From cf14abea0d3dda839760a0d368b14de828fb587e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miguel=20Negr=C3=B3n?= <45871721+manegron@users.noreply.github.com> Date: Sun, 26 May 2024 09:55:36 +0100 Subject: [PATCH 1/9] Update metadata.rb --- resources/metadata.rb | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/resources/metadata.rb b/resources/metadata.rb index c4b9c17..789f54c 100644 --- a/resources/metadata.rb +++ b/resources/metadata.rb @@ -1,7 +1,6 @@ name 'freeradius' -maintainer 'redborder' -maintainer_email 'vimesa@redborder.com' -license 'All rights reserved' +maintainer 'Eneo TecnologĂ­a S.L.' +maintainer_email 'git@redborder.com' +license 'AGPL-3.0' description 'Installs/Configures cookbook-freeradius' -long_description IO.read(File.join(File.dirname(__FILE__), 'README.md')) version '0.0.4' From b4ece9c0ad3f2e340bea635ba5a036b562da01b7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miguel=20Negr=C3=B3n?= <45871721+manegron@users.noreply.github.com> Date: Fri, 31 May 2024 01:17:52 +0100 Subject: [PATCH 2/9] Update rpm.yml --- .github/workflows/rpm.yml | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/.github/workflows/rpm.yml b/.github/workflows/rpm.yml index 03352e5..5d83b78 100644 --- a/.github/workflows/rpm.yml +++ b/.github/workflows/rpm.yml @@ -18,7 +18,7 @@ jobs: uses: actions/checkout@v2 with: fetch-depth: 0 - + - name: Create tag based on metadata.rb id: create_tag run: | @@ -26,38 +26,55 @@ jobs: echo "TAG=$TAG" >> $GITHUB_ENV shell: bash + - name: Check if Tag Exists + id: check_tag + run: | + if git rev-parse "refs/tags/${{ env.TAG }}" >/dev/null 2>&1; then + echo "Tag ${{ env.TAG }} already exists, exiting." + exit 1 + fi + shell: bash + - name: Set Version + if: success() run: echo "VERSION=${{ env.TAG }}" >> $GITHUB_ENV - name: Run Docker Container + if: success() run: docker run --privileged -d --name builder --network host rockylinux:9 /bin/sleep infinity - name: Install build tools RPM + if: success() run: | docker cp ./ builder:/build docker exec builder bash -c "yum install -y epel-release && yum install -y make git mock" docker exec builder bash -c "rm -rf /etc/mock/default.cfg" - name: Setup SDK + if: success() run: | docker exec builder bash -c "curl https://raw.githubusercontent.com/redBorder/repoinit/master/sdk9.cfg > /build/sdk9.cfg" docker exec builder bash -c "echo \"config_opts['use_host_resolv'] = True\" >> /build/sdk9.cfg" docker exec builder bash -c "ln -s /build/sdk9.cfg /etc/mock/default.cfg" - name: Build RPM using mock + if: success() run: | docker exec builder bash -c "git config --global --add safe.directory /build" docker exec builder bash -c "cd /build/ && VERSION=${{ env.TAG }} make rpm" - name: Copy RPMS + if: success() run: | docker cp builder:/build/packaging/rpm/pkgs/. ./rpms - name: Delete non-.rpm files + if: success() run: | find ./rpms -type f -not -name '*.rpm' -exec rm {} \; - name: Release + if: success() uses: softprops/action-gh-release@v1 with: files: ./rpms/* From 2ff458bad4eb236e812ce8d94ebf6e0bd8195b93 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miguel=20Negr=C3=B3n?= <45871721+manegron@users.noreply.github.com> Date: Fri, 31 May 2024 01:18:35 +0100 Subject: [PATCH 3/9] Update README.md --- README.md | 33 +++++++++++++++++++++++++++++---- 1 file changed, 29 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 75de201..a4e6a5f 100644 --- a/README.md +++ b/README.md @@ -1,10 +1,35 @@ # cookbook-freeradius +[![Build Status][build-shield]][build-url] +[![Linters][linters-shield]][linters-url] +[![License][license-shield]][license-url] + + +[build-shield]: https://github.com/redBorder/cookbook-freeradius/actions/workflows/rpm.yml/badge.svg?branch=master +[build-url]: https://github.com/redBorder/cookbook-freeradius/actions/workflows/rpm.yml?query=branch%3Amaster +[linters-shield]: https://github.com/redBorder/cookbook-freeradius/actions/workflows/lint.yml/badge.svg?event=push +[linters-url]: https://github.com/redBorder/cookbook-freeradius/actions/workflows/lint.yml +[license-shield]: https://img.shields.io/badge/license-AGPLv3-blue.svg +[license-url]: https://github.com/cookbook-freeradius/blob/HEAD/LICENSE + +Chef cookbook to install and configure freeradius-rb -Cookbook to install and configure freeradius-rb ### Platforms - Rocky Linux 9 -## Authors -Vicente Mesa -Eduardo Reyes +### Chef + +- Chef 15.7.0 or later + +## Contributing + +1. Fork the repository on Github +2. Create a named feature branch (like `add_component_x`) +3. Write your change +4. Write tests for your change (if applicable) +5. Run the tests, ensuring they all pass +6. Submit a Pull Request using Github + +## License + +GNU AFFERO GENERAL PUBLIC LICENSE Version 3, 19 November 2007 From 3e6395292c5f909d17cca01d992e7a6e226f22cb Mon Sep 17 00:00:00 2001 From: Miguel Negron Date: Sat, 1 Jun 2024 21:28:32 +0100 Subject: [PATCH 4/9] lint attributes --- resources/attributes/default.rb | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/resources/attributes/default.rb b/resources/attributes/default.rb index f035bb2..9e1ace0 100644 --- a/resources/attributes/default.rb +++ b/resources/attributes/default.rb @@ -1,4 +1,2 @@ -#default attributes -# - -default["freeradius"]["registered"] = false +# default attributes +default['freeradius']['registered'] = false From 679071e24fa3de50d6fcd0b9837ca930a1d80208 Mon Sep 17 00:00:00 2001 From: Miguel Negron Date: Sat, 1 Jun 2024 21:28:41 +0100 Subject: [PATCH 5/9] lint libraries --- resources/libraries/rbfreeradius_helpers.rb | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/resources/libraries/rbfreeradius_helpers.rb b/resources/libraries/rbfreeradius_helpers.rb index 812898b..9952f44 100644 --- a/resources/libraries/rbfreeradius_helpers.rb +++ b/resources/libraries/rbfreeradius_helpers.rb @@ -1,5 +1,4 @@ module Rbfreeradius module Helpers - end -end \ No newline at end of file +end From 722c45c9dacc17cbc976641a36fbe439778605fd Mon Sep 17 00:00:00 2001 From: Miguel Negron Date: Sat, 1 Jun 2024 21:28:46 +0100 Subject: [PATCH 6/9] lint providers --- resources/providers/config.rb | 253 +++++++++++++++++----------------- 1 file changed, 126 insertions(+), 127 deletions(-) diff --git a/resources/providers/config.rb b/resources/providers/config.rb index 92be6e0..8985098 100644 --- a/resources/providers/config.rb +++ b/resources/providers/config.rb @@ -1,251 +1,250 @@ -# Cookbook Name:: freeradius -# +# Cookbook:: freeradius # Provider:: config -# + action :config_common do begin mode = new_resource.mode config_dir = new_resource.config_dir flow_nodes = new_resource.flow_nodes - dnf_package "freeradius-rb" do + dnf_package 'freeradius-rb' do action :upgrade flush_cache[:before] end - dnf_package "freeradius-rb-kafka" do + dnf_package 'freeradius-rb-kafka' do action :upgrade flush_cache[:before] end - dnf_package "freeradius-rb-krb5" do + dnf_package 'freeradius-rb-krb5' do action :upgrade flush_cache[:before] end - dnf_package "freeradius-rb-ldap" do + dnf_package 'freeradius-rb-ldap' do action :upgrade flush_cache[:before] end - dnf_package "freeradius-rb-mysql" do + dnf_package 'freeradius-rb-mysql' do action :upgrade flush_cache[:before] end - dnf_package "freeradius-rb-perl" do + dnf_package 'freeradius-rb-perl' do action :upgrade flush_cache[:before] end - dnf_package "freeradius-rb-postgresql" do + dnf_package 'freeradius-rb-postgresql' do action :upgrade flush_cache[:before] end - dnf_package "freeradius-rb-python" do + dnf_package 'freeradius-rb-python' do action :upgrade flush_cache[:before] end - dnf_package "freeradius-rb-unixODBC" do + dnf_package 'freeradius-rb-unixODBC' do action :upgrade flush_cache[:before] end - dnf_package "freeradius-rb-utils" do + dnf_package 'freeradius-rb-utils' do action :upgrade flush_cache[:before] end - dnf_package "rbutils" do + dnf_package 'rbutils' do action :upgrade flush_cache[:before] end - directory config_dir do #/etc/raddb - owner "root" - group "root" + directory config_dir do # /etc/raddb + owner 'root' + group 'root' mode '755' action :create end - - #Templates - + # Templates template "#{config_dir}/radiusd.conf" do - source "freeradius_radiusd.conf.erb" - cookbook "freeradius" - owner "root" - group "root" - mode 0644 + source 'freeradius_radiusd.conf.erb' + cookbook 'freeradius' + owner 'root' + group 'root' + mode '0644' retries 2 - variables(:mode => mode) - notifies :restart, "service[radiusd]", :delayed + variables(mode: mode) + notifies :restart, 'service[radiusd]', :delayed end template "#{config_dir}/sites-available/default" do - source "freeradius_default.erb" - cookbook "freeradius" - owner "root" - group "root" - mode 0644 + source 'freeradius_default.erb' + cookbook 'freeradius' + owner 'root' + group 'root' + mode '0644' retries 2 - variables(:mode => mode) - notifies :run, "execute[configure_freeradius-rb]", :delayed - notifies :restart, "service[radiusd]", :delayed + variables(mode: mode) + notifies :run, 'execute[configure_freeradius-rb]', :delayed + notifies :restart, 'service[radiusd]', :delayed end - execute "configure_freeradius-rb" do - command "pushd etc/raddb/sites-enabled; ln -s ../sites-available/dynamic-clients ./; popd" - notifies :restart, "service[radiusd]", :delayed + execute 'configure_freeradius-rb' do + command 'pushd etc/raddb/sites-enabled; ln -s ../sites-available/dynamic-clients ./; popd' + notifies :restart, 'service[radiusd]', :delayed ignore_failure true action :nothing end template "#{config_dir}/kafka_log.conf" do - source "freeradius_kafka_log.conf.erb" - cookbook "freeradius" - owner "root" - group "root" - mode 0644 + source 'freeradius_kafka_log.conf.erb' + cookbook 'freeradius' + owner 'root' + group 'root' + mode '0644' retries 2 - variables(:flow_nodes => flow_nodes, :mode => mode) - notifies :restart, "service[radiusd]", :delayed + variables(flow_nodes: flow_nodes, mode: mode) + notifies :restart, 'service[radiusd]', :delayed end template "#{config_dir}/clients.conf" do - source "freeradius_clients.conf.erb" - cookbook "freeradius" - owner "root" - group "root" - mode 0644 + source 'freeradius_clients.conf.erb' + cookbook 'freeradius' + owner 'root' + group 'root' + mode '0644' retries 2 - variables(:flow_nodes => flow_nodes, :mode => mode) - notifies :reload, "service[radiusd]", :delayed + variables(flow_nodes: flow_nodes, mode: mode) + notifies :reload, 'service[radiusd]', :delayed end - #end of templates + # end of templates - service "radiusd" do - service_name "radiusd" + service 'radiusd' do + service_name 'radiusd' ignore_failure true - supports :status => true, :reload => true, :restart => true + supports status: true, reload: true, restart: true action [:enable, :start] end - Chef::Log.info("Common cookbook freeradius configuration has been processed.") + Chef::Log.info('Common cookbook freeradius configuration has been processed.') rescue => e Chef::Log.error(e.message) end end action :config_manager do - config_dir = new_resource.config_dir - ########################## # Retrieve databag data - ########################## - db_radius_secrets = Chef::DataBagItem.load("passwords", "db_radius") rescue db_radius_secrets = {} - if !db_radius_secrets.empty? - db_name_radius = db_radius_secrets["database"] - db_username_radius = db_radius_secrets["username"] - db_pass_radius = db_radius_secrets["pass"] - db_port_radius = db_radius_secrets["port"] - db_hostname_radius = db_radius_secrets["hostname"] - db_external_radius = db_radius_secrets["external"] + begin + db_radius_secrets = data_bag_item('passwords', 'db_radius') + rescue + db_radius_secrets = {} end - bash "creating_radius_tables" do + unless db_radius_secrets.empty? + db_name_radius = db_radius_secrets['database'] + db_username_radius = db_radius_secrets['username'] + db_pass_radius = db_radius_secrets['pass'] + db_port_radius = db_radius_secrets['port'] + db_hostname_radius = db_radius_secrets['hostname'] + db_external_radius = db_radius_secrets['external'] + end + + bash 'creating_radius_tables' do code <<-EOH - /bin/psql -U #{db_username_radius} -h #{db_hostname_radius} -p #{db_port_radius} \ - -f #{config_dir}/sql/postgresql/nas.sql - /bin/psql -U #{db_username_radius} -h #{db_hostname_radius} -p #{db_port_radius} \ - -f #{config_dir}/sql/postgresql/schema.sql + /bin/psql -U #{db_username_radius} -h #{db_hostname_radius} -p #{db_port_radius} \ + -f #{config_dir}/sql/postgresql/nas.sql + /bin/psql -U #{db_username_radius} -h #{db_hostname_radius} -p #{db_port_radius} \ + -f #{config_dir}/sql/postgresql/schema.sql EOH - only_if{ shell_out("/bin/psql", "-U", "#{db_username_radius}", "-h", "#{db_hostname_radius}", - "-p", "#{db_port_radius}", "-t", "-c", "SELECT 'nas'::regclass;").error? || - shell_out("/bin/psql", "-U", "#{db_username_radius}", "-h", "#{db_hostname_radius}", - "-p", "#{db_port_radius}", "-t", "-c", "SELECT 'radacct'::regclass;").error? } + only_if do + shell_out('/bin/psql', '-U', "#{db_username_radius}", '-h', "#{db_hostname_radius}", + '-p', "#{db_port_radius}", '-t', '-c', "SELECT 'nas'::regclass;").error? || + shell_out('/bin/psql', '-U', "#{db_username_radius}", '-h', "#{db_hostname_radius}", + '-p', "#{db_port_radius}", '-t', '-c', "SELECT 'radacct'::regclass;").error? + end end template "#{config_dir}/sql.conf" do - source "freeradius_sql.conf.erb" - cookbook "freeradius" - owner "root" - group "root" - mode 0644 + source 'freeradius_sql.conf.erb' + cookbook 'freeradius' + owner 'root' + group 'root' + mode '0644' retries 2 - notifies :restart, "service[radiusd]", :delayed - variables( :db_name_radius => db_name_radius, :db_hostname_radius => db_hostname_radius, - :db_pass_radius => db_pass_radius, :db_username_radius => db_username_radius, - :db_port_radius => db_port_radius, :db_external_radius => db_external_radius) + notifies :restart, 'service[radiusd]', :delayed + variables(db_name_radius: db_name_radius, db_hostname_radius: db_hostname_radius, + db_pass_radius: db_pass_radius, db_username_radius: db_username_radius, + db_port_radius: db_port_radius, db_external_radius: db_external_radius) end template "#{config_dir}/modules/raw" do - source "freeradius_modules_raw.erb" - cookbook "freeradius" - owner "root" - group "root" - mode 0644 + source 'freeradius_modules_raw.erb' + cookbook 'freeradius' + owner 'root' + group 'root' + mode '0644' retries 2 - notifies :restart, "service[radiusd]", :delayed + notifies :restart, 'service[radiusd]', :delayed end template "#{config_dir}/sites-available/inner-tunnel" do - source "freeradius_inner-tunnel.erb" - cookbook "freeradius" - owner "root" - group "root" - mode 0644 + source 'freeradius_inner-tunnel.erb' + cookbook 'freeradius' + owner 'root' + group 'root' + mode '0644' retries 2 - notifies :restart, "service[radiusd]", :delayed + notifies :restart, 'service[radiusd]', :delayed end template "#{config_dir}/sites-available/dynamic-clients" do - source "freeradius_dynamic-clients.erb" - cookbook "freeradius" - owner "root" - group "root" - mode 0644 + source 'freeradius_dynamic-clients.erb' + cookbook 'freeradius' + owner 'root' + group 'root' + mode '0644' retries 2 - notifies :restart, "service[radiusd]", :delayed + notifies :restart, 'service[radiusd]', :delayed end - service "radiusd" do - service_name "radiusd" + service 'radiusd' do + service_name 'radiusd' ignore_failure true - supports :status => true, :reload => true, :restart => true + supports status: true, reload: true, restart: true action [:enable, :start] end - Chef::Log.info("Manager cookbook freeradius configuration has been processed.") - + Chef::Log.info('Manager cookbook freeradius configuration has been processed.') end action :remove do begin - service "radiusd" do - service_name "radiusd" - supports :status => true, :restart => true, :start => true, :enable => true, :disable => true + service 'radiusd' do + service_name 'radiusd' + supports status: true, restart: true, start: true, enable: true, disable: true action [:disable, :stop] end - Chef::Log.info("cookbook freeradius has been processed.") + Chef::Log.info('cookbook freeradius has been processed.') rescue => e Chef::Log.error(e.message) end end - -action :register do #Usually used to register in consul +action :register do begin - if !node["freeradius"]["registered"] + unless node['freeradius']['registered'] query = {} - query["ID"] = "freeradius-#{node["hostname"]}" - query["Name"] = "freeradius" - query["Address"] = "#{node["ipaddress"]}" - query["Port"] = 1812 + query['ID'] = "freeradius-#{node['hostname']}" + query['Name'] = 'freeradius' + query['Address'] = "#{node['ipaddress']}" + query['Port'] = 1812 json_query = Chef::JSONCompat.to_json(query) execute 'Register service in consul' do @@ -253,25 +252,25 @@ action :nothing end.run_action(:run) - node.normal["freeradius"]["registered"] = true + node.normal['freeradius']['registered'] = true end - Chef::Log.info("freeradius service has been registered in consul") + Chef::Log.info('freeradius service has been registered in consul') rescue => e Chef::Log.error(e.message) end end -action :deregister do #Usually used to deregister from consul +action :deregister do begin - if node["freeradius"]["registered"] + if node['freeradius']['registered'] execute 'Deregister service in consul' do - command "curl -X PUT http://localhost:8500/v1/agent/service/deregister/freeradius-#{node["hostname"]} &>/dev/null" + command "curl -X PUT http://localhost:8500/v1/agent/service/deregister/freeradius-#{node['hostname']} &>/dev/null" action :nothing end.run_action(:run) - node.normal["freeradius"]["registered"] = false + node.normal['freeradius']['registered'] = false end - Chef::Log.info("freeradius service has been deregistered from consul") + Chef::Log.info('freeradius service has been deregistered from consul') rescue => e Chef::Log.error(e.message) end From d50603879461d8268e5246f23ad3e6a136ca6083 Mon Sep 17 00:00:00 2001 From: Miguel Negron Date: Sat, 1 Jun 2024 21:28:54 +0100 Subject: [PATCH 7/9] lint recipes --- resources/recipes/default.rb | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/resources/recipes/default.rb b/resources/recipes/default.rb index 62bb96a..88a121f 100644 --- a/resources/recipes/default.rb +++ b/resources/recipes/default.rb @@ -1,12 +1,9 @@ -# -# Cookbook Name:: freeradius +# Cookbook:: freeradius # Recipe:: default -# -# redborder -# -# +# Copyright:: 2024, redborder +# License:: Affero General Public License, Version 3 -freeradius_config "config" do - name node["hostname"] +freeradius_config 'config' do + name node['hostname'] action :config_common end From 9e19d79038953b3a56be9aeb483013ee98e6606a Mon Sep 17 00:00:00 2001 From: Miguel Negron Date: Sat, 1 Jun 2024 21:29:04 +0100 Subject: [PATCH 8/9] lint resources --- resources/resources/config.rb | 18 ++++++++---------- 1 file changed, 8 insertions(+), 10 deletions(-) diff --git a/resources/resources/config.rb b/resources/resources/config.rb index 42dd48a..85164ac 100644 --- a/resources/resources/config.rb +++ b/resources/resources/config.rb @@ -1,14 +1,12 @@ -#Cookbook Name :: freeradius -# +# Cookbook:: freeradius # Resource:: config -# -actions :config_common, :config_manager, :remove , :register, :deregister +actions :config_common, :config_manager, :remove, :register, :deregister default_action :config_common -attribute :config_dir, :kind_of => String, :default => "/etc/raddb" -attribute :kafka_topic, :kind_of => String, :default => "rb_radius" -attribute :name, :kind_of => String, :default => "localhost" -attribute :ip, :kind_of => String, :default => "127.0.0.1" -attribute :flow_nodes, :kind_of => Array, :default => [] -attribute :mode, :kind_of => String, :default => "manager" +attribute :config_dir, kind_of: String, default: '/etc/raddb' +attribute :kafka_topic, kind_of: String, default: 'rb_radius' +attribute :name, kind_of: String, default: 'localhost' +attribute :ip, kind_of: String, default: '127.0.0.1' +attribute :flow_nodes, kind_of: Array, default: [] +attribute :mode, kind_of: String, default: 'manager' From 427d42c765954e93f8e7eb27482a3bccedae9935 Mon Sep 17 00:00:00 2001 From: JuanSheba Date: Mon, 3 Jun 2024 14:00:57 +0100 Subject: [PATCH 9/9] Release 0.0.5 --- CHANGELOG.md | 14 +++++++++++++- resources/metadata.rb | 2 +- 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 0316f9f..c1b354d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,18 @@ -freeradius CHANGELOG +cookbook-freeradius CHANGELOG =============== +## 0.0.5 + + - Miguel Negron + - [9e19d79] lint resources + - [d506038] lint recipes + - [722c45c] lint providers + - [679071e] lint libraries + - [3e63952] lint attributes + - [2ff458b] Update README.md + - [b4ece9c] Update rpm.yml + - [cf14abe] Update metadata.rb + 0.0.1 ----- [vimesa] diff --git a/resources/metadata.rb b/resources/metadata.rb index 789f54c..5bca765 100644 --- a/resources/metadata.rb +++ b/resources/metadata.rb @@ -3,4 +3,4 @@ maintainer_email 'git@redborder.com' license 'AGPL-3.0' description 'Installs/Configures cookbook-freeradius' -version '0.0.4' +version '0.0.5'