construqt 0.0.1

data/lib/construqt/flavour/ubuntu/flavour_ubuntu_result.rb

@@ -0,0 +1,537 @@
+
+module Construqt
+  module Flavour
+    module Ubuntu
+
+      class EtcNetworkIptables
+        def initialize
+          @mangle = Section.new('mangle')
+          @nat = Section.new('nat')
+          @raw = Section.new('raw')
+          @filter = Section.new('filter')
+        end
+
+        class Section
+          class Block
+            def initialize(section)
+              @section = section
+              @rows = []
+            end
+
+            class Row
+              include Util::Chainable
+              chainable_attr_value :row, nil
+              chainable_attr_value :table, nil
+              chainable_attr_value :chain, nil
+            end
+
+            class RowFactory
+              include Util::Chainable
+              chainable_attr_value :table, nil
+              chainable_attr_value :chain, nil
+              chainable_attr_value :rows, nil
+              def create
+                ret = Row.new.table(get_table).chain(get_chain)
+                get_rows.push(ret)
+                ret
+              end
+            end
+
+            def table(table, chain = nil)
+              RowFactory.new.rows(@rows).table(table).chain(chain)
+            end
+
+            def prerouting
+              table("", 'PREROUTING')
+            end
+
+            def postrouting
+              table("", 'POSTROUTING')
+            end
+
+            def forward
+              table("", 'FORWARD')
+            end
+
+            def output
+              table("", 'OUTPUT')
+            end
+
+            def input
+              table("", 'INPUT')
+            end
+
+            def commit
+              #puts @rows.inspect
+              tables = @rows.inject({}) do |r, row|
+                r[row.get_table] ||= {}
+                r[row.get_table][row.get_chain] ||= []
+                r[row.get_table][row.get_chain] << row
+                r
+              end
+
+              return "" if tables.empty?
+              ret = ["*#{@section.name}"]
+              ret += tables.keys.sort.map do |k|
+                v = tables[k]
+                if k.empty?
+                  v.keys.map{|o| ":#{o} ACCEPT [0:0]" }
+                else
+                  ":#{k} - [0:0]"
+                end
+              end
+
+              tables.keys.sort.each do |k,v|
+                v = tables[k]
+                v.keys.sort.each do |chain|
+                  rows = v[chain]
+                  table = !k.empty? ? "-A #{k}" : "-A #{chain}"
+                  rows.each do |row|
+                    ret << "#{table} #{row.get_row}"
+                  end
+                end
+              end
+
+              ret << "COMMIT"
+              ret << ""
+              ret.join("\n")
+            end
+          end
+
+          def initialize(name)
+            @name = name
+            @ipv4 = Block.new(self)
+            @ipv6 = Block.new(self)
+          end
+
+          def name
+            @name
+          end
+
+          def ipv4
+            @ipv4
+          end
+
+          def ipv6
+            @ipv6
+          end
+
+          def commitv6
+            @ipv6.commit
+          end
+
+          def commitv4
+            @ipv4.commit
+          end
+        end
+
+        def mangle
+          @mangle
+        end
+
+        def raw
+          @raw
+        end
+
+        def nat
+          @nat
+        end
+
+        def filter
+          @filter
+        end
+
+        def commitv4
+          mangle.commitv4+raw.commitv4+nat.commitv4+filter.commitv4
+        end
+
+        def commitv6
+          mangle.commitv6+raw.commitv6+nat.commitv6+filter.commitv6
+        end
+      end
+
+      class EtcNetworkInterfaces
+        def initialize(result)
+          @result = result
+          @entries = {}
+        end
+
+        class Entry
+          class Header
+            MODE_MANUAL = :manual
+            MODE_DHCP = :dhcp
+            MODE_LOOPBACK = :loopback
+            PROTO_INET6 = :inet6
+            PROTO_INET4 = :inet
+            AUTO = :auto
+            def mode(mode)
+              @mode = mode
+              self
+            end
+
+            def protocol(protocol)
+              @protocol = protocol
+              self
+            end
+
+            def noauto
+              @auto = false
+              self
+            end
+
+            def initialize(entry)
+              @entry = entry
+              @auto = true
+              @mode = MODE_MANUAL
+              @protocol = PROTO_INET4
+              @interface_name = nil
+            end
+
+            def interface_name(name)
+              @interface_name = name
+            end
+
+            def get_interface_name
+              @interface_name || @entry.iface.name
+            end
+
+            def commit
+              return "" if @entry.skip_interfaces?
+              out = <<OUT
+# #{@entry.iface.clazz}
+#{@auto ? "auto #{get_interface_name}" : ""}
+iface #{get_interface_name} #{@protocol.to_s} #{@mode.to_s}
+  up   /bin/bash /etc/network/#{get_interface_name}-up.iface
+  down /bin/bash /etc/network/#{get_interface_name}-down.iface
+OUT
+            end
+          end
+
+          class Lines
+            def initialize(entry)
+              @entry = entry
+              @lines = []
+              @ups = []
+              @downs = []
+            end
+
+            def up(block)
+              @ups += block.each_line.map{|i| i.strip }.select{|i| !i.empty? }
+            end
+
+            def down(block)
+              @downs += block.each_line.map{|i| i.strip }.select{|i| !i.empty? }
+            end
+
+            def add(block)
+              @lines += block.each_line.map{|i| i.strip }.select{|i| !i.empty? }
+            end
+
+            def write_s(direction, blocks)
+              @entry.result.add(self.class, <<BLOCK, Construqt::Resources::Rights::ROOT_0755, "etc", "network", "#{@entry.header.get_interface_name}-#{direction}.iface")
+#!/bin/bash
+exec > >(logger -t "#{@entry.header.get_interface_name}-#{direction}") 2>&1
+#{blocks.join("\n")}
+iptables-restore < /etc/network/iptables.cfg
+ip6tables-restore < /etc/network/ip6tables.cfg
+BLOCK
+            end
+
+            def commit
+              write_s("up", @ups)
+              write_s("down", @downs)
+              sections = @lines.inject({}) {|r, line| key = line.split(/\s+/).first; r[key] ||= []; r[key] << line; r }
+              sections.keys.sort.map do |key|
+                if sections[key]
+                  sections[key].map{|j| "  #{j}" }
+                else
+                  nil
+                end
+              end.compact.flatten.join("\n")+"\n\n"
+            end
+          end
+
+          def iface
+            @iface
+          end
+
+          def initialize(result, iface)
+            @result = result
+            @iface = iface
+            @header = Header.new(self)
+            @lines = Lines.new(self)
+            @skip_interfaces = false
+          end
+
+          def result
+            @result
+          end
+
+          def name
+            @iface.name
+          end
+
+          def header
+            @header
+          end
+
+          def lines
+            @lines
+          end
+
+          def skip_interfaces?
+            @skip_interfaces
+          end
+
+          def skip_interfaces
+            @skip_interfaces = true
+            self
+          end
+
+          def commit
+            @header.commit + @lines.commit
+          end
+        end
+
+        def get(iface)
+          throw "clazz needed #{iface.name}" unless iface.clazz
+          @entries[iface.name] ||= Entry.new(@result, iface)
+        end
+
+        def commit
+          #      binding.pry
+          out = [@entries['lo']]
+          clazzes = {}
+          @entries.values.each do |entry|
+            name = entry.iface.clazz#.name[entry.iface.clazz.name.rindex(':')+1..-1]
+            #puts "NAME=>#{name}:#{entry.iface.clazz.name.rindex(':')+1}:#{entry.iface.clazz.name}:#{entry.name}"
+            clazzes[name] ||= []
+            clazzes[name] << entry
+          end
+
+          ['device', 'bond', 'vlan', 'bridge', 'gre'].each do |type|
+            out += (clazzes[type]||[]).select{|i| !out.first || i.name != out.first.name }.sort{|a,b| a.name<=>b.name }
+          end
+
+          out.flatten.compact.inject("") { |r, entry| r += entry.commit; r }
+        end
+      end
+
+      class EtcNetworkVrrp
+        def initialize
+          @interfaces = {}
+        end
+
+        class Vrrp
+          def initialize
+            @masters = []
+            @backups = []
+          end
+
+          def add_master(master)
+            @masters << master
+            self
+          end
+
+          def add_backup(backup)
+            @backups << backup
+            self
+          end
+
+          def render(lines, direction)
+            lines.map do |line|
+              [
+                "                  logger '#{direction}#{line}'",
+                "                  #{line}"
+              ]
+            end.join("\n")
+          end
+
+          def render_masters
+            render(@masters, 'STARTING:')
+          end
+
+          def render_backups
+            render(@backups, 'STOPPING:')
+          end
+        end
+
+        def get(ifname)
+          @interfaces[ifname] ||= Vrrp.new
+        end
+
+        def commit(result)
+          @interfaces.keys.sort.each do |ifname|
+            vrrp = @interfaces[ifname]
+            result.add(self, <<VRRP, Construqt::Resources::Rights::ROOT_0755, "etc", "network", "vrrp.#{ifname}.sh")
+#!/bin/bash
+
+TYPE=$1
+NAME=$2
+STATE=$3
+
+case $STATE in
+        "MASTER")
+#{vrrp.render_masters}
+                  exit 0
+                  ;;
+        "BACKUP")
+#{vrrp.render_backups}
+                  exit 0
+                  ;;
+        *)        echo "unknown state"
+                  exit 1
+                  ;;
+esac
+VRRP
+          end
+        end
+      end
+
+      class Result
+        def initialize(host)
+          @host = host
+          @etc_network_interfaces = EtcNetworkInterfaces.new(self)
+          @etc_network_iptables = EtcNetworkIptables.new
+          @etc_network_vrrp = EtcNetworkVrrp.new
+          @result = {}
+        end
+
+        def etc_network_interfaces
+          @etc_network_interfaces
+        end
+
+        def etc_network_iptables
+          @etc_network_iptables
+        end
+
+        def etc_network_vrrp(ifname)
+          @etc_network_vrrp.get(ifname)
+        end
+
+        def host
+          @host
+        end
+
+        def empty?(name)
+          not @result[name]
+        end
+
+        class ArrayWithRight < Array
+          attr_accessor :right
+          def initialize(right)
+            self.right = right
+          end
+        end
+
+        def add(clazz, block, right, *path)
+          path = File.join(*path)
+          throw "not a right #{path}" unless right.respond_to?('right') && right.respond_to?('owner')
+          unless @result[path]
+            @result[path] = ArrayWithRight.new(right)
+            #binding.pry
+            #@result[path] << [clazz.xprefix(@host)].compact
+          end
+
+          @result[path] << block+"\n"
+        end
+
+        def replace(clazz, block, right, *path)
+          path = File.join(*path)
+          replaced = !!@result[path]
+          @result.delete(path) if @result[path]
+          add(clazz, block, right, *path)
+          replaced
+        end
+
+        def directory_mode(mode)
+          mode = mode.to_i(8)
+          0!=(mode & 06) && (mode = (mode | 01))
+          0!=(mode & 060) && (mode = (mode | 010))
+          0!=(mode & 0600) && (mode = (mode | 0100))
+          "0#{mode.to_s(8)}"
+        end
+
+        def import_fname(fname)
+          '/'+File.dirname(fname)+"/.#{File.basename(fname)}.import"
+        end
+
+        def commit
+          add(EtcNetworkIptables, etc_network_iptables.commitv4, Construqt::Resources::Rights::ROOT_0644, "etc", "network", "iptables.cfg")
+          add(EtcNetworkIptables, etc_network_iptables.commitv6, Construqt::Resources::Rights::ROOT_0644, "etc", "network", "ip6tables.cfg")
+          add(EtcNetworkInterfaces, etc_network_interfaces.commit, Construqt::Resources::Rights::ROOT_0644, "etc", "network", "interfaces")
+          @etc_network_vrrp.commit(self)
+          out = [<<BASH]
+#!/bin/bash
+hostname=`hostname`
+if [ $hostname != "" ]
+then
+  hostname=`grep '^\s*[^#]' /etc/hostname`
+fi
+if [ $hostname != #{@host.name} ]
+then
+ echo 'You try to run a deploy script on a host which has not the right name $hostname != #{@host.name}'
+else
+ echo Configure Host #{@host.name}
+fi
+updates=''
+for i in language-pack-en language-pack-de git aptitude traceroute vlan bridge-utils tcpdump mtr-tiny \\
+bird keepalived strace iptables conntrack openssl racoon ulogd2 ifenslave
+do
+ dpkg -l $i > /dev/null 2> /dev/null
+ if [ $? != 0 ]
+ then
+    updates="$updates $i"
+ fi
+done
+apt-get -qq -y install $updates
+if [ ! -d /root/construqt.git ]
+then
+ echo generate history in /root/construqt.git
+ git init --bare /root/construqt.git
+fi
+BASH
+          out += @result.map do |fname, block|
+            text = block.flatten.select{|i| !(i.nil? || i.strip.empty?) }.join("\n")
+            next if text.strip.empty?
+            Util.write_str(text, @host.name, fname)
+            #          binding.pry
+            #
+            [
+              File.dirname("/#{fname}").split('/')[1..-1].inject(['']) do |res, part|
+                res << File.join(res.last, part); res
+              end.select{|i| !i.empty? }.map do |i|
+                "[ ! -d #{i} ] && mkdir #{i} && chown #{block.right.owner} #{i} && chmod #{directory_mode(block.right.right)} #{i}"
+              end,
+              "openssl enc -base64 -d > #{import_fname(fname)} <<BASE64", Base64.encode64(text), "BASE64",
+              <<BASH]
+chown #{block.right.owner} #{import_fname(fname)}
+chmod #{block.right.right} #{import_fname(fname)}
+if [ ! -f /#{fname} ]
+then
+    mv #{import_fname(fname)} /#{fname}
+    echo created /#{fname} to #{block.right.owner}:#{block.right.right}
+else
+  diff -rq #{import_fname(fname)} /#{fname}
+  if [ $? != 0 ]
+  then
+    mv #{import_fname(fname)} /#{fname}
+    echo updated /#{fname} to #{block.right.owner}:#{block.right.right}
+  else
+    rm #{import_fname(fname)}
+  fi
+  git --git-dir /root/construqt.git --work-tree=/ add /#{fname}
+fi
+BASH
+          end.flatten
+          out += [<<BASH]
+git --git-dir /root/construqt.git config user.name #{ENV['USER']}
+git --git-dir /root/construqt.git config user.email #{ENV['USER']}@construqt.net
+git --git-dir /root/construqt.git --work-tree=/ commit -q -m '#{ENV['USER']} #{`hostname`.strip} "#{`git log --pretty=format:"%h - %an, %ar : %s" -1`.strip.inspect}"' > /dev/null && echo COMMITED
+BASH
+          Util.write_str(out.join("\n"), @host.name, "deployer.sh")
+        end
+      end
+    end
+  end
+end

data/lib/construqt/flavour/ubuntu/flavour_ubuntu_services.rb

@@ -0,0 +1,115 @@
+
+module Construqt
+  module Flavour
+    module Ubuntu
+      module Services
+        class DhcpV4Relay
+          def initialize(service)
+            @service = service
+          end
+
+          def up(ifname)
+            "/usr/sbin/dhcrelay -pf /run/dhcrelay-v4.#{ifname}.pid -d -q -4 -i #{ifname} #{@service.servers.map{|i| i.to_s}.join(' ')}"
+          end
+
+          def down(ifname)
+            "kill `/run/dhcrelay-v4.#{ifname}.pid`"
+          end
+
+          def vrrp(host, ifname, iface)
+            host.result.etc_network_vrrp(iface.name).add_master(up(ifname)).add_backup(down(ifname))
+          end
+
+          def interfaces(host, ifname, iface, writer)
+            #binding.pry
+            return unless iface.address && iface.address.first_ipv4
+            return if @service.servers.empty?
+            writer.lines.up(up(ifname))
+            writer.lines.down(down(ifname))
+          end
+        end
+
+        class DhcpV6Relay
+          def initialize(service)
+            @service = service
+          end
+
+          def up(ifname)
+            "/usr/sbin/dhcrelay -pf /run/dhcrelay-v6.#{ifname}.pid -d -q -6 -i #{ifname} #{@service.servers.map{|i| i.to_s}.join(' ')}"
+          end
+
+          def down(ifname)
+            "kill `/run/dhcrelay-v6.#{ifname}.pid`"
+          end
+
+          def vrrp(host, ifname, iface)
+            host.result.etc_network_vrrp(iface.name).add_master(up(ifname)).add_backup(down(ifname))
+          end
+
+          def interfaces(host, ifname, iface, writer)
+            return unless iface.address && iface.address.first_ipv6
+            return if @service.servers.empty?
+            writer.lines.up(up(ifname))
+            writer.lines.down(down(ifname))
+          end
+        end
+
+        class Radvd
+          def initialize(service)
+            @service = service
+          end
+
+          def up(ifname)
+            "/usr/sbin/radvd -C /etc/network/radvd.#{ifname}.conf -p /run/radvd.#{ifname}.pid"
+          end
+
+          def down(ifname)
+            "kill `cat /run/radvd.#{ifname}.pid`"
+          end
+
+          def vrrp(host, ifname, iface)
+            #binding.pry
+            host.result.etc_network_vrrp(iface.name).add_master(up(ifname)).add_backup(down(ifname))
+          end
+
+          def interfaces(host, ifname, iface, writer)
+            #      binding.pry
+            return unless iface.address && iface.address.first_ipv6
+            writer.lines.up(up(ifname))
+            writer.lines.down(down(ifname))
+            host.result.add(self, <<RADV, Construqt::Resources::Rights::ROOT_0644, "etc", "network", "radvd.#{ifname}.conf")
+interface #{ifname}
+{
+        AdvManagedFlag on;
+        AdvSendAdvert on;
+        AdvOtherConfigFlag on;
+        #AdvAutonomous on;
+        #AdvLinkMTU 1480;
+        #MinRtrAdvInterval 3;
+        #MaxRtrAdvInterval 60;
+        prefix #{iface.address.first_ipv6.network.to_string}
+        {
+                AdvOnLink on;
+                AdvAutonomous off;
+                AdvRouterAddr on;
+        };
+
+};
+RADV
+          end
+        end
+
+        def self.get_renderer(service)
+          factory = {
+            Construqt::Services::DhcpV4Relay => DhcpV4Relay,
+            Construqt::Services::DhcpV6Relay => DhcpV6Relay,
+            Construqt::Services::Radvd => Radvd
+          }
+          found = factory.keys.find{ |i| service.kind_of?(i) }
+          throw "service type unknown #{service.name} #{service.class.name}" unless found
+          factory[found].new(service)
+        end
+      end
+    end
+  end
+end

data/lib/construqt/flavour/ubuntu/flavour_ubuntu_vrrp.rb

@@ -0,0 +1,52 @@
+module Construqt
+  module Flavour
+    module Ubuntu
+
+      class Vrrp < OpenStruct
+        def initialize(cfg)
+          super(cfg)
+        end
+
+        def self.header(host)
+          host.result.add(self, <<GLOBAL, Construqt::Resources::Rights::ROOT_0644, "etc", "keepalived", "keepalived.conf")
+global_defs {
+  lvs_id #{host.name}
+}
+GLOBAL
+        end
+
+        def build_config(host, iface)
+          iface = iface.delegate
+          my_iface = iface.interfaces.find{|iface| iface.host == host }
+          ret = []
+          ret << "vrrp_instance #{iface.name} {"
+          ret << "  state MASTER"
+          ret << "  interface #{my_iface.name}"
+          ret << "  virtual_router_id #{iface.vrid||iface.interfaces.map{|a,b| a.priority<=>b.priority}.first}"
+          ret << "  priority #{my_iface.priority}"
+          ret << "  authentication {"
+          ret << "        auth_type PASS"
+          ret << "        auth_pass fw"
+          ret << "  }"
+          ret << "  virtual_ipaddress {"
+          iface.address.ips.each do |ip|
+            ret << "    #{ip.to_string} dev #{my_iface.name}"
+          end
+
+          ret << "  }"
+          if iface.services && !iface.services.empty?
+            ret << "  notify /etc/network/vrrp.#{iface.name}.sh"
+            writer = host.result.etc_network_interfaces.get(iface)
+            iface.services.each do |service|
+              Services.get_renderer(service).interfaces(host, my_iface.name, my_iface, writer)
+              Services.get_renderer(service).vrrp(host, my_iface.name, iface)
+            end
+          end
+
+          ret << "}"
+          host.result.add(self, ret.join("\n"), Construqt::Resources::Rights::ROOT_0644, "etc", "keepalived", "keepalived.conf")
+        end
+      end
+    end
+  end
+end