diff options
20 files changed, 342 insertions, 7 deletions
diff --git a/encap/README b/encap/README index 6b02b423d..488639c7f 100644 --- a/encap/README +++ b/encap/README @@ -60,6 +60,7 @@ work, but it has not yet been tested with a working bcfg2 repository. install the gcc bugfix at http://www.openssl.org/~appro/values.c by running "ksh -f values.c" as root (or openssl will segfault) * GNU make (make sure "gmake" links to GNU make on non-GNU platforms) + * /usr/local/man should be a directory, not a symbolic link * epkg (the encap package manager) * Canonical website is http://www.encap.org/epkg * Mirror of epkg binaries is available at http://www.dclark.us/mirror/ diff --git a/encap/TODO b/encap/TODO index c0fc850c7..2f4a45b71 100644 --- a/encap/TODO +++ b/encap/TODO @@ -5,11 +5,9 @@ * Double-check all permissions, and make sure they are not effected by umask - * Make *-doc* .ep's "shared" instead of platform-specific. - - * Update README to refer to need to make/install tools/bcfg2-python-apt + * Update Makefile to refer to make/install tools/bcfg2-python-apt on apt-using platforms (Debian, Ubuntu etc.) - also mention false error - message you will get if you don't. + message you will get if you don't in the README. * Big README update, mention ostiary, daemontools, bcfg2-site etc. @@ -22,6 +20,3 @@ * encap support for Solaris (sparc and x86) * Binary epkg archive at http://www.pobox.com/users/dclark/mirror/bcfg2-encaps - - * Look into the possibility of making platform-specific packages with - [http://www.easysw.com/epm/ EPM]. diff --git a/encap/tools/bcfg2-site/Makefile b/encap/tools/bcfg2-site/Makefile new file mode 100644 index 000000000..e42ff2eb6 --- /dev/null +++ b/encap/tools/bcfg2-site/Makefile @@ -0,0 +1,61 @@ +# $Id$ + +# Variables + +PATH = /usr/local/lib/bcfg2/bin:/usr/local/bin:/usr/bin:/bin +CHEETAH = /usr/local/lib/bcfg2/bin/cheetah + +# Main + +.PHONY : all clean fill copy fix encap test cheetah +.SUFFIXES : + +BD = /usr/local +ED = ${BD}/encap +export ED + +all : encap + +clean : + for DIR in `find . -type d | grep -v "\.svn"`; do \ + for GLOB in \#\* \*\~ \*.out\*; do \ + (rm $${DIR}/$${GLOB} 2>/dev/null || true); \ + done; \ + done + +fill : clean + $(CHEETAH) fill -R --oext out + +copy : fill + EN=`cat bcfg2-site-RENAME/encapname.out` && \ + ( test ! -d $$ED/bcfg2-site-$${EN} || rm -rf $$ED/bcfg2-site-$${EN} ) && \ + for SRC in `find bcfg2-site-RENAME | grep -v svn | grep -v tmpl`; do \ + DEST=$$ED/`printf "$$SRC" | sed s/RENAME/$$EN/g | sed s/\.out//g`; \ + if [ -d $$SRC ]; then mkdir $$DEST; else cp $$SRC $$DEST; fi; \ + done + +fix : copy + EN="$$ED/bcfg2-site-`cat bcfg2-site-RENAME/encapname.out`" && \ + chown -R 0 $$EN && chgrp -R 0 $$EN && \ + find $$EN -type d | xargs -n1 chmod 0755 && \ + find $$EN -type f | xargs -n1 chmod 0644 && \ + chmod 0600 $$EN/etc/ostiary.cfg && \ + chmod 0600 $$EN/etc/bcfg2.conf && \ + chmod 0755 $$EN/sbin/ost-bcfg2.sh && \ + chmod 0755 $$EN/postinstall && \ + chmod 0755 $$EN/preinstall + +encap : fix + EN="bcfg2-site-`cat bcfg2-site-RENAME/encapname.out`" && \ + cd $$ED && \ + ( test ! -f $${EN}-encap-*.tar.gz || rm $${EN}-encap-*.tar.gz ) && \ + mkencap -c $$EN + EN="bcfg2-site-`cat bcfg2-site-RENAME/encapname.out`" && \ + mv $$ED/$${EN}-encap-*.tar.gz . + +test : + : $(PATH) + $(CHEETAH) test + +cheetah : + $(CHEETAH) $(ARGS) diff --git a/encap/tools/bcfg2-site/bcfg2-site-RENAME/encapinfo.tmpl b/encap/tools/bcfg2-site/bcfg2-site-RENAME/encapinfo.tmpl new file mode 100644 index 000000000..e6af738ac --- /dev/null +++ b/encap/tools/bcfg2-site/bcfg2-site-RENAME/encapinfo.tmpl @@ -0,0 +1,9 @@ +#include "site-settings.conf" +encap 2.1 # libencap-2.3.8 +platform share +date ${DATE} +contact "${ADMIN_NAME}" <${ADMIN_EMAIL}> +description bcfg2-site-${SITE_SHORTNAME} - bcfg2 configuration for ${SITE_NAME} +prereq pkgspec >= bcfg2-0.8.2 +prereq pkgspec >= daemontools-0.76 +prereq pkgspec >= ostiary-3.4 diff --git a/encap/tools/bcfg2-site/bcfg2-site-RENAME/encapname.tmpl b/encap/tools/bcfg2-site/bcfg2-site-RENAME/encapname.tmpl new file mode 100644 index 000000000..0c0296a16 --- /dev/null +++ b/encap/tools/bcfg2-site/bcfg2-site-RENAME/encapname.tmpl @@ -0,0 +1,2 @@ +#include "site-settings.conf" +${SITE_SHORTNAME}-${SITE_VERSION} diff --git a/encap/tools/bcfg2-site/bcfg2-site-RENAME/etc/bcfg2.conf.tmpl b/encap/tools/bcfg2-site/bcfg2-site-RENAME/etc/bcfg2.conf.tmpl new file mode 100644 index 000000000..536faa82d --- /dev/null +++ b/encap/tools/bcfg2-site/bcfg2-site-RENAME/etc/bcfg2.conf.tmpl @@ -0,0 +1,10 @@ +#include "site-settings.conf" +[communication] +protocol = xmlrpc/ssl +password = ${BCFG2_PASSWORD} + +[components] +bcfg2 = https://${BCFG2_SERVER}:${BCFG2_PORT} + +[statistics] +sendmailpath = ${SENDMAILPATH} diff --git a/encap/tools/bcfg2-site/bcfg2-site-RENAME/etc/default/bcfg2-client/.SENTINEL_SITE b/encap/tools/bcfg2-site/bcfg2-site-RENAME/etc/default/bcfg2-client/.SENTINEL_SITE new file mode 100644 index 000000000..e69de29bb --- /dev/null +++ b/encap/tools/bcfg2-site/bcfg2-site-RENAME/etc/default/bcfg2-client/.SENTINEL_SITE diff --git a/encap/tools/bcfg2-site/bcfg2-site-RENAME/etc/default/bcfg2-client/env/OPTIONS.tmpl b/encap/tools/bcfg2-site/bcfg2-site-RENAME/etc/default/bcfg2-client/env/OPTIONS.tmpl new file mode 100644 index 000000000..93d733712 --- /dev/null +++ b/encap/tools/bcfg2-site/bcfg2-site-RENAME/etc/default/bcfg2-client/env/OPTIONS.tmpl @@ -0,0 +1,2 @@ +#include "site-settings.conf" +${BCFG2_CLIENT_OPTIONS} diff --git a/encap/tools/bcfg2-site/bcfg2-site-RENAME/etc/default/bcfg2-client/env/RUN_INTERVAL_SECONDS.tmpl b/encap/tools/bcfg2-site/bcfg2-site-RENAME/etc/default/bcfg2-client/env/RUN_INTERVAL_SECONDS.tmpl new file mode 100644 index 000000000..e4ff48d09 --- /dev/null +++ b/encap/tools/bcfg2-site/bcfg2-site-RENAME/etc/default/bcfg2-client/env/RUN_INTERVAL_SECONDS.tmpl @@ -0,0 +1,2 @@ +#include "site-settings.conf" +${BCFG2_CLIENT_RUN_INTERVAL_SECONDS} diff --git a/encap/tools/bcfg2-site/bcfg2-site-RENAME/etc/default/bcfg2-server/.SENTINEL_SITE b/encap/tools/bcfg2-site/bcfg2-site-RENAME/etc/default/bcfg2-server/.SENTINEL_SITE new file mode 100644 index 000000000..e69de29bb --- /dev/null +++ b/encap/tools/bcfg2-site/bcfg2-site-RENAME/etc/default/bcfg2-server/.SENTINEL_SITE diff --git a/encap/tools/bcfg2-site/bcfg2-site-RENAME/etc/default/bcfg2-server/env/OPTIONS.tmpl b/encap/tools/bcfg2-site/bcfg2-site-RENAME/etc/default/bcfg2-server/env/OPTIONS.tmpl new file mode 100644 index 000000000..e4283b54e --- /dev/null +++ b/encap/tools/bcfg2-site/bcfg2-site-RENAME/etc/default/bcfg2-server/env/OPTIONS.tmpl @@ -0,0 +1,2 @@ +#include "site-settings.conf" +${BCFG2_SERVER_OPTIONS} diff --git a/encap/tools/bcfg2-site/bcfg2-site-RENAME/etc/ostiary.cfg.tmpl b/encap/tools/bcfg2-site/bcfg2-site-RENAME/etc/ostiary.cfg.tmpl new file mode 100644 index 000000000..ebc39b61d --- /dev/null +++ b/encap/tools/bcfg2-site/bcfg2-site-RENAME/etc/ostiary.cfg.tmpl @@ -0,0 +1,29 @@ +#include "site-settings.conf" +# If present, ostiaryd will shut down once the cache of bad IPs is full. +# Under daemontools, this just has the effect of generating a service +# restart log message. +EXIT_ON_IPCACHE_FULL + +# If present, ostiaryd will not detach from the terminal it was started +# from. This is useful when running ostiaryd from programs like inetd or +# cygrunsrv or daemontools. +SKIP_DETACH + +# Port to listen on. (Can be specified on command line.) +PORT=${OSTIARY_PORT} + +# The password to remotely kill ostiaryd. Sort of useless when running under +# daemontools, since daemontools will just start ostiaryd back up. (But it +# is required to be in this file) +KILL="${OSTIARY_PASSWORD}-kill" + +# Must be at least one action. Format is: +# ACTION="secret","command (with path)",["uid"[,"gid"]] +# NOTE: There is a maximum of 31 actions +ACTION="${OSTIARY_PASSWORD}-bcfg2-dvqn","/usr/local/sbin/ost-bcfg2.sh dvqn","0","0" +ACTION="${OSTIARY_PASSWORD}-bcfg2-dvn","/usr/local/sbin/ost-bcfg2.sh dvn","0","0" +ACTION="${OSTIARY_PASSWORD}-bcfg2-dvq","/usr/local/sbin/ost-bcfg2.sh dvq","0","0" +ACTION="${OSTIARY_PASSWORD}-bcfg2-dv","/usr/local/sbin/ost-bcfg2.sh dv","0","0" +ACTION="${OSTIARY_PASSWORD}-bcfg2-vq","/usr/local/sbin/ost-bcfg2.sh vq","0","0" +ACTION="${OSTIARY_PASSWORD}-bcfg2-v","/usr/local/sbin/ost-bcfg2.sh v","0","0" +ACTION="${OSTIARY_PASSWORD}-bcfg2-restart","/usr/local/sbin/ost-bcfg2.sh restart","0","0" diff --git a/encap/tools/bcfg2-site/bcfg2-site-RENAME/postinstall b/encap/tools/bcfg2-site/bcfg2-site-RENAME/postinstall new file mode 100755 index 000000000..e69de29bb --- /dev/null +++ b/encap/tools/bcfg2-site/bcfg2-site-RENAME/postinstall diff --git a/encap/tools/bcfg2-site/bcfg2-site-RENAME/preinstall b/encap/tools/bcfg2-site/bcfg2-site-RENAME/preinstall new file mode 100755 index 000000000..e69de29bb --- /dev/null +++ b/encap/tools/bcfg2-site/bcfg2-site-RENAME/preinstall diff --git a/encap/tools/bcfg2-site/bcfg2-site-RENAME/sbin/ost-bcfg2.sh b/encap/tools/bcfg2-site/bcfg2-site-RENAME/sbin/ost-bcfg2.sh new file mode 100755 index 000000000..55b20caac --- /dev/null +++ b/encap/tools/bcfg2-site/bcfg2-site-RENAME/sbin/ost-bcfg2.sh @@ -0,0 +1,26 @@ +#!/bin/sh + +# +# ost-bcfg2.sh : Control bcfg2 client via ostiary (wrapper script) +# $Id$ +# + +umask 002 +exec 2>&1 + +LOG="multilog t /usr/local/var/multilog/bcfg2-client-ostiary" +PATH=/usr/local/lib/bcfg2/bin:/command:/usr/local/bin:/usr/bin:/bin +export PATH + +case $1 in + dvqn) bcfg2 -d -v -q -n | $LOG ;; + dvn) bcfg2 -d -v -n | $LOG ;; + dvq) bcfg2 -d -v -q | $LOG ;; + dv) bcfg2 -d -v | $LOG ;; + vq) bcfg2 -v -q | $LOG ;; + v) bcfg2 -v | $LOG ;; + restart) svc -t bcfg2-client | $LOG ;; + *) printf "ERROR in $0\n" | $LOG ;; +esac + +exit 0
\ No newline at end of file diff --git a/encap/tools/bcfg2-site/bcfg2-site-RENAME/var/encap/bcfg2-site-RENAME b/encap/tools/bcfg2-site/bcfg2-site-RENAME/var/encap/bcfg2-site-RENAME new file mode 100644 index 000000000..e69de29bb --- /dev/null +++ b/encap/tools/bcfg2-site/bcfg2-site-RENAME/var/encap/bcfg2-site-RENAME diff --git a/encap/tools/bcfg2-site/site-settings.conf b/encap/tools/bcfg2-site/site-settings.conf new file mode 100644 index 000000000..c29ab36e2 --- /dev/null +++ b/encap/tools/bcfg2-site/site-settings.conf @@ -0,0 +1,46 @@ +###### +###### Set these variables as appropriate for your site +###### +#### +#### Site Information +#### +#set global $ADMIN_NAME = "Local Admin Contact" +#set global $ADMIN_EMAIL = "tickets@localhost.localdomain.com" +#set global $SITE_NAME = "localdomain.com" +## SITE_SHORTNAME should be a single word with no punctuation +#set global $SITE_SHORTNAME = "localdomain" +## SITE_VERSION should be the version of this file, starting at 1 +#set global $SITE_VERSION = "1" +#### +#### Paths, Variables, and Passwords +#### +#set global $SENDMAILPATH = "/usr/sbin/sendmail" +#set global $BCFG2_SERVER = "config.localdomain.com" +#set global $BCFG2_PORT = "6" +#set global $OSTIARY_PORT = "7" +#set global $BCFG2_CLIENT_RUN_INTERVAL_SECONDS = "3600" +## Initial options for bcfg(1). The bcfg2 client is started with these options +## on installation and periodically based on BCFG2_CLIENT_RUN_INTERVAL_SECONDS, +## so you probably want to include the "-n" (dry-run mode) flag, unless you +## already have a good configuration in place. You can then change the config +## file /usr/local/etc/default/bcfg2-client/env/OPTIONS via the bcfg2 "Cfg" +## functionality (possibly by kicking off a non-dry from the bcfg2 server using +## ostiary, or just by running bcfg2 manually on the client) to run in non-dry- +## run mode. +#set global $BCFG2_CLIENT_OPTIONS = "-q -v -d -n" +## Initial options for bcfg2-server(8). Note that bcfg2-server is not fully +## configured by bcfg2-site; you need to edit /usr/local/etc/bcfg2.conf to +## include the "[server]" stanza and appropriate values, as well as a "key =" +## line in the "[communications]" stanza (see bcfg2 doc for details). +#set global $BCFG2_SERVER_OPTIONS = "-v" +## You can set passwords here, and you will not be prompted for them at +## install time; however you will then have to treat your bcfg2-site +## distribution as equivalent to the bcfg2 server and ostiary passwords. +## To be prompted for passwords at install time, make these empty string ("") +#set global $BCFG2_PASSWORD = "" +#set global $OSTIARY_PASSWORD = "" +###### +###### Automatically-set variables - you shouldn't have to touch these. +###### +#from time import localtime, strftime +#set global $DATE = strftime("%a %b %d %H:%M:%S %Z %Y", localtime()) diff --git a/encap/tools/makeself/Makefile b/encap/tools/makeself/Makefile new file mode 100644 index 000000000..fc62cecc2 --- /dev/null +++ b/encap/tools/makeself/Makefile @@ -0,0 +1,60 @@ +# $Id$ + +.PHONY : all install clean uninstall encaps rename +.SUFFIXES : +.SUFFIXES : .ep .installed .packaged + +BASEDIR = /usr/local +ENCAPDIR = ${BASEDIR}/encap +export ENCAPDIR +EPKG = ${BASEDIR}/bin/epkg +export EPKG +MKENCAP = ${BASEDIR}/bin/mkencap +export MKENCAP + +MAKESELF = makeself-2.1.4 + +.ep.installed : # Clean, compile and install an encap package + @printf "***** START .ep.installed for |$*| ***** \n" + ( ${EPKG} -q -r ${ENCAPDIR}/$* || true ) + ( rm -rf ${ENCAPDIR}/$* || true ) + ( ${MKENCAP} -m /usr/local/bin/m4 -b -DUP $*.ep || true ) > $*.log 2>&1 + ( ${MKENCAP} -m /usr/local/bin/m4 -b -T $*.ep || true ) >> $*.log 2>&1 + ( ${MKENCAP} -m /usr/local/bin/m4 -b -CBI $*.ep ) >> $*.log 2>&1 + ${EPKG} -q -i ${ENCAPDIR}/$* + test -h ${BASEDIR}/var/encap/$* + touch $*.installed + @printf "***** STOP .ep.installed for |$*| ***** \n" + +.installed.packaged : # Create .tar.gz encap packages for distribution + @printf "***** START .installed.packaged for |$*| ***** \n" + ( rm ${ENCAPDIR}/$*-*.tar.gz || true ) + ( cd ${ENCAPDIR} && ${MKENCAP} -e $* || true ) + cd ${ENCAPDIR} && ${MKENCAP} -c $* + mv ${ENCAPDIR}/$*-encap-*.tar.gz . + touch $*.packaged + @printf "***** STOP .installed.packaged for |$*| ***** \n" + +all : + ( $(MAKE) install > make.log 2>&1 && $(MAKE) encaps >> make.log 2>&1 ) & + +install : ${EPKG} ${MKENCAP} ${MAKESELF}.installed + +encaps : ${EPKG} ${MKENCAP} ${MAKESELF}.packaged + +rename : encaps + test "$${OS}x" != "x" + for EARCHIVE in `ls *-encap-*.tar.gz`; do \ + mv $${EARCHIVE} `printf $${EARCHIVE} | awk -F- '{$$NF = "OSDIST.tar.gz" ; print}' | sed s:\ :-:g | sed s:OSDIST:\$${OS}:g` ; \ + done + +clean : + ( rm *.log || true ) + ( rm *.packaged || true ) + ( rm *.gz || true ) + ( rm *~ || true ) + +uninstall : clean + ( rm *.installed || true ) + ( ${EPKG} -q -r ${ENCAPDIR}/makeself* || true ) + ( rm -rf ${ENCAPDIR}/makeself* || true ) diff --git a/encap/tools/makeself/makeself-2.1.4.ep b/encap/tools/makeself/makeself-2.1.4.ep new file mode 100644 index 000000000..8e8c5f2b5 --- /dev/null +++ b/encap/tools/makeself/makeself-2.1.4.ep @@ -0,0 +1,63 @@ +<?xml version="1.0"?> + +<!-- $Id$ --> + +<encap_profile + profile_ver="1.0" + pkgspec="makeself-2.1.4" +> + +<source +url="http://www.pobox.com/users/dclark/mirror/makeself/makeself-2.1.4.run + http://www.megastep.org/makeself/makeself-2.1.4.run" +subdir="/" +> +<!-- TODO check above megastep URL, and create mirror --> + +<unpack><![CDATA[ +cd .. && \ +rm -rf ${ENCAP_PKGNAME} && \ +/bin/sh ${ENCAP_PKGNAME}.run +]]></unpack> + +<configure> +: +</configure> + +<build> +: +</build> + +<install> +test -d ${ENCAP_SOURCE} || mkdir ${ENCAP_SOURCE} +test -d ${ENCAP_SOURCE}/${ENCAP_PKGNAME} || mkdir ${ENCAP_SOURCE}/${ENCAP_PKGNAME} +test -d ${ENCAP_SOURCE}/${ENCAP_PKGNAME}/bin || mkdir ${ENCAP_SOURCE}/${ENCAP_PKGNAME}/bin +test -d ${ENCAP_SOURCE}/${ENCAP_PKGNAME}/man || mkdir ${ENCAP_SOURCE}/${ENCAP_PKGNAME}/man +test -d ${ENCAP_SOURCE}/${ENCAP_PKGNAME}/man/man1 || mkdir ${ENCAP_SOURCE}/${ENCAP_PKGNAME}/man/man1 +test -d ${ENCAP_SOURCE}/${ENCAP_PKGNAME}/share || mkdir ${ENCAP_SOURCE}/${ENCAP_PKGNAME}/share +test -d ${ENCAP_SOURCE}/${ENCAP_PKGNAME}/share/doc || mkdir ${ENCAP_SOURCE}/${ENCAP_PKGNAME}/share/doc +test -d ${ENCAP_SOURCE}/${ENCAP_PKGNAME}/share/doc/makeself || mkdir ${ENCAP_SOURCE}/${ENCAP_PKGNAME}/share/doc/makeself +if [ -d ${builddir}/${ENCAP_PKGNAME}.run ]; then rmdir ${builddir}/${ENCAP_PKGNAME}.run; fi +cp ${builddir}/* ${ENCAP_SOURCE}/${ENCAP_PKGNAME}/share/doc/makeself +mv ${ENCAP_SOURCE}/${ENCAP_PKGNAME}/share/doc/makeself/*.sh ${ENCAP_SOURCE}/${ENCAP_PKGNAME}/bin +mv ${ENCAP_SOURCE}/${ENCAP_PKGNAME}/share/doc/makeself/*.1 ${ENCAP_SOURCE}/${ENCAP_PKGNAME}/man/man1 +</install> + +<clean> +: +</clean> + +</source> + +<prepackage type="set"> +# Make "this encap is installed" sentinal file available in /usr/local/var/encap +test -d var || mkdir var +test -d var/encap || mkdir var/encap +touch var/encap/${ENCAP_PKGNAME} +</prepackage> + +<encapinfo> +description makeself - Make self-extractable archives on Unix +</encapinfo> + +</encap_profile> diff --git a/encap/tools/ostiary/ostiary-3.4.ep b/encap/tools/ostiary/ostiary-3.4.ep index afb80d17d..be0c4fbdb 100644 --- a/encap/tools/ostiary/ostiary-3.4.ep +++ b/encap/tools/ostiary/ostiary-3.4.ep @@ -7,6 +7,7 @@ pkgspec="ostiary-3.4" > +<prereq package="patch-2.5.9" /> <prereq package="m4-1.4.4" /> <environment @@ -40,6 +41,32 @@ url="http://www.pobox.com/users/dclark/mirror/ostiary/ostiary-3.4.tar.gz use_objdir="no" > +<patch options="-p1"><![CDATA[ +# +# Allow up to 32 Actions (up from 8)... +# +--- ostiary-3.4/ost.h 2006-08-16 23:31:59.000000000 -0400 ++++ ostiary-3.4.new/ost.h 2006-08-16 23:33:23.000000000 -0400 +@@ -22,7 +22,7 @@ + /* Note: strictly IPv4 for now... */ + #define MAX_SIZEOF_IP 16 + +-#define MAX_NUM_SECRETS 8 ++#define MAX_NUM_SECRETS 32 + #define MAX_NUM_CACHED_IPS 128 + + #define MAX_SECRET_SIZE 64 +@@ -53,7 +53,7 @@ + /* Note: strictly IPv4 for now... */ + #define MAX_SIZEOF_IP 16 + +-#define MAX_NUM_SECRETS 8 ++#define MAX_NUM_SECRETS 32 + #define MAX_NUM_CACHED_IPS 128 + + /* You can make MAX_SECRET_SIZE bigger, but don't forget to update +]]></patch> + </source> <prepackage> |