From 65ddc29dbde9fd7c4525ea8e05b2d2cb48cdbce8 Mon Sep 17 00:00:00 2001 From: Youngjin Han Date: Fri, 15 May 2020 19:50:26 +0900 Subject: [PATCH] Learning Circle : cdist #6 - update contents --- .gitignore | 2 + youngjin.han/learning-node02-2020.org | 109 ++++++++++++++++++-------- 2 files changed, 78 insertions(+), 33 deletions(-) diff --git a/.gitignore b/.gitignore index 1be44a1..a7ddd91 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,4 @@ /youngjin.han/dot-cdist/type/__my_computer/manifest~ /youngjin.han/cdist.org~ +/youngjin.han/dot-cdist/type/__colourful_file/file/colourful~ +/youngjin.han/dot-cdist/type/__colourful_file/manifest~ diff --git a/youngjin.han/learning-node02-2020.org b/youngjin.han/learning-node02-2020.org index 10f0f3d..88b148b 100644 --- a/youngjin.han/learning-node02-2020.org +++ b/youngjin.han/learning-node02-2020.org @@ -1,3 +1,46 @@ +* 2020-05-15 +*** cdist #6: Glueing it together +**** Lecture content +***** Objective + - Apply learnings from the previous cdist sessions +***** Steps 1: *__all_in_one* (1.25h) + - Create a new type named *__all_in_one* + - Decide yourself whether it is a singleton or not + - Reason why in your cdist.org file + - It should work on alpine, debian and fedora + - It accepts the following parameters: + - *--with-x* (boolean) + - *--extra-packages* (optional multiple) + - On Alpine, it should install netcat-openbsd and tshark + - On Debian, it should install netcat tshark + - On Fedora, it should install nmap-ncat wireshark-cli + - On all operating systems install socat sipcalc sudo + - If the detected operating system is neither + Alpine/Debian/Fedora, output an error message and abort the + manifest with exit code 1 + - Additionally install all packages specified by the *--extra-packages* parameter +***** Steps 2: *__firewall* (1.25h) + - Create a new type *__my_firewall* + - Add a *type explorer* to find out whether nft is present on + the target system + - Add a required parameter named *file* + - If the type explorer does not detect nft on the target system, + abort with an error message + - Deploy the specified file to */etc/my-nftables* + - Add a *type explorer* that reads the current nft rules + - If the rules are different on the target host, apply the new + ruleset by generating code in *gencode-remote* + - If the filename specified by the *file* parameter is *-* (the + minus sign), then the type should read from *stdin* +***** Step 3: manifest (0.5h) + - Create a new manifest in the folder that contains the initial manifest + - Name the new manifest *firewall* + - Source the *firewall* manifest in the *initial* manifest + - In the *firewall* manifest, match on *localhost* + - Install nftables + - Use the *__firewall* type + - Use correct *require* parameter to ensure that nftables is + installed before the *__firewall* type is run * 2020-05-13 *** cdist #5: Generating Code & Exploring **** Lecture content @@ -26,53 +69,53 @@ *** cdist #4: Requirements **** Lecture content ***** Objective -****** Understand how requirements work + - Understand how requirements work ***** DONE Create a new type *__my_nginx* CLOSED: [2020-05-12 화 02:22] -****** Make it a *singleton* -****** Make it install nginx -****** Configure a host with it -****** Usually nginx is configured includes some files -****** On the target host find out which directory nginx includes -****** We name this directory *nginx_config_dir* + - Make it a *singleton* + - Make it install nginx + - Configure a host with it + - Usually nginx is configured includes some files + - On the target host find out which directory nginx includes + - We name this directory *nginx_config_dir* ***** DONE Create a new type *__my_nginx_site* CLOSED: [2020-05-12 화 02:22] -****** Assume the *object_id* is a *domain* -****** In the __my_nginx_site create a file inside the *nginx_config_dir* -****** The filename is *${domain}.conf* -****** When using *__file*, it should *require* the *nginx package* -******* Read about cdist dependencies -****** The file should be a valid nginx configuration -****** The *server name* should be set to the specified domain -****** The *root* directive should point to /var/www/html/DOMAIN -******* (replace DOMAIN with the actual domain) + - Assume the *object_id* is a *domain* + - In the __my_nginx_site create a file inside the *nginx_config_dir* + - The filename is *${domain}.conf* + - When using *__file*, it should *require* the *nginx package* + - Read about cdist dependencies + - The file should be a valid nginx configuration + - The *server name* should be set to the specified domain + - The *root* directive should point to /var/www/html/DOMAIN + - (replace DOMAIN with the actual domain) ***** Use both types in the initial manifest to configure the target host -****** Create at least two domains + - Create at least two domains ***** Configure the target host -****** Verify that the configuration files are properly created + - Verify that the configuration files are properly created ***** Delete the nginx package manually on the target host ***** Comment out *__my_nginx* from the initial manifest, keep the *__my_nginx_site* -****** Explain the error that you get (in your cdist.org file) + - Explain the error that you get (in your cdist.org file) * 2020-05-08 *** cdist #3: type parameters **** Lecture content ***** TODO Create a new type named *__colourful_file* -****** TODO The objective is to create a type that creates colourful file -****** TODO The content of the file should be "colour=...", where "..." is a colour specified by a parameter -****** TODO Add an *optional parameter* named *colour* -****** TODO Use the **__file** type inside your type to create a file -****** TODO Use the *$__object_id* variable inside your type + - The objective is to create a type that creates colourful file + - The content of the file should be "colour=...", where "..." is a colour specified by a parameter + - Add an *optional parameter* named *colour* + - Use the **__file** type inside your type to create a file + - Use the *$__object_id* variable inside your type ***** TODO Extend your type to be more colourful -****** TODO Modify the *optional parameter* to be able to be specified *multiple times* -****** TODO For each time it is specified, add a line "colour=..." to the file + - Modify the *optional parameter* to be able to be specified *multiple times* + - For each time it is specified, add a line "colour=..." to the file ***** TODO Create a new type *__my_dotfiles* -****** TODO Objective is to manage the dotfiles in your home directory -****** TODO Make it a *singleton* type -****** TODO Create a sub directory *files* in the type -****** TODO Add your .emacs config to the files folder -****** TODO Add a *for* loop to your type to deploy .[A-z]* to your home directory -****** TODO Add a .bashrc or .zshrc to the files folder (depending on your shell) -****** TODO In the initial manifest, add __my_dotfiles when the target host is localhost + - Objective is to manage the dotfiles in your home directory + - Make it a *singleton* type + - Create a sub directory *files* in the type + - Add your .emacs config to the files folder + - Add a *for* loop to your type to deploy .[A-z]* to your home directory + - Add a .bashrc or .zshrc to the files folder (depending on your shell) + - In the initial manifest, add __my_dotfiles when the target host is localhost ***** TODO As usual commit all changes to your ungleich-learning-circle repo * 2020-05-06 ** cdist #2: Your first cdist type