Vendor Galaxy Roles and Collections

ansible_collections/debops/debops/roles/nscd/COPYRIGHT

@@ -0,0 +1,19 @@
+debops.nscd - Manage Name Service Cache Daemon with Ansible
+
+Copyright (C) 2019 Maciej Delmanowski <drybjed@gmail.com>
+Copyright (C) 2019 DebOps <https://debops.org/>
+SPDX-License-Identifier: GPL-3.0-only
+
+This Ansible role is part of DebOps.
+
+DebOps is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License version 3, as
+published by the Free Software Foundation.
+
+DebOps is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with DebOps. If not, see https://www.gnu.org/licenses/.

ansible_collections/debops/debops/roles/nscd/defaults/main.yml

@@ -0,0 +1,193 @@
+---
+# .. vim: foldmarker=[[[,]]]:foldmethod=marker
+
+# .. Copyright (C) 2019 Maciej Delmanowski <drybjed@gmail.com>
+# .. Copyright (C) 2019 DebOps <https://debops.org/>
+# .. SPDX-License-Identifier: GPL-3.0-only
+
+# .. _nscd__ref_defaults:
+
+# debops.nscd default variables
+# =============================
+
+# .. contents:: Sections
+#    :local:
+#
+# .. include:: ../../../../includes/global.rst
+
+
+# Global options, APT packages [[[
+# --------------------------------
+
+# .. envvar:: nscd__flavor [[[
+#
+# Select the "flavor" of the Name Service Cache Daemon to use. Available
+# flavors are: ``nscd``, ``unscd``. The ``unscd`` flavor is simpler, but more
+# resilient.
+nscd__flavor: 'unscd'
+
+                                                                   # ]]]
+# .. envvar:: nscd__base_packages [[[
+#
+# List of the base APT packages to install for Name Service Cache support.
+nscd__base_packages: [ '{{ nscd__flavor }}' ]
+
+                                                                   # ]]]
+# .. envvar:: nscd__packages [[[
+#
+# List of additional APT packages to install with :command:`nscd`.
+nscd__packages: []
+                                                                   # ]]]
+                                                                   # ]]]
+# Service configuration [[[
+# -------------------------
+
+# These variables define the contents of the :file:`/etc/nscd.conf`
+# configuration file. See :ref:`nscd__ref_configuration` for more details.
+
+# .. envvar:: nscd__default_configuration [[[
+#
+# The default configuration options for the :command:`nscd` service defined by
+# the role.
+nscd__default_configuration:
+
+  - name: 'global'
+    options:
+
+      - name: 'logfile'
+        value: '/var/log/nscd.log'
+        state: 'comment'
+
+      - name: 'threads'
+        value: 4
+        state: 'comment'
+
+      - name: 'max_threads'
+        value: 32
+        state: 'comment'
+
+      - name: 'server_user'
+        value: '{{ "unscd"
+                   if (nscd__flavor == "unscd")
+                   else "nobody" }}'
+        state: '{{ "present"
+                   if (nscd__flavor == "unscd")
+                   else "comment" }}'
+
+      - name: 'stat_user'
+        value: 'somebody'
+        state: 'comment'
+
+      - name: 'debug_level'
+        value: 0
+
+      - name: 'reload_count'
+        value: 5
+        state: 'comment'
+
+      - name: 'paranoia'
+        value: False
+
+      - name: 'restart_interval'
+        value: 3600
+        state: 'comment'
+
+  - name: 'passwd'
+    enable_cache: True
+    positive_time_to_live: 600
+    negative_time_to_live: 20
+    suggested_size: 1001
+    check_files: True
+    persistent: True
+    shared: True
+    max_db_size: 33554432
+    auto_propagate: True
+
+  - name: 'group'
+    enable_cache: True
+    positive_time_to_live: 3600
+    negative_time_to_live: 60
+    suggested_size: 1001
+    check_files: True
+    persistent: True
+    shared: True
+    max_db_size: 33554432
+    auto_propagate: True
+
+  - name: 'hosts'
+    comment: |
+      hosts caching is broken with gethostby* calls, hence is now disabled
+      by default. Specifically, the caching does not obey DNS TTLs, and
+      thus could lead to problems if the positive-time-to-live is
+      significantly larger than the actual TTL.
+
+      You should really use a caching nameserver instead of nscd for this
+      sort of request. However, you can easily re-enable this by default.
+    enable_cache: False
+    positive_time_to_live: 3600
+    negative_time_to_live: 20
+    suggested_size: 1001
+    check_files: True
+    persistent: True
+    shared: True
+    max_db_size: 33554432
+    state: 'comment'
+
+  - name: 'services'
+    enable_cache: True
+    positive_time_to_live: 28800
+    negative_time_to_live: 20
+    suggested_size: 1001
+    check_files: True
+    persistent: True
+    shared: True
+    max_db_size: 33554432
+    state: '{{ "absent"
+               if (nscd__flavor == "unscd")
+               else "present" }}'
+
+  - name: 'netgroup'
+    enable_cache: True
+    positive_time_to_live: 28800
+    negative_time_to_live: 20
+    suggested_size: 1001
+    check_files: True
+    persistent: True
+    shared: True
+    max_db_size: 33554432
+    state: '{{ "absent"
+               if (nscd__flavor == "unscd")
+               else "present" }}'
+
+                                                                   # ]]]
+# .. envvar:: nscd__configuration [[[
+#
+# The configuration options for the :command:`nscd` service defined on all
+# hosts in the Ansible inventory.
+nscd__configuration: []
+
+                                                                   # ]]]
+# .. envvar:: nscd__group_configuration [[[
+#
+# The configuration options for the :command:`nscd` service defined on hosts in
+# a specific Ansible inventory group.
+nscd__group_configuration: []
+
+                                                                   # ]]]
+# .. envvar:: nscd__host_configuration [[[
+#
+# The configuration options for the :command:`nscd` service defined on specific
+# hosts in the Ansible inventory.
+nscd__host_configuration: []
+
+                                                                   # ]]]
+# .. envvar:: nscd__combined_configuration [[[
+#
+# The variable that combines all other configuration variables and is used in
+# role tasks and templates.
+nscd__combined_configuration: '{{ nscd__default_configuration
+                                  + nscd__configuration
+                                  + nscd__group_configuration
+                                  + nscd__host_configuration }}'
+                                                                   # ]]]
+                                                                   # ]]]

ansible_collections/debops/debops/roles/nscd/meta/main.yml

@@ -0,0 +1,30 @@
+---
+# Copyright (C) 2019 Maciej Delmanowski <drybjed@gmail.com>
+# Copyright (C) 2019-2022 DebOps <https://debops.org/>
+# SPDX-License-Identifier: GPL-3.0-only
+
+# Ensure that custom Ansible plugins and modules included in the main DebOps
+# collection are available to roles in other collections.
+collections: [ 'debops.debops' ]
+
+dependencies: []
+
+galaxy_info:
+
+  author: 'Maciej Delmanowski'
+  description: 'Manage Name Service Cache Daemon'
+  company: 'DebOps'
+  license: 'GPL-3.0'
+  min_ansible_version: '2.7.0'
+
+  platforms:
+
+    - name: 'Ubuntu'
+      versions: [ 'all' ]
+
+    - name: 'Debian'
+      versions: [ 'all' ]
+
+  galaxy_tags:
+    - ldap
+    - nss

ansible_collections/debops/debops/roles/nscd/tasks/main.yml

@@ -0,0 +1,53 @@
+---
+# Copyright (C) 2019 Maciej Delmanowski <drybjed@gmail.com>
+# Copyright (C) 2019 DebOps <https://debops.org/>
+# SPDX-License-Identifier: GPL-3.0-only
+
+- name: Import custom Ansible plugins
+  ansible.builtin.import_role:
+    name: 'ansible_plugins'
+
+- name: Import DebOps global handlers
+  ansible.builtin.import_role:
+    name: 'global_handlers'
+
+- name: Install required packages
+  ansible.builtin.package:
+    name: '{{ q("flattened", nscd__base_packages + nscd__packages) }}'
+    state: 'present'
+  register: nscd__register_packages
+  until: nscd__register_packages is succeeded
+
+- name: Divert the nscd configuration file
+  debops.debops.dpkg_divert:
+    path: '/etc/nscd.conf'
+
+- name: Generate nscd configuration
+  ansible.builtin.template:
+    src: 'etc/nscd.conf.j2'
+    dest: '/etc/nscd.conf'
+    mode: '0644'
+  register: nscd__register_config
+
+- name: Restart nscd if its configuration was modified
+  ansible.builtin.service:  # noqa no-handler
+    name: '{{ nscd__flavor }}'
+    state: 'restarted'
+  when: nscd__register_config is changed
+
+- name: Make sure that Ansible local facts directory exists
+  ansible.builtin.file:
+    path: '/etc/ansible/facts.d'
+    state: 'directory'
+    mode: '0755'
+
+- name: Save nscd local facts
+  ansible.builtin.template:
+    src: 'etc/ansible/facts.d/nscd.fact.j2'
+    dest: '/etc/ansible/facts.d/nscd.fact'
+    mode: '0755'
+  notify: [ 'Refresh host facts' ]
+  tags: [ 'meta::facts' ]
+
+- name: Update Ansible facts if they were modified
+  ansible.builtin.meta: 'flush_handlers'

ansible_collections/debops/debops/roles/nscd/templates/etc/ansible/facts.d/nscd.fact.j2

@@ -0,0 +1,30 @@
+#!{{ ansible_python['executable'] }}
+# -*- coding: utf-8 -*-
+
+# Copyright (C) 2019 Maciej Delmanowski <drybjed@gmail.com>
+# Copyright (C) 2019 DebOps <https://debops.org/>
+# SPDX-License-Identifier: GPL-3.0-only
+
+# {{ ansible_managed }}
+
+from __future__ import print_function
+from json import dumps, loads
+from sys import exit
+import os
+
+
+def cmd_exists(cmd):
+    return any(
+        os.access(os.path.join(path, cmd), os.X_OK)
+        for path in os.environ["PATH"].split(os.pathsep)
+    )
+
+
+output = loads('''{{
+    {"configured": True,
+     "flavor": nscd__flavor
+    } | to_nice_json }}''')
+
+output['installed'] = cmd_exists('nscd')
+
+print(dumps(output, sort_keys=True, indent=4))

ansible_collections/debops/debops/roles/nscd/templates/etc/nscd.conf.j2

@@ -0,0 +1,127 @@
+{# Copyright (C) 2019 Maciej Delmanowski <drybjed@gmail.com>
+ # Copyright (C) 2019 DebOps <https://debops.org/>
+ # SPDX-License-Identifier: GPL-3.0-only
+ #}
+# {{ ansible_managed }}
+
+#
+# /etc/nscd.conf
+#
+# A Name Service Cache config file.  This file is needed by nscd.
+#
+# Legal entries are:
+#
+#	logfile			<file>
+#	debug-level		<level>
+#	threads			<initial #threads to use>
+#	max-threads		<maximum #threads to use>
+#	server-user             <user to run server as instead of root>
+#		server-user is ignored if nscd is started with -S parameters
+#       stat-user               <user who is allowed to request statistics>
+#	reload-count		unlimited|<number>
+#	paranoia		<yes|no>
+#	restart-interval	<time in seconds>
+#
+#       enable-cache		<service> <yes|no>
+#	positive-time-to-live	<service> <time in seconds>
+#	negative-time-to-live   <service> <time in seconds>
+#       suggested-size		<service> <prime number>
+#	check-files		<service> <yes|no>
+#	persistent		<service> <yes|no>
+#	shared			<service> <yes|no>
+#	max-db-size		<service> <number bytes>
+#	auto-propagate		<service> <yes|no>
+#
+# Currently supported cache names (services): passwd, group, hosts, services
+#
+
+
+{% macro print_global(option) %}
+{%   if option.state | d('present') not in [ 'absent', 'ignore' ] %}
+{%     if option.value is defined %}
+{%       set option_comment = ('#\t' if (option.state | d('present') == 'comment') else '\t') %}
+{%       set option_name = (option.name | replace('_','-')) %}
+{%       set option_tab = ('\t' + ('\t' if (option.name | length < 16) else '') + ('\t' if (option.name | length < 8) else '')) %}
+{%       if option.value is string and not option.value | bool %}
+{{ '{}{}{}{}'.format(option_comment, option_name, option_tab, option.value) }}
+{%       elif option.value | bool and option.value is not iterable %}
+{%         if option.value | string == '1' %}
+{{ '{}{}{}{}'.format(option_comment, option_name, option_tab, option.value) }}
+{%         else %}
+{{ '{}{}{}{}'.format(option_comment, option_name, option_tab, 'yes') }}
+{%         endif %}
+{%       elif not option.value | bool and option.value is not iterable %}
+{%         if option.value is not none %}
+{%           if option.value | int %}
+{{ '{}{}{}{}'.format(option_comment, option_name, option_tab, option.value) }}
+{%           else %}
+{%             if option.value | string == '0' %}
+{{ '{}{}{}{}'.format(option_comment, option_name, option_tab, option.value) }}
+{%             else %}
+{{ '{}{}{}{}'.format(option_comment, option_name, option_tab, 'no') }}
+{%             endif %}
+{%           endif %}
+{%         endif %}
+{%       endif %}
+{%     endif %}
+{%   endif %}
+{% endmacro %}
+{% macro print_section(section, option) %}
+{%   if option.state | d('present') not in [ 'absent', 'ignore' ] %}
+{%     if option.value is defined %}
+{%       set option_comment = ('#\t' if (option.state | d('present') == 'comment') else '\t') %}
+{%       set option_name = (option.name | replace('_','-')) %}
+{%       set option_tab = ('\t' + ('\t' if (option.name | length < 16) else '') + ('\t' if (option.name | length < 8) else '')) %}
+{%       set option_section = (section + ('\t' + ('\t' if (section | length < 8) else ''))) %}
+{%       if option.value is string and not option.value | bool %}
+{{ '{}{}{}{}{}'.format(option_comment, option_name, option_tab, option_section, option.value) }}
+{%       elif option.value | bool and option.value is not iterable %}
+{%         if option.value | string == '1' %}
+{{ '{}{}{}{}{}'.format(option_comment, option_name, option_tab, option_section, option.value) }}
+{%         else %}
+{{ '{}{}{}{}{}'.format(option_comment, option_name, option_tab, option_section, 'yes') }}
+{%         endif %}
+{%       elif not option.value | bool and option.value is not iterable %}
+{%         if option.value is not none %}
+{%           if option.value | int %}
+{{ '{}{}{}{}{}'.format(option_comment, option_name, option_tab, option_section, option.value) }}
+{%           else %}
+{%             if option.value | string == '0' %}
+{{ '{}{}{}{}{}'.format(option_comment, option_name, option_tab, option_section, option.value) }}
+{%             else %}
+{{ '{}{}{}{}{}'.format(option_comment, option_name, option_tab, option_section, 'no') }}
+{%             endif %}
+{%           endif %}
+{%         endif %}
+{%       endif %}
+{%     endif %}
+{%   endif %}
+{% endmacro %}
+{% for element in nscd__combined_configuration | debops.debops.parse_kv_items %}
+{%   if element.state | d('present') not in [ 'absent', 'init', 'ignore' ] %}
+{%     if element.name == 'global' and element.options | d() %}
+{%       for entry in element.options %}
+{{ print_global(entry) -}}
+{%       endfor %}
+{%     else %}
+{%       set entry_list = [] %}
+{%       if nscd__flavor == 'unscd' %}
+{%         set entry_names = [ 'enable_cache', 'positive_time_to_live', 'negative_time_to_live', 'suggested_size', 'check_files' ] %}
+{%       elif nscd__flavor == 'nscd' %}
+{%         set entry_names = [ 'enable_cache', 'positive_time_to_live', 'negative_time_to_live', 'suggested_size', 'check_files', 'persistent', 'shared', 'max_db_size', 'auto_propagate' ] %}
+{%       endif %}
+{%       for entry_name in entry_names %}
+{%         if entry_name in element.keys() %}
+{%             set _ = entry_list.append({'name': entry_name, 'value': element[entry_name], 'state': element.state | d('present')}) %}
+{%         endif %}
+{%       endfor %}
+
+{%       if element.comment | d() %}
+{{ element.comment | regex_replace('\n$','') | comment(prefix='', postfix='') -}}
+{%       endif %}
+{%       for entry in entry_list %}
+{{ print_section(element.name, entry) -}}
+{%       endfor %}
+{%     endif %}
+{%   endif %}
+{% endfor %}