Looking into writing a free and open piece of software that will allow package management on workstations and servers.
To register a workstation/server, they will need:
- Install script
- URL of API
- Registration key
The script will contact the server over HTTPS with the key. The workstation/server will await verification by the system admin (via web panel). Once the system has been verified and registered, a root daemon will run at startup to accept incoming instructions from the server.
The daemon can get a description of an update schedule. Options include date, time, and whether to shutdown afterwards. If possible, we should determine if the user is active on the workstation before shutting down.
The software can group computer types and cascade package profiles called "images". Images can be specified by a list of packages that are added and removed from a system.
For example, servers might ask that excess bulk be removed ala cshell, and any X windows components. A workstation would want an FTP client and Google Chrome installed. These can be saved as black and white lists of packages that must and must not be installed (respectively). These lists are cascaded from parent to child image, and can be given "weights" so that they apply in a particular order.
These images can be updated periodically and checked vs dpg --get-selections to see if any adjustments need to be done. It will ask for a list of pre-cascaded black and white lists. The blacklist will run first, removing any unwanted bulk, and then the whitelist will be installed. The software interface should attempt to detect any unintended conflicts and display a warning.
There may come a time when sources need to be managed as well. Chrome, for example, should come from Google's repository. Sublime comes from a PPA. It would be good to look into keeping track of this, as not all software comes from the main repositories. Not having a PPA installed would break the automation.
Use LDAP? How to config client? Key management?