anvil/anvil.spec.in

%global numcomm @numcomm@
%global alphatag @alphatag@
%global dirty @dirty@

%define debug_package %{nil}
%define anviluser     admin
%define anvilgroup    admin
%define suiapi        striker-ui-api

Name:           anvil
Version:        @version@
Release:        1%{?numcomm:.%{numcomm}}%{?alphatag:.%{alphatag}}%{?dirty:.%{dirty}}%{?dist}
Summary:        Alteeve Anvil! complete package.

License:        GPLv2+
URL:            https://github.com/ClusterLabs/anvil
Source0:        %{name}-%{version}%{?numcomm:.%{numcomm}}%{?alphatag:-%{alphatag}}%{?dirty:-%{dirty}}.tar.gz
BuildArch:      noarch

# required to detect paths to:
# systemd unit files
BuildRequires:  systemd autoconf automake
# fence-agents binaries
BuildRequires:  fence-agents-common
# OCFROOT
BuildRequires:  resource-agents

%description
This package generates the anvil-core, anvil-striker, anvil-node and anvil-dr 
RPM's. The 'core' RPM is common to all machines in an Anvil! cluster, with the
other three used for each machine, given its roll.

WARNING: This is an alpha-stage project. Many features are missing and this 
         should not be used for anything other than development purposes! The
         first stable release will be 3.1. Anything 3.0 is UNSTABLE.

%package core
Summary:        Alteeve's Anvil! Core package
Requires:       bash-completion 
Requires:       binutils
Requires:       chrony
Requires:       cyrus-sasl
Requires:       cyrus-sasl-gssapi
Requires:       cyrus-sasl-lib
Requires:       cyrus-sasl-md5
Requires:       cyrus-sasl-plain
Requires:       bind-utils 
Requires:       dmidecode
Requires:       dnf-utils
Requires:       expect
Requires:       fence-agents-all 
Requires:       fence-agents-virsh 
Requires:       firewalld
Requires:       freeipmi
Requires:       glibc-all-langpacks
Requires:       gpm 
Requires:       hdparm
Requires:       htop
Requires:       iproute
Requires:       kernel-core
Requires:       kernel-devel
Requires:       kernel-headers
Requires:       lsscsi
Requires:       lsof
Requires:       mailx
Requires:       mlocate 
Requires:       net-snmp-utils
Requires:       NetworkManager-initscripts-updown
Requires:       nvme-cli
Requires:       pciutils
Requires:       perl-Capture-Tiny
Requires:       perl-Data-Dumper 
Requires:       perl-Data-Validate-Domain
Requires:       perl-Data-Validate-IP
Requires:       perl-DBD-Pg 
Requires:       perl-DBI
Requires:       perl-Data-Validate-Domain
Requires:       perl-Digest-SHA
Requires:       perl-File-MimeInfo
Requires:       perl-CGI
Requires:       perl-HTML-FromText
Requires:       perl-HTML-Strip
Requires:       perl-IO-Tty
Requires:       perl-JSON 
Requires:       perl-Log-Journald 
Requires:       perl-Mail-RFC822-Address
Requires:       perl-Net-Domain-TLD
Requires:       perl-Net-SSH2 
Requires:       perl-Net-Netmask
Requires:       perl-Net-OpenSSH
Requires:       perl-NetAddr-IP 
Requires:       perl-Proc-Simple
Requires:       perl-Sys-Syslog
Requires:       perl-Sys-Virt
Requires:       perl-Text-Diff
Requires:       perl-Time-HiRes
Requires:       perl-UUID-Tiny
Requires:       perl-XML-LibXML 
Requires:       perl-XML-Simple 
Requires:       postfix
Requires:       postgresql-contrib 
Requires:       postgresql-plperl 
Requires:       rsync 
Requires:       screen
Requires:       smartmontools
Requires:       strace
Requires:       syslinux
Requires:       tar
Requires:       tcpdump
Requires:       tmux
Requires:       unzip
Requires:       usbutils
Requires:       vim 
Requires:       wget
# iptables-services conflicts with firewalld
Conflicts:      iptables-services
# We handle interface naming
Conflicts:      biosdevname

%description core
Common base libraries required for the Anvil! system.


%package striker
Summary:        Alteeve's Anvil! Striker dashboard package
Requires:       anvil-core == %{version}-%{release}
Requires:       augeas
Requires:       bpg-dejavu-sans-fonts
Requires:       createrepo
Requires:       dejavu-sans-fonts
Requires:       dejavu-sans-mono-fonts
Requires:       dejavu-serif-fonts
Requires:       dhcp-server
Requires:       firefox
Requires:       gcc
Requires:       gdm
Requires:       gnome-terminal
Requires:       netpbm-progs
Requires:       nmap
Requires:       nodejs
Requires:       openssh-askpass
Requires:       postgresql-server 
Requires:       syslinux
Requires:       syslinux-nonlinux
Requires:       tftp-server
Requires:       virt-manager


# A Striker dashboard is not allowed to host servers or be a migration target. 
# So the node and dr packages can not be installed.
Conflicts: 	anvil-node
Conflicts:	anvil-dr
%description striker
Web interface of the Striker dashboard for Alteeve Anvil! systems

NOTE: This installs and enables Gnome desktop.

%package node 
Summary:        Alteeve's Anvil! node package
Requires:       anvil-core == %{version}-%{release}
Requires:       drbd90-utils 
Requires:       kmod-drbd
Requires:       libvirt 
Requires:       libvirt-daemon 
Requires:       libvirt-daemon-driver-qemu 
Requires:       libvirt-daemon-kvm 
Requires:       libvirt-docs 
Requires:       nmap-ncat
Requires:       pacemaker 
Requires:       pcs 
Requires:       python3-websockify
Requires:       qemu-kvm 
Requires:       qemu-kvm-core 
Requires:       virt-install
Requires:       virt-top
# A node is allowed to host servers and be a live migration target. It is not 
# allowed to host a database or be a DR host.
Conflicts:      anvil-striker
Conflicts:      anvil-dr
Conflicts:      netcat

%description node

Provides support for active node in an Anvil! pair.

NOTE: On RHEL proper, this requires the node had the "High-Availability 
Add-on".

NOTE: LINBIT customers must have access to the LINBIT repositories configured.

%package dr
Summary:        Alteeve's Anvil! DR host package
Requires:       anvil-core == %{version}-%{release}
Requires:       drbd90-utils 
Requires:       kmod-drbd
Requires:       libvirt 
Requires:       libvirt-daemon 
Requires:       libvirt-daemon-driver-qemu 
Requires:       libvirt-daemon-kvm 
Requires:       libvirt-docs 
Requires:       nmap-ncat
Requires:       python3-websockify
Requires:       qemu-kvm 
Requires:       qemu-kvm-core 
Requires:       virt-install
Requires:       virt-top
# A DR host is not allowed to be a live-migration target or host a database.
Conflicts:      anvil-striker
Conflicts:      anvil-node
Conflicts:      netcat

%description dr

Provides support for asynchronous disaster recovery hosts in an Anvil! cluster.


%prep
%autosetup -n %{name}-%{version}%{?numcomm:.%{numcomm}}%{?alphatag:-%{alphatag}}%{?dirty:-%{dirty}}

%build
./autogen.sh
%{configure}
make %{_smp_mflags}

%install
rm -rf %{buildroot}
make install DESTDIR=%{buildroot}

%pre core
if [ ! -d /usr/share/anvil ];
then
    mkdir /usr/share/anvil
fi
getent group %{anvilgroup} >/dev/null || groupadd -r %{anvilgroup}
getent passwd %{anviluser} >/dev/null || useradd --create-home \
    --gid %{anvilgroup}  --comment "Anvil! user account" %{anviluser}

%post core
# TODO: Remove this!! This is only for use during development, all SELinux 
#       issues must be resolved before final release!
echo "WARNING: Setting SELinux to 'permissive' during development."
sed -i.anvil 's/SELINUX=enforcing/SELINUX=permissive/' /etc/selinux/config 
setenforce 0
# Enable and start the anvil-daemon
### TODO: check it if was disabled (if it existed before) and, if so, leave it disabled.
systemctl enable --now chronyd.service
systemctl enable --now anvil-daemon.service
systemctl enable --now scancore.service

%pre striker
getent passwd %{suiapi} >/dev/null \
	|| useradd \
		--comment "Striker UI API" \
		--home-dir %{_datadir}/%{suiapi} \
		--shell %{_sbindir}/nologin \
		--user-group \
		%{suiapi}

if [ $1 -gt 1 ]; then # >1=Upgrade
	# Transfer files owned by apache to Striker UI API user.
	chown -R --from apache %{suiapi}: /mnt
	chown -R --from apache %{suiapi}: %{_localstatedir}/www
fi

%post striker
### NOTE: PostgreSQL is initialized and enabled by striker-prep-database later.

# Always reload to handle service file changes.
systemctl daemon-reload

systemctl enable %{suiapi}.service
# Striker UI API needs explicit restart for changes to take effect.
systemctl restart %{suiapi}.service

restorecon -rv /%{_localstatedir}/www
if ! $(ls -l /etc/systemd/system/default.target | grep -q graphical); 
then 
    echo "Seting graphical interface as default on boot."
    systemctl set-default graphical.target
    systemctl enable gdm.service
fi

### This is handled by anvil-daemon now
#echo "Preparing the database"
#striker-prep-database
#anvil-update-states

# Touch the system type file.
echo "Touching the system type file"
if [ -e '/etc/anvil/type.node' ]
then
    rm -f /etc/anvil/type.node
elif [ -e '/etc/anvil/type.dr' ]
then 
    rm -f /etc/anvil/type.dr
fi
touch /etc/anvil/type.striker


### TODO: I don't think we need this anymore
# Open access for Striker. The database will be opened after initial setup.
echo "Opening the web and postgresql ports."
systemctl enable firewalld
systemctl start firewalld
firewall-cmd --add-service=http
firewall-cmd --add-service=http --permanent
firewall-cmd --add-service=https
firewall-cmd --add-service=https --permanent
firewall-cmd --add-service=postgresql
firewall-cmd --add-service=postgresql --permanent

%pre node


%post node
# Touch the system type file.
echo "Touching the system type file"
if [ -e '/etc/anvil/type.striker' ]
then
    rm -f /etc/anvil/type.striker
elif [ -e '/etc/anvil/type.dr' ]
then 
    rm -f /etc/anvil/type.dr
fi
touch /etc/anvil/type.node


%pre dr


%post dr
# Touch the system type file.
echo "Touching the system type file"
if [ -e '/etc/anvil/type.striker' ]
then
    rm -f /etc/anvil/type.striker
elif [ -e '/etc/anvil/type.node' ]
then 
    rm -f /etc/anvil/type.node
fi
touch /etc/anvil/type.dr

### Remove stuff - Disabled for now, messes things up during upgrades
%postun core
## This is breaking on upgrades - (note: switch back to single percent sign 
##                                       when re-enabling)
#getent passwd %%{anviluser} >/dev/null && userdel %%{anviluser}
#getent group %%{anvilgroup} >/dev/null && groupdel %%{anvilgroup}
# echo "NOTE: Re-enabling SELinux."
# sed -i.anvil 's/SELINUX=permissive/SELINUX=enforcing/' /etc/selinux/config 
# setenforce 1

%preun striker
if [ $1 == 0 ]; then # 0=Uninstall, 1=First install, >1=Upgrade (version count)
	systemctl disable --now %{suiapi}.service
fi

%postun striker
### TODO: Stopping postgres breaks the Anvil! during OS updates. Need to find a
###       way to run this only during uninstalls, and not during updates.
### TODO: This breaks the repos
# rm -rf /usr/share/anvil
# echo "Closing the postgresql ports."
#firewall-cmd --zone=public --remove-service=http
#firewall-cmd --zone=public --remove-service=http --permanent
# firewall-cmd --zone=public --remove-service=postgresql
# firewall-cmd --zone=public --remove-service=postgresql --permanent
# echo "Disabling and stopping postgresql-9.6."
# systemctl disable postgresql.service
# systemctl stop postgresql.service

if [ $1 == 0 ]; then # 0=Uninstall
	systemctl daemon-reload
fi

# Remove the system type file.
if [ -e '/etc/anvil/type.striker' ]
then
    rm -f /etc/anvil/type.striker
fi

%postun node
# Remove the system type file.
if [ -e '/etc/anvil/type.node' ]
then
    rm -f /etc/anvil/type.node
fi

%postun dr
# Remove the system type file.
if [ -e '/etc/anvil/type.dr' ]
then
    rm -f /etc/anvil/type.dr
fi


%files core
%doc README.md
%config(noreplace) %{_sysconfdir}/anvil/anvil.conf
%{_usr}/lib/*
%config(noreplace) %{_datadir}/anvil/anvil.sql
%{_datadir}/anvil/firewall.txt
%{_datadir}/anvil/words.xml
%{_sbindir}/*
%{_sysconfdir}/anvil/anvil.version
%{_datadir}/perl5/*
%{_mandir}/*

%files striker
%{_localstatedir}/www/*/*
%{_datadir}/anvil/striker-auto-initialize-all.example
%{_datadir}/%{suiapi}/*
%ghost %{_sysconfdir}/anvil/snmp-vendors.txt

%files node
%{_sysconfdir}/libvirt/hooks/*
%{_usr}/lib/ocf/resource.d/alteeve/server

%files dr
%{_sysconfdir}/libvirt/hooks/*


%changelog
* @date@ Autotools generated version <nobody@nowhere.org> - @version@-1-@numcomm@.@alphatag@.@dirty@
- Autotools generated version.
- These aren't the droids you're looking for.