diff --git a/.github/ISSUE_TEMPLATE.md b/.github/ISSUE_TEMPLATE.md new file mode 100644 index 000000000..02ede2297 --- /dev/null +++ b/.github/ISSUE_TEMPLATE.md @@ -0,0 +1,11 @@ +### Description of Issue/Question + +### Setup +(Please provide relevant configs (Be sure to remove sensitive info).) + +### Steps to Reproduce Issue +(Include debug logs if possible, `bootstrap-salt.sh -D`.) + +### Versions and Systems +(`salt --versions-report`, `bootstrap-salt.sh -v`, system type and version, +cloud/VM provider as appropriate.) diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md new file mode 100644 index 000000000..4d38780d6 --- /dev/null +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -0,0 +1,13 @@ +### What does this PR do? + +### What issues does this PR fix or reference? + +### Previous Behavior +Remove this section if not relevant + +### New Behavior +Remove this section if not relevant + +### Tests written? + +Yes/No diff --git a/AUTHORS.rst b/AUTHORS.rst index aa19bcbb0..84b741043 100644 --- a/AUTHORS.rst +++ b/AUTHORS.rst @@ -7,12 +7,16 @@ order. ========================== ===================== ============================ Name Nick Email ========================== ===================== ============================ +abednarik abednarik alejandro.bednarik@gmail.com +Adam Wright hipikat adam@hipikat.org Alec Koumjian akoumjian akoumjian@gmail.com Alex Van't Hof alexvh Angelo Gründler plueschopath angelo.gruendler@w1r3.net Ari Aosved devaos ari.aosved@gmail.com +Beau Hargis beaucephus beau@customermobile.com Boris Feld Lothiraldan Brad Thurber bradthurber +Brandon Clifford brandon099 brandon.clifford@vivint.com Bret Fisher BretFisher bret@fishbrains.com bruce-one bruce-one C. R. Oldham cro cr@saltstack.com @@ -20,10 +24,12 @@ Cam camereonsparr Chris Rebert cvrebert chris.rebert@hulu.com Chris Buechler cbuechler cmb@pfsense.org Christer Edwards cedwards -denmat denmat +Clark Perkins iclarkperkins clark.perkins@digitalreasoning.com Dag Viggo Lokøen dagvl dag.viggo@lokoen.org Dan Mick dmick dan.mick@inktank.com David J. Felix DavidJFelix +denmat denmat +Denys Havrysh vutny denys.gavrysh@gmail.com deployboy deployboy Diego Woitasen diegows diego@flugel.it Elias Probst eliasp @@ -33,6 +39,7 @@ EYJ eyj Forrest Alvarez gravyboat Fred Reimer freimer freimer@freimer.org Geoff Garside geoffgarside geoff@geoffgarside.co.uk +gdm85 gdm85 ggillies ggillies Giuseppe Iannello giannello giuseppe.iannello@brokenloop.net Gregory Meno GregMeno gregory.meno@inktank.com @@ -40,26 +47,32 @@ Guillaume Derval GuillaumeDerval guillaume@guillaumederval.be gweis gweis Henrik Holmboe holmboe Howard Mei HowardMei howardleomei@gmail.com +Jared E Stroud jaredestroud jaredestroud@gmail.com Jeff Hui jeffh jeff@jeffhui.net Jeff Strunk jstrunk Juan A. Moyano wincus wincus.public@gmail.com +Justin Anderson jtand janderson@saltstack.com +Justin Findlay jfindlay jfindlay@gmail.com Karl Grzeszczak karlgrz Kenneth Wilke KennethWilke lomeroe lomeroe Liu Xiaohui oreh herolxh@gmail.com Mark Lee malept +Marcus Furlong furlongm furlongm@gmail.com markgaylard markgaylard Matt Black mafrosis Matthew Garrett cingeyedog matt@clemson.edu Matthew Mead-Briggs mattmb Matthew Willson ixela Matthieu Guegan mguegan +Michael A. Smith kojiromike michaels@syapse.com Michael Scherer mscherer Michele Bologna mbologna michele.bologna@gmail.com Mike Carlson m87carlson mike@bayphoto.com Mike Place cachedout mp@saltstack.com nevins-b nevins-b -Niels Abspoel aboe76 +Nicole Thomas rallytime nicole@saltstack.com +Niels Abspoel aboe76 aboe76@gmail.com Nitin Madhok nmadhok nmadhok@clemson.edu panticz panticz Paul Brian lifeisstillgood paul@mikadosoftware.com @@ -67,16 +80,26 @@ Pavel Snagovsky paha Pedro Algarvio s0undt3ch pedro@algarvio.me Pedro Paulo pedropaulovc Peter Tripp notpeter +Prayag Verma pra85 prayag.verma@gmail.com ptonelli ptonelli +Randy Thompson beardedeagle randy@heroictek.com Raymond Barbiero visualphoenix Rob Eden hedinfaok +Robert James Hernandez l2ol33rt l2ol33rt@gmail.com Roberto Aguilar rca roberto@baremetal.io Roman Inflianskas rominf infroma@gmail.com +Roman Mohr rmohr rmohr@redhat.com Ronald van Zantvoort The-Loeki ronald@pcextreme.nl +RuriRyan RuriRyan ryan@btsoft.eu +Ryan Walder ryanwalder ryanwalder@ucds.email +Sergey Paramonov serge-p serg.paramonov@s-vp.com +Shawn Butts shawnbutts Skyler Berg skylerberg skylertheberg@gmail.com Stanislav B stanislavb +Steve Groesz wolfpackmars2 wolfpackmars2@yahoo.com Tate Eskew tateeskew Thomas S. Hatch thatch45 thatch45@saltstack.com +Tobias Jungel toanju Tobias.Jungel@gmail.com Tony Narlock tony Valentin Bud valentinbud valentin@databus.pro Vladimir Kozhukalov kozhukalov diff --git a/ChangeLog b/ChangeLog index ff7ccb160..5b7fcbf05 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,58 @@ +Version 2016.04.18: + * Add support for openSUSE Leap. Thanks Roman Inflianskas(rominf). #693 + * Fix missing deps installation on Debian. Thanks Steve Groesz(wolfpackmars2). #699 + * Update SaltStack repo location and latest version for Windows. (brandon099) #711 + * Better EPEL repository detection on RHEL and CentOS. (vutny) #717 + * Fix git invocation fail when `man` command is not available. (vutny) #718 + * Fix `epel-release` package installation on CentOS/RHEL 5. (vutny) #719 + * Removed deprecated cli option. (abednarik) #705 + * Remove RHEL optional repo check and enable. (vutny) #720 + * Remove SaltStack COPR repository configuration for CentOS/RHEL5. (vutny) #721 + * Add opensuse_Tumbleweed support. (aboe76) #725 + * Sometimes bootstrap doesn't install zmq. (jtand) #726 + * Process -s (default sleep for service restarts) in bootstrap-salt.sh. (hipikat) #692 + * Minion keys and /etc/salt/minion should be overwritten on -C. (cro) #541 + * Fix for -C (_CONFIG_ONLY). (beaucephus) #544 + * Fix when using upstream tags. (The-Loeki) #564 + * COPR project moved. (rmohr) #738 + * Update license year range. (pra85) #743 + * Use POSIX-Compliant Command-Exists Test. (kojiromike) #741 + * Add -f option to force shallow cloning. (eyj) #660 + * add SLE 12 support, fix OpenSUSE support. (grep4linux) #748 + * Fix CentOS git setup.py syntax error upon installation. (The-Loeki) #746 + * Enable shallow cloning for version branches by default, not only tags. (vutny) #750 + * do not install copr repo on fedora 22+. (toanju) #751 + * Add support for pegged versions on YUM based OS'ses through repo.saltstack.com. (The-Loeki) #685 + * fix for FreeBSD 11 CURRENT install functions. (serge-p) #723 + * Don't add zypp repo if it already exists. (furlongm) #731 + * switch repositories for suse and sles fixes `#706`_. (aboe76) #734 + * Reformat and correct usage instructions. (vutny) #755 + * fixed missing repo for suse 12. (aboe76) #756 + * fix for Amazon Linux. (shawnbutts) #700 + * adding support for OpenBSD distribution. (serge-p) #722 + * fixing syntax errors. (beardedeagle) #760 + * Import CentOS 7 GPG key on RHEL for installing base dependencies from Salt corp repo. (vutny) #765 + * Fix multiple lint errors (shellcheck) and make some refactoring. (vutny) #768 + * Fix sleep time option to recognize a numeric argument. (vutny) #771 + * Update README. (vutny) #787 + * get tornado from pip on a fedora git install. (jfindlay) #785 + * Remove the Saltstack repo's alias. (cro) #794 + * Ability to change cache dir. (clarkperkins) #761 + * Add config_freebsd_salt func so freebsd puts cfgs in the right place. (ryanwalder) #779 + * Allow archive versions. (clarkperkins) #769 + * Lack of HTTPS for RPM packages. (jaredestroud) #783 + * Ability to change cache dir. (clarkperkins) #761 + * Bootstrap on Docker. (vutny) #793 + * add downstream pkg repo for SUSE. (jfindlay) #791 + * Fixed use of HTTP over HTTPS for anonscm.debian.org. (gdm85) #788 + * Bump Salt version to latest stable in PS bootstrap script for Windows. (vutny) #801 + * Add an -l option to switch https to http links. (rallytime) #795 + * Virtualenv support for Ubuntu. (l2ol33rt) #666 + * Lint. (jfindlay) #805 + * use portable command check. (jfindlay) #806 + * Update epel-release version number (RuriRyan) #809 + + Version 2015.11.09 * Make sure that wget is installed. #868 @@ -426,5 +481,5 @@ Version 1.5: * FreeBSD 9.0 -# Don't remove the line bellow. +# Don't remove the line below. # vim: fenc=utf-8 spell spl=en cc=100 tw=99 fo=want ts=4 diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 000000000..bfcafd6af --- /dev/null +++ b/Dockerfile @@ -0,0 +1,20 @@ +FROM ubuntu-upstart:14.04 +MAINTAINER "SaltStack Team" + +# Bootstrap script options: install Salt Master by default +ENV BOOTSTRAP_OPTS='-M' +# Version of salt to install: stable or git +ENV SALT_VERSION=stable + +COPY bootstrap-salt.sh /tmp/ + +# Prevent udev from being upgraded inside the container, dpkg will fail to configure it +RUN echo udev hold | dpkg --set-selections +# Upgrade System and Install Salt +RUN sudo sh /tmp/bootstrap-salt.sh -U -X -d $BOOTSTRAP_OPTS $SALT_VERSION && \ + apt-get clean +RUN /usr/sbin/update-rc.d -f ondemand remove; \ + update-rc.d salt-minion defaults && \ + update-rc.d salt-master defaults || true + +EXPOSE 4505 4506 diff --git a/LICENSE b/LICENSE index 1b271550a..8a7d7a294 100644 --- a/LICENSE +++ b/LICENSE @@ -1,6 +1,6 @@ Salt Bootstrap - Generic Salt Bootstrap Script - Copyright 2012-2013 Salt Stack (saltstack.org) + Copyright 2012-2016 Salt Stack (saltstack.org) Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/README.rst b/README.rst index 8287a4cd6..b14912efa 100644 --- a/README.rst +++ b/README.rst @@ -2,177 +2,300 @@ Bootstrapping Salt ================== -Before `Salt`_ can be used for provisioning on the desired machine, the binaries need to be -installed. Since `Salt`_ supports many different distributions and versions of operating systems, -the `Salt`_ installation process is handled by this shell script ``bootstrap-salt.sh``. This -script runs through a series of checks to determine operating system type and version to then +Before `Salt`_ can be used for provisioning on the desired machine, the binaries need to be +installed. Since `Salt`_ supports many different distributions and versions of operating systems, +the `Salt`_ installation process is handled by this shell script ``bootstrap-salt.sh``. This +script runs through a series of checks to determine operating system type and version to then install the `Salt`_ binaries using the appropriate methods. - .. note:: - This ``README`` file is not the absolute truth to what the bootstrap script is capable of, for - that, please read the generated help by passing ``-h`` to the script or even better, `read the + This ``README`` file is not the absolute truth to what the bootstrap script is capable of, for + that, please read the generated help by passing ``-h`` to the script or even better, `read the source`_. +**In case you found a bug, please read** `I Found a Bug`_ **first before submitting a new issue.** +The examples there show how to get the latest development version of the bootstrap script. Chances +are high that your issue was already fixed. +.. _`Salt`: https://saltstack.com/community/ .. _`read the source`: https://github.com/saltstack/salt-bootstrap/blob/develop/bootstrap-salt.sh -**In case you found a bug, please read** `I found a bug`_ **first before submitting a new issue.** - - - Bootstrap ---------- +========= -If you're looking for the *one-liner* to install salt, please scroll to the bottom and use the +If you're looking for the *one-liner* to install Salt, please scroll to the bottom and use the instructions for `Installing via an Insecure One-Liner`_. +.. note:: + + In every two-step example, you would be well-served to examine the downloaded file and examine + it to ensure that it does what you expect. + Examples -~~~~~~~~ +-------- + +The Salt Bootstrap script has a wide variety of options that can be passed as +well as several ways of obtaining the bootstrap script itself. .. note:: - In every two-step example, you would be well-served to examine the downloaded file and examine - it to ensure that it does what you expect. + These examples below show how to bootstrap Salt directly from GitHub or other Git repository. + Run the script without any parameters to get latest stable Salt packages for your system from + `SaltStack corporate repository`_. See first example in the `Install using wget`_ section. +.. _`SaltStack corporate repository`: https://repo.saltstack.com/ -Using ``curl`` to install latest git: + +Install using curl +~~~~~~~~~~~~~~~~~~ + +Using ``curl`` to install latest development version from GitHub: .. code:: console - curl -L https://bootstrap.saltstack.com -o install_salt.sh - sudo sh install_salt.sh git develop + curl -o bootstrap_salt.sh -L https://bootstrap.saltstack.com + sudo sh bootstrap_salt.sh git develop +If you want to install a specific release version (based on the Git tags): -Using ``wget`` to install your distribution's stable packages: +.. code:: console + + curl -o bootstrap_salt.sh -L https://bootstrap.saltstack.com + sudo sh bootstrap_salt.sh git v2015.8.8 + +To install a specific branch from a Git fork: .. code:: console - wget -O install_salt.sh https://bootstrap.saltstack.com - sudo sh install_salt.sh + curl -o bootstrap_salt.sh -L https://bootstrap.saltstack.com + sudo sh bootstrap_salt.sh -g https://github.com/myuser/salt.git git mybranch + +If all you want is to install a ``salt-master`` using latest Git: + +.. code:: console + curl -o bootstrap_salt.sh -L https://bootstrap.saltstack.com + sudo sh bootstrap_salt.sh -M -N git develop -Install a specific version from git using ``wget``: +If your host has Internet access only via HTTP proxy: .. code:: console - wget -O install_salt.sh https://bootstrap.saltstack.com - sudo sh install_salt.sh -P git v0.16.4 + PROXY='http://user:password@myproxy.example.com:3128' + curl -o bootstrap_salt.sh -L -x "$PROXY" https://bootstrap.saltstack.com + sudo sh bootstrap_salt.sh -G -H "$PROXY" git + + +Install using wget +~~~~~~~~~~~~~~~~~~ + +Using ``wget`` to install your distribution's stable packages: -On the above example we added `-P` which will allow PIP packages to be installed if required but -it's no a necessary flag for git based bootstraps. +.. code:: console + wget -O bootstrap_salt.sh https://bootstrap.saltstack.com + sudo sh bootstrap_salt.sh -If you already have python installed, ``python 2.6``, then it's as easy as: +Installing a specific version from git using ``wget``: .. code:: console - python -m urllib "https://bootstrap.saltstack.com" > install_salt.sh - sudo sh install_salt.sh git develop + wget -O bootstrap_salt.sh https://bootstrap.saltstack.com + sudo sh bootstrap_salt.sh -P git v2015.8.7 + +.. note:: + + On the above example we added `-P` which will allow PIP packages to be installed if required but + it's not a necessary flag for Git based bootstraps. + + +Install using Python +~~~~~~~~~~~~~~~~~~~~ + +If you already have Python installed, ``python 2.6``, then it's as easy as: +.. code:: console + + python -m urllib "https://bootstrap.saltstack.com" > bootstrap_salt.sh + sudo sh bootstrap_salt.sh git develop -All python versions should support the following one liner: +All Python versions should support the following in-line code: .. code:: console - python -c 'import urllib; print urllib.urlopen("https://bootstrap.saltstack.com").read()' > install_salt.sh - sudo sh install_salt.sh git develop + python -c 'import urllib; print urllib.urlopen("https://bootstrap.saltstack.com").read()' > bootstrap_salt.sh + sudo sh bootstrap_salt.sh git develop -On a FreeBSD base system you usually don't have either of the above binaries available. You **do** +Install using fetch +~~~~~~~~~~~~~~~~~~~ + +On a FreeBSD base system you usually don't have either of the above binaries available. You **do** have ``fetch`` available though: .. code:: console - fetch -o install_salt.sh https://bootstrap.saltstack.com - sudo sh install_salt.sh + fetch -o bootstrap_salt.sh https://bootstrap.saltstack.com + sudo sh bootstrap_salt.sh If you have any SSL issues install ``ca_root_nssp``: .. code:: console - pkg install ca_root_nssp + pkg install ca_root_nssp And either copy the certificates to the place where fetch can find them: .. code:: console - cp /usr/local/share/certs/ca-root-nss.crt /etc/ssl/cert.pem + cp /usr/local/share/certs/ca-root-nss.crt /etc/ssl/cert.pem Or link them to the right place: .. code:: console - ln -s /usr/local/share/certs/ca-root-nss.crt /etc/ssl/cert.pem + ln -s /usr/local/share/certs/ca-root-nss.crt /etc/ssl/cert.pem -If all you want is to install a ``salt-master`` using latest git: +Installing via an Insecure One-Liner +------------------------------------ -.. code:: console +The following examples illustrate how to install Salt via a one-liner. + +.. note:: - curl -o install_salt.sh -L https://bootstrap.saltstack.com - sudo sh install_salt.sh -M -N git develop + Warning! These methods do not involve a verification step and assume that the delivered file + is trustworthy. +Any of the example above which use two-lines can be made to run in a single-line +configuration with minor modifications. -If you want to install a specific release version (based on the git tags): +Installing the latest stable release of Salt (default): .. code:: console - curl -o install_salt.sh -L https://bootstrap.saltstack.com - sudo sh install_salt.sh git v0.16.4 + curl -L https://bootstrap.saltstack.com | sudo sh + +Using ``wget`` to install your distribution's stable packages: + +.. code-block:: bash + wget -O - https://bootstrap.saltstack.com | sudo sh -To install a specific branch from a git fork: +Installing the latest develop branch of Salt: .. code:: console - curl -o install_salt.sh -L https://bootstrap.saltstack.com - sudo sh install_salt.sh -g https://github.com/myuser/salt.git git mybranch + curl -L https://bootstrap.saltstack.com | sudo sh -s -- git develop -Any of the example above which use two-lines can be made to run in a single-line -configuration with minor modifications, see `Installing via an Insecure One-Liner`_. +Supported Operating Systems +--------------------------- +.. note:: -Installing via an Insecure One-Liner ------------------------------------- + Bootstrap may fail to install Salt on the cutting-edge version of distributions with frequent + release cycle, such as: Amazon Linux, Fedora, openSUSE Tumbleweed or Ubuntu non-LTS. Check the + versions from the list below. Also, see the `Unsupported Distro`_ and + `Adding Support for Other Operating Systems`_ sections. -The following examples illustrate how to install Salt via a one-liner. -.. note:: +Debian and derivatives +~~~~~~~~~~~~~~~~~~~~~~ - Warning! These methods do not involve a verification step and assume that the delivered file - is trustworthy. +- Debian GNU/Linux 6/7/8 +- Linux Mint Debian Edition 1 (based on Debian 8) +- Kali Linux 1.0 (based on Debian 7) -Examples -~~~~~~~~ +Red Hat family +~~~~~~~~~~~~~~ -Installing the latest stable release of Salt (default): +- Amazon Linux 2012.09/2013.03/2013.09/2014.03/2014.09 +- CentOS 5/6/7 +- Fedora 17/18/20/21/22 +- Oracle Linux 5/6/7 +- Red Hat Enterprise Linux 5/6/7 +- Scientific Linux 5/6/7 -.. code:: console - curl -L https://bootstrap.saltstack.com | sudo sh -s -- stable +SUSE family +~~~~~~~~~~~ -or +- openSUSE 12/13 +- openSUSE Leap 42 +- openSUSE Tumbleweed 2015 +- SUSE Linux Enterprise Server 11 SP1/11 SP2/11 SP3/12 -.. code:: console - curl -L https://bootstrap.saltstack.com | sudo sh -s +Ubuntu and derivatives +~~~~~~~~~~~~~~~~~~~~~~ -Installing the latest develop branch of Salt: +- Elementary OS 0.2 (based on Ubuntu 12.04) +- Linaro 12.04 +- Linux Mint 13/14/16/17 +- Trisquel GNU/Linux 6 (based on Ubuntu 12.04) +- Ubuntu 10.x/11.x/12.x/13.x/14.x/15.04 + + +Other Linux distro +~~~~~~~~~~~~~~~~~~ + +- Arch Linux +- Gentoo + + +UNIX systems +~~~~~~~~~~~~ + +**BSD**: + +- OpenBSD (``pip`` installation) +- FreeBSD 9/10/11 + +**SunOS**: + +- SmartOS + + +Unsupported Distro +------------------ + +You found a Linux distribution which we still do not support or we do not correctly identify? +Please run the following commands and report their output when creating a ticket: .. code:: console - curl -L https://bootstrap.saltstack.com | sudo sh -s -- git develop + sudo find /etc/ -name \*-release -print -exec cat {} \; + command lsb_release -a -Adding support for other operating systems +Adding Support for Other Operating Systems ------------------------------------------ -In order to install salt for a distribution you need to define: + +The following operating systems are detected, but Salt and its dependencies installation functions +are not developed yet: + +**BSD**: + +- NetBSD + +**Linux**: + +- Raspbian (detected as Debian) +- Slackware + +**SunOS** + +- OpenIndiana +- Oracle Solaris +- OmniOS (Illumos) + + +In order to install Salt for a distribution you need to define: 1. To Install Dependencies, which is required, one of: @@ -186,8 +309,8 @@ In order to install salt for a distribution you need to define: install__deps -2. Optionally, define a minion configuration function, which will be called if the - ``-c|config-dir`` option is passed. One of: +2. Optionally, define a minion configuration function, which will be called if the + ``-c`` option is passed. One of: .. code:: bash @@ -200,8 +323,8 @@ In order to install salt for a distribution you need to define: config_salt [THIS ONE IS ALREADY DEFINED AS THE DEFAULT] -3. Optionally, define a salt master pre-seed function, which will be called if the -k (pre-seed - master keys) option is passed. One of: +3. Optionally, define a Salt master pre-seed function, which will be called if the + ``-k`` (pre-seed master keys) option is passed. One of: .. code:: bash @@ -249,7 +372,7 @@ In order to install salt for a distribution you need to define: .. admonition:: Attention! - The start daemons function should be able to restart any daemons which are running, or start if + The start daemons function should be able to restart any daemons which are running, or start if they're not running. @@ -280,7 +403,7 @@ In order to install salt for a distribution you need to define: ---- -Below is an example for Ubuntu Oneiric(the example may not be up to date with the script): +Below is an example for Ubuntu Oneiric (the example may not be up to date with the script): .. code:: bash @@ -328,44 +451,22 @@ Below is an example for Ubuntu Oneiric(the example may not be up to date with th Since there is no ``install_ubuntu_11_10_stable()`` it defaults to the unspecified version script. -The bootstrapping script must be plain POSIX sh only, **not** bash or another shell script. By -design the targeting for each operating system and version is very specific. Assumptions of +The bootstrapping script must be plain POSIX ``sh`` only, **not** ``bash`` or another shell script. +By design the targeting for each operating system and version is very specific. Assumptions of supported versions or variants should not be made, to avoid failed or broken installations. -Supported Operating Systems ---------------------------- -- Amazon Linux 2012.09 -- Arch -- CentOS 5/6/7 -- Debian 6/7/8 -- Fedora 17/18/20/21/22 -- FreeBSD 9.1/9.2/10/11 -- Gentoo -- Linaro -- Linux Mint 13/14 -- OpenSUSE 12/13 -- Oracle Linux 5/5 -- Red Hat 5/6 -- Red Hat Enterprise 5/6 -- Scientific Linux 5/6 -- SmartOS -- SUSE Linux Enterprise 11 SP1/11 SP2/11 SP3 -- Ubuntu 10.x/11.x/12.x/13.x/14.x/15.04 -- Elementary OS 0.2 - +I Found a Bug +============= -I found a bug -------------- - -If you found a possible problem, or bug, please try to bootstrap using the develop version. The -issue you are having might have already been fixed and it's just not yet included in the stable +If you found a possible problem, or bug, please try to bootstrap using the develop version. The +issue you are having might have already been fixed and it's just not yet included in the stable version. .. code:: console - curl -o install_salt.sh -L https://bootstrap.saltstack.com/develop - sudo sh install_salt.sh git develop + curl -o bootstrap_salt.sh -L https://bootstrap.saltstack.com/develop + sudo sh bootstrap_salt.sh git develop Or the insecure one liner: @@ -375,37 +476,62 @@ Or the insecure one liner: curl -L https://bootstrap.saltstack.com/develop | sudo sh -s -- git develop -If after trying this, you still see the same problems, then, please `file an issue`_. +If after trying this, you still see the same problems, then, please `fill an issue`_. +.. _`fill an issue`: https://github.com/saltstack/salt-bootstrap/issues/new -.. _`Salt`: http://saltstack.org/ -.. _`file an issue`: https://github.com/saltstack/salt-bootstrap/issues/new +Testing in Vagrant +================== -Unsupported Distro ------------------- +You can use Vagrant_ to easily test changes on a clean machine. The ``Vagrantfile`` defaults to an +Ubuntu box. First, install Vagrant, then: + +.. code:: console + + vagrant up + vagrant ssh + + +.. _Vagrant: http://www.vagrantup.com -You found a Linux distribution which we still do not support or we do not correctly identify? -Please run the following commands and report their output when creating a ticket: + +Running in Docker +================= + +Also you are able to run and use Salt inside Docker_ container on Linux machine. +Let's prepare the Docker image using provided ``Dockerfile`` to install both Salt Master and Minion +with the bootstrap script: .. code:: console - sudo find /etc/ -name '*-release' -print -exec cat {} \; - which lsb_release && lsb_release -a + docker built -t local/salt-bootstrap . +Start your new container with Salt services up and running: -Testing in Vagrant ------------------- -You can use Vagrant_ to easily test changes on a clean machine. The ``Vagrantfile`` defaults to an -Ubuntu box. First, install Vagrant, then: +.. code:: console + + docker run --detach --name salt --hostname salt local/salt-bootstrap + +And finally "enter" the running container and make Salt fully operational: .. code:: console - $ vagrant up - $ vagrant ssh + docker exec -i -t salt /bin/bash + salt-key -A -y + +Salt is ready and working in the Docker container with Minion authenticated on Master. + +.. note:: + + The ``Dockerfile`` here inherits Ubuntu 14.04 public image with Upstart configured as init system. + Consider it as an example or starting point of how to make your own Docker images with suitable + Salt components, custom configurations and even `pre-accepted Minion key`_ already installed. + + +.. _Docker: https://www.docker.com/ +.. _`pre-accepted Minion key`: https://docs.saltstack.com/en/latest/topics/tutorials/preseed_key.html -.. _Vagrant: http://www.vagrantup.com -.. _Installing via an Insecure One-Liner: #installing-via-an-insecure-one-liner .. vim: fenc=utf-8 spell spl=en cc=100 tw=99 fo=want sts=2 sw=2 et diff --git a/bootstrap-salt.ps1 b/bootstrap-salt.ps1 index 70d6c62d5..0ea731b0b 100644 --- a/bootstrap-salt.ps1 +++ b/bootstrap-salt.ps1 @@ -40,14 +40,14 @@ is dynamically determined by the script. Bootstrap GitHub Project (script home) - https://github.com/saltstack/salt-windows-bootstrap Original Vagrant Provisioner Project -https://github.com/saltstack/salty-vagrant Vagrant Project (utilizes this script) - https://github.com/mitchellh/vagrant -SaltStack Download Location - http://docs.saltstack.com/downloads/ +SaltStack Download Location - https://repo.saltstack.com/windows/ #> [CmdletBinding()] Param( [Parameter(Mandatory=$false,ValueFromPipeline=$true)] # Doesn't support versions prior to "YYYY.M.R-B" [ValidatePattern('^(201[0-9]\.[0-9]\.[0-9](\-\d{1})?)$')] - [string]$version = "2015.5.2", + [string]$version = "2015.8.8-2", [Parameter(Mandatory=$false,ValueFromPipeline=$true)] [ValidateSet("true","false")] @@ -102,7 +102,7 @@ If ([IntPtr]::Size -eq 4) { # Download minion setup file Write-Host -NoNewline "Downloading Salt minion installer Salt-Minion-$version-$arch-Setup.exe" $webclient = New-Object System.Net.WebClient -$url = "https://docs.saltstack.com/downloads/Salt-Minion-$version-$arch-Setup.exe" +$url = "https://repo.saltstack.com/windows/Salt-Minion-$version-$arch-Setup.exe" $file = "C:\tmp\salt.exe" $webclient.DownloadFile($url, $file) diff --git a/bootstrap-salt.sh b/bootstrap-salt.sh index 057b1659b..334336aef 100755 --- a/bootstrap-salt.sh +++ b/bootstrap-salt.sh @@ -5,11 +5,11 @@ # # FILE: bootstrap-salt.sh # -# DESCRIPTION: Bootstrap salt installation for various systems/distributions +# DESCRIPTION: Bootstrap Salt installation for various systems/distributions # # BUGS: https://github.com/saltstack/salt-bootstrap/issues # -# COPYRIGHT: (c) 2012-2015 by the SaltStack Team, see AUTHORS.rst for more +# COPYRIGHT: (c) 2012-2016 by the SaltStack Team, see AUTHORS.rst for more # details. # # LICENSE: Apache 2.0 @@ -17,7 +17,8 @@ # CREATED: 10/15/2012 09:49:37 PM WEST #====================================================================================================================== set -o nounset # Treat unset variables as an error -__ScriptVersion="2015.11.09" + +__ScriptVersion="2016.04.18" __ScriptName="bootstrap-salt.sh" #====================================================================================================================== @@ -25,8 +26,11 @@ __ScriptName="bootstrap-salt.sh" #---------------------------------------------------------------------------------------------------------------------- # * BS_COLORS: If 0 disables colour support # * BS_PIP_ALLOWED: If 1 enable pip based installations(if needed) +# * BS_PIP_ALL: If 1 enable all python packages to be installed via pip instead of apt, requires setting virtualenv +# * BS_VIRTUALENV_DIR: The virtualenv to install salt into (shouldn't exist yet) # * BS_ECHO_DEBUG: If 1 enable debug echo which can also be set by -D # * BS_SALT_ETC_DIR: Defaults to /etc/salt (Only tweak'able on git based installations) +# * BS_SALT_CACHE_DIR: Defaults to /var/cache/salt (Only tweak'able on git based installations) # * BS_KEEP_TEMP_FILES: If 1, don't move temporary files, instead copy them # * BS_FORCE_OVERWRITE: Force overriding copied files(config, init.d, etc) # * BS_UPGRADE_SYS: If 1 and an option, upgrade system. Default 0. @@ -40,14 +44,12 @@ __ScriptName="bootstrap-salt.sh" # LET THE BLACK MAGIC BEGIN!!!! #====================================================================================================================== - # Bootstrap script truth values BS_TRUE=1 BS_FALSE=0 # Default sleep time used when waiting for daemons to start, restart and checking for these running __DEFAULT_SLEEP=3 -__DEFAULT_SLEEP_ORIGINAL="${__DEFAULT_SLEEP}" #--- FUNCTION ------------------------------------------------------------------------------------------------------- # NAME: __detect_color_support @@ -107,11 +109,19 @@ echodebug() { } #--- FUNCTION ------------------------------------------------------------------------------------------------------- -# NAME: check_pip_allowed +# NAME: __check_command_exists +# DESCRIPTION: Check if a command exists. +#---------------------------------------------------------------------------------------------------------------------- +__check_command_exists() { + command -v "$1" > /dev/null 2>&1 +} + +#--- FUNCTION ------------------------------------------------------------------------------------------------------- +# NAME: __check_pip_allowed # DESCRIPTION: Simple function to let the users know that -P needs to be # used. #---------------------------------------------------------------------------------------------------------------------- -check_pip_allowed() { +__check_pip_allowed() { if [ $# -eq 1 ]; then _PIP_ALLOWED_ERROR_MSG=$1 else @@ -120,7 +130,7 @@ check_pip_allowed() { if [ "$_PIP_ALLOWED" -eq $BS_FALSE ]; then echoerror "$_PIP_ALLOWED_ERROR_MSG" - usage + __usage exit 1 fi } @@ -182,21 +192,26 @@ _KEEP_TEMP_FILES=${BS_KEEP_TEMP_FILES:-$BS_FALSE} _TEMP_CONFIG_DIR="null" _SALTSTACK_REPO_URL="git://github.com/saltstack/salt.git" _SALT_REPO_URL=${_SALTSTACK_REPO_URL} +_DOWNSTREAM_PKG_REPO=$BS_FALSE _TEMP_KEYS_DIR="null" +_SLEEP="${__DEFAULT_SLEEP}" _INSTALL_MASTER=$BS_FALSE _INSTALL_SYNDIC=$BS_FALSE _INSTALL_MINION=$BS_TRUE _INSTALL_CLOUD=$BS_FALSE +_VIRTUALENV_DIR=${BS_VIRTUALENV_DIR:-"null"} _START_DAEMONS=$BS_TRUE _ECHO_DEBUG=${BS_ECHO_DEBUG:-$BS_FALSE} _CONFIG_ONLY=$BS_FALSE _PIP_ALLOWED=${BS_PIP_ALLOWED:-$BS_FALSE} +_PIP_ALL=${BS_PIP_ALL:-$BS_FALSE} _SALT_ETC_DIR=${BS_SALT_ETC_DIR:-/etc/salt} +_SALT_CACHE_DIR=${BS_SALT_CACHE_DIR:-/var/cache/salt} _PKI_DIR=${_SALT_ETC_DIR}/pki _FORCE_OVERWRITE=${BS_FORCE_OVERWRITE:-$BS_FALSE} _GENTOO_USE_BINHOST=${BS_GENTOO_USE_BINHOST:-$BS_FALSE} _EPEL_REPO=${BS_EPEL_REPO:-epel} -__EPEL_REPOS_INSTALLED=${BS_FALSE} +_EPEL_REPOS_INSTALLED=$BS_FALSE _UPGRADE_SYS=${BS_UPGRADE_SYS:-$BS_FALSE} _INSECURE_DL=${BS_INSECURE_DL:-$BS_FALSE} _WGET_ARGS=${BS_WGET_ARGS:-} @@ -205,101 +220,130 @@ _FETCH_ARGS=${BS_FETCH_ARGS:-} _ENABLE_EXTERNAL_ZMQ_REPOS=${BS_ENABLE_EXTERNAL_ZMQ_REPOS:-$BS_FALSE} _SALT_MASTER_ADDRESS=${BS_SALT_MASTER_ADDRESS:-null} _SALT_MINION_ID="null" -# __SIMPLIFY_VERSION is mostly used in Solaris based distributions -__SIMPLIFY_VERSION=$BS_TRUE +# _SIMPLIFY_VERSION is mostly used in Solaris based distributions +_SIMPLIFY_VERSION=$BS_TRUE _LIBCLOUD_MIN_VERSION="0.14.0" _PY_REQUESTS_MIN_VERSION="2.0" _EXTRA_PACKAGES="" _HTTP_PROXY="" _DISABLE_SALT_CHECKS=$BS_FALSE -__SALT_GIT_CHECKOUT_DIR=${BS_SALT_GIT_CHECKOUT_DIR:-/tmp/git/salt} +_SALT_GIT_CHECKOUT_DIR=${BS_SALT_GIT_CHECKOUT_DIR:-/tmp/git/salt} _NO_DEPS=$BS_FALSE +_FORCE_SHALLOW_CLONE=$BS_FALSE +_DISABLE_SSL=$BS_FALSE #--- FUNCTION ------------------------------------------------------------------------------------------------------- -# NAME: usage +# NAME: __usage # DESCRIPTION: Display usage information. #---------------------------------------------------------------------------------------------------------------------- -usage() { +__usage() { cat << EOT - Usage : ${__ScriptName} [options] + Usage : ${__ScriptName} [options] [install-type-args] Installation types: - - stable (default) - - stable [version] (ubuntu specific) - - daily (ubuntu specific) - - testing (redhat specific) - - git + - stable Install latest stable release. This is the default + install type + - stable [branch] Install latest version on a branch. Only supported + for packages available at repo.saltstack.com + - stable [version] Install a specific version. Only supported for + packages available at repo.saltstack.com + - daily Ubuntu specific: configure SaltStack Daily PPA + - testing RHEL-family specific: configure EPEL testing repo + - git Install from the head of the develop branch + - git [ref] Install from any git ref (such as a branch, tag, or + commit) Examples: - ${__ScriptName} - ${__ScriptName} stable - - ${__ScriptName} stable 2014.7 + - ${__ScriptName} stable 2015.8 + - ${__ScriptName} stable 2015.8.9 - ${__ScriptName} daily - ${__ScriptName} testing - ${__ScriptName} git - - ${__ScriptName} git develop - - ${__ScriptName} git v0.17.0 + - ${__ScriptName} git 2015.8 + - ${__ScriptName} git v2015.8.9 - ${__ScriptName} git 8c3fadf15ec183e5ce8c63739850d543617e4357 Options: - -h Display this message - -v Display script version - -n No colours. - -D Show debug output. - -c Temporary configuration directory - -g Salt repository URL. (default: git://github.com/saltstack/salt.git) - -G Instead of cloning from git://github.com/saltstack/salt.git, clone from https://github.com/saltstack/salt.git (Usually necessary on systems which have the regular git protocol port blocked, where https usually is not) - -k Temporary directory holding the minion keys which will pre-seed - the master. - -s Sleep time used when waiting for daemons to start, restart and when checking - for the services running. Default: ${__DEFAULT_SLEEP} - -M Also install salt-master - -S Also install salt-syndic - -N Do not install salt-minion - -X Do not start daemons after installation - -C Only run the configuration function. This option automatically - bypasses any installation. - -P Allow pip based installations. On some distributions the required salt - packages or its dependencies are not available as a package for that - distribution. Using this flag allows the script to use pip as a last - resort method. NOTE: This only works for functions which actually - implement pip based installations. - -F Allow copied files to overwrite existing(config, init.d, etc) - -U If set, fully upgrade the system prior to bootstrapping salt - -K If set, keep the temporary files in the temporary directories specified - with -c and -k. - -I If set, allow insecure connections while downloading any files. For - example, pass '--no-check-certificate' to 'wget' or '--insecure' to 'curl' - -A Pass the salt-master DNS name or IP. This will be stored under - \${BS_SALT_ETC_DIR}/minion.d/99-master-address.conf - -i Pass the salt-minion id. This will be stored under - \${BS_SALT_ETC_DIR}/minion_id - -L Install the Apache Libcloud package if possible(required for salt-cloud) - -p Extra-package to install while installing salt dependencies. One package - per -p flag. You're responsible for providing the proper package name. - -d Disable check_service functions. Setting this flag disables the - 'install__check_services' checks. You can also do this by - touching /tmp/disable_salt_checks on the target host. Defaults \${BS_FALSE} - -H Use the specified http proxy for the installation - -Z Enable external software source for newer ZeroMQ(Only available for RHEL/CentOS/Fedora/Ubuntu based distributions) - -b Assume that dependencies are already installed and software sources are set up. - If git is selected, git tree is still checked out as dependency step. + -h Display this message + -v Display script version + -n No colours. + -D Show debug output. + -c Temporary configuration directory + -g Salt repository URL. Default: ${_SALTSTACK_REPO_URL} + -G Instead of cloning from ${_SALTSTACK_REPO_URL}, clone from + https://${_SALTSTACK_REPO_URL#*://} + (Usually necessary on systems which have the regular git protocol port + blocked, where https usually is not) + -w Install packages from downstream package repository rather than + upstream, saltstack package repository. This is currently only + implemented for SUSE. + -k Temporary directory holding the minion keys which will pre-seed + the master. + -s Sleep time used when waiting for daemons to start, restart and when + checking for the services running. Default: ${__DEFAULT_SLEEP} + -M Also install salt-master + -S Also install salt-syndic + -N Do not install salt-minion + -X Do not start daemons after installation + -C Only run the configuration function. This option automatically bypasses + any installation. Implies -F (forced overwrite). To overwrite master or + syndic configs, -M or -S, respectively, must also be specified. + -P Allow pip based installations. On some distributions the required salt + packages or its dependencies are not available as a package for that + distribution. Using this flag allows the script to use pip as a last + resort method. NOTE: This only works for functions which actually + implement pip based installations. + -F Allow copied files to overwrite existing (config, init.d, etc). + -U If set, fully upgrade the system prior to bootstrapping salt + -K If set, keep the temporary files in the temporary directories specified + with -c and -k. + -I If set, allow insecure connections while downloading any files. For + example, pass '--no-check-certificate' to 'wget' or '--insecure' to + 'curl' + -A Pass the salt-master DNS name or IP. This will be stored under + \${BS_SALT_ETC_DIR}/minion.d/99-master-address.conf + -i Pass the salt-minion id. This will be stored under + \${BS_SALT_ETC_DIR}/minion_id + -L Install the Apache Libcloud package if possible(required for salt-cloud) + -p Extra-package to install while installing salt dependencies. One package + per -p flag. You're responsible for providing the proper package name. + -d Disable check_service functions. Setting this flag disables the + 'install__check_services' checks. You can also do this by + touching /tmp/disable_salt_checks on the target host. + Default: \${BS_FALSE} + -H Use the specified HTTP proxy for all download URLs (including https://). + For example: http://myproxy.example.com:3128 + -Z Enable additional package repository for newer ZeroMQ + (Only available for RHEL/CentOS/Fedora/Ubuntu based distributions) + -b Assume that dependencies are already installed and software sources are + set up. If git is selected, git tree is still checked out as dependency + step. + -f Force shallow cloning for git installations. + This may result in an "n/a" in the version number. + -l Disable ssl checks. When passed, switches "https" calls to "http" where + possible. + -V Install salt into virtualenv(Only available for Ubuntu base distributions) + -a Pip install all python pkg dependencies for salt. Requires -V to install + all pip pkgs into the virtualenv(Only available for Ubuntu base + distributions) EOT -} # ---------- end of function usage ---------- +} # ---------- end of function __usage ---------- -while getopts ":hvnDc:Gg:k:MSNXCPFUKIA:i:Lp:dH:Zb" opt +while getopts ":hvnDc:Gg:wk:s:MSNXCPFUKIA:i:Lp:dH:ZbflV:a" opt do case "${opt}" in - h ) usage; exit 0 ;; - + h ) __usage; exit 0 ;; v ) echo "$0 -- Version $__ScriptVersion"; exit 0 ;; n ) _COLORS=0; __detect_color_support ;; D ) _ECHO_DEBUG=$BS_TRUE ;; + c ) _TEMP_CONFIG_DIR=$(__check_config_dir "$OPTARG") # If the configuration directory does not exist, error out if [ "$_TEMP_CONFIG_DIR" = "null" ]; then @@ -311,14 +355,19 @@ do exit 1 fi ;; - g ) _SALT_REPO_URL=$OPTARG ;; - G ) if [ "${_SALT_REPO_URL}" = "${_SALTSTACK_REPO_URL}" ]; then - _SALTSTACK_REPO_URL="https://github.com/saltstack/salt.git" - _SALT_REPO_URL=${_SALTSTACK_REPO_URL} - else - _SALTSTACK_REPO_URL="https://github.com/saltstack/salt.git" - fi + + g ) _SALT_REPO_URL=$OPTARG ;; + + G ) if [ "${_SALT_REPO_URL}" = "${_SALTSTACK_REPO_URL}" ]; then + _SALTSTACK_REPO_URL="https://github.com/saltstack/salt.git" + _SALT_REPO_URL=${_SALTSTACK_REPO_URL} + else + _SALTSTACK_REPO_URL="https://github.com/saltstack/salt.git" + fi ;; + + w ) _DOWNSTREAM_PKG_REPO=$BS_TRUE ;; + k ) _TEMP_KEYS_DIR="$OPTARG" # If the configuration directory does not exist, error out if [ ! -d "$_TEMP_KEYS_DIR" ]; then @@ -326,6 +375,7 @@ do exit 1 fi ;; + s ) _SLEEP=$OPTARG ;; M ) _INSTALL_MASTER=$BS_TRUE ;; S ) _INSTALL_SYNDIC=$BS_TRUE ;; N ) _INSTALL_MINION=$BS_FALSE ;; @@ -344,11 +394,14 @@ do H ) _HTTP_PROXY="$OPTARG" ;; Z ) _ENABLE_EXTERNAL_ZMQ_REPOS=$BS_TRUE ;; b ) _NO_DEPS=$BS_TRUE ;; - + f ) _FORCE_SHALLOW_CLONE=$BS_TRUE ;; + l ) _DISABLE_SSL=$BS_TRUE ;; + V ) _VIRTUALENV_DIR="$OPTARG" ;; + a ) _PIP_ALL=$BS_TRUE ;; \?) echo echoerror "Option does not exist : $OPTARG" - usage + __usage exit 1 ;; @@ -367,7 +420,7 @@ __check_unparsed_options() { fi unparsed_options=$( echo "$shellopts" | ${grep} -E '(^|[[:space:]])[-]+[[:alnum:]]' ) if [ "$unparsed_options" != "" ]; then - usage + __usage echo echoerror "options are only allowed before install arguments" echo @@ -382,18 +435,13 @@ if [ "$_INSTALL_MINION" -eq $BS_FALSE ] && [ "$_INSTALL_MASTER" -eq $BS_FALSE ] exit 0 fi -if [ "$_CONFIG_ONLY" -eq $BS_TRUE ] && [ "$_TEMP_CONFIG_DIR" = "null" ]; then - echoerror "In order to run the script in configuration only mode you also need to provide the configuration directory." - exit 1 -fi - # Check that we're installing a minion if we're being passed a master address if [ "$_INSTALL_MINION" -eq $BS_FALSE ] && [ "$_SALT_MASTER_ADDRESS" != "null" ]; then echoerror "Don't pass a master address (-A) if no minion is going to be bootstrapped." exit 1 fi -# Check that we're installing a minion if we're being passed a master address +# Check that we're installing a minion if we're being passed a minion id if [ "$_INSTALL_MINION" -eq $BS_FALSE ] && [ "$_SALT_MINION_ID" != "null" ]; then echoerror "Don't pass a minion id (-i) if no minion is going to be bootstrapped." exit 1 @@ -430,25 +478,48 @@ elif [ "$ITYPE" = "stable" ]; then STABLE_REV="latest" else __check_unparsed_options "$*" - if [ "$(echo "$1" | egrep '^(latest|1\.6|1\.7|2014\.1|2014\.7|2015\.5|2015\.8)$')" = "" ]; then - echo "Unknown stable version: $1 (valid: 1.6, 1.7, 2014.1, 2014.7, 2015.5, 2015.8, latest)" - exit 1 - else + if [ "$(echo "$1" | egrep '^(latest|1\.6|1\.7|2014\.1|2014\.7|2015\.5|2015\.8)$')" != "" ]; then STABLE_REV="$1" shift + elif [ "$(echo "$1" | egrep '^([0-9]*\.[0-9]*\.[0-9]*)$')" != "" ]; then + STABLE_REV="archive/$1" + shift + else + echo "Unknown stable version: $1 (valid: 1.6, 1.7, 2014.1, 2014.7, 2015.5, 2015.8, latest, \$MAJOR.\$MINOR.\$PATCH)" + exit 1 + fi fi fi +# -a and -V only work from git +if [ "$ITYPE" != "git" ]; then + if [ $_PIP_ALL -eq $BS_TRUE ]; then + echoerror "Pip installing all python packages with -a is only possible when installing salt via git" + exit 1 + fi + if [ "$_VIRTUALENV_DIR" != "null" ]; then + echoerror "Virtualenv installs via -V is only possible when installing salt via git" + exit 1 + fi +fi + # Check for any unparsed arguments. Should be an error. if [ "$#" -gt 0 ]; then __check_unparsed_options "$*" - usage + __usage echo echoerror "Too many arguments." exit 1 fi +# Check the _DISABLE_SSL value and set HTTP or HTTPS. +if [ "$_DISABLE_SSL" -eq "${BS_TRUE}" ]; then + HTTP_VAL="http" +else + HTTP_VAL="https" +fi + # whoami alternative for SunOS if [ -f /usr/xpg4/bin/id ]; then whoami='/usr/xpg4/bin/id -un' @@ -482,6 +553,20 @@ if [ ${_DISABLE_SALT_CHECKS} -eq 0 ]; then echowarn "Found file: /tmp/disable_salt_checks, setting \$_DISABLE_SALT_CHECKS=true" fi +# Because -a can only be installed into virtualenv +if ([ $_PIP_ALL -eq $BS_TRUE ] && [ "$_VIRTUALENV_DIR" = "null" ]); then + usage + # Could possibly set up a default virtualenv location when -a flag is passed + echoerror "Using -a requires -V because pip pkgs should be siloed from python system pkgs" + exit 1 +fi + +# Make sure virtualenv directory does not already exist +if [ -d "$_VIRTUALENV_DIR" ]; then + echoerror "The directory ${_VIRTUALENV_DIR} for virtualenv already exists" + exit 1 +fi + echoinfo "${CALLER} ${0} -- Version ${__ScriptVersion}" #echowarn "Running the unstable version of ${__ScriptName}" @@ -504,12 +589,13 @@ echoinfo "${CALLER} ${0} -- Version ${__ScriptVersion}" __exit_cleanup() { EXIT_CODE=$? - if [ "$ITYPE" = "git" ] && [ -d "${__SALT_GIT_CHECKOUT_DIR}" ]; then + if [ "$ITYPE" = "git" ] && [ -d "${_SALT_GIT_CHECKOUT_DIR}" ]; then if [ $_KEEP_TEMP_FILES -eq $BS_FALSE ]; then # Clean up the checked out repository echodebug "Cleaning up the Salt Temporary Git Repository" + # shellcheck disable=SC2164 cd "${__SALT_GIT_CHECKOUT_PARENT_DIR}" - rm -rf "${__SALT_GIT_CHECKOUT_DIR}" + rm -rf "${_SALT_GIT_CHECKOUT_DIR}" else echowarn "Not cleaning up the Salt Temporary git repository on request" echowarn "Note that if you intend to re-run this script using the git approach, you might encounter some issues" @@ -535,7 +621,7 @@ __exit_cleanup() { # Exit with the "original" exit code, not the trapped code exit $EXIT_CODE } - trap "__trap_errors" INT QUIT ABRT KILL QUIT TERM + trap "__trap_errors" INT ABRT QUIT TERM # Now we're "good" to kill tee kill -s TERM "$TEE_PID" @@ -582,12 +668,34 @@ fi #---------------------------------------------------------------------------------------------------------------------- __fetch_url() { # shellcheck disable=SC2086 - curl $_CURL_ARGS -s -o "$1" "$2" >/dev/null 2>&1 || + curl $_CURL_ARGS -L -s -o "$1" "$2" >/dev/null 2>&1 || wget $_WGET_ARGS -q -O "$1" "$2" >/dev/null 2>&1 || fetch $_FETCH_ARGS -q -o "$1" "$2" >/dev/null 2>&1 || - fetch -q -o "$1" "$2" >/dev/null 2>&1 # Pre FreeBSD 10 + fetch -q -o "$1" "$2" >/dev/null 2>&1 || # Pre FreeBSD 10 + ftp -o "$1" "$2" >/dev/null 2>&1 # OpenBSD } +#--- FUNCTION ------------------------------------------------------------------------------------------------------- +# NAME: __fetch_verify +# DESCRIPTION: Retrieves a URL, verifies its content and writes it to standard output +#---------------------------------------------------------------------------------------------------------------------- +__fetch_verify() { + fetch_verify_url="$1" + fetch_verify_sum="$2" + fetch_verify_size="$3" + + fetch_verify_tmpf=$(mktemp) && \ + __fetch_url "$fetch_verify_tmpf" "$fetch_verify_url" && \ + test "$(stat --format=%s "$fetch_verify_tmpf")" -eq "$fetch_verify_size" && \ + test "$(md5sum "$fetch_verify_tmpf" | awk '{ print $1 }')" = "$fetch_verify_sum" && \ + cat "$fetch_verify_tmpf" && \ + rm -f "$fetch_verify_tmpf" + if [ $? -eq 0 ]; then + return 0 + fi + echo "Failed verification of $fetch_verify_url" + return 1 +} #--- FUNCTION ------------------------------------------------------------------------------------------------------- # NAME: __gather_hardware_info @@ -852,7 +960,7 @@ __gather_linux_system_info() { [ "${rv}" != "" ] && v=$(__parse_version_string "$rv") || v="" case $(echo "${nn}" | tr '[:upper:]' '[:lower:]') in amzn ) - # Amazon AMI's after 2014.9 match here + # Amazon AMI's after 2014.09 match here n="Amazon Linux AMI" ;; arch ) @@ -863,6 +971,10 @@ __gather_linux_system_info() { n="Debian" v=$(__derive_debian_numeric_version "$v") ;; + sles ) + n="SUSE" + v="${rv}" + ;; * ) n=${nn} ;; @@ -883,7 +995,7 @@ __gather_linux_system_info() { #---------------------------------------------------------------------------------------------------------------------- __gather_sunos_system_info() { if [ -f /sbin/uname ]; then - DISTRO_VERSION=$(/sbin/uname -X | awk '/[kK][eE][rR][nN][eE][lL][iI][dD]/ { print $3}') + DISTRO_VERSION=$(/sbin/uname -X | awk '/[kK][eE][rR][nN][eE][lL][iI][dD]/ { print $3 }') fi DISTRO_NAME="" @@ -927,7 +1039,7 @@ __gather_sunos_system_info() { *OmniOS*) DISTRO_NAME="OmniOS" DISTRO_VERSION=$(echo "$line" | awk '{print $3}') - __SIMPLIFY_VERSION=$BS_FALSE + _SIMPLIFY_VERSION=$BS_FALSE break ;; esac @@ -1119,6 +1231,22 @@ __debian_derivatives_translation() { fi } +#--- FUNCTION ------------------------------------------------------------------------------------------------------- +# NAME: __set_suse_pkg_repo +# DESCRIPTION: Set SUSE_PKG_URL to either the upstream SaltStack repo or the +# downstream SUSE repo +#---------------------------------------------------------------------------------------------------------------------- +__set_suse_pkg_repo() { + suse_pkg_url_path="${DISTRO_REPO}/systemsmanagement:saltstack.repo" + if [ "$_DOWNSTREAM_PKG_REPO" -eq $BS_TRUE ]; then + # FIXME: cleartext download over unsecure protocol (HTTP) + suse_pkg_url_base="http://download.opensuse.org/repositories/systemsmanagement:saltstack" + else + suse_pkg_url_base="${HTTP_VAL}://repo.saltstack.com/opensuse" + fi + SUSE_PKG_URL="$suse_pkg_url_base/$suse_pkg_url_path" +} + __gather_system_info echo @@ -1180,7 +1308,7 @@ __ubuntu_derivatives_translation __debian_derivatives_translation # Simplify version naming on functions -if [ "${DISTRO_VERSION}" = "" ] || [ $__SIMPLIFY_VERSION -eq $BS_FALSE ]; then +if [ "$DISTRO_VERSION" = "" ] || [ ${_SIMPLIFY_VERSION} -eq $BS_FALSE ]; then DISTRO_MAJOR_VERSION="" DISTRO_MINOR_VERSION="" PREFIXED_DISTRO_MAJOR_VERSION="" @@ -1205,7 +1333,7 @@ __ubuntu_codename_translation if ([ "${DISTRO_NAME_L}" != "ubuntu" ] && [ "$ITYPE" = "daily" ]); then echoerror "${DISTRO_NAME} does not have daily packages support" exit 1 -elif ([ "${DISTRO_NAME_L}" != "ubuntu" ] && [ "$ITYPE" = "stable" ] && [ "$STABLE_REV" != "latest" ]); then +elif ([ "$(echo "${DISTRO_NAME_L}" | egrep '(debian|ubuntu|centos|red_hat|oracle|scientific)')" = "" ] && [ "$ITYPE" = "stable" ] && [ "$STABLE_REV" != "latest" ]); then echoerror "${DISTRO_NAME} does not have major version pegged packages support" exit 1 fi @@ -1219,6 +1347,17 @@ if [ "${ITYPE}" = "testing" ]; then _EPEL_REPO="epel-testing" fi +# Only Ubuntu has support for installing to virtualenvs +if ([ "${DISTRO_NAME_L}" != "ubuntu" ] && [ "$_VIRTUALENV_DIR" != "null" ]); then + echoerror "${DISTRO_NAME} does not have -V support" + exit 1 +fi + +# Only Ubuntu has support for pip installing all packages +if ([ "${DISTRO_NAME_L}" != "ubuntu" ] && [ $_PIP_ALL -eq $BS_TRUE ]);then + echoerror "${DISTRO_NAME} does not have -a support" + exit 1 +fi #--- FUNCTION ------------------------------------------------------------------------------------------------------- # NAME: __function_defined # DESCRIPTION: Checks if a function is defined within this scripts scope @@ -1245,15 +1384,17 @@ __git_clone_and_checkout() { echodebug "Installed git version: $(git --version | awk '{ print $3 }')" - __SALT_GIT_CHECKOUT_PARENT_DIR=$(dirname "${__SALT_GIT_CHECKOUT_DIR}" 2>/dev/null) + __SALT_GIT_CHECKOUT_PARENT_DIR=$(dirname "${_SALT_GIT_CHECKOUT_DIR}" 2>/dev/null) __SALT_GIT_CHECKOUT_PARENT_DIR="${__SALT_GIT_CHECKOUT_PARENT_DIR:-/tmp/git}" - __SALT_CHECKOUT_REPONAME="$(basename "${__SALT_GIT_CHECKOUT_DIR}" 2>/dev/null)" + __SALT_CHECKOUT_REPONAME="$(basename "${_SALT_GIT_CHECKOUT_DIR}" 2>/dev/null)" __SALT_CHECKOUT_REPONAME="${__SALT_CHECKOUT_REPONAME:-salt}" [ -d "${__SALT_GIT_CHECKOUT_PARENT_DIR}" ] || mkdir "${__SALT_GIT_CHECKOUT_PARENT_DIR}" + # shellcheck disable=SC2164 cd "${__SALT_GIT_CHECKOUT_PARENT_DIR}" - if [ -d "${__SALT_GIT_CHECKOUT_DIR}" ]; then + if [ -d "${_SALT_GIT_CHECKOUT_DIR}" ]; then echodebug "Found a checked out Salt repository" - cd "${__SALT_GIT_CHECKOUT_DIR}" + # shellcheck disable=SC2164 + cd "${_SALT_GIT_CHECKOUT_DIR}" echodebug "Fetching git changes" git fetch || return 1 # Tags are needed because of salt's versioning, also fetch that @@ -1285,46 +1426,55 @@ __git_clone_and_checkout() { git pull --rebase || return 1 fi else - __SHALLOW_CLONE="${BS_FALSE}" - if [ "$(echo "$GIT_REV" | sed 's/^.*\(v[[:digit:]]\{1,4\}\.[[:digit:]]\{1,2\}\)\(\.[[:digit:]]\{1,2\}\)\?.*$/MATCH/')" = "MATCH" ]; then - echoinfo "Git revision matches a Salt version tag" + if [ "$_FORCE_SHALLOW_CLONE" -eq "${BS_TRUE}" ]; then + echoinfo "Forced shallow cloning of git repository." + __SHALLOW_CLONE="${BS_TRUE}" + elif [ "$(echo "$GIT_REV" | sed 's/^.*\(v\?[[:digit:]]\{1,4\}\.[[:digit:]]\{1,2\}\)\(\.[[:digit:]]\{1,2\}\)\?.*$/MATCH/')" = "MATCH" ]; then + echoinfo "Git revision matches a Salt version tag, shallow cloning enabled." + __SHALLOW_CLONE="${BS_TRUE}" + else + echowarn "The git revision being installed does not match a Salt version tag. Shallow cloning disabled" + __SHALLOW_CLONE="${BS_FALSE}" + fi + + if [ "$__SHALLOW_CLONE" -eq "${BS_TRUE}" ]; then # Let's try shallow cloning to speed up. # Test for "--single-branch" option introduced in git 1.7.10, the minimal version of git where the shallow # cloning we need actually works - if [ "$(git clone --help | grep 'single-branch')" != "" ]; then + if [ "$(git clone 2>&1 | grep 'single-branch')" != "" ]; then # The "--single-branch" option is supported, attempt shallow cloning echoinfo "Attempting to shallow clone $GIT_REV from Salt's repository ${_SALT_REPO_URL}" git clone --depth 1 --branch "$GIT_REV" "$_SALT_REPO_URL" "$__SALT_CHECKOUT_REPONAME" if [ $? -eq 0 ]; then - cd "${__SALT_GIT_CHECKOUT_DIR}" + # shellcheck disable=SC2164 + cd "${_SALT_GIT_CHECKOUT_DIR}" __SHALLOW_CLONE="${BS_TRUE}" else # Shallow clone above failed(missing upstream tags???), let's resume the old behaviour. echowarn "Failed to shallow clone." echoinfo "Resuming regular git clone and remote SaltStack repository addition procedure" - git clone "$_SALT_REPO_URL" "$__SALT_CHECKOUT_REPONAME" || return 1 - cd "${__SALT_GIT_CHECKOUT_DIR}" + __SHALLOW_CLONE="${BS_FALSE}" fi else echodebug "Shallow cloning not possible. Required git version not met." - git clone "$_SALT_REPO_URL" "$__SALT_CHECKOUT_REPONAME" || return 1 - cd "${__SALT_GIT_CHECKOUT_DIR}" + __SHALLOW_CLONE="${BS_FALSE}" fi - else - echowarn "The git revision being installed does not match a Salt version tag. Shallow cloning disabled" - git clone "$_SALT_REPO_URL" "$__SALT_CHECKOUT_REPONAME" || return 1 - cd "${__SALT_GIT_CHECKOUT_DIR}" - fi - - if [ "$(echo "$_SALT_REPO_URL" | grep -c -e '\(\(git\|https\)://github\.com/\|git@github\.com:\)saltstack/salt\.git')" -eq 0 ]; then - # We need to add the saltstack repository as a remote and fetch tags for proper versioning - echoinfo "Adding SaltStack's Salt repository as a remote" - git remote add upstream "$_SALTSTACK_REPO_URL" || return 1 - echodebug "Fetching upstream(SaltStack's Salt repository) git tags" - git fetch --tags upstream || return 1 fi if [ "$__SHALLOW_CLONE" -eq "${BS_FALSE}" ]; then + git clone "$_SALT_REPO_URL" "$__SALT_CHECKOUT_REPONAME" || return 1 + # shellcheck disable=SC2164 + cd "${_SALT_GIT_CHECKOUT_DIR}" + + if [ "$(echo "$_SALT_REPO_URL" | grep -c -e '\(\(git\|https\)://github\.com/\|git@github\.com:\)saltstack/salt\.git')" -eq 0 ]; then + # We need to add the saltstack repository as a remote and fetch tags for proper versioning + echoinfo "Adding SaltStack's Salt repository as a remote" + git remote add upstream "$_SALTSTACK_REPO_URL" || return 1 + echodebug "Fetching upstream(SaltStack's Salt repository) git tags" + git fetch --tags upstream || return 1 + GIT_REV="origin/$GIT_REV" + fi + echodebug "Checking out $GIT_REV" git checkout "$GIT_REV" || return 1 fi @@ -1455,10 +1605,10 @@ __check_end_of_life_versions #--- FUNCTION ------------------------------------------------------------------------------------------------------- -# NAME: copyfile +# NAME: __copyfile # DESCRIPTION: Simple function to copy files. Overrides if asked. #---------------------------------------------------------------------------------------------------------------------- -copyfile() { +__copyfile() { overwrite=$_FORCE_OVERWRITE if [ $# -eq 2 ]; then sfile=$1 @@ -1468,8 +1618,8 @@ copyfile() { dfile=$2 overwrite=$3 else - echoerror "Wrong number of arguments for copyfile()" - echoinfo "USAGE: copyfile OR copyfile " + echoerror "Wrong number of arguments for __copyfile()" + echoinfo "USAGE: __copyfile OR __copyfile " exit 1 fi @@ -1503,10 +1653,10 @@ copyfile() { #--- FUNCTION ------------------------------------------------------------------------------------------------------- -# NAME: movefile +# NAME: __movefile # DESCRIPTION: Simple function to move files. Overrides if asked. #---------------------------------------------------------------------------------------------------------------------- -movefile() { +__movefile() { overwrite=$_FORCE_OVERWRITE if [ $# -eq 2 ]; then sfile=$1 @@ -1516,8 +1666,8 @@ movefile() { dfile=$2 overwrite=$3 else - echoerror "Wrong number of arguments for movefile()" - echoinfo "USAGE: movefile OR movefile " + echoerror "Wrong number of arguments for __movefile()" + echoinfo "USAGE: __movefile OR __movefile " exit 1 fi @@ -1525,7 +1675,7 @@ movefile() { # We're being told not to move files, instead copy them so we can keep # them around echodebug "Since BS_KEEP_TEMP_FILES=1 we're copying files instead of moving them" - copyfile "$sfile" "$dfile" "$overwrite" + __copyfile "$sfile" "$dfile" "$overwrite" return $? fi @@ -1544,7 +1694,7 @@ movefile() { fi if [ ! -f "$dfile" ]; then - # The destination file does not exist, copy + # The destination file does not exist, move echodebug "Moving $sfile to $dfile" mv "$sfile" "$dfile" || return 1 elif [ -f "$dfile" ] && [ "$overwrite" -eq $BS_TRUE ]; then @@ -1559,6 +1709,84 @@ movefile() { } +#--- FUNCTION ------------------------------------------------------------------------------------------------------- +# NAME: __linkfile +# DESCRIPTION: Simple function to create symlinks. Overrides if asked. Accepts globs. +#---------------------------------------------------------------------------------------------------------------------- +__linkfile() { + overwrite=$_FORCE_OVERWRITE + if [ $# -eq 2 ]; then + target=$1 + linkname=$2 + elif [ $# -eq 3 ]; then + target=$1 + linkname=$2 + overwrite=$3 + else + echoerror "Wrong number of arguments for __linkfile()" + echoinfo "USAGE: __linkfile OR __linkfile " + exit 1 + fi + + for sfile in $target; do + # Does the source file exist? + if [ ! -f "$sfile" ]; then + echowarn "$sfile does not exist!" + return 1 + fi + + # If the destination is a directory, let's make it a full path so the logic + # below works as expected + if [ -d "$linkname" ]; then + echodebug "The passed link name ($linkname) is a directory" + linkname="${linkname}/$(basename "$sfile")" + echodebug "Full destination path is now: $linkname" + fi + + if [ ! -e "$linkname" ]; then + # The destination file does not exist, create link + echodebug "Creating $linkname symlink pointing to $sfile" + ln -s "$sfile" "$linkname" || return 1 + elif [ -e "$linkname" ] && [ "$overwrite" -eq $BS_TRUE ]; then + # The destination exist and we're overwriting + echodebug "Overwriting $linkname symlink to point on $sfile" + ln -sf "$sfile" "$linkname" || return 1 + elif [ -e "$linkname" ] && [ "$overwrite" -ne $BS_TRUE ]; then + echodebug "Not overwriting $linkname symlink to point on $sfile" + fi + done + + return 0 +} + + +#--- FUNCTION ------------------------------------------------------------------------------------------------------- +# NAME: __rpm_import_gpg +# DESCRIPTION: Download and import GPG public key to rpm database +# PARAMETERS: url +#---------------------------------------------------------------------------------------------------------------------- +__rpm_import_gpg() { + url="$1" + + if __check_command_exists mktemp; then + tempfile="$(mktemp /tmp/salt-gpg-XXXXXXXX.pub 2>/dev/null)" + + if [ -z "$tempfile" ]; then + echoerror "Failed to create temporary file in /tmp" + return 1 + fi + else + tempfile="/tmp/salt-gpg-$$.pub" + fi + + __fetch_url "$tempfile" "$url" || return 1 + rpm --import "$tempfile" || return 1 + rm -f "$tempfile" + + return 0 +} + + #--- FUNCTION ------------------------------------------------------------------------------------------------------- # NAME: __check_services_systemd # DESCRIPTION: Return 0 or 1 in case the service is enabled or not @@ -1667,6 +1895,104 @@ __check_services_debian() { } # ---------- end of function __check_services_debian ---------- +#--- FUNCTION ------------------------------------------------------------------------------------------------------- +# NAME: __check_services_openbsd +# DESCRIPTION: Return 0 or 1 in case the service is enabled or not +# PARAMETERS: servicename +#---------------------------------------------------------------------------------------------------------------------- +__check_services_openbsd() { + if [ $# -eq 0 ]; then + echoerror "You need to pass a service name to check!" + exit 1 + elif [ $# -ne 1 ]; then + echoerror "You need to pass a service name to check as the single argument to the function" + fi + + servicename=$1 + echodebug "Checking if service ${servicename} is enabled" + + # shellcheck disable=SC2086,SC2046,SC2144 + if [ -f /etc/rc.d/${servicename} ] && [ $(grep ${servicename} /etc/rc.conf.local) -ne "" ] ; then + echodebug "Service ${servicename} is enabled" + return 0 + else + echodebug "Service ${servicename} is NOT enabled" + # return 1 + fi +} # ---------- end of function __check_services_openbsd ---------- + + +#--- FUNCTION ------------------------------------------------------------------------------------------------------- +# NAME: __create_virtualenv +# DESCRIPTION: Return 0 or 1 depending on successful creation of virtualenv +#---------------------------------------------------------------------------------------------------------------------- +__create_virtualenv() { + if [ ! -d "$_VIRTUALENV_DIR" ]; then + echoinfo "Creating virtualenv ${_VIRTUALENV_DIR}" + if [ $_PIP_ALL -eq $BS_TRUE ]; then + virtualenv --no-site-packages "${_VIRTUALENV_DIR}" || return 1 + else + virtualenv --system-site-packages "${_VIRTUALENV_DIR}" || return 1 + fi + fi + return 0 +} # ---------- end of function __create_virtualenv ---------- + + +#--- FUNCTION ------------------------------------------------------------------------------------------------------- +# NAME: __activate_virtualenv +# DESCRIPTION: Return 0 or 1 depending on successful activation of virtualenv +#---------------------------------------------------------------------------------------------------------------------- +__activate_virtualenv() { + set +o nounset + # Is virtualenv empty + if [ -z "$VIRTUAL_ENV" ]; then + __create_virtualenv || return 1 + # shellcheck source=/dev/null + . "${_VIRTUALENV_DIR}/bin/activate" || return 1 + echoinfo "Activated virtualenv ${_VIRTUALENV_DIR}" + fi + set -o nounset + return 0 +} # ---------- end of function __activate_virtualenv ---------- + + +#--- FUNCTION ------------------------------------------------------------------------------------------------------- +# NAME: __install_pip_deps +# DESCRIPTION: Return 0 or 1 if successfully able to install pip packages via requirements file +# PARAMETERS: requirements_files +#---------------------------------------------------------------------------------------------------------------------- +__install_pip_deps() { + # Install virtualenv to system pip before activating virtualenv if thats going to be used + # We assume pip pkg is installed since that is distro specific + if [ "$_VIRTUALENV_DIR" != "null" ]; then + if ! __check_command_exists pip; then + echoerror "Pip not installed: required for -a installs" + exit 1 + fi + pip install -U virtualenv + __activate_virtualenv || return 1 + else + echoerror "Must have virtualenv dir specified for -a installs" + fi + + requirements_file=$1 + if [ ! -f "${requirements_file}" ]; then + echoerror "Requirements file: ${requirements_file} cannot be found, needed for -a (pip pkg) installs" + exit 1 + fi + + __PIP_PACKAGES='' + if [ "$_INSTALL_CLOUD" -eq $BS_TRUE ]; then + # shellcheck disable=SC2089 + __PIP_PACKAGES="${__PIP_PACKAGES} 'apache-libcloud>=$_LIBCLOUD_MIN_VERSION'" + fi + + # shellcheck disable=SC2086,SC2090 + pip install -U -r ${requirements_file} ${__PIP_PACKAGES} +} + + ####################################################################################################################### # # Distribution install functions @@ -1763,6 +2089,8 @@ __enable_universe_repository() { elif [ "$DISTRO_MAJOR_VERSION" -lt 11 ] && [ "$DISTRO_MINOR_VERSION" -lt 10 ]; then # Below Ubuntu 11.10, the -y flag to add-apt-repository is not supported add-apt-repository "deb http://old-releases.ubuntu.com/ubuntu $(lsb_release -sc) universe" || return 1 + else + add-apt-repository -y "deb http://old-releases.ubuntu.com/ubuntu $(lsb_release -sc) universe" || return 1 fi add-apt-repository -y "deb http://old-releases.ubuntu.com/ubuntu $(lsb_release -sc) universe" || return 1 @@ -1771,11 +2099,11 @@ __enable_universe_repository() { } install_ubuntu_deps() { - if ([ "${__DEFAULT_SLEEP}" -eq "${__DEFAULT_SLEEP_ORIGINAL}" ] && [ "$DISTRO_MAJOR_VERSION" -lt 15 ]); then + if ([ "${_SLEEP}" -eq "${__DEFAULT_SLEEP}" ] && [ "$DISTRO_MAJOR_VERSION" -lt 15 ]); then # The user did not pass a custom sleep value as an argument, let's increase the default value echodebug "On Ubuntu systems we increase the default sleep value to 10." echodebug "See https://github.com/saltstack/salt/issues/12248 for more info." - __DEFAULT_SLEEP=10 + _SLEEP=10 fi if [ $_START_DAEMONS -eq $BS_FALSE ]; then echowarn "Not starting daemons on Debian based distributions is not working mostly because starting them is the default behaviour." @@ -1797,8 +2125,8 @@ install_ubuntu_deps() { __enable_universe_repository || return 1 - # the latest version of 2015.5 and all versions of 2015.8 and beyond are hosted on repo.saltstack.com - if [ "$(echo "$STABLE_REV" | egrep '^(2015\.5|2015\.8|latest)$')" = "" ]; then + # Versions starting with 2015.5.6 and 2015.8.1 are hosted at repo.saltstack.com + if [ "$(echo "$STABLE_REV" | egrep '^(2015\.5|2015\.8|latest|archive\/)')" = "" ]; then if [ "$DISTRO_MAJOR_VERSION" -lt 14 ]; then echoinfo "Installing Python Requests/Chardet from Chris Lea's PPA repository" if [ "$DISTRO_MAJOR_VERSION" -gt 11 ] || ([ "$DISTRO_MAJOR_VERSION" -eq 11 ] && [ "$DISTRO_MINOR_VERSION" -gt 04 ]); then @@ -1828,19 +2156,21 @@ install_ubuntu_deps() { # Minimal systems might not have upstart installed, install it __PACKAGES="upstart" + if [ "$_VIRTUALENV_DIR" != "null" ]; then + __PACKAGES="${__PACKAGES} python-virtualenv" + fi # Need python-apt for managing packages via Salt __PACKAGES="${__PACKAGES} python-apt" # requests is still used by many salt modules __PACKAGES="${__PACKAGES} python-requests" - # Additionally install procps and pciutils which allows for Docker boostraps. See 366#issuecomment-39666813 + # Additionally install procps and pciutils which allows for Docker bootstraps. See 366#issuecomment-39666813 __PACKAGES="${__PACKAGES} procps pciutils" - if [ "$_INSTALL_CLOUD" -eq $BS_TRUE ]; then - check_pip_allowed "You need to allow pip based installations (-P) in order to install 'apache-libcloud'" - if [ "$(which pip)" = "" ]; then + __check_pip_allowed "You need to allow pip based installations (-P) in order to install 'apache-libcloud'" + if ! __check_command_exists pip; then __PACKAGES="${__PACKAGES} python-setuptools python-pip" fi # shellcheck disable=SC2089 @@ -1853,7 +2183,10 @@ install_ubuntu_deps() { if [ "${__PIP_PACKAGES}" != "" ]; then # shellcheck disable=SC2086,SC2090 - pip install -U ${__PIP_PACKAGES} + if [ "$_VIRTUALENV_DIR" != "null" ]; then + __activate_virtualenv + fi + pip install -U "${__PIP_PACKAGES}" fi if [ "$_UPGRADE_SYS" -eq $BS_TRUE ]; then @@ -1870,23 +2203,28 @@ install_ubuntu_deps() { } install_ubuntu_stable_deps() { - install_ubuntu_deps || return 1 + if [ "$CPU_ARCH_L" = "amd64" ] || [ "$CPU_ARCH_L" = "x86_64" ]; then + repo_arch="amd64" + elif [ "$CPU_ARCH_L" = "i386" ] || [ "$CPU_ARCH_L" = "i686" ]; then + echoerror "repo.saltstack.com likely doesn't have 32-bit packages for Ubuntu (yet?)" + repo_arch="i386" + fi - # the latest version of 2015.5 and all versions of 2015.8 and beyond are hosted on repo.saltstack.com - if [ "$(echo "$STABLE_REV" | egrep '^(2015\.5|2015\.8|latest)$')" != "" ]; then + install_ubuntu_deps || return 1 + # Versions starting with 2015.5.6 and 2015.8.1 are hosted at repo.saltstack.com + if [ "$(echo "$STABLE_REV" | egrep '^(2015\.5|2015\.8|latest|archive\/)')" != "" ]; then # Saltstack's Stable Ubuntu repository if [ "$(grep -ER 'latest .+ main' /etc/apt)" = "" ]; then - echo "deb http://repo.saltstack.com/apt/ubuntu/ubuntu$DISTRO_MAJOR_VERSION/$STABLE_REV $DISTRO_CODENAME main" >> \ - /etc/apt/sources.list.d/saltstack.list + echo "deb http://repo.saltstack.com/apt/ubuntu/$DISTRO_VERSION/$repo_arch/$STABLE_REV $DISTRO_CODENAME main" > \ + "/etc/apt/sources.list.d/saltstack.list" fi - # Make sure wget is available __apt_get_install_noinput wget # shellcheck disable=SC2086 - wget $_WGET_ARGS -q http://repo.saltstack.com/apt/ubuntu/ubuntu$DISTRO_MAJOR_VERSION/$STABLE_REV/SALTSTACK-GPG-KEY.pub -O - | apt-key add - || return 1 + wget $_WGET_ARGS -q $HTTP_VAL://repo.saltstack.com/apt/ubuntu/$DISTRO_VERSION/$repo_arch/$STABLE_REV/SALTSTACK-GPG-KEY.pub -O - | apt-key add - || return 1 else # Alternate PPAs: salt16, salt17, salt2014-1, salt2014-7 @@ -1911,6 +2249,7 @@ install_ubuntu_stable_deps() { install_ubuntu_daily_deps() { install_ubuntu_deps || return 1 + if [ "$DISTRO_MAJOR_VERSION" -ge 12 ]; then # Above Ubuntu 11.10 add-apt-repository is in a different package __apt_get_install_noinput software-properties-common || return 1 @@ -1938,31 +2277,43 @@ install_ubuntu_daily_deps() { } install_ubuntu_git_deps() { - install_ubuntu_deps || return 1 - __apt_get_install_noinput git-core python-yaml python-m2crypto python-crypto \ - msgpack-python python-zmq python-jinja2 || return 1 - + __apt_get_install_noinput git-core || return 1 __git_clone_and_checkout || return 1 __PACKAGES="" - if [ -f "${__SALT_GIT_CHECKOUT_DIR}/requirements/base.txt" ]; then - # We're on the develop branch, install whichever tornado is on the requirements file - __REQUIRED_TORNADO="$(grep tornado "${__SALT_GIT_CHECKOUT_DIR}/requirements/base.txt")" - if [ "${__REQUIRED_TORNADO}" != "" ]; then - __PACKAGES="${__PACKAGES} python-dev" - check_pip_allowed "You need to allow pip based installations (-P) in order to install the python package '${__REQUIRED_TORNADO}'" - if [ "$(which pip)" = "" ]; then - __PACKAGES="${__PACKAGES} python-setuptools python-pip" + # See how we are installing packages + if [ ${_PIP_ALL} -eq $BS_TRUE ]; then + __PACKAGES="python-dev swig libssl-dev libzmq3 libzmq3-dev" + if ! __check_command_exists pip; then + __PACKAGES="${__PACKAGES} python-setuptools python-pip" + fi + # Get just the apt packages that are required to build all the pythons + __apt_get_install_noinput "$__PACKAGES" || return 1 + # Install the pythons from requirements (only zmq for now) + __install_pip_deps "${_SALT_GIT_CHECKOUT_DIR}/requirements/zeromq.txt" || return 1 + else + install_ubuntu_deps || return 1 + __apt_get_install_noinput python-yaml python-m2crypto python-crypto \ + msgpack-python python-zmq python-jinja2 || return 1 + if [ -f "${_SALT_GIT_CHECKOUT_DIR}/requirements/base.txt" ]; then + # We're on the develop branch, install whichever tornado is on the requirements file + __REQUIRED_TORNADO="$(grep tornado "${_SALT_GIT_CHECKOUT_DIR}/requirements/base.txt")" + if [ "${__REQUIRED_TORNADO}" != "" ]; then + __PACKAGES="${__PACKAGES} python-dev" + check_pip_allowed "You need to allow pip based installations (-P) in order to install the python package '${__REQUIRED_TORNADO}'" + if ! __check_command_exists pip; then + __PACKAGES="${__PACKAGES} python-setuptools python-pip" + fi + # shellcheck disable=SC2086 + __apt_get_install_noinput $__PACKAGES || return 1 + pip install -U "${__REQUIRED_TORNADO}" fi - # shellcheck disable=SC2086 - __apt_get_install_noinput $__PACKAGES - pip install -U "${__REQUIRED_TORNADO}" fi fi # Let's trigger config_salt() if [ "$_TEMP_CONFIG_DIR" = "null" ]; then - _TEMP_CONFIG_DIR="${__SALT_GIT_CHECKOUT_DIR}/conf/" + _TEMP_CONFIG_DIR="${_SALT_GIT_CHECKOUT_DIR}/conf/" CONFIG_SALT_FUNC="config_salt" fi @@ -1991,9 +2342,13 @@ install_ubuntu_daily() { } install_ubuntu_git() { - if [ -f "${__SALT_GIT_CHECKOUT_DIR}/salt/syspaths.py" ]; then - python setup.py install --install-layout=deb --salt-config-dir="$_SALT_ETC_DIR" || \ - python setup.py --salt-config-dir="$_SALT_ETC_DIR" install --install-layout=deb || return 1 + # Activate virtualenv before install + if [ "${_VIRTUALENV_DIR}" != "null" ]; then + __activate_virtualenv || return 1 + fi + + if [ -f "${_SALT_GIT_CHECKOUT_DIR}/salt/syspaths.py" ]; then + python setup.py --salt-config-dir="$_SALT_ETC_DIR" --salt-cache-dir="${_SALT_CACHE_DIR}" install --install-layout=deb || return 1 else python setup.py install --install-layout=deb || return 1 fi @@ -2006,11 +2361,11 @@ install_ubuntu_git_post() { # Skip if not meant to be installed [ $fname = "minion" ] && [ "$_INSTALL_MINION" -eq $BS_FALSE ] && continue [ $fname = "master" ] && [ "$_INSTALL_MASTER" -eq $BS_FALSE ] && continue - [ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || [ "$(which salt-${fname} 2>/dev/null)" = "" ]) && continue + [ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || ! __check_command_exists "salt-${fname}") && continue [ $fname = "syndic" ] && [ "$_INSTALL_SYNDIC" -eq $BS_FALSE ] && continue if [ -f /bin/systemctl ] && [ "$DISTRO_MAJOR_VERSION" -ge 15 ]; then - copyfile "${__SALT_GIT_CHECKOUT_DIR}/pkg/rpm/salt-${fname}.service" "/lib/systemd/system/salt-${fname}.service" + __copyfile "${_SALT_GIT_CHECKOUT_DIR}/pkg/rpm/salt-${fname}.service" "/lib/systemd/system/salt-${fname}.service" # Skip salt-api since the service should be opt-in and not necessarily started on boot [ $fname = "api" ] && continue @@ -2025,15 +2380,19 @@ install_ubuntu_git_post() { if [ ! -f $_upstart_conf ]; then # upstart does not know about our service, let's copy the proper file echowarn "Upstart does not appear to know about salt-$fname" - echodebug "Copying ${__SALT_GIT_CHECKOUT_DIR}/pkg/salt-$fname.upstart to $_upstart_conf" - copyfile "${__SALT_GIT_CHECKOUT_DIR}/pkg/salt-${fname}.upstart" $_upstart_conf + echodebug "Copying ${_SALT_GIT_CHECKOUT_DIR}/pkg/salt-$fname.upstart to $_upstart_conf" + __copyfile "${_SALT_GIT_CHECKOUT_DIR}/pkg/salt-${fname}.upstart" "$_upstart_conf" + # Set service to know about virtualenv + if [ "${_VIRTUALENV_DIR}" != "null" ]; then + echo "SALT_USE_VIRTUALENV=${_VIRTUALENV_DIR}" > /etc/default/salt-${fname} + fi /sbin/initctl reload-configuration || return 1 fi # No upstart support in Ubuntu!? - elif [ -f "${__SALT_GIT_CHECKOUT_DIR}/debian/salt-${fname}.init" ]; then + elif [ -f "${_SALT_GIT_CHECKOUT_DIR}/debian/salt-${fname}.init" ]; then echodebug "There's NO upstart support!?" - echodebug "Copying ${__SALT_GIT_CHECKOUT_DIR}/debian/salt-${fname}.init to /etc/init.d/salt-$fname" - copyfile "${__SALT_GIT_CHECKOUT_DIR}/debian/salt-${fname}.init" "/etc/init.d/salt-$fname" + echodebug "Copying ${_SALT_GIT_CHECKOUT_DIR}/debian/salt-${fname}.init to /etc/init.d/salt-$fname" + __copyfile "${_SALT_GIT_CHECKOUT_DIR}/debian/salt-${fname}.init" "/etc/init.d/salt-$fname" chmod +x /etc/init.d/salt-$fname # Skip salt-api since the service should be opt-in and not necessarily started on boot @@ -2041,7 +2400,7 @@ install_ubuntu_git_post() { update-rc.d salt-$fname defaults else - echoerror "Neither upstart not init.d was setup for salt-$fname" + echoerror "Neither upstart nor init.d was setup for salt-$fname" fi done } @@ -2062,7 +2421,7 @@ install_ubuntu_restart_daemons() { # Skip if not meant to be installed [ $fname = "minion" ] && [ "$_INSTALL_MINION" -eq $BS_FALSE ] && continue [ $fname = "master" ] && [ "$_INSTALL_MASTER" -eq $BS_FALSE ] && continue - #[ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || [ "$(which salt-${fname} 2>/dev/null)" = "" ]) && continue + #[ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || ! __check_command_exists "salt-${fname}") && continue [ $fname = "syndic" ] && [ "$_INSTALL_SYNDIC" -eq $BS_FALSE ] && continue if [ -f /bin/systemctl ] && [ "$DISTRO_MAJOR_VERSION" -ge 15 ]; then @@ -2107,7 +2466,7 @@ install_ubuntu_check_services() { # Skip if not meant to be installed [ $fname = "minion" ] && [ "$_INSTALL_MINION" -eq $BS_FALSE ] && continue [ $fname = "master" ] && [ "$_INSTALL_MASTER" -eq $BS_FALSE ] && continue - #[ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || [ "$(which salt-${fname} 2>/dev/null)" = "" ]) && continue + #[ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || ! __check_command_exists "salt-${fname}") && continue [ $fname = "syndic" ] && [ "$_INSTALL_SYNDIC" -eq $BS_FALSE ] && continue if [ -f /bin/systemctl ] && [ "$DISTRO_MAJOR_VERSION" -ge 15 ]; then @@ -2148,8 +2507,7 @@ install_debian_deps() { if [ "$DISTRO_MAJOR_VERSION" -lt 6 ]; then # Both python-requests which is a hard dependency and apache-libcloud which is a soft dependency, under debian < 6 # need to be installed using pip - check_pip_allowed "You need to allow pip based installations (-P) in order to install the python 'requests' package" - # Additionally install procps and pciutils which allows for Docker boostraps. See 366#issuecomment-39666813 + __check_pip_allowed "You need to allow pip based installations (-P) in order to install the python 'requests' package" __PACKAGES="${__PACKAGES} python-pip" # shellcheck disable=SC2089 __PIP_PACKAGES="${__PIP_PACKAGES} 'requests>=$_PY_REQUESTS_MIN_VERSION'" @@ -2202,7 +2560,7 @@ install_debian_6_deps() { fi # shellcheck disable=SC2086 - wget $_WGET_ARGS -q http://debian.saltstack.com/debian-salt-team-joehealy.gpg.key -O - | apt-key add - || return 1 + __fetch_verify http://debian.saltstack.com/debian-salt-team-joehealy.gpg.key 267d1f152d0cc94b23eb4c6993ba3d67 3100 | apt-key add - || return 1 if [ "$_PIP_ALLOWED" -eq $BS_TRUE ]; then echowarn "PyZMQ will be installed from PyPI in order to compile it against ZMQ3" @@ -2256,14 +2614,14 @@ _eof apt-get update || return 1 # Python requests is available through Squeeze backports - # Additionally install procps and pciutils which allows for Docker boostraps. See 366#issuecomment-39666813 + # Additionally install procps and pciutils which allows for Docker bootstraps. See 366#issuecomment-39666813 __apt_get_install_noinput python-pip procps pciutils python-requests # Need python-apt for managing packages via Salt __apt_get_install_noinput python-apt if [ "$_INSTALL_CLOUD" -eq $BS_TRUE ]; then - check_pip_allowed "You need to allow pip based installations (-P) in order to install apache-libcloud/requests" + __check_pip_allowed "You need to allow pip based installations (-P) in order to install apache-libcloud/requests" pip install -U "apache-libcloud>=$_LIBCLOUD_MIN_VERSION" fi @@ -2324,11 +2682,11 @@ install_debian_7_deps() { fi # shellcheck disable=SC2086 - wget $_WGET_ARGS -q http://debian.saltstack.com/debian-salt-team-joehealy.gpg.key -O - | apt-key add - || return 1 + __fetch_verify http://debian.saltstack.com/debian-salt-team-joehealy.gpg.key 267d1f152d0cc94b23eb4c6993ba3d67 3100 | apt-key add - || return 1 apt-get update || return 1 __apt_get_install_noinput -t wheezy-backports libzmq3 libzmq3-dev python-zmq python-apt || return 1 - # Additionally install procps and pciutils which allows for Docker boostraps. See 366#issuecomment-39666813 + # Install procps and pciutils which allows for Docker bootstraps. See 366#issuecomment-39666813 __PACKAGES="procps pciutils" # Also install python-requests __PACKAGES="${__PACKAGES} python-requests" @@ -2340,7 +2698,7 @@ install_debian_7_deps() { __PACKAGES="build-essential python-dev python-pip" # shellcheck disable=SC2086 __apt_get_install_noinput ${__PACKAGES} || return 1 - check_pip_allowed "You need to allow pip based installations (-P) in order to install apache-libcloud" + __check_pip_allowed "You need to allow pip based installations (-P) in order to install apache-libcloud" pip install -U "apache-libcloud>=$_LIBCLOUD_MIN_VERSION" || return 1 fi @@ -2360,6 +2718,13 @@ install_debian_7_deps() { install_debian_8_deps() { echodebug "install_debian_8_deps" + if [ "$CPU_ARCH_L" = "amd64" ] || [ "$CPU_ARCH_L" = "x86_64" ]; then + repo_arch="amd64" + elif [ "$CPU_ARCH_L" = "i386" ] || [ "$CPU_ARCH_L" = "i686" ]; then + echoerror "repo.saltstack.com likely doesn't have 32-bit packages for Debian (yet?)" + repo_arch="i386" + fi + if [ $_START_DAEMONS -eq $BS_FALSE ]; then echowarn "Not starting daemons on Debian based distributions is not working mostly because starting them is the default behaviour." fi @@ -2379,22 +2744,24 @@ install_debian_8_deps() { apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 7638D0442B90D010 || return 1 fi - # Saltstack's Stable Debian repository - if [ "$(grep -R 'latest jessie main' /etc/apt)" = "" ]; then - echo "deb http://repo.saltstack.com/apt/debian/latest jessie main" >> \ - /etc/apt/sources.list.d/saltstack.list - fi + # Versions starting with 2015.5.6 and 2015.8.1 are hosted at repo.saltstack.com + if [ "$(echo "$STABLE_REV" | egrep '^(2015\.5|2015\.8|latest|archive\/)')" != "" ]; then + SALTSTACK_DEBIAN_URL="${HTTP_VAL}://repo.saltstack.com/apt/debian/$DISTRO_MAJOR_VERSION/$repo_arch/$STABLE_REV" + echo "deb $SALTSTACK_DEBIAN_URL jessie main" > "/etc/apt/sources.list.d/saltstack.list" - # shellcheck disable=SC2086 - wget $_WGET_ARGS -q https://repo.saltstack.com/apt/debian/latest/SALTSTACK-GPG-KEY.pub -O - | apt-key add - || return 1 + # shellcheck disable=SC2086 + wget $_WGET_ARGS -q "$SALTSTACK_DEBIAN_URL/SALTSTACK-GPG-KEY.pub" -O - | apt-key add - || return 1 + + if [ "${HTTP_VAL}" = "https" ] ; then + __apt_get_install_noinput apt-transport-https || return 1 + fi + fi apt-get update || return 1 __PACKAGES="libzmq3 libzmq3-dev python-zmq python-requests python-apt" - # Additionally install procps and pciutils which allows for Docker boostraps. See 366#issuecomment-39666813 - __PACKAGES="procps pciutils" - # Also install python-requests - __PACKAGES="${__PACKAGES} python-requests" + # Additionally install procps and pciutils which allows for Docker bootstraps. See 366#issuecomment-39666813 + __PACKAGES="${__PACKAGES} procps pciutils" if [ "$_INSTALL_CLOUD" -eq $BS_TRUE ]; then # Install python-libcloud if asked to @@ -2429,7 +2796,7 @@ install_debian_git_deps() { # Install Keys __apt_get_install_noinput debian-archive-keyring && apt-get update - if [ "$(which git)" = "" ]; then + if ! __check_command_exists git; then __apt_get_install_noinput git || return 1 fi @@ -2438,11 +2805,11 @@ install_debian_git_deps() { __git_clone_and_checkout || return 1 - if [ -f "${__SALT_GIT_CHECKOUT_DIR}/requirements/base.txt" ]; then + if [ -f "${_SALT_GIT_CHECKOUT_DIR}/requirements/base.txt" ]; then # We're on the develop branch, install whichever tornado is on the requirements file - __REQUIRED_TORNADO="$(grep tornado "${__SALT_GIT_CHECKOUT_DIR}/requirements/base.txt")" + __REQUIRED_TORNADO="$(grep tornado "${_SALT_GIT_CHECKOUT_DIR}/requirements/base.txt")" if [ "${__REQUIRED_TORNADO}" != "" ]; then - check_pip_allowed "You need to allow pip based installations (-P) in order to install the python package '${__REQUIRED_TORNADO}'" + __check_pip_allowed "You need to allow pip based installations (-P) in order to install the python package '${__REQUIRED_TORNADO}'" __apt_get_install_noinput python-dev pip install -U "${__REQUIRED_TORNADO}" || return 1 fi @@ -2450,12 +2817,12 @@ install_debian_git_deps() { # Let's trigger config_salt() if [ "$_TEMP_CONFIG_DIR" = "null" ]; then - _TEMP_CONFIG_DIR="${__SALT_GIT_CHECKOUT_DIR}/conf/" + _TEMP_CONFIG_DIR="${_SALT_GIT_CHECKOUT_DIR}/conf/" CONFIG_SALT_FUNC="config_salt" fi if [ "$_INSTALL_CLOUD" -eq $BS_TRUE ]; then - check_pip_allowed "You need to allow pip based installations (-P) in order to install apache-libcloud" + __check_pip_allowed "You need to allow pip based installations (-P) in order to install apache-libcloud" pip install -U "apache-libcloud>=$_LIBCLOUD_MIN_VERSION" fi @@ -2478,7 +2845,7 @@ install_debian_6_git_deps() { __PACKAGES="build-essential lsb-release python python-dev python-pkg-resources python-crypto" __PACKAGES="${__PACKAGES} python-m2crypto python-yaml msgpack-python python-pip python-setuptools" - if [ "$(which git)" = "" ]; then + if ! __check_command_exists git; then __PACKAGES="${__PACKAGES} git" fi @@ -2491,7 +2858,7 @@ install_debian_6_git_deps() { # Let's trigger config_salt() if [ "$_TEMP_CONFIG_DIR" = "null" ]; then - _TEMP_CONFIG_DIR="${__SALT_GIT_CHECKOUT_DIR}/conf/" + _TEMP_CONFIG_DIR="${_SALT_GIT_CHECKOUT_DIR}/conf/" CONFIG_SALT_FUNC="config_salt" fi else @@ -2516,18 +2883,22 @@ install_debian_8_git_deps() { # No user interaction, libc6 restart services for example export DEBIAN_FRONTEND=noninteractive - if [ "$(which git)" = "" ]; then + if ! __check_command_exists git; then __apt_get_install_noinput git || return 1 fi + if [ "$(dpkg-query -l 'python-zmq')" = "" ]; then + __apt_get_install_noinput libzmq3 libzmq3-dev python-zmq || return 1 + fi + __apt_get_install_noinput lsb-release python python-pkg-resources python-crypto \ python-jinja2 python-m2crypto python-yaml msgpack-python python-pip || return 1 __git_clone_and_checkout || return 1 - if [ -f "${__SALT_GIT_CHECKOUT_DIR}/requirements/base.txt" ]; then + if [ -f "${_SALT_GIT_CHECKOUT_DIR}/requirements/base.txt" ]; then # We're on the develop branch, install tornado - __REQUIRED_TORNADO="$(grep tornado "${__SALT_GIT_CHECKOUT_DIR}/requirements/base.txt")" + __REQUIRED_TORNADO="$(grep tornado "${_SALT_GIT_CHECKOUT_DIR}/requirements/base.txt")" if [ "${__REQUIRED_TORNADO}" != "" ]; then __apt_get_install_noinput python-tornado fi @@ -2535,7 +2906,7 @@ install_debian_8_git_deps() { # Let's trigger config_salt() if [ "$_TEMP_CONFIG_DIR" = "null" ]; then - _TEMP_CONFIG_DIR="${__SALT_GIT_CHECKOUT_DIR}/conf/" + _TEMP_CONFIG_DIR="${_SALT_GIT_CHECKOUT_DIR}/conf/" CONFIG_SALT_FUNC="config_salt" fi @@ -2552,7 +2923,7 @@ install_debian_8_git_deps() { return 0 } -__install_debian_stable() { +install_debian_stable() { __PACKAGES="" if [ "$_INSTALL_MINION" -eq $BS_TRUE ]; then __PACKAGES="${__PACKAGES} salt-minion" @@ -2570,24 +2941,23 @@ __install_debian_stable() { } install_debian_6_stable() { - __install_debian_stable || return 1 + install_debian_stable || return 1 return 0 } install_debian_7_stable() { - __install_debian_stable || return 1 + install_debian_stable || return 1 return 0 } install_debian_8_stable() { - __install_debian_stable || return 1 + install_debian_stable || return 1 return 0 } install_debian_git() { - if [ -f "${__SALT_GIT_CHECKOUT_DIR}/salt/syspaths.py" ]; then - python setup.py install --install-layout=deb --salt-config-dir="$_SALT_ETC_DIR" || \ - python setup.py --salt-config-dir="$_SALT_ETC_DIR" install --install-layout=deb || return 1 + if [ -f "${_SALT_GIT_CHECKOUT_DIR}/salt/syspaths.py" ]; then + python setup.py --salt-config-dir="$_SALT_ETC_DIR" --salt-cache-dir="${_SALT_CACHE_DIR}" install --install-layout=deb || return 1 else python setup.py install --install-layout=deb || return 1 fi @@ -2614,12 +2984,12 @@ install_debian_git_post() { # Skip if not meant to be installed [ $fname = "minion" ] && [ "$_INSTALL_MINION" -eq $BS_FALSE ] && continue [ $fname = "master" ] && [ "$_INSTALL_MASTER" -eq $BS_FALSE ] && continue - [ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || [ "$(which salt-${fname} 2>/dev/null)" = "" ]) && continue + [ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || ! __check_command_exists "salt-${fname}") && continue [ $fname = "syndic" ] && [ "$_INSTALL_SYNDIC" -eq $BS_FALSE ] && continue if [ -f /bin/systemctl ]; then if [ ! -f /etc/systemd/system/salt-${fname}.service ] || ([ -f /etc/systemd/system/salt-${fname}.service ] && [ $_FORCE_OVERWRITE -eq $BS_TRUE ]); then - copyfile "${__SALT_GIT_CHECKOUT_DIR}/pkg/salt-${fname}.service" /etc/systemd/system + __copyfile "${_SALT_GIT_CHECKOUT_DIR}/pkg/salt-${fname}.service" /etc/systemd/system fi # Skip salt-api since the service should be opt-in and not necessarily started on boot @@ -2629,10 +2999,10 @@ install_debian_git_post() { SYSTEMD_RELOAD=$BS_TRUE elif [ ! -f /etc/init.d/salt-$fname ] || ([ -f /etc/init.d/salt-$fname ] && [ $_FORCE_OVERWRITE -eq $BS_TRUE ]); then - if [ -f "${__SALT_GIT_CHECKOUT_DIR}/debian/salt-$fname.init" ]; then - copyfile "${__SALT_GIT_CHECKOUT_DIR}/debian/salt-$fname.init" "/etc/init.d/salt-$fname" + if [ -f "${_SALT_GIT_CHECKOUT_DIR}/debian/salt-$fname.init" ]; then + __copyfile "${_SALT_GIT_CHECKOUT_DIR}/debian/salt-$fname.init" "/etc/init.d/salt-$fname" else - __fetch_url "/etc/init.d/salt-$fname" "http://anonscm.debian.org/cgit/pkg-salt/salt.git/plain/debian/salt-${fname}.init" + __fetch_url "/etc/init.d/salt-$fname" "${HTTP_VAL}://anonscm.debian.org/cgit/pkg-salt/salt.git/plain/debian/salt-${fname}.init" fi if [ ! -f "/etc/init.d/salt-$fname" ]; then echowarn "The init script for salt-$fname was not found, skipping it..." @@ -2704,7 +3074,7 @@ install_debian_check_services() { FEDORA_PACKAGE_MANAGER="yum" __fedora_get_package_manager() { - if [ "$DISTRO_MAJOR_VERSION" -ge 22 ] || [ "$(which dnf)" != "" ]; then + if [ "$DISTRO_MAJOR_VERSION" -ge 22 ] || __check_command_exists dnf; then FEDORA_PACKAGE_MANAGER="dnf" fi } @@ -2758,7 +3128,7 @@ install_fedora_stable_post() { # Skip if not meant to be installed [ $fname = "minion" ] && [ "$_INSTALL_MINION" -eq $BS_FALSE ] && continue [ $fname = "master" ] && [ "$_INSTALL_MASTER" -eq $BS_FALSE ] && continue - [ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || [ "$(which salt-${fname} 2>/dev/null)" = "" ]) && continue + [ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || ! __check_command_exists "salt-${fname}") && continue [ $fname = "syndic" ] && [ "$_INSTALL_SYNDIC" -eq $BS_FALSE ] && continue # Skip salt-api since the service should be opt-in and not necessarily started on boot @@ -2774,7 +3144,7 @@ install_fedora_git_deps() { __fedora_get_package_manager install_fedora_deps || return 1 - if [ "$(which git)" = "" ]; then + if ! __check_command_exists git; then $FEDORA_PACKAGE_MANAGER install -y git || return 1 fi @@ -2782,17 +3152,25 @@ install_fedora_git_deps() { __git_clone_and_checkout || return 1 - if [ -f "${__SALT_GIT_CHECKOUT_DIR}/requirements/base.txt" ]; then + if [ -f "${_SALT_GIT_CHECKOUT_DIR}/requirements/base.txt" ]; then # We're on the develop branch, install whichever tornado is on the requirements file - __REQUIRED_TORNADO="$(grep tornado "${__SALT_GIT_CHECKOUT_DIR}/requirements/base.txt")" + __REQUIRED_TORNADO="$(grep tornado "${_SALT_GIT_CHECKOUT_DIR}/requirements/base.txt")" if [ "${__REQUIRED_TORNADO}" != "" ]; then - $FEDORA_PACKAGE_MANAGER install -y python-tornado + __check_pip_allowed "You need to allow pip based installations (-P) in order to install tornado" + + # Install pip and pip dependencies + if ! __check_command_exists pip; then + $FEDORA_PACKAGE_MANAGER install -y python-setuptools python-pip gcc python-devel + fi + + pip install -U tornado + fi fi # Let's trigger config_salt() if [ "$_TEMP_CONFIG_DIR" = "null" ]; then - _TEMP_CONFIG_DIR="${__SALT_GIT_CHECKOUT_DIR}/conf/" + _TEMP_CONFIG_DIR="${_SALT_GIT_CHECKOUT_DIR}/conf/" CONFIG_SALT_FUNC="config_salt" fi @@ -2800,9 +3178,8 @@ install_fedora_git_deps() { } install_fedora_git() { - if [ -f "${__SALT_GIT_CHECKOUT_DIR}/salt/syspaths.py" ]; then - python setup.py install --salt-config-dir="$_SALT_ETC_DIR" || \ - python setup.py --salt-config-dir="$_SALT_ETC_DIR" install || return 1 + if [ -f "${_SALT_GIT_CHECKOUT_DIR}/salt/syspaths.py" ]; then + python setup.py --salt-config-dir="$_SALT_ETC_DIR" --salt-cache-dir="${_SALT_CACHE_DIR}" install || return 1 else python setup.py install || return 1 fi @@ -2815,10 +3192,10 @@ install_fedora_git_post() { # Skip if not meant to be installed [ $fname = "minion" ] && [ "$_INSTALL_MINION" -eq $BS_FALSE ] && continue [ $fname = "master" ] && [ "$_INSTALL_MASTER" -eq $BS_FALSE ] && continue - [ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || [ "$(which salt-${fname} 2>/dev/null)" = "" ]) && continue + [ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || ! __check_command_exists "salt-${fname}") && continue [ $fname = "syndic" ] && [ "$_INSTALL_SYNDIC" -eq $BS_FALSE ] && continue - copyfile "${__SALT_GIT_CHECKOUT_DIR}/pkg/rpm/salt-${fname}.service" "/lib/systemd/system/salt-${fname}.service" + __copyfile "${_SALT_GIT_CHECKOUT_DIR}/pkg/rpm/salt-${fname}.service" "/lib/systemd/system/salt-${fname}.service" # Skip salt-api since the service should be opt-in and not necessarily started on boot [ $fname = "api" ] && continue @@ -2839,7 +3216,7 @@ install_fedora_restart_daemons() { # Skip if not meant to be installed [ $fname = "minion" ] && [ "$_INSTALL_MINION" -eq $BS_FALSE ] && continue [ $fname = "master" ] && [ "$_INSTALL_MASTER" -eq $BS_FALSE ] && continue - #[ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || [ "$(which salt-${fname} 2>/dev/null)" = "" ]) && continue + #[ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || ! __check_command_exists "salt-${fname}") && continue [ $fname = "syndic" ] && [ "$_INSTALL_SYNDIC" -eq $BS_FALSE ] && continue systemctl stop salt-$fname > /dev/null 2>&1 @@ -2855,7 +3232,7 @@ install_fedora_check_services() { # Skip if not meant to be installed [ $fname = "minion" ] && [ "$_INSTALL_MINION" -eq $BS_FALSE ] && continue [ $fname = "master" ] && [ "$_INSTALL_MASTER" -eq $BS_FALSE ] && continue - #[ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || [ "$(which salt-${fname} 2>/dev/null)" = "" ]) && continue + #[ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || ! __check_command_exists "salt-${fname}") && continue [ $fname = "syndic" ] && [ "$_INSTALL_SYNDIC" -eq $BS_FALSE ] && continue __check_services_systemd salt-$fname || return 1 done @@ -2871,21 +3248,21 @@ install_fedora_check_services() { # CentOS Install Functions # __install_epel_repository() { - if [ ${__EPEL_REPOS_INSTALLED} -eq $BS_TRUE ]; then + if [ ${_EPEL_REPOS_INSTALLED} -eq $BS_TRUE ]; then return 0 fi # Check if epel repo is already enabled and flag it accordingly - yum repolist | grep -i "epel" > /dev/null 2>&1 + yum repolist | grep -q "^[!]${_EPEL_REPO}/" if [ $? -eq 0 ]; then - __EPEL_REPOS_INSTALLED=${BS_TRUE} + _EPEL_REPOS_INSTALLED=$BS_TRUE return 0 fi # Check if epel-release is already installed and flag it accordingly rpm --nodigest --nosignature -q epel-release > /dev/null 2>&1 if [ $? -eq 0 ]; then - __EPEL_REPOS_INSTALLED=${BS_TRUE} + _EPEL_REPOS_INSTALLED=$BS_TRUE return 0 fi @@ -2895,18 +3272,21 @@ __install_epel_repository() { EPEL_ARCH=$CPU_ARCH_L fi if [ "$DISTRO_MAJOR_VERSION" -eq 5 ]; then - # Use dl.fedoraproject.org to avoid redirect breakage: - # https://lists.fedoraproject.org/pipermail/users/2012-February/414558.html - rpm -Uvh --force "http://dl.fedoraproject.org/pub/epel/5/${EPEL_ARCH}/epel-release-5-4.noarch.rpm" || return 1 + # Install curl which is not included in minimal CentOS 5 images + rpm -q curl > /dev/null 2>&1 || yum -y install curl + # rpm from CentOS/RHEL release 5 does not support HTTP downloads + # properly, especially 3XX code redirects + __fetch_url /tmp/epel-release.rpm "${HTTP_VAL}://download.fedoraproject.org/pub/epel/5/${EPEL_ARCH}/epel-release-5-4.noarch.rpm" || return 1 + rpm -Uvh --force /tmp/epel-release.rpm || return 1 elif [ "$DISTRO_MAJOR_VERSION" -eq 6 ]; then - rpm -Uvh --force "http://download.fedoraproject.org/pub/epel/6/${EPEL_ARCH}/epel-release-6-8.noarch.rpm" || return 1 + rpm -Uvh --force "${HTTP_VAL}://download.fedoraproject.org/pub/epel/6/${EPEL_ARCH}/epel-release-6-8.noarch.rpm" || return 1 elif [ "$DISTRO_MAJOR_VERSION" -eq 7 ]; then - rpm -Uvh --force "http://download.fedoraproject.org/pub/epel/7/${EPEL_ARCH}/e/epel-release-7-6.noarch.rpm" || return 1 + rpm -Uvh --force "${HTTP_VAL}://download.fedoraproject.org/pub/epel/7/${EPEL_ARCH}/e/epel-release-7-6.noarch.rpm" || return 1 else echoerror "Failed add EPEL repository support." return 1 fi - __EPEL_REPOS_INSTALLED=${BS_TRUE} + _EPEL_REPOS_INSTALLED=$BS_TRUE return 0 } @@ -2919,56 +3299,50 @@ __install_saltstack_copr_zeromq_repository() { __REPOTYPE="epel" fi __fetch_url /etc/yum.repos.d/saltstack-zeromq4.repo \ - "http://copr.fedoraproject.org/coprs/saltstack/zeromq4/repo/${__REPOTYPE}-${DISTRO_MAJOR_VERSION}/saltstack-zeromq4-${__REPOTYPE}-${DISTRO_MAJOR_VERSION}.repo" || return 1 + "${HTTP_VAL}://copr.fedorainfracloud.org/coprs/saltstack/zeromq4/repo/${__REPOTYPE}-${DISTRO_MAJOR_VERSION}/saltstack-zeromq4-${__REPOTYPE}-${DISTRO_MAJOR_VERSION}.repo" || return 1 fi return 0 } -__install_saltstack_copr_salt_el5_repository() { - if [ ! -s /etc/yum.repos.d/saltstack-salt-el5-epel-5.repo ]; then - __fetch_url /etc/yum.repos.d/saltstack-salt-el5-epel-5.repo \ - "http://copr.fedoraproject.org/coprs/saltstack/salt-el5/repo/epel-5/saltstack-salt-el5-epel-5.repo" || return 1 +__install_saltstack_rhel_repository() { + if [ "$ITYPE" = "stable" ]; then + repo_rev="$STABLE_REV" + else + repo_rev="latest" fi - return 0 -} -__install_saltstack_rhel5_repository() { - if [ ! -s /etc/yum.repos.d/repo-saltstack-el5.repo ]; then - cat <<_eof > /etc/yum.repos.d/repo-saltstack-el5.repo -[repo-saltstack-el5] -name=SaltStack EL5 Repo -baseurl=https://repo.saltstack.com/yum/rhel5/ -skip_if_unavailable=True -gpgcheck=1 -gpgkey=https://repo.saltstack.com/yum/rhel5/SALTSTACK-EL5-GPG-KEY.pub -enabled=1 -enabled_metadata=1 -_eof + base_url="${HTTP_VAL}://repo.saltstack.com/yum/redhat/\$releasever/\$basearch/${repo_rev}/" + fetch_url="${HTTP_VAL}://repo.saltstack.com/yum/redhat/${DISTRO_MAJOR_VERSION}/${CPU_ARCH_L}/${repo_rev}/" - __fetch_url /tmp/repo-saltstack-el5.pub "https://repo.saltstack.com/yum/rhel5/SALTSTACK-EL5-GPG-KEY.pub" || return 1 - rpm --import /tmp/repo-saltstack-el5.pub || return 1 - rm -f /tmp/repo-saltstack-el5.pub + if [ "${DISTRO_MAJOR_VERSION}" -eq 5 ]; then + gpg_key="SALTSTACK-EL5-GPG-KEY.pub" + else + gpg_key="SALTSTACK-GPG-KEY.pub" fi - return 0 -} -__install_saltstack_rhel_repository() { - if [ ! -s "/etc/yum.repos.d/repo-saltstack-el${DISTRO_MAJOR_VERSION}.repo" ]; then - cat <<_eof > "/etc/yum.repos.d/repo-saltstack-el${DISTRO_MAJOR_VERSION}.repo" -[repo-saltstack-el${DISTRO_MAJOR_VERSION}] -name=SaltStack EL${DISTRO_MAJOR_VERSION} Repo -baseurl=https://repo.saltstack.com/yum/rhel${DISTRO_MAJOR_VERSION}/ + repo_file="/etc/yum.repos.d/saltstack.repo" + if [ ! -s "$repo_file" ]; then + cat <<_eof > "$repo_file" +[saltstack] +name=SaltStack ${repo_rev} Release Channel for RHEL/CentOS \$releasever +baseurl=$base_url skip_if_unavailable=True gpgcheck=1 -gpgkey=https://repo.saltstack.com/yum/rhel${DISTRO_MAJOR_VERSION}/SALTSTACK-GPG-KEY.pub +gpgkey=${base_url}${gpg_key} enabled=1 enabled_metadata=1 _eof - __fetch_url /tmp/repo-saltstack.pub "https://repo.saltstack.com/yum/rhel${DISTRO_MAJOR_VERSION}/SALTSTACK-GPG-KEY.pub" || return 1 - rpm --import /tmp/repo-saltstack.pub || return 1 - rm -f /tmp/repo-saltstack.pub + __rpm_import_gpg "${fetch_url}${gpg_key}" || return 1 + fi + + if [ "$DISTRO_MAJOR_VERSION" -eq 7 ] && ([ "$repo_rev" = "latest" ] || [ "$repo_rev" = "2015.8" ]); then + # Import CentOS 7 GPG key on RHEL for installing base dependencies from + # Salt corporate repository + rpm -qa gpg-pubkey\* --qf "%{name}-%{version}\n" | grep -q ^gpg-pubkey-f4a80eb5$ || \ + __rpm_import_gpg "${HTTP_VAL}://repo.saltstack.com/yum/redhat/7/x86_64/${repo_rev}/base/RPM-GPG-KEY-CentOS-7" || return 1 fi + return 0 } @@ -2976,6 +3350,7 @@ __install_saltstack_copr_salt_repository() { echoinfo "Adding SaltStack's COPR repository" if [ "${DISTRO_NAME_L}" = "fedora" ]; then + [ "$DISTRO_MAJOR_VERSION" -ge 22 ] && return 0 __REPOTYPE="${DISTRO_NAME_L}" else __REPOTYPE="epel" @@ -2985,22 +3360,18 @@ __install_saltstack_copr_salt_repository() { if [ ! -s "/etc/yum.repos.d/${__REPO_FILENAME}" ]; then __fetch_url "/etc/yum.repos.d/${__REPO_FILENAME}" \ - "http://copr.fedoraproject.org/coprs/saltstack/salt/repo/${__REPOTYPE}-${DISTRO_MAJOR_VERSION}/${__REPO_FILENAME}" || return 1 + "${HTTP_VAL}://copr.fedorainfracloud.org/coprs/saltstack/salt/repo/${__REPOTYPE}-${DISTRO_MAJOR_VERSION}/${__REPO_FILENAME}" || return 1 fi return 0 } install_centos_stable_deps() { __install_epel_repository || return 1 - if [ "$DISTRO_MAJOR_VERSION" -eq 5 ]; then - __install_saltstack_rhel5_repository || return 1 - elif [ "$DISTRO_MAJOR_VERSION" -gt 5 ]; then - __install_saltstack_rhel_repository || return 1 - fi + __install_saltstack_rhel_repository || return 1 - if [ -f "${__SALT_GIT_CHECKOUT_DIR}/requirements/base.txt" ]; then + if [ -f "${_SALT_GIT_CHECKOUT_DIR}/requirements/base.txt" ]; then # We're on the develop branch, install whichever tornado is on the requirements file - __REQUIRED_TORNADO="$(grep tornado "${__SALT_GIT_CHECKOUT_DIR}/requirements/base.txt")" + __REQUIRED_TORNADO="$(grep tornado "${_SALT_GIT_CHECKOUT_DIR}/requirements/base.txt")" if [ "${__REQUIRED_TORNADO}" != "" ]; then if [ "$DISTRO_MAJOR_VERSION" -eq 5 ]; then yum install -y python26-tornado @@ -3020,13 +3391,13 @@ install_centos_stable_deps() { __PACKAGES="${__PACKAGES} python26-PyYAML python26-m2crypto m2crypto python26 python26-requests" __PACKAGES="${__PACKAGES} python26-crypto python26-msgpack python26-zmq python26-jinja2" if [ "$_INSTALL_CLOUD" -eq $BS_TRUE ]; then - check_pip_allowed "You need to allow pip based installations (-P) in order to install apache-libcloud" + __check_pip_allowed "You need to allow pip based installations (-P) in order to install apache-libcloud" __PACKAGES="${__PACKAGES} python26-setuptools" fi else __PACKAGES="${__PACKAGES} PyYAML m2crypto python-crypto python-msgpack python-zmq python-jinja2 python-requests" if [ "$_INSTALL_CLOUD" -eq $BS_TRUE ]; then - check_pip_allowed "You need to allow pip based installations (-P) in order to install apache-libcloud" + __check_pip_allowed "You need to allow pip based installations (-P) in order to install apache-libcloud" __PACKAGES="${__PACKAGES} python-pip" fi fi @@ -3043,7 +3414,7 @@ install_centos_stable_deps() { fi if [ "$_INSTALL_CLOUD" -eq $BS_TRUE ]; then - check_pip_allowed "You need to allow pip based installations (-P) in order to install apache-libcloud" + __check_pip_allowed "You need to allow pip based installations (-P) in order to install apache-libcloud" if [ "$DISTRO_MAJOR_VERSION" -eq 5 ]; then easy_install-2.6 "apache-libcloud>=$_LIBCLOUD_MIN_VERSION" else @@ -3101,7 +3472,7 @@ install_centos_stable_post() { [ $fname = "minion" ] && [ "$_INSTALL_MINION" -eq $BS_FALSE ] && continue [ $fname = "master" ] && [ "$_INSTALL_MASTER" -eq $BS_FALSE ] && continue - #[ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || [ "$(which salt-${fname} 2>/dev/null)" = "" ]) && continue + #[ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || ! __check_command_exists "salt-${fname}") && continue [ $fname = "syndic" ] && [ "$_INSTALL_SYNDIC" -eq $BS_FALSE ] && continue if [ -f /etc/init.d/salt-$fname ]; then @@ -3121,7 +3492,7 @@ install_centos_stable_post() { install_centos_git_deps() { install_centos_stable_deps || return 1 - if [ "$(which git)" = "" ]; then + if ! __check_command_exists git; then # git not installed - need to install it if [ "$DISTRO_NAME_L" = "oracle_linux" ]; then # try both ways --enablerepo=X disables ALL OTHER REPOS!!!! @@ -3141,9 +3512,9 @@ install_centos_git_deps() { __git_clone_and_checkout || return 1 - if [ -f "${__SALT_GIT_CHECKOUT_DIR}/requirements/base.txt" ]; then + if [ -f "${_SALT_GIT_CHECKOUT_DIR}/requirements/base.txt" ]; then # We're on the develop branch, install whichever tornado is on the requirements file - __REQUIRED_TORNADO="$(grep tornado "${__SALT_GIT_CHECKOUT_DIR}/requirements/base.txt")" + __REQUIRED_TORNADO="$(grep tornado "${_SALT_GIT_CHECKOUT_DIR}/requirements/base.txt")" if [ "${__REQUIRED_TORNADO}" != "" ]; then if [ "$DISTRO_MAJOR_VERSION" -eq 5 ]; then yum install -y python26-tornado @@ -3155,7 +3526,7 @@ install_centos_git_deps() { # Let's trigger config_salt() if [ "$_TEMP_CONFIG_DIR" = "null" ]; then - _TEMP_CONFIG_DIR="${__SALT_GIT_CHECKOUT_DIR}/conf/" + _TEMP_CONFIG_DIR="${_SALT_GIT_CHECKOUT_DIR}/conf/" CONFIG_SALT_FUNC="config_salt" fi @@ -3168,9 +3539,8 @@ install_centos_git() { else _PYEXE=python2 fi - if [ -f "${__SALT_GIT_CHECKOUT_DIR}/salt/syspaths.py" ]; then - $_PYEXE setup.py install --prefix=/usr --salt-config-dir="$_SALT_ETC_DIR" || \ - $_PYEXE setup.py --prefix=/usr --salt-config-dir="$_SALT_ETC_DIR" install || return 1 + if [ -f "${_SALT_GIT_CHECKOUT_DIR}/salt/syspaths.py" ]; then + $_PYEXE setup.py --salt-config-dir="$_SALT_ETC_DIR" --salt-cache-dir="${_SALT_CACHE_DIR}" install --prefix=/usr || return 1 else $_PYEXE setup.py install --prefix=/usr || return 1 fi @@ -3184,12 +3554,12 @@ install_centos_git_post() { # Skip if not meant to be installed [ $fname = "minion" ] && [ "$_INSTALL_MINION" -eq $BS_FALSE ] && continue [ $fname = "master" ] && [ "$_INSTALL_MASTER" -eq $BS_FALSE ] && continue - [ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || [ "$(which salt-${fname} 2>/dev/null)" = "" ]) && continue + [ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || ! __check_command_exists "salt-${fname}") && continue [ $fname = "syndic" ] && [ "$_INSTALL_SYNDIC" -eq $BS_FALSE ] && continue if [ -f /bin/systemctl ]; then if [ ! -f /usr/lib/systemd/system/salt-${fname}.service ] || ([ -f /usr/lib/systemd/system/salt-${fname}.service ] && [ $_FORCE_OVERWRITE -eq $BS_TRUE ]); then - copyfile "${__SALT_GIT_CHECKOUT_DIR}/pkg/rpm/salt-${fname}.service" /usr/lib/systemd/system/ + __copyfile "${_SALT_GIT_CHECKOUT_DIR}/pkg/rpm/salt-${fname}.service" /usr/lib/systemd/system/ fi # Skip salt-api since the service should be opt-in and not necessarily started on boot @@ -3199,7 +3569,7 @@ install_centos_git_post() { SYSTEMD_RELOAD=$BS_TRUE elif [ ! -f /etc/init.d/salt-$fname ] || ([ -f /etc/init.d/salt-$fname ] && [ $_FORCE_OVERWRITE -eq $BS_TRUE ]); then - copyfile "${__SALT_GIT_CHECKOUT_DIR}/pkg/rpm/salt-${fname}" /etc/init.d/ + __copyfile "${_SALT_GIT_CHECKOUT_DIR}/pkg/rpm/salt-${fname}" /etc/init.d/ chmod +x /etc/init.d/salt-${fname} # Skip salt-api since the service should be opt-in and not necessarily started on boot @@ -3208,19 +3578,6 @@ install_centos_git_post() { /sbin/chkconfig salt-${fname} on fi - #if [ -f /sbin/initctl ]; then - # # We have upstart support - # /sbin/initctl status salt-$fname > /dev/null 2>&1 - # if [ $? -eq 1 ]; then - # # upstart does not know about our service, let's copy the proper file - # copyfile ${__SALT_GIT_CHECKOUT_DIR}/pkg/salt-$fname.upstart /etc/init/salt-$fname.conf - # fi - ## Still in SysV init?! - #elif [ ! -f /etc/init.d/salt-$fname ] || ([ -f /etc/init.d/salt-$fname ] && [ $_FORCE_OVERWRITE -eq $BS_TRUE ]); then - # copyfile ${__SALT_GIT_CHECKOUT_DIR}/pkg/rpm/salt-${fname} /etc/init.d/ - # chmod +x /etc/init.d/salt-${fname} - # /sbin/chkconfig salt-${fname} on - #fi done if [ "$SYSTEMD_RELOAD" -eq $BS_TRUE ]; then @@ -3238,7 +3595,7 @@ install_centos_restart_daemons() { [ $fname = "minion" ] && [ "$_INSTALL_MINION" -eq $BS_FALSE ] && continue [ $fname = "master" ] && [ "$_INSTALL_MASTER" -eq $BS_FALSE ] && continue - #[ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || [ "$(which salt-${fname} 2>/dev/null)" = "" ]) && continue + #[ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || ! __check_command_exists "salt-${fname}") && continue [ $fname = "syndic" ] && [ "$_INSTALL_SYNDIC" -eq $BS_FALSE ] && continue if [ -f /sbin/initctl ] && [ -f /etc/init/salt-${fname}.conf ]; then @@ -3293,7 +3650,7 @@ install_centos_check_services() { # Skip if not meant to be installed [ $fname = "minion" ] && [ "$_INSTALL_MINION" -eq $BS_FALSE ] && continue [ $fname = "master" ] && [ "$_INSTALL_MASTER" -eq $BS_FALSE ] && continue - #[ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || [ "$(which salt-${fname} 2>/dev/null)" = "" ]) && continue + #[ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || ! __check_command_exists "salt-${fname}") && continue [ $fname = "syndic" ] && [ "$_INSTALL_SYNDIC" -eq $BS_FALSE ] && continue if [ -f /sbin/initctl ] && [ -f /etc/init/salt-${fname}.conf ]; then __check_services_upstart salt-$fname || return 1 @@ -3314,101 +3671,18 @@ install_centos_check_services() { # # RedHat Install Functions # -__test_rhel_optionals_packages() { - __install_epel_repository || return 1 - - # Make sure yum-utils is installed - yum list installed yum-utils > /dev/null 2>&1 || yum -y install yum-utils --enablerepo=${_EPEL_REPO} || return 1 - - if [ "$DISTRO_MAJOR_VERSION" -ge 7 ]; then - yum-config-manager --enable \*server-optional-rpms || return 1 - fi - - if [ "$DISTRO_MAJOR_VERSION" -ge 6 ]; then - #python-jinja2 is in repo server-releases-optional in EC2/RHEL6 - yum-config-manager --enable rhui-\*-server-releases-optional || return 1 +install_red_hat_linux_stable_deps() { + install_centos_stable_deps || return 1 + return 0 +} - # Let's enable package installation testing, kind of, --dry-run - echoinfo "Testing if packages usually on the optionals repository are available:" - __YUM_CONF_DIR="$(mktemp -d)" - __YUM_CONF_FILE="${__YUM_CONF_DIR}/yum.conf" - cp /etc/yum.conf "${__YUM_CONF_FILE}" - echo 'tsflags=test' >> "${__YUM_CONF_FILE}" +install_red_hat_linux_git_deps() { + install_centos_git_deps || return 1 + return 0 +} - # Let's try installing the packages that usually require the optional repository - # shellcheck disable=SC2043 - for package in python-jinja2; do - echoinfo " - ${package}" - if [ "$DISTRO_NAME_L" = "oracle_linux" ]; then - yum --config "${__YUM_CONF_FILE}" install -y ${package} >/dev/null 2>&1 || \ - yum --config "${__YUM_CONF_FILE}" install -y ${package} --enablerepo=${_EPEL_REPO} >/dev/null 2>&1 - else - yum --config "${__YUM_CONF_FILE}" install -y ${package} --enablerepo=${_EPEL_REPO} >/dev/null 2>&1 - fi - if [ $? -ne 0 ]; then - echoerror "Failed to find an installable '${package}' package. The optional repository or its subscription might be missing." - rm -rf "${__YUM_CONF_DIR}" - return 1 - fi - done - rm -rf "${__YUM_CONF_DIR}" - fi - return 0 -} - -install_red_hat_linux_stable_deps() { - if [ "${DISTRO_MAJOR_VERSION}" -ge 6 ]; then - # Wait at most 60 seconds for the repository subscriptions to register - __ATTEMPTS=6 - while [ "${__ATTEMPTS}" -gt 0 ]; do - __test_rhel_optionals_packages - if [ $? -eq 1 ]; then - __ATTEMPTS=$(( __ATTEMPTS -1 )) - if [ ${__ATTEMPTS} -lt 1 ]; then - return 1 - fi - echoinfo "Sleeping 10 seconds while waiting for the optional repository subscription to be externally configured" - sleep 10 - continue - else - break - fi - done - else - __test_rhel_optionals_packages || return 1 - fi - - install_centos_stable_deps || return 1 - return 0 -} - -install_red_hat_linux_git_deps() { - if [ "${DISTRO_MAJOR_VERSION}" -ge 6 ]; then - # Wait at most 60 seconds for the repository subscriptions to register - __ATTEMPTS=6 - while [ "${__ATTEMPTS}" -gt 0 ]; do - __test_rhel_optionals_packages - if [ $? -eq 1 ]; then - __ATTEMPTS=$(( __ATTEMPTS -1 )) - if [ ${__ATTEMPTS} -lt 1 ]; then - return 1 - fi - echoinfo "Sleeping 10 seconds while waiting for the optional repository subscription to be externally configured" - sleep 10 - continue - else - break - fi - done - else - __test_rhel_optionals_packages || return 1 - fi - install_centos_git_deps || return 1 - return 0 -} - -install_red_hat_enterprise_linux_stable_deps() { - install_red_hat_linux_stable_deps || return 1 +install_red_hat_enterprise_linux_stable_deps() { + install_red_hat_linux_stable_deps || return 1 return 0 } @@ -3591,13 +3865,11 @@ install_red_hat_enterprise_workstation_testing_post() { # Oracle Linux Install Functions # install_oracle_linux_stable_deps() { - __test_rhel_optionals_packages || return 1 install_centos_stable_deps || return 1 return 0 } install_oracle_linux_git_deps() { - __test_rhel_optionals_packages || return 1 install_centos_git_deps || return 1 return 0 } @@ -3719,6 +3991,9 @@ install_scientific_linux_check_services() { # Amazon Linux AMI Install Functions # +# FIXME: 2010.xx releases are no longer avaliable: https://aws.amazon.com/amazon-linux-ami/ +# Need to add amazon case to __check_end_of_life_versions + install_amazon_linux_ami_2010_deps() { # Linux Amazon AMI 2010.xx seems to use EPEL5 but the system is based on CentOS6. # Supporting this would be quite troublesome and we need to workaround some serious package conflicts @@ -3734,32 +4009,34 @@ install_amazon_linux_ami_2010_git_deps() { } install_amazon_linux_ami_deps() { - # According to http://aws.amazon.com/amazon-linux-ami/faqs/#epel we should + # enable the EPEL repo + /usr/bin/yum-config-manager --enable epel || return 1 - # enable the EPEL 6 repo - if [ "$CPU_ARCH_L" = "i686" ]; then - EPEL_ARCH="i386" - else - EPEL_ARCH=$CPU_ARCH_L - fi - rpm -Uvh --force "http://mirrors.kernel.org/fedora-epel/6/${EPEL_ARCH}/epel-release-6-8.noarch.rpm" || return 1 + # exclude Salt and ZeroMQ packages from EPEL + /usr/bin/yum-config-manager epel --setopt "epel.exclude=zeromq* salt* python-zmq*" --save || return 1 - __REPO_FILENAME="saltstack-salt-epel-6.repo" + __REPO_FILENAME="saltstack-repo.repo" if [ ! -s "/etc/yum.repos.d/${__REPO_FILENAME}" ]; then - echoinfo "Adding SaltStack's COPR repository" - __fetch_url /etc/yum.repos.d/${__REPO_FILENAME} \ - "http://copr.fedoraproject.org/coprs/saltstack/salt/repo/epel-6/${__REPO_FILENAME}" || return 1 + cat <<_eof > "/etc/yum.repos.d/${__REPO_FILENAME}" +[saltstack-repo] +disabled=False +name=SaltStack repo for RHEL/CentOS 6 +gpgcheck=1 +gpgkey=$HTTP_VAL://repo.saltstack.com/yum/redhat/6/\$basearch/$STABLE_REV/SALTSTACK-GPG-KEY.pub +baseurl=$HTTP_VAL://repo.saltstack.com/yum/redhat/6/\$basearch/$STABLE_REV/ +humanname=SaltStack repo for RHEL/CentOS 6 +_eof fi if [ "$_UPGRADE_SYS" -eq $BS_TRUE ]; then yum -y update || return 1 fi - __PACKAGES="PyYAML m2crypto python-crypto python-msgpack python-zmq python-ordereddict python-jinja2 python-requests" + __PACKAGES="PyYAML m2crypto python-crypto python-msgpack python-zmq python26-ordereddict python-jinja2 python-requests" if [ "$_INSTALL_CLOUD" -eq $BS_TRUE ]; then - check_pip_allowed "You need to allow pip based installations (-P) in order to install apache-libcloud" + __check_pip_allowed "You need to allow pip based installations (-P) in order to install apache-libcloud" __PACKAGES="${__PACKAGES} python-pip" fi @@ -3767,7 +4044,7 @@ install_amazon_linux_ami_deps() { yum -y install ${__PACKAGES} --enablerepo=${_EPEL_REPO}"" || return 1 if [ "$_INSTALL_CLOUD" -eq $BS_TRUE ]; then - check_pip_allowed "You need to allow pip based installations (-P) in order to install apache-libcloud" + __check_pip_allowed "You need to allow pip based installations (-P) in order to install apache-libcloud" pip-python install "apache-libcloud>=$_LIBCLOUD_MIN_VERSION" fi @@ -3781,15 +4058,15 @@ install_amazon_linux_ami_deps() { install_amazon_linux_ami_git_deps() { install_amazon_linux_ami_deps || return 1 - if [ "$(which git)" = "" ]; then + if ! __check_command_exists git; then yum -y install git --enablerepo=${_EPEL_REPO} || return 1 fi __git_clone_and_checkout || return 1 - if [ -f "${__SALT_GIT_CHECKOUT_DIR}/requirements/base.txt" ]; then + if [ -f "${_SALT_GIT_CHECKOUT_DIR}/requirements/base.txt" ]; then # We're on the develop branch, install whichever tornado is on the requirements file - __REQUIRED_TORNADO="$(grep tornado "${__SALT_GIT_CHECKOUT_DIR}/requirements/base.txt")" + __REQUIRED_TORNADO="$(grep tornado "${_SALT_GIT_CHECKOUT_DIR}/requirements/base.txt")" if [ "${__REQUIRED_TORNADO}" != "" ]; then yum install -y python-tornado fi @@ -3798,7 +4075,7 @@ install_amazon_linux_ami_git_deps() { # Let's trigger config_salt() if [ "$_TEMP_CONFIG_DIR" = "null" ]; then - _TEMP_CONFIG_DIR="${__SALT_GIT_CHECKOUT_DIR}/conf/" + _TEMP_CONFIG_DIR="${_SALT_GIT_CHECKOUT_DIR}/conf/" CONFIG_SALT_FUNC="config_salt" fi @@ -3855,7 +4132,7 @@ install_arch_linux_stable_deps() { pacman -Sy --noconfirm --needed pacman || return 1 - if [ "$(which pacman-db-upgrade)" != "" ]; then + if __check_command_exists pacman-db-upgrade; then pacman-db-upgrade || return 1 fi @@ -3878,7 +4155,7 @@ install_arch_linux_git_deps() { install_arch_linux_stable_deps # Don't fail if un-installing python2-distribute threw an error - if [ "$(which git)" = "" ]; then + if ! __check_command_exists git; then pacman -Sy --noconfirm --needed git || return 1 fi pacman -R --noconfirm python2-distribute @@ -3888,9 +4165,9 @@ install_arch_linux_git_deps() { __git_clone_and_checkout || return 1 - if [ -f "${__SALT_GIT_CHECKOUT_DIR}/requirements/base.txt" ]; then + if [ -f "${_SALT_GIT_CHECKOUT_DIR}/requirements/base.txt" ]; then # We're on the develop branch, install whichever tornado is on the requirements file - __REQUIRED_TORNADO="$(grep tornado "${__SALT_GIT_CHECKOUT_DIR}/requirements/base.txt")" + __REQUIRED_TORNADO="$(grep tornado "${_SALT_GIT_CHECKOUT_DIR}/requirements/base.txt")" if [ "${__REQUIRED_TORNADO}" != "" ]; then pacman -Sy --noconfirm --needed python2-tornado fi @@ -3899,7 +4176,7 @@ install_arch_linux_git_deps() { # Let's trigger config_salt() if [ "$_TEMP_CONFIG_DIR" = "null" ]; then - _TEMP_CONFIG_DIR="${__SALT_GIT_CHECKOUT_DIR}/conf/" + _TEMP_CONFIG_DIR="${_SALT_GIT_CHECKOUT_DIR}/conf/" CONFIG_SALT_FUNC="config_salt" fi @@ -3919,9 +4196,8 @@ install_arch_linux_stable() { } install_arch_linux_git() { - if [ -f "${__SALT_GIT_CHECKOUT_DIR}/salt/syspaths.py" ]; then - python2 setup.py install --salt-config-dir="$_SALT_ETC_DIR" || \ - python2 setup.py --salt-config-dir="$_SALT_ETC_DIR" install || return 1 + if [ -f "${_SALT_GIT_CHECKOUT_DIR}/salt/syspaths.py" ]; then + python2 setup.py --salt-config-dir="$_SALT_ETC_DIR" --salt-cache-dir="${_SALT_CACHE_DIR}" install || return 1 else python2 setup.py install || return 1 fi @@ -3934,7 +4210,7 @@ install_arch_linux_post() { # Skip if not meant to be installed [ $fname = "minion" ] && [ "$_INSTALL_MINION" -eq $BS_FALSE ] && continue [ $fname = "master" ] && [ "$_INSTALL_MASTER" -eq $BS_FALSE ] && continue - [ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || [ "$(which salt-${fname} 2>/dev/null)" = "" ]) && continue + [ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || ! __check_command_exists "salt-${fname}") && continue [ $fname = "syndic" ] && [ "$_INSTALL_SYNDIC" -eq $BS_FALSE ] && continue # Since Arch's pacman renames configuration files @@ -3942,7 +4218,7 @@ install_arch_linux_post() { # Since a configuration directory was provided, it also means that any # configuration file copied was renamed by Arch, see: # https://wiki.archlinux.org/index.php/Pacnew_and_Pacsave_Files#.pacorig - copyfile "$_SALT_ETC_DIR/$fname.pacorig" "$_SALT_ETC_DIR/$fname" $BS_TRUE + __copyfile "$_SALT_ETC_DIR/$fname.pacorig" "$_SALT_ETC_DIR/$fname" $BS_TRUE fi # Skip salt-api since the service should be opt-in and not necessarily started on boot @@ -3969,11 +4245,11 @@ install_arch_linux_git_post() { # Skip if not meant to be installed [ $fname = "minion" ] && [ "$_INSTALL_MINION" -eq $BS_FALSE ] && continue [ $fname = "master" ] && [ "$_INSTALL_MASTER" -eq $BS_FALSE ] && continue - [ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || [ "$(which salt-${fname} 2>/dev/null)" = "" ]) && continue + [ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || ! __check_command_exists "salt-${fname}") && continue [ $fname = "syndic" ] && [ "$_INSTALL_SYNDIC" -eq $BS_FALSE ] && continue if [ -f /usr/bin/systemctl ]; then - copyfile "${__SALT_GIT_CHECKOUT_DIR}/pkg/rpm/salt-${fname}.service" "/lib/systemd/system/salt-${fname}.service" + __copyfile "${_SALT_GIT_CHECKOUT_DIR}/pkg/rpm/salt-${fname}.service" "/lib/systemd/system/salt-${fname}.service" # Skip salt-api since the service should be opt-in and not necessarily started on boot [ $fname = "api" ] && continue @@ -3988,7 +4264,7 @@ install_arch_linux_git_post() { fi # SysV init!? - copyfile "${__SALT_GIT_CHECKOUT_DIR}/pkg/rpm/salt-$fname" "/etc/rc.d/init.d/salt-$fname" + __copyfile "${_SALT_GIT_CHECKOUT_DIR}/pkg/rpm/salt-$fname" "/etc/rc.d/init.d/salt-$fname" chmod +x /etc/rc.d/init.d/salt-$fname done } @@ -4003,7 +4279,7 @@ install_arch_linux_restart_daemons() { # Skip if not meant to be installed [ $fname = "minion" ] && [ "$_INSTALL_MINION" -eq $BS_FALSE ] && continue [ $fname = "master" ] && [ "$_INSTALL_MASTER" -eq $BS_FALSE ] && continue - #[ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || [ "$(which salt-${fname} 2>/dev/null)" = "" ]) && continue + #[ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || ! __check_command_exists "salt-${fname}") && continue [ $fname = "syndic" ] && [ "$_INSTALL_SYNDIC" -eq $BS_FALSE ] && continue if [ -f /usr/bin/systemctl ]; then @@ -4029,7 +4305,7 @@ install_arch_check_services() { # Skip if not meant to be installed [ $fname = "minion" ] && [ "$_INSTALL_MINION" -eq $BS_FALSE ] && continue [ $fname = "master" ] && [ "$_INSTALL_MASTER" -eq $BS_FALSE ] && continue - #[ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || [ "$(which salt-${fname} 2>/dev/null)" = "" ]) && continue + #[ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || ! __check_command_exists "salt-${fname}") && continue [ $fname = "syndic" ] && [ "$_INSTALL_SYNDIC" -eq $BS_FALSE ] && continue __check_services_systemd salt-$fname || return 1 done @@ -4044,6 +4320,11 @@ install_arch_check_services() { # # FreeBSD Install Functions # +config_freebsd_salt() { + _SALT_ETC_DIR=${BS_SALT_ETC_DIR:-/usr/local/etc/salt} + config_salt +} + __freebsd_get_packagesite() { if [ "$CPU_ARCH_L" = "amd64" ]; then BSD_ARCH="x86:64" @@ -4078,15 +4359,20 @@ __configure_freebsd_pkg_details() { mkdir -p /etc/pkg/ ## Use new JSON-like format for pkg repo configs - conf_file=/usr/local/etc/pkg/repos/freebsd.conf - { - echo "FreeBSD:{" - echo " url: \"${PKGCONFURL}\"," - echo " mirror_type: \"SRV\"," - echo " enabled: true" - echo "}" - } > $conf_file - copyfile $conf_file /etc/pkg/FreeBSD.conf + ## check if /etc/pkg/FreeBSD.conf is already in place + if [ ! -f /etc/pkg/FreeBSD.conf ]; then + conf_file=/usr/local/etc/pkg/repos/freebsd.conf + { + echo "FreeBSD:{" + echo " url: \"${PKGCONFURL}\"," + echo " mirror_type: \"srv\"," + echo " signature_type: \"fingerprints\"," + echo " fingerprints: \"/usr/share/keys/pkg\"," + echo " enabled: true" + echo "}" + } > $conf_file + __copyfile $conf_file /etc/pkg/FreeBSD.conf + fi FROM_FREEBSD="-r FreeBSD" ## add saltstack freebsd repo @@ -4146,21 +4432,10 @@ install_freebsd_11_stable_deps() { install_freebsd_9_stable_deps } -config_freebsd_salt() { - # Set _SALT_ETC_DIR to ports default - _SALT_ETC_DIR=${BS_SALT_ETC_DIR:-/usr/local/etc/salt} - # We also need to redefine the PKI directory - _PKI_DIR=${_SALT_ETC_DIR}/pki - - config_salt || return 1 - - return 0 -} - install_freebsd_git_deps() { install_freebsd_9_stable_deps || return 1 - if [ "$(which git)" = "" ]; then + if ! __check_command_exists git; then /usr/local/sbin/pkg install -y git || return 1 fi @@ -4168,9 +4443,9 @@ install_freebsd_git_deps() { __git_clone_and_checkout || return 1 - if [ -f "${__SALT_GIT_CHECKOUT_DIR}/requirements/base.txt" ]; then + if [ -f "${_SALT_GIT_CHECKOUT_DIR}/requirements/base.txt" ]; then # We're on the develop branch, install whichever tornado is on the requirements file - __REQUIRED_TORNADO="$(grep tornado "${__SALT_GIT_CHECKOUT_DIR}/requirements/base.txt")" + __REQUIRED_TORNADO="$(grep tornado "${_SALT_GIT_CHECKOUT_DIR}/requirements/base.txt")" if [ "${__REQUIRED_TORNADO}" != "" ]; then /usr/local/sbin/pkg install -y www/py-tornado || return 1 fi @@ -4206,8 +4481,13 @@ install_freebsd_git_deps() { # Let's trigger config_salt() if [ "$_TEMP_CONFIG_DIR" = "null" ]; then - _TEMP_CONFIG_DIR="${__SALT_GIT_CHECKOUT_DIR}/conf/" - CONFIG_SALT_FUNC="config_freebsd_salt" + _TEMP_CONFIG_DIR="${_SALT_GIT_CHECKOUT_DIR}/conf/" + CONFIG_SALT_FUNC="config_salt" + + # Set _SALT_ETC_DIR to ports default + _SALT_ETC_DIR=${BS_SALT_ETC_DIR:-/usr/local/etc/salt} + # We also need to redefine the PKI directory + _PKI_DIR=${_SALT_ETC_DIR}/pki fi return 0 @@ -4224,7 +4504,20 @@ install_freebsd_10_stable() { } install_freebsd_11_stable() { - install_freebsd_9_stable +# +# installing latest version of salt from FreeBSD CURRENT ports repo +# + # shellcheck disable=SC2086 + /usr/local/sbin/pkg install ${FROM_FREEBSD} -y sysutils/py-salt || return 1 + +# +# setting _SALT_ETC_DIR to match paths from FreeBSD ports: +# + _SALT_ETC_DIR=${BS_SALT_ETC_DIR:-/usr/local/etc/salt} + if [ ! -d /etc/salt ]; then + ln -sf "${_SALT_ETC_DIR}" /etc/salt + fi + return 0 } install_freebsd_git() { @@ -4243,21 +4536,10 @@ install_freebsd_git() { # We still can't provide the system paths, salt 0.16.x /usr/local/bin/python2 setup.py install || return 1 else - /usr/local/bin/python2 setup.py install \ - --salt-root-dir=/usr/local \ - --salt-config-dir="${_SALT_ETC_DIR}" \ - --salt-cache-dir=/var/cache/salt \ - --salt-sock-dir=/var/run/salt \ - --salt-srv-root-dir=/srv \ - --salt-base-file-roots-dir="${_SALT_ETC_DIR}/states" \ - --salt-base-pillar-roots-dir="${_SALT_ETC_DIR}/pillar" \ - --salt-base-master-roots-dir="${_SALT_ETC_DIR}/salt-master" \ - --salt-logs-dir=/var/log/salt \ - --salt-pidfile-dir=/var/run \ - || /usr/local/bin/python2 setup.py \ + /usr/local/bin/python2 setup.py \ --salt-root-dir=/usr/local \ --salt-config-dir="${_SALT_ETC_DIR}" \ - --salt-cache-dir=/var/cache/salt \ + --salt-cache-dir="${_SALT_CACHE_DIR}" \ --salt-sock-dir=/var/run/salt \ --salt-srv-root-dir=/srv \ --salt-base-file-roots-dir="${_SALT_ETC_DIR}/states" \ @@ -4287,15 +4569,13 @@ install_freebsd_9_stable_post() { # Skip if not meant to be installed [ $fname = "minion" ] && [ "$_INSTALL_MINION" -eq $BS_FALSE ] && continue [ $fname = "master" ] && [ "$_INSTALL_MASTER" -eq $BS_FALSE ] && continue - [ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || [ "$(which salt-${fname} 2>/dev/null)" = "" ]) && continue + [ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || ! __check_command_exists "salt-${fname}") && continue [ $fname = "syndic" ] && [ "$_INSTALL_SYNDIC" -eq $BS_FALSE ] && continue enable_string="salt_${fname}_enable=\"YES\"" grep "$enable_string" /etc/rc.conf >/dev/null 2>&1 [ $? -eq 1 ] && echo "$enable_string" >> /etc/rc.conf - [ -f "${_SALT_ETC_DIR}/${fname}.sample" ] && copyfile "${_SALT_ETC_DIR}/${fname}.sample" "${_SALT_ETC_DIR}/${fname}" - if [ $fname = "minion" ] ; then grep "salt_minion_paths" /etc/rc.conf >/dev/null 2>&1 [ $? -eq 1 ] && echo "salt_minion_paths=\"/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin\"" >> /etc/rc.conf @@ -4327,7 +4607,7 @@ install_freebsd_restart_daemons() { # Skip if not meant to be installed [ $fname = "minion" ] && [ "$_INSTALL_MINION" -eq $BS_FALSE ] && continue [ $fname = "master" ] && [ "$_INSTALL_MASTER" -eq $BS_FALSE ] && continue - #[ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || [ "$(which salt-${fname} 2>/dev/null)" = "" ]) && continue + #[ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || ! __check_command_exists "salt-${fname}") && continue [ $fname = "syndic" ] && [ "$_INSTALL_SYNDIC" -eq $BS_FALSE ] && continue service salt_$fname stop > /dev/null 2>&1 @@ -4339,6 +4619,207 @@ install_freebsd_restart_daemons() { # ####################################################################################################################### +####################################################################################################################### +# +# OpenBSD Install Functions +# + +__choose_openbsd_mirror() { + # FIXME: cleartext download over unsecure protocol (HTTP) + MIRRORS_LIST_URL=http://www.openbsd.org/ftp.html + MIRROR_LIST_FILE=/tmp/openbsd-mirrors.html + OPENBSD_REPO='' + MINTIME='' + + __fetch_url "$MIRROR_LIST_FILE" "$MIRRORS_LIST_URL" || return 1 + MIRRORS_LIST=$(grep href "$MIRROR_LIST_FILE" | grep http | grep pub | awk -F \" '{ print $2 }') + [ -n "$MIRRORS_LIST" ] && rm -f "$MIRROR_LIST_FILE" + + echoinfo "Getting list of mirrors from $MIRRORS_LIST_URL" + for MIRROR in $MIRRORS_LIST; do + MIRROR_HOST=$(echo "$MIRROR" | awk -F / '{ print $3 }') + TIME=$(ping -c 1 -q "$MIRROR_HOST" | grep round-trip | awk -F / '{ print $5 }') + [ -z "$TIME" ] && continue + + echodebug "ping time for $MIRROR is $TIME" + [ -z "$MINTIME" ] && MINTIME=$TIME + + FASTER_MIRROR=$(echo "$TIME < $MINTIME" | bc) + if [ "$FASTER_MIRROR" -eq 1 ]; then + MINTIME=$TIME + OPENBSD_REPO=$MIRROR + else + continue + fi + done +} + + +install_openbsd_deps() { + __choose_openbsd_mirror || return 1 + [ -n "$OPENBSD_REPO" ] || return 1 + echoinfo "setting package repository to $OPENBSD_REPO with ping time of $MINTIME" + echo "installpath = ${OPENBSD_REPO}${OS_VERSION}/packages/${CPU_ARCH_L}/" >/etc/pkg.conf || return 1 + pkg_add -I -v lsof || return 1 + pkg_add -I -v py-pip || return 1 + __linkfile /usr/local/bin/pip2.* /usr/local/bin/pip $BS_TRUE || return 1 + __linkfile /usr/local/bin/pydoc2* /usr/local/bin/pydoc $BS_TRUE || return 1 + __linkfile /usr/local/bin/python2.[0-9] /usr/local/bin/python $BS_TRUE || return 1 + __linkfile /usr/local/bin/python2.[0-9]*to3 /usr/local/bin/2to3 $BS_TRUE || return 1 + __linkfile /usr/local/bin/python2.[0-9]*-config /usr/local/bin/python-config $BS_TRUE || return 1 + pkg_add -I -v swig || return 1 + pkg_add -I -v py-zmq || return 1 + pkg_add -I -v py-requests || return 1 + pkg_add -I -v py-M2Crypto || return 1 + pkg_add -I -v py-raet || return 1 + pkg_add -I -v py-libnacl || return 1 + if [ "$_UPGRADE_SYS" -eq $BS_TRUE ]; then + /usr/local/bin/pip install --upgrade pip || return 1 + fi + # + # PIP based installs need to copy configuration files "by hand". + # Let's trigger config_salt() + # + if [ "$_TEMP_CONFIG_DIR" = "null" ]; then + # Let's set the configuration directory to /tmp + _TEMP_CONFIG_DIR="/tmp" + CONFIG_SALT_FUNC="config_salt" + + for fname in minion master syndic api; do + # Skip if not meant to be installed + [ $fname = "minion" ] && [ "$_INSTALL_MINION" -eq $BS_FALSE ] && continue + [ $fname = "master" ] && [ "$_INSTALL_MASTER" -eq $BS_FALSE ] && continue + [ $fname = "api" ] && \ + ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || __check_command_exists "salt-${fname}") && \ + continue + [ $fname = "syndic" ] && [ "$_INSTALL_SYNDIC" -eq $BS_FALSE ] && continue + + # Let's download, since they were not provided, the default configuration files + if [ ! -f "$_SALT_ETC_DIR/$fname" ] && [ ! -f "$_TEMP_CONFIG_DIR/$fname" ]; then + ftp -o "$_TEMP_CONFIG_DIR/$fname" \ + "https://raw.githubusercontent.com/saltstack/salt/develop/conf/$fname" || return 1 + fi + done + fi + if [ "${_EXTRA_PACKAGES}" != "" ]; then + echoinfo "Installing the following extra packages as requested: ${_EXTRA_PACKAGES}" + # shellcheck disable=SC2086 + pkg_add -I -v ${_EXTRA_PACKAGES} || return 1 + fi + return 0 +} + +install_openbsd_git_deps() { + install_openbsd_deps || return 1 + pkg_add -I -v git || return 1 + __git_clone_and_checkout || return 1 + # + # Let's trigger config_salt() + # + if [ "$_TEMP_CONFIG_DIR" = "null" ]; then + _TEMP_CONFIG_DIR="${_SALT_GIT_CHECKOUT_DIR}/conf/" + CONFIG_SALT_FUNC="config_salt" + fi + return 0 +} + +install_openbsd_stable() { + +# pkg_add -r -I -v salt || return 1 + __check_pip_allowed || return 1 + /usr/local/bin/pip install salt || return 1 + if [ "$_UPGRADE_SYS" -eq $BS_TRUE ]; then + /usr/local/bin/pip install --upgrade salt || return 1 + fi + return 0 +} + +install_openbsd_git() { + # + # Install from git + # + if [ ! -f salt/syspaths.py ]; then + # We still can't provide the system paths, salt 0.16.x + /usr/local/bin/python2.7 setup.py install || return 1 + fi + return 0 +} + + +install_openbsd_post() { + # + # Install rc.d files. + # + ## below workaround for /etc/rc.d/rc.subr in OpenBSD >= 5.8 + ## is needed for salt services to start/stop properly from /etc/rc.d + ## reference: http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/etc/rc.d/rc.subr.diff?r1=1.98&r2=1.99 + ## + if grep -q '\-xf' /etc/rc.d/rc.subr; then + cp -p /etc/rc.d/rc.subr /etc/rc.d/rc.subr + sed -i."$(date +%F)".saltinstall -e 's:-xf:-f:g' /etc/rc.d/rc.subr + fi + _TEMP_CONFIG_DIR="/tmp" + for fname in minion master syndic api; do + # Skip if not meant to be installed + [ $fname = "minion" ] && [ "$_INSTALL_MINION" -eq $BS_FALSE ] && continue + [ $fname = "master" ] && [ "$_INSTALL_MASTER" -eq $BS_FALSE ] && continue + [ $fname = "api" ] || ! __check_command_exists "salt-${fname}" && continue + [ $fname = "syndic" ] && continue + + if [ $? -eq 1 ]; then + if [ ! -f "$_TEMP_CONFIG_DIR/salt-$fname" ]; then + ftp -o "$_TEMP_CONFIG_DIR/salt-$fname" \ + "https://raw.githubusercontent.com/saltstack/salt/develop/pkg/openbsd/salt-${fname}.rc-d" + if [ ! -f "/etc/rc.d/salt_${fname}" ] && [ "$(grep salt_${fname} /etc/rc.conf.local)" -eq "" ]; then + __copyfile "$_TEMP_CONFIG_DIR/salt-$fname" "/etc/rc.d/salt_${fname}" && chmod +x "/etc/rc.d/salt_${fname}" || return 1 + echo salt_${fname}_enable="YES" >> /etc/rc.conf.local + echo salt_${fname}_paths=\"/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin\" >>/etc/rc.conf.local + fi + fi + fi + done +} + +install_openbsd_check_services() { + for fname in minion master syndic api; do + # Skip salt-api since the service should be opt-in and not necessarily started on boot + [ $fname = "api" ] && continue + + # Skip if not meant to be installed + [ $fname = "minion" ] && [ "$_INSTALL_MINION" -eq $BS_FALSE ] && continue + [ $fname = "master" ] && [ "$_INSTALL_MASTER" -eq $BS_FALSE ] && continue + [ $fname = "api" ] && continue + [ $fname = "syndic" ] && continue + if [ -f /etc/rc.d/salt_${fname} ]; then + __check_services_openbsd salt_${fname} || return 1 + fi + done + return 0 +} + + +install_openbsd_restart_daemons() { + [ $_START_DAEMONS -eq $BS_FALSE ] && return + for fname in minion master syndic api; do + # Skip salt-api since the service should be opt-in and not necessarily started on boot + [ $fname = "api" ] && continue + # Skip if not meant to be installed + [ $fname = "minion" ] && [ "$_INSTALL_MINION" -eq $BS_FALSE ] && continue + [ $fname = "master" ] && [ "$_INSTALL_MASTER" -eq $BS_FALSE ] && continue + [ $fname = "syndic" ] && [ "$_INSTALL_SYNDIC" -eq $BS_FALSE ] && continue + if [ -f "/etc/rc.d/salt_${fname}" ]; then + /etc/rc.d/salt_${fname} stop > /dev/null 2>&1 + /etc/rc.d/salt_${fname} start + fi + done +} + + +# +# Ended OpenBSD Install Functions +# +####################################################################################################################### + ####################################################################################################################### # # SmartOS Install Functions @@ -4386,17 +4867,16 @@ install_smartos_deps() { install_smartos_git_deps() { install_smartos_deps || return 1 - which git > /dev/null 2>&1 - if [ $? -eq 1 ]; then + if ! __check_command_exists git; then pkgin -y install git || return 1 fi - if [ -f "${__SALT_GIT_CHECKOUT_DIR}/requirements/base.txt" ]; then + if [ -f "${_SALT_GIT_CHECKOUT_DIR}/requirements/base.txt" ]; then # We're on the develop branch, install whichever tornado is on the requirements file - __REQUIRED_TORNADO="$(grep tornado "${__SALT_GIT_CHECKOUT_DIR}/requirements/base.txt")" - check_pip_allowed "You need to allow pip based installations (-P) in order to install the python package '${__REQUIRED_TORNADO}'" + __REQUIRED_TORNADO="$(grep tornado "${_SALT_GIT_CHECKOUT_DIR}/requirements/base.txt")" + __check_pip_allowed "You need to allow pip based installations (-P) in order to install the python package '${__REQUIRED_TORNADO}'" if [ "${__REQUIRED_TORNADO}" != "" ]; then - if [ "$(which pip)" = "" ]; then + if ! __check_command_exists pip; then pkgin -y install py27-pip fi pip install -U "${__REQUIRED_TORNADO}" @@ -4406,7 +4886,7 @@ install_smartos_git_deps() { __git_clone_and_checkout || return 1 # Let's trigger config_salt() if [ "$_TEMP_CONFIG_DIR" = "null" ]; then - _TEMP_CONFIG_DIR="${__SALT_GIT_CHECKOUT_DIR}/conf/" + _TEMP_CONFIG_DIR="${_SALT_GIT_CHECKOUT_DIR}/conf/" CONFIG_SALT_FUNC="config_salt" fi @@ -4421,8 +4901,7 @@ install_smartos_stable() { install_smartos_git() { # Use setuptools in order to also install dependencies # lets force our config path on the setup for now, since salt/syspaths.py only got fixed in 2015.5.0 - USE_SETUPTOOLS=1 /opt/local/bin/python setup.py install --salt-config-dir="$_SALT_ETC_DIR" || \ - USE_SETUPTOOLS=1 /opt/local/bin/python setup.py --salt-config-dir="$_SALT_ETC_DIR" install || return 1 + USE_SETUPTOOLS=1 /opt/local/bin/python setup.py --salt-config-dir="$_SALT_ETC_DIR" --salt-cache-dir="${_SALT_CACHE_DIR}" install || return 1 return 0 } @@ -4434,7 +4913,7 @@ install_smartos_post() { # Skip if not meant to be installed [ $fname = "minion" ] && [ "$_INSTALL_MINION" -eq $BS_FALSE ] && continue [ $fname = "master" ] && [ "$_INSTALL_MASTER" -eq $BS_FALSE ] && continue - [ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || [ "$(which salt-${fname} 2>/dev/null)" = "" ]) && continue + [ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || ! __check_command_exists "salt-${fname}") && continue [ $fname = "syndic" ] && [ "$_INSTALL_SYNDIC" -eq $BS_FALSE ] && continue svcs network/salt-$fname > /dev/null 2>&1 @@ -4450,7 +4929,7 @@ install_smartos_post() { mkdir -p "$smf_dir" || return 1 fi if [ ! -f "$smf_dir/salt-$fname.xml" ]; then - copyfile "$_TEMP_CONFIG_DIR/salt-$fname.xml" "$smf_dir/" || return 1 + __copyfile "$_TEMP_CONFIG_DIR/salt-$fname.xml" "$smf_dir/" || return 1 fi fi fi @@ -4465,18 +4944,18 @@ install_smartos_git_post() { # Skip if not meant to be installed [ $fname = "minion" ] && [ "$_INSTALL_MINION" -eq $BS_FALSE ] && continue [ $fname = "master" ] && [ "$_INSTALL_MASTER" -eq $BS_FALSE ] && continue - [ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || [ "$(which salt-${fname} 2>/dev/null)" = "" ]) && continue + [ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || ! __check_command_exists "salt-${fname}") && continue [ $fname = "syndic" ] && [ "$_INSTALL_SYNDIC" -eq $BS_FALSE ] && continue svcs "network/salt-$fname" > /dev/null 2>&1 if [ $? -eq 1 ]; then - svccfg import "${__SALT_GIT_CHECKOUT_DIR}/pkg/smartos/salt-$fname.xml" + svccfg import "${_SALT_GIT_CHECKOUT_DIR}/pkg/smartos/salt-$fname.xml" if [ "${VIRTUAL_TYPE}" = "global" ]; then if [ ! -d $smf_dir ]; then mkdir -p "$smf_dir" fi if [ ! -f "$smf_dir/salt-$fname.xml" ]; then - copyfile "${__SALT_GIT_CHECKOUT_DIR}/pkg/smartos/salt-$fname.xml" "$smf_dir/" + __copyfile "${_SALT_GIT_CHECKOUT_DIR}/pkg/smartos/salt-$fname.xml" "$smf_dir/" fi fi fi @@ -4493,7 +4972,7 @@ install_smartos_restart_daemons() { # Skip if not meant to be installed [ $fname = "minion" ] && [ "$_INSTALL_MINION" -eq $BS_FALSE ] && continue [ $fname = "master" ] && [ "$_INSTALL_MASTER" -eq $BS_FALSE ] && continue - #[ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || [ "$(which salt-${fname} 2>/dev/null)" = "" ]) && continue + #[ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || ! __check_command_exists "salt-${fname}") && continue [ $fname = "syndic" ] && [ "$_INSTALL_SYNDIC" -eq $BS_FALSE ] && continue # Stop if running && Start service @@ -4513,7 +4992,7 @@ install_smartos_restart_daemons() { __ZYPPER_REQUIRES_REPLACE_FILES=-1 __version_lte() { - if [ "$(which python)" = "" ]; then + if ! __check_command_exists python; then zypper zypper --non-interactive install --replacefiles --auto-agree-with-licenses python || \ zypper zypper --non-interactive install --auto-agree-with-licenses python || return 1 fi @@ -4544,14 +5023,20 @@ __zypper_install() { } install_opensuse_stable_deps() { - DISTRO_REPO="openSUSE_${DISTRO_MAJOR_VERSION}.${DISTRO_MINOR_VERSION}" + if [ "${DISTRO_MAJOR_VERSION}" -gt 2015 ]; then + DISTRO_REPO="openSUSE_Tumbleweed" + elif [ "${DISTRO_MAJOR_VERSION}" -ge 42 ]; then + DISTRO_REPO="openSUSE_Leap_${DISTRO_MAJOR_VERSION}.${DISTRO_MINOR_VERSION}" + elif [ "${DISTRO_MAJOR_VERSION}" -lt 42 ]; then + DISTRO_REPO="openSUSE_${DISTRO_MAJOR_VERSION}.${DISTRO_MINOR_VERSION}" + fi # Is the repository already known - __zypper repos | grep devel_languages_python >/dev/null 2>&1 + __set_suse_pkg_repo + __zypper repos --details | grep "${SUSE_PKG_URL}" >/dev/null 2>&1 if [ $? -eq 1 ]; then - # zypper does not yet know nothing about devel_languages_python - __zypper addrepo --refresh \ - "http://download.opensuse.org/repositories/devel:/languages:/python/${DISTRO_REPO}/devel:languages:python.repo" || return 1 + # zypper does not yet know nothing about systemsmanagement_saltstack + __zypper addrepo --refresh "${SUSE_PKG_URL}" || return 1 fi __zypper --gpg-auto-import-keys refresh @@ -4572,9 +5057,17 @@ install_opensuse_stable_deps() { # Salt needs python-zypp installed in order to use the zypper module __PACKAGES="python-zypp" - __PACKAGES="${__PACKAGES} libzmq3 python python-Jinja2 python-M2Crypto python-PyYAML python-requests" + __PACKAGES="${__PACKAGES} python python-Jinja2 python-M2Crypto python-PyYAML python-requests" __PACKAGES="${__PACKAGES} python-msgpack-python python-pycrypto python-pyzmq python-xml" + if [ "$DISTRO_MAJOR_VERSION" -lt 13 ]; then + __PACKAGES="${__PACKAGES} libzmq3" + elif [ "$DISTRO_MAJOR_VERSION" -eq 13 ]; then + __PACKAGES="${__PACKAGES} libzmq4" + elif [ "$DISTRO_MAJOR_VERSION" -gt 13 ]; then + __PACKAGES="${__PACKAGES} libzmq5" + fi + if [ "$_INSTALL_CLOUD" -eq $BS_TRUE ]; then __PACKAGES="${__PACKAGES} python-apache-libcloud" fi @@ -4582,6 +5075,9 @@ install_opensuse_stable_deps() { # shellcheck disable=SC2086 __zypper_install ${__PACKAGES} || return 1 + # Fix for OpenSUSE 13.2 and 2015.8 - gcc should not be required. Work around until package is fixed by SuSE + _EXTRA_PACKAGES="${_EXTRA_PACKAGES} gcc python-devel libgit2-devel" + if [ "${_EXTRA_PACKAGES}" != "" ]; then echoinfo "Installing the following extra packages as requested: ${_EXTRA_PACKAGES}" # shellcheck disable=SC2086 @@ -4594,7 +5090,7 @@ install_opensuse_stable_deps() { install_opensuse_git_deps() { install_opensuse_stable_deps || return 1 - if [ "$(which git)" = "" ]; then + if ! __check_command_exists git; then __zypper_install git || return 1 fi @@ -4602,15 +5098,16 @@ install_opensuse_git_deps() { __git_clone_and_checkout || return 1 - if [ -f "${__SALT_GIT_CHECKOUT_DIR}/pkg/suse/use-forking-daemon.patch" ]; then - cd "${__SALT_GIT_CHECKOUT_DIR}" + if [ -f "${_SALT_GIT_CHECKOUT_DIR}/pkg/suse/use-forking-daemon.patch" ]; then + # shellcheck disable=SC2164 + cd "${_SALT_GIT_CHECKOUT_DIR}" echowarn "Applying patch to systemd service unit file" patch -p1 < pkg/suse/use-forking-daemon.patch || return 1 fi - if [ -f "${__SALT_GIT_CHECKOUT_DIR}/requirements/base.txt" ]; then + if [ -f "${_SALT_GIT_CHECKOUT_DIR}/requirements/base.txt" ]; then # We're on the develop branch, install whichever tornado is on the requirements file - __REQUIRED_TORNADO="$(grep tornado "${__SALT_GIT_CHECKOUT_DIR}/requirements/base.txt")" + __REQUIRED_TORNADO="$(grep tornado "${_SALT_GIT_CHECKOUT_DIR}/requirements/base.txt")" if [ "${__REQUIRED_TORNADO}" != "" ]; then __zypper_install python-tornado fi @@ -4619,7 +5116,7 @@ install_opensuse_git_deps() { # Let's trigger config_salt() if [ "$_TEMP_CONFIG_DIR" = "null" ]; then - _TEMP_CONFIG_DIR="${__SALT_GIT_CHECKOUT_DIR}/conf/" + _TEMP_CONFIG_DIR="${_SALT_GIT_CHECKOUT_DIR}/conf/" CONFIG_SALT_FUNC="config_salt" fi @@ -4655,7 +5152,7 @@ install_opensuse_stable_post() { # Skip if not meant to be installed [ $fname = "minion" ] && [ "$_INSTALL_MINION" -eq $BS_FALSE ] && continue [ $fname = "master" ] && [ "$_INSTALL_MASTER" -eq $BS_FALSE ] && continue - #[ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || [ "$(which salt-${fname} 2>/dev/null)" = "" ]) && continue + #[ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || ! __check_command_exists "salt-${fname}") && continue [ $fname = "syndic" ] && [ "$_INSTALL_SYNDIC" -eq $BS_FALSE ] && continue if [ -f /bin/systemctl ]; then @@ -4677,19 +5174,19 @@ install_opensuse_git_post() { # Skip if not meant to be installed [ $fname = "minion" ] && [ "$_INSTALL_MINION" -eq $BS_FALSE ] && continue [ $fname = "master" ] && [ "$_INSTALL_MASTER" -eq $BS_FALSE ] && continue - [ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || [ "$(which salt-${fname} 2>/dev/null)" = "" ]) && continue + [ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || ! __check_command_exists "salt-${fname}") && continue [ $fname = "syndic" ] && [ "$_INSTALL_SYNDIC" -eq $BS_FALSE ] && continue if [ -f /bin/systemctl ]; then if [ "${DISTRO_MAJOR_VERSION}" -gt 13 ] || ([ "${DISTRO_MAJOR_VERSION}" -eq 13 ] && [ "${DISTRO_MINOR_VERSION}" -ge 2 ]); then - copyfile "${__SALT_GIT_CHECKOUT_DIR}/pkg/salt-${fname}.service" "/usr/lib/systemd/system/salt-${fname}.service" + __copyfile "${_SALT_GIT_CHECKOUT_DIR}/pkg/salt-${fname}.service" "/usr/lib/systemd/system/salt-${fname}.service" else - copyfile "${__SALT_GIT_CHECKOUT_DIR}/pkg/salt-${fname}.service" "/lib/systemd/system/salt-${fname}.service" + __copyfile "${_SALT_GIT_CHECKOUT_DIR}/pkg/salt-${fname}.service" "/lib/systemd/system/salt-${fname}.service" fi continue fi - copyfile "${__SALT_GIT_CHECKOUT_DIR}/pkg/rpm/salt-$fname" "/etc/init.d/salt-$fname" + __copyfile "${_SALT_GIT_CHECKOUT_DIR}/pkg/rpm/salt-$fname" "/etc/init.d/salt-$fname" chmod +x /etc/init.d/salt-$fname done @@ -4707,7 +5204,7 @@ install_opensuse_restart_daemons() { # Skip if not meant to be installed [ $fname = "minion" ] && [ "$_INSTALL_MINION" -eq $BS_FALSE ] && continue [ $fname = "master" ] && [ "$_INSTALL_MASTER" -eq $BS_FALSE ] && continue - #[ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || [ "$(which salt-${fname} 2>/dev/null)" = "" ]) && continue + #[ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || ! __check_command_exists "salt-${fname}") && continue [ $fname = "syndic" ] && [ "$_INSTALL_SYNDIC" -eq $BS_FALSE ] && continue if [ -f /bin/systemctl ]; then @@ -4735,7 +5232,7 @@ install_opensuse_check_services() { # Skip if not meant to be installed [ $fname = "minion" ] && [ "$_INSTALL_MINION" -eq $BS_FALSE ] && continue [ $fname = "master" ] && [ "$_INSTALL_MASTER" -eq $BS_FALSE ] && continue - #[ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || [ "$(which salt-${fname} 2>/dev/null)" = "" ]) && continue + #[ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || ! __check_command_exists "salt-${fname}") && continue [ $fname = "syndic" ] && [ "$_INSTALL_SYNDIC" -eq $BS_FALSE ] && continue __check_services_systemd salt-$fname > /dev/null 2>&1 || __check_services_systemd salt-$fname.service > /dev/null 2>&1 || return 1 done @@ -4748,8 +5245,201 @@ install_opensuse_check_services() { ####################################################################################################################### # -# SuSE Install Functions. +# SUSE Enterprise 12 # + +install_suse_12_stable_deps() { + SUSE_PATCHLEVEL=$(awk '/PATCHLEVEL/ {print $3}' /etc/SuSE-release ) + + if [ "${SUSE_PATCHLEVEL}" != "" ]; then + DISTRO_PATCHLEVEL="_SP${SUSE_PATCHLEVEL}" + fi + DISTRO_REPO="SLE_${DISTRO_MAJOR_VERSION}${DISTRO_PATCHLEVEL}" + + # SLES 12 repo name does not use a patch level so PATCHLEVEL will need to be updated with SP1 + #DISTRO_REPO="SLE_${DISTRO_MAJOR_VERSION}${DISTRO_PATCHLEVEL}" + + DISTRO_REPO="SLE_${DISTRO_MAJOR_VERSION}" + + # Is the repository already known + __set_suse_pkg_repo + __zypper repos | grep "${SUSE_PKG_URL}" >/dev/null 2>&1 + if [ $? -eq 1 ]; then + # zypper does not yet know nothing about systemsmanagement_saltstack + __zypper addrepo --refresh "${SUSE_PKG_URL}" || return 1 + fi + + __zypper --gpg-auto-import-keys refresh || return 1 + + if [ "$_UPGRADE_SYS" -eq $BS_TRUE ]; then + __zypper --gpg-auto-import-keys update || return 1 + fi + + # Salt needs python-zypp installed in order to use the zypper module + __PACKAGES="python-zypp" + # shellcheck disable=SC2089 + __PACKAGES="${__PACKAGES} libzmq5 python python-Jinja2 python-msgpack-python" + __PACKAGES="${__PACKAGES} python-pycrypto python-pyzmq python-pip python-xml python-requests" + + if [ "$SUSE_PATCHLEVEL" -eq 1 ]; then + __check_pip_allowed + echowarn "PyYaml will be installed using pip" + else + __PACKAGES="${__PACKAGES} python-PyYAML" + fi + + if [ "$_INSTALL_CLOUD" -eq $BS_TRUE ]; then + __PACKAGES="${__PACKAGES} python-apache-libcloud" + fi + + # SLES 11 SP3 ships with both python-M2Crypto-0.22.* and python-m2crypto-0.21 and we will be asked which + # we want to install, even with --non-interactive. + # Let's try to install the higher version first and then the lower one in case of failure + __zypper_install 'python-M2Crypto>=0.22' || __zypper_install 'python-M2Crypto>=0.21' || return 1 + # shellcheck disable=SC2086,SC2090 + __zypper_install ${__PACKAGES} || return 1 + + if [ "$SUSE_PATCHLEVEL" -eq 1 ]; then + # There's no python-PyYaml in SP1, let's install it using pip + pip install PyYaml || return 1 + fi + + # PIP based installs need to copy configuration files "by hand". + if [ "$SUSE_PATCHLEVEL" -eq 1 ]; then + # Let's trigger config_salt() + if [ "$_TEMP_CONFIG_DIR" = "null" ]; then + # Let's set the configuration directory to /tmp + _TEMP_CONFIG_DIR="/tmp" + CONFIG_SALT_FUNC="config_salt" + + for fname in minion master syndic api; do + + # Skip if not meant to be installed + [ $fname = "minion" ] && [ "$_INSTALL_MINION" -eq $BS_FALSE ] && continue + [ $fname = "master" ] && [ "$_INSTALL_MASTER" -eq $BS_FALSE ] && continue + [ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || ! __check_command_exists "salt-${fname}") && continue + [ $fname = "syndic" ] && [ "$_INSTALL_SYNDIC" -eq $BS_FALSE ] && continue + + # Syndic uses the same configuration file as the master + [ $fname = "syndic" ] && fname=master + + # Let's download, since they were not provided, the default configuration files + if [ ! -f "$_SALT_ETC_DIR/$fname" ] && [ ! -f "$_TEMP_CONFIG_DIR/$fname" ]; then + # shellcheck disable=SC2086 + curl $_CURL_ARGS -s -o "$_TEMP_CONFIG_DIR/$fname" -L \ + "https://raw.githubusercontent.com/saltstack/salt/develop/conf/$fname" || return 1 + fi + done + fi + fi + + if [ "${_EXTRA_PACKAGES}" != "" ]; then + echoinfo "Installing the following extra packages as requested: ${_EXTRA_PACKAGES}" + # shellcheck disable=SC2086 + __zypper_install ${_EXTRA_PACKAGES} || return 1 + fi + + return 0 +} + +install_suse_12_git_deps() { + install_suse_11_stable_deps || return 1 + + if ! __check_command_exists git; then + __zypper_install git || return 1 + fi + + __git_clone_and_checkout || return 1 + + if [ -f "${_SALT_GIT_CHECKOUT_DIR}/requirements/base.txt" ]; then + # We're on the develop branch, install whichever tornado is on the requirements file + __REQUIRED_TORNADO="$(grep tornado "${_SALT_GIT_CHECKOUT_DIR}/requirements/base.txt")" + if [ "${__REQUIRED_TORNADO}" != "" ]; then + __zypper_install python-tornado + fi + fi + + # Let's trigger config_salt() + if [ "$_TEMP_CONFIG_DIR" = "null" ]; then + _TEMP_CONFIG_DIR="${_SALT_GIT_CHECKOUT_DIR}/conf/" + CONFIG_SALT_FUNC="config_salt" + fi + + return 0 +} + +install_suse_12_stable() { + if [ "$SUSE_PATCHLEVEL" -gt 1 ]; then + install_opensuse_stable || return 1 + else + # USE_SETUPTOOLS=1 To work around + # error: option --single-version-externally-managed not recognized + USE_SETUPTOOLS=1 pip install salt || return 1 + fi + return 0 +} + +install_suse_12_git() { + install_opensuse_git || return 1 + return 0 +} + +install_suse_12_stable_post() { + if [ "$SUSE_PATCHLEVEL" -gt 1 ]; then + install_opensuse_stable_post || return 1 + else + for fname in minion master syndic api; do + + # Skip if not meant to be installed + [ $fname = "minion" ] && [ "$_INSTALL_MINION" -eq $BS_FALSE ] && continue + [ $fname = "master" ] && [ "$_INSTALL_MASTER" -eq $BS_FALSE ] && continue + [ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || ! __check_command_exists "salt-${fname}") && continue + [ $fname = "syndic" ] && [ "$_INSTALL_SYNDIC" -eq $BS_FALSE ] && continue + + if [ -f /bin/systemctl ]; then + # shellcheck disable=SC2086 + curl $_CURL_ARGS -L "https://github.com/saltstack/salt/raw/develop/pkg/salt-$fname.service" \ + -o "/usr/lib/systemd/system/salt-$fname.service" || return 1 + continue + fi + + ## shellcheck disable=SC2086 + #curl $_CURL_ARGS -L "https://github.com/saltstack/salt/raw/develop/pkg/rpm/salt-$fname" \ + # -o "/etc/init.d/salt-$fname" || return 1 + #chmod +x "/etc/init.d/salt-$fname" + + if [ -f /bin/systemctl ]; then + systemctl is-enabled salt-$fname.service || (systemctl preset salt-$fname.service && systemctl enable salt-$fname.service) + sleep 0.1 + systemctl daemon-reload + continue + fi + + done + fi + return 0 +} + +install_suse_12_git_post() { + install_opensuse_git_post || return 1 + return 0 +} + +install_suse_12_restart_daemons() { + install_opensuse_restart_daemons || return 1 + return 0 +} + +# +# End of SUSE Enterprise 12 +# +####################################################################################################################### + +####################################################################################################################### +# +# SUSE Enterprise 11 +# + install_suse_11_stable_deps() { SUSE_PATCHLEVEL=$(awk '/PATCHLEVEL/ {print $3}' /etc/SuSE-release ) if [ "${SUSE_PATCHLEVEL}" != "" ]; then @@ -4758,11 +5448,11 @@ install_suse_11_stable_deps() { DISTRO_REPO="SLE_${DISTRO_MAJOR_VERSION}${DISTRO_PATCHLEVEL}" # Is the repository already known - __zypper repos | grep devel_languages_python >/dev/null 2>&1 + __set_suse_pkg_repo + __zypper repos | grep "${SUSE_PKG_URL}" >/dev/null 2>&1 if [ $? -eq 1 ]; then - # zypper does not yet know nothing about devel_languages_python - __zypper addrepo --refresh \ - "http://download.opensuse.org/repositories/devel:/languages:/python/${DISTRO_REPO}/devel:languages:python.repo" || return 1 + # zypper does not yet know nothing about systemsmanagement_saltstack + __zypper addrepo --refresh "${SUSE_PKG_URL}" || return 1 fi __zypper --gpg-auto-import-keys refresh || return 1 @@ -4774,11 +5464,11 @@ install_suse_11_stable_deps() { # Salt needs python-zypp installed in order to use the zypper module __PACKAGES="python-zypp" # shellcheck disable=SC2089 - __PACKAGES="${__PACKAGES} libzmq3 python python-Jinja2 python-msgpack-python" + __PACKAGES="${__PACKAGES} libzmq5 python python-Jinja2 python-msgpack-python" __PACKAGES="${__PACKAGES} python-pycrypto python-pyzmq python-pip python-xml python-requests" if [ "$SUSE_PATCHLEVEL" -eq 1 ]; then - check_pip_allowed + __check_pip_allowed echowarn "PyYaml will be installed using pip" else __PACKAGES="${__PACKAGES} python-PyYAML" @@ -4813,7 +5503,7 @@ install_suse_11_stable_deps() { # Skip if not meant to be installed [ $fname = "minion" ] && [ "$_INSTALL_MINION" -eq $BS_FALSE ] && continue [ $fname = "master" ] && [ "$_INSTALL_MASTER" -eq $BS_FALSE ] && continue - [ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || [ "$(which salt-${fname} 2>/dev/null)" = "" ]) && continue + [ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || ! __check_command_exists "salt-${fname}") && continue [ $fname = "syndic" ] && [ "$_INSTALL_SYNDIC" -eq $BS_FALSE ] && continue # Syndic uses the same configuration file as the master @@ -4841,15 +5531,15 @@ install_suse_11_stable_deps() { install_suse_11_git_deps() { install_suse_11_stable_deps || return 1 - if [ "$(which git)" = "" ]; then + if ! __check_command_exists git; then __zypper_install git || return 1 fi __git_clone_and_checkout || return 1 - if [ -f "${__SALT_GIT_CHECKOUT_DIR}/requirements/base.txt" ]; then + if [ -f "${_SALT_GIT_CHECKOUT_DIR}/requirements/base.txt" ]; then # We're on the develop branch, install whichever tornado is on the requirements file - __REQUIRED_TORNADO="$(grep tornado "${__SALT_GIT_CHECKOUT_DIR}/requirements/base.txt")" + __REQUIRED_TORNADO="$(grep tornado "${_SALT_GIT_CHECKOUT_DIR}/requirements/base.txt")" if [ "${__REQUIRED_TORNADO}" != "" ]; then __zypper_install python-tornado fi @@ -4857,7 +5547,7 @@ install_suse_11_git_deps() { # Let's trigger config_salt() if [ "$_TEMP_CONFIG_DIR" = "null" ]; then - _TEMP_CONFIG_DIR="${__SALT_GIT_CHECKOUT_DIR}/conf/" + _TEMP_CONFIG_DIR="${_SALT_GIT_CHECKOUT_DIR}/conf/" CONFIG_SALT_FUNC="config_salt" fi @@ -4889,7 +5579,7 @@ install_suse_11_stable_post() { # Skip if not meant to be installed [ $fname = "minion" ] && [ "$_INSTALL_MINION" -eq $BS_FALSE ] && continue [ $fname = "master" ] && [ "$_INSTALL_MASTER" -eq $BS_FALSE ] && continue - [ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || [ "$(which salt-${fname} 2>/dev/null)" = "" ]) && continue + [ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || ! __check_command_exists "salt-${fname}") && continue [ $fname = "syndic" ] && [ "$_INSTALL_SYNDIC" -eq $BS_FALSE ] && continue if [ -f /bin/systemctl ]; then @@ -4919,6 +5609,16 @@ install_suse_11_restart_daemons() { return 0 } + +# +# End of SUSE Enterprise 11 +# +####################################################################################################################### +# +# SUSE Enterprise General Functions +# + +# Used for both SLE 11 and 12 install_suse_check_services() { if [ ! -f /bin/systemctl ]; then # Not running systemd!? Don't check! @@ -4932,14 +5632,15 @@ install_suse_check_services() { # Skip if not meant to be installed [ $fname = "minion" ] && [ "$_INSTALL_MINION" -eq $BS_FALSE ] && continue [ $fname = "master" ] && [ "$_INSTALL_MASTER" -eq $BS_FALSE ] && continue - #[ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || [ "$(which salt-${fname} 2>/dev/null)" = "" ]) && continue + #[ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || ! __check_command_exists "salt-${fname}") && continue [ $fname = "syndic" ] && [ "$_INSTALL_SYNDIC" -eq $BS_FALSE ] && continue __check_services_systemd salt-$fname || return 1 done return 0 } + # -# End of SuSE Install Functions. +# SUSE Enterprise General Functions # ####################################################################################################################### @@ -4965,13 +5666,13 @@ __gentoo_config_protection() { __gentoo_pre_dep() { if [ "$_ECHO_DEBUG" -eq $BS_TRUE ]; then - if [ "$(which eix)" != "" ]; then + if __check_command_exists eix; then eix-sync else emerge --sync fi else - if [ "$(which eix)" != "" ]; then + if __check_command_exists eix; then eix-sync -q else emerge --sync --quiet @@ -4989,7 +5690,7 @@ __gentoo_post_dep() { __gentoo_config_protection if [ "$_INSTALL_CLOUD" -eq $BS_TRUE ]; then - check_pip_allowed "You need to allow pip based installations (-P) in order to install apache-libcloud" + __check_pip_allowed "You need to allow pip based installations (-P) in order to install apache-libcloud" __emerge -v 'dev-python/pip' pip install -U "apache-libcloud>=$_LIBCLOUD_MIN_VERSION" fi @@ -5032,7 +5733,7 @@ install_gentoo_post() { # Skip if not meant to be installed [ $fname = "minion" ] && [ "$_INSTALL_MINION" -eq $BS_FALSE ] && continue [ $fname = "master" ] && [ "$_INSTALL_MASTER" -eq $BS_FALSE ] && continue - #[ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || [ "$(which salt-${fname} 2>/dev/null)" = "" ]) && continue + #[ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || ! __check_command_exists "salt-${fname}") && continue [ $fname = "syndic" ] && [ "$_INSTALL_SYNDIC" -eq $BS_FALSE ] && continue if [ -d "/run/systemd/system" ]; then @@ -5055,7 +5756,7 @@ install_gentoo_restart_daemons() { # Skip if not meant to be installed [ $fname = "minion" ] && [ "$_INSTALL_MINION" -eq $BS_FALSE ] && continue [ $fname = "master" ] && [ "$_INSTALL_MASTER" -eq $BS_FALSE ] && continue - #[ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || [ "$(which salt-${fname} 2>/dev/null)" = "" ]) && continue + #[ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || ! __check_command_exists "salt-${fname}") && continue [ $fname = "syndic" ] && [ "$_INSTALL_SYNDIC" -eq $BS_FALSE ] && continue if [ -d "/run/systemd/system" ]; then @@ -5081,7 +5782,7 @@ install_gentoo_check_services() { # Skip if not meant to be installed [ $fname = "minion" ] && [ "$_INSTALL_MINION" -eq $BS_FALSE ] && continue [ $fname = "master" ] && [ "$_INSTALL_MASTER" -eq $BS_FALSE ] && continue - #[ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || [ "$(which salt-${fname} 2>/dev/null)" = "" ]) && continue + #[ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || ! __check_command_exists "salt-${fname}") && continue [ $fname = "syndic" ] && [ "$_INSTALL_SYNDIC" -eq $BS_FALSE ] && continue __check_services_systemd salt-$fname || return 1 done @@ -5110,58 +5811,73 @@ config_salt() { # Copy the grains file if found if [ -f "$_TEMP_CONFIG_DIR/grains" ]; then echodebug "Moving provided grains file from $_TEMP_CONFIG_DIR/grains to $_SALT_ETC_DIR/grains" - movefile "$_TEMP_CONFIG_DIR/grains" "$_SALT_ETC_DIR/grains" || return 1 + __movefile "$_TEMP_CONFIG_DIR/grains" "$_SALT_ETC_DIR/grains" || return 1 CONFIGURED_ANYTHING=$BS_TRUE fi - if [ "$_INSTALL_MINION" -eq $BS_TRUE ]; then + if [ "$_CONFIG_ONLY" -eq "$BS_TRUE" ]; then + echowarn "Passing -C (config only) option implies -F (forced overwrite)." + echowarn "Overwriting configs in 11 seconds!" + sleep 11 + fi + + if [ "$_INSTALL_MINION" -eq "$BS_TRUE" ] || [ "$_CONFIG_ONLY" -eq "$BS_TRUE" ]; then # Create the PKI directory [ -d "$_PKI_DIR/minion" ] || (mkdir -p "$_PKI_DIR/minion" && chmod 700 "$_PKI_DIR/minion") || return 1 # Copy the minions configuration if found if [ -f "$_TEMP_CONFIG_DIR/minion" ]; then - movefile "$_TEMP_CONFIG_DIR/minion" "$_SALT_ETC_DIR" || return 1 + __movefile "$_TEMP_CONFIG_DIR/minion" "$_SALT_ETC_DIR" "$BS_TRUE" || return 1 CONFIGURED_ANYTHING=$BS_TRUE fi # Copy the minion's keys if found if [ -f "$_TEMP_CONFIG_DIR/minion.pem" ]; then - movefile "$_TEMP_CONFIG_DIR/minion.pem" "$_PKI_DIR/minion/" || return 1 + __movefile "$_TEMP_CONFIG_DIR/minion.pem" "$_PKI_DIR/minion/" "$BS_TRUE" || return 1 chmod 400 "$_PKI_DIR/minion/minion.pem" || return 1 CONFIGURED_ANYTHING=$BS_TRUE fi if [ -f "$_TEMP_CONFIG_DIR/minion.pub" ]; then - movefile "$_TEMP_CONFIG_DIR/minion.pub" "$_PKI_DIR/minion/" || return 1 + __movefile "$_TEMP_CONFIG_DIR/minion.pub" "$_PKI_DIR/minion/" "$BS_TRUE" || return 1 chmod 664 "$_PKI_DIR/minion/minion.pub" || return 1 CONFIGURED_ANYTHING=$BS_TRUE fi # For multi-master-pki, copy the master_sign public key if found if [ -f "$_TEMP_CONFIG_DIR/master_sign.pub" ]; then - movefile "$_TEMP_CONFIG_DIR/master_sign.pub" "$_PKI_DIR/minion/" || return 1 + __movefile "$_TEMP_CONFIG_DIR/master_sign.pub" "$_PKI_DIR/minion/" || return 1 chmod 664 "$_PKI_DIR/minion/master_sign.pub" || return 1 CONFIGURED_ANYTHING=$BS_TRUE fi fi + # only (re)place master or syndic configs if -M (install master) or -S + # (install syndic) specified + OVERWRITE_MASTER_CONFIGS=$BS_FALSE + if [ "$_INSTALL_MASTER" -eq $BS_TRUE ] && [ "$_CONFIG_ONLY" -eq $BS_TRUE ]; then + OVERWRITE_MASTER_CONFIGS=$BS_TRUE + fi + if [ "$_INSTALL_SYNDIC" -eq $BS_TRUE ] && [ "$_CONFIG_ONLY" -eq $BS_TRUE ]; then + OVERWRITE_MASTER_CONFIGS=$BS_TRUE + fi - if [ "$_INSTALL_MASTER" -eq $BS_TRUE ] || [ "$_INSTALL_SYNDIC" -eq $BS_TRUE ]; then + if [ "$_INSTALL_MASTER" -eq $BS_TRUE ] || [ "$_INSTALL_SYNDIC" -eq $BS_TRUE ] || [ "$OVERWRITE_MASTER_CONFIGS" -eq $BS_TRUE ]; then # Create the PKI directory [ -d "$_PKI_DIR/master" ] || (mkdir -p "$_PKI_DIR/master" && chmod 700 "$_PKI_DIR/master") || return 1 # Copy the masters configuration if found if [ -f "$_TEMP_CONFIG_DIR/master" ]; then - movefile "$_TEMP_CONFIG_DIR/master" "$_SALT_ETC_DIR" || return 1 + __movefile "$_TEMP_CONFIG_DIR/master" "$_SALT_ETC_DIR" || return 1 CONFIGURED_ANYTHING=$BS_TRUE fi # Copy the master's keys if found if [ -f "$_TEMP_CONFIG_DIR/master.pem" ]; then - movefile "$_TEMP_CONFIG_DIR/master.pem" "$_PKI_DIR/master/" || return 1 + __movefile "$_TEMP_CONFIG_DIR/master.pem" "$_PKI_DIR/master/" || return 1 chmod 400 "$_PKI_DIR/master/master.pem" || return 1 CONFIGURED_ANYTHING=$BS_TRUE fi if [ -f "$_TEMP_CONFIG_DIR/master.pub" ]; then - movefile "$_TEMP_CONFIG_DIR/master.pub" "$_PKI_DIR/master/" || return 1 + __movefile "$_TEMP_CONFIG_DIR/master.pub" "$_PKI_DIR/master/" || return 1 chmod 664 "$_PKI_DIR/master/master.pub" || return 1 CONFIGURED_ANYTHING=$BS_TRUE fi @@ -5202,7 +5918,7 @@ preseed_master() { # If it's not a file, skip to the next [ ! -f "$src_keyfile" ] && continue - movefile "$src_keyfile" "$dst_keyfile" || return 1 + __movefile "$src_keyfile" "$dst_keyfile" || return 1 chmod 664 "$dst_keyfile" || return 1 done @@ -5228,7 +5944,7 @@ daemons_running() { # Skip if not meant to be installed [ $fname = "minion" ] && [ "$_INSTALL_MINION" -eq $BS_FALSE ] && continue [ $fname = "master" ] && [ "$_INSTALL_MASTER" -eq $BS_FALSE ] && continue - #[ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || [ "$(which salt-${fname} 2>/dev/null)" = "" ]) && continue + #[ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || ! __check_command_exists "salt-${fname}") && continue [ $fname = "syndic" ] && [ "$_INSTALL_SYNDIC" -eq $BS_FALSE ] && continue # shellcheck disable=SC2009 @@ -5468,9 +6184,9 @@ fi # Ensure that the cachedir exists # (Workaround for https://github.com/saltstack/salt/issues/6502) if [ "$_INSTALL_MINION" -eq $BS_TRUE ]; then - if [ ! -d /var/cache/salt/minion/proc ]; then + if [ ! -d "${_SALT_CACHE_DIR}/minion/proc" ]; then echodebug "Creating salt's cachedir" - mkdir -p /var/cache/salt/minion/proc + mkdir -p "${_SALT_CACHE_DIR}/minion/proc" fi fi @@ -5512,8 +6228,8 @@ fi # Run any start daemons function if [ "$STARTDAEMONS_INSTALL_FUNC" != "null" ]; then echoinfo "Running ${STARTDAEMONS_INSTALL_FUNC}()" - echodebug "Waiting ${__DEFAULT_SLEEP} seconds for processes to settle before checking for them" - sleep ${__DEFAULT_SLEEP} + echodebug "Waiting ${_SLEEP} seconds for processes to settle before checking for them" + sleep ${_SLEEP} $STARTDAEMONS_INSTALL_FUNC if [ $? -ne 0 ]; then echoerror "Failed to run ${STARTDAEMONS_INSTALL_FUNC}()!!!" @@ -5524,8 +6240,8 @@ fi # Check if the installed daemons are running or not if [ "$DAEMONS_RUNNING_FUNC" != "null" ] && [ $_START_DAEMONS -eq $BS_TRUE ]; then echoinfo "Running ${DAEMONS_RUNNING_FUNC}()" - echodebug "Waiting ${__DEFAULT_SLEEP} seconds for processes to settle before checking for them" - sleep ${__DEFAULT_SLEEP} # Sleep a little bit to let daemons start + echodebug "Waiting ${_SLEEP} seconds for processes to settle before checking for them" + sleep ${_SLEEP} # Sleep a little bit to let daemons start $DAEMONS_RUNNING_FUNC if [ $? -ne 0 ]; then echoerror "Failed to run ${DAEMONS_RUNNING_FUNC}()!!!" @@ -5537,7 +6253,7 @@ if [ "$DAEMONS_RUNNING_FUNC" != "null" ] && [ $_START_DAEMONS -eq $BS_TRUE ]; th # Skip if not meant to be installed [ $fname = "minion" ] && [ "$_INSTALL_MINION" -eq $BS_FALSE ] && continue [ $fname = "master" ] && [ "$_INSTALL_MASTER" -eq $BS_FALSE ] && continue - #[ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || [ "$(which salt-${fname} 2>/dev/null)" = "" ]) && continue + #[ $fname = "api" ] && ([ "$_INSTALL_MASTER" -eq $BS_FALSE ] || ! __check_command_exists "salt-${fname}") && continue [ $fname = "syndic" ] && [ "$_INSTALL_SYNDIC" -eq $BS_FALSE ] && continue if [ "$_ECHO_DEBUG" -eq $BS_FALSE ]; then