summaryrefslogtreecommitdiffstats
path: root/ipaserver/install/server/replicainstall.py
diff options
context:
space:
mode:
Diffstat (limited to 'ipaserver/install/server/replicainstall.py')
-rw-r--r--ipaserver/install/server/replicainstall.py224
1 files changed, 49 insertions, 175 deletions
diff --git a/ipaserver/install/server/replicainstall.py b/ipaserver/install/server/replicainstall.py
index adff9284e..79bbcda59 100644
--- a/ipaserver/install/server/replicainstall.py
+++ b/ipaserver/install/server/replicainstall.py
@@ -33,6 +33,8 @@ from ipaserver.install.installutils import create_replica_config
from ipaserver.install.replication import (
ReplicationManager, replica_conn_check)
+from .common import BaseServer
+
DIRMAN_DN = DN(('cn', 'directory manager'))
@@ -653,145 +655,78 @@ def install(installer):
remove_replica_info_dir(installer)
-class ReplicaCA(common.Installable, core.Group, core.Composite):
- description = "certificate system"
-
- no_pkinit = Knob(
- bool, False,
- description="disables pkinit setup steps",
- )
-
- skip_schema_check = Knob(
- bool, False,
- description="skip check for updated CA DS schema on the remote master",
- )
-
-
-class ReplicaDNS(common.Installable, core.Group, core.Composite):
- description = "DNS"
-
- setup_dns = Knob(
- bool, False,
- description="configure bind with our zone",
- )
-
- forwarders = Knob(
- (list, 'ip'), None,
- description=("Add a DNS forwarder. This option can be used multiple "
- "times"),
- cli_name='forwarder',
- )
-
- no_forwarders = Knob(
- bool, False,
- description="Do not add any DNS forwarders, use root servers instead",
- )
-
- reverse_zones = Knob(
- (list, str), [],
- description=("The reverse DNS zone to use. This option can be used "
- "multiple times"),
- cli_name='reverse-zone',
- cli_metavar='REVERSE_ZONE',
- )
-
- no_reverse = Knob(
- bool, False,
- description="Do not create new reverse DNS zone",
- )
-
- no_dnssec_validation = Knob(
- bool, False,
- description="Disable DNSSEC validation",
- )
-
- no_host_dns = Knob(
- bool, False,
- description="Do not use DNS for hostname lookup during installation",
- )
-
- no_dns_sshfp = Knob(
- bool, False,
- description="do not automatically create DNS SSHFP records",
- )
-
-
-class Replica(common.Installable, common.Interactive, core.Composite):
+class Replica(BaseServer):
replica_file = Knob(
str, None,
description="a file generated by ipa-replica-prepare",
)
- setup_ca = Knob(
- bool, False,
- initializable=False,
- description="configure a dogtag CA",
- )
+ realm_name = None
+ domain_name = None
- setup_kra = Knob(
- bool, False,
- initializable=False,
- description="configure a dogtag KRA",
- )
+ setup_ca = Knob(BaseServer.setup_ca)
+ setup_kra = Knob(BaseServer.setup_kra)
+ setup_dns = Knob(BaseServer.setup_dns)
ip_addresses = Knob(
- (list, 'ip-local'), None,
+ BaseServer.ip_addresses,
description=("Replica server IP Address. This option can be used "
"multiple times"),
- cli_name='ip-address',
- cli_metavar='IP_ADDRESS',
)
- password = Knob(
- str, None,
- sensitive=True,
+ dm_password = Knob(
+ BaseServer.dm_password,
description="Directory Manager (existing master) password",
- cli_short_name='p',
+ cli_name='password',
+ cli_metavar='PASSWORD',
)
admin_password = Knob(
- str, None,
- sensitive=True,
+ BaseServer.admin_password,
description="Admin user Kerberos password used for connection check",
cli_short_name='w',
)
- mkhomedir = Knob(
- bool, False,
- description="create home directories for users on their first login",
- )
-
- no_ntp = Knob(
- bool, False,
- description="do not configure ntp",
- cli_short_name='N',
- )
-
- no_ui_redirect = Knob(
- bool, False,
- description="Do not automatically redirect to the Web UI",
- )
-
- ssh_trust_dns = Knob(
- bool, False,
- description="configure OpenSSH client to trust DNS SSHFP records",
- )
-
- no_ssh = Knob(
- bool, False,
- description="do not configure OpenSSH client",
- )
-
- no_sshd = Knob(
- bool, False,
- description="do not configure OpenSSH server",
- )
+ mkhomedir = Knob(BaseServer.mkhomedir)
+ host_name = None
+ no_host_dns = Knob(BaseServer.no_host_dns)
+ no_ntp = Knob(BaseServer.no_ntp)
+ no_pkinit = Knob(BaseServer.no_pkinit)
+ no_ui_redirect = Knob(BaseServer.no_ui_redirect)
+ ssh_trust_dns = Knob(BaseServer.ssh_trust_dns)
+ no_ssh = Knob(BaseServer.no_ssh)
+ no_sshd = Knob(BaseServer.no_sshd)
+ no_dns_sshfp = Knob(BaseServer.no_dns_sshfp)
skip_conncheck = Knob(
bool, False,
description="skip connection check to remote master",
)
+ # ca
+ external_ca = None
+ external_ca_type = None
+ external_cert_files = None
+ dirsrv_cert_files = None
+ http_cert_files = None
+ pkinit_cert_files = None
+ dirsrv_pin = None
+ http_pin = None
+ pkinit_pin = None
+ dirsrv_cert_name = None
+ http_cert_name = None
+ pkinit_cert_name = None
+ ca_cert_files = None
+ subject = None
+ ca_signing_algorithm = None
+
+ # dns
+ dnssec_master = None
+ disable_dnssec_master = None
+ kasp_db_file = None
+ force = None
+ zonemgr = None
+
def __init__(self, **kwargs):
super(Replica, self).__init__(**kwargs)
@@ -799,8 +734,6 @@ class Replica(common.Installable, common.Interactive, core.Composite):
self._config = None
self._update_hosts_file = False
- #pylint: disable=no-member
-
if self.replica_file is None:
raise RuntimeError(
"you must provide a file generated by ipa-replica-prepare")
@@ -808,69 +741,10 @@ class Replica(common.Installable, common.Interactive, core.Composite):
raise RuntimeError(
"Replica file %s does not exist" % self.replica_file)
- if not self.dns.setup_dns:
- if self.dns.forwarders:
- raise RuntimeError(
- "You cannot specify a --forwarder option without the "
- "--setup-dns option")
- if self.dns.no_forwarders:
- raise RuntimeError(
- "You cannot specify a --no-forwarders option without the "
- "--setup-dns option")
- if self.dns.reverse_zones:
- raise RuntimeError(
- "You cannot specify a --reverse-zone option without the "
- "--setup-dns option")
- if self.dns.no_reverse:
- raise RuntimeError(
- "You cannot specify a --no-reverse option without the "
- "--setup-dns option")
- if self.dns.no_dnssec_validation:
- raise RuntimeError(
- "You cannot specify a --no-dnssec-validation option "
- "without the --setup-dns option")
- elif self.dns.forwarders and self.dns.no_forwarders:
- raise RuntimeError(
- "You cannot specify a --forwarder option together with "
- "--no-forwarders")
- elif not self.dns.forwarders and not self.dns.no_forwarders:
- raise RuntimeError(
- "You must specify at least one --forwarder option or "
- "--no-forwarders option")
- elif self.dns.reverse_zones and self.dns.no_reverse:
- raise RuntimeError(
- "You cannot specify a --reverse-zone option together with "
- "--no-reverse")
-
- # Automatically disable pkinit w/ dogtag until that is supported
- self.ca.no_pkinit = True
-
- self.external_ca = False
- self.external_cert_files = None
- self.no_pkinit = self.ca.no_pkinit
- self.skip_schema_check = self.ca.skip_schema_check
-
- self.setup_dns = self.dns.setup_dns
- self.forwarders = self.dns.forwarders
- self.no_forwarders = self.dns.no_forwarders
- self.reverse_zones = self.dns.reverse_zones
- self.no_reverse = self.dns.no_reverse
- self.no_dnssec_validation = self.dns.no_dnssec_validation
- self.dnssec_master = False
- self.disable_dnssec_master = False
- self.kasp_db_file = None
- self.force = False
- self.zonemgr = None
- self.no_host_dns = self.dns.no_host_dns
- self.no_dns_sshfp = self.dns.no_dns_sshfp
-
- self.unattended = not self.interactive
+ self.password = self.dm_password
@step()
def main(self):
install_check(self)
yield
install(self)
-
- ca = core.Component(ReplicaCA)
- dns = core.Component(ReplicaDNS)
generated by cgit (git 2.34.1) at 2024-05-07 15:47:04 +0000