RubyGems - confctl - Versions diffs - 1.0.0 → 2.0.0 - Mend

confctl 1.0.0 → 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (38) hide show

checksums.yaml +4 -4
data/.editorconfig +1 -1
data/.gitignore +1 -0
data/.rubocop.yml +1 -0
data/CHANGELOG.md +18 -1
data/README.md +3 -9
data/confctl.gemspec +14 -14
data/docs/carrier.md +138 -0
data/lib/confctl/cli/app.rb +3 -0
data/lib/confctl/cli/cluster.rb +73 -44
data/lib/confctl/cli/configuration.rb +7 -2
data/lib/confctl/cli/gen_data.rb +19 -1
data/lib/confctl/cli/generation.rb +5 -3
data/lib/confctl/generation/host_list.rb +3 -3
data/lib/confctl/git_repo_mirror.rb +2 -2
data/lib/confctl/machine.rb +101 -11
data/lib/confctl/machine_control.rb +7 -0
data/lib/confctl/machine_list.rb +14 -1
data/lib/confctl/machine_status.rb +51 -4
data/lib/confctl/nix.rb +28 -5
data/lib/confctl/swpins/specs/git.rb +1 -1
data/lib/confctl/version.rb +1 -1
data/man/man8/confctl-options.nix.8 +165 -1
data/man/man8/confctl-options.nix.8.md +165 -1
data/man/man8/confctl.8 +21 -1
data/man/man8/confctl.8.md +16 -1
data/nix/evaluator.nix +18 -7
data/nix/lib/default.nix +64 -17
data/nix/lib/machine/default.nix +14 -11
data/nix/lib/machine/info.nix +3 -3
data/nix/modules/cluster/default.nix +142 -3
data/nix/modules/confctl/carrier/base.nix +35 -0
data/nix/modules/confctl/carrier/carrier-env.rb +81 -0
data/nix/modules/confctl/carrier/netboot/build-netboot-server.rb +803 -0
data/nix/modules/confctl/carrier/netboot/nixos.nix +185 -0
data/nix/modules/system-list.nix +8 -0
metadata +12 -7
data/.ruby-version +0 -1

data/nix/modules/confctl/carrier/netboot/build-netboot-server.rb ADDED Viewed

@@ -0,0 +1,803 @@
+#!@ruby@/bin/ruby
+require 'erb'
+require 'fileutils'
+require 'json'
+require 'securerandom'
+class Config
+  class Memtest
+    # @return [Boolean]
+    attr_reader :enable
+    # @return [String]
+    attr_reader :package
+    # @return [String]
+    attr_reader :params
+    # @return [String]
+    attr_reader :params_line
+    def initialize(cfg)
+      @enable = !cfg.nil?
+      return unless @enable
+      @package = cfg.fetch('package')
+      @params = cfg.fetch('params')
+      @params_line = @params.join(' ')
+    end
+  end
+  class IsoImage
+    # @return [String]
+    attr_reader :file
+    # @return [String]
+    attr_reader :label
+    # @return [String]
+    attr_reader :name
+    # @param cfg [Hash]
+    # @param index [Integer]
+    def initialize(cfg, index)
+      @file = cfg.fetch('file')
+      @label = cfg.fetch('label')
+      basename = File.basename(@file)
+      @label = basename if @label.empty?
+      @name = format('%02d-%s', index, basename)
+    end
+  end
+  # @param file [String]
+  def self.parse(file)
+    new(JSON.parse(File.read(file)))
+  end
+  # @return [String]
+  attr_reader :ruby
+  # @return [String]
+  attr_reader :coreutils
+  # @return [String]
+  attr_reader :syslinux
+  # @return [String]
+  attr_reader :tftp_root
+  # @return [String]
+  attr_reader :http_root
+  # @return [String]
+  attr_reader :host_name
+  # @return [String]
+  attr_reader :http_url
+  # @return [Memtest]
+  attr_reader :memtest
+  # @return [Array<IsoImage>]
+  attr_reader :iso_images
+  # @param cfg [Hash]
+  def initialize(cfg)
+    @ruby = cfg.fetch('ruby')
+    @coreutils = cfg.fetch('coreutils')
+    @syslinux = cfg.fetch('syslinux')
+    @tftp_root = cfg.fetch('tftpRoot')
+    @http_root = cfg.fetch('httpRoot')
+    @host_name = cfg.fetch('hostName')
+    @http_url = cfg.fetch('httpUrl')
+    @memtest = Memtest.new(cfg.fetch('memtest'))
+    @iso_images = cfg.fetch('isoImages').each_with_index.map { |v, i| IsoImage.new(v, i) }
+  end
+end
+class NetbootBuilder
+  CONFIG_FILE = '@jsonConfig@'.freeze
+  LINK_DIR = '/nix/var/nix/profiles'.freeze
+  CARRIED_PREFIX = 'confctl'.freeze
+  LOCK_FILE = '/run/confctl/build-netboot-server.lock'.freeze
+  def self.run
+    builder = new(Config.parse(CONFIG_FILE))
+    builder.run
+  end
+  def initialize(config)
+    @config = config
+  end
+  def run
+    lock { safe_run }
+  end
+  protected
+  def safe_run
+    machines = load_machines
+    machines.each do |m|
+      puts m.fqdn
+      m.generations.each do |g|
+        puts "  - #{g.time_s} - #{g.version}#{g.current ? ' (current)' : ''}"
+      end
+      puts
+    end
+    random = SecureRandom.hex(3)
+    builders = [
+      TftpBuilder.new(@config, random, machines, @config.tftp_root),
+      HttpBuilder.new(@config, random, machines, @config.http_root)
+    ]
+    builders.each(&:run)
+    builders.each(&:install)
+    builders.each(&:cleanup)
+  end
+  def lock
+    FileUtils.mkdir_p(File.dirname(LOCK_FILE))
+    File.open(LOCK_FILE, 'w') do |f|
+      f.flock(File::LOCK_EX)
+      yield
+    end
+  end
+  def load_machines
+    machines = {}
+    Dir.entries(LINK_DIR).each do |v|
+      next if /\A#{Regexp.escape(CARRIED_PREFIX)}-(.+)-(\d+)-link\z/ !~ v
+      name = ::Regexp.last_match(1)
+      generation = ::Regexp.last_match(2).to_i
+      link_path = File.join(LINK_DIR, v)
+      machines[name] ||= Machine.new(name)
+      machines[name].add_generation(link_path, generation)
+    end
+    machines.each_value do |m|
+      current_path = File.realpath(File.join(LINK_DIR, "#{CARRIED_PREFIX}-#{m.name}"))
+      m.generations.each do |g|
+        next if g.store_path != current_path
+        g.current = true
+        break
+      end
+    end
+    machines.each_value(&:resolve)
+    machines.values
+  end
+end
+class RootBuilder
+  # @return [Array<Machine>]
+  attr_reader :machines
+  # @return [String]
+  attr_reader :root
+  # @param config [Config]
+  # @param random [String]
+  # @param machines [Array<Machine>]
+  # @param root [String]
+  def initialize(config, random, machines, root)
+    @config = config
+    @machines = machines
+    @target_root = root
+    @root = @new_root = "#{root}.#{random}"
+    begin
+      @current_root = File.readlink(root)
+      unless @current_root.start_with?('/')
+        @current_root = File.join(File.dirname(root), @current_root)
+      end
+    rescue Errno::ENOENT
+      @current_root = nil
+    end
+  end
+  def run
+    mkdir_p('')
+    build
+  end
+  def build
+    raise NotImplementedError
+  end
+  def install
+    # ln -sfn is called instead of using ruby methods, because ln
+    # can replace the symlink atomically.
+    return if Kernel.system(File.join(@config.coreutils, 'bin/ln'), '-sfn', File.basename(@new_root), @target_root)
+    raise "Failed to install new root to #{@target_root}"
+  end
+  def cleanup
+    FileUtils.rm_r(@current_root) if @current_root
+  end
+  protected
+  # @param src [String] link target
+  # @param dst [String] link path relative to root
+  def ln_s(src, dst)
+    FileUtils.ln_s(src, File.join(root, dst))
+  end
+  # @param src [String] link target
+  # @param dst [String] link path relative to root
+  def cp(src, dst)
+    FileUtils.cp(src, File.join(root, dst))
+  end
+  # Create directories within root
+  def mkdir_p(*paths)
+    paths.each do |v|
+      FileUtils.mkdir_p(File.join(root, v))
+    end
+  end
+end
+class TftpBuilder < RootBuilder
+  PROGRAMS = %w[pxelinux.0 ldlinux.c32 libcom32.c32 libutil.c32 memdisk menu.c32 reboot.c32].freeze
+  SPIN_LABELS = {
+    'nixos' => 'NixOS',
+    'vpsadminos' => 'vpsAdminOS'
+  }.freeze
+  def build
+    install_syslinux
+    mkdir_p('pxelinux.cfg', 'pxeserver')
+    install_boot_files
+    @spins =
+      machines.each_with_object([]) do |m, acc|
+        acc << m.spin unless acc.include?(m.spin)
+      end.to_h do |spin|
+        [spin, SPIN_LABELS.fetch(spin, spin)]
+      end
+    render_default_config
+    render_spin_configs
+    render_machine_configs
+    render_iso_image_configs
+  end
+  protected
+  def install_syslinux
+    PROGRAMS.each do |prog|
+      cp(File.join(@config.syslinux, 'share/syslinux', prog), prog)
+    end
+  end
+  def install_boot_files
+    # rubocop:disable Style/GuardClause
+    machines.each do |m|
+      m.generations.each do |g|
+        path = File.join('boot', m.fqdn, g.generation.to_s)
+        mkdir_p(path)
+        Dir.entries(g.store_path).each do |v|
+          next unless %w[bzImage initrd].include?(v)
+          ln_s(File.join(g.store_path, v), File.join(path, v))
+        end
+        ln_s(g.generation.to_s, File.join('boot', m.fqdn, 'current')) if g.current
+      end
+      m.current.macs.each do |mac|
+        # See https://wiki.syslinux.org/wiki/index.php?title=PXELINUX#Configuration
+        ln_s("../pxeserver/machines/#{m.fqdn}/auto.cfg", "pxelinux.cfg/01-#{mac.gsub(':', '-')}")
+      end
+    end
+    if @config.memtest.enable
+      mkdir_p('boot/memtest86')
+      ln_s(File.join(@config.memtest.package, 'memtest.bin'), 'boot/memtest86/memtest.bin')
+    end
+    if @config.iso_images.any?
+      mkdir_p('boot/iso-images')
+      @config.iso_images.each do |img|
+        ln_s(img.file, File.join('boot/iso-images', img.name))
+      end
+    end
+    # rubocop:enable Style/GuardClause
+  end
+  def render_default_config
+    tpl = <<~ERB
+      DEFAULT menu.c32
+      PROMPT 0
+      TIMEOUT 0
+      MENU TITLE <%= hostname %>
+      <% spins.each do |spin, label| -%>
+      LABEL <%= spin %>
+        MENU LABEL <%= label %> >
+        KERNEL menu.c32
+        APPEND pxeserver/<%= spin %>.cfg
+      <% end -%>
+      <% if iso_images.any? -%>
+      LABEL isoimages
+        MENU LABEL ISO images >
+        KERNEL menu.c32
+        APPEND pxeserver/iso-images.cfg
+      <% end -%>
+      <% if enable_memtest -%>
+      LABEL memtest
+        MENU LABEL Memtest86
+        LINUX boot/memtest86/memtest.bin
+        APPEND <%= memtest_params %>
+      <% end -%>
+      LABEL local_boot
+        MENU LABEL Local Boot
+        LOCALBOOT 0
+      LABEL warm_reboot
+        MENU LABEL Warm Reboot
+        KERNEL reboot.c32
+        APPEND --warm
+      LABEL cold_reboot
+        MENU LABEL Cold Reboot
+        KERNEL reboot.c32
+    ERB
+    render_to(
+      tpl,
+      {
+        hostname: @config.host_name,
+        spins: @spins,
+        enable_memtest: @config.memtest.enable,
+        memtest_params: @config.memtest.params_line,
+        iso_images: @config.iso_images
+      },
+      'pxelinux.cfg/default'
+    )
+  end
+  def render_spin_configs
+    tpl = <<~ERB
+      MENU TITLE <%= label %>
+      <% spin_machines.each do |m| -%>
+      LABEL <%= m.fqdn %>
+        MENU LABEL <%= m.label %> >
+        KERNEL menu.c32
+        APPEND pxeserver/machines/<%= m.fqdn %>/menu.cfg
+      <% end -%>
+      LABEL mainmenu
+        MENU LABEL < Back to Main Menu
+        KERNEL menu.c32
+        APPEND pxelinux.cfg/default
+    ERB
+    @spins.each do |spin, label|
+      spin_machines = machines.select { |m| m.spin == spin }.sort { |a, b| a.name <=> b.name }
+      render_to(tpl, { spin:, label:, spin_machines: }, "pxeserver/#{spin}.cfg")
+    end
+  end
+  def render_machine_configs
+    mkdir_p('pxeserver/machines')
+    machines.each do |m|
+      mkdir_p("pxeserver/machines/#{m.fqdn}")
+      send(:"render_machine_#{m.spin}", m)
+    end
+  end
+  def render_machine_nixos(machine)
+    tpl = <<~ERB
+      MENU TITLE <%= m.label %>
+      LABEL <%= m.fqdn %>
+        MENU LABEL <%= m.label %>
+        LINUX boot/<%= m.fqdn %>/<%= m.current.generation %>/bzImage
+        INITRD boot/<%= m.fqdn %>/<%= m.current.generation %>/initrd
+        APPEND init=<%= m.current.toplevel %>/init loglevel=7
+      <% m.generations[1..].each do |g| -%>
+      LABEL <%= m.fqdn %>-<%= g.generation %>
+        MENU LABEL Configuration <%= g.generation %> - <%= g.time_s %> - <%= g.shortrev %>
+        LINUX boot/<%= m.fqdn %>/<%= g.generation %>/bzImage
+        INITRD boot/<%= m.fqdn %>/<%= g.generation %>/initrd
+        APPEND init=<%= g.toplevel %>/init loglevel=7
+      <% end -%>
+      <% if enable_memtest -%>
+      LABEL memtest
+        MENU LABEL Memtest86
+        LINUX boot/memtest86/memtest.bin
+        APPEND <%= memtest_params %>
+      <% end -%>
+      LABEL mainmenu
+        MENU LABEL < Back to Main Menu
+        KERNEL menu.c32
+        APPEND pxelinux.cfg/default
+    ERB
+    render_to(
+      tpl,
+      {
+        m: machine,
+        enable_memtest: @config.memtest.enable,
+        memtest_params: @config.memtest.params_line
+      },
+      "pxeserver/machines/#{machine.fqdn}/menu.cfg"
+    )
+  end
+  def render_machine_vpsadminos(machine)
+    render_machine_vpsadminos_config(
+      machine,
+      generation: machine.current,
+      file: 'menu',
+      root: true
+    )
+    render_machine_vpsadminos_config(
+      machine,
+      generation: machine.current,
+      file: 'auto',
+      timeout: 5,
+      root: true
+    )
+    render_generations(machine)
+    machine.generations.each do |g|
+      render_machine_vpsadminos_config(
+        machine,
+        generation: g,
+        file: "generation-#{g.generation}",
+        root: false
+      )
+    end
+  end
+  # @param machine [Machine]
+  # @param generation [Generation]
+  # @param file [String] config base name
+  # @param root [Boolean] true if this is machine menu page, not generation menu
+  # @param timeout [Integer, nil] timeout in seconds until the default action is taken
+  def render_machine_vpsadminos_config(machine, generation:, file:, root:, timeout: nil)
+    variants = {
+      default: {
+        label: 'Default runlevel',
+        kernel_params: [],
+        runlevel: 'default'
+      },
+      nopools: {
+        label: 'Default runlevel without container imports',
+        kernel_params: ['osctl.pools=0'],
+        runlevel: 'default'
+      },
+      nostart: {
+        label: 'Default runlevel without container autostart',
+        kernel_params: ['osctl.autostart=0'],
+        runlevel: 'default'
+      },
+      rescue: {
+        label: 'Rescue runlevel (network and sshd)',
+        kernel_params: [],
+        runlevel: 'rescue'
+      },
+      single: {
+        label: 'Single-user runlevel (console only)',
+        kernel_params: [],
+        runlevel: 'single'
+      }
+    }
+    tpl = <<~ERB
+      <% if timeout -%>
+      DEFAULT menu.c32
+      TIMEOUT 50
+      <% end -%>
+      MENU TITLE <%= m.label %> (<%= g.generation %> - <%= g.current ? 'current' : g.time_s %> - <%= g.shortrev %>)
+      <% variants.each do |variant, vopts| -%>
+      LABEL <%= variant %>
+        MENU LABEL <%= vopts[:label] %>
+        LINUX boot/<%= m.fqdn %>/<%= g.generation %>/bzImage
+        INITRD boot/<%= m.fqdn %>/<%= g.generation %>/initrd
+        APPEND httproot=<%= File.join(http_url, m.fqdn, g.generation.to_s, 'root.squashfs') %> <%= g.kernel_params.join(' ') %> runlevel=<%= vopts[:runlevel] %> <%= vopts[:kernel_params].join(' ') %>
+      <% end -%>
+      LABEL <%= m.fqdn %>-generations
+        MENU LABEL <%= root ? 'Generations >' : '< Back to Generations' %>
+        KERNEL menu.c32
+        APPEND pxeserver/machines/<%= m.fqdn %>/generations.cfg
+      <% if enable_memtest -%>
+      LABEL memtest
+        MENU LABEL Memtest86
+        LINUX boot/memtest86/memtest.bin
+        APPEND <%= memtest_params %>
+      <% end -%>
+      LABEL mainmenu
+        MENU LABEL < Back to Main Menu
+        KERNEL menu.c32
+        APPEND pxelinux.cfg/default
+    ERB
+    render_to(
+      tpl,
+      {
+        m: machine,
+        g: generation,
+        variants:,
+        http_url: @config.http_url,
+        root:,
+        timeout:,
+        enable_memtest: @config.memtest.enable,
+        memtest_params: @config.memtest.params_line
+      },
+      "pxeserver/machines/#{machine.fqdn}/#{file}.cfg"
+    )
+  end
+  def render_generations(machine)
+    tpl = <<~ERB
+      MENU TITLE <%= m.label %> - generations
+      <% m.generations.each do |g| -%>
+      LABEL generations
+        MENU LABEL Configuration <%= g.generation %> - <%= g.time_s %> - <%= g.shortrev %>
+        KERNEL menu.c32
+        APPEND pxeserver/machines/<%= m.fqdn %>/generation-<%= g.generation %>.cfg
+      <% end -%>
+      LABEL machine
+        MENU LABEL < Back to <%= m.label %>
+        KERNEL menu.c32
+        APPEND pxeserver/machines/<%= m.fqdn %>/menu.cfg
+      LABEL mainmenu
+        MENU LABEL < Back to Main Menu
+        KERNEL menu.c32
+        APPEND pxelinux.cfg/default
+    ERB
+    render_to(tpl, { m: machine }, "pxeserver/machines/#{machine.fqdn}/generations.cfg")
+  end
+  def render_iso_image_configs
+    return if @config.iso_images.empty?
+    tpl = <<~ERB
+      MENU TITLE ISO images
+      <% iso_images.each_with_index do |img, i| -%>
+      LABEL image<%= i %>
+        MENU LABEL <%= img.label %>
+        KERNEL memdisk
+        APPEND iso initrd=boot/iso-images/<%= img.name %> raw
+      <% end -%>
+      LABEL mainmenu
+        MENU LABEL < Back to Main Menu
+        KERNEL menu.c32
+        APPEND pxelinux.cfg/default
+    ERB
+    render_to(tpl, { iso_images: @config.iso_images }, 'pxeserver/iso-images.cfg')
+  end
+  # @param template [String]
+  # @param vars [Hash]
+  def render(template, vars)
+    erb = ERB.new(template, trim_mode: '-')
+    erb.result_with_hash(vars)
+  end
+  # @param template [String]
+  # @param vars [Hash]
+  # @param path [String]
+  def render_to(template, vars, path)
+    File.write(File.join(root, path), render(template, vars))
+  end
+end
+class HttpBuilder < RootBuilder
+  def build
+    machines.each do |m|
+      m.generations.each do |g|
+        begin
+          rootfs = File.realpath(File.join(g.link_path, 'root.squashfs'))
+        rescue Errno::ENOENT
+          next
+        end
+        gen_path = File.join(m.fqdn, g.generation.to_s)
+        mkdir_p(gen_path)
+        ln_s(rootfs, File.join(gen_path, 'root.squashfs'))
+        ln_s(g.generation.to_s, File.join(m.fqdn, 'current')) if g.current
+      end
+    end
+  end
+end
+class Machine
+  # @return [String]
+  attr_reader :name
+  # @return [String]
+  attr_reader :spin
+  # @return [String]
+  attr_reader :fqdn
+  # @return [String]
+  attr_reader :label
+  # @return [Array<Generation>]
+  attr_reader :generations
+  # @return [Generation]
+  attr_reader :current
+  # @param name [String] machine name
+  def initialize(name)
+    @name = name
+    @spin = 'nixos'
+    @fqdn = name
+    @label = name
+    @toplevel = nil
+    @macs = []
+    @generations = []
+    @current = nil
+  end
+  # @param link_path [String] Nix store path
+  # @param generation [Integer]
+  def add_generation(link_path, generation)
+    @generations << Generation.new(link_path, generation)
+    nil
+  end
+  def resolve
+    sort_generations
+    load_json
+  end
+  protected
+  def sort_generations
+    @generations.sort! do |a, b|
+      b.generation <=> a.generation
+    end
+  end
+  def load_json
+    @current = @generations.detect(&:current)
+    if @current.nil?
+      raise "Unable to find current generation of machine #{name}"
+    end
+    @spin = @current.json.fetch('spin', spin)
+    @fqdn = @current.json.fetch('fqdn', name)
+    # rubocop:disable Naming/MemoizedInstanceVariableName
+    @label = @current.json.fetch('label', nil)
+    @label ||= @current.json.fetch('fqdn', nil)
+    @label ||= name
+    # rubocop:enable Naming/MemoizedInstanceVariableName
+  end
+end
+class Generation
+  # @return [String]
+  attr_reader :link_path
+  # @return [String]
+  attr_reader :store_path
+  # @return [Integer]
+  attr_reader :generation
+  # @return [Time]
+  attr_reader :time
+  # @return [String]
+  attr_reader :time_s
+  # @return [Array<String>]
+  attr_reader :kernel_params
+  # @return [String] Nix store path to `config.system.build.toplevel`
+  attr_reader :toplevel
+  # @return [String, nil] system.nixos.version
+  attr_reader :version
+  # @return [String, nil] system.nixos.revision
+  attr_reader :revision
+  # @return [String, nil]
+  attr_reader :shortrev
+  # @return [Array<String>]
+  attr_reader :macs
+  # @return [Boolean]
+  attr_accessor :current
+  # @return [Hash] contents of `machine.json`
+  attr_reader :json
+  # @param link_path [String] Nix store path
+  # @param generation [Integer]
+  def initialize(link_path, generation)
+    @link_path = link_path
+    @store_path = File.realpath(link_path)
+    @generation = generation
+    @time = File.lstat(link_path).mtime
+    @time_s = @time.strftime('%Y-%m-%d %H:%M:%S')
+    @current = false
+    @json = JSON.parse(File.read(File.join(link_path, 'machine.json')))
+    @toplevel = json.fetch('toplevel')
+    @version = json.fetch('version', nil)
+    @revision = json.fetch('revision', nil)
+    @shortrev =
+      if @revision
+        @revision[0..8]
+      elsif @version
+        @version.split('.').last
+      end
+    @macs = json.fetch('macs', [])
+    kernel_params_file = File.join(store_path, 'kernel-params')
+    @kernel_params =
+      if File.exist?(kernel_params_file)
+        File.read(kernel_params_file).strip.split
+      else
+        json.fetch('kernelParams', [])
+      end
+  end
+end
+NetbootBuilder.run