Commit graph

35 commits

Author SHA1 Message Date
John Van de Meulebrouck Brendgard 8d4ce2d1b7
Make sure that COSMOS_BASE is only readable
by root since it's possible that the directory
can contain files that after applying the
overlay to / only should be read or writable
by root.
2023-11-17 15:03:47 +01:00
John Van de Meulebrouck Brendgard ca353ed406
Set same permissions for /root/.ssh/authorized_keys
in post-tasks.d/010fix-ssh-perms as is done by
Puppet with sunet::ssh_keys.
2023-11-17 13:50:02 +01:00
Fredrik Thulin 708c6c1b64
add set -e, and do some shellcheck cleanup 2023-02-03 16:05:09 +01:00
Patrik Lundin e212b6f56f
Support master branch being renamed to main
Fixes:
```
70run-post-tasks: invoking /var/cache/cosmos/model/post-tasks.d/018packages
Your configuration specifies to merge with the ref 'refs/heads/master'
from the remote, but no such ref was fetched.
```
2023-01-31 08:52:28 +01:00
Fredrik Thulin 4601e0bf08
make sure we get clean checkouts 2023-01-30 14:56:15 +01:00
Fredrik Thulin 715105aadb
add documentation for dynamically generated cosmos-modules.conf 2023-01-19 17:56:51 +01:00
Fredrik Thulin c3c6171f96
modules, not models 2023-01-19 17:30:18 +01:00
Fredrik Thulin e2e394a9af
generate /etc/puppet/cosmos-modules.conf dynamically 2023-01-19 17:19:42 +01:00
Fredrik Thulin 7c5a063045
gpg import with --no-tty
With recent GPG versions, a TTY seems to be required to import keys.

Since importing of keys need to work when running from cron, we
pass --no-tty to those commands. This should mean that -t doesn't
have to be passed to SSH on bootstrapping for new Debian hosts
(tested on Raspbian).
2019-03-17 13:26:54 +01:00
Fredrik Thulin f25a6af712
use python3 2019-01-15 13:18:22 +01:00
Fredrik Thulin fc3d3294ed
stage reboots across sites 2019-01-15 13:12:41 +01:00
Fredrik Thulin 5eeaa2e3ff
noninteractive to not block when removing packages 2019-01-15 13:12:07 +01:00
Fredrik Thulin bc027359d1
show which manifest is applied to lessen confusion 2019-01-15 13:11:15 +01:00
Fredrik Thulin e069bd4f06
remove unused reports that take about 2s per run to create 2019-01-15 13:10:46 +01:00
Fredrik Thulin 08979437b5
add support for file:// urls 2019-01-15 13:09:24 +01:00
Fredrik Thulin bf1b476d9a
colors 2019-01-15 13:08:39 +01:00
Fredrik Thulin a2e4c5372f
add support for a second, local puppet module config file 2019-01-15 13:07:47 +01:00
Fredrik Thulin 761963ba2f
add colors, sanity checking and support for Ubuntu 18.04 2019-01-15 13:06:48 +01:00
John Van de Meulebrouck Brendgard 5fbd6f5b94
Do not run update and autoremove on all machines at the same time as seen in eduID 2016-08-28 00:13:10 +02:00
John Van de Meulebrouck Brendgard b81de45e77
Show diff of puppet changes as seen in eduID 2016-08-28 00:11:33 +02:00
John Van de Meulebrouck Brendgard a94f87c41c
Support fetching of git over https:// as seen in eduID 2016-08-28 00:08:37 +02:00
John Van de Meulebrouck Brendgard b56799bcc6
Added automatic re-import of expired keys as in eduID 2016-08-27 23:52:14 +02:00
Leif Johansson 97f7390eac newer puppet seems to want this 2014-09-29 15:06:28 +02:00
Stefan Wold eda9bcdd45 Update git origin url if changed in cosmos-modules.conf 2014-03-03 18:00:11 +01:00
Leif Johansson 2369e391d7 nag a bit 2014-02-26 00:17:40 +01:00
Leif Johansson 50b037d19f Merge pull request #4 from Ratler/allow-puppet-install
Allow installing puppet modules using the standard method
2014-02-26 00:07:28 +01:00
Stefan Wold 0f44e1679c Opt-in for automatic reboot
Use of && is bad in this context since it will return 1 causing
cosmos to exit with status 1 if a reboot is not required.
2014-02-24 09:55:34 +01:00
Stefan Wold 5c171118c1 Allow installing puppet modules using the standard method 2014-02-24 08:13:53 +01:00
Stefan Wold 9b801d3be8 git tag gpg signature validation of puppet modules
Before staging a puppet module for install the latest git tag is
verified using the available gpg key identities. The git tag pattern
can be overriden using a fourth argument in cosmos-modules.conf.
2014-02-22 18:29:41 +01:00
Leif Johansson 54000987a0 new addhost 2013-10-31 23:26:16 +01:00
Leif Johansson db83b79024 boostrap keys dir 2013-10-31 22:20:33 +01:00
Leif Johansson db0d42a628 boostrap keys dir 2013-10-31 22:04:54 +01:00
Leif Johansson 3d1b26e762 make exec 2013-09-03 11:34:55 +02:00
Leif Johansson b71aac9793 move package install to post-tasks before puppet 2013-09-03 11:31:05 +02:00
Leif Johansson 7515782eb5 import 2013-09-02 16:01:50 +02:00