summaryrefslogtreecommitdiff
path: root/omnibus/package-scripts/chef-fips/postinst
blob: 6f13382b619aa02ab559503a90871bf591ee0924 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
#!/bin/sh
# WARNING: REQUIRES /bin/sh
#
# - must run on /bin/sh on solaris 9
# - must run on /bin/sh on AIX 6.x
# - if you think you are a bash wizard, you probably do not understand
#   this programming language.  do not touch.
# - if you are under 40, get peer review from your elders.
#
# Install a full Opscode Client
#

PROGNAME=`basename $0`
INSTALLER_DIR=/opt/chef-fips
CONFIG_DIR=/etc/chef
USAGE="usage: $0 [-v validation_key] ([-o organization] || [-u url])"

error_exit()
{
  echo "${PROGNAME}: ${1:-"Unknown Error"}" 1>&2
  exit 1
}

is_darwin()
{
  uname -v | grep "^Darwin" 2>&1 >/dev/null
}

is_smartos()
{
  uname -v | grep "^joyent" 2>&1 >/dev/null
}

if is_smartos; then
    PREFIX="/opt/local"
elif is_darwin; then
    PREFIX="/usr/local"
    mkdir -p "$PREFIX/bin"
else
    PREFIX="/usr"
fi

validation_key=
organization=
chef_url=

while getopts o:u:v: opt
do
    case "$opt" in
      v)  validation_key="${OPTARG}";;
      o)  organization="${OPTARG}"; chef_url="https://api.opscode.com/organizations/${OPTARG}";;
      u)  chef_url="${OPTARG}";;
      \?)    # unknown flag
          echo >&2 ${USAGE}
    exit 1;;
    esac
done
shift `expr ${OPTIND} - 1`

if [ "" != "$chef_url" ]; then
  mkdir -p ${CONFIG_DIR} || error_exit "Cannot create ${CONFIG_DIR}!"
  (
  cat <<'EOP'
log_level :info
log_location STDOUT
EOP
  ) > ${CONFIG_DIR}/client.rb
  if [ "" != "$chef_url" ]; then
    echo "chef_server_url '${chef_url}'" >> ${CONFIG_DIR}/client.rb
  fi
  if [ "" != "$organization" ]; then
    echo "validation_client_name '${organization}-validator'" >> ${CONFIG_DIR}/client.rb
  fi
  chmod 644 ${CONFIG_DIR}/client.rb
fi

if [ "" != "$validation_key" ]; then
  cp ${validation_key} ${CONFIG_DIR}/validation.pem || error_exit "Cannot copy the validation key!"
  chmod 600 ${CONFIG_DIR}/validation.pem
fi

# rm -f before ln -sf is required for solaris 9
rm -f $PREFIX/bin/chef-client
rm -f $PREFIX/bin/chef-solo
rm -f $PREFIX/bin/chef-apply
rm -f $PREFIX/bin/chef-shell
rm -f $PREFIX/bin/knife
rm -f $PREFIX/bin/shef
rm -f $PREFIX/bin/ohai

ln -sf $INSTALLER_DIR/bin/chef-solo $PREFIX/bin || error_exit "Cannot link chef-solo to $PREFIX/bin"
if [ -f "$INSTALLER_DIR/bin/chef-apply" ]; then
  ln -sf $INSTALLER_DIR/bin/chef-apply $PREFIX/bin || error_exit "Cannot link chef-apply to $PREFIX/bin"
fi
if [ -f "$INSTALLER_DIR/bin/chef-shell" ]; then
  ln -sf $INSTALLER_DIR/bin/chef-shell $PREFIX/bin || error_exit "Cannot link chef-shell to $PREFIX/bin"
fi
ln -sf $INSTALLER_DIR/bin/knife $PREFIX/bin || error_exit "Cannot link knife to $PREFIX/bin"
if [ -f "$INSTALLER_DIR/bin/shef" ]; then
  ln -sf $INSTALLER_DIR/bin/shef $PREFIX/bin || error_exit "Cannot link shef to $PREFIX/bin"
fi
ln -sf $INSTALLER_DIR/bin/ohai $PREFIX/bin || error_exit "Cannot link ohai to $PREFIX/bin"

# We test for the presence of /usr/bin/chef-client to know if this script succeeds, so this
# must appear as the last real action in the script
ln -sf $INSTALLER_DIR/bin/chef-client $PREFIX/bin || error_exit "Cannot link chef-client to $PREFIX/bin"

# Ensure all files/directories in $INSTALLER_DIR are owned by root. This
# has been fixed on new installs but upgrades from old installs need to
# be manually fixed.
chown -Rh 0:0 $INSTALLER_DIR

echo "Thank you for installing Chef!"

exit 0