:::::::::::::: Current file structure (excluding RCS/ dirs) :::::::::::::: /pusher/packages /pusher/packages/firewall /pusher/packages/firewall/versions /pusher/packages/firewall/versions/1.0 /pusher/packages/firewall/versions/1.0/firewall /pusher/packages/firewall/versions/1.0/Makefile /pusher/packages/firewall/versions/vnodes /pusher/packages/firewall/versions/vnodes/firewall /pusher/packages/firewall/versions/vnodes/Makefile /pusher/packages/firewall/Makefile /pusher/packages/sshkeys /pusher/packages/sshkeys/versions /pusher/packages/sshkeys/versions/1.0 /pusher/packages/sshkeys/versions/1.0/authorized_keys /pusher/packages/sshkeys/Makefile /pusher/packages/sshkeys/identities /pusher/packages/sshkeys/identities/box3.pusher.id_dsa /pusher/packages/sshkeys/identities/box3.pusher.id_dsa.pub /pusher/packages/aptinstall /pusher/packages/apache2conf /pusher/packages/apache2conf/versions /pusher/packages/apache2conf/versions/1.0 /pusher/packages/apache2conf/versions/1.0/apache2.conf /pusher/packages/apache2conf/versions/1.0/Makefile /pusher/packages/apache2conf/versions/1.0/certs /pusher/packages/apache2conf/versions/1.0/certs/www.nekodojo.org.crt /pusher/packages/apache2conf/versions/1.0/certs/www.nekodojo.org.csr /pusher/packages/apache2conf/versions/1.0/certs/www.nekodojo.org.key /pusher/packages/apache2conf/versions/1.0/virtual.conf /pusher/packages/apache2conf/Makefile /pusher/nodes /pusher/nodes/v1.nekodojo.org /pusher/nodes/v1.nekodojo.org/Makefile /pusher/nodes/box3.nekodojo.org /pusher/nodes/box3.nekodojo.org/Makefile /pusher/Makefile :::::::::::::: /pusher/Makefile :::::::::::::: # The top level Makefile allows you to cd /pusher ; make name # if name is the short name of the host. You can also cd to # nodes/name.domain.com and type "make" in there but you could # not easily do multiple hosts this way. usage: echo "Usage: make " % : nodes/%.nekodojo.org/Makefile make -C nodes/$@.nekodojo.org :::::::::::::: /pusher/nodes/box3.nekodojo.org/Makefile :::::::::::::: # The "nodes" Makefile specifies what packages to make and gives # a template for calling that package Makefile. You can make just # one package with cd nodes/name ; make pkgname - the default is # to make all. For this host the default version of everything is # "default" but you could create your own rule for non-default # versions by cloning the generic template and changing VERSION= # just for that one package DESTHOST=box3.nekodojo.org PATH_PACKAGES=/usr/local/adm/pusher/packages allpackages: sshkeys firewall apache2conf % : ${PATH_PACKAGES}/%/Makefile make -C ${PATH_PACKAGES}/$@ \ VERSION=default \ DESTHOST=${DESTHOST} :::::::::::::: /pusher/nodes/v1.nekodojo.org/Makefile :::::::::::::: # Another node with similar template, only this one has the default # version as "vnodes" DESTHOST=v1.nekodojo.org PATH_PACKAGES=/usr/local/adm/pusher/packages allpackages: sshkeys firewall apache2conf % : ${PATH_PACKAGES}/%/Makefile make -C ${PATH_PACKAGES}/$@ \ VERSION=vnodes \ DESTHOST=${DESTHOST} :::::::::::::: /pusher/packages/sshkeys/Makefile :::::::::::::: # Simple package - it only installs one file: authorized_keys # It should ask for root's password twice on the first run, then # after the first run you should not need anymore passwords # authorized_keys is a copy of the pusher's .pub key but with # from="ip" added so that the key will only be honored from # this IP. # Symbols for common package operations such as: SSH, SSH_OPTIONS, # DO_SSH, RSYNC, RSYNC_OPTIONS, DO_RSYNC, DO_RSYNC_ALL should probably # be defined in a global "makefile template" somewhere but I haven't # looked up how to do this. So far it looks like variables aren't inherited # when "make -C dir" appears in a Makefile.. maybe there is a cleaner way # to tell make to go into a different directory... SSH=/usr/bin/ssh SSH_OPTIONS=-i /pusher/packages/sshkeys/identities/box3.pusher.id_dsa DO_SSH=${SSH} ${SSH_OPTIONS} RSYNC=/usr/bin/rsync RSYNC_OPTIONS=--rsh="${SSH} ${SSH_OPTIONS}" -v DO_RSYNC=${RSYNC} ${RSYNC_OPTIONS} DO_RSYNC_ALL=${RSYNC} ${RSYNC_OPTIONS} -a --exclude=RCS MYNAME=sshkeys VERSION=default ifeq ($(VERSION),vnodes) override VERSION=default endif ifeq ($(VERSION),default) override VERSION=1.0 endif DESTDIR= actions: prep push start prep: push: ${DO_SSH} ${DESTHOST} mkdir -p ~root/.ssh/ ${DO_RSYNC} versions/${VERSION}/authorized_keys ${DESTHOST}:~root/.ssh/authorized_keys start: :::::::::::::: /pusher/packages/firewall/Makefile :::::::::::::: # This is a more typical package... it has a version/1.0/ dir that holds # everything that should be copied to the slave, including another Makefile # The selected version is copied to the slave as /slave/packages/$(name) # and then we ssh to the slave and do "make" there. # Currently there is no --delete in the rsync but there probably should be. # Also we should exclude _* because some Makefiles will create _files # (mostly just touch _xyz to denote when an operation was last done) # Note that all packages have logic that says if the version is "default" # change it to "1.0". For now "vnodes" also denotes "default" in most # packages, but the firewall package actually has a "vnodes" version that # is different from 1.0. This could also have been done with symlinks # like default -> 1.0 but I don't want to go too insane with symlinks; # having it declared in the file seems a bit more explicit. SSH=/usr/bin/ssh SSH_OPTIONS=-i /pusher/packages/sshkeys/identities/box3.pusher.id_dsa DO_SSH=${SSH} ${SSH_OPTIONS} RSYNC=/usr/bin/rsync RSYNC_OPTIONS=--rsh="${SSH} ${SSH_OPTIONS}" -v DO_RSYNC=${RSYNC} ${RSYNC_OPTIONS} DO_RSYNC_ALL=${RSYNC} ${RSYNC_OPTIONS} -a --exclude=RCS MYNAME=firewall VERSION=default ifeq ($(VERSION),vnodes) # don't override, use versions/vnodes/ endif ifeq ($(VERSION),default) override VERSION=1.0 endif DESTDIR=/slave/packages/${MYNAME} actions: prep push start prep: push: ${DO_SSH} ${DESTHOST} mkdir -p ${DESTDIR} ${DO_RSYNC_ALL} versions/${VERSION}/ ${DESTHOST}:${DESTDIR}/ start: ${DO_SSH} ${DESTHOST} make -C ${DESTDIR} :::::::::::::: /pusher/packages/apache2conf/Makefile :::::::::::::: # A more complicated package, but still following the same format: # copy a dir full of files to the slave, ssh to it and run "make" SSH=/usr/bin/ssh SSH_OPTIONS=-i /pusher/packages/sshkeys/identities/box3.pusher.id_dsa DO_SSH=${SSH} ${SSH_OPTIONS} RSYNC=/usr/bin/rsync RSYNC_OPTIONS=--rsh="${SSH} ${SSH_OPTIONS}" -v DO_RSYNC=${RSYNC} ${RSYNC_OPTIONS} DO_RSYNC_ALL=${RSYNC} ${RSYNC_OPTIONS} -a --exclude=RCS MYNAME=apache2conf VERSION=default ifeq ($(VERSION),vnodes) override VERSION=default endif ifeq ($(VERSION),default) override VERSION=1.0 endif DESTDIR=/slave/packages/${MYNAME} actions: prep push start prep: push: ${DO_SSH} ${DESTHOST} mkdir -p ${DESTDIR} ${DO_RSYNC_ALL} versions/${VERSION}/ ${DESTHOST}:${DESTDIR} start: ${DO_SSH} ${DESTHOST} make -C ${DESTDIR} :::::::::::::: /pusher/packages/apache2conf/versions/1.0/Makefile :::::::::::::: # Example of a "slave" Makefile. This Makefile copies config files from # the slave directory to the proper place in /etc/. # What's currently missing is a "test" feature - ideally if the service won't # restart, we should be able to roll back the files that were loaded and # try to start the service again. That would require "make backup" and # "restore from backup" routines as well... APACHEDIR = /etc/apache2 APACHECONF = apache2.conf CONFDIR = /etc/apache2/conf.d/ CONFFILES = \ virtual.conf MODS_ENABLED=${APACHEDIR}/mods-enabled MODS_AVAIL=${APACHEDIR}/mods-available REQUIREMODS= \ ${MODS_ENABLED}/cgi.load \ ${MODS_ENABLED}/include.load \ ${MODS_ENABLED}/mod_python.load \ ${MODS_ENABLED}/perl.conf \ ${MODS_ENABLED}/perl.load \ ${MODS_ENABLED}/php4.conf ${MODS_ENABLED}/php4.load \ ${MODS_ENABLED}/rewrite.load \ ${MODS_ENABLED}/ssl.conf ${MODS_ENABLED}/ssl.load \ ${MODS_ENABLED}/userdir.conf ${MODS_ENABLED}/userdir.load KEYDIR=/etc/ssl/private CRTDIR=/etc/ssl/certs all: install clean: echo "Nothing to clean in this directory" install: _installconf _installmods _installcerts /etc/init.d/apache2 restart _installconf: $(APACHECONF) $(CONFFILES) cp $(APACHECONF) $(APACHEDIR) cp $(CONFFILES) $(CONFDIR) rm -f ${APACHEDIR}/sites-enabled/000-default touch $@ _installmods: $(REQUIREMODS) touch $@ ${MODS_ENABLED}/% :: ${MODS_AVAIL}/% ln -sf $< $@ _installcerts: certs/*.key certs/*.crt cp certs/*.key ${KEYDIR} cp certs/*.crt ${CRTDIR} touch $@