dust-deploy 0.9.2 → 0.10.0

data/bin/dust

@@ -4,6 +4,7 @@ require 'rubygems'
 require 'thor/runner'
 require 'thor/util'
 require 'yaml'
+require 'erb'
 require 'fileutils'
 require 'ipaddress'
 require 'dust'
@@ -186,7 +187,7 @@ module  Dust
       end
 
       yaml_files.to_array.each do |file|
-        node = YAML.load_file(file)
+        node = YAML.load ERB.new( File.read(file), nil, '%<>').result
 
         # if the file is empty, just skip it
         next unless node
@@ -200,7 +201,7 @@ module  Dust
         if node['inherits']
           inherited = {}
           node.delete('inherits').each do |file|
-            template = YAML.load_file "./nodes/#{file}.yaml"
+            template = YAML.load ERB.new( File.read("./nodes/#{file}.yaml"), nil, '%<>').result
             inherited.deep_merge! template
           end
           node = inherited.deep_merge node

data/changelog.md

@@ -1,6 +1,42 @@
 Changelog
 =============
 
+0.10.0
+------------
+
+-  it is now possible to use ERB codes in your yaml configuration files.
+
+    <% user = john %>
+
+    hostname: <%= user %>-notebook
+
+    recipes:
+      ssh_authorized_keys:
+        <%= user %>: admin
+
+-  unattended upgrade recipe was removed in favor of the new apt recipe
+-  postgres recipe: now adds a log_line_prefix as default
+                    also accepts empty postgresql.conf in yaml configuration
+-  apt recipe now looks for present proxy configurations and comments them out before applying new config
+-  adds apt recipe to configure apt systems (unattended upgrades, proxy configuration, etc)
+   you have to migrate your existing unattended_upgrade recipe from:
+
+    recipes:
+      unattended_upgrades: true
+
+   to:
+ 
+    recipes:
+      apt:
+        unattended_upgrades:
+          enabled: 1
+
+   or simply, in case you do not need other apt options (as enabling unattended_upgrades is the default):
+
+    recipes:
+      apt: enabled
+
+
 0.9.2
 ------------
 

data/dust.gemspec

@@ -18,9 +18,8 @@ Gem::Specification.new do |s|
   s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
   s.require_paths = ["lib"]
 
-  # specify any dependencies here; for example:
-  # s.add_development_dependency "rspec"
-  # s.add_runtime_dependency "rest-client"
+  # specify any dependencies here
+  s.add_runtime_dependency 'json'
   s.add_runtime_dependency 'net-ssh'
   s.add_runtime_dependency 'net-scp'
   s.add_runtime_dependency 'net-sftp'

data/lib/dust/print_status.rb

@@ -13,7 +13,7 @@ module Dust
   $stdout.sync = true # autoflush
 
   def self.print_result ret, options={:quiet => false, :indent => 1}
-    if ret == 0 or ret == true
+    if ret == 0 or ret.is_a? TrueClass
       print_ok '', options
       return true
     else

data/lib/dust/recipes/apt.rb

@@ -0,0 +1,74 @@
+class Apt < Recipe
+  desc 'apt:deploy', 'configures apt/aptitude'
+  def deploy
+    return unless @node.uses_apt? 
+
+    @config = default_config.merge @config
+
+    unattended_upgrades @config.delete('unattended_upgrades')
+    proxy @config.delete('proxy')
+
+    @config.each do |name, settings|
+      ::Dust.print_msg "deploying apt settings #{name}\n"
+      conf = ''
+      settings.to_array.each do |setting|
+        conf << "#{setting}\n"
+      end
+
+      @node.write "/etc/apt/apt.conf.d/#{name}", conf, :indent => 2
+    end
+  end
+
+
+  private
+  def default_config
+    {
+      'unattended_upgrades' => {
+        'enable' => 1,
+        'update-package-lists' => 1,
+        'unattended-upgrade' => 1,
+        'autocleaninterval' => 1,
+        'verbose' => 0
+      },
+
+      'proxy' => 'disabled'
+    }
+  end
+
+  def unattended_upgrades config
+    return if config.is_a? FalseClass or config == 'disabled'
+
+    @node.install_package 'unattended-upgrades'
+
+    ::Dust.print_msg "deploying unattended upgrades configuration\n"
+    periodic = ''
+    periodic << "APT::Periodic::Enable \"#{config['enable']}\";\n"
+    periodic << "APT::Periodic::Update-Package-Lists \"#{config['update-package-lists']}\";\n"
+    periodic << "APT::Periodic::Unattended-Upgrade \"#{config['unattended-upgrade']}\";\n"
+    periodic << "APT::Periodic::AutocleanInterval \"#{config['autocleaninterval']}\";\n"
+    periodic << "APT::Periodic::Verbose \"#{config['verbose']}\";\n"
+
+    @node.write '/etc/apt/apt.conf.d/02periodic', periodic, :indent => 2
+  end
+
+  def proxy config
+    # look for already configured proxy and delete
+    files = @node.exec("grep -v '^#' /etc/apt/ -R |grep -i 'acquire::http::proxy' |cut -d: -f1")[:stdout]
+    files.each_line do |file|
+      file.chomp!
+
+      # skip 02proxy, because we're going to overwrite it anyways
+      next if file == '/etc/apt/apt.conf.d/02proxy'
+
+      ::Dust.print_warning "found proxy configuration in file #{file}, commenting out"
+      @node.exec "sed -i 's/^\\(acquire::http::proxy.*\\)/#\\1/i' #{file}"
+    end
+
+    return if config.is_a? FalseClass or config == 'disabled'
+    
+    ::Dust.print_msg "deploying proxy configuration\n"
+    proxy = "Acquire::http::Proxy \"#{config}\";\n"
+
+    @node.write '/etc/apt/apt.conf.d/02proxy', proxy, :indent => 2
+  end
+end

data/lib/dust/recipes/debsecan.rb

@@ -19,20 +19,20 @@ class Debsecan < Recipe
       config_file = ''
 
       # configures whether daily reports are sent
-      config_file += "# If true, enable daily reports, sent by email.\n" +
+      config_file << "# If true, enable daily reports, sent by email.\n" +
                      "REPORT=#{config['report'].to_s}\n\n"
      
       # configures the suite
-      config_file += "# For better reporting, specify the correct suite here, using the code\n" +
+      config_file << "# For better reporting, specify the correct suite here, using the code\n" +
                      "# name (that is, \"sid\" instead of \"unstable\").\n" +
                      "SUITE=#{@node['lsbdistcodename']}\n\n"
 
       # which user gets the reports?
-      config_file += "# Mail address to which reports are sent.\n" +
+      config_file << "# Mail address to which reports are sent.\n" +
                      "MAILTO=#{config['mailto']}\n\n"
 
       # set vulnerability source
-      config_file += "# The URL from which vulnerability data is downloaded.  Empty for the\n" +
+      config_file << "# The URL from which vulnerability data is downloaded.  Empty for the\n" +
                      "# built-in default.\n" +
                      "SOURCE=#{config['source']}\n\n"
 

data/lib/dust/recipes/duplicity.rb

@@ -77,7 +77,7 @@ class Duplicity < Recipe
             "--archive-dir #{config['archive']} " +
             "#{File.join(config['backend'], config['directory'])}"
 
-      cmd += " |tail -n3 |head -n1" unless options.long?
+      cmd << " |tail -n3 |head -n1" unless options.long?
 
       ret = @node.exec cmd
 

data/lib/dust/recipes/iptables.rb

@@ -61,10 +61,10 @@ class Iptables < Recipe
 
     @tables['ipv' + @ip_version.to_s].keys.each do |table|
       # clear all rules
-      @script.concat "--flush --table #{table}\n"
+      @script << "--flush --table #{table}\n"
 
       # delete all custom chains
-      @script.concat "--delete-chain --table #{table}\n" unless @node.uses_rpm?
+      @script << "--delete-chain --table #{table}\n" unless @node.uses_rpm?
     end
   end
 
@@ -87,7 +87,7 @@ class Iptables < Recipe
   # generates all iptables rules
   def generate_all_rules
     @tables['ipv' + @ip_version.to_s].each do |table, chains|
-      @script.concat "*#{table}\n" if @node.uses_rpm?
+      @script << "*#{table}\n" if @node.uses_rpm?
       set_chain_policies table
       generate_rules_for_table table
     end
@@ -103,9 +103,9 @@ class Iptables < Recipe
       policy = get_chain_policy table, chain
 
       if @node.uses_rpm?
-        @script.concat ":#{chain.upcase} #{policy} [0:0]\n"
+        @script << ":#{chain.upcase} #{policy} [0:0]\n"
       else
-        @script.concat "--table #{table} --policy #{chain.upcase} #{policy}\n"
+        @script << "--table #{table} --policy #{chain.upcase} #{policy}\n"
       end
     end
 
@@ -125,9 +125,9 @@ class Iptables < Recipe
       next unless chain_used_in_table
 
       if @node.uses_rpm?
-        @script.concat ":#{chain.upcase} - [0:0]\n"
+        @script << ":#{chain.upcase} - [0:0]\n"
       else
-        @script.concat "--table #{table} --new-chain #{chain.upcase}\n"
+        @script << "--table #{table} --new-chain #{chain.upcase}\n"
       end
     end
   end
@@ -162,7 +162,7 @@ class Iptables < Recipe
         ::Dust.print_ok
       end
     end
-    @script.concat "COMMIT\n" if @node.uses_rpm?
+    @script << "COMMIT\n" if @node.uses_rpm?
   end
 
   def get_rules_for_table rules, table
@@ -188,7 +188,7 @@ class Iptables < Recipe
   def generate_iptables_string chain, rule
     parse_rule(rule).each do |r|
       #::Dust.print_msg "#{::Dust.grey}#{r.join ' '}#{::Dust.none}\n", :indent => 5
-      @script.concat "--append #{chain.upcase} #{r.join ' '}\n"
+      @script << "--append #{chain.upcase} #{r.join ' '}\n"
     end
   end
 

data/lib/dust/recipes/logrotate.rb

@@ -14,15 +14,15 @@ class Logrotate < Recipe
       file = "#{rule['path']} {\n"
       
       rule['args'] ||= default_args
-      rule['args'].each { |arg| file.concat "    #{arg}\n" }
+      rule['args'].each { |arg| file << "    #{arg}\n" }
 
       rule['scripts'] ||= {}
       rule['scripts'].each do |script, commands|
-        file.concat "    #{script}\n"
-        commands.each { |cmd| file.concat "        #{cmd}\n" }
+        file << "    #{script}\n"
+        commands.each { |cmd| file << "        #{cmd}\n" }
       end
         
-      file.concat "}\n"
+      file << "}\n"
       deploy_rule name, file
     end
     
@@ -46,7 +46,6 @@ class Logrotate < Recipe
   
   def deploy_rule name, file
     @node.write "/etc/logrotate.d/#{name}", file, :indent => 2
-    @node.chmod '0644', "/etc/logrotate.d/#{name}", :indent => 2
     @node.chown 'root:root', "/etc/logrotate.d/#{name}", :indent => 2    
   end
 

data/lib/dust/recipes/mysql.rb

@@ -13,7 +13,6 @@ class Mysql < Recipe
     ::Dust.print_ok "set innodb buffer pool to '#{@config['mysqld']['innodb_buffer_pool_size']}'", :indent => 2
 
     @node.write '/etc/mysql/my.cnf', generate_my_cnf
-    @node.chmod '644', '/etc/mysql/my.cnf'
 
     @node.restart_service 'mysql' if options.restart?
     @node.reload_service 'mysql' if options.reload?
@@ -96,13 +95,13 @@ class Mysql < Recipe
   def generate_my_cnf
     my_cnf = ''
     @config.each do |category, config|
-      my_cnf.concat "[#{category}]\n"
-      config.each { |key, value| my_cnf.concat "#{key} = #{value}\n" }
-      my_cnf.concat "\n"
+      my_cnf << "[#{category}]\n"
+      config.each { |key, value| my_cnf << "#{key} = #{value}\n" }
+      my_cnf << "\n"
     end
 
     # add includedir
-    my_cnf.concat "!includedir /etc/mysql/conf.d/\n"
+    my_cnf << "!includedir /etc/mysql/conf.d/\n"
     my_cnf
   end
 end

data/lib/dust/recipes/postgres.rb

@@ -4,6 +4,8 @@ class Postgres < Recipe
     return ::Dust.print_failed 'no version specified' unless @config['version']
     return unless install_postgres
 
+    @config['postgresql.conf'] ||= {}
+
     # default cluster on debian-like systems is 'main'
     @config['cluster'] ||= 'main' if @node.uses_apt?
 
@@ -71,9 +73,6 @@ class Postgres < Recipe
     @node.write "#{@config['conf_directory']}/postgresql.conf", generate_postgresql_conf
     @node.write "#{@config['conf_directory']}/pg_hba.conf", generate_pg_hba_conf
     @node.write "#{@config['conf_directory']}/pg_ident.conf", generate_pg_ident_conf
-    @node.chmod '644', "#{@config['conf_directory']}/postgresql.conf"
-    @node.chmod '644', "#{@config['conf_directory']}/pg_hba.conf"
-    @node.chmod '644', "#{@config['conf_directory']}/pg_ident.conf"
   end
 
   # copy recovery.conf to either recovery.conf or recovery.done
@@ -94,16 +93,20 @@ class Postgres < Recipe
 
   # default settings for postgresql.conf
   def default_postgres_conf
-    { 'max_connections' => 100,
+    {
+      'max_connections' => 100,
       'datestyle' => 'iso, mdy',
       'lc_messages' => 'en_US.UTF-8',
       'lc_monetary' => 'en_US.UTF-8',
       'lc_numeric' => 'en_US.UTF-8',
       'lc_time' => 'en_US.UTF-8',
-      'default_text_search_config' => 'pg_catalog.english' }
+      'default_text_search_config' => 'pg_catalog.english',
+      'log_line_prefix' => '%t [%p] %u@%d '
+    }
   end
 
   def generate_postgresql_conf
+    @config['postgresql.conf'] ||= {}
     @config['postgresql.conf'] = default_postgres_conf.merge @config['postgresql.conf']
 
     calculate_values
@@ -111,7 +114,7 @@ class Postgres < Recipe
     postgresql_conf = ''
     @config['postgresql.conf'].each do |key, value|
       value = "'#{value}'" if value.is_a? String # enclose strings in ''
-      postgresql_conf.concat "#{key} = #{value}\n"
+      postgresql_conf << "#{key} = #{value}\n"
     end
 
     postgresql_conf
@@ -123,7 +126,7 @@ class Postgres < Recipe
     recovery_conf = ''
     @config['recovery.conf'].each do |key, value|
       value = "'#{value}'" if value.is_a? String # enclose strings in ''
-      recovery_conf.concat "#{key} = #{value}\n"
+      recovery_conf << "#{key} = #{value}\n"
     end
 
     recovery_conf

data/lib/dust/recipes/rc_local.rb

@@ -8,10 +8,10 @@ class RcLocal < Recipe
       rc = ''
       @config.to_array.each do |cmd|
         ::Dust.print_msg "adding command: #{cmd}", :indent => 2
-        rc += "#{cmd}\n"
+        rc << "#{cmd}\n"
         ::Dust.print_ok
       end
-      rc += "\nexit 0\n"
+      rc << "\nexit 0\n"
 
       @node.write '/etc/rc.local', rc
       @node.chown 'root:root', '/etc/rc.local'

data/lib/dust/recipes/redis.rb

@@ -63,9 +63,9 @@ class Redis < Recipe
     redis_conf = ''
     @config.each do |key, value|
       if value.is_a? Array
-        value.each { |v| redis_conf.concat "#{key} #{v}\n" }
+        value.each { |v| redis_conf << "#{key} #{v}\n" }
       else
-        redis_conf.concat "#{key} #{value}\n"
+        redis_conf << "#{key} #{value}\n"
       end
     end
     
@@ -83,8 +83,8 @@ class Redis < Recipe
       ::Dust.print_result @node.exec('sysctl -w vm.swappiness=0')[:exit_code]
       
       file = ''
-      file += "vm.overcommit_memory=1\n"
-      file += "vm.swappiness=0\n"
+      file << "vm.overcommit_memory=1\n"
+      file << "vm.swappiness=0\n"
       
       @node.write "/etc/sysctl.d/30-redis.conf", file
       

data/lib/dust/recipes/repositories.rb

@@ -1,7 +1,7 @@
 class Repositories < Recipe
   desc 'repositories:deploy', 'configures package management repositories (aptitude, yum)'
   def deploy
-    @node.collect_facts
+    return unless @node.collect_facts
 
     delete_old_repositories
     deploy_repositories
@@ -59,32 +59,32 @@ class Repositories < Recipe
   
   def generate_default_repo repo
     sources = ''
-    sources.concat "deb #{repo['url']} #{repo['release']} #{repo['components']}\n"
-    sources.concat "deb-src #{repo['url']} #{repo['release']} #{repo['components']}\n\n"
+    sources << "deb #{repo['url']} #{repo['release']} #{repo['components']}\n"
+    sources << "deb-src #{repo['url']} #{repo['release']} #{repo['components']}\n\n"
     
     # security
     if @node.is_debian?
-      sources.concat "deb http://security.debian.org/ #{repo['release']}/updates #{repo['components']}\n"
-      sources.concat "deb-src http://security.debian.org/ #{repo['release']}/updates #{repo['components']}\n\n"
+      sources << "deb http://security.debian.org/ #{repo['release']}/updates #{repo['components']}\n"
+      sources << "deb-src http://security.debian.org/ #{repo['release']}/updates #{repo['components']}\n\n"
     elsif @node.is_ubuntu?
-      sources.concat "deb http://security.ubuntu.com/ubuntu/ #{repo['release']}-security #{repo['components']}\n"
-      sources.concat "deb-src http://security.ubuntu.com/ubuntu/ #{repo['release']}-security #{repo['components']}\n\n"
+      sources << "deb http://security.ubuntu.com/ubuntu/ #{repo['release']}-security #{repo['components']}\n"
+      sources << "deb-src http://security.ubuntu.com/ubuntu/ #{repo['release']}-security #{repo['components']}\n\n"
     end
     
     # updates
-    sources.concat "deb #{repo['url']} #{repo['release']}-updates #{repo['components']}\n"
-    sources.concat "deb-src #{repo['url']} #{repo['release']}-updates #{repo['components']}\n\n"
+    sources << "deb #{repo['url']} #{repo['release']}-updates #{repo['components']}\n"
+    sources << "deb-src #{repo['url']} #{repo['release']}-updates #{repo['components']}\n\n"
     
     # proposed
     if @node.is_ubuntu?
-      sources.concat "deb #{repo['url']} #{repo['release']}-proposed #{repo['components']}\n"
-      sources.concat "deb-src #{repo['url']} #{repo['release']}-proposed #{repo['components']}\n\n"
+      sources << "deb #{repo['url']} #{repo['release']}-proposed #{repo['components']}\n"
+      sources << "deb-src #{repo['url']} #{repo['release']}-proposed #{repo['components']}\n\n"
     end
     
     # backports is enabled per default in ubuntu oneiric
     if @node.is_ubuntu?
-      sources.concat "deb #{repo['url']} #{repo['release']}-backports #{repo['components']}\n"
-      sources.concat "deb-src #{repo['url']} #{repo['release']}-backports #{repo['components']}\n\n"
+      sources << "deb #{repo['url']} #{repo['release']}-backports #{repo['components']}\n"
+      sources << "deb-src #{repo['url']} #{repo['release']}-backports #{repo['components']}\n\n"
     end
 
     sources
@@ -93,8 +93,8 @@ class Repositories < Recipe
   def generate_repo repo
     # add url to sources.list
     sources = ''
-    sources.concat "deb #{repo['url']} #{repo['release']} #{repo['components']}\n" if repo['binary']
-    sources.concat "deb-src #{repo['url']} #{repo['release']} #{repo['components']}\n" if repo['source']
+    sources << "deb #{repo['url']} #{repo['release']} #{repo['components']}\n" if repo['binary']
+    sources << "deb-src #{repo['url']} #{repo['release']} #{repo['components']}\n" if repo['source']
     sources
   end
   

data/lib/dust/recipes/resolv_conf.rb

@@ -14,25 +14,25 @@ class ResolvConf < Recipe
     # configures whether daily reports are sent
     if @config['search']
       ::Dust.print_msg "adding search #{@config['search']}", :indent => 2
-      config_file += "search #{@config['search']}\n"
+      config_file << "search #{@config['search']}\n"
       ::Dust.print_ok
     end
 
     if @config['domain']
       ::Dust.print_msg "adding domain #{@config['domain']}", :indent => 2
-      config_file += "domain #{@config['domain']}\n"
+      config_file << "domain #{@config['domain']}\n"
       ::Dust.print_ok
     end
 
     if @config['options']
       ::Dust.print_msg "adding options #{@config['options']}", :indent => 2
-      config_file += "options #{@config['options']}\n"
+      config_file << "options #{@config['options']}\n"
       ::Dust.print_ok
     end
 
     @config['nameservers'].each do |nameserver|
       ::Dust.print_msg "adding nameserver #{nameserver}", :indent => 2
-      config_file += "nameserver #{nameserver}\n"
+      config_file << "nameserver #{nameserver}\n"
       ::Dust.print_ok
     end
  

data/lib/dust/recipes/ruby_rvm.rb

@@ -34,6 +34,8 @@ class RubyRvm < Recipe
         next
       end
 
+      return unless change_shell user
+      return unless create_homedir user
       return unless install_rvm user
       return unless install_ruby user, version
       return unless set_default user, version
@@ -84,4 +86,22 @@ class RubyRvm < Recipe
     end
     false
   end
+
+  # rvm only supports bash and zsh
+  def change_shell user
+    shell = @node.get_shell user
+    return true if shell == '/bin/zsh' or shell == '/bin/bash'
+
+    ::Dust.print_msg "changing shell for #{user} to /bin/bash"
+    ::Dust.print_result@node.exec("chsh -s /bin/bash #{user}")[:exit_code]
+  end
+
+  def create_homedir user
+    dir = @node.get_home user
+    unless @node.dir_exists? dir, :quiet => true
+      return false unless @node.mkdir dir
+      return false unless @node.chown user, dir
+    end
+    true
+  end
 end

data/lib/dust/recipes/ssh_authorized_keys.rb

@@ -25,10 +25,10 @@ class SshAuthorizedKeys < Recipe
       users[ssh_user]['name'] ||= ssh_user
       ::Dust.print_msg "adding user #{users[ssh_user]['name']}", :indent => 2
       users[ssh_user]['keys'].each do |key|
-        authorized_keys.concat"#{key}"
-        authorized_keys.concat " #{users[ssh_user]['name']}" if users[ssh_user]['name']
-        authorized_keys.concat " <#{users[ssh_user]['email']}>" if users[ssh_user]['email']
-        authorized_keys.concat "\n"
+        authorized_keys << "#{key}"
+        authorized_keys << " #{users[ssh_user]['name']}" if users[ssh_user]['name']
+        authorized_keys << " <#{users[ssh_user]['email']}>" if users[ssh_user]['email']
+        authorized_keys << "\n"
       end
       ::Dust.print_ok
     end
@@ -51,7 +51,6 @@ class SshAuthorizedKeys < Recipe
     
     # check permissions
     @node.chown "#{user}:#{user}", "#{home}/.ssh"
-    @node.chmod '0644', "#{home}/.ssh/authorized_keys"    
   end
   
   # remove authorized_keys files for all other users  

data/lib/dust/recipes/sshd.rb

@@ -55,7 +55,7 @@ class Sshd < Recipe
   def apply_configuration
     @sshd_config = ''
     @config.each do |key, values|
-      values.each { |value| @sshd_config.concat "#{key} #{value}\n" }
+      values.each { |value| @sshd_config << "#{key} #{value}\n" }
     end
   end
 

data/lib/dust/recipes/sudoers.rb

@@ -21,7 +21,7 @@ class Sudoers < Recipe
         
         file = ''        
         rule['user'].each do |u|
-          rule['command'].each { |c| file.concat "#{u} #{c}\n" }
+          rule['command'].each { |c| file << "#{u} #{c}\n" }
         end
       end
       

data/lib/dust/recipes/sysctl.rb

@@ -30,7 +30,7 @@ class Sysctl < Recipe
     sysctl.each do |key, value|
       ::Dust.print_msg "setting #{key} = #{value}", :indent => 2
       ::Dust.print_result @node.exec("sysctl -w #{key}=#{value}")[:exit_code]
-      sysctl_conf.concat "#{key} = #{value}\n"
+      sysctl_conf << "#{key} = #{value}\n"
     end
 
     ::Dust.print_msg "saving settings to /etc/sysctl.d/10-#{name}.conf", :indent => 2

data/lib/dust/recipes/zabbix_agent.rb

@@ -50,7 +50,9 @@ class ZabbixAgent < Recipe
   # generate zabbix_agentd.conf
   def generate_zabbix_agentd_conf
     @config = default_config.merge @config 
-    
+
+    @config['UserParameter'] = Array @config['UserParameter']
+
     # system updates
     @config['UserParameter'] |= enable_apt if @node.uses_apt?
     @config['UserParameter'] |= enable_rpm if @node.uses_rpm?
@@ -65,12 +67,12 @@ class ZabbixAgent < Recipe
     # add normal configuration variables
     @config.each do |key, value|
       next if key == 'UserParameter'
-      zabbix_agentd_conf.concat "#{key}=#{value}\n"
+      zabbix_agentd_conf << "#{key}=#{value}\n"
     end    
     
     # add user parameters
     @config['UserParameter'].each do |user_parameter|
-      zabbix_agentd_conf.concat "UserParameter=#{user_parameter}\n"
+      zabbix_agentd_conf << "UserParameter=#{user_parameter}\n"
     end
     
     zabbix_agentd_conf

data/lib/dust/server.rb

@@ -108,16 +108,20 @@ module Dust
 
     def write destination, content, options = {}
       options = default_options.merge options
-      
+
       Dust.print_msg "deploying #{File.basename destination}", options
-      
+
       f = Tempfile.new 'dust-write'
       f.print content
       f.close
-      
+
+      file_existed = file_exists? destination, :quiet => true
+
       ret = Dust.print_result scp(f.path, destination, :quiet => true), options
       f.unlink
-      
+
+      # default to 644 unless file existed before
+      chmod '0644', destination, options unless file_existed
       ret
     end
 
@@ -575,9 +579,22 @@ module Dust
     def get_home user, options = {}
       options = default_options(:quiet => true).merge options
       
-      Dust.print_msg "getting home directory of #{user}"
+      Dust.print_msg "getting home directory of #{user}", options
       ret = exec "getent passwd |cut -d':' -f1,6 |grep '^#{user}' |head -n1 |cut -d: -f2"
-      if Dust.print_result ret[:exit_code]     
+      if Dust.print_result ret[:exit_code], options
+        return ret[:stdout].chomp
+      else
+        return false
+      end
+    end
+
+    # returns shell of this user
+    def get_shell user, options = {}
+      options = default_options(:quiet => true).merge options
+
+      Dust.print_msg "getting shell of #{user}", options
+      ret = exec "getent passwd |cut -d':' -f1,7 |grep '^#{user}' |head -n1 |cut -d: -f2"
+      if Dust.print_result ret[:exit_code], options
         return ret[:stdout].chomp
       else
         return false

data/lib/dust/version.rb

@@ -1,3 +1,3 @@
 module Dust
-  VERSION = "0.9.2"
+  VERSION = "0.10.0"
 end

metadata

@@ -1,80 +1,104 @@
---- !ruby/object:Gem::Specification
+--- !ruby/object:Gem::Specification 
 name: dust-deploy
-version: !ruby/object:Gem::Version
-  version: 0.9.2
-  prerelease: 
+version: !ruby/object:Gem::Version 
+  prerelease: false
+  segments: 
+  - 0
+  - 10
+  - 0
+  version: 0.10.0
 platform: ruby
-authors:
+authors: 
 - kris kechagia
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2012-03-27 00:00:00.000000000 Z
-dependencies:
-- !ruby/object:Gem::Dependency
-  name: net-ssh
-  requirement: &70357952436820 !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: '0'
+
+date: 2012-04-03 00:00:00 +02:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: json
+  prerelease: false
+  requirement: &id001 !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        segments: 
+        - 0
+        version: "0"
   type: :runtime
+  version_requirements: *id001
+- !ruby/object:Gem::Dependency 
+  name: net-ssh
   prerelease: false
-  version_requirements: *70357952436820
-- !ruby/object:Gem::Dependency
-  name: net-scp
-  requirement: &70357952436280 !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: '0'
+  requirement: &id002 !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        segments: 
+        - 0
+        version: "0"
   type: :runtime
+  version_requirements: *id002
+- !ruby/object:Gem::Dependency 
+  name: net-scp
   prerelease: false
-  version_requirements: *70357952436280
-- !ruby/object:Gem::Dependency
-  name: net-sftp
-  requirement: &70357952435600 !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: '0'
+  requirement: &id003 !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        segments: 
+        - 0
+        version: "0"
   type: :runtime
+  version_requirements: *id003
+- !ruby/object:Gem::Dependency 
+  name: net-sftp
   prerelease: false
-  version_requirements: *70357952435600
-- !ruby/object:Gem::Dependency
-  name: thor
-  requirement: &70357952434660 !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: '0'
+  requirement: &id004 !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        segments: 
+        - 0
+        version: "0"
   type: :runtime
+  version_requirements: *id004
+- !ruby/object:Gem::Dependency 
+  name: thor
   prerelease: false
-  version_requirements: *70357952434660
-- !ruby/object:Gem::Dependency
-  name: ipaddress
-  requirement: &70357952434240 !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: '0'
+  requirement: &id005 !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        segments: 
+        - 0
+        version: "0"
   type: :runtime
+  version_requirements: *id005
+- !ruby/object:Gem::Dependency 
+  name: ipaddress
   prerelease: false
-  version_requirements: *70357952434240
-description: when puppet and chef suck because you want to be in control and sprinkle
-  just cannot do enough for you
-email:
+  requirement: &id006 !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        segments: 
+        - 0
+        version: "0"
+  type: :runtime
+  version_requirements: *id006
+description: when puppet and chef suck because you want to be in control and sprinkle just cannot do enough for you
+email: 
 - kk@rndsec.net
-executables:
+executables: 
 - dust
 extensions: []
+
 extra_rdoc_files: []
-files:
+
+files: 
 - .gitignore
 - Gemfile
 - LICENSE
@@ -110,6 +134,7 @@ files:
 - lib/dust/print_status.rb
 - lib/dust/recipe.rb
 - lib/dust/recipes/aliases.rb
+- lib/dust/recipes/apt.rb
 - lib/dust/recipes/basic_setup.rb
 - lib/dust/recipes/cjdroute.rb
 - lib/dust/recipes/cups_client.rb
@@ -138,32 +163,38 @@ files:
 - lib/dust/recipes/sshd.rb
 - lib/dust/recipes/sudoers.rb
 - lib/dust/recipes/sysctl.rb
-- lib/dust/recipes/unattended_upgrades.rb
 - lib/dust/recipes/zabbix_agent.rb
 - lib/dust/server.rb
 - lib/dust/version.rb
-homepage: ''
+has_rdoc: true
+homepage: ""
 licenses: []
+
 post_install_message: 
 rdoc_options: []
-require_paths:
+
+require_paths: 
 - lib
-required_ruby_version: !ruby/object:Gem::Requirement
-  none: false
-  requirements:
-  - - ! '>='
-    - !ruby/object:Gem::Version
-      version: '0'
-required_rubygems_version: !ruby/object:Gem::Requirement
-  none: false
-  requirements:
-  - - ! '>='
-    - !ruby/object:Gem::Version
-      version: '0'
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      segments: 
+      - 0
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      segments: 
+      - 0
+      version: "0"
 requirements: []
+
 rubyforge_project: dust-deploy
-rubygems_version: 1.8.11
+rubygems_version: 1.3.6
 signing_key: 
 specification_version: 3
 summary: small server deployment tool for complex environments
 test_files: []
+

data/lib/dust/recipes/unattended_upgrades.rb

@@ -1,27 +0,0 @@
-class UnattendedUpgrades < Recipe
-  desc 'unattended_upgrades:deploy', 'installs and configures automatic system updates for debian and ubuntu'
-  def deploy
-    return unless @node.uses_apt? 
-    @node.install_package 'unattended-upgrades'
-
-    @config = {} unless @config.is_a? Hash
-
-    # set defaults for non-set config
-    @config['enable'] ||= 1
-    @config['update-package-lists'] ||= 1
-    @config['unattended-upgrade'] ||= 1
-    @config['autocleaninterval'] ||= 1
-    @config['verbose'] ||= 0
-
-    # generate configuration file
-    periodic = ''
-    periodic += "APT::Periodic::Enable \"#{@config['enable']}\";\n"
-    periodic += "APT::Periodic::Update-Package-Lists \"#{@config['update-package-lists']}\";\n"
-    periodic += "APT::Periodic::Unattended-Upgrade \"#{@config['unattended-upgrade']}\";\n"
-    periodic += "APT::Periodic::AutocleanInterval \"#{@config['autocleaninterval']}\";\n"
-    periodic += "APT::Periodic::Verbose \"#{@config['verbose']}\";\n"
-
-    @node.write '/etc/apt/apt.conf.d/02periodic', periodic      
-    @node.chmod '644', '/etc/apt/apt.conf.d/02periodic'
-  end
-end