Merge remote-tracking branch 'youngjin/master'

.gitignore

@@ -1,2 +1,4 @@
 /youngjin.han/dot-cdist/type/__my_computer/manifest~
 /youngjin.han/cdist.org~
+/youngjin.han/dot-cdist/type/__colourful_file/file/colourful~
+/youngjin.han/dot-cdist/type/__colourful_file/manifest~

youngjin.han/cdist.org

@@ -1,3 +1,8 @@
+* cidst #5
+  - gencode-remote : is executed on the target
+  - remote code : behave as if it where ssh (e.g. ssh -o User=root)
+  - gencode-local : is executed locally
+  - __file has gencode-local that is need to excute and debug commands
 * singleton / non-singleton
 ** non-singleton needs process ID.
 ** singletion should be carried out by itself.

youngjin.han/dot-cdist/manifest/init

@@ -5,11 +5,17 @@ case "$__target_host" in
         __motd
         __timezone Asia/Seoul
 #        __my_computer
-        __colourful_file --colour yellow
+#        __colourful_file --colour yellow --colour blue --colour red --colour green
+#        __my_dotfiles
+#        __my_nginx_site $__target_host
     ;;
     jafo.laptop)
         __motd
         __timezone Asia/Seoul
-        __my_computer
+#        __my_computer
+    ;;
+    *)
+#        __my_nginx
+        __my_nginx_site $__target_host
     ;;
 esac

youngjin.han/dot-cdist/type/__colourful_file/file/colourful

@@ -1,9 +0,0 @@
-colour=\
-yellow\
-black\
-white\
-grey\
-puple\
-green\
-red\
-blue

youngjin.han/dot-cdist/type/__colourful_file/manifest

@@ -1,14 +1,14 @@
 #!/bin/sh -e
 
 __file ~/colourful
-printf "colour=" > ~/colourful
+printf "colour=\n" > ~/colourful
 
 # parameter with multiple values
 if [ -f "$__object/parameter/colour" ]; then
-    colour="$(cat "$__object/parameter/colour")"
+#    colour="$(cat "$__object/parameter/colour")"
-    echo $colour >> ~/colourful
+#    printf "$colour\n" >> ~/colourful
-#    for alias in $(cat "$__object/parameter/colour"); do
+    for alias in $(cat "$__object/parameter/colour"); do
-#        echo $alias >> ~/colourful
+        printf "$alias\n" >> ~/colourful
-#    done
+    done
 fi
 

youngjin.han/dot-cdist/type/__my_dotfiles/files/.bashrc

@@ -0,0 +1,115 @@
+# ~/.bashrc: executed by bash(1) for non-login shells.
+# see /usr/share/doc/bash/examples/startup-files (in the package bash-doc)
+# for examples
+
+# If not running interactively, don't do anything
+case $- in
+    *i*) ;;
+      *) return;;
+esac
+
+# don't put duplicate lines or lines starting with space in the history.
+# See bash(1) for more options
+HISTCONTROL=ignoreboth
+
+# append to the history file, don't overwrite it
+shopt -s histappend
+
+# for setting history length see HISTSIZE and HISTFILESIZE in bash(1)
+HISTSIZE=1000
+HISTFILESIZE=2000
+
+# check the window size after each command and, if necessary,
+# update the values of LINES and COLUMNS.
+shopt -s checkwinsize
+
+# If set, the pattern "**" used in a pathname expansion context will
+# match all files and zero or more directories and subdirectories.
+#shopt -s globstar
+
+# make less more friendly for non-text input files, see lesspipe(1)
+#[ -x /usr/bin/lesspipe ] && eval "$(SHELL=/bin/sh lesspipe)"
+
+# set variable identifying the chroot you work in (used in the prompt below)
+if [ -z "${debian_chroot:-}" ] && [ -r /etc/debian_chroot ]; then
+    debian_chroot=$(cat /etc/debian_chroot)
+fi
+
+# set a fancy prompt (non-color, unless we know we "want" color)
+case "$TERM" in
+    xterm-color|*-256color) color_prompt=yes;;
+esac
+
+# uncomment for a colored prompt, if the terminal has the capability; turned
+# off by default to not distract the user: the focus in a terminal window
+# should be on the output of commands, not on the prompt
+#force_color_prompt=yes
+
+if [ -n "$force_color_prompt" ]; then
+    if [ -x /usr/bin/tput ] && tput setaf 1 >&/dev/null; then
+	# We have color support; assume it's compliant with Ecma-48
+	# (ISO/IEC-6429). (Lack of such support is extremely rare, and such
+	# a case would tend to support setf rather than setaf.)
+	color_prompt=yes
+    else
+	color_prompt=
+    fi
+fi
+
+if [ "$color_prompt" = yes ]; then
+    PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ '
+else
+    PS1='${debian_chroot:+($debian_chroot)}\u@\h:\w\$ '
+fi
+unset color_prompt force_color_prompt
+
+# If this is an xterm set the title to user@host:dir
+case "$TERM" in
+xterm*|rxvt*)
+    PS1="\[\e]0;${debian_chroot:+($debian_chroot)}\u@\h: \w\a\]$PS1"
+    ;;
+*)
+    ;;
+esac
+
+# enable color support of ls and also add handy aliases
+if [ -x /usr/bin/dircolors ]; then
+    test -r ~/.dircolors && eval "$(dircolors -b ~/.dircolors)" || eval "$(dircolors -b)"
+    alias ls='ls --color=auto'
+    alias dir='dir --color=auto'
+    alias vdir='vdir --color=auto'
+
+    alias grep='grep --color=auto'
+    alias fgrep='fgrep --color=auto'
+    alias egrep='egrep --color=auto'
+fi
+
+# colored GCC warnings and errors
+#export GCC_COLORS='error=01;31:warning=01;35:note=01;36:caret=01;32:locus=01:quote=01'
+
+export TERM=xterm-256color
+
+# some more ls aliases
+alias ll='ls -alF'
+alias la='ls -A'
+alias l='ls -CF'
+
+# Alias definitions.
+# You may want to put all your additions into a separate file like
+# ~/.bash_aliases, instead of adding them here directly.
+# See /usr/share/doc/bash-doc/examples in the bash-doc package.
+
+if [ -f ~/.bash_aliases ]; then
+    . ~/.bash_aliases
+fi
+
+# enable programmable completion features (you don't need to enable
+# this, if it's already enabled in /etc/bash.bashrc and /etc/profile
+# sources /etc/bash.bashrc).
+if ! shopt -oq posix; then
+  if [ -f /usr/share/bash-completion/bash_completion ]; then
+    . /usr/share/bash-completion/bash_completion
+  elif [ -f /etc/bash_completion ]; then
+    . /etc/bash_completion
+  fi
+fi

youngjin.han/dot-cdist/type/__my_dotfiles/files/.profile

@@ -0,0 +1,24 @@
+# ~/.profile: executed by the command interpreter for login shells.
+# This file is not read by bash(1), if ~/.bash_profile or ~/.bash_login
+# exists.
+# see /usr/share/doc/bash/examples/startup-files for examples.
+# the files are located in the bash-doc package.
+
+# the default umask is set in /etc/profile; for setting the umask
+# for ssh logins, install and configure the libpam-umask package.
+#umask 022
+
+# if running bash
+if [ -n "$BASH_VERSION" ]; then
+    # include .bashrc if it exists
+    if [ -f "$HOME/.bashrc" ]; then
+	. "$HOME/.bashrc"
+    fi
+fi
+
+# set PATH so it includes user's private bin if it exists
+if [ -d "$HOME/bin" ] ; then
+    PATH="$HOME/bin:$PATH"
+fi
+
+export PATH=$PATH:/sbin:/usr/sbin

youngjin.han/dot-cdist/type/__my_dotfiles/manifest

@@ -0,0 +1,10 @@
+#!/bin/sh -e
+
+cd "$__type/files/"
+dotfiles=$(ls -a .[A-z]*)
+
+for df in $dotfiles; do
+    __file ~/$df \
+	    --mode 0644 --source "$__type/files/$df"
+done
+

youngjin.han/dot-cdist/type/__my_nginx/manifest

@@ -0,0 +1,8 @@
+#!/bin/sh -e
+
+# update package index
+__apt_update_index
+
+require="__apt_update_index" __package nginx --state=present
+
+

youngjin.han/dot-cdist/type/__my_nginx_site/gencode-remote

@@ -0,0 +1 @@
+echo "sudo service nginx reload"

youngjin.han/dot-cdist/type/__my_nginx_site/manifest

@@ -0,0 +1,54 @@
+#!/bin/sh -e
+
+os=$(cat "$__global/explorer/os")
+
+case "$os" in
+    devuan)
+        :
+    ;;
+    *)
+        echo "OS $os currently not supported" >&2
+        exit 1
+    ;;
+esac
+
+nginx_config_dir="/etc/nginx/conf.d"
+domain="$__object_id"
+
+__directory /var/www/html/$domain \
+            --parents --mode 0755
+
+require="__directory//var/www/html/$domain" \
+	__file /var/www/html/$domain/index.html \
+	--mode 0644 --source - << EOF
+Hello Cdist!!!
+EOF
+
+__my_nginx
+
+# configure nginx
+require="__my_nginx" \
+        __file "$nginx_config_dir/${domain}.conf" \
+        --mode 0644 --source - << EOF
+server {
+        listen 80;
+        listen [::]:80;
+
+        server_name $domain;
+
+        access_log  /var/log/nginx/access.log;
+
+        client_max_body_size 256m;
+
+        location / {
+                root   /var/www/html/$domain;
+                index  index.html index.htm;
+        }
+
+        error_page   500 502 503 504  /50x.html;
+
+        location = /50x.html {
+                root   /var/www/html/$domain;
+        }
+}
+EOF

youngjin.han/learning-node02-2020.org

@@ -1,24 +1,130 @@
+* 2020-05-15
+*** cdist #6: Glueing it together
+**** Lecture content
+***** Objective
+      - Apply learnings from the previous cdist sessions
+***** Steps 1: *__all_in_one* (1.25h)
+      - Create a new type named *__all_in_one*
+        - Decide yourself whether it is a singleton or not
+        - Reason why in your cdist.org file
+      - It should work on alpine, debian and fedora
+      - It accepts the following parameters:
+        - *--with-x* (boolean)
+        - *--extra-packages* (optional multiple)
+      - On Alpine, it should install netcat-openbsd and tshark
+      - On Debian, it should install netcat tshark
+      - On Fedora, it should install nmap-ncat wireshark-cli
+      - On all operating systems install socat sipcalc sudo
+      - If the detected operating system is neither
+        Alpine/Debian/Fedora, output an error message and abort the
+        manifest with exit code 1
+      - Additionally install all packages specified by the *--extra-packages* parameter
+***** Steps 2: *__firewall* (1.25h)
+      - Create a new type *__my_firewall*
+      - Add a *type explorer* to find out whether nft is present on
+        the target system
+      - Add a required parameter named *file*
+      - If the type explorer does not detect nft on the target system,
+        abort with an error message
+      - Deploy the specified file to */etc/my-nftables*
+      - Add a *type explorer* that reads the current nft rules
+      - If the rules are different on the target host, apply the new
+        ruleset by generating code in *gencode-remote*
+      - If the filename specified by the *file* parameter is *-* (the
+        minus sign), then the type should read from *stdin*
+***** Step 3: manifest (0.5h)
+      - Create a new manifest in the folder that contains the initial manifest
+      - Name the new manifest *firewall*
+      - Source the *firewall* manifest in the *initial* manifest
+      - In the *firewall* manifest, match on *localhost*
+        - Install nftables
+        - Use the *__firewall* type
+        - Use correct *require* parameter to ensure that nftables is
+          installed before the *__firewall* type is run
+* 2020-05-13
+*** cdist #5: Generating Code & Exploring
+**** Lecture content
+***** Objective
+      - Understand how to *generate code* and when to use it
+      - Exploring explorers
+***** DONE Code generation steps
+      CLOSED: [2020-05-14 목 00:54]
+      - Modify the previously created type *__my_nginx_site*
+      - Read about cdist messaging
+      - If there was a change in the nginx configuration file, reload nginx
+***** DONE Explorer steps
+      CLOSED: [2020-05-14 목 00:54]
+      - Modify the *__my_nginx_site* type to use the *os explorer*
+      - Adjust your type to work on Alpine Linux and Debian (or two
+        other Linux distributions of your choice)
+      - Set the nginx configuration directory accordingly
+***** DONE Documentation
+      CLOSED: [2020-05-14 목 00:54]
+      - Explain the following in your cdist.org file
+      - What is the difference between gencode-remote and the remote code?
+      - What is the difference between gencode-local and gencode-remote?
+      - Locate a type that comes with upstream cdist that uses
+        gencode-local - which one is it? Why does it need gencode-local?
+* 2020-05-11
+*** cdist #4: Requirements
+**** Lecture content
+***** Objective
+      - Understand how requirements work
+***** DONE Create a new type *__my_nginx*
+      CLOSED: [2020-05-12 화 02:22]
+      - Make it a *singleton*
+      - Make it install nginx
+      - Configure a host with it
+      - Usually nginx is configured includes some files
+      - On the target host find out which directory nginx includes
+      - We name this directory *nginx_config_dir*
+***** DONE Create a new type *__my_nginx_site*
+      CLOSED: [2020-05-12 화 02:22]
+      - Assume the *object_id* is a *domain*
+      - In the __my_nginx_site create a file inside the *nginx_config_dir*
+      - The filename is *${domain}.conf*
+      - When using *__file*, it should *require* the *nginx package*
+        - Read about cdist dependencies
+      - The file should be a valid nginx configuration
+      - The *server name* should be set to the specified domain
+      - The *root* directive should point to /var/www/html/DOMAIN
+        - (replace DOMAIN with the actual domain)
+***** DONE Use both types in the initial manifest to configure the target host
+      CLOSED: [2020-05-15 금 21:07]
+      - Create at least two domains
+***** DONE Configure the target host
+      CLOSED: [2020-05-15 금 21:08]
+      - Verify that the configuration files are properly created
+***** DONE Delete the nginx package manually on the target host
+      CLOSED: [2020-05-15 금 21:08]
+***** DONE Comment out *__my_nginx* from the initial manifest, keep the *__my_nginx_site*
+      CLOSED: [2020-05-15 금 21:08]
+      - Explain the error that you get (in your cdist.org file)
 * 2020-05-08
 *** cdist #3: type parameters
 **** Lecture content
-***** TODO Create a new type named *__colourful_file*
+***** DONE Create a new type named *__colourful_file*
-****** TODO The objective is to create a type that creates colourful file
+      CLOSED: [2020-05-15 금 20:29]
-****** TODO The content of the file should be "colour=...", where "..." is a colour specified by a parameter
+      - The objective is to create a type that creates colourful file
-****** TODO Add an *optional parameter* named *colour*
+      - The content of the file should be "colour=...", where "..." is a colour specified by a parameter
-****** TODO Use the **__file** type inside your type to create a file
+      - Add an *optional parameter* named *colour*
-****** TODO Use the *$__object_id* variable inside your type
+      - Use the **__file** type inside your type to create a file
-***** TODO Extend your type to be more colourful
+      - Use the *$__object_id* variable inside your type
-****** TODO Modify the *optional parameter* to be able to be specified *multiple times*
+***** DONE Extend your type to be more colourful
-****** TODO For each time it is specified, add a line "colour=..." to the file
+      CLOSED: [2020-05-15 금 20:29]
-***** TODO Create a new type *__my_dotfiles*
+      - Modify the *optional parameter* to be able to be specified *multiple times*
-****** TODO Objective is to manage the dotfiles in your home directory
+      - For each time it is specified, add a line "colour=..." to the file
-****** TODO Make it a *singleton* type
+***** DONE Create a new type *__my_dotfiles*
-****** TODO Create a sub directory *files* in the type
+      CLOSED: [2020-05-15 금 21:07]
-****** TODO Add your .emacs config to the files folder
+      - Objective is to manage the dotfiles in your home directory
-****** TODO Add a *for* loop to your type to deploy .[A-z]* to your home directory
+      - Make it a *singleton* type
-****** TODO Add a .bashrc or .zshrc to the files folder (depending on your shell)
+      - Create a sub directory *files* in the type
-****** TODO In the initial manifest, add __my_dotfiles when the target host is localhost
+      - Add your .emacs config to the files folder
-***** TODO As usual commit all changes to your ungleich-learning-circle repo
+      - Add a *for* loop to your type to deploy .[A-z]* to your home directory
+      - Add a .bashrc or .zshrc to the files folder (depending on your shell)
+      - In the initial manifest, add __my_dotfiles when the target host is localhost
+***** DONE As usual commit all changes to your ungleich-learning-circle repo
+      CLOSED: [2020-05-15 금 21:07]
 * 2020-05-06
 ** cdist #2: Your first cdist type
 **** Lecture content