resilient: uses openssh as ssh client and adds graceful scritps for sshd

stack/resilient/buildout.cfg

@@ -41,7 +41,7 @@ eggs =
 recipe = slapos.recipe.template
 url = ${:_profile_base_location_}/pbsready.cfg.in
 output = ${buildout:directory}/pbsready.cfg
-md5sum = 615999be7d67edde1ce7390441c72375
+md5sum = 7803de4d55374ad7f1aef877cceaf542
 mode = 0644
 
 [pbsready-import]
@@ -50,7 +50,7 @@ mode = 0644
 recipe = slapos.recipe.template
 url = ${:_profile_base_location_}/pbsready-import.cfg.in
 output = ${buildout:directory}/pbsready-import.cfg
-md5sum = 33e4871b101578bfa45aaaf93095ad7e
+md5sum = d1173d785ae750442fcb756c09ace370
 mode = 0644
 
 [pbsready-export]
@@ -59,14 +59,14 @@ mode = 0644
 recipe = slapos.recipe.template
 url = ${:_profile_base_location_}/pbsready-export.cfg.in
 output = ${buildout:directory}/pbsready-export.cfg
-md5sum = eb6c6acfc68bbada3be9b7c657408f1c
+md5sum = ae8f579848fca3b6376c81de7dd37a53
 mode = 0644
 
 [template-pull-backup]
 recipe = slapos.recipe.template
 url = ${:_profile_base_location_}/instance-pull-backup.cfg.in
 output = ${buildout:directory}/instance-pull-backup.cfg
-md5sum = 032d5fdf174664a8784a81291f743358
+md5sum = 1d2abfc524b9a17194c744959e4f2f02
 mode = 0644
 
 [template-replicated]

stack/resilient/instance-pull-backup.cfg.in

@@ -189,7 +189,7 @@ recipe = slapos.cookbook:sshkeys_authority
 request-directory = $${sshkeys-directory:requests}
 keys-directory = $${sshkeys-directory:keys}
 wrapper = $${basedirectory:services}/sshkeys_authority
-keygen-binary = ${dropbear:location}/bin/dropbearkey
+keygen-binary = ${openssh:location}/bin/ssh-keygen
 
 [sshkeys-dropbear]
 <= sshkeys-authority
@@ -208,7 +208,7 @@ wrapper = $${rootdirectory:bin}/do_backup
 
 [dropbear-client]
 recipe = slapos.cookbook:dropbear.client
-dbclient-binary = ${dropbear:location}/bin/dbclient
+dbclient-binary = ${openssh:location}/bin/ssh
 wrapper = $${rootdirectory:bin}/ssh
 home = $${basedirectory:ssh-home}
 identity-file = $${basedirectory:ssh-home}/id_rsa

stack/resilient/pbsready-export.cfg.in

@@ -12,6 +12,7 @@ parts =
   cron-entry-logrotate
   sshkeys-authority
   dropbear-server
+  dropbear-sshd-graceful
   sshkeys-dropbear
   resilient-sshkeys-dropbear-promise
   dropbear-server-pbs-authorized-key

stack/resilient/pbsready-import.cfg.in

@@ -12,6 +12,7 @@ parts =
   cron-entry-logrotate
   sshkeys-authority
   dropbear-server
+  dropbear-sshd-graceful
   sshkeys-dropbear
   resilient-sshkeys-dropbear-promise
   dropbear-server-pbs-authorized-key

stack/resilient/pbsready.cfg.in

@@ -8,6 +8,7 @@ parts =
   cron-entry-logrotate
   sshkeys-authority
   dropbear-server
+  dropbear-sshd-graceful
   sshkeys-dropbear
   resilient-sshkeys-dropbear-promise
   dropbear-server-pbs-authorized-key
@@ -30,7 +31,7 @@ recipe = slapos.cookbook:mkdirectory
 log = $${rootdirectory:var}/log
 services = $${rootdirectory:etc}/service
 run = $${rootdirectory:var}/run
-script = $${rootdirectory:etc}/script
+scripts = $${rootdirectory:etc}/run
 backup = $${rootdirectory:srv}/backup
 promises = $${rootdirectory:etc}/promise
 services = $${rootdirectory:etc}/service
@@ -183,7 +184,7 @@ template = inline:
  Protocol 2
  UsePrivilegeSeparation no
  HostKey $${directory:ssh}/server_key.rsa
- AuthorizedKeysFile $${buildout:directory}/.ssh/authorized_keys
+ AuthorizedKeysFile $${directory:ssh}/.ssh/authorized_keys
  PasswordAuthentication no
  PubkeyAuthentication yes
  ForceCommand $${rdiff-backup-server:wrapper}
@@ -210,6 +211,11 @@ input = inline:#!/bin/sh
 output = $${rootdirectory:bin}/raw_sshd_log
 mode = 700
 
+[dropbear-sshd-graceful]
+recipe = slapos.cookbook:wrapper
+command-line = $${directory:bin}/killpidfromfile $${runner-sshd-config:path_pid} SIGHUP
+wrapper-path = $${basedirectory:scripts}/sshd-graceful
+
 #----------------
 #--
 #-- sshkeys