diff options
| -rw-r--r-- | README.md | 2 | ||||
| -rw-r--r-- | lib/leap_cli/commands/cert.rb (renamed from lib/leap_cli/commands/ca.rb) | 0 | ||||
| -rw-r--r-- | lib/leap_cli/commands/ping.rb | 58 | ||||
| -rw-r--r-- | platform.rb | 2 | ||||
| -rw-r--r-- | provider_base/provider.json | 2 | ||||
| -rw-r--r-- | provider_base/services/mx.json | 1 | ||||
| -rw-r--r-- | puppet/modules/site_couchdb/manifests/add_users.pp | 16 | ||||
| -rw-r--r-- | tests/server-tests/helpers/client_side_db.py | 3 | ||||
| -rw-r--r-- | tests/server-tests/white-box/soledad.rb | 2 |
9 files changed, 73 insertions, 13 deletions
@@ -1,7 +1,7 @@ Leap Platform ============================= -[](https://0xacab.org/leap/platform/commits/develop) +[](https://0xacab.org/leap/platform/commits/master) The LEAP Platform is set of complementary packages and server recipes to automate the maintenance of LEAP services in a hardened Debian environment. Its diff --git a/lib/leap_cli/commands/ca.rb b/lib/leap_cli/commands/cert.rb index 1c67ae67..1c67ae67 100644 --- a/lib/leap_cli/commands/ca.rb +++ b/lib/leap_cli/commands/cert.rb diff --git a/lib/leap_cli/commands/ping.rb b/lib/leap_cli/commands/ping.rb new file mode 100644 index 00000000..4283d9b3 --- /dev/null +++ b/lib/leap_cli/commands/ping.rb @@ -0,0 +1,58 @@ +module LeapCli; module Commands + + desc "Ping nodes to see if they are alive." + long_desc "Attempts to ping each node in the FILTER set." + arg_name "FILTER" + command :ping do |c| + c.flag 'timeout', :arg_name => "TIMEOUT", + :default_value => 2, :desc => 'Wait at most TIMEOUT seconds.' + c.flag 'count', :arg_name => "COUNT", + :default_value => 2, :desc => 'Ping COUNT times.' + c.action do |global, options, args| + do_ping(global, options, args) + end + end + + private + + def do_ping(global, options, args) + assert_bin!('ping') + + timeout = [options[:timeout].to_i, 1].max + count = [options[:count].to_i, 1].max + nodes = nil + + if args && args.any? + node = manager.disabled_node(args.first) + if node + nodes = Config::ObjectList.new + nodes.add(node.name, node) + end + end + + nodes ||= manager.filter! args + + threads = [] + nodes.each_node do |node| + threads << Thread.new do + cmd = "ping -i 0.2 -n -q -W #{timeout} -c #{count} #{node.ip_address} 2>&1" + log(2, cmd) + output = `#{cmd}` + if $?.success? + last = output.split("\n").last + times = last.split('=').last.strip + min, avg, max, mdev = times.split('/') + log("ping #{min} ms", host: node.name, color: :green) + else + log(:failed, "to ping #{node.ip_address}", host: node.name) + end + end + end + threads.map(&:join) + + log("done") + end + +end; end + + diff --git a/platform.rb b/platform.rb index 2ff0a27f..935fa385 100644 --- a/platform.rb +++ b/platform.rb @@ -4,7 +4,7 @@ # Leap::Platform.define do - self.version = "0.9" + self.version = "0.10" self.compatible_cli = "1.9".."1.99" # diff --git a/provider_base/provider.json b/provider_base/provider.json index 81b2ea98..521c682f 100644 --- a/provider_base/provider.json +++ b/provider_base/provider.json @@ -58,7 +58,7 @@ } }, "client_version": { - "min": "0.7", + "min": "0.9.4", "max": null } } diff --git a/provider_base/services/mx.json b/provider_base/services/mx.json index 2db773b5..334e40de 100644 --- a/provider_base/services/mx.json +++ b/provider_base/services/mx.json @@ -37,7 +37,6 @@ }, "x509": { "use": true, - "use_commercial": false, "ca_cert": "= file :ca_cert, :missing => 'provider CA. Run `leap cert ca`'", "client_ca_cert": "= file :client_ca_cert, :missing => 'Certificate Authority. Run `leap cert ca`'", "client_ca_key": "= file :client_ca_key, :missing => 'Certificate Authority. Run `leap cert ca`'" diff --git a/puppet/modules/site_couchdb/manifests/add_users.pp b/puppet/modules/site_couchdb/manifests/add_users.pp index f12c5a5e..5c32c1e3 100644 --- a/puppet/modules/site_couchdb/manifests/add_users.pp +++ b/puppet/modules/site_couchdb/manifests/add_users.pp @@ -1,6 +1,8 @@ # add couchdb users for all services class site_couchdb::add_users { + $services = hiera('services', []) + Class['site_couchdb::create_dbs'] -> Class['site_couchdb::add_users'] @@ -29,12 +31,14 @@ class site_couchdb::add_users { ## soledad couchdb user ## r/w: user-<uuid>, shared ## read: tokens - couchdb::add_user { $site_couchdb::couchdb_soledad_user: - roles => '["tokens"]', - pw => $site_couchdb::couchdb_soledad_pw, - salt => $site_couchdb::couchdb_soledad_salt, - require => Couchdb::Query::Setup['localhost'], - notify => Service['soledad-server']; + if member($services, 'soledad') { + couchdb::add_user { $site_couchdb::couchdb_soledad_user: + roles => '["tokens"]', + pw => $site_couchdb::couchdb_soledad_pw, + salt => $site_couchdb::couchdb_soledad_salt, + require => Couchdb::Query::Setup['localhost'], + notify => Service['soledad-server']; + } } ## webapp couchdb user diff --git a/tests/server-tests/helpers/client_side_db.py b/tests/server-tests/helpers/client_side_db.py index 2f8c220f..5842c007 100644 --- a/tests/server-tests/helpers/client_side_db.py +++ b/tests/server-tests/helpers/client_side_db.py @@ -55,8 +55,7 @@ def get_soledad_instance(uuid, passphrase, basedir, server_url, cert_file, local_db_path=local_db_path, server_url=server_url, cert_file=cert_file, - auth_token=token, - defer_encryption=True) + auth_token=token) def _get_api_info(provider): diff --git a/tests/server-tests/white-box/soledad.rb b/tests/server-tests/white-box/soledad.rb index d41bee58..b89145bc 100644 --- a/tests/server-tests/white-box/soledad.rb +++ b/tests/server-tests/white-box/soledad.rb @@ -10,7 +10,7 @@ class Soledad < LeapTest end def test_00_Is_Soledad_running? - assert_running '.*/usr/bin/twistd.*--wsgi=leap.soledad.server.application' + assert_running '/usr/bin/python /usr/bin/twistd --uid=soledad --gid=soledad --pidfile=/var/run/soledad.pid --syslog --prefix=soledad-server web --class=leap.soledad.server.resource.SoledadResource.*' pass end |