From 5f7d854f76f964fdaea6a5f56960343b48c72310 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Javier=20B=C3=A9rtoli?= <javier@netmanagers.com.ar>
Date: Mon, 25 May 2020 11:40:05 -0300
Subject: [PATCH] feat(unit): allow to start/stop, enable/disable services

* allow to use lists on keys that can be repeated
* add tests to verify unit files contents
---
 kitchen.yml                                   |  4 +++
 pillar.example                                | 30 +++++++++++++++++++
 systemd/units/init.sls                        | 19 ++++++++++--
 systemd/units/unit.jinja                      | 17 +++++++++--
 .../integration/default/controls/unit_spec.rb | 21 +++++++++++++
 test/salt/states/rsync_test_package/init.sls  |  8 +++++
 6 files changed, 93 insertions(+), 6 deletions(-)
 create mode 100644 test/salt/states/rsync_test_package/init.sls

diff --git a/kitchen.yml b/kitchen.yml
index 8d5326b..ea37a81 100644
--- a/kitchen.yml
+++ b/kitchen.yml
@@ -158,6 +158,7 @@ suites:
             - systemd
             - systemd.networkd
             - systemd.networkd.profiles
+            - rsync_test_package
             - systemd.units
       pillars:
         top.sls:
@@ -166,6 +167,9 @@ suites:
               - systemd
       pillars_from_files:
         systemd.sls: pillar.example
+      dependencies:
+        - name: rsync_test_package
+          path: test/salt/states
     verifier:
       inspec_tests:
         - path: test/integration/default
diff --git a/pillar.example b/pillar.example
index f2c04ce..5c024fe 100644
--- a/pillar.example
+++ b/pillar.example
@@ -29,8 +29,19 @@ systemd:
         - 'alt_timesyncd.conf'
 
   ## units
+  # The valid units type are listed in
+  # https://github.com/saltstack-formulas/systemd-formula/blob/master/systemd/units/unittypes.yaml
   service:
     syncthing-someuser:
+      # these two parameters are passed to systemctl to manage the unit status
+      # (enabled / disabled) and (running / stopped) and are not passed to the
+      # service file contents.
+      # Default to
+      #   enabled: true
+      #   status: stop
+      # to be backward compatible
+      enabled: true
+      status: stop
       Unit:
         Description: Syncthing P2P sync service for someuser
         After: network.target
@@ -44,8 +55,27 @@ systemd:
       Install:
         WantedBy: multi-user.target
 
+    rsync:
+      status: start
+      Unit:
+        Description: fast remote file copy program daemon
+        Documentation: 'man:rsync(1) man:rsyncd.conf(5)'
+        ConditionPathExists:
+          - /etc/rsyncd.conf
+          - /etc/passwd
+        After: network.target
+      Service:
+        ExecStart: /usr/bin/rsync --daemon --no-detach
+      Install:
+        WantedBy: multi-user.target
+
   path:
     trigger-service-on-changes:
+      # this parameter is passed to systemctl to enable/disable the unit
+      # Defaults to
+      #   enabled: true
+      # to be backward compatible
+      # enabled: true
       Path:
         PathModified: /path/to/watch
         Unit: oneshot_service_to_trigger.service
diff --git a/systemd/units/init.sls b/systemd/units/init.sls
index ac07850..16e628a 100644
--- a/systemd/units/init.sls
+++ b/systemd/units/init.sls
@@ -6,9 +6,11 @@ include:
 {% for unittype, units in pillar.get('systemd', {}).items()  %}
   {% if unittype in unittypes.get('Valid') %}
     {% for unit, unitconfig in units.items() %}
+      {% set unit_status = 'disable' if unitconfig.enabled is defined and unitconfig.enabled == false else 'enable' %}
 
-/etc/systemd/system/{{ unit }}.{{ unittype }}:
+systemd_systemd_units_file_{{ unit }}_{{ unittype }}:
   file.managed:
+    - name: /etc/systemd/system/{{ unit }}.{{ unittype }}
     - template: jinja
     - source: salt://systemd/units/unit.jinja
     - context:
@@ -16,12 +18,23 @@ include:
     - watch_in:
       - cmd: reload_systemd_configuration
 
-enable_{{ unit }}_{{ unittype }}:
+systemd_systemd_units_cmd_enable_or_disable_{{ unit }}_{{ unittype }}:
   cmd.wait:
-    - name: systemctl enable {{ unit }}.{{ unittype }}
+    - name: systemctl {{ unit_status }} {{ unit }}.{{ unittype }}
     - watch:
       - cmd: reload_systemd_configuration
 
+      {% if unittype == 'service' %}
+        {% set activation_status = unitconfig.status if unitconfig.status is defined and unitconfig.status == 'start' else 'stop' %}
+systemd_systemd_units_activate_or_deactivate_{{ unit }}_{{ unittype }}:
+  cmd.wait:
+    - name: systemctl {{ activation_status }} {{ unit }}.{{ unittype }}
+    - require:
+      - cmd: systemd_systemd_units_cmd_enable_or_disable_{{ unit }}_{{ unittype }}
+      - cmd: reload_systemd_configuration
+    - watch:
+      - cmd: reload_systemd_configuration
+      {% endif %}
     {% endfor %}
   {% endif %}
 {% endfor %}
diff --git a/systemd/units/unit.jinja b/systemd/units/unit.jinja
index f588b14..de2e034 100644
--- a/systemd/units/unit.jinja
+++ b/systemd/units/unit.jinja
@@ -1,6 +1,17 @@
-{% for section, sectioncontent in config.items() -%}
+#
+# This file managed by Salt, do not edit
+#
+{% for section, sectioncontent in config.items() %}
+  {%- if section not in ['enabled', 'status'] %}
 [{{ section }}]
-{% for key, value in sectioncontent.items() -%}
+    {%- for key, value in sectioncontent.items() %}
+      {%- if value is list %}
+        {%- for v in value %}
+{{ key }}={{ v }}
+        {%- endfor %}
+      {%- else %}
 {{ key }}={{ value }}
-{% endfor %}
+      {%- endif %}
+    {%- endfor %}
+  {%- endif %}
 {% endfor -%}
diff --git a/test/integration/default/controls/unit_spec.rb b/test/integration/default/controls/unit_spec.rb
index 588687c..d7ffc5f 100644
--- a/test/integration/default/controls/unit_spec.rb
+++ b/test/integration/default/controls/unit_spec.rb
@@ -12,5 +12,26 @@
 
   describe service('syncthing-someuser.service') do
     it { should be_enabled }
+    it { should_not be_running }
+  end
+
+  describe file('/etc/systemd/system/rsync.service') do
+    its('type') { should eq :file }
+    its('mode') { should cmp '0644' }
+    its('owner') { should eq 'root' }
+    its('group') { should eq 'root' }
+    its('content') { should_not include '[status]' }
+    its('content') { should_not include '[enabled]' }
+    its('content') { should include 'Documentation=man:rsync(1) man:rsyncd.conf(5)' }
+    its('content') { should include 'ConditionPathExists=/etc/rsyncd.conf' }
+    its('content') { should include 'ConditionPathExists=/etc/passwd' }
+    its('content') { should include 'ExecStart=/usr/bin/rsync --daemon --no-detach' }
+    its('content') { should include '[Install]' }
+    its('content') { should include 'WantedBy=multi-user.target' }
+  end
+
+  describe service('rsync.service') do
+    it { should be_enabled }
+    it { should be_running }
   end
 end
diff --git a/test/salt/states/rsync_test_package/init.sls b/test/salt/states/rsync_test_package/init.sls
new file mode 100644
index 0000000..1a96eb8
--- /dev/null
+++ b/test/salt/states/rsync_test_package/init.sls
@@ -0,0 +1,8 @@
+rsync_test_package:
+  pkg.installed:
+    - name: rsync
+
+rsync_test_file:
+  file.managed:
+    - name: /etc/rsyncd.conf
+    - content: Managed by salt