[puppet] Add module fas
by Xavier Lamien
commit 6c70ff19038088f7bcd224d8db2627a9d7da11be
Author: Xavier Lamien <laxathom(a)lxtnow.net>
Date: Tue Sep 11 00:57:44 2012 +0200
Add module fas
modules/fas/manifests/init.pp | 47 ++++++++++
modules/fas/templates/client/fas.conf.erb | 66 ++++++++++++++
modules/fas/templates/server/fas.cfg | 139 +++++++++++++++++++++++++++++
3 files changed, 252 insertions(+), 0 deletions(-)
---
diff --git a/modules/fas/manifests/init.pp b/modules/fas/manifests/init.pp
new file mode 100644
index 0000000..ebd6ed0
--- /dev/null
+++ b/modules/fas/manifests/init.pp
@@ -0,0 +1,47 @@
+class fas {
+
+ class server (
+ $fas_db_user = 'fasuser',
+ $fas_db_passwd = 'faspass',
+ $fas_db_host = $hostname,
+ $fas_db_name = 'fas2',
+ $fas_srv_port = '8088',
+ $fas_mail_srv = 'localhost',
+ $fas_srv_env = 'production'
+ )
+ {
+
+ package { 'fas': ensure => installed }
+ package { 'fas-template-rpmfusion': ensure => installed }
+ package { 'fas-theme-rpmfusion': ensure => installed }
+
+ file { '/etc/fas.cfg':
+ owner => 'root',
+ group => 'root',
+ mode => 0600,
+ content => template('fas/server/fas.cfg.erb'),
+ require => Package['fas']
+ }
+
+
+ }
+
+ class client (
+ $group = $fas_groups ? { "" => ["sysadmin-main" ], default => $fas_groups }
+ $restricted_app = $fas_restricted_app ? { "" => ["/usr/bin/cvs server", default => $fas_restricted_app }
+ $ssh_groups = $fas_ssh_groups
+ )
+ {
+
+ package { "fas-clients": ensure => installed }
+
+ file { "/etc/fas.conf":
+ owner => "root",
+ group => "root",
+ mode => 0600,
+ content => template("fas/client/fas.conf.erb"),
+ require => Package["fas-clients"],
+ }
+
+ }
+}
diff --git a/modules/fas/templates/client/fas.conf.erb b/modules/fas/templates/client/fas.conf.erb
new file mode 100644
index 0000000..12b2edb
--- /dev/null
+++ b/modules/fas/templates/client/fas.conf.erb
@@ -0,0 +1,66 @@
+[global]
+; url - Location to fas server
+url = https://fas.rpmfusion.org/accounts/
+
+; temp - Location to generate files while user creation process is happening
+temp = /var/db
+
+; login - username to contact fas
+login = <=% fas_sys_user %>
+
+; password - password for login name
+password = <=% fas_sys_passwd %>
+
+; prefix - Install db files, etc, to a prefix (like a chroot for example)
+prefix = /
+
+[host]
+; Group hierarchy is 1) groups, 2) restricted_groups 3) ssh_restricted_groups
+; so if someone is in all 3, the client behaves the same as if they were just
+; in 'groups'
+
+; groups that should have a shell account on this system.
+groups = <=% fas_group %>
+
+; groups that should have a restricted account on this system.
+; restricted accounts use the restricted_shell value in [users]
+restricted_groups =
+
+; ssh_restricted_groups: groups that should be restricted by ssh key. You will
+; need to disable password based logins in order for this value to have any
+; security meaning. Group types can be placed here as well, for example
+; @hg,@git,@svn
+ssh_restricted_groups = <=% fas_ssh_group %>
+
+; aliases_template: Gets prepended to the aliases file when it is generated by
+; fasClient
+aliases_template = /tmp/template.txt
+
+[users]
+; default shell given to people in [host] groups
+shell = /bin/bash
+
+; home - the location for fas user home dirs
+home = /home/rpmfusion
+
+; home_backup_dir - Location home dirs should get moved to when a user is
+; deleted this location should be tmpwatched
+home_backup_dir = /tmp/rpmfusion
+
+; ssh_restricted_app - This is the path to the restricted shell script. It
+; will not work automatically for most people though through alterations it
+; is a powerfull way to restrict access to a machine. An alternative example
+; could be given to people who should only have cvs access on the machine.
+; setting this value to "/usr/bin/cvs server" would do this.
+ssh_restricted_app = "/usr/bin/cvs server"
+
+; restricted_shell - The shell given to users in the ssh_restricted_groups
+restricted_shell = /sbin/nologin
+
+; ssh_restricted_shell - The shell given to users in the ssh_restricted_groups
+ssh_restricted_shell = /bin/bash
+
+; ssh_key_options - Options to be appended to people ssh keys. Users in the
+; ssh_restricted_groups will have the keys they uploaded altered when they are
+; installed on this machine, appended with the options below.
+ssh_key_options = no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty
diff --git a/modules/fas/templates/server/fas.cfg b/modules/fas/templates/server/fas.cfg
new file mode 100644
index 0000000..0a0b9fe
--- /dev/null
+++ b/modules/fas/templates/server/fas.cfg
@@ -0,0 +1,139 @@
+[global]
+
+samadhi.baseurl = 'https://fas.rpmfusion.org/'
+
+theme = 'rpmfusion'
+# TODO: better namespacing (maybe a [fas] section)
+admingroup = 'accounts'
+
+#accounts_email = "nobody(a)rpmfusion.org"
+accounts_email = "accounts(a)rpmfusion.org"
+legal_cla_email = "nobody(a)rpmfusion.org"
+#legal_cla_email = "legal-cla-archive(a)rpmfusion.org"
+
+email_host = "rpmfusion.org" # as in, web-members@email_host
+
+gpgexec = "/usr/bin/gpg"
+gpghome = "/home/thl/work/rpmfusion/rpmfusion-infrastructure/fas/gnupg"
+gpg_fingerprint = "C199 1E25 D00A D200 2D2E 54D1 BF7F 1647 C54E 8410"
+gpg_passphrase = "m00!s@ysth3c0w"
+gpg_keyserver = "hkp://subkeys.pgp.net"
+
+cla_done_group = "cla_done"
+cla_fedora_group = "cla_rpmfusion"
+
+privileged_view_groups = "(^fas-.*)"
+username_blacklist = "(.*-members)|(.*-sponsors)|(.*-administrators)|(root)|(webmaster)"
+
+openidstore = "/var/tmp/fas/openid"
+
+openssl_digest = "md5"
+openssl_expire = 31536000 # 60*60*24*365 = 1 year
+openssl_ca_file = "/etc/pki/CA_rpmfusion"
+openssl_c = "ES"
+openssl_st = "Barcelona"
+openssl_l = "Barcelona"
+openssl_o = "RPM Fusion"
+openssl_ou = "Upload Files"
+
+# Groups that automatically grant membership to other groups
+# Format: 'group1:a,b,c|group2:d,e,f'
+auto_approve_groups = 'cvsextras:rpmfusionbugs|cla_rpmfusion:cla_done|cla_redhat:cla_done|cla_dell:cla_done|cla_ibm:cla_done'
+
+# This is where all of your settings go for your development environment # Settings that are the same for both development and production
+# (such as template engine, encodings, etc.) all go in
+# fas/config/app.cfg
+
+mail.on = True
+mail.server = '<=% fas_mail_srv %>'
+#mail.testmode = True
+mail.debug = False
+mail.encoding = 'utf-8'
+
+# DATABASE
+
+# pick the form for your database
+# sqlobject.dburi="postgres://username@hostname/databasename"
+# sqlobject.dburi="mysql://username:password@hostname:port/databasename"
+# sqlobject.dburi="sqlite:///file_name_and_path"
+
+sqlalchemy.dburi="postgres://<=% fas_db_user %>:<=% fas_db_passwd %>@<=% fas_db_host %>/<=% fas_db_name %>"
+#sqlalchemy.echo=True
+
+# if you are using a database or table type without transactions
+# (MySQL default, for example), you should turn off transactions
+# by prepending notrans_ on the uri
+# sqlobject.dburi="notrans_mysql://username:password@hostname:port/databasename"
+
+# for Windows users, sqlite URIs look like:
+# sqlobject.dburi="sqlite:///drive_letter:/path/to/file"
+
+# SERVER
+
+# Some server parameters that you may want to tweak
+server.socket_port=<%= fas_srv_port %>
+
+# Enable the debug output at the end on pages.
+# log_debug_info_filter.on = False
+
+server.environment="<=% fas_srv_env %>"
+autoreload.package="fas"
+
+# session_filter.on = True
+
+# Set to True if you'd like to abort execution if a controller gets an
+# unexpected parameter. False by default
+tg.strict_parameters = False
+
+server.webpath='/accounts'
+base_url_filter.on = True
+base_url_filter.use_x_forwarded_host = True
+base_url_filter.base_url = "http://fas.rpmfusion.org:<=% fas_srv_port %>/accounts"
+
+# Make the session cookie only return to the host over an SSL link
+# Disabled for testing.
+#visit.cookie.secure = True
+
+[/rpmfusion-server-ca.cert]
+static_filter.on = True
+static_filter.file = "/etc/pki/rpmfusion/rpmfusion-server-ca.cert"
+
+[/rpmfusion-upload-ca.cert]
+static_filter.on = True
+static_filter.file = "/etc/pki/rpmfusion/rpmfusion-upload-ca.cert"
+
+# LOGGING
+# Logging configuration generally follows the style of the standard
+# Python logging module configuration. Note that when specifying
+# log format messages, you need to use *() for formatting variables.
+# Deployment independent log configuration is in fas/config/log.cfg
+[logging]
+
+[[loggers]]
+[[[fas]]]
+level='DEBUG'
+qualname='fas'
+handlers=['debug_out']
+
+[[[allinfo]]]
+level='INFO'
+handlers=['debug_out']
+
+[[[access]]]
+level='INFO'
+qualname='turbogears.access'
+handlers=['access_out']
+propagate=0
+
+[[[identity]]]
+level='INFO'
+qualname='turbogears.identity'
+handlers=['access_out']
+propagate=0
+
+[[[database]]]
+# Set to INFO to make SQLAlchemy display SQL commands
+level='ERROR'
+qualname='sqlalchemy.engine'
+handlers=['debug_out']
+propagate=0
12 years, 2 months
[puppet] Add module koji
by Xavier Lamien
commit e8aac02d42824aeb6e84b9933a1e8c33c21afcaf
Author: Xavier Lamien <laxathom(a)old03.ovh.rpmfusion.lan>
Date: Mon Sep 10 23:13:12 2012 +0200
Add module koji
modules/koji/files/builder/kojid | 3 +
modules/koji/files/hub/kojihub.conf | 24 ++++
modules/koji/files/kojira/kojira | 4 +
modules/koji/files/kojira/kojira.conf | 34 ++++++
modules/koji/files/web/kojiweb.conf | 57 ++++++++++
modules/koji/manifests/init.pp | 141 ++++++++++++++++++++++++
modules/koji/templates/builder/kojid.conf.erb | 64 +++++++++++
modules/koji/templates/hub-server/hub.conf.erb | 56 ++++++++++
8 files changed, 383 insertions(+), 0 deletions(-)
---
diff --git a/modules/koji/files/builder/kojid b/modules/koji/files/builder/kojid
new file mode 100644
index 0000000..da2e97d
--- /dev/null
+++ b/modules/koji/files/builder/kojid
@@ -0,0 +1,3 @@
+FORCE_LOCK=Y
+KOJID_DEBUG=Y
+KOJID_VERBOSE=Y
diff --git a/modules/koji/files/hub/kojihub.conf b/modules/koji/files/hub/kojihub.conf
new file mode 100644
index 0000000..3f1911c
--- /dev/null
+++ b/modules/koji/files/hub/kojihub.conf
@@ -0,0 +1,24 @@
+#
+# koji-hub is an xmlrpc interface to the Koji database
+#
+
+Alias /kojihub "/usr/share/koji-hub/XMLRPC"
+
+<Directory /usr/share/koji-hub>
+ SetHandler mod_python
+ PythonHandler kojixmlrpc
+
+ PythonOption ConfigFile /etc/koji-hub/hub.conf
+
+ PythonDebug Off
+ # autoreload is mostly useless to us (it would only reload kojixmlrpc.py)
+ PythonAutoReload Off
+</Directory>
+
+# uncomment this to enable authentication via SSL client certificates
+<Location /kojihub>
+ SSLOptions +StdEnvVars
+</Location>
+# these options must be enabled globally (in ssl.conf)
+# SSLVerifyClient require
+# SSLVerifyDepth 10
diff --git a/modules/koji/files/kojira/kojira b/modules/koji/files/kojira/kojira
new file mode 100644
index 0000000..830c183
--- /dev/null
+++ b/modules/koji/files/kojira/kojira
@@ -0,0 +1,4 @@
+FORCE_LOCK=Y
+KOJIRA_DEBUG=N
+KOJIRA_VERBOSE=Y
+RUNAS=root
diff --git a/modules/koji/files/kojira/kojira.conf b/modules/koji/files/kojira/kojira.conf
new file mode 100644
index 0000000..7a8f707
--- /dev/null
+++ b/modules/koji/files/kojira/kojira.conf
@@ -0,0 +1,34 @@
+[kojira]
+; For user/pass authentication
+; user=kojira
+; password=kojira
+
+; For Kerberos authentication
+; the principal to connect with
+;principal=koji/repo(a)EXAMPLE.COM
+; The location of the keytab for the principal above
+;keytab=/etc/kojira.keytab
+
+; The URL for the koji hub server
+server=http://buildsys.rpmfusion.org/kojihub
+
+; The directory containing the repos/ directory
+topdir=/srv/koji
+
+; Logfile
+logfile=/var/log/kojira.log
+
+; Include srpms in repos? (not needed for normal operation)
+with_src=no
+
+;configuration for SSL athentication
+
+;client certificate
+cert = /etc/kojira/kojira.pem
+
+;certificate of the CA that issued the client certificate
+ca = /etc/kojira/rpmfusion_ca_cert.crt
+serverca = /etc/kojira/rpmfusion_ca_cert.crt
+
+;certificate of the CA that issued the HTTP server certificate
+;serverca = /etc/kojira/serverca.crt
diff --git a/modules/koji/files/web/kojiweb.conf b/modules/koji/files/web/kojiweb.conf
new file mode 100644
index 0000000..9d5d59a
--- /dev/null
+++ b/modules/koji/files/web/kojiweb.conf
@@ -0,0 +1,57 @@
+Alias /koji "/usr/share/koji-web/scripts/"
+Alias /koji-packages /srv/koji/packages/
+Alias /koji-repos /srv/koji/repos/
+
+<Directory "/usr/share/koji-web/scripts/">
+ # Config for the publisher handler
+ SetHandler mod_python
+ # Use kojiweb's publisher (which handles errors more gracefully)
+ # You can also use mod_python.publisher, but you will lose the pretty tracebacks
+ PythonHandler kojiweb.publisher
+
+ # General settings
+ PythonDebug On
+ PythonOption SiteName "RPM Fusion Build System"
+ PythonOption KojiHubURL http://buildsys.rpmfusion.org/kojihub
+ PythonOption KojiPackagesURL http://buildsys.rpmfusion.org/koji-packages
+ PythonOption KojiImagesURL http://buildsys.rpmfusion.org/koji/images
+ PythonOption DNUsernameComponent CN
+ PythonOption ProxyDNs "/C=ES/ST=Barcelona/O=RPM Fusion/CN=kojiweb"
+
+# PythonOption WebPrincipal koji/web(a)EXAMPLE.COM
+# PythonOption WebKeytab /etc/httpd.keytab
+ PythonOption WebCCache /var/tmp/kojiweb.ccache
+ PythonOption WebCert /etc/pki/koji/kojiweb.pem
+ PythonOption ClientCA /etc/pki/koji/rpmfusion_ca_cert.crt
+ PythonOption KojiHubCA /etc/pki/koji/rpmfusion_ca_cert.crt
+ PythonOption LoginTimeout 72
+ # This must be changed before deployment
+ PythonOption Secret CHANGE_ME123
+ PythonPath "sys.path + ['/usr/share/koji-web/lib']"
+ PythonCleanupHandler kojiweb.handlers::cleanup
+ PythonAutoReload Off
+</Directory>
+
+# uncomment this to enable authentication via SSL client certificates
+<Location /koji/login>
+ SSLOptions +StdEnvVars
+</Location>
+# these options must be enabled globally (in ssl.conf)
+# SSLVerifyClient require
+# SSLVerifyDepth 10
+
+Alias /koji-static/ "/usr/share/koji-web/static/"
+
+<Directory "/usr/share/koji-web/static/">
+ Options None
+ AllowOverride None
+ Order allow,deny
+ Allow from all
+</Directory>
+
+<Directory "/srv/koji/repos/">
+ Options +Indexes
+ AllowOverride None
+ Order Allow,Deny
+ Allow from All
+</Directory>
diff --git a/modules/koji/manifests/init.pp b/modules/koji/manifests/init.pp
new file mode 100644
index 0000000..58c1ab1
--- /dev/null
+++ b/modules/koji/manifests/init.pp
@@ -0,0 +1,141 @@
+class koji {
+
+ package { "koji":
+ ensure => installed
+ }
+
+ class hub inherits koji {
+
+ include httpd
+
+ package { "koji-hub":
+ ensure => installed
+ }
+
+ #configfile { '/etc/cron.d/koji-directory-cleanup':
+ # source => 'build/koji-directory-cleanup',
+ #}
+ #configfile { '/etc/cron.d/koji-gc':
+ # source => 'build/koji-gc',
+ #}
+ #configfile { '/etc/cron.d/koji-prunesigs':
+ # source => 'build/koji-prunesigs',
+ #}
+
+ file { '/etc/httpd/conf.d/kojihub.conf':
+ source => 'web/applications/kojihub.conf',
+ }
+
+ file { '/etc/koji-hub/hub.conf':
+ path => '/etc/koji-hub/hub.conf',
+ owner => apache, #TODO: move this to variable if we manage more than one webserver app.
+ group => apache,
+ mode => 600,
+ require => Package[koji-hub],
+ content => template('build/hub.conf.erb'),
+ notify => Service['httpd'] #TODO: same as above.
+ }
+ }
+
+ class web inherits koji {
+
+ include httpd
+
+ package { koji-web:
+ ensure => present,
+ }
+
+ file { '/etc/httpd/conf.d/kojiweb.conf':
+ content => template('koji/web/kojiweb.conf'),
+ mode => 640,
+ owner => 'root',
+ group => 'root',
+ backup => main,
+ recurse => false,
+ ensure => file,
+ notify => Service['httpd'],
+ require => Package['httpd']
+ }
+
+ file { "/etc/pki/koji":
+ replace => false,
+ ensure => directory
+ }
+
+ file { "/srv/koji/repos":
+ replace => false,
+ ensure => directory
+ }
+
+ cert { "/etc/pki/koji/rpmfusion_ca_cert.crt":
+ source => "secure/certs/CA/rpmfusion_ca_cert.crt",
+ notify => Service['httpd'],
+ }
+
+ cert { "/etc/pki/koji/kojiweb.pem":
+ source => "secure/certs/web/kojiweb.pem",
+ notify => Service['httpd'],
+ }
+ }
+
+ class builder inherits koji {
+
+ include mock
+
+ package { "koji-builder":
+ ensure => installed
+ }
+
+ service { kojid:
+ ensure => true,
+ subscribe => [ Package["koji-builder"] ]
+ }
+
+ file { '/etc/kojid/kojid.conf':
+ content => template('koji/builder/kojid.conf.erb'),
+ path => '/etc/kojid/kojid.conf',
+ owner => root,
+ group => root,
+ mode => 644,
+ require => Package[koji-builder],
+ notify => Service['kojid']
+ }
+
+ file { ['/pub', '/srv/koji', '/pub/fedora', '/pub/epel' ]:
+ ensure => directory
+ }
+
+ cert { "/etc/kojid/rpmfusion_ca_cert.crt":
+ source => "secure/certs/CA/rpmfusion_ca_cert.crt",
+ notify => Service['kojid'],
+ }
+
+ cert { "/etc/kojid/$hostname.es.rpmfusion.net.pem":
+ source => "secure/certs/builders/$hostname.pem",
+ notify => Service['kojid'],
+ }
+ }
+
+ class kojira inherits koji {
+
+ package { "koji-utils":
+ ensure => installed
+ }
+
+ service { kojira:
+ require => Package['koji-utils'],
+ ensure => true,
+ enable => true,
+ }
+
+ cert { "/etc/pki/koji/rpmfusion_ca_cert.crt":
+ source => "secure/certs/CA/rpmfusion_ca_cert.crt",
+ notify => Service['kojira'],
+ }
+
+ cert { "/etc/kojira/kojira.pem":
+ source => "secure/certs/web/kojira.pem",
+ notify => Service['kojira'],
+ }
+ }
+}
diff --git a/modules/koji/templates/builder/kojid.conf.erb b/modules/koji/templates/builder/kojid.conf.erb
new file mode 100644
index 0000000..5729fb8
--- /dev/null
+++ b/modules/koji/templates/builder/kojid.conf.erb
@@ -0,0 +1,64 @@
+[kojid]
+; The number of seconds to sleep between tasks
+sleeptime=15
+
+; The maximum number of jobs that kojid will handle at a time
+maxjobs=<%= smp_mflags %>
+
+; The minimum amount of free space (in MBs) required for each build root
+minspace=8192
+
+; The directory root where work data can be found from the koji hub
+topdir=/srv/koji
+
+; The directory root for temporary storage
+workdir=/srv/koji
+
+; The directory root for mock
+mockdir=/srv/koji/mock/
+
+; The user to run as when doing builds
+mockuser=kojibuilder
+
+; The vendor to use in rpm headers
+vendor=RPM Fusion
+
+; The packager to use in rpm headers
+packager=RPM Fusion
+
+; The distribution to use in rpm headers
+distribution=RPM Fusion
+
+; The _host string to use in mock
+; mockhost=koji-linux-gnu
+
+; The URL for the xmlrpc server
+server=http://buildsys.rpmfusion.org/kojihub
+
+; The URL for the packages tree
+pkgurl=http://buildsys.rpmfusion.org/koji-packages
+
+; A space-separated list of hostname:repository[:use_common] tuples that kojid is authorized to checkout from (no quotes).
+; Wildcards (as supported by fnmatch) are allowed.
+; If use_common is specified and is one of "false", "no", "off", or "0" (without quotes), then kojid will not attempt to checkout
+; a common/ dir when checking out sources from the source control system. Otherwise, it will attempt to checkout a common/
+; dir, and will raise an exception if it cannot.
+allowed_scms=cvs.rpmfusion.org:/cvs/free/ cvs.rpmfusion.org:/cvs/nonfree
+; git.example.org:/example svn.example.org:/users/*:no
+
+; The mail host to use for sending email notifications
+smtphost=localhost
+
+; The From address used when sending email notifications
+from_addr=RPM Fusion Build System <buildsys(a)rpmfusion.org>
+
+;configuration for SSL athentication
+
+;client certificate
+cert = /etc/kojid/<%= hostname %>.es.rpmfusion.net.pem
+
+;certificate of the CA that issued the client certificate
+ca = /etc/kojid/rpmfusion_ca_cert.crt
+
+;certificate of the CA that issued the HTTP server certificate
+serverca = /etc/kojid/rpmfusion_ca_cert.crt
diff --git a/modules/koji/templates/hub-server/hub.conf.erb b/modules/koji/templates/hub-server/hub.conf.erb
new file mode 100644
index 0000000..dbd5f79
--- /dev/null
+++ b/modules/koji/templates/hub-server/hub.conf.erb
@@ -0,0 +1,56 @@
+[hub]
+
+## Basic options
+DBName = koji
+DBUser = koji
+DBHost = <%= koji_db_host %>
+DBPass = <%= koji_db_pass %>
+KojiDir = /srv/koji
+
+## SSL client certificate auth configuration ##
+## the client username is the common name of the subject of their client certificate
+DNUsernameComponent = CN
+ProxyDNs = /C=ES/ST=Barcelona/O=RPM Fusion/CN=kojiweb
+
+
+
+LoginCreatesUser = On
+KojiWebURL = http://buildsys.rpmfusion.org/koji
+# The domain name that will be appended to Koji usernames
+# when creating email notifications
+#EmailDomain = rpmfusion.org
+
+# Notification
+NotifyOnSuccess = True
+
+## Disables all notifications
+DisableNotifications = False
+
+## Koji hub plugins
+## The path where plugins are found
+# PluginPath = /usr/lib/koji-hub-plugins
+## A space-separated list of plugins to load
+# Plugins = echo
+
+## If KojiDebug is on, the hub will be /very/ verbose and will report exception
+## details to clients for anticipated errors (i.e. koji's own exceptions --
+## subclasses of koji.GenericError).
+KojiDebug = Off
+
+## Determines how much detail about exceptions is reported to the client (via faults)
+## Meaningful values:
+## normal - a basic traceback (format_exception)
+## extended - an extended traceback (format_exc_plus)
+## anything else - no traceback, just the error message
+## The extended traceback is intended for debugging only and should NOT be
+## used in production, since it may contain sensitive information.
+# KojiTraceback = normal
+
+## These options are intended for planned outages
+# ServerOffline = False
+# OfflineMessage = temporary outage
+# LockOut = False
+## If ServerOffline is True, the server will always report a ServerOffline fault (with
+## OfflineMessage as the fault string).
+## If LockOut is True, the server will report a ServerOffline fault for all non-admin
+## requests.
12 years, 2 months
[puppet] Grrrr, remove this plain pass from shell script
by Xavier Lamien
commit 8ad8a6a04ee08805b72a6aae250381a9b2feed8f
Author: Xavier Lamien <laxathom(a)lxtnow.net>
Date: Fri Sep 7 12:57:43 2012 +0200
Grrrr, remove this plain pass from shell script
modules/cvs/files/admin-tools/addpackage-free.sh | 5 +----
.../cvs/files/admin-tools/addpackage-nonfree.sh | 5 +----
2 files changed, 2 insertions(+), 8 deletions(-)
---
diff --git a/modules/cvs/files/admin-tools/addpackage-free.sh b/modules/cvs/files/admin-tools/addpackage-free.sh
index 77997c4..1990f58 100755
--- a/modules/cvs/files/admin-tools/addpackage-free.sh
+++ b/modules/cvs/files/admin-tools/addpackage-free.sh
@@ -36,9 +36,6 @@ print_spacer () {
return 0
}
-update_packagers_list () {
- curl -k https://rfsystem:GjeT5_r3Fp+@fas.rpmfusion.org/accounts/group/dump/cvsextras -o $users &>/dev/null
-}
@@ -65,7 +62,7 @@ print_spacer
echo
# Check owner membership
-update_packagers_list
+get_packagers_list
FASNAME=`egrep $OWNERS $users|cut -d"," -f1|| echo "0"`
if [ -z $FASNAME ] ; then
echo -e "\nERROR: Owner [$OWNERS] not in packager membership or not in FAS."
diff --git a/modules/cvs/files/admin-tools/addpackage-nonfree.sh b/modules/cvs/files/admin-tools/addpackage-nonfree.sh
index 9724853..9d6e411 100755
--- a/modules/cvs/files/admin-tools/addpackage-nonfree.sh
+++ b/modules/cvs/files/admin-tools/addpackage-nonfree.sh
@@ -36,9 +36,6 @@ print_spacer () {
return 0
}
-update_packagers_list () {
- curl -k https://rfsystem:GjeT5_r3Fp+@fas.rpmfusion.org/accounts/group/dump/cvsextras -o $users &>/dev/null
-}
@@ -65,7 +62,7 @@ print_spacer
echo
# Check owner membership
-update_packagers_list
+get_packagers_list
FASNAME=`egrep $OWNERS $users|cut -d"," -f1|| echo "0"`
if [ -z $FASNAME ] ; then
echo -e "\nERROR: Owner [$OWNERS] not in packager membership or not in FAS."
12 years, 3 months
[puppet] Rebuild cvs module.
by Xavier Lamien
commit 882627ef0623c78663d2f9996678442a33e2af37
Author: Xavier Lamien <laxathom(a)lxtnow.net>
Date: Thu Sep 6 22:05:04 2012 +0200
Rebuild cvs module.
modules/cvs/files/admin-tools/addpackage-free.sh | 155 +++++++++
.../cvs/files/admin-tools/addpackage-nonfree.sh | 158 +++++++++
.../cvs/files/admin-tools/mkbranchwrapper-free.sh | 57 ++++
.../files/admin-tools/mkbranchwrapper-nonfree.sh | 60 ++++
modules/cvs/files/admin-tools/remove-pkgs.sh | 114 +++++++
.../cvs/files/admin-tools/setup_package-free.sh | 181 ++++++++++
.../cvs/files/admin-tools/setup_package-nonfree.sh | 181 ++++++++++
modules/cvs/files/admin-tools/update-acls.sh | 75 +++++
modules/cvs/files/web/cvs.rpmfusion.org | 19 +
modules/cvs/files/web/upload.cgi | 236 +++++++++++++
modules/cvs/files/web/viewvc.conf | 351 ++++++++++++++++++++
modules/cvs/manifest/init.pp | 269 ++++++++-------
12 files changed, 1735 insertions(+), 121 deletions(-)
---
diff --git a/modules/cvs/files/admin-tools/addpackage-free.sh b/modules/cvs/files/admin-tools/addpackage-free.sh
new file mode 100755
index 0000000..77997c4
--- /dev/null
+++ b/modules/cvs/files/admin-tools/addpackage-free.sh
@@ -0,0 +1,155 @@
+#!/bin/sh
+
+
+MKBRANCHWRAPPER=/usr/local/bin/mkbranchwrapper-free
+users=`mktemp`
+
+parse_line () {
+ read REQUEST
+
+ POS=`expr "$REQUEST" : "$1: "`
+
+ if [ $POS -gt 0 ]; then
+ RESULT=${REQUEST:$POS}
+ # Strip leading whitespace
+ RESULT=`echo "$RESULT" | sed "s/^ *//"`
+ return 0
+ else
+ echo "NOTICE: No $1 provided."
+ RESULT=""
+ return 1
+ fi
+}
+
+find_package () {
+ if [ $1 -a $2 ] ; then
+ grep -q "|$1" $2 && RESULT=`grep -n -m1 "|$1" $2 | sed -e "s/:.*//"` && return 0
+ find_package `expr substr $1 1 \( length $1 - 1 \)` $2
+ else
+ RESULT=0
+ return 1
+ fi
+}
+
+print_spacer () {
+ echo "======================================================================="
+ return 0
+}
+
+update_packagers_list () {
+ curl -k https://rfsystem:GjeT5_r3Fp+@fas.rpmfusion.org/accounts/group/dump/cvsextras -o $users &>/dev/null
+}
+
+
+
+# Sanity check
+if [ -f owners.list ] && [ -d CVS ]; then
+ :
+else
+ echo "ERROR: addpackage must be run from the directory of a checked out 'owners' module."
+ exit 1
+fi
+
+echo Copy\'n\'paste request lines here:
+print_spacer
+
+parse_line "Package Name" && PACKAGE=$RESULT || BAD_REQUEST=1
+parse_line "Short Description" && DESCRIPTION=$RESULT || BAD_REQUEST=1
+parse_line "Owners" && OWNERS=$RESULT || BAD_REQUEST=1
+parse_line "Branches" && BRANCHES=$RESULT || :
+parse_line "InitialCC" && INITCC=$RESULT || :
+print_spacer
+
+[ $BAD_REQUEST ] && echo Bad or incomplete CVS request. && exit 1
+
+echo
+
+# Check owner membership
+update_packagers_list
+FASNAME=`egrep $OWNERS $users|cut -d"," -f1|| echo "0"`
+if [ -z $FASNAME ] ; then
+ echo -e "\nERROR: Owner [$OWNERS] not in packager membership or not in FAS."
+ rm -f $users
+ exit 1
+fi
+
+PKG_LINE="|$PACKAGE|$DESCRIPTION|$OWNERS||$INITCC"
+print_spacer
+echo "Fedora$PKG_LINE"
+print_spacer
+
+[ `expr index "$OWNERS" " "` -gt 0 ] && echo !! Owners list contains space
+grep "|$PACKAGE|" owners.*list && echo !! Package $PACKAGE already in owners.list && ( grep "$PKG_LINE" owners.*list || echo !! But entry is different )
+
+echo Check, Copy and then press Enter to edit owners.list
+read
+find_package $PACKAGE owners.list
+vim +$RESULT owners.list
+
+EPEL=`expr "$BRANCHES" : ".*EL-"`
+if [ $EPEL -gt 0 ]; then
+ print_spacer
+ echo "Fedora EPEL$PKG_LINE"
+ print_spacer
+ echo Check, Copy and then press Enter to edit owners.epel.list
+ read
+ find_package $PACKAGE owners.epel.list
+ vim +$RESULT owners.epel.list
+fi
+
+cvs update
+cvs diff -u |less
+cvs ci -m "Set owner [$OWNERS] to $PACKAGE"
+
+# Strip out commas
+BRANCHES=${BRANCHES//,/ }
+# and devel branch
+BRANCHES=${BRANCHES/devel/}
+echo Branches: $BRANCHES
+
+CHKBRANCHES=$BRANCHES
+for br in FC-6 F-7 F-8 F-9 F-10 F-11 F-12 F-13 EL-4 EL-5; do
+ CHKBRANCHES=`echo $CHKBRANCHES | sed -e "s/$br *//"`
+done
+if [ "$CHKBRANCHES" -a \( `expr length "$CHKBRANCHES"` -ne `expr "$CHKBRANCHES" : " *"` \) ]; then
+ echo !! Unexpected string in branches requested: $CHKBRANCHES
+ echo "Fix: $MKBRANCHWRAPPER $PACKAGE $BRANCHES"
+ echo "Fix: Also, you will have to manually update Acls on new packages"
+ exit 1
+fi
+
+print_spacer
+echo Run: $MKBRANCHWRAPPER $PACKAGE $BRANCHES
+echo Check, then press Enter
+print_spacer
+
+read
+
+if [ -x $MKBRANCHWRAPPER ]; then
+ echo -e "o Setting up CVS branches...\c"
+ $MKBRANCHWRAPPER $PACKAGE $BRANCHES
+fi
+
+avail_file="/cvs/free/CVSROOT/avail"
+
+## Set ACLs on related package(s) ****I will hack a better one once i'll have more time, sorry****
+echo -e "o Setting up ACLs...\c"
+sleep 2
+for brs in $BRANCHES devel ; do
+echo "avail | $FASNAME | rpms/$PACKAGE/$brs" >> $avail_file && echo -e "\t\t [ OK ]"
+done
+
+## Fix permissions on modules and tags if there're not already.
+if [ `ls -ld /cvs/free/rpms/$PACKAGE|awk '{print $4}'` != "cvsextras" ] ; then
+ echo -e "o Setting up permission...\c"
+ sleep 2
+ chown -Rh :cvsextras /cvs/free/rpms/$PACKAGE
+ chmod g+s /cvs/free/rpms/$PACKAGE
+elif [ `ls -ld /cvs/free/tags|awk '{print $4}'` != "cvsextras" ] ; then
+ echo -e "o Setting up permission...\c"
+ chown -R :cvsextras /cvs/free/rpms/tags \
+ && echo -e "\t\t [ OK ]"
+fi
+
+# Clean up
+rm -f $users
diff --git a/modules/cvs/files/admin-tools/addpackage-nonfree.sh b/modules/cvs/files/admin-tools/addpackage-nonfree.sh
new file mode 100755
index 0000000..9724853
--- /dev/null
+++ b/modules/cvs/files/admin-tools/addpackage-nonfree.sh
@@ -0,0 +1,158 @@
+#!/bin/bash
+
+
+MKBRANCHWRAPPER=/usr/local/bin/mkbranchwrapper-nonfree
+users=`mktemp`
+
+parse_line () {
+ read REQUEST
+
+ POS=`expr "$REQUEST" : "$1: "`
+
+ if [ $POS -gt 0 ]; then
+ RESULT=${REQUEST:$POS}
+ # Strip leading whitespace
+ RESULT=`echo "$RESULT" | sed "s/^ *//"`
+ return 0
+ else
+ echo "NOTICE: No $1 provided."
+ RESULT=""
+ return 1
+ fi
+}
+
+find_package () {
+ if [ $1 -a $2 ]; then
+ grep -q "|$1" $2 && RESULT=`grep -n -m1 "|$1" $2 | sed -e "s/:.*//"` && return 0
+ find_package `expr substr $1 1 \( length $1 - 1 \)` $2
+ else
+ RESULT=0
+ return 1
+ fi
+}
+
+print_spacer () {
+ echo "======================================================================="
+ return 0
+}
+
+update_packagers_list () {
+ curl -k https://rfsystem:GjeT5_r3Fp+@fas.rpmfusion.org/accounts/group/dump/cvsextras -o $users &>/dev/null
+}
+
+
+
+# Sanity check
+if [ -f owners.list ] && [ -d CVS ]; then
+ :
+else
+ echo "ERROR: addpackage must be run from the directory of a checked out 'owners' module."
+ exit 1
+fi
+
+echo Copy\'n\'paste request lines here:
+print_spacer
+
+parse_line "Package Name" && PACKAGE=$RESULT || BAD_REQUEST=1
+parse_line "Short Description" && DESCRIPTION=$RESULT || BAD_REQUEST=1
+parse_line "Owners" && OWNERS=$RESULT || BAD_REQUEST=1
+parse_line "Branches" && BRANCHES=$RESULT || :
+parse_line "InitialCC" && INITCC=$RESULT || :
+print_spacer
+
+[ $BAD_REQUEST ] && echo Bad or incomplete CVS request. && exit 1
+
+echo
+
+# Check owner membership
+update_packagers_list
+FASNAME=`egrep $OWNERS $users|cut -d"," -f1|| echo "0"`
+if [ -z $FASNAME ] ; then
+ echo -e "\nERROR: Owner [$OWNERS] not in packager membership or not in FAS."
+ rm -f $users
+ exit 1
+fi
+
+PKG_LINE="|$PACKAGE|$DESCRIPTION|$OWNERS|qa(a)rpmfusion.org|$INITCC"
+print_spacer
+echo "Fedora$PKG_LINE"
+print_spacer
+
+[ `expr index "$OWNERS" " "` -gt 0 ] && echo !! Owners list contains space
+grep "|$PACKAGE|" owners.*list && echo !! Package $PACKAGE already in owners.list && ( grep "$PKG_LINE" owners.*list || echo !! But entry is different )
+
+echo Check, Copy and then press Enter to edit owners.list
+read
+find_package $PACKAGE owners.list
+vim +$RESULT owners.list
+
+EPEL=`expr "$BRANCHES" : ".*EL-"`
+if [ $EPEL -gt 0 ]; then
+ print_spacer
+ echo "Fedora EPEL$PKG_LINE"
+ print_spacer
+ echo Check, Copy and then press Enter to edit owners.epel.list
+ read
+ find_package $PACKAGE owners.epel.list
+ vim +$RESULT owners.epel.list
+fi
+
+cvs update
+cvs diff -u |less
+cvs ci -m "Set owner [$OWNERS] to $PACKAGE"
+
+# Strip out commas
+BRANCHES=${BRANCHES//,/ }
+# and devel branch
+BRANCHES=${BRANCHES/devel/}
+echo Branches: $BRANCHES
+
+CHKBRANCHES=$BRANCHES
+for br in FC-6 F-7 F-8 F-9 F-10 F-11 F-12 F-13 EL-4 EL-5; do
+ CHKBRANCHES=`echo $CHKBRANCHES | sed -e "s/$br *//"`
+done
+if [ "$CHKBRANCHES" -a \( `expr length "$CHKBRANCHES"` -ne `expr "$CHKBRANCHES" : " *"` \) ]; then
+ echo !! Unexpected string in branches requested: $CHKBRANCHES
+ echo "Fix: --> run : $MKBRANCHWRAPPER $PACKAGE $BRANCHES"
+ echo "Fix: Also, you will have to manually update Acls on new packages"
+ exit 1
+fi
+
+print_spacer
+echo Run: $MKBRANCHWRAPPER $PACKAGE $BRANCHES
+echo Check, then press Enter
+print_spacer
+
+read
+
+if [ -x $MKBRANCHWRAPPER ]; then
+ echo -e 'o Setting up CVS branches...\c'
+ $MKBRANCHWRAPPER $PACKAGE $BRANCHES
+fi
+
+avail_file="/cvs/nonfree/CVSROOT/avail"
+
+## Set ACLs on related package(s) ****I will hack a better one once i'll have more time, sorry****
+echo -e 'o Setting up ACLs...\c'
+sleep 2
+for brs in $BRANCHES devel ; do
+echo "avail | $FASNAME | rpms/$PACKAGE/$brs" >> $avail_file && echo -e "\t\t [ OK ]"
+done
+
+## Fix permissions on modules and tags if there're not already.
+CHK_GROUP=`ls -ld /cvs/nonfree/rpms/$PACKAGE|awk '{print $4}'`
+CHK_TAG=`ls -ld /cvs/nonfree/tags|awk '{print $4}'`
+
+if [ "$CHK_GROUP" != "cvsextras" ] ; then
+ echo -e 'o Setting up permission...\c'
+ sleep 2
+ chown -Rh :cvsextras /cvs/nonfree/rpms/$PACKAGE
+ chmod g+s /cvs/nonfree/rpms/$PACKAGE
+elif [ "$CHK_TAG" != "cvsextras" ] ; then
+ echo -e 'o Setting up permission...\c'
+ chown -R :cvsextras /cvs/nonfree/rpms/tags \
+ && echo -e "\t\t [ OK ]"
+fi
+
+# Clean up
+rm -f $users
diff --git a/modules/cvs/files/admin-tools/mkbranchwrapper-free.sh b/modules/cvs/files/admin-tools/mkbranchwrapper-free.sh
new file mode 100755
index 0000000..90108ac
--- /dev/null
+++ b/modules/cvs/files/admin-tools/mkbranchwrapper-free.sh
@@ -0,0 +1,57 @@
+#!/bin/bash
+
+OLD_BRANCHES="FC-6 F-7 F-8 F-9 F-10 F-11 F-12 F-13 F-14"
+VALID_BRANCHES="F-15 F-16 F-17 F-18 EL-4 EL-5 EL-6"
+BRANCHER=/cvs/free/CVSROOT/mkbranch-free
+
+BRANCHES=""
+PACKAGES=""
+
+which setup_package > /dev/null
+if [ $? -ne 0 ]; then
+ echo "ERROR: 'setup_package' is not in the path."
+ exit 255
+fi
+
+for arg in $@; do
+ # ignore "devel"
+ [ "$arg" == "devel" ] && continue
+ # correct some common mistakes
+ [ "$arg" == "FC-7" ] && arg="F-7"
+ [ "$arg" == "FC7" ] && arg="F-7"
+ [ "$arg" == "EL4" ] && arg="EL-4"
+ [ "$arg" == "EL5" ] && arg="EL-5"
+ [ "$arg" == "EPEL-4" ] && arg="EL-4"
+ [ "$arg" == "EPEL-5" ] && arg="EL-5"
+ [ "$arg" == "FC6" ] && arg="FC-6"
+
+ for branch in $VALID_BRANCHES; do
+ if [ "$branch" == "$arg" ]; then
+ BRANCHES="$BRANCHES $arg"
+ continue 2
+ fi
+ done
+ PACKAGES="$PACKAGES $arg"
+done
+
+echo "branches=$BRANCHES"
+echo "packages=$PACKAGES"
+
+for package in $PACKAGES; do
+ if [ ! -d /cvs/free/rpms/$package ]; then
+ setup_package-free $package
+ fi
+done
+
+for branch in $BRANCHES; do
+ for package in $PACKAGES; do
+ BRANCHFROM=""
+ if [ "$branch" == "EL-4" ] && [ -d /cvs/free/rpms/$package/FC-3 ]; then
+ BRANCHFROM="-s FC-3"
+ fi
+ if [ "$branch" == "EL-5" ] && [ -d /cvs/free/rpms/$package/FC-6 ]; then
+ BRANCHFROM="-s FC-6"
+ fi
+ $BRANCHER $BRANCHFROM $branch $package
+ done
+done
diff --git a/modules/cvs/files/admin-tools/mkbranchwrapper-nonfree.sh b/modules/cvs/files/admin-tools/mkbranchwrapper-nonfree.sh
new file mode 100755
index 0000000..1cf110a
--- /dev/null
+++ b/modules/cvs/files/admin-tools/mkbranchwrapper-nonfree.sh
@@ -0,0 +1,60 @@
+#!/bin/bash
+
+OLD_BRANCHES="FC-6 F-7 F-8 F-9 F-10 F-11 F-12 F-13 F-14"
+VALID_BRANCHES="F-15 F-16 F-17 F-18 EL-4 EL-5 EL-6"
+BRANCHER=/cvs/nonfree/CVSROOT/mkbranch-nonfree
+
+BRANCHES=""
+PACKAGES=""
+
+which setup_package > /dev/null
+if [ $? -ne 0 ]; then
+ echo "ERROR: 'setup_package' is not in the path."
+ exit 255
+fi
+
+for arg in $@; do
+ # ignore "devel"
+ [ "$arg" == "devel" ] && continue
+ # correct some common mistakes
+ [ "$arg" == "FC-9" ] && arg="F-9"
+ [ "$arg" == "FC-8" ] && arg="F-8"
+ [ "$arg" == "FC-7" ] && arg="F-7"
+ [ "$arg" == "FC7" ] && arg="F-7"
+ [ "$arg" == "EL4" ] && arg="EL-4"
+ [ "$arg" == "EL5" ] && arg="EL-5"
+ [ "$arg" == "EPEL-4" ] && arg="EL-4"
+ [ "$arg" == "EPEL-5" ] && arg="EL-5"
+ [ "$arg" == "FC6" ] && arg="FC-6"
+
+ for branch in $VALID_BRANCHES; do
+ if [ "$branch" == "$arg" ]; then
+ BRANCHES="$BRANCHES $arg"
+ continue 2
+ fi
+ done
+ PACKAGES="$PACKAGES $arg"
+done
+
+echo "branches=$BRANCHES"
+echo "packages=$PACKAGES"
+
+for package in $PACKAGES; do
+ if [ ! -d /cvs/nonfree/rpms/$package ]; then
+ setup_package-nonfree $package
+ fi
+done
+
+for branch in $BRANCHES; do
+ for package in $PACKAGES; do
+ BRANCHFROM=""
+ if [ "$branch" == "EL-4" ] && [ -d /cvs/nonfree/rpms/$package/FC-3 ]; then
+ BRANCHFROM="-s FC-3"
+ fi
+ if [ "$branch" == "EL-5" ] && [ -d /cvs/nonfree/rpms/$package/FC-6 ]; then
+ BRANCHFROM="-s FC-6"
+ fi
+ $BRANCHER $BRANCHFROM $branch $package
+ #update_acl_on nonfree $branch $package $owner
+ done
+done
diff --git a/modules/cvs/files/admin-tools/remove-pkgs.sh b/modules/cvs/files/admin-tools/remove-pkgs.sh
new file mode 100755
index 0000000..df08324
--- /dev/null
+++ b/modules/cvs/files/admin-tools/remove-pkgs.sh
@@ -0,0 +1,114 @@
+#! /bin/sh
+#
+# remove-pkgs.sh - Remove safely packages modules into CVS [sub-]directories
+#
+# Copyright 2008-2012 RPM Fusion.
+# Copyright 2008 Xavier Lamien
+#
+# This software may be freely redistributed under the terms of the GNU
+# public license.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
+# Well here a little poor script to remove safely and quickly modules into CVS directories
+
+
+tempdir=`mktemp -d rpmfusion-cvs.XXXX`
+
+
+usage () {
+ echo "
+Usage:
+ $0 [-t <cvstree>] <package_name>
+
+Remove safely packages modules from CVS [sub-]directories
+
+Options
+-t, --tree Define in which CVS tree [free|nonfree] the package(s) is(are) stored.
+--include-dir Include package(s) module(s) directory(ies) removal.
+-h, --help Print this help.
+"
+ }
+
+checkout () {
+ CVSROOT=/cvs/$1
+ cd $tempdir
+ echo -e "o Checking out Admin files..."
+ cvs -d $CVSROOT -Q co CVSROOT && cd CVSROOT
+ }
+
+del_module () {
+ MODULE=$1
+ # Check if package module is present
+ /bin/egrep "$MODULE" modules >/dev/null
+ if [ $? != "0" ] ; then
+ echo "ERROR: module "$MODULE" is not present"
+ exit -1
+ fi
+ echo -e "o Removing module : $MODULE\c"
+ sleep 2
+ sed -i "/^${MODULE}/d" modules
+ sed -i "s/\&${MODULE}-[A-Z]-[0-9]-dir//g" modules && echo -e "\t\t [ OK ]"
+ cd $tempdir
+ }
+
+del_dir () {
+ PACKAGE=$2
+ CVSROOT=/cvs/$1
+ cvs -d $CVSROOT -Q co rpms/$2 && cd rpms
+ rm -rf $2 && cvs -d $CVSROOT -Q remove $2 && cd $tempdir
+ }
+
+commit () {
+ CVSROOT=/cvs/$1
+ echo -e "o Commiting Changes...\n"
+ echo "===================================================="
+ sleep 2
+ cvs -d $CVSROOT -Qq ci -m "Remove module $2" && \
+ echo "===================================================="
+ }
+
+
+while [ -n "$1" ] ; do
+ case "$1" in
+ -h | --help )
+ shift
+ #print Usage and help command-line
+ usage
+ ;;
+ -t | --tree )
+ shift
+ # Define which cvs tree to check out
+ TREE="$1"
+ if [ -z "$TREE" ] ; then
+ echo "ERROR: --tree requires an argument"
+ exit -1
+ fi
+ ;;
+ --includedir )
+ shift
+ DIRS="1"
+ ;;
+ * )
+ # Define package name to be remove
+ if [ -n "$PACKAGE" ] ; then
+ echo "ERROR: Only one package at time for now, sorry"
+ exist -1
+ fi
+ PACKAGE="$1"
+ checkout $TREE && del_module $PACKAGE
+ if [ "$DIR" = "1" ] ; then
+ del_dir $PACKAGE
+ fi
+ commit $TREE $PACKAGE
+ echo -e "\n"
+ echo -e "o Cleaning temporary working directory..."
+ sleep 2
+ rm -r $tempdir && echo -e "\t\t [ Ok ]"
+ echo "Done"
+ ;;
+ esac
+ shift
+done
diff --git a/modules/cvs/files/admin-tools/setup_package-free.sh b/modules/cvs/files/admin-tools/setup_package-free.sh
new file mode 100755
index 0000000..f0afbbe
--- /dev/null
+++ b/modules/cvs/files/admin-tools/setup_package-free.sh
@@ -0,0 +1,181 @@
+#!/bin/bash
+#
+# Set up a package in the collection.
+# Copyright (C) 2007 Red Hat, Inc.
+# Import a given src.rpm on a given branch
+# Licensed under the new-BSD license (http://www.opensource.org/licenses/bsd-license.php)
+# Copyright (C) 2004-2005 Red Hat, Inc.
+# Copyright (C) 2005 Fedora Foundation
+# Copyright (C) 2008 RPM Fusion
+#
+# $Id: setup_package,v 1.5 2007/03/26 01:56:49 ausil Exp $
+
+# Initial setup
+if [ -d /cvs/free/CVSROOT ]; then
+ # Check if /cvs/extras is local
+ CVSROOT=/cvs/free
+else
+ # If /cvs/extras is not local, assume ssh
+ CVSROOT=":ext:cvs.rpmfusion.org:/cvs/free"
+fi
+export CVSROOT
+
+TOPLEVEL=${TOPLEVEL:=rpms}
+
+# We need a writable directory for temporary checkouts and CVS work
+WORKDIR="/tmp"
+if test -w $(pwd) ; then
+ WORKDIR="$(pwd)"
+fi
+
+# short usage help
+Usage() {
+ cat <<EOF
+Usage:
+
+ $0 <package> [<specfile>]
+
+Sets up a package in the collection.
+CVSROOT = $CVSROOT
+
+EOF
+ exit 1
+}
+
+# Parse arguments
+while [ -n "$1" ] ; do
+ case "$1" in
+ # the always helpful help message
+ -h | --help )
+ Usage
+ exit 0
+ ;;
+ *)
+ PACKAGE="$1"
+ shift
+ SPEC="$1"
+ shift
+ esac
+done
+
+if [ -z "$PACKAGE" ] ; then
+ echo "Package name required!"
+ Usage
+ exit 0
+fi
+
+if [ -z "$SPEC" ]; then
+ SPEC=$PACKAGE.spec
+fi
+
+# all well
+echo "NEW PACKAGE: $PACKAGE"
+CVS="cvs -d $CVSROOT"
+
+# Grab a temp dir
+TMPDIR=$(mktemp -d $WORKDIR/tmpcvsXXXXXX)
+trap "rm -rf $TMPDIR" 0 9 15
+
+echo "Checking out the modules file..."
+cd $TMPDIR
+$CVS -Q checkout modules || {
+ echo "ERROR: Could not check out the CVSROOT from $CSVROOT"
+ exit 1
+}
+# keep a reference to this checkout
+MODDIR="$TMPDIR/modules"
+
+# A cleanup function that can be called from random places
+CleanUp() {
+ exit 1
+ if [ -n "$LOGFILE" ] ; then
+ rm -f $LOGFILE
+ fi
+ cd ${WORKDIR}
+ rm -rf $TMPDIR
+ echo
+}
+
+# First, make sure we track this package accordingly
+cd $MODDIR
+cvs -Q update modules
+
+# Figure out if we need to import a new module
+if [ -z "$(grep ""^$PACKAGE[[:space:]]"" modules 2>/dev/null)" ] ; then
+ # This is a new module, it does not exist
+ cvs -Q update modules && \
+ echo "Creating new module: $PACKAGE" && \
+ echo -e "$PACKAGE\t\t$TOPLEVEL/$PACKAGE &common" >> modules && \
+ cvs -Q commit -m "Added new module: $PACKAGE" >/dev/null || exit 1
+else
+ echo "Module '$PACKAGE' already exists..."
+fi
+ {
+ # Create a new module
+ pushd $TMPDIR >/dev/null
+ $CVS -Q checkout -l $TOPLEVEL
+ cd $TOPLEVEL >/dev/null
+ mkdir -p $PACKAGE/devel && \
+ cvs -Q add $PACKAGE $PACKAGE/devel
+ # handle the top level stuff
+ cd $PACKAGE
+ touch pkg.acl
+ touch import.log
+ if [ ! -f Makefile ]; then
+ cat >Makefile <<EOF
+# Top level Makefile for module $PACKAGE
+all : CVS/Root common-update
+ @cvs update
+
+common-update : common
+ @cd common && cvs update
+
+common : CVS/Root
+ @cvs checkout common
+
+CVS/Root :
+ @echo "ERROR: This does not look like a CVS checkout" && exit 1
+
+clean :
+ @find . -type f -name *~ -exec rm -fv {} \;
+EOF
+ fi
+ cvs -Q add Makefile import.log pkg.acl
+ # handle the module build
+ cd devel
+ touch sources .cvsignore
+ if [ ! -f Makefile ]; then
+ cat >Makefile <<EOF
+# Makefile for source rpm: $PACKAGE
+# \$Id\$
+NAME := $PACKAGE
+SPECFILE = \$(firstword \$(wildcard *.spec))
+
+define find-makefile-common
+for d in common ../common ../../common ; do if [ -f \$\$d/Makefile.common ] ; then if [ -f \$\$d/CVS/Root -a -w \$\$/Makefile.common ] ; then cd \$\$d ; cvs -Q update ; fi ; echo "\$\$d/Makefile.common" ; break ; fi ; done
+endef
+
+MAKEFILE_COMMON := \$(shell \$(find-makefile-common))
+
+ifeq (\$(MAKEFILE_COMMON),)
+# attept a checkout
+define checkout-makefile-common
+test -f CVS/Root && { cvs -Q -d \$\$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2
+endef
+
+MAKEFILE_COMMON := \$(shell \$(checkout-makefile-common))
+endif
+
+include \$(MAKEFILE_COMMON)
+EOF
+ fi
+ cvs -Q add Makefile sources .cvsignore
+ # commit all the added stuff
+ cd .. && cvs -Q commit -m "Setup of module $PACKAGE" >/dev/null
+ popd >/dev/null
+ rm -rf $TMPDIR/$TOPLEVEL
+ } && echo "Entry for module '$PACKAGE' created."
+
+# Clean up
+CleanUp
+
diff --git a/modules/cvs/files/admin-tools/setup_package-nonfree.sh b/modules/cvs/files/admin-tools/setup_package-nonfree.sh
new file mode 100755
index 0000000..10149c1
--- /dev/null
+++ b/modules/cvs/files/admin-tools/setup_package-nonfree.sh
@@ -0,0 +1,181 @@
+#!/bin/bash
+#
+# Set up a package in the collection.
+# Copyright (C) 2007 Red Hat, Inc.
+# Import a given src.rpm on a given branch
+# Licensed under the new-BSD license (http://www.opensource.org/licenses/bsd-license.php)
+# Copyright (C) 2004-2005 Red Hat, Inc.
+# Copyright (C) 2005 Fedora Foundation
+# Copyright (C) 2008 RPM Fusion
+#
+# $Id: setup_package,v 1.5 2007/03/26 01:56:49 ausil Exp $
+
+# Initial setup
+if [ -d /cvs/nonfree/CVSROOT ]; then
+ # Check if /cvs/extras is local
+ CVSROOT=/cvs/nonfree
+else
+ # If /cvs/extras is not local, assume ssh
+ CVSROOT=":ext:cvs.rpmfusion.org:/cvs/nonfree"
+fi
+export CVSROOT
+
+TOPLEVEL=${TOPLEVEL:=rpms}
+
+# We need a writable directory for temporary checkouts and CVS work
+WORKDIR="/tmp"
+if test -w $(pwd) ; then
+ WORKDIR="$(pwd)"
+fi
+
+# short usage help
+Usage() {
+ cat <<EOF
+Usage:
+
+ $0 <package> [<specfile>]
+
+Sets up a package in the collection.
+CVSROOT = $CVSROOT
+
+EOF
+ exit 1
+}
+
+# Parse arguments
+while [ -n "$1" ] ; do
+ case "$1" in
+ # the always helpful help message
+ -h | --help )
+ Usage
+ exit 0
+ ;;
+ *)
+ PACKAGE="$1"
+ shift
+ SPEC="$1"
+ shift
+ esac
+done
+
+if [ -z "$PACKAGE" ] ; then
+ echo "Package name required!"
+ Usage
+ exit 0
+fi
+
+if [ -z "$SPEC" ]; then
+ SPEC=$PACKAGE.spec
+fi
+
+# all well
+echo "NEW PACKAGE: $PACKAGE"
+CVS="cvs -d $CVSROOT"
+
+# Grab a temp dir
+TMPDIR=$(mktemp -d $WORKDIR/tmpcvsXXXXXX)
+trap "rm -rf $TMPDIR" 0 9 15
+
+echo "Checking out the modules file..."
+cd $TMPDIR
+$CVS -Q checkout modules || {
+ echo "ERROR: Could not check out the CVSROOT from $CSVROOT"
+ exit 1
+}
+# keep a reference to this checkout
+MODDIR="$TMPDIR/modules"
+
+# A cleanup function that can be called from random places
+CleanUp() {
+ exit 1
+ if [ -n "$LOGFILE" ] ; then
+ rm -f $LOGFILE
+ fi
+ cd ${WORKDIR}
+ rm -rf $TMPDIR
+ echo
+}
+
+# First, make sure we track this package accordingly
+cd $MODDIR
+cvs -Q update modules
+
+# Figure out if we need to import a new module
+if [ -z "$(grep ""^$PACKAGE[[:space:]]"" modules 2>/dev/null)" ] ; then
+ # This is a new module, it does not exist
+ cvs -Q update modules && \
+ echo "Creating new module: $PACKAGE" && \
+ echo -e "$PACKAGE\t\t$TOPLEVEL/$PACKAGE &common" >> modules && \
+ cvs -Q commit -m "Added new module: $PACKAGE" >/dev/null || exit 1
+else
+ echo "Module '$PACKAGE' already exists..."
+fi
+ {
+ # Create a new module
+ pushd $TMPDIR >/dev/null
+ $CVS -Q checkout -l $TOPLEVEL
+ cd $TOPLEVEL >/dev/null
+ mkdir -p $PACKAGE/devel && \
+ cvs -Q add $PACKAGE $PACKAGE/devel
+ # handle the top level stuff
+ cd $PACKAGE
+ touch pkg.acl
+ touch import.log
+ if [ ! -f Makefile ]; then
+ cat >Makefile <<EOF
+# Top level Makefile for module $PACKAGE
+all : CVS/Root common-update
+ @cvs update
+
+common-update : common
+ @cd common && cvs update
+
+common : CVS/Root
+ @cvs checkout common
+
+CVS/Root :
+ @echo "ERROR: This does not look like a CVS checkout" && exit 1
+
+clean :
+ @find . -type f -name *~ -exec rm -fv {} \;
+EOF
+ fi
+ cvs -Q add Makefile import.log pkg.acl
+ # handle the module build
+ cd devel
+ touch sources .cvsignore
+ if [ ! -f Makefile ]; then
+ cat >Makefile <<EOF
+# Makefile for source rpm: $PACKAGE
+# \$Id\$
+NAME := $PACKAGE
+SPECFILE = \$(firstword \$(wildcard *.spec))
+
+define find-makefile-common
+for d in common ../common ../../common ; do if [ -f \$\$d/Makefile.common ] ; then if [ -f \$\$d/CVS/Root -a -w \$\$/Makefile.common ] ; then cd \$\$d ; cvs -Q update ; fi ; echo "\$\$d/Makefile.common" ; break ; fi ; done
+endef
+
+MAKEFILE_COMMON := \$(shell \$(find-makefile-common))
+
+ifeq (\$(MAKEFILE_COMMON),)
+# attept a checkout
+define checkout-makefile-common
+test -f CVS/Root && { cvs -Q -d \$\$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2
+endef
+
+MAKEFILE_COMMON := \$(shell \$(checkout-makefile-common))
+endif
+
+include \$(MAKEFILE_COMMON)
+EOF
+ fi
+ cvs -Q add Makefile sources .cvsignore
+ # commit all the added stuff
+ cd .. && cvs -Q commit -m "Setup of module $PACKAGE" >/dev/null
+ popd >/dev/null
+ rm -rf $TMPDIR/$TOPLEVEL
+ } && echo "Entry for module '$PACKAGE' created."
+
+# Clean up
+CleanUp
+
diff --git a/modules/cvs/files/admin-tools/update-acls.sh b/modules/cvs/files/admin-tools/update-acls.sh
new file mode 100755
index 0000000..42ea181
--- /dev/null
+++ b/modules/cvs/files/admin-tools/update-acls.sh
@@ -0,0 +1,75 @@
+#!/bin/sh
+#
+# update-acls.sh - Update ACL within the given packages name from cvs tree.
+#
+# Copyright 2009-2012 RPM Fusion.
+# Copyright 2009 Xavier Lamien
+#
+# This software may be freely redistributed under the terms of the GNU
+# public license.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
+. /etc/rpmfusion/cvs-function
+
+usage () {
+ echo "Usage:
+ $0 -t <cvstree> <package_name> '<branch>' <owner,owner2>
+
+Update CVS ACLs on related packages
+
+Options
+-t, --tree Define in which CVS tree [free|nonfree] the package(s) is(are) stored.
+-h, --help Print this help.
+
+Note: make sure to enclose branches arguments if you intend to request more than one.
+Note2: owner field is FAS login not email's
+"
+}
+
+
+while [ -n "$1" ] ; do
+ case "$1" in
+ -h | --help )
+ shift
+ #print Usage and help command-line
+ usage
+ ;;
+ -t | --tree )
+ shift
+ # Define which cvs tree to check out
+ TREE="$1"
+ if [ -z "$TREE" ] ; then
+ echo "ERROR: --tree requires an argument"
+ exit -1
+ fi
+ ;;
+ * )
+ # Define package name & branches to be added
+ PACKAGE="$1"
+ OWNER="$3"
+ BRANCH="$2"
+ if [ -z "$OWNER" ]; then
+ #echo -e "ERROR: no owner has been given, exiting."
+ exit 1
+ fi
+ # Check owner membership
+ #update_packagers_list
+ get_fasname $OWNER
+ #FASNAME=`egrep $OWNERS $users|cut -d"," -f1|| echo "0"`
+ #FASNAME=`get_fasname`
+ if [ ! "$FASNAME" == "$OWNER" ] ; then
+ echo -e "\nERROR: Owner [$OWNERS] not in packager membership or not in FAS."
+
+ exit 1
+ fi
+
+ for br in $BRANCH; do
+ update_acl_on $TREE $PACKAGE $br $OWNER
+ done
+ ;;
+ esac
+ shift
+done
diff --git a/modules/cvs/files/web/cvs.rpmfusion.org b/modules/cvs/files/web/cvs.rpmfusion.org
new file mode 100644
index 0000000..f6dde30
--- /dev/null
+++ b/modules/cvs/files/web/cvs.rpmfusion.org
@@ -0,0 +1,19 @@
+<VirtualHost *:80>
+ ServerName cvs.rpmfusion.org
+ DocumentRoot /srv/web/viewvc
+
+ ScriptAlias /viewvc /srv/web/viewvc/bin/cgi/viewvc.cgi
+ <LocationMatch "^/$">
+ RedirectPermanent / http://cvs.rpmfusion.org/viewvc/
+ </LocationMatch>
+
+ ErrorLog logs/cvs.rpmfusion.org-error_log
+ CustomLog logs/cvs.rpmfusion.org-access_log combined
+
+ <Location "/srv/web/viewvc/bin/cgi/viewvc.cgi">
+ SetHandler cgi-script
+ Options ExecCGI
+ Order Allow,Deny
+ Allow from all
+ </Location>
+</VirtualHost>
diff --git a/modules/cvs/files/web/upload.cgi b/modules/cvs/files/web/upload.cgi
new file mode 100755
index 0000000..bcbbd63
--- /dev/null
+++ b/modules/cvs/files/web/upload.cgi
@@ -0,0 +1,236 @@
+#!/usr/bin/python
+#
+# CGI script to handle file updates for the rpms CVS repository. There
+# is nothing really complex here other than tedious checking of our
+# every step along the way...
+#
+# $Id: upload.cgi,v 1.10 2005/04/15 23:44:24 gafton Exp $
+
+import os
+import sys
+import cgi
+import stat
+import md5
+import tempfile
+import StringIO
+import grp
+
+#sys.path.append('/varfedora-accounts')
+#import website
+
+# reading buffer size
+BUFFER_SIZE = 4096
+
+# Debugging version
+DEBUG = 0
+
+# We check modules exist from this dircetory
+#CVSREPO_FREE = "/cvs/free/rpms"
+#CVSREPO_NONFREE = "/cvs/nonfree/rpms"
+
+#do_userdb_auth = 1
+
+# log a trace of what we're doing
+def log_msg(*msgs):
+ s = StringIO.StringIO()
+ for m in msgs:
+ s.write("%s " % (m,))
+ sys.stderr.write("%s\n" % (s.getvalue(),))
+ del s
+
+os.umask(002)
+
+# log the entire environment
+def log_environ():
+ for k in os.environ.keys():
+ log_msg("%s=%s" % (k, os.environ[k]))
+ return
+
+# abort running the script
+def send_error(text):
+ print "Content-type: text/plain\n"
+ print text
+ sys.exit(1)
+
+# prepare to exit graciously
+def send_ok(text):
+ print "Content-type: text/plain\n"
+ if text:
+ print text
+
+# check and validate that all the fields are present
+def check_form(var):
+ if not form.has_key(var):
+ send_error("required field '%s' is not present" % (var,))
+ ret = form.getvalue(var)
+ if type(ret) == type([]):
+ send_error("Multiple values given for '%s'. Aborting" % (var,))
+ ret = os.path.basename(ret) # this is a path component
+ return ret
+
+# if a directory exists, check that it has the proper permissions
+def check_dir(tmpdir, wok = os.W_OK):
+ if not os.access(tmpdir, os.F_OK):
+ return 0
+ if not os.access(tmpdir, os.R_OK|os.X_OK|wok):
+ send_error("Unable to write to %s repository." % (
+ tmpdir,))
+ if not os.path.isdir(tmpdir):
+ send_error("Path %s is not a directory." % (tmpdir,))
+ return 1
+
+#
+# MAIN START
+#
+#if do_userdb_auth:
+# dbh = website.get_dbh()
+#auth_username = auth_password = None
+need_auth = 1
+if os.environ.has_key('SSL_CLIENT_S_DN_CN'):
+ auth_username = os.environ['SSL_CLIENT_S_DN_CN']
+ need_auth = 0
+#elif do_userdb_auth and 0:
+# authtype, authinfo = website.get_http_auth_info()
+#
+# need_auth = 1
+# auth_msg = "Authentication is required."
+#
+# if authinfo:
+# if authtype.lower() == 'basic':
+# need_auth = not website.do_checkpass(dbh, authinfo[0], authinfo[1])
+# auth_username, auth_password = authinfo
+# auth_msg = "Username or password incorrect."
+# else:
+# auth_msg = "Unknown authentication type %s" % authtype
+
+pieces = os.environ['REQUEST_URI'].split('/')
+assert pieces[1] == 'repo'
+#if do_userdb_auth:
+ #need_auth = need_auth or not website.have_group(dbh, auth_username, 'cvs' + pieces[2])
+ #need_auth = need_auth or not website.have_group(dbh, auth_username, 'cvsextras')
+need_auth = need_auth or not auth_username in grp.getgrnam('cvsextras')[3]
+#auth_msg = "You do not have the appropriate authorization to upload. %s %s %s" % (dbh, auth_username, 'cvs' + pieces[2])
+
+if need_auth:
+ print """Status: 403 Unauthorized to access the document
+WWW-authenticate: Basic realm="rpmfusion.org"
+Content-type: text/plain
+
+""" + str(auth_msg)
+ sys.exit(0)
+
+form = cgi.FieldStorage()
+NAME = check_form("name")
+MD5SUM = check_form("md5sum")
+CVSTREE = check_form("tree")
+
+# Set cvs directory on license type packages
+CVSREPO = "/cvs/%s/rpms" % (CVSTREE,)
+
+# Is this a submission or a test?
+# in a test, we don't get a FILE, just a FILENAME.
+# In a submission, we don;t get a FILENAME, just the FILE.
+FILE = None
+FILENAME = None
+if form.has_key("filename"):
+ # check the presence of the file
+ FILENAME = check_form("filename")
+ log_msg("Checking file status",
+ "NAME=%s FILENAME=%s MD5SUM=%s" % (NAME,FILENAME,MD5SUM))
+else:
+ if form.has_key("file"):
+ FILE = form["file"]
+ if not FILE.file:
+ send_error("No file given for upload. Aborting")
+ try:
+ FILENAME = os.path.basename(FILE.filename)
+ except:
+ send_error("Could not extract the filename for upload. Aborting")
+ else:
+ send_error("required field '%s' is not present" % ("file", ))
+ log_msg("Processing upload request",
+ "NAME=%s FILENAME=%s MD5SUM=%s" % (NAME,FILENAME,MD5SUM))
+# Now that all the fields are valid,, figure out our operating environment
+if not os.environ.has_key("SCRIPT_FILENAME"):
+ send_error("My running environment is funky. Aborting")
+
+# start processing this request
+my_script = os.environ["SCRIPT_FILENAME"]
+# the module's top level directory
+my_tree = check_form("tree")
+my_topdir = '/repo/pkgs/%s/' % (my_tree,) #os.path.dirname(my_script)
+my_moddir = "%s/%s" % (my_topdir, NAME)
+my_filedir = "%s/%s" % (my_moddir, FILENAME)
+my_md5dir = "%s/%s" % (my_filedir, MD5SUM)
+
+# first test if the module really exists
+if not check_dir("%s/%s" % (CVSREPO, NAME), 0):
+ log_msg("Unknown module", NAME)
+ send_ok("Module '%s' does not exist!" % (NAME,))
+ sys.exit(-9)
+
+
+# try to see if we already have this file...
+file_dest = "%s/%s/%s/%s/%s" % (my_topdir, NAME, FILENAME, MD5SUM, FILENAME)
+if os.access(file_dest, os.F_OK | os.R_OK):
+ # already there, spare the effort
+ s = os.stat(file_dest)
+ # if we're just checking we need to be rather terse
+ if FILE is None:
+ message = "Available"
+ else:
+ FILE.file.close()
+ message = "File %s already exists\nFile: %s Size: %d" % (
+ FILENAME, file_dest, s[stat.ST_SIZE])
+ send_ok(message)
+ sys.exit(0)
+# just checking?
+if FILE is None:
+ send_ok("Missing")
+ sys.exit(-9)
+
+# check that all directories are in place
+for tmpdir in [ my_topdir, my_moddir, my_filedir, my_md5dir]:
+ if not check_dir(tmpdir):
+ # we agree to create this directory if the corresponding cvs module dir exists
+ if tmpdir == my_moddir:
+ # W_OK access is not necessary for this cgi
+ if check_dir("%s/%s" % (CVSREPO, NAME), 0):
+ os.mkdir(tmpdir, 02775)
+ log_msg("mkdir", tmpdir)
+ continue
+ if tmpdir in [ my_filedir, my_md5dir ]:
+ # don't require those directories just yet
+ continue
+ send_error("Directory %s does not exist and I won't create it" % (tmpdir,))
+
+# grab a temporary filename and dump our file in there
+tempfile.tempdir = my_moddir
+tmpfile = tempfile.mktemp(MD5SUM)
+tmpfd = open(tmpfile, "wb+")
+# now read the whole file in
+m = md5.new()
+FILELENGTH=0
+while 1:
+ s = FILE.file.read(BUFFER_SIZE)
+ if not s:
+ break
+ tmpfd.write(s)
+ m.update(s)
+ FILELENGTH = FILELENGTH + len(s)
+# now we're done reading, check the MD5 sum of what we got
+tmpfd.close()
+my_md5sum = m.hexdigest()
+if MD5SUM != my_md5sum:
+ send_error("MD5 check failed. Received %s instead of %s" % (
+ my_md5sum, MD5SUM))
+# wow, even the MD5SUM matches. make sure full path is valid now
+for tmpdir in [ my_moddir, my_filedir, my_md5dir ]:
+ if not check_dir(tmpdir):
+ os.mkdir(tmpdir, 02775)
+ log_msg("mkdir", tmpdir)
+# and move our file to the final location
+os.rename(tmpfile, file_dest)
+log_msg("Stored filesize", FILELENGTH, file_dest)
+
+send_ok("File %s size %d MD5 %s stored OK" % (FILENAME, FILELENGTH, MD5SUM))
diff --git a/modules/cvs/files/web/viewvc.conf b/modules/cvs/files/web/viewvc.conf
new file mode 100644
index 0000000..723bc3d
--- /dev/null
+++ b/modules/cvs/files/web/viewvc.conf
@@ -0,0 +1,351 @@
+#---------------------------------------------------------------------------
+#
+# Configuration file for ViewVC
+#
+# Information on ViewVC is located at the following web site:
+# http://viewvc.org/
+#
+#---------------------------------------------------------------------------
+
+
+#
+# FORMAT INFORMATION
+#
+# This file is delineated by sections, specified in [brackets]. Within each
+# section, are a number of configuration settings. These settings take the
+# form of: name = value. Values may be continued on the following line by
+# indenting the continued line.
+#
+# WARNING: indentation *always* means continuation. name=value lines should
+# always start in column zero.
+#
+# Comments should always start in column zero, and are identified with "#".
+#
+# Certain configuration settings may have multiple values. These should be
+# separated by a comma. The settings where this is allowed are noted below.
+#
+# Any other setting that requires special syntax is noted at that setting.
+#
+
+#---------------------------------------------------------------------------
+[general]
+
+#
+# CVS roots assigned
+#
+
+cvs_roots = free: /cvs/free, nonfree: /cvs/nonfree
+
+
+# Root Parents Directory
+#root_parents = DISABLED
+
+
+# use rcsparse python module to retrieve cvs repository information instead
+# of invoking rcs utilities. this feature is experimental
+use_rcsparse = 0
+
+# This is a pathname to a MIME types file to help viewvc to guess the
+# correct MIME type on checkout.
+#mime_types_file = /usr/local/apache/conf/mime.types
+
+# CVSadmin address.
+address = rpmfusion-cvsadmin(a)lists.rpmfusion.org
+
+
+# This option provides a mechanism for custom key/value pairs to be
+# available to templates. These are stored in key/value files (KV files).
+#
+# kv.SECTION.OPTION
+#
+# [my_images]
+# logos.small = /images/small-logo.png
+# logos.big = /images/big-logo.png
+#
+
+# To further categorize the KV files, and how the values are provided to
+# the templates, a KV file name may be annotated with an additional level
+# of dotted naming. For example:
+#
+# kv_files = [asf]kv/images.conf
+#
+# Lastly, it is possible to use %lang% in the filenames to specify a
+# substitution of the selected language-tag.
+#
+kv_files =
+
+#
+# The languages available to ViewVC. There are several i18n mechanisms
+# available:
+
+languages = en-us, fr, de, en-gb
+
+
+
+#---------------------------------------------------------------------------
+[options]
+
+# Interpret the first path component in the URL
+# Note: Enabling this option will break backwards compatibility with
+# any old ViewCVS URL which doesn't have an explicit "root" parameter.
+root_as_url_component = 0
+
+# Controls whether the default view for file URLs is a checkout view or
+# a log view.
+default_file_view = log
+
+# Use checkout links with magic /*checkout*/ prefixes so
+checkout_magic = 1
+
+# Expiration time (in seconds) for cacheable
+http_expiration_time = 600
+
+# Generate Etag headers for relevant pages to assist
+generate_etags = 1
+
+# File sort order
+sort_by = file
+
+# Group directories when sorting
+sort_group_dirs = 1
+
+# Hide or show the contents of the Attic subdirectory
+hide_attic = 1
+
+# Sort order for log messages
+log_sort = date
+
+# Default diff format
+diff_format = h
+
+# Don't show the CVSROOT directory
+hide_cvsroot = 1
+
+# make lines break at spaces,
+hr_breakable = 1
+
+# give out function names in human readable diffs
+hr_funout = 0
+
+# ignore whitespaces for human readable diffs
+hr_ignore_white = 1
+
+# ignore diffs which are caused by
+# keyword-substitution like $Id - Stuff
+hr_ignore_keyword_subst = 1
+
+# Enable highlighting of intraline changes in human readable diffs
+# this feature is experimental and currently requires python 2.4
+hr_intraline = 1
+
+# allow on-the-fly generation of repository tarballs
+allow_tar = 1
+
+# allow annotation of files.
+allow_annotate = 1
+
+# allow pretty-printed version of files
+allow_markup = 1
+
+# allow compression with gzip of output if the Browser accepts it
+allow_compress = 1
+
+allowed_views = annotate, diff, co, tar, markup, roots
+# The directory which contains the EZT templates used by ViewVC to
+# customize the display of the various output views. ViewVC looks in
+# this directory for files with names that match the name of the view
+# ("log", "directory", etc.) plus the ".ezt" extension. If specified
+# as a relative path, it is relative to the ViewVC installation
+# directory; absolute paths may be used as well.
+#
+# If %lang% occurs in the pathname, then the selected language will be
+# substituted.
+#
+template_dir = /srv/web/viewvc/templates-contrib/newvc/templates
+
+# Web path to a directory that contains ViewVC static files
+#docroot = /docroot
+
+# Show last changelog message for sub directories
+show_subdir_lastmod = 0
+
+# show a portion of the most recent log entry in directory listings
+show_logs = 1
+
+# Show log when viewing file contents
+show_log_in_markup = 1
+
+# Cross filesystem copies when traversing Subversion file revision histories.
+cross_copies = 1
+
+# Display dates as UTC or in local time zone
+use_localtime = 0
+
+# == Configuration defaults ==
+# Defaults for configuration variables that shouldn't need
+# to be configured..
+
+#
+# If you want to use Marc-Andrew Lemburg's py2html (and Just van Rossum's
+# PyFontify) to colorize Python files, then you may need to change this
+# variable to point to their directory location.
+#
+# This directory AND the standard Python path will be searched.
+#
+py2html_path = .
+#py2html_path = /usr/local/lib/python1.5/site-python
+
+# the length to which the most recent log entry should be truncated when
+# shown in the directory view
+short_log_len = 80
+
+# should we use 'enscript' for syntax coloring?
+use_enscript = 0
+
+#
+# if the enscript program is not on the path, set this value
+#
+enscript_path =
+# enscript_path = /usr/bin/
+
+# should we use 'highlight' for syntax coloring?
+# NOTE: use_enscript has to be 0 or enscript will be used instead
+use_highlight = 0
+
+#
+# if the highlight program is not on the path, set this value
+#
+# highlight_path = /usr/bin
+
+# should we add line numbers?
+highlight_line_numbers = 1
+
+# convert tabs to ## spaces (use 0 for no conversion)
+highlight_convert_tabs = 2
+
+# use php to colorize .php and .inc files?
+use_php = 0
+
+# path to php executable
+# (This should be set to the path of a PHP CLI executable, not the path
+# to a CGI executable. If you use a CGI executable, you may see "no input file
+# specified" or "force-cgi-redirect" errors instead of colorized source. The
+# output of "php -v" tells you whether an given executable is CLI or CGI.)
+php_exe_path = php
+
+# Use CvsGraph. See http://www.akhphd.au.dk/~bertho/cvsgraph/ for
+# documentation and download.
+use_cvsgraph = 0
+
+# if the cvsgraph program is not on the path, set this value
+cvsgraph_path =
+
+# Location of the customized cvsgraph configuration file.
+# You will need an absolute pathname here:
+cvsgraph_conf = cvsgraph.conf
+
+#
+# Set to enable regular expression search of all files in a directory
+#
+# WARNING:
+#
+# Enabling this option can consume HUGE amounts of server time. A
+# "checkout" must be performed on *each* file in a directory, and
+# the result needs to be searched for a match against the regular
+# expression.
+#
+#
+# SECURITY WARNING: Denial Of Service
+#
+# Since a user can enter the regular expression, it is possible for
+# them to enter an expression with many alternatives and a lot of
+# backtracking. Executing that search over thousands of lines over
+# dozens of files can easily tie up a server for a long period of
+# time.
+#
+# This option should only be used on sites with trusted users. It is
+# highly inadvisable to use this on a public site.
+#
+use_re_search = 0
+
+#
+# Split directories and logs into pages.
+# Allows ViewVC to present discrete pages to the users instead of the
+# entire log or directory.
+# Set use_pagesize to the number of entries you want displayed on a page.
+#
+use_pagesize = 0
+
+# Limit number of changed paths shown per commit in the Subversion revision
+# view and in query results. This is not a hard limit (the UI provides
+# options to show all changed paths), but it prevents ViewVC from generating
+# enormous and hard to read pages by default when they happen to contain
+# import or merge commits affecting hundreds or thousands of files.
+# Set to 0 to disable the limit.
+limit_changes = 100
+
+authorizer = forbidden
+
+#---------------------------------------------------------------------------
+[templates]
+
+# You can override the templates used by various ViewVC views in this
+# section. By default, ViewVC will look for templates in the
+# directory specified by the "template_dir" configuration option (see
+# the documentation for that option for details). But if you want to
+# use a different template for a particular view, simply uncomment the
+# appropriate option below and specify the currect location of the EZT
+# template file you wish to use for that view.
+#
+# Templates are specified relative to the installation directory, but
+# absolute paths may also be used as well.
+#
+# If %lang% occurs in the pathname, then the selected language will be
+# substituted.
+#
+# Note: the selected language is defined by the "languages" item in the
+# [general] section, and based on the request's Accept-Language
+# header.
+#
+#directory = templates/directory.ezt
+### an alternative directory view
+#directory = templates/dir_new.ezt
+#log = templates/log.ezt
+### a table-based alternative log view
+#log = templates/log_table.ezt
+#query = templates/query.ezt
+#diff = templates/diff.ezt
+#graph = templates/graph.ezt
+#annotate = templates/annotate.ezt
+#markup = templates/markup.ezt
+#revision = templates/revision.ezt
+#query_form = templates/query_form.ezt
+#query_results = templates/query_results.ezt
+#error = templates/error.ezt
+#roots = templates/roots.ezt
+
+#---------------------------------------------------------------------------
+[cvsdb]
+
+enabled = 0
+#host = localhost
+#port = 3306
+#database_name = ViewVC
+#user =
+#passwd =
+#readonly_user =
+#readonly_passwd =
+#row_limit = 1000
+
+#---------------------------------------------------------------------------
+[vhosts]
+### DOC
+
+#---------------------------------------------------------------------------
+
+# Filter modules listing
+[authz-forbidden]
+forbidden = !rpms, !comps, !owners
+
+[authz-forbiddenre]
+forbiddenre = ^rpms(/|$), ^VirtualBox-OSE(/|$), ^VirtualBox-OSE-kmod(/|$)
diff --git a/modules/cvs/manifest/init.pp b/modules/cvs/manifest/init.pp
index 9b834a8..d0218d8 100644
--- a/modules/cvs/manifest/init.pp
+++ b/modules/cvs/manifest/init.pp
@@ -1,130 +1,157 @@
-class cvs::server {
-
- include cvs::client
- include xinetd
- include httpd
- include mod_ssl
-# include mod_python-package
-# include cvs::nosignals
-# include rcs-package
-
- package { "diffstat":
- ensure => installed,
- }
-
- file { '/etc/xinetd.d/cvs':
- owner => 'root',
- group => 'root',
- ensure => present,
- source => "puppet:///config/system/cvs.xinetd",
- require => Package["xinetd"],
- }
-
- file { [ '/srv/scm/', '/srv/scm/cvs', '/srv/web']:
- ensure => directory
- }
-
- file { '/srv/cache':
- ensure => directory
- }
-
- file { [
- '/var/lock/cvs/',
- '/var/lock/cvs/common',
- '/var/lock/cvs/rpms',
- '/var/lock/cvs/tags',
- '/var/lock/cvs/comps' ]:
- ensure => directory,
- mode => 777;
-
- ['/srv/cache/pkgs']:
- ensure => directory;
-
- [
- '/srv/cache/pkgs/free',
- '/srv/cache/pkgs/nonfree']:
- ensure => directory,
- owner => 'apache',
- group => 'apache',
- }
-
- symlink { '/cvs':
- ensure => '/srv/scm/cvs',
- require => File['/srv/scm/cvs']
- }
-
-# script { '/usr/local/bin/genacls.sh':
-# source => 'puppet:///config/system/genacls.cron'
-# }
-
-# cron { genacls:
-# command => "/usr/local/bin/genacls.sh &>/dev/null",
-# user => "toshio",
-# minute => [ 0, 10, 20, 30, 40, 50 ],
-# ensure => present,
-# }
-
-# cron { updatecrl:
-# command => "/usr/local/bin/updatecrl.sh &>/dev/null",
-# user => "root",
-# minute => [ 0 ],
-# ensure => present,
-# }
-
- configfile { "/srv/cache/pkgs/upload.cgi":
- source => "puppet:///config/web/cvs.rpmfusion.org/upload.cgi",
- mode => 0755,
- require => [Package["httpd"], File['/srv/cache/pkgs']],
- notify => Service['httpd']
- }
-
-# Disabled for now
-# configfile { '/etc/httpd/conf/cacert.pem':
-# source => 'puppet:///config/secure/rpmfusion-ca.cert',
-# }
-}
-
-class cvs::client {
- package { "cvs":
- ensure => installed,
- }
-}
+class cvs {
-#class cvs::nosignals {
-# package { "cvs-nosignals":
-# ensure => installed,
-# alias => "cvs",
-# }
-#}
-
-class cvs::web {
- package { viewvc:
- ensure => present
- }
-
- package { "mod_python":
- ensure => present
+ package { 'cvs':
+ ensure => installed
}
- file { '/etc/httpd/conf.d/cvs.rpmfusion.org.conf':
- source => 'puppet:///config/web/cvs.rpmfusion.org/http-viewvc.conf',
- mode => 0644,
- notify => Service['httpd'],
- require => Package['viewvc']
+ class server inherits cvs {
+
+ include xinetd
+ include httpd
+ include mod_ssl
+
+ package { 'diffstat':
+ ensure => installed,
+ }
+
+ file { '/etc/xinetd.d/cvs':
+ owner => 'root',
+ group => 'root',
+ ensure => present,
+ source => 'cvs/server/cvs.xinetd',
+ require => Package['xinetd'],
+ }
+
+ file { [ '/srv/scm/', '/srv/scm/cvs', '/srv/web']:
+ ensure => directory
+ }
+
+ file { '/srv/cache':
+ ensure => directory
+ }
+
+ file { [
+ '/var/lock/cvs/',
+ '/var/lock/cvs/common',
+ '/var/lock/cvs/rpms',
+ '/var/lock/cvs/tags',
+ '/var/lock/cvs/comps' ]:
+ ensure => directory,
+ mode => 777;
+
+ ['/srv/cache/pkgs']:
+ ensure => directory;
+
+ [
+ '/srv/cache/pkgs/free',
+ '/srv/cache/pkgs/nonfree']:
+ ensure => directory,
+ owner => 'apache',
+ group => 'apache',
+ }
+
+ symlink { '/cvs':
+ ensure => '/srv/scm/cvs',
+ require => File['/srv/scm/cvs']
+ }
+
+ file { '/srv/cache/pkgs/upload.cgi':
+ source => 'cvs/web/upload.cgi',
+ mode => 0755,
+ require => [Package['httpd'], File['/srv/cache/pkgs']],
+ notify => Service['httpd']
+ }
}
- file { '/etc/viewvc/viewvc.conf':
- source => 'puppet:///config/web/cvs.rpmfusion.org/viewvc.conf',
- mode => 0644,
- require => Package['viewvc']
+ class web inherits cvs {
+
+ package { 'viewvc':
+ ensure => installed
+ }
+
+ package { 'mod_python':
+ ensure => installed
+ }
+
+ file { '/etc/httpd/conf.d/cvs.rpmfusion.org.conf':
+ source => 'cvs/web/cvs.rpmfusion.org',
+ mode => 0644,
+ notify => Service['httpd'],
+ require => Package['viewvc']
+ }
+
+ file { '/etc/viewvc/viewvc.conf':
+ source => 'cvs/web/viewvc.conf',
+ mode => 0644,
+ require => Package['viewvc']
+ }
+
+ symlink { '/srv/web/viewvc':
+ ensure => '/usr/lib/python2.4/site-packages/viewvc',
+ require => Package['viewvc']
+ }
}
- symlink { '/srv/web/viewvc':
- ensure => '/usr/lib/python2.4/site-packages/viewvc',
- require => Package['viewvc']
+ class tools inherits cvs {
+
+ file { '/cvs/free/CVSROOT/mkbranch-free':
+ source => 'cvs/admin-tools/mkbranch-free',
+ mode => 0755,
+ require => Package['cvs']
+ }
+
+ file { '/cvs/nonfree/CVSROOT/mkbranch-nonfree':
+ source => 'cvs/admin-tools/mkbranch-nonfree',
+ mode => 0755,
+ require => Package['cvs']
+ }
+
+ file {'/usr/local/bin/mkbranchwrapper-free':
+ source => 'cvs/admin-tools/mkbranchwrapper-free',
+ mode => 0755,
+ require => Pacakge['cvs']
+ }
+
+ file {'/usr/local/bin/mkbranchwrapper-nonfree':
+ source => 'cvs/admin-tools/mkbranchwrapper-nonfree',
+ mode => 0755,
+ require => Package['cvs']
+ }
+
+ file { '/usr/local/bin/addpackage-free':
+ source => 'cvs/admin-tools/addpackage-free',
+ mode => 0755,
+ require => Package['cvs']
+ }
+
+ file {'/usr/local/bin/addpackage-nonfree':
+ source => 'cvs/admin-tools/addpackage-nonfree',
+ mode => 0755,
+ require => Package['cvs']
+ }
+
+ file {'/usr/local/bin/setup_pacakge-free':
+ source => 'cvs/admin-tools/setup_package-free',
+ mode => 0755,
+ require => Pacakge['cvs']
+ }
+
+ file {'/usr/local/bin/setup_package-nonfree':
+ source => 'cvs/admin-tools/setup_package-nonfree',
+ mode => 0755,
+ require => Package['cvs']
+ }
+
+ file {'/usr/local/bin/update-acls':
+ source => 'cvs/admin-tools/update-acls',
+ mode => 0755,
+ require => Pacakge['cvs']
+ }
+
+ file {'/usr/local/bin/remove-pkgs':
+ source => 'cvs/admin-tools/remove-pkgs',
+ mode => 0755,
+ require => Package['cvs']
+ }
}
}
-
-class cvs::tools {
-
-}
12 years, 3 months
[puppet] Remove dead builders and do some clean up
by Xavier Lamien
commit 10ea529c7aabdc0035b575379d03756d3fefe91d
Author: Xavier Lamien <laxathom(a)lxtnow.net>
Date: Mon Sep 3 13:04:01 2012 +0200
Remove dead builders and do some clean up
modules/plague/templates/plague-server.cfg.erb | 8 ++++----
1 files changed, 4 insertions(+), 4 deletions(-)
---
diff --git a/modules/plague/templates/plague-server.cfg.erb b/modules/plague/templates/plague-server.cfg.erb
index 8756a6d..79e0eb8 100644
--- a/modules/plague/templates/plague-server.cfg.erb
+++ b/modules/plague/templates/plague-server.cfg.erb
@@ -34,8 +34,8 @@ client_ca_cert = /etc/plague/user_ca_dir/rpmfusion-upload-ca.cert
[pgdb Engine]
host = localhost
-password = plagueUnti1wegetkoji
-user = plague-server
+password =
+user =
database = plague
[sqlite Engine]
@@ -44,7 +44,7 @@ database = /etc/plague/server/jobdb
[Builders]
use_ssl = yes
-builders = bombadil.infradead.org:8888 lisas.de:8888 fusionbuilder64:8888 builder.wilsonet.com:8888 canuck.infradead.org:8888
+builders = builder1.rpmfusion.org:8888
#[Active Builders]
#xmlrpc_server_port = 8888
@@ -55,4 +55,4 @@ builders = bombadil.infradead.org:8888 lisas.de:8888 fusionbuilder64:8888 builde
[Email]
success_emails = rpmfusion-buildsys(a)lists.rpmfusion.org
email_from = rpmfusion-buildsys(a)lists.rpmfusion.org
-admin_emails = rpmfusion-sysadmin(a)lists.rpmfusion.org
+admin_emails = sysadmin(a)lists.rpmfusion.org
12 years, 3 months