simp-cli 1.0.12

Sign up to get free protection for your applications and to get access to all the features.
Files changed (150) hide show
  1. checksums.yaml +15 -0
  2. data/LICENSE +27 -0
  3. data/README.md +48 -0
  4. data/Rakefile +142 -0
  5. data/bin/simp +5 -0
  6. data/lib/simp/cli.rb +88 -0
  7. data/lib/simp/cli/commands/bootstrap.rb +275 -0
  8. data/lib/simp/cli/commands/check.rb +163 -0
  9. data/lib/simp/cli/commands/cleancerts.rb +114 -0
  10. data/lib/simp/cli/commands/config.rb +235 -0
  11. data/lib/simp/cli/commands/doc.rb +14 -0
  12. data/lib/simp/cli/commands/passgen.rb +128 -0
  13. data/lib/simp/cli/commands/puppeteval.rb +82 -0
  14. data/lib/simp/cli/commands/runpuppet.rb +95 -0
  15. data/lib/simp/cli/config/item.rb +456 -0
  16. data/lib/simp/cli/config/item/add_ldap_to_hiera.rb +43 -0
  17. data/lib/simp/cli/config/item/answers_yaml_file_writer.rb +58 -0
  18. data/lib/simp/cli/config/item/certificates.rb +39 -0
  19. data/lib/simp/cli/config/item/client_nets.rb +65 -0
  20. data/lib/simp/cli/config/item/common_runlevel_default.rb +32 -0
  21. data/lib/simp/cli/config/item/dns_search.rb +48 -0
  22. data/lib/simp/cli/config/item/dns_servers.rb +57 -0
  23. data/lib/simp/cli/config/item/failover_log_servers.rb +27 -0
  24. data/lib/simp/cli/config/item/gateway.rb +32 -0
  25. data/lib/simp/cli/config/item/grub_password.rb +51 -0
  26. data/lib/simp/cli/config/item/hostname.rb +24 -0
  27. data/lib/simp/cli/config/item/hostname_conf.rb +48 -0
  28. data/lib/simp/cli/config/item/ipaddress.rb +46 -0
  29. data/lib/simp/cli/config/item/is_master_yum_server.rb +23 -0
  30. data/lib/simp/cli/config/item/ldap_base_dn.rb +38 -0
  31. data/lib/simp/cli/config/item/ldap_bind_dn.rb +34 -0
  32. data/lib/simp/cli/config/item/ldap_bind_hash.rb +28 -0
  33. data/lib/simp/cli/config/item/ldap_bind_pw.rb +24 -0
  34. data/lib/simp/cli/config/item/ldap_master.rb +33 -0
  35. data/lib/simp/cli/config/item/ldap_root_dn.rb +42 -0
  36. data/lib/simp/cli/config/item/ldap_root_hash.rb +35 -0
  37. data/lib/simp/cli/config/item/ldap_sync_dn.rb +24 -0
  38. data/lib/simp/cli/config/item/ldap_sync_hash.rb +28 -0
  39. data/lib/simp/cli/config/item/ldap_sync_pw.rb +26 -0
  40. data/lib/simp/cli/config/item/ldap_uri.rb +43 -0
  41. data/lib/simp/cli/config/item/log_servers.rb +27 -0
  42. data/lib/simp/cli/config/item/netmask.rb +39 -0
  43. data/lib/simp/cli/config/item/network_conf.rb +63 -0
  44. data/lib/simp/cli/config/item/network_dhcp.rb +27 -0
  45. data/lib/simp/cli/config/item/network_interface.rb +41 -0
  46. data/lib/simp/cli/config/item/network_setup_nic.rb +28 -0
  47. data/lib/simp/cli/config/item/ntp_servers.rb +69 -0
  48. data/lib/simp/cli/config/item/puppet_autosign.rb +66 -0
  49. data/lib/simp/cli/config/item/puppet_ca.rb +31 -0
  50. data/lib/simp/cli/config/item/puppet_ca_port.rb +28 -0
  51. data/lib/simp/cli/config/item/puppet_conf.rb +98 -0
  52. data/lib/simp/cli/config/item/puppet_fileserver.rb +104 -0
  53. data/lib/simp/cli/config/item/puppet_hosts_entry.rb +44 -0
  54. data/lib/simp/cli/config/item/puppet_server.rb +30 -0
  55. data/lib/simp/cli/config/item/puppet_server_ip.rb +25 -0
  56. data/lib/simp/cli/config/item/puppetdb_port.rb +25 -0
  57. data/lib/simp/cli/config/item/puppetdb_server.rb +26 -0
  58. data/lib/simp/cli/config/item/remove_ldap_from_hiera.rb +47 -0
  59. data/lib/simp/cli/config/item/rename_fqdn_yaml.rb +40 -0
  60. data/lib/simp/cli/config/item/rsync_base.rb +37 -0
  61. data/lib/simp/cli/config/item/rsync_server.rb +44 -0
  62. data/lib/simp/cli/config/item/rsync_timeout.rb +26 -0
  63. data/lib/simp/cli/config/item/set_grub_password.rb +19 -0
  64. data/lib/simp/cli/config/item/simp_yum_servers.rb +30 -0
  65. data/lib/simp/cli/config/item/use_auditd.rb +19 -0
  66. data/lib/simp/cli/config/item/use_fips.rb +46 -0
  67. data/lib/simp/cli/config/item/use_iptables.rb +22 -0
  68. data/lib/simp/cli/config/item/use_ldap.rb +19 -0
  69. data/lib/simp/cli/config/item/use_selinux.rb +32 -0
  70. data/lib/simp/cli/config/item/yum_repositories.rb +75 -0
  71. data/lib/simp/cli/config/item_list_factory.rb +236 -0
  72. data/lib/simp/cli/config/questionnaire.rb +86 -0
  73. data/lib/simp/cli/config/utils.rb +128 -0
  74. data/lib/simp/cli/lib/utils.rb +114 -0
  75. data/lib/simp/simp.rb +77 -0
  76. data/spec/lib/simp/cli/commands/config_spec.rb +42 -0
  77. data/spec/lib/simp/cli/config/item/add_ldap_to_hiera_spec.rb +58 -0
  78. data/spec/lib/simp/cli/config/item/answers_yaml_file_writer_spec.rb +86 -0
  79. data/spec/lib/simp/cli/config/item/certificates_spec.rb +50 -0
  80. data/spec/lib/simp/cli/config/item/client_nets_spec.rb +66 -0
  81. data/spec/lib/simp/cli/config/item/common_runlevel_default_spec.rb +27 -0
  82. data/spec/lib/simp/cli/config/item/dns_search_spec.rb +74 -0
  83. data/spec/lib/simp/cli/config/item/dns_servers_spec.rb +76 -0
  84. data/spec/lib/simp/cli/config/item/failover_log_servers_spec.rb +49 -0
  85. data/spec/lib/simp/cli/config/item/files/FakeCA/cacertkey +1 -0
  86. data/spec/lib/simp/cli/config/item/files/FakeCA/gencerts_nopass.sh +10 -0
  87. data/spec/lib/simp/cli/config/item/files/autosign.conf.new +11 -0
  88. data/spec/lib/simp/cli/config/item/files/autosign.conf.used +15 -0
  89. data/spec/lib/simp/cli/config/item/files/fileserver.conf +41 -0
  90. data/spec/lib/simp/cli/config/item/files/hosts +2 -0
  91. data/spec/lib/simp/cli/config/item/files/hosts.old_puppet_entry +3 -0
  92. data/spec/lib/simp/cli/config/item/files/puppet.conf +25 -0
  93. data/spec/lib/simp/cli/config/item/files/puppet.your.domain.yaml +21 -0
  94. data/spec/lib/simp/cli/config/item/files/resolv.conf__multiple +10 -0
  95. data/spec/lib/simp/cli/config/item/files/resolv.conf__single +4 -0
  96. data/spec/lib/simp/cli/config/item/files/rsyncd.conf +225 -0
  97. data/spec/lib/simp/cli/config/item/gateway_spec.rb +23 -0
  98. data/spec/lib/simp/cli/config/item/grub_password_spec.rb +24 -0
  99. data/spec/lib/simp/cli/config/item/hostname_conf_spec.rb +27 -0
  100. data/spec/lib/simp/cli/config/item/hostname_spec.rb +22 -0
  101. data/spec/lib/simp/cli/config/item/ipaddress_spec.rb +40 -0
  102. data/spec/lib/simp/cli/config/item/is_master_yum_server_spec.rb +29 -0
  103. data/spec/lib/simp/cli/config/item/ldap_base_dn_spec.rb +23 -0
  104. data/spec/lib/simp/cli/config/item/ldap_bind_dn_spec.rb +23 -0
  105. data/spec/lib/simp/cli/config/item/ldap_bind_hash_spec.rb +23 -0
  106. data/spec/lib/simp/cli/config/item/ldap_bind_pw_spec.rb +21 -0
  107. data/spec/lib/simp/cli/config/item/ldap_master_spec.rb +37 -0
  108. data/spec/lib/simp/cli/config/item/ldap_root_dn_spec.rb +23 -0
  109. data/spec/lib/simp/cli/config/item/ldap_root_hash_spec.rb +23 -0
  110. data/spec/lib/simp/cli/config/item/ldap_sync_dn_spec.rb +22 -0
  111. data/spec/lib/simp/cli/config/item/ldap_sync_hash_spec.rb +23 -0
  112. data/spec/lib/simp/cli/config/item/ldap_sync_pw_spec.rb +21 -0
  113. data/spec/lib/simp/cli/config/item/ldap_uri_spec.rb +32 -0
  114. data/spec/lib/simp/cli/config/item/log_servers_spec.rb +49 -0
  115. data/spec/lib/simp/cli/config/item/netmask_spec.rb +28 -0
  116. data/spec/lib/simp/cli/config/item/network_conf_spec.rb +63 -0
  117. data/spec/lib/simp/cli/config/item/network_dhcp_spec.rb +11 -0
  118. data/spec/lib/simp/cli/config/item/network_interface_spec.rb +26 -0
  119. data/spec/lib/simp/cli/config/item/network_setup_nic_spec.rb +29 -0
  120. data/spec/lib/simp/cli/config/item/ntp_servers_spec.rb +43 -0
  121. data/spec/lib/simp/cli/config/item/puppet_autosign_spec.rb +55 -0
  122. data/spec/lib/simp/cli/config/item/puppet_ca_port_spec.rb +23 -0
  123. data/spec/lib/simp/cli/config/item/puppet_ca_spec.rb +22 -0
  124. data/spec/lib/simp/cli/config/item/puppet_conf_spec.rb +110 -0
  125. data/spec/lib/simp/cli/config/item/puppet_fileserver_spec.rb +53 -0
  126. data/spec/lib/simp/cli/config/item/puppet_hosts_entry_spec.rb +85 -0
  127. data/spec/lib/simp/cli/config/item/puppet_server_ip_spec.rb +24 -0
  128. data/spec/lib/simp/cli/config/item/puppet_server_spec.rb +22 -0
  129. data/spec/lib/simp/cli/config/item/puppetdb_port_spec.rb +25 -0
  130. data/spec/lib/simp/cli/config/item/puppetdb_server_spec.rb +25 -0
  131. data/spec/lib/simp/cli/config/item/remove_ldap_from_hiera_spec.rb +58 -0
  132. data/spec/lib/simp/cli/config/item/rename_fqdn_yaml_spec.rb +63 -0
  133. data/spec/lib/simp/cli/config/item/rsync_base_spec.rb +28 -0
  134. data/spec/lib/simp/cli/config/item/rsync_server_spec.rb +41 -0
  135. data/spec/lib/simp/cli/config/item/rsync_timeout_spec.rb +21 -0
  136. data/spec/lib/simp/cli/config/item/set_grub_password_spec.rb +29 -0
  137. data/spec/lib/simp/cli/config/item/simp_yum_servers_spec.rb +41 -0
  138. data/spec/lib/simp/cli/config/item/spec_helper.rb +22 -0
  139. data/spec/lib/simp/cli/config/item/use_auditd_spec.rb +29 -0
  140. data/spec/lib/simp/cli/config/item/use_fips_spec.rb +29 -0
  141. data/spec/lib/simp/cli/config/item/use_iptables_spec.rb +29 -0
  142. data/spec/lib/simp/cli/config/item/use_ldap_spec.rb +29 -0
  143. data/spec/lib/simp/cli/config/item/use_selinux_spec.rb +24 -0
  144. data/spec/lib/simp/cli/config/item/yum_repositories_spec.rb +94 -0
  145. data/spec/lib/simp/cli/config/item_spec.rb +106 -0
  146. data/spec/lib/simp/cli/config/spec_helper.rb +1 -0
  147. data/spec/lib/simp/cli/config/utils_spec.rb +131 -0
  148. data/spec/lib/simp/cli/spec_helper.rb +1 -0
  149. data/spec/spec_helper.rb +91 -0
  150. metadata +391 -0
@@ -0,0 +1,10 @@
1
+ #!/bin/sh
2
+ # mocked gencerts_nopass.sh
3
+ for hosts in `cat togen`; do
4
+ hosts=`echo $hosts | sed -e 's/[ \t]//g'`
5
+ hname=`echo $hosts | cut -d',' -f1`
6
+ keydist="../keydist" # location in testing framework
7
+ mkdir -p "${keydist}/${hname}"
8
+ echo "$hname: dummy generated" >> ${keydist}/${hname}/${hname}.pub
9
+ cat ${keydist}/${hname}/${hname}.pub >> ${keydist}/${hname}/${hname}.pem
10
+ done
@@ -0,0 +1,11 @@
1
+ #
2
+ # You should place any hostnames/domains here that you wish to autosign.
3
+ # The most security concious method is to list each individual hostname:
4
+ # hosta.your.domain
5
+ # hostb.your.domain
6
+ #
7
+ # Wildcard domains work, but absolutely should NOT be used unless you fully
8
+ # trust your network.
9
+ # *.your.domain
10
+ #
11
+ puppet.your.domain
@@ -0,0 +1,15 @@
1
+ # You should place any hostnames/domains here that you wish to autosign.
2
+ # The most security conscious method is to list each individual hostname:
3
+ # hosta.your.domain
4
+ # hostb.your.domain
5
+ #
6
+ # Wildcard domains work, but absolutely should NOT be used unless you fully
7
+ # trust your network.
8
+ # *.your.domain
9
+
10
+ # TODO: provide an executable for autosign validation instead of an unvalidated
11
+ # list of certnames.
12
+ puppet.fake.domain
13
+ server1.fake.domain
14
+ server2.fake.domain
15
+
@@ -0,0 +1,41 @@
1
+ # fileserver.conf
2
+
3
+ # Puppet automatically serves PLUGINS and FILES FROM MODULES: anything in
4
+ # <module name>/files/<file name> is available to authenticated nodes at
5
+ # puppet:///modules/<module name>/<file name>. You do not need to edit this
6
+ # file to enable this.
7
+
8
+ # MOUNT POINTS
9
+
10
+ # If you need to serve files from a directory that is NOT in a module,
11
+ # you must create a static mount point in this file:
12
+ #
13
+ # [extra_files]
14
+ # path /etc/puppet/files
15
+ # allow *
16
+ #
17
+ # In the example above, anything in /etc/puppet/files/<file name> would be
18
+ # available to authenticated nodes at puppet:///extra_files/<file name>.
19
+ #
20
+ # Mount points may also use three placeholders as part of their path:
21
+ #
22
+ # %H - The node's certname.
23
+ # %h - The portion of the node's certname before the first dot. (Usually the
24
+ # node's short hostname.)
25
+ # %d - The portion of the node's certname after the first dot. (Usually the
26
+ # node's domain name.)
27
+
28
+ # PERMISSIONS
29
+
30
+ # Every static mount point should have an `allow *` line; setting more
31
+ # granular permissions in this file is deprecated. Instead, you can
32
+ # control file access in auth.conf by controlling the
33
+ # /file_metadata/<mount point> and /file_content/<mount point> paths:
34
+ #
35
+ # path ~ ^/file_(metadata|content)/extra_files/
36
+ # auth yes
37
+ # allow /^(.+)\.example\.com$/
38
+ # allow_ip 192.168.100.0/24
39
+ #
40
+ # If added to auth.conf BEFORE the "path /file" rule, the rule above
41
+ # will add stricter restrictions to the extra_files mount point.
@@ -0,0 +1,2 @@
1
+ 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
2
+ ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
@@ -0,0 +1,3 @@
1
+ 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
2
+ ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
3
+ 99.99.99.99 puppet.example.com puppet
@@ -0,0 +1,25 @@
1
+ [main]
2
+ # The Puppet log directory.
3
+ # The default value is '$vardir/log'.
4
+ logdir = /var/log/puppet
5
+
6
+ # Where Puppet PID files are kept.
7
+ # The default value is '$vardir/run'.
8
+ rundir = /var/run/puppet
9
+
10
+ # Where SSL certificates are kept.
11
+ # The default value is '$confdir/ssl'.
12
+ ssldir = $vardir/ssl
13
+
14
+ [agent]
15
+ # The file in which puppetd stores a list of the classes
16
+ # associated with the retrieved configuratiion. Can be loaded in
17
+ # the separate ``puppet`` executable using the ``--loadclasses``
18
+ # option.
19
+ # The default value is '$confdir/classes.txt'.
20
+ classfile = $vardir/classes.txt
21
+
22
+ # Where puppetd caches the local configuration. An
23
+ # extension indicating the cache format is added automatically.
24
+ # The default value is '$confdir/localconfig'.
25
+ localconfig = $vardir/localconfig
@@ -0,0 +1,21 @@
1
+ ---
2
+ # This must be a copy of at least 'client_nets' from simp_def.yaml if
3
+ # you want this to cover your base YUM repo services.
4
+ # The fact that you can't include other arrays from Hiera is
5
+ # registered in the Puppet Labs JIRA as HI-183.
6
+ #
7
+ apache::conf::allowroot : "%{hiera('client_nets')}"
8
+
9
+ rsync::server : '127.0.0.1'
10
+
11
+ # Disable hooking to the remote SIMP repos so that the local filesystem is
12
+ # always hit first.
13
+ #
14
+ # You should change this if using external yum repositories.
15
+ #
16
+ simp::yum::enable_simp_repos : false
17
+
18
+ classes :
19
+ - 'simp::server'
20
+ - 'simp::yum_server'
21
+ - 'simp::kickstart_server'
@@ -0,0 +1,10 @@
1
+ nameserver 10.0.0.1
2
+ nameserver 10.0.0.2
3
+ nameserver 10.0.0.3
4
+ domain tasty.bacon
5
+ # NOTE: the resolver only uses the last of multiple search declarations,
6
+ # therefore 'useless.bacon' is superfluous and should be ignored.
7
+ search useless.bacon
8
+ search tasty.bacon yucky.bacon instant.bacon
9
+ options ndots:1 timeout:2 attempts:2 rotate
10
+
@@ -0,0 +1,4 @@
1
+ options ndots:1 timeout:2 attempts:2 rotate
2
+ nameserver 10.0.0.1
3
+ domain tasty.bacon
4
+ search tasty.bacon
@@ -0,0 +1,225 @@
1
+ pid file = /var/run/rsyncd.pid
2
+ syslog facility = daemon
3
+ port = 873
4
+ address = 127.0.0.1
5
+ [apache]
6
+ comment = Apache configurations
7
+ path = /srv/rsync/apache
8
+ use chroot = false
9
+ max connections = 0
10
+ max verbosity = 1
11
+ lock file = /var/run/rsyncd.lock
12
+ read only = true
13
+ write only = false
14
+ list = false
15
+ uid = root
16
+ gid = root
17
+ outgoing chmod = o-rwx
18
+ ignore nonreadable = true
19
+ transfer logging = true
20
+ log format = '%o %h [%a] %m (%u) %f %l'
21
+ dont compress = *.gz *.tgz *.zip *.z *.rpm *.deb *.iso *.bz2 *.tbz *.rar *.jar *.pdf *.sar *.war
22
+ hosts allow = 127.0.0.1
23
+ hosts deny = *
24
+ auth users = apache_rsync
25
+ secrets file = /etc/rsync/apache.rsyncd.secrets
26
+ [bind_dns_default]
27
+ comment = Default DNS configurations for named
28
+ path = /srv/rsync/bind_dns/default
29
+ use chroot = false
30
+ max connections = 0
31
+ max verbosity = 1
32
+ lock file = /var/run/rsyncd.lock
33
+ read only = true
34
+ write only = false
35
+ list = false
36
+ uid = root
37
+ gid = root
38
+ outgoing chmod = o-w
39
+ ignore nonreadable = true
40
+ transfer logging = true
41
+ log format = '%o %h [%a] %m (%u) %f %l'
42
+ dont compress = *.gz *.tgz *.zip *.z *.rpm *.deb *.iso *.bz2 *.tbz *.rar *.jar *.pdf *.sar *.war
43
+ hosts allow = 127.0.0.1
44
+ hosts deny = *
45
+ auth users = bind_dns_default_rsync
46
+ secrets file = /etc/rsync/bind_dns_default.rsyncd.secrets
47
+ [clamav]
48
+ comment = ClamAV Virus Database Updates
49
+ path = /srv/rsync/clamav
50
+ use chroot = false
51
+ max connections = 0
52
+ max verbosity = 1
53
+ lock file = /var/run/rsyncd.lock
54
+ read only = true
55
+ write only = false
56
+ list = false
57
+ uid = root
58
+ gid = root
59
+ outgoing chmod = o-w
60
+ ignore nonreadable = true
61
+ transfer logging = true
62
+ log format = '%o %h [%a] %m (%u) %f %l'
63
+ dont compress = *.gz *.tgz *.zip *.z *.rpm *.deb *.iso *.bz2 *.tbz *.rar *.jar *.pdf *.sar *.war
64
+ hosts allow = 127.0.0.1
65
+ hosts deny = *
66
+ [default]
67
+ comment = The default file path
68
+ path = /srv/rsync/default
69
+ use chroot = false
70
+ max connections = 0
71
+ max verbosity = 1
72
+ lock file = /var/run/rsyncd.lock
73
+ read only = true
74
+ write only = false
75
+ list = false
76
+ uid = root
77
+ gid = root
78
+ outgoing chmod = o-w
79
+ ignore nonreadable = true
80
+ transfer logging = true
81
+ log format = '%o %h [%a] %m (%u) %f %l'
82
+ dont compress = *.gz *.tgz *.zip *.z *.rpm *.deb *.iso *.bz2 *.tbz *.rar *.jar *.pdf *.sar *.war
83
+ hosts allow = 127.0.0.1
84
+ hosts deny = *
85
+ [dhcpd]
86
+ comment = DHCP Configurations
87
+ path = /srv/rsync/dhcpd
88
+ use chroot = false
89
+ max connections = 0
90
+ max verbosity = 1
91
+ lock file = /var/run/rsyncd.lock
92
+ read only = true
93
+ write only = false
94
+ list = false
95
+ uid = root
96
+ gid = root
97
+ outgoing chmod = o-w
98
+ ignore nonreadable = true
99
+ transfer logging = true
100
+ log format = '%o %h [%a] %m (%u) %f %l'
101
+ dont compress = *.gz *.tgz *.zip *.z *.rpm *.deb *.iso *.bz2 *.tbz *.rar *.jar *.pdf *.sar *.war
102
+ hosts allow = 127.0.0.1
103
+ hosts deny = *
104
+ auth users = dhcpd_rsync
105
+ secrets file = /etc/rsync/dhcpd.rsyncd.secrets
106
+ [freeradius]
107
+ comment = Freeradius configuration files
108
+ path = /srv/rsync/freeradius
109
+ use chroot = false
110
+ max connections = 0
111
+ max verbosity = 1
112
+ lock file = /var/run/rsyncd.lock
113
+ read only = true
114
+ write only = false
115
+ list = false
116
+ uid = root
117
+ gid = root
118
+ outgoing chmod = o-w
119
+ ignore nonreadable = true
120
+ transfer logging = true
121
+ log format = '%o %h [%a] %m (%u) %f %l'
122
+ dont compress = *.gz *.tgz *.zip *.z *.rpm *.deb *.iso *.bz2 *.tbz *.rar *.jar *.pdf *.sar *.war
123
+ hosts allow = 127.0.0.1
124
+ hosts deny = *
125
+ auth users = freeradius_systems
126
+ secrets file = /etc/rsync/freeradius.rsyncd.secrets
127
+ [jenkins_plugins]
128
+ comment = Jenkins Configuration
129
+ path = /srv/rsync/jenkins_plugins
130
+ use chroot = false
131
+ max connections = 0
132
+ max verbosity = 1
133
+ lock file = /var/run/rsyncd.lock
134
+ read only = true
135
+ write only = false
136
+ list = false
137
+ uid = root
138
+ gid = root
139
+ outgoing chmod = o-w
140
+ ignore nonreadable = true
141
+ transfer logging = true
142
+ log format = '%o %h [%a] %m (%u) %f %l'
143
+ dont compress = *.gz *.tgz *.zip *.z *.rpm *.deb *.iso *.bz2 *.tbz *.rar *.jar *.pdf *.sar *.war
144
+ hosts allow = 127.0.0.1
145
+ hosts deny = *
146
+ [mcafee]
147
+ comment = McAfee DAT files
148
+ path = /srv/rsync/mcafee
149
+ use chroot = false
150
+ max connections = 0
151
+ max verbosity = 1
152
+ lock file = /var/run/rsyncd.lock
153
+ read only = true
154
+ write only = false
155
+ list = false
156
+ uid = root
157
+ gid = root
158
+ outgoing chmod = o-w
159
+ ignore nonreadable = true
160
+ transfer logging = true
161
+ log format = '%o %h [%a] %m (%u) %f %l'
162
+ dont compress = *.gz *.tgz *.zip *.z *.rpm *.deb *.iso *.bz2 *.tbz *.rar *.jar *.pdf *.sar *.war
163
+ hosts allow = 127.0.0.1
164
+ hosts deny = *
165
+ [openldap_server]
166
+ comment = Configuration for OpenLDAP
167
+ path = /srv/rsync/openldap/server
168
+ use chroot = false
169
+ max connections = 0
170
+ max verbosity = 1
171
+ lock file = /var/run/rsyncd.lock
172
+ read only = true
173
+ write only = false
174
+ list = false
175
+ uid = root
176
+ gid = root
177
+ outgoing chmod = o-w
178
+ ignore nonreadable = true
179
+ transfer logging = true
180
+ log format = '%o %h [%a] %m (%u) %f %l'
181
+ dont compress = *.gz *.tgz *.zip *.z *.rpm *.deb *.iso *.bz2 *.tbz *.rar *.jar *.pdf *.sar *.war
182
+ hosts allow = 127.0.0.1
183
+ hosts deny = *
184
+ auth users = openldap_rsync
185
+ secrets file = /etc/rsync/openldap_server.rsyncd.secrets
186
+ [snmp]
187
+ comment = SNMP MIBs and Modules
188
+ path = /srv/rsync/snmp
189
+ use chroot = false
190
+ max connections = 0
191
+ max verbosity = 1
192
+ lock file = /var/run/rsyncd.lock
193
+ read only = true
194
+ write only = false
195
+ list = false
196
+ uid = root
197
+ gid = root
198
+ outgoing chmod = o-w
199
+ ignore nonreadable = true
200
+ transfer logging = true
201
+ log format = '%o %h [%a] %m (%u) %f %l'
202
+ dont compress = *.gz *.tgz *.zip *.z *.rpm *.deb *.iso *.bz2 *.tbz *.rar *.jar *.pdf *.sar *.war
203
+ hosts allow = 127.0.0.1
204
+ hosts deny = *
205
+ [tftpboot]
206
+ comment = Tftpboot server configurations
207
+ path = /srv/rsync/tftpboot
208
+ use chroot = false
209
+ max connections = 0
210
+ max verbosity = 1
211
+ lock file = /var/run/rsyncd.lock
212
+ read only = true
213
+ write only = false
214
+ list = false
215
+ uid = root
216
+ gid = root
217
+ outgoing chmod = o-w
218
+ ignore nonreadable = true
219
+ transfer logging = true
220
+ log format = '%o %h [%a] %m (%u) %f %l'
221
+ dont compress = *.gz *.tgz *.zip *.z *.rpm *.deb *.iso *.bz2 *.tbz *.rar *.jar *.pdf *.sar *.war
222
+ hosts allow = 127.0.0.1
223
+ hosts deny = *
224
+ auth users = tftpboot_rsync
225
+ secrets file = /etc/rsync/tftpboot.rsyncd.secrets
@@ -0,0 +1,23 @@
1
+ require 'simp/cli/config/item/gateway'
2
+ require 'rspec/its'
3
+ require_relative( 'spec_helper' )
4
+
5
+ describe Simp::Cli::Config::Item::Gateway do
6
+ before :each do
7
+ @ci = Simp::Cli::Config::Item::Gateway.new
8
+ end
9
+
10
+ describe "#validate" do
11
+ it "validates plausible gateways" do
12
+ expect( @ci.validate '192.168.1.0' ).to eq true
13
+ end
14
+
15
+ it "doesn't validate impossible gateways" do
16
+ expect( @ci.validate nil ).to eq false
17
+ expect( @ci.validate false ).to eq false
18
+ expect( @ci.validate '999.999.999.999' ).to eq false
19
+ end
20
+ end
21
+
22
+ it_behaves_like "a child of Simp::Cli::Config::Item"
23
+ end
@@ -0,0 +1,24 @@
1
+ require 'simp/cli/config/item/grub_password'
2
+ require_relative( 'spec_helper' )
3
+
4
+ describe Simp::Cli::Config::Item::GrubPassword do
5
+ before :each do
6
+ @ci = Simp::Cli::Config::Item::GrubPassword.new
7
+ @ci.silent = true
8
+ end
9
+
10
+ describe "#encrypt" do
11
+ # NOTE: not much we can test except the hashed string length and characteristics of the type of hash
12
+ it "encrypts grub_passwords" do
13
+ crypted_pw = @ci.encrypt( 'foo' )
14
+ if Facter.value('lsbmajdistrelease') <= '6'
15
+ expect( crypted_pw ).to match /^\$6\$/
16
+ expect( 97..98 ).to cover( crypted_pw.length )
17
+ else
18
+ skip "TODO: define tests for EL7+ grub passwords"
19
+ end
20
+ end
21
+ end
22
+
23
+ it_behaves_like "a child of Simp::Cli::Config::Item"
24
+ end
@@ -0,0 +1,27 @@
1
+ require 'simp/cli/config/item/hostname_conf'
2
+
3
+ require 'simp/cli/config/item/network_interface'
4
+ require 'simp/cli/config/item/dns_search'
5
+ require 'simp/cli/config/item/dns_servers'
6
+ require 'simp/cli/config/item/gateway'
7
+ require 'simp/cli/config/item/hostname'
8
+ require 'simp/cli/config/item/ipaddress'
9
+ require 'simp/cli/config/item/netmask'
10
+ require 'simp/cli/config/item/network_dhcp'
11
+
12
+ require_relative( 'spec_helper' )
13
+
14
+ describe Simp::Cli::Config::Item::HostnameConf do
15
+ before :each do
16
+ @ci = Simp::Cli::Config::Item::HostnameConf.new
17
+ end
18
+
19
+ # TODO: how to test this?
20
+ describe "#apply" do
21
+ it "will do everything right" do
22
+ skip "FIXME: how shall we test HostnameConf#apply()?"
23
+ end
24
+ end
25
+
26
+ it_behaves_like "an Item that doesn't output YAML"
27
+ end