ungleich-public/cdist
ungleich-public
/
cdist
7
3
Fork 11
Code Issues 57 Pull Requests 15 Projects Releases Wiki Activity
cdist/cdist/conf/type/__consul_template/manifest

192 lines
6.3 KiB
Bash
Executable File
Raw Blame History

#!/bin/sh -e
#
# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
#
# This file is part of cdist.
#
# cdist is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# cdist is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
#
os=$(cat "$__global/explorer/os")
case "$os" in
scientific|centos|redhat)
# whitelist safeguard
service_onchange='service consul-template status >/dev/null && service consul-template reload || true' \
;;
archlinux)
service_onchange="systemctl status consul-template >/dev/null && systemctl reload consul-template || true"
;;
*)
echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2
echo "Please contribute an implementation for it if you can." >&2
exit 1
;;
esac
versions_dir="$__type/files/versions"
version="$(cat "$__object/parameter/version")"
version_dir="$versions_dir/$version"
if [ ! -d "$version_dir" ]; then
echo "Unknown consul-template version '$version'. Expected one of:" >&2
ls "$versions_dir" >&2
exit 1
fi
state="$(cat "$__object/parameter/state")"
__staged_file /usr/local/bin/consul-template \
--source "$(cat "$version_dir/source")" \
--cksum "$(cat "$version_dir/cksum")" \
--fetch-command 'curl -s -L "%s"' \
--prepare-command 'unzip -p "%s"' \
--state "$state" \
--group root \
--owner root \
--mode 755
conf_dir="/etc/consul-template/conf.d"
conf_file="config.hcl"
template_dir="/etc/consul-template/template"
__directory /etc/consul-template \
--owner root --group root --mode 750
require="__directory/etc/consul-template" \
__directory "$conf_dir" \
--owner root --group root --mode 750
require="__directory/etc/consul-template" \
__directory "$template_dir" \
--owner root --group root --mode 750
# Generate hcl config file
(
cd "$__object/parameter/"
for param in *; do
case "$param" in
auth-password|state|ssl-*|syslog-*|version|vault-token|vault-ssl*) continue ;;
auth-username)
printf 'auth {\n'
printf ' enabled = true\n'
printf ' username = "%s"\n' "$(cat "$__object/parameter/auth-username")"
if [ -f "$__object/parameter/auth-password" ]; then
printf ' password = %s\n' "$(cat "$__object/parameter/auth-password")"
fi
printf '}\n'
;;
ssl)
printf 'ssl {\n'
printf ' enabled = true\n'
if [ -f "$__object/parameter/ssl-no-verify" ]; then
printf ' verify = false\n'
fi
if [ -f "$__object/parameter/ssl-cert" ]; then
printf ' cert = "%s"\n' "$(cat "$__object/parameter/ssl-cert")"
fi
if [ -f "$__object/parameter/ssl-ca-cert" ]; then
printf ' ca_cert = "%s"\n' "$(cat "$__object/parameter/ssl-ca-cert")"
fi
printf '}\n'
;;
syslog)
printf 'syslog {\n'
printf ' enabled = true\n'
if [ -f "$__object/parameter/syslog-facility" ]; then
printf ' facility = "%s"\n' "$(cat "$__object/parameter/syslog-facility")"
fi
printf '}\n'
;;
vault-address)
printf 'vault {\n'
printf ' address = "%s"\n' "$(cat "$__object/parameter/vault-address")"
if [ -f "$__object/parameter/vault-token" ]; then
printf ' token = "%s"\n' "$(cat "$__object/parameter/vault-token")"
fi
if [ -f "$__object/parameter/vault-ssl" ]; then
printf ' ssl {\n'
printf ' enabled = true\n'
if [ -f "$__object/parameter/vault-ssl-no-verify" ]; then
printf ' verify = false\n'
fi
if [ -f "$__object/parameter/vault-ssl-cert" ]; then
printf ' cert = "%s"\n' "$(cat "$__object/parameter/vault-ssl-cert")"
fi
if [ -f "$__object/parameter/vault-ssl-ca-cert" ]; then
printf ' ca_cert = "%s"\n' "$(cat "$__object/parameter/vault-ssl-ca-cert")"
fi
printf ' }\n'
fi
printf '}\n'
;;
*)
# string key=value parameters
key="$(echo "$param" | tr '-' '_')"
printf '%s = "%s"\n' "$key" "$(cat "$__object/parameter/$param")"
;;
esac
done
) | \
require="__directory${conf_dir}" \
__config_file "${conf_dir}/${conf_file}" \
--owner root --group root --mode 640 \
--state "$state" \
--onchange "$service_onchange" \
--source -
# Install init script to start on boot
service="consul-template"
case "$os" in
centos|redhat)
os_version="$(sed 's/[^0-9.]//g' "$__global/explorer/os_version")"
major_version="${os_version%%.*}"
case "$major_version" in
7)
__file "/lib/systemd/system/${service}.service" \
--owner root --group root --mode 0555 \
--state "$state" \
--source "$__type/files/${service}.systemd"
export require="__file/lib/systemd/system/${service}.service"
;;
*)
__file "/etc/init.d/${service}" \
--owner root --group root --mode 0555 \
--state "$state" \
--source "$__type/files/${service}.sysv"
export require="__file/etc/init.d/${service}"
;;
esac
__start_on_boot "$service" --state "$state"
;;
ubuntu)
__file "/etc/init/${service}.conf" \
--owner root --group root --mode 0644 \
--state "$state" \
--source "$__type/files/${service}.upstart"
export require="__file/etc/init/${service}.conf"
__start_on_boot "$service" --state "$state"
;;
archlinux)
__file "/lib/systemd/system/${service}.service" \
--owner root --group root --mode 0555 \
--state "$state" \
--source "$__type/files/${service}.systemd"
export require="__file/lib/systemd/system/${service}.service"
__start_on_boot "$service" --state "$state"
;;
esac
Reference in New Issue View Git Blame Copy Permalink