An item of prerequisite data is identified by two strings, called
IDEN2; together these are the prerequisite data identifiers for an
item of prerequisite data. Typically
IDEN1 specifies the context in which
the data is relevant, and
IDEN2 identifies the data within its context.
IDEN2 is very often the filename in which the prerequisite data will
eventually be stored. It might also be a human-readable string describing the
purpose of the data. The following are the valid forms of
(HOSTNAME . PATH)means the data that should be uploaded to
HOSTNAME(and usually nowhere else, except in the case of, e.g., a public key).
PATHmust be absolute, not relative.
("--lisp-system" . SYSTEM)means the data is Lisp code which, when loaded, defines the packages and symbols contained in the ASDF system
("--user-passwd--HOSTNAME" . USER)means the data is the password for user
("--git-snapshot" . NAME)means the data is a snapshot of a git repo identified by
("--pgp-pubkey" . FINGERPRINT)means the/a OpenPGP public key with fingerprint FINGERPRINT, ASCII-armoured
("--pgp-seckey" . FINGERPRINT)means the/a OpenPGP secret key with fingerprint FINGERPRINT, ASCII-armoured
("--luks-passphrase" . VOLUME-LABEL)means a LUKS passphrase for volume with label
IDEN1beginning with exactly two hyphens is reserved for future use.
(_CONTEXT . ITEM)is an arbitrary prerequisite data context named
CONTEXTwill be a network or grouping name, rather than referring to a single host.
ITEMmight be a path or some other identifier. Reserved for consfigs; will not be used by property definitions included with Consfigurator, and should not be used by third party extensions.
(---CONTEXT . ITEM)is, similarly, an arbitrary prerequisite data context named
CONTEXT. This form is intended for contexts similar to the reserved names beginning with two hyphens: types of information rather than site-local network or grouping names. This form will not be used by property definitions included with Consfigurator, but may be used by both consfigs and third party extensions.
Any other forms are invalid. In particular, an
IDEN1 that is not a valid
hostname and does not begin with a hyphen or an underscore must not be used.
Properties declare that they need certain pieces of prerequisite data by
adding static informational attributes, and a deployment of those properties
will make an attempt to provide the data. Properties then either call the
GET-DATA-STREAM function or the
GET-DATA-STRING function, or depend on
DATA-UPLOADED property, to get access to the requested data.
A Lisp connection gathers all needed prerequisite data once at the beginning, and copies it to an on-disk cache inside the home directory of the remote UID which will run the Lisp image. A POSIX connection only attempts to obtain prerequisite data when a property’s check function indicates the property is not already applied.
Sources of prerequisite data
Sources of prerequisite data register two functions. The second returns either a string of the prerequisite data itself, or a path to a file containing the data. The first returns the latest version number of the data that source is able to provide – i.e., the version number of the data that the second function would return if called.
Consfigurator will call the first function to find out if it needs to call the
first rather than just using its caches. The first function should return nil
if it can’t obtain the prerequisite data on this host, perhaps because it
can’t decrypt the store. If a prerequisite data source wants to effectively
bypass caching and provide fresh data every time Consfigurator deploys the
host, it can use
GET-UNIVERSAL-TIME as its first function.
Versions are compared using
Nothing is done to prevent prerequisite data being swapped out, so ensure your swap is encrypted.
Certain connection types require storing unencrypted copies of prerequisite
~/.cache/consfigurator/data. Consfigurator only stores data
there when it has to, only the subset of the data that has to be uploaded for
the requested deployment to be successful, and never in the root Lisp.