r00t2/bdisk
1
0
Fork 0
Code Issues Pull Requests Projects Releases Activity

checking in some progress. config generator's almost done. kind of janky, but it works.

Browse Source
This commit is contained in:
brent s.
2018-05-13 21:56:43 -04:00
parent 46a9df6ef6
commit 262eefba07
12 changed files with 1286 additions and 63 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
docs/examples/.gitignore vendored
View File

@@ -1 +0,0 @@
regen_multi.py

60
docs/examples/multi_profile.xml
View File

@@ -1,4 +1,4 @@
<?xml version="1.0" encoding="UTF-8" ?>
<?xml version='1.0' encoding='UTF-8'?>
<bdisk>
<profile name="default" id="1" uuid="8cdd6bcb-c147-4a63-9779-b5433c510dbc">
<meta>
@@ -19,7 +19,7 @@
</dev>
<uri>https://domain.tld/projname</uri>
<ver>1.0.0</ver>
<!-- This is the VERY FIRST value parsed, and is required. It controls how many levels of {xpath_ref:} to recurse. -->
<!-- This is the VERY FIRST value parsed, and is required. It controls how many levels of {xpath_ref%...} to recurse. -->
<!-- If the maximum level is reached, the substitution will evaluate as blank. -->
<max_recurse>5</max_recurse>
</meta>
@@ -30,7 +30,7 @@
<username>{xpath_ref%//meta/names/uxname/text()}</username>
<!-- You can also use substitution from different profiles: -->
<!-- <username>{xpath_ref%//profile[@name='another_profile']/meta/names/uxname"}</username> -->
<name>{xpath_ref%//meta/dev/author/text()}</name>
<comment>{xpath_ref%//meta/dev/author/text()}</comment>
<password hashed="no" hash_algo="sha512" salt="auto">testpassword</password>
</user>
<user sudo="no">
@@ -43,15 +43,15 @@
<source arch="x86_64">
<mirror>http://archlinux.mirror.domain.tld</mirror>
<webroot>/iso/latest</webroot>
<tarball flags="glob,latest">{xpath_ref%../mirror/text()}{xpath_ref%../webroot/text()}/archlinux-bootstrap-*-x86_64.tar.gz</tarball>
<checksum hash="sha1">{xpath_ref%../mirror/text()}{xpath_ref%../webroot/text()}/sha1sums.txt</checksum>
<sig keys="7F2D434B9741E8AC" keyserver="hkp://pool.sks-keyservers.net">{xpath_ref%../tarball/text()}.sig</sig>
<tarball flags="latest">{xpath_ref%../mirror/text()}{xpath_ref%../webroot/text()}/{regex%archlinux-bootstrap-[0-9]{4}\.[0-9]{2}\.[0-9]{2}-x86_64\.tar\.gz}</tarball>
<checksum hash_algo="sha1" flags="none">{xpath_ref%../mirror/text()}{xpath_ref%../webroot/text()}/sha1sums.txt</checksum>
<sig keys="7F2D434B9741E8AC" keyserver="hkp://pool.sks-keyservers.net" flags="latest">{xpath_ref%../tarball/text()}.sig</sig>
</source>
<source arch="i686">
<mirror>http://archlinux32.mirror.domain.tld</mirror>
<webroot>/iso/latest</webroot>
<tarball flags="glob,latest">{xpath_ref%../mirror/text()}/{xpath_ref%../webroot/text()}/archlinux-bootstrap-*-i686.tar.gz</tarball>
<checksum hash="sha512">{xpath_ref%../mirror/text()}/{xpath_ref%../webroot/text()}/sha512sums.txt</checksum>
<tarball flag="regex,latest">{xpath_ref%../mirror/text()}/{xpath_ref%../webroot/text()}/{regex%archlinux-bootstrap-[0-9]{4}\.[0-9]{2}\.[0-9]{2}-i686\.tar\.gz}</tarball>
<checksum hash_algo="sha512" explicit="yes">cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e</checksum>
<sig keys="248BF41F9BDD61D41D060AE774EDA3C6B06D0506" keyserver="hkp://pool.sks-keyservers.net">{xpath_ref%../tarball/text()}.sig</sig>
</source>
</sources>
@@ -59,6 +59,7 @@
<paths>
<cache>/var/tmp/{xpath_ref%//meta/names/uxname/text()}</cache>
<chroot>/var/tmp/chroots/{xpath_ref%//meta/names/uxname/text()}</chroot>
<overlay>{xpath_ref%../cache/text()}/overlay</overlay>
<templates>~/{xpath_ref%//meta/names/uxname/text()}/templates</templates>
<mount>/mnt/{xpath_ref%//meta/names/uxname/text()}</mount>
<distros>~/{xpath_ref%//meta/names/uxname/text()}/distros</distros>
@@ -74,7 +75,7 @@
<ssl custom="no">
<!-- http://ipxe.org/crypto -->
<ca>
<cert>{xpath_ref%build/paths/ssl/text()}/ca.crt</cert>
<cert>{xpath_ref%//build/paths/ssl/text()}/ca.crt</cert>
<!-- If csr is self-enclosed (<csr />), we'll just generate and use a CSR in-memory.
Assuming we need to generate a certificate, anyways.
If you want to write it out to disk (for debugging, etc.) OR use one already generated,
@@ -82,7 +83,7 @@
e.g.:
<csr>{xpath_ref%build/paths/ssl/text()}/ca.csr</csr> -->
<csr/>
<key des="no" passphrase="none">{xpath_ref%build/paths/ssl/text()}/ca.key</key>
<key des="no" passphrase="none">{xpath_ref%//build/paths/ssl/text()}/ca.key</key>
<subject>
<commonName>domain.tld</commonName>
<countryName>XX</countryName>
@@ -90,13 +91,13 @@
<stateOrProvinceName>Some State</stateOrProvinceName>
<organization>Some Org, Inc.</organization>
<organizationalUnitName>Department Name</organizationalUnitName>
<emailAddress>{xpath_ref%../../../../../../meta/names/dev/email/text()}</emailAddress>
<emailAddress>{xpath_ref%//meta/dev/email/text()}</emailAddress>
</subject>
</ca>
<server>
<cert>{xpath_ref%build/paths/ssl/text()}/{xpath_ref%//meta/names/uxname/text()}.crt</cert>
<cert>{xpath_ref%//build/paths/ssl/text()}/{xpath_ref%//meta/names/uxname/text()}.crt</cert>
<csr/>
<key des="no" passphrase="none">{xpath_ref%build/paths/ssl/text()}/{xpath_ref%//meta/names/uxname/text()}.key</key>
<key des="no" passphrase="none">{xpath_ref%//build/paths/ssl/text()}/{xpath_ref%//meta/names/uxname/text()}.key</key>
<subject>
<commonName>domain.tld (client)</commonName>
<countryName>XX</countryName>
@@ -104,11 +105,11 @@
<stateOrProvinceName>Some State</stateOrProvinceName>
<organization>Some Org, Inc.</organization>
<organizationalUnitName>Department Name</organizationalUnitName>
<emailAddress>{xpath_ref%../../../../../../meta/names/dev/email/text()}</emailAddress>
<emailAddress>{xpath_ref%//meta/dev/email/text()}</emailAddress>
</subject>
</server>
</ssl>
<uri>{xpath_ref%meta/dev/website/text()}/ipxe</uri>
<uri>{xpath_ref%//meta/dev/website/text()}/ipxe</uri>
</ipxe>
<gpg keyid="none" gnupghome="none" publish="no" sync="yes"/>
<sync>
@@ -145,23 +146,23 @@
<rootpass hashed="no">atotallyinsecurepassword</rootpass>
<user sudo="no">
<username>testuser</username>
<name>Test User</name>
<password hashed="no" hash_algo="sha512" salt="auto">testpassword</password>
<comment>Test User</comment>
<password hashed="no" hash_algo="sha512" salt="auto">atestpassword</password>
</user>
</accounts>
<sources>
<source arch="x86_64">
<mirror>http://archlinux.mirror.domain.tld</mirror>
<webroot>/iso/latest</webroot>
<tarball flags="glob,latest">{xpath_ref%../mirror/text()}{xpath_ref%../webroot/text()}/archlinux-bootstrap-*-x86_64.tar.gz</tarball>
<checksum hash="sha1">{xpath_ref%../mirror/text()}{xpath_ref%../webroot/text()}/sha1sums.txt</checksum>
<sig keys="7F2D434B9741E8AC" keyserver="hkp://pool.sks-keyservers.net">{xpath_ref%../tarball/text()}.sig</sig>
<tarball flags="latest">{xpath_ref%../mirror/text()}{xpath_ref%../webroot/text()}/{regex%archlinux-bootstrap-[0-9]{4}\.[0-9]{2}\.[0-9]{2}-x86_64\.tar\.gz}</tarball>
<checksum hash_algo="sha1" flags="none">{xpath_ref%../mirror/text()}{xpath_ref%../webroot/text()}/sha1sums.txt</checksum>
<sig keys="7F2D434B9741E8AC" keyserver="hkp://pool.sks-keyservers.net" flags="latest">{xpath_ref%../tarball/text()}.sig</sig>
</source>
<source arch="i686">
<mirror>http://archlinux32.mirror.domain.tld</mirror>
<webroot>/iso/latest</webroot>
<tarball flags="glob,latest">{xpath_ref%../mirror/text()}/{xpath_ref%../webroot/text()}/archlinux-bootstrap-*-i686.tar.gz</tarball>
<checksum hash="sha512">{xpath_ref%../mirror/text()}/{xpath_ref%../webroot/text()}/sha512sums.txt</checksum>
<tarball flag="regex,latest">{xpath_ref%../mirror/text()}/{xpath_ref%../webroot/text()}/{regex%archlinux-bootstrap-[0-9]{4}\.[0-9]{2}\.[0-9]{2}-i686\.tar\.gz}</tarball>
<checksum hash_algo="sha512" explicit="yes">cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e</checksum>
<sig keys="248BF41F9BDD61D41D060AE774EDA3C6B06D0506" keyserver="hkp://pool.sks-keyservers.net">{xpath_ref%../tarball/text()}.sig</sig>
</source>
</sources>
@@ -169,6 +170,7 @@
<paths>
<cache>/var/tmp/{xpath_ref%//meta/names/uxname/text()}</cache>
<chroot>/var/tmp/chroots/{xpath_ref%//meta/names/uxname/text()}</chroot>
<overlay>{xpath_ref%../cache/text()}/overlay</overlay>
<templates>~/{xpath_ref%//meta/names/uxname/text()}/templates</templates>
<mount>/mnt/{xpath_ref%//meta/names/uxname/text()}</mount>
<distros>~/{xpath_ref%//meta/names/uxname/text()}/distros</distros>
@@ -183,9 +185,9 @@
<ipxe sign="yes" sync="yes" iso="yes" rsync="yes">
<ssl custom="no">
<ca>
<cert>{xpath_ref%build/paths/ssl/text()}/ca.crt</cert>
<cert>{xpath_ref%//build/paths/ssl/text()}/ca.crt</cert>
<csr/>
<key des="no" passphrase="none">{xpath_ref%build/paths/ssl/text()}/ca.key</key>
<key des="no" passphrase="none">{xpath_ref%//build/paths/ssl/text()}/ca.key</key>
<subject>
<commonName>domain.tld</commonName>
<countryName>XX</countryName>
@@ -193,13 +195,13 @@
<stateOrProvinceName>Some State</stateOrProvinceName>
<organization>Some Org, Inc.</organization>
<organizationalUnitName>Department Name</organizationalUnitName>
<emailAddress>{xpath_ref%../../../../../../meta/names/dev/email/text()}</emailAddress>
<emailAddress>{xpath_ref%//meta/dev/email/text()}</emailAddress>
</subject>
</ca>
<server>
<cert>{xpath_ref%build/paths/ssl/text()}/{xpath_ref%//meta/names/uxname/text()}.crt</cert>
<cert>{xpath_ref%//build/paths/ssl/text()}/{xpath_ref%//meta/names/uxname/text()}.crt</cert>
<csr/>
<key des="no" passphrase="none">{xpath_ref%build/paths/ssl/text()}/{xpath_ref%//meta/names/uxname/text()}.key</key>
<key des="no" passphrase="none">{xpath_ref%//build/paths/ssl/text()}/{xpath_ref%//meta/names/uxname/text()}.key</key>
<subject>
<commonName>domain.tld (client)</commonName>
<countryName>XX</countryName>
@@ -207,11 +209,11 @@
<stateOrProvinceName>Some State</stateOrProvinceName>
<organization>Some Org, Inc.</organization>
<organizationalUnitName>Department Name</organizationalUnitName>
<emailAddress>{xpath_ref%../../../../../../meta/names/dev/email/text()}</emailAddress>
<emailAddress>{xpath_ref%//meta/dev/email/text()}</emailAddress>
</subject>
</server>
</ssl>
<uri>{xpath_ref%meta/dev/website/text()}/ipxe</uri>
<uri>{xpath_ref%//meta/dev/website/text()}/ipxe</uri>
</ipxe>
<gpg keyid="none" gnupghome="none" publish="no" sync="yes"/>
<sync>

11
docs/examples/regen_multi.py
View File

@@ -33,8 +33,8 @@ for e in meta.iter():
accounts_tags = {'rootpass': 'atotallyinsecurepassword',
'username': 'testuser',
'name': 'Test User',
'passowrd': 'atestpassword'}
'comment': 'Test User',
'password': 'atestpassword'}
accounts = alt_profile.xpath('/profile/accounts')[0]
for e in accounts.iter():
if e.tag in accounts_tags:
@@ -47,7 +47,8 @@ for e in accounts.iter():
accounts.remove(accounts[2])
xml.append(alt_profile)
#print(etree.tostring(xml).decode('utf-8'))
with open('multi_profile.xml', 'wb') as f:
f.write(b'<?xml version="1.0" encoding="UTF-8" ?>\n' + etree.tostring(xml,
pretty_print = True))
f.write(etree.tostring(xml,
pretty_print = True,
encoding = 'UTF-8',
xml_declaration = True))

30
docs/examples/single_profile.xml
View File

@@ -19,7 +19,7 @@
</dev>
<uri>https://domain.tld/projname</uri>
<ver>1.0.0</ver>
<!-- This is the VERY FIRST value parsed, and is required. It controls how many levels of {xpath_ref:} to recurse. -->
<!-- This is the VERY FIRST value parsed, and is required. It controls how many levels of {xpath_ref%...} to recurse. -->
<!-- If the maximum level is reached, the substitution will evaluate as blank. -->
<max_recurse>5</max_recurse>
</meta>
@@ -30,7 +30,7 @@
<username>{xpath_ref%//meta/names/uxname/text()}</username>
<!-- You can also use substitution from different profiles: -->
<!-- <username>{xpath_ref%//profile[@name='another_profile']/meta/names/uxname"}</username> -->
<name>{xpath_ref%//meta/dev/author/text()}</name>
<comment>{xpath_ref%//meta/dev/author/text()}</comment>
<password hashed="no"
hash_algo="sha512"
salt="auto">testpassword</password>
@@ -47,16 +47,17 @@
<source arch="x86_64">
<mirror>http://archlinux.mirror.domain.tld</mirror>
<webroot>/iso/latest</webroot>
<tarball flags="glob,latest">{xpath_ref%../mirror/text()}{xpath_ref%../webroot/text()}/archlinux-bootstrap-*-x86_64.tar.gz</tarball>
<checksum hash="sha1">{xpath_ref%../mirror/text()}{xpath_ref%../webroot/text()}/sha1sums.txt</checksum>
<tarball flags="latest">{xpath_ref%../mirror/text()}{xpath_ref%../webroot/text()}/{regex%archlinux-bootstrap-[0-9]{4}\.[0-9]{2}\.[0-9]{2}-x86_64\.tar\.gz}</tarball>
<checksum hash_algo="sha1" flags="none" >{xpath_ref%../mirror/text()}{xpath_ref%../webroot/text()}/sha1sums.txt</checksum>
<sig keys="7F2D434B9741E8AC"
keyserver="hkp://pool.sks-keyservers.net">{xpath_ref%../tarball/text()}.sig</sig>
keyserver="hkp://pool.sks-keyservers.net"
flags="latest">{xpath_ref%../tarball/text()}.sig</sig>
</source>
<source arch="i686">
<mirror>http://archlinux32.mirror.domain.tld</mirror>
<webroot>/iso/latest</webroot>
<tarball flags="glob,latest">{xpath_ref%../mirror/text()}/{xpath_ref%../webroot/text()}/archlinux-bootstrap-*-i686.tar.gz</tarball>
<checksum hash="sha512">{xpath_ref%../mirror/text()}/{xpath_ref%../webroot/text()}/sha512sums.txt</checksum>
<tarball flag="regex,latest">{xpath_ref%../mirror/text()}/{xpath_ref%../webroot/text()}/{regex%archlinux-bootstrap-[0-9]{4}\.[0-9]{2}\.[0-9]{2}-i686\.tar\.gz}</tarball>
<checksum hash_algo="sha512" explicit="yes">cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e</checksum>
<sig keys="248BF41F9BDD61D41D060AE774EDA3C6B06D0506"
keyserver="hkp://pool.sks-keyservers.net">{xpath_ref%../tarball/text()}.sig</sig>
</source>
@@ -65,6 +66,7 @@
<paths>
<cache>/var/tmp/{xpath_ref%//meta/names/uxname/text()}</cache>
<chroot>/var/tmp/chroots/{xpath_ref%//meta/names/uxname/text()}</chroot>
<overlay>{xpath_ref%../cache/text()}/overlay</overlay>
<templates>~/{xpath_ref%//meta/names/uxname/text()}/templates</templates>
<mount>/mnt/{xpath_ref%//meta/names/uxname/text()}</mount>
<distros>~/{xpath_ref%//meta/names/uxname/text()}/distros</distros>
@@ -80,7 +82,7 @@
<ssl custom="no">
<!-- http://ipxe.org/crypto -->
<ca>
<cert>{xpath_ref%build/paths/ssl/text()}/ca.crt</cert>
<cert>{xpath_ref%//build/paths/ssl/text()}/ca.crt</cert>
<!-- If csr is self-enclosed (<csr />), we'll just generate and use a CSR in-memory.
Assuming we need to generate a certificate, anyways.
If you want to write it out to disk (for debugging, etc.) OR use one already generated,
@@ -88,7 +90,7 @@
e.g.:
<csr>{xpath_ref%build/paths/ssl/text()}/ca.csr</csr> -->
<csr />
<key des="no" passphrase="none">{xpath_ref%build/paths/ssl/text()}/ca.key</key>
<key des="no" passphrase="none">{xpath_ref%//build/paths/ssl/text()}/ca.key</key>
<subject>
<commonName>domain.tld</commonName>
<countryName>XX</countryName>
@@ -96,13 +98,13 @@
<stateOrProvinceName>Some State</stateOrProvinceName>
<organization>Some Org, Inc.</organization>
<organizationalUnitName>Department Name</organizationalUnitName>
<emailAddress>{xpath_ref%../../../../../../meta/names/dev/email/text()}</emailAddress>
<emailAddress>{xpath_ref%//meta/dev/email/text()}</emailAddress>
</subject>
</ca>
<server>
<cert>{xpath_ref%build/paths/ssl/text()}/{xpath_ref%//meta/names/uxname/text()}.crt</cert>
<cert>{xpath_ref%//build/paths/ssl/text()}/{xpath_ref%//meta/names/uxname/text()}.crt</cert>
<csr />
<key des="no" passphrase="none">{xpath_ref%build/paths/ssl/text()}/{xpath_ref%//meta/names/uxname/text()}.key</key>
<key des="no" passphrase="none">{xpath_ref%//build/paths/ssl/text()}/{xpath_ref%//meta/names/uxname/text()}.key</key>
<subject>
<commonName>domain.tld (client)</commonName>
<countryName>XX</countryName>
@@ -110,11 +112,11 @@
<stateOrProvinceName>Some State</stateOrProvinceName>
<organization>Some Org, Inc.</organization>
<organizationalUnitName>Department Name</organizationalUnitName>
<emailAddress>{xpath_ref%../../../../../../meta/names/dev/email/text()}</emailAddress>
<emailAddress>{xpath_ref%//meta/dev/email/text()}</emailAddress>
</subject>
</server>
</ssl>
<uri>{xpath_ref%meta/dev/website/text()}/ipxe</uri>
<uri>{xpath_ref%//meta/dev/website/text()}/ipxe</uri>
</ipxe>
<gpg keyid="none" gnupghome="none" publish="no" sync="yes" />
<sync>