dust-deploy 0.4.3 → 0.4.4

Sign up to get free protection for your applications and to get access to all the features.
data/changelog.md CHANGED
@@ -1,6 +1,14 @@
1
1
  Changelog
2
2
  =============
3
3
 
4
+ 0.4.4
5
+ ------------
6
+
7
+ sshd recipe
8
+ - default PrintMotd to false on apt systems (will be displayed 2 times otherwise)
9
+ - no and yes can be specified in config file, without getting converted to booleans automatically
10
+
11
+
4
12
  0.4.3
5
13
  ------------
6
14
 
data/lib/dust/helper.rb CHANGED
@@ -15,9 +15,8 @@ class Array
15
15
  end
16
16
  end
17
17
 
18
- # stole this from rails
19
- # https://github.com/rails/rails/blob/c0262827cacc1baf16668af65c35a09138166394/activesupport/lib/active_support/core_ext/hash/deep_merge.rb
20
18
  class Hash
19
+ # stole this from rails
21
20
  # Returns a new hash with +self+ and +other_hash+ merged recursively.
22
21
  def deep_merge(other_hash)
23
22
  dup.deep_merge!(other_hash)
@@ -33,26 +32,33 @@ class Hash
33
32
  self
34
33
  end
35
34
 
35
+
36
36
  # converts each value to an array, so .each and .combine won't get hickups
37
37
  def values_to_array!
38
- self.each { |k, v| self[k] = [ self[k] ] unless self[k].is_a? Array }
38
+ self.keys.each { |k| self[k] = [ self[k] ] unless self[k].is_a? Array }
39
39
  end
40
+
41
+ # converts each value that is a boolean to 'yes' resp. 'no' strings
42
+ def boolean_to_string!
43
+ self.each { |k, v| self[k] = v ? 'yes' : 'no' if v.is_a? TrueClass or v.is_a? FalseClass }
44
+ end
40
45
  end
41
46
 
42
- # stole this from Afz902k who posted something similar at stackoverflow.com
43
- # adds ability to check if a class with the name of a string exists
47
+
44
48
  class String
45
- def to_class
46
- Kernel.const_get self.capitalize
47
- rescue NameError
48
- nil
49
- end
49
+ # stole this from Afz902k who posted something similar at stackoverflow.com
50
+ # adds ability to check if a class with the name of a string exists
51
+ def to_class
52
+ Kernel.const_get self.capitalize
53
+ rescue NameError
54
+ nil
55
+ end
50
56
 
51
- def is_a_defined_class?
52
- true if self.to_class
53
- rescue NameError
54
- false
55
- end
57
+ def is_a_defined_class?
58
+ true if self.to_class
59
+ rescue NameError
60
+ false
61
+ end
56
62
  end
57
63
 
58
64
 
@@ -69,7 +69,7 @@ class Iptables < Recipe
69
69
  rule['table'] ||= ['filter']
70
70
  rule['jump'] ||= ['ACCEPT']
71
71
  rule['protocol'] ||= ['tcp'] if rule['dport'] or rule['sport']
72
- rule.each { |k, v| rule[k] = [ rule[k] ] unless rule[k].is_a? Array }
72
+ rule.values_to_array!
73
73
  end
74
74
  end
75
75
  end
@@ -3,90 +3,107 @@ class Repositories < Recipe
3
3
  def deploy
4
4
  @node.collect_facts
5
5
 
6
- if @node.uses_apt? :quiet=>false
7
- :: Dust.print_msg 'deleting old repositories'
8
- @node.rm '/etc/apt/sources.list.d/*.list', :quiet => true
9
- ::Dust.print_ok
10
-
11
- puts
12
- @config.each do |name, repo|
13
-
14
- # if repo is present but not a hash use defaults
15
- repo = {} unless repo.is_a? Hash
16
-
17
- # setting defaults
18
- repo['url'] ||= 'http://ftp.debian.org/debian/' if @node.is_debian?
19
- repo['url'] ||= 'http://archive.ubuntu.com/ubuntu/' if @node.is_ubuntu?
20
-
21
- repo['release'] ||= @node['lsbdistcodename']
22
- repo['components'] ||= 'main'
23
-
24
- # ||= doesn't work for booleans
25
- repo['source'] = repo['source'].nil? ? true : repo['source']
26
- repo['binary'] = repo['binary'].nil? ? true : repo['binary']
27
-
28
- # the default repository in /etc/apt/sources.list (debian)
29
- if name == 'default'
30
- ::Dust.print_msg 'deploying default repository'
31
-
32
- sources = ''
33
- sources += "deb #{repo['url']} #{repo['release']} #{repo['components']}\n" +
34
- "deb-src #{repo['url']} #{repo['release']} #{repo['components']}\n\n"
35
-
36
- # security
37
- if @node.is_debian?
38
- sources += "deb http://security.debian.org/ #{repo['release']}/updates #{repo['components']}\n" +
39
- "deb-src http://security.debian.org/ #{repo['release']}/updates #{repo['components']}\n\n"
40
- elsif @node.is_ubuntu?
41
- sources += "deb http://security.ubuntu.com/ubuntu/ #{repo['release']}-security #{repo['components']}\n" +
42
- "deb-src http://security.ubuntu.com/ubuntu/ #{repo['release']}-security #{repo['components']}\n\n"
43
- end
44
-
45
- # updates
46
- sources += "deb #{repo['url']} #{repo['release']}-updates #{repo['components']}\n" +
47
- "deb-src #{repo['url']} #{repo['release']}-updates #{repo['components']}\n\n"
48
-
49
- # proposed
50
- if @node.is_ubuntu?
51
- sources += "deb #{repo['url']} #{repo['release']}-proposed #{repo['components']}\n" +
52
- "deb-src #{repo['url']} #{repo['release']}-proposed #{repo['components']}\n\n"
53
- end
54
-
55
- # backports is enabled per default in ubuntu oneiric
56
- if @node.is_ubuntu?
57
- sources += "deb #{repo['url']} #{repo['release']}-backports #{repo['components']}\n" +
58
- "deb-src #{repo['url']} #{repo['release']}-backports #{repo['components']}\n\n"
59
- end
60
-
61
- ::Dust.print_result @node.write('/etc/apt/sources.list', sources, :quiet => true)
62
-
63
- else
64
- # add url to sources.list
65
- sources = ''
66
- sources += "deb #{repo['url']} #{repo['release']} #{repo['components']}\n" if repo['binary']
67
- sources += "deb-src #{repo['url']} #{repo['release']} #{repo['components']}\n" if repo['source']
68
-
69
- ::Dust.print_msg "adding repository '#{name}' to sources"
70
- ::Dust.print_result @node.write("/etc/apt/sources.list.d/#{name}.list", sources, :quiet => true)
71
-
72
- # add the repository key
73
- if repo['key']
74
- ::Dust.print_msg "adding #{name} repository key"
75
- ::Dust.print_result @node.exec("wget -O- '#{repo['key']}' | apt-key add -")[:exit_code]
76
- end
77
- end
6
+ delete_old_repositories
7
+ deploy_repositories
8
+
9
+ # fetch new stuff
10
+ puts
11
+ @node.update_repos if options.restart? or options.reload?
12
+ end
13
+
14
+
15
+ private
16
+
17
+ # deletes all .list files under /etc/apt/sources.list.d
18
+ def delete_old_repositories
19
+ :: Dust.print_msg 'deleting old repositories'
20
+ @node.rm '/etc/apt/sources.list.d/*.list', :quiet => true if @node.uses_apt?
21
+ ::Dust.print_ok
22
+ end
23
+
24
+ def deploy_repositories
25
+ @config.each do |name, repo|
26
+
27
+ # if repo is present but not a hash use defaults
28
+ repo = {} unless repo.is_a? Hash
29
+
30
+ merge_with_default_settings repo
31
+
32
+ # the default repository in /etc/apt/sources.list (debian)
33
+ if name == 'default'
34
+ ::Dust.print_msg 'deploying default repository'
35
+ sources = generate_default_repo repo
36
+ ::Dust.print_result @node.write('/etc/apt/sources.list', sources, :quiet => true)
37
+ else
38
+ ::Dust.print_msg "adding repository '#{name}' to sources"
39
+ sources = generate_repo repo
40
+ ::Dust.print_result @node.write("/etc/apt/sources.list.d/#{name}.list", sources, :quiet => true)
41
+ add_repo_key name, repo
78
42
  end
43
+ end
44
+ end
79
45
 
80
- elsif @node.uses_rpm? :quiet=>false
81
- ::Dust.print_failed 'rpm not yet supported'
82
-
83
- else
84
- ::Dust.print_failed 'os not supported'
46
+ # merge repo configuration with default settings
47
+ def merge_with_default_settings repo
48
+ # setting defaults
49
+ repo['url'] ||= 'http://ftp.debian.org/debian/' if @node.is_debian?
50
+ repo['url'] ||= 'http://archive.ubuntu.com/ubuntu/' if @node.is_ubuntu?
51
+
52
+ repo['release'] ||= @node['lsbdistcodename']
53
+ repo['components'] ||= 'main'
54
+
55
+ # ||= doesn't work for booleans
56
+ repo['source'] = repo['source'].nil? ? true : repo['source']
57
+ repo['binary'] = repo['binary'].nil? ? true : repo['binary']
58
+ end
59
+
60
+ def generate_default_repo repo
61
+ sources = ''
62
+ sources.concat "deb #{repo['url']} #{repo['release']} #{repo['components']}\n"
63
+ sources.concat "deb-src #{repo['url']} #{repo['release']} #{repo['components']}\n\n"
64
+
65
+ # security
66
+ if @node.is_debian?
67
+ sources.concat "deb http://security.debian.org/ #{repo['release']}/updates #{repo['components']}\n"
68
+ sources.concat "deb-src http://security.debian.org/ #{repo['release']}/updates #{repo['components']}\n\n"
69
+ elsif @node.is_ubuntu?
70
+ sources.concat "deb http://security.ubuntu.com/ubuntu/ #{repo['release']}-security #{repo['components']}\n"
71
+ sources.concat "deb-src http://security.ubuntu.com/ubuntu/ #{repo['release']}-security #{repo['components']}\n\n"
72
+ end
73
+
74
+ # updates
75
+ sources.concat "deb #{repo['url']} #{repo['release']}-updates #{repo['components']}\n"
76
+ sources.concat "deb-src #{repo['url']} #{repo['release']}-updates #{repo['components']}\n\n"
77
+
78
+ # proposed
79
+ if @node.is_ubuntu?
80
+ sources.concat "deb #{repo['url']} #{repo['release']}-proposed #{repo['components']}\n"
81
+ sources.concat "deb-src #{repo['url']} #{repo['release']}-proposed #{repo['components']}\n\n"
82
+ end
83
+
84
+ # backports is enabled per default in ubuntu oneiric
85
+ if @node.is_ubuntu?
86
+ sources.concat "deb #{repo['url']} #{repo['release']}-backports #{repo['components']}\n"
87
+ sources.concat "deb-src #{repo['url']} #{repo['release']}-backports #{repo['components']}\n\n"
85
88
  end
86
89
 
87
- # fetch new stuff
88
- puts
89
- @node.update_repos if options.restart? or options.reload?
90
+ sources
91
+ end
92
+
93
+ def generate_repo repo
94
+ # add url to sources.list
95
+ sources = ''
96
+ sources.concat "deb #{repo['url']} #{repo['release']} #{repo['components']}\n" if repo['binary']
97
+ sources.concat "deb-src #{repo['url']} #{repo['release']} #{repo['components']}\n" if repo['source']
98
+ sources
99
+ end
100
+
101
+ def add_repo_key name, repo
102
+ # add the repository key
103
+ if repo['key']
104
+ ::Dust.print_msg "adding #{name} repository key"
105
+ ::Dust.print_result @node.exec("wget -O- '#{repo['key']}' | apt-key add -")[:exit_code]
106
+ end
90
107
  end
91
108
  end
92
109
 
@@ -3,55 +3,67 @@ require 'yaml'
3
3
  class SshAuthorizedKeys < Recipe
4
4
  desc 'ssh_authorized_keys:deploy', 'configures ssh authorized_keys'
5
5
  def deploy
6
- # load users and their ssh keys from yaml file
7
- users = YAML.load_file "#{@template_path}/users.yaml"
8
6
 
9
- authorized_keys = {}
10
7
  @config.each do |remote_user, ssh_users|
11
8
  ::Dust.print_msg "generating authorized_keys for #{remote_user}\n"
12
- authorized_keys = ''
13
-
14
- # create the authorized_keys hash for this user
15
- ssh_users.each do |ssh_user|
16
- users[ssh_user]['name'] ||= ssh_user
17
- ::Dust.print_msg "adding user #{users[ssh_user]['name']}", :indent => 2
18
- users[ssh_user]['keys'].each do |key|
19
- authorized_keys += "#{key}"
20
- authorized_keys += " #{users[ssh_user]['name']}" if users[ssh_user]['name']
21
- authorized_keys += " <#{users[ssh_user]['email']}>" if users[ssh_user]['email']
22
- authorized_keys += "\n"
23
- end
9
+ authorized_keys = generate_authorized_keys ssh_users
10
+ deploy_authorized_keys remote_user, authorized_keys
11
+ puts
12
+ end
13
+ end
14
+
15
+
16
+ private
24
17
 
25
- ::Dust.print_ok
18
+ def generate_authorized_keys ssh_users
19
+ # load users and their ssh keys from yaml file
20
+ users = YAML.load_file "#{@template_path}/users.yaml"
21
+ authorized_keys = ''
22
+
23
+ # create the authorized_keys hash for this user
24
+ ssh_users.each do |ssh_user|
25
+ users[ssh_user]['name'] ||= ssh_user
26
+ ::Dust.print_msg "adding user #{users[ssh_user]['name']}", :indent => 2
27
+ users[ssh_user]['keys'].each do |key|
28
+ authorized_keys.concat"#{key}"
29
+ authorized_keys.concat " #{users[ssh_user]['name']}" if users[ssh_user]['name']
30
+ authorized_keys.concat " <#{users[ssh_user]['email']}>" if users[ssh_user]['email']
31
+ authorized_keys.concat "\n"
26
32
  end
33
+ ::Dust.print_ok
34
+ end
27
35
 
28
- # create user, if not existent
29
- next unless @node.create_user remote_user
30
-
31
- # check and create necessary directories
32
- next unless @node.mkdir("~#{remote_user}/.ssh")
33
-
34
- # deploy authorized_keys
35
- next unless @node.write "~#{remote_user}/.ssh/authorized_keys", authorized_keys
36
-
37
- # check permissions
38
- @node.chown "#{remote_user}:#{remote_user}", "~#{remote_user}/.ssh"
39
- @node.chmod '0644', "~#{remote_user}/.ssh/authorized_keys"
40
-
41
-
42
- # TODO: add this option
43
- # remove authorized_keys files for all other users
44
- if options.cleanup?
45
- ::Dust.print_msg "deleting other authorized_keys files\n"
46
- @node.get_system_users(:quiet => true).each do |user|
47
- next if users.keys.include? user
48
- if @node.file_exists? "~#{user}/.ssh/authorized_keys", :quiet => true
49
- @node.rm "~#{user}/.ssh/authorized_keys", :indent => 2
50
- end
36
+ authorized_keys
37
+ end
38
+
39
+ # deploy the authorized_keys file for this user
40
+ # creating user if not existent
41
+ def deploy_authorized_keys user, authorized_keys
42
+ # create user, if not existent
43
+ next unless @node.create_user user
44
+
45
+ # check and create necessary directories
46
+ next unless @node.mkdir("~#{user}/.ssh")
47
+
48
+ # deploy authorized_keys
49
+ next unless @node.write "~#{user}/.ssh/authorized_keys", authorized_keys
50
+
51
+ # check permissions
52
+ @node.chown "#{user}:#{user}", "~#{user}/.ssh"
53
+ @node.chmod '0644', "~#{user}/.ssh/authorized_keys"
54
+ end
55
+
56
+ # remove authorized_keys files for all other users
57
+ # TODO: add this option
58
+ def cleanup
59
+ if options.cleanup?
60
+ ::Dust.print_msg "deleting other authorized_keys files\n"
61
+ @node.get_system_users(:quiet => true).each do |user|
62
+ next if users.keys.include? user
63
+ if @node.file_exists? "~#{user}/.ssh/authorized_keys", :quiet => true
64
+ @node.rm "~#{user}/.ssh/authorized_keys", :indent => 2
51
65
  end
52
66
  end
53
-
54
- puts
55
67
  end
56
68
  end
57
69
  end
@@ -34,6 +34,7 @@ class Sshd < Recipe
34
34
  end
35
35
 
36
36
  def generate_default_config
37
+ @config.boolean_to_string!
37
38
  @config = default_config.merge @config
38
39
 
39
40
  unless @config['sftp']
@@ -45,6 +46,10 @@ class Sshd < Recipe
45
46
  @config['SyslogFacility'] ||= 'AUTHPRIV'
46
47
  @config['GSSAPIAuthentication'] ||= 'yes'
47
48
  end
49
+
50
+ if @node.uses_apt?
51
+ @config['PrintMotd'] ||= 'no'
52
+ end
48
53
  end
49
54
 
50
55
  def apply_configuration
data/lib/dust/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Dust
2
- VERSION = "0.4.3"
2
+ VERSION = "0.4.4"
3
3
  end
metadata CHANGED
@@ -5,8 +5,8 @@ version: !ruby/object:Gem::Version
5
5
  segments:
6
6
  - 0
7
7
  - 4
8
- - 3
9
- version: 0.4.3
8
+ - 4
9
+ version: 0.4.4
10
10
  platform: ruby
11
11
  authors:
12
12
  - kris kechagia
@@ -14,7 +14,7 @@ autorequire:
14
14
  bindir: bin
15
15
  cert_chain: []
16
16
 
17
- date: 2012-01-19 00:00:00 +01:00
17
+ date: 2012-01-20 00:00:00 +01:00
18
18
  default_executable:
19
19
  dependencies:
20
20
  - !ruby/object:Gem::Dependency