ungleich-public/cdist
ungleich-public
/
cdist
7
4
Fork 10
Code Issues 58 Pull Requests 15 Projects Releases Wiki Activity
6,730 Commits 108 Branches 178 Tags 20 MiB
Commit Graph

1445 Commits

Author SHA1 Message Date
Dennis Camera 3649555f35 [type/__package_opkg] Do not lock execution of code-remote (revert) 
Instead, rely on `nonparallel`.
In any case cdist should never run explorer and code concurrently even if the
dependency graph would allow to do so as it would result in many more
synchronization issues than this one.
 2020-06-22 09:32:57 +02:00
ander 26dfdf37c2 [__download] support multiple checksum formats and download utilities, add --onchange and other minor changes 2020-06-21 23:39:53 +03:00
Dennis Camera 6aae58dea7 [type/__package_opkg] Mark lock variables readonly 2020-06-21 17:35:28 +02:00
Dennis Camera e79b26a61f [type/__package_opkg] Also lock execution of code-remote 2020-06-21 15:53:01 +02:00
Dennis Camera 97e48be39e [type/__package_opkg] Fix explorer running in parallel 2020-06-21 15:52:57 +02:00
poljakowski d59ba09d71 Merge branch '__download' into 'master' 
new type: __download

See merge request ungleich-public/cdist!892
 2020-06-17 13:39:07 +02:00
ander 201050a9e5 new type: __download 2020-06-16 20:53:31 +03:00
ander 7c490a703d [__clean_path] add --path parameter 2020-06-10 11:38:14 +03:00
Darko Poljak a251e53495 Merge branch 'fix_os_explorer_sles15' of https://github.com/dheule/cdist into dheule-fix_os_explorer_sles15 2020-06-08 13:43:41 +02:00
Daniel Heule 6a611e556a fix os explorer for sles15 2020-06-02 13:40:21 +02:00
Darko Poljak 988190363a Resolve shellcheck SC1090 2020-05-30 15:10:13 +02:00
ander 29c0180204 [__ssh_authorized_keys] add --remove-unknown parameter 2020-05-28 23:31:13 +03:00
ander 716d3554f3 [__user] fix user delete on freebsd 2020-05-23 00:48:35 +03:00
poljakowski dab32b0cb6 Merge branch '__group_freebsd_fix' into 'master' 
[__group] fix --gid on freebsd

See merge request ungleich-public/cdist!881
 2020-05-22 10:08:29 +02:00
ander 3bcbd95269 [__motd] debian|ubuntu|devuan use /etc/motd 2020-05-22 02:36:49 +03:00
ander bf25a18a04 [__group] fix --gid on freebsd 2020-05-22 02:31:38 +03:00
evilham ad58ea79c2 [__ssh_authorized_keys] Fix bug where --option was not multiple 
This went against both documentation and intent.
 2020-05-18 20:01:01 +02:00
poljakowski 8d639d54d0 Merge branch 'evilham-authorized_keys-man' into 'master' 
[__ssh_authorizedkey{,s}] Improve documentation.

See merge request ungleich-public/cdist!877
 2020-05-18 19:49:50 +02:00
poljakowski 2362d89976 Merge branch 'evilham-machine_type-explorer-simplify-linux-add-openbsd' into 'master' 
[explorer/machine_type] simplify linux add openbsd

See merge request ungleich-public/cdist!876
 2020-05-18 19:48:47 +02:00
poljakowski c5454afc72 Merge branch 'evilham-machine_type-explorer-freebsd' into 'master' 
[explorer/machine_type] Add support for FreeBSD.

See merge request ungleich-public/cdist!875
 2020-05-18 19:46:47 +02:00
evilham 6d502f737a [__ssh_authorizedkey{,s}] Improve documentation. 2020-05-18 18:37:16 +02:00
evilham 8b790b0a54 [explorer/machine_type] Make shellcheck happy! 2020-05-18 16:47:20 +02:00
evilham cf44c4a01b [explorer/machine_type] Simplify Linux + basic OpenBSD support. 
By abstracting away vendor-dependent pattern matching for the linux code, we can
re-use that and be reasonably sure about OpenBSD machines being virtualised when
we can identify the undelrying virtualisation technology.
It remains to be solved how to tell if an OpenBSD machine is physical; in that
case previous cdist behaviour ("unknown") remains.

For NetBSD something similar to OpenBSD could be done, with different sysctls:
hw.machine and hw.model wary of adding those without testing though, so for
NetBSD previous cdist behaviour ("unknown") remains.
https://netbsd.gw.com/cgi-bin/man-cgi?sysctl+7.i386+NetBSD-9.0
 2020-05-18 16:35:50 +02:00
evilham 7ca2bfc14a [explorer/machine_type] Add support for FreeBSD. 
More research is needed for {Net,Open}BSD support.

Indentation is left as-is for the linux code as I intend to simplify it in a
future MR, this way the diff is minimal.
 2020-05-18 16:00:23 +02:00
matze 086e683c99 [__file] add "default values" in manual for group, mode and owner 
Because at least the --mode default value may not be expected, the
manual lists the "default values". As they are not explicitly set in the
`__file` type, it is a bit more difficult, but should resolve to
following:
  - the mode comes from the umask set in the cdist code to protect file
    creation and uses the strongest umask possible.
  - the owner and group comes from the ssh user, which should always be
    the root user. (I think this can be swaped, too, but who will?)

At the owner and group parameter, it could be replaced with something
like "the ssh user and group", which would be more correct, but less
understandable.
 2020-05-16 16:33:38 +02:00
matze dcfabf9268 [__cron] add hint for default values of time-related parameters 
This should resolve some misunderstanding when leave a time-related
parameter with it's default value.
 2020-05-16 14:00:02 +02:00
matze 42f2dceeb1 [__link] fix typo in the manual 2020-05-09 18:40:44 +02:00
Nico Schottelius d4059fd29e [__letsencrypt_cert] whitelist Ubuntu 2020-05-01 15:31:23 +02:00
Nico Schottelius f58d662b32 [__pyvenv] Switch to python3 -m venv for ubuntu 2020-05-01 15:28:01 +02:00
evilham 678df1ec8a [explorers] Improve *BSD support. 
cpu_cores and memory did lacked support for other BSDs.
 2020-04-27 01:29:37 +02:00
poljakowski 8074f02bb3 Merge branch 'evilham-pf' into 'master' 
[__pf*] (~) __pf_ruleset (+)__pf_apply_anchor, deprecate __pf_apply

See merge request ungleich-public/cdist!867
 2020-04-26 09:59:24 +02:00
poljakowski 71156258a4 Merge branch 'evilham-postfix' into 'master' 
[__postfix] Automagically support more OSs by not checking too much.

See merge request ungleich-public/cdist!866
 2020-04-26 09:52:08 +02:00
poljakowski c13608fab5 Merge branch 'evilham-openldap_server' into 'master' 
[__openldap_server] Support extra config parameter.

See merge request ungleich-public/cdist!865
 2020-04-26 09:50:21 +02:00
poljakowski b40b95d758 Merge branch 'evilham-motd' into 'master' 
[__motd] Improve documentation and support for FreeBSD

See merge request ungleich-public/cdist!864
 2020-04-26 09:47:54 +02:00
poljakowski 6ec3274598 Merge branch 'postgres-database-args' into 'master' 
Add --template, --encoding, --lc-collate, --lc-support to __postgres_database type

See merge request ungleich-public/cdist!859
 2020-04-26 09:41:30 +02:00
evilham 2928795441 [__pf_ruleset] Fix shellcheck issue. 2020-04-25 14:54:29 +02:00
evilham fefe90e9c9 [__pf*] (~) __pf_ruleset (+)__pf_apply_anchor, deprecate __pf_apply 
__pf_apply the way it exists on cdist is not really useful and __pf_ruleset does
not take advantage of other types as it should, being instead overly complex and
not as reliable.

The new __pf_ruleset is compatible with the previous one, and __pf_apply_anchors
allows for a simple and powerful way of managing pf anchors.
The functionality previously provided by __pf_apply is still possible out of the
box in __pf_ruleset.

These patches were mostly contributed by Kamila Součková and made fit for
upstreaming by Evilham.
 2020-04-25 12:23:27 +02:00
evilham 5981d0a5f1 [__postfix] Automagically support more OSs by not checking too much. 
It is quite likely that the package is going to be called postfix, rather
than trying to have an exhaustive "allow list" for this package, we can
just add special cases for OSs where that is not the case (not aware of any
atm).
 2020-04-25 00:22:28 +02:00
evilham 056c7c5400 [__openldap_server] Support extra config parameter. 
This allows the user to, e.g. manually define ACLs, while this type does not
support that.
 2020-04-25 00:12:24 +02:00
evilham de37b0ce45 [__motd] Improve documentation and support for FreeBSD 
This makes it easier to use the type just by reading the man page and also
treats FreeBSD's MOTD better.
 2020-04-24 20:26:44 +02:00
Darko Poljak 38ccdfda32 Fix newly found shellcheck issues 2020-04-22 23:21:34 +02:00
fnux c3f924d350 Add --template flag to __postgres_database type 2020-04-14 10:23:08 +02:00
Steven Armstrong 76d978d3d8 explorer/init: do not grep on non-existent init 
Signed-off-by: Steven Armstrong <steven@icarus.ethz.ch>
 2020-04-10 10:51:17 +02:00
fnux d53077f4e8 Add --encoding, --lc-collate, --lc-support to __postgres_database type 2020-04-06 09:30:01 +02:00
Darko Poljak 890c73f6bd Fix shellcheck issues 2020-04-02 20:18:04 +02:00
Nico Schottelius d034fe9369 [__pyvenv] use python3 -m venv on alpine 
Until python4 comes, this will work
 2020-04-02 18:24:13 +02:00
Nico Schottelius 0f639a9278 Make __cron nonparallel 
It fails due to removal / edit of crontab at the same time

VERBOSE: [18331]: uncloud.ungleich.ch: Running object __cron/pg_dump_cleanup
VERBOSE: [18332]: uncloud.ungleich.ch: Running object __ungleich_packages/server
VERBOSE: [18335]: uncloud.ungleich.ch: Running object __postgres_role/app
INFO: [18335]: uncloud.ungleich.ch: Processing __postgres_role/app
INFO: [18331]: uncloud.ungleich.ch: Processing __cron/pg_dump_cleanup
ERROR: [16451]: uncloud.ungleich.ch: ssh -o User=root -o ControlPath=/tmp/tmp_8eu4oep/s -o ControlMaster=auto -o ControlPersist=2h uncloud.ungleich.ch /bin/sh -c ' export __object=/var/lib/cdist/object/__cron/pg_dumpall_under_day/.cdist-mfd00npk;  export __object_id=pg_dumpall_under_day;/bin/sh -e /var/lib/cdist/object/__cron/pg_dumpall_under_day/.cdist-mfd00npk/code-remote': ['ssh', '-o', 'User=root', '-o', 'ControlPath=/tmp/tmp_8eu4oep/s', '-o', 'ControlMaster=auto', '-o', 'ControlPersist=2h', 'uncloud.ungleich.ch', "/bin/sh -c ' export __object=/var/lib/cdist/object/__cron/pg_dumpall_under_day/.cdist-mfd00npk;  export __object_id=pg_dumpall_under_day;/bin/sh -e /var/lib/cdist/object/__cron/pg_dumpall_under_day/.cdist-mfd00npk/code-remote'"]

Error processing object '__cron/pg_dumpall_under_day'
=====================================================
name: __cron/pg_dumpall_under_day
path: /tmp/tmplaq9cwdh/6318c251013a449595327745daacf3ee/data/object/__cron/pg_dumpall_under_day/.cdist-mfd00npk
source: /tmp/tmplaq9cwdh/6318c251013a449595327745daacf3ee/data/conf/type/__ungleich_postgresql/manifest
type: /home/nico/vcs/cdist/cdist/conf/type/__cron

code-remote:stderr
------------------
crontab: can't move 'postgres.new' to 'postgres': No such file or directory

VERBOSE: [16451]: config: Total processing time for 1 host(s): 13.98031210899353
[18:09] line:~%
 2020-04-02 18:14:09 +02:00
poljakowski 1eb02f908b Merge branch 'fix/__package_update_index' into 'master' 
[__package_update_index] Fix maxage false-positives on brand-new installations

See merge request ungleich-public/cdist!858
 2020-03-29 13:53:55 +02:00
Darko Poljak b25939cdd6 Fix shellcheck 2020-03-27 13:30:52 +01:00
poljakowski 11148995d1 Merge branch 'master' into 'master' 
fix typo

See merge request ungleich-public/cdist!857
 2020-03-27 08:50:29 +01:00
Nico Schottelius 66d9905029 [__consul_agent] make conf_dir depent on the OS 2020-03-26 21:48:17 +01:00
andrewschleifer f00e4af5f0 fix typo 2020-03-26 21:17:32 +08:00
matze 358e04b2af Handle specially if no time about the last index update found. 
The explorer 'currage' now returns -1 if he can not find any value about
this. The gencode-remote script handle this value special to not exit if
-1 given as value.

This fixes the bug
  #803
 2020-03-14 09:58:38 +01:00
llnu fb32d6ed3f alpine uses a different getent lib which doesnt support: getent shadow 2020-03-08 16:04:02 +01:00
poljakowski 4b24d886eb Merge branch 'file/better-errors' into 'master' 
[__file] Better errors analogous to __directory

See merge request ungleich-public/cdist!854
 2020-02-26 21:50:01 +01:00
Dennis Camera 9eacba06bb [__file] Treat pre-exists as a special case in gencode-remote as it should never get there 2020-02-26 16:48:14 +01:00
Dennis Camera 46d2487f08 [__file] Give more precise error message when --state pre-exists 2020-02-26 16:40:53 +01:00
poljakowski dd6b07d924 Merge branch 'directory-exists' into 'master' 
[__directory] Add --state exists and --state pre-exists

See merge request ungleich-public/cdist!832
 2020-02-26 16:33:37 +01:00
Dennis Camera 6b4b6534a1 [__directory] Give more precise error message when --state pre-exists 2020-02-26 16:15:23 +01:00
poljakowski aa49afd61a Merge branch 'fix/explorer/disks' into 'master' 
explorer/disks: Fix on NetBSD and support Linux w/o lsblk

See merge request ungleich-public/cdist!852
 2020-02-26 12:53:26 +01:00
Dennis Camera 6db6dc4ac0 [explorer/disks] Add license header 2020-02-25 20:24:14 +01:00
Dennis Camera 1ef126e16f [explorer/disks] Move xargs call to the bottom 2020-02-25 20:21:35 +01:00
Dennis Camera d3bd2669ec [explorer/disks] Support Linux without lsblk (fallback to sysfs) 2020-02-25 20:21:14 +01:00
fnux e6f683b886 Add support for alpine (edge) package to __consul_agent 2020-02-24 09:20:49 +01:00
Dennis Camera c6aba8d189 [explorer/disks] Fix for NetBSD 
When connecting over SSH and running /bin/sh, the PATH is missing sbin locations.
sysctl is located at /sbin/sysctl on NetBSD.
 2020-02-23 22:59:41 +01:00
poljakowski 47ec9ada10 Merge branch 'consul_agent' into 'master' 
Refactor __consul_* for use with distribution packages

See merge request ungleich-public/cdist!837
 2020-02-23 09:28:24 +01:00
poljakowski e1b80f7222 Merge branch 'service' into 'master' 
Add simple __service type

See merge request ungleich-public/cdist!847
 2020-02-23 09:21:29 +01:00
poljakowski 2a5309b413 Merge branch 'fix/init-explorer/busybox' into 'master' 
[explorer/init] Support more init systems

See merge request ungleich-public/cdist!850
 2020-02-23 09:18:51 +01:00
Dennis Camera 0d6bc8e8f8 [explorer/init] Make shellcheck happy 2020-02-20 23:34:19 +01:00
Dennis Camera 0d84c91b40 [explorer/init] Fix unique() for Solaris 2020-02-20 23:34:19 +01:00
Dennis Camera 364340c8d5 [explorer/init] Refactor and testing 2020-02-20 23:34:19 +01:00
Dennis Camera d895bb0e87 [explorer/init] Clean up 2020-02-20 23:34:19 +01:00
Dennis Camera 21c9e3db18 [explorer/init] Support more init systems 2020-02-20 23:34:11 +01:00
kjg 28d3760e29 [cdist]Update os_version for alpine 2020-02-20 09:40:55 +01:00
ander a3bc8f9407 __update_alternatives: remove expired comment 2020-02-19 12:59:14 +02:00
ander b891bb05d5 __update_alternatives: add state explorer 2020-02-19 12:58:22 +02:00
fnux 09540dc6bd Add simple __service type 2020-02-17 21:38:03 +01:00
fnux 31ad1bdaad Fix various typos and styling errors in __consul_agent, conf-dir 
explorer
 2020-02-17 13:43:18 +01:00
fnux f595664924 Patch __consul_* to discover remote consul configuration dir 2020-02-17 13:42:19 +01:00
fnux 70200cd28f Refactor __consul_agent type to support distribution packages 2020-02-17 13:42:19 +01:00
Darko Poljak 0640b02f90 Fix too short title underline 2020-02-15 14:59:12 +01:00
poljakowski 7acbc8709b Merge branch 'postgres-role-password' into 'master' 
Fix password command synthax in __postgres_role

See merge request ungleich-public/cdist!845
 2020-02-15 14:36:54 +01:00
fnux a1536933ab Fix password command synthax in __postgres_role 2020-02-15 14:16:00 +01:00
poljakowski 221c3820ca Merge branch 'type/__systemd_service' into 'master' 
[__systemd_service] new type to manage the state of systemd services

See merge request ungleich-public/cdist!844
 2020-02-15 12:22:04 +01:00
poljakowski b898412faf Merge branch 'fix/__cron' into 'master' 
[__cron] Fix cronjob removal if `is` and `should` don't match

See merge request ungleich-public/cdist!841
 2020-02-15 12:16:58 +01:00
matze ef089d1c61 [__systemd_service] new type to manage the state of systemd services 2020-02-15 11:42:01 +01:00
matze 5e6e17b3e5 Moved default parameter values from scripts to cdist parameter handling. 
For more generalisation, the default parameter values are now handled by
cdist instead of trying to get a value and use a default if parameter is
not given.

It handles the default values in a more general way, instead of write
one default in (possibly) multiple places.
Problem occurred when checking the 'state' parameter, which required to
set a default value in two places.
 2020-02-15 09:46:23 +01:00
matze a761d4842c Add check for the state parameter in manifest. 
This only allow following cases:
  - present
  - absent
else, it will abort with an error message.
 2020-02-15 08:21:24 +01:00
poljakowski c8dbd0718e Merge branch '__package_apt_updates_index' into 'master' 
__package_apt: update index cache, on installation, when it is older than one day

See merge request ungleich-public/cdist!842
 2020-02-14 21:57:04 +01:00
ander 869a38676f __package_apt: add comment about package index update 2020-02-14 19:22:06 +02:00
ander 1be5a9d316 __package_apt: add note about updating index 2020-02-14 19:19:12 +02:00
ander f771840178 __mysql_privileges: fix typo 2020-02-13 17:38:34 +02:00
ander b7483d73eb __mysql_privileges: fix shellcheck 2020-02-13 17:38:19 +02:00
ander 710e99f240 __mysql_privileges: fix quoting 2020-02-13 17:29:44 +02:00
ander b3bad9468d __package_apt: pkgcache.bin may not exist 2020-02-09 20:43:09 +02:00
ander 08d5814e2c __package_apt: update index cache, on installation, when it is older than one day 2020-02-09 20:37:06 +02:00
poljakowski 0edda3b528 Merge branch 'no-stat-patch' into 'master' 
__file/__directory: Patch for systems without stat(1)

See merge request ungleich-public/cdist!839
 2020-02-04 07:46:28 +01:00
Dennis Camera 984e0dc8c4 [explorer/os_release] Add fallbacks to /usr/lib/os-release and /var/run/os-release 2020-02-03 19:29:04 +01:00
Dennis Camera 3b5433d63a [__directory] stat explorer patch for systems without stat(1) 
Some embedded systems (like OpenWrt) do not ship a stat(1) binary.
This workaround parses the output of ls(1) and /etc/passwd, /etc/group to
gather the information needed.
 2020-02-03 18:36:59 +01:00
Dennis Camera e82dd35869 [__file] stat explorer patch for systems without stat(1) 
Some embedded systems (like OpenWrt) do not ship a stat(1) binary.
This workaround parses the output of ls(1) and /etc/passwd, /etc/group to
gather the information needed.
 2020-02-03 18:36:59 +01:00