def do_deploy_async(self, values, sender=None): log.debug9("TRACE: do_deploy_async") # Do the magic # # In case of error raise an exception # Get the domain name from the passed-in settings # or set it to the instance name if ommitted if 'domain_name' not in values: values['domain_name'] = self.get_name() if not self._valid_fqdn(values['domain_name']): raise RolekitError( INVALID_VALUE, "Invalid domain name: %s" % values['domain_name']) if "host_name" not in values: # Let's construct a new host name. host_part = self._get_hostname() if host_part.startswith("localhost"): # We'll assign a random hostname starting with "dc-" random_part = ''.join( random.choice(string.ascii_lowercase) for _ in range(16)) host_part = "dc-%s" % random_part values['host_name'] = "%s.%s" % (host_part, values['domain_name']) if not self._valid_fqdn(values['host_name']): raise RolekitError(INVALID_VALUE, "Invalid host name: %s" % values['host_name']) # Change the hostname with the hostnamectl API yield set_hostname(values['host_name']) # If left unspecified, default the realm to the # upper-case version of the domain name if 'realm_name' not in values: values['realm_name'] = values['domain_name'].upper() # If left unspecified, assign a random password for # the administrative user if 'admin_password' not in values: admin_pw_provided = False values['admin_password'] = generate_password() else: admin_pw_provided = True # If left unspecified, assign a random password for # the directory manager if 'dm_password' not in values: dm_pw_provided = False values['dm_password'] = generate_password() else: dm_pw_provided = True # Call ipa-server-install with the requested arguments ipa_install_args = [ 'ipa-server-install', '-U', '-r', values['realm_name'], '-d', values['domain_name'], '-p', values['dm_password'], '-a', values['admin_password'], ] # If the user has requested the DNS server, enable it if 'serve_dns' not in values: values['serve_dns'] = self._settings['serve_dns'] if values['serve_dns']: ipa_install_args.append('--setup-dns') # Pass the primary IP address if 'primary_ip' in values: ipa_install_args.append('--ip-address=%s' % values['primary_ip']) # if the user has requested DNS forwarders, add them if 'dns_forwarders' in values: [ ipa_install_args.append("--forwarder=%s" % x) for x in values['dns_forwarders']['ipv4'] ] [ ipa_install_args.append("--forwarder=%s" % x) for x in values['dns_forwarders']['ipv6'] ] else: ipa_install_args.append('--no-forwarders') # If the user has requested the reverse zone add it if 'reverse_zone' in values: for zone in values['reverse_zone']: ipa_install_args.append('--reverse-zone=%s' % zone) else: ipa_install_args.append('--no-reverse') # If the user has requested a specified ID range, # set up the argument to ipa-server-install if 'id_start' in values or 'id_max' in values: if ('id_start' not in values or 'id_max' not in values or not values['id_start'] or not values['id_max']): raise RolekitError( INVALID_VALUE, "Must specify id_start and id_max together") if (values['id_start'] and values['id_max'] <= values['id_start']): raise RolekitError(INVALID_VALUE, "id_max must be greater than id_start") ipa_install_args.append('--idstart=%d' % values['id_start']) ipa_install_args.append('--idmax=%d' % values['id_max']) # TODO: If the user has specified a root CA file, # set up the argument to ipa-server-install # Remove the passwords from the values so # they won't be saved to the settings if admin_pw_provided: values.pop('admin_password', None) if dm_pw_provided: values.pop('dm_password', None) result = yield async .subprocess_future(ipa_install_args) if result.status: # If the subprocess returned non-zero, raise an exception raise RolekitError(COMMAND_FAILED, "%d" % result.status) # Create the systemd target definition target = RoleDeploymentValues(self.get_type(), self.get_name(), "Domain Controller") target.add_required_units(['ipa.service']) # We're done! yield target
def do_deploy_async(self, values, sender=None): log.debug9("TRACE: do_deploy_async") # Do the magic # # In case of error raise an exception # Get the domain name from the passed-in settings # or set it to the instance name if ommitted if 'domain_name' not in values: values['domain_name'] = self.get_name() if not self._valid_fqdn(values['domain_name']): raise RolekitError(INVALID_VALUE, "Invalid domain name: %s" % values['domain_name']) if "host_name" not in values: # Let's construct a new host name. host_part = self._get_hostname() if host_part.startswith("localhost"): # We'll assign a random hostname starting with "dc-" random_part = ''.join(random.choice(string.ascii_lowercase) for _ in range(16)) host_part = "dc-%s" % random_part values['host_name'] = "%s.%s" % (host_part, values['domain_name']) if not self._valid_fqdn(values['host_name']): raise RolekitError(INVALID_VALUE, "Invalid host name: %s" % values['host_name']) # Change the hostname with the hostnamectl API yield set_hostname(values['host_name']) # If left unspecified, default the realm to the # upper-case version of the domain name if 'realm_name' not in values: values['realm_name'] = values['domain_name'].upper() # If left unspecified, assign a random password for # the administrative user if 'admin_password' not in values: admin_pw_provided = False values['admin_password'] = generate_password() else: admin_pw_provided = True # If left unspecified, assign a random password for # the directory manager if 'dm_password' not in values: dm_pw_provided = False values['dm_password'] = generate_password() else: dm_pw_provided = True # Call ipa-server-install with the requested arguments ipa_install_args = [ 'ipa-server-install', '-U', '-r', values['realm_name'], '-d', values['domain_name'], '-p', values['dm_password'], '-a', values['admin_password'], ] # If the user has requested the DNS server, enable it if 'serve_dns' not in values: values['serve_dns'] = self._settings['serve_dns'] if values['serve_dns']: ipa_install_args.append('--setup-dns') # Pass the primary IP address if 'primary_ip' in values: ipa_install_args.append('--ip-address=%s' % values['primary_ip']) # if the user has requested DNS forwarders, add them if 'dns_forwarders' in values: [ipa_install_args.append("--forwarder=%s" % x) for x in values['dns_forwarders']['ipv4']] [ipa_install_args.append("--forwarder=%s" % x) for x in values['dns_forwarders']['ipv6']] else: ipa_install_args.append('--no-forwarders') # If the user has requested the reverse zone add it if 'reverse_zone' in values: for zone in values['reverse_zone']: ipa_install_args.append('--reverse-zone=%s' % zone) else: ipa_install_args.append('--no-reverse') # If the user has requested a specified ID range, # set up the argument to ipa-server-install if 'id_start' in values or 'id_max' in values: if ('id_start' not in values or 'id_max' not in values or not values['id_start'] or not values['id_max']): raise RolekitError(INVALID_VALUE, "Must specify id_start and id_max together") if (values['id_start'] and values['id_max'] <= values['id_start']): raise RolekitError(INVALID_VALUE, "id_max must be greater than id_start") ipa_install_args.append('--idstart=%d' % values['id_start']) ipa_install_args.append('--idmax=%d' % values['id_max']) # TODO: If the user has specified a root CA file, # set up the argument to ipa-server-install # Remove the passwords from the values so # they won't be saved to the settings if admin_pw_provided: values.pop('admin_password', None) if dm_pw_provided: values.pop('dm_password', None) result = yield async.subprocess_future(ipa_install_args) if result.status: # If the subprocess returned non-zero, raise an exception raise RolekitError(COMMAND_FAILED, "%d" % result.status) # Create the systemd target definition target = RoleDeploymentValues(self.get_type(), self.get_name(), "Domain Controller") target.add_required_units(['ipa.service']) # We're done! yield target
def do_deploy_async(self, values, sender=None): log.debug9("TRACE: do_deploy_async") # Do the magic # # In case of error raise an exception # Ensure we have all the mandatory arguments if 'admin_password' not in values: raise RolekitError(INVALID_VALUE, "admin_password unset") # If the hostname wasn't specified, get it from the system fqdn = socket.getfqdn() if 'host_name' not in values: values['host_name'] = fqdn # Make sure this is a real hostname, not localhost.localdomain if values['host_name'].startswith("localhost"): raise RolekitError(INVALID_VALUE, "invalid hostname") # We have been asked to change the hostname as part of the # creation of the domain controller if values['host_name'] != fqdn: # Change the domain with the hostnamectl API yield set_hostname(values['host_name']) # Set the domain to the domain part of the if 'domain_name' not in values: values['domain_name'] = self._get_domain() # If left unspecified, default the realm to the # upper-case version of the domain name if 'realm_name' not in values: values['realm_name'] = values['domain_name'].upper() # If left unspecified, assign a random password for # the directory manager if 'dm_password' not in values: # Generate a random password values['dm_password'] = generate_password() # Call ipa-server-install with the requested arguments ipa_install_args = [ 'ipa-server-install', '-U', '-r', values['realm_name'], '-d', values['domain_name'], '-p', values['dm_password'], '-a', values['admin_password'], ] # If the user has requested the DNS server, enable it if 'serve_dns' not in values: values['serve_dns'] = self._settings['serve_dns'] if values['serve_dns']: ipa_install_args.append('--setup-dns') # Pass the primary IP address if 'primary_ip' in values: ipa_install_args.append('--ip-address=%s' % values['primary_ip']) # if the user has requested DNS forwarders, add them if 'dns_forwarders' in values: [ipa_install_args.append("--forwarder=%s" % x) for x in values['dns_forwarders']['ipv4']] [ipa_install_args.append("--forwarder=%s" % x) for x in values['dns_forwarders']['ipv6']] pass else: ipa_install_args.append('--no-forwarders') # If the user has requested the reverse zone add it if 'reverse_zone' in values: for zone in values['reverse_zone']: ipa_install_args.append('--reverse-zone=%s' % zone) else: ipa_install_args.append('--no-reverse') # If the user has requested a specified ID range, # set up the argument to ipa-server-install if 'id_start' in values or 'id_max' in values: if ('id_start' not in values or 'id_max' not in values or not values['id_start'] or not values['id_max']): raise RolekitError(INVALID_VALUE, "Must specify id_start and id_max together") if (values['id_start'] and values['id_max'] <= values['id_start']): raise RolekitError(INVALID_VALUE, "id_max must be greater than id_start") ipa_install_args.append('--idstart=%d' % values['id_start']) ipa_install_args.append('--idmax=%d' % values['id_max']) # TODO: If the user has specified a root CA file, # set up the argument to ipa-server-install # Remove the admin_password from the values so # it won't be saved to the settings values.pop('admin_password', None) result = yield async.subprocess_future(ipa_install_args) if result.status: # If the subprocess returned non-zero, raise an exception raise RolekitError(COMMAND_FAILED, "%d" % result.status) # Create the systemd target definition target = {'Role': 'domaincontroller', 'Instance': self.get_name(), 'Description': "Domain Controller Role - %s" % self.get_name(), 'Wants': ['ipa.service'], 'After': ['syslog.target', 'network.target']} # We're done! yield target
def do_deploy_async(self, values, sender=None): log.debug9("TRACE: do_deploy_async") # Do the magic # # In case of error raise an exception # Ensure we have all the mandatory arguments if 'admin_password' not in values: raise RolekitError(INVALID_VALUE, "admin_password unset") # If the hostname wasn't specified, get it from the system fqdn = socket.getfqdn() if 'host_name' not in values: values['host_name'] = fqdn # Make sure this is a real hostname, not localhost.localdomain if values['host_name'].startswith("localhost"): raise RolekitError(INVALID_VALUE, "invalid hostname") # We have been asked to change the hostname as part of the # creation of the domain controller if values['host_name'] != fqdn: # Change the domain with the hostnamectl API yield set_hostname(values['host_name']) # Set the domain to the domain part of the if 'domain_name' not in values: values['domain_name'] = self._get_domain() # If left unspecified, default the realm to the # upper-case version of the domain name if 'realm_name' not in values: values['realm_name'] = values['domain_name'].upper() # If left unspecified, assign a random password for # the directory manager if 'dm_password' not in values: # Generate a random password values['dm_password'] = generate_password() # Call ipa-server-install with the requested arguments ipa_install_args = [ 'ipa-server-install', '-U', '-r', values['realm_name'], '-d', values['domain_name'], '-p', values['dm_password'], '-a', values['admin_password'], ] # If the user has requested the DNS server, enable it if 'serve_dns' not in values: values['serve_dns'] = self._settings['serve_dns'] if values['serve_dns']: ipa_install_args.append('--setup-dns') # Pass the primary IP address if 'primary_ip' in values: ipa_install_args.append('--ip-address=%s' % values['primary_ip']) # if the user has requested DNS forwarders, add them if 'dns_forwarders' in values: [ ipa_install_args.append("--forwarder=%s" % x) for x in values['dns_forwarders']['ipv4'] ] [ ipa_install_args.append("--forwarder=%s" % x) for x in values['dns_forwarders']['ipv6'] ] pass else: ipa_install_args.append('--no-forwarders') # If the user has requested the reverse zone add it if 'reverse_zone' in values: for zone in values['reverse_zone']: ipa_install_args.append('--reverse-zone=%s' % zone) else: ipa_install_args.append('--no-reverse') # If the user has requested a specified ID range, # set up the argument to ipa-server-install if 'id_start' in values or 'id_max' in values: if ('id_start' not in values or 'id_max' not in values or not values['id_start'] or not values['id_max']): raise RolekitError( INVALID_VALUE, "Must specify id_start and id_max together") if (values['id_start'] and values['id_max'] <= values['id_start']): raise RolekitError(INVALID_VALUE, "id_max must be greater than id_start") ipa_install_args.append('--idstart=%d' % values['id_start']) ipa_install_args.append('--idmax=%d' % values['id_max']) # TODO: If the user has specified a root CA file, # set up the argument to ipa-server-install # Remove the admin_password from the values so # it won't be saved to the settings values.pop('admin_password', None) result = yield async .subprocess_future(ipa_install_args) if result.status: # If the subprocess returned non-zero, raise an exception raise RolekitError(COMMAND_FAILED, "%d" % result.status) # Create the systemd target definition target = { 'Role': 'domaincontroller', 'Instance': self.get_name(), 'Description': "Domain Controller Role - %s" % self.get_name(), 'Wants': ['ipa.service'], 'After': ['syslog.target', 'network.target'] } # We're done! yield target