diff --git a/Makefile b/Makefile index c64352eaa..fe24535fc 100644 --- a/Makefile +++ b/Makefile @@ -1 +1,25 @@ include dev-resources/Makefile.i18n + +.PHONY: version dist jar clean + +WORKDIR := target +VERSION := $(shell awk --field-separator '"' '/def ps-version/ { print $$2 }' project.clj) +JAR := $(shell awk --field-separator '"' '/:uberjar-name/ { print $$2 }' project.clj) + +version: + @echo $(VERSION) + +clean: + rm -rf $(WORKDIR) + +jar: $(WORKDIR)/$(JAR) + +dist: $(WORKDIR)/puppetserver-$(VERSION).tar.gz + +%.tar.gz: $(WORKDIR)/$(JAR) $(wildcard to-ship/*) + mkdir -p $(WORKDIR)/$* + cp -r $^ $(WORKDIR)/$*/ + tar cf $@ -C $(WORKDIR) $* + +$(WORKDIR)/$(JAR): + lein uberjar diff --git a/to-ship/Gemfile b/to-ship/Gemfile new file mode 100644 index 000000000..a69320b39 --- /dev/null +++ b/to-ship/Gemfile @@ -0,0 +1,14 @@ +source ENV['GEM_SOURCE'] || 'https://artifactory.delivery.puppetlabs.net/artifactory/api/gems/rubygems/' + +def location_for(place, fake_version = nil) + if place =~ /^(git[:@][^#]*)#(.*)/ + [fake_version, { :git => $1, :branch => $2, :require => false }].compact + elsif place =~ /^file:\/\/(.*)/ + ['>= 0', { :path => File.expand_path($1), :require => false }] + else + [place, { :require => false }] + end +end + +gem 'packaging', *location_for(ENV['PACKAGING_LOCATION'] || '~> 0.99') +gem 'fpm' diff --git a/to-ship/Makefile b/to-ship/Makefile new file mode 100644 index 000000000..e5059e484 --- /dev/null +++ b/to-ship/Makefile @@ -0,0 +1,63 @@ +prefix = /usr/local +datadir = $(prefix)/share +confdir = /etc +rubylibdir = $(shell ruby -rrbconfig -e "puts RbConfig::CONFIG['sitelibdir']") +rundir = /var/run +bindir = /usr/bin + +install-puppetserver: + install -d -m 0755 "$(DESTDIR)$(datadir)/puppetserver" + install -m 0644 puppet-server-release.jar "$(DESTDIR)$(datadir)/puppetserver" + install -m 0774 ext/ezbake-functions.sh "$(DESTDIR)$(datadir)/puppetserver" + install -m 0644 ext/ezbake.manifest "$(DESTDIR)$(datadir)/puppetserver" + install -d -m 0755 "$(DESTDIR)$(confdir)/puppetlabs/puppetserver/conf.d" + install -m 0644 ext/config/conf.d/puppetserver.conf "$(DESTDIR)$(confdir)/puppetlabs/puppetserver/conf.d/puppetserver.conf" + install -m 0644 ext/config/request-logging.xml "$(DESTDIR)$(confdir)/puppetlabs/puppetserver/request-logging.xml" + install -m 0644 ext/config/logback.xml "$(DESTDIR)$(confdir)/puppetlabs/puppetserver/logback.xml" + install -m 0644 ext/config/conf.d/global.conf "$(DESTDIR)$(confdir)/puppetlabs/puppetserver/conf.d/global.conf" + install -m 0644 ext/config/conf.d/web-routes.conf "$(DESTDIR)$(confdir)/puppetlabs/puppetserver/conf.d/web-routes.conf" + install -m 0644 ext/config/conf.d/auth.conf "$(DESTDIR)$(confdir)/puppetlabs/puppetserver/conf.d/auth.conf" + install -m 0644 ext/config/conf.d/metrics.conf "$(DESTDIR)$(confdir)/puppetlabs/puppetserver/conf.d/metrics.conf" + install -m 0644 ext/config/conf.d/ca.conf "$(DESTDIR)$(confdir)/puppetlabs/puppetserver/conf.d/ca.conf" + install -m 0644 ext/config/conf.d/webserver.conf "$(DESTDIR)$(confdir)/puppetlabs/puppetserver/conf.d/webserver.conf" + install -m 0644 ext/config/services.d/ca.cfg "$(DESTDIR)$(confdir)/puppetlabs/puppetserver/services.d/ca.cfg" + install -d -m 0755 "$(DESTDIR)$(datadir)/puppetserver/cli" + install -d -m 0755 "$(DESTDIR)$(datadir)/puppetserver/cli/apps" + install -d -m 0755 "$(DESTDIR)$(bindir)" + install -m 0755 "ext/bin/puppetserver" "$(DESTDIR)$(bindir)/puppetserver" + install -m 0755 ext/cli/foreground "$(DESTDIR)$(datadir)/puppetserver/cli/apps/foreground" + install -m 0755 ext/cli/irb "$(DESTDIR)$(datadir)/puppetserver/cli/apps/irb" + install -m 0755 ext/cli/ca "$(DESTDIR)$(datadir)/puppetserver/cli/apps/ca" + install -m 0755 ext/cli/gem "$(DESTDIR)$(datadir)/puppetserver/cli/apps/gem" + install -m 0755 ext/cli/stop "$(DESTDIR)$(datadir)/puppetserver/cli/apps/stop" + install -m 0755 ext/cli/start "$(DESTDIR)$(datadir)/puppetserver/cli/apps/start" + install -m 0755 ext/cli/ruby "$(DESTDIR)$(datadir)/puppetserver/cli/apps/ruby" + install -m 0755 ext/cli/reload "$(DESTDIR)$(datadir)/puppetserver/cli/apps/reload" + install -m 0755 ext/cli/prune "$(DESTDIR)$(datadir)/puppetserver/cli/apps/prune" + install -d -m 0755 "$(DESTDIR)$(rundir)" + + +install-rpm-sysv-init: install-rpm-preinst + install -d -m 0755 "$(DESTDIR)$(initdir)" + install -m 0755 ext/redhat/init "$(DESTDIR)$(initdir)/puppetserver" + install -d -m 0755 "$(DESTDIR)$(defaultsdir)" + install -m 0644 ext/default "$(DESTDIR)$(defaultsdir)/puppetserver" + install -d -m 0755 "$(DESTDIR)$(rundir)" + +install-rpm-systemd: install-rpm-preinst + install -d -m 0755 "$(DESTDIR)$(defaultsdir)" + install -m 0644 ext/default "$(DESTDIR)$(defaultsdir)/puppetserver" + install -d -m 0755 "$(DESTDIR)$(unitdir)" + install -m 0755 ext/puppetserver.service "$(DESTDIR)$(unitdir)/puppetserver.service" + +install-rpm-preinst: + +install-deb-sysv-init: install-deb-preinst + install -d -m 0755 "$(DESTDIR)$(initdir)" + install -m 0755 ext/debian/puppetserver.init "$(DESTDIR)$(initdir)/puppetserver" + install -d -m 0755 "$(DESTDIR)$(defaultsdir)" + install -m 0644 ext/default "$(DESTDIR)$(defaultsdir)/puppetserver" + install -d -m 0755 "$(DESTDIR)$(rundir)" + +install-deb-preinst: + diff --git a/to-ship/Rakefile b/to-ship/Rakefile new file mode 100644 index 000000000..a26ad3721 --- /dev/null +++ b/to-ship/Rakefile @@ -0,0 +1,75 @@ +require 'rake' +require './ezbake.rb' + +puts "EZBAKE PROJECT NAME: #{EZBake::Config[:project]}" + + +RAKE_ROOT = File.dirname(__FILE__) + +# TODO: not sure what to do here. I have it this way so that you +# can toggle it on and off during dev, but in practice, we probably +# just want it on all the time? Otherwise we'd just be detecting +# to see if there were any snapshots involved, and if so, we'd +# dynamically turn it on; so it's not providing any safety... +LEIN_SNAPSHOTS_IN_RELEASE = true +if LEIN_SNAPSHOTS_IN_RELEASE + ENV['LEIN_SNAPSHOTS_IN_RELEASE'] = 'y' +end + +# Load tasks and variables for packaging automation +require 'packaging' +Pkg::Util::RakeUtils.load_packaging_tasks + +namespace :package do + task :bootstrap do + puts 'Bootstrap is no longer needed, using packaging-as-a-gem' + end + task :implode do + puts 'Implode is no longer needed, using packaging-as-a-gem' + end +end + +# We want to use ezbake's package:tar and its dependencies, because it +# contains all the special java snowflake magicks, so we have to clear the +# packaging repo's. We also want to use ezbake's clean task, since it has so +# much more clean than the packaging repo knows about +['clean'].each do |task| + Rake::Task[task].clear if Rake::Task.task_defined?(task) +end + +# All variables have been set, so we can load the ezbake tasks +Dir[ File.join(RAKE_ROOT, 'tasks','*.rake') ].sort.each { |t| load t } + +task :'default.erb' => [ :package ] + +task :allclean => [ :clobber ] + +desc "Remove build artifacts (other than clojure (lein) builds)" +task :clean do + rm_rf FileList["ext/files", "pkg", "*.tar.gz"] +end + +desc "Get rid of build artifacts including clojure (lein) builds" +task :clobber => [ :clean ] do + rm_rf FileList["target/EZBake::Config[:project]*jar"] +end + +if defined?(Pkg) and defined?(Pkg::Config) + @version = Pkg::Config.version +else + begin + %x{which git >/dev/null 2>&1} + if $?.success? + @version = %x{git describe --always --dirty} + if $?.success? + @version.chomp! + end + end + rescue + @version = "0.0-dev-build" + end +end + +task :version do + puts @version +end diff --git a/to-ship/controller.sh b/to-ship/controller.sh new file mode 100644 index 000000000..1b367cb61 --- /dev/null +++ b/to-ship/controller.sh @@ -0,0 +1,149 @@ +#!/bin/bash + +set -ex + +################ +# Usage: controller.sh +# The controller script does all of the jar compilation +# and setup needed to build packages for +# The os string should be one of el, redhatfips, sles, debian, ubuntu, +# or fedora +# The version should be the numerical OS version for el, +# redhatfips, sles, and fedora and the codename for debian/ubuntu. +# The resulting artifacts will be stored in +################ +build_os=$1 +build_ver=$2 +basepath=$3 + +if [ ! -d "$basepath" ]; then + mkdir -p $basepath +fi +if [ ! -d "$basepath/base" ]; then + DESTDIR="$basepath/base" bash install.sh install_redhat +fi +if [ ! -d "$basepath/systemd_el" ]; then + cp -r "$basepath/base" "$basepath/systemd_el" + DESTDIR="$basepath/systemd_el" bash install.sh systemd_redhat +fi +if [ ! -d "$basepath/old_el" ]; then + cp -r "$basepath/base" "$basepath/old_el" + DESTDIR="$basepath/old_el" bash install.sh sysv_init_redhat +fi +if [ ! -d "$basepath/old_sles" ]; then + cp -r "$basepath/base" "$basepath/old_sles" + DESTDIR="$basepath/old_sles" bash install.sh sysv_init_suse +fi + + +# things are only different if we have docs, deb docs get +# installed in an unversioned folder but rpm docs get installed +# in a versioned folder. +if [ -d ext/docs ]; then + if [ ! -d "$basepath/base_deb" ]; then + DESTDIR="$basepath/base_deb" bash install.sh install_deb + if [ ! -d "$basepath/systemd_deb" ]; then + cp -r "$basepath/base_deb" "$basepath/systemd_deb" + DESTDIR="$basepath/systemd_deb" bash install.sh systemd_deb + fi + if [ ! -d "$basepath/systemd_notasksmax_deb" ]; then + cp -r "$basepath/base_deb" "$basepath/systemd_notasksmax_deb" + DESTDIR="$basepath/systemd_notasksmax_deb" USE_TASKSMAX=false bash install.sh systemd_deb + fi + if [ ! -d "$basepath/sysvinit_deb" ]; then + cp -r "$basepath/base_deb" "$basepath/sysvinit_deb" + DESTDIR="$basepath/sysvinit_deb" bash install.sh sysv_init_deb + fi + fi +else + if [ ! -d "$basepath/systemd_deb" ]; then + cp -r "$basepath/base" "$basepath/systemd_deb" + DESTDIR="$basepath/systemd_deb" bash install.sh systemd_deb + fi + if [ ! -d "$basepath/systemd_notasksmax_deb" ]; then + cp -r "$basepath/base" "$basepath/systemd_notasksmax_deb" + DESTDIR="$basepath/systemd_notasksmax_deb" USE_TASKSMAX=false bash install.sh systemd_deb + fi + if [ ! -d "$basepath/sysvinit_deb" ]; then + cp -r "$basepath/base" "$basepath/sysvinit_deb" + DESTDIR="$basepath/sysvinit_deb" bash install.sh sysv_init_deb + fi +fi + +os=$build_os +if [ "$os" = "debian" ]; then + os_dist=$build_ver +else + os_version=$build_ver +fi + +case $os in + # there's no differences in packaging for deb vs ubuntu + # if that changes we'll need to fix this + debian|ubuntu) + if [ "$os_dist" = 'trusty' ]; then + dir="$basepath/sysvinit_deb" + elif [ "$os_dist" = 'jessie' ]; then + # the version of systemd that ships with jessie doesn't + # support TasksMax + dir="$basepath/systemd_notasksmax_deb" + else + dir="$basepath/systemd_deb" + fi + ;; + el|redhatfips) + if [ "$os_version" -gt '6' ]; then + dir="$basepath/systemd_el" + else + dir="$basepath/old_el" + fi + ;; + amazon) + dir="$basepath/systemd_el" + ;; + sles) + if [ "$os_version" -gt '11' ]; then + dir="$basepath/systemd_el" + else + dir="$basepath/old_sles" + fi + ;; + *) + echo "I have no idea what I'm doing with $os, teach me?" >&2 + exit 1 + ;; +esac + +# bash will eat your spaces, so let's array. see http://mywiki.wooledge.org/BashFAQ/050 for more fun. +params=("--user" "puppet" "--group" "puppet" "--chdir" "$dir" "--realname" "puppetserver" "--operating-system" "$os" "--name" "openvox-server" "--package-version" "8.11.0" "--release" "1" "--platform-version" "8") +if [ -n "$os_version" ]; then params+=("--os-version" "$os_version"); fi +if [ -n "$os_dist" ]; then params+=("--dist" "$os_dist"); fi + +params+=('--description' "$(printf "Vox Pupuli puppetserver\nContains: OpenVox Server (puppetlabs/puppetserver 8.11.0,org.clojure/clojure 1.11.2,org.bouncycastle/bcpkix-jdk18on 1.78.1,puppetlabs/jruby-utils 5.2.0,puppetlabs/puppetserver 8.11.0,com.puppetlabs/trapperkeeper-webserver-jetty10 1.0.18,puppetlabs/trapperkeeper-metrics 2.0.4)")") + + + +params+=('--replaces' "'puppetserver',''") + + +params+=('--create-dir' '/opt/puppetlabs/server/data/puppetserver/jars') +params+=('--create-dir' '/opt/puppetlabs/server/data/puppetserver/yaml') + + + +if [[ "$os" = 'el' || "$os" = 'sles' || "$os" = 'fedora' || "$os" = 'redhatfips' || "$os" = 'amazon' ]]; then + # pull in rpm dependencies + params+=("--additional-dependency") + params+=("openvox-agent >= 8.21.1") + # get rpm install trigger scripts + # get rpm upgrade trigger scripts + : # Need something in case there are no additional dependencies +else + # if we aren't an rpm, pull in deb dependencies + params+=("--additional-dependency") + params+=("openvox-agent (>= 8.21.1)") + : # Need something in case there are no additional dependencies +fi + + +ruby $PWD/ext/fpm.rb "${params[@]}" diff --git a/to-ship/ext/bin/puppetserver b/to-ship/ext/bin/puppetserver new file mode 100644 index 000000000..651fa7978 --- /dev/null +++ b/to-ship/ext/bin/puppetserver @@ -0,0 +1,97 @@ +#!/bin/bash + +#set default privileges to -rw-r----- +umask 027 + +set -a +if [ -r "/etc/default/puppetserver" ] ; then + . /etc/default/puppetserver +elif [ -r "/etc/sysconfig/puppetserver" ] ; then + . /etc/sysconfig/puppetserver +elif [ `uname` == "OpenBSD" ] ; then + JAVA_BIN=$(javaPathHelper -c puppetserver) + JAVA_ARGS="-Xms2g -Xmx2g -Djruby.logger.class=com.puppetlabs.jruby_utils.jruby.Slf4jLogger" + TK_ARGS="" + USER="_puppet" + INSTALL_DIR="/opt/puppetlabs/server/apps/puppetserver" + CONFIG="/etc/puppetlabs/puppetserver/conf.d" +else + echo "You seem to be missing some important configuration files; could not find /etc/default/puppetserver or /etc/sysconfig/puppetserver" >&2 + exit 1 +fi +set +a + +CLI_DIR="${INSTALL_DIR}/cli" +CLI_APP_DIR="${CLI_DIR}/apps" +APPS=`ls ${CLI_APP_DIR} 2>/dev/null` + +############# +# FUNCTIONS # +############# + +# Display usage then exit +function usage { + + if [ "$APPS" == "" ]; then + echo "ERROR: No sub-commands found in ${CLI_APP_DIR}" + exit 1 + fi + + cat < [] + +The most commonly used puppetserver commands are: +EOD + + # Iterate and display commands in the CLI_APP_DIR + for f in $APPS; do + echo " $f" + done + + cat << EOD + +See '$(basename $0) -h' for more information on a specific command. +EOD + exit 0 +} + +function show_version { + cat < jruby.conf + +install_gems "${DIR}/jruby-gem-list.txt" + +echo "Installing JRuby Standard Library gems" +cat "${DIR}/jruby-stdlib-gem-list.txt" + +echo "jruby-puppet: { gem-home: ${DESTDIR}/opt/puppetlabs/server/data/puppetserver/vendored-jruby-gems }" > jruby.conf + +install_gems "${DIR}/jruby-stdlib-gem-list.txt" + +# We need to ignore dependencies to prevent puppetserver-ca from being installed +# with facter2 (from gem dependency resolution) and facter3 (from puppet-agent packages) +# If puppetserver ever loses its dependency on puppet-agent or if puppet-agent ever loses +# facter, this will probably explode. +# +# Unfortunately, even with well-crafted `GEM_HOME`, installing the puppetserver-ca gem +# with `--minimal-deps` or `--conservative` does in fact update dependencies even if they're +# satisfied by already-installed gems. So, `--ignore-dependencies` is our best option here. +# Sorry. +# - Morgan, 04-29-2019 +echo "Installing MRI vendor gems (with '--ignore-dependencies')" +cat "${DIR}/mri-gem-list-no-dependencies.txt" + +echo "jruby-puppet: { gem-home: ${DESTDIR}/opt/puppetlabs/puppet/lib/ruby/vendor_gems }" > jruby.conf + +install_gems "${DIR}/mri-gem-list-no-dependencies.txt" "--ignore-dependencies" diff --git a/to-ship/ext/build-scripts/jruby-gem-list.txt b/to-ship/ext/build-scripts/jruby-gem-list.txt new file mode 100644 index 000000000..64a02e722 --- /dev/null +++ b/to-ship/ext/build-scripts/jruby-gem-list.txt @@ -0,0 +1,8 @@ +semantic_puppet 1.1.0 +hocon 1.4.0 +text 1.3.1 +locale 2.1.4 +gettext 3.4.9 +fast_gettext 2.4.0 +concurrent-ruby 1.2.3 +deep_merge 1.2.2 diff --git a/to-ship/ext/build-scripts/jruby-stdlib-gem-list.txt b/to-ship/ext/build-scripts/jruby-stdlib-gem-list.txt new file mode 100644 index 000000000..3252c5d62 --- /dev/null +++ b/to-ship/ext/build-scripts/jruby-stdlib-gem-list.txt @@ -0,0 +1,12 @@ +matrix 0.4.2 +minitest 5.15.0 +net-ftp 0.1.3 +net-imap 0.2.5 +net-pop 0.1.1 +net-smtp 0.3.1 +power_assert 2.0.1 +prime 0.1.2 +rake 13.0.6 +rexml 3.4.1 +rss 0.2.9 +test-unit 3.5.3 diff --git a/to-ship/ext/build-scripts/mri-gem-list-no-dependencies.txt b/to-ship/ext/build-scripts/mri-gem-list-no-dependencies.txt new file mode 100644 index 000000000..cae28e444 --- /dev/null +++ b/to-ship/ext/build-scripts/mri-gem-list-no-dependencies.txt @@ -0,0 +1 @@ +openvoxserver-ca 3.0.0 diff --git a/to-ship/ext/build_defaults.yaml b/to-ship/ext/build_defaults.yaml new file mode 100644 index 000000000..74285b861 --- /dev/null +++ b/to-ship/ext/build_defaults.yaml @@ -0,0 +1,17 @@ +--- +default_cow: 'base-bionic-i386.cow' +cows: 'base-bionic-i386.cow base-buster-i386.cow base-focal-i386.cow base-bullseye-i386.cow base-jammy-i386.cow base-bookworm-i386.cow' +pbuild_conf: '/etc/pbuilderrc' +packager: 'puppetlabs' +gpg_key: '4528B6CD9E61EF26' +sign_tar: FALSE +# a space separated list of mock configs +final_mocks: 'pl-el-7-x86_64 pl-el-8-x86_64 pl-el-9-x86_64 pl-sles-12-x86_64 pl-sles-15-x86_64 pl-amazon-2023-x86_64' +yum_host: 'yum.puppetlabs.com' +yum_repo_path: '/opt/repository/yum/' +build_gem: FALSE +build_dmg: FALSE +build_ips: FALSE +apt_host: 'apt.puppetlabs.com' +apt_repo_url: 'http://apt.puppetlabs.com' +apt_repo_path: '/opt/repository/incoming' diff --git a/to-ship/ext/build_metadata.json b/to-ship/ext/build_metadata.json new file mode 100644 index 000000000..dde9ab157 --- /dev/null +++ b/to-ship/ext/build_metadata.json @@ -0,0 +1,1039 @@ +{ + "packaging_type" : { + "ezbake" : "2.6.3-SNAPSHOT-openvox" + }, + "version" : "a63c3ecd8fde60ef3e37a6c580a9ea5d44b6b1b3", + "build_time" : "20250824T184341.846Z", + "components" : { + "puppetlabs/http-client" : { + "version" : "2.1.3", + "dependencies" : { + "org.apache.httpcomponents/httpasyncclient" : { + "version" : "4.1.5", + "dependencies" : { + "commons-logging" : { + "version" : "1.2" + }, + "org.apache.httpcomponents/httpclient" : { + "version" : "4.5.13" + }, + "org.apache.httpcomponents/httpcore-nio" : { + "version" : "4.4.15" + }, + "org.apache.httpcomponents/httpcore" : { + "version" : "4.4.15" + } + } + } + } + }, + "liberator" : { + "version" : "0.15.2", + "dependencies" : { + "hiccup" : { + "version" : "1.0.5" + }, + "org.clojure/data.csv" : { + "version" : "0.1.3" + }, + "org.clojure/data.json" : { + "version" : "2.4.0" + } + } + }, + "org.yaml/snakeyaml" : { + "version" : "2.0" + }, + "nrepl" : { + "version" : "0.6.0" + }, + "org.apache.httpcomponents/httpcore" : { + "version" : "4.4.15" + }, + "org.bouncycastle/bcutil-jdk18on" : { + "version" : "1.78.1" + }, + "commons-lang" : { + "version" : "2.6" + }, + "prismatic/schema" : { + "version" : "1.1.12" + }, + "org.tcrawley/dynapath" : { + "version" : "1.1.0" + }, + "puppetlabs/comidi" : { + "version" : "1.0.0", + "dependencies" : { + "bidi" : { + "version" : "2.1.3" + } + } + }, + "puppetlabs/trapperkeeper-scheduler" : { + "version" : "1.1.3", + "dependencies" : { + "org.quartz-scheduler/quartz" : { + "version" : "2.3.2", + "dependencies" : { + "com.mchange/c3p0" : { + "version" : "0.9.5.4" + }, + "com.mchange/mchange-commons-java" : { + "version" : "0.2.15" + }, + "com.zaxxer/HikariCP-java7" : { + "version" : "2.4.13" + } + } + } + } + }, + "org.clojure/data.priority-map" : { + "version" : "1.1.0" + }, + "org.clojure/tools.namespace" : { + "version" : "0.2.11" + }, + "org.clojure/java.jmx" : { + "version" : "1.0.0" + }, + "ring/ring-json" : { + "version" : "0.5.1" + }, + "net.logstash.logback/logstash-logback-encoder" : { + "version" : "7.3", + "dependencies" : { + "com.fasterxml.jackson.core/jackson-databind" : { + "version" : "2.14.0", + "dependencies" : { + "com.fasterxml.jackson.core/jackson-annotations" : { + "version" : "2.14.0" + } + } + } + } + }, + "com.fasterxml.jackson.core/jackson-databind" : { + "version" : "2.14.0", + "dependencies" : { + "com.fasterxml.jackson.core/jackson-annotations" : { + "version" : "2.14.0" + } + } + }, + "slingshot" : { + "version" : "0.12.2" + }, + "puppetlabs/trapperkeeper-comidi-metrics" : { + "version" : "0.1.1" + }, + "org.clojure/core.async" : { + "version" : "1.5.648", + "dependencies" : { + "org.clojure/tools.analyzer.jvm" : { + "version" : "1.2.2", + "dependencies" : { + "org.clojure/core.memoize" : { + "version" : "1.0.257", + "dependencies" : { + "org.clojure/core.cache" : { + "version" : "1.0.225", + "dependencies" : { + "org.clojure/data.priority-map" : { + "version" : "1.1.0" + } + } + } + } + }, + "org.clojure/tools.analyzer" : { + "version" : "1.1.0" + }, + "org.clojure/tools.reader" : { + "version" : "1.3.6" + } + } + } + } + }, + "org.apache.httpcomponents/httpclient" : { + "version" : "4.5.13" + }, + "org.slf4j/slf4j-api" : { + "version" : "2.0.7" + }, + "org.clojure/tools.macro" : { + "version" : "0.1.5" + }, + "org.clojure/tools.logging" : { + "version" : "1.2.4" + }, + "puppetlabs/puppetserver" : { + "version" : "8.11.0", + "dependencies" : { + "puppetlabs/http-client" : { + "version" : "2.1.3", + "dependencies" : { + "org.apache.httpcomponents/httpasyncclient" : { + "version" : "4.1.5", + "dependencies" : { + "commons-logging" : { + "version" : "1.2" + }, + "org.apache.httpcomponents/httpclient" : { + "version" : "4.5.13" + }, + "org.apache.httpcomponents/httpcore-nio" : { + "version" : "4.4.15" + }, + "org.apache.httpcomponents/httpcore" : { + "version" : "4.4.15" + } + } + } + } + }, + "liberator" : { + "version" : "0.15.2", + "dependencies" : { + "hiccup" : { + "version" : "1.0.5" + }, + "org.clojure/data.csv" : { + "version" : "0.1.3" + }, + "org.clojure/data.json" : { + "version" : "2.4.0" + } + } + }, + "org.yaml/snakeyaml" : { + "version" : "2.0" + }, + "commons-lang" : { + "version" : "2.6" + }, + "puppetlabs/comidi" : { + "version" : "1.0.0", + "dependencies" : { + "bidi" : { + "version" : "2.1.3" + } + } + }, + "puppetlabs/trapperkeeper-scheduler" : { + "version" : "1.1.3", + "dependencies" : { + "org.quartz-scheduler/quartz" : { + "version" : "2.3.2", + "dependencies" : { + "com.mchange/c3p0" : { + "version" : "0.9.5.4" + }, + "com.mchange/mchange-commons-java" : { + "version" : "0.2.15" + }, + "com.zaxxer/HikariCP-java7" : { + "version" : "2.4.13" + } + } + } + } + }, + "net.logstash.logback/logstash-logback-encoder" : { + "version" : "7.3", + "dependencies" : { + "com.fasterxml.jackson.core/jackson-databind" : { + "version" : "2.14.0", + "dependencies" : { + "com.fasterxml.jackson.core/jackson-annotations" : { + "version" : "2.14.0" + } + } + } + } + }, + "puppetlabs/trapperkeeper-comidi-metrics" : { + "version" : "0.1.1" + }, + "puppetlabs/dujour-version-check" : { + "version" : "1.0.0" + }, + "commons-io" : { + "version" : "2.15.1" + }, + "grimradical/clj-semver" : { + "version" : "0.3.0" + }, + "org.apache.commons/commons-exec" : { + "version" : "1.4.0" + }, + "puppetlabs/trapperkeeper-filesystem-watcher" : { + "version" : "1.2.5" + }, + "puppetlabs/clj-shell-utils" : { + "version" : "2.0.1" + }, + "puppetlabs/ssl-utils" : { + "version" : "3.5.2", + "dependencies" : { + "commons-codec" : { + "version" : "1.15" + } + } + }, + "io.dropwizard.metrics/metrics-core" : { + "version" : "3.2.2" + }, + "puppetlabs/trapperkeeper-status" : { + "version" : "1.2.0", + "dependencies" : { + "trptcolin/versioneer" : { + "version" : "0.2.0" + } + } + }, + "clj-time" : { + "version" : "0.11.0", + "dependencies" : { + "joda-time" : { + "version" : "2.12.5" + } + } + }, + "puppetlabs/rbac-client" : { + "version" : "1.1.5", + "dependencies" : { + "ring/ring-json" : { + "version" : "0.5.1" + } + } + }, + "puppetlabs/trapperkeeper-authorization" : { + "version" : "2.0.1" + } + } + }, + "clj-commons/fs" : { + "version" : "1.6.307", + "dependencies" : { + "org.apache.commons/commons-compress" : { + "version" : "1.26.0", + "dependencies" : { + "org.apache.commons/commons-lang3" : { + "version" : "3.14.0" + } + } + }, + "org.tukaani/xz" : { + "version" : "1.8" + } + } + }, + "puppetlabs/trapperkeeper" : { + "version" : "4.0.2" + }, + "ring/ring-servlet" : { + "version" : "1.8.2" + }, + "org.bouncycastle/bcpkix-jdk18on" : { + "version" : "1.78.1", + "dependencies" : { + "org.bouncycastle/bcprov-jdk18on" : { + "version" : "1.78.1" + }, + "org.bouncycastle/bcutil-jdk18on" : { + "version" : "1.78.1" + } + } + }, + "puppetlabs/dujour-version-check" : { + "version" : "1.0.0" + }, + "org.codehaus.janino/janino" : { + "version" : "3.0.8", + "dependencies" : { + "org.codehaus.janino/commons-compiler" : { + "version" : "3.0.8" + } + } + }, + "org.clojure/tools.reader" : { + "version" : "1.3.6" + }, + "ring/ring-core" : { + "version" : "1.8.2", + "dependencies" : { + "commons-fileupload" : { + "version" : "1.4" + }, + "crypto-equality" : { + "version" : "1.0.0" + }, + "crypto-random" : { + "version" : "1.2.0" + } + } + }, + "commons-io" : { + "version" : "2.15.1" + }, + "puppetlabs/ring-middleware" : { + "version" : "2.0.4" + }, + "commons-logging" : { + "version" : "1.2" + }, + "org.apache.commons/commons-exec" : { + "version" : "1.4.0" + }, + "puppetlabs/trapperkeeper-filesystem-watcher" : { + "version" : "1.2.5" + }, + "puppetlabs/jruby-utils" : { + "version" : "5.2.0", + "dependencies" : { + "prismatic/schema" : { + "version" : "1.1.12" + }, + "org.clojure/java.jmx" : { + "version" : "1.0.0" + }, + "slingshot" : { + "version" : "0.12.2" + }, + "org.clojure/tools.logging" : { + "version" : "1.2.4" + }, + "clj-commons/fs" : { + "version" : "1.6.307", + "dependencies" : { + "org.apache.commons/commons-compress" : { + "version" : "1.26.0", + "dependencies" : { + "org.apache.commons/commons-lang3" : { + "version" : "3.14.0" + } + } + }, + "org.tukaani/xz" : { + "version" : "1.8" + } + } + }, + "puppetlabs/trapperkeeper" : { + "version" : "4.0.2", + "dependencies" : { + "nrepl" : { + "version" : "0.6.0" + }, + "org.clojure/core.async" : { + "version" : "1.5.648", + "dependencies" : { + "org.clojure/tools.analyzer.jvm" : { + "version" : "1.2.2", + "dependencies" : { + "org.clojure/core.memoize" : { + "version" : "1.0.257", + "dependencies" : { + "org.clojure/core.cache" : { + "version" : "1.0.225", + "dependencies" : { + "org.clojure/data.priority-map" : { + "version" : "1.1.0" + } + } + } + } + }, + "org.clojure/tools.analyzer" : { + "version" : "1.1.0" + }, + "org.clojure/tools.reader" : { + "version" : "1.3.6" + } + } + } + } + }, + "org.slf4j/slf4j-api" : { + "version" : "2.0.7" + }, + "org.clojure/tools.macro" : { + "version" : "0.1.5" + }, + "io.github.clj-kondo/config-slingshot-slingshot" : { + "version" : "1.0.0" + }, + "puppetlabs/typesafe-config" : { + "version" : "0.2.0", + "dependencies" : { + "com.typesafe/config" : { + "version" : "1.4.1" + } + } + }, + "prismatic/plumbing" : { + "version" : "0.4.2", + "dependencies" : { + "de.kotka/lazymap" : { + "version" : "3.1.0" + } + } + }, + "beckon" : { + "version" : "0.1.1" + }, + "org.slf4j/log4j-over-slf4j" : { + "version" : "2.0.7" + } + } + }, + "puppetlabs/ring-middleware" : { + "version" : "2.0.4" + }, + "puppetlabs/kitchensink" : { + "version" : "3.4.0", + "dependencies" : { + "digest" : { + "version" : "1.4.3" + }, + "org.clojure/tools.cli" : { + "version" : "1.0.206" + }, + "org.ini4j/ini4j" : { + "version" : "0.5.4" + }, + "org.tcrawley/dynapath" : { + "version" : "1.1.0" + } + } + }, + "puppetlabs/i18n" : { + "version" : "0.9.2", + "dependencies" : { + "cpath-clj" : { + "version" : "0.1.2", + "dependencies" : { + "org.clojure/java.classpath" : { + "version" : "1.0.0" + } + } + }, + "org.gnu.gettext/libintl" : { + "version" : "0.18.3" + } + } + }, + "puppetlabs/jruby-deps" : { + "version" : "9.4.8.0-1", + "dependencies" : { + "org.jruby/jruby-base" : { + "version" : "9.4.8.0", + "dependencies" : { + "org.jruby/jzlib" : { + "version" : "1.1.5" + }, + "org.jruby/dirgra" : { + "version" : "0.3" + }, + "com.headius/backport9" : { + "version" : "1.13" + }, + "com.github.jnr/jffi" : { + "version" : "1.3.13" + }, + "org.jruby.joni/joni" : { + "version" : "2.2.1" + }, + "org.ow2.asm/asm-commons" : { + "version" : "9.2", + "dependencies" : { + "org.ow2.asm/asm-analysis" : { + "version" : "9.2" + }, + "org.ow2.asm/asm-tree" : { + "version" : "9.2" + } + } + }, + "org.ow2.asm/asm" : { + "version" : "9.2" + }, + "com.github.jnr/jnr-netdb" : { + "version" : "1.2.0" + }, + "me.qmx.jitescript/jitescript" : { + "version" : "0.4.1" + }, + "org.ow2.asm/asm-util" : { + "version" : "9.2" + }, + "com.headius/options" : { + "version" : "1.6" + }, + "com.github.jnr/jnr-constants" : { + "version" : "0.10.4" + }, + "com.github.jnr/jnr-enxio" : { + "version" : "0.32.17" + }, + "com.headius/invokebinder" : { + "version" : "1.13" + }, + "com.github.jnr/jnr-ffi" : { + "version" : "2.2.16", + "dependencies" : { + "com.github.jnr/jnr-a64asm" : { + "version" : "1.0.0" + }, + "com.github.jnr/jnr-x86asm" : { + "version" : "1.0.2" + } + } + }, + "com.github.jnr/jnr-unixsocket" : { + "version" : "0.38.22" + }, + "org.jruby.jcodings/jcodings" : { + "version" : "1.0.58" + }, + "com.github.jnr/jnr-posix" : { + "version" : "3.1.19" + } + } + }, + "org.jruby/jruby-stdlib" : { + "version" : "9.4.8.0" + }, + "org.snakeyaml/snakeyaml-engine" : { + "version" : "2.7" + } + } + } + } + }, + "org.clojure/core.cache" : { + "version" : "1.0.225", + "dependencies" : { + "org.clojure/data.priority-map" : { + "version" : "1.1.0" + } + } + }, + "org.apache.httpcomponents/httpasyncclient" : { + "version" : "4.1.5", + "dependencies" : { + "commons-logging" : { + "version" : "1.2" + }, + "org.apache.httpcomponents/httpclient" : { + "version" : "4.5.13" + }, + "org.apache.httpcomponents/httpcore-nio" : { + "version" : "4.4.15" + }, + "org.apache.httpcomponents/httpcore" : { + "version" : "4.4.15" + } + } + }, + "io.dropwizard.metrics/metrics-graphite" : { + "version" : "3.2.2" + }, + "cheshire" : { + "version" : "5.10.2", + "dependencies" : { + "com.fasterxml.jackson.core/jackson-core" : { + "version" : "2.14.0" + }, + "com.fasterxml.jackson.dataformat/jackson-dataformat-cbor" : { + "version" : "2.12.4" + }, + "com.fasterxml.jackson.dataformat/jackson-dataformat-smile" : { + "version" : "2.12.4" + }, + "tigris" : { + "version" : "0.1.2" + } + } + }, + "org.clojure/tools.cli" : { + "version" : "1.0.206" + }, + "puppetlabs/clj-shell-utils" : { + "version" : "2.0.1" + }, + "puppetlabs/typesafe-config" : { + "version" : "0.2.0", + "dependencies" : { + "com.typesafe/config" : { + "version" : "1.4.1" + } + } + }, + "org.slf4j/jul-to-slf4j" : { + "version" : "2.0.7" + }, + "org.bouncycastle/bcprov-jdk18on" : { + "version" : "1.78.1" + }, + "ring/ring-codec" : { + "version" : "1.1.2" + }, + "ch.qos.logback/logback-access" : { + "version" : "1.3.14" + }, + "com.puppetlabs/trapperkeeper-webserver-jetty10" : { + "version" : "1.0.18", + "dependencies" : { + "javax.servlet/javax.servlet-api" : { + "version" : "4.0.1" + }, + "org.clojure/tools.namespace" : { + "version" : "0.2.11" + }, + "org.eclipse.jetty/jetty-servlets" : { + "version" : "10.0.20", + "dependencies" : { + "org.eclipse.jetty/jetty-util" : { + "version" : "10.0.20" + } + } + }, + "puppetlabs/trapperkeeper" : { + "version" : "4.0.2" + }, + "ring/ring-servlet" : { + "version" : "1.8.2" + }, + "org.codehaus.janino/janino" : { + "version" : "3.0.8", + "dependencies" : { + "org.codehaus.janino/commons-compiler" : { + "version" : "3.0.8" + } + } + }, + "ring/ring-core" : { + "version" : "1.8.2", + "dependencies" : { + "commons-fileupload" : { + "version" : "1.4" + }, + "crypto-equality" : { + "version" : "1.0.0" + }, + "crypto-random" : { + "version" : "1.2.0" + } + } + }, + "org.eclipse.jetty/jetty-servlet" : { + "version" : "10.0.20", + "dependencies" : { + "org.eclipse.jetty/jetty-security" : { + "version" : "10.0.20" + } + } + }, + "org.flatland/ordered" : { + "version" : "1.5.9" + }, + "org.slf4j/jul-to-slf4j" : { + "version" : "2.0.7" + }, + "org.eclipse.jetty.websocket/websocket-jetty-server" : { + "version" : "10.0.20", + "dependencies" : { + "org.eclipse.jetty.websocket/websocket-jetty-common" : { + "version" : "10.0.20", + "dependencies" : { + "org.eclipse.jetty.websocket/websocket-core-common" : { + "version" : "10.0.20" + } + } + }, + "org.eclipse.jetty.websocket/websocket-servlet" : { + "version" : "10.0.20", + "dependencies" : { + "org.eclipse.jetty.websocket/websocket-core-server" : { + "version" : "10.0.20" + } + } + } + } + }, + "ring/ring-codec" : { + "version" : "1.1.2" + }, + "org.eclipse.jetty.websocket/websocket-jetty-client" : { + "version" : "10.0.20", + "dependencies" : { + "org.eclipse.jetty.websocket/websocket-core-client" : { + "version" : "10.0.20" + } + } + }, + "ch.qos.logback/logback-access" : { + "version" : "1.3.14" + }, + "org.eclipse.jetty/jetty-server" : { + "version" : "10.0.20", + "dependencies" : { + "org.eclipse.jetty.toolchain/jetty-servlet-api" : { + "version" : "4.0.6" + }, + "org.eclipse.jetty/jetty-http" : { + "version" : "10.0.20" + }, + "org.eclipse.jetty/jetty-io" : { + "version" : "10.0.20" + } + } + }, + "org.eclipse.jetty/jetty-webapp" : { + "version" : "10.0.20", + "dependencies" : { + "org.eclipse.jetty/jetty-xml" : { + "version" : "10.0.20" + } + } + }, + "ch.qos.logback/logback-classic" : { + "version" : "1.3.14" + }, + "puppetlabs/kitchensink" : { + "version" : "3.4.0" + }, + "org.eclipse.jetty/jetty-jmx" : { + "version" : "10.0.20" + }, + "ch.qos.logback/logback-core" : { + "version" : "1.3.14" + }, + "compojure" : { + "version" : "1.7.1", + "dependencies" : { + "clout" : { + "version" : "2.2.1", + "dependencies" : { + "instaparse" : { + "version" : "1.4.1" + } + } + }, + "medley" : { + "version" : "1.4.0" + } + } + }, + "org.eclipse.jetty.websocket/websocket-jetty-api" : { + "version" : "10.0.20" + }, + "org.eclipse.jetty/jetty-proxy" : { + "version" : "10.0.20", + "dependencies" : { + "org.eclipse.jetty/jetty-client" : { + "version" : "10.0.20", + "dependencies" : { + "org.eclipse.jetty/jetty-alpn-client" : { + "version" : "10.0.20" + } + } + } + } + }, + "hato" : { + "version" : "0.9.0" + } + } + }, + "com.fasterxml.jackson.core/jackson-core" : { + "version" : "2.14.0" + }, + "puppetlabs/ssl-utils" : { + "version" : "3.5.2", + "dependencies" : { + "commons-codec" : { + "version" : "1.15" + } + } + }, + "commons-codec" : { + "version" : "1.15" + }, + "trptcolin/versioneer" : { + "version" : "0.2.0" + }, + "hiccup" : { + "version" : "1.0.5" + }, + "io.dropwizard.metrics/metrics-core" : { + "version" : "3.2.2" + }, + "joda-time" : { + "version" : "2.12.5" + }, + "ch.qos.logback/logback-classic" : { + "version" : "1.3.14" + }, + "prismatic/plumbing" : { + "version" : "0.4.2", + "dependencies" : { + "de.kotka/lazymap" : { + "version" : "3.1.0" + } + } + }, + "puppetlabs/kitchensink" : { + "version" : "3.4.0" + }, + "beckon" : { + "version" : "0.1.1" + }, + "puppetlabs/trapperkeeper-status" : { + "version" : "1.2.0", + "dependencies" : { + "trptcolin/versioneer" : { + "version" : "0.2.0" + } + } + }, + "org.clojure/java.classpath" : { + "version" : "1.0.0" + }, + "clj-time" : { + "version" : "0.11.0", + "dependencies" : { + "joda-time" : { + "version" : "2.12.5" + } + } + }, + "org.slf4j/log4j-over-slf4j" : { + "version" : "2.0.7" + }, + "ch.qos.logback/logback-core" : { + "version" : "1.3.14" + }, + "puppetlabs/i18n" : { + "version" : "0.9.2", + "dependencies" : { + "cpath-clj" : { + "version" : "0.1.2", + "dependencies" : { + "org.clojure/java.classpath" : { + "version" : "1.0.0" + } + } + }, + "org.gnu.gettext/libintl" : { + "version" : "0.18.3" + } + } + }, + "compojure" : { + "version" : "1.7.1", + "dependencies" : { + "clout" : { + "version" : "2.2.1", + "dependencies" : { + "instaparse" : { + "version" : "1.4.1" + } + } + }, + "medley" : { + "version" : "1.4.0" + } + } + }, + "org.clojure/core.memoize" : { + "version" : "1.0.257", + "dependencies" : { + "org.clojure/core.cache" : { + "version" : "1.0.225", + "dependencies" : { + "org.clojure/data.priority-map" : { + "version" : "1.1.0" + } + } + } + } + }, + "org.clojure/data.json" : { + "version" : "2.4.0" + }, + "puppetlabs/trapperkeeper-metrics" : { + "version" : "2.0.4", + "dependencies" : { + "cheshire" : { + "version" : "5.10.2", + "dependencies" : { + "com.fasterxml.jackson.core/jackson-core" : { + "version" : "2.14.0" + }, + "com.fasterxml.jackson.dataformat/jackson-dataformat-cbor" : { + "version" : "2.12.4" + }, + "com.fasterxml.jackson.dataformat/jackson-dataformat-smile" : { + "version" : "2.12.4" + }, + "tigris" : { + "version" : "0.1.2" + } + } + }, + "io.dropwizard.metrics/metrics-graphite" : { + "version" : "3.2.2" + }, + "org.jolokia/jolokia-core" : { + "version" : "1.7.0", + "dependencies" : { + "com.googlecode.json-simple/json-simple" : { + "version" : "1.1.1" + } + } + } + } + }, + "bidi" : { + "version" : "2.1.3" + }, + "puppetlabs/rbac-client" : { + "version" : "1.1.5", + "dependencies" : { + "ring/ring-json" : { + "version" : "0.5.1" + } + } + }, + "org.apache.commons/commons-compress" : { + "version" : "1.26.0", + "dependencies" : { + "org.apache.commons/commons-lang3" : { + "version" : "3.14.0" + } + } + }, + "org.clojure/clojure" : { + "version" : "1.11.2", + "dependencies" : { + "org.clojure/core.specs.alpha" : { + "version" : "0.2.62" + }, + "org.clojure/spec.alpha" : { + "version" : "0.3.218" + } + } + }, + "org.apache.commons/commons-lang3" : { + "version" : "3.14.0" + }, + "puppetlabs/trapperkeeper-authorization" : { + "version" : "2.0.1" + } + } +} \ No newline at end of file diff --git a/to-ship/ext/cli/ca b/to-ship/ext/cli/ca new file mode 100644 index 000000000..c1be3d9f3 --- /dev/null +++ b/to-ship/ext/cli/ca @@ -0,0 +1,5 @@ +#!/opt/puppetlabs/puppet/bin/ruby + +require 'puppetserver/ca/cli' + +exit Puppetserver::Ca::Cli.run(ARGV) diff --git a/to-ship/ext/cli/foreground b/to-ship/ext/cli/foreground new file mode 100644 index 000000000..d92c0d213 --- /dev/null +++ b/to-ship/ext/cli/foreground @@ -0,0 +1,48 @@ +#!/usr/bin/env bash + +restartfile="/opt/puppetlabs/server/data/puppetserver/restartcounter" +cli_defaults=${INSTALL_DIR}/cli/cli-defaults.sh + +if [ ! -e "${INSTALL_DIR}/ezbake-functions.sh" ]; then + echo "Unable to find ${INSTALL_DIR}/ezbake-functions.sh script, failing start." 1>&2 + exit 1 +fi + +. "${INSTALL_DIR}/ezbake-functions.sh" + +init_restart_file "$restartfile" || exit $? + +if !(echo "${@}" | grep -e "--debug" -q) +then + LOG_APPENDER="-Dlogappender=STDOUT" +fi + +CLASSPATH="${INSTALL_DIR}/puppet-server-release.jar" + +if [ -e "$cli_defaults" ]; then + . $cli_defaults + if [ $? -ne 0 ]; then + echo "Unable to initialize cli defaults, failing start." 1>&2 + exit 1 + fi +fi + +COMMAND="${JAVA_BIN} ${JAVA_ARGS} ${LOG_APPENDER} \ + -cp "$CLASSPATH" \ + clojure.main -m puppetlabs.trapperkeeper.main \ + --config ${CONFIG} --bootstrap-config ${BOOTSTRAP_CONFIG} \ + --restart-file "${restartfile}" \ + ${TK_ARGS} \ + ${@}" + +pushd "${INSTALL_DIR}" &> /dev/null +if [ "$EUID" = "0" ] && command -v runuser &> /dev/null; then + runuser "${USER}" -s /bin/bash -c "$COMMAND" +elif [ "$EUID" = "$(id -u ${USER})" ]; then + /bin/bash -c "$COMMAND" +elif command -v sudo &> /dev/null; then + sudo -H -u "${USER}" $COMMAND +else + su "${USER}" -s /bin/bash -c "$COMMAND" +fi +popd &> /dev/null diff --git a/to-ship/ext/cli/gem b/to-ship/ext/cli/gem new file mode 100644 index 000000000..3884128cb --- /dev/null +++ b/to-ship/ext/cli/gem @@ -0,0 +1,20 @@ +#!/usr/bin/env bash + +umask 0022 + +cli_defaults=${INSTALL_DIR}/cli/cli-defaults.sh + +CLASSPATH=${INSTALL_DIR}/puppet-server-release.jar + +if [ -e "$cli_defaults" ]; then + . $cli_defaults + if [ $? -ne 0 ]; then + echo "Unable to initialize cli defaults, failing irb subcommand." 1>&2 + exit 1 + fi +fi + +"${JAVA_BIN}" $JAVA_ARGS_CLI \ + -cp "$CLASSPATH" \ + clojure.main -m puppetlabs.puppetserver.cli.gem \ + --config "${CONFIG}" -- "$@" diff --git a/to-ship/ext/cli/irb b/to-ship/ext/cli/irb new file mode 100644 index 000000000..da23d7102 --- /dev/null +++ b/to-ship/ext/cli/irb @@ -0,0 +1,18 @@ +#!/usr/bin/env bash + +cli_defaults=${INSTALL_DIR}/cli/cli-defaults.sh + +CLASSPATH=${INSTALL_DIR}/puppet-server-release.jar + +if [ -e "$cli_defaults" ]; then + . $cli_defaults + if [ $? -ne 0 ]; then + echo "Unable to initialize cli defaults, failing irb subcommand." 1>&2 + exit 1 + fi +fi + +"${JAVA_BIN}" $JAVA_ARGS_CLI \ + -cp "$CLASSPATH" \ + clojure.main -m puppetlabs.puppetserver.cli.irb \ + --config "${CONFIG}" -- "$@" diff --git a/to-ship/ext/cli/prune b/to-ship/ext/cli/prune new file mode 100644 index 000000000..feb807345 --- /dev/null +++ b/to-ship/ext/cli/prune @@ -0,0 +1,30 @@ +#!/usr/bin/env bash + +usage() { + echo "Prune contents of report and bucket directories." + echo + echo "Usage: puppetserver prune []" + echo " bucketdir|reportdir work on either bucketdir or reportdir" + echo " delete data older than this amount of time (default: 14d)" +} + +prune() { + DIR="$1" + AGE=${2:-14d} + puppet apply --no-report --log_level=warning -e "tidy { \$settings::${DIR}: age=>'${AGE}', recurse=>true, rmdirs=>true }" +} + +case $1 in + -h|--help) + usage + exit 0 + ;; + bucketdir|reportdir) + prune "$1" "$2" + ;; + *) + echo "Error: unknown argument." + usage + exit 1 + ;; +esac diff --git a/to-ship/ext/cli/reload b/to-ship/ext/cli/reload new file mode 100644 index 000000000..68cafe8c6 --- /dev/null +++ b/to-ship/ext/cli/reload @@ -0,0 +1,50 @@ +#!/usr/bin/env bash +set +e + +restartfile="/opt/puppetlabs/server/data/puppetserver/restartcounter" +reload_timeout="${RELOAD_TIMEOUT:-120}" +timeout="$reload_timeout" +realname="puppetserver" + +if [ -d "/run" ]; then + PIDFILE="/run/puppetlabs/${realname}/${realname}.pid" +else + PIDFILE="/var/run/puppetlabs/${realname}/${realname}.pid" +fi + +if [ ! -e "${INSTALL_DIR}/ezbake-functions.sh" ]; then + echo "Unable to find ${INSTALL_DIR}/ezbake-functions.sh script, failing start." 1>&2 + exit 1 +fi + +. "${INSTALL_DIR}/ezbake-functions.sh" + +init_restart_file "$restartfile" || exit $? + +initial="$(head -n 1 "$restartfile")" +pid="$(pgrep -f "puppet-server-release.jar.* -m puppetlabs.trapperkeeper.main")" +kill -HUP $pid >/dev/null 2>&1 +if [ $? -ne 0 ]; then + echo "Service not running so cannot be reloaded" 1>&2 + exit 1 +fi +sleep 0.1 +cur="$(head -n 1 "$restartfile")" +while [ "$cur" == "$initial" ] ;do + kill -0 $pid >/dev/null 2>&1 + if [ $? -ne 0 ]; then + echo "Process $pid exited before reload had completed" 1>&2 + rm -f "$PIDFILE" + exit 1 + fi + sleep 1 + cur="$(head -n 1 "$restartfile")" + + ((timeout--)) + if [ $timeout -eq 0 ]; then + echo "Reload timed out after $reload_timeout seconds" + exit 1 + fi +done + +exit 0 diff --git a/to-ship/ext/cli/ruby b/to-ship/ext/cli/ruby new file mode 100644 index 000000000..bef6a5d1f --- /dev/null +++ b/to-ship/ext/cli/ruby @@ -0,0 +1,18 @@ +#!/usr/bin/env bash + +cli_defaults=${INSTALL_DIR}/cli/cli-defaults.sh + +CLASSPATH=${INSTALL_DIR}/puppet-server-release.jar + +if [ -e "$cli_defaults" ]; then + . $cli_defaults + if [ $? -ne 0 ]; then + echo "Unable to initialize cli defaults, failing irb subcommand." 1>&2 + exit 1 + fi +fi + +"${JAVA_BIN}" $JAVA_ARGS_CLI \ + -cp "$CLASSPATH" \ + clojure.main -m puppetlabs.puppetserver.cli.ruby \ + --config "${CONFIG}" -- "$@" diff --git a/to-ship/ext/cli/start b/to-ship/ext/cli/start new file mode 100644 index 000000000..4f61308c2 --- /dev/null +++ b/to-ship/ext/cli/start @@ -0,0 +1,120 @@ +#!/usr/bin/env bash +set +e + +pid="$(pgrep -f "puppet-server-release.jar.* -m puppetlabs.trapperkeeper.main")" + +restartfile="/opt/puppetlabs/server/data/puppetserver/restartcounter" +start_timeout="${START_TIMEOUT:-300}" + +real_name="puppetserver" + +if [ -d "/run" ]; then + rundir="/run/puppetlabs/${real_name}" +else + rundir="/var/run/puppetlabs/${real_name}" +fi + +app_logdir=${app_logdir:=/var/log/puppetlabs/${real_name}} +PIDFILE="${rundir}/${real_name}.pid" + +cli_defaults=${INSTALL_DIR}/cli/cli-defaults.sh + +if [ ! -e "${INSTALL_DIR}/ezbake-functions.sh" ]; then + echo "Unable to find ${INSTALL_DIR}/ezbake-functions.sh script, failing start." 1>&2 + exit 1 +fi + +/usr/bin/install --directory --owner=$USER --group=$GROUP --mode=755 "$rundir" +if [ $? -ne 0 ]; then + echo "Unable to create/set permissions for rundir: ${rundir}" 1>&2 + exit 1 +fi + +. "${INSTALL_DIR}/ezbake-functions.sh" + +write_pid_file() { + echo "$pid" > "$PIDFILE" + if [ $? -ne 0 ]; then + echo "Unable to write pid file: ${PIDFILE}" 1>&2 + terminate_java_process + exit 1 + fi +} + +terminate_java_process() { + echo "Startup script was terminated before completion" 1>&2 + kill_pid "$pid" "$PIDFILE" "$SERVICE_STOP_RETRIES" + exit 1 +} + +if [ -n "$pid" ]; then + write_pid_file + exit 0 +fi + +rm -f "$PIDFILE" + +init_restart_file "$restartfile" || exit $? + +CLASSPATH=${INSTALL_DIR}/puppet-server-release.jar + +if [ -e "$cli_defaults" ]; then + . $cli_defaults + if [ $? -ne 0 ]; then + echo "Unable to initialize cli defaults, failing start." 1>&2 + exit 1 + fi +fi + +java_version=$($JAVA_BIN -version 2>&1 | head -1 | awk -F\" '{ print $2 }') +java_major_version=$(echo $java_version | awk -F. '{ print $1 }') + +LOG_APPENDER="-Dlogappender=F1" + +out_of_memory_flag='-XX:OnOutOfMemoryError=kill -9 %p' +if [ "$java_major_version" -ge 11 ]; then + out_of_memory_flag="-XX:+CrashOnOutOfMemoryError" +fi + +"$JAVA_BIN" $JAVA_ARGS $LOG_APPENDER \ + "$out_of_memory_flag" \ + -XX:ErrorFile="$app_logdir/${real_name}_err_pid%p.log" \ + -cp "$CLASSPATH" \ + clojure.main \ + -m puppetlabs.trapperkeeper.main \ + --config "$CONFIG" \ + --bootstrap-config "$BOOTSTRAP_CONFIG" \ + --restart-file "$restartfile" \ + $TK_ARGS & + +# $! is the process id of the last backgrounded process, the Java process above. +pid=$! +trap terminate_java_process SIGHUP SIGINT SIGTERM +write_pid_file + +cur="$(head -n 1 "$restartfile")" +initial="$cur" + +timeout="$start_timeout" +while [ "$cur" == "$initial" ] ;do + kill -0 $pid >/dev/null 2>&1 + if [ $? -ne 0 ]; then + rm -f "$PIDFILE" + echo "Background process $pid exited before start had completed" 1>&2 + exit 1 + fi + + sleep 1 + cur="$(head -n 1 "$restartfile")" + + ((timeout--)) + if [ $timeout -eq 0 ]; then + echo "Startup timed out after $start_timeout seconds" 1>&2 + terminate_java_process + rm -f "$PIDFILE" + exit 1 + fi +done + +write_pid_file +exit 0 diff --git a/to-ship/ext/cli/stop b/to-ship/ext/cli/stop new file mode 100644 index 000000000..0367a2342 --- /dev/null +++ b/to-ship/ext/cli/stop @@ -0,0 +1,26 @@ +#!/usr/bin/env bash +set +e + +pid="$(pgrep -f "puppet-server-release.jar.* -m puppetlabs.trapperkeeper.main")" +realname="puppetserver" + +if [ -d "/run" ]; then + PIDFILE="/run/puppetlabs/${realname}/${realname}.pid" +else + PIDFILE="/var/run/puppetlabs/${realname}/${realname}.pid" +fi + +if [ ! -e "${INSTALL_DIR}/ezbake-functions.sh" ]; then + echo "Unable to find ${INSTALL_DIR}/ezbake-functions.sh script, failing stop." 1>&2 + exit 1 +fi + +. "${INSTALL_DIR}/ezbake-functions.sh" + +if [ -z "$pid" ]; then + rm -f "$PIDFILE" + exit 0 +else + kill_pid "$pid" "$PIDFILE" "$SERVICE_STOP_RETRIES" + exit $? +fi diff --git a/to-ship/ext/cli_defaults/cli-defaults.sh b/to-ship/ext/cli_defaults/cli-defaults.sh new file mode 100644 index 000000000..69f0928d0 --- /dev/null +++ b/to-ship/ext/cli_defaults/cli-defaults.sh @@ -0,0 +1,23 @@ +INSTALL_DIR="/opt/puppetlabs/server/apps/puppetserver" + +if [ -n "$JRUBY_JAR" ]; then + echo "Warning: the JRUBY_JAR setting is no longer needed and will be ignored." 1>&2 +fi + +java_version=$($JAVA_BIN -version 2>&1 | head -1 | awk -F\" '{ print $2 }') +java_major_version=$(echo $java_version | awk -F. '{ print $1 }') + +if [[ $java_major_version -ge 17 ]]; then + + echo $JAVA_ARGS | grep "add-opens" &>/dev/null + if [[ 0 -ne $? ]]; then + export JAVA_ARGS="--add-opens java.base/sun.nio.ch=ALL-UNNAMED --add-opens java.base/java.io=ALL-UNNAMED ${JAVA_ARGS}" + fi + + echo $JAVA_ARGS_CLI | grep "add-opens" &>/dev/null + if [[ 0 -ne $? ]]; then + export JAVA_ARGS_CLI="--add-opens java.base/sun.nio.ch=ALL-UNNAMED --add-opens java.base/java.io=ALL-UNNAMED ${JAVA_ARGS_CLI}" + fi +fi + +CLASSPATH="${CLASSPATH}:/opt/puppetlabs/server/data/puppetserver/jars/*" diff --git a/to-ship/ext/config/conf.d/auth.conf b/to-ship/ext/config/conf.d/auth.conf new file mode 100644 index 000000000..7823a12c9 --- /dev/null +++ b/to-ship/ext/config/conf.d/auth.conf @@ -0,0 +1,305 @@ +authorization: { + version: 1 + rules: [ + { + # Allow nodes to retrieve their own catalog + match-request: { + path: "^/puppet/v3/catalog/([^/]+)$" + type: regex + method: [get, post] + } + allow: "$1" + sort-order: 500 + name: "puppetlabs v3 catalog from agents" + }, + { + # Allow services to retrieve catalogs on behalf of others + match-request: { + path: "^/puppet/v4/catalog/?$" + type: regex + method: post + } + deny: "*" + sort-order: 500 + name: "puppetlabs v4 catalog for services" + }, + { + # Allow nodes to retrieve the certificate they requested earlier + match-request: { + path: "/puppet-ca/v1/certificate/" + type: path + method: get + } + allow-unauthenticated: true + sort-order: 500 + name: "puppetlabs certificate" + }, + { + # Allow all nodes to access the certificate revocation list + match-request: { + path: "/puppet-ca/v1/certificate_revocation_list/ca" + type: path + method: get + } + allow-unauthenticated: true + sort-order: 500 + name: "puppetlabs crl" + }, + { + # Allow nodes to request a new certificate + match-request: { + path: "/puppet-ca/v1/certificate_request" + type: path + method: [get, put] + } + allow-unauthenticated: true + sort-order: 500 + name: "puppetlabs csr" + }, + { + # Allow nodes to renew their certificate + match-request: { + path: "/puppet-ca/v1/certificate_renewal" + type: path + method: post + } + # this endpoint should never be unauthenticated, as it requires the cert to be provided. + allow: "*" + sort-order: 500 + name: "puppetlabs certificate renewal" + }, + { + # Allow the CA CLI to access the certificate_status endpoint + match-request: { + path: "/puppet-ca/v1/certificate_status" + type: path + method: [get, put, delete] + } + allow: { + extensions: { + pp_cli_auth: "true" + } + } + sort-order: 500 + name: "puppetlabs cert status" + }, + { + match-request: { + path: "^/puppet-ca/v1/certificate_revocation_list$" + type: regex + method: put + } + allow: { + extensions: { + pp_cli_auth: "true" + } + } + sort-order: 500 + name: "puppetlabs CRL update" + }, + { + # Allow the CA CLI to access the certificate_statuses endpoint + match-request: { + path: "/puppet-ca/v1/certificate_statuses" + type: path + method: get + } + allow: { + extensions: { + pp_cli_auth: "true" + } + } + sort-order: 500 + name: "puppetlabs cert statuses" + }, + { + # Allow authenticated access to the CA expirations endpoint + match-request: { + path: "/puppet-ca/v1/expirations" + type: path + method: get + } + allow: "*" + sort-order: 500 + name: "puppetlabs CA cert and CRL expirations" + }, + { + # Allow the CA CLI to access the certificate clean endpoint + match-request: { + path: "/puppet-ca/v1/clean" + type: path + method: put + } + allow: { + extensions: { + pp_cli_auth: "true" + } + } + sort-order: 500 + name: "puppetlabs cert clean" + }, + { + # Allow the CA CLI to access the certificate sign endpoint + match-request: { + path: "/puppet-ca/v1/sign" + type: path + method: post + } + allow: { + extensions: { + pp_cli_auth: "true" + } + } + sort-order: 500 + name: "puppetlabs cert sign" + }, + { + # Allow the CA CLI to access the certificate sign all endpoint + match-request: { + path: "/puppet-ca/v1/sign/all" + type: path + method: post + } + allow: { + extensions: { + pp_cli_auth: "true" + } + } + sort-order: 500 + name: "puppetlabs cert sign all" + }, + { + # Allow unauthenticated access to the status service endpoint + match-request: { + path: "/status/v1/services" + type: path + method: get + } + allow-unauthenticated: true + sort-order: 500 + name: "puppetlabs status service - full" + }, + { + match-request: { + path: "/status/v1/simple" + type: path + method: get + } + allow-unauthenticated: true + sort-order: 500 + name: "puppetlabs status service - simple" + }, + { + match-request: { + path: "/puppet/v3/environments" + type: path + method: get + } + allow: "*" + sort-order: 500 + name: "puppetlabs environments" + }, + { + # Allow nodes to access all file_bucket_files. Note that access for + # the 'delete' method is forbidden by Puppet regardless of the + # configuration of this rule. + match-request: { + path: "/puppet/v3/file_bucket_file" + type: path + method: [get, head, post, put] + } + allow: "*" + sort-order: 500 + name: "puppetlabs file bucket file" + }, + { + # Allow nodes to access all file_content. Note that access for the + # 'delete' method is forbidden by Puppet regardless of the + # configuration of this rule. + match-request: { + path: "/puppet/v3/file_content" + type: path + method: [get, post] + } + allow: "*" + sort-order: 500 + name: "puppetlabs file content" + }, + { + # Allow nodes to access all file_metadata. Note that access for the + # 'delete' method is forbidden by Puppet regardless of the + # configuration of this rule. + match-request: { + path: "/puppet/v3/file_metadata" + type: path + method: [get, post] + } + allow: "*" + sort-order: 500 + name: "puppetlabs file metadata" + }, + { + # Allow nodes to retrieve only their own node definition + match-request: { + path: "^/puppet/v3/node/([^/]+)$" + type: regex + method: get + } + allow: "$1" + sort-order: 500 + name: "puppetlabs node" + }, + { + # Allow nodes to store only their own reports + match-request: { + path: "^/puppet/v3/report/([^/]+)$" + type: regex + method: put + } + allow: "$1" + sort-order: 500 + name: "puppetlabs report" + }, + { + # Allow nodes to update their own facts + match-request: { + path: "^/puppet/v3/facts/([^/]+)$" + type: regex + method: put + } + allow: "$1" + sort-order: 500 + name: "puppetlabs facts" + }, + { + match-request: { + path: "/puppet/v3/static_file_content" + type: path + method: get + } + allow: "*" + sort-order: 500 + name: "puppetlabs static file content" + }, + { + match-request: { + path: "/puppet/v3/tasks" + type: path + } + allow: "*" + sort-order: 500 + name: "puppet tasks information" + }, + { + # Deny everything else. This ACL is not strictly + # necessary, but illustrates the default policy + match-request: { + path: "/" + type: path + } + deny: "*" + sort-order: 999 + name: "puppetlabs deny all" + } + ] +} diff --git a/to-ship/ext/config/conf.d/ca.conf b/to-ship/ext/config/conf.d/ca.conf new file mode 100644 index 000000000..11e84bb99 --- /dev/null +++ b/to-ship/ext/config/conf.d/ca.conf @@ -0,0 +1,16 @@ +certificate-authority: { + # allow CA to sign certificate requests that have subject alternative names. + # allow-subject-alt-names: false + + # allow CA to sign certificate requests that have authorization extensions. + # allow-authorization-extensions: false + + # enable the separate CRL for Puppet infrastructure nodes + # enable-infra-crl: false + # Disable auto renewal of certs by default. + allow-auto-renewal: false + # This value determines the lifetime of the cert if auto-renewal is enabled + auto-renewal-cert-ttl: "60d" + # Default cert expiration time. If the value is set here, it will take precedence over ca-ttl setting in puppet.conf + #ca-ttl: "60d" +} diff --git a/to-ship/ext/config/conf.d/global.conf b/to-ship/ext/config/conf.d/global.conf new file mode 100644 index 000000000..ed76c439a --- /dev/null +++ b/to-ship/ext/config/conf.d/global.conf @@ -0,0 +1,5 @@ +global: { + # Path to logback logging configuration file; for more + # info, see http://logback.qos.ch/manual/configuration.html + logging-config: /etc/puppetlabs/puppetserver/logback.xml +} diff --git a/to-ship/ext/config/conf.d/metrics.conf b/to-ship/ext/config/conf.d/metrics.conf new file mode 100644 index 000000000..0e03d50e1 --- /dev/null +++ b/to-ship/ext/config/conf.d/metrics.conf @@ -0,0 +1,53 @@ +# settings related to metrics +metrics: { + # a server id that will be used as part of the namespace for metrics produced + # by this server + server-id: localhost + registries: { + puppetserver: { + # specify metrics to allow in addition to those in the default list + #metrics-allowed: ["compiler.compile.production"] + + reporters: { + # enable or disable JMX metrics reporter + jmx: { + enabled: true + } + # enable or disable Graphite metrics reporter + #graphite: { + # enabled: true + #} + } + + } + } + + # this section is used to configure settings for reporters that will send + # the metrics to various destinations for external viewing + reporters: { + #graphite: { + # # graphite host + # host: "127.0.0.1" + # # graphite metrics port + # port: 2003 + # # how often to send metrics to graphite + # update-interval-seconds: 5 + #} + } + metrics-webservice: { + jolokia: { + # Enable or disable the Jolokia-based metrics/v2 endpoint. + # Default is true. + # enabled: false + + # Configure any of the settings listed at: + # https://jolokia.org/reference/html/agents.html#war-agent-installation + servlet-init-params: { + # Specify a custom security policy: + # https://jolokia.org/reference/html/security.html + # policyLocation: "file:///etc/puppetlabs/puppetserver/jolokia-access.xml" + } + } + } + +} diff --git a/to-ship/ext/config/conf.d/puppetserver.conf b/to-ship/ext/config/conf.d/puppetserver.conf new file mode 100644 index 000000000..c5f71351c --- /dev/null +++ b/to-ship/ext/config/conf.d/puppetserver.conf @@ -0,0 +1,74 @@ +# configuration for the JRuby interpreters +jruby-puppet: { + # Where the puppet-agent dependency places puppet, facter, etc... + # Puppet server expects to load Puppet from this location + ruby-load-path: [/opt/puppetlabs/puppet/lib/ruby/vendor_ruby] + + # This setting determines where JRuby will install gems. It is used for loading gems, + # and also by the `puppetserver gem` command line tool. + gem-home: /opt/puppetlabs/server/data/puppetserver/jruby-gems + + # This setting defines the complete "GEM_PATH" for jruby. If set, it should include + # the gem-home directory as well as any other directories that gems can be loaded + # from (including the vendored gems directory for gems that ship with puppetserver) + gem-path: [${jruby-puppet.gem-home}, "/opt/puppetlabs/server/data/puppetserver/vendored-jruby-gems", "/opt/puppetlabs/puppet/lib/ruby/vendor_gems"] + + # PLEASE NOTE: Use caution when modifying the below settings. Modifying + # these settings will change the value of the corresponding Puppet settings + # for Puppet Server, but not for the Puppet CLI tools. This likely will not + # be a problem with server-var-dir, server-run-dir, or server-log-dir unless + # some critical setting in puppet.conf is interpolating the value of one + # of the corresponding settings, but it is important that any changes made to + # server-conf-dir and server-code-dir are also made to the corresponding Puppet + # settings when running the Puppet CLI tools. See + # https://docs.puppetlabs.com/puppetserver/latest/puppet_conf_setting_diffs.html#overriding-puppet-settings-in-puppet-server + # for more information. + + # (optional) path to puppet conf dir; if not specified, will use + # /etc/puppetlabs/puppet + server-conf-dir: /etc/puppetlabs/puppet + + # (optional) path to puppet code dir; if not specified, will use + # /etc/puppetlabs/code + server-code-dir: /etc/puppetlabs/code + + # (optional) path to puppet var dir; if not specified, will use + # /opt/puppetlabs/server/data/puppetserver + server-var-dir: /opt/puppetlabs/server/data/puppetserver + + # (optional) path to puppet run dir; if not specified, will use + # /var/run/puppetlabs/puppetserver + server-run-dir: /var/run/puppetlabs/puppetserver + + # (optional) path to puppet log dir; if not specified, will use + # /var/log/puppetlabs/puppetserver + server-log-dir: /var/log/puppetlabs/puppetserver + + # (optional) maximum number of JRuby instances to allow + #max-active-instances: 1 + + # (optional) Whether or not to track lookups during compilation; turning + # this on will send that information to puppetdb + # track-lookups: true +} + +# settings related to HTTPS client requests made by Puppet Server +http-client: { + # A list of acceptable protocols for making HTTPS requests + #ssl-protocols: [TLSv1.3, TLSv1.2] + + # A list of acceptable cipher suites for making HTTPS requests + #cipher-suites: [TLS_RSA_WITH_AES_256_CBC_SHA256, + # TLS_RSA_WITH_AES_256_CBC_SHA, + # TLS_RSA_WITH_AES_128_CBC_SHA256, + # TLS_RSA_WITH_AES_128_CBC_SHA] + + # Whether to enable http-client metrics; defaults to 'true'. + #metrics-enabled: true +} + +# settings related to profiling the puppet Ruby code +profiler: { + # enable or disable profiling for the Ruby code; defaults to 'true'. + #enabled: true +} diff --git a/to-ship/ext/config/conf.d/web-routes.conf b/to-ship/ext/config/conf.d/web-routes.conf new file mode 100644 index 000000000..43e97d393 --- /dev/null +++ b/to-ship/ext/config/conf.d/web-routes.conf @@ -0,0 +1,16 @@ +web-router-service: { + # These two should not be modified because the Puppet 4.x agent expects them to + # be mounted at these specific paths + "puppetlabs.services.ca.certificate-authority-service/certificate-authority-service": "/puppet-ca" + "puppetlabs.services.master.master-service/master-service": "/puppet" + "puppetlabs.services.legacy-routes.legacy-routes-service/legacy-routes-service": "" + + # This controls the mount point for the puppet admin API. + "puppetlabs.services.puppet-admin.puppet-admin-service/puppet-admin-service": "/puppet-admin-api" + + # This controls the mount point for the status API + "puppetlabs.trapperkeeper.services.status.status-service/status-service": "/status" + + # This controls the mount point for the metrics API + "puppetlabs.trapperkeeper.services.metrics.metrics-service/metrics-webservice": "/metrics" +} diff --git a/to-ship/ext/config/conf.d/webserver.conf b/to-ship/ext/config/conf.d/webserver.conf new file mode 100644 index 000000000..1f541e745 --- /dev/null +++ b/to-ship/ext/config/conf.d/webserver.conf @@ -0,0 +1,6 @@ +webserver: { + access-log-config: /etc/puppetlabs/puppetserver/request-logging.xml + client-auth: want + ssl-host: 0.0.0.0 + ssl-port: 8140 +} diff --git a/to-ship/ext/config/logback.xml b/to-ship/ext/config/logback.xml new file mode 100644 index 000000000..d8a5ceed4 --- /dev/null +++ b/to-ship/ext/config/logback.xml @@ -0,0 +1,57 @@ + + + + %d{yyyy-MM-dd'T'HH:mm:ss.SSSXXX} %-5p [%t] [%c{2}] %m%n + + + + + + /var/log/puppetlabs/puppetserver/puppetserver.log + true + + + /var/log/puppetlabs/puppetserver/puppetserver-%d{yyyy-MM-dd}.%i.log.gz + + 200MB + 90 + 1GB + + + %d{yyyy-MM-dd'T'HH:mm:ss.SSSXXX} %-5p [%t] [%c{2}] %m%n + + + + + /var/log/puppetlabs/puppetserver/puppetserver-status.log + true + + + /var/log/puppetlabs/puppetserver/puppetserver-status-%d{yyyy-MM-dd}.%i.log.gz + + 200MB + 90 + 1GB + + + + %m%n + + + + + + + + + + + + + + + + + + + diff --git a/to-ship/ext/config/request-logging.xml b/to-ship/ext/config/request-logging.xml new file mode 100644 index 000000000..46fff776f --- /dev/null +++ b/to-ship/ext/config/request-logging.xml @@ -0,0 +1,18 @@ + + + /var/log/puppetlabs/puppetserver/puppetserver-access.log + true + + + /var/log/puppetlabs/puppetserver/puppetserver-access-%d{yyyy-MM-dd}.%i.log.gz + + 200MB + 90 + 1GB + + + %h %l %u [%t] "%r" %s %b "%i{Referer}" "%i{User-Agent}" %D %i{Content-Length} %mdc{jruby.borrow-time:--} + + + + diff --git a/to-ship/ext/config/services.d/ca.cfg b/to-ship/ext/config/services.d/ca.cfg new file mode 100644 index 000000000..e3c1c848b --- /dev/null +++ b/to-ship/ext/config/services.d/ca.cfg @@ -0,0 +1,6 @@ +# To enable the CA service, leave the following line uncommented +puppetlabs.services.ca.certificate-authority-service/certificate-authority-service +# To disable the CA service, comment out the above line and uncomment the line below +#puppetlabs.services.ca.certificate-authority-disabled-service/certificate-authority-disabled-service +puppetlabs.trapperkeeper.services.watcher.filesystem-watch-service/filesystem-watch-service + diff --git a/to-ship/ext/debian/postinst b/to-ship/ext/debian/postinst new file mode 100644 index 000000000..d5496f4f6 --- /dev/null +++ b/to-ship/ext/debian/postinst @@ -0,0 +1,30 @@ +#!/bin/sh + +/opt/puppetlabs/server/apps/puppetserver/scripts/install.sh postinst_deb + +# Set some configuration from the project on install +if [ -z "$2" ]; then + /opt/puppetlabs/server/apps/puppetserver/scripts/install.sh postinst_deb_install +fi + +# On upgrade, we should restart the service if it's running +if [ $1 = 'configure' -a -n $2 ] ; then + if [ -d '/run/systemd/system' ] ; then + # Using systemd + systemctl daemon-reload >/dev/null 2>&1 || : + systemctl try-restart puppetserver.service ||: + else + # Using sysv + invoke-rc.d puppetserver try-restart || : + fi +fi + +# Run trigger scripts on install if defined +if [ $1 = triggered ] && [ -z $2 ]; then + : # in case there are no install triggers +fi + +# Run trigger scripts on upgrade if defined +if [ $1 = triggered ] && [ -n $2 ]; then + : # in case there are no upgrade triggers +fi diff --git a/to-ship/ext/debian/postrm b/to-ship/ext/debian/postrm new file mode 100644 index 000000000..af092d1cf --- /dev/null +++ b/to-ship/ext/debian/postrm @@ -0,0 +1,17 @@ +#!/bin/sh -e + +case "$1" in + purge) + # Remove log files + rm -rf /var/log/puppetlabs/puppetserver + ;; + remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear) + ;; + + *) + echo "postrm called with unknown argument \`$1'" >&2 + exit 1 + +esac + +exit 0 diff --git a/to-ship/ext/debian/preinst b/to-ship/ext/debian/preinst new file mode 100644 index 000000000..ec6f91dfd --- /dev/null +++ b/to-ship/ext/debian/preinst @@ -0,0 +1,25 @@ +#!/bin/sh + +# Note: Changes to this section may require synchronisation with the install.sh +# source based installation method. + +if [ "$1" = install ] || [ "$1" = upgrade ]; then + # Note: changes to this section of the spec may require synchronisation with the + # install.sh source based installation methodology. + # + # Add puppet group + getent group puppet > /dev/null || \ + groupadd -r puppet || : + # Add puppet user + if getent passwd puppet > /dev/null; then + usermod --gid puppet \ + --home /opt/puppetlabs/server/data/puppetserver \ + --comment "puppetserver daemon" puppet || : + else + useradd -r --gid puppet \ + --home /opt/puppetlabs/server/data/puppetserver --shell $(which nologin) \ + --comment "puppetserver daemon" puppet || : + fi + + +fi diff --git a/to-ship/ext/debian/prerm b/to-ship/ext/debian/prerm new file mode 100644 index 000000000..ec53eb433 --- /dev/null +++ b/to-ship/ext/debian/prerm @@ -0,0 +1,12 @@ +#!/bin/sh + +if [ "$1" = "failed-upgrade" ] || [ "$1" = "remove" ] ; then + if [ -d '/run/systemd/system' ] ; then + # Using systemd + systemctl --no-reload disable puppetserver.service > /dev/null 2>&1 || : + systemctl stop puppetserver.service > /dev/null 2>&1 || : + else + # Using sysv + invoke-rc.d puppetserver stop || : + fi +fi diff --git a/to-ship/ext/debian/puppetserver.default_file b/to-ship/ext/debian/puppetserver.default_file new file mode 100644 index 000000000..dc78c980e --- /dev/null +++ b/to-ship/ext/debian/puppetserver.default_file @@ -0,0 +1,40 @@ +########################################### +# Init settings for puppetserver +########################################### + +# Location of your Java binary (version 8) +JAVA_BIN="/usr/bin/java" + +# Modify this if you'd like to change the memory allocation, enable JMX, etc +JAVA_ARGS="-Xms2g -Xmx2g -Djruby.logger.class=com.puppetlabs.jruby_utils.jruby.Slf4jLogger" + +# Modify this as you would JAVA_ARGS but for non-service related subcommands +JAVA_ARGS_CLI="${JAVA_ARGS_CLI:-}" + +# Modify this if you'd like TrapperKeeper specific arguments +TK_ARGS="" + +# These normally shouldn't need to be edited if using OS packages +USER="puppet" +GROUP="puppet" +INSTALL_DIR="/opt/puppetlabs/server/apps/puppetserver" +CONFIG="/etc/puppetlabs/puppetserver/conf.d" + +# Bootstrap path +BOOTSTRAP_CONFIG="/etc/puppetlabs/puppetserver/services.d/,/opt/puppetlabs/server/apps/puppetserver/config/services.d/" + +# SERVICE_STOP_RETRIES can be set here to alter the default stop timeout in +# seconds. For systemd, the shorter of this setting or 'TimeoutStopSec' in +# the systemd.service definition will effectively be the timeout which is used. +SERVICE_STOP_RETRIES=60 + +# START_TIMEOUT can be set here to alter the default startup timeout in +# seconds. For systemd, the shorter of this setting or 'TimeoutStartSec' +# in the service's systemd.service configuration file will effectively be the +# timeout which is used. +START_TIMEOUT=300 + + +# Maximum number of seconds that can expire for a service reload attempt before +# the result of the attempt is interpreted as a failure. +RELOAD_TIMEOUT=120 diff --git a/to-ship/ext/debian/puppetserver.init_script b/to-ship/ext/debian/puppetserver.init_script new file mode 100644 index 000000000..ac409555c --- /dev/null +++ b/to-ship/ext/debian/puppetserver.init_script @@ -0,0 +1,166 @@ +#! /bin/sh +### BEGIN INIT INFO +# Provides: puppetserver +# Required-Start: $remote_fs $syslog +# Required-Stop: $remote_fs $syslog +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: puppetserver +# Description: Start puppetserver daemon placed in /etc/init.d. +### END INIT INFO + +# Copyright 2014 Puppet Labs, 2025 Vox Pupuli + +#set default privileges to -rw-r----- +umask 027 + +# You should only need to edit the default/puppetserver file and not +# this init script directly +if [ -r "/etc/default/puppetserver" ] ; then + . /etc/default/puppetserver +else + exit 1 +fi + +[ -e "$INSTALL_DIR/ezbake-functions.sh" ] && . "$INSTALL_DIR/ezbake-functions.sh" + +# PATH should only include /usr/* if it runs after the mountnfs.sh script +PATH=/sbin:/usr/sbin:/bin:/usr/bin +NAME=puppetserver +REALNAME=puppetserver +USER=puppet +GROUP=puppet +DESC="puppetserver Vox Pupuli version-checking backend" +JARFILE="puppet-server-release.jar" +PIDFILE=/run/puppetlabs/${REALNAME}/${REALNAME}.pid +SCRIPTNAME=/etc/init.d/$NAME +START_TIMEOUT=${START_TIMEOUT:-300} + +# Exit if the package is not installed +[ -x "$JAVA_BIN" ] || exit 0 + +# Load the VERBOSE setting and other rcS variables +. /lib/init/vars.sh + +# Define LSB log_* functions. +# Depend on lsb-base (>= 3.2-14) to ensure that this file is present +# and status_of_proc is working. +. /lib/lsb/init-functions + +# +# Function that starts the daemon/service +# +do_start() +{ + + + /usr/bin/install --directory --owner=${USER} --group=${GROUP} --mode=755 "/run/puppetlabs/${REALNAME}" + start-stop-daemon --start --quiet --chuid $USER --oknodo --pidfile $PIDFILE --chdir $INSTALL_DIR \ + --startas "${INSTALL_DIR}/bin/${REALNAME}" -- start >> /var/log/puppetlabs/${REALNAME}/${REALNAME}-daemon.log 2>&1 + retval=$? + + + return $retval +} + +# +# Function that stops the daemon/service +# +do_stop() +{ + "${INSTALL_DIR}/bin/${REALNAME}" stop +} + +# +# Function that gets the status of the daemon/service +# +get_status() +{ + status_of_proc -p $PIDFILE "$JAVA_BIN" "$NAME" + return $? +} + +# +# Function that gets the status of the daemon/service +# and makes no output +# +get_status_q() +{ + get_status >/dev/null 2>&1 +} + +# +# Function that restarts the daemon/service +# +do_restart() +{ + do_stop + if [ "$?" -eq 0 ]; then + do_start + case "$?" in + 0) log_end_msg 0 ;; + 1) log_end_msg 1 ;; # Old process is still running + *) log_end_msg 1 ;; # Failed to start + esac + else + # Failed to stop + log_end_msg 1 + fi +} + +# +# Function that sends a SIGHUP to the daemon/service +# +do_reload() { + "${INSTALL_DIR}/bin/${REALNAME}" reload + return $? +} + +case "$1" in + start) + [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME" + do_start + RETVAL="$?" + case "$RETVAL" in + 0) [ "$VERBOSE" != no ] && log_end_msg 0 ;; + 1|2) [ "$VERBOSE" != no ] && log_end_msg 1 ;; + esac + exit "$RETVAL" + ;; + stop) + [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME" + do_stop + RETVAL="$?" + if [ "$RETVAL" -eq 0 ]; then + [ "$VERBOSE" != no ] && log_end_msg 0 + else + [ "$VERBOSE" != no ] && log_end_msg 1 + fi + exit "$RETVAL" + ;; + status) + get_status + exit $? + ;; + condrestart|try-restart) + get_status_q || exit 0 + do_restart + ;; + restart) + [ "$VERBOSE" != no ] && log_daemon_msg "Restarting $DESC" "$NAME" + do_restart + ;; + force-reload|reload) + [ "$VERBOSE" != no ] && log_daemon_msg "Reloading $DESC" "$NAME" + do_reload + RETVAL="$?" + [ "$VERBOSE" != no ] && log_end_msg $RETVAL + exit "$RETVAL" + ;; + *) + echo "Usage: $SCRIPTNAME {start|stop|status|condrestart|try-restart|restart|force-reload|reload}" >&2 + exit 3 + ;; +esac + +exit $? diff --git a/to-ship/ext/debian/puppetserver.service_file b/to-ship/ext/debian/puppetserver.service_file new file mode 100644 index 000000000..9f63445c7 --- /dev/null +++ b/to-ship/ext/debian/puppetserver.service_file @@ -0,0 +1,46 @@ +# +# Local settings can be configured without being overwritten by package upgrades, for example +# if you want to increase puppetserver open-files-limit to 10000, +# you need to increase systemd's LimitNOFILE setting, so create a file named +# "/etc/systemd/system/puppetserver.service.d/limits.conf" containing: +# [Service] +# LimitNOFILE=10000 +# You can confirm it worked by running systemctl daemon-reload +# then running systemctl show puppetserver | grep LimitNOFILE +# +[Unit] +Description=puppetserver Service +After=syslog.target network.target nss-lookup.target + +[Service] +Type=forking +EnvironmentFile=/etc/default/puppetserver +User=puppet +TimeoutStartSec=300 +TimeoutStopSec=60 +Restart=on-failure +StartLimitBurst=5 +PIDFile=/run/puppetlabs/puppetserver/puppetserver.pid + +# https://tickets.puppetlabs.com/browse/EZ-129 +# Prior to systemd v228, TasksMax was unset by default, and unlimited. Starting in 228 a default of '512' +# was implemented. This is low enough to cause problems for certain applications. In systemd 231, the +# default was changed to be 15% of the default kernel limit. This explicitly sets TasksMax to 4915, +# which should match the default in systemd 231 and later. +# See https://github.com/systemd/systemd/issues/3211#issuecomment-233676333 +TasksMax=4915 + +#set default privileges to -rw-r----- +UMask=027 + + +ExecReload=/opt/puppetlabs/server/apps/puppetserver/bin/puppetserver reload +ExecStart=/opt/puppetlabs/server/apps/puppetserver/bin/puppetserver start +ExecStop=/opt/puppetlabs/server/apps/puppetserver/bin/puppetserver stop + +KillMode=process + +SuccessExitStatus=143 + +[Install] +WantedBy=multi-user.target diff --git a/to-ship/ext/default b/to-ship/ext/default new file mode 100644 index 000000000..dc78c980e --- /dev/null +++ b/to-ship/ext/default @@ -0,0 +1,40 @@ +########################################### +# Init settings for puppetserver +########################################### + +# Location of your Java binary (version 8) +JAVA_BIN="/usr/bin/java" + +# Modify this if you'd like to change the memory allocation, enable JMX, etc +JAVA_ARGS="-Xms2g -Xmx2g -Djruby.logger.class=com.puppetlabs.jruby_utils.jruby.Slf4jLogger" + +# Modify this as you would JAVA_ARGS but for non-service related subcommands +JAVA_ARGS_CLI="${JAVA_ARGS_CLI:-}" + +# Modify this if you'd like TrapperKeeper specific arguments +TK_ARGS="" + +# These normally shouldn't need to be edited if using OS packages +USER="puppet" +GROUP="puppet" +INSTALL_DIR="/opt/puppetlabs/server/apps/puppetserver" +CONFIG="/etc/puppetlabs/puppetserver/conf.d" + +# Bootstrap path +BOOTSTRAP_CONFIG="/etc/puppetlabs/puppetserver/services.d/,/opt/puppetlabs/server/apps/puppetserver/config/services.d/" + +# SERVICE_STOP_RETRIES can be set here to alter the default stop timeout in +# seconds. For systemd, the shorter of this setting or 'TimeoutStopSec' in +# the systemd.service definition will effectively be the timeout which is used. +SERVICE_STOP_RETRIES=60 + +# START_TIMEOUT can be set here to alter the default startup timeout in +# seconds. For systemd, the shorter of this setting or 'TimeoutStartSec' +# in the service's systemd.service configuration file will effectively be the +# timeout which is used. +START_TIMEOUT=300 + + +# Maximum number of seconds that can expire for a service reload attempt before +# the result of the attempt is interpreted as a failure. +RELOAD_TIMEOUT=120 diff --git a/to-ship/ext/ezbake-functions.sh b/to-ship/ext/ezbake-functions.sh new file mode 100644 index 000000000..d7b6a6b34 --- /dev/null +++ b/to-ship/ext/ezbake-functions.sh @@ -0,0 +1,162 @@ +#! /bin/bash +# +# Useful shell functions for programs packaged with ezbake. +# + +# +# Wait `timeout` seconds for the application identified by `pid to bind to any +# TCP port +# +wait_for_app() +{ + local pid=${1:?} + local timeout=${2:-300} + + while : ;do + + # verify the process is still running; if not, return failure + ps -p $pid 2>&1 > /dev/null + if [ "$?" != 0 ]; then + return 1 + fi + + # if there are any TCP ports associated with the process, return success + netstat -tulpn 2>/dev/null | grep "$pid" 2>&1 >/dev/null + if [ "$?" = 0 ]; then + sleep 5 + return 0 + fi + + # if we reach the timeout, return failure + if [ "$timeout" = 0 ]; then + return 1 + fi + + sleep 1 + timeout=$(($timeout-1)) + done +} + + +# +# Wait `timeout` seconds for `pidfile` to be created, otherwise return failure. +# Default timeout is 5 seconds. +# +wait_for_pidfile() +{ + local pidfile=${1:?} + local timeout=${2:-5} + + while [ ! -s "$pidfile" ] ;do + sleep 1 + + # if we reach the timeout, return failure + if [ "$timeout" -eq 0 ] ;then + return 1 + fi + + timeout=$(($timeout-1)) + done + + return 0 +} + +# +# Kill a process. +# +# First argument (required) is the pid to kill. +# +# Second argument (optional) is a pidfile that should be removed after the +# process is killed. +# +# Third argument (optional) is a timeout (in seconds) to wait for the process +# to die. Default timeout is 60 seconds. +# +# Returns 0 (success) if the process is dead or 1 (failure) if the process is +# still running after attempts to kill have completed. +# +kill_pid() +{ + local pid=${1:?} + local pidfile=$2 + local stop_timeout=${3:-60} + + kill -TERM $pid >/dev/null 2>&1 + sleep 0.1 + + timeout=$stop_timeout + kill -0 $pid >/dev/null 2>&1 + while [ $? -eq 0 ] && [ $timeout -ne 0 ]; do + sleep 1 + ((timeout--)) + kill -0 $pid >/dev/null 2>&1 + done + + if [ $timeout -eq 0 ]; then + echo "Process $pid not terminated gracefully after $stop_timeout seconds" 1>&2 + kill -KILL $pid >/dev/null 2>&1 + sleep 1 + kill -0 $pid >/dev/null 2>&1 + timeout=$stop_timeout + while [ $? -eq 0 ] && [ $timeout -ne 0 ]; do + sleep 1 + ((timeout--)) + kill -0 $pid >/dev/null 2>&1 + done + if [ $? -eq 0 ]; then + echo "Process $pid not killed after SIGKILL" 1>&2 + return 1 + else + echo "Process $pid killed after SIGKILL" 1>&2 + fi + fi + + if [ -n "$pidfile" ]; then + rm -f "$pidfile" + fi + + return 0 +} + +init_restart_file() +{ + local restart_file="${1:?}" + local restart_file_base_dir="$(dirname "$restartfile")" + local user="${USER:-puppet}" + local group="${GROUP:-puppet}" + + if [ ! -e "$restartfile" ]; then + /usr/bin/install --directory --owner=$user --group=$group --mode=755 "$restart_file_base_dir" + if [ $? -ne 0 ]; then + echo "Unable to create or set permissions for restart file at ${restart_file_base_dir}" 1>&2 + return 1 + fi + echo -n "0" > "$restart_file" + if [ $? -ne 0 ]; then + echo "Unable to create restart file at ${restart_file}" 1>&2 + return 1 + fi + chown $user:$group "$restart_file" + if [ $? -ne 0 ]; then + echo "Unable to set permissions for restart file at ${restart_file}" 1>&2 + return 1 + fi + elif [ ! -r "$restart_file" ] || [ ! -w "$restart_file" ]; then + echo "The restart-file at ${restart_file} is not readable and/or writeable." 1>&2 + return 1 + fi + + return 0 +} + +if [ "$0" = "$BASH_SOURCE" ] ;then + COMMAND=${1:?} + export $(systemctl show -p MainPID puppetserver.service) + case $COMMAND in + wait_for_app) + wait_for_app ${MainPID:?} ${START_TIMEOUT:-300} + ;; + *) + ;; + esac +fi diff --git a/to-ship/ext/ezbake.manifest b/to-ship/ext/ezbake.manifest new file mode 100644 index 000000000..246c84730 --- /dev/null +++ b/to-ship/ext/ezbake.manifest @@ -0,0 +1,322 @@ + +This package was built by the OpenVox packaging system. + +EZBake version: 2.6.3-SNAPSHOT-openvox +Release package: puppetlabs/puppetserver (8.11.0) +Bundled packages: puppetlabs/puppetserver 8.11.0,org.clojure/clojure 1.11.2,org.bouncycastle/bcpkix-jdk18on 1.78.1,puppetlabs/jruby-utils 5.2.0,puppetlabs/puppetserver 8.11.0,com.puppetlabs/trapperkeeper-webserver-jetty10 1.0.18,puppetlabs/trapperkeeper-metrics 2.0.4 + +Dependency tree: + +[beckon "0.1.1"] +[bidi "2.1.3"] +[ch.qos.logback/logback-access "1.3.14"] +[ch.qos.logback/logback-classic "1.3.14"] +[ch.qos.logback/logback-core "1.3.14"] +[cheshire "5.10.2"] + [com.fasterxml.jackson.core/jackson-core "2.14.0"] + [com.fasterxml.jackson.dataformat/jackson-dataformat-cbor "2.12.4" :exclusions [[com.fasterxml.jackson.core/jackson-databind]]] + [com.fasterxml.jackson.dataformat/jackson-dataformat-smile "2.12.4" :exclusions [[com.fasterxml.jackson.core/jackson-databind]]] + [tigris "0.1.2"] +[clj-commons/fs "1.6.307"] + [org.apache.commons/commons-compress "1.26.0"] + [org.apache.commons/commons-lang3 "3.14.0"] + [org.tukaani/xz "1.8"] +[clj-time "0.11.0"] + [joda-time "2.12.5"] +[com.fasterxml.jackson.core/jackson-core "2.14.0"] +[com.fasterxml.jackson.core/jackson-databind "2.14.0"] + [com.fasterxml.jackson.core/jackson-annotations "2.14.0"] +[com.puppetlabs/trapperkeeper-webserver-jetty10 "1.0.18"] + [ch.qos.logback/logback-access "1.3.14"] + [ch.qos.logback/logback-classic "1.3.14"] + [ch.qos.logback/logback-core "1.3.14"] + [compojure "1.7.1"] + [clout "2.2.1"] + [instaparse "1.4.1" :exclusions [[org.clojure/clojure]]] + [medley "1.4.0"] + [hato "0.9.0"] + [javax.servlet/javax.servlet-api "4.0.1"] + [org.clojure/tools.namespace "0.2.11"] + [org.codehaus.janino/janino "3.0.8"] + [org.codehaus.janino/commons-compiler "3.0.8"] + [org.eclipse.jetty.websocket/websocket-jetty-api "10.0.20"] + [org.eclipse.jetty.websocket/websocket-jetty-client "10.0.20"] + [org.eclipse.jetty.websocket/websocket-core-client "10.0.20"] + [org.eclipse.jetty.websocket/websocket-jetty-server "10.0.20"] + [org.eclipse.jetty.websocket/websocket-jetty-common "10.0.20"] + [org.eclipse.jetty.websocket/websocket-core-common "10.0.20"] + [org.eclipse.jetty.websocket/websocket-servlet "10.0.20"] + [org.eclipse.jetty.websocket/websocket-core-server "10.0.20"] + [org.eclipse.jetty/jetty-jmx "10.0.20"] + [org.eclipse.jetty/jetty-proxy "10.0.20"] + [org.eclipse.jetty/jetty-client "10.0.20"] + [org.eclipse.jetty/jetty-alpn-client "10.0.20"] + [org.eclipse.jetty/jetty-server "10.0.20"] + [org.eclipse.jetty.toolchain/jetty-servlet-api "4.0.6"] + [org.eclipse.jetty/jetty-http "10.0.20"] + [org.eclipse.jetty/jetty-io "10.0.20"] + [org.eclipse.jetty/jetty-servlet "10.0.20"] + [org.eclipse.jetty/jetty-security "10.0.20"] + [org.eclipse.jetty/jetty-servlets "10.0.20"] + [org.eclipse.jetty/jetty-util "10.0.20"] + [org.eclipse.jetty/jetty-webapp "10.0.20"] + [org.eclipse.jetty/jetty-xml "10.0.20"] + [org.flatland/ordered "1.5.9"] + [org.slf4j/jul-to-slf4j "2.0.7"] + [puppetlabs/kitchensink "3.4.0" :classifier "test"] + [puppetlabs/trapperkeeper "4.0.2" :classifier "test"] + [ring/ring-codec "1.1.2"] + [ring/ring-core "1.8.2"] + [commons-fileupload "1.4"] + [crypto-equality "1.0.0"] + [crypto-random "1.2.0"] + [ring/ring-servlet "1.8.2"] +[commons-codec "1.15"] +[commons-io "2.15.1"] +[commons-lang "2.6"] +[commons-logging "1.2"] +[compojure "1.7.1"] + [clout "2.2.1"] + [instaparse "1.4.1" :exclusions [[org.clojure/clojure]]] + [medley "1.4.0"] +[hiccup "1.0.5"] +[io.dropwizard.metrics/metrics-core "3.2.2"] +[io.dropwizard.metrics/metrics-graphite "3.2.2"] +[joda-time "2.12.5"] +[liberator "0.15.2"] + [hiccup "1.0.5"] + [org.clojure/data.csv "0.1.3"] + [org.clojure/data.json "2.4.0"] +[net.logstash.logback/logstash-logback-encoder "7.3"] + [com.fasterxml.jackson.core/jackson-databind "2.14.0"] + [com.fasterxml.jackson.core/jackson-annotations "2.14.0"] +[nrepl "0.6.0"] +[org.apache.commons/commons-compress "1.26.0"] + [org.apache.commons/commons-lang3 "3.14.0"] +[org.apache.commons/commons-exec "1.4.0"] +[org.apache.commons/commons-lang3 "3.14.0"] +[org.apache.httpcomponents/httpasyncclient "4.1.5"] + [commons-logging "1.2"] + [org.apache.httpcomponents/httpclient "4.5.13"] + [org.apache.httpcomponents/httpcore-nio "4.4.15"] + [org.apache.httpcomponents/httpcore "4.4.15"] +[org.apache.httpcomponents/httpclient "4.5.13"] +[org.apache.httpcomponents/httpcore "4.4.15"] +[org.bouncycastle/bcpkix-jdk18on "1.78.1"] + [org.bouncycastle/bcprov-jdk18on "1.78.1"] + [org.bouncycastle/bcutil-jdk18on "1.78.1"] +[org.bouncycastle/bcprov-jdk18on "1.78.1"] +[org.bouncycastle/bcutil-jdk18on "1.78.1"] +[org.clojure/clojure "1.11.2"] + [org.clojure/core.specs.alpha "0.2.62"] + [org.clojure/spec.alpha "0.3.218"] +[org.clojure/core.async "1.5.648"] + [org.clojure/tools.analyzer.jvm "1.2.2"] + [org.clojure/core.memoize "1.0.257"] + [org.clojure/core.cache "1.0.225"] + [org.clojure/data.priority-map "1.1.0"] + [org.clojure/tools.analyzer "1.1.0"] + [org.clojure/tools.reader "1.3.6"] +[org.clojure/core.cache "1.0.225"] + [org.clojure/data.priority-map "1.1.0"] +[org.clojure/core.memoize "1.0.257"] + [org.clojure/core.cache "1.0.225"] + [org.clojure/data.priority-map "1.1.0"] +[org.clojure/data.json "2.4.0"] +[org.clojure/data.priority-map "1.1.0"] +[org.clojure/java.classpath "1.0.0"] +[org.clojure/java.jmx "1.0.0"] +[org.clojure/tools.cli "1.0.206"] +[org.clojure/tools.logging "1.2.4"] +[org.clojure/tools.macro "0.1.5"] +[org.clojure/tools.namespace "0.2.11"] +[org.clojure/tools.reader "1.3.6"] +[org.codehaus.janino/janino "3.0.8"] + [org.codehaus.janino/commons-compiler "3.0.8"] +[org.slf4j/jul-to-slf4j "2.0.7"] +[org.slf4j/log4j-over-slf4j "2.0.7"] +[org.slf4j/slf4j-api "2.0.7"] +[org.tcrawley/dynapath "1.1.0"] +[org.yaml/snakeyaml "2.0"] +[prismatic/plumbing "0.4.2"] + [de.kotka/lazymap "3.1.0" :exclusions [[org.clojure/clojure]]] +[prismatic/schema "1.1.12"] +[puppetlabs/clj-shell-utils "2.0.1"] +[puppetlabs/comidi "1.0.0"] + [bidi "2.1.3"] +[puppetlabs/dujour-version-check "1.0.0"] +[puppetlabs/http-client "2.1.3"] + [org.apache.httpcomponents/httpasyncclient "4.1.5"] + [commons-logging "1.2"] + [org.apache.httpcomponents/httpclient "4.5.13"] + [org.apache.httpcomponents/httpcore-nio "4.4.15"] + [org.apache.httpcomponents/httpcore "4.4.15"] +[puppetlabs/i18n "0.9.2"] + [cpath-clj "0.1.2"] + [org.clojure/java.classpath "1.0.0"] + [org.gnu.gettext/libintl "0.18.3"] +[puppetlabs/jruby-utils "5.2.0"] + [clj-commons/fs "1.6.307"] + [org.apache.commons/commons-compress "1.26.0"] + [org.apache.commons/commons-lang3 "3.14.0"] + [org.tukaani/xz "1.8"] + [org.clojure/java.jmx "1.0.0"] + [org.clojure/tools.logging "1.2.4"] + [prismatic/schema "1.1.12"] + [puppetlabs/i18n "0.9.2"] + [cpath-clj "0.1.2"] + [org.clojure/java.classpath "1.0.0"] + [org.gnu.gettext/libintl "0.18.3"] + [puppetlabs/jruby-deps "9.4.8.0-1"] + [org.jruby/jruby-base "9.4.8.0" :exclusions [[joda-time]]] + [com.github.jnr/jffi "1.3.13"] + [com.github.jnr/jffi "1.3.13" :classifier "native"] + [com.github.jnr/jnr-constants "0.10.4" :exclusions [[com.github.jnr/jnr-ffi]]] + [com.github.jnr/jnr-enxio "0.32.17" :exclusions [[com.github.jnr/jnr-ffi]]] + [com.github.jnr/jnr-ffi "2.2.16"] + [com.github.jnr/jnr-a64asm "1.0.0"] + [com.github.jnr/jnr-x86asm "1.0.2"] + [com.github.jnr/jnr-netdb "1.2.0" :exclusions [[com.github.jnr/jnr-ffi]]] + [com.github.jnr/jnr-posix "3.1.19" :exclusions [[com.github.jnr/jnr-ffi]]] + [com.github.jnr/jnr-unixsocket "0.38.22" :exclusions [[com.github.jnr/jnr-ffi]]] + [com.headius/backport9 "1.13"] + [com.headius/invokebinder "1.13"] + [com.headius/options "1.6"] + [me.qmx.jitescript/jitescript "0.4.1" :exclusions [[org.ow2.asm/asm-all]]] + [org.jruby.jcodings/jcodings "1.0.58"] + [org.jruby.joni/joni "2.2.1"] + [org.jruby/dirgra "0.3"] + [org.jruby/jzlib "1.1.5"] + [org.ow2.asm/asm-commons "9.2"] + [org.ow2.asm/asm-analysis "9.2"] + [org.ow2.asm/asm-tree "9.2"] + [org.ow2.asm/asm-util "9.2"] + [org.ow2.asm/asm "9.2"] + [org.jruby/jruby-stdlib "9.4.8.0"] + [org.snakeyaml/snakeyaml-engine "2.7"] + [puppetlabs/kitchensink "3.4.0"] + [digest "1.4.3"] + [org.clojure/tools.cli "1.0.206"] + [org.ini4j/ini4j "0.5.4"] + [org.tcrawley/dynapath "1.1.0"] + [puppetlabs/ring-middleware "2.0.4"] + [puppetlabs/trapperkeeper "4.0.2"] + [beckon "0.1.1"] + [io.github.clj-kondo/config-slingshot-slingshot "1.0.0"] + [nrepl "0.6.0"] + [org.clojure/core.async "1.5.648"] + [org.clojure/tools.analyzer.jvm "1.2.2"] + [org.clojure/core.memoize "1.0.257"] + [org.clojure/core.cache "1.0.225"] + [org.clojure/data.priority-map "1.1.0"] + [org.clojure/tools.analyzer "1.1.0"] + [org.clojure/tools.reader "1.3.6"] + [org.clojure/tools.macro "0.1.5"] + [org.slf4j/log4j-over-slf4j "2.0.7"] + [org.slf4j/slf4j-api "2.0.7"] + [prismatic/plumbing "0.4.2"] + [de.kotka/lazymap "3.1.0" :exclusions [[org.clojure/clojure]]] + [puppetlabs/typesafe-config "0.2.0"] + [com.typesafe/config "1.4.1"] + [slingshot "0.12.2"] +[puppetlabs/kitchensink "3.4.0"] + [digest "1.4.3"] + [org.clojure/tools.cli "1.0.206"] + [org.ini4j/ini4j "0.5.4"] + [org.tcrawley/dynapath "1.1.0"] +[puppetlabs/kitchensink "3.4.0" :classifier "test"] +[puppetlabs/puppetserver "8.11.0"] + [clj-time "0.11.0"] + [joda-time "2.12.5"] + [commons-io "2.15.1"] + [commons-lang "2.6"] + [grimradical/clj-semver "0.3.0" :exclusions [[org.clojure/clojure]]] + [io.dropwizard.metrics/metrics-core "3.2.2"] + [liberator "0.15.2"] + [hiccup "1.0.5"] + [org.clojure/data.csv "0.1.3"] + [org.clojure/data.json "2.4.0"] + [net.logstash.logback/logstash-logback-encoder "7.3"] + [com.fasterxml.jackson.core/jackson-databind "2.14.0"] + [com.fasterxml.jackson.core/jackson-annotations "2.14.0"] + [org.apache.commons/commons-exec "1.4.0"] + [org.yaml/snakeyaml "2.0"] + [puppetlabs/clj-shell-utils "2.0.1"] + [puppetlabs/comidi "1.0.0"] + [bidi "2.1.3"] + [puppetlabs/dujour-version-check "1.0.0"] + [puppetlabs/http-client "2.1.3"] + [org.apache.httpcomponents/httpasyncclient "4.1.5"] + [commons-logging "1.2"] + [org.apache.httpcomponents/httpclient "4.5.13"] + [org.apache.httpcomponents/httpcore-nio "4.4.15"] + [org.apache.httpcomponents/httpcore "4.4.15"] + [puppetlabs/rbac-client "1.1.5"] + [ring/ring-json "0.5.1"] + [puppetlabs/ssl-utils "3.5.2"] + [commons-codec "1.15"] + [puppetlabs/trapperkeeper-authorization "2.0.1"] + [puppetlabs/trapperkeeper-comidi-metrics "0.1.1"] + [puppetlabs/trapperkeeper-filesystem-watcher "1.2.5"] + [puppetlabs/trapperkeeper-scheduler "1.1.3"] + [org.quartz-scheduler/quartz "2.3.2" :exclusions [[c3p0]]] + [com.mchange/c3p0 "0.9.5.4"] + [com.mchange/mchange-commons-java "0.2.15"] + [com.zaxxer/HikariCP-java7 "2.4.13"] + [puppetlabs/trapperkeeper-status "1.2.0"] + [trptcolin/versioneer "0.2.0"] +[puppetlabs/rbac-client "1.1.5"] + [ring/ring-json "0.5.1"] +[puppetlabs/ring-middleware "2.0.4"] +[puppetlabs/ssl-utils "3.5.2"] + [commons-codec "1.15"] +[puppetlabs/trapperkeeper-authorization "2.0.1"] +[puppetlabs/trapperkeeper-comidi-metrics "0.1.1"] +[puppetlabs/trapperkeeper-filesystem-watcher "1.2.5"] +[puppetlabs/trapperkeeper-metrics "2.0.4"] + [cheshire "5.10.2"] + [com.fasterxml.jackson.core/jackson-core "2.14.0"] + [com.fasterxml.jackson.dataformat/jackson-dataformat-cbor "2.12.4" :exclusions [[com.fasterxml.jackson.core/jackson-databind]]] + [com.fasterxml.jackson.dataformat/jackson-dataformat-smile "2.12.4" :exclusions [[com.fasterxml.jackson.core/jackson-databind]]] + [tigris "0.1.2"] + [io.dropwizard.metrics/metrics-graphite "3.2.2"] + [org.jolokia/jolokia-core "1.7.0"] + [com.googlecode.json-simple/json-simple "1.1.1" :exclusions [[junit]]] +[puppetlabs/trapperkeeper-scheduler "1.1.3"] + [org.quartz-scheduler/quartz "2.3.2" :exclusions [[c3p0]]] + [com.mchange/c3p0 "0.9.5.4"] + [com.mchange/mchange-commons-java "0.2.15"] + [com.zaxxer/HikariCP-java7 "2.4.13"] +[puppetlabs/trapperkeeper-status "1.2.0"] + [trptcolin/versioneer "0.2.0"] +[puppetlabs/trapperkeeper "4.0.2"] + [beckon "0.1.1"] + [io.github.clj-kondo/config-slingshot-slingshot "1.0.0"] + [nrepl "0.6.0"] + [org.clojure/core.async "1.5.648"] + [org.clojure/tools.analyzer.jvm "1.2.2"] + [org.clojure/core.memoize "1.0.257"] + [org.clojure/core.cache "1.0.225"] + [org.clojure/data.priority-map "1.1.0"] + [org.clojure/tools.analyzer "1.1.0"] + [org.clojure/tools.reader "1.3.6"] + [org.clojure/tools.macro "0.1.5"] + [org.slf4j/log4j-over-slf4j "2.0.7"] + [org.slf4j/slf4j-api "2.0.7"] + [prismatic/plumbing "0.4.2"] + [de.kotka/lazymap "3.1.0" :exclusions [[org.clojure/clojure]]] + [puppetlabs/typesafe-config "0.2.0"] + [com.typesafe/config "1.4.1"] +[puppetlabs/trapperkeeper "4.0.2" :classifier "test"] +[puppetlabs/typesafe-config "0.2.0"] + [com.typesafe/config "1.4.1"] +[ring/ring-codec "1.1.2"] +[ring/ring-core "1.8.2"] + [commons-fileupload "1.4"] + [crypto-equality "1.0.0"] + [crypto-random "1.2.0"] +[ring/ring-json "0.5.1"] +[ring/ring-servlet "1.8.2"] +[slingshot "0.12.2"] +[trptcolin/versioneer "0.2.0"] + diff --git a/to-ship/ext/fpm.rb b/to-ship/ext/fpm.rb new file mode 100644 index 000000000..8154c87df --- /dev/null +++ b/to-ship/ext/fpm.rb @@ -0,0 +1,486 @@ +#!/usr/bin/env ruby + +require 'open3' +require 'optparse' +require 'ostruct' + +options = OpenStruct.new +# settin' some defaults +options.systemd = 0 +options.sysvinit = 0 +options.systemd_el = 0 +options.systemd_sles = 0 +options.old_el = 0 +options.old_sles = 0 +options.sles = 0 +options.java = 'java-1.8.0-openjdk-headless' +options.release = 1 +options.platform_version = 0 +options.is_pe = false +options.replaces = {} +options.additional_dependencies = [] +options.user = 'puppet' +options.group = 'puppet' +options.additional_dirs = [] +options.sources = [] +options.debug = false +options.logrotate = false +options.termini = false +options.termini_chdir = 'termini' +options.termini_sources = ['opt'] +options.rpm_triggers = [] +options.deb_interest_triggers = [] +options.deb_activate_triggers = [] +options.description = nil +options.termini_description = nil + +OptionParser.new do |opts| + opts.on('-o', '--operating-system OS', [:amazon, :fedora, :el, :redhatfips, :sles, :debian, :ubuntu], 'Select operating system (amazon, fedora, el, redhatfips, sles, debian, ubuntu)') do |o| + options.operating_system = o + end + opts.on('--os-version VERSION', Integer, 'VERSION of the operating system to build for') do |v| + options.os_version = v + end + opts.on('-n', '--name PROJECT', 'Name of the PROJECT to build') do |n| + options.name = n + end + opts.on('--package-version VERSION', 'VERSION of the package to build') do |v| + options.version = v + end + opts.on('--release RELEASE', 'RELEASE of the package') do |r| + options.release = r + end + opts.on('--platform-version VERSION', Integer, 'VERSION of the puppet platform this builds for') do |v| + options.platform_version = v + end + opts.on('--[no-]enterprise-build', 'Whether or not this is a PE build') do |e| + options.is_pe = e + end + opts.on('--replaces ', Array, 'PKG and VERSION replaced by this package. Can be passed multiple times.') do |pkg,ver| + options.replaces[pkg] = ver + end + opts.on('--additional-dependency DEP', 'Additional dependency this package has. Can be passed multiple times.') do |dep| + options.additional_dependencies << dep + end + opts.on('-u', '--user USER', 'USER that should be added with this package') do |user| + options.user = user + end + opts.on('-g', '--group GROUP', 'GROUP that should be added with this package') do |group| + options.group = group + end + opts.on('--create-dir DIR', 'The package should additionally create DIR') do |dir| + options.additional_dirs << dir + end + opts.on('--realname NAME', 'The realname') do |name| + options.realname = name + end + opts.on('--chdir DIR', 'The dir to chdir to before building') do |dir| + options.chdir = dir + end + opts.on('--source ', Array, 'comma-separated list of source dirs') do |dir| + options.sources = dir + end + opts.on('--dist NAME', 'the dist tag') do |dist| + options.dist = dist + end + opts.on('--[no-]debug', 'for debugging purposes') do |d| + options.debug = d + end + opts.on('--[no-]logrotate', 'to logrotate or not to logrotate') do |l| + options.logrotate = l + end + opts.on('--[no-]build-termini', 'whether or not we should build a termini package') do |t| + options.termini = t + end + opts.on('--termini-chdir DIR', 'DIR for the termini build, defaults to "termini"') do |c| + options.termini_chdir = c + end + opts.on('--termini-sources ', Array, 'sources for the termini build, defaults to "opt"') do |c| + options.termini_chdir = c + end + opts.on('--rpm-trigger TRIGGER', 'TRIGGER for the rpm packages, in the format package:file_containing_script') do |t| + options.rpm_triggers << t + end + opts.on('--deb-interest-trigger TRIGGER', 'name of the interest TRIGGER for the deb packages ') do |t| + options.deb_interest_triggers << t + end + opts.on('--deb-activate-trigger TRIGGER', 'name of the activate TRIGGER for the deb packages') do |t| + options.deb_activate_triggers << t + end + opts.on('--description DESCRIPTION', 'description for the package') do |d| + options.description = d + end + opts.on('--termini-description DESCRIPTION', 'description for the termini package') do |d| + options.termini_description = d + end + opts.on_tail("-h", "--help", "Show this message") do + puts opts + exit + end +end.parse! + +# validation +fail "--name is required!" unless options.name +options.realname = options.name if options.realname.nil? +fail "--package-version is required!" unless options.version +fail "--operating-system is required!" unless options.operating_system +options.chdir = options.dist if options.chdir.nil? +options.output_type = case options.operating_system + when :amazon, :fedora, :el, :sles, :redhatfips + 'rpm' + when :debian, :ubuntu + 'deb' + else + fail "Can't figure out the output type for #{options.operating_system}. Teach me?" + end +# don't require the os-version for deb, just require dist +fail "--os-version is required!" unless options.os_version or options.output_type == 'deb' +fail "--dist is required!" if options.output_type == 'deb' && options.dist.nil? +# set some default sources +if options.sources.empty? + options.sources = case options.operating_system + when :amazon, :fedora, :sles, :el, :redhatfips + if options.operating_system == :el && options.os_version < 7 || options.operating_system == :sles && options.os_version < 12 #sysv rpm platforms + ['etc', 'opt', 'var'] + else + ['etc', 'opt', 'usr', 'var'] + end + when :debian, :ubuntu + if options.dist == 'trusty' #trusty is the only sysv deb we build for right now + ['etc', 'opt', 'var'] + else + ['etc', 'lib', 'opt', 'usr', 'var'] + end + else + fail "I don't know what your default sources should be, pass it on the command line!" + end +end +options.dist = "#{options.operating_system}#{options.os_version}" if options.dist.nil? + +fpm_opts = Array('') +shared_opts = Array('') +termini_opts = Array('') + +options.app_logdir = "/var/log/puppetlabs/#{options.realname}" +options.app_rundir = "/var/run/puppetlabs/#{options.realname}" +options.app_prefix = "/opt/puppetlabs/server/apps/#{options.realname}" +options.app_data = "/opt/puppetlabs/server/data/#{options.realname}" + +# rpm specific options +if options.output_type == 'rpm' + + shared_opts << "--rpm-digest sha256" + shared_opts << "--rpm-rpmbuild-define 'rpmversion #{options.version}'" + fpm_opts << "--rpm-rpmbuild-define '_app_logdir #{options.app_logdir}'" + fpm_opts << "--rpm-rpmbuild-define '_app_rundir #{options.app_rundir}'" + fpm_opts << "--rpm-rpmbuild-define '_app_prefix #{options.app_prefix}'" + fpm_opts << "--rpm-rpmbuild-define '_app_data #{options.app_data}'" + + if options.operating_system == :fedora # all supported fedoras are systemd + options.systemd = 1 + options.systemd_el = 1 + elsif options.operating_system == :amazon + fpm_opts << "--depends tzdata-java" + options.java = '(java-17-amazon-corretto-headless or java-11-amazon-corretto-headless)' + options.systemd = 1 + options.systemd_el = 1 + elsif options.operating_system == :el + if options.os_version == 7 + options.java = 'jre-11-headless' + options.java_bin = '/usr/lib/jvm/jre-11/bin/java' + elsif (8..9).include?(options.os_version) + options.java = 'jre-17-headless' + options.java_bin = '/usr/lib/jvm/jre-17/bin/java' + elsif options.os_version == 10 + options.java = 'jre-21-headless' + options.java_bin = '/usr/lib/jvm/jre-21/bin/java' + else + fail "Unrecognized el os version #{options.os_version}" + end + + options.systemd = 1 + options.systemd_el = 1 + elsif options.operating_system == :redhatfips && options.os_version >= 7 # systemd redhatfips + options.systemd = 1 + options.systemd_el = 1 + elsif options.operating_system == :sles && options.os_version >= 12 # systemd sles + options.systemd = 1 + options.systemd_sles = 1 + options.sles = 1 + if ! options.is_pe + options.java = 'java-11-openjdk-headless' + end + elsif options.operating_system == :sles #old sles + options.sysvinit = 1 + options.old_sles = 1 + end + + fpm_opts << "--rpm-rpmbuild-define '_with_sysvinit #{options.sysvinit}'" + fpm_opts << "--rpm-rpmbuild-define '_with_systemd #{options.systemd}'" + fpm_opts << "--rpm-rpmbuild-define '_old_sles #{options.old_sles}'" + fpm_opts << "--rpm-rpmbuild-define '_systemd_el #{options.systemd_el}'" + fpm_opts << "--rpm-rpmbuild-define '_systemd_sles #{options.systemd_sles}'" + fpm_opts << "--rpm-rpmbuild-define '_old_el #{options.old_el}'" + fpm_opts << "--rpm-rpmbuild-define '_sysconfdir /etc'" + fpm_opts << "--rpm-rpmbuild-define '_prefix #{options.app_prefix}'" + fpm_opts << "--rpm-rpmbuild-define '_rundir /var/run'" + fpm_opts << "--rpm-rpmbuild-define '__jar_repack 0'" + + shared_opts << "--rpm-dist #{options.dist}" + + if options.old_el == 1 + fpm_opts << "--depends chkconfig" + elsif options.old_sles == 1 + fpm_opts << "--depends aaa_base" + end + + if options.systemd_el == 1 + fpm_opts << "--depends systemd" + end + + if options.systemd_sles == 1 + fpm_opts << "--rpm-tag '%{?systemd_requires}'" + end + + fpm_opts << "--config-files /etc/puppetlabs/#{options.realname}" + fpm_opts << "--config-files /etc/sysconfig/#{options.realname}" + + options.additional_dirs.each do |dir| + fpm_opts << "--directories #{dir}" + fpm_opts << "--rpm-attr 700,#{options.user},#{options.group}:#{dir}" + end + + options.rpm_triggers.each do |trigger| + fpm_opts << "--rpm-trigger-after-install #{trigger}" + end + + if options.logrotate + fpm_opts << "--config-files /etc/logrotate.d/#{options.realname}" + end + + fpm_opts << "--directories #{options.app_logdir}" + fpm_opts << "--directories /etc/puppetlabs/#{options.realname}" + fpm_opts << "--directories #{options.app_rundir}" + shared_opts << "--rpm-auto-add-directories" + fpm_opts << "--rpm-auto-add-exclude-directories /etc/puppetlabs" + shared_opts << "--rpm-auto-add-exclude-directories /opt/puppetlabs" + fpm_opts << "--rpm-auto-add-exclude-directories /opt/puppetlabs/bin" + fpm_opts << "--rpm-auto-add-exclude-directories /opt/puppetlabs/server" + fpm_opts << "--rpm-auto-add-exclude-directories /opt/puppetlabs/server/apps" + fpm_opts << "--rpm-auto-add-exclude-directories /opt/puppetlabs/server/bin" + fpm_opts << "--rpm-auto-add-exclude-directories /opt/puppetlabs/server/data" + fpm_opts << "--rpm-auto-add-exclude-directories /usr/lib/systemd" + fpm_opts << "--rpm-auto-add-exclude-directories /usr/lib/systemd/system" + fpm_opts << "--rpm-auto-add-exclude-directories /etc/init.d" + fpm_opts << "--rpm-auto-add-exclude-directories /etc/rc.d" + fpm_opts << "--rpm-auto-add-exclude-directories /etc/logrotate.d" + fpm_opts << "--rpm-auto-add-exclude-directories /etc/rc.d/init.d" + fpm_opts << "--rpm-auto-add-exclude-directories /usr/lib/tmpfiles.d" + fpm_opts << "--rpm-auto-add-exclude-directories /var/log/puppetlabs" + fpm_opts << "--rpm-auto-add-exclude-directories /var/run/puppetlabs" + termini_opts << "--rpm-auto-add-exclude-directories /opt/puppetlabs/puppet" + termini_opts << "--rpm-auto-add-exclude-directories /opt/puppetlabs/puppet/lib" + termini_opts << "--rpm-auto-add-exclude-directories /opt/puppetlabs/puppet/lib/ruby" + termini_opts << "--rpm-auto-add-exclude-directories /opt/puppetlabs/puppet/lib/ruby/vendor_ruby" + termini_opts << "--rpm-auto-add-exclude-directories /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet" + termini_opts << "--rpm-auto-add-exclude-directories /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/face" + termini_opts << "--rpm-auto-add-exclude-directories /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/face/node" + termini_opts << "--rpm-auto-add-exclude-directories /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/functions" + termini_opts << "--rpm-auto-add-exclude-directories /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/indirector" + termini_opts << "--rpm-auto-add-exclude-directories /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/indirector/catalog" + termini_opts << "--rpm-auto-add-exclude-directories /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/indirector/facts" + termini_opts << "--rpm-auto-add-exclude-directories /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/indirector/node" + termini_opts << "--rpm-auto-add-exclude-directories /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/indirector/resource" + termini_opts << "--rpm-auto-add-exclude-directories /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/reports" + termini_opts << "--rpm-auto-add-exclude-directories /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util" + termini_opts << "--rpm-auto-add-exclude-directories /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/puppetdb" + fpm_opts << "--rpm-attr 750,#{options.user},#{options.group}:/etc/puppetlabs/#{options.realname}" + fpm_opts << "--rpm-attr 750,#{options.user},#{options.group}:#{options.app_logdir}" + fpm_opts << "--rpm-attr -,#{options.user},#{options.group}:#{options.app_data}" + fpm_opts << "--rpm-attr 755,#{options.user},#{options.group}:#{options.app_rundir}" + + fpm_opts << "--edit" + fpm_opts << "--category 'System Environment/Daemons'" + termini_opts << "--category 'Development/Libraries'" +#deb specific options +elsif options.output_type == 'deb' + if options.dist != "#{options.operating_system}#{options.os_version}" + options.release = "#{options.release}+#{options.dist}" + end + + if ! options.is_pe + options.java = 'openjdk-17-jre-headless | openjdk-11-jre-headless' + end + + fpm_opts << '--deb-build-depends cdbs' + fpm_opts << '--deb-build-depends bc' + fpm_opts << '--deb-build-depends mawk' + fpm_opts << '--deb-build-depends lsb-release' + if options.is_pe + fpm_opts << '--deb-build-depends puppet-agent' + else + fpm_opts << '--deb-build-depends "ruby | ruby-interpreter"' + end + fpm_opts << '--deb-priority optional' + fpm_opts << '--category utils' + options.deb_interest_triggers.each do |trigger| + fpm_opts << "--deb-interest #{trigger}" + end + + options.deb_activate_triggers.each do |trigger| + fpm_opts << "--deb-activate #{trigger}" + end +end + +# generic options! +fpm_opts << "--name #{options.name}" +fpm_opts << "--description '#{options.description}'" unless options.description.nil? +termini_opts << "--name #{options.name}-termini" +termini_opts << "--description '#{options.termini_description}'" unless options.termini_description.nil? +shared_opts << "--version #{options.version}" +shared_opts << "--iteration #{options.release}" +shared_opts << "--vendor 'Vox Pupuli '" +shared_opts << "--maintainer 'Vox Pupuli '" +shared_opts << "--license 'ASL 2.0'" + +shared_opts << "--url http://github.com/openvoxproject" +shared_opts << "--architecture all" + +options.replaces.each do |pkg, version| + # Strip the surrounding quotes since we add them in a certain way here. + # We should probably just fix this in the core code by being smarter with + # as-ruby-literaly, but someone more familiar with Clojure can do that part. + pkg = pkg.delete_prefix("'").delete_suffix("'") + version = version.delete_prefix("'").delete_suffix("'") unless version.nil? + if options.output_type == 'rpm' + val = if version.nil? || version.empty? + "'#{pkg}'" + else + "'#{pkg} <= #{version}-1'" + end + fpm_opts << "--replaces #{val}" + fpm_opts << "--conflicts #{val}" + elsif options.output_type == 'deb' + # why debian, why. + if version.nil? || version.empty? + fpm_opts << "--replaces '#{pkg}'" + fpm_opts << "--conflicts '#{pkg}'" + else + fpm_opts << "--replaces '#{pkg} (<< #{version}-1voxpupuli1)'" + fpm_opts << "--conflicts '#{pkg} (<< #{version}-1voxpupuli1)'" + fpm_opts << "--replaces '#{pkg} (<< #{version}-1puppetlabs1)'" + fpm_opts << "--conflicts '#{pkg} (<< #{version}-1puppetlabs1)'" + fpm_opts << "--replaces '#{pkg} (<< #{version}-1#{options.dist})'" + fpm_opts << "--conflicts '#{pkg} (<< #{version}-1#{options.dist})'" + end + end +end + +# This is kludgy. Make it better one of these days for any package +# that has a corresponding termini package. +if options.name == "openvoxdb" + termini_opts << "--replaces 'puppetdb-termini'" + termini_opts << "--conflicts 'puppetdb-termini'" +end + +if options.is_pe + fpm_opts << "--depends pe-java" + fpm_opts << "--depends pe-puppet-enterprise-release" + fpm_opts << "--depends pe-bouncy-castle-jars" +else + fpm_opts << "--depends '#{options.java}'" +end + +fpm_opts << "--depends bash" +fpm_opts << "--depends net-tools" +fpm_opts << "--depends /usr/bin/which" if options.output_type == 'rpm' +fpm_opts << "--depends adduser" if options.output_type == 'deb' +fpm_opts << "--depends procps" + +termini_opts << "--depends openvox-agent" + +options.additional_dependencies.each do |dep| + fpm_opts << "--depends '#{dep}'" +end + +if options.output_type == 'rpm' + script_dir = 'ext/redhat' +else + script_dir = 'ext/debian' +end + +fpm_opts << "--before-install #{script_dir}/preinst" +fpm_opts << "--after-install #{script_dir}/postinst" +fpm_opts << "--before-remove #{script_dir}/prerm" +fpm_opts << "--after-remove #{script_dir}/postrm" + +fpm_opts << "--force" + +shared_opts << "--output-type #{options.output_type}" +shared_opts << "--input-type dir" +fpm_opts << "--chdir #{options.chdir}" +termini_opts << "--chdir #{options.termini_chdir}" + +fpm_opts << shared_opts +fpm_opts.flatten! + +termini_opts << shared_opts +termini_opts.flatten! + +fpm_opts << "#{options.sources.join(' ')}" +termini_opts << "#{options.termini_sources.join(' ')}" + +# FPM prepends %dir to the %files list entries if the file is a directory +# https://github.com/jordansissel/fpm/blob/a996a8a404f012a4cdc95bce4b1e32b1982839e6/templates/rpm.erb#L249-L250 +# This prevents us from recursively setting ownership/group on files within a directory +# +# There's a bit more we have to work around here. We want to recursively set owner +# and group for everything in the app data dir, but we also want to set the file +# mode for the data dir. Since FPM doesn't let us add multiple attributes for the +# same file, we're going to use the editor to add a second line in to the spec +# file setting up the mode for the top-level directory +# +# This sed command will take +# %dir %attr(-, puppet, puppet) /opt/puppetlabs/server/data/app_name +# +# and convert it into +# %attr(-, puppet, puppet) /opt/puppetlabs/server/data/app_name +# %dir %attr (770, puppet, puppet) /opt/puppetlabs/server/data/app_name +# +# We should either open a issue/PR/etc to make this allowable in fpm, or we +# should refactor how we're building this package to explicitly set the root/root +# ownership for everything we need and set the default user/group attributes to +# be owned by the app user/group. But, in the interim we have this. +fpm_editor = 'FPM_EDITOR="sed -i \'s/%dir %attr(-\(.*\)/%attr(-\1\n%dir %attr(770\1/\'"' + +if options.debug + puts "==========================" + puts "OPTIONS HASH" + puts options + puts "==========================" + puts "==========================" + puts "FPM COMMAND" + puts "#{fpm_editor} fpm #{fpm_opts.join(' ')}" + puts "==========================" + puts "#{Dir.pwd}" +end + +# fpm sends all output to stdout +out, _, stat = Open3.capture3("#{fpm_editor} fpm #{fpm_opts.join(' ')}") +fail "Error trying to run FPM for #{options.dist}!\n#{out}" unless stat.success? + +puts "#{out}" + +if options.termini + if options.debug + puts "==========================" + puts "FPM COMMAND" + puts "fpm #{termini_opts.join(' ')}" + puts "==========================" + end + + # fpm sends all output to stdout + out, _, stat = Open3.capture3("fpm #{termini_opts.join(' ')}") + fail "Error trying to run FPM for the termini for #{options.dist}!\n#{out}" unless stat.success? + puts "#{out}" +end diff --git a/to-ship/ext/project_data.yaml b/to-ship/ext/project_data.yaml new file mode 100644 index 000000000..706570ef2 --- /dev/null +++ b/to-ship/ext/project_data.yaml @@ -0,0 +1,71 @@ +--- +project: 'puppetserver' +author: 'Vox Pupuli' +email: 'openvox@voxpupuli.org' +homepage: 'https://github.com/openvoxproject/ezbake' +summary: 'OpenVox Server' +description: 'OpenVox Server (puppetlabs/puppetserver 8.11.0,org.clojure/clojure 1.11.2,org.bouncycastle/bcpkix-jdk18on 1.78.1,puppetlabs/jruby-utils 5.2.0,puppetlabs/puppetserver 8.11.0,com.puppetlabs/trapperkeeper-webserver-jetty10 1.0.18,puppetlabs/trapperkeeper-metrics 2.0.4)' +version_file: 'version' +# files and gem_files are space separated lists +files: + - ext + - "*.md" + - puppet-server-release.jar + - version + - Gemfile + - Rakefile + - Makefile.erb + - puppet + - install.sh.erb + - ext/fpm.rb +templates: + - source: ext/redhat/ezbake.service.erb + target: ext/redhat/puppetserver.service + - source: ext/default.erb + target: ext/debian/puppetserver.default_file + - source: ext/debian/ezbake.init.erb + target: ext/debian/puppetserver.init_script + - source: ext/debian/ezbake.service.erb + target: ext/debian/puppetserver.service_file + - source: ext/ezbake.logrotate.conf.erb + target: ext/puppetserver.logrotate.conf + - source: ext/ezbake.logrotate-legacy.conf.erb + target: ext/puppetserver.logrotate-legacy.conf + - source: ext/ezbake.tmpfiles.conf.erb + target: ext/puppetserver.tmpfiles.conf + - source: ext/ezbake.needrestart.conf.erb + target: ext/puppetserver.needrestart.conf + - ext/redhat/preinst.erb + - ext/redhat/postinst.erb + - ext/redhat/prerm.erb + - ext/redhat/postrm.erb + - ext/redhat/init.erb + - ext/redhat/init.suse.erb + - ext/debian/postrm.erb + - ext/debian/preinst.erb + - ext/debian/prerm.erb + - ext/debian/postinst.erb + - ext/config/user/conf.d/*.erb + - ext/bin/*.erb + - ext/cli/apps/*.erb + - ext/cli/*.erb + - ext/cli_defaults/*.erb + - ext/default.erb + - ext/ezbake-functions.sh.erb + - Makefile.erb + - install.sh.erb + - controller.sh.erb +tar_excludes: + - .gitignore +build_pe: false +apt_repo_name: openvox8 +apt_nonfinal_repo_name: openvox8-nightly +yum_repo_name: openvox8 +yum_nonfinal_repo_name: openvox8-nightly +repo_name: openvox8 +nonfinal_repo_name: openvox8-nightly +gem_files: +gem_require_path: +gem_test_files: +gem_executables: +gem_default_executables: diff --git a/to-ship/ext/puppetserver.logrotate-legacy.conf b/to-ship/ext/puppetserver.logrotate-legacy.conf new file mode 100644 index 000000000..03ad0e2fb --- /dev/null +++ b/to-ship/ext/puppetserver.logrotate-legacy.conf @@ -0,0 +1,9 @@ +/var/log/puppetlabs/puppetserver/*.log { + weekly + missingok + rotate 12 + compress + copytruncate + notifempty + create 640 puppet puppet +} diff --git a/to-ship/ext/puppetserver.logrotate.conf b/to-ship/ext/puppetserver.logrotate.conf new file mode 100644 index 000000000..6d9bce3e9 --- /dev/null +++ b/to-ship/ext/puppetserver.logrotate.conf @@ -0,0 +1,10 @@ +/var/log/puppetlabs/puppetserver/*.log { + weekly + missingok + rotate 12 + compress + copytruncate + notifempty + su puppet puppet + create 640 puppet puppet +} diff --git a/to-ship/ext/puppetserver.needrestart.conf b/to-ship/ext/puppetserver.needrestart.conf new file mode 100644 index 000000000..aa279882f --- /dev/null +++ b/to-ship/ext/puppetserver.needrestart.conf @@ -0,0 +1 @@ +push @{$nrconf{blacklist_rc}}, qr(^puppetserver) diff --git a/to-ship/ext/puppetserver.tmpfiles.conf b/to-ship/ext/puppetserver.tmpfiles.conf new file mode 100644 index 000000000..27cae2c39 --- /dev/null +++ b/to-ship/ext/puppetserver.tmpfiles.conf @@ -0,0 +1 @@ +d /run/puppetlabs/puppetserver 0755 puppet puppet - diff --git a/to-ship/ext/redhat/init b/to-ship/ext/redhat/init new file mode 100644 index 000000000..09e00e705 --- /dev/null +++ b/to-ship/ext/redhat/init @@ -0,0 +1,139 @@ +#!/bin/bash +# +# Vox Pupuli puppetserver +# +# chkconfig: - 70 10 +# description: Vox Pupuli puppetserver + +### BEGIN INIT INFO +# Provides: puppetserver +# Required-Start: $remote_fs $syslog +# Required-Stop: $remote_fs $syslog +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: puppetserver +# Description: Start puppetserver daemon placed in /etc/init.d. +### END INIT INFO + +# Copyright 2014 Puppet Labs, 2025 Vox Pupuli + +# Source function library. +. /etc/rc.d/init.d/functions + +#set default privileges to -rw-r----- +umask 027 + +prog="puppetserver" +realname="puppetserver" + +########################################## +# You should not have to edit this init script. +# Please attempt to make changes in /etc/sysconfig/puppetserver +########################################## + +[ -e /etc/sysconfig/$prog ] && . /etc/sysconfig/$prog +[ -e "$INSTALL_DIR/ezbake-functions.sh" ] && . "$INSTALL_DIR/ezbake-functions.sh" + +config=$CONFIG + +if [ -d "/run" ]; then + rundir=/run/puppetlabs +else + rundir=/var/run/puppetlabs +fi + +PATH=/sbin:/usr/sbin:/bin:/usr/bin +JARFILE="puppet-server-release.jar" +lockfile=/var/lock/subsys/$prog +PIDFILE="${rundir}/${realname}/${realname}.pid" +START_TIMEOUT=${START_TIMEOUT:-300} + +find_my_pid() { + pid=`pgrep -f "${JARFILE}"` + /usr/bin/install --directory --owner=${USER} --group=${GROUP} --mode=755 "${rundir}/${realname}" + [ -n "$pid" ] && echo $pid > $PIDFILE +} + +start() { + # call status here and figure out current state + rh_status_q + [ -x $JAVA_BIN ] || exit 5 + [ -e $config ] || exit 6 + # Move any heap dumps aside + echo -n $"Starting $prog: " + + + + pushd "${INSTALL_DIR}" &> /dev/null + daemon --user $USER --pidfile $PIDFILE "${INSTALL_DIR}/bin/${realname} start >> /var/log/puppetlabs/${realname}/${realname}-daemon.log 2>&1" + retval=$? + popd &> /dev/null + [ -s $PIDFILE ] && success $"$base startup" || failure $"$base startup" + echo + [ -s $PIDFILE ] && touch $lockfile + + + return $retval +} + +stop() { + echo -n $"Stopping $prog: " + "${INSTALL_DIR}/bin/${realname}" stop + retval=$? + + [ $retval -eq 0 ] && success $"$base stopped" || failure $"$base stopped" + echo + [ $retval -eq 0 ] && rm -f $lockfile $PIDFILE + return $retval +} + +restart() { + stop && start +} + +rh_status() { + find_my_pid + status -p $PIDFILE $prog +} + +rh_status_q() { + rh_status >/dev/null 2>&1 +} + +reload() { + echo -n $"Reloading $prog: " + "${INSTALL_DIR}/bin/${realname}" reload + RETVAL=$? + + [ $RETVAL -eq 0 ] && success $"$base reloaded" || failure $"$base reloaded" + echo + return $RETVAL +} + +case "$1" in + start) + rh_status_q && exit 0 + $1 + ;; + stop) + rh_status_q || exit 0 + $1 + ;; + restart) + $1 + ;; + condrestart|try-restart) + rh_status_q || exit 0 + restart + ;; + reload) + $1 + ;; + status) + rh_status + ;; + *) + echo $"Usage: $0 {start|stop|restart|condrestart|try-restart|reload|status}" + exit 2 +esac +exit $? diff --git a/to-ship/ext/redhat/init.suse b/to-ship/ext/redhat/init.suse new file mode 100644 index 000000000..43ba6b689 --- /dev/null +++ b/to-ship/ext/redhat/init.suse @@ -0,0 +1,148 @@ +#!/bin/bash +# +# Vox Pupuli puppetserver +# +# chkconfig: - 70 10 +# description: Vox Pupuli puppetserver + +### BEGIN INIT INFO +# Provides: puppetserver +# Required-Start: $remote_fs $syslog +# Required-Stop: $remote_fs $syslog +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: puppetserver +# Description: Start puppetserver daemon placed in /etc/init.d. +### END INIT INFO + +# Copyright 2014 Puppet Labs, 2025 Vox Pupuli + +# Source function library. +[ -e /lib/lsb/init-functions ] && . /lib/lsb/init-functions + +#set default privileges to -rw-r----- +umask 027 + +prog="puppetserver" +realname="puppetserver" + +########################################## +# You should not have to edit this init script. +# Please attempt to make changes in /etc/sysconfig/puppetserver +########################################## + +[ -e "/etc/sysconfig/${prog}" ] && . "/etc/sysconfig/${prog}" +[ -e "$INSTALL_DIR/ezbake-functions.sh" ] && . "$INSTALL_DIR/ezbake-functions.sh" + +config=$CONFIG + +PATH=/sbin:/usr/sbin:/bin:/usr/bin +JARFILE="puppet-server-release.jar" +JAVA_ARGS="${JAVA_ARGS} -cp ${INSTALL_DIR}/${JARFILE} clojure.main -m puppetlabs.trapperkeeper.main --config ${CONFIG} -b ${BOOTSTRAP_CONFIG}" +lockfile="/var/lock/subsys/${prog}" +PIDFILE="/run/puppetlabs/${realname}/${realname}.pid" +LOGFILE="/var/log/puppetlabs/${realname}/${realname}-daemon.log" +START_TIMEOUT=${START_TIMEOUT:-300} + +# First reset status of this service +rc_reset + +start() { + local service_pid + [ -x "${JAVA_BIN}" ] || exit 5 + [ -e "${config}" ] || exit 6 + echo -n $"Starting ${prog}: " + + + + # startproc creates logfiles but doesn't set ownership correctly for new + # files. Let's always do this in case the file ownership is wrong. + touch "${LOGFILE}" + chown $USER:$USER "${LOGFILE}" + + export HOME="$(getent passwd ${USER} | cut -d':' -f6)" + + /usr/bin/install --directory --owner=$USER --group=$GROUP --mode=755 "/run/puppetlabs/${realname}" + # startproc will change users, so make sure that user has permission + # to access the present working directory. + cd "${INSTALL_DIR}" + startproc -u "${USER}" -l "${LOGFILE}" -p "${PIDFILE}" -w -- "${INSTALL_DIR}/bin/${realname}" start >/dev/null 2>&1 + [ -n "$(pgrep -f puppet-server-release.jar)" ] + rc_status -v + + retval=$? + if [ "$retval" -eq 0 ]; then + touch "${lockfile}" + fi + + + return $retval +} + +stop() { + echo -n $"Stopping ${prog}: " + "${INSTALL_DIR}/bin/${realname}" stop + rc_status -v + retval=$? + + if [ "$retval" -eq 0 ]; then + rm -f "${lockfile}" + fi + + return $retval +} + +restart() { + stop && start +} + +sl_status_q() { + sl_status > /dev/null 2>&1 +} + +sl_status() { + echo -n $"Checking for service ${prog}: " + checkproc -p "${PIDFILE}" -- "${JAVA_BIN}" "-XX:OnOutOfMemoryError=\"kill -9 %p\"" "${JAVA_ARGS}" + rc_status -v +} + +reload() { + echo -n $"Reloading ${prog}: " + "${INSTALL_DIR}/bin/${realname}" reload + rc_status -v + retval=$? + + if [ "$retval" -ne 0 ] && [ -z $(pgrep -f puppet-server-release.jar) ]; then + rm -f "${lockfile}" + fi + + return $retval +} + +case "$1" in + start) + sl_status_q && exit 0 + start + ;; + stop) + sl_status_q || exit 0 + stop + ;; + restart) + restart + ;; + condrestart|try-restart) + sl_status_q || exit 0 + restart + ;; + reload|force-reload) + reload + ;; + status) + sl_status + ;; + *) + echo $"Usage: ${0} {start|stop|restart|condrestart|try-restart|reload|force-reload|status}" + exit 2 +esac +exit $? diff --git a/to-ship/ext/redhat/postinst b/to-ship/ext/redhat/postinst new file mode 100644 index 000000000..17c1eab1d --- /dev/null +++ b/to-ship/ext/redhat/postinst @@ -0,0 +1,24 @@ +# Run these unconditionally +%{_app_prefix}/scripts/install.sh postinst_redhat +# Only run these on initial install, not ugrades +if [ "$1" = "1" ]; then + %{_app_prefix}/scripts/install.sh postinst_redhat_install +fi +%if %{_with_systemd} +# Reload the systemd units +systemctl daemon-reload >/dev/null 2>&1 || : +%endif +%if %{_systemd_el} +%systemd_post puppetserver.service +%endif +%if %{_systemd_sles} +%service_add_post puppetserver.service +%endif +%if %{_with_sysvinit} +# If this is an install (as opposed to an upgrade)... +if [ "$1" = "1" ]; then + # Register the puppetserver service + /sbin/chkconfig --add %{name} +fi +%endif + diff --git a/to-ship/ext/redhat/postrm b/to-ship/ext/redhat/postrm new file mode 100644 index 000000000..0a6db9957 --- /dev/null +++ b/to-ship/ext/redhat/postrm @@ -0,0 +1,18 @@ +%if %{_systemd_el} +%systemd_postun_with_restart puppetserver.service +%endif +%if %{_systemd_sles} +%service_del_postun puppetserver.service +%endif +%if %{_with_sysvinit} +# Remove the rundir if this is an uninstall (as opposed to an upgrade)... +if [ "$1" = "0" ]; then + rm -rf %{_app_rundir} +fi + +# Only restart it if it is running +if [ "$1" = "1" ] ; then + /sbin/service %{name} condrestart >/dev/null 2>&1 +fi +%endif + diff --git a/to-ship/ext/redhat/preinst b/to-ship/ext/redhat/preinst new file mode 100644 index 000000000..e1ce70e97 --- /dev/null +++ b/to-ship/ext/redhat/preinst @@ -0,0 +1,17 @@ +# Note: changes to this section of the spec may require synchronisation with the +# install.sh source based installation methodology. +# +# Add puppet group +getent group puppet >/dev/null || groupadd --system --force --gid 52 puppet + +# Add puppet user +if getent passwd puppet > /dev/null; then + usermod --gid puppet --home %{_app_data} \ + --comment "puppetserver daemon" puppet || : +else + useradd_options=('--system' '--gid' 'puppet' '--home' '%{_app_data}' '--shell' "$(which nologin)" '--comment' 'puppetserver daemon') + if ! getent passwd 52 > /dev/null; then + useradd_options+=('--uid' '52') + fi + useradd "${useradd_options[@]}" puppet || : +fi diff --git a/to-ship/ext/redhat/prerm b/to-ship/ext/redhat/prerm new file mode 100644 index 000000000..b16879022 --- /dev/null +++ b/to-ship/ext/redhat/prerm @@ -0,0 +1,14 @@ +%if %{_systemd_el} +%systemd_preun puppetserver.service +%endif +%if %{_systemd_sles} +%service_del_preun puppetserver.service +%endif +%if %{_with_sysvinit} +# If this is an uninstall (as opposed to an upgrade) then +# we want to shut down and disable the service. +if [ "$1" = "0" ] ; then + /sbin/service %{name} stop >/dev/null 2>&1 + /sbin/chkconfig --del %{name} +fi +%endif diff --git a/to-ship/ext/redhat/puppetserver.service b/to-ship/ext/redhat/puppetserver.service new file mode 100644 index 000000000..9370b65b1 --- /dev/null +++ b/to-ship/ext/redhat/puppetserver.service @@ -0,0 +1,46 @@ +# +# Local settings can be configured without being overwritten by package upgrades, for example +# if you want to increase puppetserver open-files-limit to 10000, +# you need to increase systemd's LimitNOFILE setting, so create a file named +# "/etc/systemd/system/puppetserver.service.d/limits.conf" containing: +# [Service] +# LimitNOFILE=10000 +# You can confirm it worked by running systemctl daemon-reload +# then running systemctl show puppetserver | grep LimitNOFILE +# +[Unit] +Description=puppetserver Service +After=syslog.target network.target nss-lookup.target + +[Service] +Type=forking +EnvironmentFile=/etc/sysconfig/puppetserver +User=puppet +TimeoutStartSec=300 +TimeoutStopSec=60 +Restart=on-failure +StartLimitBurst=5 +PIDFile=/run/puppetlabs/puppetserver/puppetserver.pid + +# https://tickets.puppetlabs.com/browse/EZ-129 +# Prior to systemd v228, TasksMax was unset by default, and unlimited. Starting in 228 a default of '512' +# was implemented. This is low enough to cause problems for certain applications. In systemd 231, the +# default was changed to be 15% of the default kernel limit. This explicitly sets TasksMax to 4915, +# which should match the default in systemd 231 and later. +# See https://github.com/systemd/systemd/issues/3211#issuecomment-233676333 +TasksMax=4915 + +#set default privileges to -rw-r----- +UMask=027 + + +ExecReload=/opt/puppetlabs/server/apps/puppetserver/bin/puppetserver reload +ExecStart=/opt/puppetlabs/server/apps/puppetserver/bin/puppetserver start +ExecStop=/opt/puppetlabs/server/apps/puppetserver/bin/puppetserver stop + +KillMode=process + +SuccessExitStatus=143 + +[Install] +WantedBy=multi-user.target diff --git a/to-ship/ext/system-config/services.d/bootstrap.cfg b/to-ship/ext/system-config/services.d/bootstrap.cfg new file mode 100644 index 000000000..e32149cb5 --- /dev/null +++ b/to-ship/ext/system-config/services.d/bootstrap.cfg @@ -0,0 +1,16 @@ +puppetlabs.services.request-handler.request-handler-service/request-handler-service +puppetlabs.services.jruby.jruby-puppet-service/jruby-puppet-pooled-service +puppetlabs.services.jruby-pool-manager.jruby-pool-manager-service/jruby-pool-manager-service +puppetlabs.services.puppet-profiler.puppet-profiler-service/puppet-profiler-service +puppetlabs.trapperkeeper.services.webserver.jetty10-service/jetty10-service +puppetlabs.trapperkeeper.services.webrouting.webrouting-service/webrouting-service +puppetlabs.services.config.puppet-server-config-service/puppet-server-config-service +puppetlabs.services.master.master-service/master-service +puppetlabs.services.puppet-admin.puppet-admin-service/puppet-admin-service +puppetlabs.trapperkeeper.services.authorization.authorization-service/authorization-service +puppetlabs.services.versioned-code-service.versioned-code-service/versioned-code-service +puppetlabs.trapperkeeper.services.scheduler.scheduler-service/scheduler-service +puppetlabs.trapperkeeper.services.status.status-service/status-service +puppetlabs.trapperkeeper.services.metrics.metrics-service/metrics-service +puppetlabs.trapperkeeper.services.metrics.metrics-service/metrics-webservice +puppetlabs.services.jruby.jruby-metrics-service/jruby-metrics-service diff --git a/to-ship/install.sh b/to-ship/install.sh new file mode 100644 index 000000000..d314be6ea --- /dev/null +++ b/to-ship/install.sh @@ -0,0 +1,449 @@ +#!/usr/bin/env bash + +set -e + +if [ -n "${EZ_VERBOSE}" ]; then + set -x +fi + +USE_TASKSMAX=${USE_TASKSMAX:-true} + +# Warning: This variable API is experimental so these variables may be subject +# to change in the future. +prefix=${prefix:=/usr} +initdir=${initdir:=/etc/init.d} +unitdir_redhat=${unitdir:-/usr/lib/systemd/system} +unitdir_debian=${unitdir:-/lib/systemd/system} +defaultsdir_redhat=${defaultsdir:-/etc/sysconfig} +defaultsdir_debian=${defaultsdir:-/etc/default} +tmpfilesdir=${tmpfilesdir:=/usr/lib/tmpfiles.d} +datadir=${datadir:=${prefix}/share} +real_name=${real_name:=puppetserver} +projdatadir=${projdatadir:=${datadir}/${real_name}} +confdir=${confdir:=/etc} +projconfdir=${projconfdir:=${confdir}/puppetlabs/${real_name}} +rundir=${rundir:=/var/run/puppetlabs/${real_name}} +# Application specific bin directory +bindir=${bindir:=/opt/puppetlabs/server/apps/${real_name}/bin} +# User facing bin directory, expected to be added to interactive shell PATH +uxbindir=${uxbindir:=/opt/puppetlabs/bin} +# symlinks of server binaries +symbindir=${symbindir:=/opt/puppetlabs/server/bin} +app_prefix=${app_prefix:=/opt/puppetlabs/server/apps/${real_name}} +dest_apps_dir="${DESTDIR}${app_prefix}" +app_data=${app_data:=/opt/puppetlabs/server/data/${real_name}} +app_logdir=${app_logdir:=/var/log/puppetlabs/${real_name}} +system_config_dir=${system_config_dir:=${app_prefix}/config} +needrestart_confdir=${needrestart_dir:=/etc/needrestart/conf.d} + + +################## +# EZBake Vars # +################## + +if [ -n "${EZ_VERBOSE}" ]; then + set +x + echo "#-------------------------------------------------#" + echo "The following variables are set: " + echo + env | sort + + echo + echo "End of variable print." + echo "#-------------------------------------------------#" + set -x +fi + +################## +# Task functions # +################## + +# The below functions are exposed to the user to be able to be called from +# the command line directly. + +# Catch all, to install the lot, with osdetection included etc. +function task_all { + task service + task termini +} + +# Run installer, and automatically choose correct tasks using os detection. +function task_service { + osdetection + + if [ "$OSFAMILY" = "RedHat" ]; then + unitdir=${unitdir_redhat} + defaultsdir=${defaultsdir_redhat} + if [ $MAJREV -lt 7 ]; then + task install_source_rpm_sysv + else + task install_source_rpm_systemd + fi + elif [ "$OSFAMILY" = "Debian" ]; then + unitdir=${unitdir_debian} + defaultsdir=${defaultsdir_debian} + sysv_codenames=("squeeze" "wheezy" "lucid" "precise" "trusty") + if $(echo ${sysv_codenames[@]} | grep -q $CODENAME) ; then + task install_source_deb_sysv + else + task install_source_deb_systemd + fi + else + echo "Unsupported platform, exiting ..." + exit 1 + fi +} + +# Source based install for Redhat based + sysv setups +function task_install_source_rpm_sysv { + task preinst_redhat + task install_redhat + task sysv_init_redhat + task logrotate_legacy + task postinst_redhat + task postinst_permissions +} + +# Source based install for Redhat based + systemd setups +function task_install_source_rpm_systemd { + task preinst_redhat + task install_redhat + task systemd_redhat + task logrotate + task postinst_redhat + task postinst_permissions +} + +# Source based install for Debian based + sysv setups +function task_install_source_deb_sysv { + task preinst_deb + task install_deb + task sysv_init_deb + task logrotate + task postinst_deb +} + +# Source based install for Debian based + systemd setups +function task_install_source_deb_systemd { + task preinst_deb + task install_deb + task systemd_deb + task logrotate + task postinst_deb +} + +# install docs for debian based systems +function task_install_docs_deb { + if [ -d ext/docs ]; then + install -d "${DESTDIR}${app_prefix}/share/doc/puppetserver" + cp -a ext/docs "${DESTDIR}${app_prefix}/share/doc/puppetserver" + fi +} + +# install docs for rpm based systems +function task_install_docs_rpm { + if [ -d ext/docs ]; then + install -d "${DESTDIR}${app_prefix}/share/doc/puppetserver-8.11.0" + cp -a ext/docs "${DESTDIR}${app_prefix}/share/doc/puppetserver-8.11.0" + fi +} + +# Install the ezbake package software. This step is used during RPM & +# Debian packaging during the 'install' phases. +function task_install { + install -d -m 0755 "${dest_apps_dir}" + install -d -m 0770 "${DESTDIR}${app_data}" + install -m 0644 puppet-server-release.jar "${dest_apps_dir}" + install -m 0755 ext/ezbake-functions.sh "${dest_apps_dir}" + install -m 0644 ext/ezbake.manifest "${dest_apps_dir}" + install -d -m 0755 "${DESTDIR}${projconfdir}/conf.d" + + + install -d -m 0755 "${DESTDIR}${system_config_dir}/services.d" + install -d -m 0755 "${DESTDIR}${projconfdir}/services.d" + + install -m 0644 ext/system-config/services.d/bootstrap.cfg "${DESTDIR}${system_config_dir}/services.d/bootstrap.cfg" + + install -m 0644 ext/config/conf.d/puppetserver.conf "${DESTDIR}${projconfdir}/conf.d/puppetserver.conf" + install -m 0644 ext/config/request-logging.xml "${DESTDIR}${projconfdir}/request-logging.xml" + install -m 0644 ext/config/logback.xml "${DESTDIR}${projconfdir}/logback.xml" + install -m 0644 ext/config/conf.d/global.conf "${DESTDIR}${projconfdir}/conf.d/global.conf" + install -m 0644 ext/config/conf.d/web-routes.conf "${DESTDIR}${projconfdir}/conf.d/web-routes.conf" + install -m 0644 ext/config/conf.d/auth.conf "${DESTDIR}${projconfdir}/conf.d/auth.conf" + install -m 0644 ext/config/conf.d/metrics.conf "${DESTDIR}${projconfdir}/conf.d/metrics.conf" + install -m 0644 ext/config/conf.d/ca.conf "${DESTDIR}${projconfdir}/conf.d/ca.conf" + install -m 0644 ext/config/conf.d/webserver.conf "${DESTDIR}${projconfdir}/conf.d/webserver.conf" + install -m 0644 ext/config/services.d/ca.cfg "${DESTDIR}${projconfdir}/services.d/ca.cfg" + + install -d -m 0755 "${dest_apps_dir}/scripts" + install -m 0755 install.sh "${dest_apps_dir}/scripts" + + install -d -m 0755 "${dest_apps_dir}/cli" + install -d -m 0755 "${dest_apps_dir}/cli/apps" + install -d -m 0755 "${DESTDIR}${bindir}" + install -m 0755 "ext/bin/${real_name}" "${DESTDIR}${bindir}/${real_name}" + install -d -m 0755 "${DESTDIR}${symbindir}" + ln -s "../apps/${real_name}/bin/${real_name}" "${DESTDIR}${symbindir}/${real_name}" + install -d -m 0755 "${DESTDIR}${uxbindir}" + ln -s "../server/apps/${real_name}/bin/${real_name}" "${DESTDIR}${uxbindir}/${real_name}" + install -m 0755 ext/cli/foreground "${dest_apps_dir}/cli/apps/foreground" + install -m 0755 ext/cli/irb "${dest_apps_dir}/cli/apps/irb" + install -m 0755 ext/cli/ca "${dest_apps_dir}/cli/apps/ca" + install -m 0755 ext/cli/gem "${dest_apps_dir}/cli/apps/gem" + install -m 0755 ext/cli/stop "${dest_apps_dir}/cli/apps/stop" + install -m 0755 ext/cli/start "${dest_apps_dir}/cli/apps/start" + install -m 0755 ext/cli/ruby "${dest_apps_dir}/cli/apps/ruby" + install -m 0755 ext/cli/reload "${dest_apps_dir}/cli/apps/reload" + install -m 0755 ext/cli/prune "${dest_apps_dir}/cli/apps/prune" + +if [ -e "ext/cli_defaults/cli-defaults.sh" ]; then + install -m 0755 ext/cli_defaults/cli-defaults.sh "${dest_apps_dir}/cli/" +fi + + install -d -m 0755 "${DESTDIR}${rundir}" + install -d -m 700 "${DESTDIR}${app_logdir}" + install -d -m 700 "${DESTDIR}/opt/puppetlabs/server/data/puppetserver/jars" + install -d -m 700 "${DESTDIR}/opt/puppetlabs/server/data/puppetserver/yaml" +} + +function task_install_redhat { + task install + task install_docs_rpm + bash ./ext/build-scripts/install-vendored-gems.sh +} + +function task_install_deb { + task install + task install_docs_deb + bash ./ext/build-scripts/install-vendored-gems.sh +} + + +function task_defaults_redhat { + install -d -m 0755 "${DESTDIR}${defaultsdir_redhat}" + install -m 0644 ext/default "${DESTDIR}${defaultsdir_redhat}/puppetserver" +} + +function task_defaults_deb { + install -d -m 0755 "${DESTDIR}${defaultsdir_debian}" + install -m 0644 ext/debian/puppetserver.default_file "${DESTDIR}${defaultsdir_debian}/puppetserver" +} + +# Install the sysv and defaults configuration for Redhat. +function task_sysv_init_redhat { + task defaults_redhat + install -d -m 0755 "${DESTDIR}${initdir}" + install -m 0755 ext/redhat/init "${DESTDIR}${initdir}/puppetserver" +} + +# Install the sysv and defaults configuration for SuSE. +function task_sysv_init_suse { + task defaults_redhat + install -d -m 0755 "${DESTDIR}${initdir}" + install -m 0755 ext/redhat/init.suse "${DESTDIR}${initdir}/puppetserver" +} + +# Install the systemd and defaults configuration for Redhat. +function task_systemd_redhat { + task defaults_redhat + install -d -m 0755 "${DESTDIR}${unitdir_redhat}" + install -m 0644 ext/redhat/puppetserver.service "${DESTDIR}${unitdir_redhat}/puppetserver.service" + install -d -m 0755 "${DESTDIR}${tmpfilesdir}" + install -m 0644 ext/puppetserver.tmpfiles.conf "${DESTDIR}${tmpfilesdir}/puppetserver.conf" +} + +# Install the sysv and defaults configuration for Debian. +function task_sysv_init_deb { + task defaults_deb + install -d -m 0755 "${DESTDIR}${initdir}" + install -m 0755 ext/debian/puppetserver.init_script "${DESTDIR}${initdir}/puppetserver" + install -d -m 0755 "${DESTDIR}${rundir}" +} + +# Install the systemd/sysv and defaults configuration for Debian. +function task_systemd_deb { + task sysv_init_deb + install -d -m 0755 "${DESTDIR}${unitdir_debian}" + install -m 0644 ext/debian/puppetserver.service_file "${DESTDIR}${unitdir_debian}/puppetserver.service" + if [ "$USE_TASKSMAX" == "false" ]; then + sed -i "s/^TasksMax/# Don't set TasksMax since the option doesn't exist\n# TasksMax/" "${DESTDIR}${unitdir_debian}/puppetserver.service" + fi + install -d -m 0755 "${DESTDIR}${tmpfilesdir}" + install -m 0644 ext/puppetserver.tmpfiles.conf "${DESTDIR}${tmpfilesdir}/puppetserver.conf" + install -d -m 0755 "${DESTDIR}${needrestart_confdir}" + install -m 0644 ext/puppetserver.needrestart.conf "${DESTDIR}${needrestart_confdir}/puppetserver.conf" +} + +function task_service_account { + # Add puppet group + getent group puppet > /dev/null || \ + groupadd -r puppet || : + # Add or update puppet user + if getent passwd puppet > /dev/null; then + usermod --gid puppet --home "${app_data}" \ + --comment "puppetserver daemon" puppet || : + else + useradd -r --gid puppet --home "${app_data}" --shell $(which nologin) \ + --comment "puppetserver daemon" puppet || : + fi +} + +# RPM based pre-installation tasks. +# Note: Any changes to this section may require synchronisation with the +# packaging, due to the fact that we can't access this script from the pre +# section of an rpm/deb. +function task_preinst_redhat { + task service_account +} + +# Debian based pre-installation tasks. +# Note: Any changes to this section may require synchronisation with the +# packaging, due to the fact that we can't access this script from the pre +# section of an rpm/deb. +function task_preinst_deb { + task service_account +} + +# Debian based unconditional post-installation tasks. +function task_postinst_deb { + task postinst_permissions +} + +# Debian based install post-installation tasks. +function task_postinst_deb_install { + : # Null command in case additional_postinst_install is empty + install --owner=puppet --group=puppet -d /opt/puppetlabs/server/data/puppetserver/jruby-gems + /opt/puppetlabs/puppet/bin/puppet config set --section master vardir /opt/puppetlabs/server/data/puppetserver + /opt/puppetlabs/puppet/bin/puppet config set --section master logdir /var/log/puppetlabs/puppetserver + /opt/puppetlabs/puppet/bin/puppet config set --section master rundir /var/run/puppetlabs/puppetserver + /opt/puppetlabs/puppet/bin/puppet config set --section master pidfile /var/run/puppetlabs/puppetserver/puppetserver.pid + /opt/puppetlabs/puppet/bin/puppet config set --section master codedir /etc/puppetlabs/code + usermod --home /opt/puppetlabs/server/data/puppetserver puppet + install --directory --owner=puppet --group=puppet --mode=775 /opt/puppetlabs/server/data + install --directory /etc/puppetlabs/puppet/ssl + chown -R puppet:puppet /etc/puppetlabs/puppet/ssl + find /etc/puppetlabs/puppet/ssl -type d -print0 | xargs -0 chmod 770 +} + +# RPM based unconditional post-installation tasks. +function task_postinst_redhat { + : # Null command in case additional_postinst is empty +} + +# RPM based install post-installation tasks. +function task_postinst_redhat_install { + : # Null command in case additional_postinst_install is empty + install --owner=puppet --group=puppet -d /opt/puppetlabs/server/data/puppetserver/jruby-gems + /opt/puppetlabs/puppet/bin/puppet config set --section master vardir /opt/puppetlabs/server/data/puppetserver + /opt/puppetlabs/puppet/bin/puppet config set --section master logdir /var/log/puppetlabs/puppetserver + /opt/puppetlabs/puppet/bin/puppet config set --section master rundir /var/run/puppetlabs/puppetserver + /opt/puppetlabs/puppet/bin/puppet config set --section master pidfile /var/run/puppetlabs/puppetserver/puppetserver.pid + /opt/puppetlabs/puppet/bin/puppet config set --section master codedir /etc/puppetlabs/code + usermod --home /opt/puppetlabs/server/data/puppetserver puppet + install --directory --owner=puppet --group=puppet --mode=775 /opt/puppetlabs/server/data + install --directory /etc/puppetlabs/puppet/ssl + chown -R puppet:puppet /etc/puppetlabs/puppet/ssl + find /etc/puppetlabs/puppet/ssl -type d -print0 | xargs -0 chmod 770 +} + +# Global post installation permissions setup. Not to be used by Redhat +# during package based installation, as this is done by the RPM itself +# by the %files definitions +function task_postinst_permissions { + chown puppet:puppet /var/log/puppetlabs/puppetserver + chmod 700 /var/log/puppetlabs/puppetserver + chown puppet:puppet $app_data + chmod 770 $app_data + chown puppet:puppet $projconfdir + chmod 750 $projconfdir + chown puppet:puppet $rundir + chmod 0755 $rundir + chown puppet:puppet /opt/puppetlabs/server/data/puppetserver/jars + chmod 700 /opt/puppetlabs/server/data/puppetserver/jars + chown puppet:puppet /opt/puppetlabs/server/data/puppetserver/yaml + chmod 700 /opt/puppetlabs/server/data/puppetserver/yaml +} + +# Install logrotate (usually el7, fedora 16 and above) +function task_logrotate { + install -d -m 0755 "${DESTDIR}${confdir}/logrotate.d" + cp -pr ext/puppetserver.logrotate.conf "${DESTDIR}${confdir}/logrotate.d/puppetserver" +} + +# Install legacy logrotate +function task_logrotate_legacy { + install -d -m 0755 "${DESTDIR}${confdir}/logrotate.d" + cp -pr ext/puppetserver.logrotate-legacy.conf "${DESTDIR}${confdir}/logrotate.d/puppetserver" +} + +################## +# Misc functions # +################## + +# Print output only if EZ_VERBOSE is set +function debug_echo { + if [ -n "${EZ_VERBOSE}" ]; then + echo $@ + fi +} + +# Do basic OS detection using facter. +function osdetection { + OSFAMILY=`facter osfamily` + MAJREV=`facter operatingsystemmajrelease` + CODENAME=`facter os.distro.codename` + + debug_echo "OS Detection results" + debug_echo + debug_echo "OSFAMILY: ${OSFAMILY}" + debug_echo "MAJREV: ${MAJREV}" + debug_echo "CODENAME: ${CODENAME}" + debug_echo +} + +# Run a task +# Accepts: +# $1 = task to run +function task { + local task=$1 + shift + debug_echo "Running task ${task} ..." + eval task_$task $@ +} + +# List available tasks +# +# Gathers a list of all functions starting with task_ so it can be displayed +# or used by other functions. +function available_tasks { + declare -F | awk '{ print $3 }' | grep '^task_*' | cut -c 6- +} + +# Dispatch a task from the CLI +# Accepts: +# $1 = task to dispatch +function dispatch { + local task=$1 + shift + if [ -z "$task" ]; then + echo "Starting full installation ..." + echo + task all + elif [ "$1" = "-h" ]; then + echo "Usage: $0 " + echo + echo "Choose from one of the following tasks:" + echo + echo "$(available_tasks)" + echo + echo "Warning: this task system is still experimental and may be subject to change without notice" + return 1 + else + task $task $@ + fi +} + +######## +# Main # +######## +dispatch $@