underpost 2.8.818 → 2.8.821

package/cli.md

@@ -1,4 +1,4 @@
-## underpost ci/cd cli v2.8.818
+## underpost ci/cd cli v2.8.821
 
 ### Usage: `underpost [options] [command]`
   ```
@@ -29,7 +29,7 @@ Commands:
   test [options] [deploy-list]                               Manages and runs tests, defaulting to the current Underpost default test suite.
   monitor [options] <deploy-id> [env]                        Manages health server monitoring for specified deployments.
   lxd [options]                                              Manages LXD containers and virtual machines.
-  baremetal [options]                                        Manages baremetal server operations, including installation, database setup, and user management.
+  baremetal [options] [workflow-id] [hostname] [ip-address]  Manages baremetal server operations, including installation, database setup, commissioning, and user management.
   help [command]                                             display help for command
  
 ```
@@ -592,29 +592,37 @@ Options:
 
 ### `baremetal` :
 ```
- Usage: underpost baremetal [options]
+ Usage: underpost baremetal [options] [workflow-id] [hostname] [ip-address]
 
 Manages baremetal server operations, including installation, database setup,
-and user management.
+commissioning, and user management.
 
 Options:
   --control-server-install       Installs the baremetal control server.
-  --control-server-db-init       Sets up the database for the baremetal control
-                                 server.
+  --control-server-uninstall     Uninstalls the baremetal control server.
+  --control-server-db-install    Installs up the database for the baremetal
+                                 control server.
   --control-server-db-uninstall  Uninstalls the database for the baremetal
                                  control server.
-  --control-server-init          Initializes the baremetal control server.
-  --control-server-login         Logs in as an administrator to the control
-                                 server.
-  --control-server-uninstall     Uninstalls the baremetal control server.
-  --control-server-stop          Stops the baremetal control server.
-  --control-server-start         Starts the baremetal control server.
-  --get-users                    Retrieves a list of users from the control
-                                 server.
-  --new-api-key                  Generates a new API key for the control
-                                 server.
+  --commission                   Init workflow for commissioning a physical
+                                 machine.
+  --nfs-build                    Builds an NFS root filesystem for a workflow
+                                 id config architecture using QEMU emulation.
+  --nfs-mount                    Mounts the NFS root filesystem for a workflow
+                                 id config architecture.
+  --nfs-unmount                  Unmounts the NFS root filesystem for a
+                                 workflow id config architecture.
+  --nfs-sh                       Copies QEMU emulation root entrypoint shell
+                                 command to the clipboard.
+  --cloud-init-update            Updates cloud init for a workflow id config
+                                 architecture.
+  --cloud-init-reset             Resets cloud init for a workflow id config
+                                 architecture.
+  --logs <log-id>                Displays logs for log id: dhcp, cloud,
+                                 machine, cloud-config.
   --dev                          Sets the development context environment for
                                  baremetal operations.
+  --ls                           Lists available boot resources and machines.
   -h, --help                     display help for command
  
 ```

package/docker-compose.yml

@@ -58,7 +58,7 @@ services:
           cpus: '0.25'
           memory: 20M
     labels: # labels in Compose file instead of Dockerfile
-      engine.version: '2.8.818'
+      engine.version: '2.8.821'
     networks:
       - load-balancer
 

package/manifests/deployment/dd-template-development/deployment.yaml

@@ -17,7 +17,7 @@ spec:
     spec:
       containers:
         - name: dd-template-development-blue
-          image: localhost/rockylinux9-underpost:v2.8.818
+          image: localhost/rockylinux9-underpost:v2.8.821
           #          resources:
           #            requests:
           #              memory: "124Ki"
@@ -100,7 +100,7 @@ spec:
     spec:
       containers:
         - name: dd-template-development-green
-          image: localhost/rockylinux9-underpost:v2.8.818
+          image: localhost/rockylinux9-underpost:v2.8.821
           #          resources:
           #            requests:
           #              memory: "124Ki"

package/manifests/maas/device-scan.sh

@@ -34,7 +34,7 @@ for iface_path in /sys/class/net/*; do
   echo "Interface: $name"
   echo "  MAC:          $mac"
   echo "  IPv4:         $ip"
-  echo "  Estado:       $operstate"
+  echo "  State:       $operstate"
   echo "  MTU:          $mtu"
   echo "  Driver:       $driver"
   echo "  PCI Vendor:Device ID: $pci"

package/manifests/maas/maas-setup.sh

@@ -1,20 +1,23 @@
 #!/bin/bash
 set -euo pipefail
 
+# Install jq for JSON parsing
 sudo snap install jq
-# sudo snap install --channel=3.0/stable maas
+
+# Install MAAS
 sudo snap install maas
 
 # Get default interface and IP address
 INTERFACE=$(ip route | grep default | awk '{print $5}')
 IP_ADDRESS=$(ip -4 addr show dev "$INTERFACE" | grep -oP '(?<=inet\s)\d+(\.\d+){3}')
 
+# Change to the engine directory (assuming this is where your MAAS related configs are)
 cd /home/dd/engine
 
-# Load secrets
+# Load secrets for MAAS database and admin credentials
 underpost secret underpost --create-from-file /home/dd/engine/engine-private/conf/dd-cron/.env.production
 
-# Extract config values
+# Extract configuration values from secrets
 DB_PG_MAAS_USER=$(node bin config get --plain DB_PG_MAAS_USER)
 DB_PG_MAAS_PASS=$(node bin config get --plain DB_PG_MAAS_PASS)
 DB_PG_MAAS_HOST=$(node bin config get --plain DB_PG_MAAS_HOST)
@@ -24,23 +27,94 @@ MAAS_ADMIN_USERNAME=$(node bin config get --plain MAAS_ADMIN_USERNAME)
 MAAS_ADMIN_EMAIL=$(node bin config get --plain MAAS_ADMIN_EMAIL)
 MAAS_ADMIN_PASS=$(node bin config get --plain MAAS_ADMIN_PASS)
 
-# Initialize MAAS
+# Initialize MAAS region+rack controller
 maas init region+rack \
     --database-uri "postgres://${DB_PG_MAAS_USER}:${DB_PG_MAAS_PASS}@${DB_PG_MAAS_HOST}/${DB_PG_MAAS_NAME}" \
     --maas-url http://${IP_ADDRESS}:5240/MAAS
 
-# Let MAAS initialize
+# Allow MAAS to initialize (wait for services to come up)
+echo "Waiting for MAAS to initialize..."
 sleep 30
 
-# Create admin and get API key
+# Create MAAS administrator account
 maas createadmin \
     --username "$MAAS_ADMIN_USERNAME" \
     --password "$MAAS_ADMIN_PASS" \
     --email "$MAAS_ADMIN_EMAIL"
 
+# Get the API key for the admin user
 APIKEY=$(maas apikey --username "$MAAS_ADMIN_USERNAME")
 
-# Login to MAAS
+# Login to MAAS using the admin profile
+echo "Logging into MAAS..."
 maas login "$MAAS_ADMIN_USERNAME" "http://localhost:5240/MAAS/" "$APIKEY"
 
+# Set upstream DNS for MAAS
+echo "Setting upstream DNS to 8.8.8.8..."
 maas "$MAAS_ADMIN_USERNAME" maas set-config name=upstream_dns value=8.8.8.8
+
+# echo "Downloading Ubuntu Noble amd64/ga-24.04 image..."
+# maas $MAAS_ADMIN_USERNAME boot-source-selections create 1 \
+#     os="ubuntu" release="noble" arches="amd64" \
+#     subarches="ga-24.04" labels="*"
+
+echo "Downloading Ubuntu Noble arm64/ga-24.04 image..."
+maas $MAAS_ADMIN_USERNAME boot-source-selections create 1 \
+    os="ubuntu" release="noble" arches="arm64" \
+    subarches="ga-24.04" labels="*"
+
+# Import the newly selected boot images
+echo "Importing boot images (this may take some time)..."
+maas "$MAAS_ADMIN_USERNAME" boot-resources import
+
+# Disable the MAAS HTTP proxy
+echo "Disabling MAAS HTTP proxy..."
+maas "$MAAS_ADMIN_USERNAME" maas set-config name=enable_http_proxy value=false
+
+# Disable DNSSEC validation
+echo "Disabling DNSSEC validation..."
+maas "$MAAS_ADMIN_USERNAME" maas set-config name=dnssec_validation value=no
+
+# Set network discovery interval to 10 minutes (600 seconds)
+echo "Setting network discovery interval to 10 minutes..."
+maas "$MAAS_ADMIN_USERNAME" maas set-config name=active_discovery_interval value=600
+
+SSH_KEY=$(cat ~/.ssh/id_rsa.pub)
+maas $MAAS_ADMIN_USERNAME sshkeys create "key=$SSH_KEY"
+
+echo "MAAS setup script completed with new configurations."
+
+
+# maas $MAAS_ADMIN_USERNAME maas set-config name=default_storage_layout value=lvm
+# maas $MAAS_ADMIN_USERNAME maas set-config name=network_discovery value=disabled
+# maas $MAAS_ADMIN_USERNAME maas set-config name=enable_analytics value=false
+# maas $MAAS_ADMIN_USERNAME maas set-config name=enable_third_party_drivers value=false
+# maas $MAAS_ADMIN_USERNAME maas set-config name=curtin_verbose value=true
+
+
+
+echo "Configuring DHCP for fabric-1 (untagged VLAN)..."
+
+# Get the FABRIC_ID for "fabric-1"
+SUBNET_CIDR="192.168.1.0/24"
+SUBNET_ID=$(maas "$MAAS_ADMIN_USERNAME" subnets read | jq -r '.[] | select(.cidr == "'"$SUBNET_CIDR"'") | .id')
+FABRIC_ID=$(maas "$MAAS_ADMIN_USERNAME" fabrics read | jq -r '.[] | select(.name == "fabric-1") | .id')
+RACK_CONTROLLER_ID=$(maas "$MAAS_ADMIN_USERNAME" rack-controllers read | jq -r '.[] | select(.ip_addresses[] == "'"$IP_ADDRESS"'") | .system_id')
+START_IP="192.168.1.191"
+END_IP="192.168.1.254"
+
+if [ -z "$FABRIC_ID" ]; then
+    echo "Error: Could not find FABRIC_ID for 'fabric-1'. Please ensure 'fabric-1' exists in MAAS."
+    exit 1
+fi
+
+# Enable DHCP on the untagged VLAN (VLAN tag 0)
+echo "Enabling DHCP on VLAN 0 for fabric-1 (ID: $FABRIC_ID)..."
+maas "$MAAS_ADMIN_USERNAME" vlan update "$FABRIC_ID" 0 dhcp_on=true primary_rack="$RACK_CONTROLLER_ID"
+
+# Create a Dynamic IP Range for enlistment, commissioning, and deployment
+echo "Creating dynamic IP range from $START_IP to $END_IP..."
+maas "$MAAS_ADMIN_USERNAME" ipranges create type=dynamic start_ip="$START_IP" end_ip="$END_IP"
+
+echo "Setting gateway IP for subnet $SUBNET_CIDR (ID: $SUBNET_ID) to $IP_ADDRESS..."
+maas "$MAAS_ADMIN_USERNAME" subnet update $SUBNET_ID gateway_ip=$IP_ADDRESS

package/manifests/maas/nat-iptables.sh

@@ -6,9 +6,14 @@ sudo systemctl disable --now iptables
 sudo systemctl disable --now ufw
 sudo systemctl disable --now firewalld
 
-# Enable IP forwarding and configure NAT
-echo "net.ipv4.ip_forward = 1" | sudo tee -a /etc/sysctl.conf
-echo "net.ipv6.conf.all.forwarding = 1" | sudo tee -a /etc/sysctl.conf
+
+# Remove any existing entries, then append exactly one
+sudo sed -i '/^net.ipv4.ip_forward/d' /etc/sysctl.conf
+sudo sed -i '/^net.ipv6.conf.all.forwarding/d' /etc/sysctl.conf
+echo "net.ipv4.ip_forward = 1"               | sudo tee -a /etc/sysctl.conf
+echo "net.ipv6.conf.all.forwarding = 1"       | sudo tee -a /etc/sysctl.conf
+# ---
+
 sudo sysctl -p
 
 # Accept all traffic
@@ -16,6 +21,6 @@ sudo iptables -P INPUT ACCEPT
 sudo iptables -P FORWARD ACCEPT
 sudo iptables -P OUTPUT ACCEPT
 
-# List iptables rules
+# List iptables rules and forwarding flag
 sudo iptables -L -n
-sysctl net.ipv4.ip_forward
+sysctl net.ipv4.ip_forward net.ipv6.conf.all.forwarding

package/package.json

@@ -2,7 +2,7 @@
     "type": "module",
     "main": "src/index.js",
     "name": "underpost",
-    "version": "2.8.818",
+    "version": "2.8.821",
     "description": "pwa api rest template",
     "scripts": {
         "start": "env-cmd -f .env.production node --max-old-space-size=8192 src/server",