<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>clients.xml — Bcfg2 1.3.0 documentation</title> <link rel="stylesheet" href="../../../../../_static/default.css" type="text/css" /> <link rel="stylesheet" href="../../../../../_static/pygments.css" type="text/css" /> <script type="text/javascript"> var DOCUMENTATION_OPTIONS = { URL_ROOT: '../../../../../', VERSION: '1.3.0', COLLAPSE_INDEX: false, FILE_SUFFIX: '.html', HAS_SOURCE: true }; </script> <script type="text/javascript" src="../../../../../_static/jquery.js"></script> <script type="text/javascript" src="../../../../../_static/underscore.js"></script> <script type="text/javascript" src="../../../../../_static/doctools.js"></script> <script type="text/javascript" src="../../../../../_static/sidebar.js"></script> <link rel="shortcut icon" href="../../../../../_static/favicon.ico"/> <link rel="top" title="Bcfg2 1.3.0 documentation" href="../../../../../index.html" /> <link rel="up" title="TGenshi" href="../../tgenshi.html" /> <link rel="next" title="ganglia" href="ganglia.html" /> <link rel="prev" title="bcfg2-cron" href="bcfg2-cron.html" /> <link rel="stylesheet" href="../../../../../_static/bcfg2.css" type=""/> </head> <body> <div style="text-align: left; padding: 10px 10px 15px 15px"> <a href="../../../../../index.html"><img src="../../../../../_static/bcfg2_logo.png" border="0" alt="sampledoc"/></a> </div> <div class="related"> <h3>Navigation</h3> <ul> <li class="right" style="margin-right: 10px"> <a href="../../../../../genindex.html" title="General Index" accesskey="I">index</a></li> <li class="right" > <a href="../../../../../py-modindex.html" title="Python Module Index" >modules</a> |</li> <li class="right" > <a href="ganglia.html" title="ganglia" accesskey="N">next</a> |</li> <li class="right" > <a href="bcfg2-cron.html" title="bcfg2-cron" accesskey="P">previous</a> |</li> <li><a href="../../../../../index.html">home</a> | </li> <!--<li><a href="../../../../../search.html">search</a> | </li>--> <li><a href="../../../../../help/index.html">help</a> | </li> <li><a href="../../../../../contents.html">documentation </a> »</li> <li><a href="../../../../../contents.html" >Bcfg2 documentation 1.3.0</a> »</li> <li><a href="../../../../index.html" >The Bcfg2 Server</a> »</li> <li><a href="../../../index.html" >Plugins</a> »</li> <li><a href="../../tgenshi.html" accesskey="U">TGenshi</a> »</li> </ul> </div> <div class="document"> <div class="documentwrapper"> <div class="bodywrapper"> <div class="body"> <div class="section" id="clients-xml"> <h1>clients.xml<a class="headerlink" href="#clients-xml" title="Permalink to this headline">ΒΆ</a></h1> <p>As submitted by dclark</p> <p>Here is an example of maintaining the bcfg2 server’s <tt class="docutils literal"><span class="pre">/var/lib/bcfg2/Metadata/clients.xml</span></tt> file using Genshi templates.</p> <p>There are two main advantages:</p> <ol class="arabic simple"> <li>Password storage is centralized in the <tt class="docutils literal"><span class="pre">Properties/passwords.xml</span></tt> file this helps maintain consistency, makes changing passwords easier, and also makes it easier to share your configurations with other sites/people.</li> <li>You can template the file using Genshi’s <cite>{% def %}</cite> syntax, which makes <cite>clients.xml</cite> much more readable. An important thing to note is how the <cite>name</cite> variable is handled - when just referring to it the standard <cite>${name}</cite> syntax is used, but when it is used as a variable in the expression to get the password, <cite>password=”${metadata.Properties[‘passwords.xml’].xdata.find(‘password’).find(‘bcfg2-client’).find(name).text}”</cite>, it is just referred to as <cite>name</cite>.</li> </ol> <p>There is the disadvantage that sometimes 2 passes will be needed to get to a consistent state.</p> <p>Possible improvements:</p> <ol class="arabic simple"> <li>Wrapper for bcfg2 client runs on the bcfg2 server, perhaps using a call to <cite>bcfg2-info buildfile</cite>, so clients.xml is always generated before everything else happens (since the state of clients.xml can influence everything else bcfg2-server does).</li> <li>We really don’t care what the client passwords are, just that they exist, so instead of listing them a master password combined with some kind of one-way hash based on the <cite>name</cite> might make more sense, and make <tt class="docutils literal"><span class="pre">Properties/passwords.xml</span></tt> easier to maintain.</li> </ol> <blockquote> <div><ul> <li><p class="first">Cfg/var/lib/bcfg2/Metadata/clients.xml/clients.xml.genshi:</p> <div class="highlight-xml"><div class="highlight"><pre><span class="c"><!-- Do not edit this file directly - edit only the above template --></span> {# Doc: http://bcfg2.org/wiki/Authentication #}\ {% def static(profile,name,address) %} <span class="nt"><Client</span> <span class="na">profile=</span><span class="s">"${profile}"</span> <span class="na">name=</span><span class="s">"${name}"</span> <span class="na">uuid=</span><span class="s">"${name}"</span> <span class="na">password=</span><span class="s">"${metadata.Properties['passwords.xml'].xdata.find('password').find('bcfg2-client').find(name).text}"</span> <span class="na">address=</span><span class="s">"${address}"</span> <span class="na">location=</span><span class="s">"fixed"</span> <span class="na">secure=</span><span class="s">"true"</span> <span class="nt">/></span>\ {% end %}\ {% def dynamic(profile,name) %} <span class="nt"><Client</span> <span class="na">profile=</span><span class="s">"${profile}"</span> <span class="na">name=</span><span class="s">"${name}"</span> <span class="na">uuid=</span><span class="s">"${name}"</span> <span class="na">password=</span><span class="s">"${metadata.Properties['passwords.xml'].xdata.find('password').find('bcfg2-client').find(name).text}"</span> <span class="na">floating=</span><span class="s">"true"</span> <span class="na">secure=</span><span class="s">"true"</span> <span class="nt">/></span>\ {% end %}\ <span class="nt"><Clients</span> <span class="na">version=</span><span class="s">"3.0"</span><span class="nt">></span>\ ${static('group-server-collab','campaigns.example.com','192.168.111.1')} ${static('group-server-collab','info.office.example.com','192.168.111.2')} ${static('group-server-config','config.example.com','192.168.111.3')} ${dynamic('group-project-membercard','membercard')} ${dynamic('group-person-somename','somename.office.example.com')} <span class="nt"></Clients></span> </pre></div> </div> </li> <li><p class="first">Properties/passwords.xml snippit:</p> <div class="highlight-xml"><div class="highlight"><pre><span class="nt"><Properties></span> <span class="nt"><password></span> <span class="nt"><bcfg2-client></span> <span class="nt"><campaigns.example.com></span>FAKEpassword1<span class="nt"></campaigns.example.com></span> <span class="nt"><info.office.example.com></span>FAKEpassword2<span class="nt"></info.office.example.com></span> <span class="nt"><config.example.com></span>FAKEpassword3<span class="nt"></config.example.com></span> <span class="nt"><membercard></span>FAKEpassword4<span class="nt"></membercard></span> <span class="nt"><somename.office.example.com></span>FAKEpassword5<span class="nt"></somename.office.example.com></span> <span class="nt"></bcfg2-client></span> <span class="nt"></password></span> <span class="nt"></Properties></span> </pre></div> </div> </li> </ul> </div></blockquote> </div> </div> </div> </div> <div class="sphinxsidebar"> <div class="sphinxsidebarwrapper"> <h4>Previous topic</h4> <p class="topless"><a href="bcfg2-cron.html" title="previous chapter">bcfg2-cron</a></p> <h4>Next topic</h4> <p class="topless"><a href="ganglia.html" title="next chapter">ganglia</a></p> <h3>This Page</h3> <ul class="this-page-menu"> <li><a href="../../../../../_sources/server/plugins/generators/examples/genshi/clientsxml.txt" rel="nofollow">Show Source</a></li> </ul> <div id="searchbox" style="display: none"> <h3>Quick search</h3> <form class="search" action="../../../../../search.html" method="get"> <input type="text" name="q" /> <input type="submit" value="Go" /> <input type="hidden" name="check_keywords" value="yes" /> <input type="hidden" name="area" value="default" /> </form> <p class="searchtip" style="font-size: 90%"> Enter search terms or a module, class or function name. </p> </div> <script type="text/javascript">$('#searchbox').show(0);</script> </div> </div> <div class="clearer"></div> </div> <div class="related"> <h3>Navigation</h3> <ul> <li class="right" style="margin-right: 10px"> <a href="../../../../../genindex.html" title="General Index" >index</a></li> <li class="right" > <a href="../../../../../py-modindex.html" title="Python Module Index" >modules</a> |</li> <li class="right" > <a href="ganglia.html" title="ganglia" >next</a> |</li> <li class="right" > <a href="bcfg2-cron.html" title="bcfg2-cron" >previous</a> |</li> <li><a href="../../../../../index.html">home</a> | </li> <!--<li><a href="../../../../../search.html">search</a> | </li>--> <li><a href="../../../../../help/index.html">help</a> | </li> <li><a href="../../../../../contents.html">documentation </a> »</li> <li><a href="../../../../../contents.html" >Bcfg2 documentation 1.3.0</a> »</li> <li><a href="../../../../index.html" >The Bcfg2 Server</a> »</li> <li><a href="../../../index.html" >Plugins</a> »</li> <li><a href="../../tgenshi.html" >TGenshi</a> »</li> </ul> </div> <div class="footer"> © Copyright 2009-2013, Narayan Desai. Last updated on Mar 20, 2013. Created using <a href="http://sphinx.pocoo.org/">Sphinx</a> 1.1.3. </div> </body> </html>