#!/bin/bash
#
# Create new node configuration.
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as
# published by the Free Software Foundation, either version 3 of the
# License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public
# License along with this program. If not, see
# .
# Load.
source $APP_BASE/lib/hydra/functions || exit 1
hydra_config_load
# Parameters
BASENAME="`basename $0`"
NODE="$1"
ROLE="$2"
DOMAIN="`cat $HYDRA_FOLDER/config/domain 2> /dev/null`"
# Check if node was given by fqdn or just hostname
if ! echo $NODE | grep -q '\.'; then
NODE="$NODE.$DOMAIN"
fi
# Check configuration and parameters
if [ -z "$NODE" ]; then
echo "usage: hydra $BASENAME [role]"
exit 1
elif [ ! -e "$HYDRA_FOLDER/config/domain" ]; then
echo "fatal: please configure your domain at $HYDRA_FOLDER/config/domain"
exit 1
elif [ -e "$HYDRA_FOLDER/puppet/config/node/$NODE.yaml" ]; then
echo "fatal: node $NODE already defined"
exit 1
fi
# Provision config
if [ ! -z "$ROLE" ]; then
if [ -e "$APP_BASE/share/config/provision/$ROLE.conf" ]; then
cp $APP_BASE/share/config/provision/$ROLE.conf $HYDRA_FOLDER/config/provision/$NODE.conf
fi
fi
# Set YAML template
if [ -e "$HYDRA_FOLDER/puppet/nodo.example.org.yaml" ]; then
YAML="$HYDRA_FOLDER/puppet/nodo.example.org.yaml"
elif [ -e "$HYDRA_FOLDER/config/puppet/nodo.example.org.yaml" ]; then
YAML="$HYDRA_FOLDER/config/puppet/nodo.example.org.yaml"
else
YAML="$APP_BASE/share/puppet/nodo.example.org.yaml"
fi
# Copy YAML template
mkdir -p $HYDRA_FOLDER/puppet/config/node
cp $YAML $HYDRA_FOLDER/puppet/config/node/$NODE.yaml
# Fix role configuration
if [ ! -z "$ROLE" ]; then
sed -i -e "s/nodo::role: 'virtual'/nodo::role: '$ROLE'/" $HYDRA_FOLDER/puppet/config/node/$NODE.yaml
fi
# Set secret YAML template
if [ -e "$HYDRA_FOLDER/puppet/secrets/nodo.example.org.yaml" ]; then
YAML="$HYDRA_FOLDER/puppet/secrets/nodo.example.org.yaml"
elif [ -e "$HYDRA_FOLDER/config/puppet/secrets/nodo.example.org.yaml" ]; then
YAML="$HYDRA_FOLDER/config/puppet/secrets/nodo.example.org.yaml"
else
YAML="$APP_BASE/share/puppet/secrets/nodo.example.org.yaml"
fi
# Setup secret YAML template
mkdir -p $HYDRA_FOLDER/puppet/config/secrets/node
cp $YAML $HYDRA_FOLDER/puppet/config/secrets/node/$NODE.yaml
# Generate keys
hydra $HYDRA newkeys all $NODE
# Add OpenPGP key ID into secret node config
KEYID="`keyringer $HYDRA decrypt nodes/$NODE/gpg/key.pub 2> /dev/null | gpg --with-colons 2> /dev/null | grep ^pub: | cut -d : -f 5`"
echo "nodo::subsystem::backup::encryptkey: '$KEYID'" >> $HYDRA_FOLDER/puppet/config/secrets/node/$NODE.yaml
echo "" >> $HYDRA_FOLDER/puppet/config/secrets/node/$NODE.yaml
# Add OpenPGP passphrase into secret node config
keyringer $HYDRA decrypt nodes/$NODE/gpg/key.passwd | \
hydra fluxo eyaml $NODE encrypt --stdin -o block -q -l nodo::subsystem::backup::password >> $HYDRA_FOLDER/puppet/config/secrets/node/$NODE.yaml
echo "" >> $HYDRA_FOLDER/puppet/config/secrets/node/$NODE.yaml
# Add Borg passphrase into secret node config
keyringer $HYDRA decrypt nodes/$NODE/borg/key.passwd | \
hydra fluxo eyaml $NODE encrypt --stdin -o block -q -l nodo::subsystem::backup::borg::password >> $HYDRA_FOLDER/puppet/config/secrets/node/$NODE.yaml
# Ansible config
if [ -e "$HYDRA_FOLDER/ansible/inventories/production/hosts" ]; then
echo "$NODE" >> $HYDRA_FOLDER/ansible/inventories/production/hosts
elif [ -e "$HYDRA_FOLDER/ansible/inventories/hosts" ]; then
echo "$NODE" >> $HYDRA_FOLDER/ansible/inventories/hosts
fi
# Add to git
(
cd $HYDRA_FOLDER/puppet
#git add manifests/nodes/$NODE.pp config/node/$NODE.yaml config/secrets/node/$NODE.yaml
git add config/node/$NODE.yaml config/secrets/node/$NODE.yaml
#if [ -e 'manifests/site.pp' ]; then
# git add manifests/site.pp
#fi
cd $HYDRA_FOLDER/ansible
git add .
)