff --git a/cdist/test/object/fixtures/object/__third/moon/.cdist/.keep b/cdist/conf/type/__docker/singleton
similarity index 100%
rename from cdist/test/object/fixtures/object/__third/moon/.cdist/.keep
rename to cdist/conf/type/__docker/singleton
diff --git a/cdist/conf/type/__docker_compose/gencode-remote b/cdist/conf/type/__docker_compose/gencode-remote
new file mode 100755
index 00000000..77fc2fdf
--- /dev/null
+++ b/cdist/conf/type/__docker_compose/gencode-remote
@@ -0,0 +1,32 @@
+#!/bin/sh -e
+#
+# 2016 Dominique Roux (dominique.roux at ungleich.ch)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+# Variables
+version="$(cat "$__object/parameter/version")"
+state="$(cat "$__object/parameter/state")"
+
+if [ "${state}" = "present" ]; then
+ # Download docker-compose file
+ #shellcheck disable=SC2016
+ echo 'curl -L "https://github.com/docker/compose/releases/download/'"${version}"'/docker-compose-$(uname -s)-$(uname -m)" -o /tmp/docker-compose'
+ echo 'mv /tmp/docker-compose /usr/local/bin/docker-compose'
+ # Change permissions
+ echo 'chmod +x /usr/local/bin/docker-compose'
+fi
diff --git a/cdist/conf/type/__docker_compose/man.rst b/cdist/conf/type/__docker_compose/man.rst
new file mode 100644
index 00000000..7386e737
--- /dev/null
+++ b/cdist/conf/type/__docker_compose/man.rst
@@ -0,0 +1,58 @@
+cdist-type__docker_compose(7)
+=============================
+
+NAME
+----
+cdist-type__docker_compose - install docker-compose
+
+
+DESCRIPTION
+-----------
+Installs docker-compose package.
+State 'absent' will not remove docker binary itself,
+only docker-compose binary will be removed
+
+
+REQUIRED PARAMETERS
+-------------------
+None.
+
+
+OPTIONAL PARAMETERS
+-------------------
+version
+ Define docker_compose version, defaults to "1.9.0"
+
+state
+ 'present' or 'absent', defaults to 'present'
+
+
+BOOLEAN PARAMETERS
+------------------
+None.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Install docker-compose
+ __docker_compose
+
+ # Install version 1.9.0-rc4
+ __docker_compose --version 1.9.0-rc4
+
+ # Remove docker-compose
+ __docker_compose --state absent
+
+
+AUTHORS
+-------
+Dominique Roux
+
+
+COPYING
+-------
+Copyright \(C) 2016 Dominique Roux. Free use of this software is
+granted under the terms of the GNU General Public License version 3 or later (GPLv3+).
diff --git a/cdist/conf/type/__docker_compose/manifest b/cdist/conf/type/__docker_compose/manifest
new file mode 100755
index 00000000..f7de3a76
--- /dev/null
+++ b/cdist/conf/type/__docker_compose/manifest
@@ -0,0 +1,33 @@
+#!/bin/sh -e
+#
+# 2016 Dominique Roux (dominique.roux at ungleich.ch)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+
+state="$(cat "$__object/parameter/state")"
+
+# Needed packages
+if [ "${state}" = "present" ]; then
+ __docker
+ __package curl
+elif [ "${state}" = "absent" ]; then
+ __file /usr/local/bin/docker-compose --state absent
+else
+ echo "Unknown state: ${state}" >&2
+ exit 1
+fi
diff --git a/cdist/conf/type/__docker_compose/parameter/default/state b/cdist/conf/type/__docker_compose/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__docker_compose/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__docker_compose/parameter/default/version b/cdist/conf/type/__docker_compose/parameter/default/version
new file mode 100644
index 00000000..850e7424
--- /dev/null
+++ b/cdist/conf/type/__docker_compose/parameter/default/version
@@ -0,0 +1 @@
+1.14.0
diff --git a/cdist/conf/type/__docker_compose/parameter/optional b/cdist/conf/type/__docker_compose/parameter/optional
new file mode 100644
index 00000000..4d595ed7
--- /dev/null
+++ b/cdist/conf/type/__docker_compose/parameter/optional
@@ -0,0 +1,2 @@
+state
+version
diff --git a/cdist/test/object/fixtures/type/__first/.keep b/cdist/conf/type/__docker_compose/singleton
similarity index 100%
rename from cdist/test/object/fixtures/type/__first/.keep
rename to cdist/conf/type/__docker_compose/singleton
diff --git a/cdist/conf/type/__docker_config/explorer/config-data b/cdist/conf/type/__docker_config/explorer/config-data
new file mode 100755
index 00000000..b4bb0e11
--- /dev/null
+++ b/cdist/conf/type/__docker_config/explorer/config-data
@@ -0,0 +1,22 @@
+#!/bin/sh -e
+#
+# 2018 Ľubomír Kučera
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+docker config inspect "${__object_id:?}" --format '{{json .Spec.Data}}' \
+ 2>/dev/null | tr -d '"' | base64 -d
diff --git a/cdist/conf/type/__docker_config/explorer/config-exists b/cdist/conf/type/__docker_config/explorer/config-exists
new file mode 100755
index 00000000..58c207d4
--- /dev/null
+++ b/cdist/conf/type/__docker_config/explorer/config-exists
@@ -0,0 +1,25 @@
+#!/bin/sh -e
+#
+# 2018 Ľubomír Kučera
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+if docker config ls | grep -q " ${__object_id:?} "; then
+ echo yes
+else
+ echo no
+fi
diff --git a/cdist/conf/type/__docker_config/gencode-remote b/cdist/conf/type/__docker_config/gencode-remote
new file mode 100755
index 00000000..65497b7e
--- /dev/null
+++ b/cdist/conf/type/__docker_config/gencode-remote
@@ -0,0 +1,69 @@
+#!/bin/sh -e
+#
+# 2018 Ľubomír Kučera
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+config="${__object_id:?}"
+config_exists=$(cat "${__object:?}/explorer/config-exists")
+state=$(cat "${__object:?}/parameter/state")
+
+case "${state}" in
+ absent)
+ if [ "${config_exists}" != "yes" ]; then
+ exit 0
+ fi
+
+ echo "docker config rm \"${config}\""
+ ;;
+ present)
+ source=$(cat "${__object}/parameter/source")
+
+ if [ -z "${source}" ]; then
+ exit 0
+ fi
+
+ if [ "${source}" = "-" ]; then
+ source="${__object}/stdin"
+ fi
+
+ if [ "${config_exists}" = "yes" ]; then
+ if cmp -s "${source}" "${__object}/explorer/config-data"; then
+ exit 0
+ else
+ echo "docker config rm \"${config}\""
+ fi
+ fi
+
+ cat <<-EOF
+ source_file="\$(mktemp cdist.XXXXXXXXXX)"
+
+ base64 -d > "\${source_file}" << eof
+ $(base64 "${source}")
+ eof
+
+ docker config create "${config}" "\${source_file}"
+
+ rm "\${source_file}"
+ EOF
+ ;;
+ *)
+ echo "Unsupported state: ${state}" >&2
+
+ exit 1
+ ;;
+esac
diff --git a/cdist/conf/type/__docker_config/man.rst b/cdist/conf/type/__docker_config/man.rst
new file mode 100644
index 00000000..7c74c8af
--- /dev/null
+++ b/cdist/conf/type/__docker_config/man.rst
@@ -0,0 +1,55 @@
+cdist-type__docker_config(7)
+============================
+
+NAME
+----
+
+cdist-type__docker_config - Manage Docker configs
+
+DESCRIPTION
+-----------
+
+This type manages Docker configs.
+
+OPTIONAL PARAMETERS
+-------------------
+
+source
+ Path to the source file. If it is '-' (dash), read standard input.
+
+state
+ 'present' or 'absent', defaults to 'present' where:
+
+ present
+ if the config does not exist, it is created
+ absent
+ the config is removed
+
+CAVEATS
+-------
+
+Since Docker configs cannot be updated once created, this type tries removing
+and recreating the config if it changes. If the config is used by a service at
+the time of removing, then this type will fail.
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Creates "foo" config from "bar" source file
+ __docker_config foo --source bar
+
+
+AUTHORS
+-------
+
+Ľubomír Kučera
+
+COPYING
+-------
+
+Copyright \(C) 2018 Ľubomír Kučera. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/test/object/fixtures/type/__second/.keep b/cdist/conf/type/__docker_config/parameter/default/source
similarity index 100%
rename from cdist/test/object/fixtures/type/__second/.keep
rename to cdist/conf/type/__docker_config/parameter/default/source
diff --git a/cdist/conf/type/__docker_config/parameter/default/state b/cdist/conf/type/__docker_config/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__docker_config/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__docker_config/parameter/optional b/cdist/conf/type/__docker_config/parameter/optional
new file mode 100644
index 00000000..d77f3048
--- /dev/null
+++ b/cdist/conf/type/__docker_config/parameter/optional
@@ -0,0 +1,2 @@
+source
+state
diff --git a/cdist/conf/type/__docker_secret/explorer/secret-exists b/cdist/conf/type/__docker_secret/explorer/secret-exists
new file mode 100755
index 00000000..1405f8bc
--- /dev/null
+++ b/cdist/conf/type/__docker_secret/explorer/secret-exists
@@ -0,0 +1,25 @@
+#!/bin/sh -e
+#
+# 2018 Ľubomír Kučera
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+if docker secret ls | grep -q " ${__object_id:?} "; then
+ echo yes
+else
+ echo no
+fi
diff --git a/cdist/conf/type/__docker_secret/gencode-remote b/cdist/conf/type/__docker_secret/gencode-remote
new file mode 100755
index 00000000..c75e91d9
--- /dev/null
+++ b/cdist/conf/type/__docker_secret/gencode-remote
@@ -0,0 +1,65 @@
+#!/bin/sh -e
+#
+# 2018 Ľubomír Kučera
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+secret="${__object_id:?}"
+secret_exists=$(cat "${__object:?}/explorer/secret-exists")
+state=$(cat "${__object:?}/parameter/state")
+
+case "${state}" in
+ absent)
+ if [ "${secret_exists}" != "yes" ]; then
+ exit 0
+ fi
+
+ echo "docker secret rm ${secret}"
+ ;;
+ present)
+ if [ "${secret_exists}" = "yes" ]; then
+ exit 0
+ fi
+
+ source=$(cat "${__object}/parameter/source")
+
+ if [ -z "${source}" ]; then
+ exit 0
+ fi
+
+ if [ "${source}" = "-" ]; then
+ source="${__object}/stdin"
+ fi
+
+ cat <<-EOF
+ source_file="\$(mktemp cdist.XXXXXXXXXX)"
+
+ base64 -d > "\${source_file}" << eof
+ $(base64 "${source}")
+ eof
+
+ docker secret create "${secret}" "\${source_file}"
+
+ rm "\${source_file}"
+ EOF
+ ;;
+ *)
+ echo "Unsupported state: ${state}" >&2
+
+ exit 1
+ ;;
+esac
diff --git a/cdist/conf/type/__docker_secret/man.rst b/cdist/conf/type/__docker_secret/man.rst
new file mode 100644
index 00000000..7fe69623
--- /dev/null
+++ b/cdist/conf/type/__docker_secret/man.rst
@@ -0,0 +1,54 @@
+cdist-type__docker_secret(7)
+============================
+
+NAME
+----
+
+cdist-type__docker_secret - Manage Docker secrets
+
+DESCRIPTION
+-----------
+
+This type manages Docker secrets.
+
+OPTIONAL PARAMETERS
+-------------------
+
+source
+ Path to the source file. If it is '-' (dash), read standard input.
+
+state
+ 'present' or 'absent', defaults to 'present' where:
+
+ present
+ if the secret does not exist, it is created
+ absent
+ the secret is removed
+
+CAVEATS
+-------
+
+Since Docker secrets cannot be updated once created, this type takes no action
+if the specified secret already exists.
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Creates "foo" secret from "bar" source file
+ __docker_secret foo --source bar
+
+
+AUTHORS
+-------
+
+Ľubomír Kučera
+
+COPYING
+-------
+
+Copyright \(C) 2018 Ľubomír Kučera. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/test/object/fixtures/type/__third/.keep b/cdist/conf/type/__docker_secret/parameter/default/source
similarity index 100%
rename from cdist/test/object/fixtures/type/__third/.keep
rename to cdist/conf/type/__docker_secret/parameter/default/source
diff --git a/cdist/conf/type/__docker_secret/parameter/default/state b/cdist/conf/type/__docker_secret/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__docker_secret/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__docker_secret/parameter/optional b/cdist/conf/type/__docker_secret/parameter/optional
new file mode 100644
index 00000000..d77f3048
--- /dev/null
+++ b/cdist/conf/type/__docker_secret/parameter/optional
@@ -0,0 +1,2 @@
+source
+state
diff --git a/cdist/conf/type/__docker_stack/explorer/stack-exists b/cdist/conf/type/__docker_stack/explorer/stack-exists
new file mode 100755
index 00000000..4f511821
--- /dev/null
+++ b/cdist/conf/type/__docker_stack/explorer/stack-exists
@@ -0,0 +1,25 @@
+#!/bin/sh -e
+#
+# 2018 Ľubomír Kučera
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+if docker stack ls | grep -q "^${__object_id:?} "; then
+ echo 1
+else
+ echo 0
+fi
diff --git a/cdist/conf/type/__docker_stack/gencode-remote b/cdist/conf/type/__docker_stack/gencode-remote
new file mode 100755
index 00000000..586271d0
--- /dev/null
+++ b/cdist/conf/type/__docker_stack/gencode-remote
@@ -0,0 +1,63 @@
+#!/bin/sh -e
+#
+# 2018 Ľubomír Kučera
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+stack="${__object_id:?}"
+state=$(cat "${__object:?}/parameter/state")
+
+case "${state}" in
+ absent)
+ stack_exists=$(cat "${__object:?}/explorer/stack-exists")
+
+ if [ "${stack_exists}" -ne 1 ]; then
+ exit 0
+ fi
+
+ echo "docker stack rm ${stack}"
+ ;;
+ present)
+ compose_file=$(cat "${__object}/parameter/compose-file")
+
+ if [ -z "${compose_file}" ]; then
+ exit 0
+ fi
+
+ if [ "${compose_file}" = "-" ]; then
+ compose_file="${__object}/stdin"
+ fi
+
+ cat <<-EOF
+ compose_file="\$(mktemp cdist.XXXXXXXXXX)"
+
+ base64 -d > "\${compose_file}" << eof
+ $(base64 "${compose_file}")
+ eof
+
+ docker stack deploy --compose-file "\${compose_file}" \
+ --prune --with-registry-auth ${stack}
+
+ rm "\${compose_file}"
+ EOF
+ ;;
+ *)
+ echo "Unsupported state: ${state}" >&2
+
+ exit 1
+ ;;
+esac
diff --git a/cdist/conf/type/__docker_stack/man.rst b/cdist/conf/type/__docker_stack/man.rst
new file mode 100644
index 00000000..d0597c25
--- /dev/null
+++ b/cdist/conf/type/__docker_stack/man.rst
@@ -0,0 +1,54 @@
+cdist-type__docker_stack(7)
+===========================
+
+NAME
+----
+
+cdist-type__docker_stack - Manage Docker stacks
+
+DESCRIPTION
+-----------
+
+This type manages service stacks.
+
+.. note::
+ Since there is no easy way to tell whether a stack needs to be updated,
+ `docker stack deploy` is being run every time this type is invoked.
+ However, it does not mean this type is not idempotent. If Docker does not
+ detect changes, the existing stack will not be updated.
+
+OPTIONAL PARAMETERS
+-------------------
+
+compose-file
+ Path to the compose file. If it is '-' (dash), read standard input.
+
+state
+ 'present' or 'absent', defaults to 'present' where:
+
+ present
+ the stack is deployed
+ absent
+ the stack is removed
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Deploys 'foo' stack defined in 'docker-compose.yml' compose file
+ __docker_stack foo --compose-file docker-compose.yml
+
+
+AUTHORS
+-------
+
+Ľubomír Kučera
+
+COPYING
+-------
+
+Copyright \(C) 2018 Ľubomír Kučera. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/test/resolver/fixtures/object/__first/.keep b/cdist/conf/type/__docker_stack/parameter/default/compose-file
similarity index 100%
rename from cdist/test/resolver/fixtures/object/__first/.keep
rename to cdist/conf/type/__docker_stack/parameter/default/compose-file
diff --git a/cdist/conf/type/__docker_stack/parameter/default/state b/cdist/conf/type/__docker_stack/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__docker_stack/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__docker_stack/parameter/optional b/cdist/conf/type/__docker_stack/parameter/optional
new file mode 100644
index 00000000..b3457bd3
--- /dev/null
+++ b/cdist/conf/type/__docker_stack/parameter/optional
@@ -0,0 +1,2 @@
+compose-file
+state
diff --git a/cdist/conf/type/__docker_swarm/explorer/swarm-state b/cdist/conf/type/__docker_swarm/explorer/swarm-state
new file mode 100755
index 00000000..2c9fd598
--- /dev/null
+++ b/cdist/conf/type/__docker_swarm/explorer/swarm-state
@@ -0,0 +1,21 @@
+#!/bin/sh -e
+#
+# 2018 Ľubomír Kučera
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+docker info 2>/dev/null | grep '^ *Swarm: ' | awk '{print $2}'
diff --git a/cdist/conf/type/__docker_swarm/gencode-remote b/cdist/conf/type/__docker_swarm/gencode-remote
new file mode 100755
index 00000000..4b199a02
--- /dev/null
+++ b/cdist/conf/type/__docker_swarm/gencode-remote
@@ -0,0 +1,46 @@
+#!/bin/sh -e
+#
+# 2018 Ľubomír Kučera
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+state=$(cat "${__object:?}/parameter/state")
+swarm_state="$(cat "${__object}/explorer/swarm-state")"
+
+if [ -z "${swarm_state}" ]; then
+ echo "Unable to determine Swarm state. Is compatible version of Docker installed?" >&2
+
+ exit 1
+fi
+
+case "${state}" in
+ absent)
+ if [ "${swarm_state}" = "active" ]; then
+ echo "docker swarm leave --force"
+ fi
+ ;;
+ present)
+ if [ "${swarm_state}" = "inactive" ]; then
+ echo "docker swarm init"
+ fi
+ ;;
+ *)
+ echo "Unsupported state: ${state}" >&2
+
+ exit 1
+ ;;
+esac
diff --git a/cdist/conf/type/__docker_swarm/man.rst b/cdist/conf/type/__docker_swarm/man.rst
new file mode 100644
index 00000000..4dc408f0
--- /dev/null
+++ b/cdist/conf/type/__docker_swarm/man.rst
@@ -0,0 +1,49 @@
+cdist-type__docker_swarm(7)
+===========================
+
+NAME
+----
+
+cdist-type__docker_swarm - Manage Swarm
+
+DESCRIPTION
+-----------
+
+This type can initialize Docker swarm mode. For more information about swarm
+mode, see `Swarm mode overview `_.
+
+OPTIONAL PARAMETERS
+-------------------
+
+state
+ 'present' or 'absent', defaults to 'present' where:
+
+ present
+ Swarm is initialized
+ absent
+ Swarm is left
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Initializes a swarm
+ __docker_swarm
+
+ # Leaves a swarm
+ __docker_swarm --state absent
+
+
+AUTHORS
+-------
+
+Ľubomír Kučera
+
+COPYING
+-------
+
+Copyright \(C) 2018 Ľubomír Kučera. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__docker_swarm/parameter/default/state b/cdist/conf/type/__docker_swarm/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__docker_swarm/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__pf_ruleset/parameter/required b/cdist/conf/type/__docker_swarm/parameter/optional
similarity index 100%
rename from cdist/conf/type/__pf_ruleset/parameter/required
rename to cdist/conf/type/__docker_swarm/parameter/optional
diff --git a/cdist/test/resolver/fixtures/object/__first/child/.cdist/.keep b/cdist/conf/type/__docker_swarm/singleton
similarity index 100%
rename from cdist/test/resolver/fixtures/object/__first/child/.cdist/.keep
rename to cdist/conf/type/__docker_swarm/singleton
diff --git a/cdist/conf/type/__dog_vdi/explorer/list b/cdist/conf/type/__dog_vdi/explorer/list
new file mode 100755
index 00000000..856c86fc
--- /dev/null
+++ b/cdist/conf/type/__dog_vdi/explorer/list
@@ -0,0 +1,23 @@
+#!/bin/sh
+#
+# 2014 Nico Schottelius (nico-cdist at schottelius.org)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+name="$__object_id"
+
+dog vdi list -r "$name"
diff --git a/cdist/conf/type/__dog_vdi/gencode-remote b/cdist/conf/type/__dog_vdi/gencode-remote
new file mode 100755
index 00000000..9d49506c
--- /dev/null
+++ b/cdist/conf/type/__dog_vdi/gencode-remote
@@ -0,0 +1,42 @@
+#!/bin/sh -e
+#
+# 2014 Nico Schottelius (nico-cdist at schottelius.org)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+state_should="$(cat "$__object/parameter/state")"
+num_vdi_lines=$(wc -l < "$__object/explorer/list")
+name="$__object_id"
+
+
+if [ "$num_vdi_lines" = 1 ]; then
+ state_is=present
+else
+ state_is=absent
+fi
+
+[ "$state_is" = "$state_should" ] && exit 0
+
+case "$state_should" in
+ present)
+ size="$(cat "$__object/parameter/size")"
+ echo "dog vdi create '$name' '$size'"
+ ;;
+ absent)
+ echo "dog vdi delete '$name'"
+ ;;
+esac
diff --git a/cdist/conf/type/__dog_vdi/man.rst b/cdist/conf/type/__dog_vdi/man.rst
new file mode 100644
index 00000000..4be1920d
--- /dev/null
+++ b/cdist/conf/type/__dog_vdi/man.rst
@@ -0,0 +1,59 @@
+cdist-type__dog_vdi(7)
+======================
+
+NAME
+----
+cdist-type__dog_vdi - Manage Sheepdog VM images
+
+
+DESCRIPTION
+-----------
+The dog program is used to create images for sheepdog
+to be used in qemu.
+
+
+OPTIONAL PARAMETERS
+-------------------
+state
+ Either "present" or "absent", defaults to "present"
+size
+ Size of the image in "dog vdi" compatible units.
+
+ Required if state is "present".
+
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Create a 50G size image
+ __dog_vdi nico-privat.sky.ungleich.ch --size 50G
+
+ # Create a 50G size image (more explicit)
+ __dog_vdi nico-privat.sky.ungleich.ch --size 50G --state present
+
+ # Remove image
+ __dog_vdi nico-privat.sky.ungleich.ch --state absent
+
+ # Remove image - keeping --size is ok
+ __dog_vdi nico-privat.sky.ungleich.ch --size 50G --state absent
+
+
+SEE ALSO
+--------
+:strong:`qemu`\ (1), :strong:`dog`\ (8)
+
+
+AUTHORS
+-------
+Nico Schottelius
+
+
+COPYING
+-------
+Copyright \(C) 2014 Nico Schottelius. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__dog_vdi/manifest b/cdist/conf/type/__dog_vdi/manifest
new file mode 100755
index 00000000..869bdede
--- /dev/null
+++ b/cdist/conf/type/__dog_vdi/manifest
@@ -0,0 +1,37 @@
+#!/bin/sh -e
+#
+# 2014 Nico Schottelius (nico-cdist at schottelius.org)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+state_should="$(cat "$__object/parameter/state")"
+
+case "$state_should" in
+ present)
+ if [ ! -f "$__object/parameter/size" ]; then
+ echo "Size is required when state is present" >&2
+ exit 1
+ fi
+ ;;
+ absent)
+ :
+ ;;
+ *)
+ echo "Unsupported state: $state_should" >&2
+ exit 1
+ ;;
+esac
diff --git a/cdist/conf/type/__dog_vdi/parameter/default/state b/cdist/conf/type/__dog_vdi/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__dog_vdi/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__dog_vdi/parameter/optional b/cdist/conf/type/__dog_vdi/parameter/optional
new file mode 100644
index 00000000..c3ac4490
--- /dev/null
+++ b/cdist/conf/type/__dog_vdi/parameter/optional
@@ -0,0 +1,2 @@
+state
+size
diff --git a/cdist/conf/type/__dot_file/explorer/home b/cdist/conf/type/__dot_file/explorer/home
new file mode 100755
index 00000000..08d941bf
--- /dev/null
+++ b/cdist/conf/type/__dot_file/explorer/home
@@ -0,0 +1,27 @@
+#!/bin/sh
+# Copyright (C) 2016 Dmitry Bogatov
+
+# Author: Dmitry Bogatov
+
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 3
+# of the License, or (at your option) any later version.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see .
+set -eu
+
+user="$(cat "${__object}/parameter/user")"
+
+if command -v getent >/dev/null 2>&1; then
+ line=$(getent passwd "${user}")
+else
+ line=$(grep "^${user}:" /etc/passwd)
+fi
+printf '%s' "$line" | cut -d: -f6
diff --git a/cdist/conf/type/__dot_file/explorer/primary_group b/cdist/conf/type/__dot_file/explorer/primary_group
new file mode 100755
index 00000000..30b303ac
--- /dev/null
+++ b/cdist/conf/type/__dot_file/explorer/primary_group
@@ -0,0 +1,21 @@
+#!/bin/sh
+# Copyright (C) 2016 Dmitry Bogatov
+
+# Author: Dmitry Bogatov
+
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 3
+# of the License, or (at your option) any later version.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see .
+set -eu
+
+user="$(cat "${__object}/parameter/user")"
+id -gn "${user}"
diff --git a/cdist/conf/type/__dot_file/man.rst b/cdist/conf/type/__dot_file/man.rst
new file mode 100644
index 00000000..ae65eb95
--- /dev/null
+++ b/cdist/conf/type/__dot_file/man.rst
@@ -0,0 +1,71 @@
+cdist-type__dot_file(7)
+========================
+
+NAME
+----
+
+cdist-type__dot_file - install file under user's home directory
+
+DESCRIPTION
+-----------
+
+This type installs a file (=\ *__object_id*) under user's home directory,
+providing a way to install per-user configuration files. File owner
+and group is deduced from user, for who file is installed.
+
+Unlike regular __file type, you do not need make any assumptions,
+where user's home directory is.
+
+REQUIRED PARAMETERS
+-------------------
+
+user
+ User, for who file is installed
+
+OPTIONAL PARAMETERS
+-------------------
+
+mode
+ forwarded to :strong:`__file` type
+
+state
+ forwarded to :strong:`__file` type
+
+source
+ forwarded to :strong:`__file` type
+
+MESSAGES
+--------
+
+This type inherits all messages from :strong:`file` type, and do not add
+any new.
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Install .forward file for user 'alice'. Since state is 'present',
+ # user is not meant to edit this file, all changes will be overridden.
+ # It is good idea to put warning about it in file itself.
+ __dot_file .forward --user alice --source "$__files/forward"
+
+ # Install .muttrc for user 'bob', if not already present. User can safely
+ # edit it, his changes will not be overwritten.
+ __dot_file .muttrc --user bob --source "$__files/recommended_mutt_config" --state exists
+
+
+ # Install default xmonad config for user 'eve'. Parent directory is created automatically.
+ __dot_file .xmonad/xmonad.hs --user eve --state exists --source "$__files/xmonad.hs"
+
+SEE ALSO
+--------
+
+**cdist-type__file**\ (7)
+
+COPYING
+-------
+
+Copyright (C) 2015 Dmitry Bogatov. Free use of this software is granted
+under the terms of the GNU General Public License version 3 or later
+(GPLv3+).
diff --git a/cdist/conf/type/__dot_file/manifest b/cdist/conf/type/__dot_file/manifest
new file mode 100755
index 00000000..5e4957e5
--- /dev/null
+++ b/cdist/conf/type/__dot_file/manifest
@@ -0,0 +1,65 @@
+#!/bin/sh -e
+#
+# Copyright (C) 2016 Bogatov Dmitry
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see .
+set -eu
+
+user="$(cat "${__object}/parameter/user")"
+home="$(cat "${__object}/explorer/home")"
+primary_group="$(cat "${__object}/explorer/primary_group")"
+
+# Create parent directory. Type __directory has flag 'parents', but it
+# will leave us with root-owned directory in user home, which is not
+# acceptable. So we create parent directories one-by-one. XXX: maybe
+# it should be fixed in '__directory'?
+set --
+subpath=${__object_id}
+while subpath="$(dirname "${subpath}")" ; do
+ [ "${subpath}" = . ] && break
+ set -- "${subpath}" "$@"
+done
+unset subpath
+
+export CDIST_ORDER_DEPENDENCY
+for dir ; do
+ __directory "${home}/${dir}" \
+ --group "${primary_group}" \
+ --owner "${user}"
+done
+
+# These parameters are forwarded to __file type. 'mode' is always
+# present, since it have been given default.
+
+set --
+for p in state mode source ; do
+ if [ -f "${__object}/parameter/${p}" ] ; then
+ value="$(cat "${__object}/parameter/${p}")"
+ set -- "$@" "--${p}" "${value}"
+ unset value
+ fi
+done
+
+# If source is `-' we can't just forward it, since stdin is already
+# captured by __dot_file. So, we replace '-' with "$__object/stdin".
+#
+# It means that it is possible for __file to receive --source
+# parameter twice, but, since latest wins, it is okay.
+source="$(cat "${__object}/parameter/source")"
+if [ "${source}" = "-" ] ; then
+ set -- "$@" --source "${__object}/stdin"
+fi
+unset source
+
+__file "${home}/${__object_id}" --owner "$user" --group "$primary_group" "$@"
diff --git a/cdist/conf/type/__dot_file/parameter/default/mode b/cdist/conf/type/__dot_file/parameter/default/mode
new file mode 100644
index 00000000..e9f960cf
--- /dev/null
+++ b/cdist/conf/type/__dot_file/parameter/default/mode
@@ -0,0 +1 @@
+600
diff --git a/cdist/conf/type/__dot_file/parameter/optional b/cdist/conf/type/__dot_file/parameter/optional
new file mode 100644
index 00000000..ccab9fa6
--- /dev/null
+++ b/cdist/conf/type/__dot_file/parameter/optional
@@ -0,0 +1,3 @@
+state
+mode
+source
diff --git a/cdist/conf/type/__dot_file/parameter/required b/cdist/conf/type/__dot_file/parameter/required
new file mode 100644
index 00000000..4eb8387f
--- /dev/null
+++ b/cdist/conf/type/__dot_file/parameter/required
@@ -0,0 +1 @@
+user
diff --git a/cdist/conf/type/__file/explorer/stat b/cdist/conf/type/__file/explorer/stat
new file mode 100755
index 00000000..13c1c208
--- /dev/null
+++ b/cdist/conf/type/__file/explorer/stat
@@ -0,0 +1,88 @@
+#!/bin/sh
+#
+# 2013 Steven Armstrong (steven-cdist armstrong.cc)
+# 2019 Nico Schottelius (nico-cdist at schottelius.org)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+destination="/$__object_id"
+
+# nothing to work with, nothing we could do
+[ -e "$destination" ] || exit 0
+
+os=$("$__explorer/os")
+case "$os" in
+ "freebsd"|"netbsd"|"openbsd"|"macosx")
+ stat -f "type: %HT
+owner: %Du %Su
+group: %Dg %Sg
+mode: %Lp %Sp
+size: %Dz
+links: %Dl
+" "$destination" | awk '/^type/ { print tolower($0); next; } { print; }'
+ ;;
+ alpine)
+ # busybox stat
+ stat -c "type: %F
+owner: %u %U
+group: %g %G
+mode: %a %A
+size: %s
+links: %h
+" "$destination"
+ ;;
+ solaris)
+ ls1="$( ls -ld "$destination" )"
+ ls2="$( ls -ldn "$destination" )"
+
+ if [ -f "$__object/parameter/mode" ]
+ then mode_should="$( cat "$__object/parameter/mode" )"
+ fi
+
+ # yes, it is ugly hack, but if you know better way...
+ if [ -z "$( find "$destination" -perm "$mode_should" )" ]
+ then octets=888
+ else octets="$( echo "$mode_should" | sed 's/^0//' )"
+ fi
+
+ case "$( echo "$ls1" | cut -c1-1 )" in
+ -) echo 'type: regular file' ;;
+ d) echo 'type: directory' ;;
+ esac
+
+ echo "owner: $( echo "$ls2" \
+ | awk '{print $3}' ) $( echo "$ls1" \
+ | awk '{print $3}' )"
+
+ echo "group: $( echo "$ls2" \
+ | awk '{print $4}' ) $( echo "$ls1" \
+ | awk '{print $4}' )"
+
+ echo "mode: $octets $( echo "$ls1" | awk '{print $1}' )"
+ echo "size: $( echo "$ls1" | awk '{print $5}' )"
+ echo "links: $( echo "$ls1" | awk '{print $2}' )"
+ ;;
+ *)
+ stat --printf="type: %F
+owner: %u %U
+group: %g %G
+mode: %a %A
+size: %s
+links: %h
+" "$destination"
+ ;;
+esac
diff --git a/cdist/conf/type/__file/explorer/type b/cdist/conf/type/__file/explorer/type
new file mode 100755
index 00000000..e723047c
--- /dev/null
+++ b/cdist/conf/type/__file/explorer/type
@@ -0,0 +1,33 @@
+#!/bin/sh
+#
+# 2013 Steven Armstrong (steven-cdist armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+destination="/$__object_id"
+
+if [ ! -e "$destination" ]; then
+ echo none
+elif [ -h "$destination" ]; then
+ echo symlink
+elif [ -f "$destination" ]; then
+ echo file
+elif [ -d "$destination" ]; then
+ echo directory
+else
+ echo unknown
+fi
diff --git a/cdist/conf/type/__file/gencode-local b/cdist/conf/type/__file/gencode-local
index 087011c4..fb9f9a92 100755
--- a/cdist/conf/type/__file/gencode-local
+++ b/cdist/conf/type/__file/gencode-local
@@ -1,6 +1,7 @@
-#!/bin/sh
+#!/bin/sh -e
#
# 2011-2012 Nico Schottelius (nico-cdist at schottelius.org)
+# 2013 Steven Armstrong (steven-cdist armstrong.cc)
#
# This file is part of cdist.
#
@@ -17,34 +18,85 @@
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see .
#
-#
-# __file is a very basic type, which will probably be reused quite often
-#
destination="/$__object_id"
-state_should=present
-[ -f "$__object/parameter/state" ] && state_should="$(cat "$__object/parameter/state")"
-exists="$(cat "$__object/explorer/exists")"
+state_should="$(cat "$__object/parameter/state")"
+type="$(cat "$__object/explorer/type")"
-[ "$state_should" = "exists" -a "$exists" = "yes" ] && exit 0 # nothing to do
+[ "$state_should" = "exists" ] && [ "$type" = "file" ] && exit 0 # nothing to do
-if [ "$state_should" = "present" -o "$state_should" = "exists" ]; then
+if [ "$state_should" = "pre-exists" ]; then
if [ -f "$__object/parameter/source" ]; then
+ echo "--source cannot be used with --state pre-exists"
+ exit 1
+ fi
+
+ if [ "$type" = "file" ]; then
+ exit 0 # nothing to do
+ else
+ echo "File \"$destination\" does not exist"
+ exit 1
+ fi
+fi
+
+upload_file=
+create_file=
+if [ "$state_should" = "present" ] || [ "$state_should" = "exists" ]; then
+ if [ ! -f "$__object/parameter/source" ]; then
+ remote_stat="$(cat "$__object/explorer/stat")"
+ if [ -z "$remote_stat" ]; then
+ create_file=1
+ echo create >> "$__messages_out"
+ fi
+ else
source="$(cat "$__object/parameter/source")"
if [ "$source" = "-" ]; then
source="$__object/stdin"
fi
-
- if [ -f "$source" ]; then
- local_cksum="$(cksum < "$source")"
- remote_cksum="$(cat "$__object/explorer/cksum")"
-
- if [ "$local_cksum" != "$remote_cksum" ]; then
- echo "$__remote_copy" "$source" "${__target_host}:${destination}"
- fi
- else
+ if [ ! -f "$source" ]; then
echo "Source \"$source\" does not exist." >&2
exit 1
+ else
+ if [ "$type" != "file" ]; then
+ # destination is not a regular file, upload source to replace it
+ upload_file=1
+ else
+ local_cksum="$(cksum < "$source")"
+ remote_cksum="$(cat "$__object/explorer/cksum")"
+ if [ "$local_cksum" != "$remote_cksum" ]; then
+ # destination is a regular file, but not the right one
+ upload_file=1
+ fi
+ fi
fi
fi
+ if [ "$create_file" ] || [ "$upload_file" ]; then
+ # tell gencode-remote that we created or uploaded a file and that it must
+ # set all attributes no matter what the explorer retreived
+ mkdir "$__object/files"
+ touch "$__object/files/set-attributes"
+
+ # upload file to temp location
+ tempfile_template="${destination}.cdist.XXXXXXXXXX"
+ cat << DONE
+destination_upload="\$($__remote_exec $__target_host "mktemp $tempfile_template")"
+DONE
+ if [ "$upload_file" ]; then
+ echo upload >> "$__messages_out"
+ # IPv6 fix
+ if echo "${__target_host}" | grep -q -E '^[0-9a-fA-F:]+$'
+ then
+ my_target_host="[${__target_host}]"
+ else
+ my_target_host="${__target_host}"
+ fi
+ cat << DONE
+$__remote_copy "$source" "${my_target_host}:\$destination_upload"
+DONE
+ fi
+# move uploaded file into place
+cat << DONE
+$__remote_exec $__target_host "rm -rf \"$destination\"; mv \"\$destination_upload\" \"$destination\""
+DONE
+ fi
fi
diff --git a/cdist/conf/type/__file/gencode-remote b/cdist/conf/type/__file/gencode-remote
index 8b03e919..b04c471e 100755
--- a/cdist/conf/type/__file/gencode-remote
+++ b/cdist/conf/type/__file/gencode-remote
@@ -1,6 +1,7 @@
-#!/bin/sh
+#!/bin/sh -e
#
-# 2011-2012 Nico Schottelius (nico-cdist at schottelius.org)
+# 2011-2013 Nico Schottelius (nico-cdist at schottelius.org)
+# 2013 Steven Armstrong (steven-cdist armstrong.cc)
#
# This file is part of cdist.
#
@@ -17,52 +18,90 @@
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see .
#
-#
-# __file is a very basic type, which will probably be reused quite often
-#
destination="/$__object_id"
-state_should=present
-[ -f "$__object/parameter/state" ] && state_should="$(cat "$__object/parameter/state")"
-exists="$(cat "$__object/explorer/exists")"
+state_should="$(cat "$__object/parameter/state")"
+type="$(cat "$__object/explorer/type")"
+stat_file="$__object/explorer/stat"
+fire_onchange=''
+
+get_current_value() {
+ if [ -s "$stat_file" ]; then
+ _name="$1"
+ _value="$2"
+ case "$_value" in
+ [0-9]*)
+ _index=2
+ ;;
+ *)
+ _index=3
+ ;;
+ esac
+ awk '/'"$_name"':/ { print $'$_index' }' "$stat_file"
+ unset _name _value _index
+ fi
+}
+
+set_group() {
+ echo "chgrp '$1' '$destination'"
+ echo "chgrp '$1'" >> "$__messages_out"
+ fire_onchange=1
+}
+
+set_owner() {
+ echo "chown '$1' '$destination'"
+ echo "chown '$1'" >> "$__messages_out"
+ fire_onchange=1
+}
+
+set_mode() {
+ echo "chmod '$1' '$destination'"
+ echo "chmod '$1'" >> "$__messages_out"
+ fire_onchange=1
+}
case "$state_should" in
- present|exists)
- # No source? Create empty file
- if [ ! -f "$__object/parameter/source" ]; then
- if [ "$exists" = "no" ]; then
- echo touch \"$destination\"
- fi
- fi
+ present|exists|pre-exists)
+ # Note: Mode - needs to happen last as a chown/chgrp can alter mode by
+ # clearing S_ISUID and S_ISGID bits (see chown(2))
+ for attribute in group owner mode; do
+ if [ -f "$__object/parameter/$attribute" ]; then
+ value_should="$(cat "$__object/parameter/$attribute")"
- # Group
- if [ -f "$__object/parameter/group" ]; then
- echo chgrp \"$(cat "$__object/parameter/group")\" \"$destination\"
- fi
+ # change 0xxx format to xxx format => same as stat returns
+ if [ "$attribute" = mode ]; then
+ value_should="$(echo "$value_should" | sed 's/^0\(...\)/\1/')"
+ fi
+
+ value_is="$(get_current_value "$attribute" "$value_should")"
+ if [ -f "$__object/files/set-attributes" ] || [ "$value_should" != "$value_is" ]; then
+ "set_$attribute" "$value_should"
+ fi
+ fi
+ done
+ if [ -f "$__object/files/set-attributes" ]; then
+ # set-attributes is created if file is created or uploaded in gencode-local
+ fire_onchange=1
+ fi
- # Owner
- if [ -f "$__object/parameter/owner" ]; then
- echo chown \"$(cat "$__object/parameter/owner")\" \"$destination\"
- fi
+ ;;
- # Mode - needs to happen last as a chown/chgrp can alter mode by
- # clearing S_ISUID and S_ISGID bits (see chown(2))
- if [ -f "$__object/parameter/mode" ]; then
- echo chmod \"$(cat "$__object/parameter/mode")\" \"$destination\"
- fi
- ;;
-
- absent)
-
- if [ "$exists" = "yes" ]; then
- echo rm -f \"$destination\"
- fi
-
- ;;
-
- *)
- echo "Unknown state: $state_should" >&2
- exit 1
- ;;
+ absent)
+ if [ "$type" = "file" ]; then
+ echo "rm -f '$destination'"
+ echo remove >> "$__messages_out"
+ fire_onchange=1
+ fi
+ ;;
+ *)
+ echo "Unknown state: $state_should" >&2
+ exit 1
+ ;;
esac
+
+if [ -f "$__object/parameter/onchange" ]; then
+ if [ -n "$fire_onchange" ]; then
+ cat "$__object/parameter/onchange"
+ fi
+fi
diff --git a/cdist/conf/type/__file/man.rst b/cdist/conf/type/__file/man.rst
new file mode 100644
index 00000000..7a0603bb
--- /dev/null
+++ b/cdist/conf/type/__file/man.rst
@@ -0,0 +1,124 @@
+cdist-type__file(7)
+===================
+
+NAME
+----
+cdist-type__file - Manage files.
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to create files, remove files and set file
+attributes on the target.
+
+If the file already exists on the target, then if it is a:
+
+regular file, and state is:
+ present
+ replace it with the source file if they are not equal
+ exists
+ do nothing
+symlink
+ replace it with the source file
+directory
+ replace it with the source file
+
+One exception is that when state is pre-exists, an error is raised if
+the file would have been created otherwise (e.g. it is not present or
+not a regular file).
+
+In any case, make sure that the file attributes are as specified.
+
+
+REQUIRED PARAMETERS
+-------------------
+None.
+
+OPTIONAL PARAMETERS
+-------------------
+state
+ 'present', 'absent', 'exists' or 'pre-exists', defaults to 'present' where:
+
+ present
+ the file is exactly the one from source
+ absent
+ the file does not exist
+ exists
+ the file from source but only if it doesn't already exist
+ pre-exists
+ check that the file exists and is a regular file, but do not
+ create or modify it
+
+group
+ Group to chgrp to.
+
+mode
+ Unix permissions, suitable for chmod.
+
+owner
+ User to chown to.
+
+source
+ If supplied, copy this file from the host running cdist to the target.
+ If not supplied, an empty file or directory will be created.
+ If source is '-' (dash), take what was written to stdin as the file content.
+
+onchange
+ The code to run if file is modified.
+
+MESSAGES
+--------
+chgrp
+ Changed group membership
+chown
+ Changed owner
+chmod
+ Changed mode
+create
+ Empty file was created (no --source specified)
+remove
+ File exists, but state is absent, file will be removed by generated code.
+upload
+ File was uploaded
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Create /etc/cdist-configured as an empty file
+ __file /etc/cdist-configured
+ # The same thing
+ __file /etc/cdist-configured --state present
+ # Use __file from another type
+ __file /etc/issue --source "$__type/files/archlinux" --state present
+ # Delete existing file
+ __file /etc/cdist-configured --state absent
+ # Supply some more settings
+ __file /etc/shadow --source "$__type/files/shadow" \
+ --owner root --group shadow --mode 0640 \
+ --state present
+ # Provide a default file, but let the user change it
+ __file /home/frodo/.bashrc --source "/etc/skel/.bashrc" \
+ --state exists \
+ --owner frodo --mode 0600
+ # Check that the file is present, show an error when it is not
+ __file /etc/somefile --state pre-exists
+ # Take file content from stdin
+ __file /tmp/whatever --owner root --group root --mode 644 --source - << DONE
+ Here goes the content for /tmp/whatever
+ DONE
+
+
+AUTHORS
+-------
+Nico Schottelius
+
+
+COPYING
+-------
+Copyright \(C) 2011-2013 Nico Schottelius. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__file/man.text b/cdist/conf/type/__file/man.text
deleted file mode 100644
index 1c61fd51..00000000
--- a/cdist/conf/type/__file/man.text
+++ /dev/null
@@ -1,85 +0,0 @@
-cdist-type__file(7)
-===================
-Nico Schottelius
-
-
-NAME
-----
-cdist-type__file - Manage files
-
-
-DESCRIPTION
------------
-This cdist type allows you to create files, remove files and set file
-attributes on the target.
-
-
-REQUIRED PARAMETERS
--------------------
-None.
-
-OPTIONAL PARAMETERS
--------------------
-state::
- 'present', 'absent' or 'exists', defaults to 'present'
- where:
- present: the file is exactly the one from source
- absent: the file does not exist
- exists: the file from source but only if it doesn't already exist
-
-group::
- Group to chgrp to.
-
-mode::
- Unix permissions, suitable for chmod.
-
-owner::
- User to chown to.
-
-source::
- If supplied, copy this file from the host running cdist to the target.
- If not supplied, an empty file or directory will be created.
- If source is '-' (dash), take what was written to stdin as the file content.
-
-
-EXAMPLES
---------
-
---------------------------------------------------------------------------------
-# Create /etc/cdist-configured as an empty file
-__file /etc/cdist-configured
-# The same thing
-__file /etc/cdist-configured --state present
-# Delete existing file
-__file /etc/cdist-configured --state absent
-
-# Use __file from another type
-__file /etc/issue --source "$__type/files/archlinux" --state present
-
-# Supply some more settings
-__file /etc/shadow --source "$__type/files/shadow" \
- --owner root --group shadow --mode 0640 \
- --state present
-
-# Provide a default file, but let the user change it
-__file /home/frodo/.bashrc --source "/etc/skel/.bashrc" \
- --state exists \
- --owner frodo --mode 0600
-
-# Take file content from stdin
-__file /tmp/whatever --owner root --group root --mode 644 --source - << DONE
-Here goes the content for /tmp/whatever
-DONE
-
---------------------------------------------------------------------------------
-
-
-SEE ALSO
---------
-- cdist-type(7)
-
-
-COPYING
--------
-Copyright \(C) 2011-2012 Nico Schottelius. Free use of this software is
-granted under the terms of the GNU General Public License version 3 (GPLv3).
diff --git a/cdist/conf/type/__file/parameter/default/state b/cdist/conf/type/__file/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__file/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__file/parameter/optional b/cdist/conf/type/__file/parameter/optional
index c696d592..9b98352c 100644
--- a/cdist/conf/type/__file/parameter/optional
+++ b/cdist/conf/type/__file/parameter/optional
@@ -3,3 +3,4 @@ group
mode
owner
source
+onchange
diff --git a/cdist/conf/type/__filesystem/explorer/lsblk b/cdist/conf/type/__filesystem/explorer/lsblk
new file mode 100644
index 00000000..9ae544ac
--- /dev/null
+++ b/cdist/conf/type/__filesystem/explorer/lsblk
@@ -0,0 +1,43 @@
+#!/bin/sh
+#
+# 2016 - 2016 Daniel Heule (hda at sfs.biz)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+os=$("$__explorer/os")
+
+if [ -f "$__object/parameter/device" ]; then
+ blkdev="$(cat "$__object/parameter/device")"
+else
+ blkdev="$__object_id"
+fi
+
+case "$os" in
+ centos|fedora|redhat|suse|gentoo)
+ if [ ! -x "$(command -v lsblk)" ]; then
+ echo "lsblk is required for __filesystem type" >&2
+ exit 1
+ else
+ #echo -n $(lsblk -nd -P -o NAME,FSTYPE,LABEL,MOUNTPOINT "$blkdev" 2>/dev/null)
+ lsblk -nd -P -o NAME,FSTYPE,LABEL,MOUNTPOINT "$blkdev" 2>/dev/null
+ fi
+ ;;
+ *)
+ echo "__filesystem type lacks implementation for os: $os" >&2
+ exit 1
+ ;;
+esac
diff --git a/cdist/conf/type/__filesystem/gencode-remote b/cdist/conf/type/__filesystem/gencode-remote
new file mode 100755
index 00000000..0bcdc13c
--- /dev/null
+++ b/cdist/conf/type/__filesystem/gencode-remote
@@ -0,0 +1,102 @@
+#!/bin/sh -e
+#
+# 2016 - 2016 Daniel Heule (hda at sfs.biz)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+
+fstype="$(cat "$__object/parameter/fstype")"
+
+if [ -f "$__object/parameter/device" ]; then
+ mydev="$(cat "$__object/parameter/device")"
+else
+ mydev="$__object_id"
+fi
+
+label="$(cat "$__object/parameter/label")"
+mkfsoptions="$(cat "$__object/parameter/mkfsoptions")"
+
+
+if [ -f "$__object/parameter/force" ]; then
+ # create filesystem even an other filesystem is on disk or the label is not correct, use with caution !
+ forcefs="true"
+else
+ forcefs="false"
+fi
+
+
+
+blkdev_devname="$(grep -P -o 'NAME="\K[^"]*' "$__object/explorer/lsblk")"
+blkdev_fstype="$(grep -P -o 'FSTYPE="\K[^"]*' "$__object/explorer/lsblk")"
+blkdev_label="$(grep -P -o 'LABEL="\K[^"]*' "$__object/explorer/lsblk")"
+blkdev_mountpoint="$(grep -P -o 'MOUNTPOINT="\K[^"]*' "$__object/explorer/lsblk")"
+
+if [ -z "$blkdev_devname" ]; then
+ echo "Specified device $mydev not found on target system" >&2
+ exit 1
+fi
+
+[ "$blkdev_label" = "$label" ] && [ "$blkdev_fstype" = "$fstype" ] && exit 0
+
+if [ -n "$blkdev_mountpoint" ]; then
+ echo "Specified device $mydev is mounted on $blkdev_mountpoint, __filesystem does NOTHING with mountd devices" >&2
+ exit 0
+fi
+
+if [ -n "$blkdev_fstype" ] && [ "$forcefs" != "true" ]; then
+ if [ "$blkdev_label" != "$label" ]; then
+ echo "Specified device $mydev has not the spezified label: $blkdev_label, but __filesystem does NOTHING in this case without the --force option" >&2
+ exit 0
+ fi
+ if [ "$blkdev_fstype" != "$fstype" ]; then
+ echo "Specified device $mydev has not the spezified filesystem: $blkdev_fstype, but __filesystem does NOTHING in this case without the --force option" >&2
+ exit 0
+ fi
+fi
+
+
+# ok, all conditions checked, we need to format the device, lets go
+opts="$mkfsoptions"
+if [ -n "$label" ]; then
+ opts="$opts -L '$label'"
+fi
+
+case "$fstype" in
+ ext2|ext3|ext4)
+ if [ "$forcefs" = "true" ]; then
+ opts="$opts -F"
+ fi
+ echo "mkfs.$fstype $opts /dev/$blkdev_devname"
+ ;;
+ btrfs)
+ if [ "$forcefs" = "true" ]; then
+ opts="$opts --force"
+ fi
+ echo "mkfs.btrfs $opts /dev/$blkdev_devname"
+ ;;
+ xfs)
+ if [ "$forcefs" = "true" ]; then
+ opts="$opts -f"
+ fi
+ echo "mkfs.xfs $opts /dev/$blkdev_devname"
+ ;;
+ *)
+ echo "__filesystem type lacks implementation for filesystem: $fstype" >&2
+ exit 1
+ ;;
+esac
+echo "filesystem $fstype on $mydev : /dev/$blkdev_devname created" >> "$__messages_out"
diff --git a/cdist/conf/type/__filesystem/man.rst b/cdist/conf/type/__filesystem/man.rst
new file mode 100644
index 00000000..1c103ac9
--- /dev/null
+++ b/cdist/conf/type/__filesystem/man.rst
@@ -0,0 +1,81 @@
+cdist-type__filesystem(7)
+=========================
+
+NAME
+----
+cdist-type__filesystem - Create Filesystems.
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to create filesystems on devices.
+
+If the device is mounted on target, it refuses to do anything.
+
+If the device has a filesystem other then the specified and/or
+the label is not correct, it only makes a new filesystem
+if you have specified --force option.
+
+
+REQUIRED PARAMETERS
+-------------------
+fstype
+ Filesystem type, for example 'ext3', 'btrfs' or 'xfs'.
+
+
+
+OPTIONAL PARAMETERS
+-------------------
+device
+ Blockdevice for filesystem, Defaults to object_id.
+ On linux, it can be any lsblk accepted device notation.
+
+ |
+ | For example:
+ | /dev/sdx
+ | or /dev/disk/by-xxxx/xxx
+ | or /dev/mapper/xxxx
+
+label
+ Label which should be applied on the filesystem.
+
+mkfsoptions
+ Additional options which are inserted to the mkfs.xxx call.
+
+
+BOOLEAN PARAMETERS
+------------------
+force
+ Normally, this type does nothing if a filesystem is found
+ on the target device. If you specify force, it's formatted
+ if the filesystem type or label differs from parameters.
+ Warning: This option can easily lead into data loss!
+
+MESSAGES
+--------
+filesystem on \: created
+ Filesystem was created on
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Ensures that device /dev/sdb is formatted with xfs
+ __filesystem /dev/sdb --fstype xfs --label Testdisk1
+ # The same thing with btrfs and disk spezified by pci path to disk 1:0 on vmware
+ __filesystem dev_sdb --fstype btrfs --device /dev/disk/by-path/pci-0000:0b:00.0-scsi-0:0:0:0 --label Testdisk2
+ # Make sure that a multipath san device has a filesystem ...
+ __filesystem dev_sdb --fstype xfs --device /dev/mapper/360060e80432f560050202f22000023ff --label Testdisk3
+
+
+AUTHORS
+-------
+Daniel Heule
+
+
+COPYING
+-------
+Copyright \(C) 2016 Daniel Heule. Free use of this software is
+granted under the terms of the GNU General Public License version 3 or any later version (GPLv3+).
diff --git a/cdist/conf/type/__filesystem/parameter/boolean b/cdist/conf/type/__filesystem/parameter/boolean
new file mode 100644
index 00000000..14b33226
--- /dev/null
+++ b/cdist/conf/type/__filesystem/parameter/boolean
@@ -0,0 +1 @@
+force
diff --git a/cdist/test/resolver/fixtures/object/__first/dog/.cdist/.keep b/cdist/conf/type/__filesystem/parameter/default/label
similarity index 100%
rename from cdist/test/resolver/fixtures/object/__first/dog/.cdist/.keep
rename to cdist/conf/type/__filesystem/parameter/default/label
diff --git a/cdist/test/resolver/fixtures/object/__first/man/.cdist/.keep b/cdist/conf/type/__filesystem/parameter/default/mkfsoptions
similarity index 100%
rename from cdist/test/resolver/fixtures/object/__first/man/.cdist/.keep
rename to cdist/conf/type/__filesystem/parameter/default/mkfsoptions
diff --git a/cdist/conf/type/__filesystem/parameter/optional b/cdist/conf/type/__filesystem/parameter/optional
new file mode 100644
index 00000000..79dddc21
--- /dev/null
+++ b/cdist/conf/type/__filesystem/parameter/optional
@@ -0,0 +1,3 @@
+device
+label
+mkfsoptions
diff --git a/cdist/conf/type/__filesystem/parameter/required b/cdist/conf/type/__filesystem/parameter/required
new file mode 100644
index 00000000..98f8b69f
--- /dev/null
+++ b/cdist/conf/type/__filesystem/parameter/required
@@ -0,0 +1 @@
+fstype
diff --git a/cdist/conf/type/__firewalld_rule/explorer/rule b/cdist/conf/type/__firewalld_rule/explorer/rule
new file mode 100644
index 00000000..0234e5b6
--- /dev/null
+++ b/cdist/conf/type/__firewalld_rule/explorer/rule
@@ -0,0 +1,32 @@
+#!/bin/sh
+#
+# 2015 Nico Schottelius (nico-cdist at schottelius.org)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+
+protocol="$(cat "$__object/parameter/protocol")"
+table="$(cat "$__object/parameter/table")"
+chain="$(cat "$__object/parameter/chain")"
+priority="$(cat "$__object/parameter/priority")"
+rule="$(cat "$__object/parameter/rule")"
+
+if firewall-cmd --permanent --direct --query-rule "$protocol" "$table" "$chain" "$priority" "$rule" >/dev/null; then
+ echo present
+else
+ echo absent
+fi
diff --git a/cdist/conf/type/__firewalld_rule/gencode-remote b/cdist/conf/type/__firewalld_rule/gencode-remote
new file mode 100755
index 00000000..bd6d13e5
--- /dev/null
+++ b/cdist/conf/type/__firewalld_rule/gencode-remote
@@ -0,0 +1,47 @@
+#!/bin/sh -e
+#
+# 2015 Nico Schottelius (nico-cdist at schottelius.org)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+
+state_should="$(cat "$__object/parameter/state")"
+state_is="$(cat "$__object/explorer/rule")"
+
+[ "$state_is" = "$state_should" ] && exit 0
+
+protocol="$(cat "$__object/parameter/protocol")"
+table="$(cat "$__object/parameter/table")"
+chain="$(cat "$__object/parameter/chain")"
+priority="$(cat "$__object/parameter/priority")"
+rule="$(cat "$__object/parameter/rule")"
+
+case "$state_should" in
+ present)
+ echo "firewall-cmd --quiet --permanent --direct --add-rule '$protocol' '$table' '$chain' '$priority' $rule"
+ echo "firewall-cmd --quiet --direct --add-rule '$protocol' '$table' '$chain' '$priority' $rule"
+ ;;
+
+ absent)
+ echo "firewall-cmd --quiet --permanent --direct --remove-rule '$protocol' '$table' '$chain' '$priority' $rule"
+ echo "firewall-cmd --quiet --direct --remove-rule '$protocol' '$table' '$chain' '$priority' $rule"
+ ;;
+ *)
+ echo "Unknown state $state_should" >&2
+ exit 1
+ ;;
+esac
diff --git a/cdist/conf/type/__firewalld_rule/man.rst b/cdist/conf/type/__firewalld_rule/man.rst
new file mode 100644
index 00000000..5de5d15c
--- /dev/null
+++ b/cdist/conf/type/__firewalld_rule/man.rst
@@ -0,0 +1,81 @@
+cdist-type__firewalld_rule(7)
+=============================
+
+NAME
+----
+cdist-type__firewalld_rule - Configure firewalld rules
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to manage rules in firewalld
+using the *direct* way (i.e. no zone support).
+
+
+REQUIRED PARAMETERS
+-------------------
+rule
+ The rule to apply. Essentially an firewalld command
+ line without firewalld in front of it.
+protocol
+ Either ipv4, ipv4 or eb. See firewall-cmd(1)
+table
+ The table to use (like filter or nat). See firewall-cmd(1).
+chain
+ The chain to use (like INPUT_direct or FORWARD_direct). See firewall-cmd(1).
+priority
+ The priority to use (0 is topmost). See firewall-cmd(1).
+
+
+OPTIONAL PARAMETERS
+-------------------
+state
+ 'present' or 'absent', defaults to 'present'
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Allow access from entrance.place4.ungleich.ch
+ __firewalld_rule entrance \
+ --protocol ipv4 \
+ --table filter \
+ --chain INPUT_direct \
+ --priority 0 \
+ --rule '-s entrance.place4.ungleich.ch -j ACCEPT'
+
+ # Allow forwarding of traffic from br0
+ __firewalld_rule vm-forward --protocol ipv4 \
+ --table filter \
+ --chain FORWARD_direct \
+ --priority 0 \
+ --rule '-i br0 -j ACCEPT'
+
+ # Ensure old rule is absent - warning, the rule part must stay the same!
+ __firewalld_rule vm-forward
+ --protocol ipv4 \
+ --table filter \
+ --chain FORWARD_direct \
+ --priority 0 \
+ --rule '-i br0 -j ACCEPT' \
+ --state absent
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__iptables_rule`\ (7), :strong:`firewalld`\ (8)
+
+
+AUTHORS
+-------
+Nico Schottelius
+
+
+COPYING
+-------
+Copyright \(C) 2015 Nico Schottelius. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__firewalld_rule/manifest b/cdist/conf/type/__firewalld_rule/manifest
new file mode 100755
index 00000000..71156329
--- /dev/null
+++ b/cdist/conf/type/__firewalld_rule/manifest
@@ -0,0 +1,23 @@
+#!/bin/sh -e
+#
+# 2015 David Hürlimann (david at ungleich.ch)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# This type allows to configure the desired localtime timezone.
+
+__package firewalld
diff --git a/cdist/conf/type/__firewalld_rule/parameter/default/state b/cdist/conf/type/__firewalld_rule/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__firewalld_rule/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__postgres_database/parameter/required b/cdist/conf/type/__firewalld_rule/parameter/optional
similarity index 100%
rename from cdist/conf/type/__postgres_database/parameter/required
rename to cdist/conf/type/__firewalld_rule/parameter/optional
diff --git a/cdist/conf/type/__firewalld_rule/parameter/required b/cdist/conf/type/__firewalld_rule/parameter/required
new file mode 100644
index 00000000..58def7e4
--- /dev/null
+++ b/cdist/conf/type/__firewalld_rule/parameter/required
@@ -0,0 +1,5 @@
+chain
+priority
+protocol
+rule
+table
diff --git a/cdist/conf/type/__firewalld_start/gencode-remote b/cdist/conf/type/__firewalld_start/gencode-remote
new file mode 100755
index 00000000..3e767f68
--- /dev/null
+++ b/cdist/conf/type/__firewalld_start/gencode-remote
@@ -0,0 +1,84 @@
+#!/bin/sh -e
+#
+# 2016 Darko Poljak(darko.poljak at ungleich.ch)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+
+startstate="$(cat "$__object/parameter/startstate")"
+init=$(cat "$__global/explorer/init")
+
+os=$(cat "$__global/explorer/os")
+os_version=$(cat "$__global/explorer/os_version")
+name="firewalld"
+
+case "${startstate}" in
+ present)
+ cmd="start"
+ ;;
+ absent)
+ cmd="stop"
+ ;;
+ *)
+ echo "Unknown startstate: ${startstate}" >&2
+ exit 1
+ ;;
+esac
+
+if [ "$init" = 'systemd' ]; then
+ # this handles ALL linux distros with systemd
+ # e.g. archlinux, gentoo in some cases, new RHEL and SLES versions
+ echo "systemctl \"$cmd\" \"$name\""
+else
+ case "$os" in
+ debian)
+ case "$os_version" in
+ [1-7]*)
+ echo "service \"$name\" \"$cmd\""
+ ;;
+ 8*)
+ echo "systemctl \"$cmd\" \"$name\""
+ ;;
+ *)
+ echo "Unsupported version $os_version of $os" >&2
+ exit 1
+ ;;
+ esac
+ ;;
+
+ gentoo)
+ echo service \"$name\" \"$cmd\"
+ ;;
+
+ amazon|scientific|centos|fedora|owl|redhat|suse)
+ echo service \"$name\" \"$cmd\"
+ ;;
+
+ openwrt)
+ echo "/etc/init.d/\"$name\" \"$cmd\""
+ ;;
+
+ ubuntu)
+ echo "service \"$name\" \"$cmd\""
+ ;;
+
+ *)
+ echo "Unsupported os: $os" >&2
+ exit 1
+ ;;
+ esac
+fi
diff --git a/cdist/conf/type/__firewalld_start/man.rst b/cdist/conf/type/__firewalld_start/man.rst
new file mode 100644
index 00000000..74199cd6
--- /dev/null
+++ b/cdist/conf/type/__firewalld_start/man.rst
@@ -0,0 +1,53 @@
+cdist-type__firewalld_start(7)
+==============================
+
+NAME
+----
+cdist-type__firewalld_start - start and enable firewalld
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to start and enable firewalld.
+
+
+REQUIRED PARAMETERS
+-------------------
+None
+
+OPTIONAL PARAMETERS
+-------------------
+startstate
+ 'present' or 'absent', start/stop firewalld. Default is 'present'.
+bootstate
+ 'present' or 'absent', enable/disable firewalld on boot. Default is 'present'.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # start and enable firewalld
+ __firewalld_start
+
+ # only enable firewalld to start on boot
+ __firewalld_start --startstate present --bootstate absent
+
+
+SEE ALSO
+--------
+:strong:`firewalld`\ (8)
+
+
+AUTHORS
+-------
+Darko Poljak
+
+
+COPYING
+-------
+Copyright \(C) 2016 Darko Poljak. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__firewalld_start/manifest b/cdist/conf/type/__firewalld_start/manifest
new file mode 100755
index 00000000..98caaad9
--- /dev/null
+++ b/cdist/conf/type/__firewalld_start/manifest
@@ -0,0 +1,23 @@
+#!/bin/sh -e
+#
+# 2016 Darko Poljak (darko.poljak at ungleich.ch)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+
+bootstate="$(cat "$__object/parameter/bootstate")"
+
+__package firewalld
+require="__package/firewalld" __start_on_boot firewalld --state "${bootstate}"
diff --git a/cdist/conf/type/__firewalld_start/parameter/default/bootstate b/cdist/conf/type/__firewalld_start/parameter/default/bootstate
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__firewalld_start/parameter/default/bootstate
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__firewalld_start/parameter/default/startstate b/cdist/conf/type/__firewalld_start/parameter/default/startstate
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__firewalld_start/parameter/default/startstate
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__firewalld_start/parameter/optional b/cdist/conf/type/__firewalld_start/parameter/optional
new file mode 100644
index 00000000..934c7d0d
--- /dev/null
+++ b/cdist/conf/type/__firewalld_start/parameter/optional
@@ -0,0 +1,2 @@
+bootstate
+startstate
diff --git a/cdist/test/resolver/fixtures/object/__first/woman/.cdist/.keep b/cdist/conf/type/__firewalld_start/singleton
similarity index 100%
rename from cdist/test/resolver/fixtures/object/__first/woman/.cdist/.keep
rename to cdist/conf/type/__firewalld_start/singleton
diff --git a/cdist/conf/type/__git/explorer/group b/cdist/conf/type/__git/explorer/group
new file mode 100644
index 00000000..3ddf9656
--- /dev/null
+++ b/cdist/conf/type/__git/explorer/group
@@ -0,0 +1,5 @@
+#!/bin/sh
+
+destination="/$__object_id/.git"
+
+stat --print "%G" "${destination}" 2>/dev/null || exit 0
diff --git a/cdist/conf/type/__git/explorer/owner b/cdist/conf/type/__git/explorer/owner
new file mode 100644
index 00000000..4c3cd431
--- /dev/null
+++ b/cdist/conf/type/__git/explorer/owner
@@ -0,0 +1,5 @@
+#!/bin/sh
+
+destination="/$__object_id/.git"
+
+stat --print "%U" "${destination}" 2>/dev/null || exit 0
diff --git a/cdist/conf/type/__directory/explorer/state b/cdist/conf/type/__git/explorer/state
similarity index 82%
rename from cdist/conf/type/__directory/explorer/state
rename to cdist/conf/type/__git/explorer/state
index 9bdd9024..e0719579 100755
--- a/cdist/conf/type/__directory/explorer/state
+++ b/cdist/conf/type/__git/explorer/state
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# 2011 Nico Schottelius (nico-cdist at schottelius.org)
+# 2012 Nico Schottelius (nico-cdist at schottelius.org)
#
# This file is part of cdist.
#
@@ -18,12 +18,12 @@
# along with cdist. If not, see .
#
#
-# Check whether file exists or not
+# Check whether repository exists
#
-destination="/$__object_id"
+destination="/$__object_id/.git"
-if [ -e "$destination" ]; then
+if [ -d "$destination" ]; then
echo present
else
echo absent
diff --git a/cdist/conf/type/__git/gencode-remote b/cdist/conf/type/__git/gencode-remote
new file mode 100755
index 00000000..ab22655f
--- /dev/null
+++ b/cdist/conf/type/__git/gencode-remote
@@ -0,0 +1,68 @@
+#!/bin/sh -e
+#
+# 2012 Nico Schottelius (nico-cdist at schottelius.org)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+
+state_is=$(cat "$__object/explorer/state")
+owner_is=$(cat "$__object/explorer/owner")
+group_is=$(cat "$__object/explorer/group")
+
+state_should=$(cat "$__object/parameter/state")
+
+branch=$(cat "$__object/parameter/branch")
+
+source=$(cat "$__object/parameter/source")
+
+destination="/$__object_id"
+
+owner=$(cat "$__object/parameter/owner")
+group=$(cat "$__object/parameter/group")
+mode=$(cat "$__object/parameter/mode")
+
+[ -f "$__object/parameter/recursive" ] && recursive='--recurse-submodules' || recursive=''
+[ -f "$__object/parameter/shallow" ] && shallow='--depth 1 --shallow-submodules' || shallow=''
+
+[ "$state_should" = "$state_is" ] \
+ && [ "$owner" = "$owner_is" ] \
+ && [ "$group" = "$group_is" ] \
+ && [ -n "$mode" ] && exit 0
+
+case $state_should in
+ present)
+ if [ "$state_should" != "$state_is" ]; then
+ echo git clone --quiet "$recursive" "$shallow" --branch "$branch" "$source" "$destination"
+ fi
+ if { [ -n "$owner" ] && [ "$owner_is" != "$owner" ]; } || \
+ { [ -n "$group" ] && [ "$group_is" != "$group" ]; }; then
+ echo chown -R "${owner}:${group}" "$destination"
+ fi
+ if [ -n "$mode" ]; then
+ echo chmod -R "$mode" "$destination"
+ fi
+ ;;
+
+ absent)
+ # Handled in manifest
+ ;;
+
+ *)
+ echo "Unknown state: $state_should" >&2
+ exit 1
+ ;;
+esac
diff --git a/cdist/conf/type/__git/man.rst b/cdist/conf/type/__git/man.rst
new file mode 100644
index 00000000..d3e15f25
--- /dev/null
+++ b/cdist/conf/type/__git/man.rst
@@ -0,0 +1,66 @@
+cdist-type__git(7)
+==================
+
+NAME
+----
+cdist-type__git - Get and or keep git repositories up-to-date
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to clone git repositories
+
+
+REQUIRED PARAMETERS
+-------------------
+source
+ Specifies the git remote to clone from
+
+
+OPTIONAL PARAMETERS
+-------------------
+state
+ Either "present" or "absent", defaults to "present"
+
+branch
+ Create this branch by checking out the remote branch of this name
+ Default branch is "master"
+
+group
+ Group to chgrp to.
+
+mode
+ Unix permissions, suitable for chmod.
+
+owner
+ User to chown to.
+
+recursive
+ Passes the --recurse-submodules flag to git when cloning the repository.
+
+shallow
+ Sets --depth=1 and --shallow-submodules for cloning repositories with big history.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __git /home/services/dokuwiki --source git://github.com/splitbrain/dokuwiki.git
+
+ # Checkout cdist, stay on branch 2.1
+ __git /home/nico/cdist --source git@code.ungleich.ch:ungleich-public/cdist.git --branch 2.1
+
+
+AUTHORS
+-------
+Nico Schottelius
+
+
+COPYING
+-------
+Copyright \(C) 2012 Nico Schottelius. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__git/manifest b/cdist/conf/type/__git/manifest
new file mode 100755
index 00000000..6fb870f4
--- /dev/null
+++ b/cdist/conf/type/__git/manifest
@@ -0,0 +1,49 @@
+#!/bin/sh -e
+#
+# 2012 Nico Schottelius (nico-cdist at schottelius.org)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# Ensure git is present
+#
+
+__package git --state present
+
+state_should="$(cat "$__object/parameter/state")"
+owner="$(cat "$__object/parameter/owner")"
+group="$(cat "$__object/parameter/group")"
+mode="$(cat "$__object/parameter/mode")"
+
+# Let __directory handle removal of git repos
+
+case "$state_should" in
+ present)
+ :
+ ;;
+
+ absent)
+ __directory "$__object_id" --state absent \
+ --owner "$owner" \
+ --group "$group" \
+ --mode "$mode"
+ ;;
+
+ *)
+ echo "Unknown state: $state_should" >&2
+ exit 1
+ ;;
+esac
diff --git a/cdist/conf/type/__git/parameter/boolean b/cdist/conf/type/__git/parameter/boolean
new file mode 100644
index 00000000..d600d4ca
--- /dev/null
+++ b/cdist/conf/type/__git/parameter/boolean
@@ -0,0 +1,2 @@
+recursive
+shallow
diff --git a/cdist/conf/type/__git/parameter/default/branch b/cdist/conf/type/__git/parameter/default/branch
new file mode 100644
index 00000000..1f7391f9
--- /dev/null
+++ b/cdist/conf/type/__git/parameter/default/branch
@@ -0,0 +1 @@
+master
diff --git a/cdist/conf/type/__git/parameter/default/group b/cdist/conf/type/__git/parameter/default/group
new file mode 100644
index 00000000..8b137891
--- /dev/null
+++ b/cdist/conf/type/__git/parameter/default/group
@@ -0,0 +1 @@
+
diff --git a/cdist/conf/type/__git/parameter/default/mode b/cdist/conf/type/__git/parameter/default/mode
new file mode 100644
index 00000000..8b137891
--- /dev/null
+++ b/cdist/conf/type/__git/parameter/default/mode
@@ -0,0 +1 @@
+
diff --git a/cdist/conf/type/__git/parameter/default/owner b/cdist/conf/type/__git/parameter/default/owner
new file mode 100644
index 00000000..8b137891
--- /dev/null
+++ b/cdist/conf/type/__git/parameter/default/owner
@@ -0,0 +1 @@
+
diff --git a/cdist/conf/type/__git/parameter/default/state b/cdist/conf/type/__git/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__git/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__git/parameter/optional b/cdist/conf/type/__git/parameter/optional
new file mode 100644
index 00000000..3c409162
--- /dev/null
+++ b/cdist/conf/type/__git/parameter/optional
@@ -0,0 +1,5 @@
+state
+branch
+group
+owner
+mode
diff --git a/cdist/conf/type/__git/parameter/required b/cdist/conf/type/__git/parameter/required
new file mode 100644
index 00000000..5a18cd2f
--- /dev/null
+++ b/cdist/conf/type/__git/parameter/required
@@ -0,0 +1 @@
+source
diff --git a/cdist/conf/type/__go_get/explorer/go-executable b/cdist/conf/type/__go_get/explorer/go-executable
new file mode 100755
index 00000000..87182282
--- /dev/null
+++ b/cdist/conf/type/__go_get/explorer/go-executable
@@ -0,0 +1,6 @@
+#!/bin/sh
+# shellcheck disable=SC1091
+[ -f /etc/environment ] && . /etc/environment
+# shellcheck disable=SC1091
+[ -f /etc/profile ] && . /etc/profile
+go version 2>/dev/null || true
diff --git a/cdist/conf/type/__go_get/gencode-remote b/cdist/conf/type/__go_get/gencode-remote
new file mode 100755
index 00000000..4c47a70e
--- /dev/null
+++ b/cdist/conf/type/__go_get/gencode-remote
@@ -0,0 +1,10 @@
+#!/bin/sh -e
+
+package=$__object_id
+
+cat<
+
+
+COPYING
+-------
+Copyright \(C) 2017 Kamila Součková. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__go_get/manifest b/cdist/conf/type/__go_get/manifest
new file mode 100755
index 00000000..a5cc4c80
--- /dev/null
+++ b/cdist/conf/type/__go_get/manifest
@@ -0,0 +1,18 @@
+#!/bin/sh -e
+
+go_executable=$(cat "$__object/explorer/go-executable")
+[ -z "$go_executable" ] && echo "__go_get: Cannot find go executable; make sure it is installed and in PATH" >&2 && exit 1
+
+os=$(cat "$__global/explorer/os")
+case $os in
+ debian|devuan|ubuntu)
+ __package build-essential
+ ;;
+ *)
+ echo "__go_get: Don't know how to install g++ on $os" >&2
+ echo "__go_get: Send a pull request or contact to add support for $os." >&2
+ exit 1
+ ;;
+esac
+
+__package git
diff --git a/cdist/conf/type/__golang_from_vendor/gencode-remote b/cdist/conf/type/__golang_from_vendor/gencode-remote
new file mode 100755
index 00000000..5200e9e3
--- /dev/null
+++ b/cdist/conf/type/__golang_from_vendor/gencode-remote
@@ -0,0 +1,26 @@
+#!/bin/sh -e
+
+version=$(cat "$__object/parameter/version")
+
+kernel_name=$(tr '[:upper:]' '[:lower:]' < "$__global/explorer/kernel_name")
+machine=$(cat "$__global/explorer/machine")
+case $machine in
+ x86_64|amd64)
+ arch=amd64
+ ;;
+ x86)
+ arch=386
+ ;;
+ *)
+ arch=$machine # at least try...
+ ;;
+esac
+
+PACKAGE="go${version}.${kernel_name}-${arch}"
+URL="https://storage.googleapis.com/golang/${PACKAGE}.tar.gz"
+cat </dev/null)" = "xgo$version" ] && exit 0 # already there
+wget --no-verbose "$URL" -O "/tmp/${PACKAGE}.tar.gz"
+rm -rf /usr/local/go
+tar -C /usr/local -xzf /tmp/${PACKAGE}.tar.gz
+EOF
diff --git a/cdist/conf/type/__golang_from_vendor/man.rst b/cdist/conf/type/__golang_from_vendor/man.rst
new file mode 100644
index 00000000..2b4f065e
--- /dev/null
+++ b/cdist/conf/type/__golang_from_vendor/man.rst
@@ -0,0 +1,48 @@
+cdist-type__golang_from_vendor(7)
+=================================
+
+NAME
+----
+cdist-type__golang_from_vendor - Install any version of golang from golang.org
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to install golang from archives provided by https://golang.org/dl/.
+
+See https://golang.org/dl/ for the list of supported versions, operating systems and architectures.
+
+This is a singleton type.
+
+
+REQUIRED PARAMETERS
+-------------------
+None.
+
+
+OPTIONAL PARAMETERS
+-------------------
+version
+ The golang version to install, defaults to 1.8.1
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __golang_from_vendor --version 1.8.1
+
+
+
+AUTHORS
+-------
+Kamila Součková
+
+
+COPYING
+-------
+Copyright \(C) 2017 Kamila Součková. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__golang_from_vendor/manifest b/cdist/conf/type/__golang_from_vendor/manifest
new file mode 100755
index 00000000..ad39ddfb
--- /dev/null
+++ b/cdist/conf/type/__golang_from_vendor/manifest
@@ -0,0 +1,4 @@
+#!/bin/sh -e
+
+# shellcheck disable=SC2016
+__line go_in_path --line 'export PATH=/usr/local/go/bin:$PATH' --file /etc/profile
diff --git a/cdist/conf/type/__golang_from_vendor/parameter/default/version b/cdist/conf/type/__golang_from_vendor/parameter/default/version
new file mode 100644
index 00000000..a8fdfda1
--- /dev/null
+++ b/cdist/conf/type/__golang_from_vendor/parameter/default/version
@@ -0,0 +1 @@
+1.8.1
diff --git a/cdist/conf/type/__golang_from_vendor/parameter/optional b/cdist/conf/type/__golang_from_vendor/parameter/optional
new file mode 100644
index 00000000..088eda41
--- /dev/null
+++ b/cdist/conf/type/__golang_from_vendor/parameter/optional
@@ -0,0 +1 @@
+version
diff --git a/cdist/test/resolver/fixtures/object/__second/.keep b/cdist/conf/type/__golang_from_vendor/singleton
similarity index 100%
rename from cdist/test/resolver/fixtures/object/__second/.keep
rename to cdist/conf/type/__golang_from_vendor/singleton
diff --git a/cdist/conf/type/__grafana_dashboard/man.rst b/cdist/conf/type/__grafana_dashboard/man.rst
new file mode 100644
index 00000000..b3974028
--- /dev/null
+++ b/cdist/conf/type/__grafana_dashboard/man.rst
@@ -0,0 +1,43 @@
+cdist-type__grafana_dashboard(7)
+================================
+
+NAME
+----
+cdist-type__grafana_dashboard - Install Grafana (https://grafana.com)
+
+
+DESCRIPTION
+-----------
+This cdist type adds the Grafana repository, installs the grafana package, and sets the server to start on boot.
+
+This is a singleton type.
+
+REQUIRED PARAMETERS
+-------------------
+None.
+
+
+OPTIONAL PARAMETERS
+-------------------
+None.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __grafana_dashboard
+
+
+AUTHORS
+-------
+Kamila Součková
+
+
+COPYING
+-------
+Copyright \(C) 2017 Kamila Součková. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__grafana_dashboard/manifest b/cdist/conf/type/__grafana_dashboard/manifest
new file mode 100755
index 00000000..d145c4c3
--- /dev/null
+++ b/cdist/conf/type/__grafana_dashboard/manifest
@@ -0,0 +1,46 @@
+#!/bin/sh -e
+
+os=$(cat "$__global/explorer/os")
+os_version=$(cat "$__global/explorer/os_version")
+
+require=""
+case $os in
+ debian|devuan)
+ case $os_version in
+ 8*|jessie)
+ # Differntation not needed anymore
+ apt_source_distribution=stable
+ ;;
+ 9*|ascii/ceres|ascii)
+ # Differntation not needed anymore
+ apt_source_distribution=stable
+ ;;
+ 10*)
+ # Differntation not needed anymore
+ apt_source_distribution=stable
+ ;;
+ *)
+ echo "Don't know how to install Grafana on $os $os_version. Send us a pull request!" >&2
+ exit 1
+ ;;
+ esac
+
+ __apt_key_uri grafana \
+ --name 'Grafana Release Signing Key' \
+ --uri https://packages.grafana.com/gpg.key
+
+ require="$require __apt_key_uri/grafana" __apt_source grafana \
+ --uri https://packages.grafana.com/oss/deb \
+ --distribution $apt_source_distribution \
+ --component main
+ __package apt-transport-https
+ require="$require __apt_source/grafana" __apt_update_index
+ require="$require __package/apt-transport-https __apt_update_index" __package grafana
+ require="$require __package/grafana" __start_on_boot grafana-server
+ require="$require __start_on_boot/grafana-server" __process grafana-server --start "service grafana-server start"
+ ;;
+ *)
+ echo "Don't know how to install Grafana on $os. Send us a pull request!" >&2
+ exit 1
+ ;;
+esac
diff --git a/cdist/test/resolver/fixtures/object/__second/on-the/.cdist/.keep b/cdist/conf/type/__grafana_dashboard/singleton
similarity index 100%
rename from cdist/test/resolver/fixtures/object/__second/on-the/.cdist/.keep
rename to cdist/conf/type/__grafana_dashboard/singleton
diff --git a/cdist/conf/type/__group/TODO b/cdist/conf/type/__group/TODO
deleted file mode 100644
index c20a5d21..00000000
--- a/cdist/conf/type/__group/TODO
+++ /dev/null
@@ -1,2 +0,0 @@
-- delete groups
-
diff --git a/cdist/conf/type/__group/explorer/group b/cdist/conf/type/__group/explorer/group
index 4c1e6ac0..dc673f61 100755
--- a/cdist/conf/type/__group/explorer/group
+++ b/cdist/conf/type/__group/explorer/group
@@ -1,6 +1,7 @@
#!/bin/sh
#
-# 2011 Steven Armstrong (steven-cdist at armstrong.cc)
+# 2011-2015 Steven Armstrong (steven-cdist at armstrong.cc)
+# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
#
# This file is part of cdist.
#
@@ -21,7 +22,21 @@
# Get an existing groups group entry.
#
+not_supported() {
+ echo "Your operating system ($("$__explorer/os")) is currently not supported." >&2
+ echo "Cannot extract group information." >&2
+ echo "Please contribute an implementation for it if you can." >&2
+ exit 1
+}
+
name=$__object_id
-getent group "$name" || true
-
+if command -v getent >/dev/null
+then
+ getent group "$name" || true
+elif [ -f /etc/group ]
+then
+ grep "^${name}:" /etc/group || true
+else
+ not_supported
+fi
diff --git a/cdist/conf/type/__group/explorer/gshadow b/cdist/conf/type/__group/explorer/gshadow
index 5ab4ed80..05841d69 100755
--- a/cdist/conf/type/__group/explorer/gshadow
+++ b/cdist/conf/type/__group/explorer/gshadow
@@ -1,6 +1,7 @@
#!/bin/sh
#
-# 2011 Steven Armstrong (steven-cdist at armstrong.cc)
+# 2011-2015 Steven Armstrong (steven-cdist at armstrong.cc)
+# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
#
# This file is part of cdist.
#
@@ -22,21 +23,28 @@
#
name=$__object_id
-os_version="$($__explorer/os_version)"
-os="$($__explorer/os)"
+os=$("$__explorer/os")
-if [ "$os" = "freebsd" ]; then
- echo "FreeBSD does not have getent gshadow"
- exit 0
-fi
+not_supported() {
+ echo "Your operating system ($os) is currently not supported." >&2
+ echo "Cannot extract group information." >&2
+ echo "Please contribute an implementation for it if you can." >&2
+ exit 1
+}
-case "$os_version" in
- "Red Hat Enterprise Linux Server release "[45]*|"CentOS release "[45]*)
- # TODO: find a way to get this information
- echo "$os_version does not have getent gshadow"
- ;;
- *)
- getent gshadow "$name" || true
- ;;
+case $os in
+ "freebsd"|"netbsd")
+ echo "$os does not have getent gshadow" >&2
+ exit 0
+ ;;
esac
+if command -v getent >/dev/null
+then
+ getent gshadow "$name" || true
+elif [ -f /etc/gshadow ]
+then
+ grep "^${name}:" /etc/gshadow || true
+else
+ not_supported
+fi
diff --git a/cdist/conf/type/__group/gencode-remote b/cdist/conf/type/__group/gencode-remote
index bb6797c2..6091c548 100755
--- a/cdist/conf/type/__group/gencode-remote
+++ b/cdist/conf/type/__group/gencode-remote
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/sh -e
#
-# 2011 Steven Armstrong (steven-cdist at armstrong.cc)
+# 2011-2015 Steven Armstrong (steven-cdist at armstrong.cc)
# 2011 Nico Schottelius (nico-cdist at schottelius.org)
#
# This file is part of cdist.
@@ -23,87 +23,84 @@
#
name="$__object_id"
-os_version="$(cat "$__global/explorer/os_version")"
os="$(cat "$__global/explorer/os")"
+state="$(cat "$__object/parameter/state")"
-cd "$__object/parameter"
-if grep -q "^${name}:" "$__object/explorer/group"; then
- for property in $(ls .); do
- new_value="$(cat "$property")"
- # argument to pass the groupmod command for this property (exceptions
- # are made in the case statement below)
- proparg="--$property"
- case "$property" in
- password)
- if [ "$os" = "freebsd" ]; then
- echo "group/$name: FreeBSD doesn't support password modification" >&2
- exit 1
- fi
- case "$os_version" in
- "Red Hat Enterprise Linux Server release "[45]*|"CentOS release "[45]*)
- # TODO: Use gpasswd? Need to fix gshadow explorer first.
- echo "group/$name: '$os_version' groupmod does not support password modification" >&2
- exit 1
+# Use short option names for portability
+shorten_property() {
+ case "$1" in
+ gid) echo " -g";;
+ password) echo " -p";;
+ system) echo " -r";;
+ esac
+}
+
+
+if [ "$state" = "present" ]; then
+ case "$os" in
+ freebsd)
+ supported_change_properties="gid"
+ ;;
+ *)
+ supported_change_properties="gid password"
+ ;;
+ esac
+ if grep -q "^${name}:" "$__object/explorer/group"; then
+ # change existing
+ for property in $supported_change_properties; do
+ if [ -f "$__object/parameter/$property" ]; then
+ new_value="$(cat "$__object/parameter/$property")"
+ unset current_value
+ case "$property" in
+ password)
+ current_value="$(awk -F: '{ print $2 }' "$__object/explorer/gshadow")"
+ ;;
+ gid)
+ current_value="$(awk -F: '{ print $3 }' "$__object/explorer/group")"
;;
esac
- current_value="$(awk -F: '{ print $2 }' < "$__object/explorer/gshadow")"
- ;;
- gid)
- # set to -g to support older redhat/centos
- proparg="-g"
- current_value="$(awk -F: '{ print $3 }' < "$__object/explorer/group")"
- ;;
- esac
-
- if [ "$new_value" != "$current_value" ]; then
- set -- "$@" "$proparg" \"$new_value\"
- fi
- done
-
- if [ $# -gt 0 ]; then
- case $os in
- freebsd)
- echo pw group mod "$@" "$name"
- ;;
- *)
+ if [ "$new_value" != "$current_value" ]; then
+ set -- "$@" "$(shorten_property "$property")" \'"$new_value"\'
+ echo "change $property $new_value $current_value" >> "$__messages_out"
+ fi
+ fi
+ done
+ if [ $# -gt 0 ]; then
+ if [ "$os" = "freebsd" ]; then
+ echo pw groupmod "$@" "$name"
+ else
echo groupmod "$@" "$name"
- ;;
- esac
+ fi
+ echo mod >> "$__messages_out"
+ fi
+ else
+ # create new
+ for property in $supported_change_properties; do
+ if [ -f "$__object/parameter/$property" ]; then
+ new_value="$(cat "$__object/parameter/$property")"
+ if [ -z "$new_value" ]; then
+ # Boolean parameters have no value
+ set -- "$@" "$(shorten_property "$property")"
+ else
+ set -- "$@" "$(shorten_property "$property")" \'"$new_value"\'
+ fi
+ fi
+ done
+ if [ "$os" = "freebsd" ]; then
+ echo pw groupadd "$@" "$name"
+ else
+ echo groupadd "$@" "$name"
+ fi
fi
else
- for property in $(ls .); do
- new_value="$(cat "$property")"
+ # delete existing
+ if grep -q "^${name}:" "$__object/explorer/group"; then
if [ "$os" = "freebsd" ]; then
- case $property in
- gid)
- proparg="-g"
- ;;
- password)
- echo "group/$name: FreeBSD doesn't support password setting" >&2
- exit 1
- ;;
- *)
- # The type has been updated to support more properties than it knows how to handle for FreeBSD
- # tell the user about this.
- echo "Currently unknown property: $property" >&2
- exit 1
- ;;
- esac
+ echo pw groupdel "$name"
else
- proparg="--$property"
+ echo groupdel "$name"
fi
-
- set -- "$@" "$proparg" \"$new_value\"
- done
-
- case $os in
- freebsd)
- echo pw group add "$@" "$name"
- ;;
- *)
- echo groupadd "$@" "$name"
- ;;
- esac
+ echo remove >> "$__messages_out"
+ fi
fi
-
diff --git a/cdist/conf/type/__group/man.rst b/cdist/conf/type/__group/man.rst
new file mode 100644
index 00000000..614f3d57
--- /dev/null
+++ b/cdist/conf/type/__group/man.rst
@@ -0,0 +1,80 @@
+cdist-type__group(7)
+====================
+
+NAME
+----
+cdist-type__group - Manage groups
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to create or modify groups on the target.
+
+
+REQUIRED PARAMETERS
+-------------------
+None.
+
+
+OPTIONAL PARAMETERS
+-------------------
+state
+ absent or present, defaults to present
+gid
+ see groupmod(8)
+password
+ see above
+
+
+BOOLEAN PARAMETERS
+------------------
+system
+ see groupadd(8), apply only on group creation
+
+
+MESSAGES
+--------
+mod
+ group is modified
+add
+ New group added
+remove
+ group is removed
+change
+ Changed group property from current_value to new_value
+set
+ set property to new value, property was not set before
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Create a group 'foobar' with operating system default settings
+ __group foobar
+
+ # Remove the 'foobar' group
+ __group foobar --state absent
+
+ # Create a system group 'myservice' with operating system default settings
+ __group myservice --system
+
+ # Same but with a specific gid
+ __group foobar --gid 1234
+
+ # Same but with a gid and password
+ __group foobar --gid 1234 --password 'crypted-password-string'
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2011-2015 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__group/man.text b/cdist/conf/type/__group/man.text
deleted file mode 100644
index c57ae337..00000000
--- a/cdist/conf/type/__group/man.text
+++ /dev/null
@@ -1,52 +0,0 @@
-cdist-type__group(7)
-====================
-Steven Armstrong
-
-
-NAME
-----
-cdist-type__group - Manage groups
-
-
-DESCRIPTION
------------
-This cdist type allows you to create or modify groups on the target.
-
-
-REQUIRED PARAMETERS
--------------------
-None.
-
-
-OPTIONAL PARAMETERS
--------------------
-gid::
- see groupmod(8)
-password::
- see above
-
-
-EXAMPLES
---------
-
---------------------------------------------------------------------------------
-# Create a group 'foobar' with operating system default settings
-__group foobar
-
-# Same but with a specific gid
-__group foobar --gid 1234
-
-# Same but with a gid and password
-__group foobar --gid 1234 --password 'crypted-password-string'
---------------------------------------------------------------------------------
-
-
-SEE ALSO
---------
-- cdist-type(7)
-
-
-COPYING
--------
-Copyright \(C) 2011 Steven Armstrong. Free use of this software is
-granted under the terms of the GNU General Public License version 3 (GPLv3).
diff --git a/cdist/conf/type/__group/parameter/boolean b/cdist/conf/type/__group/parameter/boolean
new file mode 100644
index 00000000..bec3a35e
--- /dev/null
+++ b/cdist/conf/type/__group/parameter/boolean
@@ -0,0 +1 @@
+system
diff --git a/cdist/conf/type/__group/parameter/default/state b/cdist/conf/type/__group/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__group/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__group/parameter/optional b/cdist/conf/type/__group/parameter/optional
index 4c661c8f..dd51c173 100644
--- a/cdist/conf/type/__group/parameter/optional
+++ b/cdist/conf/type/__group/parameter/optional
@@ -1,2 +1,3 @@
gid
password
+state
diff --git a/docs/dev/show_all_exported_variables b/cdist/conf/type/__hostname/explorer/has_hostnamectl
similarity index 81%
rename from docs/dev/show_all_exported_variables
rename to cdist/conf/type/__hostname/explorer/has_hostnamectl
index 18acceca..2f531f30 100755
--- a/docs/dev/show_all_exported_variables
+++ b/cdist/conf/type/__hostname/explorer/has_hostnamectl
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# 2010-2011 Nico Schottelius (nico-cdist at schottelius.org)
+# 2014 Nico Schottelius (nico-cdist at schottelius.org)
#
# This file is part of cdist.
#
@@ -18,8 +18,7 @@
# along with cdist. If not, see .
#
#
-# Generate documentation of exported variables
+# Check whether system has hostnamectl
#
-
-cat bin/* | awk '/^export/ { print $2 }'
+command -v hostnamectl 2>/dev/null || true
diff --git a/cdist/conf/type/__hostname/explorer/max_len b/cdist/conf/type/__hostname/explorer/max_len
new file mode 100644
index 00000000..fb863949
--- /dev/null
+++ b/cdist/conf/type/__hostname/explorer/max_len
@@ -0,0 +1,10 @@
+#!/bin/sh -e
+
+command -v getconf >/dev/null || exit 0
+
+val=$(getconf HOST_NAME_MAX 2>/dev/null) || exit 0
+
+if test -n "${val}" -a "${val}" != 'undefined'
+then
+ echo "${val}"
+fi
diff --git a/cdist/conf/type/__hostname/gencode-remote b/cdist/conf/type/__hostname/gencode-remote
new file mode 100755
index 00000000..ae224611
--- /dev/null
+++ b/cdist/conf/type/__hostname/gencode-remote
@@ -0,0 +1,100 @@
+#!/bin/sh -e
+#
+# 2014-2017 Steven Armstrong (steven-cdist at armstrong.cc)
+# 2014 Nico Schottelius (nico-cdist at schottelius.org)
+# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+os=$(cat "$__global/explorer/os")
+name_running=$(cat "$__global/explorer/hostname")
+has_hostnamectl=$(cat "$__object/explorer/has_hostnamectl")
+
+
+if test -s "$__object/parameter/name"
+then
+ name_should=$(cat "$__object/parameter/name")
+else
+ case $os
+ in
+ # RedHat-derivatives and BSDs
+ centos|fedora|redhat|scientific|freebsd|macosx|netbsd|openbsd)
+ # Hostname is FQDN
+ name_should="${__target_host}"
+ ;;
+ *)
+ # Hostname is only first component of FQDN
+ name_should="${__target_host%%.*}"
+ ;;
+ esac
+fi
+
+
+################################################################################
+# Check if the (running) hostname is already correct
+#
+test "$name_running" != "$name_should" || exit 0
+
+
+################################################################################
+# Setup hostname
+#
+echo 'changed' >>"$__messages_out"
+
+# Use the good old way to set the hostname.
+case $os
+in
+ alpine|debian|devuan|ubuntu)
+ echo 'hostname -F /etc/hostname'
+ ;;
+ archlinux)
+ echo 'command -v hostnamectl >/dev/null 2>&1' \
+ "&& hostnamectl set-hostname '$name_should'" \
+ "|| hostname '$name_should'"
+ ;;
+ centos|fedora|redhat|scientific|freebsd|netbsd|openbsd|gentoo|void)
+ echo "hostname '$name_should'"
+ ;;
+ macosx)
+ echo "scutil --set HostName '$name_should'"
+ ;;
+ solaris)
+ echo "uname -S '$name_should'"
+ ;;
+ slackware|suse|opensuse-leap)
+ # We do not read from /etc/HOSTNAME, because the running
+ # hostname is the first component only while the file contains
+ # the FQDN.
+ echo "hostname '$name_should'"
+ ;;
+ *)
+ # Fall back to set the hostname using hostnamectl, if available.
+ if test -n "$has_hostnamectl"
+ then
+ # Don't use hostnamectl as the primary means to set the hostname for
+ # systemd systems, because it cannot be trusted to work reliably and
+ # exit with non-zero when it fails (e.g. hostname too long,
+ # D-Bus failure, etc.).
+
+ echo "hostnamectl set-hostname \"\$(cat /etc/hostname)\""
+ echo "test \"\$(hostname)\" = \"\$(cat /etc/hostname)\"" \
+ " || hostname -F /etc/hostname"
+ else
+ printf "echo 'Unsupported OS: %s' >&2\nexit 1\n" "$os"
+ fi
+ ;;
+esac
diff --git a/cdist/conf/type/__hostname/man.rst b/cdist/conf/type/__hostname/man.rst
new file mode 100644
index 00000000..72aefbab
--- /dev/null
+++ b/cdist/conf/type/__hostname/man.rst
@@ -0,0 +1,55 @@
+cdist-type__hostname(7)
+=======================
+
+NAME
+----
+cdist-type__hostname - Set the hostname
+
+
+DESCRIPTION
+-----------
+Sets the hostname on various operating systems.
+
+**Tip:** For advice on choosing a hostname, see
+`RFC 1178 `_.
+
+
+REQUIRED PARAMETERS
+-------------------
+None.
+
+OPTIONAL PARAMETERS
+-------------------
+name
+ The hostname to set. Defaults to the first segment of __target_host
+ (${__target_host%%.*})
+
+
+MESSAGES
+--------
+changed
+ Changed the hostname
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # take hostname from __target_host
+ __hostname
+
+ # set hostname explicitly
+ __hostname --name some-static-hostname
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2012 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__hostname/manifest b/cdist/conf/type/__hostname/manifest
new file mode 100755
index 00000000..75a90027
--- /dev/null
+++ b/cdist/conf/type/__hostname/manifest
@@ -0,0 +1,189 @@
+#!/bin/sh -e
+#
+# 2012 Steven Armstrong (steven-cdist at armstrong.cc)
+# 2014 Nico Schottelius (nico-cdist at schottelius.org)
+# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+not_supported() {
+ echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2
+ echo "Please contribute an implementation for it if you can." >&2
+ exit 1
+}
+
+set_hostname_systemd() {
+ echo "$1" | __file /etc/hostname --source -
+}
+
+os=$(cat "$__global/explorer/os")
+os_version=$(cat "$__global/explorer/os_version")
+os_major=$(echo "$os_version" | grep -o '^[0-9][0-9]*')
+
+max_len=$(cat "$__object/explorer/max_len")
+has_hostnamectl=$(cat "$__object/explorer/has_hostnamectl")
+
+if test -s "$__object/parameter/name"
+then
+ name_should=$(cat "$__object/parameter/name")
+else
+ case $os
+ in
+ # RedHat-derivatives and BSDs
+ centos|fedora|redhat|scientific|freebsd|netbsd|openbsd|slackware)
+ # Hostname is FQDN
+ name_should="${__target_host}"
+ ;;
+ suse|opensuse-leap)
+ # Classic SuSE stores the FQDN in /etc/HOSTNAME, while
+ # systemd does not. The running hostname is the first
+ # component in both cases.
+ # In versions before 15.x, the FQDN is stored in /etc/hostname.
+ if test -n "$has_hostnamectl" && test "$os_major" -ge 15 \
+ && test "$os_major" -ne 42
+ then
+ name_should="${__target_host%%.*}"
+ else
+ name_should="${__target_host}"
+ fi
+ ;;
+ *)
+ # Hostname is only first component of FQDN on all other systems.
+ name_should="${__target_host%%.*}"
+ ;;
+ esac
+fi
+
+if test -n "$max_len" && test "$(printf '%s' "$name_should" | wc -c)" -gt "$max_len"
+then
+ printf "Host name too long. Up to %u characters allowed.\n" "${max_len}" >&2
+ exit 1
+fi
+
+case $os
+in
+ alpine|debian|devuan|ubuntu|void)
+ echo "$name_should" | __file /etc/hostname --source -
+ ;;
+ archlinux)
+ if test -n "$has_hostnamectl"
+ then
+ set_hostname_systemd "$name_should"
+ else
+ echo 'Ancient ArchLinux variants without hostnamectl are not supported.' >&2
+ exit 1
+ # Only for ancient ArchLinux, write to /etc/rc.conf on pre-systemd
+ # versions. There are some versions which use /etc/hostname but not
+ # systemd. It is unclear which ones these are.
+
+ # __key_value '/etc/rc.conf:HOSTNAME' \
+ # --file /etc/rc.conf \
+ # --delimiter '=' --exact_delimiter \
+ # --key 'HOSTNAME' \
+ # --value "\"$name_should\""
+ fi
+ ;;
+ centos|fedora|redhat|scientific)
+ if test -z "$has_hostnamectl"
+ then
+ # Only write to /etc/sysconfig/network on non-systemd versions.
+ # On systemd-based versions this entry is ignored.
+ __key_value '/etc/sysconfig/network:HOSTNAME' \
+ --file /etc/sysconfig/network \
+ --delimiter '=' --exact_delimiter \
+ --key HOSTNAME \
+ --value "\"$name_should\""
+ else
+ set_hostname_systemd "$name_should"
+ fi
+ ;;
+ gentoo)
+ # Only write to /etc/conf.d/hostname on OpenRC-based installations.
+ # On systemd use hostnamectl(1) in gencode-remote.
+ if test -z "$has_hostnamectl"
+ then
+ __key_value '/etc/conf.d/hostname:hostname' \
+ --file /etc/conf.d/hostname \
+ --delimiter '=' --exact_delimiter \
+ --key 'hostname' \
+ --value "\"$name_should\""
+ else
+ set_hostname_systemd "$name_should"
+ fi
+ ;;
+ freebsd)
+ __key_value '/etc/rc.conf:hostname' \
+ --file /etc/rc.conf \
+ --delimiter '=' --exact_delimiter \
+ --key 'hostname' \
+ --value "\"$name_should\""
+ ;;
+ macosx)
+ # handled in gencode-remote
+ :
+ ;;
+ netbsd)
+ __key_value '/etc/rc.conf:hostname' \
+ --file /etc/rc.conf \
+ --delimiter '=' --exact_delimiter \
+ --key 'hostname' \
+ --value "\"$name_should\""
+
+ # To avoid confusion, ensure that the hostname is only stored once.
+ __file /etc/myname --state absent
+ ;;
+ openbsd)
+ echo "$name_should" | __file /etc/myname --source -
+ ;;
+ slackware)
+ # We write the FQDN into /etc/HOSTNAME. But /etc/rc.d/rc.M will only
+ # read the first component from this file and set it as the running
+ # hostname on boot.
+ echo "$name_should" | __file /etc/HOSTNAME --source -
+ ;;
+ solaris)
+ echo "$name_should" | __file /etc/nodename --source -
+ ;;
+ suse|opensuse-leap)
+ # Modern SuSE provides /etc/HOSTNAME as a symlink for
+ # backwards-compatibility. Unfortunately it cannot be used
+ # here as __file does not follow the symlink.
+ # Therefore, we use the presence of the hostnamectl binary as
+ # an indication of which file to use. This unfortunately does
+ # not work correctly on openSUSE 12.x which provides
+ # hostnamectl but not /etc/hostname.
+
+ if test -n "$has_hostnamectl" -a "$os_major" -gt 12
+ then
+ hostname_file='/etc/hostname'
+ else
+ hostname_file='/etc/HOSTNAME'
+ fi
+
+ echo "$name_should" | __file "$hostname_file" --source -
+ ;;
+ *)
+ # On other operating systems we fall back to systemd's
+ # hostnamectl if available…
+ if test -n "$has_hostnamectl"
+ then
+ set_hostname_systemd "$name_should"
+ else
+ not_supported
+ fi
+ ;;
+esac
diff --git a/cdist/conf/type/__hostname/parameter/optional b/cdist/conf/type/__hostname/parameter/optional
new file mode 100644
index 00000000..f121bdbf
--- /dev/null
+++ b/cdist/conf/type/__hostname/parameter/optional
@@ -0,0 +1 @@
+name
diff --git a/cdist/test/resolver/fixtures/object/__second/under-the/.cdist/.keep b/cdist/conf/type/__hostname/singleton
similarity index 100%
rename from cdist/test/resolver/fixtures/object/__second/under-the/.cdist/.keep
rename to cdist/conf/type/__hostname/singleton
diff --git a/cdist/conf/type/__hosts/man.rst b/cdist/conf/type/__hosts/man.rst
new file mode 100644
index 00000000..bece7967
--- /dev/null
+++ b/cdist/conf/type/__hosts/man.rst
@@ -0,0 +1,55 @@
+cdist-type__hosts(7)
+====================
+
+NAME
+----
+
+cdist-type__hosts - manage entries in /etc/hosts
+
+DESCRIPTION
+-----------
+
+Add or remove entries from */etc/hosts* file.
+
+OPTIONAL PARAMETERS
+-------------------
+
+state
+ If state is ``present``, make *object_id* resolve to *ip*. If
+ state is ``absent``, *object_id* will no longer resolve via
+ */etc/hosts*, if it was previously configured with this type.
+ Manually inserted entries are unaffected.
+
+ip
+ IP address, to which hostname (=\ *object_id*) must resolve. If
+ state is ``present``, this parameter is mandatory, if state is
+ ``absent``, this parameter is silently ignored.
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Now `funny' resolves to 192.168.1.76,
+ __hosts funny --ip 192.168.1.76
+ # and `happy' no longer resolve via /etc/hosts if it was
+ # previously configured via __hosts.
+ __hosts happy --state absent
+
+SEE ALSO
+--------
+
+:strong:`hosts`\ (5)
+
+AUTHORS
+-------
+
+Dmitry Bogatov
+
+
+COPYING
+-------
+
+Copyright (C) 2015,2016 Dmitry Bogatov. Free use of this software is granted
+under the terms of the GNU General Public License version 3 or later
+(GPLv3+).
diff --git a/cdist/conf/type/__hosts/manifest b/cdist/conf/type/__hosts/manifest
new file mode 100755
index 00000000..c536b83b
--- /dev/null
+++ b/cdist/conf/type/__hosts/manifest
@@ -0,0 +1,29 @@
+#!/bin/sh -e
+# Copyright (C) 2015 Bogatov Dmitry
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see .
+set -ue
+
+hostname="$__object_id"
+state="$(cat "$__object/parameter/state")"
+marker="# __hosts/$hostname"
+
+set -- "__hosts/$hostname" --file /etc/hosts --state "$state"
+
+if [ "$state" = absent ] ; then
+ __line "$@" --regex "$marker"
+else
+ ip="$(cat "$__object/parameter/ip")"
+ __line "$@" --line "$ip $hostname $marker"
+fi
diff --git a/cdist/conf/type/__hosts/parameter/default/state b/cdist/conf/type/__hosts/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__hosts/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__hosts/parameter/optional b/cdist/conf/type/__hosts/parameter/optional
new file mode 100644
index 00000000..411fc5d2
--- /dev/null
+++ b/cdist/conf/type/__hosts/parameter/optional
@@ -0,0 +1,2 @@
+state
+ip
diff --git a/cdist/conf/type/__install_bootloader_grub/explorer/target_os b/cdist/conf/type/__install_bootloader_grub/explorer/target_os
new file mode 100755
index 00000000..f235710a
--- /dev/null
+++ b/cdist/conf/type/__install_bootloader_grub/explorer/target_os
@@ -0,0 +1,100 @@
+#!/bin/sh
+#
+# 2010-2011 Nico Schottelius (nico-cdist at schottelius.org)
+# 2014 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# All os variables are lower case. Keep this file in alphabetical
+# order by os variable except in cases where order otherwise matters,
+# in which case keep the primary os and its derivatives together in
+# a block (see Debian and Redhat examples below).
+#
+
+chroot="$(cat "$__object/parameter/chroot")"
+
+if grep -q ^Amazon "$chroot/etc/system-release" 2>/dev/null; then
+ echo amazon
+ exit 0
+fi
+
+if [ -f "$chroot/etc/arch-release" ]; then
+ echo archlinux
+ exit 0
+fi
+
+if [ -f "$chroot/etc/cdist-preos" ]; then
+ echo cdist-preos
+ exit 0
+fi
+
+### Debian and derivatives
+if grep -q ^DISTRIB_ID=Ubuntu "$chroot/etc/lsb-release" 2>/dev/null; then
+ echo ubuntu
+ exit 0
+fi
+
+if [ -f "$chroot/etc/debian_version" ]; then
+ echo debian
+ exit 0
+fi
+###
+
+if [ -f "$chroot/etc/gentoo-release" ]; then
+ echo gentoo
+ exit 0
+fi
+
+if [ -f "$chroot/etc/openwrt_version" ]; then
+ echo openwrt
+ exit 0
+fi
+
+if [ -f "$chroot/etc/owl-release" ]; then
+ echo owl
+ exit 0
+fi
+
+### Redhat and derivatives
+if grep -q ^CentOS "$chroot/etc/redhat-release" 2>/dev/null; then
+ echo centos
+ exit 0
+fi
+
+if grep -q ^Fedora "$chroot/etc/redhat-release" 2>/dev/null; then
+ echo fedora
+ exit 0
+fi
+
+if [ -f "$chroot/etc/redhat-release" ]; then
+ echo redhat
+ exit 0
+fi
+###
+
+if [ -f "$chroot/etc/SuSE-release" ]; then
+ echo suse
+ exit 0
+fi
+
+if [ -f "$chroot/etc/slackware-version" ]; then
+ echo slackware
+ exit 0
+fi
+
+echo "Unknown OS" >&2
+exit 1
diff --git a/cdist/conf/type/__install_bootloader_grub/gencode-remote b/cdist/conf/type/__install_bootloader_grub/gencode-remote
new file mode 100755
index 00000000..1caebbbf
--- /dev/null
+++ b/cdist/conf/type/__install_bootloader_grub/gencode-remote
@@ -0,0 +1,97 @@
+#!/bin/sh -e
+#
+# 2011-2015 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+device="$(cat "$__object/parameter/device" 2>/dev/null || echo "/$__object_id")"
+chroot="$(cat "$__object/parameter/chroot")"
+
+target_os=$(cat "$__object/explorer/target_os")
+
+mkdir "$__object/files"
+install_script="$__object/files/install_script"
+# Link file descriptor #6 with stdout
+exec 6>&1
+# Link stdout with $install_script
+exec > "$install_script"
+
+# Generate script to install bootloader on distro
+printf '#!/bin/sh -l\n'
+
+case "$target_os" in
+ ubuntu|debian)
+ if [ -s "$__global/explorer/efi" ]; then
+ # FIXME: untested. maybe also just run update-grub for EFI system?
+ printf 'grub-mkconfig --output=/boot/efi/EFI/%s/grub.cfg\n' "$target_os"
+ printf 'mkdir -p /boot/efi/EFI/BOOT\n'
+ printf 'cp /boot/efi/EFI/%s/grubx64.efi /boot/efi/EFI/BOOT/bootx64.efi' "$target_os"
+ else
+ printf 'grub-install "%s"\n' "$device"
+ printf 'update-grub\n'
+ fi
+ ;;
+ archlinux)
+ if [ -s "$__global/explorer/efi" ]; then
+ echo "EFI boot loader installation is on your operating system ($target_os) is currently not supported by this type (${__type##*/})." >&2
+ echo "Please contribute an implementation for it if you can." >&2
+ exit 1
+ else
+ printf 'grub-install "%s"\n' "$device"
+ # bugfix/workarround: rebuild initramfs
+ # FIXME: doesn't belong here
+ printf 'mkinitcpio -p linux\n'
+ printf 'grub-mkconfig -o /boot/grub/grub.cfg\n'
+ fi
+ ;;
+ centos)
+ if [ -s "$__global/explorer/efi" ]; then
+ printf 'grub2-mkconfig --output=/boot/efi/EFI/%s/grub.cfg\n' "$target_os"
+ printf 'mkdir -p /boot/efi/EFI/BOOT\n'
+ printf 'cp /boot/efi/EFI/%s/grubx64.efi /boot/efi/EFI/BOOT/bootx64.efi' "$target_os"
+ else
+ printf 'grub2-install "%s"\n' "$device"
+ printf 'grub2-mkconfig --output=/boot/grub2/grub.cfg\n'
+ fi
+ ;;
+ *)
+ echo "Your operating system ($target_os) is currently not supported by this type (${__type##*/})." >&2
+ echo "If you can, please contribute an implementation for it." >&2
+ exit 1
+ ;;
+esac
+# Restore stdout and close file descriptor #6.
+exec 1>&6 6>&-
+
+
+cat << DONE
+# Ensure /tmp exists
+[ -d "${chroot}/tmp" ] || mkdir -m 1777 "${chroot}/tmp"
+# Generate script to run in chroot
+script=\$(mktemp "${chroot}/tmp/${__type##*/}.XXXXXXXXXX")
+cat > \$script << script_DONE
+$(cat "$install_script")
+script_DONE
+
+# Make script executable
+chmod +x "\$script"
+
+# Run script in chroot
+relative_script="\${script#$chroot}"
+chroot "$chroot" "\$relative_script"
+rm -rf \$script
+DONE
diff --git a/cdist/test/type/fixtures/__install/install b/cdist/conf/type/__install_bootloader_grub/install
similarity index 100%
rename from cdist/test/type/fixtures/__install/install
rename to cdist/conf/type/__install_bootloader_grub/install
diff --git a/cdist/conf/type/__install_bootloader_grub/man.rst b/cdist/conf/type/__install_bootloader_grub/man.rst
new file mode 100644
index 00000000..625db1d2
--- /dev/null
+++ b/cdist/conf/type/__install_bootloader_grub/man.rst
@@ -0,0 +1,48 @@
+cdist-type__install_bootloader_grub(7)
+======================================
+
+NAME
+----
+cdist-type__install_bootloader_grub - install grub2 bootloader on given disk
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to install grub2 bootloader on given disk.
+
+
+REQUIRED PARAMETERS
+-------------------
+None
+
+
+OPTIONAL PARAMETERS
+-------------------
+device
+ The device to install grub to. Defaults to object_id
+
+chroot
+ where to chroot before running grub-install. Defaults to /target.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __install_bootloader_grub /dev/sda
+
+ __install_bootloader_grub /dev/sda --chroot /mnt/foobar
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2011 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__install_bootloader_grub/parameter/default/chroot b/cdist/conf/type/__install_bootloader_grub/parameter/default/chroot
new file mode 100644
index 00000000..ea8c4bf7
--- /dev/null
+++ b/cdist/conf/type/__install_bootloader_grub/parameter/default/chroot
@@ -0,0 +1 @@
+/target
diff --git a/cdist/conf/type/__install_bootloader_grub/parameter/optional b/cdist/conf/type/__install_bootloader_grub/parameter/optional
new file mode 100644
index 00000000..0bd1ce46
--- /dev/null
+++ b/cdist/conf/type/__install_bootloader_grub/parameter/optional
@@ -0,0 +1,2 @@
+device
+chroot
diff --git a/cdist/conf/type/__install_chroot_mount/gencode-local b/cdist/conf/type/__install_chroot_mount/gencode-local
new file mode 120000
index 00000000..68dcbd6a
--- /dev/null
+++ b/cdist/conf/type/__install_chroot_mount/gencode-local
@@ -0,0 +1 @@
+../__chroot_mount/gencode-local
\ No newline at end of file
diff --git a/cdist/conf/type/__install_chroot_mount/gencode-remote b/cdist/conf/type/__install_chroot_mount/gencode-remote
new file mode 120000
index 00000000..b1a5485e
--- /dev/null
+++ b/cdist/conf/type/__install_chroot_mount/gencode-remote
@@ -0,0 +1 @@
+../__chroot_mount/gencode-remote
\ No newline at end of file
diff --git a/cdist/test/resolver/fixtures/object/__third/.keep b/cdist/conf/type/__install_chroot_mount/install
similarity index 100%
rename from cdist/test/resolver/fixtures/object/__third/.keep
rename to cdist/conf/type/__install_chroot_mount/install
diff --git a/cdist/conf/type/__install_chroot_mount/man.rst b/cdist/conf/type/__install_chroot_mount/man.rst
new file mode 100644
index 00000000..4054c4c4
--- /dev/null
+++ b/cdist/conf/type/__install_chroot_mount/man.rst
@@ -0,0 +1,42 @@
+cdist-type__install_chroot_mount(7)
+===================================
+
+NAME
+----
+cdist-type__install_chroot_mount - mount a chroot with install command
+
+
+DESCRIPTION
+-----------
+Mount and prepare a chroot for running commands within it.
+
+
+REQUIRED PARAMETERS
+-------------------
+None
+
+
+OPTIONAL PARAMETERS
+-------------------
+None
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __install_chroot_mount /path/to/chroot
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2012 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__install_chroot_mount/parameter b/cdist/conf/type/__install_chroot_mount/parameter
new file mode 120000
index 00000000..5b5c9e20
--- /dev/null
+++ b/cdist/conf/type/__install_chroot_mount/parameter
@@ -0,0 +1 @@
+../__chroot_mount/parameter
\ No newline at end of file
diff --git a/cdist/conf/type/__install_chroot_umount/gencode-remote b/cdist/conf/type/__install_chroot_umount/gencode-remote
new file mode 120000
index 00000000..f2bd2681
--- /dev/null
+++ b/cdist/conf/type/__install_chroot_umount/gencode-remote
@@ -0,0 +1 @@
+../__chroot_umount/gencode-remote
\ No newline at end of file
diff --git a/cdist/test/resolver/fixtures/object/__third/moon/.cdist/.keep b/cdist/conf/type/__install_chroot_umount/install
similarity index 100%
rename from cdist/test/resolver/fixtures/object/__third/moon/.cdist/.keep
rename to cdist/conf/type/__install_chroot_umount/install
diff --git a/cdist/conf/type/__install_chroot_umount/man.rst b/cdist/conf/type/__install_chroot_umount/man.rst
new file mode 100644
index 00000000..2e020c01
--- /dev/null
+++ b/cdist/conf/type/__install_chroot_umount/man.rst
@@ -0,0 +1,47 @@
+cdist-type__install_chroot_umount(7)
+====================================
+
+NAME
+----
+cdist-type__install_chroot_umount - unmount a chroot mounted by __install_chroot_mount
+
+
+DESCRIPTION
+-----------
+Undo what __install_chroot_mount did.
+
+
+REQUIRED PARAMETERS
+-------------------
+None
+
+
+OPTIONAL PARAMETERS
+-------------------
+None
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __install_chroot_umount /path/to/chroot
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__install_chroot_mount`\ (7)
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2012 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__install_chroot_umount/parameter b/cdist/conf/type/__install_chroot_umount/parameter
new file mode 120000
index 00000000..4148bcd0
--- /dev/null
+++ b/cdist/conf/type/__install_chroot_umount/parameter
@@ -0,0 +1 @@
+../__chroot_umount/parameter
\ No newline at end of file
diff --git a/cdist/conf/type/__install_config/files/remote/copy b/cdist/conf/type/__install_config/files/remote/copy
new file mode 100755
index 00000000..fa7fa9b7
--- /dev/null
+++ b/cdist/conf/type/__install_config/files/remote/copy
@@ -0,0 +1,48 @@
+#!/bin/sh -e
+#
+# 2011-2017 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# __remote_copy script to run cdist against a chroot on a remote host via ssh.
+#
+# Usage:
+# __remote_copy="/path/to/this/script /path/to/your/chroot" cdist config target-id
+#
+
+log() {
+ #echo "$@" | logger -t "__install_config copy"
+ :
+}
+
+chroot="$1"; shift
+target_host="$__target_host"
+
+# postfix target_host with chroot location
+code="$(echo "$@" | sed "s|$target_host:|$target_host:$chroot|g")"
+
+log "target_host: $target_host"
+log "chroot: $chroot"
+log "@: $*"
+log "code: $code"
+
+# copy files into chroot
+# __default_remote_copy and code should be split
+# shellcheck disable=SC2086
+$__default_remote_copy $code
+
+log "-----"
diff --git a/cdist/conf/type/__install_config/files/remote/exec b/cdist/conf/type/__install_config/files/remote/exec
new file mode 100755
index 00000000..c2057ebf
--- /dev/null
+++ b/cdist/conf/type/__install_config/files/remote/exec
@@ -0,0 +1,52 @@
+#!/bin/sh -e
+#
+# 2011-2017 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# __remote_exec script to run cdist against a chroot on a remote host via ssh.
+#
+# Usage:
+# __remote_exec="/path/to/this/script /path/to/your/chroot" cdist config target-id
+#
+
+log() {
+ #echo "$@" | logger -t "__install_config exec"
+ :
+}
+
+chroot="$1"; shift
+target_host="$__target_host"
+# In exec mode the first argument is the __target_host which we already got from env. Get rid of it.
+shift
+
+# escape ' with '"'"'
+code="$(echo "$@" | sed -e "s/'/'\"'\"'/g")"
+# shellcheck disable=SC2089
+code="chroot $chroot sh -e -c '$code'"
+
+log "target_host: $target_host"
+log "chroot: $chroot"
+log "@: $*"
+log "code: $code"
+
+# Run the code
+# __default_remote_exec and code should be split
+# shellcheck disable=SC2086,SC2090
+$__default_remote_exec "$target_host" $code
+
+log "-----"
diff --git a/cdist/conf/type/__install_config/gencode-local b/cdist/conf/type/__install_config/gencode-local
new file mode 100755
index 00000000..dd4f2a78
--- /dev/null
+++ b/cdist/conf/type/__install_config/gencode-local
@@ -0,0 +1,35 @@
+#!/bin/sh -e
+#
+# 2011-2018 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+chroot="$(cat "$__object/parameter/chroot")"
+remote_exec="$__type/files/remote/exec"
+remote_copy="$__type/files/remote/copy"
+
+cat << DONE
+export __cdist_install_config=yes
+export __cdist_log_level=$__cdist_log_level
+export __default_remote_exec="$__remote_exec"
+export __default_remote_copy="$__remote_copy"
+cdist config \
+ --remote-exec="$remote_exec $chroot" \
+ --remote-copy="$remote_copy $chroot" \
+ $__target_host
+DONE
+
diff --git a/cdist/test/resolver/fixtures/type/__first/.keep b/cdist/conf/type/__install_config/install
similarity index 100%
rename from cdist/test/resolver/fixtures/type/__first/.keep
rename to cdist/conf/type/__install_config/install
diff --git a/cdist/conf/type/__install_config/man.rst b/cdist/conf/type/__install_config/man.rst
new file mode 100644
index 00000000..0034e85d
--- /dev/null
+++ b/cdist/conf/type/__install_config/man.rst
@@ -0,0 +1,47 @@
+cdist-type__install_config(7)
+=============================
+
+NAME
+----
+cdist-type__install_config - run cdist config as part of the installation
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to run cdist config as part of the installation.
+It does this by using a custom __remote_{copy,exec} prefix which runs
+cdist config against the /target chroot on the remote host.
+
+
+REQUIRED PARAMETERS
+-------------------
+None
+
+
+OPTIONAL PARAMETERS
+-------------------
+chroot
+ where to chroot before running grub-install. Defaults to /target.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __install_config
+
+ __install_config --chroot /mnt/somewhere
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2011 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__install_config/parameter/default/chroot b/cdist/conf/type/__install_config/parameter/default/chroot
new file mode 100644
index 00000000..ea8c4bf7
--- /dev/null
+++ b/cdist/conf/type/__install_config/parameter/default/chroot
@@ -0,0 +1 @@
+/target
diff --git a/cdist/conf/type/__install_config/parameter/optional b/cdist/conf/type/__install_config/parameter/optional
new file mode 100644
index 00000000..fa32393d
--- /dev/null
+++ b/cdist/conf/type/__install_config/parameter/optional
@@ -0,0 +1 @@
+chroot
diff --git a/cdist/test/resolver/fixtures/type/__second/.keep b/cdist/conf/type/__install_config/singleton
similarity index 100%
rename from cdist/test/resolver/fixtures/type/__second/.keep
rename to cdist/conf/type/__install_config/singleton
diff --git a/cdist/conf/type/__install_coreos/gencode-remote b/cdist/conf/type/__install_coreos/gencode-remote
new file mode 100755
index 00000000..f550b5a5
--- /dev/null
+++ b/cdist/conf/type/__install_coreos/gencode-remote
@@ -0,0 +1,19 @@
+#!/bin/sh -e
+
+device=$(cat "${__object:?}/parameter/device")
+ignition=$(cat "${__object}/parameter/ignition")
+
+cat < "\${ignition_file}" << eof
+$(base64 "${ignition}")
+eof
+
+coreos-install -d "${device}" \
+ \$(if [ -s "\${ignition_file}" ]; then
+ printf -- "-i \${ignition_file}\\n"
+ fi)
+
+rm "\${ignition_file}"
+EOF
diff --git a/cdist/test/resolver/fixtures/type/__third/.keep b/cdist/conf/type/__install_coreos/install
similarity index 100%
rename from cdist/test/resolver/fixtures/type/__third/.keep
rename to cdist/conf/type/__install_coreos/install
diff --git a/cdist/conf/type/__install_coreos/man.rst b/cdist/conf/type/__install_coreos/man.rst
new file mode 100644
index 00000000..314f9f2a
--- /dev/null
+++ b/cdist/conf/type/__install_coreos/man.rst
@@ -0,0 +1,50 @@
+cdist-type__install_coreos(7)
+=============================
+
+NAME
+----
+
+cdist-type__install_coreos - Install CoreOS
+
+DESCRIPTION
+-----------
+
+This type installs CoreOS to a given device using coreos-install_, which is
+present in CoreOS ISO by default.
+
+.. _coreos-install: https://raw.githubusercontent.com/coreos/init/master/bin/coreos-install
+
+REQUIRED PARAMETERS
+-------------------
+
+device
+ A device CoreOS will be installed to.
+
+OPTIONAL PARAMETERS
+-------------------
+
+ignition
+ Path to ignition config.
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __install_coreos \
+ --device /dev/sda \
+ --ignition ignition.json
+
+
+AUTHORS
+-------
+
+Ľubomír Kučera
+
+COPYING
+-------
+
+Copyright \(C) 2018 Ľubomír Kučera. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/test/type/fixtures/__name_path/.keep b/cdist/conf/type/__install_coreos/parameter/default/ignition
similarity index 100%
rename from cdist/test/type/fixtures/__name_path/.keep
rename to cdist/conf/type/__install_coreos/parameter/default/ignition
diff --git a/cdist/conf/type/__install_coreos/parameter/optional b/cdist/conf/type/__install_coreos/parameter/optional
new file mode 100644
index 00000000..df284caa
--- /dev/null
+++ b/cdist/conf/type/__install_coreos/parameter/optional
@@ -0,0 +1 @@
+ignition
diff --git a/cdist/conf/type/__install_coreos/parameter/required b/cdist/conf/type/__install_coreos/parameter/required
new file mode 100644
index 00000000..f89ee6a8
--- /dev/null
+++ b/cdist/conf/type/__install_coreos/parameter/required
@@ -0,0 +1 @@
+device
diff --git a/cdist/test/type/fixtures/__not_install/.keep b/cdist/conf/type/__install_coreos/singleton
similarity index 100%
rename from cdist/test/type/fixtures/__not_install/.keep
rename to cdist/conf/type/__install_coreos/singleton
diff --git a/cdist/conf/type/__install_directory/explorer b/cdist/conf/type/__install_directory/explorer
new file mode 120000
index 00000000..ba2591e1
--- /dev/null
+++ b/cdist/conf/type/__install_directory/explorer
@@ -0,0 +1 @@
+../__directory/explorer
\ No newline at end of file
diff --git a/cdist/conf/type/__install_directory/gencode-remote b/cdist/conf/type/__install_directory/gencode-remote
new file mode 120000
index 00000000..c86d61c9
--- /dev/null
+++ b/cdist/conf/type/__install_directory/gencode-remote
@@ -0,0 +1 @@
+../__directory/gencode-remote
\ No newline at end of file
diff --git a/cdist/test/type/fixtures/__not_singleton/.keep b/cdist/conf/type/__install_directory/install
similarity index 100%
rename from cdist/test/type/fixtures/__not_singleton/.keep
rename to cdist/conf/type/__install_directory/install
diff --git a/cdist/conf/type/__install_directory/man.rst b/cdist/conf/type/__install_directory/man.rst
new file mode 120000
index 00000000..1ad7fa84
--- /dev/null
+++ b/cdist/conf/type/__install_directory/man.rst
@@ -0,0 +1 @@
+../__directory/man.rst
\ No newline at end of file
diff --git a/cdist/conf/type/__install_directory/parameter b/cdist/conf/type/__install_directory/parameter
new file mode 120000
index 00000000..e23d9672
--- /dev/null
+++ b/cdist/conf/type/__install_directory/parameter
@@ -0,0 +1 @@
+../__directory/parameter
\ No newline at end of file
diff --git a/cdist/conf/type/__install_file/explorer b/cdist/conf/type/__install_file/explorer
new file mode 120000
index 00000000..8479ee44
--- /dev/null
+++ b/cdist/conf/type/__install_file/explorer
@@ -0,0 +1 @@
+../__file/explorer
\ No newline at end of file
diff --git a/cdist/conf/type/__install_file/gencode-local b/cdist/conf/type/__install_file/gencode-local
new file mode 120000
index 00000000..9ce4e805
--- /dev/null
+++ b/cdist/conf/type/__install_file/gencode-local
@@ -0,0 +1 @@
+../__file/gencode-local
\ No newline at end of file
diff --git a/cdist/conf/type/__install_file/gencode-remote b/cdist/conf/type/__install_file/gencode-remote
new file mode 120000
index 00000000..f390bba4
--- /dev/null
+++ b/cdist/conf/type/__install_file/gencode-remote
@@ -0,0 +1 @@
+../__file/gencode-remote
\ No newline at end of file
diff --git a/cdist/test/type/fixtures/__without_boolean_parameters/.keep b/cdist/conf/type/__install_file/install
similarity index 100%
rename from cdist/test/type/fixtures/__without_boolean_parameters/.keep
rename to cdist/conf/type/__install_file/install
diff --git a/cdist/conf/type/__install_file/man.rst b/cdist/conf/type/__install_file/man.rst
new file mode 100644
index 00000000..c5409167
--- /dev/null
+++ b/cdist/conf/type/__install_file/man.rst
@@ -0,0 +1,112 @@
+cdist-type__install_file(7)
+===========================
+
+NAME
+----
+cdist-type__install_file - Manage files with install command.
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to create files, remove files and set file
+attributes on the target.
+
+If the file already exists on the target, then if it is a:
+
+regular file, and state is:
+ present
+ replace it with the source file if they are not equal
+ exists
+ do nothing
+symlink
+ replace it with the source file
+directory
+ replace it with the source file
+
+In any case, make sure that the file attributes are as specified.
+
+
+REQUIRED PARAMETERS
+-------------------
+None.
+
+OPTIONAL PARAMETERS
+-------------------
+state
+ 'present', 'absent' or 'exists', defaults to 'present' where:
+
+ present
+ the file is exactly the one from source
+ absent
+ the file does not exist
+ exists
+ the file from source but only if it doesn't already exist
+
+group
+ Group to chgrp to.
+
+mode
+ Unix permissions, suitable for chmod.
+
+owner
+ User to chown to.
+
+source
+ If supplied, copy this file from the host running cdist to the target.
+ If not supplied, an empty file or directory will be created.
+ If source is '-' (dash), take what was written to stdin as the file content.
+
+MESSAGES
+--------
+chgrp
+ Changed group membership
+chown
+ Changed owner
+chmod
+ Changed mode
+create
+ Empty file was created (no --source specified)
+remove
+ File exists, but state is absent, file will be removed by generated code.
+upload
+ File was uploaded
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Create /etc/cdist-configured as an empty file
+ __install_file /etc/cdist-configured
+ # The same thing
+ __install_file /etc/cdist-configured --state present
+ # Use __file from another type
+ __install_file /etc/issue --source "$__type/files/archlinux" --state present
+ # Delete existing file
+ __install_file /etc/cdist-configured --state absent
+ # Supply some more settings
+ __install_file /etc/shadow --source "$__type/files/shadow" \
+ --owner root --group shadow --mode 0640 \
+ --state present
+ # Provide a default file, but let the user change it
+ __install_file /home/frodo/.bashrc --source "/etc/skel/.bashrc" \
+ --state exists \
+ --owner frodo --mode 0600
+ # Take file content from stdin
+ __install_file /tmp/whatever --owner root --group root --mode 644 --source - << DONE
+ Here goes the content for /tmp/whatever
+ DONE
+
+
+AUTHORS
+-------
+Nico Schottelius
+
+
+COPYING
+-------
+Copyright \(C) 2011-2013 Nico Schottelius. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__install_file/parameter b/cdist/conf/type/__install_file/parameter
new file mode 120000
index 00000000..e5099e86
--- /dev/null
+++ b/cdist/conf/type/__install_file/parameter
@@ -0,0 +1 @@
+../__file/parameter
\ No newline at end of file
diff --git a/cdist/test/type/fixtures/__without_explorers/.keep b/cdist/conf/type/__install_fstab/install
similarity index 100%
rename from cdist/test/type/fixtures/__without_explorers/.keep
rename to cdist/conf/type/__install_fstab/install
diff --git a/cdist/conf/type/__install_fstab/man.rst b/cdist/conf/type/__install_fstab/man.rst
new file mode 100644
index 00000000..5562c139
--- /dev/null
+++ b/cdist/conf/type/__install_fstab/man.rst
@@ -0,0 +1,53 @@
+cdist-type__install_fstab(7)
+============================
+
+NAME
+----
+cdist-type__install_fstab - generate /etc/fstab during installation
+
+
+DESCRIPTION
+-----------
+Uses __install_generate_fstab to generate a /etc/fstab file and uploads it
+to the target machine at ${prefix}/etc/fstab.
+
+
+REQUIRED PARAMETERS
+-------------------
+None
+
+
+OPTIONAL PARAMETERS
+-------------------
+prefix
+ The prefix under which to generate the /etc/fstab file.
+ Defaults to /target.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __install_fstab
+
+ __install_fstab --prefix /mnt/target
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__install_generate_fstab`\ (7),
+:strong:`cdist-type__install_mount`\ (7)
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2011 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__install_fstab/manifest b/cdist/conf/type/__install_fstab/manifest
new file mode 100755
index 00000000..c5d24f3c
--- /dev/null
+++ b/cdist/conf/type/__install_fstab/manifest
@@ -0,0 +1,29 @@
+#!/bin/sh -e
+#
+# 2011 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+prefix="$(cat "$__object/parameter/prefix" 2>/dev/null || echo "/target")"
+
+[ -d "$__object/files" ] || mkdir "$__object/files"
+__install_generate_fstab --uuid --destination "$__object/files/fstab"
+require="__install_generate_fstab" \
+ __install_file "${prefix}/etc/fstab" --source "$__object/files/fstab" \
+ --mode 644 \
+ --owner root \
+ --group root
diff --git a/cdist/conf/type/__install_fstab/parameter/optional b/cdist/conf/type/__install_fstab/parameter/optional
new file mode 100644
index 00000000..f73f3093
--- /dev/null
+++ b/cdist/conf/type/__install_fstab/parameter/optional
@@ -0,0 +1 @@
+file
diff --git a/cdist/test/type/fixtures/__without_optional_parameters/.keep b/cdist/conf/type/__install_fstab/singleton
similarity index 100%
rename from cdist/test/type/fixtures/__without_optional_parameters/.keep
rename to cdist/conf/type/__install_fstab/singleton
diff --git a/cdist/conf/type/__install_generate_fstab/files/fstab.header b/cdist/conf/type/__install_generate_fstab/files/fstab.header
new file mode 100644
index 00000000..7653cc78
--- /dev/null
+++ b/cdist/conf/type/__install_generate_fstab/files/fstab.header
@@ -0,0 +1 @@
+# Generated by cdist __install_generate_fstab
diff --git a/cdist/conf/type/__install_generate_fstab/gencode-local b/cdist/conf/type/__install_generate_fstab/gencode-local
new file mode 100755
index 00000000..80455aaa
--- /dev/null
+++ b/cdist/conf/type/__install_generate_fstab/gencode-local
@@ -0,0 +1,65 @@
+#!/bin/sh -e
+#
+# 2011 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+destination="$(cat "$__object/parameter/destination")"
+cat "$__type/files/fstab.header" > "$destination"
+
+mkdir "$__object/files"
+# get current UUID's from target_host
+$__remote_exec "$__target_host" blkid > "$__object/files/blkid"
+
+find "$__global/object/__install_mount" -type d -name "$__cdist_object_marker" |
+while IFS= read -r object
+do
+ device="$(cat "$object/parameter/device")"
+ dir="$(cat "$object/parameter/dir")"
+ type="$(cat "$object/parameter/type")"
+ if [ -f "$object/parameter/options" ]; then
+ options="$(cat "$object/parameter/options")"
+ else
+ options="defaults"
+ fi
+ dump=0
+ case "$type" in
+ swap)
+ pass=0
+ dir="$type"
+ ;;
+ tmpfs)
+ pass=0
+ ;;
+ bind)
+ pass=0
+ type=none
+ options="bind,$options"
+ ;;
+ *)
+ pass=1
+ ;;
+ esac
+ if [ -f "$__object/parameter/uuid" ]; then
+ uuid="$(grep -w "$device" "$__object/files/blkid" | awk '{print $2}')"
+ if [ -n "$uuid" ]; then
+ echo "# $dir was on $device during installation" >> "$destination"
+ device="$uuid"
+ fi
+ fi
+ echo "$device $dir $type $options $dump $pass" >> "$destination"
+done
diff --git a/cdist/test/type/fixtures/__without_required_parameters/.keep b/cdist/conf/type/__install_generate_fstab/install
similarity index 100%
rename from cdist/test/type/fixtures/__without_required_parameters/.keep
rename to cdist/conf/type/__install_generate_fstab/install
diff --git a/cdist/conf/type/__install_generate_fstab/man.rst b/cdist/conf/type/__install_generate_fstab/man.rst
new file mode 100644
index 00000000..b38f8876
--- /dev/null
+++ b/cdist/conf/type/__install_generate_fstab/man.rst
@@ -0,0 +1,53 @@
+cdist-type__install_generate_fstab(7)
+=====================================
+
+NAME
+----
+cdist-type__install_generate_fstab - generate /etc/fstab during installation
+
+
+DESCRIPTION
+-----------
+Generates a /etc/fstab file from information retrieved from
+__install_mount definitions.
+
+
+REQUIRED PARAMETERS
+-------------------
+destination
+ The path where to store the generated fstab file.
+ Note that this is a path on the server, where cdist is running, not the target host.
+
+
+OPTIONAL PARAMETERS
+-------------------
+None
+
+
+BOOLEAN PARAMETERS
+-------------------
+uuid
+ use UUID instead of device in fstab
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __install_generate_fstab --destination /path/where/you/want/fstab
+
+ __install_generate_fstab --uuid --destination /path/where/you/want/fstab
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2012 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__install_generate_fstab/parameter/boolean b/cdist/conf/type/__install_generate_fstab/parameter/boolean
new file mode 100644
index 00000000..43ab6159
--- /dev/null
+++ b/cdist/conf/type/__install_generate_fstab/parameter/boolean
@@ -0,0 +1 @@
+uuid
diff --git a/cdist/conf/type/__install_generate_fstab/parameter/required b/cdist/conf/type/__install_generate_fstab/parameter/required
new file mode 100644
index 00000000..ac459b09
--- /dev/null
+++ b/cdist/conf/type/__install_generate_fstab/parameter/required
@@ -0,0 +1 @@
+destination
diff --git a/cdist/test/type/fixtures/list_types/__first/.keep b/cdist/conf/type/__install_generate_fstab/singleton
similarity index 100%
rename from cdist/test/type/fixtures/list_types/__first/.keep
rename to cdist/conf/type/__install_generate_fstab/singleton
diff --git a/cdist/conf/type/__install_mkfs/gencode-remote b/cdist/conf/type/__install_mkfs/gencode-remote
new file mode 100755
index 00000000..8fc2c98e
--- /dev/null
+++ b/cdist/conf/type/__install_mkfs/gencode-remote
@@ -0,0 +1,53 @@
+#!/bin/sh -e
+#
+# 2011-2013 Steven Armstrong (steven-cdist at armstrong.cc)
+# 2017 Nico Schottelius (nico-cdist at schottelius.org)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+device="$(cat "$__object/parameter/device")"
+type="$(cat "$__object/parameter/type")"
+
+case "$type" in
+ swap)
+ echo "mkswap -f $device"
+ exit 0
+ ;;
+ xfs)
+ command="mkfs.xfs -f -q"
+ ;;
+
+ vfat)
+ command="mkfs.vfat"
+ ;;
+
+ *)
+ command="mkfs -t $type -q"
+ ;;
+esac
+
+if [ -f "$__object/parameter/options" ]; then
+ options="$(cat "$__object/parameter/options")"
+ command="$command $options"
+fi
+
+command="$command $device"
+if [ -f "$__object/parameter/blocks" ]; then
+ blocks="$(cat "$__object/parameter/blocks")"
+ command="$command $blocks"
+fi
+echo "$command"
diff --git a/cdist/test/type/fixtures/list_types/__second/.keep b/cdist/conf/type/__install_mkfs/install
similarity index 100%
rename from cdist/test/type/fixtures/list_types/__second/.keep
rename to cdist/conf/type/__install_mkfs/install
diff --git a/cdist/conf/type/__install_mkfs/man.rst b/cdist/conf/type/__install_mkfs/man.rst
new file mode 100644
index 00000000..6e5c9aa9
--- /dev/null
+++ b/cdist/conf/type/__install_mkfs/man.rst
@@ -0,0 +1,62 @@
+cdist-type__install_mkfs(7)
+===========================
+
+NAME
+----
+cdist-type__install_mkfs - build a linux file system
+
+
+DESCRIPTION
+-----------
+This cdist type is a wrapper for the mkfs command.
+
+
+REQUIRED PARAMETERS
+-------------------
+type
+ The filesystem type to use. Same as used with mkfs -t.
+
+
+OPTIONAL PARAMETERS
+-------------------
+device
+ defaults to object_id
+
+options
+ file system-specific options to be passed to the mkfs command
+
+blocks
+ the number of blocks to be used for the file system
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # reiserfs /dev/sda5
+ __install_mkfs /dev/sda5 --type reiserfs
+
+ # same thing with explicit device
+ __install_mkfs whatever --device /dev/sda5 --type reiserfs
+
+ # jfs with journal on /dev/sda2
+ __install_mkfs /dev/sda1 --type jfs --options "-j /dev/sda2"
+
+
+SEE ALSO
+--------
+:strong:`mkfs`\ (8)
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2011 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__install_mkfs/manifest b/cdist/conf/type/__install_mkfs/manifest
new file mode 100755
index 00000000..b0a21dae
--- /dev/null
+++ b/cdist/conf/type/__install_mkfs/manifest
@@ -0,0 +1,25 @@
+#!/bin/sh -e
+#
+# 2011 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+# set defaults
+if [ ! -f "$__object/parameter/device" ]; then
+ device="/$__object_id"
+ echo "$device" > "$__object/parameter/device"
+fi
diff --git a/cdist/conf/type/__install_mkfs/parameter/optional b/cdist/conf/type/__install_mkfs/parameter/optional
new file mode 100644
index 00000000..86aeae30
--- /dev/null
+++ b/cdist/conf/type/__install_mkfs/parameter/optional
@@ -0,0 +1,3 @@
+device
+options
+blocks
diff --git a/cdist/conf/type/__install_mkfs/parameter/required b/cdist/conf/type/__install_mkfs/parameter/required
new file mode 100644
index 00000000..aa80e646
--- /dev/null
+++ b/cdist/conf/type/__install_mkfs/parameter/required
@@ -0,0 +1 @@
+type
diff --git a/cdist/conf/type/__install_mount/gencode-remote b/cdist/conf/type/__install_mount/gencode-remote
new file mode 100755
index 00000000..4415f0ff
--- /dev/null
+++ b/cdist/conf/type/__install_mount/gencode-remote
@@ -0,0 +1,68 @@
+#!/bin/sh -e
+#
+# 2011-2013 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+get_type_from_mkfs() {
+ _device="$1"
+ find "$__global/object/__install_mkfs" -type d -name "$__cdist_object_marker" |
+ while IFS= read -r mkfs_object
+ do
+ mkfs_device="$(cat "$mkfs_object/parameter/device")"
+ if [ "$_device" = "$mkfs_device" ]; then
+ cat "$mkfs_object/parameter/type"
+ break
+ fi
+ done
+ unset _device
+ unset mkfs_device
+ unset mkfs_object
+}
+
+device="$(cat "$__object/parameter/device")"
+dir="$(cat "$__object/parameter/dir")"
+prefix="$(cat "$__object/parameter/prefix")"
+if [ -f "$__object/parameter/type" ]; then
+ type="$(cat "$__object/parameter/type")"
+else
+ type="$(get_type_from_mkfs "$device")"
+ # store for later use by others
+ echo "$type" > "$__object/parameter/type"
+fi
+[ -n "$type" ] || {
+ echo "Can't determine type for $__object" >&2
+ exit 1
+}
+if [ "$type" = "swap" ]; then
+ printf 'swapon "%s"\n' "$device"
+else
+ mount_point="${prefix}${dir}"
+ printf '[ -d "%s" ] || mkdir -p "%s"\n' "$mount_point" "$mount_point"
+ printf 'mount'
+ if [ "$type" = "bind" ]; then
+ printf ' --bind'
+ device="${prefix}${device}"
+ else
+ printf ' -t "%s"' "$type"
+ fi
+ if [ -f "$__object/parameter/options" ]; then
+ printf ' -o %s' "$(cat "$__object/parameter/options")"
+ fi
+ printf ' "%s"' "$device"
+ printf ' "%s"\n' "$mount_point"
+fi
diff --git a/cdist/test/type/fixtures/list_types/__third/.keep b/cdist/conf/type/__install_mount/install
similarity index 100%
rename from cdist/test/type/fixtures/list_types/__third/.keep
rename to cdist/conf/type/__install_mount/install
diff --git a/cdist/conf/type/__install_mount/man.rst b/cdist/conf/type/__install_mount/man.rst
new file mode 100644
index 00000000..256cef53
--- /dev/null
+++ b/cdist/conf/type/__install_mount/man.rst
@@ -0,0 +1,65 @@
+cdist-type__install_mount(7)
+============================
+
+NAME
+----
+cdist-type__install_mount - mount filesystems in the installer
+
+
+DESCRIPTION
+-----------
+Mounts filesystems in the installer. Collects data to generate /etc/fstab.
+
+
+REQUIRED PARAMETERS
+-------------------
+device
+ the device to mount
+
+
+OPTIONAL PARAMETERS
+-------------------
+dir
+ where to mount device. Defaults to object_id.
+
+options
+ mount options passed to mount(8) and used in /etc/fstab
+
+type
+ filesystem type passed to mount(8) and used in /etc/fstab.
+ If type is swap, 'dir' is ignored.
+ Defaults to the filesystem used in __install_mkfs for the same 'device'.
+
+prefix
+ the prefix to prepend to 'dir' when mounting in the installer.
+ Defaults to /target.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __install_mount slash --dir / --device /dev/sda5 --options noatime
+ require="__install_mount/slash" __install_mount /boot --device /dev/sda1
+ __install_mount swap --device /dev/sda2 --type swap
+ require="__install_mount/slash" __install_mount /tmp --device tmpfs --type tmpfs
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__install_mkfs`\ (7),
+:strong:`cdist-type__install_mount_apply` (7)
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2011 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__install_mount/manifest b/cdist/conf/type/__install_mount/manifest
new file mode 100755
index 00000000..72fc26e2
--- /dev/null
+++ b/cdist/conf/type/__install_mount/manifest
@@ -0,0 +1,29 @@
+#!/bin/sh -e
+#
+# 2011 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+# set defaults
+if [ ! -f "$__object/parameter/dir" ]; then
+ dir="/$__object_id"
+ echo "$dir" > "$__object/parameter/dir"
+fi
+if [ ! -f "$__object/parameter/prefix" ]; then
+ prefix="/target"
+ echo "$prefix" > "$__object/parameter/prefix"
+fi
diff --git a/cdist/conf/type/__install_mount/parameter/optional b/cdist/conf/type/__install_mount/parameter/optional
new file mode 100644
index 00000000..08b6ad04
--- /dev/null
+++ b/cdist/conf/type/__install_mount/parameter/optional
@@ -0,0 +1,3 @@
+dir
+type
+options
diff --git a/cdist/conf/type/__install_mount/parameter/required b/cdist/conf/type/__install_mount/parameter/required
new file mode 100644
index 00000000..f89ee6a8
--- /dev/null
+++ b/cdist/conf/type/__install_mount/parameter/required
@@ -0,0 +1 @@
+device
diff --git a/cdist/conf/type/__install_partition_msdos/install b/cdist/conf/type/__install_partition_msdos/install
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__install_partition_msdos/man.rst b/cdist/conf/type/__install_partition_msdos/man.rst
new file mode 100644
index 00000000..c408a614
--- /dev/null
+++ b/cdist/conf/type/__install_partition_msdos/man.rst
@@ -0,0 +1,72 @@
+cdist-type__install_partition_msdos(7)
+======================================
+
+NAME
+----
+cdist-type__install_partition_msdos - creates msdos partitions
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to create msdos paritions.
+
+
+REQUIRED PARAMETERS
+-------------------
+type
+ the partition type used in fdisk (such as 82 or 83) or "extended"
+
+
+OPTIONAL PARAMETERS
+-------------------
+device
+ the device we're working on. Defaults to the string prefix of --partition
+
+minor
+ the partition number we're working on. Defaults to the numeric suffix of --partition
+
+partition
+ defaults to object_id
+
+bootable
+ mark partition as bootable, true or false, defaults to false
+
+size
+ the size of the partition (such as 32M or 15G, whole numbers
+ only), '+' for remaining space, or 'n%' for percentage of remaining
+ (these should only be used after all specific partition sizes are
+ specified). Defaults to +.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # 128MB, linux, bootable
+ __install_partition_msdos /dev/sda1 --type 83 --size 128M --bootable true
+ # 512MB, swap
+ __install_partition_msdos /dev/sda2 --type 82 --size 512M
+ # 100GB, extended
+ __install_partition_msdos /dev/sda3 --type extended --size 100G
+ # 10GB, linux
+ __install_partition_msdos /dev/sda5 --type 83 --size 10G
+ # 50% of the free space of the extended partition, linux
+ __install_partition_msdos /dev/sda6 --type 83 --size 50%
+ # rest of the extended partition, linux
+ __install_partition_msdos /dev/sda7 --type 83 --size +
+ # nvm device partition 2
+ __install_partition_msdos /dev/nvme0n1p2 --device /dev/nvme0n1 --minor 2 --type 83 --size 128M --bootable true
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2011-2017 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__install_partition_msdos/manifest b/cdist/conf/type/__install_partition_msdos/manifest
new file mode 100755
index 00000000..b32605fa
--- /dev/null
+++ b/cdist/conf/type/__install_partition_msdos/manifest
@@ -0,0 +1,46 @@
+#!/bin/sh -e
+#
+# 2011 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+# set defaults
+if [ -f "$__object/parameter/partition" ]; then
+ partition="(cat "$__object/parameter/partition")"
+else
+ partition="/$__object_id"
+ echo "$partition" > "$__object/parameter/partition"
+fi
+
+if [ ! -f "$__object/parameter/device" ]; then
+ device="$(echo "$partition" | sed 's/[0-9]//g')"
+ echo "$device" > "$__object/parameter/device"
+fi
+if [ ! -f "$__object/parameter/minor" ]; then
+ minor="$(echo "$partition" | sed 's/[^0-9]//g')"
+ echo "$minor" > "$__object/parameter/minor"
+fi
+
+if [ ! -f "$__object/parameter/bootable" ]; then
+ echo "false" > "$__object/parameter/bootable"
+fi
+if [ ! -f "$__object/parameter/size" ]; then
+ echo "+" > "$__object/parameter/size"
+fi
+
+# pull in the type that actually does something with the above parameters
+require="$__object_name" __install_partition_msdos_apply
diff --git a/cdist/conf/type/__install_partition_msdos/parameter/optional b/cdist/conf/type/__install_partition_msdos/parameter/optional
new file mode 100644
index 00000000..3b3f2083
--- /dev/null
+++ b/cdist/conf/type/__install_partition_msdos/parameter/optional
@@ -0,0 +1,5 @@
+device
+minor
+partition
+bootable
+size
diff --git a/cdist/conf/type/__install_partition_msdos/parameter/required b/cdist/conf/type/__install_partition_msdos/parameter/required
new file mode 100644
index 00000000..aa80e646
--- /dev/null
+++ b/cdist/conf/type/__install_partition_msdos/parameter/required
@@ -0,0 +1 @@
+type
diff --git a/cdist/conf/type/__install_partition_msdos_apply/explorer/partitions b/cdist/conf/type/__install_partition_msdos_apply/explorer/partitions
new file mode 100755
index 00000000..6be61af4
--- /dev/null
+++ b/cdist/conf/type/__install_partition_msdos_apply/explorer/partitions
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+cat /proc/partitions
diff --git a/cdist/conf/type/__install_partition_msdos_apply/files/lib.sh b/cdist/conf/type/__install_partition_msdos_apply/files/lib.sh
new file mode 100644
index 00000000..2db9a441
--- /dev/null
+++ b/cdist/conf/type/__install_partition_msdos_apply/files/lib.sh
@@ -0,0 +1,70 @@
+#!/bin/sh
+
+die() {
+ echo "[__install_partition_msdos_apply] $*" >&2
+ exit 1
+}
+debug() {
+ #echo "[__install_partition_msdos_apply] $*" >&2
+ :
+}
+
+fdisk_command() {
+ device="$1"
+ cmd="$2"
+
+ debug fdisk_command "running fdisk command '${cmd}' on device ${device}"
+ printf '%s\nw\n' "${cmd}" | fdisk -c -u "$device"
+ ret=$?
+ # give disk some time
+ sleep 1
+ return $ret
+}
+
+create_disklabel() {
+ device=$1
+
+ debug create_disklabel "creating new msdos disklabel"
+ fdisk_command "${device}" "o"
+ return $?
+}
+
+toggle_bootable() {
+ device="$1"
+ minor="$2"
+ fdisk_command "${device}" "a\\n${minor}\\n"
+ return $?
+}
+
+create_partition() {
+ device="$1"
+ minor="$2"
+ size="$3"
+ type="$4"
+ primary_count="$5"
+
+ if [ "$type" = "extended" ] || [ "$type" = "5" ]; then
+ # Extended partition
+ primary_extended='e\n'
+ first_minor="${minor}\\n"
+ [ "${minor}" = "4" ] && first_minor=""
+ type_minor="${minor}\\n"
+ [ "${minor}" = "1" ] && type_minor=""
+ type="5"
+ elif [ "${minor}" -lt "5" ]; then
+ primary_extended='p\n'
+ first_minor="${minor}\\n"
+ [ "${minor}" = "4" ] && first_minor=""
+ type_minor="${minor}\\n"
+ [ "${minor}" = "1" ] && type_minor=""
+ else
+ # Logical partitions
+ first_minor="${minor}\\n"
+ type_minor="${minor}\\n"
+ primary_extended='l\n'
+ [ "$primary_count" -gt "3" ] && primary_extended=""
+ fi
+ [ -n "${size}" ] && size="+${size}M"
+ fdisk_command "${device}" "n\\n${primary_extended}${first_minor}\\n${size}\\nt\\n${type_minor}${type}\\n"
+ return $?
+}
diff --git a/cdist/conf/type/__install_partition_msdos_apply/gencode-remote b/cdist/conf/type/__install_partition_msdos_apply/gencode-remote
new file mode 100755
index 00000000..a0b46b2d
--- /dev/null
+++ b/cdist/conf/type/__install_partition_msdos_apply/gencode-remote
@@ -0,0 +1,163 @@
+#!/bin/sh -e
+#
+# 2011-2013 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+#set -x
+
+die() {
+ echo "[__install_partition_msdos_apply] $*" >&2
+ exit 1
+}
+debug() {
+ #echo "[__install_partition_msdos_apply] $*" >&2
+ :
+}
+
+# Convert a size specifier 1G 100M or 50% into the corresponding numeric MB.
+size_to_mb() {
+ size=$1
+ available_size="$2"
+
+ number_suffix="$(echo "${size}" | sed -e 's:\.[0-9]\+::' -e 's:\([0-9]\+\)\([KkMmGg%]\)[Bb]\?:\1|\2:')"
+ number="$(echo "${number_suffix}" | cut -d '|' -f1)"
+ suffix="$(echo "${number_suffix}" | cut -d '|' -f2)"
+
+ case "$suffix" in
+ K|k)
+ size="$(( number / 1024 ))"
+ ;;
+ M|m)
+ size="$number"
+ ;;
+ G|g)
+ size="$(( number * 1024 ))"
+ ;;
+ %)
+ size="$(( available_size * number / 100 ))"
+ ;;
+ *)
+ size="-1"
+ esac
+ echo "$size"
+}
+
+get_objects() {
+ objects_file=$(mktemp)
+ find "$__global/object/__install_partition_msdos" -type d -name "$__cdist_object_marker" |
+ while IFS= read -r object
+ do
+ object_device="$(cat "$object/parameter/device")"
+ object_minor="$(cat "$object/parameter/minor")"
+ echo "$object_device $object_minor $object" >> "$objects_file"
+ done
+ sort -k 1,2 "$objects_file" | cut -d' ' -f 3
+ rm "$objects_file"
+ unset objects_file
+ unset object
+ unset object_device
+ unset object_minor
+}
+
+# include function library for use on target
+cat "$__type/files/lib.sh"
+
+partitions="$__object/explorer/partitions"
+objects=$(get_objects)
+current_device=""
+available_device_size=
+available_extended_size=
+available_size=
+primary_count=0
+for object in $objects; do
+ device="$(cat "$object/parameter/device")"
+ if [ "$current_device" != "$device" ]; then
+ echo "create_disklabel '$device' || die 'Failed to create disklabel for $device'"
+ current_device="$device"
+ device_name=$(echo "${device}" | sed -e 's:^/dev/::;s:/:\\/:g')
+ available_device_size=$(( $(awk "/${device_name}\$/ { print \$3; }" "$partitions") / 1024))
+ # make sure we don't go past the end of the drive
+ available_device_size=$((available_device_size - 2))
+ available_extended_size=0
+ primary_count=0
+ debug "----- $device"
+ debug "current_device=$current_device"
+ debug "available_device_size=$available_device_size"
+ fi
+
+ type="$(cat "$object/parameter/type")"
+ partition="$(cat "$object/parameter/partition")"
+ minor="$(cat "$object/parameter/minor")"
+
+ bootable="$(cat "$object/parameter/bootable")"
+ size="$(cat "$object/parameter/size")"
+
+
+ if [ "${minor}" -lt "5" ]; then
+ # Primary partitions
+ primary_count=$(( primary_count + 1 ))
+ available_size=$available_device_size
+ else
+ # Logical partitions
+ available_size=$available_extended_size
+ fi
+
+ if [ "$size" = "+" ]; then
+ # use rest of device
+ partition_size=""
+ available_size=0
+ else
+ partition_size=$(size_to_mb "$size" "$available_size")
+ available_size="$(( available_size - partition_size ))"
+ fi
+
+ if [ "${minor}" -lt "5" ]; then
+ # Primary partitions
+ available_device_size=$available_size
+ if [ "$type" = "extended" ] || [ "$type" = "5" ]; then
+ # Extended partition
+ available_extended_size=$partition_size
+ fi
+ else
+ # Logical paritions
+ available_extended_size=$available_size
+ fi
+
+ [ "$partition_size" = "-1" ] && die "could not translate size '$size' to a usable value"
+ debug "----- $partition"
+ debug "primary_count=$primary_count"
+ debug "current_device=$current_device"
+ debug "device=$device"
+ debug "type=$type"
+ debug "partition=$partition"
+ debug "minor=$minor"
+ debug "bootable=$bootable"
+ debug "size=$size"
+ debug "partition_size=$partition_size"
+ debug "available_size=$available_size"
+ debug "available_device_size=$available_device_size"
+ debug "available_extended_size=$available_extended_size"
+ debug "----------"
+
+ echo "create_partition '$device' '$minor' '$partition_size' '$type' '$primary_count' \
+ || die 'Failed to create partition: $partition'"
+
+ if [ "$bootable" = "true" ]; then
+ echo "toggle_bootable '$device' '$minor' || die 'Failed to toogle bootable flag for partition: $partition'"
+ fi
+done
diff --git a/cdist/conf/type/__install_partition_msdos_apply/install b/cdist/conf/type/__install_partition_msdos_apply/install
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__install_partition_msdos_apply/man.rst b/cdist/conf/type/__install_partition_msdos_apply/man.rst
new file mode 100644
index 00000000..80740fde
--- /dev/null
+++ b/cdist/conf/type/__install_partition_msdos_apply/man.rst
@@ -0,0 +1,47 @@
+cdist-type__install_partition_msdos_apply(7)
+============================================
+
+NAME
+----
+cdist-type__install_partition_msdos_apply - Apply dos partition settings
+
+
+DESCRIPTION
+-----------
+Create the partitions defined with __install_partition_msdos
+
+
+REQUIRED PARAMETERS
+-------------------
+None
+
+
+OPTIONAL PARAMETERS
+-------------------
+None
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __install_partition_msdos_apply
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__install_partition_msdos_apply`\ (7)
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2011 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__install_partition_msdos_apply/singleton b/cdist/conf/type/__install_partition_msdos_apply/singleton
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__install_reboot/gencode-remote b/cdist/conf/type/__install_reboot/gencode-remote
new file mode 100755
index 00000000..9a6322c1
--- /dev/null
+++ b/cdist/conf/type/__install_reboot/gencode-remote
@@ -0,0 +1,30 @@
+#!/bin/sh -e
+#
+# 2011 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+#echo "reboot $options"
+cat << DONE
+echo 1 > /proc/sys/kernel/sysrq
+echo s > /proc/sysrq-trigger
+
+# close file descriptors to detach from ssh
+sh -c 'sleep 3; echo b > /proc/sysrq-trigger' > /dev/null 2>&1
+
+
+COPYING
+-------
+Copyright \(C) 2011 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__install_reboot/singleton b/cdist/conf/type/__install_reboot/singleton
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__install_reset_disk/gencode-remote b/cdist/conf/type/__install_reset_disk/gencode-remote
new file mode 100755
index 00000000..ac9ae6cf
--- /dev/null
+++ b/cdist/conf/type/__install_reset_disk/gencode-remote
@@ -0,0 +1,71 @@
+#!/bin/sh -e
+#
+# 2012 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+disk="/$__object_id"
+disk_name="${disk##*/}"
+
+cat << DONE
+
+debug() {
+ echo "[DEBUG] \$@" >&2
+}
+
+find_md_device_names() {
+ local disk_name="\$1"
+ for slave in \$(find /sys/devices/virtual/block/*/slaves/ -name "\${disk_name}*"); do
+ debug "slave: \$slave"
+ for holder in \$slave/holders/*; do
+ debug "holder: \$holder"
+ if [ -d "\$holder/md" ]; then
+ debug "mdadm found at \$holder"
+ holder_name="\${holder##*/}"
+ echo "\$holder_name"
+ fi
+ done
+ done
+}
+
+# disable any enabled volume group
+if command -v vgchange >/dev/null; then
+ vgchange -a n
+else
+ echo "WARNING: vgchange command not found" >&2
+fi
+
+# disable any running mdadm arrays related to $disk
+for md_name in \$(find_md_device_names "$disk_name" | sort | uniq); do
+ echo "md_name: \$md_name"
+ if command -v mdadm >/dev/null; then
+ mdadm --stop "/dev/\$md_name"
+ else
+ echo "WARNING: mdadm command not found" >&2
+ echo "WARNING: could not stop active mdadm raid for disk $disk" >&2
+ fi
+done
+
+# clean disks from any legacy signatures
+if command -v wipefs >/dev/null; then
+ wipefs -a "$disk" || true
+fi
+
+# erase partition table
+dd if=/dev/zero of=$disk bs=512 count=1
+printf 'w\\n' | fdisk -u -c $disk || true
+DONE
diff --git a/cdist/conf/type/__install_reset_disk/install b/cdist/conf/type/__install_reset_disk/install
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__install_reset_disk/man.rst b/cdist/conf/type/__install_reset_disk/man.rst
new file mode 100644
index 00000000..fadeec71
--- /dev/null
+++ b/cdist/conf/type/__install_reset_disk/man.rst
@@ -0,0 +1,43 @@
+cdist-type__install_reset_disk(7)
+=================================
+
+NAME
+----
+cdist-type__install_reset_disk - reset a disk
+
+
+DESCRIPTION
+-----------
+Remove partition table.
+Remove all lvm labels.
+Remove mdadm superblock.
+
+
+REQUIRED PARAMETERS
+-------------------
+None
+
+OPTIONAL PARAMETERS
+-------------------
+None
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __install_reset_disk /dev/sdb
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2012 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__install_stage/gencode-remote b/cdist/conf/type/__install_stage/gencode-remote
new file mode 100755
index 00000000..776e9fd5
--- /dev/null
+++ b/cdist/conf/type/__install_stage/gencode-remote
@@ -0,0 +1,38 @@
+#!/bin/sh -e
+#
+# 2011-2013 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+uri="$(cat "$__object/parameter/uri" 2>/dev/null \
+ || echo "$__object_id")"
+target="$(cat "$__object/parameter/target")"
+
+if [ "$__cdist_log_level" -le "10" ]
+then
+ curl="curl"
+ tar="tar -xvzp"
+else
+ curl="curl -s"
+ tar="tar -xzp"
+fi
+
+if [ -f "$__object/parameter/insecure" ] ; then
+ curl="$curl -k"
+fi
+
+echo "$curl '$uri' | $tar -C '$target'"
diff --git a/cdist/conf/type/__install_stage/install b/cdist/conf/type/__install_stage/install
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__install_stage/man.rst b/cdist/conf/type/__install_stage/man.rst
new file mode 100644
index 00000000..fd764693
--- /dev/null
+++ b/cdist/conf/type/__install_stage/man.rst
@@ -0,0 +1,58 @@
+cdist-type__install_stage(7)
+============================
+
+NAME
+----
+cdist-type__install_stage - download and unpack a stage file
+
+
+DESCRIPTION
+-----------
+Downloads a operating system stage using curl and unpacks it to /target
+using tar. The stage tarball is expected to be gzip compressed.
+
+
+REQUIRED PARAMETERS
+-------------------
+uri
+ The uri from which to fetch the tarball.
+ Can be anything understood by curl, e.g:
+ | http://path/to/stage.tgz
+ | tftp:///path/to/stage.tgz
+ | file:///local/path/stage.tgz
+
+
+OPTIONAL PARAMETERS
+-------------------
+target
+ where to unpack the tarball to. Defaults to /target.
+
+
+BOOLEAN PARAMETERS
+------------------
+insecure
+ run curl in insecure mode so it does not check the servers ssl certificate
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __install_stage --uri tftp:///path/to/stage.tgz
+ __install_stage --uri http://path/to/stage.tgz --target /mnt/foobar
+ __install_stage --uri file:///path/to/stage.tgz --target /target
+ __install_stage --uri https://path/to/stage.tgz --target /mnt/foobar --insecure
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2011 - 2013 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__install_stage/parameter/boolean b/cdist/conf/type/__install_stage/parameter/boolean
new file mode 100644
index 00000000..e86bf3fc
--- /dev/null
+++ b/cdist/conf/type/__install_stage/parameter/boolean
@@ -0,0 +1 @@
+insecure
diff --git a/cdist/conf/type/__install_stage/parameter/default/target b/cdist/conf/type/__install_stage/parameter/default/target
new file mode 100644
index 00000000..ea8c4bf7
--- /dev/null
+++ b/cdist/conf/type/__install_stage/parameter/default/target
@@ -0,0 +1 @@
+/target
diff --git a/cdist/conf/type/__install_stage/parameter/optional b/cdist/conf/type/__install_stage/parameter/optional
new file mode 100644
index 00000000..eb5a316c
--- /dev/null
+++ b/cdist/conf/type/__install_stage/parameter/optional
@@ -0,0 +1 @@
+target
diff --git a/cdist/conf/type/__install_stage/parameter/required b/cdist/conf/type/__install_stage/parameter/required
new file mode 100644
index 00000000..c7954952
--- /dev/null
+++ b/cdist/conf/type/__install_stage/parameter/required
@@ -0,0 +1 @@
+uri
diff --git a/cdist/conf/type/__install_stage/singleton b/cdist/conf/type/__install_stage/singleton
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__install_umount/gencode-remote b/cdist/conf/type/__install_umount/gencode-remote
new file mode 100755
index 00000000..8dcfb253
--- /dev/null
+++ b/cdist/conf/type/__install_umount/gencode-remote
@@ -0,0 +1,25 @@
+#!/bin/sh -e
+#
+# 2011 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+target="$(cat "$__object/parameter/target")"
+
+echo "swapoff -a"
+echo "umount -l ${target}/* || true"
+echo "umount -l ${target}"
diff --git a/cdist/conf/type/__install_umount/install b/cdist/conf/type/__install_umount/install
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__install_umount/man.rst b/cdist/conf/type/__install_umount/man.rst
new file mode 100644
index 00000000..59f63449
--- /dev/null
+++ b/cdist/conf/type/__install_umount/man.rst
@@ -0,0 +1,43 @@
+cdist-type__install_umount(7)
+=============================
+
+NAME
+----
+cdist-type__install_umount - umount target directory
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to recursively umount the given target directory.
+
+
+REQUIRED PARAMETERS
+-------------------
+None
+
+
+OPTIONAL PARAMETERS
+-------------------
+target
+ the mount point to umount. Defaults to object_id
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __install_umount /target
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2011 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__install_umount/parameter/default/target b/cdist/conf/type/__install_umount/parameter/default/target
new file mode 100644
index 00000000..ea8c4bf7
--- /dev/null
+++ b/cdist/conf/type/__install_umount/parameter/default/target
@@ -0,0 +1 @@
+/target
diff --git a/cdist/conf/type/__install_umount/parameter/optional b/cdist/conf/type/__install_umount/parameter/optional
new file mode 100644
index 00000000..eb5a316c
--- /dev/null
+++ b/cdist/conf/type/__install_umount/parameter/optional
@@ -0,0 +1 @@
+target
diff --git a/cdist/conf/type/__iptables_apply/files/init-script b/cdist/conf/type/__iptables_apply/files/init-script
new file mode 100644
index 00000000..d9c79ef7
--- /dev/null
+++ b/cdist/conf/type/__iptables_apply/files/init-script
@@ -0,0 +1,60 @@
+#!/bin/sh
+# Nico Schottelius
+# Zürisee, Mon Sep 2 18:38:27 CEST 2013
+#
+### BEGIN INIT INFO
+# Provides: iptables
+# Required-Start: $local_fs $remote_fs
+# Required-Stop: $local_fs $remote_fs
+# X-Start-Before: fail2ban
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Applies iptables ruleset
+# Description: Applies all rules found in /etc/iptables.d
+# and saves/restores previous status
+### END INIT INFO
+
+
+basedir=/etc/iptables.d
+status="${basedir}/.pre-start"
+
+case $1 in
+ start)
+ # Save status
+ iptables-save > "$status"
+
+ # Apply our ruleset
+ cd "$basedir" || exit
+ count="$(find . ! -name . -prune | wc -l)"
+
+ # Only do something if there are rules
+ if [ "$count" -ge 1 ]; then
+ for rule in *; do
+ echo "Applying iptables rule $rule ..."
+ # Rule should be split.
+ # shellcheck disable=SC2046
+ iptables $(cat "$rule")
+ done
+ fi
+ ;;
+
+ stop)
+ # Restore from status before, if there is something to restore
+ if [ -f "$status" ]; then
+ iptables-restore < "$status"
+ fi
+ ;;
+ restart)
+ "$0" stop && "$0" start
+ ;;
+ reset)
+ for table in INPUT FORWARD OUTPUT; do
+ iptables -P "$table" ACCEPT
+ iptables -F "$table"
+ done
+ for table in PREROUTING POSTROUTING OUTPUT; do
+ iptables -t nat -P "$table" ACCEPT
+ iptables -t nat -F "$table"
+ done
+ ;;
+esac
diff --git a/cdist/conf/type/__iptables_apply/gencode-remote b/cdist/conf/type/__iptables_apply/gencode-remote
new file mode 100755
index 00000000..a80cb936
--- /dev/null
+++ b/cdist/conf/type/__iptables_apply/gencode-remote
@@ -0,0 +1,5 @@
+#!/bin/sh -e
+
+if grep -q "^__file/etc/iptables.d/" "$__messages_in"; then
+ echo /etc/init.d/iptables restart
+fi
diff --git a/cdist/conf/type/__iptables_apply/man.rst b/cdist/conf/type/__iptables_apply/man.rst
new file mode 100644
index 00000000..76e1f6bf
--- /dev/null
+++ b/cdist/conf/type/__iptables_apply/man.rst
@@ -0,0 +1,45 @@
+cdist-type__iptables_apply(7)
+=============================
+
+NAME
+----
+cdist-type__iptables_apply - Apply the rules
+
+
+DESCRIPTION
+-----------
+This cdist type deploys an init script that triggers
+the configured rules and also re-applies them on
+configuration.
+
+
+REQUIRED PARAMETERS
+-------------------
+None
+
+OPTIONAL PARAMETERS
+-------------------
+None
+
+EXAMPLES
+--------
+
+None (__iptables_apply is used by __iptables_rule)
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__iptables_rule`\ (7), :strong:`iptables`\ (8)
+
+
+AUTHORS
+-------
+Nico Schottelius
+
+
+COPYING
+-------
+Copyright \(C) 2013 Nico Schottelius. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__iptables_apply/manifest b/cdist/conf/type/__iptables_apply/manifest
new file mode 100755
index 00000000..0061d3de
--- /dev/null
+++ b/cdist/conf/type/__iptables_apply/manifest
@@ -0,0 +1,27 @@
+#!/bin/sh -e
+#
+# 2013 Nico Schottelius (nico-cdist at schottelius.org)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+
+__file /etc/init.d/iptables \
+ --source "$__type/files/init-script" \
+ --state present \
+ --mode 0755
+
+require="__file/etc/init.d/iptables" __start_on_boot iptables
diff --git a/cdist/conf/type/__iptables_apply/singleton b/cdist/conf/type/__iptables_apply/singleton
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__iptables_rule/man.rst b/cdist/conf/type/__iptables_rule/man.rst
new file mode 100644
index 00000000..92d8859f
--- /dev/null
+++ b/cdist/conf/type/__iptables_rule/man.rst
@@ -0,0 +1,66 @@
+cdist-type__iptables_rule(7)
+============================
+
+NAME
+----
+cdist-type__iptables_rule - Deploy iptable rulesets
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to manage iptable rules
+in a distribution independent manner.
+
+
+REQUIRED PARAMETERS
+-------------------
+rule
+ The rule to apply. Essentially an iptables command
+ line without iptables in front of it.
+
+
+OPTIONAL PARAMETERS
+-------------------
+state
+ 'present' or 'absent', defaults to 'present'
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Deploy some policies
+ __iptables_rule policy-in --rule "-P INPUT DROP"
+ __iptables_rule policy-out --rule "-P OUTPUT ACCEPT"
+ __iptables_rule policy-fwd --rule "-P FORWARD DROP"
+
+ # The usual established rule
+ __iptables_rule established --rule "-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT"
+
+ # Some service rules
+ __iptables_rule http --rule "-A INPUT -p tcp --dport 80 -j ACCEPT"
+ __iptables_rule ssh --rule "-A INPUT -p tcp --dport 22 -j ACCEPT"
+ __iptables_rule https --rule "-A INPUT -p tcp --dport 443 -j ACCEPT"
+
+ # Ensure some rules are not present anymore
+ __iptables_rule munin --rule "-A INPUT -p tcp --dport 4949 -j ACCEPT" \
+ --state absent
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__iptables_apply`\ (7), :strong:`iptables`\ (8)
+
+
+AUTHORS
+-------
+Nico Schottelius
+
+
+COPYING
+-------
+Copyright \(C) 2013 Nico Schottelius. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__iptables_rule/manifest b/cdist/conf/type/__iptables_rule/manifest
new file mode 100755
index 00000000..ed78787f
--- /dev/null
+++ b/cdist/conf/type/__iptables_rule/manifest
@@ -0,0 +1,42 @@
+#!/bin/sh -e
+#
+# 2013 Nico Schottelius (nico-cdist at schottelius.org)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+
+base_dir=/etc/iptables.d
+
+name="$__object_id"
+state="$(cat "$__object/parameter/state")"
+
+################################################################################
+# Basic setup
+#
+
+__directory "$base_dir" --state present
+
+# Have apply do the real job
+require="$__object_name" __iptables_apply
+
+################################################################################
+# The rule
+#
+
+require="__directory/$base_dir" __file "$base_dir/${name}" \
+ --source "$__object/parameter/rule" \
+ --state "$state"
diff --git a/cdist/conf/type/__iptables_rule/parameter/default/state b/cdist/conf/type/__iptables_rule/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__iptables_rule/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__postgres_role/parameter/required b/cdist/conf/type/__iptables_rule/parameter/optional
similarity index 100%
rename from cdist/conf/type/__postgres_role/parameter/required
rename to cdist/conf/type/__iptables_rule/parameter/optional
diff --git a/cdist/conf/type/__iptables_rule/parameter/required b/cdist/conf/type/__iptables_rule/parameter/required
new file mode 100644
index 00000000..2b254dff
--- /dev/null
+++ b/cdist/conf/type/__iptables_rule/parameter/required
@@ -0,0 +1 @@
+rule
diff --git a/cdist/conf/type/__issue/man.rst b/cdist/conf/type/__issue/man.rst
new file mode 100644
index 00000000..097f2c01
--- /dev/null
+++ b/cdist/conf/type/__issue/man.rst
@@ -0,0 +1,47 @@
+cdist-type__issue(7)
+====================
+
+NAME
+----
+cdist-type__issue - Manage issue
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to easily setup /etc/issue.
+
+
+REQUIRED PARAMETERS
+-------------------
+None.
+
+
+OPTIONAL PARAMETERS
+-------------------
+source
+ If supplied, use this file as /etc/issue instead of default.
+
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __issue
+
+ # When called from another type
+ __issue --source "$__type/files/myfancyissue"
+
+
+AUTHORS
+-------
+Nico Schottelius
+
+
+COPYING
+-------
+Copyright \(C) 2011 Nico Schottelius. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__issue/man.text b/cdist/conf/type/__issue/man.text
deleted file mode 100644
index 40ed920e..00000000
--- a/cdist/conf/type/__issue/man.text
+++ /dev/null
@@ -1,47 +0,0 @@
-cdist-type__issue(7)
-====================
-Nico Schottelius
-
-
-NAME
-----
-cdist-type__issue - Manage issue
-
-
-DESCRIPTION
------------
-This cdist type allows you to easily setup /etc/issue.
-
-
-REQUIRED PARAMETERS
--------------------
-None.
-
-
-OPTIONAL PARAMETERS
--------------------
-source::
- If supplied, use this file as /etc/issue instead of default.
-
-
-
-EXAMPLES
---------
-
---------------------------------------------------------------------------------
-__issue
-
-# When called from another type
-__issue --source "$__type/files/myfancyissue"
---------------------------------------------------------------------------------
-
-
-SEE ALSO
---------
-- cdist-type(7)
-
-
-COPYING
--------
-Copyright \(C) 2011 Nico Schottelius. Free use of this software is
-granted under the terms of the GNU General Public License version 3 (GPLv3).
diff --git a/cdist/conf/type/__issue/manifest b/cdist/conf/type/__issue/manifest
index d2720f2d..0f0b3d83 100755
--- a/cdist/conf/type/__issue/manifest
+++ b/cdist/conf/type/__issue/manifest
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/sh -e
#
# 2011-2012 Nico Schottelius (nico-cdist at schottelius.org)
#
@@ -25,6 +25,9 @@ os="$(cat "$__global/explorer/os")"
if [ -f "$__object/parameter/source" ]; then
source="$(cat "$__object/parameter/source")"
+ if [ "$source" = "-" ]; then
+ source="${__object}/stdin"
+ fi
else
case "$os" in
archlinux|redhat)
diff --git a/cdist/conf/type/__jail/man.rst b/cdist/conf/type/__jail/man.rst
new file mode 100644
index 00000000..7fc8f455
--- /dev/null
+++ b/cdist/conf/type/__jail/man.rst
@@ -0,0 +1,124 @@
+cdist-type__jail(7)
+===================
+
+NAME
+----
+cdist-type__jail - Manage FreeBSD jails
+
+
+DESCRIPTION
+-----------
+This type is used on FreeBSD to manage jails by calling the appropriate per-version subtype.
+
+
+REQUIRED PARAMETERS
+-------------------
+state
+ Either "present" or "absent", defaults to "present".
+
+jailbase
+ The location of the .tgz archive containing the base fs for your jails.
+
+
+OPTIONAL PARAMETERS
+-------------------
+name
+ The name of the jail. Default is to use the object_id as the jail name.
+
+ip
+ The ifconfig style IP/netmask combination to use for the jail guest. If
+ the state parameter is "present," this parameter is required.
+
+hostname
+ The FQDN to use for the jail guest. Defaults to the name parameter.
+
+interface
+ The name of the physical interface on the jail server to bind the jail to.
+ Defaults to the first interface found in the output of ifconfig -l.
+
+devfs-ruleset
+ The name of the devfs ruleset to associate with the jail. Defaults to
+ "jailrules." This ruleset must be copied to the server via another type.
+ To use this option, devfs-enable must be "true."
+
+jaildir
+ The location on the remote server to use for hosting jail filesystems.
+ Defaults to /usr/jail.
+
+BOOLEAN PARAMETERS
+------------------
+stopped
+ Do not start the jail
+
+devfs-disable
+ Whether to disallow devfs mounting within the jail
+
+onboot
+ Whether to add the jail to rc.conf's jail_list variable.
+
+
+CAVEATS
+-------
+This type does not currently support modification of jail options. If, for
+example a jail needs to have its IP address or netmask changed, the jail must
+be removed then re-added with the correct IP address/netmask or the appropriate
+line (jail__ip="...") modified within rc.conf through some alternate
+means.
+
+MESSAGES
+--------
+start
+ The jail was started
+stop
+ The jail was stopped
+create:
+ The jail was created
+delete
+ The jail was deleted
+onboot
+ The jail was configured to start on boot
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Create a jail called www
+ __jail www --state present --ip "192.168.1.2" --jailbase /my/jail/base.tgz
+
+ # Remove the jail called www
+ __jail www --state absent --jailbase /my/jail/base.tgz
+
+ # The jail www should not be started
+ __jail www --state present --stopped \
+ --ip "192.168.1.2 netmask 255.255.255.0" \
+ --jailbase /my/jail/base.tgz
+
+ # Use the name variable explicitly
+ __jail thisjail --state present --name www \
+ --ip "192.168.1.2" \
+ --jailbase /my/jail/base.tgz
+
+ # Go nuts
+ __jail lotsofoptions --state present --name testjail \
+ --ip "192.168.1.100 netmask 255.255.255.0" \
+ --hostname "testjail.example.com" --interface "em0" \
+ --onboot --jailbase /my/jail/base.tgz --jaildir /jails
+
+
+SEE ALSO
+--------
+:strong:`jail`\ (8)
+
+
+AUTHORS
+-------
+Jake Guffey
+
+
+COPYING
+-------
+Copyright \(C) 2012,2016 Jake Guffey. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__jail/man.text b/cdist/conf/type/__jail/man.text
deleted file mode 100644
index 8682effe..00000000
--- a/cdist/conf/type/__jail/man.text
+++ /dev/null
@@ -1,106 +0,0 @@
-cdist-type__jail(7)
-===================
-Jake Guffey
-
-
-NAME
-----
-cdist-type__jail - Manage FreeBSD jails
-
-
-DESCRIPTION
------------
-This type is used on FreeBSD to manage jails.
-
-
-REQUIRED PARAMETERS
--------------------
-state::
- Either "present" or "absent."
-
-jailbase::
- The location of the .tgz archive containing the base fs for your jails.
-
-
-OPTIONAL PARAMETERS
--------------------
-name::
- The name of the jail. Default is to use the object_id as the jail name.
-
-started::
- Either "true" or "false." Defaults to true.
-
-ip::
- The ifconfig style IP/netmask combination to use for the jail guest. If
- the state parameter is "present," this parameter is required.
-
-hostname::
- The FQDN to use for the jail guest. Defaults to the name parameter.
-
-interface::
- The name of the physical interface on the jail server to bind the jail to.
- Defaults to the first interface found in the output of ifconfig -l.
-
-devfs-enable::
- Whether to allow devfs mounting within the jail. Must be "true" or "false."
- Defaults to true.
-
-devfs-ruleset::
- The name of the devfs ruleset to associate with the jail. Defaults to
- "jailrules." This ruleset must be copied to the server via another type.
- To use this option, devfs-enable must be "true."
-
-onboot::
- Whether to add the jail to rc.conf's jail_list variable. Must be either
- "true" or "false." Defaults to false.
-
-jaildir::
- The location on the remote server to use for hosting jail filesystems.
- Defaults to /usr/jail.
-
-
-CAVEATS
--------
-This type does not currently support modification of jail options. If, for
-example a jail needs to have its IP address or netmask changed, the jail must
-be removed then re-added with the correct IP address/netmask or the appropriate
-line (jail__ip="...") modified within rc.conf through some alternate
-means.
-
-EXAMPLES
---------
-
---------------------------------------------------------------------------------
-# Create a jail called www
-__jail www --state present --ip "192.168.1.2" --jailbase /my/jail/base.tgz
-
-# Remove the jail called www
-__jail www --state absent --jailbase /my/jail/base.tgz
-
-# Ensure that the jail called www is started
-__jail www --state present --started true \
- --ip "192.168.1.2 netmask 255.255.255.0" \
- --jailbase /my/jail/base.tgz
-
-# Use the name variable explicitly
-__jail thisjail --state present --name www \
- --ip "192.168.1.2" \
- --jailbase /my/jail/base.tgz
-
-# Go nuts
-__jail lotsofoptions --state present --name testjail --started true \
- --ip "192.168.1.100 netmask 255.255.255.0" \
- --hostname "testjail.example.com" --interface "em0" \
- --onboot yes --jailbase /my/jail/base.tgz --jaildir /jails
---------------------------------------------------------------------------------
-
-
-SEE ALSO
---------
-- cdist-type(7)
-
-
-COPYING
--------
-Copyright \(C) 2012 Jake Guffey. Free use of this software is
-granted under the terms of the GNU General Public License version 3 (GPLv3).
diff --git a/cdist/conf/type/__jail/manifest b/cdist/conf/type/__jail/manifest
index b2ecf2bc..fad6a3a1 100755
--- a/cdist/conf/type/__jail/manifest
+++ b/cdist/conf/type/__jail/manifest
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/sh -e
#
# 2012 Jake Guffey (jake.guffey at eprotex.com)
#
@@ -29,18 +29,26 @@
# Can only be used on FreeBSD
os="$(cat "$__global/explorer/os")"
if [ ! "$os" = "freebsd" ]; then
- echo "__jail can only be used on FreeBSD targets!" >&2
- exit 1
+ echo "__jail can only be used on FreeBSD targets!" >&2
+ exit 1
fi
-if [ -f "$__object/parameter/jaildir" ]; then
- jaildir="$(cat "$__object/parameter/name")"
+jaildir="$(cat "$__object/parameter/jaildir")"
+
+__directory "${jaildir}" --parents
+
+set -- "$@" "$__object_id"
+cd "$__object/parameter"
+for property in *; do
+ set -- "$@" "--$property" "$(cat "$property")"
+done
+
+if grep -q '^10\.' "$(cat "$__global/explorer/os_version")" ; then # Version is 10.x
+ __jail_freebsd10 "$@"
else
- jaildir="/usr/jail"
+ __jail_freebsd9 "$@"
fi
-__directory ${jaildir} --parents yes
-
# Debug
#set +x
diff --git a/cdist/conf/type/__jail/parameter/boolean b/cdist/conf/type/__jail/parameter/boolean
new file mode 100644
index 00000000..39144f6f
--- /dev/null
+++ b/cdist/conf/type/__jail/parameter/boolean
@@ -0,0 +1,3 @@
+onboot
+stopped
+devfs-disable
diff --git a/cdist/conf/type/__jail/parameter/default/devfs-ruleset b/cdist/conf/type/__jail/parameter/default/devfs-ruleset
new file mode 100644
index 00000000..f602aa0a
--- /dev/null
+++ b/cdist/conf/type/__jail/parameter/default/devfs-ruleset
@@ -0,0 +1 @@
+jailrules
diff --git a/cdist/conf/type/__jail/parameter/default/jailbase b/cdist/conf/type/__jail/parameter/default/jailbase
new file mode 100644
index 00000000..8b137891
--- /dev/null
+++ b/cdist/conf/type/__jail/parameter/default/jailbase
@@ -0,0 +1 @@
+
diff --git a/cdist/conf/type/__jail/parameter/default/jaildir b/cdist/conf/type/__jail/parameter/default/jaildir
new file mode 100644
index 00000000..ec7d86c6
--- /dev/null
+++ b/cdist/conf/type/__jail/parameter/default/jaildir
@@ -0,0 +1 @@
+/usr/jail
diff --git a/cdist/conf/type/__jail/parameter/default/state b/cdist/conf/type/__jail/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__jail/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__jail/parameter/optional b/cdist/conf/type/__jail/parameter/optional
index 1b5f0810..b36f0fa5 100644
--- a/cdist/conf/type/__jail/parameter/optional
+++ b/cdist/conf/type/__jail/parameter/optional
@@ -1,10 +1,8 @@
name
-started
ip
hostname
interface
-devfs-enable
devfs-ruleset
-onboot
jaildir
jailbase
+state
diff --git a/cdist/conf/type/__jail/explorer/basepresent b/cdist/conf/type/__jail_freebsd10/explorer/basepresent
similarity index 95%
rename from cdist/conf/type/__jail/explorer/basepresent
rename to cdist/conf/type/__jail_freebsd10/explorer/basepresent
index f167a19c..034128d5 100755
--- a/cdist/conf/type/__jail/explorer/basepresent
+++ b/cdist/conf/type/__jail_freebsd10/explorer/basepresent
@@ -26,7 +26,7 @@
#set -x
if [ -f "$__object/parameter/jaildir" ]; then
- jaildir="$(cat "$__object/parameter/name")"
+ jaildir="$(cat "$__object/parameter/jaildir")"
else
jaildir="/usr/jail"
fi
diff --git a/cdist/conf/type/__jail/explorer/present b/cdist/conf/type/__jail_freebsd10/explorer/present
similarity index 95%
rename from cdist/conf/type/__jail/explorer/present
rename to cdist/conf/type/__jail_freebsd10/explorer/present
index 2ba3b2af..ddfb805c 100755
--- a/cdist/conf/type/__jail/explorer/present
+++ b/cdist/conf/type/__jail_freebsd10/explorer/present
@@ -32,7 +32,7 @@ else
fi
if [ -f "$__object/parameter/jaildir" ]; then
- jaildir="$(cat "$__object/parameter/name")"
+ jaildir="$(cat "$__object/parameter/jaildir")"
else
jaildir="/usr/jail"
fi
diff --git a/cdist/conf/type/__jail/explorer/status b/cdist/conf/type/__jail_freebsd10/explorer/status
similarity index 90%
rename from cdist/conf/type/__jail/explorer/status
rename to cdist/conf/type/__jail_freebsd10/explorer/status
index fe81eaf7..c8039f21 100755
--- a/cdist/conf/type/__jail/explorer/status
+++ b/cdist/conf/type/__jail_freebsd10/explorer/status
@@ -32,14 +32,14 @@ else
fi
if [ -f "$__object/parameter/jaildir" ]; then
- jaildir="$(cat "$__object/parameter/name")"
+ jaildir="$(cat "$__object/parameter/jaildir")"
else
jaildir="/usr/jail"
fi
# backslash-escaped $jaildir
sjaildir="$(echo ${jaildir} | sed 's#/#\\/#g')"
-jls_output="$(jls | grep "[ ^I]${sjaildir}\/${name}\$")" || true
+jls_output="$(jls | grep "[ ]${sjaildir}\\/${name}\$")" || true
if [ -n "${jls_output}" ]; then
echo "STARTED"
diff --git a/cdist/conf/type/__jail_freebsd10/gencode-local b/cdist/conf/type/__jail_freebsd10/gencode-local
new file mode 100755
index 00000000..f163cad3
--- /dev/null
+++ b/cdist/conf/type/__jail_freebsd10/gencode-local
@@ -0,0 +1,59 @@
+#!/bin/sh -e
+#
+# 2012 Jake Guffey (jake.guffey at eprotex.com)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# The __jail type creates, configures, and deletes FreeBSD jails for use as
+# virtual machines.
+#
+
+# Debug
+#exec >&2
+#set -x
+
+jaildir="$(cat "$__object/parameter/jaildir")"
+
+jailbase="$(cat "$__object/parameter/jailbase")"
+
+state="$(cat "$__object/parameter/state")"
+
+if [ "$state" = "present" ] && [ -z "$jailbase" ]; then
+ exec >&2
+ echo "jailbase is a REQUIRED parameter when state=present!"
+ exit 1
+fi
+
+remotebase="${jaildir}/jailbase.tgz"
+basepresent="$(cat "$__object/explorer/basepresent")"
+
+if [ "$state" = "present" ]; then
+ if [ "$basepresent" = "NONE" ]; then
+ # IPv6 fix
+ if echo "${__target_host}" | grep -q -E '^[0-9a-fA-F:]+$'
+ then
+ my_target_host="[${__target_host}]"
+ else
+ my_target_host="${__target_host}"
+ fi
+ echo "$__remote_copy" "${jailbase}" "${my_target_host}:${remotebase}"
+ fi # basepresent=NONE
+fi # state=present
+
+# Debug
+#set +x
+
diff --git a/cdist/conf/type/__jail_freebsd10/gencode-remote b/cdist/conf/type/__jail_freebsd10/gencode-remote
new file mode 100755
index 00000000..4f376c25
--- /dev/null
+++ b/cdist/conf/type/__jail_freebsd10/gencode-remote
@@ -0,0 +1,362 @@
+#!/bin/sh -e
+#
+# 2012,2014,2016 Jake Guffey (jake.guffey at jointheirstm.org)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# The __jail_freebsd10 type creates, configures, and deletes FreeBSD
+# jails for use as virtual machines on FreeBSD 10.x.
+#
+
+# Debug
+#exec >&2
+#set -x
+
+if [ -f "$__object/parameter/name" ]; then
+ name="$(cat "$__object/parameter/name")"
+else
+ name="$__object_id"
+fi
+
+state="$(cat "$__object/parameter/state")"
+
+started="true"
+# If the user wants the jail gone, it implies it shouldn't be started.
+{ [ -f "$__object/parameter/stopped" ] || [ "$state" = "absent" ]; } && started="false"
+
+if [ -f "$__object/parameter/ip" ]; then
+ ip="$(cat "$__object/parameter/ip")"
+else
+# IP is an optional param when $state=absent, but
+# when $state=present, it's required. Enforce this.
+ if [ "$state" = "present" ]; then
+ exec >&2
+ printf 'If --state is "present", --ip must be given\!\n'
+ exit 1
+ fi
+fi
+
+if [ -f "$__object/parameter/hostname" ]; then
+ hostname="$(cat "$__object/parameter/hostname")"
+else
+ hostname="$name"
+fi
+
+if [ -f "$__object/parameter/devfs-disable" ]; then
+ devfsenable="false"
+else
+ devfsenable="true"
+fi
+
+devfsruleset="$(cat "$__object/parameter/devfs-ruleset")"
+
+# devfs_ruleset being defined without devfs_enable being true
+# is pointless. Treat this as an error.
+if [ -n "$devfsruleset" ] && [ "$devfsenable" = "false" ]; then
+ exec >&2
+ echo "Can't have --devfs-ruleset defined with --devfs-disable"
+ exit 1
+fi
+
+if [ -f "$__object/parameter/onboot" ]; then
+ onboot="true"
+fi
+
+jaildir="$(cat "$__object/parameter/jaildir")"
+
+present="$(cat "$__object/explorer/present")"
+#present="$(cat "$__type/explorer/present")"
+status="$(cat "$__object/explorer/status")"
+
+# Handle ip="addr, addr" format
+if [ "$(expr "${ip}" : ".*, .*")" -gt "0" ]; then
+ SAVE_IFS="$IFS"
+ IFS=", "
+ for cur_ip in ${ip}; do
+ # Just get the last IP address for SSH to listen on
+ mgmt_ip=$(echo "${cur_ip}" | cut '-d ' -f1) # In case using "ip netmask" format rather than CIDR
+ done
+ IFS="$SAVE_IFS"
+else
+ mgmt_ip=$(echo "${ip}" | cut '-d ' -f1) # In case using "ip netmask" format rather than CIDR
+fi
+
+stopJail() {
+# Check $status before issuing command
+ if [ "$status" = "STARTED" ]; then
+ echo "/etc/rc.d/jail stop ${name}"
+ echo "stop" >> "$__messages_out"
+ fi
+}
+
+startJail() {
+# Check $status before issuing command
+ if [ "$status" = "NOTSTART" ]; then
+ echo "/etc/rc.d/jail start ${name}"
+ echo "start" >> "$__messages_out"
+ fi
+}
+
+deleteJail() {
+# Unmount the jail's mountpoints if necessary
+ cat <=1 rw mount is mounted still
+ for DIR in "\${output}"; do
+ umount -F "/etc/fstab.${name}" "\$(echo "${DIR}" | awk '{print \$3}')"
+ done
+ fi
+ output="\$(mount | grep "\\/${name} (")" || true
+ if [ -n "\${output}" ]; then # ro mount is mounted still
+ umount -F "/etc/fstab.${name}" "\$(echo "\${output}" | awk '{print \$3}')"
+ fi
+EOF
+# Remove the jail's rw mountpoints
+ echo "rm -rf \"${jaildir}/rw/${name}\""
+# Remove the jail directory
+ echo "rm -rf \"${jaildir}/${name}\""
+# Remove the jail's fstab
+ echo "rm -f \"/etc/fstab.${name}\""
+# Remove jail entry from jail.conf
+ cat <> "$__messages_out"
+}
+
+createJail() {
+# Create the jail directory
+cat <> "$__messages_out"
+
+# Create the ro+rw mountpoint entries in fstab
+cat </etc/fstab.${name} <>/etc/rc.conf
+ elif [ ! "\$(echo \$jail_enable | tr '[a-z]' '[A-Z]' | tr -d '"')" = "YES" ]; then # jail_enable="NO"
+ sed -i '.bak' 's/^jail_enable=.*$/jail_enable="YES"/g' /etc/rc.conf # fix this -^
+ rm -f /etc/rc.conf.bak
+ fi
+
+ jailfile=/etc/jail.conf
+ jailheader="${name} {"
+
+ jaildata="path=\"${jaildir}/${name}\";"
+
+ if [ "$devfsenable" = "true" ]; then
+ jaildata="\$jaildata
+ mount.devfs;"
+ else
+ jaildata="\$jaildata
+ mount.nodevfs;"
+ fi
+
+ jaildata="\$jaildata
+ host.hostname=\"${hostname}\";
+ ip4.addr=\"${ip}\";
+ exec.start=\"/bin/sh /etc/rc\";
+ exec.stop=\"/bin/sh /etc/rc.shutdown\";
+ exec.consolelog=\"/var/log/jail_${name}_console.log\";
+ mount.fstab=\"/etc/fstab.${name}\";
+ allow.mount;
+ exec.clean;
+ allow.set_hostname=0;
+ allow.sysvipc=0;
+ allow.raw_sockets=0;"
+
+ jailtrailer="}"
+
+ if [ "$devfsenable" = "true" ] && [ "${devfsruleset}" = "jailrules" ]; then # The default ruleset is to be used
+ if [ ! -f /etc/devfs.rules ]; then
+ touch /etc/devfs.rules
+ fi
+ if [ -z "\$(grep '\\[jailrules=' /etc/devfs.rules)" ]; then # The default ruleset doesn't exist
+ # Get the highest-numbered ruleset
+ highest="\$(sed -n 's/\\[.*=\\([0-9]*\\)\\]/\\1/pg' /etc/devfs.rules | sort -u | tail -n 1)" || true
+ # increment by 1
+ [ -z "\$highest" ] && highest=10
+ let num="\${highest}+1" 2>&1 >/dev/null # Close the FD==fail...
+ # add default ruleset
+ cat >>/etc/devfs.rules <>\"\$jailfile\""
+
+# Add $name to jail_list if $onboot=yes
+if [ "$onboot" = "yes" ]; then
+
+ # first check to see whether jail_enable="YES" exists in rc.conf or not and add it
+ # if necessary
+
+ cat <> "$__messages_out"
+fi
+
+# Add the normal entries into the jail's rc.conf
+cat <"${jaildir}/rw/${name}/etc/rc.conf"
+echo sshd_enable=\"YES\" >>"${jaildir}/rw/${name}/etc/rc.conf"
+echo sendmail_enable=\"NONE\" >>"${jaildir}/rw/${name}/etc/rc.conf"
+echo syslogd_enable=\"YES\" >>"${jaildir}/rw/${name}/etc/rc.conf"
+echo syslogd_flags=\"-ss\" >>"${jaildir}/rw/${name}/etc/rc.conf"
+
+EOF
+# Configure SSHd's listening address
+cat <= 10.0 to manage jails.
+
+
+REQUIRED PARAMETERS
+-------------------
+state
+ Either "present" or "absent", defaults to "present".
+
+jailbase
+ The location of the .tgz archive containing the base fs for your jails.
+
+
+OPTIONAL PARAMETERS
+-------------------
+name
+ The name of the jail. Default is to use the object_id as the jail name.
+
+ip
+ The ifconfig style IP/netmask combination to use for the jail guest. If
+ the state parameter is "present," this parameter is required.
+
+hostname
+ The FQDN to use for the jail guest. Defaults to the name parameter.
+
+interface
+ The name of the physical interface on the jail server to bind the jail to.
+ Defaults to the first interface found in the output of ifconfig -l.
+
+devfs-ruleset
+ The name of the devfs ruleset to associate with the jail. Defaults to
+ "jailrules." This ruleset must be copied to the server via another type.
+ To use this option, devfs-enable must be "true."
+
+jaildir
+ The location on the remote server to use for hosting jail filesystems.
+ Defaults to /usr/jail.
+
+BOOLEAN PARAMETERS
+------------------
+stopped
+ Do not start the jail
+
+devfs-disable
+ Whether to disallow devfs mounting within the jail
+
+onboot
+ Whether to add the jail to rc.conf's jail_list variable.
+
+
+CAVEATS
+-------
+This type does not currently support modification of jail options. If, for
+example a jail needs to have its IP address or netmask changed, the jail must
+be removed then re-added with the correct IP address/netmask or the appropriate
+modifications to jail.conf need to be made through alternate means.
+
+MESSAGES
+--------
+start
+ The jail was started
+stop
+ The jail was stopped
+create:
+ The jail was created
+delete
+ The jail was deleted
+onboot
+ The jail was configured to start on boot
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Create a jail called www
+ __jail_freebsd10 www --state present --ip "192.168.1.2" --jailbase /my/jail/base.tgz
+
+ # Remove the jail called www
+ __jail_freebsd10 www --state absent --jailbase /my/jail/base.tgz
+
+ # The jail www should not be started
+ __jail_freebsd10 www --state present --stopped \
+ --ip "192.168.1.2 netmask 255.255.255.0" \
+ --jailbase /my/jail/base.tgz
+
+ # Use the name variable explicitly
+ __jail_freebsd10 thisjail --state present --name www \
+ --ip "192.168.1.2" \
+ --jailbase /my/jail/base.tgz
+
+ # Go nuts
+ __jail_freebsd10 lotsofoptions --state present --name testjail \
+ --ip "192.168.1.100 netmask 255.255.255.0" \
+ --hostname "testjail.example.com" --interface "em0" \
+ --onboot --jailbase /my/jail/base.tgz --jaildir /jails
+
+
+SEE ALSO
+--------
+:strong:`jail`\ (8)
+
+
+AUTHORS
+-------
+Jake Guffey
+
+
+COPYING
+-------
+Copyright \(C) 2012-2016 Jake Guffey. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__jail_freebsd10/parameter/boolean b/cdist/conf/type/__jail_freebsd10/parameter/boolean
new file mode 100644
index 00000000..39144f6f
--- /dev/null
+++ b/cdist/conf/type/__jail_freebsd10/parameter/boolean
@@ -0,0 +1,3 @@
+onboot
+stopped
+devfs-disable
diff --git a/cdist/conf/type/__jail_freebsd10/parameter/default/devfs-ruleset b/cdist/conf/type/__jail_freebsd10/parameter/default/devfs-ruleset
new file mode 100644
index 00000000..f602aa0a
--- /dev/null
+++ b/cdist/conf/type/__jail_freebsd10/parameter/default/devfs-ruleset
@@ -0,0 +1 @@
+jailrules
diff --git a/cdist/conf/type/__jail_freebsd10/parameter/default/jailbase b/cdist/conf/type/__jail_freebsd10/parameter/default/jailbase
new file mode 100644
index 00000000..8b137891
--- /dev/null
+++ b/cdist/conf/type/__jail_freebsd10/parameter/default/jailbase
@@ -0,0 +1 @@
+
diff --git a/cdist/conf/type/__jail_freebsd10/parameter/default/jaildir b/cdist/conf/type/__jail_freebsd10/parameter/default/jaildir
new file mode 100644
index 00000000..ec7d86c6
--- /dev/null
+++ b/cdist/conf/type/__jail_freebsd10/parameter/default/jaildir
@@ -0,0 +1 @@
+/usr/jail
diff --git a/cdist/conf/type/__jail_freebsd10/parameter/default/state b/cdist/conf/type/__jail_freebsd10/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__jail_freebsd10/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__jail_freebsd10/parameter/optional b/cdist/conf/type/__jail_freebsd10/parameter/optional
new file mode 100644
index 00000000..b36f0fa5
--- /dev/null
+++ b/cdist/conf/type/__jail_freebsd10/parameter/optional
@@ -0,0 +1,8 @@
+name
+ip
+hostname
+interface
+devfs-ruleset
+jaildir
+jailbase
+state
diff --git a/cdist/conf/type/__jail_freebsd9/explorer/basepresent b/cdist/conf/type/__jail_freebsd9/explorer/basepresent
new file mode 100755
index 00000000..034128d5
--- /dev/null
+++ b/cdist/conf/type/__jail_freebsd9/explorer/basepresent
@@ -0,0 +1,54 @@
+#!/bin/sh
+#
+# 2012 Jake Guffey (jake.guffey at eprotex.com)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# See if the jailbase.tgz or $jaildir/base dir exists
+#
+
+# Debug
+#exec >&2
+#set -x
+
+if [ -f "$__object/parameter/jaildir" ]; then
+ jaildir="$(cat "$__object/parameter/jaildir")"
+else
+ jaildir="/usr/jail"
+fi
+
+name="base:jailbase.tgz"
+out=""
+
+save_IFS="$IFS"
+IFS=":"
+for cur in $name; do
+ if [ -e "${jaildir}/$cur" ]; then
+ out="${out}:${cur}"
+ fi
+done
+IFS="$save_IFS"
+
+if [ -z "$out" ]; then
+ echo "NONE"
+else
+ echo "${out}"
+fi
+
+# Debug
+#set +x
+
diff --git a/cdist/conf/type/__jail_freebsd9/explorer/present b/cdist/conf/type/__jail_freebsd9/explorer/present
new file mode 100755
index 00000000..ddfb805c
--- /dev/null
+++ b/cdist/conf/type/__jail_freebsd9/explorer/present
@@ -0,0 +1,43 @@
+#!/bin/sh
+#
+# 2012 Jake Guffey (jake.guffey at eprotex.com)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# See if the requested jail exists
+#
+
+# Debug
+#exec >&2
+#set -x
+
+if [ -f "$__object/parameter/name" ]; then
+ name="$(cat "$__object/parameter/name")"
+else
+ name=$__object_id
+fi
+
+if [ -f "$__object/parameter/jaildir" ]; then
+ jaildir="$(cat "$__object/parameter/jaildir")"
+else
+ jaildir="/usr/jail"
+fi
+
+[ -d "${jaildir}/$name" ] && echo "EXISTS" || echo "NOTEXIST"
+
+#set +x
+
diff --git a/cdist/conf/type/__jail_freebsd9/explorer/status b/cdist/conf/type/__jail_freebsd9/explorer/status
new file mode 100755
index 00000000..c8039f21
--- /dev/null
+++ b/cdist/conf/type/__jail_freebsd9/explorer/status
@@ -0,0 +1,52 @@
+#!/bin/sh
+#
+# 2012 Jake Guffey (jake.guffey at eprotex.com)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# See if the requested jail is started
+#
+
+# Debug
+#exec >&2
+#set -x
+
+if [ -f "$__object/parameter/name" ]; then
+ name="$(cat "$__object/parameter/name")"
+else
+ name="$__object_id"
+fi
+
+if [ -f "$__object/parameter/jaildir" ]; then
+ jaildir="$(cat "$__object/parameter/jaildir")"
+else
+ jaildir="/usr/jail"
+fi
+# backslash-escaped $jaildir
+sjaildir="$(echo ${jaildir} | sed 's#/#\\/#g')"
+
+jls_output="$(jls | grep "[ ]${sjaildir}\\/${name}\$")" || true
+
+if [ -n "${jls_output}" ]; then
+ echo "STARTED"
+else
+ echo "NOTSTART"
+fi
+
+# Debug
+#set +x
+
diff --git a/cdist/conf/type/__jail/gencode-local b/cdist/conf/type/__jail_freebsd9/gencode-local
similarity index 76%
rename from cdist/conf/type/__jail/gencode-local
rename to cdist/conf/type/__jail_freebsd9/gencode-local
index 075a6ef1..bbdc9fcc 100755
--- a/cdist/conf/type/__jail/gencode-local
+++ b/cdist/conf/type/__jail_freebsd9/gencode-local
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/sh -e
#
# 2012 Jake Guffey (jake.guffey at eprotex.com)
#
@@ -22,17 +22,9 @@
# virtual machines.
#
-if [ -f "$__object/parameter/jaildir" ]; then
- jaildir="$(cat "$__object/parameter/name")"
-else
- jaildir="/usr/jail"
-fi
+jaildir="$(cat "$__object/parameter/jaildir")"
-if [ -f "$__object/parameter/jailbase" ]; then
- jailbase="$(cat "$__object/parameter/jailbase")"
-else
- jailbase=""
-fi
+jailbase="$(cat "$__object/parameter/jailbase")"
state="$(cat "$__object/parameter/state")"
@@ -47,7 +39,14 @@ basepresent="$(cat "$__object/explorer/basepresent")"
if [ "$state" = "present" ]; then
if [ "$basepresent" = "NONE" ]; then
- echo "$__remote_copy" "${jailbase}" "$__target_host:${remotebase}"
+ # IPv6 fix
+ if echo "${__target_host}" | grep -q -E '^[0-9a-fA-F:]+$'
+ then
+ my_target_host="[${__target_host}]"
+ else
+ my_target_host="${__target_host}"
+ fi
+ echo "$__remote_copy" "${jailbase}" "${my_target_host}:${remotebase}"
fi # basepresent=NONE
fi # state=present
diff --git a/cdist/conf/type/__jail/gencode-remote b/cdist/conf/type/__jail_freebsd9/gencode-remote
similarity index 80%
rename from cdist/conf/type/__jail/gencode-remote
rename to cdist/conf/type/__jail_freebsd9/gencode-remote
index 4aff6509..68229d3e 100755
--- a/cdist/conf/type/__jail/gencode-remote
+++ b/cdist/conf/type/__jail_freebsd9/gencode-remote
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/sh -e
#
-# 2012 Jake Guffey (jake.guffey at eprotex.com)
+# 2012,2014,2016 Jake Guffey (jake.guffey at jointheirstm.org)
#
# This file is part of cdist.
#
@@ -18,8 +18,8 @@
# along with cdist. If not, see .
#
#
-# The __jail type creates, configures, and deletes FreeBSD jails for use as
-# virtual machines.
+# The __jail_freebsd9 type creates, configures, and deletes FreeBSD jails
+# for use as virtual machines on FreeBSD 9.x and before.
#
# Debug
@@ -34,15 +34,9 @@ fi
state="$(cat "$__object/parameter/state")"
-if [ -f "$__object/parameter/started" ]; then
- started="$(cat "$__object/parameter/started")"
-else
- if [ ! "$state" = "present" ]; then
- started="false"
- else
- started="true"
- fi
-fi
+started="true"
+# If the user wants the jail gone, it implies it shouldn't be started.
+{ [ -f "$__object/parameter/stopped" ] || [ "$state" = "absent" ]; } && started="false"
if [ -f "$__object/parameter/ip" ]; then
ip="$(cat "$__object/parameter/ip")"
@@ -51,7 +45,7 @@ else
# when $state=present, it's required. Enforce this.
if [ "$state" = "present" ]; then
exec >&2
- echo "If --state is 'present,' --ip must be given\!"
+ printf 'If --state is "present", --ip must be given\!\n'
exit 1
fi
fi
@@ -66,51 +60,51 @@ if [ -f "$__object/parameter/interface" ]; then
interface="$(cat "$__object/parameter/interface")"
fi
-if [ -f "$__object/parameter/devfs-enable" ]; then
- devfsenable="$(cat "$__object/parameter/devfs-enable")"
+if [ -f "$__object/parameter/devfs-disable" ]; then
+ devfsenable="false"
else
devfsenable="true"
fi
-if [ -f "$__object/parameter/devfs-ruleset" ]; then
- devfsruleset="$(cat "$__object/parameter/devfs-ruleset")"
-else
- devfsruleset="jailrules"
-fi
+devfsruleset="$(cat "$__object/parameter/devfs-ruleset")"
# devfs_ruleset being defined without devfs_enable being true
# is pointless. Treat this as an error.
-if [ -n "$devfsruleset" -a "$devfsenable" = "false" ]; then
+if [ -n "$devfsruleset" ] && [ "$devfsenable" = "false" ]; then
exec >&2
- echo "Can't have --devfs-ruleset defined without --devfs-enable true."
+ echo "Can't have --devfs-ruleset defined with --devfs-disable"
exit 1
fi
if [ -f "$__object/parameter/onboot" ]; then
- onboot="$(cat "$__object/parameter/onboot")"
+ onboot="true"
fi
-if [ -f "$__object/parameter/jaildir" ]; then
- jaildir="$(cat "$__object/parameter/name")"
-else
- jaildir="/usr/jail"
-fi
+jaildir="$(cat "$__object/parameter/jaildir")"
present="$(cat "$__object/explorer/present")"
status="$(cat "$__object/explorer/status")"
-# Defining a jail as absent and started at the same time
-# makes no sense. Treat this as an error.
-if [ "$started" = "true" -a "$state" = "absent" ]; then
- exec >&2
- echo "Can't have --state absent and --started true together\!"
- exit 1
+# Handle ip="iface|addr, iface|addr" format
+if [ "$(expr "${ip}" : ".*|.*")" -gt "0" ]; then
+ # If we have multiple IPs defined, $interface doesn't make sense because ip="iface|addr, iface|addr" implies it
+ interface=""
+ SAVE_IFS="$IFS"
+ IFS=", "
+ for cur_ip in ${ip}; do
+ # Just get the last IP address for SSH to listen on
+ mgmt_ip=$(echo "${cur_ip}" | sed -E -e 's/^.*\|(.*)\/[0-9]+$/\1/')
+ done
+ IFS="$SAVE_IFS"
+else
+ mgmt_ip=$(echo "${ip}" | cut '-d ' -f1)
fi
stopJail() {
# Check $status before issuing command
if [ "$status" = "STARTED" ]; then
echo "/etc/rc.d/jail stop ${name}"
+ echo "stop" >> "$__messages_out"
fi
}
@@ -118,25 +112,26 @@ startJail() {
# Check $status before issuing command
if [ "$status" = "NOTSTART" ]; then
echo "/etc/rc.d/jail start ${name}"
+ echo "start" >> "$__messages_out"
fi
}
deleteJail() {
# Unmount the jail's mountpoints if necessary
cat <=1 rw mount is mounted still
- for DIR in "${output}"; do
- umount -F "/etc/fstab.${name}" "\$(echo "${DIR}" | awk '{print $3}')"
+ for DIR in "\${output}"; do
+ umount -F "/etc/fstab.${name}" "\$(echo "${DIR}" | awk '{print \$3}')"
done
fi
- output="\$(mount | grep "\/${name} (")" || true
+ output="\$(mount | grep "\\/${name} (")" || true
if [ -n "\${output}" ]; then # ro mount is mounted still
- umount -F "/etc/fstab.${name}" "\$(echo "${output}" | awk '{print $3}')"
+ umount -F "/etc/fstab.${name}" "\$(echo "\${output}" | awk '{print \$3}')"
fi
EOF
# Remove the jail's rw mountpoints
@@ -169,15 +164,16 @@ EOF
rm -f /etc/rc.conf.bak
fi
EOF
+ echo "delete" >> "$__messages_out"
}
createJail() {
# Create the jail directory
cat <> "$__messages_out"
# Create the ro+rw mountpoint entries in fstab
cat <>/etc/rc.conf <&- >&-
# add default ruleset
@@ -317,6 +314,7 @@ if [ "$onboot" = "yes" ]; then
fi
unset jail_list
EOF
+ echo "onboot" >> "$__messages_out"
fi
# Add the normal entries into the jail's rc.conf
@@ -330,8 +328,7 @@ echo syslogd_flags=\"-ss\" >>"${jaildir}/rw/${name}/etc/rc.conf"
EOF
# Configure SSHd's listening address
cat <_ip="...") modified within rc.conf through some alternate
+means.
+
+MESSAGES
+--------
+start
+ The jail was started
+stop
+ The jail was stopped
+create:
+ The jail was created
+delete
+ The jail was deleted
+onboot
+ The jail was configured to start on boot
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Create a jail called www
+ __jail_freebsd9 www --state present --ip "192.168.1.2" --jailbase /my/jail/base.tgz
+
+ # Remove the jail called www
+ __jail_freebsd9 www --state absent --jailbase /my/jail/base.tgz
+
+ # The jail www should not be started
+ __jail_freebsd9 www --state present --stopped \
+ --ip "192.168.1.2 netmask 255.255.255.0" \
+ --jailbase /my/jail/base.tgz
+
+ # Use the name variable explicitly
+ __jail_freebsd9 thisjail --state present --name www \
+ --ip "192.168.1.2" \
+ --jailbase /my/jail/base.tgz
+
+ # Go nuts
+ __jail_freebsd9 lotsofoptions --state present --name testjail \
+ --ip "192.168.1.100 netmask 255.255.255.0" \
+ --hostname "testjail.example.com" --interface "em0" \
+ --onboot --jailbase /my/jail/base.tgz --jaildir /jails
+
+
+SEE ALSO
+--------
+:strong:`jail`\ (8)
+
+
+AUTHORS
+-------
+Jake Guffey
+
+
+COPYING
+-------
+Copyright \(C) 2012-2016 Jake Guffey. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__jail_freebsd9/parameter/boolean b/cdist/conf/type/__jail_freebsd9/parameter/boolean
new file mode 100644
index 00000000..39144f6f
--- /dev/null
+++ b/cdist/conf/type/__jail_freebsd9/parameter/boolean
@@ -0,0 +1,3 @@
+onboot
+stopped
+devfs-disable
diff --git a/cdist/conf/type/__jail_freebsd9/parameter/default/devfs-ruleset b/cdist/conf/type/__jail_freebsd9/parameter/default/devfs-ruleset
new file mode 100644
index 00000000..f602aa0a
--- /dev/null
+++ b/cdist/conf/type/__jail_freebsd9/parameter/default/devfs-ruleset
@@ -0,0 +1 @@
+jailrules
diff --git a/cdist/conf/type/__jail_freebsd9/parameter/default/jailbase b/cdist/conf/type/__jail_freebsd9/parameter/default/jailbase
new file mode 100644
index 00000000..8b137891
--- /dev/null
+++ b/cdist/conf/type/__jail_freebsd9/parameter/default/jailbase
@@ -0,0 +1 @@
+
diff --git a/cdist/conf/type/__jail_freebsd9/parameter/default/jaildir b/cdist/conf/type/__jail_freebsd9/parameter/default/jaildir
new file mode 100644
index 00000000..ec7d86c6
--- /dev/null
+++ b/cdist/conf/type/__jail_freebsd9/parameter/default/jaildir
@@ -0,0 +1 @@
+/usr/jail
diff --git a/cdist/conf/type/__jail_freebsd9/parameter/default/state b/cdist/conf/type/__jail_freebsd9/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__jail_freebsd9/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__jail_freebsd9/parameter/optional b/cdist/conf/type/__jail_freebsd9/parameter/optional
new file mode 100644
index 00000000..b36f0fa5
--- /dev/null
+++ b/cdist/conf/type/__jail_freebsd9/parameter/optional
@@ -0,0 +1,8 @@
+name
+ip
+hostname
+interface
+devfs-ruleset
+jaildir
+jailbase
+state
diff --git a/cdist/conf/type/__key_value/explorer/state b/cdist/conf/type/__key_value/explorer/state
index 94a5ea7f..7b2de1df 100755
--- a/cdist/conf/type/__key_value/explorer/state
+++ b/cdist/conf/type/__key_value/explorer/state
@@ -1,6 +1,7 @@
#!/bin/sh
#
# 2011 Steven Armstrong (steven-cdist at armstrong.cc)
+# 2014 Daniel Heule (hda at sfs.biz)
#
# This file is part of cdist.
#
@@ -20,34 +21,84 @@
key="$(cat "$__object/parameter/key" 2>/dev/null \
|| echo "$__object_id")"
-state="$(cat "$__object/parameter/state" 2>/dev/null \
- || echo "present")"
+state="$(cat "$__object/parameter/state")"
+
file="$(cat "$__object/parameter/file")"
+
+if [ ! -f "$file" ]; then
+ echo "nosuchfile"
+ exit
+fi
+
delimiter="$(cat "$__object/parameter/delimiter")"
value="$(cat "$__object/parameter/value" 2>/dev/null \
|| echo "__CDIST_NOTSET__")"
+if [ -f "$__object/parameter/exact_delimiter" ]; then
+ exact_delimiter=1
+else
+ exact_delimiter=0
+fi
+export key state delimiter value exact_delimiter
-case "$state" in
- absent)
- if grep -q -E "^$key$delimiter+" "$file"; then
- # if the key exists, with whatever value, we will have to remove it
- # so report it as present
- echo present
- else
- # key does not exist
- echo absent
- fi
- ;;
- present)
- if grep -q -E "^$key$delimiter+$value$" "$file"; then
- # key exists and value is same
- echo present
- elif grep -q -E "^$key$delimiter+" "$file"; then
- # key exists, but value is empty or different
- echo wrongvalue
- else
- # key does not exist
- echo absent
- fi
- ;;
-esac
+awk -f - "$file" <<"AWK_EOF"
+BEGIN {
+ state=ENVIRON["state"]
+ key=ENVIRON["key"]
+ delimiter=ENVIRON["delimiter"]
+ value=ENVIRON["value"]
+ exact_delimiter=ENVIRON["exact_delimiter"]
+ found=0
+}
+# enter the main loop
+{
+ i = index($0,key)
+ if(i == 1) {
+ delval = substr($0,length(key)+1)
+ delpos = index(delval,delimiter)
+ if(delpos == 0) {
+ # in this case, the delimiter was not found
+ next
+ }
+ if(delpos > 1) {
+ spaces = substr(delval,1,delpos-1)
+ sub(/[ \t]*/,"",spaces)
+ if( length(spaces) > 0 ) {
+ # if there are not only spaces between key and delimiter,
+ # continue since we we are on the wrong line
+ next
+ }
+ if( exact_delimiter == 1) {
+ # we have key and delimiter, but since additional spaces are not alowed
+ # return wrongformat
+ found=1
+ print "wrongformat"
+ exit
+ }
+ }
+ found=1
+ if(state == "absent") {
+ # on state absent, only the ocurance is relevant, so exit here
+ print "present"
+ exit
+ }
+ linevalue=substr(delval,delpos + length(delimiter))
+ if(exact_delimiter == 0){
+ #ok, now strip tabs and whitespaces at the beginning of the value
+ sub(/[ \t]*/,"",linevalue)
+ }
+ # Key with separator found
+ if(linevalue == value) {
+ # exact match found, so state is present
+ print "present"
+ }
+ else {
+ print "wrongvalue"
+ }
+ exit
+ }
+}
+END {
+ if(found == 0)
+ print "absent"
+}
+AWK_EOF
diff --git a/cdist/conf/type/__key_value/files/remote_script.sh b/cdist/conf/type/__key_value/files/remote_script.sh
new file mode 100644
index 00000000..f7a1add5
--- /dev/null
+++ b/cdist/conf/type/__key_value/files/remote_script.sh
@@ -0,0 +1,106 @@
+#!/bin/sh
+
+key="$(cat "$__object/parameter/key" 2>/dev/null \
+ || echo "$__object_id")"
+state="$(cat "$__object/parameter/state")"
+
+file="$(cat "$__object/parameter/file")"
+
+delimiter="$(cat "$__object/parameter/delimiter")"
+value="$(cat "$__object/parameter/value" 2>/dev/null \
+ || echo "__CDIST_NOTSET__")"
+export key state delimiter value
+if [ -f "$__object/parameter/exact_delimiter" ]; then
+ exact_delimiter=1
+else
+ exact_delimiter=0
+fi
+export exact_delimiter
+
+tmpfile=$(mktemp "${file}.cdist.XXXXXXXXXX")
+# preserve ownership and permissions by copying existing file over tmpfile
+if [ -f "$file" ]; then
+ cp -p "$file" "$tmpfile"
+else
+ touch "$file"
+fi
+awk -f - "$file" >"$tmpfile" <<"AWK_EOF"
+BEGIN {
+ # import variables in a secure way ..
+ state=ENVIRON["state"]
+ key=ENVIRON["key"]
+ delimiter=ENVIRON["delimiter"]
+ value=ENVIRON["value"]
+ comment=ENVIRON["comment"]
+ exact_delimiter=ENVIRON["exact_delimiter"]
+ inserted=0
+ lastline=""
+ lastlinepopulated=0
+ line=key delimiter value
+}
+# enter the main loop
+{
+ # I dont use regex, this is by design, so we can match against every value without special meanings of chars ...
+ i = index($0,key)
+ if(i == 1) {
+ delval = substr($0,length(key)+1)
+ delpos = index(delval,delimiter)
+ if(delpos > 1) {
+ spaces = substr(delval,1,delpos-1)
+ sub(/[ \t]*/,"",spaces)
+ if( length(spaces) > 0 ) {
+ # if there are not only spaces between key and delimiter,
+ # continue since we we are on the wrong line
+ if(lastlinepopulated == 1) {
+ print lastline
+ }
+ lastline=$0
+ lastlinepopulated=1
+ next
+ }
+ }
+ if(state == "absent") {
+ if(lastline == comment) {
+ # if comment is present, clear lastlinepopulated flag
+ lastlinepopulated=0
+ }
+ # if absent, simple yump over this line
+ next
+ }
+ else {
+ # if comment is present and not present in last line
+ if (lastlinepopulated == 1) {
+ print lastline
+ if( comment != "" && lastline != comment) {
+ print comment
+ }
+ lastlinepopulated=0
+ }
+ inserted=1
+ # state is present, so insert correct line here
+ print line
+ lastline=line
+ next
+ }
+ }
+ else {
+ if(lastlinepopulated == 1) {
+ print lastline
+ }
+ lastline=$0
+ lastlinepopulated=1
+ }
+}
+END {
+ if(lastlinepopulated == 1) {
+ print lastline
+ }
+ if(inserted == 0 && state == "present" ) {
+ if(comment != "" && lastline != comment){
+ print comment
+ }
+ print line
+ }
+}
+AWK_EOF
+mv -f "$tmpfile" "$file"
diff --git a/cdist/conf/type/__key_value/gencode-remote b/cdist/conf/type/__key_value/gencode-remote
index 5fa24d5b..13cc27c7 100755
--- a/cdist/conf/type/__key_value/gencode-remote
+++ b/cdist/conf/type/__key_value/gencode-remote
@@ -1,7 +1,8 @@
-#!/bin/sh
+#!/bin/sh -e
#
# 2011 Steven Armstrong (steven-cdist at armstrong.cc)
-# 2012 Nico Schottelius (nico-cdist at schottelius.org)
+# 2012-2014 Nico Schottelius (nico-cdist at schottelius.org)
+# 2014 Daniel Heule (hda at sfs.biz)
#
# This file is part of cdist.
#
@@ -19,42 +20,65 @@
# along with cdist. If not, see .
#
-key="$__object_id"
-[ -f "$__object/parameter/key" ] && key="$(cat "$__object/parameter/key")"
-state_should=present
-[ -f "$__object/parameter/state" ] && state_should="$(cat "$__object/parameter/state")"
-
-file="$(cat "$__object/parameter/file")"
-delimiter="$(cat "$__object/parameter/delimiter")"
-value="$(cat "$__object/parameter/value")"
+state_should="$(cat "$__object/parameter/state")"
state_is="$(cat "$__object/explorer/state")"
+fire_onchange=''
-[ "$state_is" = "$state_should" ] && exit 0
+if [ "$state_is" = "$state_should" ]; then
+ exit 0
+fi
+# here we check only if the states are valid,
+# emit messages and
+# let awk do the work ...
case "$state_should" in
absent)
- # remove lines starting with key
- echo "sed '/^$key\($delimiter\+\)/d' \"$file\" > \"$file.cdist-tmp\""
- echo "mv \"$file.cdist-tmp\" \"$file\""
- ;;
- present)
case "$state_is" in
- absent)
- # add new key and value
- echo "echo \"${key}${delimiter}${value}\" >> \"$file\""
+ absent|nosuchfile)
+ # nothing to do
;;
- wrongvalue)
- # change exisiting value
- echo "sed \"s|^$key\($delimiter\+\).*|$key\1$value|\" \"$file\" > \"$file.cdist-tmp\""
- echo "mv \"$file.cdist-tmp\" \"$file\""
+ wrongformat|wrongvalue|present)
+ echo "remove" >> "$__messages_out"
+ fire_onchange=1
;;
*)
echo "Unknown explorer state: $state_is" >&2
exit 1
+ ;;
+ esac
+ ;;
+ present)
+ case "$state_is" in
+ nosuchfile)
+ echo "create" >> "$__messages_out"
+ fire_onchange=1
+ ;;
+ absent)
+ echo "insert" >> "$__messages_out"
+ fire_onchange=1
+ ;;
+ wrongformated|wrongvalue)
+ echo "change" >> "$__messages_out"
+ fire_onchange=1
+ ;;
+ present)
+ # nothing to do
+ ;;
+ *)
+ echo "Unknown explorer state: $state_is" >&2
+ exit 1
+ ;;
esac
;;
*)
- echo "Unknown state: $state_should" >&2
- exit 1
-esac
+ echo "Unknown state: $state_should" >&2
+ exit 1
+ ;;
+esac
+
+cat "$__type/files/remote_script.sh"
+
+if [ -n "$fire_onchange" ]; then
+ cat "$__object/parameter/onchange"
+fi
diff --git a/cdist/conf/type/__key_value/man.rst b/cdist/conf/type/__key_value/man.rst
new file mode 100644
index 00000000..34e4aab2
--- /dev/null
+++ b/cdist/conf/type/__key_value/man.rst
@@ -0,0 +1,96 @@
+cdist-type__key_value(7)
+========================
+
+NAME
+----
+cdist-type__key_value - Change property values in files
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to change values in a key value based config
+file.
+
+
+REQUIRED PARAMETERS
+-------------------
+file
+ The file to operate on.
+delimiter
+ The delimiter which separates the key from the value.
+
+
+OPTIONAL PARAMETERS
+-------------------
+state
+ present or absent, defaults to present. If present, sets the key to value,
+ if absent, removes the key from the file.
+key
+ The key to change. Defaults to object_id.
+value
+ The value for the key. Optional if state=absent, required otherwise.
+comment
+ If supplied, the value will be inserted before the line with the key,
+ but only if the key or value must be changed.
+ You need to ensure yourself that the line is prefixed with the correct
+ comment sign. (for example # or ; or wathever ..)
+onchange
+ The code to run if the key or value changes (i.e. is inserted, removed or replaced).
+
+
+BOOLEAN PARAMETERS
+------------------
+exact_delimiter
+ If supplied, treat additional whitespaces between key, delimiter and value
+ as wrong value.
+
+
+MESSAGES
+--------
+remove
+ Removed existing key and value
+insert
+ Added key and value
+change
+ Changed value of existing key
+create
+ A new line was inserted in a new file
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Set the maximum system user id
+ __key_value SYS_UID_MAX --file /etc/login.defs --value 666 --delimiter ' '
+
+ # Same with fancy id
+ __key_value my-fancy-id --file /etc/login.defs --key SYS_UID_MAX --value 666 \
+ --delimiter ' '
+
+ # Enable packet forwarding
+ __key_value net.ipv4.ip_forward --file /etc/sysctl.conf --value 1 \
+ --delimiter ' = ' --comment '# my linux kernel should act as a router'
+
+ # Remove existing key/value
+ __key_value LEGACY_KEY --file /etc/somefile --state absent --delimiter '='
+
+
+MORE INFORMATION
+----------------
+This type try to handle as many values as possible, so it doesn't use regexes.
+So you need to exactly specify the key and delimiter. Delimiter can be of any length.
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2011 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__key_value/man.text b/cdist/conf/type/__key_value/man.text
deleted file mode 100644
index 1423fc7d..00000000
--- a/cdist/conf/type/__key_value/man.text
+++ /dev/null
@@ -1,64 +0,0 @@
-cdist-type__key_value(7)
-========================
-Steven Armstrong
-
-
-NAME
-----
-cdist-type__key_value - Change property values in files
-
-
-DESCRIPTION
------------
-This cdist type allows you to change values in a key value based config
-file.
-
-
-REQUIRED PARAMETERS
--------------------
-file::
- The file to operate on.
-delimiter::
- The delimiter which seperates the key from the value.
-
-
-OPTIONAL PARAMETERS
--------------------
-state::
- present or absent, defaults to present. If present, sets the key to value,
- if absent, removes the key from the file.
-key::
- The key to change. Defaults to object_id.
-value::
- The value for the key. Optional if state=absent, required otherwise.
-
-
-EXAMPLES
---------
-
---------------------------------------------------------------------------------
-# Set the maximum system user id
-__key_value SYS_UID_MAX --file /etc/login.defs --value 666 --delimiter ' '
-
-# Same with fancy id
-__key_value my-fancy-id --file /etc/login.defs --key SYS_UID_MAX --value 666 \
- --delimiter ' '
-
-# Enable packet forwarding
-__key_value net.ipv4.ip_forward --file /etc/sysctl.conf --value 1 \
- --delimiter '='
-
-# Remove existing key/value
-__key_value LEGACY_KEY --file /etc/somefile --state absent --delimiter '='
---------------------------------------------------------------------------------
-
-
-SEE ALSO
---------
-- cdist-type(7)
-
-
-COPYING
--------
-Copyright \(C) 2011 Steven Armstrong. Free use of this software is
-granted under the terms of the GNU General Public License version 3 (GPLv3).
diff --git a/cdist/conf/type/__key_value/manifest b/cdist/conf/type/__key_value/manifest
index 8ed9cc9c..5a91f60c 100755
--- a/cdist/conf/type/__key_value/manifest
+++ b/cdist/conf/type/__key_value/manifest
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/sh -e
#
# 2011 Steven Armstrong (steven-cdist at armstrong.cc)
# 2012 Nico Schottelius (nico-cdist at schottelius.org)
@@ -19,10 +19,9 @@
# along with cdist. If not, see .
#
-state_should=present
-[ -f "$__object/parameter/state" ] && state_should="$(cat "$__object/parameter/state")"
+state_should="$(cat "$__object/parameter/state")"
-if [ "$state_should" = "present" -a ! -f "$__object/parameter/value" ]; then
+if [ "$state_should" = "present" ] && [ ! -f "$__object/parameter/value" ]; then
echo "Missing required parameter 'value'" >&2
exit 1
fi
diff --git a/cdist/conf/type/__key_value/parameter/boolean b/cdist/conf/type/__key_value/parameter/boolean
new file mode 100644
index 00000000..190831c1
--- /dev/null
+++ b/cdist/conf/type/__key_value/parameter/boolean
@@ -0,0 +1 @@
+exact_delimiter
diff --git a/cdist/conf/type/__key_value/parameter/default/comment b/cdist/conf/type/__key_value/parameter/default/comment
new file mode 100644
index 00000000..8b137891
--- /dev/null
+++ b/cdist/conf/type/__key_value/parameter/default/comment
@@ -0,0 +1 @@
+
diff --git a/cdist/conf/type/__key_value/parameter/default/onchange b/cdist/conf/type/__key_value/parameter/default/onchange
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__key_value/parameter/default/state b/cdist/conf/type/__key_value/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__key_value/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__key_value/parameter/optional b/cdist/conf/type/__key_value/parameter/optional
index 483e3192..d4b8cac0 100644
--- a/cdist/conf/type/__key_value/parameter/optional
+++ b/cdist/conf/type/__key_value/parameter/optional
@@ -1,3 +1,5 @@
key
value
state
+comment
+onchange
diff --git a/cdist/conf/type/__keyboard/man.rst b/cdist/conf/type/__keyboard/man.rst
new file mode 100644
index 00000000..0eb4cde9
--- /dev/null
+++ b/cdist/conf/type/__keyboard/man.rst
@@ -0,0 +1,37 @@
+cdist-type__keyboard(7)
+=======================
+
+NAME
+----
+cdit-type__keyboard - Set keyboard layout
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to modify keyboard layout.
+
+
+REQUIRED PARAMETERS
+-------------------
+type
+ Any valid type, for example "us"
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Set keyboard type to "us"
+ __keyboard --type "us"
+
+
+AUTHORS
+-------
+Carlos Ortigoza
+
+
+COPYING
+-------
+Copyright \(C) 2016 Carlos Ortigoza. Free use of this software is
+granted under the terms of the GNU General Public License v3 or later (GPLv3+).
diff --git a/cdist/conf/type/__keyboard/manifest b/cdist/conf/type/__keyboard/manifest
new file mode 100755
index 00000000..80cd4819
--- /dev/null
+++ b/cdist/conf/type/__keyboard/manifest
@@ -0,0 +1,50 @@
+#!/bin/sh -e
+#
+# Carlos Ortigoza (carlos.ortigoza at ungleich.ch)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# Configure keyboard type by modifying /etc/sysconfig/keyboard file.
+#
+
+os=$(cat "$__global/explorer/os")
+keyboard_type="$(cat "$__object/parameter/type")"
+
+case "$os" in
+ centos)
+ __file /etc/sysconfig/keyboard \
+ --owner root --group root --mode 644 \
+ --state exists
+
+ require="__file/etc/sysconfig/keyboard" \
+ __key_value KEYTABLE \
+ --file /etc/sysconfig/keyboard \
+ --delimiter '=' \
+ --value "\"$keyboard_type\""
+
+ require="__file/etc/sysconfig/keyboard" \
+ __key_value LAYOUT \
+ --file /etc/sysconfig/keyboard \
+ --delimiter '=' \
+ --value "\"$keyboard_type\""
+ ;;
+ *)
+ echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2
+ echo "Please contribute an implementation for it if you can." >&2
+ exit 1
+ ;;
+esac
diff --git a/cdist/conf/type/__keyboard/parameter/required b/cdist/conf/type/__keyboard/parameter/required
new file mode 100644
index 00000000..aa80e646
--- /dev/null
+++ b/cdist/conf/type/__keyboard/parameter/required
@@ -0,0 +1 @@
+type
diff --git a/cdist/conf/type/__keyboard/singleton b/cdist/conf/type/__keyboard/singleton
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__letsencrypt_cert/explorer/certbot-path b/cdist/conf/type/__letsencrypt_cert/explorer/certbot-path
new file mode 100755
index 00000000..3c6076df
--- /dev/null
+++ b/cdist/conf/type/__letsencrypt_cert/explorer/certbot-path
@@ -0,0 +1,3 @@
+#!/bin/sh -e
+
+command -v certbot 2>/dev/null || true
diff --git a/cdist/conf/type/__letsencrypt_cert/explorer/certificate-domains b/cdist/conf/type/__letsencrypt_cert/explorer/certificate-domains
new file mode 100755
index 00000000..db605b63
--- /dev/null
+++ b/cdist/conf/type/__letsencrypt_cert/explorer/certificate-domains
@@ -0,0 +1,8 @@
+#!/bin/sh -e
+
+certbot_path=$("${__type_explorer}/certbot-path")
+if [ -n "${certbot_path}" ]
+then
+ certbot certificates --cert-name "${__object_id:?}" | grep ' Domains: ' | \
+ cut -d ' ' -f 6- | tr ' ' '\n'
+fi
diff --git a/cdist/conf/type/__letsencrypt_cert/explorer/certificate-exists b/cdist/conf/type/__letsencrypt_cert/explorer/certificate-exists
new file mode 100755
index 00000000..4e6f44db
--- /dev/null
+++ b/cdist/conf/type/__letsencrypt_cert/explorer/certificate-exists
@@ -0,0 +1,13 @@
+#!/bin/sh -e
+
+certbot_path=$("${__type_explorer}/certbot-path")
+if [ -n "${certbot_path}" ]
+then
+ if certbot certificates | grep -q " Certificate Name: ${__object_id:?}$"; then
+ echo yes
+ else
+ echo no
+ fi
+else
+ echo no
+fi
diff --git a/cdist/conf/type/__letsencrypt_cert/explorer/certificate-is-test b/cdist/conf/type/__letsencrypt_cert/explorer/certificate-is-test
new file mode 100755
index 00000000..9b445059
--- /dev/null
+++ b/cdist/conf/type/__letsencrypt_cert/explorer/certificate-is-test
@@ -0,0 +1,14 @@
+#!/bin/sh -e
+
+certbot_path=$("${__type_explorer}/certbot-path")
+if [ -n "${certbot_path}" ]
+then
+ if certbot certificates --cert-name "${__object_id:?}" | \
+ grep -q 'INVALID: TEST_CERT'; then
+ echo yes
+ else
+ echo no
+ fi
+else
+ echo no
+fi
diff --git a/cdist/conf/type/__letsencrypt_cert/gencode-remote b/cdist/conf/type/__letsencrypt_cert/gencode-remote
new file mode 100755
index 00000000..375570a4
--- /dev/null
+++ b/cdist/conf/type/__letsencrypt_cert/gencode-remote
@@ -0,0 +1,82 @@
+#!/bin/sh -e
+
+certificate_exists=$(cat "${__object:?}/explorer/certificate-exists")
+name="${__object_id:?}"
+state=$(cat "${__object}/parameter/state")
+
+case "${state}" in
+ absent)
+ if [ "${certificate_exists}" = "no" ]; then
+ exit 0
+ fi
+
+ echo "certbot delete --cert-name '${name}' --quiet"
+
+ echo remove >> "${__messages_out:?}"
+ ;;
+ present)
+ domain_param_file="${__object}/parameter/domain"
+ requested_domains=$(mktemp "${TMPDIR:-/tmp}/domain.cdist.XXXXXXXXXX")
+ if [ -f "${domain_param_file}" ]; then
+ cp "${domain_param_file}" "${requested_domains}"
+ else
+ echo "$__object_id" >> "${requested_domains}"
+ fi
+
+ staging=no
+ if [ -f "${__object}/parameter/staging" ]; then
+ staging=yes
+ fi
+
+ if [ "${certificate_exists}" = "yes" ]; then
+ existing_domains="${__object}/explorer/certificate-domains"
+ certificate_is_test=$(cat "${__object}/explorer/certificate-is-test")
+
+ sort -uo "${requested_domains}" "${requested_domains}"
+ sort -uo "${existing_domains}" "${existing_domains}"
+
+ if [ -z "$(comm -23 "${requested_domains}" "${existing_domains}")" ] && \
+ [ "${certificate_is_test}" = "${staging}" ]; then
+ exit 0
+ fi
+ fi
+
+ admin_email="$(cat "$__object/parameter/admin-email")"
+ webroot="$(cat "$__object/parameter/webroot")"
+
+ cat <<-EOF
+ certbot certonly \
+ --agree-tos \
+ --cert-name '${name}' \
+ --email '${admin_email}' \
+ --expand \
+ --non-interactive \
+ --quiet \
+ $(if [ "${staging}" = "yes" ]; then
+ echo "--staging"
+ elif [ "${certificate_is_test}" != "${staging}" ]; then
+ echo "--force-renewal"
+ fi) \
+ $(if [ -z "${webroot}" ]; then
+ echo "--standalone"
+ else
+ echo "--webroot --webroot-path '${webroot}'"
+ fi) \
+ $(while read -r domain; do
+ echo "--domain '${domain}' \\"
+ done < "${requested_domains}")
+ EOF
+ rm -f "${requested_domains}"
+
+ if [ "${certificate_exists}" = "no" ]; then
+ echo create >> "${__messages_out}"
+ else
+ echo change >> "${__messages_out}"
+ fi
+ ;;
+ *)
+ echo "Unsupported state: ${state}" >&2
+
+ exit 1
+ ;;
+esac
diff --git a/cdist/conf/type/__letsencrypt_cert/man.rst b/cdist/conf/type/__letsencrypt_cert/man.rst
new file mode 100644
index 00000000..c4ffc6bc
--- /dev/null
+++ b/cdist/conf/type/__letsencrypt_cert/man.rst
@@ -0,0 +1,109 @@
+cdist-type__letsencrypt_cert(7)
+===============================
+
+NAME
+----
+
+cdist-type__letsencrypt_cert - Get an SSL certificate from Let's Encrypt
+
+DESCRIPTION
+-----------
+
+Automatically obtain a Let's Encrypt SSL certificate using Certbot.
+
+REQUIRED PARAMETERS
+-------------------
+
+object id
+ A cert name. If domain parameter is not specified then it is used
+ as a domain to be included in the certificate.
+
+admin-email
+ Where to send Let's Encrypt emails like "certificate needs renewal".
+
+OPTIONAL PARAMETERS
+-------------------
+
+state
+ 'present' or 'absent', defaults to 'present' where:
+
+ present
+ if the certificate does not exist, it will be obtained
+ absent
+ the certificate will be removed
+
+webroot
+ The path to your webroot, as set up in your webserver config. If this
+ parameter is not present, Certbot will be run in standalone mode.
+
+OPTIONAL MULTIPLE PARAMETERS
+----------------------------
+
+renew-hook
+ Renew hook command directly passed to Certbot in cron job.
+
+domain
+ Domains to be included in the certificate. When specified then object id
+ is not used as a domain.
+
+BOOLEAN PARAMETERS
+------------------
+
+automatic-renewal
+ Install a cron job, which attempts to renew certificates daily.
+
+staging
+ Obtain a test certificate from a staging server.
+
+MESSAGES
+--------
+
+change
+ Certificte was changed.
+
+create
+ Certificte was created.
+
+remove
+ Certificte was removed.
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # use object id as domain
+ __letsencrypt_cert example.com \
+ --admin-email root@example.com \
+ --automatic-renewal \
+ --renew-hook "service nginx reload" \
+ --webroot /data/letsencrypt/root
+
+.. code-block:: sh
+
+ # domain parameter is specified so object id is not used as domain
+ # and example.com needs to be included again with domain parameter
+ __letsencrypt_cert example.com \
+ --admin-email root@example.com \
+ --automatic-renewal \
+ --domain example.com \
+ --domain foo.example.com \
+ --domain bar.example.com \
+ --renew-hook "service nginx reload" \
+ --webroot /data/letsencrypt/root
+
+AUTHORS
+-------
+
+| Nico Schottelius
+| Kamila Součková
+| Darko Poljak
+| Ľubomír Kučera
+
+COPYING
+-------
+
+Copyright \(C) 2017-2018 Nico Schottelius, Kamila Součková, Darko Poljak and
+Ľubomír Kučera. You can redistribute it and/or modify it under the terms of
+the GNU General Public License as published by the Free Software Foundation,
+either version 3 of the License, or (at your option) any later version.
diff --git a/cdist/conf/type/__letsencrypt_cert/manifest b/cdist/conf/type/__letsencrypt_cert/manifest
new file mode 100755
index 00000000..68ecf9d4
--- /dev/null
+++ b/cdist/conf/type/__letsencrypt_cert/manifest
@@ -0,0 +1,115 @@
+#!/bin/sh
+
+certbot_fullpath="$(cat "${__object:?}/explorer/certbot-path")"
+
+if [ -z "${certbot_fullpath}" ]; then
+ os="$(cat "${__global:?}/explorer/os")"
+ os_version="$(cat "${__global}/explorer/os_version")"
+
+ case "$os" in
+ archlinux)
+ __package certbot
+ ;;
+ alpine)
+ __package certbot
+ ;;
+ debian)
+ case "$os_version" in
+ 8*)
+ __apt_source jessie-backports \
+ --uri http://http.debian.net/debian \
+ --distribution jessie-backports \
+ --component main
+
+ require="__apt_source/jessie-backports" __package_apt python-certbot \
+ --target-release jessie-backports
+ require="__apt_source/jessie-backports" __package_apt certbot \
+ --target-release jessie-backports
+ # Seems to be a missing dependency on debian 8
+ __package python-ndg-httpsclient
+ ;;
+ 9*)
+ __apt_source stretch-backports \
+ --uri http://http.debian.net/debian \
+ --distribution stretch-backports \
+ --component main
+
+ require="__apt_source/stretch-backports" __package_apt python-certbot \
+ --target-release stretch-backports
+ require="__apt_source/stretch-backports" __package_apt certbot \
+ --target-release stretch-backports
+ ;;
+ 10*)
+ __package_apt certbot
+ ;;
+
+ *)
+ echo "Unsupported OS version: $os_version" >&2
+ exit 1
+ ;;
+ esac
+
+ certbot_fullpath=/usr/bin/certbot
+ ;;
+ devuan)
+ case "$os_version" in
+ jessie)
+ __apt_source jessie-backports \
+ --uri http://auto.mirror.devuan.org/merged \
+ --distribution jessie-backports \
+ --component main
+
+ require="__apt_source/jessie-backports" __package_apt python-certbot \
+ --target-release jessie-backports
+ require="__apt_source/jessie-backports" __package_apt certbot \
+ --target-release jessie-backports
+ # Seems to be a missing dependency on debian 8
+ __package python-ndg-httpsclient
+ ;;
+ ascii*)
+ __apt_source ascii-backports \
+ --uri http://auto.mirror.devuan.org/merged \
+ --distribution ascii-backports \
+ --component main
+
+ require="__apt_source/ascii-backports" __package_apt certbot \
+ --target-release ascii-backports
+ ;;
+ beowulf*)
+ __package_apt certbot
+ ;;
+ *)
+ echo "Unsupported OS version: $os_version" >&2
+ exit 1
+ ;;
+ esac
+
+ certbot_fullpath=/usr/bin/certbot
+ ;;
+ freebsd)
+ __package py27-certbot
+
+ certbot_fullpath=/usr/local/bin/certbot
+ ;;
+ *)
+ echo "Unsupported os: $os" >&2
+ exit 1
+ ;;
+ esac
+fi
+
+if [ -f "${__object}/parameter/automatic-renewal" ]; then
+ renew_hook_param="${__object}/parameter/renew-hook"
+ renew_hook=""
+ if [ -f "${renew_hook_param}" ]; then
+ while read -r hook; do
+ renew_hook="${renew_hook} --renew-hook \"${hook}\""
+ done < "${renew_hook_param}"
+ fi
+
+ __cron letsencrypt-certbot \
+ --user root \
+ --command "${certbot_fullpath} renew -q ${renew_hook}" \
+ --hour 0 \
+ --minute 47
+fi
diff --git a/cdist/conf/type/__letsencrypt_cert/nonparallel b/cdist/conf/type/__letsencrypt_cert/nonparallel
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__letsencrypt_cert/parameter/boolean b/cdist/conf/type/__letsencrypt_cert/parameter/boolean
new file mode 100644
index 00000000..d5b8be99
--- /dev/null
+++ b/cdist/conf/type/__letsencrypt_cert/parameter/boolean
@@ -0,0 +1,2 @@
+automatic-renewal
+staging
diff --git a/cdist/conf/type/__letsencrypt_cert/parameter/default/state b/cdist/conf/type/__letsencrypt_cert/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__letsencrypt_cert/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__letsencrypt_cert/parameter/default/webroot b/cdist/conf/type/__letsencrypt_cert/parameter/default/webroot
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__letsencrypt_cert/parameter/optional b/cdist/conf/type/__letsencrypt_cert/parameter/optional
new file mode 100644
index 00000000..0a63b11e
--- /dev/null
+++ b/cdist/conf/type/__letsencrypt_cert/parameter/optional
@@ -0,0 +1,2 @@
+state
+webroot
diff --git a/cdist/conf/type/__letsencrypt_cert/parameter/optional_multiple b/cdist/conf/type/__letsencrypt_cert/parameter/optional_multiple
new file mode 100644
index 00000000..0e866d45
--- /dev/null
+++ b/cdist/conf/type/__letsencrypt_cert/parameter/optional_multiple
@@ -0,0 +1,2 @@
+domain
+renew-hook
diff --git a/cdist/conf/type/__letsencrypt_cert/parameter/required b/cdist/conf/type/__letsencrypt_cert/parameter/required
new file mode 100644
index 00000000..bfe77226
--- /dev/null
+++ b/cdist/conf/type/__letsencrypt_cert/parameter/required
@@ -0,0 +1 @@
+admin-email
diff --git a/cdist/conf/type/__line/explorer/state b/cdist/conf/type/__line/explorer/state
index d240bf4d..2ef252c8 100755
--- a/cdist/conf/type/__line/explorer/state
+++ b/cdist/conf/type/__line/explorer/state
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/sh -e
#
-# 2012 Nico Schottelius (nico-cdist at schottelius.org)
+# 2018 Steven Armstrong (steven-cdist at armstrong.cc)
#
# This file is part of cdist.
#
@@ -17,24 +17,79 @@
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see .
#
-#
-file="/$__object_id"
-[ -f "$__object/parameter/file" ] && file=$(cat "$__object/parameter/file")
+if [ -f "$__object/parameter/before" ]; then
+ position="before"
+elif [ -f "$__object/parameter/after" ]; then
+ position="after"
+else
+ # By default we append to the end of the file.
+ position="end"
+fi
if [ -f "$__object/parameter/regex" ]; then
- regex=$(cat "$__object/parameter/regex")
+ needle="regex"
else
- if [ ! -f "$__object/parameter/line" ]; then
- echo "Parameter line and regex missing - cannot explore" >&2
- exit 1
- fi
- regex="^$(cat "$__object/parameter/line")\$"
+ needle="line"
fi
-# Allow missing file - thus 2>/dev/null
-if grep -q "$regex" "$file" 2>/dev/null; then
- echo present
+if [ -f "$__object/parameter/file" ]; then
+ file="$(cat "$__object/parameter/file")"
else
- echo absent
+ file="/$__object_id"
fi
+
+if [ ! -f "$file" ]; then
+ echo "file_missing"
+ exit 0
+fi
+
+awk -v position="$position" -v needle="$needle" '
+function _find(_text, _pattern) {
+ if (needle == "regex") {
+ return match(_text, _pattern)
+ } else {
+ return index(_text, _pattern)
+ }
+}
+BEGIN {
+ getline anchor < (ENVIRON["__object"] "/parameter/" position)
+ getline pattern < (ENVIRON["__object"] "/parameter/" needle)
+ state = "absent"
+}
+{
+ if (position == "after") {
+ if (match($0, anchor)) {
+ getline
+ if (_find($0, pattern)) {
+ state = "present"
+ }
+ else {
+ state = "wrongposition"
+ }
+ exit 0
+ }
+ }
+ else if (position == "before") {
+ if (_find($0, pattern)) {
+ getline
+ if (match($0, anchor)) {
+ state = "present"
+ }
+ else {
+ state = "wrongposition"
+ }
+ exit 0
+ }
+ }
+ else {
+ if (_find($0, pattern)) {
+ state = "present"
+ exit 0
+ }
+ }
+}
+END {
+ print state
+}
+' "$file"
diff --git a/cdist/conf/type/__line/gencode-remote b/cdist/conf/type/__line/gencode-remote
index 8ac273e2..03e90c1b 100755
--- a/cdist/conf/type/__line/gencode-remote
+++ b/cdist/conf/type/__line/gencode-remote
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/sh -e
#
-# 2012 Nico Schottelius (nico-cdist at schottelius.org)
+# 2018 Steven Armstrong (steven-cdist at armstrong.cc)
#
# This file is part of cdist.
#
@@ -17,46 +17,112 @@
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see .
#
-#
-file="/$__object_id"
-regex=""
-state_should="present"
-[ -f "$__object/parameter/file" ] && file=$(cat "$__object/parameter/file")
-[ -f "$__object/parameter/regex" ] && regex=$(cat "$__object/parameter/regex")
-[ -f "$__object/parameter/state" ] && state_should=$(cat "$__object/parameter/state")
-[ -f "$__object/parameter/line" ] && line=$(cat "$__object/parameter/line")
+if [ -f "$__object/parameter/before" ] && [ -f "$__object/parameter/after" ]; then
+ echo "Use either --before OR --after but not both." >&2
+ exit 1
+fi
+state_should="$(cat "$__object/parameter/state")"
state_is="$(cat "$__object/explorer/state")"
-[ "$state_should" = "$state_is" ] && exit 0
+if [ "$state_should" = "$state_is" ]; then
+ # nothing to do
+ exit 0
+fi
+if [ -f "$__object/parameter/before" ]; then
+ position="before"
+elif [ -f "$__object/parameter/after" ]; then
+ position="after"
+else
+ # By default we append to the end of the file.
+ position="end"
+fi
+
+if [ -f "$__object/parameter/regex" ]; then
+ needle="regex"
+else
+ needle="line"
+fi
+
+if [ -f "$__object/parameter/file" ]; then
+ file="$(cat "$__object/parameter/file")"
+else
+ file="/$__object_id"
+fi
+
+add=0
+remove=0
case "$state_should" in
- present)
- if [ ! "$line" ]; then
- echo "Required parameter \"line\" is missing" >&2
- exit 1
- fi
-
- echo "echo \"$line\" >> $file"
-
- ;;
- absent)
- if [ "$regex" -a "$line" ]; then
- echo "Mutally exclusive parameters regex and line given for state absent" >&2
- exit 1
- fi
-
- [ "$line" ] && regex="^$line\$"
-
- cat << eof
-tmp=\$(mktemp)
-sed '/$regex/d' "$file" > \$tmp && cat "\$tmp" > "$file" && rm -f "\$tmp"
-eof
- #echo "echo q | ex -c \"/${line}/d|w|q\" \"${file}\""
- ;;
- *)
- echo "Unknown state: $state_should" >&2
- exit 1
- ;;
+ present)
+ if [ "$state_is" = "wrongposition" ]; then
+ echo updated >> "$__messages_out"
+ remove=1
+ else
+ echo added >> "$__messages_out"
+ fi
+ add=1
+ ;;
+ absent)
+ echo removed >> "$__messages_out"
+ remove=1
+ ;;
esac
+
+cat << DONE
+tmpfile=\$(mktemp ${file}.cdist.XXXXXXXXXX)
+# preserve ownership and permissions of existing file
+if [ -f "$file" ]; then
+ cp -p "$file" "\$tmpfile"
+fi
+
+awk -v position="$position" -v needle="$needle" -v remove=$remove -v add=$add '
+function _find(_text, _pattern) {
+ if (needle == "regex") {
+ return match(_text, _pattern)
+ } else {
+ return index(_text, _pattern)
+ }
+}
+BEGIN {
+ line_file = ENVIRON["__object"] "/parameter/line"
+ getline line < line_file
+ # Need to close line file as it may be re-read as pattern below.
+ close(line_file)
+ getline pattern < (ENVIRON["__object"] "/parameter/" needle)
+ getline anchor < (ENVIRON["__object"] "/parameter/" position)
+}
+{
+ if (remove) {
+ if (_find(\$0, pattern)) {
+ # skip over this line -> remove it
+ next
+ }
+ }
+ if (add) {
+ if (anchor && match(\$0, anchor)) {
+ if (position == "before") {
+ print line
+ print
+ } else if (position == "after") {
+ print
+ print line
+ }
+ next
+ }
+ }
+ print
+}
+END {
+ if (add && position == "end") {
+ print line
+ }
+}
+' "$file" > "\$tmpfile"
+mv -f "\$tmpfile" "$file"
+DONE
+
+if [ -f "$__object/parameter/onchange" ]; then
+ cat "$__object/parameter/onchange"
+fi
diff --git a/cdist/conf/type/__line/man.rst b/cdist/conf/type/__line/man.rst
new file mode 100644
index 00000000..f76cab64
--- /dev/null
+++ b/cdist/conf/type/__line/man.rst
@@ -0,0 +1,116 @@
+cdist-type__line(7)
+===================
+
+NAME
+----
+cdist-type__line - Manage lines in files
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to add lines and remove lines from files.
+
+
+REQUIRED PARAMETERS
+-------------------
+None.
+
+
+OPTIONAL PARAMETERS
+-------------------
+after
+ Insert the given line after this pattern.
+
+before
+ Insert the given line before this pattern.
+
+file
+ If supplied, use this as the destination file.
+ Otherwise the object_id is used.
+
+line
+ Specifies the line which should be absent or present.
+
+ Must be present, if state is 'present'.
+ Ignored if regex is given and state is 'absent'.
+
+regex
+ If state is 'present', search for this pattern and if it matches add
+ the given line.
+
+ If state is 'absent', ensure all lines matching the regular expression
+ are absent.
+
+ The regular expression is interpreted by awk's match function.
+
+state
+ 'present' or 'absent', defaults to 'present'
+
+onchange
+ The code to run if line is added, removed or updated.
+
+
+BOOLEAN PARAMETERS
+------------------
+None.
+
+
+MESSAGES
+--------
+added
+ The line was added.
+
+updated
+ The line or its position was changed.
+
+removed
+ The line was removed.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Manage a hosts entry for www.example.com.
+ __line /etc/hosts \
+ --line '127.0.0.2 www.example.com'
+
+ # Manage another hosts entry for test.example.com.
+ __line hosts:test.example.com \
+ --file /etc/hosts \
+ --line '127.0.0.3 test.example.com'
+
+ # Remove the line starting with TIMEZONE from the /etc/rc.conf file.
+ __line legacy_timezone \
+ --file /etc/rc.conf \
+ --regex 'TIMEZONE=.*' \
+ --state absent
+
+ # Insert a line before another one.
+ __line password-auth-local:classify \
+ --file /etc/pam.d/password-auth-local \
+ --line '-session required pam_exec.so debug log=/tmp/classify.log /usr/local/libexec/classify' \
+ --before '^session[[:space:]]+include[[:space:]]+password-auth-ac$'
+
+ # Insert a line after another one.
+ __line password-auth-local:classify \
+ --file /etc/pam.d/password-auth-local \
+ --line '-session required pam_exec.so debug log=/tmp/classify.log /usr/local/libexec/classify' \
+ --after '^session[[:space:]]+include[[:space:]]+password-auth-ac$'
+
+
+SEE ALSO
+--------
+:strong:`cdist-type`\ (7)
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2018 Steven Armstrong. Free use of this software is
+granted under the terms of the GNU General Public License version 3 (GPLv3).
diff --git a/cdist/conf/type/__line/man.text b/cdist/conf/type/__line/man.text
deleted file mode 100644
index e1a5941c..00000000
--- a/cdist/conf/type/__line/man.text
+++ /dev/null
@@ -1,72 +0,0 @@
-cdist-type__line(7)
-===================
-Nico Schottelius
-
-
-NAME
-----
-cdist-type__line - Manage lines in files
-
-
-DESCRIPTION
------------
-This cdist type allows you to add lines and remove lines from files.
-
-
-REQUIRED PARAMETERS
--------------------
-
-OPTIONAL PARAMETERS
--------------------
-state::
- 'present' or 'absent', defaults to 'present'
-
-line::
- Specifies the line which should be absent or present
-
- Must be present, if state is present.
- Must not be combined with regex, if state is absent.
-
-regex::
- If state is present, search for this pattern and add
- given line, if the given regular expression does not match.
-
- In case of absent, ensure all lines matching the
- regular expression are absent (cannot be combined with
- the line parameter, if state is absent).
-
- If the regular expression contains / (slashes), they need
- to be escaped with \ (backslash): / becomes \/.
-
-file::
- If supplied, use this as the destination file.
- Otherwise the object_id is used.
-
-
-EXAMPLES
---------
-
---------------------------------------------------------------------------------
-# Manage the DAEMONS line in rc.conf
-__line daemons --file /etc/rc.conf --line 'DAEMONS=(hwclock !network sshd crond postfix)'
-
-# Ensure the home mount is present in /etc/fstab - explicitly make it present
-__line home-fstab \
- --file /etc/fstab \
- --line 'filer.fs:/vol/home /home nfs defaults 0 0' \
- --state present
-
-# Removes the line specifiend in "include_www" from the file "lighttpd.conf"
-__line legacy_timezone --file /etc/rc.conf --regex 'TIMEZONE=.*' --state absent
---------------------------------------------------------------------------------
-
-
-SEE ALSO
---------
-- cdist-type(7)
-
-
-COPYING
--------
-Copyright \(C) 2012 Nico Schottelius. Free use of this software is
-granted under the terms of the GNU General Public License version 3 (GPLv3).
diff --git a/cdist/conf/type/__line/parameter/default/state b/cdist/conf/type/__line/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__line/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__line/parameter/optional b/cdist/conf/type/__line/parameter/optional
index 604a203e..1c34c699 100644
--- a/cdist/conf/type/__line/parameter/optional
+++ b/cdist/conf/type/__line/parameter/optional
@@ -1,4 +1,7 @@
-state
-regex
+after
+before
file
line
+regex
+state
+onchange
diff --git a/cdist/conf/type/__link/explorer/state b/cdist/conf/type/__link/explorer/state
index a9220a3c..7150df25 100755
--- a/cdist/conf/type/__link/explorer/state
+++ b/cdist/conf/type/__link/explorer/state
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# 2012 Steven Armstrong (steven-cdist at armstrong.cc)
+# 2012-2014 Steven Armstrong (steven-cdist at armstrong.cc)
#
# This file is part of cdist.
#
@@ -32,22 +32,33 @@ destination_dir="${destination%/*}"
case "$type" in
symbolic)
- cd "$destination_dir"
- source_is=$(ls -l "$destination" | sed 's/.*-> //g')
- if [ -h "$destination" -a "$source_is" = "$source" ]; then
- echo present
+ cd "$destination_dir" || exit 1
+ if [ -h "$destination" ]; then
+ source_is=$(readlink "$destination")
+ # ignore trailing slashes for comparison
+ if [ "${source_is%/}" = "${source%/}" ]; then
+ echo present
+ else
+ echo wrongsource
+ fi
else
echo absent
fi
;;
hard)
- cd "$destination_dir"
+ cd "$destination_dir" || exit 1
# check source relative to destination_dir
if [ ! -e "$source" ]; then
echo sourcemissing
exit 0
fi
+ # Currently not worth the effor to change it, stat is not defined by POSIX
+ # and different OSes has different implementations for it.
+ # shellcheck disable=SC2012
destination_inode=$(ls -i "$destination" | awk '{print $1}')
+ # Currently not worth the effor to change it, stat is not defined by POSIX
+ # and different OSes has different implementations for it.
+ # shellcheck disable=SC2012
source_inode=$(ls -i "$source" | awk '{print $1}')
if [ "$destination_inode" -eq "$source_inode" ]; then
echo present
diff --git a/cdist/conf/type/__link/explorer/type b/cdist/conf/type/__link/explorer/type
new file mode 100755
index 00000000..b322bf42
--- /dev/null
+++ b/cdist/conf/type/__link/explorer/type
@@ -0,0 +1,49 @@
+#!/bin/sh
+#
+# 2013 Steven Armstrong (steven-cdist armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# Mostly a wrapper for ln
+#
+
+destination="/$__object_id"
+
+if [ ! -e "$destination" ]; then
+ echo none
+elif [ -h "$destination" ]; then
+ echo symlink
+elif [ -f "$destination" ]; then
+ type="$(cat "$__object/parameter/type")"
+ case "$type" in
+ hard)
+ # Currently not worth the effor to change it, stat is not defined by POSIX
+ # and different OSes has different implementations for it.
+ # shellcheck disable=SC2012
+ link_count=$(ls -l "$destination" | awk '{ print $2 }')
+ if [ "$link_count" -gt 1 ]; then
+ echo hardlink
+ exit 0
+ fi
+ ;;
+ esac
+ echo file
+elif [ -d "$destination" ]; then
+ echo directory
+else
+ echo unknown
+fi
diff --git a/cdist/conf/type/__link/gencode-remote b/cdist/conf/type/__link/gencode-remote
index 2975ef69..45c22fcc 100755
--- a/cdist/conf/type/__link/gencode-remote
+++ b/cdist/conf/type/__link/gencode-remote
@@ -1,6 +1,7 @@
-#!/bin/sh
+#!/bin/sh -e
#
# 2011-2012 Nico Schottelius (nico-cdist at schottelius.org)
+# 2013-2014 Steven Armstrong (steven-cdist at armstrong.cc)
#
# This file is part of cdist.
#
@@ -17,9 +18,6 @@
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see .
#
-#
-# Mostly a wrapper for ln
-#
destination="/$__object_id"
@@ -40,17 +38,36 @@ case "$type" in
esac
state_is="$(cat "$__object/explorer/state")"
-state_should=present
-[ -f "$__object/parameter/state" ] && state_should="$(cat "$__object/parameter/state")"
+state_should="$(cat "$__object/parameter/state")"
[ "$state_should" = "$state_is" ] && exit 0
+file_type="$(cat "$__object/explorer/type")"
case "$state_should" in
present)
- echo ln ${lnopt} -f \"$source\" \"$destination\"
+ if [ "$file_type" = "directory" ]; then
+ # our destination is currently a directory, delete it
+ printf 'rm -rf "%s" &&\n' "$destination"
+ echo "removed '$destination' (directory)" >> "$__messages_out"
+ else
+ if [ "$state_is" = "wrongsource" ]; then
+ # our destination is a symlink but points to the wrong source,
+ # delete it
+ printf 'rm -f "%s" &&\n' "$destination"
+ echo "removed '$destination' (wrongsource)" >> "$__messages_out"
+ fi
+ fi
+
+ # create our link
+ printf 'ln %s -f "%s" "%s"\n' "$lnopt" "$source" "$destination"
+ echo "created '$destination'" >> "$__messages_out"
;;
absent)
- echo rm -f \"$destination\"
+ # only delete if it is a sym/hard link
+ if [ "$file_type" = "symlink" ] || [ "$file_type" = "hardlink" ]; then
+ printf 'rm -f "%s"\n' "$destination"
+ echo "removed '$destination'" >> "$__messages_out"
+ fi
;;
*)
echo "Unknown state: $state_should" >&2
diff --git a/cdist/conf/type/__link/man.rst b/cdist/conf/type/__link/man.rst
new file mode 100644
index 00000000..fe0ce425
--- /dev/null
+++ b/cdist/conf/type/__link/man.rst
@@ -0,0 +1,76 @@
+cdist-type__link(7)
+===================
+
+NAME
+----
+cdist-type__link - Manage links (hard and symbolic)
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to manage hard and symbolic links.
+The given object id is the destination for the link.
+
+
+REQUIRED PARAMETERS
+-------------------
+source
+ Specifies the link source.
+
+type
+ Specifies the link type: Either hard or symoblic.
+
+
+OPTIONAL PARAMETERS
+-------------------
+state
+ 'present' or 'absent', defaults to 'present'
+
+
+MESSAGES
+--------
+
+created
+ Link to destination was created.
+
+removed
+ Link to destination was removed.
+
+removed (directory)
+ Destination was removed because state is ``present`` and destination was directory.
+
+removed (wrongsource)
+ Destination was removed because state is ``present`` and destination link source was wrong.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Create hard link of /etc/shadow
+ __link /root/shadow --source /etc/shadow --type hard
+
+ # Relative symbolic link
+ __link /etc/apache2/sites-enabled/www.test.ch \
+ --source ../sites-available/www.test.ch \
+ --type symbolic
+
+ # Absolute symbolic link
+ __link /opt/plone --source /home/services/plone --type symbolic
+
+ # Remove link
+ __link /opt/plone --state absent
+
+
+AUTHORS
+-------
+Nico Schottelius
+
+
+COPYING
+-------
+Copyright \(C) 2011-2012 Nico Schottelius. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__link/man.text b/cdist/conf/type/__link/man.text
deleted file mode 100644
index 663087db..00000000
--- a/cdist/conf/type/__link/man.text
+++ /dev/null
@@ -1,60 +0,0 @@
-cdist-type__link(7)
-===================
-Nico Schottelius
-
-
-NAME
-----
-cdist-type__link - Manage links (hard and symbolic)
-
-
-DESCRIPTION
------------
-This cdist type allows you to manage hard and symbolic links.
-The given object id is the destination for the link.
-
-
-REQUIRED PARAMETERS
--------------------
-source::
- Specifies the link source.
-
-type::
- Specifies the link type: Either hard or symoblic.
-
-
-OPTIONAL PARAMETERS
--------------------
-state::
- 'present' or 'absent', defaults to 'present'
-
-
-EXAMPLES
---------
-
---------------------------------------------------------------------------------
-# Create hard link of /etc/shadow
-__link /root/shadow --source /etc/shadow --type hard
-
-# Relative symbolic link
-__link /etc/apache2/sites-enabled/www.test.ch \
- --source ../sites-available/www.test.ch \
- --type symbolic
-
-# Absolute symbolic link
-__link /opt/plone --source /home/services/plone --type symbolic
-
-# Remove link
-__link /opt/plone --state absent
---------------------------------------------------------------------------------
-
-
-SEE ALSO
---------
-- cdist-type(7)
-
-
-COPYING
--------
-Copyright \(C) 2011-2012 Nico Schottelius. Free use of this software is
-granted under the terms of the GNU General Public License version 3 (GPLv3).
diff --git a/cdist/conf/type/__link/parameter/default/state b/cdist/conf/type/__link/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__link/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__locale/files/locale.gen b/cdist/conf/type/__locale/files/locale.gen
new file mode 100644
index 00000000..cf8e8651
--- /dev/null
+++ b/cdist/conf/type/__locale/files/locale.gen
@@ -0,0 +1,3 @@
+de_CH.UTF-8 UTF-8
+de_DE.UTF-8 UTF-8
+en_US.UTF-8 UTF-8
diff --git a/cdist/conf/type/__locale/gencode-remote b/cdist/conf/type/__locale/gencode-remote
new file mode 100755
index 00000000..1feb9884
--- /dev/null
+++ b/cdist/conf/type/__locale/gencode-remote
@@ -0,0 +1,60 @@
+#!/bin/sh -e
+#
+# 2013-2019 Nico Schottelius (nico-cdist at schottelius.org)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# Let localedef do the magic
+#
+
+locale="$__object_id"
+
+# Hardcoded, create a pull request with
+# branching on $os in case it is at another location
+alias=/usr/share/locale/locale.alias
+
+input=$(echo "$locale" | cut -d . -f 1)
+charmap=$(echo "$locale" | cut -d . -f 2)
+
+# Adding locale? The name is de_CH.UTF-8
+# Removing locale? The name is de_CH.utf8.
+# W-T-F!
+locale_remove=$(echo "$locale" | sed 's/UTF-8/utf8/')
+
+state=$(cat "$__object/parameter/state")
+
+os=$(cat "$__global/explorer/os")
+
+# Nothing to be done on alpine
+case "$os" in
+ alpine)
+ exit 0
+ ;;
+esac
+
+case "$state" in
+ present)
+ echo localedef -A "$alias" -f "$charmap" -i "$input" "$locale"
+ ;;
+ absent)
+ echo localedef --delete-from-archive "$locale_remove"
+ ;;
+ *)
+ echo "Unsupported state: $state" >&2
+ exit 1
+ ;;
+esac
diff --git a/cdist/conf/type/__locale/man.rst b/cdist/conf/type/__locale/man.rst
new file mode 100644
index 00000000..e36ab061
--- /dev/null
+++ b/cdist/conf/type/__locale/man.rst
@@ -0,0 +1,50 @@
+cdist-type__locale(7)
+=====================
+
+NAME
+----
+cdist-type__locale - Configure locales
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to setup locales. On systems that don't
+support locale setting like alpine/musl libc, it is a no-op.
+
+
+OPTIONAL PARAMETERS
+-------------------
+state
+ 'present' or 'absent', defaults to present
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Add locale de_CH.UTF-8
+ __locale de_CH.UTF-8
+
+ # Same as above, but more explicit
+ __locale de_CH.UTF-8 --state present
+
+ # Remove colourful British English
+ __locale en_GB.UTF-8 --state absent
+
+
+SEE ALSO
+--------
+:strong:`locale`\ (1), :strong:`localedef`\ (1), :strong:`cdist-type__locale_system`\ (7)
+
+
+AUTHORS
+-------
+Nico Schottelius
+
+
+COPYING
+-------
+Copyright \(C) 2013-2019 Nico Schottelius. Free use of this software is
+granted under the terms of the GNU General Public License version 3 or
+later (GPLv3+).
diff --git a/cdist/conf/type/__locale/manifest b/cdist/conf/type/__locale/manifest
new file mode 100755
index 00000000..9f1e17ac
--- /dev/null
+++ b/cdist/conf/type/__locale/manifest
@@ -0,0 +1,41 @@
+#!/bin/sh -e
+#
+# 2013-2019 Nico Schottelius (nico-cdist at schottelius.org)
+# 2015 David Hürlimann (david at ungleich.ch)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# Install required packages
+#
+
+os=$(cat "$__global/explorer/os")
+
+
+case "$os" in
+ debian|devuan)
+ # Debian needs a seperate package
+ __package locales --state present
+ ;;
+ archlinux|suse|ubuntu|scientific|centos|alpine)
+ :
+ ;;
+ *)
+ echo "Sorry, do not know how to handle os: $os" >&2
+ echo "Please edit the type ${__type##*/} to fix this." >&2
+ exit 1
+ ;;
+esac
diff --git a/cdist/conf/type/__locale/parameter/default/state b/cdist/conf/type/__locale/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__locale/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__process/parameter/required b/cdist/conf/type/__locale/parameter/optional
similarity index 100%
rename from cdist/conf/type/__process/parameter/required
rename to cdist/conf/type/__locale/parameter/optional
diff --git a/cdist/conf/type/__locale_system/man.rst b/cdist/conf/type/__locale_system/man.rst
new file mode 100644
index 00000000..03d36960
--- /dev/null
+++ b/cdist/conf/type/__locale_system/man.rst
@@ -0,0 +1,64 @@
+cdist-type__locale_system(7)
+============================
+
+NAME
+----
+cdist-type__locale_system - Set system-wide locale
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to modify system-wide locale.
+The name of the locale category is given as the object id
+(usually you are probably interested in using LANG).
+
+
+OPTIONAL PARAMETERS
+-------------------
+
+state
+ present or absent, defaults to present.
+ If present, sets the locale category to the given value.
+ If absent, removes the locale category from the system file.
+
+value
+ The value for the locale category.
+ Defaults to en_US.UTF-8.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Set LANG to en_US.UTF-8
+ __locale_system LANG
+
+ # Same as above, but more explicit
+ __locale_system LANG --value en_US.UTF-8
+
+ # Set category LC_MESSAGES to de_CH.UTF-8
+ __locale_system LC_MESSAGES --value de_CH.UTF-8
+
+ # Remove setting for LC_ALL
+ __locale_system LC_ALL --state absent
+
+
+
+SEE ALSO
+--------
+:strong:`locale`\ (1), :strong:`localedef`\ (1), :strong:`cdist-type__locale`\ (7)
+
+
+AUTHORS
+-------
+| Steven Armstrong
+| Carlos Ortigoza
+| Nico Schottelius
+
+
+COPYING
+-------
+Copyright \(C) 2016 Nico Schottelius. Free use of this software is
+granted under the terms of the GNU General Public License version 3 or
+later (GPLv3+).
diff --git a/cdist/conf/type/__locale_system/manifest b/cdist/conf/type/__locale_system/manifest
new file mode 100755
index 00000000..80f7401b
--- /dev/null
+++ b/cdist/conf/type/__locale_system/manifest
@@ -0,0 +1,55 @@
+#!/bin/sh -e
+#
+# 2012-2016 Steven Armstrong (steven-cdist at armstrong.cc)
+# 2016 Carlos Ortigoza (carlos.ortigoza at ungleich.ch)
+# 2016 Nico Schottelius (nico.schottelius at ungleich.ch)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# Configure system-wide locale by modifying i18n file.
+#
+
+os=$(cat "$__global/explorer/os")
+
+case "$os" in
+ debian|ubuntu)
+ locale_conf="/etc/default/locale"
+ ;;
+ archlinux)
+ locale_conf="/etc/locale.conf"
+ ;;
+ redhat|centos)
+ locale_conf="/etc/sysconfig/i18n"
+ ;;
+ *)
+ echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2
+ echo "Please contribute an implementation for it if you can." >&2
+ exit 1
+ ;;
+esac
+
+__file "$locale_conf" \
+ --owner root --group root --mode 644 \
+ --state exists
+
+require="__file/$locale_conf" \
+ __key_value "$locale_conf:$__object_id" \
+ --file "$locale_conf" \
+ --key "$__object_id" \
+ --delimiter = \
+ --state "$(cat "$__object/parameter/state")" \
+ --value "$(cat "$__object/parameter/value")"
diff --git a/cdist/conf/type/__locale_system/parameter/default/state b/cdist/conf/type/__locale_system/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__locale_system/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__locale_system/parameter/default/value b/cdist/conf/type/__locale_system/parameter/default/value
new file mode 100644
index 00000000..927508f3
--- /dev/null
+++ b/cdist/conf/type/__locale_system/parameter/default/value
@@ -0,0 +1 @@
+en_US.UTF-8
diff --git a/cdist/conf/type/__locale_system/parameter/optional b/cdist/conf/type/__locale_system/parameter/optional
new file mode 100644
index 00000000..d0460d86
--- /dev/null
+++ b/cdist/conf/type/__locale_system/parameter/optional
@@ -0,0 +1,2 @@
+state
+value
diff --git a/cdist/conf/type/__motd/gencode-remote b/cdist/conf/type/__motd/gencode-remote
new file mode 100755
index 00000000..bc842cc8
--- /dev/null
+++ b/cdist/conf/type/__motd/gencode-remote
@@ -0,0 +1,35 @@
+#!/bin/sh -e
+#
+# 2013 Nico Schottelius (nico-cdist at schottelius.org)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+
+os=$(cat "$__global/explorer/os")
+
+case "$os" in
+ debian|ubuntu|devuan)
+
+ # Debian and Ubuntu need to be updated,
+ # as seen in /etc/init.d/bootlogs
+ echo "uname -snrvm > /var/run/motd"
+ echo "cat /etc/motd.tail >> /var/run/motd"
+ ;;
+ *)
+ exit 0
+ ;;
+esac
diff --git a/cdist/conf/type/__motd/man.text b/cdist/conf/type/__motd/man.rst
similarity index 52%
rename from cdist/conf/type/__motd/man.text
rename to cdist/conf/type/__motd/man.rst
index a4ca80b5..17369684 100644
--- a/cdist/conf/type/__motd/man.text
+++ b/cdist/conf/type/__motd/man.rst
@@ -1,7 +1,5 @@
cdist-type__motd(7)
===================
-Nico Schottelius
-
NAME
----
@@ -20,7 +18,7 @@ None.
OPTIONAL PARAMETERS
-------------------
-source::
+source
If supplied, copy this file from the host running cdist to the target.
If not supplied, a default message will be placed onto the target.
@@ -28,21 +26,23 @@ source::
EXAMPLES
--------
---------------------------------------------------------------------------------
-# Use cdist defaults
-__motd
+.. code-block:: sh
-# Supply source file from a different type
-__motd --source "$__type/files/my-motd"
---------------------------------------------------------------------------------
+ # Use cdist defaults
+ __motd
+
+ # Supply source file from a different type
+ __motd --source "$__type/files/my-motd"
-SEE ALSO
---------
-- cdist-type(7)
+AUTHORS
+-------
+Nico Schottelius
COPYING
-------
-Copyright \(C) 2011 Nico Schottelius. Free use of this software is
-granted under the terms of the GNU General Public License version 3 (GPLv3).
+Copyright \(C) 2011 Nico Schottelius. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__motd/manifest b/cdist/conf/type/__motd/manifest
index 286d1ff3..cd741cf4 100755
--- a/cdist/conf/type/__motd/manifest
+++ b/cdist/conf/type/__motd/manifest
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/sh -e
#
# 2011 Nico Schottelius (nico-cdist at schottelius.org)
#
@@ -22,6 +22,9 @@
# Select motd source
if [ -f "$__object/parameter/source" ]; then
source="$(cat "$__object/parameter/source")"
+ if [ "$source" = "-" ]; then
+ source="${__object}/stdin"
+ fi
else
source="$__type/files/motd"
fi
@@ -30,7 +33,7 @@ os=$(cat "$__global/explorer/os")
case "$os" in
- debian|ubuntu)
+ debian|ubuntu|devuan)
destination=/etc/motd.tail
;;
*)
diff --git a/cdist/conf/type/__mount/explorer/mounted b/cdist/conf/type/__mount/explorer/mounted
new file mode 100755
index 00000000..81f8e454
--- /dev/null
+++ b/cdist/conf/type/__mount/explorer/mounted
@@ -0,0 +1,27 @@
+#!/bin/sh
+#
+# 2014 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+path="$(cat "$__object/parameter/path" 2>/dev/null || echo "/$__object_id")"
+
+if mountpoint -q "$path"; then
+ echo yes
+else
+ echo no
+fi
diff --git a/cdist/conf/type/__mount/gencode-remote b/cdist/conf/type/__mount/gencode-remote
new file mode 100755
index 00000000..b2096764
--- /dev/null
+++ b/cdist/conf/type/__mount/gencode-remote
@@ -0,0 +1,51 @@
+#!/bin/sh -e
+#
+# 2014 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+path="$(cat "$__object/parameter/path" 2>/dev/null || echo "/$__object_id")"
+state_should="$(cat "$__object/parameter/state")"
+state_is="$(grep -q -x yes "$__object/explorer/mounted" && echo present || echo absent)"
+
+if [ "$state_should" = "$state_is" ]; then
+ # nothing to do
+ exit 0
+fi
+
+case "$state_should" in
+ present)
+ if [ -f "$__object/parameter/nofstab" ]; then
+ # mount manually
+ printf 'mount'
+ if [ -f "$__object/parameter/type" ]; then
+ printf ' -t %s' "$(cat "$__object/parameter/type")"
+ fi
+ if [ -f "$__object/parameter/options" ]; then
+ printf ' -o %s' "$(cat "$__object/parameter/options")"
+ fi
+ printf ' %s' "$(cat "$__object/parameter/device")"
+ printf ' %s\n' "$path"
+ else
+ # mount using existing fstab entry
+ printf 'mount "%s"\n' "$path"
+ fi
+ ;;
+ absent)
+ printf 'umount "%s"\n' "$path"
+ ;;
+esac
diff --git a/cdist/conf/type/__mount/man.rst b/cdist/conf/type/__mount/man.rst
new file mode 100644
index 00000000..d719a1cd
--- /dev/null
+++ b/cdist/conf/type/__mount/man.rst
@@ -0,0 +1,84 @@
+cdist-type__mount(7)
+====================
+
+NAME
+----
+cdit-type__mount - Manage filesystem mounts
+
+
+DESCRIPTION
+-----------
+Manage filesystem mounts either via /etc/fstab or manually.
+
+
+REQUIRED PARAMETERS
+-------------------
+None.
+
+
+OPTIONAL PARAMETERS
+-------------------
+device
+ device to mount at path, defaults to 'none'. see mount(8)
+
+dump
+ value for the dump field in fstab. see fstab(5)
+ defaults to 0.
+
+ This parameter is ignored, if the nofstab parameter is given.
+
+options
+ comma separated string of options, see mount(8)
+
+pass
+ value for the pass field in fstab. see fstab(5)
+ defaults to 0.
+
+ This parameter is ignored, if the nofstab parameter is given.
+
+path
+ mount point where to mount the device, see mount(8).
+ Defaults to __object_id
+
+state
+ either present or absent. Defaults to present.
+
+type
+ vfstype, see mount(8)
+
+
+BOOLEAN PARAMETERS
+------------------
+nofstab
+ do not manage an entry in /etc/fstab
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __mount /some/dir \
+ --device /dev/sdc3 \
+ --type xfs \
+ --options "defaults,ro"
+ --dump 0 \
+ --pass 1
+
+ __mount /var/lib/one \
+ --device mfsmount \
+ --type fuse \
+ --options "mfsmaster=mfsmaster.domain.tld,mfssubfolder=/one,nonempty,_netdev"
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2014 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__mount/manifest b/cdist/conf/type/__mount/manifest
new file mode 100755
index 00000000..999d806c
--- /dev/null
+++ b/cdist/conf/type/__mount/manifest
@@ -0,0 +1,42 @@
+#!/bin/sh -e
+#
+# 2014 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+path="$(cat "$__object/parameter/path" 2>/dev/null || echo "/$__object_id")"
+state="$(cat "$__object/parameter/state")"
+
+if [ ! -f "$__object/parameter/nofstab" ]; then
+ # Generate an entry for /etc/fstab
+ (
+printf "%s" "$(cat "$__object/parameter/device")"
+printf " %s" "$path"
+type="$(cat "$__object/parameter/type")"
+printf " %s" "$type"
+options="$(cat "$__object/parameter/options")"
+printf " %s" "$options"
+printf " %s" "$(cat "$__object/parameter/dump")"
+printf ' %s\n' "$(cat "$__object/parameter/pass")"
+) | \
+__block "$__object_name" \
+ --file "/etc/fstab" \
+ --prefix "#cdist:$__object_name" \
+ --suffix "#/cdist:$__object_name" \
+ --state "$state" \
+ --text -
+fi
diff --git a/cdist/conf/type/__mount/parameter/boolean b/cdist/conf/type/__mount/parameter/boolean
new file mode 100644
index 00000000..ac6f41a8
--- /dev/null
+++ b/cdist/conf/type/__mount/parameter/boolean
@@ -0,0 +1 @@
+nofstab
diff --git a/cdist/conf/type/__mount/parameter/default/device b/cdist/conf/type/__mount/parameter/default/device
new file mode 100644
index 00000000..621e94f0
--- /dev/null
+++ b/cdist/conf/type/__mount/parameter/default/device
@@ -0,0 +1 @@
+none
diff --git a/cdist/conf/type/__mount/parameter/default/dump b/cdist/conf/type/__mount/parameter/default/dump
new file mode 100644
index 00000000..573541ac
--- /dev/null
+++ b/cdist/conf/type/__mount/parameter/default/dump
@@ -0,0 +1 @@
+0
diff --git a/cdist/conf/type/__mount/parameter/default/options b/cdist/conf/type/__mount/parameter/default/options
new file mode 100644
index 00000000..e94f8140
--- /dev/null
+++ b/cdist/conf/type/__mount/parameter/default/options
@@ -0,0 +1 @@
+defaults
diff --git a/cdist/conf/type/__mount/parameter/default/pass b/cdist/conf/type/__mount/parameter/default/pass
new file mode 100644
index 00000000..573541ac
--- /dev/null
+++ b/cdist/conf/type/__mount/parameter/default/pass
@@ -0,0 +1 @@
+0
diff --git a/cdist/conf/type/__mount/parameter/default/state b/cdist/conf/type/__mount/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__mount/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__mount/parameter/default/type b/cdist/conf/type/__mount/parameter/default/type
new file mode 100644
index 00000000..865faf10
--- /dev/null
+++ b/cdist/conf/type/__mount/parameter/default/type
@@ -0,0 +1 @@
+auto
diff --git a/cdist/conf/type/__mount/parameter/optional b/cdist/conf/type/__mount/parameter/optional
new file mode 100644
index 00000000..29d3e5ef
--- /dev/null
+++ b/cdist/conf/type/__mount/parameter/optional
@@ -0,0 +1,7 @@
+device
+dump
+options
+pass
+path
+state
+type
diff --git a/cdist/conf/type/__mysql_database/gencode-remote b/cdist/conf/type/__mysql_database/gencode-remote
index 7cd32242..23e51b05 100755
--- a/cdist/conf/type/__mysql_database/gencode-remote
+++ b/cdist/conf/type/__mysql_database/gencode-remote
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/sh -e
#
# 2012 Benedikt Koeppel (code@benediktkoeppel.ch)
#
@@ -45,7 +45,6 @@ if [ -f "$__object/parameter/user" ]; then
EOF
EOFF
else
- password=""
cat <<-EOFF
mysql -u root <<-EOF
GRANT ALL PRIVILEGES ON $database.* to '$user'@'localhost';
diff --git a/cdist/conf/type/__mysql_database/man.text b/cdist/conf/type/__mysql_database/man.rst
similarity index 55%
rename from cdist/conf/type/__mysql_database/man.text
rename to cdist/conf/type/__mysql_database/man.rst
index f184a30e..1e245a08 100644
--- a/cdist/conf/type/__mysql_database/man.text
+++ b/cdist/conf/type/__mysql_database/man.rst
@@ -1,7 +1,5 @@
cdist-type__mysql_database(7)
=============================
-Benedikt Koeppel
-
NAME
----
@@ -19,31 +17,33 @@ None.
OPTIONAL PARAMETERS
-------------------
-name::
+name
The name of the database to install
defaults to the object id
-user::
+user
A user that should have access to the database
-password::
+password
The password for the user who manages the database
EXAMPLES
--------
---------------------------------------------------------------------------------
-__mysql_database "cdist" --name "cdist" --user "myuser" --password "mypwd"
---------------------------------------------------------------------------------
+.. code-block:: sh
+
+ __mysql_database "cdist" --name "cdist" --user "myuser" --password "mypwd"
-SEE ALSO
---------
-- cdist-type(7)
+AUTHORS
+-------
+Benedikt Koeppel
COPYING
-------
-Copyright \(C) 2012 Benedikt Koeppel. Free use of this software is
-granted under the terms of the GNU General Public License version 3 (GPLv3).
+Copyright \(C) 2012 Benedikt Koeppel. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__file/explorer/exists b/cdist/conf/type/__package/explorer/pkgng_exists
similarity index 78%
rename from cdist/conf/type/__file/explorer/exists
rename to cdist/conf/type/__package/explorer/pkgng_exists
index c319cb5d..6d69ba14 100755
--- a/cdist/conf/type/__file/explorer/exists
+++ b/cdist/conf/type/__package/explorer/pkgng_exists
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# 2011-2012 Nico Schottelius (nico-cdist at schottelius.org)
+# 2014 Jake Guffey (jake.guffey at eprotex.com)
#
# This file is part of cdist.
#
@@ -18,13 +18,10 @@
# along with cdist. If not, see .
#
#
-# Check whether file exists or not
+# Retrieve the status of a package - parsed dpkg output
#
-destination="/$__object_id"
-
-if [ -e "$destination" ]; then
- echo yes
-else
- echo no
+if [ "$("$__explorer/os")" = "freebsd" ]; then
+ command -v pkg
fi
+
diff --git a/cdist/conf/type/__package/man.rst b/cdist/conf/type/__package/man.rst
new file mode 100644
index 00000000..fc36402b
--- /dev/null
+++ b/cdist/conf/type/__package/man.rst
@@ -0,0 +1,64 @@
+cdist-type__package(7)
+======================
+
+NAME
+----
+cdist-type__package - Manage packages
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to install or uninstall packages on the target.
+It dispatches the actual work to the package system dependent types.
+
+
+REQUIRED PARAMETERS
+-------------------
+None
+
+
+OPTIONAL PARAMETERS
+-------------------
+name
+ The name of the package to install. Default is to use the object_id as the
+ package name.
+version
+ The version of the package to install. Default is to install the version
+ chosen by the local package manager.
+type
+ The package type to use. Default is determined based on the $os explorer
+ variable.
+ e.g.
+ * __package_apt for Debian
+ * __package_emerge for Gentoo
+
+state
+ Either "present" or "absent", defaults to "present"
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Install the package vim on the target
+ __package vim --state present
+
+ # Same but install specific version
+ __package vim --state present --version 7.3.50
+
+ # Force use of a specific package type
+ __package vim --state present --type __package_apt
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2011 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__package/man.text b/cdist/conf/type/__package/man.text
deleted file mode 100644
index b656c890..00000000
--- a/cdist/conf/type/__package/man.text
+++ /dev/null
@@ -1,63 +0,0 @@
-cdist-type__package(7)
-======================
-Steven Armstrong
-
-
-NAME
-----
-cdist-type__package - Manage packages
-
-
-DESCRIPTION
------------
-This cdist type allows you to install or uninstall packages on the target.
-It dispatches the actual work to the package system dependant types.
-
-
-REQUIRED PARAMETERS
--------------------
-None
-
-
-OPTIONAL PARAMETERS
--------------------
-name::
- The name of the package to install. Default is to use the object_id as the
- package name.
-version::
- The version of the package to install. Default is to install the version
- choosen by the local package manager.
-type::
- The package type to use. Default is determined based on the $os explorer
- variable.
- e.g. __package_apt for Debian
- __package_emerge for Gentoo
-
-state::
- Either "present" or "absent", defaults to "present"
-
-
-EXAMPLES
---------
-
---------------------------------------------------------------------------------
-# Install the package vim on the target
-__package vim --state present
-
-# Same but install specific version
-__package vim --state present --version 7.3.50
-
-# Force use of a specific package type
-__package vim --state present --type __package_apt
---------------------------------------------------------------------------------
-
-
-SEE ALSO
---------
-- cdist-type(7)
-
-
-COPYING
--------
-Copyright \(C) 2011 Steven Armstrong. Free use of this software is
-granted under the terms of the GNU General Public License version 3 (GPLv3).
diff --git a/cdist/conf/type/__package/manifest b/cdist/conf/type/__package/manifest
index 6a84cb7f..a453c32b 100755
--- a/cdist/conf/type/__package/manifest
+++ b/cdist/conf/type/__package/manifest
@@ -1,6 +1,7 @@
-#!/bin/sh
+#!/bin/sh -e
#
-# 2011 Steven Armstrong (steven-cdist at armstrong.cc)
+# 2011-2013 Steven Armstrong (steven-cdist at armstrong.cc)
+# 2019 Nico Schottelius (nico-cdist at schottelius.org)
#
# This file is part of cdist.
#
@@ -19,7 +20,7 @@
#
#
# __package is an abstract type which dispatches to the lower level
-# __package_$name types which do the actual interaction with the packaging
+# __package_$type types which do the actual interaction with the packaging
# system.
#
@@ -30,13 +31,21 @@ else
# By default determine package manager based on operating system
os="$(cat "$__global/explorer/os")"
case "$os" in
- amazon|centos|fedora|redhat) type="yum" ;;
+ amazon|scientific|centos|fedora|redhat) type="yum" ;;
archlinux) type="pacman" ;;
- debian|ubuntu) type="apt" ;;
- freebsd) type="pkg_freebsd" ;;
+ debian|ubuntu|devuan) type="apt" ;;
+ freebsd)
+ if [ -n "$(cat "$__object/explorer/pkgng_exists")" ]; then
+ type="pkgng_freebsd"
+ else
+ type="pkg_freebsd"
+ fi
+ ;;
gentoo) type="emerge" ;;
suse) type="zypper" ;;
openwrt) type="opkg" ;;
+ openbsd) type="pkg_openbsd" ;;
+ alpine) type="apk" ;;
*)
echo "Don't know how to manage packages on: $os" >&2
exit 1
@@ -44,10 +53,12 @@ else
esac
fi
-set -- "$@" "$__object_id"
+state="$(cat "$__object/parameter/state")"
+
+set -- "$@" "$__object_id" "--state" "$state"
cd "$__object/parameter"
-for property in $(ls .); do
- if [ "$property" != "type" ]; then
+for property in *; do
+ if [ "$property" != "type" ] && [ "$property" != "state" ]; then
set -- "$@" "--$property" "$(cat "$property")"
fi
done
diff --git a/cdist/conf/type/__package/nonparallel b/cdist/conf/type/__package/nonparallel
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__package/parameter/boolean b/cdist/conf/type/__package/parameter/boolean
new file mode 100644
index 00000000..effcb218
--- /dev/null
+++ b/cdist/conf/type/__package/parameter/boolean
@@ -0,0 +1 @@
+upgrade
diff --git a/cdist/conf/type/__package/parameter/default/state b/cdist/conf/type/__package/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__package/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__package/parameter/optional b/cdist/conf/type/__package/parameter/optional
index 9982507e..bb3f5154 100644
--- a/cdist/conf/type/__package/parameter/optional
+++ b/cdist/conf/type/__package/parameter/optional
@@ -3,3 +3,5 @@ version
type
pkgsite
state
+ptype
+repo
diff --git a/cdist/conf/type/__package_apk/explorer/state b/cdist/conf/type/__package_apk/explorer/state
new file mode 100755
index 00000000..b477ca7c
--- /dev/null
+++ b/cdist/conf/type/__package_apk/explorer/state
@@ -0,0 +1,38 @@
+#!/bin/sh
+#
+# 2019 Nico Schottelius (nico-cdist at schottelius.org)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# Retrieve the status of a package - parsed apk output
+#
+
+if [ -f "$__object/parameter/name" ]; then
+ name="$(cat "$__object/parameter/name")"
+else
+ name="$__object_id"
+fi
+
+# Remove the @.. repo tag for finding out whether it is installed
+# f.i. pass@testing => pass
+name="$(echo "$name" | sed 's/@.*//')"
+
+if [ "$(apk list -I "$name")" ]; then
+ echo present
+else
+ echo absent
+fi
diff --git a/cdist/conf/type/__package_apk/gencode-remote b/cdist/conf/type/__package_apk/gencode-remote
new file mode 100755
index 00000000..79e3d2b6
--- /dev/null
+++ b/cdist/conf/type/__package_apk/gencode-remote
@@ -0,0 +1,49 @@
+#!/bin/sh -e
+#
+# 2019 Nico Schottelius (nico-cdist at schottelius.org)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# Manage packages on Debian and co.
+#
+
+if [ -f "$__object/parameter/name" ]; then
+ name="$(cat "$__object/parameter/name")"
+else
+ name="$__object_id"
+fi
+
+state_should="$(cat "$__object/parameter/state")"
+state_is="$(cat "$__object/explorer/state")"
+
+# Nothing to be done
+[ "$state_is" = "$state_should" ] && exit 0
+
+case "$state_should" in
+ present)
+ echo "apk add -q '$name'"
+ echo "installed" >> "$__messages_out"
+ ;;
+ absent)
+ echo "apk del -q '$name'"
+ echo "removed" >> "$__messages_out"
+ ;;
+ *)
+ echo "Unknown state: $state_should" >&2
+ exit 1
+ ;;
+esac
diff --git a/cdist/conf/type/__package_apk/man.rst b/cdist/conf/type/__package_apk/man.rst
new file mode 100644
index 00000000..bc2408b4
--- /dev/null
+++ b/cdist/conf/type/__package_apk/man.rst
@@ -0,0 +1,55 @@
+cdist-type__package_akp(7)
+==========================
+
+NAME
+----
+cdist-type__package_akp - Manage packages with akp
+
+
+DESCRIPTION
+-----------
+apk is usually used on Alpine to manage packages.
+
+
+REQUIRED PARAMETERS
+-------------------
+None
+
+
+OPTIONAL PARAMETERS
+-------------------
+name
+ If supplied, use the name and not the object id as the package name.
+
+state
+ Either "present" or "absent", defaults to "present"
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Ensure zsh in installed
+ __package_apk zsh --state present
+
+ # Remove package
+ __package_apk apache2 --state absent
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__package`\ (7)
+
+
+AUTHORS
+-------
+Nico Schottelius
+
+
+COPYING
+-------
+Copyright \(C) 2019 Nico Schottelius. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__package_apk/nonparallel b/cdist/conf/type/__package_apk/nonparallel
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__package_apk/parameter/default/state b/cdist/conf/type/__package_apk/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__package_apk/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__package_apk/parameter/optional b/cdist/conf/type/__package_apk/parameter/optional
new file mode 100644
index 00000000..1b423dc4
--- /dev/null
+++ b/cdist/conf/type/__package_apk/parameter/optional
@@ -0,0 +1,2 @@
+name
+state
diff --git a/cdist/conf/type/__package_apt/explorer/state b/cdist/conf/type/__package_apt/explorer/state
index 04926b60..7ccd6fce 100755
--- a/cdist/conf/type/__package_apt/explorer/state
+++ b/cdist/conf/type/__package_apt/explorer/state
@@ -30,8 +30,9 @@ fi
# Except dpkg failing, if package is not known / installed
packages="$(apt-cache showpkg "$name" | sed -e "1,/Reverse Provides:/d" | cut -d ' ' -f 1) $name"
for p in $packages; do
- if [ -n "$(dpkg -s "$p" 2>/dev/null | grep "^Status: install ok installed$")" ]; then
- echo "present $p"
+ if dpkg -s "$p" 2>/dev/null | grep --quiet "^Status: install ok installed$" ; then
+ version=$(dpkg -s "$p" 2>/dev/null | grep "^Version:" | cut -d ' ' -f 2)
+ echo "present $p $version"
exit 0
fi
done
diff --git a/cdist/conf/type/__package_apt/gencode-remote b/cdist/conf/type/__package_apt/gencode-remote
index a80d707e..699eb0c9 100755
--- a/cdist/conf/type/__package_apt/gencode-remote
+++ b/cdist/conf/type/__package_apt/gencode-remote
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/sh -e
#
-# 2011-2012 Nico Schottelius (nico-cdist at schottelius.org)
+# 2011-2013 Nico Schottelius (nico-cdist at schottelius.org)
#
# This file is part of cdist.
#
@@ -27,31 +27,62 @@ else
name="$__object_id"
fi
-if [ -f "$__object/parameter/state" ]; then
- state_should="$(cat "$__object/parameter/state")"
-else
- state_should="present"
+state_should="$(cat "$__object/parameter/state")"
+
+version_param="$__object/parameter/version"
+
+version=""
+if [ -f "$version_param" ]; then
+ version="$(cat "$version_param")"
fi
+if [ -f "$__object/parameter/target-release" ]; then
+ target_release="--target-release $(cat "$__object/parameter/target-release")"
+else
+ target_release=""
+fi
+
+if [ -f "$__object/parameter/purge-if-absent" ]; then
+ purgeparam="--purge"
+else
+ purgeparam=""
+fi
+
+
# FIXME: use grep directly, state is a list, not a line!
state_is="$(cat "$__object/explorer/state")"
case "$state_is" in
present*)
name="$(echo "$state_is" | cut -d ' ' -f 2)"
+ version_is="$(echo "$state_is" | cut -d ' ' -f 3)"
state_is="present"
;;
+ *)
+ version_is=""
+ ;;
esac
-aptget="DEBIAN_FRONTEND=noninteractive apt-get --quiet --yes"
+# Hint if we need to avoid questions at some point:
+# DEBIAN_PRIORITY=critical can reduce the number of questions
+aptget="DEBIAN_FRONTEND=noninteractive apt-get --quiet --yes --no-install-recommends -o Dpkg::Options::=\"--force-confdef\" -o Dpkg::Options::=\"--force-confold\""
-[ "$state_is" = "$state_should" ] && exit 0
+if [ "$state_is" = "$state_should" ]; then
+ if [ -z "$version" ] || [ "$version" = "$version_is" ]; then
+ exit 0;
+ fi
+fi
case "$state_should" in
present)
- echo $aptget install \"$name\"
+ if [ -n "$version" ]; then
+ name="${name}=${version}"
+ fi
+ echo "$aptget install $target_release '$name'"
+ echo "installed" >> "$__messages_out"
;;
absent)
- echo $aptget remove \"$name\"
+ echo "$aptget remove $purgeparam '$name'"
+ echo "removed" >> "$__messages_out"
;;
*)
echo "Unknown state: $state_should" >&2
diff --git a/cdist/conf/type/__package_apt/man.rst b/cdist/conf/type/__package_apt/man.rst
new file mode 100644
index 00000000..a3a70d91
--- /dev/null
+++ b/cdist/conf/type/__package_apt/man.rst
@@ -0,0 +1,74 @@
+cdist-type__package_apt(7)
+==========================
+
+NAME
+----
+cdist-type__package_apt - Manage packages with apt-get
+
+
+DESCRIPTION
+-----------
+apt-get is usually used on Debian and variants (like Ubuntu) to
+manage packages.
+
+
+REQUIRED PARAMETERS
+-------------------
+None
+
+
+OPTIONAL PARAMETERS
+-------------------
+name
+ If supplied, use the name and not the object id as the package name.
+
+state
+ Either "present" or "absent", defaults to "present"
+
+target-release
+ Passed on to apt-get install, see apt-get(8).
+ Essentially allows you to retrieve packages from a different release
+
+version
+ The version of the package to install. Default is to install the version
+ chosen by the local package manager.
+
+
+BOOLEAN PARAMETERS
+------------------
+purge-if-absent
+ If this parameter is given when state is `absent`, the package is
+ purged from the system (using `--purge`).
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Ensure zsh in installed
+ __package_apt zsh --state present
+
+ # In case you only want *a* webserver, but don't care which one
+ __package_apt webserver --state present --name nginx
+
+ # Remove obsolete package
+ __package_apt puppet --state absent
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__package`\ (7)
+
+
+AUTHORS
+-------
+Nico Schottelius
+
+
+COPYING
+-------
+Copyright \(C) 2011-2012 Nico Schottelius. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__package_apt/man.text b/cdist/conf/type/__package_apt/man.text
deleted file mode 100644
index 5d4656c1..00000000
--- a/cdist/conf/type/__package_apt/man.text
+++ /dev/null
@@ -1,55 +0,0 @@
-cdist-type__package_apt(7)
-==========================
-Nico Schottelius
-
-
-NAME
-----
-cdist-type__package_apt - Manage packages with apt-get
-
-
-DESCRIPTION
------------
-apt-get is usually used on Debian and variants (like Ubuntu) to
-manage packages.
-
-
-REQUIRED PARAMETERS
--------------------
-None
-
-
-OPTIONAL PARAMETERS
--------------------
-name::
- If supplied, use the name and not the object id as the package name.
-
-state::
- Either "present" or "absent", defaults to "present"
-
-
-EXAMPLES
---------
-
---------------------------------------------------------------------------------
-# Ensure zsh in installed
-__package_apt zsh --state present
-
-# In case you only want *a* webserver, but don't care which one
-__package_apt webserver --state present --name nginx
-
-# Remove obsolete package
-__package_apt puppet --state absent
---------------------------------------------------------------------------------
-
-
-SEE ALSO
---------
-- cdist-type(7)
-- cdist-type__package(7)
-
-
-COPYING
--------
-Copyright \(C) 2011-2012 Nico Schottelius. Free use of this software is
-granted under the terms of the GNU General Public License version 3 (GPLv3).
diff --git a/cdist/conf/type/__package_apt/nonparallel b/cdist/conf/type/__package_apt/nonparallel
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__package_apt/parameter/boolean b/cdist/conf/type/__package_apt/parameter/boolean
new file mode 100644
index 00000000..f9a0f6b0
--- /dev/null
+++ b/cdist/conf/type/__package_apt/parameter/boolean
@@ -0,0 +1 @@
+purge-if-absent
diff --git a/cdist/conf/type/__package_apt/parameter/default/state b/cdist/conf/type/__package_apt/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__package_apt/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__package_apt/parameter/optional b/cdist/conf/type/__package_apt/parameter/optional
index 41b8e6cf..d6674f95 100644
--- a/cdist/conf/type/__package_apt/parameter/optional
+++ b/cdist/conf/type/__package_apt/parameter/optional
@@ -1,3 +1,4 @@
name
version
state
+target-release
diff --git a/cdist/conf/type/__package_dpkg/explorer/pkg_state b/cdist/conf/type/__package_dpkg/explorer/pkg_state
new file mode 100644
index 00000000..d7487ed8
--- /dev/null
+++ b/cdist/conf/type/__package_dpkg/explorer/pkg_state
@@ -0,0 +1,11 @@
+#!/bin/sh -e
+
+package=$( basename "$__object_id" )
+
+dpkg_status="$(dpkg-query --show --showformat='${db:Status-Abbrev} ${binary:Package}_${Version}_${Architecture}.deb\n' "${package%%_*}" 2>/dev/null || true)"
+
+if echo "$dpkg_status" | grep -q '^ii'; then
+ echo "${dpkg_status##* }"
+fi
+
+
diff --git a/cdist/conf/type/__package_dpkg/gencode-remote b/cdist/conf/type/__package_dpkg/gencode-remote
new file mode 100755
index 00000000..1c271748
--- /dev/null
+++ b/cdist/conf/type/__package_dpkg/gencode-remote
@@ -0,0 +1,51 @@
+#!/bin/sh -e
+#
+# 2013 Tomas Pospisek (tpo_deb sourcepole.ch)
+# 2018 Thomas Eckert (tom at it-eckert.de)
+#
+# This file is based on cdist's __file/gencode-local and part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# This __package_dpkg type does not check whether a *.deb package is
+# allready installed. It just copies the *.deb package over to the
+# destination and installs it. We could use __package_apt to check
+# whether a *.deb package is allready installed and only install it
+# if we're given a --force argument or similar (would be clever not
+# to conflict with dpkg's --force options). But currently we don't
+# do any checks or --force'ing.
+#
+state=$( cat "$__object/parameter/state" )
+package=$( basename "$__object_id" )
+state_is="$(cat "$__object/explorer/pkg_state")"
+state_should=""
+
+[ "$state" = "absent" ] || state_should="$package"
+[ "$state_is" = "$state_should" ] && exit 0
+
+case "$state" in
+ present)
+ echo "dpkg --install /var/cache/apt/archives/$__object_id"
+ echo "installed" >> "$__messages_out"
+ ;;
+ absent)
+ [ -f "$__object/parameter/purge-if-absent" ] \
+ && action="--purge" \
+ || action="--remove"
+ echo "dpkg $action ${__object_id%%_*}"
+ echo "removed ($action)" >> "$__messages_out"
+ ;;
+ *) echo "ERROR: unknown state '$state'" >&2 ;;
+esac
diff --git a/cdist/conf/type/__package_dpkg/man.rst b/cdist/conf/type/__package_dpkg/man.rst
new file mode 100644
index 00000000..828d8cdd
--- /dev/null
+++ b/cdist/conf/type/__package_dpkg/man.rst
@@ -0,0 +1,93 @@
+cdist-type__package_dpkg(7)
+===========================
+
+NAME
+----
+cdist-type__package_dpkg - Manage packages with dpkg
+
+
+DESCRIPTION
+-----------
+This type is used on Debian and variants (like Ubuntu) to
+install packages that are provided locally as \*.deb files.
+
+The object given to this type must be the name of the deb package.
+The filename of the deb package has to follow Debian naming conventions, i.e.
+`${binary:Package}_${Version}_${Architecture}.deb` (see `dpkg-query(1)` for
+details).
+
+
+OPTIONAL PARAMETERS
+-------------------
+state
+ `present` or `absent`, defaults to `present`.
+
+REQUIRED PARAMETERS
+-------------------
+source
+ path to the \*.deb package
+
+
+BOOLEAN PARAMETERS
+------------------
+purge-if-absent
+ If this parameter is given when state is `absent`, the package is
+ purged from the system (using `--purge`).
+
+
+EXPLORER
+--------
+pkg_state
+ Returns the full package name if package is installed, empty otherwise.
+
+
+MESSAGES
+--------
+installed
+ The deb-file was installed.
+
+removed (--remove)
+ The package was removed, keeping config.
+
+removed (--purge)
+ The package was removed including config (purged).
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Install foo and bar packages
+ __package_dpkg foo_0.1_all.deb --source /tmp/foo_0.1_all.deb
+ __package_dpkg bar_1.4.deb --source $__type/files/bar_1.4.deb
+
+ # uninstall baz:
+ __package_dpkg baz_1.4_amd64.deb \
+ --source $__type/files/baz_1.4_amd64.deb \
+ --state "absent"
+ # uninstall baz and also purge config-files:
+ __package_dpkg baz_1.4_amd64.deb \
+ --source $__type/files/baz_1.4_amd64.deb \
+ --purge-if-absent \
+ --state "absent"
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__package`\ (7), :strong:`dpkg-query`\ (1)
+
+
+AUTHORS
+-------
+| Tomas Pospisek
+| Thomas Eckert
+
+
+COPYING
+-------
+Copyright \(C) 2013 Tomas Pospisek. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
+This type is based on __package_apt.
diff --git a/cdist/conf/type/__package_dpkg/manifest b/cdist/conf/type/__package_dpkg/manifest
new file mode 100755
index 00000000..6d228d8e
--- /dev/null
+++ b/cdist/conf/type/__package_dpkg/manifest
@@ -0,0 +1,40 @@
+#!/bin/sh -e
+#
+# 2013 Tomas Pospisek (tpo_deb sourcepole.ch)
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# This __package_dpkg type does not check whether a *.deb package is
+# allready installed. It just copies the *.deb package over to the
+# destination and installs it. We could use __package_apt to check
+# whether a *.deb package is allready installed and only install it
+# if we're given a --force argument or similar (would be clever not
+# to conflict with dpkg's --force options). But currently we don't
+# do any checks or --force'ing.
+
+
+state=$( cat "$__object/parameter/state" )
+package_path=$( cat "$__object/parameter/source" )
+package=$( basename "$__object_id" )
+state_is="$(cat "$__object/explorer/pkg_state")"
+state_should=""
+
+[ "$state" = "absent" ] || state_should="$package"
+[ "$state_is" = "$state_should" ] && exit 0
+
+__file "/var/cache/apt/archives/$package" \
+ --source "$package_path" \
+ --state "$state"
+
diff --git a/cdist/conf/type/__package_dpkg/nonparallel b/cdist/conf/type/__package_dpkg/nonparallel
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__package_dpkg/parameter/boolean b/cdist/conf/type/__package_dpkg/parameter/boolean
new file mode 100644
index 00000000..f9a0f6b0
--- /dev/null
+++ b/cdist/conf/type/__package_dpkg/parameter/boolean
@@ -0,0 +1 @@
+purge-if-absent
diff --git a/cdist/conf/type/__package_dpkg/parameter/default/state b/cdist/conf/type/__package_dpkg/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__package_dpkg/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__rvm/parameter/required b/cdist/conf/type/__package_dpkg/parameter/optional
similarity index 100%
rename from cdist/conf/type/__rvm/parameter/required
rename to cdist/conf/type/__package_dpkg/parameter/optional
diff --git a/cdist/conf/type/__package_dpkg/parameter/required b/cdist/conf/type/__package_dpkg/parameter/required
new file mode 100644
index 00000000..5a18cd2f
--- /dev/null
+++ b/cdist/conf/type/__package_dpkg/parameter/required
@@ -0,0 +1 @@
+source
diff --git a/cdist/conf/type/__package_emerge/explorer/pkg_version b/cdist/conf/type/__package_emerge/explorer/pkg_version
new file mode 100644
index 00000000..d02b9d6b
--- /dev/null
+++ b/cdist/conf/type/__package_emerge/explorer/pkg_version
@@ -0,0 +1,36 @@
+#!/bin/sh
+#
+# 2013 Thomas Oettli (otho at sfs.biz)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# Retrieve the status of a package
+#
+
+if [ ! -x /usr/bin/equery ]; then
+ echo "gentoolkit not installed!" 1>&2
+ exit 1
+fi
+
+if [ -f "$__object/parameter/name" ]; then
+ name="$(cat "$__object/parameter/name")"
+else
+ name="$__object_id"
+fi
+
+# shellcheck disable=SC2016
+equery -q l -F '$cp $fullversion' "$name" || true
diff --git a/cdist/conf/type/__package_emerge/gencode-remote b/cdist/conf/type/__package_emerge/gencode-remote
new file mode 100755
index 00000000..e1b85ebb
--- /dev/null
+++ b/cdist/conf/type/__package_emerge/gencode-remote
@@ -0,0 +1,77 @@
+#!/bin/sh -e
+#
+# 2013 Thomas Oettli (otho at sfs.biz)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# Manage packages with Portage (mostly gentoo)
+#
+
+if [ -f "$__object/parameter/name" ]; then
+ name="$__object/parameter/name"
+else
+ name="$__object_id"
+fi
+
+state_should="$(cat "$__object/parameter/state")"
+
+version="$(cat "$__object/parameter/version")"
+
+if [ -n "$version" ]; then
+ name="=$name-$version"
+fi
+
+pkg_version="$(cat "$__object/explorer/pkg_version")"
+if [ -z "$pkg_version" ]; then
+ state_is="absent"
+elif [ -z "$version" ] && [ "$(echo "$pkg_version" | wc -l)" -gt 1 ]; then
+ echo "Package name is not unique! The following packages are installed:" >&2
+ echo "$pkg_version" >&2
+ exit 1
+elif [ -n "$version" ] && [ "$(echo "$pkg_version" | cut -d " " -f 1 | sort | uniq | wc -l)" -gt 1 ]; then
+ echo "Package name is not unique! The following packages are installed:" >&2
+ echo "$pkg_version" >&2
+ exit 1
+else
+ state_is="present"
+ if [ -n "$version" ] && echo "$pkg_version" | cut -d " " -f 2 | grep -q -x "$version"; then
+ installed_version="$(echo "$pkg_version" | cut -d " " -f 2 | grep -x "$version")"
+ else
+ installed_version="$(echo "$pkg_version" | cut -d " " -f 2 | tail -n 1)"
+ fi
+fi
+
+
+# Exit if nothing is needed to be done
+[ "$state_is" = "$state_should" ] && { [ -z "$version" ] || [ "$installed_version" = "$version" ]; } && exit 0
+[ "$state_should" = "absent" ] && [ -n "$version" ] && [ "$installed_version" != "$version" ] && exit 0
+
+
+case "$state_should" in
+ present)
+ echo "emerge '$name' &>/dev/null || exit 1"
+ echo "installed" >> "$__messages_out"
+ ;;
+ absent)
+ echo "emerge -C '$name' &>/dev/null || exit 1"
+ echo "removed" >> "$__messages_out"
+ ;;
+ *)
+ echo "Unknown state: $state_should" >&2
+ exit 1
+ ;;
+esac
diff --git a/cdist/conf/type/__package_emerge/man.rst b/cdist/conf/type/__package_emerge/man.rst
new file mode 100644
index 00000000..88adaff0
--- /dev/null
+++ b/cdist/conf/type/__package_emerge/man.rst
@@ -0,0 +1,63 @@
+cdist-type__package_emerge(7)
+=============================
+
+NAME
+----
+cdist-type__package_emerge - Manage packages with portage
+
+
+DESCRIPTION
+-----------
+Portage is usually used on the gentoo distribution to manage packages.
+This type requires app-portage/gentoolkit installed on the target host.
+cdist-type__package_emerge_dependencies is supposed to install the needed
+packages on the target host.
+
+
+REQUIRED PARAMETERS
+-------------------
+None
+
+
+OPTIONAL PARAMETERS
+-------------------
+name
+ If supplied, use the name and not the object id as the package name.
+
+state
+ Either "present" or "absent", defaults to "present".
+
+version
+ If supplied, use to install or uninstall a specific version of the package named.
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Ensure sys-devel/gcc is installed
+ __package_emerge sys-devel/gcc --state present
+
+ # If you want a specific version of a package
+ __package_emerge app-portage/gentoolkit --state present --version 0.3.0.8-r2
+
+ # Remove package
+ __package_emerge sys-devel/gcc --state absent
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__package`\ (7), :strong:`cdist-type__package_emerge_dependencies`\ (7)
+
+
+AUTHORS
+-------
+Thomas Oettli
+
+
+COPYING
+-------
+Copyright \(C) 2013 Thomas Oettli. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__package_emerge/nonparallel b/cdist/conf/type/__package_emerge/nonparallel
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__package_emerge/parameter/default/state b/cdist/conf/type/__package_emerge/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__package_emerge/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__package_emerge/parameter/default/version b/cdist/conf/type/__package_emerge/parameter/default/version
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__package_emerge/parameter/optional b/cdist/conf/type/__package_emerge/parameter/optional
new file mode 100644
index 00000000..f5c897df
--- /dev/null
+++ b/cdist/conf/type/__package_emerge/parameter/optional
@@ -0,0 +1,3 @@
+name
+state
+version
diff --git a/cdist/conf/type/__package_emerge_dependencies/explorer/flaggie_installed b/cdist/conf/type/__package_emerge_dependencies/explorer/flaggie_installed
new file mode 100644
index 00000000..1652ffc3
--- /dev/null
+++ b/cdist/conf/type/__package_emerge_dependencies/explorer/flaggie_installed
@@ -0,0 +1,7 @@
+#!/bin/sh
+
+if [ -x /usr/bin/flaggie ]; then
+ echo "true"
+else
+ echo "false"
+fi
diff --git a/cdist/conf/type/__package_emerge_dependencies/explorer/gentoolkit_installed b/cdist/conf/type/__package_emerge_dependencies/explorer/gentoolkit_installed
new file mode 100644
index 00000000..74c2378d
--- /dev/null
+++ b/cdist/conf/type/__package_emerge_dependencies/explorer/gentoolkit_installed
@@ -0,0 +1,7 @@
+#!/bin/sh
+
+if [ -x /usr/bin/q ]; then
+ echo "true"
+else
+ echo "false"
+fi
diff --git a/cdist/conf/type/__package_emerge_dependencies/gencode-remote b/cdist/conf/type/__package_emerge_dependencies/gencode-remote
new file mode 100755
index 00000000..f3e6f76e
--- /dev/null
+++ b/cdist/conf/type/__package_emerge_dependencies/gencode-remote
@@ -0,0 +1,16 @@
+#!/bin/sh -e
+
+gentoolkit_installed="$(cat "$__object/explorer/gentoolkit_installed")"
+flaggie_installed="$(cat "$__object/explorer/flaggie_installed")"
+
+if [ "${gentoolkit_installed}" != "true" ]; then
+ # emerge app-portage/gentoolkit
+ echo "emerge app-portage/gentoolkit &> /dev/null || exit 1"
+ echo "installed app-portage/gentoolkit" >> "$__messages_out"
+fi
+
+if [ "${flaggie_installed}" != "true" ]; then
+ # emerge app-portage/flaggie
+ echo "emerge app-portage/flaggie &> /dev/null || exit 1"
+ echo "installed app-portage/flaggie" >> "$__messages_out"
+fi
diff --git a/cdist/conf/type/__package_emerge_dependencies/man.rst b/cdist/conf/type/__package_emerge_dependencies/man.rst
new file mode 100644
index 00000000..598d31f1
--- /dev/null
+++ b/cdist/conf/type/__package_emerge_dependencies/man.rst
@@ -0,0 +1,52 @@
+cdist-type__package_emerge_dependencies(7)
+==========================================
+
+NAME
+----
+cdist-type__package_emerge_dependencies - Install dependencies for __package_emerge
+
+
+DESCRIPTION
+-----------
+Portage is usually used on the gentoo distribution to manage packages.
+This type installs the following tools which are required by __package_emerge to work:
+
+* app-portage/flaggie
+* app-portage/gentoolkit
+
+
+REQUIRED PARAMETERS
+-------------------
+None
+
+
+OPTIONAL PARAMETERS
+-------------------
+None
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Ensure app-portage/flaggie and app-portage/gentoolkit are installed
+ __package_emerge_dependencies
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__package`\ (7), :strong:`cdist-type__package_emerge`\ (7)
+
+
+AUTHORS
+-------
+Thomas Oettli
+
+
+COPYING
+-------
+Copyright \(C) 2013 Thomas Oettli. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__package_emerge_dependencies/nonparallel b/cdist/conf/type/__package_emerge_dependencies/nonparallel
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__package_emerge_dependencies/singleton b/cdist/conf/type/__package_emerge_dependencies/singleton
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__package_luarocks/explorer/pkg_status b/cdist/conf/type/__package_luarocks/explorer/pkg_status
index 3eb73298..e83e8ce6 100755
--- a/cdist/conf/type/__package_luarocks/explorer/pkg_status
+++ b/cdist/conf/type/__package_luarocks/explorer/pkg_status
@@ -28,4 +28,4 @@ else
fi
# Accept luarocks failing if package is not known/installed
-luarocks list "$name" | egrep -A1 "^$name$" || exit 0
+luarocks list "$name" | grep -E -A1 "^$name$" || exit 0
diff --git a/cdist/conf/type/__package_luarocks/gencode-remote b/cdist/conf/type/__package_luarocks/gencode-remote
index 7a5a5b04..d83b3c3a 100755
--- a/cdist/conf/type/__package_luarocks/gencode-remote
+++ b/cdist/conf/type/__package_luarocks/gencode-remote
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/sh -e
#
# 2012 SwellPath, Inc.
# Christian G. Warden
@@ -29,11 +29,7 @@ else
name="$__object_id"
fi
-if [ -f "$__object/parameter/state" ]; then
- state_should="$(cat "$__object/parameter/state")"
-else
- state_should="present"
-fi
+state_should="$(cat "$__object/parameter/state")"
if grep -q "(installed)" "$__object/explorer/pkg_status"; then
state_is="present"
@@ -46,10 +42,12 @@ fi
case "$state_should" in
present)
- echo luarocks install \"$name\"
+ echo "luarocks install '$name'"
+ echo "installed" >> "$__messages_out"
;;
absent)
- echo luarocks remove \"$name\"
+ echo "luarocks remove '$name'"
+ echo "removed" >> "$__messages_out"
;;
*)
echo "Unknown state: $state_should" >&2
diff --git a/cdist/conf/type/__package_luarocks/man.text b/cdist/conf/type/__package_luarocks/man.rst
similarity index 52%
rename from cdist/conf/type/__package_luarocks/man.text
rename to cdist/conf/type/__package_luarocks/man.rst
index 657f68e5..5dc10195 100644
--- a/cdist/conf/type/__package_luarocks/man.text
+++ b/cdist/conf/type/__package_luarocks/man.rst
@@ -1,7 +1,5 @@
cdist-type__package_luarocks(7)
===============================
-Christian G. Warden
-
NAME
----
@@ -20,32 +18,38 @@ None
OPTIONAL PARAMETERS
-------------------
-name::
+name
If supplied, use the name and not the object id as the package name.
-state::
+state
Either "present" or "absent", defaults to "present"
EXAMPLES
--------
---------------------------------------------------------------------------------
-# Ensure luasocket is installed
-__package_luarocks luasocket --state present
+.. code-block:: sh
-# Remove package
-__package_luarocks luasocket --state absent
---------------------------------------------------------------------------------
+ # Ensure luasocket is installed
+ __package_luarocks luasocket --state present
+
+ # Remove package
+ __package_luarocks luasocket --state absent
SEE ALSO
--------
-- cdist-type(7)
-- cdist-type__package(7)
+:strong:`cdist-type__package`\ (7)
+
+
+AUTHORS
+-------
+Christian G. Warden
COPYING
-------
-Copyright \(C) 2012 SwellPath, Inc. Free use of this software is
-granted under the terms of the GNU General Public License version 3 (GPLv3).
+Copyright \(C) 2012 SwellPath, Inc. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__package_luarocks/manifest b/cdist/conf/type/__package_luarocks/manifest
old mode 100644
new mode 100755
index 8e626714..7d8262ca
--- a/cdist/conf/type/__package_luarocks/manifest
+++ b/cdist/conf/type/__package_luarocks/manifest
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/sh -e
#
# 2012 SwellPath, Inc.
# Christian G. Warden
diff --git a/cdist/conf/type/__package_luarocks/nonparallel b/cdist/conf/type/__package_luarocks/nonparallel
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__package_luarocks/parameter/default/state b/cdist/conf/type/__package_luarocks/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__package_luarocks/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__package_opkg/gencode-remote b/cdist/conf/type/__package_opkg/gencode-remote
index 43f1ad8a..269d5f49 100755
--- a/cdist/conf/type/__package_opkg/gencode-remote
+++ b/cdist/conf/type/__package_opkg/gencode-remote
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/sh -e
#
-# 2011 Nico Schottelius (nico-cdist at schottelius.org)
+# 2011,2013 Nico Schottelius (nico-cdist at schottelius.org)
# 2012 Giel van Schijndel (giel plus cdist at mortis dot eu)
#
# This file is part of cdist.
@@ -28,11 +28,7 @@ else
name="$__object_id"
fi
-if [ -f "$__object/parameter/state" ]; then
- state_should="$(cat "$__object/parameter/state")"
-else
- state_should="present"
-fi
+state_should="$(cat "$__object/parameter/state")"
state_is="$(cat "$__object/explorer/pkg_status")"
case "$state_is" in
@@ -42,20 +38,22 @@ case "$state_is" in
;;
esac
-if [ "$state_is" != "$state_should" ]; then
- case "$state_should" in
- present)
- if [ "$present" = "notpresent" ]; then
- echo opkg --verbosity=0 update
- fi
- echo opkg --verbosity=0 install \"$name\"
- ;;
- absent)
- echo opkg --verbosity=0 remove \"$name\"
- ;;
- *)
- echo "Unknown state: $state" >&2
- exit 1
- ;;
- esac
-fi
+[ "$state_is" = "$state_should" ] && exit 0
+
+case "$state_should" in
+ present)
+ if [ "$present" = "notpresent" ]; then
+ echo "opkg --verbosity=0 update"
+ fi
+ echo "opkg --verbosity=0 install '$name'"
+ echo "installed" >> "$__messages_out"
+ ;;
+ absent)
+ echo "opkg --verbosity=0 remove '$name'"
+ echo "removed" >> "$__messages_out"
+ ;;
+ *)
+ echo "Unknown state: ${state_should}" >&2
+ exit 1
+ ;;
+esac
diff --git a/cdist/conf/type/__package_opkg/man.rst b/cdist/conf/type/__package_opkg/man.rst
new file mode 100644
index 00000000..0fd40b33
--- /dev/null
+++ b/cdist/conf/type/__package_opkg/man.rst
@@ -0,0 +1,55 @@
+cdist-type__package_opkg(7)
+===========================
+
+NAME
+----
+cdist-type__package_opkg - Manage packages with opkg
+
+
+DESCRIPTION
+-----------
+opkg is usually used on OpenWRT to manage packages.
+
+
+REQUIRED PARAMETERS
+-------------------
+None
+
+
+OPTIONAL PARAMETERS
+-------------------
+name
+ If supplied, use the name and not the object id as the package name.
+
+state
+ Either "present" or "absent", defaults to "present"
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Ensure lsof is installed
+ __package_opkg lsof --state present
+
+ # Remove obsolete package
+ __package_opkg dnsmasq --state absent
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__package`\ (7)
+
+
+AUTHORS
+-------
+Giel van Schijndel
+
+
+COPYING
+-------
+Copyright \(C) 2012 Giel van Schijndel. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__package_opkg/man.text b/cdist/conf/type/__package_opkg/man.text
deleted file mode 100644
index aeb0a1c5..00000000
--- a/cdist/conf/type/__package_opkg/man.text
+++ /dev/null
@@ -1,51 +0,0 @@
-cdist-type__package_opkg(7)
-==========================
-Giel van Schijndel
-
-
-NAME
-----
-cdist-type__package_opkg - Manage packages with opkg
-
-
-DESCRIPTION
------------
-opkg is usually used on OpenWRT to manage packages.
-
-
-REQUIRED PARAMETERS
--------------------
-None
-
-
-OPTIONAL PARAMETERS
--------------------
-name::
- If supplied, use the name and not the object id as the package name.
-
-state::
- Either "present" or "absent", defaults to "present"
-
-
-EXAMPLES
---------
-
---------------------------------------------------------------------------------
-# Ensure lsof is installed
-__package_opkg lsof --state present
-
-# Remove obsolete package
-__package_opkg dnsmasq --state absent
---------------------------------------------------------------------------------
-
-
-SEE ALSO
---------
-- cdist-type(7)
-- cdist-type__package(7)
-
-
-COPYING
--------
-Copyright \(C) 2012 Giel van Schijndel. Free use of this software is
-granted under the terms of the GNU General Public License version 3 (GPLv3).
diff --git a/cdist/conf/type/__package_opkg/nonparallel b/cdist/conf/type/__package_opkg/nonparallel
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__package_opkg/parameter/default/state b/cdist/conf/type/__package_opkg/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__package_opkg/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__package_pacman/gencode-remote b/cdist/conf/type/__package_pacman/gencode-remote
index 02744fa8..2e076ec3 100755
--- a/cdist/conf/type/__package_pacman/gencode-remote
+++ b/cdist/conf/type/__package_pacman/gencode-remote
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/sh -e
#
# 2011-2012 Nico Schottelius (nico-cdist at schottelius.org)
#
@@ -31,11 +31,7 @@ else
name="$__object_id"
fi
-if [ -f "$__object/parameter/state" ]; then
- state_should="$(cat "$__object/parameter/state")"
-else
- state_should="present"
-fi
+state_should="$(cat "$__object/parameter/state")"
pkg_version="$(cat "$__object/explorer/pkg_version")"
if [ -z "$pkg_version" ]; then
@@ -49,10 +45,12 @@ fi
case "$state_should" in
present)
- echo pacman --needed --noconfirm --noprogressbar -S \"$name\"
+ echo "pacman --needed --noconfirm --noprogressbar -S '$name'"
+ echo "installed" >> "$__messages_out"
;;
absent)
- echo pacman --noconfirm --noprogressbar -R \"$name\"
+ echo "pacman --noconfirm --noprogressbar -R '$name'"
+ echo "removed" >> "$__messages_out"
;;
*)
echo "Unknown state: $state_should" >&2
diff --git a/cdist/conf/type/__package_pacman/man.rst b/cdist/conf/type/__package_pacman/man.rst
new file mode 100644
index 00000000..2686202d
--- /dev/null
+++ b/cdist/conf/type/__package_pacman/man.rst
@@ -0,0 +1,58 @@
+cdist-type__package_pacman(7)
+=============================
+
+NAME
+----
+cdist-type__package_pacman - Manage packages with pacman
+
+
+DESCRIPTION
+-----------
+Pacman is usually used on the Archlinux distribution to manage packages.
+
+
+REQUIRED PARAMETERS
+-------------------
+None
+
+
+OPTIONAL PARAMETERS
+-------------------
+name
+ If supplied, use the name and not the object id as the package name.
+
+state
+ Either "present" or "absent", defaults to "present"
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Ensure zsh in installed
+ __package_pacman zsh --state present
+
+ # If you don't want to follow pythonX packages, but always use python
+ __package_pacman python --state present --name python2
+
+ # Remove obsolete package
+ __package_pacman puppet --state absent
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__package`\ (7)
+
+
+AUTHORS
+-------
+Nico Schottelius
+
+
+COPYING
+-------
+Copyright \(C) 2011-2012 Nico Schottelius. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__package_pacman/man.text b/cdist/conf/type/__package_pacman/man.text
deleted file mode 100644
index 2e24ecd9..00000000
--- a/cdist/conf/type/__package_pacman/man.text
+++ /dev/null
@@ -1,54 +0,0 @@
-cdist-type__package_pacman(7)
-=============================
-Nico Schottelius
-
-
-NAME
-----
-cdist-type__package_pacman - Manage packages with pacman
-
-
-DESCRIPTION
------------
-Pacman is usually used on the Archlinux distribution to manage packages.
-
-
-REQUIRED PARAMETERS
--------------------
-None
-
-
-OPTIONAL PARAMETERS
--------------------
-name::
- If supplied, use the name and not the object id as the package name.
-
-state::
- Either "present" or "absent", defaults to "present"
-
-
-EXAMPLES
---------
-
---------------------------------------------------------------------------------
-# Ensure zsh in installed
-__package_pacman zsh --state present
-
-# If you don't want to follow pythonX packages, but always use python
-__package_pacman python --state present --name python2
-
-# Remove obsolete package
-__package_pacman puppet --state absent
---------------------------------------------------------------------------------
-
-
-SEE ALSO
---------
-- cdist-type(7)
-- cdist-type__package(7)
-
-
-COPYING
--------
-Copyright \(C) 2011-2012 Nico Schottelius. Free use of this software is
-granted under the terms of the GNU General Public License version 3 (GPLv3).
diff --git a/cdist/conf/type/__package_pacman/nonparallel b/cdist/conf/type/__package_pacman/nonparallel
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__package_pacman/parameter/default/state b/cdist/conf/type/__package_pacman/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__package_pacman/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__package_pip/gencode-remote b/cdist/conf/type/__package_pip/gencode-remote
old mode 100644
new mode 100755
index 3456ced2..dcc4fdf9
--- a/cdist/conf/type/__package_pip/gencode-remote
+++ b/cdist/conf/type/__package_pip/gencode-remote
@@ -1,6 +1,7 @@
-#!/bin/sh
+#!/bin/sh -e
#
# 2012 Nico Schottelius (nico-cdist at schottelius.org)
+# 2016 Darko Poljak (darko.poljak at gmail.com)
#
# This file is part of cdist.
#
@@ -22,11 +23,7 @@
#
state_is=$(cat "$__object/explorer/state")
-if [ -f "$__object/parameter/state" ]; then
- state_should="$(cat "$__object/parameter/state")"
-else
- state_should="present"
-fi
+state_should="$(cat "$__object/parameter/state")"
[ "$state_is" = "$state_should" ] && exit 0
@@ -44,12 +41,32 @@ else
pip="pip"
fi
+runasparam="$__object/parameter/runas"
+if [ -f "$runasparam" ]
+then
+ runas=$(cat "$runasparam")
+else
+ runas=""
+fi
+
case "$state_should" in
present)
- echo $pip install -q pyro
+ if [ "$runas" ]
+ then
+ echo "su -c '$pip install -q $name' $runas"
+ else
+ echo $pip install -q "$name"
+ fi
+ echo "installed" >> "$__messages_out"
;;
absent)
- echo $pip uninstall -q -y pyro
+ if [ "$runas" ]
+ then
+ echo "su -c '$pip uninstall -q -y $name' $runas"
+ else
+ echo $pip uninstall -q -y "$name"
+ fi
+ echo "removed" >> "$__messages_out"
;;
*)
echo "Unknown state: $state_should" >&2
diff --git a/cdist/conf/type/__package_pip/man.rst b/cdist/conf/type/__package_pip/man.rst
new file mode 100644
index 00000000..234ceee2
--- /dev/null
+++ b/cdist/conf/type/__package_pip/man.rst
@@ -0,0 +1,65 @@
+cdist-type__package_pip(7)
+==========================
+
+NAME
+----
+cdist-type__package_pip - Manage packages with pip
+
+
+DESCRIPTION
+-----------
+Pip is used in Python environments to install packages.
+It is also included in the python virtualenv environment.
+
+
+REQUIRED PARAMETERS
+-------------------
+None
+
+
+OPTIONAL PARAMETERS
+-------------------
+name
+ If supplied, use the name and not the object id as the package name.
+
+pip
+ Instead of using pip from PATH, use the specific pip path.
+
+state
+ Either "present" or "absent", defaults to "present"
+
+runas
+ Run pip as specified user. By default it runs as root.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Install a package
+ __package_pip pyro --state present
+
+ # Use pip in a virtualenv located at /root/shinken_virtualenv
+ __package_pip pyro --state present --pip /root/shinken_virtualenv/bin/pip
+
+ # Use pip in a virtualenv located at /foo/shinken_virtualenv as user foo
+ __package_pip pyro --state present --pip /foo/shinken_virtualenv/bin/pip --runas foo
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__package`\ (7)
+
+
+AUTHORS
+-------
+Nico Schottelius
+
+
+COPYING
+-------
+Copyright \(C) 2012 Nico Schottelius. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__package_pip/man.text b/cdist/conf/type/__package_pip/man.text
deleted file mode 100644
index 5f619871..00000000
--- a/cdist/conf/type/__package_pip/man.text
+++ /dev/null
@@ -1,55 +0,0 @@
-cdist-type__package_pip(7)
-==========================
-Nico Schottelius
-
-
-NAME
-----
-cdist-type__package_pip - Manage packages with pip
-
-
-DESCRIPTION
------------
-Pip is used in Python environments to install packages.
-It is also included in the python virtualenv environment.
-
-
-REQUIRED PARAMETERS
--------------------
-None
-
-
-OPTIONAL PARAMETERS
--------------------
-name::
- If supplied, use the name and not the object id as the package name.
-
-pip::
- Instead of using pip from PATH, use the specific pip path.
-
-state::
- Either "present" or "absent", defaults to "present"
-
-
-EXAMPLES
---------
-
---------------------------------------------------------------------------------
-# Install a package
-__package_pip pyro --state present
-
-# Use pip in a virtualenv located at /root/shinken_virtualenv
-__package_pip pyro --state present --pip /root/shinken_virtualenv/bin/pip
---------------------------------------------------------------------------------
-
-
-SEE ALSO
---------
-- cdist-type(7)
-- cdist-type__package(7)
-
-
-COPYING
--------
-Copyright \(C) 2012 Nico Schottelius. Free use of this software is
-granted under the terms of the GNU General Public License version 3 (GPLv3).
diff --git a/cdist/conf/type/__package_pip/nonparallel b/cdist/conf/type/__package_pip/nonparallel
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__package_pip/parameter/default/state b/cdist/conf/type/__package_pip/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__package_pip/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__package_pip/parameter/optional b/cdist/conf/type/__package_pip/parameter/optional
index f32876f7..d909e790 100644
--- a/cdist/conf/type/__package_pip/parameter/optional
+++ b/cdist/conf/type/__package_pip/parameter/optional
@@ -1,2 +1,4 @@
+name
pip
state
+runas
diff --git a/cdist/conf/type/__package_pkg_freebsd/explorer/pkg_version b/cdist/conf/type/__package_pkg_freebsd/explorer/pkg_version
index 1335ba79..0a1ab75c 100755
--- a/cdist/conf/type/__package_pkg_freebsd/explorer/pkg_version
+++ b/cdist/conf/type/__package_pkg_freebsd/explorer/pkg_version
@@ -30,7 +30,7 @@ fi
# Don't produce "no pkgs installed" output -- breaks things
PKG_OUTPUT=$(pkg_info 2>&1)
if [ ! "$PKG_OUTPUT" = "pkg_info: no packages installed" ]; then
- echo -n "$(echo "$PKG_OUTPUT" \
+ printf "%s" "$(echo "$PKG_OUTPUT" \
| awk '{print $1}' \
| sed 's/^\(.*\)-\([^-]*\)$/name:\1 ver:\2/g' \
| grep "name:$name ver:" \
diff --git a/cdist/conf/type/__package_pkg_freebsd/gencode-remote b/cdist/conf/type/__package_pkg_freebsd/gencode-remote
index 3f5ebde7..3f88f6bc 100755
--- a/cdist/conf/type/__package_pkg_freebsd/gencode-remote
+++ b/cdist/conf/type/__package_pkg_freebsd/gencode-remote
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/sh -e
#
# 2012 Jake Guffey (jake.guffey at eprotex.com)
#
@@ -33,12 +33,13 @@ assert () # If condition false,
lineno=$2
- if [ ! $1 ]
+ if [ ! "$1" ]
then
echo "Assertion failed: \"$1\""
+ # shellcheck disable=SC2039
echo "File \"$0\", line $lineno, called by $(caller 0)"
exit $E_ASSERT_FAILED
- fi
+ fi
}
# Debug
@@ -51,23 +52,10 @@ else
name="$__object_id"
fi
-if [ -f "$__object/parameter/flavor" ]; then
- flavor="$(cat "$__object/parameter/flavor")"
-fi
-
-if [ -f "$__object/parameter/version" ]; then
- version="$(cat "$__object/parameter/version")"
-fi
-
-if [ -f "$__object/parameter/pkgsite" ]; then
- pkgsite="$(cat "$__object/parameter/pkgsite")"
-fi
-
-if [ -f "$__object/parameter/state" ]; then
- state="$(cat "$__object/parameter/state")"
-else
- state="present"
-fi
+flavor="$(cat "$__object/parameter/flavor")"
+version="$(cat "$__object/parameter/version")"
+pkgsite="$(cat "$__object/parameter/pkgsite")"
+state="$(cat "$__object/parameter/state")"
curr_version="$(cat "$__object/explorer/pkg_version")"
add_cmd="pkg_add"
rm_cmd="pkg_delete"
@@ -79,7 +67,7 @@ cmd=""
# FIXME: This is ugly.
execcmd(){
# Set the PACKAGESITE if we're ADDing a new package
- if [ "$1" = "add" -a -n "$pkgsite" ]; then
+ if [ "$1" = "add" ] && [ -n "$pkgsite" ]; then
# Use http.../All/ if we know the exact version we want, use .../Latest/ otherwise
pkgsite="export PACKAGESITE=${pkgsite}"
[ -n "$version" ] && pkgsite="${pkgsite}/All/" || pkgsite="${pkgsite}/Latest/"
@@ -101,6 +89,7 @@ if [ -n "$curr_version" ]; then # PKG *is* installed
cmd="${rm_cmd} ${name}-${curr_version}"
fi
execcmd "remove" "${cmd}"
+ echo "removed" >> "$__messages_out"
exit 0
else # Should be installed
if [ -n "$version" ]; then # Want a specific version
@@ -108,11 +97,13 @@ if [ -n "$curr_version" ]; then # PKG *is* installed
exit 0
else # Current version is wrong, fix
#updatepkg "$name" "$version"
+ # shellcheck disable=SC2039
assert "! ${version} = ${curr_version}" $LINENO
cmd="${rm_cmd} ${name}-${curr_version}"
execcmd "remove" "${cmd}"
cmd="${add_cmd} -r ${name}-${version}"
execcmd "add" "${cmd}"
+ echo "installed" >> "$__messages_out"
fi
else # Don't care what version to use
exit 0
@@ -131,6 +122,7 @@ else # PKG *isn't* installed
cmd="${cmd}-${version}"
fi
execcmd "add" "${cmd}"
+ echo "installed" >> "$__messages_out"
exit 0
fi
fi
diff --git a/cdist/conf/type/__package_pkg_freebsd/man.rst b/cdist/conf/type/__package_pkg_freebsd/man.rst
new file mode 100644
index 00000000..b06c7faf
--- /dev/null
+++ b/cdist/conf/type/__package_pkg_freebsd/man.rst
@@ -0,0 +1,70 @@
+cdist-type__package_pkg_freebsd(7)
+==================================
+
+NAME
+----
+cdist-type__package_pkg_freebsd - Manage FreeBSD packages
+
+
+DESCRIPTION
+-----------
+This type is usually used on FreeBSD to manage packages.
+
+
+REQUIRED PARAMETERS
+-------------------
+None
+
+
+OPTIONAL PARAMETERS
+-------------------
+name
+ If supplied, use the name and not the object id as the package name.
+
+flavor
+ If supplied, use to avoid ambiguity.
+
+version
+ If supplied, use to install a specific version of the package named.
+
+pkgsite
+ If supplied, use to install from a specific package repository.
+
+state
+ Either "present" or "absent", defaults to "present"
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Ensure zsh is installed
+ __package_pkg_freebsd zsh --state present
+
+ # Ensure vim is installed, use flavor no_x11
+ __package_pkg_freebsd vim --state present --flavor no_x11
+
+ # If you don't want to follow pythonX packages, but always use python
+ __package_pkg_freebsd python --state present --name python2
+
+ # Remove obsolete package
+ __package_pkg_freebsd puppet --state absent
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__package`\ (7)
+
+
+AUTHORS
+-------
+Jake Guffey
+
+
+COPYING
+-------
+Copyright \(C) 2012 Jake Guffey. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__package_pkg_freebsd/man.text b/cdist/conf/type/__package_pkg_freebsd/man.text
deleted file mode 100644
index 71387148..00000000
--- a/cdist/conf/type/__package_pkg_freebsd/man.text
+++ /dev/null
@@ -1,66 +0,0 @@
-cdist-type__package_pkg_freebsd(7)
-==================================
-Jake Guffey
-
-
-NAME
-----
-cdist-type__package_pkg_freebsd - Manage FreeBSD packages
-
-
-DESCRIPTION
------------
-This type is usually used on FreeBSD to manage packages.
-
-
-REQUIRED PARAMETERS
--------------------
-None
-
-
-OPTIONAL PARAMETERS
--------------------
-name::
- If supplied, use the name and not the object id as the package name.
-
-flavor::
- If supplied, use to avoid ambiguity.
-
-version::
- If supplied, use to install a specific version of the package named.
-
-pkgsite::
- If supplied, use to install from a specific package repository.
-
-state::
- Either "present" or "absent", defaults to "present"
-
-
-EXAMPLES
---------
-
---------------------------------------------------------------------------------
-# Ensure zsh is installed
-__package_pkg_freebsd zsh --state present
-
-# Ensure vim is installed, use flavor no_x11
-__package_pkg_freebsd vim --state present --flavor no_x11
-
-# If you don't want to follow pythonX packages, but always use python
-__package_pkg_freebsd python --state present --name python2
-
-# Remove obsolete package
-__package_pkg_freebsd puppet --state absent
---------------------------------------------------------------------------------
-
-
-SEE ALSO
---------
-- cdist-type(7)
-- cdist-type__package(7)
-
-
-COPYING
--------
-Copyright \(C) 2012 Jake Guffey. Free use of this software is
-granted under the terms of the GNU General Public License version 3 (GPLv3).
diff --git a/cdist/conf/type/__package_pkg_freebsd/nonparallel b/cdist/conf/type/__package_pkg_freebsd/nonparallel
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__package_pkg_freebsd/parameter/default/flavor b/cdist/conf/type/__package_pkg_freebsd/parameter/default/flavor
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__package_pkg_freebsd/parameter/default/pkgsite b/cdist/conf/type/__package_pkg_freebsd/parameter/default/pkgsite
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__package_pkg_freebsd/parameter/default/state b/cdist/conf/type/__package_pkg_freebsd/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__package_pkg_freebsd/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__package_pkg_freebsd/parameter/default/version b/cdist/conf/type/__package_pkg_freebsd/parameter/default/version
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__package_pkg_openbsd/explorer/has_installurl b/cdist/conf/type/__package_pkg_openbsd/explorer/has_installurl
new file mode 100755
index 00000000..68337cbb
--- /dev/null
+++ b/cdist/conf/type/__package_pkg_openbsd/explorer/has_installurl
@@ -0,0 +1,36 @@
+#!/bin/sh
+#
+# Copyright 2017, Philippe Gregoire
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+#
+# Retrieve the installurl(5), as introduced in OpenBSD 6.1
+#
+# As of 6.1, the file is supposed to contained a single line
+# with the URL used to install from during install or upgrade.
+#
+# Allow for expansion and take the first non-commented (#) line.
+#
+
+if [ -f /etc/installurl ]; then
+ printf 'yes'
+else
+ printf 'no'
+fi
+
+exit 0
diff --git a/cdist/conf/type/__package_pkg_openbsd/explorer/pkg_state b/cdist/conf/type/__package_pkg_openbsd/explorer/pkg_state
new file mode 100755
index 00000000..9cd17787
--- /dev/null
+++ b/cdist/conf/type/__package_pkg_openbsd/explorer/pkg_state
@@ -0,0 +1,49 @@
+#!/bin/sh
+#
+# Copyright 2018, Takashi Yoshi
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# Retrieve the status of a package - parsed pkg_info output
+#
+
+if [ -f "${__object}/parameter/name" ]
+then
+ pkgid="$(cat "${__object}/parameter/name")"
+else
+ pkgid="${__object_id}"
+fi
+
+if [ -f "${__object}/parameter/version" ]
+then
+ pkgid="${pkgid}-$(cat "${__object}/parameter/version")"
+fi
+
+if [ -f "${__object}/parameter/flavor" ]
+then
+ # If a flavor but no version is given we need to add another -,
+ # otherwise pkg_info confuses the flavor with the version.
+ [ -f "${__object}/parameter/version" ] || pkgid="${pkgid}-"
+
+ pkgid="${pkgid}-$(cat "${__object}/parameter/flavor")"
+fi
+
+
+pkg_info -q -I "inst:${pkgid}" >/dev/null 2>&1 \
+ && echo 'present' || echo 'absent'
+
+exit 0
diff --git a/cdist/conf/type/__package_pkg_openbsd/gencode-remote b/cdist/conf/type/__package_pkg_openbsd/gencode-remote
index 1df87997..5a21ce12 100755
--- a/cdist/conf/type/__package_pkg_openbsd/gencode-remote
+++ b/cdist/conf/type/__package_pkg_openbsd/gencode-remote
@@ -1,7 +1,8 @@
-#!/bin/sh
+#!/bin/sh -e
#
# 2011 Andi Brönnimann (andi-cdist at v-net.ch)
# 2012 Nico Schottelius (nico-cdist at schottelius.org)
+# 2018 Takashi Yoshi
#
# This file is part of cdist.
#
@@ -22,73 +23,96 @@
# Manage packages with pkg on OpenBSD
#
-# Debug
-# exec >&2
-# set -x
+os_version=$(cat "${__global}/explorer/os_version")
+machine=$(cat "${__global}/explorer/machine")
-os_version="$(cat "$__global/explorer/os_version")"
-machine="$(cat "$__global/explorer/machine")"
-
-if [ -f "$__object/parameter/flavor" ]; then
- flavor="$(cat "$__object/parameter/flavor")"
+if [ -f "${__object}/parameter/version" ]; then
+ version=$(cat "${__object}/parameter/version")
fi
-# do not show progress bar
-pkgopts="-x"
+if [ -f "${__object}/parameter/flavor" ]; then
+ flavor=$(cat "${__object}/parameter/flavor")
+fi
-if [ -f "$__object/parameter/name" ]; then
- name="$__object/parameter/name"
+# Do not show progress bar
+pkgopts='-x'
+
+name="${__object_id}"
+if [ -f "${__object}/parameter/name" ]; then
+ name=$(cat "${__object}/parameter/name")
+fi
+
+if [ -n "${version}" ] && [ -n "${flavor}" ]; then
+ pkgid="${name}-${version}-${flavor}"
+elif [ -n "${version}" ]; then
+ pkgid="${name}-${version}"
+elif [ -f "${__object}/parameter/flavor" ]; then
+ pkgid="${name}--${flavor}"
else
- name="$__object_id"
+ pkgid="${name}"
fi
-if [ -f "$__object/parameter/state" ]; then
- state_should="$(cat "$__object/parameter/state")"
+state_should=$(cat "${__object}/parameter/state")
+
+if [ -f "${__object}/parameter/pkg_path" ]; then
+ pkg_path=$(cat "${__object}/parameter/pkg_path")
else
- state_should="present"
+ has_installurl=$(cat "${__object}/explorer/has_installurl")
+ if [ 'yes' != "${has_installurl}" ]; then
+ # There is no default PKG_PATH, try to provide one
+ pkg_path="ftp://ftp.openbsd.org/pub/OpenBSD/${os_version}/packages/${machine}/"
+ fi
fi
-pkg_version="$(cat "$__object/explorer/pkg_version")"
+state_is=$(cat "${__object}/explorer/pkg_state")
+[ "${state_is}" = "${state_should}" ] && exit 0
-# TODO: Shouldn't be hardcoded
-echo export PKG_PATH=ftp://ftp.openbsd.org/pub/OpenBSD/$os_version/packages/$machine/
+case "${state_should}" in
+ present)
+ if [ -n "${pkg_path}" ]; then
+ echo "export PKG_PATH='${pkg_path}'"
+ fi
-if [ "$pkg_version" ]; then
- state_is="present"
-else
- state_is="absent"
-fi
+ # Use this because pkg_add doesn't properly handle errors
+ cat <&1 || true)
-[ "$state_is" = "$state_should" ] && exit 0
+if ! pkg_info -q -I 'inst:${pkgid}' | grep -q '^${name}-${version}.*${flavor}$' 2>/dev/null
+then
+ # We didn't find the package in the list of 'installed packages', so it failed.
+ # This is necessary because pkg_add doesn't return properly
-case "$state_should" in
- present)
- # use this because pkg_add doesn't properly handle errors
- cat << eof
-status=\$(pkg_add "$pkgopts" "$name--$flavor")
-
-# no error
-if [ -n "\$status" ]; then
- echo "Error: \$status"
+ if [ -z "\${status}" ]; then
+ status='Failed to add package, uncaught exception.'
+ fi
+ echo "Error: \${status}" >&2
exit 1
fi
-eof
- ;;
+EOF
+ echo 'installed' >> "${__messages_out}"
+ ;;
- absent)
- # use this because pkg_add doesn't properly handle errors
- cat << eof
-status=\$(pkg_delete "$pkgopts" "$name--$flavor")
+ absent)
+ # Use this because pkg_delete doesn't properly handle errors
+ cat <&1 || true)
-# no error
-if [ -n "\$status" ]; then
- echo "Error: \$status"
- exit 1
+if pkg_info -q -I 'inst:${pkgid}' | grep -q '^${name}-${version}.*${flavor}' 2>/dev/null
+then
+ # We found the package in the list of 'installed packages'.
+ # This would indicate that pkg_delete failed, send the output of pkg_delete
+
+ if [ -z "\${status}" ]; then
+ status='Failed to remove package, uncaught exception.'
+ fi
+ echo "Error: \${status}" >&2
+ exit 1
fi
-eof
- ;;
- *)
- echo "Unknown state: $state_should" >&2
+EOF
+ echo 'removed' >> "${__messages_out}"
+ ;;
+ *)
+ echo "Unknown state: ${state_should}" >&2
exit 1
- ;;
+ ;;
esac
diff --git a/cdist/conf/type/__package_pkg_openbsd/man.rst b/cdist/conf/type/__package_pkg_openbsd/man.rst
new file mode 100644
index 00000000..dcfd0719
--- /dev/null
+++ b/cdist/conf/type/__package_pkg_openbsd/man.rst
@@ -0,0 +1,71 @@
+cdist-type__package_pkg(7)
+==========================
+
+NAME
+----
+cdist-type__package_pkg - Manage OpenBSD packages
+
+
+DESCRIPTION
+-----------
+This type is usually used on OpenBSD to manage packages.
+
+
+REQUIRED PARAMETERS
+-------------------
+None
+
+
+OPTIONAL PARAMETERS
+-------------------
+name
+ If supplied, use the name and not the object id as the package name.
+
+flavor
+ If supplied, use to avoid ambiguity.
+
+version
+ If supplied, use to avoid ambiguity.
+
+state
+ Either "present" or "absent", defaults to "present"
+
+pkg_path
+ Manually specify a PKG_PATH to add packages from.
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Ensure zsh is installed
+ __package_pkg_openbsd zsh --state present
+
+ # Ensure vim is installed, use flavor no_x11
+ __package_pkg_openbsd vim --state present --flavor no_x11
+
+ # If you don't want to follow pythonX packages, but always use python
+ __package_pkg_openbsd python --state present --name python2
+
+ # Remove obsolete package
+ __package_pkg_openbsd puppet --state absent
+
+ # Add a package using a particular mirror
+ __package_pkg_openbsd bash \
+ --pkg_path http://openbsd.mirrorcatalogs.com/snapshots/packages/amd64
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__package`\ (7)
+
+
+AUTHORS
+-------
+Andi Brönnimann
+
+
+COPYING
+-------
+Copyright \(C) 2011 Andi Brönnimann. Free use of this software is
+granted under the terms of the GNU General Public License version 3 (GPLv3).
diff --git a/cdist/conf/type/__package_pkg_openbsd/man.text b/cdist/conf/type/__package_pkg_openbsd/man.text
deleted file mode 100644
index f523a892..00000000
--- a/cdist/conf/type/__package_pkg_openbsd/man.text
+++ /dev/null
@@ -1,60 +0,0 @@
-cdist-type__package_pkg(7)
-==========================
-Andi Brönnimann
-
-
-NAME
-----
-cdist-type__package_pkg_openbsd - Manage OpenBSD packages
-
-
-DESCRIPTION
------------
-This type is usually used on OpenBSD to manage packages.
-
-
-REQUIRED PARAMETERS
--------------------
-None
-
-
-OPTIONAL PARAMETERS
--------------------
-name::
- If supplied, use the name and not the object id as the package name.
-
-flavor::
- If supplied, use to avoid ambiguity.
-
-state::
- Either "present" or "absent", defaults to "present"
-
-
-EXAMPLES
---------
-
---------------------------------------------------------------------------------
-# Ensure zsh is installed
-__package_pkg_openbsd zsh --state present
-
-# Ensure vim is installed, use flavor no_x11
-__package_pkg_openbsd vim --state present --flavor no_x11
-
-# If you don't want to follow pythonX packages, but always use python
-__package_pkg_openbsd python --state present --name python2
-
-# Remove obsolete package
-__package_pkg_openbsd puppet --state absent
---------------------------------------------------------------------------------
-
-
-SEE ALSO
---------
-- cdist-type(7)
-- cdist-type__package(7)
-
-
-COPYING
--------
-Copyright \(C) 2011 Andi Brönnimann. Free use of this software is
-granted under the terms of the GNU General Public License version 3 (GPLv3).
diff --git a/cdist/conf/type/__package_pkg_openbsd/nonparallel b/cdist/conf/type/__package_pkg_openbsd/nonparallel
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__package_pkg_openbsd/parameter/default/state b/cdist/conf/type/__package_pkg_openbsd/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__package_pkg_openbsd/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__package_pkg_openbsd/parameter/optional b/cdist/conf/type/__package_pkg_openbsd/parameter/optional
index 77fd22b3..6a5f9277 100644
--- a/cdist/conf/type/__package_pkg_openbsd/parameter/optional
+++ b/cdist/conf/type/__package_pkg_openbsd/parameter/optional
@@ -1,3 +1,5 @@
name
+version
flavor
state
+pkg_path
diff --git a/cdist/conf/type/__package_pkgng_freebsd/explorer/pkg_version b/cdist/conf/type/__package_pkgng_freebsd/explorer/pkg_version
new file mode 100755
index 00000000..92ce0623
--- /dev/null
+++ b/cdist/conf/type/__package_pkgng_freebsd/explorer/pkg_version
@@ -0,0 +1,37 @@
+#!/bin/sh
+#
+# 2014 Jake Guffey (jake.guffey at eprotex.com)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# Retrieve the status of a package - parsed dpkg output
+#
+
+if [ -f "$__object/parameter/name" ]; then
+ name="$(cat "$__object/parameter/name")"
+else
+ name="$__object_id"
+fi
+
+# Don't produce "no pkgs installed" output -- breaks things
+PKG_OUTPUT=$(pkg info 2>&1)
+printf "%s" "$(echo "$PKG_OUTPUT" \
+ | awk '{print $1}' \
+ | sed 's/^\(.*\)-\([^-]*\)$/name:\1 ver:\2/g' \
+ | grep "name:$name ver:" \
+ | sed 's/^.*ver:\(.*\)/\1/g')"
+
diff --git a/cdist/conf/type/__package_pkgng_freebsd/gencode-remote b/cdist/conf/type/__package_pkgng_freebsd/gencode-remote
new file mode 100755
index 00000000..dd36efda
--- /dev/null
+++ b/cdist/conf/type/__package_pkgng_freebsd/gencode-remote
@@ -0,0 +1,130 @@
+#!/bin/sh -e
+#
+# 2014 Jake Guffey (jake.guffey at eprotex.com)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# Manage packages with pkg on FreeBSD
+#
+
+# Debug
+#exec >&2
+#set -x
+
+if [ -f "$__object/parameter/name" ]; then
+ name="$(cat "$__object/parameter/name")"
+else
+ name="$__object_id"
+fi
+
+flavor="$(cat "$__object/parameter/flavor")"
+version="$(cat "$__object/parameter/version")"
+
+if [ -f "$__object/parameter/upgrade" ]; then
+ upgrade="true"
+else
+ upgrade="false"
+fi
+
+repo="$(cat "$__object/parameter/repo")"
+state="$(cat "$__object/parameter/state")"
+curr_version="$(cat "$__object/explorer/pkg_version")"
+add_cmd="pkg install -y"
+rm_cmd="pkg delete -y"
+upg_cmd="pkg upgrade -y"
+cmd=""
+
+# Print the command to be executed
+# Parms: $1 -- mode, "rm", "add", or "upg"
+# $2 -- the command to be echoed
+execcmd(){
+ _cmd=""
+
+ case "$1" in
+ add)
+ _cmd="${add_cmd} $2"
+ echo "installed" >> "$__messages_out"
+ ;;
+ rm)
+ _cmd="${rm_cmd} $2"
+ echo "removed" >> "$__messages_out"
+ ;;
+ upg)
+ _cmd="${upg_cmd} $2"
+ echo "installed" >> "$__messages_out"
+ ;;
+ *)
+ printf "Error. Don't understand command: %s" "$1" >&2
+ exit 1
+ ;;
+ esac
+
+ echo "$_cmd >/dev/null 2>&1" # Silence the output of the command
+ echo "status=\$?"
+ echo "if [ \"\$status\" -ne \"0\" ]; then"
+ echo " echo \"Error: ${_cmd} exited nonzero with \$status\"'!' >&2"
+ echo " exit 1"
+ echo "fi"
+}
+
+if [ -n "$curr_version" ]; then # PKG *is* installed
+ if [ -n "$repo" ]; then
+ cmd="-r ${repo} ${name}"
+ else
+ cmd="${name}"
+ fi
+ if [ -n "$flavor" ]; then
+ cmd="${cmd}-${flavor}"
+ fi
+ # PKG is supposed to be removed
+ if [ "$state" = "absent" ]; then
+ execcmd "rm" "${cmd}"
+ # PKG is supposed to be installed to a particular version
+ elif [ -n "$version" ] && [ "$version" != "$curr_version" ]; then
+ if [ "$upgrade" = "true" ]; then
+ execcmd "upg" "${cmd}"
+ else
+ printf 'Version %s is already installed and pkg-ng cannot upgrade directly to version %s.\nTo upgrade to the latest version, use the --upgrade flag.\n' "$curr_version" "$version" >&2
+ exit 1
+ fi
+ # PKG is supposed to be installed to the latest version
+ else
+ : # Do nothing.
+ fi
+else # PKG *isn't* installed
+ if [ "$state" = "absent" ]; then # Shouldn't be installed
+ exit 0
+ else # Should be installed
+ if [ -n "$repo" ]; then
+ cmd="-r ${repo} ${name}"
+ else
+ cmd="${name}"
+ fi
+ if [ -n "$flavor" ]; then
+ cmd="${cmd}-${flavor}"
+ fi
+ if [ -n "$version" ]; then
+ cmd="${cmd}-${version}"
+ fi
+
+ execcmd "add" "$cmd"
+ exit 0
+ fi
+fi
+
+# Debug
+#set +x
diff --git a/cdist/conf/type/__package_pkgng_freebsd/man.rst b/cdist/conf/type/__package_pkgng_freebsd/man.rst
new file mode 100644
index 00000000..251e2c5f
--- /dev/null
+++ b/cdist/conf/type/__package_pkgng_freebsd/man.rst
@@ -0,0 +1,101 @@
+cdist-type__package_pkgng_freebsd(7)
+====================================
+
+NAME
+----
+cdist-type__package_pkgng_freebsd - Manage FreeBSD packages with pkg-ng
+
+
+DESCRIPTION
+-----------
+This type is usually used on FreeBSD to manage packages.
+
+
+REQUIRED PARAMETERS
+-------------------
+None
+
+
+OPTIONAL PARAMETERS
+-------------------
+name
+ If supplied, use the name and not the object id as the package name.
+
+flavor
+ If supplied, use to avoid ambiguity.
+
+version
+ If supplied, use to install a specific version of the package named.
+
+repo
+ If supplied, use to install the package named from a particular repo.
+
+state
+ Either "present" or "absent", defaults to "present"
+
+
+BOOLEAN PARAMETERS
+------------------
+upgrade
+ If supplied, allow upgrading to the latest version of a package.
+
+
+CAVEATS
+-------
+This type requires that repository definitions already exist in /etc/pkg/\*.conf.
+Ensure that they exist prior to use of this type with __file.
+
+pkg-ng can't upgrade a package to a specific version. If this type needs to
+upgrade a package, it can only ugprade to the latest available version. If the
+"upgrade" parameter is not given and an upgrade needs to occur, an error will result.
+
+
+MESSAGES
+--------
+install
+ The package was installed
+remove
+ The package was removed
+upgrade
+ The package was upgraded
+exist
+ The package was already present and thus not installed
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Ensure zsh is installed
+ __package_pkgng_freebsd zsh --state present
+
+ # Ensure vim is installed, use flavor no_x11
+ __package_pkgng_freebsd vim --state present --flavor no_x11
+
+ # If you don't want to follow pythonX packages, but always use python
+ __package_pkgng_freebsd python --state present --name python2
+
+ # Install a package from a particular repository when multiples exist
+ __package_pkgng_freebsd bash --state present --repo myrepo
+
+ # Remove obsolete package
+ __package_pkgng_freebsd puppet --state absent
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__package`\ (7)
+
+
+AUTHORS
+-------
+Jake Guffey
+
+
+COPYING
+-------
+Copyright \(C) 2014 Jake Guffey. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__package_pkgng_freebsd/nonparallel b/cdist/conf/type/__package_pkgng_freebsd/nonparallel
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__package_pkgng_freebsd/parameter/boolean b/cdist/conf/type/__package_pkgng_freebsd/parameter/boolean
new file mode 100644
index 00000000..007ead00
--- /dev/null
+++ b/cdist/conf/type/__package_pkgng_freebsd/parameter/boolean
@@ -0,0 +1 @@
+upgrade
\ No newline at end of file
diff --git a/cdist/conf/type/__package_pkgng_freebsd/parameter/default/flavor b/cdist/conf/type/__package_pkgng_freebsd/parameter/default/flavor
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__package_pkgng_freebsd/parameter/default/repo b/cdist/conf/type/__package_pkgng_freebsd/parameter/default/repo
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__package_pkgng_freebsd/parameter/default/state b/cdist/conf/type/__package_pkgng_freebsd/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__package_pkgng_freebsd/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__package_pkgng_freebsd/parameter/default/version b/cdist/conf/type/__package_pkgng_freebsd/parameter/default/version
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__package_pkgng_freebsd/parameter/optional b/cdist/conf/type/__package_pkgng_freebsd/parameter/optional
new file mode 100644
index 00000000..6e67f838
--- /dev/null
+++ b/cdist/conf/type/__package_pkgng_freebsd/parameter/optional
@@ -0,0 +1,5 @@
+name
+flavor
+version
+repo
+state
diff --git a/cdist/conf/type/__package_rubygem/gencode-remote b/cdist/conf/type/__package_rubygem/gencode-remote
index 6256e308..abb40653 100755
--- a/cdist/conf/type/__package_rubygem/gencode-remote
+++ b/cdist/conf/type/__package_rubygem/gencode-remote
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/sh -e
#
# 2011 Chase Allen James
#
@@ -27,11 +27,7 @@ else
name="$__object_id"
fi
-if [ -f "$__object/parameter/state" ]; then
- state_should="$(cat "$__object/parameter/state")"
-else
- state_should="present"
-fi
+state_should="$(cat "$__object/parameter/state")"
if grep -q true "$__object/explorer/pkg_status"; then
state_is="present"
@@ -43,10 +39,12 @@ fi
case "$state_should" in
present)
- echo gem install \"$name\" --no-ri --no-rdoc
+ echo "gem install '$name' --no-ri --no-rdoc"
+ echo "installed" >> "$__messages_out"
;;
absent)
- echo gem uninstall \"$name\"
+ echo "gem uninstall '$name'"
+ echo "removed" >> "$__messages_out"
;;
*)
echo "Unknown state: $state_should" >&2
diff --git a/cdist/conf/type/__package_rubygem/man.text b/cdist/conf/type/__package_rubygem/man.rst
similarity index 53%
rename from cdist/conf/type/__package_rubygem/man.text
rename to cdist/conf/type/__package_rubygem/man.rst
index a808c2aa..96ad21f7 100644
--- a/cdist/conf/type/__package_rubygem/man.text
+++ b/cdist/conf/type/__package_rubygem/man.rst
@@ -1,7 +1,5 @@
cdist-type__package_rubygem(7)
==============================
-Chase Allen James
-
NAME
----
@@ -20,32 +18,39 @@ None
OPTIONAL PARAMETERS
-------------------
-name::
+name
If supplied, use the name and not the object id as the package name.
-state::
+state
Either "present" or "absent", defaults to "present"
EXAMPLES
--------
---------------------------------------------------------------------------------
-# Ensure sinatra is installed
-__package_rubygem sinatra --state present
+.. code-block:: sh
-# Remove package
-__package_rubygem rails --state absent
---------------------------------------------------------------------------------
+ # Ensure sinatra is installed
+ __package_rubygem sinatra --state present
+
+ # Remove package
+ __package_rubygem rails --state absent
SEE ALSO
--------
-- cdist-type(7)
-- cdist-type__package(7)
+:strong:`cdist-type__package`\ (7)
+
+
+AUTHORS
+-------
+Chase Allen James
COPYING
-------
-Copyright \(C) 2011 Chase Allen James. Free use of this software is
-granted under the terms of the GNU General Public License version 3 (GPLv3).
+
+Copyright \(C) 2011 Chase Allen James. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__package_rubygem/nonparallel b/cdist/conf/type/__package_rubygem/nonparallel
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__package_rubygem/parameter/default/state b/cdist/conf/type/__package_rubygem/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__package_rubygem/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__package_update_index/explorer/currage b/cdist/conf/type/__package_update_index/explorer/currage
new file mode 100644
index 00000000..cfb778d5
--- /dev/null
+++ b/cdist/conf/type/__package_update_index/explorer/currage
@@ -0,0 +1,43 @@
+#!/bin/sh
+#
+# 2018 Thomas Eckert (tom at it-eckert.de)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+
+type="$("$__type_explorer/type")"
+
+case "$type" in
+ apt)
+ if [ -f "/var/cache/apt/pkgcache.bin" ]; then
+ echo $(($(date +"%s")-$(stat --format '%Y' /var/cache/apt/pkgcache.bin)))
+ else
+ echo 0
+ fi
+ ;;
+ pacman)
+ if [ -d "/var/lib/pacman/sync" ]; then
+ echo $(($(date +"%s")-$(stat --format '%Y' /var/lib/pacman/sync)))
+ else
+ echo 0
+ fi
+ ;;
+ alpine)
+ echo 0
+ ;;
+ *) echo "Your specified type ($type) is currently not supported." >&2
+ echo "Please contribute an implementation for it if you can." >&2
+ ;;
+esac
diff --git a/cdist/conf/type/__package_update_index/explorer/type b/cdist/conf/type/__package_update_index/explorer/type
new file mode 100644
index 00000000..c98e1e67
--- /dev/null
+++ b/cdist/conf/type/__package_update_index/explorer/type
@@ -0,0 +1,35 @@
+#!/bin/sh
+#
+# 2018 Stu Zhao (z12y12l12 at gmail.com)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+
+if [ -f "$__object/parameter/type" ]; then
+ cat "$__object/parameter/type"
+else
+ # By default determine package manager based on operating system
+ os="$("$__explorer/os")"
+ case "$os" in
+ amazon|scientific|centos|fedora|redhat) echo "yum" ;;
+ debian|ubuntu|devuan) echo "apt" ;;
+ archlinux) echo "pacman" ;;
+ alpine) echo "apk" ;;
+ *)
+ echo "Don't know how to manage packages on: $os" >&2
+ exit 1
+ ;;
+ esac
+fi
diff --git a/cdist/conf/type/__package_update_index/gencode-remote b/cdist/conf/type/__package_update_index/gencode-remote
new file mode 100755
index 00000000..9b2ecba2
--- /dev/null
+++ b/cdist/conf/type/__package_update_index/gencode-remote
@@ -0,0 +1,58 @@
+#!/bin/sh -e
+#
+# 2014 Ricardo Catalinas Jiménez (jimenezrick at gmail.com)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# Update the package index with the appropriate package manager
+#
+
+type=$(cat "$__object/explorer/type")
+currage="$(cat "$__object/explorer/currage")"
+if [ -f "$__object/parameter/maxage" ]; then
+ maxage="$(cat "$__object/parameter/maxage")"
+fi
+
+if [ -n "$maxage" ]; then
+ if [ "$type" != "apt" ] && [ "$type" != "pacman" ]; then
+ echo "ERROR: \"--maxage\" only supported for \"apt\" or \"pacman\" pkg-manager." >&2
+ exit 1
+ elif [ "$currage" -lt "$maxage" ]; then
+ exit 0 # no need to update
+ fi
+fi
+
+
+case "$type" in
+ yum) ;;
+ apt)
+ echo "apt-get --quiet update"
+ echo "apt-cache updated (age was: $currage)" >> "$__messages_out"
+ ;;
+ pacman)
+ echo "pacman --noprogressbar --sync --refresh"
+ echo "pacman package database synced (age was: $currage)" >> "$__messages_out"
+ ;;
+ alpine)
+ echo "apk update"
+ echo "apk package database updated."
+ ;;
+ *)
+ echo "Don't know how to manage packages for type: $type" >&2
+ exit 1
+ ;;
+esac
diff --git a/cdist/conf/type/__package_update_index/man.rst b/cdist/conf/type/__package_update_index/man.rst
new file mode 100644
index 00000000..3cd787b9
--- /dev/null
+++ b/cdist/conf/type/__package_update_index/man.rst
@@ -0,0 +1,71 @@
+cdist-type__package_update_index(7)
+===================================
+
+NAME
+----
+cdist-type__update_index - Update the package index
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to update the package index on the target.
+It will automatically use the appropriate package manager.
+
+
+REQUIRED PARAMETERS
+-------------------
+None
+
+
+OPTIONAL PARAMETERS
+-------------------
+type
+ The package manager to use. Default is determined based on the $os
+ explorer variable.
+ e.g.
+ * apt for Debian
+ * yum for Red Hat
+ * pacman for Arch Linux
+
+maxage
+ Available for package manager apt and pacman, max time in seconds since
+ last update. Repo update is skipped if maxage is not reached yet.
+
+MESSAGES
+--------
+apt-cache updated (age was: currage)
+ apt-cache was updated (run of `apt-get update`). `currage` is the time
+ in seconds since the previous run.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Update the package index on the target
+ __package_update_index
+
+ # Force use of a specific package manager
+ __package_update_index --type apt
+
+ # Only update every hour:
+ __package_update_index --maxage 3600 --type apt
+
+ # same as above (on apt-type systems):
+ __package_update_index --maxage 3600
+
+AUTHORS
+-------
+| Ricardo Catalinas Jiménez
+| Thomas Eckert
+| Stu Zhao
+
+
+COPYING
+-------
+
+Copyright \(C) 2014 Ricardo Catalinas Jiménez. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__package_update_index/nonparallel b/cdist/conf/type/__package_update_index/nonparallel
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__package_update_index/parameter/optional b/cdist/conf/type/__package_update_index/parameter/optional
new file mode 100644
index 00000000..7a0be716
--- /dev/null
+++ b/cdist/conf/type/__package_update_index/parameter/optional
@@ -0,0 +1,2 @@
+type
+maxage
diff --git a/cdist/conf/type/__package_update_index/singleton b/cdist/conf/type/__package_update_index/singleton
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__package_upgrade_all/gencode-remote b/cdist/conf/type/__package_upgrade_all/gencode-remote
new file mode 100755
index 00000000..38aa001e
--- /dev/null
+++ b/cdist/conf/type/__package_upgrade_all/gencode-remote
@@ -0,0 +1,73 @@
+#!/bin/sh -e
+#
+# 2014 Ricardo Catalinas Jiménez (jimenezrick at gmail.com)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# Upgrade all the already installed packages with the appropriate package
+# manager
+#
+
+type="$__object/parameter/type"
+
+apt_clean="$__object/parameter/apt-clean"
+
+apt_dist_upgrade="$__object/parameter/apt-dist-upgrade"
+
+if [ -f "$type" ]; then
+ type="$(cat "$type")"
+else
+ # By default determine package manager based on operating system
+ os="$(cat "$__global/explorer/os")"
+ case "$os" in
+ amazon|scientific|centos|fedora|redhat) type="yum" ;;
+ debian|ubuntu|devuan) type="apt" ;;
+ archlinux) type="pacman" ;;
+ *)
+ echo "Don't know how to manage packages on: $os" >&2
+ exit 1
+ ;;
+ esac
+fi
+
+aptget="DEBIAN_FRONTEND=noninteractive apt-get --quiet --yes --no-install-recommends -o Dpkg::Options::=\"--force-confdef\" -o Dpkg::Options::=\"--force-confold\""
+
+case "$type" in
+ yum)
+ echo "yum --quiet --assumeyes update"
+ echo "yum --quiet clean all"
+ ;;
+ apt)
+ if [ -f "$apt_dist_upgrade" ]
+ then echo "$aptget dist-upgrade"
+ else echo "$aptget upgrade"
+ fi
+
+ if [ -f "$apt_clean" ]
+ then echo "apt-get --quiet clean"
+ else echo "apt-get --quiet autoclean"
+ fi
+ ;;
+ pacman)
+ echo "pacman --noprogressbar --noconfirm --sync --sysupgrade"
+ echo "pacman --noprogressbar --noconfirm --sync --clean"
+ ;;
+ *)
+ echo "Don't know how to manage packages on: $os" >&2
+ exit 1
+ ;;
+esac
diff --git a/cdist/conf/type/__package_upgrade_all/man.rst b/cdist/conf/type/__package_upgrade_all/man.rst
new file mode 100644
index 00000000..e9e2b8ce
--- /dev/null
+++ b/cdist/conf/type/__package_upgrade_all/man.rst
@@ -0,0 +1,62 @@
+cdist-type__package_upgrade_all(7)
+==================================
+
+NAME
+----
+cdist-type__package_upgrade_all - Upgrade all the installed packages
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to upgrade all the installed packages on the
+target. It will automatically use the appropriate package manager.
+
+
+REQUIRED PARAMETERS
+-------------------
+None
+
+
+OPTIONAL PARAMETERS
+-------------------
+type
+ The package manager to use. Default is determined based on the $os
+ explorer variable.
+ e.g.
+ * apt for Debian
+ * yum for Red Hat
+ * pacman for Arch Linux
+
+
+BOOLEAN PARAMETERS
+------------------
+apt-dist-upgrade
+ Do dist-upgrade instead of upgrade.
+
+apt-clean
+ Clean out the local repository of retrieved package files.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Upgrade all the installed packages on the target
+ __package_upgrade_all
+
+ # Force use of a specific package manager
+ __package_upgrade_all --type apt
+
+
+AUTHORS
+-------
+Ricardo Catalinas Jiménez
+
+COPYING
+-------
+
+Copyright \(C) 2014 Ricardo Catalinas Jiménez. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__package_upgrade_all/nonparallel b/cdist/conf/type/__package_upgrade_all/nonparallel
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__package_upgrade_all/parameter/boolean b/cdist/conf/type/__package_upgrade_all/parameter/boolean
new file mode 100644
index 00000000..7a56a34b
--- /dev/null
+++ b/cdist/conf/type/__package_upgrade_all/parameter/boolean
@@ -0,0 +1,2 @@
+apt-clean
+apt-dist-upgrade
diff --git a/cdist/conf/type/__package_upgrade_all/parameter/optional b/cdist/conf/type/__package_upgrade_all/parameter/optional
new file mode 100644
index 00000000..aa80e646
--- /dev/null
+++ b/cdist/conf/type/__package_upgrade_all/parameter/optional
@@ -0,0 +1 @@
+type
diff --git a/cdist/conf/type/__package_upgrade_all/singleton b/cdist/conf/type/__package_upgrade_all/singleton
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__package_yum/explorer/pkg_version b/cdist/conf/type/__package_yum/explorer/pkg_version
index fb3b7753..b81b0fe9 100755
--- a/cdist/conf/type/__package_yum/explorer/pkg_version
+++ b/cdist/conf/type/__package_yum/explorer/pkg_version
@@ -27,4 +27,4 @@ else
name="$__object_id"
fi
-rpm -q --whatprovides "$name" 2>/dev/null || true
+rpm -q "$name" 2>/dev/null || rpm -q --whatprovides "$name" 2>/dev/null || true
diff --git a/cdist/conf/type/__package_yum/gencode-remote b/cdist/conf/type/__package_yum/gencode-remote
index 9c98c257..b52953f6 100755
--- a/cdist/conf/type/__package_yum/gencode-remote
+++ b/cdist/conf/type/__package_yum/gencode-remote
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/sh -e
#
-# 2011 Nico Schottelius (nico-cdist at schottelius.org)
+# 2011-2014 Nico Schottelius (nico-cdist at schottelius.org)
#
# This file is part of cdist.
#
@@ -27,22 +27,31 @@ else
name="$__object_id"
fi
-if [ -f "$__object/parameter/state" ]; then
- state_should="$(cat "$__object/parameter/state")"
+# Support installing from an URL
+if [ -f "$__object/parameter/url" ]; then
+ install_name="$(cat "$__object/parameter/url")"
else
- state_should="present"
+ install_name="$name"
fi
-if grep -q -E "(centos|redhat|amazon)" "$__global/explorer/os"; then
+
+state_should="$(cat "$__object/parameter/state")"
+
+if grep -q -E "(scientific|centos|redhat|amazon)" "$__global/explorer/os"; then
opts="-y --quiet"
else
opts="--assumeyes --quiet"
fi
-not_installed="^no package provides"
+not_provided="^no package provides"
+not_installed='is not installed$'
-if grep -q "$not_installed" "$__object/explorer/pkg_version"; then
- state_is="absent"
+if grep -q "$not_provided" "$__object/explorer/pkg_version"; then
+ if grep -q "$not_installed" "$__object/explorer/pkg_version"; then
+ state_is="absent"
+ else
+ state_is="present"
+ fi
else
state_is="present"
fi
@@ -51,10 +60,12 @@ fi
case "$state_should" in
present)
- echo yum $opts install \"$name\"
+ echo "yum $opts install '$install_name'"
+ echo "installed" >> "$__messages_out"
;;
absent)
- echo yum $opts remove \"$name\"
+ echo "yum $opts remove '$name'"
+ echo "removed" >> "$__messages_out"
;;
*)
echo "Unknown state: $state_should" >&2
diff --git a/cdist/conf/type/__package_yum/man.rst b/cdist/conf/type/__package_yum/man.rst
new file mode 100644
index 00000000..45ad9a55
--- /dev/null
+++ b/cdist/conf/type/__package_yum/man.rst
@@ -0,0 +1,65 @@
+cdist-type__package_yum(7)
+==========================
+
+NAME
+----
+cdist-type__package_yum - Manage packages with yum
+
+
+DESCRIPTION
+-----------
+Yum is usually used on the Fedora distribution to manage packages.
+If you specify an unknown package, yum will display the
+slightly confusing error message "Error: Nothing to do".
+
+
+REQUIRED PARAMETERS
+-------------------
+None
+
+
+OPTIONAL PARAMETERS
+-------------------
+name
+ If supplied, use the name and not the object id as the package name.
+
+state
+ Either "present" or "absent", defaults to "present"
+url
+ URL to use for the package
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Ensure zsh in installed
+ __package_yum zsh --state present
+
+ # If you don't want to follow pythonX packages, but always use python
+ __package_yum python --state present --name python2
+
+ # Remove obsolete package
+ __package_yum puppet --state absent
+
+ __package epel-release-6-8 \
+ --url http://mirror.switch.ch/ftp/mirror/epel/6/i386/epel-release-6-8.noarch.rpm
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__package`\ (7)
+
+
+AUTHORS
+-------
+Nico Schottelius
+
+
+COPYING
+-------
+Copyright \(C) 2011-2012 Nico Schottelius. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__package_yum/man.text b/cdist/conf/type/__package_yum/man.text
deleted file mode 100644
index d958dd1e..00000000
--- a/cdist/conf/type/__package_yum/man.text
+++ /dev/null
@@ -1,56 +0,0 @@
-cdist-type__package_yum(7)
-==========================
-Nico Schottelius
-
-
-NAME
-----
-cdist-type__package_yum - Manage packages with yum
-
-
-DESCRIPTION
------------
-Yum is usually used on the Fedora distribution to manage packages.
-If you specify an unknown package, yum will display the
-slightly confusing error message "Error: Nothing to do".
-
-
-REQUIRED PARAMETERS
--------------------
-None
-
-
-OPTIONAL PARAMETERS
--------------------
-name::
- If supplied, use the name and not the object id as the package name.
-
-state::
- Either "present" or "absent", defaults to "present"
-
-
-EXAMPLES
---------
-
---------------------------------------------------------------------------------
-# Ensure zsh in installed
-__package_yum zsh --state present
-
-# If you don't want to follow pythonX packages, but always use python
-__package_yum python --state present --name python2
-
-# Remove obsolete package
-__package_yum puppet --state absent
---------------------------------------------------------------------------------
-
-
-SEE ALSO
---------
-- cdist-type(7)
-- cdist-type__package(7)
-
-
-COPYING
--------
-Copyright \(C) 2011-2012 Nico Schottelius. Free use of this software is
-granted under the terms of the GNU General Public License version 3 (GPLv3).
diff --git a/cdist/conf/type/__package_yum/nonparallel b/cdist/conf/type/__package_yum/nonparallel
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__package_yum/parameter/default/state b/cdist/conf/type/__package_yum/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__package_yum/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__package_yum/parameter/optional b/cdist/conf/type/__package_yum/parameter/optional
index 1b423dc4..9293119d 100644
--- a/cdist/conf/type/__package_yum/parameter/optional
+++ b/cdist/conf/type/__package_yum/parameter/optional
@@ -1,2 +1,3 @@
name
state
+url
diff --git a/cdist/conf/type/__package_zypper/explorer/pkg_version b/cdist/conf/type/__package_zypper/explorer/pkg_version
old mode 100755
new mode 100644
index fb3b7753..83bf6dab
--- a/cdist/conf/type/__package_zypper/explorer/pkg_version
+++ b/cdist/conf/type/__package_zypper/explorer/pkg_version
@@ -1,6 +1,7 @@
#!/bin/sh
#
# 2011-2012 Nico Schottelius (nico-cdist at schottelius.org)
+# 2013 Daniel Heule (hda at sfs.biz)
#
# This file is part of cdist.
#
@@ -18,7 +19,7 @@
# along with cdist. If not, see .
#
#
-# Retrieve the status of a package
+# Retrieve the status of a package of different types
#
if [ -f "$__object/parameter/name" ]; then
@@ -27,4 +28,21 @@ else
name="$__object_id"
fi
-rpm -q --whatprovides "$name" 2>/dev/null || true
+if [ -f "$__object/parameter/ptype" ]; then
+ ptype="$(cat "$__object/parameter/ptype")"
+else
+ ptype="package"
+fi
+
+case "$ptype" in
+ package)
+ zypper search --details --match-exact --installed-only --type "$ptype" "$name" | grep -E '^i' | cut -d " " -f 3,7 || true
+ ;;
+ patch|pattern|product|srcpackage)
+ zypper search --match-exact --installed-only --type "$ptype" "$name" | grep -E '^i' | cut -d " " -f 3 || true
+ ;;
+ *)
+ echo "unknown ptype in __package_zypper explorer" >&2
+ exit 1
+ ;;
+esac
diff --git a/cdist/conf/type/__package_zypper/gencode-remote b/cdist/conf/type/__package_zypper/gencode-remote
index ca9aec33..e45dd9ff 100755
--- a/cdist/conf/type/__package_zypper/gencode-remote
+++ b/cdist/conf/type/__package_zypper/gencode-remote
@@ -1,6 +1,7 @@
-#!/bin/sh
+#!/bin/sh -e
#
# 2012 Nico Schottelius (nico-cdist at schottelius.org)
+# 2013 Daniel Heule (hda at sfs.biz)
#
# This file is part of cdist.
#
@@ -28,29 +29,53 @@
globalopts="--quiet --non-interactive"
if [ -f "$__object/parameter/name" ]; then
- name="$__object/parameter/name"
+ name="$__object/parameter/name"
else
- name="$__object_id"
+ name="$__object_id"
fi
-if [ -f "$__object/parameter/state" ]; then
- state_should="$(cat "$__object/parameter/state")"
+state_should="$(cat "$__object/parameter/state")"
+ptype="$(cat "$__object/parameter/ptype")"
+
+if [ -f "$__object/parameter/version" ]; then
+ version_should="$(cat "$__object/parameter/version")"
+ if [ "$ptype" != "package" ]; then
+ echo "version support only for type package implemented" >&2
+ exit 2
+ fi
else
- state_should="present"
+ version_should=""
+fi
+
+pkg_version="$(cat "$__object/explorer/pkg_version")"
+if [ -z "$pkg_version" ]; then
+ state_is="absent"
+ version_is=""
+else
+ state_is="present"
+ version_is=${pkg_version##* }
fi
-# Exit if nothing is needed to be done
-[ "$state_is" = "$state_should" ] && exit 0
case "$state_should" in
- present)
- echo zypper "$globalopts" install --auto-agree-with-licenses \"$name\"
- ;;
- absent)
- echo pacman "$globalopts" remove \"$name\"
- ;;
- *)
- echo "Unknown state: $state_should" >&2
- exit 1
- ;;
+ present)
+ if [ -z "$version_should" ]; then
+ [ "$state_is" = "present" ] && exit 0 # if state is present, we dont need to do anything
+ echo "zypper $globalopts install --type '$ptype' --auto-agree-with-licenses '$name' >/dev/null"
+ echo "removed" >> "$__messages_out"
+ else
+ [ "$state_is" = "present" ] && [ "$version_should" = "$version_is" ] && exit 0 # if state is present and version is correct, we dont need to do anything
+ echo "zypper $globalopts install --oldpackage --type '$ptype' --auto-agree-with-licenses '$name' = '$version_should' >/dev/null"
+ echo "installed" >> "$__messages_out"
+ fi
+ ;;
+ absent)
+ [ "$state_is" = "absent" ] && exit 0 # if state is absent, we dont need to do anything
+ echo "zypper $globalopts remove --type '$ptype' '$name' >/dev/null"
+ echo "removed" >> "$__messages_out"
+ ;;
+ *)
+ echo "Unknown state: $state_should" >&2
+ exit 1
+ ;;
esac
diff --git a/cdist/conf/type/__package_zypper/man.rst b/cdist/conf/type/__package_zypper/man.rst
new file mode 100644
index 00000000..0051359b
--- /dev/null
+++ b/cdist/conf/type/__package_zypper/man.rst
@@ -0,0 +1,73 @@
+cdist-type__package_zypper(7)
+=============================
+
+NAME
+----
+cdist-type__package_zypper - Manage packages with zypper
+
+
+DESCRIPTION
+-----------
+Zypper is usually used on the SuSE distribution to manage packages.
+
+
+REQUIRED PARAMETERS
+-------------------
+None
+
+
+OPTIONAL PARAMETERS
+-------------------
+name
+ If supplied, use the name and not the object id as the package name.
+
+state
+ Either "present" or "absent", defaults to "present"
+
+version
+ The version of the package to install. Default is to install the version
+ chosen by the local package manager. For a list of available versions,
+ have a look at the output of "zypper se -s packagename"
+
+ptype
+ Either "package", "patch", "pattern", "product" or "srcpackage", defaults to "package". For a description see man zypper.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Ensure zsh is installed
+ __package_zypper zsh --state present
+
+ # If you don't want to follow pythonX packages, but always use python
+ __package_zypper python --state present --name python2
+
+ # Ensure binutils is installed and the version is forced to be 2.23.1-0.19.2
+ __package_zypper binutils --state present --version 2.23.1-0.19.2
+
+ # Remove package
+ __package_zypper cfengine --state absent
+
+ # install all packages which belongs to pattern x11
+ __package_zypper x11 --ptype pattern --state present
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__package`\ (7)
+
+
+AUTHORS
+-------
+Daniel Heule
+
+
+COPYING
+-------
+Copyright \(C) 2012 Nico Schottelius.
+Copyright \(C) 2013 Daniel Heule.
+You can redistribute it and/or modify it under the terms of the
+GNU General Public License as published by the Free Software Foundation,
+either version 3 of the License, or (at your option) any later version.
diff --git a/cdist/conf/type/__package_zypper/man.text b/cdist/conf/type/__package_zypper/man.text
deleted file mode 100644
index e2261d33..00000000
--- a/cdist/conf/type/__package_zypper/man.text
+++ /dev/null
@@ -1,54 +0,0 @@
-cdist-type__package_zypper(7)
-=============================
-Nico Schottelius
-
-
-NAME
-----
-cdist-type__package_zypper - Manage packages with zypper
-
-
-DESCRIPTION
------------
-Zypper is usually used on the SuSE distribution to manage packages.
-
-
-REQUIRED PARAMETERS
--------------------
-None
-
-
-OPTIONAL PARAMETERS
--------------------
-name::
- If supplied, use the name and not the object id as the package name.
-
-state::
- Either "present" or "absent", defaults to "present"
-
-
-EXAMPLES
---------
-
---------------------------------------------------------------------------------
-# Ensure zsh in installed
-__package_zypper zsh --state present
-
-# If you don't want to follow pythonX packages, but always use python
-__package_zypper python --state present --name python2
-
-# Remove package
-__package_zypper cfengine --state absent
---------------------------------------------------------------------------------
-
-
-SEE ALSO
---------
-- cdist-type(7)
-- cdist-type__package(7)
-
-
-COPYING
--------
-Copyright \(C) 2012 Nico Schottelius. Free use of this software is
-granted under the terms of the GNU General Public License version 3 (GPLv3).
diff --git a/cdist/conf/type/__package_zypper/nonparallel b/cdist/conf/type/__package_zypper/nonparallel
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__package_zypper/parameter/default/ptype b/cdist/conf/type/__package_zypper/parameter/default/ptype
new file mode 100644
index 00000000..ba3bd787
--- /dev/null
+++ b/cdist/conf/type/__package_zypper/parameter/default/ptype
@@ -0,0 +1 @@
+package
diff --git a/cdist/conf/type/__package_zypper/parameter/default/state b/cdist/conf/type/__package_zypper/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__package_zypper/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__package_zypper/parameter/optional b/cdist/conf/type/__package_zypper/parameter/optional
index 1b423dc4..bc8565fc 100644
--- a/cdist/conf/type/__package_zypper/parameter/optional
+++ b/cdist/conf/type/__package_zypper/parameter/optional
@@ -1,2 +1,4 @@
name
state
+ptype
+version
diff --git a/cdist/conf/type/__pacman_conf/man.rst b/cdist/conf/type/__pacman_conf/man.rst
new file mode 100644
index 00000000..6b8adfc9
--- /dev/null
+++ b/cdist/conf/type/__pacman_conf/man.rst
@@ -0,0 +1,75 @@
+cdist-type__pacman_conf(7)
+==========================
+
+NAME
+----
+cdist-type__pacman_conf - Manage pacman configuration
+
+
+DESCRIPTION
+-----------
+The type allows you to configure options section, add or delete repositories and manage mirrorlists
+
+
+REQUIRED PARAMETERS
+-------------------
+section
+ 'options' for configure options section
+
+ Otherwise it specifies a repository or a plain file
+
+key
+ Specifies the key which will be set
+
+ If section = 'options' or file is not set the key will
+ be checked against available keys from pacman.conf
+
+value
+ Specifies the value which will be set against the key
+
+
+OPTIONAL PARAMETERS
+-------------------
+state
+ 'present' or 'absent', defaults to 'present'
+
+file
+ Specifies the filename.
+
+ The managed file will be named like 'plain_file_filename'
+
+ If supplied the key will not be checked.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Manage options section in pacman.conf
+ __pacman_conf options_Architecture --section options --key Architecture --value auto
+
+ # Add new repository
+ __pacman_conf localrepo_Server --section localrepo --key Server --value "file:///var/cache/pacman/pkg"
+
+ # Add mirror to a mirrorlist
+ __pacman_conf customlist_Server --file customlist --section customlist --key Server\
+ --value "file:///var/cache/pacman/pkg"
+
+
+SEE ALSO
+--------
+:strong:`grep`\ (1)
+
+
+AUTHORS
+-------
+Dominique Roux
+
+
+COPYING
+-------
+Copyright \(C) 2015 Dominique Roux. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__pacman_conf/manifest b/cdist/conf/type/__pacman_conf/manifest
new file mode 100755
index 00000000..a43f18a1
--- /dev/null
+++ b/cdist/conf/type/__pacman_conf/manifest
@@ -0,0 +1,133 @@
+#!/bin/sh -e
+#
+# 2015 Dominique Roux (dominique.roux4 at gmail.com)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+#get params
+section=$(cat "$__object/parameter/section")
+key=$(cat "$__object/parameter/key")
+value=$(cat "$__object/parameter/value")
+file=$(cat "$__object/parameter/file" 2>/dev/null)
+state=$(cat "$__object/parameter/state" 2>/dev/null)
+
+#path variable default /etc/pacman.d
+sec_path="/etc/pacman.d"
+
+#allowed keys (from man pacman.conf)
+allowed_option_keys="RootDir DBPath CacheDir GPGDir LogFile HoldPkg IgnorePkg IgnoreGroup Include Architecture XferCommand NoUpgrade NoExtract CleanMethod SigLevel LocalFileSigLevel RemoteFileSigLevel"
+boolean_option_keys="UseSyslog Color UseDelta TotalDownload CheckSpace VerbosePkgLists"
+allowed_repo_keys="Include Server SigLevel Usage"
+
+#set global variables
+MATCH=0
+
+#function for check if array contain string
+contains_element() {
+
+ MATCH=0
+
+ target=$1
+ shift
+
+ for key in "$@"; do
+ if [ "${key}" = "${target}" ]; then
+ MATCH=1
+ return 0
+ fi
+ done
+ MATCH=0
+}
+
+if [ "${file}" ]; then
+ __file "${sec_path}/plain_file_${file}"\
+ --state exists --mode 666
+
+ if [ "${state}" = "present" ]; then
+
+ require="__file/${sec_path}/plain_file_${file}" __key_value "${file}_${key}" \
+ --file "${sec_path}/plain_file_${file}" --key "${key}" --value "${value}" --delimiter ' = '
+
+ exit 0
+
+ elif [ "${state}" = "absent" ]; then
+ require="__file/${sec_path}/plain_file_${file}" __key_value "${file}_${key}" \
+ --state absent
+ exit 0
+
+ else
+ echo "ERROR: Unknown state: ${state}" >&2
+ exit 0
+ fi
+fi
+
+if [ "${section}" = "options" ]; then
+
+ __file "${sec_path}/${section}"\
+ --state exists --mode 666 --source - << eof
+[${section}]
+eof
+ #check if key is valid
+ #check for boolean value
+ contains_element "${key}" "${boolean_option_keys}"
+
+ if [ "${MATCH}" -eq 1 ]; then
+ if [ "${value}" = "on" ]; then
+ require="__file/${sec_path}/${section}" __line "${key}_${value}" \
+ --file "${sec_path}/${section}" --line "${key}"
+ elif [ "${value}" = "off" ]; then
+ require="__file/${sec_path}/${section}" __line "${key}_${value}" \
+ --file "${sec_path}/${section}" --line "${key}" --state absent
+ fi
+
+ else
+ contains_element "${key}" "${allowed_option_keys}"
+
+ if [ "${MATCH}" -eq 1 ]; then
+ require="__file/${sec_path}/${section}" __key_value "${section}_${key}" \
+ --file "${sec_path}/${section}" --key "${key}" --value "${value}" --delimiter ' = '
+ else
+ echo "Key: ${key} is not valid. Have a look at man pacman.conf" >&2
+ fi
+ fi
+
+else
+ __file "${sec_path}/repo_${section}"\
+ --state exists --mode 666 --source - << eof
+[${section}]
+eof
+ if [ "${state}" = "present" ]; then
+
+ #check if key is valid
+ contains_element "${key}" "${allowed_repo_keys}"
+ if [ ${MATCH} -eq 0 ]; then
+ exit
+ fi
+
+ require="__file/${sec_path}/repo_${section}" __key_value "${section}_${key}" \
+ --file "${sec_path}/repo_${section}" --key "${key}" --value "${value}" --delimiter ' = '
+
+ elif [ "${state}" = "absent" ]; then
+
+ require="__file/${sec_path}/repo_${section}" __key_value "${section}_${key}" \
+ --state absent
+
+ else
+ echo "ERROR: Unknown state: ${state}" >&2
+ fi
+
+fi
diff --git a/cdist/conf/type/__pacman_conf/parameter/default/file b/cdist/conf/type/__pacman_conf/parameter/default/file
new file mode 100644
index 00000000..139597f9
--- /dev/null
+++ b/cdist/conf/type/__pacman_conf/parameter/default/file
@@ -0,0 +1,2 @@
+
+
diff --git a/cdist/conf/type/__pacman_conf/parameter/default/state b/cdist/conf/type/__pacman_conf/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__pacman_conf/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__pacman_conf/parameter/optional b/cdist/conf/type/__pacman_conf/parameter/optional
new file mode 100644
index 00000000..5d52aa2e
--- /dev/null
+++ b/cdist/conf/type/__pacman_conf/parameter/optional
@@ -0,0 +1,2 @@
+file
+state
diff --git a/cdist/conf/type/__pacman_conf/parameter/required b/cdist/conf/type/__pacman_conf/parameter/required
new file mode 100644
index 00000000..2f9d59e0
--- /dev/null
+++ b/cdist/conf/type/__pacman_conf/parameter/required
@@ -0,0 +1,3 @@
+section
+key
+value
diff --git a/cdist/conf/type/__pacman_conf_integrate/files/mirrorlist b/cdist/conf/type/__pacman_conf_integrate/files/mirrorlist
new file mode 100644
index 00000000..a378fb50
--- /dev/null
+++ b/cdist/conf/type/__pacman_conf_integrate/files/mirrorlist
@@ -0,0 +1,344 @@
+##
+## Arch Linux repository mirrorlist
+## Generated on 2015-03-15
+##
+
+## Worldwide
+#Server = http://mirror.rackspace.com/archlinux/$repo/os/$arch
+
+## Australia
+#Server = http://mirror.aarnet.edu.au/pub/archlinux/$repo/os/$arch
+#Server = http://archlinux.mirror.digitalpacific.com.au/$repo/os/$arch
+#Server = http://ftp.iinet.net.au/pub/archlinux/$repo/os/$arch
+#Server = http://mirror.internode.on.net/pub/archlinux/$repo/os/$arch
+#Server = http://mirror.rackcentral.com.au/archlinux/$repo/os/$arch
+#Server = http://ftp.swin.edu.au/archlinux/$repo/os/$arch
+#Server = http://archlinux.mirror.uber.com.au/$repo/os/$arch
+
+## Austria
+#Server = http://mirror.easyname.at/archlinux/$repo/os/$arch
+#Server = http://mirror1.htu.tugraz.at/archlinux/$repo/os/$arch
+
+## Bangladesh
+#Server = http://mirrors.ispros.com.bd/archlinux/$repo/os/$arch
+
+## Belarus
+#Server = http://ftp.byfly.by/pub/archlinux/$repo/os/$arch
+#Server = http://mirror.datacenter.by/pub/archlinux/$repo/os/$arch
+
+## Belgium
+#Server = http://archlinux.cu.be/$repo/os/$arch
+#Server = http://archlinux.mirror.kangaroot.net/$repo/os/$arch
+
+## Brazil
+#Server = http://archlinux.c3sl.ufpr.br/$repo/os/$arch
+#Server = http://www.las.ic.unicamp.br/pub/archlinux/$repo/os/$arch
+#Server = http://pet.inf.ufsc.br/mirrors/archlinux/$repo/os/$arch
+
+## Bulgaria
+#Server = http://mirror.telepoint.bg/archlinux/$repo/os/$arch
+
+## Canada
+#Server = http://archlinux.dropswitch.net/archlinux/$repo/os/$arch
+#Server = http://mirror.clibre.uqam.ca/archlinux/$repo/os/$arch
+#Server = http://mirror.csclub.uwaterloo.ca/archlinux/$repo/os/$arch
+#Server = http://mirror.its.dal.ca/archlinux/$repo/os/$arch
+#Server = http://archlinux.mirror.rafal.ca/$repo/os/$arch
+#Server = http://archlinux.mirror.vexxhost.com/$repo/os/$arch
+
+## Chile
+#Server = http://mirror.archlinux.cl/$repo/os/$arch
+
+## China
+#Server = http://mirrors.163.com/archlinux/$repo/os/$arch
+#Server = http://mirror.bjtu.edu.cn/archlinux/$repo/os/$arch
+#Server = http://mirrors.cqu.edu.cn/archlinux/$repo/os/$arch
+#Server = http://mirrors.hust.edu.cn/archlinux/$repo/os/$arch
+#Server = http://mirrors.hustunique.com/archlinux/$repo/os/$arch
+#Server = http://mirrors.neusoft.edu.cn/archlinux/$repo/os/$arch
+#Server = http://run.hit.edu.cn/archlinux/$repo/os/$arch
+#Server = http://mirrors.tuna.tsinghua.edu.cn/archlinux/$repo/os/$arch
+#Server = http://mirrors.ustc.edu.cn/archlinux/$repo/os/$arch
+#Server = https://mirrors.ustc.edu.cn/archlinux/$repo/os/$arch
+#Server = http://mirrors.zju.edu.cn/archlinux/$repo/os/$arch
+
+## Colombia
+#Server = http://mirror.edatel.net.co/archlinux/$repo/os/$arch
+#Server = http://www.laqee.unal.edu.co/archlinux/$repo/os/$arch
+
+## Croatia
+#Server = http://archlinux.iskon.hr/$repo/os/$arch
+
+## Czech Republic
+#Server = http://archlinux.mirror.dkm.cz/pub/archlinux/$repo/os/$arch
+#Server = http://gluttony.sin.cvut.cz/arch/$repo/os/$arch
+#Server = http://mirror.oss.maxcdn.com/archlinux/$repo/os/$arch
+#Server = http://mirrors.nic.cz/archlinux/$repo/os/$arch
+#Server = http://mirror.vpsfree.cz/archlinux/$repo/os/$arch
+
+## Denmark
+#Server = http://mirrors.dotsrc.org/archlinux/$repo/os/$arch
+#Server = http://mirror.one.com/archlinux/$repo/os/$arch
+
+## Ecuador
+#Server = http://mirror.cedia.org.ec/archlinux/$repo/os/$arch
+#Server = http://mirror.espoch.edu.ec/archlinux/$repo/os/$arch
+#Server = http://mirror.uta.edu.ec/archlinux/$repo/os/$arch
+
+## Estonia
+#Server = http://ftp.eenet.ee/pub/archlinux/$repo/os/$arch
+
+## France
+#Server = http://archlinux.aubrac-medical.fr/$repo/os/$arch
+#Server = http://mirror.archlinux.ikoula.com/archlinux/$repo/os/$arch
+#Server = http://archlinux.vi-di.fr/$repo/os/$arch
+#Server = http://mir.art-software.fr/arch/$repo/os/$arch
+#Server = http://fooo.biz/archlinux/$repo/os/$arch
+#Server = https://fooo.biz/archlinux/$repo/os/$arch
+#Server = http://mirror.lastmikoi.net/archlinux/$repo/os/$arch
+#Server = http://mirror.lightcone.eu/archlinux/$repo/os/$arch
+#Server = http://archlinux.mailtunnel.eu/$repo/os/$arch
+#Server = https://www.mailtunnel.eu/archlinux/$repo/os/$arch
+#Server = http://mir.archlinux.fr/$repo/os/$arch
+#Server = http://arch.nimukaito.net/$repo/os/$arch
+#Server = http://archlinux.mirrors.ovh.net/archlinux/$repo/os/$arch
+#Server = http://archlinux.mirror.pkern.at/$repo/os/$arch
+#Server = https://archlinux.mirror.pkern.at/$repo/os/$arch
+#Server = http://archlinux.polymorf.fr/$repo/os/$arch
+#Server = http://arch.static.lu/$repo/os/$arch
+#Server = https://arch.static.lu/$repo/os/$arch
+#Server = http://arch.tamcore.eu/$repo/os/$arch
+#Server = http://mirror.tyborek.pl/arch/$repo/os/$arch
+#Server = http://ftp.u-strasbg.fr/linux/distributions/archlinux/$repo/os/$arch
+#Server = http://arch.yourlabs.org/$repo/os/$arch
+
+## Germany
+#Server = http://mirror.23media.de/archlinux/$repo/os/$arch
+#Server = http://archlinux.limun.org/$repo/os/$arch
+#Server = https://archlinux.limun.org/$repo/os/$arch
+#Server = http://artfiles.org/archlinux.org/$repo/os/$arch
+#Server = http://ftp.fau.de/archlinux/$repo/os/$arch
+#Server = https://ftp.fau.de/archlinux/$repo/os/$arch
+#Server = http://mirror.flipez.de/archlinux/$repo/os/$arch
+#Server = http://mirror.fluxent.de/archlinux/$repo/os/$arch
+#Server = http://mirror.gnomus.de/$repo/os/$arch
+#Server = http://arch.packages.gnp-tec.net/$repo/os/$arch
+#Server = http://ftp5.gwdg.de/pub/linux/archlinux/$repo/os/$arch
+#Server = http://mirror.hactar.bz/$repo/os/$arch
+#Server = http://ftp.hawo.stw.uni-erlangen.de/archlinux/$repo/os/$arch
+#Server = http://ftp.hosteurope.de/mirror/ftp.archlinux.org/$repo/os/$arch
+#Server = http://ftp-stud.hs-esslingen.de/pub/Mirrors/archlinux/$repo/os/$arch
+#Server = http://mirror.js-webcoding.de/pub/archlinux/$repo/os/$arch
+#Server = http://mirror.k42.ch/archlinux/$repo/os/$arch
+#Server = http://mirror.de.leaseweb.net/archlinux/$repo/os/$arch
+#Server = http://mirror.metalgamer.eu/archlinux/$repo/os/$arch
+#Server = http://mirror.michael-eckert.net/archlinux/$repo/os/$arch
+#Server = http://archlinux.my-universe.com/$repo/os/$arch
+#Server = https://archlinux.my-universe.com/$repo/os/$arch
+#Server = http://mirrors.n-ix.net/archlinux/$repo/os/$arch
+#Server = http://mirror.netcologne.de/archlinux/$repo/os/$arch
+#Server = http://mirrors.niyawe.de/archlinux/$repo/os/$arch
+#Server = http://ftp.halifax.rwth-aachen.de/archlinux/$repo/os/$arch
+#Server = http://linux.rz.rub.de/archlinux/$repo/os/$arch
+#Server = http://mirror.selfnet.de/archlinux/$repo/os/$arch
+#Server = http://ftp.spline.inf.fu-berlin.de/mirrors/archlinux/$repo/os/$arch
+#Server = http://ftp.tu-chemnitz.de/pub/linux/archlinux/$repo/os/$arch
+#Server = http://ftp.tuxdroid.org/archlinux/$repo/os/$arch
+#Server = http://ftp.uni-bayreuth.de/linux/archlinux/$repo/os/$arch
+#Server = http://ftp.uni-hannover.de/archlinux/$repo/os/$arch
+#Server = http://ftp.uni-kl.de/pub/linux/archlinux/$repo/os/$arch
+#Server = http://mirror.united-gameserver.de/archlinux/$repo/os/$arch
+
+## Greece
+#Server = http://ftp.cc.uoc.gr/mirrors/linux/archlinux/$repo/os/$arch
+#Server = http://foss.aueb.gr/mirrors/linux/archlinux/$repo/os/$arch
+#Server = https://foss.aueb.gr/mirrors/linux/archlinux/$repo/os/$arch
+#Server = http://mirrors.myaegean.gr/linux/archlinux/$repo/os/$arch
+#Server = http://ftp.ntua.gr/pub/linux/archlinux/$repo/os/$arch
+#Server = http://ftp.otenet.gr/linux/archlinux/$repo/os/$arch
+
+## Hungary
+#Server = http://ftp.mfa.kfki.hu/pub/mirrors/ftp.archlinux.org/$repo/os/$arch
+
+## Iceland
+#Server = http://mirror.system.is/arch/$repo/os/$arch
+#Server = https://mirror.system.is/arch/$repo/os/$arch
+
+## India
+#Server = http://mirror.cse.iitk.ac.in/archlinux/$repo/os/$arch
+#Server = http://ftp.iitm.ac.in/archlinux/$repo/os/$arch
+
+## Indonesia
+#Server = http://mirror.kavalinux.com/archlinux/$repo/os/$arch
+#Server = http://mirror.poliwangi.ac.id/archlinux/$repo/os/$arch
+#Server = http://suro.ubaya.ac.id/archlinux/$repo/os/$arch
+
+## Iran
+#Server = http://mirror.yazd.ac.ir/arch/$repo/os/$arch
+
+## Ireland
+#Server = http://ftp.heanet.ie/mirrors/ftp.archlinux.org/$repo/os/$arch
+
+## Israel
+#Server = http://mirror.isoc.org.il/pub/archlinux/$repo/os/$arch
+
+## Italy
+#Server = http://archlinux.openlabto.org/archlinux/$repo/os/$arch
+#Server = http://archlinux.beccacervello.it/archlinux/$repo/os/$arch
+#Server = http://mirrors.prometeus.net/archlinux/$repo/os/$arch
+
+## Japan
+#Server = http://ftp.tsukuba.wide.ad.jp/Linux/archlinux/$repo/os/$arch
+#Server = http://ftp.jaist.ac.jp/pub/Linux/ArchLinux/$repo/os/$arch
+
+## Kazakhstan
+#Server = http://mirror.neolabs.kz/archlinux/$repo/os/$arch
+
+## Latvia
+#Server = http://archlinux.koyanet.lv/archlinux/$repo/os/$arch
+
+## Lithuania
+#Server = http://archlinux.akmc.lt/$repo/os/$arch
+#Server = http://atviras.lt/veidrodziai/archlinux/$repo/os/$arch
+
+## Luxembourg
+#Server = http://archlinux.mirror.root.lu/$repo/os/$arch
+
+## Macedonia
+#Server = http://arch.softver.org.mk/archlinux/$repo/os/$arch
+#Server = http://mirror.t-home.mk/archlinux/$repo/os/$arch
+
+## Netherlands
+#Server = http://arch.apt-get.eu/$repo/os/$arch
+#Server = http://mirror.i3d.net/pub/archlinux/$repo/os/$arch
+#Server = https://mirror.i3d.net/pub/archlinux/$repo/os/$arch
+#Server = http://mirror.nl.leaseweb.net/archlinux/$repo/os/$arch
+#Server = http://ftp.nluug.nl/os/Linux/distr/archlinux/$repo/os/$arch
+#Server = http://ftp.snt.utwente.nl/pub/os/linux/archlinux/$repo/os/$arch
+
+## New Caledonia
+#Server = http://mirror.lagoon.nc/pub/archlinux/$repo/os/$arch
+#Server = http://archlinux.nautile.nc/archlinux/$repo/os/$arch
+
+## New Zealand
+#Server = http://mirror.xnet.co.nz/pub/archlinux/$repo/os/$arch
+
+## Norway
+#Server = http://mirror.archlinux.no/$repo/os/$arch
+#Server = http://archlinux.uib.no/$repo/os/$arch
+#Server = http://archlinux.neuf.no/$repo/os/$arch
+
+## Philippines
+#Server = http://mirror.pregi.net/pub/Linux/archlinux/$repo/os/$arch
+
+## Poland
+#Server = http://mirror.chmuri.net/archmirror/$repo/os/$arch
+#Server = http://arch.midov.pl/arch/$repo/os/$arch
+#Server = http://piotrkosoft.net/pub/mirrors/ftp.archlinux.org/$repo/os/$arch
+#Server = http://ftp.vectranet.pl/archlinux/$repo/os/$arch
+
+## Portugal
+#Server = http://archlinux.dcc.fc.up.pt/$repo/os/$arch
+#Server = http://ftp.rnl.tecnico.ulisboa.pt/pub/archlinux/$repo/os/$arch
+
+## Romania
+#Server = http://mirror.archlinux.ro/archlinux/$repo/os/$arch
+#Server = http://archlinux.mirrors.linux.ro/$repo/os/$arch
+
+## Russia
+#Server = http://mirror.rol.ru/archlinux/$repo/os/$arch
+#Server = http://mirror.yandex.ru/archlinux/$repo/os/$arch
+
+## Serbia
+#Server = http://mirror.pmf.kg.ac.rs/archlinux/$repo/os/$arch
+
+## Singapore
+#Server = http://download.nus.edu.sg/mirror/arch/$repo/os/$arch
+#Server = http://mirror.nus.edu.sg/archlinux/$repo/os/$arch
+
+## Slovakia
+#Server = http://mirror.lnx.sk/pub/linux/archlinux/$repo/os/$arch
+#Server = http://tux.rainside.sk/archlinux/$repo/os/$arch
+
+## South Africa
+#Server = http://ftp.wa.co.za/pub/archlinux/$repo/os/$arch
+
+## South Korea
+#Server = http://ftp.kaist.ac.kr/ArchLinux/$repo/os/$arch
+#Server = http://mirror.premi.st/archlinux/$repo/os/$arch
+
+## Spain
+#Server = http://osl.ugr.es/archlinux/$repo/os/$arch
+#Server = http://sunsite.rediris.es/mirror/archlinux/$repo/os/$arch
+
+## Sweden
+#Server = http://ftp.df.lth.se/pub/archlinux/$repo/os/$arch
+#Server = http://ftp.lysator.liu.se/pub/archlinux/$repo/os/$arch
+#Server = https://ftp.lysator.liu.se/pub/archlinux/$repo/os/$arch
+#Server = http://ftp.myrveln.se/pub/linux/archlinux/$repo/os/$arch
+#Server = http://ftp.portlane.com/pub/os/linux/archlinux/$repo/os/$arch
+
+## Switzerland
+#Server = http://archlinux.puzzle.ch/$repo/os/$arch
+
+## Taiwan
+#Server = http://archlinux.cs.nctu.edu.tw/$repo/os/$arch
+#Server = http://shadow.ind.ntou.edu.tw/archlinux/$repo/os/$arch
+#Server = http://ftp.tku.edu.tw/Linux/ArchLinux/$repo/os/$arch
+#Server = http://ftp.yzu.edu.tw/Linux/archlinux/$repo/os/$arch
+
+## Turkey
+#Server = http://ftp.linux.org.tr/archlinux/$repo/os/$arch
+
+## Ukraine
+#Server = http://mirrors.nix.org.ua/linux/archlinux/$repo/os/$arch
+
+## United Kingdom
+#Server = http://mirror.bytemark.co.uk/archlinux/$repo/os/$arch
+#Server = http://mirror.cinosure.com/archlinux/$repo/os/$arch
+#Server = http://mirrors.manchester.m247.com/arch-linux/$repo/os/$arch
+#Server = http://www.mirrorservice.org/sites/ftp.archlinux.org/$repo/os/$arch
+#Server = http://arch.serverspace.co.uk/arch/$repo/os/$arch
+#Server = http://archlinux.mirrors.uk2.net/$repo/os/$arch
+
+## United States
+#Server = http://mirrors.abscission.net/archlinux/$repo/os/$arch
+#Server = http://mirrors.acm.wpi.edu/archlinux/$repo/os/$arch
+#Server = http://mirrors.advancedhosters.com/archlinux/$repo/os/$arch
+#Server = http://mirrors.aggregate.org/archlinux/$repo/os/$arch
+#Server = http://archlinux.surlyjake.com/archlinux/$repo/os/$arch
+#Server = http://mirrors.cat.pdx.edu/archlinux/$repo/os/$arch
+#Server = http://mirror.cc.columbia.edu/pub/linux/archlinux/$repo/os/$arch
+#Server = http://mirrors.cdndepo.com/archlinux/$repo/os/$arch
+#Server = https://mirrors.cdndepo.com/archlinux/$repo/os/$arch
+#Server = http://mirrors.cecsresearch.org/archlinux/$repo/os/$arch
+#Server = http://cosmos.cites.illinois.edu/pub/archlinux/$repo/os/$arch
+#Server = http://mirror.cs.pitt.edu/archlinux/$repo/os/$arch
+#Server = http://mirror.es.its.nyu.edu/archlinux/$repo/os/$arch
+#Server = http://mirrors.gigenet.com/archlinux/$repo/os/$arch
+#Server = http://mirror.grig.io/archlinux/$repo/os/$arch
+#Server = http://www.gtlib.gatech.edu/pub/archlinux/$repo/os/$arch
+#Server = http://mirror.ancl.hawaii.edu/linux/archlinux/$repo/os/$arch
+#Server = http://mirror.jmu.edu/pub/archlinux/$repo/os/$arch
+#Server = http://mirrors.kernel.org/archlinux/$repo/os/$arch
+#Server = https://mirrors.kernel.org/archlinux/$repo/os/$arch
+#Server = http://mirror.us.leaseweb.net/archlinux/$repo/os/$arch
+#Server = http://mirrors.liquidweb.com/archlinux/$repo/os/$arch
+#Server = http://arch.localmsp.org/arch/$repo/os/$arch
+#Server = https://arch.localmsp.org/arch/$repo/os/$arch
+#Server = http://lug.mtu.edu/archlinux/$repo/os/$arch
+#Server = http://mirror.metrocast.net/archlinux/$repo/os/$arch
+#Server = http://mirror.nexcess.net/archlinux/$repo/os/$arch
+#Server = http://ftp.osuosl.org/pub/archlinux/$repo/os/$arch
+#Server = http://archlinux.pallissard.net/archlinux/$repo/os/$arch
+#Server = http://mirror.rit.edu/archlinux/$repo/os/$arch
+#Server = http://mirrors.rutgers.edu/archlinux/$repo/os/$arch
+#Server = http://mirror.umd.edu/archlinux/$repo/os/$arch
+#Server = http://mirror.vtti.vt.edu/archlinux/$repo/os/$arch
+#Server = http://mirrors.xmission.com/archlinux/$repo/os/$arch
+#Server = http://mirror.yellowfiber.net/archlinux/$repo/os/$arch
+
+## Vietnam
+#Server = http://f.archlinuxvn.org/archlinux/$repo/os/$arch
+#Server = http://mirror-fpt-telecom.fpt.net/archlinux/$repo/os/$arch
+
diff --git a/cdist/conf/type/__pacman_conf_integrate/files/options b/cdist/conf/type/__pacman_conf_integrate/files/options
new file mode 100644
index 00000000..68273e49
--- /dev/null
+++ b/cdist/conf/type/__pacman_conf_integrate/files/options
@@ -0,0 +1,6 @@
+[options]
+HoldPkg = pacman glibc
+Architecture = auto
+CheckSpace
+SigLevel = Required DatabaseOptional
+LocalFileSigLevel = Optional
diff --git a/cdist/conf/type/__pacman_conf_integrate/files/pacman.conf.cdist b/cdist/conf/type/__pacman_conf_integrate/files/pacman.conf.cdist
new file mode 100644
index 00000000..88e6e623
--- /dev/null
+++ b/cdist/conf/type/__pacman_conf_integrate/files/pacman.conf.cdist
@@ -0,0 +1,6 @@
+#
+# cdist managed - do not change
+#
+Include = /etc/pacman.d/options
+Include = /etc/pacman.d/repo_*
+Include = /etc/pacman.d/plain_file_*
diff --git a/cdist/conf/type/__pacman_conf_integrate/files/pacman.conf.pacman b/cdist/conf/type/__pacman_conf_integrate/files/pacman.conf.pacman
new file mode 100644
index 00000000..f43fe397
--- /dev/null
+++ b/cdist/conf/type/__pacman_conf_integrate/files/pacman.conf.pacman
@@ -0,0 +1,99 @@
+#
+# /etc/pacman.conf
+#
+# See the pacman.conf(5) manpage for option and repository directives
+
+#
+# GENERAL OPTIONS
+#
+[options]
+# The following paths are commented out with their default values listed.
+# If you wish to use different paths, uncomment and update the paths.
+#RootDir = /
+#DBPath = /var/lib/pacman/
+#CacheDir = /var/cache/pacman/pkg/
+#LogFile = /var/log/pacman.log
+#GPGDir = /etc/pacman.d/gnupg/
+HoldPkg = pacman glibc
+#XferCommand = /usr/bin/curl -C - -f %u > %o
+#XferCommand = /usr/bin/wget --passive-ftp -c -O %o %u
+#CleanMethod = KeepInstalled
+#UseDelta = 0.7
+Architecture = auto
+
+# Pacman won't upgrade packages listed in IgnorePkg and members of IgnoreGroup
+#IgnorePkg =
+#IgnoreGroup =
+
+#NoUpgrade =
+#NoExtract =
+
+# Misc options
+#UseSyslog
+#Color
+#TotalDownload
+CheckSpace
+#VerbosePkgLists
+
+# By default, pacman accepts packages signed by keys that its local keyring
+# trusts (see pacman-key and its man page), as well as unsigned packages.
+SigLevel = Required DatabaseOptional
+LocalFileSigLevel = Optional
+#RemoteFileSigLevel = Required
+
+# NOTE: You must run `pacman-key --init` before first using pacman; the local
+# keyring can then be populated with the keys of all official Arch Linux
+# packagers with `pacman-key --populate archlinux`.
+
+#
+# REPOSITORIES
+# - can be defined here or included from another file
+# - pacman will search repositories in the order defined here
+# - local/custom mirrors can be added here or in separate files
+# - repositories listed first will take precedence when packages
+# have identical names, regardless of version number
+# - URLs will have $repo replaced by the name of the current repo
+# - URLs will have $arch replaced by the name of the architecture
+#
+# Repository entries are of the format:
+# [repo-name]
+# Server = ServerName
+# Include = IncludePath
+#
+# The header [repo-name] is crucial - it must be present and
+# uncommented to enable the repo.
+#
+
+# The testing repositories are disabled by default. To enable, uncomment the
+# repo name header and Include lines. You can add preferred servers immediately
+# after the header, and they will be used before the default mirrors.
+
+#[testing]
+#Include = /etc/pacman.d/mirrorlist
+
+[core]
+Include = /etc/pacman.d/mirrorlist
+
+[extra]
+Include = /etc/pacman.d/mirrorlist
+
+#[community-testing]
+#Include = /etc/pacman.d/mirrorlist
+
+[community]
+Include = /etc/pacman.d/mirrorlist
+
+# If you want to run 32 bit applications on your x86_64 system,
+# enable the multilib repositories as required here.
+
+#[multilib-testing]
+#Include = /etc/pacman.d/mirrorlist
+
+#[multilib]
+#Include = /etc/pacman.d/mirrorlist
+
+# An example of a custom package repository. See the pacman manpage for
+# tips on creating your own repositories.
+#[custom]
+#SigLevel = Optional TrustAll
+#Server = file:///home/custompkgs
diff --git a/cdist/conf/type/__pacman_conf_integrate/man.rst b/cdist/conf/type/__pacman_conf_integrate/man.rst
new file mode 100644
index 00000000..c21b56d8
--- /dev/null
+++ b/cdist/conf/type/__pacman_conf_integrate/man.rst
@@ -0,0 +1,51 @@
+cdist-type__pacman_conf_integrate(7)
+====================================
+
+NAME
+----
+cdist-type__pacman_conf_integrate - Integrate default pacman.conf to cdist conform and vice versa
+
+
+DESCRIPTION
+-----------
+The type allows you to convert the default pacman.conf to a cdist conform one and vice versa
+
+
+REQUIRED PARAMETERS
+-------------------
+None.
+
+OPTIONAL PARAMETERS
+-------------------
+state
+ 'present' or 'absent', defaults to 'present'
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Convert normal to cdist conform
+ __pacman_conf_integrate convert
+
+ # Convert cdist conform to normal
+ __pacman_conf_integrate convert --state absent
+
+
+SEE ALSO
+--------
+:strong:`grep`\ (1)
+
+
+AUTHORS
+-------
+Dominique Roux
+
+
+COPYING
+-------
+Copyright \(C) 2015 Dominique Roux. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__pacman_conf_integrate/manifest b/cdist/conf/type/__pacman_conf_integrate/manifest
new file mode 100755
index 00000000..0ce0bee5
--- /dev/null
+++ b/cdist/conf/type/__pacman_conf_integrate/manifest
@@ -0,0 +1,57 @@
+#!/bin/sh -e
+#
+# 2015 Dominique Roux (dominique.roux4 at gmail.com
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+state=$(cat "$__object/parameter/state" 2>/dev/null)
+
+if [ "${state}" = "present" ]; then
+ __file /etc/pacman.conf\
+ --owner root --group root --mode 644 --source "$__type/files/pacman.conf.cdist"
+
+ __file /etc/pacman.d/options\
+ --owner root --group root --mode 644 --source "$__type/files/options"
+
+ __file /etc/pacman.d/repo_empty_placeholder\
+ --owner root --group root --mode 644
+
+ __file /etc/pacman.d/plain_file_empty_placeholder\
+ --owner root --group root --mode 644
+
+elif [ "${state}" = "absent" ]; then
+
+ __file /etc/pacman.conf\
+ --owner root --group root --mode 644 --source "$__type/files/pacman.conf.pacman"
+
+ __file /etc/pacman.d/mirrorlist\
+ --owner root --group root --mode 644 --source "$__type/files/mirrorlist"
+
+ __file /etc/pacman.d/options\
+ --state absent
+
+ __file /etc/pacman.d/repo_empty_placeholder\
+ --state absent
+
+ __file /etc/pacman.d/plain_file_empty_placeholder\
+ --state absent
+
+else
+
+ echo "ERROR: Unknown state: ${state}" >&2
+
+fi
diff --git a/cdist/conf/type/__pacman_conf_integrate/parameter/default/state b/cdist/conf/type/__pacman_conf_integrate/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__pacman_conf_integrate/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__pacman_conf_integrate/parameter/optional b/cdist/conf/type/__pacman_conf_integrate/parameter/optional
new file mode 100644
index 00000000..ff72b5c7
--- /dev/null
+++ b/cdist/conf/type/__pacman_conf_integrate/parameter/optional
@@ -0,0 +1 @@
+state
diff --git a/cdist/conf/type/__pf_apply/explorer/rcvar b/cdist/conf/type/__pf_apply/explorer/rcvar
index 20e9dfcc..7c8d535f 100755
--- a/cdist/conf/type/__pf_apply/explorer/rcvar
+++ b/cdist/conf/type/__pf_apply/explorer/rcvar
@@ -29,7 +29,7 @@
RC="/etc/rc.conf"
PFCONF="$(grep '^pf_rules=' ${RC} | cut -d= -f2 | sed 's/"//g')"
-echo ${PFCONF:-"/etc/pf.conf"}
+echo "${PFCONF:-"/etc/pf.conf"}"
# Debug
#set +x
diff --git a/cdist/conf/type/__pf_apply/gencode-remote b/cdist/conf/type/__pf_apply/gencode-remote
index f7c889b4..c8f7a25a 100755
--- a/cdist/conf/type/__pf_apply/gencode-remote
+++ b/cdist/conf/type/__pf_apply/gencode-remote
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/sh -e
#
# 2012 Jake Guffey (jake.guffey at eprotex.com)
#
diff --git a/cdist/conf/type/__pf_apply/man.rst b/cdist/conf/type/__pf_apply/man.rst
new file mode 100644
index 00000000..eee345e7
--- /dev/null
+++ b/cdist/conf/type/__pf_apply/man.rst
@@ -0,0 +1,55 @@
+cdist-type__pf_apply(7)
+=======================
+
+NAME
+----
+cdist-type__pf_apply - Apply pf(4) ruleset on \*BSD
+
+
+DESCRIPTION
+-----------
+This type is used on \*BSD systems to manage the pf firewall's active ruleset.
+
+
+REQUIRED PARAMETERS
+-------------------
+NONE
+
+
+OPTIONAL PARAMETERS
+-------------------
+NONE
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Modify the ruleset on $__target_host:
+ __pf_ruleset --state present --source /my/pf/ruleset.conf
+ require="__pf_ruleset" \
+ __pf_apply
+
+ # Remove the ruleset on $__target_host (implies disabling pf(4):
+ __pf_ruleset --state absent
+ require="__pf_ruleset" \
+ __pf_apply
+
+
+SEE ALSO
+--------
+:strong:`pf`\ (4), :strong:`cdist-type__pf_ruleset`\ (7)
+
+
+AUTHORS
+-------
+Jake Guffey
+
+
+COPYING
+-------
+Copyright \(C) 2012 Jake Guffey. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__pf_apply/man.text b/cdist/conf/type/__pf_apply/man.text
deleted file mode 100644
index 2e0d7802..00000000
--- a/cdist/conf/type/__pf_apply/man.text
+++ /dev/null
@@ -1,52 +0,0 @@
-cdist-type__pf_apply(7)
-=======================
-Jake Guffey
-
-
-NAME
-----
-cdist-type__pf_apply - Apply pf(4) ruleset on *BSD
-
-
-DESCRIPTION
------------
-This type is used on *BSD systems to manage the pf firewall's active ruleset.
-
-
-REQUIRED PARAMETERS
--------------------
-NONE
-
-
-OPTIONAL PARAMETERS
--------------------
-NONE
-
-
-EXAMPLES
---------
-
---------------------------------------------------------------------------------
-# Modify the ruleset on $__target_host:
-__pf_ruleset --state present --source /my/pf/ruleset.conf
-require="__pf_ruleset" \
- __pf_apply
-
-# Remove the ruleset on $__target_host (implies disabling pf(4):
-__pf_ruleset --state absent
-require="__pf_ruleset" \
- __pf_apply
---------------------------------------------------------------------------------
-
-
-SEE ALSO
---------
-- cdist-type(7)
-- cdist-type__pf_ruleset(7)
-- pf(4)
-
-
-COPYING
--------
-Copyright \(C) 2012 Jake Guffey. Free use of this software is
-granted under the terms of the GNU General Public License version 3 (GPLv3).
diff --git a/cdist/conf/type/__pf_ruleset/explorer/cksum b/cdist/conf/type/__pf_ruleset/explorer/cksum
index f8679836..9be6c901 100755
--- a/cdist/conf/type/__pf_ruleset/explorer/cksum
+++ b/cdist/conf/type/__pf_ruleset/explorer/cksum
@@ -33,7 +33,7 @@ TMP="$(grep '^pf_rules=' ${RC} | cut -d= -f2 | sed 's/"//g')"
PFCONF="${TMP:-"/etc/pf.conf"}"
if [ -f "${PFCONF}" ]; then # The pf config file exists, find its cksum.
- cksum -o 1 ${PFCONF} | cut -d= -f2 | awk '{print $1}'
+ cksum -o 1 "${PFCONF}" | cut -d= -f2 | awk '{print $1}'
fi
# Debug
diff --git a/cdist/conf/type/__pf_ruleset/explorer/rcvar b/cdist/conf/type/__pf_ruleset/explorer/rcvar
index 20e9dfcc..7c8d535f 100755
--- a/cdist/conf/type/__pf_ruleset/explorer/rcvar
+++ b/cdist/conf/type/__pf_ruleset/explorer/rcvar
@@ -29,7 +29,7 @@
RC="/etc/rc.conf"
PFCONF="$(grep '^pf_rules=' ${RC} | cut -d= -f2 | sed 's/"//g')"
-echo ${PFCONF:-"/etc/pf.conf"}
+echo "${PFCONF:-"/etc/pf.conf"}"
# Debug
#set +x
diff --git a/cdist/conf/type/__pf_ruleset/gencode-local b/cdist/conf/type/__pf_ruleset/gencode-local
old mode 100644
new mode 100755
index c2495509..11bfb0b1
--- a/cdist/conf/type/__pf_ruleset/gencode-local
+++ b/cdist/conf/type/__pf_ruleset/gencode-local
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/sh -e
#
# 2012 Jake Guffey (jake.guffey at eprotex.com)
#
@@ -54,17 +54,25 @@ case $uname in
currentSum=\$(cksum -o 1 ${source} | cut -d= -f2 | sed 's/ //g')
;;
*)
- echo "Sorry, I do not know how to find a cksum on ${UNAME}." >&2
+ echo "Sorry, I do not know how to find a cksum on ${uname}." >&2
exit 1
;;
esac
+# IPv6 fix
+if $(echo "${__target_host}" | grep -q -E '^[0-9a-fA-F:]+$')
+then
+ my_target_host="[${__target_host}]"
+else
+ my_target_host="${__target_host}"
+fi
+
if [ -n "${cksum}" ]; then
if [ ! "\${currentSum}" = "${cksum}" ]; then
- $__remote_copy "${source}" "$__target_host:${rcvar}.new"
+ $__remote_copy "${source}" "\${my_target_host}:${rcvar}.new"
fi
else # File just doesn't exist yet
- $__remote_copy "${source}" "$__target_host:${rcvar}.new"
+ $__remote_copy "${source}" "\${my_target_host}:${rcvar}.new"
fi
EOF
diff --git a/cdist/conf/type/__pf_ruleset/gencode-remote b/cdist/conf/type/__pf_ruleset/gencode-remote
old mode 100644
new mode 100755
index 6e9030ea..12760fdf
--- a/cdist/conf/type/__pf_ruleset/gencode-remote
+++ b/cdist/conf/type/__pf_ruleset/gencode-remote
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/sh -e
#
# 2012 Jake Guffey (jake.guffey at eprotex.com)
#
diff --git a/cdist/conf/type/__pf_ruleset/man.rst b/cdist/conf/type/__pf_ruleset/man.rst
new file mode 100644
index 00000000..5719e94e
--- /dev/null
+++ b/cdist/conf/type/__pf_ruleset/man.rst
@@ -0,0 +1,55 @@
+cdist-type__pf_ruleset(7)
+=========================
+
+NAME
+----
+cdist-type__pf_ruleset - Copy a pf(4) ruleset to $__target_host
+
+
+DESCRIPTION
+-----------
+This type is used on \*BSD systems to manage the pf firewall's ruleset.
+
+
+REQUIRED PARAMETERS
+-------------------
+state
+ Either "absent" (no ruleset at all) or "present", defaults to "present".
+
+
+OPTIONAL PARAMETERS
+-------------------
+source
+ If supplied, use to define the ruleset to load onto the $__target_host for pf(4).
+ Note that this type is almost useless without a ruleset defined, but it's technically not
+ needed, e.g. for the case of disabling the firewall temporarily.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ # Remove the current ruleset in place
+ __pf_ruleset --state absent
+
+ # Enable the firewall with the ruleset defined in $__manifest/files/pf.conf
+ __pf_ruleset --state present --source $__manifest/files/pf.conf
+
+
+SEE ALSO
+--------
+:strong:`pf`\ (4)
+
+
+AUTHORS
+-------
+Jake Guffey
+
+
+COPYING
+-------
+Copyright \(C) 2012 Jake Guffey. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__pf_ruleset/man.text b/cdist/conf/type/__pf_ruleset/man.text
deleted file mode 100644
index 0dc07f71..00000000
--- a/cdist/conf/type/__pf_ruleset/man.text
+++ /dev/null
@@ -1,52 +0,0 @@
-cdist-type__pf_ruleset(7)
-=========================
-Jake Guffey
-
-
-NAME
-----
-cdist-type__pf_ruleset - Copy a pf(4) ruleset to $__target_host
-
-
-DESCRIPTION
------------
-This type is used on *BSD systems to manage the pf firewall's ruleset.
-
-
-REQUIRED PARAMETERS
--------------------
-state::
- Either "absent" (no ruleset at all) or "present"
-
-
-OPTIONAL PARAMETERS
--------------------
-source::
- If supplied, use to define the ruleset to load onto the $__target_host for pf(4).
- Note that this type is almost useless without a ruleset defined, but it's technically not
- needed, e.g. for the case of disabling the firewall temporarily.
-
-
-EXAMPLES
---------
-
---------------------------------------------------------------------------------
-# Remove the current ruleset in place
-__pf_ruleset --state absent
-
-# Enable the firewall with the ruleset defined in $__manifest/files/pf.conf
-__pf_ruleset --state present --source $__manifest/files/pf.conf
-
---------------------------------------------------------------------------------
-
-
-SEE ALSO
---------
-- cdist-type(7)
-- pf(4)
-
-
-COPYING
--------
-Copyright \(C) 2012 Jake Guffey. Free use of this software is
-granted under the terms of the GNU General Public License version 3 (GPLv3).
diff --git a/cdist/conf/type/__pf_ruleset/parameter/default/state b/cdist/conf/type/__pf_ruleset/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__pf_ruleset/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__pf_ruleset/parameter/optional b/cdist/conf/type/__pf_ruleset/parameter/optional
index 5a18cd2f..d77f3048 100644
--- a/cdist/conf/type/__pf_ruleset/parameter/optional
+++ b/cdist/conf/type/__pf_ruleset/parameter/optional
@@ -1 +1,2 @@
source
+state
diff --git a/cdist/conf/type/__ping/gencode-remote b/cdist/conf/type/__ping/gencode-remote
new file mode 100644
index 00000000..1341b954
--- /dev/null
+++ b/cdist/conf/type/__ping/gencode-remote
@@ -0,0 +1,12 @@
+#!/bin/sh -e
+#
+# Copyright (C) 2018 Olliver Schinagl
+#
+# SPDX-License-Identifier: GPL-3.0+
+#
+
+set -eu
+
+echo "echo 'pong'"
+
+exit 0
diff --git a/cdist/conf/type/__ping/man.rst b/cdist/conf/type/__ping/man.rst
new file mode 100644
index 00000000..e08643dc
--- /dev/null
+++ b/cdist/conf/type/__ping/man.rst
@@ -0,0 +1,43 @@
+cdist-type__ping(7)
+==================================
+
+NAME
+----
+cdist-type__ping - Try to connect to host and return 'pong' on success
+
+
+DESCRIPTION
+-----------
+A simple type which tries to connect to a remote host and runs a simple command
+to ensure everything is working.
+
+
+REQUIRED PARAMETERS
+-------------------
+None.
+
+
+OPTIONAL PARAMETERS
+-------------------
+None.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __ping
+
+
+AUTHORS
+-------
+Olliver Schinagl
+
+
+COPYING
+-------
+Copyright \(C) 2018 Schinagl. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__ping/singleton b/cdist/conf/type/__ping/singleton
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__postfix/man.rst b/cdist/conf/type/__postfix/man.rst
new file mode 100644
index 00000000..43b158e0
--- /dev/null
+++ b/cdist/conf/type/__postfix/man.rst
@@ -0,0 +1,42 @@
+cdist-type__postfix(7)
+======================
+
+NAME
+----
+cdist-type__postfix - Install postfix
+
+
+DESCRIPTION
+-----------
+This space intentionally left blank.
+
+
+REQUIRED PARAMETERS
+-------------------
+None.
+
+
+OPTIONAL PARAMETERS
+-------------------
+None.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __postfix
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2012 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__postfix/manifest b/cdist/conf/type/__postfix/manifest
new file mode 100755
index 00000000..f3616979
--- /dev/null
+++ b/cdist/conf/type/__postfix/manifest
@@ -0,0 +1,34 @@
+#!/bin/sh -e
+#
+# 2012-2014 Steven Armstrong (steven-cdist at armstrong.cc)
+# 2019 Nico Schottelius (nico-cdist at schottelius.org)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+
+os=$(cat "$__global/explorer/os")
+
+case "$os" in
+ alpine|ubuntu|debian|archlinux|suse|scientific|centos|devuan)
+ __package postfix --state present
+ ;;
+ *)
+ echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2
+ echo "Please contribute an implementation for it if you can." >&2
+ exit 1
+ ;;
+esac
diff --git a/cdist/conf/type/__postfix/singleton b/cdist/conf/type/__postfix/singleton
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__postfix_master/explorer/entry b/cdist/conf/type/__postfix_master/explorer/entry
new file mode 100755
index 00000000..9d6b1514
--- /dev/null
+++ b/cdist/conf/type/__postfix_master/explorer/entry
@@ -0,0 +1,39 @@
+#!/bin/sh
+#
+# 2011 - 2012 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+config="/etc/postfix/master.cf"
+
+# no master.cf, nothing we could do
+[ -f "$config" ] || exit 0
+
+# NOTE: keep variables in sync in manifest,explorer,gencode-*
+prefix="#cdist:$__object_name"
+suffix="#/cdist:$__object_name"
+awk -v prefix="$prefix" -v suffix="$suffix" '{
+ if (index($0,prefix)) {
+ triggered=1
+ }
+ if (triggered) {
+ if (index($0,suffix)) {
+ triggered=0
+ }
+ print
+ }
+}' "$config"
diff --git a/cdist/conf/type/__postfix_master/gencode-remote b/cdist/conf/type/__postfix_master/gencode-remote
new file mode 100755
index 00000000..7c109a69
--- /dev/null
+++ b/cdist/conf/type/__postfix_master/gencode-remote
@@ -0,0 +1,78 @@
+#!/bin/sh -e
+#
+# 2012 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+config="/etc/postfix/master.cf"
+entry="$__object/files/entry"
+state_should="$(cat "$__object/parameter/state")"
+if [ ! -s "$__object/explorer/entry" ]; then
+ state_is='absent'
+else
+ state_is=$(diff -q "$entry" "$__object/explorer/entry" >/dev/null \
+ && echo present \
+ || echo changed
+ )
+fi
+
+if [ "$state_should" = "$state_is" ]; then
+ # Nothing to do, move along
+ exit 0
+fi
+
+
+remove_entry() {
+ # NOTE: keep variables in sync in manifest/explorer/gencode-*
+ prefix="#cdist:$__object_name"
+ suffix="#/cdist:$__object_name"
+ cat << DONE
+tmpfile=\$(mktemp ${config}.cdist.XXXXXXXXXX)
+# preserve ownership and permissions of existing file
+cp -p "$config" "\$tmpfile"
+awk -v prefix="$prefix" -v suffix="$suffix" '
+{
+ if (index(\$0,prefix)) {
+ triggered=1
+ }
+ if (triggered) {
+ if (index(\$0,suffix)) {
+ triggered=0
+ }
+ } else {
+ print
+ }
+}' "$config" > "\$tmpfile"
+mv -f "\$tmpfile" "$config"
+DONE
+}
+
+case "$state_should" in
+ present)
+ if [ "$state_is" = "changed" ]; then
+ remove_entry
+ fi
+ cat << DONE
+cat >> "$config" << ${__type##*/}_DONE
+$(cat "$entry")
+${__type##*/}_DONE
+DONE
+ ;;
+ absent)
+ remove_entry
+ ;;
+esac
diff --git a/cdist/conf/type/__postfix_master/man.rst b/cdist/conf/type/__postfix_master/man.rst
new file mode 100644
index 00000000..07756f74
--- /dev/null
+++ b/cdist/conf/type/__postfix_master/man.rst
@@ -0,0 +1,84 @@
+cdist-type__postfix_master(7)
+=============================
+
+NAME
+----
+cdist-type__postfix_master - Configure postfix master.cf
+
+
+DESCRIPTION
+-----------
+See master(5) for more information.
+
+
+REQUIRED PARAMETERS
+-------------------
+type
+ See master(5)
+command
+ See master(5)
+
+
+BOOLEAN PARAMETERS
+------------------
+noreload
+ don't reload postfix after changes
+
+
+OPTIONAL PARAMETERS
+-------------------
+state
+ present or absent, defaults to present
+
+service
+
+private
+
+unpriv
+
+chroot
+
+wakeup
+
+maxproc
+
+option
+ Pass an option to a service. Same as using -o in master.cf.
+ Can be specified multiple times.
+
+comment
+ a textual comment to add with the master.cf entry
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __postfix_master smtp --type inet --command smtpd
+
+ __postfix_master smtp --type inet --chroot y --command smtpd \
+ --option smtpd_enforce_tls=yes \
+ --option smtpd_sasl_auth_enable=yes \
+ --option smtpd_client_restrictions=permit_sasl_authenticated,reject
+
+ __postfix_master submission --type inet --command smtpd \
+ --comment "Run alternative smtp on submission port"
+
+
+SEE ALSO
+--------
+:strong:`master`\ (5)
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2012 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__postfix_master/manifest b/cdist/conf/type/__postfix_master/manifest
new file mode 100755
index 00000000..0960ea41
--- /dev/null
+++ b/cdist/conf/type/__postfix_master/manifest
@@ -0,0 +1,80 @@
+#!/bin/sh -e
+#
+# 2012-2014 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+
+os=$(cat "$__global/explorer/os")
+
+case "$os" in
+ ubuntu|debian|archlinux|scientific|centos|devuan)
+ :
+ ;;
+ *)
+ echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2
+ echo "Please contribute an implementation for it if you can." >&2
+ exit 1
+ ;;
+esac
+
+__postfix
+
+# Default to object_id
+service="$(cat "$__object/parameter/service" 2>/dev/null || echo "$__object_id")"
+
+# NOTE: keep variables in sync in manifest,explorer,gencode-*
+prefix="#cdist:$__object_name"
+suffix="#/cdist:$__object_name"
+
+# Generate entry for inclusion in master.cf
+mkdir "$__object/files"
+entry="$__object/files/entry"
+(
+ echo "$prefix"
+ if [ -f "$__object/parameter/comment" ]; then
+ echo "# $(cat "$__object/parameter/comment")"
+ fi
+ printf "%s " "$service"
+ for parameter in type private unpriv chroot wakeup maxproc; do
+ printf "%s " "$(cat "$__object/parameter/$parameter")"
+ done
+ command="$(cat "$__object/parameter/command")"
+ # ensure we have a trailing newline
+ echo "$command"
+ options="$(cat "$__object/parameter/option" 2>/dev/null || true)"
+ for option in $options; do
+ echo " -o $option"
+ done
+ echo "$suffix"
+) > "$entry"
+
+# Reload postfix after changes
+if [ ! -f "$__object/parameter/noreload" ]; then
+ state_should="$(cat "$__object/parameter/state")"
+ if [ ! -s "$__object/explorer/entry" ]; then
+ state_is='absent'
+ else
+ state_is=$(diff -q "$entry" "$__object/explorer/entry" >/dev/null \
+ && echo present \
+ || echo changed
+ )
+ fi
+ if [ "$state_is" != "$state_should" ]; then
+ require="$__object_name" __postfix_reload
+ fi
+fi
diff --git a/cdist/conf/type/__postfix_master/parameter/boolean b/cdist/conf/type/__postfix_master/parameter/boolean
new file mode 100644
index 00000000..862edc87
--- /dev/null
+++ b/cdist/conf/type/__postfix_master/parameter/boolean
@@ -0,0 +1 @@
+noreload
diff --git a/cdist/conf/type/__postfix_master/parameter/default/chroot b/cdist/conf/type/__postfix_master/parameter/default/chroot
new file mode 100644
index 00000000..39cdd0de
--- /dev/null
+++ b/cdist/conf/type/__postfix_master/parameter/default/chroot
@@ -0,0 +1 @@
+-
diff --git a/cdist/conf/type/__postfix_master/parameter/default/maxproc b/cdist/conf/type/__postfix_master/parameter/default/maxproc
new file mode 100644
index 00000000..39cdd0de
--- /dev/null
+++ b/cdist/conf/type/__postfix_master/parameter/default/maxproc
@@ -0,0 +1 @@
+-
diff --git a/cdist/conf/type/__postfix_master/parameter/default/private b/cdist/conf/type/__postfix_master/parameter/default/private
new file mode 100644
index 00000000..39cdd0de
--- /dev/null
+++ b/cdist/conf/type/__postfix_master/parameter/default/private
@@ -0,0 +1 @@
+-
diff --git a/cdist/conf/type/__postfix_master/parameter/default/state b/cdist/conf/type/__postfix_master/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__postfix_master/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__postfix_master/parameter/default/unpriv b/cdist/conf/type/__postfix_master/parameter/default/unpriv
new file mode 100644
index 00000000..39cdd0de
--- /dev/null
+++ b/cdist/conf/type/__postfix_master/parameter/default/unpriv
@@ -0,0 +1 @@
+-
diff --git a/cdist/conf/type/__postfix_master/parameter/default/wakeup b/cdist/conf/type/__postfix_master/parameter/default/wakeup
new file mode 100644
index 00000000..39cdd0de
--- /dev/null
+++ b/cdist/conf/type/__postfix_master/parameter/default/wakeup
@@ -0,0 +1 @@
+-
diff --git a/cdist/conf/type/__postfix_master/parameter/optional b/cdist/conf/type/__postfix_master/parameter/optional
new file mode 100644
index 00000000..792b42c5
--- /dev/null
+++ b/cdist/conf/type/__postfix_master/parameter/optional
@@ -0,0 +1,9 @@
+service
+private
+unpriv
+chroot
+wakeup
+maxproc
+option
+comment
+state
diff --git a/cdist/conf/type/__postfix_master/parameter/required b/cdist/conf/type/__postfix_master/parameter/required
new file mode 100644
index 00000000..24c14146
--- /dev/null
+++ b/cdist/conf/type/__postfix_master/parameter/required
@@ -0,0 +1,2 @@
+type
+command
diff --git a/cdist/conf/type/__postfix_postconf/explorer/value b/cdist/conf/type/__postfix_postconf/explorer/value
new file mode 100755
index 00000000..67dacad8
--- /dev/null
+++ b/cdist/conf/type/__postfix_postconf/explorer/value
@@ -0,0 +1,37 @@
+#!/bin/sh
+#
+# 2012-2014 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+
+os=$("$__explorer/os")
+
+case "$os" in
+ alpine|ubuntu|debian|archlinux|suse|scientific|centos|devuan)
+ :
+ ;;
+ *)
+ echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2
+ echo "Please contribute an implementation for it if you can." >&2
+ exit 1
+ ;;
+esac
+
+key="$(cat "$__object/parameter/key" 2>/dev/null || echo "$__object_id")"
+
+postconf -h "$key"
diff --git a/cdist/conf/type/__postfix_postconf/gencode-remote b/cdist/conf/type/__postfix_postconf/gencode-remote
new file mode 100755
index 00000000..279dddd4
--- /dev/null
+++ b/cdist/conf/type/__postfix_postconf/gencode-remote
@@ -0,0 +1,61 @@
+#!/bin/sh -e
+#
+# 2012-2014 Steven Armstrong (steven-cdist at armstrong.cc)
+# 2019 Nico Schottelius (nico-cdist at schottelius.org)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+os=$(cat "$__global/explorer/os")
+
+case "$os" in
+ alpine|archlinux|centos|debian|devuan|suse|scientific|ubuntu)
+ :
+ ;;
+ *)
+ echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2
+ echo "Please contribute an implementation for it if you can." >&2
+ exit 1
+ ;;
+esac
+
+state_should="$(cat "$__object/parameter/state")"
+if [ ! -s "$__object/explorer/value" ]; then
+ state_is='absent'
+else
+ state_is=$(diff -q "$__object/parameter/value" "$__object/explorer/value" >/dev/null \
+ && echo present \
+ || echo changed
+ )
+fi
+
+if [ "$state_should" = "$state_is" ]; then
+ # Nothing to do, move along
+ exit 0
+fi
+
+key="$(cat "$__object/parameter/key" 2>/dev/null || echo "$__object_id")"
+value="$(cat "$__object/parameter/value")"
+
+case "$state_should" in
+ absent)
+ # revert parameter to its default value
+ echo "postconf -# $key"
+ ;;
+ present)
+ echo "postconf -e '$key=$value'"
+ ;;
+esac
diff --git a/cdist/conf/type/__postfix_postconf/man.rst b/cdist/conf/type/__postfix_postconf/man.rst
new file mode 100644
index 00000000..3222d4a7
--- /dev/null
+++ b/cdist/conf/type/__postfix_postconf/man.rst
@@ -0,0 +1,54 @@
+cdist-type__postfix_postconf(7)
+===============================
+
+NAME
+----
+cdist-type__postfix_postconf - Configure postfix main.cf
+
+
+DESCRIPTION
+-----------
+See postconf(5) for possible keys and values.
+
+Note that this type directly runs the postconf executable.
+It does not make changes to /etc/postfix/main.cf itself.
+
+
+REQUIRED PARAMETERS
+-------------------
+value
+ the value for the postfix parameter
+
+
+OPTIONAL PARAMETERS
+-------------------
+key
+ the name of the parameter. Defaults to __object_id
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __postfix_postconf mydomain --value somedomain.com
+
+ __postfix_postconf bind-to-special-ip --key smtp_bind_address --value 127.0.0.5
+
+
+SEE ALSO
+--------
+:strong:`postconf`\ (5)
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2012 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__postfix_postconf/manifest b/cdist/conf/type/__postfix_postconf/manifest
new file mode 100755
index 00000000..a82e13d7
--- /dev/null
+++ b/cdist/conf/type/__postfix_postconf/manifest
@@ -0,0 +1,21 @@
+#!/bin/sh -e
+#
+# 2012-2014 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+__postfix
diff --git a/cdist/conf/type/__postfix_postconf/parameter/default/state b/cdist/conf/type/__postfix_postconf/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__postfix_postconf/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__postfix_postconf/parameter/optional b/cdist/conf/type/__postfix_postconf/parameter/optional
new file mode 100644
index 00000000..6ada755a
--- /dev/null
+++ b/cdist/conf/type/__postfix_postconf/parameter/optional
@@ -0,0 +1,2 @@
+key
+state
diff --git a/cdist/conf/type/__postfix_postconf/parameter/required b/cdist/conf/type/__postfix_postconf/parameter/required
new file mode 100644
index 00000000..6d4e1507
--- /dev/null
+++ b/cdist/conf/type/__postfix_postconf/parameter/required
@@ -0,0 +1 @@
+value
diff --git a/cdist/conf/type/__postfix_postmap/gencode-remote b/cdist/conf/type/__postfix_postmap/gencode-remote
new file mode 100755
index 00000000..edb7711f
--- /dev/null
+++ b/cdist/conf/type/__postfix_postmap/gencode-remote
@@ -0,0 +1,21 @@
+#!/bin/sh -e
+#
+# 2012 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+echo "postmap /$__object_id"
diff --git a/cdist/conf/type/__postfix_postmap/man.rst b/cdist/conf/type/__postfix_postmap/man.rst
new file mode 100644
index 00000000..2a82b44a
--- /dev/null
+++ b/cdist/conf/type/__postfix_postmap/man.rst
@@ -0,0 +1,42 @@
+cdist-type__postfix_postmap(7)
+==============================
+
+NAME
+----
+cdist-type__postfix_postmap - Run postmap on the given file
+
+
+DESCRIPTION
+-----------
+This space intentionally left blank.
+
+
+REQUIRED PARAMETERS
+-------------------
+None.
+
+
+OPTIONAL PARAMETERS
+-------------------
+None.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __postfix_postmap /etc/postfix/generic
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2012 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__postfix_postmap/manifest b/cdist/conf/type/__postfix_postmap/manifest
new file mode 100755
index 00000000..a82e13d7
--- /dev/null
+++ b/cdist/conf/type/__postfix_postmap/manifest
@@ -0,0 +1,21 @@
+#!/bin/sh -e
+#
+# 2012-2014 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+__postfix
diff --git a/cdist/conf/type/__postfix_reload/gencode-remote b/cdist/conf/type/__postfix_reload/gencode-remote
new file mode 100755
index 00000000..7720dc49
--- /dev/null
+++ b/cdist/conf/type/__postfix_reload/gencode-remote
@@ -0,0 +1,33 @@
+#!/bin/sh -e
+#
+# 2012-2014 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+
+os=$(cat "$__global/explorer/os")
+
+case "$os" in
+ ubuntu|debian|archlinux|scientific|centos|devuan)
+ echo "postfix reload"
+ ;;
+ *)
+ echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2
+ echo "Please contribute an implementation for it if you can." >&2
+ exit 1
+ ;;
+esac
diff --git a/cdist/conf/type/__postfix_reload/man.rst b/cdist/conf/type/__postfix_reload/man.rst
new file mode 100644
index 00000000..944e22fa
--- /dev/null
+++ b/cdist/conf/type/__postfix_reload/man.rst
@@ -0,0 +1,42 @@
+cdist-type__postfix_reload(7)
+=============================
+
+NAME
+----
+cdist-type__postfix_reload - Tell postfix to reload its configuration
+
+
+DESCRIPTION
+-----------
+This space intentionally left blank.
+
+
+REQUIRED PARAMETERS
+-------------------
+None.
+
+
+OPTIONAL PARAMETERS
+-------------------
+None.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __postfix_reload
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2012 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__postfix_reload/manifest b/cdist/conf/type/__postfix_reload/manifest
new file mode 100755
index 00000000..a82e13d7
--- /dev/null
+++ b/cdist/conf/type/__postfix_reload/manifest
@@ -0,0 +1,21 @@
+#!/bin/sh -e
+#
+# 2012-2014 Steven Armstrong (steven-cdist at armstrong.cc)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+
+__postfix
diff --git a/cdist/conf/type/__postfix_reload/singleton b/cdist/conf/type/__postfix_reload/singleton
new file mode 100644
index 00000000..e69de29b
diff --git a/cdist/conf/type/__postgres_database/explorer/state b/cdist/conf/type/__postgres_database/explorer/state
index dc9659e2..d68d4120 100755
--- a/cdist/conf/type/__postgres_database/explorer/state
+++ b/cdist/conf/type/__postgres_database/explorer/state
@@ -18,10 +18,25 @@
# along with cdist. If not, see .
#
+case "$("${__explorer}/os")"
+in
+ netbsd)
+ postgres_user='pgsql'
+ ;;
+ openbsd)
+ postgres_user='_postgresql'
+ ;;
+ *)
+ postgres_user='postgres'
+ ;;
+esac
+
+
name="$__object_id"
-if su - postgres -c "echo '\q' | psql '$name'" 2>/dev/null; then
- echo "present"
+if test -n "$(su - "$postgres_user" -c "psql postgres -twAc \"SELECT 1 FROM pg_database WHERE datname='$name'\"")"
+then
+ echo 'present'
else
- echo "absent"
+ echo 'absent'
fi
diff --git a/cdist/conf/type/__postgres_database/gencode-remote b/cdist/conf/type/__postgres_database/gencode-remote
index c097efce..61cfa50d 100755
--- a/cdist/conf/type/__postgres_database/gencode-remote
+++ b/cdist/conf/type/__postgres_database/gencode-remote
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/sh -e
#
# 2011 Steven Armstrong (steven-cdist at armstrong.cc)
#
@@ -18,6 +18,20 @@
# along with cdist. If not, see .
#
+case "$(cat "${__global}/explorer/os")"
+in
+ netbsd)
+ postgres_user='pgsql'
+ ;;
+ openbsd)
+ postgres_user='_postgresql'
+ ;;
+ *)
+ postgres_user='postgres'
+ ;;
+esac
+
+
name="$__object_id"
state_should="$(cat "$__object/parameter/state")"
state_is="$(cat "$__object/explorer/state")"
@@ -29,10 +43,10 @@ if [ "$state_should" != "$state_is" ]; then
if [ -f "$__object/parameter/owner" ]; then
owner="-O '$(cat "$__object/parameter/owner")'"
fi
- echo "su - postgres -c \"createdb $owner '$name'\""
+ echo "su - '$postgres_user' -c \"createdb $owner '$name'\""
;;
absent)
- echo "su - postgres -c \"dropdb '$name'\""
+ echo "su - '$postgres_user' -c \"dropdb '$name'\""
;;
esac
fi
diff --git a/cdist/conf/type/__postgres_database/man.rst b/cdist/conf/type/__postgres_database/man.rst
new file mode 100644
index 00000000..acceec9b
--- /dev/null
+++ b/cdist/conf/type/__postgres_database/man.rst
@@ -0,0 +1,46 @@
+cdist-type__postgres_database(7)
+================================
+
+NAME
+----
+cdist-type__postgres_database - Create/drop postgres databases
+
+
+DESCRIPTION
+-----------
+This cdist type allows you to create or drop postgres databases.
+
+
+OPTIONAL PARAMETERS
+-------------------
+state
+ either 'present' or 'absent', defaults to 'present'.
+
+owner
+ the role owning this database
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+ __postgres_database mydbname --owner mydbusername
+
+
+SEE ALSO
+--------
+:strong:`cdist-type__postgres_role`\ (7)
+
+
+AUTHORS
+-------
+Steven Armstrong
+
+
+COPYING
+-------
+Copyright \(C) 2011 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__postgres_database/man.text b/cdist/conf/type/__postgres_database/man.text
deleted file mode 100644
index d01ca8f6..00000000
--- a/cdist/conf/type/__postgres_database/man.text
+++ /dev/null
@@ -1,45 +0,0 @@
-cdist-type__postgres_database(7)
-================================
-Steven Armstrong
-
-
-NAME
-----
-cdist-type__postgres_database - create/drop postgres databases
-
-
-DESCRIPTION
------------
-This cdist type allows you to create or drop postgres databases.
-
-
-REQUIRED PARAMETERS
--------------------
-state::
- either 'present' or 'absent'
-
-
-OPTIONAL PARAMETERS
--------------------
-owner::
- the role owning this database
-
-
-EXAMPLES
---------
-
---------------------------------------------------------------------------------
-__postgres_database mydbname --state present --owner mydbusername
---------------------------------------------------------------------------------
-
-
-SEE ALSO
---------
-- cdist-type(7)
-- cdist-type__postgres_role(7)
-
-
-COPYING
--------
-Copyright \(C) 2011 Steven Armstrong. Free use of this software is
-granted under the terms of the GNU General Public License version 3 (GPLv3).
diff --git a/cdist/conf/type/__postgres_database/parameter/default/state b/cdist/conf/type/__postgres_database/parameter/default/state
new file mode 100644
index 00000000..e7f6134f
--- /dev/null
+++ b/cdist/conf/type/__postgres_database/parameter/default/state
@@ -0,0 +1 @@
+present
diff --git a/cdist/conf/type/__postgres_database/parameter/optional b/cdist/conf/type/__postgres_database/parameter/optional
index 7ee3bde8..d86b6469 100644
--- a/cdist/conf/type/__postgres_database/parameter/optional
+++ b/cdist/conf/type/__postgres_database/parameter/optional
@@ -1 +1,2 @@
+state
owner
diff --git a/cdist/conf/type/__postgres_extension/gencode-remote b/cdist/conf/type/__postgres_extension/gencode-remote
new file mode 100755
index 00000000..af9c97f1
--- /dev/null
+++ b/cdist/conf/type/__postgres_extension/gencode-remote
@@ -0,0 +1,53 @@
+#!/bin/sh -e
+#
+# 2011 Steven Armstrong (steven-cdist at armstrong.cc)
+# 2013 Tomas Pospisek (tpo_deb at sourcepole.ch)
+#
+# This type was created by Tomas Pospisek based on the
+#__postgres_role type by Steven Armstrong
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see