ungleich-public/ungleich-learning-circle
6
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Learning Circle : cdist 6 - update contents

Browse source
This commit is contained in:
youngjin.han 2020-05-15 19:50:26 +09:00
parent 76fb5ec575
commit 55d8144976
2 changed files with 78 additions and 33 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
.gitignore vendored
View file

@ -1,2 +1,4 @@
/youngjin.han/dot-cdist/type/__my_computer/manifest~ /youngjin.han/dot-cdist/type/__my_computer/manifest~
/youngjin.han/cdist.org~ /youngjin.han/cdist.org~
/youngjin.han/dot-cdist/type/__colourful_file/file/colourful~
/youngjin.han/dot-cdist/type/__colourful_file/manifest~

109
youngjin.han/learning-node02-2020.org
View file

@ -1,3 +1,46 @@
* 2020-05-15
*** cdist #6: Glueing it together
**** Lecture content
***** Objective
- Apply learnings from the previous cdist sessions
***** Steps 1: *__all_in_one* (1.25h)
- Create a new type named *__all_in_one*
- Decide yourself whether it is a singleton or not
- Reason why in your cdist.org file
- It should work on alpine, debian and fedora
- It accepts the following parameters:
- *--with-x* (boolean)
- *--extra-packages* (optional multiple)
- On Alpine, it should install netcat-openbsd and tshark
- On Debian, it should install netcat tshark
- On Fedora, it should install nmap-ncat wireshark-cli
- On all operating systems install socat sipcalc sudo
- If the detected operating system is neither
Alpine/Debian/Fedora, output an error message and abort the
manifest with exit code 1
- Additionally install all packages specified by the *--extra-packages* parameter
***** Steps 2: *__firewall* (1.25h)
- Create a new type *__my_firewall*
- Add a *type explorer* to find out whether nft is present on
the target system
- Add a required parameter named *file*
- If the type explorer does not detect nft on the target system,
abort with an error message
- Deploy the specified file to */etc/my-nftables*
- Add a *type explorer* that reads the current nft rules
- If the rules are different on the target host, apply the new
ruleset by generating code in *gencode-remote*
- If the filename specified by the *file* parameter is *-* (the
minus sign), then the type should read from *stdin*
***** Step 3: manifest (0.5h)
- Create a new manifest in the folder that contains the initial manifest
- Name the new manifest *firewall*
- Source the *firewall* manifest in the *initial* manifest
- In the *firewall* manifest, match on *localhost*
- Install nftables
- Use the *__firewall* type
- Use correct *require* parameter to ensure that nftables is
installed before the *__firewall* type is run
* 2020-05-13 * 2020-05-13
*** cdist #5: Generating Code & Exploring *** cdist #5: Generating Code & Exploring
**** Lecture content **** Lecture content
@ -26,53 +69,53 @@
*** cdist #4: Requirements *** cdist #4: Requirements
**** Lecture content **** Lecture content
***** Objective ***** Objective
****** Understand how requirements work - Understand how requirements work
***** DONE Create a new type *__my_nginx* ***** DONE Create a new type *__my_nginx*
CLOSED: [2020-05-12 화 02:22] CLOSED: [2020-05-12 화 02:22]
****** Make it a *singleton* - Make it a *singleton*
****** Make it install nginx - Make it install nginx
****** Configure a host with it - Configure a host with it
****** Usually nginx is configured includes some files - Usually nginx is configured includes some files
****** On the target host find out which directory nginx includes - On the target host find out which directory nginx includes
****** We name this directory *nginx_config_dir* - We name this directory *nginx_config_dir*
***** DONE Create a new type *__my_nginx_site* ***** DONE Create a new type *__my_nginx_site*
CLOSED: [2020-05-12 화 02:22] CLOSED: [2020-05-12 화 02:22]
****** Assume the *object_id* is a *domain* - Assume the *object_id* is a *domain*
****** In the __my_nginx_site create a file inside the *nginx_config_dir* - In the __my_nginx_site create a file inside the *nginx_config_dir*
****** The filename is *${domain}.conf* - The filename is *${domain}.conf*
****** When using *__file*, it should *require* the *nginx package* - When using *__file*, it should *require* the *nginx package*
******* Read about cdist dependencies - Read about cdist dependencies
****** The file should be a valid nginx configuration - The file should be a valid nginx configuration
****** The *server name* should be set to the specified domain - The *server name* should be set to the specified domain
****** The *root* directive should point to /var/www/html/DOMAIN - The *root* directive should point to /var/www/html/DOMAIN
******* (replace DOMAIN with the actual domain) - (replace DOMAIN with the actual domain)
***** Use both types in the initial manifest to configure the target host ***** Use both types in the initial manifest to configure the target host
****** Create at least two domains - Create at least two domains
***** Configure the target host ***** Configure the target host
****** Verify that the configuration files are properly created - Verify that the configuration files are properly created
***** Delete the nginx package manually on the target host ***** Delete the nginx package manually on the target host
***** Comment out *__my_nginx* from the initial manifest, keep the *__my_nginx_site* ***** Comment out *__my_nginx* from the initial manifest, keep the *__my_nginx_site*
****** Explain the error that you get (in your cdist.org file) - Explain the error that you get (in your cdist.org file)
* 2020-05-08 * 2020-05-08
*** cdist #3: type parameters *** cdist #3: type parameters
**** Lecture content **** Lecture content
***** TODO Create a new type named *__colourful_file* ***** TODO Create a new type named *__colourful_file*
****** TODO The objective is to create a type that creates colourful file - The objective is to create a type that creates colourful file
****** TODO The content of the file should be "colour=...", where "..." is a colour specified by a parameter - The content of the file should be "colour=...", where "..." is a colour specified by a parameter
****** TODO Add an *optional parameter* named *colour* - Add an *optional parameter* named *colour*
****** TODO Use the **__file** type inside your type to create a file - Use the **__file** type inside your type to create a file
****** TODO Use the *$__object_id* variable inside your type - Use the *$__object_id* variable inside your type
***** TODO Extend your type to be more colourful ***** TODO Extend your type to be more colourful
****** TODO Modify the *optional parameter* to be able to be specified *multiple times* - Modify the *optional parameter* to be able to be specified *multiple times*
****** TODO For each time it is specified, add a line "colour=..." to the file - For each time it is specified, add a line "colour=..." to the file
***** TODO Create a new type *__my_dotfiles* ***** TODO Create a new type *__my_dotfiles*
****** TODO Objective is to manage the dotfiles in your home directory - Objective is to manage the dotfiles in your home directory
****** TODO Make it a *singleton* type - Make it a *singleton* type
****** TODO Create a sub directory *files* in the type - Create a sub directory *files* in the type
****** TODO Add your .emacs config to the files folder - Add your .emacs config to the files folder
****** TODO Add a *for* loop to your type to deploy .[A-z]* to your home directory - Add a *for* loop to your type to deploy .[A-z]* to your home directory
****** TODO Add a .bashrc or .zshrc to the files folder (depending on your shell) - Add a .bashrc or .zshrc to the files folder (depending on your shell)
****** TODO In the initial manifest, add __my_dotfiles when the target host is localhost - In the initial manifest, add __my_dotfiles when the target host is localhost
***** TODO As usual commit all changes to your ungleich-learning-circle repo ***** TODO As usual commit all changes to your ungleich-learning-circle repo
* 2020-05-06 * 2020-05-06
** cdist #2: Your first cdist type ** cdist #2: Your first cdist type