cac-1.0.3 -> cac-api-1.1.0
This commit is contained in:
tv
parent
cdb590be50
commit
5bc7523bb5
|
|
@ -1,12 +1,12 @@
|
|||
{ stdenv, fetchgit, bc, coreutils, curl, gnused, inotifyTools, jq, ncurses, sshpass, ... }:
|
||||
|
||||
stdenv.mkDerivation {
|
||||
name = "cac-1.0.3";
|
||||
name = "cac-api-1.1.0";
|
||||
|
||||
src = fetchgit {
|
||||
url = http://cgit.cd.retiolum/cac;
|
||||
rev = "22acc1b990ac7d97c16344fbcbc2621e24cdf915";
|
||||
sha256 = "135b740617c983b3f46a1983d4744be17340d5146a0a0de0dff4bb7a53688f2f";
|
||||
url = http://cgit.cd.krebsco.de/cac-api;
|
||||
rev = "0809fae379239687ed1170e04311dc2880ef0aba";
|
||||
sha256 = "357ced27c9ed88028967c934178a1d230bf38617a7494cd4632fabdd2a04fcdd";
|
||||
};
|
||||
|
||||
phases = [
|
||||
|
|
@ -29,11 +29,9 @@ stdenv.mkDerivation {
|
|||
in
|
||||
''
|
||||
mkdir -p $out/bin
|
||||
|
||||
sed < ./cac > $out/bin/cac '
|
||||
s;^_cac_main .*;PATH=${path}''${PATH+:$PATH} &;
|
||||
'
|
||||
|
||||
chmod +x $out/bin/cac
|
||||
cp cac-api $out/bin/cac-api
|
||||
sed -i '
|
||||
s;^_cac_cli_main .*;PATH=${path}''${PATH+:$PATH} &;
|
||||
' $out/bin/cac-api
|
||||
'';
|
||||
}
|
||||
|
|
@ -1,4 +1,4 @@
|
|||
{ stdenv, coreutils,makeWrapper, cac, cacpanel, gnumake, gnused, jq, openssh, ... }:
|
||||
{ stdenv, coreutils,makeWrapper, cac-api, cacpanel, gnumake, gnused, jq, openssh, ... }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "${shortname}-${version}";
|
||||
|
|
@ -14,7 +14,7 @@ stdenv.mkDerivation rec {
|
|||
|
||||
path = stdenv.lib.makeSearchPath "bin" [
|
||||
coreutils
|
||||
cac
|
||||
cac-api
|
||||
cacpanel
|
||||
gnumake
|
||||
gnused
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
#! /bin/sh
|
||||
|
||||
# nix-shell -p gnumake jq openssh cac cacpanel
|
||||
# nix-shell -p gnumake jq openssh cac-api cacpanel
|
||||
set -eufx
|
||||
|
||||
# 2 secrets are required:
|
||||
|
|
@ -47,15 +47,15 @@ export cac_secrets=$sec_file
|
|||
cac-cli --config $krebs_cred panel add-api-ip
|
||||
|
||||
# test login:
|
||||
cac update
|
||||
cac servers
|
||||
cac-api update
|
||||
cac-api servers
|
||||
|
||||
# preserve old trap
|
||||
old_trapstr=$(clear_defer)
|
||||
while true;do
|
||||
# Template 26: CentOS7
|
||||
# TODO: use cac templates to determine the real Centos7 template in case it changes
|
||||
out=$(cac build cpu=1 ram=512 storage=10 os=26 2>&1)
|
||||
# TODO: use cac-api templates to determine the real Centos7 template in case it changes
|
||||
out=$(cac-api build cpu=1 ram=512 storage=10 os=26 2>&1)
|
||||
if name=$(echo "$out" | jq -r .servername);then
|
||||
id=servername:$name
|
||||
echo "got a working machine, id=$id"
|
||||
|
|
@ -67,15 +67,15 @@ while true;do
|
|||
fi
|
||||
|
||||
clear_defer >/dev/null
|
||||
defer "cac delete $id"
|
||||
defer "cac-api delete $id"
|
||||
|
||||
# TODO: timeout?
|
||||
|
||||
wait_login_cac(){
|
||||
# we wait for 30 minutes
|
||||
for t in `seq 180`;do
|
||||
# now we have a working cac server
|
||||
if cac ssh $1 -o ConnectTimeout=10 \
|
||||
# now we have a working cac-api server
|
||||
if cac-api ssh $1 -o ConnectTimeout=10 \
|
||||
cat /etc/redhat-release | \
|
||||
grep CentOS ;then
|
||||
return 0
|
||||
|
|
@ -87,7 +87,7 @@ while true;do
|
|||
# die on timeout
|
||||
if ! wait_login_cac $id;then
|
||||
echo "unable to boot a working system within time frame, retrying..." >&2
|
||||
echo "Cleaning up old image,last status: $(cac update;cac getserver $id | jq -r .status)"
|
||||
echo "Cleaning up old image,last status: $(cac-api update;cac-api getserver $id | jq -r .status)"
|
||||
eval "$(clear_defer | sed 's/;exit//')"
|
||||
sleep 15
|
||||
else
|
||||
|
|
@ -96,17 +96,17 @@ while true;do
|
|||
fi
|
||||
done
|
||||
clear_defer >/dev/null
|
||||
defer "cac delete $id;$old_trapstr"
|
||||
defer "cac-api delete $id;$old_trapstr"
|
||||
|
||||
mkdir -p shared/2configs/temp
|
||||
cac generatenetworking $id > \
|
||||
cac-api generatenetworking $id > \
|
||||
shared/2configs/temp/networking.nix
|
||||
# new temporary ssh key we will use to log in after infest
|
||||
ssh-keygen -f $krebs_ssh -N ""
|
||||
cp $retiolum_key $krebs_secrets/retiolum.rsa_key.priv
|
||||
# we override the directories for secrets and stockholm
|
||||
# additionally we set the ssh key we generated
|
||||
ip=$(cac getserver $id | jq -r .ip)
|
||||
ip=$(cac-api getserver $id | jq -r .ip)
|
||||
|
||||
cat > shared/2configs/temp/dirs.nix <<EOF
|
||||
_: {
|
||||
|
|
@ -123,18 +123,18 @@ EOF
|
|||
|
||||
LOGNAME=shared make eval get=krebs.infest \
|
||||
target=derp system=test-centos7 filter=json \
|
||||
| sed -e "s#^ssh.*<<#cac ssh $id<<#" \
|
||||
-e "/^rsync/a -e 'cac ssh $id' \\\\" \
|
||||
| sed -e "s#^ssh.*<<#cac-api ssh $id<<#" \
|
||||
-e "/^rsync/a -e 'cac-api ssh $id' \\\\" \
|
||||
-e "s#root.derp:#:#" > $krebs_secrets/infest
|
||||
sh -x $krebs_secrets/infest
|
||||
|
||||
# TODO: generate secrets directory $krebs_secrets for nix import
|
||||
cac powerop $id reset
|
||||
cac-api powerop $id reset
|
||||
|
||||
wait_login(){
|
||||
# timeout
|
||||
for t in `seq 90`;do
|
||||
# now we have a working cac server
|
||||
# now we have a working cac-api server
|
||||
if ssh -o StrictHostKeyChecking=no \
|
||||
-o UserKnownHostsFile=/dev/null \
|
||||
-i $krebs_ssh \
|
||||
|
|
|
|||
|
|
@ -43,7 +43,7 @@ with lib;
|
|||
# tv
|
||||
bc
|
||||
bind # dig
|
||||
cac
|
||||
cac-api
|
||||
dic
|
||||
file
|
||||
get
|
||||
|
|
|
|||
|
|
@ -22,8 +22,8 @@ let
|
|||
|
||||
public-repos = mapAttrs make-public-repo ({
|
||||
} // mapAttrValues (setAttr "section" "1. Miscellaneous") {
|
||||
cac = {
|
||||
desc = "CloudAtCost command line interface";
|
||||
cac-api = {
|
||||
desc = "CloudAtCost API command line interface";
|
||||
};
|
||||
get = {};
|
||||
hack = {};
|
||||
|
|
|
|||
Loading…
Reference in a new issue