From 8fd313b624e3da699280f81da1f88ef7149e6123 Mon Sep 17 00:00:00 2001
From: Jan Cholasta <jcholast@redhat.com>
Date: Wed, 12 Aug 2015 07:49:53 +0200
Subject: [PATCH] install: Fix server and replica install options
https://fedorahosted.org/freeipa/ticket/5184
Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
---
ipaserver/install/server/install.py | 55 ++++++------------------------
ipaserver/install/server/replicainstall.py | 36 ++++---------------
2 files changed, 17 insertions(+), 74 deletions(-)
diff --git a/ipaserver/install/server/install.py b/ipaserver/install/server/install.py
index b9bf3f34bdb7c32115e5c6a7038f11f901ab06b8..ff517513473a458a84f63c5c1308a8cc0b8699f8 100644
--- a/ipaserver/install/server/install.py
+++ b/ipaserver/install/server/install.py
@@ -1137,18 +1137,6 @@ def uninstall(installer):
class ServerCA(common.Installable, core.Group, core.Composite):
description = "certificate system"
- setup_ca = Knob(
- bool, False,
- initializable=False,
- description="configure a dogtag CA",
- )
-
- setup_kra = Knob(
- bool, False,
- initializable=False,
- description="configure a dogtag KRA",
- )
-
external_ca = Knob(
bool, False,
description=("Generate a CSR for the IPA CA certificate to be signed "
@@ -1163,7 +1151,7 @@ class ServerCA(common.Installable, core.Group, core.Composite):
external_cert_files = Knob(
(list, str), None,
description=("File containing the IPA CA certificate and the external "
- "CA certificate chain (can be specified multiple times)"),
+ "CA certificate chain"),
cli_name='external-cert-file',
cli_aliases=['external_cert_file', 'external_ca_file'],
cli_metavar='FILE',
@@ -1308,6 +1296,7 @@ class ServerDNS(common.Installable, core.Group, core.Composite):
description=("The reverse DNS zone to use. This option can be used "
"multiple times"),
cli_name='reverse-zone',
+ cli_metavar='REVERSE_ZONE',
)
no_reverse = Knob(
@@ -1320,31 +1309,6 @@ class ServerDNS(common.Installable, core.Group, core.Composite):
description="Disable DNSSEC validation",
)
- dnssec_master = Knob(
- bool, False,
- initializable=False,
- description="Setup server to be DNSSEC key master",
- )
-
- disable_dnssec_master = Knob(
- bool, False,
- initializable=False,
- description="Disable the DNSSEC master on this server",
- )
-
- kasp_db_file = Knob(
- str, None,
- initializable=False,
- description="Copy OpenDNSSEC metadata from the specified file (will "
- "not create a new kasp.db file)",
- )
-
- force = Knob(
- bool, False,
- initializable=False,
- description="Force install",
- )
-
zonemgr = Knob(
str, None,
description=("DNS zone manager e-mail address. Defaults to "
@@ -1416,7 +1380,6 @@ class Server(common.Installable, common.Interactive, core.Composite):
master_password = Knob(
str, None,
sensitive=True,
- deprecated=True,
description="kerberos master password (normally autogenerated)",
cli_short_name='P',
)
@@ -1466,11 +1429,13 @@ class Server(common.Installable, common.Interactive, core.Composite):
description=("Master Server IP Address. This option can be used "
"multiple times"),
cli_name='ip-address',
+ cli_metavar='IP_ADDRESS',
)
no_ntp = Knob(
bool, False,
description="do not configure ntp",
+ cli_short_name='N',
)
idstart = Knob(
@@ -1615,8 +1580,8 @@ class Server(common.Installable, common.Interactive, core.Composite):
# Automatically disable pkinit w/ dogtag until that is supported
self.ca.no_pkinit = True
- self.setup_ca = self.ca.setup_ca
- self.setup_kra = self.ca.setup_kra
+ self.setup_ca = False
+ self.setup_kra = False
self.external_ca = self.ca.external_ca
self.external_ca_type = self.ca.external_ca_type
self.external_cert_files = self.ca.external_cert_files
@@ -1639,10 +1604,10 @@ class Server(common.Installable, common.Interactive, core.Composite):
self.reverse_zones = self.dns.reverse_zones
self.no_reverse = self.dns.no_reverse
self.no_dnssec_validation = self.dns.no_dnssec_validation
- self.dnssec_master = self.dns.dnssec_master
- self.disable_dnssec_master = self.dns.disable_dnssec_master
- self.kasp_db_file = self.dns.kasp_db_file
- self.force = self.dns.force
+ self.dnssec_master = False
+ self.disable_dnssec_master = False
+ self.kasp_db_file = None
+ self.force = False
self.zonemgr = self.dns.zonemgr
self.no_host_dns = self.dns.no_host_dns
self.no_dns_sshfp = self.dns.no_dns_sshfp
diff --git a/ipaserver/install/server/replicainstall.py b/ipaserver/install/server/replicainstall.py
index 1ad291a1eada080361031a5723a0ea61679fc72e..dd8bc0d4bb7d8d9835a3e3e4dc24d1f67199d28f 100644
--- a/ipaserver/install/server/replicainstall.py
+++ b/ipaserver/install/server/replicainstall.py
@@ -679,6 +679,7 @@ class ReplicaDNS(common.Installable, core.Group, core.Composite):
description=("The reverse DNS zone to use. This option can be used "
"multiple times"),
cli_name='reverse-zone',
+ cli_metavar='REVERSE_ZONE',
)
no_reverse = Knob(
@@ -691,31 +692,6 @@ class ReplicaDNS(common.Installable, core.Group, core.Composite):
description="Disable DNSSEC validation",
)
- dnssec_master = Knob(
- bool, False,
- initializable=False,
- description="Setup server to be DNSSEC key master",
- )
-
- disable_dnssec_master = Knob(
- bool, False,
- initializable=False,
- description="Disable the DNSSEC master on this server",
- )
-
- force = Knob(
- bool, False,
- initializable=False,
- description="Force install",
- )
-
- kasp_db_file = Knob(
- str, None,
- initializable=False,
- description="Copy OpenDNSSEC metadata from the specified file (will "
- "not create a new kasp.db file)",
- )
-
no_host_dns = Knob(
bool, False,
description="Do not use DNS for hostname lookup during installation",
@@ -750,6 +726,7 @@ class Replica(common.Installable, common.Interactive, core.Composite):
description=("Replica server IP Address. This option can be used "
"multiple times"),
cli_name='ip-address',
+ cli_metavar='IP_ADDRESS',
)
password = Knob(
@@ -774,6 +751,7 @@ class Replica(common.Installable, common.Interactive, core.Composite):
no_ntp = Knob(
bool, False,
description="do not configure ntp",
+ cli_short_name='N',
)
no_ui_redirect = Knob(
@@ -864,10 +842,10 @@ class Replica(common.Installable, common.Interactive, core.Composite):
self.reverse_zones = self.dns.reverse_zones
self.no_reverse = self.dns.no_reverse
self.no_dnssec_validation = self.dns.no_dnssec_validation
- self.dnssec_master = self.dns.dnssec_master
- self.disable_dnssec_master = self.dns.disable_dnssec_master
- self.kasp_db_file = self.dns.kasp_db_file
- self.force = self.dns.force
+ self.dnssec_master = False
+ self.disable_dnssec_master = False
+ self.kasp_db_file = None
+ self.force = False
self.zonemgr = None
self.no_host_dns = self.dns.no_host_dns
self.no_dns_sshfp = self.dns.no_dns_sshfp
--
2.4.3