diff options
author | Endi Sukma Dewata <edewata@redhat.com> | 2012-12-18 14:46:41 -0500 |
---|---|---|
committer | Endi Sukma Dewata <edewata@redhat.com> | 2013-02-04 18:48:02 -0500 |
commit | 981ebcce84770c9d48e80fc9b5ffd2bbf8fd0816 (patch) | |
tree | f656b7b675c780fed7ddd4e301338cd6fe89b7b4 /base/deploy/src/pkispawn | |
parent | 3e0df521290e8159e36d1bdef52df297f20a809d (diff) | |
download | pki-981ebcce84770c9d48e80fc9b5ffd2bbf8fd0816.tar.gz pki-981ebcce84770c9d48e80fc9b5ffd2bbf8fd0816.tar.xz pki-981ebcce84770c9d48e80fc9b5ffd2bbf8fd0816.zip |
Added interactive subsystem installation.
The pkispawn has been modified such that the configuration file
and subsystem type are optional. The pkidestroy has been modified
such that the instance name and subsystem type are optional.
If any of these options are not specified they will enter an
interactive mode.
Ticket #380
Diffstat (limited to 'base/deploy/src/pkispawn')
-rwxr-xr-x | base/deploy/src/pkispawn | 128 |
1 files changed, 110 insertions, 18 deletions
diff --git a/base/deploy/src/pkispawn b/base/deploy/src/pkispawn index f64d79575..f03bc15a1 100755 --- a/base/deploy/src/pkispawn +++ b/base/deploy/src/pkispawn @@ -1,4 +1,4 @@ -#!/usr/bin/python -t +#!/usr/bin/python -tu # Authors: # Matthew Harmsen <mharmsen@redhat.com> # @@ -94,9 +94,9 @@ def main(argv): 'PKI Instance Installation and Configuration', log.PKISPAWN_EPILOG) - parser.mandatory.add_argument('-f', + parser.optional.add_argument('-f', dest='user_deployment_cfg', action='store', - nargs=1, required=True, metavar='<file>', + nargs=1, metavar='<file>', help='configuration filename ' '(MUST specify complete path)') @@ -109,12 +109,112 @@ def main(argv): config.default_deployment_cfg = config.PKI_DEPLOYMENT_DEFAULT_CONFIGURATION_FILE # -f <user deployment config> - config.user_deployment_cfg = str(args.user_deployment_cfg).strip('[\']') + if args.user_deployment_cfg is not None: + config.user_deployment_cfg = str(args.user_deployment_cfg).strip('[\']') # -u config.pki_update_flag = args.pki_update_flag parser.validate() + interactive = False + + while True: + + # -s <subsystem> + if args.pki_subsystem is None: + interactive = True + parser.indent = 0 + + config.pki_subsystem = parser.read_text('Subsystem (CA/KRA/OCSP/TKS)', + options=['CA', 'KRA', 'OCSP', 'TKS'], + default='CA', caseSensitive=False).upper() + print + else: + config.pki_subsystem = str(args.pki_subsystem).strip('[\']') + + parser.init_config() + + if config.user_deployment_cfg is None: + interactive = True + parser.indent = 2 + + print "Tomcat:" + parser.read_text('Instance', 'DEFAULT', 'pki_instance_name') + parser.read_text('HTTP port', config.pki_subsystem, 'pki_http_port') + parser.read_text('Secure HTTP port', config.pki_subsystem, 'pki_https_port') + parser.read_text('AJP port', config.pki_subsystem, 'pki_ajp_port') + parser.read_text('Management port', config.pki_subsystem, 'pki_tomcat_server_port') + print + + print "Administrator:" + parser.read_text('Username', config.pki_subsystem, 'pki_admin_uid') + + admin_password = parser.read_password( + 'Password', config.pki_subsystem, 'pki_admin_password', + verifyMessage='Verify password') + + parser.set_property(config.pki_subsystem, 'pki_backup_password', admin_password) + parser.set_property(config.pki_subsystem, 'pki_client_database_password', admin_password) + parser.set_property(config.pki_subsystem, 'pki_client_pkcs12_password', admin_password) + + if config.pki_master_dict['pki_import_admin_cert'] == 'True': + import_cert = 'Y' + else: + import_cert = 'N' + + import_cert = parser.read_text('Import certificate (Yes/No)', + default=import_cert, options=['Yes', 'Y', 'No', 'N'], + sign='?', caseSensitive=False).lower() + + if import_cert == 'y' or import_cert == 'yes': + parser.set_property(config.pki_subsystem, 'pki_import_admin_cert', 'True') + parser.read_text('Import certificate from', config.pki_subsystem, 'pki_admin_cert_file') + else: + parser.set_property(config.pki_subsystem, 'pki_import_admin_cert', 'False') + + parser.read_text('Export certificate to', config.pki_subsystem, 'pki_client_admin_cert') + print + + print "Directory Server:" + parser.read_text('Hostname', config.pki_subsystem, 'pki_ds_hostname') + parser.read_text('Port', config.pki_subsystem, 'pki_ds_ldap_port') + parser.read_text('Base DN', config.pki_subsystem, 'pki_ds_base_dn') + parser.read_text('Bind DN', config.pki_subsystem, 'pki_ds_bind_dn') + parser.read_password( + 'Password', config.pki_subsystem, 'pki_ds_password', + verifyMessage='Verify password') + print + + print "Security Domain:" + parser.read_text('Name', config.pki_subsystem, 'pki_security_domain_name') + + if config.pki_subsystem != "CA": + parser.read_text('Hostname', config.pki_subsystem, 'pki_security_domain_hostname') + parser.read_text('Secure HTTP port', config.pki_subsystem, 'pki_security_domain_https_port') + parser.read_text('Username', config.pki_subsystem, 'pki_security_domain_user') + parser.read_password( + 'Password', config.pki_subsystem, 'pki_security_domain_password', + verifyMessage='Verify password') + + print + + if interactive: + parser.indent = 0 + + begin = parser.read_text('Begin installation (Yes/No/Quit)', + options=['Yes', 'Y', 'No', 'N', 'Quit', 'Q'], + sign='?', allowEmpty=False, caseSensitive=False).lower() + print + + if begin == 'q' or begin == 'quit': + print "Installation canceled." + sys.exit(0) + + elif begin == 'y' or begin == 'yes': + break + + else: + break if not os.path.exists(config.PKI_DEPLOYMENT_SOURCE_ROOT +\ "/" + config.pki_subsystem.lower()): @@ -161,20 +261,6 @@ def main(argv): extra=config.PKI_INDENTATION_LEVEL_0) sys.exit(1) - # NEVER print out 'sensitive' name/value pairs!!! - config.pki_log.debug(log.PKI_DICTIONARY_DEFAULT, - extra=config.PKI_INDENTATION_LEVEL_0) - config.pki_log.debug(pkilogging.format(config.pki_default_dict), - extra=config.PKI_INDENTATION_LEVEL_0) - config.pki_log.debug(log.PKI_DICTIONARY_WEB_SERVER, - extra=config.PKI_INDENTATION_LEVEL_0) - config.pki_log.debug(pkilogging.format(config.pki_web_server_dict), - extra=config.PKI_INDENTATION_LEVEL_0) - config.pki_log.debug(log.PKI_DICTIONARY_SUBSYSTEM, - extra=config.PKI_INDENTATION_LEVEL_0) - config.pki_log.debug(pkilogging.format(config.pki_subsystem_dict), - extra=config.PKI_INDENTATION_LEVEL_0) - # Read in the PKI slots configuration file. parser.compose_pki_slots_dictionary() config.pki_log.debug(log.PKI_DICTIONARY_SLOTS, @@ -184,6 +270,7 @@ def main(argv): # Combine the various sectional dictionaries into a PKI master dictionary parser.compose_pki_master_dictionary() + if not config.pki_update_flag: config.pki_master_dict['pki_spawn_log'] = config.pki_log_dir + "/" +\ config.pki_log_name @@ -195,6 +282,8 @@ def main(argv): config.pki_log.debug(pkilogging.format(config.pki_master_dict), extra=config.PKI_INDENTATION_LEVEL_0) + print "Installing " + config.pki_subsystem + " into " + config.pki_master_dict['pki_instance_path'] + "." + # Process the various "scriptlets" to create the specified PKI subsystem. pki_subsystem_scriptlets = config.pki_master_dict['spawn_scriplets'].split() rv = 0 @@ -214,6 +303,9 @@ def main(argv): config.pki_log.debug(pkilogging.format(config.pki_master_dict), extra=config.PKI_INDENTATION_LEVEL_0) + print + print "Installation complete." + # PKI Deployment Entry Point if __name__ == "__main__": |