Merge branch 'master' into 4.0-pre-not-stable
This commit is contained in:
commit
494b6cbbf9
77 changed files with 1292 additions and 142 deletions
1
.version
1
.version
|
@ -1 +0,0 @@
|
||||||
2.1.0-pre1
|
|
13
Makefile
13
Makefile
|
@ -170,17 +170,6 @@ $(ML_FILE): $(CHANGELOG_FILE)
|
||||||
ml-release: $(ML_FILE)
|
ml-release: $(ML_FILE)
|
||||||
|
|
||||||
|
|
||||||
################################################################################
|
|
||||||
# Release: Freecode
|
|
||||||
#
|
|
||||||
FREECODE_FILE=.lock-freecode
|
|
||||||
|
|
||||||
$(FREECODE_FILE): $(CHANGELOG_FILE)
|
|
||||||
$(helper) freecode-release $(CHANGELOG_VERSION)
|
|
||||||
touch $@
|
|
||||||
|
|
||||||
freecode-release: $(FREECODE_FILE)
|
|
||||||
|
|
||||||
################################################################################
|
################################################################################
|
||||||
# pypi
|
# pypi
|
||||||
#
|
#
|
||||||
|
@ -197,7 +186,7 @@ ARCHLINUX_FILE=.lock-archlinux
|
||||||
ARCHLINUXTAR=cdist-$(CHANGELOG_VERSION)-1.src.tar.gz
|
ARCHLINUXTAR=cdist-$(CHANGELOG_VERSION)-1.src.tar.gz
|
||||||
|
|
||||||
$(ARCHLINUXTAR): PKGBUILD
|
$(ARCHLINUXTAR): PKGBUILD
|
||||||
makepkg -c --source
|
umask 022; mkaurball
|
||||||
|
|
||||||
PKGBUILD: PKGBUILD.in $(PYTHON_VERSION)
|
PKGBUILD: PKGBUILD.in $(PYTHON_VERSION)
|
||||||
./PKGBUILD.in $(CHANGELOG_VERSION)
|
./PKGBUILD.in $(CHANGELOG_VERSION)
|
||||||
|
|
|
@ -17,7 +17,13 @@ source=("http://pypi.python.org/packages/source/c/cdist/cdist-\${pkgver}.tar.gz"
|
||||||
package() {
|
package() {
|
||||||
cd cdist-\${pkgver}
|
cd cdist-\${pkgver}
|
||||||
python3 setup.py build install --root="\${pkgdir}"
|
python3 setup.py build install --root="\${pkgdir}"
|
||||||
|
find "\$pkgdir" -type d -exec chmod 0755 {} \;
|
||||||
|
find "\$pkgdir" -type f -exec chmod a+r {} \;
|
||||||
}
|
}
|
||||||
eof
|
eof
|
||||||
|
|
||||||
makepkg -g >> "${outfile}"
|
makepkg -g >> "${outfile}"
|
||||||
|
|
||||||
|
# Fix this issue:
|
||||||
|
# error: failed to upload cdist-3.1.6-1.src.tar.gz: Error - all files must have permissions of 644 or 755.
|
||||||
|
chmod a+r "${outfile}"
|
||||||
|
|
|
@ -145,21 +145,6 @@ eof
|
||||||
;;
|
;;
|
||||||
|
|
||||||
|
|
||||||
freecode-release)
|
|
||||||
version=$1; shift
|
|
||||||
printf "Enter tag list for freecode release %s> " "$version"
|
|
||||||
read taglist
|
|
||||||
|
|
||||||
printf "Enter changelog for freecode release %s> " "$version"
|
|
||||||
read changelog
|
|
||||||
|
|
||||||
echo "Submitting to freecode ..."
|
|
||||||
python2 ~/p/foreign/freecode-submit-2.7/freecode-submit -P cdist \
|
|
||||||
-v "$version" -c "$changelog" \
|
|
||||||
-t "$taglist" \
|
|
||||||
-n
|
|
||||||
;;
|
|
||||||
|
|
||||||
release-git-tag)
|
release-git-tag)
|
||||||
target_version=$($0 changelog-version)
|
target_version=$($0 changelog-version)
|
||||||
if git rev-parse --verify refs/tags/$target_version 2>/dev/null; then
|
if git rev-parse --verify refs/tags/$target_version 2>/dev/null; then
|
||||||
|
@ -258,9 +243,6 @@ eof
|
||||||
# Archlinux release is based on pypi
|
# Archlinux release is based on pypi
|
||||||
make archlinux-release
|
make archlinux-release
|
||||||
|
|
||||||
# Announce change on Freecode
|
|
||||||
make freecode-release
|
|
||||||
|
|
||||||
# Announce change on ML
|
# Announce change on ML
|
||||||
make ml-release
|
make ml-release
|
||||||
|
|
||||||
|
|
|
@ -22,10 +22,19 @@
|
||||||
|
|
||||||
# FIXME: other system types (not linux ...)
|
# FIXME: other system types (not linux ...)
|
||||||
|
|
||||||
if [ -r /proc/cpuinfo ]; then
|
os=$("$__explorer/os")
|
||||||
cores="$(cat /proc/cpuinfo | grep "core id" | sort | uniq | wc -l)"
|
case "$os" in
|
||||||
if [ ${cores} -eq 0 ]; then
|
"macosx")
|
||||||
cores="1"
|
echo "$(sysctl -n hw.physicalcpu)"
|
||||||
fi
|
;;
|
||||||
echo "${cores}"
|
|
||||||
fi
|
*)
|
||||||
|
if [ -r /proc/cpuinfo ]; then
|
||||||
|
cores="$(grep "core id" /proc/cpuinfo | sort | uniq | wc -l)"
|
||||||
|
if [ ${cores} -eq 0 ]; then
|
||||||
|
cores="1"
|
||||||
|
fi
|
||||||
|
echo "$cores"
|
||||||
|
fi
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
|
@ -22,10 +22,19 @@
|
||||||
|
|
||||||
# FIXME: other system types (not linux ...)
|
# FIXME: other system types (not linux ...)
|
||||||
|
|
||||||
if [ -r /proc/cpuinfo ]; then
|
os=$("$__explorer/os")
|
||||||
sockets="$(cat /proc/cpuinfo | grep "physical id" | sort | uniq | wc -l)"
|
case "$os" in
|
||||||
if [ ${sockets} -eq 0 ]; then
|
"macosx")
|
||||||
sockets="$(cat /proc/cpuinfo | grep "processor" | wc -l)"
|
echo "$(system_profiler SPHardwareDataType | grep "Number of Processors" | awk -F': ' '{print $2}')"
|
||||||
|
;;
|
||||||
|
|
||||||
|
*)
|
||||||
|
if [ -r /proc/cpuinfo ]; then
|
||||||
|
sockets="$(grep "physical id" /proc/cpuinfo | sort | uniq | wc -l)"
|
||||||
|
if [ ${sockets} -eq 0 ]; then
|
||||||
|
sockets="$(cat /proc/cpuinfo | grep "processor" | wc -l)"
|
||||||
|
fi
|
||||||
|
echo "${sockets}"
|
||||||
fi
|
fi
|
||||||
echo "${sockets}"
|
;;
|
||||||
fi
|
esac
|
||||||
|
|
|
@ -22,6 +22,15 @@
|
||||||
|
|
||||||
# FIXME: other system types (not linux ...)
|
# FIXME: other system types (not linux ...)
|
||||||
|
|
||||||
if [ -r /proc/meminfo ]; then
|
os=$("$__explorer/os")
|
||||||
echo "$(cat /proc/meminfo | grep "MemTotal:" | awk '{print $2}')"
|
case "$os" in
|
||||||
fi
|
"macosx")
|
||||||
|
echo "$(sysctl -n hw.memsize)/1024" | bc
|
||||||
|
;;
|
||||||
|
|
||||||
|
*)
|
||||||
|
if [ -r /proc/meminfo ]; then
|
||||||
|
grep "MemTotal:" /proc/meminfo | awk '{print $2}'
|
||||||
|
fi
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
|
@ -5,7 +5,7 @@ Steven Armstrong <steven-cdist--@--armstrong.cc>
|
||||||
|
|
||||||
NAME
|
NAME
|
||||||
----
|
----
|
||||||
cdist-type__apt_update_index - update apt's package index
|
cdist-type__apt_update_index - Update apt's package index
|
||||||
|
|
||||||
|
|
||||||
DESCRIPTION
|
DESCRIPTION
|
||||||
|
|
|
@ -1,5 +1,24 @@
|
||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
# 2013 Steven Armstrong (steven-cdist at armstrong.cc)
|
#
|
||||||
|
# 2013 Steven Armstrong (steven-cdist armstrong.cc)
|
||||||
|
# 2014 Nico Schottelius (nico-cdist at schottelius.org)
|
||||||
|
#
|
||||||
|
# This file is part of cdist.
|
||||||
|
#
|
||||||
|
# cdist is free software: you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU General Public License as published by
|
||||||
|
# the Free Software Foundation, either version 3 of the License, or
|
||||||
|
# (at your option) any later version.
|
||||||
|
#
|
||||||
|
# cdist is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
# GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public License
|
||||||
|
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
#
|
||||||
|
|
||||||
|
|
||||||
file="$(cat "$__object/parameter/file" 2>/dev/null || echo "/$__object_id")"
|
file="$(cat "$__object/parameter/file" 2>/dev/null || echo "/$__object_id")"
|
||||||
|
|
||||||
|
@ -8,12 +27,12 @@ file="$(cat "$__object/parameter/file" 2>/dev/null || echo "/$__object_id")"
|
||||||
|
|
||||||
prefix=$(cat "$__object/parameter/prefix" 2>/dev/null || echo "#cdist:__block/$__object_id")
|
prefix=$(cat "$__object/parameter/prefix" 2>/dev/null || echo "#cdist:__block/$__object_id")
|
||||||
suffix=$(cat "$__object/parameter/suffix" 2>/dev/null || echo "#/cdist:__block/$__object_id")
|
suffix=$(cat "$__object/parameter/suffix" 2>/dev/null || echo "#/cdist:__block/$__object_id")
|
||||||
awk -v prefix="$prefix" -v suffix="$suffix" '{
|
awk -v prefix="^$prefix\$" -v suffix="^$suffix\$" '{
|
||||||
if (index($0,prefix)) {
|
if (match($0,prefix)) {
|
||||||
triggered=1
|
triggered=1
|
||||||
}
|
}
|
||||||
if (triggered) {
|
if (triggered) {
|
||||||
if (index($0,suffix)) {
|
if (match($0,suffix)) {
|
||||||
triggered=0
|
triggered=0
|
||||||
}
|
}
|
||||||
print
|
print
|
||||||
|
|
|
@ -46,13 +46,13 @@ tmpfile=\$(mktemp ${file}.cdist.XXXXXXXXXX)
|
||||||
if [ -f "$file" ]; then
|
if [ -f "$file" ]; then
|
||||||
cp -p "$file" "\$tmpfile"
|
cp -p "$file" "\$tmpfile"
|
||||||
fi
|
fi
|
||||||
awk -v prefix="$prefix" -v suffix="$suffix" '
|
awk -v prefix="^$prefix\$" -v suffix="^$suffix\$" '
|
||||||
{
|
{
|
||||||
if (index(\$0,prefix)) {
|
if (match(\$0,prefix)) {
|
||||||
triggered=1
|
triggered=1
|
||||||
}
|
}
|
||||||
if (triggered) {
|
if (triggered) {
|
||||||
if (index(\$0,suffix)) {
|
if (match(\$0,suffix)) {
|
||||||
triggered=0
|
triggered=0
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
|
|
|
@ -40,7 +40,7 @@ EXAMPLES
|
||||||
__cdistmarker
|
__cdistmarker
|
||||||
|
|
||||||
# Creates the marker differently.
|
# Creates the marker differently.
|
||||||
__cdistmarker --file /tmp/cdist_marker --format '+%s'
|
__cdistmarker --destination /tmp/cdist_marker --format '+%s'
|
||||||
--------------------------------------------------------------------------------
|
--------------------------------------------------------------------------------
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -67,7 +67,7 @@ DONE
|
||||||
if [ "$upload_file" ]; then
|
if [ "$upload_file" ]; then
|
||||||
echo upload >> "$__messages_out"
|
echo upload >> "$__messages_out"
|
||||||
cat << DONE
|
cat << DONE
|
||||||
$__remote_copy $source ${__target_host}:\$destination_upload
|
$__remote_copy "$source" "${__target_host}:\$destination_upload"
|
||||||
DONE
|
DONE
|
||||||
fi
|
fi
|
||||||
# move uploaded file into place
|
# move uploaded file into place
|
||||||
|
|
|
@ -45,4 +45,14 @@ case $1 in
|
||||||
restart)
|
restart)
|
||||||
"$0" stop && "$0" start
|
"$0" stop && "$0" start
|
||||||
;;
|
;;
|
||||||
|
reset)
|
||||||
|
for table in INPUT FORWARD OUTPUT; do
|
||||||
|
iptables -P "$table" ACCEPT
|
||||||
|
iptables -F "$table"
|
||||||
|
done
|
||||||
|
for table in PREROUTING POSTROUTING OUTPUT; do
|
||||||
|
iptables -t nat -P "$table" ACCEPT
|
||||||
|
iptables -t nat -F "$table"
|
||||||
|
done
|
||||||
|
;;
|
||||||
esac
|
esac
|
||||||
|
|
|
@ -29,7 +29,7 @@ case "$os" in
|
||||||
# Debian needs a seperate package
|
# Debian needs a seperate package
|
||||||
__package locales --state present
|
__package locales --state present
|
||||||
;;
|
;;
|
||||||
suse)
|
archlinux|suse)
|
||||||
:
|
:
|
||||||
;;
|
;;
|
||||||
*)
|
*)
|
||||||
|
|
27
cdist/conf/type/__package/explorer/pkgng_exists
Executable file
27
cdist/conf/type/__package/explorer/pkgng_exists
Executable file
|
@ -0,0 +1,27 @@
|
||||||
|
#!/bin/sh
|
||||||
|
#
|
||||||
|
# 2014 Jake Guffey (jake.guffey at eprotex.com)
|
||||||
|
#
|
||||||
|
# This file is part of cdist.
|
||||||
|
#
|
||||||
|
# cdist is free software: you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU General Public License as published by
|
||||||
|
# the Free Software Foundation, either version 3 of the License, or
|
||||||
|
# (at your option) any later version.
|
||||||
|
#
|
||||||
|
# cdist is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
# GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public License
|
||||||
|
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
#
|
||||||
|
#
|
||||||
|
# Retrieve the status of a package - parsed dpkg output
|
||||||
|
#
|
||||||
|
|
||||||
|
if [ "$($__explorer/os)" = "freebsd" ]; then
|
||||||
|
command -v pkg
|
||||||
|
fi
|
||||||
|
|
|
@ -19,7 +19,7 @@
|
||||||
#
|
#
|
||||||
#
|
#
|
||||||
# __package is an abstract type which dispatches to the lower level
|
# __package is an abstract type which dispatches to the lower level
|
||||||
# __package_$name types which do the actual interaction with the packaging
|
# __package_$type types which do the actual interaction with the packaging
|
||||||
# system.
|
# system.
|
||||||
#
|
#
|
||||||
|
|
||||||
|
@ -33,7 +33,13 @@ else
|
||||||
amazon|centos|fedora|redhat) type="yum" ;;
|
amazon|centos|fedora|redhat) type="yum" ;;
|
||||||
archlinux) type="pacman" ;;
|
archlinux) type="pacman" ;;
|
||||||
debian|ubuntu) type="apt" ;;
|
debian|ubuntu) type="apt" ;;
|
||||||
freebsd) type="pkg_freebsd" ;;
|
freebsd)
|
||||||
|
if [ -n "$(cat "$__object/explorer/pkgng_exists")" ]; then
|
||||||
|
type="pkgng_freebsd"
|
||||||
|
else
|
||||||
|
type="pkg_freebsd"
|
||||||
|
fi
|
||||||
|
;;
|
||||||
gentoo) type="emerge" ;;
|
gentoo) type="emerge" ;;
|
||||||
suse) type="zypper" ;;
|
suse) type="zypper" ;;
|
||||||
openwrt) type="opkg" ;;
|
openwrt) type="opkg" ;;
|
||||||
|
|
|
@ -33,6 +33,14 @@ else
|
||||||
state_should="present"
|
state_should="present"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
if [ -f "$__object/parameter/target-release" ]; then
|
||||||
|
target_release="--target-release $(cat "$__object/parameter/target-release")"
|
||||||
|
else
|
||||||
|
target_release=""
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
# FIXME: use grep directly, state is a list, not a line!
|
# FIXME: use grep directly, state is a list, not a line!
|
||||||
state_is="$(cat "$__object/explorer/state")"
|
state_is="$(cat "$__object/explorer/state")"
|
||||||
case "$state_is" in
|
case "$state_is" in
|
||||||
|
@ -44,13 +52,13 @@ esac
|
||||||
|
|
||||||
# Hint if we need to avoid questions at some point:
|
# Hint if we need to avoid questions at some point:
|
||||||
# DEBIAN_PRIORITY=critical can reduce the number of questions
|
# DEBIAN_PRIORITY=critical can reduce the number of questions
|
||||||
aptget="DEBIAN_FRONTEND=noninteractive apt-get --quiet --yes --no-install-recommends -o DPkg::Options::=\"--force-confold\""
|
aptget="DEBIAN_FRONTEND=noninteractive apt-get --quiet --yes --no-install-recommends -o Dpkg::Options::=\"--force-confdef\" -o Dpkg::Options::=\"--force-confold\""
|
||||||
|
|
||||||
[ "$state_is" = "$state_should" ] && exit 0
|
[ "$state_is" = "$state_should" ] && exit 0
|
||||||
|
|
||||||
case "$state_should" in
|
case "$state_should" in
|
||||||
present)
|
present)
|
||||||
echo $aptget install \"$name\"
|
echo $aptget install $target_release \"$name\"
|
||||||
;;
|
;;
|
||||||
absent)
|
absent)
|
||||||
echo $aptget remove \"$name\"
|
echo $aptget remove \"$name\"
|
||||||
|
|
|
@ -27,6 +27,9 @@ name::
|
||||||
state::
|
state::
|
||||||
Either "present" or "absent", defaults to "present"
|
Either "present" or "absent", defaults to "present"
|
||||||
|
|
||||||
|
target-release::
|
||||||
|
Passed on to apt-get install, see apt-get(8).
|
||||||
|
Essentially allows you to retrieve packages from a different release
|
||||||
|
|
||||||
EXAMPLES
|
EXAMPLES
|
||||||
--------
|
--------
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
name
|
name
|
||||||
version
|
version
|
||||||
state
|
state
|
||||||
|
target-release
|
||||||
|
|
|
@ -27,37 +27,40 @@ else
|
||||||
name="$__object_id"
|
name="$__object_id"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ -f "$__object/parameter/state" ]; then
|
state_should="$(cat "$__object/parameter/state")"
|
||||||
state_should="$(cat "$__object/parameter/state")"
|
|
||||||
else
|
version="$(cat "$__object/parameter/version")"
|
||||||
state_should="present"
|
|
||||||
|
if [ -n "$version" ]; then
|
||||||
|
name="=$name-$version"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
pkg_version="$(cat "$__object/explorer/pkg_version")"
|
pkg_version="$(cat "$__object/explorer/pkg_version")"
|
||||||
if [ -z "$pkg_version" ]; then
|
if [ -z "$pkg_version" ]; then
|
||||||
state_is="absent"
|
state_is="absent"
|
||||||
elif [ $(echo "$pkg_version" | wc -l) -gt 1 ]; then
|
elif [ -z "$version" -a $(echo "$pkg_version" | wc -l) -gt 1 ]; then
|
||||||
|
echo "Package name is not unique! The following packages are installed:"
|
||||||
|
echo "$pkg_version"
|
||||||
|
exit 1
|
||||||
|
elif [ -n "$version" -a $(echo "$pkg_version" | cut -d " " -f 1 | sort | uniq | wc -l) -gt 1 ]; then
|
||||||
echo "Package name is not unique! The following packages are installed:"
|
echo "Package name is not unique! The following packages are installed:"
|
||||||
echo "$pkg_version"
|
echo "$pkg_version"
|
||||||
exit 1
|
exit 1
|
||||||
else
|
else
|
||||||
state_is="present"
|
state_is="present"
|
||||||
installed_version="$(echo "$pkg_version" | cut -d " " -f 2)"
|
if [ -n "$version" ] && echo "$pkg_version" | cut -d " " -f 2 | grep -q -x "$version"; then
|
||||||
|
installed_version="$(echo "$pkg_version" | cut -d " " -f 2 | grep -x "$version")"
|
||||||
|
else
|
||||||
|
installed_version="$(echo "$pkg_version" | cut -d " " -f 2 | tail -n 1)"
|
||||||
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ -f "$__object/parameter/version" ]; then
|
|
||||||
version="$(cat "$__object/parameter/version")"
|
|
||||||
if [ ! -z "$version" ]; then
|
|
||||||
name="=$name-$version"
|
|
||||||
fi
|
|
||||||
else
|
|
||||||
version=""
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Exit if nothing is needed to be done
|
# Exit if nothing is needed to be done
|
||||||
[ "$state_is" = "$state_should" ] && ( [ -z "$version" ] || [ "$installed_version" = "$version" ] ) && exit 0
|
[ "$state_is" = "$state_should" ] && ( [ -z "$version" ] || [ "$installed_version" = "$version" ] ) && exit 0
|
||||||
[ "$state_should" = "absent" ] && [ ! -z "$version" ] && [ "$installed_version" != "$version" ] && exit 0
|
[ "$state_should" = "absent" ] && [ ! -z "$version" ] && [ "$installed_version" != "$version" ] && exit 0
|
||||||
|
|
||||||
|
|
||||||
case "$state_should" in
|
case "$state_should" in
|
||||||
present)
|
present)
|
||||||
echo "emerge \"$name\" &>/dev/null || exit 1"
|
echo "emerge \"$name\" &>/dev/null || exit 1"
|
||||||
|
|
1
cdist/conf/type/__package_emerge/parameter/default/state
Normal file
1
cdist/conf/type/__package_emerge/parameter/default/state
Normal file
|
@ -0,0 +1 @@
|
||||||
|
present
|
37
cdist/conf/type/__package_pkgng_freebsd/explorer/pkg_version
Executable file
37
cdist/conf/type/__package_pkgng_freebsd/explorer/pkg_version
Executable file
|
@ -0,0 +1,37 @@
|
||||||
|
#!/bin/sh
|
||||||
|
#
|
||||||
|
# 2014 Jake Guffey (jake.guffey at eprotex.com)
|
||||||
|
#
|
||||||
|
# This file is part of cdist.
|
||||||
|
#
|
||||||
|
# cdist is free software: you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU General Public License as published by
|
||||||
|
# the Free Software Foundation, either version 3 of the License, or
|
||||||
|
# (at your option) any later version.
|
||||||
|
#
|
||||||
|
# cdist is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
# GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public License
|
||||||
|
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
#
|
||||||
|
#
|
||||||
|
# Retrieve the status of a package - parsed dpkg output
|
||||||
|
#
|
||||||
|
|
||||||
|
if [ -f "$__object/parameter/name" ]; then
|
||||||
|
name="$(cat "$__object/parameter/name")"
|
||||||
|
else
|
||||||
|
name="$__object_id"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Don't produce "no pkgs installed" output -- breaks things
|
||||||
|
PKG_OUTPUT=$(pkg info 2>&1)
|
||||||
|
echo -n "$(echo "$PKG_OUTPUT" \
|
||||||
|
| awk '{print $1}' \
|
||||||
|
| sed 's/^\(.*\)-\([^-]*\)$/name:\1 ver:\2/g' \
|
||||||
|
| grep "name:$name ver:" \
|
||||||
|
| sed 's/^.*ver:\(.*\)/\1/g')"
|
||||||
|
|
139
cdist/conf/type/__package_pkgng_freebsd/gencode-remote
Executable file
139
cdist/conf/type/__package_pkgng_freebsd/gencode-remote
Executable file
|
@ -0,0 +1,139 @@
|
||||||
|
#!/bin/sh
|
||||||
|
#
|
||||||
|
# 2014 Jake Guffey (jake.guffey at eprotex.com)
|
||||||
|
#
|
||||||
|
# This file is part of cdist.
|
||||||
|
#
|
||||||
|
# cdist is free software: you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU General Public License as published by
|
||||||
|
# the Free Software Foundation, either version 3 of the License, or
|
||||||
|
# (at your option) any later version.
|
||||||
|
#
|
||||||
|
# cdist is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
# GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public License
|
||||||
|
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
#
|
||||||
|
#
|
||||||
|
# Manage packages with pkg on FreeBSD
|
||||||
|
#
|
||||||
|
|
||||||
|
# Debug
|
||||||
|
#exec >&2
|
||||||
|
#set -x
|
||||||
|
|
||||||
|
if [ -f "$__object/parameter/name" ]; then
|
||||||
|
name="$(cat "$__object/parameter/name")"
|
||||||
|
else
|
||||||
|
name="$__object_id"
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -f "$__object/parameter/flavor" ]; then
|
||||||
|
flavor="$(cat "$__object/parameter/flavor")"
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -f "$__object/parameter/version" ]; then
|
||||||
|
version="$(cat "$__object/parameter/version")"
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -f "$__object/parameter/upgrade" ]; then
|
||||||
|
upgrade="true"
|
||||||
|
else
|
||||||
|
upgrade="false"
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -f "$__object/parameter/repo" ]; then
|
||||||
|
repo="$(cat "$__object/parameter/repo")"
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -f "$__object/parameter/state" ]; then
|
||||||
|
state="$(cat "$__object/parameter/state")"
|
||||||
|
else
|
||||||
|
state="present"
|
||||||
|
fi
|
||||||
|
curr_version="$(cat "$__object/explorer/pkg_version")"
|
||||||
|
add_cmd="pkg install -y"
|
||||||
|
rm_cmd="pkg delete -y"
|
||||||
|
upg_cmd="pkg upgrade -y"
|
||||||
|
cmd=""
|
||||||
|
|
||||||
|
# Print the command to be executed
|
||||||
|
# Parms: $1 -- mode, "rm", "add", or "upg"
|
||||||
|
# $2 -- the command to be echoed
|
||||||
|
execcmd(){
|
||||||
|
local _cmd=""
|
||||||
|
|
||||||
|
case "$1" in
|
||||||
|
add)
|
||||||
|
_cmd="${add_cmd} $2"
|
||||||
|
;;
|
||||||
|
rm)
|
||||||
|
_cmd="${rm_cmd} $2"
|
||||||
|
;;
|
||||||
|
upg)
|
||||||
|
_cmd="${upg_cmd} $2"
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
printf "Error. Don't understand command: %s" "$1" >&2
|
||||||
|
exit 1
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
echo "$_cmd 2>&- >&-" # Silence the output of the command
|
||||||
|
echo "status=\$?"
|
||||||
|
echo "if [ \"\$status\" -ne \"0\" ]; then"
|
||||||
|
echo " echo \"Error: ${_cmd} exited nonzero with \$status\"'!' >&2"
|
||||||
|
echo " exit 1"
|
||||||
|
echo "fi"
|
||||||
|
}
|
||||||
|
|
||||||
|
if [ -n "$curr_version" ]; then # PKG *is* installed
|
||||||
|
if [ -n "$repo" ]; then
|
||||||
|
cmd="-r ${repo} ${name}"
|
||||||
|
else
|
||||||
|
cmd="${name}"
|
||||||
|
fi
|
||||||
|
if [ -n "$flavor" ]; then
|
||||||
|
cmd="${cmd}-${flavor}"
|
||||||
|
fi
|
||||||
|
# PKG is supposed to be removed
|
||||||
|
if [ "$state" = "absent" ]; then
|
||||||
|
execcmd "rm" "${cmd}"
|
||||||
|
# PKG is supposed to be installed to a particular version
|
||||||
|
elif [ -n "$version" ] && [ "$version" != "$curr_version" ]; then
|
||||||
|
if [ "$upgrade" = "true" ]; then
|
||||||
|
execcmd "upg" "${cmd}"
|
||||||
|
else
|
||||||
|
printf "Version %s is already installed and pkg-ng can't upgrade directly to version %s.\nTo upgrade to the latest version, use the --upgrade flag.\n" "$curr_version" "$version" >&2
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
# PKG is supposed to be installed to the latest version
|
||||||
|
else
|
||||||
|
: # Do nothing.
|
||||||
|
fi
|
||||||
|
else # PKG *isn't* installed
|
||||||
|
if [ "$state" = "absent" ]; then # Shouldn't be installed
|
||||||
|
exit 0
|
||||||
|
else # Should be installed
|
||||||
|
if [ -n "$repo" ]; then
|
||||||
|
cmd="-r ${repo} ${name}"
|
||||||
|
else
|
||||||
|
cmd="${name}"
|
||||||
|
fi
|
||||||
|
if [ -n "$flavor" ]; then
|
||||||
|
cmd="${cmd}-${flavor}"
|
||||||
|
fi
|
||||||
|
if [ -n "$version" ]; then
|
||||||
|
cmd="${cmd}-${version}"
|
||||||
|
fi
|
||||||
|
|
||||||
|
execcmd "add" "$cmd"
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Debug
|
||||||
|
#set +x
|
97
cdist/conf/type/__package_pkgng_freebsd/man.text
Normal file
97
cdist/conf/type/__package_pkgng_freebsd/man.text
Normal file
|
@ -0,0 +1,97 @@
|
||||||
|
cdist-type__package_pkgng_freebsd(7)
|
||||||
|
==================================
|
||||||
|
Jake Guffey <jake.guffey--@--eprotex.com>
|
||||||
|
|
||||||
|
|
||||||
|
NAME
|
||||||
|
----
|
||||||
|
cdist-type__package_pkgng_freebsd - Manage FreeBSD packages with pkg-ng
|
||||||
|
|
||||||
|
|
||||||
|
DESCRIPTION
|
||||||
|
-----------
|
||||||
|
This type is usually used on FreeBSD to manage packages.
|
||||||
|
|
||||||
|
|
||||||
|
REQUIRED PARAMETERS
|
||||||
|
-------------------
|
||||||
|
None
|
||||||
|
|
||||||
|
|
||||||
|
OPTIONAL PARAMETERS
|
||||||
|
-------------------
|
||||||
|
name::
|
||||||
|
If supplied, use the name and not the object id as the package name.
|
||||||
|
|
||||||
|
flavor::
|
||||||
|
If supplied, use to avoid ambiguity.
|
||||||
|
|
||||||
|
version::
|
||||||
|
If supplied, use to install a specific version of the package named.
|
||||||
|
|
||||||
|
repo::
|
||||||
|
If supplied, use to install the package named from a particular repo.
|
||||||
|
|
||||||
|
state::
|
||||||
|
Either "present" or "absent", defaults to "present"
|
||||||
|
|
||||||
|
|
||||||
|
BOOLEAN PARAMETERS
|
||||||
|
------------------
|
||||||
|
upgrade::
|
||||||
|
If supplied, allow upgrading to the latest version of a package.
|
||||||
|
|
||||||
|
|
||||||
|
CAVEATS
|
||||||
|
-------
|
||||||
|
This type requires that repository definitions already exist in /etc/pkg/*.conf.
|
||||||
|
Ensure that they exist prior to use of this type with __file.
|
||||||
|
|
||||||
|
pkg-ng can't upgrade a package to a specific version. If this type needs to
|
||||||
|
upgrade a package, it can only ugprade to the latest available version. If the
|
||||||
|
"upgrade" parameter is not given and an upgrade needs to occur, an error will result.
|
||||||
|
|
||||||
|
|
||||||
|
MESSAGES
|
||||||
|
--------
|
||||||
|
install::
|
||||||
|
The package was installed
|
||||||
|
remove::
|
||||||
|
The package was removed
|
||||||
|
upgrade::
|
||||||
|
The package was upgraded
|
||||||
|
exist::
|
||||||
|
The package was already present and thus not installed
|
||||||
|
|
||||||
|
|
||||||
|
EXAMPLES
|
||||||
|
--------
|
||||||
|
|
||||||
|
--------------------------------------------------------------------------------
|
||||||
|
# Ensure zsh is installed
|
||||||
|
__package_pkgng_freebsd zsh --state present
|
||||||
|
|
||||||
|
# Ensure vim is installed, use flavor no_x11
|
||||||
|
__package_pkgng_freebsd vim --state present --flavor no_x11
|
||||||
|
|
||||||
|
# If you don't want to follow pythonX packages, but always use python
|
||||||
|
__package_pkgng_freebsd python --state present --name python2
|
||||||
|
|
||||||
|
# Install a package from a particular repository when multiples exist
|
||||||
|
__package_pkgng_freebsd bash --state present --repo myrepo
|
||||||
|
|
||||||
|
# Remove obsolete package
|
||||||
|
__package_pkgng_freebsd puppet --state absent
|
||||||
|
--------------------------------------------------------------------------------
|
||||||
|
|
||||||
|
|
||||||
|
SEE ALSO
|
||||||
|
--------
|
||||||
|
- cdist-type(7)
|
||||||
|
- cdist-type__package(7)
|
||||||
|
|
||||||
|
|
||||||
|
COPYING
|
||||||
|
-------
|
||||||
|
Copyright \(C) 2014 Jake Guffey. Free use of this software is
|
||||||
|
granted under the terms of the GNU General Public License version 3 (GPLv3).
|
|
@ -0,0 +1 @@
|
||||||
|
upgrade
|
|
@ -0,0 +1,5 @@
|
||||||
|
name
|
||||||
|
flavor
|
||||||
|
version
|
||||||
|
repo
|
||||||
|
state
|
50
cdist/conf/type/__package_update_index/gencode-remote
Executable file
50
cdist/conf/type/__package_update_index/gencode-remote
Executable file
|
@ -0,0 +1,50 @@
|
||||||
|
#!/bin/sh
|
||||||
|
#
|
||||||
|
# 2014 Ricardo Catalinas Jiménez (jimenezrick at gmail.com)
|
||||||
|
#
|
||||||
|
# This file is part of cdist.
|
||||||
|
#
|
||||||
|
# cdist is free software: you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU General Public License as published by
|
||||||
|
# the Free Software Foundation, either version 3 of the License, or
|
||||||
|
# (at your option) any later version.
|
||||||
|
#
|
||||||
|
# cdist is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
# GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public License
|
||||||
|
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
#
|
||||||
|
#
|
||||||
|
# Update the package index with the appropriate package manager
|
||||||
|
#
|
||||||
|
|
||||||
|
type="$__object/parameter/type"
|
||||||
|
|
||||||
|
if [ -f "$type" ]; then
|
||||||
|
type="$(cat "$type")"
|
||||||
|
else
|
||||||
|
# By default determine package manager based on operating system
|
||||||
|
os="$(cat "$__global/explorer/os")"
|
||||||
|
case "$os" in
|
||||||
|
amazon|centos|fedora|redhat) type="yum" ;;
|
||||||
|
debian|ubuntu) type="apt" ;;
|
||||||
|
archlinux) type="pacman" ;;
|
||||||
|
*)
|
||||||
|
echo "Don't know how to manage packages on: $os" >&2
|
||||||
|
exit 1
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
fi
|
||||||
|
|
||||||
|
case "$type" in
|
||||||
|
yum) ;;
|
||||||
|
apt) echo "apt-get --quiet update" ;;
|
||||||
|
pacman) echo "pacman --noprogressbar --sync --refresh" ;;
|
||||||
|
*)
|
||||||
|
echo "Don't know how to manage packages on: $os" >&2
|
||||||
|
exit 1
|
||||||
|
;;
|
||||||
|
esac
|
52
cdist/conf/type/__package_update_index/man.text
Normal file
52
cdist/conf/type/__package_update_index/man.text
Normal file
|
@ -0,0 +1,52 @@
|
||||||
|
cdist-type__package_update_index(7)
|
||||||
|
===================================
|
||||||
|
Ricardo Catalinas Jiménez <jimenezrick--@--gmail.com>
|
||||||
|
|
||||||
|
|
||||||
|
NAME
|
||||||
|
----
|
||||||
|
cdist-type__package_update_index - Update the package index
|
||||||
|
|
||||||
|
|
||||||
|
DESCRIPTION
|
||||||
|
-----------
|
||||||
|
This cdist type allows you to update the package index on the target.
|
||||||
|
It will automatically use the appropriate package manager.
|
||||||
|
|
||||||
|
|
||||||
|
REQUIRED PARAMETERS
|
||||||
|
-------------------
|
||||||
|
None
|
||||||
|
|
||||||
|
|
||||||
|
OPTIONAL PARAMETERS
|
||||||
|
-------------------
|
||||||
|
type::
|
||||||
|
The package manager to use. Default is determined based on the $os
|
||||||
|
explorer variable.
|
||||||
|
e.g. apt for Debian
|
||||||
|
yum for Red Hat
|
||||||
|
pacman for Arch Linux
|
||||||
|
|
||||||
|
|
||||||
|
EXAMPLES
|
||||||
|
--------
|
||||||
|
|
||||||
|
--------------------------------------------------------------------------------
|
||||||
|
# Update the package index on the target
|
||||||
|
__package_update_index
|
||||||
|
|
||||||
|
# Force use of a specific package manager
|
||||||
|
__package_update_index --type apt
|
||||||
|
--------------------------------------------------------------------------------
|
||||||
|
|
||||||
|
|
||||||
|
SEE ALSO
|
||||||
|
--------
|
||||||
|
- cdist-type(7)
|
||||||
|
|
||||||
|
|
||||||
|
COPYING
|
||||||
|
-------
|
||||||
|
Copyright \(C) 2014 Ricardo Catalinas Jiménez. Free use of this software is
|
||||||
|
granted under the terms of the GNU General Public License version 3 (GPLv3).
|
|
@ -0,0 +1 @@
|
||||||
|
type
|
0
cdist/conf/type/__package_update_index/singleton
Normal file
0
cdist/conf/type/__package_update_index/singleton
Normal file
62
cdist/conf/type/__package_upgrade_all/gencode-remote
Executable file
62
cdist/conf/type/__package_upgrade_all/gencode-remote
Executable file
|
@ -0,0 +1,62 @@
|
||||||
|
#!/bin/sh
|
||||||
|
#
|
||||||
|
# 2014 Ricardo Catalinas Jiménez (jimenezrick at gmail.com)
|
||||||
|
#
|
||||||
|
# This file is part of cdist.
|
||||||
|
#
|
||||||
|
# cdist is free software: you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU General Public License as published by
|
||||||
|
# the Free Software Foundation, either version 3 of the License, or
|
||||||
|
# (at your option) any later version.
|
||||||
|
#
|
||||||
|
# cdist is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
# GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public License
|
||||||
|
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
#
|
||||||
|
#
|
||||||
|
# Upgrade all the already installed packages with the appropriate package
|
||||||
|
# manager
|
||||||
|
#
|
||||||
|
|
||||||
|
type="$__object/parameter/type"
|
||||||
|
|
||||||
|
if [ -f "$type" ]; then
|
||||||
|
type="$(cat "$type")"
|
||||||
|
else
|
||||||
|
# By default determine package manager based on operating system
|
||||||
|
os="$(cat "$__global/explorer/os")"
|
||||||
|
case "$os" in
|
||||||
|
amazon|centos|fedora|redhat) type="yum" ;;
|
||||||
|
debian|ubuntu) type="apt" ;;
|
||||||
|
archlinux) type="pacman" ;;
|
||||||
|
*)
|
||||||
|
echo "Don't know how to manage packages on: $os" >&2
|
||||||
|
exit 1
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
fi
|
||||||
|
|
||||||
|
aptget="DEBIAN_FRONTEND=noninteractive apt-get --quiet --yes --no-install-recommends -o Dpkg::Options::=\"--force-confdef\" -o Dpkg::Options::=\"--force-confold\""
|
||||||
|
|
||||||
|
case "$type" in
|
||||||
|
yum)
|
||||||
|
echo "yum --quiet --assumeyes update"
|
||||||
|
echo "yum --quiet clean all"
|
||||||
|
;;
|
||||||
|
apt)
|
||||||
|
echo $aptget dist-upgrade
|
||||||
|
echo "apt-get --quiet autoclean"
|
||||||
|
;;
|
||||||
|
pacman)
|
||||||
|
echo "pacman --noprogressbar --noconfirm --sync --sysupgrade"
|
||||||
|
echo "pacman --noprogressbar --noconfirm --sync --clean"
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
echo "Don't know how to manage packages on: $os" >&2
|
||||||
|
exit 1
|
||||||
|
;;
|
||||||
|
esac
|
52
cdist/conf/type/__package_upgrade_all/man.text
Normal file
52
cdist/conf/type/__package_upgrade_all/man.text
Normal file
|
@ -0,0 +1,52 @@
|
||||||
|
cdist-type__package_upgrade_all(7)
|
||||||
|
==================================
|
||||||
|
Ricardo Catalinas Jiménez <jimenezrick--@--gmail.com>
|
||||||
|
|
||||||
|
|
||||||
|
NAME
|
||||||
|
----
|
||||||
|
cdist-type__package_upgrade_all - Upgrade all the installed packages
|
||||||
|
|
||||||
|
|
||||||
|
DESCRIPTION
|
||||||
|
-----------
|
||||||
|
This cdist type allows you to upgrade all the installed packages on the
|
||||||
|
target. It will automatically use the appropriate package manager.
|
||||||
|
|
||||||
|
|
||||||
|
REQUIRED PARAMETERS
|
||||||
|
-------------------
|
||||||
|
None
|
||||||
|
|
||||||
|
|
||||||
|
OPTIONAL PARAMETERS
|
||||||
|
-------------------
|
||||||
|
type::
|
||||||
|
The package manager to use. Default is determined based on the $os
|
||||||
|
explorer variable.
|
||||||
|
e.g. apt for Debian
|
||||||
|
yum for Red Hat
|
||||||
|
pacman for Arch Linux
|
||||||
|
|
||||||
|
|
||||||
|
EXAMPLES
|
||||||
|
--------
|
||||||
|
|
||||||
|
--------------------------------------------------------------------------------
|
||||||
|
# Upgrade all the installed packages on the target
|
||||||
|
__package_upgrade_all
|
||||||
|
|
||||||
|
# Force use of a specific package manager
|
||||||
|
__package_upgrade_all --type apt
|
||||||
|
--------------------------------------------------------------------------------
|
||||||
|
|
||||||
|
|
||||||
|
SEE ALSO
|
||||||
|
--------
|
||||||
|
- cdist-type(7)
|
||||||
|
|
||||||
|
|
||||||
|
COPYING
|
||||||
|
-------
|
||||||
|
Copyright \(C) 2014 Ricardo Catalinas Jiménez. Free use of this software is
|
||||||
|
granted under the terms of the GNU General Public License version 3 (GPLv3).
|
1
cdist/conf/type/__package_upgrade_all/parameter/optional
Normal file
1
cdist/conf/type/__package_upgrade_all/parameter/optional
Normal file
|
@ -0,0 +1 @@
|
||||||
|
type
|
0
cdist/conf/type/__package_upgrade_all/singleton
Normal file
0
cdist/conf/type/__package_upgrade_all/singleton
Normal file
|
@ -1,5 +1,5 @@
|
||||||
cdist-type__qemu_img(7)
|
cdist-type__qemu_img(7)
|
||||||
========================
|
=======================
|
||||||
Nico Schottelius <nico-cdist--@--schottelius.org>
|
Nico Schottelius <nico-cdist--@--schottelius.org>
|
||||||
|
|
||||||
|
|
||||||
|
|
26
cdist/conf/type/__ssh_authorized_key/explorer/entry
Executable file
26
cdist/conf/type/__ssh_authorized_key/explorer/entry
Executable file
|
@ -0,0 +1,26 @@
|
||||||
|
#!/bin/sh
|
||||||
|
#
|
||||||
|
# 2014 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||||
|
#
|
||||||
|
# This file is part of cdist.
|
||||||
|
#
|
||||||
|
# cdist is free software: you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU General Public License as published by
|
||||||
|
# the Free Software Foundation, either version 3 of the License, or
|
||||||
|
# (at your option) any later version.
|
||||||
|
#
|
||||||
|
# cdist is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
# GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public License
|
||||||
|
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
#
|
||||||
|
|
||||||
|
# extract the keytype and base64 encoded key ignoring any options and comment
|
||||||
|
type_and_key="$(cat "$__object/parameter/key" | tr ' ' '\n' | awk '/^(ssh|ecdsa)-[^ ]+/ { printf $1" "; getline; printf $1 }')"
|
||||||
|
file="$(cat $__object/parameter/file)"
|
||||||
|
|
||||||
|
# get any entries that match the type and key
|
||||||
|
grep ".*$type_and_key[ \n]" "$file" || true
|
109
cdist/conf/type/__ssh_authorized_key/gencode-remote
Executable file
109
cdist/conf/type/__ssh_authorized_key/gencode-remote
Executable file
|
@ -0,0 +1,109 @@
|
||||||
|
#!/bin/sh
|
||||||
|
#
|
||||||
|
# 2014 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||||
|
#
|
||||||
|
# This file is part of cdist.
|
||||||
|
#
|
||||||
|
# cdist is free software: you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU General Public License as published by
|
||||||
|
# the Free Software Foundation, either version 3 of the License, or
|
||||||
|
# (at your option) any later version.
|
||||||
|
#
|
||||||
|
# cdist is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
# GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public License
|
||||||
|
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
#
|
||||||
|
|
||||||
|
set -u
|
||||||
|
|
||||||
|
remove_line() {
|
||||||
|
file="$1"
|
||||||
|
line="$2"
|
||||||
|
cat << DONE
|
||||||
|
tmpfile=\$(mktemp ${file}.cdist.XXXXXXXXXX)
|
||||||
|
# preserve ownership and permissions of existing file
|
||||||
|
if [ -f "$file" ]; then
|
||||||
|
cp -p "$file" "\$tmpfile"
|
||||||
|
fi
|
||||||
|
grep -v -F -x '$line' '$file' > \$tmpfile || true
|
||||||
|
mv -f "\$tmpfile" "$file"
|
||||||
|
DONE
|
||||||
|
}
|
||||||
|
|
||||||
|
add_line() {
|
||||||
|
file="$1"
|
||||||
|
line="$2"
|
||||||
|
# escape single quotes
|
||||||
|
line_sanitised=$(echo "$line" | sed -e "s/'/'\"'\"'/g")
|
||||||
|
printf '%s' "printf '%s\n' '$line_sanitised' >> $file"
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
file="$(cat "$__object/parameter/file")"
|
||||||
|
mkdir "$__object/files"
|
||||||
|
|
||||||
|
# Generate the entry as it should be
|
||||||
|
(
|
||||||
|
if [ -f "$__object/parameter/option" ]; then
|
||||||
|
# comma seperated list of options
|
||||||
|
options="$(cat "$__object/parameter/option" | tr '\n' ',')"
|
||||||
|
printf '%s ' "${options%*,}"
|
||||||
|
fi
|
||||||
|
if [ -f "$__object/parameter/comment" ]; then
|
||||||
|
# extract the keytype and base64 encoded key ignoring any options and comment
|
||||||
|
printf '%s ' "$(cat "$__object/parameter/key" | tr ' ' '\n' | awk '/^(ssh|ecdsa)-[^ ]+/ { printf $1" "; getline; printf $1 }')"
|
||||||
|
# override the comment with the one explicitly given
|
||||||
|
printf '%s' "$(cat "$__object/parameter/comment")"
|
||||||
|
else
|
||||||
|
printf '%s' "$(cat "$__object/parameter/key")"
|
||||||
|
fi
|
||||||
|
printf '\n'
|
||||||
|
) > "$__object/files/should"
|
||||||
|
|
||||||
|
# Remove conflicting entries if any
|
||||||
|
if [ -s "$__object/explorer/entry" ]; then
|
||||||
|
# Note that the files have to be sorted for comparison with `comm`.
|
||||||
|
sort "$__object/explorer/entry" > "$__object/files/is"
|
||||||
|
comm -13 "$__object/files/should" "$__object/files/is" | {
|
||||||
|
while read entry; do
|
||||||
|
remove_line "$file" "$entry"
|
||||||
|
done
|
||||||
|
}
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Determine the current state
|
||||||
|
entry="$(cat "$__object/files/should")"
|
||||||
|
state_should="$(cat "$__object/parameter/state")"
|
||||||
|
num_existing_entries=$(grep -c -F -x "$entry" "$__object/explorer/entry" || true)
|
||||||
|
if [ $num_existing_entries -eq 1 ]; then
|
||||||
|
state_is="present"
|
||||||
|
else
|
||||||
|
# Posix grep does not define the -m option, so we can not remove a single
|
||||||
|
# occurence of a string from a file in the `remove_line` function. Instead
|
||||||
|
# _all_ occurences are removed.
|
||||||
|
# By using `comm` to detect conflicting entries this could lead to the
|
||||||
|
# situation that the key we want to add is actually removed.
|
||||||
|
# To workaround this we must treat 0 or more then 1 existing entries to
|
||||||
|
# mean current state is 'absent'. By doing this, the key is readded
|
||||||
|
# again after cleaning up conflicting entries.
|
||||||
|
state_is="absent"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Manage the actual entry as it should be
|
||||||
|
if [ "$state_should" = "$state_is" ]; then
|
||||||
|
# Nothing to do
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
case "$state_should" in
|
||||||
|
present)
|
||||||
|
add_line "$file" "$entry"
|
||||||
|
;;
|
||||||
|
absent)
|
||||||
|
remove_line "$file" "$entry"
|
||||||
|
;;
|
||||||
|
esac
|
67
cdist/conf/type/__ssh_authorized_key/man.text
Normal file
67
cdist/conf/type/__ssh_authorized_key/man.text
Normal file
|
@ -0,0 +1,67 @@
|
||||||
|
cdist-type__ssh_authorized_key(7)
|
||||||
|
=================================
|
||||||
|
Steven Armstrong <steven-cdist--@--armstrong.cc>
|
||||||
|
|
||||||
|
|
||||||
|
NAME
|
||||||
|
----
|
||||||
|
cdist-type__ssh_authorized_key - manage a single ssh authorized key entry
|
||||||
|
|
||||||
|
|
||||||
|
DESCRIPTION
|
||||||
|
-----------
|
||||||
|
Manage a single authorized key entry in an authorized_key file.
|
||||||
|
This type was created to be used by the __ssh_authorized_keys type.
|
||||||
|
|
||||||
|
|
||||||
|
REQUIRED PARAMETERS
|
||||||
|
-------------------
|
||||||
|
file::
|
||||||
|
the authorized_keys file to which the given key should be added
|
||||||
|
|
||||||
|
key::
|
||||||
|
a string containing the ssh keytype, base 64 encoded key and optional
|
||||||
|
trailing comment which shall be added to the given authorized_keys file.
|
||||||
|
|
||||||
|
|
||||||
|
OPTIONAL PARAMETERS
|
||||||
|
-------------------
|
||||||
|
comment::
|
||||||
|
explicit comment instead of the one which may be trailing the given key
|
||||||
|
|
||||||
|
option::
|
||||||
|
an option to set for this authorized_key entry.
|
||||||
|
Can be specified multiple times.
|
||||||
|
See sshd(8) for available options.
|
||||||
|
|
||||||
|
state::
|
||||||
|
if the given keys should be 'present' or 'absent', defaults to 'present'.
|
||||||
|
|
||||||
|
|
||||||
|
EXAMPLES
|
||||||
|
--------
|
||||||
|
|
||||||
|
--------------------------------------------------------------------------------
|
||||||
|
__ssh_authorized_key some-id \
|
||||||
|
--file "/home/user/.ssh/autorized_keys" \
|
||||||
|
--key "$(cat ~/.ssh/id_rsa.pub)"
|
||||||
|
|
||||||
|
__ssh_authorized_key some-id \
|
||||||
|
--file "/home/user/.ssh/autorized_keys" \
|
||||||
|
--key "$(cat ~/.ssh/id_rsa.pub)" \
|
||||||
|
--option 'command="/path/to/script"' \
|
||||||
|
--option 'environment="FOO=bar"' \
|
||||||
|
--comment 'one to rule them all'
|
||||||
|
--------------------------------------------------------------------------------
|
||||||
|
|
||||||
|
|
||||||
|
SEE ALSO
|
||||||
|
--------
|
||||||
|
- cdist-type(7)
|
||||||
|
- cdist__ssh_authorized_keys(7)
|
||||||
|
- sshd(8)
|
||||||
|
|
||||||
|
COPYING
|
||||||
|
-------
|
||||||
|
Copyright \(C) 2014 Steven Armstrong. Free use of this software is
|
||||||
|
granted under the terms of the GNU General Public License version 3 (GPLv3).
|
|
@ -0,0 +1 @@
|
||||||
|
present
|
2
cdist/conf/type/__ssh_authorized_key/parameter/optional
Normal file
2
cdist/conf/type/__ssh_authorized_key/parameter/optional
Normal file
|
@ -0,0 +1,2 @@
|
||||||
|
comment
|
||||||
|
state
|
|
@ -0,0 +1 @@
|
||||||
|
option
|
2
cdist/conf/type/__ssh_authorized_key/parameter/required
Normal file
2
cdist/conf/type/__ssh_authorized_key/parameter/required
Normal file
|
@ -0,0 +1,2 @@
|
||||||
|
file
|
||||||
|
key
|
27
cdist/conf/type/__ssh_authorized_keys/explorer/file
Executable file
27
cdist/conf/type/__ssh_authorized_keys/explorer/file
Executable file
|
@ -0,0 +1,27 @@
|
||||||
|
#!/bin/sh
|
||||||
|
#
|
||||||
|
# 2014 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||||
|
#
|
||||||
|
# This file is part of cdist.
|
||||||
|
#
|
||||||
|
# cdist is free software: you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU General Public License as published by
|
||||||
|
# the Free Software Foundation, either version 3 of the License, or
|
||||||
|
# (at your option) any later version.
|
||||||
|
#
|
||||||
|
# cdist is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
# GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public License
|
||||||
|
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
#
|
||||||
|
|
||||||
|
if [ -f "$__object/parameter/file" ]; then
|
||||||
|
cat "$__object/parameter/file"
|
||||||
|
else
|
||||||
|
owner="$(cat "$__object/parameter/owner" 2>/dev/null || echo "$__object_id")"
|
||||||
|
home=$(getent passwd "$owner" | cut -d':' -f 6)
|
||||||
|
echo "$home/.ssh/authorized_keys"
|
||||||
|
fi
|
|
@ -18,5 +18,6 @@
|
||||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||||
#
|
#
|
||||||
|
|
||||||
gid="$("$__type_explorer/passwd" | cut -d':' -f 4)"
|
owner="$(cat "$__object/parameter/owner" 2>/dev/null || echo "$__object_id")"
|
||||||
|
gid="$(getent passwd "$owner" | cut -d':' -f 4)"
|
||||||
getent group "$gid" || true
|
getent group "$gid" || true
|
||||||
|
|
|
@ -12,13 +12,13 @@ DESCRIPTION
|
||||||
-----------
|
-----------
|
||||||
Adds or removes ssh keys from a authorized_keys file.
|
Adds or removes ssh keys from a authorized_keys file.
|
||||||
|
|
||||||
This type also manages the directory containing the authorized_keys
|
This type uses the __ssh_dot_ssh type to manage the directory containing
|
||||||
file and sets strict ownership and permissions. You can disable this feature
|
the authorized_keys file. You can disable this feature with the --noparent
|
||||||
with the --noparent boolean parameter.
|
boolean parameter.
|
||||||
|
|
||||||
The existence, ownership and permissions of the authorized_keys file itself are
|
The existence, ownership and permissions of the authorized_keys file itself are
|
||||||
also managed. This can be disabled with the --nofile boolean parameter. It is
|
also managed. This can be disabled with the --nofile boolean parameter. It is
|
||||||
then left to the user to ensure that the file exists and that ownership and
|
then left to the user to ensure that the file exists and that ownership and
|
||||||
permissions work with ssh.
|
permissions work with ssh.
|
||||||
|
|
||||||
|
|
||||||
|
@ -31,15 +31,23 @@ key::
|
||||||
|
|
||||||
OPTIONAL PARAMETERS
|
OPTIONAL PARAMETERS
|
||||||
-------------------
|
-------------------
|
||||||
|
comment::
|
||||||
|
explicit comment instead of the one which may be trailing the given key
|
||||||
|
|
||||||
|
file::
|
||||||
|
an alternative destination file, defaults to ~$owner/.ssh/authorized_keys
|
||||||
|
|
||||||
|
option::
|
||||||
|
an option to set for all created authorized_key entries.
|
||||||
|
Can be specified multiple times.
|
||||||
|
See sshd(8) for available options.
|
||||||
|
|
||||||
owner::
|
owner::
|
||||||
the user owning the authorized_keys file, defaults to object_id.
|
the user owning the authorized_keys file, defaults to object_id.
|
||||||
|
|
||||||
state::
|
state::
|
||||||
if the given keys should be 'present' or 'absent', defaults to 'present'.
|
if the given keys should be 'present' or 'absent', defaults to 'present'.
|
||||||
|
|
||||||
file::
|
|
||||||
an alternative destination file, defaults to ~$owner/.ssh/authorized_keys
|
|
||||||
|
|
||||||
|
|
||||||
BOOLEAN PARAMETERS
|
BOOLEAN PARAMETERS
|
||||||
------------------
|
------------------
|
||||||
|
@ -64,13 +72,24 @@ __ssh_authorized_keys root \
|
||||||
__ssh_authorized_keys user-name \
|
__ssh_authorized_keys user-name \
|
||||||
--key "ssh-rsa AXYZAAB3NzaC1yc2..."
|
--key "ssh-rsa AXYZAAB3NzaC1yc2..."
|
||||||
|
|
||||||
|
# allow key to login as user-name with options and expicit comment
|
||||||
|
__ssh_authorized_keys user-name \
|
||||||
|
--key "ssh-rsa AXYZAAB3NzaC1yc2..." \
|
||||||
|
--option no-agent-forwarding \
|
||||||
|
--option 'from="*.example.com"' \
|
||||||
|
--comment 'backup server'
|
||||||
|
|
||||||
# same as above, but with explicit owner and two keys
|
# same as above, but with explicit owner and two keys
|
||||||
|
# note that the options are set for all given keys
|
||||||
__ssh_authorized_keys some-fancy-id \
|
__ssh_authorized_keys some-fancy-id \
|
||||||
--owner user-name \
|
--owner user-name \
|
||||||
--key "ssh-rsa AXYZAAB3NzaC1yc2..." \
|
--key "ssh-rsa AXYZAAB3NzaC1yc2..." \
|
||||||
--key "ssh-rsa AZXYAAB3NzaC1yc2..."
|
--key "ssh-rsa AZXYAAB3NzaC1yc2..." \
|
||||||
|
--option no-agent-forwarding \
|
||||||
|
--option 'from="*.example.com"' \
|
||||||
|
--comment 'backup server'
|
||||||
|
|
||||||
# same as above, but authorized_keys file in non standard location
|
# authorized_keys file in non standard location
|
||||||
__ssh_authorized_keys some-fancy-id \
|
__ssh_authorized_keys some-fancy-id \
|
||||||
--file /etc/ssh/keys/user-name/authorized_keys \
|
--file /etc/ssh/keys/user-name/authorized_keys \
|
||||||
--owner user-name \
|
--owner user-name \
|
||||||
|
@ -89,6 +108,7 @@ __ssh_authorized_keys some-fancy-id \
|
||||||
SEE ALSO
|
SEE ALSO
|
||||||
--------
|
--------
|
||||||
- cdist-type(7)
|
- cdist-type(7)
|
||||||
|
- sshd(8)
|
||||||
|
|
||||||
|
|
||||||
COPYING
|
COPYING
|
||||||
|
|
|
@ -21,16 +21,7 @@
|
||||||
|
|
||||||
owner="$(cat "$__object/parameter/owner" 2>/dev/null || echo "$__object_id")"
|
owner="$(cat "$__object/parameter/owner" 2>/dev/null || echo "$__object_id")"
|
||||||
state="$(cat "$__object/parameter/state" 2>/dev/null)"
|
state="$(cat "$__object/parameter/state" 2>/dev/null)"
|
||||||
if [ -f "$__object/parameter/file" ]; then
|
file="$(cat "$__object/explorer/file")"
|
||||||
file="$(cat "$__object/parameter/file")"
|
|
||||||
else
|
|
||||||
home="$(cut -d':' -f 6 "$__object/explorer/passwd")"
|
|
||||||
if [ -z "$home" ]; then
|
|
||||||
echo "Failed to get home directory from explorer." >&2
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
file="$home/.ssh/authorized_keys"
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [ ! -f "$__object/parameter/noparent" -o ! -f "$__object/parameter/nofile" ]; then
|
if [ ! -f "$__object/parameter/noparent" -o ! -f "$__object/parameter/nofile" ]; then
|
||||||
group="$(cut -d':' -f 1 "$__object/explorer/group")"
|
group="$(cut -d':' -f 1 "$__object/explorer/group")"
|
||||||
|
@ -40,12 +31,8 @@ if [ ! -f "$__object/parameter/noparent" -o ! -f "$__object/parameter/nofile" ];
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ ! -f "$__object/parameter/noparent" ]; then
|
if [ ! -f "$__object/parameter/noparent" ]; then
|
||||||
# Ensure that the directory in which the authorized_keys shall be exists and
|
__ssh_dot_ssh "$owner"
|
||||||
# has the right permissions.
|
export require="__ssh_dot_ssh/$owner"
|
||||||
ssh_directory="${file%/*}"
|
|
||||||
__directory "$ssh_directory" --state present --parents \
|
|
||||||
--owner "$owner" --group "$group" --mode 0700
|
|
||||||
export require="__directory/$ssh_directory"
|
|
||||||
fi
|
fi
|
||||||
if [ ! -f "$__object/parameter/nofile" ]; then
|
if [ ! -f "$__object/parameter/nofile" ]; then
|
||||||
# Ensure that authorized_keys file exists and has the right permissions.
|
# Ensure that authorized_keys file exists and has the right permissions.
|
||||||
|
@ -54,6 +41,7 @@ if [ ! -f "$__object/parameter/noparent" -o ! -f "$__object/parameter/nofile" ];
|
||||||
--group "$group" \
|
--group "$group" \
|
||||||
--mode 0600 \
|
--mode 0600 \
|
||||||
--state exists
|
--state exists
|
||||||
|
export require="__file/$file"
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
@ -67,22 +55,25 @@ __block "$__object_name" \
|
||||||
--text - << DONE
|
--text - << DONE
|
||||||
remove legacy block
|
remove legacy block
|
||||||
DONE
|
DONE
|
||||||
|
export require="__block/$__object_name"
|
||||||
|
|
||||||
_cksum() {
|
_cksum() {
|
||||||
echo "$1" | cksum | cut -d' ' -f 1
|
echo "$1" | cksum | cut -d' ' -f 1
|
||||||
}
|
}
|
||||||
|
|
||||||
while read key; do
|
while read key; do
|
||||||
cksum_key="$(_cksum "$key")"
|
type_and_key="$(echo "$key" | tr ' ' '\n' | awk '/^(ssh|ecdsa)-[^ ]+/ { printf $1" "; getline; printf $1 }')"
|
||||||
line_id="${owner}-${cksum_key}"
|
object_id="$(_cksum "$file")-$(_cksum "$type_and_key")"
|
||||||
|
set -- "$object_id"
|
||||||
set -- "$line_id"
|
|
||||||
set -- "$@" --file "$file"
|
set -- "$@" --file "$file"
|
||||||
set -- "$@" --regex ".*$key.*"
|
set -- "$@" --key "$key"
|
||||||
if [ "$state" = 'present' ]; then
|
|
||||||
set -- "$@" --line "$key"
|
|
||||||
fi
|
|
||||||
set -- "$@" --state "$state"
|
set -- "$@" --state "$state"
|
||||||
# Ensure __line does not read stdin
|
if [ -f "$__object/parameter/option" ]; then
|
||||||
require="__block/$__object_name" __line "$@" < /dev/null
|
set -- "$@" --option "$(cat "$__object/parameter/option")"
|
||||||
|
fi
|
||||||
|
if [ -f "$__object/parameter/comment" ]; then
|
||||||
|
set -- "$@" --comment "$(cat "$__object/parameter/comment")"
|
||||||
|
fi
|
||||||
|
# Ensure __ssh_authorized_key does not read stdin
|
||||||
|
__ssh_authorized_key "$@" < /dev/null
|
||||||
done < "$__object/parameter/key"
|
done < "$__object/parameter/key"
|
||||||
|
|
|
@ -1,3 +1,5 @@
|
||||||
|
comment
|
||||||
|
file
|
||||||
|
option
|
||||||
owner
|
owner
|
||||||
state
|
state
|
||||||
file
|
|
||||||
|
|
22
cdist/conf/type/__ssh_dot_ssh/explorer/group
Executable file
22
cdist/conf/type/__ssh_dot_ssh/explorer/group
Executable file
|
@ -0,0 +1,22 @@
|
||||||
|
#!/bin/sh
|
||||||
|
#
|
||||||
|
# 2014 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||||
|
#
|
||||||
|
# This file is part of cdist.
|
||||||
|
#
|
||||||
|
# cdist is free software: you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU General Public License as published by
|
||||||
|
# the Free Software Foundation, either version 3 of the License, or
|
||||||
|
# (at your option) any later version.
|
||||||
|
#
|
||||||
|
# cdist is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
# GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public License
|
||||||
|
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
#
|
||||||
|
|
||||||
|
gid="$("$__type_explorer/passwd" | cut -d':' -f 4)"
|
||||||
|
getent group "$gid" || true
|
|
@ -1,6 +1,7 @@
|
||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
#
|
#
|
||||||
# 2012 Steven Armstrong (steven-cdist at armstrong.cc)
|
# 2012 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||||
|
# 2014 Nico Schottelius (nico-cdist at schottelius.org)
|
||||||
#
|
#
|
||||||
# This file is part of cdist.
|
# This file is part of cdist.
|
||||||
#
|
#
|
||||||
|
@ -18,6 +19,6 @@
|
||||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||||
#
|
#
|
||||||
|
|
||||||
owner="$(cat "$__object/parameter/owner" 2>/dev/null || echo "$__object_id")"
|
owner="$__object_id"
|
||||||
|
|
||||||
getent passwd "$owner" || true
|
getent passwd "$owner" || true
|
44
cdist/conf/type/__ssh_dot_ssh/man.text
Normal file
44
cdist/conf/type/__ssh_dot_ssh/man.text
Normal file
|
@ -0,0 +1,44 @@
|
||||||
|
cdist-type__ssh_dot_ssh(7)
|
||||||
|
==========================
|
||||||
|
Nico Schottelius <nico-cdist--@--schottelius.org>
|
||||||
|
|
||||||
|
|
||||||
|
NAME
|
||||||
|
----
|
||||||
|
cdist-type__ssh_dot_ssh - Manage .ssh directory
|
||||||
|
|
||||||
|
|
||||||
|
DESCRIPTION
|
||||||
|
-----------
|
||||||
|
Adds or removes .ssh directory to a user home.
|
||||||
|
|
||||||
|
This type is being used by __ssh_authorized_keys.
|
||||||
|
|
||||||
|
OPTIONAL PARAMETERS
|
||||||
|
-------------------
|
||||||
|
state::
|
||||||
|
if the directory should be 'present' or 'absent', defaults to 'present'.
|
||||||
|
|
||||||
|
|
||||||
|
EXAMPLES
|
||||||
|
--------
|
||||||
|
|
||||||
|
--------------------------------------------------------------------------------
|
||||||
|
# Ensure root has ~/.ssh with the right permissions
|
||||||
|
__ssh_dot_ssh root
|
||||||
|
|
||||||
|
# Nico does not need ~/.ssh anymore
|
||||||
|
__ssh_dot_ssh nico --state absent
|
||||||
|
--------------------------------------------------------------------------------
|
||||||
|
|
||||||
|
|
||||||
|
SEE ALSO
|
||||||
|
--------
|
||||||
|
- cdist-type(7)
|
||||||
|
- cdist-type__ssh_authorized_keys(7)
|
||||||
|
|
||||||
|
|
||||||
|
COPYING
|
||||||
|
-------
|
||||||
|
Copyright \(C) 2014 Nico Schottelius. Free use of this software is
|
||||||
|
granted under the terms of the GNU General Public License version 3 (GPLv3).
|
44
cdist/conf/type/__ssh_dot_ssh/manifest
Executable file
44
cdist/conf/type/__ssh_dot_ssh/manifest
Executable file
|
@ -0,0 +1,44 @@
|
||||||
|
#!/bin/sh
|
||||||
|
#
|
||||||
|
# 2012-2014 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||||
|
# 2014 Nico Schottelius (nico-cdist at schottelius.org)
|
||||||
|
#
|
||||||
|
# This file is part of cdist.
|
||||||
|
#
|
||||||
|
# cdist is free software: you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU General Public License as published by
|
||||||
|
# the Free Software Foundation, either version 3 of the License, or
|
||||||
|
# (at your option) any later version.
|
||||||
|
#
|
||||||
|
# cdist is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
# GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public License
|
||||||
|
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
#
|
||||||
|
# Hacked in Kalamata, Greece
|
||||||
|
#
|
||||||
|
|
||||||
|
owner="$__object_id"
|
||||||
|
state="$(cat "$__object/parameter/state")"
|
||||||
|
|
||||||
|
group="$(cut -d':' -f 1 "$__object/explorer/group")"
|
||||||
|
if [ -z "$group" ]; then
|
||||||
|
echo "Failed to get owners group from explorer." >&2
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
home="$(cut -d':' -f 6 "$__object/explorer/passwd")"
|
||||||
|
if [ -z "$home" ]; then
|
||||||
|
echo "Failed to get home directory from explorer." >&2
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
ssh_directory="${home}/.ssh"
|
||||||
|
|
||||||
|
# Ensure that the directory in which the authorized_keys shall be exists and
|
||||||
|
# has the right permissions.
|
||||||
|
__directory "$ssh_directory" \
|
||||||
|
--state "$state" \
|
||||||
|
--owner "$owner" --group "$group" --mode 0700
|
1
cdist/conf/type/__ssh_dot_ssh/parameter/default/state
Normal file
1
cdist/conf/type/__ssh_dot_ssh/parameter/default/state
Normal file
|
@ -0,0 +1 @@
|
||||||
|
present
|
1
cdist/conf/type/__ssh_dot_ssh/parameter/optional
Normal file
1
cdist/conf/type/__ssh_dot_ssh/parameter/optional
Normal file
|
@ -0,0 +1 @@
|
||||||
|
state
|
|
@ -1,6 +1,6 @@
|
||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
#
|
#
|
||||||
# 2013 Daniel Heule (hda at sfs.biz)
|
# 2013-2014 Daniel Heule (hda at sfs.biz)
|
||||||
#
|
#
|
||||||
# This file is part of cdist.
|
# This file is part of cdist.
|
||||||
#
|
#
|
||||||
|
@ -26,4 +26,4 @@ if [ -f "$__object/parameter/uri" ]; then
|
||||||
else
|
else
|
||||||
uri="$__object_id"
|
uri="$__object_id"
|
||||||
fi
|
fi
|
||||||
echo $(zypper lr -u | grep -E "\<$uri\>" | cut -d'|' -f 1 | grep -E '^[0-9]' )
|
echo $(zypper lr -u | grep -F "$uri" | cut -d'|' -f 1 | grep -E '^[0-9]' )
|
||||||
|
|
|
@ -144,4 +144,4 @@ class Manifest(object):
|
||||||
type_manifest = os.path.join(self.local.type_path, cdist_object.cdist_type.manifest_path)
|
type_manifest = os.path.join(self.local.type_path, cdist_object.cdist_type.manifest_path)
|
||||||
message_prefix = cdist_object.name
|
message_prefix = cdist_object.name
|
||||||
if os.path.isfile(type_manifest):
|
if os.path.isfile(type_manifest):
|
||||||
self.local.run_script(type_manifest, env=self.env_type_manifest(cdist_object))
|
self.local.run_script(type_manifest, env=self.env_type_manifest(cdist_object), message_prefix=message_prefix)
|
||||||
|
|
|
@ -37,12 +37,14 @@ class Message(object):
|
||||||
self.prefix = prefix
|
self.prefix = prefix
|
||||||
self.global_messages = messages
|
self.global_messages = messages
|
||||||
|
|
||||||
self.messages_in = tempfile.mkstemp(suffix='.cdist_message_in')[1]
|
in_fd, self.messages_in = tempfile.mkstemp(suffix='.cdist_message_in')
|
||||||
self.messages_out = tempfile.mkstemp(suffix='.cdist_message_out')[1]
|
out_fd, self.messages_out = tempfile.mkstemp(suffix='.cdist_message_out')
|
||||||
|
|
||||||
|
os.close(in_fd)
|
||||||
|
os.close(out_fd)
|
||||||
|
|
||||||
self._copy_messages()
|
self._copy_messages()
|
||||||
|
|
||||||
|
|
||||||
@property
|
@property
|
||||||
def env(self):
|
def env(self):
|
||||||
env = {}
|
env = {}
|
||||||
|
|
|
@ -15,12 +15,41 @@ Changelog
|
||||||
* Core: Integrate initial preos support
|
* Core: Integrate initial preos support
|
||||||
|
|
||||||
|
|
||||||
3.1.6:
|
3.1.10:
|
||||||
|
* Core: Fix too many open files bug (#343)
|
||||||
|
* Type __ssh_authorized_keys: Remove unneeded explorer (Steven Armstrong)
|
||||||
|
* Type __ssh_authorized_keys: Fix empty output bug of entry explorer (Steven Armstrong)
|
||||||
|
* Type __package_apt: Add support for --target-release
|
||||||
|
|
||||||
|
3.1.9: 2014-10-17
|
||||||
|
* Type __package_emerge: Fix handling of slotted packages (Daniel Heule)
|
||||||
|
* Type __package_apt: Use --force-confdef (Ricardo Catalinas Jiménez)
|
||||||
|
* Type __package_update_index: Decrease verbosity (Ricardo Catalinas Jiménez)
|
||||||
|
* Type __package_upgrade_all: Decrease verbosity (Ricardo Catalinas Jiménez)
|
||||||
|
|
||||||
|
3.1.8: 2014-10-01
|
||||||
|
* New Type: __package_update_index (Ricardo Catalinas Jiménez)
|
||||||
|
* New Type: __package_upgrade_all (Ricardo Catalinas Jiménez)
|
||||||
|
|
||||||
|
3.1.7: 2014-09-29
|
||||||
|
* Type __cdistmarker: Fix typo (Ricardo Catalinas Jiménez)
|
||||||
|
* Core: Bugfix: Export messaging to manifests (Ricardo Catalinas Jiménez)
|
||||||
|
* Explorer cpu_cores, cpu_sockets, memory: Add Mac OS X support (Manuel Hutter)
|
||||||
|
* Type __ssh_authorized_keys: Ensure keys are correctly added (Steven Armstrong)
|
||||||
|
* New Type: __ssh_authorized_key (Steven Armstrong)
|
||||||
|
* New Type: __package_pkgng_freebsd (Jake Guffey)
|
||||||
|
|
||||||
|
3.1.6: 2014-08-18
|
||||||
|
* New Type: __ssh_dot_ssh
|
||||||
* Type __package_yum: Support retrieving package via URL
|
* Type __package_yum: Support retrieving package via URL
|
||||||
* Type __hostname: Support SuSE and have CentOS use sysconfig value
|
* Type __hostname: Support SuSE and have CentOS use sysconfig value
|
||||||
* Type __locale: Support SuSE
|
* Type __locale: Support SuSE
|
||||||
|
* Type __locale: Support Archlinux
|
||||||
* Type __timezone: Support SuSE
|
* Type __timezone: Support SuSE
|
||||||
* Type __file: Support MacOS X (Manuel Hutter)
|
* Type __file: Support MacOS X (Manuel Hutter)
|
||||||
|
* Type __iptables_apply: Add "reset" to init.d script of iptables
|
||||||
|
* Type __ssh_authorized_key: Use new type __ssh_dot_ssh
|
||||||
|
* Type __zypper_repo: Bugfix for pattern matching (Daniel Heule)
|
||||||
|
|
||||||
3.1.5: 2014-05-05
|
3.1.5: 2014-05-05
|
||||||
* Type __zypper_repo: Automatically import gpg keys (Daniel Heule)
|
* Type __zypper_repo: Automatically import gpg keys (Daniel Heule)
|
||||||
|
|
18
docs/dev/logs/2014-09-10.preos-keys
Normal file
18
docs/dev/logs/2014-09-10.preos-keys
Normal file
|
@ -0,0 +1,18 @@
|
||||||
|
|
||||||
|
cdist preos keyramfs --keyfile --keyfile
|
||||||
|
|
||||||
|
[17:51] freiheit:vcs% mkdir preos-keys
|
||||||
|
[17:51] freiheit:vcs% mkdir -p preos-keys/root/.ssh
|
||||||
|
[17:56] freiheit:vcs%
|
||||||
|
|
||||||
|
chown root:root -R preos-keys/
|
||||||
|
chmod 0600 preos-keys/root/.ssh/authorized_keys
|
||||||
|
|
||||||
|
chmod 0700 preos-keys/root/
|
||||||
|
chmod 0700 preos-keys/root/.ssh/
|
||||||
|
|
||||||
|
[18:20:17] freiheit:/home/users/nico/.ungleich/ungleich/vcs/preos-keys# find . | cpio -H newc -o | gzip -9 > ../initramfs.cpio.gz
|
||||||
|
4 blocks
|
||||||
|
[18:21:08] freiheit:/home/users/nico/.ungleich/ungleich/vcs/preos-keys#
|
||||||
|
|
||||||
|
|
104
docs/dev/logs/2014-11-11.discussion
Normal file
104
docs/dev/logs/2014-11-11.discussion
Normal file
|
@ -0,0 +1,104 @@
|
||||||
|
- logging/cache destination
|
||||||
|
local:
|
||||||
|
~/.cdist/log/by-host/$__target/host/config/YYYY/MM/DD/hhmmss/
|
||||||
|
~/.cdist/log/by-session/YYYY/MM/DD/hhmmss/$__target_host/
|
||||||
|
config/
|
||||||
|
install/
|
||||||
|
export/
|
||||||
|
remote:
|
||||||
|
/var/lib/cdist/YYYY-MM-DD-hhmmss-$sourcehost.$pid
|
||||||
|
|
||||||
|
rm old directories on remote side
|
||||||
|
|
||||||
|
- support for tags
|
||||||
|
- for partial configuration
|
||||||
|
- supports also install
|
||||||
|
- on object definition, define
|
||||||
|
- a) don't care (i.e. no tags)
|
||||||
|
- b) require tag (only if this tag is setup)
|
||||||
|
- c) require not tag (only if this tag is *not* setup)
|
||||||
|
- d) what if both given (conflicting)
|
||||||
|
- names for parameters:
|
||||||
|
- cdist config / cdist type
|
||||||
|
--if-tag / --not-if-tag / --require-tag
|
||||||
|
--not-if-tag
|
||||||
|
|
||||||
|
- logging
|
||||||
|
- command line
|
||||||
|
- stdin of cdist
|
||||||
|
- stdout/stderr/stdin of types
|
||||||
|
- new: stdout/stderr
|
||||||
|
- initial manifest
|
||||||
|
- if coming from stdin
|
||||||
|
|
||||||
|
- logging configurable
|
||||||
|
- to be discussed
|
||||||
|
|
||||||
|
- sudo remote
|
||||||
|
- cp to tmp & mv
|
||||||
|
- umask issue?
|
||||||
|
|
||||||
|
- install
|
||||||
|
- via tagged types
|
||||||
|
-
|
||||||
|
|
||||||
|
- export
|
||||||
|
- one /export script per type
|
||||||
|
- exports of type running after object's code is done
|
||||||
|
- global export should also exist after everything
|
||||||
|
- PR & merge
|
||||||
|
- change DONE status to CODE_DONE
|
||||||
|
- introduce EXPORT_DONE
|
||||||
|
|
||||||
|
|
||||||
|
- preos
|
||||||
|
- merge with debian support only
|
||||||
|
- we are open to support --os-type later
|
||||||
|
|
||||||
|
- stackable remotes
|
||||||
|
- change API for remote_exec and remote_copy
|
||||||
|
- new minor version
|
||||||
|
- PR & merge
|
||||||
|
|
||||||
|
- locking
|
||||||
|
- optional
|
||||||
|
- remote lock
|
||||||
|
- based on $(ls /var/lib/cdist/) > 0
|
||||||
|
|
||||||
|
- ideas for parallelisation
|
||||||
|
- run explorer in parallel
|
||||||
|
- type
|
||||||
|
- object
|
||||||
|
- objects without dependencies can be run in parallel
|
||||||
|
|
||||||
|
- connection test
|
||||||
|
- just implement
|
||||||
|
|
||||||
|
- multi user environment
|
||||||
|
- not really needed [at the moment]
|
||||||
|
- can be implemented by
|
||||||
|
- git branches
|
||||||
|
- setting the output dir
|
||||||
|
|
||||||
|
- python2 support with __future__
|
||||||
|
- steven votes against it
|
||||||
|
- nico does not care too much to object
|
||||||
|
|
||||||
|
|
||||||
|
- pull based
|
||||||
|
- sshd / stdin + stdout
|
||||||
|
- use Use ProxyCommand with stdin/stdout
|
||||||
|
- http://www.nico.schottelius.org/blog/openssh-6.2-add-callback-functionality-using-dynamic-remote-port-forwarding/
|
||||||
|
|
||||||
|
- cdist grant-pull-access <targethost>
|
||||||
|
- generate user
|
||||||
|
- ssh pubkeypair
|
||||||
|
- call wraper script on targethost
|
||||||
|
- it is shell!
|
||||||
|
- ssh cdistuser@controlhost
|
||||||
|
|
||||||
|
- config replay/redo/undo
|
||||||
|
- not now
|
||||||
|
|
||||||
|
|
||||||
|
- have a new discussion about handling uris
|
|
@ -5,10 +5,6 @@ Feel free to pick one!
|
||||||
|
|
||||||
CORE
|
CORE
|
||||||
----
|
----
|
||||||
- support default parameter
|
|
||||||
- document and add paremeters for remote-copy and remote-exec!
|
|
||||||
- remove hack, make a feature of it
|
|
||||||
|
|
||||||
- remove var=foo calls on remote side. Use -o SendEnv (yeah, see ssh_config(5))
|
- remove var=foo calls on remote side. Use -o SendEnv (yeah, see ssh_config(5))
|
||||||
|
|
||||||
TESTS
|
TESTS
|
||||||
|
@ -23,9 +19,6 @@ TESTS
|
||||||
|
|
||||||
USER INTERFACE
|
USER INTERFACE
|
||||||
--------------
|
--------------
|
||||||
- How to cleanly implement "restart service if config file changed"
|
|
||||||
-> document
|
|
||||||
|
|
||||||
- Cache
|
- Cache
|
||||||
- add example how to use
|
- add example how to use
|
||||||
- export variable $__cache
|
- export variable $__cache
|
||||||
|
@ -45,7 +38,6 @@ TYPES
|
||||||
- Add testing framework (proposed by Evax Software)
|
- Add testing framework (proposed by Evax Software)
|
||||||
- __user
|
- __user
|
||||||
add option to include --create-home
|
add option to include --create-home
|
||||||
- Merge __addifnosuchline and __removeline into __line + --state present|absent
|
|
||||||
- __cron: Support --file to be used instead of user cron (probably direct support
|
- __cron: Support --file to be used instead of user cron (probably direct support
|
||||||
of /etc/cron.d)
|
of /etc/cron.d)
|
||||||
|
|
||||||
|
|
|
@ -203,10 +203,10 @@ __global::
|
||||||
Directory that contains generic output like explorer.
|
Directory that contains generic output like explorer.
|
||||||
Available for: initial manifest, type manifest, type gencode, shell
|
Available for: initial manifest, type manifest, type gencode, shell
|
||||||
__messages_in::
|
__messages_in::
|
||||||
File to read messages from
|
File to read messages from.
|
||||||
Available for: initial manifest, type manifest, type gencode
|
Available for: initial manifest, type manifest, type gencode
|
||||||
__messages_out::
|
__messages_out::
|
||||||
File to write messages
|
File to write messages.
|
||||||
Available for: initial manifest, type manifest, type gencode
|
Available for: initial manifest, type manifest, type gencode
|
||||||
__object::
|
__object::
|
||||||
Directory that contains the current object.
|
Directory that contains the current object.
|
||||||
|
|
|
@ -50,7 +50,7 @@ else
|
||||||
name="$__object_id"
|
name="$__object_id"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Except dpkg failing, if package is not known / installed
|
# Expect dpkg failing, if package is not known / installed
|
||||||
dpkg -s "$name" 2>/dev/null || exit 0
|
dpkg -s "$name" 2>/dev/null || exit 0
|
||||||
--------------------------------------------------------------------------------
|
--------------------------------------------------------------------------------
|
||||||
|
|
||||||
|
@ -64,5 +64,5 @@ SEE ALSO
|
||||||
|
|
||||||
COPYING
|
COPYING
|
||||||
-------
|
-------
|
||||||
Copyright \(C) 2010-2012 Nico Schottelius. Free use of this software is
|
Copyright \(C) 2010-2014 Nico Schottelius. Free use of this software is
|
||||||
granted under the terms of the GNU General Public License version 3 (GPLv3).
|
granted under the terms of the GNU General Public License version 3 (GPLv3).
|
||||||
|
|
|
@ -110,6 +110,7 @@ setup the variable "require" to contain the requirements. Multiple
|
||||||
requirements can be added white space separated.
|
requirements can be added white space separated.
|
||||||
|
|
||||||
--------------------------------------------------------------------------------
|
--------------------------------------------------------------------------------
|
||||||
|
|
||||||
1 # No dependency
|
1 # No dependency
|
||||||
2 __file /etc/cdist-configured
|
2 __file /etc/cdist-configured
|
||||||
3
|
3
|
||||||
|
@ -121,21 +122,43 @@ requirements can be added white space separated.
|
||||||
9 require="__file/etc/cdist-configured __link/tmp/cdist-testfile" \
|
9 require="__file/etc/cdist-configured __link/tmp/cdist-testfile" \
|
||||||
10 __file /tmp/cdist-another-testfile
|
10 __file /tmp/cdist-another-testfile
|
||||||
|
|
||||||
|
|
||||||
--------------------------------------------------------------------------------
|
--------------------------------------------------------------------------------
|
||||||
|
|
||||||
Above the "require" variable is only set for the command that is
|
Above the "require" variable is only set for the command that is
|
||||||
immediately following it. Dependencies should allways be declared that way.
|
immediately following it. Dependencies should always be declared that way.
|
||||||
|
|
||||||
On line 4 you can see that the instantion of a type "__link" object needs
|
On line 4 you can see that the instantion of a type "\__link" object needs
|
||||||
the object "__file/etc/cdist-configured" to be present, before it can proceed.
|
the object "__file/etc/cdist-configured" to be present, before it can proceed.
|
||||||
|
|
||||||
This also means that the "__link" command must make sure, that either
|
This also means that the "\__link" command must make sure, that either
|
||||||
"__file/etc/cdist-configured" allready is present, or, if it's not, it needs
|
"\__file/etc/cdist-configured" allready is present, or, if it's not, it needs
|
||||||
to be created. The task of cdist is to make sure, that the dependency will be
|
to be created. The task of cdist is to make sure, that the dependency will be
|
||||||
resolved appropriately and thus "__file/etc/cdist-configured" be created
|
resolved appropriately and thus "\__file/etc/cdist-configured" be created
|
||||||
if necessary before "__link" proceeds (or to abort execution with an error).
|
if necessary before "__link" proceeds (or to abort execution with an error).
|
||||||
|
|
||||||
|
If you really need to make all types depend on a common dependency, you can
|
||||||
|
export the "require" variable as well. But then, if you need to add extra
|
||||||
|
dependencies to a specific type, you have to make sure that you append these
|
||||||
|
to the globally already defined one.
|
||||||
|
|
||||||
|
--------------------------------------------------------------------------------
|
||||||
|
|
||||||
|
# First of all, update the package index
|
||||||
|
__package_update_index
|
||||||
|
# Upgrade all the installed packages afterwards
|
||||||
|
require="__package_update_index" __package_upgrade_all
|
||||||
|
# Create a common dependency for all the next types so that they get to
|
||||||
|
# be executed only after the package upgrade has finished
|
||||||
|
export require="__package_upgrade_all"
|
||||||
|
|
||||||
|
# Ensure that lighttpd is installed after we have upgraded all the packages
|
||||||
|
__package lighttpd --state present
|
||||||
|
# Ensure that munin is installed after lighttpd is present and after all
|
||||||
|
# the packages are upgraded
|
||||||
|
require="$require __package/lighttpd" __package munin --state present
|
||||||
|
|
||||||
|
--------------------------------------------------------------------------------
|
||||||
|
|
||||||
All objects that are created in a type manifest are automatically required
|
All objects that are created in a type manifest are automatically required
|
||||||
from the type that is calling them. This is called "autorequirement" in
|
from the type that is calling them. This is called "autorequirement" in
|
||||||
cdist jargon.
|
cdist jargon.
|
||||||
|
|
|
@ -57,6 +57,48 @@ if grep -q "^__your_type/object/id:something" "$__messages_in"; then
|
||||||
fi
|
fi
|
||||||
--------------------------------------------------------------------------------
|
--------------------------------------------------------------------------------
|
||||||
|
|
||||||
|
Some real life examples:
|
||||||
|
--------------------------------------------------------------------------------
|
||||||
|
# Reacting on changes from block for keepalive
|
||||||
|
if grep -q "^__block/keepalive-vrrp" "$__messages_in"; then
|
||||||
|
echo /etc/init.d/keepalived restart
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Reacting on changes of configuration files
|
||||||
|
if grep -q "^__file/etc/one" $__messages_in; then
|
||||||
|
echo 'for init in /etc/init.d/opennebula*; do $init restart; done'
|
||||||
|
fi
|
||||||
|
--------------------------------------------------------------------------------
|
||||||
|
|
||||||
|
Restart sshd on changes
|
||||||
|
--------------------------------------------------------------------------------
|
||||||
|
os="$(cat "$__global/explorer/os")"
|
||||||
|
|
||||||
|
case "$os" in
|
||||||
|
centos|redhat|suse)
|
||||||
|
restart="/etc/init.d/sshd restart"
|
||||||
|
;;
|
||||||
|
debian|ubuntu)
|
||||||
|
restart="/etc/init.d/ssh restart"
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
cat << eof >&2
|
||||||
|
Unsupported os $os.
|
||||||
|
If you would like to have this type running on $os,
|
||||||
|
you can either develop the changes and send a pull
|
||||||
|
request or ask for a quote at www.ungleich.ch
|
||||||
|
eof
|
||||||
|
exit 1
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
if grep -q "^__key_value/PermitRootLogin" "$__messages_in"; then
|
||||||
|
echo $restart
|
||||||
|
fi
|
||||||
|
--------------------------------------------------------------------------------
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
SEE ALSO
|
SEE ALSO
|
||||||
--------
|
--------
|
||||||
|
|
|
@ -100,7 +100,7 @@ echo use_ssl >> cdist/conf/type/__nginx_vhost/parameter/boolean
|
||||||
USING PARAMETERS
|
USING PARAMETERS
|
||||||
----------------
|
----------------
|
||||||
The parameters given to a type can be accessed and used in all type scripts
|
The parameters given to a type can be accessed and used in all type scripts
|
||||||
(e.g manifest, gencode-*, explorer/*). Note that boolean parameters are
|
(e.g manifest, gencode, explorer). Note that boolean parameters are
|
||||||
represented by file existence. File exists -> True,
|
represented by file existence. File exists -> True,
|
||||||
file does not exist -> False
|
file does not exist -> False
|
||||||
|
|
||||||
|
@ -281,7 +281,7 @@ on the target, there must be another type that provides this tool and the first
|
||||||
type should create an object of the specific type.
|
type should create an object of the specific type.
|
||||||
|
|
||||||
If your type wants to save temporary data, that may be used by other types
|
If your type wants to save temporary data, that may be used by other types
|
||||||
later on (for instance __file), you can save them in the subdirectory
|
later on (for instance \__file), you can save them in the subdirectory
|
||||||
"files" below $__object (but you must create it yourself).
|
"files" below $__object (but you must create it yourself).
|
||||||
cdist will not touch this directory.
|
cdist will not touch this directory.
|
||||||
|
|
||||||
|
|
Binary file not shown.
Binary file not shown.
BIN
docs/speeches/2014-06-10_openclouddays.odp
Normal file
BIN
docs/speeches/2014-06-10_openclouddays.odp
Normal file
Binary file not shown.
BIN
docs/speeches/2014-06-10_openclouddays_teaser.odp
Normal file
BIN
docs/speeches/2014-06-10_openclouddays_teaser.odp
Normal file
Binary file not shown.
BIN
docs/speeches/2014-06-10_openclouddays_teaser.pdf
Normal file
BIN
docs/speeches/2014-06-10_openclouddays_teaser.pdf
Normal file
Binary file not shown.
BIN
docs/speeches/2014-06-19_ucms14_cdi.st.odp
Normal file
BIN
docs/speeches/2014-06-19_ucms14_cdi.st.odp
Normal file
Binary file not shown.
BIN
docs/speeches/2014-06-19_ucms14_cdist_cinv_bof.odp
Normal file
BIN
docs/speeches/2014-06-19_ucms14_cdist_cinv_bof.odp
Normal file
Binary file not shown.
BIN
docs/speeches/2014-11-07_sfs_linux_erfa_cdist4.odp
Normal file
BIN
docs/speeches/2014-11-07_sfs_linux_erfa_cdist4.odp
Normal file
Binary file not shown.
BIN
docs/speeches/2014-11-07_sfs_linux_erfa_cdist4.pdf
Normal file
BIN
docs/speeches/2014-11-07_sfs_linux_erfa_cdist4.pdf
Normal file
Binary file not shown.
BIN
docs/speeches/2014-11-07_sfs_linux_erfa_cdist_web_prototype.odp
Normal file
BIN
docs/speeches/2014-11-07_sfs_linux_erfa_cdist_web_prototype.odp
Normal file
Binary file not shown.
BIN
docs/speeches/2014-11-07_sfs_linux_erfa_cdist_web_prototype.pdf
Normal file
BIN
docs/speeches/2014-11-07_sfs_linux_erfa_cdist_web_prototype.pdf
Normal file
Binary file not shown.
Loading…
Reference in a new issue