palletjack-tools 0.1.2

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 1698a81a8f10fd0ae9b078c077a157d62185388d
+  data.tar.gz: 8e00cb7db1fe2051f3ebe34e015f7285dff5cc07
+SHA512:
+  metadata.gz: 41a4e3b367d5f38d5b9514df1e6f8e01571046d46cd5d70ab38f1a4913c44fd9930986af3a4e72b1b9a9978b542a58e26cbe96947c2b39dd15b13505685fd17b
+  data.tar.gz: 1993440970282599886f25403198dc39c86e8f3128451f6a8d63dbef26f2b71b0e5be1b49051f3372ca09490b0dfbaccf72b49669cfbebafea1eda42d628197f

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in palletjack.gemspec
+gemspec

data/Rakefile

@@ -0,0 +1,6 @@
+require "bundler/gem_tasks"
+require "rspec/core/rake_task"
+
+RSpec::Core::RakeTask.new(:spec)
+
+task :default => :spec

data/exe/create_domain

@@ -0,0 +1,52 @@
+#!/usr/bin/env ruby
+
+# Create a domain and IPv4 network in a warehouse
+#
+# Data model assumptions:
+# - Each domain corresponds uniquely to one IPv4 network
+
+require 'palletjack/tool'
+
+class CreateDomain < PalletJack::Tool
+  def parse_options(opts)
+    opts.banner =
+"Usage: #{$PROGRAM_NAME} -w <warehouse> -d <domain> -n <IPv4 network>
+
+Create domain and ipv4_network objects in a warehouse"
+
+    opts.on('-d DOMAIN', '--domain DOMAIN', 'domain name', String) {|domain|
+      options[:domain] = domain }
+    opts.on('-n NETWORK', '--network NETWORK',
+            'IPv4 network, in CIDR format', String) {|network|
+      options[:network] = network.gsub(/\//, '_') }
+
+    required_option :domain
+    required_option :network
+  end
+end
+
+CreateDomain.run do
+
+  # Create the IPv4 Network object
+
+  pallet_dir 'ipv4_network', :network
+  pallet_box 'ipv4_network', :network, 'dhcp' do
+    { net:{ dhcp:{ 'tftp-server' => '', 'boot-file' => '' } } }
+  end
+  pallet_box 'ipv4_network', :network, 'identity' do
+    { net:{ ipv4:{ gateway:'' },
+            dns:{ resolver:[''] } } }
+  end
+
+  # Create the DNS domain object
+
+  pallet_dir 'domain', :domain
+  pallet_box 'domain', :domain, 'dns' do
+    { net:{ dns:{ ns:[''], 'soa-ns' => '', 'soa-contact' => '' } } }
+  end
+  pallet_box 'domain', :domain, 'services' do
+    { net:{ service:{ syslog:[{address:'', port:'514', protocol:'udp' } ] } } }
+  end
+  pallet_links 'domain', :domain, 'ipv4_network' => ['ipv4_network', :network]
+
+end

data/exe/create_ipv4_interface

@@ -0,0 +1,51 @@
+#!/usr/bin/env ruby
+
+# Create a physical and logical IPv4 network interface in a warehouse
+
+require 'palletjack/tool'
+
+class CreateIPv4Interface < PalletJack::Tool
+  def parse_options(opts)
+    opts.banner =
+"Usage: #{$PROGRAM_NAME} -w <warehouse> -s <system> -d <domain> \\
+                    -m <MAC address> -i <IPv4 address> -n <IPv4 network>
+
+Create phy_nic and ipv4_interface objects in a warehouse"
+
+    opts.on('-s SYSTEM', '--system SYSTEM', 'system name', String) {|system|
+      options[:system] = system }
+    opts.on('-d DOMAIN', '--domain DOMAIN', 'domain name',String) {|domain|
+      options[:domain] = domain }
+    opts.on('-m MAC', '--mac MAC', 'MAC address', String) {|mac|
+      options[:mac] = mac }
+    opts.on('-i ADDR', '--ipv4 ADDR', 'IPv4 address', String) {|addr|
+      options[:addr] = addr }
+    opts.on('-n NETWORK', '--network NETWORK', 'IPv4 network, in CIDR format',
+            String) {|network| options[:network] = network.gsub(/\//, '_') }
+
+    required_option :system
+    required_option :domain
+    required_option :mac
+    required_option :addr
+    required_option :network
+  end
+end
+
+CreateIPv4Interface.run do
+
+  # Create Physical NIC object
+
+  pallet_dir 'phy_nic', :mac
+  pallet_box 'phy_nic', :mac, 'identity' do
+    { net:{ layer2:{ name:'' } } }
+  end
+
+  # Create IPv4 Interface object
+
+  pallet_dir 'ipv4_interface', :addr
+  pallet_links 'ipv4_interface', :addr,
+    'ipv4_network' => ['ipv4_network', :network],
+    'domain' => ['domain', :domain],
+    'phy_nic' => ['phy_nic', :mac],
+    'system' => ['system', :system]
+end

data/exe/create_system

@@ -0,0 +1,45 @@
+#!/usr/bin/env ruby
+
+# Create a system in a warehouse
+
+require 'palletjack/tool'
+
+class CreateSystem < PalletJack::Tool
+  def parse_options(opts)
+    opts.banner =
+"Usage: #{$PROGRAM_NAME} -w <warehouse> -s <system> -d <domain> \\
+                      [ -o <os> | -n <netinstall> ]
+
+Create system objects in a warehouse"
+
+    opts.on('-s SYSTEM', '--system SYSTEM', 'system name', String) {|system|
+      options[:system] = system }
+    opts.on('-d DOMAIN', '--domain DOMAIN', 'domain name', String) {|domain|
+      options[:domain] = domain }
+    opts.on('-o OS', '--os OS', 'operating system name', String) {|os|
+      options[:os] = os }
+    opts.on('-n OS', '--netinstall NETINSTALL', 'network installation profile',
+            String) {|netinstall| options[:netinstall] = netinstall }
+
+    required_option :system
+    required_option :domain
+    required_option :os, :netinstall
+    exclusive_options :os, :netinstall
+  end
+end
+
+CreateSystem.run do
+  pallet_dir 'system', :system
+  pallet_box 'system', :system, 'role' do
+    { system:{ role:[ '' ] } }
+  end
+  pallet_links 'system', :system, 'domain' => ['domain', :domain]
+  pallet_links 'system', :system,
+    if options[:os]
+      { 'os' => ['os', :os], 'netinstall' => [] }
+    elsif options[:netinstall]
+      { 'os' => [], 'netinstall' => ['netinstall', :netinstall] }
+    else
+      abort('Both --os and --netinstall were nil; should not happen!')
+    end
+end

data/exe/dump_pallet

@@ -0,0 +1,50 @@
+#!/usr/bin/env ruby
+
+# Simple script for dumping a specified pallet as YAML.
+
+require 'palletjack/tool'
+
+class DumpPallet < PalletJack::Tool
+  def parse_options(parser)
+
+    parser.banner = "Usage: #{$PROGRAM_NAME} [options] [<name> ...]
+
+Dump the YAML representation of all named pallets in a Palletjack warehouse
+
+If a name is specified, dump only that pallet. Otherwise, dump all
+pallets of the specified type."
+
+    # The preset value for options[:type] will be overridden when
+    # the parse! method of the parser is eventually run and finds
+    # a --type option. Keep declarations in that order for clarity.
+
+    options[:type]='system'
+    parser.on('-t TYPE', '--type TYPE',
+              'type (default "system")',
+              String) {|type| options[:type] = type }
+  end
+
+  # Dump the yaml contents of all pallets given to STDOUT
+
+  def dump_pallets(pallets)
+    abort('No matching pallets found.') if pallets.empty?
+
+    pallets.each do |p|
+      puts "---"
+      puts "# #{p.kind}: #{p.name}"
+      puts p.to_yaml
+    end
+  end
+end
+
+DumpPallet.run do
+  # Since the Tool framework uses destructive opts.parse!, all options
+  # were removed from argv, leaving just the names to search for.
+  if argv.empty?
+    dump_pallets jack[kind: options[:type]]
+  else
+    argv.each do |name|
+      dump_pallets jack[kind: options[:type], name: name]
+    end
+  end
+end

data/exe/palletjack2kea

@@ -0,0 +1,108 @@
+#!/usr/bin/env ruby
+
+# Write configuration for the Kea DHCP server from a Palletjack warehouse
+
+require 'palletjack/tool'
+require 'json'
+
+class PalletJack2Kea < PalletJack::Tool
+  def parse_options(opts)
+    opts.banner =
+"Usage: #{$PROGRAM_NAME} [options] <name> ...
+
+Write configuration for the Kea DHCP server from a Palletjack warehouse"
+
+    opts.on('-s SERVICE', '--service SERVICE',
+            'service name for global configuration',
+            String) {|service| options[:service] = service }
+
+    required_option :service
+  end
+
+  def dhcp4_option(code, name, data)
+    {
+      'code' => code,
+      'name' => name,
+      'space' => 'dhcp4',
+      'csv-format' => true,
+      'data' => data
+    }
+  end
+
+  # The internal representation of the generated configuration, ready
+  # to be tested or printed.
+
+  attr_reader :kea_config
+
+  def process
+    @kea_config = { 'Dhcp4' => {} }
+
+    jack.each(kind:'service', name:options[:service]) do |service_config|
+      @kea_config['Dhcp4'] = service_config['service.kea_v4']
+    end
+
+    @kea_config['Dhcp4']['subnet4'] = []
+
+    jack.each(kind:'ipv4_network') do |net|
+      net_config = {'subnet' => net['net.ipv4.cidr'],
+        'reservations' => [],
+        'option-data' => []}
+      if net['net.ipv4.gateway']
+        net_config['option-data'] <<
+          dhcp4_option(3, 'routers', net['net.ipv4.gateway'])
+      end
+
+      if net['net.dns.resolver']
+        resolvers = ''
+        net['net.dns.resolver'].each do |resolver|
+          resolvers << resolver << ', '
+        end
+
+        net_config['option-data'] <<
+          dhcp4_option(6, 'domain-name-servers', resolvers.chomp(', '))
+      end
+
+      if net['net.dhcp.tftp-server']
+        net_config['option-data'] <<
+          dhcp4_option(66, 'tftp-server-name', net['net.dhcp.tftp-server'])
+
+        # Option 66/tftp-server-name is the standard way of sending a
+        # TFTP server address, but some DHCP clients still want it in
+        # the next-server field.
+        net_config['next-server'] = net['net.dhcp.tftp-server']
+      end
+
+      if net['net.dhcp.boot-file']
+        net_config['option-data'] <<
+          dhcp4_option(67, 'boot-file-name', net['net.dhcp.boot-file'])
+      end
+
+      net.children(kind:'ipv4_interface',
+                   none?:{ 'net.layer2.address' => nil }
+                  ) do |interface|
+        net_config['reservations'] << {
+          'hw-address' => interface['net.layer2.address'],
+          'ip-address' => interface['net.ipv4.address'],
+          'hostname' => interface['net.dns.fqdn'],
+          'option-data' =>
+          [
+            dhcp4_option(15, 'domain-name',
+                         interface.parents(kind:'system').first['net.dns.domain'])
+          ]
+        }
+      end
+
+      @kea_config['Dhcp4']['subnet4'] << net_config
+    end
+  end
+
+  def output
+    puts git_header('palletjack2kea')
+
+    jj @kea_config
+  end
+end
+
+if PalletJack2Kea.standalone?(__FILE__)
+  PalletJack2Kea.run
+end

data/exe/palletjack2knot

@@ -0,0 +1,170 @@
+#!/usr/bin/env ruby
+
+# Write DNS server zone file from a Palletjack warehouse
+#
+# Data model assumptions:
+# - Each domain corresponds uniquely to one IPv4 network
+#
+# The YAML key "net.dns.alias" is used to create CNAME aliases for
+# each interface. This means that if a "system" object specifies
+# "net.dns.alias", each of its interfaces will get that alias in its
+# own domain. Aliases explicitly specified on a single interface will
+# override this.
+
+require 'palletjack/tool'
+require 'dns/zone'
+require 'ip'
+
+class PalletJack2Knot < PalletJack::Tool
+  def parse_options(opts)
+    opts.banner =
+"Usage: #{$PROGRAM_NAME} -w <warehouse> -o <output directory>
+
+Write DNS server zone files from a Palletjack warehouse"
+
+    opts.on('-o DIR', '--output DIR', 'output directory', String) {|dir|
+      options[:output] = dir
+      options[:zone_dir] = config_path(:output, "zones")
+    }
+
+    required_option :output
+  end
+
+  def zone_config(zone)
+    "
+#{zone} {
+  file \"zones/#{zone}.zone\";
+}
+"
+  end
+end
+
+PalletJack2Knot.run do
+  config_dir :zone_dir
+
+  # Use Unix timestamp as serial number, and get it once so all zones get
+  # the same one
+  serial = Time.now.utc.to_i
+
+  config_file :output, 'zones.conf' do |conf_file|
+    conf_file << git_header('palletjack2knot')
+
+    jack.each(kind:'domain') do |domain|
+      absolute_domain_name = "#{domain['net.dns.domain']}."
+
+      zone = DNS::Zone.new
+
+      zone.origin = absolute_domain_name
+      zone.ttl = domain['net.dns.ttl']
+
+      zone.soa.serial = serial
+      zone.soa.label = absolute_domain_name
+      zone.soa.nameserver = domain['net.dns.soa-ns']
+      zone.soa.email = "#{domain['net.dns.soa-contact']}.".sub('@', '.')
+
+      if domain['net.dns.mx']
+        domain['net.dns.mx'].each do |server|
+          mx = DNS::Zone::RR::MX.new
+          mx.label = absolute_domain_name
+          mx.priority = server['priority']
+          mx.exchange = server['server']
+          zone.records << mx
+        end
+      end
+
+      domain['net.dns.ns'].each do |address|
+        ns = DNS::Zone::RR::NS.new
+        ns.label = absolute_domain_name
+        ns.nameserver = address
+        zone.records << ns
+      end
+
+      if domain['net.dns.cname']
+        domain['net.dns.cname'].each do |name, target|
+          cname = DNS::Zone::RR::CNAME.new
+          cname.label = name
+          cname.domainname = target
+          zone.records << cname
+        end
+      end
+
+      if domain['net.dns.srv']
+        domain['net.dns.srv'].each do |service|
+          srv = DNS::Zone::RR::SRV.new
+          srv.label = "_#{service['service']}._#{service['protocol']}"
+          srv.target = service['target']
+          srv.port = service['port']
+          service['priority'] ||= 0
+          srv.priority = service['priority']
+          service['weight'] ||= 0
+          srv.weight = service['weight']
+          zone.records << srv
+        end
+      end
+
+      domain.children(kind:'ipv4_interface') do |interface|
+        a = DNS::Zone::RR::A.new
+        a.label = interface['net.dns.name']
+        a.address = interface['net.ipv4.address']
+        zone.records << a
+
+        if interface['net.dns.alias']
+          interface['net.dns.alias'].each do |label|
+            cname = DNS::Zone::RR::CNAME.new
+            cname.label = label
+            cname.domainname = interface['net.dns.name']
+            zone.records << cname
+          end
+        end
+      end
+
+      config_file :zone_dir, "#{domain['net.dns.domain']}.zone" do |zonefile|
+        zonefile << git_header('palletjack2knot', comment_char: ';')
+        zonefile << zone.dump_pretty
+      end
+
+      conf_file << zone_config(domain['net.dns.domain'])
+
+      next unless domain['net.ipv4.cidr']
+
+      # Assume all delegations happen on octet boundaries for now.
+      # TODO: RFC 2317 classless in-addr.arpa delegation
+
+      reverse_zone = DNS::Zone.new
+
+      ip_net = IP.new(domain['net.ipv4.cidr'])
+      absolute_reverse_zone_name = ip_net.to_arpa
+
+      prefix_octets, _ = domain['net.ipv4.prefixlen'].to_i.divmod(8)
+      reverse_zone.origin = absolute_reverse_zone_name.split('.')[-(2 + prefix_octets) .. 5].join('.')
+
+      reverse_zone.ttl = domain['net.dns.ttl']
+
+      reverse_zone.soa.serial = serial
+      reverse_zone.soa.label = "#{reverse_zone.origin}."
+      reverse_zone.soa.nameserver = domain['net.dns.soa-ns']
+      reverse_zone.soa.email = "#{domain['net.dns.soa-contact']}.".sub('@', '.')
+
+      domain['net.dns.ns'].each do |address|
+        ns = DNS::Zone::RR::NS.new
+        ns.label = "#{reverse_zone.origin}."
+        ns.nameserver = address
+        reverse_zone.records << ns
+      end
+
+      domain.children(kind:'ipv4_interface') do |interface|
+        ptr = DNS::Zone::RR::PTR.new
+        ptr.label = IP.new(interface['net.ipv4.address']).to_arpa
+        ptr.name = "#{interface['net.dns.fqdn']}."
+        reverse_zone.records << ptr
+      end
+
+      config_file :zone_dir, "#{reverse_zone.origin}.zone" do |zonefile|
+        zonefile << git_header('palletjack2knot', comment_char: ';')
+        zonefile << reverse_zone.dump_pretty
+      end
+
+      conf_file << zone_config(reverse_zone.origin)
+    end
+  end
+end

data/exe/palletjack2pxelinux

@@ -0,0 +1,191 @@
+#!/usr/bin/env ruby
+
+# Write PXELINUX boot menus from a Palletjack warehouse
+#
+# Data model assumptions:
+#
+# Each +os+ object will contain the keys:
+#   host:
+#     kickstart:
+#       baseurl: <URL to OS installation>
+#     pxelinux:
+#       config: <basename of pxelinux menu file w/o .menu>
+#
+# Each +netinstall+ object will contain the keys:
+#   host:
+#     kickstart:
+#       label: <human-friendly label for variant>
+#       ksurl: ["none"|<URL to kickstart file>]
+#     pxelinux:
+#       config: <basename of pxelinux menu file w/o .menu>
+#       kernel: <tftp path of pxelinux kernel>
+#       append: <pxelinux kernel parameters>
+#
+# PXELINUX directory tree:
+#
+# /var/lib/tftpboot/
+#  |- pxelinux.cfg
+#  |   |- default -> ../config/default
+#  |   |- 01-<MAC address> -> ../config/<OS>-<Variant>.menu
+#  |   ...
+#  |- config
+#  |   |- default
+#  |   |- linux.menu
+#  |   |- <OS>.menu
+#  |   |- <OS>-<Variant>.menu
+#  |   ...
+#  \- boot
+#      |- <OS>
+#      |   |- vmlinuz
+#      |   |- initrd
+#      |   ...
+#      ...
+#
+# Point this script's output directory at /var/lib/tftpboot/, and it
+# will create the MAC address symlinks, and menu tree for linux
+# installations.
+#
+# The boot/... and config/default needs to be populated by other means.
+
+require 'palletjack/tool'
+require 'fileutils'
+
+class PalletJack2PXELinux < PalletJack::Tool
+
+  def parse_options(opts)
+    opts.banner =
+"Usage: #{$PROGRAM_NAME} -w <warehouse> -o <output directory>
+
+Write PXELINUX boot configuration files from a Palletjack warehouse"
+
+    opts.on('-o DIR', '--output DIR', 'output directory (tftpboot/)',
+            String) {|dir| options[:output] = dir }
+
+    required_option :output
+  end
+
+  # Generate pxe menus for each OS configuration
+
+  def pxemenu_for_netinstall(netinstall)
+    config=netinstall['host.pxelinux.config']
+    os_label=netinstall['system.os'].gsub(/-/, ' ')
+    ks_label=(netinstall['host.kickstart.label'] ||
+              netinstall['host.kickstart.variant'] )
+    kernel=netinstall['host.pxelinux.kernel']
+    append=netinstall['host.pxelinux.append']
+
+    config_file :output, 'config', "#{config}.menu" do |menufile|
+      menufile << git_header('palletjack2pxelinux')
+      menufile << "
+UI menu.c32
+PROMPT 0
+MENU INCLUDE /config/graphics.conf
+MENU AUTOBOOT Installing #{os_label} (#{ks_label}) in # seconds
+TIMEOUT 100
+
+MENU TITLE Install #{os_label} (#{ks_label})
+
+LABEL #{config}
+  MENU LABEL ^Install #{os_label} (#{ks_label})
+  MENU DEFAULT
+  KERNEL #{kernel}
+  APPEND #{append}
+
+LABEL MainMenu
+  MENU LABEL ^Main Menu
+  KERNEL menu.c32
+  APPEND /config/default
+"
+    end
+  end
+
+  # Generate pxe menus for each OS version
+
+  def pxemenu_for_operating_system(os)
+    config=os['host.pxelinux.config']
+    os_label=config.gsub(/-/, ' ')
+    kernel=os['host.pxelinux.kernel']
+    append=os['host.pxelinux.append']
+
+    config_file :output, 'config', "#{config}.menu" do |menufile|
+      menufile << git_header('palletjack2pxelinux')
+      menufile << "
+UI menu.c32
+PROMPT 0
+MENU INCLUDE /config/graphics.conf
+
+MENU TITLE #{os_label} Installation Menu
+"
+
+      os.children(kind:'netinstall') do |netinstall|
+        config=netinstall['host.pxelinux.config']
+        ks_label=(netinstall['host.kickstart.label'] ||
+                  netinstall['host.kickstart.variant'] )
+        kernel=netinstall['host.pxelinux.kernel']
+        append=netinstall['host.pxelinux.append']
+
+        pxemenu_for_netinstall(netinstall)
+
+        menufile << "
+LABEL #{config}
+  MENU LABEL Install #{os_label} (#{ks_label})
+  KERNEL menu.c32
+  APPEND /config/#{config}.menu
+"
+      end
+
+      menufile << "
+LABEL MainMenu
+  MENU LABEL ^Main Menu
+  KERNEL menu.c32
+  APPEND /config/default
+"
+    end
+  end
+end
+
+PalletJack2PXELinux.run do
+  config_dir :output, 'config'
+  config_dir :output, 'pxelinux.cfg'
+
+  config_file :output, 'config', 'linux.menu' do |menufile|
+    menufile << git_header('palletjack2pxelinux')
+    menufile << "
+UI menu.c32
+PROMPT 0
+MENU INCLUDE /config/graphics.conf
+
+MENU TITLE Linux Installation Menu
+"
+
+    jack.each(kind:'os') do |os|
+      next unless config=os['host.pxelinux.config']
+
+      label=config.gsub(/-/, ' ')
+
+      pxemenu_for_operating_system(os)
+
+      menufile << "
+LABEL #{config}
+  MENU LABEL Install #{label}
+  KERNEL menu.c32
+  APPEND /config/#{config}.menu
+"
+    end
+  end
+
+  # Generate pxe default menu links for each system
+
+  jack.each(kind:'system') do |system|
+    system.children(kind:'ipv4_interface') do |nic|
+      if system['host.pxelinux.config']
+        menuname = "#{system['host.pxelinux.config']}.menu"
+        linkname = "01-#{nic['net.layer2.address'].gsub(':', '-').downcase}"
+
+        FileUtils.ln_s(config_path('..', 'config', menuname),
+                       config_path(:output, 'pxelinux.cfg', linkname),
+                       :force => true)
+      end
+    end
+  end
+end

data/exe/palletjack2salt

@@ -0,0 +1,140 @@
+#!/usr/bin/env ruby
+
+# Write YAML files containing Salt pillar data.
+#
+# Intended to be run from a Git post-update hook or similar, since
+# running the entire Pallet Jack infrastructure once per minion for
+# every pillar refresh is a bit excessive, writing YAML files which
+# will be read by a Salt pillar, in one of two modes of operation:
+#
+# 1. Global pillar data
+#
+#    Intended to be included in an ordinary Salt pillar root.
+#
+#    Example Salt master configuration:
+#
+#    pillar_roots:
+#      base:
+#        - /etc/salt/pillar
+#
+#    Example /etc/salt/pillar/top.sls:
+#
+#    base:
+#      '*':
+#        - palletjack.global
+#
+# 2. Per-minion pillar data
+#
+#    Intended to be read by the `palletjack_yaml_file` external pillar
+#    (which you will have to install manually).
+#
+#    Example Salt master configuration:
+#
+#    ext_pillar:
+#      - palletjack_yaml_file: /var/cache/palletjack/{saltenv}/{minion}.yaml
+#
+#    Data model assumptions:
+#      - Salt minion ID is FQDN
+
+require 'palletjack/tool'
+require 'yaml'
+
+class PalletJack2Salt < PalletJack::Tool
+  def parse_options(opts)
+    opts.banner =
+"Usage: #{$PROGRAM_NAME} -w <warehouse> [ -g <dir> ] [ -m <dir> ]
+
+Write Salt pillar data from a Palletjack warehouse."
+
+    opts.on('-g DIR', '--global DIR', 'global pillar directory',
+            String ) {|dir| options[:global_pillar] = dir }
+    opts.on('-m DIR', '--minion DIR', 'per-minion pillar directory',
+            String) {|dir| options[:minion_pillar] = dir }
+
+    required_option :global_pillar, :minion_pillar
+  end
+
+  # Helpers for generating global pillars
+
+  def process_global_pillar
+    result = {}
+
+    config['pillar.global.each-pallet'].each do |dst_key, kind|
+      result[dst_key] ||= {}
+
+      jack.each(kind: kind) do |pallet|
+        result[dst_key][pallet.name] = pallet.to_hash.except('pallet')
+      end
+    end
+
+    result
+  end
+
+  # Helpers for generating per-minion pillars
+
+  def ipv4_interfaces(system)
+    result = Hash.new
+
+    system.children(kind:'ipv4_interface') do |interface|
+      result[interface['net.layer2.name']] = {
+        interface['net.ipv4.address'] =>
+        interface.filter('net.ipv4', 'net.layer2').to_hash
+      }
+    end
+
+    result
+  end
+
+  def process_minion_pillars
+    result = {}
+
+    jack.each(kind:'system') do |system|
+      yaml_output = {}
+      yaml_output['ipv4_interfaces'] = ipv4_interfaces(system)
+
+      config['pillar.per-minion.each-subtree'].each do |dst_key, src_key|
+        yaml_output[dst_key] = system.fetch(src_key)
+      end
+
+      result[system['net.dns.fqdn']] = { 'palletjack' => yaml_output }
+    end
+
+    result
+  end
+
+  # The internal representation of the generated configuration, ready
+  # to be tested or printed.
+
+  attr_reader :salt_config
+
+  def process
+    @salt_config = {}
+
+    @salt_config[:global] = process_global_pillar if options[:global_pillar]
+    @salt_config[:minion] = process_minion_pillars if options[:minion_pillar]
+  end
+
+  def output
+    if @salt_config[:global]
+      config_dir :global_pillar, 'palletjack'
+      config_file :global_pillar, 'palletjack', 'global.sls' do |slsfile|
+        slsfile << git_header('palletjack2salt')
+        slsfile <<
+          { 'palletjack' => { 'global' => @salt_config[:global] } }.to_yaml
+      end
+    end
+
+    if @salt_config[:minion]
+      @salt_config[:minion].each do |id, config|
+        config_file :minion_pillar, "#{id}.yaml" do |yamlfile|
+          yamlfile << git_header('palletjack2salt')
+          yamlfile << config.to_yaml
+        end
+      end
+    end
+  end
+end
+
+if PalletJack2Salt.standalone?(__FILE__)
+  PalletJack2Salt.run
+end

data/exe/palletjack2unbound

@@ -0,0 +1,129 @@
+#!/usr/bin/env ruby
+#
+# Write DNS resolver stub declarations from a Palletjack warehouse
+#
+# Data model assumptions:
+#
+#   service:
+#     unbound:
+#       server:
+#         - interface: 0.0.0.0
+#         - access-control: 192.0.2.0/24 allow
+#         - ...
+#
+# Other configuration categories than +system+ are not supported.
+
+require 'palletjack/tool'
+require 'ip'
+
+class PalletJack2Unbound < PalletJack::Tool
+  def parse_options(opts)
+    opts.banner =
+"Usage: #{$PROGRAM_NAME} -w <warehouse> -s <service> -o <output directory>
+
+Write DNS resolver stub declarations from a Palletjack warehouse
+into Salt state configuration for unbound.
+
+E.g.
+  palletjack2unbound -w /etc/salt/respository/warehouse \\
+    -o /etc/salt/repository/state/unbound/files"
+
+    opts.on('-o DIR', '--output DIR', 'output directory', String) {|dir|
+      options[:output] = dir
+      options[:conf_dir] = "#{dir}/conf.d"
+      options[:local_dir] = "#{dir}/local.d"
+    }
+    opts.on('-s SERVICE', '--service SERVICE',
+            'service name for global configuration', String) {|service|
+      options[:service] = service
+    }
+
+    required_option :output
+    required_option :service
+  end
+
+  # Write a stub-zone declaration to a file in conf.d/
+  # If the +transparent+ option is true, also write
+  # a local-zone ... transparent, declaration e.g. to
+  # override the builtin RFC1918 blocking in unbound.
+
+  def stub_zone(zone, stub_addrs, transparent: false)
+    return if stub_addrs.empty?
+
+    config_file :conf_dir, "#{zone}.conf" do |stubfile|
+      stubfile << git_header('palletjack2unbound')
+      stubfile << "
+stub-zone:
+  name: #{zone}\n"
+
+      stub_addrs.each do |addr|
+        stubfile << "  stub-addr: #{addr}\n"
+      end
+
+      if transparent then
+        stubfile << "\nserver:\n  local-zone: \"#{zone}\" transparent\n"
+      end
+    end
+  end
+
+  # Check if +ip+ belongs to some RFC1918 network
+
+  def rfc1918?(ip)
+    rfc1918_nets = [IP.new('10.0.0.0/8'),
+                    IP.new('172.16.0.0/12'),
+                    IP.new('192.168.0.0/16')]
+    rfc1918_nets.any? {|net| ip.is_in?(net)}
+  end
+
+  # Generate unbound service configuration
+
+  def unbound_config(service_name)
+    service_config = jack.fetch(kind:'service', name: service_name)
+
+    config_file :local_dir, "#{service_name}.conf" do |configfile|
+      configfile << git_header('palletjack2unbound')
+      service_config["service.unbound.server"].each do |config|
+        config.each do |key, value|
+          configfile << "#{key}: #{value}\n"
+        end
+      end
+    end
+  end
+end
+
+PalletJack2Unbound.run do
+  config_dir :conf_dir
+  config_dir :local_dir
+
+  jack.each(kind:'domain') do |domain|
+    zone = domain['net.dns.domain']
+    stub_addrs = []
+
+    domain['net.dns.ns'].each do |ns|
+      jack.each(kind:'ipv4_interface', all?:{'net.dns.fqdn' => ns}) do |ipv4|
+        stub_addrs << ipv4['net.ipv4.address']
+      end
+    end
+
+    stub_zone(zone, stub_addrs)
+
+    next unless domain['net.ipv4.cidr']
+
+    # Assume all delegations happen on octet boundaries for now.
+    # TODO: RFC 2317 classless in-addr.arpa delegation
+
+    ip_net = IP.new(domain['net.ipv4.cidr'])
+    reverse_zone = ip_net.to_arpa
+    prefix_octets, _ = domain['net.ipv4.prefixlen'].to_i.divmod(8)
+    reverse_zone =
+      ip_net.to_arpa.split('.')[-(2 + prefix_octets) .. 5].join('.')
+
+    # Make the same assumption that palletjack2knot does;
+    # reverse delegations are made to the same nameserver
+    # as forward delegations.
+
+    stub_zone(reverse_zone, stub_addrs, transparent: rfc1918?(ip_net))
+  end
+
+  unbound_config(options[:service])
+end

data/palletjack-tools.gemspec

@@ -0,0 +1,37 @@
+#-*- ruby -*-
+# coding: utf-8
+lib = File.expand_path('../../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'palletjack/version'
+
+Gem::Specification.new do |spec|
+  spec.name	= 'palletjack-tools'
+  spec.version	= PalletJack::VERSION
+  spec.authors	= ['Karl-Johan Karlsson']
+  spec.email	= ['karl-johan.karlsson@saabgroup.com']
+  spec.summary	= 'Tools for the Pallet Jack Lightweight Configuration Management Database'
+  spec.description	= spec.summary
+  spec.homepage    = 'https://github.com/saab-simc-admin/palletjack'
+  spec.license	= 'MIT'
+
+  spec.files         = `git ls-files -z`.split("\x0").reject do |f|
+    f.match(%r{^(test|spec|features)/})
+  end
+  spec.bindir        = "exe"
+  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+
+  spec.platform	= Gem::Platform::RUBY
+  spec.required_ruby_version = '~>2'
+
+  spec.add_runtime_dependency 'palletjack', PalletJack::VERSION
+  spec.add_runtime_dependency 'dns-zone', '~> 0.3'
+  spec.add_runtime_dependency 'ruby-ip', '~> 0.9'
+
+  spec.add_development_dependency "bundler", "~> 1.13"
+  spec.add_development_dependency "rake", "~> 10.0"
+  spec.add_development_dependency "rspec", "~> 3.0"
+  spec.add_development_dependency "rspec_structure_matcher", "~> 0.0.6"
+  spec.add_development_dependency "rspec-collection_matchers", "~> 1.1.2"
+
+  spec.has_rdoc	= true
+end

metadata

@@ -0,0 +1,200 @@
+--- !ruby/object:Gem::Specification
+name: palletjack-tools
+version: !ruby/object:Gem::Version
+  version: 0.1.2
+platform: ruby
+authors:
+- Karl-Johan Karlsson
+autorequire: 
+bindir: exe
+cert_chain:
+- |
+  -----BEGIN CERTIFICATE-----
+  MIIDljCCAn6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBIMRYwFAYDVQQDDA1jYWxs
+  ZS5lbmdsdW5kMRkwFwYKCZImiZPyLGQBGRYJc2FhYmdyb3VwMRMwEQYKCZImiZPy
+  LGQBGRYDY29tMB4XDTE2MTEwMjA5MjYyN1oXDTE3MTEwMjA5MjYyN1owSDEWMBQG
+  A1UEAwwNY2FsbGUuZW5nbHVuZDEZMBcGCgmSJomT8ixkARkWCXNhYWJncm91cDET
+  MBEGCgmSJomT8ixkARkWA2NvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+  ggEBAM7OxaztzD0LyOwK1mPcg3BhioX1EDVbD/qAFOAzBSGGlAhtmHMqAkyvJMvs
+  iiG7xvBidWUapxiEiBwamXiOTSrp2eW+XSXW9omdWHXjBZcwHqwb1VmAlYRDkSHf
+  dzcM/z4xlV+DJw/pFyMRWzqNdVBtWTbVXAFGjJSqQ6q21ACYJldV9U71AIpXo+oF
+  VEMf6PZS2uhB1G+FgAtnX/xmy7OM1Cy3qc/CaJbWSddpegxWJMUn2HNQxFwIe40g
+  WoEoiFA7qQg9DnR/5i3lW6QyfIaA5k9cv2su1VyjqKLbkFTTTjYw0P1BJmvfXjtc
+  rMl+3HCWYj6UunZwfZi2wDGsBkkCAwEAAaOBijCBhzAJBgNVHRMEAjAAMAsGA1Ud
+  DwQEAwIEsDAdBgNVHQ4EFgQUwHCMEKgrIMaiTkTVLKZn6yOD1SIwJgYDVR0RBB8w
+  HYEbY2FsbGUuZW5nbHVuZEBzYWFiZ3JvdXAuY29tMCYGA1UdEgQfMB2BG2NhbGxl
+  LmVuZ2x1bmRAc2FhYmdyb3VwLmNvbTANBgkqhkiG9w0BAQUFAAOCAQEAP9OnE0jP
+  2vRHI/vnOkgCvLFNoOqK/YB4yDVVW69Pza+xIXcmUBvl7DQ+bBdF5AK0B1A7U0rp
+  Pbdj0bpQtWxmUmMIbnE1w6iuVCXAabsyUfHY4mlztToWXMVOXc1SPlJ/S2XXaRd5
+  fiNj/nBTb0YTQA0E4pZ0Aud80qZ2WLdc6FfzHUEMW91BL3bhLeDL40noHK5Lvk52
+  phzVHIrDjCowUMTnGiPZCXEo4KZW76KwYYV6oQ6LzcrYBw5mJ4XpdgQKZgnTnRBP
+  f8wtQllq82VF0AXUYeLtTh1f+DW3WW5BO1e2OCu5eOV7dbyaVPaNK/+rHjCN8kM/
+  DGZSwUoNADmVkQ==
+  -----END CERTIFICATE-----
+date: 2016-11-02 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: palletjack
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 0.1.2
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 0.1.2
+- !ruby/object:Gem::Dependency
+  name: dns-zone
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '0.3'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '0.3'
+- !ruby/object:Gem::Dependency
+  name: ruby-ip
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '0.9'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '0.9'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.13'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.13'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '3.0'
+- !ruby/object:Gem::Dependency
+  name: rspec_structure_matcher
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.0.6
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.0.6
+- !ruby/object:Gem::Dependency
+  name: rspec-collection_matchers
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 1.1.2
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 1.1.2
+description: Tools for the Pallet Jack Lightweight Configuration Management Database
+email:
+- karl-johan.karlsson@saabgroup.com
+executables:
+- create_domain
+- create_ipv4_interface
+- create_system
+- dump_pallet
+- palletjack2kea
+- palletjack2knot
+- palletjack2pxelinux
+- palletjack2salt
+- palletjack2unbound
+extensions: []
+extra_rdoc_files: []
+files:
+- Gemfile
+- Rakefile
+- exe/create_domain
+- exe/create_ipv4_interface
+- exe/create_system
+- exe/dump_pallet
+- exe/palletjack2kea
+- exe/palletjack2knot
+- exe/palletjack2pxelinux
+- exe/palletjack2salt
+- exe/palletjack2unbound
+- palletjack-tools.gemspec
+homepage: https://github.com/saab-simc-admin/palletjack
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ~>
+    - !ruby/object:Gem::Version
+      version: '2'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.0.14
+signing_key: 
+specification_version: 4
+summary: Tools for the Pallet Jack Lightweight Configuration Management Database
+test_files: []

metadata.gz.sig

@@ -0,0 +1,3 @@
+�.��۩'1����:�򙘹TF��TX̉�]]��ZY��bWـ�R}Jo{���$S1cǹ�%�M��W���� ��_����S���wE�ѣl�8!$ҩ��?]s�0=���c�Ud�ς�!;
+��L���;|�Y�9jq�
+�V��h��5����s��Yw�ZEʰ�o~n�V~�N��v����!�T?XO5忊j��$R�O���AT�3��W<�lѯ*J=֥��vcg78F��A�3�,Q��ڌn�