def install_rally(self):
kv = unitdata.kv()
if kv.get('rallyinstalled', False):
return True
if not self._load_envvars:
hookenv.log('install_rally - could not load nagios.novarc')
return False
user = self._rallyuser
host.adduser(user)
host.mkdir(os.path.join('/home', user),
owner=user,
group=user,
perms=0o755,
force=False)
for tool in ['rally', 'tempest']:
toolname = 'fcbtest.{}init'.format(tool)
installed = self._run_as(user, [toolname])
if not installed:
hookenv.log(
'install_rally - could not initialize {}'.format(tool))
return False
kv.set('rallyinstalled', True)
return True
def git_pre_install():
"""Perform pre-install setup."""
dirs = [
'/var/lib/nova',
'/var/lib/nova/buckets',
'/var/lib/nova/CA',
'/var/lib/nova/CA/INTER',
'/var/lib/nova/CA/newcerts',
'/var/lib/nova/CA/private',
'/var/lib/nova/CA/reqs',
'/var/lib/nova/images',
'/var/lib/nova/instances',
'/var/lib/nova/keys',
'/var/lib/nova/networks',
'/var/lib/nova/tmp',
'/var/lib/neutron',
'/var/lib/neutron/lock',
'/var/log/nova',
'/etc/neutron',
'/etc/neutron/plugins',
'/etc/neutron/plugins/ml2',
]
adduser('nova', shell='/bin/bash', system_user=True)
subprocess.check_call(['usermod', '--home', '/var/lib/nova', 'nova'])
add_group('nova', system_group=True)
add_user_to_group('nova', 'nova')
adduser('neutron', shell='/bin/bash', system_user=True)
add_group('neutron', system_group=True)
add_user_to_group('neutron', 'neutron')
for d in dirs:
mkdir(d, owner='nova', group='nova', perms=0755, force=False)
def configured_devpi():
status.maintenance('Configuring devpi')
DEVPI_PATH.mkdir(mode=0o755, parents=True, exist_ok=True)
devpi_server_bin = DEVPI_ENV_BIN / 'devpi-server'
# initialize devpi
adduser('devpi')
chownr(str(DEVPI_PATH), 'devpi', 'devpi', chowntopdir=True)
check_call([
'sudo', '-u', 'devpi',
str(devpi_server_bin), '--init', '--serverdir',
str(DEVPI_PATH)
])
# render service
render('devpi.service',
'/etc/systemd/system/devpi.service',
context={
'devpi_server_bin': devpi_server_bin,
'devpi_path': str(DEVPI_PATH)
})
open_port(3141)
# enable service
check_call(['systemctl', 'enable', 'devpi.service'])
# start service
check_call(['systemctl', 'start', 'devpi.service'])
status.active('devpi running')
set_flag('devpi.configured')
def git_pre_install():
"""Perform pre-install setup."""
dirs = [
'/var/lib/nova',
'/var/lib/nova/buckets',
'/var/lib/nova/CA',
'/var/lib/nova/CA/INTER',
'/var/lib/nova/CA/newcerts',
'/var/lib/nova/CA/private',
'/var/lib/nova/CA/reqs',
'/var/lib/nova/images',
'/var/lib/nova/instances',
'/var/lib/nova/keys',
'/var/lib/nova/networks',
'/var/lib/nova/tmp',
'/var/lib/neutron',
'/var/lib/neutron/lock',
'/var/log/nova',
'/etc/neutron',
'/etc/neutron/plugins',
'/etc/neutron/plugins/ml2',
]
adduser('nova', shell='/bin/bash', system_user=True)
subprocess.check_call(['usermod', '--home', '/var/lib/nova', 'nova'])
add_group('nova', system_group=True)
add_user_to_group('nova', 'nova')
adduser('neutron', shell='/bin/bash', system_user=True)
add_group('neutron', system_group=True)
add_user_to_group('neutron', 'neutron')
for d in dirs:
mkdir(d, owner='nova', group='nova', perms=0755, force=False)
def install_couchpotato():
hookenv.status_set('maintenance', 'creating user')
host.adduser(cp.user,
password="",
shell='/bin/False',
home_dir=cp.home_dir)
hookenv.status_set('maintenance', 'installing dependencies')
fetch.apt_update()
fetch.apt_install(['git', 'python2.7', 'python-openssl', 'python-lxml'])
hookenv.status_set('maintenance', 'cloning repository')
if os.path.isdir(cp.install_dir):
shutil.rmtree(cp.install_dir)
subprocess.check_call([
"git clone https://github.com/CouchPotato/CouchPotatoServer.git " +
cp.install_dir
],
shell=True)
host.chownr(cp.home_dir, owner=cp.user, group=cp.user)
context = {'couchpath': cp.executable, 'couchuser': cp.user}
templating.render(cp.service_name,
'/etc/systemd/system/{}'.format(cp.service_name),
context)
cp.enable()
hookenv.open_port(cp.charm_config['port'], 'TCP')
set_state('couchpotato.installed')
hookenv.status_set('maintenance', 'installation complete')
def install():
if is_state('app.installed'):
return
adduser('puma')
fetch.apt_install(fetch.filter_installed_packages(['git', 'libpq-dev', 'nodejs']))
install_site()
def install():
config = hookenv.config()
host.adduser(USER, password='')
host.mkdir(BASE_DIR, owner=USER, group=USER)
# Meteor install script needs this
os.environ['HOME'] = os.path.expanduser('~' + USER)
hookenv.log('Installing dependencies')
fetch.add_source(NODEJS_REPO)
fetch.apt_update()
fetch.apt_install(PACKAGES)
hookenv.log('Installing Meteor')
subprocess.check_call(DOWNLOAD_CMD.split())
subprocess.check_call(INSTALL_CMD.split())
subprocess.check_call('npm install -g meteorite'.split())
init_code(config)
init_bundle(config)
init_dependencies(config)
hookenv.open_port(config['port'])
subprocess.check_call(
['chown', '-R', '{user}:{user}'.format(user=USER), BASE_DIR])
config['mongo_url'] = ''
write_upstart(config)
def install_layer_openmano():
status_set('maintenance', 'Installing')
cfg = config()
# TODO change user home
# XXX security issue!
host.adduser(USER, password=USER)
# TODO check out a branch
dest_dir = install_remote(
cfg['source'],
dest=INSTALL_PATH,
depth='1',
branch='master',
)
os.mkdir(os.path.join(dest_dir, 'logs'))
host.chownr(dest_dir, USER, USER)
kvdb.set('repo', dest_dir)
os.mkdir('/home/{}/bin'.format(USER))
os.symlink(
"{}/openmano".format(dest_dir),
"/home/{}/bin/openmano".format(USER))
os.symlink(
"{}/scripts/openmano-report.sh".format(dest_dir),
"/home/{}/bin/openmano-report.sh".format(USER))
os.symlink(
"{}/scripts/service-openmano.sh".format(dest_dir),
"/home/{}/bin/service-openmano".format(USER))
open_port(9090)
set_state('openmano.installed')
def install():
""" Install Hook """
log('ftb-infinity: install')
status_set('maintenance', 'installing FTB modpack')
# Add user
adduser(FTB_USER)
mkdir(FTB_HOME, owner=FTB_USER, group=FTB_USER, perms=0o750)
check_call(['usermod', '-s', '/bin/bash', '-d', FTB_HOME, FTB_USER])
# Download ftb
ArchiveUrlFetchHandler().install(FTB_DL_URL, FTB_HOME)
# Sanitize permissions, zip!
chownr(FTB_HOME, FTB_USER, FTB_USER)
path = os.path.join(FTB_HOME, 'FTBInstall.sh')
s = os.stat(path)
os.chmod(path, s.st_mode | stat.S_IXUSR | stat.S_IXGRP)
# Accept EULA
sed(os.path.join(FTB_HOME, 'eula.txt'), 'eula=false', 'eula=true')
# Download minecraft jars
with chdir(FTB_HOME):
check_call(['sudo', '-u', FTB_USER, '-H', os.path.join(FTB_HOME, 'FTBInstall.sh')])
# Render server.properties
ftb_config_server()
# Deploy systemd service
ftb_systemd_install()
set_state(CHARM_STATE_AVAILABLE)
status_set('waiting', 'ftb downloaded')
def ensure_user():
adduser(CI_USER)
add_user_to_group(CI_USER, CI_GROUP)
home = os.path.join('/home', CI_USER)
if not os.path.isdir(home):
os.mkdir(home)
subprocess.check_call(['chown', '-R', '%s:%s' % (CI_USER, CI_GROUP), home])
def git_pre_install():
"""Perform glance pre-install setup."""
dirs = [
'/var/lib/glance',
'/var/lib/glance/images',
'/var/lib/glance/image-cache',
'/var/lib/glance/image-cache/incomplete',
'/var/lib/glance/image-cache/invalid',
'/var/lib/glance/image-cache/queue',
'/var/log/glance',
]
logs = [
'/var/log/glance/glance-api.log',
'/var/log/glance/glance-registry.log',
]
adduser('glance', shell='/bin/bash', system_user=True)
add_group('glance', system_group=True)
add_user_to_group('glance', 'glance')
for d in dirs:
mkdir(d, owner='glance', group='glance', perms=0755, force=False)
for l in logs:
write_file(l, '', owner='glance', group='glance', perms=0600)
def _install_mattermost():
# Backup existing installation if it exists
backup_path = None
if os.path.isdir('/opt/mattermost'):
backup_path = "/opt/mattermost.back{}".format(
str(datetime.datetime.now()))
shutil.move('/opt/mattermost', backup_path)
# Create mattermost user & group if not exists
if not group_exists('mattermost'):
add_group("mattermost")
if not user_exists('mattermost'):
adduser("mattermost", system_user=True)
# Get and uppack resource
mattermost_bdist = resource_get('bdist')
extract_tarfile(mattermost_bdist, destpath="/opt")
# Render systemd template
render(source="mattermost.service.tmpl",
target="/etc/systemd/system/mattermost.service",
perms=0o644,
owner="root",
context={})
check_call(['systemctl', 'daemon-reload'])
if backup_path:
shutil.move('{}/config/config.json'.format(backup_path),
'/opt/mattermost/config/config.json')
shutil.move('{}/data'.format(backup_path), '/opt/mattermost/')
# Create dirs that don't exist yet
for folder in ("data", "logs", "config"):
os.makedirs("/opt/mattermost/{}".format(folder),
mode=0o700,
exist_ok=True)
chownr("/opt/mattermost", "mattermost", "mattermost", chowntopdir=True)
def install_crowd():
host.adduser('crowd')
fetch.install_remote(
source=CROWD_URL.format(hookenv.config('crowd-version')), # version
dest=CROWD_INSTALL,
# checksum=None,
# hash_type='sha1'
)
host.lchownr(
CROWD_INSTALL,
owner='crowd',
group='crowd',
)
for dir in [
'{}/atlassian-crowd-{}'.format(CROWD_INSTALL,
hookenv.config('crowd-version')),
'/var/crowd-home',
'/var/crowd-home/shared/',
]:
try:
mkdir(dir)
except:
pass
host.chownr(
dir,
owner='crowd',
group='crowd',
chowntopdir=True,
)
set_flag('crowd.installed')
def install():
conf = hookenv.config()
context = get_install_context()
gogs_bdist = hookenv.resource_get('bdist')
check_call(["tar", "xzf", gogs_bdist], cwd="/opt")
# Create gogs user & group
add_group(context['group'])
adduser(context['user'], system_user=True)
for dir in ('.ssh', 'repositories', 'data', 'logs'):
os.makedirs(
os.path.join(context['home'], dir), mode=0o700, exist_ok=True)
os.makedirs(os.path.join(context['home'], 'custom', 'conf'),
mode=0o755, exist_ok=True)
chownr(context['home'], context['user'], context['group'], True, True)
render(source='upstart',
target="/etc/init/gogs.conf",
perms=0o644,
context=context)
render(source='gogs.service',
target="/lib/systemd/system/gogs.service",
perms=0o644,
context=context)
hookenv.status_set('maintenance', 'installation complete')
def create_user_and_group_if_not_exists(user, group):
"""Create documize user & group if not exists
"""
if not group_exists(group):
add_group(group)
if not user_exists(user):
adduser(user, system_user=True)
def install():
execd_preinstall()
#add_source(config_data['source'], config_data['key'])
#apt_update(fatal=True)
apt_install(packages=ROUTER_PACKAGES, fatal=True)
host.adduser('vcap')
dirs = [CF_DIR + '/src/github.com/cloudfoundry', CF_DIR + '/config',
CF_DIR + '/src/github.com/stretchr',
'/var/vcap/sys/run/gorouter', '/var/vcap/sys/log/gorouter']
for dir in dirs:
host.mkdir(dir, owner='vcap', group='vcap', perms=0775)
emit_routerconf()
install_upstart_scripts()
os.chdir(CF_DIR)
os.environ['GOPATH'] = CF_DIR
os.environ["PATH"] = CF_DIR + os.pathsep + os.environ["PATH"]
os.chdir(CF_DIR + '/src/github.com/cloudfoundry')
run(['git', 'clone', 'https://github.com/cloudfoundry/gorouter.git'])
os.chdir(CF_DIR + '/src/github.com/stretchr/')
run(['git', 'clone', 'https://github.com/stretchr/objx.git'])
os.chdir(CF_DIR)
run(['go', 'get', '-v', './src/github.com/cloudfoundry/gorouter/...'])
run(['go', 'get', '-v', './...'])
run(['go', 'build', '-v', './...'])
chownr('/var/lib/cloudfoundry', owner='vcap', group='vcap')
chownr('/var/vcap', owner='vcap', group='vcap')
def _install_mattermost():
# Backup existing installation if it exists
backup_path = None
if os.path.isdir('/opt/mattermost'):
backup_path = "/opt/mattermost.back{}".format(str(datetime.datetime.now()))
shutil.move('/opt/mattermost', backup_path)
# Create mattermost user & group if not exists
if not group_exists('mattermost'):
add_group("mattermost")
if not user_exists('mattermost'):
adduser("mattermost", system_user=True)
# Get and uppack resource
mattermost_bdist = resource_get('bdist')
extract_tarfile(mattermost_bdist, destpath="/opt")
# Render systemd template
render(source="mattermost.service.tmpl",
target="/etc/systemd/system/mattermost.service",
perms=0o644,
owner="root",
context={})
check_call(['systemctl', 'daemon-reload'])
if backup_path:
shutil.move(
'{}/config/config.json'.format(backup_path),
'/opt/mattermost/config/config.json')
shutil.move(
'{}/data'.format(backup_path),
'/opt/mattermost/')
# Create dirs that don't exist yet
for folder in ("data", "logs", "config"):
os.makedirs("/opt/mattermost/{}".format(folder),
mode=0o700,
exist_ok=True)
chownr("/opt/mattermost", "mattermost", "mattermost", chowntopdir=True)
def create_repo(git):
username = git.get_remote('username')
service = remote_service_name()
repo_path = os.path.join(repo_root(), service+'.git')
host.add_group(username)
host.adduser(username, password=host.pwgen(32), shell='/usr/bin/git-shell')
ssh_public_key = git.get_remote('ssh-public-key')
dotssh_dir = '/home/{}/.ssh/'.format(username)
host.mkdir(dotssh_dir, username, username, 0o700)
host.write_file(dotssh_dir + 'authorized_keys',
ssh_public_key.encode('utf-8'),
username, username, 0o400)
host.mkdir(repo_path, group=username, perms=0o770)
subprocess.check_call(['git', 'init', '--bare', '--shared=group', repo_path])
# Create server-side hook that will inform
# clients whenever changes are committed.
create_git_hooks(repo_path, username)
# Make the repo owned by <username>.
chown_repo(repo_path, username)
# TODO(axw) read and publish all host keys.
ssh_host_keys = [open(SSH_HOST_RSA_KEY).read()]
git.configure(repo_path, ssh_host_keys)
set_state('git.repo.created')
status_set('active', '')
def install_layer_openmano():
status_set('maintenance', 'Installing')
cfg = config()
# TODO change user home
# XXX security issue!
host.adduser(USER, password=USER)
# TODO check out a branch
dest_dir = install_remote(
cfg['source'],
dest=INSTALL_PATH,
depth='1',
branch='master',
)
os.mkdir(os.path.join(dest_dir, 'logs'))
host.chownr(dest_dir, USER, USER)
kvdb.set('repo', dest_dir)
os.mkdir('/home/{}/bin'.format(USER))
os.symlink("{}/openmano".format(dest_dir),
"/home/{}/bin/openmano".format(USER))
os.symlink("{}/scripts/openmano-report.sh".format(dest_dir),
"/home/{}/bin/openmano-report.sh".format(USER))
os.symlink("{}/scripts/service-openmano.sh".format(dest_dir),
"/home/{}/bin/service-openmano".format(USER))
open_port(9090)
set_state('openmano.installed')
def git_pre_install():
"""Perform glance pre-install setup."""
dirs = [
'/var/lib/glance',
'/var/lib/glance/images',
'/var/lib/glance/image-cache',
'/var/lib/glance/image-cache/incomplete',
'/var/lib/glance/image-cache/invalid',
'/var/lib/glance/image-cache/queue',
'/var/log/glance',
]
logs = [
'/var/log/glance/glance-api.log',
'/var/log/glance/glance-registry.log',
]
adduser('glance', shell='/bin/bash', system_user=True)
add_group('glance', system_group=True)
add_user_to_group('glance', 'glance')
for d in dirs:
mkdir(d, owner='glance', group='glance', perms=0755, force=False)
for l in logs:
write_file(l, '', owner='glance', group='glance', perms=0600)
def ensure_user():
adduser(CI_USER)
add_user_to_group(CI_USER, CI_GROUP)
home = os.path.join('/home', CI_USER)
if not os.path.isdir(home):
os.mkdir(home)
subprocess.check_call(
['chown', '-R', '%s:%s' % (CI_USER, CI_GROUP), home])
def install():
if is_state('oostore.available'):
return
host.adduser('oostore', system_user=True)
host.add_group('oostore', system_group=True)
host.add_user_to_group('oostore', 'oostore')
install_workload()
set_state('oostore.available')
def install_base_dependencies():
fetch.apt_install(packages=fetch.filter_installed_packages([
'ruby', 'monit', 'runit', 'zip', 'unzip']))
gem_file = os.path.join(hookenv.charm_dir(),
'files/bosh-template-1.2611.0.pre.gem')
host.adduser('vcap')
enable_monit_http_interface()
subprocess.check_call(['gem', 'install', '--no-ri', '--no-rdoc', gem_file])
def install_tengu():
if not os.path.isdir('/home/{}'.format(USER)):
os.mkdir('/home/{}'.format(USER))
adduser(USER)
chownr('/home/{}'.format(USER), USER, USER, chowntopdir=True)
if not os.path.isdir(API_DIR):
os.mkdir(API_DIR)
mergecopytree('files/tengu_ui', API_DIR)
chownr(API_DIR, USER, GROUP, chowntopdir=True)
def create_prometheus_user():
if not group_exists('prometheus'):
add_group('prometheus', system_group=True)
if not user_exists('prometheus'):
adduser(
'prometheus',
shell='/bin/false',
system_user=True,
primary_group='prometheus',
home_dir='/var/lib/prometheus',
)
set_state('prometheus.user.available')
def add_users(self):
for group in self.groups:
host.add_group(group)
for username, details in self.users.items():
primary_grp = None
secondary_grps = None
groups = details.get('groups', [])
if groups:
primary_grp = groups[0]
secondary_grps = groups[1:]
hookenv.log('Creating user {0} in primary group {1} and secondary groups {2}'
.format(username, primary_grp, secondary_grps))
host.adduser(username, primary_group=primary_grp, secondary_groups=secondary_grps)
def install_solr():
version = config('solr_version')
adduser('solr')
au.download(
"http://archive.apache.org/dist/lucene/solr/{0}/solr-{0}.tgz".format(
version), "/tmp/solr.tgz")
mkdir('/opt/solr')
check_output([
'tar', 'xvfz', "/tmp/solr.tgz", '-C', "/opt/solr",
'--strip-components=1'
])
chownr('/opt/solr', 'solr', 'solr', chowntopdir=True)
set_state('solr.installed')
def add_user():
"""
Adding passwordless sudo access to nova user and adding to required groups
"""
try:
add_group(DMAPI_GRP, system_group=True)
adduser(DMAPI_USR, password=None, shell='/bin/bash', system_user=True)
add_user_to_group(DMAPI_USR, DMAPI_GRP)
except Exception as e:
log("Failed while adding user with msg: {}".format(e))
return False
return True
def add_users(self):
for group in self.groups:
host.add_group(group)
for username, details in self.users.items():
primary_grp = None
secondary_grps = None
groups = details.get('groups', [])
if groups:
primary_grp = groups[0]
secondary_grps = groups[1:]
hookenv.log('Creating user {0} in primary group {1} and secondary groups {2}'
.format(username, primary_grp, secondary_grps))
host.adduser(username, primary_group=primary_grp, secondary_groups=secondary_grps)
def fix_supervisord():
# setup supervisord
if not user_exists('contrail'):
adduser('contrail', system_user=True)
shutil.copy('files/supervisor-webui.conf', '/etc/init')
shutil.copy('files/supervisord_webui.conf', '/etc/contrail')
pw = pwd.getpwnam('contrail')
os.chown('/etc/contrail/supervisord_webui.conf', pw.pw_uid, pw.pw_gid)
mkdir('/etc/contrail/supervisord_webui_files', owner='contrail',
group='contrail', perms=0o755)
mkdir('/var/log/contrail', owner='contrail', group='adm', perms=0o750)
def git_pre_install():
"""Perform cinder pre-install setup."""
dirs = [{
'path': '/etc/tgt',
'owner': 'cinder',
'group': 'cinder',
'perms': 0750,
}, {
'path': '/var/lib/cinder',
'owner': 'cinder',
'group': 'cinder',
'perms': 0755,
}, {
'path': '/var/lib/cinder/volumes',
'owner': 'cinder',
'group': 'cinder',
'perms': 0750,
}, {
'path': '/var/lock/cinder',
'owner': 'cinder',
'group': 'root',
'perms': 0750,
}, {
'path': '/var/log/cinder',
'owner': 'cinder',
'group': 'cinder',
'perms': 0750,
}]
logs = [
'/var/log/cinder/cinder-api.log',
'/var/log/cinder/cinder-backup.log',
'/var/log/cinder/cinder-scheduler.log',
'/var/log/cinder/cinder-volume.log',
]
adduser('cinder', shell='/bin/bash', system_user=True)
add_group('cinder', system_group=True)
add_user_to_group('cinder', 'cinder')
for d in dirs:
mkdir(d['path'],
owner=d['owner'],
group=d['group'],
perms=d['perms'],
force=False)
for l in logs:
write_file(l, '', owner='cinder', group='cinder', perms=0600)
def install():
''' Juju calls the start hook after the charm is created. '''
hookenv.log('Starting install hook.')
# Install the software packages that will be used in this charm.
apt_packages = ['git', 'python-pip', 'python-requests', 'unzip', 'wget']
fetch.apt_install(fetch.filter_installed_packages(apt_packages))
# Create the consul user and group.
host.adduser('consul', shell='/sbin/nologin', system_user=True)
# The lib directory is where consul files are written.
host.mkdir(LIB_DIRECTORY, owner='consul', group='consul')
# The share directory is for the web_ui
host.mkdir(SHARE_DIRECTORY, owner='consul', group='consul')
# Copy the upstart file to the init directory.
UPSTART_FILE.copy(INIT_CONSUL)
hookenv.log('The install hook finished.')
def install():
''' Juju calls the start hook after the charm is created. '''
hookenv.log('Starting install hook.')
# Install the software packages that will be used in this charm.
apt_packages = ['git', 'python-pip', 'python-requests', 'unzip', 'wget']
fetch.apt_install(fetch.filter_installed_packages(apt_packages))
# Create the consul user and group.
host.adduser('consul', shell='/sbin/nologin', system_user=True)
# The lib directory is where consul files are written.
host.mkdir(LIB_DIRECTORY, owner='consul', group='consul')
# The share directory is for the web_ui
host.mkdir(SHARE_DIRECTORY, owner='consul', group='consul')
# Copy the upstart file to the init directory.
UPSTART_FILE.copy(INIT_CONSUL)
hookenv.log('The install hook finished.')
def perms():
for p in paths:
makedirs(p[0], exist_ok=True)
try:
getgrnam(p[2])
except KeyError:
add_group(p[2], system_group=True)
if not user_exists(p[1]):
adduser(p[1], shell='/bin/false', system_user=True,
primary_group=p[2])
# Ensure path is owned appropriately
chownr(path=p[0], owner=p[1], group=p[2], chowntopdir=True)
def fix_supervisord():
# setup supervisord
if not user_exists('contrail'):
adduser('contrail', system_user=True)
shutil.copy('files/supervisor-webui.conf', '/etc/init')
shutil.copy('files/supervisord_webui.conf', '/etc/contrail')
pw = pwd.getpwnam('contrail')
os.chown('/etc/contrail/supervisord_webui.conf', pw.pw_uid, pw.pw_gid)
mkdir('/etc/contrail/supervisord_webui_files',
owner='contrail',
group='contrail',
perms=0o755)
mkdir('/var/log/contrail', owner='contrail', group='adm', perms=0o750)
def install():
execd_preinstall()
add_source(config_data['source'], config_data['key'])
apt_update(fatal=True)
apt_install(packages=CC_PACKAGES, fatal=True)
host.adduser('vcap')
host.write_file(CC_DB_FILE, '', owner='vcap', group='vcap', perms=0775)
dirs = [CC_RUN_DIR, NGINX_RUN_DIR, CC_LOG_DIR, NGINX_LOG_DIR,
'/var/vcap/data/cloud_controller_ng/tmp/uploads',
'/var/vcap/data/cloud_controller_ng/tmp/staged_droplet_uploads',
'/var/vcap/nfs/store']
for item in dirs:
host.mkdir(item, owner='vcap', group='vcap', perms=0775)
chownr('/var/vcap', owner='vcap', group='vcap')
chownr(CF_DIR, owner='vcap', group='vcap')
install_upstart_scripts()
def perms():
for p in paths:
makedirs(p[0], exist_ok=True)
try:
getgrnam(p[2])
except KeyError:
add_group(p[2], system_group=True)
if not user_exists(p[1]):
adduser(p[1],
shell='/bin/false',
system_user=True,
primary_group=p[2])
# Ensure path is owned appropriately
chownr(path=p[0], owner=p[1], group=p[2], chowntopdir=True)
def install():
adduser('django')
dcfg = django.config()
status_set('maintenance', 'installing system deps')
apt_install(['build-essential', 'binutils-doc', 'autoconf', 'authbind',
'bison', 'libjpeg-dev', 'libfreetype6-dev', 'zlib1g-dev',
'libzmq3-dev', 'libgdbm-dev', 'libncurses5-dev', 'automake',
'libtool', 'libffi-dev', 'curl', 'git', 'gettext', 'flex',
'postgresql-client', 'postgresql-client-common', 'python3',
'python3-pip', 'python-dev', 'python3-dev', 'python-pip',
'libxml2-dev', 'virtualenvwrapper', 'libxslt-dev', 'git-core',
'python-git', 'libpq-dev'] + dcfg.get('apt-packages', []))
subprocess.check_call([django.pip(), 'install', 'circus', 'gunicorn', ])
source_install(dcfg)
open_port(config('django-port'))
start()
def git_pre_install():
"""Perform cinder pre-install setup."""
dirs = [{'path': '/etc/tgt',
'owner': 'cinder',
'group': 'cinder',
'perms': 0750,
},
{'path': '/var/lib/cinder',
'owner': 'cinder',
'group': 'cinder',
'perms': 0755,
},
{'path': '/var/lib/cinder/volumes',
'owner': 'cinder',
'group': 'cinder',
'perms': 0750,
},
{'path': '/var/lock/cinder',
'owner': 'cinder',
'group': 'root',
'perms': 0750,
},
{'path': '/var/log/cinder',
'owner': 'cinder',
'group': 'cinder',
'perms': 0750,
}]
logs = [
'/var/log/cinder/cinder-api.log',
'/var/log/cinder/cinder-backup.log',
'/var/log/cinder/cinder-scheduler.log',
'/var/log/cinder/cinder-volume.log',
]
adduser('cinder', shell='/bin/bash', system_user=True)
add_group('cinder', system_group=True)
add_user_to_group('cinder', 'cinder')
for d in dirs:
mkdir(d['path'], owner=d['owner'], group=d['group'], perms=d['perms'],
force=False)
for l in logs:
write_file(l, '', owner='cinder', group='cinder', perms=0600)
def install_layer_openmano():
status_set('maintenance', 'Installing')
cfg = config()
# TODO change user home
# XXX security issue!
host.adduser(USER, password=USER)
if os.path.isdir(INSTALL_PATH):
rmtree(INSTALL_PATH)
gitrepo.clone_from(
cfg['repository'],
INSTALL_PATH,
branch=cfg['branch'],
)
chownr(
INSTALL_PATH,
owner=USER,
group=USER,
follow_links=False,
chowntopdir=True
)
os.mkdir(os.path.join(INSTALL_PATH, 'logs'))
chownr(INSTALL_PATH, USER, USER)
kvdb.set('repo', INSTALL_PATH)
os.mkdir('/home/{}/bin'.format(USER))
os.symlink(
"{}/openmano".format(INSTALL_PATH),
"/home/{}/bin/openmano".format(USER))
os.symlink(
"{}/scripts/openmano-report.sh".format(INSTALL_PATH),
"/home/{}/bin/openmano-report.sh".format(USER))
os.symlink(
"{}/scripts/service-openmano.sh".format(INSTALL_PATH),
"/home/{}/bin/service-openmano".format(USER))
open_port(9090)
set_state('openmano.installed')
def install():
if config.get("install-sources"):
configure_sources(update=True, sources_var="install-sources",
keys_var="install-keys")
# install packages
apt_install(PACKAGES, fatal=True)
install_url = config["install-url"]
if install_url:
# install opendaylight from tarball
# this extracts the archive too
install_remote(install_url, dest="/opt")
# The extracted dirname. Look at what's on disk instead of mangling, so
# the distribution tar.gz's name doesn't matter.
install_dir_name = [
f for f in os.listdir("/opt")
if f.startswith("distribution-karaf")][0]
if not os.path.exists("/opt/opendaylight-karaf"):
os.symlink(install_dir_name, "/opt/opendaylight-karaf")
else:
apt_install([KARAF_PACKAGE], fatal=True)
install_dir_name = "opendaylight-karaf"
if init_is_systemd():
shutil.copy("files/odl-controller.service", "/lib/systemd/system")
service('enable', 'odl-controller')
else:
shutil.copy("files/odl-controller.conf", "/etc/init")
adduser("opendaylight", system_user=True)
mkdir("/home/opendaylight", owner="opendaylight", group="opendaylight",
perms=0755)
check_call(
["chown", "-R", "opendaylight:opendaylight",
os.path.join("/opt", install_dir_name)])
mkdir("/var/log/opendaylight", owner="opendaylight", group="opendaylight",
perms=0755)
# install features
write_mvn_config()
service_start("odl-controller")
def git_pre_install():
"""Perform pre-install setup."""
dirs = [
'/etc/neutron',
'/etc/neutron/rootwrap.d',
'/etc/neutron/plugins',
'/etc/nova',
'/var/lib/neutron',
'/var/lib/neutron/lock',
'/var/log/neutron',
]
logs = [
'/var/log/neutron/bigswitch-agent.log',
'/var/log/neutron/dhcp-agent.log',
'/var/log/neutron/l3-agent.log',
'/var/log/neutron/lbaas-agent.log',
'/var/log/neutron/ibm-agent.log',
'/var/log/neutron/linuxbridge-agent.log',
'/var/log/neutron/metadata-agent.log',
'/var/log/neutron/metering_agent.log',
'/var/log/neutron/mlnx-agent.log',
'/var/log/neutron/nec-agent.log',
'/var/log/neutron/nvsd-agent.log',
'/var/log/neutron/openflow-agent.log',
'/var/log/neutron/openvswitch-agent.log',
'/var/log/neutron/ovs-cleanup.log',
'/var/log/neutron/ryu-agent.log',
'/var/log/neutron/server.log',
'/var/log/neutron/sriov-agent.log',
'/var/log/neutron/vpn_agent.log',
]
adduser('neutron', shell='/bin/bash', system_user=True)
add_group('neutron', system_group=True)
add_user_to_group('neutron', 'neutron')
for d in dirs:
mkdir(d, owner='neutron', group='neutron', perms=0755, force=False)
for l in logs:
write_file(l, '', owner='neutron', group='neutron', perms=0644)
def git_pre_install():
"""Perform pre-install setup."""
dirs = [
'/etc/neutron',
'/etc/neutron/rootwrap.d',
'/etc/neutron/plugins',
'/etc/nova',
'/var/lib/neutron',
'/var/lib/neutron/lock',
'/var/log/neutron',
]
logs = [
'/var/log/neutron/bigswitch-agent.log',
'/var/log/neutron/dhcp-agent.log',
'/var/log/neutron/l3-agent.log',
'/var/log/neutron/lbaas-agent.log',
'/var/log/neutron/ibm-agent.log',
'/var/log/neutron/linuxbridge-agent.log',
'/var/log/neutron/metadata-agent.log',
'/var/log/neutron/metering_agent.log',
'/var/log/neutron/mlnx-agent.log',
'/var/log/neutron/nec-agent.log',
'/var/log/neutron/nvsd-agent.log',
'/var/log/neutron/openflow-agent.log',
'/var/log/neutron/openvswitch-agent.log',
'/var/log/neutron/ovs-cleanup.log',
'/var/log/neutron/ryu-agent.log',
'/var/log/neutron/server.log',
'/var/log/neutron/sriov-agent.log',
'/var/log/neutron/vpn_agent.log',
]
adduser('neutron', shell='/bin/bash', system_user=True)
add_group('neutron', system_group=True)
add_user_to_group('neutron', 'neutron')
for d in dirs:
mkdir(d, owner='neutron', group='neutron', perms=0755, force=False)
for l in logs:
write_file(l, '', owner='neutron', group='neutron', perms=0644)
def install():
status_set('maintenance', 'Installing PDI')
adduser('etl')
mkdir('/home/etl')
chownr('/home/etl', 'etl', 'etl', chowntopdir=True)
os.chmod('/home/etl', 0o755)
#au = ArchiveUrlFetchHandler()
#au.install(hookenv.config()['pdi_url'], '/opt/')
pdiarchive = hookenv.resource_get('pdi-archive')
tar = tarfile.open(pdiarchive)
tar.extractall("/opt/")
chownr('/opt/data-integration', 'etl', 'etl', chowntopdir=True)
st = os.stat('/opt/data-integration/spoon.sh')
os.chmod('/opt/data-integration/spoon.sh', st.st_mode | stat.S_IEXEC)
os.chmod('/opt/data-integration/carte.sh', st.st_mode | stat.S_IEXEC)
os.chmod('/opt/data-integration/encr.sh', st.st_mode | stat.S_IEXEC)
os.chmod('/opt/data-integration/kitchen.sh', st.st_mode | stat.S_IEXEC)
os.chmod('/opt/data-integration/pan.sh', st.st_mode | stat.S_IEXEC)
status_set('maintenance', 'PDI Installed')
set_state('pdi.installed')
def test_adds_a_systemuser(self, log, check_call, getpwnam):
username = '******'
existing_user_pwnam = KeyError('user not found')
new_user_pwnam = 'some user pwnam'
getpwnam.side_effect = [existing_user_pwnam, new_user_pwnam]
result = host.adduser(username, system_user=True)
self.assertEqual(result, new_user_pwnam)
check_call.assert_called_with(['useradd', '--system', username])
getpwnam.assert_called_with(username)
def git_pre_install():
"""Perform pre-install setup."""
dirs = [
'/var/lib/neutron',
'/var/lib/neutron/lock',
'/var/log/neutron',
]
logs = [
'/var/log/neutron/server.log',
]
adduser('neutron', shell='/bin/bash', system_user=True)
add_group('neutron', system_group=True)
add_user_to_group('neutron', 'neutron')
for d in dirs:
mkdir(d, owner='neutron', group='neutron', perms=0755, force=False)
for l in logs:
write_file(l, '', owner='neutron', group='neutron', perms=0600)
def git_pre_install():
"""Perform glance pre-install setup."""
dirs = [
'/var/lib/astara',
'/var/log/astara',
'/etc/astara',
]
logs = [
'/var/log/astara/astara-orchestrator.log',
]
adduser('astara', shell='/bin/bash', system_user=True)
add_group('astara', system_group=True)
add_user_to_group('astara', 'astara')
for d in dirs:
mkdir(d, owner='astara', group='astara', perms=0755, force=False)
for l in logs:
write_file(l, '', owner='astara', group='astara', perms=0600)
def git_pre_install():
"""Perform pre-install setup."""
dirs = [
'/var/lib/neutron',
'/var/lib/neutron/lock',
'/var/log/neutron',
]
logs = [
'/var/log/neutron/server.log',
]
adduser('neutron', shell='/bin/bash', system_user=True)
add_group('neutron', system_group=True)
add_user_to_group('neutron', 'neutron')
for d in dirs:
mkdir(d, owner='neutron', group='neutron', perms=0755, force=False)
for l in logs:
write_file(l, '', owner='neutron', group='neutron', perms=0600)
def test_doesnt_add_user_if_it_already_exists(self, log, check_call,
getpwnam):
username = '******'
password = '******'
existing_user_pwnam = 'some user pwnam'
getpwnam.return_value = existing_user_pwnam
result = host.adduser(username, password)
self.assertEqual(result, existing_user_pwnam)
self.assertFalse(check_call.called)
getpwnam.assert_called_with(username)
def install_mattermost():
"""Grab the mattermost binary, unpack, install
to /srv.
"""
status_set('maintenance', "Installing Mattermost")
# Create mattermost user & group if not exists
if not group_exists('mattermost'):
add_group("mattermost")
if not user_exists('mattermost'):
adduser("mattermost", system_user=True)
# Get and uppack resource
if os.path.exists('/srv/mattermost'):
shutil.rmtree('/srv/mattermost')
mattermost_bdist = resource_get('bdist')
extract_tarfile(mattermost_bdist, destpath="/srv")
# Create data + log + config dirs
for dir in ("data", "logs", "config"):
os.makedirs(os.path.join("/srv/mattermost", dir),
mode=0o700,
exist_ok=True)
shutil.chown(os.path.join("/srv/mattermost", dir),
user="******",
group="mattermost")
# Render systemd template
render(source="mattermost.service.tmpl",
target="/etc/systemd/system/mattermost.service",
perms=0o644,
owner="root",
context={})
check_call(['systemctl', 'daemon-reload'])
set_state('mattermost.installed')
status_set('active', 'Mattermost installation complete')
def git_pre_install():
"""Perform glance pre-install setup."""
dirs = [
"/var/lib/glance",
"/var/lib/glance/images",
"/var/lib/glance/image-cache",
"/var/lib/glance/image-cache/incomplete",
"/var/lib/glance/image-cache/invalid",
"/var/lib/glance/image-cache/queue",
"/var/log/glance",
]
logs = ["/var/log/glance/glance-api.log", "/var/log/glance/glance-registry.log"]
adduser("glance", shell="/bin/bash", system_user=True)
add_group("glance", system_group=True)
add_user_to_group("glance", "glance")
for d in dirs:
mkdir(d, owner="glance", group="glance", perms=0755, force=False)
for l in logs:
write_file(l, "", owner="glance", group="glance", perms=0600)
def git_pre_install():
"""Perform horizon pre-install setup."""
dirs = [
'/etc/openstack-dashboard',
'/usr/share/openstack-dashboard',
'/usr/share/openstack-dashboard/bin/less',
'/usr/share/openstack-dashboard-ubuntu-theme/static/ubuntu/css',
'/usr/share/openstack-dashboard-ubuntu-theme/static/ubuntu/img',
'/usr/share/openstack-dashboard-ubuntu-theme/templates',
'/var/lib/openstack-dashboard',
]
adduser('horizon', shell='/bin/bash', system_user=True)
subprocess.check_call(['usermod', '--home',
'/usr/share/openstack-dashboard/', 'horizon'])
add_group('horizon', system_group=True)
add_user_to_group('horizon', 'horizon')
for d in dirs:
if d is '/var/lib/openstack-dashboard':
mkdir(d, owner='horizon', group='horizon', perms=0700, force=False)
else:
mkdir(d, owner='root', group='root', perms=0755, force=False)
def git_pre_install():
"""Perform pre-install setup."""
dirs = [
'/var/lib/nova',
'/var/lib/nova/buckets',
'/var/lib/nova/CA',
'/var/lib/nova/CA/INTER',
'/var/lib/nova/CA/newcerts',
'/var/lib/nova/CA/private',
'/var/lib/nova/CA/reqs',
'/var/lib/nova/images',
'/var/lib/nova/instances',
'/var/lib/nova/keys',
'/var/lib/nova/networks',
'/var/lib/nova/tmp',
'/var/log/nova',
]
logs = [
'/var/log/nova/nova-api.log',
'/var/log/nova/nova-compute.log',
'/var/log/nova/nova-manage.log',
'/var/log/nova/nova-network.log',
]
adduser('nova', shell='/bin/bash', system_user=True)
check_call(['usermod', '--home', '/var/lib/nova', 'nova'])
add_group('nova', system_group=True)
add_user_to_group('nova', 'nova')
add_user_to_group('nova', 'libvirtd')
for d in dirs:
mkdir(d, owner='nova', group='nova', perms=0755, force=False)
for l in logs:
write_file(l, '', owner='nova', group='nova', perms=0644)
def install():
packages = ['openjdk-7-jre-headless', 'python-jinja2']
apt_update()
apt_install(packages, FATAL=True)
uid = adduser(LS_USER).pw_uid
mkdir(LS_DIR, LS_USER)
mkdir(LS_CONF_DIR, LS_USER)
# touch the log
with open(LS_LOG, 'a'):
os.utime(LS_LOG, None)
os.chown(LS_LOG, uid)
conf_src = os.path.join(os.environ['CHARM_DIR'], 'files', 'logstash.conf')
conf_dest = os.path.join(os.path.sep, 'etc', 'init', 'logstash.conf')
shutil.copyfile(conf_src, conf_dest)
def get_user():
"""Helper to ensure our user exists and return the username.
"""
if not user_exists(USER):
adduser(USER, shell='/bin/false', system_user=True)
return USER
def add_user_group():
host.adduser(REDDIT_USER)
host.add_user_to_group(REDDIT_USER, REDDIT_GROUP)
host.chownr(REDDIT_HOME, REDDIT_USER, REDDIT_GROUP)