Merge pull request #515 from Kegeruneku/ust_5693/int/5715_create_rudd…

…er_server_relay

Fixes #5715: Create the rudder-server-relay package

rudder-server-relay/SOURCES/Makefile

@@ -0,0 +1,38 @@
+#####################################################################################
+# Copyright 2011 Normation SAS
+#####################################################################################
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, Version 3.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+#####################################################################################
+
+.DEFAULT_GOAL := localdepends
+
+RUDDER_VERSION_TO_PACKAGE = <put Rudder version or version-snapshot here>
+
+localdepends: ./rudder-sources ../debian/rudder-server-root.init
+
+./rudder-sources.tar.bz2:
+	$(WGET) -O rudder-sources.tar.bz2 http://www.rudder-project.org/archives/rudder-sources-${RUDDER_VERSION_TO_PACKAGE}.tar.bz2
+
+./rudder-sources: ./rudder-sources.tar.bz2
+	tar -xjf rudder-sources.tar.bz2
+	mv rudder-sources-*/ rudder-sources/
+
+localclean:
+	rm -rf ./rudder-sources
+
+veryclean:
+	rm -f ./rudder-sources.tar.bz2
+
+.PHONY: localdepends localclean veryclean

rudder-server-relay/SOURCES/rudder-networks-24.conf

@@ -0,0 +1 @@
+Require all denied

rudder-server-relay/SOURCES/rudder-networks.conf

@@ -0,0 +1 @@
+Deny from all

rudder-server-relay/SOURCES/rudder-relay-vhost.conf

@@ -0,0 +1,81 @@
+<VirtualHost *:80>
+
+  ServerAdmin webmaster@localhost
+
+  DocumentRoot /var/www
+
+  # Expose the server UUID through http
+  Alias /uuid /opt/rudder/etc/uuid.hive
+  <Directory /opt/rudder/etc>
+    <IfVersion < 2.4>
+      Order deny,allow
+      Allow From all
+    </IfVersion>
+    <IfVersion >= 2.4>
+      Require all granted
+    </IfVersion>
+  </Directory>
+
+  # WebDAV share to receive inventories
+  Alias /inventories /var/rudder/inventories/incoming
+  <Directory /var/rudder/inventories/incoming>
+
+    DAV on
+
+    AuthName "WebDAV Storage"
+    AuthType Basic
+    AuthUserFile /opt/rudder/etc/htpasswd-webdav-initial
+
+    Require valid-user
+
+    # rudder-networks.conf / rudder-networks-24.conf is automatically
+    # generated according to the hosts allowed by rudder.
+    <IfVersion < 2.4>
+      Order deny,allow
+      Include /opt/rudder/etc/rudder-networks.conf
+    </IfVersion>
+    <IfVersion >= 2.4>
+      Include /opt/rudder/etc/rudder-networks-24.conf
+    </IfVersion>
+
+    <LimitExcept PUT>
+      Require all denied
+    </LimitExcept>
+
+  </Directory>
+
+  # WebDAV share to receive inventories
+  Alias /inventory-updates /var/rudder/inventories/accepted-nodes-updates
+  <Directory /var/rudder/inventories/accepted-nodes-updates>
+
+    DAV on
+
+    AuthName "WebDAV Storage"
+    AuthType Basic
+    AuthUserFile /opt/rudder/etc/htpasswd-webdav
+
+    Require valid-user
+
+    # rudder-networks.conf / rudder-networks-24.conf is automatically
+    # generated according to the hosts allowed by rudder.
+    <IfVersion < 2.4>
+      Order deny,allow
+      Include /opt/rudder/etc/rudder-networks.conf
+    </IfVersion>
+    <IfVersion >= 2.4>
+      Include /opt/rudder/etc/rudder-networks-24.conf
+    </IfVersion>
+
+    <LimitExcept PUT>
+      Require all denied
+    </LimitExcept>
+
+  </Directory>
+
+  # Logs
+  LogLevel warn
+
+  CustomLog /var/log/rudder/apache2/access.log combined
+  ErrorLog /var/log/rudder/apache2/error.log
+
+</VirtualHost>

rudder-server-relay/SPECS/rudder-server-relay.spec

@@ -0,0 +1,213 @@
+#####################################################################################
+# Copyright 2011-2014 Normation SAS
+#####################################################################################
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, Version 3.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+#####################################################################################
+
+#=================================================
+# Specification file for rudder-server-relay
+#=================================================
+#
+# Sets up a machine to become a Rudder relay
+#
+#=================================================
+
+#=================================================
+# Variables
+#=================================================
+
+%define real_name               rudder-server-relay
+%define rudderdir               /opt/rudder
+%define ruddervardir            /var/rudder
+%define rudderlogdir            /var/log/rudder
+
+%if 0%{?sles_version}
+%define apache                  apache2
+%define apache_tools            apache2-utils
+%define apache_group            www
+%define htpasswd_cmd            htpasswd2
+%define apache_vhost_dir        %{apache}/vhosts.d
+%endif
+%if 0%{?rhel} || 0%{?fedora}
+%define apache                  httpd
+%define apache_tools            httpd-tools
+%define apache_group            apache
+%define htpasswd_cmd            htpasswd
+%define apache_vhost_dir        %{apache}/conf.d
+%endif
+
+#=================================================
+# Header
+#=================================================
+
+Summary: Configuration management and audit tool - Rudder server relay package
+Name: %{real_name}
+Version: %{real_version}
+Release: 1%{?dist}
+Epoch: 0
+License: GPLv3
+URL: http://www.rudder-project.org
+
+Group: Applications/System
+
+Source1: rudder-relay-vhost.conf
+Source2: rudder-networks.conf
+Source3: rudder-networks-24.conf
+
+BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
+BuildArch: noarch
+
+# Requirements
+
+## General
+Requires: rsyslog
+
+## RHEL
+%if 0%{?rhel}
+Requires: httpd httpd-tools
+%endif
+
+## SuSE
+%if 0%{?sles_version}
+Requires: apache2 apache2-utils
+%endif
+
+%description
+Rudder is an open source configuration management and audit solution.
+
+This package is essentially a meta-package to install all components required to
+run a Rudder relay server on a machine.
+
+#=================================================
+# Source preparation
+#=================================================
+%prep
+
+#=================================================
+# Building
+#=================================================
+%build
+
+#=================================================
+# Installation
+#=================================================
+%install
+
+rm -rf %{buildroot}
+
+# Directories
+mkdir -p %{buildroot}/etc/%{apache_vhost_dir}
+mkdir -p %{buildroot}%{rudderdir}/etc/
+mkdir -p %{buildroot}%{ruddervardir}/inventories/incoming
+mkdir -p %{buildroot}%{ruddervardir}/inventories/accepted-nodes-updates
+mkdir -p %{buildroot}%{rudderlogdir}/apache2/
+
+# Others
+install -m 644 %{SOURCE1} %{buildroot}/etc/%{apache_vhost_dir}/rudder-relay-vhost.conf
+
+# Copy stub rudder-networks*.conf
+cp %{SOURCE2} %{buildroot}%{rudderdir}/etc/
+cp %{SOURCE3} %{buildroot}%{rudderdir}/etc/
+
+%post -n rudder-server-relay
+#=================================================
+# Post Installation
+#=================================================
+
+echo -n "INFO: Setting Apache HTTPd as a boot service..."
+chkconfig --add %{apache} 2&> /dev/null
+%if 0%{?rhel} && 0%{?rhel} >= 6
+chkconfig %{apache} on
+%endif
+echo " Done"
+
+echo -n "INFO: Stopping Apache HTTPd..."
+service %{apache} stop >/dev/null 2>&1
+echo " Done"
+
+%if 0%{?sles_version}
+# On SuSE, enable the required modules
+MODULES_TO_ENABLE="dav dav_fs"
+
+for enmod in ${MODULES_TO_ENABLE}
+do
+  a2enmod ${enmod} >/dev/null 2>&1
+done
+%endif
+
+# Do this ONLY at first install
+if [ $1 -eq 1 ]
+then
+  echo 'DAVLockDB /tmp/davlock.db' > /etc/%{apache}/conf.d/dav_mod.conf
+fi
+
+# Create inventory repositories and add rights to the apache user to
+# access /var/rudder/inventories/incoming
+chmod 751 %{ruddervardir}/inventories
+
+for inventorydir in %{ruddervardir}/inventories/incoming %{ruddervardir}/inventories/accepted-nodes-updates
+do
+  chmod 770 ${inventorydir}
+  chown -R root:%{apache_group} ${inventorydir}
+done
+
+# Setup password files for inventory reception WebDAV access
+for passwdfile in %{rudderdir}/etc/htpasswd-webdav-initial %{rudderdir}/etc/htpasswd-webdav
+do
+  %{htpasswd_cmd} -bc ${passwdfile} rudder rudder >/dev/null 2>&1
+done
+
+echo -n "INFO: Starting Apache HTTPd..."
+service %{apache} start >/dev/null 2>&1
+echo " Done"
+
+# Do this ONLY at first install
+if [ $1 -eq 1 ]
+then
+  echo ""
+  echo "*****************************************************************************************"
+  echo "INFO: rudder-server-relay setup complete.                                                "
+  echo "INFO:                                                                                    "
+  echo "INFO: Now run '/opt/rudder/bin/rudder-node-to-relay $(cat %{rudderdir}/etc/uuid.hive)'   "
+  echo "INFO: on your root server to complete this node transition to a relay server.            "
+  echo "INFO:                                                                                    "
+  echo "INFO: Please look at the documentation for details (Section 'Relay servers')             "
+  echo "*****************************************************************************************"
+fi
+
+#=================================================
+# Cleaning
+#=================================================
+%clean
+rm -rf %{buildroot}
+
+#=================================================
+# Files
+#=================================================
+%files -n rudder-server-relay
+%defattr(-, root, root, 0755)
+%config(noreplace) /etc/%{apache_vhost_dir}/rudder-relay-vhost.conf
+%config(noreplace) %{rudderdir}/etc/rudder-networks.conf
+%config(noreplace) %{rudderdir}/etc/rudder-networks-24.conf
+%{ruddervardir}/inventories/incoming
+%{ruddervardir}/inventories/accepted-nodes-updates
+%{rudderlogdir}/apache2/
+
+#=================================================
+# Changelog
+#=================================================
+%changelog
+* Mon Nov 03 2014 - Matthieu Cerda <matthieu.cerda@normation.com> 3.0-alpha1-1
+- Initial package

rudder-server-relay/debian/README

@@ -0,0 +1,6 @@
+The Debian Package rudder-server-relay
+--------------------------------------
+
+Please take a look at https://github.com/Normation/rudder-packages/blob/master/README.asciidoc for details.
+
+ -- Matthieu Cerda <matthieu.cerda@normation.com>> on Mon, 03 Nov 2014 12:33:24 +0100

rudder-server-relay/debian/changelog

@@ -0,0 +1,5 @@
+rudder-server-relay (0.1-0) stable; urgency=low
+
+  * Initial release
+
+ -- Matthieu CERDA <matthieu.cerda@normation.com>  Thu, 30 Oct 2014 17:01:22 +0100

rudder-server-relay/debian/compat

@@ -0,0 +1 @@
+7

rudder-server-relay/debian/conffiles

@@ -0,0 +1,3 @@
+/etc/apache2/sites-available/rudder-relay-vhost
+/opt/rudder/etc/rudder-networks.conf
+/opt/rudder/etc/rudder-networks-24.conf

rudder-server-relay/debian/control

@@ -0,0 +1,16 @@
+Source: rudder-server-relay
+Section: web
+Priority: extra
+Maintainer: Rudder packaging team <rudder-packaging@rudder-project.org>
+Build-Depends: debhelper (>= 7)
+Standards-Version: 3.8.0
+Homepage: http://www.rudder-project.org
+
+Package: rudder-server-relay
+Architecture: all
+Depends: ${shlibs:Depends}, ${misc:Depends}, rudder-agent, apache2, apache2-utils, rsyslog
+Description: Configuration management and audit tool - Server relay package
+ Rudder is an open source configuration management and audit solution.
+ .
+ This package is essentially a meta-package to install all components required
+ to run a Rudder relay server on a machine.

rudder-server-relay/debian/copyright

@@ -0,0 +1,16 @@
+This package was debianized by:
+
+    Matthieu Cerda <matthieu.cerda@normation.com>> on Mon, 03 Nov 2014 12:33:24 +0100
+
+Upstream Author(s):
+
+    Normation - http://www.normation.com
+    Rudder project - http://www.rudder-project.org
+
+Copyright:
+
+    Copyright (C) 2011-2014 Normation SAS
+
+License:
+
+    AGPLv3

rudder-server-relay/debian/dirs

@@ -0,0 +1,4 @@
+opt/rudder/etc
+var/rudder/inventories/accepted-nodes-updates
+var/rudder/inventories/incoming
+var/log/rudder/apache2

rudder-server-relay/debian/links

@@ -0,0 +1 @@
+/etc/apache2/sites-available/rudder-relay-vhost  /etc/apache2/sites-available/rudder-relay-vhost.conf