rubynas 0.1.0.pre.1

data/.gitignore

@@ -0,0 +1,23 @@
+# See http://help.github.com/ignore-files/ for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+#   git config --global core.excludesfile ~/.gitignore_global
+
+# Ignore bundler config
+/.bundle
+
+# Ignore all logfiles and tempfiles.
+/log/*.log
+/tmp
+/coverage
+
+# Sandbox
+sandbox/ldap/data/slapd.*
+sandbox/ldap/data/dc=rubynas,dc=com/
+
+.DS_Store
+.vagrant
+.ruby-gemset
+pkg
+rubynas.sqlite3

data/.gitmodules

@@ -0,0 +1,3 @@
+[submodule "admin"]
+	path = admin
+	url = git://github.com/dpree/rubynas-admin.git

data/.rspec

@@ -0,0 +1,2 @@
+--color --format=progress
+

data/.ruby-version

@@ -0,0 +1 @@
+1.9.3

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in rubynas.gemspec
+gemspec

data/Gemfile.lock

@@ -0,0 +1,196 @@
+PATH
+  remote: .
+  specs:
+    rubynas (0.1.0.pre.1)
+      activeldap (~> 3.2.2)
+      activerecord (= 3.2.13)
+      dnssd
+      foreman
+      grape
+      grape-entity
+      inifile
+      lumberjack
+      lumberjack_syslog_device
+      net-ldap
+      netatalk-config
+      puma
+      sqlite3
+      vmstat
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    activeldap (3.2.2)
+      activemodel (~> 3.2.8)
+      gettext
+      gettext_i18n_rails
+      locale
+    activemodel (3.2.13)
+      activesupport (= 3.2.13)
+      builder (~> 3.0.0)
+    activerecord (3.2.13)
+      activemodel (= 3.2.13)
+      activesupport (= 3.2.13)
+      arel (~> 3.0.2)
+      tzinfo (~> 0.3.29)
+    activesupport (3.2.13)
+      i18n (= 0.6.1)
+      multi_json (~> 1.0)
+    arel (3.0.2)
+    backports (3.3.1)
+    brakeman (2.0.0)
+      erubis (~> 2.6)
+      fastercsv (~> 1.5)
+      haml (>= 3.0, < 5.0)
+      highline (~> 1.6.19)
+      multi_json (~> 1.2)
+      ruby2ruby (~> 2.0.5)
+      ruby_parser (~> 3.1.1)
+      sass (~> 3.0)
+      slim (~> 1.3.6)
+      terminal-table (~> 1.4)
+    builder (3.0.4)
+    bundler-audit (0.1.2)
+      bundler (~> 1.2)
+    cane (2.6.0)
+      parallel
+    coderay (1.0.9)
+    database_cleaner (1.0.1)
+    descendants_tracker (0.0.1)
+    diff-lcs (1.2.4)
+    dnssd (2.0)
+    dotenv (0.7.0)
+    erubis (2.7.0)
+    factory_girl (4.2.0)
+      activesupport (>= 3.0.0)
+    fast_gettext (0.7.0)
+    fastercsv (1.5.5)
+    ffi (1.8.1)
+    foreman (0.63.0)
+      dotenv (>= 0.7)
+      thor (>= 0.13.6)
+    formatador (0.2.4)
+    gettext (2.3.9)
+      locale
+      text
+    gettext_i18n_rails (0.10.0)
+      fast_gettext (>= 0.4.8)
+    grape (0.4.1)
+      activesupport
+      builder
+      hashie (>= 1.2.0)
+      multi_json (>= 1.3.2)
+      multi_xml (>= 0.5.2)
+      rack (>= 1.3.0)
+      rack-accept
+      rack-mount
+      virtus
+    grape-entity (0.3.0)
+      activesupport
+      multi_json (>= 1.3.2)
+    guard (1.8.0)
+      formatador (>= 0.2.4)
+      listen (>= 1.0.0)
+      lumberjack (>= 1.0.2)
+      pry (>= 0.9.10)
+      thor (>= 0.14.6)
+    guard-rspec (3.0.1)
+      guard (>= 1.8)
+      rspec (~> 2.13)
+    haml (4.0.3)
+      tilt
+    hashie (2.0.5)
+    highline (1.6.19)
+    i18n (0.6.1)
+    inifile (2.0.2)
+    listen (1.1.6)
+      rb-fsevent (>= 0.9.3)
+      rb-inotify (>= 0.9)
+      rb-kqueue (>= 0.2)
+    locale (2.0.8)
+    lumberjack (1.0.3)
+    lumberjack_syslog_device (1.0.0)
+      lumberjack (~> 1.0)
+    method_source (0.8.1)
+    multi_json (1.7.6)
+    multi_xml (0.5.4)
+    net-ldap (0.3.1)
+    netatalk-config (0.0.2)
+      rspec
+    parallel (0.6.5)
+    pry (0.9.12.2)
+      coderay (~> 1.0.5)
+      method_source (~> 0.8)
+      slop (~> 3.4)
+    puma (2.0.1)
+      rack (>= 1.1, < 2.0)
+    rack (1.5.2)
+    rack-accept (0.4.5)
+      rack (>= 0.4)
+    rack-mount (0.8.3)
+      rack (>= 1.0.0)
+    rack-test (0.6.2)
+      rack (>= 1.0)
+    rake (10.0.4)
+    rb-fsevent (0.9.3)
+    rb-inotify (0.9.0)
+      ffi (>= 0.5.0)
+    rb-kqueue (0.2.0)
+      ffi (>= 0.5.0)
+    rspec (2.13.0)
+      rspec-core (~> 2.13.0)
+      rspec-expectations (~> 2.13.0)
+      rspec-mocks (~> 2.13.0)
+    rspec-core (2.13.1)
+    rspec-expectations (2.13.0)
+      diff-lcs (>= 1.1.3, < 2.0)
+    rspec-mocks (2.13.1)
+    ruby2ruby (2.0.5)
+      ruby_parser (~> 3.1)
+      sexp_processor (~> 4.0)
+    ruby_parser (3.1.3)
+      sexp_processor (~> 4.1)
+    sass (3.2.9)
+    sexp_processor (4.2.1)
+    shoulda-matchers (2.1.0)
+      activesupport (>= 3.0.0)
+    simplecov (0.7.1)
+      multi_json (~> 1.0)
+      simplecov-html (~> 0.7.1)
+    simplecov-html (0.7.1)
+    simplecov-rcov-text (0.0.2)
+    slim (1.3.9)
+      temple (~> 0.6.3)
+      tilt (~> 1.3, >= 1.3.3)
+    slop (3.4.5)
+    sqlite3 (1.3.7)
+    temple (0.6.5)
+    terminal-table (1.4.5)
+    text (1.2.1)
+    thor (0.18.1)
+    tilt (1.4.1)
+    tzinfo (0.3.37)
+    virtus (0.5.5)
+      backports (~> 3.3)
+      descendants_tracker (~> 0.0.1)
+    vmstat (2.0.0)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  brakeman
+  bundler (~> 1.3)
+  bundler-audit
+  cane
+  database_cleaner
+  factory_girl (~> 4.0)
+  guard-rspec
+  rack-test
+  rake
+  rb-fsevent (~> 0.9)
+  rspec
+  rubynas!
+  shoulda-matchers
+  simplecov
+  simplecov-rcov-text

data/Guardfile

@@ -0,0 +1,8 @@
+# A sample Guardfile
+# More info at https://github.com/guard/guard#readme
+
+guard 'rspec' do
+  watch(%r{^spec/.+_spec\.rb$})
+  watch(%r{^lib/(.+)\.rb$})     { |m| "spec/lib/#{m[1]}_spec.rb" }
+  watch('spec/spec_helper.rb')  { "spec" }
+end

data/LICENSE.txt

@@ -0,0 +1,7 @@
+Copyright (c) 2013 Vincent Landgraf
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/Procfile

@@ -0,0 +1,2 @@
+ldap: /usr/libexec/slapd -d 1 -f sandbox/ldap/slapd.conf -h ldap://127.0.0.1:10389
+app: ./bin/rubynas server

data/README.md

@@ -0,0 +1,151 @@
+# rubynas
+
+## Install
+
+On Ubuntu do the following:
+
+    # sudo apt-get install ruby1.9.3 libsqlite3-dev libavahi-compat-libdnssd-dev
+    # sudo ruby1.9.3 -S gem install rubynas
+    # rubynas install --admin admin --domain rubynas.com --password secret
+
+The rubynas api will be exposed using the mdns service. Typically its available on https://localhost:5100/api/. Maybe replace `localhost` by the name of your server.
+
+
+## Development
+
+### Getting Started
+
+To start developing simply start foreman:
+
+    foreman start
+
+Login with one of the users in the ldap:
+
+    email: admin@rubynas.com or user@rubynas.com
+    password: secret
+
+### Run the tests
+
+Since the tests depend on the LDAP you have to start it first with:
+
+    foreman start
+
+Then use either:
+
+    rake spec
+
+
+## Directories
+
+This project has a typical rails layout plus:
+
+* **sandbox** place for local ldap server and the like
+
+## Concepts
+
+### Shares
+
+The following section describes how shares "should be/are" implemented in rubynas.
+
+The general idea more or less oriented how mac os x is handling shares with a bit more flexibility. Here a short reminder on that:
+
+![Mac OS X Shares Overview](doc/macosx_shares.png "Mac OS X")
+
+Basically we can create a share which has a location and users or groups that can access it. Unlike mac os x the user can specify in which way the share is exposed. In other words it should be possible to tell per share if it can be accessed by AFP, SMB etc.
+
+### Share Entity
+
+Bases on the idea above we got the following structure:
+
+* Name (String) Name of the share
+* Path (String) Posix path to the share
+* Permissions (Array<Permission>) A list with users, groups that have access to the share
+* Services (Array<Service>) A list of services that should expose the share. Imagine the following list:
+  * NFS
+  * AFP
+  * RSYNC
+  * SMB
+  * CIFS
+* Options (Hash<Service, Hash>) A hash of options extra for each of the sharing services.
+  
+### Permission Entity
+
+A Permission is either based on a group or user. The reference to the **ldap user** and **ldap group** has to be made using the **common name**.
+
+* Read (Boolean) true if the permissions grants read access
+* Write (Boolean) true if the permission grants write access
+* User (LdapUser) the ldap user that is permitted
+* Group (LdapGroup) the ldap user that is permitted
+
+### Interaction
+
+To actually apply the share configuration to the services there are several layers which control the sharing service (aftp, smb, ...) and it's configuration. Here a quick visualization, of the layers (the api is the initiator):
+
+![Shares Overview](doc/shares_overview.png "rubynas shares")
+
+The shares API which is instrumented by the frontend, it manipulates the share models. This means creating, updating and changing shares. After the API did a manipulation to the shares it will call `ShareService.update_all` which will trigger an update on each and every service.
+
+Speaking of a sharing service: It needs to inherit from `ShareService` and implement the `#update!` method like this example:
+
+    class AfpShareService < ShareService
+      service_name :netatalk
+  
+      def update!
+        if AfpServiceConfiguration.update
+          restart # supplied by base class
+        end
+      end
+    end
+
+The update basically creates a new rendered version of the configuration and makes a hash on the content. Next it checkes if the old config has the same hash, if it does, `false` is returned and nothing happens. If the hash is different the configuration will be replaced and update returns `true` so that the service is going to be restarted.
+
+In order for a `ShareService` to be so simple a lot of magic needs to happen in the background. This will be described further below. Now regarding the configuration:
+
+    class AfpServiceConfiguration < ShareServiceConfiguration
+      config_file 'afp.conf'
+      
+      def time_machine(share)
+        share.options[self][:time_machine] ? 'yes' : 'no'
+      end
+    end
+    
+And here is the template for the configuration above:
+
+    ;
+    ; Netatalk 3.x configuration file
+    ;
+
+    [Global]
+    ; log level = default:maxdebug
+    log file = /var/log/netatalk
+    uam list = uams_dhx.so uams_dhx2.so
+
+    [Homes]
+    basedir regex = /home
+    
+    <% @shares.each do |share| %>
+    [<%= @share.name %>]
+    path = <%= @share.path %>
+    time machine = <%= time_machine(share) %>
+    <% end %>
+
+### Magic
+
+The magic behind scenes is basically done by the superclasses. They know how to start the a service and where the configuration files are placed. Main part of that magic is the automatic system and configuration detection. This is described in the section OS.
+
+### Config service (idea)
+
+The configuration needs administrative access to the system. Because every system has a different way to manage processes and a different way to configure this processes, this part is moved to a different project to keep the core clean from system and os details. This examples illustrates a possible restful interface
+
+    GET http://service.local/services
+      => each service with status
+    POST http://service.local/services/netatalk/start
+      => 200 started, 403 already started
+    POST http://service.local/services/netatalk/restart
+      => 200 restarted
+    POST http://service.local/services/netatalk/stop
+      => 200 stopped, 403 already stopped
+    GET http://service.local/services/netatalk
+      => Status
+    PUT http://service.local/services/netatalk/config
+      => 200 updated, 302 not updated

data/Rakefile

@@ -0,0 +1,14 @@
+#!/usr/bin/env rake
+require 'bundler/gem_tasks'
+require 'rspec/core/rake_task'
+
+desc 'Run specs'
+RSpec::Core::RakeTask.new(:spec => :compile)
+
+desc 'Open a pry session preloaded with smartstat'
+task :console do
+  sh 'irb -rubygems -I ./lib -r rubynas'
+end
+
+desc 'Default: run specs.'
+task :default => :spec

data/Vagrantfile

@@ -0,0 +1,99 @@
+# -*- mode: ruby -*-
+# vi: set ft=ruby :
+
+Vagrant::Config.run do |config|
+  # All Vagrant configuration is done here. The most common configuration
+  # options are documented and commented below. For a complete reference,
+  # please see the online documentation at vagrantup.com.
+
+  # Every Vagrant virtual environment requires a box to build off of.
+  config.vm.box = "ubuntu-1204"
+
+  # The url from where the 'config.vm.box' box will be fetched if it
+  # doesn't already exist on the user's system.
+  config.vm.box_url = "http://dl.dropbox.com/u/4031118/Vagrant/ubuntu-12.04.1-server-i686-virtual.box"
+
+  # Boot with a GUI so you can see the screen. (Default is headless)
+  # config.vm.boot_mode = :gui
+
+  # Assign this VM to a host-only network IP, allowing you to access it
+  # via the IP. Host-only networks can talk to the host machine as well as
+  # any other machines on the same network, but cannot be accessed (through this
+  # network interface) by any external networks.
+  config.vm.network :hostonly, "192.168.33.20"
+
+  # Assign this VM to a bridged network, allowing you to connect directly to a
+  # network using the host's network device. This makes the VM appear as another
+  # physical device on your network.
+  # config.vm.network :bridged
+
+  # Forward a port from the guest to the host, which allows for outside
+  # computers to access the VM, whereas host only networking does not.
+  # config.vm.forward_port 80, 8080
+
+  # Share an additional folder to the guest VM. The first argument is
+  # an identifier, the second is the path on the guest to mount the
+  # folder, and the third is the path on the host to the actual folder.
+  # config.vm.share_folder "v-data", "/vagrant_data", "../data"
+
+  # Enable provisioning with Puppet stand alone.  Puppet manifests
+  # are contained in a directory path relative to this Vagrantfile.
+  # You will need to create the manifests directory and a manifest in
+  # the file ubuntu-1204.pp in the manifests_path directory.
+  #
+  # An example Puppet manifest to provision the message of the day:
+  #
+  # # group { "puppet":
+  # #   ensure => "present",
+  # # }
+  # #
+  # # File { owner => 0, group => 0, mode => 0644 }
+  # #
+  # # file { '/etc/motd':
+  # #   content => "Welcome to your Vagrant-built virtual machine!
+  # #               Managed by Puppet.\n"
+  # # }
+  #
+  # config.vm.provision :puppet do |puppet|
+  #   puppet.manifests_path = "manifests"
+  #   puppet.manifest_file  = "ubuntu-1204.pp"
+  # end
+
+  # Enable provisioning with chef solo, specifying a cookbooks path, roles
+  # path, and data_bags path (all relative to this Vagrantfile), and adding 
+  # some recipes and/or roles.
+  #
+  # config.vm.provision :chef_solo do |chef|
+  #   chef.cookbooks_path = "../my-recipes/cookbooks"
+  #   chef.roles_path = "../my-recipes/roles"
+  #   chef.data_bags_path = "../my-recipes/data_bags"
+  #   chef.add_recipe "mysql"
+  #   chef.add_role "web"
+  #
+  #   # You may also specify custom JSON attributes:
+  #   chef.json = { :mysql_password => "foo" }
+  # end
+
+  # Enable provisioning with chef server, specifying the chef server URL,
+  # and the path to the validation key (relative to this Vagrantfile).
+  #
+  # The Opscode Platform uses HTTPS. Substitute your organization for
+  # ORGNAME in the URL and validation key.
+  #
+  # If you have your own Chef Server, use the appropriate URL, which may be
+  # HTTP instead of HTTPS depending on your configuration. Also change the
+  # validation key to validation.pem.
+  #
+  # config.vm.provision :chef_client do |chef|
+  #   chef.chef_server_url = "https://api.opscode.com/organizations/ORGNAME"
+  #   chef.validation_key_path = "ORGNAME-validator.pem"
+  # end
+  #
+  # If you're using the Opscode platform, your validator client is
+  # ORGNAME-validator, replacing ORGNAME with your organization name.
+  #
+  # IF you have your own Chef Server, the default validation client name is
+  # chef-validator, unless you changed the configuration.
+  #
+  #   chef.validation_client_name = "ORGNAME-validator"
+end