Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
slapos
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Justin
slapos
Commits
1eb0dec3
Commit
1eb0dec3
authored
Dec 07, 2022
by
Jérome Perrin
Browse files
Options
Browse Files
Download
Plain Diff
Merge remote-tracking branch 'origin/master' into zope4py2
parents
3bfda89d
32447daf
Changes
20
Hide whitespace changes
Inline
Side-by-side
Showing
20 changed files
with
369 additions
and
160 deletions
+369
-160
component/mosquitto/buildout.cfg
component/mosquitto/buildout.cfg
+13
-0
component/python3/buildout.cfg
component/python3/buildout.cfg
+14
-8
setup.py
setup.py
+0
-1
slapos/recipe/novnc/__init__.py
slapos/recipe/novnc/__init__.py
+0
-52
software/beremiz-ide/buildout.hash.cfg
software/beremiz-ide/buildout.hash.cfg
+6
-2
software/beremiz-ide/instance-beremiz.cfg.jinja2.in
software/beremiz-ide/instance-beremiz.cfg.jinja2.in
+48
-27
software/beremiz-ide/instance.cfg.in
software/beremiz-ide/instance.cfg.in
+3
-1
software/beremiz-ide/nginx_conf.in
software/beremiz-ide/nginx_conf.in
+59
-0
software/beremiz-ide/software.cfg
software/beremiz-ide/software.cfg
+7
-4
software/caddy-frontend/software.cfg
software/caddy-frontend/software.cfg
+0
-3
software/kvm/buildout.hash.cfg
software/kvm/buildout.hash.cfg
+7
-3
software/kvm/instance-kvm.cfg.jinja2
software/kvm/instance-kvm.cfg.jinja2
+52
-34
software/kvm/instance.cfg.in
software/kvm/instance.cfg.in
+3
-0
software/kvm/software.cfg
software/kvm/software.cfg
+7
-19
software/kvm/template/nginx_conf.in
software/kvm/template/nginx_conf.in
+59
-0
software/kvm/template/template-kvm-run.in
software/kvm/template/template-kvm-run.in
+3
-3
software/kvm/test/test.py
software/kvm/test/test.py
+6
-3
software/mosquitto/buildout.hash.cfg
software/mosquitto/buildout.hash.cfg
+3
-0
software/mosquitto/instance.cfg.in
software/mosquitto/instance.cfg.in
+61
-0
software/mosquitto/software.cfg
software/mosquitto/software.cfg
+18
-0
No files found.
component/mosquitto/buildout.cfg
0 → 100644
View file @
1eb0dec3
[buildout]
extends =
../cmake/buildout.cfg
[mosquitto]
recipe = slapos.recipe.cmmi
url = https://mosquitto.org/files/source/mosquitto-2.0.15.tar.gz
md5sum = 22b7a8b05caa692cb22496b791529193
configure-command =
${cmake:location}/bin/cmake
configure-options =
-DWITH_CJSON=no
-DCMAKE_INSTALL_PREFIX=@@LOCATION@@
component/python3/buildout.cfg
View file @
1eb0dec3
...
...
@@ -51,23 +51,29 @@ environment =
[python3.7]
<= python3-common
version = 3.7
package_version = 3.7.1
3
md5sum =
10822726f75fd7efe05a94fbd6ac2258
package_version = 3.7.1
5
md5sum =
d2ff16776b5d822efc2a7cbf42fc2915
[python3.8]
<= python3-common
version = 3.8
package_version = 3.8.1
3
md5sum = c
4b7100dcaace9d33ab1fda9a3a038d6
package_version = 3.8.1
5
md5sum = c
ca78a827d2327f5c3ff2dee9f526e7e
[python3.9]
<= python3-common
version = 3.9
package_version = 3.9.1
3
md5sum =
5e2411217b0060828d5f923eb422a3b8
package_version = 3.9.1
5
md5sum =
8adc5662c9fd10a23ae8ae9f28b65b49
[python3.10]
<= python3-common
version = 3.10
package_version = 3.10.6
md5sum = afc7e14f7118d10d1ba95ae8e2134bf0
package_version = 3.10.8
md5sum = e92356b012ed4d0e09675131d39b1bde
[python3.11]
<= python3-common
version = 3.11
package_version = 3.11.0
md5sum = fe92acfa0db9b9f5044958edb451d463
setup.py
View file @
1eb0dec3
...
...
@@ -121,7 +121,6 @@ setup(name=name,
'notifier = slapos.recipe.notifier:Recipe'
,
'notifier.callback = slapos.recipe.notifier:Callback'
,
'notifier.notify = slapos.recipe.notifier:Notify'
,
'novnc = slapos.recipe.novnc:Recipe'
,
'onetimeupload = slapos.recipe.onetimeupload:Recipe'
,
'pbs = slapos.recipe.pbs:Recipe'
,
'postgres = slapos.recipe.postgres:Recipe'
,
...
...
slapos/recipe/novnc/__init__.py
deleted
100644 → 0
View file @
3bfda89d
##############################################################################
#
# Copyright (c) 2011 Vifib SARL and Contributors. All Rights Reserved.
#
# WARNING: This program as such is intended to be used by professional
# programmers who take the whole responsibility of assessing all potential
# consequences resulting from its eventual inadequacies and bugs
# End users who are looking for a ready-to-use solution with commercial
# guarantees and support are strongly adviced to contract a Free Software
# Service Company
#
# This program is Free Software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 3
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#
##############################################################################
from
slapos.recipe.librecipe
import
GenericBaseRecipe
import
binascii
import
os
import
sys
class
Recipe
(
GenericBaseRecipe
):
"""
novnc instance configuration.
"""
def
install
(
self
):
return
self
.
createWrapper
(
self
.
options
[
'path'
],
(
self
.
options
[
'websockify-path'
],
'--web'
,
self
.
options
[
'novnc-location'
],
'--key=%s'
%
self
.
options
[
'ssl-key-path'
],
'--cert=%s'
%
self
.
options
[
'ssl-cert-path'
],
'--ssl-only'
,
'%s:%s'
%
(
self
.
options
[
'ip'
],
self
.
options
[
'port'
]),
'%s:%s'
%
(
self
.
options
[
'vnc-ip'
],
self
.
options
[
'vnc-port'
]),
),
wait_list
=
(
self
.
options
[
'ssl-key-path'
],
self
.
options
[
'ssl-cert-path'
]),
)
software/beremiz-ide/buildout.hash.cfg
View file @
1eb0dec3
...
...
@@ -15,11 +15,11 @@
[instance]
filename = instance.cfg.in
md5sum =
db7fe97f4c6b84cfadb7b5c68eab517a
md5sum =
e8aae0fe3a8bc3f006b8638ed326bbcb
[template-instance-beremiz]
filename = instance-beremiz.cfg.jinja2.in
md5sum =
9d59c9392636ab71f37b43fd8008fd10
md5sum =
2b990148e527117bcfb366f8b700c807
[template-instance-beremiz-test]
filename = instance-beremiz-test.cfg.jinja2.in
...
...
@@ -28,3 +28,7 @@ md5sum = a2fa2b9d3a225a1dd71db67bd4fea769
[template-fluxbox-menu.in]
filename = fluxbox-menu.in
md5sum = 09560314eae0225b6085f8626f1a603a
[template-nginx_conf.in]
filename = nginx_conf.in
md5sum = 9ca886120a99befe25ca761ddc54753c
software/beremiz-ide/instance-beremiz.cfg.jinja2.in
View file @
1eb0dec3
...
...
@@ -27,35 +27,55 @@ stop-on-error = true
cert-file = ${directory:ssl}/beremiz.crt
key-file = ${directory:ssl}/beremiz.key
[novnc-instance]
recipe = slapos.cookbook:novnc
path = ${directory:bin}/novnc
[nginx-tempdir]
recipe = slapos.cookbook:mkdirectory
tmp = ${buildout:directory}/tmp
client-body-temp-path = ${:tmp}/client_body_temp_path
proxy-temp-path = ${:tmp}/proxy_temp_path
fastcgi-temp-path = ${:tmp}/fastcgi_temp_path
uwsgi-temp-path = ${:tmp}/uwsgi_temp_path
scgi-temp-path = ${:tmp}/scgi_temp_path
[nginx-launcher]
recipe = slapos.cookbook:wrapper
command-line = {{ nginx_executable }} -c ${nginx-config:output}
wrapper-path = ${directory:services}/nginx
[nginx-config]
recipe = slapos.recipe.template:jinja2
url = {{ template_nginx }}
output = ${directory:etc}/nginx.conf
context =
section params nginx-params
section ca gen-certificate
section tempdir nginx-tempdir
raw docroot {{ novnc_location }}
raw mime {{ nginx_mime }}
[nginx-params]
path-pid = ${directory:run}/nginx.pid
path-error-log = ${directory:log}/nginx-error.log
path-access-log = ${directory:log}/nginx-access.log
ip = {{ ipv6 }}
port = 6080
vnc-ip = {{ ipv4 }}
vnc-port = ${x11vnc:port}
novnc-location = {{ novnc_location }}
websockify-path = {{ websockify_bin }}
ssl-key-path = ${gen-certificate:key-file}
ssl-cert-path = ${gen-certificate:cert-file}
[websockify-sighandler]
recipe = slapos.cookbook:signalwrapper
wrapper-path = ${directory:bin}/websockify-sighandler
wrapped-path = ${novnc-instance:path}
[websockify-sighandler-service]
recipe = slapos.cookbook:wrapper
command-line = ${websockify-sighandler:wrapper-path}
wrapper-path = ${directory:services}/websockify
hash-existing-files = ${buildout:directory}/software_release/buildout.cfg
websocket-ip = {{ ipv4 }}
websocket-port = ${x11vnc:port}
websocket-path = websockify
nb-workers = 2
[nginx-graceful]
recipe = slapos.recipe.template
output = ${directory:scripts}/nginx-graceful
inline =
#!/bin/sh
exec kill -s SIGHUP $(cat ${nginx-params:path-pid})
[novnc-promise]
<= monitor-promise-base
promise = check_socket_listening
name = novnc_promise.py
config-host = ${n
ovnc-instance
:ip}
config-port = ${n
ovnc-instance
:port}
config-host = ${n
ginx-params
:ip}
config-port = ${n
ginx-params
:port}
[x11vnc]
recipe = slapos.cookbook:wrapper
...
...
@@ -216,7 +236,8 @@ recipe = slapos.cookbook:requestoptional
shared = true
config-https-only = True
config-type = websocket
config-url = https://[${novnc-instance:ip}]:${novnc-instance:port}
config-url = https://[${nginx-params:ip}]:${nginx-params:port}
config-websocket-path-list = ${nginx-params:websocket-path}
return = secure_access domain
software-url = http://git.erp5.org/gitweb/slapos.git/blob_plain/HEAD:/software/apache-frontend/software.cfg
software-type = RootSoftwareInstance
...
...
@@ -226,9 +247,8 @@ name = Beremiz VNC
[publish-connection-information]
<= monitor-publish
recipe = slapos.cookbook:publish
backend-url = https://[${novnc-instance:ip}]:${novnc-instance:port}/vnc.html?host=[${novnc-instance:ip}]&port=${novnc-instance:port}&encrypt=1
url = ${request-vnc-frontend:connection-secure_access}/vnc.html?host=${request-vnc-frontend:connection-domain}&port=443&encrypt=1
vnc-password = ${random-password:passwd}
backend-url = https://[${nginx-params:ip}]:${nginx-params:port}/vnc.html?encrypt=1&password=${random-password:passwd}
url = ${request-vnc-frontend:connection-secure_access}/vnc.html?encrypt=1&password=${random-password:passwd}
[buildout]
extends =
...
...
@@ -242,7 +262,8 @@ parts =
xserver-promise
x11vnc-listen-promise
beremiz-x11
websockify-sighandler-service
nginx-launcher
nginx-graceful
request-vnc-frontend
generate-vnc-password
publish-connection-information
...
...
software/beremiz-ide/instance.cfg.in
View file @
1eb0dec3
...
...
@@ -34,6 +34,7 @@ context =
key computer_id slap-configuration:computer
raw bin_directory {{ bin_directory }}
raw template_monitor {{ template_monitor_cfg }}
raw template_nginx {{ template_nginx }}
raw template_logrotate {{ logrotate_cfg }}
raw logrotate_cfg {{ logrotate_cfg }}
raw python_bin {{ python_bin }}
...
...
@@ -62,9 +63,10 @@ extra-context =
raw gtk3_location {{ gtk3_location }}
raw matiec_location {{ matiec_location }}
raw mesa_location {{ mesa_location }}
raw nginx_executable {{ nginx_executable }}
raw nginx_mime {{ nginx_mime }}
raw novnc_location {{ novnc_location }}
raw openssl_bin {{ openssl_location }}/bin/openssl
raw websockify_bin {{ bin_directory }}/websockify
raw x11vnc_bin {{ x11vnc_location }}/bin/x11vnc
raw xvfb_bin {{ xserver_location }}/bin/Xvfb
raw xterm_bin {{ xterm_location }}/bin/xterm
...
...
software/beremiz-ide/nginx_conf.in
0 → 100644
View file @
1eb0dec3
worker_processes {{ params['nb-workers'] }};
pid {{ params['path-pid'] }};
error_log {{ params['path-error-log'] }};
daemon off;
events {
worker_connections 1024;
accept_mutex off;
}
http {
include {{ mime }};
default_type application/octet-stream;
types_hash_bucket_size 64;
access_log {{ params['path-access-log'] }} combined;
index novnc.html;
upstream vnc_proxy {
server {{ params['websocket-ip'] }}:{{ params['websocket-port'] }};
}
server {
listen [{{ params['ip'] }}]:{{ params['port'] }} ssl http2;
server_name _;
ssl_certificate {{ ca['cert-file'] }};
ssl_certificate_key {{ ca['key-file'] }};
ssl_session_timeout 1d;
ssl_session_cache shared:MozSSL:10m;
ssl_session_tickets off;
ssl_protocols TLSv1.3;
ssl_prefer_server_ciphers off;
keepalive_timeout 5;
client_body_temp_path {{ tempdir['client-body-temp-path'] }};
proxy_temp_path {{ tempdir['proxy-temp-path'] }};
fastcgi_temp_path {{ tempdir['fastcgi-temp-path'] }};
uwsgi_temp_path {{ tempdir['uwsgi-temp-path'] }};
scgi_temp_path {{ tempdir['scgi-temp-path'] }};
# path for static files
root {{ docroot }};
location /{{ params['websocket-path'] }} {
proxy_http_version 1.1;
proxy_pass http://vnc_proxy/;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
# VNC connection timeout
proxy_read_timeout 61s;
# Disable cache
proxy_buffering off;
}
}
}
software/beremiz-ide/software.cfg
View file @
1eb0dec3
...
...
@@ -9,7 +9,6 @@ extends =
../../component/noVNC/buildout.cfg
../../component/nginx/buildout.cfg
../../component/lxml-python/buildout.cfg
../../component/numpy/buildout.cfg
../../component/numpy/openblas.cfg
../../component/matplotlib/buildout.cfg
../../component/wxpython/buildout.cfg
...
...
@@ -74,10 +73,8 @@ recipe = zc.recipe.egg
eggs =
${wxPython:egg}
${python-cryptography:egg}
${lxml-python:egg}
${matplotlib:egg}
future
websockify
zeroconf2
enum34
pyro
...
...
@@ -131,6 +128,7 @@ context =
key template_instance_beremiz template-instance-beremiz:target
key template_instance_beremiz_test template-instance-beremiz-test:target
key template_logrotate template-logrotate-base:output
key template_nginx template-nginx_conf.in:target
key fontconfig_location fontconfig:location
key font_dejavu dejavu-fonts:location
key font_liberation liberation-fonts:location
...
...
@@ -144,6 +142,8 @@ context =
key instance_template_type :type
key matiec_location matiec:location
key mesa_location mesa:location
key nginx_executable nginx-output:nginx
key nginx_mime nginx-output:mime
key novnc_location noVNC:location
key nxdtest_template nxdtest-instance.cfg:output
key python_bin :python-bin
...
...
@@ -168,12 +168,15 @@ output = ${buildout:directory}/instance-beremiz-test.cfg.jinja2
<= download-template
output = ${buildout:directory}/fluxbox-menu.in
[template-nginx_conf.in]
<= download-template
output = ${buildout:directory}/nginx_conf.in
[versions]
Pillow = 6.2.2
matplotlib = 2.2.5
kiwisolver = 1.1.0
cycler = 0.10.0
websockify = 0.9.0
Pyro = 3.16
zeroconf2 = 0.19.2
cython = 0.29.24
...
...
software/caddy-frontend/software.cfg
View file @
1eb0dec3
...
...
@@ -10,7 +10,6 @@ extends =
../../component/6tunnel/buildout.cfg
../../component/xz-utils/buildout.cfg
../../component/rsyslogd/buildout.cfg
../../component/numpy/buildout.cfg
../../component/haproxy/buildout.cfg
../../component/nginx/buildout.cfg
../../component/findutils/buildout.cfg
...
...
@@ -57,7 +56,6 @@ depends = ${software-develop:recipe}
recipe = zc.recipe.egg
eggs =
software
websockify
[profile-common]
recipe = slapos.recipe.template:jinja2
...
...
@@ -226,6 +224,5 @@ plone.recipe.command = 1.1
pycrypto = 2.6.1
smmap = 0.9.0
websockify = 0.8.0
furl = 2.1.0
orderedmultidict = 1.0.1
software/kvm/buildout.hash.cfg
View file @
1eb0dec3
...
...
@@ -15,11 +15,11 @@
[template]
filename = instance.cfg.in
md5sum =
a7978940fb9cdcc4e1ec33015ba640ba
md5sum =
b6204319cca4264b3c351d4dd1f2b5d0
[template-kvm]
filename = instance-kvm.cfg.jinja2
md5sum =
69749ef4be49b970af9548d68e6d878
5
md5sum =
14a8433ca9f0038bb6cc4b68ef7ea8e
5
[template-kvm-cluster]
filename = instance-kvm-cluster.cfg.jinja2.in
...
...
@@ -49,13 +49,17 @@ md5sum = 64aa1ce8785f6b94aabd787fa3443082
filename = instance-nbd.cfg.jinja2
md5sum = e041e8011ad2ec7f104be173ef76f5e9
[template-nginx]
filename = template/nginx_conf.in
md5sum = 9ca886120a99befe25ca761ddc54753c
[template-ansible-promise]
filename = template/ansible-promise.in
md5sum = 6328f99728284847b8dd1146aadeae1b
[template-kvm-run]
filename = template/template-kvm-run.in
md5sum =
fa048a28da7362d570f5b6bd1e05d232
md5sum =
4ce3fc8072e1e010ee99651cb01d3b3d
[template-kvm-controller]
filename = template/kvm-controller-run.in
...
...
software/kvm/instance-kvm.cfg.jinja2
View file @
1eb0dec3
...
...
@@ -643,31 +643,48 @@ promise = check_command_execute
name = qemu-virtual-machine-is-ready.py
config-command = ${kvm-started-bin:output}
[novnc-instance]
recipe = slapos.cookbook:novnc
path = ${ca-novnc:executable}
[nginx-tempdir]
recipe = slapos.cookbook:mkdirectory
tmp = ${buildout:directory}/tmp
client-body-temp-path = ${:tmp}/client_body_temp_path
proxy-temp-path = ${:tmp}/proxy_temp_path
fastcgi-temp-path = ${:tmp}/fastcgi_temp_path
uwsgi-temp-path = ${:tmp}/uwsgi_temp_path
scgi-temp-path = ${:tmp}/scgi_temp_path
[nginx-launcher]
recipe = slapos.cookbook:wrapper
command-line = ${ca-novnc:executable} -c ${nginx-config:output}
wrapper-path = ${directory:services}/nginx
[nginx-config]
recipe = slapos.recipe.template:jinja2
url = {{ template_nginx }}
output = ${directory:etc}/nginx.conf
context =
section params nginx-params
section ca ca-novnc
section tempdir nginx-tempdir
raw docroot {{ novnc_location }}
raw mime {{ nginx_mime }}
[nginx-params]
path-pid = ${directory:run}/nginx.pid
path-error-log = ${directory:log}/nginx-error.log
path-access-log = ${directory:log}/nginx-access.log
ip = ${slap-network-information:global-ipv6}
port = 6080
vnc-ip = ${kvm-parameter-dict:vnc-ip}
vnc-port = ${kvm-parameter-dict:vnc-port}
novnc-location = {{ novnc_location }}
websockify-path = {{ websockify_executable_location }}
ssl-key-path = ${ca-novnc:key-file}
ssl-cert-path = ${ca-novnc:cert-file}
[websockify-sighandler]
recipe = slapos.cookbook:signalwrapper
wrapper-path = ${directory:bin}/websockify-sighandler
wrapped-path = ${novnc-instance:path}
[websockify-sighandler-service]
recipe = slapos.cookbook:wrapper
command-line = ${websockify-sighandler:wrapper-path}
wrapper-path = ${directory:services}/websockify
hash-existing-files = ${buildout:directory}/software_release/buildout.cfg
wait-for-files =
${ca-novnc:key-file}
${ca-novnc:cert-file}
websocket-ip = ${kvm-parameter-dict:vnc-ip}
websocket-port = ${kvm-parameter-dict:vnc-port}
websocket-path = websockify
nb-workers = 2
[nginx-graceful]
recipe = slapos.recipe.template
output = ${directory:scripts}/nginx-graceful
inline =
#!/bin/sh
exec kill -s SIGHUP $(cat ${nginx-params:path-pid})
[certificate-authority]
recipe = slapos.cookbook:certificate_authority
...
...
@@ -699,15 +716,15 @@ crl = ${directory:ca-dir}/crl/
recipe = slapos.cookbook:certificate_authority.request
key-file = ${directory:novnc-conf}/novnc.key
cert-file = ${directory:novnc-conf}/novnc.crt
executable =
${directory:bin}/novnc
wrapper = ${directory:bin}/
websockify
executable =
{{ nginx_executable }}
wrapper = ${directory:bin}/
nginx-with-ca
[novnc-promise]
<= monitor-promise-base
promise = check_socket_listening
name = novnc_promise.py
config-host = ${n
ovnc-instance
:ip}
config-port = ${n
ovnc-instance
:port}
config-host = ${n
ginx-params
:ip}
config-port = ${n
ginx-params
:port}
#----------------
...
...
@@ -748,7 +765,8 @@ partition-id = ${slap-connection:partition-id}
shared = true
config-https-only = True
config-type = websocket
config-url = https://[${novnc-instance:ip}]:${novnc-instance:port}
config-websocket-path-list = ${nginx-params:websocket-path}
config-url = https://[${nginx-params:ip}]:${nginx-params:port}
return = secure_access domain
[request-slave-frontend]
...
...
@@ -762,7 +780,7 @@ sla-instance_guid = ${slap-parameter:frontend-instance-guid}
<= monitor-promise-base
promise = check_url_available
name = frontend_promise.py
config-url = ${request-slave-frontend:connection-secure_access}
config-url = ${request-slave-frontend:connection-secure_access}
/vnc.html
{% if additional_frontend %}
[request-slave-frontend-additional]
...
...
@@ -823,10 +841,10 @@ blank-line =
<= monitor-publish
recipe = slapos.cookbook:publish.serialised
ipv6 = ${slap-network-information:global-ipv6}
backend-url = https://[${n
ovnc-instance:ip}]:${novnc-instance:port}/vnc.html?auto=1&
encrypt=1&password=${kvm-controller-parameter-dict:vnc-passwd}
url = ${request-slave-frontend:connection-secure_access}/vnc.html?
auto=1&
encrypt=1&password=${kvm-controller-parameter-dict:vnc-passwd}
backend-url = https://[${n
ginx-params:ip}]:${nginx-params:port}/vnc.html?
encrypt=1&password=${kvm-controller-parameter-dict:vnc-passwd}
url = ${request-slave-frontend:connection-secure_access}/vnc.html?encrypt=1&password=${kvm-controller-parameter-dict:vnc-passwd}
{% if additional_frontend %}
url-additional = ${request-slave-frontend-additional:connection-secure_access}/vnc.html?
auto=1&
encrypt=1&password=${kvm-controller-parameter-dict:vnc-passwd}
url-additional = ${request-slave-frontend-additional:connection-secure_access}/vnc.html?encrypt=1&password=${kvm-controller-parameter-dict:vnc-passwd}
{% endif %}
{% set disk_number = len(storage_dict) -%}
maximum-extra-disk-amount = {{ disk_number }}
...
...
@@ -1242,8 +1260,8 @@ parts =
kvm-controller-wrapper
kvm-vnc-promise
kvm-disk-image-corruption-promise
websockify-sighandl
er
websockify-sighandler-service
nginx-launch
er
nginx-graceful
novnc-promise
kvm-started-promise
cron
...
...
software/kvm/instance.cfg.in
View file @
1eb0dec3
...
...
@@ -89,6 +89,8 @@ extra-context =
raw logrotate_cfg ${template-logrotate-base:output}
raw novnc_location ${noVNC:location}
raw netcat_bin ${netcat:location}/bin/netcat
raw nginx_executable ${nginx-output:nginx}
raw nginx_mime ${nginx-output:mime}
raw python_executable ${buildout:executable}
raw python_eggs_executable ${buildout:bin-directory}/${python-with-eggs:interpreter}
raw qemu_executable_location ${qemu:location}/bin/qemu-system-x86_64
...
...
@@ -100,6 +102,7 @@ extra-context =
raw template_kvm_controller_run ${template-kvm-controller:target}
raw template_kvm_run ${template-kvm-run:target}
raw template_monitor ${monitor2-template:output}
raw template_nginx ${template-nginx:target}
raw websockify_executable_location ${buildout:directory}/bin/websockify
raw wipe_disk_wrapper ${buildout:directory}/bin/securedelete
template-parts-destination = ${template-parts:target}
...
...
software/kvm/software.cfg
View file @
1eb0dec3
...
...
@@ -8,9 +8,8 @@ extends =
../../component/noVNC/buildout.cfg
../../component/openssl/buildout.cfg
../../component/netcat/buildout.cfg
../../component/
lxml-python
/buildout.cfg
../../component/
nginx
/buildout.cfg
../../component/pycurl/buildout.cfg
../../component/numpy/buildout.cfg
../../component/gzip/buildout.cfg
../../stack/slapos.cfg
../../stack/resilient/buildout.cfg
...
...
@@ -33,28 +32,20 @@ parts = ${:common-parts}
# In qemu builtin vnc server, and make it available only for localhost
# so that only novnc can listen to it.
#XXX-Cedric: Check status of https://github.com/kanaka/noVNC/issues/13 to see
# When qemu has builtin support for websockets in vnc server to get rid of
# Websockify (socket <-> websocket proxy server) when it is ready.
# May solve previous XXX depending on the implementation.
#XXX-Cedric : add list of keyboard layouts (azerty/us querty/...) parameter to qemu
[python-with-eggs]
recipe = zc.recipe.egg
interpreter = ${:_buildout_section_name_}
eggs =
${slapos-toolbox:eggs}
${python-cffi:egg}
${lxml-python:egg}
websockify
${slapos-cookbook:eggs}
erp5.util
# BBB: eggs used as recipe should be kept otherwise sections depending
# on it can't be uninstalled
collective.recipe.shelloutput
scripts =
websockify
# Only generate the interpreter script to avoid conflicts with scripts
# for eggs that are also generated by another section, like slapos.toolbox
scripts = ${:interpreter}
# Create all templates that will be used to deploy instances
[download-base]
...
...
@@ -97,6 +88,9 @@ output = ${buildout:directory}/template.cfg
[template-nbd]
<= download-base
[template-nginx]
<= download-base
[template-ansible-promise]
<= download-base
...
...
@@ -135,9 +129,3 @@ context =
[whitelist-domains-default]
<= download-base
[versions]
websockify = 0.9.0
gitdb = 0.6.4
pycurl = 7.43.0
smmap = 0.9.0
software/kvm/template/nginx_conf.in
0 → 100644
View file @
1eb0dec3
worker_processes {{ params['nb-workers'] }};
pid {{ params['path-pid'] }};
error_log {{ params['path-error-log'] }};
daemon off;
events {
worker_connections 1024;
accept_mutex off;
}
http {
include {{ mime }};
default_type application/octet-stream;
types_hash_bucket_size 64;
access_log {{ params['path-access-log'] }} combined;
index novnc.html;
upstream vnc_proxy {
server {{ params['websocket-ip'] }}:{{ params['websocket-port'] }};
}
server {
listen [{{ params['ip'] }}]:{{ params['port'] }} ssl http2;
server_name _;
ssl_certificate {{ ca['cert-file'] }};
ssl_certificate_key {{ ca['key-file'] }};
ssl_session_timeout 1d;
ssl_session_cache shared:MozSSL:10m;
ssl_session_tickets off;
ssl_protocols TLSv1.3;
ssl_prefer_server_ciphers off;
keepalive_timeout 5;
client_body_temp_path {{ tempdir['client-body-temp-path'] }};
proxy_temp_path {{ tempdir['proxy-temp-path'] }};
fastcgi_temp_path {{ tempdir['fastcgi-temp-path'] }};
uwsgi_temp_path {{ tempdir['uwsgi-temp-path'] }};
scgi_temp_path {{ tempdir['scgi-temp-path'] }};
# path for static files
root {{ docroot }};
location /{{ params['websocket-path'] }} {
proxy_http_version 1.1;
proxy_pass http://vnc_proxy/;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
# VNC connection timeout
proxy_read_timeout 61s;
# Disable cache
proxy_buffering off;
}
}
}
software/kvm/template/template-kvm-run.in
View file @
1eb0dec3
...
...
@@ -62,7 +62,7 @@ cluster_doc_port = {{ parameter_dict.get("cluster-doc-port") }}
auto_ballooning = '{{ parameter_dict.get("auto-ballooning") }}' in ('true', 'True', '1')
vm_name = '{{ parameter_dict.get("name") }}'
# If a device (ie.: /dev/sdb) is provided, use it instead
# If a device (ie.: /dev/sdb) is provided, use it instead
# the disk_path with disk_format
disk_info_list = []
for disk_device_path in '{{ parameter_dict.get("disk-device-path", "") }}'.split():
...
...
@@ -145,7 +145,7 @@ def getMapStorageList(disk_storage_dict, external_disk_number):
if id_list:
if not map_f_exist:
# shuffle the list to not write disk in data1, data2, ... everytime
# shuffle the list to not write disk in data1, data2, ... everytime
shuffle(id_list)
if external_disk_number < last_amount:
# Drop created disk is not allowed
...
...
@@ -277,7 +277,7 @@ ram = '%sM,slots=128,maxmem=%sM' % (init_ram_size, ram_max_size)
kvm_argument_list = [qemu_path,
'-enable-kvm', '-smp', smp, '-name', vm_name, '-m', ram, '-vga', 'std',
'-vnc', '%s:1,
ipv4=on,password
=on' % listen_ip,
'-vnc', '%s:1,
password=on,websocket
=on' % listen_ip,
'-boot', 'order=cd,menu=on',
'-qmp', 'unix:%s,server,nowait' % socket_path,
'-pidfile', pid_file_path, '-msg', 'timestamp=on',
...
...
software/kvm/test/test.py
View file @
1eb0dec3
...
...
@@ -212,7 +212,8 @@ i0:kvm-{kvm-hash-value}-on-watch RUNNING
i0:kvm_controller EXITED
i0:monitor-httpd-{hash}-on-watch RUNNING
i0:monitor-httpd-graceful EXITED
i0:websockify-{hash}-on-watch RUNNING
i0:nginx-graceful EXITED
i0:nginx-on-watch RUNNING
i0:whitelist-domains-download-{hash} RUNNING
i0:whitelist-firewall-{hash} RUNNING"""
,
self
.
getProcessInfo
()
...
...
@@ -702,11 +703,12 @@ ir2:kvm-{kvm-hash-value}-on-watch RUNNING
ir2:kvm_controller EXITED
ir2:monitor-httpd-{hash}-on-watch RUNNING
ir2:monitor-httpd-graceful EXITED
ir2:nginx-graceful EXITED
ir2:nginx-on-watch RUNNING
ir2:notifier-on-watch RUNNING
ir2:resilient_sshkeys_authority-on-watch RUNNING
ir2:sshd-graceful EXITED
ir2:sshd-on-watch RUNNING
ir2:websockify-{hash}-on-watch RUNNING
ir2:whitelist-domains-download-{hash} RUNNING
ir2:whitelist-firewall-{hash} RUNNING
ir3:bootstrap-monitor EXITED
...
...
@@ -2295,7 +2297,8 @@ ihs0:kvm-{kvm-hash-value}-on-watch RUNNING
ihs0:kvm_controller EXITED
ihs0:monitor-httpd-{hash}-on-watch RUNNING
ihs0:monitor-httpd-graceful EXITED
ihs0:websockify-{hash}-on-watch RUNNING
ihs0:nginx-graceful EXITED
ihs0:nginx-on-watch RUNNING
ihs0:whitelist-domains-download-{hash} RUNNING
ihs0:whitelist-firewall-{hash} RUNNING"""
,
self
.
getProcessInfo
()
...
...
software/mosquitto/buildout.hash.cfg
0 → 100644
View file @
1eb0dec3
[instance-profile]
filename = instance.cfg.in
md5sum = 6bfa6ce34bc99511d71ef68f677c99a9
software/mosquitto/instance.cfg.in
0 → 100644
View file @
1eb0dec3
[buildout]
parts =
promises
mosquitto-service
publish-connection-parameter
eggs-directory = {{ buildout["eggs-directory"] }}
develop-eggs-directory = {{ buildout["develop-eggs-directory"] }}
offline = true
[instance-parameter]
recipe = slapos.cookbook:slapconfiguration
computer = ${slap-connection:computer-id}
partition = ${slap-connection:partition-id}
url = ${slap-connection:server-url}
key = ${slap-connection:key-file}
cert = ${slap-connection:cert-file}
[check-port-listening-promise]
recipe = slapos.cookbook:check_port_listening
path = ${directory:promise}/${:_buildout_section_name_}
[directory]
recipe = slapos.cookbook:mkdirectory
home = ${buildout:directory}
etc = ${:home}/etc
var = ${:home}/var
script = ${:etc}/run/
service = ${:etc}/service
promise = ${:etc}/promise/
log = ${:var}/log
bin = ${:home}/bin
[mosquitto-config-file]
recipe = slapos.recipe.build
location = ${directory:etc}/${:_buildout_section_name_}.cfg
ip = ${instance-parameter:ipv4-random}
install =
config = open(self.options["location"], "w")
ip = self.options["ip"]
config.write(f"listener 1883 {ip}\nprotocol mqtt")
[mosquitto-listen-promise]
<= check-port-listening-promise
hostname = ${mosquitto-config-file:ip}
port = 1883
[promises]
recipe =
instance-promises =
${mosquitto-listen-promise:path}
[mosquitto-service]
recipe = slapos.cookbook:wrapper
command-line = {{ mosquitto_location }}/sbin/mosquitto -c ${mosquitto-config-file:location}
wrapper-path = ${directory:service}/mosquitto-service
output = $${:wrapper-path}
[publish-connection-parameter]
recipe = slapos.cookbook:publish
url = mqtt://${mosquitto-listen-promise:hostname}:${mosquitto-listen-promise:port}
software/mosquitto/software.cfg
0 → 100644
View file @
1eb0dec3
[buildout]
extends =
buildout.hash.cfg
../../stack/slapos.cfg
../../stack/monitor/buildout.cfg
../../component/mosquitto/buildout.cfg
parts =
slapos-cookbook
instance-profile
[instance-profile]
recipe = slapos.recipe.template:jinja2
template = ${:_profile_base_location_}/instance.cfg.in
rendered = ${buildout:directory}/instance.cfg
context =
section buildout buildout
key mosquitto_location mosquitto:location
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment