summaryrefslogtreecommitdiff
path: root/share
diff options
context:
space:
mode:
authorSilvio Rhatto <rhatto@riseup.net>2016-09-19 10:55:43 -0300
committerSilvio Rhatto <rhatto@riseup.net>2016-09-19 10:55:43 -0300
commita7ca30e854f845f670c852a2edd5ef13656c774f (patch)
tree17036cff4f766f1cbe4b45ab80c492969bd78d5f /share
parent2bd9d5bbf6a41d4d47cd52d9ee9471a906b3849b (diff)
downloadhydra-a7ca30e854f845f670c852a2edd5ef13656c774f.tar.gz
hydra-a7ca30e854f845f670c852a2edd5ef13656c774f.tar.bz2
Removes bootless templates, adds node secret template
Diffstat (limited to 'share')
-rw-r--r--share/config/puppet/nodo.example.org.yaml2
-rw-r--r--share/config/puppet/secrets/nodo.example.org.yaml (renamed from share/config/templates/node/nodo.example.org.yaml)2
-rw-r--r--share/config/templates/bootless/custom.cfg26
-rw-r--r--share/config/templates/bootless/grub.cfg111
-rw-r--r--share/config/templates/node/nodo.example.org.pp3
-rwxr-xr-xshare/hydra/newnode34
6 files changed, 14 insertions, 164 deletions
diff --git a/share/config/puppet/nodo.example.org.yaml b/share/config/puppet/nodo.example.org.yaml
new file mode 100644
index 0000000..65aee56
--- /dev/null
+++ b/share/config/puppet/nodo.example.org.yaml
@@ -0,0 +1,2 @@
+---
+nodo::role: 'virtual'
diff --git a/share/config/templates/node/nodo.example.org.yaml b/share/config/puppet/secrets/nodo.example.org.yaml
index 02a3bea..79b15c1 100644
--- a/share/config/templates/node/nodo.example.org.yaml
+++ b/share/config/puppet/secrets/nodo.example.org.yaml
@@ -5,4 +5,4 @@ nodo::role: 'virtual'
# Backup
#
nodo::subsystem::backup::encryptkey: "FIXME"
-nodo::subsystem::backup::password: 'FIXME'
+nodo::subsystem::backup::password: 'FIXME using hiera-eyaml'
diff --git a/share/config/templates/bootless/custom.cfg b/share/config/templates/bootless/custom.cfg
deleted file mode 100644
index 87de184..0000000
--- a/share/config/templates/bootless/custom.cfg
+++ /dev/null
@@ -1,26 +0,0 @@
-#
-# Menu appearance
-#
-set menu_color_normal=white/blue
-set menu_color_highlight=yellow/red
-
-#
-# Example: imagens stored in the USB stick: just put your images under custom/debian/images.
-#
-menuentry 'Example: Darkstar' {
- set volume=/dev/sda5
- set version=3.16.0-4-amd64
- set target=sda5_crypt
- set rootfs=darkstar--vg-root
- set distro=debian
- bootimg ${volume} ${version} ${source} ${target} ${distro}
-}
-
-#
-# Example: Full Disk Encryption: images are loaded from encrypted partition.
-#
-menuentry 'Example: Darkstar FDE' {
- set volume=darkstar
- set version=3.16.0-4-amd64
- bootfde ${volume} ${version}
-}
diff --git a/share/config/templates/bootless/grub.cfg b/share/config/templates/bootless/grub.cfg
deleted file mode 100644
index 35827db..0000000
--- a/share/config/templates/bootless/grub.cfg
+++ /dev/null
@@ -1,111 +0,0 @@
-#
-# Bootless: evil-maid mitigator.
-#
-
-#
-# Load environment
-#
-if [ -s $prefix/grubenv ]; then
- load_env
-fi
-
-#
-# Basic config
-#
-set default="0"
-set timeout=5
-
-#
-# Menu appearance
-#
-set menu_color_normal=white/blue
-set menu_color_highlight=yellow/red
-
-#
-# Handles boot from fully encrypted /boot volumes.
-# Usage: bootfde <volume> <kernel-version> [source] [target]
-#
-function bootfde {
- insmod luks
- insmod lvm
-
- set volume=${1}
-
- if [ "${2}" ]; then
- set version=${2}
- else
- set version=3.16.0-4-amd64
- fi
-
- if [ "${3}" ]; then
- set source=${3}
- else
- set source=/dev/mapper/${1}
- fi
-
- if [ "${4}" ]; then
- set target=${4}
- else
- set target=root
- fi
-
- cryptomount lvm/${volume}
- set root=(crypto0)
- echo "Loading ${volume}..."
- linux /boot/vmlinuz-${version} root=/dev/mapper/${target} cryptopts=target=${target},source=${source} ro quiet
- echo 'Loading initial ramdisk ...'
- initrd /boot/initrd.img-${version}
-}
-
-#
-# Handles boot from images stored in the USB stick.
-# Usage: bootfde <volume> <kernel-version> [target] [rootfs] [distro]
-#
-function bootimg {
- set volume=${1}
-
- if [ "${2}" ]; then
- set version=${2}
- else
- set version=3.16.0-4-amd64
- fi
-
- if [ "${3}" ]; then
- set target=${3}
- else
- set target=root
- fi
-
- if [ "${4}" ]; then
- set rootfs=${4}
- else
- set rootfs=${target}
- fi
-
- if [ "${5}" ]; then
- set distro=${5}
- else
- set distro=debian
- fi
-
- echo "Loading ${1}..."
- linux /boot/custom/${distro}/vmlinuz-${version} root=/dev/mapper/${rootfs} cryptopts=target=${target},source=${volume} ro quiet apparmor=1 security=apparmor
- echo 'Loading initial ramdisk ...'
- initrd /boot/custom/${distro}/initrd.img-${version}
-}
-
-#
-# Default menu entry
-#
-menuentry "Memtest86+" {
- linux16 /boot/default/memtest/memtest86+.bin
-}
-
-#
-# Custom menu entries
-#
-if [ -e "/boot/custom/custom.cfg" ]; then
- menuentry "Custom configurations" {
- configfile /boot/custom/custom.cfg
- }
-fi
diff --git a/share/config/templates/node/nodo.example.org.pp b/share/config/templates/node/nodo.example.org.pp
deleted file mode 100644
index 1d6cdf6..0000000
--- a/share/config/templates/node/nodo.example.org.pp
+++ /dev/null
@@ -1,3 +0,0 @@
-node 'nodename.example.org' {
- include nodo
-}
diff --git a/share/hydra/newnode b/share/hydra/newnode
index acd989f..b656930 100755
--- a/share/hydra/newnode
+++ b/share/hydra/newnode
@@ -43,39 +43,27 @@ elif [ -e "$HYDRA_FOLDER/puppet/config/node/$NODE.yaml" ]; then
exit 1
fi
-# Create node
-#if [ -e "$NODES" ]; then
-# #echo "import \"nodes/$NODE.pp\"" >> $NODES
-#fi
-
# Set YAML template
-if [ -e "$HYDRA_FOLDER/config/templates/node/nodo.example.org.yaml" ]; then
- YAML="$HYDRA_FOLDER/config/templates/node/nodo.example.org.yaml"
+if [ -e "$HYDRA_FOLDER/config/puppet/nodo.example.org.yaml" ]; then
+ YAML="$HYDRA_FOLDER/config/puppet/nodo.example.org.yaml"
else
- YAML="$APP_BASE/share/config/templates/node/nodo.example.org.yaml"
+ YAML="$APP_BASE/share/config/puppet/nodo.example.org.yaml"
fi
-# Set node template
-#if [ -e "$HYDRA_FOLDER/config/templates/node/nodo.pp" ]; then
-# PP="$HYDRA_FOLDER/config/templates/node/nodo.example.org.pp"
-#else
-# PP="$APP_BASE/share/config/templates/node/nodo.example.org.pp"
-#fi
-
# Copy YAML template
mkdir -p $HYDRA_FOLDER/puppet/config/node
cp $YAML $HYDRA_FOLDER/puppet/config/node/$NODE.yaml
+# Set secret YAML template
+if [ -e "$HYDRA_FOLDER/config/puppet/secrets/nodo.example.org.yaml" ]; then
+ YAML="$HYDRA_FOLDER/config/puppet/secrets/nodo.example.org.yaml"
+else
+ YAML="$APP_BASE/share/config/puppet/secrets/nodo.example.org.yaml"
+fi
+
# Setup secret YAML template
mkdir -p $HYDRA_FOLDER/puppet/config/secrets/node
-echo "---" > $HYDRA_FOLDER/puppet/config/secrets/node/$NODE.yaml
-
-# Copy node template
-#mkdir -p $HYDRA_FOLDER/puppet/manifests/nodes
-#cp $PP $HYDRA_FOLDER/puppet/manifests/nodes/$NODE.pp
-
-# Edit the template
-#sed -i -e "s/nodename.example.org/$NODE/g" $HYDRA_FOLDER/puppet/manifests/nodes/$NODE.pp
+cp $YAML $HYDRA_FOLDER/puppet/config/secrets/node/$NODE.yaml
# Add to git
(