Compare commits
120 commits
monitoring
...
master
Author | SHA1 | Date | |
---|---|---|---|
|
0bc00477ae | ||
|
6c67d7194a | ||
d10dfa7807 | |||
|
c1633d9301 | ||
|
a45e306123 | ||
|
f18bdd1fad | ||
|
a885082534 | ||
|
88947d45b3 | ||
|
8b0686766a | ||
|
7a17630c2d | ||
|
7b8f1f09d9 | ||
|
5fcd4bc09f | ||
|
fbe9fc4204 | ||
|
c939bd6bf6 | ||
|
5eb9fec550 | ||
|
66c85230a0 | ||
|
b9571a2bbd | ||
|
39b320a19a | ||
fe23355bfc | |||
|
0ec52fd1bd | ||
|
cbae534af5 | ||
|
f276813f7f | ||
|
e7279680ed | ||
|
6eec5f87a4 | ||
|
00852cb17d | ||
2a4efb84c5 | |||
|
b65ceba569 | ||
|
d4313c7501 | ||
|
629d443f5a | ||
|
c3b066c147 | ||
|
50a3130b0a | ||
|
32c15f2ecb | ||
|
ecc77e55ed | ||
|
f6a45808f9 | ||
|
2d0af7b7cc | ||
|
fc28f58c77 | ||
|
9f1ec6f89e | ||
|
076133028f | ||
|
689b5a2992 | ||
|
778cd4ff0e | ||
|
6214408f2a | ||
1dae7cf9c9 | |||
|
f5c725a57f | ||
|
3c86c175aa | ||
df3092d4b4 | |||
|
e462821e46 | ||
|
9567826dc1 | ||
|
58eb474b01 | ||
|
365974c447 | ||
|
2bc26e398c | ||
|
9edf5e8fe0 | ||
|
8b0734f719 | ||
|
3bbb7b02d2 | ||
|
00dd16d7c3 | ||
|
cee553a6dd | ||
|
30c7d153e8 | ||
|
f782a85470 | ||
|
d11b191547 | ||
|
e64d1710b5 | ||
|
522100b9fb | ||
|
c3af8a0cc0 | ||
fa9a90677f | |||
|
b6898b097f | ||
0bdc62482a | |||
e9289abfab | |||
48ed7f1754 | |||
f35a1b9cdf | |||
7d235fb013 | |||
|
d1f4657ed9 | ||
|
be756f2189 | ||
2abc34f922 | |||
0c7d98e89e | |||
|
6d2e81d0dc | ||
|
c11e757dfa | ||
|
e1c08c25b5 | ||
|
064e992a7a | ||
|
da1d70e16a | ||
|
6e1a105c22 | ||
|
cbb108d61c | ||
|
3e7cf68de5 | ||
|
74568e8a0a | ||
|
7bf203509b | ||
|
77210c349e | ||
|
d43eb5b22f | ||
|
9a6ca1a343 | ||
|
1bab641c94 | ||
|
56c654808d | ||
|
4c21781c4b | ||
a0c1d0d8b9 | |||
d106632b2f | |||
|
69170b20f6 | ||
|
f5342e9a35 | ||
1c3379fe50 | |||
|
2eebc300cf | ||
|
9e9c3982a8 | ||
a432d6a51e | |||
|
644768cc02 | ||
|
ee440ec619 | ||
|
b039e4b1b4 | ||
9a172b62cb | |||
|
81ba849af8 | ||
|
fba14496e7 | ||
|
abc765bd99 | ||
|
2804a8bae6 | ||
|
3c9eb7bce7 | ||
|
bf400928e2 | ||
4345afc8d8 | |||
b754ae576c | |||
|
55f8036377 | ||
|
f57ce648a3 | ||
|
7981f81dcd | ||
69e5e538ac | |||
b57482d387 | |||
b7426b30e7 | |||
65f9161352 | |||
|
259aa13b6a | ||
|
bad3a4a4cb | ||
|
95ab68a272 | ||
|
092dd19611 | ||
|
2d751443a4 |
70 changed files with 1514 additions and 158 deletions
2
.gitignore
vendored
2
.gitignore
vendored
|
@ -34,7 +34,7 @@ cdist/inventory/
|
|||
# Python: cache, distutils, distribution in general
|
||||
__pycache__/
|
||||
*.pyc
|
||||
MANIFEST
|
||||
/MANIFEST
|
||||
dist/
|
||||
cdist/version.py
|
||||
cdist.egg-info/
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# 2010-2014 Nico Schottelius (nico-cdist at schottelius.org)
|
||||
# 2012 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||
# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
|
@ -19,7 +18,12 @@
|
|||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
#
|
||||
# Retrieve the running hostname
|
||||
#
|
||||
|
||||
if command -v uname >/dev/null; then
|
||||
if command -v hostname >/dev/null
|
||||
then
|
||||
hostname
|
||||
else
|
||||
uname -n
|
||||
fi
|
||||
|
|
|
@ -21,10 +21,8 @@
|
|||
if command -v ip >/dev/null
|
||||
then
|
||||
ip -o link show | sed -n 's/^[0-9]\+: \(.\+\): <.*/\1/p'
|
||||
|
||||
elif command -v ifconfig >/dev/null
|
||||
then
|
||||
ifconfig -a \
|
||||
| sed -n -E 's/^(.*)(:[[:space:]]*flags=|Link encap).*/\1/p' \
|
||||
ifconfig -a | sed -n -E 's/^(.*)(:[[:space:]]*flags=|Link encap).*/\1/p'
|
||||
fi \
|
||||
| sort -u
|
||||
fi
|
||||
|
|
|
@ -145,7 +145,7 @@ esac
|
|||
if [ -f /etc/os-release ]; then
|
||||
# already lowercase, according to:
|
||||
# https://www.freedesktop.org/software/systemd/man/os-release.html
|
||||
awk -F= '/^ID=/ {print $2;}' /etc/os-release
|
||||
awk -F= '/^ID=/ { if ($2 ~ /^'"'"'(.*)'"'"'$/ || $2 ~ /^"(.*)"$/) { print substr($2, 2, length($2) - 2) } else { print $2 } }' /etc/os-release
|
||||
exit 0
|
||||
fi
|
||||
|
||||
|
|
|
@ -35,7 +35,8 @@ owner=$(cat "$__object/parameter/owner")
|
|||
group=$(cat "$__object/parameter/group")
|
||||
mode=$(cat "$__object/parameter/mode")
|
||||
|
||||
[ -f "$__object/parameter/recursive" ] && recursive='--recursive' || recursive=''
|
||||
[ -f "$__object/parameter/recursive" ] && recursive='--recurse-submodules' || recursive=''
|
||||
[ -f "$__object/parameter/shallow" ] && shallow='--depth 1 --shallow-submodules' || shallow=''
|
||||
|
||||
[ "$state_should" = "$state_is" ] \
|
||||
&& [ "$owner" = "$owner_is" ] \
|
||||
|
@ -45,7 +46,7 @@ mode=$(cat "$__object/parameter/mode")
|
|||
case $state_should in
|
||||
present)
|
||||
if [ "$state_should" != "$state_is" ]; then
|
||||
echo git clone --quiet "$recursive" --branch "$branch" "$source" "$destination"
|
||||
echo git clone --quiet "$recursive" "$shallow" --branch "$branch" "$source" "$destination"
|
||||
fi
|
||||
if { [ -n "$owner" ] && [ "$owner_is" != "$owner" ]; } || \
|
||||
{ [ -n "$group" ] && [ "$group_is" != "$group" ]; }; then
|
||||
|
|
|
@ -36,7 +36,11 @@ owner
|
|||
User to chown to.
|
||||
|
||||
recursive
|
||||
Passes the --recursive flag to git when cloning the repository.
|
||||
Passes the --recurse-submodules flag to git when cloning the repository.
|
||||
|
||||
shallow
|
||||
Sets --depth=1 and --shallow-submodules for cloning repositories with big history.
|
||||
|
||||
|
||||
EXAMPLES
|
||||
--------
|
||||
|
|
|
@ -1 +1,2 @@
|
|||
recursive
|
||||
shallow
|
||||
|
|
|
@ -15,6 +15,10 @@ case $os in
|
|||
# Differntation not needed anymore
|
||||
apt_source_distribution=stable
|
||||
;;
|
||||
10*)
|
||||
# Differntation not needed anymore
|
||||
apt_source_distribution=stable
|
||||
;;
|
||||
*)
|
||||
echo "Don't know how to install Grafana on $os $os_version. Send us a pull request!" >&2
|
||||
exit 1
|
||||
|
@ -29,10 +33,9 @@ case $os in
|
|||
--uri https://packages.grafana.com/oss/deb \
|
||||
--distribution $apt_source_distribution \
|
||||
--component main
|
||||
|
||||
__package apt-transport-https
|
||||
|
||||
require="$require __apt_source/grafana __package/apt-transport-https" __package grafana
|
||||
require="$require __apt_source/grafana" __apt_update_index
|
||||
require="$require __package/apt-transport-https __apt_update_index" __package grafana
|
||||
require="$require __package/grafana" __start_on_boot grafana-server
|
||||
require="$require __start_on_boot/grafana-server" __process grafana-server --start "service grafana-server start"
|
||||
;;
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# 2011-2015 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||
# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
|
@ -21,7 +22,21 @@
|
|||
# Get an existing groups group entry.
|
||||
#
|
||||
|
||||
not_supported() {
|
||||
echo "Your operating system ($("$__explorer/os")) is currently not supported." >&2
|
||||
echo "Cannot extract group information." >&2
|
||||
echo "Please contribute an implementation for it if you can." >&2
|
||||
exit 1
|
||||
}
|
||||
|
||||
name=$__object_id
|
||||
|
||||
if command -v getent >/dev/null
|
||||
then
|
||||
getent group "$name" || true
|
||||
|
||||
elif [ -f /etc/group ]
|
||||
then
|
||||
grep "^${name}:" /etc/group || true
|
||||
else
|
||||
not_supported
|
||||
fi
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# 2011-2015 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||
# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
|
@ -22,13 +23,28 @@
|
|||
#
|
||||
|
||||
name=$__object_id
|
||||
os="$("$__explorer/os")"
|
||||
os=$("$__explorer/os")
|
||||
|
||||
case "$os" in
|
||||
not_supported() {
|
||||
echo "Your operating system ($os) is currently not supported." >&2
|
||||
echo "Cannot extract group information." >&2
|
||||
echo "Please contribute an implementation for it if you can." >&2
|
||||
exit 1
|
||||
}
|
||||
|
||||
case $os in
|
||||
"freebsd"|"netbsd")
|
||||
echo "$os does not have getent gshadow"
|
||||
echo "$os does not have getent gshadow" >&2
|
||||
exit 0
|
||||
;;
|
||||
esac
|
||||
|
||||
if command -v getent >/dev/null
|
||||
then
|
||||
getent gshadow "$name" || true
|
||||
elif [ -f /etc/gshadow ]
|
||||
then
|
||||
grep "^${name}:" /etc/gshadow || true
|
||||
else
|
||||
not_supported
|
||||
fi
|
||||
|
|
|
@ -21,4 +21,4 @@
|
|||
# Check whether system has hostnamectl
|
||||
#
|
||||
|
||||
command -v hostnamectl || true
|
||||
command -v hostnamectl 2>/dev/null || true
|
||||
|
|
10
cdist/conf/type/__hostname/explorer/max_len
Normal file
10
cdist/conf/type/__hostname/explorer/max_len
Normal file
|
@ -0,0 +1,10 @@
|
|||
#!/bin/sh -e
|
||||
|
||||
command -v getconf >/dev/null || exit 0
|
||||
|
||||
val=$(getconf HOST_NAME_MAX 2>/dev/null) || exit 0
|
||||
|
||||
if test -n "${val}" -a "${val}" != 'undefined'
|
||||
then
|
||||
echo "${val}"
|
||||
fi
|
|
@ -2,6 +2,7 @@
|
|||
#
|
||||
# 2014-2017 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||
# 2014 Nico Schottelius (nico-cdist at schottelius.org)
|
||||
# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
|
@ -19,60 +20,81 @@
|
|||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
if [ -f "$__object/parameter/name" ]; then
|
||||
name_should="$(cat "$__object/parameter/name")"
|
||||
else
|
||||
name_should="${__target_host%%.*}"
|
||||
fi
|
||||
|
||||
os=$(cat "$__global/explorer/os")
|
||||
name_running=$(cat "$__global/explorer/hostname")
|
||||
name_config=$(cat "$__object/explorer/hostname_file")
|
||||
name_sysconfig=$(cat "$__object/explorer/hostname_sysconfig")
|
||||
has_hostnamectl=$(cat "$__object/explorer/has_hostnamectl")
|
||||
|
||||
################################################################################
|
||||
# If everything is ok -> exit
|
||||
#
|
||||
case "$os" in
|
||||
archlinux|debian|suse|ubuntu|devuan|coreos|alpine)
|
||||
if [ "$name_config" = "$name_should" ] && [ "$name_running" = "$name_should" ]; then
|
||||
exit 0
|
||||
fi
|
||||
;;
|
||||
scientific|centos|freebsd|openbsd)
|
||||
if [ "$name_sysconfig" = "$name_should" ] && [ "$name_running" = "$name_should" ]; then
|
||||
exit 0
|
||||
fi
|
||||
|
||||
if test -s "$__object/parameter/name"
|
||||
then
|
||||
name_should=$(cat "$__object/parameter/name")
|
||||
else
|
||||
case $os
|
||||
in
|
||||
# RedHat-derivatives and BSDs
|
||||
centos|fedora|redhat|scientific|freebsd|macosx|netbsd|openbsd)
|
||||
# Hostname is FQDN
|
||||
name_should="${__target_host}"
|
||||
;;
|
||||
*)
|
||||
echo "Unsupported os: $os" >&2
|
||||
exit 1
|
||||
# Hostname is only first component of FQDN
|
||||
name_should="${__target_host%%.*}"
|
||||
;;
|
||||
esac
|
||||
fi
|
||||
|
||||
|
||||
################################################################################
|
||||
# Check if the (running) hostname is already correct
|
||||
#
|
||||
test "$name_running" != "$name_should" || exit 0
|
||||
|
||||
|
||||
################################################################################
|
||||
# Setup hostname
|
||||
#
|
||||
echo changed >> "$__messages_out"
|
||||
echo 'changed' >>"$__messages_out"
|
||||
|
||||
# Use the good old way to set the hostname even on machines running systemd.
|
||||
case "$os" in
|
||||
archlinux|debian|ubuntu|devuan|centos|coreos|alpine)
|
||||
printf "printf '%%s\\\\n' '$name_should' > /etc/hostname\\n"
|
||||
echo "hostname -F /etc/hostname"
|
||||
# Use the good old way to set the hostname.
|
||||
case $os
|
||||
in
|
||||
alpine|debian|devuan|ubuntu)
|
||||
echo 'hostname -F /etc/hostname'
|
||||
;;
|
||||
freebsd|openbsd)
|
||||
archlinux)
|
||||
echo 'command -v hostnamectl >/dev/null 2>&1' \
|
||||
"&& hostnamectl set-hostname '$name_should'" \
|
||||
"|| hostname '$name_should'"
|
||||
;;
|
||||
centos|fedora|redhat|scientific|freebsd|netbsd|openbsd|gentoo|void)
|
||||
echo "hostname '$name_should'"
|
||||
;;
|
||||
suse)
|
||||
macosx)
|
||||
echo "scutil --set HostName '$name_should'"
|
||||
;;
|
||||
solaris)
|
||||
echo "uname -S '$name_should'"
|
||||
;;
|
||||
slackware|suse|opensuse-leap)
|
||||
# We do not read from /etc/HOSTNAME, because the running
|
||||
# hostname is the first component only while the file contains
|
||||
# the FQDN.
|
||||
echo "hostname '$name_should'"
|
||||
printf "printf '%%s\\\\n' '$name_should' > /etc/HOSTNAME\\n"
|
||||
;;
|
||||
*)
|
||||
# Fall back to set the hostname using hostnamectl, if available.
|
||||
if test -n "$has_hostnamectl"
|
||||
then
|
||||
# Don't use hostnamectl as the primary means to set the hostname for
|
||||
# systemd systems, because it cannot be trusted to work reliably and
|
||||
# exit with non-zero when it fails (e.g. hostname too long,
|
||||
# D-Bus failure, etc.).
|
||||
|
||||
echo "hostnamectl set-hostname \"\$(cat /etc/hostname)\""
|
||||
echo "test \"\$(hostname)\" = \"\$(cat /etc/hostname)\"" \
|
||||
" || hostname -F /etc/hostname"
|
||||
else
|
||||
printf "echo 'Unsupported OS: %s' >&2\nexit 1\n" "$os"
|
||||
fi
|
||||
;;
|
||||
esac
|
||||
|
||||
if [ "$has_hostnamectl" ]; then
|
||||
# Allow hostnamectl set-hostname to fail silently.
|
||||
# Who the fuck invented a tool that needs dbus to set the hostname anyway ...
|
||||
echo "hostnamectl set-hostname '$name_should' || true"
|
||||
fi
|
||||
|
|
|
@ -8,7 +8,10 @@ cdist-type__hostname - Set the hostname
|
|||
|
||||
DESCRIPTION
|
||||
-----------
|
||||
Set's the hostname on various operating systems.
|
||||
Sets the hostname on various operating systems.
|
||||
|
||||
**Tip:** For advice on choosing a hostname, see
|
||||
`RFC 1178 <https://tools.ietf.org/html/rfc1178>`_.
|
||||
|
||||
|
||||
REQUIRED PARAMETERS
|
||||
|
|
|
@ -2,6 +2,7 @@
|
|||
#
|
||||
# 2012 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||
# 2014 Nico Schottelius (nico-cdist at schottelius.org)
|
||||
# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
|
@ -19,50 +20,170 @@
|
|||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
os=$(cat "$__global/explorer/os")
|
||||
if [ -f "$__object/parameter/name" ]; then
|
||||
name_should="$(cat "$__object/parameter/name")"
|
||||
else
|
||||
case "$os" in
|
||||
openbsd)
|
||||
name_should="${__target_host}"
|
||||
;;
|
||||
*)
|
||||
name_should="${__target_host%%.*}"
|
||||
;;
|
||||
esac
|
||||
fi
|
||||
|
||||
|
||||
not_supported() {
|
||||
echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2
|
||||
echo "Please contribute an implementation for it if you can." >&2
|
||||
exit 1
|
||||
}
|
||||
|
||||
case "$os" in
|
||||
archlinux|debian|suse|ubuntu|devuan|coreos|alpine)
|
||||
set_hostname_systemd() {
|
||||
echo "$1" | __file /etc/hostname --source -
|
||||
}
|
||||
|
||||
os=$(cat "$__global/explorer/os")
|
||||
os_version=$(cat "$__global/explorer/os_version")
|
||||
os_major=$(echo "$os_version" | grep -o '^[0-9][0-9]*')
|
||||
|
||||
max_len=$(cat "$__object/explorer/max_len")
|
||||
has_hostnamectl=$(cat "$__object/explorer/has_hostnamectl")
|
||||
|
||||
if test -s "$__object/parameter/name"
|
||||
then
|
||||
name_should=$(cat "$__object/parameter/name")
|
||||
else
|
||||
case $os
|
||||
in
|
||||
# RedHat-derivatives and BSDs
|
||||
centos|fedora|redhat|scientific|freebsd|netbsd|openbsd|slackware)
|
||||
# Hostname is FQDN
|
||||
name_should="${__target_host}"
|
||||
;;
|
||||
suse|opensuse-leap)
|
||||
# Classic SuSE stores the FQDN in /etc/HOSTNAME, while
|
||||
# systemd does not. The running hostname is the first
|
||||
# component in both cases.
|
||||
# In versions before 15.x, the FQDN is stored in /etc/hostname.
|
||||
if test -n "$has_hostnamectl" && test "$os_major" -ge 15 \
|
||||
&& test "$os_major" -ne 42
|
||||
then
|
||||
name_should="${__target_host%%.*}"
|
||||
else
|
||||
name_should="${__target_host}"
|
||||
fi
|
||||
;;
|
||||
*)
|
||||
# Hostname is only first component of FQDN on all other systems.
|
||||
name_should="${__target_host%%.*}"
|
||||
;;
|
||||
esac
|
||||
fi
|
||||
|
||||
if test -n "$max_len" && test "$(printf '%s' "$name_should" | wc -c)" -gt "$max_len"
|
||||
then
|
||||
printf "Host name too long. Up to %u characters allowed.\n" "${max_len}" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
case $os
|
||||
in
|
||||
alpine|debian|devuan|ubuntu|void)
|
||||
echo "$name_should" | __file /etc/hostname --source -
|
||||
;;
|
||||
archlinux)
|
||||
if test -n "$has_hostnamectl"
|
||||
then
|
||||
set_hostname_systemd "$name_should"
|
||||
else
|
||||
echo 'Ancient ArchLinux variants without hostnamectl are not supported.' >&2
|
||||
exit 1
|
||||
# Only for ancient ArchLinux, write to /etc/rc.conf on pre-systemd
|
||||
# versions. There are some versions which use /etc/hostname but not
|
||||
# systemd. It is unclear which ones these are.
|
||||
|
||||
# __key_value '/etc/rc.conf:HOSTNAME' \
|
||||
# --file /etc/rc.conf \
|
||||
# --delimiter '=' --exact_delimiter \
|
||||
# --key 'HOSTNAME' \
|
||||
# --value "\"$name_should\""
|
||||
fi
|
||||
;;
|
||||
centos|fedora|redhat|scientific)
|
||||
if test -z "$has_hostnamectl"
|
||||
then
|
||||
# Only write to /etc/sysconfig/network on non-systemd versions.
|
||||
# On systemd-based versions this entry is ignored.
|
||||
__key_value '/etc/sysconfig/network:HOSTNAME' \
|
||||
--file /etc/sysconfig/network \
|
||||
--delimiter '=' --exact_delimiter \
|
||||
--key HOSTNAME \
|
||||
--value "\"$name_should\""
|
||||
else
|
||||
set_hostname_systemd "$name_should"
|
||||
fi
|
||||
;;
|
||||
gentoo)
|
||||
# Only write to /etc/conf.d/hostname on OpenRC-based installations.
|
||||
# On systemd use hostnamectl(1) in gencode-remote.
|
||||
if test -z "$has_hostnamectl"
|
||||
then
|
||||
__key_value '/etc/conf.d/hostname:hostname' \
|
||||
--file /etc/conf.d/hostname \
|
||||
--delimiter '=' --exact_delimiter \
|
||||
--key 'hostname' \
|
||||
--value "\"$name_should\""
|
||||
else
|
||||
set_hostname_systemd "$name_should"
|
||||
fi
|
||||
;;
|
||||
freebsd)
|
||||
__key_value '/etc/rc.conf:hostname' \
|
||||
--file /etc/rc.conf \
|
||||
--delimiter '=' --exact_delimiter \
|
||||
--key 'hostname' \
|
||||
--value "\"$name_should\""
|
||||
;;
|
||||
macosx)
|
||||
# handled in gencode-remote
|
||||
:
|
||||
;;
|
||||
scientific|centos)
|
||||
__key_value sysconfig-hostname \
|
||||
--file /etc/sysconfig/network \
|
||||
--delimiter '=' \
|
||||
--key HOSTNAME \
|
||||
--value "$name_should" --exact_delimiter
|
||||
;;
|
||||
freebsd)
|
||||
__key_value rcconf-hostname \
|
||||
netbsd)
|
||||
__key_value '/etc/rc.conf:hostname' \
|
||||
--file /etc/rc.conf \
|
||||
--delimiter '=' \
|
||||
--delimiter '=' --exact_delimiter \
|
||||
--key 'hostname' \
|
||||
--value "$name_should"
|
||||
--value "\"$name_should\""
|
||||
|
||||
# To avoid confusion, ensure that the hostname is only stored once.
|
||||
__file /etc/myname --state absent
|
||||
;;
|
||||
openbsd)
|
||||
echo "$name_should" | __file /etc/myname --source -
|
||||
;;
|
||||
slackware)
|
||||
# We write the FQDN into /etc/HOSTNAME. But /etc/rc.d/rc.M will only
|
||||
# read the first component from this file and set it as the running
|
||||
# hostname on boot.
|
||||
echo "$name_should" | __file /etc/HOSTNAME --source -
|
||||
;;
|
||||
solaris)
|
||||
echo "$name_should" | __file /etc/nodename --source -
|
||||
;;
|
||||
suse|opensuse-leap)
|
||||
# Modern SuSE provides /etc/HOSTNAME as a symlink for
|
||||
# backwards-compatibility. Unfortunately it cannot be used
|
||||
# here as __file does not follow the symlink.
|
||||
# Therefore, we use the presence of the hostnamectl binary as
|
||||
# an indication of which file to use. This unfortunately does
|
||||
# not work correctly on openSUSE 12.x which provides
|
||||
# hostnamectl but not /etc/hostname.
|
||||
|
||||
if test -n "$has_hostnamectl" -a "$os_major" -gt 12
|
||||
then
|
||||
hostname_file='/etc/hostname'
|
||||
else
|
||||
hostname_file='/etc/HOSTNAME'
|
||||
fi
|
||||
|
||||
echo "$name_should" | __file "$hostname_file" --source -
|
||||
;;
|
||||
*)
|
||||
# On other operating systems we fall back to systemd's
|
||||
# hostnamectl if available…
|
||||
if test -n "$has_hostnamectl"
|
||||
then
|
||||
set_hostname_systemd "$name_should"
|
||||
else
|
||||
not_supported
|
||||
fi
|
||||
;;
|
||||
esac
|
||||
|
|
|
@ -7,6 +7,12 @@ if [ -z "${certbot_fullpath}" ]; then
|
|||
os_version="$(cat "${__global}/explorer/os_version")"
|
||||
|
||||
case "$os" in
|
||||
archlinux)
|
||||
__package certbot
|
||||
;;
|
||||
alpine)
|
||||
__package certbot
|
||||
;;
|
||||
debian)
|
||||
case "$os_version" in
|
||||
8*)
|
||||
|
@ -33,6 +39,10 @@ if [ -z "${certbot_fullpath}" ]; then
|
|||
require="__apt_source/stretch-backports" __package_apt certbot \
|
||||
--target-release stretch-backports
|
||||
;;
|
||||
10*)
|
||||
__package_apt certbot
|
||||
;;
|
||||
|
||||
*)
|
||||
echo "Unsupported OS version: $os_version" >&2
|
||||
exit 1
|
||||
|
|
|
@ -34,6 +34,9 @@ case "$type" in
|
|||
echo 0
|
||||
fi
|
||||
;;
|
||||
alpine)
|
||||
echo 0
|
||||
;;
|
||||
*) echo "Your specified type ($type) is currently not supported." >&2
|
||||
echo "Please contribute an implementation for it if you can." >&2
|
||||
;;
|
||||
|
|
|
@ -26,6 +26,7 @@ else
|
|||
amazon|scientific|centos|fedora|redhat) echo "yum" ;;
|
||||
debian|ubuntu|devuan) echo "apt" ;;
|
||||
archlinux) echo "pacman" ;;
|
||||
alpine) echo "apk" ;;
|
||||
*)
|
||||
echo "Don't know how to manage packages on: $os" >&2
|
||||
exit 1
|
||||
|
|
|
@ -47,6 +47,10 @@ case "$type" in
|
|||
echo "pacman --noprogressbar --sync --refresh"
|
||||
echo "pacman package database synced (age was: $currage)" >> "$__messages_out"
|
||||
;;
|
||||
alpine)
|
||||
echo "apk update"
|
||||
echo "apk package database updated."
|
||||
;;
|
||||
*)
|
||||
echo "Don't know how to manage packages for type: $type" >&2
|
||||
exit 1
|
||||
|
|
|
@ -30,6 +30,7 @@ if [ -f "$__object/parameter/install-from-backports" ]; then
|
|||
*)
|
||||
echo "--install-from-backports is only supported on Devuan -- ignoring." >&2
|
||||
echo "Send a pull request if you require it." >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
else
|
||||
|
@ -60,5 +61,5 @@ require="$require __directory/$storage_path $require_pkg" \
|
|||
__config_file $CONF \
|
||||
--source "$config" \
|
||||
--group prometheus --mode 640 \
|
||||
--onchange "service prometheus-alertmanager reload" # TODO when a config-check tool is available, check config here
|
||||
--onchange "service prometheus-alertmanager restart" # TODO when a config-check tool is available, check config here
|
||||
|
||||
|
|
|
@ -5,9 +5,11 @@ export GOBIN=/opt/gocode/bin # where to find go binaries
|
|||
exporter="$(cat "$__object/parameter/exporter")"
|
||||
[ -z "$exporter" ] && exporter="$__object_id"
|
||||
|
||||
__user prometheus --system
|
||||
__user prometheus
|
||||
require="__user/prometheus" __group prometheus
|
||||
require="__group/prometheus" __user_groups prometheus --group prometheus
|
||||
|
||||
require=""
|
||||
require="__user_groups/prometheus"
|
||||
case $exporter in
|
||||
node)
|
||||
TEXTFILES=/service/node-exporter/textfiles # path for the textfiles collector
|
||||
|
|
|
@ -33,11 +33,13 @@ if [ -f "$__object/parameter/install-from-backports" ]; then
|
|||
*)
|
||||
echo "--install-from-backports is only supported on Devuan -- ignoring." >&2
|
||||
echo "Send a pull request if you require it." >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
else
|
||||
__package prometheus
|
||||
require_pkg="__package/prometheus"
|
||||
__package prometheus-blackbox-exporter
|
||||
require_pkg="__package/prometheus __package/prometheus-blackbox-exporter"
|
||||
fi
|
||||
|
||||
##### PREPARE PATHS AND SUCH ################################################
|
||||
|
@ -58,7 +60,7 @@ require="$require __directory/$storage_path $require_pkg" \
|
|||
__config_file $CONF \
|
||||
--source "$config" \
|
||||
--group prometheus --mode 640 \
|
||||
--onchange "promtool check config $CONF && service prometheus reload"
|
||||
--onchange "promtool check config $CONF && service prometheus restart"
|
||||
|
||||
for file in $rule_files; do
|
||||
dest=$CONF_DIR/$(basename "$file")
|
||||
|
@ -66,6 +68,6 @@ for file in $rule_files; do
|
|||
__config_file "$dest" \
|
||||
--source "$file" \
|
||||
--owner prometheus \
|
||||
--onchange "promtool check rules '$dest' && service prometheus reload"
|
||||
--onchange "promtool check rules '$dest' && service prometheus restart"
|
||||
done
|
||||
|
||||
|
|
131
cdist/conf/type/__sensible_editor/explorer/editor_path
Normal file
131
cdist/conf/type/__sensible_editor/explorer/editor_path
Normal file
|
@ -0,0 +1,131 @@
|
|||
#!/bin/sh -e
|
||||
#
|
||||
# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
#
|
||||
# Check if the given editor is present on the target system and determine its
|
||||
# absolute path.
|
||||
#
|
||||
|
||||
die() {
|
||||
echo "$@" >&2
|
||||
exit 1
|
||||
}
|
||||
|
||||
editor_missing() { die "Editor '$1' is missing on the target system."; }
|
||||
editor_no_alternative() {
|
||||
die "Editor '$1' is not in the alternatives list of the target system." \
|
||||
"$(test -n "${editors}" && printf '\nPlease choose one of:\n\n%s\n' "${editors}")"
|
||||
}
|
||||
|
||||
# No need to check for the path if the file is supposed to be removed.
|
||||
test "$(cat "${__object}/parameter/state")" != 'absent' || exit 0
|
||||
|
||||
|
||||
case $("${__explorer}/os")
|
||||
in
|
||||
debian|devuan|ubuntu)
|
||||
has_alternatives=true
|
||||
|
||||
# NOTE: Old versions do not support `--list`, in this case ignore the errors.
|
||||
# This will require an absolute path to be provided, though.
|
||||
editors=$(update-alternatives --list editor 2>/dev/null)
|
||||
;;
|
||||
*)
|
||||
# NOTE: RedHat has an alternatives system but it doesn't usually track
|
||||
# editors and it is a pain to extract the list.
|
||||
has_alternatives=false
|
||||
;;
|
||||
esac
|
||||
|
||||
# Read --editor parameter and check its value since it is "optional"
|
||||
editor=$(cat "${__object}/parameter/editor" 2>/dev/null) || true
|
||||
test -n "${editor}" || die 'Please provide an --editor to configure.'
|
||||
|
||||
case $editor
|
||||
in
|
||||
/*)
|
||||
is_abspath=true
|
||||
;;
|
||||
*/*)
|
||||
die 'Relative editor paths are not supported'
|
||||
;;
|
||||
*)
|
||||
is_abspath=false
|
||||
;;
|
||||
esac
|
||||
|
||||
|
||||
if $has_alternatives && test -n "${editors}"
|
||||
then
|
||||
IFS='
|
||||
'
|
||||
if ! $is_abspath
|
||||
then
|
||||
# First, try to resolve the absolute path using $editors.
|
||||
while true
|
||||
do
|
||||
for e in $editors
|
||||
do
|
||||
if test "$(basename "${e}")" = "${editor}"
|
||||
then
|
||||
editor="${e}"
|
||||
break 2 # break out of both loops
|
||||
fi
|
||||
done
|
||||
|
||||
# Iterating through alternatives did not yield a result
|
||||
editor_no_alternative "${editor}"
|
||||
break
|
||||
done
|
||||
fi
|
||||
|
||||
# Check if editor is present
|
||||
test -f "${editor}" || editor_missing "${editor}"
|
||||
|
||||
for e in $editors
|
||||
do
|
||||
if test "${editor}" = "${e}"
|
||||
then
|
||||
# Editor is part of the alternatives list -> use it!
|
||||
echo "${editor}"
|
||||
exit 0
|
||||
fi
|
||||
done
|
||||
|
||||
editor_no_alternative "${editor}"
|
||||
else
|
||||
# NOTE: This branch is mostly for RedHat-based systems which do
|
||||
# not track editor alternatives. To make this type useful
|
||||
# on RedHat at all we allow an absoloute path to be provided
|
||||
# in any case.
|
||||
|
||||
if $is_abspath
|
||||
then
|
||||
test -x "${editor}" || editor_missing "${editor}"
|
||||
|
||||
echo "${editor}"
|
||||
exit 0
|
||||
else
|
||||
die "The target doesn't list any editor alternatives. " \
|
||||
"Please specify an absolute path or populate the alternatives list."
|
||||
fi
|
||||
fi
|
||||
|
||||
# The script should never reach this statement!
|
||||
exit 1
|
26
cdist/conf/type/__sensible_editor/explorer/group
Normal file
26
cdist/conf/type/__sensible_editor/explorer/group
Normal file
|
@ -0,0 +1,26 @@
|
|||
#!/bin/sh -e
|
||||
#
|
||||
# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
#
|
||||
# Determines the primary group of the user.
|
||||
#
|
||||
|
||||
user=$__object_id
|
||||
|
||||
id -gn "${user}" 2>/dev/null
|
33
cdist/conf/type/__sensible_editor/explorer/user_home
Normal file
33
cdist/conf/type/__sensible_editor/explorer/user_home
Normal file
|
@ -0,0 +1,33 @@
|
|||
#!/bin/sh -e
|
||||
#
|
||||
# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
#
|
||||
# Determines the home folder of the target user.
|
||||
#
|
||||
|
||||
user=$__object_id
|
||||
home=$(getent passwd "${user}" | cut -d':' -f6)
|
||||
|
||||
if ! test -d "${home}"
|
||||
then
|
||||
echo "Cannot find home directory of user ${user}" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo "${home}"
|
78
cdist/conf/type/__sensible_editor/man.rst
Normal file
78
cdist/conf/type/__sensible_editor/man.rst
Normal file
|
@ -0,0 +1,78 @@
|
|||
cdist-type__sensible_editor(7)
|
||||
==============================
|
||||
|
||||
NAME
|
||||
----
|
||||
cdist-type__sensible_editor - Select the sensible-editor
|
||||
|
||||
|
||||
DESCRIPTION
|
||||
-----------
|
||||
This cdist type allows you to select the :strong:`sensible-editor` for
|
||||
a given user.
|
||||
|
||||
|
||||
REQUIRED PARAMETERS
|
||||
-------------------
|
||||
editor
|
||||
Name or path of the editor to be selected.
|
||||
On systems other than Debian derivatives an absolute path is required.
|
||||
|
||||
It is permissible to omit this parameter if --state is absent.
|
||||
|
||||
|
||||
OPTIONAL PARAMETERS
|
||||
-------------------
|
||||
state
|
||||
'present', 'absent', or 'exists'. Defaults to 'present', where:
|
||||
|
||||
present
|
||||
the sensible-editor is exactly what is specified in --editor.
|
||||
absent
|
||||
no sensible-editor configuration is present.
|
||||
exists
|
||||
the sensible-editor will be set to what is specified in --editor,
|
||||
unless there already is a configuration on the target system.
|
||||
|
||||
|
||||
EXAMPLES
|
||||
--------
|
||||
|
||||
.. code-block:: sh
|
||||
|
||||
__sensible_editor root --editor /bin/ed # ed(1) is the standard
|
||||
__sensible_editor noob --editor nano
|
||||
|
||||
|
||||
LIMITATIONS
|
||||
-----------
|
||||
|
||||
This type depends upon the :strong:`sensible-editor`\ (1) script which
|
||||
is part of the sensible-utils package.
|
||||
|
||||
Therefore, the following operating systems are supported:
|
||||
* Debian 8 (jessie) or later
|
||||
* Devuan
|
||||
* Ubuntu 8.10 (intrepid) or later
|
||||
* RHEL/CentOS 7 or later (EPEL repo required)
|
||||
* Fedora 21 or later
|
||||
|
||||
Note: on old versions of Ubuntu the sensible-* utils are part of the
|
||||
debianutils package.
|
||||
|
||||
SEE ALSO
|
||||
--------
|
||||
:strong:`select-editor`\ (1), :strong:`sensible-editor`\ (1).
|
||||
|
||||
|
||||
AUTHOR
|
||||
-------
|
||||
Dennis Camera <dennis.camera--@--ssrq-sds-fds.ch>
|
||||
|
||||
|
||||
COPYING
|
||||
-------
|
||||
Copyright \(C) 2019 Dennis Camera.
|
||||
You can redistribute it and/or modify it under the terms of the GNU General
|
||||
Public License as published by the Free Software Foundation, either version 3 of
|
||||
the License, or (at your option) any later version.
|
94
cdist/conf/type/__sensible_editor/manifest
Normal file
94
cdist/conf/type/__sensible_editor/manifest
Normal file
|
@ -0,0 +1,94 @@
|
|||
#!/bin/sh -e
|
||||
# -*- mode: sh; indent-tabs-mode: t -*-
|
||||
#
|
||||
# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
version_ge() {
|
||||
awk -F '[^0-9.]' -v target="${1:?}" '
|
||||
function max(x, y) { return x > y ? x : y; }
|
||||
BEGIN {
|
||||
getline;
|
||||
nx = split($1, x, ".");
|
||||
ny = split(target, y, ".");
|
||||
for (i = 1; i <= max(nx, ny); ++i) {
|
||||
diff = int(x[i]) - int(y[i]);
|
||||
if (diff < 0) exit 1;
|
||||
else if (diff > 0) exit 0;
|
||||
else continue;
|
||||
}
|
||||
}'
|
||||
}
|
||||
|
||||
not_supported() {
|
||||
echo "OS ${os} does not support __sensible_editor." >&2
|
||||
echo 'If it does, please provide a patch.' >&2
|
||||
exit 1
|
||||
}
|
||||
|
||||
os=$(cat "${__global}/explorer/os")
|
||||
os_version=$(cat "${__global}/explorer/os_version")
|
||||
|
||||
state=$(cat "${__object}/parameter/state")
|
||||
user=$__object_id
|
||||
|
||||
if test "${state}" != 'present' && test "${state}" != 'exists' && test "${state}" != 'absent'
|
||||
then
|
||||
echo 'Only "present", "exists", and "absent" are allowed for --state' >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
package_name='sensible-utils'
|
||||
|
||||
case $os
|
||||
in
|
||||
debian)
|
||||
pkg_type='apt'
|
||||
;;
|
||||
devuan)
|
||||
pkg_type='apt'
|
||||
;;
|
||||
ubuntu)
|
||||
(echo "${os_version}" | version_ge 10.04) || package_name='debianutils'
|
||||
pkg_type='apt'
|
||||
;;
|
||||
centos|fedora|redhat|scientific)
|
||||
pkg_type='yum'
|
||||
;;
|
||||
*)
|
||||
not_supported
|
||||
;;
|
||||
esac
|
||||
|
||||
if test "${state}" != 'absent'
|
||||
then
|
||||
__package "${package_name}" --state present \
|
||||
--type "${pkg_type}"
|
||||
export require="__package/${package_name}"
|
||||
fi
|
||||
|
||||
editor_path=$(cat "${__object}/explorer/editor_path")
|
||||
user_home=$(cat "${__object}/explorer/user_home")
|
||||
group=$(cat "${__object}/explorer/group")
|
||||
|
||||
__file "${user_home}/.selected_editor" --state "${state}" \
|
||||
--owner "${user}" --group "${group}" --mode 0644 \
|
||||
--source - <<EOF
|
||||
# Managed by cdist
|
||||
SELECTED_EDITOR="${editor_path}"
|
||||
EOF
|
|
@ -0,0 +1 @@
|
|||
present
|
2
cdist/conf/type/__sensible_editor/parameter/optional
Normal file
2
cdist/conf/type/__sensible_editor/parameter/optional
Normal file
|
@ -0,0 +1,2 @@
|
|||
editor
|
||||
state
|
|
@ -1,6 +1,7 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# 2014 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||
# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
|
@ -21,7 +22,40 @@
|
|||
if [ -f "$__object/parameter/file" ]; then
|
||||
cat "$__object/parameter/file"
|
||||
else
|
||||
owner="$(cat "$__object/parameter/owner" 2>/dev/null || echo "$__object_id")"
|
||||
home=$(getent passwd "$owner" | cut -d':' -f 6)
|
||||
echo "$home/.ssh/authorized_keys"
|
||||
if [ -s "$__object/parameter/owner" ]
|
||||
then
|
||||
owner=$(cat "$__object/parameter/owner")
|
||||
else
|
||||
owner="$__object_id"
|
||||
fi
|
||||
|
||||
if command -v getent >/dev/null
|
||||
then
|
||||
owner_line=$(getent passwd "$owner")
|
||||
elif [ -f /etc/passwd ]
|
||||
then
|
||||
case $owner
|
||||
in
|
||||
[0-9][0-9]*)
|
||||
owner_line=$(awk -F: "\$3 == \"${owner}\" { print }" /etc/passwd)
|
||||
;;
|
||||
*)
|
||||
owner_line=$(awk -F: "\$1 == \"${owner}\" { print }" /etc/passwd)
|
||||
;;
|
||||
esac
|
||||
fi
|
||||
|
||||
if [ "$owner_line" ]
|
||||
then
|
||||
home=$(echo "$owner_line" | cut -d':' -f6)
|
||||
fi
|
||||
|
||||
if [ ! -d "$home" ]
|
||||
then
|
||||
# Don't know how to determine user's home directory, fall back to ~
|
||||
home="~$owner"
|
||||
command -v realpath >/dev/null && home=$(realpath "$home")
|
||||
fi
|
||||
|
||||
[ -d "$home" ] && echo "$home/.ssh/authorized_keys"
|
||||
fi
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# 2014 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||
# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
|
@ -18,6 +19,28 @@
|
|||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
owner="$(cat "$__object/parameter/owner" 2>/dev/null || echo "$__object_id")"
|
||||
gid="$(getent passwd "$owner" | cut -d':' -f 4)"
|
||||
if [ -s "$__object/parameter/owner" ]
|
||||
then
|
||||
owner=$(cat "$__object/parameter/owner")
|
||||
else
|
||||
owner="$__object_id"
|
||||
fi
|
||||
|
||||
if command -v getent >/dev/null
|
||||
then
|
||||
gid=$(getent passwd "$owner" | cut -d':' -f4)
|
||||
getent group "$gid" || true
|
||||
else
|
||||
# Fallback to local file scanning
|
||||
case $owner
|
||||
in
|
||||
[0-9][0-9]*)
|
||||
gid=$(awk -F: "\$3 == \"${owner}\" { print \$4 }" /etc/passwd)
|
||||
;;
|
||||
*)
|
||||
gid=$(awk -F: "\$1 == \"${owner}\" { print \$4 }" /etc/passwd)
|
||||
;;
|
||||
esac
|
||||
|
||||
awk -F: "\$3 == \"$gid\" { print }" /etc/group
|
||||
fi
|
||||
|
|
|
@ -23,6 +23,12 @@ owner="$(cat "$__object/parameter/owner" 2>/dev/null || echo "$__object_id")"
|
|||
state="$(cat "$__object/parameter/state" 2>/dev/null)"
|
||||
file="$(cat "$__object/explorer/file")"
|
||||
|
||||
if [ ! -f "$__object/parameter/nofile" ] && [ -z "$file" ]
|
||||
then
|
||||
echo "Cannot determine path of authorized_keys file" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [ ! -f "$__object/parameter/noparent" ] || [ ! -f "$__object/parameter/nofile" ]; then
|
||||
group="$(cut -d':' -f 1 "$__object/explorer/group")"
|
||||
if [ -z "$group" ]; then
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# 2014 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||
# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
|
@ -18,5 +19,11 @@
|
|||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
gid="$("$__type_explorer/passwd" | cut -d':' -f 4)"
|
||||
gid=$("$__type_explorer/passwd" | cut -d':' -f4)
|
||||
|
||||
if command -v getent >/dev/null
|
||||
then
|
||||
getent group "$gid" || true
|
||||
else
|
||||
awk -F: "\$3 == \"$gid\" { print }" /etc/group
|
||||
fi
|
||||
|
|
|
@ -2,6 +2,7 @@
|
|||
#
|
||||
# 2012 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||
# 2014 Nico Schottelius (nico-cdist at schottelius.org)
|
||||
# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
|
@ -21,4 +22,16 @@
|
|||
|
||||
owner="$__object_id"
|
||||
|
||||
if command -v getent >/dev/null
|
||||
then
|
||||
getent passwd "$owner" || true
|
||||
else
|
||||
case $owner in
|
||||
[0-9][0-9]*)
|
||||
awk -F: "\$3 == \"$owner\" { print }" /etc/passwd
|
||||
;;
|
||||
*)
|
||||
grep "^$owner:" /etc/passwd || true
|
||||
;;
|
||||
esac
|
||||
fi
|
||||
|
|
|
@ -23,11 +23,9 @@
|
|||
|
||||
if [ -f "$__object/parameter/gid" ]; then
|
||||
gid=$(cat "$__object/parameter/gid")
|
||||
getent=$(command -v getent)
|
||||
if [ X != X"${getent}" ]; then
|
||||
"${getent}" group "$gid" || true
|
||||
if command -v getent >/dev/null; then
|
||||
getent group "$gid" || true
|
||||
elif [ -f /etc/group ]; then
|
||||
grep -E "^(${gid}|([^:]+:){2}${gid}):" /etc/group || true
|
||||
fi
|
||||
fi
|
||||
|
||||
|
|
|
@ -23,9 +23,8 @@
|
|||
|
||||
name=$__object_id
|
||||
|
||||
getent=$(command -v getent)
|
||||
if [ X != X"${getent}" ]; then
|
||||
"${getent}" passwd "$name" || true
|
||||
if command -v getent >/dev/null; then
|
||||
getent passwd "$name" || true
|
||||
elif [ -f /etc/passwd ]; then
|
||||
grep "^${name}:" /etc/passwd || true
|
||||
fi
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
#!/bin/sh
|
||||
#!/bin/sh -e
|
||||
#
|
||||
# 2011 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||
#
|
||||
|
@ -22,18 +22,19 @@
|
|||
#
|
||||
|
||||
name=$__object_id
|
||||
os="$("$__explorer/os")"
|
||||
# Default to using shadow passwords
|
||||
database="shadow"
|
||||
|
||||
case "$os" in
|
||||
"freebsd"|"netbsd"|"openbsd") database="passwd";;
|
||||
case $("$__explorer/os") in
|
||||
'freebsd'|'netbsd'|'openbsd')
|
||||
database='passwd'
|
||||
;;
|
||||
# Default to using shadow passwords
|
||||
*)
|
||||
database='shadow'
|
||||
;;
|
||||
esac
|
||||
|
||||
|
||||
getent=$(command -v getent)
|
||||
if [ X != X"${getent}" ]; then
|
||||
"${getent}" "$database" "$name" || true
|
||||
if command -v getent >/dev/null; then
|
||||
getent "$database" "$name" || true
|
||||
elif [ -f /etc/shadow ]; then
|
||||
grep "^${name}:" /etc/shadow || true
|
||||
fi
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
#!/bin/sh
|
||||
#!/bin/sh -e
|
||||
#
|
||||
# 2014 Nico Schottelius (nico-cdist at schottelius.org)
|
||||
# 2018-2019 Thomas Eckert (tom at it-eckert.de)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
|
@ -16,11 +16,7 @@
|
|||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
#
|
||||
# Retrieve the contents of /etc/hostname
|
||||
#
|
||||
|
||||
if [ -f /etc/sysconfig/network ]; then
|
||||
awk -F= '/^HOSTNAME=/ { print $2 }' /etc/sysconfig/network
|
||||
if [ -d /etc/apache2/mods-enabled ]; then
|
||||
ls -1 /etc/apache2/conf-enabled/
|
||||
fi
|
5
cdist/conf/type/__xymon_apache/explorer/active-modules
Executable file
5
cdist/conf/type/__xymon_apache/explorer/active-modules
Executable file
|
@ -0,0 +1,5 @@
|
|||
#!/bin/sh -e
|
||||
|
||||
if [ -d /etc/apache2/mods-enabled ]; then
|
||||
/usr/sbin/apachectl -t -D DUMP_MODULES | awk '/.*_module/ { gsub(/_module.*$/, ""); gsub(/^ /, ""); print }'
|
||||
fi
|
56
cdist/conf/type/__xymon_apache/gencode-remote
Executable file
56
cdist/conf/type/__xymon_apache/gencode-remote
Executable file
|
@ -0,0 +1,56 @@
|
|||
#!/bin/sh -e
|
||||
#
|
||||
# 2018-2019 Thomas Eckert (tom at it-eckert.de)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
state=$(cat "$__object/parameter/state")
|
||||
|
||||
os=$(cat "$__global/explorer/os")
|
||||
case "$os" in
|
||||
debian|ubuntu)
|
||||
:
|
||||
;;
|
||||
*)
|
||||
echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2
|
||||
echo "Please contribute an implementation for it if you can." >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
|
||||
if [ "$state" = "present" ]; then
|
||||
if ! grep -q ^rewrite "$__object/explorer/active-modules"; then
|
||||
echo "a2enmod rewrite >/dev/null"
|
||||
echo "mod:rewrite enabled" >> "$__messages_out"
|
||||
fi
|
||||
if ! grep -q "^cgi$" "$__object/explorer/active-modules"; then
|
||||
echo "a2enmod cgi >/dev/null"
|
||||
echo "mod:cgi enabled" >> "$__messages_out"
|
||||
fi
|
||||
|
||||
if ! grep -q ^xymon.conf "$__object/explorer/active-conf"; then
|
||||
echo "a2enconf xymon >/dev/null"
|
||||
echo "conf:xymon enabled" >> "$__messages_out"
|
||||
fi
|
||||
fi
|
||||
|
||||
if grep -q "^mod:.* enabled" "$__messages_out"; then
|
||||
echo "systemctl restart apache2.service"
|
||||
echo "apache restarted" >> "$__messages_out"
|
||||
elif grep -q "^conf:xymon enabled" "$__messages_out"; then
|
||||
echo "systemctl reload apache2.service"
|
||||
echo "apache reloaded" >> "$__messages_out"
|
||||
fi
|
79
cdist/conf/type/__xymon_apache/man.rst
Normal file
79
cdist/conf/type/__xymon_apache/man.rst
Normal file
|
@ -0,0 +1,79 @@
|
|||
cdist-type__xymon_apache(7)
|
||||
===========================
|
||||
|
||||
NAME
|
||||
----
|
||||
cdist-type__xymon_apache - Configure apache2-webserver for Xymon
|
||||
|
||||
|
||||
DESCRIPTION
|
||||
-----------
|
||||
This cdist type installs and configures apache2 to be used "exclusively" (in
|
||||
the sense that no other use is taken care of) with Xymon (the systems and
|
||||
network monitor).
|
||||
|
||||
It depends on `__xymon_server`.
|
||||
|
||||
|
||||
REQUIRED PARAMETERS
|
||||
-------------------
|
||||
None.
|
||||
|
||||
|
||||
OPTIONAL PARAMETERS
|
||||
-------------------
|
||||
state
|
||||
'present', 'absent', defaults to 'present'.
|
||||
|
||||
ipacl
|
||||
IP(-ranges) that have access to the Xymon webpages and CGIs. Apache2-style
|
||||
syntax suitable for `Require ip ...`. Example: `192.168.1.0/24 10.0.0.0/8`
|
||||
|
||||
|
||||
MESSAGES
|
||||
--------
|
||||
mod:rewrite enabled
|
||||
apache module enabled
|
||||
conf:xymon enabled
|
||||
apache config for xymon enabled
|
||||
apache restarted
|
||||
apache2.service was reloaded
|
||||
apache reloaded
|
||||
apache2.service was restarted
|
||||
|
||||
|
||||
EXPLORERS
|
||||
---------
|
||||
active-conf
|
||||
lists apache2 `conf-enabled`
|
||||
active-modules
|
||||
lists active apache2-modules
|
||||
|
||||
|
||||
EXAMPLES
|
||||
--------
|
||||
|
||||
.. code-block:: sh
|
||||
|
||||
# minmal, only localhost-access:
|
||||
__xymon_apache
|
||||
# allow more IPs to access the Xymon-webinterface:
|
||||
__xymon_apache --ipacl "192.168.0.0/16 10.0.0.0/8" --state "present"
|
||||
|
||||
|
||||
SEE ALSO
|
||||
--------
|
||||
:strong:`cdist__xymon_server`\ (7)
|
||||
|
||||
|
||||
AUTHORS
|
||||
-------
|
||||
Thomas Eckert <tom--@--it-eckert.de>
|
||||
|
||||
|
||||
COPYING
|
||||
-------
|
||||
Copyright \(C) 2018-2019 Thomas Eckert. You can redistribute it
|
||||
and/or modify it under the terms of the GNU General Public License as
|
||||
published by the Free Software Foundation, either version 3 of the
|
||||
License, or (at your option) any later version.
|
42
cdist/conf/type/__xymon_apache/manifest
Executable file
42
cdist/conf/type/__xymon_apache/manifest
Executable file
|
@ -0,0 +1,42 @@
|
|||
#!/bin/sh -e
|
||||
#
|
||||
# 2018-2019 Thomas Eckert (tom at it-eckert.de)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
state=$(cat "$__object/parameter/state")
|
||||
|
||||
os=$(cat "$__global/explorer/os")
|
||||
case "$os" in
|
||||
debian|ubuntu)
|
||||
:
|
||||
;;
|
||||
*)
|
||||
echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2
|
||||
echo "Please contribute an implementation for it if you can." >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
|
||||
__package apache2 --state "$state"
|
||||
|
||||
## edit xymon.conf IP-ranges
|
||||
if [ -f "$__object/parameter/ipacl" ]; then
|
||||
require="__package/xymon" __line /etc/apache2/conf-available/xymon.conf \
|
||||
--line " Require ip $(cat "$__object/parameter/ipacl")" \
|
||||
--after "^[[:space:]]*Require local" \
|
||||
--state "present"
|
||||
fi
|
1
cdist/conf/type/__xymon_apache/parameter/default/state
Normal file
1
cdist/conf/type/__xymon_apache/parameter/default/state
Normal file
|
@ -0,0 +1 @@
|
|||
present
|
2
cdist/conf/type/__xymon_apache/parameter/optional
Normal file
2
cdist/conf/type/__xymon_apache/parameter/optional
Normal file
|
@ -0,0 +1,2 @@
|
|||
state
|
||||
ipacl
|
0
cdist/conf/type/__xymon_apache/singleton
Normal file
0
cdist/conf/type/__xymon_apache/singleton
Normal file
28
cdist/conf/type/__xymon_client/gencode-remote
Executable file
28
cdist/conf/type/__xymon_client/gencode-remote
Executable file
|
@ -0,0 +1,28 @@
|
|||
#!/bin/sh -e
|
||||
#
|
||||
# 2018-2019 Thomas Eckert (tom at it-eckert.de)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
servers=$(cat "$__object/parameter/servers")
|
||||
|
||||
if grep -q ^__key_value/CLIENTHOSTNAME "$__messages_in" || grep -q ^__key_value/XYMONSERVERS "$__messages_in" ; then
|
||||
echo "systemctl restart xymon-client"
|
||||
echo "restarted" >> "$__messages_out"
|
||||
cat <<-EOT
|
||||
echo "xymon-client xymon-client/XYMONSERVERS string $servers" | debconf-set-selections
|
||||
EOT
|
||||
fi
|
57
cdist/conf/type/__xymon_client/man.rst
Normal file
57
cdist/conf/type/__xymon_client/man.rst
Normal file
|
@ -0,0 +1,57 @@
|
|||
cdist-type__xymon_client(7)
|
||||
===========================
|
||||
|
||||
NAME
|
||||
----
|
||||
cdist-type__xymon_client - Install the Xymon client
|
||||
|
||||
|
||||
DESCRIPTION
|
||||
-----------
|
||||
This cdist type installs the Xymon client and configures it to report with
|
||||
FQDN.
|
||||
|
||||
|
||||
REQUIRED PARAMETERS
|
||||
-------------------
|
||||
None.
|
||||
|
||||
|
||||
OPTIONAL PARAMETERS
|
||||
-------------------
|
||||
state
|
||||
'present', 'absent', defaults to 'present'.
|
||||
|
||||
servers
|
||||
One or more IP addresses (space separated) of the Xymon server(s) to report
|
||||
to. While DNS-names are ok it is discouraged, defaults to 127.0.0.1.
|
||||
|
||||
|
||||
EXAMPLES
|
||||
--------
|
||||
|
||||
.. code-block:: sh
|
||||
|
||||
# minmal, report to 127.0.0.1
|
||||
__xymon_client
|
||||
|
||||
# specify server:
|
||||
__xymon_client --servers "192.168.1.1"
|
||||
|
||||
|
||||
SEE ALSO
|
||||
--------
|
||||
:strong:`cdist__xymon_server`\ (7), :strong:`xymon`\ (7)
|
||||
|
||||
|
||||
AUTHORS
|
||||
-------
|
||||
Thomas Eckert <tom--@--it-eckert.de>
|
||||
|
||||
|
||||
COPYING
|
||||
-------
|
||||
Copyright \(C) 2018-2019 Thomas Eckert. You can redistribute it
|
||||
and/or modify it under the terms of the GNU General Public License as
|
||||
published by the Free Software Foundation, either version 3 of the
|
||||
License, or (at your option) any later version.
|
49
cdist/conf/type/__xymon_client/manifest
Executable file
49
cdist/conf/type/__xymon_client/manifest
Executable file
|
@ -0,0 +1,49 @@
|
|||
#!/bin/sh -e
|
||||
#
|
||||
# 2018-2019 Thomas Eckert (tom at it-eckert.de)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
state=$(cat "$__object/parameter/state")
|
||||
servers=$(cat "$__object/parameter/servers")
|
||||
|
||||
os=$(cat "$__global/explorer/os")
|
||||
case "$os" in
|
||||
debian|ubuntu)
|
||||
:
|
||||
;;
|
||||
*)
|
||||
echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2
|
||||
echo "Please contribute an implementation for it if you can." >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
|
||||
__package xymon-client --state "$state"
|
||||
|
||||
require="__package/xymon-client" __key_value CLIENTHOSTNAME \
|
||||
--file /etc/default/xymon-client \
|
||||
--value "'$__target_hostname'" \
|
||||
--delimiter '=' \
|
||||
--state "$state"
|
||||
require="__package/xymon-client" __key_value XYMONSERVERS \
|
||||
--file /etc/default/xymon-client \
|
||||
--value "'$servers'" \
|
||||
--delimiter '=' \
|
||||
--state "$state"
|
||||
|
||||
## CLI-usage often requires a shell:
|
||||
require="__package/xymon-client" __user xymon --shell "/bin/bash" --state "$state"
|
1
cdist/conf/type/__xymon_client/parameter/default/servers
Normal file
1
cdist/conf/type/__xymon_client/parameter/default/servers
Normal file
|
@ -0,0 +1 @@
|
|||
127.0.0.1
|
1
cdist/conf/type/__xymon_client/parameter/default/state
Normal file
1
cdist/conf/type/__xymon_client/parameter/default/state
Normal file
|
@ -0,0 +1 @@
|
|||
present
|
2
cdist/conf/type/__xymon_client/parameter/optional
Normal file
2
cdist/conf/type/__xymon_client/parameter/optional
Normal file
|
@ -0,0 +1,2 @@
|
|||
state
|
||||
servers
|
0
cdist/conf/type/__xymon_client/singleton
Normal file
0
cdist/conf/type/__xymon_client/singleton
Normal file
0
cdist/conf/type/__xymon_config/files/.keep
Normal file
0
cdist/conf/type/__xymon_config/files/.keep
Normal file
19
cdist/conf/type/__hostname/explorer/hostname_file → cdist/conf/type/__xymon_config/gencode-remote
Executable file → Normal file
19
cdist/conf/type/__hostname/explorer/hostname_file → cdist/conf/type/__xymon_config/gencode-remote
Executable file → Normal file
|
@ -1,6 +1,6 @@
|
|||
#!/bin/sh
|
||||
#!/bin/sh -e
|
||||
#
|
||||
# 2014 Nico Schottelius (nico-cdist at schottelius.org)
|
||||
# 2018-2019 Thomas Eckert (tom at it-eckert.de)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
|
@ -16,15 +16,8 @@
|
|||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
#
|
||||
# Retrieve the contents of /etc/hostname
|
||||
#
|
||||
|
||||
# Almost any distribution
|
||||
if [ -f /etc/hostname ]; then
|
||||
cat /etc/hostname
|
||||
# SuSE
|
||||
elif [ -f /etc/HOSTNAME ]; then
|
||||
cat /etc/HOSTNAME
|
||||
fi
|
||||
## to speed up config-reload we send a HUP to the server process:
|
||||
cat <<-EOT
|
||||
pkill -HUP xymond || { echo "HUPing xymond failed" >&2; exit 1; }
|
||||
EOT
|
57
cdist/conf/type/__xymon_config/man.rst
Normal file
57
cdist/conf/type/__xymon_config/man.rst
Normal file
|
@ -0,0 +1,57 @@
|
|||
cdist-type__xymon_config(7)
|
||||
===========================
|
||||
|
||||
NAME
|
||||
----
|
||||
cdist-type__xymon_config - Deploy a Xymon configuration-directory
|
||||
|
||||
|
||||
DESCRIPTION
|
||||
-----------
|
||||
This cdist type deploys a full Xymon configuration directory from the files-dir
|
||||
to the host. This type requires an installed Xymon server, e.g. deployed by
|
||||
`__xymon_server`.
|
||||
|
||||
WARNING: This type _replaces_ the `/etc/xymon/`-directory! The previous
|
||||
contents is replaced/deleted!
|
||||
|
||||
|
||||
REQUIRED PARAMETERS
|
||||
-------------------
|
||||
confdir
|
||||
The directory in `./files/` that contains the `/etc/xymon/`-content to be
|
||||
deployed.
|
||||
|
||||
|
||||
REQUIRED FILES
|
||||
--------------
|
||||
The directory specified by `confdir` has to contain a valid xymon-configuration
|
||||
(`/etc/xymon/`) _plus_ the `ext/`-directory that normally resides in
|
||||
`/usr/lib/xymon/server/`.
|
||||
|
||||
|
||||
EXAMPLES
|
||||
--------
|
||||
|
||||
.. code-block:: sh
|
||||
|
||||
__xymon_config --confdir=xymon.example.com
|
||||
# this will replace /etc/xymon/ on the target host with
|
||||
# the contents from __xymon_config/files/xymon.example.com/
|
||||
|
||||
|
||||
SEE ALSO
|
||||
--------
|
||||
:strong:`cdist__xymon_server`\ (7), :strong:`xymon`\ (7)
|
||||
|
||||
AUTHORS
|
||||
-------
|
||||
Thomas Eckert <tom--@--it-eckert.de>
|
||||
|
||||
|
||||
COPYING
|
||||
-------
|
||||
Copyright \(C) 2018-2019 Thomas Eckert. You can redistribute it
|
||||
and/or modify it under the terms of the GNU General Public License as
|
||||
published by the Free Software Foundation, either version 3 of the
|
||||
License, or (at your option) any later version.
|
24
cdist/conf/type/__xymon_config/manifest
Normal file
24
cdist/conf/type/__xymon_config/manifest
Normal file
|
@ -0,0 +1,24 @@
|
|||
#!/bin/sh -e
|
||||
#
|
||||
# 2018-2019 Thomas Eckert (tom at it-eckert.de)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
confdir=$(cat "$__object/parameter/confdir")
|
||||
|
||||
__rsync /etc/xymon/ \
|
||||
--source "$__type/files/$confdir/" \
|
||||
--rsync-opts "delete"
|
1
cdist/conf/type/__xymon_config/parameter/required
Normal file
1
cdist/conf/type/__xymon_config/parameter/required
Normal file
|
@ -0,0 +1 @@
|
|||
confdir
|
0
cdist/conf/type/__xymon_config/singleton
Normal file
0
cdist/conf/type/__xymon_config/singleton
Normal file
26
cdist/conf/type/__xymon_server/gencode-remote
Executable file
26
cdist/conf/type/__xymon_server/gencode-remote
Executable file
|
@ -0,0 +1,26 @@
|
|||
#!/bin/sh -e
|
||||
#
|
||||
# 2018-2019 Thomas Eckert (tom at it-eckert.de)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
## "move" user-modified dirs to /etc/xymon to be managed by __xymon_config:
|
||||
cat <<-EOT
|
||||
if [ ! -L /usr/lib/xymon/server/ext ]; then
|
||||
mv /usr/lib/xymon/server/ext /etc/xymon
|
||||
ln -s /etc/xymon/ext /usr/lib/xymon/server/
|
||||
fi
|
||||
EOT
|
87
cdist/conf/type/__xymon_server/man.rst
Normal file
87
cdist/conf/type/__xymon_server/man.rst
Normal file
|
@ -0,0 +1,87 @@
|
|||
cdist-type__xymon_server(7)
|
||||
===========================
|
||||
|
||||
NAME
|
||||
----
|
||||
cdist-type__xymon_server - Install a Xymon server
|
||||
|
||||
|
||||
DESCRIPTION
|
||||
-----------
|
||||
This cdist type installs a Xymon (https://www.xymon.com/) server and (optional)
|
||||
required helper packages.
|
||||
|
||||
This includes the Xymon client as a dependency, so NO NEED to install
|
||||
`__xymon_client` separately.
|
||||
|
||||
To access the webinterface a webserver is required. The cdist-type
|
||||
`__xymon_apache` can be used to install and configure the apache webserver for
|
||||
the use with Xymon.
|
||||
|
||||
Further and day-to-day configuration of Xymon can either be done manually in
|
||||
`/etc/xymon/` or the directory can be deployed and managed by `__xymon_config`.
|
||||
|
||||
|
||||
REQUIRED PARAMETERS
|
||||
-------------------
|
||||
None.
|
||||
|
||||
|
||||
OPTIONAL PARAMETERS
|
||||
-------------------
|
||||
state
|
||||
'present', 'absent', defaults to 'present'. If '--install_helpers' is
|
||||
specified for 'absent' the helper packages will be un-installed.
|
||||
|
||||
|
||||
BOOLEAN PARAMETERS
|
||||
------------------
|
||||
install_helpers
|
||||
Install helper packages used by Xymon (fping, heirloom-mailx, traceroute,
|
||||
ntpdate).
|
||||
|
||||
|
||||
EXAMPLES
|
||||
--------
|
||||
|
||||
.. code-block:: sh
|
||||
|
||||
# minmal
|
||||
__xymon_server
|
||||
|
||||
# the same
|
||||
__xymon_server --state present
|
||||
|
||||
# also install helper packages:
|
||||
__xymon_server --install_helpers
|
||||
|
||||
# examples to give a more complete picture: __xymon_server installed on
|
||||
# `xymon.example.com` w/ IP 192.168.1.1:
|
||||
#
|
||||
# install webserver and grant 2 private subnets access to the webinterface:
|
||||
__xymon_apache --ipacl "192.168.0.0/16 10.0.0.0/8"
|
||||
# deploy server-configuration with __xymon_config:
|
||||
__xymon_config --confdir=xymon.example.com
|
||||
|
||||
# install xymon-client on other machines (not needed on the server):
|
||||
__xymon_client --servers "192.168.1.1"
|
||||
|
||||
|
||||
|
||||
SEE ALSO
|
||||
--------
|
||||
:strong:`cdist__xymon_apache`\ (7), :strong:`cdist__xymon_config`\ (7),
|
||||
:strong:`cdist__xymon_client`\ (7), :strong:`xymon`\ (7)
|
||||
|
||||
|
||||
AUTHORS
|
||||
-------
|
||||
Thomas Eckert <tom--@--it-eckert.de>
|
||||
|
||||
|
||||
COPYING
|
||||
-------
|
||||
Copyright \(C) 2018-2019 Thomas Eckert. You can redistribute it
|
||||
and/or modify it under the terms of the GNU General Public License as
|
||||
published by the Free Software Foundation, either version 3 of the
|
||||
License, or (at your option) any later version.
|
50
cdist/conf/type/__xymon_server/manifest
Executable file
50
cdist/conf/type/__xymon_server/manifest
Executable file
|
@ -0,0 +1,50 @@
|
|||
#!/bin/sh -e
|
||||
#
|
||||
# 2018-2019 Thomas Eckert (tom at it-eckert.de)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
state=$(cat "$__object/parameter/state")
|
||||
if [ -f "$__object/parameter/install_helpers" ]; then
|
||||
install_helpers=1
|
||||
else
|
||||
install_helpers=0
|
||||
fi
|
||||
|
||||
os=$(cat "$__global/explorer/os")
|
||||
case "$os" in
|
||||
debian|ubuntu)
|
||||
:
|
||||
;;
|
||||
*)
|
||||
echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2
|
||||
echo "Please contribute an implementation for it if you can." >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
|
||||
__package xymon --state "$state"
|
||||
|
||||
## install helper-packages/tools used by the xymon server if requested:
|
||||
if [ "$install_helpers" = "1" ]; then
|
||||
__package fping --state "$state"
|
||||
__package heirloom-mailx --state "$state"
|
||||
__package traceroute --state "$state"
|
||||
__package ntpdate --state "$state"
|
||||
fi
|
||||
|
||||
## CLI-usage often requires a shell:
|
||||
require="__package/xymon" __user xymon --shell "/bin/bash" --state "$state"
|
1
cdist/conf/type/__xymon_server/parameter/boolean
Normal file
1
cdist/conf/type/__xymon_server/parameter/boolean
Normal file
|
@ -0,0 +1 @@
|
|||
install_helpers
|
1
cdist/conf/type/__xymon_server/parameter/default/state
Normal file
1
cdist/conf/type/__xymon_server/parameter/default/state
Normal file
|
@ -0,0 +1 @@
|
|||
present
|
1
cdist/conf/type/__xymon_server/parameter/optional
Normal file
1
cdist/conf/type/__xymon_server/parameter/optional
Normal file
|
@ -0,0 +1 @@
|
|||
state
|
0
cdist/conf/type/__xymon_server/singleton
Normal file
0
cdist/conf/type/__xymon_server/singleton
Normal file
|
@ -1,6 +1,36 @@
|
|||
Changelog
|
||||
---------
|
||||
|
||||
6.1.0: 2019-11-19
|
||||
* Explorer hostname, type __hostname: Support more operating systems, rewrite type and hostname explorer (Dennis Camera)
|
||||
|
||||
6.0.4: 2019-11-19
|
||||
* Doc: Fix typos (Kirill Miazine)
|
||||
|
||||
6.0.3: 2019-10-31
|
||||
* Type __letsencrypt_cert: Add Alpine support (Nico Schottelius)
|
||||
* Type __xymon_client: Fix spelling error in manpage (Dmitry Bogatov)
|
||||
* Build: Support pip from git (Darko Poljak, Ľubomír Kučera)
|
||||
* Type __package_update_index: Add Alpine support (Ahmed Bilal Khalid)
|
||||
|
||||
6.0.2: 2019-10-17
|
||||
* New types: __xymon_server, __xymon_apache, __xymon_config, __xymon_client (Thomas Eckert)
|
||||
* Type __letsencrypt_cert: Add Arch Linux support (Nico Schottelius)
|
||||
* New type: __sensible_editor (Dennis Camera)
|
||||
* Types __grafana_dashboard, __prometheus_alertmanager, __prometheus_exporter, __prometheus_server: Support Debian 10 (Ahmed Bilal Khalid)
|
||||
|
||||
6.0.1: 2019-10-08
|
||||
* Type __group: Support OSes without getent (Dennis Camera)
|
||||
* Type __user: Support OSes without getent (Dennis Camera)
|
||||
* Type __ssh_authorized_keys: Support OSes without getent (Dennis Camera)
|
||||
* Type __ssh_dot_ssh: Support OSes without getent (Dennis Camera)
|
||||
* Explorer interfaces: Always sort output (Dennis Camera)
|
||||
* Explorer os: Unquote value from os-release file (Dennis Camera)
|
||||
* Type __letsencrypt_cert: Support Debian 10* (Ahmed Bilal Khalid)
|
||||
* Type __prometheus_server: Add missing exit after unsupported error message (Dominique Roux)
|
||||
* Type __git: Use --recurse-submodules instead of --recursive (Jonas Hagen)
|
||||
* Type __git: Add --shallow option (Jonas Hagen)
|
||||
|
||||
6.0.0: 2019-10-01
|
||||
* Type __letsencrypt_cert: Fix beowulf's spelling (Mondi Ravi)
|
||||
* Core: Add preos functionality (Darko Poljak)
|
||||
|
|
|
@ -27,7 +27,7 @@ for that. This type will:
|
|||
- configure nginx.
|
||||
|
||||
Our type will not create the actual python application. Its intention is only
|
||||
to configure hosing for specified user and project. It is up to the user to
|
||||
to configure hosting for specified user and project. It is up to the user to
|
||||
create his/her applications.
|
||||
|
||||
So let's start.
|
||||
|
@ -480,7 +480,7 @@ Creating python bottle application
|
|||
|
||||
We now need to create Bottle application. As you remember from the beginning
|
||||
of this walkthrough our type does not create the actual python application,
|
||||
its intention is only to configure hosing for specified user and project.
|
||||
its intention is only to configure hosting for specified user and project.
|
||||
It is up to the user to create his/her applications.
|
||||
|
||||
Become app user::
|
||||
|
|
|
@ -11,7 +11,7 @@ To upgrade cdist in the current branch use
|
|||
git pull
|
||||
|
||||
# Also update the manpages
|
||||
./build man
|
||||
make man
|
||||
export MANPATH=$MANPATH:$(pwd -P)/doc/man
|
||||
|
||||
If you stay on a version branche (i.e. 1.0, 1.1., ...), nothing should break.
|
||||
|
|
79
hacking/timing-tests/benchmark-files.sh
Normal file
79
hacking/timing-tests/benchmark-files.sh
Normal file
|
@ -0,0 +1,79 @@
|
|||
#!/bin/sh
|
||||
|
||||
num=50000
|
||||
dsthost=localhost
|
||||
|
||||
tmp=$(mktemp -d)
|
||||
remote_tmp=${tmp}-remote
|
||||
|
||||
cd "$tmp"
|
||||
|
||||
create_files() {
|
||||
i=0
|
||||
while [ $i -lt $num ]; do
|
||||
echo $i > file-${i}
|
||||
i=$((i+1))
|
||||
done
|
||||
}
|
||||
|
||||
delete_remote() {
|
||||
ssh "${dsthost}" "rm -rf ${remote_tmp}"
|
||||
}
|
||||
|
||||
|
||||
tar_remote() {
|
||||
cd "${tmp}"
|
||||
tar c . | ssh "${dsthost}" "mkdir ${remote_tmp}; cd ${remote_tmp}; tar x"
|
||||
}
|
||||
|
||||
cdist_remote()
|
||||
{
|
||||
(
|
||||
while [ $i -lt $num ]; do
|
||||
echo __file ${remote_tmp}/file-${i} --source "${tmp}/file-${i}"
|
||||
i=$((i+1))
|
||||
done
|
||||
) | cdist config -i - -vv "${dsthost}"
|
||||
|
||||
}
|
||||
|
||||
cdist_remote_parallel()
|
||||
{
|
||||
(
|
||||
while [ $i -lt $num ]; do
|
||||
echo __file ${remote_tmp}/file-${i} --source "${tmp}/file-${i}"
|
||||
i=$((i+1))
|
||||
done
|
||||
) | cdist config -j10 -i - -vv "${dsthost}"
|
||||
|
||||
}
|
||||
|
||||
echo "Creating ${num} files"
|
||||
time create_files
|
||||
|
||||
echo "scping files"
|
||||
time scp -r "${tmp}" "${dsthost}:$remote_tmp" >/dev/null
|
||||
|
||||
echo "delete remote"
|
||||
time delete_remote
|
||||
|
||||
echo "taring files"
|
||||
time tar_remote
|
||||
|
||||
echo "delete remote"
|
||||
time delete_remote
|
||||
|
||||
echo "cdisting files"
|
||||
time cdist_remote
|
||||
|
||||
echo "delete remote"
|
||||
time delete_remote
|
||||
|
||||
echo "cdisting files (parallel)!"
|
||||
time cdist_remote
|
||||
|
||||
echo "delete remote"
|
||||
time delete_remote
|
||||
|
||||
echo "delete local"
|
||||
rm -rf "$tmp"
|
22
setup.py
22
setup.py
|
@ -1,7 +1,27 @@
|
|||
from distutils.core import setup
|
||||
import cdist
|
||||
from distutils.errors import DistutilsError
|
||||
import os
|
||||
import re
|
||||
import subprocess
|
||||
|
||||
|
||||
# We have it only if it is a git cloned repo.
|
||||
build_helper = os.path.join('bin', 'build-helper')
|
||||
# Version file path.
|
||||
version_file = os.path.join('cdist', 'version.py')
|
||||
# If we have build-helper we could be a git repo.
|
||||
if os.path.exists(build_helper):
|
||||
# Try to generate version.py.
|
||||
rv = subprocess.run([build_helper, 'version', ])
|
||||
if rv.returncode != 0:
|
||||
raise DistutilsError("Failed to generate {}".format(version_file))
|
||||
else:
|
||||
# Otherwise, version.py should be present.
|
||||
if not os.path.exists(version_file):
|
||||
raise DistutilsError("Missing version file {}".format(version_file))
|
||||
|
||||
|
||||
import cdist
|
||||
|
||||
|
||||
def data_finder(data_dir):
|
||||
|
|
Loading…
Reference in a new issue