Ovirt devel - Jan 2009 - [PATCH server] Add the installer files as a subpackage of the server package

---
 Makefile.am                                        |    3 +-
 installer/bin/ovirt-installer                      |  273 ++++++++++++++++++++
 installer/modules/ovirt/files/collectd.conf        |   23 ++
 installer/modules/ovirt/files/dns_entries.sh       |    2 +
 installer/modules/ovirt/files/modules.conf         |   96 +++++++
 installer/modules/ovirt/files/qpidd.conf           |    4 +
 installer/modules/ovirt/manifests/cobbler.pp       |  126 +++++++++
 installer/modules/ovirt/manifests/dhcp.pp          |   34 +++
 installer/modules/ovirt/manifests/dns.pp           |   99 +++++++
 installer/modules/ovirt/manifests/freeipa.pp       |  103 ++++++++
 installer/modules/ovirt/manifests/init.pp          |    9 +
 installer/modules/ovirt/manifests/ovirt.pp         |  154 +++++++++++
 installer/modules/ovirt/manifests/postgres.pp      |  114 ++++++++
 installer/modules/ovirt/manifests/tftp.pp          |   31 +++
 installer/modules/ovirt/templates/digest_line.erb  |    4 +
 .../modules/ovirt/templates/ovirt-dhcp.conf.erb    |    9 +
 .../modules/ovirt/templates/ovirt-dns.conf.erb     |    7 +
 .../modules/ovirt/templates/ovirt-tftp.conf.erb    |    3 +
 ovirt-server.spec.in                               |   23 ++-
 19 files changed, 1115 insertions(+), 2 deletions(-)
 create mode 100755 installer/bin/ovirt-installer
 create mode 100644 installer/modules/ovirt/files/collectd.conf
 create mode 100755 installer/modules/ovirt/files/dns_entries.sh
 create mode 100644 installer/modules/ovirt/files/modules.conf
 create mode 100644 installer/modules/ovirt/files/qpidd.conf
 create mode 100644 installer/modules/ovirt/manifests/cobbler.pp
 create mode 100644 installer/modules/ovirt/manifests/dhcp.pp
 create mode 100644 installer/modules/ovirt/manifests/dns.pp
 create mode 100644 installer/modules/ovirt/manifests/freeipa.pp
 create mode 100644 installer/modules/ovirt/manifests/init.pp
 create mode 100644 installer/modules/ovirt/manifests/ovirt.pp
 create mode 100644 installer/modules/ovirt/manifests/postgres.pp
 create mode 100644 installer/modules/ovirt/manifests/tftp.pp
 create mode 100644 installer/modules/ovirt/templates/digest_line.erb
 create mode 100644 installer/modules/ovirt/templates/ovirt-dhcp.conf.erb
 create mode 100644 installer/modules/ovirt/templates/ovirt-dns.conf.erb
 create mode 100644 installer/modules/ovirt/templates/ovirt-tftp.conf.erb

diff --git a/Makefile.am b/Makefile.am
index e11e636..f115c8f 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -23,7 +23,8 @@ EXTRA_DIST =			\
   ovirt-server.spec.in	\
   scripts				\
   conf					\
-  src
+  src					\
+  installer
 
 DISTCLEANFILES = $(PACKAGE)-$(VERSION).tar.gz
 
diff --git a/installer/bin/ovirt-installer b/installer/bin/ovirt-installer
new file mode 100755
index 0000000..84604ef
--- /dev/null
+++ b/installer/bin/ovirt-installer
@@ -0,0 +1,273 @@
+#!/usr/bin/ruby
+#-- 
+##  Copyright (C) 2008 Red Hat Inc.
+##  
+##  This library is free software; you can redistribute it and/or
+##  modify it under the terms of the GNU Lesser General Public
+##  License as published by the Free Software Foundation; either
+##  version 2.1 of the License, or (at your option) any later version.
+##  
+##  This library is distributed in the hope that it will be useful,
+##  but WITHOUT ANY WARRANTY; without even the implied warranty of
+##  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+##  Lesser General Public License for more details.
+##  
+##  You should have received a copy of the GNU Lesser General Public
+##  License along with this library; if not, write to the Free Software
+##  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA
+##
+## Author: Joey Boggs <jboggs at redhat.com>
+##--
+## oVirt Installation Script
+
+require 'socket'
+require 'fileutils'
+
+if File.exist?("/usr/sbin/sestatus")
+sestatus = `/usr/sbin/sestatus`
+if sestatus !~ /(Current mode:                   permissive|Current mode:      
disabled|SELinux status:                 disabled|SELinux status:               
permissive)/
+puts "SELinux enabled, please disable or set in permissive mode
permanently by editing"
+puts "/etc/selinux/config and rebooting"
+exit
+end
+end
+
+FileUtils.mkdir_p("/usr/share/ace/appliances/ovirt")
+config_file = File.new("/usr/share/ace/appliances/ovirt/ovirt.pp",
"w")
+config_file.write "import 'ovirt'\n"
+config_file.write "import 'firewall'\n\n"
+config_file.write "firewall::setup{'setup': status =>
'disabled'}\n\n"
+
+mgmt_dev = ""
+prov_dev = ""
+
+dev_ct = 0
+net_devs = `hal-find-by-capability --capability net`
+net_devs.each_line{ |dev|
+dev_ct = dev_ct + 1
+}
+
+if dev_ct == 0
+puts "Unable to install without a network interface"
+exit
+
+else
+puts ""
+get_net_devs = `hal-find-by-capability --capability net`
+puts "Below are the detected networking devices\n\n"
+puts "mac address           interface        ip address"
+net_devs.each_line{ |dev|
+dev = dev.chomp
+interface = `hal-get-property --udi #{dev} --key net.interface`
+mac = `hal-get-property --udi #{dev} --key net.address`
+ip = `ifconfig #{interface}`
+ipaddr = ip.scan(/\s*inet addr:([\d.]+)/)
+puts mac.chop + "   :   " + interface.chop   +  "    :    "
+ ipaddr.to_s if interface.chop != "lo"
+}
+end
+
+if dev_ct > 1
+puts "\nDo you want separate management and provisioning networks?
(y/n)"
+sep_networks = gets.chomp
+while sep_networks != "y" and sep_networks != "n"
+puts "Invalid choice"
+puts "Do you want separate management and provisioning networks?
(y/n)"
+sep_networks = gets.chomp
+end
+
+if sep_networks == "y"
+while mgmt_dev == ""
+puts "Input your management interface (example: eth0)"
+mgmt_dev = gets.chomp
+end
+
+while prov_dev == ""
+puts "Input your provisioning interface, this may also be your management
interface (example: eth1)"
+prov_dev = gets.chomp
+end
+
+elsif sep_networks == "n"
+while mgmt_dev == ""
+puts "Input your management/provisioning interface (example: eth1)"
+mgmt_dev = gets.chomp
+prov_dev = mgmt_dev
+end
+end
+
+elsif dev_ct == 1
+while mgmt_dev == ""
+puts "\nOnly one networking device detected"
+puts "Input your management/provisioning interface (example: eth1)"
+mgmt_dev = gets.chomp
+prov_dev = mgmt_dev
+puts "Need Management interface"
+end
+end
+
+puts "Enter the hostname of the oVirt management server (example:
management.example.com)"
+ovirt_host = gets.chomp
+ipa_host = ovirt_host
+
+puts "\nUse this system's dns servers (y/n)"
+File.open('/etc/resolv.conf').each_line{ |line|
+  line = line.chomp
+puts line if line =~ /nameserver/ and line !~ /nameserver 127.0.0.1/
+}
+dns_servers = gets.chomp
+
+while dns_servers != "y" and dns_servers != "n"
+puts "Invalid choice"
+dns_servers = gets.chomp
+end
+
+mgmt_ip = `ifconfig #{mgmt_dev}`
+mgmt_ipaddr= mgmt_ip.scan(/\s*inet addr:([\d.]+)/)
+prov_ip = `ifconfig #{prov_dev}`
+prov_ipaddr= prov_ip.scan(/\s*inet addr:([\d.]+)/)
+
+config_file.write "# dns configuration\n"
+config_file.write "$mgmt_ipaddr = '#{mgmt_ipaddr}'\n"
+config_file.write "$prov_ipaddr = '#{prov_ipaddr}'\n"
+config_file.write "$ovirt_host = '#{ovirt_host}'\n"
+config_file.write "$ipa_host = '#{ipa_host}'\n\n"
+
+if dns_servers == "n"
+config_file.write "dns::bundled{setup: mgmt_ipaddr=> $mgmt_ipaddr,
prov_ipaddr=> $prov_ipaddr, mgmt_dev => '#{mgmt_dev}', prov_dev
=> '#{prov_dev}'}\n\n"
+end
+
+if dns_servers == "y"
+config_file.write "dns::remote{setup: mgmt_ipaddr=> $mgmt_ipaddr,
prov_ipaddr=> $prov_ipaddr, mgmt_dev => '#{mgmt_dev}', prov_dev
=> '#{prov_dev}'}\n\n"
+host_lookup = Socket.getaddrinfo(ipa_host,nil)
+hostip = host_lookup[1][3]
+if hostip.to_s != mgmt_ipaddr.to_s
+puts "Reverse dns lookup for #{ipa_host} failed, exiting"
+exit
+end
+end
+
+puts "Does you provisioning network already have dhcp? (y/n)"
+dhcp_setup = gets.chomp
+while dhcp_setup != "y" and dhcp_setup != "n"
+puts "Invalid choice"
+dhcp_setup = gets.chomp
+end
+
+if dhcp_setup == "n"
+
+puts "DHCP Configuration\n"
+config_file.write "# dhcp configuration\n"
+dhcp_interface = prov_dev
+config_file.write "$dhcp_interface = '#{dhcp_interface}'\n"
+
+puts "Enter the first 3 octets of the dhcp network you wish to use
(example: 192.168.50)"
+dhcp_network = gets.chomp
+config_file.write "$dhcp_network = '#{dhcp_network}'\n"
+
+puts "Enter the dhcp pool start address (example: 3)"
+dhcp_start = gets.chomp
+config_file.write "$dhcp_start = '#{dhcp_start}'\n"
+
+puts "Enter the dhcp pool end addess (example: 100)"
+dhcp_stop = gets.chomp
+config_file.write "$dhcp_stop = '#{dhcp_stop}'\n"
+
+puts "Enter the dhcp domain you wish to use (example: example.com)"
+dhcp_domain = gets.chomp
+config_file.write "$dhcp_domain = '#{dhcp_domain}'\n"
+
+config_file.write "$ntp_server = '#{mgmt_ipaddr}'\n\n"
+
+puts "Provide pxe/tftp capability? (y/n)"
+tftp_setup = gets.chomp
+
+if sep_networks == "y"
+prov_ip = `ifconfig #{prov_dev}`
+prov_dns_server = prov_ip.scan(/\s*inet addr:([\d.]+)/)
+config_file.write "$prov_dns_server = '#{prov_dns_server}'\n"
+
+puts "Enter the network gateway for your provisioning network (example:
192.168.50.254)"
+prov_network_gateway = gets.chomp
+config_file.write "$prov_network_gateway =
'#{prov_network_gateway}'\n"
+end
+end
+
+# Cobbler Configuration
+puts "Do you have a cobbler already that you wish to use? (y/n)"
+cobbler_setup = gets.chomp
+
+while cobbler_setup != "y" and cobbler_setup != "n"
+puts "Invalid choice"
+cobbler_setup = gets.chomp
+end
+
+cobbler_config = "n"
+
+if cobbler_setup == "y"
+puts "Enter the hostname of your cobbler server"
+cobbler_hostname = gets.chomp
+puts "Enter your cobbler username"
+cobbler_user_name= gets.chomp
+puts "Enter your cobbler user password"
+cobbler_user_password = gets.chomp
+
+elsif cobbler_setup == "n"
+cobbler_hostname = "localhost"
+puts "We will setup a cobbler instance, please provide the following
information"
+puts "Enter your cobbler username"
+cobbler_user_name= gets.chomp
+puts "Enter your cobbler user password"
+cobbler_user_password = gets.chomp
+end
+
+config_file.write "# cobbler configuration\n"
+config_file.write "$cobbler_hostname =
'#{cobbler_hostname}'\n"
+config_file.write "$cobbler_user_name =
'#{cobbler_user_name}'\n"
+config_file.write "$cobbler_user_password =
'#{cobbler_user_password}'\n\n"
+
+
+# Postgres Configuration
+puts "Enter a password for the ovirt postgres account"
+db_username = "ovirt"
+db_password = gets.chomp
+config_file.write "# postgres configuration\n"
+config_file.write "$db_username = '#{db_username}'\n"
+config_file.write "$db_password = '#{db_password}'\n\n"
+
+# FreeIPA Configuration
+config_file.write "# FreeIPA configuration\n"
+puts "Enter your realm name (example: example.com)"
+realm_name = gets.chomp
+config_file.write "$realm_name = '#{realm_name}'\n"
+puts "\nEnter an administrator password for FreeIPA "
+puts "*** This will also be you ovirtadmin password for the web management
login ***\n\n"
+freeipa_password = gets.chomp
+config_file.write "$freeipa_password =
'#{freeipa_password}'\n"
+ldap_dn = "cn=ipaConfig,cn=etc,"
+ldap_dn_temp = realm_name.split(".")
+ldap_dn_temp.each do |i|
+ldap_dn += "dc=#{i},"
+end
+ldap_dn = ldap_dn.chop
+config_file.write "$ldap_dn = '#{ldap_dn}'\n\n"
+
+
+if cobbler_setup == "y"
+config_file.write "include cobbler::remote\n"
+elsif cobbler_setup == "n"
+config_file.write "include cobbler::bundled\n"
+end
+
+if dhcp_setup == "n"
+config_file.write "include dhcp::bundled\n"
+end
+
+if tftp_setup == "y"
+config_file.write "include tftp::bundled\n"
+end
+
+config_file.write "include postgres::bundled\n"
+config_file.write "include freeipa::bundled\n"
+config_file.write "include ovirt::setup\n"
+config_file.close
+
+puts "\n\nTo start the installation run:    ace install ovirt"
diff --git a/installer/modules/ovirt/files/collectd.conf
b/installer/modules/ovirt/files/collectd.conf
new file mode 100644
index 0000000..0b327de
--- /dev/null
+++ b/installer/modules/ovirt/files/collectd.conf
@@ -0,0 +1,23 @@
+LoadPlugin network
+LoadPlugin logfile
+LoadPlugin rrdtool
+LoadPlugin unixsock
+
+<Plugin logfile>
+        LogLevel info
+        File STDOUT
+</Plugin>
+
+<Plugin network>
+        Listen "0.0.0.0"
+</Plugin>
+
+<Plugin rrdtool>
+        DataDir "/var/lib/collectd/rrd"
+        CacheTimeout 120
+        CacheFlush   900
+</Plugin>
+
+<Plugin unixsock>
+        SocketFile "/var/lib/collectd/unixsock"
+</Plugin>
diff --git a/installer/modules/ovirt/files/dns_entries.sh
b/installer/modules/ovirt/files/dns_entries.sh
new file mode 100755
index 0000000..65662d5
--- /dev/null
+++ b/installer/modules/ovirt/files/dns_entries.sh
@@ -0,0 +1,2 @@
+#!/bin/bash
+for i in `seq $1 $2` ; do echo $3.$i node$i.$4 >> /etc/hosts; done
diff --git a/installer/modules/ovirt/files/modules.conf
b/installer/modules/ovirt/files/modules.conf
new file mode 100644
index 0000000..236ef4c
--- /dev/null
+++ b/installer/modules/ovirt/files/modules.conf
@@ -0,0 +1,96 @@
+# specifies what cobbler modules to load.
+
+# what file/data formats to use for metadata
+#
+# choices:
+#    serializer_catalog (fast, uses .d directories in /var/lib/cobbler/config)
+#    serializer_yaml (original serializer, uses a few text files)
+#
+# for 99% or more of all installations, use serializer_catalog.
+#
+# NOTE:  serializer changes may remove your ability to access old data.
+# serializer_yaml users can change to serializer_catalog w/o manual
+# migration steps.  Other changes are for new installs only.
+
+[serializers]
+settings = serializer_catalog
+distro = serializer_catalog
+profile = serializer_catalog
+system = serializer_catalog
+repo = serializer_catalog
+image = serializer_catalog
+
+# policy: what users can log into the WebUI and Read-Write XMLRPC?
+#
+# choices:
+#    authn_denyall    -- no one (default)
+#    authn_configfile -- use /etc/cobbler/users.digest (for basic setups)
+#    authn_passthru   -- ask Apache to handle it (used for kerberos)
+#    authn_ldap       -- authenticate against LDAP
+#    authn_spacewalk  -- ask Spacewalk/Satellite (experimental)
+#    authn_testing    -- username/password is always testing/testing (debug)
+#    (user supplied)  -- you may write your own module
+#
+# WARNING: this is a security setting, do not choose an option blindly.
+#
+# for more information:
+# https://fedorahosted.org/cobbler/wiki/CobblerWebInterface
+# https://fedorahosted.org/cobbler/wiki/CustomizableSecurity
+# https://fedorahosted.org/cobbler/wiki/CobblerWithKerberos
+# https://fedorahosted.org/cobbler/wiki/CobblerWithLdap
+
+[authentication]
+module = authn_configfile
+
+# policy: once a user has been cleared by the WebUI/XMLRPC, what can they do?
+#
+# choices:
+#    authz_allowall   -- full access for all authneticated users (default)
+#    authz_configfile -- determined by /etc/cobbler/users.conf
+#    authz_ownership  -- use users.conf, but add object ownership semantics
+#    (user supplied)  -- you may write your own module
+#
+# WARNING: this is a security setting, do not choose an option blindly.
+#
+# for more information:
+# https://fedorahosted.org/cobbler/wiki/CobblerWebInterface
+# https://fedorahosted.org/cobbler/wiki/CustomizableSecurity
+# https://fedorahosted.org/cobbler/wiki/CustomizableAuthorization
+# https://fedorahosted.org/cobbler/wiki/AuthorizationWithOwnership
+
+[authorization]
+module = authz_allowall
+
+# chooses the DNS management engine if manage_dns is enabled
+# in /etc/cobbler/settings, which is off by default.
+#
+# choices:
+#    manage_bind    -- default, uses BIND/named
+#    manage_dnsmasq -- uses dnsmasq, also must select dnsmasq for dhcp below
+#
+# NOTE: more configuration is still required in /etc/cobbler
+#
+# for more information:
+# https://fedorahosted.org/cobbler/wiki/ManageDns
+
+[dns]
+module = manage_bind
+
+# chooses the DHCP management engine if manage_dhcp is enabled
+# in /etc/cobbler/settings, which is off by default.
+#
+# choices:
+#    manage_isc     -- default, uses ISC dhcpd
+#    manage_dnsmasq -- uses dnsmasq, also must select dnsmasq for dns above
+#
+# NOTE: more configuration is still required in /etc/cobbler
+#
+# for more information:
+# https://fedorahosted.org/cobbler/wiki/ManageDhcp
+
+[dhcp]
+module = manage_isc
+
+
+
+
diff --git a/installer/modules/ovirt/files/qpidd.conf
b/installer/modules/ovirt/files/qpidd.conf
new file mode 100644
index 0000000..014b23c
--- /dev/null
+++ b/installer/modules/ovirt/files/qpidd.conf
@@ -0,0 +1,4 @@
+# Configuration file for qpidd. Entries are of the form:
+#  name = value
+# Using default settings: "qpidd --help" or "man qpidd" for
more details.
+auth=no
diff --git a/installer/modules/ovirt/manifests/cobbler.pp
b/installer/modules/ovirt/manifests/cobbler.pp
new file mode 100644
index 0000000..e509502
--- /dev/null
+++ b/installer/modules/ovirt/manifests/cobbler.pp
@@ -0,0 +1,126 @@
+#-- 
+#  Copyright (C) 2008 Red Hat Inc.
+#  
+#  This library is free software; you can redistribute it and/or
+#  modify it under the terms of the GNU Lesser General Public
+#  License as published by the Free Software Foundation; either
+#  version 2.1 of the License, or (at your option) any later version.
+#  
+#  This library is distributed in the hope that it will be useful,
+#  but WITHOUT ANY WARRANTY; without even the implied warranty of
+#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+#  Lesser General Public License for more details.
+#  
+#  You should have received a copy of the GNU Lesser General Public
+#  License along with this library; if not, write to the Free Software
+#  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA
+#
+# Author: Joey Boggs <jboggs at redhat.com>
+#--
+
+import "appliance_base"
+#import "firewall"
+
+
+define apache_htdigest($digest_file, $digest_username, $digest_password,
$digest_realm="")
+{
+       
file_append{"add_htdigest_for_$digest_username_in_$digest_realm":
+                                file    => $digest_file,
+                                line    =>
template("ovirt/digest_line.erb")
+        }
+
+}
+
+
+define
cobbler_user_config($cobbler_user_name="",$cobbler_user_password="",$cobbler_hostname="")
{
+
+	file_replacement{"cobbler_user_name_config":
+	        file => "/usr/share/ovirt-server/config/cobbler.yml",
+	        pattern => "^username.*$",
+	        replacement => "username: $cobbler_user_name",
+		require => Package[ovirt-server]
+        }
+
+	file_replacement{"cobbler_user_password_config":
+		file => "/usr/share/ovirt-server/config/cobbler.yml",
+		pattern => "^password.*$",
+	        replacement => "password: $cobbler_user_password",
+		require => File_replacement[cobbler_user_name_config]
+        }
+        file_replacement{"cobbler_hostname_config":
+                file =>
"/usr/share/ovirt-server/config/cobbler.yml",
+                pattern => "^hostname.*$",
+                replacement => "hostname: $cobbler_hostname",
+		require => File_replacement[cobbler_user_name_config]
+        }
+
+}
+
+class cobbler::bundled {
+	package {"cobbler":
+		ensure => installed
+	}
+	
+	apache_htdigest{"cobbler_add_user":
+	        digest_file => "/etc/cobbler/users.digest",
+	        digest_username => "$cobbler_user_name",
+	        digest_password => "$cobbler_user_password",
+	        digest_realm => "Cobbler",
+		require => Package[cobbler]
+	}
+        
+        cobbler_user_config {"cobbler_bundled_user":
+                cobbler_user_name=> "$cobbler_user_name",
+                cobbler_user_password => "$cobbler_user_password",
+                cobbler_hostname => "localhost",
+		require => Package[cobbler]
+        }
+
+	file_replacement{"settings_ip_address":
+		file => "/etc/cobbler/settings",
+		pattern	=> "127.0.0.1",
+		replacement => $ipaddress,
+		notify => Service[cobblerd],
+		require => Package[cobbler]
+	}
+     
+	file_replacement{"settings_xml_rpc":
+		file => "/etc/cobbler/settings",
+		pattern	=> "xmlrpc_rw_enabled: 0",
+		replacement => "xmlrpc_rw_enabled: 1",
+		require => File_replacement[settings_ip_address],
+		notify=> Service[cobblerd]
+        }
+
+	service {"cobblerd" :
+		ensure => running,
+		enable => true,
+		require => File_replacement[settings_ip_address]
+	}
+
+    file {"/etc/cobbler/modules.conf":
+        source => "puppet:///ovirt/modules.conf",
+        notify	 	=> Service[cobblerd],
+        require => Package["cobbler"]
+    }        
+
+#       firewall_rule{"69": destination_port => "69"}
+#	firewall_rule{"25150": destination_port => "25150"}
+#	firewall_rule{"25151": destination_port => "25151"}
+
+}
+
+class cobbler::remote {
+
+#    On the remote cobbler server run the following command:
+#    htdigest /etc/cobbler/users.digest "Cobbler" $user_name 
+#    Ensure the password is set to $cobbler_user_password
+        
+
+        cobbler_user_config {"cobbler_remote_user":
+                cobbler_user_name => "$cobbler_user_name",
+                cobbler_user_password => "$cobbler_user_password",
+                cobbler_hostname => "$cobbler_hostname"
+        }
+}
+
diff --git a/installer/modules/ovirt/manifests/dhcp.pp
b/installer/modules/ovirt/manifests/dhcp.pp
new file mode 100644
index 0000000..c5c8f9a
--- /dev/null
+++ b/installer/modules/ovirt/manifests/dhcp.pp
@@ -0,0 +1,34 @@
+#--
+#  Copyright (C) 2008 Red Hat Inc.
+#
+#  This library is free software; you can redistribute it and/or
+#  modify it under the terms of the GNU Lesser General Public
+#  License as published by the Free Software Foundation; either
+#  version 2.1 of the License, or (at your option) any later version.
+#
+#  This library is distributed in the hope that it will be useful,
+#  but WITHOUT ANY WARRANTY; without even the implied warranty of
+#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+#  Lesser General Public License for more details.
+#
+#  You should have received a copy of the GNU Lesser General Public
+#  License along with this library; if not, write to the Free Software
+#  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA
+#
+# Author: Joey Boggs <jboggs at redhat.com>
+#--
+
+class dhcp::bundled {
+
+        file {"/etc/dnsmasq.d/ovirt-dhcp.conf":
+                content => template("ovirt/ovirt-dhcp.conf.erb"),
+                mode => 644,
+		notify => Service[dnsmasq],
+		require => Package[dnsmasq]
+        }
+
+	single_exec {"dns_entries":
+                command =>
"/usr/share/ace/modules/ovirt/files/dns_entries.sh $dhcp_start $dhcp_stop
$dhcp_network $dhcp_domain",
+	}
+
+}
diff --git a/installer/modules/ovirt/manifests/dns.pp
b/installer/modules/ovirt/manifests/dns.pp
new file mode 100644
index 0000000..c16abfd
--- /dev/null
+++ b/installer/modules/ovirt/manifests/dns.pp
@@ -0,0 +1,99 @@
+#--
+#  Copyright (C) 2008 Red Hat Inc.
+#
+#  This library is free software; you can redistribute it and/or
+#  modify it under the terms of the GNU Lesser General Public
+#  License as published by the Free Software Foundation; either
+#  version 2.1 of the License, or (at your option) any later version.
+#
+#  This library is distributed in the hope that it will be useful,
+#  but WITHOUT ANY WARRANTY; without even the implied warranty of
+#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+#  Lesser General Public License for more details.
+#
+#  You should have received a copy of the GNU Lesser General Public
+#  License along with this library; if not, write to the Free Software
+#  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA
+#
+# Author: Joey Boggs <jboggs at redhat.com>
+#--
+
+# common featues
+define dns::common($mgmt_ipaddr="",
$prov_ipaddr="",$mgmt_dev="",$prov_dev="") {
+
+    package {"dnsmasq":
+        ensure => installed,
+        require => [Single_exec["add_dns_server_to_resolv.conf"]]
+    }
+
+    service {"dnsmasq" :
+            ensure => running,
+            enable => true,
+            require => [File["/etc/dnsmasq.d/ovirt-dns.conf"],
Package["dnsmasq"]]
+    }
+
+    file {"/etc/dnsmasq.d/ovirt-dns.conf":
+            content => template("ovirt/ovirt-dns.conf.erb"),
+            mode => 644,
+            notify => Service[dnsmasq],
+            require => Package["dnsmasq"]            
+    }
+
+    single_exec {"add_dns_server_to_resolv.conf":
+        command => "/bin/sed -e '1i nameserver $prov_ipaddr' -i
/etc/resolv.conf",
+        require => [Single_exec["set_hostname"]]
+    }
+
+
+    file_replacement {"dnsmasq_configdir":
+        file => "/etc/dnsmasq.conf",
+        pattern => "^#conf-dir=*$",
+        replacement => "conf-dir=/etc/dnsmasq.d",
+        notify => Service[dnsmasq],
+        require => Package["dnsmasq"]
+    }
+    
+    file {"/etc/dhclient.conf":
+        ensure => present
+    }
+
+    file_append {"dhclient_config":
+        file => "/etc/dhclient.conf",
+        line => "prepend domain-name-servers $prov_ipaddr",
+        require => [Single_exec["set_hostname"],
Package["dnsmasq"], File["/etc/dhclient.conf"]]  ,
+        notify => Service[dnsmasq],   
+    }
+
+}
+
+define dns::bundled($mgmt_ipaddr="",
$prov_ipaddr="",$mgmt_dev="",$prov_dev="") {
+
+    dns::common{"setup": mgmt_ipaddr=>$mgmt_ipaddr,
prov_ipaddr=>$prov_ipaddr, mgmt_dev=>$mgmt_dev, prov_dev=>$prov_dev}
+    
+	single_exec {"add_mgmt_server_to_etc_hosts":
+		command => "/bin/echo $mgmt_ipaddr $ipa_host >>
/etc/hosts",
+		notify => [Service[dnsmasq],
Single_exec["add_dns_server_to_resolv.conf"]]
+	}
+}
+
+define dns::remote($mgmt_ipaddr="",
$prov_ipaddr="",$mgmt_dev="",$prov_dev="") {
+
+#    On the pxe server you will need to ensure that the
+#    next server option points to the ip address of the tftp server
+
+# The following SRV records must be present in the dns server for everything
+# to function properly. Replace example.com with the appropriate domain
+
+#	_ovirt._tcp.example.com.    SRV 0 5 80 ovirtwuiserver.example.com.
+#	_ipa._tcp.example.com.      SRV 0 5 80 ipaserver.example.com.
+#	_ldap._tcp.example.com.     SRV 0 5 389 ldapserver.example.com.
+#	_collectd._tcp.example.com. SRV 0 5 25826 ovirtwuiserver.example.com.
+#	_qpidd._tcp.example.com.    SRV 0 5 5672 ovirtwuiserver.example.com.
+#	_identify._tcp.example.com. SRV 0 5 12120 ovirtwuiserver.example.com.
+
+# Also A records must be present for each oVirt node. Without this they are
unable
+# to determine their hostname and locate the management server.
+
+    dns::common{"setup": mgmt_ipaddr=>$mgmt_ipaddr,
prov_ipaddr=>$prov_ipaddr, mgmt_dev=>$mgmt_dev, prov_dev=>$prov_dev}
+    
+}
diff --git a/installer/modules/ovirt/manifests/freeipa.pp
b/installer/modules/ovirt/manifests/freeipa.pp
new file mode 100644
index 0000000..1f292bf
--- /dev/null
+++ b/installer/modules/ovirt/manifests/freeipa.pp
@@ -0,0 +1,103 @@
+#--
+#  Copyright (C) 2008 Red Hat Inc.
+#
+#  This library is free software; you can redistribute it and/or
+#  modify it under the terms of the GNU Lesser General Public
+#  License as published by the Free Software Foundation; either
+#  version 2.1 of the License, or (at your option) any later version.
+#
+#  This library is distributed in the hope that it will be useful,
+#  but WITHOUT ANY WARRANTY; without even the implied warranty of
+#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+#  Lesser General Public License for more details.
+#
+#  You should have received a copy of the GNU Lesser General Public
+#  License along with this library; if not, write to the Free Software
+#  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA
+#
+# Author: Joey Boggs <jboggs at redhat.com>
+#--
+
+class freeipa::bundled{
+
+	package {"ipa-server":
+                ensure => installed,
+		require => [Exec[db_exists_file],Single_exec["set_hostname"]]
+        }
+
+	single_exec {"set_hostname":
+		command => "/bin/hostname $ipa_host",
+	}
+
+        exec {"set_kdc_defaults":
+                command => "/bin/sed -i '/\[kdcdefaults\]/a \
kdc_ports = 88' /usr/share/ipa/kdc.conf.template",
+                require => Package[ipa-server]
+        }
+
+        exec {"replace_line_returns":
+                command => "/bin/sed -i -e 's/^/#/'
/etc/httpd/conf.d/ipa-rewrite.conf",
+                require => Single_Exec[ipa_server_install]
+        }
+
+        file_replacement{"ipa_proxy_config_1":
+               file => "/etc/httpd/conf.d/ipa.conf",
+               pattern => "^<Proxy \*>",
+               replacement => "<ProxyMatch ^.*/ipa/ui.*$>",
+               require => Exec[replace_line_returns]
+        }
+
+        file_replacement{"ipa_proxy_config_2":
+               file => "/etc/httpd/conf.d/ipa.conf",
+               pattern => "^</Proxy>",
+               replacement => "</ProxyMatch>",
+               require => File_replacement[ipa_proxy_config_1],
+               notify => Service[httpd]
+        }
+
+	single_exec {"dnsmasq_restart":
+		command => "/etc/init.d/dnsmasq restart",
+        require => Service["dnsmasq"]
+	}
+
+        single_exec {"ipa_server_install":
+                command => "/usr/sbin/ipa-server-install -r $realm_name
-p $freeipa_password -P $freeipa_password -a $freeipa_password --hostname
$ipa_host -u dirsrv -U",
+                require =>
[Exec[set_kdc_defaults],Single_exec[dnsmasq_restart]]
+        }
+
+        exec {"get_krb5_tkt":
+                command => "/bin/echo
$freeipa_password|/usr/kerberos/bin/kinit admin",
+                require => Single_Exec[ipa_server_install]
+        }
+
+        single_exec {"ipa_modify_username_length":
+		command => "/usr/sbin/ipa-defaultoptions --maxusername=12",
+		require => Exec["get_krb5_tkt"]
+        }
+
+        single_exec {"ipa_add_ovirtadmin_user":
+                command => "/usr/sbin/ipa-adduser -f Ovirt -l Admin -p
$freeipa_password ovirtadmin",
+                require => Single_exec[ipa_modify_username_length]
+        }
+
+        single_exec {"ipa_ovirtadmin_group":
+                command => "/usr/sbin/ipa-modgroup -a ovirtadmin
admins",
+                require => Single_exec[ipa_add_ovirtadmin_user]
+        }
+
+        single_exec {"set_pw_expiration":
+                command => "/usr/sbin/ipa-moduser --setattr
krbPasswordExpiration=19700101000000Z ovirtadmin",
+                require => Single_exec[ipa_ovirtadmin_group]
+        }
+
+#	firewall_rule{"krb5": destination_port => "88"}
+#	firewall_rule {"ldap": destination_port => '389'}
+
+}
+
+class freeipa::remote {
+
+# oVirt is not configured at this time to support a remote freeipa server
+
+}
+		
+
diff --git a/installer/modules/ovirt/manifests/init.pp
b/installer/modules/ovirt/manifests/init.pp
new file mode 100644
index 0000000..87f6832
--- /dev/null
+++ b/installer/modules/ovirt/manifests/init.pp
@@ -0,0 +1,9 @@
+import "ovirt/cobbler.pp"
+import "ovirt/dns.pp"
+import "ovirt/dhcp.pp"
+import "ovirt/tftp.pp"
+import "ovirt/freeipa.pp"
+import "ovirt/ovirt.pp"
+import "ovirt/postgres.pp"
+import "appliance_base/single_exec.pp"
+
diff --git a/installer/modules/ovirt/manifests/ovirt.pp
b/installer/modules/ovirt/manifests/ovirt.pp
new file mode 100644
index 0000000..809db8e
--- /dev/null
+++ b/installer/modules/ovirt/manifests/ovirt.pp
@@ -0,0 +1,154 @@
+#--
+#  Copyright (C) 2008 Red Hat Inc.
+#
+#  This library is free software; you can redistribute it and/or
+#  modify it under the terms of the GNU Lesser General Public
+#  License as published by the Free Software Foundation; either
+#  version 2.1 of the License, or (at your option) any later version.
+#
+#  This library is distributed in the hope that it will be useful,
+#  but WITHOUT ANY WARRANTY; without even the implied warranty of
+#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+#  Lesser General Public License for more details.
+#
+#  You should have received a copy of the GNU Lesser General Public
+#  License along with this library; if not, write to the Free Software
+#  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA
+#
+# Author: Joey Boggs <jboggs at redhat.com>
+#--
+
+class ovirt::setup {
+
+        package {"ovirt-server":
+		ensure => installed,
+		require => Single_exec[set_pw_expiration]
+	}
+
+	package {"httpd":
+	        ensure => installed;
+	}
+	
+	package {"rubygem-rake":
+		ensure => installed;
+	}
+
+	package {"qpidd":
+	        ensure => installed;
+	}
+
+	package {"collectd":
+		ensure => installed;
+	}
+    
+	package {"collectd-rrdtool":
+		ensure => installed;
+	}    
+
+	package {"libvirt":
+	        ensure => installed;
+	}	
+    
+	package {"ruby-qpid":
+	        ensure => installed;
+	}	    
+
+	package {"ntp":
+	        ensure => installed;
+	}
+
+	file {"/etc/collectd.conf":
+		source => "puppet:///ovirt/collectd.conf",
+		notify => Service[collectd],
+        require => Package["collectd-rrdtool"]
+	}
+
+	file {"/etc/qpidd.conf":
+		source => "puppet:///ovirt/qpidd.conf",
+		notify => Service[qpidd]
+	}
+
+	single_exec { "db_migrate" :
+		cwd => "/usr/share/ovirt-server/",
+		command => "/usr/bin/rake db:migrate",
+		require =>
[File["/usr/share/ovirt-server/log"],Package[ovirt-server],Package[rubygem-rake],Postgres_execute_command["ovirt_db_grant_permissions"]],
+        environment => "RAILS_ENV=production"
+	}
+
+	file { "/usr/share/ovirt-server/log" :
+		ensure => directory,
+		require => Package[ovirt-server]
+	}
+
+        single_exec { "create_ovirtadmin_acct" :
+		command => "/usr/share/ovirt-server/script/grant_admin_privileges
ovirtadmin",
+		require => Single_Exec[db_migrate]
+	}
+
+	single_exec { "add_host" : 
+		command => "/usr/bin/ovirt-add-host $ipa_host
/usr/share/ovirt-server/ovirt.keytab",
+		require => Package[ovirt-server]
+	}	
+    
+	exec { "disable_selinux" : 
+		command => "/usr/sbin/lokkit --selinux=disabled",
+        require => Package["ovirt-server"]
+	}	    
+ 
+	service {"httpd" :
+                enable => true,
+                require => Package[httpd],
+                ensure => running
+        }
+
+	service {"libvirt" :
+                enable => false,
+                require => Package[libvirt],
+        }
+
+        service {"ovirt-host-browser" :
+                enable => true,
+		require => [Package[ovirt-server],Single_Exec[db_migrate]],
+                ensure => running
+        }
+ 
+        service {"ovirt-host-collect" :
+                enable => true,
+		require => [Package[ovirt-server],Single_Exec[db_migrate]],
+                ensure => running
+        }
+
+        service {"ovirt-mongrel-rails" :
+                enable => true,
+		require => [Package[ovirt-server],Single_Exec[db_migrate]],
+                ensure => running,
+		notify => Service[httpd]
+        }
+ 
+	service {"ovirt-taskomatic" :
+                enable => true,
+		require => [Package[ovirt-server],Single_Exec[db_migrate]],
+                ensure => running
+        }
+
+        service {"qpidd" :
+                enable => true,
+                ensure => running,
+                require => Package[qpidd]
+                }
+
+        service {"collectd" :
+                enable => true,
+                ensure => running,
+                require => Package[collectd]
+                }
+
+	service {"ntpd" :
+                enable => true,
+                ensure => running,
+		require => Package[ntp]
+                }
+
+#	firewall_rule{"http": destination_port => "80"}
+
+}
diff --git a/installer/modules/ovirt/manifests/postgres.pp
b/installer/modules/ovirt/manifests/postgres.pp
new file mode 100644
index 0000000..0bd71fa
--- /dev/null
+++ b/installer/modules/ovirt/manifests/postgres.pp
@@ -0,0 +1,114 @@
+#--
+#  Copyright (C) 2008 Red Hat Inc.
+#
+#  This library is free software; you can redistribute it and/or
+#  modify it under the terms of the GNU Lesser General Public
+#  License as published by the Free Software Foundation; either
+#  version 2.1 of the License, or (at your option) any later version.
+#
+#  This library is distributed in the hope that it will be useful,
+#  but WITHOUT ANY WARRANTY; without even the implied warranty of
+#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+#  Lesser General Public License for more details.
+#
+#  You should have received a copy of the GNU Lesser General Public
+#  License along with this library; if not, write to the Free Software
+#  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA
+#
+# Author: Joey Boggs <jboggs at redhat.com>
+#--
+
+import "postgres"
+import "appliance_base/single_exec.pp"
+
+class postgres::bundled{
+
+        
+	package {"postgresql-server":
+                ensure => installed,
+        }
+        package {"ace-postgres":
+		ensure => installed,
+		require => Package[postgresql-server]
+        }
+
+	single_exec {"initialize_db":
+		command => "/sbin/service postgresql initdb",
+		creates => "/var/lib/pgsql/data/pg_hba.conf",
+		require => Package[postgresql-server]
+	}
+        
+        service {"postgresql" :
+		ensure => running,
+		enable => true,
+		require => Single_exec[initialize_db]
+        }
+
+        single_exec {"create_ovirt_db":
+		command => "/usr/bin/createdb ovirt",
+		require => [Exec[postgres_add_all_trust], Service[postgresql]],
+		user => "postgres"
+        }
+
+	single_exec {"create_ovirt_development_db":
+                command => "/usr/bin/createdb ovirt_development",
+                require => [Exec[postgres_add_all_trust],
Service[postgresql]],
+                user => "postgres"
+        }
+
+	postgres_execute_command {"ovirt_db_create_role":
+		cmd => "CREATE ROLE ovirt LOGIN PASSWORD '$db_password'
NOINHERIT VALID UNTIL 'infinity'",
+		database => "ovirt",
+                require => Single_Exec[create_ovirt_db]
+        }
+
+	postgres_execute_command {"ovirt_db_grant_permissions":
+		cmd => "GRANT ALL ON DATABASE ovirt TO ovirt;", 
+		database => "ovirt",
+                require => Postgres_execute_command[ovirt_db_create_role]
+        }
+
+	exec {"postgres_add_all_trust":
+                command => "/bin/echo 'local all all trust'
> /var/lib/pgsql/data/pg_hba.conf",
+		require => Single_exec[initialize_db],
+		notify => Service[postgresql]
+        }      
+
+	exec {"postgres_add_localhost_trust":
+		command => "/bin/echo 'host all all 127.0.0.1 255.255.255.0
trust' >> /var/lib/pgsql/data/pg_hba.conf",
+		require => Exec[postgres_add_all_trust],
+                notify => Service[postgresql]
+        } 
+
+	file { "/etc/ovirt-server/" :
+                ensure => directory,
+                require => Exec[postgres_add_localhost_trust]
+        }
+
+        file { "/etc/ovirt-server/db/" :
+                ensure => directory,
+                require => File["/etc/ovirt-server"]
+        }
+
+	exec {"touch_dbaccess_file": 
+		command => "/bin/touch /etc/ovirt-server/db/dbaccess",
+		require => File["/etc/ovirt-server/db"]
+	}
+
+	file_append {"db_password_file":
+                file    => "/etc/ovirt-server/db/dbaccess",
+		line    => "$db_password",
+		require => Exec[touch_dbaccess_file]
+        }     
+	exec {"db_exists_file":
+		command => "/bin/touch /etc/ovirt-server/db/exists",
+		require => File_append[db_password_file]
+	}
+}
+
+class postgres::remote{
+
+# oVirt is not configured at this time to support a remote postgres connection
+
+}
+
diff --git a/installer/modules/ovirt/manifests/tftp.pp
b/installer/modules/ovirt/manifests/tftp.pp
new file mode 100644
index 0000000..4f41d00
--- /dev/null
+++ b/installer/modules/ovirt/manifests/tftp.pp
@@ -0,0 +1,31 @@
+#--
+#  Copyright (C) 2008 Red Hat Inc.
+#
+#  This library is free software; you can redistribute it and/or
+#  modify it under the terms of the GNU Lesser General Public
+#  License as published by the Free Software Foundation; either
+#  version 2.1 of the License, or (at your option) any later version.
+#
+#  This library is distributed in the hope that it will be useful,
+#  but WITHOUT ANY WARRANTY; without even the implied warranty of
+#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+#  Lesser General Public License for more details.
+#
+#  You should have received a copy of the GNU Lesser General Public
+#  License along with this library; if not, write to the Free Software
+#  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA
+#
+# Author: Joey Boggs <jboggs at redhat.com>
+#--
+
+class tftp::bundled {
+
+        file {"/etc/dnsmasq.d/ovirt-tftp.conf":
+                content => template("ovirt/ovirt-tftp.conf.erb"),
+                mode => 644,
+		notify => Service[dnsmasq],
+		require => Package[dnsmasq]
+        }
+}
+
+
diff --git a/installer/modules/ovirt/templates/digest_line.erb
b/installer/modules/ovirt/templates/digest_line.erb
new file mode 100644
index 0000000..4e98708
--- /dev/null
+++ b/installer/modules/ovirt/templates/digest_line.erb
@@ -0,0 +1,4 @@
+<%  require 'digest/sha1' -%>
+<% token = "#{digest_username}:#{digest_realm}:#{digest_password}"
-%>
+<% digested_password = Digest::MD5.hexdigest(token) -%>
+<%= digest_username -%>:<%= digest_realm -%>:<%=
digested_password -%>
diff --git a/installer/modules/ovirt/templates/ovirt-dhcp.conf.erb
b/installer/modules/ovirt/templates/ovirt-dhcp.conf.erb
new file mode 100644
index 0000000..e10db40
--- /dev/null
+++ b/installer/modules/ovirt/templates/ovirt-dhcp.conf.erb
@@ -0,0 +1,9 @@
+interface=<%= dhcp_interface %>
+dhcp-range=<%= dhcp_network %>.<%= dhcp_start %>,<%=
dhcp_network%>.<%= dhcp_stop %>
+domain=<%= dhcp_domain %>
+dhcp-option=option:router,<%= prov_network_gateway %>
+dhcp-option=option:ntp-server,<%= ntp_server %>
+dhcp-option=12
+no-resolv
+local=/<%= dhcp_domain %>/
+server=<%= prov_dns_server %>
diff --git a/installer/modules/ovirt/templates/ovirt-dns.conf.erb
b/installer/modules/ovirt/templates/ovirt-dns.conf.erb
new file mode 100644
index 0000000..ae3eb48
--- /dev/null
+++ b/installer/modules/ovirt/templates/ovirt-dns.conf.erb
@@ -0,0 +1,7 @@
+srv-host=_ovirt._tcp,<%= ovirt_host %>,80
+srv-host=_ipa._tcp,<%= ipa_host %>,80
+srv-host=_ldap._tcp,<%= ipa_host %>,389
+srv-host=_collectd._tcp,<%= ovirt_host %>,25826
+srv-host=_qpidd._tcp,<%= ovirt_host %>,5672
+srv-host=_identify._tcp,<%= ovirt_host %>,12120
+
diff --git a/installer/modules/ovirt/templates/ovirt-tftp.conf.erb
b/installer/modules/ovirt/templates/ovirt-tftp.conf.erb
new file mode 100644
index 0000000..3fa40f8
--- /dev/null
+++ b/installer/modules/ovirt/templates/ovirt-tftp.conf.erb
@@ -0,0 +1,3 @@
+enable-tftp
+tftp-root=/var/lib/tftpboot
+dhcp-boot=pxelinux.0
diff --git a/ovirt-server.spec.in b/ovirt-server.spec.in
index 79a5adf..647794d 100644
--- a/ovirt-server.spec.in
+++ b/ovirt-server.spec.in
@@ -1,5 +1,6 @@
 %define pbuild %{_builddir}/%{name}-%{version}
 %define app_root %{_datadir}/%{name}
+%define acehome  %{_datadir}/ace
 
 Summary: oVirt Server Suite
 Name: ovirt-server
@@ -45,10 +46,19 @@ BuildArch: noarch
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-buildroot
 URL: http://ovirt.org/
 
-%description
+%package installer
+Summary: Installer modules for the oVirt Server Suite
+Requires: ruby(abi) = 1.8
+Requires: ace
+Requires: ace-postgres
+Requires: hal
 
+%description
 The Server Suite for oVirt.
 
+%description installer
+The Installer for the ovirt server suite
+
 %prep
 %setup -q
 
@@ -59,6 +69,7 @@ test "x$RPM_BUILD_ROOT" != "x" &&
rm -rf $RPM_BUILD_ROOT
 mkdir %{buildroot}
 
 %{__install} -d -m0755 %{buildroot}%{_bindir}
+%{__install} -d -m0755 %{buildroot}%{_datadir}
 %{__install} -d -m0755 %{buildroot}%{_sbindir}
 %{__install} -d -m0755 %{buildroot}%{_initrddir}
 %{__install} -d -m0755 %{buildroot}%{_sysconfdir}/sysconfig
@@ -69,6 +80,7 @@ mkdir %{buildroot}
 %{__install} -d -m0755 %{buildroot}%{_localstatedir}/log/%{name}
 %{__install} -d -m0755 %{buildroot}%{_localstatedir}/run/%{name}
 %{__install} -d -m0755 %{buildroot}%{app_root}
+%{__install} -d -m0755 %{buildroot}/%{acehome}
 
 touch %{buildroot}%{_localstatedir}/log/%{name}/mongrel.log
 touch %{buildroot}%{_localstatedir}/log/%{name}/rails.log
@@ -114,6 +126,11 @@ touch
%{buildroot}%{_localstatedir}/log/%{name}/db-omatic.log
 %{__mkdir} %{buildroot}%{_localstatedir}/lib/%{name}/tmp
 %{__ln_s} %{_localstatedir}/lib/%{name}/tmp %{buildroot}%{app_root}/tmp
 
+# Set up the installer
+%{__cp} -pr %{pbuild}/installer/modules %{buildroot}/%{acehome}
+%{__cp} -pr %{pbuild}/installer/bin/ovirt-installer %{buildroot}%{_sbindir}
+
+
 %clean
 rm -rf $RPM_BUILD_ROOT
 
@@ -193,6 +210,10 @@ fi
 %config(noreplace) %{_sysconfdir}/%{name}/production.rb
 %config(noreplace) %{_sysconfdir}/%{name}/test.rb
 
+%files installer
+%{_sbindir}/ovirt-installer
+%{acehome}
+
 %changelog
 * Thu May 29 2008 Alan Pevec <apevec at redhat.com> - 0.0.5-0
 - use rubygem-krb5-auth
-- 
1.6.0.4

when testing the patches, all the should be executable files for me are 
set to 644 rather than 755 so I can't run ovirt-installer without 
permission issues. It's specified in the patches to create them as 755 
though anyone seen this before?

Bryan Kearney wrote:
> ---
>  Makefile.am                                        |    3 +-
>  installer/bin/ovirt-installer                      |  273
++++++++++++++++++++
>  installer/modules/ovirt/files/collectd.conf        |   23 ++
>  installer/modules/ovirt/files/dns_entries.sh       |    2 +
>  installer/modules/ovirt/files/modules.conf         |   96 +++++++
>  installer/modules/ovirt/files/qpidd.conf           |    4 +
>  installer/modules/ovirt/manifests/cobbler.pp       |  126 +++++++++
>  installer/modules/ovirt/manifests/dhcp.pp          |   34 +++
>  installer/modules/ovirt/manifests/dns.pp           |   99 +++++++
>  installer/modules/ovirt/manifests/freeipa.pp       |  103 ++++++++
>  installer/modules/ovirt/manifests/init.pp          |    9 +
>  installer/modules/ovirt/manifests/ovirt.pp         |  154 +++++++++++
>  installer/modules/ovirt/manifests/postgres.pp      |  114 ++++++++
>  installer/modules/ovirt/manifests/tftp.pp          |   31 +++
>  installer/modules/ovirt/templates/digest_line.erb  |    4 +
>  .../modules/ovirt/templates/ovirt-dhcp.conf.erb    |    9 +
>  .../modules/ovirt/templates/ovirt-dns.conf.erb     |    7 +
>  .../modules/ovirt/templates/ovirt-tftp.conf.erb    |    3 +
>  ovirt-server.spec.in                               |   23 ++-
>  19 files changed, 1115 insertions(+), 2 deletions(-)
>  create mode 100755 installer/bin/ovirt-installer
>  create mode 100644 installer/modules/ovirt/files/collectd.conf
>  create mode 100755 installer/modules/ovirt/files/dns_entries.sh
>  create mode 100644 installer/modules/ovirt/files/modules.conf
>  create mode 100644 installer/modules/ovirt/files/qpidd.conf
>  create mode 100644 installer/modules/ovirt/manifests/cobbler.pp
>  create mode 100644 installer/modules/ovirt/manifests/dhcp.pp
>  create mode 100644 installer/modules/ovirt/manifests/dns.pp
>  create mode 100644 installer/modules/ovirt/manifests/freeipa.pp
>  create mode 100644 installer/modules/ovirt/manifests/init.pp
>  create mode 100644 installer/modules/ovirt/manifests/ovirt.pp
>  create mode 100644 installer/modules/ovirt/manifests/postgres.pp
>  create mode 100644 installer/modules/ovirt/manifests/tftp.pp
>  create mode 100644 installer/modules/ovirt/templates/digest_line.erb
>  create mode 100644 installer/modules/ovirt/templates/ovirt-dhcp.conf.erb
>  create mode 100644 installer/modules/ovirt/templates/ovirt-dns.conf.erb
>  create mode 100644 installer/modules/ovirt/templates/ovirt-tftp.conf.erb
>
> diff --git a/Makefile.am b/Makefile.am
> index e11e636..f115c8f 100644
> --- a/Makefile.am
> +++ b/Makefile.am
> @@ -23,7 +23,8 @@ EXTRA_DIST =			\
>    ovirt-server.spec.in	\
>    scripts				\
>    conf					\
> -  src
> +  src					\
> +  installer
>  
>  DISTCLEANFILES = $(PACKAGE)-$(VERSION).tar.gz
>  
> diff --git a/installer/bin/ovirt-installer b/installer/bin/ovirt-installer
> new file mode 100755
> index 0000000..84604ef
> --- /dev/null
> +++ b/installer/bin/ovirt-installer
> @@ -0,0 +1,273 @@
> +#!/usr/bin/ruby
> +#-- 
> +##  Copyright (C) 2008 Red Hat Inc.
> +##  
> +##  This library is free software; you can redistribute it and/or
> +##  modify it under the terms of the GNU Lesser General Public
> +##  License as published by the Free Software Foundation; either
> +##  version 2.1 of the License, or (at your option) any later version.
> +##  
> +##  This library is distributed in the hope that it will be useful,
> +##  but WITHOUT ANY WARRANTY; without even the implied warranty of
> +##  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> +##  Lesser General Public License for more details.
> +##  
> +##  You should have received a copy of the GNU Lesser General Public
> +##  License along with this library; if not, write to the Free Software
> +##  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 
USA
> +##
> +## Author: Joey Boggs <jboggs at redhat.com>
> +##--
> +## oVirt Installation Script
> +
> +require 'socket'
> +require 'fileutils'
> +
> +if File.exist?("/usr/sbin/sestatus")
> +sestatus = `/usr/sbin/sestatus`
> +if sestatus !~ /(Current mode:                   permissive|Current mode: 
disabled|SELinux status:                 disabled|SELinux status:               
permissive)/
> +puts "SELinux enabled, please disable or set in permissive mode
permanently by editing"
> +puts "/etc/selinux/config and rebooting"
> +exit
> +end
> +end
> +
> +FileUtils.mkdir_p("/usr/share/ace/appliances/ovirt")
> +config_file =
File.new("/usr/share/ace/appliances/ovirt/ovirt.pp", "w")
> +config_file.write "import 'ovirt'\n"
> +config_file.write "import 'firewall'\n\n"
> +config_file.write "firewall::setup{'setup': status =>
'disabled'}\n\n"
> +
> +mgmt_dev = ""
> +prov_dev = ""
> +
> +dev_ct = 0
> +net_devs = `hal-find-by-capability --capability net`
> +net_devs.each_line{ |dev|
> +dev_ct = dev_ct + 1
> +}
> +
> +if dev_ct == 0
> +puts "Unable to install without a network interface"
> +exit
> +
> +else
> +puts ""
> +get_net_devs = `hal-find-by-capability --capability net`
> +puts "Below are the detected networking devices\n\n"
> +puts "mac address           interface        ip address"
> +net_devs.each_line{ |dev|
> +dev = dev.chomp
> +interface = `hal-get-property --udi #{dev} --key net.interface`
> +mac = `hal-get-property --udi #{dev} --key net.address`
> +ip = `ifconfig #{interface}`
> +ipaddr = ip.scan(/\s*inet addr:([\d.]+)/)
> +puts mac.chop + "   :   " + interface.chop   +  "    :   
" + ipaddr.to_s if interface.chop != "lo"
> +}
> +end
> +
> +if dev_ct > 1
> +puts "\nDo you want separate management and provisioning networks?
(y/n)"
> +sep_networks = gets.chomp
> +while sep_networks != "y" and sep_networks != "n"
> +puts "Invalid choice"
> +puts "Do you want separate management and provisioning networks?
(y/n)"
> +sep_networks = gets.chomp
> +end
> +
> +if sep_networks == "y"
> +while mgmt_dev == ""
> +puts "Input your management interface (example: eth0)"
> +mgmt_dev = gets.chomp
> +end
> +
> +while prov_dev == ""
> +puts "Input your provisioning interface, this may also be your
management interface (example: eth1)"
> +prov_dev = gets.chomp
> +end
> +
> +elsif sep_networks == "n"
> +while mgmt_dev == ""
> +puts "Input your management/provisioning interface (example:
eth1)"
> +mgmt_dev = gets.chomp
> +prov_dev = mgmt_dev
> +end
> +end
> +
> +elsif dev_ct == 1
> +while mgmt_dev == ""
> +puts "\nOnly one networking device detected"
> +puts "Input your management/provisioning interface (example:
eth1)"
> +mgmt_dev = gets.chomp
> +prov_dev = mgmt_dev
> +puts "Need Management interface"
> +end
> +end
> +
> +puts "Enter the hostname of the oVirt management server (example:
management.example.com)"
> +ovirt_host = gets.chomp
> +ipa_host = ovirt_host
> +
> +puts "\nUse this system's dns servers (y/n)"
> +File.open('/etc/resolv.conf').each_line{ |line|
> +  line = line.chomp
> +puts line if line =~ /nameserver/ and line !~ /nameserver 127.0.0.1/
> +}
> +dns_servers = gets.chomp
> +
> +while dns_servers != "y" and dns_servers != "n"
> +puts "Invalid choice"
> +dns_servers = gets.chomp
> +end
> +
> +mgmt_ip = `ifconfig #{mgmt_dev}`
> +mgmt_ipaddr= mgmt_ip.scan(/\s*inet addr:([\d.]+)/)
> +prov_ip = `ifconfig #{prov_dev}`
> +prov_ipaddr= prov_ip.scan(/\s*inet addr:([\d.]+)/)
> +
> +config_file.write "# dns configuration\n"
> +config_file.write "$mgmt_ipaddr = '#{mgmt_ipaddr}'\n"
> +config_file.write "$prov_ipaddr = '#{prov_ipaddr}'\n"
> +config_file.write "$ovirt_host = '#{ovirt_host}'\n"
> +config_file.write "$ipa_host = '#{ipa_host}'\n\n"
> +
> +if dns_servers == "n"
> +config_file.write "dns::bundled{setup: mgmt_ipaddr=> $mgmt_ipaddr,
prov_ipaddr=> $prov_ipaddr, mgmt_dev => '#{mgmt_dev}', prov_dev
=> '#{prov_dev}'}\n\n"
> +end
> +
> +if dns_servers == "y"
> +config_file.write "dns::remote{setup: mgmt_ipaddr=> $mgmt_ipaddr,
prov_ipaddr=> $prov_ipaddr, mgmt_dev => '#{mgmt_dev}', prov_dev
=> '#{prov_dev}'}\n\n"
> +host_lookup = Socket.getaddrinfo(ipa_host,nil)
> +hostip = host_lookup[1][3]
> +if hostip.to_s != mgmt_ipaddr.to_s
> +puts "Reverse dns lookup for #{ipa_host} failed, exiting"
> +exit
> +end
> +end
> +
> +puts "Does you provisioning network already have dhcp? (y/n)"
> +dhcp_setup = gets.chomp
> +while dhcp_setup != "y" and dhcp_setup != "n"
> +puts "Invalid choice"
> +dhcp_setup = gets.chomp
> +end
> +
> +if dhcp_setup == "n"
> +
> +puts "DHCP Configuration\n"
> +config_file.write "# dhcp configuration\n"
> +dhcp_interface = prov_dev
> +config_file.write "$dhcp_interface =
'#{dhcp_interface}'\n"
> +
> +puts "Enter the first 3 octets of the dhcp network you wish to use
(example: 192.168.50)"
> +dhcp_network = gets.chomp
> +config_file.write "$dhcp_network = '#{dhcp_network}'\n"
> +
> +puts "Enter the dhcp pool start address (example: 3)"
> +dhcp_start = gets.chomp
> +config_file.write "$dhcp_start = '#{dhcp_start}'\n"
> +
> +puts "Enter the dhcp pool end addess (example: 100)"
> +dhcp_stop = gets.chomp
> +config_file.write "$dhcp_stop = '#{dhcp_stop}'\n"
> +
> +puts "Enter the dhcp domain you wish to use (example:
example.com)"
> +dhcp_domain = gets.chomp
> +config_file.write "$dhcp_domain = '#{dhcp_domain}'\n"
> +
> +config_file.write "$ntp_server = '#{mgmt_ipaddr}'\n\n"
> +
> +puts "Provide pxe/tftp capability? (y/n)"
> +tftp_setup = gets.chomp
> +
> +if sep_networks == "y"
> +prov_ip = `ifconfig #{prov_dev}`
> +prov_dns_server = prov_ip.scan(/\s*inet addr:([\d.]+)/)
> +config_file.write "$prov_dns_server =
'#{prov_dns_server}'\n"
> +
> +puts "Enter the network gateway for your provisioning network
(example: 192.168.50.254)"
> +prov_network_gateway = gets.chomp
> +config_file.write "$prov_network_gateway =
'#{prov_network_gateway}'\n"
> +end
> +end
> +
> +# Cobbler Configuration
> +puts "Do you have a cobbler already that you wish to use? (y/n)"
> +cobbler_setup = gets.chomp
> +
> +while cobbler_setup != "y" and cobbler_setup != "n"
> +puts "Invalid choice"
> +cobbler_setup = gets.chomp
> +end
> +
> +cobbler_config = "n"
> +
> +if cobbler_setup == "y"
> +puts "Enter the hostname of your cobbler server"
> +cobbler_hostname = gets.chomp
> +puts "Enter your cobbler username"
> +cobbler_user_name= gets.chomp
> +puts "Enter your cobbler user password"
> +cobbler_user_password = gets.chomp
> +
> +elsif cobbler_setup == "n"
> +cobbler_hostname = "localhost"
> +puts "We will setup a cobbler instance, please provide the following
information"
> +puts "Enter your cobbler username"
> +cobbler_user_name= gets.chomp
> +puts "Enter your cobbler user password"
> +cobbler_user_password = gets.chomp
> +end
> +
> +config_file.write "# cobbler configuration\n"
> +config_file.write "$cobbler_hostname =
'#{cobbler_hostname}'\n"
> +config_file.write "$cobbler_user_name =
'#{cobbler_user_name}'\n"
> +config_file.write "$cobbler_user_password =
'#{cobbler_user_password}'\n\n"
> +
> +
> +# Postgres Configuration
> +puts "Enter a password for the ovirt postgres account"
> +db_username = "ovirt"
> +db_password = gets.chomp
> +config_file.write "# postgres configuration\n"
> +config_file.write "$db_username = '#{db_username}'\n"
> +config_file.write "$db_password = '#{db_password}'\n\n"
> +
> +# FreeIPA Configuration
> +config_file.write "# FreeIPA configuration\n"
> +puts "Enter your realm name (example: example.com)"
> +realm_name = gets.chomp
> +config_file.write "$realm_name = '#{realm_name}'\n"
> +puts "\nEnter an administrator password for FreeIPA "
> +puts "*** This will also be you ovirtadmin password for the web
management login ***\n\n"
> +freeipa_password = gets.chomp
> +config_file.write "$freeipa_password =
'#{freeipa_password}'\n"
> +ldap_dn = "cn=ipaConfig,cn=etc,"
> +ldap_dn_temp = realm_name.split(".")
> +ldap_dn_temp.each do |i|
> +ldap_dn += "dc=#{i},"
> +end
> +ldap_dn = ldap_dn.chop
> +config_file.write "$ldap_dn = '#{ldap_dn}'\n\n"
> +
> +
> +if cobbler_setup == "y"
> +config_file.write "include cobbler::remote\n"
> +elsif cobbler_setup == "n"
> +config_file.write "include cobbler::bundled\n"
> +end
> +
> +if dhcp_setup == "n"
> +config_file.write "include dhcp::bundled\n"
> +end
> +
> +if tftp_setup == "y"
> +config_file.write "include tftp::bundled\n"
> +end
> +
> +config_file.write "include postgres::bundled\n"
> +config_file.write "include freeipa::bundled\n"
> +config_file.write "include ovirt::setup\n"
> +config_file.close
> +
> +puts "\n\nTo start the installation run:    ace install ovirt"
> diff --git a/installer/modules/ovirt/files/collectd.conf
b/installer/modules/ovirt/files/collectd.conf
> new file mode 100644
> index 0000000..0b327de
> --- /dev/null
> +++ b/installer/modules/ovirt/files/collectd.conf
> @@ -0,0 +1,23 @@
> +LoadPlugin network
> +LoadPlugin logfile
> +LoadPlugin rrdtool
> +LoadPlugin unixsock
> +
> +<Plugin logfile>
> +        LogLevel info
> +        File STDOUT
> +</Plugin>
> +
> +<Plugin network>
> +        Listen "0.0.0.0"
> +</Plugin>
> +
> +<Plugin rrdtool>
> +        DataDir "/var/lib/collectd/rrd"
> +        CacheTimeout 120
> +        CacheFlush   900
> +</Plugin>
> +
> +<Plugin unixsock>
> +        SocketFile "/var/lib/collectd/unixsock"
> +</Plugin>
> diff --git a/installer/modules/ovirt/files/dns_entries.sh
b/installer/modules/ovirt/files/dns_entries.sh
> new file mode 100755
> index 0000000..65662d5
> --- /dev/null
> +++ b/installer/modules/ovirt/files/dns_entries.sh
> @@ -0,0 +1,2 @@
> +#!/bin/bash
> +for i in `seq $1 $2` ; do echo $3.$i node$i.$4 >> /etc/hosts; done
> diff --git a/installer/modules/ovirt/files/modules.conf
b/installer/modules/ovirt/files/modules.conf
> new file mode 100644
> index 0000000..236ef4c
> --- /dev/null
> +++ b/installer/modules/ovirt/files/modules.conf
> @@ -0,0 +1,96 @@
> +# specifies what cobbler modules to load.
> +
> +# what file/data formats to use for metadata
> +#
> +# choices:
> +#    serializer_catalog (fast, uses .d directories in
/var/lib/cobbler/config)
> +#    serializer_yaml (original serializer, uses a few text files)
> +#
> +# for 99% or more of all installations, use serializer_catalog.
> +#
> +# NOTE:  serializer changes may remove your ability to access old data.
> +# serializer_yaml users can change to serializer_catalog w/o manual
> +# migration steps.  Other changes are for new installs only.
> +
> +[serializers]
> +settings = serializer_catalog
> +distro = serializer_catalog
> +profile = serializer_catalog
> +system = serializer_catalog
> +repo = serializer_catalog
> +image = serializer_catalog
> +
> +# policy: what users can log into the WebUI and Read-Write XMLRPC?
> +#
> +# choices:
> +#    authn_denyall    -- no one (default)
> +#    authn_configfile -- use /etc/cobbler/users.digest (for basic setups)
> +#    authn_passthru   -- ask Apache to handle it (used for kerberos)
> +#    authn_ldap       -- authenticate against LDAP
> +#    authn_spacewalk  -- ask Spacewalk/Satellite (experimental)
> +#    authn_testing    -- username/password is always testing/testing
(debug)
> +#    (user supplied)  -- you may write your own module
> +#
> +# WARNING: this is a security setting, do not choose an option blindly.
> +#
> +# for more information:
> +# https://fedorahosted.org/cobbler/wiki/CobblerWebInterface
> +# https://fedorahosted.org/cobbler/wiki/CustomizableSecurity
> +# https://fedorahosted.org/cobbler/wiki/CobblerWithKerberos
> +# https://fedorahosted.org/cobbler/wiki/CobblerWithLdap
> +
> +[authentication]
> +module = authn_configfile
> +
> +# policy: once a user has been cleared by the WebUI/XMLRPC, what can they
do?
> +#
> +# choices:
> +#    authz_allowall   -- full access for all authneticated users (default)
> +#    authz_configfile -- determined by /etc/cobbler/users.conf
> +#    authz_ownership  -- use users.conf, but add object ownership
semantics
> +#    (user supplied)  -- you may write your own module
> +#
> +# WARNING: this is a security setting, do not choose an option blindly.
> +#
> +# for more information:
> +# https://fedorahosted.org/cobbler/wiki/CobblerWebInterface
> +# https://fedorahosted.org/cobbler/wiki/CustomizableSecurity
> +# https://fedorahosted.org/cobbler/wiki/CustomizableAuthorization
> +# https://fedorahosted.org/cobbler/wiki/AuthorizationWithOwnership
> +
> +[authorization]
> +module = authz_allowall
> +
> +# chooses the DNS management engine if manage_dns is enabled
> +# in /etc/cobbler/settings, which is off by default.
> +#
> +# choices:
> +#    manage_bind    -- default, uses BIND/named
> +#    manage_dnsmasq -- uses dnsmasq, also must select dnsmasq for dhcp
below
> +#
> +# NOTE: more configuration is still required in /etc/cobbler
> +#
> +# for more information:
> +# https://fedorahosted.org/cobbler/wiki/ManageDns
> +
> +[dns]
> +module = manage_bind
> +
> +# chooses the DHCP management engine if manage_dhcp is enabled
> +# in /etc/cobbler/settings, which is off by default.
> +#
> +# choices:
> +#    manage_isc     -- default, uses ISC dhcpd
> +#    manage_dnsmasq -- uses dnsmasq, also must select dnsmasq for dns
above
> +#
> +# NOTE: more configuration is still required in /etc/cobbler
> +#
> +# for more information:
> +# https://fedorahosted.org/cobbler/wiki/ManageDhcp
> +
> +[dhcp]
> +module = manage_isc
> +
> +
> +
> +
> diff --git a/installer/modules/ovirt/files/qpidd.conf
b/installer/modules/ovirt/files/qpidd.conf
> new file mode 100644
> index 0000000..014b23c
> --- /dev/null
> +++ b/installer/modules/ovirt/files/qpidd.conf
> @@ -0,0 +1,4 @@
> +# Configuration file for qpidd. Entries are of the form:
> +#  name = value
> +# Using default settings: "qpidd --help" or "man
qpidd" for more details.
> +auth=no
> diff --git a/installer/modules/ovirt/manifests/cobbler.pp
b/installer/modules/ovirt/manifests/cobbler.pp
> new file mode 100644
> index 0000000..e509502
> --- /dev/null
> +++ b/installer/modules/ovirt/manifests/cobbler.pp
> @@ -0,0 +1,126 @@
> +#-- 
> +#  Copyright (C) 2008 Red Hat Inc.
> +#  
> +#  This library is free software; you can redistribute it and/or
> +#  modify it under the terms of the GNU Lesser General Public
> +#  License as published by the Free Software Foundation; either
> +#  version 2.1 of the License, or (at your option) any later version.
> +#  
> +#  This library is distributed in the hope that it will be useful,
> +#  but WITHOUT ANY WARRANTY; without even the implied warranty of
> +#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> +#  Lesser General Public License for more details.
> +#  
> +#  You should have received a copy of the GNU Lesser General Public
> +#  License along with this library; if not, write to the Free Software
> +#  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 
USA
> +#
> +# Author: Joey Boggs <jboggs at redhat.com>
> +#--
> +
> +import "appliance_base"
> +#import "firewall"
> +
> +
> +define apache_htdigest($digest_file, $digest_username, $digest_password,
$digest_realm="")
> +{
> +       
file_append{"add_htdigest_for_$digest_username_in_$digest_realm":
> +                                file    => $digest_file,
> +                                line    =>
template("ovirt/digest_line.erb")
> +        }
> +
> +}
> +
> +
> +define
cobbler_user_config($cobbler_user_name="",$cobbler_user_password="",$cobbler_hostname="")
{
> +
> +	file_replacement{"cobbler_user_name_config":
> +	        file =>
"/usr/share/ovirt-server/config/cobbler.yml",
> +	        pattern => "^username.*$",
> +	        replacement => "username: $cobbler_user_name",
> +		require => Package[ovirt-server]
> +        }
> +
> +	file_replacement{"cobbler_user_password_config":
> +		file => "/usr/share/ovirt-server/config/cobbler.yml",
> +		pattern => "^password.*$",
> +	        replacement => "password: $cobbler_user_password",
> +		require => File_replacement[cobbler_user_name_config]
> +        }
> +        file_replacement{"cobbler_hostname_config":
> +                file =>
"/usr/share/ovirt-server/config/cobbler.yml",
> +                pattern => "^hostname.*$",
> +                replacement => "hostname: $cobbler_hostname",
> +		require => File_replacement[cobbler_user_name_config]
> +        }
> +
> +}
> +
> +class cobbler::bundled {
> +	package {"cobbler":
> +		ensure => installed
> +	}
> +	
> +	apache_htdigest{"cobbler_add_user":
> +	        digest_file => "/etc/cobbler/users.digest",
> +	        digest_username => "$cobbler_user_name",
> +	        digest_password => "$cobbler_user_password",
> +	        digest_realm => "Cobbler",
> +		require => Package[cobbler]
> +	}
> +        
> +        cobbler_user_config {"cobbler_bundled_user":
> +                cobbler_user_name=> "$cobbler_user_name",
> +                cobbler_user_password =>
"$cobbler_user_password",
> +                cobbler_hostname => "localhost",
> +		require => Package[cobbler]
> +        }
> +
> +	file_replacement{"settings_ip_address":
> +		file => "/etc/cobbler/settings",
> +		pattern	=> "127.0.0.1",
> +		replacement => $ipaddress,
> +		notify => Service[cobblerd],
> +		require => Package[cobbler]
> +	}
> +     
> +	file_replacement{"settings_xml_rpc":
> +		file => "/etc/cobbler/settings",
> +		pattern	=> "xmlrpc_rw_enabled: 0",
> +		replacement => "xmlrpc_rw_enabled: 1",
> +		require => File_replacement[settings_ip_address],
> +		notify=> Service[cobblerd]
> +        }
> +
> +	service {"cobblerd" :
> +		ensure => running,
> +		enable => true,
> +		require => File_replacement[settings_ip_address]
> +	}
> +
> +    file {"/etc/cobbler/modules.conf":
> +        source => "puppet:///ovirt/modules.conf",
> +        notify	 	=> Service[cobblerd],
> +        require => Package["cobbler"]
> +    }        
> +
> +#       firewall_rule{"69": destination_port =>
"69"}
> +#	firewall_rule{"25150": destination_port =>
"25150"}
> +#	firewall_rule{"25151": destination_port =>
"25151"}
> +
> +}
> +
> +class cobbler::remote {
> +
> +#    On the remote cobbler server run the following command:
> +#    htdigest /etc/cobbler/users.digest "Cobbler" $user_name 
> +#    Ensure the password is set to $cobbler_user_password
> +        
> +
> +        cobbler_user_config {"cobbler_remote_user":
> +                cobbler_user_name => "$cobbler_user_name",
> +                cobbler_user_password =>
"$cobbler_user_password",
> +                cobbler_hostname => "$cobbler_hostname"
> +        }
> +}
> +
> diff --git a/installer/modules/ovirt/manifests/dhcp.pp
b/installer/modules/ovirt/manifests/dhcp.pp
> new file mode 100644
> index 0000000..c5c8f9a
> --- /dev/null
> +++ b/installer/modules/ovirt/manifests/dhcp.pp
> @@ -0,0 +1,34 @@
> +#--
> +#  Copyright (C) 2008 Red Hat Inc.
> +#
> +#  This library is free software; you can redistribute it and/or
> +#  modify it under the terms of the GNU Lesser General Public
> +#  License as published by the Free Software Foundation; either
> +#  version 2.1 of the License, or (at your option) any later version.
> +#
> +#  This library is distributed in the hope that it will be useful,
> +#  but WITHOUT ANY WARRANTY; without even the implied warranty of
> +#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> +#  Lesser General Public License for more details.
> +#
> +#  You should have received a copy of the GNU Lesser General Public
> +#  License along with this library; if not, write to the Free Software
> +#  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 
USA
> +#
> +# Author: Joey Boggs <jboggs at redhat.com>
> +#--
> +
> +class dhcp::bundled {
> +
> +        file {"/etc/dnsmasq.d/ovirt-dhcp.conf":
> +                content =>
template("ovirt/ovirt-dhcp.conf.erb"),
> +                mode => 644,
> +		notify => Service[dnsmasq],
> +		require => Package[dnsmasq]
> +        }
> +
> +	single_exec {"dns_entries":
> +                command =>
"/usr/share/ace/modules/ovirt/files/dns_entries.sh $dhcp_start $dhcp_stop
$dhcp_network $dhcp_domain",
> +	}
> +
> +}
> diff --git a/installer/modules/ovirt/manifests/dns.pp
b/installer/modules/ovirt/manifests/dns.pp
> new file mode 100644
> index 0000000..c16abfd
> --- /dev/null
> +++ b/installer/modules/ovirt/manifests/dns.pp
> @@ -0,0 +1,99 @@
> +#--
> +#  Copyright (C) 2008 Red Hat Inc.
> +#
> +#  This library is free software; you can redistribute it and/or
> +#  modify it under the terms of the GNU Lesser General Public
> +#  License as published by the Free Software Foundation; either
> +#  version 2.1 of the License, or (at your option) any later version.
> +#
> +#  This library is distributed in the hope that it will be useful,
> +#  but WITHOUT ANY WARRANTY; without even the implied warranty of
> +#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> +#  Lesser General Public License for more details.
> +#
> +#  You should have received a copy of the GNU Lesser General Public
> +#  License along with this library; if not, write to the Free Software
> +#  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 
USA
> +#
> +# Author: Joey Boggs <jboggs at redhat.com>
> +#--
> +
> +# common featues
> +define dns::common($mgmt_ipaddr="",
$prov_ipaddr="",$mgmt_dev="",$prov_dev="") {
> +
> +    package {"dnsmasq":
> +        ensure => installed,
> +        require =>
[Single_exec["add_dns_server_to_resolv.conf"]]
> +    }
> +
> +    service {"dnsmasq" :
> +            ensure => running,
> +            enable => true,
> +            require =>
[File["/etc/dnsmasq.d/ovirt-dns.conf"], Package["dnsmasq"]]
> +    }
> +
> +    file {"/etc/dnsmasq.d/ovirt-dns.conf":
> +            content => template("ovirt/ovirt-dns.conf.erb"),
> +            mode => 644,
> +            notify => Service[dnsmasq],
> +            require => Package["dnsmasq"]            
> +    }
> +
> +    single_exec {"add_dns_server_to_resolv.conf":
> +        command => "/bin/sed -e '1i nameserver
$prov_ipaddr' -i /etc/resolv.conf",
> +        require => [Single_exec["set_hostname"]]
> +    }
> +
> +
> +    file_replacement {"dnsmasq_configdir":
> +        file => "/etc/dnsmasq.conf",
> +        pattern => "^#conf-dir=*$",
> +        replacement => "conf-dir=/etc/dnsmasq.d",
> +        notify => Service[dnsmasq],
> +        require => Package["dnsmasq"]
> +    }
> +    
> +    file {"/etc/dhclient.conf":
> +        ensure => present
> +    }
> +
> +    file_append {"dhclient_config":
> +        file => "/etc/dhclient.conf",
> +        line => "prepend domain-name-servers $prov_ipaddr",
> +        require => [Single_exec["set_hostname"],
Package["dnsmasq"], File["/etc/dhclient.conf"]]  ,
> +        notify => Service[dnsmasq],   
> +    }
> +
> +}
> +
> +define dns::bundled($mgmt_ipaddr="",
$prov_ipaddr="",$mgmt_dev="",$prov_dev="") {
> +
> +    dns::common{"setup": mgmt_ipaddr=>$mgmt_ipaddr,
prov_ipaddr=>$prov_ipaddr, mgmt_dev=>$mgmt_dev, prov_dev=>$prov_dev}
> +    
> +	single_exec {"add_mgmt_server_to_etc_hosts":
> +		command => "/bin/echo $mgmt_ipaddr $ipa_host >>
/etc/hosts",
> +		notify => [Service[dnsmasq],
Single_exec["add_dns_server_to_resolv.conf"]]
> +	}
> +}
> +
> +define dns::remote($mgmt_ipaddr="",
$prov_ipaddr="",$mgmt_dev="",$prov_dev="") {
> +
> +#    On the pxe server you will need to ensure that the
> +#    next server option points to the ip address of the tftp server
> +
> +# The following SRV records must be present in the dns server for
everything
> +# to function properly. Replace example.com with the appropriate domain
> +
> +#	_ovirt._tcp.example.com.    SRV 0 5 80 ovirtwuiserver.example.com.
> +#	_ipa._tcp.example.com.      SRV 0 5 80 ipaserver.example.com.
> +#	_ldap._tcp.example.com.     SRV 0 5 389 ldapserver.example.com.
> +#	_collectd._tcp.example.com. SRV 0 5 25826 ovirtwuiserver.example.com.
> +#	_qpidd._tcp.example.com.    SRV 0 5 5672 ovirtwuiserver.example.com.
> +#	_identify._tcp.example.com. SRV 0 5 12120 ovirtwuiserver.example.com.
> +
> +# Also A records must be present for each oVirt node. Without this they
are unable
> +# to determine their hostname and locate the management server.
> +
> +    dns::common{"setup": mgmt_ipaddr=>$mgmt_ipaddr,
prov_ipaddr=>$prov_ipaddr, mgmt_dev=>$mgmt_dev, prov_dev=>$prov_dev}
> +    
> +}
> diff --git a/installer/modules/ovirt/manifests/freeipa.pp
b/installer/modules/ovirt/manifests/freeipa.pp
> new file mode 100644
> index 0000000..1f292bf
> --- /dev/null
> +++ b/installer/modules/ovirt/manifests/freeipa.pp
> @@ -0,0 +1,103 @@
> +#--
> +#  Copyright (C) 2008 Red Hat Inc.
> +#
> +#  This library is free software; you can redistribute it and/or
> +#  modify it under the terms of the GNU Lesser General Public
> +#  License as published by the Free Software Foundation; either
> +#  version 2.1 of the License, or (at your option) any later version.
> +#
> +#  This library is distributed in the hope that it will be useful,
> +#  but WITHOUT ANY WARRANTY; without even the implied warranty of
> +#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> +#  Lesser General Public License for more details.
> +#
> +#  You should have received a copy of the GNU Lesser General Public
> +#  License along with this library; if not, write to the Free Software
> +#  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 
USA
> +#
> +# Author: Joey Boggs <jboggs at redhat.com>
> +#--
> +
> +class freeipa::bundled{
> +
> +	package {"ipa-server":
> +                ensure => installed,
> +		require =>
[Exec[db_exists_file],Single_exec["set_hostname"]]
> +        }
> +
> +	single_exec {"set_hostname":
> +		command => "/bin/hostname $ipa_host",
> +	}
> +
> +        exec {"set_kdc_defaults":
> +                command => "/bin/sed -i '/\[kdcdefaults\]/a \
kdc_ports = 88' /usr/share/ipa/kdc.conf.template",
> +                require => Package[ipa-server]
> +        }
> +
> +        exec {"replace_line_returns":
> +                command => "/bin/sed -i -e 's/^/#/'
/etc/httpd/conf.d/ipa-rewrite.conf",
> +                require => Single_Exec[ipa_server_install]
> +        }
> +
> +        file_replacement{"ipa_proxy_config_1":
> +               file => "/etc/httpd/conf.d/ipa.conf",
> +               pattern => "^<Proxy \*>",
> +               replacement => "<ProxyMatch
^.*/ipa/ui.*$>",
> +               require => Exec[replace_line_returns]
> +        }
> +
> +        file_replacement{"ipa_proxy_config_2":
> +               file => "/etc/httpd/conf.d/ipa.conf",
> +               pattern => "^</Proxy>",
> +               replacement => "</ProxyMatch>",
> +               require => File_replacement[ipa_proxy_config_1],
> +               notify => Service[httpd]
> +        }
> +
> +	single_exec {"dnsmasq_restart":
> +		command => "/etc/init.d/dnsmasq restart",
> +        require => Service["dnsmasq"]
> +	}
> +
> +        single_exec {"ipa_server_install":
> +                command => "/usr/sbin/ipa-server-install -r
$realm_name -p $freeipa_password -P $freeipa_password -a $freeipa_password
--hostname $ipa_host -u dirsrv -U",
> +                require =>
[Exec[set_kdc_defaults],Single_exec[dnsmasq_restart]]
> +        }
> +
> +        exec {"get_krb5_tkt":
> +                command => "/bin/echo
$freeipa_password|/usr/kerberos/bin/kinit admin",
> +                require => Single_Exec[ipa_server_install]
> +        }
> +
> +        single_exec {"ipa_modify_username_length":
> +		command => "/usr/sbin/ipa-defaultoptions --maxusername=12",
> +		require => Exec["get_krb5_tkt"]
> +        }
> +
> +        single_exec {"ipa_add_ovirtadmin_user":
> +                command => "/usr/sbin/ipa-adduser -f Ovirt -l
Admin -p $freeipa_password ovirtadmin",
> +                require => Single_exec[ipa_modify_username_length]
> +        }
> +
> +        single_exec {"ipa_ovirtadmin_group":
> +                command => "/usr/sbin/ipa-modgroup -a ovirtadmin
admins",
> +                require => Single_exec[ipa_add_ovirtadmin_user]
> +        }
> +
> +        single_exec {"set_pw_expiration":
> +                command => "/usr/sbin/ipa-moduser --setattr
krbPasswordExpiration=19700101000000Z ovirtadmin",
> +                require => Single_exec[ipa_ovirtadmin_group]
> +        }
> +
> +#	firewall_rule{"krb5": destination_port => "88"}
> +#	firewall_rule {"ldap": destination_port => '389'}
> +
> +}
> +
> +class freeipa::remote {
> +
> +# oVirt is not configured at this time to support a remote freeipa server
> +
> +}
> +		
> +
> diff --git a/installer/modules/ovirt/manifests/init.pp
b/installer/modules/ovirt/manifests/init.pp
> new file mode 100644
> index 0000000..87f6832
> --- /dev/null
> +++ b/installer/modules/ovirt/manifests/init.pp
> @@ -0,0 +1,9 @@
> +import "ovirt/cobbler.pp"
> +import "ovirt/dns.pp"
> +import "ovirt/dhcp.pp"
> +import "ovirt/tftp.pp"
> +import "ovirt/freeipa.pp"
> +import "ovirt/ovirt.pp"
> +import "ovirt/postgres.pp"
> +import "appliance_base/single_exec.pp"
> +
> diff --git a/installer/modules/ovirt/manifests/ovirt.pp
b/installer/modules/ovirt/manifests/ovirt.pp
> new file mode 100644
> index 0000000..809db8e
> --- /dev/null
> +++ b/installer/modules/ovirt/manifests/ovirt.pp
> @@ -0,0 +1,154 @@
> +#--
> +#  Copyright (C) 2008 Red Hat Inc.
> +#
> +#  This library is free software; you can redistribute it and/or
> +#  modify it under the terms of the GNU Lesser General Public
> +#  License as published by the Free Software Foundation; either
> +#  version 2.1 of the License, or (at your option) any later version.
> +#
> +#  This library is distributed in the hope that it will be useful,
> +#  but WITHOUT ANY WARRANTY; without even the implied warranty of
> +#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> +#  Lesser General Public License for more details.
> +#
> +#  You should have received a copy of the GNU Lesser General Public
> +#  License along with this library; if not, write to the Free Software
> +#  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 
USA
> +#
> +# Author: Joey Boggs <jboggs at redhat.com>
> +#--
> +
> +class ovirt::setup {
> +
> +        package {"ovirt-server":
> +		ensure => installed,
> +		require => Single_exec[set_pw_expiration]
> +	}
> +
> +	package {"httpd":
> +	        ensure => installed;
> +	}
> +	
> +	package {"rubygem-rake":
> +		ensure => installed;
> +	}
> +
> +	package {"qpidd":
> +	        ensure => installed;
> +	}
> +
> +	package {"collectd":
> +		ensure => installed;
> +	}
> +    
> +	package {"collectd-rrdtool":
> +		ensure => installed;
> +	}    
> +
> +	package {"libvirt":
> +	        ensure => installed;
> +	}	
> +    
> +	package {"ruby-qpid":
> +	        ensure => installed;
> +	}	    
> +
> +	package {"ntp":
> +	        ensure => installed;
> +	}
> +
> +	file {"/etc/collectd.conf":
> +		source => "puppet:///ovirt/collectd.conf",
> +		notify => Service[collectd],
> +        require => Package["collectd-rrdtool"]
> +	}
> +
> +	file {"/etc/qpidd.conf":
> +		source => "puppet:///ovirt/qpidd.conf",
> +		notify => Service[qpidd]
> +	}
> +
> +	single_exec { "db_migrate" :
> +		cwd => "/usr/share/ovirt-server/",
> +		command => "/usr/bin/rake db:migrate",
> +		require =>
[File["/usr/share/ovirt-server/log"],Package[ovirt-server],Package[rubygem-rake],Postgres_execute_command["ovirt_db_grant_permissions"]],
> +        environment => "RAILS_ENV=production"
> +	}
> +
> +	file { "/usr/share/ovirt-server/log" :
> +		ensure => directory,
> +		require => Package[ovirt-server]
> +	}
> +
> +        single_exec { "create_ovirtadmin_acct" :
> +		command =>
"/usr/share/ovirt-server/script/grant_admin_privileges ovirtadmin",
> +		require => Single_Exec[db_migrate]
> +	}
> +
> +	single_exec { "add_host" : 
> +		command => "/usr/bin/ovirt-add-host $ipa_host
/usr/share/ovirt-server/ovirt.keytab",
> +		require => Package[ovirt-server]
> +	}	
> +    
> +	exec { "disable_selinux" : 
> +		command => "/usr/sbin/lokkit --selinux=disabled",
> +        require => Package["ovirt-server"]
> +	}	    
> + 
> +	service {"httpd" :
> +                enable => true,
> +                require => Package[httpd],
> +                ensure => running
> +        }
> +
> +	service {"libvirt" :
> +                enable => false,
> +                require => Package[libvirt],
> +        }
> +
> +        service {"ovirt-host-browser" :
> +                enable => true,
> +		require => [Package[ovirt-server],Single_Exec[db_migrate]],
> +                ensure => running
> +        }
> + 
> +        service {"ovirt-host-collect" :
> +                enable => true,
> +		require => [Package[ovirt-server],Single_Exec[db_migrate]],
> +                ensure => running
> +        }
> +
> +        service {"ovirt-mongrel-rails" :
> +                enable => true,
> +		require => [Package[ovirt-server],Single_Exec[db_migrate]],
> +                ensure => running,
> +		notify => Service[httpd]
> +        }
> + 
> +	service {"ovirt-taskomatic" :
> +                enable => true,
> +		require => [Package[ovirt-server],Single_Exec[db_migrate]],
> +                ensure => running
> +        }
> +
> +        service {"qpidd" :
> +                enable => true,
> +                ensure => running,
> +                require => Package[qpidd]
> +                }
> +
> +        service {"collectd" :
> +                enable => true,
> +                ensure => running,
> +                require => Package[collectd]
> +                }
> +
> +	service {"ntpd" :
> +                enable => true,
> +                ensure => running,
> +		require => Package[ntp]
> +                }
> +
> +#	firewall_rule{"http": destination_port => "80"}
> +
> +}
> diff --git a/installer/modules/ovirt/manifests/postgres.pp
b/installer/modules/ovirt/manifests/postgres.pp
> new file mode 100644
> index 0000000..0bd71fa
> --- /dev/null
> +++ b/installer/modules/ovirt/manifests/postgres.pp
> @@ -0,0 +1,114 @@
> +#--
> +#  Copyright (C) 2008 Red Hat Inc.
> +#
> +#  This library is free software; you can redistribute it and/or
> +#  modify it under the terms of the GNU Lesser General Public
> +#  License as published by the Free Software Foundation; either
> +#  version 2.1 of the License, or (at your option) any later version.
> +#
> +#  This library is distributed in the hope that it will be useful,
> +#  but WITHOUT ANY WARRANTY; without even the implied warranty of
> +#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> +#  Lesser General Public License for more details.
> +#
> +#  You should have received a copy of the GNU Lesser General Public
> +#  License along with this library; if not, write to the Free Software
> +#  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 
USA
> +#
> +# Author: Joey Boggs <jboggs at redhat.com>
> +#--
> +
> +import "postgres"
> +import "appliance_base/single_exec.pp"
> +
> +class postgres::bundled{
> +
> +        
> +	package {"postgresql-server":
> +                ensure => installed,
> +        }
> +        package {"ace-postgres":
> +		ensure => installed,
> +		require => Package[postgresql-server]
> +        }
> +
> +	single_exec {"initialize_db":
> +		command => "/sbin/service postgresql initdb",
> +		creates => "/var/lib/pgsql/data/pg_hba.conf",
> +		require => Package[postgresql-server]
> +	}
> +        
> +        service {"postgresql" :
> +		ensure => running,
> +		enable => true,
> +		require => Single_exec[initialize_db]
> +        }
> +
> +        single_exec {"create_ovirt_db":
> +		command => "/usr/bin/createdb ovirt",
> +		require => [Exec[postgres_add_all_trust], Service[postgresql]],
> +		user => "postgres"
> +        }
> +
> +	single_exec {"create_ovirt_development_db":
> +                command => "/usr/bin/createdb
ovirt_development",
> +                require => [Exec[postgres_add_all_trust],
Service[postgresql]],
> +                user => "postgres"
> +        }
> +
> +	postgres_execute_command {"ovirt_db_create_role":
> +		cmd => "CREATE ROLE ovirt LOGIN PASSWORD '$db_password'
NOINHERIT VALID UNTIL 'infinity'",
> +		database => "ovirt",
> +                require => Single_Exec[create_ovirt_db]
> +        }
> +
> +	postgres_execute_command {"ovirt_db_grant_permissions":
> +		cmd => "GRANT ALL ON DATABASE ovirt TO ovirt;", 
> +		database => "ovirt",
> +                require =>
Postgres_execute_command[ovirt_db_create_role]
> +        }
> +
> +	exec {"postgres_add_all_trust":
> +                command => "/bin/echo 'local all all
trust' > /var/lib/pgsql/data/pg_hba.conf",
> +		require => Single_exec[initialize_db],
> +		notify => Service[postgresql]
> +        }      
> +
> +	exec {"postgres_add_localhost_trust":
> +		command => "/bin/echo 'host all all 127.0.0.1 255.255.255.0
trust' >> /var/lib/pgsql/data/pg_hba.conf",
> +		require => Exec[postgres_add_all_trust],
> +                notify => Service[postgresql]
> +        } 
> +
> +	file { "/etc/ovirt-server/" :
> +                ensure => directory,
> +                require => Exec[postgres_add_localhost_trust]
> +        }
> +
> +        file { "/etc/ovirt-server/db/" :
> +                ensure => directory,
> +                require => File["/etc/ovirt-server"]
> +        }
> +
> +	exec {"touch_dbaccess_file": 
> +		command => "/bin/touch /etc/ovirt-server/db/dbaccess",
> +		require => File["/etc/ovirt-server/db"]
> +	}
> +
> +	file_append {"db_password_file":
> +                file    => "/etc/ovirt-server/db/dbaccess",
> +		line    => "$db_password",
> +		require => Exec[touch_dbaccess_file]
> +        }     
> +	exec {"db_exists_file":
> +		command => "/bin/touch /etc/ovirt-server/db/exists",
> +		require => File_append[db_password_file]
> +	}
> +}
> +
> +class postgres::remote{
> +
> +# oVirt is not configured at this time to support a remote postgres
connection
> +
> +}
> +
> diff --git a/installer/modules/ovirt/manifests/tftp.pp
b/installer/modules/ovirt/manifests/tftp.pp
> new file mode 100644
> index 0000000..4f41d00
> --- /dev/null
> +++ b/installer/modules/ovirt/manifests/tftp.pp
> @@ -0,0 +1,31 @@
> +#--
> +#  Copyright (C) 2008 Red Hat Inc.
> +#
> +#  This library is free software; you can redistribute it and/or
> +#  modify it under the terms of the GNU Lesser General Public
> +#  License as published by the Free Software Foundation; either
> +#  version 2.1 of the License, or (at your option) any later version.
> +#
> +#  This library is distributed in the hope that it will be useful,
> +#  but WITHOUT ANY WARRANTY; without even the implied warranty of
> +#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> +#  Lesser General Public License for more details.
> +#
> +#  You should have received a copy of the GNU Lesser General Public
> +#  License along with this library; if not, write to the Free Software
> +#  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 
USA
> +#
> +# Author: Joey Boggs <jboggs at redhat.com>
> +#--
> +
> +class tftp::bundled {
> +
> +        file {"/etc/dnsmasq.d/ovirt-tftp.conf":
> +                content =>
template("ovirt/ovirt-tftp.conf.erb"),
> +                mode => 644,
> +		notify => Service[dnsmasq],
> +		require => Package[dnsmasq]
> +        }
> +}
> +
> +
> diff --git a/installer/modules/ovirt/templates/digest_line.erb
b/installer/modules/ovirt/templates/digest_line.erb
> new file mode 100644
> index 0000000..4e98708
> --- /dev/null
> +++ b/installer/modules/ovirt/templates/digest_line.erb
> @@ -0,0 +1,4 @@
> +<%  require 'digest/sha1' -%>
> +<% token =
"#{digest_username}:#{digest_realm}:#{digest_password}" -%>
> +<% digested_password = Digest::MD5.hexdigest(token) -%>
> +<%= digest_username -%>:<%= digest_realm -%>:<%=
digested_password -%>
> diff --git a/installer/modules/ovirt/templates/ovirt-dhcp.conf.erb
b/installer/modules/ovirt/templates/ovirt-dhcp.conf.erb
> new file mode 100644
> index 0000000..e10db40
> --- /dev/null
> +++ b/installer/modules/ovirt/templates/ovirt-dhcp.conf.erb
> @@ -0,0 +1,9 @@
> +interface=<%= dhcp_interface %>
> +dhcp-range=<%= dhcp_network %>.<%= dhcp_start %>,<%=
dhcp_network%>.<%= dhcp_stop %>
> +domain=<%= dhcp_domain %>
> +dhcp-option=option:router,<%= prov_network_gateway %>
> +dhcp-option=option:ntp-server,<%= ntp_server %>
> +dhcp-option=12
> +no-resolv
> +local=/<%= dhcp_domain %>/
> +server=<%= prov_dns_server %>
> diff --git a/installer/modules/ovirt/templates/ovirt-dns.conf.erb
b/installer/modules/ovirt/templates/ovirt-dns.conf.erb
> new file mode 100644
> index 0000000..ae3eb48
> --- /dev/null
> +++ b/installer/modules/ovirt/templates/ovirt-dns.conf.erb
> @@ -0,0 +1,7 @@
> +srv-host=_ovirt._tcp,<%= ovirt_host %>,80
> +srv-host=_ipa._tcp,<%= ipa_host %>,80
> +srv-host=_ldap._tcp,<%= ipa_host %>,389
> +srv-host=_collectd._tcp,<%= ovirt_host %>,25826
> +srv-host=_qpidd._tcp,<%= ovirt_host %>,5672
> +srv-host=_identify._tcp,<%= ovirt_host %>,12120
> +
> diff --git a/installer/modules/ovirt/templates/ovirt-tftp.conf.erb
b/installer/modules/ovirt/templates/ovirt-tftp.conf.erb
> new file mode 100644
> index 0000000..3fa40f8
> --- /dev/null
> +++ b/installer/modules/ovirt/templates/ovirt-tftp.conf.erb
> @@ -0,0 +1,3 @@
> +enable-tftp
> +tftp-root=/var/lib/tftpboot
> +dhcp-boot=pxelinux.0
> diff --git a/ovirt-server.spec.in b/ovirt-server.spec.in
> index 79a5adf..647794d 100644
> --- a/ovirt-server.spec.in
> +++ b/ovirt-server.spec.in
> @@ -1,5 +1,6 @@
>  %define pbuild %{_builddir}/%{name}-%{version}
>  %define app_root %{_datadir}/%{name}
> +%define acehome  %{_datadir}/ace
>  
>  Summary: oVirt Server Suite
>  Name: ovirt-server
> @@ -45,10 +46,19 @@ BuildArch: noarch
>  BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-buildroot
>  URL: http://ovirt.org/
>  
> -%description
> +%package installer
> +Summary: Installer modules for the oVirt Server Suite
> +Requires: ruby(abi) = 1.8
> +Requires: ace
> +Requires: ace-postgres
> +Requires: hal
>  
> +%description
>  The Server Suite for oVirt.
>  
> +%description installer
> +The Installer for the ovirt server suite
> +
>  %prep
>  %setup -q
>  
> @@ -59,6 +69,7 @@ test "x$RPM_BUILD_ROOT" != "x"
&& rm -rf $RPM_BUILD_ROOT
>  mkdir %{buildroot}
>  
>  %{__install} -d -m0755 %{buildroot}%{_bindir}
> +%{__install} -d -m0755 %{buildroot}%{_datadir}
>  %{__install} -d -m0755 %{buildroot}%{_sbindir}
>  %{__install} -d -m0755 %{buildroot}%{_initrddir}
>  %{__install} -d -m0755 %{buildroot}%{_sysconfdir}/sysconfig
> @@ -69,6 +80,7 @@ mkdir %{buildroot}
>  %{__install} -d -m0755 %{buildroot}%{_localstatedir}/log/%{name}
>  %{__install} -d -m0755 %{buildroot}%{_localstatedir}/run/%{name}
>  %{__install} -d -m0755 %{buildroot}%{app_root}
> +%{__install} -d -m0755 %{buildroot}/%{acehome}
>  
>  touch %{buildroot}%{_localstatedir}/log/%{name}/mongrel.log
>  touch %{buildroot}%{_localstatedir}/log/%{name}/rails.log
> @@ -114,6 +126,11 @@ touch
%{buildroot}%{_localstatedir}/log/%{name}/db-omatic.log
>  %{__mkdir} %{buildroot}%{_localstatedir}/lib/%{name}/tmp
>  %{__ln_s} %{_localstatedir}/lib/%{name}/tmp %{buildroot}%{app_root}/tmp
>  
> +# Set up the installer
> +%{__cp} -pr %{pbuild}/installer/modules %{buildroot}/%{acehome}
> +%{__cp} -pr %{pbuild}/installer/bin/ovirt-installer
%{buildroot}%{_sbindir}
> +
> +
>  %clean
>  rm -rf $RPM_BUILD_ROOT
>  
> @@ -193,6 +210,10 @@ fi
>  %config(noreplace) %{_sysconfdir}/%{name}/production.rb
>  %config(noreplace) %{_sysconfdir}/%{name}/test.rb
>  
> +%files installer
> +%{_sbindir}/ovirt-installer
> +%{acehome}
> +
>  %changelog
>  * Thu May 29 2008 Alan Pevec <apevec at redhat.com> - 0.0.5-0
>  - use rubygem-krb5-auth
>

This is resend of the three earlier patches. I have combined them into a single
patch,
and addressed all the comments with the following excpetions:

- Passwords are stills stored on the file system. I will add a patch ont this.
- Changelog was not updtaed, since that seems to get done at release time.

-- bk


---
 Makefile.am                                        |    3 +-
 .../appliances/ovirt-appliance/ovirt-appliance.pp  |   44 +++
 installer/bin/ovirt-installer                      |  288 ++++++++++++++++++++
 installer/modules/ovirt/files/collectd.conf        |   23 ++
 installer/modules/ovirt/files/dns_entries.sh       |    2 +
 installer/modules/ovirt/files/modules.conf         |   96 +++++++
 installer/modules/ovirt/files/qpidd.conf           |    4 +
 installer/modules/ovirt/manifests/cobbler.pp       |  126 +++++++++
 installer/modules/ovirt/manifests/dhcp.pp          |   34 +++
 installer/modules/ovirt/manifests/dns.pp           |   99 +++++++
 installer/modules/ovirt/manifests/freeipa.pp       |  103 +++++++
 installer/modules/ovirt/manifests/init.pp          |    9 +
 installer/modules/ovirt/manifests/ovirt.pp         |  154 +++++++++++
 installer/modules/ovirt/manifests/postgres.pp      |  114 ++++++++
 installer/modules/ovirt/manifests/tftp.pp          |   31 ++
 installer/modules/ovirt/templates/digest_line.erb  |    4 +
 .../modules/ovirt/templates/ovirt-dhcp.conf.erb    |    9 +
 .../modules/ovirt/templates/ovirt-dns.conf.erb     |    7 +
 .../modules/ovirt/templates/ovirt-tftp.conf.erb    |    3 +
 ovirt-server.spec.in                               |   25 ++-
 20 files changed, 1176 insertions(+), 2 deletions(-)
 create mode 100644 installer/appliances/ovirt-appliance/ovirt-appliance.pp
 create mode 100755 installer/bin/ovirt-installer
 create mode 100644 installer/modules/ovirt/files/collectd.conf
 create mode 100755 installer/modules/ovirt/files/dns_entries.sh
 create mode 100644 installer/modules/ovirt/files/modules.conf
 create mode 100644 installer/modules/ovirt/files/qpidd.conf
 create mode 100644 installer/modules/ovirt/manifests/cobbler.pp
 create mode 100644 installer/modules/ovirt/manifests/dhcp.pp
 create mode 100644 installer/modules/ovirt/manifests/dns.pp
 create mode 100644 installer/modules/ovirt/manifests/freeipa.pp
 create mode 100644 installer/modules/ovirt/manifests/init.pp
 create mode 100644 installer/modules/ovirt/manifests/ovirt.pp
 create mode 100644 installer/modules/ovirt/manifests/postgres.pp
 create mode 100644 installer/modules/ovirt/manifests/tftp.pp
 create mode 100644 installer/modules/ovirt/templates/digest_line.erb
 create mode 100644 installer/modules/ovirt/templates/ovirt-dhcp.conf.erb
 create mode 100644 installer/modules/ovirt/templates/ovirt-dns.conf.erb
 create mode 100644 installer/modules/ovirt/templates/ovirt-tftp.conf.erb

diff --git a/Makefile.am b/Makefile.am
index e11e636..f115c8f 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -23,7 +23,8 @@ EXTRA_DIST =			\
   ovirt-server.spec.in	\
   scripts				\
   conf					\
-  src
+  src					\
+  installer
 
 DISTCLEANFILES = $(PACKAGE)-$(VERSION).tar.gz
 
diff --git a/installer/appliances/ovirt-appliance/ovirt-appliance.pp
b/installer/appliances/ovirt-appliance/ovirt-appliance.pp
new file mode 100644
index 0000000..630fa7f
--- /dev/null
+++ b/installer/appliances/ovirt-appliance/ovirt-appliance.pp
@@ -0,0 +1,44 @@
+# Sample file as if the user had run the ovirt-installer program
+import 'ovirt'
+import 'firewall'
+
+firewall::setup{'setup': status => 'disabled'}
+
+# dns configuration
+$mgmt_ipaddr = '192.168.222.211'
+$prov_ipaddr = ''
+$ovirt_host = 'management.priv.ovirt.org'
+$ipa_host = 'management.priv.ovirt.org'
+
+dns::bundled{setup: mgmt_ipaddr=> $mgmt_ipaddr, prov_ipaddr=>
$prov_ipaddr, mgmt_dev => 'eth0', prov_dev => 'eth1'}
+
+# dhcp configuration
+$dhcp_interface = 'eth1'
+$dhcp_network = '192.168.50'
+$dhcp_start = '3'
+$dhcp_stop = '10'
+$dhcp_domain = 'priv.ovirt.org'
+$ntp_server = '192.168.222.211'
+
+$prov_dns_server = ''
+$prov_network_gateway = '192.168.50.1'
+# cobbler configuration
+$cobbler_hostname = 'localhost'
+$cobbler_user_name = 'cobbler'
+$cobbler_user_password = 'cobbler'
+
+# postgres configuration
+$db_username = 'ovirt'
+$db_password = 'cobbler'
+
+# FreeIPA configuration
+$realm_name = 'priv.ovirt.org'
+$freeipa_password = 'password'
+$ldap_dn = 'cn=ipaConfig,cn=etc,dc=priv,dc=ovirt,dc=org'
+
+include cobbler::bundled
+include dhcp::bundled
+include tftp::bundled
+include postgres::bundled
+include freeipa::bundled
+include ovirt::setup
diff --git a/installer/bin/ovirt-installer b/installer/bin/ovirt-installer
new file mode 100755
index 0000000..65dc522
--- /dev/null
+++ b/installer/bin/ovirt-installer
@@ -0,0 +1,288 @@
+#!/usr/bin/ruby
+#--
+##  Copyright (C) 2008 Red Hat Inc.
+##
+##  This library is free software; you can redistribute it and/or
+##  modify it under the terms of the GNU Lesser General Public
+##  License as published by the Free Software Foundation; either
+##  version 2.1 of the License, or (at your option) any later version.
+##
+##  This library is distributed in the hope that it will be useful,
+##  but WITHOUT ANY WARRANTY; without even the implied warranty of
+##  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+##  Lesser General Public License for more details.
+##
+##  You should have received a copy of the GNU Lesser General Public
+##  License along with this library; if not, write to the Free Software
+##  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA
+##
+## Author: Joey Boggs <jboggs at redhat.com>
+##--
+## oVirt Installation Script
+
+require 'socket'
+require 'fileutils'
+require 'erb'
+require 'rubygems'
+require 'highline'
+
+#
+# Input output controls
+#
+
+ at cli = HighLine.new()
+
+# prompt a user for a non-blank answer
+def prompt_for_answer(prompt, options={})
+    default = options[:default]
+    expression = options[:regex]
+    password = options[:password]
+    prompt = "\n#{prompt} "
+
+    answer = @cli.ask(prompt, String) do |q|
+      q.default                  = default if default
+      q.validate                 = expression if expression
+      q.echo                     = "*" if password
+      q.responses[:not_valid]    = 'Please enter a valid value.'
+      q.responses[:ask_on_error] = :question
+    end
+
+    return answer
+end
+
+# Allow a user to enter a Yes/No
+# And repeat the prompt until they do
+def prompt_yes_no(prompt, options={})
+    default = options[:default]
+    prompt = "\n#{prompt} "
+
+    answer = @cli.ask(prompt, lambda { |yn| yn.downcase[0] == ?y}) do |q|
+      q.default                  = default
+      q.validate                 = /\Ay(?:es)?|no?\Z/i
+      q.responses[:not_valid]    = 'Please enter "yes" or
"no".'
+      q.responses[:ask_on_error] = :question
+      q.whitespace               = :chomp
+    end
+
+    return answer ? "y" : "n"
+end
+
+#
+# The real script begins here
+#
+
+# These regular expressions will be used to
+# validate the user input
+IP =
/^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$/
+THREE_OCTETS =
/^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){2}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$/
+FQDN =
/(?=^.{1,254}$)(^(?:(?!\d+\.)[a-zA-Z0-9_\-]{1,63}\.?)+(?:[a-zA-Z]{2,})$)/
+IP_OR_FQDN =
/(?=^.{1,254}$)(^((?:(?!\d+\.)[a-zA-Z0-9_\-]{1,63}\.?)+(?:[a-zA-Z]{2,})|(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))$)/
+OCTET = /^([01]?[0-9]?[0-9]|2[0-4][0-9]|25[0-5])$/
+
+# Print a friendly welcome message
+welcome =  "This installer will configure the ovirt installation based on
a series\n\
+of questions. When complete, you will be asked to install oVirt or\n\
+do the installation manually. Would you like to continue?"
+
+if (prompt_yes_no(welcome, :default => "y") == "n")
+    exit(0)
+end
+
+
+if File.exist?("/usr/sbin/sestatus")
+    sestatus = `/usr/sbin/sestatus`
+    if sestatus !~ /(Current mode:                   permissive|Current mode:  
disabled|SELinux status:                 disabled|SELinux status:               
permissive)/
+        puts "SELinux enabled, please disable or set in permissive mode
permanently by editing"
+        puts "/etc/selinux/config and rebooting"
+        exit
+    end
+end
+
+# Networking Configuration
+dev_ct = 0
+net_devs = `hal-find-by-capability --capability net`
+net_devs.each_line do |dev|
+    dev_ct = dev_ct + 1
+end
+
+if dev_ct == 0
+    @cli.say("Unable to install without a network interface")
+    exit
+else
+    puts ""
+    @cli.say("Below are the detected networking devices\n\n")
+    @cli.say("mac address           interface        ip address")
+    net_devs.each_line do |dev|
+        dev = dev.chomp
+        interface = `hal-get-property --udi #{dev} --key net.interface`
+        mac = `hal-get-property --udi #{dev} --key net.address`
+        ip = `ifconfig #{interface}`
+        ipaddr = ip.scan(/\s*inet addr:([\d.]+)/)
+        puts (mac.chop + "   :   " + interface.chop   +  "    : 
" + ipaddr.to_s) if interface.chop != "lo"
+    end
+end
+
+mgmt_dev = prompt_for_answer("Enter your management interface (example:
eth0):")
+prov_dev = prompt_for_answer("Enter your provisioning interface, this may
also be your management interface:", :default => mgmt_dev)
+
+sep_networks = (mgmt_dev == prov_dev) ? "n" : "y"
+
+ovirt_host = prompt_for_answer("Enter the hostname of the oVirt management
server (example: management.example.com):", :regex => IP_OR_FQDN)
+ipa_host = ovirt_host
+
+# DNS Configuration
+ at cli.say( "\nThe following DNS servers were found:")
+File.open('/etc/resolv.conf').each_line{ |line|
+  line = line.chomp
+    puts line if line =~ /nameserver/ and line !~ /nameserver 127.0.0.1/
+}
+dns_servers = prompt_yes_no("Use this systems's dns servers?")
+
+mgmt_ip = `ifconfig #{mgmt_dev}`
+mgmt_ipaddr= mgmt_ip.scan(/\s*inet addr:([\d.]+)/)
+prov_ip = `ifconfig #{prov_dev}`
+prov_ipaddr= prov_ip.scan(/\s*inet addr:([\d.]+)/)
+
+if dns_servers == "y"
+    host_lookup = Socket.getaddrinfo(ipa_host,nil)
+    hostip = host_lookup[1][3]
+    if hostip.to_s != mgmt_ipaddr.to_s
+        @cli.say("Reverse dns lookup for #{ipa_host} failed,
exiting")
+        exit
+    end
+end
+
+# DHCP Configuration
+dhcp_setup = prompt_yes_no("Does your provisioning network already have
dhcp?")
+if dhcp_setup == "n"
+    dhcp_interface = prov_dev
+    dhcp_network = prompt_for_answer("Enter the first 3 octets of the dhcp
network you wish to use (example: 192.168.50):", :regex => THREE_OCTETS)
+    dhcp_start = prompt_for_answer("Enter the dhcp pool start address
(example: 3):", :regex => OCTET)
+    dhcp_stop = prompt_for_answer("Enter the dhcp pool end addess
(example: 100):", :regex => OCTET)
+    dhcp_domain = prompt_for_answer("Enter the dhcp domain you wish to use
(example: example.com):", :regex => IP_OR_FQDN)
+    tftp_setup = prompt_yes_no("Provide pxe/tftp capability?")
+
+    if sep_networks == "y"
+        prov_ip = `ifconfig #{prov_dev}`
+        prov_dns_server = prov_ip.scan(/\s*inet addr:([\d.]+)/)
+        prov_network_gateway = prompt_for_answer("Enter the network
gateway for your provisioning network (example: 192.168.50.254):", :regex
=> IP_OR_FQDN)
+    end
+end
+
+# Cobbler Configuration
+cobbler_setup = prompt_yes_no("Do you have a cobbler already that you wish
to use?")
+
+if cobbler_setup == "y"
+    cobbler_hostname = prompt_for_answer("Enter the hostname of your
cobbler server:", :regex => IP_OR_FQDN)
+elsif cobbler_setup == "n"
+    cobbler_hostname = "localhost"
+    @cli.say("\nWe will setup a cobbler instance, please provide the
following information")
+end
+
+cobbler_user_name= prompt_for_answer("Enter your cobbler username:")
+cobbler_user_password = prompt_for_answer("Enter your cobbler user
password:", :password => true)
+
+# Postgres Configuration
+db_username = "ovirt"
+db_password = prompt_for_answer("Enter a password for the ovirt postgres
account:", :password => true)
+
+# FreeIPA Configuration
+realm_name = prompt_for_answer("Enter your realm name (example:
example.com):", :regex => FQDN)
+
+freeipa_password = prompt_for_answer("NOTE: The following pasword will
also be you ovirtadmin password for the web management login\n\
+Enter an administrator password for FreeIPA:", :password => true)
+ldap_dn = "cn=ipaConfig,cn=etc,"
+ldap_dn_temp = realm_name.split(".")
+ldap_dn_temp.each do |i|
+    ldap_dn += "dc=#{i},"
+end
+ldap_dn = ldap_dn.chop
+
+
+#
+# Use ERB to spit out the puppet file whcih is used by ace.
+#
+
+# Create the template
+template = <<END_OF_TEMPLATE
+# Configurations script generated by ovirt-installer
+# at <%= Time.now().to_s() %>
+#
+
+import 'ovirt'
+import 'firewall'
+firewall::setup{'setup':
+    status => 'disabled'
+}
+
+#DNS Configuration
+$mgmt_ipaddr = '<%= mgmt_ipaddr %>'
+$prov_ipaddr = '<%= prov_ipaddr %>'
+$ovirt_host = '<%= ovirt_host %>'
+$ipa_host = '<%= ipa_host %>'
+
+<% if dns_servers == "n" %>
+dns::bundled{setup:
+<% else %>
+dns::remote{setup:
+<% end %>
+    mgmt_ipaddr=> $mgmt_ipaddr,
+    prov_ipaddr=> $prov_ipaddr,
+    mgmt_dev => '<%= mgmt_dev %>',
+    prov_dev => '<%= prov_dev %>'
+}
+
+# DHCP Configuration
+<% if dhcp_setup == "n" %>
+$dhcp_interface = '<%= dhcp_interface %>'
+$dhcp_network = '<%= dhcp_network %>'
+$dhcp_start = '<%= dhcp_start %>'
+$dhcp_stop = '<%= dhcp_stop %>'
+$dhcp_domain = '<%= dhcp_domain %>'
+$ntp_server = '<%= mgmt_ipaddr %>'
+<% if tftp_setup == "y" %>
+include tftp::bundled
+<% end %>
+<% if sep_networks == "y" %>
+$prov_dns_server = '<%= prov_dns_server %>'
+$prov_network_gateway = '<%= prov_network_gateway %>'
+<% end %>
+<% end %>
+
+
+# Cobbler configuration
+$cobbler_hostname = '<%= cobbler_hostname %>'
+$cobbler_user_name = '<%= cobbler_user_name %>'
+$cobbler_user_password = '<%= cobbler_user_password %>'
+
+# Postgres Configuration
+$db_username = '<%= db_username %>'
+$db_password = '<%= db_password %>'
+
+# FreeIPA configuration
+$realm_name = '<%= realm_name %>'
+$freeipa_password = '<%= freeipa_password %>'
+$ldap_dn = '<%= ldap_dn %>'
+
+<% if cobbler_setup == "n" %>
+include cobbler::bundled
+<% else %>
+include cobbler::remote
+<% end %>
+<% if dhcp_setup == "n" %>
+include dhcp::bundled
+<% end %>
+include postgres::bundled
+include freeipa::bundled
+include ovirt::setup
+END_OF_TEMPLATE
+
+# Generate the file and output it.
+FileUtils.mkdir_p("/usr/share/ace/appliances/ovirt")
+config_file = File.new("/usr/share/ace/appliances/ovirt/ovirt.pp",
"w")
+config_file.write(ERB.new(template, 0, "%>").result)
+config_file.close()
+
+
+# Give a friendly reminder about what to do next
+puts "\nTo start the installation run:    ace install ovirt"
diff --git a/installer/modules/ovirt/files/collectd.conf
b/installer/modules/ovirt/files/collectd.conf
new file mode 100644
index 0000000..0b327de
--- /dev/null
+++ b/installer/modules/ovirt/files/collectd.conf
@@ -0,0 +1,23 @@
+LoadPlugin network
+LoadPlugin logfile
+LoadPlugin rrdtool
+LoadPlugin unixsock
+
+<Plugin logfile>
+        LogLevel info
+        File STDOUT
+</Plugin>
+
+<Plugin network>
+        Listen "0.0.0.0"
+</Plugin>
+
+<Plugin rrdtool>
+        DataDir "/var/lib/collectd/rrd"
+        CacheTimeout 120
+        CacheFlush   900
+</Plugin>
+
+<Plugin unixsock>
+        SocketFile "/var/lib/collectd/unixsock"
+</Plugin>
diff --git a/installer/modules/ovirt/files/dns_entries.sh
b/installer/modules/ovirt/files/dns_entries.sh
new file mode 100755
index 0000000..65662d5
--- /dev/null
+++ b/installer/modules/ovirt/files/dns_entries.sh
@@ -0,0 +1,2 @@
+#!/bin/bash
+for i in `seq $1 $2` ; do echo $3.$i node$i.$4 >> /etc/hosts; done
diff --git a/installer/modules/ovirt/files/modules.conf
b/installer/modules/ovirt/files/modules.conf
new file mode 100644
index 0000000..236ef4c
--- /dev/null
+++ b/installer/modules/ovirt/files/modules.conf
@@ -0,0 +1,96 @@
+# specifies what cobbler modules to load.
+
+# what file/data formats to use for metadata
+#
+# choices:
+#    serializer_catalog (fast, uses .d directories in /var/lib/cobbler/config)
+#    serializer_yaml (original serializer, uses a few text files)
+#
+# for 99% or more of all installations, use serializer_catalog.
+#
+# NOTE:  serializer changes may remove your ability to access old data.
+# serializer_yaml users can change to serializer_catalog w/o manual
+# migration steps.  Other changes are for new installs only.
+
+[serializers]
+settings = serializer_catalog
+distro = serializer_catalog
+profile = serializer_catalog
+system = serializer_catalog
+repo = serializer_catalog
+image = serializer_catalog
+
+# policy: what users can log into the WebUI and Read-Write XMLRPC?
+#
+# choices:
+#    authn_denyall    -- no one (default)
+#    authn_configfile -- use /etc/cobbler/users.digest (for basic setups)
+#    authn_passthru   -- ask Apache to handle it (used for kerberos)
+#    authn_ldap       -- authenticate against LDAP
+#    authn_spacewalk  -- ask Spacewalk/Satellite (experimental)
+#    authn_testing    -- username/password is always testing/testing (debug)
+#    (user supplied)  -- you may write your own module
+#
+# WARNING: this is a security setting, do not choose an option blindly.
+#
+# for more information:
+# https://fedorahosted.org/cobbler/wiki/CobblerWebInterface
+# https://fedorahosted.org/cobbler/wiki/CustomizableSecurity
+# https://fedorahosted.org/cobbler/wiki/CobblerWithKerberos
+# https://fedorahosted.org/cobbler/wiki/CobblerWithLdap
+
+[authentication]
+module = authn_configfile
+
+# policy: once a user has been cleared by the WebUI/XMLRPC, what can they do?
+#
+# choices:
+#    authz_allowall   -- full access for all authneticated users (default)
+#    authz_configfile -- determined by /etc/cobbler/users.conf
+#    authz_ownership  -- use users.conf, but add object ownership semantics
+#    (user supplied)  -- you may write your own module
+#
+# WARNING: this is a security setting, do not choose an option blindly.
+#
+# for more information:
+# https://fedorahosted.org/cobbler/wiki/CobblerWebInterface
+# https://fedorahosted.org/cobbler/wiki/CustomizableSecurity
+# https://fedorahosted.org/cobbler/wiki/CustomizableAuthorization
+# https://fedorahosted.org/cobbler/wiki/AuthorizationWithOwnership
+
+[authorization]
+module = authz_allowall
+
+# chooses the DNS management engine if manage_dns is enabled
+# in /etc/cobbler/settings, which is off by default.
+#
+# choices:
+#    manage_bind    -- default, uses BIND/named
+#    manage_dnsmasq -- uses dnsmasq, also must select dnsmasq for dhcp below
+#
+# NOTE: more configuration is still required in /etc/cobbler
+#
+# for more information:
+# https://fedorahosted.org/cobbler/wiki/ManageDns
+
+[dns]
+module = manage_bind
+
+# chooses the DHCP management engine if manage_dhcp is enabled
+# in /etc/cobbler/settings, which is off by default.
+#
+# choices:
+#    manage_isc     -- default, uses ISC dhcpd
+#    manage_dnsmasq -- uses dnsmasq, also must select dnsmasq for dns above
+#
+# NOTE: more configuration is still required in /etc/cobbler
+#
+# for more information:
+# https://fedorahosted.org/cobbler/wiki/ManageDhcp
+
+[dhcp]
+module = manage_isc
+
+
+
+
diff --git a/installer/modules/ovirt/files/qpidd.conf
b/installer/modules/ovirt/files/qpidd.conf
new file mode 100644
index 0000000..014b23c
--- /dev/null
+++ b/installer/modules/ovirt/files/qpidd.conf
@@ -0,0 +1,4 @@
+# Configuration file for qpidd. Entries are of the form:
+#  name = value
+# Using default settings: "qpidd --help" or "man qpidd" for
more details.
+auth=no
diff --git a/installer/modules/ovirt/manifests/cobbler.pp
b/installer/modules/ovirt/manifests/cobbler.pp
new file mode 100644
index 0000000..ca83b38
--- /dev/null
+++ b/installer/modules/ovirt/manifests/cobbler.pp
@@ -0,0 +1,126 @@
+#--
+#  Copyright (C) 2008 Red Hat Inc.
+#
+#  This library is free software; you can redistribute it and/or
+#  modify it under the terms of the GNU Lesser General Public
+#  License as published by the Free Software Foundation; either
+#  version 2.1 of the License, or (at your option) any later version.
+#
+#  This library is distributed in the hope that it will be useful,
+#  but WITHOUT ANY WARRANTY; without even the implied warranty of
+#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+#  Lesser General Public License for more details.
+#
+#  You should have received a copy of the GNU Lesser General Public
+#  License along with this library; if not, write to the Free Software
+#  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA
+#
+# Author: Joey Boggs <jboggs at redhat.com>
+#--
+
+import "appliance_base"
+#import "firewall"
+
+
+define apache_htdigest($digest_file, $digest_username, $digest_password,
$digest_realm="")
+{
+       
file_append{"add_htdigest_for_$digest_username_in_$digest_realm":
+                                file    => $digest_file,
+                                line    =>
template("ovirt/digest_line.erb")
+        }
+
+}
+
+
+define
cobbler_user_config($cobbler_user_name="",$cobbler_user_password="",$cobbler_hostname="")
{
+
+	file_replacement{"cobbler_user_name_config":
+	        file => "/usr/share/ovirt-server/config/cobbler.yml",
+	        pattern => "^username.*$",
+	        replacement => "username: $cobbler_user_name",
+		require => Package[ovirt-server]
+        }
+
+	file_replacement{"cobbler_user_password_config":
+		file => "/usr/share/ovirt-server/config/cobbler.yml",
+		pattern => "^password.*$",
+	        replacement => "password: $cobbler_user_password",
+		require => File_replacement[cobbler_user_name_config]
+        }
+        file_replacement{"cobbler_hostname_config":
+                file =>
"/usr/share/ovirt-server/config/cobbler.yml",
+                pattern => "^hostname.*$",
+                replacement => "hostname: $cobbler_hostname",
+		require => File_replacement[cobbler_user_name_config]
+        }
+
+}
+
+class cobbler::bundled {
+	package {"cobbler":
+		ensure => installed
+	}
+
+	apache_htdigest{"cobbler_add_user":
+	        digest_file => "/etc/cobbler/users.digest",
+	        digest_username => "$cobbler_user_name",
+	        digest_password => "$cobbler_user_password",
+	        digest_realm => "Cobbler",
+		require => Package[cobbler]
+	}
+
+        cobbler_user_config {"cobbler_bundled_user":
+                cobbler_user_name=> "$cobbler_user_name",
+                cobbler_user_password => "$cobbler_user_password",
+                cobbler_hostname => "localhost",
+		require => Package[cobbler]
+        }
+
+	file_replacement{"settings_ip_address":
+		file => "/etc/cobbler/settings",
+		pattern	=> "127.0.0.1",
+		replacement => $ipaddress,
+		notify => Service[cobblerd],
+		require => Package[cobbler]
+	}
+
+	file_replacement{"settings_xml_rpc":
+		file => "/etc/cobbler/settings",
+		pattern	=> "xmlrpc_rw_enabled: 0",
+		replacement => "xmlrpc_rw_enabled: 1",
+		require => File_replacement[settings_ip_address],
+		notify=> Service[cobblerd]
+        }
+
+	service {"cobblerd" :
+		ensure => running,
+		enable => true,
+		require => File_replacement[settings_ip_address]
+	}
+
+    file {"/etc/cobbler/modules.conf":
+        source => "puppet:///ovirt/modules.conf",
+        notify	 	=> Service[cobblerd],
+        require => Package["cobbler"]
+    }
+
+#       firewall_rule{"69": destination_port => "69"}
+#	firewall_rule{"25150": destination_port => "25150"}
+#	firewall_rule{"25151": destination_port => "25151"}
+
+}
+
+class cobbler::remote {
+
+#    On the remote cobbler server run the following command:
+#    htdigest /etc/cobbler/users.digest "Cobbler" $user_name
+#    Ensure the password is set to $cobbler_user_password
+
+
+        cobbler_user_config {"cobbler_remote_user":
+                cobbler_user_name => "$cobbler_user_name",
+                cobbler_user_password => "$cobbler_user_password",
+                cobbler_hostname => "$cobbler_hostname"
+        }
+}
+
diff --git a/installer/modules/ovirt/manifests/dhcp.pp
b/installer/modules/ovirt/manifests/dhcp.pp
new file mode 100644
index 0000000..c5c8f9a
--- /dev/null
+++ b/installer/modules/ovirt/manifests/dhcp.pp
@@ -0,0 +1,34 @@
+#--
+#  Copyright (C) 2008 Red Hat Inc.
+#
+#  This library is free software; you can redistribute it and/or
+#  modify it under the terms of the GNU Lesser General Public
+#  License as published by the Free Software Foundation; either
+#  version 2.1 of the License, or (at your option) any later version.
+#
+#  This library is distributed in the hope that it will be useful,
+#  but WITHOUT ANY WARRANTY; without even the implied warranty of
+#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+#  Lesser General Public License for more details.
+#
+#  You should have received a copy of the GNU Lesser General Public
+#  License along with this library; if not, write to the Free Software
+#  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA
+#
+# Author: Joey Boggs <jboggs at redhat.com>
+#--
+
+class dhcp::bundled {
+
+        file {"/etc/dnsmasq.d/ovirt-dhcp.conf":
+                content => template("ovirt/ovirt-dhcp.conf.erb"),
+                mode => 644,
+		notify => Service[dnsmasq],
+		require => Package[dnsmasq]
+        }
+
+	single_exec {"dns_entries":
+                command =>
"/usr/share/ace/modules/ovirt/files/dns_entries.sh $dhcp_start $dhcp_stop
$dhcp_network $dhcp_domain",
+	}
+
+}
diff --git a/installer/modules/ovirt/manifests/dns.pp
b/installer/modules/ovirt/manifests/dns.pp
new file mode 100644
index 0000000..5326c7c
--- /dev/null
+++ b/installer/modules/ovirt/manifests/dns.pp
@@ -0,0 +1,99 @@
+#--
+#  Copyright (C) 2008 Red Hat Inc.
+#
+#  This library is free software; you can redistribute it and/or
+#  modify it under the terms of the GNU Lesser General Public
+#  License as published by the Free Software Foundation; either
+#  version 2.1 of the License, or (at your option) any later version.
+#
+#  This library is distributed in the hope that it will be useful,
+#  but WITHOUT ANY WARRANTY; without even the implied warranty of
+#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+#  Lesser General Public License for more details.
+#
+#  You should have received a copy of the GNU Lesser General Public
+#  License along with this library; if not, write to the Free Software
+#  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA
+#
+# Author: Joey Boggs <jboggs at redhat.com>
+#--
+
+# common featues
+define dns::common($mgmt_ipaddr="",
$prov_ipaddr="",$mgmt_dev="",$prov_dev="") {
+
+    package {"dnsmasq":
+        ensure => installed,
+        require => [Single_exec["add_dns_server_to_resolv.conf"]]
+    }
+
+    service {"dnsmasq" :
+            ensure => running,
+            enable => true,
+            require => [File["/etc/dnsmasq.d/ovirt-dns.conf"],
Package["dnsmasq"]]
+    }
+
+    file {"/etc/dnsmasq.d/ovirt-dns.conf":
+            content => template("ovirt/ovirt-dns.conf.erb"),
+            mode => 644,
+            notify => Service[dnsmasq],
+            require => Package["dnsmasq"]
+    }
+
+    single_exec {"add_dns_server_to_resolv.conf":
+        command => "/bin/sed -e '1i nameserver $prov_ipaddr' -i
/etc/resolv.conf",
+        require => [Single_exec["set_hostname"]]
+    }
+
+
+    file_replacement {"dnsmasq_configdir":
+        file => "/etc/dnsmasq.conf",
+        pattern => "^#conf-dir=*$",
+        replacement => "conf-dir=/etc/dnsmasq.d",
+        notify => Service[dnsmasq],
+        require => Package["dnsmasq"]
+    }
+
+    file {"/etc/dhclient.conf":
+        ensure => present
+    }
+
+    file_append {"dhclient_config":
+        file => "/etc/dhclient.conf",
+        line => "prepend domain-name-servers $prov_ipaddr",
+        require => [Single_exec["set_hostname"],
Package["dnsmasq"], File["/etc/dhclient.conf"]]  ,
+        notify => Service[dnsmasq],
+    }
+
+}
+
+define dns::bundled($mgmt_ipaddr="",
$prov_ipaddr="",$mgmt_dev="",$prov_dev="") {
+
+    dns::common{"setup": mgmt_ipaddr=>$mgmt_ipaddr,
prov_ipaddr=>$prov_ipaddr, mgmt_dev=>$mgmt_dev, prov_dev=>$prov_dev}
+
+	single_exec {"add_mgmt_server_to_etc_hosts":
+		command => "/bin/echo $mgmt_ipaddr $ipa_host >>
/etc/hosts",
+		notify => [Service[dnsmasq],
Single_exec["add_dns_server_to_resolv.conf"]]
+	}
+}
+
+define dns::remote($mgmt_ipaddr="",
$prov_ipaddr="",$mgmt_dev="",$prov_dev="") {
+
+#    On the pxe server you will need to ensure that the
+#    next server option points to the ip address of the tftp server
+
+# The following SRV records must be present in the dns server for everything
+# to function properly. Replace example.com with the appropriate domain
+
+#	_ovirt._tcp.example.com.    SRV 0 5 80 ovirtwuiserver.example.com.
+#	_ipa._tcp.example.com.      SRV 0 5 80 ipaserver.example.com.
+#	_ldap._tcp.example.com.     SRV 0 5 389 ldapserver.example.com.
+#	_collectd._tcp.example.com. SRV 0 5 25826 ovirtwuiserver.example.com.
+#	_qpidd._tcp.example.com.    SRV 0 5 5672 ovirtwuiserver.example.com.
+#	_identify._tcp.example.com. SRV 0 5 12120 ovirtwuiserver.example.com.
+
+# Also A records must be present for each oVirt node. Without this they are
unable
+# to determine their hostname and locate the management server.
+
+    dns::common{"setup": mgmt_ipaddr=>$mgmt_ipaddr,
prov_ipaddr=>$prov_ipaddr, mgmt_dev=>$mgmt_dev, prov_dev=>$prov_dev}
+
+}
diff --git a/installer/modules/ovirt/manifests/freeipa.pp
b/installer/modules/ovirt/manifests/freeipa.pp
new file mode 100644
index 0000000..f639d46
--- /dev/null
+++ b/installer/modules/ovirt/manifests/freeipa.pp
@@ -0,0 +1,103 @@
+#--
+#  Copyright (C) 2008 Red Hat Inc.
+#
+#  This library is free software; you can redistribute it and/or
+#  modify it under the terms of the GNU Lesser General Public
+#  License as published by the Free Software Foundation; either
+#  version 2.1 of the License, or (at your option) any later version.
+#
+#  This library is distributed in the hope that it will be useful,
+#  but WITHOUT ANY WARRANTY; without even the implied warranty of
+#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+#  Lesser General Public License for more details.
+#
+#  You should have received a copy of the GNU Lesser General Public
+#  License along with this library; if not, write to the Free Software
+#  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA
+#
+# Author: Joey Boggs <jboggs at redhat.com>
+#--
+
+class freeipa::bundled{
+
+	package {"ipa-server":
+                ensure => installed,
+		require => [Exec[db_exists_file],Single_exec["set_hostname"]]
+        }
+
+	single_exec {"set_hostname":
+		command => "/bin/hostname $ipa_host",
+	}
+
+        exec {"set_kdc_defaults":
+                command => "/bin/sed -i '/\[kdcdefaults\]/a \
kdc_ports = 88' /usr/share/ipa/kdc.conf.template",
+                require => Package[ipa-server]
+        }
+
+        exec {"replace_line_returns":
+                command => "/bin/sed -i -e 's/^/#/'
/etc/httpd/conf.d/ipa-rewrite.conf",
+                require => Single_Exec[ipa_server_install]
+        }
+
+        file_replacement{"ipa_proxy_config_1":
+               file => "/etc/httpd/conf.d/ipa.conf",
+               pattern => "^<Proxy \*>",
+               replacement => "<ProxyMatch ^.*/ipa/ui.*$>",
+               require => Exec[replace_line_returns]
+        }
+
+        file_replacement{"ipa_proxy_config_2":
+               file => "/etc/httpd/conf.d/ipa.conf",
+               pattern => "^</Proxy>",
+               replacement => "</ProxyMatch>",
+               require => File_replacement[ipa_proxy_config_1],
+               notify => Service[httpd]
+        }
+
+	single_exec {"dnsmasq_restart":
+		command => "/etc/init.d/dnsmasq restart",
+        require => Service["dnsmasq"]
+	}
+
+        single_exec {"ipa_server_install":
+                command => "/usr/sbin/ipa-server-install -r $realm_name
-p $freeipa_password -P $freeipa_password -a $freeipa_password --hostname
$ipa_host -u dirsrv -U",
+                require =>
[Exec[set_kdc_defaults],Single_exec[dnsmasq_restart]]
+        }
+
+        exec {"get_krb5_tkt":
+                command => "/bin/echo
$freeipa_password|/usr/kerberos/bin/kinit admin",
+                require => Single_Exec[ipa_server_install]
+        }
+
+        single_exec {"ipa_modify_username_length":
+		command => "/usr/sbin/ipa-defaultoptions --maxusername=12",
+		require => Exec["get_krb5_tkt"]
+        }
+
+        single_exec {"ipa_add_ovirtadmin_user":
+                command => "/usr/sbin/ipa-adduser -f Ovirt -l Admin -p
$freeipa_password ovirtadmin",
+                require => Single_exec[ipa_modify_username_length]
+        }
+
+        single_exec {"ipa_ovirtadmin_group":
+                command => "/usr/sbin/ipa-modgroup -a ovirtadmin
admins",
+                require => Single_exec[ipa_add_ovirtadmin_user]
+        }
+
+        single_exec {"set_pw_expiration":
+                command => "/usr/sbin/ipa-moduser --setattr
krbPasswordExpiration=19700101000000Z ovirtadmin",
+                require => Single_exec[ipa_ovirtadmin_group]
+        }
+
+#	firewall_rule{"krb5": destination_port => "88"}
+#	firewall_rule {"ldap": destination_port => '389'}
+
+}
+
+class freeipa::remote {
+
+# oVirt is not configured at this time to support a remote freeipa server
+
+}
+
+
diff --git a/installer/modules/ovirt/manifests/init.pp
b/installer/modules/ovirt/manifests/init.pp
new file mode 100644
index 0000000..87f6832
--- /dev/null
+++ b/installer/modules/ovirt/manifests/init.pp
@@ -0,0 +1,9 @@
+import "ovirt/cobbler.pp"
+import "ovirt/dns.pp"
+import "ovirt/dhcp.pp"
+import "ovirt/tftp.pp"
+import "ovirt/freeipa.pp"
+import "ovirt/ovirt.pp"
+import "ovirt/postgres.pp"
+import "appliance_base/single_exec.pp"
+
diff --git a/installer/modules/ovirt/manifests/ovirt.pp
b/installer/modules/ovirt/manifests/ovirt.pp
new file mode 100644
index 0000000..c9d3aee
--- /dev/null
+++ b/installer/modules/ovirt/manifests/ovirt.pp
@@ -0,0 +1,154 @@
+#--
+#  Copyright (C) 2008 Red Hat Inc.
+#
+#  This library is free software; you can redistribute it and/or
+#  modify it under the terms of the GNU Lesser General Public
+#  License as published by the Free Software Foundation; either
+#  version 2.1 of the License, or (at your option) any later version.
+#
+#  This library is distributed in the hope that it will be useful,
+#  but WITHOUT ANY WARRANTY; without even the implied warranty of
+#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+#  Lesser General Public License for more details.
+#
+#  You should have received a copy of the GNU Lesser General Public
+#  License along with this library; if not, write to the Free Software
+#  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA
+#
+# Author: Joey Boggs <jboggs at redhat.com>
+#--
+
+class ovirt::setup {
+
+        package {"ovirt-server":
+		ensure => installed,
+		require => Single_exec[set_pw_expiration]
+	}
+
+	package {"httpd":
+	        ensure => installed;
+	}
+
+	package {"rubygem-rake":
+		ensure => installed;
+	}
+
+	package {"qpidd":
+	        ensure => installed;
+	}
+
+	package {"collectd":
+		ensure => installed;
+	}
+
+	package {"collectd-rrdtool":
+		ensure => installed;
+	}
+
+	package {"libvirt":
+	        ensure => installed;
+	}
+
+	package {"ruby-qpid":
+	        ensure => installed;
+	}
+
+	package {"ntp":
+	        ensure => installed;
+	}
+
+	file {"/etc/collectd.conf":
+		source => "puppet:///ovirt/collectd.conf",
+		notify => Service[collectd],
+        require => Package["collectd-rrdtool"]
+	}
+
+	file {"/etc/qpidd.conf":
+		source => "puppet:///ovirt/qpidd.conf",
+		notify => Service[qpidd]
+	}
+
+	single_exec { "db_migrate" :
+		cwd => "/usr/share/ovirt-server/",
+		command => "/usr/bin/rake db:migrate",
+		require =>
[File["/usr/share/ovirt-server/log"],Package[ovirt-server],Package[rubygem-rake],Postgres_execute_command["ovirt_db_grant_permissions"]],
+        environment => "RAILS_ENV=production"
+	}
+
+	file { "/usr/share/ovirt-server/log" :
+		ensure => directory,
+		require => Package[ovirt-server]
+	}
+
+        single_exec { "create_ovirtadmin_acct" :
+		command => "/usr/share/ovirt-server/script/grant_admin_privileges
ovirtadmin",
+		require => Single_Exec[db_migrate]
+	}
+
+	single_exec { "add_host" :
+		command => "/usr/bin/ovirt-add-host $ipa_host
/usr/share/ovirt-server/ovirt.keytab",
+		require => Package[ovirt-server]
+	}
+
+	exec { "disable_selinux" :
+		command => "/usr/sbin/lokkit --selinux=disabled",
+        require => Package["ovirt-server"]
+	}
+
+	service {"httpd" :
+                enable => true,
+                require => Package[httpd],
+                ensure => running
+        }
+
+	service {"libvirt" :
+                enable => false,
+                require => Package[libvirt],
+        }
+
+        service {"ovirt-host-browser" :
+                enable => true,
+		require => [Package[ovirt-server],Single_Exec[db_migrate]],
+                ensure => running
+        }
+
+        service {"ovirt-host-collect" :
+                enable => true,
+		require => [Package[ovirt-server],Single_Exec[db_migrate]],
+                ensure => running
+        }
+
+        service {"ovirt-mongrel-rails" :
+                enable => true,
+		require => [Package[ovirt-server],Single_Exec[db_migrate]],
+                ensure => running,
+		notify => Service[httpd]
+        }
+
+	service {"ovirt-taskomatic" :
+                enable => true,
+		require => [Package[ovirt-server],Single_Exec[db_migrate]],
+                ensure => running
+        }
+
+        service {"qpidd" :
+                enable => true,
+                ensure => running,
+                require => Package[qpidd]
+                }
+
+        service {"collectd" :
+                enable => true,
+                ensure => running,
+                require => Package[collectd]
+                }
+
+	service {"ntpd" :
+                enable => true,
+                ensure => running,
+		require => Package[ntp]
+                }
+
+#	firewall_rule{"http": destination_port => "80"}
+
+}
diff --git a/installer/modules/ovirt/manifests/postgres.pp
b/installer/modules/ovirt/manifests/postgres.pp
new file mode 100644
index 0000000..af0f31b
--- /dev/null
+++ b/installer/modules/ovirt/manifests/postgres.pp
@@ -0,0 +1,114 @@
+#--
+#  Copyright (C) 2008 Red Hat Inc.
+#
+#  This library is free software; you can redistribute it and/or
+#  modify it under the terms of the GNU Lesser General Public
+#  License as published by the Free Software Foundation; either
+#  version 2.1 of the License, or (at your option) any later version.
+#
+#  This library is distributed in the hope that it will be useful,
+#  but WITHOUT ANY WARRANTY; without even the implied warranty of
+#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+#  Lesser General Public License for more details.
+#
+#  You should have received a copy of the GNU Lesser General Public
+#  License along with this library; if not, write to the Free Software
+#  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA
+#
+# Author: Joey Boggs <jboggs at redhat.com>
+#--
+
+import "postgres"
+import "appliance_base/single_exec.pp"
+
+class postgres::bundled{
+
+
+	package {"postgresql-server":
+                ensure => installed,
+        }
+        package {"ace-postgres":
+		ensure => installed,
+		require => Package[postgresql-server]
+        }
+
+	single_exec {"initialize_db":
+		command => "/sbin/service postgresql initdb",
+		creates => "/var/lib/pgsql/data/pg_hba.conf",
+		require => Package[postgresql-server]
+	}
+
+        service {"postgresql" :
+		ensure => running,
+		enable => true,
+		require => Single_exec[initialize_db]
+        }
+
+        single_exec {"create_ovirt_db":
+		command => "/usr/bin/createdb ovirt",
+		require => [Exec[postgres_add_all_trust], Service[postgresql]],
+		user => "postgres"
+        }
+
+	single_exec {"create_ovirt_development_db":
+                command => "/usr/bin/createdb ovirt_development",
+                require => [Exec[postgres_add_all_trust],
Service[postgresql]],
+                user => "postgres"
+        }
+
+	postgres_execute_command {"ovirt_db_create_role":
+		cmd => "CREATE ROLE ovirt LOGIN PASSWORD '$db_password'
NOINHERIT VALID UNTIL 'infinity'",
+		database => "ovirt",
+                require => Single_Exec[create_ovirt_db]
+        }
+
+	postgres_execute_command {"ovirt_db_grant_permissions":
+		cmd => "GRANT ALL ON DATABASE ovirt TO ovirt;",
+		database => "ovirt",
+                require => Postgres_execute_command[ovirt_db_create_role]
+        }
+
+	exec {"postgres_add_all_trust":
+                command => "/bin/echo 'local all all trust'
> /var/lib/pgsql/data/pg_hba.conf",
+		require => Single_exec[initialize_db],
+		notify => Service[postgresql]
+        }
+
+	exec {"postgres_add_localhost_trust":
+		command => "/bin/echo 'host all all 127.0.0.1 255.255.255.0
trust' >> /var/lib/pgsql/data/pg_hba.conf",
+		require => Exec[postgres_add_all_trust],
+                notify => Service[postgresql]
+        }
+
+	file { "/etc/ovirt-server/" :
+                ensure => directory,
+                require => Exec[postgres_add_localhost_trust]
+        }
+
+        file { "/etc/ovirt-server/db/" :
+                ensure => directory,
+                require => File["/etc/ovirt-server"]
+        }
+
+	exec {"touch_dbaccess_file":
+		command => "/bin/touch /etc/ovirt-server/db/dbaccess",
+		require => File["/etc/ovirt-server/db"]
+	}
+
+	file_append {"db_password_file":
+                file    => "/etc/ovirt-server/db/dbaccess",
+		line    => "$db_password",
+		require => Exec[touch_dbaccess_file]
+        }
+	exec {"db_exists_file":
+		command => "/bin/touch /etc/ovirt-server/db/exists",
+		require => File_append[db_password_file]
+	}
+}
+
+class postgres::remote{
+
+# oVirt is not configured at this time to support a remote postgres connection
+
+}
+
diff --git a/installer/modules/ovirt/manifests/tftp.pp
b/installer/modules/ovirt/manifests/tftp.pp
new file mode 100644
index 0000000..4f41d00
--- /dev/null
+++ b/installer/modules/ovirt/manifests/tftp.pp
@@ -0,0 +1,31 @@
+#--
+#  Copyright (C) 2008 Red Hat Inc.
+#
+#  This library is free software; you can redistribute it and/or
+#  modify it under the terms of the GNU Lesser General Public
+#  License as published by the Free Software Foundation; either
+#  version 2.1 of the License, or (at your option) any later version.
+#
+#  This library is distributed in the hope that it will be useful,
+#  but WITHOUT ANY WARRANTY; without even the implied warranty of
+#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+#  Lesser General Public License for more details.
+#
+#  You should have received a copy of the GNU Lesser General Public
+#  License along with this library; if not, write to the Free Software
+#  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA
+#
+# Author: Joey Boggs <jboggs at redhat.com>
+#--
+
+class tftp::bundled {
+
+        file {"/etc/dnsmasq.d/ovirt-tftp.conf":
+                content => template("ovirt/ovirt-tftp.conf.erb"),
+                mode => 644,
+		notify => Service[dnsmasq],
+		require => Package[dnsmasq]
+        }
+}
+
+
diff --git a/installer/modules/ovirt/templates/digest_line.erb
b/installer/modules/ovirt/templates/digest_line.erb
new file mode 100644
index 0000000..4e98708
--- /dev/null
+++ b/installer/modules/ovirt/templates/digest_line.erb
@@ -0,0 +1,4 @@
+<%  require 'digest/sha1' -%>
+<% token = "#{digest_username}:#{digest_realm}:#{digest_password}"
-%>
+<% digested_password = Digest::MD5.hexdigest(token) -%>
+<%= digest_username -%>:<%= digest_realm -%>:<%=
digested_password -%>
diff --git a/installer/modules/ovirt/templates/ovirt-dhcp.conf.erb
b/installer/modules/ovirt/templates/ovirt-dhcp.conf.erb
new file mode 100644
index 0000000..e10db40
--- /dev/null
+++ b/installer/modules/ovirt/templates/ovirt-dhcp.conf.erb
@@ -0,0 +1,9 @@
+interface=<%= dhcp_interface %>
+dhcp-range=<%= dhcp_network %>.<%= dhcp_start %>,<%=
dhcp_network%>.<%= dhcp_stop %>
+domain=<%= dhcp_domain %>
+dhcp-option=option:router,<%= prov_network_gateway %>
+dhcp-option=option:ntp-server,<%= ntp_server %>
+dhcp-option=12
+no-resolv
+local=/<%= dhcp_domain %>/
+server=<%= prov_dns_server %>
diff --git a/installer/modules/ovirt/templates/ovirt-dns.conf.erb
b/installer/modules/ovirt/templates/ovirt-dns.conf.erb
new file mode 100644
index 0000000..ae3eb48
--- /dev/null
+++ b/installer/modules/ovirt/templates/ovirt-dns.conf.erb
@@ -0,0 +1,7 @@
+srv-host=_ovirt._tcp,<%= ovirt_host %>,80
+srv-host=_ipa._tcp,<%= ipa_host %>,80
+srv-host=_ldap._tcp,<%= ipa_host %>,389
+srv-host=_collectd._tcp,<%= ovirt_host %>,25826
+srv-host=_qpidd._tcp,<%= ovirt_host %>,5672
+srv-host=_identify._tcp,<%= ovirt_host %>,12120
+
diff --git a/installer/modules/ovirt/templates/ovirt-tftp.conf.erb
b/installer/modules/ovirt/templates/ovirt-tftp.conf.erb
new file mode 100644
index 0000000..3fa40f8
--- /dev/null
+++ b/installer/modules/ovirt/templates/ovirt-tftp.conf.erb
@@ -0,0 +1,3 @@
+enable-tftp
+tftp-root=/var/lib/tftpboot
+dhcp-boot=pxelinux.0
diff --git a/ovirt-server.spec.in b/ovirt-server.spec.in
index 79a5adf..330203a 100644
--- a/ovirt-server.spec.in
+++ b/ovirt-server.spec.in
@@ -1,5 +1,6 @@
 %define pbuild %{_builddir}/%{name}-%{version}
 %define app_root %{_datadir}/%{name}
+%define acehome  %{_datadir}/ace
 
 Summary: oVirt Server Suite
 Name: ovirt-server
@@ -45,10 +46,20 @@ BuildArch: noarch
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-buildroot
 URL: http://ovirt.org/
 
-%description
+%package installer
+Summary: Installer modules for the oVirt Server Suite
+Requires: ruby(abi) = 1.8
+Requires: ace
+Requires: ace-postgres
+Requires: rubygem(highline)
+Requires: hal
 
+%description
 The Server Suite for oVirt.
 
+%description installer
+The Installer for the ovirt server suite
+
 %prep
 %setup -q
 
@@ -59,6 +70,7 @@ test "x$RPM_BUILD_ROOT" != "x" &&
rm -rf $RPM_BUILD_ROOT
 mkdir %{buildroot}
 
 %{__install} -d -m0755 %{buildroot}%{_bindir}
+%{__install} -d -m0755 %{buildroot}%{_datadir}
 %{__install} -d -m0755 %{buildroot}%{_sbindir}
 %{__install} -d -m0755 %{buildroot}%{_initrddir}
 %{__install} -d -m0755 %{buildroot}%{_sysconfdir}/sysconfig
@@ -69,6 +81,7 @@ mkdir %{buildroot}
 %{__install} -d -m0755 %{buildroot}%{_localstatedir}/log/%{name}
 %{__install} -d -m0755 %{buildroot}%{_localstatedir}/run/%{name}
 %{__install} -d -m0755 %{buildroot}%{app_root}
+%{__install} -d -m0755 %{buildroot}/%{acehome}
 
 touch %{buildroot}%{_localstatedir}/log/%{name}/mongrel.log
 touch %{buildroot}%{_localstatedir}/log/%{name}/rails.log
@@ -114,6 +127,12 @@ touch
%{buildroot}%{_localstatedir}/log/%{name}/db-omatic.log
 %{__mkdir} %{buildroot}%{_localstatedir}/lib/%{name}/tmp
 %{__ln_s} %{_localstatedir}/lib/%{name}/tmp %{buildroot}%{app_root}/tmp
 
+# Set up the installer
+%{__cp} -pr %{pbuild}/installer/modules %{buildroot}/%{acehome}
+%{__cp} -pr %{pbuild}/installer/appliances %{buildroot}/%{acehome}
+%{__cp} -pr %{pbuild}/installer/bin/ovirt-installer %{buildroot}%{_sbindir}
+
+
 %clean
 rm -rf $RPM_BUILD_ROOT
 
@@ -193,6 +212,10 @@ fi
 %config(noreplace) %{_sysconfdir}/%{name}/production.rb
 %config(noreplace) %{_sysconfdir}/%{name}/test.rb
 
+%files installer
+%{_sbindir}/ovirt-installer
+%{acehome}
+
 %changelog
 * Thu May 29 2008 Alan Pevec <apevec at redhat.com> - 0.0.5-0
 - use rubygem-krb5-auth
-- 
1.6.0.6