r00t2/aif-ng
1
0
Fork 0
Code Issues Pull Requests Projects Releases Activity

xml/xsd revamp complete

Browse Source
This commit is contained in:
brent s 2019-10-28 03:40:26 -04:00
parent 7f1bbc5022
commit 313f217b36
5 changed files with 193 additions and 448 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

234
aif.xsd
View File

@ -80,7 +80,7 @@
<!-- https://github.com/systemd/systemd/blob/master/src/udev/udev-builtin-net_id.c. <!-- https://github.com/systemd/systemd/blob/master/src/udev/udev-builtin-net_id.c.
I have no idea if this will work. TODO: simplify, validate in-code. --> I have no idea if this will work. TODO: simplify, validate in-code. -->
<xs:pattern <xs:pattern
value="(auto|((en|sl|wl|ww)(b[0-9]+|c[a-z0-9]|o[0-9]+(n.*(d.*)?)?|s[0-9]+(f.*)?((n|d).*)?|x([A-Fa-f0-9]:){5}[A-Fa-f0-9]|(P.*)?p[0-9]+s[0-9]+(((f|n|d).*)|u.*)?)))"/> value="(auto|((en|sl|wl|ww)(b[0-9]+|c[a-z0-9]|o[0-9]+(n.*(d.*)?)?|s[0-9]+(f.*)?([nd].*)?|x([A-Fa-f0-9]:){5}[A-Fa-f0-9]|(P.*)?p[0-9]+s[0-9]+(([fnd].*)|u.*)?)))"/>
<xs:whiteSpace value="collapse"/> <xs:whiteSpace value="collapse"/>
</xs:restriction> </xs:restriction>
</xs:simpleType> </xs:simpleType>
@ -89,7 +89,7 @@
<xs:restriction base="xs:string"> <xs:restriction base="xs:string">
<!-- This is a REALLY LAZY regex. Matching IPv4 in regex is ugly as heck, so we do that in-code. <!-- This is a REALLY LAZY regex. Matching IPv4 in regex is ugly as heck, so we do that in-code.
This is just a gatekeeper. --> This is just a gatekeeper. -->
<xs:pattern value="(dhcp|[0-9\.]{7,15}/[0-9]{,2})"/> <xs:pattern value="(dhcp|[0-9.]{7,15}/[0-9]{1,2})"/>
<xs:whiteSpace value="collapse"/> <xs:whiteSpace value="collapse"/>
</xs:restriction> </xs:restriction>
</xs:simpleType> </xs:simpleType>
@ -123,13 +123,13 @@
<xs:restriction base="xs:token"> <xs:restriction base="xs:token">
<xs:enumeration value="netctl"/> <xs:enumeration value="netctl"/>
<xs:enumeration value="nm"/> <xs:enumeration value="nm"/>
<xs:enumeration value="networkd"/> <xs:enumeration value="systemd"/>
</xs:restriction> </xs:restriction>
</xs:simpleType> </xs:simpleType>


<xs:simpleType name="t_scripturi"> <xs:simpleType name="t_scripturi">
<xs:restriction base="xs:anyURI"> <xs:restriction base="xs:anyURI">
<xs:pattern value="(https?|ftps?|file)://"/> <xs:pattern value="(https?|ftps?|file)://.+"/>
<xs:whiteSpace value="collapse"/> <xs:whiteSpace value="collapse"/>
</xs:restriction> </xs:restriction>
</xs:simpleType> </xs:simpleType>
@ -147,8 +147,10 @@
<xs:simpleType name="t_shadowhash"> <xs:simpleType name="t_shadowhash">
<!-- http://man7.org/linux/man-pages/man3/crypt.3.html#NOTES --> <!-- http://man7.org/linux/man-pages/man3/crypt.3.html#NOTES -->
<xs:restriction base="xs:token"> <xs:restriction base="xs:token">
<xs:pattern <xs:pattern value="($1)?($[a-zA-Z0-9./]{1,16})$[a-zA-Z0-9./]{22}"/><!-- md5 -->
value="$(6$[A-Za-z0-9\./\+=]{8,16}$[A-Za-z0-9\./\+=]{86}|1$[A-Za-z0-9\./\+=]{8,16}$[A-Za-z0-9\./\+=]{22}|5$[A-Za-z0-9\./\+=]{8,16}$[A-Za-z0-9\./\+=]{43})"/> <xs:pattern value="($2[abxy]?)?($[0-9]+)$[a-zA-Z0-9./]{53}"/><!-- Blowfish -->
<xs:pattern value="($5)?($[a-zA-Z0-9./]{1,16})$[a-zA-Z0-9./]{43}"/><!-- sha256 -->
<xs:pattern value="($6)?($[a-zA-Z0-9./]{1,16})$[a-zA-Z0-9./]{86}"/><!-- sha512 -->
<xs:whiteSpace value="collapse"/> <xs:whiteSpace value="collapse"/>
</xs:restriction> </xs:restriction>
</xs:simpleType> </xs:simpleType>
@ -162,19 +164,15 @@
</xs:restriction> </xs:restriction>
</xs:simpleType> </xs:simpleType>


<xs:simpleType name="t_scripttype">
<xs:restriction base="xs:token">
<xs:pattern value="(pre|post|pkg)"/>
<xs:whiteSpace value="collapse"/>
</xs:restriction>
</xs:simpleType>

<xs:simpleType name="t_bootloaders"> <xs:simpleType name="t_bootloaders">
<!-- TODO: expand? <!-- TODO: expand?
https://wiki.archlinux.org/index.php/Category:Boot_loaders https://wiki.archlinux.org/index.php/Category:Boot_loaders
https://wiki.archlinux.org/index.php/Arch_boot_process#Boot_loader --> https://wiki.archlinux.org/index.php/Arch_boot_process#Boot_loader -->
<xs:restriction base="xs:token"> <xs:restriction base="xs:token">
<xs:pattern value="(grub|systemd|syslinux)"/> <xs:enumeration value="grub"/>
<xs:enumeration value="systemd"/>
<xs:enumeration value="syslinux"/>
<xs:enumeration value="lilo"/>
<xs:whiteSpace value="collapse"/> <xs:whiteSpace value="collapse"/>
</xs:restriction> </xs:restriction>
</xs:simpleType> </xs:simpleType>
@ -196,7 +194,7 @@


<xs:simpleType name="t_filepath"> <xs:simpleType name="t_filepath">
<xs:restriction base="xs:string"> <xs:restriction base="xs:string">
<xs:pattern value="/([^/]+)"/> <xs:pattern value="((/[^/]+)+/?|swap)"/>
</xs:restriction> </xs:restriction>
</xs:simpleType> </xs:simpleType>


@ -216,7 +214,7 @@
</xs:simpleType> </xs:simpleType>


<xs:simpleType name="t_raid_levels"> <xs:simpleType name="t_raid_levels">
<xs:restriction base="xs:positiveInteger"> <xs:restriction base="xs:integer">
<xs:enumeration value="0"/> <xs:enumeration value="0"/>
<xs:enumeration value="1"/> <xs:enumeration value="1"/>
<xs:enumeration value="4"/> <xs:enumeration value="4"/>
@ -232,6 +230,42 @@
</xs:restriction> </xs:restriction>
</xs:simpleType> </xs:simpleType>


<xs:complexType name="t_nixpass">
<xs:choice minOccurs="1" maxOccurs="1">
<xs:element name="passwordPlain" type="t_nonempty"/>
<xs:element name="passwordHash">
<xs:complexType>
<xs:simpleContent>
<xs:extension base="aif:t_shadowhash">
<xs:attribute name="hashType" use="optional" default="(detect)">
<xs:simpleType>
<xs:restriction base="aif:t_nonempty">
<xs:enumeration value="md5"/>
<xs:enumeration value="bcrypt"/><!-- "blowfish" in crypt(3) -->
<xs:enumeration value="sha256"/>
<xs:enumeration value="sha512"/>
<xs:enumeration value="(detect)"/>
</xs:restriction>
</xs:simpleType>
</xs:attribute>
</xs:extension>
</xs:simpleContent>
</xs:complexType>
</xs:element>
</xs:choice>
</xs:complexType>

<xs:complexType name="t_provscript">
<xs:simpleContent>
<xs:extension base="aif:t_scripturi">
<xs:attribute name="user" type="aif:t_nonempty" use="optional"/>
<xs:attribute name="password" type="aif:t_nonempty" use="optional"/>
<xs:attribute name="realm" type="aif:t_nonempty" use="optional"/>
<xs:attribute name="authtype" type="aif:t_authselect" use="optional" default="none"/>
</xs:extension>
</xs:simpleContent>
</xs:complexType>

<!-- ROOT --> <!-- ROOT -->
<xs:element name="aif"> <xs:element name="aif">
<xs:complexType> <xs:complexType>
@ -239,29 +273,41 @@
<!-- BEGIN STORAGE --> <!-- BEGIN STORAGE -->
<xs:element name="storage" minOccurs="1" maxOccurs="1"> <xs:element name="storage" minOccurs="1" maxOccurs="1">
<xs:complexType> <xs:complexType>
<xs:sequence> <xs:all>
<!-- BEGIN DISK --> <!-- BEGIN BLOCKDEVICES -->
<xs:element name="disk" minOccurs="1" maxOccurs="unbounded"> <xs:element name="blockDevices" minOccurs="1">
<xs:complexType> <xs:complexType>
<xs:sequence> <xs:sequence minOccurs="1" maxOccurs="unbounded">
<xs:element name="part" minOccurs="1" maxOccurs="unbounded"> <xs:element name="disk" minOccurs="1" maxOccurs="unbounded">
<xs:complexType> <xs:complexType>
<xs:attribute name="id" type="aif:t_nonempty" use="required"/> <xs:sequence>
<xs:attribute name="name" type="aif:t_nonempty" use="optional"/> <xs:element name="part" minOccurs="1" maxOccurs="unbounded">
<xs:attribute name="label" type="aif:t_nonempty" use="optional"/> <xs:complexType>
<xs:attribute name="start" type="aif:t_disksize" use="required"/> <xs:attribute name="id" type="aif:t_nonempty"
<xs:attribute name="stop" type="aif:t_disksize" use="required"/> use="required"/>
<xs:attribute name="fsType" type="aif:t_fstype" use="required"/> <xs:attribute name="name" type="aif:t_nonempty"
use="optional"/>
<xs:attribute name="label" type="aif:t_nonempty"
use="optional"/>
<xs:attribute name="start" type="aif:t_disksize"
use="required"/>
<xs:attribute name="stop" type="aif:t_disksize"
use="required"/>
<xs:attribute name="fsType" type="aif:t_fstype"
use="required"/>
</xs:complexType>
</xs:element>
</xs:sequence>
<xs:attribute name="device" type="aif:t_diskdev" use="required"/>
<xs:attribute name="diskFormat" type="aif:t_diskfmt" use="required"/>
</xs:complexType> </xs:complexType>
<xs:unique name="uniq_diskdev">
<xs:selector xpath="aif:disk"/>
<xs:field xpath="@device"/>
</xs:unique>
</xs:element> </xs:element>
</xs:sequence> </xs:sequence>
<xs:attribute name="device" type="aif:t_diskdev" use="required"/>
<xs:attribute name="diskFormat" type="aif:t_diskfmt" use="required"/>
</xs:complexType> </xs:complexType>
<xs:unique name="uniq_diskdev">
<xs:selector xpath="aif:disk"/>
<xs:field xpath="@device"/>
</xs:unique>
</xs:element> </xs:element>
<!-- END DISK --> <!-- END DISK -->
<!-- BEGIN FILESYSTEMS --> <!-- BEGIN FILESYSTEMS -->
@ -383,7 +429,7 @@
</xs:element> </xs:element>
<!-- END MDADM --> <!-- END MDADM -->
<!-- BEGIN MOUNTPOINTS --> <!-- BEGIN MOUNTPOINTS -->
<xs:element name="mountPoints" minOccurs="1" maxOccurs="unbounded"> <xs:element name="mountPoints" minOccurs="1">
<xs:complexType> <xs:complexType>
<xs:sequence minOccurs="1" maxOccurs="unbounded"> <xs:sequence minOccurs="1" maxOccurs="unbounded">
<xs:element name="mount" minOccurs="1" maxOccurs="unbounded"> <xs:element name="mount" minOccurs="1" maxOccurs="unbounded">
@ -405,7 +451,7 @@
</xs:complexType> </xs:complexType>
</xs:element> </xs:element>
<!-- END MOUNTPOINTS --> <!-- END MOUNTPOINTS -->
</xs:sequence> </xs:all>
</xs:complexType> </xs:complexType>
</xs:element> </xs:element>
<!-- END STORAGE --> <!-- END STORAGE -->
@ -418,7 +464,7 @@
<xs:all> <xs:all>
<xs:element name="addresses" minOccurs="0" maxOccurs="1"> <xs:element name="addresses" minOccurs="0" maxOccurs="1">
<xs:complexType> <xs:complexType>
<xs:any minOccurs="1" maxOccurs="unbounded"> <xs:sequence minOccurs="1" maxOccurs="unbounded">
<xs:element name="ipv4"> <xs:element name="ipv4">
<xs:complexType> <xs:complexType>
<xs:sequence> <xs:sequence>
@ -439,16 +485,16 @@
use="optional"/> use="optional"/>
</xs:complexType> </xs:complexType>
</xs:element> </xs:element>
</xs:any> </xs:sequence>
<xs:unique name="uniq_ip4">
<xs:selector xpath="ipv4"/>
<xs:field xpath="address"/>
</xs:unique>
<xs:unique name="uniq_ip6">
<xs:selector xpath="ipv6"/>
<xs:field xpath="address"/>
</xs:unique>
</xs:complexType> </xs:complexType>
<xs:unique name="uniq_ip4">
<xs:selector xpath="ipv4"/>
<xs:field xpath="address"/>
</xs:unique>
<xs:unique name="uniq_ip6">
<xs:selector xpath="ipv6"/>
<xs:field xpath="address"/>
</xs:unique>
</xs:element> </xs:element>
<xs:element name="resolvers" minOccurs="0" maxOccurs="1"> <xs:element name="resolvers" minOccurs="0" maxOccurs="1">
<xs:complexType> <xs:complexType>
@ -480,8 +526,10 @@
<!-- BEGIN SYSTEM --> <!-- BEGIN SYSTEM -->
<xs:element name="system" maxOccurs="1" minOccurs="1"> <xs:element name="system" maxOccurs="1" minOccurs="1">
<xs:complexType> <xs:complexType>
<xs:sequence> <xs:all>
<xs:element name="locales" minOccurs="1" maxOccurs="unbounded"> <xs:element name="rootPassword" minOccurs="1" maxOccurs="1"
type="aif:t_nixpass"/>
<xs:element name="locales" minOccurs="1" maxOccurs="1">
<xs:complexType> <xs:complexType>
<xs:sequence minOccurs="1" maxOccurs="unbounded"> <xs:sequence minOccurs="1" maxOccurs="unbounded">
<xs:element name="locale" minOccurs="1" maxOccurs="unbounded"> <xs:element name="locale" minOccurs="1" maxOccurs="unbounded">
@ -499,17 +547,11 @@
<xs:element name="users" minOccurs="1" maxOccurs="1"> <xs:element name="users" minOccurs="1" maxOccurs="1">
<xs:complexType> <xs:complexType>
<xs:sequence> <xs:sequence>
<xs:element name="rootPassword" minOccurs="1" maxOccurs="1">
<xs:complexType>
<xs:choice minOccurs="1" maxOccurs="1">
<xs:element name="password" type="t_nonempty"/>
<xs:element name="passHash" type="t_nixpasshash"/>
</xs:choice>
</xs:complexType>
</xs:element>
<xs:element name="user" minOccurs="0" maxOccurs="unbounded"> <xs:element name="user" minOccurs="0" maxOccurs="unbounded">
<xs:complexType> <xs:complexType>
<xs:sequence> <xs:sequence>
<xs:element name="password" minOccurs="0" maxOccurs="1"
type="aif:t_nixpass"/>
<xs:element name="xGroup" minOccurs="0" maxOccurs="unbounded"> <xs:element name="xGroup" minOccurs="0" maxOccurs="unbounded">
<xs:complexType> <xs:complexType>
<xs:attribute name="name" type="aif:t_posixUserGroup" <xs:attribute name="name" type="aif:t_posixUserGroup"
@ -529,34 +571,38 @@
<xs:attribute name="uid" type="xs:positiveInteger" use="optional"/> <xs:attribute name="uid" type="xs:positiveInteger" use="optional"/>
<xs:attribute name="group" type="aif:t_posixUserGroup" use="optional"/> <xs:attribute name="group" type="aif:t_posixUserGroup" use="optional"/>
<xs:attribute name="gid" type="xs:positiveInteger" use="optional"/> <xs:attribute name="gid" type="xs:positiveInteger" use="optional"/>
<xs:attribute name="password" type="aif:t_nixpass" use="optional"/>
<xs:attribute name="comment" type="aif:t_nonempty" use="optional"/> <xs:attribute name="comment" type="aif:t_nonempty" use="optional"/>
<xs:attribute name="sudo" type="xs:boolean" use="optional" default="0"/> <xs:attribute name="sudo" type="xs:boolean" use="optional" default="0"/>
</xs:complexType> </xs:complexType>
</xs:element> </xs:element>
</xs:sequence> </xs:sequence>
<xs:attribute name="rootpass" type="aif:t_nixpass" use="required"/>
</xs:complexType> </xs:complexType>
<xs:unique name="uniq_usr"> <xs:unique name="uniq_usr">
<xs:selector xpath="aif:user"/> <xs:selector xpath="aif:user"/>
<xs:field xpath="@name"/> <xs:field xpath="@name"/>
</xs:unique> </xs:unique>
</xs:element> </xs:element>
<xs:element name="service" minOccurs="0" maxOccurs="unbounded"> <xs:element name="services" minOccurs="0" maxOccurs="1">
<xs:complexType> <xs:complexType>
<xs:simpleContent> <xs:sequence>
<xs:extension base="aif:t_nonempty"> <xs:element name="service" minOccurs="0" maxOccurs="unbounded">
<xs:attribute name="status" type="xs:boolean" use="required"/> <xs:complexType>
</xs:extension> <xs:simpleContent>
</xs:simpleContent> <xs:extension base="aif:t_nonempty">
<xs:attribute name="status" type="xs:boolean" use="required"/>
</xs:extension>
</xs:simpleContent>
</xs:complexType>
<xs:unique name="uniq_svc">
<xs:selector xpath="aif:service"/>
<xs:field xpath="@name"/>
<xs:field xpath="@status"/>
</xs:unique>
</xs:element>
</xs:sequence>
</xs:complexType> </xs:complexType>
<xs:unique name="uniq_svc">
<xs:selector xpath="aif:service"/>
<xs:field xpath="@name"/>
<xs:field xpath="@status"/>
</xs:unique>
</xs:element> </xs:element>
</xs:sequence> </xs:all>
<!-- timezone and kbd/xkbd are validated in-code. --> <!-- timezone and kbd/xkbd are validated in-code. -->
<xs:attribute name="timezone" type="aif:t_nonempty" use="required"/> <xs:attribute name="timezone" type="aif:t_nonempty" use="required"/>
<xs:attribute name="chrootPath" type="aif:t_filepath" use="required"/> <xs:attribute name="chrootPath" type="aif:t_filepath" use="required"/>
@ -577,24 +623,20 @@
<xs:complexType> <xs:complexType>
<xs:attribute name="name" type="aif:t_nonempty" use="required"/> <xs:attribute name="name" type="aif:t_nonempty" use="required"/>
<xs:attribute name="enabled" type="xs:boolean" use="required"/> <xs:attribute name="enabled" type="xs:boolean" use="required"/>
<xs:attribute name="siglevel" type="xs:token" use="required"/> <xs:attribute name="sigLevel" type="aif:t_nonempty" use="required"/>
<xs:attribute name="mirror" type="aif:t_pacuri" use="required"/> <xs:attribute name="mirror" type="aif:t_pacuri" use="required"/>
</xs:complexType> </xs:complexType>
</xs:element> </xs:element>
</xs:sequence> </xs:sequence>
</xs:complexType> </xs:complexType>
</xs:element> </xs:element>
<xs:element name="mirrorlist" maxOccurs="1" minOccurs="0"> <xs:element name="mirrorList" maxOccurs="1" minOccurs="0">
<xs:complexType> <xs:complexType>
<xs:sequence> <xs:sequence>
<xs:element name="mirror" type="aif:t_pacuri" maxOccurs="unbounded" <xs:element name="mirror" type="aif:t_pacuri" maxOccurs="unbounded"
minOccurs="1"/> minOccurs="1"/>
</xs:sequence> </xs:sequence>
</xs:complexType> </xs:complexType>
<xs:unique name="uniq_mirrors">
<xs:selector xpath="aif:mirror"/>
<xs:field xpath="."/>
</xs:unique>
</xs:element> </xs:element>
<xs:element name="software" maxOccurs="1" minOccurs="0"> <xs:element name="software" maxOccurs="1" minOccurs="0">
<xs:complexType> <xs:complexType>
@ -610,6 +652,18 @@
</xs:element> </xs:element>
</xs:sequence> </xs:sequence>
</xs:complexType> </xs:complexType>
<xs:unique name="uniq_repos">
<xs:selector xpath="aif:repos"/>
<xs:field xpath="repo"/>
</xs:unique>
<xs:unique name="uniq_mirror">
<xs:selector xpath="aif:mirrorList"/>
<xs:field xpath="mirror"/>
</xs:unique>
<xs:unique name="uniq_pkg">
<xs:selector xpath="aif:software"/>
<xs:field xpath="package"/>
</xs:unique>
</xs:element> </xs:element>
</xs:sequence> </xs:sequence>
<xs:attribute name="command" type="aif:t_nonempty" use="optional" default="pacman -S"/> <xs:attribute name="command" type="aif:t_nonempty" use="optional" default="pacman -S"/>
@ -629,15 +683,28 @@
<xs:element name="scripts" maxOccurs="1" minOccurs="0"> <xs:element name="scripts" maxOccurs="1" minOccurs="0">
<xs:complexType> <xs:complexType>
<xs:sequence> <xs:sequence>
<xs:element name="script" minOccurs="1" maxOccurs="unbounded"> <xs:element name="pre" minOccurs="0" maxOccurs="unbounded">
<xs:complexType> <xs:complexType>
<xs:attribute name="uri" type="aif:t_scripturi" use="required"/> <xs:sequence>
<xs:attribute name="execution" type="aif:t_scripttype" use="required"/> <xs:element name="script" minOccurs="1" maxOccurs="unbounded"
<xs:attribute name="user" type="aif:t_nonempty" use="optional"/> type="aif:t_provscript"/>
<xs:attribute name="password" type="aif:t_nonempty" use="optional"/> </xs:sequence>
<xs:attribute name="realm" type="aif:t_nonempty" use="optional"/> </xs:complexType>
<xs:attribute name="authtype" type="aif:t_authselect" use="optional" </xs:element>
default="none"/> <xs:element name="post" minOccurs="0" maxOccurs="unbounded">
<xs:complexType>
<xs:sequence>
<xs:element name="script" minOccurs="1" maxOccurs="unbounded"
type="aif:t_provscript"/>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="pkg" minOccurs="0" maxOccurs="unbounded">
<xs:complexType>
<xs:sequence>
<xs:element name="script" minOccurs="1" maxOccurs="unbounded"
type="aif:t_provscript"/>
</xs:sequence>
</xs:complexType> </xs:complexType>
</xs:element> </xs:element>
</xs:sequence> </xs:sequence>
@ -649,6 +716,7 @@
</xs:element> </xs:element>
<!-- END SCRIPTS --> <!-- END SCRIPTS -->
</xs:all> </xs:all>
<xs:attribute name="version" type="aif:t_nonempty" use="required"/>
</xs:complexType> </xs:complexType>
</xs:element> </xs:element>
</xs:schema> </xs:schema>

183
docs/examples/aif-sample-intermediate.json
View File

@ -1,183 +0,0 @@
{
"boot": {
"bootloader": "grub",
"efi": true,
"target": "/boot"
},
"disks": {
"/dev/sda": {
"fmt": "gpt",
"parts": {
"1": {
"fstype": "8300",
"start": "0%",
"stop": "95%"
},
"2": {
"fstype": "ef00",
"start": "95%",
"stop": "100%"
}
}
},
"/dev/sdb": {
"fmt": "gpt",
"parts": {
"1": {
"fstype": "8300",
"start": "0%",
"stop": "47%"
},
"2": {
"fstype": "8300",
"start": "47%",
"stop": "95%"
},
"3": {
"fstype": "8200",
"start": "95%",
"stop": "100%"
}
}
}
},
"mounts": {
"1": {
"device": "/dev/sda1",
"fstype": "ext4",
"opts": "defaults",
"target": "/mnt/aif"
},
"2": {
"device": "/dev/sda2",
"fstype": "vfat",
"opts": "rw,relatime,fmask=0022,dmask=0022,codepage=437,iocharset=iso8859-1,shortname=mixed,errors=remount-ro",
"target": "/mnt/aif/boot"
},
"3": {
"device": "/dev/sdb1",
"fstype": "ext4",
"opts": "defaults",
"target": "/mnt/aif/home"
},
"4": {
"device": "/dev/sdb2",
"fstype": "ext4",
"opts": "defaults",
"target": "/mnt/aif/mnt/data"
},
"5": {
"device": "/dev/sdb3",
"fstype": false,
"opts": false,
"target": "swap"
}
},
"network": {
"hostname": "aif.loc.lan",
"ifaces": {
"ens3": {
"address": "auto",
"gw": false,
"proto": "ipv4",
"resolvers": false
},
"ens4": {
"address": "192.168.1.2/24",
"gw": "192.168.1.1",
"proto": "ipv4",
"resolvers": [
"4.2.2.1",
"4.2.2.2"
]
}
}
},
"scripts": {
"pkg": false,
"post": {
"1": {
"auth": "digest",
"password": "password",
"realm": "realmname",
"uri": "https://aif.square-r00t.net/sample-scripts/post/first.sh",
"user": "test"
}
},
"pre": false
},
"software": {
"mirrors": [
"http://mirrors.advancedhosters.com/archlinux/$repo/os/$arch",
"http://mirror.us.leaseweb.net/archlinux/$repo/os/$arch",
"http://arch.mirror.constant.com/$repo/os/$arch",
"http://mirror.vtti.vt.edu/archlinux/$repo/os/$arch",
"http://arch.mirrors.pair.com/$repo/os/$arch",
"http://mirror.yellowfiber.net/archlinux/$repo/os/$arch"
],
"packages": {
"openssh": "None"
},
"pkgr": false,
"repos": {
"community": {
"enabled": true,
"mirror": "file:///etc/pacman.d/mirrorlist",
"siglevel": "default"
},
"community-testing": {
"enabled": false,
"mirror": "file:///etc/pacman.d/mirrorlist",
"siglevel": "default"
},
"core": {
"enabled": true,
"mirror": "file:///etc/pacman.d/mirrorlist",
"siglevel": "default"
},
"extra": {
"enabled": true,
"mirror": "file:///etc/pacman.d/mirrorlist",
"siglevel": "default"
},
"multilib": {
"enabled": true,
"mirror": "file:///etc/pacman.d/mirrorlist",
"siglevel": "default"
},
"multilib-testing": {
"enabled": false,
"mirror": "file:///etc/pacman.d/mirrorlist",
"siglevel": "default"
}
}
},
"system": {
"chrootpath": "/mnt/aif",
"kbd": "US",
"locale": "en_US.UTF-8",
"reboot": true,
"rootpass": "$6$aIK0xvxLa/9BTEDu$xFskR0cQcEi273I8dgUtyO7WjjhHUZOfyS6NemelPgfMJORxbjgI6QCW6wEcCh7NVA1qGDpS0Lyg9vDCaRnA9/",
"services": {
"sshd": true
},
"timezone": "UTC",
"users": {
"aifusr": {
"comment": "A Test User",
"gid": false,
"group": false,
"home": false,
"password": "$6$arRyKn/VsusyJNQo$huX4aa1aJPzRMyyqeEw6IxC1KC1EKKJ8RXdQp6W68Yt7SVdHjwU/fEDvPb3xD3lUHOQ6ysLKWLkEXFNYxLpMf1",
"sudo": true,
"uid": false,
"xgroups": {
"users": {
"create": false,
"gid": false
}
}
}
}
}
}

96
docs/examples/aif-sample-intermediate.json.txt
View File

@ -1,96 +0,0 @@
{'boot': {'bootloader': 'grub', 'efi': True, 'target': '/boot'},
'disks': {'/dev/sda': {'fmt': 'gpt',
'parts': {1: {'fstype': '8300',
'start': '0%',
'stop': '95%'},
2: {'fstype': 'ef00',
'start': '95%',
'stop': '100%'}}},
'/dev/sdb': {'fmt': 'gpt',
'parts': {1: {'fstype': '8300',
'start': '0%',
'stop': '47%'},
2: {'fstype': '8300',
'start': '47%',
'stop': '95%'},
3: {'fstype': '8200',
'start': '95%',
'stop': '100%'}}}},
'mounts': {1: {'device': '/dev/sda1',
'fstype': 'ext4',
'opts': 'defaults',
'target': '/mnt/aif'},
2: {'device': '/dev/sda2',
'fstype': 'vfat',
'opts': 'rw,relatime,fmask=0022,dmask=0022,codepage=437,iocharset=iso8859-1,shortname=mixed,errors=remount-ro',
'target': '/mnt/aif/boot'},
3: {'device': '/dev/sdb1',
'fstype': 'ext4',
'opts': 'defaults',
'target': '/mnt/aif/home'},
4: {'device': '/dev/sdb2',
'fstype': 'ext4',
'opts': 'defaults',
'target': '/mnt/aif/mnt/data'},
5: {'device': '/dev/sdb3',
'fstype': False,
'opts': False,
'target': 'swap'}},
'network': {'hostname': 'aif.loc.lan',
'ifaces': {'ens3': {'address': 'auto',
'gw': False,
'proto': 'ipv4',
'resolvers': False},
'ens4': {'address': '192.168.1.2/24',
'gw': '192.168.1.1',
'proto': 'ipv4',
'resolvers': ['4.2.2.1', '4.2.2.2']}}},
'scripts': {'pkg': False,
'post': {1: {'auth': 'digest',
'password': 'password',
'realm': 'realmname',
'uri': 'https://aif.square-r00t.net/sample-scripts/post/first.sh',
'user': 'test'}},
'pre': False},
'software': {'mirrors': ['http://mirrors.advancedhosters.com/archlinux/$repo/os/$arch',
'http://mirror.us.leaseweb.net/archlinux/$repo/os/$arch',
'http://arch.mirror.constant.com/$repo/os/$arch',
'http://mirror.vtti.vt.edu/archlinux/$repo/os/$arch',
'http://arch.mirrors.pair.com/$repo/os/$arch',
'http://mirror.yellowfiber.net/archlinux/$repo/os/$arch'],
'packages': {'openssh': None},
'pkgr': False,
'repos': {'community': {'enabled': True,
'mirror': 'file:///etc/pacman.d/mirrorlist',
'siglevel': 'default'},
'community-testing': {'enabled': False,
'mirror': 'file:///etc/pacman.d/mirrorlist',
'siglevel': 'default'},
'core': {'enabled': True,
'mirror': 'file:///etc/pacman.d/mirrorlist',
'siglevel': 'default'},
'extra': {'enabled': True,
'mirror': 'file:///etc/pacman.d/mirrorlist',
'siglevel': 'default'},
'multilib': {'enabled': True,
'mirror': 'file:///etc/pacman.d/mirrorlist',
'siglevel': 'default'},
'multilib-testing': {'enabled': False,
'mirror': 'file:///etc/pacman.d/mirrorlist',
'siglevel': 'default'}}},
'system': {'chrootpath': '/mnt/aif',
'kbd': 'US',
'locale': 'en_US.UTF-8',
'reboot': True,
'rootpass': '$6$aIK0xvxLa/9BTEDu$xFskR0cQcEi273I8dgUtyO7WjjhHUZOfyS6NemelPgfMJORxbjgI6QCW6wEcCh7NVA1qGDpS0Lyg9vDCaRnA9/',
'services': {'sshd': True},
'timezone': 'UTC',
'users': {'aifusr': {'comment': 'A Test User',
'gid': False,
'group': False,
'home': False,
'password': '$6$arRyKn/VsusyJNQo$huX4aa1aJPzRMyyqeEw6IxC1KC1EKKJ8RXdQp6W68Yt7SVdHjwU/fEDvPb3xD3lUHOQ6ysLKWLkEXFNYxLpMf1',
'sudo': True,
'uid': False,
'xgroups': {'users': {'create': False,
'gid': False}}}}}}

62
docs/examples/aif-secure.xml
View File

@ -1,62 +0,0 @@
<?xml version="1.0" encoding="UTF-8" ?>
<aif xmlns:aif="http://aif.square-r00t.net/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://aif.square-r00t.net aif.xsd">
<storage>
<disk device="/dev/sda" diskfmt="gpt">
<part num="1" start="0%" stop="10%" fstype="ef00" />
<part num="2" start="10%" stop="100%" fstype="8300" />
</disk>
<mount source="/dev/sda2" target="/mnt/aif" order="1" />
<mount source="/dev/sda1" target="/mnt/aif/boot" order="2" />
</storage>
<network hostname="aiftest.square-r00t.net">
<iface device="auto" address="auto" netproto="ipv4" />
</network>
<system timezone="EST5EDT" locale="en_US.UTF-8" chrootpath="/mnt/aif" reboot="1">
<users rootpass="!" />
<service name="sshd" status="1" />
<service name="cronie" status="1" />
<service name="haveged" status="1" />
</system>
<pacman command="apacman -S">
<repos>
<repo name="core" enabled="true" siglevel="default" mirror="file:///etc/pacman.d/mirrorlist" />
<repo name="extra" enabled="true" siglevel="default" mirror="file:///etc/pacman.d/mirrorlist" />
<repo name="community" enabled="true" siglevel="default" mirror="file:///etc/pacman.d/mirrorlist" />
<repo name="multilib" enabled="true" siglevel="default" mirror="file:///etc/pacman.d/mirrorlist" />
<repo name="testing" enabled="false" siglevel="default" mirror="file:///etc/pacman.d/mirrorlist" />
<repo name="multilib-testing" enabled="false" siglevel="default" mirror="file:///etc/pacman.d/mirrorlist" />
<repo name="archlinuxfr" enabled="false" siglevel="Optional TrustedOnly" mirror="http://repo.archlinux.fr/$arch" />
</repos>
<mirrorlist>
<mirror>http://mirror.us.leaseweb.net/archlinux/$repo/os/$arch</mirror>
<mirror>http://mirrors.advancedhosters.com/archlinux/$repo/os/$arch</mirror>
<mirror>http://ftp.osuosl.org/pub/archlinux/$repo/os/$arch</mirror>
<mirror>http://arch.mirrors.ionfish.org/$repo/os/$arch</mirror>
<mirror>http://mirrors.gigenet.com/archlinux/$repo/os/$arch</mirror>
<mirror>http://mirror.jmu.edu/pub/archlinux/$repo/os/$arch</mirror>
</mirrorlist>
<software>
<package name="sed" repo="core" />
<package name="python" />
<package name="openssh" />
<package name="vim" />
<package name="vim-plugins" />
<package name="haveged" />
<package name="byobu" />
<package name="etc-update" />
<package name="cronie" />
<package name="mlocate" />
<package name="mtree-git" />
</software>
</pacman>
<bootloader type="grub" target="/boot" efi="true" />
<scripts>
<script uri="https://aif.square-r00t.net/cfgs/scripts/pkg/python.sh" order="1" execution="pkg" />
<script uri="https://aif.square-r00t.net/cfgs/scripts/pkg/apacman.py" order="2" execution="pkg" />
<script uri="https://aif.square-r00t.net/cfgs/scripts/post/sshsecure.py" order="1" execution="post" />
<script uri="https://aif.square-r00t.net/cfgs/scripts/post/sshkeys.py" order="2" execution="post" />
<script uri="https://aif.square-r00t.net/cfgs/scripts/post/configs.py" order="3" execution="post" />
</scripts>
</aif>

66
docs/examples/aif.xml
View File

@ -1,21 +1,26 @@
<?xml version="1.0" encoding="UTF-8" ?> <?xml version="1.0" encoding="UTF-8" ?>
<aif xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" <aif xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://aif-ng.io/" xmlns="http://aif-ng.io/"
xsi:schemaLocation="http://aif-ng.io/aif.xsd"> xsi:schemaLocation="http://aif-ng.io/aif.xsd"
version="0.2.0">
<storage> <storage>
<disk device="/dev/sda" diskFormat="gpt"> <blockDevices>
<!-- Partitions are numbered *in the order they are specified*. --> <disk device="/dev/sda" diskFormat="gpt">
<part id="boot" name="BOOT" label="/boot" start="0%" stop="10%" <!-- Partitions are numbered *in the order they are specified*. -->
fsType="fat32"/><!-- e.g. this would be /dev/sda1 --> <part id="boot" name="BOOT" label="/boot" start="0%" stop="10%"
<part id="secrets1" name="crypted" label="shh" start="10%" stop="20%" fsType="ext4"/> fsType="fat32"/><!-- e.g. this would be /dev/sda1 -->
<part id="lvm_member1" name="jbod" label="dynamic" start="20%" stop="30%" fsType="ext4"/> <part id="secrets1" name="crypted" label="shh" start="10%" stop="20%" fsType="ext4"/>
<part id="raid1_d1" start="30%" stop="55%" fsType="ext4"/> <part id="lvm_member1" name="jbod" label="dynamic" start="20%" stop="30%" fsType="ext4"/>
<part id="raid1_d2" start="55%" stop="80%" fsType="ext4"/> <part id="raid1_d1" start="30%" stop="55%" fsType="ext4"/>
<part id="swap" start="80%" stop="100%" fsType="linux-swap(v1)"/> <part id="raid1_d2" start="55%" stop="80%" fsType="ext4"/>
</disk> <part id="swap" start="80%" stop="100%" fsType="linux-swap(v1)"/>
</disk>
</blockDevices>
<!-- "Special" devices are processed *in the order they are specified*. This is important if you wish to <!-- "Special" devices are processed *in the order they are specified*. This is important if you wish to
e.g. layer LUKS on top of LVM - you would specify <lvm> before <luks> and reference the e.g. layer LUKS on top of LVM - you would specify <lvm> before <luks> and reference the
<luksDev id="SOMETHING" ... > as <lvmLogical source="SOMETHING" ... />. --> <luksDev id="SOMETHING" ... > as <lvmLogical source="SOMETHING" ... />.
Of course, a limitation of this is you cannot e.g. first assemble a LUKS volume, then an LVM
group, and then another LUKS volume - so plan accordingly and/or perform this in a <post> script. -->
<luks> <luks>
<luksDev id="luks_secrets" name="secrets" source="secrets1"> <luksDev id="luks_secrets" name="secrets" source="secrets1">
<!-- You can assign multiple secrets (or "keys") to a LUKS volume. --> <!-- You can assign multiple secrets (or "keys") to a LUKS volume. -->
@ -93,22 +98,31 @@
</iface> </iface>
</network> </network>
<system timezone="EST5EDT" chrootPath="/mnt/aif" reboot="0"> <system timezone="EST5EDT" chrootPath="/mnt/aif" reboot="0">
<rootPassword>
<passwordPlain>1ns3cur3p4ssw0rd</passwordPlain>
</rootPassword>
<locales> <locales>
<locale name="LANG">en_US.UTF-8</locale> <locale name="LANG">en_US.UTF-8</locale>
</locales> </locales>
<!-- note: all password hashes below are "test"; don't waste your time trying to crack. :) --> <!-- Note: The password hashe below is "test"; don't waste your time trying to crack. :) -->
<users rootPass="$6$3YPpiS.l3SQC6ELe$NQ4qMvcDpv5j1cCM6AGNc5Hyg.rsvtzCt2VWlSbuZXCGg2GB21CMUN8TMGS35tdUezZ/n9y3UFGlmLRVWXvZR."> <users>
<user name="aifusr" <user name="aifusr"
home="/opt/aifusr" home="/opt/aifusr"
sudo="true" sudo="true"
password="$6$WtxZKOyaahvvWQRG$TUys60kQhF0ffBdnDSJVTA.PovwCOajjMz8HEHL2H0ZMi0bFpDTQvKA7BqzM3nA.ZMAUxNjpJP1dG/eA78Zgw0"
comment="A test user for AIF."> comment="A test user for AIF.">
<password>
<passwordHash hashType="(detect)">
$6$WtxZKOyaahvvWQRG$TUys60kQhF0ffBdnDSJVTA.PovwCOajjMz8HEHL2H0ZMi0bFpDTQvKA7BqzM3nA.ZMAUxNjpJP1dG/eA78Zgw0
</passwordHash>
</password>
<xGroup name="admins" create="true"/> <xGroup name="admins" create="true"/>
<xGroup name="wheel"/> <xGroup name="wheel"/>
<xGroup name="users"/> <xGroup name="users"/>
</user> </user>
</users> </users>
<service name="sshd" status="0"/> <services>
<service status="1">sshd</service>
</services>
</system> </system>
<pacman> <pacman>
<repos> <repos>
@ -130,17 +144,21 @@
<mirror>http://mirror.jmu.edu/pub/archlinux/$repo/os/$arch</mirror> <mirror>http://mirror.jmu.edu/pub/archlinux/$repo/os/$arch</mirror>
</mirrorList> </mirrorList>
<software> <software>
<package name="sed" repo="core"/> <package repo="core">sed</package>
<package name="python"/> <package>python</package>
<package name="perl"/> <package>perl</package>
<package name="openssh"/> <package>openssh</package>
</software> </software>
</pacman> </pacman>
<bootloader type="grub" target="/boot" efi="true"/> <bootloader type="grub" target="/boot" efi="true"/>
<scripts> <scripts>
<script uri="https://aif.square-r00t.net/sample-scripts/post/first.sh" order="1" execution="post"/> <pre>
<script uri="https://aif.square-r00t.net/sample-scripts/pre/second.pl" order="2" execution="pre"/> <script>https://aif.square-r00t.net/sample-scripts/pre/first.sh</script>
<script uri="https://aif.square-r00t.net/sample-scripts/pre/first.sh" order="1" execution="pre"/> <script>https://aif.square-r00t.net/sample-scripts/pre/second.pl</script>
<script uri="https://aif.square-r00t.net/sample-scripts/post/second.py" order="2" execution="post"/> </pre>
<post>
<script>https://aif.square-r00t.net/sample-scripts/post/first.sh</script>
<script>https://aif.square-r00t.net/sample-scripts/post/second.py</script>
</post>
</scripts> </scripts>
</aif> </aif>