gluez 0.3 → 0.4

data/lib/gluez/context.rb

@@ -8,16 +8,22 @@ module Gluez
     attr_reader :resources
     
     # A reference to the outer context
-    attr_reader :parent
+    attr_reader :parent, :included_user_contexts
     
-    def initialize(parent=nil, name=nil, &block)
+    def initialize(parent=nil, name=nil, user=nil, &block)
       @parent = parent
       @name = name
+      @user = user
       
       @resources = []
       @properties = {}
       
+      @included_user_contexts = []
+      
       $gluez = self
+      
+      self.include_user! "root" if self == self.root
+      
       instance_eval(&block) if block
       
       if self.root == self
@@ -32,6 +38,18 @@ module Gluez
       self.parent ? self.parent.root : self
     end
     
+    def user
+      if @user
+        @user
+      else
+        @parent ? @parent.user : nil
+      end
+    end
+    
+    def home_dir
+      self.user == "root" ? "/root" : "/home/#{self.user}"
+    end
+    
     def default(name, name2)
       unless @properties.key?(name)
         if name2.is_a?(Symbol)
@@ -64,18 +82,98 @@ module Gluez
       @properties[name]
     end
     
-    # Includes a recipe. A new context will be created. The passed block will be executed in the scope of the new context.
-    def include(name, &block)
-      Gluez::Context.new(self, name) do |c|
+    def include_library_recipe(library_dir, name, &block)
+      raise "include_recipe is only allowed in user context" if self == self.root
+      Gluez::Context.new(self, name, nil) do |c|
         c.instance_eval(&block) if block
-        load "#{File.dirname($0)}/recipes/#{name}/#{name}.rb"
+        load "#{library_dir}/recipes/#{name}/#{name}.rb"
+      end
+    end
+    
+    # Includes a recipe. A new context will be created. The passed block will be executed in the scope of the new context.
+    def include_recipe(name, &block)
+      self.include_library_recipe(File.dirname($0), name, &block)
+    end
+
+    def include_user!(name, &block)
+      self.include_user(name, true, &block)
+    end
+      
+    def include_user(name, failsafe=false, &block)
+      raise "include_user is only allowed in root context" unless self == self.root
+      Gluez::Context.new(self, name, name) do |c|
+        if block
+          c.instance_eval(&block) 
+        end
+        
+        c.root.included_user_contexts << c
+        
+        f = "#{File.dirname($0)}/users/#{name}.rb"
+        
+        if File.exist?(f)
+          load(f)
+        else
+          raise "could not find user context file #{f}" unless failsafe
+        end
+        
       end
     end
     
     # Loops through all resources, collect their generated code, format and return it.
     def generate(simulate)
       code = "#!/bin/bash"
+
+      root_user_context = @included_user_contexts.detect{|ctx| ctx.user == "root"}
+      raise "no root user context could be found" unless root_user_context
+      
+      user_contexts = @included_user_contexts - [root_user_context]
+
+      existing_resources = Array.new(@resources)
+
+      root_user_context.instance_eval do |ctx|
+        user_contexts.each do |user_ctx|
+          create_group(user_ctx.user) do
+            gid user_ctx.get(:uid)
+          end
+        
+          create_user(user_ctx.user) do
+            uid user_ctx.get(:uid)
+            gid user_ctx.get(:uid)
+          end
+          
+          ['.gluez', '.gluez/path', 'tmp', 'backup', 'bin', '.ssh'].each do |dir_name|
+            dir(dir_name) do
+              as_user user_ctx.user
+            end
+          end
+          
+          if user_ctx.get(:authorized_keys)
+            transfer "~/.ssh/authorized_keys" do
+              as_user user_ctx.user
+              chmod 400
+              content user_ctx.get(:authorized_keys).join("\n")
+            end
+          end
             
+          transfer "~/.profile" do
+            as_user  user_ctx.user
+            chmod   644
+            content File.read("#{File.dirname(__FILE__)}/templates/profile.erb")
+          end
+          
+          if user_ctx.get(:sudo)
+            transfer "/etc/sudoers.d/#{user_ctx.user}" do
+              chmod 440
+              content "#{user_ctx.user} ALL=(ALL) NOPASSWD: ALL"
+            end
+          end
+          
+        end
+      end
+      
+      # sort resources to always create users/groups first
+      @resources = (@resources - existing_resources) + existing_resources
+      
       code += "\n" + @resources.collect do |res|
         res.generate(simulate).join("\n")
       end.join("\n")
@@ -84,19 +182,7 @@ module Gluez
         res.function_name
       end.join("\n")
       
-      code = Gluez::format(code)
-      
-      if Gluez.options.include?("--ssh")
-        code64 = Base64.encode64(code)
-
-        cmd = %(code=\\"#{code64.strip}\\" && echo \\\$code | base64 -i -d - | /bin/bash)
-        ssh = "ssh -t whale01 \"sudo su -l root -c '#{cmd}'\""
-        
-        puts ssh
-      else
-        puts code
-      end
-      
+      puts Gluez::format(code)
     end
     
     def self.load_resources

data/lib/gluez/resource.rb

@@ -35,18 +35,32 @@ module Gluez
       @name = name
       @steps = []
       
+      @as_user = nil
+      
       @notifies = []
       @subscriptions = []
       
       @mandatories = []
       @optionals = []
       
-      self.optional :user, :default => "root"
+      # self.optional :user, :default => "root"
       self.optional :lazy, :default => false
       
       self.accessor :setup
     end
     
+    def as_user(user)
+      @as_user = user
+    end
+    
+    def user
+      @as_user || @context.user
+    end
+    
+    def home_dir
+      self.user == "root" ? "/root" : "/home/#{self.user}"
+    end
+    
     def validate!
       @mandatories.each do |it|
         raise "no value for mandatory attribute #{it}" if self.send(it).nil?

data/lib/gluez/resources/{group.rb → create_group.rb}

@@ -1,4 +1,4 @@
-resource :group do
+resource :create_group do
   mandatory :gid
   
   ready!

data/lib/gluez/resources/{user.rb → create_user.rb}

@@ -1,4 +1,4 @@
-resource :user do
+resource :create_user do
   mandatory   :uid
   mandatory   :gid
 

data/lib/gluez/resources/path.rb

@@ -2,8 +2,8 @@ resource :path do
   ready!
   
   steps do |step|
-    link = self.name.gsub('/', '_').gsub('~', "/home/#{self.user}/.gluez/path/")
-    target = self.name.gsub('~', "/home/#{self.user}")
+    link = self.name.gsub('/', '_').gsub('~', "#{home_dir}/.gluez/path/")
+    target = self.name.gsub('~', home_dir)
     
     step.checks << "-L #{link}"
     step.checks << "\\$(ls -al #{link} | awk '{print \\$10}' | grep #{target} | wc -l) -eq 1"

data/lib/gluez/templates/profile.erb

@@ -0,0 +1,33 @@
+# ~/.profile: executed by the command interpreter for login shells.
+# This file is not read by bash(1), if ~/.bash_profile or ~/.bash_login
+# exists.
+# see /usr/share/doc/bash/examples/startup-files for examples.
+# the files are located in the bash-doc package.
+
+# the default umask is set in /etc/profile; for setting the umask
+# for ssh logins, install and configure the libpam-umask package.
+#umask 022
+
+# if running bash
+if [ -n "$BASH_VERSION" ]; then
+    # include .bashrc if it exists
+    if [ -f "$HOME/.bashrc" ]; then
+	    . "$HOME/.bashrc"
+    fi
+fi
+
+# set PATH so it includes user's private bin if it exists
+if [ -d "$HOME/bin" ] ; then
+    PATH="$HOME/bin:$PATH"
+fi
+
+if [ -d "$HOME/.gluez/path" ]; then
+  for entry in `ls $HOME/.gluez/path`; do
+    dir="$HOME/.gluez/path/$entry"
+    if [ -d "$dir" ]; then
+      PATH="${dir}:$PATH"
+    fi
+  done
+fi
+
+export PATH

data/lib/gluez.rb

@@ -5,6 +5,9 @@ class Object
   def recipe(&block)
     $gluez.instance_eval(&block)
   end
+  def user(&block)
+    $gluez.instance_eval(&block)
+  end
   def resource(name, &block)
     Gluez::Context.register(name.to_s.underscore, &block)
   end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: gluez
 version: !ruby/object:Gem::Version
-  version: '0.3'
+  version: '0.4'
   prerelease: 
 platform: ruby
 authors:
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2011-10-27 00:00:00.000000000Z
+date: 2011-11-30 00:00:00.000000000 Z
 dependencies: []
 description: a server configuration toolkit
 email: jan.zimmek@web.de
@@ -21,12 +21,13 @@ files:
 - lib/gluez/resource.rb
 - lib/gluez/resources/bash.rb
 - lib/gluez/resources/bash_once.rb
+- lib/gluez/resources/create_group.rb
+- lib/gluez/resources/create_user.rb
 - lib/gluez/resources/dir.rb
 - lib/gluez/resources/disable.rb
 - lib/gluez/resources/enable.rb
 - lib/gluez/resources/file.rb
 - lib/gluez/resources/gem.rb
-- lib/gluez/resources/group.rb
 - lib/gluez/resources/link.rb
 - lib/gluez/resources/mount.rb
 - lib/gluez/resources/package.rb
@@ -37,7 +38,7 @@ files:
 - lib/gluez/resources/stop.rb
 - lib/gluez/resources/transfer.rb
 - lib/gluez/resources/umount.rb
-- lib/gluez/resources/user.rb
+- lib/gluez/templates/profile.erb
 - lib/gluez.rb
 homepage: 
 licenses: []
@@ -59,7 +60,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 1.8.6
+rubygems_version: 1.8.10
 signing_key: 
 specification_version: 3
 summary: a system configuration toolkit