#!/bin/bash
#
# Deploy a node using automated recipes. See discussion at
#
# - http://current.workingdirectory.net/posts/2011/puppet-without-masters/
# - http://andrewbunday.co.uk/2012/12/04/masterless-puppet-wrapper/
# - http://semicomplete.com/presentations/puppet-at-loggly/puppet-at-loggly.pdf.html
# - https://github.com/jordansissel/puppet-examples/tree/master/masterless
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as
# published by the Free Software Foundation, either version 3 of the
# License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public
# License along with this program. If not, see
# .
# Load
source $APP_BASE/lib/hydra/functions || exit 1
hydra_config_load
# Command line arguments
NODES="$*"
# Build node list
if [ -z "$NODES" ]; then
NODES="`hydra $HYDRA nodes`"
else
# Check if first param is a node name, otherwise assume its a class
if [ -z "$2" ] && [ "$1" != "localhost" ]; then
NODEFILE="$(basename `find $HYDRA_FOLDER/puppet/config/node/ -name $1'.*' | head -n 1` .yaml)"
# Check for config/node name
if [ "$NODEFILE" == ".yaml" ]; then
NODES="`hydra $HYDRA nodes $1`"
fi
fi
fi
# Deploy requirements
hydra_install_package ansible rsync
# Banner
#echo '.__ .___ .___ .__ ._.'
#echo '| |__ ___.__. __| _/___________ __| _/____ ______ | | ____ ___.__.| |'
#echo '| | < | |/ __ |\_ __ \__ \ / __ |/ __ \\____ \| | / _ < | || |'
#echo '| Y \___ / /_/ | | | \// __ \_ / /_/ \ ___/| |_> > |_( <_> )___ | \|'
#echo '|___| / ____\____ | |__| (____ / \____ |\___ > __/|____/\____// ____| __'
#echo ' \/\/ \/ \/ \/ \/|__| \/ \/'
#echo ''
#
# Deploy iterating over each node
#
for node in $NODES; do
if [ -d "$node" ]; then
echo "Deploying to $node folder..."
# Setup deploy environment
FOLDER=$node
hydra_deploy_setup folder $FOLDER || continue
# Make sure keys exists for this node
hydra $HYDRA newkeys new $FQDN
# Ensure key availability
hydra $HYDRA eyaml $FQDN
if ! sudo -n true; then
echo "Please set passwordless sudo on localhost."
continue
fi
# Check if puppet is installed
if [ ! -e "$FOLDER/usr/bin/puppet" ]; then
echo "Installing dependencies..."
$DEPLOY_COMMAND apt-get update
$DEPLOY_COMMAND DEBIAN_FRONTEND=noninteractive apt-get install $DEPLOY_DEPENDENCIES -y
fi
# Create folders
hydra_deploy_mkdirs
# Ensure we have a compatible hydra suite
#hydra $HYDRA install $node
DESTDIR="$FOLDER" hydractl install
# Sync repository to server
echo "Syncing configuration..."
$DEPLOY_RSYNC "$RSYNC_PATH" $DEPLOY_OPTS
# Copy keys
hydra_deploy_copy_keys folder
# Copy config configuration
hydra_deploy_copy_secrets folder
# Run puppet, overriding FQDN
echo "Applying configuration..."
LC_ALL=C HOSTNAME=$FQDN FACTER_domain=$DOMAIN FACTER_hostname=$FQDN FACTER_fqdn=$HOSTNAME.$DOMAIN $DEPLOY_APPLY 2>&1 | \
tee $HYDRA_FOLDER/puppet/logs/$FQDN.`date +%Y%m%d%H%M`.log
# Check if keys should be imported
if ! $SUDO test -f $FOLDER/root/.ssh/id_rsa || \
! $SUDO test -f $FOLDER/root/.config/borg/hydra/key || \
! $SUDO gpg --homedir=$FOLDER/root --list-secret-keys root@$FQDN &> /dev/null; then
echo "No $FOLDER/root/.ssh/id_rsa found. Please import it and other keys when the system is online using import-keys action"
fi
elif [ "$node" == "localhost" ] || [ "$node" == "`facter fqdn`" ] || [ "$node" == "`facter hostname`" ]; then
echo "Deploying to localhost..."
if ! sudo -n true; then
echo "Please set passwordless sudo on localhost."
continue
fi
# Setup deploy environment
hydra_deploy_setup || continue
# Make sure keys exists for this node
hydra $HYDRA newkeys new $FQDN
# Ensure key availability
hydra $HYDRA eyaml $FQDN
# Check if puppet is installed
if [ ! -e "/usr/bin/puppet" ]; then
$SUDO apt-get update
$SUDO apt-get install $DEPLOY_DEPENDENCIES -y
fi
# Ensure we have a compatible hydra suite
#hydra $HYDRA install $node
hydractl install
# Collect facts
hydra_deploy_facts_collect local
# Run puppet
echo "Applying configuration..."
$DEPLOY_APPLY 2>&1 | \
tee $HYDRA_FOLDER/puppet/logs/$FQDN.`date +%Y%m%d%H%M`.log
# Fix ssl folder ownership
$SUDO chown -R `whoami`. $HYDRA_FOLDER/puppet/ssl
# Import keys if needed
if ! $SUDO test -f /root/.ssh/id_rsa || \
! $SUDO test -f /root/.config/borg/hydra/key || \
! $SUDO gpg --homedir=/root/.gnupg --list-secret-keys root@$FQDN &> /dev/null; then
hydra $HYDRA import-keys $FQDN
fi
else
echo "Deploying to $node..."
# Setup deploy environment
hydra_deploy_setup remote $node || continue
# Make sure keys exists for this node
hydra $HYDRA newkeys new $FQDN
# Ensure key availability
hydra $HYDRA eyaml $FQDN
# Check for passwordless connections
# http://stackoverflow.com/questions/3830508/check-if-passwordless-access-has-been-setup#3830680
if ! $HYDRA_CONNECT -o NumberOfPasswordPrompts=0 $FQDN true; then
echo "Unable to connect to $FQDN via SSH without a password."
echo "Check network connection to machine or set a passwordless login for your user at $FQDN using public key auth."
continue
fi
# Ensure we have a compatible hydra suite
hydra $HYDRA install $node
# Check remote environment
$HYDRA_CONNECT $FQDN < /dev/null; then
echo "Installing dependencies..."
sudo apt-get update
sudo apt-get install $DEPLOY_DEPENDENCIES -y
fi
##### END REMOTE SCRIPT #######
EOF
# Check connection
if [ "$?" != "0" ]; then
echo "Error connecting or setting up $FQDN."
continue
fi
# Create folders
hydra_deploy_mkdirs
# Collect facts
hydra_deploy_facts_collect remote || continue
# Sync repository to server
echo "Syncing configuration..."
$DEPLOY_RSYNC "$RSYNC_PATH" $DEPLOY_OPTS
# Check connection
if [ "$?" != "0" ]; then
echo "Error syncing to $FQDN."
continue
fi
# Copy keys
hydra_deploy_copy_keys remote || continue
# Copy configuration
hydra_deploy_copy_secrets remote || continue
# Run puppet
echo "Applying configuration..."
$DEPLOY_APPLY 2>&1 | \
tee $HYDRA_FOLDER/puppet/logs/$FQDN.`date +%Y%m%d%H%M`.log
# Import keys if needed
if ! $HYDRA_CONNECT $FQDN sudo test -f /root/.ssh/id_rsa || \
! $HYDRA_CONNECT $FQDN sudo test -f /root/.config/borg/hydra/key || \
! $HYDRA_CONNECT $FQDN sudo gpg --homedir=/root/.gnupg --list-secret-keys root@$FQDN &> /dev/null; then
hydra $HYDRA import-keys $FQDN
fi
fi
done
#
# Deploy using ansible's own iterator
#
if [ -e "$HYDRA_FOLDER/ansible/ansible.cfg" ]; then
# Command line arguments
NODES="$*"
# Build node list
#if [ -z "$NODES" ]; then
# #NODES="`BACKEND=ansible hydra $HYDRA nodes | xargs | sed -e "s/^/'~(/" -e "s/ /|/g" -e "s/$/)'/`"
# NODES="all"
#else
if [ ! -z "$NODES" ]; then
# Check if first param is a node name, otherwise assume its a class
if [ -z "$2" ] && [ "$1" != "localhost" ]; then
NODES="`BACKEND=ansible hydra $HYDRA nodes $1`"
if [ -z "$NODES" ]; then
NODES="`BACKEND=ansible hydra $HYDRA nodes $1'*'`"
fi
# It's a class
if [ ! -z "$NODES" ] && [ "`echo $NODES | wc -w`" != "1" ]; then
#NODES="`echo $NODES | xargs | sed -e "s/^/'~(/" -e "s/ /|/g" -e "s/$/)'/"`"
NODES="$*"
fi
# This can be handled directly by the ansible hosts file
# http://ansible.pickle.io/post/86598332429/running-ansible-playbook-in-localhost
#elif [ "$NODES" == "localhost" ]; then
# NODES="`cat /etc/hostname`"
fi
else
NODES="all"
fi
if [ ! -z "$NODES" ]; then
if [ "$NODES" == "all" ]; then
hydra $HYDRA ansible-playbook site.yml
else
hydra $HYDRA ansible-playbook site.yml --limit $NODES
fi
fi
fi