simp-cli 1.0.12
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +15 -0
- data/LICENSE +27 -0
- data/README.md +48 -0
- data/Rakefile +142 -0
- data/bin/simp +5 -0
- data/lib/simp/cli.rb +88 -0
- data/lib/simp/cli/commands/bootstrap.rb +275 -0
- data/lib/simp/cli/commands/check.rb +163 -0
- data/lib/simp/cli/commands/cleancerts.rb +114 -0
- data/lib/simp/cli/commands/config.rb +235 -0
- data/lib/simp/cli/commands/doc.rb +14 -0
- data/lib/simp/cli/commands/passgen.rb +128 -0
- data/lib/simp/cli/commands/puppeteval.rb +82 -0
- data/lib/simp/cli/commands/runpuppet.rb +95 -0
- data/lib/simp/cli/config/item.rb +456 -0
- data/lib/simp/cli/config/item/add_ldap_to_hiera.rb +43 -0
- data/lib/simp/cli/config/item/answers_yaml_file_writer.rb +58 -0
- data/lib/simp/cli/config/item/certificates.rb +39 -0
- data/lib/simp/cli/config/item/client_nets.rb +65 -0
- data/lib/simp/cli/config/item/common_runlevel_default.rb +32 -0
- data/lib/simp/cli/config/item/dns_search.rb +48 -0
- data/lib/simp/cli/config/item/dns_servers.rb +57 -0
- data/lib/simp/cli/config/item/failover_log_servers.rb +27 -0
- data/lib/simp/cli/config/item/gateway.rb +32 -0
- data/lib/simp/cli/config/item/grub_password.rb +51 -0
- data/lib/simp/cli/config/item/hostname.rb +24 -0
- data/lib/simp/cli/config/item/hostname_conf.rb +48 -0
- data/lib/simp/cli/config/item/ipaddress.rb +46 -0
- data/lib/simp/cli/config/item/is_master_yum_server.rb +23 -0
- data/lib/simp/cli/config/item/ldap_base_dn.rb +38 -0
- data/lib/simp/cli/config/item/ldap_bind_dn.rb +34 -0
- data/lib/simp/cli/config/item/ldap_bind_hash.rb +28 -0
- data/lib/simp/cli/config/item/ldap_bind_pw.rb +24 -0
- data/lib/simp/cli/config/item/ldap_master.rb +33 -0
- data/lib/simp/cli/config/item/ldap_root_dn.rb +42 -0
- data/lib/simp/cli/config/item/ldap_root_hash.rb +35 -0
- data/lib/simp/cli/config/item/ldap_sync_dn.rb +24 -0
- data/lib/simp/cli/config/item/ldap_sync_hash.rb +28 -0
- data/lib/simp/cli/config/item/ldap_sync_pw.rb +26 -0
- data/lib/simp/cli/config/item/ldap_uri.rb +43 -0
- data/lib/simp/cli/config/item/log_servers.rb +27 -0
- data/lib/simp/cli/config/item/netmask.rb +39 -0
- data/lib/simp/cli/config/item/network_conf.rb +63 -0
- data/lib/simp/cli/config/item/network_dhcp.rb +27 -0
- data/lib/simp/cli/config/item/network_interface.rb +41 -0
- data/lib/simp/cli/config/item/network_setup_nic.rb +28 -0
- data/lib/simp/cli/config/item/ntp_servers.rb +69 -0
- data/lib/simp/cli/config/item/puppet_autosign.rb +66 -0
- data/lib/simp/cli/config/item/puppet_ca.rb +31 -0
- data/lib/simp/cli/config/item/puppet_ca_port.rb +28 -0
- data/lib/simp/cli/config/item/puppet_conf.rb +98 -0
- data/lib/simp/cli/config/item/puppet_fileserver.rb +104 -0
- data/lib/simp/cli/config/item/puppet_hosts_entry.rb +44 -0
- data/lib/simp/cli/config/item/puppet_server.rb +30 -0
- data/lib/simp/cli/config/item/puppet_server_ip.rb +25 -0
- data/lib/simp/cli/config/item/puppetdb_port.rb +25 -0
- data/lib/simp/cli/config/item/puppetdb_server.rb +26 -0
- data/lib/simp/cli/config/item/remove_ldap_from_hiera.rb +47 -0
- data/lib/simp/cli/config/item/rename_fqdn_yaml.rb +40 -0
- data/lib/simp/cli/config/item/rsync_base.rb +37 -0
- data/lib/simp/cli/config/item/rsync_server.rb +44 -0
- data/lib/simp/cli/config/item/rsync_timeout.rb +26 -0
- data/lib/simp/cli/config/item/set_grub_password.rb +19 -0
- data/lib/simp/cli/config/item/simp_yum_servers.rb +30 -0
- data/lib/simp/cli/config/item/use_auditd.rb +19 -0
- data/lib/simp/cli/config/item/use_fips.rb +46 -0
- data/lib/simp/cli/config/item/use_iptables.rb +22 -0
- data/lib/simp/cli/config/item/use_ldap.rb +19 -0
- data/lib/simp/cli/config/item/use_selinux.rb +32 -0
- data/lib/simp/cli/config/item/yum_repositories.rb +75 -0
- data/lib/simp/cli/config/item_list_factory.rb +236 -0
- data/lib/simp/cli/config/questionnaire.rb +86 -0
- data/lib/simp/cli/config/utils.rb +128 -0
- data/lib/simp/cli/lib/utils.rb +114 -0
- data/lib/simp/simp.rb +77 -0
- data/spec/lib/simp/cli/commands/config_spec.rb +42 -0
- data/spec/lib/simp/cli/config/item/add_ldap_to_hiera_spec.rb +58 -0
- data/spec/lib/simp/cli/config/item/answers_yaml_file_writer_spec.rb +86 -0
- data/spec/lib/simp/cli/config/item/certificates_spec.rb +50 -0
- data/spec/lib/simp/cli/config/item/client_nets_spec.rb +66 -0
- data/spec/lib/simp/cli/config/item/common_runlevel_default_spec.rb +27 -0
- data/spec/lib/simp/cli/config/item/dns_search_spec.rb +74 -0
- data/spec/lib/simp/cli/config/item/dns_servers_spec.rb +76 -0
- data/spec/lib/simp/cli/config/item/failover_log_servers_spec.rb +49 -0
- data/spec/lib/simp/cli/config/item/files/FakeCA/cacertkey +1 -0
- data/spec/lib/simp/cli/config/item/files/FakeCA/gencerts_nopass.sh +10 -0
- data/spec/lib/simp/cli/config/item/files/autosign.conf.new +11 -0
- data/spec/lib/simp/cli/config/item/files/autosign.conf.used +15 -0
- data/spec/lib/simp/cli/config/item/files/fileserver.conf +41 -0
- data/spec/lib/simp/cli/config/item/files/hosts +2 -0
- data/spec/lib/simp/cli/config/item/files/hosts.old_puppet_entry +3 -0
- data/spec/lib/simp/cli/config/item/files/puppet.conf +25 -0
- data/spec/lib/simp/cli/config/item/files/puppet.your.domain.yaml +21 -0
- data/spec/lib/simp/cli/config/item/files/resolv.conf__multiple +10 -0
- data/spec/lib/simp/cli/config/item/files/resolv.conf__single +4 -0
- data/spec/lib/simp/cli/config/item/files/rsyncd.conf +225 -0
- data/spec/lib/simp/cli/config/item/gateway_spec.rb +23 -0
- data/spec/lib/simp/cli/config/item/grub_password_spec.rb +24 -0
- data/spec/lib/simp/cli/config/item/hostname_conf_spec.rb +27 -0
- data/spec/lib/simp/cli/config/item/hostname_spec.rb +22 -0
- data/spec/lib/simp/cli/config/item/ipaddress_spec.rb +40 -0
- data/spec/lib/simp/cli/config/item/is_master_yum_server_spec.rb +29 -0
- data/spec/lib/simp/cli/config/item/ldap_base_dn_spec.rb +23 -0
- data/spec/lib/simp/cli/config/item/ldap_bind_dn_spec.rb +23 -0
- data/spec/lib/simp/cli/config/item/ldap_bind_hash_spec.rb +23 -0
- data/spec/lib/simp/cli/config/item/ldap_bind_pw_spec.rb +21 -0
- data/spec/lib/simp/cli/config/item/ldap_master_spec.rb +37 -0
- data/spec/lib/simp/cli/config/item/ldap_root_dn_spec.rb +23 -0
- data/spec/lib/simp/cli/config/item/ldap_root_hash_spec.rb +23 -0
- data/spec/lib/simp/cli/config/item/ldap_sync_dn_spec.rb +22 -0
- data/spec/lib/simp/cli/config/item/ldap_sync_hash_spec.rb +23 -0
- data/spec/lib/simp/cli/config/item/ldap_sync_pw_spec.rb +21 -0
- data/spec/lib/simp/cli/config/item/ldap_uri_spec.rb +32 -0
- data/spec/lib/simp/cli/config/item/log_servers_spec.rb +49 -0
- data/spec/lib/simp/cli/config/item/netmask_spec.rb +28 -0
- data/spec/lib/simp/cli/config/item/network_conf_spec.rb +63 -0
- data/spec/lib/simp/cli/config/item/network_dhcp_spec.rb +11 -0
- data/spec/lib/simp/cli/config/item/network_interface_spec.rb +26 -0
- data/spec/lib/simp/cli/config/item/network_setup_nic_spec.rb +29 -0
- data/spec/lib/simp/cli/config/item/ntp_servers_spec.rb +43 -0
- data/spec/lib/simp/cli/config/item/puppet_autosign_spec.rb +55 -0
- data/spec/lib/simp/cli/config/item/puppet_ca_port_spec.rb +23 -0
- data/spec/lib/simp/cli/config/item/puppet_ca_spec.rb +22 -0
- data/spec/lib/simp/cli/config/item/puppet_conf_spec.rb +110 -0
- data/spec/lib/simp/cli/config/item/puppet_fileserver_spec.rb +53 -0
- data/spec/lib/simp/cli/config/item/puppet_hosts_entry_spec.rb +85 -0
- data/spec/lib/simp/cli/config/item/puppet_server_ip_spec.rb +24 -0
- data/spec/lib/simp/cli/config/item/puppet_server_spec.rb +22 -0
- data/spec/lib/simp/cli/config/item/puppetdb_port_spec.rb +25 -0
- data/spec/lib/simp/cli/config/item/puppetdb_server_spec.rb +25 -0
- data/spec/lib/simp/cli/config/item/remove_ldap_from_hiera_spec.rb +58 -0
- data/spec/lib/simp/cli/config/item/rename_fqdn_yaml_spec.rb +63 -0
- data/spec/lib/simp/cli/config/item/rsync_base_spec.rb +28 -0
- data/spec/lib/simp/cli/config/item/rsync_server_spec.rb +41 -0
- data/spec/lib/simp/cli/config/item/rsync_timeout_spec.rb +21 -0
- data/spec/lib/simp/cli/config/item/set_grub_password_spec.rb +29 -0
- data/spec/lib/simp/cli/config/item/simp_yum_servers_spec.rb +41 -0
- data/spec/lib/simp/cli/config/item/spec_helper.rb +22 -0
- data/spec/lib/simp/cli/config/item/use_auditd_spec.rb +29 -0
- data/spec/lib/simp/cli/config/item/use_fips_spec.rb +29 -0
- data/spec/lib/simp/cli/config/item/use_iptables_spec.rb +29 -0
- data/spec/lib/simp/cli/config/item/use_ldap_spec.rb +29 -0
- data/spec/lib/simp/cli/config/item/use_selinux_spec.rb +24 -0
- data/spec/lib/simp/cli/config/item/yum_repositories_spec.rb +94 -0
- data/spec/lib/simp/cli/config/item_spec.rb +106 -0
- data/spec/lib/simp/cli/config/spec_helper.rb +1 -0
- data/spec/lib/simp/cli/config/utils_spec.rb +131 -0
- data/spec/lib/simp/cli/spec_helper.rb +1 -0
- data/spec/spec_helper.rb +91 -0
- metadata +391 -0
@@ -0,0 +1,24 @@
|
|
1
|
+
require 'highline/import'
|
2
|
+
require File.expand_path( '../item', File.dirname(__FILE__) )
|
3
|
+
require File.expand_path( '../utils', File.dirname(__FILE__) )
|
4
|
+
|
5
|
+
module Simp; end
|
6
|
+
class Simp::Cli; end
|
7
|
+
module Simp::Cli::Config
|
8
|
+
class Item::Hostname < Item
|
9
|
+
def initialize
|
10
|
+
super
|
11
|
+
@key = 'hostname'
|
12
|
+
@description = %q{The FQDN of the system.}
|
13
|
+
@fact = 'fqdn'
|
14
|
+
end
|
15
|
+
|
16
|
+
def validate( x )
|
17
|
+
Simp::Cli::Config::Utils.validate_fqdn x
|
18
|
+
end
|
19
|
+
|
20
|
+
def recommended_value
|
21
|
+
validate( os_value ) ? os_value : 'puppet.change.me'
|
22
|
+
end
|
23
|
+
end
|
24
|
+
end
|
@@ -0,0 +1,48 @@
|
|
1
|
+
require 'highline/import'
|
2
|
+
require File.expand_path( '../item', File.dirname(__FILE__) )
|
3
|
+
require File.expand_path( '../utils', File.dirname(__FILE__) )
|
4
|
+
|
5
|
+
module Simp; end
|
6
|
+
class Simp::Cli; end
|
7
|
+
module Simp::Cli::Config
|
8
|
+
class Item::HostnameConf < ActionItem
|
9
|
+
def initialize
|
10
|
+
super
|
11
|
+
@key = 'hostname::conf'
|
12
|
+
@description = 'action item; configures hostname'
|
13
|
+
@die_on_apply_fail = true
|
14
|
+
end
|
15
|
+
|
16
|
+
def apply
|
17
|
+
success = true
|
18
|
+
fqdn = @config_items.fetch( 'hostname' ).value
|
19
|
+
# TODO: should we use this shortname instead of fqdn?
|
20
|
+
hostname = fqdn.split('.').first
|
21
|
+
|
22
|
+
# copy/pasta'd logic from old simp config
|
23
|
+
# TODO: replace this with 'puppet apply' + network::global
|
24
|
+
say_green ' updating hostname...' if !@silent
|
25
|
+
|
26
|
+
`hostname #{fqdn}`
|
27
|
+
success = success && $?.success?
|
28
|
+
|
29
|
+
`sed -i '/HOSTNAME/d' /etc/sysconfig/network`
|
30
|
+
success = success && $?.success?
|
31
|
+
|
32
|
+
`echo HOSTNAME=#{fqdn} >> /etc/sysconfig/network`
|
33
|
+
success = success && $?.success?
|
34
|
+
|
35
|
+
# For EL 7 / systemd
|
36
|
+
if File.exist?('/etc/hostname')
|
37
|
+
say_green ' updating /etc/hostname...'
|
38
|
+
File.open('/etc/hostname','w'){|fh| fh.puts(fqdn)}
|
39
|
+
|
40
|
+
# hostnamectl is required to persist the change under systemd
|
41
|
+
`hostnamectl --static --pretty set-hostname #{fqdn}`
|
42
|
+
success = success && $?.success?
|
43
|
+
end
|
44
|
+
|
45
|
+
success
|
46
|
+
end
|
47
|
+
end
|
48
|
+
end
|
@@ -0,0 +1,46 @@
|
|
1
|
+
require File.expand_path( '../item', File.dirname(__FILE__) )
|
2
|
+
require File.expand_path( '../utils', File.dirname(__FILE__) )
|
3
|
+
|
4
|
+
module Simp; end
|
5
|
+
class Simp::Cli; end
|
6
|
+
module Simp::Cli::Config
|
7
|
+
class Item::IPAddress < Item
|
8
|
+
def initialize
|
9
|
+
super
|
10
|
+
@key = 'ipaddress'
|
11
|
+
@description = 'The IP address of this system'
|
12
|
+
@__warning = false
|
13
|
+
end
|
14
|
+
|
15
|
+
|
16
|
+
# TODO: comment upon the hell-logic below
|
17
|
+
# Config::Items are happiest when @fact if set and Facter returns a value
|
18
|
+
#
|
19
|
+
# But any Item that relies on the value of interface has a problem
|
20
|
+
# in that facter can't know which ipaddress_* fact to query until the value
|
21
|
+
# of interface is known.
|
22
|
+
def os_value
|
23
|
+
ip = nil
|
24
|
+
nic = @config_items.fetch( 'network::interface' ).value
|
25
|
+
if nic || @fact
|
26
|
+
@fact = @fact || "ipaddress_#{nic}"
|
27
|
+
ip = super
|
28
|
+
if ip.nil? and !@__warning
|
29
|
+
warning = "WARNING: #{@key}: No IP Address found for NIC #{nic}"
|
30
|
+
say "<%= color(%q{#{warning}}, YELLOW) %>\n"
|
31
|
+
@__warning = true
|
32
|
+
end
|
33
|
+
end
|
34
|
+
ip
|
35
|
+
end
|
36
|
+
|
37
|
+
|
38
|
+
# Always recommend the configured IP
|
39
|
+
def recommended_value; os_value; end
|
40
|
+
|
41
|
+
|
42
|
+
def validate( x )
|
43
|
+
Simp::Cli::Config::Utils.validate_ip x
|
44
|
+
end
|
45
|
+
end
|
46
|
+
end
|
@@ -0,0 +1,23 @@
|
|
1
|
+
require 'highline/import'
|
2
|
+
require File.expand_path( '../item', File.dirname(__FILE__) )
|
3
|
+
require File.expand_path( '../utils', File.dirname(__FILE__) )
|
4
|
+
|
5
|
+
module Simp; end
|
6
|
+
class Simp::Cli; end
|
7
|
+
module Simp::Cli::Config
|
8
|
+
class Item::IsMasterYumServer < YesNoItem
|
9
|
+
def initialize
|
10
|
+
super
|
11
|
+
@key = 'is_master_yum_server'
|
12
|
+
@description = %q{Is the master also used as a YUM server?
|
13
|
+
|
14
|
+
This option should be yes if the Puppet master (this system) will also act as a
|
15
|
+
YUM server.
|
16
|
+
}
|
17
|
+
end
|
18
|
+
|
19
|
+
def recommended_value
|
20
|
+
'yes'
|
21
|
+
end
|
22
|
+
end
|
23
|
+
end
|
@@ -0,0 +1,38 @@
|
|
1
|
+
require 'highline/import'
|
2
|
+
require File.expand_path( '../item', File.dirname(__FILE__) )
|
3
|
+
require File.expand_path( '../utils', File.dirname(__FILE__) )
|
4
|
+
|
5
|
+
module Simp; end
|
6
|
+
class Simp::Cli; end
|
7
|
+
module Simp::Cli::Config
|
8
|
+
class Item::LdapBaseDn < Item
|
9
|
+
def initialize
|
10
|
+
super
|
11
|
+
@key = 'ldap::base_dn'
|
12
|
+
@description = %Q{The Base DN of the LDAP server}
|
13
|
+
end
|
14
|
+
|
15
|
+
|
16
|
+
def os_value
|
17
|
+
# TODO: turn into custom fact?
|
18
|
+
result = nil
|
19
|
+
if File.readable?('/etc/openldap/ldap.conf') &&
|
20
|
+
`grep BASE /etc/openldap/ldap.conf` =~ /^\s*BASE\s+(\S+)\s*/
|
21
|
+
result = $1
|
22
|
+
end
|
23
|
+
result
|
24
|
+
end
|
25
|
+
|
26
|
+
|
27
|
+
def recommended_value
|
28
|
+
if item = @config_items.fetch( 'hostname', nil )
|
29
|
+
item.value.split('.')[1..-1].map{ |domain| "dc=#{domain}" }.join(',')
|
30
|
+
end
|
31
|
+
end
|
32
|
+
|
33
|
+
|
34
|
+
def validate( x )
|
35
|
+
(x.to_s =~ /^dc=/) ? true : false
|
36
|
+
end
|
37
|
+
end
|
38
|
+
end
|
@@ -0,0 +1,34 @@
|
|
1
|
+
require 'highline/import'
|
2
|
+
require File.expand_path( '../item', File.dirname(__FILE__) )
|
3
|
+
require File.expand_path( '../utils', File.dirname(__FILE__) )
|
4
|
+
|
5
|
+
module Simp; end
|
6
|
+
class Simp::Cli; end
|
7
|
+
module Simp::Cli::Config
|
8
|
+
class Item::LdapBindDn < Item
|
9
|
+
def initialize
|
10
|
+
super
|
11
|
+
@key = 'ldap::bind_dn'
|
12
|
+
@description = %Q{LDAP Bind Distinguished Name}
|
13
|
+
end
|
14
|
+
|
15
|
+
|
16
|
+
def os_value
|
17
|
+
# TODO: turn into custom fact?
|
18
|
+
if File.readable?('/etc/openldap/ldap.conf') &&
|
19
|
+
`grep BINDDN /etc/openldap/ldap.conf` =~ /\ABINDDN\s+(\S+)\s*/
|
20
|
+
$1
|
21
|
+
end
|
22
|
+
end
|
23
|
+
|
24
|
+
|
25
|
+
def validate( x )
|
26
|
+
(x.to_s =~ /^cn=/) ? true : false
|
27
|
+
end
|
28
|
+
|
29
|
+
|
30
|
+
def recommended_value
|
31
|
+
"cn=hostAuth,ou=Hosts,%{hiera('ldap::base_dn')}"
|
32
|
+
end
|
33
|
+
end
|
34
|
+
end
|
@@ -0,0 +1,28 @@
|
|
1
|
+
require 'highline/import'
|
2
|
+
require File.expand_path( '../item', File.dirname(__FILE__) )
|
3
|
+
require File.expand_path( '../utils', File.dirname(__FILE__) )
|
4
|
+
|
5
|
+
module Simp; end
|
6
|
+
class Simp::Cli; end
|
7
|
+
module Simp::Cli::Config
|
8
|
+
class Item::LdapBindHash < Item
|
9
|
+
def initialize
|
10
|
+
super
|
11
|
+
@key = 'ldap::bind_hash'
|
12
|
+
@description = %Q{The salted LDAP bind password hash}
|
13
|
+
@skip_query = true
|
14
|
+
end
|
15
|
+
|
16
|
+
def recommended_value
|
17
|
+
encrypt( @config_items.fetch( 'ldap::bind_pw' ).value )
|
18
|
+
end
|
19
|
+
|
20
|
+
def encrypt( string, salt=nil )
|
21
|
+
Simp::Cli::Config::Utils.encrypt_openldap_hash( string, salt )
|
22
|
+
end
|
23
|
+
|
24
|
+
def validate( x )
|
25
|
+
Simp::Cli::Config::Utils.validate_openldap_hash( x )
|
26
|
+
end
|
27
|
+
end
|
28
|
+
end
|
@@ -0,0 +1,24 @@
|
|
1
|
+
require File.expand_path( '../item', File.dirname(__FILE__) )
|
2
|
+
require File.expand_path( '../utils', File.dirname(__FILE__) )
|
3
|
+
|
4
|
+
module Simp; end
|
5
|
+
class Simp::Cli; end
|
6
|
+
|
7
|
+
module Simp::Cli::Config
|
8
|
+
class Item::LdapBindPw < PasswordItem
|
9
|
+
def initialize
|
10
|
+
super
|
11
|
+
@key = 'ldap::bind_pw'
|
12
|
+
@description = %Q{The LDAP bind password}
|
13
|
+
end
|
14
|
+
|
15
|
+
def validate string
|
16
|
+
!string.to_s.strip.empty? && super
|
17
|
+
end
|
18
|
+
|
19
|
+
# LDAP Bind PW must known and stored in cleartext
|
20
|
+
def encrypt string
|
21
|
+
string
|
22
|
+
end
|
23
|
+
end
|
24
|
+
end
|
@@ -0,0 +1,33 @@
|
|
1
|
+
require "resolv"
|
2
|
+
require 'highline/import'
|
3
|
+
require File.expand_path( '../item', File.dirname(__FILE__) )
|
4
|
+
require File.expand_path( '../utils', File.dirname(__FILE__) )
|
5
|
+
|
6
|
+
module Simp; end
|
7
|
+
class Simp::Cli; end
|
8
|
+
module Simp::Cli::Config
|
9
|
+
class Item::LdapMaster < Item
|
10
|
+
def initialize
|
11
|
+
super
|
12
|
+
@key = 'ldap::master'
|
13
|
+
@description = %Q{This is the LDAP master in URI form (ldap://server)}
|
14
|
+
end
|
15
|
+
|
16
|
+
def recommended_value
|
17
|
+
if item = @config_items.fetch( 'hostname', nil )
|
18
|
+
"ldap://#{item.value}"
|
19
|
+
end
|
20
|
+
end
|
21
|
+
|
22
|
+
def validate item
|
23
|
+
result = false
|
24
|
+
if ( item =~ %r{^ldap://.+} ) ? true : false
|
25
|
+
i = item.sub( %r{^ldap://}, '' )
|
26
|
+
result = ( Simp::Cli::Config::Utils.validate_hostname( i ) ||
|
27
|
+
Simp::Cli::Config::Utils.validate_fqdn( i ) ||
|
28
|
+
Simp::Cli::Config::Utils.validate_ip( i ) )
|
29
|
+
end
|
30
|
+
result
|
31
|
+
end
|
32
|
+
end
|
33
|
+
end
|
@@ -0,0 +1,42 @@
|
|
1
|
+
require 'highline/import'
|
2
|
+
require File.expand_path( '../item', File.dirname(__FILE__) )
|
3
|
+
require File.expand_path( '../utils', File.dirname(__FILE__) )
|
4
|
+
|
5
|
+
module Simp; end
|
6
|
+
class Simp::Cli; end
|
7
|
+
module Simp::Cli::Config
|
8
|
+
class Item::LdapRootDn < Item
|
9
|
+
def initialize
|
10
|
+
super
|
11
|
+
@key = 'ldap::root_dn'
|
12
|
+
@description = %Q{The LDAP root DN.}
|
13
|
+
|
14
|
+
end
|
15
|
+
|
16
|
+
|
17
|
+
def os_value
|
18
|
+
# TODO: turn into custom fact?
|
19
|
+
result = nil
|
20
|
+
if File.readable?('/etc/openldap/ldap.conf') &&
|
21
|
+
`grep rootdn /etc/openldap/slapd.conf` =~ /\Arootdn\s+[\"](.*)[\"]\s*/
|
22
|
+
result = $1
|
23
|
+
end
|
24
|
+
result
|
25
|
+
end
|
26
|
+
|
27
|
+
def os_value
|
28
|
+
if File.readable?('/etc/openldap/slapd.conf')
|
29
|
+
`grep rootdn /etc/openldap/slapd.conf` =~ /\Arootdn\s+[\"](.*)[\"]\s*/
|
30
|
+
$1
|
31
|
+
end
|
32
|
+
end
|
33
|
+
|
34
|
+
def recommended_value
|
35
|
+
"cn=LDAPAdmin,ou=People,%{hiera('ldap::base_dn')}"
|
36
|
+
end
|
37
|
+
|
38
|
+
def validate( x )
|
39
|
+
(x.to_s =~ /^cn=/) ? true : false
|
40
|
+
end
|
41
|
+
end
|
42
|
+
end
|
@@ -0,0 +1,35 @@
|
|
1
|
+
require 'highline/import'
|
2
|
+
require File.expand_path( '../item', File.dirname(__FILE__) )
|
3
|
+
require File.expand_path( '../utils', File.dirname(__FILE__) )
|
4
|
+
|
5
|
+
module Simp; end
|
6
|
+
class Simp::Cli; end
|
7
|
+
module Simp::Cli::Config
|
8
|
+
class Item::LdapRootHash < PasswordItem
|
9
|
+
def initialize
|
10
|
+
super
|
11
|
+
@key = 'ldap::root_hash'
|
12
|
+
@description = %Q{The LDAP root password hash.
|
13
|
+
|
14
|
+
If you set this with simp config, type the password and the hash will be
|
15
|
+
generated for you.' }.gsub( /^\s{8}/, '' )
|
16
|
+
@generate_by_default = false
|
17
|
+
end
|
18
|
+
|
19
|
+
def os_value
|
20
|
+
if File.readable?('/etc/openldap/slapd.conf')
|
21
|
+
`grep rootpw /etc/openldap/slapd.conf` =~ /\Arootpw\s+(.*)\s*/
|
22
|
+
$1
|
23
|
+
end
|
24
|
+
end
|
25
|
+
|
26
|
+
def encrypt( string, salt=nil )
|
27
|
+
Simp::Cli::Config::Utils.encrypt_openldap_hash( string, salt )
|
28
|
+
end
|
29
|
+
|
30
|
+
def validate( x )
|
31
|
+
Simp::Cli::Config::Utils.validate_openldap_hash( x ) ||
|
32
|
+
( !x.to_s.strip.empty? && super )
|
33
|
+
end
|
34
|
+
end
|
35
|
+
end
|
@@ -0,0 +1,24 @@
|
|
1
|
+
require 'highline/import'
|
2
|
+
require File.expand_path( '../item', File.dirname(__FILE__) )
|
3
|
+
require File.expand_path( '../utils', File.dirname(__FILE__) )
|
4
|
+
|
5
|
+
module Simp; end
|
6
|
+
class Simp::Cli; end
|
7
|
+
module Simp::Cli::Config
|
8
|
+
class Item::LdapSyncDn < Item
|
9
|
+
def initialize
|
10
|
+
super
|
11
|
+
@key = 'ldap::sync_dn'
|
12
|
+
@description = %Q{}
|
13
|
+
end
|
14
|
+
|
15
|
+
def validate( x )
|
16
|
+
(x.to_s =~ /^cn=/) ? true : false
|
17
|
+
end
|
18
|
+
|
19
|
+
def recommended_value
|
20
|
+
"cn=LDAPSync,ou=Hosts,%{hiera('ldap::base_dn')}"
|
21
|
+
end
|
22
|
+
|
23
|
+
end
|
24
|
+
end
|
@@ -0,0 +1,28 @@
|
|
1
|
+
require 'highline/import'
|
2
|
+
require File.expand_path( '../item', File.dirname(__FILE__) )
|
3
|
+
require File.expand_path( '../utils', File.dirname(__FILE__) )
|
4
|
+
|
5
|
+
module Simp; end
|
6
|
+
class Simp::Cli; end
|
7
|
+
module Simp::Cli::Config
|
8
|
+
class Item::LdapSyncHash < Item
|
9
|
+
def initialize
|
10
|
+
super
|
11
|
+
@key = 'ldap::sync_hash'
|
12
|
+
@skip_query = true
|
13
|
+
@description = %Q{}
|
14
|
+
end
|
15
|
+
|
16
|
+
def recommended_value
|
17
|
+
encrypt( @config_items.fetch( 'ldap::sync_pw' ).value )
|
18
|
+
end
|
19
|
+
|
20
|
+
def encrypt( string, salt=nil )
|
21
|
+
Simp::Cli::Config::Utils.encrypt_openldap_hash( string, salt )
|
22
|
+
end
|
23
|
+
|
24
|
+
def validate( x )
|
25
|
+
Simp::Cli::Config::Utils.validate_openldap_hash( x )
|
26
|
+
end
|
27
|
+
end
|
28
|
+
end
|
@@ -0,0 +1,26 @@
|
|
1
|
+
require File.expand_path( '../item', File.dirname(__FILE__) )
|
2
|
+
require File.expand_path( '../utils', File.dirname(__FILE__) )
|
3
|
+
|
4
|
+
module Simp; end
|
5
|
+
class Simp::Cli; end
|
6
|
+
|
7
|
+
module Simp::Cli::Config
|
8
|
+
class Item::LdapSyncPw < PasswordItem
|
9
|
+
def initialize
|
10
|
+
super
|
11
|
+
@key = 'ldap::sync_pw'
|
12
|
+
@description = %Q{The LDAP sync password}
|
13
|
+
end
|
14
|
+
|
15
|
+
|
16
|
+
def validate string
|
17
|
+
!string.to_s.strip.empty? && super
|
18
|
+
end
|
19
|
+
|
20
|
+
|
21
|
+
# LDAP Bind PW must known and stored in cleartext
|
22
|
+
def encrypt string
|
23
|
+
string
|
24
|
+
end
|
25
|
+
end
|
26
|
+
end
|