Documentation
¶
Index ¶
- Variables
- func CompareVersions(version string, compareTo string) bool
- func ContainPackage(expected interface{}) types.GomegaMatcher
- func GetKeys(m map[string]File) []string
- func Marshall(flags []Flag) string
- func MatchAll(flags []Flag, constraints []Flag) bool
- func MatchCommand(expected interface{}) types.GomegaMatcher
- func MatchesAny(flags []Flag, constraints []Flag) bool
- func NegatesAny(flags []Flag, constraints []Flag) bool
- func ToScript(commands []Command) string
- type AllPhases
- type Ansible
- type Applier
- type Certificate
- type Command
- type CommandMatcher
- type Commands
- func (c *Commands) Add(commands ...string) *Commands
- func (c *Commands) AddAll(cmd ...Command) *Commands
- func (c *Commands) AddDependency(commands ...string) *Commands
- func (c *Commands) Append(c2 Commands) *Commands
- func (c Commands) GetCommands() []Command
- func (c *Commands) Merge() []Command
- func (c Commands) WithTags(tags ...Flag) Commands
- type Config
- func (cfg *Config) AddCommand(cmd string, flags ...*Flag) *Config
- func (cfg *Config) AddPackage(names string, flag *Flag) *Config
- func (cfg *Config) AddPackageRepo(url string, gpg string, flag Flag) *Config
- func (cfg *Config) AddTarPackage(pkg TarPackage, flags ...Flag) *Config
- func (cfg *Config) AppendPackageRepo(repo PackageRepo, flags ...Flag) *Config
- func (cfg *Config) AppendPackages(flag *Flag, packages ...Package) *Config
- func (sys *Config) ApplyPhases() (Filesystem, []Command, error)
- func (cfg *Config) FindCmd(prefix string) []*Command
- func (sys *Config) ImportConfig(c2 Config)
- func (sys *Config) Init()
- func (sys Config) String()
- func (sys *Config) ToBash() (string, error)
- func (sys *Config) ToCloudInit() cloudinit.CloudInit
- func (sys *Config) Verify(results *VerifyResults) bool
- type ConfigBuilder
- type Container
- type ContainerRuntime
- type File
- type Filesystem
- type Fixture
- type Flag
- type FlagProcessor
- type KernelInput
- type KubernetesSpec
- type Package
- type PackageManager
- type PackageMatcher
- type PackageRepo
- type Phase
- type Port
- type ProcessFlagsPhase
- type Service
- type SystemContext
- type SystemD
- type SystemdInstall
- type SystemdService
- type SystemdUnit
- type TarPackage
- type Transformer
- type User
- type VerifyPhase
- type VerifyResults
Constants ¶
This section is empty.
Variables ¶
View Source
var ( CONTAINER = Flag{Name: "container"} DEBIAN = Flag{Name: "debian"} DEBIAN9 = Flag{Name: "debian9"} DEBIAN10 = Flag{Name: "debian10"} DEBIAN_LIKE = Flag{Name: "debian-like"} // nolint: golint REDHAT = Flag{Name: "redhat"} FEDORA = Flag{Name: "fedora"} FEDORA30 = Flag{Name: "fedora30"} FEDORA31 = Flag{Name: "fedora31"} FEDORA32 = Flag{Name: "fedora32"} REDHAT_LIKE = Flag{Name: "redhat-like"} // nolint: golint AMAZON_LINUX = Flag{Name: "amazonLinux"} // nolint: golint RHEL = Flag{Name: "rhel"} RHEL7 = Flag{Name: "rhel7"} RHEL8 = Flag{Name: "rhel8"} CENTOS = Flag{Name: "centos"} CENTOS7 = Flag{Name: "centos7"} CENTOS8 = Flag{Name: "centos8"} UBUNTU = Flag{Name: "ubuntu"} UBUNTU18 = Flag{Name: "ubuntu18"} UBUNTU20 = Flag{Name: "ubuntu20"} UBUNTU16 = Flag{Name: "ubuntu16"} AWS = Flag{Name: "aws"} PHOTON = Flag{Name: "photon"} PHOTON2 = Flag{Name: "photon2"} PHOTON3 = Flag{Name: "photon3"} VMWARE = Flag{Name: "vmware"} NOT_PHOTON = Flag{Name: "!photon", Negates: []Flag{PHOTON}} // nolint: golint NOT_PHOTON2 = Flag{Name: "!photon2", Negates: []Flag{PHOTON2}} // nolint: golint NOT_PHOTON3 = Flag{Name: "!photon3", Negates: []Flag{PHOTON3}} // nolint: golint NOT_CONTAINER = Flag{Name: "!container", Negates: []Flag{CONTAINER}} // nolint: golint NOT_FEDORA = Flag{Name: "!fedora", Negates: []Flag{FEDORA}} // nolint: golint NOT_FEDORA30 = Flag{Name: "!fedora30", Negates: []Flag{FEDORA30}} // nolint: golint NOT_FEDORA31 = Flag{Name: "!fedora31", Negates: []Flag{FEDORA31}} // nolint: golint NOT_FEDORA32 = Flag{Name: "!fedora32", Negates: []Flag{FEDORA32}} // nolint: golint NOT_DEBIAN = Flag{Name: "!debian", Negates: []Flag{DEBIAN}} // nolint: golint NOT_DEBIAN9 = Flag{Name: "!debian9", Negates: []Flag{DEBIAN9}} // nolint: golint NOT_DEBIAN10 = Flag{Name: "!debian10", Negates: []Flag{DEBIAN10}} // nolint: golint NOT_REDHAT = Flag{Name: "!redhat", Negates: []Flag{REDHAT}} // nolint: golint NOT_DEBIAN_LIKE = Flag{Name: "!debian", Negates: []Flag{DEBIAN_LIKE}} // nolint: golint NOT_REDHAT_LIKE = Flag{Name: "!redhat", Negates: []Flag{REDHAT_LIKE}} // nolint: golint NOT_CENTOS = Flag{Name: "!centos", Negates: []Flag{CENTOS}} // nolint: golint NOT_CENTOS7 = Flag{Name: "!centos7", Negates: []Flag{CENTOS7}} // nolint: golint NOT_CENTOS8 = Flag{Name: "!centos8", Negates: []Flag{CENTOS8}} // nolint: golint NOT_RHEL = Flag{Name: "!rhel", Negates: []Flag{RHEL}} // nolint: golint NOT_RHEL7 = Flag{Name: "!rhel7", Negates: []Flag{RHEL7}} // nolint: golint NOT_RHEL8 = Flag{Name: "!rhel8", Negates: []Flag{RHEL8}} // nolint: golint NOT_UBUNTU = Flag{Name: "!ubuntu", Negates: []Flag{UBUNTU}} // nolint: golint NOT_UBUNTU18 = Flag{Name: "!ubuntu18", Negates: []Flag{UBUNTU18}} // nolint: golint NOT_UBUNTU20 = Flag{Name: "!ubuntu20", Negates: []Flag{UBUNTU20}} // nolint: golint NOT_UBUNTU16 = Flag{Name: "!ubuntu16", Negates: []Flag{UBUNTU16}} // nolint: golint NOT_AWS = Flag{Name: "!aws", Negates: []Flag{AWS}} // nolint: golint NOT_VMWARE = Flag{Name: "!vmware", Negates: []Flag{VMWARE}} // nolint: golint NOT_AMAZON_LINUX = Flag{Name: "!amazonLinux", Negates: []Flag{AMAZON_LINUX}} // nolint: golint FLAG_MAP = make(map[string]Flag) // nolint: golint FLAGS = []Flag{CONTAINER, DEBIAN, DEBIAN9, DEBIAN10, DEBIAN_LIKE, REDHAT, FEDORA, FEDORA30, FEDORA31, FEDORA32, REDHAT_LIKE, AMAZON_LINUX, CENTOS, CENTOS7, CENTOS8, RHEL, RHEL7, RHEL8, UBUNTU, UBUNTU16, UBUNTU18, UBUNTU20, PHOTON, PHOTON2, PHOTON3, AWS, VMWARE, NOT_CONTAINER, NOT_FEDORA, NOT_FEDORA30, NOT_FEDORA31, NOT_FEDORA32, NOT_PHOTON, NOT_PHOTON2, NOT_PHOTON3, NOT_DEBIAN_LIKE, NOT_REDHAT_LIKE, NOT_DEBIAN, NOT_DEBIAN9, NOT_DEBIAN10, NOT_REDHAT, NOT_CENTOS, NOT_CENTOS7, NOT_CENTOS8, NOT_RHEL, NOT_RHEL7, NOT_RHEL8, NOT_UBUNTU, NOT_AWS, NOT_VMWARE, NOT_AMAZON_LINUX, NOT_UBUNTU16, NOT_UBUNTU18, NOT_UBUNTU20} )
View Source
var (
Dig = dig.New()
)
Functions ¶
func CompareVersions ¶
func ContainPackage ¶
func ContainPackage(expected interface{}) types.GomegaMatcher
func MatchAll ¶
MatchAll returns true if all constraints match at least one flag AND none of the constraints negates any flag
func MatchCommand ¶
func MatchCommand(expected interface{}) types.GomegaMatcher
func MatchesAny ¶
func NegatesAny ¶
Types ¶
type AllPhases ¶
type AllPhases interface {
Phase
ProcessFlagsPhase
}
type Applier ¶
type Applier interface {
Apply(ctx SystemContext)
}
type Certificate ¶
type Certificate string
type Command ¶
Command encapsulates a command and the tags for which it is applicable
func FilterFlags ¶
func (Command) MarshalYAML ¶
MarshalYAML ads tags as comments
type CommandMatcher ¶
type CommandMatcher struct {
Expected interface{}
Commands []Command
Filesystem Filesystem
Err error
}
func (*CommandMatcher) FailureMessage ¶
func (matcher *CommandMatcher) FailureMessage(actual interface{}) (message string)
func (*CommandMatcher) Match ¶
func (matcher *CommandMatcher) Match(actual interface{}) (success bool, err error)
func (*CommandMatcher) NegatedFailureMessage ¶
func (matcher *CommandMatcher) NegatedFailureMessage(actual interface{}) (message string)
type Commands ¶
type Commands struct {
// contains filtered or unexported fields
}
func NewCommand ¶
func (*Commands) AddDependency ¶
func (Commands) GetCommands ¶
type Config ¶
type Config struct {
AppliedFiles Filesystem `yaml:"-"`
AppliedCommands []Command `yaml:"-"`
PreCommands []Command `yaml:"pre_commands,omitempty"`
Commands []Command `yaml:"commands,omitempty"`
PostCommands []Command `yaml:"post_commands,omitempty"`
Filesystem Filesystem `yaml:"filesystem,omitempty"`
//Files is a map of destination path to lookup file path
// The lookup path is relative to where konfigadm is run from, not relative to the config file
// The content and permissions of the file will be compiled into primitive Filesystem elements, user and group ownership is ignored
// Both the destination and lookup path can be expressions
Files map[string]string `yaml:"files,omitempty"`
//Templates is a map of destination path to template lookup path
// The lookup path is relative to where konfigadm is run from, not relative to the config file
// Templates are compiled via a Jinja (Ansible-like) rendered into primitive filesystem objects
// Both the destination and lookup path can be expressions
Templates map[string]string `yaml:"templates,omitempty"`
Sysctls map[string]string `yaml:"sysctls,omitempty"`
Packages *[]Package `yaml:"packages,omitempty"`
TarPackages []TarPackage `yaml:"tar_packages,omitempty"`
PackageRepos *[]PackageRepo `yaml:"package_repos,omitempty"`
Images []string `yaml:"images,omitempty"`
Kernel *[]KernelInput `yaml:"kernel,omitempty"`
Containers []Container `yaml:"containers,omitempty"`
ContainerRuntime ContainerRuntime `yaml:"container_runtime,omitempty"`
Kubernetes *KubernetesSpec `yaml:"kubernetes,omitempty"`
Environment map[string]string `yaml:"environment,omitempty"`
Ansible []Ansible `yaml:"ansible,omitempty"`
Timezone string `yaml:"timezone,omitempty"`
NTP []string `yaml:"ntp,omitempty"`
DNS []string `yaml:"dns,omitempty"`
Limits []string `yaml:"limits,omitempty"`
TrustedCA []Certificate `yaml:"ca,omitempty"`
Partitions []string `yaml:"partitions,omitempty"`
Extra *cloudinit.CloudInit `yaml:"extra,omitempty"`
Services map[string]Service `yaml:"services,omitempty"`
Users []User `yaml:"users,omitempty"`
Cleanup *bool `yaml:"cleanup,omitempty"`
Context *SystemContext `yaml:"-"`
}
Config is the logical model after runtime tags have been applied
func (*Config) AddPackage ¶
AddPackage is a helper function to add new packages
func (*Config) AddPackageRepo ¶
AddPackageRepo is a helper function to add new packages repos
func (*Config) AddTarPackage ¶ added in v0.7.1
func (cfg *Config) AddTarPackage(pkg TarPackage, flags ...Flag) *Config
AddTarPackage is a helper function to add new packages
func (*Config) AppendPackageRepo ¶
func (cfg *Config) AppendPackageRepo(repo PackageRepo, flags ...Flag) *Config
AppendPackageRepo appends a new package repository to the list
func (*Config) AppendPackages ¶
AppendPackages is a helper function to add new packages
func (*Config) ApplyPhases ¶
func (sys *Config) ApplyPhases() (Filesystem, []Command, error)
func (*Config) ImportConfig ¶
ImportConfig merges to configs together, everything but containerRuntime and Kubernetes configs are merged
func (*Config) ToCloudInit ¶
ToCloudInit will apply all phases and produce a CloudInit object from the results
func (*Config) Verify ¶
func (sys *Config) Verify(results *VerifyResults) bool
type ConfigBuilder ¶
type ConfigBuilder struct {
// contains filtered or unexported fields
}
func NewConfig ¶
func NewConfig(configs ...string) *ConfigBuilder
func (*ConfigBuilder) Build ¶
func (builder *ConfigBuilder) Build() (*Config, error)
func (*ConfigBuilder) WithFlags ¶
func (builder *ConfigBuilder) WithFlags(flags ...Flag) *ConfigBuilder
func (*ConfigBuilder) WithVars ¶
func (builder *ConfigBuilder) WithVars(vars ...string) *ConfigBuilder
type Container ¶
type Container struct {
//The name of the service (e.g systemd unit name or deployment name)
Service string `yaml:"service,omitempty"`
Image string `yaml:"image"`
//A map of environment variables to pass through
Env map[string]string `yaml:"env,omitempty"`
//A map of labels to add to the container
Labels map[string]string `yaml:"labels,omitempty"`
//Additional arguments to the docker run command e.g. -p 8080:8080
DockerOpts string `yaml:"docker_opts,omitempty"`
//Additional options to the docker client e.g. -H unix:///tmp/var/run/docker.sock
DockerClientArgs string `yaml:"docker_client_args,omitempty"`
//Additional arguments to the container
Args string `yaml:"args,omitempty"`
Ports []Port `yaml:"ports,omitempty"`
Commands []string `yaml:"commands,omitempty"`
//Map of files to mount into the container
Files map[string]string `yaml:"files,omitempty"`
//Map of templates to mount into the container
Templates map[string]string `yaml:"templates,omitempty"`
//TODO:
Volumes []string `yaml:"volumes,omitempty"`
//CPU limit in cores (Defaults to 1 )
CPU int `yaml:"cpu,omitempty" validate:"min=0,max=32"`
// Memory Limit in MB. (Defaults to 1024)
Mem int `yaml:"mem,omitempty" validate:"min=0,max=1048576"`
//default: user-bridge only
Network string `yaml:"network,omitempty"`
// default: 1
Replicas int `yaml:"replicas,omitempty"`
}
Container represents a container to be run using systemd
type ContainerRuntime ¶
type ContainerRuntime struct {
Type string `yaml:"type,omitempty"`
Arg string `yaml:"arg,omitempty"`
Options string `yaml:"options,omitempty"`
Version string `yaml:"version,omitempty"`
//Images is a list of container images to pre-pull
Images []string `yaml:"images,omitempty"`
}
ContainerRuntime installs a container runtime such as docker or CRI-O
func (ContainerRuntime) GetCLI ¶ added in v0.7.1
func (cri ContainerRuntime) GetCLI() string
type File ¶
type File struct {
Content string `yaml:"content,omitempty"`
ContentFromURL string `yaml:"content_from_url,omitempty"`
Unarchive bool `yaml:"unarchive,omitempty"`
Permissions string `yaml:"permissions,omitempty"`
Owner string `yaml:"owner,omitempty"`
Flags []Flag `yaml:"tags,omitempty"`
}
File is a primitive representing a single file
type Filesystem ¶
Filesystem is a primitive for referencing all files
func FilterFilesystemByFlags ¶
func FilterFilesystemByFlags(files Filesystem, flags ...Flag) Filesystem
type Flag ¶
func (Flag) MarshalYAML ¶
MarshalYAML ads tags as comments
type FlagProcessor ¶
type KernelInput ¶ added in v0.10.0
Package includes the package name, modifiers (mark, uninstall) and runtime tags
func (KernelInput) MarshalYAML ¶ added in v0.10.0
func (p KernelInput) MarshalYAML() (interface{}, error)
MarshalYAML adds tags as comments
func (KernelInput) String ¶ added in v0.10.0
func (p KernelInput) String() string
func (*KernelInput) UnmarshalYAML ¶ added in v0.10.0
func (p *KernelInput) UnmarshalYAML(node *yaml.Node) error
UnmarshalYAML decodes comments into tags and parses modifiers for packages
type KubernetesSpec ¶
type KubernetesSpec struct {
Version string `yaml:"version,omitempty"`
DownloadPath string `yaml:"download_path,omitempty"`
ImagePrefix string `yaml:"image_prefix,omitempty"`
}
KubernetesSpec installs the packages and configures the system for kubernetes, it does not actually bootstrap and configure kubernetes itself Use kubeadm in a `command` to actually configure and start kubernetes
type Package ¶
Package includes the package name, modifiers (mark, uninstall) and runtime tags
func (Package) MarshalYAML ¶
MarshalYAML adds tags as comments
func (*Package) UnmarshalYAML ¶
UnmarshalYAML decodes comments into tags and parses modifiers for packages
func (Package) VersionedName ¶
type PackageManager ¶
type PackageManager interface {
Install(pkg ...string) Commands
Uninstall(pkg ...string) Commands
Mark(pkg ...string) Commands
AddRepo(url string, channel string, versionCodeName string, name string, gpgKey string, extraArgs map[string]string) Commands
GetInstalledVersion(pkg string) string
CleanupCaches() Commands
Update() Commands
GetKernelPackageNames(version string) (string, string)
}
type PackageMatcher ¶
type PackageMatcher struct {
// contains filtered or unexported fields
}
func (*PackageMatcher) FailureMessage ¶
func (matcher *PackageMatcher) FailureMessage(actual interface{}) (message string)
func (*PackageMatcher) Match ¶
func (matcher *PackageMatcher) Match(actual interface{}) (success bool, err error)
func (*PackageMatcher) NegatedFailureMessage ¶
func (matcher *PackageMatcher) NegatedFailureMessage(actual interface{}) (message string)
type PackageRepo ¶
type PackageRepo struct {
Name string `yaml:"name,omitempty"`
URL string `yaml:"url,omitempty"`
GPGKey string `yaml:"gpgKey,omitempty"`
Channel string `yaml:"channel,omitempty"`
VersionCodeName string `yaml:"versionCodeName,omitempty"`
Flags []Flag `yaml:"tags,omitempty"`
ExtraArgs map[string]string `yaml:"extraArgs,omitempty"`
}
PackageRepo includes the URL for a package repo, GPG key (if applicable) and runtime tags
func (PackageRepo) String ¶ added in v0.7.1
func (p PackageRepo) String() string
type Phase ¶
type Phase interface {
ApplyPhase(cfg *Config, ctx *SystemContext) (commands []Command, files Filesystem, err error)
}
type Port ¶
type Port struct {
Port int `yaml:"port,omitempty" validate:"min=1,max=65536"`
Target int `yaml:"target,omitempty" validate:"min=1,max=65536"`
}
Port maps src and target ports
type ProcessFlagsPhase ¶
type Service ¶
type Service struct {
Name string `yaml:"name,omitempty"`
ExecStart string `yaml:"exec_start,omitempty"`
Environment map[string]string `yaml:"environment,omitempty"`
Extra SystemD `yaml:"extra,omitempty"`
}
Service is a systemd service to be installed and started
type SystemContext ¶
type SystemD ¶
type SystemD struct {
Install SystemdInstall
Service SystemdService
Unit SystemdUnit
}
func DefaultSystemdService ¶
func (SystemD) ToUnitFile ¶
type SystemdInstall ¶
type SystemdService ¶
type SystemdService struct {
AmbientCapabilities string `yaml:"ambient_capabilities,omitempty"`
AppArmorProfile string `yaml:"app_armor_profile,omitempty"`
CapabilityBoundingSet string `yaml:"capability_bounding_set,omitempty"`
CPUAffinity string `yaml:"cpu_affinity,omitempty"`
CPUSchedulingPolicy string `yaml:"cpu_scheduling_policy,omitempty"`
CPUSchedulingPriority string `yaml:"cpu_scheduling_priority,omitempty"`
CPUSchedulingResetOnFork interface{} `validate:"bool" yaml:"cpu_scheduling_reset_on_fork,omitempty"`
DynamicUser string `yaml:"dynamic_user,omitempty"`
Environment string `yaml:"environment,omitempty"`
EnvironmentFile string `yaml:"environment_file,omitempty"`
Group string `yaml:"group,omitempty"`
IgnoreSIGPIPE interface{} `validate:"bool" yaml:"ignore_sigpipe,omitempty"`
InaccessiblePaths string `yaml:"inaccessible_paths,omitempty"`
IOSchedulingClass string `yaml:"io_scheduling_class,omitempty"`
IOSchedulingPriority string `yaml:"io_scheduling_priority,omitempty"`
LimitAS string `yaml:"limit_as,omitempty"`
LimitCORE string `yaml:"limit_core,omitempty"`
LimitCPU string `yaml:"limit_cpu,omitempty"`
LimitDATA string `yaml:"limit_data,omitempty"`
LimitFSIZE string `yaml:"limit_fsize,omitempty"`
LimitLOCKS string `yaml:"limit_locks,omitempty"`
LimitMEMLOCK string `yaml:"limit_memlock,omitempty"`
LimitMSGQUEUE string `yaml:"limit_msgqueue,omitempty"`
LimitNICE string `yaml:"limit_nice,omitempty"`
LimitNOFILE string `yaml:"limit_nofile,omitempty"`
LimitNPROC string `yaml:"limit_nproc,omitempty"`
LimitRSS string `yaml:"limit_rss,omitempty"`
LimitRTPRIO string `yaml:"limit_rtprio,omitempty"`
LimitRTTIME string `yaml:"limit_rttime,omitempty"`
LimitSIGPENDING string `yaml:"limit_sigpending,omitempty"`
LimitSTACK string `yaml:"limit_stack,omitempty"`
MemoryDenyWriteExecute interface{} `validate:"bool" yaml:"memory_deny_write_execute,omitempty"`
MountFlags string `yaml:"mount_flags,omitempty"`
Nice string `yaml:"nice,omitempty"`
NoNewPrivileges interface{} `validate:"bool" yaml:"no_new_privileges,omitempty"`
OOMScoreAdjust string `yaml:"oom_score_adjust,omitempty"`
PAMName string `yaml:"pam_name,omitempty"`
PassEnvironment string `yaml:"pass_environment,omitempty"`
Personality string `yaml:"personality,omitempty"`
PrivateDevices interface{} `validate:"bool" yaml:"private_devices,omitempty"`
PrivateNetwork interface{} `validate:"bool" yaml:"private_network,omitempty"`
PrivateTmp interface{} `validate:"bool" yaml:"private_tmp,omitempty"`
PrivateUsers interface{} `validate:"bool" yaml:"private_users,omitempty"`
ProtectControlGroups interface{} `validate:"bool" yaml:"protect_control_groups,omitempty"`
ProtectHome interface{} `validate:"bool" yaml:"protect_home,omitempty"`
ProtectKernelModules string `yaml:"protect_kernel_modules,omitempty"`
ProtectKernelTunables interface{} `validate:"bool" yaml:"protect_kernel_tunables,omitempty"`
ProtectSystem interface{} `validate:"bool" yaml:"protect_system,omitempty"`
ReadOnlyPaths string `yaml:"read_only_paths,omitempty"`
ReadWritePaths string `yaml:"read_write_paths,omitempty"`
RemoveIPC interface{} `validate:"bool" yaml:"remove_ipc,omitempty"`
RestrictAddressFamilies string `yaml:"restrict_address_families,omitempty"`
RestrictNamespaces interface{} `validate:"bool" yaml:"restrict_namespaces,omitempty"`
RestrictRealtime interface{} `validate:"bool" yaml:"restrict_realtime,omitempty"`
RootDirectory string `yaml:"root_directory,omitempty"`
RuntimeDirectory string `yaml:"runtime_directory,omitempty"`
RuntimeDirectoryMode string `yaml:"runtime_directory_mode,omitempty"`
SecureBits string `yaml:"secure_bits,omitempty"`
SELinuxContext string `yaml:"se_linux_context,omitempty"`
SmackProcessLabel string `yaml:"smack_process_label,omitempty"`
StandardError string `yaml:"standard_error,omitempty"`
StandardInput string `yaml:"standard_input,omitempty"`
StandardOutput string `yaml:"standard_output,omitempty"`
SupplementaryGroups string `yaml:"supplementary_groups,omitempty"`
SyslogFacility string `yaml:"syslog_facility,omitempty"`
SyslogIdentifier string `yaml:"syslog_identifier,omitempty"`
SyslogLevel string `yaml:"syslog_level,omitempty"`
SyslogLevelPrefix interface{} `validate:"bool" yaml:"syslog_level_prefix,omitempty"`
SystemCallArchitectures string `yaml:"system_call_architectures,omitempty"`
SystemCallErrorNumber string `yaml:"system_call_error_number,omitempty"`
SystemCallFilter string `yaml:"system_call_filter,omitempty"`
TimerSlackNSec string `yaml:"timer_slack_n_sec,omitempty"`
TTYPath string `yaml:"tty_path,omitempty"`
TTYReset string `yaml:"tty_reset,omitempty"`
TTYVHangup string `yaml:"ttyv_hangup,omitempty"`
TTYVTDisallocate string `yaml:"ttyvt_disallocate,omitempty"`
Umask string `yaml:"umask,omitempty"`
User string `yaml:"user,omitempty"`
UtmpIdentifier string `yaml:"utmp_identifier,omitempty"`
UtmpMode string `yaml:"utmp_mode,omitempty"`
WorkingDirectory string `yaml:"working_directory,omitempty"` //Takes a D-Bus bus name that this service is reachable as. This option is mandatory for services where Type= is set to dbus.
BusName string `yaml:"bus_name,omitempty"`
ExecReload string `yaml:"exec_reload,omitempty"`
ExecStart string `yaml:"exec_start,omitempty"`
ExecStartPost string `yaml:"exec_start_post,omitempty"`
ExecStartPre string `yaml:"exec_start_pre,omitempty"`
ExecStop string `yaml:"exec_stop,omitempty"`
ExecStopPost string `yaml:"exec_stop_post,omitempty"`
FailureAction string `yaml:"failure_action,omitempty"`
FileDescriptorStoreMax interface{} `validate:"int" yaml:"file_descriptor_store_max,omitempty"`
GuessMainPID interface{} `validate:"bool" yaml:"guess_main_pid,omitempty"`
NonBlocking interface{} `validate:"bool" yaml:"non_blocking,omitempty"`
NotifyAccess string `yaml:"notify_access,omitempty"`
PermissionsStartOnly interface{} `validate:"int" yaml:"permissions_start_only,omitempty"`
PIDFile string `yaml:"pid_file,omitempty"`
RemainAfterExit interface{} `validate:"bool" yaml:"remain_after_exit,omitempty"`
// always, on-success, on-failure, on-abnormal, on-abort, on-watchdog
Restart string `yaml:"restart,omitempty"`
RestartForceExitStatus interface{} `validate:"int" yaml:"restart_force_exit_status,omitempty"`
RestartPreventExitStatus interface{} `validate:"int" yaml:"restart_prevent_exit_status,omitempty"`
//Configures the time to sleep before restarting a service (as configured with Restart=). Takes a unit-less value in seconds, or a time span value such as "5min 20s". Defaults to 100ms.
RestartSec string `yaml:"restart_sec,omitempty"`
RootDirectoryStartOnly interface{} `validate:"int" yaml:"root_directory_start_only,omitempty"`
RuntimeMaxSec string `yaml:"runtime_max_sec,omitempty"`
SuccessExitStatus interface{} `validate:"int" yaml:"success_exit_status,omitempty"`
TimeoutSec string `yaml:"timeout_sec,omitempty"`
TimeoutStartSec string `yaml:"timeout_start_sec,omitempty"`
TimeoutStopSec string `yaml:"timeout_stop_sec,omitempty"`
//simple, forking, oneshot, dbus, notify or idle
Type string `yaml:"type,omitempty"`
WatchdogSec string `yaml:"watchdog_sec,omitempty"`
}
type SystemdUnit ¶
type SystemdUnit struct {
After string `yaml:"after,omitempty"`
AllowIsolate interface{} `validate:"bool" yaml:"allow_isolate,omitempty"`
AssertACPower string `yaml:"assert_ac_power,omitempty"`
AssertArchitecture string `yaml:"assert_architecture,omitempty"`
AssertCapability string `yaml:"assert_capability,omitempty"`
AssertDirectoryNotEmpty string `yaml:"assert_directory_not_empty,omitempty"`
AssertFileIsExecutable string `yaml:"assert_file_is_executable,omitempty"`
AssertFileNotEmpty string `yaml:"assert_file_not_empty,omitempty"`
AssertFirstBoot string `yaml:"assert_first_boot,omitempty"`
AssertHost string `yaml:"assert_host,omitempty"`
AssertKernelCommandLine string `yaml:"assert_kernel_command_line,omitempty"`
AssertNeedsUpdate string `yaml:"assert_needs_update,omitempty"`
AssertPathExists string `yaml:"assert_path_exists,omitempty"`
AssertPathExistsGlob string `yaml:"assert_path_exists_glob,omitempty"`
AssertPathIsDirectory string `yaml:"assert_path_is_directory,omitempty"`
AssertPathIsMountPoint string `yaml:"assert_path_is_mount_point,omitempty"`
AssertPathIsReadWrite string `yaml:"assert_path_is_read_write,omitempty"`
AssertPathIsSymbolicLink string `yaml:"assert_path_is_symbolic_link,omitempty"`
AssertSecurity string `yaml:"assert_security,omitempty"`
AssertVirtualization string `yaml:"assert_virtualization,omitempty"`
Before string `yaml:"before,omitempty"`
BindsTo string `yaml:"binds_to,omitempty"`
ConditionACPower string `yaml:"condition_ac_power,omitempty"`
ConditionArchitecture string `yaml:"condition_architecture,omitempty"`
ConditionCapability string `yaml:"condition_capability,omitempty"`
ConditionDirectoryNotEmpty string `yaml:"condition_directory_not_empty,omitempty"`
ConditionFileIsExecutable string `yaml:"condition_file_is_executable,omitempty"`
ConditionFileNotEmpty string `yaml:"condition_file_not_empty,omitempty"`
ConditionFirstBoot string `yaml:"condition_first_boot,omitempty"`
ConditionHost string `yaml:"condition_host,omitempty"`
ConditionKernelCommandLine string `yaml:"condition_kernel_command_line,omitempty"`
ConditionPathExists string `yaml:"condition_path_exists,omitempty"`
ConditionPathExistsGlob string `yaml:"condition_path_exists_glob,omitempty"`
ConditionPathIsDirectory string `yaml:"condition_path_is_directory,omitempty"`
ConditionPathIsMountPoint string `yaml:"condition_path_is_mount_point,omitempty"`
ConditionPathIsReadWrite string `yaml:"condition_path_is_read_write,omitempty"`
ConditionPathIsSymbolicLink string `yaml:"condition_path_is_symbolic_link,omitempty"`
ConditionSecurity string `yaml:"condition_security,omitempty"`
ConditionVirtualization string `yaml:"condition_virtualization,omitempty"`
Conflicts string `yaml:"conflicts,omitempty"`
DefaultDependencies interface{} `validate:"bool" yaml:"default_dependencies,omitempty"`
Description string `yaml:"description,omitempty"`
Documentation string `yaml:"documentation,omitempty"`
IgnoreOnIsolate interface{} `validate:"bool" yaml:"ignore_on_isolate,omitempty"`
JobTimeoutAction string `yaml:"job_timeout_action,omitempty"`
JobTimeoutRebootArgument string `yaml:"job_timeout_reboot_argument,omitempty"`
ConditionNeedsUpdate string `yaml:"condition_needs_update,omitempty"`
JobTimeoutSec string `yaml:"job_timeout_sec,omitempty"`
JoinsNamespaceOf string `yaml:"joins_namespace_of,omitempty"`
//reboot-immediate, poweroff, poweroff-force or poweroff-immediates
OnFailure string `yaml:"on_failure,omitempty"`
OnFailureJobMode string `yaml:"on_failure_job_mode,omitempty"`
PartOf string `yaml:"part_of,omitempty"`
PropagatesReloadTo string `yaml:"propagates_reload_to,omitempty"`
RebootArgument string `yaml:"reboot_argument,omitempty"`
RefuseManualStart interface{} `validate:"bool" yaml:"refuse_manual_start,omitempty"`
RefuseManualStop interface{} `validate:"bool" yaml:"refuse_manual_stop,omitempty"`
ReloadPropagatedFrom string `yaml:"reload_propagated_from,omitempty"`
Requires string `yaml:"requires,omitempty"`
RequiresMountsFor string `yaml:"requires_mounts_for,omitempty"`
Requisite string `yaml:"requisite,omitempty"`
SourcePath string `yaml:"source_path,omitempty"`
StartLimitAction string `yaml:"start_limit_action,omitempty"`
StartLimitBurst string `yaml:"start_limit_burst,omitempty"`
StartLimitIntervalSec string `yaml:"start_limit_interval_sec,omitempty"`
StopWhenUnneeded interface{} `validate:"bool" yaml:"stop_when_unneeded,omitempty"`
Wants string `yaml:"wants,omitempty"`
}
type TarPackage ¶ added in v0.7.1
type Transformer ¶
type Transformer func(cfg *Config, ctx *SystemContext) (commands []Command, files Filesystem, err error)
type User ¶
type User struct {
// The user's login name
Name string `yaml:"name,omitempty"`
//The user name's real name, i.e. "Bob B. Smith"
Gecos string `yaml:"gecos,omitempty"`
// Optional. The SELinux user for the user's login, such as
// "staff_u". When this is omitted the system will select the default
// SELinux user.
SeLinuxUser string `yaml:"selinux_user,omitempty"`
ExpireDate string `yaml:"expiredate,omitempty"`
// Defaults to none. Accepts a sudo rule string, a list of sudo rule
// strings or False to explicitly deny sudo usage. Examples:
//
// Allow a user unrestricted sudo access.
// sudo: ALL=(ALL) NOPASSWD:ALL
//
// Adding multiple sudo rule strings.
// sudo:
// - ALL=(ALL) NOPASSWD:/bin/mysql
// - ALL=(ALL) ALL
//
// Prevent sudo access for a user.
// sudo: False
//
// Note: Please double check your syntax and make sure it is valid.
// cloud-init does not parse/check the syntax of the sudo
// directive.
Sudo string `yaml:"sudo,omitempty"`
// The hash -- not the password itself -- of the password you want
// to use for this user. You can generate a safe hash via:
// mkpasswd --method=SHA-512 --rounds=4096
// (the above command would create from stdin an SHA-512 password hash
// with 4096 salt rounds)
//
// Please note: while the use of a hashed password is better than
// plain text, the use of this feature is not ideal. Also,
// using a high number of salting rounds will help, but it should
// not be relied upon.
//
// To highlight this risk, running John the Ripper against the
// example hash above, with a readily available wordlist, revealed
// the true password in 12 seconds on a i7-2620QM.
//
// In other words, this feature is a potential security risk and is
// provided for your convenience only. If you do not fully trust the
// medium over which your cloud-config will be transmitted, then you
// should use SSH authentication only.
//
// You have thus been warned.
Passwd string `yaml:"passwd,omitempty"`
// define the primary group. Defaults to a new group created named after the user.
PrimaryGroup string `yaml:"primary_group,omitempty"`
Groups string `yaml:"groups,omitempty"`
// Optional. Import SSH ids
SSHImportID string `yaml:"ssh_import_id,omitempty"`
//Defaults to true. Lock the password to disable password login
LockPasswd bool `yaml:"lock_passwd,omitempty"`
//When set to true, do not create home directory
NoCreateHome bool `yaml:"no_create_home,omitempty"`
//When set to true, do not create a group named after the user.
NoUserGroup bool `yaml:"no_user_group,omitempty"`
//When set to true, do not initialize lastlog and faillog database.
NoLogInit bool `yaml:"no_log_init,omitempty"`
//Add keys to user's authorized keys file
SSHAuthorizedKeys []string `yaml:"ssh_authorized_keys,omitempty"`
//Create the user as inactive
Inactive bool `yaml:"inactive,omitempty"`
// Create the user as a system user. This means no home directory.
System bool `yaml:"system,omitempty"`
//Create a Snappy (Ubuntu-Core) user via the snap create-user
// command available on Ubuntu systems. If the user has an account
// on the Ubuntu SSO, specifying the email will allow snap to
// request a username and any public ssh keys and will import
// these into the system with username specified by SSO account./
// If 'username' is not set in SSO, then username will be the
// shortname before the email domain.
Snapuser string `yaml:"snapuser,omitempty"`
// Set true to block ssh logins for cloud
// ssh public keys and emit a message redirecting logins to
// use <default_username> instead. This option only disables cloud
// provided public-keys. An error will be raised if ssh_authorized_keys
// or ssh_import_id is provided for the same user.
SSHRedirectUser bool `yaml:"ssh_redirect_user,omitempty"`
Shell string `yaml:"shell,omitempty"`
UID string `yaml:"uid,omitempty"`
}
User mirrors the CloudInit User struct.
type VerifyPhase ¶
type VerifyPhase interface {
Verify(cfg *Config, results *VerifyResults, flags ...Flag) bool
}
type VerifyResults ¶
Results records the results of a test or verification run
func (*VerifyResults) Done ¶
func (c *VerifyResults) Done()
func (*VerifyResults) Fail ¶
func (c *VerifyResults) Fail(msg string, args ...interface{})
func (*VerifyResults) Pass ¶
func (c *VerifyResults) Pass(msg string, args ...interface{})
func (*VerifyResults) Skip ¶
func (c *VerifyResults) Skip(msg string, args ...interface{})
Source Files
Click to show internal directories.
Click to hide internal directories.