def configure(servers, peers, offset):
"""Configure the local NTP server with the given time references.
This writes new ``chrony.chrony.conf`` and ``chrony.maas.conf`` files,
using ``sudo`` in production.
:param servers: An iterable of server addresses -- IPv4, IPv6, hostnames
-- to use as time references.
:param peers: An iterable of peer addresses -- IPv4, IPv6, hostnames -- to
use as time references.
:param offset: A relative stratum within MAAS's world. A region controller
would be 0 and a rack controller would be 1.
"""
ntp_maas_conf = _render_ntp_maas_conf(servers, peers, offset)
ntp_maas_conf_path = get_tentative_data_path("etc", _ntp_maas_conf_name)
sudo_write_file(
ntp_maas_conf_path,
ntp_maas_conf.encode("utf-8"),
mode=0o644)
ntp_conf = _render_ntp_conf(ntp_maas_conf_path)
ntp_conf_path = get_tentative_data_path("etc", _ntp_conf_name)
sudo_write_file(
ntp_conf_path,
ntp_conf.encode("utf-8"),
mode=0o644)
class DHCPv6Server(DHCPServer):
"""Represents the settings for a DHCPv6 server.
See `DHCPServer`.
"""
descriptive_name = "DHCPv6"
template_basename = 'dhcpd6.conf.template'
interfaces_filename = get_tentative_data_path(DHCPv6_INTERFACES_FILE)
config_filename = get_tentative_data_path(DHCPv6_CONFIG_FILE)
dhcp_service = "dhcpd6"
ipv6 = True
class DHCPv4Server(DHCPServer):
"""Represents the settings for a DHCPv4 server.
See `DHCPServer`.
"""
descriptive_name = "DHCPv4"
template_basename = "dhcpd.conf.template"
interfaces_filename = get_tentative_data_path(DHCPv4_INTERFACES_FILE)
config_filename = get_tentative_data_path(DHCPv4_CONFIG_FILE)
dhcp_service = "dhcpd"
ipv6 = False
def test_byte_path(self):
filename = b"/foo/bar/123:456.txt"
expected = get_tentative_data_path(
"/run/lock/maas@foo:bar:123::456.txt"
)
observed = RunLock(filename).path
self.assertEqual(expected, observed)
def get_maas_cert_tuple():
"""Return a 2-tuple with certificate and private key paths.
The format is the same used by python-requests."""
if running_in_snap():
cert_dir = SnapPaths.from_environ().common / "certificates"
private_key = cert_dir / "maas.key"
certificate = cert_dir / "maas.crt"
else:
private_key = Path(
get_tentative_data_path("/etc/maas/certificates/maas.key"))
certificate = Path(
get_tentative_data_path("/etc/maas/certificates/maas.crt"))
if not private_key.exists() or not certificate.exists():
return None
return str(certificate), str(private_key)
class ClusterConfiguration(Configuration, metaclass=ClusterConfigurationMeta):
"""Local configuration for the MAAS cluster."""
maas_url = ConfigurationOption(
"maas_url", "The HTTP URL for the MAAS region.",
ExtendedURL(require_tld=False,
if_missing="http://localhost:5240/MAAS"))
# TFTP options.
tftp_port = ConfigurationOption(
"tftp_port", "The UDP port on which to listen for TFTP requests.",
Number(min=0, max=(2**16) - 1, if_missing=69))
tftp_root = ConfigurationOption(
"tftp_root",
"The root directory for TFTP resources.",
DirectoryString(
# Don't validate values that are already stored.
accept_python=True,
if_missing=get_tentative_data_path(
"/var/lib/maas/boot-resources/current")))
# GRUB options.
@property
def grub_root(self):
"The root directory for GRUB resources."
return os.path.join(self.tftp_root, "grub")
# NodeGroup UUID Option, used for migrating to rack controller
cluster_uuid = ConfigurationOption("cluster_uuid",
"The UUID for this cluster controller",
UUIDString(if_missing=UUID_NOT_SET))
def _get_default_filename(cls):
# Get the configuration filename from the environment. Failing that,
# look for the configuration in its default locations.
filename = environ.get(cls.envvar)
if filename is None or len(filename) == 0:
return get_tentative_data_path(cls.default)
else:
return filename
def get_http_config_dir():
"""Location of MAAS' http configuration files."""
setting = os.getenv("MAAS_HTTP_CONFIG_DIR",
get_tentative_data_path("/var/lib/maas/http"))
if isinstance(setting, bytes):
fsenc = sys.getfilesystemencoding()
return setting.decode(fsenc)
else:
return setting
def _render_ntp_conf(includefile):
"""Render ``ntp.conf`` based on the existing configuration.
This configuration includes the file named by `includefile`.
"""
ntp_conf_path = get_tentative_data_path("etc", _ntp_conf_name)
with open(ntp_conf_path, "r", encoding="utf-8") as fd:
lines = _render_ntp_conf_from_source(fd, includefile)
return "".join(lines)
def locate_config(*path: Tuple[str]):
"""Return the location of a given config file or directory.
:param path: Path elements to resolve relative to `${MAAS_ROOT}/etc/maas`.
"""
# The `os.curdir` avoids a crash when `path` is empty.
path = os.path.join(os.curdir, *path)
if os.path.isabs(path):
return path
else:
# Avoid circular imports.
from provisioningserver.path import get_tentative_data_path
return get_tentative_data_path("etc", "maas", path)
def test_string_name(self):
name = factory.make_name("lock")
expected = get_tentative_data_path("/run/lock/maas:" + name)
observed = NamedLock(name).path
self.assertEqual(expected, observed)
from provisioningserver.path import get_tentative_data_path
from provisioningserver.utils.fs import NamedLock
from provisioningserver.utils.snappy import (
get_snap_common_path,
running_in_snap,
)
if running_in_snap():
MAAS_PRIVATE_KEY = os.path.join(get_snap_common_path(), "certificates",
"maas.key")
MAAS_PUBLIC_KEY = os.path.join(get_snap_common_path(), "certificates",
"maas.pub")
MAAS_CERTIFICATE = os.path.join(get_snap_common_path(), "certificates",
"maas.crt")
else:
MAAS_PRIVATE_KEY = get_tentative_data_path(
"/etc/maas/certificates/maas.key")
MAAS_PUBLIC_KEY = get_tentative_data_path(
"/etc/maas/certificates/maas.pub")
MAAS_CERTIFICATE = get_tentative_data_path(
"/etc/maas/certificates/maas.crt")
def generate_rsa_keys_if_needed():
"""Generate RSA keys for MAAS.
Returns True if a new RSA key was generated.
"""
if os.path.isfile(MAAS_PRIVATE_KEY):
return False
try:
with NamedLock("RSA"):
def test__string_path(self):
filename = '/foo/bar/123:456.txt'
expected = get_tentative_data_path(
'/run/lock/maas@foo:bar:123::456.txt')
observed = RunLock(filename).path
self.assertEqual(expected, observed)