From 0d53ae97681965c332d77eab9b0defd2fa226333 Mon Sep 17 00:00:00 2001 From: samuel Date: Fri, 8 May 2020 12:10:48 +0200 Subject: [PATCH 01/33] revison --- sami/my-cdist/.cdist/sample | 1 - .../.cdist/type/__my_computer/manifest | 25 +++++++++++ .../singleton} | 0 .../__sample_bottle_hosting/gencode-remote | 1 - .../type/__sample_bottle_hosting/manifest | 43 ------------------- .../parameter/required | 4 -- .../.cdist/type/__sample_nginx/manifest | 13 ------ .../gencode-remote | 1 - .../manifest | 25 ----------- .../parameter/required | 1 - 10 files changed, 25 insertions(+), 89 deletions(-) delete mode 100644 sami/my-cdist/.cdist/sample create mode 100755 sami/my-cdist/.cdist/type/__my_computer/manifest rename sami/my-cdist/.cdist/type/{__sample_nginx/gencode-remote => __my_computer/singleton} (100%) delete mode 100644 sami/my-cdist/.cdist/type/__sample_bottle_hosting/gencode-remote delete mode 100644 sami/my-cdist/.cdist/type/__sample_bottle_hosting/manifest delete mode 100644 sami/my-cdist/.cdist/type/__sample_bottle_hosting/parameter/required delete mode 100644 sami/my-cdist/.cdist/type/__sample_nginx/manifest delete mode 100644 sami/my-cdist/.cdist/type/__sample_nginx_http_letsencrypt_and_ssl_redirect/gencode-remote delete mode 100644 sami/my-cdist/.cdist/type/__sample_nginx_http_letsencrypt_and_ssl_redirect/manifest delete mode 100644 sami/my-cdist/.cdist/type/__sample_nginx_http_letsencrypt_and_ssl_redirect/parameter/required diff --git a/sami/my-cdist/.cdist/sample b/sami/my-cdist/.cdist/sample deleted file mode 100644 index c28e3ac..0000000 --- a/sami/my-cdist/.cdist/sample +++ /dev/null @@ -1 +0,0 @@ -__sample_bottle_hosting --projectname sample --user app --domain $__target_host sample diff --git a/sami/my-cdist/.cdist/type/__my_computer/manifest b/sami/my-cdist/.cdist/type/__my_computer/manifest new file mode 100755 index 0000000..07320cd --- /dev/null +++ b/sami/my-cdist/.cdist/type/__my_computer/manifest @@ -0,0 +1,25 @@ +#!/bin/sh -e +# +# 2012 Nico Schottelius (nico-cdist at schottelius.org) +# +# This file is part of cdist. +# +# cdist is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# cdist is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with cdist. If not, see . +# +# +# Ensure sipcalc is present +# + +__package sipcalc --state present + diff --git a/sami/my-cdist/.cdist/type/__sample_nginx/gencode-remote b/sami/my-cdist/.cdist/type/__my_computer/singleton similarity index 100% rename from sami/my-cdist/.cdist/type/__sample_nginx/gencode-remote rename to sami/my-cdist/.cdist/type/__my_computer/singleton diff --git a/sami/my-cdist/.cdist/type/__sample_bottle_hosting/gencode-remote b/sami/my-cdist/.cdist/type/__sample_bottle_hosting/gencode-remote deleted file mode 100644 index a4cceb5..0000000 --- a/sami/my-cdist/.cdist/type/__sample_bottle_hosting/gencode-remote +++ /dev/null @@ -1 +0,0 @@ -echo "service nginx restart" diff --git a/sami/my-cdist/.cdist/type/__sample_bottle_hosting/manifest b/sami/my-cdist/.cdist/type/__sample_bottle_hosting/manifest deleted file mode 100644 index d0b9ecd..0000000 --- a/sami/my-cdist/.cdist/type/__sample_bottle_hosting/manifest +++ /dev/null @@ -1,43 +0,0 @@ -os=$(cat "$__global/explorer/os") - -case "$os" in - ubuntu) - : - ;; - *) - echo "OS $os currently not supported" >&2 - exit 1 - ;; -esac - - -user="$(cat "$__object/parameter/user")" -home="/home/$user" -apphome="$home/app" - -# create user -__user "$user" --home "$home" --shell /bin/bash -# create user home dir -require="__user/$user" __directory "$home" \ - --owner "$user" --group "$user" --mode 0755 -# create app home dir -require="__user/$user __directory/$home" __directory "$apphome" \ - --state present --owner "$user" --group "$user" --mode 0755 - - -# define packages that need to be installed -packages_to_install="nginx uwsgi-plugin-python3 python3-dev python3-pip postgresql postgresql-contrib libpq-dev python3-venv uwsgi python3-psycopg2" - -# update package index -__apt_update_index -# install packages -for package in $packages_to_install - do require="__apt_update_index" __package $package --state=present -done - -# install pip3 packages -for package in bottle bottle-pgsql; do - __package_pip --pip pip3 $package -done - - diff --git a/sami/my-cdist/.cdist/type/__sample_bottle_hosting/parameter/required b/sami/my-cdist/.cdist/type/__sample_bottle_hosting/parameter/required deleted file mode 100644 index 719e766..0000000 --- a/sami/my-cdist/.cdist/type/__sample_bottle_hosting/parameter/required +++ /dev/null @@ -1,4 +0,0 @@ -# required parameter -projectname -user -domain diff --git a/sami/my-cdist/.cdist/type/__sample_nginx/manifest b/sami/my-cdist/.cdist/type/__sample_nginx/manifest deleted file mode 100644 index 14a9ac9..0000000 --- a/sami/my-cdist/.cdist/type/__sample_nginx/manifest +++ /dev/null @@ -1,13 +0,0 @@ -domain="$(cat "$__object/parameter/domain")" -webroot="/var/www/html" -__sample_nginx_http_letsencrypt_and_ssl_redirect "$domain" --webroot "$webroot" - - -# create SSL cert -require="__package/nginx __sample_nginx_http_letsencrypt_and_ssl_redirect/$domain" \ - __letsencrypt_cert --admin-email samuel.hailu@ungleich.ch \ - --webroot "$webroot" \ - --automatic-renewal \ - --renew-hook "service nginx reload" \ - --domain "$domain" \ - "$domain" diff --git a/sami/my-cdist/.cdist/type/__sample_nginx_http_letsencrypt_and_ssl_redirect/gencode-remote b/sami/my-cdist/.cdist/type/__sample_nginx_http_letsencrypt_and_ssl_redirect/gencode-remote deleted file mode 100644 index 9adb30b..0000000 --- a/sami/my-cdist/.cdist/type/__sample_nginx_http_letsencrypt_and_ssl_redirect/gencode-remote +++ /dev/null @@ -1 +0,0 @@ -echo "service nginx reload" diff --git a/sami/my-cdist/.cdist/type/__sample_nginx_http_letsencrypt_and_ssl_redirect/manifest b/sami/my-cdist/.cdist/type/__sample_nginx_http_letsencrypt_and_ssl_redirect/manifest deleted file mode 100644 index 38ca444..0000000 --- a/sami/my-cdist/.cdist/type/__sample_nginx_http_letsencrypt_and_ssl_redirect/manifest +++ /dev/null @@ -1,25 +0,0 @@ -domain="$__object_id" -webroot="$(cat "$__object/parameter/webroot")" -# make sure we have nginx package -__package nginx -# setup Let's Encrypt HTTP acme challenge, redirect HTTP to HTTPS -require="__package/nginx" __file "/etc/nginx/sites-enabled/http-$domain" \ - --source - --mode 0644 << EOF -server { - listen *:80; - listen [::]:80; - - server_name $domain; - - # Let's Encrypt - location /.well-known/acme-challenge/ { - root $webroot; - } - - # Everything else -> SSL - location / { - return 301 https://\$host\$request_uri; - } -} - -EOF diff --git a/sami/my-cdist/.cdist/type/__sample_nginx_http_letsencrypt_and_ssl_redirect/parameter/required b/sami/my-cdist/.cdist/type/__sample_nginx_http_letsencrypt_and_ssl_redirect/parameter/required deleted file mode 100644 index fc7c3e9..0000000 --- a/sami/my-cdist/.cdist/type/__sample_nginx_http_letsencrypt_and_ssl_redirect/parameter/required +++ /dev/null @@ -1 +0,0 @@ -webroot From 44f72d34f842e1b9f13000a3ee986457e03028cc Mon Sep 17 00:00:00 2001 From: Youngjin Han Date: Sat, 9 May 2020 00:25:57 +0900 Subject: [PATCH 02/33] Learning Circle : cdist #3 initial commit --- .../type/__colourful_file/file/colourful | 9 ++++++++ .../dot-cdist/type/__colourful_file/manifest | 14 +++++++++++++ .../type/__colourful_file/parameter/optional | 1 + .../dot-cdist/type/__colourful_file/singleton | 0 youngjin.han/learning-node02-2020.org | 21 +++++++++++++++++++ 5 files changed, 45 insertions(+) create mode 100644 youngjin.han/dot-cdist/type/__colourful_file/file/colourful create mode 100644 youngjin.han/dot-cdist/type/__colourful_file/manifest create mode 100644 youngjin.han/dot-cdist/type/__colourful_file/parameter/optional create mode 100644 youngjin.han/dot-cdist/type/__colourful_file/singleton diff --git a/youngjin.han/dot-cdist/type/__colourful_file/file/colourful b/youngjin.han/dot-cdist/type/__colourful_file/file/colourful new file mode 100644 index 0000000..79fda42 --- /dev/null +++ b/youngjin.han/dot-cdist/type/__colourful_file/file/colourful @@ -0,0 +1,9 @@ +colour=\ +yellow\ +black\ +white\ +grey\ +puple\ +green\ +red\ +blue \ No newline at end of file diff --git a/youngjin.han/dot-cdist/type/__colourful_file/manifest b/youngjin.han/dot-cdist/type/__colourful_file/manifest new file mode 100644 index 0000000..7248b48 --- /dev/null +++ b/youngjin.han/dot-cdist/type/__colourful_file/manifest @@ -0,0 +1,14 @@ +#!/bin/sh -e + +__file ~/colourful +printf "colour=" > ~/colourful + +# parameter with multiple values +if [ -f "$__object/parameter/colour" ]; then + colour="$(cat "$__object/parameter/colour")" + echo $colour >> ~/colourful +# for alias in $(cat "$__object/parameter/colour"); do +# echo $alias >> ~/colourful +# done +fi + diff --git a/youngjin.han/dot-cdist/type/__colourful_file/parameter/optional b/youngjin.han/dot-cdist/type/__colourful_file/parameter/optional new file mode 100644 index 0000000..b0d95fa --- /dev/null +++ b/youngjin.han/dot-cdist/type/__colourful_file/parameter/optional @@ -0,0 +1 @@ +colour diff --git a/youngjin.han/dot-cdist/type/__colourful_file/singleton b/youngjin.han/dot-cdist/type/__colourful_file/singleton new file mode 100644 index 0000000..e69de29 diff --git a/youngjin.han/learning-node02-2020.org b/youngjin.han/learning-node02-2020.org index 1fb6d2c..fa69ac2 100644 --- a/youngjin.han/learning-node02-2020.org +++ b/youngjin.han/learning-node02-2020.org @@ -1,3 +1,24 @@ +* 2020-05-08 +*** cdist #3: type parameters +**** Lecture content +***** TODO Create a new type named *__colourful_file* +****** TODO The objective is to create a type that creates colourful file +****** TODO The content of the file should be "colour=...", where "..." is a colour specified by a parameter +****** TODO Add an *optional parameter* named *colour* +****** TODO Use the **__file** type inside your type to create a file +****** TODO Use the *$__object_id* variable inside your type +***** TODO Extend your type to be more colourful +****** TODO Modify the *optional parameter* to be able to be specified *multiple times* +****** TODO For each time it is specified, add a line "colour=..." to the file +***** TODO Create a new type *__my_dotfiles* +****** TODO Objective is to manage the dotfiles in your home directory +****** TODO Make it a *singleton* type +****** TODO Create a sub directory *files* in the type +****** TODO Add your .emacs config to the files folder +****** TODO Add a *for* loop to your type to deploy .[A-z]* to your home directory +****** TODO Add a .bashrc or .zshrc to the files folder (depending on your shell) +****** TODO In the initial manifest, add __my_dotfiles when the target host is localhost +***** TODO As usual commit all changes to your ungleich-learning-circle repo * 2020-05-06 ** cdist #2: Your first cdist type **** Lecture content From 58c6df72bbee9a5d83b3a7c7dce0089f1b028063 Mon Sep 17 00:00:00 2001 From: Youngjin Han Date: Sat, 9 May 2020 00:27:49 +0900 Subject: [PATCH 03/33] Learning Circle : cdist #3 2nd commit --- youngjin.han/dot-cdist/manifest/init | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/youngjin.han/dot-cdist/manifest/init b/youngjin.han/dot-cdist/manifest/init index 1645f89..2bca0b6 100644 --- a/youngjin.han/dot-cdist/manifest/init +++ b/youngjin.han/dot-cdist/manifest/init @@ -4,6 +4,12 @@ case "$__target_host" in localhost) __motd __timezone Asia/Seoul +# __my_computer + __colourful_file --colour yellow + ;; + jafo.laptop) + __motd + __timezone Asia/Seoul __my_computer ;; esac From 6d8a54a1b5140dec906379c0c943f68c36e93aee Mon Sep 17 00:00:00 2001 From: elf Date: Sat, 9 May 2020 02:59:33 +0900 Subject: [PATCH 04/33] [cdist #3] create __colourful_file type --- kjg/dot-cdist/manifest/init | 3 ++- kjg/dot-cdist/type/__colourful_file/manifest | 10 ++++++++++ kjg/dot-cdist/type/__colourful_file/parameter/optional | 1 + 3 files changed, 13 insertions(+), 1 deletion(-) create mode 100644 kjg/dot-cdist/type/__colourful_file/manifest create mode 100644 kjg/dot-cdist/type/__colourful_file/parameter/optional diff --git a/kjg/dot-cdist/manifest/init b/kjg/dot-cdist/manifest/init index 3f3a6db..99b61dc 100644 --- a/kjg/dot-cdist/manifest/init +++ b/kjg/dot-cdist/manifest/init @@ -1,6 +1,7 @@ case "$__target_host" in # Everybody has this localhost) - __my_computer + #__my_computer + __colourful_file ;; esac diff --git a/kjg/dot-cdist/type/__colourful_file/manifest b/kjg/dot-cdist/type/__colourful_file/manifest new file mode 100644 index 0000000..31d52a6 --- /dev/null +++ b/kjg/dot-cdist/type/__colourful_file/manifest @@ -0,0 +1,10 @@ +#!/bin/sh + +DOMAIN_NAME="$__object_id" + +COLOUR=$(cat "$__object/parameter/colour") + +__file ~/colourful \ + --mode 0644 --source - < Date: Sat, 9 May 2020 03:19:37 +0900 Subject: [PATCH 05/33] [cdist #3] update for multiple optional --- kjg/dot-cdist/manifest/init | 2 +- kjg/dot-cdist/type/__colourful_file/manifest | 9 +++++---- .../parameter/{optional => optional_multiple} | 0 3 files changed, 6 insertions(+), 5 deletions(-) rename kjg/dot-cdist/type/__colourful_file/parameter/{optional => optional_multiple} (100%) diff --git a/kjg/dot-cdist/manifest/init b/kjg/dot-cdist/manifest/init index 99b61dc..8424f7c 100644 --- a/kjg/dot-cdist/manifest/init +++ b/kjg/dot-cdist/manifest/init @@ -2,6 +2,6 @@ case "$__target_host" in # Everybody has this localhost) #__my_computer - __colourful_file + __colourful_file test --colour test1 --colour test2 ;; esac diff --git a/kjg/dot-cdist/type/__colourful_file/manifest b/kjg/dot-cdist/type/__colourful_file/manifest index 31d52a6..e7470fd 100644 --- a/kjg/dot-cdist/type/__colourful_file/manifest +++ b/kjg/dot-cdist/type/__colourful_file/manifest @@ -4,7 +4,8 @@ DOMAIN_NAME="$__object_id" COLOUR=$(cat "$__object/parameter/colour") -__file ~/colourful \ - --mode 0644 --source - <") (lambda () (interactive) (find-file (concat "~/ungleich-learning-circle/kjg/learning-"(system-name)"-"(format-time-string "%Y")".org")))) +(global-set-key (kbd "C-x g") 'magit-status) +(global-set-key (kbd "C-c a") 'org-agenda) +(global-set-key (kbd "") 'org-todo-list) + +(custom-set-variables + ;; custom-set-variables was added by Custom. + ;; If you edit it by hand, you could mess it up, so be careful. + ;; Your init file should contain only one such instance. + ;; If there is more than one, they won't work right. + '(epg-gpg-program "/usr/local/bin/gpg") + '(org-agenda-files + (quote + ("~/ungleich-learning-circle/kjg/todo.org" "~/learning.org"))) + ;;'(org-directory (expand-file-name "~/ungleich-learning-circle/kjg/")) + '(package-selected-packages (quote (org org-gnome org-dp ## which-key magit))) + '(send-mail-function (quote sendmail-send-it))) +(custom-set-faces + ;; custom-set-faces was added by Custom. + ;; If you edit it by hand, you could mess it up, so be careful. + ;; Your init file should contain only one such instance. + ;; If there is more than one, they won't work right. + ) + +(require 'epa-file) + +(epa-file-enable) + +(setq mu4e-mu-binary "/usr/local/bin/mu") + +(add-to-list 'load-path "/usr/local/share/emacs/site-lisp/mu/mu4e") +(require 'mu4e) + +(setq + mue4e-headers-skip-duplicates t + mu4e-view-show-images t + mu4e-view-show-addresses t + mu4e-compose-format-flowed nil + mu4e-date-format "%y/%m/%d" + mu4e-headers-date-format "%Y/%m/%d" + mu4e-change-filenames-when-moving t + mu4e-attachments-dir "~/Downloads" + + mu4e-maildir "~/Maildir/ungleich" ;; top-level Maildir + ;; note that these folders below must start with / + ;; the paths are relative to maildir root + mu4e-refile-folder "/Archive" + mu4e-sent-folder "/Sent" + mu4e-drafts-folder "/Drafts" + mu4e-trash-folder "/Trash" + mu4e-reply-to-address "jinguk.kwon@ungleich.ch" + user-mail-address "jinguk.kwon@ungleich.ch" + user-full-name "kjg") + +;; this setting allows to re-sync and re-index mail +;; by pressing U +(setq mu4e-get-mail-command "mbsync -a") + +(setq mail-host-address "mail.ungleich.ch") + + +(setq send-mail-function 'smtpmail-send-it + message-send-mail-function 'smtpmail-send-it + user-mail-address "jinguk.kwon@ungleich.ch" + smtpmail-starttls-credentials '(("smtp.ungleich.ch" 587 nil nil)) + smtpmail-auth-credentials "~/.authinfo.gpg" + smtpmail-default-smtp-server "smtp.ungleich.ch" + smtpmail-smtp-server "smtp.ungleich.ch" + smtpmail-smtp-service 587 + smtpmail-smtp-user "jinguk.kwon@ungleich.ch" + smtpmail-debug-info t + smtpmail-debug-verb t) + ;;starttls-extra-arguments nil + ;;starttls-gnutls-program (executable-find "gnutls-cli") + ;;smtpmail-warn-about-unknown-extensions t + ;;starttls-use-gnutls t) + +(require 'smtpmail) + +;;store org-mode links to messages +(require 'org-mu4e) + +(define-key mu4e-headers-mode-map (kbd "C-c c") 'mu4e-org-store-and-capture) +(define-key mu4e-view-mode-map (kbd "C-c c") 'mu4e-org-store-and-capture) + +(setq org-directory (expand-file-name "~/ungleich-learning-circle/kjg/")) +;;store link to message if in header view, not to header query +(setq org-mu4e-link-query-in-headers-mode nil) + +(setq org-capture-templates + '(("t" "todo" entry (file+headline (lambda() (concat "~/ungleich-learning-circle/kjg/todo-"(system-name)"-"(format-time-string "%Y")".org")) "Tasks") + "* TODO [#A] %?\nSCHEDULED: %(org-insert-time-stamp (org-read-date nil t \"+0d\"))\n%a\n"))) + +(setq org-log-done 'time) diff --git a/kjg/dot-cdist/type/__my_dotfiles/manifest b/kjg/dot-cdist/type/__my_dotfiles/manifest new file mode 100644 index 0000000..f322198 --- /dev/null +++ b/kjg/dot-cdist/type/__my_dotfiles/manifest @@ -0,0 +1,8 @@ +#!/bin/sh + +cd "$__type/files/" +dotfiles=$(ls -a .[A-z]*) +for df in $dotfiles; do + __file ~/$df \ + --mode 0644 --source "$__type/files/$df" +done \ No newline at end of file diff --git a/kjg/dot-cdist/type/__my_dotfiles/singleton b/kjg/dot-cdist/type/__my_dotfiles/singleton new file mode 100644 index 0000000..e69de29 From 3141840cf4b07e54cb53a4929b971a1ff120682e Mon Sep 17 00:00:00 2001 From: llnu Date: Mon, 11 May 2020 09:26:05 +0200 Subject: [PATCH 07/33] Reverted testing the requirement changes, added messaging, and gencode remote to reload nginx after the configuration gets writte Modified-by: llnu --- balazs/dot-cdist/manifest/init | 8 +++----- balazs/dot-cdist/type/__my_nginx_site/gencode-remote | 3 +++ balazs/dot-cdist/type/__my_nginx_site/manifest | 1 + 3 files changed, 7 insertions(+), 5 deletions(-) create mode 100644 balazs/dot-cdist/type/__my_nginx_site/gencode-remote diff --git a/balazs/dot-cdist/manifest/init b/balazs/dot-cdist/manifest/init index 0a4061b..9fd9bdc 100644 --- a/balazs/dot-cdist/manifest/init +++ b/balazs/dot-cdist/manifest/init @@ -6,16 +6,14 @@ case "$__target_host" in # Copy a cool motd from the type's file directory __motd --source "$__files/motd" -# __package emacs --state present - __timezone Europe/Zurich __my_computer -# __my_nginx + __my_nginx - __my_nginx_site woo.com - __my_nginx_site chee.se + require="__my_nginx" __my_nginx_site woo.com + require="__my_nginx" __my_nginx_site chee.se ;; esac diff --git a/balazs/dot-cdist/type/__my_nginx_site/gencode-remote b/balazs/dot-cdist/type/__my_nginx_site/gencode-remote new file mode 100644 index 0000000..c9eed7a --- /dev/null +++ b/balazs/dot-cdist/type/__my_nginx_site/gencode-remote @@ -0,0 +1,3 @@ +if grep -q "^__your_type/object/id:conf_file_changed" "$__messages_in"; then + echo "service nginx reload" +fi \ No newline at end of file diff --git a/balazs/dot-cdist/type/__my_nginx_site/manifest b/balazs/dot-cdist/type/__my_nginx_site/manifest index 7bdad79..d7bbca2 100644 --- a/balazs/dot-cdist/type/__my_nginx_site/manifest +++ b/balazs/dot-cdist/type/__my_nginx_site/manifest @@ -15,3 +15,4 @@ server { } EOF +echo "conf_file_changed" >> "$__messages_out" \ No newline at end of file From 1176f213145a1d400d01df2190709c6c562c0909 Mon Sep 17 00:00:00 2001 From: samuel Date: Mon, 11 May 2020 12:22:12 +0200 Subject: [PATCH 08/33] gencode --- sami/my-cdist/.cdist/type/__nginx/manifest | 1 + sami/my-cdist/.cdist/type/__nginx/singleton | 0 .../.cdist/type/__nginx_site/gencode-remote | 3 +++ .../.cdist/type/__nginx_site/manifest | 21 +++++++++++++++++++ 4 files changed, 25 insertions(+) create mode 100644 sami/my-cdist/.cdist/type/__nginx/manifest create mode 100644 sami/my-cdist/.cdist/type/__nginx/singleton create mode 100644 sami/my-cdist/.cdist/type/__nginx_site/gencode-remote create mode 100644 sami/my-cdist/.cdist/type/__nginx_site/manifest diff --git a/sami/my-cdist/.cdist/type/__nginx/manifest b/sami/my-cdist/.cdist/type/__nginx/manifest new file mode 100644 index 0000000..f9b246e --- /dev/null +++ b/sami/my-cdist/.cdist/type/__nginx/manifest @@ -0,0 +1 @@ +__package nginx --state present diff --git a/sami/my-cdist/.cdist/type/__nginx/singleton b/sami/my-cdist/.cdist/type/__nginx/singleton new file mode 100644 index 0000000..e69de29 diff --git a/sami/my-cdist/.cdist/type/__nginx_site/gencode-remote b/sami/my-cdist/.cdist/type/__nginx_site/gencode-remote new file mode 100644 index 0000000..2c5a080 --- /dev/null +++ b/sami/my-cdist/.cdist/type/__nginx_site/gencode-remote @@ -0,0 +1,3 @@ +# Reacting on message + +echo "service nginx reload" diff --git a/sami/my-cdist/.cdist/type/__nginx_site/manifest b/sami/my-cdist/.cdist/type/__nginx_site/manifest new file mode 100644 index 0000000..3fa56dc --- /dev/null +++ b/sami/my-cdist/.cdist/type/__nginx_site/manifest @@ -0,0 +1,21 @@ + +os=$(cat "$__global/explorer/os") + +domain="$__object_id" +nginx_config_dir="/etc/nginx/conf.d" + +require="__package/nginx" __file $nginx_config_dir/$domain.conf --source - << EOF + +server { + + server_name $domain; + listen [::]:80 ; + + location / { + autoindex on; + root /var/www/html/$domain; + } +} +EOF + + From 2275037039e82a5dc2166803ea628ca81aaeaa40 Mon Sep 17 00:00:00 2001 From: llnu Date: Mon, 11 May 2020 12:22:40 +0200 Subject: [PATCH 09/33] Kinda finished --- .../type/__my_nginx_site/gencode-remote | 26 ++++++++++++++++--- .../dot-cdist/type/__my_nginx_site/manifest | 8 +++++- 2 files changed, 30 insertions(+), 4 deletions(-) diff --git a/balazs/dot-cdist/type/__my_nginx_site/gencode-remote b/balazs/dot-cdist/type/__my_nginx_site/gencode-remote index c9eed7a..7a74b98 100644 --- a/balazs/dot-cdist/type/__my_nginx_site/gencode-remote +++ b/balazs/dot-cdist/type/__my_nginx_site/gencode-remote @@ -1,3 +1,23 @@ -if grep -q "^__your_type/object/id:conf_file_changed" "$__messages_in"; then - echo "service nginx reload" -fi \ No newline at end of file +os=$(cat "$__global/explorer/os") + +#if grep -q "$something_from_message_in" "$__messages_in"; then + +case "${os}" in + alpine|gentoo) + echo /etc/init.d/nginx reload + ;; + debian|ubuntu) + echo "/usr/bin/systemctl reload nginx" + ;; +esac + +#fi + + +#if grep -q "^__your_type/object/id:conf_file_changed" "$__messages_in"; then +# echo "$reload_command" +#fi + +# Testing env -> variables are not shared between the type's manifest and the gencode-remote script +# Maybe the variables are eval-ed on the local host and won't get transferred to the remote host? +#echo "echo \"$reload_command\" >> /tmp/cmd" \ No newline at end of file diff --git a/balazs/dot-cdist/type/__my_nginx_site/manifest b/balazs/dot-cdist/type/__my_nginx_site/manifest index d7bbca2..0dbfbb6 100644 --- a/balazs/dot-cdist/type/__my_nginx_site/manifest +++ b/balazs/dot-cdist/type/__my_nginx_site/manifest @@ -1,3 +1,8 @@ +os="$(cat "$__global/explorer/os")" + +# Note: __service nginx --action reload + + domain="$__object_id" nginx_config_dir="/etc/nginx/conf.d" @@ -15,4 +20,5 @@ server { } EOF -echo "conf_file_changed" >> "$__messages_out" \ No newline at end of file +# Messaging is not needed because atm I assume that the config file will get overwritten every run, even if the contents are the same. +#echo "conf_file_changed" >> "$__messages_out" \ No newline at end of file From cf21e1da9f339baaaa6e3f2b0e3b0b395e2cc496 Mon Sep 17 00:00:00 2001 From: llnu Date: Mon, 11 May 2020 12:31:51 +0200 Subject: [PATCH 10/33] removing backup file --- balazs/dot-cdist/type/__my_computer/manifest~ | 8 -------- 1 file changed, 8 deletions(-) delete mode 100755 balazs/dot-cdist/type/__my_computer/manifest~ diff --git a/balazs/dot-cdist/type/__my_computer/manifest~ b/balazs/dot-cdist/type/__my_computer/manifest~ deleted file mode 100755 index a6ac13d..0000000 --- a/balazs/dot-cdist/type/__my_computer/manifest~ +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/sh -e - -#This is a type for practice, used to learn cdist and configure a laptop. - - -for pkg in ndisc6 emacs zsh mosh nmap sipcalc; - do __package $pkg --state present; -done From ce69011b6f7bd3cc1d80927d56c88f7acf7ee6ec Mon Sep 17 00:00:00 2001 From: llnu Date: Mon, 11 May 2020 12:34:11 +0200 Subject: [PATCH 11/33] removing backup file --- balazs/dot-cdist/type/__my_nginx_site/manifest~ | 1 - 1 file changed, 1 deletion(-) delete mode 100644 balazs/dot-cdist/type/__my_nginx_site/manifest~ diff --git a/balazs/dot-cdist/type/__my_nginx_site/manifest~ b/balazs/dot-cdist/type/__my_nginx_site/manifest~ deleted file mode 100644 index bbc7518..0000000 --- a/balazs/dot-cdist/type/__my_nginx_site/manifest~ +++ /dev/null @@ -1 +0,0 @@ -require="__package/nginx" __file $nginx_config_dir/"$__object_id".conf \ No newline at end of file From 13e0517c93b8affec1fcc5bae436cccbaa1f2286 Mon Sep 17 00:00:00 2001 From: elf Date: Mon, 11 May 2020 23:51:46 +0900 Subject: [PATCH 12/33] [cdist #4]create nginx test --- kjg/cdist.org | 58 ++++++++++++++++++++ kjg/dot-cdist/manifest/init | 3 + kjg/dot-cdist/type/__my_nginx/manifest | 3 + kjg/dot-cdist/type/__my_nginx/singleton | 0 kjg/dot-cdist/type/__my_nginx_site/manifest | 29 ++++++++++ kjg/dot-cdist/type/__my_nginx_site/manifest~ | 33 +++++++++++ 6 files changed, 126 insertions(+) create mode 100644 kjg/dot-cdist/type/__my_nginx/manifest create mode 100644 kjg/dot-cdist/type/__my_nginx/singleton create mode 100644 kjg/dot-cdist/type/__my_nginx_site/manifest create mode 100644 kjg/dot-cdist/type/__my_nginx_site/manifest~ diff --git a/kjg/cdist.org b/kjg/cdist.org index 4fb319c..2349cf7 100644 --- a/kjg/cdist.org +++ b/kjg/cdist.org @@ -1002,4 +1002,62 @@ TRACE: localhost: Saving cache: /tmp/tmp4n4p2hbt/421aa90e079fa326b6494f812ad13e7 INFO: localhost: Finished successful run in 2.17 seconds VERBOSE: config: Total processing time for 1 host(s): 2.1842637062072754 + * cdist3 + +* cdist4 +** Create a new type *__my_nginx* +On the target host find out which directory nginx includes --> /etc/nginx/sites-enabled +*** log +VERBOSE: cdist: version 6.5.5-3-g6f4649ef +INFO: localhost: Starting configuration run +VERBOSE: localhost: Running global explorers +VERBOSE: localhost: Running initial manifest /tmp/tmpchto21_m/421aa90e079fa326b6494f812ad13e79/data/conf/manifest/init +VERBOSE: localhost: Preparing object __my_nginx/ +VERBOSE: localhost: Running manifest and explorers for __my_nginx/ +VERBOSE: localhost: Running type explorers for +VERBOSE: localhost: Running type manifest /tmp/tmpchto21_m/421aa90e079fa326b6494f812ad13e79/data/conf/type/__my_nginx/manifest for object __my_nginx/ +VERBOSE: localhost: Preparing object __package/nginx +VERBOSE: localhost: Running manifest and explorers for __package/nginx +VERBOSE: localhost: Running type explorers for +VERBOSE: localhost: Running type manifest /tmp/tmpchto21_m/421aa90e079fa326b6494f812ad13e79/data/conf/type/__package/manifest for object __package/nginx +VERBOSE: localhost: Preparing object __package_apt/nginx +VERBOSE: localhost: Running manifest and explorers for __package_apt/nginx +VERBOSE: localhost: Running type explorers for +VERBOSE: localhost: Running object __package_apt/nginx +VERBOSE: localhost: Running object __package/nginx +VERBOSE: localhost: Running object __my_nginx/ +INFO: localhost: Finished successful run in 0.87 seconds +VERBOSE: config: Total processing time for 1 host(s): 0.8785049915313721 +** Create a new tyep *__my_nginx_site* +root@mynginx2:~#ls -al /etc/nginx/sites-enabled/ +total 16 +drwxr-xr-x 2 root root 4096 May 11 23:29 . +drwxr-xr-x 8 root root 4096 May 11 21:40 .. +lrwxrwxrwx 1 root root 34 May 11 21:40 default -> /etc/nginx/sites-available/default +-rw-r--r-- 1 root root 243 May 11 23:29 mynginx2.test.conf +-rw-r--r-- 1 root root 243 May 11 23:27 mynginx.test.conf +root@mynginx2:~# + +*** remove nginx and __my_nginx log +VERBOSE: cdist: version 6.5.5-3-g6f4649ef +INFO: mynginx2.test: Starting configuration run +VERBOSE: mynginx2.test: Running global explorers +VERBOSE: mynginx2.test: Running initial manifest /tmp/tmptq3y42m2/5e977ddad9a0047b183b6d2702795df4/data/conf/manifest/init +VERBOSE: mynginx2.test: Preparing object __my_nginx_site/mynginx2.test +VERBOSE: mynginx2.test: Running manifest and explorers for __my_nginx_site/mynginx2.test +VERBOSE: mynginx2.test: Running type explorers for +VERBOSE: mynginx2.test: Running type manifest /tmp/tmptq3y42m2/5e977ddad9a0047b183b6d2702795df4/data/conf/type/__my_nginx_site/manifest for object __my_nginx_site/mynginx2.test +ERROR: mynginx2.test: The requirements of the following objects could not be resolved: +__file/etc/nginx/sites-enabled/mynginx2.test.conf requires: + __package/nginx +__file/etc/nginx/sites-enabled/mynginx2.test.conf autorequires: + +__my_nginx_site/mynginx2.test requires: + +__my_nginx_site/mynginx2.test autorequires: + __file/etc/nginx/sites-enabled/mynginx2.test.conf +VERBOSE: config: Total processing time for 1 host(s): 0.6650142669677734 +ERROR: cdist: Failed to configure the following hosts: mynginx2.tes + +--> nginx is removed and "require" check nginx(__package/nginx) diff --git a/kjg/dot-cdist/manifest/init b/kjg/dot-cdist/manifest/init index a7829eb..02a4738 100644 --- a/kjg/dot-cdist/manifest/init +++ b/kjg/dot-cdist/manifest/init @@ -5,4 +5,7 @@ case "$__target_host" in #__colourful_file test --colour test1 --colour test2 __my_dotfiles ;; + *) + #__my_nginx + __my_nginx_site $__target_host esac diff --git a/kjg/dot-cdist/type/__my_nginx/manifest b/kjg/dot-cdist/type/__my_nginx/manifest new file mode 100644 index 0000000..c231a90 --- /dev/null +++ b/kjg/dot-cdist/type/__my_nginx/manifest @@ -0,0 +1,3 @@ +#!/bin/sh + +__package nginx diff --git a/kjg/dot-cdist/type/__my_nginx/singleton b/kjg/dot-cdist/type/__my_nginx/singleton new file mode 100644 index 0000000..e69de29 diff --git a/kjg/dot-cdist/type/__my_nginx_site/manifest b/kjg/dot-cdist/type/__my_nginx_site/manifest new file mode 100644 index 0000000..c5a6df8 --- /dev/null +++ b/kjg/dot-cdist/type/__my_nginx_site/manifest @@ -0,0 +1,29 @@ +#!/bin/sh + + +DOMAIN_NAME="$__object_id" +CONF_DIR=/etc/nginx/sites-enabled +WEB_ROOT=/var/www/html/${DOMAIN_NAME} + + +__directory $WEB_ROOT --parents --mode 0644 + +require="__package/nginx" __file "${CONF_DIR}/${DOMAIN_NAME}.conf" \ + --mode 0644 --source - << EOF +server { + listen *:80; + listen [::]:80; + + server_name $name; + root $WEBROOT; + + location /.well-known/acme-challenge/ { + root $WEBROOT; + } + + # Everything else -> ssl + location / { + return 301 https://\$host\$request_uri; + } +} +EOF diff --git a/kjg/dot-cdist/type/__my_nginx_site/manifest~ b/kjg/dot-cdist/type/__my_nginx_site/manifest~ new file mode 100644 index 0000000..6677dcc --- /dev/null +++ b/kjg/dot-cdist/type/__my_nginx_site/manifest~ @@ -0,0 +1,33 @@ +#!/bin/sh + + +DOMAIN_NAME="$__object_id" +CONF_DIR=/etc/nginx/sites-enabled +WEB_ROOT=/var/www/html/${DOMAIN_NAME} + +#__package nginx --state installed + + + + + +#require="__package/nginx" __file "~/ungleich-learning/test.conf" \ +require="__package/nginx" __file "${CONF_DIR}/${DOMAIN_NAME}.conf" \ + --mode 0644 --source - << EOF +server { + listen *:80; + listen [::]:80; + + server_name $name; + root $WEBROOT; + + location /.well-known/acme-challenge/ { + root $WEBROOT; + } + + # Everything else -> ssl + location / { + return 301 https://\$host\$request_uri; + } +} +EOF \ No newline at end of file From 3045a40ba77dee48aab90567a5acb06e50bca4b0 Mon Sep 17 00:00:00 2001 From: samuel Date: Tue, 12 May 2020 12:06:57 +0200 Subject: [PATCH 13/33] adding org files --- sami/.gitignore | 21 +++++++ sami/my-cdist/.cdist/files/motd | 1 + sami/my-cdist/.cdist/manifest/init | 15 +++++ .../.cdist/type/__my_computer/manifest | 10 ++- sami/my-org-files/#cdist.org# | 63 +++++++++++++++++++ sami/my-org-files/cdist.org/cdist#1-intro.org | 38 +++++++++++ sami/my-org-files/cdist.org/cdist#2-type.org | 24 +++++++ sami/my-org-files/cdist.org/cdist.org | 15 +++++ 8 files changed, 186 insertions(+), 1 deletion(-) create mode 100644 sami/.gitignore create mode 100644 sami/my-cdist/.cdist/files/motd create mode 100644 sami/my-org-files/#cdist.org# create mode 100644 sami/my-org-files/cdist.org/cdist#1-intro.org create mode 100644 sami/my-org-files/cdist.org/cdist#2-type.org create mode 100644 sami/my-org-files/cdist.org/cdist.org diff --git a/sami/.gitignore b/sami/.gitignore new file mode 100644 index 0000000..72e7b61 --- /dev/null +++ b/sami/.gitignore @@ -0,0 +1,21 @@ + +# Created by https://www.gitignore.io/api/linux +# Edit at https://www.gitignore.io/?templates=linux + +### Linux ### +*~ + +# temporary files which can be created if a process still has a handle open of a deleted file +.fuse_hidden* + +# KDE directory preferences +.directory + +# Linux trash folder which might appear on any partition or disk +.Trash-* + +# .nfs files are created when an open file is removed but is still being accessed +.nfs* + +# End of https://www.gitignore.io/api/linux + diff --git a/sami/my-cdist/.cdist/files/motd b/sami/my-cdist/.cdist/files/motd new file mode 100644 index 0000000..7ce6bf3 --- /dev/null +++ b/sami/my-cdist/.cdist/files/motd @@ -0,0 +1 @@ +my message of the day diff --git a/sami/my-cdist/.cdist/manifest/init b/sami/my-cdist/.cdist/manifest/init index e69de29..8f12e3b 100644 --- a/sami/my-cdist/.cdist/manifest/init +++ b/sami/my-cdist/.cdist/manifest/init @@ -0,0 +1,15 @@ +case "$__target_host" in + localhost) + #target is configured with cdist + __file /etc/cdist-configured + + # motd from th file directory + __motd --source "$__files/motd" + + __timezone Europe/Zurich + + # types to be used + __my_computer +;; +esac + diff --git a/sami/my-cdist/.cdist/type/__my_computer/manifest b/sami/my-cdist/.cdist/type/__my_computer/manifest index 07320cd..662e44c 100755 --- a/sami/my-cdist/.cdist/type/__my_computer/manifest +++ b/sami/my-cdist/.cdist/type/__my_computer/manifest @@ -19,7 +19,15 @@ # # # Ensure sipcalc is present -# + __package sipcalc --state present +__package emacs --state present + +__package firefox --state present + +__package nmap --state present + +__package zsh --state present + diff --git a/sami/my-org-files/#cdist.org# b/sami/my-org-files/#cdist.org# new file mode 100644 index 0000000..cef418c --- /dev/null +++ b/sami/my-org-files/#cdist.org# @@ -0,0 +1,63 @@ + + + + + +*** cdist #1: Introduction +**** Lecture content +***** Objective +****** Begin to use cdist +***** Steps +****** Checkout cdist quickstart https://www.cdi.st/manual/latest/cdist-quickstart.html +****** Install cdist locally +****** Create a new cdist configuration directory in ~/ungleich-learning-circle/USERNAME/dot-cdist +****** Create an empty initial manifest ("use touch") +****** Commit that status +****** Ensure that you can login as root to localhost via ssh without a password +****** Configure cdist to configures the motd of your localhost +******* Ensure you have a case block matching on $__target_host +******* Use the -c parameter to cdist to specify the configuration directory +******* Use the -vv parameter to get more verbose output +******* Search for / understand what MOTD stands for +****** Configure cdist to create the file /etc/cdist-configured +****** Configure cdist to setup the timezone on your local computer +****** Configure cdist to ensure emacs is installed +****** Ensure that in the end all changes are committed in your repository + + + + + + + + + + + + + + + + + + + + + + + +* cdist #5: Generating Code & Exploring + +* Understanding how to generate code and when to use it +** define gencode-remote script: ~/.cdist/type/__nginx_site. After manifest is applied it should restart services so configuration is active. Our gencode-remote looks like echo "service nginx restart" + +* Modify the previously created type *__my_nginx_site* +** We modify the previously created type so that the gencode-remote script reacts accordingly +- echo "if_configurationfile_changes" >> "$__messages_out" + +* Read about cdist messaging +** cdist has a simple but powerful way of allowing communication between the initial manifest and types as well as types and types. +* What is the difference between gencode-local and gencode-remote? + +** gencode-remote used to generate code to be executed on the target host +** gencode-local used to generate code to be executed on the source host \ No newline at end of file diff --git a/sami/my-org-files/cdist.org/cdist#1-intro.org b/sami/my-org-files/cdist.org/cdist#1-intro.org new file mode 100644 index 0000000..89f31bc --- /dev/null +++ b/sami/my-org-files/cdist.org/cdist#1-intro.org @@ -0,0 +1,38 @@ +*** cdist #1: Introduction +**** Lecture content +***** Objective +****** Begin to use cdist +***** Steps +****** Install cdist locally https://www.cdi.st/manual/latest/cdist-quickstart.html +****** Create a new cdist configuration directory in ~/ungleich-learning-circle/USERNAME/dot-cdist +****** Create an empty initial manifest +****** Commit that status +****** Ensure that you can login as root to localhost via ssh without a password +****** Configure cdist to configures the motd of your localhost +******* Ensure you have a case block matching on $__target_host +******* Use the -c parameter to cdist to specify the configuration directory +******* Use the -vv parameter to get more verbose output +****** Configure cdist to create the file /etc/cdist-configured +****** Configure cdist to setup the timezone on your local computer +****** Configure cdist to ensure emacs is installed +****** Ensure that in the end all changes are committed in your repository + +* init.file +- sami@cdist/manifest$ cat init +case "$__target_host" in + localhost) + #target is configured with cdist + __file /etc/cdist-configured + + # motd from th file directory + __motd --source "$__files/motd" + + __timezone Europe/Zurich + + +;; +esac + + +* Types manifest for installing packages or insuring that packages are installed +- __package emacs --state present diff --git a/sami/my-org-files/cdist.org/cdist#2-type.org b/sami/my-org-files/cdist.org/cdist#2-type.org new file mode 100644 index 0000000..614d705 --- /dev/null +++ b/sami/my-org-files/cdist.org/cdist#2-type.org @@ -0,0 +1,24 @@ +*** cdist #2: Your first cdist type +**** Lecture content +***** Objective +****** Begin to understand how cdist types function +******* Types are the main component of cdist and define functionality. If you use cdist, you'll write a type for every functionality you would like to use. +***** Steps +****** Create a new type named `__my_computer` + - Mark the type as a singleton type (If a type is flagged as a singleton, it may be used only once per host.) + - Create a `manifest` file in it + - Use this type to install the following packages: zsh, mosh, emacs, nmap, sipcalc + - Edit the *initial manifest* and use **__my_computer** - Here we have to simply add __my_computer in the types file + **localhost** + - Match using the $__target_host variable +****** Modify your type to use a *for loop* to install the packages +****** Deploy / manage your ~/.emacs file in this type + - Ensure that permissions and ownership are correct +****** Use different *verbosity* levels when configuring +****** Ensure that all your changes are committed and pushed in your ungleich-learning-circle repository + - Use magit inside emacs for that +***** Documentation steps to be done in cdist.org + - Create a new org document named `cdist.org` in the safind . -name "~/.emacs"me folder as the learning.org file + - Explain the difference between a singleton and non-singleton type + - Explain the difference between the different verbosity levels + - Document (copy&paste) some of the cdist runs in a "log" section```find . -name "~/.emacs" diff --git a/sami/my-org-files/cdist.org/cdist.org b/sami/my-org-files/cdist.org/cdist.org new file mode 100644 index 0000000..a6bb386 --- /dev/null +++ b/sami/my-org-files/cdist.org/cdist.org @@ -0,0 +1,15 @@ +* cdist #5: Generating Code & Exploring + +* Understanding how to generate code and when to use it +** define gencode-remote script: ~/.cdist/type/__nginx_site. After manifest is applied it should restart services so configuration is active. Our gencode-remote looks like echo "service nginx restart" + +* Modify the previously created type *__my_nginx_site* +** We modify the previously created type so that the gencode-remote script reacts accordingly +- echo "if_configurationfile_changes" >> "$__messages_out" + +* Read about cdist messaging +** cdist has a simple but powerful way of allowing communication between the initial manifest and types as well as types and types. +* What is the difference between gencode-local and gencode-remote? + +** gencode-remote used to generate code to be executed on the target host +** gencode-local used to generate code to be executed on the source host \ No newline at end of file From 74b57875d9dfc646c948cd03d7e1ac8cde4a94ab Mon Sep 17 00:00:00 2001 From: samuel Date: Tue, 12 May 2020 12:12:50 +0200 Subject: [PATCH 14/33] removing tep files --- sami/my-org-files/#cdist.org# | 63 ------------------------- sami/my-org-files/.git.ignore | 0 sami/my-org-files/cdist.org/#cdist.org# | 15 ++++++ 3 files changed, 15 insertions(+), 63 deletions(-) delete mode 100644 sami/my-org-files/#cdist.org# create mode 100644 sami/my-org-files/.git.ignore create mode 100644 sami/my-org-files/cdist.org/#cdist.org# diff --git a/sami/my-org-files/#cdist.org# b/sami/my-org-files/#cdist.org# deleted file mode 100644 index cef418c..0000000 --- a/sami/my-org-files/#cdist.org# +++ /dev/null @@ -1,63 +0,0 @@ - - - - - -*** cdist #1: Introduction -**** Lecture content -***** Objective -****** Begin to use cdist -***** Steps -****** Checkout cdist quickstart https://www.cdi.st/manual/latest/cdist-quickstart.html -****** Install cdist locally -****** Create a new cdist configuration directory in ~/ungleich-learning-circle/USERNAME/dot-cdist -****** Create an empty initial manifest ("use touch") -****** Commit that status -****** Ensure that you can login as root to localhost via ssh without a password -****** Configure cdist to configures the motd of your localhost -******* Ensure you have a case block matching on $__target_host -******* Use the -c parameter to cdist to specify the configuration directory -******* Use the -vv parameter to get more verbose output -******* Search for / understand what MOTD stands for -****** Configure cdist to create the file /etc/cdist-configured -****** Configure cdist to setup the timezone on your local computer -****** Configure cdist to ensure emacs is installed -****** Ensure that in the end all changes are committed in your repository - - - - - - - - - - - - - - - - - - - - - - - -* cdist #5: Generating Code & Exploring - -* Understanding how to generate code and when to use it -** define gencode-remote script: ~/.cdist/type/__nginx_site. After manifest is applied it should restart services so configuration is active. Our gencode-remote looks like echo "service nginx restart" - -* Modify the previously created type *__my_nginx_site* -** We modify the previously created type so that the gencode-remote script reacts accordingly -- echo "if_configurationfile_changes" >> "$__messages_out" - -* Read about cdist messaging -** cdist has a simple but powerful way of allowing communication between the initial manifest and types as well as types and types. -* What is the difference between gencode-local and gencode-remote? - -** gencode-remote used to generate code to be executed on the target host -** gencode-local used to generate code to be executed on the source host \ No newline at end of file diff --git a/sami/my-org-files/.git.ignore b/sami/my-org-files/.git.ignore new file mode 100644 index 0000000..e69de29 diff --git a/sami/my-org-files/cdist.org/#cdist.org# b/sami/my-org-files/cdist.org/#cdist.org# new file mode 100644 index 0000000..16c809f --- /dev/null +++ b/sami/my-org-files/cdist.org/#cdist.org# @@ -0,0 +1,15 @@ +cdist #5: Generating Code & Exploring + +* Understanding how to generate code and when to use it +** define gencode-remote script: ~/.cdist/type/__nginx_site. After manifest is applied it should restart services so configuration is active. Our gencode-remote looks like echo "service nginx restart" + +* Modify the previously created type *__my_nginx_site* +** We modify the previously created type so that the gencode-remote script reacts accordingly +- echo "if_configurationfile_changes" >> "$__messages_out" + +* Read about cdist messaging +** cdist has a simple but powerful way of allowing communication between the initial manifest and types as well as types and types. +* What is the difference between gencode-local and gencode-remote? + +** gencode-remote used to generate code to be executed on the target host +** gencode-local used to generate code to be executed on the source host From fc49f8c4bdc8254ee4d86247d6c65c13470dc7d7 Mon Sep 17 00:00:00 2001 From: Samuel Hailu Date: Tue, 12 May 2020 12:13:57 +0200 Subject: [PATCH 15/33] Delete #cdist.org# --- sami/my-org-files/cdist.org/#cdist.org# | 15 --------------- 1 file changed, 15 deletions(-) delete mode 100644 sami/my-org-files/cdist.org/#cdist.org# diff --git a/sami/my-org-files/cdist.org/#cdist.org# b/sami/my-org-files/cdist.org/#cdist.org# deleted file mode 100644 index 16c809f..0000000 --- a/sami/my-org-files/cdist.org/#cdist.org# +++ /dev/null @@ -1,15 +0,0 @@ -cdist #5: Generating Code & Exploring - -* Understanding how to generate code and when to use it -** define gencode-remote script: ~/.cdist/type/__nginx_site. After manifest is applied it should restart services so configuration is active. Our gencode-remote looks like echo "service nginx restart" - -* Modify the previously created type *__my_nginx_site* -** We modify the previously created type so that the gencode-remote script reacts accordingly -- echo "if_configurationfile_changes" >> "$__messages_out" - -* Read about cdist messaging -** cdist has a simple but powerful way of allowing communication between the initial manifest and types as well as types and types. -* What is the difference between gencode-local and gencode-remote? - -** gencode-remote used to generate code to be executed on the target host -** gencode-local used to generate code to be executed on the source host From ec100635e160ce809bbf0f1c18a7aed5223f9a14 Mon Sep 17 00:00:00 2001 From: samuel Date: Tue, 12 May 2020 12:17:02 +0200 Subject: [PATCH 16/33] renaming --- sami/my-org-files/cdist.org/{#cdist.org# => cdist#5-messsaging} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename sami/my-org-files/cdist.org/{#cdist.org# => cdist#5-messsaging} (100%) diff --git a/sami/my-org-files/cdist.org/#cdist.org# b/sami/my-org-files/cdist.org/cdist#5-messsaging similarity index 100% rename from sami/my-org-files/cdist.org/#cdist.org# rename to sami/my-org-files/cdist.org/cdist#5-messsaging From 3a84ac767efd9ed3f6e350f5f16cbbc5ba179032 Mon Sep 17 00:00:00 2001 From: root Date: Wed, 13 May 2020 22:43:10 +0900 Subject: [PATCH 17/33] [cdist #5] modify __my_nginx_site --- kjg/cdist.org | 8 +++++ kjg/dot-cdist/manifest/init | 2 +- .../type/__my_nginx_site/gencode-remote | 20 +++++++++++ kjg/dot-cdist/type/__my_nginx_site/manifest | 22 ++++++++++--- kjg/dot-cdist/type/__my_nginx_site/manifest~ | 33 ------------------- 5 files changed, 46 insertions(+), 39 deletions(-) create mode 100644 kjg/dot-cdist/type/__my_nginx_site/gencode-remote delete mode 100644 kjg/dot-cdist/type/__my_nginx_site/manifest~ diff --git a/kjg/cdist.org b/kjg/cdist.org index 2349cf7..530009c 100644 --- a/kjg/cdist.org +++ b/kjg/cdist.org @@ -1005,6 +1005,7 @@ VERBOSE: config: Total processing time for 1 host(s): 2.1842637062072754 * cdist3 + * cdist4 ** Create a new type *__my_nginx* On the target host find out which directory nginx includes --> /etc/nginx/sites-enabled @@ -1061,3 +1062,10 @@ VERBOSE: config: Total processing time for 1 host(s): 0.6650142669677734 ERROR: cdist: Failed to configure the following hosts: mynginx2.tes --> nginx is removed and "require" check nginx(__package/nginx) + +* cdist5 +** What is the difference between gencode-remote and the remote code? + +** What is the difference between gencode-local and gencode-remote? + +** Locate a type that comes with upstream cdist that uses gencode-local - which one is it? Why does it need gencode-local? diff --git a/kjg/dot-cdist/manifest/init b/kjg/dot-cdist/manifest/init index 02a4738..ba3b873 100644 --- a/kjg/dot-cdist/manifest/init +++ b/kjg/dot-cdist/manifest/init @@ -6,6 +6,6 @@ case "$__target_host" in __my_dotfiles ;; *) - #__my_nginx + __my_nginx __my_nginx_site $__target_host esac diff --git a/kjg/dot-cdist/type/__my_nginx_site/gencode-remote b/kjg/dot-cdist/type/__my_nginx_site/gencode-remote new file mode 100644 index 0000000..e18e240 --- /dev/null +++ b/kjg/dot-cdist/type/__my_nginx_site/gencode-remote @@ -0,0 +1,20 @@ +os=$(cat "$__global/explorer/os") + +case "$os" in + devuan) + CONF_DIR=/etc/nginx/sites-enabled + ;; + alpine) + CONF_DIR=/etc/nginx/conf.d + ;; + *) + echo "OS $os currently not supported" >&2 + exit 1 + ;; +esac + +DOMAIN_NAME="$__object_id" + +if grep -q "^__file${CONF_DIR}/${DOMAIN_NAME}" "$__messages_in"; then + echo 'service nginx reload' +fi diff --git a/kjg/dot-cdist/type/__my_nginx_site/manifest b/kjg/dot-cdist/type/__my_nginx_site/manifest index c5a6df8..3362f90 100644 --- a/kjg/dot-cdist/type/__my_nginx_site/manifest +++ b/kjg/dot-cdist/type/__my_nginx_site/manifest @@ -1,11 +1,23 @@ #!/bin/sh +os=$(cat "$__global/explorer/os") + +case "$os" in + devuan) + CONF_DIR=/etc/nginx/sites-enabled + ;; + alpine) + CONF_DIR=/etc/nginx/conf.d + ;; + *) + echo "OS $os currently not supported" >&2 + exit 1 + ;; +esac DOMAIN_NAME="$__object_id" -CONF_DIR=/etc/nginx/sites-enabled WEB_ROOT=/var/www/html/${DOMAIN_NAME} - __directory $WEB_ROOT --parents --mode 0644 require="__package/nginx" __file "${CONF_DIR}/${DOMAIN_NAME}.conf" \ @@ -14,11 +26,11 @@ server { listen *:80; listen [::]:80; - server_name $name; - root $WEBROOT; + server_name $DOMAIN_NAME; + root $WEB_ROOT; location /.well-known/acme-challenge/ { - root $WEBROOT; + root $WEB_ROOT; } # Everything else -> ssl diff --git a/kjg/dot-cdist/type/__my_nginx_site/manifest~ b/kjg/dot-cdist/type/__my_nginx_site/manifest~ deleted file mode 100644 index 6677dcc..0000000 --- a/kjg/dot-cdist/type/__my_nginx_site/manifest~ +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/sh - - -DOMAIN_NAME="$__object_id" -CONF_DIR=/etc/nginx/sites-enabled -WEB_ROOT=/var/www/html/${DOMAIN_NAME} - -#__package nginx --state installed - - - - - -#require="__package/nginx" __file "~/ungleich-learning/test.conf" \ -require="__package/nginx" __file "${CONF_DIR}/${DOMAIN_NAME}.conf" \ - --mode 0644 --source - << EOF -server { - listen *:80; - listen [::]:80; - - server_name $name; - root $WEBROOT; - - location /.well-known/acme-challenge/ { - root $WEBROOT; - } - - # Everything else -> ssl - location / { - return 301 https://\$host\$request_uri; - } -} -EOF \ No newline at end of file From 060a5be2571db0fedc1230bdbf3580b2d9c6e15a Mon Sep 17 00:00:00 2001 From: root Date: Wed, 13 May 2020 23:25:22 +0900 Subject: [PATCH 18/33] [cdist #5] updated cdist.org --- kjg/cdist.org | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/kjg/cdist.org b/kjg/cdist.org index 530009c..2e5b193 100644 --- a/kjg/cdist.org +++ b/kjg/cdist.org @@ -1063,9 +1063,21 @@ ERROR: cdist: Failed to configure the following hosts: mynginx2.tes --> nginx is removed and "require" check nginx(__package/nginx) + * cdist5 ** What is the difference between gencode-remote and the remote code? +remote code is running on cdist command(cdist config --remote-copy REMOTE_COPY) +gencode-remote is running on cdist type + +remote_copy - use for remote copy with cdist command +remote_exec - use for remote execution with cdist command + ** What is the difference between gencode-local and gencode-remote? +gencode-local is executed locall, otherwise gencode-remote is executed on the targethost ** Locate a type that comes with upstream cdist that uses gencode-local - which one is it? Why does it need gencode-local? +__ungleich_dhparam + +For running a specific local package +ex) openssl dhparam -outform PEM -out ${destination}/${domain}_dhparam.pem $keysize From 0f1028fb40006dc7d6e8c0f2992e8e23a2b7106e Mon Sep 17 00:00:00 2001 From: Youngjin Han Date: Wed, 13 May 2020 23:37:30 +0900 Subject: [PATCH 19/33] Learning Circle : cidst #5 - initial commit --- youngjin.han/dot-cdist/manifest/init | 9 +++- .../dot-cdist/type/__colourful_file/manifest | 0 .../dot-cdist/type/__my_nginx/manifest | 8 +++ .../dot-cdist/type/__my_nginx/singleton | 0 .../type/__my_nginx_site/gencode-remote | 1 + .../type/__my_nginx_site/gencode-remote~ | 1 + .../dot-cdist/type/__my_nginx_site/manifest | 42 +++++++++++++++ .../dot-cdist/type/__my_nginx_site/manifest~ | 42 +++++++++++++++ youngjin.han/learning-node02-2020.org | 52 +++++++++++++++++++ 9 files changed, 153 insertions(+), 2 deletions(-) mode change 100644 => 100755 youngjin.han/dot-cdist/type/__colourful_file/manifest create mode 100755 youngjin.han/dot-cdist/type/__my_nginx/manifest create mode 100644 youngjin.han/dot-cdist/type/__my_nginx/singleton create mode 100644 youngjin.han/dot-cdist/type/__my_nginx_site/gencode-remote create mode 100644 youngjin.han/dot-cdist/type/__my_nginx_site/gencode-remote~ create mode 100755 youngjin.han/dot-cdist/type/__my_nginx_site/manifest create mode 100755 youngjin.han/dot-cdist/type/__my_nginx_site/manifest~ diff --git a/youngjin.han/dot-cdist/manifest/init b/youngjin.han/dot-cdist/manifest/init index 2bca0b6..5d18418 100644 --- a/youngjin.han/dot-cdist/manifest/init +++ b/youngjin.han/dot-cdist/manifest/init @@ -5,11 +5,16 @@ case "$__target_host" in __motd __timezone Asia/Seoul # __my_computer - __colourful_file --colour yellow +# __colourful_file --colour yellow + __my_nginx_site $__target_host ;; jafo.laptop) __motd __timezone Asia/Seoul - __my_computer +# __my_computer + ;; + *) +# __my_nginx + __my_nginx_site $__target_host ;; esac diff --git a/youngjin.han/dot-cdist/type/__colourful_file/manifest b/youngjin.han/dot-cdist/type/__colourful_file/manifest old mode 100644 new mode 100755 diff --git a/youngjin.han/dot-cdist/type/__my_nginx/manifest b/youngjin.han/dot-cdist/type/__my_nginx/manifest new file mode 100755 index 0000000..90602ab --- /dev/null +++ b/youngjin.han/dot-cdist/type/__my_nginx/manifest @@ -0,0 +1,8 @@ +#!/bin/sh -e + +# update package index +__apt_update_index + +require="__apt_update_index" __package nginx --state=present + + diff --git a/youngjin.han/dot-cdist/type/__my_nginx/singleton b/youngjin.han/dot-cdist/type/__my_nginx/singleton new file mode 100644 index 0000000..e69de29 diff --git a/youngjin.han/dot-cdist/type/__my_nginx_site/gencode-remote b/youngjin.han/dot-cdist/type/__my_nginx_site/gencode-remote new file mode 100644 index 0000000..608991e --- /dev/null +++ b/youngjin.han/dot-cdist/type/__my_nginx_site/gencode-remote @@ -0,0 +1 @@ +echo "sudo service nginx reload" diff --git a/youngjin.han/dot-cdist/type/__my_nginx_site/gencode-remote~ b/youngjin.han/dot-cdist/type/__my_nginx_site/gencode-remote~ new file mode 100644 index 0000000..9adb30b --- /dev/null +++ b/youngjin.han/dot-cdist/type/__my_nginx_site/gencode-remote~ @@ -0,0 +1 @@ +echo "service nginx reload" diff --git a/youngjin.han/dot-cdist/type/__my_nginx_site/manifest b/youngjin.han/dot-cdist/type/__my_nginx_site/manifest new file mode 100755 index 0000000..907798b --- /dev/null +++ b/youngjin.han/dot-cdist/type/__my_nginx_site/manifest @@ -0,0 +1,42 @@ +#!/bin/sh -e + +nginx_config_dir="/etc/nginx/conf.d" +domain="$__object_id" + +__directory /var/www/html/$domain \ + --parents --mode 0644 + +require="__directory//var/www/html/$domain" \ + __file /var/www/html/$domain/index.html \ + --source - --mode 0644 << EOF +Hello Cdist!!! +EOF + +__my_nginx + +# configure nginx +require="__my_nginx" \ + __file "$nginx_config_dir/${domain}.conf" \ + --mode 0644 --source - << EOF +server { + listen 80; + listen [::]:80; + + server_name $domaini; + + access_log /var/log/nginx/access.log; + + client_max_body_size 256m; + + location / { + root /var/www/html/$domain; + index index.html index.htm; + } + + error_page 500 502 503 504 /50x.html; + + location = /50x.html { + root /var/www/html/$domain; + } +} +EOF diff --git a/youngjin.han/dot-cdist/type/__my_nginx_site/manifest~ b/youngjin.han/dot-cdist/type/__my_nginx_site/manifest~ new file mode 100755 index 0000000..56e3762 --- /dev/null +++ b/youngjin.han/dot-cdist/type/__my_nginx_site/manifest~ @@ -0,0 +1,42 @@ +#!/bin/sh -e + +nginx_config_dir="/etc/nginx/conf.d" +domain="$__object_id" + +__directory /var/www/html/$domain \ + --parents --mode 0644 + +require="__directory//var/www/html/$domain" \ + __file /var/www/html/$domain/index.html \ + --source - --mode 0644 << EOF +Hello Cdist!!! +EOF + +__my_nginx + +# configure nginx +require="__my_nginx" \ + __file "$nginx_config_dir/${domain}.conf" \ + --mode 0644 --source - << EOF +server { + listen 80; + listen [::]:80; + + server_name $domain; + + access_log /var/log/nginx/access.log; + + client_max_body_size 256m; + + location / { + root /var/www/html/$domain; + index index.html index.htm; + } + + error_page 500 502 503 504 /50x.html; + + location = /50x.html { + root /var/www/html/$domain; + } +} +EOF diff --git a/youngjin.han/learning-node02-2020.org b/youngjin.han/learning-node02-2020.org index fa69ac2..05d6388 100644 --- a/youngjin.han/learning-node02-2020.org +++ b/youngjin.han/learning-node02-2020.org @@ -1,3 +1,55 @@ +* 2020-05-13 +*** cdist #5: Generating Code & Exploring +**** Lecture content +***** Objective + - Understand how to *generate code* and when to use it + - Exploring explorers +***** Code generation steps + - Modify the previously created type *__my_nginx_site* + - Read about cdist messaging + - If there was a change in the nginx configuration file, reload nginx +***** Explorer steps + - Modify the *__my_nginx_site* type to use the *os explorer* + - Adjust your type to work on Alpine Linux and Debian (or two + other Linux distributions of your choice) + - Set the nginx configuration directory accordingly +***** Documentation + - Explain the following in your cdist.org file + - What is the difference between gencode-remote and the remote code? + - What is the difference between gencode-local and gencode-remote? + - Locate a type that comes with upstream cdist that uses + gencode-local - which one is it? Why does it need gencode-local? +* 2020-05-11 +*** cdist #4: Requirements +**** Lecture content +***** Objective +****** Understand how requirements work +***** DONE Create a new type *__my_nginx* + CLOSED: [2020-05-12 화 02:22] +****** Make it a *singleton* +****** Make it install nginx +****** Configure a host with it +****** Usually nginx is configured includes some files +****** On the target host find out which directory nginx includes +****** We name this directory *nginx_config_dir* +***** DONE Create a new type *__my_nginx_site* + CLOSED: [2020-05-12 화 02:22] +****** Assume the *object_id* is a *domain* +****** In the __my_nginx_site create a file inside the *nginx_config_dir* +****** The filename is *${domain}.conf* +****** When using *__file*, it should *require* the *nginx package* +******* Read about cdist dependencies +****** The file should be a valid nginx configuration +****** The *server name* should be set to the specified domain +****** The *root* directive should point to /var/www/html/DOMAIN +******* (replace DOMAIN with the actual domain) +***** Use both types in the initial manifest to configure the target host +****** Create at least two domains +***** Configure the target host +****** Verify that the configuration files are properly created +***** Delete the nginx package manually on the target host +***** Comment out *__my_nginx* from the initial manifest, keep the *__my_nginx_site* +****** Explain the error that you get (in your cdist.org file) * 2020-05-08 *** cdist #3: type parameters **** Lecture content From 8bbd77418b1d4a18238d6eede1d424c7aeead9d7 Mon Sep 17 00:00:00 2001 From: kjg Date: Wed, 13 May 2020 23:58:02 +0900 Subject: [PATCH 20/33] test --- kjg/cdist.org | 2 ++ 1 file changed, 2 insertions(+) diff --git a/kjg/cdist.org b/kjg/cdist.org index 2e5b193..d5e8ff7 100644 --- a/kjg/cdist.org +++ b/kjg/cdist.org @@ -1081,3 +1081,5 @@ __ungleich_dhparam For running a specific local package ex) openssl dhparam -outform PEM -out ${destination}/${domain}_dhparam.pem $keysize + + From 0f05a6b5cd9739e6fb7057c904630e7972fcd979 Mon Sep 17 00:00:00 2001 From: Youngjin Han Date: Thu, 14 May 2020 00:02:17 +0900 Subject: [PATCH 21/33] Learning Circle : cdist #5 - update 1 --- youngjin.han/dot-cdist/type/__my_nginx_site/manifest | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/youngjin.han/dot-cdist/type/__my_nginx_site/manifest b/youngjin.han/dot-cdist/type/__my_nginx_site/manifest index 907798b..56e3762 100755 --- a/youngjin.han/dot-cdist/type/__my_nginx_site/manifest +++ b/youngjin.han/dot-cdist/type/__my_nginx_site/manifest @@ -22,7 +22,7 @@ server { listen 80; listen [::]:80; - server_name $domaini; + server_name $domain; access_log /var/log/nginx/access.log; From 06cfb930c43f2f7f80bfe2a5d50bb7d0bd38ba86 Mon Sep 17 00:00:00 2001 From: kjg Date: Thu, 14 May 2020 00:06:39 +0900 Subject: [PATCH 22/33] test --- kjg/cdist.org | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/kjg/cdist.org b/kjg/cdist.org index d5e8ff7..583bd21 100644 --- a/kjg/cdist.org +++ b/kjg/cdist.org @@ -1083,3 +1083,7 @@ For running a specific local package ex) openssl dhparam -outform PEM -out ${destination}/${domain}_dhparam.pem $keysize + + + + From bce04d46ce6955931ae01d657b690a2f7b76439c Mon Sep 17 00:00:00 2001 From: Youngjin Han Date: Thu, 14 May 2020 00:08:42 +0900 Subject: [PATCH 23/33] Learnig Circle : cdist #5 - update 2 --- youngjin.han/dot-cdist/type/__my_nginx_site/manifest | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/youngjin.han/dot-cdist/type/__my_nginx_site/manifest b/youngjin.han/dot-cdist/type/__my_nginx_site/manifest index 56e3762..0b17ddf 100755 --- a/youngjin.han/dot-cdist/type/__my_nginx_site/manifest +++ b/youngjin.han/dot-cdist/type/__my_nginx_site/manifest @@ -1,5 +1,17 @@ #!/bin/sh -e +os=$(cat "$__global/explorer/os") + +case "$os" in + devuan) + : + ;; + *) + echo "OS $os currently not supported" >&2 + exit 1 + ;; +esac + nginx_config_dir="/etc/nginx/conf.d" domain="$__object_id" From c966fdacb9d08f1df6676a1f79a9826fce0f4737 Mon Sep 17 00:00:00 2001 From: Youngjin Han Date: Thu, 14 May 2020 00:55:29 +0900 Subject: [PATCH 24/33] Learning Circle : cdist #5 - update 3 --- youngjin.han/cdist.org | 5 +++++ youngjin.han/dot-cdist/type/__my_nginx_site/manifest | 4 ++-- youngjin.han/learning-node02-2020.org | 9 ++++++--- 3 files changed, 13 insertions(+), 5 deletions(-) diff --git a/youngjin.han/cdist.org b/youngjin.han/cdist.org index 4609010..4e9c0bc 100644 --- a/youngjin.han/cdist.org +++ b/youngjin.han/cdist.org @@ -1,3 +1,8 @@ +* cidst #5 + - gencode-remote : is executed on the target + - remote code : behave as if it where ssh (e.g. ssh -o User=root) + - gencode-local : is executed locally + - __file has gencode-local that is need to excute and debug commands * singleton / non-singleton ** non-singleton needs process ID. ** singletion should be carried out by itself. diff --git a/youngjin.han/dot-cdist/type/__my_nginx_site/manifest b/youngjin.han/dot-cdist/type/__my_nginx_site/manifest index 0b17ddf..1e08e8b 100755 --- a/youngjin.han/dot-cdist/type/__my_nginx_site/manifest +++ b/youngjin.han/dot-cdist/type/__my_nginx_site/manifest @@ -5,11 +5,11 @@ os=$(cat "$__global/explorer/os") case "$os" in devuan) : - ;; + ;; *) echo "OS $os currently not supported" >&2 exit 1 - ;; + ;; esac nginx_config_dir="/etc/nginx/conf.d" diff --git a/youngjin.han/learning-node02-2020.org b/youngjin.han/learning-node02-2020.org index 05d6388..10f0f3d 100644 --- a/youngjin.han/learning-node02-2020.org +++ b/youngjin.han/learning-node02-2020.org @@ -4,16 +4,19 @@ ***** Objective - Understand how to *generate code* and when to use it - Exploring explorers -***** Code generation steps +***** DONE Code generation steps + CLOSED: [2020-05-14 목 00:54] - Modify the previously created type *__my_nginx_site* - Read about cdist messaging - If there was a change in the nginx configuration file, reload nginx -***** Explorer steps +***** DONE Explorer steps + CLOSED: [2020-05-14 목 00:54] - Modify the *__my_nginx_site* type to use the *os explorer* - Adjust your type to work on Alpine Linux and Debian (or two other Linux distributions of your choice) - Set the nginx configuration directory accordingly -***** Documentation +***** DONE Documentation + CLOSED: [2020-05-14 목 00:54] - Explain the following in your cdist.org file - What is the difference between gencode-remote and the remote code? - What is the difference between gencode-local and gencode-remote? From 700bc82bfd28877f9afde5e703f9895e49a2e47d Mon Sep 17 00:00:00 2001 From: Youngjin Han Date: Wed, 13 May 2020 18:02:09 +0200 Subject: [PATCH 25/33] Delete gencode-remote~ --- youngjin.han/dot-cdist/type/__my_nginx_site/gencode-remote~ | 1 - 1 file changed, 1 deletion(-) delete mode 100644 youngjin.han/dot-cdist/type/__my_nginx_site/gencode-remote~ diff --git a/youngjin.han/dot-cdist/type/__my_nginx_site/gencode-remote~ b/youngjin.han/dot-cdist/type/__my_nginx_site/gencode-remote~ deleted file mode 100644 index 9adb30b..0000000 --- a/youngjin.han/dot-cdist/type/__my_nginx_site/gencode-remote~ +++ /dev/null @@ -1 +0,0 @@ -echo "service nginx reload" From 76fb5ec5750d8f5732a328d5e5f44ab37c641c21 Mon Sep 17 00:00:00 2001 From: Youngjin Han Date: Wed, 13 May 2020 18:02:20 +0200 Subject: [PATCH 26/33] Delete manifest~ --- .../dot-cdist/type/__my_nginx_site/manifest~ | 42 ------------------- 1 file changed, 42 deletions(-) delete mode 100755 youngjin.han/dot-cdist/type/__my_nginx_site/manifest~ diff --git a/youngjin.han/dot-cdist/type/__my_nginx_site/manifest~ b/youngjin.han/dot-cdist/type/__my_nginx_site/manifest~ deleted file mode 100755 index 56e3762..0000000 --- a/youngjin.han/dot-cdist/type/__my_nginx_site/manifest~ +++ /dev/null @@ -1,42 +0,0 @@ -#!/bin/sh -e - -nginx_config_dir="/etc/nginx/conf.d" -domain="$__object_id" - -__directory /var/www/html/$domain \ - --parents --mode 0644 - -require="__directory//var/www/html/$domain" \ - __file /var/www/html/$domain/index.html \ - --source - --mode 0644 << EOF -Hello Cdist!!! -EOF - -__my_nginx - -# configure nginx -require="__my_nginx" \ - __file "$nginx_config_dir/${domain}.conf" \ - --mode 0644 --source - << EOF -server { - listen 80; - listen [::]:80; - - server_name $domain; - - access_log /var/log/nginx/access.log; - - client_max_body_size 256m; - - location / { - root /var/www/html/$domain; - index index.html index.htm; - } - - error_page 500 502 503 504 /50x.html; - - location = /50x.html { - root /var/www/html/$domain; - } -} -EOF From 55d8144976a37db79e70e24d088c1b685548ca34 Mon Sep 17 00:00:00 2001 From: Youngjin Han Date: Fri, 15 May 2020 19:50:26 +0900 Subject: [PATCH 27/33] Learning Circle : cdist 6 - update contents --- .gitignore | 2 + youngjin.han/learning-node02-2020.org | 109 ++++++++++++++++++-------- 2 files changed, 78 insertions(+), 33 deletions(-) diff --git a/.gitignore b/.gitignore index 1be44a1..a7ddd91 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,4 @@ /youngjin.han/dot-cdist/type/__my_computer/manifest~ /youngjin.han/cdist.org~ +/youngjin.han/dot-cdist/type/__colourful_file/file/colourful~ +/youngjin.han/dot-cdist/type/__colourful_file/manifest~ diff --git a/youngjin.han/learning-node02-2020.org b/youngjin.han/learning-node02-2020.org index 10f0f3d..88b148b 100644 --- a/youngjin.han/learning-node02-2020.org +++ b/youngjin.han/learning-node02-2020.org @@ -1,3 +1,46 @@ +* 2020-05-15 +*** cdist #6: Glueing it together +**** Lecture content +***** Objective + - Apply learnings from the previous cdist sessions +***** Steps 1: *__all_in_one* (1.25h) + - Create a new type named *__all_in_one* + - Decide yourself whether it is a singleton or not + - Reason why in your cdist.org file + - It should work on alpine, debian and fedora + - It accepts the following parameters: + - *--with-x* (boolean) + - *--extra-packages* (optional multiple) + - On Alpine, it should install netcat-openbsd and tshark + - On Debian, it should install netcat tshark + - On Fedora, it should install nmap-ncat wireshark-cli + - On all operating systems install socat sipcalc sudo + - If the detected operating system is neither + Alpine/Debian/Fedora, output an error message and abort the + manifest with exit code 1 + - Additionally install all packages specified by the *--extra-packages* parameter +***** Steps 2: *__firewall* (1.25h) + - Create a new type *__my_firewall* + - Add a *type explorer* to find out whether nft is present on + the target system + - Add a required parameter named *file* + - If the type explorer does not detect nft on the target system, + abort with an error message + - Deploy the specified file to */etc/my-nftables* + - Add a *type explorer* that reads the current nft rules + - If the rules are different on the target host, apply the new + ruleset by generating code in *gencode-remote* + - If the filename specified by the *file* parameter is *-* (the + minus sign), then the type should read from *stdin* +***** Step 3: manifest (0.5h) + - Create a new manifest in the folder that contains the initial manifest + - Name the new manifest *firewall* + - Source the *firewall* manifest in the *initial* manifest + - In the *firewall* manifest, match on *localhost* + - Install nftables + - Use the *__firewall* type + - Use correct *require* parameter to ensure that nftables is + installed before the *__firewall* type is run * 2020-05-13 *** cdist #5: Generating Code & Exploring **** Lecture content @@ -26,53 +69,53 @@ *** cdist #4: Requirements **** Lecture content ***** Objective -****** Understand how requirements work + - Understand how requirements work ***** DONE Create a new type *__my_nginx* CLOSED: [2020-05-12 화 02:22] -****** Make it a *singleton* -****** Make it install nginx -****** Configure a host with it -****** Usually nginx is configured includes some files -****** On the target host find out which directory nginx includes -****** We name this directory *nginx_config_dir* + - Make it a *singleton* + - Make it install nginx + - Configure a host with it + - Usually nginx is configured includes some files + - On the target host find out which directory nginx includes + - We name this directory *nginx_config_dir* ***** DONE Create a new type *__my_nginx_site* CLOSED: [2020-05-12 화 02:22] -****** Assume the *object_id* is a *domain* -****** In the __my_nginx_site create a file inside the *nginx_config_dir* -****** The filename is *${domain}.conf* -****** When using *__file*, it should *require* the *nginx package* -******* Read about cdist dependencies -****** The file should be a valid nginx configuration -****** The *server name* should be set to the specified domain -****** The *root* directive should point to /var/www/html/DOMAIN -******* (replace DOMAIN with the actual domain) + - Assume the *object_id* is a *domain* + - In the __my_nginx_site create a file inside the *nginx_config_dir* + - The filename is *${domain}.conf* + - When using *__file*, it should *require* the *nginx package* + - Read about cdist dependencies + - The file should be a valid nginx configuration + - The *server name* should be set to the specified domain + - The *root* directive should point to /var/www/html/DOMAIN + - (replace DOMAIN with the actual domain) ***** Use both types in the initial manifest to configure the target host -****** Create at least two domains + - Create at least two domains ***** Configure the target host -****** Verify that the configuration files are properly created + - Verify that the configuration files are properly created ***** Delete the nginx package manually on the target host ***** Comment out *__my_nginx* from the initial manifest, keep the *__my_nginx_site* -****** Explain the error that you get (in your cdist.org file) + - Explain the error that you get (in your cdist.org file) * 2020-05-08 *** cdist #3: type parameters **** Lecture content ***** TODO Create a new type named *__colourful_file* -****** TODO The objective is to create a type that creates colourful file -****** TODO The content of the file should be "colour=...", where "..." is a colour specified by a parameter -****** TODO Add an *optional parameter* named *colour* -****** TODO Use the **__file** type inside your type to create a file -****** TODO Use the *$__object_id* variable inside your type + - The objective is to create a type that creates colourful file + - The content of the file should be "colour=...", where "..." is a colour specified by a parameter + - Add an *optional parameter* named *colour* + - Use the **__file** type inside your type to create a file + - Use the *$__object_id* variable inside your type ***** TODO Extend your type to be more colourful -****** TODO Modify the *optional parameter* to be able to be specified *multiple times* -****** TODO For each time it is specified, add a line "colour=..." to the file + - Modify the *optional parameter* to be able to be specified *multiple times* + - For each time it is specified, add a line "colour=..." to the file ***** TODO Create a new type *__my_dotfiles* -****** TODO Objective is to manage the dotfiles in your home directory -****** TODO Make it a *singleton* type -****** TODO Create a sub directory *files* in the type -****** TODO Add your .emacs config to the files folder -****** TODO Add a *for* loop to your type to deploy .[A-z]* to your home directory -****** TODO Add a .bashrc or .zshrc to the files folder (depending on your shell) -****** TODO In the initial manifest, add __my_dotfiles when the target host is localhost + - Objective is to manage the dotfiles in your home directory + - Make it a *singleton* type + - Create a sub directory *files* in the type + - Add your .emacs config to the files folder + - Add a *for* loop to your type to deploy .[A-z]* to your home directory + - Add a .bashrc or .zshrc to the files folder (depending on your shell) + - In the initial manifest, add __my_dotfiles when the target host is localhost ***** TODO As usual commit all changes to your ungleich-learning-circle repo * 2020-05-06 ** cdist #2: Your first cdist type From e89907dc24ff8cf69b78965ea8acaa3433684d3c Mon Sep 17 00:00:00 2001 From: kjg Date: Fri, 15 May 2020 20:55:57 +0900 Subject: [PATCH 28/33] test --- kjg/dot-cdist/manifest/init | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kjg/dot-cdist/manifest/init b/kjg/dot-cdist/manifest/init index ba3b873..ec9fdfb 100644 --- a/kjg/dot-cdist/manifest/init +++ b/kjg/dot-cdist/manifest/init @@ -7,5 +7,5 @@ case "$__target_host" in ;; *) __my_nginx - __my_nginx_site $__target_host + __my_nginx_site $__target_host #test esac From 8cb2c6cc79318bef566f196da5e5dd3d34e0dc37 Mon Sep 17 00:00:00 2001 From: Youngjin Han Date: Fri, 15 May 2020 21:13:35 +0900 Subject: [PATCH 29/33] Learning Circle : cdist #3 - update __my_dotfile --- youngjin.han/dot-cdist/manifest/init | 5 +- .../type/__colourful_file/file/colourful | 9 -- .../dot-cdist/type/__colourful_file/manifest | 12 +- .../parameter/{optional => optional_multiple} | 0 .../type/__my_dotfiles/files/.bashrc | 115 ++++++++++++++++++ .../type/__my_dotfiles/files/.profile | 24 ++++ .../dot-cdist/type/__my_dotfiles/manifest | 10 ++ .../dot-cdist/type/__my_dotfiles/singleton | 0 .../dot-cdist/type/__my_nginx_site/manifest | 4 +- youngjin.han/learning-node02-2020.org | 24 ++-- 10 files changed, 176 insertions(+), 27 deletions(-) delete mode 100644 youngjin.han/dot-cdist/type/__colourful_file/file/colourful rename youngjin.han/dot-cdist/type/__colourful_file/parameter/{optional => optional_multiple} (100%) create mode 100644 youngjin.han/dot-cdist/type/__my_dotfiles/files/.bashrc create mode 100644 youngjin.han/dot-cdist/type/__my_dotfiles/files/.profile create mode 100755 youngjin.han/dot-cdist/type/__my_dotfiles/manifest create mode 100644 youngjin.han/dot-cdist/type/__my_dotfiles/singleton diff --git a/youngjin.han/dot-cdist/manifest/init b/youngjin.han/dot-cdist/manifest/init index 5d18418..48e4995 100644 --- a/youngjin.han/dot-cdist/manifest/init +++ b/youngjin.han/dot-cdist/manifest/init @@ -5,8 +5,9 @@ case "$__target_host" in __motd __timezone Asia/Seoul # __my_computer -# __colourful_file --colour yellow - __my_nginx_site $__target_host +# __colourful_file --colour yellow --colour blue --colour red --colour green +# __my_dotfiles +# __my_nginx_site $__target_host ;; jafo.laptop) __motd diff --git a/youngjin.han/dot-cdist/type/__colourful_file/file/colourful b/youngjin.han/dot-cdist/type/__colourful_file/file/colourful deleted file mode 100644 index 79fda42..0000000 --- a/youngjin.han/dot-cdist/type/__colourful_file/file/colourful +++ /dev/null @@ -1,9 +0,0 @@ -colour=\ -yellow\ -black\ -white\ -grey\ -puple\ -green\ -red\ -blue \ No newline at end of file diff --git a/youngjin.han/dot-cdist/type/__colourful_file/manifest b/youngjin.han/dot-cdist/type/__colourful_file/manifest index 7248b48..493b7d1 100755 --- a/youngjin.han/dot-cdist/type/__colourful_file/manifest +++ b/youngjin.han/dot-cdist/type/__colourful_file/manifest @@ -1,14 +1,14 @@ #!/bin/sh -e __file ~/colourful -printf "colour=" > ~/colourful +printf "colour=\n" > ~/colourful # parameter with multiple values if [ -f "$__object/parameter/colour" ]; then - colour="$(cat "$__object/parameter/colour")" - echo $colour >> ~/colourful -# for alias in $(cat "$__object/parameter/colour"); do -# echo $alias >> ~/colourful -# done +# colour="$(cat "$__object/parameter/colour")" +# printf "$colour\n" >> ~/colourful + for alias in $(cat "$__object/parameter/colour"); do + printf "$alias\n" >> ~/colourful + done fi diff --git a/youngjin.han/dot-cdist/type/__colourful_file/parameter/optional b/youngjin.han/dot-cdist/type/__colourful_file/parameter/optional_multiple similarity index 100% rename from youngjin.han/dot-cdist/type/__colourful_file/parameter/optional rename to youngjin.han/dot-cdist/type/__colourful_file/parameter/optional_multiple diff --git a/youngjin.han/dot-cdist/type/__my_dotfiles/files/.bashrc b/youngjin.han/dot-cdist/type/__my_dotfiles/files/.bashrc new file mode 100644 index 0000000..2a25145 --- /dev/null +++ b/youngjin.han/dot-cdist/type/__my_dotfiles/files/.bashrc @@ -0,0 +1,115 @@ +# ~/.bashrc: executed by bash(1) for non-login shells. +# see /usr/share/doc/bash/examples/startup-files (in the package bash-doc) +# for examples + +# If not running interactively, don't do anything +case $- in + *i*) ;; + *) return;; +esac + +# don't put duplicate lines or lines starting with space in the history. +# See bash(1) for more options +HISTCONTROL=ignoreboth + +# append to the history file, don't overwrite it +shopt -s histappend + +# for setting history length see HISTSIZE and HISTFILESIZE in bash(1) +HISTSIZE=1000 +HISTFILESIZE=2000 + +# check the window size after each command and, if necessary, +# update the values of LINES and COLUMNS. +shopt -s checkwinsize + +# If set, the pattern "**" used in a pathname expansion context will +# match all files and zero or more directories and subdirectories. +#shopt -s globstar + +# make less more friendly for non-text input files, see lesspipe(1) +#[ -x /usr/bin/lesspipe ] && eval "$(SHELL=/bin/sh lesspipe)" + +# set variable identifying the chroot you work in (used in the prompt below) +if [ -z "${debian_chroot:-}" ] && [ -r /etc/debian_chroot ]; then + debian_chroot=$(cat /etc/debian_chroot) +fi + +# set a fancy prompt (non-color, unless we know we "want" color) +case "$TERM" in + xterm-color|*-256color) color_prompt=yes;; +esac + +# uncomment for a colored prompt, if the terminal has the capability; turned +# off by default to not distract the user: the focus in a terminal window +# should be on the output of commands, not on the prompt +#force_color_prompt=yes + +if [ -n "$force_color_prompt" ]; then + if [ -x /usr/bin/tput ] && tput setaf 1 >&/dev/null; then + # We have color support; assume it's compliant with Ecma-48 + # (ISO/IEC-6429). (Lack of such support is extremely rare, and such + # a case would tend to support setf rather than setaf.) + color_prompt=yes + else + color_prompt= + fi +fi + +if [ "$color_prompt" = yes ]; then + PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ ' +else + PS1='${debian_chroot:+($debian_chroot)}\u@\h:\w\$ ' +fi +unset color_prompt force_color_prompt + +# If this is an xterm set the title to user@host:dir +case "$TERM" in +xterm*|rxvt*) + PS1="\[\e]0;${debian_chroot:+($debian_chroot)}\u@\h: \w\a\]$PS1" + ;; +*) + ;; +esac + +# enable color support of ls and also add handy aliases +if [ -x /usr/bin/dircolors ]; then + test -r ~/.dircolors && eval "$(dircolors -b ~/.dircolors)" || eval "$(dircolors -b)" + alias ls='ls --color=auto' + alias dir='dir --color=auto' + alias vdir='vdir --color=auto' + + alias grep='grep --color=auto' + alias fgrep='fgrep --color=auto' + alias egrep='egrep --color=auto' +fi + +# colored GCC warnings and errors +#export GCC_COLORS='error=01;31:warning=01;35:note=01;36:caret=01;32:locus=01:quote=01' + +export TERM=xterm-256color + +# some more ls aliases +alias ll='ls -alF' +alias la='ls -A' +alias l='ls -CF' + +# Alias definitions. +# You may want to put all your additions into a separate file like +# ~/.bash_aliases, instead of adding them here directly. +# See /usr/share/doc/bash-doc/examples in the bash-doc package. + +if [ -f ~/.bash_aliases ]; then + . ~/.bash_aliases +fi + +# enable programmable completion features (you don't need to enable +# this, if it's already enabled in /etc/bash.bashrc and /etc/profile +# sources /etc/bash.bashrc). +if ! shopt -oq posix; then + if [ -f /usr/share/bash-completion/bash_completion ]; then + . /usr/share/bash-completion/bash_completion + elif [ -f /etc/bash_completion ]; then + . /etc/bash_completion + fi +fi diff --git a/youngjin.han/dot-cdist/type/__my_dotfiles/files/.profile b/youngjin.han/dot-cdist/type/__my_dotfiles/files/.profile new file mode 100644 index 0000000..6a098ff --- /dev/null +++ b/youngjin.han/dot-cdist/type/__my_dotfiles/files/.profile @@ -0,0 +1,24 @@ +# ~/.profile: executed by the command interpreter for login shells. +# This file is not read by bash(1), if ~/.bash_profile or ~/.bash_login +# exists. +# see /usr/share/doc/bash/examples/startup-files for examples. +# the files are located in the bash-doc package. + +# the default umask is set in /etc/profile; for setting the umask +# for ssh logins, install and configure the libpam-umask package. +#umask 022 + +# if running bash +if [ -n "$BASH_VERSION" ]; then + # include .bashrc if it exists + if [ -f "$HOME/.bashrc" ]; then + . "$HOME/.bashrc" + fi +fi + +# set PATH so it includes user's private bin if it exists +if [ -d "$HOME/bin" ] ; then + PATH="$HOME/bin:$PATH" +fi + +export PATH=$PATH:/sbin:/usr/sbin diff --git a/youngjin.han/dot-cdist/type/__my_dotfiles/manifest b/youngjin.han/dot-cdist/type/__my_dotfiles/manifest new file mode 100755 index 0000000..b3de322 --- /dev/null +++ b/youngjin.han/dot-cdist/type/__my_dotfiles/manifest @@ -0,0 +1,10 @@ +#!/bin/sh -e + +cd "$__type/files/" +dotfiles=$(ls -a .[A-z]*) + +for df in $dotfiles; do + __file ~/$df \ + --mode 0644 --source "$__type/files/$df" +done + diff --git a/youngjin.han/dot-cdist/type/__my_dotfiles/singleton b/youngjin.han/dot-cdist/type/__my_dotfiles/singleton new file mode 100644 index 0000000..e69de29 diff --git a/youngjin.han/dot-cdist/type/__my_nginx_site/manifest b/youngjin.han/dot-cdist/type/__my_nginx_site/manifest index 1e08e8b..d0330fc 100755 --- a/youngjin.han/dot-cdist/type/__my_nginx_site/manifest +++ b/youngjin.han/dot-cdist/type/__my_nginx_site/manifest @@ -16,11 +16,11 @@ nginx_config_dir="/etc/nginx/conf.d" domain="$__object_id" __directory /var/www/html/$domain \ - --parents --mode 0644 + --parents --mode 0755 require="__directory//var/www/html/$domain" \ __file /var/www/html/$domain/index.html \ - --source - --mode 0644 << EOF + --mode 0644 --source - << EOF Hello Cdist!!! EOF diff --git a/youngjin.han/learning-node02-2020.org b/youngjin.han/learning-node02-2020.org index 88b148b..2034589 100644 --- a/youngjin.han/learning-node02-2020.org +++ b/youngjin.han/learning-node02-2020.org @@ -89,26 +89,33 @@ - The *server name* should be set to the specified domain - The *root* directive should point to /var/www/html/DOMAIN - (replace DOMAIN with the actual domain) -***** Use both types in the initial manifest to configure the target host +***** DONE Use both types in the initial manifest to configure the target host + CLOSED: [2020-05-15 금 21:07] - Create at least two domains -***** Configure the target host +***** DONE Configure the target host + CLOSED: [2020-05-15 금 21:08] - Verify that the configuration files are properly created -***** Delete the nginx package manually on the target host -***** Comment out *__my_nginx* from the initial manifest, keep the *__my_nginx_site* +***** DONE Delete the nginx package manually on the target host + CLOSED: [2020-05-15 금 21:08] +***** DONE Comment out *__my_nginx* from the initial manifest, keep the *__my_nginx_site* + CLOSED: [2020-05-15 금 21:08] - Explain the error that you get (in your cdist.org file) * 2020-05-08 *** cdist #3: type parameters **** Lecture content -***** TODO Create a new type named *__colourful_file* +***** DONE Create a new type named *__colourful_file* + CLOSED: [2020-05-15 금 20:29] - The objective is to create a type that creates colourful file - The content of the file should be "colour=...", where "..." is a colour specified by a parameter - Add an *optional parameter* named *colour* - Use the **__file** type inside your type to create a file - Use the *$__object_id* variable inside your type -***** TODO Extend your type to be more colourful +***** DONE Extend your type to be more colourful + CLOSED: [2020-05-15 금 20:29] - Modify the *optional parameter* to be able to be specified *multiple times* - For each time it is specified, add a line "colour=..." to the file -***** TODO Create a new type *__my_dotfiles* +***** DONE Create a new type *__my_dotfiles* + CLOSED: [2020-05-15 금 21:07] - Objective is to manage the dotfiles in your home directory - Make it a *singleton* type - Create a sub directory *files* in the type @@ -116,7 +123,8 @@ - Add a *for* loop to your type to deploy .[A-z]* to your home directory - Add a .bashrc or .zshrc to the files folder (depending on your shell) - In the initial manifest, add __my_dotfiles when the target host is localhost -***** TODO As usual commit all changes to your ungleich-learning-circle repo +***** DONE As usual commit all changes to your ungleich-learning-circle repo + CLOSED: [2020-05-15 금 21:07] * 2020-05-06 ** cdist #2: Your first cdist type **** Lecture content From 93b1d1baa17c4b82509fd76d387555491cae9c3c Mon Sep 17 00:00:00 2001 From: kjg Date: Fri, 15 May 2020 22:06:39 +0900 Subject: [PATCH 30/33] [cdist #6] create __all_in_one type --- kjg/cdist.org | 5 +++ kjg/dot-cdist/manifest/init | 3 +- kjg/dot-cdist/type/__all_in_one/manifest | 38 +++++++++++++++++++ .../type/__all_in_one/parameter/boolean | 1 + .../__all_in_one/parameter/optional_multiple | 1 + .../__all_in_one/parameter/optional_multiple~ | 1 + kjg/dot-cdist/type/__all_in_one/singleton | 0 7 files changed, 48 insertions(+), 1 deletion(-) create mode 100644 kjg/dot-cdist/type/__all_in_one/manifest create mode 100644 kjg/dot-cdist/type/__all_in_one/parameter/boolean create mode 100644 kjg/dot-cdist/type/__all_in_one/parameter/optional_multiple create mode 100644 kjg/dot-cdist/type/__all_in_one/parameter/optional_multiple~ create mode 100644 kjg/dot-cdist/type/__all_in_one/singleton diff --git a/kjg/cdist.org b/kjg/cdist.org index 583bd21..ab709af 100644 --- a/kjg/cdist.org +++ b/kjg/cdist.org @@ -1087,3 +1087,8 @@ ex) openssl dhparam -outform PEM -out ${destination}/${domain}_dhparam.pem $keys + +* cdist6 +** __all_in_one +i used singleton, because it does not need specific host. +** __firewall diff --git a/kjg/dot-cdist/manifest/init b/kjg/dot-cdist/manifest/init index ec9fdfb..3b61b1b 100644 --- a/kjg/dot-cdist/manifest/init +++ b/kjg/dot-cdist/manifest/init @@ -3,7 +3,8 @@ case "$__target_host" in localhost) #__my_computer #__colourful_file test --colour test1 --colour test2 - __my_dotfiles + #__my_dotfiles + __all_in_one --with-x --extra-packages git ;; *) __my_nginx diff --git a/kjg/dot-cdist/type/__all_in_one/manifest b/kjg/dot-cdist/type/__all_in_one/manifest new file mode 100644 index 0000000..87057e4 --- /dev/null +++ b/kjg/dot-cdist/type/__all_in_one/manifest @@ -0,0 +1,38 @@ +#!/bin/sh + +os=$(cat "$__global/explorer/os") + +case "$os" in + alpine) + os_pkgs="netcat-openbsd and tshark" + ;; + debian|devuan) + os_pkgs="netcat tshark" + ;; + fedora) + os_pkgs="nmap-ncat wireshark-cli" + ;; + *) + echo "OS $os currently not supported" >&2 + exit 1 + ;; +esac + +base_pkgs="socat sipcalc sudo" + + +if [! -f ${__object}/parameter/with-x ]; then + for bpkg in ${base_pkgs}; do + __package ${bpkg} --state present + done + + for opkg in ${os_pkgs}; do + __package ${opkg} --state present + done +fi + +if [ -f "$__object/parameter/extra-packages" ]; then + for epkg in $(cat $__object/parameter/extra-packages); do + __package $epkg --state present + done +fi diff --git a/kjg/dot-cdist/type/__all_in_one/parameter/boolean b/kjg/dot-cdist/type/__all_in_one/parameter/boolean new file mode 100644 index 0000000..b333e3c --- /dev/null +++ b/kjg/dot-cdist/type/__all_in_one/parameter/boolean @@ -0,0 +1 @@ +with-x \ No newline at end of file diff --git a/kjg/dot-cdist/type/__all_in_one/parameter/optional_multiple b/kjg/dot-cdist/type/__all_in_one/parameter/optional_multiple new file mode 100644 index 0000000..2cfc07b --- /dev/null +++ b/kjg/dot-cdist/type/__all_in_one/parameter/optional_multiple @@ -0,0 +1 @@ +extra-packages diff --git a/kjg/dot-cdist/type/__all_in_one/parameter/optional_multiple~ b/kjg/dot-cdist/type/__all_in_one/parameter/optional_multiple~ new file mode 100644 index 0000000..d9d6344 --- /dev/null +++ b/kjg/dot-cdist/type/__all_in_one/parameter/optional_multiple~ @@ -0,0 +1 @@ +extra-packages \ No newline at end of file diff --git a/kjg/dot-cdist/type/__all_in_one/singleton b/kjg/dot-cdist/type/__all_in_one/singleton new file mode 100644 index 0000000..e69de29 From 292b617463004a8d844150cd9b627f38f9370710 Mon Sep 17 00:00:00 2001 From: kjg Date: Fri, 15 May 2020 23:58:20 +0900 Subject: [PATCH 31/33] [cdist #6] create __my_firewall type --- kjg/dot-cdist/manifest/firewall | 10 +++++ kjg/dot-cdist/manifest/init | 5 +++ .../type/__my_firewall/explorer/exists | 3 ++ .../type/__my_firewall/explorer/nfrule | 3 ++ .../type/__my_firewall/gencode-remote | 5 +++ .../type/__my_firewall/gencode-remote~ | 5 +++ kjg/dot-cdist/type/__my_firewall/manifest | 24 +++++++++++ kjg/dot-cdist/type/__my_firewall/manifest~ | 40 +++++++++++++++++++ kjg/dot-cdist/type/__my_firewall/singleton | 0 9 files changed, 95 insertions(+) create mode 100644 kjg/dot-cdist/manifest/firewall create mode 100644 kjg/dot-cdist/type/__my_firewall/explorer/exists create mode 100644 kjg/dot-cdist/type/__my_firewall/explorer/nfrule create mode 100644 kjg/dot-cdist/type/__my_firewall/gencode-remote create mode 100644 kjg/dot-cdist/type/__my_firewall/gencode-remote~ create mode 100644 kjg/dot-cdist/type/__my_firewall/manifest create mode 100644 kjg/dot-cdist/type/__my_firewall/manifest~ create mode 100644 kjg/dot-cdist/type/__my_firewall/singleton diff --git a/kjg/dot-cdist/manifest/firewall b/kjg/dot-cdist/manifest/firewall new file mode 100644 index 0000000..da93aa2 --- /dev/null +++ b/kjg/dot-cdist/manifest/firewall @@ -0,0 +1,10 @@ +case "$__target_host" in + # Everybody has this + localhost) + __package nftables + require="__package/nftables" __my_firewall --file basic + ;; + *) + __my_nginx + __my_nginx_site $__target_host #test +esac \ No newline at end of file diff --git a/kjg/dot-cdist/manifest/init b/kjg/dot-cdist/manifest/init index 3b61b1b..6fd3e2c 100644 --- a/kjg/dot-cdist/manifest/init +++ b/kjg/dot-cdist/manifest/init @@ -1,3 +1,7 @@ +#!/bin/sh + +sh -e "$__manifest/firewall" + case "$__target_host" in # Everybody has this localhost) @@ -10,3 +14,4 @@ case "$__target_host" in __my_nginx __my_nginx_site $__target_host #test esac + diff --git a/kjg/dot-cdist/type/__my_firewall/explorer/exists b/kjg/dot-cdist/type/__my_firewall/explorer/exists new file mode 100644 index 0000000..1839cf9 --- /dev/null +++ b/kjg/dot-cdist/type/__my_firewall/explorer/exists @@ -0,0 +1,3 @@ +#!/bin/sh + +nft -V | grpe v* || true diff --git a/kjg/dot-cdist/type/__my_firewall/explorer/nfrule b/kjg/dot-cdist/type/__my_firewall/explorer/nfrule new file mode 100644 index 0000000..ffaadf5 --- /dev/null +++ b/kjg/dot-cdist/type/__my_firewall/explorer/nfrule @@ -0,0 +1,3 @@ + + +nft list ruleset diff --git a/kjg/dot-cdist/type/__my_firewall/gencode-remote b/kjg/dot-cdist/type/__my_firewall/gencode-remote new file mode 100644 index 0000000..28c684f --- /dev/null +++ b/kjg/dot-cdist/type/__my_firewall/gencode-remote @@ -0,0 +1,5 @@ +#!/bin/sh -e + +if [! -f echo "diff /etc/my-nftables /etc/readrule"]; then + echo "nft -f /etc/my-nftables" +fi diff --git a/kjg/dot-cdist/type/__my_firewall/gencode-remote~ b/kjg/dot-cdist/type/__my_firewall/gencode-remote~ new file mode 100644 index 0000000..d263ed7 --- /dev/null +++ b/kjg/dot-cdist/type/__my_firewall/gencode-remote~ @@ -0,0 +1,5 @@ +#!/bin/sh -e + +if [! -f echo "diff /etc/my-nftables /etc/readnfrule"]; then + echo "nft -f /etc/my-nftables" +fi diff --git a/kjg/dot-cdist/type/__my_firewall/manifest b/kjg/dot-cdist/type/__my_firewall/manifest new file mode 100644 index 0000000..154d40b --- /dev/null +++ b/kjg/dot-cdist/type/__my_firewall/manifest @@ -0,0 +1,24 @@ +#!/bin/sh + +os=$(cat "$__global/explorer/os") + +nft_path="/etc/my-nftables" + +if [ ! -f "$__global/explorer/exists" ];then + echo "crrently no nft" >&2 + exit 1 +fi + +if ["-" -eq "$__object/parameter/file" ]; then + filename="$__object/stdin" + +else + filename=($__object/parameter/file) +fi + +__file ${nft_path} --mode 644 --source "$__type/files/${filename}" + + +if [ -f "$__global/explorer/nfrule" ]; then + echo "$__global/explorer//nfrule" > /etc/readrule +fi diff --git a/kjg/dot-cdist/type/__my_firewall/manifest~ b/kjg/dot-cdist/type/__my_firewall/manifest~ new file mode 100644 index 0000000..8f1f178 --- /dev/null +++ b/kjg/dot-cdist/type/__my_firewall/manifest~ @@ -0,0 +1,40 @@ +#!/bin/sh + +os=$(cat "$__global/explorer/os") + +nft_path="/etc/my-nftables" + +case "$os" in + alpine) + os_pkgs="netcat-openbsd and tshark" + ;; + debian|devuan) + os_pkgs="netcat tshark" + ;; + fedora) + os_pkgs="nmap-ncat wireshark-cli" + ;; + *) + echo "OS $os currently not supported" >&2 + exit 1 + ;; +esac + +if [ ! -f "$__global/explorer/exists" ];then + echo "crrently no nft" >&2 + exit 1 +fi + +if ["-" -eq "$__object/parameter/file" ]; then + filename="$__object/stdin" + +else + filename=($__object/parameter/file) +fi + +__file ${nft_path} --mode 644 --source "$__type/files/${filename}" + + +if [ -f "$__global/explorer/nfrule" ]; then + echo "$__global/explorer//nfrule" > /etc/readrule +fi diff --git a/kjg/dot-cdist/type/__my_firewall/singleton b/kjg/dot-cdist/type/__my_firewall/singleton new file mode 100644 index 0000000..e69de29 From c6d5aa128bc9473e08c32a470f630aecb7c04165 Mon Sep 17 00:00:00 2001 From: kjg Date: Sat, 16 May 2020 00:01:14 +0900 Subject: [PATCH 32/33] [cdist #6] update file for __my_firewall --- kjg/dot-cdist/type/__my_firewall/files/basic | 1 + 1 file changed, 1 insertion(+) create mode 100644 kjg/dot-cdist/type/__my_firewall/files/basic diff --git a/kjg/dot-cdist/type/__my_firewall/files/basic b/kjg/dot-cdist/type/__my_firewall/files/basic new file mode 100644 index 0000000..30d74d2 --- /dev/null +++ b/kjg/dot-cdist/type/__my_firewall/files/basic @@ -0,0 +1 @@ +test \ No newline at end of file From 7b39b906fb48ddded2441b1881b12231453ffda8 Mon Sep 17 00:00:00 2001 From: samuel Date: Fri, 15 May 2020 17:01:31 +0200 Subject: [PATCH 33/33] all --- .../.cdist/type/__all_in_one/manifest | 30 +++++++++++++++++++ .../type/__all_in_one/parameter/boolean | 1 + .../type/__all_in_one/parameter/optional | 0 .../.cdist/type/__all_in_one/singleton | 0 .../.cdist/type/__colorful_file/manifest | 24 +++++++++++++++ .../type/__colorful_file/parameter/optional | 1 + .../__my_firewall/explorer/package-ensured | 9 ++++++ .../.cdist/type/__my_firewall/manifest | 0 .../type/__my_firewall/parameter/required | 1 + 9 files changed, 66 insertions(+) create mode 100644 sami/my-cdist/.cdist/type/__all_in_one/manifest create mode 100644 sami/my-cdist/.cdist/type/__all_in_one/parameter/boolean create mode 100644 sami/my-cdist/.cdist/type/__all_in_one/parameter/optional create mode 100644 sami/my-cdist/.cdist/type/__all_in_one/singleton create mode 100644 sami/my-cdist/.cdist/type/__colorful_file/manifest create mode 100644 sami/my-cdist/.cdist/type/__colorful_file/parameter/optional create mode 100644 sami/my-cdist/.cdist/type/__my_firewall/explorer/package-ensured create mode 100644 sami/my-cdist/.cdist/type/__my_firewall/manifest create mode 100644 sami/my-cdist/.cdist/type/__my_firewall/parameter/required diff --git a/sami/my-cdist/.cdist/type/__all_in_one/manifest b/sami/my-cdist/.cdist/type/__all_in_one/manifest new file mode 100644 index 0000000..1869a29 --- /dev/null +++ b/sami/my-cdist/.cdist/type/__all_in_one/manifest @@ -0,0 +1,30 @@ +os="$(cat "$__global/explorer/os")" +case "$os" in + fedora) + __package nmap-ncat --state present + __package wireshark-cli --state present + +;; + debian) + + __package netcat --state present + __package tshark --state present + + + alpine) + + __package netcat-openbsd --state present + __package tshark --state present +;; + + +*) + echo "Don't know how to manage packages on: $os" >&2 + exit 1 + ;; +esac + + + __package socat --state present __package sipcalc --state present __package sudo --state present + + diff --git a/sami/my-cdist/.cdist/type/__all_in_one/parameter/boolean b/sami/my-cdist/.cdist/type/__all_in_one/parameter/boolean new file mode 100644 index 0000000..b776efe --- /dev/null +++ b/sami/my-cdist/.cdist/type/__all_in_one/parameter/boolean @@ -0,0 +1 @@ +--with-x diff --git a/sami/my-cdist/.cdist/type/__all_in_one/parameter/optional b/sami/my-cdist/.cdist/type/__all_in_one/parameter/optional new file mode 100644 index 0000000..e69de29 diff --git a/sami/my-cdist/.cdist/type/__all_in_one/singleton b/sami/my-cdist/.cdist/type/__all_in_one/singleton new file mode 100644 index 0000000..e69de29 diff --git a/sami/my-cdist/.cdist/type/__colorful_file/manifest b/sami/my-cdist/.cdist/type/__colorful_file/manifest new file mode 100644 index 0000000..746ea5e --- /dev/null +++ b/sami/my-cdist/.cdist/type/__colorful_file/manifest @@ -0,0 +1,24 @@ +# required parameter +#servername="$(cat "$__object/parameter/servername")" + +# optional parameter +if [ -f "$__object/parameter/optional" ]; then + logdirectory="$(cat "$__object/parameter/optional")" +fi + +# optional parameter with predefined default +#loglevel="$(cat "$__object/parameter/loglevel")" + +# boolean parameter +#if [ -f "$__object/parameter/use_ssl" ]; then + # file exists -> True + # do some fancy ssl stuff +#fi + +# parameter with multiple values +#if [ -f "$__object/parameter/server_colorful" ]; then + # for alias in $(cat "$__object/parameter/server_alias"); do + # echo $alias > /some/where/useful + #done +#fi + diff --git a/sami/my-cdist/.cdist/type/__colorful_file/parameter/optional b/sami/my-cdist/.cdist/type/__colorful_file/parameter/optional new file mode 100644 index 0000000..7169fdc --- /dev/null +++ b/sami/my-cdist/.cdist/type/__colorful_file/parameter/optional @@ -0,0 +1 @@ +colorful diff --git a/sami/my-cdist/.cdist/type/__my_firewall/explorer/package-ensured b/sami/my-cdist/.cdist/type/__my_firewall/explorer/package-ensured new file mode 100644 index 0000000..0a37062 --- /dev/null +++ b/sami/my-cdist/.cdist/type/__my_firewall/explorer/package-ensured @@ -0,0 +1,9 @@ +if [ -f "$__object/parameter/name" ]; then + name="$(cat "$__object/parameter/name")" +else + name="$__object_id" +fi + +# Expect dpkg failing, if package is not known / installed +dpkg -s "$name" 2>/dev/null || exit 0 + diff --git a/sami/my-cdist/.cdist/type/__my_firewall/manifest b/sami/my-cdist/.cdist/type/__my_firewall/manifest new file mode 100644 index 0000000..e69de29 diff --git a/sami/my-cdist/.cdist/type/__my_firewall/parameter/required b/sami/my-cdist/.cdist/type/__my_firewall/parameter/required new file mode 100644 index 0000000..f73f309 --- /dev/null +++ b/sami/my-cdist/.cdist/type/__my_firewall/parameter/required @@ -0,0 +1 @@ +file