forked from ESGF/esgf-installer
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathesg-autoinstall
executable file
·280 lines (275 loc) · 9.09 KB
/
esg-autoinstall
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
#!/usr/bin/expect -f
# -*- mode:shell-script -*-
#
# Expect script for automatically building an ESGF node
#
# To use, copy the file esg-autoinstall.template (either in
# /usr/local/etc from the boostrapper or from the Git repository) to
# /usr/local/etc/esg-autoinstall.conf and edit it to reflect your site
# settings, then run 'esg-autoinstall'
#
source /usr/local/etc/esg-autoinstall.conf
### Expect script begins here ###
spawn ${ESGNODESCRIPT} --type ${NODETYPE} --install ${INSTALLFLAGS}
expect {
# Error messages cause instant abort
# ERROR and FATAL are found even in working installs
# "ERROR:" { exit 1 }
"could not change directory to" { exit 1 }
"No space left on device" { exit 1 }
"Permission denied" { exit 1 }
"This action did not complete successfully" { exit 1 }
# Actual script responses
"Please select the ESGF distribution mirror for this installation" {
send \n ; exp_continue
}
"Are you ready to begin the installation?" {
send y\n ; exp_continue
}
"Please select the IP address to use for this installation" {
send 0\n ; exp_continue
}
"What is the fully qualified domain name of this node?" {
send ${FQDN}\n ; exp_continue
}
"What is the admin password to use for this installation?" {
send ${ADMINPASS}\n ; exp_continue
}
"Please re-enter password:" {
send ${ADMINPASS}\n ; exp_continue
}
"What is the name of your organization?" {
send ${ORGNAME}\n ; exp_continue
}
"Please give this node a \"short\" name" {
send ${SHORTNAME}\n ; exp_continue
}
"Please give this node a more descriptive \"long\" name" {
send ${LONGNAME}\n ; exp_continue
}
"What is the namespace to use for this node?" {
send ${NAMESPACE}\n ; exp_continue
}
"What peer group(s) will this node participate in?" {
send ${PEERGROUP}\n ; exp_continue
}
"What is the default peer to this node?" {
send ${DEFAULTPEER}\n ; exp_continue
}
"What is the hostname of the node do you plan to publish to?" {
send ${PUBLISHNODE}\n ; exp_continue
}
"What email address should notifications be sent as?" {
send ${ADMINEMAIL}\n ; exp_continue
}
"Is the database external to this node?" {
send \n ; exp_continue
}
"What is the database connection string?" {
send ${DBSTRING}\n ; exp_continue
}
"Is the database external to this node?" {
send ${DBEXTERNAL}\n ; exp_continue
}
"What is the (low priv) db account for publisher?" {
send ${DBLOWUSER}\n ; exp_continue
}
"What is the db password for publisher user" {
send ${DBLOWPASS}\n ; exp_continue
}
"Enter password for postgres user dbsuper:" {
send ${ADMINPASS}\n ; exp_continue
}
"Re-enter password for postgres user dbsuper:" {
send ${ADMINPASS}\n ; exp_continue
}
"Please Enter PostgreSQL port number" {
send ${PGPORT}\n ; exp_continue
}
"Would you like a \"system\" or \"user\" publisher configuration" {
send \n ; exp_continue
}
"Is this correct?" {
send Y\n ; exp_continue
}
"What is your organization's id?" {
send ${ORGNAME}\n ; exp_continue
}
"Do you want to continue with Tomcat installation and setup?" {
send \n ; exp_continue
}
"Do you want to continue with esgcet installation and setup?" {
send \n ; exp_continue
}
"Do you want to continue with thredds installation and setup?" {
send \n ; exp_continue
}
"Do you want to continue with ESGF Dashboard IP installation and setup?" {
send \n ; exp_continue
}
"Would you like to use the DN: (OU=ESGF.ORG, O=ESGF)" {
send \n ; exp_continue
}
"Please enter the password for this keystore" {
send ${ADMINPASS}\n ; exp_continue
}
"Please re-enter the password for this keystore" {
send ${ADMINPASS}\n ; exp_continue
}
"Enter a single ip address which would be cleared to access admin restricted pages." {
send ${ADMINIP}\n ; exp_continue
}
"Do you wish to allow further ips?" {
send n\n ; exp_continue
}
"Please enter username for tomcat" {
send \n ; exp_continue
}
"Please enter password for user, " {
send \n ; exp_continue
}
"Would you like to add another user?" {
send \n ; exp_continue
}
"Do you wish to setup the redirect to the esgf-node-manager's page?" {
send \n ; exp_continue
}
"(RETURN if same as keystore password)" {
send \n ; exp_continue
}
"Do you wish to generate a Certificate Signing Request at this time?" {
send \n ; exp_continue
}
"Please Enter the IP address of this host" {
send \n ; exp_continue
}
"Please Enter the public (i.e. routable) IP address of this host" {
send \n ; exp_continue
}
"Do you wish to use an external IDP peer?" {
send ${EXTERNALIDP}\n ; exp_continue
}
"Please specify your IDP peer node's FQDN:" {
send ${IDPPEER}\n ; exp_continue
}
"Enter certificate to add to trusted keystore" {
send \n ; exp_continue
}
# For --type all, Globus is set up twice, once as a gateway, and
# once as a datanode. Unfortunately, on the second pass of this
# the prompt defaults to N because it detects the installation of
# the previous type, so we have to always force it to Y, or key
# packages will not be installed and the globus user will be
# missing.
#
# This means that it will always be forcibly reinstalled upon
# upgrade even if it doesn't need to be, but there is no way
# around that at this time without changing the detection in the
# esg-node script.
"Do you want to continue with the Globus installation and setup?" {
send Y\n ; exp_continue
}
"Do you want to make a back up of the existing Globus distribution (datanode)?" {
send \n ; exp_continue
}
"Do you want to register the GridFTP server with Globus?" {
send Y\n ; exp_continue
}
"Do you want to register the MyProxy server with Globus?" {
send Y\n ; exp_continue
}
"Please provide a Globus username" {
send ${GLOBUSUSER}\n ; exp_continue
}
"Globus password" {
send ${GLOBUSPASS}\n ; exp_continue
}
"Globus Username:" {
send ${GLOBUSUSER}\n ; exp_continue
}
"Globus Password:" {
send ${GLOBUSPASS}\n ; exp_continue
}
"Enter password for new role:" {
send ${ADMINPASS}\n ; exp_continue
}
"Enter it again:" {
send ${ADMINPASS}\n ; exp_continue
}
# This prompt is causing problems -- apparently it's either not a real
# stopping point, or there is an errant \n before this prompt is
# reached. Removing it fixes a known installation problem, however.
# "Is this ok" {
# send Y\n ; exp_continue
# }
"Add new line:" {
send \n ; exp_continue
}
"Do you still wish to continue?" {
send Y\n ; exp_continue
}
"Do you want to continue with openid relying party installation and setup?" {
send \n ; exp_continue
}
"Do you want to make a back up of the existing distribution?" {
send Y\n ; exp_continue
}
"Do you want to continue with security services installation and setup?" {
send \n ; exp_continue
}
"Do you want to continue with idp services installation and setup?" {
send \n ; exp_continue
}
"Do you want to continue with search services installation and setup?" {
send \n ; exp_continue
}
"Do you want to continue with security schema setup?" {
send \n ; exp_continue
}
"Do you want to make a back up of the existing database schema" {
send \n ; exp_continue
}
"Do you still wish to (re)GENERATE self signed certs (and usurp what is present)?" {
send \n ; exp_continue
}
"Do you want to overwrite this CA?" {
send \n ; exp_continue
}
"Enter (simple) CA's certificate password" {
send ${CACERTPASS}\n ; exp_continue
}
"Do you want to make a back up of the existing MyProxy SimpleCA (gateway)?" {
send Y\n ; exp_continue
}
# This prompt in theory should only appear if you in fact already
# have a simple CA, and the default will be 'N', correct for
# upgrades.
"Do you wish to install a simple CA?" {
send \n ; exp_continue
}
"Would you like to remove the current CA setup?" {
send \n ; exp_continue
}
"Do you want to keep this as the CA subject" {
send Y\n ; exp_continue
}
"Enter the email of the CA" {
send ${ADMINEMAIL}\n ; exp_continue
}
"default: 5 years" {
send \n ; exp_continue
}
"Enter PEM pass phrase:" {
send ${CACERTPASS}\n ; exp_continue
}
"please enter the password for the CA key" {
send ${CACERTPASS}\n ; exp_continue
}
"Enter (simple) CA's certificate password" {
send ${CACERTPASS}\n ; exp_continue
}
# Victory conditions
"Node installation is complete." {
exit 0
}
}