Compare commits

...

23 Commits

Author SHA1 Message Date
Emmanuel Garette a9bda337a1 better lemur integration 2021-05-22 16:37:50 +02:00
Emmanuel Garette 3a82a76c39 variable to personalise password length 2021-05-11 18:29:17 +02:00
Emmanuel Garette b83e20ce22 open port 8080 (for terraform) 2021-04-24 10:20:03 +02:00
Emmanuel Garette 4e4a6469d5 add systemd notifier 2020-11-14 19:01:52 +01:00
Emmanuel Garette d7d406ffcc add pki informations 2020-11-14 08:16:08 +01:00
Emmanuel Garette b0e81c15f7 start risotto after postgres 2020-10-20 22:36:54 +02:00
Emmanuel Garette d55098922b add password support 2020-10-14 18:31:05 +02:00
Emmanuel Garette e090026120 mkdir 2020-09-20 21:33:50 +02:00
Emmanuel Garette c3dc0ca6ba update config 2020-09-19 10:34:00 +02:00
Emmanuel Garette 58ebb8e1ad risotto is started with a specific user 2020-09-19 09:20:42 +02:00
Emmanuel Garette 709538e4e4 create directories 2020-09-16 15:53:58 +02:00
Emmanuel Garette 897ebdf5e3 resize partition 2020-09-16 12:07:06 +02:00
Emmanuel Garette 1ac00b5a60 srv should have all extra disk size 2020-09-16 11:18:32 +02:00
Emmanuel Garette 2c86780277 srv directory should be volatile 2020-09-16 11:17:05 +02:00
Emmanuel Garette 408fdf22a2 partitioning 2020-09-16 08:13:26 +02:00
Emmanuel Garette 9540ff6c8f remove sql file and dispatch it in risotto-*-sql packages 2020-09-06 09:48:32 +02:00
Emmanuel Garette 7becbca64e Changement de nom de table SQL + ajout des colonnes OSName/OSVersion/Compatibilities pour les AS 2020-09-05 16:38:05 +02:00
Emmanuel Garette 54c895f822 les servermodels ne sont plus associés à une source 2020-09-02 09:04:49 +02:00
Emmanuel Garette f371c96ff3 release_name and release_distribution 2020-08-26 15:32:09 +02:00
Emmanuel Garette 0d938a2389 add infraserver table 2020-08-19 11:37:15 +02:00
Emmanuel Garette 80bcc8821f refactor import of seed files 2020-08-12 08:30:58 +02:00
Emmanuel Garette a69d0f7386 fixer les permissions avant le démarrage de risotto 2020-08-07 17:09:22 +02:00
Emmanuel Garette 2ce388eaf9 comment unuse column in applicationservice table 2020-08-05 17:11:30 +02:00
9 changed files with 110 additions and 202 deletions

View File

@ -1,151 +0,0 @@
-- Deployment
CREATE TABLE Deployment (
DeploymentId SERIAL PRIMARY KEY,
ProviderType VARCHAR(255) NOT NULL,
TargetType VARCHAR(255) NOT NULL,
TargetName VARCHAR(255) NOT NULL,
FactoryCluster VARCHAR(255),
FactoryNodeName VARCHAR(255),
CPU INTEGER,
VCPU INTEGER,
Memory INTEGER,
Labels VARCHAR(255) [] DEFAULT '{}',
UNIQUE (TargetType, TargetName)
);
CREATE INDEX Deployment_FactoryNodeName_index ON Deployment(FactoryNodeName);
-- Cluster
CREATE TABLE FactoryCluster (
ClusterId SERIAL PRIMARY KEY,
ClusterName VARCHAR(255) NOT NULL UNIQUE,
ClusterDescription VARCHAR(255) NOT NULL,
VirtualIp VARCHAR(15) NOT NULL,
ZoneName VARCHAR(255) NOT NULL
);
-- Node in Cluster
CREATE TABLE FactoryClusterNode (
ClusterNodeId SERIAL PRIMARY KEY,
ClusterId INTEGER NOT NULL,
ServerName VARCHAR(255) NOT NULL UNIQUE,
FOREIGN KEY (ClusterId) REFERENCES FactoryCluster(ClusterId)
);
CREATE INDEX FactoryClusterNode_ServerName_index ON FactoryClusterNode(ServerName);
-- Site
CREATE TABLE Site (
SiteId SERIAL PRIMARY KEY,
SiteName VARCHAR(255) NOT NULL UNIQUE,
SiteDescription VARCHAR(255) NOT NULL
);
-- Zone
CREATE TABLE Zone (
ZoneId SERIAL PRIMARY KEY,
ZoneName VARCHAR(255) NOT NULL UNIQUE,
ZoneDescription VARCHAR(255) NOT NULL,
SitesName VARCHAR(255) [] NOT NULL
);
-- Server
CREATE TABLE Server (
ServerId SERIAL PRIMARY KEY,
ServerName VARCHAR(255) NOT NULL UNIQUE,
ServerDescription VARCHAR(255) NOT NULL,
ServerServermodelName VARCHAR(255) NOT NULL,
ReleaseDistribution VARCHAR(255) NOT NULL,
SiteName VARCHAR(255) NOT NULL,
ZonesName VARCHAR(255) [] NOT NULL,
ZonesIP VARCHAR(255) [] NOT NULL
);
-- Source
CREATE TABLE Source (
SourceId SERIAL PRIMARY KEY,
SourceName VARCHAR(255) NOT NULL UNIQUE,
SourceURL TEXT
);
-- Release
CREATE TABLE Release (
ReleaseId SERIAL PRIMARY KEY,
ReleaseName VARCHAR(255) NOT NULL,
ReleaseSourceId INTEGER NOT NULL,
ReleaseDistribution VARCHAR(20) CONSTRAINT releasedistribution_choice CHECK (ReleaseDistribution IN ('last', 'n-1', 'n-2')),
UNIQUE (ReleaseName, ReleaseSourceId),
UNIQUE (ReleaseDistribution, ReleaseSourceId),
FOREIGN KEY (ReleaseSourceId) REFERENCES Source(SourceId)
);
-- Servermodel
CREATE TABLE Servermodel (
ServermodelId SERIAL PRIMARY KEY,
ServermodelName VARCHAR(255) NOT NULL,
ServermodelDescription VARCHAR(255) NOT NULL,
Osname VARCHAR(255),
Osversion VARCHAR(255),
ISO VARCHAR(255),
ServermodelParents VARCHAR(255) [] DEFAULT '{}',
SourceName VARCHAR(255) NOT NULL,
ReleaseDistribution VARCHAR(255) NOT NULL,
ServermodelApplicationserviceId INTEGER NOT NULL,
UNIQUE (ServermodelName, SourceName, ReleaseDistribution)
);
CREATE INDEX ServermodelApplicationserviceId_index ON Servermodel (ServermodelApplicationserviceId);
-- Applicationservice
CREATE TABLE Applicationservice (
ApplicationserviceId SERIAL PRIMARY KEY,
ApplicationserviceName VARCHAR(255) NOT NULL,
ApplicationserviceDescription VARCHAR(255) NOT NULL,
ApplicationserviceReleaseId INTEGER NOT NULL,
ApplicationserviceLVIS VARCHAR(255) NOT NULL,
ApplicationserviceLVIP VARCHAR(255) NOT NULL,
ApplicationserviceLVMP VARCHAR(255) NOT NULL,
OS JSON,
UNIQUE (ApplicationserviceName, ApplicationserviceReleaseId)
);
CREATE TABLE ApplicationserviceDependency (
ApplicationserviceId INTEGER NOT NULL,
ApplicationserviceDependencyId INTEGER NOT NULL,
UNIQUE(ApplicationserviceId, ApplicationserviceDependencyId),
FOREIGN KEY (ApplicationserviceId) REFERENCES Applicationservice(ApplicationserviceId),
FOREIGN KEY (ApplicationserviceDependencyId) REFERENCES Applicationservice(ApplicationserviceId)
);
-- Log
CREATE TABLE log(
Msg VARCHAR(255) NOT NULL,
Level VARCHAR(10) NOT NULL,
Path VARCHAR(255),
Username VARCHAR(100) NOT NULL,
Data JSON,
Date timestamp DEFAULT current_timestamp
);
-- User, Role and ACL
CREATE TABLE RisottoUser (
UserId SERIAL PRIMARY KEY,
UserLogin VARCHAR(100) NOT NULL UNIQUE,
UserName VARCHAR(100) NOT NULL,
UserSurname VARCHAR(100) NOT NULL
);
CREATE TABLE UserRole (
RoleId SERIAL PRIMARY KEY,
RoleUserId INTEGER NOT NULL,
RoleName VARCHAR(255) NOT NULL,
RoleAttribute VARCHAR(255),
RoleAttributeValue VARCHAR(255),
FOREIGN KEY (RoleUserId) REFERENCES RisottoUser(UserId)
);
CREATE TABLE URI (
URIId SERIAL PRIMARY KEY,
URIName VARCHAR(255) NOT NULL UNIQUE
);
CREATE TABLE RoleURI (
RoleName VARCHAR(255) NOT NULL,
URIId INTEGER NOT NULL,
FOREIGN KEY (URIId) REFERENCES URI(URIId),
PRIMARY KEY (RoleName, URIId)
);

View File

@ -0,0 +1,26 @@
<?xml version="1.0" encoding="utf-8"?>
<creole>
<variables>
<family name='système'>
<!-- We need to recalculate the variables -->
<variable name='eole_lv_names' redefine='True' remove_check='True' />
<variable name='eole_lv_standard_extends' redefine='True' remove_check='True' />
</family>
</variables>
<constraints>
<!-- Default AmonEcole* logical volumes -->
<auto name='calc_multi_val' target='eole_lv_names'>
<param>root</param>
<param>tmp</param>
</auto>
<auto name='calc_multi_val' target='eole_lv_standard_extends'>
<param type='number'>100</param>
<param type='number'>0</param>
</auto>
</constraints>
<help/>
</creole>
<!-- vim: ts=4 sw=4 expandtab
-->

View File

@ -2,10 +2,12 @@
<creole>
<files>
<service>risotto</service>
<file filelist='risotto' name='/etc/risotto/risotto.conf' mkdir='True' rm='True'/>
<file filelist='risotto' name='/etc/systemd/system/risotto.service' mkdir='True' rm='True'/>
<file filelist='risotto' name='/etc/eole/eole-db.d/risotto.yml' mkdir='True' rm='True'/>
<file filelist='risotto' name='/etc/eole/eole-db.d/tiramisu.yml' mkdir='True' rm='True'/>
<service_access service='risotto'>
<port>8080</port>
</service_access>
<file name='/etc/risotto/risotto.conf' owner="risotto" mkdir='True' rm='True'/>
<file name='/etc/eole/eole-db.d/risotto.yml' mkdir='True' rm='True'/>
<file name='/etc/eole/eole-db.d/tiramisu.yml'/>
</files>
<variables>
<family name='risotto'>
@ -34,33 +36,17 @@
<value>localhost</value>
</variable>
<variable name='risotto_messages_dir' type='filename' description='Emplacement des messages de lAPI' hidden='True'>
<value>/srv/risotto-message/messages</value>
<value>/usr/share/risotto-message/messages</value>
</variable>
<variable name='risotto_cache_dir' type='filename' description='Emplacement du cache' hidden='True'>
<value>/var/cache/risotto</value>
<value>/srv/risotto/cache</value>
</variable>
<variable name='risotto_seed_dir' type='filename' description='Emplacement des descriptions de services' hidden='True'>
<value>/srv/risotto/seed</value>
</variable>
<variable name='risotto_factory_configuration_dir' type='filename' description='Emplacement de la configuration du provider factory' hidden='True'>
<value>/srv/factory/</value>
<variable name='risotto_images_dir' type='filename' description='Emplacement des images disques' hidden='True'>
<value>/srv/risotto/images</value>
</variable>
</family>
</variables>
<constraints>
</constraints>
<help>
<variable name='risotto_configuration_dir'>Aide pour la variable risotto_configuration_dir</variable>
<variable name='risotto_temp_dir'>Aide pour la variable risotto_temp_dir</variable>
<variable name='risotto_default_user'>Aide pour la variable risotto_default_user</variable>
<variable name='risotto_main_dbname'>Aide pour la variable risotto_main_dbname</variable>
<variable name='risotto_tiramisu_dbname'>Aide pour la variable risotto_tiramisu_dbname</variable>
<variable name='risotto_db_user'>Aide pour la variable risotto_db_user</variable>
<variable name='risotto_tiramisu_db_user'>Aide pour la variable risotto_tiramisu_db_user</variable>
<variable name='risotto_db_address'>Aide pour la variable risotto_db_address</variable>
<variable name='risotto_messages_dir'>Aide pour la variable risotto_messages_dir</variable>
<variable name='risotto_cache_dir'>Aide pour la variable risotto_cache_dir</variable>
<variable name='risotto_seed_dir'>Aide pour la variable risotto_seed_dir</variable>
<variable name='risotto_factory_configuration_dir'>Aide pour la variable risotto_factory_configuration_dir</variable>
</help>
</creole>

View File

@ -2,6 +2,8 @@
set -e
systemctl start postgresql.service
psql -Upostgres -c "grant all on all tables in schema public to risotto" risotto
psql -Upostgres -c "grant all on all sequences in schema public to risotto" risotto
psql -Upostgres -c "grant all on all functions in schema public to risotto" risotto
@ -9,4 +11,6 @@ psql -Upostgres -c "grant all on all tables in schema public to tiramisu" tirami
psql -Upostgres -c "grant all on all sequences in schema public to tiramisu" tiramisu
psql -Upostgres -c "grant all on all functions in schema public to tiramisu" tiramisu
systemctl stop postgresql.service
exit 0

9
posttemplate/20-directories Executable file
View File

@ -0,0 +1,9 @@
#!/bin/bash
for dir in risotto_cache_dir risotto_seed_dir risotto_temp_dir risotto_configuration_dir risotto_images_dir; do
dirname=$(CreoleGet $dir)
mkdir -p $dirname
chown risotto: $dirname
done
exit 0

View File

@ -1,9 +1,12 @@
[Unit]
Description=risotto
After=postgresql.service
[Service]
EnvironmentFile=/etc/risotto/risotto.conf
Type=notify
ExecStart=/usr/bin/risotto-server
User=risotto
Group=risotto
[Install]
WantedBy=multi-user.target

View File

@ -1,15 +1,40 @@
CONFIGURATION_DIR=%%getVar('risotto_configuration_dir')
PROVIDER_FACTORY_CONFIG_DIR=%%getVar('risotto_factory_configuration_dir')
TMP_DIR=%%getVar('risotto_temp_dir')
DEFAULT_USER=%%getVar('risotto_default_user')
RISOTTO_DB_NAME=%%getVar('risotto_main_dbname')
RISOTTO_DB_USER=%%getVar('risotto_db_user')
CONFIGURATION_DIR=%%risotto_configuration_dir
TMP_DIR="%%risotto_temp_dir"
IMAGE_PATH="%%risotto_images_dir"
DEFAULT_USER="%%risotto_default_user"
RISOTTO_DB_NAME="%%risotto_main_dbname"
RISOTTO_DB_USER="%%risotto_db_user"
RISOTTO_DB_PASSWORD=replace_me
TIRAMISU_DB_NAME=%%getVar('risotto_tiramisu_dbname')
TIRAMISU_DB_USER=%%getVar('risotto_tiramisu_db_user')
TIRAMISU_DB_NAME="%%risotto_tiramisu_dbname"
TIRAMISU_DB_USER="%%risotto_tiramisu_db_user"
TIRAMISU_DB_PASSWORD=replace_me
DB_ADDRESS=%%getVar('risotto_db_address')
MESSAGE_PATH=%%getVar('risotto_messages_dir')
CACHE_ROOT_PATH=%%getVar('risotto_cache_dir')
SRV_SEED_PATH=%%getVar('risotto_seed_dir')
PYTHONPATH="/usr/lib/python3.6/dist-packages:$PYTHONPATH"
RISOTTO_URL="http://%%nom_domaine_machine:8080/"
DB_ADDRESS="%%risotto_db_address"
MESSAGE_PATH="%%risotto_messages_dir"
CACHE_ROOT_PATH="%%risotto_cache_dir"
SRV_SEED_PATH="%%risotto_seed_dir"
%set %%var = %%getVar('celeryrisotto_db_user', None)
%if not %%is_empty(%%var)
CELERYRISOTTO_DB_NAME="%%celeryrisotto_main_dbname"
CELERYRISOTTO_DB_USER="%%var"
CELERYRISOTTO_DB_PASSWORD=replace_me
%end if
%set %%var = %%getVar('lemur_db_user', None)
%if not %%is_empty(%%var)
LEMUR_DB_NAME="%%lemur_db_name"
LEMUR_DB_USER="%%var"
LEMUR_DB_PASSWORD='replace_me'
%end if
%set %%var = %%getVar('password_admin_username', None)
%if not %%is_empty(%%var)
PASSWORD_ADMIN_USERNAME="%%password_admin_username"
PASSWORD_ADMIN_EMAIL="%%password_admin_email"
PASSWORD_ADMIN_PASSWORD="%%password_admin_password"
PASSWORD_DEVICE_IDENTIFIER="%%password_device_identifier"
PASSWORD_URL="https://%%nom_domaine_machine:8001/"
PASSWORD_LENGTH=%%password_length
%end if
%if %%getVar('lemur_db_name', None)
PKI_ADMIN_PASSWORD="%%lemur_admin_password"
PKI_ADMIN_EMAIL="%%lemur_admin_email"
%end if

View File

@ -1,17 +1,23 @@
%set %%dbname = %%getVar('risotto_main_dbname')
%from os import listdir
%set %%dbname = %%risotto_main_dbname
---
dbuser: %%getVar('risotto_db_user')
dbuser: %%risotto_db_user
dbuser_options:
- LOGIN
- LOGIN
privileges:
%%{dbname}.public.*: 'ALL'
%%{dbname}.public: 'ALL'
%%{dbname}: 'ALL'
dbhost: %%getVar('risotto_db_address')
%%{dbname}.public.*: 'ALL'
%%{dbname}.public: 'ALL'
%%{dbname}: 'ALL'
dbhost: %%risotto_db_address
dbport: 5432
dbtype: postgres
dbname: %%dbname
template: 'template0'
sqlscripts: ['/usr/share/eole/db/eole-risotto/gen/create_tables.sql']
sqlscripts:
%for %%file in %%listdir('/usr/share/eole/db/eole-risotto/gen/')
%if %%file.endswith('.sql')
- /usr/share/eole/db/eole-risotto/gen/%%file
%end if
%end for
pwd_files:
- {'file': '/etc/risotto/risotto.conf', 'pattern': 'RISOTTO_DB_PASSWORD='}
- {'file': '/etc/risotto/risotto.conf', 'pattern': 'RISOTTO_DB_PASSWORD='}

View File

@ -1,16 +1,16 @@
%set %%dbname = %%getVar('risotto_tiramisu_dbname')
%set %%dbname = %%risotto_tiramisu_dbname
---
dbuser: %%getVar('risotto_tiramisu_db_user')
dbuser: %%risotto_tiramisu_db_user
dbuser_options:
- LOGIN
privileges:
%%{dbname}.public.*: 'ALL'
%%{dbname}.public: 'ALL'
%%{dbname}: 'ALL'
dbhost: %%getVar('risotto_db_address')
dbhost: %%risotto_db_address
dbport: 5432
dbtype: postgres
dbname: %%getVar('risotto_tiramisu_dbname')
dbname: %%risotto_tiramisu_dbname
template: 'template0'
pwd_files:
- {'file': '/etc/risotto/risotto.conf', 'pattern': 'TIRAMISU_DB_PASSWORD='}