Merge branch 'master' of code.ungleich.ch:ungleich-public/cdist
This commit is contained in:
commit
69b8bc9af0
94 changed files with 3430 additions and 353 deletions
2
.gitattributes
vendored
2
.gitattributes
vendored
|
@ -4,5 +4,5 @@
|
||||||
docs/speeches export-ignore
|
docs/speeches export-ignore
|
||||||
docs/video export-ignore
|
docs/video export-ignore
|
||||||
docs/src/man7 export-ignore
|
docs/src/man7 export-ignore
|
||||||
bin/build-helper export-ignore
|
bin/cdist-build-helper export-ignore
|
||||||
README-maintainers export-ignore
|
README-maintainers export-ignore
|
||||||
|
|
|
@ -1,20 +1,23 @@
|
||||||
|
---
|
||||||
|
image: code.ungleich.ch:5050/ungleich-public/cdist/cdist-ci:latest
|
||||||
|
|
||||||
stages:
|
stages:
|
||||||
- test
|
- test
|
||||||
|
|
||||||
image: code.ungleich.ch:5050/ungleich-public/cdist/cdist-ci:latest
|
before_script:
|
||||||
|
- ./bin/cdist-build-helper version
|
||||||
unit_tests:
|
|
||||||
stage: test
|
|
||||||
script:
|
|
||||||
- ./bin/build-helper version
|
|
||||||
- ./bin/build-helper test
|
|
||||||
|
|
||||||
pycodestyle:
|
|
||||||
stage: test
|
|
||||||
script:
|
|
||||||
- ./bin/build-helper pycodestyle
|
|
||||||
|
|
||||||
shellcheck:
|
shellcheck:
|
||||||
stage: test
|
stage: test
|
||||||
script:
|
script:
|
||||||
- ./bin/build-helper shellcheck
|
- ./bin/cdist-build-helper shellcheck
|
||||||
|
|
||||||
|
pycodestyle:
|
||||||
|
stage: test
|
||||||
|
script:
|
||||||
|
- ./bin/cdist-build-helper pycodestyle
|
||||||
|
|
||||||
|
unit_tests:
|
||||||
|
stage: test
|
||||||
|
script:
|
||||||
|
- ./bin/cdist-build-helper test
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
Maintainers should use ./bin/build-helper script.
|
Maintainers should use ./bin/cdist-build-helper script.
|
||||||
|
|
||||||
Makefile is intended for end users. It can be used for non-maintaining
|
Makefile is intended for end users. It can be used for non-maintaining
|
||||||
targets that can be run from pure source (without git repository).
|
targets that can be run from pure source (without git repository).
|
||||||
|
|
88
bin/cdist
88
bin/cdist
|
@ -1,7 +1,8 @@
|
||||||
#!/bin/sh
|
#!/usr/bin/env python3
|
||||||
# -*- coding: utf-8 -*-
|
# -*- coding: utf-8 -*-
|
||||||
#
|
#
|
||||||
# 2012 Nico Schottelius (nico-cdist at schottelius.org)
|
# 2010-2016 Nico Schottelius (nico-cdist at schottelius.org)
|
||||||
|
# 2016 Darko Poljak (darko.poljak at gmail.com)
|
||||||
#
|
#
|
||||||
# This file is part of cdist.
|
# This file is part of cdist.
|
||||||
#
|
#
|
||||||
|
@ -20,14 +21,81 @@
|
||||||
#
|
#
|
||||||
#
|
#
|
||||||
|
|
||||||
# Wrapper for real script to allow execution from checkout
|
import logging
|
||||||
dir=${0%/*}
|
import os
|
||||||
|
import sys
|
||||||
|
|
||||||
# Ensure version is present - the bundled/shipped version contains a static version,
|
# See if this file's parent is cdist module
|
||||||
# the git version contains a dynamic version
|
# and if so add it to module search path.
|
||||||
"$dir/build-helper" version
|
cdist_dir = os.path.realpath(
|
||||||
|
os.path.join(
|
||||||
|
os.path.dirname(os.path.realpath(__file__)),
|
||||||
|
os.pardir))
|
||||||
|
cdist_init_dir = os.path.join(cdist_dir, 'cdist', '__init__.py')
|
||||||
|
if os.path.exists(cdist_init_dir):
|
||||||
|
sys.path.insert(0, cdist_dir)
|
||||||
|
|
||||||
libdir=$(cd "${dir}/../" && pwd -P)
|
import cdist # noqa 402
|
||||||
export PYTHONPATH="${libdir}"
|
import cdist.argparse # noqa 402
|
||||||
|
import cdist.banner # noqa 402
|
||||||
|
import cdist.config # noqa 402
|
||||||
|
import cdist.install # noqa 402
|
||||||
|
import cdist.shell # noqa 402
|
||||||
|
import cdist.inventory # noqa 402
|
||||||
|
|
||||||
"$dir/../scripts/cdist" "$@"
|
|
||||||
|
def commandline():
|
||||||
|
"""Parse command line"""
|
||||||
|
|
||||||
|
# preos subcommand hack
|
||||||
|
if len(sys.argv) > 1 and sys.argv[1] == 'preos':
|
||||||
|
return cdist.preos.PreOS.commandline(sys.argv[1:])
|
||||||
|
parser, cfg = cdist.argparse.parse_and_configure(sys.argv[1:])
|
||||||
|
args = cfg.get_args()
|
||||||
|
|
||||||
|
# Work around python 3.3 bug:
|
||||||
|
# http://bugs.python.org/issue16308
|
||||||
|
# http://bugs.python.org/issue9253
|
||||||
|
|
||||||
|
# FIXME: catching AttributeError also hides
|
||||||
|
# real problems.. try a different way
|
||||||
|
|
||||||
|
# FIXME: we always print main help, not
|
||||||
|
# the help of the actual parser being used!
|
||||||
|
try:
|
||||||
|
getattr(args, "func")
|
||||||
|
except AttributeError:
|
||||||
|
parser['main'].print_help()
|
||||||
|
sys.exit(0)
|
||||||
|
|
||||||
|
args.func(args)
|
||||||
|
|
||||||
|
|
||||||
|
if __name__ == "__main__":
|
||||||
|
if sys.version < cdist.MIN_SUPPORTED_PYTHON_VERSION:
|
||||||
|
print('Python >= {} is required on the source host.'.format(
|
||||||
|
cdist.MIN_SUPPORTED_PYTHON_VERSIO), file=sys.stderr)
|
||||||
|
sys.exit(1)
|
||||||
|
|
||||||
|
exit_code = 0
|
||||||
|
|
||||||
|
try:
|
||||||
|
import re
|
||||||
|
import os
|
||||||
|
|
||||||
|
if re.match("__", os.path.basename(sys.argv[0])):
|
||||||
|
import cdist.emulator
|
||||||
|
emulator = cdist.emulator.Emulator(sys.argv)
|
||||||
|
emulator.run()
|
||||||
|
else:
|
||||||
|
commandline()
|
||||||
|
|
||||||
|
except KeyboardInterrupt:
|
||||||
|
exit_code = 2
|
||||||
|
|
||||||
|
except cdist.Error as e:
|
||||||
|
log = logging.getLogger("cdist")
|
||||||
|
log.error(e)
|
||||||
|
exit_code = 1
|
||||||
|
|
||||||
|
sys.exit(exit_code)
|
||||||
|
|
|
@ -45,7 +45,7 @@ usage() {
|
||||||
shellcheck-manifests
|
shellcheck-manifests
|
||||||
shellcheck-local-gencodes
|
shellcheck-local-gencodes
|
||||||
shellcheck-remote-gencodes
|
shellcheck-remote-gencodes
|
||||||
shellcheck-scripts
|
shellcheck-bin
|
||||||
shellcheck-gencodes
|
shellcheck-gencodes
|
||||||
shellcheck-types
|
shellcheck-types
|
||||||
shellcheck
|
shellcheck
|
||||||
|
@ -405,7 +405,7 @@ eof
|
||||||
;;
|
;;
|
||||||
|
|
||||||
pycodestyle|pep8)
|
pycodestyle|pep8)
|
||||||
pycodestyle "${basedir}" "${basedir}/scripts/cdist"
|
pycodestyle "${basedir}" "${basedir}/bin/cdist"
|
||||||
;;
|
;;
|
||||||
|
|
||||||
check-pycodestyle)
|
check-pycodestyle)
|
||||||
|
@ -460,27 +460,34 @@ eof
|
||||||
test ! -s "${SHELLCHECKTMP}" || { cat "${SHELLCHECKTMP}"; exit 1; }
|
test ! -s "${SHELLCHECKTMP}" || { cat "${SHELLCHECKTMP}"; exit 1; }
|
||||||
;;
|
;;
|
||||||
|
|
||||||
shellcheck-scripts)
|
# NOTE: shellcheck-scripts is kept for compatibility
|
||||||
|
shellcheck-bin|shellcheck-scripts)
|
||||||
# shellcheck disable=SC2086
|
# shellcheck disable=SC2086
|
||||||
${SHELLCHECKCMD} scripts/cdist-dump scripts/cdist-new-type > "${SHELLCHECKTMP}"
|
${SHELLCHECKCMD} bin/cdist-dump bin/cdist-new-type > "${SHELLCHECKTMP}"
|
||||||
test ! -s "${SHELLCHECKTMP}" || { cat "${SHELLCHECKTMP}"; exit 1; }
|
test ! -s "${SHELLCHECKTMP}" || { cat "${SHELLCHECKTMP}"; exit 1; }
|
||||||
;;
|
;;
|
||||||
|
|
||||||
shellcheck-gencodes)
|
shellcheck-gencodes)
|
||||||
"$0" shellcheck-local-gencodes || exit 1
|
errors=false
|
||||||
"$0" shellcheck-remote-gencodes || exit 1
|
"$0" shellcheck-local-gencodes || errors=true
|
||||||
|
"$0" shellcheck-remote-gencodes || errors=true
|
||||||
|
! $errors || exit 1
|
||||||
;;
|
;;
|
||||||
|
|
||||||
shellcheck-types)
|
shellcheck-types)
|
||||||
"$0" shellcheck-type-explorers || exit 1
|
errors=false
|
||||||
"$0" shellcheck-manifests || exit 1
|
"$0" shellcheck-type-explorers || errors=true
|
||||||
"$0" shellcheck-gencodes || exit 1
|
"$0" shellcheck-manifests || errors=true
|
||||||
|
"$0" shellcheck-gencodes || errors=true
|
||||||
|
! $errors || exit 1
|
||||||
;;
|
;;
|
||||||
|
|
||||||
shellcheck)
|
shellcheck)
|
||||||
"$0" shellcheck-global-explorers || exit 1
|
errors=false
|
||||||
"$0" shellcheck-types || exit 1
|
"$0" shellcheck-global-explorers || errors=true
|
||||||
"$0" shellcheck-scripts || exit 1
|
"$0" shellcheck-types || errors=true
|
||||||
|
"$0" shellcheck-bin || errors=true
|
||||||
|
! $errors || exit 1
|
||||||
;;
|
;;
|
||||||
|
|
||||||
shellcheck-type-files)
|
shellcheck-type-files)
|
||||||
|
@ -490,12 +497,14 @@ eof
|
||||||
;;
|
;;
|
||||||
|
|
||||||
shellcheck-with-files)
|
shellcheck-with-files)
|
||||||
"$0" shellcheck || exit 1
|
errors=false
|
||||||
"$0" shellcheck-type-files || exit 1
|
"$0" shellcheck || errors=true
|
||||||
|
"$0" shellcheck-type-files || errors=true
|
||||||
|
! $errors || exit 1
|
||||||
;;
|
;;
|
||||||
|
|
||||||
shellcheck-build-helper)
|
shellcheck-build-helper)
|
||||||
${SHELLCHECKCMD} ./bin/build-helper
|
${SHELLCHECKCMD} ./bin/cdist-build-helper
|
||||||
;;
|
;;
|
||||||
|
|
||||||
check-shellcheck)
|
check-shellcheck)
|
|
@ -22,12 +22,27 @@
|
||||||
|
|
||||||
import os
|
import os
|
||||||
import hashlib
|
import hashlib
|
||||||
|
import subprocess
|
||||||
|
|
||||||
import cdist.log
|
import cdist.log
|
||||||
import cdist.version
|
|
||||||
|
|
||||||
|
|
||||||
VERSION = cdist.version.VERSION
|
VERSION = 'unknown version'
|
||||||
|
|
||||||
|
try:
|
||||||
|
import cdist.version
|
||||||
|
VERSION = cdist.version.VERSION
|
||||||
|
except ModuleNotFoundError:
|
||||||
|
cdist_dir = os.path.abspath(
|
||||||
|
os.path.join(os.path.dirname(__file__), os.pardir))
|
||||||
|
if os.path.isdir(os.path.join(cdist_dir, '.git')):
|
||||||
|
try:
|
||||||
|
VERSION = subprocess.check_output(
|
||||||
|
['git', 'describe', '--always'],
|
||||||
|
cwd=cdist_dir,
|
||||||
|
universal_newlines=True)
|
||||||
|
except Exception:
|
||||||
|
pass
|
||||||
|
|
||||||
BANNER = """
|
BANNER = """
|
||||||
.. . .x+=:. s
|
.. . .x+=:. s
|
||||||
|
|
|
@ -473,7 +473,7 @@ def get_parsers():
|
||||||
|
|
||||||
# Scan = config + further
|
# Scan = config + further
|
||||||
parser['scan'] = parser['sub'].add_parser('scan', add_help=False,
|
parser['scan'] = parser['sub'].add_parser('scan', add_help=False,
|
||||||
parents=[parser['config']])
|
parents=[parser['config']])
|
||||||
|
|
||||||
parser['scan'] = parser['sub'].add_parser(
|
parser['scan'] = parser['sub'].add_parser(
|
||||||
'scan', parents=[parser['loglevel'],
|
'scan', parents=[parser['loglevel'],
|
||||||
|
|
|
@ -32,11 +32,12 @@ EXAMPLES
|
||||||
AUTHORS
|
AUTHORS
|
||||||
-------
|
-------
|
||||||
Steven Armstrong <steven-cdist--@--armstrong.cc>
|
Steven Armstrong <steven-cdist--@--armstrong.cc>
|
||||||
|
Dennis Camera <dennis.camera--@--ssrq-sds-fds.ch>
|
||||||
|
|
||||||
|
|
||||||
COPYING
|
COPYING
|
||||||
-------
|
-------
|
||||||
Copyright \(C) 2014 Steven Armstrong. You can redistribute it
|
Copyright \(C) 2014 Steven Armstrong, 2020 Dennis Camera.
|
||||||
and/or modify it under the terms of the GNU General Public License as
|
You can redistribute it and/or modify it under the terms of the GNU General
|
||||||
published by the Free Software Foundation, either version 3 of the
|
Public License as published by the Free Software Foundation, either version 3 of
|
||||||
License, or (at your option) any later version.
|
the License, or (at your option) any later version.
|
||||||
|
|
|
@ -1,6 +1,7 @@
|
||||||
#!/bin/sh -e
|
#!/bin/sh -e
|
||||||
#
|
#
|
||||||
# 2014 Steven Armstrong (steven-cdist at armstrong.cc)
|
# 2014 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||||
|
# 2020 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
|
||||||
#
|
#
|
||||||
# This file is part of cdist.
|
# This file is part of cdist.
|
||||||
#
|
#
|
||||||
|
@ -19,26 +20,28 @@
|
||||||
#
|
#
|
||||||
|
|
||||||
|
|
||||||
os=$(cat "$__global/explorer/os")
|
os=$(cat "${__global:?}/explorer/os")
|
||||||
|
|
||||||
case "$os" in
|
case ${os}
|
||||||
ubuntu|debian|devuan)
|
in
|
||||||
# No stinking recommends thank you very much.
|
(ubuntu|debian|devuan)
|
||||||
# If I want something installed I will do so myself.
|
__file /etc/apt/apt.conf.d/00InstallRecommends --state present \
|
||||||
__file /etc/apt/apt.conf.d/99-no-recommends \
|
--owner root --group root --mode 0644 --source - <<-'EOF'
|
||||||
--owner root --group root --mode 644 \
|
APT::Install-Recommends "false";
|
||||||
--source - << DONE
|
APT::Install-Suggests "false";
|
||||||
APT::Install-Recommends "0";
|
APT::AutoRemove::RecommendsImportant "false";
|
||||||
APT::Install-Suggests "0";
|
APT::AutoRemove::SuggestsImportant "false";
|
||||||
APT::AutoRemove::RecommendsImportant "0";
|
EOF
|
||||||
APT::AutoRemove::SuggestsImportant "0";
|
|
||||||
DONE
|
# TODO: Remove the following object after some time
|
||||||
;;
|
require=__file/etc/apt/apt.conf.d/00InstallRecommends \
|
||||||
*)
|
__file /etc/apt/apt.conf.d/99-no-recommends --state absent
|
||||||
cat >&2 << DONE
|
;;
|
||||||
|
(*)
|
||||||
|
cat >&2 <<EOF
|
||||||
The developer of this type (${__type##*/}) did not think your operating system
|
The developer of this type (${__type##*/}) did not think your operating system
|
||||||
($os) would have any use for it. If you think otherwise please submit a patch.
|
($os) would have any use for it. If you think otherwise please submit a patch.
|
||||||
DONE
|
EOF
|
||||||
exit 1
|
exit 1
|
||||||
;;
|
;;
|
||||||
esac
|
esac
|
||||||
|
|
|
@ -46,28 +46,29 @@ fi
|
||||||
|
|
||||||
remove_block() {
|
remove_block() {
|
||||||
cat << DONE
|
cat << DONE
|
||||||
tmpfile=\$(mktemp ${file}.cdist.XXXXXXXXXX)
|
tmpfile=\$(mktemp ${quoted_file}.cdist.XXXXXXXXXX)
|
||||||
# preserve ownership and permissions of existing file
|
# preserve ownership and permissions of existing file
|
||||||
if [ -f "$file" ]; then
|
if [ -f $quoted_file ]; then
|
||||||
cp -p "$file" "\$tmpfile"
|
cp -p $quoted_file "\$tmpfile"
|
||||||
fi
|
fi
|
||||||
awk -v prefix=^$(quote "$prefix")\$ -v suffix=^$(quote "$suffix")\$ '
|
awk -v prefix=$(quote "$prefix") -v suffix=$(quote "$suffix") '
|
||||||
{
|
{
|
||||||
if (match(\$0,prefix)) {
|
if (\$0 == prefix) {
|
||||||
triggered=1
|
triggered=1
|
||||||
}
|
}
|
||||||
if (triggered) {
|
if (triggered) {
|
||||||
if (match(\$0,suffix)) {
|
if (\$0 == suffix) {
|
||||||
triggered=0
|
triggered=0
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
print
|
print
|
||||||
}
|
}
|
||||||
}' "$file" > "\$tmpfile"
|
}' $quoted_file > "\$tmpfile"
|
||||||
mv -f "\$tmpfile" "$file"
|
mv -f "\$tmpfile" $quoted_file
|
||||||
DONE
|
DONE
|
||||||
}
|
}
|
||||||
|
|
||||||
|
quoted_file="$(quote "$file")"
|
||||||
case "$state_should" in
|
case "$state_should" in
|
||||||
present)
|
present)
|
||||||
if [ "$state_is" = "changed" ]; then
|
if [ "$state_is" = "changed" ]; then
|
||||||
|
@ -77,7 +78,7 @@ case "$state_should" in
|
||||||
echo add >> "$__messages_out"
|
echo add >> "$__messages_out"
|
||||||
fi
|
fi
|
||||||
cat << DONE
|
cat << DONE
|
||||||
cat >> "$file" << ${__type##*/}_DONE
|
cat >> $quoted_file << '${__type##*/}_DONE'
|
||||||
$(cat "$block")
|
$(cat "$block")
|
||||||
${__type##*/}_DONE
|
${__type##*/}_DONE
|
||||||
DONE
|
DONE
|
||||||
|
|
26
cdist/conf/type/__dpkg_architecture/explorer/architecture
Executable file
26
cdist/conf/type/__dpkg_architecture/explorer/architecture
Executable file
|
@ -0,0 +1,26 @@
|
||||||
|
#!/bin/sh -e
|
||||||
|
# __dpkg_architecture/explorer/architecture
|
||||||
|
#
|
||||||
|
# 2020 Matthias Stecher <matthiasstecher at gmx.de>
|
||||||
|
#
|
||||||
|
# This file is part of cdist.
|
||||||
|
#
|
||||||
|
# cdist is free software: you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU General Public License as published by
|
||||||
|
# the Free Software Foundation, either version 3 of the License, or
|
||||||
|
# (at your option) any later version.
|
||||||
|
#
|
||||||
|
# cdist is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
# GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public License
|
||||||
|
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
#
|
||||||
|
|
||||||
|
# Get the main architecture of this machine
|
||||||
|
|
||||||
|
|
||||||
|
# print or die in the gencode-remote
|
||||||
|
dpkg --print-architecture || true
|
26
cdist/conf/type/__dpkg_architecture/explorer/foreign-architectures
Executable file
26
cdist/conf/type/__dpkg_architecture/explorer/foreign-architectures
Executable file
|
@ -0,0 +1,26 @@
|
||||||
|
#!/bin/sh -e
|
||||||
|
# __dpkg_architecture/explorer/foreign-architectures
|
||||||
|
#
|
||||||
|
# 2020 Matthias Stecher <matthiasstecher at gmx.de>
|
||||||
|
#
|
||||||
|
# This file is part of cdist.
|
||||||
|
#
|
||||||
|
# cdist is free software: you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU General Public License as published by
|
||||||
|
# the Free Software Foundation, either version 3 of the License, or
|
||||||
|
# (at your option) any later version.
|
||||||
|
#
|
||||||
|
# cdist is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
# GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public License
|
||||||
|
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
#
|
||||||
|
|
||||||
|
# Print all additional architectures
|
||||||
|
|
||||||
|
|
||||||
|
# print or die in the gencode-remote
|
||||||
|
dpkg --print-foreign-architectures || true
|
82
cdist/conf/type/__dpkg_architecture/gencode-remote
Executable file
82
cdist/conf/type/__dpkg_architecture/gencode-remote
Executable file
|
@ -0,0 +1,82 @@
|
||||||
|
#!/bin/sh -e
|
||||||
|
# __dpkg_architecture/gencode-remote
|
||||||
|
#
|
||||||
|
# 2020 Matthias Stecher <matthiasstecher at gmx.de>
|
||||||
|
#
|
||||||
|
# This file is part of cdist.
|
||||||
|
#
|
||||||
|
# cdist is free software: you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU General Public License as published by
|
||||||
|
# the Free Software Foundation, either version 3 of the License, or
|
||||||
|
# (at your option) any later version.
|
||||||
|
#
|
||||||
|
# cdist is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
# GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public License
|
||||||
|
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
#
|
||||||
|
|
||||||
|
|
||||||
|
# Get parameter and explorer
|
||||||
|
state_should="$(cat "$__object/parameter/state")"
|
||||||
|
arch_wanted="$__object_id"
|
||||||
|
main_arch="$(cat "$__object/explorer/architecture")"
|
||||||
|
|
||||||
|
# Exit here if dpkg do not work (empty explorer)
|
||||||
|
if [ -z "$main_arch" ]; then
|
||||||
|
echo "dpkg is not available or unable to detect a architecture!" >&2
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
# Check if requested architecture is the main one
|
||||||
|
if [ "$arch_wanted" = "$main_arch" ]; then
|
||||||
|
# higher than present; we can not remove it
|
||||||
|
state_is="present"
|
||||||
|
caution="yes"
|
||||||
|
|
||||||
|
# Check if the architecture not already used
|
||||||
|
elif grep -qFx "$arch_wanted" "$__object/explorer/foreign-architectures"; then
|
||||||
|
state_is="present"
|
||||||
|
|
||||||
|
# arch does not exist
|
||||||
|
else
|
||||||
|
state_is="absent"
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
# Check what to do
|
||||||
|
if [ "$state_is" != "$state_should" ]; then
|
||||||
|
case "$state_should" in
|
||||||
|
present)
|
||||||
|
# print add code
|
||||||
|
printf "dpkg --add-architecture '%s'\n" "$arch_wanted"
|
||||||
|
# updating the index to make the new architecture available
|
||||||
|
echo "apt update"
|
||||||
|
|
||||||
|
echo added >> "$__messages_out"
|
||||||
|
;;
|
||||||
|
|
||||||
|
absent)
|
||||||
|
if [ "$caution" ]; then
|
||||||
|
printf "can not remove the main arch '%s' of the system!\n" "$main_arch" >&2
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
# removing all existing packages for the architecture
|
||||||
|
printf "apt purge '.*:%s'\n" "$arch_wanted"
|
||||||
|
# print remove code
|
||||||
|
printf "dpkg --remove-architecture '%s'\n" "$arch_wanted"
|
||||||
|
|
||||||
|
echo removed >> "$__messages_out"
|
||||||
|
;;
|
||||||
|
|
||||||
|
*)
|
||||||
|
printf "state '%s' is unknown!\n" "$state_should" >&2
|
||||||
|
exit 1
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
fi
|
103
cdist/conf/type/__dpkg_architecture/man.rst
Normal file
103
cdist/conf/type/__dpkg_architecture/man.rst
Normal file
|
@ -0,0 +1,103 @@
|
||||||
|
cdist-type__dpkg_architecture(7)
|
||||||
|
================================
|
||||||
|
|
||||||
|
NAME
|
||||||
|
----
|
||||||
|
cdist-type__dpkg_architecture - Handles foreign architectures on debian-like
|
||||||
|
systems managed by `dpkg`
|
||||||
|
|
||||||
|
|
||||||
|
DESCRIPTION
|
||||||
|
-----------
|
||||||
|
This type handles foreign architectures on systems managed by
|
||||||
|
:strong:`dpkg`\ (1). The object id is the name of the architecture accepted by
|
||||||
|
`dpkg`, which should be added or removed.
|
||||||
|
|
||||||
|
If the architecture is not setup on the system, it adds a new architecture as a
|
||||||
|
new foreign architecture in `dpkg`. Then, it updates the apt package index to
|
||||||
|
make packages from the new architecture available.
|
||||||
|
|
||||||
|
If the architecture should be removed, it will remove it if it is not the base
|
||||||
|
architecture on where the system was installed on. Before it, it will purge
|
||||||
|
every package based on the "to be removed" architecture via `apt` to be able to
|
||||||
|
remove the selected architecture.
|
||||||
|
|
||||||
|
|
||||||
|
REQUIRED PARAMETERS
|
||||||
|
-------------------
|
||||||
|
None.
|
||||||
|
|
||||||
|
|
||||||
|
OPTIONAL PARAMETERS
|
||||||
|
-------------------
|
||||||
|
state
|
||||||
|
``present`` or ``absent``. Defaults to ``present``.
|
||||||
|
|
||||||
|
|
||||||
|
MESSAGES
|
||||||
|
--------
|
||||||
|
added
|
||||||
|
Added the specified architecture
|
||||||
|
|
||||||
|
removed
|
||||||
|
Removed the specified architecture
|
||||||
|
|
||||||
|
|
||||||
|
ABORTS
|
||||||
|
------
|
||||||
|
Aborts in the following cases:
|
||||||
|
|
||||||
|
If :strong:`dpkg`\ (1) is not available. It will abort with a proper error
|
||||||
|
message.
|
||||||
|
|
||||||
|
If the architecture is the same as the base architecture the system is build
|
||||||
|
upon it (returned by ``dpkg --print-architecture``) and it should be removed.
|
||||||
|
|
||||||
|
It will fail if it can not execute :strong:`apt`\ (8). It is assumed that it is
|
||||||
|
already installed.
|
||||||
|
|
||||||
|
|
||||||
|
EXAMPLES
|
||||||
|
--------
|
||||||
|
|
||||||
|
.. code-block:: sh
|
||||||
|
|
||||||
|
# add i386 (32 bit) architecture
|
||||||
|
__dpkg_architecture i386
|
||||||
|
|
||||||
|
# remove it again :)
|
||||||
|
__dpkg_architecture i386 --state absent
|
||||||
|
|
||||||
|
|
||||||
|
SEE ALSO
|
||||||
|
--------
|
||||||
|
`Multiarch on Debian systems <https://wiki.debian.org/Multiarch>`_
|
||||||
|
|
||||||
|
`How to setup multiarch on Debian <https://wiki.debian.org/Multiarch/HOWTO>`_
|
||||||
|
|
||||||
|
:strong:`dpkg`\ (1)
|
||||||
|
:strong:`cdist-type__package_dpkg`\ (7)
|
||||||
|
:strong:`cdist-type__package_apt`\ (7)
|
||||||
|
|
||||||
|
Useful commands:
|
||||||
|
|
||||||
|
.. code-block:: sh
|
||||||
|
|
||||||
|
# base architecture installed on this system
|
||||||
|
dpkg --print-architecture
|
||||||
|
|
||||||
|
# extra architectures added
|
||||||
|
dpkg --print-foreign-architectures
|
||||||
|
|
||||||
|
|
||||||
|
AUTHORS
|
||||||
|
-------
|
||||||
|
Matthias Stecher <matthiasstecher at gmx.de>
|
||||||
|
|
||||||
|
|
||||||
|
COPYING
|
||||||
|
-------
|
||||||
|
Copyright \(C) 2020 Matthias Stecher. You can redistribute it
|
||||||
|
and/or modify it under the terms of the GNU General Public License as
|
||||||
|
ublished by the Free Software Foundation, either version 3 of the
|
||||||
|
License, or (at your option) any later version.
|
0
cdist/conf/type/__dpkg_architecture/nonparallel
Normal file
0
cdist/conf/type/__dpkg_architecture/nonparallel
Normal file
|
@ -0,0 +1 @@
|
||||||
|
present
|
1
cdist/conf/type/__dpkg_architecture/parameter/optional
Normal file
1
cdist/conf/type/__dpkg_architecture/parameter/optional
Normal file
|
@ -0,0 +1 @@
|
||||||
|
state
|
|
@ -95,6 +95,10 @@ case "$state_should" in
|
||||||
fi
|
fi
|
||||||
;;
|
;;
|
||||||
|
|
||||||
|
pre-exists)
|
||||||
|
:
|
||||||
|
;;
|
||||||
|
|
||||||
*)
|
*)
|
||||||
echo "Unknown state: $state_should" >&2
|
echo "Unknown state: $state_should" >&2
|
||||||
exit 1
|
exit 1
|
||||||
|
|
|
@ -20,26 +20,27 @@
|
||||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||||
#
|
#
|
||||||
|
|
||||||
os=$(cat "$__global/explorer/os")
|
os=$(cat "${__global:?}/explorer/os")
|
||||||
name_running=$(cat "$__global/explorer/hostname")
|
name_running=$(cat "${__global:?}/explorer/hostname")
|
||||||
has_hostnamectl=$(cat "$__object/explorer/has_hostnamectl")
|
has_hostnamectl=$(cat "${__object:?}/explorer/has_hostnamectl")
|
||||||
|
|
||||||
|
|
||||||
if test -s "$__object/parameter/name"
|
if test -s "${__object:?}/parameter/name"
|
||||||
then
|
then
|
||||||
name_should=$(cat "$__object/parameter/name")
|
name_should=$(cat "${__object:?}/parameter/name")
|
||||||
else
|
else
|
||||||
case $os
|
case ${os}
|
||||||
in
|
in
|
||||||
# RedHat-derivatives and BSDs
|
# RedHat-derivatives and BSDs
|
||||||
centos|fedora|redhat|scientific|freebsd|macosx|netbsd|openbsd)
|
(centos|fedora|redhat|scientific|freebsd|macosx|netbsd|openbsd)
|
||||||
# Hostname is FQDN
|
# Hostname is FQDN
|
||||||
name_should="${__target_host}"
|
name_should=${__target_host:?}
|
||||||
;;
|
;;
|
||||||
*)
|
(*)
|
||||||
# Hostname is only first component of FQDN
|
# Hostname is only first component of FQDN
|
||||||
name_should="${__target_host%%.*}"
|
name_should=${__target_host:?}
|
||||||
;;
|
name_should=${name_should%%.*}
|
||||||
|
;;
|
||||||
esac
|
esac
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
@ -47,43 +48,46 @@ fi
|
||||||
################################################################################
|
################################################################################
|
||||||
# Check if the (running) hostname is already correct
|
# Check if the (running) hostname is already correct
|
||||||
#
|
#
|
||||||
test "$name_running" != "$name_should" || exit 0
|
test "${name_running}" != "${name_should}" || exit 0
|
||||||
|
|
||||||
|
|
||||||
################################################################################
|
################################################################################
|
||||||
# Setup hostname
|
# Setup hostname
|
||||||
#
|
#
|
||||||
echo 'changed' >>"$__messages_out"
|
echo 'changed' >>"${__messages_out:?}"
|
||||||
|
|
||||||
# Use the good old way to set the hostname.
|
# Use the good old way to set the hostname.
|
||||||
case $os
|
case ${os}
|
||||||
in
|
in
|
||||||
alpine|debian|devuan|ubuntu)
|
(alpine|debian|devuan|ubuntu)
|
||||||
echo 'hostname -F /etc/hostname'
|
echo 'hostname -F /etc/hostname'
|
||||||
;;
|
;;
|
||||||
archlinux)
|
(archlinux)
|
||||||
echo 'command -v hostnamectl >/dev/null 2>&1' \
|
echo 'command -v hostnamectl >/dev/null 2>&1' \
|
||||||
"&& hostnamectl set-hostname '$name_should'" \
|
"&& hostnamectl set-hostname '${name_should}'" \
|
||||||
"|| hostname '$name_should'"
|
"|| hostname '${name_should}'"
|
||||||
;;
|
;;
|
||||||
centos|fedora|redhat|scientific|freebsd|netbsd|openbsd|gentoo|void)
|
(centos|fedora|redhat|scientific|freebsd|netbsd|openbsd|gentoo|void)
|
||||||
echo "hostname '$name_should'"
|
echo "hostname '${name_should}'"
|
||||||
;;
|
;;
|
||||||
macosx)
|
(openwrt)
|
||||||
echo "scutil --set HostName '$name_should'"
|
echo "echo '${name_should}' >/proc/sys/kernel/hostname"
|
||||||
;;
|
;;
|
||||||
solaris)
|
(macosx)
|
||||||
echo "uname -S '$name_should'"
|
echo "scutil --set HostName '${name_should}'"
|
||||||
;;
|
;;
|
||||||
slackware|suse|opensuse-leap)
|
(solaris)
|
||||||
|
echo "uname -S '${name_should}'"
|
||||||
|
;;
|
||||||
|
(slackware|suse)
|
||||||
# We do not read from /etc/HOSTNAME, because the running
|
# We do not read from /etc/HOSTNAME, because the running
|
||||||
# hostname is the first component only while the file contains
|
# hostname is the first component only while the file contains
|
||||||
# the FQDN.
|
# the FQDN.
|
||||||
echo "hostname '$name_should'"
|
echo "hostname '${name_should}'"
|
||||||
;;
|
;;
|
||||||
*)
|
(*)
|
||||||
# Fall back to set the hostname using hostnamectl, if available.
|
# Fall back to set the hostname using hostnamectl, if available.
|
||||||
if test -n "$has_hostnamectl"
|
if test -n "${has_hostnamectl}"
|
||||||
then
|
then
|
||||||
# Don't use hostnamectl as the primary means to set the hostname for
|
# Don't use hostnamectl as the primary means to set the hostname for
|
||||||
# systemd systems, because it cannot be trusted to work reliably and
|
# systemd systems, because it cannot be trusted to work reliably and
|
||||||
|
@ -94,7 +98,8 @@ in
|
||||||
echo "test \"\$(hostname)\" = \"\$(cat /etc/hostname)\"" \
|
echo "test \"\$(hostname)\" = \"\$(cat /etc/hostname)\"" \
|
||||||
" || hostname -F /etc/hostname"
|
" || hostname -F /etc/hostname"
|
||||||
else
|
else
|
||||||
printf "echo 'Unsupported OS: %s' >&2\nexit 1\n" "$os"
|
printf "echo 'Unsupported OS: %s' >&2\n" "${os}"
|
||||||
|
printf 'exit 1\n'
|
||||||
fi
|
fi
|
||||||
;;
|
;;
|
||||||
esac
|
esac
|
||||||
|
|
|
@ -20,69 +20,49 @@
|
||||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||||
#
|
#
|
||||||
|
|
||||||
not_supported() {
|
|
||||||
echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2
|
|
||||||
echo "Please contribute an implementation for it if you can." >&2
|
|
||||||
exit 1
|
|
||||||
}
|
|
||||||
|
|
||||||
set_hostname_systemd() {
|
set_hostname_systemd() {
|
||||||
echo "$1" | __file /etc/hostname --source -
|
echo "$1" | __file /etc/hostname --source -
|
||||||
}
|
}
|
||||||
|
|
||||||
os=$(cat "$__global/explorer/os")
|
os=$(cat "${__global:?}/explorer/os")
|
||||||
os_version=$(cat "$__global/explorer/os_version")
|
|
||||||
os_major=$(echo "$os_version" | grep -o '^[0-9][0-9]*' || true)
|
|
||||||
|
|
||||||
max_len=$(cat "$__object/explorer/max_len")
|
max_len=$(cat "${__object:?}/explorer/max_len")
|
||||||
has_hostnamectl=$(cat "$__object/explorer/has_hostnamectl")
|
has_hostnamectl=$(cat "${__object:?}/explorer/has_hostnamectl")
|
||||||
|
|
||||||
if test -s "$__object/parameter/name"
|
if test -s "${__object:?}/parameter/name"
|
||||||
then
|
then
|
||||||
name_should=$(cat "$__object/parameter/name")
|
name_should=$(cat "${__object:?}/parameter/name")
|
||||||
else
|
else
|
||||||
case $os
|
case ${os}
|
||||||
in
|
in
|
||||||
# RedHat-derivatives and BSDs
|
# RedHat-derivatives and BSDs
|
||||||
centos|fedora|redhat|scientific|freebsd|netbsd|openbsd|slackware)
|
(centos|fedora|redhat|scientific|freebsd|netbsd|openbsd|slackware|suse)
|
||||||
# Hostname is FQDN
|
# Hostname is FQDN
|
||||||
name_should="${__target_host}"
|
name_should=${__target_host:?}
|
||||||
;;
|
;;
|
||||||
suse|opensuse-leap)
|
|
||||||
# Classic SuSE stores the FQDN in /etc/HOSTNAME, while
|
|
||||||
# systemd does not. The running hostname is the first
|
|
||||||
# component in both cases.
|
|
||||||
# In versions before 15.x, the FQDN is stored in /etc/hostname.
|
|
||||||
if test -n "$has_hostnamectl" && test "$os_major" -ge 15 \
|
|
||||||
&& test "$os_major" -ne 42
|
|
||||||
then
|
|
||||||
name_should="${__target_host%%.*}"
|
|
||||||
else
|
|
||||||
name_should="${__target_host}"
|
|
||||||
fi
|
|
||||||
;;
|
|
||||||
*)
|
*)
|
||||||
# Hostname is only first component of FQDN on all other systems.
|
# Hostname is only first component of FQDN on all other systems.
|
||||||
name_should="${__target_host%%.*}"
|
name_should=${__target_host:?}
|
||||||
;;
|
name_should=${name_should%%.*}
|
||||||
|
;;
|
||||||
esac
|
esac
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if test -n "$max_len" && test "$(printf '%s' "$name_should" | wc -c)" -gt "$max_len"
|
if test -n "${max_len}" && test "$(printf '%s' "${name_should}" | wc -c)" -gt "${max_len}"
|
||||||
then
|
then
|
||||||
printf "Host name too long. Up to %u characters allowed.\n" "${max_len}" >&2
|
printf "Host name too long. Up to %u characters allowed.\n" "${max_len}" >&2
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
case $os
|
case ${os}
|
||||||
in
|
in
|
||||||
alpine|debian|devuan|ubuntu|void)
|
(alpine|debian|devuan|ubuntu|void)
|
||||||
echo "$name_should" | __file /etc/hostname --source -
|
echo "${name_should}" | __file /etc/hostname --source -
|
||||||
;;
|
;;
|
||||||
archlinux)
|
(archlinux)
|
||||||
if test -n "$has_hostnamectl"
|
if test -n "${has_hostnamectl}"
|
||||||
then
|
then
|
||||||
set_hostname_systemd "$name_should"
|
set_hostname_systemd "${name_should}"
|
||||||
else
|
else
|
||||||
echo 'Ancient ArchLinux variants without hostnamectl are not supported.' >&2
|
echo 'Ancient ArchLinux variants without hostnamectl are not supported.' >&2
|
||||||
exit 1
|
exit 1
|
||||||
|
@ -97,8 +77,8 @@ in
|
||||||
# --value "\"$name_should\""
|
# --value "\"$name_should\""
|
||||||
fi
|
fi
|
||||||
;;
|
;;
|
||||||
centos|fedora|redhat|scientific)
|
(centos|fedora|redhat|scientific)
|
||||||
if test -z "$has_hostnamectl"
|
if test -z "${has_hostnamectl}"
|
||||||
then
|
then
|
||||||
# Only write to /etc/sysconfig/network on non-systemd versions.
|
# Only write to /etc/sysconfig/network on non-systemd versions.
|
||||||
# On systemd-based versions this entry is ignored.
|
# On systemd-based versions this entry is ignored.
|
||||||
|
@ -106,59 +86,83 @@ in
|
||||||
--file /etc/sysconfig/network \
|
--file /etc/sysconfig/network \
|
||||||
--delimiter '=' --exact_delimiter \
|
--delimiter '=' --exact_delimiter \
|
||||||
--key HOSTNAME \
|
--key HOSTNAME \
|
||||||
--value "\"$name_should\""
|
--value "\"${name_should}\""
|
||||||
else
|
else
|
||||||
set_hostname_systemd "$name_should"
|
set_hostname_systemd "${name_should}"
|
||||||
fi
|
fi
|
||||||
;;
|
;;
|
||||||
gentoo)
|
(gentoo)
|
||||||
# Only write to /etc/conf.d/hostname on OpenRC-based installations.
|
# Only write to /etc/conf.d/hostname on OpenRC-based installations.
|
||||||
# On systemd use hostnamectl(1) in gencode-remote.
|
# On systemd use hostnamectl(1) in gencode-remote.
|
||||||
if test -z "$has_hostnamectl"
|
if test -z "${has_hostnamectl}"
|
||||||
then
|
then
|
||||||
__key_value '/etc/conf.d/hostname:hostname' \
|
__key_value '/etc/conf.d/hostname:hostname' \
|
||||||
--file /etc/conf.d/hostname \
|
--file /etc/conf.d/hostname \
|
||||||
--delimiter '=' --exact_delimiter \
|
--delimiter '=' --exact_delimiter \
|
||||||
--key 'hostname' \
|
--key 'hostname' \
|
||||||
--value "\"$name_should\""
|
--value "\"${name_should}\""
|
||||||
else
|
else
|
||||||
set_hostname_systemd "$name_should"
|
set_hostname_systemd "$name_should"
|
||||||
fi
|
fi
|
||||||
;;
|
;;
|
||||||
freebsd)
|
(freebsd)
|
||||||
__key_value '/etc/rc.conf:hostname' \
|
__key_value '/etc/rc.conf:hostname' \
|
||||||
--file /etc/rc.conf \
|
--file /etc/rc.conf \
|
||||||
--delimiter '=' --exact_delimiter \
|
--delimiter '=' --exact_delimiter \
|
||||||
--key 'hostname' \
|
--key 'hostname' \
|
||||||
--value "\"$name_should\""
|
--value "\"${name_should}\""
|
||||||
;;
|
;;
|
||||||
macosx)
|
(macosx)
|
||||||
# handled in gencode-remote
|
# handled in gencode-remote
|
||||||
:
|
;;
|
||||||
;;
|
(netbsd)
|
||||||
netbsd)
|
|
||||||
__key_value '/etc/rc.conf:hostname' \
|
__key_value '/etc/rc.conf:hostname' \
|
||||||
--file /etc/rc.conf \
|
--file /etc/rc.conf \
|
||||||
--delimiter '=' --exact_delimiter \
|
--delimiter '=' --exact_delimiter \
|
||||||
--key 'hostname' \
|
--key 'hostname' \
|
||||||
--value "\"$name_should\""
|
--value "\"${name_should}\""
|
||||||
|
|
||||||
# To avoid confusion, ensure that the hostname is only stored once.
|
# To avoid confusion, ensure that the hostname is only stored once.
|
||||||
__file /etc/myname --state absent
|
__file /etc/myname --state absent
|
||||||
;;
|
;;
|
||||||
openbsd)
|
(openbsd)
|
||||||
echo "$name_should" | __file /etc/myname --source -
|
echo "${name_should}" | __file /etc/myname --source -
|
||||||
;;
|
;;
|
||||||
slackware)
|
(openwrt)
|
||||||
|
__uci system.@system[0].hostname --value "${name_should}"
|
||||||
|
# --transaction hostname
|
||||||
|
;;
|
||||||
|
(slackware)
|
||||||
# We write the FQDN into /etc/HOSTNAME. But /etc/rc.d/rc.M will only
|
# We write the FQDN into /etc/HOSTNAME. But /etc/rc.d/rc.M will only
|
||||||
# read the first component from this file and set it as the running
|
# read the first component from this file and set it as the running
|
||||||
# hostname on boot.
|
# hostname on boot.
|
||||||
echo "$name_should" | __file /etc/HOSTNAME --source -
|
echo "${name_should}" | __file /etc/HOSTNAME --source -
|
||||||
;;
|
;;
|
||||||
solaris)
|
(solaris)
|
||||||
echo "$name_should" | __file /etc/nodename --source -
|
echo "${name_should}" | __file /etc/nodename --source -
|
||||||
;;
|
;;
|
||||||
suse|opensuse-leap)
|
(suse)
|
||||||
|
if test -s "${__global:?}/explorer/os_release"
|
||||||
|
then
|
||||||
|
# shellcheck source=/dev/null
|
||||||
|
os_version=$(. "${__global:?}/explorer/os_release" && echo "${VERSION}")
|
||||||
|
else
|
||||||
|
os_version=$(sed -n 's/^VERSION\ *=\ *//p' "${__global:?}/explorer/os_version")
|
||||||
|
fi
|
||||||
|
os_major=$(expr "${os_version}" : '\([0-9]\{1,\}\)')
|
||||||
|
|
||||||
|
# Classic SuSE stores the FQDN in /etc/HOSTNAME, while
|
||||||
|
# systemd does not. The running hostname is the first
|
||||||
|
# component in both cases.
|
||||||
|
# In versions before 15.x, the FQDN is stored in /etc/hostname.
|
||||||
|
if test -n "${has_hostnamectl}" \
|
||||||
|
&& test "${os_major}" -ge 15 \
|
||||||
|
&& test "${os_major}" -ne 42
|
||||||
|
then
|
||||||
|
# strip away everything but the first part from $name_should
|
||||||
|
name_should=${name_should%%.*}
|
||||||
|
fi
|
||||||
|
|
||||||
# Modern SuSE provides /etc/HOSTNAME as a symlink for
|
# Modern SuSE provides /etc/HOSTNAME as a symlink for
|
||||||
# backwards-compatibility. Unfortunately it cannot be used
|
# backwards-compatibility. Unfortunately it cannot be used
|
||||||
# here as __file does not follow the symlink.
|
# here as __file does not follow the symlink.
|
||||||
|
@ -167,23 +171,25 @@ in
|
||||||
# not work correctly on openSUSE 12.x which provides
|
# not work correctly on openSUSE 12.x which provides
|
||||||
# hostnamectl but not /etc/hostname.
|
# hostnamectl but not /etc/hostname.
|
||||||
|
|
||||||
if test -n "$has_hostnamectl" -a "$os_major" -gt 12
|
if test -n "${has_hostnamectl}" -a "${os_major}" -gt 12
|
||||||
then
|
then
|
||||||
hostname_file='/etc/hostname'
|
hostname_file=/etc/hostname
|
||||||
else
|
else
|
||||||
hostname_file='/etc/HOSTNAME'
|
hostname_file=/etc/HOSTNAME
|
||||||
fi
|
fi
|
||||||
|
|
||||||
echo "$name_should" | __file "$hostname_file" --source -
|
echo "${name_should}" | __file "${hostname_file}" --source -
|
||||||
;;
|
;;
|
||||||
*)
|
(*)
|
||||||
# On other operating systems we fall back to systemd's
|
# On other operating systems we fall back to systemd's
|
||||||
# hostnamectl if available…
|
# hostnamectl if available…
|
||||||
if test -n "$has_hostnamectl"
|
if test -n "${has_hostnamectl}"
|
||||||
then
|
then
|
||||||
set_hostname_systemd "$name_should"
|
set_hostname_systemd "${name_should}"
|
||||||
else
|
else
|
||||||
not_supported
|
echo "Your operating system (${os}) is currently not supported by this type (${__type##*/})." >&2
|
||||||
|
echo "Please contribute an implementation for it if you can." >&2
|
||||||
|
exit 1
|
||||||
fi
|
fi
|
||||||
;;
|
;;
|
||||||
esac
|
esac
|
||||||
|
|
28
cdist/conf/type/__hwclock/explorer/adjtime_mode
Executable file
28
cdist/conf/type/__hwclock/explorer/adjtime_mode
Executable file
|
@ -0,0 +1,28 @@
|
||||||
|
#!/bin/sh -e
|
||||||
|
#
|
||||||
|
# 2020 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
|
||||||
|
#
|
||||||
|
# This file is part of cdist.
|
||||||
|
#
|
||||||
|
# cdist is free software: you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU General Public License as published by
|
||||||
|
# the Free Software Foundation, either version 3 of the License, or
|
||||||
|
# (at your option) any later version.
|
||||||
|
#
|
||||||
|
# cdist is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
# GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public License
|
||||||
|
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
#
|
||||||
|
# Prints the clock mode read from the /etc/adjtime file, if present.
|
||||||
|
#
|
||||||
|
|
||||||
|
# not all operating systems use an adjfile
|
||||||
|
test -f /etc/adjtime || exit 0
|
||||||
|
|
||||||
|
# 3rd line is clock mode
|
||||||
|
# adjtime(5) https://man7.org/linux/man-pages/man5/adjtime.5.html
|
||||||
|
sed -n 3p /etc/adjtime
|
27
cdist/conf/type/__hwclock/explorer/timedatectl_localrtc
Executable file
27
cdist/conf/type/__hwclock/explorer/timedatectl_localrtc
Executable file
|
@ -0,0 +1,27 @@
|
||||||
|
#!/bin/sh -e
|
||||||
|
#
|
||||||
|
# 2020 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
|
||||||
|
#
|
||||||
|
# This file is part of cdist.
|
||||||
|
#
|
||||||
|
# cdist is free software: you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU General Public License as published by
|
||||||
|
# the Free Software Foundation, either version 3 of the License, or
|
||||||
|
# (at your option) any later version.
|
||||||
|
#
|
||||||
|
# cdist is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
# GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public License
|
||||||
|
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
#
|
||||||
|
# Prints the LocalRTC property using timedatectl on systemd-based systems.
|
||||||
|
#
|
||||||
|
|
||||||
|
command -v timedatectl >/dev/null 2>&1 || exit 0
|
||||||
|
|
||||||
|
# NOTE: Older versions of timedatectl do not support `timedatectl show'
|
||||||
|
timedatectl --no-pager status \
|
||||||
|
| awk -F': ' '$1 ~ "RTC in local TZ$" { sub(/[ \t]*$/, "", $2); print $2 }'
|
62
cdist/conf/type/__hwclock/gencode-remote
Executable file
62
cdist/conf/type/__hwclock/gencode-remote
Executable file
|
@ -0,0 +1,62 @@
|
||||||
|
#!/bin/sh -e
|
||||||
|
#
|
||||||
|
# 2020 Dennis Camera (dennis.camera@ssrq-sds-fds.ch)
|
||||||
|
#
|
||||||
|
# This file is part of cdist.
|
||||||
|
#
|
||||||
|
# cdist is free software: you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU General Public License as published by
|
||||||
|
# the Free Software Foundation, either version 3 of the License, or
|
||||||
|
# (at your option) any later version.
|
||||||
|
#
|
||||||
|
# cdist is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
# GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public License
|
||||||
|
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
#
|
||||||
|
|
||||||
|
mode=$(cat "${__object:?}/parameter/mode")
|
||||||
|
|
||||||
|
timedatectl_localrtc=$(cat "${__object:?}/explorer/timedatectl_localrtc")
|
||||||
|
adjtime_mode=$(cat "${__object:?}/explorer/adjtime_mode")
|
||||||
|
|
||||||
|
|
||||||
|
case ${mode}
|
||||||
|
in
|
||||||
|
(localtime)
|
||||||
|
adjtime_str=LOCAL
|
||||||
|
local_rtc_str=yes
|
||||||
|
;;
|
||||||
|
(UTC|utc)
|
||||||
|
adjtime_str=UTC
|
||||||
|
local_rtc_str=no
|
||||||
|
;;
|
||||||
|
(*)
|
||||||
|
printf 'Invalid value for --mode: %s\n' "${mode}" >&2
|
||||||
|
printf 'Acceptable values are: localtime, utc.\n' >&2
|
||||||
|
exit 1
|
||||||
|
esac
|
||||||
|
|
||||||
|
|
||||||
|
if test -n "${timedatectl_localrtc}"
|
||||||
|
then
|
||||||
|
# systemd
|
||||||
|
timedatectl_should=${local_rtc_str}
|
||||||
|
if test "${timedatectl_localrtc}" != "${timedatectl_should}"
|
||||||
|
then
|
||||||
|
printf 'timedatectl set-local-rtc %s\n' "${timedatectl_should}"
|
||||||
|
fi
|
||||||
|
elif test -n "${adjtime_mode}"
|
||||||
|
then
|
||||||
|
# others (update /etc/adjtime if present)
|
||||||
|
if test "${adjtime_mode}" != "${adjtime_str}"
|
||||||
|
then
|
||||||
|
# Update /etc/adjtime (3rd line is clock mode)
|
||||||
|
# adjtime(5) https://man7.org/linux/man-pages/man5/adjtime.5.html
|
||||||
|
# FIXME: Should maybe add third line if adjfile only contains two lines
|
||||||
|
printf "sed -i '3c\\\\\\n%s\\n' /etc/adjtime\\n" "${adjtime_str}"
|
||||||
|
fi
|
||||||
|
fi
|
63
cdist/conf/type/__hwclock/man.rst
Normal file
63
cdist/conf/type/__hwclock/man.rst
Normal file
|
@ -0,0 +1,63 @@
|
||||||
|
cdist-type__hwclock(7)
|
||||||
|
======================
|
||||||
|
|
||||||
|
NAME
|
||||||
|
----
|
||||||
|
cdist-type__hwclock - Manage the hardware real time clock.
|
||||||
|
|
||||||
|
|
||||||
|
DESCRIPTION
|
||||||
|
-----------
|
||||||
|
This type can be used to control how the hardware clock is used by the operating
|
||||||
|
system.
|
||||||
|
|
||||||
|
|
||||||
|
REQUIRED PARAMETERS
|
||||||
|
-------------------
|
||||||
|
mode
|
||||||
|
What mode the hardware clock is in.
|
||||||
|
|
||||||
|
Acceptable values:
|
||||||
|
|
||||||
|
localtime
|
||||||
|
The hardware clock is set to local time (common for systems also running
|
||||||
|
Windows.)
|
||||||
|
UTC
|
||||||
|
The hardware clock is set to UTC (common on UNIX systems.)
|
||||||
|
|
||||||
|
|
||||||
|
OPTIONAL PARAMETERS
|
||||||
|
-------------------
|
||||||
|
None.
|
||||||
|
|
||||||
|
|
||||||
|
BOOLEAN PARAMETERS
|
||||||
|
------------------
|
||||||
|
None.
|
||||||
|
|
||||||
|
|
||||||
|
EXAMPLES
|
||||||
|
--------
|
||||||
|
|
||||||
|
.. code-block:: sh
|
||||||
|
|
||||||
|
# Make the operating system treat the time read from the hwclock as UTC.
|
||||||
|
__hwclock --mode UTC
|
||||||
|
|
||||||
|
|
||||||
|
SEE ALSO
|
||||||
|
--------
|
||||||
|
:strong:`hwclock`\ (8)
|
||||||
|
|
||||||
|
|
||||||
|
AUTHORS
|
||||||
|
-------
|
||||||
|
Dennis Camera <dennis.camera@ssrq-sds-fds.ch>
|
||||||
|
|
||||||
|
|
||||||
|
COPYING
|
||||||
|
-------
|
||||||
|
Copyright \(C) 2020 Dennis Camera. You can redistribute it
|
||||||
|
and/or modify it under the terms of the GNU General Public License as
|
||||||
|
published by the Free Software Foundation, either version 3 of the
|
||||||
|
License, or (at your option) any later version.
|
222
cdist/conf/type/__hwclock/manifest
Executable file
222
cdist/conf/type/__hwclock/manifest
Executable file
|
@ -0,0 +1,222 @@
|
||||||
|
#!/bin/sh -e
|
||||||
|
#
|
||||||
|
# 2020 Dennis Camera (dennis.camera@ssrq-sds-fds.ch)
|
||||||
|
#
|
||||||
|
# This file is part of cdist.
|
||||||
|
#
|
||||||
|
# cdist is free software: you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU General Public License as published by
|
||||||
|
# the Free Software Foundation, either version 3 of the License, or
|
||||||
|
# (at your option) any later version.
|
||||||
|
#
|
||||||
|
# cdist is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
# GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public License
|
||||||
|
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
#
|
||||||
|
|
||||||
|
# TODO: Consider supporting BADYEAR
|
||||||
|
|
||||||
|
os=$(cat "${__global:?}/explorer/os")
|
||||||
|
mode=$(cat "${__object:?}/parameter/mode")
|
||||||
|
|
||||||
|
has_systemd_timedatectl=$(test -s "${__object:?}/explorer/timedatectl_localrtc" && echo true || echo false)
|
||||||
|
|
||||||
|
|
||||||
|
case ${mode}
|
||||||
|
in
|
||||||
|
(localtime)
|
||||||
|
local_clock=true
|
||||||
|
;;
|
||||||
|
(UTC|utc)
|
||||||
|
local_clock=false
|
||||||
|
;;
|
||||||
|
(*)
|
||||||
|
printf 'Invalid value for --mode: %s\n' "${mode}" >&2
|
||||||
|
printf 'Acceptable values are: UTC, localtime.\n' >&2
|
||||||
|
exit 1
|
||||||
|
esac
|
||||||
|
|
||||||
|
|
||||||
|
case ${os}
|
||||||
|
in
|
||||||
|
(alpine|gentoo)
|
||||||
|
if ! $has_systemd_timedatectl
|
||||||
|
then
|
||||||
|
# NOTE: Gentoo also supports systemd, in which case /etc/conf.d is
|
||||||
|
# not used. So we check for systemd presence here and only
|
||||||
|
# update /etc/conf.d if systemd is not installed.
|
||||||
|
# https://wiki.gentoo.org/wiki/System_time#Hardware_clock
|
||||||
|
|
||||||
|
export CDIST_ORDER_DEPENDENCY=true
|
||||||
|
__file /etc/conf.d/hwclock --state present \
|
||||||
|
--owner root --group root --mode 0644
|
||||||
|
__key_value /etc/conf.d/hwclock:clock \
|
||||||
|
--file /etc/conf.d/hwclock \
|
||||||
|
--key clock \
|
||||||
|
--delimiter '=' --exact_delimiter \
|
||||||
|
--value "\"$($local_clock && echo local || echo UTC)\""
|
||||||
|
unset CDIST_ORDER_DEPENDENCY
|
||||||
|
fi
|
||||||
|
;;
|
||||||
|
(centos|fedora|redhat|scientific)
|
||||||
|
os_version=$(cat "${__global:?}/explorer/os_version")
|
||||||
|
os_major=$(expr "${os_version}" : '.* release \([0-9]*\)')
|
||||||
|
case ${os}
|
||||||
|
in
|
||||||
|
(centos|scientific)
|
||||||
|
update_sysconfig=$(test "${os_major}" -lt 6 && echo true || echo false)
|
||||||
|
;;
|
||||||
|
(fedora)
|
||||||
|
update_sysconfig=$(test "${os_major}" -lt 10 && echo true || echo false)
|
||||||
|
;;
|
||||||
|
(redhat|*)
|
||||||
|
case ${os_version}
|
||||||
|
in
|
||||||
|
('Red Hat Enterprise Linux'*)
|
||||||
|
update_sysconfig=$(test "${os_major}" -lt 6 && echo true || echo false)
|
||||||
|
;;
|
||||||
|
('Red Hat Linux'*)
|
||||||
|
update_sysconfig=true
|
||||||
|
;;
|
||||||
|
(*)
|
||||||
|
printf 'Could not determine Red Hat distribution.\n' >&2
|
||||||
|
printf "Please contribute an implementation for it if you can.\n" >&2
|
||||||
|
exit 1
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
if ${update_sysconfig:?}
|
||||||
|
then
|
||||||
|
export CDIST_ORDER_DEPENDENCY=true
|
||||||
|
__file /etc/sysconfig/clock --state present \
|
||||||
|
--owner root --group root --mode 0644
|
||||||
|
__key_value /etc/sysconfig/clock:UTC \
|
||||||
|
--file /etc/sysconfig/clock \
|
||||||
|
--key UTC \
|
||||||
|
--delimiter '=' --exact_delimiter \
|
||||||
|
--value "$($local_clock && echo false || echo true)"
|
||||||
|
unset CDIST_ORDER_DEPENDENCY
|
||||||
|
fi
|
||||||
|
;;
|
||||||
|
(debian|devuan|ubuntu)
|
||||||
|
os_major=$(sed 's/[^0-9].*$//' "${__global:?}/explorer/os_version")
|
||||||
|
|
||||||
|
case ${os}
|
||||||
|
in
|
||||||
|
(debian)
|
||||||
|
if test "${os_major}" -ge 7
|
||||||
|
then
|
||||||
|
update_rcS=false
|
||||||
|
elif test "${os_major}" -ge 3
|
||||||
|
then
|
||||||
|
update_rcS=true
|
||||||
|
else
|
||||||
|
# Debian 2.2 should be supportable using rcS.
|
||||||
|
# Debian 2.1 uses the ancient GMT key.
|
||||||
|
# Debian 1.3 does not have rcS.
|
||||||
|
printf "Your operating system (Debian %s) is currently not supported by this type (%s)\n" \
|
||||||
|
"$(cat "${__global:?}/explorer/os_version")" "${__type##*/}" >&2
|
||||||
|
printf "Please contribute an implementation for it if you can.\n" >&2
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
;;
|
||||||
|
(devuan)
|
||||||
|
update_rcS=false
|
||||||
|
;;
|
||||||
|
(ubuntu)
|
||||||
|
update_rcS=$(test "${os_major}" -lt 16 && echo true || echo false)
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
if ${update_rcS}
|
||||||
|
then
|
||||||
|
export CDIST_ORDER_DEPENDENCY=true
|
||||||
|
__file /etc/default/rcS --state present \
|
||||||
|
--owner root --group root --mode 0644
|
||||||
|
__key_value /etc/default/rcS:UTC \
|
||||||
|
--file /etc/default/rcS \
|
||||||
|
--key UTC \
|
||||||
|
--delimiter '=' --exact_delimiter \
|
||||||
|
--value "$($local_clock && echo no || echo yes)"
|
||||||
|
unset CDIST_ORDER_DEPENDENCY
|
||||||
|
fi
|
||||||
|
;;
|
||||||
|
(freebsd)
|
||||||
|
# cf. adjkerntz(8)
|
||||||
|
__file /etc/wall_cmos_clock \
|
||||||
|
--state "$($local_clock && echo present || echo absent)" \
|
||||||
|
--owner root --group wheel --mode 0444
|
||||||
|
;;
|
||||||
|
(netbsd)
|
||||||
|
# https://wiki.netbsd.org/guide/boot/#index9h2
|
||||||
|
__key_value /etc/rc.conf:rtclocaltime \
|
||||||
|
--file /etc/rc.conf \
|
||||||
|
--key rtclocaltime \
|
||||||
|
--delimiter '=' --exact_delimiter \
|
||||||
|
--value "$($local_clock && echo YES || echo NO)"
|
||||||
|
;;
|
||||||
|
(slackware)
|
||||||
|
__file /etc/hardwareclock --owner root --group root --mode 0644 \
|
||||||
|
--source - <<-EOF
|
||||||
|
# /etc/hardwareclock
|
||||||
|
#
|
||||||
|
# Tells how the hardware clock time is stored.
|
||||||
|
# This file is managed by cdist.
|
||||||
|
|
||||||
|
$($local_clock && echo localtime || echo UTC)
|
||||||
|
EOF
|
||||||
|
;;
|
||||||
|
(suse)
|
||||||
|
if test -s "${__global:?}/explorer/os_release"
|
||||||
|
then
|
||||||
|
# shellcheck source=/dev/null
|
||||||
|
os_version=$(. "${__global:?}/explorer/os_release" && echo "${VERSION}")
|
||||||
|
else
|
||||||
|
os_version=$(sed -n 's/^VERSION\ *=\ *//p' "${__global:?}/explorer/os_version")
|
||||||
|
fi
|
||||||
|
os_major=$(expr "${os_version}" : '\([0-9]\{1,\}\)')
|
||||||
|
|
||||||
|
# TODO: Consider using `yast2 timezone set hwclock' instead
|
||||||
|
if expr "${os_major}" \< 12
|
||||||
|
then
|
||||||
|
# Starting with SuSE 12 (first systemd-based version)
|
||||||
|
# /etc/sysconfig/clock does not contain the HWCLOCK line
|
||||||
|
# anymore.
|
||||||
|
# With SuSE 13, it has been reduced to TIMEZONE configuration.
|
||||||
|
__key_value /etc/sysconfig/clock:HWCLOCK \
|
||||||
|
--file /etc/sysconfig/clock \
|
||||||
|
--delimiter '=' --exact_delimiter \
|
||||||
|
--key HWCLOCK \
|
||||||
|
--value "$($local_clock && echo '"--localtime"' || echo '"-u"')"
|
||||||
|
fi
|
||||||
|
;;
|
||||||
|
(void)
|
||||||
|
export CDIST_ORDER_DEPENDENCY=true
|
||||||
|
__file /etc/rc.conf \
|
||||||
|
--owner root --group root --mode 0644 \
|
||||||
|
--state present
|
||||||
|
__key_value /etc/rc.conf:HARDWARECLOCK \
|
||||||
|
--file /etc/rc.conf \
|
||||||
|
--delimiter '=' --exact_delimiter \
|
||||||
|
--key HARDWARECLOCK \
|
||||||
|
--value "\"$($local_clock && echo localtime || echo UTC)\""
|
||||||
|
unset CDIST_ORDER_DEPENDENCY
|
||||||
|
;;
|
||||||
|
(*)
|
||||||
|
if ! $has_systemd_timedatectl
|
||||||
|
then
|
||||||
|
printf "Your operating system (%s) is currently not supported by this type (%s)\n" "$os" "${__type##*/}" >&2
|
||||||
|
printf "Please contribute an implementation for it if you can.\n" >&2
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
# NOTE: timedatectl set-local-rtc for systemd is in gencode-remote
|
||||||
|
# NOTE: /etc/adjtime is also updated in gencode-remote
|
1
cdist/conf/type/__hwclock/parameter/required
Normal file
1
cdist/conf/type/__hwclock/parameter/required
Normal file
|
@ -0,0 +1 @@
|
||||||
|
mode
|
0
cdist/conf/type/__hwclock/singleton
Normal file
0
cdist/conf/type/__hwclock/singleton
Normal file
|
@ -1,7 +1,4 @@
|
||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
# Nico Schottelius
|
|
||||||
# Zürisee, Mon Sep 2 18:38:27 CEST 2013
|
|
||||||
#
|
|
||||||
### BEGIN INIT INFO
|
### BEGIN INIT INFO
|
||||||
# Provides: iptables
|
# Provides: iptables
|
||||||
# Required-Start: $local_fs $remote_fs
|
# Required-Start: $local_fs $remote_fs
|
||||||
|
@ -14,34 +11,72 @@
|
||||||
# and saves/restores previous status
|
# and saves/restores previous status
|
||||||
### END INIT INFO
|
### END INIT INFO
|
||||||
|
|
||||||
|
# Originally written by:
|
||||||
|
# Nico Schottelius
|
||||||
|
# Zürisee, Mon Sep 2 18:38:27 CEST 2013
|
||||||
|
#
|
||||||
|
# 2013 Nico Schottelius (nico-cdist at schottelius.org)
|
||||||
|
# 2020 Matthias Stecher (matthiasstecher at gmx.de)
|
||||||
|
#
|
||||||
|
# This file is distributed with cdist and licenced under the
|
||||||
|
# GNU GPLv3+ WITHOUT ANY WARRANTY.
|
||||||
|
|
||||||
|
|
||||||
|
# Read files and execute the content with the given commands
|
||||||
|
#
|
||||||
|
# Arguments:
|
||||||
|
# 1: Directory
|
||||||
|
# 2..n: Commands which should be used to execute the file content
|
||||||
|
gothrough() {
|
||||||
|
cd "$1" || return
|
||||||
|
shift
|
||||||
|
|
||||||
|
# iterate through all rules and continue if it's not a file
|
||||||
|
for rule in *; do
|
||||||
|
[ -f "$rule" ] || continue
|
||||||
|
echo "Appling iptables rule $rule ..."
|
||||||
|
|
||||||
|
# execute it with all commands specificed
|
||||||
|
ruleparam="$(cat "$rule")"
|
||||||
|
for cmd in "$@"; do
|
||||||
|
# Command and Rule should be split.
|
||||||
|
# shellcheck disable=SC2046
|
||||||
|
command $cmd $ruleparam
|
||||||
|
done
|
||||||
|
done
|
||||||
|
}
|
||||||
|
|
||||||
|
# Shortcut for iptables command to do IPv4 and v6
|
||||||
|
# only applies to the "reset" target
|
||||||
|
iptables() {
|
||||||
|
command iptables "$@"
|
||||||
|
command ip6tables "$@"
|
||||||
|
}
|
||||||
|
|
||||||
basedir=/etc/iptables.d
|
basedir=/etc/iptables.d
|
||||||
status="${basedir}/.pre-start"
|
status4="${basedir}/.pre-start"
|
||||||
|
status6="${basedir}/.pre-start6"
|
||||||
|
|
||||||
case $1 in
|
case $1 in
|
||||||
start)
|
start)
|
||||||
# Save status
|
# Save status
|
||||||
iptables-save > "$status"
|
iptables-save > "$status4"
|
||||||
|
ip6tables-save > "$status6"
|
||||||
|
|
||||||
# Apply our ruleset
|
# Apply our ruleset
|
||||||
cd "$basedir" || exit
|
gothrough "$basedir" iptables
|
||||||
count="$(find . ! -name . -prune | wc -l)"
|
#gothrough "$basedir/v4" iptables # conflicts with $basedir
|
||||||
|
gothrough "$basedir/v6" ip6tables
|
||||||
# Only do something if there are rules
|
gothrough "$basedir/all" iptables ip6tables
|
||||||
if [ "$count" -ge 1 ]; then
|
|
||||||
for rule in *; do
|
|
||||||
echo "Applying iptables rule $rule ..."
|
|
||||||
# Rule should be split.
|
|
||||||
# shellcheck disable=SC2046
|
|
||||||
iptables $(cat "$rule")
|
|
||||||
done
|
|
||||||
fi
|
|
||||||
;;
|
;;
|
||||||
|
|
||||||
stop)
|
stop)
|
||||||
# Restore from status before, if there is something to restore
|
# Restore from status before, if there is something to restore
|
||||||
if [ -f "$status" ]; then
|
if [ -f "$status4" ]; then
|
||||||
iptables-restore < "$status"
|
iptables-restore < "$status4"
|
||||||
|
fi
|
||||||
|
if [ -f "$status6" ]; then
|
||||||
|
ip6tables-restore < "$status6"
|
||||||
fi
|
fi
|
||||||
;;
|
;;
|
||||||
restart)
|
restart)
|
||||||
|
|
|
@ -10,7 +10,24 @@ DESCRIPTION
|
||||||
-----------
|
-----------
|
||||||
This cdist type deploys an init script that triggers
|
This cdist type deploys an init script that triggers
|
||||||
the configured rules and also re-applies them on
|
the configured rules and also re-applies them on
|
||||||
configuration.
|
configuration. Rules are written from __iptables_rule
|
||||||
|
into the folder ``/etc/iptables.d/``.
|
||||||
|
|
||||||
|
It reads all rules from the base folder as rules for IPv4.
|
||||||
|
Rules in the subfolder ``v6/`` are IPv6 rules. Rules in
|
||||||
|
the subfolder ``all/`` are applied to both rule tables. All
|
||||||
|
files contain the arguments for a single ``iptables`` and/or
|
||||||
|
``ip6tables`` command.
|
||||||
|
|
||||||
|
Rules are applied in the following order:
|
||||||
|
1. All IPv4 rules
|
||||||
|
2. All IPv6 rules
|
||||||
|
2. All rules that should be applied to both tables
|
||||||
|
|
||||||
|
The order of the rules that will be applied are definite
|
||||||
|
from the result the shell glob returns, which should be
|
||||||
|
alphabetical. If rules must be applied in a special order,
|
||||||
|
prefix them with a number like ``02-some-rule``.
|
||||||
|
|
||||||
|
|
||||||
REQUIRED PARAMETERS
|
REQUIRED PARAMETERS
|
||||||
|
@ -24,7 +41,7 @@ None
|
||||||
EXAMPLES
|
EXAMPLES
|
||||||
--------
|
--------
|
||||||
|
|
||||||
None (__iptables_apply is used by __iptables_rule)
|
None (__iptables_apply is used by __iptables_rule automatically)
|
||||||
|
|
||||||
|
|
||||||
SEE ALSO
|
SEE ALSO
|
||||||
|
@ -35,11 +52,13 @@ SEE ALSO
|
||||||
AUTHORS
|
AUTHORS
|
||||||
-------
|
-------
|
||||||
Nico Schottelius <nico-cdist--@--schottelius.org>
|
Nico Schottelius <nico-cdist--@--schottelius.org>
|
||||||
|
Matthias Stecher <matthiasstecher--@--gmx.de>
|
||||||
|
|
||||||
|
|
||||||
COPYING
|
COPYING
|
||||||
-------
|
-------
|
||||||
Copyright \(C) 2013 Nico Schottelius. You can redistribute it
|
Copyright \(C) 2013 Nico Schottelius.
|
||||||
and/or modify it under the terms of the GNU General Public License as
|
Copyright \(C) 2020 Matthias Stecher.
|
||||||
published by the Free Software Foundation, either version 3 of the
|
You can redistribute it and/or modify it under the terms of the GNU
|
||||||
License, or (at your option) any later version.
|
General Public License as published by the Free Software Foundation,
|
||||||
|
either version 3 of the License, or (at your option) any later version.
|
||||||
|
|
|
@ -11,6 +11,10 @@ DESCRIPTION
|
||||||
This cdist type allows you to manage iptable rules
|
This cdist type allows you to manage iptable rules
|
||||||
in a distribution independent manner.
|
in a distribution independent manner.
|
||||||
|
|
||||||
|
See :strong:`cdist-type__iptables_apply`\ (7) for the
|
||||||
|
execution order of these rules. It will be executed
|
||||||
|
automaticly to apply all rules non-volaite.
|
||||||
|
|
||||||
|
|
||||||
REQUIRED PARAMETERS
|
REQUIRED PARAMETERS
|
||||||
-------------------
|
-------------------
|
||||||
|
@ -25,6 +29,24 @@ state
|
||||||
'present' or 'absent', defaults to 'present'
|
'present' or 'absent', defaults to 'present'
|
||||||
|
|
||||||
|
|
||||||
|
BOOLEAN PARAMETERS
|
||||||
|
------------------
|
||||||
|
All rules without any of these parameters will be treated like ``--v4`` because
|
||||||
|
of backward compatibility.
|
||||||
|
|
||||||
|
v4
|
||||||
|
Explicitly set it as rule for IPv4. If IPv6 is set, too, it will be
|
||||||
|
threaten like ``--all``. Will be the default if nothing else is set.
|
||||||
|
|
||||||
|
v6
|
||||||
|
Explicitly set it as rule for IPv6. If IPv4 is set, too, it will be
|
||||||
|
threaten like ``--all``.
|
||||||
|
|
||||||
|
all
|
||||||
|
Set the rule for both IPv4 and IPv6. It will be saved separately from the
|
||||||
|
other rules.
|
||||||
|
|
||||||
|
|
||||||
EXAMPLES
|
EXAMPLES
|
||||||
--------
|
--------
|
||||||
|
|
||||||
|
@ -48,6 +70,16 @@ EXAMPLES
|
||||||
--state absent
|
--state absent
|
||||||
|
|
||||||
|
|
||||||
|
# IPv4-only rule for ICMPv4
|
||||||
|
__iptables_rule icmp-v4 --v4 --rule "-A INPUT -p icmp -j ACCEPT"
|
||||||
|
# IPv6-only rule for ICMPv6
|
||||||
|
__iptables_rule icmp-v6 --v6 --rule "-A INPUT -p icmpv6 -j ACCEPT"
|
||||||
|
|
||||||
|
# doing something for the dual stack
|
||||||
|
__iptables_rule fwd-eth0-eth1 --v4 --v6 --rule "-A INPUT -i eth0 -o eth1 -j ACCEPT"
|
||||||
|
__iptables_rule fwd-eth1-eth0 --all --rule "-A -o eth1 -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT"
|
||||||
|
|
||||||
|
|
||||||
SEE ALSO
|
SEE ALSO
|
||||||
--------
|
--------
|
||||||
:strong:`cdist-type__iptables_apply`\ (7), :strong:`iptables`\ (8)
|
:strong:`cdist-type__iptables_apply`\ (7), :strong:`iptables`\ (8)
|
||||||
|
@ -56,11 +88,13 @@ SEE ALSO
|
||||||
AUTHORS
|
AUTHORS
|
||||||
-------
|
-------
|
||||||
Nico Schottelius <nico-cdist--@--schottelius.org>
|
Nico Schottelius <nico-cdist--@--schottelius.org>
|
||||||
|
Matthias Stecher <matthiasstecher--@--gmx.de>
|
||||||
|
|
||||||
|
|
||||||
COPYING
|
COPYING
|
||||||
-------
|
-------
|
||||||
Copyright \(C) 2013 Nico Schottelius. You can redistribute it
|
Copyright \(C) 2013 Nico Schottelius.
|
||||||
and/or modify it under the terms of the GNU General Public License as
|
Copyright \(C) 2020 Matthias Stecher.
|
||||||
published by the Free Software Foundation, either version 3 of the
|
You can redistribute it and/or modify it under the terms of the GNU
|
||||||
License, or (at your option) any later version.
|
General Public License as published by the Free Software Foundation,
|
||||||
|
either version 3 of the License, or (at your option) any later version.
|
||||||
|
|
|
@ -1,6 +1,7 @@
|
||||||
#!/bin/sh -e
|
#!/bin/sh -e
|
||||||
#
|
#
|
||||||
# 2013 Nico Schottelius (nico-cdist at schottelius.org)
|
# 2013 Nico Schottelius (nico-cdist at schottelius.org)
|
||||||
|
# 2020 Matthias Stecher (matthiasstecher at gmx.de)
|
||||||
#
|
#
|
||||||
# This file is part of cdist.
|
# This file is part of cdist.
|
||||||
#
|
#
|
||||||
|
@ -24,12 +25,36 @@ base_dir=/etc/iptables.d
|
||||||
name="$__object_id"
|
name="$__object_id"
|
||||||
state="$(cat "$__object/parameter/state")"
|
state="$(cat "$__object/parameter/state")"
|
||||||
|
|
||||||
|
if [ -f "$__object/parameter/v4" ]; then
|
||||||
|
only_v4="yes"
|
||||||
|
# $specific_dir is $base_dir
|
||||||
|
fi
|
||||||
|
if [ -f "$__object/parameter/v6" ]; then
|
||||||
|
only_v6="yes"
|
||||||
|
specific_dir="$base_dir/v6"
|
||||||
|
fi
|
||||||
|
# If rules should be set for both protocols
|
||||||
|
if { [ "$only_v4" = "yes" ] && [ "$only_v6" = "yes" ]; } ||
|
||||||
|
[ -f "$__object/parameter/all" ]; then
|
||||||
|
|
||||||
|
# all to a specific directory
|
||||||
|
specific_dir="$base_dir/all"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# set rule directory based on if it's the base or subdirectory
|
||||||
|
rule_dir="${specific_dir:-$base_dir}"
|
||||||
|
|
||||||
################################################################################
|
################################################################################
|
||||||
# Basic setup
|
# Basic setup
|
||||||
#
|
#
|
||||||
|
|
||||||
__directory "$base_dir" --state present
|
__directory "$base_dir" --state present
|
||||||
|
|
||||||
|
# sub-directory if required
|
||||||
|
if [ "$specific_dir" ]; then
|
||||||
|
require="__directory/$base_dir" __directory "$specific_dir" --state present
|
||||||
|
fi
|
||||||
|
|
||||||
# Have apply do the real job
|
# Have apply do the real job
|
||||||
require="$__object_name" __iptables_apply
|
require="$__object_name" __iptables_apply
|
||||||
|
|
||||||
|
@ -37,6 +62,15 @@ require="$__object_name" __iptables_apply
|
||||||
# The rule
|
# The rule
|
||||||
#
|
#
|
||||||
|
|
||||||
require="__directory/$base_dir" __file "$base_dir/${name}" \
|
for dir in "$base_dir" "$base_dir/v6" "$base_dir/all"; do
|
||||||
--source "$__object/parameter/rule" \
|
# defaults to absent except the directory that should contain the file
|
||||||
--state "$state"
|
if [ "$rule_dir" = "$dir" ]; then
|
||||||
|
curr_state="$state"
|
||||||
|
else
|
||||||
|
curr_state="absent"
|
||||||
|
fi
|
||||||
|
|
||||||
|
require="__directory/$rule_dir" __file "$dir/$name" \
|
||||||
|
--source "$__object/parameter/rule" \
|
||||||
|
--state "$curr_state"
|
||||||
|
done
|
||||||
|
|
3
cdist/conf/type/__iptables_rule/parameter/boolean
Normal file
3
cdist/conf/type/__iptables_rule/parameter/boolean
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
all
|
||||||
|
v4
|
||||||
|
v6
|
1
cdist/conf/type/__locale/deprecated
Normal file
1
cdist/conf/type/__locale/deprecated
Normal file
|
@ -0,0 +1 @@
|
||||||
|
This type is deprecated. Please use __localedef instead.
|
36
cdist/conf/type/__locale/explorer/state
Executable file
36
cdist/conf/type/__locale/explorer/state
Executable file
|
@ -0,0 +1,36 @@
|
||||||
|
#!/bin/sh -e
|
||||||
|
# __locale/explorer/state
|
||||||
|
#
|
||||||
|
# 2020 Matthias Stecher (matthiasstecher at gmx.de)
|
||||||
|
#
|
||||||
|
# This file is part of cdist.
|
||||||
|
#
|
||||||
|
# cdist is free software: you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU General Public License as published by
|
||||||
|
# the Free Software Foundation, either version 3 of the License, or
|
||||||
|
# (at your option) any later version.
|
||||||
|
#
|
||||||
|
# cdist is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
# GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public License
|
||||||
|
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
#
|
||||||
|
#
|
||||||
|
# Check if the locale is already installed on the system.
|
||||||
|
# Outputs 'present' or 'absent' depending if the locale exists.
|
||||||
|
#
|
||||||
|
|
||||||
|
|
||||||
|
# Get user-defined locale
|
||||||
|
# locale name is echoed differently than the user propably set it (for UTF-8)
|
||||||
|
locale="$(echo "$__object_id" | sed 's/UTF-8/utf8/')"
|
||||||
|
|
||||||
|
# Check if the given locale exists on the system
|
||||||
|
if localedef --list-archive | grep -qFx "$locale"; then
|
||||||
|
echo present
|
||||||
|
else
|
||||||
|
echo absent
|
||||||
|
fi
|
|
@ -23,6 +23,15 @@
|
||||||
|
|
||||||
locale="$__object_id"
|
locale="$__object_id"
|
||||||
|
|
||||||
|
state_is=$(cat "$__object/explorer/state")
|
||||||
|
state_should=$(cat "$__object/parameter/state")
|
||||||
|
|
||||||
|
# short circuit if there is nothing to do
|
||||||
|
if [ "$state_is" = "$state_should" ]; then
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
# Hardcoded, create a pull request with
|
# Hardcoded, create a pull request with
|
||||||
# branching on $os in case it is at another location
|
# branching on $os in case it is at another location
|
||||||
alias=/usr/share/locale/locale.alias
|
alias=/usr/share/locale/locale.alias
|
||||||
|
@ -35,8 +44,6 @@ charmap=$(echo "$locale" | cut -d . -f 2)
|
||||||
# W-T-F!
|
# W-T-F!
|
||||||
locale_remove=$(echo "$locale" | sed 's/UTF-8/utf8/')
|
locale_remove=$(echo "$locale" | sed 's/UTF-8/utf8/')
|
||||||
|
|
||||||
state=$(cat "$__object/parameter/state")
|
|
||||||
|
|
||||||
os=$(cat "$__global/explorer/os")
|
os=$(cat "$__global/explorer/os")
|
||||||
|
|
||||||
# Nothing to be done on alpine
|
# Nothing to be done on alpine
|
||||||
|
@ -46,7 +53,7 @@ case "$os" in
|
||||||
;;
|
;;
|
||||||
esac
|
esac
|
||||||
|
|
||||||
case "$state" in
|
case "$state_should" in
|
||||||
present)
|
present)
|
||||||
echo localedef -A "$alias" -f "$charmap" -i "$input" "$locale"
|
echo localedef -A "$alias" -f "$charmap" -i "$input" "$locale"
|
||||||
;;
|
;;
|
||||||
|
@ -54,7 +61,7 @@ case "$state" in
|
||||||
echo localedef --delete-from-archive "$locale_remove"
|
echo localedef --delete-from-archive "$locale_remove"
|
||||||
;;
|
;;
|
||||||
*)
|
*)
|
||||||
echo "Unsupported state: $state" >&2
|
echo "Unsupported state: $state_should" >&2
|
||||||
exit 1
|
exit 1
|
||||||
;;
|
;;
|
||||||
esac
|
esac
|
||||||
|
|
100
cdist/conf/type/__localedef/explorer/state
Executable file
100
cdist/conf/type/__localedef/explorer/state
Executable file
|
@ -0,0 +1,100 @@
|
||||||
|
#!/bin/sh -e
|
||||||
|
#
|
||||||
|
# 2020 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
|
||||||
|
#
|
||||||
|
# This file is part of cdist.
|
||||||
|
#
|
||||||
|
# cdist is free software: you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU General Public License as published by
|
||||||
|
# the Free Software Foundation, either version 3 of the License, or
|
||||||
|
# (at your option) any later version.
|
||||||
|
#
|
||||||
|
# cdist is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
# GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public License
|
||||||
|
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
#
|
||||||
|
# This explorer determines if the locale is defined on the target system.
|
||||||
|
# Will print nothing on error.
|
||||||
|
#
|
||||||
|
# Possible output:
|
||||||
|
# present:
|
||||||
|
# the main locale (and possibly aliases) is present
|
||||||
|
# absent:
|
||||||
|
# neither the main locale nor any aliases are present
|
||||||
|
# alias-present:
|
||||||
|
# the main locale is absent, but at least one of its aliases is present
|
||||||
|
#
|
||||||
|
|
||||||
|
# Hardcoded, create a pull request in case it is at another location for
|
||||||
|
# some other distro. (cf. gencode-remote)
|
||||||
|
aliasfile='/usr/share/locale/locale.alias'
|
||||||
|
|
||||||
|
command -v locale >/dev/null 2>&1 || exit 0
|
||||||
|
|
||||||
|
locales=$(locale -a)
|
||||||
|
|
||||||
|
parse_locale() {
|
||||||
|
# This function will split locales into their parts. Locale strings are
|
||||||
|
# usually of the form: [language[_territory][.codeset][@modifier]]
|
||||||
|
# For simplicity, language and territory are not separated by this function.
|
||||||
|
# Old Linux systems were also using "english" or "german" as locale strings.
|
||||||
|
# Usage: parse_locale locale_str lang_var codeset_var modifier_var
|
||||||
|
eval "${2:?}"="$(expr "$1" : '\([^.@]*\)')"
|
||||||
|
eval "${3:?}"="$(expr "$1" : '[^.]*\.\([^@]*\)')"
|
||||||
|
eval "${4:?}"="$(expr "$1" : '.*@\(.*\)$')"
|
||||||
|
}
|
||||||
|
|
||||||
|
format_locale() {
|
||||||
|
# Usage: format_locale language codeset modifier
|
||||||
|
printf '%s' "$1"
|
||||||
|
test -z "$2" || printf '.%s' "$2"
|
||||||
|
test -z "$3" || printf '@%s' "$3"
|
||||||
|
printf '\n'
|
||||||
|
}
|
||||||
|
|
||||||
|
gnu_normalize_codeset() {
|
||||||
|
# reimplementation of glibc/locale/programs/localedef.c normalize_codeset()
|
||||||
|
echo "$*" | tr '[:upper:]' '[:lower:]' | tr -cd '[:alnum:]'
|
||||||
|
}
|
||||||
|
|
||||||
|
locale_available() (
|
||||||
|
echo "${locales}" | grep -qxF "$1" || {
|
||||||
|
# glibc uses "normalized" locale names in archives.
|
||||||
|
# If a locale is stored in an archive, the normalized name will be
|
||||||
|
# printed by locale, so that needs to be checked, too.
|
||||||
|
localename=$(
|
||||||
|
parse_locale "$1" _lang _codeset _modifier \
|
||||||
|
&& format_locale "${_lang:?}" "$(gnu_normalize_codeset "${_codeset?}")" \
|
||||||
|
"${_modifier?}")
|
||||||
|
echo "${locales}" | grep -qxF "${localename}"
|
||||||
|
}
|
||||||
|
)
|
||||||
|
|
||||||
|
if locale_available "${__object_id:?}"
|
||||||
|
then
|
||||||
|
echo present
|
||||||
|
else
|
||||||
|
# NOTE: locale.alias can be symlinked.
|
||||||
|
if test -e "${aliasfile}"
|
||||||
|
then
|
||||||
|
# Check if one of the aliases of the locale is defined
|
||||||
|
baselocale=$(
|
||||||
|
parse_locale "${__object_id:?}" _lang _codeset _modifiers \
|
||||||
|
&& format_locale "${_lang}" "${_codeset}")
|
||||||
|
while read -r _alias _localename
|
||||||
|
do
|
||||||
|
if test "${_localename}" = "${baselocale}" \
|
||||||
|
&& echo "${locales}" | grep -qxF "${_alias}"
|
||||||
|
then
|
||||||
|
echo alias-present
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
done <"${aliasfile}"
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo absent
|
||||||
|
fi
|
5
cdist/conf/type/__localedef/files/lib/glibc.sh
Normal file
5
cdist/conf/type/__localedef/files/lib/glibc.sh
Normal file
|
@ -0,0 +1,5 @@
|
||||||
|
# -*- mode: sh; indent-tabs-mode: t -*-
|
||||||
|
|
||||||
|
gnu_normalize_codeset() {
|
||||||
|
echo "$*" | tr -cd '[:alnum:]' | tr '[:upper:]' '[:lower:]'
|
||||||
|
}
|
20
cdist/conf/type/__localedef/files/lib/locale.sh
Normal file
20
cdist/conf/type/__localedef/files/lib/locale.sh
Normal file
|
@ -0,0 +1,20 @@
|
||||||
|
# -*- mode: sh; indent-tabs-mode:t -*-
|
||||||
|
|
||||||
|
parse_locale() {
|
||||||
|
# This function will split locales into their parts. Locale strings are
|
||||||
|
# usually of the form: [language[_territory][.codeset][@modifier]]
|
||||||
|
# For simplicity, language and territory are not separated by this function.
|
||||||
|
# Old Linux systems were also using "english" or "german" as locale strings.
|
||||||
|
# Usage: parse_locale locale_str lang_var codeset_var modifier_var
|
||||||
|
eval "${2:?}"="$(expr "$1" : '\([^.@]*\)')"
|
||||||
|
eval "${3:?}"="$(expr "$1" : '[^.]*\.\([^@]*\)')"
|
||||||
|
eval "${4:?}"="$(expr "$1" : '.*@\(.*\)$')"
|
||||||
|
}
|
||||||
|
|
||||||
|
format_locale() {
|
||||||
|
# Usage: format_locale language codeset modifier
|
||||||
|
printf '%s' "$1"
|
||||||
|
test -z "$2" || printf '.%s' "$2"
|
||||||
|
test -z "$3" || printf '@%s' "$3"
|
||||||
|
printf '\n'
|
||||||
|
}
|
136
cdist/conf/type/__localedef/gencode-remote
Executable file
136
cdist/conf/type/__localedef/gencode-remote
Executable file
|
@ -0,0 +1,136 @@
|
||||||
|
#!/bin/sh -e
|
||||||
|
#
|
||||||
|
# 2013-2019 Nico Schottelius (nico-cdist at schottelius.org)
|
||||||
|
# 2020 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
|
||||||
|
#
|
||||||
|
# This file is part of cdist.
|
||||||
|
#
|
||||||
|
# cdist is free software: you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU General Public License as published by
|
||||||
|
# the Free Software Foundation, either version 3 of the License, or
|
||||||
|
# (at your option) any later version.
|
||||||
|
#
|
||||||
|
# cdist is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
# GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public License
|
||||||
|
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
#
|
||||||
|
# Manage system locales using localedef(1).
|
||||||
|
#
|
||||||
|
|
||||||
|
# shellcheck source=cdist/conf/type/__localedef/files/lib/locale.sh
|
||||||
|
. "${__type:?}/files/lib/locale.sh"
|
||||||
|
# shellcheck source=cdist/conf/type/__localedef/files/lib/glibc.sh
|
||||||
|
. "${__type:?}/files/lib/glibc.sh"
|
||||||
|
|
||||||
|
state_is=$(cat "${__object:?}/explorer/state")
|
||||||
|
state_should=$(cat "${__object:?}/parameter/state")
|
||||||
|
|
||||||
|
test "${state_should}" = 'present' -o "${state_should}" = 'absent' || {
|
||||||
|
printf 'Invalid state: %s\n' "${state_should}" >&2
|
||||||
|
exit 1
|
||||||
|
}
|
||||||
|
|
||||||
|
# NOTE: If state explorer fails (e.g. locale(1) missing), the following check
|
||||||
|
# will always fail and let definition/removal run.
|
||||||
|
if test "${state_is}" = "${state_should}"
|
||||||
|
then
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
locale=${__object_id:?}
|
||||||
|
os=$(cat "${__global:?}/explorer/os")
|
||||||
|
|
||||||
|
if expr "${locale}" : '.*/' >/dev/null
|
||||||
|
then
|
||||||
|
printf 'Paths as locales are not supported.\n' >&2
|
||||||
|
printf '__object_id is: %s\n' "${locale}" >&2
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
: "${lang=}" "${codeset=}" "${modifier=}" # declare variables for shellcheck
|
||||||
|
parse_locale "${locale}" lang codeset modifier
|
||||||
|
|
||||||
|
|
||||||
|
case ${os}
|
||||||
|
in
|
||||||
|
(alpine|openwrt)
|
||||||
|
printf '%s does not support locales.\n' "${os}" >&2
|
||||||
|
exit 1
|
||||||
|
;;
|
||||||
|
(archlinux|debian|devuan|ubuntu|suse|centos|fedora|redhat|scientific)
|
||||||
|
# FIXME: The code below only works for glibc-based installations.
|
||||||
|
|
||||||
|
# NOTE: Hardcoded, create a pull request in case it is at another
|
||||||
|
# location for some opther distro.
|
||||||
|
# NOTE: locale.alias can be symlinked (e.g. Debian)
|
||||||
|
aliasfile='/usr/share/locale/locale.alias'
|
||||||
|
|
||||||
|
case ${state_should}
|
||||||
|
in
|
||||||
|
(present)
|
||||||
|
input=$(format_locale "${lang}" '' "${modifier}")
|
||||||
|
cat <<-EOF
|
||||||
|
set --
|
||||||
|
if test -e '${aliasfile}'
|
||||||
|
then
|
||||||
|
set -- -A '${aliasfile}'
|
||||||
|
fi
|
||||||
|
|
||||||
|
localedef -i '${input}' -f '${codeset}' "\$@" '${locale}'
|
||||||
|
EOF
|
||||||
|
;;
|
||||||
|
(absent)
|
||||||
|
main_localename=$(format_locale "${lang}" "$(gnu_normalize_codeset "${codeset}")" "${modifier}")
|
||||||
|
|
||||||
|
cat <<-EOF
|
||||||
|
while read -r _alias _localename
|
||||||
|
do
|
||||||
|
if test "\${_localename}" = '$(format_locale "${lang}" "${codeset}")'
|
||||||
|
then
|
||||||
|
localedef --delete-from-archive "\${_alias}"
|
||||||
|
fi
|
||||||
|
done <'${aliasfile}'
|
||||||
|
EOF
|
||||||
|
|
||||||
|
if test "${state_is}" = present
|
||||||
|
then
|
||||||
|
printf "localedef --delete-from-archive '%s'\n" "${main_localename}"
|
||||||
|
fi
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
;;
|
||||||
|
(freebsd)
|
||||||
|
case ${state_should}
|
||||||
|
in
|
||||||
|
(present)
|
||||||
|
if expr "$(grep -oe '^[0-9]*' "${__global:?}/explorer/os_version")" '>=' 11 >/dev/null
|
||||||
|
then
|
||||||
|
# localedef(1) is available with FreeBSD >= 11
|
||||||
|
printf "localedef -i '%s' -f '%s' '%s'\n" "${input}" "${codeset}" "${locale}"
|
||||||
|
else
|
||||||
|
printf 'localedef(1) was added to FreeBSD starting with version 11.\n' >&2
|
||||||
|
printf 'Please upgrade your FreeBSD installation to use %s.\n' "${__type##*/}" >&2
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
;;
|
||||||
|
(absent)
|
||||||
|
printf "rm -R '/usr/share/locale/%s'\n" "${locale}"
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
;;
|
||||||
|
(netbsd|openbsd)
|
||||||
|
# NetBSD/OpenBSD are missing localedef(1).
|
||||||
|
# We also do not delete defined locales because they can't be recreated.
|
||||||
|
echo "${os} is lacking localedef(1). Locale management unavailable." >&2
|
||||||
|
exit 1
|
||||||
|
;;
|
||||||
|
(*)
|
||||||
|
echo "Your operating system (${os}) is currently not supported by this type (${__type##*/})." >&2
|
||||||
|
echo "Please contribute an implementation for it if you can." >&2
|
||||||
|
exit 1
|
||||||
|
;;
|
||||||
|
esac
|
60
cdist/conf/type/__localedef/man.rst
Normal file
60
cdist/conf/type/__localedef/man.rst
Normal file
|
@ -0,0 +1,60 @@
|
||||||
|
cdist-type__localedef(7)
|
||||||
|
========================
|
||||||
|
|
||||||
|
NAME
|
||||||
|
----
|
||||||
|
cdist-type__localedef - Define and remove system locales
|
||||||
|
|
||||||
|
|
||||||
|
DESCRIPTION
|
||||||
|
-----------
|
||||||
|
This cdist type allows you to define locales on the system using
|
||||||
|
:strong:`localedef`\ (1) or remove them.
|
||||||
|
On systems that don't support definition of new locales, the type will raise an
|
||||||
|
error.
|
||||||
|
|
||||||
|
**NB:** This type respects the glibc ``locale.alias`` file,
|
||||||
|
i.e. it defines alias locales or deletes aliases of a locale when it is removed.
|
||||||
|
It is not possible, however, to use alias names to define locales or only remove
|
||||||
|
certain aliases of a locale.
|
||||||
|
|
||||||
|
|
||||||
|
OPTIONAL PARAMETERS
|
||||||
|
-------------------
|
||||||
|
state
|
||||||
|
``present`` or ``absent``. Defaults to ``present``.
|
||||||
|
|
||||||
|
|
||||||
|
EXAMPLES
|
||||||
|
--------
|
||||||
|
|
||||||
|
.. code-block:: sh
|
||||||
|
|
||||||
|
# Add locale de_CH.UTF-8
|
||||||
|
__localedef de_CH.UTF-8
|
||||||
|
|
||||||
|
# Same as above, but more explicit
|
||||||
|
__localedef de_CH.UTF-8 --state present
|
||||||
|
|
||||||
|
# Remove colourful British English
|
||||||
|
__localedef en_GB.UTF-8 --state absent
|
||||||
|
|
||||||
|
|
||||||
|
SEE ALSO
|
||||||
|
--------
|
||||||
|
:strong:`locale`\ (1),
|
||||||
|
:strong:`localedef`\ (1),
|
||||||
|
:strong:`cdist-type__locale_system`\ (7)
|
||||||
|
|
||||||
|
|
||||||
|
AUTHORS
|
||||||
|
-------
|
||||||
|
| Dennis Camera <dennis.camera--@--ssrq-sds-fds.ch>
|
||||||
|
| Nico Schottelius <nico-cdist--@--schottelius.org>
|
||||||
|
|
||||||
|
|
||||||
|
COPYING
|
||||||
|
-------
|
||||||
|
Copyright \(C) 2013-2019 Nico Schottelius, 2020 Dennis Camera. Free use of this
|
||||||
|
software is granted under the terms of the GNU General Public License version 3
|
||||||
|
or later (GPLv3+).
|
30
cdist/conf/type/__localedef/manifest
Executable file
30
cdist/conf/type/__localedef/manifest
Executable file
|
@ -0,0 +1,30 @@
|
||||||
|
#!/bin/sh -e
|
||||||
|
#
|
||||||
|
# 2013-2019 Nico Schottelius (nico-cdist at schottelius.org)
|
||||||
|
# 2015 David Hürlimann (david at ungleich.ch)
|
||||||
|
# 2020 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
|
||||||
|
#
|
||||||
|
# This file is part of cdist.
|
||||||
|
#
|
||||||
|
# cdist is free software: you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU General Public License as published by
|
||||||
|
# the Free Software Foundation, either version 3 of the License, or
|
||||||
|
# (at your option) any later version.
|
||||||
|
#
|
||||||
|
# cdist is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
# GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public License
|
||||||
|
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
#
|
||||||
|
# Install required packages.
|
||||||
|
#
|
||||||
|
|
||||||
|
case $(cat "${__global:?}/explorer/os")
|
||||||
|
in
|
||||||
|
(debian|devuan)
|
||||||
|
__package_apt locales --state present
|
||||||
|
;;
|
||||||
|
esac
|
1
cdist/conf/type/__localedef/parameter/default/state
Normal file
1
cdist/conf/type/__localedef/parameter/default/state
Normal file
|
@ -0,0 +1 @@
|
||||||
|
present
|
1
cdist/conf/type/__localedef/parameter/optional
Normal file
1
cdist/conf/type/__localedef/parameter/optional
Normal file
|
@ -0,0 +1 @@
|
||||||
|
state
|
|
@ -42,6 +42,13 @@ else
|
||||||
target_release=""
|
target_release=""
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
if [ -f "$__object/parameter/install-recommends" ]; then
|
||||||
|
# required if __apt_norecommends is used
|
||||||
|
recommendsparam="-o APT::Install-Recommends=1"
|
||||||
|
else
|
||||||
|
recommendsparam="-o APT::Install-Recommends=0"
|
||||||
|
fi
|
||||||
|
|
||||||
if [ -f "$__object/parameter/purge-if-absent" ]; then
|
if [ -f "$__object/parameter/purge-if-absent" ]; then
|
||||||
purgeparam="--purge"
|
purgeparam="--purge"
|
||||||
else
|
else
|
||||||
|
@ -62,16 +69,16 @@ case "$state_is" in
|
||||||
;;
|
;;
|
||||||
esac
|
esac
|
||||||
|
|
||||||
# Hint if we need to avoid questions at some point:
|
|
||||||
# DEBIAN_PRIORITY=critical can reduce the number of questions
|
|
||||||
aptget="DEBIAN_FRONTEND=noninteractive apt-get --quiet --yes -o APT::Install-Recommends=0 -o Dpkg::Options::=\"--force-confdef\" -o Dpkg::Options::=\"--force-confold\""
|
|
||||||
|
|
||||||
if [ "$state_is" = "$state_should" ]; then
|
if [ "$state_is" = "$state_should" ]; then
|
||||||
if [ -z "$version" ] || [ "$version" = "$version_is" ]; then
|
if [ -z "$version" ] || [ "$version" = "$version_is" ]; then
|
||||||
exit 0;
|
exit 0;
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# Hint if we need to avoid questions at some point:
|
||||||
|
# DEBIAN_PRIORITY=critical can reduce the number of questions
|
||||||
|
aptget="DEBIAN_FRONTEND=noninteractive apt-get --quiet --yes -o Dpkg::Options::=\"--force-confdef\" -o Dpkg::Options::=\"--force-confold\""
|
||||||
|
|
||||||
case "$state_should" in
|
case "$state_should" in
|
||||||
present)
|
present)
|
||||||
# following is bit ugly, but important hack.
|
# following is bit ugly, but important hack.
|
||||||
|
@ -85,7 +92,7 @@ EOF
|
||||||
if [ -n "$version" ]; then
|
if [ -n "$version" ]; then
|
||||||
name="${name}=${version}"
|
name="${name}=${version}"
|
||||||
fi
|
fi
|
||||||
echo "$aptget install $target_release '$name'"
|
echo "$aptget $recommendsparam install $target_release '$name'"
|
||||||
echo "installed" >> "$__messages_out"
|
echo "installed" >> "$__messages_out"
|
||||||
;;
|
;;
|
||||||
absent)
|
absent)
|
||||||
|
|
|
@ -9,7 +9,9 @@ cdist-type__package_apt - Manage packages with apt-get
|
||||||
DESCRIPTION
|
DESCRIPTION
|
||||||
-----------
|
-----------
|
||||||
apt-get is usually used on Debian and variants (like Ubuntu) to
|
apt-get is usually used on Debian and variants (like Ubuntu) to
|
||||||
manage packages.
|
manage packages. The package will be installed without recommended
|
||||||
|
or suggested packages. If such packages are required, install them
|
||||||
|
separatly or use the parameter ``--install-recommends``.
|
||||||
|
|
||||||
This type will also update package index, if it is older
|
This type will also update package index, if it is older
|
||||||
than one day, to avoid missing package error messages.
|
than one day, to avoid missing package error messages.
|
||||||
|
@ -23,7 +25,7 @@ None
|
||||||
OPTIONAL PARAMETERS
|
OPTIONAL PARAMETERS
|
||||||
-------------------
|
-------------------
|
||||||
name
|
name
|
||||||
If supplied, use the name and not the object id as the package name.
|
If supplied, use the name and not the object id as the package name.
|
||||||
|
|
||||||
state
|
state
|
||||||
Either "present" or "absent", defaults to "present"
|
Either "present" or "absent", defaults to "present"
|
||||||
|
@ -39,6 +41,15 @@ version
|
||||||
|
|
||||||
BOOLEAN PARAMETERS
|
BOOLEAN PARAMETERS
|
||||||
------------------
|
------------------
|
||||||
|
install-recommends
|
||||||
|
If the package will be installed, it also installs recommended packages
|
||||||
|
with it. It will not install recommended packages if the original package
|
||||||
|
is already installed.
|
||||||
|
|
||||||
|
In most cases, it is recommended to install recommended packages separatly
|
||||||
|
to control which additional packages will be installed to avoid useless
|
||||||
|
installed packages.
|
||||||
|
|
||||||
purge-if-absent
|
purge-if-absent
|
||||||
If this parameter is given when state is `absent`, the package is
|
If this parameter is given when state is `absent`, the package is
|
||||||
purged from the system (using `--purge`).
|
purged from the system (using `--purge`).
|
||||||
|
|
|
@ -1 +1,2 @@
|
||||||
|
install-recommends
|
||||||
purge-if-absent
|
purge-if-absent
|
||||||
|
|
|
@ -75,7 +75,7 @@ execcmd(){
|
||||||
esac
|
esac
|
||||||
|
|
||||||
if [ -z "${pkg_bootstrapped}" ]; then
|
if [ -z "${pkg_bootstrapped}" ]; then
|
||||||
echo "pkg bootstrap -y >/dev/null 2>&1"
|
echo "ASSUME_ALWAYS_YES=yes pkg bootstrap >/dev/null 2>&1"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
echo "$_cmd >/dev/null 2>&1" # Silence the output of the command
|
echo "$_cmd >/dev/null 2>&1" # Silence the output of the command
|
||||||
|
|
121
cdist/conf/type/__sshd_config/explorer/state
Normal file
121
cdist/conf/type/__sshd_config/explorer/state
Normal file
|
@ -0,0 +1,121 @@
|
||||||
|
#!/bin/sh -e
|
||||||
|
#
|
||||||
|
# 2020 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
|
||||||
|
#
|
||||||
|
# This file is part of cdist.
|
||||||
|
#
|
||||||
|
# cdist is free software: you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU General Public License as published by
|
||||||
|
# the Free Software Foundation, either version 3 of the License, or
|
||||||
|
# (at your option) any later version.
|
||||||
|
#
|
||||||
|
# cdist is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
# GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public License
|
||||||
|
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
#
|
||||||
|
# Determines the current state of the config option.
|
||||||
|
# Possible output:
|
||||||
|
# - present: "should" option present in config file
|
||||||
|
# - default: the "should" option is the default -> don’t know if present
|
||||||
|
# - absent: no such option present in config file
|
||||||
|
#
|
||||||
|
|
||||||
|
joinlines() { sed -n -e H -e "\${x;s/^\\n//;s/\\n/${1:?}/g;p;}"; }
|
||||||
|
trlower() { tr '[:upper:]' '[:lower:]'; }
|
||||||
|
tolower() { printf '%s' "$*" | trlower; }
|
||||||
|
|
||||||
|
default_value() {
|
||||||
|
sshd -T -f /dev/null -C "$(make_conn_spec)" \
|
||||||
|
| sed -n -e 's/^'"$(tolower "${1:?}")"'[[:blank:]]\{1,\}//p'
|
||||||
|
}
|
||||||
|
|
||||||
|
make_conn_spec() {
|
||||||
|
if test -s "${__object:?}/parameter/match"
|
||||||
|
then
|
||||||
|
_match_file="${__object:?}/parameter/match"
|
||||||
|
else
|
||||||
|
_match_file='/dev/null'
|
||||||
|
fi
|
||||||
|
|
||||||
|
for _kw in \
|
||||||
|
addr=Address \
|
||||||
|
user=User \
|
||||||
|
host=Host \
|
||||||
|
laddr=LocalAddress \
|
||||||
|
lport=LocalPort \
|
||||||
|
rdomain=RDomain
|
||||||
|
do
|
||||||
|
_specname=${_kw%%=*}
|
||||||
|
_confname=$(tolower "${_kw#*=}")
|
||||||
|
while read -r _k _v
|
||||||
|
do
|
||||||
|
if test "$(tolower "${_k}")" = "${_confname}"
|
||||||
|
then
|
||||||
|
printf '%s=%s\n' "${_specname}" "${_v}"
|
||||||
|
continue 2
|
||||||
|
fi
|
||||||
|
done <"${_match_file}"
|
||||||
|
|
||||||
|
# NOTE: Print test spec even for empty keys to suppress errors like:
|
||||||
|
# 'Match User' in configuration but 'user' not in connection test specification.
|
||||||
|
# except lport:
|
||||||
|
# Invalid port '' in test mode specification lport=
|
||||||
|
test "${_specname}" = 'lport' || printf '%s=\n' "${_specname}"
|
||||||
|
done \
|
||||||
|
| joinlines ','
|
||||||
|
unset _match_file
|
||||||
|
}
|
||||||
|
|
||||||
|
sshd_config_file=$(cat "${__object:?}/parameter/file")
|
||||||
|
state_should=$(cat "${__object:?}/parameter/state")
|
||||||
|
|
||||||
|
if test -s "${__object:?}/parameter/option"
|
||||||
|
then
|
||||||
|
option_name=$(cat "${__object:?}/parameter/option")
|
||||||
|
else
|
||||||
|
option_name=${__object_id:?}
|
||||||
|
fi
|
||||||
|
|
||||||
|
value_should=$(cat "${__object:?}/parameter/value" 2>/dev/null) \
|
||||||
|
|| test "${state_should}" = absent || exit 0 # param optional if --state absent
|
||||||
|
|
||||||
|
command -v sshd >/dev/null 2>&1 || {
|
||||||
|
echo 'Cannot find sshd.' >&2
|
||||||
|
exit 1
|
||||||
|
}
|
||||||
|
|
||||||
|
test -e "${sshd_config_file}" || {
|
||||||
|
echo 'absent'
|
||||||
|
exit 0
|
||||||
|
}
|
||||||
|
|
||||||
|
value_is=$(
|
||||||
|
sshd -T -f "${sshd_config_file}" -C "$(make_conn_spec)" \
|
||||||
|
| sed -n -e 's/^'"$(tolower "${option_name}")"'[[:blank:]]\{1,\}//p')
|
||||||
|
|
||||||
|
if printf '%s\n' "${value_is}" | {
|
||||||
|
if test -n "${value_should}"
|
||||||
|
then
|
||||||
|
grep -q -x -F "${value_should}"
|
||||||
|
else
|
||||||
|
# if no value provided, assume "any" value
|
||||||
|
grep -q -e .
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
then
|
||||||
|
if default_value "${option_name}" | grep -q -x -F "${value_is}"
|
||||||
|
then
|
||||||
|
# Might produce false positives for default values.
|
||||||
|
# TODO: Manual checking should be done, but for simplicity, this case is
|
||||||
|
# currently ignored here.
|
||||||
|
echo default
|
||||||
|
else
|
||||||
|
echo present
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
echo absent
|
||||||
|
fi
|
293
cdist/conf/type/__sshd_config/files/update_sshd_config.awk
Normal file
293
cdist/conf/type/__sshd_config/files/update_sshd_config.awk
Normal file
|
@ -0,0 +1,293 @@
|
||||||
|
# -*- mode: awk; indent-tabs-mode: t -*-
|
||||||
|
|
||||||
|
function usage() {
|
||||||
|
print_err("Usage: awk -f update_sshd_config.awk -- -o set|unset [-m 'User git'] -l 'X11Forwarding no' /etc/ssh/sshd_config")
|
||||||
|
}
|
||||||
|
|
||||||
|
function print_err(s) { print s | "cat >&2" }
|
||||||
|
|
||||||
|
function alength(a, i) {
|
||||||
|
for (i = 0; (i + 1) in a; ++i);
|
||||||
|
return i
|
||||||
|
}
|
||||||
|
|
||||||
|
function join(sep, a, i, s) {
|
||||||
|
for (i = i ? i : 1; i in a; i++)
|
||||||
|
s = s sep a[i]
|
||||||
|
return substr(s, 2)
|
||||||
|
}
|
||||||
|
|
||||||
|
function getopt(opts, argv, target, files, i, c, lv, idx, nf) {
|
||||||
|
# trivial getopt(3) implementation; only basic functionality
|
||||||
|
if (argv[1] == "--") i++
|
||||||
|
for (i += 1; i in argv; i++) {
|
||||||
|
if (lv) { target[c] = argv[i]; lv = 0; continue }
|
||||||
|
if (argv[i] ~ /^-/) {
|
||||||
|
c = substr(argv[i], 2, 1)
|
||||||
|
idx = index(opts, c)
|
||||||
|
if (!idx) {
|
||||||
|
print_err(sprintf("invalid option -%c\n", c))
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
if (substr(opts, idx + 1, 1) == ":") {
|
||||||
|
# option takes argument
|
||||||
|
if (length(argv[i]) > 2)
|
||||||
|
target[c] = substr(argv[i], 3)
|
||||||
|
else
|
||||||
|
lv = 1
|
||||||
|
} else {
|
||||||
|
target[c] = 1
|
||||||
|
}
|
||||||
|
} else
|
||||||
|
files[++nf] = argv[i]
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
# tokenise configuration line
|
||||||
|
# this function mimics the counterpart in OpenSSH (misc.c)
|
||||||
|
# but it returns two (next token SUBSEP rest) because I didn’t want to have to
|
||||||
|
# simulate any pointer magic.
|
||||||
|
function strdelim_internal(s, split_equals, old) {
|
||||||
|
if (!s)
|
||||||
|
return ""
|
||||||
|
|
||||||
|
old = s
|
||||||
|
|
||||||
|
if (!match(s, WHITESPACE "|" QUOTE "" (split_equals ? "|" EQUALS : "")))
|
||||||
|
return s
|
||||||
|
|
||||||
|
s = substr(s, RSTART)
|
||||||
|
old = substr(old, 1, RSTART - 1)
|
||||||
|
|
||||||
|
if (s ~ "^" QUOTE) {
|
||||||
|
old = substr(old, 2)
|
||||||
|
|
||||||
|
# Find matching quote
|
||||||
|
if (match(s, QUOTE)) {
|
||||||
|
old = substr(old, 1, RSTART)
|
||||||
|
# s = substr()
|
||||||
|
if (match(s, "^" WHITESPACE "*"))
|
||||||
|
s = substr(s, RLENGTH)
|
||||||
|
return old
|
||||||
|
} else {
|
||||||
|
# no matching quote
|
||||||
|
return ""
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (match(s, "^" WHITESPACE "+")) {
|
||||||
|
sub("^" WHITESPACE "+", "", s)
|
||||||
|
if (split_equals)
|
||||||
|
sub(EQUALS WHITESPACE "*", "", s)
|
||||||
|
} else if (s ~ "^" EQUALS) {
|
||||||
|
s = substr(s, 2)
|
||||||
|
}
|
||||||
|
|
||||||
|
return old SUBSEP s
|
||||||
|
}
|
||||||
|
function strdelim(s) { return strdelim_internal(s, 1) }
|
||||||
|
function strdelimw(s) { return strdelim_internal(s, 0) }
|
||||||
|
|
||||||
|
function singleton_option(opt) {
|
||||||
|
return tolower(opt) !~ /^(acceptenv|allowgroups|allowusers|authenticationmethods|authorizedkeysfile|denygroups|denyusers|hostcertificate|hostkey|listenaddress|logverbose|permitlisten|permitopen|port|setenv|subsystem)$/
|
||||||
|
}
|
||||||
|
|
||||||
|
function print_update() {
|
||||||
|
if (mode) {
|
||||||
|
if (match_only) printf "\t"
|
||||||
|
printf "%s\n", line_should
|
||||||
|
updated = 1
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
BEGIN {
|
||||||
|
FS = "\n" # disable field splitting
|
||||||
|
|
||||||
|
WHITESPACE = "[ \t]" # servconf.c, misc.c:strdelim_internal (without line breaks, cf. bugs)
|
||||||
|
QUOTE = "[\"]" # misc.c:strdelim_internal
|
||||||
|
EQUALS = "[=]"
|
||||||
|
|
||||||
|
split("", opts)
|
||||||
|
split("", files)
|
||||||
|
getopt("ho:l:m:", ARGV, opts, files)
|
||||||
|
|
||||||
|
if (opts["h"]) { usage(); exit (e="0") }
|
||||||
|
|
||||||
|
line_should = opts["l"]
|
||||||
|
match_only = opts["m"]
|
||||||
|
num_files = alength(files)
|
||||||
|
|
||||||
|
if (num_files != 1 || !opts["o"] || !line_should) {
|
||||||
|
usage()
|
||||||
|
exit (e=126)
|
||||||
|
}
|
||||||
|
|
||||||
|
if (opts["o"] == "set") {
|
||||||
|
mode = 1
|
||||||
|
} else if (opts["o"] == "unset") {
|
||||||
|
mode = 0
|
||||||
|
} else {
|
||||||
|
print_err(sprintf("invalid mode %s\n", mode))
|
||||||
|
exit (e=1)
|
||||||
|
}
|
||||||
|
|
||||||
|
if (mode) {
|
||||||
|
# loop over sshd_config twice!
|
||||||
|
ARGV[2] = ARGV[1] = files[1]
|
||||||
|
ARGC = 3
|
||||||
|
} else {
|
||||||
|
# only loop once
|
||||||
|
ARGV[1] = files[1]
|
||||||
|
ARGC = 2
|
||||||
|
}
|
||||||
|
|
||||||
|
split(strdelim(line_should), should, SUBSEP)
|
||||||
|
option_should = tolower(should[1])
|
||||||
|
value_should = should[2]
|
||||||
|
}
|
||||||
|
|
||||||
|
{
|
||||||
|
line = $0
|
||||||
|
|
||||||
|
# Strip trailing whitespace. Allow \f (form feed) at EOL only
|
||||||
|
sub("(" WHITESPACE "|\f)*$", "", line)
|
||||||
|
|
||||||
|
# Strip leading whitespace
|
||||||
|
sub("^" WHITESPACE "*", "", line)
|
||||||
|
|
||||||
|
if (match(line, "^#" WHITESPACE "*")) {
|
||||||
|
prefix = substr(line, RSTART, RLENGTH)
|
||||||
|
line = substr(line, RSTART + RLENGTH)
|
||||||
|
} else {
|
||||||
|
prefix = ""
|
||||||
|
}
|
||||||
|
|
||||||
|
line_type = "invalid"
|
||||||
|
option_is = value_is = ""
|
||||||
|
|
||||||
|
if (line) {
|
||||||
|
split(strdelim(line), toks, SUBSEP)
|
||||||
|
|
||||||
|
if (tolower(toks[1]) == "match") {
|
||||||
|
MATCH = (prefix ~ /^#/ ? "#" : "") join(" ", toks, 2)
|
||||||
|
line_type = "match"
|
||||||
|
} else if (toks[1] ~ /^[A-Za-z][A-Za-z0-9]+$/) {
|
||||||
|
# This could be an option line
|
||||||
|
line_type = "option"
|
||||||
|
option_is = tolower(toks[1])
|
||||||
|
value_is = toks[2]
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
line_type = "empty"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
# mode: unset
|
||||||
|
|
||||||
|
!mode {
|
||||||
|
# delete matching config
|
||||||
|
if (prefix !~ /^#/)
|
||||||
|
if (MATCH == match_only && option_is == option_should)
|
||||||
|
if (!value_should || value_should == value_is)
|
||||||
|
next
|
||||||
|
|
||||||
|
print
|
||||||
|
next
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
# mode: set
|
||||||
|
|
||||||
|
mode && NR == FNR {
|
||||||
|
if (line_type == "option") {
|
||||||
|
if (MATCH !~ /^#/) {
|
||||||
|
if (prefix ~ /^#/) {
|
||||||
|
# comment line
|
||||||
|
last_occ[MATCH, "#" option_is] = FNR
|
||||||
|
} else {
|
||||||
|
# option line
|
||||||
|
last_occ[MATCH, option_is] = FNR
|
||||||
|
}
|
||||||
|
last_occ[MATCH] = FNR
|
||||||
|
}
|
||||||
|
} else if (line_type == "invalid" && !prefix) {
|
||||||
|
# INVALID LINE
|
||||||
|
print_err(sprintf("%s: syntax error on line %u\n", ARGV[0], FNR))
|
||||||
|
}
|
||||||
|
|
||||||
|
next
|
||||||
|
}
|
||||||
|
|
||||||
|
# before second pass prepare hashes containing location information to be used
|
||||||
|
# in the second pass.
|
||||||
|
mode && NR > FNR && FNR == 1 {
|
||||||
|
# First we drop the locations of commented-out options if a non-commented
|
||||||
|
# option is available. If a non-commented option is available, we will
|
||||||
|
# append new config options there to have them all at one place.
|
||||||
|
for (k in last_occ) {
|
||||||
|
if (k ~ /^#/) {
|
||||||
|
# delete entries of commented out match blocks
|
||||||
|
delete last_occ[k]
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
|
||||||
|
split(k, parts, SUBSEP)
|
||||||
|
|
||||||
|
if (parts[2] ~ /^#/ && ((parts[1], substr(parts[2], 2)) in last_occ))
|
||||||
|
delete last_occ[k]
|
||||||
|
}
|
||||||
|
|
||||||
|
# Reverse the option => line mapping. The line_map allows for easier lookups
|
||||||
|
# in the second pass.
|
||||||
|
# We only keep options, not top-level keywords, because we can only have
|
||||||
|
# one entry per line and there are conflicts with last lines of "sections".
|
||||||
|
for (k in last_occ) {
|
||||||
|
if (!index(k, SUBSEP)) continue
|
||||||
|
line_map[last_occ[k]] = k
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
# Second pass
|
||||||
|
mode && line_map[FNR] == match_only SUBSEP option_should && !updated {
|
||||||
|
split(line_map[FNR], parts, SUBSEP)
|
||||||
|
|
||||||
|
# If option allows multiple values, print current value
|
||||||
|
if (!singleton_option(parts[2])) {
|
||||||
|
if (value_should != value_is)
|
||||||
|
print
|
||||||
|
}
|
||||||
|
|
||||||
|
print_update()
|
||||||
|
|
||||||
|
next
|
||||||
|
}
|
||||||
|
|
||||||
|
mode { print }
|
||||||
|
|
||||||
|
# Is a comment option
|
||||||
|
mode && line_map[FNR] == match_only SUBSEP "#" option_should && !updated {
|
||||||
|
print_update()
|
||||||
|
}
|
||||||
|
|
||||||
|
# Last line of the should match section
|
||||||
|
mode && last_occ[match_only] == FNR && !updated {
|
||||||
|
# NOTE: Inserting empty lines is only cosmetic. It is only done if
|
||||||
|
# different options are next to each other and not in a match block
|
||||||
|
# (match blocks are usually not in the default config and thus don’t
|
||||||
|
# contain commented blocks.)
|
||||||
|
if (line && option_is != option_should && !MATCH)
|
||||||
|
print ""
|
||||||
|
print_update()
|
||||||
|
}
|
||||||
|
|
||||||
|
END {
|
||||||
|
if (e) exit e
|
||||||
|
|
||||||
|
if (mode && !updated) {
|
||||||
|
if (match_only && MATCH != match_only) {
|
||||||
|
printf "\nMatch %s\n", match_only
|
||||||
|
}
|
||||||
|
|
||||||
|
print_update()
|
||||||
|
}
|
||||||
|
}
|
97
cdist/conf/type/__sshd_config/gencode-remote
Executable file
97
cdist/conf/type/__sshd_config/gencode-remote
Executable file
|
@ -0,0 +1,97 @@
|
||||||
|
#!/bin/sh -e
|
||||||
|
#
|
||||||
|
# 2020 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
|
||||||
|
#
|
||||||
|
# This file is part of cdist.
|
||||||
|
#
|
||||||
|
# cdist is free software: you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU General Public License as published by
|
||||||
|
# the Free Software Foundation, either version 3 of the License, or
|
||||||
|
# (at your option) any later version.
|
||||||
|
#
|
||||||
|
# cdist is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
# GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public License
|
||||||
|
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
#
|
||||||
|
|
||||||
|
joinlines() { sed -n -e H -e "\${x;s/^\\n//;s/\\n/${1:?}/g;p;}"; }
|
||||||
|
|
||||||
|
state_is=$(cat "${__object:?}/explorer/state")
|
||||||
|
state_should=$(cat "${__object:?}/parameter/state")
|
||||||
|
|
||||||
|
if test "${state_is}" = "${state_should}" -o "${state_is}" = 'default'
|
||||||
|
then
|
||||||
|
# nothing to do (if the value is the default, ignore its state)
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
case ${state_should}
|
||||||
|
in
|
||||||
|
(present)
|
||||||
|
mode='set'
|
||||||
|
;;
|
||||||
|
(absent)
|
||||||
|
mode='unset'
|
||||||
|
;;
|
||||||
|
(*)
|
||||||
|
printf 'Invalid --state: %s\n' "${state_should}" >&2
|
||||||
|
exit 1
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
sshd_config_file=$(cat "${__object:?}/parameter/file")
|
||||||
|
|
||||||
|
quote() { printf "'%s'" "$(printf '%s' "$*" | sed -e "s/'/'\\\\''/g")"; }
|
||||||
|
drop_awk_comments() { quote "$(sed '/^[[:blank:]]*#.*$/d;/^$/d' "$@")"; }
|
||||||
|
|
||||||
|
# Ensure the sshd_config file is there
|
||||||
|
cat <<EOF
|
||||||
|
test -e $(quote "${sshd_config_file}") || {
|
||||||
|
: >$(quote "${sshd_config_file}")
|
||||||
|
chown 0:0 $(quote "${sshd_config_file}")
|
||||||
|
chmod 0644 $(quote "${sshd_config_file}")
|
||||||
|
}
|
||||||
|
|
||||||
|
EOF
|
||||||
|
|
||||||
|
match_only=
|
||||||
|
if test -s "${__object:?}/parameter/match"
|
||||||
|
then
|
||||||
|
match_only=$(joinlines ' ' <"${__object:?}/parameter/match")
|
||||||
|
fi
|
||||||
|
|
||||||
|
if test -s "${__object:?}/parameter/option"
|
||||||
|
then
|
||||||
|
option_line=$(cat "${__object:?}/parameter/option")
|
||||||
|
else
|
||||||
|
option_line=${__object_id:?}
|
||||||
|
fi
|
||||||
|
|
||||||
|
if test -s "${__object:?}/parameter/value"
|
||||||
|
then
|
||||||
|
option_line="${option_line} $(cat "${__object:?}/parameter/value")"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Send message on config update
|
||||||
|
printf '%s%s %s\n' "${mode}" "${match_only:+ [${match_only}]}" \
|
||||||
|
"${option_line}" >>"${__messages_out:?}"
|
||||||
|
|
||||||
|
# Update sshd_config (remote code)
|
||||||
|
cat <<EOF
|
||||||
|
awk $(drop_awk_comments "${__type:?}/files/update_sshd_config.awk") \\
|
||||||
|
-o ${mode} \\
|
||||||
|
-m $(quote "${match_only}") \\
|
||||||
|
-l $(quote "${option_line}") \\
|
||||||
|
$(quote "${sshd_config_file}") >$(quote "${sshd_config_file}.tmp") \\
|
||||||
|
|| exit
|
||||||
|
|
||||||
|
cmp -s $(quote "${sshd_config_file}") $(quote "${sshd_config_file}.tmp") || {
|
||||||
|
sshd -t -f $(quote "${sshd_config_file}.tmp") \\
|
||||||
|
&& cat $(quote "${sshd_config_file}.tmp") >$(quote "${sshd_config_file}")
|
||||||
|
}
|
||||||
|
rm -f $(quote "${sshd_config_file}.tmp")
|
||||||
|
EOF
|
94
cdist/conf/type/__sshd_config/man.rst
Normal file
94
cdist/conf/type/__sshd_config/man.rst
Normal file
|
@ -0,0 +1,94 @@
|
||||||
|
cdist-type__sshd_config(7)
|
||||||
|
==========================
|
||||||
|
|
||||||
|
NAME
|
||||||
|
----
|
||||||
|
cdist-type__sshd_config - Manage options in sshd_config
|
||||||
|
|
||||||
|
|
||||||
|
DESCRIPTION
|
||||||
|
-----------
|
||||||
|
This space intentionally left blank.
|
||||||
|
|
||||||
|
|
||||||
|
REQUIRED PARAMETERS
|
||||||
|
-------------------
|
||||||
|
None.
|
||||||
|
|
||||||
|
|
||||||
|
OPTIONAL PARAMETERS
|
||||||
|
-------------------
|
||||||
|
file
|
||||||
|
The path to the sshd_config file to edit.
|
||||||
|
Defaults to ``/etc/ssh/sshd_config``.
|
||||||
|
match
|
||||||
|
Restrict this option to apply only for certain connections.
|
||||||
|
Allowed values are what would be allowed to be written after a ``Match``
|
||||||
|
keyword in ``sshd_config``, e.g. ``--match 'User anoncvs'``.
|
||||||
|
|
||||||
|
Can be used multiple times. All of the values are ANDed together.
|
||||||
|
option
|
||||||
|
The name of the option to manipulate. Defaults to ``__object_id``.
|
||||||
|
state
|
||||||
|
Can be:
|
||||||
|
|
||||||
|
- ``present``: ensure a matching config line is present (or the default
|
||||||
|
value).
|
||||||
|
- ``absent``: ensure no matching config line is present.
|
||||||
|
value
|
||||||
|
The option's value to be assigned to the option (if ``--state present``) or
|
||||||
|
removed (if ``--state absent``).
|
||||||
|
|
||||||
|
This option is required if ``--state present``. If not specified and
|
||||||
|
``--state absent``, all values for the given option are removed.
|
||||||
|
|
||||||
|
|
||||||
|
BOOLEAN PARAMETERS
|
||||||
|
------------------
|
||||||
|
None.
|
||||||
|
|
||||||
|
|
||||||
|
EXAMPLES
|
||||||
|
--------
|
||||||
|
|
||||||
|
.. code-block:: sh
|
||||||
|
|
||||||
|
# Disallow root logins with password
|
||||||
|
__sshd_config PermitRootLogin --value without-password
|
||||||
|
|
||||||
|
# Disallow password-based authentication
|
||||||
|
__sshd_config PasswordAuthentication --value no
|
||||||
|
|
||||||
|
# Accept the EDITOR environment variable
|
||||||
|
__sshd_config AcceptEnv:EDITOR --option AcceptEnv --value EDITOR
|
||||||
|
|
||||||
|
# Force command for connections as git user
|
||||||
|
__sshd_config git@ForceCommand --match 'User git' --option ForceCommand \
|
||||||
|
--value 'cd ~git && exec git-shell ${SSH_ORIGINAL_COMMAND:+-c "${SSH_ORIGINAL_COMMAND}"}'
|
||||||
|
|
||||||
|
|
||||||
|
SEE ALSO
|
||||||
|
--------
|
||||||
|
:strong:`sshd_config`\ (5)
|
||||||
|
|
||||||
|
|
||||||
|
BUGS
|
||||||
|
----
|
||||||
|
- This type assumes a nicely formatted config file,
|
||||||
|
i.e. no config options spanning multiple lines.
|
||||||
|
- ``Include`` directives are ignored.
|
||||||
|
- Config options are not added/removed to/from the config file if their value is
|
||||||
|
the default value.
|
||||||
|
|
||||||
|
|
||||||
|
AUTHORS
|
||||||
|
-------
|
||||||
|
Dennis Camera <dennis.camera--@--ssrq-sds-fds.ch>
|
||||||
|
|
||||||
|
|
||||||
|
COPYING
|
||||||
|
-------
|
||||||
|
Copyright \(C) 2020 Dennis Camera. You can redistribute it
|
||||||
|
and/or modify it under the terms of the GNU General Public License as
|
||||||
|
published by the Free Software Foundation, either version 3 of the
|
||||||
|
License, or (at your option) any later version.
|
48
cdist/conf/type/__sshd_config/manifest
Executable file
48
cdist/conf/type/__sshd_config/manifest
Executable file
|
@ -0,0 +1,48 @@
|
||||||
|
#!/bin/sh -e
|
||||||
|
#
|
||||||
|
# 2020 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
|
||||||
|
#
|
||||||
|
# This file is part of cdist.
|
||||||
|
#
|
||||||
|
# cdist is free software: you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU General Public License as published by
|
||||||
|
# the Free Software Foundation, either version 3 of the License, or
|
||||||
|
# (at your option) any later version.
|
||||||
|
#
|
||||||
|
# cdist is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
# GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public License
|
||||||
|
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
#
|
||||||
|
|
||||||
|
os=$(cat "${__global:?}/explorer/os")
|
||||||
|
|
||||||
|
state_should=$(cat "${__object:?}/parameter/state")
|
||||||
|
|
||||||
|
case ${os}
|
||||||
|
in
|
||||||
|
(alpine|centos|fedora|redhat|scientific|debian|devuan|ubuntu)
|
||||||
|
if test "${state_should}" != 'absent'
|
||||||
|
then
|
||||||
|
__package openssh-server --state present
|
||||||
|
fi
|
||||||
|
;;
|
||||||
|
(archlinux|gentoo|slackware|suse)
|
||||||
|
if test "${state_should}" != 'absent'
|
||||||
|
then
|
||||||
|
__package openssh --state present
|
||||||
|
fi
|
||||||
|
;;
|
||||||
|
(freebsd|netbsd|openbsd)
|
||||||
|
# whitelist
|
||||||
|
;;
|
||||||
|
(*)
|
||||||
|
printf 'Your operating system (%s) is currently not supported by this type (%s)\n' \
|
||||||
|
"${os}" "${__type##*/}" >&2
|
||||||
|
printf 'Please contribute an implementation for it if you can.\n' >&2
|
||||||
|
exit 1
|
||||||
|
;;
|
||||||
|
esac
|
1
cdist/conf/type/__sshd_config/parameter/default/file
Normal file
1
cdist/conf/type/__sshd_config/parameter/default/file
Normal file
|
@ -0,0 +1 @@
|
||||||
|
/etc/ssh/sshd_config
|
1
cdist/conf/type/__sshd_config/parameter/default/state
Normal file
1
cdist/conf/type/__sshd_config/parameter/default/state
Normal file
|
@ -0,0 +1 @@
|
||||||
|
present
|
4
cdist/conf/type/__sshd_config/parameter/optional
Normal file
4
cdist/conf/type/__sshd_config/parameter/optional
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
file
|
||||||
|
option
|
||||||
|
state
|
||||||
|
value
|
|
@ -0,0 +1 @@
|
||||||
|
match
|
110
cdist/conf/type/__uci/explorer/state
Normal file
110
cdist/conf/type/__uci/explorer/state
Normal file
|
@ -0,0 +1,110 @@
|
||||||
|
#!/bin/sh
|
||||||
|
#
|
||||||
|
# 2020 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
|
||||||
|
#
|
||||||
|
# This file is part of cdist.
|
||||||
|
#
|
||||||
|
# cdist is free software: you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU General Public License as published by
|
||||||
|
# the Free Software Foundation, either version 3 of the License, or
|
||||||
|
# (at your option) any later version.
|
||||||
|
#
|
||||||
|
# cdist is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
# GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public License
|
||||||
|
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
#
|
||||||
|
# This explorer retrieves the current state of the configuration option
|
||||||
|
# The output of this explorer is one of these values:
|
||||||
|
# present
|
||||||
|
# The configuration option is present and has the value of the
|
||||||
|
# parameter --value.
|
||||||
|
# absent
|
||||||
|
# The configuration option is not defined.
|
||||||
|
# different
|
||||||
|
# The configuration option is present but has a different value than the
|
||||||
|
# parameter --value.
|
||||||
|
# rearranged
|
||||||
|
# The configuration option is present (a list) and has the same values as
|
||||||
|
# the parameter --value, but in a different order.
|
||||||
|
|
||||||
|
RS=$(printf '\036')
|
||||||
|
|
||||||
|
option=${__object_id:?}
|
||||||
|
|
||||||
|
values_is=$(uci -s -N -d "${RS}" get "${option}" 2>/dev/null) || {
|
||||||
|
echo absent
|
||||||
|
exit 0
|
||||||
|
}
|
||||||
|
|
||||||
|
if test -f "${__object:?}/parameter/value"
|
||||||
|
then
|
||||||
|
should_file="${__object:?}/parameter/value"
|
||||||
|
else
|
||||||
|
should_file='/dev/null'
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
# strip off trailing newline
|
||||||
|
printf '%s' "${values_is}" \
|
||||||
|
| awk '
|
||||||
|
function unquote(s) {
|
||||||
|
# simplified dequoting of single quoted strings
|
||||||
|
if (s ~ /^'\''.*'\''$/) {
|
||||||
|
s = substr(s, 2, length(s) - 2)
|
||||||
|
sub(/'"'\\\\''"'/, "'\''", s)
|
||||||
|
}
|
||||||
|
return s
|
||||||
|
}
|
||||||
|
|
||||||
|
BEGIN {
|
||||||
|
state = "present" # assume all is fine
|
||||||
|
}
|
||||||
|
NR == FNR {
|
||||||
|
# memoize "should" state
|
||||||
|
should[FNR] = $0
|
||||||
|
should_count++
|
||||||
|
|
||||||
|
# go to next line (important!)
|
||||||
|
next
|
||||||
|
}
|
||||||
|
|
||||||
|
# compare "is" state
|
||||||
|
|
||||||
|
{ $0 = unquote($0) }
|
||||||
|
|
||||||
|
$0 == should[FNR] { next }
|
||||||
|
|
||||||
|
FNR > should_count {
|
||||||
|
# there are more "is" records than "should" -> definitely different
|
||||||
|
state = "different"
|
||||||
|
exit
|
||||||
|
}
|
||||||
|
|
||||||
|
{
|
||||||
|
# see if we can find the value somewhere in should
|
||||||
|
for (i in should) {
|
||||||
|
if ($0 == should[i]) {
|
||||||
|
# ... value found -> rearranged
|
||||||
|
# FIXME: Duplicate values are not properly handled here. Do they matter?
|
||||||
|
state = "rearranged"
|
||||||
|
next
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
state = "different"
|
||||||
|
exit
|
||||||
|
}
|
||||||
|
|
||||||
|
END {
|
||||||
|
if (FNR < should_count) {
|
||||||
|
# "is" was shorter than "should" -> different
|
||||||
|
state = "different"
|
||||||
|
}
|
||||||
|
|
||||||
|
print state
|
||||||
|
}
|
||||||
|
' "${should_file}" RS="${RS}" -
|
73
cdist/conf/type/__uci/files/functions.sh
Normal file
73
cdist/conf/type/__uci/files/functions.sh
Normal file
|
@ -0,0 +1,73 @@
|
||||||
|
# -*- mode: sh; indent-tabs-mode: t -*-
|
||||||
|
|
||||||
|
in_list() {
|
||||||
|
printf '%s\n' "$@" | { grep -qxF "$(read -r ndl; echo "${ndl}")"; }
|
||||||
|
}
|
||||||
|
|
||||||
|
quote() {
|
||||||
|
for _arg
|
||||||
|
do
|
||||||
|
shift
|
||||||
|
if test -n "$(printf %s "${_arg}" | tr -d -c '\t\n \042-\047\050-\052\073-\077\133\\`|~' | tr -c '' '.')"
|
||||||
|
then
|
||||||
|
# needs quoting
|
||||||
|
set -- "$@" "$(printf "'%s'" "$(printf %s "${_arg}" | sed -e "s/'/'\\\\''/g")")"
|
||||||
|
else
|
||||||
|
set -- "$@" "${_arg}"
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
unset _arg
|
||||||
|
|
||||||
|
# NOTE: Use printf because POSIX echo interprets escape sequences
|
||||||
|
printf '%s' "$*"
|
||||||
|
}
|
||||||
|
|
||||||
|
uci_cmd() {
|
||||||
|
# Usage: uci_cmd [UCI ARGUMENTS]...
|
||||||
|
mkdir -p "${__object:?}/files"
|
||||||
|
printf '%s\n' "$(quote "$@")" >>"${__object:?}/files/uci_batch.txt"
|
||||||
|
}
|
||||||
|
|
||||||
|
uci_validate_name() {
|
||||||
|
# like util.c uci_validate_name()
|
||||||
|
test -n "$*" && test -z "$(echo "$*" | tr -d '[:alnum:]_')"
|
||||||
|
}
|
||||||
|
|
||||||
|
uci_validate_tuple() (
|
||||||
|
tok=${1:?}
|
||||||
|
case $tok
|
||||||
|
in
|
||||||
|
(*.*.*)
|
||||||
|
# check option
|
||||||
|
option=${tok##*.}
|
||||||
|
uci_validate_name "${option}" || {
|
||||||
|
printf 'Invalid option: %s\n' "${option}" >&2
|
||||||
|
return 1
|
||||||
|
}
|
||||||
|
tok=${tok%.*}
|
||||||
|
;;
|
||||||
|
(*.*)
|
||||||
|
# no option (section definition)
|
||||||
|
;;
|
||||||
|
(*)
|
||||||
|
printf 'Invalid tuple: %s\n' "$1" >&2
|
||||||
|
return 1
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
case ${tok#*.}
|
||||||
|
in
|
||||||
|
(@*) section=$(expr "${tok#*.}" : '@\(.*\)\[-*[0-9]*\]$') ;;
|
||||||
|
(*) section=${tok#*.} ;;
|
||||||
|
esac
|
||||||
|
uci_validate_name "${section}" || {
|
||||||
|
printf 'Invalid section: %s\n' "${1#*.}" >&2
|
||||||
|
return 1
|
||||||
|
}
|
||||||
|
|
||||||
|
config=${tok%%.*}
|
||||||
|
uci_validate_name "${config}" || {
|
||||||
|
printf 'Invalid config: %s\n' "${config}" >&2
|
||||||
|
return 1
|
||||||
|
}
|
||||||
|
)
|
43
cdist/conf/type/__uci/files/uci_apply.sh
Normal file
43
cdist/conf/type/__uci/files/uci_apply.sh
Normal file
|
@ -0,0 +1,43 @@
|
||||||
|
changes=$(uci changes)
|
||||||
|
|
||||||
|
if test -n "${changes}"
|
||||||
|
then
|
||||||
|
echo 'Uncommited UCI changes were found on the target:'
|
||||||
|
printf '%s\n\n' "${changes}"
|
||||||
|
echo 'This can be caused by manual changes or due to a previous failed run.'
|
||||||
|
echo 'Please investigate the situation, revert or commit the changes, and try again.'
|
||||||
|
exit 1
|
||||||
|
fi >&2
|
||||||
|
|
||||||
|
check_errors() {
|
||||||
|
# reads stdin and forwards non-empty lines to stderr.
|
||||||
|
# returns 0 if stdin is empty, else 1.
|
||||||
|
! grep -e . >&2
|
||||||
|
}
|
||||||
|
|
||||||
|
commit() {
|
||||||
|
uci commit
|
||||||
|
}
|
||||||
|
|
||||||
|
rollback() {
|
||||||
|
printf '\nAn error occurred when trying to commit UCI transaction!\n' >&2
|
||||||
|
|
||||||
|
uci changes \
|
||||||
|
| sed -e 's/^-//' -e 's/\..*\$//' \
|
||||||
|
| sort -u \
|
||||||
|
| while read -r _package
|
||||||
|
do
|
||||||
|
uci revert "${_package}"
|
||||||
|
echo "${_package}" # for logging
|
||||||
|
done \
|
||||||
|
| awk '
|
||||||
|
BEGIN { printf "Reverted changes in: " }
|
||||||
|
{ printf "%s%s", (FNR > 1 ? ", " : ""), $0 }
|
||||||
|
END { printf "\n" }' >&2
|
||||||
|
|
||||||
|
return 1
|
||||||
|
}
|
||||||
|
|
||||||
|
uci_apply() {
|
||||||
|
uci batch 2>&1 | check_errors && commit || rollback
|
||||||
|
}
|
101
cdist/conf/type/__uci/gencode-remote
Executable file
101
cdist/conf/type/__uci/gencode-remote
Executable file
|
@ -0,0 +1,101 @@
|
||||||
|
#!/bin/sh -e
|
||||||
|
#
|
||||||
|
# 2020 Dennis Camera (dennis.camera@ssrq-sds-fds.ch)
|
||||||
|
#
|
||||||
|
# This file is part of cdist.
|
||||||
|
#
|
||||||
|
# cdist is free software: you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU General Public License as published by
|
||||||
|
# the Free Software Foundation, either version 3 of the License, or
|
||||||
|
# (at your option) any later version.
|
||||||
|
#
|
||||||
|
# cdist is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
# GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public License
|
||||||
|
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
#
|
||||||
|
|
||||||
|
# shellcheck source=cdist/conf/type/__uci/files/functions.sh
|
||||||
|
. "${__type:?}/files/functions.sh"
|
||||||
|
|
||||||
|
state_is=$(cat "${__object:?}/explorer/state")
|
||||||
|
state_should=$(cat "${__object:?}/parameter/state")
|
||||||
|
|
||||||
|
config=${__object_id:?}
|
||||||
|
uci_validate_tuple "${config}"
|
||||||
|
|
||||||
|
|
||||||
|
case ${state_should}
|
||||||
|
in
|
||||||
|
(present)
|
||||||
|
if in_list "${state_is}" 'present' 'rearranged'
|
||||||
|
then
|
||||||
|
# NOTE: order is ignored so rearranged is also fine.
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Determine type
|
||||||
|
type=$(cat "${__object:?}/parameter/type" 2>/dev/null || true)
|
||||||
|
case ${type}
|
||||||
|
in
|
||||||
|
(option|list) ;;
|
||||||
|
('')
|
||||||
|
# Guess type by the number of values
|
||||||
|
test "$(wc -l "${__object:?}/parameter/value")" -gt 1 \
|
||||||
|
&& type=list \
|
||||||
|
|| type=option
|
||||||
|
;;
|
||||||
|
(*)
|
||||||
|
printf 'Invalid --type: %s\n' "${type}" >&2
|
||||||
|
exit 1
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
case ${type}
|
||||||
|
in
|
||||||
|
(list)
|
||||||
|
printf 'set_list %s\n' "${config}" >>"${__messages_out:?}"
|
||||||
|
|
||||||
|
if test "${state_is}" != 'absent'
|
||||||
|
then
|
||||||
|
uci_cmd delete "${config}"
|
||||||
|
fi
|
||||||
|
|
||||||
|
while read -r value
|
||||||
|
do
|
||||||
|
uci_cmd add_list "${config}"="${value}"
|
||||||
|
done <"${__object:?}/parameter/value"
|
||||||
|
;;
|
||||||
|
(option)
|
||||||
|
printf 'set %s\n' "${config}" >>"${__messages_out:?}"
|
||||||
|
|
||||||
|
value=$(cat "${__object:?}/parameter/value")
|
||||||
|
uci_cmd set "${config}"="${value}"
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
;;
|
||||||
|
(absent)
|
||||||
|
if in_list "${state_is}" 'absent'
|
||||||
|
then
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
printf 'delete %s\n' "${config}" >>"${__messages_out:?}"
|
||||||
|
uci_cmd delete "${config}"
|
||||||
|
;;
|
||||||
|
(*)
|
||||||
|
printf 'Invalid --state: %s\n' "${state_should}" >&2
|
||||||
|
exit 1
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
if test -s "${__object:?}/files/uci_batch.txt"
|
||||||
|
then
|
||||||
|
cat "${__type:?}/files/uci_apply.sh"
|
||||||
|
printf "uci_apply <<'EOF'\n"
|
||||||
|
cat "${__object:?}/files/uci_batch.txt"
|
||||||
|
printf '\nEOF\n'
|
||||||
|
fi
|
78
cdist/conf/type/__uci/man.rst
Normal file
78
cdist/conf/type/__uci/man.rst
Normal file
|
@ -0,0 +1,78 @@
|
||||||
|
cdist-type__uci(7)
|
||||||
|
==================
|
||||||
|
|
||||||
|
NAME
|
||||||
|
----
|
||||||
|
cdist-type__uci - Manage configuration values in UCI
|
||||||
|
|
||||||
|
|
||||||
|
DESCRIPTION
|
||||||
|
-----------
|
||||||
|
This cdist type can be used to alter configuration options in OpenWrt's
|
||||||
|
Unified Configuration Interface (UCI) system.
|
||||||
|
|
||||||
|
|
||||||
|
REQUIRED PARAMETERS
|
||||||
|
-------------------
|
||||||
|
value
|
||||||
|
The value to be set. Can be used multiple times.
|
||||||
|
This parameter is ignored if ``--state`` is ``absent``.
|
||||||
|
|
||||||
|
Due to the way cdist handles arguments, values **must not** contain newline
|
||||||
|
characters.
|
||||||
|
|
||||||
|
Values do not need special quoting for UCI. The only requirement is that the
|
||||||
|
value is passed to the type as a single shell argument.
|
||||||
|
|
||||||
|
OPTIONAL PARAMETERS
|
||||||
|
-------------------
|
||||||
|
state
|
||||||
|
``present`` or ``absent``, defaults to ``present``.
|
||||||
|
type
|
||||||
|
If the type should generate an option or a list.
|
||||||
|
One of: ``option`` or ``list``.
|
||||||
|
Defaults to auto-detect based on the number of ``--value`` parameters.
|
||||||
|
|
||||||
|
|
||||||
|
BOOLEAN PARAMETERS
|
||||||
|
------------------
|
||||||
|
None.
|
||||||
|
|
||||||
|
|
||||||
|
EXAMPLES
|
||||||
|
--------
|
||||||
|
|
||||||
|
.. code-block:: sh
|
||||||
|
|
||||||
|
# Set the system hostname
|
||||||
|
__uci system.@system[0].hostname --value 'OpenWrt'
|
||||||
|
|
||||||
|
# Set DHCP option 252: tell DHCP clients to not ask for proxy information.
|
||||||
|
__uci dhcp.lan.dhcp_option --type list --value '252,"\n"'
|
||||||
|
|
||||||
|
# Enable NTP and NTPd (each is applied individually)
|
||||||
|
__uci system.ntp.enabled --value 1
|
||||||
|
__uci system.ntp.enable_server --value 1
|
||||||
|
__uci system.ntp.server --type list \
|
||||||
|
--value '0.openwrt.pool.ntp.org' \
|
||||||
|
--value '1.openwrt.pool.ntp.org' \
|
||||||
|
--value '2.openwrt.pool.ntp.org' \
|
||||||
|
--value '3.openwrt.pool.ntp.org'
|
||||||
|
|
||||||
|
|
||||||
|
SEE ALSO
|
||||||
|
--------
|
||||||
|
- https://openwrt.org/docs/guide-user/base-system/uci
|
||||||
|
|
||||||
|
|
||||||
|
AUTHORS
|
||||||
|
-------
|
||||||
|
Dennis Camera <dennis.camera@ssrq-sds-fds.ch>
|
||||||
|
|
||||||
|
|
||||||
|
COPYING
|
||||||
|
-------
|
||||||
|
Copyright \(C) 2020 Dennis Camera. You can redistribute it
|
||||||
|
and/or modify it under the terms of the GNU General Public License as
|
||||||
|
published by the Free Software Foundation, either version 3 of the
|
||||||
|
License, or (at your option) any later version.
|
51
cdist/conf/type/__uci/manifest
Executable file
51
cdist/conf/type/__uci/manifest
Executable file
|
@ -0,0 +1,51 @@
|
||||||
|
#!/bin/sh -e
|
||||||
|
#
|
||||||
|
# 2020 Dennis Camera (dennis.camera@ssrq-sds-fds.ch)
|
||||||
|
#
|
||||||
|
# This file is part of cdist.
|
||||||
|
#
|
||||||
|
# cdist is free software: you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU General Public License as published by
|
||||||
|
# the Free Software Foundation, either version 3 of the License, or
|
||||||
|
# (at your option) any later version.
|
||||||
|
#
|
||||||
|
# cdist is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
# GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public License
|
||||||
|
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
#
|
||||||
|
|
||||||
|
os=$(cat "${__global:?}/explorer/os")
|
||||||
|
|
||||||
|
state_should=$(cat "${__object:?}/parameter/state")
|
||||||
|
|
||||||
|
case ${os}
|
||||||
|
in
|
||||||
|
(openwrt)
|
||||||
|
# okay
|
||||||
|
;;
|
||||||
|
(*)
|
||||||
|
printf "Your operating system (%s) is currently not supported by this type (%s)\n" "${os}" "${__type##*/}" >&2
|
||||||
|
printf "Please contribute an implementation for it if you can.\n" >&2
|
||||||
|
exit 1
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
case ${state_should}
|
||||||
|
in
|
||||||
|
(present)
|
||||||
|
test -s "${__object:?}/parameter/value" || {
|
||||||
|
echo 'The parameter --value is required.' >&2
|
||||||
|
exit 1
|
||||||
|
}
|
||||||
|
;;
|
||||||
|
(absent)
|
||||||
|
;;
|
||||||
|
(*)
|
||||||
|
printf 'Invalid --state: %s\n' "${state_should}" >&2
|
||||||
|
exit 1
|
||||||
|
;;
|
||||||
|
esac
|
0
cdist/conf/type/__uci/nonparallel
Normal file
0
cdist/conf/type/__uci/nonparallel
Normal file
1
cdist/conf/type/__uci/parameter/default/state
Normal file
1
cdist/conf/type/__uci/parameter/default/state
Normal file
|
@ -0,0 +1 @@
|
||||||
|
present
|
2
cdist/conf/type/__uci/parameter/optional
Normal file
2
cdist/conf/type/__uci/parameter/optional
Normal file
|
@ -0,0 +1,2 @@
|
||||||
|
state
|
||||||
|
type
|
1
cdist/conf/type/__uci/parameter/optional_multiple
Normal file
1
cdist/conf/type/__uci/parameter/optional_multiple
Normal file
|
@ -0,0 +1 @@
|
||||||
|
value
|
103
cdist/conf/type/__uci_section/explorer/match
Normal file
103
cdist/conf/type/__uci_section/explorer/match
Normal file
|
@ -0,0 +1,103 @@
|
||||||
|
#!/bin/sh -e
|
||||||
|
#
|
||||||
|
# 2020 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
|
||||||
|
#
|
||||||
|
# This file is part of cdist.
|
||||||
|
#
|
||||||
|
# cdist is free software: you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU General Public License as published by
|
||||||
|
# the Free Software Foundation, either version 3 of the License, or
|
||||||
|
# (at your option) any later version.
|
||||||
|
#
|
||||||
|
# cdist is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
# GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public License
|
||||||
|
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
#
|
||||||
|
# This explorer determines the "prefix" of the --type section matching --match
|
||||||
|
# if set, or __object_id otherwise.
|
||||||
|
|
||||||
|
RS=$(printf '\036')
|
||||||
|
NL=$(printf '\n '); NL=${NL% }
|
||||||
|
|
||||||
|
squote_values() {
|
||||||
|
sed -e '/=".*"$/{s/="/='\''/;s/"$/'\''/}' \
|
||||||
|
-e "/='.*'$/"'!{s/=/='\''/;s/$/'\''/}'
|
||||||
|
}
|
||||||
|
count_lines() (
|
||||||
|
IFS=${NL?}
|
||||||
|
# shellcheck disable=SC2048,SC2086
|
||||||
|
set -f -- $*; echo $#
|
||||||
|
)
|
||||||
|
|
||||||
|
echo "${__object_id:?}" | grep -q -e '^[^.]\{1,\}\.[^.]\{1,\}$' || {
|
||||||
|
echo 'Section identifiers are a package and section name separated by a "." (period).' >&2
|
||||||
|
exit 1
|
||||||
|
}
|
||||||
|
|
||||||
|
test -s "${__object:?}/parameter/match" || {
|
||||||
|
# If no --match is given, we take the __object_id as the section identifier.
|
||||||
|
echo "${__object_id:?}"
|
||||||
|
exit 0
|
||||||
|
}
|
||||||
|
test -s "${__object:?}/parameter/type" || {
|
||||||
|
echo 'Parameters --match and --type must be used together.' >&2
|
||||||
|
exit 1
|
||||||
|
}
|
||||||
|
|
||||||
|
sect_type_param=$(cat "${__object:?}/parameter/type")
|
||||||
|
expr "${sect_type_param}" : '[^.]\{1,\}\.[^.]\{1,\}$' >/dev/null 2>&1 || {
|
||||||
|
echo 'Section types are a package name and section type separated by a "." (period).' >&2
|
||||||
|
exit 1
|
||||||
|
}
|
||||||
|
package_filter=${sect_type_param%%.*}
|
||||||
|
section_filter=${sect_type_param#*.}
|
||||||
|
|
||||||
|
# Find by --match
|
||||||
|
# NOTE: Apart from section types all values are printed in single quotes by uci show.
|
||||||
|
match=$(head -n 1 "${__object:?}/parameter/match" | squote_values)
|
||||||
|
|
||||||
|
if uci -s -N get "${__object_id:?}" >/dev/null 2>&1
|
||||||
|
then
|
||||||
|
# Named section exists: ensure if --match applies to it
|
||||||
|
# if the "matched" option does not exist (e.g. empty section) we use the
|
||||||
|
# section unconditionally.
|
||||||
|
if match_value_is=$(uci -s -N get "${__object_id:?}.${match%%=*}" 2>/dev/null)
|
||||||
|
then
|
||||||
|
match_value_should=$(expr "${match}" : ".*='\\(.*\\)'$")
|
||||||
|
|
||||||
|
test "${match_value_is}" = "${match_value_should}" || {
|
||||||
|
printf 'Named section "%s" does not match --match "%s"\n' \
|
||||||
|
"${__object_id:?}" "${match}" >&2
|
||||||
|
exit 1
|
||||||
|
}
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "${__object_id:?}"
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
# No correctly named section exists already: find one to which --match applies
|
||||||
|
regex="^${package_filter}\\.@${section_filter}\\[[0-9]\\{1,\\}\\]\\.${match%%=*}="
|
||||||
|
|
||||||
|
matched_sections=$(
|
||||||
|
uci -s -N -d "${RS}" show "${package_filter}" 2>/dev/null \
|
||||||
|
| grep -e "${regex}" \
|
||||||
|
| while read -r _line
|
||||||
|
do
|
||||||
|
if test "${_line#*=}" = "${match#*=}"
|
||||||
|
then
|
||||||
|
echo "${_line}"
|
||||||
|
fi
|
||||||
|
done \
|
||||||
|
| sed -e 's/\.[^.]*=.*$//')
|
||||||
|
|
||||||
|
test "$(count_lines "${matched_sections}")" -le 1 || {
|
||||||
|
printf 'Found multiple matching sections:\n%s\n' "${matched_sections}" >&2
|
||||||
|
exit 1
|
||||||
|
}
|
||||||
|
|
||||||
|
echo "${matched_sections}"
|
48
cdist/conf/type/__uci_section/explorer/options
Normal file
48
cdist/conf/type/__uci_section/explorer/options
Normal file
|
@ -0,0 +1,48 @@
|
||||||
|
#!/bin/sh -e
|
||||||
|
#
|
||||||
|
# 2020 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
|
||||||
|
#
|
||||||
|
# This file is part of cdist.
|
||||||
|
#
|
||||||
|
# cdist is free software: you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU General Public License as published by
|
||||||
|
# the Free Software Foundation, either version 3 of the License, or
|
||||||
|
# (at your option) any later version.
|
||||||
|
#
|
||||||
|
# cdist is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
# GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public License
|
||||||
|
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
#
|
||||||
|
# This explorer retrieves the current options of the configuration section.
|
||||||
|
|
||||||
|
RS=$(printf '\036')
|
||||||
|
|
||||||
|
section=$("${__type_explorer:?}/match")
|
||||||
|
test -n "${section}" || exit 0
|
||||||
|
|
||||||
|
uci -s -N -d "${RS}" show "${section}" 2>/dev/null \
|
||||||
|
| awk -v VSEP="${RS}" '
|
||||||
|
{
|
||||||
|
# Strip off the config and section parts
|
||||||
|
is_opt = sub(/^([^.]*\.){2}/, "")
|
||||||
|
|
||||||
|
if (!is_opt) {
|
||||||
|
# this line represents the section -> skip
|
||||||
|
next
|
||||||
|
}
|
||||||
|
|
||||||
|
if (index($0, VSEP)) {
|
||||||
|
# Put values each on a line, like --option and --list parameters
|
||||||
|
opt = substr($0, 1, index($0, "=") - 1)
|
||||||
|
split(substr($0, length(opt) + 2), values, VSEP)
|
||||||
|
for (i in values) {
|
||||||
|
printf "%s=%s\n", opt, values[i]
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
print
|
||||||
|
}
|
||||||
|
}'
|
25
cdist/conf/type/__uci_section/explorer/type
Normal file
25
cdist/conf/type/__uci_section/explorer/type
Normal file
|
@ -0,0 +1,25 @@
|
||||||
|
#!/bin/sh -e
|
||||||
|
#
|
||||||
|
# 2020 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
|
||||||
|
#
|
||||||
|
# This file is part of cdist.
|
||||||
|
#
|
||||||
|
# cdist is free software: you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU General Public License as published by
|
||||||
|
# the Free Software Foundation, either version 3 of the License, or
|
||||||
|
# (at your option) any later version.
|
||||||
|
#
|
||||||
|
# cdist is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
# GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public License
|
||||||
|
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
#
|
||||||
|
# This explorer retrieves the current section type.
|
||||||
|
|
||||||
|
section=$("${__type_explorer:?}/match")
|
||||||
|
test -n "${section}" || exit 0
|
||||||
|
|
||||||
|
uci -s -N get "${section}" 2>/dev/null || true
|
59
cdist/conf/type/__uci_section/files/functions.sh
Normal file
59
cdist/conf/type/__uci_section/files/functions.sh
Normal file
|
@ -0,0 +1,59 @@
|
||||||
|
# -*- mode: sh; indent-tabs-mode: t -*-
|
||||||
|
|
||||||
|
NL=$(printf '\n '); NL=${NL% }
|
||||||
|
|
||||||
|
grep_line() {
|
||||||
|
{ shift; printf '%s\n' "$@"; } | grep -qxF "$1"
|
||||||
|
}
|
||||||
|
|
||||||
|
print_errors() {
|
||||||
|
awk -v prefix="${1:-Found errors:}" -v suffix="${2-}" '
|
||||||
|
BEGIN {
|
||||||
|
if (getline) {
|
||||||
|
print prefix
|
||||||
|
print
|
||||||
|
rc = 1
|
||||||
|
}
|
||||||
|
}
|
||||||
|
{ print }
|
||||||
|
END {
|
||||||
|
if (rc && suffix) print suffix
|
||||||
|
exit rc
|
||||||
|
}' >&2
|
||||||
|
}
|
||||||
|
|
||||||
|
quote() {
|
||||||
|
for _arg
|
||||||
|
do
|
||||||
|
shift
|
||||||
|
if test -n "$(printf %s "${_arg}" | tr -d -c '\t\n \042-\047\050-\052\073-\077\133\\`|~' | tr -c '' '.')"
|
||||||
|
then
|
||||||
|
# needs quoting
|
||||||
|
set -- "$@" "$(printf "'%s'" "$(printf %s "${_arg}" | sed -e "s/'/'\\\\''/g")")"
|
||||||
|
else
|
||||||
|
set -- "$@" "${_arg}"
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
unset _arg
|
||||||
|
printf '%s' "$*"
|
||||||
|
}
|
||||||
|
|
||||||
|
uci_cmd() {
|
||||||
|
# Usage: uci_cmd [UCI ARGUMENTS]...
|
||||||
|
mkdir -p "${__object:?}/files"
|
||||||
|
printf '%s\n' "$(quote "$@")" >>"${__object:?}/files/uci_batch.txt"
|
||||||
|
}
|
||||||
|
|
||||||
|
uci_validate_name() {
|
||||||
|
# like util.c uci_validate_name()
|
||||||
|
test -n "$*" && test -z "$(printf %s "$*" | tr -d '[:alnum:]_' | tr -c '' .)"
|
||||||
|
}
|
||||||
|
|
||||||
|
unquote_lines() {
|
||||||
|
sed -e '/^".*"$/{s/^"//;s/"$//}' \
|
||||||
|
-e '/'"^'.*'"'$/{s/'"^'"'//;s/'"'$"'//}'
|
||||||
|
}
|
||||||
|
|
||||||
|
validate_options() {
|
||||||
|
grep -shv -e '^[[:alnum:]_]\{1,\}=' "$@"
|
||||||
|
}
|
91
cdist/conf/type/__uci_section/files/option_state.awk
Normal file
91
cdist/conf/type/__uci_section/files/option_state.awk
Normal file
|
@ -0,0 +1,91 @@
|
||||||
|
# -*- mode: awk; indent-tabs-mode:t -*-
|
||||||
|
# Usage: awk -f option_state.awk option_type option_name
|
||||||
|
# e.g. awk -f option_state.awk option title
|
||||||
|
# awk -f option_state.awk list entry
|
||||||
|
|
||||||
|
function unquote(s) {
|
||||||
|
# simplified dequoting of single quoted strings
|
||||||
|
if (s ~ /^'.*'$/) {
|
||||||
|
s = substr(s, 2, length(s) - 2)
|
||||||
|
sub(/'\\''/, "'", s)
|
||||||
|
}
|
||||||
|
return s
|
||||||
|
}
|
||||||
|
|
||||||
|
function valueof(line) {
|
||||||
|
if (line !~ /^[[:alpha:]_]+=/) return 0
|
||||||
|
return unquote(substr(line, index(line, "=") + 1))
|
||||||
|
}
|
||||||
|
|
||||||
|
BEGIN {
|
||||||
|
__object = ENVIRON["__object"]
|
||||||
|
if (!__object) exit 1
|
||||||
|
|
||||||
|
opttype = ARGV[1]
|
||||||
|
optname = ARGV[2]
|
||||||
|
|
||||||
|
if (opttype !~ /^(option|list)/ || !optname) {
|
||||||
|
print "invalid"
|
||||||
|
exit (e=1)
|
||||||
|
}
|
||||||
|
|
||||||
|
ARGV[1] = __object "/parameter/" opttype
|
||||||
|
ARGV[2] = __object "/explorer/options"
|
||||||
|
|
||||||
|
state = "present"
|
||||||
|
}
|
||||||
|
|
||||||
|
NR == FNR {
|
||||||
|
# memoize "should" state
|
||||||
|
if (index($0, optname "=") == 1) {
|
||||||
|
should[++should_count] = valueof($0)
|
||||||
|
}
|
||||||
|
|
||||||
|
# go to next line (important!)
|
||||||
|
next
|
||||||
|
}
|
||||||
|
|
||||||
|
{
|
||||||
|
# compare "is" state
|
||||||
|
if (index($0, optname "=") != 1)
|
||||||
|
next
|
||||||
|
++is_count
|
||||||
|
|
||||||
|
v = valueof($0)
|
||||||
|
|
||||||
|
if (v == should[is_count]) {
|
||||||
|
# looks good, but can't say definitely just from this line
|
||||||
|
} else if (is_count > should_count) {
|
||||||
|
# there are more "is" records than "should" -> definitely different
|
||||||
|
state = "different"
|
||||||
|
exit
|
||||||
|
} else {
|
||||||
|
# see if we can find the "is" value somewhere in "should"
|
||||||
|
for (i in should) {
|
||||||
|
if (v == should[i]) {
|
||||||
|
# value found -> could be rearranged
|
||||||
|
# FIXME: Duplicate values are not properly handled here. Do they matter?
|
||||||
|
state = "rearranged"
|
||||||
|
next
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
# "is" value could not be found in "should" -> definitely different
|
||||||
|
state = "different"
|
||||||
|
exit
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
END {
|
||||||
|
if (e) exit
|
||||||
|
|
||||||
|
if (!is_count) {
|
||||||
|
# no "is" values -> absent
|
||||||
|
state = "absent"
|
||||||
|
} else if (is_count < should_count) {
|
||||||
|
# "is" was shorter than "should" -> different
|
||||||
|
state = "different"
|
||||||
|
}
|
||||||
|
|
||||||
|
print state
|
||||||
|
}
|
1
cdist/conf/type/__uci_section/files/uci_apply.sh
Symbolic link
1
cdist/conf/type/__uci_section/files/uci_apply.sh
Symbolic link
|
@ -0,0 +1 @@
|
||||||
|
../../__uci/files/uci_apply.sh
|
174
cdist/conf/type/__uci_section/gencode-remote
Executable file
174
cdist/conf/type/__uci_section/gencode-remote
Executable file
|
@ -0,0 +1,174 @@
|
||||||
|
#!/bin/sh -e
|
||||||
|
#
|
||||||
|
# 2020 Dennis Camera (dennis.camera@ssrq-sds-fds.ch)
|
||||||
|
#
|
||||||
|
# This file is part of cdist.
|
||||||
|
#
|
||||||
|
# cdist is free software: you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU General Public License as published by
|
||||||
|
# the Free Software Foundation, either version 3 of the License, or
|
||||||
|
# (at your option) any later version.
|
||||||
|
#
|
||||||
|
# cdist is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
# GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public License
|
||||||
|
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
#
|
||||||
|
|
||||||
|
# shellcheck source=cdist/conf/type/__uci_section/files/functions.sh
|
||||||
|
. "${__type:?}/files/functions.sh"
|
||||||
|
|
||||||
|
|
||||||
|
section=$(cat "${__object:?}/explorer/match")
|
||||||
|
|
||||||
|
state_is=$(test -s "${__object:?}/explorer/type" && echo present || echo absent)
|
||||||
|
state_should=$(cat "${__object:?}/parameter/state")
|
||||||
|
|
||||||
|
case $state_should
|
||||||
|
in
|
||||||
|
(present)
|
||||||
|
test -f "${__object:?}/parameter/type" || {
|
||||||
|
echo 'Parameter --type is required.' >&2
|
||||||
|
exit 1
|
||||||
|
}
|
||||||
|
|
||||||
|
type_is=$(cat "${__object:?}/explorer/type")
|
||||||
|
type_should=$(cat "${__object:?}/parameter/type")
|
||||||
|
|
||||||
|
if test -n "${type_is}"
|
||||||
|
then
|
||||||
|
sect_type=${type_is}
|
||||||
|
else
|
||||||
|
sect_type=${type_should##*.}
|
||||||
|
fi
|
||||||
|
|
||||||
|
if test -z "${section}"
|
||||||
|
then
|
||||||
|
# No section exists and --match was used.
|
||||||
|
# So we generate a new section identifier from $__object_id.
|
||||||
|
case ${__object_id:?}
|
||||||
|
in
|
||||||
|
(*.*) section=${__object_id:?} ;;
|
||||||
|
(*) section="${type_should%%.*}.${__object_id:?}" ;;
|
||||||
|
esac
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Collect option names
|
||||||
|
if test -f "${__object:?}/parameter/list"
|
||||||
|
then
|
||||||
|
listnames_should=$(
|
||||||
|
sed -e 's/=.*$//' "${__object:?}/parameter/list" | sort -u)
|
||||||
|
fi
|
||||||
|
|
||||||
|
if test -f "${__object:?}/parameter/option"
|
||||||
|
then
|
||||||
|
optnames_should=$(
|
||||||
|
sed -e 's/=.*$//' "${__object:?}/parameter/option" | sort -u)
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Make sure the section itself is present
|
||||||
|
if test "${state_is}" = absent \
|
||||||
|
|| test "${type_is}" != "${type_should#*.}"
|
||||||
|
then
|
||||||
|
printf 'set %s\n' "${section}" >>"${__messages_out:?}"
|
||||||
|
# shellcheck disable=SC2140
|
||||||
|
uci_cmd set "${section}"="${sect_type}"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Delete options/lists not in "should"
|
||||||
|
sed -e 's/=.*$//' "${__object:?}/explorer/options" \
|
||||||
|
| while read -r _optname
|
||||||
|
do
|
||||||
|
grep_line "${_optname}" "${listnames_should}" "${optnames_should}" || {
|
||||||
|
printf 'delete %s\n' "${section}.${_optname}" >>"${__messages_out:?}"
|
||||||
|
uci_cmd delete "${section}.${_optname}"
|
||||||
|
} </dev/null
|
||||||
|
done
|
||||||
|
|
||||||
|
opt_proc_error() {
|
||||||
|
printf 'An error occurred during processing of option %s\n' "${1:?}" >&2
|
||||||
|
exit 1
|
||||||
|
}
|
||||||
|
|
||||||
|
# Set "should" options
|
||||||
|
echo "${optnames_should}" \
|
||||||
|
| grep -e . \
|
||||||
|
| while read -r _optname
|
||||||
|
do
|
||||||
|
_opt_state=$(awk -f "${__type:?}/files/option_state.awk" option "${_optname}") \
|
||||||
|
|| opt_proc_error "${_optname}"
|
||||||
|
case ${_opt_state}
|
||||||
|
in
|
||||||
|
(invalid)
|
||||||
|
opt_proc_error "${_optname}"
|
||||||
|
;;
|
||||||
|
(present)
|
||||||
|
;;
|
||||||
|
(*)
|
||||||
|
printf 'set %s\n' "${section}.${_optname}" >>"${__messages_out:?}"
|
||||||
|
|
||||||
|
# shellcheck disable=SC2140
|
||||||
|
uci_cmd set "${section}.${_optname}"="$(
|
||||||
|
grep -e "^${_optname}=" "${__object:?}/parameter/option" \
|
||||||
|
| sed -e 's/^.*=//' \
|
||||||
|
| unquote_lines \
|
||||||
|
| head -n 1)"
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
done
|
||||||
|
|
||||||
|
echo "${listnames_should}" \
|
||||||
|
| grep -e . \
|
||||||
|
| while read -r _optname
|
||||||
|
do
|
||||||
|
_list_state=$(awk -f "${__type:?}/files/option_state.awk" list "${_optname}") \
|
||||||
|
|| opt_proc_error "${_optname}"
|
||||||
|
case ${_list_state}
|
||||||
|
in
|
||||||
|
(invalid)
|
||||||
|
opt_proc_error "${_optname}"
|
||||||
|
;;
|
||||||
|
(present)
|
||||||
|
;;
|
||||||
|
(*)
|
||||||
|
printf 'set_list %s\n' "${section}.${_optname}" >>"${__messages_out:?}"
|
||||||
|
|
||||||
|
if test "${_list_state}" != absent
|
||||||
|
then
|
||||||
|
uci_cmd delete "${section}.${_optname}"
|
||||||
|
fi
|
||||||
|
|
||||||
|
grep "^${_optname}=" "${__object:?}/parameter/list" \
|
||||||
|
| sed -e 's/^.*=//' \
|
||||||
|
| unquote_lines \
|
||||||
|
| while read -r _value
|
||||||
|
do
|
||||||
|
# shellcheck disable=SC2140
|
||||||
|
uci_cmd add_list "${section}.${_optname}"="${_value}"
|
||||||
|
done
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
done
|
||||||
|
;;
|
||||||
|
(absent)
|
||||||
|
if test "${state_is}" = absent
|
||||||
|
then
|
||||||
|
# if explorer found no section there is nothing to delete
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
printf 'delete %s\n' "${section}" >>"${__messages_out:?}"
|
||||||
|
uci_cmd delete "${section}"
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
if test -s "${__object:?}/files/uci_batch.txt"
|
||||||
|
then
|
||||||
|
cat "${__type:?}/files/uci_apply.sh"
|
||||||
|
printf "uci_apply <<'EOF'\n"
|
||||||
|
cat "${__object:?}/files/uci_batch.txt"
|
||||||
|
printf '\nEOF\n'
|
||||||
|
fi
|
119
cdist/conf/type/__uci_section/man.rst
Normal file
119
cdist/conf/type/__uci_section/man.rst
Normal file
|
@ -0,0 +1,119 @@
|
||||||
|
cdist-type__uci_section(7)
|
||||||
|
==========================
|
||||||
|
|
||||||
|
NAME
|
||||||
|
----
|
||||||
|
cdist-type__uci_section - Manage configuration sections in UCI
|
||||||
|
|
||||||
|
|
||||||
|
DESCRIPTION
|
||||||
|
-----------
|
||||||
|
This cdist type can be used to replace whole configuration sections in OpenWrt's
|
||||||
|
Unified Configuration Interface (UCI) system.
|
||||||
|
It can be thought of as syntactic sugar for :strong:`cdist-type__uci`\ (7),
|
||||||
|
as this type will generate the required `__uci` objects to make the section
|
||||||
|
contain exactly the options specified using ``--option``.
|
||||||
|
|
||||||
|
Since many default UCI sections are unnamed, this type allows to find the
|
||||||
|
matching section by one of its options using the ``--match`` parameter.
|
||||||
|
|
||||||
|
**NOTE:** Options already present on the target and not listed in ``--option``
|
||||||
|
or ``--list`` will be deleted.
|
||||||
|
|
||||||
|
|
||||||
|
REQUIRED PARAMETERS
|
||||||
|
-------------------
|
||||||
|
None.
|
||||||
|
|
||||||
|
|
||||||
|
OPTIONAL PARAMETERS
|
||||||
|
-------------------
|
||||||
|
list
|
||||||
|
An option that is part of a list and should be present in the section (as
|
||||||
|
part of a list). Lists with multiple options can be expressed by using the
|
||||||
|
same ``<option>`` repeatedly.
|
||||||
|
|
||||||
|
The value to this parameter is a ``<option>=<value>`` string.
|
||||||
|
|
||||||
|
``<value>`` does not need special quoting for UCI.
|
||||||
|
The only requirement is that the value is passed to the type as a single
|
||||||
|
shell argument.
|
||||||
|
match
|
||||||
|
Allows to find a section to "replace" through one of its parameters.
|
||||||
|
|
||||||
|
The value to this parameter is a ``<option>=<value>`` string.
|
||||||
|
option
|
||||||
|
An option that should be present in the section.
|
||||||
|
This parameter can be used multiple times to specify multiple options.
|
||||||
|
|
||||||
|
The value to this parameter is a ``<option>=<value>`` string.
|
||||||
|
|
||||||
|
``<value>`` does not need special quoting for UCI.
|
||||||
|
The only requirement is that the value is passed to the type as a single
|
||||||
|
shell argument.
|
||||||
|
state
|
||||||
|
``present`` or ``absent``, defaults to ``present``.
|
||||||
|
type
|
||||||
|
The type of the section in the format: ``<config>.<section-type>``
|
||||||
|
|
||||||
|
|
||||||
|
BOOLEAN PARAMETERS
|
||||||
|
------------------
|
||||||
|
None.
|
||||||
|
|
||||||
|
|
||||||
|
EXAMPLES
|
||||||
|
--------
|
||||||
|
|
||||||
|
.. code-block:: sh
|
||||||
|
|
||||||
|
# Configure the dropbear daemon
|
||||||
|
__uci_section dropbear --type dropbear.dropbear \
|
||||||
|
--match Port=22 --option Port=22 \
|
||||||
|
--option PasswordAuth=off \
|
||||||
|
--option RootPasswordAuth=off
|
||||||
|
|
||||||
|
# Define a firewall zone comprised of lan and wlan networks
|
||||||
|
__uci_section firewall.internal --type firewall.zone \
|
||||||
|
--option name='internal' \
|
||||||
|
--list network='lan' \
|
||||||
|
--list network='wlan' \
|
||||||
|
--option input='ACCEPT' \
|
||||||
|
--option output='ACCEPT' \
|
||||||
|
--option forward='ACCEPT'
|
||||||
|
|
||||||
|
# Block SSH access from the guest network
|
||||||
|
__uci_section firewall.block_ssh_from_guest --type firewall.rule \
|
||||||
|
--option name='Block-SSH-Access-from-Guest' \
|
||||||
|
--option src='guest' \
|
||||||
|
--option proto='tcp' \
|
||||||
|
--option dest_port='22' \
|
||||||
|
--option target='REJECT'
|
||||||
|
|
||||||
|
# Configure a Wi-Fi access point
|
||||||
|
__uci_section wireless.default_radio0 --type wireless.wifi-iface \
|
||||||
|
--option device='radio0' \
|
||||||
|
--option mode='ap' \
|
||||||
|
--option network='wlan' \
|
||||||
|
--option ssid='mywifi' \
|
||||||
|
--option encryption="psk2' \
|
||||||
|
--option key='hunter2'
|
||||||
|
|
||||||
|
|
||||||
|
SEE ALSO
|
||||||
|
--------
|
||||||
|
- https://openwrt.org/docs/guide-user/base-system/uci
|
||||||
|
- :strong:`cdist-type__uci`\ (7)
|
||||||
|
|
||||||
|
|
||||||
|
AUTHORS
|
||||||
|
-------
|
||||||
|
Dennis Camera <dennis.camera@ssrq-sds-fds.ch>
|
||||||
|
|
||||||
|
|
||||||
|
COPYING
|
||||||
|
-------
|
||||||
|
Copyright \(C) 2020 Dennis Camera. You can redistribute it
|
||||||
|
and/or modify it under the terms of the GNU General Public License as
|
||||||
|
published by the Free Software Foundation, either version 3 of the
|
||||||
|
License, or (at your option) any later version.
|
88
cdist/conf/type/__uci_section/manifest
Executable file
88
cdist/conf/type/__uci_section/manifest
Executable file
|
@ -0,0 +1,88 @@
|
||||||
|
#!/bin/sh -e
|
||||||
|
#
|
||||||
|
# 2020 Dennis Camera (dennis.camera@ssrq-sds-fds.ch)
|
||||||
|
#
|
||||||
|
# This file is part of cdist.
|
||||||
|
#
|
||||||
|
# cdist is free software: you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU General Public License as published by
|
||||||
|
# the Free Software Foundation, either version 3 of the License, or
|
||||||
|
# (at your option) any later version.
|
||||||
|
#
|
||||||
|
# cdist is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
# GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public License
|
||||||
|
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
#
|
||||||
|
|
||||||
|
# shellcheck source=cdist/conf/type/__uci_section/files/functions.sh
|
||||||
|
. "${__type:?}/files/functions.sh"
|
||||||
|
|
||||||
|
|
||||||
|
## Check section name and error if invalid!
|
||||||
|
case ${__object_id:?}
|
||||||
|
in
|
||||||
|
(*.*)
|
||||||
|
uci_validate_name "${__object_id%%.*}" || {
|
||||||
|
printf 'Invalid package name: %s\n' "${__object_id%%.*}" >&2
|
||||||
|
exit 1
|
||||||
|
}
|
||||||
|
uci_validate_name "${__object_id#*.}" || {
|
||||||
|
printf 'Invalid section name: %s\n' "${__object_id#*.}" >&2
|
||||||
|
exit 1
|
||||||
|
}
|
||||||
|
;;
|
||||||
|
(*)
|
||||||
|
uci_validate_name "${__object_id:?}" || {
|
||||||
|
printf 'Invalid section name: %s\n' "${__object_id:?}" >&2
|
||||||
|
exit 1
|
||||||
|
}
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
state_should=$(cat "${__object:?}/parameter/state")
|
||||||
|
|
||||||
|
case $state_should
|
||||||
|
in
|
||||||
|
(present)
|
||||||
|
test -f "${__object:?}/parameter/type" || {
|
||||||
|
echo 'Parameter --type is required.' >&2
|
||||||
|
exit 1
|
||||||
|
}
|
||||||
|
type_is=$(cat "${__object:?}/explorer/type")
|
||||||
|
type_should=$(cat "${__object:?}/parameter/type")
|
||||||
|
|
||||||
|
if test -n "${type_is}" && test "${type_is}" != "${type_should##*.}"
|
||||||
|
then
|
||||||
|
# Check if section type matches (section exists and --type provided)
|
||||||
|
printf 'Section type "%s" does not match --type "%s".\n' \
|
||||||
|
"${type_is}" "${type_should}" >&2
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Check options for syntax errors
|
||||||
|
validate_options "${__object:?}/parameter/list" "${__object:?}/parameter/object" \
|
||||||
|
| print_errors 'Found erroneous options in arguments:'
|
||||||
|
|
||||||
|
# Check for duplicate option names
|
||||||
|
if test -s "${__object:?}/parameter/option"
|
||||||
|
then
|
||||||
|
sed -e 's/=.*$//' "${__object:?}/parameter/option" \
|
||||||
|
| sort \
|
||||||
|
| uniq -d \
|
||||||
|
| print_errors \
|
||||||
|
'Found duplicate --options:' \
|
||||||
|
"$(printf '\nUse --list for lists, instead.')"
|
||||||
|
fi
|
||||||
|
;;
|
||||||
|
(absent)
|
||||||
|
:
|
||||||
|
;;
|
||||||
|
(*)
|
||||||
|
printf 'Invalid --state: %s\n' "${state_should}" >&2
|
||||||
|
exit 1
|
||||||
|
;;
|
||||||
|
esac
|
0
cdist/conf/type/__uci_section/nonparallel
Normal file
0
cdist/conf/type/__uci_section/nonparallel
Normal file
1
cdist/conf/type/__uci_section/parameter/default/state
Normal file
1
cdist/conf/type/__uci_section/parameter/default/state
Normal file
|
@ -0,0 +1 @@
|
||||||
|
present
|
|
@ -0,0 +1 @@
|
||||||
|
default
|
4
cdist/conf/type/__uci_section/parameter/optional
Normal file
4
cdist/conf/type/__uci_section/parameter/optional
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
match
|
||||||
|
state
|
||||||
|
transaction
|
||||||
|
type
|
|
@ -0,0 +1,2 @@
|
||||||
|
list
|
||||||
|
option
|
|
@ -120,17 +120,18 @@ class Emulator:
|
||||||
level = logging.WARNING
|
level = logging.WARNING
|
||||||
else:
|
else:
|
||||||
level = logging.WARNING
|
level = logging.WARNING
|
||||||
|
self.log = logging.getLogger(self.target_host[0])
|
||||||
try:
|
try:
|
||||||
logging.root.setLevel(level)
|
logging.root.setLevel(level)
|
||||||
|
self.log.setLevel(level)
|
||||||
except (ValueError, TypeError):
|
except (ValueError, TypeError):
|
||||||
# if invalid __cdist_log_level value
|
# if invalid __cdist_log_level value
|
||||||
logging.root.setLevel(logging.WARNING)
|
logging.root.setLevel(logging.WARNING)
|
||||||
|
self.log.setLevel(logging.WARNING)
|
||||||
|
|
||||||
colored_log = self.env.get('__cdist_colored_log', 'false')
|
colored_log = self.env.get('__cdist_colored_log', 'false')
|
||||||
cdist.log.CdistFormatter.USE_COLORS = colored_log == 'true'
|
cdist.log.CdistFormatter.USE_COLORS = colored_log == 'true'
|
||||||
|
|
||||||
self.log = logging.getLogger(self.target_host[0])
|
|
||||||
|
|
||||||
def commandline(self):
|
def commandline(self):
|
||||||
"""Parse command line"""
|
"""Parse command line"""
|
||||||
|
|
||||||
|
|
|
@ -54,13 +54,12 @@ _mydir = os.path.dirname(__file__)
|
||||||
def find_cdist_exec():
|
def find_cdist_exec():
|
||||||
"""Search cdist executable starting from local lib directory.
|
"""Search cdist executable starting from local lib directory.
|
||||||
|
|
||||||
Detect if ../scripts/cdist (from local lib direcotry) exists and
|
Detect if ../bin/cdist (from local lib directory) exists and
|
||||||
if it is executable. If not then try to find cdist exec path in
|
if it is executable. If not then try to find cdist exec path in
|
||||||
os.get_exec_path() entries. If no cdist path is found rasie
|
os.get_exec_path() entries. If no cdist path is found rasie
|
||||||
cdist.Error.
|
cdist.Error.
|
||||||
"""
|
"""
|
||||||
cdist_path = os.path.abspath(os.path.join(_mydir, '..', 'scripts',
|
cdist_path = os.path.abspath(os.path.join(_mydir, '..', 'bin', 'cdist'))
|
||||||
'cdist'))
|
|
||||||
if os.access(cdist_path, os.X_OK):
|
if os.access(cdist_path, os.X_OK):
|
||||||
return cdist_path
|
return cdist_path
|
||||||
cdist_path = find_cdist_exec_in_path()
|
cdist_path = find_cdist_exec_in_path()
|
||||||
|
|
|
@ -37,7 +37,7 @@ def commandline(args):
|
||||||
|
|
||||||
if not args.mode:
|
if not args.mode:
|
||||||
# By default scan and trigger, but do not call any action
|
# By default scan and trigger, but do not call any action
|
||||||
args.mode = ['scan', 'trigger' ]
|
args.mode = ['scan', 'trigger', ]
|
||||||
|
|
||||||
if 'trigger' in args.mode:
|
if 'trigger' in args.mode:
|
||||||
t = scan.Trigger(interfaces=args.interfaces)
|
t = scan.Trigger(interfaces=args.interfaces)
|
||||||
|
|
|
@ -30,9 +30,12 @@
|
||||||
# Scanner logic
|
# Scanner logic
|
||||||
# - save results to configdir:
|
# - save results to configdir:
|
||||||
# basedir = ~/.cdist/scan/<ipv6-address>
|
# basedir = ~/.cdist/scan/<ipv6-address>
|
||||||
# last_seen = ~/.cdist/scan/<ipv6-address>/last_seen -- record unix time or similar
|
# last_seen = ~/.cdist/scan/<ipv6-address>/last_seen -- record unix time
|
||||||
# last_configured = ~/.cdist/scan/<ipv6-address>/last_configured -- record unix time or similar
|
# or similar
|
||||||
# last_installed = ~/.cdist/scan/<ipv6-address>/last_configured -- record unix time or similar
|
# last_configured = ~/.cdist/scan/<ipv6-address>/last_configured -- record
|
||||||
|
# unix time or similar
|
||||||
|
# last_installed = ~/.cdist/scan/<ipv6-address>/last_configured -- record
|
||||||
|
# unix time or similar
|
||||||
#
|
#
|
||||||
#
|
#
|
||||||
#
|
#
|
||||||
|
@ -60,6 +63,7 @@ import cdist.config
|
||||||
|
|
||||||
log = logging.getLogger("scan")
|
log = logging.getLogger("scan")
|
||||||
|
|
||||||
|
|
||||||
class Trigger(object):
|
class Trigger(object):
|
||||||
"""
|
"""
|
||||||
Trigger an ICMPv6EchoReply from all hosts that are alive
|
Trigger an ICMPv6EchoReply from all hosts that are alive
|
||||||
|
@ -93,6 +97,7 @@ class Trigger(object):
|
||||||
log.debug(f"Sending request on {interface}")
|
log.debug(f"Sending request on {interface}")
|
||||||
send(packet, verbose=self.verbose)
|
send(packet, verbose=self.verbose)
|
||||||
|
|
||||||
|
|
||||||
class Scanner(object):
|
class Scanner(object):
|
||||||
"""
|
"""
|
||||||
Scan for replies of hosts, maintain the up-to-date database
|
Scan for replies of hosts, maintain the up-to-date database
|
||||||
|
@ -149,7 +154,6 @@ class Scanner(object):
|
||||||
prn=self.handle_pkg)
|
prn=self.handle_pkg)
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
if __name__ == '__main__':
|
if __name__ == '__main__':
|
||||||
t = Trigger(interfaces=["wlan0"])
|
t = Trigger(interfaces=["wlan0"])
|
||||||
t.start()
|
t.start()
|
||||||
|
|
|
@ -26,7 +26,7 @@ import tempfile
|
||||||
cdist_base_path = os.path.abspath(
|
cdist_base_path = os.path.abspath(
|
||||||
os.path.join(os.path.dirname(os.path.realpath(__file__)), "../../"))
|
os.path.join(os.path.dirname(os.path.realpath(__file__)), "../../"))
|
||||||
|
|
||||||
cdist_exec_path = os.path.join(cdist_base_path, "scripts/cdist")
|
cdist_exec_path = os.path.join(cdist_base_path, "bin/cdist")
|
||||||
|
|
||||||
global_fixtures_dir = os.path.abspath(os.path.join(os.path.dirname(__file__),
|
global_fixtures_dir = os.path.abspath(os.path.join(os.path.dirname(__file__),
|
||||||
"fixtures"))
|
"fixtures"))
|
||||||
|
|
|
@ -20,7 +20,7 @@
|
||||||
#
|
#
|
||||||
#
|
#
|
||||||
|
|
||||||
import imp
|
import importlib
|
||||||
import os
|
import os
|
||||||
import sys
|
import sys
|
||||||
import unittest
|
import unittest
|
||||||
|
@ -37,8 +37,9 @@ for possible_test in os.listdir(base_dir):
|
||||||
|
|
||||||
suites = []
|
suites = []
|
||||||
for test_module in test_modules:
|
for test_module in test_modules:
|
||||||
module_parameters = imp.find_module(test_module, [base_dir])
|
module_spec = importlib.util.find_spec("cdist.test.{}".format(test_module))
|
||||||
module = imp.load_module("cdist.test." + test_module, *module_parameters)
|
module = importlib.util.module_from_spec(module_spec)
|
||||||
|
module_spec.loader.exec_module(module)
|
||||||
|
|
||||||
suite = unittest.defaultTestLoader.loadTestsFromModule(module)
|
suite = unittest.defaultTestLoader.loadTestsFromModule(module)
|
||||||
# print("Got suite: " + suite.__str__())
|
# print("Got suite: " + suite.__str__())
|
||||||
|
|
|
@ -202,7 +202,7 @@ class ConfigRunTestCase(test.CdistTestCase):
|
||||||
host_dir_name=self.hostdir,
|
host_dir_name=self.hostdir,
|
||||||
# exec_path can not derivated from sys.argv in case of unittest
|
# exec_path can not derivated from sys.argv in case of unittest
|
||||||
exec_path=os.path.abspath(os.path.join(
|
exec_path=os.path.abspath(os.path.join(
|
||||||
my_dir, '../../../scripts/cdist')),
|
my_dir, '../../../bin/cdist')),
|
||||||
initial_manifest=os.path.join(fixtures,
|
initial_manifest=os.path.join(fixtures,
|
||||||
'manifest/dryrun_manifest'),
|
'manifest/dryrun_manifest'),
|
||||||
add_conf_dirs=[fixtures])
|
add_conf_dirs=[fixtures])
|
||||||
|
@ -219,7 +219,7 @@ class ConfigRunTestCase(test.CdistTestCase):
|
||||||
base_root_path=self.host_base_path,
|
base_root_path=self.host_base_path,
|
||||||
host_dir_name=self.hostdir,
|
host_dir_name=self.hostdir,
|
||||||
exec_path=os.path.abspath(os.path.join(
|
exec_path=os.path.abspath(os.path.join(
|
||||||
my_dir, '../../../scripts/cdist')),
|
my_dir, '../../../bin/cdist')),
|
||||||
initial_manifest=os.path.join(
|
initial_manifest=os.path.join(
|
||||||
fixtures, 'manifest/init-deps-resolver'),
|
fixtures, 'manifest/init-deps-resolver'),
|
||||||
add_conf_dirs=[fixtures])
|
add_conf_dirs=[fixtures])
|
||||||
|
|
|
@ -2,6 +2,31 @@ Changelog
|
||||||
---------
|
---------
|
||||||
|
|
||||||
next:
|
next:
|
||||||
|
* __package_pkgng_freebsd: Fix bootstrapping pkg (Dennis Camera)
|
||||||
|
* Core: Deal with deprecated imp in unit tests (Evil Ham)
|
||||||
|
* Type __iptables: Add IPv6 support (Matthias Stecher)
|
||||||
|
* Type __block: Fix escaping in here-doc (Matthias Stecher)
|
||||||
|
|
||||||
|
6.9.3: 2020-12-04
|
||||||
|
* pip install: Add cdist.scan to packages in setup.py (Dennis Camera)
|
||||||
|
|
||||||
|
6.9.2: 2020-11-20
|
||||||
|
* Documentation: Fix examples in best practice (Dennis Camera)
|
||||||
|
* Type __locale: Add state explorer (Matthias Stecher)
|
||||||
|
* Core: Reorganize scripts, version generation (Ander Punnar, Dennis Camera)
|
||||||
|
* New type: __hwclock (Dennis Camera)
|
||||||
|
* Type __hostname: Fix guessing SuSE OS version (Dennis Camera)
|
||||||
|
* New type: __sshd_config (Dennis Camera)
|
||||||
|
* New type: __localedef (Dennis Camera)
|
||||||
|
* Type __locale: Deprecate in favor of __localedef (Dennis Camera)
|
||||||
|
|
||||||
|
6.9.1: 2020-11-08
|
||||||
|
* Type __file: Fix state pre-exists (Dennis Camera)
|
||||||
|
* Type __hostname: Add support for OpenWrt (Dennis Camera)
|
||||||
|
* New type: __dpkg_architecture (Matthias Stecher)
|
||||||
|
* Type __package_apt: Add --install-recommends parameter (Matthias Stecher)
|
||||||
|
|
||||||
|
6.9.0: 2020-11-07
|
||||||
* Core: Clarify stdin input (Darko Poljak)
|
* Core: Clarify stdin input (Darko Poljak)
|
||||||
* Type __package_pip: Detect pip binary (Ander Punnar)
|
* Type __package_pip: Detect pip binary (Ander Punnar)
|
||||||
* Documentation: Add custom remote copy/exec examples (Darko Poljak)
|
* Documentation: Add custom remote copy/exec examples (Darko Poljak)
|
||||||
|
@ -12,6 +37,9 @@ next:
|
||||||
* Type __acl: Remove deprecated parameters, fix bugs (Ander Punnar)
|
* Type __acl: Remove deprecated parameters, fix bugs (Ander Punnar)
|
||||||
* Type __update_alternatives: Rewrite, support --install (Ander Punnar)
|
* Type __update_alternatives: Rewrite, support --install (Ander Punnar)
|
||||||
* Type __file: Fix state pre-exists (Dennis Camera)
|
* Type __file: Fix state pre-exists (Dennis Camera)
|
||||||
|
* Type __apt_norecommends: Use 00InstallRecommends file as debian-installer does (Dennis Camera)
|
||||||
|
* New types: __uci, __uci_section (Dennis Camera)
|
||||||
|
* Core: Introduce scanner (noninvasive, beta) (Nico Schottelius)
|
||||||
|
|
||||||
6.8.0: 2020-09-11
|
6.8.0: 2020-09-11
|
||||||
* Type __locale_system: Fix for debian and ubuntu (Ander Punnar)
|
* Type __locale_system: Fix for debian and ubuntu (Ander Punnar)
|
||||||
|
|
|
@ -200,15 +200,15 @@ of cdist:
|
||||||
.. code-block:: sh
|
.. code-block:: sh
|
||||||
|
|
||||||
# Singleton type without parameter
|
# Singleton type without parameter
|
||||||
echo __ungleich_munin_server | cdist --initial-manifest - munin.panter.ch
|
echo __ungleich_munin_server | cdist config --initial-manifest - munin.panter.ch
|
||||||
|
|
||||||
# Singleton type with parameter
|
# Singleton type with parameter
|
||||||
echo __ungleich_munin_node --allow 1.2.3.4 | \
|
echo __ungleich_munin_node --allow 1.2.3.4 | \
|
||||||
cdist --initial-manifest - rails-19.panter.ch
|
cdist config --initial-manifest - rails-19.panter.ch
|
||||||
|
|
||||||
# Normal type
|
# Normal type
|
||||||
echo __file /tmp/stdintest --mode 0644 | \
|
echo __file /tmp/stdintest --mode 0644 | \
|
||||||
cdist --initial-manifest - cdist-dev-01.ungleich.ch
|
cdist config --initial-manifest - cdist-dev-01.ungleich.ch
|
||||||
|
|
||||||
|
|
||||||
Other content in cdist repository
|
Other content in cdist repository
|
||||||
|
|
|
@ -49,7 +49,7 @@ create version.py:
|
||||||
|
|
||||||
.. code-block:: sh
|
.. code-block:: sh
|
||||||
|
|
||||||
./bin/build-helper version
|
./bin/cdist-build-helper version
|
||||||
|
|
||||||
Then you install it with:
|
Then you install it with:
|
||||||
|
|
||||||
|
@ -70,7 +70,7 @@ Or directly with distutils:
|
||||||
|
|
||||||
python setup.py install
|
python setup.py install
|
||||||
|
|
||||||
Note that `bin/build-helper` script is intended for cdist maintainers.
|
Note that `bin/cdist-build-helper` script is intended for cdist maintainers.
|
||||||
|
|
||||||
|
|
||||||
Available versions in git
|
Available versions in git
|
||||||
|
|
|
@ -1,89 +0,0 @@
|
||||||
#!/usr/bin/env python3
|
|
||||||
# -*- coding: utf-8 -*-
|
|
||||||
#
|
|
||||||
# 2010-2016 Nico Schottelius (nico-cdist at schottelius.org)
|
|
||||||
# 2016 Darko Poljak (darko.poljak at gmail.com)
|
|
||||||
#
|
|
||||||
# This file is part of cdist.
|
|
||||||
#
|
|
||||||
# cdist is free software: you can redistribute it and/or modify
|
|
||||||
# it under the terms of the GNU General Public License as published by
|
|
||||||
# the Free Software Foundation, either version 3 of the License, or
|
|
||||||
# (at your option) any later version.
|
|
||||||
#
|
|
||||||
# cdist is distributed in the hope that it will be useful,
|
|
||||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
||||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
||||||
# GNU General Public License for more details.
|
|
||||||
#
|
|
||||||
# You should have received a copy of the GNU General Public License
|
|
||||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
|
||||||
#
|
|
||||||
#
|
|
||||||
|
|
||||||
import logging
|
|
||||||
import sys
|
|
||||||
import cdist
|
|
||||||
import cdist.argparse
|
|
||||||
import cdist.banner
|
|
||||||
import cdist.config
|
|
||||||
import cdist.install
|
|
||||||
import cdist.shell
|
|
||||||
import cdist.inventory
|
|
||||||
|
|
||||||
|
|
||||||
def commandline():
|
|
||||||
"""Parse command line"""
|
|
||||||
|
|
||||||
# preos subcommand hack
|
|
||||||
if len(sys.argv) > 1 and sys.argv[1] == 'preos':
|
|
||||||
return cdist.preos.PreOS.commandline(sys.argv[1:])
|
|
||||||
parser, cfg = cdist.argparse.parse_and_configure(sys.argv[1:])
|
|
||||||
args = cfg.get_args()
|
|
||||||
|
|
||||||
# Work around python 3.3 bug:
|
|
||||||
# http://bugs.python.org/issue16308
|
|
||||||
# http://bugs.python.org/issue9253
|
|
||||||
|
|
||||||
# FIXME: catching AttributeError also hides
|
|
||||||
# real problems.. try a different way
|
|
||||||
|
|
||||||
# FIXME: we always print main help, not
|
|
||||||
# the help of the actual parser being used!
|
|
||||||
try:
|
|
||||||
getattr(args, "func")
|
|
||||||
except AttributeError:
|
|
||||||
parser['main'].print_help()
|
|
||||||
sys.exit(0)
|
|
||||||
|
|
||||||
args.func(args)
|
|
||||||
|
|
||||||
|
|
||||||
if __name__ == "__main__":
|
|
||||||
if sys.version < cdist.MIN_SUPPORTED_PYTHON_VERSION:
|
|
||||||
print('Python >= {} is required on the source host.'.format(
|
|
||||||
cdist.MIN_SUPPORTED_PYTHON_VERSIO), file=sys.stderr)
|
|
||||||
sys.exit(1)
|
|
||||||
|
|
||||||
exit_code = 0
|
|
||||||
|
|
||||||
try:
|
|
||||||
import re
|
|
||||||
import os
|
|
||||||
|
|
||||||
if re.match("__", os.path.basename(sys.argv[0])):
|
|
||||||
import cdist.emulator
|
|
||||||
emulator = cdist.emulator.Emulator(sys.argv)
|
|
||||||
emulator.run()
|
|
||||||
else:
|
|
||||||
commandline()
|
|
||||||
|
|
||||||
except KeyboardInterrupt:
|
|
||||||
exit_code = 2
|
|
||||||
|
|
||||||
except cdist.Error as e:
|
|
||||||
log = logging.getLogger("cdist")
|
|
||||||
log.error(e)
|
|
||||||
exit_code = 1
|
|
||||||
|
|
||||||
sys.exit(exit_code)
|
|
11
setup.py
11
setup.py
|
@ -6,7 +6,7 @@ import subprocess
|
||||||
|
|
||||||
|
|
||||||
# We have it only if it is a git cloned repo.
|
# We have it only if it is a git cloned repo.
|
||||||
build_helper = os.path.join('bin', 'build-helper')
|
build_helper = os.path.join('bin', 'cdist-build-helper')
|
||||||
# Version file path.
|
# Version file path.
|
||||||
version_file = os.path.join('cdist', 'version.py')
|
version_file = os.path.join('cdist', 'version.py')
|
||||||
# If we have build-helper we could be a git repo.
|
# If we have build-helper we could be a git repo.
|
||||||
|
@ -54,14 +54,13 @@ os.chdir(cur)
|
||||||
|
|
||||||
setup(
|
setup(
|
||||||
name="cdist",
|
name="cdist",
|
||||||
packages=["cdist", "cdist.core", "cdist.exec", "cdist.util", ],
|
packages=["cdist", "cdist.core", "cdist.exec", "cdist.scan", "cdist.util"],
|
||||||
package_data={'cdist': package_data},
|
package_data={'cdist': package_data},
|
||||||
scripts=["scripts/cdist", "scripts/cdist-dump", "scripts/cdist-new-type"],
|
scripts=["bin/cdist", "bin/cdist-dump", "bin/cdist-new-type"],
|
||||||
version=cdist.version.VERSION,
|
version=cdist.version.VERSION,
|
||||||
description="A Usable Configuration Management System",
|
description="A Usable Configuration Management System",
|
||||||
author="Nico Schottelius",
|
author="cdist contributors",
|
||||||
author_email="nico-cdist-pypi@schottelius.org",
|
url="https://cdi.st",
|
||||||
url="https://www.cdi.st/",
|
|
||||||
classifiers=[
|
classifiers=[
|
||||||
"Development Status :: 6 - Mature",
|
"Development Status :: 6 - Mature",
|
||||||
"Environment :: Console",
|
"Environment :: Console",
|
||||||
|
|
Loading…
Reference in a new issue