def do_deploy_async(self, values, sender=None):
log.debug9("TRACE: do_deploy_async")
# Do the magic
#
# In case of error raise an exception
# Get the domain name from the passed-in settings
# or set it to the instance name if ommitted
if 'domain_name' not in values:
values['domain_name'] = self.get_name()
if not self._valid_fqdn(values['domain_name']):
raise RolekitError(
INVALID_VALUE,
"Invalid domain name: %s" % values['domain_name'])
if "host_name" not in values:
# Let's construct a new host name.
host_part = self._get_hostname()
if host_part.startswith("localhost"):
# We'll assign a random hostname starting with "dc-"
random_part = ''.join(
random.choice(string.ascii_lowercase) for _ in range(16))
host_part = "dc-%s" % random_part
values['host_name'] = "%s.%s" % (host_part, values['domain_name'])
if not self._valid_fqdn(values['host_name']):
raise RolekitError(INVALID_VALUE,
"Invalid host name: %s" % values['host_name'])
# Change the hostname with the hostnamectl API
yield set_hostname(values['host_name'])
# If left unspecified, default the realm to the
# upper-case version of the domain name
if 'realm_name' not in values:
values['realm_name'] = values['domain_name'].upper()
# If left unspecified, assign a random password for
# the administrative user
if 'admin_password' not in values:
admin_pw_provided = False
values['admin_password'] = generate_password()
else:
admin_pw_provided = True
# If left unspecified, assign a random password for
# the directory manager
if 'dm_password' not in values:
dm_pw_provided = False
values['dm_password'] = generate_password()
else:
dm_pw_provided = True
# Call ipa-server-install with the requested arguments
ipa_install_args = [
'ipa-server-install',
'-U',
'-r',
values['realm_name'],
'-d',
values['domain_name'],
'-p',
values['dm_password'],
'-a',
values['admin_password'],
]
# If the user has requested the DNS server, enable it
if 'serve_dns' not in values:
values['serve_dns'] = self._settings['serve_dns']
if values['serve_dns']:
ipa_install_args.append('--setup-dns')
# Pass the primary IP address
if 'primary_ip' in values:
ipa_install_args.append('--ip-address=%s' %
values['primary_ip'])
# if the user has requested DNS forwarders, add them
if 'dns_forwarders' in values:
[
ipa_install_args.append("--forwarder=%s" % x)
for x in values['dns_forwarders']['ipv4']
]
[
ipa_install_args.append("--forwarder=%s" % x)
for x in values['dns_forwarders']['ipv6']
]
else:
ipa_install_args.append('--no-forwarders')
# If the user has requested the reverse zone add it
if 'reverse_zone' in values:
for zone in values['reverse_zone']:
ipa_install_args.append('--reverse-zone=%s' % zone)
else:
ipa_install_args.append('--no-reverse')
# If the user has requested a specified ID range,
# set up the argument to ipa-server-install
if 'id_start' in values or 'id_max' in values:
if ('id_start' not in values or 'id_max' not in values
or not values['id_start'] or not values['id_max']):
raise RolekitError(
INVALID_VALUE, "Must specify id_start and id_max together")
if (values['id_start'] and values['id_max'] <= values['id_start']):
raise RolekitError(INVALID_VALUE,
"id_max must be greater than id_start")
ipa_install_args.append('--idstart=%d' % values['id_start'])
ipa_install_args.append('--idmax=%d' % values['id_max'])
# TODO: If the user has specified a root CA file,
# set up the argument to ipa-server-install
# Remove the passwords from the values so
# they won't be saved to the settings
if admin_pw_provided:
values.pop('admin_password', None)
if dm_pw_provided:
values.pop('dm_password', None)
result = yield async .subprocess_future(ipa_install_args)
if result.status:
# If the subprocess returned non-zero, raise an exception
raise RolekitError(COMMAND_FAILED, "%d" % result.status)
# Create the systemd target definition
target = RoleDeploymentValues(self.get_type(), self.get_name(),
"Domain Controller")
target.add_required_units(['ipa.service'])
# We're done!
yield target
def do_deploy_async(self, values, sender=None):
log.debug9("TRACE: do_deploy_async")
# Do the magic
#
# In case of error raise an exception
# Get the domain name from the passed-in settings
# or set it to the instance name if ommitted
if 'domain_name' not in values:
values['domain_name'] = self.get_name()
if not self._valid_fqdn(values['domain_name']):
raise RolekitError(INVALID_VALUE,
"Invalid domain name: %s" % values['domain_name'])
if "host_name" not in values:
# Let's construct a new host name.
host_part = self._get_hostname()
if host_part.startswith("localhost"):
# We'll assign a random hostname starting with "dc-"
random_part = ''.join(random.choice(string.ascii_lowercase)
for _ in range(16))
host_part = "dc-%s" % random_part
values['host_name'] = "%s.%s" % (host_part, values['domain_name'])
if not self._valid_fqdn(values['host_name']):
raise RolekitError(INVALID_VALUE,
"Invalid host name: %s" % values['host_name'])
# Change the hostname with the hostnamectl API
yield set_hostname(values['host_name'])
# If left unspecified, default the realm to the
# upper-case version of the domain name
if 'realm_name' not in values:
values['realm_name'] = values['domain_name'].upper()
# If left unspecified, assign a random password for
# the administrative user
if 'admin_password' not in values:
admin_pw_provided = False
values['admin_password'] = generate_password()
else:
admin_pw_provided = True
# If left unspecified, assign a random password for
# the directory manager
if 'dm_password' not in values:
dm_pw_provided = False
values['dm_password'] = generate_password()
else:
dm_pw_provided = True
# Call ipa-server-install with the requested arguments
ipa_install_args = [
'ipa-server-install', '-U',
'-r', values['realm_name'],
'-d', values['domain_name'],
'-p', values['dm_password'],
'-a', values['admin_password'],
]
# If the user has requested the DNS server, enable it
if 'serve_dns' not in values:
values['serve_dns'] = self._settings['serve_dns']
if values['serve_dns']:
ipa_install_args.append('--setup-dns')
# Pass the primary IP address
if 'primary_ip' in values:
ipa_install_args.append('--ip-address=%s' %
values['primary_ip'])
# if the user has requested DNS forwarders, add them
if 'dns_forwarders' in values:
[ipa_install_args.append("--forwarder=%s" % x)
for x in values['dns_forwarders']['ipv4']]
[ipa_install_args.append("--forwarder=%s" % x)
for x in values['dns_forwarders']['ipv6']]
else:
ipa_install_args.append('--no-forwarders')
# If the user has requested the reverse zone add it
if 'reverse_zone' in values:
for zone in values['reverse_zone']:
ipa_install_args.append('--reverse-zone=%s' % zone)
else:
ipa_install_args.append('--no-reverse')
# If the user has requested a specified ID range,
# set up the argument to ipa-server-install
if 'id_start' in values or 'id_max' in values:
if ('id_start' not in values or
'id_max' not in values or
not values['id_start'] or
not values['id_max']):
raise RolekitError(INVALID_VALUE,
"Must specify id_start and id_max together")
if (values['id_start'] and values['id_max'] <= values['id_start']):
raise RolekitError(INVALID_VALUE,
"id_max must be greater than id_start")
ipa_install_args.append('--idstart=%d' % values['id_start'])
ipa_install_args.append('--idmax=%d' % values['id_max'])
# TODO: If the user has specified a root CA file,
# set up the argument to ipa-server-install
# Remove the passwords from the values so
# they won't be saved to the settings
if admin_pw_provided:
values.pop('admin_password', None)
if dm_pw_provided:
values.pop('dm_password', None)
result = yield async.subprocess_future(ipa_install_args)
if result.status:
# If the subprocess returned non-zero, raise an exception
raise RolekitError(COMMAND_FAILED, "%d" % result.status)
# Create the systemd target definition
target = RoleDeploymentValues(self.get_type(), self.get_name(),
"Domain Controller")
target.add_required_units(['ipa.service'])
# We're done!
yield target
def do_deploy_async(self, values, sender=None):
log.debug9("TRACE: do_deploy_async")
# Do the magic
#
# In case of error raise an exception
# Ensure we have all the mandatory arguments
if 'admin_password' not in values:
raise RolekitError(INVALID_VALUE, "admin_password unset")
# If the hostname wasn't specified, get it from the system
fqdn = socket.getfqdn()
if 'host_name' not in values:
values['host_name'] = fqdn
# Make sure this is a real hostname, not localhost.localdomain
if values['host_name'].startswith("localhost"):
raise RolekitError(INVALID_VALUE, "invalid hostname")
# We have been asked to change the hostname as part of the
# creation of the domain controller
if values['host_name'] != fqdn:
# Change the domain with the hostnamectl API
yield set_hostname(values['host_name'])
# Set the domain to the domain part of the
if 'domain_name' not in values:
values['domain_name'] = self._get_domain()
# If left unspecified, default the realm to the
# upper-case version of the domain name
if 'realm_name' not in values:
values['realm_name'] = values['domain_name'].upper()
# If left unspecified, assign a random password for
# the directory manager
if 'dm_password' not in values:
# Generate a random password
values['dm_password'] = generate_password()
# Call ipa-server-install with the requested arguments
ipa_install_args = [
'ipa-server-install', '-U',
'-r', values['realm_name'],
'-d', values['domain_name'],
'-p', values['dm_password'],
'-a', values['admin_password'],
]
# If the user has requested the DNS server, enable it
if 'serve_dns' not in values:
values['serve_dns'] = self._settings['serve_dns']
if values['serve_dns']:
ipa_install_args.append('--setup-dns')
# Pass the primary IP address
if 'primary_ip' in values:
ipa_install_args.append('--ip-address=%s' %
values['primary_ip'])
# if the user has requested DNS forwarders, add them
if 'dns_forwarders' in values:
[ipa_install_args.append("--forwarder=%s" % x)
for x in values['dns_forwarders']['ipv4']]
[ipa_install_args.append("--forwarder=%s" % x)
for x in values['dns_forwarders']['ipv6']]
pass
else:
ipa_install_args.append('--no-forwarders')
# If the user has requested the reverse zone add it
if 'reverse_zone' in values:
for zone in values['reverse_zone']:
ipa_install_args.append('--reverse-zone=%s' % zone)
else:
ipa_install_args.append('--no-reverse')
# If the user has requested a specified ID range,
# set up the argument to ipa-server-install
if 'id_start' in values or 'id_max' in values:
if ('id_start' not in values or
'id_max' not in values or
not values['id_start'] or
not values['id_max']):
raise RolekitError(INVALID_VALUE,
"Must specify id_start and id_max together")
if (values['id_start'] and values['id_max'] <= values['id_start']):
raise RolekitError(INVALID_VALUE,
"id_max must be greater than id_start")
ipa_install_args.append('--idstart=%d' % values['id_start'])
ipa_install_args.append('--idmax=%d' % values['id_max'])
# TODO: If the user has specified a root CA file,
# set up the argument to ipa-server-install
# Remove the admin_password from the values so
# it won't be saved to the settings
values.pop('admin_password', None)
result = yield async.subprocess_future(ipa_install_args)
if result.status:
# If the subprocess returned non-zero, raise an exception
raise RolekitError(COMMAND_FAILED, "%d" % result.status)
# Create the systemd target definition
target = {'Role': 'domaincontroller',
'Instance': self.get_name(),
'Description': "Domain Controller Role - %s" %
self.get_name(),
'Wants': ['ipa.service'],
'After': ['syslog.target', 'network.target']}
# We're done!
yield target
def do_deploy_async(self, values, sender=None):
log.debug9("TRACE: do_deploy_async")
# Do the magic
#
# In case of error raise an exception
# Ensure we have all the mandatory arguments
if 'admin_password' not in values:
raise RolekitError(INVALID_VALUE, "admin_password unset")
# If the hostname wasn't specified, get it from the system
fqdn = socket.getfqdn()
if 'host_name' not in values:
values['host_name'] = fqdn
# Make sure this is a real hostname, not localhost.localdomain
if values['host_name'].startswith("localhost"):
raise RolekitError(INVALID_VALUE, "invalid hostname")
# We have been asked to change the hostname as part of the
# creation of the domain controller
if values['host_name'] != fqdn:
# Change the domain with the hostnamectl API
yield set_hostname(values['host_name'])
# Set the domain to the domain part of the
if 'domain_name' not in values:
values['domain_name'] = self._get_domain()
# If left unspecified, default the realm to the
# upper-case version of the domain name
if 'realm_name' not in values:
values['realm_name'] = values['domain_name'].upper()
# If left unspecified, assign a random password for
# the directory manager
if 'dm_password' not in values:
# Generate a random password
values['dm_password'] = generate_password()
# Call ipa-server-install with the requested arguments
ipa_install_args = [
'ipa-server-install',
'-U',
'-r',
values['realm_name'],
'-d',
values['domain_name'],
'-p',
values['dm_password'],
'-a',
values['admin_password'],
]
# If the user has requested the DNS server, enable it
if 'serve_dns' not in values:
values['serve_dns'] = self._settings['serve_dns']
if values['serve_dns']:
ipa_install_args.append('--setup-dns')
# Pass the primary IP address
if 'primary_ip' in values:
ipa_install_args.append('--ip-address=%s' %
values['primary_ip'])
# if the user has requested DNS forwarders, add them
if 'dns_forwarders' in values:
[
ipa_install_args.append("--forwarder=%s" % x)
for x in values['dns_forwarders']['ipv4']
]
[
ipa_install_args.append("--forwarder=%s" % x)
for x in values['dns_forwarders']['ipv6']
]
pass
else:
ipa_install_args.append('--no-forwarders')
# If the user has requested the reverse zone add it
if 'reverse_zone' in values:
for zone in values['reverse_zone']:
ipa_install_args.append('--reverse-zone=%s' % zone)
else:
ipa_install_args.append('--no-reverse')
# If the user has requested a specified ID range,
# set up the argument to ipa-server-install
if 'id_start' in values or 'id_max' in values:
if ('id_start' not in values or 'id_max' not in values
or not values['id_start'] or not values['id_max']):
raise RolekitError(
INVALID_VALUE, "Must specify id_start and id_max together")
if (values['id_start'] and values['id_max'] <= values['id_start']):
raise RolekitError(INVALID_VALUE,
"id_max must be greater than id_start")
ipa_install_args.append('--idstart=%d' % values['id_start'])
ipa_install_args.append('--idmax=%d' % values['id_max'])
# TODO: If the user has specified a root CA file,
# set up the argument to ipa-server-install
# Remove the admin_password from the values so
# it won't be saved to the settings
values.pop('admin_password', None)
result = yield async .subprocess_future(ipa_install_args)
if result.status:
# If the subprocess returned non-zero, raise an exception
raise RolekitError(COMMAND_FAILED, "%d" % result.status)
# Create the systemd target definition
target = {
'Role': 'domaincontroller',
'Instance': self.get_name(),
'Description': "Domain Controller Role - %s" % self.get_name(),
'Wants': ['ipa.service'],
'After': ['syslog.target', 'network.target']
}
# We're done!
yield target
