Current release: siteXYtools 0.3, 5 November 2006 | Changelog · · · GitHub: Source | Issues


siteXYtools aid in generating siteXY.tgz and siteXY-hostname.tgz fileset tarballs as used by the OpenBSD installer. It offers a generic, removing the need to write code when automatically adding users, packages, etc during install. It has support for defining common files shared by all hosts, defining arbitrary roles shared by any number of hosts, as well as host-specific files that are only available to a single host.

An example session, complete from start to finish follows. We want sshd_config to the be the same on every host. We want DNS data copied to DNS servers and the pf ruleset must be placed on the firewalls.

$ mkdir siteXY-work && cd siteXY-work
$ mkdir -p common/etc/ssh roles/dns/var/named roles/fw/etc
$ cp /etc/ssh/sshd_config common/etc
$ cp -r /var/named roles/dns/var/named
$ cp /etc/pf.conf roles/fw/etc
$ mkdir -p host1/etc host2/etc host3/etc host4/etc host5/etc host6/var/www/conf
$ touch host1/.role-dns host2/.role-dns
$ touch host3/.role-fw host4/.role-fw
$ $EDITOR host5/etc/sysctl.conf
$ $EDITOR .siteXYrc - set ballDir=/tmp
tweak etc/hostname.if on each host as needed
$ generate
/tmp/site40-host1.tgz: common role dns .. done
/tmp/site40-host2.tgz: common role dns .. done
/tmp/site40-host3.tgz: common role dns .. done
/tmp/site40-host4.tgz: common role fw .. done
/tmp/site40-host5.tgz: common .. done
/tmp/site40-host6.tgz: common .. done
/tmp/site40.tgz: Including common directory
Whoops, we forgot a file for host6
$ $EDITOR host6/var/www/conf/httpd.conf
$ generate host6
/tmp/site40-host6.tgz: common .. done

Now copy the tarballs to a webserver and create index.txt with their names so the OpenBSD installer may find them.

$ cd /var/www/htdocs/siteXY
$ sudo cp /tmp/site*.tgz .
$ ls *.tgz > index.txt


Note that common/*, roles/*/* and hostname/* all end up in the root of the tarball, so it's possible to overwrite common or role settings on individual hosts by simply including a file of the same name. This method may also be used to confuse the hell out of administrators, so make sure hosts which override the global settings are properly documented.

Known problems

Related work