dust-deploy 0.16.4 → 0.16.5

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 0ca3ac3d86aaf5370dac1798875626c970efcf4d
+  data.tar.gz: 38e60b7ecbeecd8e4c1727bee0e3bbb588839a23
+SHA512:
+  metadata.gz: 08a8f2270086db219eec7ac306709cb2fceb66596015b99eda4260fb0c50668622bb0d7e389da83693888fd690d7ce11cd18477197c9aa8b1b25889c237482da
+  data.tar.gz: 465f588108249f894792e35dc76f56dab480f209eb34ed604f38f8bdb7ff67b036f50667520b24a080d0533fcfa485ac6d7e4dae9efcf5c84eb36ae00bd4a9bb

data/LICENSE

@@ -631,8 +631,8 @@ to attach them to the start of each source file to most effectively
 state the exclusion of warranty; and each file should have at least
 the "copyright" line and a pointer to where the full notice is found.
 
-    <one line to give the program's name and a brief idea of what it does.>
-    Copyright (C) <year>  <name of author>
+    dust-deploy - a ssh only server deployment tool
+    Copyright (C) 2012  kris kechagia
 
     This program is free software: you can redistribute it and/or modify
     it under the terms of the GNU General Public License as published by
@@ -652,7 +652,7 @@ Also add information on how to contact you by electronic and paper mail.
   If the program does terminal interaction, make it output a short
 notice like this when it starts in an interactive mode:
 
-    <program>  Copyright (C) <year>  <name of author>
+    dust-deploy  Copyright (C) 2012 kris kechagia
     This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
     This is free software, and you are welcome to redistribute it
     under certain conditions; type `show c' for details.

data/README.md

@@ -62,7 +62,7 @@ you should see dust connecting to the node, checking if the requested packages a
 
 ## supported distributions
 
-dust works with **aptitude**, **yum**, **emerge**, **pacman** (since 0.10.3) and **opkg** (since 0.12.0) systems at the moment (testet with recent versions of **ubuntu**, **debian**, **gentoo**, **fedora**, **scientificlinux**, **centos** and **archlinux** as well as **openwrt**). should work on rhel without any problem, too.
+dust works with **apt-get**, **yum**, **emerge**, **pacman** (since 0.10.3) and **opkg** (since 0.12.0) systems at the moment (testet with recent versions of **ubuntu**, **debian**, **gentoo**, **fedora**, **scientificlinux**, **centos** and **archlinux** as well as **openwrt**). should work on rhel without any problem, too.
 
 
 ## contribute

data/changelog.md

@@ -1,6 +1,20 @@
 Changelog
 =============
 
+0.16.5
+------------
+
+-  fixes ppa support in repositories recipe for quantal
+-  removes support for .to_array helper, use Array() instead
+-  removes AcceptEnv directive from sshd default configuration
+-  automatically start postgres on boot
+-  fixes invalid yaml syntax in example (thank you Marcos Alejandro Vanetta)
+-  uses apt-get rather than aptitude (thank you Stuart Ellis)
+-  fails gracefully on debian system without facter [debsecan]  (thank you Stuart Ellis)
+-  uses ubuntu update-manager for system_update (thank you Stuart Ellis)
+
+
+
 0.16.4
 ------------
 

data/dust.gemspec

@@ -1,22 +1,23 @@
 # -*- encoding: utf-8 -*-
 $:.push File.expand_path("../lib", __FILE__)
-require "dust/version"
+require 'dust/version'
 
 Gem::Specification.new do |s|
-  s.name        = "dust-deploy"
+  s.name        = 'dust-deploy'
   s.version     = Dust::VERSION
-  s.authors     = ["kris kechagia"]
-  s.email       = ["kk@rndsec.net"]
-  s.homepage    = ""
+  s.licenses    = 'GPLv3'
+  s.authors     = ['kris kechagia']
+  s.email       = ['kk@rndsec.net']
+  s.homepage    = 'https://github.com/kechagia/dust-deploy'
   s.summary     = %q{small server deployment tool for complex environments}
   s.description = %q{when puppet and chef suck because you want to be in control and sprinkle just cannot do enough for you}
 
-  s.rubyforge_project = "dust-deploy"
+  s.rubyforge_project = 'dust-deploy'
 
   s.files         = `git ls-files`.split("\n")
   s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
   s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
-  s.require_paths = ["lib"]
+  s.require_paths = ['lib']
 
   # specify any dependencies here
   s.add_runtime_dependency 'json'

data/lib/dust/examples/nodes/postgresql.yaml

@@ -8,8 +8,8 @@ recipes:
     dbuser: 'postgres:postgres'
 
     postgresql.conf:
-      listen_addresses: *
-      port: 5432 
+      listen_addresses: '*'
+      port: 5432
       ssl: on
       full_page_writes: on
 
@@ -44,5 +44,6 @@ recipes:
           state: new
           in-interface: eth1
           source: 10.0.0.0/8
-          
+
   rc_local: blockdev --setra 8192 /dev/vda
+

data/lib/dust/examples/templates/duplicity/cronjob.erb

@@ -41,10 +41,10 @@ nice -n $NICE slapcat > /root/.ldap-<%= config['interval'] %> &> /dev/null
 # backup selected directories
 nice -n <%= config['nice'] %> duplicity --archive-dir <%= config['archive'] %> \
   --full-if-older-than <%= config['full-if-older-than'] %> --exclude-device-files / \
-% config['exclude'].to_array.each do |dir|
+% Array(config['exclude']).each do |dir|
   --exclude <%= dir %> \
 % end
-% config['include'].to_array.each do |dir|
+% Array(config['include']).each do |dir|
   --include <%= dir %> \
 % end
   --exclude '**' \

data/lib/dust/helper.rb

@@ -1,10 +1,3 @@
-class Object
-  # turns an object into an array
-  # this is needed, since 1.9 doesnt support "string".to_a and "string".each anymore
-  def to_array
-    Array(self)
-  end
-end
 
 # combines two arrays
 # stolen from Juan Matias (jmrepetti) from stackoverflow.com

data/lib/dust/recipes/apt.rb

@@ -1,7 +1,7 @@
 class Apt < Recipe
-  desc 'apt:deploy', 'configures apt/aptitude'
+  desc 'apt:deploy', 'configures apt'
   def deploy
-    return unless @node.uses_apt? 
+    return unless @node.uses_apt?
 
     @config = default_config.merge @config
 
@@ -11,7 +11,7 @@ class Apt < Recipe
     @config.each do |name, settings|
       @node.messages.add("deploying apt settings #{name}\n")
       conf = ''
-      settings.to_array.each do |setting|
+      Array(settings).each do |setting|
         conf << "#{setting}\n"
       end
 
@@ -65,7 +65,7 @@ class Apt < Recipe
     end
 
     return if config.is_a? FalseClass or config == 'disabled'
-    
+
     @node.messages.add("deploying proxy configuration\n")
     proxy = "Acquire::http::Proxy \"#{config}\";\n"
 

data/lib/dust/recipes/debsecan.rb

@@ -1,45 +1,41 @@
 class Debsecan < Recipe
   desc 'debsecan:deploy', 'installs and configures debian security package "debsecan"'
   def deploy
+    return @node.messages.add('os not supported').failed() unless @node.is_debian?
     @node.collect_facts
+    @node.install_package 'debsecan'
 
-    if @node.is_debian?
-      @node.install_package 'debsecan'
+    msg = @node.messages.add('configuring debsecan')
 
-      msg = @node.messages.add('configuring debsecan')
+    # if config is simply set to "true", use defaults
+    config = {} unless config.is_a? Hash
 
-      # if config is simply set to "true", use defaults
-      config = {} unless config.is_a? Hash
+    # setting default config variables (unless already set)
+    config['report'] ||= false
+    config['mailto'] ||= 'root'
+    config['source'] ||= ''
 
-      # setting default config variables (unless already set)
-      config['report'] ||= false
-      config['mailto'] ||= 'root'
-      config['source'] ||= ''
+    config_file = ''
 
-      config_file = ''
+    # configures whether daily reports are sent
+    config_file << "# If true, enable daily reports, sent by email.\n" +
+                   "REPORT=#{config['report'].to_s}\n\n"
 
-      # configures whether daily reports are sent
-      config_file << "# If true, enable daily reports, sent by email.\n" +
-                     "REPORT=#{config['report'].to_s}\n\n"
+    # configures the suite
+    config_file << "# For better reporting, specify the correct suite here, using the code\n" +
+                   "# name (that is, \"sid\" instead of \"unstable\").\n" +
+                   "SUITE=#{@node['lsbdistcodename']}\n\n"
 
-      # configures the suite
-      config_file << "# For better reporting, specify the correct suite here, using the code\n" +
-                     "# name (that is, \"sid\" instead of \"unstable\").\n" +
-                     "SUITE=#{@node['lsbdistcodename']}\n\n"
+    # which user gets the reports?
+    config_file << "# Mail address to which reports are sent.\n" +
+                   "MAILTO=#{config['mailto']}\n\n"
 
-      # which user gets the reports?
-      config_file << "# Mail address to which reports are sent.\n" +
-                     "MAILTO=#{config['mailto']}\n\n"
+    # set vulnerability source
+    config_file << "# The URL from which vulnerability data is downloaded.  Empty for the\n" +
+                   "# built-in default.\n" +
+                   "SOURCE=#{config['source']}\n\n"
 
-      # set vulnerability source
-      config_file << "# The URL from which vulnerability data is downloaded.  Empty for the\n" +
-                     "# built-in default.\n" +
-                     "SOURCE=#{config['source']}\n\n"
-
-      @node.write '/etc/default/debsecan', config_file, :quiet => true
-      msg.ok
-    else
-      msg.failed('os not supported')
-    end
+    @node.write '/etc/default/debsecan', config_file, :quiet => true
+    msg.ok
   end
 end

data/lib/dust/recipes/dnsmasq.rb

@@ -12,7 +12,7 @@ class Dnsmasq < Recipe
       # this will be translated to
       # server=nameserver1
       # server=/yourdomain/yournameserver/
-      values.to_array.each do |value|
+      Array(values).each do |value|
 
         # dnsmasq has some settings which are just set without a value
         # in the node.yaml, this has to be specified using e.g.

data/lib/dust/recipes/dovecot.rb

@@ -9,7 +9,7 @@ class Dovecot < Recipe
     package = @config.delete('package')
     etc_dir = @config.delete('etc_dir')
 
-    package.to_array.each do |pkg|
+    Array(package).each do |pkg|
       return unless @node.install_package(pkg)
     end
 

data/lib/dust/recipes/duplicity.rb

@@ -53,7 +53,7 @@ class Duplicity < Recipe
 
       # adjust and upload cronjob
       @node.messages.add("adjusting and deploying cronjob (scenario: #{scenario}, interval: #{config['interval']})\n")
-      config['options'].to_array.each { |option| @node.messages.add("adding option: #{option}", :indent => 2).ok }
+      Array(config['options']).each { |option| @node.messages.add("adding option: #{option}", :indent => 2).ok }
 
       @node.deploy_file "#{@template_path}/cronjob", cronjob_path, :binding => binding
 

data/lib/dust/recipes/iptables.rb

@@ -221,7 +221,7 @@ class Iptables < Recipe
     sorted = []
     rule.each do |r|
       # sort rules so it makes sense
-      r = r.to_array.sort_by do |x|
+      r = Array(r).sort_by do |x|
         if x.include? '--match'
           -1
           elsif x.include? '--protocol'

data/lib/dust/recipes/limits.rb

@@ -17,7 +17,7 @@ class Limits < Recipe
     @config.each do |name, rules|
       limits_conf = ''
       @node.messages.add("assembling system limits according to rule '#{name}'\n")
-      rules.to_array.each do |rule|
+      Array(rules).each do |rule|
 
         # check if entry is valid
         unless rule['domain']

data/lib/dust/recipes/nginx.rb

@@ -8,7 +8,7 @@ class Nginx < Recipe
     @config['user'] ||= 'nginx' if @node.uses_rpm?
     @config['user'] ||= 'www-data' if @node.uses_apt?
 
-    @config['package'].to_array.each do |package|
+    Array(@config['package']).each do |package|
       return unless @node.install_package(package)
     end
 
@@ -24,7 +24,7 @@ class Nginx < Recipe
     msg.ok
 
     @config['sites'].each do |state, sites|
-      sites.to_array.each do |site|
+      Array(sites).each do |site|
         @node.deploy_file("#{@template_path}/sites/#{site}", "/etc/nginx/sites-available/#{site}", :binding => binding)
 
         # symlink to sites-enabled if this is listed as an enabled site

data/lib/dust/recipes/packages.rb

@@ -1,7 +1,7 @@
 class Packages < Recipe
   desc 'packages:deploy', 'installs packages'
   def deploy
-    @config.to_array.each do |package|
+    Array(@config).each do |package|
       @node.install_package(package)
     end
   end

data/lib/dust/recipes/postfix.rb

@@ -4,7 +4,7 @@ class Postfix < Recipe
     @config = default_config.merge @config
     @config.boolean_to_string! # parse 'no/yes' as string, not as boolean
 
-    @config['package'].to_array.each do |package|
+    Array(@config['package']).each do |package|
       return unless @node.install_package(package)
     end
 
@@ -26,7 +26,7 @@ class Postfix < Recipe
                      "#{s['unpriv']}\t#{s['chroot']}\t#{s['wakeup']}\t" +
                      "#{s['maxproc']}\t#{s['command']}\n"
         if s['args']
-          s['args'].to_array.each { |a|  master_cf << "  #{a}\n" }
+          Array(s['args']).each { |a|  master_cf << "  #{a}\n" }
           master_cf << "\n"
         end
       end

data/lib/dust/recipes/postgres.rb

@@ -25,15 +25,18 @@ class Postgres < Recipe
     set_permissions
 
     # configure pacemaker profile
-    if @config['profile'].to_array.include?('pacemaker')
+    if Array(@config['profile']).include?('pacemaker')
       deploy_pacemaker_script if @node.package_installed?('pacemaker')
     end
 
     # configure zabbix profile
-    if @config['profile'].to_array.include?('zabbix')
+    if Array(@config['profile']).include?('zabbix')
       configure_for_zabbix if zabbix_installed?
     end
 
+    # enable service to start at boot-time
+    @node.autostart_service(@config['service_name'])
+
     # reload/restart postgres if command line option is given
     @node.restart_service(@config['service_name']) if options.restart?
     @node.reload_service(@config['service_name']) if options.reload?
@@ -140,7 +143,7 @@ class Postgres < Recipe
     @config['postgresql.conf'] = default_postgres_conf.merge(@config['postgresql.conf'])
 
     # calculate values if dedicated profile is given
-    profile_dedicated if @config['profile'].to_array.include?('dedicated')
+    profile_dedicated if Array(@config['profile']).include?('dedicated')
 
     postgresql_conf = ''
     @config['postgresql.conf'].each do |key, value|

data/lib/dust/recipes/rc_local.rb

@@ -6,7 +6,7 @@ class RcLocal < Recipe
       @node.messages.add("configuring custom startup script\n")
 
       rc = ''
-      @config.to_array.each do |cmd|
+      Array(@config).each do |cmd|
         msg = @node.messages.add("adding command: #{cmd}", :indent => 2)
         rc << "#{cmd}\n"
         msg.ok

data/lib/dust/recipes/repositories.rb

@@ -1,5 +1,5 @@
 class Repositories < Recipe
-  desc 'repositories:deploy', 'configures package management repositories (aptitude, yum)'
+  desc 'repositories:deploy', 'configures package management repositories (apt-get, yum)'
   def deploy
     return unless @node.collect_facts
 
@@ -55,7 +55,7 @@ class Repositories < Recipe
 
     repo['release'] ||= @node['lsbdistcodename']
     repo['components'] ||= [ 'main' ]
-    repo['components'] = repo['components'].to_array.join(' ')
+    repo['components'] = Array(repo['components']).join(' ')
 
     # ||= doesn't work for booleans
     repo['source'] = repo['source'].nil? ? true : repo['source']
@@ -96,7 +96,12 @@ class Repositories < Recipe
   end
 
   def add_ppa(repo)
-    return false unless @node.install_package('python-software-properties', :indent => 2)
+    if @node['lsbdistrelease'].to_f >= 12.10
+      return false unless @node.install_package('software-properties-common', :indent => 2)
+    else
+      return false unless @node.install_package('python-software-properties', :indent => 2)
+    end
+
     msg = @node.messages.add('running add-apt-repository', :indent => 2)
     cmd = "add-apt-repository -y ppa:#{repo['ppa']}"
     if repo['keyserver']
@@ -109,7 +114,7 @@ class Repositories < Recipe
   def generate_repo(repo)
     # add url to sources.list
     sources = ''
-    repo['release'].to_array.each do |release|
+    Array(repo['release']).each do |release|
       sources << "deb #{repo['url']} #{release} #{repo['components']}\n" if repo['binary']
       sources << "deb-src #{repo['url']} #{release} #{repo['components']}\n" if repo['source']
     end

data/lib/dust/recipes/resolv_conf.rb

@@ -30,7 +30,7 @@ class ResolvConf < Recipe
       msg.ok
     end
 
-    @config['nameservers'].to_array.each do |nameserver|
+    Array(@config['nameservers']).each do |nameserver|
       msg = @node.messages.add("adding nameserver #{nameserver}", :indent => 2)
       config_file << "nameserver #{nameserver}\n"
       msg.ok

data/lib/dust/recipes/skel.rb

@@ -1,7 +1,7 @@
 class Skel < Recipe
   desc 'skel:deploy', 'copy default configuration files to users home directory'
   def deploy
-    @config.to_array.each do |user|
+    Array(@config).each do |user|
       home = @node.get_home(user)
       unless home
         @node.messages.add("couldn't find home directory for user #{user}").failed
@@ -12,7 +12,7 @@ class Skel < Recipe
       Dir["#{@template_path}/.*"].each do |file|
         next unless File.file?(file)
         @node.deploy_file(file, "#{home}/#{File.basename(file)}", { :binding => binding, :indent => 2 })
-        @node.chown("#{user}:#{@node.get_gid(user)}", "#{home}/#{File.basename(file)}")
+        @node.chown("#{user}:#{@node.get_gid(user)}", "#{home}/#{File.basename(file)}", :indent => 2)
       end
     end
   end

data/lib/dust/recipes/ssh_config.rb

@@ -37,10 +37,10 @@ class Ssh_config < Recipe
       if value.is_a? Hash
         ssh_config << "#{key}\n"
         value.each do |k, v|
-          v.to_array.each { |x| ssh_config << "    #{k} #{x}\n" }
+          Array(v).each { |x| ssh_config << "    #{k} #{x}\n" }
         end
       else
-        value.to_array.each { |x| ssh_config << "#{key} #{x}\n" }
+        Array(value).each { |x| ssh_config << "#{key} #{x}\n" }
       end
     end
     ssh_config