syncwrap 2.8.3 → 2.9.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/History.rdoc +37 -0
- data/Manifest.txt +1 -0
- data/README.rdoc +1 -1
- data/Rakefile +7 -0
- data/bin/syncwrap +1 -1
- data/lib/syncwrap.rb +1 -1
- data/lib/syncwrap/amazon_ec2.rb +1 -1
- data/lib/syncwrap/amazon_ws.rb +1 -1
- data/lib/syncwrap/base.rb +2 -2
- data/lib/syncwrap/change_key_listener.rb +1 -1
- data/lib/syncwrap/cli.rb +1 -1
- data/lib/syncwrap/component.rb +1 -1
- data/lib/syncwrap/components/amazon_linux.rb +1 -1
- data/lib/syncwrap/components/arch.rb +4 -4
- data/lib/syncwrap/components/bundle.rb +1 -1
- data/lib/syncwrap/components/bundled_iyyov_daemon.rb +1 -1
- data/lib/syncwrap/components/bundler_gem.rb +1 -1
- data/lib/syncwrap/components/centos.rb +1 -1
- data/lib/syncwrap/components/change_guard.rb +1 -1
- data/lib/syncwrap/components/commercial_jdk.rb +1 -1
- data/lib/syncwrap/components/cruby_vm.rb +12 -7
- data/lib/syncwrap/components/debian.rb +33 -9
- data/lib/syncwrap/components/etc_hosts.rb +1 -1
- data/lib/syncwrap/components/geminabox.rb +1 -1
- data/lib/syncwrap/components/hashdot.rb +1 -1
- data/lib/syncwrap/components/iyyov.rb +1 -1
- data/lib/syncwrap/components/iyyov_daemon.rb +1 -1
- data/lib/syncwrap/components/jruby_vm.rb +19 -8
- data/lib/syncwrap/components/lvm_cache.rb +9 -4
- data/lib/syncwrap/components/mdraid.rb +1 -1
- data/lib/syncwrap/components/network.rb +18 -1
- data/lib/syncwrap/components/open_jdk.rb +20 -7
- data/lib/syncwrap/components/postgresql.rb +18 -9
- data/lib/syncwrap/components/puma.rb +1 -1
- data/lib/syncwrap/components/qpid.rb +1 -1
- data/lib/syncwrap/components/rake_gem.rb +1 -1
- data/lib/syncwrap/components/rhel.rb +2 -2
- data/lib/syncwrap/components/run_user.rb +1 -1
- data/lib/syncwrap/components/source_tree.rb +1 -1
- data/lib/syncwrap/components/tarpit_gem.rb +1 -1
- data/lib/syncwrap/components/ubuntu.rb +1 -1
- data/lib/syncwrap/components/users.rb +4 -14
- data/lib/syncwrap/context.rb +1 -1
- data/lib/syncwrap/distro.rb +1 -1
- data/lib/syncwrap/formatter.rb +1 -1
- data/lib/syncwrap/git_help.rb +1 -1
- data/lib/syncwrap/hash_support.rb +1 -1
- data/lib/syncwrap/host.rb +1 -1
- data/lib/syncwrap/main.rb +1 -1
- data/lib/syncwrap/path_util.rb +1 -1
- data/lib/syncwrap/rsync.rb +1 -1
- data/lib/syncwrap/ruby_support.rb +1 -1
- data/lib/syncwrap/shell.rb +1 -1
- data/lib/syncwrap/sudoers.rb +67 -0
- data/lib/syncwrap/systemd.rb +29 -6
- data/lib/syncwrap/systemd_service.rb +2 -2
- data/lib/syncwrap/user_data.rb +6 -9
- data/lib/syncwrap/version_support.rb +1 -1
- data/lib/syncwrap/zone_balancer.rb +1 -1
- data/sync/postgresql/postgresql.conf.erb +3 -3
- data/sync/src/hashdot/profiles/jruby.hdp.erb +4 -0
- data/test/setup.rb +1 -4
- data/test/test_components.rb +2 -1
- data/test/test_context.rb +1 -1
- data/test/test_context_rput.rb +1 -1
- data/test/test_rsync.rb +1 -1
- data/test/test_shell.rb +1 -1
- data/test/test_space.rb +1 -1
- data/test/test_space_main.rb +1 -1
- data/test/test_version_support.rb +1 -1
- data/test/test_zone_balancer.rb +1 -1
- metadata +8 -7
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
#--
|
|
2
|
-
# Copyright (c) 2011-
|
|
2
|
+
# Copyright (c) 2011-2017 David Kellum
|
|
3
3
|
#
|
|
4
4
|
# Licensed under the Apache License, Version 2.0 (the "License"); you
|
|
5
5
|
# may not use this file except in compliance with the License. You may
|
|
@@ -88,16 +88,21 @@ module SyncWrap
|
|
|
88
88
|
end
|
|
89
89
|
|
|
90
90
|
def install
|
|
91
|
-
|
|
91
|
+
if distro.is_a?( Debian )
|
|
92
|
+
dist_install( "lvm2", "thin-provisioning-tools", minimal: true )
|
|
93
|
+
else
|
|
94
|
+
dist_install( "lvm2", minimal: true )
|
|
95
|
+
end
|
|
92
96
|
sudo( "if ! lvs /dev/#{vg}/#{lv_cache}; then", close: "fi" ) do
|
|
93
97
|
unmount_device( raw_device )
|
|
94
98
|
sudo <<-SH
|
|
95
99
|
vgextend #{vgextend_flags.join ' '} #{vg} #{raw_device}
|
|
96
100
|
lvcreate -L #{meta_size} -n #{lv_cache_meta} #{vg} #{raw_device}
|
|
97
101
|
lvcreate #{cache_size_flag} -n #{lv_cache} #{vg} #{raw_device}
|
|
98
|
-
lvconvert --type cache-pool --cachemode writethrough
|
|
102
|
+
lvconvert --yes --type cache-pool --cachemode writethrough \
|
|
99
103
|
--poolmetadata #{vg}/#{lv_cache_meta} #{vg}/#{lv_cache}
|
|
100
|
-
lvconvert --type cache --cachepool #{vg}/#{lv_cache}
|
|
104
|
+
lvconvert --yes --type cache --cachepool #{vg}/#{lv_cache} \
|
|
105
|
+
#{vg}/#{lv_cache_target}
|
|
101
106
|
SH
|
|
102
107
|
end
|
|
103
108
|
end
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
#--
|
|
2
|
-
# Copyright (c) 2011-
|
|
2
|
+
# Copyright (c) 2011-2017 David Kellum
|
|
3
3
|
#
|
|
4
4
|
# Licensed under the Apache License, Version 2.0 (the "License"); you
|
|
5
5
|
# may not use this file except in compliance with the License. You may
|
|
@@ -58,6 +58,10 @@ module SyncWrap
|
|
|
58
58
|
else
|
|
59
59
|
set_etc_hostname( name )
|
|
60
60
|
end
|
|
61
|
+
|
|
62
|
+
if distro.is_a?( Debian ) && !dns_search
|
|
63
|
+
set_etc_hosts_name( name )
|
|
64
|
+
end
|
|
61
65
|
end
|
|
62
66
|
|
|
63
67
|
# Test if change to etc/hostname is needed. If so also immediately
|
|
@@ -71,6 +75,19 @@ module SyncWrap
|
|
|
71
75
|
SH
|
|
72
76
|
end
|
|
73
77
|
|
|
78
|
+
def set_etc_hosts_name( name )
|
|
79
|
+
f = '/etc/hosts'
|
|
80
|
+
# If name not already in /etc/hosts append it to the beginning
|
|
81
|
+
# of the file.
|
|
82
|
+
sudo <<-SH
|
|
83
|
+
if ! grep -q -E '\s#{name}(\s|$)' #{f}; then
|
|
84
|
+
cp -f #{f} #{f}~
|
|
85
|
+
echo '127.0.0.1 #{name}' > #{f}
|
|
86
|
+
cat #{f}~ >> #{f}
|
|
87
|
+
fi
|
|
88
|
+
SH
|
|
89
|
+
end
|
|
90
|
+
|
|
74
91
|
# Test if change to etc/sysconfig/network is needed. If so also
|
|
75
92
|
# immediately set (in kernel) hostname.
|
|
76
93
|
def set_sysconfig_network( name )
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
#--
|
|
2
|
-
# Copyright (c) 2011-
|
|
2
|
+
# Copyright (c) 2011-2017 David Kellum
|
|
3
3
|
#
|
|
4
4
|
# Licensed under the Apache License, Version 2.0 (the "License"); you
|
|
5
5
|
# may not use this file except in compliance with the License. You may
|
|
@@ -19,20 +19,24 @@ require 'syncwrap/component'
|
|
|
19
19
|
# For distro class comparison only (pre-load for safety)
|
|
20
20
|
require 'syncwrap/components/rhel'
|
|
21
21
|
require 'syncwrap/components/debian'
|
|
22
|
+
require 'syncwrap/components/ubuntu'
|
|
22
23
|
require 'syncwrap/components/arch'
|
|
24
|
+
require 'syncwrap/version_support'
|
|
23
25
|
|
|
24
26
|
module SyncWrap
|
|
25
27
|
|
|
26
28
|
# Provision an OpenJDK via Linux distro managed packages.
|
|
27
29
|
#
|
|
28
30
|
# For simplicity, this component only supports the full JDK (runtime
|
|
29
|
-
# and compiler) and not the JRE (runtime only). Note
|
|
30
|
-
# on Debian distros, installing 'openjdk-7-jdk'
|
|
31
|
-
# X11 and leads to
|
|
31
|
+
# and compiler) and not the JRE (runtime only). Note that
|
|
32
|
+
# on older Debian-based distros, installing 'openjdk-7-jdk' is
|
|
33
|
+
# necessary for javac, but ends up pulling X11 and leads to
|
|
34
|
+
# signficant system bloat. See:
|
|
32
35
|
#
|
|
33
36
|
# https://bugs.launchpad.net/ubuntu/+source/openjdk-6/+bug/257857
|
|
34
37
|
#
|
|
35
|
-
#
|
|
38
|
+
# As of Ubuntu 16.04, there is an 'openjdk-8-jdk-headless' package
|
|
39
|
+
# which this will use if applicable.
|
|
36
40
|
#
|
|
37
41
|
# Host component dependencies: <Distro>
|
|
38
42
|
#
|
|
@@ -40,6 +44,7 @@ module SyncWrap
|
|
|
40
44
|
# and/or its affiliates.
|
|
41
45
|
# See http://openjdk.java.net/legal/openjdk-trademark-notice.html
|
|
42
46
|
class OpenJDK < Component
|
|
47
|
+
include VersionSupport
|
|
43
48
|
|
|
44
49
|
# The JDK major and/or minor version number, i.e "1.7" or "7" is 7.
|
|
45
50
|
# Marketing picked the version scheme.
|
|
@@ -66,14 +71,22 @@ module SyncWrap
|
|
|
66
71
|
end
|
|
67
72
|
|
|
68
73
|
# Install distro packages, including development headers for JNI
|
|
69
|
-
#
|
|
74
|
+
# dependents like Hashdot.
|
|
70
75
|
def install
|
|
71
76
|
case distro
|
|
72
77
|
when RHEL
|
|
73
78
|
dist_install( "java-1.#{jdk_major_minor}.0-openjdk",
|
|
74
79
|
"java-1.#{jdk_major_minor}.0-openjdk-devel" )
|
|
75
80
|
when Debian
|
|
76
|
-
|
|
81
|
+
if jdk_major_minor >= 8 &&
|
|
82
|
+
distro.is_a?( Ubuntu ) &&
|
|
83
|
+
version_gte?( distro.ubuntu_version, [16,4] )
|
|
84
|
+
# FIXME: This jdk-headless package option may be(come)
|
|
85
|
+
# available on upstream Debian as well.
|
|
86
|
+
dist_install( "openjdk-#{jdk_major_minor}-jdk-headless" )
|
|
87
|
+
else
|
|
88
|
+
dist_install( "openjdk-#{jdk_major_minor}-jdk" )
|
|
89
|
+
end
|
|
77
90
|
when Arch
|
|
78
91
|
dist_install( "jdk#{jdk_major_minor}-openjdk" )
|
|
79
92
|
else
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
#--
|
|
2
|
-
# Copyright (c) 2011-
|
|
2
|
+
# Copyright (c) 2011-2017 David Kellum
|
|
3
3
|
#
|
|
4
4
|
# Licensed under the Apache License, Version 2.0 (the "License"); you
|
|
5
5
|
# may not use this file except in compliance with the License. You may
|
|
@@ -291,13 +291,20 @@ module SyncWrap
|
|
|
291
291
|
# #shared_memory_max adjustment and stops the server for subsequent
|
|
292
292
|
# reconfigure or data relocation.
|
|
293
293
|
def package_install
|
|
294
|
-
dist_install( *package_names )
|
|
295
294
|
if distro.is_a?( Debian )
|
|
296
|
-
|
|
295
|
+
dist_if_not_installed?( package_names ) do
|
|
296
|
+
dist_install( *package_names, check_install: false )
|
|
297
|
+
pg_stop
|
|
298
|
+
end
|
|
297
299
|
if shared_memory_max
|
|
298
|
-
rput( 'etc/sysctl.d/61-postgresql-shm.conf', user: :root )
|
|
299
|
-
|
|
300
|
+
c = rput( 'etc/sysctl.d/61-postgresql-shm.conf', user: :root )
|
|
301
|
+
unless c.empty?
|
|
302
|
+
sudo "sysctl -p /etc/sysctl.d/61-postgresql-shm.conf"
|
|
303
|
+
end
|
|
304
|
+
c
|
|
300
305
|
end
|
|
306
|
+
else
|
|
307
|
+
dist_install( *package_names )
|
|
301
308
|
end
|
|
302
309
|
end
|
|
303
310
|
|
|
@@ -324,10 +331,12 @@ module SyncWrap
|
|
|
324
331
|
when Debian
|
|
325
332
|
unless pg_data_dir == pg_default_data_dir
|
|
326
333
|
sudo <<-SH
|
|
327
|
-
|
|
328
|
-
|
|
329
|
-
|
|
330
|
-
|
|
334
|
+
if [ ! -d '#{pg_data_dir}/base' ]; then
|
|
335
|
+
mkdir -p #{pg_data_dir}
|
|
336
|
+
chown postgres:postgres #{pg_data_dir}
|
|
337
|
+
chmod 700 #{pg_data_dir}
|
|
338
|
+
mv #{pg_default_data_dir}/* #{pg_data_dir}/
|
|
339
|
+
fi
|
|
331
340
|
SH
|
|
332
341
|
end
|
|
333
342
|
else
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
#--
|
|
2
|
-
# Copyright (c) 2011-
|
|
2
|
+
# Copyright (c) 2011-2017 David Kellum
|
|
3
3
|
#
|
|
4
4
|
# Licensed under the Apache License, Version 2.0 (the "License"); you
|
|
5
5
|
# may not use this file except in compliance with the License. You may
|
|
@@ -121,7 +121,7 @@ module SyncWrap
|
|
|
121
121
|
# If chk is true, then wrap block in a sudo bash conditional that tests
|
|
122
122
|
# if any specified pkgs are not installed. Otherwise just
|
|
123
123
|
# yield to block.
|
|
124
|
-
def dist_if_not_installed?( pkgs, chk, opts, &block )
|
|
124
|
+
def dist_if_not_installed?( pkgs, chk = true, opts = {}, &block )
|
|
125
125
|
if chk
|
|
126
126
|
pkgs = Array( pkgs )
|
|
127
127
|
cnt = "rpm -q #{pkgs.join ' '} | grep -cv 'not installed'"
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
#--
|
|
2
|
-
# Copyright (c) 2011-
|
|
2
|
+
# Copyright (c) 2011-2017 David Kellum
|
|
3
3
|
#
|
|
4
4
|
# Licensed under the Apache License, Version 2.0 (the "License"); you
|
|
5
5
|
# may not use this file except in compliance with the License. You may
|
|
@@ -16,6 +16,7 @@
|
|
|
16
16
|
|
|
17
17
|
require 'syncwrap/component'
|
|
18
18
|
require 'syncwrap/path_util'
|
|
19
|
+
require 'syncwrap/sudoers'
|
|
19
20
|
|
|
20
21
|
module SyncWrap
|
|
21
22
|
|
|
@@ -23,6 +24,7 @@ module SyncWrap
|
|
|
23
24
|
# home directory files.
|
|
24
25
|
class Users < Component
|
|
25
26
|
include PathUtil
|
|
27
|
+
include Sudoers
|
|
26
28
|
|
|
27
29
|
# The list of user names to install. If default nil, home_users
|
|
28
30
|
# will be determined by the set of home directories found in
|
|
@@ -165,19 +167,7 @@ module SyncWrap
|
|
|
165
167
|
end
|
|
166
168
|
|
|
167
169
|
def set_sudoers( user )
|
|
168
|
-
|
|
169
|
-
|
|
170
|
-
sudo <<-SH
|
|
171
|
-
echo '#{user} ALL=(ALL) NOPASSWD:ALL' > /etc/sudoers.d/#{user}
|
|
172
|
-
echo 'Defaults:#{user} !requiretty' >> /etc/sudoers.d/#{user}
|
|
173
|
-
echo 'Defaults:#{user} secure_path = /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin' \
|
|
174
|
-
>> /etc/sudoers.d/#{user}
|
|
175
|
-
chmod 440 /etc/sudoers.d/#{user}
|
|
176
|
-
SH
|
|
177
|
-
|
|
178
|
-
#FIXME: Centos 6.5:
|
|
179
|
-
# secure_path is the same as above already
|
|
180
|
-
#FIXME: echo 'Defaults:#{user} always_set_home' >> /etc/sudoers.d/#{user}
|
|
170
|
+
sudo sudoers_d_commands( user )
|
|
181
171
|
end
|
|
182
172
|
|
|
183
173
|
protected
|
data/lib/syncwrap/context.rb
CHANGED
data/lib/syncwrap/distro.rb
CHANGED
data/lib/syncwrap/formatter.rb
CHANGED
data/lib/syncwrap/git_help.rb
CHANGED
data/lib/syncwrap/host.rb
CHANGED
data/lib/syncwrap/main.rb
CHANGED
data/lib/syncwrap/path_util.rb
CHANGED
data/lib/syncwrap/rsync.rb
CHANGED
data/lib/syncwrap/shell.rb
CHANGED
|
@@ -0,0 +1,67 @@
|
|
|
1
|
+
#--
|
|
2
|
+
# Copyright (c) 2011-2017 David Kellum
|
|
3
|
+
#
|
|
4
|
+
# Licensed under the Apache License, Version 2.0 (the "License"); you
|
|
5
|
+
# may not use this file except in compliance with the License. You may
|
|
6
|
+
# obtain a copy of the License at
|
|
7
|
+
#
|
|
8
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
|
9
|
+
#
|
|
10
|
+
# Unless required by applicable law or agreed to in writing, software
|
|
11
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
12
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
|
|
13
|
+
# implied. See the License for the specific language governing
|
|
14
|
+
# permissions and limitations under the License.
|
|
15
|
+
#++
|
|
16
|
+
|
|
17
|
+
module SyncWrap
|
|
18
|
+
|
|
19
|
+
# Utility methods for generating sudoers.d config
|
|
20
|
+
module Sudoers
|
|
21
|
+
|
|
22
|
+
# Default paths array for sudoers secure_path (PATH setting) As
|
|
23
|
+
# compared with RHEL derivatives this has /usr/local support and
|
|
24
|
+
# retains /bin for distro's like Debian that have kept those
|
|
25
|
+
# separate. As compared with recent Ubuntu, this is the same
|
|
26
|
+
# other than avoiding '/snap/bin'.
|
|
27
|
+
SECURE_PATH = %w[ /usr/local/sbin
|
|
28
|
+
/usr/local/bin
|
|
29
|
+
/usr/sbin
|
|
30
|
+
/usr/bin
|
|
31
|
+
/sbin
|
|
32
|
+
/bin ].freeze
|
|
33
|
+
|
|
34
|
+
protected
|
|
35
|
+
|
|
36
|
+
# Return an sh script, including 'shebang' preamble, for writing
|
|
37
|
+
# the file /etc/sudoers.d/<user>
|
|
38
|
+
def sudoers_d_script( user, opts = {} )
|
|
39
|
+
"#!/bin/sh -e\n" + sudoers_d_commands( user, opts )
|
|
40
|
+
end
|
|
41
|
+
|
|
42
|
+
# Return sh command lines string for writing the file
|
|
43
|
+
# /etc/sudoers.d/<user>
|
|
44
|
+
def sudoers_d_commands( user, opts = {} )
|
|
45
|
+
sh = []
|
|
46
|
+
sh << "cat > /etc/sudoers.d/#{user} <<_CONF_"
|
|
47
|
+
sh += sudoers_d_template( user, opts )
|
|
48
|
+
sh << "_CONF_"
|
|
49
|
+
sh << "chmod 440 /etc/sudoers.d/#{user}"
|
|
50
|
+
sh.join( "\n" )
|
|
51
|
+
end
|
|
52
|
+
|
|
53
|
+
# Return /etc/sudoers.d/<users> compatible config lines for user
|
|
54
|
+
# and possible options, as an array
|
|
55
|
+
def sudoers_d_template( user, opts = {} )
|
|
56
|
+
spath = opts[:secure_path] || SECURE_PATH
|
|
57
|
+
spath = spath.join(':') if spath.is_a?( Array )
|
|
58
|
+
|
|
59
|
+
[ "#{user} ALL=(ALL) NOPASSWD:ALL",
|
|
60
|
+
"Defaults:#{user} !requiretty",
|
|
61
|
+
"Defaults:#{user} always_set_home", # Default only on RHEL*
|
|
62
|
+
"Defaults:#{user} secure_path = #{spath}" ]
|
|
63
|
+
end
|
|
64
|
+
|
|
65
|
+
end
|
|
66
|
+
|
|
67
|
+
end
|