3
\�mek��������������� ���@���s����U�d�Z�ddlZddlZddlZddlmZ�ddlmZ�ddlm Z m
Z
�ddl
m
Z
�ddl
mZ�ddlmZmZ�dd lmZ�d
Zd
Zd
Zd
ZdgZdddeeed�gedgd�Zeee�Z�eje�Z
eeefdd�Z
e
ee
e dd�dd�Z dS�)z6 Mcollective: Install, configure and start mcollective�����N)�dedent)� ConfigObj)�subp�util)�Cloud)�Config)�
MetaSchema�
get_meta_doc)�
PER_INSTANCEz&/etc/mcollective/ssl/server-public.pemz'/etc/mcollective/ssl/server-private.pemz/etc/mcollective/server.cfga���This module installs, configures and starts mcollective. If the ``mcollective``
key is present in config, then mcollective will be installed and started.
Configuration for ``mcollective`` can be specified in the ``conf`` key under
``mcollective``. Each config value consists of a key value pair and will be
written to ``/etc/mcollective/server.cfg``. The ``public-cert`` and
``private-cert`` keys, if present in conf may be used to specify the public and
private certificates for mcollective. Their values will be written to
``/etc/mcollective/ssl/server-public.pem`` and
``/etc/mcollective/ssl/server-private.pem``.
.. note::
The ec2 metadata service is readable by non-root users.
If security is a concern, use include-once and ssl urls.
�allZcc_mcollectiveZ
Mcollectivez(Install, configure and start mcollectivea��� # Provide server private and public key and provide the following
# config settings in /etc/mcollective/server.cfg:
# loglevel: debug
# plugin.stomp.host: dbhost
# WARNING WARNING WARNING
# The ec2 metadata service is a network service, and thus is
# readable by non-root users on the system
# (ie: 'ec2metadata --user-data')
# If you want security for this, please use include-once + SSL urls
mcollective:
conf:
loglevel: debug
plugin.stomp.host: dbhost
public-cert: |
-------BEGIN CERTIFICATE--------
<cert data>
-------END CERTIFICATE--------
private-cert: |
-------BEGIN CERTIFICATE--------
<cert data>
-------END CERTIFICATE--------
�
mcollective)�id�name�title�
description�distrosZexamplesZ frequencyZactivate_by_schema_keysc�������
���!���C���s���y"t�j|ddd�}ttj|��}W�nD�tk
rf�}�z(|jtjkrD��ntj d|��t��}W�Y�d�d�}~X�nX�x�|�j
��D�]�\}}|dkr�t�j
||dd��||d<�d|d <�qr|d
kr�t�j
||d
d��||d
<�d|d <�qrt
|t
�r�|||<�qrt
|t��r(||jk�ri�||<�x0|j
��D�]\} }
|
||�| <��q
W�qrt
|�||<�qrW�yt�j|d
|���W�n6�tk
�r��}�z|jtjk�rpn��W�Y�d�d�}~X�nX�tj��}
|j|
��t�j
||
j��dd��d�S�)NF)�quiet�decodez4Did not find file %s (starting with an empty config)z
public-certi���)�modezplugin.ssl_server_publicZsslZsecurityproviderz
private-certi���zplugin.ssl_server_privatez%s.old)r���Z load_filer����io�BytesIO�IOError�errno�ENOENT�LOG�debug�itemsZ
write_file�
isinstance�str�dictZsections�copy�write�getvalue)
�configZ
server_cfgZ
pubcert_fileZ
pricert_fileZ
old_contentsZmcollective_config�eZcfg_name�cfg�o�v�contents��r)����$/usr/lib/python3.6/cc_mcollective.py� configure\���sH����
r+���)r���r%����cloud�args�returnc�������������C���s\���d|krt�jd|���d�S�|d�}|jjdg��d|krDt|d�d��tjdddgdd��d�S�) Nr
���z?Skipping module named %s, no 'mcollective' key in configurationZconf)r#���ZserviceZrestartF)Zcapture)r���r���ZdistroZinstall_packagesr+���r���)r���r%���r,���r-���Zmcollective_cfgr)���r)���r*����handle����s����r/���)!�__doc__r���r���Zlogging�textwrapr���Z configobjr���Z cloudinitr���r���Zcloudinit.cloudr���Zcloudinit.configr���Zcloudinit.config.schemar���r ���Zcloudinit.settingsr
���Z
PUBCERT_FILEZ
PRICERT_FILEZ
SERVER_CFGZMODULE_DESCRIPTIONr����metaZ getLogger�__name__r���r+���r
����listr/���r)���r)���r)���r*����<module>
���s<���
9