diff options
author | Matthew Harmsen <mharmsen@redhat.com> | 2012-05-04 20:29:35 -0700 |
---|---|---|
committer | Matthew Harmsen <mharmsen@redhat.com> | 2012-05-07 11:28:10 -0700 |
commit | 391d345b5a6a1a905e3db4105a65dd4fdd0d19a9 (patch) | |
tree | cf73a152055f6bbc217c42bf8a8f0396ab3fd3dd /base/deploy/src/scriptlets/subsystem_layout.py | |
parent | 9ad4d60592fdc37ae89672c29859b8463e183718 (diff) | |
download | pki-391d345b5a6a1a905e3db4105a65dd4fdd0d19a9.tar.gz pki-391d345b5a6a1a905e3db4105a65dd4fdd0d19a9.tar.xz pki-391d345b5a6a1a905e3db4105a65dd4fdd0d19a9.zip |
PKI Deployment Scriptlets
* Re-aligned code to account for revised layout documented at
http://pki.fedoraproject.org/wiki/PKI_Instance_Deployment
* Massaged logic to comply with PKI subsystem running within
a shared instance
* Developed code to take advantage of a single shared NSS security
database model
* Completed the following two 'scriptlets':
* Dogtag 10: Python 'slot_assignment.py' Installation Scriptlet
(https://fedorahosted.org/pki/ticket/146)
* Dogtag 10: Python 'security_databases.py' Installation Scriptlet
(https://fedorahosted.org/pki/ticket/136)
* Created several additional PKI deployment helper utilities.
Diffstat (limited to 'base/deploy/src/scriptlets/subsystem_layout.py')
-rw-r--r-- | base/deploy/src/scriptlets/subsystem_layout.py | 72 |
1 files changed, 46 insertions, 26 deletions
diff --git a/base/deploy/src/scriptlets/subsystem_layout.py b/base/deploy/src/scriptlets/subsystem_layout.py index b71fe39f0..7dc347167 100644 --- a/base/deploy/src/scriptlets/subsystem_layout.py +++ b/base/deploy/src/scriptlets/subsystem_layout.py @@ -36,29 +36,38 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): extra=config.PKI_INDENTATION_LEVEL_1) # establish instance-based subsystem base util.directory.create(master['pki_subsystem_path']) - if master['pki_subsystem'] == "CA": - util.directory.copy(master['pki_source_emails'], - master['pki_subsystem_emails_path']) - util.directory.copy(master['pki_source_profiles'], - master['pki_subsystem_profiles_path']) # establish instance-based subsystem logs util.directory.create(master['pki_subsystem_log_path']) if master['pki_subsystem'] in config.PKI_SIGNED_AUDIT_SUBSYSTEMS: util.directory.create(master['pki_subsystem_signed_audit_log_path']) # establish instance-based subsystem configuration - util.directory.copy(master['pki_source_conf'], - master['pki_subsystem_configuration_path']) + util.directory.create(master['pki_subsystem_configuration_path']) + # util.directory.copy(master['pki_source_conf_path'], + # master['pki_subsystem_configuration_path']) # establish instance-based subsystem registry util.directory.create(master['pki_subsystem_registry_path']) - # establish convenience symbolic links - util.symlink.create(master['pki_database_path'], + # establish instance-based Apache/Tomcat specific subsystems + if master['pki_subsystem'] in config.PKI_TOMCAT_SUBSYSTEMS: + # establish instance-based Tomcat PKI subsystem base + if master['pki_subsystem'] == "CA": + util.directory.copy(master['pki_source_emails'], + master['pki_subsystem_emails_path']) + util.directory.copy(master['pki_source_profiles'], + master['pki_subsystem_profiles_path']) + # establish instance-based Tomcat PKI subsystem logs + # establish instance-based Tomcat PKI subsystem configuration + # establish instance-based Tomcat PKI subsystem registry + # establish instance-based Tomcat PKI subsystem convenience + # symbolic links + util.symlink.create(master['pki_tomcat_webapps_path'], + master['pki_subsystem_tomcat_webapps_link']) + # establish instance-based subsystem convenience symbolic links + util.symlink.create(master['pki_webserver_database_link'], master['pki_subsystem_database_link']) util.symlink.create(master['pki_subsystem_configuration_path'], - master['pki_subsystem_configuration_link']) + master['pki_subsystem_conf_link']) util.symlink.create(master['pki_subsystem_log_path'], master['pki_subsystem_logs_link']) - util.symlink.create(master['pki_webapps_path'], - master['pki_subsystem_webapps_link']) return self.rv def respawn(self): @@ -66,28 +75,37 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): extra=config.PKI_INDENTATION_LEVEL_1) # update instance-based subsystem base util.directory.modify(master['pki_subsystem_path']) - if master['pki_subsystem'] == "CA": - util.directory.copy(master['pki_source_emails'], - master['pki_subsystem_emails_path'], - overwrite_flag=True) - util.directory.copy(master['pki_source_profiles'], - master['pki_subsystem_profiles_path'], - overwrite_flag=True) # update instance-based subsystem logs util.directory.modify(master['pki_subsystem_log_path']) if master['pki_subsystem'] in config.PKI_SIGNED_AUDIT_SUBSYSTEMS: util.directory.modify(master['pki_subsystem_signed_audit_log_path']) # update instance-based subsystem configuration - util.directory.copy(master['pki_source_conf'], - master['pki_subsystem_configuration_path'], - overwrite_flag=True) + util.directory.modify(master['pki_subsystem_configuration_path']) + # util.directory.copy(master['pki_source_conf_path'], + # master['pki_subsystem_configuration_path']) + # overwrite_flag=True) # update instance-based subsystem registry util.directory.modify(master['pki_subsystem_registry_path']) - # update convenience symbolic links + # establish instance-based Apache/Tomcat specific subsystems + if master['pki_subsystem'] in config.PKI_TOMCAT_SUBSYSTEMS: + # update instance-based Tomcat PKI subsystem base + if master['pki_subsystem'] == "CA": + util.directory.copy(master['pki_source_emails'], + master['pki_subsystem_emails_path'], + overwrite_flag=True) + util.directory.copy(master['pki_source_profiles'], + master['pki_subsystem_profiles_path'], + overwrite_flag=True) + # update instance-based Tomcat PKI subsystem logs + # update instance-based Tomcat PKI subsystem configuration + # update instance-based Tomcat PKI subsystem registry + # update instance-based Tomcat PKI subsystem convenience + # symbolic links + util.symlink.modify(master['pki_subsystem_tomcat_webapps_link']) + # update instance-based subsystem convenience symbolic links util.symlink.modify(master['pki_subsystem_database_link']) - util.symlink.modify(master['pki_subsystem_configuration_link']) + util.symlink.modify(master['pki_subsystem_conf_link']) util.symlink.modify(master['pki_subsystem_logs_link']) - util.symlink.modify(master['pki_subsystem_webapps_link']) return self.rv def destroy(self): @@ -95,10 +113,12 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): extra=config.PKI_INDENTATION_LEVEL_1) # remove instance-based subsystem base if master['pki_subsystem'] == "CA": - util.directory.delete(master['pki_subsystem_profiles_path']) util.directory.delete(master['pki_subsystem_emails_path']) + util.directory.delete(master['pki_subsystem_profiles_path']) util.directory.delete(master['pki_subsystem_path']) # remove instance-based subsystem logs + if master['pki_subsystem'] in config.PKI_SIGNED_AUDIT_SUBSYSTEMS: + util.directory.delete(master['pki_subsystem_signed_audit_log_path']) util.directory.delete(master['pki_subsystem_log_path']) # remove instance-based subsystem configuration util.directory.delete(master['pki_subsystem_configuration_path']) |