This commit is contained in:
brent s. 2019-12-08 03:05:00 -05:00
parent 1cc5b1f6c5
commit 454c16215a
3 changed files with 308 additions and 283 deletions

View File

@ -44,13 +44,6 @@
</xs:restriction> </xs:restriction>
</xs:simpleType> </xs:simpleType>


<xs:simpleType name="t_disksize">
<xs:restriction base="xs:string">
<xs:pattern value="[-|+]?\s*([0-9]+)\s*(%|((k|Ki)|[MGTPEZY]i?)?B?|)\s*"/>
<xs:whiteSpace value="collapse"/>
</xs:restriction>
</xs:simpleType>

<xs:complexType name="t_iface"> <xs:complexType name="t_iface">
<xs:sequence> <xs:sequence>
<xs:choice maxOccurs="unbounded"> <xs:choice maxOccurs="unbounded">
@ -238,33 +231,6 @@
</xs:restriction> </xs:restriction>
</xs:simpleType> </xs:simpleType>


<xs:complexType name="t_nixpass">
<xs:choice minOccurs="1" maxOccurs="1">
<xs:element name="passwordPlain">
<xs:complexType>
<xs:simpleContent>
<xs:extension base="xs:string">
<xs:attribute name="hashType" use="optional" default="sha512"
type="linux:t_passwd_hashtypes"/>
<xs:attribute name="rounds" use="optional" default="5000" type="xs:positiveInteger"/>
</xs:extension>
</xs:simpleContent>
</xs:complexType>
</xs:element>
<xs:element name="passwordHash">
<xs:complexType>
<xs:simpleContent>
<xs:extension base="linux:t_shadowhash">
<xs:attribute name="hashType" use="optional" default="(detect)"
type="aif:t_passwd_hashtypes_detect"/>
</xs:extension>
</xs:simpleContent>
</xs:complexType>
</xs:element>
</xs:choice>
<xs:attribute name="locked" use="optional" default="false" type="xs:boolean"/>
</xs:complexType>

<xs:simpleType name="t_pacuri"> <xs:simpleType name="t_pacuri">
<!-- xs:anyURI is too permissive. --> <!-- xs:anyURI is too permissive. -->
<!-- <xs:restriction base="xs:anyURI"> --> <!-- <xs:restriction base="xs:anyURI"> -->
@ -274,16 +240,6 @@
</xs:restriction> </xs:restriction>
</xs:simpleType> </xs:simpleType>


<xs:simpleType name="t_passwd_hashtypes_detect">
<xs:union memberTypes="linux:t_passwd_hashtypes">
<xs:simpleType>
<xs:restriction>
<xs:enumeration value="(detect)"/>
</xs:restriction>
</xs:simpleType>
</xs:union>
</xs:simpleType>

<!-- ROOT --> <!-- ROOT -->
<xs:element name="aif"> <xs:element name="aif">
<xs:complexType> <xs:complexType>
@ -308,35 +264,7 @@
<xs:element name="blockDevices" minOccurs="0" maxOccurs="1"> <xs:element name="blockDevices" minOccurs="0" maxOccurs="1">
<xs:complexType> <xs:complexType>
<xs:sequence minOccurs="1" maxOccurs="unbounded"> <xs:sequence minOccurs="1" maxOccurs="unbounded">
<xs:element name="disk" minOccurs="1" maxOccurs="unbounded"> <xs:element name="disk" minOccurs="1" maxOccurs="unbounded" type="linux:t_disk">
<xs:complexType>
<xs:sequence>
<xs:element name="part" minOccurs="1" maxOccurs="unbounded">
<xs:complexType>
<xs:sequence minOccurs="0" maxOccurs="1">
<xs:element name="partitionFlag" minOccurs="1"
maxOccurs="unbounded"
type="aif:t_part_flags"/>
</xs:sequence>
<xs:attribute name="id" type="xs:ID"
use="required"/>
<xs:attribute name="name" type="aif:t_nonempty"
use="optional"/>
<xs:attribute name="label" type="aif:t_nonempty"
use="optional"/>
<xs:attribute name="start" type="aif:t_disksize"
use="required"/>
<xs:attribute name="stop" type="aif:t_disksize"
use="required"/>
<xs:attribute name="fsType" type="aif:t_fstype"
use="required"/>
</xs:complexType>
</xs:element>
</xs:sequence>
<xs:attribute name="id" type="xs:ID" use="required"/>
<xs:attribute name="device" type="aif:t_diskdev" use="required"/>
<xs:attribute name="diskFormat" type="aif:t_diskfmt" use="required"/>
</xs:complexType>
<xs:unique name="uniq_diskdev"> <xs:unique name="uniq_diskdev">
<xs:selector xpath="aif:disk"/> <xs:selector xpath="aif:disk"/>
<xs:field xpath="@device"/> <xs:field xpath="@device"/>
@ -354,13 +282,13 @@
<xs:complexType> <xs:complexType>
<xs:sequence> <xs:sequence>
<xs:element name="opt" minOccurs="0" maxOccurs="unbounded" <xs:element name="opt" minOccurs="0" maxOccurs="unbounded"
type="aif:t_cmdopts"/> type="std:t_cmdopts"/>
</xs:sequence> </xs:sequence>
<xs:attribute name="id" type="xs:ID" use="required"/> <xs:attribute name="id" type="xs:ID" use="required"/>
<xs:attribute name="source" type="xs:IDREF" use="required"/> <xs:attribute name="source" type="xs:IDREF" use="required"/>
<!-- We validate this in-code because there's way too many and <!-- We validate this in-code because there's way too many and
it's way too variable per-host. --> it's way too variable per-host. -->
<xs:attribute name="type" type="aif:t_nonempty" use="required"/> <xs:attribute name="type" type="std:t_nonempty" use="required"/>
</xs:complexType> </xs:complexType>
</xs:element> </xs:element>
</xs:sequence> </xs:sequence>
@ -368,44 +296,7 @@
</xs:element> </xs:element>
<!-- END FILESYSTEMS --> <!-- END FILESYSTEMS -->
<!-- BEGIN LUKS --> <!-- BEGIN LUKS -->
<xs:element name="luks" minOccurs="0" maxOccurs="1"> <xs:element name="luks" minOccurs="0" maxOccurs="1" type="linux:t_luks">
<xs:complexType>
<xs:sequence>
<!-- TODO: add support for custom flags/opts? -->
<xs:element name="luksDev" minOccurs="1" maxOccurs="unbounded">
<xs:complexType>
<xs:sequence>
<xs:element name="secrets" minOccurs="1"
maxOccurs="10">
<xs:complexType>
<xs:sequence minOccurs="1" maxOccurs="unbounded">
<xs:element name="passphrase" minOccurs="0"
maxOccurs="unbounded"
type="aif:t_nonempty"/>
<!-- TODO: support URI to *read* bytes from? -->
<xs:element name="keyFile" minOccurs="0"
maxOccurs="unbounded">
<xs:complexType>
<xs:simpleContent>
<xs:extension base="aif:t_filepath">
<xs:attribute name="size"
type="xs:positiveInteger"
use="optional"/>
</xs:extension>
</xs:simpleContent>
</xs:complexType>
</xs:element>
</xs:sequence>
</xs:complexType>
</xs:element>
</xs:sequence>
<xs:attribute name="id" type="xs:ID" use="required"/>
<xs:attribute name="name" type="aif:t_nonempty" use="required"/>
<xs:attribute name="source" type="xs:IDREF" use="required"/>
</xs:complexType>
</xs:element>
</xs:sequence>
</xs:complexType>
<xs:unique name="uniq_luks_name"> <xs:unique name="uniq_luks_name">
<xs:selector xpath="aif:luksDev"/> <xs:selector xpath="aif:luksDev"/>
<xs:field xpath="@name"/> <xs:field xpath="@name"/>
@ -413,64 +304,7 @@
</xs:element> </xs:element>
<!-- END LUKS --> <!-- END LUKS -->
<!-- BEGIN LVM --> <!-- BEGIN LVM -->
<xs:element name="lvm" minOccurs="0" maxOccurs="1"> <xs:element name="lvm" minOccurs="0" maxOccurs="1" type="linux:t_lvm">
<xs:complexType>
<xs:sequence>
<xs:element name="volumeGroup" minOccurs="1" maxOccurs="unbounded">
<xs:complexType>
<xs:all>
<xs:element name="physicalVolumes" minOccurs="1" maxOccurs="1">
<xs:complexType>
<xs:sequence>
<xs:element name="pv" minOccurs="1"
maxOccurs="unbounded">
<xs:complexType>
<xs:attribute name="id" type="xs:ID"
use="required"/>
<xs:attribute name="source" type="xs:IDREF"
use="required"/>
</xs:complexType>
</xs:element>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="logicalVolumes" minOccurs="1" maxOccurs="1">
<xs:complexType>
<xs:sequence>
<xs:element name="lv" minOccurs="1"
maxOccurs="unbounded">
<xs:complexType>
<xs:sequence minOccurs="0"
maxOccurs="unbounded">
<xs:element name="pvMember" minOccurs="1"
maxOccurs="unbounded">
<xs:complexType>
<xs:attribute name="source"
use="required"
type="xs:IDREF"/>
</xs:complexType>
</xs:element>
</xs:sequence>
<xs:attribute name="id" type="xs:ID"
use="required"/>
<xs:attribute name="name" type="aif:t_nonempty"
use="required"/>
<xs:attribute name="size" type="aif:t_lvsize"
use="required"/>
</xs:complexType>
</xs:element>
</xs:sequence>
</xs:complexType>
</xs:element>
</xs:all>
<xs:attribute name="id" type="xs:ID" use="required"/>
<xs:attribute name="name" type="aif:t_nonempty" use="required"/>
<xs:attribute name="extentSize" type="aif:t_pesize" use="optional"
default="0"/>
</xs:complexType>
</xs:element>
</xs:sequence>
</xs:complexType>
<xs:unique name="uniq_vg_names"> <xs:unique name="uniq_vg_names">
<xs:selector xpath="aif:volumeGroup"/> <xs:selector xpath="aif:volumeGroup"/>
<xs:field xpath="@name"/> <xs:field xpath="@name"/>
@ -486,35 +320,7 @@
</xs:element> </xs:element>
<!-- END LVM --> <!-- END LVM -->
<!-- BEGIN MDADM --> <!-- BEGIN MDADM -->
<xs:element name="mdadm" minOccurs="0" maxOccurs="1"> <xs:element name="mdadm" minOccurs="0" maxOccurs="1" type="linux:t_mdadm">
<xs:complexType>
<xs:sequence minOccurs="1" maxOccurs="unbounded">
<xs:element name="array" minOccurs="1" maxOccurs="unbounded">
<xs:complexType>
<xs:sequence minOccurs="1" maxOccurs="unbounded">
<xs:element name="member" minOccurs="1" maxOccurs="unbounded">
<xs:complexType>
<xs:attribute name="source" type="xs:IDREF"
use="required"/>
</xs:complexType>
</xs:element>
</xs:sequence>
<xs:attribute name="id" use="required" type="xs:ID"/>
<xs:attribute name="name" use="required" type="aif:t_nonempty"/>
<xs:attribute name="meta" use="optional" default="1.2"
type="aif:t_raid_meta"/>
<xs:attribute name="level" use="required" type="aif:t_raid_levels"/>
<!-- KB *only*. -->
<!-- Can be pretty important!
https://www.zdnet.com/article/chunks-the-hidden-key-to-raid-performance/ -->
<xs:attribute name="chunkSize" use="optional" type="xs:positiveInteger"
default="512"/>
<xs:attribute name="layout" use="optional" type="aif:t_raid_layout"
default="none"/>
</xs:complexType>
</xs:element>
</xs:sequence>
</xs:complexType>
<xs:unique name="uniq_array_name"> <xs:unique name="uniq_array_name">
<xs:selector xpath="aif:array"/> <xs:selector xpath="aif:array"/>
<xs:field xpath="@name"/> <xs:field xpath="@name"/>
@ -559,7 +365,7 @@
<xs:element name="wireless" type="aif:t_iface_wifi" minOccurs="0" maxOccurs="unbounded"/> <xs:element name="wireless" type="aif:t_iface_wifi" minOccurs="0" maxOccurs="unbounded"/>
</xs:choice> </xs:choice>
<!-- It's nearly impossible to validate FQDNs/hostnames in XSD, so we do it in-code. --> <!-- It's nearly impossible to validate FQDNs/hostnames in XSD, so we do it in-code. -->
<xs:attribute name="hostname" type="aif:t_nonempty" use="required"/> <xs:attribute name="hostname" type="std:t_nonempty" use="required"/>
<xs:attribute name="provider" type="aif:t_netprov" use="optional" default="networkd"/> <xs:attribute name="provider" type="aif:t_netprov" use="optional" default="networkd"/>
<xs:attribute name="dhcpClient" type="aif:t_dhcp_clients" use="optional" default="dhcpcd"/> <xs:attribute name="dhcpClient" type="aif:t_dhcp_clients" use="optional" default="dhcpcd"/>
</xs:complexType> </xs:complexType>
@ -573,8 +379,7 @@
<xs:element name="system" maxOccurs="1" minOccurs="1"> <xs:element name="system" maxOccurs="1" minOccurs="1">
<xs:complexType> <xs:complexType>
<xs:all> <xs:all>
<xs:element name="rootPassword" minOccurs="0" maxOccurs="1" <xs:element name="rootPassword" minOccurs="0" maxOccurs="1" type="linux:t_nixpass"/>
type="aif:t_nixpass"/>
<xs:element name="locales" minOccurs="1" maxOccurs="1"> <xs:element name="locales" minOccurs="1" maxOccurs="1">
<xs:complexType> <xs:complexType>
<xs:sequence minOccurs="1" maxOccurs="unbounded"> <xs:sequence minOccurs="1" maxOccurs="unbounded">
@ -582,7 +387,7 @@
<xs:complexType> <xs:complexType>
<xs:simpleContent> <xs:simpleContent>
<xs:extension base="xs:token"> <xs:extension base="xs:token">
<xs:attribute name="name" type="aif:t_nonempty" use="required"/> <xs:attribute name="name" type="std:t_nonempty" use="required"/>
</xs:extension> </xs:extension>
</xs:simpleContent> </xs:simpleContent>
</xs:complexType> </xs:complexType>
@ -600,10 +405,9 @@
<xs:complexType> <xs:complexType>
<xs:choice> <xs:choice>
<xs:element name="map" minOccurs="0" maxOccurs="1" <xs:element name="map" minOccurs="0" maxOccurs="1"
type="aif:t_nonempty" default="us"/> type="std:t_nonempty" default="us"/>
<xs:element name="toggle" minOccurs="0" maxOccurs="1" <xs:element name="toggle" minOccurs="0" maxOccurs="1"
type="aif:t_nonempty"/> type="std:t_nonempty"/>

</xs:choice> </xs:choice>
</xs:complexType> </xs:complexType>
</xs:element> </xs:element>
@ -611,11 +415,11 @@
<xs:complexType> <xs:complexType>
<xs:choice minOccurs="1" maxOccurs="3"> <xs:choice minOccurs="1" maxOccurs="3">
<xs:element name="font" minOccurs="0" maxOccurs="1" <xs:element name="font" minOccurs="0" maxOccurs="1"
type="aif:t_nonempty"/> type="std:t_nonempty"/>
<xs:element name="map" minOccurs="0" maxOccurs="1" <xs:element name="map" minOccurs="0" maxOccurs="1"
type="aif:t_nonempty"/> type="std:t_nonempty"/>
<xs:element name="unicodeMap" minOccurs="0" maxOccurs="1" <xs:element name="unicodeMap" minOccurs="0" maxOccurs="1"
type="aif:t_nonempty"/> type="std:t_nonempty"/>
</xs:choice> </xs:choice>
</xs:complexType> </xs:complexType>
</xs:element> </xs:element>
@ -625,51 +429,8 @@
<xs:element name="users" minOccurs="0" maxOccurs="1"> <xs:element name="users" minOccurs="0" maxOccurs="1">
<xs:complexType> <xs:complexType>
<xs:sequence> <xs:sequence>
<xs:element name="user" minOccurs="1" maxOccurs="unbounded"> <xs:element name="user" minOccurs="1" maxOccurs="unbounded"
<xs:complexType> type="linux:t_user"/>
<xs:sequence>
<xs:element name="password" minOccurs="0" maxOccurs="1"
type="aif:t_nixpass"/>
<xs:element name="xGroup" minOccurs="0" maxOccurs="unbounded">
<xs:complexType>
<xs:attribute name="name" type="aif:t_posixUserGroup"
use="required"/>
<xs:attribute name="create" type="xs:boolean" use="optional"
default="false"/>
<xs:attribute name="gid" type="xs:positiveInteger"
use="optional"/>
</xs:complexType>
<xs:unique name="uniq_grp">
<xs:selector xpath="aif:xGroup"/>
<xs:field xpath="@name"/>
</xs:unique>
</xs:element>
</xs:sequence>
<xs:attribute name="name" type="aif:t_posixUserGroup" use="required"/>
<xs:attribute name="home" type="aif:t_filepath" use="optional"/>
<xs:attribute name="uid" type="xs:positiveInteger" use="optional"/>
<xs:attribute name="group" type="aif:t_posixUserGroup" use="optional"/>
<xs:attribute name="gid" type="xs:positiveInteger" use="optional"/>
<xs:attribute name="comment" type="aif:t_nonempty" use="optional"/>
<xs:attribute name="sudo" type="xs:boolean" use="optional"
default="false"/>
<xs:attribute name="sudoPassword" type="xs:boolean" use="optional"
default="true"/>
<xs:attribute name="shell" type="aif:t_filepath" use="optional"
default="/bin/bash"/>
<!-- TODO: change the positiveIntegers to xs:duration? or union? -->
<!-- Might be pointless since the smallest increment is 1 day in
shadow(5). -->
<xs:attribute name="minAge" type="xs:positiveInteger" use="optional"/>
<xs:attribute name="maxAge" type="xs:positiveInteger" use="optional"/>
<xs:attribute name="warnDays" type="xs:positiveInteger"
use="optional"/>
<xs:attribute name="inactiveDays" type="xs:positiveInteger"
use="optional"/>
<xs:attribute name="expireDate" type="aif:t_epoch_or_iso"
use="optional"/>
</xs:complexType>
</xs:element>
</xs:sequence> </xs:sequence>
</xs:complexType> </xs:complexType>
<xs:unique name="uniq_usr"> <xs:unique name="uniq_usr">
@ -680,26 +441,18 @@
<xs:element name="services" minOccurs="0" maxOccurs="1"> <xs:element name="services" minOccurs="0" maxOccurs="1">
<xs:complexType> <xs:complexType>
<xs:sequence> <xs:sequence>
<xs:element name="service" minOccurs="1" maxOccurs="unbounded"> <xs:element name="service" minOccurs="1" maxOccurs="unbounded"
<xs:complexType> type="linux:t_service"/>
<xs:simpleContent>
<xs:extension base="aif:t_nonempty">
<xs:attribute name="status" type="xs:boolean" use="optional"
default="true"/>
</xs:extension>
</xs:simpleContent>
</xs:complexType>
<xs:unique name="uniq_svc"> <xs:unique name="uniq_svc">
<xs:selector xpath="aif:service"/> <xs:selector xpath="aif:service"/>
<xs:field xpath="@name"/> <xs:field xpath="@name"/>
<xs:field xpath="@status"/> <xs:field xpath="@status"/>
</xs:unique> </xs:unique>
</xs:element>
</xs:sequence> </xs:sequence>
</xs:complexType> </xs:complexType>
</xs:element> </xs:element>
</xs:all> </xs:all>
<xs:attribute name="timezone" type="aif:t_nonempty" use="optional" default="UTC"/> <xs:attribute name="timezone" type="std:t_nonempty" use="optional" default="UTC"/>
</xs:complexType> </xs:complexType>
</xs:element> </xs:element>
<!-- END SYSTEM --> <!-- END SYSTEM -->
@ -712,9 +465,9 @@
<xs:sequence> <xs:sequence>
<xs:element name="repo" maxOccurs="unbounded" minOccurs="1"> <xs:element name="repo" maxOccurs="unbounded" minOccurs="1">
<xs:complexType> <xs:complexType>
<xs:attribute name="name" type="aif:t_nonempty" use="required"/> <xs:attribute name="name" type="std:t_nonempty" use="required"/>
<xs:attribute name="enabled" type="xs:boolean" use="required"/> <xs:attribute name="enabled" type="xs:boolean" use="required"/>
<xs:attribute name="sigLevel" type="aif:t_nonempty" use="required"/> <xs:attribute name="sigLevel" type="std:t_nonempty" use="required"/>
<xs:attribute name="mirror" type="aif:t_pacuri" use="required"/> <xs:attribute name="mirror" type="aif:t_pacuri" use="required"/>
</xs:complexType> </xs:complexType>
</xs:element> </xs:element>
@ -736,15 +489,8 @@
<xs:element name="software" maxOccurs="1" minOccurs="0"> <xs:element name="software" maxOccurs="1" minOccurs="0">
<xs:complexType> <xs:complexType>
<xs:sequence> <xs:sequence>
<xs:element name="package" maxOccurs="unbounded" minOccurs="1"> <xs:element name="package" maxOccurs="unbounded" minOccurs="1"
<xs:complexType> type="linux:t_package"/>
<xs:simpleContent>
<xs:extension base="aif:t_nonempty">
<xs:attribute name="repo" type="aif:t_nonempty" use="optional"/>
</xs:extension>
</xs:simpleContent>
</xs:complexType>
</xs:element>
</xs:sequence> </xs:sequence>
</xs:complexType> </xs:complexType>
<xs:unique name="uniq_mirror"> <xs:unique name="uniq_mirror">
@ -757,7 +503,7 @@
</xs:unique> </xs:unique>
</xs:element> </xs:element>
</xs:sequence> </xs:sequence>
<xs:attribute name="command" type="aif:t_nonempty" use="optional" default="pacman -S"/> <xs:attribute name="command" type="std:t_nonempty" use="optional" default="pacman -S"/>
</xs:complexType> </xs:complexType>
</xs:element> </xs:element>
<!-- END PACMAN --> <!-- END PACMAN -->

View File

@ -3,6 +3,7 @@
xmlns="http://schema.xml.r00t2.io/linux.xsd" xmlns="http://schema.xml.r00t2.io/linux.xsd"
xmlns:linux="http://schema.xml.r00t2.io/linux.xsd" xmlns:linux="http://schema.xml.r00t2.io/linux.xsd"
xmlns:std="http://schema.xml.r00t2.io/std.xsd" xmlns:std="http://schema.xml.r00t2.io/std.xsd"
xmlns:sys="http://schema.xml.r00t2.io/sys.xsd"
xmlns:unix="http://schema.xml.r00t2.io/unix.xsd" xmlns:unix="http://schema.xml.r00t2.io/unix.xsd"
xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xs="http://www.w3.org/2001/XMLSchema"
elementFormDefault="qualified" elementFormDefault="qualified"
@ -16,13 +17,30 @@
</xs:restriction> </xs:restriction>
</xs:simpleType> </xs:simpleType>


<xs:complexType name="t_disk">
<xs:sequence>
<xs:element name="part" minOccurs="1" maxOccurs="unbounded" type="linux:t_partition"/>
</xs:sequence>
<xs:attribute name="id" type="xs:ID" use="required"/>
<xs:attribute name="device" type="linux:t_diskdev" use="required"/>
<xs:attribute name="diskFormat" type="sys:t_diskfmt" use="required"/>
</xs:complexType>

<xs:simpleType name="t_diskdev"> <xs:simpleType name="t_diskdev">
<xs:restriction base="xs:string"> <xs:restriction base="xs:string">
<!-- TODO: is "auto" okay here? -->
<xs:pattern value="(/dev/([A-Za-z0-9_]+/)?[A-Za-z0-9_]+[0-9]?|auto)"/> <xs:pattern value="(/dev/([A-Za-z0-9_]+/)?[A-Za-z0-9_]+[0-9]?|auto)"/>
<xs:whiteSpace value="collapse"/> <xs:whiteSpace value="collapse"/>
</xs:restriction> </xs:restriction>
</xs:simpleType> </xs:simpleType>


<xs:simpleType name="t_disksize">
<xs:restriction base="xs:string">
<xs:pattern value="[-|+]?\s*([0-9]+)\s*(%|((k|Ki)|[MGTPEZY]i?)?B?|)\s*"/>
<xs:whiteSpace value="collapse"/>
</xs:restriction>
</xs:simpleType>

<xs:simpleType name="t_fstype"> <xs:simpleType name="t_fstype">
<xs:union memberTypes="std:t_UUID4"> <xs:union memberTypes="std:t_UUID4">
<xs:simpleType> <xs:simpleType>
@ -84,6 +102,85 @@
</xs:restriction> </xs:restriction>
</xs:simpleType> </xs:simpleType>


<xs:complexType name="t_luks">
<xs:sequence>
<!-- TODO: add support for custom flags/opts? -->
<xs:element name="luksDev" minOccurs="1" maxOccurs="unbounded">
<xs:complexType>
<xs:sequence>
<xs:element name="secrets" minOccurs="1" maxOccurs="10" type="t_luks_secrets"/>
</xs:sequence>
<xs:attribute name="id" type="xs:ID" use="required"/>
<xs:attribute name="name" type="std:t_nonempty" use="required"/>
<xs:attribute name="source" type="xs:IDREF" use="required"/>
</xs:complexType>
</xs:element>
</xs:sequence>
</xs:complexType>

<xs:complexType name="t_luks_secrets">
<xs:sequence minOccurs="1" maxOccurs="unbounded">
<xs:element name="passphrase" minOccurs="0" maxOccurs="unbounded"
type="std:t_nonempty"/>
<!-- TODO: support URI to *read* bytes from? -->
<xs:element name="keyFile" minOccurs="0" maxOccurs="unbounded">
<xs:complexType>
<xs:simpleContent>
<xs:extension base="unix:t_filepath">
<xs:attribute name="size" type="xs:positiveInteger" use="optional"/>
</xs:extension>
</xs:simpleContent>
</xs:complexType>
</xs:element>
</xs:sequence>
</xs:complexType>

<xs:complexType name="t_lvm">
<xs:sequence>
<xs:element name="volumeGroup" minOccurs="1" maxOccurs="unbounded">
<xs:complexType>
<xs:all>
<xs:element name="physicalVolumes" minOccurs="1" maxOccurs="1">
<xs:complexType>
<xs:sequence>
<xs:element name="pv" minOccurs="1" maxOccurs="unbounded" type="linux:t_lvm_pv"/>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="logicalVolumes" minOccurs="1" maxOccurs="1" type="linux:t_lvm_lv"/>
</xs:all>
<xs:attribute name="id" type="xs:ID" use="required"/>
<xs:attribute name="name" type="std:t_nonempty" use="required"/>
<xs:attribute name="extentSize" type="linux:t_pesize" use="optional" default="0"/>
</xs:complexType>
</xs:element>
</xs:sequence>
</xs:complexType>

<xs:complexType name="t_lvm_lv">
<xs:sequence>
<xs:element name="lv" minOccurs="1" maxOccurs="unbounded">
<xs:complexType>
<xs:sequence minOccurs="0" maxOccurs="unbounded">
<xs:element name="pvMember" minOccurs="1" maxOccurs="unbounded">
<xs:complexType>
<xs:attribute name="source" use="required" type="xs:IDREF"/>
</xs:complexType>
</xs:element>
</xs:sequence>
<xs:attribute name="id" type="xs:ID" use="required"/>
<xs:attribute name="name" type="std:t_nonempty" use="required"/>
<xs:attribute name="size" type="linux:t_lvsize" use="required"/>
</xs:complexType>
</xs:element>
</xs:sequence>
</xs:complexType>

<xs:complexType name="t_lvm_pv">
<xs:attribute name="id" type="xs:ID" use="required"/>
<xs:attribute name="source" type="xs:IDREF" use="required"/>
</xs:complexType>

<xs:simpleType name="t_lvsize"> <xs:simpleType name="t_lvsize">
<!-- If no suffix is provided, program should assume the size is in *extents*. --> <!-- If no suffix is provided, program should assume the size is in *extents*. -->
<xs:restriction base="xs:string"> <xs:restriction base="xs:string">
@ -92,6 +189,70 @@
</xs:restriction> </xs:restriction>
</xs:simpleType> </xs:simpleType>


<xs:complexType name="t_mdadm">
<xs:sequence minOccurs="1" maxOccurs="unbounded">
<xs:element name="array" minOccurs="1" maxOccurs="unbounded">
<xs:complexType>
<xs:sequence minOccurs="1" maxOccurs="unbounded">
<xs:element name="member" minOccurs="1" maxOccurs="unbounded">
<xs:complexType>
<xs:attribute name="source" type="xs:IDREF"
use="required"/>
</xs:complexType>
</xs:element>
</xs:sequence>
<xs:attribute name="id" use="required" type="xs:ID"/>
<xs:attribute name="name" use="required" type="aif:t_nonempty"/>
<xs:attribute name="meta" use="optional" default="1.2"
type="aif:t_raid_meta"/>
<xs:attribute name="level" use="required" type="aif:t_raid_levels"/>
<!-- KB *only*. -->
<!-- Can be pretty important!
https://www.zdnet.com/article/chunks-the-hidden-key-to-raid-performance/ -->
<xs:attribute name="chunkSize" use="optional" type="xs:positiveInteger"
default="512"/>
<xs:attribute name="layout" use="optional" type="aif:t_raid_layout"
default="none"/>
</xs:complexType>
</xs:element>
</xs:sequence>
</xs:complexType>

<xs:complexType name="t_nixpass">
<xs:choice minOccurs="1" maxOccurs="1">
<xs:element name="passwordPlain">
<xs:complexType>
<xs:simpleContent>
<xs:extension base="xs:string">
<xs:attribute name="hashType" use="optional" default="sha512"
type="linux:t_passwd_hashtypes"/>
<xs:attribute name="rounds" use="optional" default="5000" type="xs:positiveInteger"/>
</xs:extension>
</xs:simpleContent>
</xs:complexType>
</xs:element>
<xs:element name="passwordHash">
<xs:complexType>
<xs:simpleContent>
<xs:extension base="linux:t_shadowhash">
<xs:attribute name="hashType" use="optional" default="(detect)"
type="linux:t_passwd_hashtypes_detect"/>
</xs:extension>
</xs:simpleContent>
</xs:complexType>
</xs:element>
</xs:choice>
<xs:attribute name="locked" use="optional" default="false" type="xs:boolean"/>
</xs:complexType>

<xs:complexType name="t_package">
<xs:simpleContent>
<xs:extension base="std:t_nonempty">
<xs:attribute name="repo" type="std:t_nonempty" use="optional"/>
</xs:extension>
</xs:simpleContent>
</xs:complexType>

<xs:simpleType name="t_part_flags"> <xs:simpleType name="t_part_flags">
<xs:union> <xs:union>
<xs:simpleType> <xs:simpleType>
@ -145,6 +306,18 @@
</xs:union> </xs:union>
</xs:simpleType> </xs:simpleType>


<xs:complexType name="t_partition">
<xs:sequence minOccurs="0" maxOccurs="1">
<xs:element name="partitionFlag" minOccurs="1" maxOccurs="unbounded" type="linux:t_part_flags"/>
</xs:sequence>
<xs:attribute name="id" type="xs:ID" use="required"/>
<xs:attribute name="name" type="std:t_nonempty" use="optional"/>
<xs:attribute name="label" type="std:t_nonempty" use="optional"/>
<xs:attribute name="start" type="linux:t_disksize" use="required"/>
<xs:attribute name="stop" type="linux:t_disksize" use="required"/>
<xs:attribute name="fsType" type="linux:t_fstype" use="required"/>
</xs:complexType>

<xs:simpleType name="t_passwd_hashtypes"> <xs:simpleType name="t_passwd_hashtypes">
<xs:union memberTypes="unix:t_passwd_hashtypes"> <xs:union memberTypes="unix:t_passwd_hashtypes">
<xs:simpleType> <xs:simpleType>
@ -161,6 +334,16 @@
</xs:union> </xs:union>
</xs:simpleType> </xs:simpleType>


<xs:simpleType name="t_passwd_hashtypes_detect">
<xs:union memberTypes="linux:t_passwd_hashtypes">
<xs:simpleType>
<xs:restriction>
<xs:enumeration value="(detect)"/>
</xs:restriction>
</xs:simpleType>
</xs:union>
</xs:simpleType>

<xs:simpleType name="t_pesize"> <xs:simpleType name="t_pesize">
<!-- This is *basically* t_lvsize except we don't allow percentages. --> <!-- This is *basically* t_lvsize except we don't allow percentages. -->
<!-- If no suffix is provided, we assume the size is in sectors <!-- If no suffix is provided, we assume the size is in sectors
@ -209,6 +392,14 @@
</xs:restriction> </xs:restriction>
</xs:simpleType> </xs:simpleType>


<xs:complexType name="t_service">
<xs:simpleContent>
<xs:extension base="std:t_nonempty">
<xs:attribute name="status" type="xs:boolean" use="optional" default="true"/>
</xs:extension>
</xs:simpleContent>
</xs:complexType>

<xs:simpleType name="t_shadowhash"> <xs:simpleType name="t_shadowhash">
<xs:union memberTypes="unix:t_shadowhash"> <xs:union memberTypes="unix:t_shadowhash">
<xs:simpleType> <xs:simpleType>
@ -220,4 +411,48 @@
</xs:union> </xs:union>
</xs:simpleType> </xs:simpleType>


<xs:complexType name="t_user">
<xs:sequence>
<xs:element name="password" minOccurs="0" maxOccurs="1"
type="linux:t_nixpass"/>
<xs:element name="xGroup" minOccurs="0" maxOccurs="unbounded">
<xs:complexType>
<xs:attribute name="name" type="unix:t_posixUserGroup"
use="required"/>
<xs:attribute name="create" type="xs:boolean" use="optional"
default="false"/>
<xs:attribute name="gid" type="xs:positiveInteger"
use="optional"/>
</xs:complexType>
<xs:unique name="uniq_grp">
<xs:selector xpath="aif:xGroup"/>
<xs:field xpath="@name"/>
</xs:unique>
</xs:element>
</xs:sequence>
<xs:attribute name="name" type="unix:t_posixUserGroup" use="required"/>
<xs:attribute name="home" type="unix:t_filepath" use="optional"/>
<xs:attribute name="uid" type="xs:positiveInteger" use="optional"/>
<xs:attribute name="group" type="unix:t_posixUserGroup" use="optional"/>
<xs:attribute name="gid" type="xs:positiveInteger" use="optional"/>
<xs:attribute name="comment" type="std:t_nonempty" use="optional"/>
<xs:attribute name="sudo" type="xs:boolean" use="optional"
default="false"/>
<xs:attribute name="sudoPassword" type="xs:boolean" use="optional"
default="true"/>
<xs:attribute name="shell" type="unix:t_filepath" use="optional"
default="/bin/bash"/>
<!-- TODO: change the positiveIntegers to xs:duration? or union? -->
<!-- Might be pointless since the smallest increment is 1 day in
shadow(5). -->
<xs:attribute name="minAge" type="xs:positiveInteger" use="optional"/>
<xs:attribute name="maxAge" type="xs:positiveInteger" use="optional"/>
<xs:attribute name="warnDays" type="xs:positiveInteger"
use="optional"/>
<xs:attribute name="inactiveDays" type="xs:positiveInteger"
use="optional"/>
<xs:attribute name="expireDate" type="std:t_epoch_or_iso"
use="optional"/>
</xs:complexType>

</xs:schema> </xs:schema>

View File

@ -36,4 +36,48 @@
</xs:restriction> </xs:restriction>
</xs:simpleType> </xs:simpleType>


<xs:complexType name="t_user">
<xs:sequence>
<xs:element name="password" minOccurs="0" maxOccurs="1"
type="aif:t_nixpass"/>
<xs:element name="xGroup" minOccurs="0" maxOccurs="unbounded">
<xs:complexType>
<xs:attribute name="name" type="unix:t_posixUserGroup"
use="required"/>
<xs:attribute name="create" type="xs:boolean" use="optional"
default="false"/>
<xs:attribute name="gid" type="xs:positiveInteger"
use="optional"/>
</xs:complexType>
<xs:unique name="uniq_grp">
<xs:selector xpath="aif:xGroup"/>
<xs:field xpath="@name"/>
</xs:unique>
</xs:element>
</xs:sequence>
<xs:attribute name="name" type="unix:t_posixUserGroup" use="required"/>
<xs:attribute name="home" type="unix:t_filepath" use="optional"/>
<xs:attribute name="uid" type="xs:positiveInteger" use="optional"/>
<xs:attribute name="group" type="unix:t_posixUserGroup" use="optional"/>
<xs:attribute name="gid" type="xs:positiveInteger" use="optional"/>
<xs:attribute name="comment" type="std:t_nonempty" use="optional"/>
<xs:attribute name="sudo" type="xs:boolean" use="optional"
default="false"/>
<xs:attribute name="sudoPassword" type="xs:boolean" use="optional"
default="true"/>
<xs:attribute name="shell" type="unix:t_filepath" use="optional"
default="/bin/bash"/>
<!-- TODO: change the positiveIntegers to xs:duration? or union? -->
<!-- Might be pointless since the smallest increment is 1 day in
shadow(5). -->
<xs:attribute name="minAge" type="xs:positiveInteger" use="optional"/>
<xs:attribute name="maxAge" type="xs:positiveInteger" use="optional"/>
<xs:attribute name="warnDays" type="xs:positiveInteger"
use="optional"/>
<xs:attribute name="inactiveDays" type="xs:positiveInteger"
use="optional"/>
<xs:attribute name="expireDate" type="std:t_epoch_or_iso"
use="optional"/>
</xs:complexType>

</xs:schema> </xs:schema>