def create_user_and_group_if_not_exists(user, group):
"""Create documize user & group if not exists
"""
if not group_exists(group):
add_group(group)
if not user_exists(user):
adduser(user, system_user=True)
def git_pre_install():
"""Perform pre-install setup."""
dirs = [
'/var/lib/nova',
'/var/lib/nova/buckets',
'/var/lib/nova/CA',
'/var/lib/nova/CA/INTER',
'/var/lib/nova/CA/newcerts',
'/var/lib/nova/CA/private',
'/var/lib/nova/CA/reqs',
'/var/lib/nova/images',
'/var/lib/nova/instances',
'/var/lib/nova/keys',
'/var/lib/nova/networks',
'/var/lib/nova/tmp',
'/var/lib/neutron',
'/var/lib/neutron/lock',
'/var/log/nova',
'/etc/neutron',
'/etc/neutron/plugins',
'/etc/neutron/plugins/ml2',
]
adduser('nova', shell='/bin/bash', system_user=True)
subprocess.check_call(['usermod', '--home', '/var/lib/nova', 'nova'])
add_group('nova', system_group=True)
add_user_to_group('nova', 'nova')
adduser('neutron', shell='/bin/bash', system_user=True)
add_group('neutron', system_group=True)
add_user_to_group('neutron', 'neutron')
for d in dirs:
mkdir(d, owner='nova', group='nova', perms=0755, force=False)
def _install_mattermost():
# Backup existing installation if it exists
backup_path = None
if os.path.isdir('/opt/mattermost'):
backup_path = "/opt/mattermost.back{}".format(
str(datetime.datetime.now()))
shutil.move('/opt/mattermost', backup_path)
# Create mattermost user & group if not exists
if not group_exists('mattermost'):
add_group("mattermost")
if not user_exists('mattermost'):
adduser("mattermost", system_user=True)
# Get and uppack resource
mattermost_bdist = resource_get('bdist')
extract_tarfile(mattermost_bdist, destpath="/opt")
# Render systemd template
render(source="mattermost.service.tmpl",
target="/etc/systemd/system/mattermost.service",
perms=0o644,
owner="root",
context={})
check_call(['systemctl', 'daemon-reload'])
if backup_path:
shutil.move('{}/config/config.json'.format(backup_path),
'/opt/mattermost/config/config.json')
shutil.move('{}/data'.format(backup_path), '/opt/mattermost/')
# Create dirs that don't exist yet
for folder in ("data", "logs", "config"):
os.makedirs("/opt/mattermost/{}".format(folder),
mode=0o700,
exist_ok=True)
chownr("/opt/mattermost", "mattermost", "mattermost", chowntopdir=True)
def git_pre_install():
"""Perform glance pre-install setup."""
dirs = [
'/var/lib/glance',
'/var/lib/glance/images',
'/var/lib/glance/image-cache',
'/var/lib/glance/image-cache/incomplete',
'/var/lib/glance/image-cache/invalid',
'/var/lib/glance/image-cache/queue',
'/var/log/glance',
]
logs = [
'/var/log/glance/glance-api.log',
'/var/log/glance/glance-registry.log',
]
adduser('glance', shell='/bin/bash', system_user=True)
add_group('glance', system_group=True)
add_user_to_group('glance', 'glance')
for d in dirs:
mkdir(d, owner='glance', group='glance', perms=0755, force=False)
for l in logs:
write_file(l, '', owner='glance', group='glance', perms=0600)
def git_pre_install():
"""Perform glance pre-install setup."""
dirs = [
'/var/lib/glance',
'/var/lib/glance/images',
'/var/lib/glance/image-cache',
'/var/lib/glance/image-cache/incomplete',
'/var/lib/glance/image-cache/invalid',
'/var/lib/glance/image-cache/queue',
'/var/log/glance',
]
logs = [
'/var/log/glance/glance-api.log',
'/var/log/glance/glance-registry.log',
]
adduser('glance', shell='/bin/bash', system_user=True)
add_group('glance', system_group=True)
add_user_to_group('glance', 'glance')
for d in dirs:
mkdir(d, owner='glance', group='glance', perms=0755, force=False)
for l in logs:
write_file(l, '', owner='glance', group='glance', perms=0600)
def install():
conf = hookenv.config()
context = get_install_context()
gogs_bdist = hookenv.resource_get('bdist')
check_call(["tar", "xzf", gogs_bdist], cwd="/opt")
# Create gogs user & group
add_group(context['group'])
adduser(context['user'], system_user=True)
for dir in ('.ssh', 'repositories', 'data', 'logs'):
os.makedirs(
os.path.join(context['home'], dir), mode=0o700, exist_ok=True)
os.makedirs(os.path.join(context['home'], 'custom', 'conf'),
mode=0o755, exist_ok=True)
chownr(context['home'], context['user'], context['group'], True, True)
render(source='upstart',
target="/etc/init/gogs.conf",
perms=0o644,
context=context)
render(source='gogs.service',
target="/lib/systemd/system/gogs.service",
perms=0o644,
context=context)
hookenv.status_set('maintenance', 'installation complete')
def _install_mattermost():
# Backup existing installation if it exists
backup_path = None
if os.path.isdir('/opt/mattermost'):
backup_path = "/opt/mattermost.back{}".format(str(datetime.datetime.now()))
shutil.move('/opt/mattermost', backup_path)
# Create mattermost user & group if not exists
if not group_exists('mattermost'):
add_group("mattermost")
if not user_exists('mattermost'):
adduser("mattermost", system_user=True)
# Get and uppack resource
mattermost_bdist = resource_get('bdist')
extract_tarfile(mattermost_bdist, destpath="/opt")
# Render systemd template
render(source="mattermost.service.tmpl",
target="/etc/systemd/system/mattermost.service",
perms=0o644,
owner="root",
context={})
check_call(['systemctl', 'daemon-reload'])
if backup_path:
shutil.move(
'{}/config/config.json'.format(backup_path),
'/opt/mattermost/config/config.json')
shutil.move(
'{}/data'.format(backup_path),
'/opt/mattermost/')
# Create dirs that don't exist yet
for folder in ("data", "logs", "config"):
os.makedirs("/opt/mattermost/{}".format(folder),
mode=0o700,
exist_ok=True)
chownr("/opt/mattermost", "mattermost", "mattermost", chowntopdir=True)
def create_repo(git):
username = git.get_remote('username')
service = remote_service_name()
repo_path = os.path.join(repo_root(), service+'.git')
host.add_group(username)
host.adduser(username, password=host.pwgen(32), shell='/usr/bin/git-shell')
ssh_public_key = git.get_remote('ssh-public-key')
dotssh_dir = '/home/{}/.ssh/'.format(username)
host.mkdir(dotssh_dir, username, username, 0o700)
host.write_file(dotssh_dir + 'authorized_keys',
ssh_public_key.encode('utf-8'),
username, username, 0o400)
host.mkdir(repo_path, group=username, perms=0o770)
subprocess.check_call(['git', 'init', '--bare', '--shared=group', repo_path])
# Create server-side hook that will inform
# clients whenever changes are committed.
create_git_hooks(repo_path, username)
# Make the repo owned by <username>.
chown_repo(repo_path, username)
# TODO(axw) read and publish all host keys.
ssh_host_keys = [open(SSH_HOST_RSA_KEY).read()]
git.configure(repo_path, ssh_host_keys)
set_state('git.repo.created')
status_set('active', '')
def git_pre_install():
"""Perform pre-install setup."""
dirs = [
'/var/lib/nova',
'/var/lib/nova/buckets',
'/var/lib/nova/CA',
'/var/lib/nova/CA/INTER',
'/var/lib/nova/CA/newcerts',
'/var/lib/nova/CA/private',
'/var/lib/nova/CA/reqs',
'/var/lib/nova/images',
'/var/lib/nova/instances',
'/var/lib/nova/keys',
'/var/lib/nova/networks',
'/var/lib/nova/tmp',
'/var/lib/neutron',
'/var/lib/neutron/lock',
'/var/log/nova',
'/etc/neutron',
'/etc/neutron/plugins',
'/etc/neutron/plugins/ml2',
]
adduser('nova', shell='/bin/bash', system_user=True)
subprocess.check_call(['usermod', '--home', '/var/lib/nova', 'nova'])
add_group('nova', system_group=True)
add_user_to_group('nova', 'nova')
adduser('neutron', shell='/bin/bash', system_user=True)
add_group('neutron', system_group=True)
add_user_to_group('neutron', 'neutron')
for d in dirs:
mkdir(d, owner='nova', group='nova', perms=0755, force=False)
def install():
if is_state('oostore.available'):
return
host.adduser('oostore', system_user=True)
host.add_group('oostore', system_group=True)
host.add_user_to_group('oostore', 'oostore')
install_workload()
set_state('oostore.available')
def create_prometheus_user():
if not group_exists('prometheus'):
add_group('prometheus', system_group=True)
if not user_exists('prometheus'):
adduser(
'prometheus',
shell='/bin/false',
system_user=True,
primary_group='prometheus',
home_dir='/var/lib/prometheus',
)
set_state('prometheus.user.available')
def add_users(self):
for group in self.groups:
host.add_group(group)
for username, details in self.users.items():
primary_grp = None
secondary_grps = None
groups = details.get('groups', [])
if groups:
primary_grp = groups[0]
secondary_grps = groups[1:]
hookenv.log('Creating user {0} in primary group {1} and secondary groups {2}'
.format(username, primary_grp, secondary_grps))
host.adduser(username, primary_group=primary_grp, secondary_groups=secondary_grps)
def add_users(self):
for group in self.groups:
host.add_group(group)
for username, details in self.users.items():
primary_grp = None
secondary_grps = None
groups = details.get('groups', [])
if groups:
primary_grp = groups[0]
secondary_grps = groups[1:]
hookenv.log('Creating user {0} in primary group {1} and secondary groups {2}'
.format(username, primary_grp, secondary_grps))
host.adduser(username, primary_group=primary_grp, secondary_groups=secondary_grps)
def add_user():
"""
Adding passwordless sudo access to nova user and adding to required groups
"""
try:
add_group(DMAPI_GRP, system_group=True)
adduser(DMAPI_USR, password=None, shell='/bin/bash', system_user=True)
add_user_to_group(DMAPI_USR, DMAPI_GRP)
except Exception as e:
log("Failed while adding user with msg: {}".format(e))
return False
return True
def git_pre_install():
"""Perform cinder pre-install setup."""
dirs = [{
'path': '/etc/tgt',
'owner': 'cinder',
'group': 'cinder',
'perms': 0750,
}, {
'path': '/var/lib/cinder',
'owner': 'cinder',
'group': 'cinder',
'perms': 0755,
}, {
'path': '/var/lib/cinder/volumes',
'owner': 'cinder',
'group': 'cinder',
'perms': 0750,
}, {
'path': '/var/lock/cinder',
'owner': 'cinder',
'group': 'root',
'perms': 0750,
}, {
'path': '/var/log/cinder',
'owner': 'cinder',
'group': 'cinder',
'perms': 0750,
}]
logs = [
'/var/log/cinder/cinder-api.log',
'/var/log/cinder/cinder-backup.log',
'/var/log/cinder/cinder-scheduler.log',
'/var/log/cinder/cinder-volume.log',
]
adduser('cinder', shell='/bin/bash', system_user=True)
add_group('cinder', system_group=True)
add_user_to_group('cinder', 'cinder')
for d in dirs:
mkdir(d['path'],
owner=d['owner'],
group=d['group'],
perms=d['perms'],
force=False)
for l in logs:
write_file(l, '', owner='cinder', group='cinder', perms=0600)
def perms():
for p in paths:
makedirs(p[0], exist_ok=True)
try:
getgrnam(p[2])
except KeyError:
add_group(p[2], system_group=True)
if not user_exists(p[1]):
adduser(p[1], shell='/bin/false', system_user=True,
primary_group=p[2])
# Ensure path is owned appropriately
chownr(path=p[0], owner=p[1], group=p[2], chowntopdir=True)
def perms():
for p in paths:
makedirs(p[0], exist_ok=True)
try:
getgrnam(p[2])
except KeyError:
add_group(p[2], system_group=True)
if not user_exists(p[1]):
adduser(p[1],
shell='/bin/false',
system_user=True,
primary_group=p[2])
# Ensure path is owned appropriately
chownr(path=p[0], owner=p[1], group=p[2], chowntopdir=True)
def git_pre_install():
"""Perform cinder pre-install setup."""
dirs = [{'path': '/etc/tgt',
'owner': 'cinder',
'group': 'cinder',
'perms': 0750,
},
{'path': '/var/lib/cinder',
'owner': 'cinder',
'group': 'cinder',
'perms': 0755,
},
{'path': '/var/lib/cinder/volumes',
'owner': 'cinder',
'group': 'cinder',
'perms': 0750,
},
{'path': '/var/lock/cinder',
'owner': 'cinder',
'group': 'root',
'perms': 0750,
},
{'path': '/var/log/cinder',
'owner': 'cinder',
'group': 'cinder',
'perms': 0750,
}]
logs = [
'/var/log/cinder/cinder-api.log',
'/var/log/cinder/cinder-backup.log',
'/var/log/cinder/cinder-scheduler.log',
'/var/log/cinder/cinder-volume.log',
]
adduser('cinder', shell='/bin/bash', system_user=True)
add_group('cinder', system_group=True)
add_user_to_group('cinder', 'cinder')
for d in dirs:
mkdir(d['path'], owner=d['owner'], group=d['group'], perms=d['perms'],
force=False)
for l in logs:
write_file(l, '', owner='cinder', group='cinder', perms=0600)
def git_pre_install():
"""Perform pre-install setup."""
dirs = [
'/etc/neutron',
'/etc/neutron/rootwrap.d',
'/etc/neutron/plugins',
'/etc/nova',
'/var/lib/neutron',
'/var/lib/neutron/lock',
'/var/log/neutron',
]
logs = [
'/var/log/neutron/bigswitch-agent.log',
'/var/log/neutron/dhcp-agent.log',
'/var/log/neutron/l3-agent.log',
'/var/log/neutron/lbaas-agent.log',
'/var/log/neutron/ibm-agent.log',
'/var/log/neutron/linuxbridge-agent.log',
'/var/log/neutron/metadata-agent.log',
'/var/log/neutron/metering_agent.log',
'/var/log/neutron/mlnx-agent.log',
'/var/log/neutron/nec-agent.log',
'/var/log/neutron/nvsd-agent.log',
'/var/log/neutron/openflow-agent.log',
'/var/log/neutron/openvswitch-agent.log',
'/var/log/neutron/ovs-cleanup.log',
'/var/log/neutron/ryu-agent.log',
'/var/log/neutron/server.log',
'/var/log/neutron/sriov-agent.log',
'/var/log/neutron/vpn_agent.log',
]
adduser('neutron', shell='/bin/bash', system_user=True)
add_group('neutron', system_group=True)
add_user_to_group('neutron', 'neutron')
for d in dirs:
mkdir(d, owner='neutron', group='neutron', perms=0755, force=False)
for l in logs:
write_file(l, '', owner='neutron', group='neutron', perms=0644)
def git_pre_install():
"""Perform pre-install setup."""
dirs = [
'/etc/neutron',
'/etc/neutron/rootwrap.d',
'/etc/neutron/plugins',
'/etc/nova',
'/var/lib/neutron',
'/var/lib/neutron/lock',
'/var/log/neutron',
]
logs = [
'/var/log/neutron/bigswitch-agent.log',
'/var/log/neutron/dhcp-agent.log',
'/var/log/neutron/l3-agent.log',
'/var/log/neutron/lbaas-agent.log',
'/var/log/neutron/ibm-agent.log',
'/var/log/neutron/linuxbridge-agent.log',
'/var/log/neutron/metadata-agent.log',
'/var/log/neutron/metering_agent.log',
'/var/log/neutron/mlnx-agent.log',
'/var/log/neutron/nec-agent.log',
'/var/log/neutron/nvsd-agent.log',
'/var/log/neutron/openflow-agent.log',
'/var/log/neutron/openvswitch-agent.log',
'/var/log/neutron/ovs-cleanup.log',
'/var/log/neutron/ryu-agent.log',
'/var/log/neutron/server.log',
'/var/log/neutron/sriov-agent.log',
'/var/log/neutron/vpn_agent.log',
]
adduser('neutron', shell='/bin/bash', system_user=True)
add_group('neutron', system_group=True)
add_user_to_group('neutron', 'neutron')
for d in dirs:
mkdir(d, owner='neutron', group='neutron', perms=0755, force=False)
for l in logs:
write_file(l, '', owner='neutron', group='neutron', perms=0644)
def configure_lxd_source(user='******'):
'''Add required configuration and files when deploying LXD from source'''
log('Configuring LXD Source')
home = pwd.getpwnam(user).pw_dir
GOPATH = os.path.join(home, 'go')
templates_dir = 'templates'
render('lxd_upstart', '/etc/init/lxd.conf', {},
perms=0o644, templates_dir=templates_dir)
render('lxd_service', '/lib/systemd/system/lxd.service', {},
perms=0o644, templates_dir=templates_dir)
add_group('lxd', system_group=True)
add_user_to_group(user, 'lxd')
service_stop('lxd')
files = glob.glob('%s/bin/*' % GOPATH)
for i in files:
cmd = ['cp', i, '/usr/bin']
check_call(cmd)
service_start('lxd')
def git_pre_install():
"""Perform pre-install setup."""
dirs = [
'/var/lib/neutron',
'/var/lib/neutron/lock',
'/var/log/neutron',
]
logs = [
'/var/log/neutron/server.log',
]
adduser('neutron', shell='/bin/bash', system_user=True)
add_group('neutron', system_group=True)
add_user_to_group('neutron', 'neutron')
for d in dirs:
mkdir(d, owner='neutron', group='neutron', perms=0755, force=False)
for l in logs:
write_file(l, '', owner='neutron', group='neutron', perms=0600)
def test_doesnt_add_group_if_it_already_exists(self, log, check_call,
getgrnam):
group_name = 'testgroup'
existing_group_grnam = 'some group grnam'
getgrnam.return_value = existing_group_grnam
result = host.add_group(group_name)
self.assertEqual(result, existing_group_grnam)
self.assertFalse(check_call.called)
getgrnam.assert_called_with(group_name)
def test_add_a_system_group(self, log, check_call, getgrnam):
group_name = 'testgroup'
existing_group_grnam = KeyError('group not found')
new_group_grnam = 'some group grnam'
getgrnam.side_effect = [existing_group_grnam, new_group_grnam]
result = host.add_group(group_name, system_group=True)
self.assertEqual(result, new_group_grnam)
check_call.assert_called_with(['addgroup', '--system', group_name])
getgrnam.assert_called_with(group_name)
def git_pre_install():
"""Perform glance pre-install setup."""
dirs = [
'/var/lib/astara',
'/var/log/astara',
'/etc/astara',
]
logs = [
'/var/log/astara/astara-orchestrator.log',
]
adduser('astara', shell='/bin/bash', system_user=True)
add_group('astara', system_group=True)
add_user_to_group('astara', 'astara')
for d in dirs:
mkdir(d, owner='astara', group='astara', perms=0755, force=False)
for l in logs:
write_file(l, '', owner='astara', group='astara', perms=0600)
def git_pre_install():
"""Perform pre-install setup."""
dirs = [
'/var/lib/neutron',
'/var/lib/neutron/lock',
'/var/log/neutron',
]
logs = [
'/var/log/neutron/server.log',
]
adduser('neutron', shell='/bin/bash', system_user=True)
add_group('neutron', system_group=True)
add_user_to_group('neutron', 'neutron')
for d in dirs:
mkdir(d, owner='neutron', group='neutron', perms=0755, force=False)
for l in logs:
write_file(l, '', owner='neutron', group='neutron', perms=0600)
def install_mattermost():
"""Grab the mattermost binary, unpack, install
to /srv.
"""
status_set('maintenance', "Installing Mattermost")
# Create mattermost user & group if not exists
if not group_exists('mattermost'):
add_group("mattermost")
if not user_exists('mattermost'):
adduser("mattermost", system_user=True)
# Get and uppack resource
if os.path.exists('/srv/mattermost'):
shutil.rmtree('/srv/mattermost')
mattermost_bdist = resource_get('bdist')
extract_tarfile(mattermost_bdist, destpath="/srv")
# Create data + log + config dirs
for dir in ("data", "logs", "config"):
os.makedirs(os.path.join("/srv/mattermost", dir),
mode=0o700,
exist_ok=True)
shutil.chown(os.path.join("/srv/mattermost", dir),
user="******",
group="mattermost")
# Render systemd template
render(source="mattermost.service.tmpl",
target="/etc/systemd/system/mattermost.service",
perms=0o644,
owner="root",
context={})
check_call(['systemctl', 'daemon-reload'])
set_state('mattermost.installed')
status_set('active', 'Mattermost installation complete')
def git_pre_install():
"""Perform horizon pre-install setup."""
dirs = [
'/etc/openstack-dashboard',
'/usr/share/openstack-dashboard',
'/usr/share/openstack-dashboard/bin/less',
'/usr/share/openstack-dashboard-ubuntu-theme/static/ubuntu/css',
'/usr/share/openstack-dashboard-ubuntu-theme/static/ubuntu/img',
'/usr/share/openstack-dashboard-ubuntu-theme/templates',
'/var/lib/openstack-dashboard',
]
adduser('horizon', shell='/bin/bash', system_user=True)
subprocess.check_call(['usermod', '--home',
'/usr/share/openstack-dashboard/', 'horizon'])
add_group('horizon', system_group=True)
add_user_to_group('horizon', 'horizon')
for d in dirs:
if d is '/var/lib/openstack-dashboard':
mkdir(d, owner='horizon', group='horizon', perms=0700, force=False)
else:
mkdir(d, owner='root', group='root', perms=0755, force=False)
def git_pre_install():
"""Perform horizon pre-install setup."""
dirs = [
'/etc/openstack-dashboard',
'/usr/share/openstack-dashboard',
'/usr/share/openstack-dashboard/bin/less',
'/usr/share/openstack-dashboard-ubuntu-theme/static/ubuntu/css',
'/usr/share/openstack-dashboard-ubuntu-theme/static/ubuntu/img',
'/usr/share/openstack-dashboard-ubuntu-theme/templates',
'/var/lib/openstack-dashboard',
]
adduser('horizon', shell='/bin/bash', system_user=True)
subprocess.check_call(
['usermod', '--home', '/usr/share/openstack-dashboard/', 'horizon'])
add_group('horizon', system_group=True)
add_user_to_group('horizon', 'horizon')
for d in dirs:
if d is '/var/lib/openstack-dashboard':
mkdir(d, owner='horizon', group='horizon', perms=0700, force=False)
else:
mkdir(d, owner='root', group='root', perms=0755, force=False)
def git_pre_install():
"""Perform glance pre-install setup."""
dirs = [
"/var/lib/glance",
"/var/lib/glance/images",
"/var/lib/glance/image-cache",
"/var/lib/glance/image-cache/incomplete",
"/var/lib/glance/image-cache/invalid",
"/var/lib/glance/image-cache/queue",
"/var/log/glance",
]
logs = ["/var/log/glance/glance-api.log", "/var/log/glance/glance-registry.log"]
adduser("glance", shell="/bin/bash", system_user=True)
add_group("glance", system_group=True)
add_user_to_group("glance", "glance")
for d in dirs:
mkdir(d, owner="glance", group="glance", perms=0755, force=False)
for l in logs:
write_file(l, "", owner="glance", group="glance", perms=0600)
def configure_lxd_source(user='******'):
'''Add required configuration and files when deploying LXD from source'''
log('Configuring LXD Source')
home = pwd.getpwnam(user).pw_dir
GOPATH = os.path.join(home, 'go')
templates_dir = 'templates'
render('lxd_upstart',
'/etc/init/lxd.conf', {},
perms=0o644,
templates_dir=templates_dir)
render('lxd_service',
'/lib/systemd/system/lxd.service', {},
perms=0o644,
templates_dir=templates_dir)
add_group('lxd', system_group=True)
add_user_to_group(user, 'lxd')
service_stop('lxd')
files = glob.glob('%s/bin/*' % GOPATH)
for i in files:
cmd = ['cp', i, '/usr/bin']
check_call(cmd)
service_start('lxd')
def git_pre_install():
"""Perform pre-install setup."""
dirs = [
'/var/lib/nova',
'/var/lib/nova/buckets',
'/var/lib/nova/CA',
'/var/lib/nova/CA/INTER',
'/var/lib/nova/CA/newcerts',
'/var/lib/nova/CA/private',
'/var/lib/nova/CA/reqs',
'/var/lib/nova/images',
'/var/lib/nova/instances',
'/var/lib/nova/keys',
'/var/lib/nova/networks',
'/var/lib/nova/tmp',
'/var/log/nova',
]
logs = [
'/var/log/nova/nova-api.log',
'/var/log/nova/nova-compute.log',
'/var/log/nova/nova-manage.log',
'/var/log/nova/nova-network.log',
]
adduser('nova', shell='/bin/bash', system_user=True)
check_call(['usermod', '--home', '/var/lib/nova', 'nova'])
add_group('nova', system_group=True)
add_user_to_group('nova', 'nova')
add_user_to_group('nova', 'libvirtd')
for d in dirs:
mkdir(d, owner='nova', group='nova', perms=0755, force=False)
for l in logs:
write_file(l, '', owner='nova', group='nova', perms=0644)
def install():
conf = hookenv.config()
version = conf.get('version', '0.9.13')
handler = archiveurl.ArchiveUrlFetchHandler()
handler.download(INSTALL_URL % version, dest='/opt/gogs.tar.gz')
extract_tarfile('/opt/gogs.tar.gz', destpath="/opt")
# Create gogs user & group
add_group("gogs")
adduser("gogs", system_user=True)
for dir in ('.ssh', 'repositories', 'data', 'logs'):
os.makedirs(os.path.join("/opt/gogs", dir), mode=0o700, exist_ok=True)
shutil.chown(os.path.join("/opt/gogs", dir), user="******", group="gogs")
os.makedirs("/opt/gogs/custom/conf", mode=0o755, exist_ok=True)
shutil.chown("/opt/gogs/custom/conf", user="******", group="gogs")
render(source='upstart',
target="/etc/init/gogs.conf",
perms=0o644,
context={})
hookenv.status_set('maintenance', 'installation complete')
def git_pre_install():
"""Perform pre-install setup."""
dirs = [
'/var/lib/nova',
'/var/lib/nova/buckets',
'/var/lib/nova/CA',
'/var/lib/nova/CA/INTER',
'/var/lib/nova/CA/newcerts',
'/var/lib/nova/CA/private',
'/var/lib/nova/CA/reqs',
'/var/lib/nova/images',
'/var/lib/nova/instances',
'/var/lib/nova/keys',
'/var/lib/nova/networks',
'/var/lib/nova/tmp',
'/var/log/nova',
]
logs = [
'/var/log/nova/nova-api.log',
'/var/log/nova/nova-compute.log',
'/var/log/nova/nova-manage.log',
'/var/log/nova/nova-network.log',
]
adduser('nova', shell='/bin/bash', system_user=True)
check_call(['usermod', '--home', '/var/lib/nova', 'nova'])
add_group('nova', system_group=True)
add_user_to_group('nova', 'nova')
add_user_to_group('nova', 'libvirtd')
for d in dirs:
mkdir(d, owner='nova', group='nova', perms=0755, force=False)
for l in logs:
write_file(l, '', owner='nova', group='nova', perms=0644)
def hugepage_support(user,
group='hugetlb',
nr_hugepages=256,
max_map_count=65536,
mnt_point='/run/hugepages/kvm',
pagesize='2MB',
mount=True,
set_shmmax=False):
"""Enable hugepages on system.
Args:
user (str) -- Username to allow access to hugepages to
group (str) -- Group name to own hugepages
nr_hugepages (int) -- Number of pages to reserve
max_map_count (int) -- Number of Virtual Memory Areas a process can own
mnt_point (str) -- Directory to mount hugepages on
pagesize (str) -- Size of hugepages
mount (bool) -- Whether to Mount hugepages
"""
group_info = add_group(group)
gid = group_info.gr_gid
add_user_to_group(user, group)
if max_map_count < 2 * nr_hugepages:
max_map_count = 2 * nr_hugepages
sysctl_settings = {
'vm.nr_hugepages': nr_hugepages,
'vm.max_map_count': max_map_count,
'vm.hugetlb_shm_group': gid,
}
if set_shmmax:
shmmax_current = int(check_output(['sysctl', '-n', 'kernel.shmmax']))
shmmax_minsize = bytes_from_string(pagesize) * nr_hugepages
if shmmax_minsize > shmmax_current:
sysctl_settings['kernel.shmmax'] = shmmax_minsize
sysctl.create(yaml.dump(sysctl_settings), '/etc/sysctl.d/10-hugepage.conf')
mkdir(mnt_point, owner='root', group='root', perms=0o755, force=False)
lfstab = fstab.Fstab()
fstab_entry = lfstab.get_entry_by_attr('mountpoint', mnt_point)
if fstab_entry:
lfstab.remove_entry(fstab_entry)
entry = lfstab.Entry('nodev', mnt_point, 'hugetlbfs',
'mode=1770,gid={},pagesize={}'.format(gid,
pagesize), 0, 0)
lfstab.add_entry(entry)
if mount:
fstab_mount(mnt_point)
def hugepage_support(user, group='hugetlb', nr_hugepages=256,
max_map_count=65536, mnt_point='/run/hugepages/kvm',
pagesize='2MB', mount=True, set_shmmax=False):
"""Enable hugepages on system.
Args:
user (str) -- Username to allow access to hugepages to
group (str) -- Group name to own hugepages
nr_hugepages (int) -- Number of pages to reserve
max_map_count (int) -- Number of Virtual Memory Areas a process can own
mnt_point (str) -- Directory to mount hugepages on
pagesize (str) -- Size of hugepages
mount (bool) -- Whether to Mount hugepages
"""
group_info = add_group(group)
gid = group_info.gr_gid
add_user_to_group(user, group)
if max_map_count < 2 * nr_hugepages:
max_map_count = 2 * nr_hugepages
sysctl_settings = {
'vm.nr_hugepages': nr_hugepages,
'vm.max_map_count': max_map_count,
'vm.hugetlb_shm_group': gid,
}
if set_shmmax:
shmmax_current = int(check_output(['sysctl', '-n', 'kernel.shmmax']))
shmmax_minsize = bytes_from_string(pagesize) * nr_hugepages
if shmmax_minsize > shmmax_current:
sysctl_settings['kernel.shmmax'] = shmmax_minsize
sysctl.create(yaml.dump(sysctl_settings), '/etc/sysctl.d/10-hugepage.conf')
mkdir(mnt_point, owner='root', group='root', perms=0o755, force=False)
lfstab = fstab.Fstab()
fstab_entry = lfstab.get_entry_by_attr('mountpoint', mnt_point)
if fstab_entry:
lfstab.remove_entry(fstab_entry)
entry = lfstab.Entry('nodev', mnt_point, 'hugetlbfs',
'mode=1770,gid={},pagesize={}'.format(gid, pagesize), 0, 0)
lfstab.add_entry(entry)
if mount:
fstab_mount(mnt_point)
def install_layer_samba():
sys.path.append(os.path.realpath('..'))
# Do your setup here.
#
# If your charm has other dependencies before it can install,
# add those as @when() clauses above., or as additional @when()
# decorated handlers below
#
# See the following for information about reactive charms:
#
# * https://jujucharms.com/docs/devel/developer-getting-started
# * https://github.com/juju-solutions/layer-basic#overview
#
config = hookenv.config()
password = config['password']
server_name = config['server_name']
online = config['online']
hookenv.status_set('maintenance', 'Updating apt')
apt.update()
hookenv.status_set('maintenance', 'Installing packages')
apt.queue_install(['samba'])
apt.install_queued()
#os.system('git clone https://github.com/bdrung/ionit.git')
#os.system('python3 ionit/setup.py install')
hookenv.status_set('maintenance', 'Configuring')
host.add_group('juju-samba-ubuntu')
host.adduser('ubuntu', password)
host.add_user_to_group('ubuntu', 'juju-samba-ubuntu')
cmd = ("sudo echo -e \"" + password + "\n" + password +
"\" | smbpasswd -s -a ubuntu")
os.system(cmd)
if not os.path.exists('/opt/samba/share'):
os.makedirs('/opt/samba/share')
host.chownr('/opt/samba/share', 'ubuntu', 'juju-samba-ubuntu', True, True)
if not os.path.exists('/etc/samba/smb.conf'):
os.makedirs('/etc/samba')
shutil.copy('opt/smb.conf', '/etc/samba/smb.conf')
render(source='smb',
target='/etc/samba/smb.conf',
context={
"cfg": config,
},
owner='root',
perms=0o740)
restartSamba()
set_flag('layer-samba.installed')
if (not online):
stopSamba()
hookenv.status_set('active', 'Stopped')
hookenv.status_set('active', 'Started')
def setup_user(m):
name = m['name']
add_group(name)
adduser(name, system_user=True)
def install_etcd():
''' Attempt resource get on the "etcd" and "etcdctl" resources. If no
resources are provided attempt to install from the archive only on the
16.04 (xenial) series. '''
status_set('maintenance', 'Installing etcd.')
codename = host.lsb_release()['DISTRIB_CODENAME']
try:
etcd_path = resource_get('etcd')
etcdctl_path = resource_get('etcdctl')
# Not obvious but this blocks juju 1.25 clients
except NotImplementedError:
status_set(
'blocked',
'This charm requires the resource feature available in juju 2+'
) # noqa
return
if not etcd_path or not etcdctl_path:
if codename == 'xenial':
# edge case where archive allows us a nice fallback on xenial
status_set('maintenance', 'Attempting install of etcd from apt')
pkg_list = ['etcd']
apt_update()
apt_install(pkg_list, fatal=True)
# Stop the service and remove the defaults
# I hate that I have to do this. Sorry short-lived local data #RIP
# State control is to prevent upgrade-charm from nuking cluster
# data.
if not is_state('etcd.package.adjusted'):
host.service('stop', 'etcd')
if os.path.exists('/var/lib/etcd/default'):
shutil.rmtree('/var/lib/etcd/default')
set_state('etcd.package.adjusted')
set_state('etcd.installed')
return
else:
# edge case
status_set('blocked', 'Missing Resource: see README')
else:
install(etcd_path, '/usr/bin/etcd')
install(etcdctl_path, '/usr/bin/etcdctl')
host.add_group('etcd')
if not host.user_exists('etcd'):
host.adduser('etcd')
host.add_user_to_group('etcd', 'etcd')
os.makedirs('/var/lib/etcd/', exist_ok=True)
etcd_uid = getpwnam('etcd').pw_uid
os.chmod('/var/lib/etcd/', 0o775)
os.chown('/var/lib/etcd/', etcd_uid, -1)
# Trusty was the EOL for upstart, render its template if required
if codename == 'trusty':
render('upstart',
'/etc/init/etcd.conf', {},
owner='root',
group='root')
set_state('etcd.installed')
return
if not os.path.exists('/etc/systemd/system/etcd.service'):
render('systemd',
'/etc/systemd/system/etcd.service', {},
owner='root',
group='root')
# This will cause some greif if its been run before
# so allow it to be chatty and fail if we ever re-render
# and attempt re-enablement.
try:
check_call(split('systemctl enable etcd'))
except CalledProcessError:
pass
set_state('etcd.installed')
