1 files changed, 25 insertions, 31 deletions

diff --git a/frontends/Rexfile b/frontends/Rexfile
index add480e..610083c 100644
--- a/frontends/Rexfile
+++ b/frontends/Rexfile
@@ -462,44 +462,40 @@ task 'nsd_failover',
     run 'rm /tmp/root.cron';
   };
 
+# Install or update dtail from the custom package repository.
+# The package includes binaries, config, rc script, and key cache helper.
+desc 'Install DTail package';
+task 'dtail_install',
+  group => 'frontends',
+  sub {
+    # Remove any previously manually deployed binaries not managed by pkg
+    my $pkg_check = run 'pkg_info dtail 2>/dev/null';
+    if ( $? != 0 ) {
+      for my $bin (qw(dserver dcat dgrep dmap dtail dtailhealth)) {
+        if ( is_file("/usr/local/bin/$bin") ) {
+          Rex::Logger::info("Removing manually installed $bin binary...");
+          run "rm -f /usr/local/bin/$bin";
+        }
+      }
+    }
+
+    # Install or update from custom repo (packages signed with signify)
+    say run 'PKG_PATH="https://pkgrepo.f3s.buetow.org/openbsd/7.8/packages/amd64/" pkg_add -u dtail || PKG_PATH="https://pkgrepo.f3s.buetow.org/openbsd/7.8/packages/amd64/" pkg_add dtail';
+  };
+
+# Set up the dserver service user, daily key cache cron, and start dserver.
+# Binaries, config, rc script, and key cache script come from the dtail package.
 desc 'Setup DTail';
 task 'dtail',
   group => 'frontends',
   sub {
-    my $restart = FALSE;
+    run_task 'dtail_install';
 
     run 'adduser -class nologin -group _dserver -batch _dserver', unless => 'id _dserver';
     run 'usermod -d /var/run/dserver _dserver';
 
-    file '/etc/rc.d/dserver',
-      content   => template('./etc/rc.d/dserver.tpl'),
-      owner     => 'root',
-      group     => 'wheel',
-      mode      => '755',
-      on_change => sub { $restart = TRUE };
-
-    file '/etc/dserver',
-      ensure => 'directory',
-      owner  => 'root',
-      group  => 'wheel',
-      mode   => '755';
-
-    file '/etc/dserver/dtail.json',
-      content   => template('./etc/dserver/dtail.json.tpl'),
-      owner     => 'root',
-      group     => 'wheel',
-      mode      => '755',
-      on_change => sub { $restart = TRUE };
-
-    file '/usr/local/bin/dserver-update-key-cache.sh',
-      content => template('./scripts/dserver-update-key-cache.sh.tpl'),
-      owner   => 'root',
-      group   => 'wheel',
-      mode    => '500';
-
     append_if_no_such_line '/etc/daily.local', '/usr/local/bin/dserver-update-key-cache.sh';
 
-    service 'dserver' => 'restart' if $restart;
     service 'dserver', ensure => 'started';
   };
 
@@ -764,9 +760,7 @@ task 'commons',
 
     # run_task 'gorum';
     run_task 'foostats';
-
-    # Requires installing the binaries first!
-    #run_task 'dtail';
+    run_task 'dtail';
   };
 
 1;