Commit graph

554 commits

Author SHA1 Message Date
az
c78cf8e3bf lift ensureSudoWithoutPassword into task to avoid disconnect 2023-04-12 17:05:54 +02:00
az
2a5f0d95fb Revert "[skip ci] Revert "[skip ci] refactor for ssh does not need to reconnect after user is sudoer without pw required""
This reverts commit 9334f0ae92.
2023-04-12 16:54:11 +02:00
az
9334f0ae92 [skip ci] Revert "[skip ci] refactor for ssh does not need to reconnect after user is sudoer without pw required"
This reverts commit cdb4281c72.
2023-04-12 09:20:12 +02:00
az
cdb4281c72 [skip ci] refactor for ssh does not need to reconnect after user is sudoer without pw required 2023-04-11 18:16:25 +02:00
az
b36f2f965a Merge branch 'master' into MEIS-2538--make-sudo-in-application 2023-04-11 18:01:28 +02:00
az
8e2c5e13a6 [skip ci] add installation of python packages for pybuilder 2023-04-06 17:58:19 +02:00
az
54b4d3075c [skip ci] remove redundant firefox installation 2023-04-05 21:02:10 +02:00
az
332978cfa1 [skip ci] add comment 2023-04-05 18:54:08 +02:00
az
29b8a99655 [skip ci] remove unnecessary output line in case of <<returned result>> 2023-04-05 18:49:08 +02:00
az
3aeeacfebf [skip ci] add tests test_verifySpecConfig_fails & test_verifySpecConfig_succeeds 2023-04-03 17:39:00 +02:00
az
b00783dd73 [skip ci] add newline before eof 2023-04-02 10:05:32 +02:00
az
2667a7c64f [skip ci] add meld to office desktop 2023-04-02 09:59:51 +02:00
az
c9a7eb4142 add failure result to output if not yet included 2023-04-01 11:56:36 +02:00
az
075fe6cae1 pinning version of kubectl 2023-03-31 20:31:18 +02:00
az
44deb79865 [skip ci] update rsa fingerprint github 2023-03-31 20:30:54 +02:00
az
587e978d63 [skip ci] fix test_configureSsh 2023-03-26 21:56:59 +02:00
az
e35caca49a [skip ci] disable very long running tests for desktop setup and remove 1 test 2023-03-26 19:49:16 +02:00
az
0d66421506 [skip ci] recreate defaultTestContainer if not running 2023-03-26 19:32:31 +02:00
az
64471e9e3f [skip ci] remove redundant tag 2023-03-26 19:30:28 +02:00
az
1497d390f6 [skip ci] refactor ensureSudoWithoutPassword to application layer 2023-03-20 18:22:47 +01:00
az
52641f8665 Merge branch 'master' into local-sudoer-without-pw 2023-02-26 20:03:58 +01:00
az
804bfd0040 refactor CliUtils.kt 2023-02-26 20:01:47 +01:00
az
df2a47bb6a [skip ci] improve error message when failing ssh connection 2023-02-26 19:49:45 +01:00
az
a06d47ff30 [skip ci] remove sudo without password check from UbuntuProv 2023-02-26 19:48:25 +01:00
az
8bb2e6e950 [skip ci] simplify and rename retrievePassword 2023-02-26 19:39:54 +01:00
az
082c0827e3 [skip ci] make makeUserSudoerWithoutPasswordRequired taskWithResult 2023-02-26 19:32:44 +01:00
az
bf36a6283c [skip ci] set ssh connection timeout 2023-02-26 19:28:38 +01:00
az
c72e40fb65 [skip ci] enlarge password prompt window 2023-02-26 19:25:14 +01:00
az
482280574b [skip ci] rename makeUserSudoerWithoutPasswordRequired 2023-02-26 19:18:25 +01:00
az
10a750fbf9 [skip ci] remove parameter remoteHostSetSudoWithoutPasswordRequired 2023-02-26 19:15:23 +01:00
az
d6d42c0733 [skip ci] add DesktopCliParsingSequence.md 2023-02-24 17:07:59 +01:00
az
61320b5dbe exclude NonCi tests from ci 2023-02-23 22:39:34 +01:00
az
f672624928 Merge branch 'master' into local-sudoer-without-pw 2023-02-23 21:10:42 +01:00
az
1d42089ca3 remove unsafe-operators 2023-02-16 18:53:58 +01:00
az
836dc3ca2a [skip ci] remove unsafe-operator 2023-02-16 18:39:04 +01:00
az
3a38109c1d [skip ci] remove unsafe-operator 2023-02-16 18:37:53 +01:00
az
113313f60a [skip ci] remove unsafe-operator 2023-02-16 18:30:22 +01:00
az
93425a0f83 [skip ci] improve layout 2023-02-16 18:25:18 +01:00
az
eb04e84007 remove unsafe-operator and nullable parameter 2023-02-16 18:24:07 +01:00
az
05e648abe6 remove unsafe-operator 2023-02-16 18:04:49 +01:00
az
592dc53cc7 [skip ci] rename parameter sudo in createUser 2023-02-15 19:02:32 +01:00
az
1cfe32bd08 rename and fix currentUserCanSudoWithoutPassword 2023-02-15 18:54:18 +01:00
az
b5d64095f4 Merge branch 'master' into local-sudoer-without-pw 2023-02-15 18:42:15 +01:00
a1192f4382 Fix DefaultConfigFileRepo Test 2023-02-10 12:49:16 +01:00
69fe472971 Fix CliArgumentParserTest 2023-02-10 10:18:45 +01:00
18c081893a Validate Application File 2023-02-10 08:47:52 +00:00
d7ad34bb83 Check the application.yaml for errors 2023-02-07 08:41:04 +00:00
az
1fecfedeca [skip ci] correct getConfig_fails_due_to_missing_file 2023-02-05 15:58:03 +01:00
az
ee1fe720f6 Merge branch 'master' into local-sudoer-without-pw 2023-02-05 14:31:08 +01:00
az
2e87791ec7 [skip ci] make getConfig public 2023-02-05 14:22:24 +01:00
az
b0b63b1b4e [skip ci] remove comment 2023-02-02 21:16:32 +01:00
860dcb2fd8 Read password from stdin
Add warning to password prompt.
2023-02-01 11:36:53 +01:00
az
b25729e910 [skip ci] add local check for sudo 2023-02-01 09:41:06 +01:00
az
c7ea95fbd4 [skip ci] fix DesktopServiceKtTest.kt 2023-01-31 19:08:48 +01:00
az
921fda2d91 [skip ci] update DesktopServiceKtTest.kt 2023-01-31 19:06:09 +01:00
bom
5a40884543 Add Layer 2 advertisement for IPAddressPools 2023-01-20 10:50:53 +01:00
252bf48d3d [Skip-CI] WIP start test-container with correct user 2023-01-18 09:33:28 +01:00
az
6537058ecf branch initial commit 2023-01-18 09:10:19 +01:00
bom
4db72d4962 Update metallb configs to use CRDs 2023-01-06 11:13:15 +01:00
bom
48136fdc14 Remove metallb namespace file
This is already included in the manifest
2023-01-06 09:45:09 +01:00
Clemens
8a4b1b5212 use new metallb version 2022-12-16 15:15:13 +01:00
18f40610c9 [Skip-CI] Add prometheus and native manifest 2022-12-15 12:38:51 +01:00
bf436bf846 [Skip-CI] Change cliConvenience behaviour
Only provision when reprovision option is not set.
2022-11-30 13:29:05 +01:00
542ad28ca1 [Skip-CI] Provide a useful default .vimrc
Set system vim as editor for kubernetes, thus
using the .vimrc.
2022-11-30 13:22:14 +01:00
Pat Dyn
805fe029dc Merge branch 'config-file-check' into 'master'
Check for config file existence

See merge request domaindrivenarchitecture/provs!2
2022-11-30 09:28:12 +00:00
c9b3c2a1eb [skip ci] mv Config file tests to config test package 2022-11-30 10:25:54 +01:00
az
546f2faf3a [skip ci] add tests DefaultConfigFileRepository.kt 2022-11-30 09:56:15 +01:00
b61efd097f review question 2022-11-25 21:29:31 +01:00
85b999245b Merge branch 'master' of gitlab.com:domaindrivenarchitecture/provs 2022-11-25 21:24:19 +01:00
cf6d2cb885 add additional tunel to connect 2022-11-25 21:23:58 +01:00
az
e2fbfc05e3 use sudo for set env deployment 2022-11-25 16:20:03 +01:00
az
8d8b68cd44 make k3s apply functions public 2022-11-25 16:16:52 +01:00
az
7d1c40800a fix missing reprovion in method provisionK3s 2022-11-25 16:14:28 +01:00
ed33c1b0c2 add one additional private address-pool 2022-11-25 13:15:54 +01:00
0ef50ea233 Refactor into configuration package
Implement existence check in k3sService.
2022-11-23 15:03:02 +01:00
5cf191568e Introduce check for config file 2022-11-23 14:41:10 +01:00
az
874cd7ee22 add downloadGopassBridge and installGopassBridgeJsonApi to IDE installation 2022-11-08 18:57:24 +01:00
az
0d11749db1 trim newline suffix of gopass secret 2022-11-08 18:49:56 +01:00
fe83442708 fix k3s scripts 2022-11-04 12:47:26 +01:00
az
30a4e99660 trim config fileName 2022-10-13 18:30:24 +02:00
762f9889b1 Update package bundles 2022-10-04 13:22:53 +02:00
az
71a3f778c8 [skip ci] change default syspec config to syspec-office-config.yaml 2022-09-15 19:17:47 +02:00
az
e689e1c8c4 fix logic of syspec verifications for desktop types ide and office if onlyModules are null as well as are not 2022-09-15 18:42:55 +02:00
az
00a94342d8 fix path of syspec resource files for ide and office verification 2022-09-15 18:42:55 +02:00
az
4dcbc448ff add missing class SshKeyPair 2022-09-10 16:48:34 +02:00
az
a4bb1d228c add recognition of ssh key type to determine ssh file names 2022-09-10 16:41:36 +02:00
az
552c6e9445 [skip ci] move provisionFirewall 2022-09-09 15:59:28 +02:00
az
7355f9f51d [skip ci] remove some extensions 2022-09-09 15:50:25 +02:00
ff4acea461 [skip ci] Refactor submodule -> onlyModule 2022-09-09 13:56:21 +02:00
az
db84284f8c [skip ci] refactoring method names and reprovision logic 2022-09-09 13:32:17 +02:00
503ca3dee4 Merge branch 'reprovision-cli-option'
# Conflicts:
#	src/main/kotlin/org/domaindrivenarchitecture/provs/server/application/CliArgumentsParser.kt
#	src/main/kotlin/org/domaindrivenarchitecture/provs/server/domain/k3s/K3sCliCommand.kt
#	src/main/kotlin/org/domaindrivenarchitecture/provs/server/domain/k3s/K3sService.kt
2022-09-06 13:57:19 +02:00
4f78ddbc00 Update Files 2022-09-06 13:49:23 +02:00
8e83cf11d0 Refactor reprovisioning options
Moved config reprovision check to provisionK3s as it does not
influence the provisionNetwork() function.
Reprovisioning from CLI now overrides reprovisioning from config.
2022-09-06 13:16:26 +02:00
7d091f8ada Merge branch 'master' of gitlab.com:domaindrivenarchitecture/provs 2022-09-05 17:53:13 +02:00
3323e50a43 Added VERIFY option for ide and office
-o verify can now be used with provs.
Also added an -o firefox option for convenience.
2022-09-05 17:49:06 +02:00
az
756b29006c [skip ci] fix format of result for s3 object verification in syspec 2022-09-01 21:06:40 +02:00
az
a7cf154695 [skip ci] replace real file in test by resource file 2022-09-01 21:02:06 +02:00
az
f7e67625f0 add spec for s3 objects to syspec 2022-09-01 20:49:28 +02:00
9b66ea038d Refactoring non semantic function names 2022-09-01 17:31:34 +02:00
89bd841b4d Update execution mode of gopass_wrapper.sh
ux -> Ux.
This at least scrubs environment variables before executing the script.
For px and cx we would need to create a profile for gopass_wrapper.sh.
ix inherits the firefox profile, which leads to errors.
2022-09-01 14:31:49 +02:00
ef2e5c6cb7 Clarify usage options print
Update subcommand validation.
2022-09-01 14:00:07 +02:00
aeba7f221a Add installFirefox() to provisionBasicDesktop() 2022-09-01 12:56:53 +02:00
az
a17d63e1a5 make enableGopassWrapperShForFirefox working not only for local execution 2022-08-31 19:11:51 +02:00
az
4bd919f4a2 [skip ci] replace string concatenation 2022-08-31 19:07:43 +02:00
az
acd42c63c6 refactor checkLocalFile 2022-08-31 18:53:20 +02:00
99590c2dd6 [skip-ci] Allow execution of gopass_wrapper.sh
Firefox wasn't allowed to execute the gopass_wrapper.sh in Ubuntu 22.04.
Explicitly adding it to the Apparmor firefox profile solves this.
Lower jsonApiVersion.
2022-08-31 15:11:44 +02:00
ee48355b9f [skip-ci] Allow execution of gopass_wrapper.sh
Firefox wasn't allowed to execute the gopass_wrapper.sh in Ubuntu 22.04.
Explicitly adding it to the Apparmor firefox profile solves this.
Lower jsonApiVersion.
2022-08-31 15:06:34 +02:00
az
ed8e86e758 remove check if config file exists from ServerCliCommand 2022-08-30 17:36:31 +02:00
az
8767716908 add FirefoxKtTest.kt 2022-08-30 17:15:33 +02:00
e428287790 [skip-ci] Add firefox from ppa installation 2022-08-30 16:14:07 +02:00
az
5a7e5a8535 Merge branch 'master' into improve-input-validation
# Conflicts:
#	src/main/kotlin/org/domaindrivenarchitecture/provs/server/application/CliArgumentsParser.kt
#	src/main/kotlin/org/domaindrivenarchitecture/provs/server/domain/k3s/K3sCliCommand.kt
#	src/main/kotlin/org/domaindrivenarchitecture/provs/server/domain/k3s/K3sService.kt
2022-08-30 15:40:28 +02:00
cfe5d48b8e Refactorings 2022-08-30 15:25:44 +02:00
7940d29169 [skip-ci] Remove reprovision cli option 2022-08-26 11:07:37 +02:00
05821540fe Refactoring of input validation
Move application file validation to provisionK3s.
Add an ApplicationFileRepository. Also unit tests for the functions.
2022-08-26 10:52:45 +02:00
1ad357ba44 mob 2022-08-26 09:30:27 +02:00
d9d8678b82 [skip-ci] Add todo messages. 2022-08-25 16:50:47 +02:00
83f86db0d1 [skip-ci] Update README and gopass versions
A few clarifications in the readme.
Also updated versions of gopassJsonAPI and gopassBridge.
Clarified variable name.
2022-08-25 16:15:50 +02:00
17a814a11a Move reprovision cmd line option to new branch 2022-08-24 13:21:43 +02:00
az
2525e0f2bb refactor DesktopType 2022-08-21 13:23:04 +02:00
az
4cc1ce756a resolve unsafe operator 2022-08-21 13:06:49 +02:00
46b822d4cd Review 2022-08-18 17:38:35 +02:00
949fe0c1af Correct server type check
Checking the serverType/subcommand from string input.
Before the check was done after parsing string input,
when an unknown server type was entered a "Too many
arguments!" error was issued due to the parser falsely
interpreting the input.
2022-08-17 15:32:38 +02:00
81350db43d Update command flow
Catch invalid server type befor creating provInstance
2022-08-17 14:46:46 +02:00
6e2d669af5 Prepare for improve of input validation
We now check application and config files before starting provisioning
process. We also check serverType and target validity before starting.
This happens in unified manner in the main function.
2022-08-17 14:05:17 +02:00
77351933fe Prepare for add cli option
-r or --reprovision for convenience
2022-08-16 15:20:19 +02:00
az
1d61273fe2 change test provisionIDEDesktop from container test to manual integration test 2022-07-30 10:44:44 +02:00
c2237c8721 Moved traefik middleware 2022-07-29 14:35:33 +00:00
bom
a36d25e02d Update default shared-ip value 2022-07-22 13:10:12 +02:00
f43b06f7ba Change externalTrafficPolicy
From Local to Cluster.
2022-07-22 10:17:36 +02:00
1e33fcd9fb Update Annotations
Consider correct syntax for helm charts.
Change IP-Address range back to single address.
2022-07-22 09:56:09 +02:00
9fb30341de Update traefik template
Enable multiple loadBalancerIPs for metallb.
Apply the traefik template.
2022-07-21 16:58:49 +02:00
bom
3d385fa8ac Use node_ipv4 in traefik
As we are now using NodePools with more than one IP this ensures that the traefik and subsequently ingresses always have the IP-Address associated with the DNS entry and not a randomly selected one.
2022-07-21 16:08:13 +02:00
bom
a5eebfbf22 Use valid ipv4 CIDR ranges 2022-07-21 15:13:13 +02:00
az
f7628101af [skip ci] refactor installNextcloudClient in own file - fix 2022-07-20 19:42:52 +02:00
az
4a3a25e21c [skip ci] refactor installNextcloudClient in own file 2022-07-20 19:42:16 +02:00
az
751d315299 rename provisionBaseDesktop to provisionBasicDesktop 2022-07-20 18:37:13 +02:00
830a93a468 release 2022-07-18 19:02:39 +02:00
21f22916b2 rename & minor refactoring 2022-07-18 09:29:25 +02:00
bom
7e1c25fc32 Add tests for ssh.kt 2022-07-13 11:33:30 +02:00
bom
93933af0d0 Invert check for ssh hardening config
configureSsh() was never actually doing anything, as the hardening config does not exist in a default ssh setup.
2022-07-13 10:56:44 +02:00
az
a94cbc24b0 rename task lambda from "task" to "taskLambda" 2022-07-11 22:34:22 +02:00
0378e0cf4a enabled other domain names 2022-07-08 16:15:10 +02:00
bom
9e1ae05c12 Configure ssh while provisioning K3s 2022-07-08 13:07:38 +02:00
bom
72ed2951ee Update ssh.kt with all files 2022-07-08 13:04:55 +02:00
bom
942b7ab3a9 Move ssh configs 2022-07-08 13:03:40 +02:00
d8865839a1 Merge remote-tracking branch 'origin/master' 2022-07-08 12:20:05 +02:00
14e98a84d3 Added sshd configure. 2022-07-08 12:19:50 +02:00
bom
51c2ce31ab Add config files for ssh hardening 2022-07-08 10:41:15 +02:00
42376c7e69 Removed python3.8 from installPython3
Using python3 prefix uses latest python version for current distro.
Ensures compatibility with later versions of Ubuntu.
2022-07-07 13:08:20 +02:00
az
e85be4cc20 optimize defaultTestContainer startup 2022-07-06 21:26:47 +02:00