Gateone manifests

deployment/puppet/nailgun/manifests/gateone.pp

@@ -0,0 +1,120 @@
+class nailgun::gateone (
+  $pip_opts = "",
+){
+
+  $venv = "/opt/gateone"
+  $venv_opts = "--system-site-packages"
+  $root = $venv
+
+  nailgun::venv::venv { $venv:
+    ensure => "present",
+    venv => $venv,
+    opts => $venv_opts,
+    require => Package["python-virtualenv"],
+    pip_opts => $pip_opts,
+  }
+
+  nailgun::venv::pip { "tornado":
+    package => "tornado==3.0",
+    opts => $pip_opts,
+    venv => $venv,
+    require => [
+      Nailgun::Venv::Venv[$venv],
+    ]
+  }
+
+  nailgun::venv::pip { "ordereddict":
+    package => "ordereddict",
+    opts => $pip_opts,
+    venv => $venv,
+    require => [
+      Nailgun::Venv::Venv[$venv],
+    ]
+  }
+
+  nailgun::venv::pip { "gateone":
+    package => "gateone",
+    opts => "${pip_opts} --install-option=\"--prefix=${venv}\"",
+    venv => $venv,
+    require => [
+      Nailgun::Venv::Pip['tornado'],
+      Nailgun::Venv::Pip['ordereddict'],
+    ]
+  }->
+  
+  file { "${venv}/gateone/settings/10server.conf":
+    content => template("nailgun/gateone/10server.conf.erb"),
+    owner => 'root',
+    group => 'root',
+    mode => 0644,
+    require => [
+        Nailgun::Venv::Pip['gateone'],
+    ],
+  }
+
+  file { "${venv}/gateone/settings/50terminal.conf":
+    content => template("nailgun/gateone/50terminal.conf.erb"),
+    owner => 'root',
+    group => 'root',
+    mode => 0644,
+    require => [
+        Nailgun::Venv::Pip['gateone'],
+    ],
+  }
+
+  file { "${venv}/gateone/applications/terminal/plugins/ssh/scripts/ssh_connect.py":
+    mode => 755,
+    require => [
+        Nailgun::Venv::Pip['gateone'],
+    ],
+  }
+
+  service { "gateone":
+    ensure => "running",
+    enable => true,
+    require => File['/etc/init.d/gateone'],
+  }
+
+  file { "/etc/init.d/gateone":
+    content => template("nailgun/gateone/init.erb"),
+    owner => 'root',
+    group => 'root',
+    require => [
+        Nailgun::Venv::Pip['gateone'],
+    ],
+    mode => 0755,
+  }
+
+  file { [ "${venv}/users/", "${venv}/users/ANONYMOUS/",
+           "${venv}/users/ANONYMOUS/.ssh"
+         ]:
+    ensure => "directory",
+    require => [
+      Nailgun::Venv::Venv[$venv],
+    ],
+  }
+
+  file { "${venv}/users/ANONYMOUS/.ssh/config":
+    content => template("nailgun/gateone/config.erb"),
+    owner => 'root',
+    group => 'root',
+    mode => 0644,
+  } 
+
+  file { "${venv}/users/ANONYMOUS/.ssh/.default_ids":
+    content => template("nailgun/gateone/default_ids.erb"),
+    owner => 'root',
+    group => 'root',
+    mode => 0644,
+  } -> 
+
+  exec { "create_gateone_key":
+    command => "cp /root/.ssh/*rsa* ${venv}/users/ANONYMOUS/.ssh/",
+    onlyif => "test -f /root/.ssh/id_rsa",
+  } ->
+
+  exec { "generate_bootstrap_public_key":
+    command => "ssh-keygen -f ${venv}/users/ANONYMOUS/.ssh/bootstrap.rsa -y \
+                    > ${venv}/users/ANONYMOUS/.ssh/bootstrap.rsa.pub",
+  }
+}

deployment/puppet/nailgun/manifests/init.pp

@@ -177,6 +177,10 @@ class nailgun(
 
   class { "nailgun::logrotate": }
 
+  class { "nailgun::gateone":
+    pip_opts => "${pip_index} ${pip_find_links}",
+  }
+
   nailgun::sshkeygen { "/root/.ssh/id_rsa":
     homedir => "/root",
     username => "root",

deployment/puppet/nailgun/templates/gateone/10server.conf.erb

@@ -0,0 +1,42 @@
+// This is Gate One's main settings file.
+{
+    // "gateone" server-wide settings fall under "*"
+    "*": {
+        "gateone": { // These settings apply to all of Gate One
+            "address": "",
+            "ca_certs": null,
+            "cache_dir": "/tmp/gateone_cache",
+            "certificate": "certificate.pem",
+            "combine_css": "",
+            "combine_css_container": "#gateone",
+            "combine_js": "",
+            "cookie_secret": "MWY1ODcyMTRkNjllNGI5NjgwOTlkOTE4MDE5OTUxMjM0N",
+            "debug": false,
+            "disable_ssl": true,
+            "embedded": false,
+            "enable_unix_socket": false,
+            "gid": "nobody",
+            "https_redirect": false,
+            "js_init": "{showToolbar: false}",
+            "keyfile": "keyfile.pem",
+            "locale": "en_US",
+            "log_file_max_size": 100000000,
+            "log_file_num_backups": 10,
+            "log_file_prefix": "<%= venv %>/logs/webserver.log",
+            "log_to_stderr": null,
+            "logging": "info",
+            "origins": ["*"],
+            "pid_file": "/tmp/gateone.pid",
+            "port": 2443,
+            "session_dir": "/tmp/gateone",
+            "session_timeout": "5d",
+            "syslog_facility": "daemon",
+            "syslog_host": null,
+            "uid": "nobody",
+            "unix_socket_path": "/tmp/gateone.sock",
+            "url_prefix": "/",
+            "user_dir": "<%= venv %>/users",
+            "user_logs_max_age": "30d"
+        }
+    }
+}

deployment/puppet/nailgun/templates/gateone/50terminal.conf.erb

@@ -0,0 +1,14 @@
+// This is Gate One's Terminal application settings file.
+{
+    // "*" means "apply to all users" or "default"
+    "*": {
+        "terminal": { // These settings apply to the "terminal" application
+            "commands": {"SSH": "<%= venv %>/gateone/applications/terminal/plugins/ssh/scripts/ssh_connect.py -S '%SESSION_DIR%/%SESSION%/%SHORT_SOCKET%' --sshfp -a '-oUserKnownHostsFile=\\\"%USERDIR%/%USER%/.ssh/known_hosts\\\"'"},
+            "default_command": "SSH",
+            "dtach": false,
+            "session_logging": true,
+            "session_logs_max_age": "30d",
+            "syslog_session_logging": false
+        }
+    }
+}

deployment/puppet/nailgun/templates/gateone/config.erb

@@ -0,0 +1,3 @@
+Host *
+    StrictHostKeyChecking no
+    UserKnownHostsFile /dev/null

deployment/puppet/nailgun/templates/gateone/default_ids.erb

@@ -0,0 +1,2 @@
+id_rsa
+bootstrap.rsa

deployment/puppet/nailgun/templates/gateone/init.erb

@@ -0,0 +1,86 @@
+#!/bin/bash
+#
+# gateone      Start/Stop Gate One.
+#
+# chkconfig: 2345 55 25
+# description: Gate One is a web-based terminal emulator and SSH client.
+#
+# processname: gateone.py
+# config: /opt/gateone/server.conf
+# pidfile: /var/run/gateone.pid
+#
+
+# Source function library
+. /etc/init.d/functions
+
+# Get network config
+. /etc/sysconfig/network
+
+RETVAL=0
+
+GATEONE_DIR=<%= venv %>/gateone
+GATEONE_PID=/var/run/gateone.pid
+GATEONE_OPTS="--pid_file=${GATEONE_PID}"
+PYTHON=<%= venv %>/bin/python
+
+# Check that networking is up.
+[ "$NETWORKING" = "no" ] && exit 0
+
+start() {
+    echo -n $"Starting Gate One: "
+    # Start me up!
+    daemon "nohup $PYTHON ${GATEONE_DIR}/gateone.py ${GATEONE_OPTS} > /dev/null 2>&1 &"
+    RETVAL=$?
+    echo
+    [ $RETVAL -eq 0 ] && touch /var/lock/subsys/gateone
+    return $RETVAL
+}
+
+stop() {
+    echo -n $"Stopping Gate One: "
+    killproc -p ${GATEONE_PID}
+    RETVAL=$?
+    echo
+    [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/gateone
+    return $RETVAL
+}
+
+restart() {
+    stop
+    start
+}
+
+reload() {
+    stop
+    start
+}
+
+case "$1" in
+  start)
+      start
+    ;;
+  stop)
+      stop
+    ;;
+  status)
+    status gateone.py
+    ;;
+  restart)
+      restart
+    ;;
+  condrestart)
+      [ -f /var/lock/subsys/gateone ] && restart || :
+    ;;
+  reload)
+    reload
+    ;;
+  killterms)
+    echo "Killing all running Gate One terminals..."
+    $PYTHON ${GATEONE_DIR}/gateone.py --kill
+    ;;
+  *)
+    echo $"Usage: $0 {start|stop|status|restart|condrestart|reload|killterms}"
+    exit 1
+esac
+
+exit $?