ConfigLMM 0.3.0 → 0.4.0

data/Plugins/OS/Linux/Distributions.yaml

@@ -2,15 +2,47 @@
 opensuse-leap:
     Name: openSUSE Leap
     InstallPackage: zypper install --no-confirm
+    RemovePackage: zypper remove --no-confirm
     AutoStartService: systemctl enable
     StartService: systemctl start
+    RestartService: systemctl restart
+    ReloadService: systemctl reload
+    StopService: systemctl stop
+    DisableService: systemctl disable
+    ReloadServiceManager: systemctl daemon-reload
     CreateServiceUser: useradd --system --shell /usr/sbin/nologin --user-group
     ModifyUser: usermod
+    DeleteUser: userdel --remove --force
+    DeleteGroup: groupdel
 
 arch:
     Name: Arch Linux
     InstallPackage: pacman -S --noconfirm --needed
+    RemovePackage: pacman --remove --noconfirm
     AutoStartService: systemctl enable
     StartService: systemctl start
+    RestartService: systemctl restart
+    ReloadService: systemctl reload
+    StopService: systemctl stop
+    DisableService: systemctl disable
+    ReloadServiceManager: systemctl daemon-reload
     CreateServiceUser: useradd --system --shell /usr/sbin/nologin --user-group
     ModifyUser: usermod
+    DeleteUser: userdel --remove --force
+    DeleteGroup: groupdel
+
+debian:
+    Name: Debian
+    InstallPackage: DEBIAN_FRONTEND=noninteractive apt-get install --assume-yes
+    RemovePackage: apt-get remove --assume-yes
+    AutoStartService: systemctl enable
+    StartService: systemctl start
+    RestartService: systemctl restart
+    ReloadService: systemctl reload
+    StopService: systemctl stop
+    DisableService: systemctl disable
+    ReloadServiceManager: systemctl daemon-reload
+    CreateServiceUser: useradd --system --shell /usr/sbin/nologin --user-group
+    ModifyUser: usermod
+    DeleteUser: userdel --remove --force
+    DeleteGroup: groupdel

data/Plugins/OS/Linux/Flavours.yaml

@@ -0,0 +1,11 @@
+openSUSE Leap:
+    ISO: https://download.opensuse.org/distribution/leap/15.6/iso/openSUSE-Leap-15.6-NET-x86_64-Media.iso
+
+Arch Linux:
+    ISO: https://mirror.rackspace.com/archlinux/iso/2024.10.01/archlinux-x86_64.iso
+
+Debian:
+    ISO: https://cdimage.debian.org/debian-cd/current/amd64/iso-cd/debian-12.7.0-amd64-netinst.iso
+
+Proxmox VE:
+    ISO: https://enterprise.proxmox.com/iso/proxmox-ve_8.2-2.iso

data/Plugins/OS/Linux/Linux.lmm.rb

@@ -20,7 +20,7 @@ module ConfigLMM
                 prepareConfig(target)
                 buildHostsFile(id, target, options)
                 buildSSHConfig(id, target, options)
-                buildAutoYaST(id, target, options)
+                buildAutoInstall(id, target, options)
             end
 
             def actionLinuxDeploy(id, target, activeState, context, options)
@@ -53,7 +53,7 @@ module ConfigLMM
                             envs = self.class.sshExec!(ssh, "env").split("\n")
                             envVars = Hash[envs.map { |vars| vars.split('=', 2) }]
                             ipAddr = envVars['SSH_CONNECTION'].split[-2]
-                            hostsLines << ipAddr.ljust(16) + target['Domain'] + ' ' + target['Name'] + "\n"
+                            hostsLines << ipAddr.ljust(16) + Addressable::IDNA.to_ascii(target['Domain']) + ' ' + target['Name'] + "\n"
                         end
                         target['Hosts'].to_a.each do |ip, entries|
                             hostsLines << ip.ljust(16) + entries.join(' ') + "\n"
@@ -63,44 +63,8 @@ module ConfigLMM
                         end
                     end
                     distroInfo = self.class.currentDistroInfo(ssh)
-                    if target['Network']
-                        if distroInfo['Name'] == 'openSUSE Leap'
-                            networkFile = '/etc/sysconfig/network/ifcfg-eth0'
-                            if target['Network'] == 'dhcp'
-                                self.class.sshExec!(ssh, "sed -i \"s|^BOOTPROTO=.*|BOOTPROTO='dhcp'|\" #{networkFile}")
-                            else
-                                self.class.sshExec!(ssh, "sed -i \"s|^BOOTPROTO=.*|BOOTPROTO='static'|\" #{networkFile}")
-                                updateRemoteFile(ssh, networkFile, options, false) do |fileLines|
-                                    fileLines << "\n"
-                                    if target['Network']['IP']
-                                        if target['Network']['IP'].is_a?(Array)
-                                            # TODO
-                                        else
-                                            self.class.sshExec!(ssh, "sed -i 's|^IPADDR=|#IPADDR=|' #{networkFile}")
-                                            fileLines << "IPADDR=#{target['Network']['IP']}\n"
-                                        end
-                                    end
-                                    fileLines
-                                end
-                                if target['Network']['DNS']
-                                    configFile = '/etc/sysconfig/network/config'
-                                    dns = target['Network']['DNS']
-                                    dns = [dns] unless dns.is_a?(Array)
-                                    self.class.sshExec!(ssh, "sed -i 's|^NETCONFIG_DNS_STATIC_SERVERS=.*|NETCONFIG_DNS_STATIC_SERVERS=\"#{dns.join(' ')}\"|' #{configFile}")
-                                end
-                                if target['Network']['Gateway']
-                                    routesFile = '/etc/sysconfig/network/routes'
-                                    self.class.sshExec!(ssh, "sed -i 's|^default |#default |' #{routesFile}")
-                                    updateRemoteFile(ssh, routesFile, options) do |fileLines|
-                                        fileLines << "default #{target['Network']['Gateway']}\n"
-                                    end
-                                end
-                            end
-                        else
-                            # TODO
-                            raise 'Not Unimplemented!'
-                        end
-                    end
+                    convertFlavour(distroInfo, target, ssh, options)
+                    configureNetwork(distroInfo, target, ssh, options)
                     if target['Tmpfs']
                         self.class.sshExec!(ssh, "sed -i '/ \\/tmp /d' #{FSTAB_FILE}")
                         updateRemoteFile(ssh, FSTAB_FILE, options, false) do |fileLines|
@@ -146,6 +110,187 @@ module ConfigLMM
                 end
             end
 
+            def convertFlavour(distroInfo, target, ssh, options)
+                if target['Flavour']
+                    if target['Flavour'] == PROXMOXVE_NAME
+                        if distroInfo['Name'] != DEBIAN_NAME
+                            raise 'Can\'t convert flavour!'
+                        end
+                        if self.class.filePresent?('/etc/apt/sources.list.d/pve-install-repo.list', ssh)
+                            needInstall = self.class.exec('dpkg --status proxmox-ve 2>/dev/null | grep Status | grep installed | wc -l', ssh).strip.to_i.zero?
+                            if needInstall
+                                self.class.exec('DEBIAN_FRONTEND=noninteractive apt install --assume-yes proxmox-ve postfix open-iscsi chrony', ssh)
+                                self.class.exec("apt remove --assume-yes os-prober linux-image-amd64 'linux-image-*'", ssh)
+                                self.class.exec('update-grub', ssh)
+                            end
+                        else
+                            self.class.exec('echo "deb [arch=amd64] http://download.proxmox.com/debian/pve bookworm pve-no-subscription" > /etc/apt/sources.list.d/pve-install-repo.list', ssh)
+                            File.write(options['output'] + 'proxmox-release-bookworm.gpg', HTTP.follow.get('https://enterprise.proxmox.com/debian/proxmox-release-bookworm.gpg').body)
+                            ssh.scp.upload!(options['output'] + 'proxmox-release-bookworm.gpg', '/etc/apt/trusted.gpg.d/proxmox-release-bookworm.gpg')
+                            self.class.exec('apt update && apt full-upgrade --assume-yes', ssh)
+                            self.class.exec('apt install --assume-yes proxmox-default-kernel', ssh)
+                            self.class.exec('systemctl reboot', ssh)
+                        end
+                        target['Network'] = {} unless target['Network'].is_a?(Hash)
+                        target['Network']['Interfaces'] = {} unless target['Network']['Interfaces'].is_a?(Hash)
+                        if !target['Network']['Interfaces'].key?('vmbr0')
+                            if target['Network']['IP']
+                                target['Network']['Interfaces']['vmbr0'] = {}
+                                target['Network']['Interfaces']['vmbr0']['Type'] = 'Bridge'
+                                target['Network']['Interfaces']['vmbr0']['IP'] = target['Network']['IP']
+                                target['Network']['Interfaces']['vmbr0']['Gateway'] = target['Network']['Gateway']
+                                target['Network']['Interfaces']['vmbr0']['DNS'] = target['Network']['DNS']
+                            else
+                                target['Network']['Interfaces']['vmbr0'] = 'dhcp'
+                            end
+                        end
+                    else
+                        raise 'Unimplemented flavour!'
+                    end
+                end
+            end
+
+            def configureNetwork(distroInfo, target, ssh, options)
+                if target['Network']
+                    if distroInfo['Name'] == 'openSUSE Leap'
+                        updateNetworkInterface(target['Network'], 'eth0', ssh, options)
+                        if target['Network']['Interfaces']
+                            target['Network']['Interfaces'].each do |interface, config|
+                                updateNetworkInterface(config, interface, ssh, options)
+                            end
+                        end
+                        if target['Network']['DNS']
+                            configFile = '/etc/sysconfig/network/config'
+                            dns = target['Network']['DNS']
+                            dns = [dns] unless dns.is_a?(Array)
+                            self.class.sshExec!(ssh, "sed -i 's|^NETCONFIG_DNS_STATIC_SERVERS=.*|NETCONFIG_DNS_STATIC_SERVERS=\"#{dns.join(' ')}\"|' #{configFile}")
+                        end
+                        if target['Network']['Gateway']
+                            routesFile = '/etc/sysconfig/network/routes'
+                            self.class.sshExec!(ssh, "sed -i 's|^default |#default |' #{routesFile}")
+                            updateRemoteFile(ssh, routesFile, options) do |fileLines|
+                                fileLines << "default #{target['Network']['Gateway']}\n"
+                            end
+                        end
+                    elsif distroInfo['Name'] == 'Debian'
+                        links = self.networkLinks(ssh)
+                        raise 'Didn\'t find network links!' if links.empty?
+                        linkType = nil
+                        dnsSearch = self.class.exec('cat /etc/resolv.conf | grep search', ssh).strip.split(' ').last
+                        if target['Network'].is_a?(String)
+                            linkType = target['Network']
+                            target['Network'] = {}
+                        end
+                        if !target['Network'].key?('Interfaces') ||
+                           target['Network']['Interfaces'].to_h.empty? ||
+                           !target['Network']['Interfaces'].key?(links.first)
+                           target['Network']['Interfaces'] ||= {}
+                           if !linkType.nil?
+                               target['Network']['Interfaces'][links.first] = linkType
+                           else
+                               target['Network']['Interfaces'][links.first] = {}
+                               target['Network']['Interfaces'][links.first]['IP'] = target['Network']['IP']
+                               target['Network']['Interfaces'][links.first]['Gateway'] = target['Network']['Gateway']
+                               target['Network']['Interfaces'][links.first]['DNS'] = target['Network']['DNS']
+                           end
+                        end
+                        if target['Network']['Interfaces'].key?('vmbr0')
+                            if target['Network']['Interfaces']['vmbr0']['Ports'].nil?
+                                target['Network']['Interfaces']['vmbr0']['Ports'] = [links.first]
+                                target['Network']['Interfaces'][links.first] = 'manual'
+                            end
+                        end
+                        interfacesFile = '/etc/network/interfaces'
+                        localFile = options['output'] + '/' + SecureRandom.alphanumeric(10)
+                        ssh.scp.download!(interfacesFile, localFile)
+                        fileLines = File.read(localFile).lines
+                        if fileLines.index(CONFIGLMM_SECTION_BEGIN).nil?
+                            lines = []
+                            iface = false
+                            fileLines.each do |line|
+                                if line.start_with?('iface')
+                                    if line.strip.split(' ')[1].start_with?('enp')
+                                        iface = true
+                                    else
+                                        lines << line
+                                    end
+                                elsif iface && (line.start_with?(' ') || line.start_with?("\t"))
+                                    # Drop line
+                                else
+                                    iface = false
+                                    lines << line
+                                end
+                            end
+                            fileWrite(localFile, lines.join(), options[:dry])
+                            ssh.scp.upload!(localFile, interfacesFile)
+                        end
+                        self.updateRemoteFile(ssh, interfacesFile, options) do |fileLines|
+                            target['Network']['Interfaces'].each do |name, data|
+                                fileLines << "auto #{name}\n"
+                                if data.is_a?(String)
+                                    fileLines << "iface #{name} inet #{data}\n"
+                                else
+                                    fileLines << "iface #{name} inet static\n"
+                                    fileLines << "        address #{data['IP']}\n"
+                                    fileLines << "        gateway #{data['Gateway']}\n"
+                                    if data['Ports']
+                                        fileLines << "        bridge-ports #{data['Ports'].join(' ')}\n"
+                                        fileLines << "        bridge-stp off\n"
+                                        fileLines << "        bridge-fd 0\n"
+                                    end
+                                    fileLines << "        # dns-* options are implemented by the resolvconf package, if installed\n"
+                                    fileLines << "        dns-nameservers #{data['DNS']}\n"
+                                    if dnsSearch
+                                        fileLines << "        dns-search #{dnsSearch}\n"
+                                    end
+                                end
+                                fileLines << "\n"
+                            end
+                            fileLines
+                        end
+                    else
+                        # TODO
+                        raise 'Not Unimplemented!'
+                    end
+                end
+            end
+
+            def updateNetworkInterface(config, interface, ssh, options)
+                baseFile = '/etc/sysconfig/network/ifcfg-'
+                networkFile = baseFile + interface
+                self.class.sshExec!(ssh, "touch #{networkFile}")
+                self.class.sshExec!(ssh, "sed -i \"/^BOOTPROTO=.*/d\" #{networkFile}")
+                self.class.sshExec!(ssh, "sed -i \"/^STARTMODE=.*/d\" #{networkFile}")
+                self.class.sshExec!(ssh, "sed -i \"/^ZONE=.*/d\" #{networkFile}")
+                updateRemoteFile(ssh, networkFile, options, false) do |fileLines|
+                    fileLines << "STARTMODE=auto\n"
+                    fileLines << "ZONE=public\n"
+                    if config == 'dhcp'
+                        fileLines << "BOOTPROTO=dhcp\n"
+                    else
+                        fileLines << "BOOTPROTO=static\n"
+                        fileLines << "\n"
+                        if config['IP']
+                            self.class.sshExec!(ssh, "sed -i 's|^IPADDR=|#IPADDR=|' #{networkFile}")
+                            if config['IP'].is_a?(Array)
+                                config['IP'].each_with_index do |ip, i|
+                                    c = "_#{i}"
+                                    c = '' if i.zero?
+                                    fileLines << "IPADDR#{c}=#{ip}\n"
+                                end
+                            else
+                                fileLines << "IPADDR=#{config['IP']}\n"
+                            end
+                        end
+                    end
+                    fileLines
+                end
+            end
+
+            def networkLinks(ssh)
+                self.class.exec("ls /sys/class/net/", ssh).strip.split("\n").select { |name| name.start_with?('enp') }
+            end
+
             def deployLocal(target, options)
                 deployLocalHostsFile(target, options)
                 deployLocalSSHConfig(target, options)
@@ -206,9 +351,11 @@ module ConfigLMM
 
             def deployOverLibvirt(id, target, activeState, context, options)
                 location = Libvirt.getLocation(target['Location'])
-                iso = installationISO(target['Distro'], location)
-                iso = buildISOAutoYaST(id, iso, target, options) if target['Distro'] == SUSE_NAME
-                plugins[:Libvirt].createVM(target['Name'], target, target['Location'], iso, activeState)
+                iso = installationISO(target['Distro'], target['Flavour'], location)
+                iso = buildAutoInstallISO(id, iso, target, options)
+                if plugins[:Libvirt].createVM(target['Name'], target, target['Location'], iso, activeState)
+                    prompt.say("Root password: #{target['Users']['root']['Password']}", :color => :magenta) if target['Users']['root'].key?('Password')
+                end
             end
 
             def buildHostsFile(id, target, options)
@@ -252,11 +399,20 @@ module ConfigLMM
                 end
             end
 
-            def buildAutoYaST(id, target, options)
-                if target['Distro'] == SUSE_NAME
+            def buildAutoInstall(id, target, options)
+                if target['Flavour'] == PROXMOXVE_NAME
+                    outputFolder = options['output'] + '/' + id + '/'
+                    template = ERB.new(File.read(__dir__ + '/Proxmox/answer.toml.erb'))
+                    renderTemplate(template, target, outputFolder + 'answer.toml', options)
+                    File.write("#{outputFolder}/auto-installer-mode.toml", 'mode = "iso"')
+                elsif target['Distro'] == SUSE_NAME
                     outputFolder = options['output'] + '/' + id + '/'
                     template = ERB.new(File.read(__dir__ + '/openSUSE/autoinst.xml.erb'))
                     renderTemplate(template, target, outputFolder + 'autoinst.xml', options)
+                elsif target['Distro'] == DEBIAN_NAME
+                    outputFolder = options['output'] + '/' + id + '/'
+                    template = ERB.new(File.read(__dir__ + '/Debian/preseed.cfg.erb'))
+                    renderTemplate(template, target, outputFolder + 'preseed.cfg', options)
                 end
             end
 
@@ -286,20 +442,14 @@ module ConfigLMM
                 end
             end
 
-            def installationISO(distro, location)
+            def installationISO(distro, flavour, location)
                 url = nil
-                case distro
-                when SUSE_NAME
-                    if location.empty?
-                        # TODO automatically fetch latest version from website
-                        url = 'https://download.opensuse.org/distribution/leap/15.6/iso/openSUSE-Leap-15.6-NET-x86_64-Media.iso'
-                    else
-                        raise Framework::PluginProcessError.new("#{id}: Unimplemented!")
-                    end
-                else
-                    raise Framework::PluginProcessError.new("#{id}: Unknown Linux Distro: #{distro}!")
+                flavour = distro unless flavour
+                flavourInfo = YAML.load_file(__dir__ + '/Flavours.yaml')[flavour]
+                if flavourInfo.nil?
+                    raise Framework::PluginProcessError.new("#{id}: Unknown Linux Distro: #{flavour}!")
                 end
-
+                url = flavourInfo['ISO']
                 filename = File.basename(Addressable::URI.parse(url).path)
                 iso = File.expand_path(ISO_LOCATION + filename)
                 if !File.exist?(iso)
@@ -316,21 +466,59 @@ module ConfigLMM
                 iso
             end
 
+            def buildAutoInstallISO(id, iso, target, options)
+                if target['Flavour'] == PROXMOXVE_NAME
+                    iso = buildISOAutoProxmox(id, iso, target, options)
+                elsif target['Distro'] == SUSE_NAME
+                    iso = buildISOAutoYaST(id, iso, target, options)
+                elsif target['Distro'] == DEBIAN_NAME
+                    iso = buildISOPreseed(id, iso, target, options)
+                end
+                iso
+            end
+
             def buildISOAutoYaST(id, iso, target, options)
                 outputFolder = options['output'] + '/iso/'
                 mkdir(outputFolder, false)
-                `xorriso -osirrox on -indev #{iso} -extract / #{outputFolder} 2>&1 >/dev/null`
+                self.class.exec("xorriso -osirrox on -indev #{iso} -extract / #{outputFolder}")
                 FileUtils.chmod_R(0750, outputFolder) # Need to make it writeable so it can be deleted
                 copy(options['output'] + '/' + id + '/autoinst.xml', outputFolder, false)
 
                 cfg = outputFolder + "boot/x86_64/loader/isolinux.cfg"
-                `sed -i 's|default harddisk|default linux|' #{cfg}`
-                `sed -i 's|append initrd=initrd splash=silent showopts|append initrd=initrd splash=silent autoyast=device://sr0/autoinst.xml|' #{cfg}`
-                `sed -i 's|prompt		1|prompt		0|' #{cfg}`
-                `sed -i 's|timeout		600|timeout		1|' #{cfg}`
+                self.class.exec("sed -i 's|default harddisk|default linux|' #{cfg}")
+                self.class.exec("sed -i 's|append initrd=initrd splash=silent showopts|append initrd=initrd splash=silent autoyast=device://sr0/autoinst.xml|' #{cfg}")
+                self.class.exec("sed -i 's|prompt		1|prompt		0|' #{cfg}")
+                self.class.exec("sed -i 's|timeout		600|timeout		1|' #{cfg}")
 
                 patchedIso = File.dirname(iso) + '/patched.iso'
-                `xorriso -as mkisofs -no-emul-boot -boot-load-size 4 -boot-info-table -iso-level 4 -b boot/x86_64/loader/isolinux.bin -c boot/x86_64/loader/boot.cat -eltorito-alt-boot -e boot/x86_64/efi -no-emul-boot -o #{patchedIso} #{outputFolder} 2>&1 >/dev/null`
+                self.class.exec("xorriso -as mkisofs -no-emul-boot -boot-info-table -boot-load-size 4 -iso-level 4 -b boot/x86_64/loader/isolinux.bin -c boot/x86_64/loader/boot.cat -eltorito-alt-boot -no-emul-boot -e boot/x86_64/efi -o #{patchedIso} #{outputFolder}")
+                patchedIso
+            end
+
+            def buildISOPreseed(id, iso, target, options)
+                outputFolder = options['output'] + '/iso/'
+                mkdir(outputFolder, false)
+                self.class.exec("xorriso -osirrox on -indev #{iso} -extract / #{outputFolder}")
+                FileUtils.chmod_R(0750, outputFolder) # Need to make it writeable so it can be deleted
+                copy(options['output'] + '/' + id + '/preseed.cfg', outputFolder, false)
+
+                self.class.exec("sed -i 's|vga=788 --- quiet|auto=true file=/cdrom/preseed.cfg vga=788 --- quiet|' #{outputFolder + "boot/grub/grub.cfg"}")
+                self.class.exec("sed -i 's|--- quiet|file=/cdrom/preseed.cfg --- quiet|' #{outputFolder + "isolinux/adgtk.cfg"}")
+                self.class.exec("sed -i 's|default .*|default autogui|' #{outputFolder + "isolinux/isolinux.cfg"}")
+
+                patchedIso = File.dirname(iso) + '/patched.iso'
+                self.class.exec("xorriso -as mkisofs -no-emul-boot -boot-info-table -boot-load-size 4 -iso-level 4 -b isolinux/isolinux.bin -c isolinux/boot.cat -eltorito-alt-boot -o #{patchedIso} #{outputFolder}")
+                patchedIso
+            end
+
+            def buildISOAutoProxmox(id, iso, target, options)
+                outputFolder = options['output'] + '/iso/'
+                patchedIso = File.dirname(iso) + '/patched.iso'
+
+                copy(iso, patchedIso, false)
+
+                self.class.exec("xorriso -boot_image any keep -dev #{patchedIso} -map #{options['output'] + '/' + id + '/auto-installer-mode.toml'} /auto-installer-mode.toml")
+                self.class.exec("xorriso -boot_image any keep -dev #{patchedIso} -map #{options['output'] + '/' + id + '/answer.toml'} /answer.toml")
                 patchedIso
             end
 
@@ -345,13 +533,13 @@ module ConfigLMM
                     target['Users']['root']['PasswordHash'] = ENV['LINUX_ROOT_PASSWORD_HASH']
                 elsif ENV['LINUX_ROOT_PASSWORD']
                     target['Users']['root'] ||= {}
+                    target['Users']['root']['Password'] = ENV['LINUX_ROOT_PASSWORD']
                     target['Users']['root']['PasswordHash'] = self.class.linuxPasswordHash(ENV['LINUX_ROOT_PASSWORD'])
                 elsif target['Users'].key?('root')
                     if !target['Users']['root']['Password'] &&
                        !target['Users']['root']['PasswordHash']
-                        rootPassword = SecureRandom.urlsafe_base64(12)
-                        prompt.say("Root password: #{rootPassword}", :color => :magenta)
-                        target['Users']['root']['PasswordHash'] = self.class.linuxPasswordHash(rootPassword)
+                        target['Users']['root']['Password'] = SecureRandom.urlsafe_base64(12)
+                        target['Users']['root']['PasswordHash'] = self.class.linuxPasswordHash(target['Users']['root']['Password'])
                     elsif target['Users']['root']['Password'] == 'no'
                         target['Users']['root'].delete('Password')
                     end
@@ -376,7 +564,7 @@ module ConfigLMM
                     target['Services'] << 'sshd'
                     target['Services'].uniq!
                 end
-                target['Apps'] = self.class.mapPackages(target['Apps'], target['Distro'])
+                target['Apps'] = self.class.mapPackages(target['Apps'], target['Distro']) if target['Distro']
             end
 
             def self.linuxPasswordHash(password)

data/Plugins/OS/Linux/Packages.yaml

@@ -6,6 +6,7 @@ Arch Linux:
     CyrusSASL: cyrus-sasl
     Dovecot: dovecot
     firewalld: firewalld
+    MariaDB: mariadb
     Nextcloud: nextcloud
     nginx: nginx
     PHP-FPM: php-fpm
@@ -14,13 +15,15 @@ Arch Linux:
     PostgreSQL: postgresql
     Postfix: postfix
     PowerDNS: powerdns
+    Roundcube: roundcubemail
+    socat: socat
     sshd: openssh
     Valkey: redis
     WireGuard: wireguard-tools
     Yarn: yarn
 
 openSUSE Leap:
-    Cassandra: home:davispuh:branches:server:database|cassandra
+    Cassandra: server:database|cassandra
     CertBotNginx:
         - python3-certbot-nginx
         - certbot-systemd-timer
@@ -28,6 +31,7 @@ openSUSE Leap:
     CyrusSASL: cyrus-sasl-plain
     Dovecot: dovecot
     firewalld: firewalld
+    MariaDB: mariadb
     Nextcloud: server:php:applications|nextcloud
     nginx: nginx
     PHP-FPM:
@@ -39,13 +43,54 @@ openSUSE Leap:
         - php8-mysql
     php-pecl: php8-pecl
     Podman: podman
-    PostgreSQL: postgresql-server
+    PostgreSQL:
+        - postgresql-server
+        - postgresql-contrib
     Postfix: postfix
     PowerDNS:
+        - pdns
         - pdns-backend-geoip
         - pdns-backend-sqlite3
         - pdns-backend-postgresql
+    Roundcube: roundcubemail
+    socat: socat
     sshd: openssh
     Valkey: redis
     WireGuard: wireguard-tools
     Yarn: yarn
+
+Debian:
+    Cassandra: https://debian.cassandra.apache.org 41x main|cassandra
+    CertBotNginx:
+        - certbot
+        - python3-certbot-dns-rfc2136
+    CyrusSASL: libsasl2-modules
+    Dovecot:
+        - dovecot-imapd
+        - dovecot-lmtpd
+        - dovecot-submissiond
+    firewalld: firewalld
+    MariaDB: mariadb-server
+    Nextcloud:
+    nginx: nginx
+    PHP-FPM:
+        - php-mbstring
+        - php-fpm
+        - php-redis
+        - php-pgsql
+        - php-mysql
+    php-pecl:
+    Podman: podman
+    PostgreSQL: postgresql
+    Postfix: postfix-lmdb
+    PowerDNS:
+        - pdns-server
+        - pdns-backend-geoip
+        - pdns-backend-sqlite3
+        - pdns-backend-pgsql
+    Roundcube: roundcube-pgsql
+    socat: socat
+    sshd: openssh-server
+    Valkey: redis
+    WireGuard: wireguard
+    Yarn: yarnpkg

data/Plugins/OS/Linux/Proxmox/answer.toml.erb

@@ -0,0 +1,30 @@
+[global]
+keyboard = "en-us"
+country = "us"
+fqdn = "<%= Addressable::IDNA.to_ascii(config['Domain']) %>"
+mailto = "<%= config['EMail'] %>"
+timezone = "UTC"
+root_password = "<%= config['Users'].to_h['root'].to_h['Password'] %>"
+<% if !config['Users'].to_h['root'].to_h['AuthorizedKeys'].to_a.empty? %>
+root_ssh_keys = [
+  <% config['Users']['root']['AuthorizedKeys'].each do |entry| %>
+    "<%= entry %>"
+  <% end %>
+]
+<% end %>
+
+[network]
+<% if config['Network'].is_a?(Hash) %>
+source = "from-answer"
+cidr = "<%= config['Network']['IP'] %>"
+dns = "<%= config['Network']['DNS'] %>"
+gateway = "<%= config['Network']['Gateway'] %>"
+filter.IFINDEX = "2"
+<% else %>
+source = "from-dhcp"
+<% end %>
+
+[disk-setup]
+filesystem = "btrfs"
+btrfs.raid = "raid1"
+disk_list = ["vda"]

data/Plugins/OS/Linux/WireGuard/WireGuard.lmm.rb

@@ -17,9 +17,12 @@ module ConfigLMM
                     uri = Addressable::URI.parse(target['Location'])
                     raise Framework::PluginProcessError.new("#{id}: Unknown Protocol: #{uri.scheme}!") if uri.scheme != 'ssh'
                     self.class.sshStart(uri) do |ssh|
-                        sharedKey = self.class.sshExec!(ssh, "firewall-cmd -q --permanent --add-port='#{PORT}'/udp")
-                        sharedKey = self.class.sshExec!(ssh, "firewall-cmd -q --permanent --zone=trusted --add-source=#{SUBNET}")
-                        sharedKey = self.class.sshExec!(ssh, "firewall-cmd -q --permanent --direct --add-rule ipv4 nat POSTROUTING 0 -s #{SUBNET} ! -d #{SUBNET} -j MASQUERADE")
+                        self.class.sshExec!(ssh, "firewall-cmd -q --permanent --add-port='#{PORT}/udp'")
+                        self.class.sshExec!(ssh, "firewall-cmd -q --add-port='#{PORT}/udp'")
+                        self.class.sshExec!(ssh, "firewall-cmd -q --permanent --zone=trusted --add-source=#{SUBNET}")
+                        self.class.sshExec!(ssh, "firewall-cmd -q --zone=trusted --add-source=#{SUBNET}")
+                        self.class.sshExec!(ssh, "firewall-cmd -q --permanent --direct --add-rule ipv4 nat POSTROUTING 0 -s #{SUBNET} ! -d #{SUBNET} -j MASQUERADE")
+                        self.class.sshExec!(ssh, "firewall-cmd -q --direct --add-rule ipv4 nat POSTROUTING 0 -s #{SUBNET} ! -d #{SUBNET} -j MASQUERADE")
 
                         self.class.ensurePackages([WIREGUARD_PACKAGE], ssh)
                         self.class.ensureServiceAutoStartOverSSH(SERVICE_NAME, ssh)
@@ -83,6 +86,31 @@ module ConfigLMM
                     # TODO
                 end
                 self.startService(SERVICE_NAME, target['Location'])
+
+                activeState['Status'] = State::STATUS_DEPLOYED
+            end
+
+            def cleanup(configs, state, context, options)
+                cleanupType(:WireGuard, configs, state, context, options) do |item, id, state, context, options, ssh|
+                    Framework::LinuxApp.stopService(SERVICE_NAME, ssh, options[:dry])
+                    Framework::LinuxApp.disableService(SERVICE_NAME, ssh, options[:dry])
+                    Framework::LinuxApp.removePackage(WIREGUARD_PACKAGE, ssh, options[:dry])
+
+                    self.class.exec("firewall-cmd -q --permanent --remove-port='#{PORT}/udp'", ssh, false, options[:dry])
+                    self.class.exec("firewall-cmd -q --remove-port='#{PORT}/udp'", ssh, false, options[:dry])
+                    self.class.exec("firewall-cmd -q --permanent --zone=trusted --remove-source=#{SUBNET}", ssh, false, options[:dry])
+                    self.class.exec("firewall-cmd -q --zone=trusted --remove-source=#{SUBNET}", ssh, false, options[:dry])
+                    self.class.exec("firewall-cmd -q --permanent --direct --remove-rule ipv4 nat POSTROUTING 0 -s #{SUBNET} ! -d #{SUBNET} -j MASQUERADE", ssh, false, options[:dry])
+                    self.class.exec("firewall-cmd -q --direct --remove-rule ipv4 nat POSTROUTING 0 -s #{SUBNET} ! -d #{SUBNET} -j MASQUERADE", ssh, false, options[:dry])
+
+                    state.item(id)['Status'] = State::STATUS_DELETED unless options[:dry]
+
+                    if options[:destroy]
+                        rm('/etc/wireguard', options[:dry], ssh)
+
+                        state.item(id)['Status'] = State::STATUS_DESTROYED unless options[:dry]
+                    end
+                end
             end
 
             def genkeyOverSSH(ssh)
@@ -100,7 +128,8 @@ module ConfigLMM
             def prepareConfig(target)
                 target['Address'] = '172.20.0.1' unless target['Address']
                 target['Peers'].each do |name, data|
-                    data['AllowedIPs'] = SUBNET unless data['AllowedIPs']
+                    target['Peers'][name] ||= {}
+                    target['Peers'][name]['AllowedIPs'] = SUBNET unless target['Peers'][name]['AllowedIPs']
                 end
             end
         end