Summary: Meta-package for a common, default xCAT setup
Name: xCAT
Version: %(cat Version)
Release: snap%(date +"%Y%m%d%H%M")
License: EPL
Group: Applications/System
Vendor: IBM Corp.
Packager: IBM Corp.
Distribution: %{?_distribution:%{_distribution}}%{!?_distribution:%{_vendor}}
Prefix: /opt/xcat
BuildRoot: /var/tmp/%{name}-%{version}-%{release}-root
#BuildArch: noarch
Source1: xcat.conf
Source2: postscripts.tar.gz
Source3: templates.tar.gz

Provides: xCAT = %{version}
Requires: xCAT-server xCAT-client perl-DBD-SQLite

%ifos linux
Requires: atftp dhcp httpd nfs-utils expect nmap fping bind perl-XML-Parser vsftpd
%ifarch s390x
# No additional requires for zLinux right now
%else
# yaboot-xcat is pulled in so any MN can manage ppc nodes
Requires: conserver yaboot-xcat
%endif
%ifarch ppc64
Requires: perl-IO-Stty
%endif
%endif

%ifarch i386 i586 i686 x86 x86_64
# All versions of the nb rpms are pulled in so an x86 MN can manage nodes of any arch.
# The nb rpms are used for dhcp-based discovery, and flashing, so for now we do not need them on a ppc MN.
Requires: xCAT-nbroot-oss-x86 xCAT-nbroot-core-x86 xCAT-nbkernel-x86 xCAT-nbroot-oss-x86_64 xCAT-nbroot-core-x86_64 xCAT-nbkernel-x86_64 xCAT-nbroot-oss-ppc64 xCAT-nbroot-core-ppc64 xCAT-nbkernel-ppc64 syslinux
Requires: ipmitool >= 1.8.9
%endif

%description
xCAT is a server management package intended for at-scale management, including
hardware management and software management.

%prep
%ifos linux
tar zxf %{SOURCE2}
%else
rm -rf postscripts
cp %{SOURCE2} /opt/freeware/src/packages/BUILD
gunzip -f postscripts.tar.gz
tar -xf postscripts.tar
%endif

%build

%install
mkdir -p $RPM_BUILD_ROOT/etc/apache2/conf.d
mkdir -p $RPM_BUILD_ROOT/etc/httpd/conf.d
mkdir -p $RPM_BUILD_ROOT/install/postscripts
mkdir -p $RPM_BUILD_ROOT/%{prefix}/share/xcat/
cd $RPM_BUILD_ROOT/%{prefix}/share/xcat/

%ifos linux
tar zxf %{SOURCE3}
%else
cp %{SOURCE3} $RPM_BUILD_ROOT/%{prefix}/share/xcat
gunzip -f templates.tar.gz
tar -xf templates.tar
rm templates.tar
%endif

cd -
cd $RPM_BUILD_ROOT/install

%ifos linux
tar zxf %{SOURCE2}
%else
cp %{SOURCE2} $RPM_BUILD_ROOT/install
gunzip -f postscripts.tar.gz
tar -xf postscripts.tar
rm postscripts.tar
%endif

rm LICENSE.html
mkdir -p postscripts/hostkeys
cd -
cp %{SOURCE1} $RPM_BUILD_ROOT/etc/apache2/conf.d/xcat.conf
cp %{SOURCE1} $RPM_BUILD_ROOT/etc/httpd/conf.d/xcat.conf

mkdir -p $RPM_BUILD_ROOT/%{prefix}/share/doc/packages/xCAT
cp LICENSE.html $RPM_BUILD_ROOT/%{prefix}/share/doc/packages/xCAT

%post
%ifnos linux
. /etc/profile
$RPM_INSTALL_PREFIX0/sbin/xcatconfig
%else
. /etc/profile.d/xcat.sh

# ugly hack so we can have 1 RPM support both sles and rhel
if [ -e /etc/SuSE-release ]; then
  apachename=apache2
else
  apachename=httpd
fi


if [ ! -d /etc/xcat/hostkeys ]; then 
   mkdir -p /etc/xcat/hostkeys
fi

# Do not have private keys in install or /etc/xcat/hostkeys 
# Generate new keys and update /install with the public keys 
if [ ! -f /install/postscripts/hostkeys/ssh_host_rsa_key ] && [ ! -f /etc/xcat/hostkeys/ssh_host_rsa_key ] ; then
 echo Generating SSH1 RSA Key...
 /usr/bin/ssh-keygen -t rsa1 -f /etc/xcat/hostkeys/ssh_host_key -C '' -N ''
 echo Generating SSH2 RSA Key...
 /usr/bin/ssh-keygen -t rsa -f /etc/xcat/hostkeys/ssh_host_rsa_key -C '' -N ''
 echo Generating SSH2 DSA Key...
 /usr/bin/ssh-keygen -t dsa -f /etc/xcat/hostkeys/ssh_host_dsa_key -C '' -N ''
 /bin/rm /install/postscripts/hostkeys/*
 /bin/cp /etc/xcat/hostkeys/ssh_host*.pub /install/postscripts/hostkeys/ 
else
# generated the keys before and still have private keys in install 
# copy all from /install to /etc/xcat/hostkeys and then remove private keys
# from /install
  if [ -f /install/postscripts/hostkeys/ssh_host_rsa_key ]; then
   /bin/cp -p /install/postscripts/hostkeys/* /etc/xcat/hostkeys/.
   /bin/rm /install/postscripts/hostkeys/ssh_host_dsa_key
   /bin/rm /install/postscripts/hostkeys/ssh_host_rsa_key
   /bin/rm /install/postscripts/hostkeys/ssh_host_key
  fi
  if [ ! -f /install/postscripts/hostkeys/ssh_host_rsa_key.pub ]; then
    /bin/rm /install/postscripts/hostkeys/*
    /bin/cp /etc/xcat/hostkeys/ssh_host*.pub /install/postscripts/hostkeys/ 
  fi
fi
if [ -d /install/postscripts/.ssh ]; then
   /bin/mv /install/postscripts/.ssh/* /install/postscripts/_ssh/.
   rmdir /install/postscripts/.ssh
fi
if [ -d /install/postscripts/.xcat ]; then
   /bin/mv /install/postscripts/.xcat/* /install/postscripts/_xcat/.
   rmdir /install/postscripts/.xcat
fi
chkconfig vsftpd on
/etc/init.d/vsftpd start
# remove any service node file
if [ -f /etc/xCATSN ]; then
 rm  /etc/xCATSN
fi
if [ "$1" = "1" ]; then #Only if installing for the first time..
    mkdir -p /root/.ssh
    chmod 700 /root/.ssh
    echo StrictHostKeyChecking no >> /root/.ssh/config
    chmod 600 /root/.ssh/config
    if [ ! -r /root/.ssh/id_rsa.pub ]; then
        ssh-keygen -t rsa -q -b 2048 -N "" -f /root/.ssh/id_rsa
    fi
    mkdir -p /install/postscripts/_ssh
    cp /root/.ssh/id_rsa.pub /install/postscripts/_ssh/authorized_keys
    chmod 644  /install/postscripts/_ssh/authorized_keys

    mkdir -p /var/log/consoles
    if ! grep /tftpboot /etc/exports; then
        echo '/tftpboot *(rw,no_root_squash,sync)' >> /etc/exports #SECURITY: this has potential for sharing private host/user keys
    fi
    if ! grep /install /etc/exports; then
        echo '/install *(rw,no_root_squash,sync)' >> /etc/exports #SECURITY: this has potential for sharing private host/user keys
    fi
	chkconfig nfs on
	/etc/init.d/nfs stop
	/etc/init.d/nfs start
	exportfs -a
    if [ ! -r /etc/xcat/site.sqlite ]; then
      XCATROOT=$RPM_INSTALL_PREFIX0 $RPM_INSTALL_PREFIX0/sbin/chtab key=xcatdport site.value=3001
      XCATROOT=$RPM_INSTALL_PREFIX0 $RPM_INSTALL_PREFIX0/sbin/chtab key=xcatiport site.value=3002
      XCATROOT=$RPM_INSTALL_PREFIX0 $RPM_INSTALL_PREFIX0/sbin/chtab key=tftpdir site.value=/tftpboot
      XCATROOT=$RPM_INSTALL_PREFIX0 $RPM_INSTALL_PREFIX0/sbin/chtab key=master site.value=$(getent hosts `hostname`|awk '{print $1}')
      XCATROOT=$RPM_INSTALL_PREFIX0 $RPM_INSTALL_PREFIX0/sbin/chtab key=domain site.value=$(hostname -d)
      XCATROOT=$RPM_INSTALL_PREFIX0 $RPM_INSTALL_PREFIX0/sbin/chtab key=installdir site.value=/install
      XCATROOT=$RPM_INSTALL_PREFIX0 $RPM_INSTALL_PREFIX0/sbin/chtab key=timezone site.value=`grep -E "^TIMEZONE|^ZONE" /etc/sysconfig/clock|cut -d= -f 2|sed -e 's/"//g'`
    fi
    if [ ! -r /etc/xcat/postscripts.sqlite ]; then
      XCATROOT=$RPM_INSTALL_PREFIX0 $RPM_INSTALL_PREFIX0/sbin/chtab node=xcatdefaults postscripts.postscripts='syslog,remoteshell'
      XCATROOT=$RPM_INSTALL_PREFIX0 $RPM_INSTALL_PREFIX0/sbin/chtab node=service postscripts.postscripts='servicenode'
    fi
    if [ ! -r /etc/xcat/policy.sqlite ]; then
      XCATROOT=$RPM_INSTALL_PREFIX0 $RPM_INSTALL_PREFIX0/sbin/chtab priority=1 policy.name=root policy.rule=allow
      XCATROOT=$RPM_INSTALL_PREFIX0 $RPM_INSTALL_PREFIX0/sbin/chtab priority=2 policy.commands=getbmcconfig policy.rule=allow
      XCATROOT=$RPM_INSTALL_PREFIX0 $RPM_INSTALL_PREFIX0/sbin/chtab priority=3 policy.commands=nextdestiny policy.rule=allow
      XCATROOT=$RPM_INSTALL_PREFIX0 $RPM_INSTALL_PREFIX0/sbin/chtab priority=4 policy.commands=getdestiny policy.rule=allow
      XCATROOT=$RPM_INSTALL_PREFIX0 $RPM_INSTALL_PREFIX0/sbin/chtab priority=4.4 policy.commands=getpostscript policy.rule=allow
      XCATROOT=$RPM_INSTALL_PREFIX0 $RPM_INSTALL_PREFIX0/sbin/chtab priority=4.5 policy.commands=getcredentials policy.rule=allow
    fi

    if [ ! -d /etc/xcat/ca ]; then
      yes | $RPM_INSTALL_PREFIX0/share/xcat/scripts/setup-xcat-ca.sh "xCAT CA"
    fi
    mkdir -p /install/postscripts/ca
    cp -r /etc/xcat/ca/* /install/postscripts/ca
    if [ ! -d /etc/xcat/cert ]; then
      yes | $RPM_INSTALL_PREFIX0/share/xcat/scripts/setup-server-cert.sh `hostname`
    fi
    mkdir -p /install/postscripts/cert
    cp -r /etc/xcat/cert/* /install/postscripts/cert
    if [ ! -r /root/.xcat/client-key.pem ]; then
      yes | $RPM_INSTALL_PREFIX0/share/xcat/scripts/setup-local-client.sh root
    fi
    mkdir -p /install/postscripts/_xcat
    cp -r /root/.xcat/* /install/postscripts/_xcat
    #Zap the almost certainly wrong pxelinux.cfg file
	if [ -r  /tftpboot/pxelinux.cfg/default ]
	then
    	rm /tftpboot/pxelinux.cfg/default
	fi
    # make Management Node
	touch /etc/xCATMN

	# setup syslog
        /install/postscripts/syslog
    #fi

    XCATROOT=$RPM_INSTALL_PREFIX0 /etc/init.d/xcatd start
    if [ -x $RPM_INSTALL_PREFIX0/sbin/mknb ]; then
%ifarch i386 i586 i686 x86 x86_64
       $RPM_INSTALL_PREFIX0/sbin/mknb x86
       $RPM_INSTALL_PREFIX0/sbin/mknb x86_64
       $RPM_INSTALL_PREFIX0/sbin/mknb ppc64
%else
	true 
%endif
    fi
    $RPM_INSTALL_PREFIX0/sbin/makenetworks
    XCATROOT=$RPM_INSTALL_PREFIX0 $RPM_INSTALL_PREFIX0/sbin/chtab key=nameservers site.value=`sed -e 's/#.*//' /etc/resolv.conf|grep nameserver|awk '{printf $2 ","}'|sed -e s/,$//`
    chkconfig $apachename on
	/etc/init.d/$apachename stop
	/etc/init.d/$apachename start
    echo "xCAT is now installed, it is recommended to tabedit networks and set a dynamic ip address range on any networks where nodes are to be discovered"
    echo "Then, run makedhcp -n to create a new dhcpd.configuration file, and /etc/init.d/dhcpd restart"
    echo "Either examine sample configuration templates, or write your own, or specify a value per node with nodeadd or tabedit."
fi
%endif

%clean

%files
%{prefix}
# one for sles, one for rhel. yes, it's ugly...
/etc/httpd/conf.d/xcat.conf
/etc/apache2/conf.d/xcat.conf
/install/postscripts
%defattr(-,root,root)