-
Notifications
You must be signed in to change notification settings - Fork 24
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #515 from Kegeruneku/ust_5693/int/5715_create_rudd…
…er_server_relay Fixes #5715: Create the rudder-server-relay package
- Loading branch information
Showing
20 changed files
with
558 additions
and
2 deletions.
There are no files selected for viewing
Empty file.
Empty file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,38 @@ | ||
##################################################################################### | ||
# Copyright 2011 Normation SAS | ||
##################################################################################### | ||
# | ||
# This program is free software: you can redistribute it and/or modify | ||
# it under the terms of the GNU General Public License as published by | ||
# the Free Software Foundation, Version 3. | ||
# | ||
# This program is distributed in the hope that it will be useful, | ||
# but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
# GNU General Public License for more details. | ||
# | ||
# You should have received a copy of the GNU General Public License | ||
# along with this program. If not, see <http://www.gnu.org/licenses/>. | ||
# | ||
##################################################################################### | ||
|
||
.DEFAULT_GOAL := localdepends | ||
|
||
RUDDER_VERSION_TO_PACKAGE = <put Rudder version or version-snapshot here> | ||
|
||
localdepends: ./rudder-sources ../debian/rudder-server-root.init | ||
|
||
./rudder-sources.tar.bz2: | ||
$(WGET) -O rudder-sources.tar.bz2 http://www.rudder-project.org/archives/rudder-sources-${RUDDER_VERSION_TO_PACKAGE}.tar.bz2 | ||
|
||
./rudder-sources: ./rudder-sources.tar.bz2 | ||
tar -xjf rudder-sources.tar.bz2 | ||
mv rudder-sources-*/ rudder-sources/ | ||
|
||
localclean: | ||
rm -rf ./rudder-sources | ||
|
||
veryclean: | ||
rm -f ./rudder-sources.tar.bz2 | ||
|
||
.PHONY: localdepends localclean veryclean |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
Require all denied |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
Deny from all |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,81 @@ | ||
<VirtualHost *:80> | ||
|
||
ServerAdmin webmaster@localhost | ||
|
||
DocumentRoot /var/www | ||
|
||
# Expose the server UUID through http | ||
Alias /uuid /opt/rudder/etc/uuid.hive | ||
<Directory /opt/rudder/etc> | ||
<IfVersion < 2.4> | ||
Order deny,allow | ||
Allow From all | ||
</IfVersion> | ||
<IfVersion >= 2.4> | ||
Require all granted | ||
</IfVersion> | ||
</Directory> | ||
|
||
# WebDAV share to receive inventories | ||
Alias /inventories /var/rudder/inventories/incoming | ||
<Directory /var/rudder/inventories/incoming> | ||
|
||
DAV on | ||
|
||
AuthName "WebDAV Storage" | ||
AuthType Basic | ||
AuthUserFile /opt/rudder/etc/htpasswd-webdav-initial | ||
|
||
Require valid-user | ||
|
||
# rudder-networks.conf / rudder-networks-24.conf is automatically | ||
# generated according to the hosts allowed by rudder. | ||
<IfVersion < 2.4> | ||
Order deny,allow | ||
Include /opt/rudder/etc/rudder-networks.conf | ||
</IfVersion> | ||
<IfVersion >= 2.4> | ||
Include /opt/rudder/etc/rudder-networks-24.conf | ||
</IfVersion> | ||
|
||
<LimitExcept PUT> | ||
Require all denied | ||
</LimitExcept> | ||
|
||
</Directory> | ||
|
||
# WebDAV share to receive inventories | ||
Alias /inventory-updates /var/rudder/inventories/accepted-nodes-updates | ||
<Directory /var/rudder/inventories/accepted-nodes-updates> | ||
|
||
DAV on | ||
|
||
AuthName "WebDAV Storage" | ||
AuthType Basic | ||
AuthUserFile /opt/rudder/etc/htpasswd-webdav | ||
|
||
Require valid-user | ||
|
||
# rudder-networks.conf / rudder-networks-24.conf is automatically | ||
# generated according to the hosts allowed by rudder. | ||
<IfVersion < 2.4> | ||
Order deny,allow | ||
Include /opt/rudder/etc/rudder-networks.conf | ||
</IfVersion> | ||
<IfVersion >= 2.4> | ||
Include /opt/rudder/etc/rudder-networks-24.conf | ||
</IfVersion> | ||
|
||
<LimitExcept PUT> | ||
Require all denied | ||
</LimitExcept> | ||
|
||
</Directory> | ||
|
||
# Logs | ||
LogLevel warn | ||
|
||
CustomLog /var/log/rudder/apache2/access.log combined | ||
ErrorLog /var/log/rudder/apache2/error.log | ||
|
||
</VirtualHost> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,213 @@ | ||
##################################################################################### | ||
# Copyright 2011-2014 Normation SAS | ||
##################################################################################### | ||
# | ||
# This program is free software: you can redistribute it and/or modify | ||
# it under the terms of the GNU General Public License as published by | ||
# the Free Software Foundation, Version 3. | ||
# | ||
# This program is distributed in the hope that it will be useful, | ||
# but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
# GNU General Public License for more details. | ||
# | ||
# You should have received a copy of the GNU General Public License | ||
# along with this program. If not, see <http://www.gnu.org/licenses/>. | ||
# | ||
##################################################################################### | ||
|
||
#================================================= | ||
# Specification file for rudder-server-relay | ||
#================================================= | ||
# | ||
# Sets up a machine to become a Rudder relay | ||
# | ||
#================================================= | ||
|
||
#================================================= | ||
# Variables | ||
#================================================= | ||
|
||
%define real_name rudder-server-relay | ||
%define rudderdir /opt/rudder | ||
%define ruddervardir /var/rudder | ||
%define rudderlogdir /var/log/rudder | ||
|
||
%if 0%{?sles_version} | ||
%define apache apache2 | ||
%define apache_tools apache2-utils | ||
%define apache_group www | ||
%define htpasswd_cmd htpasswd2 | ||
%define apache_vhost_dir %{apache}/vhosts.d | ||
%endif | ||
%if 0%{?rhel} || 0%{?fedora} | ||
%define apache httpd | ||
%define apache_tools httpd-tools | ||
%define apache_group apache | ||
%define htpasswd_cmd htpasswd | ||
%define apache_vhost_dir %{apache}/conf.d | ||
%endif | ||
|
||
#================================================= | ||
# Header | ||
#================================================= | ||
|
||
Summary: Configuration management and audit tool - Rudder server relay package | ||
Name: %{real_name} | ||
Version: %{real_version} | ||
Release: 1%{?dist} | ||
Epoch: 0 | ||
License: GPLv3 | ||
URL: http://www.rudder-project.org | ||
|
||
Group: Applications/System | ||
|
||
Source1: rudder-relay-vhost.conf | ||
Source2: rudder-networks.conf | ||
Source3: rudder-networks-24.conf | ||
|
||
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) | ||
BuildArch: noarch | ||
|
||
# Requirements | ||
|
||
## General | ||
Requires: rsyslog | ||
|
||
## RHEL | ||
%if 0%{?rhel} | ||
Requires: httpd httpd-tools | ||
%endif | ||
|
||
## SuSE | ||
%if 0%{?sles_version} | ||
Requires: apache2 apache2-utils | ||
%endif | ||
|
||
%description | ||
Rudder is an open source configuration management and audit solution. | ||
|
||
This package is essentially a meta-package to install all components required to | ||
run a Rudder relay server on a machine. | ||
|
||
#================================================= | ||
# Source preparation | ||
#================================================= | ||
%prep | ||
|
||
#================================================= | ||
# Building | ||
#================================================= | ||
%build | ||
|
||
#================================================= | ||
# Installation | ||
#================================================= | ||
%install | ||
|
||
rm -rf %{buildroot} | ||
|
||
# Directories | ||
mkdir -p %{buildroot}/etc/%{apache_vhost_dir} | ||
mkdir -p %{buildroot}%{rudderdir}/etc/ | ||
mkdir -p %{buildroot}%{ruddervardir}/inventories/incoming | ||
mkdir -p %{buildroot}%{ruddervardir}/inventories/accepted-nodes-updates | ||
mkdir -p %{buildroot}%{rudderlogdir}/apache2/ | ||
|
||
# Others | ||
install -m 644 %{SOURCE1} %{buildroot}/etc/%{apache_vhost_dir}/rudder-relay-vhost.conf | ||
|
||
# Copy stub rudder-networks*.conf | ||
cp %{SOURCE2} %{buildroot}%{rudderdir}/etc/ | ||
cp %{SOURCE3} %{buildroot}%{rudderdir}/etc/ | ||
|
||
%post -n rudder-server-relay | ||
#================================================= | ||
# Post Installation | ||
#================================================= | ||
|
||
echo -n "INFO: Setting Apache HTTPd as a boot service..." | ||
chkconfig --add %{apache} 2&> /dev/null | ||
%if 0%{?rhel} && 0%{?rhel} >= 6 | ||
chkconfig %{apache} on | ||
%endif | ||
echo " Done" | ||
|
||
echo -n "INFO: Stopping Apache HTTPd..." | ||
service %{apache} stop >/dev/null 2>&1 | ||
echo " Done" | ||
|
||
%if 0%{?sles_version} | ||
# On SuSE, enable the required modules | ||
MODULES_TO_ENABLE="dav dav_fs" | ||
|
||
for enmod in ${MODULES_TO_ENABLE} | ||
do | ||
a2enmod ${enmod} >/dev/null 2>&1 | ||
done | ||
%endif | ||
|
||
# Do this ONLY at first install | ||
if [ $1 -eq 1 ] | ||
then | ||
echo 'DAVLockDB /tmp/davlock.db' > /etc/%{apache}/conf.d/dav_mod.conf | ||
fi | ||
|
||
# Create inventory repositories and add rights to the apache user to | ||
# access /var/rudder/inventories/incoming | ||
chmod 751 %{ruddervardir}/inventories | ||
|
||
for inventorydir in %{ruddervardir}/inventories/incoming %{ruddervardir}/inventories/accepted-nodes-updates | ||
do | ||
chmod 770 ${inventorydir} | ||
chown -R root:%{apache_group} ${inventorydir} | ||
done | ||
|
||
# Setup password files for inventory reception WebDAV access | ||
for passwdfile in %{rudderdir}/etc/htpasswd-webdav-initial %{rudderdir}/etc/htpasswd-webdav | ||
do | ||
%{htpasswd_cmd} -bc ${passwdfile} rudder rudder >/dev/null 2>&1 | ||
done | ||
|
||
echo -n "INFO: Starting Apache HTTPd..." | ||
service %{apache} start >/dev/null 2>&1 | ||
echo " Done" | ||
|
||
# Do this ONLY at first install | ||
if [ $1 -eq 1 ] | ||
then | ||
echo "" | ||
echo "*****************************************************************************************" | ||
echo "INFO: rudder-server-relay setup complete. " | ||
echo "INFO: " | ||
echo "INFO: Now run '/opt/rudder/bin/rudder-node-to-relay $(cat %{rudderdir}/etc/uuid.hive)' " | ||
echo "INFO: on your root server to complete this node transition to a relay server. " | ||
echo "INFO: " | ||
echo "INFO: Please look at the documentation for details (Section 'Relay servers') " | ||
echo "*****************************************************************************************" | ||
fi | ||
|
||
#================================================= | ||
# Cleaning | ||
#================================================= | ||
%clean | ||
rm -rf %{buildroot} | ||
|
||
#================================================= | ||
# Files | ||
#================================================= | ||
%files -n rudder-server-relay | ||
%defattr(-, root, root, 0755) | ||
%config(noreplace) /etc/%{apache_vhost_dir}/rudder-relay-vhost.conf | ||
%config(noreplace) %{rudderdir}/etc/rudder-networks.conf | ||
%config(noreplace) %{rudderdir}/etc/rudder-networks-24.conf | ||
%{ruddervardir}/inventories/incoming | ||
%{ruddervardir}/inventories/accepted-nodes-updates | ||
%{rudderlogdir}/apache2/ | ||
|
||
#================================================= | ||
# Changelog | ||
#================================================= | ||
%changelog | ||
* Mon Nov 03 2014 - Matthieu Cerda <matthieu.cerda@normation.com> 3.0-alpha1-1 | ||
- Initial package |
Empty file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
The Debian Package rudder-server-relay | ||
-------------------------------------- | ||
|
||
Please take a look at https://github.com/Normation/rudder-packages/blob/master/README.asciidoc for details. | ||
|
||
-- Matthieu Cerda <matthieu.cerda@normation.com>> on Mon, 03 Nov 2014 12:33:24 +0100 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
rudder-server-relay (0.1-0) stable; urgency=low | ||
|
||
* Initial release | ||
|
||
-- Matthieu CERDA <matthieu.cerda@normation.com> Thu, 30 Oct 2014 17:01:22 +0100 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
7 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
/etc/apache2/sites-available/rudder-relay-vhost | ||
/opt/rudder/etc/rudder-networks.conf | ||
/opt/rudder/etc/rudder-networks-24.conf |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
Source: rudder-server-relay | ||
Section: web | ||
Priority: extra | ||
Maintainer: Rudder packaging team <rudder-packaging@rudder-project.org> | ||
Build-Depends: debhelper (>= 7) | ||
Standards-Version: 3.8.0 | ||
Homepage: http://www.rudder-project.org | ||
|
||
Package: rudder-server-relay | ||
Architecture: all | ||
Depends: ${shlibs:Depends}, ${misc:Depends}, rudder-agent, apache2, apache2-utils, rsyslog | ||
Description: Configuration management and audit tool - Server relay package | ||
Rudder is an open source configuration management and audit solution. | ||
. | ||
This package is essentially a meta-package to install all components required | ||
to run a Rudder relay server on a machine. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
This package was debianized by: | ||
|
||
Matthieu Cerda <matthieu.cerda@normation.com>> on Mon, 03 Nov 2014 12:33:24 +0100 | ||
|
||
Upstream Author(s): | ||
|
||
Normation - http://www.normation.com | ||
Rudder project - http://www.rudder-project.org | ||
|
||
Copyright: | ||
|
||
Copyright (C) 2011-2014 Normation SAS | ||
|
||
License: | ||
|
||
AGPLv3 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
opt/rudder/etc | ||
var/rudder/inventories/accepted-nodes-updates | ||
var/rudder/inventories/incoming | ||
var/log/rudder/apache2 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
/etc/apache2/sites-available/rudder-relay-vhost /etc/apache2/sites-available/rudder-relay-vhost.conf |
Oops, something went wrong.