dust-deploy 0.4.3 → 0.4.4

data/changelog.md

@@ -1,6 +1,14 @@
 Changelog
 =============
 
+0.4.4
+------------
+
+sshd recipe
+-  default PrintMotd to false on apt systems (will be displayed 2 times otherwise)
+-  no and yes can be specified in config file, without getting converted to booleans automatically 
+
+
 0.4.3
 ------------
 

data/lib/dust/helper.rb

@@ -15,9 +15,8 @@ class Array
   end
 end
 
-# stole this from rails
-# https://github.com/rails/rails/blob/c0262827cacc1baf16668af65c35a09138166394/activesupport/lib/active_support/core_ext/hash/deep_merge.rb
 class Hash
+  # stole this from rails
   # Returns a new hash with +self+ and +other_hash+ merged recursively.
   def deep_merge(other_hash)
     dup.deep_merge!(other_hash)
@@ -33,26 +32,33 @@ class Hash
     self
   end
 
+  
   # converts each value to an array, so .each and .combine won't get hickups
   def values_to_array!
-    self.each { |k, v| self[k] = [ self[k] ] unless self[k].is_a? Array }
+    self.keys.each { |k| self[k] = [ self[k] ] unless self[k].is_a? Array }    
   end
+  
+  # converts each value that is a boolean to 'yes' resp. 'no' strings
+  def boolean_to_string!
+    self.each { |k, v| self[k] = v ? 'yes' : 'no' if v.is_a? TrueClass or v.is_a? FalseClass }
+  end 
 end
 
-# stole this from Afz902k who posted something similar at stackoverflow.com
-# adds ability to check if a class with the name of a string exists
+
 class String
-    def to_class
-        Kernel.const_get self.capitalize
-    rescue NameError 
-        nil
-    end
+  # stole this from Afz902k who posted something similar at stackoverflow.com
+  # adds ability to check if a class with the name of a string exists  
+  def to_class
+    Kernel.const_get self.capitalize
+  rescue NameError 
+    nil
+  end
 
-    def is_a_defined_class?
-        true if self.to_class
-    rescue NameError
-        false
-    end
+  def is_a_defined_class?
+    true if self.to_class
+  rescue NameError
+    false
+  end
 end
 
 

data/lib/dust/recipes/iptables.rb

@@ -69,7 +69,7 @@ class Iptables < Recipe
         rule['table'] ||= ['filter']
         rule['jump'] ||= ['ACCEPT']
         rule['protocol'] ||= ['tcp'] if rule['dport'] or rule['sport']
-        rule.each { |k, v| rule[k] = [ rule[k] ] unless rule[k].is_a? Array }
+        rule.values_to_array!
       end
     end
   end

data/lib/dust/recipes/repositories.rb

@@ -3,90 +3,107 @@ class Repositories < Recipe
   def deploy
     @node.collect_facts
 
-    if @node.uses_apt? :quiet=>false
-      :: Dust.print_msg 'deleting old repositories'
-      @node.rm '/etc/apt/sources.list.d/*.list', :quiet => true
-      ::Dust.print_ok 
-
-      puts
-      @config.each do |name, repo|
-
-        # if repo is present but not a hash use defaults
-        repo = {} unless repo.is_a? Hash
-
-        # setting defaults
-        repo['url'] ||= 'http://ftp.debian.org/debian/' if @node.is_debian?
-        repo['url'] ||= 'http://archive.ubuntu.com/ubuntu/' if @node.is_ubuntu?
-   
-        repo['release'] ||= @node['lsbdistcodename']
-        repo['components'] ||= 'main'
-
-        # ||= doesn't work for booleans
-        repo['source'] = repo['source'].nil? ? true : repo['source']
-        repo['binary'] = repo['binary'].nil? ? true : repo['binary']
-
-        # the default repository in /etc/apt/sources.list (debian)
-        if name == 'default'
-          ::Dust.print_msg 'deploying default repository'
-
-          sources = ''
-          sources += "deb #{repo['url']} #{repo['release']} #{repo['components']}\n" +
-                     "deb-src #{repo['url']} #{repo['release']} #{repo['components']}\n\n"
-
-          # security
-          if @node.is_debian?
-            sources += "deb http://security.debian.org/ #{repo['release']}/updates #{repo['components']}\n" +
-                       "deb-src http://security.debian.org/ #{repo['release']}/updates #{repo['components']}\n\n"
-          elsif @node.is_ubuntu?
-            sources += "deb http://security.ubuntu.com/ubuntu/ #{repo['release']}-security #{repo['components']}\n" +
-                       "deb-src http://security.ubuntu.com/ubuntu/ #{repo['release']}-security #{repo['components']}\n\n"
-          end
-
-          # updates
-          sources += "deb #{repo['url']} #{repo['release']}-updates #{repo['components']}\n" +
-                     "deb-src #{repo['url']} #{repo['release']}-updates #{repo['components']}\n\n"
-
-          # proposed
-          if @node.is_ubuntu?
-            sources += "deb #{repo['url']} #{repo['release']}-proposed #{repo['components']}\n" +
-                       "deb-src #{repo['url']} #{repo['release']}-proposed #{repo['components']}\n\n"
-          end
-
-          # backports is enabled per default in ubuntu oneiric
-          if @node.is_ubuntu?
-            sources += "deb #{repo['url']} #{repo['release']}-backports #{repo['components']}\n" +
-                       "deb-src #{repo['url']} #{repo['release']}-backports #{repo['components']}\n\n"
-          end
-
-          ::Dust.print_result @node.write('/etc/apt/sources.list', sources, :quiet => true)
-
-        else
-          # add url to sources.list
-          sources = ''
-          sources += "deb #{repo['url']} #{repo['release']} #{repo['components']}\n" if repo['binary']
-          sources += "deb-src #{repo['url']} #{repo['release']} #{repo['components']}\n" if repo['source']
-
-          ::Dust.print_msg "adding repository '#{name}' to sources"
-          ::Dust.print_result @node.write("/etc/apt/sources.list.d/#{name}.list", sources, :quiet => true)
-
-          # add the repository key
-          if repo['key']
-            ::Dust.print_msg "adding #{name} repository key"
-            ::Dust.print_result @node.exec("wget -O- '#{repo['key']}' | apt-key add -")[:exit_code]
-          end
-        end
+    delete_old_repositories
+    deploy_repositories
+    
+    # fetch new stuff
+    puts
+    @node.update_repos if options.restart? or options.reload?        
+  end
+  
+  
+  private
+  
+  # deletes all .list files under /etc/apt/sources.list.d
+  def delete_old_repositories
+    :: Dust.print_msg 'deleting old repositories'
+    @node.rm '/etc/apt/sources.list.d/*.list', :quiet => true if @node.uses_apt?
+    ::Dust.print_ok     
+  end
+  
+  def deploy_repositories
+    @config.each do |name, repo|
+
+      # if repo is present but not a hash use defaults
+      repo = {} unless repo.is_a? Hash
+
+      merge_with_default_settings repo
+      
+      # the default repository in /etc/apt/sources.list (debian)
+      if name == 'default'
+        ::Dust.print_msg 'deploying default repository'        
+        sources = generate_default_repo repo 
+        ::Dust.print_result @node.write('/etc/apt/sources.list', sources, :quiet => true)        
+      else
+        ::Dust.print_msg "adding repository '#{name}' to sources"        
+        sources = generate_repo repo
+        ::Dust.print_result @node.write("/etc/apt/sources.list.d/#{name}.list", sources, :quiet => true)        
+        add_repo_key name, repo
       end
+    end
+  end
 
-    elsif @node.uses_rpm? :quiet=>false
-      ::Dust.print_failed 'rpm not yet supported'
-
-    else
-      ::Dust.print_failed 'os not supported'
+  # merge repo configuration with default settings
+  def merge_with_default_settings repo
+    # setting defaults
+    repo['url'] ||= 'http://ftp.debian.org/debian/' if @node.is_debian?
+    repo['url'] ||= 'http://archive.ubuntu.com/ubuntu/' if @node.is_ubuntu?
+    
+    repo['release'] ||= @node['lsbdistcodename']
+    repo['components'] ||= 'main'
+    
+    # ||= doesn't work for booleans
+    repo['source'] = repo['source'].nil? ? true : repo['source']
+    repo['binary'] = repo['binary'].nil? ? true : repo['binary']
+  end  
+  
+  def generate_default_repo repo
+    sources = ''
+    sources.concat "deb #{repo['url']} #{repo['release']} #{repo['components']}\n"
+    sources.concat "deb-src #{repo['url']} #{repo['release']} #{repo['components']}\n\n"
+    
+    # security
+    if @node.is_debian?
+      sources.concat "deb http://security.debian.org/ #{repo['release']}/updates #{repo['components']}\n"
+      sources.concat "deb-src http://security.debian.org/ #{repo['release']}/updates #{repo['components']}\n\n"
+    elsif @node.is_ubuntu?
+      sources.concat "deb http://security.ubuntu.com/ubuntu/ #{repo['release']}-security #{repo['components']}\n"
+      sources.concat "deb-src http://security.ubuntu.com/ubuntu/ #{repo['release']}-security #{repo['components']}\n\n"
+    end
+    
+    # updates
+    sources.concat "deb #{repo['url']} #{repo['release']}-updates #{repo['components']}\n"
+    sources.concat "deb-src #{repo['url']} #{repo['release']}-updates #{repo['components']}\n\n"
+    
+    # proposed
+    if @node.is_ubuntu?
+      sources.concat "deb #{repo['url']} #{repo['release']}-proposed #{repo['components']}\n"
+      sources.concat "deb-src #{repo['url']} #{repo['release']}-proposed #{repo['components']}\n\n"
+    end
+    
+    # backports is enabled per default in ubuntu oneiric
+    if @node.is_ubuntu?
+      sources.concat "deb #{repo['url']} #{repo['release']}-backports #{repo['components']}\n"
+      sources.concat "deb-src #{repo['url']} #{repo['release']}-backports #{repo['components']}\n\n"
     end
 
-    # fetch new stuff
-    puts
-    @node.update_repos if options.restart? or options.reload?
+    sources
+  end
+  
+  def generate_repo repo
+    # add url to sources.list
+    sources = ''
+    sources.concat "deb #{repo['url']} #{repo['release']} #{repo['components']}\n" if repo['binary']
+    sources.concat "deb-src #{repo['url']} #{repo['release']} #{repo['components']}\n" if repo['source']
+    sources
+  end
+  
+  def add_repo_key name, repo
+    # add the repository key
+    if repo['key']
+      ::Dust.print_msg "adding #{name} repository key"
+      ::Dust.print_result @node.exec("wget -O- '#{repo['key']}' | apt-key add -")[:exit_code]
+    end
   end
 end
 

data/lib/dust/recipes/ssh_authorized_keys.rb

@@ -3,55 +3,67 @@ require 'yaml'
 class SshAuthorizedKeys < Recipe
   desc 'ssh_authorized_keys:deploy', 'configures ssh authorized_keys'
   def deploy
-    # load users and their ssh keys from yaml file
-    users = YAML.load_file "#{@template_path}/users.yaml"
 
-    authorized_keys = {}
     @config.each do |remote_user, ssh_users|
       ::Dust.print_msg "generating authorized_keys for #{remote_user}\n"
-      authorized_keys = ''
-
-      # create the authorized_keys hash for this user
-      ssh_users.each do |ssh_user|
-        users[ssh_user]['name'] ||= ssh_user
-        ::Dust.print_msg "adding user #{users[ssh_user]['name']}", :indent => 2
-        users[ssh_user]['keys'].each do |key|
-          authorized_keys += "#{key}"
-          authorized_keys += " #{users[ssh_user]['name']}" if users[ssh_user]['name']
-          authorized_keys += " <#{users[ssh_user]['email']}>" if users[ssh_user]['email']
-          authorized_keys += "\n"
-        end
+      authorized_keys = generate_authorized_keys ssh_users
+      deploy_authorized_keys remote_user, authorized_keys
+      puts
+    end
+  end
+  
+  
+  private
 
-        ::Dust.print_ok
+  def generate_authorized_keys ssh_users
+    # load users and their ssh keys from yaml file
+    users = YAML.load_file "#{@template_path}/users.yaml"    
+    authorized_keys = ''
+    
+    # create the authorized_keys hash for this user
+    ssh_users.each do |ssh_user|
+      users[ssh_user]['name'] ||= ssh_user
+      ::Dust.print_msg "adding user #{users[ssh_user]['name']}", :indent => 2
+      users[ssh_user]['keys'].each do |key|
+        authorized_keys.concat"#{key}"
+        authorized_keys.concat " #{users[ssh_user]['name']}" if users[ssh_user]['name']
+        authorized_keys.concat " <#{users[ssh_user]['email']}>" if users[ssh_user]['email']
+        authorized_keys.concat "\n"
       end
+      ::Dust.print_ok
+    end
 
-      # create user, if not existent
-      next unless @node.create_user remote_user
-
-      # check and create necessary directories
-      next unless @node.mkdir("~#{remote_user}/.ssh")
-
-      # deploy authorized_keys
-      next unless @node.write "~#{remote_user}/.ssh/authorized_keys", authorized_keys
-
-      # check permissions
-      @node.chown "#{remote_user}:#{remote_user}", "~#{remote_user}/.ssh"
-      @node.chmod '0644', "~#{remote_user}/.ssh/authorized_keys"
-
-
-      # TODO: add this option
-      # remove authorized_keys files for all other users
-      if options.cleanup?
-        ::Dust.print_msg "deleting other authorized_keys files\n"
-        @node.get_system_users(:quiet => true).each do |user|
-          next if users.keys.include? user
-          if @node.file_exists? "~#{user}/.ssh/authorized_keys", :quiet => true
-            @node.rm "~#{user}/.ssh/authorized_keys", :indent => 2
-           end
+    authorized_keys    
+  end
+  
+  # deploy the authorized_keys file for this user
+  # creating user if not existent
+  def deploy_authorized_keys user, authorized_keys
+    # create user, if not existent
+    next unless @node.create_user user
+    
+    # check and create necessary directories
+    next unless @node.mkdir("~#{user}/.ssh")
+    
+    # deploy authorized_keys
+    next unless @node.write "~#{user}/.ssh/authorized_keys", authorized_keys
+    
+    # check permissions
+    @node.chown "#{user}:#{user}", "~#{user}/.ssh"
+    @node.chmod '0644', "~#{user}/.ssh/authorized_keys"    
+  end
+  
+  # remove authorized_keys files for all other users  
+  # TODO: add this option  
+  def cleanup
+    if options.cleanup?
+      ::Dust.print_msg "deleting other authorized_keys files\n"
+      @node.get_system_users(:quiet => true).each do |user|
+        next if users.keys.include? user
+        if @node.file_exists? "~#{user}/.ssh/authorized_keys", :quiet => true
+          @node.rm "~#{user}/.ssh/authorized_keys", :indent => 2
         end
       end
-
-      puts
     end
   end
 end

data/lib/dust/recipes/sshd.rb

@@ -34,6 +34,7 @@ class Sshd < Recipe
   end
 
   def generate_default_config
+    @config.boolean_to_string!
     @config = default_config.merge @config
 
     unless @config['sftp']
@@ -45,6 +46,10 @@ class Sshd < Recipe
       @config['SyslogFacility'] ||= 'AUTHPRIV'
       @config['GSSAPIAuthentication'] ||= 'yes'
     end
+
+    if @node.uses_apt?
+      @config['PrintMotd'] ||= 'no'
+    end
   end
 
   def apply_configuration

data/lib/dust/version.rb

@@ -1,3 +1,3 @@
 module Dust
-  VERSION = "0.4.3"
+  VERSION = "0.4.4"
 end

metadata

@@ -5,8 +5,8 @@ version: !ruby/object:Gem::Version
   segments: 
   - 0
   - 4
-  - 3
-  version: 0.4.3
+  - 4
+  version: 0.4.4
 platform: ruby
 authors: 
 - kris kechagia
@@ -14,7 +14,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2012-01-19 00:00:00 +01:00
+date: 2012-01-20 00:00:00 +01:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency