Commit 7e224c67 authored by Nolan's avatar Nolan

Make provisioners write stamp files.

This lets the make file detect failed provisions.
parent d9abf447
......@@ -16,30 +16,35 @@ build/server_data.vdi:
qemu-img convert -f vvfat -O vdi fat:32:build/empty $@
@VBoxManage internalcommands sethduuid $@ 11111111-99aa-0000-8899-aabbccddeeff
#XXX "set -e" in provisioners, and touch a provisioned stamp at the end. Fail the target if it is not there.
#XXX Get deps right to reprovision VMs w/ files change? Probably need explicit "provision" targets...
#XXX Touch "VM running" stamps, and add vagrant triggers so destroy removes them.
INET=build/.inet
INET=build/stamp/inet
inet: $(INET)
$(INET):
@mkdir -p build/stamp
vagrant up inet
@test -f $@ || ( echo "provisioning $(notdir $@) failed" && false )
BOUNDERY=build/.boundery
BOUNDERY=build/stamp/boundery.me
boundery: $(BOUNDERY)
$(BOUNDERY): $(INET)
@mkdir -p build/stamp
vagrant up boundery.me
@test -f $@ || ( echo "provisioning $(notdir $@) failed" && false )
ROUTER=build/.router
ROUTER=build/stamp/router
router: $(ROUTER)
$(ROUTER):
@mkdir -p build/stamp
vagrant up router
@test -f $@ || ( echo "provisioning $(notdir $@) failed" && false )
CLIENT=build/.client
CLIENT=build/stamp/client
client: $(CLIENT)
$(CLIENT): $(ROUTER) $(INET) build/server.vmdk
@mkdir -p build/stamp
vagrant up client
@test -f $@ || ( echo "provisioning $(notdir $@) failed" && false )
BOUNDERY_SSHCONF=build/boundery.sshconf
boundery-sshconf: $(BOUNDERY_SSHCONF)
......@@ -49,7 +54,7 @@ $(BOUNDERY_SSHCONF): $(BOUNDERY)
vagrant ssh boundery.me -c 'sudo cp -r .ssh /root/'
upload-central: $(BOUNDERY) $(BOUNDERY_SSHCONF)
@test $(CENTRAL_SRC) || ( echo 'set CENTRAL_SRC' && false)
@test $(CENTRAL_SRC) || ( echo 'set CENTRAL_SRC' && false )
vagrant ssh boundery.me -c '[ -f /usr/local/share/ca-certificates/pebble.minica.crt ]'
vagrant upload $(CENTRAL_SRC)/setupserver /tmp/setupserver boundery.me
vagrant ssh boundery.me -c 'echo fakepasswd | sudo /tmp/setupserver'
......@@ -57,7 +62,7 @@ upload-central: $(BOUNDERY) $(BOUNDERY_SSHCONF)
#XXX Change client/image uploads to use make deploy just like upload-central.
upload-linux: $(BOUNDERY) $(BOUNDERY_SSHCONF)
@test $(CLIENT_SRC) || ( echo 'set CLIENT_SRC' && false)
@test $(CLIENT_SRC) || ( echo 'set CLIENT_SRC' && false )
vagrant ssh boundery.me -c '[ -f /usr/local/share/ca-certificates/pebble.minica.crt ]'
make -C $(CLIENT_SRC) linux
vagrant ssh boundery.me -c 'sudo mkdir -p /root/data/sslnginx/html/clients'
......@@ -65,7 +70,7 @@ upload-linux: $(BOUNDERY) $(BOUNDERY_SSHCONF)
root@boundery.me:/root/data/sslnginx/html/clients/
upload-windows: $(BOUNDERY) $(BOUNDERY_SSHCONF)
@test $(CLIENT_SRC) || ( echo 'set CLIENT_SRC' && false)
@test $(CLIENT_SRC) || ( echo 'set CLIENT_SRC' && false )
vagrant ssh boundery.me -c '[ -f /usr/local/share/ca-certificates/pebble.minica.crt ]'
make -C $(CLIENT_SRC) windows
vagrant ssh boundery.me -c 'sudo mkdir -p /root/data/sslnginx/html/clients'
......@@ -73,7 +78,7 @@ upload-windows: $(BOUNDERY) $(BOUNDERY_SSHCONF)
root@boundery.me:/root/data/sslnginx/html/clients/
upload-macos: $(BOUNDERY) $(BOUNDERY_SSHCONF)
@test $(CLIENT_SRC) || ( echo 'set CLIENT_SRC' && false)
@test $(CLIENT_SRC) || ( echo 'set CLIENT_SRC' && false )
vagrant ssh boundery.me -c '[ -f /usr/local/share/ca-certificates/pebble.minica.crt ]'
make -C $(CLIENT_SRC) macos
vagrant ssh boundery.me -c 'sudo mkdir -p /root/data/sslnginx/html/clients'
......@@ -81,7 +86,7 @@ upload-macos: $(BOUNDERY) $(BOUNDERY_SSHCONF)
root@boundery.me:/root/data/sslnginx/html/clients/
upload-pczip: $(BOUNDERY) $(BOUNDERY_SSHCONF)
@test $(OS_SRC) || ( echo 'set OS_SRC' && false)
@test $(OS_SRC) || ( echo 'set OS_SRC' && false )
vagrant ssh boundery.me -c '[ -f /usr/local/share/ca-certificates/pebble.minica.crt ]'
make -C $(OS_SRC) pc_zip
vagrant ssh boundery.me -c 'sudo mkdir -p /root/data/sslnginx/html/images'
......@@ -89,7 +94,7 @@ upload-pczip: $(BOUNDERY) $(BOUNDERY_SSHCONF)
root@boundery.me:/root/data/sslnginx/html/images/
upload-rpi3zip: $(BOUNDERY) $(BOUNDERY_SSHCONF)
@test $(OS_SRC) || ( echo 'set OS_SRC' && false)
@test $(OS_SRC) || ( echo 'set OS_SRC' && false )
vagrant ssh boundery.me -c '[ -f /usr/local/share/ca-certificates/pebble.minica.crt ]'
make -C $(OS_SRC) rpi3_zip
vagrant ssh boundery.me -c 'sudo mkdir -p /root/data/sslnginx/html/images'
......
......@@ -12,6 +12,12 @@ Vagrant.configure("2") do |config|
vb.linked_clone = true
end
config.trigger.after :destroy do |trigger|
trigger.ruby do |env, machine|
`rm -f build/stamp/#{machine.name}`
end
end
################# SIMULATED INTERNET #################
config.vm.define "inet" do |inet|
inet.vm.hostname = "inet"
......@@ -20,6 +26,8 @@ Vagrant.configure("2") do |config|
inet.vm.network "private_network", ip: "30.0.1.1",
virtualbox__intnet: "boundery_inet"
inet.vm.provision "shell", inline: <<-SHELL
set -e
sudo apt-get update
sudo apt-get install -y --no-install-recommends python3-dnslib dnsutils socat netsed
......@@ -28,12 +36,6 @@ Vagrant.configure("2") do |config|
sudo cp /vagrant/inet/intercept.py /usr/local/sbin/
#https://github.com/hal/testsuite.next/blob/master/how-run-pebble.md
#docker run --rm -it -v `pwd`:/output modedemploi/minica \
# -ca-cert pebble.minica.pem -ca-key pebble.minica.key.pem \
# -domains acme-v02.api.letsencrypt.org,acme-staging-v02.api.letsencrypt.org,localhost \
# -ip-addresses 30.0.0.1,30.0.1.1,127.0.0.1
#sudo chown -R ...
if ! [ -x /usr/local/sbin/pebble ]; then
sudo wget https://github.com/letsencrypt/pebble/releases/download/v2.3.0/pebble_linux-amd64 -O /usr/local/sbin/pebble
sudo chmod a+x /usr/local/sbin/pebble
......@@ -46,6 +48,8 @@ Vagrant.configure("2") do |config|
sudo cp /vagrant/inet/rc.local /etc/
sudo chmod a+x /etc/rc.local
sudo /etc/rc.local
touch /vagrant/build/stamp/inet
SHELL
end
......@@ -55,6 +59,8 @@ Vagrant.configure("2") do |config|
boundery.vm.network "private_network", auto_config: false,
virtualbox__intnet: "boundery_inet"
boundery.vm.provision "shell", inline: <<-SHELL
set -e
sudo cp /vagrant/boundery/nodnsupdate /etc/dhcp/dhclient-enter-hooks.d/
sudo chmod a+x /etc/dhcp/dhclient-enter-hooks.d/nodnsupdate
......@@ -70,6 +76,8 @@ Vagrant.configure("2") do |config|
sudo cp /vagrant/boundery/rc.local /etc/
sudo chmod a+x /etc/rc.local
sudo /etc/rc.local
touch /vagrant/build/stamp/boundery.me
SHELL
end
......@@ -81,6 +89,8 @@ Vagrant.configure("2") do |config|
router.vm.network "private_network", auto_config: false,
virtualbox__intnet: "router_inet"
router.vm.provision "shell", inline: <<-SHELL
set -e
sudo apt-get update
sudo DEBIAN_FRONTEND=noninteractive apt-get install -y dnsmasq iptables-persistent
......@@ -92,6 +102,8 @@ Vagrant.configure("2") do |config|
sudo cp /vagrant/router/dhcp.conf /vagrant/router/dns.conf /etc/dnsmasq.d/
sudo /etc/init.d/dnsmasq restart
touch /vagrant/build/stamp/router
SHELL
end
......@@ -111,6 +123,8 @@ Vagrant.configure("2") do |config|
client.vm.network "forwarded_port", host: 5900, guest: 5900
client.vm.network "forwarded_port", host: 22222, guest: 22222
client.vm.provision "shell", inline: <<-SHELL
set -e
sudo apt-get update
#XXX We install python3-cffi-backend here due to a briefcase bug. bug 44?
sudo apt-get install -y --no-install-recommends network-manager xvfb x11vnc \
......@@ -122,9 +136,13 @@ Vagrant.configure("2") do |config|
sudo cp /vagrant/client/rc.local /etc/
sudo chmod a+x /etc/rc.local
sudo /etc/rc.local
touch /vagrant/build/stamp/client
SHELL
client.vm.provision "install", type: "shell", run: "never", privileged: false, inline: <<-SHELL
set -e
#XXX Sanity check fakedns, other environment stuff?
if mount | grep -q ^/dev/sdb1; then
......
#!/bin/bash
rm /usr/local/share/ca-certificates/fakeroot.crt
rm -f /usr/local/share/ca-certificates/fakeroot.crt
while [ ! -f /usr/local/share/ca-certificates/fakeroot.crt ]; do
wget --timeout 3 --no-check-certificate https://acme-v02.api.letsencrypt.org:15000/roots/0 -O /usr/local/share/ca-certificates/fakeroot.crt
done
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment