diff options
author | Jan Cholasta <jcholast@redhat.com> | 2016-11-09 12:49:25 +0100 |
---|---|---|
committer | Jan Cholasta <jcholast@redhat.com> | 2016-11-11 12:17:25 +0100 |
commit | 225fae841882832668c0842479ab11c89dfcd1a5 (patch) | |
tree | af76795a090a5a367fbeba8c3e5a3f8ae8600184 /ipaserver/install/server/replicainstall.py | |
parent | a8fdb8de8248fe24f382e44b05293405b0b309ac (diff) | |
download | freeipa-225fae841882832668c0842479ab11c89dfcd1a5.tar.gz freeipa-225fae841882832668c0842479ab11c89dfcd1a5.tar.xz freeipa-225fae841882832668c0842479ab11c89dfcd1a5.zip |
install: migrate server installers to the new class hierarchy
Migrate ipa-server-install and ipa-replica-install from the old installer
classes to the new installer class hierarchy classes.
https://fedorahosted.org/freeipa/ticket/6392
Reviewed-By: Martin Basti <mbasti@redhat.com>
Diffstat (limited to 'ipaserver/install/server/replicainstall.py')
-rw-r--r-- | ipaserver/install/server/replicainstall.py | 199 |
1 files changed, 25 insertions, 174 deletions
diff --git a/ipaserver/install/server/replicainstall.py b/ipaserver/install/server/replicainstall.py index 537f7dfbd..6d618b6cb 100644 --- a/ipaserver/install/server/replicainstall.py +++ b/ipaserver/install/server/replicainstall.py @@ -4,7 +4,6 @@ from __future__ import print_function -import collections from distutils.version import LooseVersion import dns.exception as dnsexception import dns.name as dnsname @@ -20,8 +19,6 @@ import six from ipapython import ipaldap, ipautil, sysrestore from ipapython.dn import DN -from ipapython.install.common import step -from ipapython.install.core import Knob from ipapython.ipa_log_manager import root_logger from ipapython.admintool import ScriptError from ipaplatform import services @@ -48,11 +45,11 @@ import SSSDConfig from subprocess import CalledProcessError from binascii import hexlify -from .common import BaseServer - if six.PY3: unicode = str +NoneType = type(None) + def get_dirman_password(): return installutils.read_password("Directory Manager (existing master)", @@ -1440,173 +1437,27 @@ def install(installer): services.knownservices.ipa.enable() -class Replica(BaseServer): - replica_file = Knob( - str, None, - description="a file generated by ipa-replica-prepare", - cli_positional=True, - cli_name='replica_file', - ) - - setup_ca = Knob(BaseServer.setup_ca) - setup_kra = Knob(BaseServer.setup_kra) - setup_dns = Knob(BaseServer.setup_dns) - - ip_addresses = Knob( - BaseServer.ip_addresses, - description=("Replica server IP Address. This option can be used " - "multiple times"), - ) - - dm_password = None - - password = Knob( - BaseServer.dm_password, - description=("Password to join the IPA realm. Assumes bulk password " - "unless principal is also set. (domain level 1+)\n" - "Directory Manager (existing master) password. " - "(domain level 0)"), - ) - - admin_password = Knob( - BaseServer.admin_password, - description="Kerberos password for the specified admin principal", - cli_short_name='w', - ) - - server = Knob( - str, None, - description="fully qualified name of IPA server to enroll to", - ) - - mkhomedir = Knob(BaseServer.mkhomedir) - no_host_dns = Knob(BaseServer.no_host_dns) - no_ntp = Knob(BaseServer.no_ntp) - no_pkinit = Knob(BaseServer.no_pkinit) - no_ui_redirect = Knob(BaseServer.no_ui_redirect) - ssh_trust_dns = Knob(BaseServer.ssh_trust_dns) - no_ssh = Knob(BaseServer.no_ssh) - no_sshd = Knob(BaseServer.no_sshd) - no_dns_sshfp = Knob(BaseServer.no_dns_sshfp) - - skip_conncheck = Knob( - bool, False, - description="skip connection check to remote master", - ) +def init(installer): + installer.unattended = not installer.interactive + installer.promote = installer.replica_file is None - principal = Knob( - str, None, - sensitive=True, - description="User Principal allowed to promote replicas " - "and join IPA realm", - cli_short_name='P', - ) - - keytab = Knob( - str, None, - description="path to backed up keytab from previous enrollment", - cli_short_name='k', - ) - - promote = False - - # ca - external_ca = None - external_ca_type = None - external_cert_files = None - ca_cert_files = None - subject = None - ca_signing_algorithm = None - - # dns - dnssec_master = None - disable_dnssec_master = None - kasp_db_file = None - force = None - zonemgr = None - - def __init__(self, **kwargs): - super(Replica, self).__init__(**kwargs) - - self._ccache = os.environ.get('KRB5CCNAME') - - self._top_dir = None - self._config = None - self._update_hosts_file = False - self._dirsrv_pkcs12_file = None - self._http_pkcs12_file = None - self._pkinit_pkcs12_file = None - self._dirsrv_pkcs12_info = None - self._http_pkcs12_info = None - self._pkinit_pkcs12_info = None - - # pylint: disable=no-member - - cert_file_req = (self.ca.dirsrv_cert_files, self.ca.http_cert_files) - cert_file_opt = (self.ca.pkinit_cert_files,) - - if self.replica_file is None: - self.promote = True - - if self.principal and not self.admin_password: - self.admin_password = self.password - self.password = None - - # If any of the PKCS#12 options are selected, all are required. - if any(cert_file_req + cert_file_opt) and not all(cert_file_req): - raise RuntimeError("--dirsrv-cert-file and --http-cert-file " - "are required if any PKCS#12 options are " - "used") - - if self.server and not self.domain_name: - raise RuntimeError("The --server option cannot be used " - "without providing domain via the --domain " - "option") - - else: - if not ipautil.file_exists(self.replica_file): - raise RuntimeError("Replica file %s does not exist" - % self.replica_file) - - if any(cert_file_req + cert_file_opt): - raise RuntimeError("You cannot specify any of " - "--dirsrv-cert-file, --http-cert-file, or " - "--pkinit-cert-file together with replica " - "file") - - CLIKnob = collections.namedtuple('CLIKnob', ('value', 'name')) - - conflicting_knobs = ( - CLIKnob(self.realm_name, '--realm'), - CLIKnob(self.domain_name, '--domain'), - CLIKnob(self.host_name, '--hostname'), - CLIKnob(self.server, '--server'), - CLIKnob(self.principal, '--principal'), - ) - - if any([k.value is not None for k in conflicting_knobs]): - conflicting_knob_names = [ - knob.name for knob in conflicting_knobs - if knob.value is not None - ] - - raise RuntimeError( - "You cannot specify '{0}' option(s) with replica file." - .format(", ".join(conflicting_knob_names)) - ) - - if self.setup_dns: - if (not self.dns.forwarders and not self.dns.no_forwarders - and not self.dns.auto_forwarders): - raise RuntimeError( - "You must specify at least one of --forwarder, " - "--auto-forwarders, or --no-forwarders options") - - @step() - def main(self): - if self.promote: - promote_check(self) - else: - install_check(self) - yield - install(self) + if installer.servers: + installer.server = installer.servers[0] + else: + installer.server = None + if installer.replica_file is None: + installer.password = installer.host_password + else: + installer.password = installer.dm_password + + installer._ccache = os.environ.get('KRB5CCNAME') + + installer._top_dir = None + installer._config = None + installer._update_hosts_file = False + installer._dirsrv_pkcs12_file = None + installer._http_pkcs12_file = None + installer._pkinit_pkcs12_file = None + installer._dirsrv_pkcs12_info = None + installer._http_pkcs12_info = None + installer._pkinit_pkcs12_info = None |