simp-cli 1.0.12

Sign up to get free protection for your applications and to get access to all the features.
Files changed (150) hide show
  1. checksums.yaml +15 -0
  2. data/LICENSE +27 -0
  3. data/README.md +48 -0
  4. data/Rakefile +142 -0
  5. data/bin/simp +5 -0
  6. data/lib/simp/cli.rb +88 -0
  7. data/lib/simp/cli/commands/bootstrap.rb +275 -0
  8. data/lib/simp/cli/commands/check.rb +163 -0
  9. data/lib/simp/cli/commands/cleancerts.rb +114 -0
  10. data/lib/simp/cli/commands/config.rb +235 -0
  11. data/lib/simp/cli/commands/doc.rb +14 -0
  12. data/lib/simp/cli/commands/passgen.rb +128 -0
  13. data/lib/simp/cli/commands/puppeteval.rb +82 -0
  14. data/lib/simp/cli/commands/runpuppet.rb +95 -0
  15. data/lib/simp/cli/config/item.rb +456 -0
  16. data/lib/simp/cli/config/item/add_ldap_to_hiera.rb +43 -0
  17. data/lib/simp/cli/config/item/answers_yaml_file_writer.rb +58 -0
  18. data/lib/simp/cli/config/item/certificates.rb +39 -0
  19. data/lib/simp/cli/config/item/client_nets.rb +65 -0
  20. data/lib/simp/cli/config/item/common_runlevel_default.rb +32 -0
  21. data/lib/simp/cli/config/item/dns_search.rb +48 -0
  22. data/lib/simp/cli/config/item/dns_servers.rb +57 -0
  23. data/lib/simp/cli/config/item/failover_log_servers.rb +27 -0
  24. data/lib/simp/cli/config/item/gateway.rb +32 -0
  25. data/lib/simp/cli/config/item/grub_password.rb +51 -0
  26. data/lib/simp/cli/config/item/hostname.rb +24 -0
  27. data/lib/simp/cli/config/item/hostname_conf.rb +48 -0
  28. data/lib/simp/cli/config/item/ipaddress.rb +46 -0
  29. data/lib/simp/cli/config/item/is_master_yum_server.rb +23 -0
  30. data/lib/simp/cli/config/item/ldap_base_dn.rb +38 -0
  31. data/lib/simp/cli/config/item/ldap_bind_dn.rb +34 -0
  32. data/lib/simp/cli/config/item/ldap_bind_hash.rb +28 -0
  33. data/lib/simp/cli/config/item/ldap_bind_pw.rb +24 -0
  34. data/lib/simp/cli/config/item/ldap_master.rb +33 -0
  35. data/lib/simp/cli/config/item/ldap_root_dn.rb +42 -0
  36. data/lib/simp/cli/config/item/ldap_root_hash.rb +35 -0
  37. data/lib/simp/cli/config/item/ldap_sync_dn.rb +24 -0
  38. data/lib/simp/cli/config/item/ldap_sync_hash.rb +28 -0
  39. data/lib/simp/cli/config/item/ldap_sync_pw.rb +26 -0
  40. data/lib/simp/cli/config/item/ldap_uri.rb +43 -0
  41. data/lib/simp/cli/config/item/log_servers.rb +27 -0
  42. data/lib/simp/cli/config/item/netmask.rb +39 -0
  43. data/lib/simp/cli/config/item/network_conf.rb +63 -0
  44. data/lib/simp/cli/config/item/network_dhcp.rb +27 -0
  45. data/lib/simp/cli/config/item/network_interface.rb +41 -0
  46. data/lib/simp/cli/config/item/network_setup_nic.rb +28 -0
  47. data/lib/simp/cli/config/item/ntp_servers.rb +69 -0
  48. data/lib/simp/cli/config/item/puppet_autosign.rb +66 -0
  49. data/lib/simp/cli/config/item/puppet_ca.rb +31 -0
  50. data/lib/simp/cli/config/item/puppet_ca_port.rb +28 -0
  51. data/lib/simp/cli/config/item/puppet_conf.rb +98 -0
  52. data/lib/simp/cli/config/item/puppet_fileserver.rb +104 -0
  53. data/lib/simp/cli/config/item/puppet_hosts_entry.rb +44 -0
  54. data/lib/simp/cli/config/item/puppet_server.rb +30 -0
  55. data/lib/simp/cli/config/item/puppet_server_ip.rb +25 -0
  56. data/lib/simp/cli/config/item/puppetdb_port.rb +25 -0
  57. data/lib/simp/cli/config/item/puppetdb_server.rb +26 -0
  58. data/lib/simp/cli/config/item/remove_ldap_from_hiera.rb +47 -0
  59. data/lib/simp/cli/config/item/rename_fqdn_yaml.rb +40 -0
  60. data/lib/simp/cli/config/item/rsync_base.rb +37 -0
  61. data/lib/simp/cli/config/item/rsync_server.rb +44 -0
  62. data/lib/simp/cli/config/item/rsync_timeout.rb +26 -0
  63. data/lib/simp/cli/config/item/set_grub_password.rb +19 -0
  64. data/lib/simp/cli/config/item/simp_yum_servers.rb +30 -0
  65. data/lib/simp/cli/config/item/use_auditd.rb +19 -0
  66. data/lib/simp/cli/config/item/use_fips.rb +46 -0
  67. data/lib/simp/cli/config/item/use_iptables.rb +22 -0
  68. data/lib/simp/cli/config/item/use_ldap.rb +19 -0
  69. data/lib/simp/cli/config/item/use_selinux.rb +32 -0
  70. data/lib/simp/cli/config/item/yum_repositories.rb +75 -0
  71. data/lib/simp/cli/config/item_list_factory.rb +236 -0
  72. data/lib/simp/cli/config/questionnaire.rb +86 -0
  73. data/lib/simp/cli/config/utils.rb +128 -0
  74. data/lib/simp/cli/lib/utils.rb +114 -0
  75. data/lib/simp/simp.rb +77 -0
  76. data/spec/lib/simp/cli/commands/config_spec.rb +42 -0
  77. data/spec/lib/simp/cli/config/item/add_ldap_to_hiera_spec.rb +58 -0
  78. data/spec/lib/simp/cli/config/item/answers_yaml_file_writer_spec.rb +86 -0
  79. data/spec/lib/simp/cli/config/item/certificates_spec.rb +50 -0
  80. data/spec/lib/simp/cli/config/item/client_nets_spec.rb +66 -0
  81. data/spec/lib/simp/cli/config/item/common_runlevel_default_spec.rb +27 -0
  82. data/spec/lib/simp/cli/config/item/dns_search_spec.rb +74 -0
  83. data/spec/lib/simp/cli/config/item/dns_servers_spec.rb +76 -0
  84. data/spec/lib/simp/cli/config/item/failover_log_servers_spec.rb +49 -0
  85. data/spec/lib/simp/cli/config/item/files/FakeCA/cacertkey +1 -0
  86. data/spec/lib/simp/cli/config/item/files/FakeCA/gencerts_nopass.sh +10 -0
  87. data/spec/lib/simp/cli/config/item/files/autosign.conf.new +11 -0
  88. data/spec/lib/simp/cli/config/item/files/autosign.conf.used +15 -0
  89. data/spec/lib/simp/cli/config/item/files/fileserver.conf +41 -0
  90. data/spec/lib/simp/cli/config/item/files/hosts +2 -0
  91. data/spec/lib/simp/cli/config/item/files/hosts.old_puppet_entry +3 -0
  92. data/spec/lib/simp/cli/config/item/files/puppet.conf +25 -0
  93. data/spec/lib/simp/cli/config/item/files/puppet.your.domain.yaml +21 -0
  94. data/spec/lib/simp/cli/config/item/files/resolv.conf__multiple +10 -0
  95. data/spec/lib/simp/cli/config/item/files/resolv.conf__single +4 -0
  96. data/spec/lib/simp/cli/config/item/files/rsyncd.conf +225 -0
  97. data/spec/lib/simp/cli/config/item/gateway_spec.rb +23 -0
  98. data/spec/lib/simp/cli/config/item/grub_password_spec.rb +24 -0
  99. data/spec/lib/simp/cli/config/item/hostname_conf_spec.rb +27 -0
  100. data/spec/lib/simp/cli/config/item/hostname_spec.rb +22 -0
  101. data/spec/lib/simp/cli/config/item/ipaddress_spec.rb +40 -0
  102. data/spec/lib/simp/cli/config/item/is_master_yum_server_spec.rb +29 -0
  103. data/spec/lib/simp/cli/config/item/ldap_base_dn_spec.rb +23 -0
  104. data/spec/lib/simp/cli/config/item/ldap_bind_dn_spec.rb +23 -0
  105. data/spec/lib/simp/cli/config/item/ldap_bind_hash_spec.rb +23 -0
  106. data/spec/lib/simp/cli/config/item/ldap_bind_pw_spec.rb +21 -0
  107. data/spec/lib/simp/cli/config/item/ldap_master_spec.rb +37 -0
  108. data/spec/lib/simp/cli/config/item/ldap_root_dn_spec.rb +23 -0
  109. data/spec/lib/simp/cli/config/item/ldap_root_hash_spec.rb +23 -0
  110. data/spec/lib/simp/cli/config/item/ldap_sync_dn_spec.rb +22 -0
  111. data/spec/lib/simp/cli/config/item/ldap_sync_hash_spec.rb +23 -0
  112. data/spec/lib/simp/cli/config/item/ldap_sync_pw_spec.rb +21 -0
  113. data/spec/lib/simp/cli/config/item/ldap_uri_spec.rb +32 -0
  114. data/spec/lib/simp/cli/config/item/log_servers_spec.rb +49 -0
  115. data/spec/lib/simp/cli/config/item/netmask_spec.rb +28 -0
  116. data/spec/lib/simp/cli/config/item/network_conf_spec.rb +63 -0
  117. data/spec/lib/simp/cli/config/item/network_dhcp_spec.rb +11 -0
  118. data/spec/lib/simp/cli/config/item/network_interface_spec.rb +26 -0
  119. data/spec/lib/simp/cli/config/item/network_setup_nic_spec.rb +29 -0
  120. data/spec/lib/simp/cli/config/item/ntp_servers_spec.rb +43 -0
  121. data/spec/lib/simp/cli/config/item/puppet_autosign_spec.rb +55 -0
  122. data/spec/lib/simp/cli/config/item/puppet_ca_port_spec.rb +23 -0
  123. data/spec/lib/simp/cli/config/item/puppet_ca_spec.rb +22 -0
  124. data/spec/lib/simp/cli/config/item/puppet_conf_spec.rb +110 -0
  125. data/spec/lib/simp/cli/config/item/puppet_fileserver_spec.rb +53 -0
  126. data/spec/lib/simp/cli/config/item/puppet_hosts_entry_spec.rb +85 -0
  127. data/spec/lib/simp/cli/config/item/puppet_server_ip_spec.rb +24 -0
  128. data/spec/lib/simp/cli/config/item/puppet_server_spec.rb +22 -0
  129. data/spec/lib/simp/cli/config/item/puppetdb_port_spec.rb +25 -0
  130. data/spec/lib/simp/cli/config/item/puppetdb_server_spec.rb +25 -0
  131. data/spec/lib/simp/cli/config/item/remove_ldap_from_hiera_spec.rb +58 -0
  132. data/spec/lib/simp/cli/config/item/rename_fqdn_yaml_spec.rb +63 -0
  133. data/spec/lib/simp/cli/config/item/rsync_base_spec.rb +28 -0
  134. data/spec/lib/simp/cli/config/item/rsync_server_spec.rb +41 -0
  135. data/spec/lib/simp/cli/config/item/rsync_timeout_spec.rb +21 -0
  136. data/spec/lib/simp/cli/config/item/set_grub_password_spec.rb +29 -0
  137. data/spec/lib/simp/cli/config/item/simp_yum_servers_spec.rb +41 -0
  138. data/spec/lib/simp/cli/config/item/spec_helper.rb +22 -0
  139. data/spec/lib/simp/cli/config/item/use_auditd_spec.rb +29 -0
  140. data/spec/lib/simp/cli/config/item/use_fips_spec.rb +29 -0
  141. data/spec/lib/simp/cli/config/item/use_iptables_spec.rb +29 -0
  142. data/spec/lib/simp/cli/config/item/use_ldap_spec.rb +29 -0
  143. data/spec/lib/simp/cli/config/item/use_selinux_spec.rb +24 -0
  144. data/spec/lib/simp/cli/config/item/yum_repositories_spec.rb +94 -0
  145. data/spec/lib/simp/cli/config/item_spec.rb +106 -0
  146. data/spec/lib/simp/cli/config/spec_helper.rb +1 -0
  147. data/spec/lib/simp/cli/config/utils_spec.rb +131 -0
  148. data/spec/lib/simp/cli/spec_helper.rb +1 -0
  149. data/spec/spec_helper.rb +91 -0
  150. metadata +391 -0
@@ -0,0 +1,15 @@
1
+ ---
2
+ !binary "U0hBMQ==":
3
+ metadata.gz: !binary |-
4
+ MGNhMzQ0NTM3Y2Q2MWM2NTRhNmE5NjdkYzk2ZjcxZmUzZTBmMjBhMA==
5
+ data.tar.gz: !binary |-
6
+ YTUyY2E3M2JmNDYwNTMwMDU0MmVkZmUwMzk5NjBhZjQ3MjI1ZDYzNA==
7
+ SHA512:
8
+ metadata.gz: !binary |-
9
+ ZDM3ZTEwNzkyZDA4N2E5ZDZlYmU1NzQ2ZWIxYzMwMWZkODQ3NDZlOTM0OTMw
10
+ ZTlhNTJkOTU4ZDFiMTQ3YjcwMDZlMTQyZjRlY2ZhZWE5YmJmMmE3ZTVhOWNi
11
+ ZTVmYmY4ZThmYjdkZjc4Yjc4M2ZlMDVkOWNkYWUzOGNjZTI0YWQ=
12
+ data.tar.gz: !binary |-
13
+ OWIxODU0MGNjYjVlMWY1Nzk3YjVlMjA1Y2UxZWRlZGM1OWQ0MzdmZGFjZWU0
14
+ ZTFkMzQ1ODIxYmI2NzBhNWY4M2VhN2UxMjAzZjAwNzlhMWYwOTA3ZjY4MDZk
15
+ YjQ5Njg3ZWQzOGI2NmQ4N2MzYjUxOTFjNzE5NjkxZjdiNTUxYTM=
data/LICENSE ADDED
@@ -0,0 +1,27 @@
1
+ rubygem-simp-cli - The command line interface to SIMP
2
+
3
+ --
4
+
5
+ Per Section 105 of the Copyright Act of 1976, these works are not entitled to
6
+ domestic copyright protection under US Federal law.
7
+
8
+ The US Government retains the right to pursue copyright protections outside of
9
+ the United States.
10
+
11
+ The United States Government has unlimited rights in this software and all
12
+ derivatives thereof, pursuant to the contracts under which it was developed and
13
+ the License under which it falls.
14
+
15
+ ---
16
+
17
+ Licensed under the Apache License, Version 2.0 (the "License");
18
+ you may not use this file except in compliance with the License.
19
+ You may obtain a copy of the License at
20
+
21
+ http://www.apache.org/licenses/LICENSE-2.0
22
+
23
+ Unless required by applicable law or agreed to in writing, software
24
+ distributed under the License is distributed on an "AS IS" BASIS,
25
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
26
+ See the License for the specific language governing permissions and
27
+ limitations under the License.
@@ -0,0 +1,48 @@
1
+ # simp-cli
2
+
3
+ A cli interface to configure SIMP and simplify administrative tasks.
4
+
5
+ ## Usage
6
+
7
+ ```bash
8
+ simp COMMAND [OPTIONS]
9
+ ```
10
+
11
+ **NOTE:** The `simp` cli command is intended to be run from a SIMP-managed OS.
12
+
13
+ ### Commands
14
+ #### Configuration
15
+ ##### `bootstrap`
16
+ Bootstraps a SIMP system (requires configuration data generated by `simp config`).
17
+
18
+ **NOTE:** If you have an existing 'production' environment it will be backed up and
19
+ mapped to a 'simp' environment when bootstrap is run.
20
+
21
+ ##### `config`
22
+ Creates SIMP configuration files with an interactive questionnaire.
23
+
24
+
25
+ #### Adminstration
26
+ ##### `doc`
27
+ Displays SIMP documentation in elinks.
28
+
29
+ ##### `passgen`
30
+ Controls user passwords.
31
+
32
+ #### Recently deprecated
33
+ ##### `check` _(removed)_
34
+ Validates various subsystems
35
+
36
+ ##### `cleancerts` _(deprecated - use `puppet cert clean CERTNAME` instead)_
37
+ Revokes and removed Puppet certificates from a list of hosts.
38
+
39
+ ##### `runpuppet`_(deprecated - use [mcollective](http://puppetlabs.com/mcollective) instead._
40
+ Runs puppet on a list of hosts.
41
+
42
+
43
+ ##### `puppeteval` _(deprecated - use `puppet agent --evaltrace` instead)_
44
+ Gathers metrics information on Puppet runs.
45
+
46
+
47
+ ## License
48
+ See [LICENSE](LICENSE)
@@ -0,0 +1,142 @@
1
+ $: << File.expand_path( '../lib/', __FILE__ )
2
+
3
+ require 'rubygems'
4
+ require 'rake/clean'
5
+ require 'simp/cli'
6
+ require 'fileutils'
7
+ require 'find'
8
+
9
+ @package='simp-cli'
10
+ @rakefile_dir=File.dirname(__FILE__)
11
+
12
+
13
+ CLEAN.include "#{@package}-*.gem"
14
+ CLEAN.include 'pkg'
15
+ CLEAN.include 'dist'
16
+ Find.find( @rakefile_dir ) do |path|
17
+ if File.directory? path
18
+ CLEAN.include path if File.basename(path) == 'tmp'
19
+ else
20
+ Find.prune
21
+ end
22
+ end
23
+
24
+
25
+ desc 'Ensure gemspec-safe permissions on all files'
26
+ task :chmod do
27
+ gemspec = File.expand_path( "#{@package}.gemspec", @rakefile_dir ).strip
28
+ spec = Gem::Specification::load( gemspec )
29
+ spec.files.each do |file|
30
+ FileUtils.chmod 'go=r', file
31
+ end
32
+ end
33
+
34
+ desc 'special notes about these rake commands'
35
+ task :help do
36
+ puts %Q{
37
+ == environment variables ==
38
+ SIMP_RPM_BUILD when set, alters the gem produced by pkg:gem to be RPM-safe.
39
+ 'pkg:gem' sets this automatically.
40
+ }
41
+ end
42
+
43
+ desc 'run all RSpec tests'
44
+ task :spec do
45
+ Dir.chdir @rakefile_dir
46
+ sh 'bundle exec rspec spec'
47
+ end
48
+
49
+ desc %q{run all RSpec tests (alias of 'spec')}
50
+ task :test => :spec
51
+
52
+ namespace :pkg do
53
+ @specfile_template = "rubygem-#{@package}.spec.template"
54
+ @specfile = "build/rubygem-#{@package}.spec"
55
+
56
+ # ----------------------------------------
57
+ # DO NOT UNCOMMENT THIS: the spec file requires a lot of tweaking
58
+ # ----------------------------------------
59
+ # desc "generate RPM spec file for #{@package}"
60
+ # task :spec => [:clean, :gem] do
61
+ # Dir.glob("pkg/#{@package}*.gem") do |pkg|
62
+ # sh %Q{gem2rpm -t "#{@specfile_template}" "#{pkg}" > "#{@specfile}"}
63
+ # end
64
+ # end
65
+
66
+ desc "build rubygem package for #{@package}"
67
+ task :gem => :chmod do
68
+ Dir.chdir @rakefile_dir
69
+ Dir['*.gemspec'].each do |spec_file|
70
+ cmd = %Q{SIMP_RPM_BUILD=1 bundle exec gem build "#{spec_file}"}
71
+ sh cmd
72
+ FileUtils.mkdir_p 'dist'
73
+ FileUtils.mv Dir.glob("#{@package}*.gem"), 'dist/'
74
+ end
75
+ end
76
+
77
+
78
+ desc "build and install rubygem package for #{@package}"
79
+ task :install_gem => [:clean, :gem] do
80
+ Dir.chdir @rakefile_dir
81
+ Dir.glob("dist/#{@package}*.gem") do |pkg|
82
+ sh %Q{bundle exec gem install #{pkg}}
83
+ end
84
+ end
85
+
86
+
87
+ desc "generate RPM for #{@package}"
88
+ require 'tmpdir'
89
+ task :rpm, [:mock_root] => [:clean, :gem] do |t, args|
90
+ mock_root = args[:mock_root]
91
+ # TODO : Get rid of this terrible code. Shoe-horned in until
92
+ # we have a better idea for auto-decet
93
+ if mock_root =~ /^epel-6/ then el_version = '6'
94
+ elsif mock_root =~ /^epel-7/ then el_version = '7'
95
+ else puts 'WARNING: Did not detect epel version'
96
+ end
97
+ tmp_dir = ''
98
+
99
+ if tmp_dir = ENV.fetch( 'SIMP_MOCK_SIMPGEM_ASSETS_DIR', false )
100
+ FileUtils.mkdir_p tmp_dir
101
+ else
102
+ tmp_dir = Dir.mktmpdir( "build_#{@package}" )
103
+ end
104
+
105
+ begin
106
+ Dir.chdir tmp_dir
107
+ specfile = "#{@rakefile_dir}/build/rubygem-#{@package}.el#{el_version}.spec"
108
+ tmp_specfile = "#{tmp_dir}/rubygem-#{@package}.el#{el_version}.spec"
109
+
110
+ # We have to copy to a local directory because mock bugs out in NFS
111
+ # home directories (where SIMP devs often work)
112
+ FileUtils.cp specfile, tmp_specfile, :preserve => true
113
+ Dir.glob("#{@rakefile_dir}/dist/#{@package}*.gem") do |pkg|
114
+ FileUtils.cp pkg, tmp_dir, :preserve => true
115
+ end
116
+
117
+ # Build SRPM from specfile
118
+ sh %Q{mock -r #{mock_root} --buildsrpm --source="#{tmp_dir}" --spec="#{tmp_specfile}" --resultdir="#{tmp_dir}"}
119
+
120
+ # Build RPM from SRPM
121
+ Dir.glob("#{tmp_dir}/rubygem-#{@package}-*.el#{el_version}*.src.rpm") do |pkg|
122
+ sh %Q{mock -r #{mock_root} --rebuild "#{pkg}" --resultdir=#{tmp_dir} --no-cleanup-after}
123
+ end
124
+
125
+ sh %Q{ls -l "#{tmp_dir}"}
126
+
127
+ # copy RPM back into pkg/
128
+ Dir.glob("#{tmp_dir}/rubygem-#{@package}-*.el#{el_version}*.rpm") do |pkg|
129
+ sh %Q{cp "#{pkg}" "#{@rakefile_dir}/dist/"}
130
+ FileUtils.cp pkg, "#{@rakefile_dir}/dist/"
131
+ end
132
+ ensure
133
+ Dir.chdir @rakefile_dir
134
+ # cleanup if needed
135
+ if ! ENV.fetch( 'SIMP_MOCK_SIMPGEM_ASSETS_DIR', false )
136
+ FileUtils.remove_entry_secure tmp_dir
137
+ end
138
+ end
139
+ end
140
+ end
141
+
142
+ # vim: syntax=ruby
@@ -0,0 +1,5 @@
1
+ #!/usr/bin/env ruby
2
+
3
+ $LOAD_PATH << File.expand_path( '../lib', File.dirname(__FILE__) )
4
+ require 'simp/cli'
5
+ Simp::Cli.start
@@ -0,0 +1,88 @@
1
+ $LOAD_PATH << File.expand_path( '..', File.dirname(__FILE__) )
2
+
3
+ # namespace for SIMP logic
4
+ module Simp; end
5
+
6
+ # namespace for SIMP CLI commands
7
+ class Simp::Cli
8
+ VERSION = '1.0.12'
9
+
10
+ require 'optparse'
11
+ require 'simp/cli/lib/utils'
12
+
13
+ def self.menu
14
+ puts 'Usage: simp [command]'
15
+ puts
16
+ puts ' Commands'
17
+ @commands.keys.each do |command_name|
18
+ puts " - #{command_name}"
19
+ end
20
+ puts ' - help [command]'
21
+ puts
22
+ end
23
+
24
+ def self.help # <-- lol.
25
+ puts @opt_parser.to_s
26
+ puts
27
+ end
28
+
29
+ def self.run(*)
30
+ @opt_parser.parse!
31
+ end
32
+
33
+ private
34
+ def self.version
35
+ cmd = 'rpm -q simp'
36
+ begin
37
+ `#{cmd}`.split(/\n/).last.match(/([0-9]+\.[0-9]+\.?[0-9]*)/)[1]
38
+ rescue
39
+ msg = "Cannot find SIMP OS installation via `#{cmd}`!"
40
+ say '<%= color( "WARNING: ", BOLD, YELLOW ) %>' +
41
+ "<%= color( '#{msg}', YELLOW) %>"
42
+ end
43
+ end
44
+
45
+ def self.start
46
+ # load each command
47
+ commands_path = File.expand_path( 'cli/commands/*.rb', File.dirname(__FILE__) )
48
+
49
+ # load the commands from commands/*.rb and grab the classes that are simp commands
50
+ Dir.glob( commands_path ).sort_by(&:to_s).each do |command_file|
51
+ require command_file
52
+ end
53
+
54
+ @commands = {}
55
+ Simp::Cli::Commands::constants.each{ |constant|
56
+ obj = Simp::Cli::Commands.const_get(constant)
57
+ if obj.respond_to?(:superclass) and obj.superclass == Simp::Cli
58
+ @commands[constant.to_s.downcase] = obj
59
+ end
60
+ }
61
+ @commands['version'] = self
62
+
63
+ if ARGV.length == 0 or (ARGV.length == 1 and ARGV[0] == 'help')
64
+ menu
65
+ elsif ARGV[0] == 'version'
66
+ puts version
67
+ elsif ARGV[0] == 'help'
68
+ if (command = @commands[ARGV[1]]).nil?
69
+ puts "\n\033[31m#{ARGV[1]} is not a recognized command\033[39m\n\n"
70
+ menu
71
+ elsif ARGV[1] == 'version'
72
+ puts "Display the current version of SIMP."
73
+ else
74
+ command.help
75
+ end
76
+ elsif (command = @commands[ARGV[0]]).nil?
77
+ puts "\n\033[31m#{ARGV[0]} is not a recognized command\033[39m\n\n"
78
+ menu
79
+ else
80
+ begin
81
+ command.run(ARGV.drop(1))
82
+ rescue => e
83
+ puts "\n\033[31m#{e.message}\033[39m\n\n"
84
+ e.backtrace.first(10).each{|l| puts l }
85
+ end
86
+ end
87
+ end
88
+ end
@@ -0,0 +1,275 @@
1
+ module Simp::Cli::Commands; end
2
+
3
+ class Simp::Cli::Commands::Bootstrap < Simp::Cli
4
+ require 'pty'
5
+ require 'timeout'
6
+ require 'facter'
7
+
8
+ @verbose = false
9
+ @track = true
10
+ @opt_parser = OptionParser.new do |opts|
11
+ opts.banner = "\n === The SIMP Bootstrap Tool === "
12
+ opts.separator "\nThe SIMP Bootstrap Tool aids initial configuration of the system by"
13
+ opts.separator "bootstrapping it. This should be run after 'simp config' has applied a new"
14
+ opts.separator "system configuration."
15
+ opts.separator ""
16
+ opts.separator "Logging information about the run is written to ~/.simp/simp_bootstrap.log"
17
+ opts.separator ""
18
+ opts.separator "OPTIONS:\n"
19
+
20
+ opts.on("-v", "--[no-]verbose", "Enables/disables verbose mode. Prints out verbose information.") do |v|
21
+ @verbose = v
22
+ end
23
+
24
+ opts.on("-t", "--[no-]track", "Enables/disables the tracker. Default is enabled.") do |t|
25
+ @track = t
26
+ end
27
+
28
+ opts.on("-h", "--help", "Print out this message.") do
29
+ puts opts
30
+ exit
31
+ end
32
+ end
33
+
34
+
35
+ # Ensure the puppetserver is running ca on the specified port.
36
+ # Used ensure the puppetserver service is running.
37
+ def self.ensure_running(port = nil)
38
+ if port == nil
39
+ port = `puppet config print ca_port`.strip
40
+ end
41
+ begin
42
+ running = (%x{curl -sS --cert /var/lib/puppet/ssl/certs/`hostname`.pem --key /var/lib/puppet/ssl/private_keys/`hostname`.pem -k -H "Accept: s" https://localhost:#{port}/production/certificate_revocation_list/ca 2>&1} =~ /CRL/)
43
+ unless running
44
+ system('puppet resource service puppetserver ensure="running" enable=true > /dev/null 2>&1 &')
45
+ stages = %w{. o O @ *}
46
+ rest = 0.4
47
+ timeout = 5
48
+
49
+ Timeout::timeout(timeout*60) {
50
+ while not running do
51
+ running = (%x{curl -sS --cert /var/lib/puppet/ssl/certs/`hostname`.pem --key /var/lib/puppet/ssl/private_keys/`hostname`.pem -k -H "Accept: s" https://localhost:#{port}/production/certificate_revocation_list/ca 2>&1} =~ /CRL/)
52
+ stages.each{ |x|
53
+ $stdout.flush
54
+ print "Waiting for Puppet Server to Start " + x + "\r"
55
+ sleep(rest)
56
+ }
57
+ end
58
+ }
59
+ $stdout.flush
60
+ puts
61
+ end
62
+ rescue Timeout::Error
63
+ fail("The Puppet Server did not start within #{timeout} minutes. Please start puppetserver by hand and inspect any issues.")
64
+ end
65
+ end
66
+
67
+ # Track a running process by following its STDOUT output
68
+ # Prints a '#' for each line of output
69
+ # returns -1 if error occured, otherwise the line count if PTY.spawn succeeded
70
+ def self.track_output(command, port = nil)
71
+ ensure_running(port)
72
+ successful = true
73
+
74
+ @logfile.print '#' * 80
75
+ @logfile.puts("\nStarting #{command}\n")
76
+
77
+ start_time = Time.now
78
+ linecount = 0
79
+ if @track
80
+ print 'Track => '
81
+ begin
82
+ ::PTY.spawn("#{command}") do |read, write, pid|
83
+ begin
84
+ read.each do |line|
85
+ print '#'
86
+ @logfile.puts(line)
87
+ linecount += 1
88
+ end
89
+ rescue Errno::EIO
90
+ end
91
+ end
92
+ rescue PTY::ChildExited => e
93
+ print '!!!'
94
+ @logfile.puts("Child exited unexpectedly:\n\t#{e.message}")
95
+ successful = false
96
+ rescue
97
+ # If we don't have a PTY, just run the command.
98
+ @logfile.puts "Running without a PTY!"
99
+ output = %x{#{command}}
100
+ @logfile.puts output
101
+ linecount = output.split("\n").length
102
+ successful = false if $? != 0
103
+ end
104
+ else # don't track
105
+ print "Running, please wait ... "
106
+ $stdout.flush
107
+ output = %x{#{command}}
108
+ @logfile.puts output
109
+ linecount = output.split("\n").length
110
+ successful = false if $? != 0
111
+ end
112
+ puts " Done!"
113
+ @logfile.puts("\n#{command} - Done!")
114
+ end_time = Time.now
115
+ puts "Duration of Puppet run: #{end_time - start_time} seconds" if @verbose
116
+ @logfile.puts("Duration of Puppet run: #{end_time - start_time} seconds")
117
+
118
+ return successful ? linecount : -1
119
+ end
120
+
121
+ def self.run(args = [])
122
+ super
123
+
124
+ bootstrap_start_time = Time.now
125
+
126
+ # Set us up to use the SIMP environment. Be careful to preserve the
127
+ # existing 'production' environment if one exists.
128
+ environment_path = '/etc/puppet/environments'
129
+ simp_env = "#{environment_path}/simp"
130
+
131
+ fail("Could not find the environment path at #{environment_path}") unless File.exist?(environment_path)
132
+
133
+ Dir.chdir(environment_path) do
134
+ fail("Could not find a 'simp' installation at #{simp_env}") unless File.exist?(simp_env)
135
+
136
+ if File.exist?('production')
137
+ if File.symlink?('production')
138
+ unless File.readlink('production') == 'simp'
139
+ FileUtils.mv('production',"pre_simp_production_#{bootstrap_start_time.to_i}")
140
+ end
141
+ else
142
+ FileUtils.mv('production',"pre_simp_production_#{bootstrap_start_time.to_i}")
143
+ end
144
+ end
145
+
146
+ FileUtils.ln_s('simp','production')
147
+ end
148
+
149
+ linecounts = Array.new
150
+
151
+ # Open log file
152
+ logfilepath = File.expand_path('~/.simp/simp_bootstrap.log')
153
+ FileUtils.mkpath(File.dirname(logfilepath)) unless File.exists?(logfilepath)
154
+ @logfile = File.open(logfilepath, 'w')
155
+
156
+ # Define the puppet command call and the run command options
157
+ pupcmd = "/usr/bin/puppet agent --pluginsync --onetime --no-daemonize --no-show_diff --verbose --no-splay --masterport=8150 --ca_port=8150"
158
+ pupruns = [
159
+ 'pki,stunnel,concat',
160
+ 'firstrun,concat',
161
+ 'rsync,concat,apache,iptables',
162
+ 'user',
163
+ 'group'
164
+ ]
165
+
166
+ # Print intro
167
+ system('clear')
168
+ puts
169
+ puts "*** Starting SIMP Bootstrap ***"
170
+ puts " If this runs quickly, something wrong happened. To debug the problem,"
171
+ puts " run 'puppet agent --test' by hand or read the log. The log can be found"
172
+ puts " at '#{@logfile.path}'."
173
+ puts
174
+
175
+ # Kill all puppet processes and stop specific services
176
+ puts "Killing all Puppet processes, httpd and removing Puppet ssl certs.\n\n" if @verbose
177
+ system("pkill -9 -f puppetmasterd >& /dev/null")
178
+ system("pkill -9 -f puppet >& /dev/null")
179
+ system('pkill -f pserver_tmp')
180
+ system("puppet resource service puppetserver ensure=stopped >& /dev/null")
181
+ system("puppet resource service httpd ensure=stopped >& /dev/null")
182
+ FileUtils.rm_rf(Dir.glob('/var/lib/puppet/ssl'))
183
+ FileUtils.rm_f(Dir.glob('/var/run/puppet/*'))
184
+ FileUtils.touch('/.autorelabel')
185
+
186
+ puts "*** Starting the Puppetmaster ***"
187
+ puts
188
+
189
+ FileUtils.mkdir_p('/var/lib/puppet/pserver_tmp')
190
+ FileUtils.chown('puppet','puppet','/var/lib/puppet/pserver_tmp')
191
+ system(%{puppet resource simp_file_line puppetserver path='/etc/sysconfig/puppetserver' match='^JAVA_ARGS' line='JAVA_ARGS="-Xms2g -Xmx2g -XX:MaxPermSize=256m -Djava.io.tmpdir=/var/lib/puppet/pserver_tmp"' 2>&1 > /dev/null})
192
+ system(%{puppet resource simp_file_line puppetserver path='/etc/puppetserver/conf.d/webserver.conf' match='^\\s*ssl-host' line=' ssl-host = 0.0.0.0' 2>&1 > /dev/null})
193
+ system(%{puppet resource simp_file_line puppetserver path='/etc/puppetserver/conf.d/webserver.conf' match='^\\s*ssl-port' line=' ssl-port = 8150' 2>&1 > /dev/null})
194
+
195
+ puts
196
+
197
+ puts "Beginning Puppet agent runs ..."
198
+ pupruns.each do |puprun|
199
+ puts "... with tag#{puprun.include?(',') ? 's' : ''} '#{puprun}'"
200
+ linecounts << track_output("#{pupcmd} --tags #{puprun} 2> /dev/null", '8150')
201
+ end
202
+
203
+ puts
204
+
205
+ if Facter.value(:selinux) && !Facter.value(:selinux_current_mode).nil? && (Facter.value(:selinux_current_mode) != "disabled")
206
+ puts 'Relabeling filesystem for selinux...'
207
+ @logfile.puts('Relabeling filesystem for selinux.')
208
+ system("fixfiles -f relabel >> #{@logfile.path} 2>&1")
209
+ end
210
+
211
+ puts "*** Running Puppet Finalization ***"
212
+ puts
213
+
214
+ # First run of puppet without tags will configure puppetserver, causing
215
+ # a refresh of the puppetserver service.
216
+ track_output("#{pupcmd}",'8150')
217
+
218
+ # From this point on, run puppet without specifying the masterport since
219
+ # puppetserver is configured.
220
+ pupcmd = "puppet agent --pluginsync --onetime --no-daemonize --no-show_diff --verbose --no-splay"
221
+
222
+ # Run puppet agent up to 3X to get slapd running (unless it already is)
223
+ # If this fails, LDAP is probably not configured right
224
+ i = 0
225
+ while (i < 3) && !system('/bin/ps -C slapd >& /dev/null') do
226
+ # No longer running puppet against 8150.
227
+ track_output("#{pupcmd}")
228
+ i = i + 1
229
+ end
230
+ if (i == 3) && $use_ldap
231
+ puts " \033[1mWarning\033[0m: It does not look like LDAP was properly configured to start."
232
+ puts " Please check your configuration."
233
+ else
234
+ # At this point, we should be connected to LDAP properly.
235
+ # Run puppet up to 3 additional times if we can't verify that we're actually connected!
236
+ j = 0
237
+ while (j < 3) && !system('getent group administrators') do
238
+ track_output("#{pupcmd}")
239
+ j = j + 1
240
+ end
241
+ if j == 3
242
+ puts " \033[1mWarning\033[0m: Could not find the administrators group."
243
+ puts " Please check your configuration."
244
+ end
245
+ puts "Puppet Finalization - Done!"
246
+ end
247
+
248
+ # Clean up the leftover puppetserver process (if any)
249
+ begin
250
+ pserver_proc = %x{netstat -tlpn}.split("\n").select{|x| x =~ /\d:8150/}
251
+ unless pserver_proc.empty?
252
+ pserver_pid = pserver_proc.first.split.last.split('/').first.to_i
253
+ Process.kill('KILL',pserver_pid)
254
+ end
255
+ rescue Exception => e
256
+ puts e
257
+ puts "The Puppet Server process running on port 8150 could not be killed. Please check your configuration!"
258
+ end
259
+
260
+ # Print closing banner
261
+ puts
262
+ puts "*** SIMP Bootstrap Complete! ***"
263
+ puts "Duration of complete bootstrap: #{Time.now - bootstrap_start_time} seconds" if @verbose
264
+
265
+ if !system('ps -C httpd 2>&1 > /dev/null') && (linecounts.include?(-1) || (linecounts.uniq.length < linecounts.length))
266
+ puts " \033[1mWarning\033[0m: Primitive checks indicate there may have been issues."
267
+ puts " Check '#{@logfile.path}' for details."
268
+ puts " Please run 'puppet agent -t' by hand to debug your configuration."
269
+ else
270
+ puts
271
+ puts "You should \033[1mreboot\033[0m your system to ensure consistency at this point."
272
+ end
273
+ puts
274
+ end
275
+ end