def install_rally(self): kv = unitdata.kv() if kv.get('rallyinstalled', False): return True if not self._load_envvars: hookenv.log('install_rally - could not load nagios.novarc') return False user = self._rallyuser host.adduser(user) host.mkdir(os.path.join('/home', user), owner=user, group=user, perms=0o755, force=False) for tool in ['rally', 'tempest']: toolname = 'fcbtest.{}init'.format(tool) installed = self._run_as(user, [toolname]) if not installed: hookenv.log( 'install_rally - could not initialize {}'.format(tool)) return False kv.set('rallyinstalled', True) return True
def git_pre_install(): """Perform pre-install setup.""" dirs = [ '/var/lib/nova', '/var/lib/nova/buckets', '/var/lib/nova/CA', '/var/lib/nova/CA/INTER', '/var/lib/nova/CA/newcerts', '/var/lib/nova/CA/private', '/var/lib/nova/CA/reqs', '/var/lib/nova/images', '/var/lib/nova/instances', '/var/lib/nova/keys', '/var/lib/nova/networks', '/var/lib/nova/tmp', '/var/lib/neutron', '/var/lib/neutron/lock', '/var/log/nova', '/etc/neutron', '/etc/neutron/plugins', '/etc/neutron/plugins/ml2', ] adduser('nova', shell='/bin/bash', system_user=True) subprocess.check_call(['usermod', '--home', '/var/lib/nova', 'nova']) add_group('nova', system_group=True) add_user_to_group('nova', 'nova') adduser('neutron', shell='/bin/bash', system_user=True) add_group('neutron', system_group=True) add_user_to_group('neutron', 'neutron') for d in dirs: mkdir(d, owner='nova', group='nova', perms=0755, force=False)
def configured_devpi(): status.maintenance('Configuring devpi') DEVPI_PATH.mkdir(mode=0o755, parents=True, exist_ok=True) devpi_server_bin = DEVPI_ENV_BIN / 'devpi-server' # initialize devpi adduser('devpi') chownr(str(DEVPI_PATH), 'devpi', 'devpi', chowntopdir=True) check_call([ 'sudo', '-u', 'devpi', str(devpi_server_bin), '--init', '--serverdir', str(DEVPI_PATH) ]) # render service render('devpi.service', '/etc/systemd/system/devpi.service', context={ 'devpi_server_bin': devpi_server_bin, 'devpi_path': str(DEVPI_PATH) }) open_port(3141) # enable service check_call(['systemctl', 'enable', 'devpi.service']) # start service check_call(['systemctl', 'start', 'devpi.service']) status.active('devpi running') set_flag('devpi.configured')
def install_couchpotato(): hookenv.status_set('maintenance', 'creating user') host.adduser(cp.user, password="", shell='/bin/False', home_dir=cp.home_dir) hookenv.status_set('maintenance', 'installing dependencies') fetch.apt_update() fetch.apt_install(['git', 'python2.7', 'python-openssl', 'python-lxml']) hookenv.status_set('maintenance', 'cloning repository') if os.path.isdir(cp.install_dir): shutil.rmtree(cp.install_dir) subprocess.check_call([ "git clone https://github.com/CouchPotato/CouchPotatoServer.git " + cp.install_dir ], shell=True) host.chownr(cp.home_dir, owner=cp.user, group=cp.user) context = {'couchpath': cp.executable, 'couchuser': cp.user} templating.render(cp.service_name, '/etc/systemd/system/{}'.format(cp.service_name), context) cp.enable() hookenv.open_port(cp.charm_config['port'], 'TCP') set_state('couchpotato.installed') hookenv.status_set('maintenance', 'installation complete')
def install(): if is_state('app.installed'): return adduser('puma') fetch.apt_install(fetch.filter_installed_packages(['git', 'libpq-dev', 'nodejs'])) install_site()
def install(): config = hookenv.config() host.adduser(USER, password='') host.mkdir(BASE_DIR, owner=USER, group=USER) # Meteor install script needs this os.environ['HOME'] = os.path.expanduser('~' + USER) hookenv.log('Installing dependencies') fetch.add_source(NODEJS_REPO) fetch.apt_update() fetch.apt_install(PACKAGES) hookenv.log('Installing Meteor') subprocess.check_call(DOWNLOAD_CMD.split()) subprocess.check_call(INSTALL_CMD.split()) subprocess.check_call('npm install -g meteorite'.split()) init_code(config) init_bundle(config) init_dependencies(config) hookenv.open_port(config['port']) subprocess.check_call( ['chown', '-R', '{user}:{user}'.format(user=USER), BASE_DIR]) config['mongo_url'] = '' write_upstart(config)
def install_layer_openmano(): status_set('maintenance', 'Installing') cfg = config() # TODO change user home # XXX security issue! host.adduser(USER, password=USER) # TODO check out a branch dest_dir = install_remote( cfg['source'], dest=INSTALL_PATH, depth='1', branch='master', ) os.mkdir(os.path.join(dest_dir, 'logs')) host.chownr(dest_dir, USER, USER) kvdb.set('repo', dest_dir) os.mkdir('/home/{}/bin'.format(USER)) os.symlink( "{}/openmano".format(dest_dir), "/home/{}/bin/openmano".format(USER)) os.symlink( "{}/scripts/openmano-report.sh".format(dest_dir), "/home/{}/bin/openmano-report.sh".format(USER)) os.symlink( "{}/scripts/service-openmano.sh".format(dest_dir), "/home/{}/bin/service-openmano".format(USER)) open_port(9090) set_state('openmano.installed')
def install(): """ Install Hook """ log('ftb-infinity: install') status_set('maintenance', 'installing FTB modpack') # Add user adduser(FTB_USER) mkdir(FTB_HOME, owner=FTB_USER, group=FTB_USER, perms=0o750) check_call(['usermod', '-s', '/bin/bash', '-d', FTB_HOME, FTB_USER]) # Download ftb ArchiveUrlFetchHandler().install(FTB_DL_URL, FTB_HOME) # Sanitize permissions, zip! chownr(FTB_HOME, FTB_USER, FTB_USER) path = os.path.join(FTB_HOME, 'FTBInstall.sh') s = os.stat(path) os.chmod(path, s.st_mode | stat.S_IXUSR | stat.S_IXGRP) # Accept EULA sed(os.path.join(FTB_HOME, 'eula.txt'), 'eula=false', 'eula=true') # Download minecraft jars with chdir(FTB_HOME): check_call(['sudo', '-u', FTB_USER, '-H', os.path.join(FTB_HOME, 'FTBInstall.sh')]) # Render server.properties ftb_config_server() # Deploy systemd service ftb_systemd_install() set_state(CHARM_STATE_AVAILABLE) status_set('waiting', 'ftb downloaded')
def ensure_user(): adduser(CI_USER) add_user_to_group(CI_USER, CI_GROUP) home = os.path.join('/home', CI_USER) if not os.path.isdir(home): os.mkdir(home) subprocess.check_call(['chown', '-R', '%s:%s' % (CI_USER, CI_GROUP), home])
def git_pre_install(): """Perform glance pre-install setup.""" dirs = [ '/var/lib/glance', '/var/lib/glance/images', '/var/lib/glance/image-cache', '/var/lib/glance/image-cache/incomplete', '/var/lib/glance/image-cache/invalid', '/var/lib/glance/image-cache/queue', '/var/log/glance', ] logs = [ '/var/log/glance/glance-api.log', '/var/log/glance/glance-registry.log', ] adduser('glance', shell='/bin/bash', system_user=True) add_group('glance', system_group=True) add_user_to_group('glance', 'glance') for d in dirs: mkdir(d, owner='glance', group='glance', perms=0755, force=False) for l in logs: write_file(l, '', owner='glance', group='glance', perms=0600)
def _install_mattermost(): # Backup existing installation if it exists backup_path = None if os.path.isdir('/opt/mattermost'): backup_path = "/opt/mattermost.back{}".format( str(datetime.datetime.now())) shutil.move('/opt/mattermost', backup_path) # Create mattermost user & group if not exists if not group_exists('mattermost'): add_group("mattermost") if not user_exists('mattermost'): adduser("mattermost", system_user=True) # Get and uppack resource mattermost_bdist = resource_get('bdist') extract_tarfile(mattermost_bdist, destpath="/opt") # Render systemd template render(source="mattermost.service.tmpl", target="/etc/systemd/system/mattermost.service", perms=0o644, owner="root", context={}) check_call(['systemctl', 'daemon-reload']) if backup_path: shutil.move('{}/config/config.json'.format(backup_path), '/opt/mattermost/config/config.json') shutil.move('{}/data'.format(backup_path), '/opt/mattermost/') # Create dirs that don't exist yet for folder in ("data", "logs", "config"): os.makedirs("/opt/mattermost/{}".format(folder), mode=0o700, exist_ok=True) chownr("/opt/mattermost", "mattermost", "mattermost", chowntopdir=True)
def install_crowd(): host.adduser('crowd') fetch.install_remote( source=CROWD_URL.format(hookenv.config('crowd-version')), # version dest=CROWD_INSTALL, # checksum=None, # hash_type='sha1' ) host.lchownr( CROWD_INSTALL, owner='crowd', group='crowd', ) for dir in [ '{}/atlassian-crowd-{}'.format(CROWD_INSTALL, hookenv.config('crowd-version')), '/var/crowd-home', '/var/crowd-home/shared/', ]: try: mkdir(dir) except: pass host.chownr( dir, owner='crowd', group='crowd', chowntopdir=True, ) set_flag('crowd.installed')
def install(): conf = hookenv.config() context = get_install_context() gogs_bdist = hookenv.resource_get('bdist') check_call(["tar", "xzf", gogs_bdist], cwd="/opt") # Create gogs user & group add_group(context['group']) adduser(context['user'], system_user=True) for dir in ('.ssh', 'repositories', 'data', 'logs'): os.makedirs( os.path.join(context['home'], dir), mode=0o700, exist_ok=True) os.makedirs(os.path.join(context['home'], 'custom', 'conf'), mode=0o755, exist_ok=True) chownr(context['home'], context['user'], context['group'], True, True) render(source='upstart', target="/etc/init/gogs.conf", perms=0o644, context=context) render(source='gogs.service', target="/lib/systemd/system/gogs.service", perms=0o644, context=context) hookenv.status_set('maintenance', 'installation complete')
def create_user_and_group_if_not_exists(user, group): """Create documize user & group if not exists """ if not group_exists(group): add_group(group) if not user_exists(user): adduser(user, system_user=True)
def install(): execd_preinstall() #add_source(config_data['source'], config_data['key']) #apt_update(fatal=True) apt_install(packages=ROUTER_PACKAGES, fatal=True) host.adduser('vcap') dirs = [CF_DIR + '/src/github.com/cloudfoundry', CF_DIR + '/config', CF_DIR + '/src/github.com/stretchr', '/var/vcap/sys/run/gorouter', '/var/vcap/sys/log/gorouter'] for dir in dirs: host.mkdir(dir, owner='vcap', group='vcap', perms=0775) emit_routerconf() install_upstart_scripts() os.chdir(CF_DIR) os.environ['GOPATH'] = CF_DIR os.environ["PATH"] = CF_DIR + os.pathsep + os.environ["PATH"] os.chdir(CF_DIR + '/src/github.com/cloudfoundry') run(['git', 'clone', 'https://github.com/cloudfoundry/gorouter.git']) os.chdir(CF_DIR + '/src/github.com/stretchr/') run(['git', 'clone', 'https://github.com/stretchr/objx.git']) os.chdir(CF_DIR) run(['go', 'get', '-v', './src/github.com/cloudfoundry/gorouter/...']) run(['go', 'get', '-v', './...']) run(['go', 'build', '-v', './...']) chownr('/var/lib/cloudfoundry', owner='vcap', group='vcap') chownr('/var/vcap', owner='vcap', group='vcap')
def _install_mattermost(): # Backup existing installation if it exists backup_path = None if os.path.isdir('/opt/mattermost'): backup_path = "/opt/mattermost.back{}".format(str(datetime.datetime.now())) shutil.move('/opt/mattermost', backup_path) # Create mattermost user & group if not exists if not group_exists('mattermost'): add_group("mattermost") if not user_exists('mattermost'): adduser("mattermost", system_user=True) # Get and uppack resource mattermost_bdist = resource_get('bdist') extract_tarfile(mattermost_bdist, destpath="/opt") # Render systemd template render(source="mattermost.service.tmpl", target="/etc/systemd/system/mattermost.service", perms=0o644, owner="root", context={}) check_call(['systemctl', 'daemon-reload']) if backup_path: shutil.move( '{}/config/config.json'.format(backup_path), '/opt/mattermost/config/config.json') shutil.move( '{}/data'.format(backup_path), '/opt/mattermost/') # Create dirs that don't exist yet for folder in ("data", "logs", "config"): os.makedirs("/opt/mattermost/{}".format(folder), mode=0o700, exist_ok=True) chownr("/opt/mattermost", "mattermost", "mattermost", chowntopdir=True)
def create_repo(git): username = git.get_remote('username') service = remote_service_name() repo_path = os.path.join(repo_root(), service+'.git') host.add_group(username) host.adduser(username, password=host.pwgen(32), shell='/usr/bin/git-shell') ssh_public_key = git.get_remote('ssh-public-key') dotssh_dir = '/home/{}/.ssh/'.format(username) host.mkdir(dotssh_dir, username, username, 0o700) host.write_file(dotssh_dir + 'authorized_keys', ssh_public_key.encode('utf-8'), username, username, 0o400) host.mkdir(repo_path, group=username, perms=0o770) subprocess.check_call(['git', 'init', '--bare', '--shared=group', repo_path]) # Create server-side hook that will inform # clients whenever changes are committed. create_git_hooks(repo_path, username) # Make the repo owned by <username>. chown_repo(repo_path, username) # TODO(axw) read and publish all host keys. ssh_host_keys = [open(SSH_HOST_RSA_KEY).read()] git.configure(repo_path, ssh_host_keys) set_state('git.repo.created') status_set('active', '')
def install_layer_openmano(): status_set('maintenance', 'Installing') cfg = config() # TODO change user home # XXX security issue! host.adduser(USER, password=USER) # TODO check out a branch dest_dir = install_remote( cfg['source'], dest=INSTALL_PATH, depth='1', branch='master', ) os.mkdir(os.path.join(dest_dir, 'logs')) host.chownr(dest_dir, USER, USER) kvdb.set('repo', dest_dir) os.mkdir('/home/{}/bin'.format(USER)) os.symlink("{}/openmano".format(dest_dir), "/home/{}/bin/openmano".format(USER)) os.symlink("{}/scripts/openmano-report.sh".format(dest_dir), "/home/{}/bin/openmano-report.sh".format(USER)) os.symlink("{}/scripts/service-openmano.sh".format(dest_dir), "/home/{}/bin/service-openmano".format(USER)) open_port(9090) set_state('openmano.installed')
def ensure_user(): adduser(CI_USER) add_user_to_group(CI_USER, CI_GROUP) home = os.path.join('/home', CI_USER) if not os.path.isdir(home): os.mkdir(home) subprocess.check_call( ['chown', '-R', '%s:%s' % (CI_USER, CI_GROUP), home])
def install(): if is_state('oostore.available'): return host.adduser('oostore', system_user=True) host.add_group('oostore', system_group=True) host.add_user_to_group('oostore', 'oostore') install_workload() set_state('oostore.available')
def install_base_dependencies(): fetch.apt_install(packages=fetch.filter_installed_packages([ 'ruby', 'monit', 'runit', 'zip', 'unzip'])) gem_file = os.path.join(hookenv.charm_dir(), 'files/bosh-template-1.2611.0.pre.gem') host.adduser('vcap') enable_monit_http_interface() subprocess.check_call(['gem', 'install', '--no-ri', '--no-rdoc', gem_file])
def install_tengu(): if not os.path.isdir('/home/{}'.format(USER)): os.mkdir('/home/{}'.format(USER)) adduser(USER) chownr('/home/{}'.format(USER), USER, USER, chowntopdir=True) if not os.path.isdir(API_DIR): os.mkdir(API_DIR) mergecopytree('files/tengu_ui', API_DIR) chownr(API_DIR, USER, GROUP, chowntopdir=True)
def create_prometheus_user(): if not group_exists('prometheus'): add_group('prometheus', system_group=True) if not user_exists('prometheus'): adduser( 'prometheus', shell='/bin/false', system_user=True, primary_group='prometheus', home_dir='/var/lib/prometheus', ) set_state('prometheus.user.available')
def add_users(self): for group in self.groups: host.add_group(group) for username, details in self.users.items(): primary_grp = None secondary_grps = None groups = details.get('groups', []) if groups: primary_grp = groups[0] secondary_grps = groups[1:] hookenv.log('Creating user {0} in primary group {1} and secondary groups {2}' .format(username, primary_grp, secondary_grps)) host.adduser(username, primary_group=primary_grp, secondary_groups=secondary_grps)
def install_solr(): version = config('solr_version') adduser('solr') au.download( "http://archive.apache.org/dist/lucene/solr/{0}/solr-{0}.tgz".format( version), "/tmp/solr.tgz") mkdir('/opt/solr') check_output([ 'tar', 'xvfz', "/tmp/solr.tgz", '-C', "/opt/solr", '--strip-components=1' ]) chownr('/opt/solr', 'solr', 'solr', chowntopdir=True) set_state('solr.installed')
def add_user(): """ Adding passwordless sudo access to nova user and adding to required groups """ try: add_group(DMAPI_GRP, system_group=True) adduser(DMAPI_USR, password=None, shell='/bin/bash', system_user=True) add_user_to_group(DMAPI_USR, DMAPI_GRP) except Exception as e: log("Failed while adding user with msg: {}".format(e)) return False return True
def fix_supervisord(): # setup supervisord if not user_exists('contrail'): adduser('contrail', system_user=True) shutil.copy('files/supervisor-webui.conf', '/etc/init') shutil.copy('files/supervisord_webui.conf', '/etc/contrail') pw = pwd.getpwnam('contrail') os.chown('/etc/contrail/supervisord_webui.conf', pw.pw_uid, pw.pw_gid) mkdir('/etc/contrail/supervisord_webui_files', owner='contrail', group='contrail', perms=0o755) mkdir('/var/log/contrail', owner='contrail', group='adm', perms=0o750)
def git_pre_install(): """Perform cinder pre-install setup.""" dirs = [{ 'path': '/etc/tgt', 'owner': 'cinder', 'group': 'cinder', 'perms': 0750, }, { 'path': '/var/lib/cinder', 'owner': 'cinder', 'group': 'cinder', 'perms': 0755, }, { 'path': '/var/lib/cinder/volumes', 'owner': 'cinder', 'group': 'cinder', 'perms': 0750, }, { 'path': '/var/lock/cinder', 'owner': 'cinder', 'group': 'root', 'perms': 0750, }, { 'path': '/var/log/cinder', 'owner': 'cinder', 'group': 'cinder', 'perms': 0750, }] logs = [ '/var/log/cinder/cinder-api.log', '/var/log/cinder/cinder-backup.log', '/var/log/cinder/cinder-scheduler.log', '/var/log/cinder/cinder-volume.log', ] adduser('cinder', shell='/bin/bash', system_user=True) add_group('cinder', system_group=True) add_user_to_group('cinder', 'cinder') for d in dirs: mkdir(d['path'], owner=d['owner'], group=d['group'], perms=d['perms'], force=False) for l in logs: write_file(l, '', owner='cinder', group='cinder', perms=0600)
def install(): ''' Juju calls the start hook after the charm is created. ''' hookenv.log('Starting install hook.') # Install the software packages that will be used in this charm. apt_packages = ['git', 'python-pip', 'python-requests', 'unzip', 'wget'] fetch.apt_install(fetch.filter_installed_packages(apt_packages)) # Create the consul user and group. host.adduser('consul', shell='/sbin/nologin', system_user=True) # The lib directory is where consul files are written. host.mkdir(LIB_DIRECTORY, owner='consul', group='consul') # The share directory is for the web_ui host.mkdir(SHARE_DIRECTORY, owner='consul', group='consul') # Copy the upstart file to the init directory. UPSTART_FILE.copy(INIT_CONSUL) hookenv.log('The install hook finished.')
def perms(): for p in paths: makedirs(p[0], exist_ok=True) try: getgrnam(p[2]) except KeyError: add_group(p[2], system_group=True) if not user_exists(p[1]): adduser(p[1], shell='/bin/false', system_user=True, primary_group=p[2]) # Ensure path is owned appropriately chownr(path=p[0], owner=p[1], group=p[2], chowntopdir=True)
def install(): execd_preinstall() add_source(config_data['source'], config_data['key']) apt_update(fatal=True) apt_install(packages=CC_PACKAGES, fatal=True) host.adduser('vcap') host.write_file(CC_DB_FILE, '', owner='vcap', group='vcap', perms=0775) dirs = [CC_RUN_DIR, NGINX_RUN_DIR, CC_LOG_DIR, NGINX_LOG_DIR, '/var/vcap/data/cloud_controller_ng/tmp/uploads', '/var/vcap/data/cloud_controller_ng/tmp/staged_droplet_uploads', '/var/vcap/nfs/store'] for item in dirs: host.mkdir(item, owner='vcap', group='vcap', perms=0775) chownr('/var/vcap', owner='vcap', group='vcap') chownr(CF_DIR, owner='vcap', group='vcap') install_upstart_scripts()
def install(): adduser('django') dcfg = django.config() status_set('maintenance', 'installing system deps') apt_install(['build-essential', 'binutils-doc', 'autoconf', 'authbind', 'bison', 'libjpeg-dev', 'libfreetype6-dev', 'zlib1g-dev', 'libzmq3-dev', 'libgdbm-dev', 'libncurses5-dev', 'automake', 'libtool', 'libffi-dev', 'curl', 'git', 'gettext', 'flex', 'postgresql-client', 'postgresql-client-common', 'python3', 'python3-pip', 'python-dev', 'python3-dev', 'python-pip', 'libxml2-dev', 'virtualenvwrapper', 'libxslt-dev', 'git-core', 'python-git', 'libpq-dev'] + dcfg.get('apt-packages', [])) subprocess.check_call([django.pip(), 'install', 'circus', 'gunicorn', ]) source_install(dcfg) open_port(config('django-port')) start()
def git_pre_install(): """Perform cinder pre-install setup.""" dirs = [{'path': '/etc/tgt', 'owner': 'cinder', 'group': 'cinder', 'perms': 0750, }, {'path': '/var/lib/cinder', 'owner': 'cinder', 'group': 'cinder', 'perms': 0755, }, {'path': '/var/lib/cinder/volumes', 'owner': 'cinder', 'group': 'cinder', 'perms': 0750, }, {'path': '/var/lock/cinder', 'owner': 'cinder', 'group': 'root', 'perms': 0750, }, {'path': '/var/log/cinder', 'owner': 'cinder', 'group': 'cinder', 'perms': 0750, }] logs = [ '/var/log/cinder/cinder-api.log', '/var/log/cinder/cinder-backup.log', '/var/log/cinder/cinder-scheduler.log', '/var/log/cinder/cinder-volume.log', ] adduser('cinder', shell='/bin/bash', system_user=True) add_group('cinder', system_group=True) add_user_to_group('cinder', 'cinder') for d in dirs: mkdir(d['path'], owner=d['owner'], group=d['group'], perms=d['perms'], force=False) for l in logs: write_file(l, '', owner='cinder', group='cinder', perms=0600)
def install_layer_openmano(): status_set('maintenance', 'Installing') cfg = config() # TODO change user home # XXX security issue! host.adduser(USER, password=USER) if os.path.isdir(INSTALL_PATH): rmtree(INSTALL_PATH) gitrepo.clone_from( cfg['repository'], INSTALL_PATH, branch=cfg['branch'], ) chownr( INSTALL_PATH, owner=USER, group=USER, follow_links=False, chowntopdir=True ) os.mkdir(os.path.join(INSTALL_PATH, 'logs')) chownr(INSTALL_PATH, USER, USER) kvdb.set('repo', INSTALL_PATH) os.mkdir('/home/{}/bin'.format(USER)) os.symlink( "{}/openmano".format(INSTALL_PATH), "/home/{}/bin/openmano".format(USER)) os.symlink( "{}/scripts/openmano-report.sh".format(INSTALL_PATH), "/home/{}/bin/openmano-report.sh".format(USER)) os.symlink( "{}/scripts/service-openmano.sh".format(INSTALL_PATH), "/home/{}/bin/service-openmano".format(USER)) open_port(9090) set_state('openmano.installed')
def install(): if config.get("install-sources"): configure_sources(update=True, sources_var="install-sources", keys_var="install-keys") # install packages apt_install(PACKAGES, fatal=True) install_url = config["install-url"] if install_url: # install opendaylight from tarball # this extracts the archive too install_remote(install_url, dest="/opt") # The extracted dirname. Look at what's on disk instead of mangling, so # the distribution tar.gz's name doesn't matter. install_dir_name = [ f for f in os.listdir("/opt") if f.startswith("distribution-karaf")][0] if not os.path.exists("/opt/opendaylight-karaf"): os.symlink(install_dir_name, "/opt/opendaylight-karaf") else: apt_install([KARAF_PACKAGE], fatal=True) install_dir_name = "opendaylight-karaf" if init_is_systemd(): shutil.copy("files/odl-controller.service", "/lib/systemd/system") service('enable', 'odl-controller') else: shutil.copy("files/odl-controller.conf", "/etc/init") adduser("opendaylight", system_user=True) mkdir("/home/opendaylight", owner="opendaylight", group="opendaylight", perms=0755) check_call( ["chown", "-R", "opendaylight:opendaylight", os.path.join("/opt", install_dir_name)]) mkdir("/var/log/opendaylight", owner="opendaylight", group="opendaylight", perms=0755) # install features write_mvn_config() service_start("odl-controller")
def git_pre_install(): """Perform pre-install setup.""" dirs = [ '/etc/neutron', '/etc/neutron/rootwrap.d', '/etc/neutron/plugins', '/etc/nova', '/var/lib/neutron', '/var/lib/neutron/lock', '/var/log/neutron', ] logs = [ '/var/log/neutron/bigswitch-agent.log', '/var/log/neutron/dhcp-agent.log', '/var/log/neutron/l3-agent.log', '/var/log/neutron/lbaas-agent.log', '/var/log/neutron/ibm-agent.log', '/var/log/neutron/linuxbridge-agent.log', '/var/log/neutron/metadata-agent.log', '/var/log/neutron/metering_agent.log', '/var/log/neutron/mlnx-agent.log', '/var/log/neutron/nec-agent.log', '/var/log/neutron/nvsd-agent.log', '/var/log/neutron/openflow-agent.log', '/var/log/neutron/openvswitch-agent.log', '/var/log/neutron/ovs-cleanup.log', '/var/log/neutron/ryu-agent.log', '/var/log/neutron/server.log', '/var/log/neutron/sriov-agent.log', '/var/log/neutron/vpn_agent.log', ] adduser('neutron', shell='/bin/bash', system_user=True) add_group('neutron', system_group=True) add_user_to_group('neutron', 'neutron') for d in dirs: mkdir(d, owner='neutron', group='neutron', perms=0755, force=False) for l in logs: write_file(l, '', owner='neutron', group='neutron', perms=0644)
def install(): status_set('maintenance', 'Installing PDI') adduser('etl') mkdir('/home/etl') chownr('/home/etl', 'etl', 'etl', chowntopdir=True) os.chmod('/home/etl', 0o755) #au = ArchiveUrlFetchHandler() #au.install(hookenv.config()['pdi_url'], '/opt/') pdiarchive = hookenv.resource_get('pdi-archive') tar = tarfile.open(pdiarchive) tar.extractall("/opt/") chownr('/opt/data-integration', 'etl', 'etl', chowntopdir=True) st = os.stat('/opt/data-integration/spoon.sh') os.chmod('/opt/data-integration/spoon.sh', st.st_mode | stat.S_IEXEC) os.chmod('/opt/data-integration/carte.sh', st.st_mode | stat.S_IEXEC) os.chmod('/opt/data-integration/encr.sh', st.st_mode | stat.S_IEXEC) os.chmod('/opt/data-integration/kitchen.sh', st.st_mode | stat.S_IEXEC) os.chmod('/opt/data-integration/pan.sh', st.st_mode | stat.S_IEXEC) status_set('maintenance', 'PDI Installed') set_state('pdi.installed')
def test_adds_a_systemuser(self, log, check_call, getpwnam): username = '******' existing_user_pwnam = KeyError('user not found') new_user_pwnam = 'some user pwnam' getpwnam.side_effect = [existing_user_pwnam, new_user_pwnam] result = host.adduser(username, system_user=True) self.assertEqual(result, new_user_pwnam) check_call.assert_called_with(['useradd', '--system', username]) getpwnam.assert_called_with(username)
def git_pre_install(): """Perform pre-install setup.""" dirs = [ '/var/lib/neutron', '/var/lib/neutron/lock', '/var/log/neutron', ] logs = [ '/var/log/neutron/server.log', ] adduser('neutron', shell='/bin/bash', system_user=True) add_group('neutron', system_group=True) add_user_to_group('neutron', 'neutron') for d in dirs: mkdir(d, owner='neutron', group='neutron', perms=0755, force=False) for l in logs: write_file(l, '', owner='neutron', group='neutron', perms=0600)
def git_pre_install(): """Perform glance pre-install setup.""" dirs = [ '/var/lib/astara', '/var/log/astara', '/etc/astara', ] logs = [ '/var/log/astara/astara-orchestrator.log', ] adduser('astara', shell='/bin/bash', system_user=True) add_group('astara', system_group=True) add_user_to_group('astara', 'astara') for d in dirs: mkdir(d, owner='astara', group='astara', perms=0755, force=False) for l in logs: write_file(l, '', owner='astara', group='astara', perms=0600)
def test_doesnt_add_user_if_it_already_exists(self, log, check_call, getpwnam): username = '******' password = '******' existing_user_pwnam = 'some user pwnam' getpwnam.return_value = existing_user_pwnam result = host.adduser(username, password) self.assertEqual(result, existing_user_pwnam) self.assertFalse(check_call.called) getpwnam.assert_called_with(username)
def install_mattermost(): """Grab the mattermost binary, unpack, install to /srv. """ status_set('maintenance', "Installing Mattermost") # Create mattermost user & group if not exists if not group_exists('mattermost'): add_group("mattermost") if not user_exists('mattermost'): adduser("mattermost", system_user=True) # Get and uppack resource if os.path.exists('/srv/mattermost'): shutil.rmtree('/srv/mattermost') mattermost_bdist = resource_get('bdist') extract_tarfile(mattermost_bdist, destpath="/srv") # Create data + log + config dirs for dir in ("data", "logs", "config"): os.makedirs(os.path.join("/srv/mattermost", dir), mode=0o700, exist_ok=True) shutil.chown(os.path.join("/srv/mattermost", dir), user="******", group="mattermost") # Render systemd template render(source="mattermost.service.tmpl", target="/etc/systemd/system/mattermost.service", perms=0o644, owner="root", context={}) check_call(['systemctl', 'daemon-reload']) set_state('mattermost.installed') status_set('active', 'Mattermost installation complete')
def git_pre_install(): """Perform glance pre-install setup.""" dirs = [ "/var/lib/glance", "/var/lib/glance/images", "/var/lib/glance/image-cache", "/var/lib/glance/image-cache/incomplete", "/var/lib/glance/image-cache/invalid", "/var/lib/glance/image-cache/queue", "/var/log/glance", ] logs = ["/var/log/glance/glance-api.log", "/var/log/glance/glance-registry.log"] adduser("glance", shell="/bin/bash", system_user=True) add_group("glance", system_group=True) add_user_to_group("glance", "glance") for d in dirs: mkdir(d, owner="glance", group="glance", perms=0755, force=False) for l in logs: write_file(l, "", owner="glance", group="glance", perms=0600)
def git_pre_install(): """Perform horizon pre-install setup.""" dirs = [ '/etc/openstack-dashboard', '/usr/share/openstack-dashboard', '/usr/share/openstack-dashboard/bin/less', '/usr/share/openstack-dashboard-ubuntu-theme/static/ubuntu/css', '/usr/share/openstack-dashboard-ubuntu-theme/static/ubuntu/img', '/usr/share/openstack-dashboard-ubuntu-theme/templates', '/var/lib/openstack-dashboard', ] adduser('horizon', shell='/bin/bash', system_user=True) subprocess.check_call(['usermod', '--home', '/usr/share/openstack-dashboard/', 'horizon']) add_group('horizon', system_group=True) add_user_to_group('horizon', 'horizon') for d in dirs: if d is '/var/lib/openstack-dashboard': mkdir(d, owner='horizon', group='horizon', perms=0700, force=False) else: mkdir(d, owner='root', group='root', perms=0755, force=False)
def git_pre_install(): """Perform pre-install setup.""" dirs = [ '/var/lib/nova', '/var/lib/nova/buckets', '/var/lib/nova/CA', '/var/lib/nova/CA/INTER', '/var/lib/nova/CA/newcerts', '/var/lib/nova/CA/private', '/var/lib/nova/CA/reqs', '/var/lib/nova/images', '/var/lib/nova/instances', '/var/lib/nova/keys', '/var/lib/nova/networks', '/var/lib/nova/tmp', '/var/log/nova', ] logs = [ '/var/log/nova/nova-api.log', '/var/log/nova/nova-compute.log', '/var/log/nova/nova-manage.log', '/var/log/nova/nova-network.log', ] adduser('nova', shell='/bin/bash', system_user=True) check_call(['usermod', '--home', '/var/lib/nova', 'nova']) add_group('nova', system_group=True) add_user_to_group('nova', 'nova') add_user_to_group('nova', 'libvirtd') for d in dirs: mkdir(d, owner='nova', group='nova', perms=0755, force=False) for l in logs: write_file(l, '', owner='nova', group='nova', perms=0644)
def install(): packages = ['openjdk-7-jre-headless', 'python-jinja2'] apt_update() apt_install(packages, FATAL=True) uid = adduser(LS_USER).pw_uid mkdir(LS_DIR, LS_USER) mkdir(LS_CONF_DIR, LS_USER) # touch the log with open(LS_LOG, 'a'): os.utime(LS_LOG, None) os.chown(LS_LOG, uid) conf_src = os.path.join(os.environ['CHARM_DIR'], 'files', 'logstash.conf') conf_dest = os.path.join(os.path.sep, 'etc', 'init', 'logstash.conf') shutil.copyfile(conf_src, conf_dest)
def get_user(): """Helper to ensure our user exists and return the username. """ if not user_exists(USER): adduser(USER, shell='/bin/false', system_user=True) return USER
def add_user_group(): host.adduser(REDDIT_USER) host.add_user_to_group(REDDIT_USER, REDDIT_GROUP) host.chownr(REDDIT_HOME, REDDIT_USER, REDDIT_GROUP)