-
Notifications
You must be signed in to change notification settings - Fork 6
/
anvil.spec.in
485 lines (392 loc) · 12.5 KB
/
anvil.spec.in
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
%global numcomm @numcomm@
%global alphatag @alphatag@
%global dirty @dirty@
%define debug_package %{nil}
%define anviluser admin
%define anvilgroup admin
# newlines are not removed from macros, meaning we need
# 2 backslashes to make shell continue the line, and
# 1 more backslash to make rpmbuild continue the line.
%define coreservices anvil-daemon.service \\\
anvil-monitor-network.service \\\
scancore.service \\\
anvil-monitor-daemons.service \\\
anvil-monitor-performance.service
%define suiapi striker-ui-api
# selinux variables
%define selinuxtype targeted
%define selinuxsubnodemodule anvil-subnode
%define selinuxdir %{_datadir}/selinux/packages/%{selinuxtype}
Name: anvil
Version: @version@
Release: 1%{?numcomm:.%{numcomm}}%{?alphatag:.%{alphatag}}%{?dirty:.%{dirty}}%{?dist}
Summary: Alteeve Anvil! complete package.
License: GPLv2+
URL: https://github.com/ClusterLabs/anvil
Source0: %{name}-%{version}%{?numcomm:.%{numcomm}}%{?alphatag:-%{alphatag}}%{?dirty:-%{dirty}}.tar.gz
BuildArch: noarch
# required to detect paths to:
# systemd unit files
BuildRequires: systemd autoconf automake make
# fence-agents binaries
BuildRequires: fence-agents-common
# OCFROOT
BuildRequires: resource-agents
# required to build SELinux policy
BuildRequires: selinux-policy-devel
# specify that we're using systemd macros
BuildRequires: systemd-rpm-macros
%description
This package generates the anvil-core, anvil-striker, anvil-node and anvil-dr
RPM's. The 'core' RPM is common to all machines in an Anvil! cluster, with the
other three used for each machine, given its roll.
WARNING: This is an alpha-stage project. Many features are missing and this
should not be used for anything other than development purposes! The
first stable release will be 3.1. Anything 3.0 is UNSTABLE.
%package core
Summary: Alteeve's Anvil! Core package
Requires: bash-completion
Requires: binutils
Requires: chrony
Requires: cyrus-sasl
Requires: cyrus-sasl-gssapi
Requires: cyrus-sasl-lib
Requires: cyrus-sasl-md5
Requires: cyrus-sasl-plain
Requires: bind-utils
Requires: dmidecode
Requires: dnf-utils
Requires: expect
Requires: fence-agents-all
Requires: fence-agents-virsh
Requires: firewalld
Requires: freeipmi
Requires: glibc-all-langpacks
Requires: gpm
Requires: hdparm
Requires: htop
Requires: iotop
Requires: iproute
Requires: kernel-core
Requires: kernel-devel
Requires: kernel-headers
Requires: lsscsi
Requires: lsof
Requires: mlocate
Requires: net-snmp-utils
Requires: NetworkManager-initscripts-updown
Requires: nvme-cli
Requires: parted
Requires: pciutils
Requires: perl-Capture-Tiny
Requires: perl-Data-Dumper
Requires: perl-Data-Validate-Domain
Requires: perl-Data-Validate-IP
Requires: perl-DBD-Pg
Requires: perl-DBI
Requires: perl-Data-Validate-Domain
Requires: perl-Digest-SHA
Requires: perl-File-MimeInfo
Requires: perl-CGI
Requires: perl-HTML-FromText
Requires: perl-HTML-Strip
Requires: perl-IO-Tty
Requires: perl-JSON
Requires: perl-Log-Journald
Requires: perl-Mail-RFC822-Address
Requires: perl-Net-Domain-TLD
Requires: perl-Net-SSH2
Requires: perl-Net-Netmask
Requires: perl-Net-OpenSSH
Requires: perl-NetAddr-IP
Requires: perl-Proc-Simple
Requires: perl-Sys-Syslog
Requires: perl-Sys-Virt
Requires: perl-Text-Diff
Requires: perl-Time-HiRes
Requires: perl-UUID-Tiny
Requires: perl-XML-LibXML
Requires: perl-XML-Simple
Requires: postfix
Requires: postgresql-contrib
Requires: postgresql-plperl
Requires: rsync
Requires: screen
Requires: selinux-policy >= %{_selinux_policy_version}
Requires: smartmontools
Requires: strace
Requires: syslinux
Requires: sysstat
Requires: tar
Requires: tcpdump
Requires: tmux
Requires: unzip
Requires: usbutils
Requires: util-linux
Requires: vim
Requires: wget
# iptables-services conflicts with firewalld
Conflicts: iptables-services
# We handle interface naming
Conflicts: biosdevname
# Migrate to s-nail because mailx is deprecated.
%if 0%{?rhel} < 9
Requires: mailx
Conflicts: s-nail
%else
Requires: s-nail
# This fails on updates; find a proper solution other than removing
# Conflicts: mailx
%endif
%description core
Common base libraries required for the Anvil! system.
%package striker
Summary: Alteeve's Anvil! Striker dashboard package
Requires: anvil-core == %{version}-%{release}
Requires: bpg-dejavu-sans-fonts
Requires: createrepo
Requires: dejavu-sans-fonts
Requires: dejavu-sans-mono-fonts
Requires: dejavu-serif-fonts
Requires: dhcp-server
Requires: firefox
Requires: gcc
Requires: gdm
Requires: gnome-terminal
Requires: netpbm-progs
Requires: nmap
Requires: nodejs
Requires: openssh-askpass
Requires: postgresql-server
Requires: tftp-server
Requires: virt-manager
# A Striker dashboard is not allowed to host servers or be a migration target.
# So the node and dr packages can not be installed.
Conflicts: anvil-node
Conflicts: anvil-dr
%description striker
Web interface of the Striker dashboard for Alteeve Anvil! systems
NOTE: This installs and enables Gnome desktop.
%package node
Summary: Alteeve's Anvil! node package
Requires: anvil-core == %{version}-%{release}
Requires: drbd90-utils
Requires: kmod-drbd
Requires: libvirt
Requires: libvirt-daemon
Requires: libvirt-daemon-driver-qemu
Requires: libvirt-daemon-kvm
Requires: libvirt-docs
Requires: nmap-ncat
Requires: pacemaker
Requires: pcs
Requires: python3-websockify
Requires: qemu-kvm
Requires: qemu-kvm-core
Requires: virt-install
Requires: virt-top
# A node is allowed to host servers and be a live migration target. It is not
# allowed to host a database or be a DR host.
Conflicts: anvil-striker
Conflicts: anvil-dr
Conflicts: netcat
%description node
Provides support for active node in an Anvil! pair.
NOTE: On RHEL proper, this requires the node had the "High-Availability
Add-on".
NOTE: LINBIT customers must have access to the LINBIT repositories configured.
%package dr
Summary: Alteeve's Anvil! DR host package
Requires: anvil-core == %{version}-%{release}
Requires: drbd90-utils
Requires: kmod-drbd
Requires: libvirt
Requires: libvirt-daemon
Requires: libvirt-daemon-driver-qemu
Requires: libvirt-daemon-kvm
Requires: libvirt-docs
Requires: nmap-ncat
Requires: python3-websockify
Requires: qemu-kvm
Requires: qemu-kvm-core
Requires: virt-install
Requires: virt-top
# A DR host is not allowed to be a live-migration target or host a database.
Conflicts: anvil-striker
Conflicts: anvil-node
Conflicts: netcat
%description dr
Provides support for asynchronous disaster recovery hosts in an Anvil! cluster.
%prep
%autosetup -n %{name}-%{version}%{?numcomm:.%{numcomm}}%{?alphatag:-%{alphatag}}%{?dirty:-%{dirty}}
%build
./autogen.sh
%{configure}
make %{_smp_mflags}
%install
rm -rf %{buildroot}
make install DESTDIR=%{buildroot}
%pre core
%selinux_relabel_pre -s %{selinuxtype}
if [ ! -d /usr/share/anvil ];
then
mkdir /usr/share/anvil
fi
getent group %{anvilgroup} >/dev/null || groupadd -r %{anvilgroup}
getent passwd %{anviluser} >/dev/null || useradd --create-home \
--gid %{anvilgroup} --comment "Anvil! user account" %{anviluser}
%post core
# Always try to install in-case of update
%selinux_modules_install -s %{selinuxtype} -p 200 %{selinuxdir}/%{selinuxsubnodemodule}.pp
%if 0%{?rhel} < 9
echo "WARNING: setting SELinux to 'permissive' on rhel < 9."
sed -i 's/SELINUX=enforcing/SELINUX=permissive/' /etc/selinux/config
setenforce 0
%endif
# enable and start required core services on fresh install
if [ $1 -eq 1 ]
then
systemctl enable --now chronyd.service
systemctl enable --now %coreservices
fi
%pre striker
getent passwd %{suiapi} >/dev/null \
|| useradd \
--comment "Striker UI API" \
--no-create-home \
--shell %{_sbindir}/nologin \
--user-group \
%{suiapi}
%post striker
if [ $1 -eq 1 ]
then
systemctl enable --now %{suiapi}.service
fi
restorecon -rv /%{_localstatedir}/www
if [ $1 -eq 1 ] && ! $(ls -l /etc/systemd/system/default.target | grep -q graphical)
then
echo "Set graphical interface as default on boot."
systemctl set-default graphical.target
systemctl enable gdm.service
if ! systemctl --quiet is-active gdm.service
then
echo "gdm.service (graphical display) is inactive."
echo "Please start it with systemctl or reboot the system."
fi
fi
# Touch the system type file.
echo "Touching the system type file"
if [ -e '/etc/anvil/type.node' ]
then
rm -f /etc/anvil/type.node
elif [ -e '/etc/anvil/type.dr' ]
then
rm -f /etc/anvil/type.dr
fi
touch /etc/anvil/type.striker
### TODO: I don't think we need this anymore
# Open access for Striker. The database will be opened after initial setup.
if [ $1 -eq 1 ]
then
echo "Starting firewalld"
systemctl enable --now firewalld.service
echo "Opening the web and postgresql ports."
firewall-cmd --add-service=http
firewall-cmd --add-service=http --permanent
firewall-cmd --add-service=https
firewall-cmd --add-service=https --permanent
firewall-cmd --add-service=postgresql
firewall-cmd --add-service=postgresql --permanent
fi
%pre node
%post node
# Touch the system type file.
echo "Touching the system type file"
if [ -e '/etc/anvil/type.striker' ]
then
rm -f /etc/anvil/type.striker
elif [ -e '/etc/anvil/type.dr' ]
then
rm -f /etc/anvil/type.dr
fi
touch /etc/anvil/type.node
%pre dr
%post dr
# Touch the system type file.
echo "Touching the system type file"
if [ -e '/etc/anvil/type.striker' ]
then
rm -f /etc/anvil/type.striker
elif [ -e '/etc/anvil/type.node' ]
then
rm -f /etc/anvil/type.node
fi
touch /etc/anvil/type.dr
%preun core
# Only uninstall our services
%systemd_preun %coreservices
### Remove stuff - Disabled for now, messes things up during upgrades
%postun core
## This is breaking on upgrades - (note: switch back to single percent sign
## when re-enabling)
#getent passwd %%{anviluser} >/dev/null && userdel %%{anviluser}
#getent group %%{anvilgroup} >/dev/null && groupdel %%{anvilgroup}
%systemd_postun_with_restart %coreservices
# Only uninstall the policy when the package is actually being removed
if [ $1 -eq 0 ]; then
%selinux_modules_uninstall -s %{selinuxtype} -p 200 %{selinuxsubnodemodule}
fi
%preun striker
# Remove Striker UI API on uninstall
%systemd_preun %{suiapi}.service
%postun striker
# Restart Striker UI API to make changes effective
%systemd_postun_with_restart %{suiapi}.service
# Remove the system type file.
if [ -e '/etc/anvil/type.striker' ]
then
rm -f /etc/anvil/type.striker
fi
%postun node
# Remove the system type file.
if [ -e '/etc/anvil/type.node' ]
then
rm -f /etc/anvil/type.node
fi
%postun dr
# Remove the system type file.
if [ -e '/etc/anvil/type.dr' ]
then
rm -f /etc/anvil/type.dr
fi
%posttrans core
# Relabel in posttrans makes sure files are in-place
%selinux_relabel_post -s %{selinuxtype}
%files core
%doc README.md
%config(noreplace) %{_sysconfdir}/anvil/anvil.conf
%{_usr}/lib/*
%config(noreplace) %{_datadir}/anvil/anvil.sql
%{_datadir}/anvil/firewall.txt
%{_datadir}/anvil/words.xml
%{_sbindir}/*
%{_sysconfdir}/anvil/anvil.version
%{_datadir}/perl5/*
%{_mandir}/*
# selinux
%attr(0644, root, root) %{selinuxdir}/%{selinuxsubnodemodule}.pp
%ghost %{_sharedstatedir}/selinux/%{selinuxtype}/active/modules/200/%{selinuxsubnodemodule}
%files striker
%{_localstatedir}/www/*/*
%{_datadir}/anvil/striker-auto-initialize-all.example
%{_datadir}/%{suiapi}/*
%ghost %{_sysconfdir}/anvil/snmp-vendors.txt
%files node
%{_sysconfdir}/libvirt/hooks/*
%{_usr}/lib/ocf/resource.d/alteeve/server
%files dr
%{_sysconfdir}/libvirt/hooks/*
%changelog
* @date@ Autotools generated version <nobody@nowhere.org> - @version@-1-@numcomm@.@alphatag@.@dirty@
- Autotools generated version.
- These aren't the droids you're looking for.