syncwrap 2.8.3 → 2.9.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/History.rdoc +37 -0
- data/Manifest.txt +1 -0
- data/README.rdoc +1 -1
- data/Rakefile +7 -0
- data/bin/syncwrap +1 -1
- data/lib/syncwrap.rb +1 -1
- data/lib/syncwrap/amazon_ec2.rb +1 -1
- data/lib/syncwrap/amazon_ws.rb +1 -1
- data/lib/syncwrap/base.rb +2 -2
- data/lib/syncwrap/change_key_listener.rb +1 -1
- data/lib/syncwrap/cli.rb +1 -1
- data/lib/syncwrap/component.rb +1 -1
- data/lib/syncwrap/components/amazon_linux.rb +1 -1
- data/lib/syncwrap/components/arch.rb +4 -4
- data/lib/syncwrap/components/bundle.rb +1 -1
- data/lib/syncwrap/components/bundled_iyyov_daemon.rb +1 -1
- data/lib/syncwrap/components/bundler_gem.rb +1 -1
- data/lib/syncwrap/components/centos.rb +1 -1
- data/lib/syncwrap/components/change_guard.rb +1 -1
- data/lib/syncwrap/components/commercial_jdk.rb +1 -1
- data/lib/syncwrap/components/cruby_vm.rb +12 -7
- data/lib/syncwrap/components/debian.rb +33 -9
- data/lib/syncwrap/components/etc_hosts.rb +1 -1
- data/lib/syncwrap/components/geminabox.rb +1 -1
- data/lib/syncwrap/components/hashdot.rb +1 -1
- data/lib/syncwrap/components/iyyov.rb +1 -1
- data/lib/syncwrap/components/iyyov_daemon.rb +1 -1
- data/lib/syncwrap/components/jruby_vm.rb +19 -8
- data/lib/syncwrap/components/lvm_cache.rb +9 -4
- data/lib/syncwrap/components/mdraid.rb +1 -1
- data/lib/syncwrap/components/network.rb +18 -1
- data/lib/syncwrap/components/open_jdk.rb +20 -7
- data/lib/syncwrap/components/postgresql.rb +18 -9
- data/lib/syncwrap/components/puma.rb +1 -1
- data/lib/syncwrap/components/qpid.rb +1 -1
- data/lib/syncwrap/components/rake_gem.rb +1 -1
- data/lib/syncwrap/components/rhel.rb +2 -2
- data/lib/syncwrap/components/run_user.rb +1 -1
- data/lib/syncwrap/components/source_tree.rb +1 -1
- data/lib/syncwrap/components/tarpit_gem.rb +1 -1
- data/lib/syncwrap/components/ubuntu.rb +1 -1
- data/lib/syncwrap/components/users.rb +4 -14
- data/lib/syncwrap/context.rb +1 -1
- data/lib/syncwrap/distro.rb +1 -1
- data/lib/syncwrap/formatter.rb +1 -1
- data/lib/syncwrap/git_help.rb +1 -1
- data/lib/syncwrap/hash_support.rb +1 -1
- data/lib/syncwrap/host.rb +1 -1
- data/lib/syncwrap/main.rb +1 -1
- data/lib/syncwrap/path_util.rb +1 -1
- data/lib/syncwrap/rsync.rb +1 -1
- data/lib/syncwrap/ruby_support.rb +1 -1
- data/lib/syncwrap/shell.rb +1 -1
- data/lib/syncwrap/sudoers.rb +67 -0
- data/lib/syncwrap/systemd.rb +29 -6
- data/lib/syncwrap/systemd_service.rb +2 -2
- data/lib/syncwrap/user_data.rb +6 -9
- data/lib/syncwrap/version_support.rb +1 -1
- data/lib/syncwrap/zone_balancer.rb +1 -1
- data/sync/postgresql/postgresql.conf.erb +3 -3
- data/sync/src/hashdot/profiles/jruby.hdp.erb +4 -0
- data/test/setup.rb +1 -4
- data/test/test_components.rb +2 -1
- data/test/test_context.rb +1 -1
- data/test/test_context_rput.rb +1 -1
- data/test/test_rsync.rb +1 -1
- data/test/test_shell.rb +1 -1
- data/test/test_space.rb +1 -1
- data/test/test_space_main.rb +1 -1
- data/test/test_version_support.rb +1 -1
- data/test/test_zone_balancer.rb +1 -1
- metadata +8 -7
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
#--
|
|
2
|
-
# Copyright (c) 2011-
|
|
2
|
+
# Copyright (c) 2011-2017 David Kellum
|
|
3
3
|
#
|
|
4
4
|
# Licensed under the Apache License, Version 2.0 (the "License"); you
|
|
5
5
|
# may not use this file except in compliance with the License. You may
|
|
@@ -88,16 +88,21 @@ module SyncWrap
|
|
|
88
88
|
end
|
|
89
89
|
|
|
90
90
|
def install
|
|
91
|
-
|
|
91
|
+
if distro.is_a?( Debian )
|
|
92
|
+
dist_install( "lvm2", "thin-provisioning-tools", minimal: true )
|
|
93
|
+
else
|
|
94
|
+
dist_install( "lvm2", minimal: true )
|
|
95
|
+
end
|
|
92
96
|
sudo( "if ! lvs /dev/#{vg}/#{lv_cache}; then", close: "fi" ) do
|
|
93
97
|
unmount_device( raw_device )
|
|
94
98
|
sudo <<-SH
|
|
95
99
|
vgextend #{vgextend_flags.join ' '} #{vg} #{raw_device}
|
|
96
100
|
lvcreate -L #{meta_size} -n #{lv_cache_meta} #{vg} #{raw_device}
|
|
97
101
|
lvcreate #{cache_size_flag} -n #{lv_cache} #{vg} #{raw_device}
|
|
98
|
-
lvconvert --type cache-pool --cachemode writethrough
|
|
102
|
+
lvconvert --yes --type cache-pool --cachemode writethrough \
|
|
99
103
|
--poolmetadata #{vg}/#{lv_cache_meta} #{vg}/#{lv_cache}
|
|
100
|
-
lvconvert --type cache --cachepool #{vg}/#{lv_cache}
|
|
104
|
+
lvconvert --yes --type cache --cachepool #{vg}/#{lv_cache} \
|
|
105
|
+
#{vg}/#{lv_cache_target}
|
|
101
106
|
SH
|
|
102
107
|
end
|
|
103
108
|
end
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
#--
|
|
2
|
-
# Copyright (c) 2011-
|
|
2
|
+
# Copyright (c) 2011-2017 David Kellum
|
|
3
3
|
#
|
|
4
4
|
# Licensed under the Apache License, Version 2.0 (the "License"); you
|
|
5
5
|
# may not use this file except in compliance with the License. You may
|
|
@@ -58,6 +58,10 @@ module SyncWrap
|
|
|
58
58
|
else
|
|
59
59
|
set_etc_hostname( name )
|
|
60
60
|
end
|
|
61
|
+
|
|
62
|
+
if distro.is_a?( Debian ) && !dns_search
|
|
63
|
+
set_etc_hosts_name( name )
|
|
64
|
+
end
|
|
61
65
|
end
|
|
62
66
|
|
|
63
67
|
# Test if change to etc/hostname is needed. If so also immediately
|
|
@@ -71,6 +75,19 @@ module SyncWrap
|
|
|
71
75
|
SH
|
|
72
76
|
end
|
|
73
77
|
|
|
78
|
+
def set_etc_hosts_name( name )
|
|
79
|
+
f = '/etc/hosts'
|
|
80
|
+
# If name not already in /etc/hosts append it to the beginning
|
|
81
|
+
# of the file.
|
|
82
|
+
sudo <<-SH
|
|
83
|
+
if ! grep -q -E '\s#{name}(\s|$)' #{f}; then
|
|
84
|
+
cp -f #{f} #{f}~
|
|
85
|
+
echo '127.0.0.1 #{name}' > #{f}
|
|
86
|
+
cat #{f}~ >> #{f}
|
|
87
|
+
fi
|
|
88
|
+
SH
|
|
89
|
+
end
|
|
90
|
+
|
|
74
91
|
# Test if change to etc/sysconfig/network is needed. If so also
|
|
75
92
|
# immediately set (in kernel) hostname.
|
|
76
93
|
def set_sysconfig_network( name )
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
#--
|
|
2
|
-
# Copyright (c) 2011-
|
|
2
|
+
# Copyright (c) 2011-2017 David Kellum
|
|
3
3
|
#
|
|
4
4
|
# Licensed under the Apache License, Version 2.0 (the "License"); you
|
|
5
5
|
# may not use this file except in compliance with the License. You may
|
|
@@ -19,20 +19,24 @@ require 'syncwrap/component'
|
|
|
19
19
|
# For distro class comparison only (pre-load for safety)
|
|
20
20
|
require 'syncwrap/components/rhel'
|
|
21
21
|
require 'syncwrap/components/debian'
|
|
22
|
+
require 'syncwrap/components/ubuntu'
|
|
22
23
|
require 'syncwrap/components/arch'
|
|
24
|
+
require 'syncwrap/version_support'
|
|
23
25
|
|
|
24
26
|
module SyncWrap
|
|
25
27
|
|
|
26
28
|
# Provision an OpenJDK via Linux distro managed packages.
|
|
27
29
|
#
|
|
28
30
|
# For simplicity, this component only supports the full JDK (runtime
|
|
29
|
-
# and compiler) and not the JRE (runtime only). Note
|
|
30
|
-
# on Debian distros, installing 'openjdk-7-jdk'
|
|
31
|
-
# X11 and leads to
|
|
31
|
+
# and compiler) and not the JRE (runtime only). Note that
|
|
32
|
+
# on older Debian-based distros, installing 'openjdk-7-jdk' is
|
|
33
|
+
# necessary for javac, but ends up pulling X11 and leads to
|
|
34
|
+
# signficant system bloat. See:
|
|
32
35
|
#
|
|
33
36
|
# https://bugs.launchpad.net/ubuntu/+source/openjdk-6/+bug/257857
|
|
34
37
|
#
|
|
35
|
-
#
|
|
38
|
+
# As of Ubuntu 16.04, there is an 'openjdk-8-jdk-headless' package
|
|
39
|
+
# which this will use if applicable.
|
|
36
40
|
#
|
|
37
41
|
# Host component dependencies: <Distro>
|
|
38
42
|
#
|
|
@@ -40,6 +44,7 @@ module SyncWrap
|
|
|
40
44
|
# and/or its affiliates.
|
|
41
45
|
# See http://openjdk.java.net/legal/openjdk-trademark-notice.html
|
|
42
46
|
class OpenJDK < Component
|
|
47
|
+
include VersionSupport
|
|
43
48
|
|
|
44
49
|
# The JDK major and/or minor version number, i.e "1.7" or "7" is 7.
|
|
45
50
|
# Marketing picked the version scheme.
|
|
@@ -66,14 +71,22 @@ module SyncWrap
|
|
|
66
71
|
end
|
|
67
72
|
|
|
68
73
|
# Install distro packages, including development headers for JNI
|
|
69
|
-
#
|
|
74
|
+
# dependents like Hashdot.
|
|
70
75
|
def install
|
|
71
76
|
case distro
|
|
72
77
|
when RHEL
|
|
73
78
|
dist_install( "java-1.#{jdk_major_minor}.0-openjdk",
|
|
74
79
|
"java-1.#{jdk_major_minor}.0-openjdk-devel" )
|
|
75
80
|
when Debian
|
|
76
|
-
|
|
81
|
+
if jdk_major_minor >= 8 &&
|
|
82
|
+
distro.is_a?( Ubuntu ) &&
|
|
83
|
+
version_gte?( distro.ubuntu_version, [16,4] )
|
|
84
|
+
# FIXME: This jdk-headless package option may be(come)
|
|
85
|
+
# available on upstream Debian as well.
|
|
86
|
+
dist_install( "openjdk-#{jdk_major_minor}-jdk-headless" )
|
|
87
|
+
else
|
|
88
|
+
dist_install( "openjdk-#{jdk_major_minor}-jdk" )
|
|
89
|
+
end
|
|
77
90
|
when Arch
|
|
78
91
|
dist_install( "jdk#{jdk_major_minor}-openjdk" )
|
|
79
92
|
else
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
#--
|
|
2
|
-
# Copyright (c) 2011-
|
|
2
|
+
# Copyright (c) 2011-2017 David Kellum
|
|
3
3
|
#
|
|
4
4
|
# Licensed under the Apache License, Version 2.0 (the "License"); you
|
|
5
5
|
# may not use this file except in compliance with the License. You may
|
|
@@ -291,13 +291,20 @@ module SyncWrap
|
|
|
291
291
|
# #shared_memory_max adjustment and stops the server for subsequent
|
|
292
292
|
# reconfigure or data relocation.
|
|
293
293
|
def package_install
|
|
294
|
-
dist_install( *package_names )
|
|
295
294
|
if distro.is_a?( Debian )
|
|
296
|
-
|
|
295
|
+
dist_if_not_installed?( package_names ) do
|
|
296
|
+
dist_install( *package_names, check_install: false )
|
|
297
|
+
pg_stop
|
|
298
|
+
end
|
|
297
299
|
if shared_memory_max
|
|
298
|
-
rput( 'etc/sysctl.d/61-postgresql-shm.conf', user: :root )
|
|
299
|
-
|
|
300
|
+
c = rput( 'etc/sysctl.d/61-postgresql-shm.conf', user: :root )
|
|
301
|
+
unless c.empty?
|
|
302
|
+
sudo "sysctl -p /etc/sysctl.d/61-postgresql-shm.conf"
|
|
303
|
+
end
|
|
304
|
+
c
|
|
300
305
|
end
|
|
306
|
+
else
|
|
307
|
+
dist_install( *package_names )
|
|
301
308
|
end
|
|
302
309
|
end
|
|
303
310
|
|
|
@@ -324,10 +331,12 @@ module SyncWrap
|
|
|
324
331
|
when Debian
|
|
325
332
|
unless pg_data_dir == pg_default_data_dir
|
|
326
333
|
sudo <<-SH
|
|
327
|
-
|
|
328
|
-
|
|
329
|
-
|
|
330
|
-
|
|
334
|
+
if [ ! -d '#{pg_data_dir}/base' ]; then
|
|
335
|
+
mkdir -p #{pg_data_dir}
|
|
336
|
+
chown postgres:postgres #{pg_data_dir}
|
|
337
|
+
chmod 700 #{pg_data_dir}
|
|
338
|
+
mv #{pg_default_data_dir}/* #{pg_data_dir}/
|
|
339
|
+
fi
|
|
331
340
|
SH
|
|
332
341
|
end
|
|
333
342
|
else
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
#--
|
|
2
|
-
# Copyright (c) 2011-
|
|
2
|
+
# Copyright (c) 2011-2017 David Kellum
|
|
3
3
|
#
|
|
4
4
|
# Licensed under the Apache License, Version 2.0 (the "License"); you
|
|
5
5
|
# may not use this file except in compliance with the License. You may
|
|
@@ -121,7 +121,7 @@ module SyncWrap
|
|
|
121
121
|
# If chk is true, then wrap block in a sudo bash conditional that tests
|
|
122
122
|
# if any specified pkgs are not installed. Otherwise just
|
|
123
123
|
# yield to block.
|
|
124
|
-
def dist_if_not_installed?( pkgs, chk, opts, &block )
|
|
124
|
+
def dist_if_not_installed?( pkgs, chk = true, opts = {}, &block )
|
|
125
125
|
if chk
|
|
126
126
|
pkgs = Array( pkgs )
|
|
127
127
|
cnt = "rpm -q #{pkgs.join ' '} | grep -cv 'not installed'"
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
#--
|
|
2
|
-
# Copyright (c) 2011-
|
|
2
|
+
# Copyright (c) 2011-2017 David Kellum
|
|
3
3
|
#
|
|
4
4
|
# Licensed under the Apache License, Version 2.0 (the "License"); you
|
|
5
5
|
# may not use this file except in compliance with the License. You may
|
|
@@ -16,6 +16,7 @@
|
|
|
16
16
|
|
|
17
17
|
require 'syncwrap/component'
|
|
18
18
|
require 'syncwrap/path_util'
|
|
19
|
+
require 'syncwrap/sudoers'
|
|
19
20
|
|
|
20
21
|
module SyncWrap
|
|
21
22
|
|
|
@@ -23,6 +24,7 @@ module SyncWrap
|
|
|
23
24
|
# home directory files.
|
|
24
25
|
class Users < Component
|
|
25
26
|
include PathUtil
|
|
27
|
+
include Sudoers
|
|
26
28
|
|
|
27
29
|
# The list of user names to install. If default nil, home_users
|
|
28
30
|
# will be determined by the set of home directories found in
|
|
@@ -165,19 +167,7 @@ module SyncWrap
|
|
|
165
167
|
end
|
|
166
168
|
|
|
167
169
|
def set_sudoers( user )
|
|
168
|
-
|
|
169
|
-
|
|
170
|
-
sudo <<-SH
|
|
171
|
-
echo '#{user} ALL=(ALL) NOPASSWD:ALL' > /etc/sudoers.d/#{user}
|
|
172
|
-
echo 'Defaults:#{user} !requiretty' >> /etc/sudoers.d/#{user}
|
|
173
|
-
echo 'Defaults:#{user} secure_path = /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin' \
|
|
174
|
-
>> /etc/sudoers.d/#{user}
|
|
175
|
-
chmod 440 /etc/sudoers.d/#{user}
|
|
176
|
-
SH
|
|
177
|
-
|
|
178
|
-
#FIXME: Centos 6.5:
|
|
179
|
-
# secure_path is the same as above already
|
|
180
|
-
#FIXME: echo 'Defaults:#{user} always_set_home' >> /etc/sudoers.d/#{user}
|
|
170
|
+
sudo sudoers_d_commands( user )
|
|
181
171
|
end
|
|
182
172
|
|
|
183
173
|
protected
|
data/lib/syncwrap/context.rb
CHANGED
data/lib/syncwrap/distro.rb
CHANGED
data/lib/syncwrap/formatter.rb
CHANGED
data/lib/syncwrap/git_help.rb
CHANGED
data/lib/syncwrap/host.rb
CHANGED
data/lib/syncwrap/main.rb
CHANGED
data/lib/syncwrap/path_util.rb
CHANGED
data/lib/syncwrap/rsync.rb
CHANGED
data/lib/syncwrap/shell.rb
CHANGED
|
@@ -0,0 +1,67 @@
|
|
|
1
|
+
#--
|
|
2
|
+
# Copyright (c) 2011-2017 David Kellum
|
|
3
|
+
#
|
|
4
|
+
# Licensed under the Apache License, Version 2.0 (the "License"); you
|
|
5
|
+
# may not use this file except in compliance with the License. You may
|
|
6
|
+
# obtain a copy of the License at
|
|
7
|
+
#
|
|
8
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
|
9
|
+
#
|
|
10
|
+
# Unless required by applicable law or agreed to in writing, software
|
|
11
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
12
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
|
|
13
|
+
# implied. See the License for the specific language governing
|
|
14
|
+
# permissions and limitations under the License.
|
|
15
|
+
#++
|
|
16
|
+
|
|
17
|
+
module SyncWrap
|
|
18
|
+
|
|
19
|
+
# Utility methods for generating sudoers.d config
|
|
20
|
+
module Sudoers
|
|
21
|
+
|
|
22
|
+
# Default paths array for sudoers secure_path (PATH setting) As
|
|
23
|
+
# compared with RHEL derivatives this has /usr/local support and
|
|
24
|
+
# retains /bin for distro's like Debian that have kept those
|
|
25
|
+
# separate. As compared with recent Ubuntu, this is the same
|
|
26
|
+
# other than avoiding '/snap/bin'.
|
|
27
|
+
SECURE_PATH = %w[ /usr/local/sbin
|
|
28
|
+
/usr/local/bin
|
|
29
|
+
/usr/sbin
|
|
30
|
+
/usr/bin
|
|
31
|
+
/sbin
|
|
32
|
+
/bin ].freeze
|
|
33
|
+
|
|
34
|
+
protected
|
|
35
|
+
|
|
36
|
+
# Return an sh script, including 'shebang' preamble, for writing
|
|
37
|
+
# the file /etc/sudoers.d/<user>
|
|
38
|
+
def sudoers_d_script( user, opts = {} )
|
|
39
|
+
"#!/bin/sh -e\n" + sudoers_d_commands( user, opts )
|
|
40
|
+
end
|
|
41
|
+
|
|
42
|
+
# Return sh command lines string for writing the file
|
|
43
|
+
# /etc/sudoers.d/<user>
|
|
44
|
+
def sudoers_d_commands( user, opts = {} )
|
|
45
|
+
sh = []
|
|
46
|
+
sh << "cat > /etc/sudoers.d/#{user} <<_CONF_"
|
|
47
|
+
sh += sudoers_d_template( user, opts )
|
|
48
|
+
sh << "_CONF_"
|
|
49
|
+
sh << "chmod 440 /etc/sudoers.d/#{user}"
|
|
50
|
+
sh.join( "\n" )
|
|
51
|
+
end
|
|
52
|
+
|
|
53
|
+
# Return /etc/sudoers.d/<users> compatible config lines for user
|
|
54
|
+
# and possible options, as an array
|
|
55
|
+
def sudoers_d_template( user, opts = {} )
|
|
56
|
+
spath = opts[:secure_path] || SECURE_PATH
|
|
57
|
+
spath = spath.join(':') if spath.is_a?( Array )
|
|
58
|
+
|
|
59
|
+
[ "#{user} ALL=(ALL) NOPASSWD:ALL",
|
|
60
|
+
"Defaults:#{user} !requiretty",
|
|
61
|
+
"Defaults:#{user} always_set_home", # Default only on RHEL*
|
|
62
|
+
"Defaults:#{user} secure_path = #{spath}" ]
|
|
63
|
+
end
|
|
64
|
+
|
|
65
|
+
end
|
|
66
|
+
|
|
67
|
+
end
|