Metaconfig

From T2B Wiki
Jump to navigation Jump to search

How to use ncm-metaconfig : complete example

The official documentation can be found here.

Here is an example ready to be included into a machine profile for test purposes : 

# first, you need to deploy the tt file on the machine
# (the standard way is to include tt files in the the ncm-metaconfig rpm....)
variable CONTENTS = <<EOF;
name = {
[% FILTER indent -%]
hosts = [% hosts.join(',') %]
port = [% port %]
master = [% master ? "TRUE" : "FALSE" %]
description = "[% description %]"
[%     IF option.defined -%]
option = "[% option %]"
[%     END -%]
[% END -%]
}
EOF
'/software/components/filecopy/services' = npush(
	escape('/usr/share/templates/quattor/metaconfig/example/main.tt'), nlist('config', CONTENTS, 'perms', '0644')
);

# below, the real metaconfig work
include 'components/metaconfig/config';
include 'metaconfig/example/config';
prefix '/software/components/metaconfig/services/{/etc/example/exampled.conf}/contents';
'hosts' = list('server1', 'server3');
'port' = 800;
'master' = false;
'description' = 'My example';

# the tt file must be created before ncm-metaconfig runs
'/software/components/metaconfig/dependencies/pre' = push('filecopy');

For this example to work, you need a directory metaconfig/example in your site, with the following content :

  • config.pan :
unique template metaconfig/example/config;

include {'metaconfig/example/schema'};


bind "/software/components/metaconfig/services/{/etc/example/exampled.conf}/contents" = example_service;

prefix "/software/components/metaconfig/services/{/etc/example/exampled.conf}";
"daemon" = list("exampled");
"module" = "example/main";
  • schema.pan :
declaration template metaconfig/example/schema;

include { 'pan/types' };

type example_service = {
    'hosts' :  type_hostname[]
    'port' : type_port
    'master' : boolean
    'description' : string
    'option' ? string
};


Configure a INI-like file with metaconfig: example

A pan template like this (sites/iihe-production/config/fail2ban/ssh.pan) 

include 'components/metaconfig/config';

prefix '/software/components/metaconfig/services/{/etc/fail2ban/jail.d/ssh.conf}';
'mode' = 0644;
'owner' = 'root';
'group' = 'root';
'module' = 'tiny';

prefix '/software/components/metaconfig/services/{/etc/fail2ban/jail.d/ssh.conf}/contents';
'ssh-iptables/enabled' = 'true';
'ssh-iptables/filter' = 'sshd';
'ssh-iptables/action' = 'iptables[name=SSH, port=ssh, protocol=tcp]';
'ssh-iptables/logpath' = '/var/log/secure';
'ssh-iptables/maxretry' = '5';
'ssh-iptables/findtime' = '1800';


will give : 

[ssh-iptables]                                                                                                                 
action=iptables[name=SSH, port=ssh, protocol=tcp]
enabled=true
filter=sshd
findtime=1800
logpath=/var/log/secure
maxretry=5
Retrieved from ‘https://t2bwiki.iihe.ac.be/index.php?title=Metaconfig&oldid=886