From 8fd313b624e3da699280f81da1f88ef7149e6123 Mon Sep 17 00:00:00 2001

From: Jan Cholasta <jcholast@redhat.com>

Date: Wed, 12 Aug 2015 07:49:53 +0200

Subject: [PATCH] install: Fix server and replica install options

https://fedorahosted.org/freeipa/ticket/5184

Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>

---

 ipaserver/install/server/install.py        | 55 ++++++------------------------

 ipaserver/install/server/replicainstall.py | 36 ++++---------------

 2 files changed, 17 insertions(+), 74 deletions(-)

diff --git a/ipaserver/install/server/install.py b/ipaserver/install/server/install.py

index b9bf3f34bdb7c32115e5c6a7038f11f901ab06b8..ff517513473a458a84f63c5c1308a8cc0b8699f8 100644

--- a/ipaserver/install/server/install.py

+++ b/ipaserver/install/server/install.py

@@ -1137,18 +1137,6 @@ def uninstall(installer):

 class ServerCA(common.Installable, core.Group, core.Composite):

     description = "certificate system"

-    setup_ca = Knob(

-        bool, False,

-        initializable=False,

-        description="configure a dogtag CA",

-    )

-

-    setup_kra = Knob(

-        bool, False,

-        initializable=False,

-        description="configure a dogtag KRA",

-    )

-

     external_ca = Knob(

         bool, False,

         description=("Generate a CSR for the IPA CA certificate to be signed "

@@ -1163,7 +1151,7 @@ class ServerCA(common.Installable, core.Group, core.Composite):

     external_cert_files = Knob(

         (list, str), None,

         description=("File containing the IPA CA certificate and the external "

-                     "CA certificate chain (can be specified multiple times)"),

+                     "CA certificate chain"),

         cli_name='external-cert-file',

         cli_aliases=['external_cert_file', 'external_ca_file'],

         cli_metavar='FILE',

@@ -1308,6 +1296,7 @@ class ServerDNS(common.Installable, core.Group, core.Composite):

         description=("The reverse DNS zone to use. This option can be used "

                      "multiple times"),

         cli_name='reverse-zone',

+        cli_metavar='REVERSE_ZONE',

     )

     no_reverse = Knob(

@@ -1320,31 +1309,6 @@ class ServerDNS(common.Installable, core.Group, core.Composite):

         description="Disable DNSSEC validation",

     )

-    dnssec_master = Knob(

-        bool, False,

-        initializable=False,

-        description="Setup server to be DNSSEC key master",

-    )

-

-    disable_dnssec_master = Knob(

-        bool, False,

-        initializable=False,

-        description="Disable the DNSSEC master on this server",

-    )

-

-    kasp_db_file = Knob(

-        str, None,

-        initializable=False,

-        description="Copy OpenDNSSEC metadata from the specified file (will "

-                    "not create a new kasp.db file)",

-    )

-

-    force = Knob(

-        bool, False,

-        initializable=False,

-        description="Force install",

-    )

-

     zonemgr = Knob(

         str, None,

         description=("DNS zone manager e-mail address. Defaults to "

@@ -1416,7 +1380,6 @@ class Server(common.Installable, common.Interactive, core.Composite):

     master_password = Knob(

         str, None,

         sensitive=True,

-        deprecated=True,

         description="kerberos master password (normally autogenerated)",

         cli_short_name='P',

     )

@@ -1466,11 +1429,13 @@ class Server(common.Installable, common.Interactive, core.Composite):

         description=("Master Server IP Address. This option can be used "

                      "multiple times"),

         cli_name='ip-address',

+        cli_metavar='IP_ADDRESS',

     )

     no_ntp = Knob(

         bool, False,

         description="do not configure ntp",

+        cli_short_name='N',

     )

     idstart = Knob(

@@ -1615,8 +1580,8 @@ class Server(common.Installable, common.Interactive, core.Composite):

         # Automatically disable pkinit w/ dogtag until that is supported

         self.ca.no_pkinit = True

-        self.setup_ca = self.ca.setup_ca

-        self.setup_kra = self.ca.setup_kra

+        self.setup_ca = False

+        self.setup_kra = False

         self.external_ca = self.ca.external_ca

         self.external_ca_type = self.ca.external_ca_type

         self.external_cert_files = self.ca.external_cert_files

@@ -1639,10 +1604,10 @@ class Server(common.Installable, common.Interactive, core.Composite):

         self.reverse_zones = self.dns.reverse_zones

         self.no_reverse = self.dns.no_reverse

         self.no_dnssec_validation = self.dns.no_dnssec_validation

-        self.dnssec_master = self.dns.dnssec_master

-        self.disable_dnssec_master = self.dns.disable_dnssec_master

-        self.kasp_db_file = self.dns.kasp_db_file

-        self.force = self.dns.force

+        self.dnssec_master = False

+        self.disable_dnssec_master = False

+        self.kasp_db_file = None

+        self.force = False

         self.zonemgr = self.dns.zonemgr

         self.no_host_dns = self.dns.no_host_dns

         self.no_dns_sshfp = self.dns.no_dns_sshfp

diff --git a/ipaserver/install/server/replicainstall.py b/ipaserver/install/server/replicainstall.py

index 1ad291a1eada080361031a5723a0ea61679fc72e..dd8bc0d4bb7d8d9835a3e3e4dc24d1f67199d28f 100644

--- a/ipaserver/install/server/replicainstall.py

+++ b/ipaserver/install/server/replicainstall.py

@@ -679,6 +679,7 @@ class ReplicaDNS(common.Installable, core.Group, core.Composite):

         description=("The reverse DNS zone to use. This option can be used "

                      "multiple times"),

         cli_name='reverse-zone',

+        cli_metavar='REVERSE_ZONE',

     )

     no_reverse = Knob(

@@ -691,31 +692,6 @@ class ReplicaDNS(common.Installable, core.Group, core.Composite):

         description="Disable DNSSEC validation",

     )

-    dnssec_master = Knob(

-        bool, False,

-        initializable=False,

-        description="Setup server to be DNSSEC key master",

-    )

-

-    disable_dnssec_master = Knob(

-        bool, False,

-        initializable=False,

-        description="Disable the DNSSEC master on this server",

-    )

-

-    force = Knob(

-        bool, False,

-        initializable=False,

-        description="Force install",

-    )

-

-    kasp_db_file = Knob(

-        str, None,

-        initializable=False,

-        description="Copy OpenDNSSEC metadata from the specified file (will "

-                    "not create a new kasp.db file)",

-    )

-

     no_host_dns = Knob(

         bool, False,

         description="Do not use DNS for hostname lookup during installation",

@@ -750,6 +726,7 @@ class Replica(common.Installable, common.Interactive, core.Composite):

         description=("Replica server IP Address. This option can be used "

                      "multiple times"),

         cli_name='ip-address',

+        cli_metavar='IP_ADDRESS',

     )

     password = Knob(

@@ -774,6 +751,7 @@ class Replica(common.Installable, common.Interactive, core.Composite):

     no_ntp = Knob(

         bool, False,

         description="do not configure ntp",

+        cli_short_name='N',

     )

     no_ui_redirect = Knob(

@@ -864,10 +842,10 @@ class Replica(common.Installable, common.Interactive, core.Composite):

         self.reverse_zones = self.dns.reverse_zones

         self.no_reverse = self.dns.no_reverse

         self.no_dnssec_validation = self.dns.no_dnssec_validation

-        self.dnssec_master = self.dns.dnssec_master

-        self.disable_dnssec_master = self.dns.disable_dnssec_master

-        self.kasp_db_file = self.dns.kasp_db_file

-        self.force = self.dns.force

+        self.dnssec_master = False

+        self.disable_dnssec_master = False

+        self.kasp_db_file = None

+        self.force = False

         self.zonemgr = None

         self.no_host_dns = self.dns.no_host_dns

         self.no_dns_sshfp = self.dns.no_dns_sshfp

-- 

2.4.3