summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSilvio Rhatto <rhatto@riseup.net>2016-03-21 11:28:12 -0300
committerSilvio Rhatto <rhatto@riseup.net>2016-03-21 11:28:12 -0300
commit6ebba3b8240d58ae749216ffa6254b9f7d2a2b9d (patch)
tree4e9745c0c73d74cb85fe91e1113f20652bb9c4f8
parente40b3514e041a4bb2aac962b639c947333365b4b (diff)
parent8addf3ea71f50050a791e618bd4511860264c0de (diff)
downloadhydra-6ebba3b8240d58ae749216ffa6254b9f7d2a2b9d.tar.gz
hydra-6ebba3b8240d58ae749216ffa6254b9f7d2a2b9d.tar.bz2
Merge branch 'master' into develop
Conflicts: TODO.md share/hydra/install share/hydra/mass share/hydractl/bootstrap share/hydractl/puppet-enable share/hydractl/system-upgrade
-rw-r--r--TODO.md2
-rwxr-xr-xshare/hydra/install15
-rw-r--r--share/hydra/inventory0
-rwxr-xr-xshare/hydra/list-sites38
-rwxr-xr-xshare/hydra/mass4
l---------share/hydra/mass-update1
-rwxr-xr-xshare/hydra/puppet-finger26
-rwxr-xr-xshare/hydra/puppet-trigger32
-rwxr-xr-xshare/hydra/whereis25
-rwxr-xr-xshare/hydractl/bootstrap36
-rwxr-xr-xshare/hydractl/dist-upgrade190
-rwxr-xr-xshare/hydractl/puppet-clean-stored91
l---------share/hydractl/puppet-disable1
-rwxr-xr-xshare/hydractl/puppet-enable47
-rwxr-xr-xshare/hydractl/puppet-finger74
-rwxr-xr-xshare/hydractl/puppet-initialize20
-rwxr-xr-xshare/hydractl/puppet-install20
-rwxr-xr-xshare/hydractl/puppet-reset-agent21
-rwxr-xr-xshare/hydractl/puppet-reset-master52
-rwxr-xr-xshare/hydractl/puppet-reset-stored23
-rwxr-xr-xshare/hydractl/puppet-setup-stored24
-rwxr-xr-xshare/hydractl/puppet-trigger23
-rwxr-xr-xshare/hydractl/puppet-update28
-rwxr-xr-xshare/hydractl/requirements24
l---------[-rwxr-xr-x]share/hydractl/system-upgrade180
25 files changed, 207 insertions, 790 deletions
diff --git a/TODO.md b/TODO.md
index 94ca81a..f6b48ee 100644
--- a/TODO.md
+++ b/TODO.md
@@ -9,6 +9,8 @@ Hydra
- bootless: properly support `$subdevice` in parted or always use first partition (like `/dev/sdb1`).
- init: add new repositories as superproject's submodules.
- newnode: do not generate manifest file, only hiera.
+- ssh-config: hydra integration.
+- init: version control in the superproject?
- deploy:
- fix /etc/puppet permissions.
- import keys and certs.
diff --git a/share/hydra/install b/share/hydra/install
index 6a3c07f..00154b7 100755
--- a/share/hydra/install
+++ b/share/hydra/install
@@ -28,15 +28,14 @@ if [ -z "$NODES" ]; then
NODES="`hydra $HYDRA nodes`"
fi
-# Validation
-if [ -z "$ORIGIN" ]; then
- ORIGIN="git://git.fluxo.info/hydra.git"
-else
- ORIGIN_CONFIG="`hydra $HYDRA config git`"
+# Get origin
+ORIGIN_CONFIG="`hydra $HYDRA config git`"
- if [ ! -z "$ORIGIN_CONFIG" ]; then
- ORIGIN="$ORIGIN_CONFIG/hydra.git"
- fi
+# Validate origin
+if [ ! -z "$ORIGIN_CONFIG" ]; then
+ ORIGIN="$ORIGIN_CONFIG/hydra.git"
+else
+ ORIGIN="git://git.fluxo.info/hydra.git"
fi
# Deploy
diff --git a/share/hydra/inventory b/share/hydra/inventory
deleted file mode 100644
index e69de29..0000000
--- a/share/hydra/inventory
+++ /dev/null
diff --git a/share/hydra/list-sites b/share/hydra/list-sites
deleted file mode 100755
index 3778e8b..0000000
--- a/share/hydra/list-sites
+++ /dev/null
@@ -1,38 +0,0 @@
-#!/bin/bash
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU Affero General Public License as
-# published by the Free Software Foundation, either version 3 of the
-# License, or (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU Affero General Public License for more details.
-#
-# You should have received a copy of the GNU Affero General Public
-# License along with this program. If not, see
-# <http://www.gnu.org/licenses/>.
-
-# Load.
-source $APP_BASE/lib/hydra/functions || exit 1
-hydra_config_load
-
-# Parameters
-BASENAME="`basename $0`"
-LAYER="$1"
-DOMAIN="`hydra $HYDRA config domain`"
-
-# Checks
-if [ -z "$LAYER" ]; then
- echo "usage: $BASENAME <node>"
- exit 1
-elif [ -z "$DOMAIN" ]; then
- echo "Please set 'domain' at $HYDRA hydra config."
- exit 1
-fi
-
-# This is crude but we're in a hurry!
-if [ -e "$PUPPET/manifests/classes/websites.pp" ]; then
- cat $PUPPET/manifests/classes/websites.pp | perl -pe 's/[,:]\n$//;' | grep $LAYER | grep apache::site | cut -d '"' -f 2
-fi
diff --git a/share/hydra/mass b/share/hydra/mass
index 928836f..a716bae 100755
--- a/share/hydra/mass
+++ b/share/hydra/mass
@@ -61,9 +61,7 @@ BASEDIR="/tmp"
set_nodes
# Validation
-if [ "$BASENAME" == "mass-update" ]; then
- COMMAND="apt-get update"
-elif [ "$BASENAME" == "mass-upgrade" ]; then
+if [ "$BASENAME" == "mass-upgrade" ]; then
COMMAND="DEBIAN_FRONTEND=noninteractive hydractl upgrade clean"
elif [ "$BASENAME" == "mass-web" ]; then
set_nodes web
diff --git a/share/hydra/mass-update b/share/hydra/mass-update
deleted file mode 120000
index 698f7d4..0000000
--- a/share/hydra/mass-update
+++ /dev/null
@@ -1 +0,0 @@
-mass \ No newline at end of file
diff --git a/share/hydra/puppet-finger b/share/hydra/puppet-finger
deleted file mode 100755
index a96800b..0000000
--- a/share/hydra/puppet-finger
+++ /dev/null
@@ -1,26 +0,0 @@
-#!/bin/bash
-#
-# Check puppet fingerprints, hydra perspective.
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU Affero General Public License as
-# published by the Free Software Foundation, either version 3 of the
-# License, or (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU Affero General Public License for more details.
-#
-# You should have received a copy of the GNU Affero General Public
-# License along with this program. If not, see
-# <http://www.gnu.org/licenses/>.
-
-# Load
-source $APP_BASE/lib/hydra/functions || exit 1
-hydra_config_load
-
-# Command line arguments
-BASENAME="`basename $0`"
-
-hydra $HYDRA mass hydractl puppet-finger
diff --git a/share/hydra/puppet-trigger b/share/hydra/puppet-trigger
deleted file mode 100755
index eba1996..0000000
--- a/share/hydra/puppet-trigger
+++ /dev/null
@@ -1,32 +0,0 @@
-#!/bin/bash
-#
-# Execute commands in a single remote node.
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU Affero General Public License as
-# published by the Free Software Foundation, either version 3 of the
-# License, or (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU Affero General Public License for more details.
-#
-# You should have received a copy of the GNU Affero General Public
-# License along with this program. If not, see
-# <http://www.gnu.org/licenses/>.
-
-# Load
-source $APP_BASE/lib/hydra/functions || exit 1
-hydra_config_load
-
-# Parameters
-NODO="$1"
-
-# Connect
-if [ ! -z "$NODO" ]; then
- $HYDRA_CONNECT $NODO sudo hydractl puppet-trigger
-else
- echo "No node given."
- exit 1
-fi
diff --git a/share/hydra/whereis b/share/hydra/whereis
index 687b280..515218b 100755
--- a/share/hydra/whereis
+++ b/share/hydra/whereis
@@ -38,31 +38,18 @@ echo "--------------------------------------------------------------------------
echo ""
# Is it a node?
-if [ -e "$PUPPET/manifests/nodes/$LAYER.pp" ]; then
- echo "Defined as a node at $PUPPET/manifests/nodes/$LAYER.pp"
-
- if [ -e "$PUPPET/hiera/production/domain/$DOMAIN/node/$LAYER.$DOMAIN.yaml" ]; then
- echo "Configuration:"
- echo ""
- grep "nodo::role:" $PUPPET/hiera/production/domain/$DOMAIN/node/$LAYER.$DOMAIN.yaml
- grep "nodo::location:" $PUPPET/hiera/production/domain/$DOMAIN/node/$LAYER.$DOMAIN.yaml
- fi
-fi
-
-# Is it a website?
-if [ -e "$PUPPET/modules/site_websites" ] && \
- grep -R -e "apache::site" "$PUPPET/modules/site_websites/manifests/" | grep -q "$LAYER" ; then
- MANIFEST="$(cd $PUPPET && grep -R -e "apache::site" "modules/site_websites/manifests/" | grep "$LAYER" | cut -d : -f 1)"
-
- echo "Defined as a website on $MANIFEST:"
+if [ -e "$PUPPET/hiera/node/$LAYER.$DOMAIN.yaml" ]; then
+ echo "Defined as a node at hiera/node/$LAYER.$DOMAIN.yaml"
+ echo "Configuration:"
echo ""
- sed -n -e "/apache::site { \"$LAYER\":/,/ }/ p" $PUPPET/$MANIFEST
+ grep "nodo::role:" $PUPPET/hiera/node/$LAYER.$DOMAIN.yaml
+ grep "nodo::location:" $PUPPET/hiera/node/$LAYER.$DOMAIN.yaml
fi
# DNS config
if [ -e "$HYDRA_FOLDER/dns/$DOMAIN.conf" ]; then
echo ""
- echo "DNS configuration at $HYDRA_FOLDER/dns/$DOMAIN.conf"
+ echo "DNS configuration at dns/$DOMAIN.conf"
echo "----------------------------------------------------------------------------------"
echo ""
diff --git a/share/hydractl/bootstrap b/share/hydractl/bootstrap
deleted file mode 100755
index ce1d643..0000000
--- a/share/hydractl/bootstrap
+++ /dev/null
@@ -1,36 +0,0 @@
-#!/bin/bash
-#
-# Bootstrap a new hydra using the current host as a starting point.
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU Affero General Public License as
-# published by the Free Software Foundation, either version 3 of the
-# License, or (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU Affero General Public License for more details.
-#
-# You should have received a copy of the GNU Affero General Public
-# License along with this program. If not, see
-# <http://www.gnu.org/licenses/>.
-
-STAGE="$1"
-
-if [ "$STAGE" == "repository" ]; then
- hydractl puppet-install
-
- if [ ! -d "/etc/puppet/.git" ]; then
- rm -rf /etc/puppet && git clone git://git.fluxo.info/puppet-bootstrap /etc/puppet
- hydra_bootstrap_config /etc/puppet
- chown -R puppet. /etc/puppet
- fi
-fi
-
-if [ -e "/etc/puppet/manifests/$stage.pp" ]; then
- (
- cd /etc/puppet
- make apply stage=$stage
- )
-fi
diff --git a/share/hydractl/dist-upgrade b/share/hydractl/dist-upgrade
new file mode 100755
index 0000000..f0c42b1
--- /dev/null
+++ b/share/hydractl/dist-upgrade
@@ -0,0 +1,190 @@
+#!/bin/bash
+#
+# Do a system upgrade, from a version to the next.
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as
+# published by the Free Software Foundation, either version 3 of the
+# License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public
+# License along with this program. If not, see
+# <http://www.gnu.org/licenses/>.
+
+# Load
+source $APP_BASE/lib/hydra/functions || exit 1
+hydra_config_load
+
+# Parameters
+TMP="/tmp"
+STATE="$TMP/system-upgrade"
+ENV="$TMP/system-upgrade-env"
+
+# Command line arguments
+BASENAME="`basename $0`"
+NEXTRELEASE="$1"
+
+# Proceed to the next upgrade stage
+function hydra_system_upgrade_stage {
+ STAGE="$1"
+ echo $STAGE > $STATE
+ hydra_system_upgrade_$STAGE
+}
+
+# Set and check upgrade environment
+function hydra_system_upgrade_env {
+ # Set initial state
+ hydra_system_upgrade_stage env
+
+ # Available releases
+ #release="`facter lsbdistcodename`" # this doesn't work on squeeze
+ release="`facter 2> /dev/null | grep lsbdistcodename | sed -e 's/lsbdistcodename => //'`"
+ nextrelease="`hydra_next_debian_release $release`"
+
+ # Is a virtual machine?
+ virtual="`facter 2> /dev/null | grep virtual | grep -v '^is_virtual' | sed -e 's/virtual => //'`"
+
+ # Save environment
+ echo "release=$release" > $ENV
+ echo "nextrelease=$nextrelease" >> $ENV
+ echo "nextrelease=$nextrelease" >> $ENV
+ echo "virtual=$virtual" >> $ENV
+
+ # Check release
+ if [ "$?" != "0" ]; then
+ echo "Unsupported release"
+ exit 1
+ fi
+
+ # Check optional parameter
+ if [ ! -z "$NEXTRELEASE" ]; then
+ if [ "$NEXTRELEASE" == "$release" ]; then
+ echo "System is already upgraded to $NEXTRELEASE"
+ exit 1
+ fi
+
+ if [ "$NEXTRELEASE" != "$nextrelease" ]; then
+ echo "Cannot upgrade: next release for this system is $nextrelease"
+ exit 1
+ fi
+ fi
+
+ # Set next state
+ hydra_system_upgrade_stage prepare
+}
+
+# Prepare the environment for a system upgrade
+function hydra_system_upgrade_prepare {
+ # Ensure puppet is stopped during the process
+ if [ -e "/etc/default/puppet" ]; then
+ echo "Disabling puppet agent..."
+ sed -i -e 's/START=yes/START=no/' /etc/default/puppet
+ service puppet stop
+ fi
+
+ # Configure apt for the next debian release
+ echo ""
+ echo "Updating apt configuration..."
+ sed -i -e "s/$release/$nextrelease/g" /etc/apt/sources.list
+ sed -i -e "s/$release/$nextrelease/g" /etc/apt/preferences
+ sed -i -e 's|^deb http://backports.debian.org/debian-backports|#deb http://backports.debian.org/debian-backports|' /etc/apt/sources.list
+
+ # These will be generated by puppet and can be safely removed
+ rm -f /etc/apt/sources.list.d/*
+ rm -f /etc/apt/preferences.d/*
+
+ # These might lead in upgrade errors
+ if [ "$virtual" == "vserver" ] && [ "$nextrelease" == "wheezy" ]; then
+ apt-get remove makedev -y
+ apt-get remove colord -y
+ fi
+
+ # Set next state
+ hydra_system_upgrade_stage download
+}
+
+# Update package listing and download new packages
+function hydra_system_upgrade_download {
+ echo ""
+ echo "Updating package listing..."
+ apt-get update
+ echo ""
+ echo "Downloading packages..."
+ apt-get dist-upgrade -d -y
+ hydra_system_upgrade_stage upgrade
+}
+
+# Proceed with the actual upgrade
+function hydra_system_upgrade_upgrade {
+ echo ""
+ echo "Upgrading the system..."
+ DEBIAN_FRONTEND=noninteractive apt-get dist-upgrade
+
+ if [ "$?" != "0" ]; then
+ echo "Upgrade failed. Please fix it manually and run this command again."
+ exit 1
+ fi
+
+ hydra_system_upgrade_stage custom
+}
+
+# Custom upgrade procedures
+function hydra_system_upgrade_custom {
+ if [ "$nextrelease" == "wheezy" ]; then
+ # Old suhosin config
+ rm -f /etc/php5/conf.d/suhosin.ini
+
+ # This has to be manually installed again
+ if [ -f "/etc/php5/cli/conf.d/uploadprogress.ini" ]; then
+ pecl uninstall uploadprogress
+ pecl install uploadprogress
+ fi
+ fi
+
+ if [ "$nextrelease" == "jessie" ]; then
+ # We're using a masterless puppet setup, so no agent
+ apt-get install puppet-common
+ apt-get purge puppet
+
+ # Purge old monitoring infrastructure
+ apt-get purge 'munin*' 'nagios*'
+ rm -rf /etc/nagios* /etc/munin* /etc/munin* /usr/share/munin*
+
+ # Cleanup old scripts
+ rm -f /usr/local/sbin/check-puppetd.sh
+ rm -f remove /etc/cron.d/puppetd
+ fi
+
+ hydractl trac-upgrade
+ hydra_system_upgrade_stage cleanup
+}
+
+# Cleanup procedures
+function hydra_system_upgrade_cleanup {
+ apt-get autoremove --purge -y
+ apt-get clean
+}
+
+# Initialize
+if [ ! -e "$STATE" ]; then
+ hydra_system_upgrade_env
+else
+ # Resume from the previous state
+ STAGE="`cat $STATE`"
+
+ # Restore environment
+ if [ -e "$ENV" ]; then
+ source $ENV
+ fi
+
+ hydra_system_upgrade_$STAGE
+fi
+
+# Teardown
+rm -f $STATE
+rm -f $ENV
diff --git a/share/hydractl/puppet-clean-stored b/share/hydractl/puppet-clean-stored
deleted file mode 100755
index dcbefa8..0000000
--- a/share/hydractl/puppet-clean-stored
+++ /dev/null
@@ -1,91 +0,0 @@
-#!/usr/bin/env ruby
-
-# Script to clean up stored configs for (a) given host(s)
-#
-# Credits:
-# Script was taken from http://reductivelabs.com/trac/puppet/attachment/wiki/UsingStoredConfiguration/kill_node_in_storedconfigs_db.rb (link no longer valid),
-# which haven been initially posted by James Turnbull
-# duritong adapted and improved the script a bit.
-
-require 'getoptlong'
-config = '/etc/puppet/puppet.conf'
-
-def printusage(error_code)
- puts "Usage: #{$0} [ list of hostnames as stored in hosts table ]"
- puts "\n Options:"
- puts "--config <puppet config file>"
- exit(error_code)
-end
-
-
- opts = GetoptLong.new(
-
- [ "--config", "-c", GetoptLong::REQUIRED_ARGUMENT ],
- [ "--help", "-h", GetoptLong::NO_ARGUMENT ],
- [ "--usage", "-u", GetoptLong::NO_ARGUMENT ],
-
- [ "--version", "-v", GetoptLong::NO_ARGUMENT ]
-)
-
-begin
- opts.each do |opt, arg|
- case opt
- when "--config"
- config = arg
-
- when "--help"
- printusage(0)
-
- when "--usage"
- printusage(0)
-
- when "--version"
- puts "#{Puppet.version}"
- exit
- end
- end
-rescue GetoptLong::InvalidOption => detail
- $stderr.puts "Try '#{$0} --help'"
- exit(1)
-end
-
-printusage(1) unless ARGV.size > 0
-
-require 'puppet/rails'
-Puppet[:config] = config
-Puppet.parse_config
-pm_conf = Puppet.settings.instance_variable_get(:@values)[:master]
-
-adapter = pm_conf[:dbadapter]
-args = {:adapter => adapter, :log_level => pm_conf[:rails_loglevel]}
-
-case adapter
- when "sqlite3"
- args[:dbfile] = pm_conf[:dblocation]
- when "mysql", "postgresql"
- args[:host] = pm_conf[:dbserver] unless pm_conf[:dbserver].to_s.empty?
- args[:username] = pm_conf[:dbuser] unless pm_conf[:dbuser].to_s.empty?
- args[:password] = pm_conf[:dbpassword] unless pm_conf[:dbpassword].to_s.empty?
- args[:database] = pm_conf[:dbname] unless pm_conf[:dbname].to_s.empty?
- args[:port] = pm_conf[:dbport] unless pm_conf[:dbport].to_s.empty?
- socket = pm_conf[:dbsocket]
- args[:socket] = socket unless socket.to_s.empty?
- else
- raise ArgumentError, "Invalid db adapter #{adapter}"
-end
-
-args[:database] = "puppet" unless not args[:database].to_s.empty?
-
-ActiveRecord::Base.establish_connection(args)
-
-ARGV.each { |hostname|
- if @host = Puppet::Rails::Host.find_by_name(hostname.strip)
- print "Killing #{hostname}..."
- $stdout.flush
- @host.destroy
- puts "done."
- else
- puts "Can't find host #{hostname}."
- end
-}
-exit 0
diff --git a/share/hydractl/puppet-disable b/share/hydractl/puppet-disable
deleted file mode 120000
index d68c04b..0000000
--- a/share/hydractl/puppet-disable
+++ /dev/null
@@ -1 +0,0 @@
-puppet-enable \ No newline at end of file
diff --git a/share/hydractl/puppet-enable b/share/hydractl/puppet-enable
deleted file mode 100755
index bdb4455..0000000
--- a/share/hydractl/puppet-enable
+++ /dev/null
@@ -1,47 +0,0 @@
-#!/bin/bash
-#
-# Disable puppet agent.
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU Affero General Public License as
-# published by the Free Software Foundation, either version 3 of the
-# License, or (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU Affero General Public License for more details.
-#
-# You should have received a copy of the GNU Affero General Public
-# License along with this program. If not, see
-# <http://www.gnu.org/licenses/>.
-
-# Load
-source $APP_BASE/lib/hydra/functions || exit 1
-hydra_config_load
-
-# Command line arguments
-BASENAME="`basename $0`"
-
-# Newer systems are masterless
-if [ "$OSVERSION" != "7" ]; then
- exit
-fi
-
-# Set sudo config
-if [ "`whoami`" != 'root' ]; then
- sudo="sudo"
-fi
-
-# Business
-if [ "$BASENAME" == "puppet-enable" ]; then
- if [ -e "/etc/default/puppet" ]; then
- $sudo sed -i -e 's/START=no/START=yes/' /etc/default/puppet
- $sudo service puppet start
- fi
-else
- if [ -e "/etc/default/puppet" ]; then
- $sudo sed -i -e 's/START=yes/START=no/' /etc/default/puppet
- $sudo service puppet stop
- fi
-fi
diff --git a/share/hydractl/puppet-finger b/share/hydractl/puppet-finger
deleted file mode 100755
index af83cc9..0000000
--- a/share/hydractl/puppet-finger
+++ /dev/null
@@ -1,74 +0,0 @@
-#!/bin/bash
-#
-# Check puppet fingerprints, hydractl perspective.
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU Affero General Public License as
-# published by the Free Software Foundation, either version 3 of the
-# License, or (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU Affero General Public License for more details.
-#
-# You should have received a copy of the GNU Affero General Public
-# License along with this program. If not, see
-# <http://www.gnu.org/licenses/>.
-
-# Load
-source $APP_BASE/lib/hydra/functions || exit 1
-hydra_config_load
-
-# Command line arguments
-BASENAME="`basename $0`"
-
-# Execute openssl
-function puppet_openssl {
- if [ -z "$1" ]; then
- return
- fi
-
- openssl x509 -text -noout -fingerprint -in $1 | grep "^SHA1 Fingerprint=" | \
- sed -e 's/^SHA1 Fingerprint=//'
-}
-
-# Print a fingerprint with correct padding.
-function print_fingerprint {
- if [ -z "$2" ]; then
- return
- fi
-
- len="`echo $1 | wc -c`"
- offset="$((85 - $len))"
- printf "$1: %${offset}s\n" "$2"
-}
-
-# Master:
-#
-# openssl x509 -text -noout -fingerprint -in /var/lib/puppetmaster/ssl/ca/signed/fqdn.pem
-# openssl x509 -text -noout -fingerprint -in /var/lib/puppetmaster/ssl/certs/ca.pem
-#
-if [ -d "/var/lib/puppetmaster/ssl" ]; then
- if [ -d "/var/lib/puppetmaster/ssl/ca/signed" ]; then
- for file in `ls /var/lib/puppetmaster/ssl/ca/signed`; do
- fp="`puppet_openssl /var/lib/puppetmaster/ssl/ca/signed/$file`"
- print_fingerprint `basename $file .pem` $fp
- done
- fi
-
- if [ -f "/var/lib/puppetmaster/ssl/certs/ca.pem" ]; then
- print_fingerprint ca `puppet_openssl /var/lib/puppetmaster/ssl/certs/ca.pem`
- fi
-fi
-
-# Node:
-#
-# openssl x509 -text -noout -fingerprint -in /var/lib/puppet/ssl/certs/fqdn.pem
-# openssl x509 -text -noout -fingerprint -in /var/lib/puppet/ssl/certs/ca.pem
-#
-if [ -d "/var/lib/puppet/ssl" ]; then
- fqdn="`facter fqdn`"
- print_fingerprint $fqdn `puppet_openssl /var/lib/puppet/ssl/certs/$fqdn.pem`
- print_fingerprint ca `puppet_openssl /var/lib/puppet/ssl/certs/ca.pem`
-fi
diff --git a/share/hydractl/puppet-initialize b/share/hydractl/puppet-initialize
deleted file mode 100755
index 26b0165..0000000
--- a/share/hydractl/puppet-initialize
+++ /dev/null
@@ -1,20 +0,0 @@
-#!/bin/bash
-#
-# Make puppet agent first connection with the master node.
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU Affero General Public License as
-# published by the Free Software Foundation, either version 3 of the
-# License, or (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU Affero General Public License for more details.
-#
-# You should have received a copy of the GNU Affero General Public
-# License along with this program. If not, see
-# <http://www.gnu.org/licenses/>.
-
-puppet agent --server puppet.`facter domain` --pluginsync true --waitforcert 60 --test \
- --vardir /var/lib/puppet --ssldir /var/lib/puppet/ssl $*
diff --git a/share/hydractl/puppet-install b/share/hydractl/puppet-install
deleted file mode 100755
index 63027b0..0000000
--- a/share/hydractl/puppet-install
+++ /dev/null
@@ -1,20 +0,0 @@
-#!/bin/bash
-#
-# Install puppet and puppetmaster.
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU Affero General Public License as
-# published by the Free Software Foundation, either version 3 of the
-# License, or (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU Affero General Public License for more details.
-#
-# You should have received a copy of the GNU Affero General Public
-# License along with this program. If not, see
-# <http://www.gnu.org/licenses/>.
-
-apt-get update
-apt-get install puppet puppetmaster
diff --git a/share/hydractl/puppet-reset-agent b/share/hydractl/puppet-reset-agent
deleted file mode 100755
index 2c7b724..0000000
--- a/share/hydractl/puppet-reset-agent
+++ /dev/null
@@ -1,21 +0,0 @@
-#!/bin/bash
-#
-# Reset puppet SSL setup and register again.
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU Affero General Public License as
-# published by the Free Software Foundation, either version 3 of the
-# License, or (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU Affero General Public License for more details.
-#
-# You should have received a copy of the GNU Affero General Public
-# License along with this program. If not, see
-# <http://www.gnu.org/licenses/>.
-
-/etc/init.d/puppet stop
-rm -rf /var/lib/puppet/ssl
-hydractl puppet-initialize
diff --git a/share/hydractl/puppet-reset-master b/share/hydractl/puppet-reset-master
deleted file mode 100755
index 99dd7ae..0000000
--- a/share/hydractl/puppet-reset-master
+++ /dev/null
@@ -1,52 +0,0 @@
-#!/bin/bash
-#
-# Reset puppet master and start over again.
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU Affero General Public License as
-# published by the Free Software Foundation, either version 3 of the
-# License, or (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU Affero General Public License for more details.
-#
-# You should have received a copy of the GNU Affero General Public
-# License along with this program. If not, see
-# <http://www.gnu.org/licenses/>.
-
-# Stop agent
-/etc/init.d/puppet stop
-
-# Stop master
-if [ -e "/etc/init.d/puppetmaster" ]; then
- /etc/init.d/puppetmaster stop
- /etc/init.d/nginx stop
-else
- /etc/init.d/apache2 stop
-fi
-
-# Reset configuration
-hydractl puppet-reset-stored
-rm -rf /var/lib/puppetmaster/ssl
-
-# Generate new certificate
-# See http://blkperl.github.io/replace-puppet-ca.html
-# http://docs.puppetlabs.com/puppet/latest/reference/ssl_regenerate_certificates.html
-puppet cert --generate puppet.`facter domain`
-hydractl puppet-finger
-
-# Get fresh config
-rm -rf /etc/puppet/ && git clone /var/git/repositories/puppet.git/ /etc/puppet
-( cd /etc/puppet/ && git submodule update --init )
-chown -R puppet.puppet /etc/puppet/
-
-# Start master
-if [ -e "/etc/init.d/puppetmaster" ]; then
- /etc/init.d/puppetmaster start
- sleep 5
- /etc/init.d/nginx start
-else
- /etc/init.d/apache2 start
-fi
diff --git a/share/hydractl/puppet-reset-stored b/share/hydractl/puppet-reset-stored
deleted file mode 100755
index ec7cea7..0000000
--- a/share/hydractl/puppet-reset-stored
+++ /dev/null
@@ -1,23 +0,0 @@
-#!/bin/bash
-#
-# Reset puppet stored configs.
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU Affero General Public License as
-# published by the Free Software Foundation, either version 3 of the
-# License, or (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU Affero General Public License for more details.
-#
-# You should have received a copy of the GNU Affero General Public
-# License along with this program. If not, see
-# <http://www.gnu.org/licenses/>.
-
-# Load.
-source $APP_BASE/lib/hydra/functions || exit 1
-hydra_config_load
-
-hydra_truncate_database puppet
diff --git a/share/hydractl/puppet-setup-stored b/share/hydractl/puppet-setup-stored
deleted file mode 100755
index 8e04261..0000000
--- a/share/hydractl/puppet-setup-stored
+++ /dev/null
@@ -1,24 +0,0 @@
-#!/bin/bash
-#
-# Setup puppet stored configs.
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU Affero General Public License as
-# published by the Free Software Foundation, either version 3 of the
-# License, or (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU Affero General Public License for more details.
-#
-# You should have received a copy of the GNU Affero General Public
-# License along with this program. If not, see
-# <http://www.gnu.org/licenses/>.
-
-# Load.
-source $APP_BASE/lib/hydra/functions || exit 1
-hydra_config_load
-
-# TODO
-echo "TODO!"
diff --git a/share/hydractl/puppet-trigger b/share/hydractl/puppet-trigger
deleted file mode 100755
index 1f964db..0000000
--- a/share/hydractl/puppet-trigger
+++ /dev/null
@@ -1,23 +0,0 @@
-#!/bin/bash
-#
-# Triggers puppet agend execution.
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU Affero General Public License as
-# published by the Free Software Foundation, either version 3 of the
-# License, or (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU Affero General Public License for more details.
-#
-# You should have received a copy of the GNU Affero General Public
-# License along with this program. If not, see
-# <http://www.gnu.org/licenses/>.
-
-if [ -e '/var/run/puppet/agent.pid' ]; then
- kill -USR1 `cat /var/run/puppet/agent.pid`
-elif [ -e '/var/run/puppet/puppetd.pid' ]; then
- kill -USR1 `cat /var/run/puppet/puppetd.pid`
-fi
diff --git a/share/hydractl/puppet-update b/share/hydractl/puppet-update
deleted file mode 100755
index 0e9e8fe..0000000
--- a/share/hydractl/puppet-update
+++ /dev/null
@@ -1,28 +0,0 @@
-#!/bin/bash
-#
-# Update puppet repository.
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU Affero General Public License as
-# published by the Free Software Foundation, either version 3 of the
-# License, or (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU Affero General Public License for more details.
-#
-# You should have received a copy of the GNU Affero General Public
-# License along with this program. If not, see
-# <http://www.gnu.org/licenses/>.
-
-if [ -x '/usr/local/sbin/update-puppet-conf.sh' ]; then
- /usr/local/sbin/update-puppet-conf.sh
-
- # Avoid reparsing of puppet config by just fixing perms if needed.
- chown --from=root:root -R puppet.puppet /etc/puppet/*
- chown --from=root:root -R puppet.puppet /etc/puppet/.git
-else
- echo "Could not find /usr/local/sbin/update-puppet-conf.sh"
- exit 1
-fi
diff --git a/share/hydractl/requirements b/share/hydractl/requirements
deleted file mode 100755
index ccebab8..0000000
--- a/share/hydractl/requirements
+++ /dev/null
@@ -1,24 +0,0 @@
-#!/bin/bash
-#
-# Get all needed requirements.
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU Affero General Public License as
-# published by the Free Software Foundation, either version 3 of the
-# License, or (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU Affero General Public License for more details.
-#
-# You should have received a copy of the GNU Affero General Public
-# License along with this program. If not, see
-# <http://www.gnu.org/licenses/>.
-
-REQUIREMENTS="lsb-release facter"
-
-# Check for requirements.
-for req in "$REQUIREMENTS"; do
- hydra_install_package $req
-done
diff --git a/share/hydractl/system-upgrade b/share/hydractl/system-upgrade
index 374a3b0..bb7a06e 100755..120000
--- a/share/hydractl/system-upgrade
+++ b/share/hydractl/system-upgrade
@@ -1,179 +1 @@
-#!/bin/bash
-#
-# Do a system upgrade, from a version to the next.
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU Affero General Public License as
-# published by the Free Software Foundation, either version 3 of the
-# License, or (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU Affero General Public License for more details.
-#
-# You should have received a copy of the GNU Affero General Public
-# License along with this program. If not, see
-# <http://www.gnu.org/licenses/>.
-
-# Load
-source $APP_BASE/lib/hydra/functions || exit 1
-hydra_config_load
-
-# Parameters
-TMP="/tmp"
-STATE="$TMP/system-upgrade"
-ENV="$TMP/system-upgrade-env"
-
-# Command line arguments
-BASENAME="`basename $0`"
-NEXTRELEASE="$1"
-
-# Proceed to the next upgrade stage
-function hydra_system_upgrade_stage {
- STAGE="$1"
- echo $STAGE > $STATE
- hydra_system_upgrade_$STAGE
-}
-
-# Set and check upgrade environment
-function hydra_system_upgrade_env {
- # Available releases
- #release="`facter lsbdistcodename`" # this doesn't work on squeeze
- release="`facter 2> /dev/null | grep lsbdistcodename | sed -e 's/lsbdistcodename => //'`"
- nextrelease="`hydra_next_debian_release $release`"
-
- # Is a virtual machine?
- virtual="`facter 2> /dev/null | grep virtual | grep -v '^is_virtual' | sed -e 's/virtual => //'`"
-
- # Save environment
- echo "release=$release" > $ENV
- echo "nextrelease=$nextrelease" >> $ENV
- echo "nextrelease=$nextrelease" >> $ENV
- echo "virtual=$virtual" >> $ENV
-
- # Check release
- if [ "$?" != "0" ]; then
- echo "Unsupported release"
- exit 1
- fi
-
- # Check optional parameter
- if [ ! -z "$NEXTRELEASE" ]; then
- if [ "$NEXTRELEASE" == "$release" ]; then
- echo "System is already upgraded to $NEXTRELEASE"
- exit 1
- fi
-
- if [ "$NEXTRELEASE" != "$nextrelease" ]; then
- echo "Cannot upgrade: next release for this system is $nextrelease"
- exit 1
- fi
- fi
-
- # Set next state
- hydra_system_upgrade_stage prepare
-}
-
-# Prepare the environment for a system upgrade
-function hydra_system_upgrade_prepare {
- # Ensure puppet is stopped during the process
- echo "Disabling puppet during the upgrade..."
- hydractl puppet-disable
-
- # Configure apt for the next debian release
- echo ""
- echo "Updating apt configuration..."
- sed -i -e "s/$release/$nextrelease/g" /etc/apt/sources.list
- sed -i -e 's|^deb http://backports.debian.org/debian-backports|#deb http://backports.debian.org/debian-backports|' /etc/apt/sources.list
-
- if [ -e "/etc/apt/preferences" ]; then
- sed -i -e "s/$release/$nextrelease/g" /etc/apt/preferences
- fi
-
- # These will be generated by puppet and can be safely removed
- rm -f /etc/apt/sources.list.d/*
- rm -f /etc/apt/preferences.d/*
-
- # These might lead in upgrade errors
- if [ "$virtual" == "vserver" ] && [ "$nextrelease" == "wheezy" ]; then
- apt-get remove makedev -y
- apt-get remove colord -y
- fi
-
- # Set next state
- hydra_system_upgrade_stage download
-}
-
-# Update package listing and download new packages
-function hydra_system_upgrade_download {
- echo ""
- echo "Updating package listing..."
- apt-get update
- echo ""
- echo "Downloading packages..."
- apt-get dist-upgrade -d -y
- hydra_system_upgrade_stage upgrade
-}
-
-# Proceed with the actual upgrade
-function hydra_system_upgrade_upgrade {
- echo ""
- echo "Upgrading the system..."
- DEBIAN_FRONTEND=noninteractive apt-get dist-upgrade
-
- if [ "$?" != "0" ]; then
- echo "Upgrade failed. Please fix it manually and run this command again."
- exit 1
- fi
-
- hydra_system_upgrade_stage custom
-}
-
-# Custom upgrade procedures
-function hydra_system_upgrade_custom {
- # Custom jessie stuff
- if [ "$nextrelease" == "jessie" ]; then
- # We're going masterless, so no puppet and old services
- apt-get purge puppet libapache2-mod-passenger 'munin*' 'nagios*' -y
- rm -rf /etc/munin/plugins /etc/munin/plugin-conf.d /usr/local/sbin/check-puppetd.sh
- fi
-
- hydractl trac-upgrade
- hydra_system_upgrade_stage cleanup
-}
-
-# Cleanup procedures
-function hydra_system_upgrade_cleanup {
- apt-get autoremove -y --purge
- apt-get clean
- #hydra_system_upgrade_stage puppet
-}
-
-# Enable puppet again
-#function hydra_system_upgrade_puppet {
-# echo ""
-# echo "Starting puppet again..."
-# hydractl puppet-enable
-#}
-
-# Initialize
-if [ ! -e "$STATE" ]; then
- hydra_system_upgrade_stage env
-else
- # Resume from the previous state
- STAGE="`cat $STATE`"
-
- # Restore environment
- if [ -e "$ENV" ]; then
- source $ENV
- fi
-
- if [ ! -z "$STAGE" ]; then
- hydra_system_upgrade_stage $STAGE
- fi
-fi
-
-# Teardown
-rm -f $STATE
-rm -f $ENV
+dist-upgrade \ No newline at end of file