foreman_maintain 1.1.1 → 1.1.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/definitions/features/foreman_database.rb +7 -1
- data/definitions/features/installer.rb +3 -1
- data/definitions/features/nftables.rb +5 -3
- data/definitions/features/puppet_server.rb +0 -2
- data/definitions/procedures/backup/config_files.rb +25 -10
- data/definitions/procedures/backup/metadata.rb +11 -7
- data/definitions/procedures/backup/offline/foreman_db.rb +30 -9
- data/definitions/procedures/backup/online/safety_confirmation.rb +1 -1
- data/definitions/procedures/content/prepare.rb +1 -0
- data/definitions/procedures/content/switchover.rb +1 -0
- data/definitions/procedures/foreman/apipie_cache.rb +1 -1
- data/definitions/procedures/installer/run_for_6_11.rb +52 -0
- data/definitions/procedures/maintenance_mode/disable_maintenance_mode.rb +2 -1
- data/definitions/procedures/maintenance_mode/enable_maintenance_mode.rb +1 -30
- data/definitions/procedures/packages/update.rb +3 -1
- data/definitions/procedures/restore/extract_files.rb +4 -0
- data/definitions/procedures/selinux/set_file_security.rb +3 -0
- data/definitions/scenarios/backup.rb +10 -0
- data/definitions/scenarios/packages.rb +2 -2
- data/definitions/scenarios/puppet.rb +3 -0
- data/definitions/scenarios/self_upgrade.rb +14 -61
- data/definitions/scenarios/upgrade_to_capsule_6_12.rb +90 -0
- data/definitions/scenarios/upgrade_to_capsule_6_12_z.rb +90 -0
- data/definitions/scenarios/upgrade_to_satellite_6_11.rb +1 -1
- data/definitions/scenarios/upgrade_to_satellite_6_12.rb +92 -0
- data/definitions/scenarios/upgrade_to_satellite_6_12_z.rb +91 -0
- data/lib/foreman_maintain/cli/packages_command.rb +26 -7
- data/lib/foreman_maintain/cli/self_upgrade_command.rb +1 -7
- data/lib/foreman_maintain/concerns/base_database.rb +31 -3
- data/lib/foreman_maintain/concerns/downstream.rb +2 -3
- data/lib/foreman_maintain/concerns/firewall/maintenance_mode.rb +31 -0
- data/lib/foreman_maintain/concerns/firewall/nftables_maintenance_mode.rb +3 -3
- data/lib/foreman_maintain/concerns/metadata.rb +4 -0
- data/lib/foreman_maintain/concerns/os_facts.rb +26 -2
- data/lib/foreman_maintain/concerns/system_helpers.rb +18 -10
- data/lib/foreman_maintain/package_manager/apt.rb +71 -0
- data/lib/foreman_maintain/package_manager/yum.rb +8 -4
- data/lib/foreman_maintain/package_manager.rb +6 -4
- data/lib/foreman_maintain/reporter/cli_reporter.rb +24 -6
- data/lib/foreman_maintain/repository_manager/el.rb +15 -4
- data/lib/foreman_maintain/repository_manager.rb +1 -1
- data/lib/foreman_maintain/version.rb +1 -1
- data/lib/foreman_maintain.rb +1 -0
- metadata +9 -7
- data/bin/passenger-recycler +0 -89
- data/config/passenger-recycler.yaml +0 -38
- data/definitions/procedures/passenger_recycler.rb +0 -14
- data/extras/passenger-recycler.cron +0 -3
@@ -0,0 +1,90 @@
|
|
1
|
+
module Scenarios::Capsule_6_12_z
|
2
|
+
class Abstract < ForemanMaintain::Scenario
|
3
|
+
def self.upgrade_metadata(&block)
|
4
|
+
metadata do
|
5
|
+
tags :upgrade_scenario
|
6
|
+
confine do
|
7
|
+
feature(:capsule) &&
|
8
|
+
(feature(:capsule).current_minor_version == '6.12' || \
|
9
|
+
ForemanMaintain.upgrade_in_progress == '6.12.z')
|
10
|
+
end
|
11
|
+
instance_eval(&block)
|
12
|
+
end
|
13
|
+
end
|
14
|
+
|
15
|
+
def target_version
|
16
|
+
'6.12.z'
|
17
|
+
end
|
18
|
+
end
|
19
|
+
|
20
|
+
class PreUpgradeCheck < Abstract
|
21
|
+
upgrade_metadata do
|
22
|
+
description 'Checks before upgrading to Capsule 6.12.z'
|
23
|
+
tags :pre_upgrade_checks
|
24
|
+
run_strategy :fail_slow
|
25
|
+
end
|
26
|
+
|
27
|
+
def compose
|
28
|
+
add_steps(find_checks(:default))
|
29
|
+
add_steps(find_checks(:pre_upgrade))
|
30
|
+
add_step(Checks::Foreman::CheckpointSegments)
|
31
|
+
add_step(Checks::Repositories::Validate.new(:version => '6.12'))
|
32
|
+
end
|
33
|
+
end
|
34
|
+
|
35
|
+
class PreMigrations < Abstract
|
36
|
+
upgrade_metadata do
|
37
|
+
description 'Procedures before migrating to Capsule 6.12.z'
|
38
|
+
tags :pre_migrations
|
39
|
+
end
|
40
|
+
|
41
|
+
def compose
|
42
|
+
add_steps(find_procedures(:pre_migrations))
|
43
|
+
add_step(Procedures::Service::Stop.new)
|
44
|
+
end
|
45
|
+
end
|
46
|
+
|
47
|
+
class Migrations < Abstract
|
48
|
+
upgrade_metadata do
|
49
|
+
description 'Migration scripts to Capsule 6.12.z'
|
50
|
+
tags :migrations
|
51
|
+
end
|
52
|
+
|
53
|
+
def set_context_mapping
|
54
|
+
context.map(:assumeyes, Procedures::Installer::Upgrade => :assumeyes)
|
55
|
+
end
|
56
|
+
|
57
|
+
def compose
|
58
|
+
add_step(Procedures::Repositories::Setup.new(:version => '6.12'))
|
59
|
+
add_step(Procedures::Packages::UnlockVersions.new)
|
60
|
+
add_step(Procedures::Packages::Update.new(:assumeyes => true))
|
61
|
+
add_step_with_context(Procedures::Installer::Upgrade)
|
62
|
+
end
|
63
|
+
end
|
64
|
+
|
65
|
+
class PostMigrations < Abstract
|
66
|
+
upgrade_metadata do
|
67
|
+
description 'Procedures after migrating to Capsule 6.12.z'
|
68
|
+
tags :post_migrations
|
69
|
+
end
|
70
|
+
|
71
|
+
def compose
|
72
|
+
add_step(Procedures::RefreshFeatures)
|
73
|
+
add_step(Procedures::Service::Start.new)
|
74
|
+
add_steps(find_procedures(:post_migrations))
|
75
|
+
end
|
76
|
+
end
|
77
|
+
|
78
|
+
class PostUpgradeChecks < Abstract
|
79
|
+
upgrade_metadata do
|
80
|
+
description 'Checks after upgrading to Capsule 6.12.z'
|
81
|
+
tags :post_upgrade_checks
|
82
|
+
run_strategy :fail_slow
|
83
|
+
end
|
84
|
+
|
85
|
+
def compose
|
86
|
+
add_steps(find_checks(:default))
|
87
|
+
add_steps(find_checks(:post_upgrade))
|
88
|
+
end
|
89
|
+
end
|
90
|
+
end
|
@@ -61,7 +61,7 @@ module Scenarios::Satellite_6_11
|
|
61
61
|
add_step(Procedures::Repositories::Setup.new(:version => '6.11'))
|
62
62
|
add_step(Procedures::Packages::UnlockVersions.new)
|
63
63
|
add_step(Procedures::Packages::Update.new(:assumeyes => true))
|
64
|
-
add_step_with_context(Procedures::Installer::
|
64
|
+
add_step_with_context(Procedures::Installer::RunFor6_11)
|
65
65
|
add_step(Procedures::Installer::UpgradeRakeTask)
|
66
66
|
end
|
67
67
|
end
|
@@ -0,0 +1,92 @@
|
|
1
|
+
module Scenarios::Satellite_6_12
|
2
|
+
class Abstract < ForemanMaintain::Scenario
|
3
|
+
def self.upgrade_metadata(&block)
|
4
|
+
metadata do
|
5
|
+
tags :upgrade_scenario
|
6
|
+
confine do
|
7
|
+
feature(:satellite) &&
|
8
|
+
(feature(:satellite).current_minor_version == '6.11' || \
|
9
|
+
ForemanMaintain.upgrade_in_progress == '6.12')
|
10
|
+
end
|
11
|
+
instance_eval(&block)
|
12
|
+
end
|
13
|
+
end
|
14
|
+
|
15
|
+
def target_version
|
16
|
+
'6.12'
|
17
|
+
end
|
18
|
+
end
|
19
|
+
|
20
|
+
class PreUpgradeCheck < Abstract
|
21
|
+
upgrade_metadata do
|
22
|
+
description 'Checks before upgrading to Satellite 6.12'
|
23
|
+
tags :pre_upgrade_checks
|
24
|
+
run_strategy :fail_slow
|
25
|
+
end
|
26
|
+
|
27
|
+
def compose
|
28
|
+
add_steps(find_checks(:default))
|
29
|
+
add_steps(find_checks(:pre_upgrade))
|
30
|
+
add_step(Checks::Foreman::CheckpointSegments)
|
31
|
+
add_step(Checks::Repositories::Validate.new(:version => '6.12'))
|
32
|
+
end
|
33
|
+
end
|
34
|
+
|
35
|
+
class PreMigrations < Abstract
|
36
|
+
upgrade_metadata do
|
37
|
+
description 'Procedures before migrating to Satellite 6.12'
|
38
|
+
tags :pre_migrations
|
39
|
+
end
|
40
|
+
|
41
|
+
def compose
|
42
|
+
add_steps(find_procedures(:pre_migrations))
|
43
|
+
add_step(Procedures::Service::Stop.new)
|
44
|
+
end
|
45
|
+
end
|
46
|
+
|
47
|
+
class Migrations < Abstract
|
48
|
+
upgrade_metadata do
|
49
|
+
description 'Migration scripts to Satellite 6.12'
|
50
|
+
tags :migrations
|
51
|
+
run_strategy :fail_fast
|
52
|
+
end
|
53
|
+
|
54
|
+
def set_context_mapping
|
55
|
+
context.map(:assumeyes, Procedures::Installer::Upgrade => :assumeyes)
|
56
|
+
end
|
57
|
+
|
58
|
+
def compose
|
59
|
+
add_step(Procedures::Repositories::Setup.new(:version => '6.12'))
|
60
|
+
add_step(Procedures::Packages::UnlockVersions.new)
|
61
|
+
add_step(Procedures::Packages::Update.new(:assumeyes => true))
|
62
|
+
add_step_with_context(Procedures::Installer::Upgrade)
|
63
|
+
add_step(Procedures::Installer::UpgradeRakeTask)
|
64
|
+
end
|
65
|
+
end
|
66
|
+
|
67
|
+
class PostMigrations < Abstract
|
68
|
+
upgrade_metadata do
|
69
|
+
description 'Procedures after migrating to Satellite 6.12'
|
70
|
+
tags :post_migrations
|
71
|
+
end
|
72
|
+
|
73
|
+
def compose
|
74
|
+
add_step(Procedures::RefreshFeatures)
|
75
|
+
add_step(Procedures::Service::Start.new)
|
76
|
+
add_steps(find_procedures(:post_migrations))
|
77
|
+
end
|
78
|
+
end
|
79
|
+
|
80
|
+
class PostUpgradeChecks < Abstract
|
81
|
+
upgrade_metadata do
|
82
|
+
description 'Checks after upgrading to Satellite 6.12'
|
83
|
+
tags :post_upgrade_checks
|
84
|
+
run_strategy :fail_slow
|
85
|
+
end
|
86
|
+
|
87
|
+
def compose
|
88
|
+
add_steps(find_checks(:default))
|
89
|
+
add_steps(find_checks(:post_upgrade))
|
90
|
+
end
|
91
|
+
end
|
92
|
+
end
|
@@ -0,0 +1,91 @@
|
|
1
|
+
module Scenarios::Satellite_6_12_z
|
2
|
+
class Abstract < ForemanMaintain::Scenario
|
3
|
+
def self.upgrade_metadata(&block)
|
4
|
+
metadata do
|
5
|
+
tags :upgrade_scenario
|
6
|
+
confine do
|
7
|
+
feature(:satellite) &&
|
8
|
+
(feature(:satellite).current_minor_version == '6.12' || \
|
9
|
+
ForemanMaintain.upgrade_in_progress == '6.12.z')
|
10
|
+
end
|
11
|
+
instance_eval(&block)
|
12
|
+
end
|
13
|
+
end
|
14
|
+
|
15
|
+
def target_version
|
16
|
+
'6.12.z'
|
17
|
+
end
|
18
|
+
end
|
19
|
+
|
20
|
+
class PreUpgradeCheck < Abstract
|
21
|
+
upgrade_metadata do
|
22
|
+
description 'Checks before upgrading to Satellite 6.12.z'
|
23
|
+
tags :pre_upgrade_checks
|
24
|
+
run_strategy :fail_slow
|
25
|
+
end
|
26
|
+
|
27
|
+
def compose
|
28
|
+
add_steps(find_checks(:default))
|
29
|
+
add_steps(find_checks(:pre_upgrade))
|
30
|
+
add_step(Checks::Foreman::CheckpointSegments)
|
31
|
+
add_step(Checks::Repositories::Validate.new(:version => '6.12'))
|
32
|
+
end
|
33
|
+
end
|
34
|
+
|
35
|
+
class PreMigrations < Abstract
|
36
|
+
upgrade_metadata do
|
37
|
+
description 'Procedures before migrating to Satellite 6.12.z'
|
38
|
+
tags :pre_migrations
|
39
|
+
end
|
40
|
+
|
41
|
+
def compose
|
42
|
+
add_steps(find_procedures(:pre_migrations))
|
43
|
+
add_step(Procedures::Service::Stop.new)
|
44
|
+
end
|
45
|
+
end
|
46
|
+
|
47
|
+
class Migrations < Abstract
|
48
|
+
upgrade_metadata do
|
49
|
+
description 'Migration scripts to Satellite 6.12.z'
|
50
|
+
tags :migrations
|
51
|
+
end
|
52
|
+
|
53
|
+
def set_context_mapping
|
54
|
+
context.map(:assumeyes, Procedures::Installer::Upgrade => :assumeyes)
|
55
|
+
end
|
56
|
+
|
57
|
+
def compose
|
58
|
+
add_step(Procedures::Repositories::Setup.new(:version => '6.12'))
|
59
|
+
add_step(Procedures::Packages::UnlockVersions.new)
|
60
|
+
add_step(Procedures::Packages::Update.new(:assumeyes => true))
|
61
|
+
add_step_with_context(Procedures::Installer::Upgrade)
|
62
|
+
add_step(Procedures::Installer::UpgradeRakeTask)
|
63
|
+
end
|
64
|
+
end
|
65
|
+
|
66
|
+
class PostMigrations < Abstract
|
67
|
+
upgrade_metadata do
|
68
|
+
description 'Procedures after migrating to Satellite 6.12.z'
|
69
|
+
tags :post_migrations
|
70
|
+
end
|
71
|
+
|
72
|
+
def compose
|
73
|
+
add_step(Procedures::RefreshFeatures)
|
74
|
+
add_step(Procedures::Service::Start.new)
|
75
|
+
add_steps(find_procedures(:post_migrations))
|
76
|
+
end
|
77
|
+
end
|
78
|
+
|
79
|
+
class PostUpgradeChecks < Abstract
|
80
|
+
upgrade_metadata do
|
81
|
+
description 'Checks after upgrading to Satellite 6.12.z'
|
82
|
+
tags :post_upgrade_checks
|
83
|
+
run_strategy :fail_slow
|
84
|
+
end
|
85
|
+
|
86
|
+
def compose
|
87
|
+
add_steps(find_checks(:default))
|
88
|
+
add_steps(find_checks(:post_upgrade))
|
89
|
+
end
|
90
|
+
end
|
91
|
+
end
|
@@ -2,23 +2,32 @@ module ForemanMaintain
|
|
2
2
|
module Cli
|
3
3
|
class PackagesCommand < Base
|
4
4
|
subcommand 'lock', 'Prevent packages from automatic update' do
|
5
|
+
# This command is not implemented for Debian based operating systems
|
5
6
|
interactive_option(['assumeyes'])
|
6
7
|
def execute
|
7
|
-
|
8
|
+
run_scenario_or_rescue do
|
9
|
+
run_scenarios_and_exit(Scenarios::Packages::Lock.new)
|
10
|
+
end
|
8
11
|
end
|
9
12
|
end
|
10
13
|
|
11
14
|
subcommand 'unlock', 'Enable packages for automatic update' do
|
15
|
+
# This command is not implemented for Debian based operating systems
|
12
16
|
interactive_option(['assumeyes'])
|
13
17
|
def execute
|
14
|
-
|
18
|
+
run_scenario_or_rescue do
|
19
|
+
run_scenarios_and_exit(Scenarios::Packages::Unlock.new)
|
20
|
+
end
|
15
21
|
end
|
16
22
|
end
|
17
23
|
|
18
24
|
subcommand 'status', 'Check if packages are protected against update' do
|
25
|
+
# This command is not implemented for Debian based operating systems
|
19
26
|
interactive_option(['assumeyes'])
|
20
27
|
def execute
|
21
|
-
|
28
|
+
run_scenario_or_rescue do
|
29
|
+
run_scenarios_and_exit(Scenarios::Packages::Status.new)
|
30
|
+
end
|
22
31
|
end
|
23
32
|
end
|
24
33
|
|
@@ -58,14 +67,24 @@ module ForemanMaintain
|
|
58
67
|
end
|
59
68
|
|
60
69
|
subcommand 'is-locked', 'Check if update of packages is allowed' do
|
70
|
+
# This command is not implemented for Debian based operating systems
|
61
71
|
interactive_option(['assumeyes'])
|
62
72
|
def execute
|
63
|
-
|
64
|
-
|
65
|
-
|
66
|
-
|
73
|
+
run_scenario_or_rescue do
|
74
|
+
locked = ForemanMaintain.package_manager.versions_locked?
|
75
|
+
puts "Packages are#{locked ? '' : ' not'} locked"
|
76
|
+
exit_code = locked ? 0 : 1
|
77
|
+
exit exit_code
|
78
|
+
end
|
67
79
|
end
|
68
80
|
end
|
81
|
+
|
82
|
+
def run_scenario_or_rescue
|
83
|
+
yield
|
84
|
+
rescue NotImplementedError
|
85
|
+
puts 'Command is not implemented for Debian based operating systems!'
|
86
|
+
exit 0
|
87
|
+
end
|
69
88
|
end
|
70
89
|
end
|
71
90
|
end
|
@@ -5,7 +5,7 @@ module ForemanMaintain
|
|
5
5
|
'Repository label from which packages should be updated.'\
|
6
6
|
'This can be used when standard CDN repositories are unavailable.'
|
7
7
|
def execute
|
8
|
-
run_scenario(upgrade_scenario
|
8
|
+
run_scenario(upgrade_scenario)
|
9
9
|
end
|
10
10
|
|
11
11
|
def upgrade_scenario
|
@@ -13,12 +13,6 @@ module ForemanMaintain
|
|
13
13
|
maintenance_repo_label: maintenance_repo_label
|
14
14
|
)
|
15
15
|
end
|
16
|
-
|
17
|
-
def upgrade_rescue_scenario
|
18
|
-
Scenarios::SelfUpgradeRescue.new(
|
19
|
-
maintenance_repo_label: maintenance_repo_label
|
20
|
-
)
|
21
|
-
end
|
22
16
|
end
|
23
17
|
end
|
24
18
|
end
|
@@ -4,13 +4,39 @@ module ForemanMaintain
|
|
4
4
|
def data_dir
|
5
5
|
if el7? && package_manager.installed?('rh-postgresql12-postgresql-server-syspaths')
|
6
6
|
'/var/opt/rh/rh-postgresql12/lib/pgsql/data/'
|
7
|
+
elsif debian_or_ubuntu?
|
8
|
+
deb_postgresql_data_dir
|
7
9
|
else
|
8
10
|
'/var/lib/pgsql/data/'
|
9
11
|
end
|
10
12
|
end
|
11
13
|
|
14
|
+
def deb_postgresql_data_dir
|
15
|
+
deb_postgresql_versions.map do |ver|
|
16
|
+
"/var/lib/postgresql/#{ver}/main/"
|
17
|
+
end
|
18
|
+
end
|
19
|
+
|
20
|
+
def deb_postgresql_versions
|
21
|
+
installed_pkgs = package_manager.list_installed_packages('${binary:Package}\n')
|
22
|
+
@deb_postgresql_versions ||= installed_pkgs.grep(/^postgresql-\d+$/).map do |name|
|
23
|
+
name.split('-').last
|
24
|
+
end
|
25
|
+
@deb_postgresql_versions
|
26
|
+
end
|
27
|
+
|
12
28
|
def postgresql_conf
|
13
|
-
"#{data_dir}/postgresql.conf"
|
29
|
+
return "#{data_dir}/postgresql.conf" if el?
|
30
|
+
|
31
|
+
deb_postgresql_config_dirs.map do |conf_dir|
|
32
|
+
"#{conf_dir}postgresql.conf"
|
33
|
+
end
|
34
|
+
end
|
35
|
+
|
36
|
+
def deb_postgresql_config_dirs
|
37
|
+
deb_postgresql_versions.map do |ver|
|
38
|
+
"/etc/postgresql/#{ver}/main/"
|
39
|
+
end
|
14
40
|
end
|
15
41
|
|
16
42
|
def restore_transform
|
@@ -89,11 +115,13 @@ module ForemanMaintain
|
|
89
115
|
|
90
116
|
def backup_local(backup_file, extra_tar_options = {})
|
91
117
|
dir = extra_tar_options.fetch(:data_dir, data_dir)
|
118
|
+
command = extra_tar_options.fetch(:command, 'create')
|
119
|
+
|
92
120
|
FileUtils.cd(dir) do
|
93
121
|
tar_options = {
|
94
122
|
:archive => backup_file,
|
95
|
-
:command =>
|
96
|
-
:transform => "s,^,#{
|
123
|
+
:command => command,
|
124
|
+
:transform => "s,^,#{dir[1..-1]},S",
|
97
125
|
:files => '*'
|
98
126
|
}.merge(extra_tar_options)
|
99
127
|
feature(:tar).run(tar_options)
|
@@ -66,7 +66,8 @@ module ForemanMaintain
|
|
66
66
|
server_version_full = "#{server_version.major}.#{server_version.minor}"
|
67
67
|
rh_repos.concat(product_specific_repos(server_version_full))
|
68
68
|
if server_version > version('6.3')
|
69
|
-
|
69
|
+
ansible_repo = ansible_repo(server_version)
|
70
|
+
rh_repos << ansible_repo if ansible_repo
|
70
71
|
end
|
71
72
|
|
72
73
|
rh_repos
|
@@ -83,8 +84,6 @@ module ForemanMaintain
|
|
83
84
|
|
84
85
|
if el7?
|
85
86
|
"rhel-#{el_major_version}-server-ansible-#{ansible_version}-rpms"
|
86
|
-
else
|
87
|
-
"ansible-#{ansible_version}-for-rhel-#{el_major_version}-x86_64-rpms"
|
88
87
|
end
|
89
88
|
end
|
90
89
|
|
@@ -0,0 +1,31 @@
|
|
1
|
+
module ForemanMaintain
|
2
|
+
module Concerns
|
3
|
+
module Firewall
|
4
|
+
module MaintenanceMode
|
5
|
+
def notify_and_ask_to_install_firewall_utility
|
6
|
+
puts 'Unable to find nftables or iptables!'
|
7
|
+
question, pkg = question_and_pkg_name
|
8
|
+
answer = ask_decision(question, actions_msg: 'y(yes), q(quit)')
|
9
|
+
if answer == :yes
|
10
|
+
packages_action(:install, pkg)
|
11
|
+
feature(:instance).firewall.enable_maintenance_mode
|
12
|
+
end
|
13
|
+
end
|
14
|
+
|
15
|
+
def can_install_nft?
|
16
|
+
# The nftables is default from EL8 and Debian 10(Buster)
|
17
|
+
(el? && el_major_version >= 8) ||
|
18
|
+
(debian? && deb_major_version >= 10) ||
|
19
|
+
(ubuntu? && ubuntu_major_version.to_i >= 22)
|
20
|
+
end
|
21
|
+
|
22
|
+
def question_and_pkg_name
|
23
|
+
pkg_to_install = can_install_nft? ? 'nftables' : 'iptables'
|
24
|
+
question = "Do you want to install missing netfilter utility #{pkg_to_install}?"\
|
25
|
+
"\nand start maintenance mode?"
|
26
|
+
[question, [pkg_to_install]]
|
27
|
+
end
|
28
|
+
end
|
29
|
+
end
|
30
|
+
end
|
31
|
+
end
|
@@ -10,7 +10,7 @@ module ForemanMaintain
|
|
10
10
|
unless table_exist?
|
11
11
|
add_table
|
12
12
|
add_chain(:chain_options => nftables_chain_options)
|
13
|
-
|
13
|
+
add_rules(rules: nftables_rules)
|
14
14
|
end
|
15
15
|
end
|
16
16
|
|
@@ -22,8 +22,8 @@ module ForemanMaintain
|
|
22
22
|
'{type filter hook input priority 0\\;}'
|
23
23
|
end
|
24
24
|
|
25
|
-
def
|
26
|
-
'tcp dport
|
25
|
+
def nftables_rules
|
26
|
+
['iifname "lo" accept', 'tcp dport 443 reject']
|
27
27
|
end
|
28
28
|
|
29
29
|
def status_for_maintenance_mode
|
@@ -100,6 +100,10 @@ module ForemanMaintain
|
|
100
100
|
@data[:advanced_run] = advanced_run
|
101
101
|
end
|
102
102
|
|
103
|
+
def do_not_whitelist
|
104
|
+
@data[:do_not_whitelist] = true
|
105
|
+
end
|
106
|
+
|
103
107
|
def self.eval_dsl(metadata, &block)
|
104
108
|
new(metadata).tap do |dsl|
|
105
109
|
dsl.instance_eval(&block)
|
@@ -46,12 +46,20 @@ module ForemanMaintain
|
|
46
46
|
facts.fetch('ID_LIKE', '').split
|
47
47
|
end
|
48
48
|
|
49
|
+
def os_name
|
50
|
+
facts.fetch('NAME')
|
51
|
+
end
|
52
|
+
|
49
53
|
def el?
|
50
54
|
File.exist?('/etc/redhat-release')
|
51
55
|
end
|
52
56
|
|
53
57
|
def debian?
|
54
|
-
|
58
|
+
os_id == 'debian'
|
59
|
+
end
|
60
|
+
|
61
|
+
def ubuntu?
|
62
|
+
os_id == 'ubuntu'
|
55
63
|
end
|
56
64
|
|
57
65
|
def el7?
|
@@ -63,7 +71,23 @@ module ForemanMaintain
|
|
63
71
|
end
|
64
72
|
|
65
73
|
def el_major_version
|
66
|
-
|
74
|
+
os_version_id.to_i if el?
|
75
|
+
end
|
76
|
+
|
77
|
+
def deb_major_version
|
78
|
+
os_version_id.to_i if debian?
|
79
|
+
end
|
80
|
+
|
81
|
+
def ubuntu_major_version
|
82
|
+
os_version_id if ubuntu?
|
83
|
+
end
|
84
|
+
|
85
|
+
def debian_or_ubuntu?
|
86
|
+
debian? || ubuntu?
|
87
|
+
end
|
88
|
+
|
89
|
+
def os_version
|
90
|
+
facts.fetch('VERSION')
|
67
91
|
end
|
68
92
|
end
|
69
93
|
end
|
@@ -100,12 +100,13 @@ module ForemanMaintain
|
|
100
100
|
end
|
101
101
|
|
102
102
|
def packages_action(action, packages, options = {})
|
103
|
-
options.validate_options!(:assumeyes)
|
103
|
+
options.validate_options!(:assumeyes, :yum_options)
|
104
104
|
case action
|
105
105
|
when :install
|
106
106
|
package_manager.install(packages, :assumeyes => options[:assumeyes])
|
107
107
|
when :update
|
108
|
-
package_manager.update(packages, :assumeyes => options[:assumeyes]
|
108
|
+
package_manager.update(packages, :assumeyes => options[:assumeyes],
|
109
|
+
:yum_options => options[:yum_options])
|
109
110
|
when :remove
|
110
111
|
package_manager.remove(packages, :assumeyes => options[:assumeyes])
|
111
112
|
else
|
@@ -114,8 +115,12 @@ module ForemanMaintain
|
|
114
115
|
end
|
115
116
|
|
116
117
|
def package_version(name)
|
117
|
-
|
118
|
-
|
118
|
+
ver = if el?
|
119
|
+
'%{VERSION}'
|
120
|
+
elsif debian_or_ubuntu?
|
121
|
+
'${VERSION}'
|
122
|
+
end
|
123
|
+
pkg = package_manager.find_installed_package(name, ver)
|
119
124
|
version(pkg) unless pkg.nil?
|
120
125
|
end
|
121
126
|
|
@@ -138,6 +143,9 @@ module ForemanMaintain
|
|
138
143
|
end
|
139
144
|
|
140
145
|
def version(value)
|
146
|
+
# packages versions, especially on Debian, sometimes include a + or a ~,
|
147
|
+
# but Gem::Version can't handle that.
|
148
|
+
value.gsub!(/[+~]/, '-')
|
141
149
|
Version.new(value)
|
142
150
|
end
|
143
151
|
|
@@ -184,7 +192,7 @@ module ForemanMaintain
|
|
184
192
|
end
|
185
193
|
|
186
194
|
def ruby_prefix(scl = true)
|
187
|
-
if
|
195
|
+
if debian_or_ubuntu?
|
188
196
|
'ruby-'
|
189
197
|
elsif el7? && scl
|
190
198
|
'tfm-rubygem-'
|
@@ -194,12 +202,12 @@ module ForemanMaintain
|
|
194
202
|
end
|
195
203
|
|
196
204
|
def foreman_plugin_name(plugin)
|
197
|
-
plugin = plugin.tr('_', '-') if
|
205
|
+
plugin = plugin.tr('_', '-') if debian_or_ubuntu?
|
198
206
|
ruby_prefix + plugin
|
199
207
|
end
|
200
208
|
|
201
209
|
def proxy_plugin_name(plugin)
|
202
|
-
if
|
210
|
+
if debian_or_ubuntu?
|
203
211
|
plugin = plugin.tr('_', '-')
|
204
212
|
proxy_plugin_prefix = 'smart-proxy-'
|
205
213
|
else
|
@@ -210,12 +218,12 @@ module ForemanMaintain
|
|
210
218
|
end
|
211
219
|
|
212
220
|
def hammer_plugin_name(plugin)
|
213
|
-
plugin = plugin.tr('_', '-') if
|
214
|
-
[hammer_package, plugin].join(
|
221
|
+
plugin = plugin.tr('_', '-') if debian_or_ubuntu?
|
222
|
+
[hammer_package, plugin].join(debian_or_ubuntu? ? '-' : '_')
|
215
223
|
end
|
216
224
|
|
217
225
|
def hammer_package
|
218
|
-
hammer_prefix = if
|
226
|
+
hammer_prefix = if debian_or_ubuntu?
|
219
227
|
'hammer-cli'
|
220
228
|
else
|
221
229
|
'hammer_cli'
|