Skip to content

slapos
slapos
Commit 94026302 authored by Alain Takoudjou's avatar Alain Takoudjou
Browse files
Options

Merge branch 'master' into kvm-cluster

parents 47a68bf7 04b38984
Hide whitespace changes
Inline Side-by-side
Showing with 10595 additions and 3528 deletions
component/6tunnel/buildout.cfg
View file @ 94026302
......@@ -11,13 +11,10 @@ extends =
recipe = slapos.recipe.cmmi
url = http://toxygen.net/6tunnel/6tunnel-0.11rc2.tar.gz
md5sum = 74e02d4f0704b3083a01feda66033449
configure-command =
pre-configure =
aclocal
autoheader
automake --foreign
autoconf
./configure
configure-options =
--prefix=${buildout:parts-directory}/${:_buildout_section_name_}
environment =
PATH=${autoconf:location}/bin:${automake:location}/bin:%(PATH)s
component/apache/buildout.cfg
View file @ 94026302
......@@ -17,8 +17,8 @@ extends =
[apr]
recipe = hexagonit.recipe.download
version = 1.5.1
md5sum = 5486180ec5a23efb5cae6d4292b300ab
version = 1.5.2
md5sum = 4e9769f3349fe11fc0a5e1b224c236aa
url = https://archive.apache.org/dist/apr/apr-${:version}.tar.bz2
[apr-util]
......@@ -30,12 +30,13 @@ md5sum = 2202b18f269ad606d70e1864857ed93c
[apache]
# inspired on http://old.aclark.net/team/aclark/blog/a-lamp-buildout-for-wordpress-and-other-php-apps/
recipe = slapos.recipe.cmmi
version = 2.4.12
version = 2.4.16
url = https://archive.apache.org/dist/httpd/httpd-${:version}.tar.bz2
md5sum = b8dc8367a57a8d548a9b4ce16d264a13
configure-command = cp -ar ${apr:location}/apr-${apr:version} srclib/apr/; cp -ar ${apr-util:location}/apr-util-${apr-util:version} srclib/apr-util; ./configure
configure-options = --prefix=${buildout:parts-directory}/${:_buildout_section_name_}
--disable-static
md5sum = 2b19cd338fd526dd5a63c57b1e9bfee2
pre-configure =
cp -ar ${apr:location}/apr-${apr:version} srclib/apr/ &&
cp -ar ${apr-util:location}/apr-util-${apr-util:version} srclib/apr-util
configure-options = --disable-static
--enable-authn-alias
--enable-bucketeer
--enable-cache
......@@ -109,9 +110,9 @@ make-targets =
[apache-2.2]
# inspired on http://old.aclark.net/team/aclark/blog/a-lamp-buildout-for-wordpress-and-other-php-apps/
recipe = slapos.recipe.cmmi
version = 2.2.29
version = 2.2.31
url = https://archive.apache.org/dist/httpd/httpd-${:version}.tar.bz2
md5sum = 579342fdeaa7b8b68d17fee91f8fab6e
md5sum = 6c10e15835ab214464228a9beb7afba8
patch-options = -p1
configure-options = --disable-static
--enable-authn-alias
......
component/aspell/buildout.cfg
View file @ 94026302
......@@ -7,12 +7,9 @@ extends =
../ncurses/buildout.cfg
../perl/buildout.cfg
[aspell-common-dictionary]
location = ${buildout:parts-directory}/${:_buildout_section_name_}
recipe = plone.recipe.command
command = mkdir -p ${:location}
update-command = ${:command}
stop-on-error = yes
[aspell-dictionary-common]
recipe = slapos.recipe.cmmi
configure-command = ./configure --vars ASPELL=${aspell:location}/bin/aspell PREZIP=${aspell:location}/bin/prezip-bin
[aspell]
recipe = slapos.recipe.cmmi
......@@ -24,7 +21,6 @@ environment =
LDFLAGS=-L${ncurses:location}/lib -Wl,-rpath=${ncurses:location}/lib
[aspell-en-dictionary]
recipe = slapos.recipe.cmmi
<= aspell-dictionary-common
url = ftp://ftp.gnu.org/gnu/aspell/dict/en/aspell6-en-7.1-0.tar.bz2
md5sum = beba5e8f3afd3ed1644653bb685b2dfb
configure-command = ./configure --vars ASPELL=${aspell:location}/bin/aspell PREZIP=${aspell:location}/bin/prezip-bin
component/babeld/buildout.cfg
View file @ 94026302
......@@ -6,7 +6,7 @@ parts = babeld
[babeld]
recipe = slapos.recipe.cmmi
url = https://lab.nexedi.cn/rafael/babeld/repository/archive.tar.gz?ref=v1.6.0-nxd1
url = https://lab.nexedi.com/rafael/babeld/repository/archive.tar.gz?ref=v1.6.0-nxd1
md5sum = 1f269d01321103873b8d245df19984f0
configure-command =
echo "No configure.."
......
component/bison/bison-drop.gets.patch deleted 100644 → 0
View file @ 47a68bf7
diff -ur bison-2.5.orig/lib/stdio.in.h bison-2.5/lib/stdio.in.h
--- bison-2.5.orig/lib/stdio.in.h 2011-05-15 00:23:46.000000000 +0200
+++ bison-2.5/lib/stdio.in.h 2012-07-23 16:30:56.366722487 +0200
@@ -181,7 +181,9 @@
so any use of gets warrants an unconditional warning. Assume it is
always declared, since it is required by C89. */
#undef gets
+#if defined(__GLIBC__) && !defined(__UCLIBC__) && !__GLIBC_PREREQ(2, 16)
_GL_WARN_ON_USE (gets, "gets is a security hole - use fgets instead");
+#endif
#if @GNULIB_FOPEN@
# if @REPLACE_FOPEN@
component/boinc-client/buildout.cfg
View file @ 94026302
......@@ -17,7 +17,7 @@ extends =
../../stack/slapos.cfg
[download-boinc]
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
url = http://boinc.berkeley.edu/dl/boinc_7.0.28_x86_64-pc-linux-gnu.sh
md5sum = efdfd115ae69227ceb6118ca09777988
location = ${buildout:parts-directory}/${:_buildout_section_name_}
......@@ -36,7 +36,7 @@ ld_library = ${curl:location}/lib:${openssl:location}/lib:${zlib:location}/lib
location = ${buildout:parts-directory}/BOINC
[boinc-patch]
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/boinc-abs-path.patch
md5sum = 412acedfbcdc8a9a7f196a02465da248
location = ${buildout:parts-directory}/${:_buildout_section_name_}
......
component/boost-lib/buildout.cfg
View file @ 94026302
[buildout]
parts =
boost-lib
extends =
../bzip2/buildout.cfg
../zlib/buildout.cfg
[boost-lib]
recipe = slapos.recipe.cmmi
url = http://downloads.sourceforge.net/sourceforge/boost/boost_1_43_0.tar.gz
md5sum = 734565ca4819bf04bd8e903e116c3fb1
url = http://downloads.sourceforge.net/sourceforge/boost/boost_1_58_0.tar.bz2
md5sum = b8839650e61e9c1c0a89f371dd475546
location = ${buildout:parts-directory}/${:_buildout_section_name_}
configure-command = ./bootstrap.sh --prefix=${:location}
configure-command = ./bootstrap.sh --prefix=${:location} --with-python=${python2.7:location}/bin/python2.7
make-binary =
make-options =
make-targets = ./bjam link=shared install
make-targets = ./b2 link=shared dll-path=${:location}/lib:${bzip2:location}/lib:${zlib:location}/lib install
environment =
BZIP2_INCLUDE=${bzip2:location}/include
BZIP2_LIBPATH=${bzip2:location}/lib
ZLIB_INCLUDE=${zlib:location}/include
ZLIB_LIBPATH=${zlib:location}/lib
component/ca-certificates/buildout.cfg
View file @ 94026302
......@@ -11,10 +11,9 @@ parts =
[ca-certificates]
recipe = slapos.recipe.cmmi
version = 20141019
url = ftp://ftp.free.fr/mirrors/ftp.debian.org/pool/main/c/ca-certificates/ca-certificates_${:version}.tar.xz
url = ftp://ftp.free.fr/mirrors/ftp.debian.org/pool/main/c/ca-certificates/ca-certificates_20150426.tar.xz
patch-binary = ${patch:location}/bin/patch
md5sum = f619282081c8bfc65ea64c37fa5285ed
md5sum = 717455f13fb31fd014a11a468ea3895d
patches =
${:_profile_base_location_}/ca-certificates-sbin-dir.patch#0b4e7d82ce768823c01954ee41ef177b
patch-options = -p0
......
component/cloudooo/buildout.cfg
View file @ 94026302
......@@ -11,7 +11,7 @@ setup = ${cloudooo-repository:location}
[cloudooo-repository]
recipe = slapos.recipe.build:gitclone
repository = http://git.erp5.org/repos/cloudooo.git
repository = https://lab.nexedi.com/nexedi/cloudooo.git
branch = master
git-executable = ${git:location}/bin/git
......
component/coreutils/buildout.cfg
View file @ 94026302
......@@ -10,7 +10,7 @@ recipe = slapos.recipe.cmmi
url = http://ftp.gnu.org/gnu/coreutils/coreutils-8.23.tar.xz
md5sum = abed135279f87ad6762ce57ff6d89c41
configure-options =
--prefix=${buildout:parts-directory}/${:_buildout_section_name_} --enable-install-program=tr,basename,uname,cat,cp,ls
-enable-install-program=tr,basename,uname,cat,cp,ls
environment =
PATH=${xz-utils:location}/bin:%(PATH)s
LDFLAGS=-Wl,--as-needed -L${gmp:location}/lib -Wl,-rpath=${gmp:location}/lib
......
component/cpio/buildout.cfg
View file @ 94026302
......@@ -3,9 +3,6 @@
parts = cpio
[cpio]
patch-options = -p1
patches =
${:_profile_base_location_}/cpio-drop.gets.patch#6c79cb9caf407063543efff93647c450
recipe = slapos.recipe.cmmi
url = http://ftp.gnu.org/gnu/cpio/cpio-2.11.tar.bz2
md5sum = 20fc912915c629e809f80b96b2e75d7d
url = http://ftp.gnu.org/gnu/cpio/cpio-2.12.tar.bz2
md5sum = 93eea9f07c0058c097891c73e4955456
component/cpio/cpio-drop.gets.patch deleted 100644 → 0
View file @ 47a68bf7
diff -ur cpio-2.11.orig/gnu/stdio.in.h cpio-2.11/gnu/stdio.in.h
--- cpio-2.11.orig/gnu/stdio.in.h 2010-03-10 10:27:03.000000000 +0100
+++ cpio-2.11/gnu/stdio.in.h 2012-07-23 13:04:56.075242094 +0200
@@ -139,7 +139,9 @@
so any use of gets warrants an unconditional warning. Assume it is
always declared, since it is required by C89. */
#undef gets
+#if defined(__GLIBC__) && !defined(__UCLIBC__) && !__GLIBC_PREREQ(2, 16)
_GL_WARN_ON_USE (gets, "gets is a security hole - use fgets instead");
+#endif
#if @GNULIB_FOPEN@
# if @REPLACE_FOPEN@
component/curl/buildout.cfg
View file @ 94026302
......@@ -12,8 +12,8 @@ parts =
[curl]
recipe = slapos.recipe.cmmi
url = http://curl.haxx.se/download/curl-7.42.1.tar.bz2
md5sum = 296945012ce647b94083ed427c1877a8
url = http://curl.haxx.se/download/curl-7.44.0.tar.bz2
md5sum = 6b952ca00e5473b16a11f05f06aa8dae
configure-options =
--disable-static
--disable-ldap
......
component/cyrus-sasl/buildout.cfg
View file @ 94026302
......@@ -2,26 +2,37 @@
parts =
cyrus-sasl
extends =
../autoconf/buildout.cfg
../automake/buildout.cfg
../gdbm/buildout.cfg
../libtool/buildout.cfg
../m4/buildout.cfg
../zlib/buildout.cfg
[cyrus-sasl]
recipe = slapos.recipe.cmmi
url = ftp://ftp.cyrusimap.org/cyrus-sasl/cyrus-sasl-2.1.26.tar.gz
md5sum = a7f4e5e559a0e37b3ffc438c9456e425
location = ${buildout:parts-directory}/${:_buildout_section_name_}
pre-configure =
"${libtool:location}/bin/libtoolize" -c -f &&
"${automake:location}/bin/aclocal" -I "${libtool:location}/share/aclocal" -I config -I cmulocal &&
"${automake:location}/bin/automake" -c -a -f
configure-options =
--disable-digest
--disable-gssapi
--disable-otp
--with-dblib=none
--with-dblib=gdbm
--without-des
--without-openssl
--without-pam
--without-saslauthd
--with-plugindir=${:location}/lib/sasl2
# it seems that parallel build sometimes fails.
make-options =
-j1
environment =
CPPFLAGS=-I${zlib:location}/include
LDFLAGS=-L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib
PATH=${autoconf:location}/bin:${m4:location}/bin:%(PATH)s
CPPFLAGS=-fPIC -I${zlib:location}/include -I${gdbm:location}/include
LDFLAGS=-L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib -L${gdbm:location}/lib -Wl,-rpath=${gdbm:location}/lib
component/cyrus-sasl/cyrus-sasl-2.1.22-gcc44.patch deleted 100644 → 0
View file @ 47a68bf7
fix warnings with gcc-4.4
http://bugs.gentoo.org/248738
--- cyrus-sasl-2.1.22/plugins/digestmd5.c
+++ cyrus-sasl-2.1.22/plugins/digestmd5.c
@@ -2715,7 +2715,7 @@ static sasl_server_plug_t digestmd5_serv
"DIGEST-MD5", /* mech_name */
#ifdef WITH_RC4
128, /* max_ssf */
-#elif WITH_DES
+#elif defined(WITH_DES)
112,
#else
1,
@@ -4034,7 +4034,7 @@ static sasl_client_plug_t digestmd5_clie
"DIGEST-MD5",
#ifdef WITH_RC4 /* mech_name */
128, /* max ssf */
-#elif WITH_DES
+#elif defined(WITH_DES)
112,
#else
1,
component/dropbear/buildout.cfg
View file @ 94026302
......@@ -20,7 +20,6 @@ md5sum = 0284ea239083f04c8b874e08e1aca243
url = http://matt.ucc.asn.au/dropbear/releases/dropbear-0.53.1.tar.bz2
configure-options =
--prefix=${buildout:parts-directory}/${:_buildout_section_name_}
--with-zlib=${zlib:location}
CFLAGS="-DENABLE_SINGLEUSER -D__DIRTY_NO_SHELL_CHECKING"
......
component/firefox/buildout.cfg
View file @ 94026302
......@@ -26,12 +26,12 @@ depends =
${liberation-fonts:location}
${ipaex-fonts:location}
version = 36.0.4
version = 40.0.2
# MD5SUMs are available at :
# https://ftp.mozilla.org/pub/mozilla.org/firefox/releases/${:version}/MD5SUMS
x86 = http://download-installer.cdn.mozilla.net/pub/firefox/releases/${:version}/linux-i686/en-US/firefox-${:version}.tar.bz2 6f50b82a6c020d0f29a04cfcd9fe8282
x86-64 = http://download-installer.cdn.mozilla.net/pub/firefox/releases/${:version}/linux-x86_64/en-US/firefox-${:version}.tar.bz2 119d9369a3b1be282936c35bf036414f
x86 = http://download-installer.cdn.mozilla.net/pub/firefox/releases/${:version}/linux-i686/en-US/firefox-${:version}.tar.bz2 91005730fe4de7504e1d21d80e427377
x86-64 = http://download-installer.cdn.mozilla.net/pub/firefox/releases/${:version}/linux-x86_64/en-US/firefox-${:version}.tar.bz2 2cf6af6369c01f9b49ad69aa12a705b4
script =
if not self.options.get('url'): self.options['url'], self.options['md5sum'] = self.options[guessPlatform()].split(' ')
......
component/fluentd/buildout.cfg
View file @ 94026302
......@@ -7,10 +7,12 @@ extends =
[fluentd]
recipe = rubygemsrecipe
url = https://rubygems.org/rubygems/rubygems-2.4.8.zip
ruby-executable = ${ruby:location}/bin/ruby
gems =
fluentd
gem-options = --with-icu-lib=${icu:location}/lib/ --with-icu-dir=${icu:location}/
fluentd==0.12.15
fluent-plugin-td==0.10.27
gem-options = --no-ri --no-rdoc --with-icu-lib=${icu:location}/lib/ --with-icu-dir=${icu:location}/
environment =
LDFLAGS = -L${icu:location}/lib -Wl,-rpath=${icu:location}/lib
CFLAGS = -I${icu:location}/include
component/freetype/buildout.cfg
View file @ 94026302
......@@ -13,8 +13,8 @@ parts =
[freetype]
recipe = slapos.recipe.cmmi
url = http://download.savannah.gnu.org/releases/freetype/freetype-2.5.5.tar.bz2
md5sum = 2a7a314927011d5030903179cf183be0
url = http://download.savannah.gnu.org/releases/freetype/freetype-2.6.1.tar.bz2
md5sum = 35cb8f4d9e5906847901bb39324c2f80
pkg_config_depends = ${zlib:location}/lib/pkgconfig:${libpng:location}/lib/pkgconfig
location = ${buildout:parts-directory}/${:_buildout_section_name_}
configure-options =
......@@ -24,5 +24,3 @@ environment =
PKG_CONFIG_PATH=${:pkg_config_depends}
CPPFLAGS=-I${bzip2:location}/include -I${zlib:location}/include
LDFLAGS=-L${bzip2:location}/lib -Wl,-rpath=${bzip2:location}/lib -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib
make-targets =
install && ln -s . ${:location}/include/freetype2/freetype
component/gettext/buildout.cfg
View file @ 94026302
......@@ -10,8 +10,8 @@ extends =
[gettext]
recipe = slapos.recipe.cmmi
url = http://ftp.gnu.org/pub/gnu/gettext/gettext-0.19.5.1.tar.lz
md5sum = 153d3c541f4a1a284b365a8cd65875c9
url = http://ftp.gnu.org/pub/gnu/gettext/gettext-0.19.6.tar.lz
md5sum = 45b2a123cdc7cef54df98152a0da3fcc
configure-options =
--disable-static
......
component/ghostscript/buildout.cfg
View file @ 94026302
......@@ -32,8 +32,8 @@ environment =
[ghostscript-9]
<= ghostscript-common
url = http://downloads.ghostscript.com/public/ghostscript-9.16.tar.bz2
md5sum = 21732fd6e39acc283bc623b8842cbfbb
url = http://downloads.ghostscript.com/public/ghostscript-9.18.tar.bz2
md5sum = aa125af368d89b3dbd15fc379f13375f
[ghostscript-fonts]
recipe = hexagonit.recipe.download
......
component/git/buildout.cfg
View file @ 94026302
......@@ -16,8 +16,8 @@ parts =
[git]
recipe = slapos.recipe.cmmi
url = https://www.kernel.org/pub/software/scm/git/git-2.2.1.tar.xz
md5sum = 43e01f9d96ba8c11611e0eef0d9f9f28
url = https://www.kernel.org/pub/software/scm/git/git-2.5.3.tar.xz
md5sum = e69b41f2d0a93f3d3dc5eb19196e4e5c
configure-options =
--with-curl=${curl:location}
--with-openssl=${openssl:location}
......
component/gnutls/buildout.cfg
View file @ 94026302
......@@ -26,8 +26,8 @@ environment =
[gnutls]
recipe = slapos.recipe.cmmi
url = ftp://ftp.gnutls.org/gcrypt/gnutls/v3.2/gnutls-3.2.21.tar.lz
md5sum = a653d93a5a26434474c603470cc86666
url = ftp://ftp.gnutls.org/gcrypt/gnutls/v3.3/gnutls-3.3.17.1.tar.xz
md5sum = 8d01c7e7f2cbc5871fdca832d2260b6b
configure-options =
--disable-static
--disable-libdane
......@@ -35,7 +35,7 @@ configure-options =
--disable-crywrap
--without-tpm
environment =
PATH=${pkgconfig:location}/bin:${lunzip:location}/bin:%(PATH)s
PATH=${pkgconfig:location}/bin:${xz-utils:location}/bin:%(PATH)s
PKG_CONFIG_PATH=${nettle:location}/lib/pkgconfig:${p11-kit:location}/lib/pkgconfig:${zlib:location}/lib/pkgconfig
CPPFLAGS=-I${gmp:location}/include -I${zlib:location}/include
LDFLAGS=-L${gmp:location}/lib -Wl,-rpath=${gmp:location}/lib -Wl,-rpath=${nettle:location}/lib -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib
component/groonga/buildout.cfg
View file @ 94026302
......@@ -13,8 +13,8 @@ extends =
[groonga]
recipe = slapos.recipe.cmmi
url = http://packages.groonga.org/source/groonga/groonga-5.0.5.tar.gz
md5sum = c119a73e4fcb3308d0ce6b955e1867b2
url = http://packages.groonga.org/source/groonga/groonga-5.0.8.tar.gz
md5sum = ccb36449fdd62c61367f3ed5e830aec3
# temporary patch to respect more tokens in natural language mode.
patches =
${:_profile_base_location_}/groonga.patch#9ed02fbe8400402d3eab47eee149978b
......
component/gtk-2/buildout.cfg
View file @ 94026302
......@@ -24,14 +24,9 @@ parts =
[cairo]
recipe = slapos.recipe.cmmi
url = http://cairographics.org/releases/cairo-1.12.16.tar.xz
md5sum = a1304edcdc99282f478b995ee5f8f854
url = http://cairographics.org/releases/cairo-1.14.2.tar.xz
md5sum = e1cdfaf1c6c995c4d4c54e07215b0118
pkg_config_depends = ${libXext:location}/lib/pkgconfig:${libXext:pkg_config_depends}:${libpng:location}/lib/pkgconfig:${fontconfig:location}/lib/pkgconfig:${fontconfig:pkg_config_depends}:${pixman:location}/lib/pkgconfig:${glib:location}/lib/pkgconfig
patch-options = -p1
patches =
${:_profile_base_location_}/cairo-fix_gcc4.9_ftbfs.patch#d4c843a655be8f1df548c9492d253359
pre-configure =
autoreconf -vfi
configure-options =
--disable-static
--disable-gtk-doc-html
......@@ -41,10 +36,9 @@ configure-options =
--disable-xcb
--enable-ft
--enable-fc
--disable-lto
environment =
M4=${m4:location}/bin/m4
PATH=${freetype:location}/bin:${pkgconfig:location}/bin:${xz-utils:location}/bin:${autoconf:location}/bin:${automake:location}/bin:${libtool:location}/bin:%(PATH)s
PATH=${freetype:location}/bin:${pkgconfig:location}/bin:${xz-utils:location}/bin:%(PATH)s
PKG_CONFIG_PATH=${:pkg_config_depends}
CPPFLAGS=-I${zlib:location}/include
LDFLAGS=-L${bzip2:location}/lib -Wl,-rpath=${bzip2:location}/lib -L${gettext:location}/lib -Wl,-rpath=${gettext:location}/lib -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib
......@@ -80,8 +74,8 @@ environment =
[gdk-pixbuf]
recipe = slapos.recipe.cmmi
url = http://ftp.gnome.org/pub/gnome/core/3.16/3.16.2/sources/gdk-pixbuf-2.31.4.tar.xz
md5sum = b4ce8f0d7548cb8cbdcb833e1c4d095e
url = http://ftp.gnome.org/pub/GNOME/sources/gdk-pixbuf/2.31/gdk-pixbuf-2.31.6.tar.xz
md5sum = 67219eb45ed0aba90b3158042b909d4e
pkg_config_depends = ${glib:location}/lib/pkgconfig:${libX11:location}/lib/pkgconfig:${libX11:pkg_config_depends}
configure-options =
--disable-static
......
component/gtk-2/cairo-fix_gcc4.9_ftbfs.patch deleted 100644 → 0
View file @ 47a68bf7
From c3645d97ebd24c6f7ad850785d585aebc706a11c Mon Sep 17 00:00:00 2001
From: Bryce Harrington <b.harrington@samsung.com>
Date: Tue, 08 Jul 2014 20:14:20 +0000
Subject: configure.ac: Add a --disable-lto configure option
Link-Time Optimization seems to be stable enough with gcc 4.8 and 4.9,
but has proven to be an issue in the past for many cairo users (webkit,
efl, ubuntu, opensuse, gentoo, arch...) who carry patches to disable it.
Gentoo's patch[1] adds a --disable-lto option to leave it enabled by
default but give users the ability to work around lto related build
problems (c.f. fdo #77060). Patch appears to have been authored by
Alexandre Rostovtsev[2].
1: sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/x11-libs/cairo/files/cairo-1.12.16-lto-optional.patch
2: https://bugs.gentoo.org/show_bug.cgi?id=509552
Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=60852
Signed-off-by: Bryce Harrington <b.harrington@samsung.com>
Reviewed-by: Uli Schlachter <psychon@znc.in>
---
diff --git a/build/configure.ac.warnings b/build/configure.ac.warnings
index f984eb2..a72d948 100644
--- a/build/configure.ac.warnings
+++ b/build/configure.ac.warnings
@@ -38,13 +38,18 @@ dnl options. Namely, the following:
dnl -flto working really needs a test link, not just a compile
-safe_MAYBE_WARN="$MAYBE_WARN"
-MAYBE_WARN="$MAYBE_WARN -flto"
-AC_TRY_LINK([],[
+AC_ARG_ENABLE(lto,
+ AS_HELP_STRING([--disable-lto],
+ [Do not try to use Link-Time Optimization]))
+if test "x$enable_lto" != "xno"; then
+ safe_MAYBE_WARN="$MAYBE_WARN"
+ MAYBE_WARN="$MAYBE_WARN -flto"
+ AC_TRY_LINK([],[
int main(int argc, char **argv) { return 0; }
-],[],[
+ ],[],[
MAYBE_WARN="$safe_MAYBE_WARN"
-])
+ ])
+fi
MAYBE_WARN="$MAYBE_WARN -fno-strict-aliasing -fno-common"
--
cgit v0.9.0.2-2-gbebe
component/inkscape/buildout.cfg
View file @ 94026302
......@@ -33,14 +33,17 @@ environment =
[inkscape]
recipe = slapos.recipe.cmmi
url = http://sourceforge.net/projects/inkscape/files/inkscape/0.48.5/inkscape-0.48.5.tar.bz2
md5sum = 431cda5cd40cd4fdf2b89db1bdcce61f
url = https://inkscape.org/en/gallery/item/3860/inkscape-0.91.tar.bz2
md5sum = 278dfa4514adcde23546370ec2c84581
pkg_config_depends = ${gtkmm:location}/lib/pkgconfig:${gtkmm:pkg_config_depends}:${gsl:location}/lib/pkgconfig:${popt:location}/lib/pkgconfig:${garbage-collector:location}/lib/pkgconfig:${libxslt:location}/lib/pkgconfig
configure-options =
--disable-static
--disable-openmp
--disable-lcms
--disable-wpg
--disable-visio
--disable-cdr
--without-gnome-vfs
--without-perl
--without-python
environment =
PATH=${freetype:location}/bin:${gdk-pixbuf:location}/bin:${gettext:location}/bin:${glib:location}/bin:${intltool:location}/bin:${libxml2:location}/bin:${pkgconfig:location}/bin:${pango:location}/bin:${perl:location}/bin:%(PATH)s
PKG_CONFIG_PATH=${:pkg_config_depends}
......
component/jasper/buildout.cfg
View file @ 94026302
......@@ -16,9 +16,10 @@ patches =
${:_profile_base_location_}/CVE-2014-9029.patch#d69195cf17878f024cc0b580045ec314
${:_profile_base_location_}/CVE-2014-8137.patch#bc5103b9a33315538106bf6652383a10
${:_profile_base_location_}/CVE-2014-8138.patch#bfb9604fe84b6e686fea29bd760cf34d
# jasper configure script is not executable by default
configure-command =
/bin/sh ./configure --prefix=${buildout:parts-directory}/${:_buildout_section_name_} --disable-static --enable-shared --disable-opengl
configure-options =
--disable-static
--enable-shared
--disable-opengl
environment =
CPPFLAGS=-I${libjpeg:location}/include
LDFLAGS=-L${libjpeg:location}/lib -Wl,-rpath=${libjpeg:location}/lib
component/json-c/0001-Remove-unused-variable-size.patch 0 → 100644
View file @ 94026302
From 3859e99f50abe11a8dade28efa9ea3d99dfaac11 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petar=20Koreti=C4=87?= <petar.koretic@gmail.com>
Date: Fri, 11 Apr 2014 10:03:40 +0200
Subject: [RFC 1/2] Remove unused variable 'size'
---
json_tokener.c | 2 --
1 file changed, 2 deletions(-)
diff --git a/json_tokener.c b/json_tokener.c
index 19de8ef..9a76293 100644
--- a/json_tokener.c
+++ b/json_tokener.c
@@ -352,12 +352,10 @@ struct json_object* json_tokener_parse_ex(struct json_tokener *tok,
case json_tokener_state_inf: /* aka starts with 'i' */
{
- int size;
int size_inf;
int is_negative = 0;
printbuf_memappend_fast(tok->pb, &c, 1);
- size = json_min(tok->st_pos+1, json_null_str_len);
size_inf = json_min(tok->st_pos+1, json_inf_str_len);
char *infbuf = tok->pb->buf;
if (*infbuf == '-')
--
2.5.0
component/json-c/0002-Fix-uninitialised-variable-compile-warning-and-also-.patch 0 → 100644
View file @ 94026302
From 89ae583a8624fad6be4a7d1da084b0c410e4fc63 Mon Sep 17 00:00:00 2001
From: Stuart Walsh <stu@ipng.org.uk>
Date: Tue, 31 Mar 2015 12:23:03 +0100
Subject: [RFC 2/2] Fix uninitialised variable compile warning, and also fix
unused-when-used warning
---
json_object.h | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/json_object.h b/json_object.h
index 200ac40..e6c6a4f 100644
--- a/json_object.h
+++ b/json_object.h
@@ -339,8 +339,8 @@ extern void json_object_object_del(struct json_object* obj, const char *key);
#if defined(__GNUC__) && !defined(__STRICT_ANSI__) && __STDC_VERSION__ >= 199901L
# define json_object_object_foreach(obj,key,val) \
- char *key; \
- struct json_object *val __attribute__((__unused__)); \
+ char *key = NULL; \
+ struct json_object *val = NULL; \
for(struct lh_entry *entry ## key = json_object_get_object(obj)->head, *entry_next ## key = NULL; \
({ if(entry ## key) { \
key = (char*)entry ## key->k; \
--
2.5.0
component/json-c/buildout.cfg 0 → 100644
View file @ 94026302
[buildout]
parts =
json-c
[json-c-patch-base]
recipe = hexagonit.recipe.download
url = ${:_profile_base_location_}/${:filename}
download-only = true
[json-c-patch-3859e99f50abe11a8dade28efa9ea3d99dfaac11]
< = json-c-patch-base
filename = 0001-Remove-unused-variable-size.patch
md5sum = e8ebc602fbab128d22f1216cb15c4626
[json-c-patch-89ae583a8624fad6be4a7d1da084b0c410e4fc63]
< = json-c-patch-base
filename = 0002-Fix-uninitialised-variable-compile-warning-and-also-.patch
md5sum = 5525ab9ee78157ce6d6100e374ac7767
[json-c]
recipe = slapos.recipe.cmmi
url = https://s3.amazonaws.com/json-c_releases/releases/json-c-0.12.tar.gz
md5sum = 3ca4bbb881dfc4017e8021b5e0a8c491
patch-options = -p1
patches =
${json-c-patch-3859e99f50abe11a8dade28efa9ea3d99dfaac11:location}/${json-c-patch-3859e99f50abe11a8dade28efa9ea3d99dfaac11:filename}
${json-c-patch-89ae583a8624fad6be4a7d1da084b0c410e4fc63:location}/${json-c-patch-89ae583a8624fad6be4a7d1da084b0c410e4fc63:filename}
component/leptonica/buildout.cfg
View file @ 94026302
[buildout]
parts = leptonica
extends =
../libtool/buildout.cfg
../zlib/buildout.cfg
../libjpeg/buildout.cfg
../libpng/buildout.cfg
......@@ -13,13 +12,11 @@ extends =
recipe = slapos.recipe.cmmi
url = http://leptonica.googlecode.com/files/leptonica-1.68.tar.gz
md5sum = 5cd7092f9ff2ca7e3f3e73bfcd556403
configure-command =
./autogen.sh
./configure --prefix=${buildout:parts-directory}/${:_buildout_section_name_} --disable-static
configure-options =
--disable-static
patch-options = -p1
patches =
${:_profile_base_location_}/leptonica-1.69-zlib-include.patch#cff3dc942075190939b407c38e0d3201
environment =
ACLOCAL_ARGS=-I${libtool:location}/share/aclocal
CPPFLAGS=-I${zlib:location}/include -I${libjpeg:location}/include -I${libpng:location}/include -I${libtiff:location}/include -I${webp:location}/include -I${giflib:location}/include
LDFLAGS=-L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib -L${libjpeg:location}/lib -Wl,-rpath=${libjpeg:location}/lib -L${libpng:location}/lib -Wl,-rpath=${libpng:location}/lib -L${libtiff:location}/lib -Wl,-rpath=${libtiff:location}/lib -L${webp:location}/lib -Wl,-rpath=${webp:location}/lib -L${giflib:location}/lib -Wl,-rpath=${giflib:location}/lib
component/libdb/buildout.cfg
View file @ 94026302
[buildout]
parts = libdb
[libdb-hooks-download]
url = ${:_profile_base_location_}/${:filename}
md5sum = acb3bfb990a48381176c1e8f74130e30
recipe = hexagonit.recipe.download
download-only=true
filename = libdb-hooks.py
[libdb]
recipe = slapos.recipe.cmmi
url = http://download.oracle.com/berkeley-db/db-4.5.20.tar.gz
md5sum = b0f1c777708cb8e9d37fb47e7ed3312d
pre-configure-hook = ${libdb-hooks-download:location}/${libdb-hooks-download:filename}:pre_configure_hook
configure-command = ../dist/configure
configure-command = cd build_unix && ../dist/configure
configure-options =
--disable-static
--prefix=${buildout:parts-directory}/${:_buildout_section_name_}
make-binary = cd build_unix && make
component/libdb/libdb-hooks.py deleted 100644 → 0
View file @ 47a68bf7
import os
def pre_configure_hook(options, buildout):
os.chdir('build_unix')
component/libestr/buildout.cfg 0 → 100644
View file @ 94026302
[buildout]
parts =
libestr
[libestr]
recipe = slapos.recipe.cmmi
url = http://libestr.adiscon.com/files/download/libestr-0.1.10.tar.gz
md5sum = f4c9165a23587e77f7efe65d676d5e8e
component/libpng/buildout.cfg
View file @ 94026302
......@@ -18,15 +18,15 @@ environment =
[libpng12]
<= libpng-common
url = http://download.sourceforge.net/libpng/libpng-1.2.52.tar.xz
md5sum = 49d5c71929bf69a172147c47b9309fbe
url = http://download.sourceforge.net/libpng/libpng-1.2.53.tar.xz
md5sum = 7d18a74e6fd2029aee76ccd00e00a9e6
[libpng15]
<= libpng-common
url = http://download.sourceforge.net/libpng/libpng-1.5.21.tar.xz
md5sum = 22eaa2e90352fcd153bed0cdecf542cb
url = http://download.sourceforge.net/libpng/libpng-1.5.23.tar.xz
md5sum = 725f9b98143450df03decf08b4bc42e3
[libpng]
<= libpng-common
url = http://download.sourceforge.net/libpng/libpng-1.6.16.tar.xz
md5sum = 23b7286b5d4a86de950fd2ffc5cac742
url = http://download.sourceforge.net/libpng/libpng-1.6.18.tar.xz
md5sum = 6a57c8e0f5469b9c9949a4b43d57b3a1
component/libreoffice-bin/buildout.cfg
View file @ 94026302
......@@ -9,14 +9,14 @@ parts =
[libreoffice-bin]
recipe = slapos.recipe.build
# here, two %s are used, first one is for directory name (eg. x86_64), and second one is for filename (eg. x86-64).
version = 4.4.1.2
version = 5.0.0.5
url = http://downloadarchive.documentfoundation.org/libreoffice/old/${:version}/rpm/%s/LibreOffice_${:version}_Linux_%s_rpm.tar.gz
# supported architectures md5sums
md5sum_x86 = 23b740e84bc2b8774d50ac97dd553afd
md5sum_x86-64 = 8de6f3d1d4af3826a3a1695a47444948
md5sum_x86 = d54ebe17b34f39446762e73fc3d31277
md5sum_x86-64 = 6e1c97eaa221748e328c80470d296583
# where office code can be found?
officedir = libreoffice4.4
officedir = libreoffice5.0
# script to install
script =
......
component/libtasn1/buildout.cfg
View file @ 94026302
......@@ -4,8 +4,8 @@ parts =
[libtasn1]
recipe = slapos.recipe.cmmi
url = http://ftp.gnu.org/gnu/libtasn1/libtasn1-4.5.tar.gz
md5sum = 81d272697545e82d39f6bd14854b68f0
url = http://ftp.gnu.org/gnu/libtasn1/libtasn1-4.7.tar.gz
md5sum = 12d10ca4ae0a3b95f7aa06a076da39ec
configure-options =
--disable-static
--disable-gtk-doc-html
component/libtool/buildout.cfg
View file @ 94026302
......@@ -6,8 +6,8 @@ parts = libtool
[libtool]
recipe = slapos.recipe.cmmi
md5sum = ee9c087775aeb98ce53a9c69da865a55
url = http://ftp.gnu.org/gnu/libtool/libtool-2.4.5.tar.xz
md5sum = 1bfb9b923f2c1339b4d2ce1807064aa5
url = http://ftp.gnu.org/gnu/libtool/libtool-2.4.6.tar.xz
configure-options =
--disable-static
environment =
......
component/manpy/buildout.cfg
View file @ 94026302
......@@ -11,7 +11,7 @@ parts =
[dream-repository.git]
recipe = slapos.recipe.build:gitclone
repository = http://git.erp5.org/repos/dream.git
repository = https://lab.nexedi.com/nexedi/dream.git
branch = master
git-executable = ${git:location}/bin/git
develop = true
......
component/mariadb/buildout.cfg
View file @ 94026302
......@@ -20,15 +20,16 @@ parts =
[mariadb]
recipe = slapos.recipe.cmmi
version = 10.0.20
version = 10.1.8
url = https://downloads.mariadb.org/f/mariadb-${:version}/source/mariadb-${:version}.tar.gz/from/http:/ftp.osuosl.org/pub/mariadb
md5sum = 59d6c00827ad56f2ac76340fece32fc0
md5sum = 9ba0aaabba40153d83e70edcc1aa43a8
location = ${buildout:parts-directory}/${:_buildout_section_name_}
patch-options = -p0
patches =
${:_profile_base_location_}/mariadb_10.0.8_create_system_tables__no_test.patch#a176d491cf45fccd53ee397c70393bc4
${:_profile_base_location_}/mariadb_10.1.8_create_system_tables__no_test.patch#d2f337e76b290071daf8985a79bda82a
configure-command = ${cmake:location}/bin/cmake
configure-options =
-DCMAKE_INSTALL_PREFIX=${buildout:parts-directory}/${:_buildout_section_name_}
-DCMAKE_INSTALL_PREFIX=${:location}
-DBUILD_CONFIG=mysql_release
-DDEFAULT_CHARSET=utf8
-DDEFAULT_COLLATION=utf8_unicode_ci
......@@ -52,16 +53,20 @@ environment =
CMAKE_INCLUDE_PATH=${libaio:location}/include:${libaio:location}/include:${libxml2:location}/include:${ncurses:location}/include:${openssl:location}/include:${pcre:location}/include:${readline5:location}/include:${zlib:location}/include
CMAKE_LIBRARY_PATH=${libaio:location}/lib:{libaio:location}/lib:${libxml2:location}/lib:${ncurses:location}/lib:${openssl:location}/lib:${pcre:location}/lib:${readline5:location}/lib:${zlib:location}/lib
LDFLAGS=-L${jemalloc:location}/lib -Wl,-rpath=${jemalloc:location}/lib -L${libaio:location}/lib -Wl,-rpath=${libaio:location}/lib -L${pcre:location}/lib -L${zlib:location}/lib
post-install =
mkdir -p ${:location}/include/wsrep &&
cp -p wsrep/wsrep_api.h ${:location}/include/wsrep
[mroonga-mariadb]
# mroonga - a storage engine for MySQL. It provides fast fulltext search feature to all MySQL users.
# http://mroonga.github.com/
recipe = slapos.recipe.cmmi
url = http://packages.groonga.org/source/mroonga/mroonga-5.04.tar.gz
md5sum = 5679e317050df819c0f812de49e27043
configure-command = mkdir fake_mariadb_source && ln -s ${mariadb:location}/include/mysql/private fake_mariadb_source/sql && ./configure
url = http://packages.groonga.org/source/mroonga/mroonga-5.08.tar.gz
md5sum = 65011c1da8700c4950d11dea7355b32d
pre-configure =
mkdir fake_mariadb_source &&
ln -s ${mariadb:location}/include/mysql/private fake_mariadb_source/sql
configure-options =
--prefix=${buildout:parts-directory}/${:_buildout_section_name_}
--with-mysql-source=fake_mariadb_source
--with-mysql-config=${mariadb:location}/bin/mysql_config
--disable-static
......@@ -69,6 +74,7 @@ configure-options =
patch-options = -p1
patches =
${:_profile_base_location_}/mroonga_boolean.patch#36645770ae612515b74b90884ecc59fc
${:_profile_base_location_}/mroonga_5.08_mariadb_10.1.8.patch#ead45e0fbb4cf3c2d39ece012793d3c4
environment =
PATH=${groonga:location}/bin:${pkgconfig:location}/bin:%(PATH)s
CPPFLAGS=-I${groonga:location}/include/groonga -I${pcre:location}/include
......
component/mariadb/mariadb_10.0.8_create_system_tables__no_test.patch component/mariadb/mariadb_10.1.8_create_system_tables__no_test.patch
View file @ 94026302
......@@ -5,8 +5,8 @@ circumstances as it is checked first.
See http://bugs.debian.org/301741
and http://bugs.mysql.com/bug.php?id=6901
--- scripts/mysql_system_tables_data.sql.orig 2013-11-05 17:46:05.000000000 +0100
+++ scripts/mysql_system_tables_data.sql 2013-11-08 09:28:34.707291508 +0100
--- scripts/mysql_system_tables_data.sql.orig 2015-10-15 17:43:45.000000000 +0200
+++ scripts/mysql_system_tables_data.sql 2015-10-19 16:44:16.121393390 +0200
@@ -30,8 +30,6 @@
-- Fill "db" table with default grants for anyone to
-- access database 'test' and 'test_%' if "db" table didn't exist
......@@ -17,9 +17,9 @@ and http://bugs.mysql.com/bug.php?id=6901
DROP TABLE tmp_db;
@@ -43,8 +41,6 @@
REPLACE INTO tmp_user SELECT @current_hostname,'root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0,'','','N','N' FROM dual WHERE @current_hostname != 'localhost';
REPLACE INTO tmp_user VALUES ('127.0.0.1','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0,'','','N','N');
REPLACE INTO tmp_user VALUES ('::1','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0,'','','N','N');
REPLACE INTO tmp_user SELECT @current_hostname,'root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0,'','','N','N','',0 FROM dual WHERE @current_hostname != 'localhost';
REPLACE INTO tmp_user VALUES ('127.0.0.1','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0,'','','N','N','',0);
REPLACE INTO tmp_user VALUES ('::1','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0,'','','N','N', '', 0);
-INSERT INTO tmp_user (host,user) VALUES ('localhost','');
-INSERT INTO tmp_user (host,user) SELECT @current_hostname,'' FROM dual WHERE @current_hostname != 'localhost';
INSERT INTO user SELECT * FROM tmp_user WHERE @had_user_table=0;
......
component/mariadb/mroonga_5.08_mariadb_10.1.8.patch 0 → 100644
View file @ 94026302
commit 4a40e81d17d1df28cfeca56d3d9c8f26d0132cfa
Author: Kouhei Sutou <kou@clear-code.com>
Date: Sun Oct 18 17:23:28 2015 +0900
Use public API
It fixes a build error on MariaDB 10.1.8.
diff --git a/ha_mroonga.cpp b/ha_mroonga.cpp
index 819de30..bfd9631 100644
--- a/ha_mroonga.cpp
+++ b/ha_mroonga.cpp
@@ -9620,13 +9620,13 @@ void ha_mroonga::check_count_skip(key_part_map start_key_part_map,
if (where->type() == Item::FUNC_ITEM) {
Item_func *func_item = static_cast<Item_func *>(where);
- if (func_item->arg_count == 0) {
+ if (func_item->argument_count() == 0) {
break;
}
target = func_item->key_item();
where = where->next;
if (func_item->arguments()[0] == where) {
- uint n_args = func_item->arg_count;
+ uint n_args = func_item->argument_count();
for (; n_args > 0; --n_args) {
where = where->next;
}
component/mesa/buildout.cfg
View file @ 94026302
......@@ -8,31 +8,34 @@ extends =
../libtool/buildout.cfg
../pkgconfig/buildout.cfg
../xorg/buildout.cfg
../xz-utils/buildout.cfg
parts =
mesa
[mesa]
recipe = slapos.recipe.cmmi
url = ftp://ftp.freedesktop.org/pub/mesa/10.3.2/MesaLib-10.3.2.tar.bz2
md5sum = c0a2a975899c4e7485124b388c16cd2f
url = ftp://ftp.freedesktop.org/pub/mesa/11.0.3/mesa-11.0.3.tar.xz
md5sum = bf9118bf0fbf360715cfe60baf7a1db5
configure-options =
--disable-static
--disable-gles1
--disable-gles2
--disable-dri
--disable-dri3
--disable-egl
--disable-gbm
--disable-xvmc
--disable-vdpau
--disable-va
--enable-xlib-glx
--disable-gallium-gbm
--disable-shared-glapi
--disable-driglx-direct
--disable-gallium-llvm
--with-gallium-drivers=
--with-dri-drivers=
environment =
PATH=${autoconf:location}/bin:${bison:location}/bin:${flex:location}/bin:${pkgconfig:location}/bin:%(PATH)s
PATH=${autoconf:location}/bin:${bison:location}/bin:${flex:location}/bin:${pkgconfig:location}/bin:${xz-utils:location}/bin:%(PATH)s
PKG_CONFIG_PATH=${damageproto:location}/lib/pkgconfig:${fixesproto:location}/lib/pkgconfig:${glproto:location}/lib/pkgconfig:${kbproto:location}/lib/pkgconfig:${libX11:location}/lib/pkgconfig:${libXau:location}/lib/pkgconfig:${libXext:location}/lib/pkgconfig:${libexpat:location}/lib/pkgconfig:${libxcb:location}/lib/pkgconfig:${xdamage:location}/lib/pkgconfig:${xextproto:location}/lib/pkgconfig:${xfixes:location}/lib/pkgconfig:${xorg-libpthread-stubs:location}/lib/pkgconfig:${xproto:location}/lib/pkgconfig
PYTHON2=${buildout:executable}
ACLOCAL=${automake:location}/bin/aclocal -I${libtool:location}/share/aclocal -I${pkgconfig:location}/share/aclocal
......
component/ncurses/buildout.cfg
View file @ 94026302
......@@ -4,18 +4,21 @@ parts =
[ncurses]
recipe = slapos.recipe.cmmi
url = ftp://ftp.gnu.org/pub/gnu/ncurses/ncurses-5.9.tar.gz
md5sum = 8cb9c412e5f2d96bc6f459aa8c6282a1
url = ftp://ftp.gnu.org/pub/gnu/ncurses/ncurses-6.0.tar.gz
md5sum = ee13d052e1ead260d7c28071f46eefb1
configure-options =
--prefix=${buildout:parts-directory}/${:_buildout_section_name_}
--with-shared
--without-ada
--without-manpages
--without-tests
--without-normal
--without-debug
--without-gpm
--enable-rpath
# tricky way to rerun with --enable-widec
make-targets =
install && (for i in curses unctrl eti form menu panel term; do ln -sf ncurses/$i.h ${buildout:parts-directory}/${:_buildout_section_name_}/include/$i.h; done; ln -sf libncurses.so ${buildout:parts-directory}/${:_buildout_section_name_}/lib/libcurses.so) && ./configure ${:configure-options} --enable-widec && make ${:make-options} install
install && (for i in curses unctrl eti form menu panel term; do ln -sf ncurses/$i.h ${buildout:parts-directory}/${:_buildout_section_name_}/include/$i.h; done; ln -sf libncurses.so ${buildout:parts-directory}/${:_buildout_section_name_}/lib/libcurses.so) && ./configure ${:configure-options} --enable-widec && make ${:make-options} && make ${:make-options} install
# pass dummy LDCONFIG to skip needless calling of ldconfig by non-root user
environment =
LDCONFIG=/bin/echo
......
component/nginx/buildout.cfg
View file @ 94026302
......@@ -11,8 +11,8 @@ parts = nginx-output
[nginx-common]
recipe = slapos.recipe.cmmi
url = http://nginx.org/download/nginx-1.7.8.tar.gz
md5sum = fd5ab813fc1853cd8efe580ead577c3e
url = http://nginx.org/download/nginx-1.9.4.tar.gz
md5sum = 27322fbb4b265c0e0cc548f5e6b7f201
[nginx]
<= nginx-common
......
component/numpy/buildout.cfg
View file @ 94026302
[buildout]
extends =
../gcc/buildout.cfg
../openblas/buildout.cfg
[numpy-env]
PATH = ${gcc-fortran:location}/bin:%(PATH)s
OPENBLAS = ${openblas:location}/lib/libopenblas.so
LAPACK = ${openblas:location}/lib/libopenblas.so
ATLAS = ${openblas:location}/lib/libopenblas.so
parts = numpy
[numpy]
recipe = zc.recipe.egg:custom
egg = numpy
environment = numpy-env
rpath =
${gcc-fortran:location}/lib
${gcc-fortran:location}/lib64
${openblas:location}/lib
component/numpy/openblas.cfg 0 → 100644
View file @ 94026302
[buildout]
extends =
buildout.cfg
../gcc/buildout.cfg
../openblas/buildout.cfg
[numpy-env]
PATH = ${gcc-fortran:location}/bin:%(PATH)s
OPENBLAS = ${openblas:location}/lib/libopenblas.so
LAPACK = ${openblas:location}/lib/libopenblas.so
ATLAS = ${openblas:location}/lib/libopenblas.so
[numpy]
environment = numpy-env
rpath =
${gcc-fortran:location}/lib
${gcc-fortran:location}/lib64
${openblas:location}/lib
component/openblas/buildout.cfg
View file @ 94026302
......@@ -9,8 +9,8 @@ recipe = slapos.recipe.cmmi
# does not exist yet) will fix the issue. Until then you
# can add in options :
# TARGET=HASWELL
url = http://github.com/xianyi/OpenBLAS/tarball/v0.2.13
md5sum = 74adf4c0d0d82bff4774be5bf2134183
url = http://github.com/xianyi/OpenBLAS/archive/v0.2.14.tar.gz
md5sum = 53cda7f420e1ba0ea55de536b24c9701
configure-command = true
make-options =
PREFIX="${buildout:parts-directory}/${:_buildout_section_name_}"
......
component/openldap/buildout.cfg
View file @ 94026302
......@@ -8,8 +8,8 @@ extends =
[openldap]
recipe = slapos.recipe.cmmi
url = ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.4.40.tgz
md5sum = 423c1f23d2a0cb96b3e9baf7e9d7dda7
url = http://www.openldap.org/software/download/OpenLDAP/openldap-release/openldap-2.4.42.tgz
md5sum = 47c8e2f283647a6105b8b0325257e922
configure-options =
--disable-static
--disable-slapd
......
component/p11-kit/buildout.cfg
View file @ 94026302
......@@ -9,8 +9,8 @@ extends =
[p11-kit]
recipe = slapos.recipe.cmmi
url = http://p11-glue.freedesktop.org/releases/p11-kit-0.21.1.tar.gz
md5sum = 4eea22e3b58643de141990deaae6646b
url = http://p11-glue.freedesktop.org/releases/p11-kit-0.23.1.tar.gz
md5sum = 96f073270c489c9a594e1c9413f42db8
configure-options =
--disable-static
--disable-doc-html
......
component/percona-toolkit/buildout.cfg
View file @ 94026302
......@@ -8,8 +8,8 @@ parts =
[percona-toolkit]
recipe = slapos.recipe.cmmi
version = 2.2.12
version = 2.2.15
url = http://www.percona.com/redir/downloads/percona-toolkit/${:version}/tarball/percona-toolkit-${:version}.tar.gz
md5sum = 7c39b06b97ebab97ae5d3c78d1186258
md5sum = 022f40dadaea9025820530ea1f986192
configure-command =
${perl:location}/bin/perl Makefile.PL
component/perl/buildout.cfg
View file @ 94026302
......@@ -25,4 +25,4 @@ configure-command =
-Dusethreads
environment =
PATH=${patch:location}/bin:%(PATH)s
post-make-hook = ${:_profile_base_location_}/perl-create-libs-symlink.py#539cb3cd0d1090f7f30a8e5a82b37854:post_make_hook
post-make-hook = ${:_profile_base_location_}/perl-create-libs-symlink.py#28d12de5c9c7985e65233d56817e3bec:post_make_hook
component/perl/perl-create-libs-symlink.py
View file @ 94026302
......@@ -20,5 +20,8 @@ def post_make_hook(options, buildout):
# matches[0] is a prefix of "location"
# For the symlink, we want the relative path.
rel_link = os.path.relpath(os.path.dirname(matches[0]), location)
os.symlink(rel_link, os.path.join(location, "libs-c"))
simlink_location = os.path.join(location, "libs-c")
if os.path.islink(simlink_location):
os.unlink(simlink_location)
os.symlink(rel_link, simlink_location)
print "Created symlink \"libs-c\" to", rel_link
component/pkgconfig/buildout.cfg
View file @ 94026302
......@@ -14,17 +14,17 @@ extends =
[pkgconfig]
recipe = slapos.recipe.cmmi
url = http://pkgconfig.freedesktop.org/releases/pkg-config-0.28.tar.gz
md5sum = aa3c86e67551adc3ac865160e34a2a0d
url = http://pkgconfig.freedesktop.org/releases/pkg-config-0.29.tar.gz
md5sum = 77f27dce7ef88d0634d0d6f90e03a77f
location = ${buildout:parts-directory}/${:_buildout_section_name_}
# build pkg-config twice so that second configure can use pkg-config
# to compute GLIB_CFLAGS and GLIB_LIBS.
configure-command =
./configure --prefix=${:location} --with-installed-glib --with-installed-popt && make && ./configure
pre-configure =
./configure --prefix=${:location} --with-installed-glib --with-installed-popt && make
configure-options =
--prefix=${:location}
--with-installed-glib
--with-installed-popt
--disable-host-tool
environment =
PATH=.:%(PATH)s
PKG_CONFIG_PATH=${glib:location}/lib/pkgconfig
......
component/postfix/buildout.cfg
View file @ 94026302
......@@ -6,14 +6,17 @@ extends =
../libdb/buildout.cfg
../openssl/buildout.cfg
../pcre/buildout.cfg
parts = postfix
../cyrus-sasl/buildout.cfg
[postfix]
recipe = slapos.recipe.cmmi
url = ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.8.3.tar.gz
md5sum = b3922ededd3fd6051f759e58a4ada3ae
url = ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.11.6.tar.gz
md5sum = c3277d05b78eaaf5955406bc7b6d2b9f
location = ${buildout:parts-directory}/${:_buildout_section_name_}
patch-options = -p1
patches =
${:_profile_base_location_}/noroot.patch#738bcc97b8044c45b58708bdf3a84b8e
${:_profile_base_location_}/skip-libdb-check.patch#f7fdbd8787874b535fee548b0139c0d8
configure-command = make
configure-options = makefiles CCARGS='-DUSE_TLS -DHAS_PCRE -DHAS_DB -I${libdb:location}/include -I${pcre:location}/include -I${openssl:location}/include' AUXLIBS='-L${openssl:location}/lib -L${pcre:location}/lib -L${libdb:location}/lib -lssl -lpcre -ldb -lcrypto -Wl,-rpath=${openssl:location}/lib -Wl,-rpath=${pcre:location}/lib -Wl,-rpath=${libdb:location}/lib'
configure-options = makefiles CCARGS='-DUSE_SASL_AUTH -DUSE_CYRUS_SASL -DUSE_TLS -DHAS_PCRE -DHAS_DB -I${libdb:location}/include -I${pcre:location}/include -I${openssl:location}/include -I${cyrus-sasl:location}/include/sasl' AUXLIBS='-L${openssl:location}/lib -L${pcre:location}/lib -L${libdb:location}/lib -L${cyrus-sasl:location}/lib -lssl -lpcre -ldb -lcrypto -lsasl2 -Wl,-rpath=${openssl:location}/lib -Wl,-rpath=${pcre:location}/lib -Wl,-rpath=${libdb:location}/lib -Wl,-rpath=${cyrus-sasl:location}/lib'
make-targets = non-interactive-package install_root=${:location}
component/postfix/noroot.patch 0 → 100644
View file @ 94026302
diff --git a/src/global/mail_params.c b/src/global/mail_params.c
index 2d91977..0f06298 100644
--- a/src/global/mail_params.c
+++ b/src/global/mail_params.c
@@ -721,7 +721,9 @@ void mail_params_init()
check_default_privs();
check_mail_owner();
check_sgid_group();
+ /*
check_overlap();
+ */
#ifdef HAS_DB
dict_db_cache_size = var_db_read_buf;
#endif
diff --git a/src/master/master.c b/src/master/master.c
index a9d5d1b..db88c55 100644
--- a/src/master/master.c
+++ b/src/master/master.c
@@ -315,10 +315,10 @@ int main(int argc, char **argv)
* privileges for selected operations. That's right - it takes privileges
* to toss privileges.
*/
- if (getuid() != 0)
+ /*if (getuid() != 0)
msg_fatal("the master command is reserved for the superuser");
if (unsafe() != 0)
- msg_fatal("the master command must not run as a set-uid process");
+ msg_fatal("the master command must not run as a set-uid process");*/
/*
* Process JCL.
@@ -392,8 +392,10 @@ int main(int argc, char **argv)
* all MTA processes cleanly. Give up if we can't separate from our
* parent process. We're not supposed to blow away the parent.
*/
+ /*
if (debug_me == 0 && master_detach != 0 && setsid() == -1 && getsid(0) != getpid())
msg_fatal("unable to set session and process group ID: %m");
+ */
/*
* Make some room for plumbing with file descriptors. XXX This breaks
diff --git a/src/postfix/postfix.c b/src/postfix/postfix.c
index 183c825..007c805 100644
--- a/src/postfix/postfix.c
+++ b/src/postfix/postfix.c
@@ -450,12 +450,12 @@ int main(int argc, char **argv)
* privileges for selected operations. That's right - it takes privileges
* to toss privileges.
*/
- if (getuid() != 0) {
+ /*if (getuid() != 0) {
msg_error("to submit mail, use the Postfix sendmail command");
msg_fatal("the postfix command is reserved for the superuser");
}
if (unsafe() != 0)
- msg_fatal("the postfix command must not run as a set-uid process");
+ msg_fatal("the postfix command must not run as a set-uid process");*/
/*
* Parse switches.
diff --git a/src/postsuper/postsuper.c b/src/postsuper/postsuper.c
index 9dabb5d..e678565 100644
--- a/src/postsuper/postsuper.c
+++ b/src/postsuper/postsuper.c
@@ -1150,10 +1150,10 @@ int main(int argc, char **argv)
* the secondary groups, the process environment, and so on. Otherwise,
* accidents can happen. If not with Postfix, then with other software.
*/
- if (unsafe() != 0)
+ /*if (unsafe() != 0)
msg_fatal("this postfix command must not run as a set-uid process");
if (getuid())
- msg_fatal("use of this command is reserved for the superuser");
+ msg_fatal("use of this command is reserved for the superuser");*/
/*
* Parse JCL.
diff --git a/src/util/chroot_uid.c b/src/util/chroot_uid.c
index 4a7660f..d5d4e67 100644
--- a/src/util/chroot_uid.c
+++ b/src/util/chroot_uid.c
@@ -55,10 +55,11 @@ void chroot_uid(const char *root_dir, const char *user_name)
msg_fatal("unknown user: %s", user_name);
uid = pwd->pw_uid;
gid = pwd->pw_gid;
+ /*
if (setgid(gid) < 0)
msg_fatal("setgid(%ld): %m", (long) gid);
if (initgroups(user_name, gid) < 0)
- msg_fatal("initgroups: %m");
+ msg_fatal("initgroups: %m");*/
}
/*
@@ -74,9 +75,11 @@ void chroot_uid(const char *root_dir, const char *user_name)
/*
* Drop the user privileges.
*/
+ /*
if (user_name != 0)
if (setuid(uid) < 0)
msg_fatal("setuid(%ld): %m", (long) uid);
+ */
/*
* Give the desperate developer a clue of what is happening.
diff --git a/src/util/set_eugid.c b/src/util/set_eugid.c
index ef35380..ed96a69 100644
--- a/src/util/set_eugid.c
+++ b/src/util/set_eugid.c
@@ -53,7 +53,7 @@
void set_eugid(uid_t euid, gid_t egid)
{
- int saved_errno = errno;
+/* int saved_errno = errno;
if (geteuid() != 0)
if (seteuid(0))
@@ -67,4 +67,4 @@ void set_eugid(uid_t euid, gid_t egid)
if (msg_verbose)
msg_info("set_eugid: euid %ld egid %ld", (long) euid, (long) egid);
errno = saved_errno;
-}
+*/}
diff --git a/src/util/set_ugid.c b/src/util/set_ugid.c
index bbcb901..5a7a48b 100644
--- a/src/util/set_ugid.c
+++ b/src/util/set_ugid.c
@@ -44,7 +44,7 @@
void set_ugid(uid_t uid, gid_t gid)
{
- int saved_errno = errno;
+/* int saved_errno = errno;
if (geteuid() != 0)
if (seteuid(0) < 0)
@@ -58,4 +58,4 @@ void set_ugid(uid_t uid, gid_t gid)
if (msg_verbose > 1)
msg_info("setugid: uid %ld gid %ld", (long) uid, (long) gid);
errno = saved_errno;
-}
+*/}
component/postfix/skip-libdb-check.patch 0 → 100644
View file @ 94026302
diff --git a/makedefs b/makedefs
index dd5f256..e90880e 100644
--- a/makedefs
+++ b/makedefs
@@ -299,13 +299,13 @@ case "$SYSTEM.$RELEASE" in
elif [ -f /usr/include/db/db.h ]
then
CCARGS="$CCARGS -I/usr/include/db"
- else
+ #else
# No, we're not going to try db1 db2 db3 etc.
# On a properly installed system, Postfix builds
# by including <db.h> and by linking with -ldb
- echo "No <db.h> include file found." 1>&2
- echo "Install the appropriate db*-devel package first." 1>&2
- exit 1
+ #echo "No <db.h> include file found." 1>&2
+ #echo "Install the appropriate db*-devel package first." 1>&2
+ #exit 1
fi
SYSLIBS="-ldb"
;;
@@ -372,12 +372,12 @@ EOF
elif [ -f /usr/include/db/db.h ]
then
CCARGS="$CCARGS -I/usr/include/db"
- else
+ #else
# On a properly installed system, Postfix builds
# by including <db.h> and by linking with -ldb
- echo "No <db.h> include file found." 1>&2
- echo "Install the appropriate db*-devel package first." 1>&2
- exit 1
+ #echo "No <db.h> include file found." 1>&2
+ #echo "Install the appropriate db*-devel package first." 1>&2
+ #exit 1
fi
SYSLIBS="-ldb"
;;
@@ -403,12 +403,12 @@ EOF
elif [ -f /usr/include/db/db.h ]
then
CCARGS="$CCARGS -I/usr/include/db"
- else
+ #else
# On a properly installed system, Postfix builds
# by including <db.h> and by linking with -ldb
- echo "No <db.h> include file found." 1>&2
- echo "Install the appropriate db*-devel package first." 1>&2
- exit 1
+ #echo "No <db.h> include file found." 1>&2
+ #echo "Install the appropriate db*-devel package first." 1>&2
+ #exit 1
fi
SYSLIBS="-ldb"
;;
component/pysvn-python/buildout.cfg
View file @ 94026302
......@@ -10,6 +10,11 @@ parts =
recipe = zc.recipe.egg:custom
egg =
pysvn
find-links = http://pysvn.barrys-emacs.org/source_kits/pysvn-1.7.10.tar.gz
patches =
${:_profile_base_location_}/pysvn-1.7.10-inc_lib_dir.patch#02d00b58d537242aa5bb5c9202dedbf1
${:_profile_base_location_}/pysvn-issue-179.patch#bd3f9629f95f0f749c5a5e93c797ee2b
patch-options = -p1
include-dirs =
${subversion:location}/include/subversion-1
${apache:location}/include
......
component/pysvn-python/pysvn-1.7.10-inc_lib_dir.patch 0 → 100644
View file @ 94026302
diff -ur pysvn-1.7.10.orig/setup.py pysvn-1.7.10/setup.py
--- pysvn-1.7.10.orig/setup.py 2010-12-30 13:26:51.000000000 +0100
+++ pysvn-1.7.10/setup.py 2015-08-14 10:29:25.562686564 +0200
@@ -19,6 +19,7 @@
import os
import os.path
import setuptools.command.bdist_egg
+from ConfigParser import ConfigParser
pysvn_version_info = {}
f = open( 'Builder/version.info', 'r' )
@@ -27,13 +28,26 @@
pysvn_version_info[ key ] = value
def run(self):
+ cfg = ConfigParser()
+ cfg.read('setup.cfg')
+ kw = {}
+ for key in ('include-dirs', 'library-dirs'):
+ if cfg.has_option('build_ext', key):
+ kw[key] = cfg.get('build_ext', key)
+
# Generate metadata first
self.run_command("egg_info")
os.chdir('Source')
- os.system(sys.executable + ' setup.py configure')
+ os.system(sys.executable + ' setup.py configure --include-dirs=%(include-dirs)s --library-dirs=%(library-dirs)s' % kw)
os.system('make clean')
os.system('make')
- os.system('make egg DISTDIR="%s"' % os.path.abspath(os.path.join('..', self.dist_dir)))
+ os.system('rm -rf dist; mkdir -p dist/EGG-INFO')
+ os.system('cp -rvf pysvn dist')
+ os.system('cp -rvf ../pysvn.egg-info/* dist/EGG-INFO')
+ os.system('find dist/pysvn -type f | sed s:dist/:: > dist/EGG-INFO/SOURCES.txt')
+ setuptools.command.bdist_egg.make_zipfile(
+ self.egg_output, 'dist', verbose=self.verbose,
+ dry_run=self.dry_run, mode=self.gen_header())
os.chdir('..') # Go back in parent directory
# Add to 'Distribution.dist_files' so that the "upload" command works
getattr( self.distribution, 'dist_files', [] ).append(
diff -ur pysvn-1.7.10.orig/Source/setup_configure.py pysvn-1.7.10/Source/setup_configure.py
--- pysvn-1.7.10.orig/Source/setup_configure.py 2014-11-09 11:55:47.000000000 +0100
+++ pysvn-1.7.10/Source/setup_configure.py 2015-08-17 10:41:05.781767086 +0200
@@ -54,6 +54,8 @@
class Options:
all_options_info = {
'--arch': (2, '<arch>'),
+ '--library-dirs': (1, '<dir>:<dir>:...'),
+ '--include-dirs': (1, '<dir>:<dir>:...'),
'--apr-inc-dir': (1, '<dir>'),
'--apu-inc-dir': (1, '<dir>'),
'--apr-lib-dir': (1, '<dir>'),
@@ -511,12 +513,16 @@
raise last_exception
def find_svn_bin( self ):
- return self.find_dir(
+ try:
+ return self.find_dir(
'SVN bin',
'--svn-bin-dir',
'bin',
self._find_paths_svn_bin,
'svnadmin%s' % (self.getProgramExt(),) )
+ except SetupError:
+ # svnadmin is only required for test
+ return ''
def find_svn_lib( self ):
folder = self.find_dir(
@@ -589,8 +595,8 @@
# override the base_dir_list from the command line kw
svn_root_dir = None
- if self.options.hasOption( kw ):
- base_dir_list = [self.options.getOption( kw )]
+ if kw and self.options.hasOption( kw ):
+ base_dir_list = self.options.getOption( kw ) + base_dir_list
elif( self.options.hasOption( '--svn-root-dir' )
and svn_root_suffix is not None ):
@@ -604,7 +610,7 @@
if self.verbose:
print( 'Info: Checking for %s in %s' % (name, full_check_file) )
if os.path.exists( full_check_file ):
- return os.path.abspath( dirname )
+ return dirname
raise SetupError( 'cannot find %s %s - use %s' % (name, check_file, kw) )
@@ -629,6 +635,17 @@
def getSvnVersion( self ):
return self.__svn_version_tuple
+ def _library_dirs( self ):
+ if self.options.hasOption( '--library-dirs' ):
+ return self.options.getOption( '--library-dirs' ).split(':')
+ else:
+ return []
+
+ def _include_dirs( self ):
+ if self.options.hasOption( '--include-dirs' ):
+ return self.options.getOption( '--include-dirs' ).split(':')
+ else:
+ return []
class Win32CompilerMSVC90(Compiler):
def __init__( self, setup ):
@@ -1093,7 +1110,7 @@
'%(PYCXX)s/Src',
'/usr/share/python%s/CXX' % distutils.sysconfig.get_python_version() # typical Linux
]
- self._find_paths_svn_inc = [
+ self._find_paths_svn_inc = self._include_dirs() + [
'/usr/include/subversion-1', # typical Linux
'/usr/local/include/subversion-1', # typical *BSD
'/usr/pkg/include/subversion-1', # netbsd
@@ -1103,14 +1120,14 @@
'/usr/local/bin', # typical *BSD
'/usr/pkg/bin', # netbsd
]
- self._find_paths_svn_lib = [
+ self._find_paths_svn_lib = self._library_dirs() + [
'/usr/lib64', # typical 64bit Linux
'/usr/lib', # typical Linux
'/usr/local/lib64', # typical 64bit Linux
'/usr/local/lib', # typical *BSD
'/usr/pkg/lib', # netbsd
]
- self._find_paths_apr_inc = [
+ self._find_paths_apr_inc = self._include_dirs() + [
'/usr/include/apr-1', # typical Linux
'/usr/local/apr/include/apr-1', # Mac OS X www.metissian.com
'/usr/pkg/include/apr-1', # netbsd
@@ -1120,7 +1137,7 @@
'/usr/local/include/apache2', # alternate *BSD
]
self._find_paths_apr_util_inc = self._find_paths_apr_inc
- self._find_paths_apr_lib = [
+ self._find_paths_apr_lib = self._library_dirs() + [
'/usr/lib64', # typical 64bit Linux
'/usr/lib', # typical Linux
'/usr/local/lib64', # typical 64bit Linux
@@ -1186,6 +1203,8 @@
if not self.setup.options.hasOption( '--norpath' ):
py_ld_libs.extend( [
'-Wl,--rpath',
+ '-Wl,%(APR_LIB)s',
+ '-Wl,--rpath',
'-Wl,%(SVN_LIB)s'
] )
py_ld_libs.extend( [
component/pysvn-python/pysvn-issue-179.patch 0 → 100644
View file @ 94026302
http://pysvn.tigris.org/ds/viewMessage.do?dsForumId=1334&dsMessageId=3094617
diff -ur pysvn-1.7.10.orig/Source/pysvn_svnenv.cpp pysvn-1.7.10/Source/pysvn_svnenv.cpp
--- pysvn-1.7.10.orig/Source/pysvn_svnenv.cpp 2010-11-20 13:02:37.000000000 +0100
+++ pysvn-1.7.10/Source/pysvn_svnenv.cpp 2015-08-17 17:39:50.491209720 +0200
@@ -292,8 +292,8 @@
if( accept_permanently )
{
new_cred->may_save = 1;
- new_cred->accepted_failures = accepted_failures;
}
+ new_cred->accepted_failures = accepted_failures;
*cred = new_cred;
component/python-2.7/buildout.cfg
View file @ 94026302
......@@ -40,6 +40,7 @@ executable = ${:prefix}/bin/python${:version}
patch-options = -p1
patches =
${:_profile_base_location_}/fix_compiler_module_issue_20613.patch#94443a77f903e9de880a029967fa6aa7
${:_profile_base_location_}/pytracemalloc_pep445.patch#46662cf0ccc7cb7cfb8289bbfd68b21a
url =
http://python.org/ftp/python/${:package_version}/Python-${:package_version}${:package_version_suffix}.tar.xz
configure-options =
......
component/python-2.7/pytracemalloc_pep445.patch 0 → 100644
View file @ 94026302
diff -urN Python-2.7.10.ORIG/Include/objimpl.h Python-2.7.10/Include/objimpl.h
--- Python-2.7.10.ORIG/Include/objimpl.h 2015-05-24 01:08:59.000000000 +0900
+++ Python-2.7.10/Include/objimpl.h 2015-10-13 17:31:13.771317208 +0900
@@ -98,10 +98,8 @@
PyAPI_FUNC(void *) PyObject_Realloc(void *, size_t);
PyAPI_FUNC(void) PyObject_Free(void *);
-
/* Macros */
-#ifdef WITH_PYMALLOC
-#ifdef PYMALLOC_DEBUG /* WITH_PYMALLOC && PYMALLOC_DEBUG */
+#if defined(WITH_PYMALLOC) && defined(PYMALLOC_DEBUG)
PyAPI_FUNC(void *) _PyObject_DebugMalloc(size_t nbytes);
PyAPI_FUNC(void *) _PyObject_DebugRealloc(void *p, size_t nbytes);
PyAPI_FUNC(void) _PyObject_DebugFree(void *p);
@@ -115,28 +113,17 @@
PyAPI_FUNC(void *) _PyMem_DebugMalloc(size_t nbytes);
PyAPI_FUNC(void *) _PyMem_DebugRealloc(void *p, size_t nbytes);
PyAPI_FUNC(void) _PyMem_DebugFree(void *p);
-#define PyObject_MALLOC _PyObject_DebugMalloc
-#define PyObject_Malloc _PyObject_DebugMalloc
-#define PyObject_REALLOC _PyObject_DebugRealloc
-#define PyObject_Realloc _PyObject_DebugRealloc
-#define PyObject_FREE _PyObject_DebugFree
-#define PyObject_Free _PyObject_DebugFree
+#endif
-#else /* WITH_PYMALLOC && ! PYMALLOC_DEBUG */
#define PyObject_MALLOC PyObject_Malloc
#define PyObject_REALLOC PyObject_Realloc
#define PyObject_FREE PyObject_Free
-#endif
-
-#else /* ! WITH_PYMALLOC */
-#define PyObject_MALLOC PyMem_MALLOC
-#define PyObject_REALLOC PyMem_REALLOC
-#define PyObject_FREE PyMem_FREE
-
-#endif /* WITH_PYMALLOC */
-
#define PyObject_Del PyObject_Free
-#define PyObject_DEL PyObject_FREE
+#define PyObject_DEL PyObject_Free
+
+#ifdef PYMALLOC_DEBUG /* WITH_PYMALLOC && PYMALLOC_DEBUG */
+PyAPI_FUNC(void) _PyObject_DebugMallocStats(void);
+#endif
/* for source compatibility with 2.2 */
#define _PyObject_Del PyObject_Free
diff -urN Python-2.7.10.ORIG/Include/pymem.h Python-2.7.10/Include/pymem.h
--- Python-2.7.10.ORIG/Include/pymem.h 2015-05-24 01:09:00.000000000 +0900
+++ Python-2.7.10/Include/pymem.h 2015-10-13 17:31:13.771317208 +0900
@@ -11,6 +11,11 @@
extern "C" {
#endif
+PyAPI_FUNC(void *) PyMem_RawMalloc(size_t size);
+PyAPI_FUNC(void *) PyMem_RawRealloc(void *ptr, size_t new_size);
+PyAPI_FUNC(void) PyMem_RawFree(void *ptr);
+
+
/* BEWARE:
Each interface exports both functions and macros. Extension modules should
@@ -49,21 +54,17 @@
performed on failure (no exception is set, no warning is printed, etc).
*/
-PyAPI_FUNC(void *) PyMem_Malloc(size_t);
-PyAPI_FUNC(void *) PyMem_Realloc(void *, size_t);
-PyAPI_FUNC(void) PyMem_Free(void *);
+PyAPI_FUNC(void *) PyMem_Malloc(size_t size);
+PyAPI_FUNC(void *) PyMem_Realloc(void *ptr, size_t new_size);
+PyAPI_FUNC(void) PyMem_Free(void *ptr);
+
+PyAPI_FUNC(char *) _PyMem_RawStrdup(const char *str);
+PyAPI_FUNC(char *) _PyMem_Strdup(const char *str);
/* Starting from Python 1.6, the wrappers Py_{Malloc,Realloc,Free} are
no longer supported. They used to call PyErr_NoMemory() on failure. */
/* Macros. */
-#ifdef PYMALLOC_DEBUG
-/* Redirect all memory operations to Python's debugging allocator. */
-#define PyMem_MALLOC _PyMem_DebugMalloc
-#define PyMem_REALLOC _PyMem_DebugRealloc
-#define PyMem_FREE _PyMem_DebugFree
-
-#else /* ! PYMALLOC_DEBUG */
/* PyMem_MALLOC(0) means malloc(1). Some systems would return NULL
for malloc(0), which would be treated as an error. Some platforms
@@ -71,13 +72,9 @@
pymalloc. To solve these problems, allocate an extra byte. */
/* Returns NULL to indicate error if a negative size or size larger than
Py_ssize_t can represent is supplied. Helps prevents security holes. */
-#define PyMem_MALLOC(n) ((size_t)(n) > (size_t)PY_SSIZE_T_MAX ? NULL \
- : malloc((n) ? (n) : 1))
-#define PyMem_REALLOC(p, n) ((size_t)(n) > (size_t)PY_SSIZE_T_MAX ? NULL \
- : realloc((p), (n) ? (n) : 1))
-#define PyMem_FREE free
-
-#endif /* PYMALLOC_DEBUG */
+#define PyMem_MALLOC(n) PyMem_Malloc(n)
+#define PyMem_REALLOC(p, n) PyMem_Realloc(p, n)
+#define PyMem_FREE(p) PyMem_Free(p)
/*
* Type-oriented memory interface
@@ -115,6 +112,67 @@
#define PyMem_Del PyMem_Free
#define PyMem_DEL PyMem_FREE
+typedef enum {
+ /* PyMem_RawMalloc(), PyMem_RawRealloc() and PyMem_RawFree() */
+ PYMEM_DOMAIN_RAW,
+
+ /* PyMem_Malloc(), PyMem_Realloc() and PyMem_Free() */
+ PYMEM_DOMAIN_MEM,
+
+ /* PyObject_Malloc(), PyObject_Realloc() and PyObject_Free() */
+ PYMEM_DOMAIN_OBJ
+} PyMemAllocatorDomain;
+
+typedef struct {
+ /* user context passed as the first argument to the 3 functions */
+ void *ctx;
+
+ /* allocate a memory block */
+ void* (*malloc) (void *ctx, size_t size);
+
+ /* allocate or resize a memory block */
+ void* (*realloc) (void *ctx, void *ptr, size_t new_size);
+
+ /* release a memory block */
+ void (*free) (void *ctx, void *ptr);
+} PyMemAllocator;
+
+/* Get the memory block allocator of the specified domain. */
+PyAPI_FUNC(void) PyMem_GetAllocator(PyMemAllocatorDomain domain,
+ PyMemAllocator *allocator);
+
+/* Set the memory block allocator of the specified domain.
+
+ The new allocator must return a distinct non-NULL pointer when requesting
+ zero bytes.
+
+ For the PYMEM_DOMAIN_RAW domain, the allocator must be thread-safe: the GIL
+ is not held when the allocator is called.
+
+ If the new allocator is not a hook (don't call the previous allocator), the
+ PyMem_SetupDebugHooks() function must be called to reinstall the debug hooks
+ on top on the new allocator. */
+PyAPI_FUNC(void) PyMem_SetAllocator(PyMemAllocatorDomain domain,
+ PyMemAllocator *allocator);
+
+/* Setup hooks to detect bugs in the following Python memory allocator
+ functions:
+
+ - PyMem_RawMalloc(), PyMem_RawRealloc(), PyMem_RawFree()
+ - PyMem_Malloc(), PyMem_Realloc(), PyMem_Free()
+ - PyObject_Malloc(), PyObject_Realloc() and PyObject_Free()
+
+ Newly allocated memory is filled with the byte 0xCB, freed memory is filled
+ with the byte 0xDB. Additionnal checks:
+
+ - detect API violations, ex: PyObject_Free() called on a buffer allocated
+ by PyMem_Malloc()
+ - detect write before the start of the buffer (buffer underflow)
+ - detect write after the end of the buffer (buffer overflow)
+
+ The function does nothing if Python is not compiled is debug mode. */
+PyAPI_FUNC(void) PyMem_SetupDebugHooks(void);
+
#ifdef __cplusplus
}
#endif
diff -urN Python-2.7.10.ORIG/Objects/object.c Python-2.7.10/Objects/object.c
--- Python-2.7.10.ORIG/Objects/object.c 2015-05-24 01:09:22.000000000 +0900
+++ Python-2.7.10/Objects/object.c 2015-10-13 17:31:13.771317208 +0900
@@ -2335,27 +2335,6 @@
Py_ssize_t (*_Py_abstract_hack)(PyObject *) = PyObject_Size;
-/* Python's malloc wrappers (see pymem.h) */
-
-void *
-PyMem_Malloc(size_t nbytes)
-{
- return PyMem_MALLOC(nbytes);
-}
-
-void *
-PyMem_Realloc(void *p, size_t nbytes)
-{
- return PyMem_REALLOC(p, nbytes);
-}
-
-void
-PyMem_Free(void *p)
-{
- PyMem_FREE(p);
-}
-
-
/* These methods are used to control infinite recursion in repr, str, print,
etc. Container objects that may recursively contain themselves,
e.g. builtin dictionaries and lists, should used Py_ReprEnter() and
diff -urN Python-2.7.10.ORIG/Objects/obmalloc.c Python-2.7.10/Objects/obmalloc.c
--- Python-2.7.10.ORIG/Objects/obmalloc.c 2015-05-24 01:09:22.000000000 +0900
+++ Python-2.7.10/Objects/obmalloc.c 2015-10-13 17:37:24.665726972 +0900
@@ -18,6 +18,281 @@
#endif
#endif
+/* Python's malloc wrappers (see pymem.h) */
+
+#ifdef PYMALLOC_DEBUG /* WITH_PYMALLOC && PYMALLOC_DEBUG */
+/* Forward declaration */
+static void* _PyMem_DebugMallocCtx(void *ctx, size_t size);
+static void _PyMem_DebugFreeCtx(void *ctx, void *p);
+static void* _PyMem_DebugReallocCtx(void *ctx, void *ptr, size_t size);
+
+static void _PyMem_DebugCheckAddress(char api_id, const void *p);
+#endif
+
+#ifdef WITH_PYMALLOC
+
+#ifdef MS_WINDOWS
+# include <windows.h>
+#elif defined(HAVE_MMAP)
+# include <sys/mman.h>
+# ifdef MAP_ANONYMOUS
+# define ARENAS_USE_MMAP
+# endif
+#endif
+
+/* Forward declaration */
+static void* _PyObject_Malloc(void *ctx, size_t size);
+static void _PyObject_Free(void *ctx, void *p);
+static void* _PyObject_Realloc(void *ctx, void *ptr, size_t size);
+#endif
+
+
+static void *
+_PyMem_RawMalloc(void *ctx, size_t size)
+{
+ /* PyMem_Malloc(0) means malloc(1). Some systems would return NULL
+ for malloc(0), which would be treated as an error. Some platforms would
+ return a pointer with no memory behind it, which would break pymalloc.
+ To solve these problems, allocate an extra byte. */
+ if (size == 0)
+ size = 1;
+ return malloc(size);
+}
+
+static void *
+_PyMem_RawRealloc(void *ctx, void *ptr, size_t size)
+{
+ if (size == 0)
+ size = 1;
+ return realloc(ptr, size);
+}
+
+static void
+_PyMem_RawFree(void *ctx, void *ptr)
+{
+ free(ptr);
+}
+
+#define PYRAW_FUNCS _PyMem_RawMalloc, _PyMem_RawRealloc, _PyMem_RawFree
+#ifdef WITH_PYMALLOC
+#define PYOBJECT_FUNCS _PyObject_Malloc, _PyObject_Realloc, _PyObject_Free
+#else
+#define PYOBJECT_FUNCS PYRAW_FUNCS
+#endif
+
+#ifdef PYMALLOC_DEBUG
+typedef struct {
+ /* We tag each block with an API ID in order to tag API violations */
+ char api_id;
+ PyMemAllocator alloc;
+} debug_alloc_api_t;
+static struct {
+ debug_alloc_api_t raw;
+ debug_alloc_api_t mem;
+ debug_alloc_api_t obj;
+} _PyMem_Debug = {
+ {'r', {NULL, PYRAW_FUNCS}},
+ {'m', {NULL, PYRAW_FUNCS}},
+ {'o', {NULL, PYOBJECT_FUNCS}}
+ };
+
+#define PYDEBUG_FUNCS _PyMem_DebugMallocCtx, _PyMem_DebugReallocCtx, _PyMem_DebugFreeCtx
+#endif
+
+static PyMemAllocator _PyMem_Raw = {
+#ifdef PYMALLOC_DEBUG
+ &_PyMem_Debug.raw, PYDEBUG_FUNCS
+#else
+ NULL, PYRAW_FUNCS
+#endif
+ };
+
+static PyMemAllocator _PyMem = {
+#ifdef PYMALLOC_DEBUG
+ &_PyMem_Debug.mem, PYDEBUG_FUNCS
+#else
+ NULL, PYRAW_FUNCS
+#endif
+ };
+
+static PyMemAllocator _PyObject = {
+#ifdef PYMALLOC_DEBUG
+ &_PyMem_Debug.obj, PYDEBUG_FUNCS
+#else
+ NULL, PYOBJECT_FUNCS
+#endif
+ };
+
+#undef PYRAW_FUNCS
+#undef PYOBJECT_FUNCS
+#undef PYDEBUG_FUNCS
+
+void
+PyMem_SetupDebugHooks(void)
+{
+#ifdef PYMALLOC_DEBUG
+ PyMemAllocator alloc;
+
+ alloc.malloc = _PyMem_DebugMallocCtx;
+ alloc.realloc = _PyMem_DebugReallocCtx;
+ alloc.free = _PyMem_DebugFreeCtx;
+
+ if (_PyMem_Raw.malloc != _PyMem_DebugMallocCtx) {
+ alloc.ctx = &_PyMem_Debug.raw;
+ PyMem_GetAllocator(PYMEM_DOMAIN_RAW, &_PyMem_Debug.raw.alloc);
+ PyMem_SetAllocator(PYMEM_DOMAIN_RAW, &alloc);
+ }
+
+ if (_PyMem.malloc != _PyMem_DebugMallocCtx) {
+ alloc.ctx = &_PyMem_Debug.mem;
+ PyMem_GetAllocator(PYMEM_DOMAIN_MEM, &_PyMem_Debug.mem.alloc);
+ PyMem_SetAllocator(PYMEM_DOMAIN_MEM, &alloc);
+ }
+
+ if (_PyObject.malloc != _PyMem_DebugMallocCtx) {
+ alloc.ctx = &_PyMem_Debug.obj;
+ PyMem_GetAllocator(PYMEM_DOMAIN_OBJ, &_PyMem_Debug.obj.alloc);
+ PyMem_SetAllocator(PYMEM_DOMAIN_OBJ, &alloc);
+ }
+#endif
+}
+
+void
+PyMem_GetAllocator(PyMemAllocatorDomain domain, PyMemAllocator *allocator)
+{
+ switch(domain)
+ {
+ case PYMEM_DOMAIN_RAW: *allocator = _PyMem_Raw; break;
+ case PYMEM_DOMAIN_MEM: *allocator = _PyMem; break;
+ case PYMEM_DOMAIN_OBJ: *allocator = _PyObject; break;
+ default:
+ /* unknown domain */
+ allocator->ctx = NULL;
+ allocator->malloc = NULL;
+ allocator->realloc = NULL;
+ allocator->free = NULL;
+ }
+}
+
+void
+PyMem_SetAllocator(PyMemAllocatorDomain domain, PyMemAllocator *allocator)
+{
+ switch(domain)
+ {
+ case PYMEM_DOMAIN_RAW: _PyMem_Raw = *allocator; break;
+ case PYMEM_DOMAIN_MEM: _PyMem = *allocator; break;
+ case PYMEM_DOMAIN_OBJ: _PyObject = *allocator; break;
+ /* ignore unknown domain */
+ }
+
+}
+
+void *
+PyMem_RawMalloc(size_t size)
+{
+ /*
+ * Limit ourselves to PY_SSIZE_T_MAX bytes to prevent security holes.
+ * Most python internals blindly use a signed Py_ssize_t to track
+ * things without checking for overflows or negatives.
+ * As size_t is unsigned, checking for size < 0 is not required.
+ */
+ if (size > (size_t)PY_SSIZE_T_MAX)
+ return NULL;
+
+ return _PyMem_Raw.malloc(_PyMem_Raw.ctx, size);
+}
+
+void*
+PyMem_RawRealloc(void *ptr, size_t new_size)
+{
+ /* see PyMem_RawMalloc() */
+ if (new_size > (size_t)PY_SSIZE_T_MAX)
+ return NULL;
+ return _PyMem_Raw.realloc(_PyMem_Raw.ctx, ptr, new_size);
+}
+
+void PyMem_RawFree(void *ptr)
+{
+ _PyMem_Raw.free(_PyMem_Raw.ctx, ptr);
+}
+
+void *
+PyMem_Malloc(size_t size)
+{
+ /* see PyMem_RawMalloc() */
+ if (size > (size_t)PY_SSIZE_T_MAX)
+ return NULL;
+ return _PyMem.malloc(_PyMem.ctx, size);
+}
+
+void *
+PyMem_Realloc(void *ptr, size_t new_size)
+{
+ /* see PyMem_RawMalloc() */
+ if (new_size > (size_t)PY_SSIZE_T_MAX)
+ return NULL;
+ return _PyMem.realloc(_PyMem.ctx, ptr, new_size);
+}
+
+void
+PyMem_Free(void *ptr)
+{
+ _PyMem.free(_PyMem.ctx, ptr);
+}
+
+char *
+_PyMem_RawStrdup(const char *str)
+{
+ size_t size;
+ char *copy;
+
+ size = strlen(str) + 1;
+ copy = PyMem_RawMalloc(size);
+ if (copy == NULL)
+ return NULL;
+ memcpy(copy, str, size);
+ return copy;
+}
+
+char *
+_PyMem_Strdup(const char *str)
+{
+ size_t size;
+ char *copy;
+
+ size = strlen(str) + 1;
+ copy = PyMem_Malloc(size);
+ if (copy == NULL)
+ return NULL;
+ memcpy(copy, str, size);
+ return copy;
+}
+
+void *
+PyObject_Malloc(size_t size)
+{
+ /* see PyMem_RawMalloc() */
+ if (size > (size_t)PY_SSIZE_T_MAX)
+ return NULL;
+ return _PyObject.malloc(_PyObject.ctx, size);
+}
+
+void *
+PyObject_Realloc(void *ptr, size_t new_size)
+{
+ /* see PyMem_RawMalloc() */
+ if (new_size > (size_t)PY_SSIZE_T_MAX)
+ return NULL;
+ return _PyObject.realloc(_PyObject.ctx, ptr, new_size);
+}
+
+void
+PyObject_Free(void *ptr)
+{
+ _PyObject.free(_PyObject.ctx, ptr);
+}
+
+
#ifdef WITH_PYMALLOC
#ifdef HAVE_MMAP
@@ -581,7 +856,7 @@
return NULL; /* overflow */
#endif
nbytes = numarenas * sizeof(*arenas);
- arenaobj = (struct arena_object *)realloc(arenas, nbytes);
+ arenaobj = (struct arena_object *)PyMem_Realloc(arenas, nbytes);
if (arenaobj == NULL)
return NULL;
arenas = arenaobj;
@@ -785,9 +1060,8 @@
* Unless the optimizer reorders everything, being too smart...
*/
-#undef PyObject_Malloc
-void *
-PyObject_Malloc(size_t nbytes)
+static void *
+_PyObject_Malloc(void *ctx, size_t nbytes)
{
block *bp;
poolp pool;
@@ -802,15 +1076,6 @@
#endif
/*
- * Limit ourselves to PY_SSIZE_T_MAX bytes to prevent security holes.
- * Most python internals blindly use a signed Py_ssize_t to track
- * things without checking for overflows or negatives.
- * As size_t is unsigned, checking for nbytes < 0 is not required.
- */
- if (nbytes > PY_SSIZE_T_MAX)
- return NULL;
-
- /*
* This implicitly redirects malloc(0).
*/
if ((nbytes - 1) < SMALL_REQUEST_THRESHOLD) {
@@ -983,15 +1248,14 @@
*/
if (nbytes == 0)
nbytes = 1;
- return (void *)malloc(nbytes);
+ return PyMem_Malloc(nbytes);
}
/* free */
-#undef PyObject_Free
ATTRIBUTE_NO_ADDRESS_SAFETY_ANALYSIS
-void
-PyObject_Free(void *p)
+static void
+_PyObject_Free(void *ctx, void *p)
{
poolp pool;
block *lastfree;
@@ -1211,7 +1475,7 @@
redirect:
#endif
/* We didn't allocate this address. */
- free(p);
+ PyMem_Free(p);
}
/* realloc. If p is NULL, this acts like malloc(nbytes). Else if nbytes==0,
@@ -1219,10 +1483,9 @@
* return a non-NULL result.
*/
-#undef PyObject_Realloc
ATTRIBUTE_NO_ADDRESS_SAFETY_ANALYSIS
-void *
-PyObject_Realloc(void *p, size_t nbytes)
+static void *
+_PyObject_Realloc(void *ctx, void *p, size_t nbytes)
{
void *bp;
poolp pool;
@@ -1232,16 +1495,7 @@
#endif
if (p == NULL)
- return PyObject_Malloc(nbytes);
-
- /*
- * Limit ourselves to PY_SSIZE_T_MAX bytes to prevent security holes.
- * Most python internals blindly use a signed Py_ssize_t to track
- * things without checking for overflows or negatives.
- * As size_t is unsigned, checking for nbytes < 0 is not required.
- */
- if (nbytes > PY_SSIZE_T_MAX)
- return NULL;
+ return _PyObject_Malloc(ctx, nbytes);
#ifdef WITH_VALGRIND
/* Treat running_on_valgrind == -1 the same as 0 */
@@ -1269,10 +1523,10 @@
}
size = nbytes;
}
- bp = PyObject_Malloc(nbytes);
+ bp = _PyObject_Malloc(ctx, nbytes);
if (bp != NULL) {
memcpy(bp, p, size);
- PyObject_Free(p);
+ _PyObject_Free(ctx, p);
}
return bp;
}
@@ -1290,40 +1544,17 @@
* at p. Instead we punt: let C continue to manage this block.
*/
if (nbytes)
- return realloc(p, nbytes);
+ return PyMem_Realloc(p, nbytes);
/* C doesn't define the result of realloc(p, 0) (it may or may not
* return NULL then), but Python's docs promise that nbytes==0 never
* returns NULL. We don't pass 0 to realloc(), to avoid that endcase
* to begin with. Even then, we can't be sure that realloc() won't
* return NULL.
*/
- bp = realloc(p, 1);
+ bp = PyMem_Realloc(p, 1);
return bp ? bp : p;
}
-#else /* ! WITH_PYMALLOC */
-
-/*==========================================================================*/
-/* pymalloc not enabled: Redirect the entry points to malloc. These will
- * only be used by extensions that are compiled with pymalloc enabled. */
-
-void *
-PyObject_Malloc(size_t n)
-{
- return PyMem_MALLOC(n);
-}
-
-void *
-PyObject_Realloc(void *p, size_t n)
-{
- return PyMem_REALLOC(p, n);
-}
-
-void
-PyObject_Free(void *p)
-{
- PyMem_FREE(p);
-}
#endif /* WITH_PYMALLOC */
#ifdef PYMALLOC_DEBUG
@@ -1343,10 +1574,6 @@
#define DEADBYTE 0xDB /* dead (newly freed) memory */
#define FORBIDDENBYTE 0xFB /* untouchable bytes at each end of a block */
-/* We tag each block with an API ID in order to tag API violations */
-#define _PYMALLOC_MEM_ID 'm' /* the PyMem_Malloc() API */
-#define _PYMALLOC_OBJ_ID 'o' /* The PyObject_Malloc() API */
-
static size_t serialno = 0; /* incremented on each debug {m,re}alloc */
/* serialno is always incremented via calling this routine. The point is
@@ -1429,58 +1656,18 @@
p[2*S+n: 2*S+n+S]
Copies of FORBIDDENBYTE. Used to catch over- writes and reads.
p[2*S+n+S: 2*S+n+2*S]
- A serial number, incremented by 1 on each call to _PyObject_DebugMalloc
- and _PyObject_DebugRealloc.
+ A serial number, incremented by 1 on each call to _PyMem_DebugMalloc
+ and _PyMem_DebugRealloc.
This is a big-endian size_t.
If "bad memory" is detected later, the serial number gives an
excellent way to set a breakpoint on the next run, to capture the
instant at which this block was passed out.
*/
-/* debug replacements for the PyMem_* memory API */
-void *
-_PyMem_DebugMalloc(size_t nbytes)
-{
- return _PyObject_DebugMallocApi(_PYMALLOC_MEM_ID, nbytes);
-}
-void *
-_PyMem_DebugRealloc(void *p, size_t nbytes)
-{
- return _PyObject_DebugReallocApi(_PYMALLOC_MEM_ID, p, nbytes);
-}
-void
-_PyMem_DebugFree(void *p)
-{
- _PyObject_DebugFreeApi(_PYMALLOC_MEM_ID, p);
-}
-
-/* debug replacements for the PyObject_* memory API */
-void *
-_PyObject_DebugMalloc(size_t nbytes)
-{
- return _PyObject_DebugMallocApi(_PYMALLOC_OBJ_ID, nbytes);
-}
-void *
-_PyObject_DebugRealloc(void *p, size_t nbytes)
-{
- return _PyObject_DebugReallocApi(_PYMALLOC_OBJ_ID, p, nbytes);
-}
-void
-_PyObject_DebugFree(void *p)
-{
- _PyObject_DebugFreeApi(_PYMALLOC_OBJ_ID, p);
-}
-void
-_PyObject_DebugCheckAddress(const void *p)
-{
- _PyObject_DebugCheckAddressApi(_PYMALLOC_OBJ_ID, p);
-}
-
-
-/* generic debug memory api, with an "id" to identify the API in use */
-void *
-_PyObject_DebugMallocApi(char id, size_t nbytes)
+static void *
+_PyMem_DebugMallocCtx(void *ctx, size_t nbytes)
{
+ debug_alloc_api_t *api = (debug_alloc_api_t *)ctx;
uchar *p; /* base address of malloc'ed block */
uchar *tail; /* p + 2*SST + nbytes == pointer to tail pad bytes */
size_t total; /* nbytes + 4*SST */
@@ -1491,14 +1678,14 @@
/* overflow: can't represent total as a size_t */
return NULL;
- p = (uchar *)PyObject_Malloc(total);
+ p = (uchar *)api->alloc.malloc(api->alloc.ctx, total);
if (p == NULL)
return NULL;
/* at p, write size (SST bytes), id (1 byte), pad (SST-1 bytes) */
write_size_t(p, nbytes);
- p[SST] = (uchar)id;
- memset(p + SST + 1 , FORBIDDENBYTE, SST-1);
+ p[SST] = (uchar)api->api_id;
+ memset(p + SST + 1, FORBIDDENBYTE, SST-1);
if (nbytes > 0)
memset(p + 2*SST, CLEANBYTE, nbytes);
@@ -1516,35 +1703,37 @@
Then fills the original bytes with DEADBYTE.
Then calls the underlying free.
*/
-void
-_PyObject_DebugFreeApi(char api, void *p)
+static void
+_PyMem_DebugFreeCtx(void *ctx, void *p)
{
+ debug_alloc_api_t *api = (debug_alloc_api_t *)ctx;
uchar *q = (uchar *)p - 2*SST; /* address returned from malloc */
size_t nbytes;
if (p == NULL)
return;
- _PyObject_DebugCheckAddressApi(api, p);
+ _PyMem_DebugCheckAddress(api->api_id, p);
nbytes = read_size_t(q);
nbytes += 4*SST;
if (nbytes > 0)
memset(q, DEADBYTE, nbytes);
- PyObject_Free(q);
+ api->alloc.free(api->alloc.ctx, q);
}
-void *
-_PyObject_DebugReallocApi(char api, void *p, size_t nbytes)
+static void *
+_PyMem_DebugReallocCtx(void *ctx, void *p, size_t nbytes)
{
- uchar *q = (uchar *)p;
+ debug_alloc_api_t *api = (debug_alloc_api_t *)ctx;
+ uchar *q = (uchar *)p, *oldq;
uchar *tail;
size_t total; /* nbytes + 4*SST */
size_t original_nbytes;
int i;
if (p == NULL)
- return _PyObject_DebugMallocApi(api, nbytes);
+ return _PyMem_DebugMallocCtx(ctx, nbytes);
- _PyObject_DebugCheckAddressApi(api, p);
+ _PyMem_DebugCheckAddress(api->api_id, p);
bumpserialno();
original_nbytes = read_size_t(q - 2*SST);
total = nbytes + 4*SST;
@@ -1552,24 +1741,26 @@
/* overflow: can't represent total as a size_t */
return NULL;
- if (nbytes < original_nbytes) {
- /* shrinking: mark old extra memory dead */
- memset(q + nbytes, DEADBYTE, original_nbytes - nbytes + 2*SST);
- }
-
/* Resize and add decorations. We may get a new pointer here, in which
* case we didn't get the chance to mark the old memory with DEADBYTE,
* but we live with that.
*/
- q = (uchar *)PyObject_Realloc(q - 2*SST, total);
+ oldq = q;
+ q = (uchar *)api->alloc.realloc(api->alloc.ctx, q - 2*SST, total);
if (q == NULL)
return NULL;
+ if (q == oldq && nbytes < original_nbytes) {
+ /* shrinking: mark old extra memory dead */
+ memset(q + nbytes, DEADBYTE, original_nbytes - nbytes);
+ }
+
write_size_t(q, nbytes);
- assert(q[SST] == (uchar)api);
+ assert(q[SST] == (uchar)api->api_id);
for (i = 1; i < SST; ++i)
assert(q[SST + i] == FORBIDDENBYTE);
q += 2*SST;
+
tail = q + nbytes;
memset(tail, FORBIDDENBYTE, SST);
write_size_t(tail + SST, serialno);
@@ -1588,8 +1779,8 @@
* and call Py_FatalError to kill the program.
* The API id, is also checked.
*/
- void
-_PyObject_DebugCheckAddressApi(char api, const void *p)
+static void
+_PyMem_DebugCheckAddress(char api, const void *p)
{
const uchar *q = (const uchar *)p;
char msgbuf[64];
@@ -1935,3 +2126,44 @@
arenas[arenaindex_temp].address != 0;
}
#endif
+
+
+#if defined(WITH_PYMALLOC) && defined(PYMALLOC_DEBUG)
+/* Dummy functions only present to keep the same ABI with the vanilla Python
+ compiled in debug mode: they are not used in practice. See issue:
+ https://github.com/haypo/pytracemalloc/issues/1 */
+
+void* _PyMem_DebugMalloc(size_t nbytes)
+{ return PyMem_RawMalloc(nbytes); }
+
+void* _PyMem_DebugRealloc(void *p, size_t nbytes)
+{ return PyMem_RawRealloc(p, nbytes); }
+
+void _PyObject_DebugFree(void *p)
+{ return PyObject_Free(p); }
+
+void* _PyObject_DebugMalloc(size_t nbytes)
+{ return PyObject_Malloc(nbytes); }
+
+void* _PyObject_DebugRealloc(void *p, size_t nbytes)
+{ return PyObject_Realloc(p, nbytes); }
+
+void _PyMem_DebugFree(void *p)
+{ PyMem_RawFree(p); }
+
+void _PyObject_DebugCheckAddress(const void *p)
+{}
+
+void * _PyObject_DebugMallocApi(char api, size_t nbytes)
+{ return PyObject_Malloc(nbytes); }
+
+void * _PyObject_DebugReallocApi(char api, void *p, size_t nbytes)
+{ return PyObject_Realloc(p, nbytes); }
+
+void _PyObject_DebugFreeApi(char api, void *p)
+{ return PyObject_Free(p); }
+
+void _PyObject_DebugCheckAddressApi(char api, const void *p)
+{}
+#endif
+
diff -urN Python-2.7.10.ORIG/Python/pythonrun.c Python-2.7.10/Python/pythonrun.c
--- Python-2.7.10.ORIG/Python/pythonrun.c 2015-05-24 01:09:24.000000000 +0900
+++ Python-2.7.10/Python/pythonrun.c 2015-10-13 17:31:13.771317208 +0900
@@ -137,6 +137,41 @@
return flag;
}
+static void
+inittracemalloc(void)
+{
+ PyObject *mod = NULL, *res = NULL;
+ char *p, *endptr;
+ long nframe;
+
+ p = Py_GETENV("PYTHONTRACEMALLOC");
+ if (p == NULL || *p == '\0')
+ return;
+
+ endptr = p;
+ nframe = strtol(p, &endptr, 10);
+ if (*endptr != '\0' || nframe < 1 || nframe > 100000)
+ Py_FatalError("PYTHONTRACEMALLOC: invalid number of frames");
+
+ mod = PyImport_ImportModule("_tracemalloc");
+ if (mod == NULL)
+ goto error;
+
+ res = PyObject_CallMethod(mod, "start", "i", (int)nframe);
+ if (res == NULL)
+ goto error;
+
+ goto done;
+
+error:
+ fprintf(stderr, "failed to start tracemalloc:\n");
+ PyErr_Print();
+
+done:
+ Py_XDECREF(mod);
+ Py_XDECREF(res);
+}
+
void
Py_InitializeEx(int install_sigs)
{
@@ -266,6 +301,8 @@
_PyGILState_Init(interp, tstate);
#endif /* WITH_THREAD */
+ inittracemalloc();
+
if (!Py_NoSiteFlag)
initsite(); /* Module site */
component/python-PyYAML/buildout.cfg 0 → 100644
View file @ 94026302
[buildout]
extends =
../libyaml/buildout.cfg
[python-PyYAML]
recipe = zc.recipe.egg:custom
egg = PyYAML
rpath =
${libyaml:location}/lib/
include-dirs =
${libyaml:location}/include
library-dirs =
${libyaml:location}/lib
component/python-ldap-python/buildout.cfg
View file @ 94026302
......@@ -9,6 +9,9 @@ extends =
[python-ldap-python]
recipe = zc.recipe.egg:custom
egg = python-ldap
patches =
${:_profile_base_location_}/python-ldap-no_default_dirs.patch#959115f13f1de5c63654c69b8dfacd69
patch-options = -p1
rpath =
${openldap:location}/lib
${cyrus-sasl:location}/lib
......
component/python-ldap-python/python-ldap-no_default_dirs.patch 0 → 100644
View file @ 94026302
diff -ur python-ldap-2.4.20.orig/setup.cfg python-ldap-2.4.20/setup.cfg
--- python-ldap-2.4.20.orig/setup.cfg 2015-07-07 15:25:42.000000000 +0200
+++ python-ldap-2.4.20/setup.cfg 2015-09-02 15:59:48.846802676 +0200
@@ -1,6 +1,4 @@
[_ldap]
-library_dirs = /usr/lib /usr/lib64 /usr/local/lib /usr/local/lib64
-include_dirs = /usr/include /usr/include/sasl /usr/local/include /usr/local/include/sasl
defines = HAVE_SASL HAVE_TLS HAVE_LIBLDAP_R
extra_compile_args =
extra_objects =
component/python-setuptools/buildout.cfg
View file @ 94026302
......@@ -4,10 +4,10 @@ parts = python-setuptools
[setuptools-download]
recipe = hexagonit.recipe.download
download-only = true
package_suffix = setuptools-1.4.2
package_suffix = setuptools-18.4
filename = ${:package_suffix}.tar.gz
url = https://pypi.python.org/packages/source/s/setuptools/${:filename}
md5sum = 13951be6711438073fbe50843e7f141f
md5sum = 214c6c43bd7035e870c1beab402c48e7
mode = 0644
[python-setuptools]
......
component/qemu-kvm/buildout.cfg
View file @ 94026302
......@@ -43,9 +43,9 @@ environment =
[debian-amd64-netinst.iso]
# Download the installer of Debian 8 (Jessie)
recipe = hexagonit.recipe.download
url = http://cdimage.debian.org/debian-cd/8.1.0/amd64/iso-cd/debian-8.1.0-amd64-netinst.iso
url = http://cdimage.debian.org/debian-cd/8.2.0/amd64/iso-cd/debian-8.2.0-amd64-netinst.iso
filename = ${:_buildout_section_name_}
md5sum = 1a311f9afb68d6365211b13b4342c40b
md5sum = 762eb3dfc22f85faf659001ebf270b4f
download-only = true
mode = 0644
location = ${buildout:parts-directory}/${:_buildout_section_name_}
component/r-language/buildout.cfg
View file @ 94026302
......@@ -2,6 +2,7 @@
extends =
../bzip2/buildout.cfg
../gcc/buildout.cfg
../openblas/buildout.cfg
../pcre/buildout.cfg
../readline/buildout.cfg
../xz-utils/buildout.cfg
......@@ -17,6 +18,8 @@ url = http://cran.univ-paris1.fr/src/base/R-3/R-3.2.1.tar.gz
md5sum = c2aac8b40f84e08e7f8c9068de9239a3
configure-options =
--enable-R-shlib
--enable-BLAS-shlib
--with-blas="-lopenblas"
--with-readline=yes
--without-tcltk
--without-cairo
......@@ -31,5 +34,5 @@ configure-options =
--without-x
environment =
PATH=${gcc-fortran:location}/bin:%(PATH)s
CPPFLAGS=-I${bzip2:location}/include -I${pcre:location}/include -I${readline:location}/include -I${ncurses:location}/include -I${xz-utils:location}/include -I${zlib:location}/include
LDFLAGS=-L${bzip2:location}/lib -Wl,-rpath=${bzip2:location}/lib -L${gcc-fortran:location}/lib -Wl,-rpath=${gcc-fortran:location}/lib -L${gcc-fortran:location}/lib64 -Wl,-rpath=${gcc-fortran:location}/lib64 -L${ncurses:location}/lib -Wl,-rpath=${ncurses:location}/lib -L${pcre:location}/lib -Wl,-rpath=${pcre:location}/lib -L${readline:location}/lib -Wl,-rpath=${readline:location}/lib -L${xz-utils:location}/lib -Wl,-rpath=${xz-utils:location}/lib -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib
CPPFLAGS=-I${bzip2:location}/include -I${openblas:location}/include -I${pcre:location}/include -I${readline:location}/include -I${ncurses:location}/include -I${xz-utils:location}/include -I${zlib:location}/include
LDFLAGS=-L${bzip2:location}/lib -Wl,-rpath=${bzip2:location}/lib -L${gcc-fortran:location}/lib -Wl,-rpath=${gcc-fortran:location}/lib -L${gcc-fortran:location}/lib64 -Wl,-rpath=${gcc-fortran:location}/lib64 -L${ncurses:location}/lib -Wl,-rpath=${ncurses:location}/lib -L${openblas:location}/lib -Wl,-rpath=${openblas:location}/lib -L${pcre:location}/lib -Wl,-rpath=${pcre:location}/lib -L${readline:location}/lib -Wl,-rpath=${readline:location}/lib -L${xz-utils:location}/lib -Wl,-rpath=${xz-utils:location}/lib -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib
component/rsyslogd/buildout.cfg 0 → 100644
View file @ 94026302
[buildout]
parts =
rsyslogd
extends =
../libestr/buildout.cfg
../json-c/buildout.cfg
../libuuid/buildout.cfg
../zlib/buildout.cfg
[rsyslogd]
recipe = slapos.recipe.cmmi
url = http://www.rsyslog.com/files/download/rsyslog/rsyslog-8.12.0.tar.gz
md5sum = c31c2d545c8a3b8695bdf076851d1517
configure-options =
--disable-klog
--disable-libgcrypt
--disable-liblogging-stdlog
environment =
PKG_CONFIG_PATH=${libestr:location}/lib/pkgconfig:${json-c:location}/lib/pkgconfig:${libuuid:location}/lib/pkgconfig
CPPFLAGS=-I${libestr:location}/include -I${json-c:location}/include -I${libuuid:location}/include -I${zlib:location}/include
LDFLAGS=-Wl,-rpath=${libestr:location}/lib -Wl,-rpath=${json-c:location}/lib -Wl,-rpath=${libuuid:location}/lib -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib
ZLIB_CFLAGS=-I${zlib:location}/include
component/scipy/buildout.cfg
View file @ 94026302
[buildout]
extends =
../numpy/buildout.cfg
../numpy/openblas.cfg
parts =
scipy
......
component/serf/buildout.cfg
View file @ 94026302
......@@ -9,8 +9,8 @@ extends =
[serf]
recipe = slapos.recipe.cmmi
url = http://serf.googlecode.com/files/serf-0.7.0.tar.gz
md5sum = 3233f22a5875320da7bdc854d0873080
url = https://serf.googlecode.com/files/serf-1.2.1.tar.bz2
md5sum = 4f8e76c9c6567aee1d66aba49f76a58b
configure-options =
--with-apr=${apache:location}/bin/apr-1-config
--with-apr-util=${apache:location}/bin/apu-1-config
......
component/shellinabox/buildout.cfg
View file @ 94026302
[buildout]
extends =
../zlib/buildout.cfg
../openssl/buildout.cfg
../patch/buildout.cfg
../automake/buildout.cfg
../autoconf/buildout.cfg
../libtool/buildout.cfg
../automake/buildout.cfg
../git/buildout.cfg
../libtool/buildout.cfg
../m4/buildout.cfg
../openssl/buildout.cfg
../patch/buildout.cfg
../zlib/buildout.cfg
parts = shellinabox
[shellinabox]
<= shellinabox-2.10
[shellinabox-common]
recipe = slapos.recipe.cmmi
environment =
CFLAGS = -I${zlib:location}/include -I${openssl:location}/include
LDFLAGS = -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib -L${openssl:location}/lib -Wl,-rpath=${openssl:location}/lib
PKG_CONFIG_PATH = ${openssl:location}/lib/pkgconfig/
[shellinabox-2.10]
; This version is old, but we patch it for IPv6 support
<= shellinabox-common
recipe = slapos.recipe.cmmi
url = http://shellinabox.googlecode.com/files/shellinabox-2.10.tar.gz
md5sum = 0e144910d85d92edc54702ab9c46f032
patch-binary = ${patch:location}/bin/patch
......@@ -30,20 +24,27 @@ patch-options = -p1
patches =
${:_profile_base_location_}/0001-Switch-to-IPv6.patch#b61cb099c00e15a5fcaf6c98134fff45
${:_profile_base_location_}/0002-Allow-to-run-entire-command-path.patch#a506b4d83021e24c830f767501c1d3fc
environment =
CFLAGS = -I${zlib:location}/include -I${openssl:location}/include
LDFLAGS = -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib -L${openssl:location}/lib -Wl,-rpath=${openssl:location}/lib
PKG_CONFIG_PATH = ${openssl:location}/lib/pkgconfig/
[shellinabox-git-repository]
; This version has much more features, but does not support IPv6 (support unix domain though)
recipe = slapos.recipe.build:gitclone
repository = https://github.com/shellinabox/shellinabox
revision = 458cd7aa8f513f41f7eee389fa5ff6a51acea593
revision = b8285748993c4c99e80793775f3d2a0a4e962d5a
git-executable = ${git:location}/bin/git
[shellinabox-github]
<= shellinabox-common
recipe = slapos.recipe.cmmi
path = ${shellinabox-git-repository:location}
configure-command =
${libtool:location}/bin/libtoolize
${autoconf:location}/bin/autoreconf -vif
./configure
environment =
PATH=${autoconf:location}/bin:${automake:location}/bin:${libtool:location}/bin:%(PATH)s
PATH=${autoconf:location}/bin:${automake:location}/bin:${libtool:location}/bin:${m4:location}/bin:%(PATH)s
CFLAGS = -I${zlib:location}/include -I${openssl:location}/include
LDFLAGS = -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib -L${openssl:location}/lib -Wl,-rpath=${openssl:location}/lib
PKG_CONFIG_PATH = ${openssl:location}/lib/pkgconfig/
component/slapos/buildout.cfg
View file @ 94026302
......@@ -78,14 +78,16 @@ rpath =
#############################################
[slapos]
recipe = z3c.recipe.scripts
recipe = zc.recipe.egg
eggs =
${lxml-python:egg}
${python-cffi:egg}
${python-PyYAML:egg}
${python-cliff:egg}
${python-cryptography:egg}
pyOpenSSL
slapos.libnetworkcache
zc.buildout
${lxml-python:egg}
slapos.core
initialization =
......
component/sqlite3/buildout.cfg
View file @ 94026302
......@@ -5,14 +5,11 @@ parts =
[sqlite3]
recipe = slapos.recipe.cmmi
url = http://sqlite.org/2015/sqlite-autoconf-3081002.tar.gz
md5sum = a18bfc015cd49a1e7a961b7b77bc3b37
url = http://sqlite.org/2015/sqlite-autoconf-3081101.tar.gz
md5sum = 298c8d6af7ca314f68de92bc7a356cbe
configure-options =
--disable-static
--enable-readline
patch-options = -p1
patches =
${:_profile_base_location_}/dynamic_link.patch#328d3773b49151207d29a5a857f98337
environment =
CPPFLAGS=-I${readline:location}/include -I${ncurses:location}/include
LDFLAGS=-L${buildout:parts-directory}/${:_buildout_section_name_} -Wl,-rpath=${readline:location}/lib -Wl,-rpath=${ncurses:location}/lib -L${readline:location}/lib -L${ncurses:location}/lib
component/sqlite3/dynamic_link.patch deleted 100644 → 0
View file @ 47a68bf7
diff -ur sqlite-autoconf-3081002/Makefile.am sqlite-autoconf-3081002/Makefile.am
--- sqlite-autoconf-3081002/Makefile.am 2015-04-08 16:38:50.000000000 +0200
+++ sqlite-autoconf-3081002/Makefile.am 2015-05-09 14:23:20.000000000 +0200
@@ -7,7 +7,8 @@
bin_PROGRAMS = sqlite3
sqlite3_SOURCES = shell.c sqlite3.h
-sqlite3_LDADD = sqlite3.$(OBJEXT) @READLINE_LIBS@
+sqlite3_LDADD = $(top_builddir)/libsqlite3.la @READLINE_LIBS@
+sqlite3_DEPENDENCIES = $(top_builddir)/libsqlite3.la
include_HEADERS = sqlite3.h sqlite3ext.h
diff -ur sqlite-autoconf-3081002/Makefile.in sqlite-autoconf-3081002/Makefile.in
--- sqlite-autoconf-3081002/Makefile.in 2015-04-08 16:38:52.000000000 +0200
+++ sqlite-autoconf-3081002/Makefile.in 2015-05-09 14:23:23.000000000 +0200
@@ -109,7 +109,6 @@
PROGRAMS = $(bin_PROGRAMS)
am_sqlite3_OBJECTS = shell.$(OBJEXT)
sqlite3_OBJECTS = $(am_sqlite3_OBJECTS)
-sqlite3_DEPENDENCIES = sqlite3.$(OBJEXT)
DEFAULT_INCLUDES = -I.@am__isrc@
depcomp = $(SHELL) $(top_srcdir)/depcomp
am__depfiles_maybe = depfiles
@@ -274,7 +273,8 @@
libsqlite3_la_SOURCES = sqlite3.c
libsqlite3_la_LDFLAGS = -no-undefined -version-info 8:6:8
sqlite3_SOURCES = shell.c sqlite3.h
-sqlite3_LDADD = sqlite3.$(OBJEXT) @READLINE_LIBS@
+sqlite3_LDADD = $(top_builddir)/libsqlite3.la @READLINE_LIBS@
+sqlite3_DEPENDENCIES = $(top_builddir)/libsqlite3.la
include_HEADERS = sqlite3.h sqlite3ext.h
EXTRA_DIST = sqlite3.1 tea
pkgconfigdir = ${libdir}/pkgconfig
component/subversion/buildout.cfg
View file @ 94026302
......@@ -7,8 +7,10 @@ extends =
../libexpat/buildout.cfg
../libuuid/buildout.cfg
../neon/buildout.cfg
../openssl/buildout.cfg
../perl/buildout.cfg
../pkgconfig/buildout.cfg
../serf/buildout.cfg
../sqlite3/buildout.cfg
../zlib/buildout.cfg
../swig/buildout.cfg
......@@ -17,24 +19,26 @@ parts =
[subversion]
recipe = slapos.recipe.cmmi
url = http://subversion.tigris.org/downloads/subversion-1.6.17.tar.bz2
md5sum = 81e5dc5beee4b3fc025ac70c0b6caa14
url = http://apache.mirrors.tds.net/subversion/subversion-1.8.14.tar.bz2
md5sum = fe476ba26d6835eba4393780ea907361
# Patch available thanks to gentoo developpers
# http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/dev-vcs/subversion/files/subversion-1.6.0-disable_linking_against_unneeded_libraries.patch?revision=1.1
# https://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/dev-vcs/subversion/files/subversion-fix-parallel-build-support-for-perl-bindings.patch
patches =
${:_profile_base_location_}/subversion-1.6.0-disable_linking_against_unneeded_libraries.patch#8d911ec2422dc4c08a00693ac915a07a
${:_profile_base_location_}/subversion-fix-parallel-build-support-for-perl-bindings.patch#fd69f4c932b4882ed98c59eb102be64a
configure-options =
--disable-static
--with-apr=${apache:location}/bin/apr-1-config
--with-apr-util=${apache:location}/bin/apu-1-config
--with-serf=yes
--without-apxs
--with-zlib=${zlib:location}
--with-sqlite=${sqlite3:location}
--with-neon=${neon:location}
--without-berkeley-db
--without-sasl
--without-apr_memcache
--without-gpg-agent
--without-gnome-keyring
--without-libmagic
--without-kwallet
--without-jdk
--without-jikes
......@@ -44,17 +48,12 @@ configure-options =
--without-ruby-sitedir
--without-ruby-test-verbose
--disable-nls
# it seems that parallel build sometimes fails.
make-options =
-j1
make-targets = install -j1
environment =
PATH=${perl:location}/bin:${pkgconfig:location}/bin:${neon:location}/bin:%(PATH)s
PKG_CONFIG_PATH=${apache:location}/lib/pkgconfig:${sqlite3:location}/lib/pkgconfig:${openssl:location}/lib/pkgconfig:${neon:location}/lib/pkgconfig
PATH=${perl:location}/bin:${pkgconfig:location}/bin:%(PATH)s
PKG_CONFIG_PATH=${apache:location}/lib/pkgconfig:${sqlite3:location}/lib/pkgconfig:${openssl:location}/lib/pkgconfig:${serf:location}/lib/pkgconfig
CPPFLAGS=-I${libexpat:location}/include -I${libuuid:location}/include
LDFLAGS=-L${libexpat:location}/lib -Wl,-rpath=${zlib:location}/lib -Wl,-rpath=${sqlite3:location}/lib -Wl,-rpath=${neon:location}/lib -Wl,-rpath=${apache:location}/lib -L${libuuid:location}/lib -Wl,-rpath=${libuuid:location}/lib
LDFLAGS=-L${libexpat:location}/lib -Wl,-rpath=${zlib:location}/lib -Wl,-rpath=${sqlite3:location}/lib -Wl,-rpath=${apache:location}/lib -L${libuuid:location}/lib -Wl,-rpath=${libuuid:location}/lib -Wl,-rpath=${openssl:location}/lib
[subversion-1.9]
recipe = hexagonit.recipe.cmmi
......
component/subversion/subversion-1.6.0-disable_linking_against_unneeded_libraries.patch deleted 100644 → 0
View file @ 47a68bf7
--- Makefile.in
+++ Makefile.in
@@ -47,6 +47,7 @@
SVN_SASL_LIBS = @SVN_SASL_LIBS@
SVN_SERF_LIBS = @SVN_SERF_LIBS@
SVN_SQLITE_LIBS = @SVN_SQLITE_LIBS@
+SVN_XML_LIBS = -lexpat
SVN_ZLIB_LIBS = @SVN_ZLIB_LIBS@
LIBS = @LIBS@
--- build/ac-macros/aprutil.m4
+++ build/ac-macros/aprutil.m4
@@ -77,16 +77,14 @@
AC_MSG_ERROR([apu-config --prefix failed])
fi
- dnl When APR stores the dependent libs in the .la file, we don't need
- dnl --libs.
- SVN_APRUTIL_LIBS="`$apu_config --link-libtool --libs`"
+ SVN_APRUTIL_LIBS="`$apu_config --link-libtool`"
if test $? -ne 0; then
- AC_MSG_ERROR([apu-config --link-libtool --libs failed])
+ AC_MSG_ERROR([apu-config --link-libtool failed])
fi
- SVN_APRUTIL_EXPORT_LIBS="`$apu_config --link-ld --libs`"
+ SVN_APRUTIL_EXPORT_LIBS="`$apu_config --link-ld`"
if test $? -ne 0; then
- AC_MSG_ERROR([apu-config --link-ld --libs failed])
+ AC_MSG_ERROR([apu-config --link-ld failed])
fi
AC_SUBST(SVN_APRUTIL_INCLUDES)
--- build/ac-macros/apr.m4
+++ build/ac-macros/apr.m4
@@ -74,16 +74,14 @@
AC_MSG_ERROR([apr-config --prefix failed])
fi
- dnl When APR stores the dependent libs in the .la file, we don't need
- dnl --libs.
- SVN_APR_LIBS="`$apr_config --link-libtool --libs`"
+ SVN_APR_LIBS="`$apr_config --link-libtool`"
if test $? -ne 0; then
- AC_MSG_ERROR([apr-config --link-libtool --libs failed])
+ AC_MSG_ERROR([apr-config --link-libtool failed])
fi
- SVN_APR_EXPORT_LIBS="`$apr_config --link-ld --libs`"
+ SVN_APR_EXPORT_LIBS="`$apr_config --link-ld`"
if test $? -ne 0; then
- AC_MSG_ERROR([apr-config --link-ld --libs failed])
+ AC_MSG_ERROR([apr-config --link-ld failed])
fi
SVN_APR_SHLIB_PATH_VAR="`$apr_config --shlib-path-var`"
component/subversion/subversion-fix-parallel-build-support-for-perl-bindings.patch 0 → 100644
View file @ 94026302
--- Makefile.in 2011-07-16 13:50:53.000000000 +0200
+++ Makefile.in.new 2012-03-11 12:13:57.000000000 +0100
@@ -732,7 +732,7 @@
extraclean-swig-headers: clean-swig-headers
$(EXTRACLEAN_SWIG_HEADERS)
-$(SWIG_PL_DIR)/native/Makefile.PL: $(SWIG_SRC_DIR)/perl/native/Makefile.PL.in
+$(SWIG_PL_DIR)/native/Makefile.PL: $(SWIG_SRC_DIR)/perl/native/Makefile.PL.in libsvn_swig_perl
./config.status subversion/bindings/swig/perl/native/Makefile.PL
$(SWIG_PL_DIR)/native/Makefile: $(SWIG_PL_DIR)/native/Makefile.PL
component/tesseract/buildout.cfg
View file @ 94026302
......@@ -20,13 +20,15 @@ patch-options =
patches =
${:_profile_base_location_}/tesseract-3.00-gcc-4.7-build.patch#ca80db3ec489c547b03f3ee48879c1b1
${:_profile_base_location_}/tesseract-3.01-remove-bom.patch#2e691858cb492b7c17d23bf0912b3d24
configure-command =
pre-configure =
libtoolize -f -c
aclocal -I ${libtool:location}/share/aclocal -I config
autoheader -f
automake -c -a -f
autoconf -Wno-portability
./configure --prefix=${buildout:parts-directory}/${:_buildout_section_name_} --disable-static --datarootdir=${tesseract-eng-traineddata:location}
configure-options =
--disable-static
--datarootdir=${tesseract-eng-traineddata:location}
# XXX: tesseract seems not easily configurable at runtime about where to find
# its trained data, so we set its datarootdir above to a controlled location
......
component/trafficserver/buildout.cfg
View file @ 94026302
[buildout]
extends =
../../component/lua/buildout.cfg
../../component/hwloc/buildout.cfg
../../component/pkgconfig/buildout.cfg
../../component/libtool/buildout.cfg
../../component/make/buildout.cfg
......@@ -23,7 +22,6 @@ recipe = slapos.recipe.cmmi
url = http://apache.claz.org/trafficserver/trafficserver-4.2.3.tar.bz2
md5sum = 1d06a6e9063ceea3f19dbb84752ec710
configure-options =
--prefix=${buildout:parts-directory}/${:_buildout_section_name_}
--with-openssl=${openssl:location}
--with-xml=libxml2
--with-libxml2=${libxml2:location}
......
component/userhosts/buildout.cfg 0 → 100644
View file @ 94026302
[buildout]
extends =
../git/buildout.cfg
[userhosts]
recipe = plone.recipe.command
stop-on-error = true
update-command = ${:command}
command = cd ${userhosts-get:location} && make
# For convenience (one section to build & know result path)
location = ${userhosts-get:location}/userhosts
[userhosts-get]
recipe = slapos.recipe.build:gitclone
repository = https://lab.nexedi.com/nexedi/userhosts.git
revision = d3080ad4b82c91dc14fd2ad2a8e9b2512e600c2a
git-executable = ${git:location}/bin/git
location = ${buildout:parts-directory}/userhosts
component/wendelin.core/buildout.cfg
View file @ 94026302
......@@ -24,7 +24,7 @@ PATH = ${git:location}/bin:%(PATH)s
[wendelin.core-repository]
recipe = slapos.recipe.build:gitclone
repository = https://lab.nexedi.cn/nexedi/wendelin.core.git
repository = https://lab.nexedi.com/nexedi/wendelin.core.git
# dir is pretty name as top-level -dev recipe
location = ${buildout:parts-directory}/wendelin.core-dev
git-executable = ${git:location}/bin/git
......
component/xorg/buildout.cfg
View file @ 94026302
......@@ -274,8 +274,8 @@ environment =
[pixman]
recipe = slapos.recipe.cmmi
url = http://xorg.freedesktop.org/archive/individual/lib/pixman-0.32.4.tar.bz2
md5sum = cdb566504fe9daf6728c7b03cc7ea228
url = http://xorg.freedesktop.org/archive/individual/lib/pixman-0.32.8.tar.bz2
md5sum = 18d6b62abdb7bc0f8e6b0ddf48986b2c
configure-options =
--disable-static
......
setup.py
View file @ 94026302
......@@ -28,7 +28,7 @@ from setuptools import setup, find_packages
import glob
import os
version = '0.104.dev0'
version = '1.0.9.dev0'
name = 'slapos.cookbook'
long_description = open("README.txt").read() + "\n" + \
open("CHANGES.txt").read() + "\n"
......@@ -167,6 +167,7 @@ setup(name=name,
'proactive = slapos.recipe.proactive:Recipe',
'publish = slapos.recipe.publish:Recipe',
'publish.serialised = slapos.recipe.publish:Serialised',
'publish-early = slapos.recipe.publish_early:Recipe',
'publishsection = slapos.recipe.publish:PublishSection',
'publishurl = slapos.recipe.publishurl:Recipe',
'readline = slapos.recipe.readline:Recipe',
......@@ -192,17 +193,19 @@ setup(name=name,
'slapmonitor = slapos.recipe.slapmonitor:MonitorRecipe',
'slapmonitor-xml = slapos.recipe.slapmonitor:MonitorXMLRecipe',
'slapreport = slapos.recipe.slapreport:Recipe',
'softwaretype = slapos.recipe.softwaretype:Recipe',
'softwaretype = slapos.recipe.softwaretype:Recipe', # BBB
'sphinx= slapos.recipe.sphinx:Recipe',
'squid = slapos.recipe.squid:Recipe',
'sshkeys_authority = slapos.recipe.sshkeys_authority:Recipe',
'sshkeys_authority.request = slapos.recipe.sshkeys_authority:Request',
'stunnel = slapos.recipe.stunnel:Recipe',
'switch-softwaretype = slapos.recipe.switch_softwaretype:Recipe',
'symbolic.link = slapos.recipe.symbolic_link:Recipe',
'tidstorage = slapos.recipe.tidstorage:Recipe',
'trac = slapos.recipe.trac:Recipe',
'urlparse = slapos.recipe._urlparse:Recipe',
'uuid = slapos.recipe._uuid:Recipe',
'userinfo = slapos.recipe.userinfo:Recipe',
'vifib = slapos.recipe.vifib:Recipe',
'waitfor = slapos.recipe.waitfor:Recipe',
'webchecker = slapos.recipe.web_checker:Recipe',
......@@ -221,5 +224,4 @@ setup(name=name,
},
test_suite='slapos.test',
tests_require=[ 'jsonschema' ],
)
)
\ No newline at end of file
slapos/recipe/apache_zope_backend/__init__.py
View file @ 94026302
......@@ -57,7 +57,9 @@ class Recipe(GenericBaseRecipe):
else:
raise ValueError('Unsupported scheme %s' % scheme)
ip = self.options['ip']
ip_list = self.options['ip']
if isinstance(ip_list, basestring):
ip_list = [ip_list]
backend_path = self.options.get('backend-path', '/')
vhost_template_name = self.getTemplateFilename('vhost.in')
apache_config_file = self.createFile(
......@@ -78,7 +80,7 @@ class Recipe(GenericBaseRecipe):
'port': port,
'backend': ('%s/%s' % (backend.rstrip('/'), backend_path.strip('/'))).rstrip('/'),
'ssl_enable': ssl_enable,
}) for (port, backend) in backend_list),
}) for (port, backend) in backend_list for ip in ip_list),
},
)
)
......
slapos/recipe/erp5_bootstrap/__init__.py
View file @ 94026302
##############################################################################
#
# Copyright (c) 2012 Vifib SARL and Contributors. All Rights Reserved.
# Copyright (c) 2012-2014 Vifib SARL and Contributors. All Rights Reserved.
#
# WARNING: This program as such is intended to be used by professional
# programmers who take the whole responsibility of assessing all potential
......@@ -26,7 +26,6 @@
##############################################################################
from slapos.recipe.librecipe import GenericBaseRecipe
import os
import sys
import urlparse
......@@ -36,31 +35,25 @@ class Recipe(GenericBaseRecipe):
"""
def install(self):
parsed = urlparse.urlparse(self.options['mysql-url'])
mysql_connection_string = "%(database)s@%(hostname)s:%(port)s "\
"%(username)s %(password)s" % dict(
database=parsed.path.split('/')[1],
hostname=parsed.hostname,
port=parsed.port,
username=parsed.username,
password=parsed.password
)
zope_parsed = urlparse.urlparse(self.options['zope-url'])
config = dict(
python_path=sys.executable,
user=zope_parsed.username,
password=zope_parsed.password,
site_id=zope_parsed.path.split('/')[1],
host="%s:%s" % (zope_parsed.hostname, zope_parsed.port),
sql_connection_string=mysql_connection_string,
)
# Runners
runner_path = self.createExecutable(
mysql = urlparse.urlsplit(self.options['mysql-url'])
zope = urlparse.urlsplit(self.options['zope-url'])
# Note: raises when there is more than a single element in path, as it's
# not supported by manage_addERP5Site anyway.
_, zope_path = zope.path.split('/')
return [self.createExecutable(
self.options['runner-path'],
self.substituteTemplate(self.getTemplateFilename('erp5_bootstrap.in'),
config))
return [runner_path]
self.substituteTemplate(
self.getTemplateFilename('erp5_bootstrap.in'),
{
'python_path': sys.executable,
'base_url': urlparse.urlunsplit((zope.scheme, zope.netloc, '', '', '')),
'site_id': zope_path,
'sql_connection_string': '%(database)s@%(hostname)s:%(port)s %(username)s %(password)s' % {
'database': mysql.path.split('/')[1],
'hostname': mysql.hostname,
'port': mysql.port,
'username': mysql.username,
'password': mysql.password
},
},
))]
slapos/recipe/erp5_bootstrap/template/erp5_bootstrap.in
View file @ 94026302
#!%(python_path)s
import httplib
import urllib
import base64
user = "%(user)s"
password = "%(password)s"
host = "%(host)s"
site_id = "%(site_id)s"
erp5_catalog_storage = 'erp5_mysql_innodb_catalog'
mysql_url = "%(sql_connection_string)s"
header_dict = {'Authorization': 'Basic %%s' %% \
base64.encodestring('%%s:%%s' %% (user, password)).strip(),
'Referer':'http://%%s/manage_addProduct/ERP5/addERP5Site' %% host}
zope_connection = httplib.HTTPConnection(host)
# Check if an ERP5 site is already created, as ERP5 does support having
# 2 instances in the same zope, and this script should not destroy user data
zope_connection.request('GET', '/isERP5SitePresent', headers=header_dict)
result = zope_connection.getresponse()
if result.status == 204: # and (result.read() == "False"):
# Use a new connection
zope_connection = httplib.HTTPConnection(host)
# Create the expected ERP5 instance
zope_connection.request(
'POST', '/manage_addProduct/ERP5/manage_addERP5Site',
urllib.urlencode({
'id': site_id,
'erp5_catalog_storage': erp5_catalog_storage,
import ssl
if hasattr(ssl, '_create_unverified_context'):
ssl._create_default_https_context = ssl._create_unverified_context
def isSuccess(response):
return 200 <= response.code < 300
base_url = %(base_url)r
response = urllib.urlopen(base_url + '/isERP5SitePresent')
if isSuccess(response) and response.read() == '':
mysql_url = %(sql_connection_string)r
response = urllib.urlopen(
base_url + '/manage_addProduct/ERP5/manage_addERP5Site',
data=urllib.urlencode({
'id': %(site_id)r,
'erp5_catalog_storage': 'erp5_mysql_innodb_catalog',
'erp5_sql_connection_string': mysql_url,
'cmf_activity_sql_connection_string': mysql_url,
}),
headers=header_dict)
# Wait for the erp5 response, to prevent multiple requests
# been done by the same script.
result = zope_connection.getresponse()
# Read result make sure the site really finished to
#created the ERP5 site.
result.read()
)
if not isSuccess(response):
raise ValueError('Failed creating site, status=%%i: %%s' %% (response.code, response.read()))
print "ERP5 site created."
slapos/recipe/erp5_test/__init__.py
View file @ 94026302
......@@ -38,12 +38,25 @@ class Recipe(GenericBaseRecipe):
# XXX: assume existence of 100 test databases, because slaves are not
# functional yet in slapos: testdb_0...testdb_100, with testuser_N
mysql_template = "%s@%s:%s %s %s"
mysql_parsed = urlparse.urlparse(self.options['mysql-url'])
for i in range(0, 100):
mysql_connection_string_list.append(mysql_template % ('testdb_%s'% i,
mysql_parsed.hostname, mysql_parsed.port, 'testuser_%s'% i, mysql_parsed.password))
mysql_connection_string = mysql_template % ('erp5_test', mysql_parsed.hostname,
mysql_parsed.port, 'erp5_test', mysql_parsed.password)
mysql_url_list = self.options.get('mysql-url-list')
if mysql_url_list is None:
mysql_parsed = urlparse.urlparse(self.options['mysql-url'])
for i in range(0, 100):
mysql_connection_string_list.append(mysql_template % ('testdb_%s'% i,
mysql_parsed.hostname, mysql_parsed.port, 'testuser_%s'% i, mysql_parsed.password))
mysql_connection_string = mysql_template % ('erp5_test', mysql_parsed.hostname,
mysql_parsed.port, 'erp5_test', mysql_parsed.password)
else:
for mysql_url in mysql_url_list:
mysql_parsed = urlparse.urlparse(mysql_url)
mysql_connection_string_list.append(mysql_template % (
mysql_parsed.path.lstrip('/'),
mysql_parsed.hostname,
mysql_parsed.port,
mysql_parsed.username,
mysql_parsed.password,
))
mysql_connection_string = mysql_connection_string_list.pop()
cloudooo_parsed = urlparse.urlparse(self.options['cloudooo-url'])
memcached_parsed = urlparse.urlparse(self.options['memcached-url'])
kumofs_parsed = urlparse.urlparse(self.options['kumofs-url'])
......
slapos/recipe/generatepassword.py
View file @ 94026302
......@@ -48,6 +48,9 @@ class Recipe(object):
- storage-path: plain-text persistent storage for password,
that can only be accessed by the user
(default: ${buildout:parts-directory}/${:_buildout_section_name_})
If storage-path is empty, the recipe does not save the password, which is
fine it is saved by other means, e.g. using the publish-early recipe.
"""
def __init__(self, buildout, name, options):
......@@ -57,16 +60,17 @@ class Recipe(object):
except KeyError:
self.storage_path = options['storage-path'] = os.path.join(
buildout['buildout']['parts-directory'], name)
try:
with open(self.storage_path) as f:
passwd = f.read()
except IOError as e:
if e.errno != errno.ENOENT:
raise
passwd = None
passwd = None
if self.storage_path:
try:
with open(self.storage_path) as f:
passwd = f.read()
except IOError as e:
if e.errno != errno.ENOENT:
raise
self.update = self.install
if not passwd:
passwd = self.generatePassword(int(options_get('bytes', '8')))
self.update = self.install
self.passwd = passwd
# Password must not go into .installed file, for 2 reasons:
# security of course but also to prevent buildout to always reinstall.
......@@ -88,7 +92,7 @@ class Recipe(object):
os.write(fd, self.passwd)
finally:
os.close(fd)
return self.storage_path
return self.storage_path
def update(self):
return ()
slapos/recipe/generic_mysql/mysql.py
View file @ 94026302
......@@ -17,7 +17,8 @@ def runMysql(args):
# XXX: Protect with proper root password
# XXX: Follow http://dev.mysql.com/doc/refman/5.0/en/default-privileges.html
popen = subprocess.Popen([conf['mysql_install_binary'],
'--skip-name-resolve', '--no-defaults',
'--defaults-file=%s' % conf['configuration_file'],
'--skip-name-resolve',
'--datadir=%s' % conf['data_directory'],
'--basedir=%s' % conf['mysql_base_directory']],
stdout=subprocess.PIPE, stderr=subprocess.STDOUT)
......@@ -66,7 +67,7 @@ def updateMysql(args):
with open(script_filename) as script_file:
conf['mysql_script'] = script_file.read()
while True:
mysql_upgrade_list = [conf['mysql_upgrade_binary'], '--no-defaults', '--user=root']
mysql_upgrade_list = [conf['mysql_upgrade_binary'], '--user=root']
if 'socket' in conf:
mysql_upgrade_list.append('--socket=' + conf['socket'])
mysql_upgrade = subprocess.Popen(mysql_upgrade_list, stdout=subprocess.PIPE, stderr=subprocess.STDOUT)
......@@ -80,7 +81,7 @@ def updateMysql(args):
print "MySQL database upgraded with result:\n%s" % result
else:
print "No need to upgrade MySQL database"
mysql_list = [conf['mysql_binary'].strip(), '--no-defaults', '-B', '--user=root']
mysql_list = [conf['mysql_binary'].strip(), '-B', '--user=root']
if 'socket' in conf:
mysql_list.append('--socket=' + conf['socket'])
mysql = subprocess.Popen(mysql_list, stdin=subprocess.PIPE,
......
slapos/recipe/generic_zope_zeo_client/__init__.py
View file @ 94026302
......@@ -53,7 +53,8 @@ def Zope2InitUser(path, username, password):
class Recipe(GenericBaseRecipe):
def _options(self, options):
options['password'] = self.generatePassword()
if 'password' not in options:
options['password'] = self.generatePassword()
def install(self):
"""
......@@ -101,26 +102,24 @@ class Recipe(GenericBaseRecipe):
# Always provide a URL-Type
append("file://" + link)
zope_environment = dict(
TMP=self.options['tmp-path'],
TMPDIR=self.options['tmp-path'],
HOME=self.options['tmp-path'],
PATH=self.options['bin-path'],
TZ=self.options['timezone'],
)
zope_environment = {
'TMP': self.options['tmp-path'],
'TMPDIR': self.options['tmp-path'],
'HOME': self.options.get('home-path', self.options.get('tmp-path')),
'PATH': self.options['bin-path'],
'TZ': self.options['timezone'],
}
instance_home = self.options.get("instancehome-path", None)
if instance_home:
zope_environment["INSTANCE_HOME"] = instance_home
# longrequestlogger product which requires environment settings
longrequest_logger_file = self.options.get('longrequest-logger-file', None)
longrequest_logger_timeout = \
self.options.get('longrequest-logger-timeout', None)
longrequest_logger_interval= \
self.options.get('longrequest-logger-interval', None)
if longrequest_logger_file:
# add needed zope configuration
zope_environment.update(
**dict(longrequestlogger_file = longrequest_logger_file,
longrequestlogger_timeout = longrequest_logger_timeout,
longrequestlogger_interval = longrequest_logger_interval))
zope_environment['longrequestlogger_file'] = longrequest_logger_file
zope_environment['longrequestlogger_timeout'] = self.options.get('longrequest-logger-timeout', None)
zope_environment['longrequestlogger_interval'] = self.options.get('longrequest-logger-interval', None)
# configure default Zope2 zcml
open(self.options['site-zcml'], 'w').write(open(self.getTemplateFilename(
......
slapos/recipe/neoppod.py
View file @ 94026302
......@@ -24,6 +24,7 @@
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#
##############################################################################
import os
from slapos.recipe.librecipe import GenericBaseRecipe
from zc.buildout import UserError
......@@ -50,6 +51,13 @@ class NeoBaseRecipe(GenericBaseRecipe):
#'-n', options['name'],
'-c', options['cluster'],
]
if options['ssl']:
etc = os.path.join(self.buildout['buildout']['directory'], 'etc', '')
option_list += (
'--ca', etc + 'ca.crt',
'--cert', etc + 'neo.crt',
'--key', etc + 'neo.key',
)
option_list.extend(self._getOptionList())
return [self.createPythonScript(
options['wrapper'],
......@@ -76,11 +84,15 @@ class Storage(NeoBaseRecipe):
_binding_port_mandatory = False
def _getOptionList(self):
return [
r = [
'-d', self.options['database-parameters'],
'-a', self.options['database-adapter'],
'-w', self.options['wait-database'],
]
engine = self.options.get('engine')
if engine: # old versions of NEO don't support -e
r += '-e', engine
return r
class Admin(NeoBaseRecipe):
def _getOptionList(self):
......@@ -92,6 +104,7 @@ class Master(NeoBaseRecipe):
r = [
'-p', options['partitions'],
'-r', options['replicas'],
'-A', options['autostart'],
]
for x in (('-C', options['upstream-cluster']),
('-M', options['upstream-masters'])):
......
slapos/recipe/publish.py
View file @ 94026302
......@@ -32,15 +32,19 @@ CONNECTION_PARAMETER_STRING = 'connection-'
class Recipe(GenericSlapRecipe):
def _install(self):
publish_dict = dict()
options = self.options.copy()
del options['recipe']
slave_reference = options.pop('-slave-reference', None)
for k, v in options.iteritems():
if k[:1] == '-':
continue
publish_dict[k] = v
self._setConnectionDict(publish_dict, slave_reference)
publish_dict = {}
done = set()
extends = [self.name]
while extends:
name = extends.pop()
done.add(name)
for k, v in self.buildout[name].iteritems():
if k[:1] == '-':
if k == '-extends':
extends += set(v.split()) - done
elif k != 'recipe':
publish_dict[k] = v
self._setConnectionDict(publish_dict, self.options.get('-slave-reference'))
return []
def _setConnectionDict(self, publish_dict, slave_reference=None):
......
slapos/recipe/publish_early.py 0 → 100644
View file @ 94026302
##############################################################################
#
# Copyright (c) 2010 Vifib SARL and Contributors. All Rights Reserved.
#
# WARNING: This program as such is intended to be used by professional
# programmers who take the whole responsibility of assessing all potential
# consequences resulting from its eventual inadequacies and bugs
# End users who are looking for a ready-to-use solution with commercial
# guarantees and support are strongly adviced to contract a Free Software
# Service Company
#
# This program is Free Software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 3
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#
##############################################################################
import slapos.slap
from slapos.recipe.librecipe import unwrap, wrap
from slapos.recipe.librecipe import GenericSlapRecipe
class Recipe(GenericSlapRecipe):
"""
Early initialization of published parameters.
The '-init' option defines parameters that should be published before
requesting any partitions, and how they are initialized.
Example:
[publish-early]
recipe = slapos.cookbook:publish-early
-init =
foo gen-foo:x
bar gen-bar:y
bar = z
[gen-foo]
...
[publish]
recipe = slapos.cookbook:publish.serialised
-extends = publish-early
...
${publish-early:foo} is initialized with the value of the published
parameter 'foo', or ${gen-foo:x} if it hasn't been published yet
(and in this case, it is published immediately as a way to save the value).
${publish-early:bar} is forced to 'z' (${gen-bar:y} ignored):
a line like 'bar = z' is usually rendered conditionally with Jinja2.
"""
def __init__(self, buildout, name, options):
GenericSlapRecipe.__init__(self, buildout, name, options)
published_dict = None
publish = False
publish_dict = {}
for line in options['-init'].splitlines():
if line:
k, v = line.split()
if k not in options:
if published_dict is None:
self.slap.initializeConnection(self.server_url, self.key_file,
self.cert_file)
computer_partition = self.slap.registerComputerPartition(
self.computer_id, self.computer_partition_id)
published_dict = unwrap(
computer_partition.getConnectionParameterDict())
try:
publish_dict[k] = published_dict[k]
except KeyError:
section, key = v.split(":")
publish_dict[k] = self.buildout[section][key]
publish = True
if publish:
computer_partition.setConnectionDict(wrap(publish_dict))
options.update(publish_dict)
install = update = lambda self: None
slapos/recipe/switch_softwaretype.py 0 → 100644
View file @ 94026302
##############################################################################
#
# Copyright (c) 2014 Vifib SARL and Contributors. All Rights Reserved.
#
# WARNING: This program as such is intended to be used by professional
# programmers who take the whole responsibility of assessing all potential
# consequences resulting from its eventual inadequacies and bugs
# End users who are looking for a ready-to-use solution with commercial
# guarantees and support are strongly advised to contract a Free Software
# Service Company
#
# This program is Free Software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 3
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
#
##############################################################################
import os, subprocess, sys
class Recipe:
def __init__(self, buildout, name, options):
self.buildout = buildout
self.options = options
self.name = name
self.software_type = buildout["slap-configuration"]["slap-software-type"]
section, key = self.options[self.software_type].split(":")
self.base = self.buildout[section][key]
def install(self):
# XXX-Antoine: We gotta find a better way to do this. I tried to check
# out how slapgrid-cp was running buildout. But it is worse than that.
args = sys.argv[:]
for x in self.buildout["slap-connection"].iteritems():
args.append("slap-connection:%s=%s" % x)
for x in "directory", "eggs-directory", "develop-eggs-directory":
args.append("buildout:%s=%s" % (x, self.buildout["buildout"][x]))
args.append("buildout:installed=.installed-%s.cfg" % self.name)
# Options.get (from zc.buildout) should deserialize.
try:
override = self.options["override"][self.software_type]
except (KeyError, TypeError):
buildout = self.base
else:
# unfortunately, buildout:extends does not work when given at command line
buildout = os.path.join(self.buildout["buildout"]["parts-directory"],
self.name + ".cfg")
with open(override) as src, open(buildout, "w", 0) as dst:
dst.write("[buildout]\nextends = %s\n\n" % self.base + src.read())
subprocess.check_call(args + ["-oc", buildout])
return []
update = install
slapos/recipe/userinfo.py 0 → 100644
View file @ 94026302
import grp
import os
import pwd
class Recipe(object):
"""
Provide POSIX information about the user that is currently running buildout.
"""
def __init__(self, buildout, name, options):
pinfo = pwd.getpwuid(os.getuid())
options['pw-name'] = pinfo.pw_name
options['pw-uid'] = pinfo.pw_uid
options['pw-gid'] = pinfo.pw_gid
options['pw-dir'] = pinfo.pw_dir
options['pw-shell'] = pinfo.pw_shell
ginfo = grp.getgrgid(os.getgid())
options['gr-name'] = ginfo.gr_name
options['gr-gid'] = ginfo.gr_gid
install = update = lambda self: []
software/agent/software.cfg
View file @ 94026302
......@@ -26,7 +26,7 @@ git-executable = ${git:location}/bin/git
[slapos.toolbox-repository]
recipe = slapos.recipe.build:gitclone
repository = http://git.erp5.org/repos/slapos.toolbox.git
repository = https://lab.nexedi.com/nexedi/slapos.toolbox.git
branch = agent3
git-executable = ${git:location}/bin/git
......@@ -54,7 +54,7 @@ md5sum = 7c5c43eb98d5a11961d72fce97a8e67b
mode = 0644
[script]
recipe = z3c.recipe.scripts
recipe = zc.recipe.egg
eggs =
zc.buildout
slapos.core
......
software/ajaxplorer/software.cfg
View file @ 94026302
......@@ -73,7 +73,7 @@ md5sum = c5695762361b801c284ee23a150cd1f1
mode = 0644
[template-httpd-conf]
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/templates/${:filename}
mode = 0644
filename = apache.conf.in
......@@ -86,6 +86,5 @@ numpy = 1.6.2
# websockify 0.4.1 doesn't install well
websockify = 0.3.0
plone.recipe.command = 1.1
slapos.recipe.download = 1.0.dev-r4053
slapos.recipe.template = 2.4.2
z3c.recipe.mkdir = 0.5
software/apache-frontend/common.cfg
View file @ 94026302
......@@ -96,7 +96,7 @@ mode = 640
[template-apache-frontend-configuration]
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/templates/apache.conf.in
md5sum = 6c72015a9af4f1edab63712f5c6aec99
md5sum = 09ffa9a94cc7506d32c2c422853106b6
mode = 640
[template-apache-cached-configuration]
......
software/apache-frontend/software.cfg
View file @ 94026302
......@@ -3,31 +3,37 @@ extends = common.cfg
[versions]
PyRSS2Gen = 1.1
apache-libcloud = 0.15.1
async = 0.6.1
apache-libcloud = 0.18.0
cns.recipe.symlink = 0.2.3
collective.recipe.template = 1.11
ecdsa = 0.11
gitdb = 0.5.4
ecdsa = 0.13
gitdb = 0.6.4
plone.recipe.command = 1.1
pycrypto = 2.6.1
rdiff-backup = 1.0.5
slapos.recipe.template = 2.7
slapos.toolbox = 0.40.4
smmap = 0.8.2
slapos.recipe.template = 2.8
slapos.toolbox = 0.52
smmap = 0.9.0
# Required by:
# slapos.toolbox==0.40.2
GitPython = 0.3.2.RC1
# slapos.toolbox==0.52
GitPython = 1.0.1
# Required by:
# slapos.toolbox==0.40.2
# slapos.toolbox==0.52
atomize = 0.2.0
# Required by:
# slapos.toolbox==0.40.2
feedparser = 5.1.3
# slapos.toolbox==0.52
feedparser = 5.2.1
# Required by:
# slapos.toolbox==0.40.2
paramiko = 1.15.2
# slapos.toolbox==0.52
lockfile = 0.10.2
# Required by:
# slapos.toolbox==0.52
paramiko = 1.15.3
# Required by:
# slapos.toolbox==0.52
rpdb = 0.1.5
software/apache-frontend/templates/apache.conf.in
View file @ 94026302
......@@ -24,6 +24,9 @@ RequestHeader unset REMOTE_USER
ServerTokens Prod
# Disable TRACE Method
TraceEnable off
# Log configuration
ErrorLog "{{ error_log }}"
LogLevel info
......
software/boinc-client/software.cfg
View file @ 94026302
......@@ -28,5 +28,4 @@ mode = 0644
[versions]
plone.recipe.command = 1.1
slapos.recipe.download = 1.0.dev-r4053
slapos.recipe.template = 2.4.2
software/boinc/software.cfg
View file @ 94026302
......@@ -32,7 +32,7 @@ app-name = upper_case
version = 1.00
[template-base]
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
download-only = true
mode = 0644
......
software/bonjourgrid/software.cfg
View file @ 94026302
......@@ -78,7 +78,7 @@ app-name = upper_case
version = 1.00
[template-base]
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
download-only = true
mode = 0644
......@@ -124,7 +124,7 @@ md5sum = 42985a425369e4f93211cfaad21d8eb8
mode = 0644
[description-file]
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
mode = 0644
url = ${:_profile_base_location_}/condor_job/submit
filename = submit
......@@ -132,7 +132,7 @@ location = ${buildout:parts-directory}/${:_buildout_section_name_}
md5sum = 8180d88348b89b55216f8dd4475a9eea
[executable]
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
mode = 0774
url = ${:_profile_base_location_}/condor_job/simple
filename = simple
......
software/cdn-me/instance-cdn-me-input-schema.json 0 → 100644
View file @ 94026302
{
"type": "object",
"$schema": "http://json-schema.org/draft-04/schema",
"title": "Input Parameters",
"properties": {
"port": {
"title": "Backend port",
"description": "Port where the service is running on the backend",
"default": 80,
"type": "integer"
},
"frontend-custom_domain": {
"title": "Custom Domain",
"description": "Custom Domain to use for the website",
"type": "string",
"pattern": "^([a-zA-Z0-9]([a-zA-Z0-9\\-]{0,61}[a-zA-Z0-9])?\\.)+[a-zA-Z]{2,6}$"
},
"frontend-server-alias": {
"title": "Server Alias",
"description": "Server Alias List separated by space",
"type": "string",
"default": ""
},
"frontend-type": {
"title": "Backend Type",
"description": "Type of slave. If redirect, the slave will redirect to the given url. If zope, the rewrite rules will be compatible with Virtual Host Monster",
"type": "string",
"default": "",
"enum": ["", "zope", "redirect"]
},
"frontend-path": {
"title": "Backend Path",
"description": "Path to proxy to in the backend",
"type": "string",
"default": ""
},
"frontend-default-path": {
"title": "Default Path",
"description": "Provide default path to redirect user to",
"type": "string",
"default": ""
},
"frontend-ssl_crt": {
"title": "SSL Certificate",
"description": "SSL Certificate",
"type": "string",
"default": ""
},
"frontend-ssl_key": {
"title": "SSL Key",
"description": "SSL Key",
"type": "string",
"default": ""
},
"frontend-ssl_ca_crt": {
"title": "SSL Certificate Authority's Certificate",
"description": "SSL Key",
"type": "string",
"default": ""
},
"frontend-https-only": {
"title": "HTTPS Only",
"description": "If set to true, http request are redirect to https",
"type": "string",
"default": "false",
"enum": ["false", "true"]
},
"frontend-ssl-proxy-verify": {
"title": "Verify Backend Certificates",
"description": "If set to true, Backend Certificates are checked",
"type": "string",
"default": "false",
"enum": ["false", "true"]
},
"frontend-ssl_proxy_ca_crt": {
"title": "SSL Backend Authority's Certificate",
"description": "SSL Certificate Authority of the backen (to be used with ssl-proxy-verify)",
"type": "string",
"default": ""
},
"frontend-enable_cache": {
"title": "Enable Cache",
"description": "If set to true, the cache is used",
"type": "string",
"default": "false",
"enum": ["false", "true"]
},
"frontend-disable-no-cache-request": {
"title": "Disable 'no-cache' requests",
"description": "If set to true, no-cache control headers will be disabled",
"type": "string",
"default": "false",
"enum": ["false", "true"]
},
"frontend-disable-via-header": {
"title": "Disable 'Via' headers from cache",
"description": "If set to true, via headers will be disabled",
"type": "string",
"default": "false",
"enum": ["false", "true"]
},
"frontend-prefer-gzip-encoding-to-backend": {
"title": "Prefer gzip Encoding for Backend",
"description": "If set to true, if a request is made with accept encoding 'gzip', only that one will be transferred to the backend",
"type": "string",
"default": "false",
"enum": ["false", "true"]
},
"frontend-disabled-cookie-list": {
"title": "Disabled Cookies",
"description": "List of Cookies separated by space that will not be sent to the backend",
"type": "string",
"default": ""
}
}
}
software/cdn-me/instance-cdn-request.cfg deleted 100644 → 0
View file @ 47a68bf7
[buildout]
parts =
request-re6stnet-token-slave
request-frontend-token-slave
eggs-directory = ${buildout:eggs-directory}
develop-eggs-directory = ${buildout:develop-eggs-directory}
offline = true
# Create all needed directories
[directory]
recipe = slapos.cookbook:mkdirectory
home = $${buildout:directory}
etc = $${:home}/etc/
var = $${:home}/var/
srv = $${:home}/srv/
bin = $${:home}/bin/
tmp = $${:home}/tmp/
[request-frontend-token-slave]
<= slap-connection
recipe = slapos.cookbook:requestoptional
name = WebSite Frontend
# XXX We have hardcoded SR URL here.
software-url = product.frontend
slave = true
config-url = http://$${request-re6stnet-token-slave:connection-ipv6}/
config-domain = $${slap-parameter:frontend-domain}
return = site_url domain
[request-re6stnet-token-slave]
<= slap-connection
recipe = slapos.cookbook:requestoptional
name = Re6st token Frontend
# XXX We have hardcoded SR URL here.
software-url = product.re6st
slave = true
return = token info_1 ipv6
[publish-connection-informations]
recipe = slapos.cookbook:publish
url = https://$${request-frontend-token-slave:connection-domain}
token = $${request-re6stnet-token-slave:connection-token}
ipv6 = $${request-re6stnet-token-slave:connection-ipv6}
info_1 = $${request-re6stnet-token-slave:info_1}
\ No newline at end of file
software/cdn-me/instance-cdn-request.cfg.jinja2 0 → 100644
View file @ 94026302
[buildout]
parts =
request-re6stnet-token-slave
request-frontend-token-slave
eggs-directory = ${buildout:eggs-directory}
develop-eggs-directory = ${buildout:develop-eggs-directory}
offline = true
# Create all needed directories
[directory]
recipe = slapos.cookbook:mkdirectory
home = $${buildout:directory}
etc = $${:home}/etc/
var = $${:home}/var/
srv = $${:home}/srv/
bin = $${:home}/bin/
tmp = $${:home}/tmp/
[request-frontend-token-slave]
<= slap-connection
recipe = slapos.cookbook:requestoptional
name = WebSite Frontend
# XXX We have hardcoded SR URL here.
software-url = product.frontend
slave = true
{% if slapparameter_dict.get('frontend-custom_domain', '80') != '443' %}
config-url = https://[$${request-re6stnet-token-slave:connection-ipv6}1]:{{ slapparameter_dict.get('port', '80') }}/
{% endif -%}
{% if slapparameter_dict.get('frontend-custom_domain', '80') == '443' %}
config-url = https://[$${request-re6stnet-token-slave:connection-ipv6}1]:{{ slapparameter_dict.get('port', '443') }}/
{% endif -%}
{% if slapparameter_dict.get('frontend-custom_domain', '') %}
config-custom_domain = {{ slapparameter_dict.get('frontend-custom_domain', '') }}
{% endif -%}
{% if slapparameter_dict.get('frontend-server-alias', '') %}
config-server-alias = {{ slapparameter_dict.get('frontend-server-alias', '') }}
{% endif -%}
{% if slapparameter_dict.get('frontend-type', '') %}
config-type = {{ slapparameter_dict.get('frontend-type', '') }}
{% endif -%}
{% if slapparameter_dict.get('frontend-path', '') %}
config-path = {{ slapparameter_dict.get('frontend-path', '') }}
{% endif -%}
{% if slapparameter_dict.get('frontend-default-path', '') %}
config-default-path = {{ slapparameter_dict.get('frontend-default-path', '') }}
{% endif -%}
{% if slapparameter_dict.get('frontend-ssl_crt', '') %}
config-ssl_crt = {{ slapparameter_dict.get('frontend-ssl_crt', '').split('\n') | join('\n ') }}
{% endif -%}
{% if slapparameter_dict.get('frontend-ssl_key', '') %}
config-ssl_key = {{ slapparameter_dict.get('frontend-ssl_key', '').split('\n') | join('\n ') }}
{% endif -%}
{% if slapparameter_dict.get('frontend-ssl_ca_crt', '') %}
config-ssl_ca_crt = {{ slapparameter_dict.get('frontend-ssl_ca_crt', '').split('\n') | join('\n ') }}
{% endif -%}
{% if slapparameter_dict.get('frontend-https-only', '') %}
config-https-only = {{ slapparameter_dict.get('frontend-https-only', '') }}
{% endif -%}
{% if slapparameter_dict.get('frontend-ssl-proxy-verify', '') %}
config-ssl-proxy-verify = {{ slapparameter_dict.get('frontend-ssl-proxy-verify', '') }}
{% endif -%}
{% if slapparameter_dict.get('frontend-ssl_proxy_ca_crt', '') %}
config-ssl_proxy_ca_crt = {{ slapparameter_dict.get('frontend-ssl_proxy_ca_crt', '').split('\n') | join('\n ') }}
{% endif -%}
{% if slapparameter_dict.get('frontend-enable_cache', '') %}
config-enable_cache = {{ slapparameter_dict.get('frontend-enable_cache', '') }}
{% endif -%}
{% if slapparameter_dict.get('frontend-disable-no-cache-request', '') %}
config-disable-no-cache-request = {{ slapparameter_dict.get('frontend-disable-no-cache-request', '') }}
{% endif -%}
{% if slapparameter_dict.get('frontend-disable-via-header', '') %}
config-disable-via-header = {{ slapparameter_dict.get('frontend-disable-via-header', '') }}
{% endif -%}
{% if slapparameter_dict.get('frontend-prefer-gzip-encoding-to-backend', '') %}
config-prefer-gzip-encoding-to-backend = {{ slapparameter_dict.get('frontend-prefer-gzip-encoding-to-backend', '') }}
{% endif -%}
{% if slapparameter_dict.get('frontend-disabled-cookie-list', '') %}
config-disabled-cookie-list = {{ slapparameter_dict.get('frontend-disabled-cookie-list', '') }}
{% endif -%}
return = site_url domain
[request-re6stnet-token-slave]
<= slap-connection
recipe = slapos.cookbook:requestoptional
name = Re6st token Frontend
# XXX We have hardcoded SR URL here.
software-url = product.re6st
slave = true
return = token info_1 ipv6
[publish-connection-informations]
recipe = slapos.cookbook:publish
url = https://$${request-frontend-token-slave:connection-domain}
token = $${request-re6stnet-token-slave:connection-token}
ipv6 = $${request-re6stnet-token-slave:connection-ipv6}
info_1 = $${request-re6stnet-token-slave:info_1}
software/cdn-me/software.cfg
View file @ 94026302
......@@ -6,7 +6,6 @@ extends =
# to avoid versioning issues
parts =
slapos-cookbook-develop
template
eggs
template-cdn-request
......@@ -20,16 +19,16 @@ mode = 0644
[template-cdn-request]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-cdn-request.cfg
output = ${buildout:directory}/template-cdn-request.cfg
md5sum = 4c5ad2a5e9c4364588e1e4212ed8d1aa
url = ${:_profile_base_location_}/instance-cdn-request.cfg.jinja2
output = ${buildout:directory}/template-cdn-request.cfg.jinja2
md5sum = b450c721194eb0834e3738158195975a
mode = 0644
[slapos.cookbook-repository]
branch = request.product
[eggs]
recipe = z3c.recipe.scripts
recipe = zc.recipe.egg
eggs =
collective.recipe.environment
cns.recipe.symlink
......@@ -37,4 +36,11 @@ eggs =
lock-file
plone.recipe.command
slapos.recipe.build
${slapos-cookbook:eggs}
\ No newline at end of file
${slapos-cookbook:eggs}
[versions]
cns.recipe.symlink = 0.2.3
collective.recipe.environment = 0.2.0
erp5.util = 0.4.43
plone.recipe.command = 1.1
slapos.recipe.template = 2.8
software/cdn-me/software.cfg.json 0 → 100644
View file @ 94026302
{
"name": "CDN ME",
"description": "CDN ME",
"serialisation": "xml",
"software-type": {
"default": {
"title": "Default",
"description": "Re6st registry",
"request": "instance-cdn-me-input-schema.json",
"response": "instance-cdn-me-output-schema.json",
"index": 0
}
}
\ No newline at end of file
software/cloudooo/instance-cloudoo.cfg.in
View file @ 94026302
......@@ -19,7 +19,7 @@ url = cloudooo://${haproxy:ip}:${haproxy:port}/
recipe = slapos.cookbook:generic.cloudooo
ip = {{ ipv4 }}
environment =
LD_LIBRARY_PATH = {{ parameter_dict['cups'] }}/lib:{{ parameter_dict['cups'] }}/lib64:{{ parameter_dict['dbus'] }}/lib:{{ parameter_dict['dbus-glib'] }}/lib:{{ parameter_dict['file'] }}/lib:{{ parameter_dict['fontconfig'] }}/lib:{{ parameter_dict['freetype'] }}/lib:{{ parameter_dict['glib'] }}/lib:{{ parameter_dict['glu'] }}/lib:{{ parameter_dict['libICE'] }}/lib:{{ parameter_dict['libSM'] }}/lib:{{ parameter_dict['libX11'] }}/lib:{{ parameter_dict['libXau'] }}/lib:{{ parameter_dict['libXdmcp'] }}/lib:{{ parameter_dict['libXext'] }}/lib:{{ parameter_dict['libXrender'] }}/lib:{{ parameter_dict['libexpat'] }}/lib:{{ parameter_dict['libffi'] }}/lib:{{ parameter_dict['libffi'] }}/lib64:{{ parameter_dict['libpng12'] }}/lib:{{ parameter_dict['libxcb'] }}/lib:{{ parameter_dict['mesa'] }}/lib:{{ parameter_dict['xdamage'] }}/lib:{{ parameter_dict['xfixes'] }}/lib:{{ parameter_dict['zlib'] }}/lib
LD_LIBRARY_PATH = {{ parameter_dict['cairo'] }}/lib:{{ parameter_dict['cups'] }}/lib:{{ parameter_dict['cups'] }}/lib64:{{ parameter_dict['dbus'] }}/lib:{{ parameter_dict['dbus-glib'] }}/lib:{{ parameter_dict['file'] }}/lib:{{ parameter_dict['fontconfig'] }}/lib:{{ parameter_dict['freetype'] }}/lib:{{ parameter_dict['glib'] }}/lib:{{ parameter_dict['glu'] }}/lib:{{ parameter_dict['libICE'] }}/lib:{{ parameter_dict['libSM'] }}/lib:{{ parameter_dict['libX11'] }}/lib:{{ parameter_dict['libXau'] }}/lib:{{ parameter_dict['libXdmcp'] }}/lib:{{ parameter_dict['libXext'] }}/lib:{{ parameter_dict['libXrender'] }}/lib:{{ parameter_dict['libexpat'] }}/lib:{{ parameter_dict['libffi'] }}/lib:{{ parameter_dict['libffi'] }}/lib64:{{ parameter_dict['libpng12'] }}/lib:{{ parameter_dict['libxcb'] }}/lib:{{ parameter_dict['mesa'] }}/lib:{{ parameter_dict['pixman'] }}/lib:{{ parameter_dict['xdamage'] }}/lib:{{ parameter_dict['xfixes'] }}/lib:{{ parameter_dict['zlib'] }}/lib
FONTCONFIG_FILE = ${fontconfig-instance:conf-path}
PATH = ${binary-link:target-directory}
# Binary information
......
software/cloudooo/instance.cfg.in
View file @ 94026302
......@@ -26,6 +26,7 @@ context =
[dynamic-template-cloudooo-parameters]
buildout-bin-directory = {{ buildout_bin_directory }}
cairo = {{ cairo_location }}
coreutils = {{ coreutils_location }}
cups = {{ cups_location }}
dbus = {{ dbus_location }}
......@@ -52,6 +53,7 @@ libreoffice-bin = {{ libreoffice_bin_location }}
libxcb = {{ libxcb_location }}
mesa = {{ mesa_location }}
poppler = {{ poppler_location }}
pixman = {{ pixman_location }}
xdamage = {{ xdamage_location }}
xfixes = {{ xfixes_location }}
zlib = {{ zlib_location }}
......
software/cloudooo/software.cfg
View file @ 94026302
......@@ -38,10 +38,11 @@ context =
# XXX: "template.cfg" is hardcoded in instanciation recipe
filename = template.cfg
template = ${:_profile_base_location_}/instance.cfg.in
md5sum = 2ad39c607cfa80bf87dd6258c29754c3
md5sum = a26cb2a94b7bec07f62efcbe14fec608
extra-context =
key buildout_bin_directory buildout:bin-directory
key coreutils_location coreutils:location
key cairo_location cairo:location
key cups_location cups:location
key dbus_glib_location dbus-glib:location
key dbus_location dbus:location
......@@ -69,6 +70,7 @@ extra-context =
key libxcb_location libxcb:location
key mesa_location mesa:location
key openssl_location openssl:location
key pixman_location pixman:location
key poppler_location poppler:location
key template_cloudooo template-cloudooo:target
key xdamage_location xdamage:location
......@@ -78,5 +80,5 @@ extra-context =
[template-cloudooo]
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/instance-cloudoo.cfg.in
md5sum = 4bede3be20dbc2ecfdb5d49b3184742e
md5sum = 439c6f397b851d2884803e88e5a2d8de
mode = 640
software/davstorage/development.cfg
View file @ 94026302
......@@ -20,7 +20,7 @@ git-executable = ${git:location}/bin/git
[slapos.toolbox-repository]
recipe = slapos.recipe.build:gitclone
repository = http://git.erp5.org/repos/slapos.toolbox.git
repository = https://lab.nexedi.com/nexedi/slapos.toolbox.git
branch = master
git-executable = ${git:location}/bin/git
......
software/davstorage/software.cfg
View file @ 94026302
......@@ -20,7 +20,7 @@ git-executable = ${git:location}/bin/git
[slapos.toolbox-repository]
recipe = slapos.recipe.build:gitclone
repository = http://git.erp5.org/repos/slapos.toolbox.git
repository = https://lab.nexedi.com/nexedi/slapos.toolbox.git
branch = master
git-executable = ${git:location}/bin/git
......
software/dream/software.cfg
View file @ 94026302
......@@ -25,7 +25,7 @@ initialization =
${manpy:initialization}
[dream_interpreter]
recipe = z3c.recipe.scripts
recipe = zc.recipe.egg
eggs = ${manpy:eggs}
interpreter = dream_interpreter
initialization =
......@@ -51,12 +51,10 @@ tablib = 0.10.0
MySQL-python = 1.2.5
# indirect dependancies
collective.recipe.template = 1.11
cp.recipe.cmd = 0.5
plone.recipe.command = 1.1
slapos.recipe.template = 2.7
slapos.recipe.template = 2.8
zope.exceptions = 4.0.7
zope.testing = 4.1.3
zc.recipe.testrunner = 2.0.0
zope.testrunner = 4.4.6
z3c.recipe.scripts = 1.0.1
software/erp5/README.rst 0 → 100644
View file @ 94026302
Available ``software-type`` values
==================================
- ``default``
Recommended for production use.
- ``create-erp5-site``
Automated creation of ERP5Site instance, for easy deployment.
Usage in production discouraged due to the increased risk of data loss.
Notes
=====
This software release is not intended to be accessed directly, but through a
front-end instance which is expected to contains the RewriteRules_ (or
equivalent) needed to relocate Zope's urls via its VirtualHostMonster_. See the
``frontend`` erp5 instance parameter.
Included cloudooo partition is **deprecated**. It is not recommended for
intensive usage. See the ``cloudooo`` Software Release to setup a cloudooo
cluster, more suitable for intensive usage.
Port ranges
===========
This software release assigns the following port ranges by default:
==================== ==========
Partition type Port range
==================== ==========
memcached-persistent 2000-2009
memcached-volatile 2010-2019
cloudooo 2020-2024
smtp 2025-2029
neo (admin & master) 2050-2051
mariadb 2099
zeo 2100-2149
balancer 2150-2199
zope 2200-*
==================== ==========
Non-zope partitions are unique in an ERP5 cluster, so you shouldn't have to
care about them as a user (but a Software Release developer needs to know
them).
Zope partitions should be assigned port ranges starting at 2200, incrementing
by some value which depends on how many zope process you want per partition
(see the ``port-base`` parameter in ``zope-partition-dict``).
Notes to the Software Release developper: These ranges are not strictly
defined. Not each port is actually used so one may reduce alread-assigned
ranges if needed (ex: memcached partitions use actually fewer ports). There
should be enough room for evolution (as between smtp and mariadb types). It is
important to not allocate any port after 2200 as user may have assigned ports
to his zope processes.
.. _RewriteRules: http://httpd.apache.org/docs/current/en/mod/mod_rewrite.html#rewriterule
.. _VirtualHostMonster: http://docs.zope.org/zope2/zope2book/VirtualHosting.html
software/erp5/README.txt deleted 100644 → 0
View file @ 47a68bf7
TODO: improve
Instance Parameters
===================
Zope Parameters
---------------
Needed by software-type development (default) and zope.
frontend-software-url
~~~~~~~~~~~~~~~~~~~~~
Software URL of an existing frontend.
XXX: meaning should change (or it will go away) in order to be resilient to
software updates - as they are visible at software-url level.
If it is not provided, no frontend will be requested.
frontend-instance-guid
~~~~~~~~~~~~~~~~~~~~~~
GUID of frontend instance.
Not perfect yet: if that instance is replaced, slaves have to be reconfigured.
Mandatory only if frontend-software-url is also provided.
XXX: should be complemented (or replaced) by more flexible and precise
criteria.
frontend-software-type (optional)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Frontend software type as defined by the software relase at
frontend-software-url.
frontend-domain (optional)
~~~~~~~~~~~~~~~~~~~~~~~~~~
Domain name frontend must recognise as belonging to this instance.
software/erp5/instance-cloudooo-schema.json 0 → 100644
View file @ 94026302
{
"$schema": "http://json-schema.org/draft-04/schema#",
"required": ["tcpv4-port"],
"properties": {
"tcpv4-port": {
"allOf": [{
"$ref": "#/definitions/tcpv4port"
}, {
"description": "Start allocating ports at this value, going upward"
}]
},
"font-url-list": {
"description": "List of URLs from which fonts are to be downloaded",
"default": [],
"items": {
"type": "string"
},
"type": "array"
}
}
}
software/erp5/instance-erp5-input-schema.json 0 → 100644
View file @ 94026302
{
"$schema": "http://json-schema.org/draft-04/schema#",
"description": "Parameters to instantiate ERP5",
"additionalProperties": false,
"properties": {
"sla-dict": {
"description": "Where to request instances. Each key is a query string for criterions (e.g. \"computer_guid=foo\"), and each value is a list of partition references.",
"additionalProperties": {
"type": "array",
"items": { "type": "string" },
"uniqueItems": true
},
"type": "object"
},
"site-id": {
"description": "ERP5Site object's id",
"default": "erp5",
"type": "string"
},
"timezone": {
"description": "Zope's timezone. Possible values are determined by host's libc, and typically come from a separate package (tzdata, ...)",
"default": "UTC",
"type": "string"
},
"deadlock-debugger-password": {
"description": "Password for /manage_debug_threads",
"type": "string"
},
"inituser-login": {
"description": "Login of the initial/rescue user",
"default": "zope",
"type": "string"
},
"inituser-password": {
"description": "Password of the initial/rescue user",
"type": "string"
},
"developer-list": {
"description": "List of logins which should get the Developper role (required to modify portal_components' content), defaulting to inituser-login's value",
"items": {
"pattern": "/^\\S+$/",
"type": "string"
},
"uniqueItems": true,
"type": "array"
},
"hostalias-dict": {
"description": "Hostname-to-hostname mapping",
"default": {},
"additionalProperties": {
"description": "A hostname to which current entry will resolve",
"type": "string"
},
"type": "object"
},
"hosts-dict": {
"description": "Host entries to be used in addition to and/or overriding auto-generated ones (erp5-catalog-0, erp5-cloudooo, erp5-memcached-persistent, erp5-memcached-volatile and erp5-smtp)",
"patternProperties": {
".*": {
"description": "An IP or domain name to which current entry will resolve",
"type": "string"
}
},
"type": "object"
},
"frontend": {
"description": "Front-end slave instance request parameters",
"properties": {
"software-url": {
"description": "Front-end's software type. If this parameter is empty, no front-end instance is requested. Else, sla-dict must specify 'frontend' which is a special value matching all frontends (e.g. {\"instance_guid=bar\": [\"frontend\"]}).",
"default": "",
"type": "string"
},
"domain": {
"description": "The domain name to request front-end to respond as.",
"default": "",
"type": "string"
},
"software-type": {
"description": "Request a front-end slave instance of this software type.",
"default": "RootSoftwareInstance",
"type": ""
}
},
"type": "object"
},
"zope-partition-dict": {
"description": "Zope layout definition",
"default": {"1": {}},
"patternProperties": {
".*": {
"additionalProperties": false,
"properties": {
"family": {
"description": "The family this partition is part of. For example: 'public', 'admin', 'backoffice', 'web-service'... Each family gets its own balancer entry. It has no special meaning for the system.",
"default": "default",
"type": "string"
},
"instance-count": {
"description": "Number of Zopes to setup on this partition",
"default": 1,
"type": "integer"
},
"thread-amount": {
"description": "Number of worker threads for each created Zope process",
"default": 4,
"type": "integer"
},
"timerserver-interval": {
"description": "Timerserver tick perdiod, in seconds, or 0 to disable",
"default": 5,
"type": "integer"
},
"webdav": {
"description": "Serve webdav queries, implies timerserver-interval=0 (disabled). Mixing webdav and non-webdav nodes in a single family will give unspecified results.",
"default": false,
"type": "boolean"
},
"longrequest-logger-interval": {
"description": "Period, in seconds, with which LongRequestLogger polls worker thread stack traces, or -1 to disable",
"default": -1,
"type": "integer"
},
"longrequest-logger-timeout": {
"description": "Transaction duration after which LongRequestLogger will start logging its stack trace, in seconds",
"default": 1,
"type": "integer"
},
"port-base": {
"allOf": [{
"$ref": "#/definitions/tcpv4port"
}, {
"description": "Start allocating ports at this value. Useful if one needs to make several partitions share the same port range (ie, several partitions bound to a single address)",
"default": 2200
}]
}
},
"type": "object"
}
},
"type": "object"
},
"kumofs": {
"description": "Persistent memcached service",
"additionalProperties": {
"$ref": "./instance-kumofs-schema.json#properties"
},
"type": "object"
},
"memcached": {
"description": "Volatile memcached service",
"additionalProperties": {
"$ref": "./instance-kumofs-schema.json#properties"
},
"type": "object"
},
"cloudooo": {
"description": "Format conversion service",
"additionalProperties": {
"$ref": "./instance-cloudooo-schema.json#properties"
},
"type": "object"
},
"mariadb": {
"description": "Relational database service",
"additionalProperties": {
"$ref": "./instance-mariadb-schema.json#properties"
},
"type": "object"
},
"zodb-zeo": {
"description": "Common settings ZEO servers",
"properties": {
"tcpv4-port": {
"allOf": [{
"$ref": "#/definitions/tcpv4port"
}, {
"description": "Start allocating ports at this value, going upward"
}]
},
"backup-periodicity": {
"description": "When to backup, specified in the same format as for systemd.time(7) calendar events (years & seconds not supported, DoW & DoM can not be combined). Enter 'never' to disable backups.",
"default": "daily",
"type": "string"
},
"tidstorage-repozo-path": {
"description": "Directory for backup timestamp and tidstorage status files.",
"default": "~/srv/backup/tidstorage",
"type": "string"
}
},
"type": "object"
},
"zodb": {
"description": "Zope Object DataBase mountpoints. See https://github.com/zopefoundation/ZODB/blob/3.10/src/ZODB/component.xml for extra options.",
"items": {
"required": ["type"],
"properties": {
"name": {
"description": "Database name",
"default": "main",
"type": "string"
},
"mount-point": {
"description": "Mount point",
"default": "/",
"type": "string"
},
"type": {
"description": "Storage type",
"enum": ["zeo", "neo"],
"type": "string"
},
"server": {
"description": "Instantiate a server. If missing, 'storage-dict' must contain the necessary properties to mount the ZODB. For ZEO, the partition reference is 'zodb'. For NEO, they are 'neo-0', 'neo-1', ...",
"anyOf": [
{"$ref": "./instance-zeo-schema.json"},
{"$ref": "../neoppod/instance-neo-input-schema.json"}
]
},
"storage-dict": {
"description": "Storage configuration. For NEO, 'logfile' is automatically set (see http://git.erp5.org/gitweb/neoppod.git/blob/HEAD:/neo/client/component.xml for other settings).",
"properties": {
"ssl": {
"description": "For external NEO. Pass false if you want to disable SSL or pass custom values for ca/cert/key.",
"default": true,
"type": "boolean"
}
},
"additionalProperties": {"type": "string"},
"type": "object"
}
},
"additionalProperties": {"type": "string"},
"type": "object"
},
"type": "array"
}
}
}
software/erp5/instance-erp5-output-schema.json 0 → 100644
View file @ 94026302
{
"$schema": "http://json-schema.org/draft-04/schema#",
"description": "Values returned by ERP5 instantiation",
"properties": {
"hosts-dict": {
"description": "Hosts mapping, including auto-generated entries",
"patternProperties": {
".*": {
"description": "IP or domain names current entry resolves to",
"type": "string"
}
},
"type": "object"
},
"site-id": {
"description": "Chosen ERP5Site object identifier",
"type": "string"
},
"inituser-login": {
"description": "Initial user login",
"type": "string"
},
"inituser-password": {
"description": "Initial user password",
"type": "string"
},
"kumofs-url": {
"description": "Persistent memcached access information",
"type": "string"
},
"memcached-url": {
"description": "Volatile memcached access information",
"type": "string"
},
"cloudooo-url": {
"description": "Conversion service access information",
"type": "string"
},
"mariadb-url": {
"description": "Relational database access information",
"type": "string"
}
},
"patternProperties": {
"family-.*": {
"description": "Zope family access information",
"type": "string"
}
},
"type": "object"
}
software/erp5/instance-kumofs-schema.json 0 → 100644
View file @ 94026302
{
"$schema": "http://json-schema.org/draft-04/schema#",
"required": ["tcpv4-port"],
"properties": {
"tcpv4-port": {
"allOf": [{
"$ref": "#/definitions/tcpv4port"
}, {
"description": "Start allocating ports at this value, going upward"
}]
},
"ram-storage-size": {
"description": "If 0 use disk storage, otherwise use ram and limit data size to this many megabytes",
"default": 0,
"type": "integer"
}
}
}
software/erp5/instance-mariadb-schema.json 0 → 100644
View file @ 94026302
{
"$schema": "http://json-schema.org/draft-04/schema#",
"required": ["tcpv4-port"],
"properties": {
"tcpv4-port": {
"allOf": [{
"$ref": "#/definitions/tcpv4port"
}, {
"description": "Start allocating ports at this value, going downward"
}]
},
"database-list": {
"description": "Databases to create and respective user credentials getting all privileges on it",
"default": [{
"name": "erp5",
"user": "user",
"password": "insecure"
}],
"minItems": 1,
"items": {
"required": ["name", "user", "password"],
"properties": {
"name": {
"description": "Database name",
"type": "string"
},
"user": {
"description": "User name",
"type": "string"
},
"password": {
"description": "User password",
"type": "string"
}
},
"type": "object"
},
"type": "array"
},
"test-database-amount": {
"description": "The number of test databases to create, adding auto-generated entries to database-list",
"default": 1,
"minimum": 0,
"type": "integer"
},
"catalog-backup": {
"description": "Backup control knobs",
"properties": {
"full-retention-days": {
"description": "How many days full backups must be retained, -1 meaning full backups are disabled and 0 meaning no expiration",
"default": 7,
"minimum": -1,
"type": "integer"
},
"incremental-retention-days": {
"description": "How many days incremental backups (binlogs) must be retained, -1 meaning incremental backups are disabled and 0 meaning no expiration, defaulting to full-retention-days' value",
"minimum": -1,
"type": "integer"
}
},
"type": "object"
},
"backup-periodicity": {
"description": "When to backup, specified in the same format as for systemd.time(7) calendar events (years & seconds not supported, DoW & DoM can not be combined).",
"default": "daily",
"type": "string"
},
"innodb-buffer-pool-size": {
"description": "See MariaDB documentation on innodb_buffer_pool_size",
"minimum": 0,
"type": "integer"
},
"innodb-log-file-size": {
"description": "See MariaDB documentation on innodb_log_file_size",
"minimum": 0,
"type": "integer"
},
"innodb-log-buffer-size": {
"description": "See MariaDB documentation on innodb_log_buffer_size",
"minimum": 0,
"type": "integer"
},
"long-query-time": {
"description": "Number of seconds above which long queries are logged",
"minimum": 0,
"default": 1,
"type": "number"
},
"relaxed-writes": {
"description": "When enabled, sets innodb_flush_log_at_trx_commit = 0, innodb_flush_method = nosync, innodb_doublewrite = 0 and sync_frm = 0 - RTFM, those options are dangerous",
"default": false,
"type": "boolean"
},
"ssl": {
"description": "Enable and define SSL support for network connections",
"default": {},
"properties": {
"ca-crt": {
"description": "Certificate Authority's certificate, in PEM format",
"type": "string"
},
"crt": {
"description": "Server's certificate, in PEM format (mandatory to enable SSL support)",
"type": "string"
},
"key": {
"description": "Server's key, in PEM format (mandatory to enable SSL support)",
"type": "string"
},
"crl": {
"description": "Server's certificate revocation list, in PEM format",
"type": "string"
},
"cipher": {
"description": "Permissible cipher specifications, separated by colons",
"type": "string"
}
},
"type": "object"
}
}
}
software/erp5/instance-smtp-schema.json 0 → 100644
View file @ 94026302
{
"$schema": "http://json-schema.org/draft-04/schema#",
"extends": "./schema-definitions.json#",
"required": ["tcpv4-port"],
"properties": {
"tcpv4-port": {
"allOf": [{
"$ref": "#/definitions/tcpv4port"
}, {
"description": "Start allocating ports at this value, going upward"
}]
},
"postmaster": {
"description": "Mail address to send technical mails to. Non-empty value required for smptd relay service to be deployed. Values will be put in alias-dict as 'postmaster' key (alias-dict takes precedence)",
"default": "",
"type": "string"
},
"alias-dict": {
"description": "Mail alias support",
"default": {},
"patternProperties": {
".*": {
"description": "List of addresses alias expands to",
"type": "array"
}
},
"type": "object"
},
"relay": {
"description": "Forward outgoing mails to a specific relay. If enabled, relay must support TLS-encrypted SASL authentication.",
"dependencies": {
"host": ["sasl-credential"]
},
"properties": {
"host": {
"description": "Host name or address of relay, with optional port (ex: '[example.com]:submissionu'). Enclosing hostname with [] prevents MX lookup.",
"type": "string"
},
"sasl-credential": {
"description": "SASL credential, in the login:password form",
"type": "string"
}
},
"default": {},
"type": "object"
},
"divert": {
"description": "Intercept all mails and send them to given addresses instead of original recipient",
"type": "array",
"items": {
"type": "string"
},
"uniqueItems": true
}
}
}
software/erp5/instance-zeo-schema.json 0 → 100644
View file @ 94026302
{
"$schema": "http://json-schema.org/draft-04/schema#",
"additionalProperties": false,
"properties": {
"backup": {
"description": "'%(backup)s' is expanded to partition's ZODB backup path (typically 'srv/backup/zodb'), and %(name)s with the export id",
"default": "%(backup)s/%(name)s",
"type": "string"
},
"family": {
"description": "Opaque name used to regroup/separate mountpoints under different ZEO processes (must be valid as a file name and as a ConfigParser section name)",
"default": "default",
"pattern": "^[^<>:\"/\\|?*\\]\\[ ]*$",
"type": "string"
},
"path": {
"description": "FileStorage file path, '%(zodb)s' occurrences are replaced with the path to partition's srv/zodb directory, and %(name)s with the export id",
"default": "%(zodb)s/%(name)s.fs",
"type": "string"
}
},
"type": "object"
}
software/erp5testnode/software.cfg
View file @ 94026302
......@@ -59,5 +59,5 @@ md5sum = 22ffc8e212dcf2db8ad94cf0e5ac4772
[versions]
PyXML = 0.8.5
erp5.util = 0.4.42
erp5.util = 0.4.43
slapos.recipe.template = 2.7
software/etherpad-lite/common.cfg
View file @ 94026302
......@@ -63,7 +63,7 @@ output = ${buildout:directory}/template-etherpad-lite.cfg
mode = 0644
[template-conf]
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/templates/${:filename}
mode = 0644
filename = settings.json.in
......@@ -71,7 +71,7 @@ md5sum = 19ab39e6b3256c82fd54ce074488b136
location = ${buildout:parts-directory}/${:_buildout_section_name_}
[template-run-script]
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/templates/${:filename}
mode = 0644
filename = run.sh.in
......
software/etherpad-lite/development.cfg
View file @ 94026302
......@@ -19,7 +19,7 @@ git-executable = ${git:location}/bin/git
[slapos.toolbox-repository]
recipe = slapos.recipe.build:gitclone
repository = http://git.erp5.org/repos/slapos.toolbox.git
repository = https://lab.nexedi.com/nexedi/slapos.toolbox.git
branch = master
git-executable = ${git:location}/bin/git
......
software/etherpad-lite/software.cfg
View file @ 94026302
......@@ -19,7 +19,7 @@ git-executable = ${git:location}/bin/git
[slapos.toolbox-repository]
recipe = slapos.recipe.build:gitclone
repository = http://git.erp5.org/repos/slapos.toolbox.git
repository = https://lab.nexedi.com/nexedi/slapos.toolbox.git
branch = master
git-executable = ${git:location}/bin/git
......
software/html5as/software.cfg
View file @ 94026302
......@@ -35,7 +35,7 @@ md5sum = 41cb6178f760238ca276854873ef9364
mode = 0644
[template_nginx_conf]
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/templates/nginx_conf.in
md5sum = 61dc4c82bf48563228ce4dea6c5c6319
filename = nginx_conf.in
......@@ -43,7 +43,7 @@ mode = 0644
location = ${buildout:parts-directory}/${:_buildout_section_name_}
[template_launcher]
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/templates/launcher.in
md5sum = acf5bb55ceac2e826259d28ed5c1de3a
filename = launcher.in
......@@ -51,7 +51,7 @@ mode = 0644
location = ${buildout:parts-directory}/${:_buildout_section_name_}
[template_downloader]
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/templates/downloader.in
md5sum = 9779e2db6c73d282f802b3407b390ede
filename = downloader.in
......@@ -59,7 +59,7 @@ mode = 0644
location = ${buildout:parts-directory}/${:_buildout_section_name_}
[template_mime_types]
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/templates/mime_types.in
md5sum = 4ef94a7b458d885cd79ba0b930a5727e
filename = mime_types.in
......@@ -75,7 +75,6 @@ rdiff-backup = 1.0.5
slapos.recipe.template = 2.4.2
slapos.toolbox = 0.40.4
smmap = 0.8.2
z3c.recipe.scripts = 1.0.1
plone.recipe.command = 1.1
# Required by:
......@@ -92,4 +91,4 @@ feedparser = 5.1.3
# Required by:
# slapos.toolbox==0.40.2
paramiko = 1.15.2
paramiko = 1.15.3
software/html5ide/software.cfg
View file @ 94026302
......@@ -46,6 +46,5 @@ md5sum = 8cde04bfd0c0e9bd56744b988275cfd8
[versions]
PyRSS2Gen = 1.1
cns.recipe.symlink = 0.2.3
collective.recipe.template = 1.11
plone.recipe.command = 1.1
slapos.recipe.template = 2.7
slapos.recipe.template = 2.8
software/kvm/common.cfg
View file @ 94026302
......@@ -43,7 +43,7 @@ parts =
#XXX-Cedric : add list of keyboard layouts (azerty/us querty/...) parameter to qemu
[eggs]
recipe = z3c.recipe.scripts
recipe = zc.recipe.egg
eggs =
${lxml-python:egg}
websockify
......
software/kvm/development.cfg
View file @ 94026302
......@@ -24,13 +24,13 @@ git-executable = ${git:location}/bin/git
[slapos.core-repository]
recipe = slapos.recipe.build:gitclone
repository = http://git.erp5.org/repos/slapos.core.git
repository = https://lab.nexedi.com/nexedi/slapos.core.git
branch = master
git-executable = ${git:location}/bin/git
[slapos.toolbox-repository]
recipe = slapos.recipe.build:gitclone
repository = http://git.erp5.org/repos/slapos.toolbox.git
repository = https://lab.nexedi.com/nexedi/slapos.toolbox.git
branch = master
git-executable = ${git:location}/bin/git
......@@ -54,4 +54,6 @@ command =
slapos.cookbook =
slapos.core =
slapos.toolbox =
erp5.util =
\ No newline at end of file
erp5.util =
# XXX Fix lockfile 0.11.0 requirement (pbr!=0.7,<1.0,>=0.6)
lockfile = 0.10.2
\ No newline at end of file
software/kvm/instance-kvm-cluster-input-schema.json
View file @ 94026302
......@@ -157,8 +157,7 @@
"type": "integer",
"default": 1024,
"minimum": 128,
"multipleOf": 128,
"maximum": 92160
"multipleOf": 128
},
"disk-size": {
"title": "Disk size",
......@@ -187,8 +186,7 @@
"title": "CPU count",
"description": "Number of CPU cores.",
"type": "integer",
"minimum": 1,
"maximum": 8
"minimum": 1
},
"cpu-options": {
"title": "CPU Additional options: cores, threads, sockets, maxcpus.",
......
software/kvm/instance-kvm-input-schema.json
View file @ 94026302
......@@ -10,8 +10,7 @@
"type": "integer",
"default": 1024,
"minimum": 128,
"multipleOf": 128,
"maximum": 92160
"multipleOf": 128
},
"disk-size": {
"title": "Disk size",
......@@ -33,8 +32,7 @@
"title": "CPU count",
"description": "Number of CPU cores.",
"type": "integer",
"minimum": 1,
"maximum": 8
"minimum": 1
},
"cpu-options": {
"title": "CPU Additional options: cores, threads, sockets, maxcpus.",
......
software/kvm/software.cfg
View file @ 94026302
......@@ -13,10 +13,9 @@ ecdsa = 0.13
gitdb = 0.6.4
plone.recipe.command = 1.1
pycrypto = 2.6.1
slapos.recipe.download = 1.0.dev-r4053
slapos.recipe.template = 2.7
smmap = 0.9.0
erp5.util = 0.4.42
erp5.util = 0.4.43
pycurl = 7.19.5.1
# Required by:
......@@ -45,7 +44,7 @@ numpy = 1.9.2
# Required by:
# slapos.toolbox==0.48
paramiko = 1.15.2
paramiko = 1.15.3
# Required by:
# slapos.toolbox==0.48
......
software/lamp-template/software.cfg
View file @ 94026302
......@@ -12,7 +12,7 @@ md5sum = Student may put here md5sum of this file, this is good idea
strip-top-level-dir = true
[application-template]
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/template/REPLACE_ME_BY_APPLICATION_TEMPLATE_NAME
#md5sum = Student may put here md5sum of this file, this is good idea
filename = template.in
......
software/mariadb/instance-mariadb.cfg
View file @ 94026302
......@@ -53,7 +53,7 @@ mysqld-binary = ${mariadb:location}/bin/mysqld
mysqldump-binary = ${mariadb:location}/bin/mysqldump
gzip-binary = $${buildout:gzip-binary}
zcat-binary = ${gzip:location}/bin/zcat
mysql-tzinfo-to-sql-binary = ${mariadb:location}/bin/mysql_tzinfo_to_sql
[certificate-authority]
recipe = slapos.cookbook:certificate_authority
......
software/mariadb/software.cfg
View file @ 94026302
......@@ -48,7 +48,7 @@ mode = 0644
[instance-mariadb]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-mariadb.cfg
md5sum = d160bb15d8d3a3913706a4ed29c49388
md5sum = 79f86f8c74335b2b9ec81d6a02164cbf
output = ${buildout:directory}/template-mariadb.cfg
mode = 0644
......
software/monitor/cgi-httpd.conf.in
View file @ 94026302
......@@ -34,7 +34,7 @@ Header always set Access-Control-Allow-Origin %{AccessControlAllowOrigin}e env=A
Header set Access-Control-Allow-Credentials "true"
Header set Access-Control-Allow-Methods "PROPFIND, PROPPATCH, COPY, MOVE, DELETE, MKCOL, LOCK, UNLOCK, PUT, GETLIB, VERSION-CONTROL, CHECKIN, CHECKOUT, UNCHECKOUT, REPORT, UPDATE, CANCELUPLOAD, HEAD, OPTIONS, GET, POST"
Header set Access-Control-Allow-Headers "Overwrite, Destination, Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control, Authorization"
Header set Access-Control-Expose-Headers "Content-Disposition, Content-Type, Content-Length, WWW-Authenticate, WWW-Logout, Location, Date, Last-Modified, ETag, Accept-Ranges, Content-Range"
# SSL Configuration
......@@ -78,6 +78,26 @@ Alias /{{ monitor_private_hash }} {{ directory.get('private-directory') }}/
</Files>
</Directory>
{% set slave_list = json_module.loads(slave_information.get('slave_instance_list')) -%}
{% for slave_instance in slave_list -%}
alias /{{ slave_instance.get('slave_reference') }} {{ directory.get('private-directory') }}/network-user-logs/{{ slave_instance.get('slave_reference') }}
<Directory {{ directory.get('private-directory') }}/network-user-logs/{{ slave_instance.get('slave_reference') }}>
Order Allow,Deny
Allow from all
AllowOverride All
Satisfy Any
Options Indexes FollowSymLinks
DirectoryIndex index.html
<Files .htaccess>
order allow,deny
deny from all
</Files>
</Directory>
{% endfor -%}
<Location /rewrite>
AuthType Basic
AuthName "Private access"
......
software/monitor/fluentd-agent.conf.jinja2.in 0 → 100644
View file @ 94026302
# DESTINATION
<match td.*.*>
type tdlog
apikey YOUR_API_KEY
auto_create_table
buffer_type file
buffer_path {{ fluentd_log_directory }}/td-agent/buffer/td
<secondary>
type file
path {{ fluentd_log_directory }}/failed_records
</secondary>
</match>
## match tag=debug.** and dump to console
<match debug.**>
type stdout
</match>
<source>
type tail
path {{ crawl_log_directory }}/*/*ping.log.20*
pos_file {{ crawl_log_directory }}/tail_in_ping.pos
tag slapos.monitor.networktest.ping.ipv4
format /^(?<time>[^;]*);(?<logtype>[^;]*);(?<computer_name>[^;]*);(?<type>[^;]*);(?<name_or_ip>[^;]*);(?<code>[^;]*);(?<average>[^;]*);(?<packet_lost>[^;]*);(?<extra>[^;]*)$/
read_from_head true
</source>
<source>
type tail
path {{ crawl_log_directory }}/*/*ping6.log.20*
pos_file {{ crawl_log_directory }}/tail_in_ping6.pos
tag slapos.monitor.networktest.ping.ipv6
format /^(?<time>[^;]*);(?<logtype>[^;]*);(?<computer_name>[^;]*);(?<type>[^;]*);(?<name_or_ip>[^;]*);(?<code>[^;]*);(?<average>[^;]*);(?<packet_lost>[^;]*);(?<extra>[^;]*)$/
read_from_head true
</source>
<match slapos.monitor.networktest.ping.*>
type copy
{% for slave_instance in slave_instance_list -%}
{% if slave_instance.get("ping_ip_list") -%}
<store>
type grep
regexp1 name_or_ip ^{{ slave_instance.get("ping_ip_list") }}$
add_tag_prefix {{ slave_instance.get("slave_reference") }}
</store>
{% endif -%}
{% if slave_instance.get("ping6_ip_list") -%}
<store>
type grep
regexp1 name_or_ip ^{{ slave_instance.get("ping6_ip_list") }}$
add_tag_prefix {{ slave_instance.get("slave_reference") }}
</store>
{% endif -%}
{% endfor -%}
</match>
{% for slave_instance in slave_instance_list -%}
<match {{ slave_instance.get("slave_reference") }}.slapos.monitor.networktest.ping.ipv6>
type file
path {{ network_user_logs }}/{{ slave_instance.get("slave_reference") }}/ping6/log
append true
include_time_key true
include_tag_key true
format json
</match>
<match {{ slave_instance.get("slave_reference") }}.slapos.monitor.networktest.ping.ipv4>
type file
path {{ network_user_logs }}/{{ slave_instance.get("slave_reference") }}/ping/log
append true
include_time_key true
include_tag_key true
format json
</match>
{% endfor -%}
<source>
type tail
path {{ network_user_logs }}/*/ping*/log/*.log
pos_file {{ crawl_log_directory }}/tail_in_ping6.pos
tag slapos.wendelin.networktest
format json
read_from_head true
</source>
{% set wendelin_streamtool_uri = slapparameter_dict.get('wendelin-streamtool-uri', '') -%}
{% set wendelin_password = slapparameter_dict.get('wendelin-password', '') -%}
{% set wendelin_user = slapparameter_dict.get('wendelin-user', '') -%}
{% if wendelin_streamtool_uri and wendelin_password and wendelin_user -%}
<match slapos.wendelin.networktest>
@type wendelin
@id wendelin_out
streamtool_uri {{ wendelin_streamtool_uri }}
user {{ wendelin_user }}
password {{ wendelin_password }}
buffer_type memory
flush_interval 20s
</match>
{% endif -%}
## SOURCE
<source>
type forward
</source>
## live debugging agent
<source>
type debug_agent
bind 127.0.0.1
port 24230
</source>
software/monitor/instance-monitor-distributor.cfg.jinja2 0 → 100644
View file @ 94026302
[jinja2-template-base]
recipe = slapos.recipe.template:jinja2
rendered = ${buildout:directory}/${:filename}
extra-context =
context =
import json_module json
${:extra-context}
[slave-test-configuration]
<=jinja2-template-base
template = {{ template_json_distributor_test }}
filename = srv/monitor-private/test.json
extensions = jinja2.ext.do
extra-context =
section slave_information slap-parameter
{% set part_list = [] -%}
# Publish information for each slave
{% set directory_list = [] -%}
{% for slave_instance in slave_instance_list -%}
{% set publish_section_title = 'publish-%s' % slave_instance.get('slave_reference') -%}
{% do part_list.append(publish_section_title) -%}
[{{ publish_section_title }}]
recipe = slapos.cookbook:publish
-slave-reference = {{ slave_instance.get('slave_reference') }}
log-access-url = ${monitor-frontend:connection-site_url}/{{ slave_instance.get('slave_reference') }}
log-access-url-v6 = ${monitor-parameters:url}/{{ slave_instance.get('slave_reference') }}
{% endfor %}
{% set data_source_dict = slapparameter_dict.get('data-source', None) -%}
{% set cron_min_count = 0 -%}
{% if data_source_dict %}
{% for entry in data_source_dict -%}
{% set cron_min_count = cron_min_count + 1 -%}
{% set cron_min = cron_min_count%60 -%}
{% do part_list.append('cron-crawl-' + entry) -%}
{% do directory_list.append(entry) -%}
[cron-crawl-{{ entry }}]
<= cron
recipe = slapos.cookbook:cron.d
name = cron-crawler-{{ entry }}
frequency = * * * * *
command = cd ${monitor-directory:crawl-log}/{{ entry }} && ${crawler-bin:wrapper-path} {{ data_source_dict.get(entry) }}
{% endfor %}
{% endif %}
[monitor-directory]
fluentd-log = ${:log}/fluentd
crawl-log = ${:srv}/crawlog
network-user-logs = ${:private-directory}/network-user-logs/
{% for slave_instance in slave_instance_list -%}
user-log-{{ slave_instance.get('slave_reference') }}-folder = ${:private-directory}/network-user-logs/{{ slave_instance.get('slave_reference') }}
user-log-{{ slave_instance.get('slave_reference') }}-ping-folder = ${:private-directory}/network-user-logs/{{ slave_instance.get('slave_reference') }}/ping
user-log-{{ slave_instance.get('slave_reference') }}-ping6-folder = ${:private-directory}/network-user-logs/{{ slave_instance.get('slave_reference') }}/ping6
{% endfor -%}
{% for directory in directory_list %}
{{ '%s = ${:crawl-log}/%s' % (directory, directory) }}
{% endfor %}
[crawler-bin]
recipe = slapos.cookbook:wrapper
command-line =
{{ wget_bin }} --no-check-certificate -l1 -r -nd --timestamp
wrapper-path = ${monitor-directory:bin}/log-crawler
parameters-extra = true
[buildout]
extends = {{ instance_base_monitor }}
parts +=
slave-test-configuration
fluentd-wrapper
{% for part in part_list %}
{{ ' %s' % part }}
{% endfor %}
[fluentd-wrapper]
recipe = slapos.cookbook:wrapper
command-line = {{ fluentd_location }}/bin/fluentd -l ${monitor-directory:log}/fluend.log -c ${fluentd-conf-configuration:rendered}
wrapper-path = ${monitor-directory:service}/fluentd
environment =
GEM_PATH={{ fluentd_location }}/lib/ruby/gems/1.8/
[fluentd-conf-configuration]
recipe = slapos.recipe.template:jinja2
template = {{ fluent_conf_output }}
rendered = ${monitor-directory:etc}/fluentd.cfg
mode = 0744
context =
key slapparameter_dict slap-configuration:configuration
key slave_instance_list slap-parameters:slave-instance-list
key fluentd_log_directory monitor-directory:fluentd-log
key crawl_log_directory monitor-directory:crawl-log
key network_user_logs monitor-directory:network-user-logs
[slap-configuration]
recipe = slapos.cookbook:slapconfiguration.serialised
computer = ${slap-connection:computer-id}
partition = ${slap-connection:partition-id}
url = ${slap-connection:server-url}
key = ${slap-connection:key-file}
cert = ${slap-connection:cert-file}
software/monitor/instance.cfg.in software/monitor/instance-monitor.cfg.jinja2
View file @ 94026302
......@@ -18,68 +18,42 @@ parts =
cgi-httpd-graceful-wrapper
monitor-promise
monitor-instance-log-access
cron-rsync-logs
cron-smart-monitor-logs
cron-network-bench
symlink-re6st-logs
symlink-collected-logs
extends = ${monitor-template:output}
extends = {{ monitor_template_output }}
eggs-directory = ${buildout:eggs-directory}
develop-eggs-directory = ${buildout:develop-eggs-directory}
eggs-directory = {{ eggs_directory }}
develop-eggs-directory = {{ develop_eggs_directory }}
offline = true
[cron-rsync-logs]
<= cron
recipe = slapos.cookbook:cron.d
name = rsync-logs
frequency = * * * * *
command = $${rsync-logs:rendered}
[cron-smart-monitor-logs]
<= cron
recipe = slapos.cookbook:cron.d
name = smartctl-mon
frequency = 11 * * * *
command = $${smartmon-logs:rendered}
[cron-network-bench]
<= cron
recipe = slapos.cookbook:cron.d
name = network-bench-test
frequency = */3 * * * *
command = ${buildout:bin-directory}/networkbench $${network-bench-configuration:rendered} $${monitor-directory:monitor-log}
frequency = */10 * * * *
command = {{ buildout }}/networkbench ${network-bench-configuration:rendered} ${monitor-directory:monitor-log}
[rsync-logs]
recipe = slapos.recipe.template:jinja2
template = ${rsync-logs-script:output}
rendered = $${monitor-directory:bin}/rsync-logs.sh
mode = 0744
context =
key buildout_directory buildout:directory
raw rsync_binary ${rsync:location}/bin/rsync
key server_log_directory monitor-directory:server-log
raw re6st_log_directory /var/log/re6stnet
key system_log_directory monitor-directory:system-log
[symlink-re6st-logs]
recipe = cns.recipe.symlink
symlink = /var/log/re6stnet = ${monitor-directory:system-log}/re6stnet
autocreate = true
[smartmon-logs]
recipe = slapos.recipe.template:jinja2
template = ${smartmon-logs-script:output}
rendered = $${monitor-directory:bin}/smartmon-logs.py
mode = 0744
context =
key buildout_directory buildout:directory
raw smartctl_binary ${smartmontools:location}/sbin/smartctl
key monitor_log_directory monitor-directory:monitor-log
raw python_executable ${buildout:executable}
[symlink-collected-logs]
recipe = cns.recipe.symlink
symlink = /srv/slapgrid/var/data-log = ${monitor-directory:server-log}/data-log
autocreate = true
[network-bench-configuration]
recipe = slapos.recipe.template:jinja2
template = ${network-bench-cfg:output}
rendered = $${monitor-directory:etc}/network_bench.cfg
template = {{ network_benck_cfg_output }}
rendered = ${monitor-directory:etc}/network_bench.cfg
mode = 0744
context =
key slapparameter_dict slap-parameters:configuration
[pwgen]
recipe = slapos.cookbook:generate.password
......@@ -92,38 +66,46 @@ user = admin
bytes = 16
[monitor-directory]
server-log = $${:private-directory}/server-log
monitor-log = $${:private-directory}/monitor-log
cache = $${:var}/cache
mod-ssl = $${:cache}/httpd_mod_ssl
system-log = $${:private-directory}/system-log
server-log = ${:private-directory}/server-log
monitor-log = ${:private-directory}/monitor-log
cache = ${:var}/cache
mod-ssl = ${:cache}/httpd_mod_ssl
system-log = ${:private-directory}/system-log
[slap-parameter]
private-hash = $${pwgen:passwd}$${pwgen32:passwd}
private-hash = ${pwgen:passwd}${pwgen32:passwd}
frontend-domain =
[monitor-frontend]
<= slap-connection
recipe = slapos.cookbook:requestoptional
name = Monitor Frontend
# XXX We have hardcoded SR URL here.
software-url = http://git.erp5.org/gitweb/slapos.git/blob_plain/HEAD:/software/apache-frontend/software.cfg
software-url = product.frontend
software-type = custom-personal
slave = true
config = url domain
config-url = $${monitor-parameters:url}
config-domain = $${slap-parameter:frontend-domain}
config-url = ${monitor-parameters:url}
config-domain = ${slap-parameter:frontend-domain}
return = site_url domain
server-url = ${slap-connection:server-url}
key-file = ${slap-connection:key-file}
cert-file = ${slap-connection:cert-file}
computer-id = ${slap-connection:computer-id}
partition-id = ${slap-connection:partition-id}
[publish-connection-informations]
recipe = slapos.cookbook:publish
monitor_url = $${monitor-parameters:url}
server_log_url = $${:url}$${slap-parameter:private-hash}/
url = $${monitor-frontend:connection-site_url}
monitor_url = ${monitor-parameters:url}
server_log_url = ${:url}${slap-parameter:private-hash}/
url = ${monitor-frontend:connection-site_url}
[monitor-httpd-configuration-file]
context =
import json_module json
section directory monitor-directory
section monitor_parameters monitor-parameters
section httpd_configuration monitor-httpd-configuration
section monitor_rewrite_rule monitor-rewrite-rule
section slave_information slap-parameter
key monitor_private_hash slap-parameter:private-hash
software/monitor/instance.cfg 0 → 100644
View file @ 94026302
[buildout]
parts =
switch_softwaretype
eggs-directory = ${buildout:eggs-directory}
develop-eggs-directory = ${buildout:develop-eggs-directory}
[switch_softwaretype]
recipe = slapos.cookbook:softwaretype
default = $${instance-base-monitor:rendered}
distributor = $${instance-base-distributor:rendered}
[instance-base-monitor]
recipe = slapos.recipe.template:jinja2
template = ${template-monitor:destination}
rendered = $${buildout:directory}/template-monitor.cfg
extensions = jinja2.ext.do
context = key buildout buildout:bin-directory
key develop_eggs_directory buildout:develop-eggs-directory
key eggs_directory buildout:eggs-directory
key slapparameter_dict slap-configuration:configuration
raw monitor_template_output ${monitor-template:output}
raw network_benck_cfg_output ${network-bench-cfg:output}
mode = 0644
[instance-base-distributor]
recipe = slapos.recipe.template:jinja2
template = ${template-monitor-distributor:destination}
rendered = $${buildout:directory}/template-monitor-distributor.cfg
extensions = jinja2.ext.do
context = import json_module json
key buildout buildout:bin-directory
key develop_eggs_directory buildout:develop-eggs-directory
key eggs_directory buildout:eggs-directory
key slapparameter_dict slap-configuration:configuration
key instance_base_monitor instance-base-monitor:rendered
key slave_instance_list slap-configuration:slave-instance-list
raw template_json_distributor_test ${json-test-template:destination}
raw fluent_conf_output ${fluentd-agent-conf:output}
raw fluentd_location ${fluentd:location}
raw wget_bin ${wget:location}/bin/wget
mode = 0644
[slap-configuration]
recipe = slapos.cookbook:slapconfiguration.serialised
computer = $${slap-connection:computer-id}
partition = $${slap-connection:partition-id}
url = $${slap-connection:server-url}
key = $${slap-connection:key-file}
cert = $${slap-connection:cert-file}
software/monitor/json-test-template.json.in.jinja2 0 → 100644
View file @ 94026302
{% set slave_list = json_module.loads(slave_information.get('slave_instance_list')) -%}
{
"id" :
[
{% for slave_instance in slave_list -%}
{% if slave_instance != slave_list[-1] -%}
"{{ slave_instance.get('slave_reference') }}",
{% endif -%}
{% if slave_instance == slave_list[-1] -%}
"{{ slave_instance.get('slave_reference') }}"
{% endif -%}
{% endfor -%}
],
"ipv4" :
[
{% for slave_instance in slave_list -%}
{% if slave_instance.get('ping_ip_list') not in [None, "", "0.0.0.0"] -%}
{% if slave_instance != slave_list[-1] -%}
"{{ slave_instance.get('ping_ip_list') }}",
{% endif %}
{% if slave_instance == slave_list[-1] -%}
"{{ slave_instance.get('ping_ip_list') }}"
{% endif -%}
{% endif -%}
{% endfor -%}
],
"ipv6" :
[
{% for slave_instance in slave_list -%}
{% if slave_instance.get('ping6_ip_list') not in [None, "", "0.0.0.0"] -%}
{% if slave_instance != slave_list[-1] -%}
"{{ slave_instance.get('ping6_ip_list') }}",
{% endif -%}
{% if slave_instance == slave_list[-1] -%}
"{{ slave_instance.get('ping6_ip_list') }}"
{% endif -%}
{% endif -%}
{% endfor -%}
],
"url" :
[
{% for slave_instance in slave_list -%}
{% if slave_instance.get('test_http_url_list') not in [None, ""] -%}
{% if slave_instance != slave_list[-1] -%}
"{{ slave_instance.get('test_http_url_list') }}",
{% endif -%}
{% if slave_instance == slave_list[-1] -%}
"{{ slave_instance.get('test_http_url_list') }}"
{% endif -%}
{% endif -%}
{% endfor -%}
],
"dns" :
[
{% for slave_instance in slave_list -%}
{% if slave_instance.get('test_name_list') not in [None, ""] -%}
{% if slave_instance != slave_list[-1] -%}
"{{ slave_instance.get('test_name_list') }}",
{% endif -%}
{% if slave_instance == slave_list[-1] -%}
"{{ slave_instance.get('test_name_list') }}"
{% endif -%}
{% endif -%}
{% endfor -%}
]
}
software/monitor/network_bench.cfg deleted 100644 → 0
View file @ 47a68bf7
[network_bench]
url =
http://www.tiolive.com/robots.txt
http://www.erp5.com/robots.txt
http://www.erp5.cn/robots.txt
http://www.nexedi.cn/robots.txt
http://www.osoe-project.cn/robots.txt
http://www.nexedi.cn/robots.txt
http://www.osoe-project.org/robots.txt
http://www.osoe-project.cn/robots.txt
http://www.google.com/robots.txt
http://ipv6.google.com/robots.txt
https://[2001:67c:1254:e:a7::2e20]:9685/monitor-public/rssfeed.html
https://[2001:67c:1254:69::115c]:9685/monitor-public/rssfeed.html
https://[2001:67c:1254:8a::2621]:9685/monitor-public/rssfeed.html
https://[2001:67c:1254:e:c7::89ae]:9685/monitor-public/rssfeed.html
https://[2001:67c:1254:e:93::2e31]:9685/monitor-public/rssfeed.html
https://[2001:67c:1254:1f::2723]:9685/monitor-public/rssfeed.html
https://[2001:41d0:1:a78b::3c2a]:9685/monitor-public/rssfeed.html
http://[2001:67c:1254:4::1]/index.html
dns =
erp5.com
www.erp5.com
erp5.cn
www.erp5.cn
nexedi.cn
www.nexedi.com
www.nexedi.cn
www.osoe-project.org
www.osoe-project.cn
free.fr
google.com
ping =
erp5.com
erp5.cn
google.com
free.fr
frontend1.nexedi.com
frontend2.nexedi.com
frontend3.nexedi.cn
42.192.4.15
195.208.185.22
software/monitor/network_bench.cfg.in 0 → 100644
View file @ 94026302
[network_bench]
{% if slapparameter_dict.get('test_distributor_url', '') not in ["", None] %}
test_distributor_url = {{ slapparameter_dict.get('test_distributor_url', '') }}
{% endif %}
url =
{{ slapparameter_dict.get('test_http_url_list', '').split('\n') | join('\n ') }}
dns =
{{ slapparameter_dict.get('test_name_list', '').split('\n') | join('\n ') }}
ping =
{{ slapparameter_dict.get('ping_ip_list', '').split('\n') | join('\n ') }}
ping6 =
{{ slapparameter_dict.get('ping6_ip_list', '').split('\n') | join('\n ') }}
\ No newline at end of file
software/monitor/rsync-logs.sh.in deleted 100644 → 0
View file @ 47a68bf7
#!${dash-output:dash}
RSYNC_BIN={{ rsync_binary }}
SLAPGRID_LOGS={{ buildout_directory }}/../var/data-log/
RE6STLOGS={{ re6st_log_directory }}
SYSTEMLOGS={{ system_log_directory }}
SERVERLOGS={{ server_log_directory }}
$RSYNC_BIN -a --delete $SLAPGRID_LOGS $SERVERLOGS
if [ -d $RE6STLOGS ]; then
$RSYNC_BIN -a --delete $RE6STLOGS $SYSTEMLOGS
fi
software/monitor/smartmon.py.in deleted 100644 → 0
View file @ 47a68bf7
#!{{ python_executable }}
SMARCTBIN={{ smartctl_binary }}
LOGFOLDER={{ monitor_log_directory }}
import subprocess
import logging
import os
logger = logging.getLogger("SMARTMON")
logger.setLevel(logging.DEBUG)
ch = logging.FileHandler(os.path.join(LOGFOLDER, "smartmontools.log"))
ch.setLevel(logging.DEBUG)
formatter = logging.Formatter('%(asctime)s - %(levelname)s - %(message)s')
ch.setFormatter(formatter)
logger.addHandler(ch)
def _call(cmd):
p = subprocess.Popen(
cmd,
stdout=subprocess.PIPE,
stdin=subprocess.PIPE,
shell=True)
return p.communicate()
def get_disk_list():
output, err = _call("%s --scan" % SMARCTBIN)
disk_list = []
for line in output.split("\n"):
if line != '':
disk_path = line.split(" ")[0]
if disk_path.startswith("/dev/"):
disk_list.append(disk_path)
return disk_list
logger.debug("Starting new Data collection.")
disk_list = get_disk_list()
logger.debug("Identified disks: %s" % disk_list)
for disk in disk_list:
logger.info("Starting test for %s" % disk)
output, err = _call("%s --all %s" % (SMARCTBIN, disk))
for l in output.split("\n"):
logger.info("%s - %s" % (disk, l))
if err is not None:
logger.warning(err)
logger.debug("Stopped to Collect Data.")
software/monitor/software.cfg
View file @ 94026302
[buildout]
extends =
../../component/pycurl/buildout.cfg
../../component/wget/buildout.cfg
../../stack/monitor/buildout.cfg
../../stack/slapos.cfg
../../component/rsync/buildout.cfg
../../component/smartmontools/buildout.cfg
../../component/lmsensors/buildout.cfg
../../component/fluentd/buildout.cfg
../../stack/slapos.cfg
parts =
wget
slapos-cookbook
slapos-toolbox
network-bench-cfg
json-test-template
template
template-monitor-distributor
template-monitor
eggs
rsync
smartmontools
lmsensors
fluentd
fluentd-agent-conf
[template]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance.cfg.in
output = ${buildout:directory}/instance.cfg
md5sum = 184a27424b48514cfe9374e881e1cc0c
url = ${:_profile_base_location_}/instance.cfg
output = ${buildout:directory}/template.cfg
md5sum = b38c5da7dd4165154a8817f76015e374
mode = 0644
[template-monitor]
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/instance-monitor.cfg.jinja2
destination = ${buildout:directory}/template-monitor.cfg
md5sum = 810ed8199682068e27b62659d7fa101f
mode = 0644
[template-monitor-distributor]
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/instance-monitor-distributor.cfg.jinja2
destination = ${buildout:directory}/template-monitor-distributor.cfg
md5sum = d1253cf11c2b335b8bec5807e821d537
mode = 0644
[json-test-template]
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/json-test-template.json.in.jinja2
destination = ${buildout:directory}/json-test-template.json.in.jinja2
md5sum = d9c576a2182fc429416aec892fe080f2
mode = 0644
# stupify index for now
[index]
url = ${:_profile_base_location_}/${:filename}
......@@ -32,41 +56,40 @@ md5sum = 876f18b159fbd9325332d0f42e9172ac
[monitor-httpd-template]
url = ${:_profile_base_location_}/${:filename}
md5sum = 1f30b17f5ea11fd033984d17c38bcfd3
md5sum = 22133e9aa5f52d7818b2fd1fd0415a00
[rsync-logs-script]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/rsync-logs.sh.in
md5sum = 8828868268a6f9761eccbcec1660cc9a
output = ${buildout:directory}/template-rsync-logs.sh.in
mode = 0644
[smartmon-logs-script]
[network-bench-cfg]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/smartmon.py.in
md5sum = a3ea2604abf53067af1b952b278fba94
output = ${buildout:directory}/template-smartmon-logs.py.in
url = ${:_profile_base_location_}/network_bench.cfg.in
md5sum = cfcbf2002b8eff5153e2bf68ed24b720
output = ${buildout:directory}/template-network-bench-cfg.in
mode = 0644
[network-bench-cfg]
[fluentd-agent-conf]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/network_bench.cfg
md5sum = 44f8db5fca5e16ae87f570623a3ad0b4
output = ${buildout:directory}/template-network-bench-cfg.in
url = ${:_profile_base_location_}/fluentd-agent.conf.jinja2.in
md5sum = c9da9f22a1cd1fedcf7d659cba916400
output = ${buildout:directory}/fluentd-agent.conf.jinja2.in
mode = 0644
[slapos-toolbox]
recipe = zc.recipe.egg
eggs =
${lxml-python:egg}
${pycurl:egg}
slapos.toolbox
scripts =
networkbench
onetimedownload
[fluentd]
gems +=
fluent-plugin-wendelin==0.1.alpha1
fluent-plugin-grep==0.3.4
[eggs]
recipe = z3c.recipe.scripts
recipe = zc.recipe.egg
eggs =
cns.recipe.symlink
slapos.cookbook
......@@ -79,27 +102,37 @@ PyRSS2Gen = 1.1
cns.recipe.symlink = 0.2.3
plone.recipe.command = 1.1
slapos.recipe.template = 2.7
z3c.recipe.scripts = 1.0.1
rubygemsrecipe = 0.2.1
pycurl = 7.19.5.1
apache-libcloud = 0.16.0
ecdsa = 0.11
gitdb = 0.6.0
pycrypto = 2.6.1
slapos.toolbox = 0.45.1
slapos.toolbox = 0.52
smmap = 0.8.3
# Required by:
# slapos.toolbox==0.45.1
# slapos.toolbox==0.52
GitPython = 0.3.2.1
# Required by:
# slapos.toolbox==0.45.1
# slapos.toolbox==0.52
atomize = 0.2.0
# Required by:
# slapos.toolbox==0.45.1
# slapos.toolbox==0.52
feedparser = 5.1.3
# Required by:
# slapos.toolbox==0.45.1
paramiko = 1.15.2
# slapos.toolbox==0.52
paramiko = 1.15.3
# Required by:
# slapos.toolbox==0.52
lockfile = 0.10.2
# Required by:
# slapos.toolbox==0.52
rpdb = 0.1.5
software/neoppod/README.txt deleted 100644 → 0
View file @ 47a68bf7
Software types
==============
Which software type is an entry point and can be used for root software
instance.
Parameters are expected to be passed as of *.serialised recipes expect them.
Minimal parameters::
```
<?xml version='1.0' encoding='utf-8'?>
<instance>
<parameter id="_">{
"cluster": "dummy",
}</parameter>
</instance>
```
For each available key in the outmost dict are described below.
default (default)
-----------------
Deploy a NEO cluster.
'cluster' (str, mandatory)
~~~~~~~~~~~~~~~~~~~~~~~~~~
Cluster unique identifier. Your last line of defense against mixing up neo
clusters and corrupting your data. Choose a unique value for each of your
cluster.
'partitions' (int, optional)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Number of partitions. You cannot change this value once you created a cluster.
Defautls to 12.
'replicas' (int, optional)
~~~~~~~~~~~~~~~~~~~~~~~~~~
Number of replicates.
Defaults to 0 (no resilience).
'mysql-storage-count' (int, optional)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Number of MySQL-based storage nodes to deploy. One master node is deployed
along with each storage.
Defaults to 1.
'admin-count' (int, optional)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Number of admin nodes to deploy.
Defaults to 1.
software/neoppod/cluster.cfg.in
View file @ 94026302
{% if slap_software_type not in (
mysql_storage_software_type,
admin_software_type,
) -%}
{% macro section(name) %}{% do part_list.append(name) %}{{ name }}{% endmacro -%}
{% set part_list = [] -%}
{% set master_list = [] -%}
{% set admin_list = [] -%}
[request-common]
recipe = slapos.cookbook:request
software-url = ${slap-connection:software-release-url}
sla-computer_guid = ${slap-connection:computer-id}
server-url = ${slap-connection:server-url}
key-file = ${slap-connection:key-file}
cert-file = ${slap-connection:cert-file}
computer-id = ${slap-connection:computer-id}
partition-id = ${slap-connection:partition-id}
config-cluster = {{ slapparameter_dict['cluster'] }}
[node-base]
< = request-common
config-masters = ${all-masters:addresses}
[mysql-storage-base]
< = request-common
config-partitions = {{ slapparameter_dict.get('partitions', 12) }}
config-replicas = {{ slapparameter_dict.get('replicas', 0) }}
software-type = {{ mysql_storage_software_type }}
{% import "root_common" as common_macro with context %}
[mysql-storage-request-base]
< = mysql-storage-base
return = master
[admin-base]
< = node-base
return = admin
software-type = {{ admin_software_type }}
[request-common]
<= request-common-base
{{ common_macro.request_neo(slapparameter_dict, 'neo', 'node-') }}
[publish]
recipe = slapos.cookbook:publish
masters = ${all-masters:addresses}
admins = ${all-admins:addresses}
{% for node_number in range(slapparameter_dict.get('mysql-storage-count', 1)) -%}
{% set section_id = 'storage-%i' % (node_number, ) -%}
{% set final_section_id = 'final-' ~ section_id -%}
{% do master_list.append(section_id) -%}
[{{ section_id }}]
< = mysql-storage-request-base
name = {{ section_id }}
[{{ section(final_section_id) }}]
< = mysql-storage-base
node-base
name = {{ section_id }}
{% endfor -%}
{% for node_number in range(slapparameter_dict.get('admin-count', 1)) -%}
{% set section_id = 'admin-%i' % (node_number, ) -%}
{% do admin_list.append(section_id)%}
[{{ section(section_id) }}]
< = admin-base
name = {{ section_id }}
{% endfor -%}
[buildout]
parts =
{{ part_list | join('\n\t') }}
publish
eggs-directory = {{ eggs_directory }}
develop-eggs-directory = {{ develop_eggs_directory }}
offline = true
[all-masters]
addresses = {% for master in master_list -%}
{{ '${' + master + ':connection-master}' -}}
{% if not loop.last %} {% endif -%}
{% endfor %}
[all-admins]
addresses = {% for admin in admin_list -%}
{{ '${' + admin + ':connection-admin}' -}}
{% if not loop.last %} {% endif -%}
{% endfor %}
{% endif -%}
recipe = slapos.cookbook:publish.serialised
neo-masters = ${node-0-final:connection-masters}
neo-admins = ${node-0-final:connection-admins}
{{ common_macro.common_section() }}
software/neoppod/instance-common.cfg.in 0 → 100644
View file @ 94026302
[buildout]
parts = switch-softwaretype
eggs-directory = {{ eggs_directory }}
develop-eggs-directory = {{ develop_eggs_directory }}
[slap-configuration]
recipe = slapos.cookbook:slapconfiguration.serialised
computer = ${slap-connection:computer-id}
partition = ${slap-connection:partition-id}
url = ${slap-connection:server-url}
key = ${slap-connection:key-file}
cert = ${slap-connection:cert-file}
[jinja2-template-base]
recipe = slapos.recipe.template:jinja2
filename = ${:_buildout_section_name_}.cfg
rendered = ${buildout:parts-directory}/${:_buildout_section_name_}/${:filename}
extensions = jinja2.ext.do
extra-context =
context =
key ipv4_set slap-configuration:ipv4
key ipv6_set slap-configuration:ipv6
key slapparameter_dict slap-configuration:configuration
raw logrotate_cfg {{ template_logrotate_base }}
raw bin_directory {{ bin_directory }}
${:extra-context}
[neo-admin]
<= jinja2-template-base
template = {{ neo_admin }}
[neo-master]
<= jinja2-template-base
template = {{ neo_master }}
[neo-storage-mysql]
<= jinja2-template-base
template = {{ neo_storage_mysql }}
extra-context =
key master_cfg neo-master:rendered
key admin_cfg neo-admin:rendered
raw mariadb_location {{ mariadb_location }}
raw template_neo_my_cnf {{ template_neo_my_cnf }}
software/neoppod/instance-logrotate-base.cfg.in 0 → 100644
View file @ 94026302
[buildout]
parts =
cron-entry-logrotate
[cron]
recipe = slapos.cookbook:cron
cron-entries = ${logrotate-directory:cron-entries}
dcrond-binary = {{ dcron_location }}/sbin/crond
crontabs = ${logrotate-directory:crontabs}
cronstamps = ${logrotate-directory:cronstamps}
catcher = ${cron-simplelogger:wrapper}
binary = ${logrotate-directory:services}/crond
[cron-simplelogger]
recipe = slapos.cookbook:simplelogger
wrapper = ${logrotate-directory:bin}/cron_simplelogger
log = ${logrotate-directory:log}/cron.log
[logrotate]
recipe = slapos.cookbook:logrotate
logrotate-entries = ${logrotate-directory:logrotate-entries}
backup = ${logrotate-directory:logrotate-backup}
logrotate-binary = {{ logrotate_location }}/usr/sbin/logrotate
gzip-binary = {{ gzip_location }}/bin/gzip
gunzip-binary = {{ gzip_location }}/bin/gunzip
wrapper = ${logrotate-directory:bin}/logrotate
conf = ${logrotate-directory:etc}/logrotate.conf
state-file = ${logrotate-directory:srv}/logrotate.status
[cron-entry-logrotate]
recipe = slapos.cookbook:cron.d
cron-entries = ${cron:cron-entries}
name = logrotate
frequency = 0 0 * * *
command = ${logrotate:wrapper}
[logrotate-directory]
recipe = slapos.cookbook:mkdirectory
cron-entries = ${:etc}/cron.d
cronstamps = ${:etc}/cronstamps
crontabs = ${:etc}/crontabs
logrotate-backup = ${:backup}/logrotate
logrotate-entries = ${:etc}/logrotate.d
bin = ${buildout:directory}/bin
srv = ${buildout:directory}/srv
backup = ${:srv}/backup
etc = ${buildout:directory}/etc
services = ${:etc}/run
log = ${buildout:directory}/var/log
software/neoppod/instance-neo-admin.cfg.in
View file @ 94026302
[buildout]
parts =
neo-admin-run-wrapper
parts +=
neo-admin-promise
eggs-directory = {{eggs_directory}}
develop-eggs-directory = {{develop_eggs_directory}}
offline = true
logrotate-admin
[neo-admin]
recipe = slapos.cookbook:neoppod.admin
binary = {{bin_directory}}/neoadmin
wrapper = ${directory:bin}/neoadmin
wrapper = ${directory:etc_run}/neoadmin
logfile = ${directory:log}/neoadmin.log
ip = ${publish:ip}
port = ${publish:port}
cluster = ${slap-parameter:cluster}
masters = ${slap-parameter:masters}
[publish]
recipe = slapos.cookbook:publish
# TODO: make port a partition parameter
# TODO: stop using slap-network-information
ip = [${slap-network-information:global-ipv6}]
port = 10002
admin = ${:ip}:${:port}
[neo-admin-run-wrapper]
recipe = slapos.cookbook:symbolic.link
target-directory = ${directory:run}
link-binary = ${neo-admin:wrapper}
[directory]
recipe = slapos.cookbook:mkdirectory
promises = ${buildout:directory}/etc/promises
run = ${buildout:directory}/etc/run
log = ${buildout:directory}/var/log
bin = ${buildout:directory}/bin
port = ${publish:port-admin}
ssl = {{ dumps(bool(slapparameter_dict['ssl'])) }}
cluster = {{ dumps(slapparameter_dict['cluster']) }}
masters = ${publish:masters}
[neo-admin-promise]
recipe = slapos.cookbook:check_port_listening
hostname = ${neo-admin:ip}
port = ${neo-admin:port}
path = ${directory:promises}/neo-admin-promise
[logrotate-admin]
recipe = slapos.cookbook:logrotate.d
logrotate-entries = ${logrotate:logrotate-entries}
backup = ${logrotate:backup}
name = neo-admin
log = ${neo-admin:logfile}
post = {{ bin_directory }}/slapos-kill -n neoadmin -s RTMIN+1 ${:log}
software/neoppod/instance-neo-input-schema.json 0 → 100644
View file @ 94026302
{
"$schema": "http://json-schema.org/draft-04/schema#",
"description": "Parameters to instantiate a NEO cluster. See https://git.erp5.org/gitweb/neoppod.git/blob/HEAD:/neo.conf?js=1 for more information.",
"additionalProperties": false,
"required": ["cluster"],
"properties": {
"cluster": {
"description": "Cluster unique identifier. Your last line of defense against mixing up NEO clusters and corrupting your data. Choose a unique value for each of your cluster.",
"type": "string"
},
"partitions": {
"description": "Number of partitions. You cannot change this value once you created a cluster.",
"default": 12,
"type": "integer"
},
"replicas": {
"description": "Number of replicates.",
"default": 0,
"type": "integer"
},
"upstream-cluster": {
"description": "Identifier of the cluster to backup.",
"type": "string"
},
"upstream-masters": {
"description": "Master nodes in the cluster to backup.",
"type": "string"
},
"sla-dict": {
"description": "[NEO SR only] Where to request instances. Each key is a query string for criterions (e.g. \"computer_guid=foo\"), and each value is a list of partition references ('node-0', 'node-1', ...).",
"additionalProperties": {
"type": "array",
"items": { "type": "string" },
"uniqueItems": true
},
"type": "object"
},
"ssl": {
"description": "Enable SSL. All nodes look for 3 files in ~/etc: ca.crt, neo.crt, neo.key. Waiting that SlapOS provides a way to manage certificates, the user must deploy them manually, or use the temporary _ca/_cert/_key parameters.",
"default": true,
"type": "boolean"
},
"_ca": {
"type": "string"
},
"_cert": {
"type": "string"
},
"_key": {
"type": "string"
},
"node-list": {
"description": "List of dictionaries containing parameters for each node.",
"items": {
"description": "Dictionary containing parameters required to configure individual nodes.",
"default": {},
"properties": {
"admin": {
"description": "Port of admin node. 0 to disable.",
"default": 2050,
"type": "integer"
},
"master": {
"description": "Port of master node. 0 to disable.",
"default": 2051,
"type": "integer"
},
"storage-count": {
"description": "Number of storage nodes to deploy. One master and one admin node is deployed with each storage.",
"default": 1,
"type": "integer"
},
"mysql": {
"description": "Dictionary containing parameters for MySQL.",
"default": {},
"properties": {
"relaxed-writes": {
"description": "When enabled, sets innodb_flush_log_at_trx_commit = 0, innodb_flush_method = nosync, innodb_doublewrite = 0 and sync_frm = 0 - RTFM, those options are dangerous",
"default": false,
"type": "boolean"
}
},
"additionalProperties": {
"description": "To configure important parameters like innodb_buffer_pool_size, tokudb_cache_size, etc.",
"type": "string"
},
"type": "object"
},
"engine": {
"description": "Configures storage engine, currently only InnoDB and TokuDB are supported. Defaults to NEO's default.",
"type": "string"
}
},
"type": "object"
},
"type": "array"
}
},
"type": "object"
}
software/neoppod/instance-neo-master.cfg.in
View file @ 94026302
[buildout]
parts =
neo-master-run-wrapper
parts +=
neo-master-promise
eggs-directory = {{eggs_directory}}
develop-eggs-directory = {{develop_eggs_directory}}
offline = true
logrotate-master
[neo-master]
recipe = slapos.cookbook:neoppod.master
binary = {{bin_directory}}/neomaster
wrapper = ${directory:bin}/neomaster
wrapper = ${directory:etc_run}/neomaster
logfile = ${directory:log}/neomaster.log
ip = ${publish:ip}
port = ${publish:port}
cluster = ${slap-parameter:cluster}
partitions = ${slap-parameter:partitions}
replicas = ${slap-parameter:replicas}
masters = ${slap-parameter:masters}
[publish]
recipe = slapos.cookbook:publish
# TODO: make port a partition parameter
# TODO: stop using slap-network-information
ip = [${slap-network-information:global-ipv6}]
port = 10000
master = ${:ip}:${:port}
[neo-master-run-wrapper]
recipe = slapos.cookbook:symbolic.link
target-directory = ${directory:run}
link-binary = ${neo-master:wrapper}
[directory]
recipe = slapos.cookbook:mkdirectory
promises = ${buildout:directory}/etc/promises
run = ${buildout:directory}/etc/run
log = ${buildout:directory}/var/log
bin = ${buildout:directory}/bin
port = ${publish:port-master}
ssl = {{ dumps(bool(slapparameter_dict['ssl'])) }}
cluster = {{ dumps(slapparameter_dict['cluster']) }}
partitions = {{ slapparameter_dict['partitions'] }}
replicas = {{ slapparameter_dict['replicas'] }}
upstream-cluster = {{ dumps(slapparameter_dict['upstream-cluster']) }}
upstream-masters = {{ dumps(slapparameter_dict['upstream-masters']) }}
autostart = {{ slapparameter_dict['autostart'] }}
# "masters" parameter is not provided when just requesting a partition.
# No actual installation takes place at that time
# (slapos.cookbook:neoppod.master raises), but cfg expansion must succeed. So
# this default value is required.
masters = ${publish:masters}
[neo-master-promise]
recipe = slapos.cookbook:check_port_listening
......@@ -44,9 +29,10 @@ hostname = ${neo-master:ip}
port = ${neo-master:port}
path = ${directory:promises}/neo-master-promise
[slap-parameter]
# "masters" parameter is not provided when just requesting a partition.
# No actuall installation takes place at that time
# (slapos.cookbook:neoppod.master raises), but cfg expansion must succeed. So
# this default value is required.
masters =
[logrotate-master]
recipe = slapos.cookbook:logrotate.d
logrotate-entries = ${logrotate:logrotate-entries}
backup = ${logrotate:backup}
name = neo-master
log = ${neo-master:logfile}
post = {{ bin_directory }}/slapos-kill -n neomaster -s RTMIN+1 ${:log}
software/neoppod/instance-neo-output-schema.json 0 → 100644
View file @ 94026302
{
"$schema": "http://json-schema.org/draft-04/schema#",
"description": "Values returned by NEO instantiation",
"properties": {
"masters": {
"description": "Connection parameters of all the master nodes",
"type": "string"
},
"admins": {
"description": "Connection parameters of all the admin nodes",
"type": "string"
}
},
"type": "object"
}
software/neoppod/instance-neo-storage-mysql.cfg.in
View file @ 94026302
[buildout]
extends = {{ master_cfg }}
parts += neo-storage-run-wrapper
[mariadb-instance]
recipe = slapos.cookbook:generic.mysql
user = user
database = neo
{% macro section(name) %}{% do part_list.append(name) %}{{ name }}{% endmacro -%}
{% set part_list = [] -%}
{% set init_list = [] -%}
conf-file = ${directory:etc}/mariadb.cnf
# No networking (ip & port options)
[mysqld]
recipe = slapos.cookbook:generic.mysql.wrap_mysqld
output = ${directory:etc_run}/mariadb
binary = ${:mysql-base-directory}/bin/mysqld
configuration-file = ${my-cnf:rendered}
data-directory = ${directory:srv_mariadb}
bin-directory = ${directory:bin}
pid-file = ${directory:var_run}/mariadb.pid
mysql-install-binary = ${:mysql-base-directory}/scripts/mysql_install_db
mysql-base-directory = {{ mariadb_location }}
[my-cnf-parameters]
socket = ${directory:var_run}/mariadb.sock
data-directory = ${mysqld:data-directory}
pid-file = ${directory:var_run}/mariadb.pid
error-log = ${directory:log}/mariadb_error.log
slow-query-log = ${directory:log}/mariadb_slowquery.log
extra-dict = {{ dumps(slapparameter_dict.get('mysql', {})) }}
init-file = ${init-script:rendered}
wrapper = ${directory:etc_run}/mariadb
update-wrapper = ${directory:etc_run}/mariadb_update
mysql-base-directory = {{ mariadb_location }}
mysql-binary = {{ mariadb_location }}/bin/mysql
mysql-install-binary = {{ mariadb_location }}/scripts/mysql_install_db
mysql-upgrade-binary = {{ mariadb_location }}/bin/mysql_upgrade
mysqld-binary = {{ mariadb_location }}/bin/mysqld
[my-cnf]
recipe = slapos.recipe.template:jinja2
extensions = jinja2.ext.do
rendered = ${directory:etc}/mariadb.cnf
template = {{ template_neo_my_cnf }}
context = section parameter_dict my-cnf-parameters
{% set master_list = [] -%}
{% set admin_list = [] -%}
{% for k, v in slapparameter_dict.iteritems() -%}
{% if k.startswith('master-') and v -%}
{% do master_list.append(v) -%}
{% endif -%}
{% if k.startswith('admin-') and v -%}
{% do admin_list.append(v) -%}
{% endif -%}
{% endfor -%}
mroonga =
[publish]
recipe = slapos.cookbook:publish.serialised
# TODO: make port a partition parameter
ip = {{ "[%s]" % list(ipv6_set)[0] if ipv6_set else list(ipv4_set)[0] }}
{% set admin = slapparameter_dict.get('admin', 2050) -%}
{% set master = slapparameter_dict.get('master', 2051) -%}
{% if master -%}
port-master = {{ master }}
master = ${:ip}:${:port-master}
{% else -%}
master =
{% endif -%}
{% if admin -%}
port-admin = {{ admin }}
admin = ${:ip}:${:port-admin}
{% else -%}
admin =
{% endif -%}
masters = {{ ' '.join(sorted(master_list)) }}
{%- if admin_list %}
admins = {{ ' '.join(sorted(admin_list)) }}
{%- endif %}
{#- Hack to deploy SSL certs via instance parameters #}
{%- for name, pem in zip(('ca.crt', 'neo.crt', 'neo.key'),
slapparameter_dict['ssl']) %}
{%- if pem %}
[{{ section(name) }}]
recipe = slapos.recipe.template:jinja2
rendered = ${directory:etc}/{{name}}
template = inline:{{'{{'}}pem}}
context = key pem :pem
pem = {{dumps(pem)}}
{%- endif %}
{%- endfor %}
{#- endhack #}
[neo-storage]
recipe = slapos.cookbook:neoppod.storage
binary = {{ bin_directory }}/neostorage
wrapper = ${directory:bin}/neostorage
logfile = ${directory:log}/neostorage.log
ip = [${slap-network-information:global-ipv6}]
cluster = ${slap-parameter:cluster}
masters = ${slap-parameter:masters}
ip = ${publish:ip}
ssl = {{ dumps(bool(slapparameter_dict['ssl'])) }}
cluster = {{ dumps(slapparameter_dict['cluster']) }}
masters = ${publish:masters}
database-adapter = MySQL
database-parameters = ${mariadb-instance:user}:${mariadb-instance:password}@${mariadb-instance:database}${mariadb-instance:socket}
wait-database = 60
engine = {{ slapparameter_dict.get('engine', '') }}
[logrotate-storage]
recipe = slapos.cookbook:logrotate.d
logrotate-entries = ${logrotate:logrotate-entries}
backup = ${logrotate:backup}
{% for i in range(slapparameter_dict.get('storage-count', 1)) -%}
{% set storage_id = 'neo-storage-' ~ i -%}
[{{ section(storage_id) }}]
< = neo-storage
wrapper = ${directory:etc_run}/{{ 'neostorage-' ~ i }}
logfile = ${directory:log}/{{ 'neostorage-' ~ i }}.log
{% do init_list.append('CREATE DATABASE IF NOT EXISTS neo' ~ i ~ ';') -%}
database-parameters = root@neo{{ i }}${my-cnf-parameters:socket}
[neo-storage-run-wrapper]
recipe = slapos.cookbook:symbolic.link
target-directory = ${directory:etc_run}
link-binary = ${neo-storage:wrapper}
[{{ section('logrotate-storage-' ~ i) }}]
< = logrotate-storage
name = {{ storage_id }}
log = {{ '${' + storage_id + ':logfile}' }}
post = {{ bin_directory }}/slapos-kill -n neostorage -s RTMIN+1 ${:log}
{% endfor -%}
[init-script]
recipe = slapos.recipe.template:jinja2
# XXX: is there a better location ?
rendered = ${directory:etc}/mariadb_initial_setup.sql
template = inline:
{{ init_list | join('\n\t') }}
[directory]
recipe = slapos.cookbook:mkdirectory
promises = ${buildout:directory}/etc/promises
bin = ${buildout:directory}/bin
etc = ${buildout:directory}/etc
var = ${buildout:directory}/var
etc_run = ${:etc}/run
var_run = ${:var}/run
srv_mariadb = ${buildout:directory}/srv/mariadb
log = ${buildout:directory}/var/log
[logrotate-mysql]
recipe = slapos.cookbook:logrotate.d
logrotate-entries = ${logrotate:logrotate-entries}
backup = ${logrotate:backup}
name = mariadb
log = ${my-cnf-parameters:error-log} ${my-cnf-parameters:slow-query-log}
post = ${mysqld:mysql-base-directory}/bin/mysql --defaults-file="${my-cnf:rendered}" -e "FLUSH LOGS"
[buildout]
extends =
{{ logrotate_cfg }}
{%- if master %}
{{ master_cfg }}
{%- endif %}
{%- if admin %}
{{ admin_cfg }}
{%- endif %}
parts +=
{{ '\n '.join(part_list) }}
logrotate-mysql
software/neoppod/instance.cfg.in
View file @ 94026302
{% set admin_software_type = 'neo-admin' -%}
{% set mysql_storage_software_type = 'neo-storage-mysql' -%}
[buildout]
parts = switch-softwaretype
eggs-directory = {{ eggs_directory }}
develop-eggs-directory = {{ develop_eggs_directory }}
offline = true
extends = {{ instance_common_cfg }}
[slap-connection]
computer-id = ${slap_connection:computer_id}
partition-id = ${slap_connection:partition_id}
server-url = ${slap_connection:server_url}
software-release-url = ${slap_connection:software_release_url}
key-file = ${slap_connection:key_file}
cert-file = ${slap_connection:cert_file}
[slap-configuration]
recipe = slapos.cookbook:slapconfiguration.serialised
computer = ${slap-connection:computer-id}
partition = ${slap-connection:partition-id}
url = ${slap-connection:server-url}
key = ${slap-connection:key-file}
cert = ${slap-connection:cert-file}
[jinja2-template-base]
rendered = ${buildout:parts-directory}/${:_buildout_section_name_}.cfg
[neo-cluster]
recipe = slapos.recipe.template:jinja2
<= jinja2-template-base
template = {{ cluster }}
rendered = ${buildout:parts-directory}/${:_buildout_section_name_}/cluster.cfg
extensions = jinja2.ext.do
context =
key eggs_directory buildout:eggs-directory
key develop_eggs_directory buildout:develop-eggs-directory
key slap_software_type slap-configuration:slap-software-type
key slapparameter_dict slap-configuration:configuration
raw admin_software_type {{ admin_software_type }}
raw mysql_storage_software_type {{ mysql_storage_software_type }}
extra-context =
import urlparse urlparse
import-list =
rawfile root_common {{ root_common }}
[switch-softwaretype]
recipe = slapos.cookbook:softwaretype
default = ${neo-cluster:rendered}
{{ admin_software_type }} = {{ neo_admin }}
{{ mysql_storage_software_type }} = {{ neo_storage_mysql }}
recipe = slapos.cookbook:switch-softwaretype
override = {{ dumps(override_switch_softwaretype |default) }}
default = neo-cluster:rendered
# BBB
RootSoftwareInstance = ${:default}
neo = neo-storage-mysql:rendered
software/neoppod/my.cnf.in 0 → 100644
View file @ 94026302
{% macro assert(x) %}{{ ("",)[not x] }}{% endmacro -%}
{% set socket = parameter_dict['socket'] -%}
{% set extra_dict = parameter_dict['extra-dict'] -%}
[mysqld]
skip_networking
socket = {{ socket }}
datadir = {{ parameter_dict['data-directory'] }}
pid_file = {{ parameter_dict['pid-file'] }}
log_error = {{ parameter_dict['error-log'] }}
slow_query_log
slow_query_log_file = {{ parameter_dict['slow-query-log'] }}
init_file = {{ parameter_dict['init-file'] }}
log_warnings = 1
disable-log-bin
### Enables TokuDB
plugin-load = ha_tokudb
## The following settings come from ERP5 configuration.
max_allowed_packet = 128M
query_cache_size = 32M
innodb_locks_unsafe_for_binlog = 1
# Some dangerous settings you may want to uncomment temporarily
# if you only want performance or less disk access.
{% set x = '' if extra_dict.pop('relaxed-writes', False) else '#' -%}
{{x}}innodb_flush_log_at_trx_commit = 0
{{x}}innodb_flush_method = nosync
{{x}}innodb_doublewrite = 0
{{x}}sync_frm = 0
# Extra parameters.
{%- do extra_dict.setdefault('innodb_file_per_table', '0') %}
{%- for k, v in extra_dict.iteritems() %}
{%- do assert('-' not in k) %}
{{ k }} = {{ v }}
{%- endfor %}
# Force utf8 usage
collation_server = utf8_unicode_ci
character_set_server = utf8
skip_character_set_client_handshake
[client]
socket = {{ socket }}
user = root
software/neoppod/root-common.cfg.in 0 → 100644
View file @ 94026302
{% macro section(name) %}{% do part_list.append(name) %}{{ name }}{% endmacro -%}
{% set part_list = [] -%}
{% set sla_dict = {} -%}
{% for sla, ref_list in slapparameter_dict.get('sla-dict', {}).iteritems() -%}
{% do sla_dict.update(dict.fromkeys(ref_list, sla)) -%}
{% endfor -%}
{% macro sla(name, required=False) -%}
{% if required or name in sla_dict -%}
{% for k, (v,) in urlparse.parse_qs(sla_dict.pop(name), strict_parsing=1).iteritems() -%}
sla-{{ k }} = {{ v }}
{% endfor -%}
{% else -%}
sla-computer_guid = ${slap-connection:computer-id}
{% endif -%}
{% endmacro -%}
{% macro common_section() -%}
[request-common-base]
recipe = slapos.cookbook:request.serialised
software-url = ${slap-connection:software-release-url}
server-url = ${slap-connection:server-url}
key-file = ${slap-connection:key-file}
cert-file = ${slap-connection:cert-file}
computer-id = ${slap-connection:computer-id}
partition-id = ${slap-connection:partition-id}
[buildout]
parts =
publish
{{ part_list | join('\n\t') }}
{{- assert(not sla_dict, sla_dict) }}
{% endmacro -%}
{% macro request_neo(parameter_dict, software_type, prefix='node-') -%}
{% set section_id_list = [] -%}
[{{ prefix }}request-common]
<= request-common-base
config-cluster = {{ parameter_dict['cluster'] }}
{% set replicas = parameter_dict.get('replicas', 0) -%}
config-partitions = {{ dumps(parameter_dict.get('partitions', 12)) }}
config-replicas = {{ dumps(replicas) }}
config-ssl = {{ dumps((
parameter_dict.get('_ca'),
parameter_dict.get('_cert'),
parameter_dict.get('_key'),
) if parameter_dict.get('ssl', 1) else ()) }}
config-upstream-cluster = {{ dumps(parameter_dict.get('upstream-cluster', '')) }}
config-upstream-masters = {{ dumps(parameter_dict.get('upstream-masters', '')) }}
software-type = {{ software_type }}
{% set node_list = parameter_dict.get('node-list', ({},)) -%}
{% set storage_count = [] -%}
{% for node in node_list -%}
{% do storage_count.append(node.get('storage-count', 1)) -%}
{% endfor -%}
config-autostart = {{ dumps(sum(storage_count)) }}
{% do assert(replicas < len(node_list)) -%}
{% for i, node in enumerate(node_list) -%}
{% set section_id = prefix ~ i -%}
{% do section_id_list.append(section_id) -%}
[{{ section_id }}-base]
name = {{ section_id }}
{% for k, v in node.iteritems() -%}
config-{{ k }} = {{ dumps(v) }}
{% endfor -%}
{{ sla(section_id) }}
[{{ section_id }}]
<= {{ prefix }}request-common
{{ section_id }}-base
return =
master
admin
{% endfor -%}
[final-base]
{% for i, section_id in enumerate(section_id_list) -%}
config-master-{{i}} = {{ '${' + section_id + ':connection-master}' }}
config-admin-{{i}} = {{ '${' + section_id + ':connection-admin}' }}
{% endfor -%}
{% for section_id in section_id_list -%}
[{{ section(section_id + '-final') }}]
<= {{ prefix }}request-common
final-base
{{ section_id }}-base
{% if loop.first -%}
return =
masters
admins
{% endif -%}
{% endfor -%}
{% endmacro -%}
software/neoppod/software-common.cfg 0 → 100644
View file @ 94026302
# Note on LXML/END LXML: they delimit areas where lxml magic is needed. lxml is
# a slapos.cookbook dependency, so it should be fetched automatically. But when
# automatically fetched, it gets built against system headers/libs, which is
# forbidden in slapos. So we need to fetch lxml explicitly so it is properly
# built.
[buildout]
extends =
../../stack/slapos.cfg
../../component/dcron/buildout.cfg
../../component/gzip/buildout.cfg
../../component/logrotate/buildout.cfg
#LXML
../../component/lxml-python/buildout.cfg
#END LXML
../../component/mysql-python/buildout.cfg
../../component/pycrypto-python/buildout.cfg
parts =
# keep neoppod first so that ZODB3 is built correctly,
# before any other section that would depend on it
neoppod
slapos-deps-eggs
slapos-cookbook-develop
slapos-cookbook
[slapos-deps-eggs]
recipe = zc.recipe.egg
eggs =
${lxml-python:egg}
${python-PyYAML:egg}
${pycrypto-python:egg}
${python-cliff:egg}
slapos.toolbox
scripts =
slapos-kill
[template-logrotate-base]
recipe = slapos.recipe.template:jinja2
template = ${:_profile_base_location_}/${:filename}.in
rendered = ${buildout:directory}/${:filename}
filename = instance-logrotate-base.cfg
md5sum = af19ff0c7817df85987c69738fb083f2
context =
key dcron_location dcron:location
key gzip_location gzip:location
key logrotate_location logrotate:location
[download-base-neo]
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/${:_buildout_section_name_}.cfg.in
# XXX: following mode should be the default
mode = 644
# XXX: must be rendered, not just dled
[instance-common]
recipe = slapos.recipe.template:jinja2
template = ${:_profile_base_location_}/${:_buildout_section_name_}.cfg.in
rendered = ${buildout:directory}/${:_buildout_section_name_}.cfg
md5sum = e8f5a83580e9791a32c66f5935cb6840
context =
key bin_directory buildout:bin-directory
key develop_eggs_directory buildout:develop-eggs-directory
key eggs_directory buildout:eggs-directory
key mariadb_location mariadb:location
key neo_admin instance-neo-admin:target
key neo_master instance-neo-master:target
key neo_storage_mysql instance-neo-storage-mysql:target
key template_logrotate_base template-logrotate-base:rendered
key template_neo_my_cnf template-neo-my-cnf:target
[root-common]
<= download-base-neo
md5sum = f3259726bd5d824c569dc7db6b7d26a0
[instance-neo-admin]
<= download-base-neo
md5sum = f030a25d320f2edf0186b69bfa521228
[instance-neo-master]
<= download-base-neo
md5sum = 82f3f76f54ee9db355966a7ada61f56e
[instance-neo-storage-mysql]
<= download-base-neo
md5sum = 84b1150ce30ec827485f9c17debd6b44
[template-neo-my-cnf]
<= download-base-neo
url = ${:_profile_base_location_}/my.cnf.in
md5sum = febd3ed58043ce1367b86cf6e4e69700
[neoppod]
recipe = zc.recipe.egg
eggs = neoppod[admin, ctl, master, storage-importer, storage-mysqldb]
${mysql-python:egg}
ZODB3
ZODB3-patches = ${:_profile_base_location_}/../../component/egg-patch/ZODB3-3.10.5.patch
ZODB3-patch-options = -p1
[versions]
MySQL-python = 1.2.5
neoppod = 1.5
slapos.recipe.template = 2.8
# patched egg
ZODB3 = 3.10.5+SlapOSPatched001
# Required by slapos.toolbox==0.52
slapos.toolbox = 0.52
apache-libcloud = 0.18.0
atomize = 0.2.0
ecdsa = 0.13
feedparser = 5.2.1
GitPython = 1.0.1
gitdb = 0.6.4
lockfile = 0.10.2
paramiko = 1.15.3
pycrypto = 2.6.1
rpdb = 0.1.5
smmap = 0.9.0
##
software/neoppod/software.cfg
View file @ 94026302
# Note on LXML/END LXML: they delimit areas where lxml magic is needed. lxml is
# a slapos.cookbook dependency, so it should be fetched automatically. But when
# automatically fetched, it gets built against system headers/libs, which is
# forbidden in slapos. So we need to fetch lxml explicitly so it is properly
# built.
[buildout]
extends =
../../stack/slapos.cfg
#LXML
../../component/lxml-python/buildout.cfg
#END LXML
../../component/python-2.7/buildout.cfg
../../component/mariadb/buildout.cfg
../../component/mysql-python/buildout.cfg
software-common.cfg
parts =
slapos-deps-eggs
slapos-cookbook
# NEO & dependencies
python2.7
mariadb
mysql-python
neoppod
parts +=
# NEO instanciation
template-instance
[slapos-deps-eggs]
recipe = zc.recipe.egg
eggs =
#LXML
${lxml-python:egg}
#END LXML
template
[base-template]
[template]
recipe = slapos.recipe.template:jinja2
template = ${:_profile_base_location_}/${:filename}.in
rendered = ${buildout:directory}/${:filename}
extensions = jinja2.ext.do
extra-context =
context =
key eggs_directory buildout:eggs-directory
key develop_eggs_directory buildout:develop-eggs-directory
key bin_directory buildout:bin-directory
${:extra-context}
[template-neo-master]
< = base-template
filename = instance-neo-master.cfg
md5sum = 8947620b15535b95163c11a0efab546e
[template-neo-storage-mysql]
< = base-template
filename = instance-neo-storage-mysql.cfg
md5sum = 518c8c41ce73f0b608fbb1c3b889ca1b
extra-context =
key mariadb_location mariadb:location
key master_cfg template-neo-master:rendered
[template-neo-admin]
< = base-template
filename = instance-neo-admin.cfg
md5sum = 987f69333c563898cab21455509f8024
[template-cluster]
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/cluster.cfg.in
md5sum = edd46f8670421520ef20c786cd65d8c1
[template-instance]
< = base-template
template = ${:_profile_base_location_}/instance.cfg.in
md5sum = 777c00a7dbcb145a75f980421a9b20b5
# XXX: "template.cfg" is hardcoded in instanciation recipe
filename = template.cfg
md5sum = 17e761b371487b55b39da1c39ebb1bb6
extra-context =
key neo_master template-neo-master:rendered
key neo_storage_mysql template-neo-storage-mysql:rendered
key neo_admin template-neo-admin:rendered
key cluster template-cluster:target
[neoppod]
recipe = zc.recipe.egg
eggs = neoppod[admin, master, storage-mysqldb]
rendered = ${buildout:directory}/template.cfg
context =
key cluster cluster:target
key instance_common_cfg instance-common:rendered
key root_common root-common:target
[cluster]
<= download-base-neo
md5sum = ee8401a4e7d82bf488a57e3399f9ce48
[versions]
# To match ERP5
transaction = 1.1.1
ZConfig = 2.9.1
zc.lockfile = 1.0.2
zdaemon = 2.0.7
zope.event = 3.5.2
##
software/powerdns/software.cfg
View file @ 94026302
......@@ -62,6 +62,5 @@ mode = 0644
[versions]
PyRSS2Gen = 1.1
cns.recipe.symlink = 0.2.3
collective.recipe.template = 1.11
plone.recipe.command = 1.1
slapos.recipe.template = 2.7
slapos.recipe.template = 2.8
software/re6stnet/software.cfg
View file @ 94026302
......@@ -164,7 +164,7 @@ miniupnpc = 1.9
# Required by:
# slapos.toolbox==0.47.3
paramiko = 1.15.2
paramiko = 1.15.3
# Required by:
# slapos.toolbox==0.47.3
......
software/slapos-in-partition/common.cfg
View file @ 94026302
......@@ -52,7 +52,7 @@ context =
[slapos-configuration-file-template]
# Download the template of slapos.cfg
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/template/slapos.cfg.in
#md5sum =
target = ${buildout:directory}/slapos.cfg.in
......@@ -61,7 +61,7 @@ mode = 0644
[httpd-configuration-file-template]
# Download the template of httpd.conf
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/template/httpd.conf.in
mode = 0644
#md5sum =
......
software/slapos-in-partition/software.cfg
View file @ 94026302
......@@ -11,5 +11,4 @@ extends = common.cfg
Pygments = 1.6
collective.recipe.environment = 0.2.0
collective.recipe.template = 1.10
slapos.recipe.download = 1.0.dev-r4053
slapos.recipe.template = 2.7
software/slapos-master/apache.conf.in 0 → 100644
View file @ 94026302
LoadModule unixd_module modules/mod_unixd.so
LoadModule access_compat_module modules/mod_access_compat.so
LoadModule authz_core_module modules/mod_authz_core.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule version_module modules/mod_version.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
LoadModule ssl_module modules/mod_ssl.so
LoadModule mime_module modules/mod_mime.so
LoadModule dav_module modules/mod_dav.so
LoadModule dav_fs_module modules/mod_dav_fs.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule headers_module modules/mod_headers.so
PidFile "{{ parameter_dict['pid-file'] }}"
ServerAdmin admin@
TypesConfig conf/mime.types
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
ServerTokens Prod
ServerSignature Off
TraceEnable Off
TimeOut {{ parameter_dict['timeout'] }}
SSLCertificateFile {{ parameter_dict['cert'] }}
SSLCertificateKeyFile {{ parameter_dict['key'] }}
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
SSLProtocol -ALL +SSLv3 +TLSv1
SSLHonorCipherOrder On
{% if parameter_dict['cipher'] -%}
SSLCipherSuite {{ parameter_dict['cipher'] }}
{% else -%}
SSLCipherSuite RC4-SHA:HIGH:!ADH
{%- endif %}
SSLSessionCache shmcb:{{ parameter_dict['ssl-session-cache'] }}(512000)
SSLProxyEngine On
# As backend is trusting REMOTE_USER header unset it always
RequestHeader unset REMOTE_USER
ErrorLog "{{ parameter_dict['error-log'] }}"
# Default apache log format with request time in microsecond at the end
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %D" combined
CustomLog "{{ parameter_dict['access-log'] }}" combined
<Directory />
Options FollowSymLinks
AllowOverride None
Allow from all
</Directory>
RewriteEngine On
{% for port, _, backend, authentication in parameter_dict['backend-list'] -%}
{% for ip in parameter_dict['ip-list'] -%}
Listen {{ ip }}:{{ port }}
{% endfor -%}
<VirtualHost *:{{ port }}>
{% if authentication -%}
SSLVerifyClient require
RequestHeader set REMOTE_USER %{SSL_CLIENT_S_DN_CN}s
SSLCACertificateFile {{ parameter_dict['ca-cert'] }}
SSLCARevocationPath {{ parameter_dict['crl'] }}
{% endif -%}
SSLEngine on
RewriteRule ^/(.*) {{ backend }}/$1 [L,P]
</VirtualHost>
{% endfor -%}
software/slapos-master/instance-balancer.cfg.in 0 → 100644
View file @ 94026302
{% set part_list = [] -%}
{% set ssl_parameter_dict = slapparameter_dict.get('ssl', {}) %}
{% macro section(name) %}{% do part_list.append(name) %}{{ name }}{% endmacro -%}
{% set use_ipv6 = slapparameter_dict.get('use-ipv6', False) -%}
{#
XXX: This template only supports exactly one IPv4 and (if ipv6 is used) one IPv6
per partition. No more (undefined result), no less (IndexError).
-#}
# TODO: insert varnish between apache & haproxy.
# And think of a way to specify which urls goe through varnish, which go
# directly to haproxy. (maybe just passing literal configuration file chunk)
{% set ipv4 = (ipv4_set | list)[0] -%}
{% set apache_ip_list = [ipv4] -%}
{% if ipv6_set -%}
{% set ipv6 = (ipv6_set | list)[0] -%}
{% do apache_ip_list.append('[' ~ ipv6 ~ ']') -%}
{% endif -%}
{% if use_ipv6 -%}
[zope-tunnel-base]
recipe = slapos.cookbook:ipv4toipv6
runner-path = ${directory:services}/${:base-name}
6tunnel-path = {{ parameter_dict['6tunnel'] }}/bin/6tunnel
shell-path = {{ parameter_dict['dash'] }}/bin/dash
ipv4 = {{ ipv4 }}
{% endif -%}
{% set haproxy_dict = {} -%}
{% set apache_dict = {} -%}
{% set next_port = slapparameter_dict['tcpv4-port'] -%}
{% for family_name, parameter_id_list in slapparameter_dict['zope-family-dict'].items() -%}
{% set zope_family_address_list = [] -%}
{% set has_webdav = [] -%}
{% for parameter_id in parameter_id_list -%}
{% set zope_address_list = slapparameter_dict[parameter_id] -%}
{% for zope_address, maxconn, webdav in zope_address_list -%}
{% if webdav -%}
{% do has_webdav.append(None) %}
{% endif -%}
{% if use_ipv6 -%}
[{{ section('zope-tunnel-' ~ next_port) }}]
< = zope-tunnel-base
base-name = {{ 'zeo-tunnel-' ~ next_port }}
ipv4-port = {{ next_port }}
ipv6-port = {{ zope_address.split(']:')[1] }}
ipv6 = {{ zope_address.split(']:')[0][1:] }}
{% set zope_effective_address = ipv4 ~ ":" ~ next_port -%}
{% set next_port = next_port + 1 -%}
{% else -%}
{% set zope_effective_address = zope_address -%}
{% endif -%}
{% do zope_family_address_list.append((zope_effective_address, maxconn, webdav)) -%}
{% endfor -%}
{% endfor -%}
{# Make rendering fail artificially if any family has no known backend.
# This is useful as haproxy's hot-reconfiguration mechanism is
# supervisord-incompatible.
# As jinja2 postpones KeyError until place-holder value is actually used,
# do a no-op getitem.
-#}
{% do zope_family_address_list[0][0] -%}
{% set haproxy_port = next_port -%}
{% set next_port = next_port + 1 -%}
{% do haproxy_dict.__setitem__(family_name, (haproxy_port, zope_family_address_list)) -%}
{% if has_webdav -%}
{% set internal_scheme = 'http' -%}{# mod_rewrite does not recognise webdav scheme -#}
{% set external_scheme = 'webdavs' -%}
{% else %}
{% set internal_scheme = 'http' -%}
{% set external_scheme = 'https' -%}
{% endif -%}
{% set backend_path = slapparameter_dict['backend-path-dict'][family_name] -%}
{% set ssl_authentication = slapparameter_dict['ssl-authentication-dict'][family_name] -%}
{% do apache_dict.__setitem__(family_name, (next_port, external_scheme, internal_scheme ~ '://' ~ ipv4 ~ ':' ~ haproxy_port ~ backend_path, ssl_authentication)) -%}
{% set next_port = next_port + 1 -%}
{% endfor -%}
[apache-certificate-authority]
recipe = slapos.cookbook:certificate_authority
openssl-binary = {{ parameter_dict['openssl'] }}/bin/openssl
ca-dir = ${directory:ca-dir}
requests-directory = ${directory:requests}
wrapper = ${directory:services}/apache-ca
ca-private = ${directory:private}
ca-certs = ${directory:certs}
ca-newcerts = ${directory:newcerts}
ca-crl = ${directory:crl}
country-code = {{ slapparameter_dict['country-code'] }}
email = {{ slapparameter_dict['email'] }}
state = {{ slapparameter_dict['state'] }}
city = {{ slapparameter_dict['city'] }}
company = {{ slapparameter_dict['company'] }}
[haproxy-cfg-parameter-dict]
socket-path = ${directory:run}/haproxy.sock
server-check-path = {{ dumps(slapparameter_dict['haproxy-server-check-path']) }}
backend-dict = {{ dumps(haproxy_dict) }}
ip = {{ ipv4 }}
[haproxy-cfg]
recipe = slapos.recipe.template:jinja2
template = {{ parameter_dict['template-haproxy-cfg'] }}
rendered = ${directory:etc}/haproxy.cfg
context = section parameter_dict haproxy-cfg-parameter-dict
extensions = jinja2.ext.do
[{{ section('haproxy') }}]
recipe = slapos.cookbook:wrapper
wrapper-path = ${directory:services}/haproxy
command-line = "{{ parameter_dict['haproxy'] }}/sbin/haproxy" -f "${haproxy-cfg:rendered}"
{# TODO: build socat and wrap it as "${directory:bin}/haproxy-ctl" to connect to "${haproxy-cfg-parameter-dict:socket-path}" #}
[apache-conf-ssl]
cert = ${directory:apache-conf}/apache.crt
key = ${directory:apache-conf}/apache.pem
ca-cert = ${directory:apache-conf}/ca.crt
crl = ${directory:apache-conf}/crl.pem
[apache-conf-parameter-dict]
backend-list = {{ dumps(apache_dict.values()) }}
ip-list = {{ dumps(apache_ip_list) }}
pid-file = ${directory:run}/apache.pid
error-log = ${directory:log}/apache-error.log
access-log = ${directory:log}/apache-access.log
# Apache 2.4's default value (60 seconds) can be a bit too short
timeout = 300
# Basic SSL server configuration
cert = ${apache-ssl:cert}
key = ${apache-ssl:key}
cipher =
ssl-session-cache = ${directory:log}/apache-ssl-session-cache
# Client x509 auth
{% if ssl_parameter_dict.get('ca-cert') and ssl_parameter_dict.get('ca-crl') -%}
ca-cert = {{ dumps(ssl_parameter_dict.get('ca-cert')) }}
crl = {{ dumps(ssl_parameter_dict.get('ca-crl')) }}
{% else -%}
ca-cert = ${apache-certificate-authority:ca-dir}/cacert.pem
crl = ${apache-certificate-authority:ca-crl}
{% endif -%}
[apache-conf]
recipe = slapos.recipe.template:jinja2
template = {{ parameter_dict['template-apache-conf'] }}
rendered = ${directory:apache-conf}/apache.conf
context = section parameter_dict apache-conf-parameter-dict
[{{ section('apache') }}]
recipe = slapos.cookbook:wrapper
wrapper-path = ${directory:services}/apache
command-line = "{{ parameter_dict['apache'] }}/bin/httpd" -f "${apache-conf:rendered}" -DFOREGROUND
[{{ section('apache-promise') }}]
# Check any apache port in ipv4, expect other ports and ipv6 to behave consistently
recipe = slapos.cookbook:check_port_listening
path = ${directory:promise}/apache
hostname = {{ ipv4 }}
port = {{ apache_dict.values()[0][0] }}
[publish]
recipe = slapos.cookbook:publish.serialised
{% for family_name, (apache_port, scheme, _, _) in apache_dict.items() -%}
{{ family_name ~ '-v6' }} = {% if ipv6_set %}{{ scheme ~ '://[' ~ ipv6 ~ ']:' ~ apache_port }}{% endif %}
{{ family_name }} = {{ scheme ~ '://' ~ ipv4 ~ ':' ~ apache_port }}
{% endfor -%}
[apache-ssl]
recipe = plone.recipe.command
command = "{{ parameter_dict['openssl'] }}/bin/openssl" req -newkey rsa -batch -new -x509 -days 3650 -nodes -keyout "${:key}" -out "${:cert}"
key = ${apache-conf-ssl:key}
cert = ${apache-conf-ssl:cert}
[logrotate-apache]
recipe = slapos.cookbook:logrotate.d
logrotate-entries = ${logrotate:logrotate-entries}
backup = ${logrotate:backup}
name = apache
log = ${apache-conf-parameter-dict:error-log} ${apache-conf-parameter-dict:access-log}
post = {{ parameter_dict['bin-directory'] }}/slapos-kill --pidfile ${apache-conf-parameter-dict:pid-file} -s USR1
[directory]
recipe = slapos.cookbook:mkdirectory
apache-conf = ${:etc}/apache
bin = ${buildout:directory}/bin
etc = ${buildout:directory}/etc
promise = ${directory:etc}/promise
services = ${:etc}/run
var = ${buildout:directory}/var
run = ${:var}/run
log = ${:var}/log
ca-dir = ${buildout:directory}/srv/ssl
requests = ${:ca-dir}/requests
private = ${:ca-dir}/private
certs = ${:ca-dir}/certs
newcerts = ${:ca-dir}/newcerts
crl = ${:ca-dir}/crl
[buildout]
extends = {{ logrotate_cfg }}
parts +=
publish
logrotate-apache
apache-certificate-authority
{{ part_list | join('\n ') }}
software/slapos-master/instance-create-erp5-site-real.cfg.in 0 → 100644
View file @ 94026302
[directory]
recipe = slapos.cookbook:mkdirectory
etc = ${buildout:directory}/etc
services = ${:etc}/run
promise = ${:etc}/promise
[erp5-bootstrap]
recipe = slapos.cookbook:erp5.bootstrap
runner-path = ${directory:services}/erp5-bootstrap
{# Note: a random domain name will be picked if several point to the same IP -#}
{% set reverse_hosts = {} -%}
{% for x, y in publish['hosts-dict'].iteritems() -%}
{% do reverse_hosts.__setitem__(y, x) -%}
{% endfor -%}
{# XXX: Expect the first database to be the one to use for catalog. -#}
{% set mysql_parsed = urlparse.urlparse(publish['mariadb-database-list'][0]) -%}
mysql-url = {{ dumps(urlparse.urlunparse(mysql_parsed[:1] + (mysql_parsed.username + ":" + mysql_parsed.password + "@" + reverse_hosts.get(mysql_parsed.hostname, mysql_parsed.hostname) + ':' ~ mysql_parsed.port, ) + mysql_parsed[2:])) }}
{# Pick the first http[s] family found, they should be all equivalent anyway. -#}
{# Don't pick the https[s] configurated with ssl-authenticat=true. By convention, this family name contain 'service'. -#}
{% set family_list = [] -%}
{% for key, value in publish.items() -%}
{% if key.startswith('family-') and not 'service' in key and value.startswith('http') -%}
{% do family_list.append(value.split('://', 1)) -%}
{% endif -%}
{% endfor -%}
zope-url = {{ dumps(family_list[0][0] + '://' + publish['inituser-login'] + ':' + publish['inituser-password'] + '@' + family_list[0][1] + '/' + publish['site-id']) }}
[promise-erp5-site]
recipe = slapos.cookbook:check_url_available
url = ${erp5-bootstrap:zope-url}
path = ${directory:promise}/erp5-site
dash_path = {{ parameter_dict['dash-location'] }}/bin/dash
curl_path = {{ parameter_dict['curl-location'] }}/bin/curl
[buildout]
parts = promise-erp5-site
eggs-directory = {{ eggs_directory }}
develop-eggs-directory = {{ develop_eggs_directory }}
\ No newline at end of file
software/slapos-master/instance-erp5.cfg.in 0 → 100644
View file @ 94026302
{% set frontend_dict = slapparameter_dict.get('frontend', {}) %}
{% set has_frontend = frontend_dict.get('software-url', '') != '' -%}
{% set site_id = slapparameter_dict.get('site-id', 'erp5') -%}
{% set inituser_login = slapparameter_dict.get('inituser-login', 'zope') -%}
{% set publish_dict = {'site-id': site_id, 'inituser-login': inituser_login} -%}
[request-common]
recipe = slapos.cookbook:request.serialised
software-url = ${slap-connection:software-release-url}
server-url = ${slap-connection:server-url}
key-file = ${slap-connection:key-file}
cert-file = ${slap-connection:cert-file}
computer-id = ${slap-connection:computer-id}
partition-id = ${slap-connection:partition-id}
config-use-ipv6 = {{ dumps(slapparameter_dict.get('use-ipv6', False)) }}
{% macro request(name, software_type, config_key, config, ret={'url': True}) -%}
{% do config.update(slapparameter_dict.get(config_key, {})) -%}
{% set section = 'request-' ~ name -%}
[{{ section }}]
< = request-common
name = {{ name }}
software-type = {{ software_type }}
return = {{ ret.keys() | join(' ') }}
{% for ret, publish in ret.items() -%}
{% if publish -%}
{% do publish_dict.__setitem__(name ~ '-' ~ ret, '${' ~ section ~ ':connection-' ~ ret ~ '}')%}
{% endif -%}
{% endfor -%}
sla-computer_guid = {{ dumps(slapparameter_dict.get(config_key + '-computer-guid', computer_id)) }}
{% for option, value in config.items() -%}
config-{{ option }} = {{ dumps(value) }}
{% endfor -%}
{% endmacro -%}
{{ request('memcached-persistent', 'kumofs', 'kumofs', {'tcpv4-port': 2000}) }}
{{ request('memcached-volatile', 'kumofs', 'memcached', {'tcpv4-port': 2010, 'ram-storage-size': 64}) }}
{{ request('cloudooo', 'cloudooo', 'cloudooo', {'tcpv4-port': 2020}) }}
{{ request('mariadb', 'mariadb', 'mariadb', {'tcpv4-port': 2099}, {'database-list': True, 'test-database-list': True}) }}
{# Fail early if an unexpected value is provided -#}
{% set zodb_type = slapparameter_dict.get('zodb-software-type') -%}
{% set zodb_extern = slapparameter_dict.get('zodb-extern') -%}
{% if {'zeo': 1, None: 0}[zodb_type] -%}
{{ request('zodb', 'zodb-' ~ zodb_type, 'zodb', {'tcpv4-port': 2100, 'zodb-dict': {'root': {}}}, {'zodb-storage-type': False, 'zodb-dict': False, 'tidstorage-ip': False, 'tidstorage-port': False}) }}
{% else -%}
{% do zodb_extern[0] %}
{% endif -%}
[inituser-password]
{% set inituser_password = slapparameter_dict.get('inituser-password') -%}
{% if inituser_password -%}
passwd = {{ dumps(inituser_password) }}
{% else -%}
recipe = slapos.cookbook:generate.password
{% endif -%}
[deadlock-debugger-password]
{% set deadlock_debugger_password = slapparameter_dict.get('deadlock-debugger-password') -%}
{% if deadlock_debugger_password -%}
passwd = {{ dumps(deadlock_debugger_password) }}
{% else -%}
recipe = slapos.cookbook:generate.password
{% endif -%}
[request-zope-base]
< = request-common
return =
zope-address-list
hosts-dict
config-bt5 = {{ dumps(slapparameter_dict.get('bt5', 'erp5_full_text_myisam_catalog erp5_configurator_standard erp5_configurator_maxma_demo erp5_configurator_ung erp5_configurator_run_my_doc slapos_configurator')) }}
config-bt5-repository-url = {{ dumps(slapparameter_dict.get('bt5-repository-url', local_bt5_repository)) }}
config-cloudooo-url = ${request-cloudooo:connection-url}
config-deadlock-debugger-password = ${deadlock-debugger-password:passwd}
config-developer-list = {{ dumps(slapparameter_dict.get('developer-list', [inituser_login])) }}
config-hosts-dict = {{ dumps(slapparameter_dict.get('hosts-dict', {})) }}
config-inituser-login = {{ dumps(inituser_login) }}
config-inituser-password = ${inituser-password:passwd}
config-kumofs-url = ${request-memcached-persistent:connection-url}
config-memcached-url = ${request-memcached-volatile:connection-url}
config-mysql-test-url-list = ${request-mariadb:connection-test-database-list}
config-mysql-url-list = ${request-mariadb:connection-database-list}
config-site-id = {{ dumps(site_id) }}
config-smtp-url = {{ dumps(slapparameter_dict.get('smtp-url', 'smtp://localhost:25/')) }}
config-timezone = {{ dumps(slapparameter_dict.get('timezone', 'UTC')) }}
{% if zodb_type -%}
config-tidstorage-ip = ${request-zodb:connection-tidstorage-ip}
config-tidstorage-port = ${request-zodb:connection-tidstorage-port}
config-zodb-dict = ${request-zodb:connection-zodb-dict}
config-zodb-storage-type = ${request-zodb:connection-zodb-storage-type}
{% endif -%}
{% if zodb_extern -%}
config-zodb-extern = {{ dumps(zodb_extern) }}
{% endif -%}
software-type = zope
{% set zope_family_dict = {} -%}
{% set zope_backend_path_dict = {} -%}
{% set ssl_authentication_dict = {} -%}
{% for custom_name, zope_parameter_dict in slapparameter_dict.get('zope-partition-dict', {'1': {}}).items() -%}
{% set partition_name = 'zope-' ~ custom_name -%}
{% set section_name = 'request-' ~ partition_name -%}
{% set backend_path = zope_parameter_dict.get('backend-path', '/') % {'site-id': site_id} %}
{% do zope_family_dict.setdefault(zope_parameter_dict.get('family', 'default'), []).append(section_name) -%}
{% do zope_backend_path_dict.setdefault(zope_parameter_dict.get('family', 'default'), backend_path) -%}
{% do ssl_authentication_dict.setdefault(zope_parameter_dict.get('family', 'default'), zope_parameter_dict.get('ssl-authentication', False)) -%}
[{{ section_name }}]
< = request-zope-base
name = {{ partition_name }}
config-name = {{ dumps(custom_name) }}
config-instance-count = {{ dumps(zope_parameter_dict.get('instance-count', 1)) }}
config-thread-amount = {{ dumps(zope_parameter_dict.get('thread-amount', 1)) }}
config-timerserver-interval = {{ dumps(zope_parameter_dict.get('timerserver-interval', 5)) }}
config-longrequest-logger-interval = {{ dumps(zope_parameter_dict.get('longrequest-logger-interval', -1)) }}
config-longrequest-logger-timeout = {{ dumps(zope_parameter_dict.get('longrequest-logger-timeout', 1)) }}
config-port-base = {{ dumps(zope_parameter_dict.get('port-base', 2200)) }}
config-webdav = {{ dumps(zope_parameter_dict.get('webdav', False)) }}
sla-computer_guid = {{ dumps(zope_parameter_dict.get('computer-guid', computer_id)) }}
{% endfor -%}
{# We need to concatenate lists that we cannot read as lists, so this gets hairy. -#}
{% set zope_address_list_id_dict = {} -%}
{% set zope_family_parameter_dict = {} -%}
{% for family_name, zope_section_id_list in zope_family_dict.items() -%}
{% for zope_section_id in zope_section_id_list -%}
{% set parameter_name = 'zope-family-entry-' ~ zope_section_id -%}
{% do zope_address_list_id_dict.__setitem__(zope_section_id, parameter_name) -%}
{% do zope_family_parameter_dict.setdefault(family_name, []).append(parameter_name) -%}
{% endfor -%}
{% if has_frontend -%}
{% set frontend_name = 'frontend-' ~ family_name -%}
{% set publishable = frontend_name ~ ':connection-site_url' -%}
[{{ frontend_name }}]
< = request-frontend-base
name = {{ frontend_name }}
config-url = ${request-balancer:{{ family_name }}-v6}
{% else -%}
{% set publishable = 'request-balancer:connection-' ~ family_name -%}
{% endif -%}
{% do publish_dict.__setitem__('family-' ~ family_name, '${' ~ publishable ~ '}' ) -%}
{% endfor -%}
{% set balancer_dict = slapparameter_dict.get('balancer', {}) -%}
[request-balancer]
< = request-common
name = balancer
software-type = balancer
sla-computer_guid = {{ dumps(slapparameter_dict.get('balancer-computer-guid', computer_id)) }}
return =
{%- for family in zope_family_dict %}
{{ family }}
{{ family }}-v6
{% endfor -%}
config-zope-family-dict = {{ dumps(zope_family_parameter_dict) }}
config-backend-path-dict = {{ dumps(zope_backend_path_dict) }}
config-ssl-authentication-dict = {{ dumps(ssl_authentication_dict) }}
config-tcpv4-port = {{ dumps(balancer_dict.get('tcpv4-port', 2150)) }}
{% for zope_section_id, name in zope_address_list_id_dict.items() -%}
config-{{ name }} = {{ ' ${' ~ zope_section_id ~ ':connection-zope-address-list}' }}
{% endfor -%}
# XXX: should those really be same for all families ?
config-haproxy-server-check-path = {{ dumps(balancer_dict.get('haproxy-server-check-path', '/') % {'site-id': site_id}) }}
config-ssl = {{ dumps(balancer_dict.get('ssl', {})) }}
config-country-code = {{ slapparameter_dict.get('country-code', 'ZZ') }}
config-email = {{ slapparameter_dict.get('email', 'nobody@example.com') }}
config-state = {{ slapparameter_dict.get('state', "('State',)") }}
config-city = {{ slapparameter_dict.get('city', 'City') }}
config-company = {{ slapparameter_dict.get('company', 'Compagny') }}
[request-frontend-base]
{% if has_frontend -%}
< = request-common
software-url = {{ dumps(frontend_dict['software-url']) }}
software-type = {{ dumps(frontend_dict.get('software-type', 'RootSoftwareInstance')) }}
sla-instance_guid = {{ dumps(frontend_dict['instance-guid']) }}
slave = true
{% set config_dict = {
'type': 'zope',
} -%}
{% if frontend_dict.get('domain') -%}
{% do config_dict.__setitem__('custom_domain', frontend_dict['domain']) -%}
{% endif -%}
{% for name, value in config_dict.items() -%}
config-{{ name }} = {{ value }}
{% endfor -%}
return = site_url
{% endif -%}
[publish]
recipe = slapos.cookbook:publish.serialised
deadlock-debugger-password = ${deadlock-debugger-password:passwd}
inituser-password = ${inituser-password:passwd}
{#
Pick any published hosts-dict, they are expected to be identical - and there is
no way to check here.
-#}
hosts-dict = {{ '${' ~ zope_address_list_id_dict.keys()[0] ~ ':connection-hosts-dict}' }}
{% for name, value in publish_dict.items() -%}
{{ name }} = {{ value }}
{% endfor -%}
[buildout]
parts = publish
software/slapos-master/software.cfg 0 → 100644
View file @ 94026302
[buildout]
extends =
../../stack/erp5/buildout.cfg
parts +=
vifib-fix-products-paths
[local-bt5-repository]
# Same as bt5-repository, but only local repository.
# Used to generate bt5lists.
list = ${erp5:location}/bt5 ${erp5:location}/product/ERP5/bootstrap ${vifib:location}/master/bt5
[genbt5list]
recipe = plone.recipe.command
stop-on-error = true
genbt5list = ${erp5:location}/product/ERP5/bin/genbt5list
command =
${buildout:executable} ${:genbt5list} ${local-bt5-repository:list}
update-command = ${:command}
[erp5_repository_list]
repository_id_list = erp5 vifib/master
[erp5]
recipe = slapos.recipe.build:gitclone
repository = http://git.erp5.org/repos/erp5.git
branch = interaction-drop
git-executable = ${git:location}/bin/git
[vifib]
recipe = slapos.recipe.build:gitclone
repository = https://lab.nexedi.com/nexedi/slapos.core.git
branch = master
git-executable = ${git:location}/bin/git
[vifib-fix-products-paths]
recipe = plone.recipe.command
stop-on-error = true
command =
for DIR in "${vifib:location}/master"; do cd "$DIR"; rm -f Products ; ln -s product Products; touch product/__init__.py; done
update-command = ${:command}
[eggs]
eggs +=
suds
facebook-sdk
google-api-python-client
spyne
slapos.core
dummy +=
${vifib:location}
extra-paths +=
${vifib:location}/master
[template-erp5]
md5sum = 6ada1fd4af0a451516443bfb6d00b717
[template-balancer]
md5sum = 818ab59ae966114735866aecef7a8563
[template-apache-conf]
md5sum = bb329fc28bef095a01efc901d2f84149
[template-create-erp5-site-real]
md5sum = 61824aab2172d21f1d6403a35cab47cd
[versions]
python-memcached = 1.47
facebook-sdk = 0.4.0
google-api-python-client = 1.2
[networkcache]
# signature certificates of the following uploaders.
# Romain Courteaud
# Sebastien Robin
# Kazuhiko Shiozaki
# Cedric de Saint Martin
# Yingjie Xu
# Gabriel Monnerat
# Łukasz Nowak
# Test Agent (Automatic update from tests)
# Aurélien Calonne
signature-certificate-list =
-----BEGIN CERTIFICATE-----
MIIB4DCCAUkCADANBgkqhkiG9w0BAQsFADA5MQswCQYDVQQGEwJGUjEZMBcGA1UE
CBMQRGVmYXVsdCBQcm92aW5jZTEPMA0GA1UEChMGTmV4ZWRpMB4XDTExMDkxNTA5
MDAwMloXDTEyMDkxNTA5MDAwMlowOTELMAkGA1UEBhMCRlIxGTAXBgNVBAgTEERl
ZmF1bHQgUHJvdmluY2UxDzANBgNVBAoTBk5leGVkaTCBnzANBgkqhkiG9w0BAQEF
AAOBjQAwgYkCgYEApYZv6OstoqNzxG1KI6iE5U4Ts2Xx9lgLeUGAMyfJLyMmRLhw
boKOyJ9Xke4dncoBAyNPokUR6iWOcnPHtMvNOsBFZ2f7VA28em3+E1JRYdeNUEtX
Z0s3HjcouaNAnPfjFTXHYj4um1wOw2cURSPuU5dpzKBbV+/QCb5DLheynisCAwEA
ATANBgkqhkiG9w0BAQsFAAOBgQBCZLbTVdrw3RZlVVMFezSHrhBYKAukTwZrNmJX
mHqi2tN8tNo6FX+wmxUUAf3e8R2Ymbdbn2bfbPpcKQ2fG7PuKGvhwMG3BlF9paEC
q7jdfWO18Zp/BG7tagz0jmmC4y/8akzHsVlruo2+2du2freE8dK746uoMlXlP93g
QUUGLQ==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIB8jCCAVugAwIBAgIJAPu2zchZ2BxoMA0GCSqGSIb3DQEBBQUAMBIxEDAOBgNV
BAMMB3RzeGRldjMwHhcNMTExMDE0MTIxNjIzWhcNMTIxMDEzMTIxNjIzWjASMRAw
DgYDVQQDDAd0c3hkZXYzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrPbh+
YGmo6mWmhVb1vTqX0BbeU0jCTB8TK3i6ep3tzSw2rkUGSx3niXn9LNTFNcIn3MZN
XHqbb4AS2Zxyk/2tr3939qqOrS4YRCtXBwTCuFY6r+a7pZsjiTNddPsEhuj4lEnR
L8Ax5mmzoi9nE+hiPSwqjRwWRU1+182rzXmN4QIDAQABo1AwTjAdBgNVHQ4EFgQU
/4XXREzqBbBNJvX5gU8tLWxZaeQwHwYDVR0jBBgwFoAU/4XXREzqBbBNJvX5gU8t
LWxZaeQwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQA07q/rKoE7fAda
FED57/SR00OvY9wLlFEF2QJ5OLu+O33YUXDDbGpfUSF9R8l0g9dix1JbWK9nQ6Yd
R/KCo6D0sw0ZgeQv1aUXbl/xJ9k4jlTxmWbPeiiPZEqU1W9wN5lkGuLxV4CEGTKU
hJA/yXa1wbwIPGvX3tVKdOEWPRXZLg==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIB7jCCAVegAwIBAgIJAJWA0jQ4o9DGMA0GCSqGSIb3DQEBBQUAMA8xDTALBgNV
BAMMBHg2MXMwIBcNMTExMTI0MTAyNDQzWhgPMjExMTEwMzExMDI0NDNaMA8xDTAL
BgNVBAMMBHg2MXMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANdJNiFsRlkH
vq2kHP2zdxEyzPAWZH3CQ3Myb3F8hERXTIFSUqntPXDKXDb7Y/laqjMXdj+vptKk
3Q36J+8VnJbSwjGwmEG6tym9qMSGIPPNw1JXY1R29eF3o4aj21o7DHAkhuNc5Tso
67fUSKgvyVnyH4G6ShQUAtghPaAwS0KvAgMBAAGjUDBOMB0GA1UdDgQWBBSjxFUE
RfnTvABRLAa34Ytkhz5vPzAfBgNVHSMEGDAWgBSjxFUERfnTvABRLAa34Ytkhz5v
PzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAFLDS7zNhlrQYSQO5KIj
z2RJe3fj4rLPklo3TmP5KLvendG+LErE2cbKPqnhQ2oVoj6u9tWVwo/g03PMrrnL
KrDm39slYD/1KoE5kB4l/p6KVOdeJ4I6xcgu9rnkqqHzDwI4v7e8/D3WZbpiFUsY
vaZhjNYKWQf79l6zXfOvphzJ
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIB9jCCAV+gAwIBAgIJAO4V/jiMoICoMA0GCSqGSIb3DQEBBQUAMBMxETAPBgNV
BAMMCENPTVAtMjMyMCAXDTEyMDIxNjExMTAyM1oYDzIxMTIwMTIzMTExMDIzWjAT
MREwDwYDVQQDDAhDT01QLTIzMjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
wi/3Z8W9pUiegUXIk/AiFDQ0UJ4JFAwjqr+HSRUirlUsHHT+8DzH/hfcTDX1I5BB
D1ADk+ydXjMm3OZrQcXjn29OUfM5C+g+oqeMnYQImN0DDQIOcUyr7AJc4xhvuXQ1
P2pJ5NOd3tbd0kexETa1LVhR6EgBC25LyRBRae76qosCAwEAAaNQME4wHQYDVR0O
BBYEFMDmW9aFy1sKTfCpcRkYnP6zUd1cMB8GA1UdIwQYMBaAFMDmW9aFy1sKTfCp
cRkYnP6zUd1cMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAskbFizHr
b6d3iIyN+wffxz/V9epbKIZVEGJd/6LrTdLiUfJPec7FaxVCWNyKBlCpINBM7cEV
Gn9t8mdVQflNqOlAMkOlUv1ZugCt9rXYQOV7rrEYJBWirn43BOMn9Flp2nibblby
If1a2ZoqHRxoNo2yTmm7TSYRORWVS+vvfjY=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIB9jCCAV+gAwIBAgIJAIlBksrZVkK8MA0GCSqGSIb3DQEBBQUAMBMxETAPBgNV
BAMMCENPTVAtMzU3MCAXDTEyMDEyNjEwNTUyOFoYDzIxMTIwMTAyMTA1NTI4WjAT
MREwDwYDVQQDDAhDT01QLTM1NzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
ts+iGUwi44vtIfwXR8DCnLtHV4ydl0YTK2joJflj0/Ws7mz5BYkxIU4fea/6+VF3
i11nwBgYgxQyjNztgc9u9O71k1W5tU95yO7U7bFdYd5uxYA9/22fjObaTQoC4Nc9
mTu6r/VHyJ1yRsunBZXvnk/XaKp7gGE9vNEyJvPn2bkCAwEAAaNQME4wHQYDVR0O
BBYEFKuGIYu8+6aEkTVg62BRYaD11PILMB8GA1UdIwQYMBaAFKuGIYu8+6aEkTVg
62BRYaD11PILMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAMoTRpBxK
YLEZJbofF7gSrRIcrlUJYXfTfw1QUBOKkGFFDsiJpEg4y5pUk1s5Jq9K3SDzNq/W
it1oYjOhuGg3al8OOeKFrU6nvNTF1BAvJCl0tr3POai5yXyN5jlK/zPfypmQYxE+
TaqQSGBJPVXYt6lrq/PRD9ciZgKLOwEqK8w=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIB9jCCAV+gAwIBAgIJAPHoWu90gbsgMA0GCSqGSIb3DQEBBQUAMBQxEjAQBgNV
BAMMCXZpZmlibm9kZTAeFw0xMjAzMTkyMzIwNTVaFw0xMzAzMTkyMzIwNTVaMBQx
EjAQBgNVBAMMCXZpZmlibm9kZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
ozBijpO8PS5RTeKTzA90vi9ezvv4vVjNaguqT4UwP9+O1+i6yq1Y2W5zZxw/Klbn
oudyNzie3/wqs9VfPmcyU9ajFzBv/Tobm3obmOqBN0GSYs5fyGw+O9G3//6ZEhf0
NinwdKmrRX+d0P5bHewadZWIvlmOupcnVJmkks852BECAwEAAaNQME4wHQYDVR0O
BBYEFF9EtgfZZs8L2ZxBJxSiY6eTsTEwMB8GA1UdIwQYMBaAFF9EtgfZZs8L2ZxB
JxSiY6eTsTEwMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAc43YTfc6
baSemaMAc/jz8LNLhRE5dLfLOcRSoHda8y0lOrfe4lHT6yP5l8uyWAzLW+g6s3DA
Yme/bhX0g51BmI6gjKJo5DoPtiXk/Y9lxwD3p7PWi+RhN+AZQ5rpo8UfwnnN059n
yDuimQfvJjBFMVrdn9iP6SfMjxKaGk6gVmI=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIB9jCCAV+gAwIBAgIJAMNZBmoIOXPBMA0GCSqGSIb3DQEBBQUAMBMxETAPBgNV
BAMMCENPTVAtMTMyMCAXDTEyMDUwMjEyMDQyNloYDzIxMTIwNDA4MTIwNDI2WjAT
MREwDwYDVQQDDAhDT01QLTEzMjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
6peZQt1sAmMAmSG9BVxxcXm8x15kE9iAplmANYNQ7z2YO57c10jDtlYlwVfi/rct
xNUOKQtc8UQtV/fJWP0QT0GITdRz5X/TkWiojiFgkopza9/b1hXs5rltYByUGLhg
7JZ9dZGBihzPfn6U8ESAKiJzQP8Hyz/o81FPfuHCftsCAwEAAaNQME4wHQYDVR0O
BBYEFNuxsc77Z6/JSKPoyloHNm9zF9yqMB8GA1UdIwQYMBaAFNuxsc77Z6/JSKPo
yloHNm9zF9yqMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAl4hBaJy1
cgiNV2+Z5oNTrHgmzWvSY4duECOTBxeuIOnhql3vLlaQmo0p8Z4c13kTZq2s3nhd
Loe5mIHsjRVKvzB6SvIaFUYq/EzmHnqNdpIGkT/Mj7r/iUs61btTcGUCLsUiUeci
Vd0Ozh79JSRpkrdI8R/NRQ2XPHAo+29TT70=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIB9jCCAV+gAwIBAgIJAKRvzcy7OH0UMA0GCSqGSIb3DQEBBQUAMBMxETAPBgNV
BAMMCENPTVAtNzcyMCAXDTEyMDgxMDE1NDI1MVoYDzIxMTIwNzE3MTU0MjUxWjAT
MREwDwYDVQQDDAhDT01QLTc3MjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
o7aipd6MbnuGDeR1UJUjuMLQUariAyQ2l2ZDS6TfOwjHiPw/mhzkielgk73kqN7A
sUREx41eTcYCXzTq3WP3xCLE4LxLg1eIhd4nwNHj8H18xR9aP0AGjo4UFl5BOMa1
mwoyBt3VtfGtUmb8whpeJgHhqrPPxLoON+i6fIbXDaUCAwEAAaNQME4wHQYDVR0O
BBYEFEfjy3OopT2lOksKmKBNHTJE2hFlMB8GA1UdIwQYMBaAFEfjy3OopT2lOksK
mKBNHTJE2hFlMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAaNRx6YN2
M/p3R8/xS6zvH1EqJ3FFD7XeAQ52WuQnKSREzuw0dsw12ClxjcHiQEFioyTiTtjs
5pW18Ry5Ie7iFK4cQMerZwWPxBodEbAteYlRsI6kePV7Gf735Y1RpuN8qZ2sYL6e
x2IMeSwJ82BpdEI5niXxB+iT0HxhmR+XaMI=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIB+DCCAWGgAwIBAgIJAKGd0vpks6T/MA0GCSqGSIb3DQEBBQUAMBQxEjAQBgNV
BAMMCUNPTVAtMTU4NDAgFw0xMzA2MjAxMjE5MjBaGA8yMTEzMDUyNzEyMTkyMFow
FDESMBAGA1UEAwwJQ09NUC0xNTg0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
gQDZTH9etPUC+wMZQ3UIiOwyyCfHsJ+7duCFYjuo1uZrhtDt/fp8qb8qK9ob+df3
EEYgA0IgI2j/9jNUEnKbc5+OrfKznzXjrlrH7zU8lKBVNCLzQuqBKRNajZ+UvO8R
nlqK2jZCXP/p3HXDYUTEwIR5W3tVCEn/Vda4upTLcPVE5wIDAQABo1AwTjAdBgNV
HQ4EFgQU7KXaNDheQWoy5uOU01tn1M5vNkEwHwYDVR0jBBgwFoAU7KXaNDheQWoy
5uOU01tn1M5vNkEwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQASmqCU
Znbvu6izdicvjuE3aKnBa7G++Fdp2bdne5VCwVbVLYCQWatB+n4crKqGdnVply/u
+uZ16u1DbO9rYoKgWqjLk1GfiLw5v86pd5+wZd5I9QJ0/Sbz2vZk5S4ciMIGwArc
m711+GzlW5xe6GyH9SZaGOPAdUbI6JTDwLzEgA==
-----END CERTIFICATE-----
software/slapos-testing/software.cfg
View file @ 94026302
......@@ -50,23 +50,23 @@ repository = http://git.erp5.org/repos/slapos.git
[slapos.core-repository]
<= git-clone-repository
repository = http://git.erp5.org/repos/slapos.core.git
repository = https://lab.nexedi.com/nexedi/slapos.core.git
[slapos.package-repository]
<= git-clone-repository
repository = http://git.erp5.org/repos/slapos.package.git
repository = https://lab.nexedi.com/nexedi/slapos.package.git
[slapos.recipe.template-repository]
<= git-clone-repository
repository = http://git.erp5.org/repos/slapos.recipe.template.git
repository = https://lab.nexedi.com/nexedi/slapos.recipe.template.git
[slapos.recipe.build-repository]
<= git-clone-repository
repository = http://git.erp5.org/repos/slapos.recipe.build.git
repository = https://lab.nexedi.com/nexedi/slapos.recipe.build.git
[slapos.recipe.cmmi-repository]
<= git-clone-repository
repository = http://git.erp5.org/repos/slapos.recipe.cmmi.git
repository = https://lab.nexedi.com/nexedi/slapos.recipe.cmmi.git
[erp5-util-repository]
<= git-clone-repository
......
software/slaprunner/common.cfg
View file @ 94026302
......@@ -26,7 +26,7 @@ extends =
# stacks are listed from most generic to most specific,
# to avoid versioning issues
parts =
common-parts =
template
eggs
instance-runner-import
......@@ -36,6 +36,9 @@ parts =
rdiff-backup
collective.recipe.template-egg
parts =
${:common-parts}
# Use shellinabox from github with AF_UNIX support
[shellinabox]
<= shellinabox-github
......@@ -66,7 +69,7 @@ mode = 0644
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-runner-import.cfg.in
output = ${buildout:directory}/instance-runner-import.cfg
md5sum = a442695f6875ae0b65439c88db1644fb
md5sum = 6c0a0b0bf28cbcb63831a818edbd6a5d
mode = 0644
[template-runner-export-script]
......@@ -81,13 +84,13 @@ mode = 0644
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-runner-export.cfg.in
output = ${buildout:directory}/instance-runner-export.cfg
md5sum = 53be4bd07b2af826d9c80eea4185f7cb
md5sum = 994e355d713f90bcc17e4b54da65f354
mode = 0644
[template-resilient]
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/instance-resilient.cfg.jinja2
md5sum = 489cfdbe128c21ff5847f92d804fe460
md5sum = aa9a99235571729ab93360c4712efa12
filename = instance-resilient.cfg.jinja2
mode = 0644
......@@ -116,7 +119,7 @@ filename = httpd_conf.in
mode = 0644
[template_launcher]
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/launcher.in
md5sum = 525e37ea8b2acf6209869999b15071a6
filename = launcher.in
......@@ -187,7 +190,7 @@ filename = monitor-check-webrunner-internal-instances.py
mode = 0644
[eggs]
recipe = z3c.recipe.scripts
recipe = zc.recipe.egg
eggs =
collective.recipe.environment
cns.recipe.symlink
......
software/slaprunner/development.cfg
View file @ 94026302
......@@ -11,21 +11,12 @@ parts =
slapos.toolbox-dev
slapos.cookbook-dev
slapos.core-dev
# erp5.util-dev
# Good elements
template
eggs
instance-runner-import
instance-runner-export
slapos-cookbook
template-slapos-cfg
# XXX: we have to manually add this for resilience
rdiff-backup
collective.recipe.template-egg
${:common-parts}
[slapos.toolbox-repository]
recipe = slapos.recipe.build:gitclone
repository = https://lab.nexedi.cn/nexedi/slapos.toolbox.git
repository = https://lab.nexedi.com/nexedi/slapos.toolbox.git
branch = slaprunner-paas
git-executable = ${git:location}/bin/git
develop = true
......@@ -62,7 +53,7 @@ setup = ${erp5.util-repository:location}
[slapos.core-repository]
recipe = slapos.recipe.build:gitclone
repository = https://lab.nexedi.cn/nexedi/slapos.core.git
repository = https://lab.nexedi.com/nexedi/slapos.core.git
branch = master
git-executable = ${git:location}/bin/git
develop = true
......@@ -76,3 +67,5 @@ setup = ${slapos.core-repository:location}
slapos.cookbook =
slapos.core =
slapos.toolbox =
# XXX Fix lockfile 0.11.0 requirement (pbr!=0.7,<1.0,>=0.6)
lockfile = 0.10.2
software/slaprunner/instance-resilient.cfg.jinja2
View file @ 94026302
......@@ -22,7 +22,7 @@ offline = true
# += because we need to take up parts (like instance-custom, slapmonitor etc) from the profile we extended
parts +=
{{ parts.replicate("runner", number_of_instances + 1) }}
publish-connection-informations
publish-connection-information
{{ replicated.replicate("runner", number_of_instances + 1, "runner-export", "runner-import", slapparameter_dict=slapparameter_dict) }}
......@@ -30,7 +30,7 @@ parts +=
[request-runner]
return = url ssh-public-key ssh-url notification-id ip backend_url url ssh_command access_url 1_info 2_info monitor_url monitor_backend_url webdav_url public_url git_public_url git_private_url
[publish-connection-informations]
[publish-connection-information]
recipe = slapos.cookbook:publish
1_info = ${request-runner:connection-1_info}
2_info = ${request-runner:connection-2_info}
......
software/slaprunner/instance-runner-export.cfg.in
View file @ 94026302
......@@ -7,19 +7,17 @@ parts +=
nginx-launcher
certificate-authority
ca-nginx
ca-shellinabox
gunicorn-launcher
gunicorn-graceful
sshkeys-dropbear-runner
dropbear-server-add-authorized-key
sshkeys-authority
publish-connection-informations
publish-connection-information
slaprunner-promise
slaprunner-frontend-promise
slaprunner-supervisord-wrapper
dropbear-promise
runtestsuite
shellinabox-promise
symlinks
shellinabox
slapos-cfg
......@@ -71,7 +69,7 @@ context =
url = $${monitor-frontend:config-url}/$${deploy-index-template:filename}
# Extends publish section with resilient parameters
[publish-connection-informations]
[publish-connection-information]
<= resilient-publish-connection-parameter
[monitor-check-resilient-feed-file]
......
software/slaprunner/instance-runner-import.cfg.in
View file @ 94026302
......@@ -7,7 +7,6 @@ parts +=
nginx-launcher
certificate-authority
ca-nginx
ca-shellinabox
gunicorn-launcher
gunicorn-graceful
sshkeys-dropbear-runner
......@@ -17,7 +16,6 @@ parts +=
slaprunner-supervisord-wrapper
dropbear-promise
runtestsuite
shellinabox-promise
shellinabox
symlinks
slapos-cfg
......
software/slaprunner/software.cfg
View file @ 94026302
......@@ -9,46 +9,39 @@ extends = common.cfg
[versions]
Flask-Auth = 0.85
PyRSS2Gen = 1.1
apache-libcloud = 0.17.0
apache-libcloud = 0.18.0
cns.recipe.symlink = 0.2.3
collective.recipe.environment = 0.2.0
collective.recipe.template = 1.11
ecdsa = 0.13
erp5.util = 0.4.42
erp5.util = 0.4.43
gitdb = 0.6.4
gunicorn = 19.3.0
plone.recipe.command = 1.1
prettytable = 0.7.2
pycrypto = 2.6.1
slapos.recipe.download = 1.0.dev-r4053
slapos.recipe.template = 2.7
slapos.toolbox = 0.50
slapos.recipe.template = 2.8
slapos.toolbox = 0.52
smmap = 0.9.0
z3c.recipe.scripts = 1.0.1
# Required by:
# slapos.toolbox==0.50
GitPython = 0.3.5
# slapos.toolbox==0.52
GitPython = 1.0.1
# Required by:
# slapos.toolbox==0.50
# slapos.toolbox==0.52
atomize = 0.2.0
# Required by:
# apache-libcloud==0.17.0
backports.ssl-match-hostname = 3.4.0.2
# slapos.toolbox==0.52
feedparser = 5.2.1
# Required by:
# slapos.toolbox==0.50
feedparser = 5.1.3
# Required by:
# slapos.toolbox==0.50
# slapos.toolbox==0.52
lockfile = 0.10.2
# Required by:
# slapos.toolbox==0.50
paramiko = 1.15.2
# slapos.toolbox==0.52
paramiko = 1.15.3
# Required by:
# slapos.toolbox==0.50
# slapos.toolbox==0.52
rpdb = 0.1.5
software/test-slave-instance-deployment/software.cfg
View file @ 94026302
......@@ -69,7 +69,6 @@ download-cache =
# Generate list of automatically chosen eggs version
extensions +=
buildout-versions
mr.developer
# Separate from site eggs
allowed-eggs-from-site-packages =
......
software/unstable/MediaWiki/software.cfg
View file @ 94026302
......@@ -16,7 +16,7 @@ extends =
../../stack/lamp.cfg
[mediawiki-patch]
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/patch/mediawiki-1.17.0.config.patch
md5sum = fd606666ac9fc54cb84cda8cf08edef4
location = ${buildout:parts-directory}/${:_buildout_section_name_}
......@@ -62,7 +62,6 @@ meld3 = 0.6.7
plone.recipe.command = 1.1
slapos.cookbook = 0.34
slapos.recipe.build = 0.7
slapos.recipe.download = 1.0.dev-r4053
slapos.recipe.template = 2.2
slapos.toolbox = 0.10
......
software/unstable/b2evolution/software.cfg
View file @ 94026302
......@@ -47,7 +47,6 @@ meld3 = 0.6.7
plone.recipe.command = 1.1
slapos.cookbook = 0.34
slapos.recipe.build = 0.7
slapos.recipe.download = 1.0.dev-r4053
slapos.recipe.template = 2.2
slapos.toolbox = 0.10
......
software/unstable/cmsmadesimple/software.cfg
View file @ 94026302
......@@ -46,7 +46,6 @@ meld3 = 0.6.7
plone.recipe.command = 1.1
slapos.cookbook = 0.34
slapos.recipe.build = 0.7
slapos.recipe.download = 1.0.dev-r4053
slapos.recipe.template = 2.2
slapos.toolbox = 0.10
......
software/unstable/condor/software.cfg
View file @ 94026302
......@@ -27,7 +27,7 @@ md5sum = 42985a425369e4f93211cfaad21d8eb8
mode = 0644
[description-file]
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
mode = 0644
url = ${:_profile_base_location_}/template/submit
filename = submit
......@@ -35,7 +35,7 @@ location = ${buildout:parts-directory}/${:_buildout_section_name_}
md5sum = 8180d88348b89b55216f8dd4475a9eea
[executable]
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
mode = 0774
url = ${:_profile_base_location_}/template/simple
filename = simple
......@@ -60,7 +60,6 @@ pytz = 2013b
slapos.core = 0.35.1
slapos.recipe.build = 0.11.6
slapos.recipe.cmmi = 0.1.1
slapos.recipe.download = 1.0.dev-r4053
slapos.recipe.template = 2.4.2
xml-marshaller = 0.9.7
slapos.cookbook=0.78.1
......@@ -91,4 +90,4 @@ unittest2 = 0.5.1
# Required by:
# slapos.core==0.35.1
zope.interface = 4.0.5
\ No newline at end of file
zope.interface = 4.0.5
software/unstable/coppermine/software.cfg
View file @ 94026302
......@@ -18,7 +18,7 @@ url = http://freefr.dl.sourceforge.net/project/coppermine/Coppermine/1.5.x/cpg1.
md5sum = 76402aea7821aaaf67c571869373186e
[application-template]
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/template/coppermine.inc.php.in
md5sum = c97345b7f3c060b825e1925e2be3c2c1
filename = template.in
......@@ -57,7 +57,6 @@ meld3 = 0.6.7
plone.recipe.command = 1.1
slapos.cookbook = 0.34
slapos.recipe.build = 0.7
slapos.recipe.download = 1.0.dev-r4053
slapos.recipe.template = 2.2
slapos.toolbox = 0.10
......
software/unstable/dokuwiki/software.cfg
View file @ 94026302
......@@ -12,7 +12,7 @@ md5sum = a910ebb2fcca13c0337ed672304c4ad4
strip-top-level-dir = true
[application-template]
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/mysql.conf.php.in
md5sum = 11c6793aa8c5bf7151886d1670796a22
download-only = True
......
software/unstable/dotclear/software.cfg
View file @ 94026302
......@@ -18,7 +18,7 @@ url = http://download.dotclear.net/latest-2.0.tar.gz
md5sum = 4ca12cbd12228ceee0b7c0f697e1ff09
[application-template]
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/template/dotclear.inc.php.in
md5sum = c97345b7f3c060b825e1925e2be3c2c1
filename = template.in
......@@ -57,7 +57,6 @@ meld3 = 0.6.7
plone.recipe.command = 1.1
slapos.cookbook = 0.34
slapos.recipe.build = 0.7
slapos.recipe.download = 1.0.dev-r4053
slapos.recipe.template = 2.2
slapos.toolbox = 0.10
......
software/unstable/dotproject/software.cfg
View file @ 94026302
......@@ -18,7 +18,7 @@ url = http://downloads.sourceforge.net/project/dotproject/dotproject/dotProject%
md5sum = d283fad3fc541e7ffda07151efc64bf8
[application-template]
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/template/config.inc.php.in
md5sum = b78545a6928978c5990021ac68e26be0
filename = template.in
......@@ -57,7 +57,6 @@ meld3 = 0.6.7
plone.recipe.command = 1.1
slapos.cookbook = 0.34
slapos.recipe.build = 0.7
slapos.recipe.download = 1.0.dev-r4053
slapos.recipe.template = 2.2
slapos.toolbox = 0.10
......
software/unstable/drupal/software.cfg
View file @ 94026302
......@@ -24,7 +24,7 @@ recipe = cp.recipe.cmd
install_cmd = patch ${application:location}/modules/system/system.theme.css <${download-patch-hide-dbsetup:location}/${download-patch-hide-dbsetup:filename}
[application-template]
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/settings.php.in
md5sum = b0ef5548c3ac1de8ca56882e51e6eb6d
download-only = True
......
software/unstable/eSKUeL/software.cfg
View file @ 94026302
......@@ -46,7 +46,6 @@ meld3 = 0.6.7
plone.recipe.command = 1.1
slapos.cookbook = 0.34
slapos.recipe.build = 0.7
slapos.recipe.download = 1.0.dev-r4053
slapos.recipe.template = 2.2
slapos.toolbox = 0.10
......
software/unstable/ezpublish/software.cfg
View file @ 94026302
......@@ -46,7 +46,6 @@ meld3 = 0.6.7
plone.recipe.command = 1.1
slapos.cookbook = 0.34
slapos.recipe.build = 0.7
slapos.recipe.download = 1.0.dev-r4053
slapos.recipe.template = 2.2
slapos.toolbox = 0.10
......
software/unstable/fengoffice/software.cfg
View file @ 94026302
......@@ -11,7 +11,7 @@ md5sum = f3b15616e1111f0114b084cdaa0dc3cd
strip-top-level-dir = false
[application-template]
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/config-form.php.in
md5sum = a32f1c8b14b8de2ecae40e71f710f384
download-only = True
......
software/unstable/fluxbb/software.cfg
View file @ 94026302
......@@ -24,7 +24,7 @@ url = ${:_profile_base_location_}/configure-fluxbb.py
filename = configure-fluxbb.py
[application-template]
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/template/config.inc.php.in
filename = template.in
mode = 0644
......
software/unstable/gitrepo/software.cfg
View file @ 94026302
......@@ -69,6 +69,7 @@ eggs =
[ruby-gems]
recipe = rubygemsrecipe
url = https://rubygems.org/rubygems/rubygems-2.4.8.zip
ruby-executable = ${ruby:location}/bin/ruby
gems =
charlock_holmes==0.6.8
......
software/unstable/glpi/software.cfg
View file @ 94026302
......@@ -11,7 +11,7 @@ md5sum = 3f9cfb11c09c457a0f0a8fa1563b45a7
[application-template]
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/dummy-config.php.in
md5sum = d41d8cd98f00b204e9800998ecf8427e
download-only = True
......
software/unstable/hexaglobe-watermarking/common.cfg
View file @ 94026302
......@@ -29,7 +29,7 @@ eggs =
slapos.toolbox
[watermarkadmin.ini.in]
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/template/${:_buildout_section_name_}
md5sum = 2edc2acd102a465a0f21d8cd982ba4bf
download-only = true
......@@ -38,7 +38,7 @@ mode = 0644
location = ${buildout:parts-directory}/${:_buildout_section_name_}
[nginx.conf.in]
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/template/${:_buildout_section_name_}
md5sum = 7e41dfcb633ce52be42457ffd5b123d8
download-only = true
......
software/unstable/joomla/software.cfg
View file @ 94026302
......@@ -9,7 +9,7 @@ md5sum = 3aa7d7b58bfa4eec3c3724209894d14e
strip-top-level-dir = false
[application-template]
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/database.xml-in
md5sum = 6ae063318a251b70ae7d037e3ae375d6
download-only = True
......
software/unstable/lamp-generic/development.cfg
View file @ 94026302
......@@ -22,7 +22,7 @@ develop =
[slapos.toolbox-repository]
recipe = slapos.recipe.build:gitclone
repository = http://git.erp5.org/repos/slapos.toolbox.git
repository = https://lab.nexedi.com/nexedi/slapos.toolbox.git
branch = master
git-executable = ${git:location}/bin/git
......@@ -34,7 +34,7 @@ git-executable = ${git:location}/bin/git
[slapos.core-repository]
recipe = slapos.recipe.build:gitclone
repository = http://git.erp5.org/repos/slapos.core.git
repository = https://lab.nexedi.com/nexedi/slapos.core.git
branch = master
git-executable = ${git:location}/bin/git
......
software/unstable/lifetype/software.cfg
View file @ 94026302
......@@ -14,7 +14,7 @@ extends =
../../stack/lamp.cfg
[lifetype-patch]
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/lifetype_for_mysql5.patch
md5sum = c52bea61ea452b9f3caa82426a5819e5
location = ${buildout:parts-directory}/${:_buildout_section_name_}
......
software/unstable/maarch/development.cfg
View file @ 94026302
......@@ -28,7 +28,7 @@ develop =
[slapos.toolbox-repository]
recipe = slapos.recipe.build:gitclone
repository = http://git.erp5.org/repos/slapos.toolbox.git
repository = https://lab.nexedi.com/nexedi/slapos.toolbox.git
branch = master
git-executable = ${git:location}/bin/git
......@@ -40,13 +40,13 @@ git-executable = ${git:location}/bin/git
[slapos.core-repository]
recipe = slapos.recipe.build:gitclone
repository = http://git.erp5.org/repos/slapos.core.git
repository = https://lab.nexedi.com/nexedi/slapos.core.git
branch = master
git-executable = ${git:location}/bin/git
[slapos.recipe.maarch-repository]
recipe = slapos.recipe.build:gitclone
repository = http://git.erp5.org/repos/slapos.recipe.maarch.git
repository = https://lab.nexedi.com/nexedi/slapos.recipe.maarch.git
branch = master
git-executable = ${git:location}/bin/git
......
software/unstable/magento/software.cfg
View file @ 94026302
......@@ -45,7 +45,6 @@ meld3 = 0.6.7
plone.recipe.command = 1.1
slapos.cookbook = 0.34
slapos.recipe.build = 0.7
slapos.recipe.download = 1.0.dev-r4053
slapos.recipe.template = 2.2
slapos.toolbox = 0.10
......
software/unstable/net2ftp/software.cfg
View file @ 94026302
......@@ -20,7 +20,7 @@ md5sum = 5a2741b5881f3f229a788958dc6cdf10
extract-directory = files_to_upload
[configure-script]
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
location = ${buildout:parts-directory}/${:_buildout_section_name_}
url = ${:_profile_base_location_}/configure.py
md5sum = f7e1766468f7a8d51d311541164c3ff4
......@@ -28,7 +28,7 @@ filename = configure.py
mode = 0744
[application-template]
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/template/net2ftp.inc.php.in
md5sum = 5ad3b2b42affd83229f0666c480b90cb
filename = template.in
......@@ -70,7 +70,6 @@ meld3 = 0.6.7
plone.recipe.command = 1.1
slapos.cookbook = 0.34
slapos.recipe.build = 0.7
slapos.recipe.download = 1.0.dev-r4053
slapos.recipe.template = 2.2
slapos.toolbox = 0.10
......
software/unstable/openX/software.cfg
View file @ 94026302
......@@ -46,7 +46,6 @@ meld3 = 0.6.7
plone.recipe.command = 1.1
slapos.cookbook = 0.34
slapos.recipe.build = 0.7
slapos.recipe.download = 1.0.dev-r4053
slapos.recipe.template = 2.2
slapos.toolbox = 0.10
......
software/unstable/opengoo/software.cfg
View file @ 94026302
......@@ -11,7 +11,7 @@ md5sum = 79ddfc24f01bc843a8275463e63e96b0
strip-top-level-dir = true
[application-template]
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/config-form.php.in
md5sum = 5d6ee1a23e1a5e762412a4867095b9e1
download-only = True
......
software/unstable/os-commerce/software.cfg
View file @ 94026302
......@@ -47,7 +47,6 @@ meld3 = 0.6.7
plone.recipe.command = 1.1
slapos.cookbook = 0.34
slapos.recipe.build = 0.7
slapos.recipe.download = 1.0.dev-r4053
slapos.recipe.template = 2.2
slapos.toolbox = 0.10
......
software/unstable/phpbb/software.cfg
View file @ 94026302
......@@ -49,7 +49,6 @@ meld3 = 0.6.7
plone.recipe.command = 1.1
slapos.cookbook = 0.34
slapos.recipe.build = 0.7
slapos.recipe.download = 1.0.dev-r4053
slapos.recipe.template = 2.2
slapos.toolbox = 0.10
......
software/unstable/phpbms/software.cfg
View file @ 94026302
......@@ -14,7 +14,7 @@ extends =
../../stack/lamp.cfg
[phpbms-patch]
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/phpbms_for_mysql5.patch
md5sum = ddf323ac00e9e486cea8b8cc4277e065
location = ${buildout:parts-directory}/${:_buildout_section_name_}
......@@ -32,7 +32,7 @@ on_update = true
cmds= patch -d ${application:location} -p1 < ${phpbms-patch:location}/${phpbms-patch:filename}
[application-template]
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/template/settings.php.in
filename = template.in
mode = 0644
......
software/unstable/phpfin/software.cfg
View file @ 94026302
......@@ -25,7 +25,7 @@ filename = configure-phpfin.py
download-only = True
[application-template]
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/template/connection.inc.in
#md5sum = Student may put here md5sum of this file, this is good idea
download-only = True
......
software/unstable/phpip/software.cfg
View file @ 94026302
......@@ -17,7 +17,7 @@ url = http://flomoto.free.fr/phpip/phpip_11-05-11.tar.gz
md5sum = 94fe615f61fbb5ef0fcbf60a44ac5093
[application-template]
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/template/database.php.in
#md5sum = Student may put here md5sum of this file, this is good idea
download-only = True
......
software/unstable/phpmyadmin/software.cfg
View file @ 94026302
......@@ -25,7 +25,7 @@ url = http://downloads.sourceforge.net/project/phpmyadmin/phpMyAdmin/3.3.10/phpM
md5sum = cb7a632fb4f10a180ead15f7f90087f1
[application-template]
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/phpmyadmin.inc.php.in
md5sum = caab45c34c75661c214f4628ff545bb4
filename = template.in
......@@ -57,7 +57,6 @@ meld3 = 0.6.7
plone.recipe.command = 1.1
slapos.cookbook = 0.34
slapos.recipe.build = 0.7
slapos.recipe.download = 1.0.dev-r4053
slapos.recipe.template = 2.2
slapos.toolbox = 0.10
......
software/unstable/phpnuke/software.cfg
View file @ 94026302
......@@ -19,7 +19,7 @@ md5sum = d448586c651c811a137280b435c4e05c
extract-directory = html
[application-template]
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/template/phpnuke.inc.php.in
#md5sum = Student may put here md5sum of this file, this is good idea
filename = template.in
......@@ -58,7 +58,6 @@ meld3 = 0.6.7
plone.recipe.command = 1.1
slapos.cookbook = 0.34
slapos.recipe.build = 0.7
slapos.recipe.download = 1.0.dev-r4053
slapos.recipe.template = 2.2
slapos.toolbox = 0.10
......
software/unstable/pimcore/software.cfg
View file @ 94026302
......@@ -46,7 +46,6 @@ meld3 = 0.6.7
plone.recipe.command = 1.1
slapos.cookbook = 0.34
slapos.recipe.build = 0.7
slapos.recipe.download = 1.0.dev-r4053
slapos.recipe.template = 2.2
slapos.toolbox = 0.10
......
software/unstable/piwigo/software.cfg
View file @ 94026302
......@@ -18,7 +18,7 @@ url = http://piwigo.org/download/dlcounter.php?code=latest
md5sum = 13870130dcdda90bf2d2e3c20a49b04f
[application-template]
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/template/piwigo.inc.php.in
md5sum = 8ca6d1408b468c6836cd0edaf02688e5
download-only = True
......@@ -58,7 +58,6 @@ meld3 = 0.6.7
plone.recipe.command = 1.1
slapos.cookbook = 0.34
slapos.recipe.build = 0.7
slapos.recipe.download = 1.0.dev-r4053
slapos.recipe.template = 2.2
slapos.toolbox = 0.10
......
software/unstable/piwik/software.cfg
View file @ 94026302
......@@ -48,7 +48,6 @@ meld3 = 0.6.7
plone.recipe.command = 1.1
slapos.cookbook = 0.34
slapos.recipe.build = 0.7
slapos.recipe.download = 1.0.dev-r4053
slapos.recipe.template = 2.2
slapos.toolbox = 0.10
......
software/unstable/pixelpost/software.cfg
View file @ 94026302
......@@ -14,7 +14,7 @@ extends =
../../stack/lamp.cfg
[pixelpost-patch]
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/pixelpost_for_mysql5.patch
md5sum = 100883ebbe4973883a710996b91f5d23
location = ${buildout:parts-directory}/${:_buildout_section_name_}
......
software/unstable/prestashop/software.cfg
View file @ 94026302
......@@ -49,7 +49,6 @@ meld3 = 0.6.7
plone.recipe.command = 1.1
slapos.cookbook = 0.34
slapos.recipe.build = 0.7
slapos.recipe.download = 1.0.dev-r4053
slapos.recipe.template = 2.2
slapos.toolbox = 0.10
......
software/unstable/proactive/software.cfg
View file @ 94026302
......@@ -23,7 +23,7 @@ url = http://www-sop.inria.fr/oasis/amedro/public/PABundle.tar.gz
#md5sum = 776f78e9058d4b5dc86351bf45305c45
#[java-download]
#recipe = slapos.recipe.download
#recipe = slapos.recipe.build:download
## 64bit self extracting
##url = http://javadl.sun.com/webapps/download/AutoDL?BundleId=43875
##md5sum = e4143387e31838a51df76774d102f49a
......
software/unstable/punbb/software.cfg
View file @ 94026302
......@@ -18,7 +18,7 @@ url = http://punbb.informer.com/download/punbb-1.3.6.tar.gz
md5sum = 7bb3f570cb6a61f8c3e3e25e750fd29d
[application-template]
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/template/punbb.inc.php.in
#md5sum = Student may put here md5sum of this file, this is good idea
filename = template.in
......@@ -57,7 +57,6 @@ meld3 = 0.6.7
plone.recipe.command = 1.1
slapos.cookbook = 0.34
slapos.recipe.build = 0.7
slapos.recipe.download = 1.0.dev-r4053
slapos.recipe.template = 2.2
slapos.toolbox = 0.10
......
software/unstable/simpleMachineForum/software.cfg
View file @ 94026302
......@@ -47,7 +47,6 @@ meld3 = 0.6.7
plone.recipe.command = 1.1
slapos.cookbook = 0.34
slapos.recipe.build = 0.7
slapos.recipe.download = 1.0.dev-r4053
slapos.recipe.template = 2.2
slapos.toolbox = 0.10
......
software/unstable/spip/software.cfg
View file @ 94026302
......@@ -46,7 +46,6 @@ meld3 = 0.6.7
plone.recipe.command = 1.1
slapos.cookbook = 0.34
slapos.recipe.build = 0.7
slapos.recipe.download = 1.0.dev-r4053
slapos.recipe.template = 2.2
slapos.toolbox = 0.10
......
software/unstable/statusnet/software.cfg
View file @ 94026302
......@@ -46,7 +46,6 @@ meld3 = 0.6.7
plone.recipe.command = 1.1
slapos.cookbook = 0.34
slapos.recipe.build = 0.7
slapos.recipe.download = 1.0.dev-r4053
slapos.recipe.template = 2.2
slapos.toolbox = 0.10
......
software/unstable/sugar-crm/software.cfg
View file @ 94026302
......@@ -46,7 +46,6 @@ meld3 = 0.6.7
plone.recipe.command = 1.1
slapos.cookbook = 0.34
slapos.recipe.build = 0.7
slapos.recipe.download = 1.0.dev-r4053
slapos.recipe.template = 2.2
slapos.toolbox = 0.10
......
software/unstable/tiki/software.cfg
View file @ 94026302
......@@ -46,7 +46,6 @@ meld3 = 0.6.7
plone.recipe.command = 1.1
slapos.cookbook = 0.34
slapos.recipe.build = 0.7
slapos.recipe.download = 1.0.dev-r4053
slapos.recipe.template = 2.2
slapos.toolbox = 0.10
......
software/unstable/trac-svn/software.cfg
View file @ 94026302
......@@ -95,7 +95,7 @@ md5sum = 4ea69039e41ff45bffe8f2620bdf187c
mode = 0644
[template-download]
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/templates/${:filename}
mode = 0644
location = ${buildout:parts-directory}/${:_buildout_section_name_}
......@@ -178,7 +178,6 @@ docutils = 0.10
gitdb = 0.5.4
plone.recipe.command = 1.1
pycrypto = 2.6
slapos.recipe.download = 1.0.dev-r4053
slapos.recipe.template = 2.4.2
slapos.toolbox = 0.34.0
smmap = 0.8.2
......
software/unstable/tt-rss/development.cfg
View file @ 94026302
......@@ -25,7 +25,7 @@ develop =
[slapos.toolbox-repository]
recipe = slapos.recipe.build:gitclone
repository = http://git.erp5.org/repos/slapos.toolbox.git
repository = https://lab.nexedi.com/nexedi/slapos.toolbox.git
branch = master
git-executable = ${git:location}/bin/git
......@@ -37,7 +37,7 @@ git-executable = ${git:location}/bin/git
[slapos.core-repository]
recipe = slapos.recipe.build:gitclone
repository = http://git.erp5.org/repos/slapos.core.git
repository = https://lab.nexedi.com/nexedi/slapos.core.git
branch = master
git-executable = ${git:location}/bin/git
......
software/unstable/tt-rss/software.cfg
View file @ 94026302
......@@ -12,7 +12,7 @@ md5sum = efd7eec1629db379896fb7e74bba400e
strip-top-level-dir = true
[application-template]
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/template/config.php.in
#md5sum = Student may put here md5sum of this file, this is good idea
filename = template.in
......@@ -24,7 +24,7 @@ location = config.php
[sql-script]
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
location = ${buildout:parts-directory}/${:_buildout_section_name_}
url = ${:_profile_base_location_}/script/tt-rss.sql
#md5sum = c4d5f87d8f02cad3f20e679160195f48
......@@ -33,7 +33,7 @@ mode = 0744
# XXX Should disappear and be integrated into apachephpconfigure
[configure-script]
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
location = ${buildout:parts-directory}/${:_buildout_section_name_}
url = ${:_profile_base_location_}/configure-tt-rss.py
#md5sum = c4d5f87d8f02cad3f20e679160195f48
......
software/unstable/vifib/software.cfg
View file @ 94026302
......@@ -37,7 +37,7 @@ branch = interaction-drop
[vifib]
<= erp5
branch = master
repository = http://git.erp5.org/repos/slapos.core.git
repository = https://lab.nexedi.com/nexedi/slapos.core.git
revision =
[local-bt5-repository]
......
software/unstable/xellplan/software.cfg
View file @ 94026302
......@@ -17,7 +17,7 @@ url = http://sunet.dl.sourceforge.net/project/xellplan/xellplan/xellplan-1.3/xel
md5sum = 37880217917367eb2d4a0a33c4a7fb65
[application-template]
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/template/sfx.php.in
filename = template.in
mode = 0644
......
software/unstable/xoops/software.cfg
View file @ 94026302
......@@ -47,7 +47,6 @@ meld3 = 0.6.7
plone.recipe.command = 1.1
slapos.cookbook = 0.34
slapos.recipe.build = 0.7
slapos.recipe.download = 1.0.dev-r4053
slapos.recipe.template = 2.2
slapos.toolbox = 0.10
......
software/unstable/zencart/software.cfg
View file @ 94026302
......@@ -21,7 +21,7 @@ md5sum = e0a5fb39078321ced7f5a9c193f30927
strip-top-level-dir = true
[configure-script]
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
location = ${buildout:parts-directory}/${:_buildout_section_name_}
url = ${:_profile_base_location_}/configure.py
filename = configure.py
......@@ -59,7 +59,6 @@ meld3 = 0.6.7
plone.recipe.command = 1.1
slapos.cookbook = 0.34
slapos.recipe.build = 0.7
slapos.recipe.download = 1.0.dev-r4053
slapos.recipe.template = 2.2
slapos.toolbox = 0.10
......
software/unstable/zikula/software.cfg
View file @ 94026302
......@@ -18,7 +18,7 @@ url = http://ci.zikula.org/job/Zikula-1.2.8/17/artifact/build/archive/Zikula-1.2
md5sum = bc453d665605f954f1497586ccd6d267
[configure-script]
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
location = ${buildout:parts-directory}/${:_buildout_section_name_}
url = ${:_profile_base_location_}/configure-zikula.py
md5sum = c4d5f87d8f02cad3f20e679160195f48
......
software/unstable/zimbra-kvm/development.cfg
View file @ 94026302
......@@ -20,7 +20,7 @@ git-executable = ${git:location}/bin/git
[slapos.toolbox-repository]
recipe = slapos.recipe.build:gitclone
repository = http://git.erp5.org/repos/slapos.toolbox.git
repository = https://lab.nexedi.com/nexedi/slapos.toolbox.git
branch = master
git-executable = ${git:location}/bin/git
......
software/wendelin/software-dev.cfg
View file @ 94026302
......@@ -7,7 +7,7 @@ parts -= wendelin.core
parts += wendelin.core-dev
# also tell erp5 to use -dev eggs instead of released ones
[eggs]
# tell erp5 to use -dev eggs instead of released ones
eggs -= ${wendelin.core:egg}
eggs += ${wendelin.core-dev:egg}
software/wendelin/software.cfg
View file @ 94026302
......@@ -47,7 +47,7 @@ bt5_list = erp5_full_text_myisam_catalog erp5_configurator_standard erp5_configu
[wendelin]
<= erp5
repository = https://lab.nexedi.cn/nexedi/wendelin.git
repository = https://lab.nexedi.com/nexedi/wendelin.git
branch = master
[versions]
......@@ -56,6 +56,6 @@ scipy = 0.15.1
pandas = 0.16.1
msgpack-python = 0.4.6
numpy = 1.9.2
wendelin.core = 0.3
wendelin.core = 0.5
ipython = 3.2.0
matplotlib = 1.4.3
software/wordpress/development.cfg
View file @ 94026302
......@@ -26,7 +26,7 @@ develop =
[slapos.toolbox-repository]
recipe = slapos.recipe.build:gitclone
repository = http://git.erp5.org/repos/slapos.toolbox.git
repository = https://lab.nexedi.com/nexedi/slapos.toolbox.git
branch = master
git-executable = ${git:location}/bin/git
......@@ -38,7 +38,7 @@ git-executable = ${git:location}/bin/git
[slapos.core-repository]
recipe = slapos.recipe.build:gitclone
repository = http://git.erp5.org/repos/slapos.core.git
repository = https://lab.nexedi.com/nexedi/slapos.core.git
branch = master
git-executable = ${git:location}/bin/git
......
software/wordpress/software.cfg
View file @ 94026302
......@@ -7,7 +7,7 @@ url = http://wordpress.org/wordpress-3.5.1.tar.gz
md5sum = 409889c98b13cbdbb9fd121df859ae3e
[application-template]
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/wp-config.php.in
md5sum = 0d62b28125ca3c780db0b547199953f2
download-only = True
......
stack/boinc/buildout.cfg
View file @ 94026302
......@@ -46,7 +46,7 @@ output = ${buildout:directory}/template-mariadb.cfg
mode = 0644
[template-httpd-conf]
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/template/${:filename}
mode = 0644
filename = apache.in
......@@ -69,7 +69,6 @@ apache-libcloud = 0.12.4
async = 0.6.1
gitdb = 0.5.4
plone.recipe.command = 1.1
slapos.recipe.download = 1.0.dev-r4053
slapos.recipe.template = 2.4.2
slapos.toolbox = 0.40.4
smmap = 0.8.2
......@@ -88,4 +87,4 @@ feedparser = 5.1.3
# Required by:
# slapos.toolbox==0.40.2
paramiko = 1.15.2
paramiko = 1.15.3
stack/cloudooo.cfg
View file @ 94026302
[buildout]
find-links +=
http://www.owlfish.com/software/wsgiutils/download.html
# Separate from site eggs
allowed-eggs-from-site-packages =
include-site-packages = false
......@@ -80,7 +77,7 @@ PasteScript = 2.0.2
WSGIUtils = 0.7
python-magic = 0.4.6
rdiff-backup = 1.0.5
slapos.recipe.template = 2.7
slapos.recipe.template = 2.8
# Required by:
# PasteScript==2.0
......@@ -89,4 +86,4 @@ PasteDeploy = 1.5.2
# Required by:
# cloudooo==1.2.5.dev0
erp5.util = 0.4.42
erp5.util = 0.4.43
stack/erp5/TODO 0 → 100644
View file @ 94026302
(in no special order)
General:
- ipv6 support (besides frontend-backend apache connection)
requires important changes at ERP5 level
- resilience
- make mariadb user accounts accept connections only from relevant IPs
or make x509 mandatory (needs ZMySQLD*A support)
- make postfix log inside partition
- document postfix parameters (only once it actually works)
Monitoring:
- daily slow-query digest
make percona toolkit available in mysql instance and decide how to send digest
- daily apachedex
Backups:
- flush binlogs independently from full backups (in addition to anyway flushing them on full backup creation)
- rotate tidstorage consistency points
- make mysql backup path an instance parameter
- make srv/backup/zodb the default value for a parameter (zodb{ 'backup_root': ...} or so) to have a single value to modify to relocate zodb backups of a partition
- make srv/backup/logrotate customisable (per partition, otherwise files will overwrite each other)
stack/erp5/apache.conf.in 0 → 100644
View file @ 94026302
LoadModule unixd_module modules/mod_unixd.so
LoadModule access_compat_module modules/mod_access_compat.so
LoadModule authz_core_module modules/mod_authz_core.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule version_module modules/mod_version.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
LoadModule ssl_module modules/mod_ssl.so
LoadModule mime_module modules/mod_mime.so
LoadModule dav_module modules/mod_dav.so
LoadModule dav_fs_module modules/mod_dav_fs.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule headers_module modules/mod_headers.so
LoadModule deflate_module modules/mod_deflate.so
LoadModule filter_module modules/mod_filter.so
AddOutputFilterByType DEFLATE text/cache-manifest text/html text/plain text/css application/hal+json application/json application/x-javascript text/xml application/xml application/rss+xml text/javascript image/svg+xml
PidFile "{{ parameter_dict['pid-file'] }}"
ServerAdmin admin@
TypesConfig conf/mime.types
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
ServerTokens Prod
ServerSignature Off
TraceEnable Off
TimeOut {{ parameter_dict['timeout'] }}
SSLCertificateFile {{ parameter_dict['cert'] }}
SSLCertificateKeyFile {{ parameter_dict['key'] }}
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
SSLProtocol All -SSLv2
#SSLHonorCipherOrder on
{% if parameter_dict['cipher'] -%}
SSLCipherSuite {{ parameter_dict['cipher'] }}
{%- endif %}
SSLSessionCache shmcb:{{ parameter_dict['ssl-session-cache'] }}(512000)
SSLProxyEngine On
# As backend is trusting REMOTE_USER header unset it always
RequestHeader unset REMOTE_USER
{% if parameter_dict['ca-cert'] -%}
SSLVerifyClient require
RequestHeader set REMOTE_USER %{SSL_CLIENT_S_DN_CN}s
SSLCACertificateFile {{ parameter_dict['ca-cert'] }}
SSLCARevocationCheck chain
SSLCARevocationFile {{ parameter_dict['crl'] }}
{%- endif %}
ErrorLog "{{ parameter_dict['error-log'] }}"
# Default apache log format with request time in microsecond at the end
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %D" combined
CustomLog "{{ parameter_dict['access-log'] }}" combined
<Directory />
Options FollowSymLinks
AllowOverride None
Allow from all
</Directory>
RewriteEngine On
{% for port, _, backend in parameter_dict['backend-list'] -%}
{% for ip in parameter_dict['ip-list'] -%}
Listen {{ ip }}:{{ port }}
{% endfor -%}
<VirtualHost *:{{ port }}>
SSLEngine on
RewriteRule ^/(.*) {{ backend }}/$1 [L,P]
</VirtualHost>
{% endfor -%}
stack/erp5/buildout.cfg
View file @ 94026302
[buildout]
find-links +=
http://www.owlfish.com/software/wsgiutils/download.html
extends =
# Exact version of Zope
https://raw.github.com/zopefoundation/Zope/2.13.22/versions.cfg
../../stack/slapos.cfg
../../component/logrotate/buildout.cfg
../../component/cups/buildout.cfg
../../component/dbus/buildout.cfg
../../component/dcron/buildout.cfg
../../component/file/buildout.cfg
../../component/fonts/buildout.cfg
../../component/ghostscript/buildout.cfg
......@@ -27,28 +21,21 @@ extends =
../../component/libffi/buildout.cfg
../../component/libpng/buildout.cfg
../../component/libreoffice-bin/buildout.cfg
../../component/lxml-python/buildout.cfg
../../component/mesa/buildout.cfg
../../component/numpy/buildout.cfg
../../component/percona-toolkit/buildout.cfg
../../component/mariadb/buildout.cfg
../../component/mysql-python/buildout.cfg
../../component/patch/buildout.cfg
../../component/pillow/buildout.cfg
../../component/pycrypto-python/buildout.cfg
../../component/pysvn-python/buildout.cfg
../../component/python-2.7/buildout.cfg
../../component/python-ldap-python/buildout.cfg
../../component/rdiff-backup/buildout.cfg
../../component/stunnel/buildout.cfg
../../component/subversion/buildout.cfg
../../component/tesseract/buildout.cfg
../../component/varnish/buildout.cfg
../../component/w3-validator/buildout.cfg
../../component/w3m/buildout.cfg
../../component/xorg/buildout.cfg
../../component/poppler/buildout.cfg
../../component/xtrabackup/buildout.cfg
../../component/zabbix/buildout.cfg
../../component/sed/buildout.cfg
../../component/coreutils/buildout.cfg
......@@ -58,8 +45,14 @@ extends =
../../component/aspell/buildout.cfg
../../component/cloudooo/buildout.cfg
../../component/jsl/buildout.cfg
../../component/6tunnel/buildout.cfg
../../component/findutils/buildout.cfg
../../component/userhosts/buildout.cfg
../../component/postfix/buildout.cfg
../../software/neoppod/software-common.cfg
# keep neoppod extends last
parts =
parts +=
erp5-util-develop
slapos-cookbook-develop
slapos-cookbook
......@@ -74,12 +67,10 @@ parts =
haproxy
jsl
stunnel
varnish-3.0
w3m
poppler
libpng
ghostscript
mariadb
mroonga-mariadb
imagemagick
inkscape
......@@ -94,9 +85,10 @@ parts =
perl-DBI
percona-toolkit
zabbix-agent
dcron
dash
wget
userhosts
postfix
# Buildoutish
eggs
......@@ -126,108 +118,139 @@ parts =
genbt5list
# some additional utils
slapos-toolbox
zodbanalyze
# Create instance template
template
[template-jinja2-base]
recipe = slapos.recipe.template:jinja2
mode = 640
template = ${:_profile_base_location_}/${:filename}.in
rendered = ${buildout:directory}/${:filename}
# XXX: extra-context is needed because we cannot append to a key of an extended
# section.
extra-context =
context =
key bin_directory buildout:bin-directory
key develop_eggs_directory buildout:develop-eggs-directory
key eggs_directory buildout:eggs-directory
key slapos_core_version versions:slapos.core
${:extra-context}
[download-base]
<= download-base-neo
url = ${:_profile_base_location_}/${:filename}
[check-recipe]
recipe = plone.recipe.command
stop-on-error = true
update-command = ${:command}
command = grep parts ${buildout:develop-eggs-directory}/slapos.cookbook.egg-link
[mariadb-resiliency-after-import-script]
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/template/instance-mariadb-resiliency-after-import-script.sh.in
md5sum = a9851920bb22ae58c2eb9dc3e955250c
md5sum = b32d9ee1cb85f85d8d2f2b58f58459f1
mode = 755
[template-mariadb]
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/instance-mariadb.cfg.in
md5sum = a5f9888bd882331c35d48f05e468a0a2
mode = 640
[template-zope]
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/instance-zope.cfg.in
md5sum = ddf63b8dac634df63133c24f36df1050
mode = 640
<= download-base
filename = instance-mariadb.cfg.in
md5sum = fbc39d333bf70894f6f9d094515a2a4a
link-binary =
${coreutils:location}/bin/basename
${coreutils:location}/bin/cat
${coreutils:location}/bin/cp
${coreutils:location}/bin/ls
${coreutils:location}/bin/tr
${coreutils:location}/bin/uname
${gettext:location}/lib/gettext/hostname
${grep:location}/bin/grep
${sed:location}/bin/sed
${mariadb:location}/bin/mysqlbinlog
[template-kumofs]
< = template-jinja2-base
filename = instance-kumofs.cfg
md5sum = 627369560a030b006dbdd8f10ff6694a
extra-context =
key dash_location dash:location
key dcron_location dcron:location
key gzip_location gzip:location
key kumo_location kumo:location
key logrotate_location logrotate:location
[template-tidstorage]
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/instance-tidstorage.cfg.in
md5sum = 20ee9db93c57425319cd4b385d327d39
mode = 640
<= download-base
filename = instance-kumofs.cfg.in
md5sum = 763db0c4a94649296e74fe1f53c03940
[template-cloudooo]
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/instance-cloudoo.cfg.in
md5sum = 79eb68a9c5073535e8a98897385828a8
mode = 640
<= download-base
filename = instance-cloudoo.cfg.in
md5sum = 1b515056c5892a86d4ece252ad114a97
[template-zope-conf]
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/zope.conf.in
md5sum = bc2154161a1d5baddc4ed4dfaaf94fbe
mode = 640
<= download-base
filename = zope.conf.in
md5sum = 0bf51218ecbf2bd319214192448a3ef7
[template-runzope-userhosts-preloaded]
<= download-base
filename = runzope_userhosts_preloaded.in
md5sum = bc6048b85b410693e60e5a77399dd1b7
[template-my-cnf]
<= download-base
filename = my.cnf.in
md5sum = dd779e54d22105702aa72cadc994d957
[template-mariadb-initial-setup]
<= download-base
filename = mariadb_initial_setup.sql.in
md5sum = 6465212fdc7fe9076a0c929d9f14da14
[template-create-erp5-site]
<= download-base
filename = instance-create-erp5-site.cfg.in
md5sum = 71cef1d06065951ab4cf43eb13f311a3
[template-create-erp5-site-real]
<= download-base
filename = instance-create-erp5-site-real.cfg.in
md5sum = 79f789360e71146486c82a7a10834bae
[template-postfix]
< = download-base
filename = instance-postfix.cfg.in
md5sum = 90a017581116f14014a039d38ef36ffd
[template-postfix-master-cf]
< = download-base
filename = postfix_master.cf.in
md5sum = 9ac81647368068a1a98a785d08074b43
[template-postfix-main-cf]
< = download-base
filename = postfix_main.cf.in
md5sum = d51897728755e14d8005344608098009
[template-postfix-aliases]
< = download-base
filename = postfix_aliases.in
md5sum = 0969fbb25b05c02ef3c2d437b2f4e1a0
[template]
< = template-jinja2-base
recipe = slapos.recipe.template:jinja2
# XXX: "template.cfg" is hardcoded in instanciation recipe
filename = template.cfg
rendered = ${buildout:directory}/template.cfg
template = ${:_profile_base_location_}/instance.cfg.in
md5sum = 38d87bbb2b8193eb588b05ae6b8bbb3d
extra-context =
md5sum = 540956c635acc9707045510c11f80016
mode = 640
context =
key mariadb_link_binary template-mariadb:link-binary
key zope_link_binary template-zope:link-binary
key apache_location apache:location
key aspell_location aspell:location
key bin_directory buildout:bin-directory
key buildout_bin_directory buildout:bin-directory
key cairo_location cairo:location
key coreutils_location coreutils:location
key cups_location cups:location
key curl_location curl:location
key cyrus_sasl_location cyrus-sasl:location
key dash_location dash:location
key dbus_glib_location dbus-glib:location
key dbus_location dbus:location
key dcron_location dcron:location
key dmtx_utils_location dmtx-utils:location
key erp5_location erp5:location
key file_location file:location
key findutils_location findutils:location
key fontconfig_location fontconfig:location
key fonts_location fonts:location
key freetype_location freetype:location
key gettext_location gettext:location
key git_location git:location
key glib_location glib:location
key glu_location glu:location
key graphviz_location graphviz:location
key grep_location grep:location
key gzip_location gzip:location
key haproxy_location haproxy:location
key imagemagick_location imagemagick:location
key instance_common_cfg instance-common:rendered
key jsl_location jsl:location
key kumo_location kumo:location
key libICE_location libICE:location
key libSM_location libSM:location
key libX11_location libX11:location
......@@ -242,64 +265,100 @@ extra-context =
key librsvg_location librsvg:location
key libxcb_location libxcb:location
key local_bt5_repository local-bt5-repository:list
key bt5_list local-bt5-repository:bt5_list
key logrotate_location logrotate:location
key mariadb_location mariadb:location
key mariadb_resiliency_after_import_script mariadb-resiliency-after-import-script:target
key mesa_location mesa:location
key openssl_location openssl:location
key perl_location perl:location
key perl_siteprefix perl:siteprefix
key poppler_location poppler:location
key sed_location sed:location
key pixman_location pixman:location
key postfix_location postfix:location
key root_common root-common:target
key sixtunnel_location 6tunnel:location
key slapos_core_version versions:slapos.core
key stunnel_location stunnel:location
key template_apache_conf template-apache-conf:target
key template_balancer template-balancer:target
key template_cloudooo template-cloudooo:target
key template_erp5_cluster template-erp5-cluster:target
key template_erp5_single template-erp5-single:target
key template_kumofs template-kumofs:rendered
key template_create_erp5_site template-create-erp5-site:target
key template_create_erp5_site_real template-create-erp5-site-real:target
key template_erp5 template-erp5:target
key template_haproxy_cfg template-haproxy-cfg:target
key template_kumofs template-kumofs:target
key template_mariadb template-mariadb:target
key template_memcached template-memcached:rendered
key template_tidstorage template-tidstorage:target
key template_varnish template-varnish:target
key template_mariadb_initial_setup template-mariadb-initial-setup:target
key template_monitor monitor-template:rendered
key template_my_cnf template-my-cnf:target
key template_postfix template-postfix:target
key template_postfix_aliases template-postfix-aliases:target
key template_postfix_main_cf template-postfix-main-cf:target
key template_postfix_master_cf template-postfix-master-cf:target
key template_runzope_userhosts_preloaded template-runzope-userhosts-preloaded:target
key template_zeo template-zeo:target
key template_zope template-zope:target
key template_zope_conf template-zope-conf:target
key tesseract_location tesseract:location
key varnish_location varnish-3.0:location
key w3m_location w3m:location
key userhosts_location userhosts:location
key wget_location wget:location
key xdamage_location xdamage:location
key xfixes_location xfixes:location
key xtrabackup_location xtrabackup:location
key zlib_location zlib:location
[template-memcached]
< = template-jinja2-base
filename = instance-memcached.cfg
md5sum = de63a79e6812854c44e961f5ac3b465d
extra-context =
key dash_location dash:location
key dcron_location dcron:location
key gzip_location gzip:location
key kumo_location kumo:location
key logrotate_location logrotate:location
[monitor-template-dummy]
<= download-base
# This is a placeholder, to be overriden by extending monitor SR
filename = dummy.cfg
md5sum = d41d8cd98f00b204e9800998ecf8427e
[template-erp5-single]
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/instance-erp5-single.cfg.in
md5sum = 6dd76b8543347a11ebddcdc16dd98dd9
mode = 640
[monitor-template]
rendered = ${monitor-template-dummy:target}
[template-erp5-cluster]
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/instance-erp5-cluster.cfg.in
md5sum = 5080559723859b40a390d700431ffedd
mode = 640
[template-erp5]
<= download-base
filename = instance-erp5.cfg.in
md5sum = 78c2db733e72c4197a90e8be1ff15098
[template-varnish]
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/instance-varnish.cfg.in
md5sum = 98158d0b349e3579a20ab520dfa9ebb7
mode = 640
[template-zeo]
<= download-base
filename = instance-zeo.cfg.in
md5sum = 985c0010db6b553a89dbdb31353c56f5
[template-zope]
<= download-base
filename = instance-zope.cfg.in
md5sum = 0cd033da89a79c5b26dc0342ea57d5f7
link-binary =
${aspell:location}/bin/aspell
${dmtx-utils:location}/bin/dmtxwrite
${git:location}/bin/git
${graphviz:location}/bin/dot
${grep:location}/bin/grep
${imagemagick:location}/bin/convert
${imagemagick:location}/bin/identify
${jsl:location}/bin/jsl
${librsvg:location}/bin/rsvg-convert
${mariadb:location}/bin/mysql
${mariadb:location}/bin/mysqldump
${openssl:location}/bin/openssl
${poppler:location}/bin/pdfinfo
${poppler:location}/bin/pdftohtml
${poppler:location}/bin/pdftotext
${sed:location}/bin/sed
${tesseract:location}/bin/tesseract
${w3m:location}/bin/w3m
[template-balancer]
<= download-base
filename = instance-balancer.cfg.in
md5sum = 28c04f599cdbdfa97f2a67156f4f6b67
[template-apache-conf]
<= download-base
filename = apache.conf.in
md5sum = 713b22938d7212c8506449bc0508452b
[template-haproxy-cfg]
<= download-base
filename = haproxy.cfg.in
md5sum = 7f13123698afe017dfcde9de6beea0f5
[bt5-repository]
# Format:
......@@ -313,7 +372,6 @@ list = ${local-bt5-repository:list}
# Same as bt5-repository, but only local repository.
# Used to generate bt5lists.
list = ${erp5:location}/bt5 ${erp5:location}/product/ERP5/bootstrap
bt5_list = erp5_full_text_myisam_catalog erp5_configurator_standard erp5_configurator_maxma_demo erp5_configurator_ung erp5_configurator_run_my_doc erp5_configurator_ebusiness_lotse
[genbt5list]
recipe = plone.recipe.command
......@@ -390,7 +448,7 @@ initialization =
sys.path[0:0] = ['/'.join(['''${buildout:parts-directory}''', x]) for x in repository_id_list]
[eggs]
recipe = zc.recipe.egg
<= neoppod
eggs =
${numpy:egg}
${mysql-python:egg}
......@@ -400,6 +458,7 @@ eggs =
${pysvn-python:egg}
${pycrypto-python:egg}
lock_file
PyStemmer
PyXML
Pympler
SOAPpy
......@@ -414,6 +473,7 @@ eggs =
Jinja2
jsonschema
mechanize
objgraph
paramiko
ply
pyflakes
......@@ -439,9 +499,13 @@ eggs =
suds
pprofile
pycountry
xfw
jsonschema
# Needed for checking ZODB Components source code
pylint
pytracemalloc
neoppod[client]
# Zope
ZODB3
Zope2
......@@ -503,14 +567,10 @@ Acquisition-patches = ${:_profile_base_location_}/../../component/egg-patch/Acqu
Acquisition-patch-options = -p1
Products.DCWorkflow-patches = ${:_profile_base_location_}/../../component/egg-patch/Products.DCWorkflow/workflow_method.patch
Products.DCWorkflow-patch-options = -p1
ZODB3-patches = ${:_profile_base_location_}/../../component/egg-patch/ZODB3-3.10.5.patch
ZODB3-patch-options = -p1
[zodbanalyze]
recipe = zc.recipe.egg
eggs =
ZODB3
erp5.util
eggs = erp5.util
entry-points =
zodbanalyze=erp5.util.zodbanalyze:main
scripts = zodbanalyze
......@@ -522,28 +582,26 @@ setup = ${erp5:location}
[cloudooo-repository]
branch =
revision = 3241978a6ec832f6aa71d1df1a62e22a8feae2f1
[slapos.cookbook-repository]
branch = erp5
revision = f1545ad0e6db238d22fd8c84a149b004ab6b8f03
[slapos-toolbox]
[slapos-deps-eggs]
recipe = zc.recipe.egg
eggs =
${lxml-python:egg}
slapos.toolbox
eggs +=
slapos.toolbox[zodbpack]
scripts =
killpidfromfile
scripts +=
is-local-tcp-port-opened
onetimedownload
zodbpack
[versions]
# See ../../software/neoppod/software-common.cfg for versions common with NEO:
# neoppod, MySQL-python, slapos.recipe.template & [slapos-deps-eggs]
# patched eggs
Acquisition = 2.13.8+SlapOSPatched001
Products.DCWorkflow = 2.2.4+SlapOSPatched001
ZODB3 = 3.10.5+SlapOSPatched001
pysvn = 1.7.10+SlapOSPatched002
python-ldap = 2.4.20+SlapOSPatched001
# specify dev version to be sure that an old released version is not used
cloudooo = 1.2.5-dev
......@@ -551,16 +609,12 @@ cloudooo = 1.2.5-dev
# use newer version than specified in ZTK
PasteDeploy = 1.5.2
Pygments = 2.0.2
coverage = 3.7.1
coverage = 4.0.1
zope.dottedname = 4.1.0
# test_UserManagerInterfaces in testERP5Security fails with 1.10.0.
Products.PluggableAuthService = 1.9.0
# official pysvn egg does not supports --include-dirs and
# --library-dirs, so we use our modified version
pysvn = 1.7.4nxd006
# we are still using this old stable version.
rdiff-backup = 1.0.5
......@@ -572,7 +626,7 @@ SOAPpy = 0.12.0nxd001
# CMF 2.3 is not yet supported.
Products.CMFCalendar = 2.2.3
Products.CMFCore = 2.2.8
Products.CMFCore = 2.2.9
Products.CMFDefault = 2.2.4
Products.CMFTopic = 2.2.1
Products.CMFUid = 2.2.1
......@@ -587,104 +641,91 @@ zope.app.publication = 3.14.0
zope.app.testing = 3.8.1
# Pinned versions
MySQL-python = 1.2.5
Pillow = 2.9.0
Pillow = 3.0.0
Products.CMFActionIcons = 2.1.3
Products.DCWorkflowGraph = 0.4.1
Products.ExternalEditor = 1.1.0
Products.GenericSetup = 1.7.6
Products.LongRequestLogger = 1.1.0
Products.ExternalEditor = 2.0.0
Products.GenericSetup = 1.8.0
Products.LongRequestLogger = 1.1.post1
Products.MimetypesRegistry = 2.0.8
Products.PluginRegistry = 1.3
Products.TIDStorage = 5.4.9
PyPDF2 = 1.25
PyPDF2 = 1.25.1
PyStemmer = 1.3.0
PyXML = 0.8.5
Pympler = 0.4.1
Pympler = 0.4.2
StructuredText = 2.11.1
WSGIUtils = 0.7
apache-libcloud = 0.17.0
astroid = 1.3.6
astroid = 1.3.8
chardet = 2.3.0
collective.recipe.template = 1.11
csp-eventlet = 0.7.0
ecdsa = 0.13
elementtree = 1.2.6.post20050316
erp5diff = 0.8.1.7
eventlet = 0.17.4
five.formlib = 1.0.4
five.localsitemanager = 2.0.5
gitdb = 0.6.4
greenlet = 0.4.7
greenlet = 0.4.9
http-parser = 0.8.3
httplib2 = 0.9.1
httplib2 = 0.9.2
huBarcode = 1.0.0
interval = 1.0.0
ipdb = 0.8.1
ipython = 3.2.0
logilab-common = 1.0.2
numpy = 1.9.2
plone.recipe.command = 1.1
ply = 3.6
ipython = 4.0.0
logilab-common = 1.1.0
numpy = 1.10.1
objgraph = 2.0.1
ply = 3.8
polib = 1.0.7
pprofile = 1.7.3
pycountry = 1.13
pycrypto = 2.6.1
pyflakes = 0.9.2
ptyprocess = 0.5
pycountry = 1.17
pyflakes = 1.0.0
pylint = 1.4.4
python-ldap = 2.4.20
python-magic = 0.4.6
python-memcached = 1.54
python-memcached = 1.57
pytracemalloc = 1.2
qrcode = 5.1
restkit = 4.2.2
rtjp-eventlet = 0.3.2
slapos.recipe.template = 2.8
slapos.toolbox = 0.49
smmap = 0.9.0
simplegeneric = 0.8.1
socketpool = 0.5.3
spyne = 2.11.0
spyne = 2.12.10
suds = 0.4
threadframe = 0.2
timerserver = 2.0.2
urlnorm = 1.1.2
uuid = 1.30
validictory = 1.0.0
validictory = 1.0.1
xfw = 0.10
xupdate-processor = 0.4
# Required by:
# slapos.toolbox==0.49
GitPython = 1.0.1
# Required by:
# Products.CMFCore==2.2.8
# Products.CMFCore==2.2.9
Products.ZSQLMethods = 2.13.4
# Required by:
# slapos.toolbox==0.49
atomize = 0.2.0
# Required by:
# apache-libcloud==0.17.0
backports.ssl-match-hostname = 3.4.0.2
# SOAPpy===0.12.0nxd001
fpconst = 0.7.2
# Required by:
# slapos.toolbox==0.49
feedparser = 5.2.0.post1
# traitlets==4.0.0
ipython-genutils = 0.1.0
# Required by:
# SOAPpy===0.12.0nxd001
fpconst = 0.7.2
# pickleshare==0.5
path.py = 8.1.2
# Required by:
# slapos.toolbox==0.49
lockfile = 0.10.2
# ipython==4.0.0
pexpect = 4.0.1
# Required by:
# slapos.toolbox==0.49
paramiko = 1.15.2
# ipython==4.0.0
pickleshare = 0.5
# Required by:
# slapos.toolbox==0.49
rpdb = 0.1.5
# ipython==4.0.0
traitlets = 4.0.0
# Required by:
# zope.app.testing==3.8.1
......@@ -698,3 +739,8 @@ zope.app.dependable = 3.5.1
# Products.CMFCalendar==2.2.3
# five.formlib==1.0.4
zope.app.form = 4.0.2
# Required by:
# Products.ZCatalog==2.13.27
# zope.container==3.11.2
zope.dottedname = 4.1.0
stack/erp5/haproxy.cfg.in 0 → 100644
View file @ 94026302
{% set server_check_path = parameter_dict['server-check-path'] -%}
global
maxconn 4096
stats socket {{ parameter_dict['socket-path'] }} level admin
defaults
log global
mode http
option httplog
option dontlognull
retries 1
option redispatch
maxconn 2000
cookie SERVERID rewrite
http-send-name-header X-Balancer-Current-Server
balance roundrobin
stats uri /haproxy
stats realm Global\ statistics
# it is useless to have timeout much bigger than the one of apache.
# By default apache use 300s, so we set slightly more in order to
# make sure that apache will first stop the connection.
timeout server 305s
# Stop waiting in queue for a zope to become available.
# If no zope can be reached after one minute, consider the request will
# never succeed.
timeout queue 60s
# The connection should be immediate on LAN,
# so we should not set more than 5 seconds, and it could be already too much
timeout connect 5s
# As requested in haproxy doc, make this "at least equal to timeout server".
timeout client 305s
# Use "option forceclose" to not preserve client & server persistent connections
# while handling every incoming request individually, dispatching them one after
# another to servers, in HTTP close mode. This is really needed when haproxy
# is configured with maxconn to 1, without this option browsers are unable
# to render a page
option forceclose
{% for name, (port, backend_list) in parameter_dict['backend-dict'].items() -%}
listen {{ name }} {{ parameter_dict['ip'] }}:{{ port }}
http-request set-header X-Balancer-Current-Cookie SERVERID
{% set has_webdav = [] -%}
{% for address, connection_count, webdav in backend_list -%}
{% if webdav %}{% do has_webdav.append(None) %}{% endif -%}
{% set server_name = name ~ '-' ~ loop.index0 -%}
server {{ server_name }} {{ address }} cookie {{ server_name }} check inter 3s rise 1 fall 2 maxqueue 5 maxconn {{ connection_count }}
{% endfor -%}
{%- if not has_webdav and server_check_path %}
option httpchk GET {{ server_check_path }}
{% endif -%}
{% endfor %}
stack/erp5/instance-balancer.cfg.in 0 → 100644
View file @ 94026302
{% set part_list = [] -%}
{% set ssl_parameter_dict = slapparameter_dict.get('ssl', {}) %}
{% macro section(name) %}{% do part_list.append(name) %}{{ name }}{% endmacro -%}
{% set use_ipv6 = slapparameter_dict.get('use-ipv6', False) -%}
{#
XXX: This template only supports exactly one IPv4 and (if ipv6 is used) one IPv6
per partition. No more (undefined result), no less (IndexError).
-#}
# TODO: insert varnish between apache & haproxy.
# And think of a way to specify which urls goe through varnish, which go
# directly to haproxy. (maybe just passing literal configuration file chunk)
{% set ipv4 = (ipv4_set | list)[0] -%}
{% set apache_ip_list = [ipv4] -%}
{% if ipv6_set -%}
{% set ipv6 = (ipv6_set | list)[0] -%}
{% do apache_ip_list.append('[' ~ ipv6 ~ ']') -%}
{% endif -%}
[simplefile]
recipe = slapos.recipe.template:jinja2
template = inline:{{ '{{ content }}' }}
{% macro simplefile(section_name, file_path, content, mode='') -%}
{% set content_section_name = section_name ~ '-content' -%}
[{{ content_section_name }}]
content = {{ dumps(content) }}
[{{ section(section_name) }}]
< = simplefile
rendered = {{ file_path }}
context = key content {{content_section_name}}:content
mode = {{ mode }}
{%- endmacro %}
{% if use_ipv6 -%}
[zope-tunnel-base]
recipe = slapos.cookbook:ipv4toipv6
runner-path = ${directory:services}/${:base-name}
6tunnel-path = {{ parameter_dict['6tunnel'] }}/bin/6tunnel
shell-path = {{ parameter_dict['dash'] }}/bin/dash
ipv4 = {{ ipv4 }}
{% endif -%}
{% set haproxy_dict = {} -%}
{% set apache_dict = {} -%}
{% set next_port = slapparameter_dict['tcpv4-port'] -%}
{% for family_name, parameter_id_list in slapparameter_dict['zope-family-dict'].items() -%}
{% set zope_family_address_list = [] -%}
{% set has_webdav = [] -%}
{% for parameter_id in parameter_id_list -%}
{% set zope_address_list = slapparameter_dict[parameter_id] -%}
{% for zope_address, maxconn, webdav in zope_address_list -%}
{% if webdav -%}
{% do has_webdav.append(None) %}
{% endif -%}
{% if use_ipv6 -%}
[{{ section('zope-tunnel-' ~ next_port) }}]
< = zope-tunnel-base
base-name = {{ 'zeo-tunnel-' ~ next_port }}
ipv4-port = {{ next_port }}
ipv6-port = {{ zope_address.split(']:')[1] }}
ipv6 = {{ zope_address.split(']:')[0][1:] }}
{% set zope_effective_address = ipv4 ~ ":" ~ next_port -%}
{% set next_port = next_port + 1 -%}
{% else -%}
{% set zope_effective_address = zope_address -%}
{% endif -%}
{% do zope_family_address_list.append((zope_effective_address, maxconn, webdav)) -%}
{% endfor -%}
{% endfor -%}
{# Make rendering fail artificially if any family has no known backend.
# This is useful as haproxy's hot-reconfiguration mechanism is
# supervisord-incompatible.
# As jinja2 postpones KeyError until place-holder value is actually used,
# do a no-op getitem.
-#}
{% do zope_family_address_list[0][0] -%}
{% set haproxy_port = next_port -%}
{% set next_port = next_port + 1 -%}
{% do haproxy_dict.__setitem__(family_name, (haproxy_port, zope_family_address_list)) -%}
{% if has_webdav -%}
{% set internal_scheme = 'http' -%}{# mod_rewrite does not recognise webdav scheme -#}
{% set external_scheme = 'webdavs' -%}
{% else %}
{% set internal_scheme = 'http' -%}
{% set external_scheme = 'https' -%}
{% endif -%}
{% do apache_dict.__setitem__(family_name, (next_port, external_scheme, internal_scheme ~ '://' ~ ipv4 ~ ':' ~ haproxy_port ~ slapparameter_dict['backend-path'])) -%}
{% set next_port = next_port + 1 -%}
{% endfor -%}
[haproxy-cfg-parameter-dict]
socket-path = ${directory:run}/haproxy.sock
server-check-path = {{ dumps(slapparameter_dict['haproxy-server-check-path']) }}
backend-dict = {{ dumps(haproxy_dict) }}
ip = {{ ipv4 }}
[haproxy-cfg]
recipe = slapos.recipe.template:jinja2
template = {{ parameter_dict['template-haproxy-cfg'] }}
rendered = ${directory:etc}/haproxy.cfg
context = section parameter_dict haproxy-cfg-parameter-dict
extensions = jinja2.ext.do
[{{ section('haproxy') }}]
recipe = slapos.cookbook:wrapper
wrapper-path = ${directory:services}/haproxy
command-line = "{{ parameter_dict['haproxy'] }}/sbin/haproxy" -f "${haproxy-cfg:rendered}"
{# TODO: build socat and wrap it as "${directory:bin}/haproxy-ctl" to connect to "${haproxy-cfg-parameter-dict:socket-path}" #}
[apache-conf-ssl]
cert = ${directory:apache-conf}/apache.crt
key = ${directory:apache-conf}/apache.pem
ca-cert = ${directory:apache-conf}/ca.crt
crl = ${directory:apache-conf}/crl.pem
[apache-conf-parameter-dict]
backend-list = {{ dumps(apache_dict.values()) }}
ip-list = {{ dumps(apache_ip_list) }}
pid-file = ${directory:run}/apache.pid
error-log = ${directory:log}/apache-error.log
access-log = ${directory:log}/apache-access.log
# Apache 2.4's default value (60 seconds) can be a bit too short
timeout = 300
# Basic SSL server configuration
cert = ${apache-ssl:cert}
key = ${apache-ssl:key}
cipher =
ssl-session-cache = ${directory:log}/apache-ssl-session-cache
# Client x509 auth
ca-cert = ${apache-ssl-client:cert}
crl = ${apache-ssl-client:crl}
[apache-conf]
recipe = slapos.recipe.template:jinja2
template = {{ parameter_dict['template-apache-conf'] }}
rendered = ${directory:apache-conf}/apache.conf
context = section parameter_dict apache-conf-parameter-dict
[{{ section('apache') }}]
recipe = slapos.cookbook:wrapper
wrapper-path = ${directory:services}/apache
command-line = "{{ parameter_dict['apache'] }}/bin/httpd" -f "${apache-conf:rendered}" -DFOREGROUND
[{{ section('apache-promise') }}]
# Check any apache port in ipv4, expect other ports and ipv6 to behave consistently
recipe = slapos.cookbook:check_port_listening
path = ${directory:promise}/apache
hostname = {{ ipv4 }}
port = {{ apache_dict.values()[0][0] }}
[publish]
recipe = slapos.cookbook:publish.serialised
{% for family_name, (apache_port, scheme, _) in apache_dict.items() -%}
{{ family_name ~ '-v6' }} = {% if ipv6_set %}{{ scheme ~ '://[' ~ ipv6 ~ ']:' ~ apache_port }}{% endif %}
{{ family_name }} = {{ scheme ~ '://' ~ ipv4 ~ ':' ~ apache_port }}
{% endfor -%}
[apache-ssl]
{% if ssl_parameter_dict.get('key') -%}
key = ${apache-ssl-key:rendered}
cert = ${apache-ssl-cert:rendered}
{{ simplefile('apache-ssl-key', '${apache-conf-ssl:key}', ssl_parameter_dict['key']) }}
{{ simplefile('apache-ssl-cert', '${apache-conf-ssl:cert}', ssl_parameter_dict['cert']) }}
{% else %}
recipe = plone.recipe.command
command = "{{ parameter_dict['openssl'] }}/bin/openssl" req -newkey rsa -batch -new -x509 -days 3650 -nodes -keyout "${:key}" -out "${:cert}"
key = ${apache-conf-ssl:key}
cert = ${apache-conf-ssl:cert}
{%- endif %}
[apache-ssl-client]
{% if ssl_parameter_dict.get('ca-cert') -%}
cert = ${apache-ssl-ca:rendered}
crl = ${apache-ssl-crl:rendered}
{{ simplefile('apache-ssl-ca', '${apache-conf-ssl:ca-cert}', ssl_parameter_dict['ca-cert']) }}
{{ simplefile('apache-ssl-crl', '${apache-conf-ssl:crl}', ssl_parameter_dict['crl']) }}
{% else %}
cert =
crl =
{%- endif %}
[logrotate-apache]
recipe = slapos.cookbook:logrotate.d
logrotate-entries = ${logrotate:logrotate-entries}
backup = ${logrotate:backup}
name = apache
log = ${apache-conf-parameter-dict:error-log} ${apache-conf-parameter-dict:access-log}
post = {{ parameter_dict['bin-directory'] }}/slapos-kill --pidfile ${apache-conf-parameter-dict:pid-file} -s USR1
[directory]
recipe = slapos.cookbook:mkdirectory
apache-conf = ${:etc}/apache
bin = ${buildout:directory}/bin
etc = ${buildout:directory}/etc
promise = ${directory:etc}/promise
services = ${:etc}/run
var = ${buildout:directory}/var
run = ${:var}/run
log = ${:var}/log
ca-dir = ${buildout:directory}/srv/ssl
requests = ${:ca-dir}/requests
private = ${:ca-dir}/private
certs = ${:ca-dir}/certs
newcerts = ${:ca-dir}/newcerts
crl = ${:ca-dir}/crl
[monitor-instance-parameter]
monitor-httpd-ipv6 = {{ (ipv6_set | list)[0] }}
monitor-httpd-port = {{ next_port }}
monitor-title = Balancer monitor
[buildout]
extends =
{{ logrotate_cfg }}
{{ parameter_dict['template-monitor'] }}
parts +=
publish
logrotate-apache
{{ part_list | join('\n ') }}
stack/erp5/instance-cloudoo.cfg.in
View file @ 94026302
{% if software_type == slap_software_type -%}
{% set json = json_module.loads(parameter_dict.get('cloudooo-json', '{}')) -%}
{% set bin_directory = parameter_dict['buildout-bin-directory'] -%}
{% set use_ipv6 = slapparameter_dict.get('use-ipv6', False) -%}
[buildout]
parts =
publish-cloudooo-connection-information
extends =
{{ parameter_dict['template-monitor'] }}
parts +=
publish
cloudooo-instance
resiliency-exclude-file
promise
promise-openoffice
eggs-directory = {{ eggs_directory }}
develop-eggs-directory = {{ develop_eggs_directory }}
offline = true
{% if use_ipv6 %}promise-tunnel{% endif %}
[publish-cloudooo-connection-information]
recipe = slapos.cookbook:publishurl
[publish]
recipe = slapos.cookbook:publish.serialised
{% if use_ipv6 -%}
url = cloudooo://[${ipv6toipv4:ipv6}]:${ipv6toipv4:ipv6-port}/
{% else -%}
url = cloudooo://${cloudooo-instance:ip}:${cloudooo-instance:port}/
{% endif -%}
[cloudooo-instance]
recipe = slapos.cookbook:generic.cloudooo
# Network options
ip = ${slap-network-information:local-ipv4}
port = 23000
openoffice-port = 23060
ip = {{ (ipv4_set | list)[0] }}
{% set tcpv4_port = slapparameter_dict['tcpv4-port'] -%}
port = {{ tcpv4_port }}
openoffice-port = {{ tcpv4_port + 1 }}
# Paths
configuration-file = ${directory:etc}/cloudooo.cfg
......@@ -32,7 +36,7 @@ wrapper = ${directory:service}/cloudooo
data-directory = ${directory:cloudooo-data}
environment =
LD_LIBRARY_PATH = {{ parameter_dict['cups'] }}/lib:{{ parameter_dict['cups'] }}/lib64:{{ parameter_dict['dbus'] }}/lib:{{ parameter_dict['dbus-glib'] }}/lib:{{ parameter_dict['file'] }}/lib:{{ parameter_dict['fontconfig'] }}/lib:{{ parameter_dict['freetype'] }}/lib:{{ parameter_dict['glib'] }}/lib:{{ parameter_dict['glu'] }}/lib:{{ parameter_dict['libICE'] }}/lib:{{ parameter_dict['libSM'] }}/lib:{{ parameter_dict['libX11'] }}/lib:{{ parameter_dict['libXau'] }}/lib:{{ parameter_dict['libXdmcp'] }}/lib:{{ parameter_dict['libXext'] }}/lib:{{ parameter_dict['libXrender'] }}/lib:{{ parameter_dict['libexpat'] }}/lib:{{ parameter_dict['libffi'] }}/lib:{{ parameter_dict['libffi'] }}/lib64:{{ parameter_dict['libpng12'] }}/lib:{{ parameter_dict['libxcb'] }}/lib:{{ parameter_dict['mesa'] }}/lib:{{ parameter_dict['xdamage'] }}/lib:{{ parameter_dict['xfixes'] }}/lib:{{ parameter_dict['zlib'] }}/lib
LD_LIBRARY_PATH = {{ parameter_dict['cairo'] }}/lib:{{ parameter_dict['cups'] }}/lib:{{ parameter_dict['cups'] }}/lib64:{{ parameter_dict['dbus'] }}/lib:{{ parameter_dict['dbus-glib'] }}/lib:{{ parameter_dict['file'] }}/lib:{{ parameter_dict['fontconfig'] }}/lib:{{ parameter_dict['freetype'] }}/lib:{{ parameter_dict['glib'] }}/lib:{{ parameter_dict['glu'] }}/lib:{{ parameter_dict['libICE'] }}/lib:{{ parameter_dict['libSM'] }}/lib:{{ parameter_dict['libX11'] }}/lib:{{ parameter_dict['libXau'] }}/lib:{{ parameter_dict['libXdmcp'] }}/lib:{{ parameter_dict['libXext'] }}/lib:{{ parameter_dict['libXrender'] }}/lib:{{ parameter_dict['libexpat'] }}/lib:{{ parameter_dict['libffi'] }}/lib:{{ parameter_dict['libffi'] }}/lib64:{{ parameter_dict['libpng12'] }}/lib:{{ parameter_dict['libxcb'] }}/lib:{{ parameter_dict['mesa'] }}/lib:{{ parameter_dict['pixman'] }}/lib:{{ parameter_dict['xdamage'] }}/lib:{{ parameter_dict['xfixes'] }}/lib:{{ parameter_dict['zlib'] }}/lib
FONTCONFIG_FILE = ${fontconfig-instance:conf-path}
# Binary information
......@@ -46,7 +50,8 @@ recipe = slapos.cookbook:fontconfig
conf-path = ${directory:etc}/font.conf
font-system-folder = {{ parameter_dict['fonts'] }}
font-folder = ${directory:font}
url-list = {{ json.get('font_url_list', []) | join(' ') }}
{# XXX: violates "instanciation happens offline" rule -#}
url-list = {{ dumps(slapparameter_dict.get('font-url-list', []) | join(' ')) }}
service-folder = ${directory:service}
onetimedownload_path = {{ bin_directory }}/onetimedownload
......@@ -68,6 +73,25 @@ path = ${directory:promise}/openoffice
hostname = ${cloudooo-instance:ip}
port = ${cloudooo-instance:openoffice-port}
{% if use_ipv6 -%}
[promise-tunnel]
recipe = slapos.cookbook:check_port_listening
path = ${directory:promise}/tunnel
hostname = ${ipv6toipv4:ipv6}
port = ${ipv6toipv4:ipv6-port}
[ipv6toipv4]
recipe = slapos.cookbook:ipv6toipv4
runner-path = ${directory:service}/${:base-name}
6tunnel-path = {{ parameter_dict['6tunnel'] }}/bin/6tunnel
shell-path = {{ parameter_dict['dash'] }}/bin/dash
ipv4 = ${cloudooo-instance:ip}
ipv6 = {{ (ipv6_set | list)[0] }}
ipv6-port = ${cloudooo-instance:port}
ipv4-port = ${cloudooo-instance:port}
base-name = cloudooo-tunnel
{% endif -%}
# rest of parts are candidates for some generic stuff
[directory]
recipe = slapos.cookbook:mkdirectory
......@@ -77,4 +101,8 @@ service = ${:etc}/run
promise = ${:etc}/promise
cloudooo-data = ${:srv}/cloudooo
font = ${:srv}/font
{% endif %}
[monitor-instance-parameter]
monitor-httpd-ipv6 = {{ (ipv6_set | list)[0] }}
monitor-httpd-port = {{ tcpv4_port + 2 }}
monitor-title = Cloudooo monitor
stack/erp5/instance-create-erp5-site-real.cfg.in 0 → 100644
View file @ 94026302
[directory]
recipe = slapos.cookbook:mkdirectory
etc = ${buildout:directory}/etc
services = ${:etc}/run
promise = ${:etc}/promise
[erp5-bootstrap]
recipe = slapos.cookbook:erp5.bootstrap
runner-path = ${directory:services}/erp5-bootstrap
{# Note: a random domain name will be picked if several point to the same IP -#}
{% set reverse_hosts = {} -%}
{% for x, y in publish['hosts-dict'].iteritems() -%}
{% do reverse_hosts.__setitem__(y, x) -%}
{% endfor -%}
{# XXX: Expect the first database to be the one to use for catalog. -#}
{% set mysql_parsed = urlparse.urlparse(publish['mariadb-database-list'][0]) -%}
mysql-url = {{ dumps(urlparse.urlunparse(mysql_parsed[:1] + (mysql_parsed.username + ":" + mysql_parsed.password + "@" + reverse_hosts.get(mysql_parsed.hostname, mysql_parsed.hostname) + ':' ~ mysql_parsed.port, ) + mysql_parsed[2:])) }}
{# Pick the first http[s] family found, they should be all equivalent anyway. -#}
{% set family_list = [] -%}
{% for key, value in publish.items() -%}
{% if key.startswith('family-') and value.startswith('http') -%}
{% do family_list.append(value.split('://', 1)) -%}
{% endif -%}
{% endfor -%}
zope-url = {{ dumps(family_list[0][0] + '://' + publish['inituser-login'] + ':' + publish_early['inituser-password'] + '@' + family_list[0][1] + '/' + publish['site-id']) }}
[promise-erp5-site]
recipe = slapos.cookbook:check_url_available
url = ${erp5-bootstrap:zope-url}
path = ${directory:promise}/erp5-site
dash_path = {{ parameter_dict['dash-location'] }}/bin/dash
curl_path = {{ parameter_dict['curl-location'] }}/bin/curl
[buildout]
parts = promise-erp5-site
eggs-directory = {{ eggs_directory }}
develop-eggs-directory = {{ develop_eggs_directory }}
stack/erp5/instance-create-erp5-site.cfg.in 0 → 100644
View file @ 94026302
{# To create the script (wrapper) which creates the ERP5Site object, pieces
# of what is published by extended file are required. Because they are not
# available at the time the file you are reading is rendered, and because
# those values are composed (lists, dicts...) of which items are needed,
# they cannot be accessed. Instead, make buildout provide these values to
# a second template, rendered at a convenient time.
-#}
[instance-create-erp5-site-real-parameters]
dash-location = {{ parameter_dict['dash-location'] }}
curl-location = {{ parameter_dict['curl-location'] }}
[instance-create-erp5-site-real]
recipe = slapos.recipe.template:jinja2
template = {{ parameter_dict['template-create-erp5-site-real'] }}
rendered = ${buildout:directory}/instance-create-erp5-site-real.cfg
extensions = jinja2.ext.do
context =
import urlparse urlparse
section publish publish
section publish_early publish-early
section parameter_dict instance-create-erp5-site-real-parameters
key eggs_directory buildout:eggs-directory
key develop_eggs_directory buildout:develop-eggs-directory
[instance-create-erp5-site-real-run]
recipe = slapos.recipe.build
script =
import subprocess, sys
subprocess.check_call([
sys.argv[0],
"buildout:directory=${buildout:directory}",
"buildout:installed=.installed-${:_buildout_section_name_}.cfg",
"-Uoc", self.options['run'],
])
run = ${instance-create-erp5-site-real:rendered}
slapos_promise =
[buildout]
extends = {{ parameter_dict['instance-erp5'] }}
parts +=
instance-create-erp5-site-real-run
stack/erp5/instance-erp5-cluster.cfg.in deleted 100644 → 0
View file @ 47a68bf7
{% if slap_software_type == software_type -%}
#############################
#
# Request erp5 production environnment
#
#############################
[buildout]
parts =
request-tidstorage
basedirectory
eggs-directory = {{ eggs_directory }}
develop-eggs-directory = {{ develop_eggs_directory }}
offline = true
versions = versions
[request-common]
recipe = slapos.cookbook:request
software-url = ${slap-connection:software-release-url}
return = url
server-url = ${slap-connection:server-url}
key-file = ${slap-connection:key-file}
cert-file = ${slap-connection:cert-file}
computer-id = ${slap-connection:computer-id}
partition-id = ${slap-connection:partition-id}
[request-mariadb]
<=request-common
name = MariaDB DataBase
software-type = mariadb
config-mariadb-json = ${slap-parameter:mariadb-json}
sla-computer_guid = ${slap-parameter:mariadb-computer-guid}
[request-cloudooo]
<=request-common
name = Cloudooo
config-cloudooo-json = ${slap-parameter:cloudooo-json}
software-type = cloudooo
sla-computer_guid = ${slap-parameter:cloudooo-computer-guid}
[request-memcached]
<=request-common
name = Memcached
software-type = memcached
sla-computer_guid = ${slap-parameter:memcached-computer-guid}
[request-kumofs]
<=request-common
name = KumoFS
software-type = kumofs
sla-computer_guid = ${slap-parameter:kumofs-computer-guid}
[request-tidstorage]
<=request-common
name = TidStorage
return = url-login
config-json = ${slap-parameter:json}
config-mysql-url = ${request-mariadb:connection-url}
config-memcached-url = ${request-memcached:connection-url}
config-cloudooo-url = ${request-cloudooo:connection-url}
config-kumofs-url = ${request-kumofs:connection-url}
config-bt5 = ${slap-parameter:bt5}
config-bt5-repository-url = ${slap-parameter:bt5-repository-url}
config-smtp-url = ${slap-parameter:smtp-url}
software-type = tidstorage
sla-computer_guid = ${slap-parameter:tidstorage-computer-guid}
[request-varnish]
<=request-common
name = Varnish
config-tidstorage-url = ${request-tidstorage:connection-url-login}
config-web-checker-mail-address = ${slap-parameter:web-checker-mail-address}
config-web-checker-smtp-host = ${slap-parameter:web-checker-smtp-host}
software-type = varnish
sla-computer_guid = ${slap-parameter:varnish-computer-guid}
[slap-parameter]
# Default value if no computer_guid is specified for each type
mariadb-computer-guid = ${slap-connection:computer-id}
cloudooo-computer-guid = ${slap-connection:computer-id}
memcached-computer-guid = ${slap-connection:computer-id}
kumofs-computer-guid = ${slap-connection:computer-id}
tidstorage-computer-guid = ${slap-connection:computer-id}
varnish-computer-guid = ${slap-connection:computer-id}
cloudooo-json =
bt5 = {{ bt5_list }}
bt5-repository-url = {{ local_bt5_repository }}
smtp-url = smtp://localhost:25/
[basedirectory]
recipe = slapos.cookbook:mkdirectory
etc = ${buildout:directory}/etc/run
{% endif %}
[versions]
slapos.core = {{ slapos_core_version }}
stack/erp5/instance-erp5-single.cfg.in deleted 100644 → 0
View file @ 47a68bf7
#############################
#
# Request erp5 development environnment
#
#############################
[buildout]
extends = {{ template_zope }}
parts +=
request-mariadb
request-cloudooo
request-memcached
request-kumofs
basedirectory
test-runner
erp5-bootstrap
erp5-promise
promise-erp5-site
eggs-directory = {{ eggs_directory }}
develop-eggs-directory = {{ develop_eggs_directory }}
offline = true
versions = versions
[slap-parameter]
# default site id
site-id = erp5
cloudooo-json =
promise-path = ${rootdirectory:etc}/erp5promise.cfg
bt5 = {{ bt5_list }}
bt5-repository-url = {{ local_bt5_repository }}
smtp-url = smtp://localhost:25/
[test-runner]
recipe = slapos.cookbook:erp5.test
certificate-authority-path = ${test-certificate-authority:ca-dir}
mysql-url = ${request-mariadb:connection-url}
kumofs-url = ${request-kumofs:connection-url}
memcached-url = ${request-memcached:connection-url}
cloudooo-url = ${request-cloudooo:connection-url}
test-instance-path = ${directory:unit-test-path}
prepend-path = ${buildout:bin-directory}
run-unit-test = ${buildout:bin-directory}/runUnitTest
run-test-suite = ${buildout:bin-directory}/runTestSuite
openssl-binary = ${test-certificate-authority:openssl-binary}
run-unit-test-binary = {{ bin_directory }}/runUnitTest
run-test-suite-binary = {{ bin_directory }}/runTestSuite
[test-certificate-authority]
recipe = slapos.cookbook:certificate_authority
openssl-binary = {{ openssl_location }}/bin/openssl
ca-dir = ${directory:test-ca-dir}
requests-directory = ${test-cadirectory:requests}
wrapper = ${basedirectory:services}/test-ca
ca-private = ${test-cadirectory:private}
ca-certs = ${test-cadirectory:certs}
ca-newcerts = ${test-cadirectory:newcerts}
ca-crl = ${test-cadirectory:crl}
[test-cadirectory]
recipe = slapos.cookbook:mkdirectory
requests = ${directory:test-ca-dir}/requests
private = ${directory:test-ca-dir}/private
certs = ${directory:test-ca-dir}/certs
newcerts = ${directory:test-ca-dir}/newcerts
crl = ${directory:test-ca-dir}/crl
[erp5-bootstrap]
recipe = slapos.cookbook:erp5.bootstrap
runner-path = ${basedirectory:services}/erp5-bootstrap
mysql-url = ${request-mariadb:connection-url}
zope-url = http://${zope-instance:user}:${zope-instance:password}@${zope-instance:ip}:${zope-instance:port}/${slap-parameter:site-id}
[erp5-promise]
recipe = slapos.cookbook:erp5.promise
promise-path = ${slap-parameter:promise-path}
kumofs-url = ${request-kumofs:connection-url}
memcached-url = ${request-memcached:connection-url}
cloudooo-url = ${request-cloudooo:connection-url}
smtp-url = ${slap-parameter:smtp-url}
bt5 = ${slap-parameter:bt5}
bt5-repository-url = ${slap-parameter:bt5-repository-url}
[request-common]
recipe = slapos.cookbook:request
software-url = ${slap-connection:software-release-url}
sla-computer_guid = ${slap-connection:computer-id}
return = url
server-url = ${slap-connection:server-url}
key-file = ${slap-connection:key-file}
cert-file = ${slap-connection:cert-file}
computer-id = ${slap-connection:computer-id}
partition-id = ${slap-connection:partition-id}
[request-mariadb]
<=request-common
name = MariaDB DataBase
software-type = mariadb
[request-cloudooo]
<=request-common
name = Cloudooo
config-cloudooo-json = ${slap-parameter:cloudooo-json}
software-type = cloudooo
[request-memcached]
<=request-common
name = Memcached
software-type = memcached
[request-kumofs]
<=request-common
name = KumoFS
software-type = kumofs
[zope-instance]
promise-path = ${slap-parameter:promise-path}
site-id = ${slap-parameter:site-id}
[directory]
test-ca-dir = ${rootdirectory:srv}/test-ca
test-instance-path = ${rootdirectory:srv}/test-instance
unit-test-path = ${:test-instance-path}/unit_test
[promise-erp5-site]
recipe = slapos.cookbook:check_url_available
path = ${basedirectory:promises}/erp5site
url = http://${zope-instance:ip}:${zope-instance:port}/${slap-parameter:site-id}
dash_path = {{ dash_location }}/bin/dash
curl_path = {{ curl_location }}/bin/curl
[versions]
slapos.core = {{ slapos_core_version }}
stack/erp5/instance-erp5.cfg.in 0 → 100644
View file @ 94026302
{% import "root_common" as root_common with context %}
{% set frontend_dict = slapparameter_dict.get('frontend', {}) -%}
{% set has_frontend = frontend_dict.get('software-url', '') != '' -%}
{% set site_id = slapparameter_dict.get('site-id', 'erp5') -%}
{% set inituser_login = slapparameter_dict.get('inituser-login', 'zope') -%}
{% set publish_dict = {'site-id': site_id, 'inituser-login': inituser_login} -%}
{% set has_posftix = slapparameter_dict.get('smtp', {}).get('postmaster') -%}
[request-common]
<= request-common-base
config-use-ipv6 = {{ dumps(slapparameter_dict.get('use-ipv6', False)) }}
{% macro request(name, software_type, config_key, config, ret={'url': True}, key_config={}) -%}
{% do config.update(slapparameter_dict.get(config_key, {})) -%}
{% set section = 'request-' ~ name -%}
[{{ section }}]
<= request-common
name = {{ name }}
software-type = {{ software_type }}
return = {{ ' '.join(ret) }}
{% for ret, publish in ret.iteritems() -%}
{% if publish -%}
{% do publish_dict.__setitem__(name ~ '-' ~ ret, '${' ~ section ~ ':connection-' ~ ret ~ '}')%}
{% endif -%}
{% endfor -%}
{{ root_common.sla(name) }}
{% for k, v in config.iteritems() -%}
config-{{ k }} = {{ dumps(v) }}
{% endfor -%}
{% for k, v in key_config.iteritems() -%}
config-{{ k }} = {{ '${' ~ v ~ '}' }}
{% endfor -%}
{% endmacro -%}
{{ request('memcached-persistent', 'kumofs', 'kumofs', {'tcpv4-port': 2000}) }}
{{ request('memcached-volatile', 'kumofs', 'memcached', {'tcpv4-port': 2010, 'ram-storage-size': 64}) }}
{{ request('cloudooo', 'cloudooo', 'cloudooo', {'tcpv4-port': 2020}) }}
{{ request('mariadb', 'mariadb', 'mariadb', {'tcpv4-port': 2099}, {'database-list': True, 'test-database-list': True}) }}
{% if has_posftix -%}
{{ request('smtp', 'postfix', 'smtp', {'tcpv4-port': 2025, 'smtpd-sasl-user': 'erp5@nowhere'}, key_config={'smtpd-sasl-password': 'publish-early:smtpd-sasl-password'}) }}
{%- else %}
[request-smtp]
# Placeholder smtp service URL
connection-url = smtp://127.0.0.2:0/
{%- endif %}
{# ZODB -#}
{% set zodb_dict = {} -%}
{% set storage_dict = {} -%}
{% set mountpoints = set() -%}
{% for zodb in slapparameter_dict.get('zodb') or ({'type': 'zeo', 'server': {}},) -%}
{% do mountpoints.add(zodb.setdefault('mount-point', '/')) -%}
{% set name = zodb.pop('name', 'root') -%}
{% do assert(name not in zodb_dict, name, zodb_dict) -%}
{% do zodb_dict.__setitem__(name, zodb) -%}
{% if 'server' in zodb -%}
{% do storage_dict.setdefault(zodb['type'], {}).__setitem__(name, zodb.pop('server')) -%}
{% endif -%}
{% endfor -%}
{% do assert(len(mountpoints) == len(zodb_dict)) -%}
{% set neo = [] -%}
{% for server_type, server_dict in storage_dict.iteritems() -%}
{% if server_type == 'neo' -%}
{% set ((name, server_dict),) = server_dict.items() -%}
{% do neo.append(server_dict.get('cluster')) -%}
{% do server_dict.update(cluster='${publish-early:neo-cluster}') -%}
{{ root_common.request_neo(server_dict, 'zodb-neo', 'neo-') }}
{% set client_dict = zodb_dict[name].setdefault('storage-dict', {}) -%}
{% for k in 'ssl', '_ca', '_cert', '_key' -%}
{% do k in server_dict and client_dict.setdefault(k, server_dict[k]) -%}
{% endfor -%}
{% else -%}
{{ assert(server_type == 'zeo', server_type) -}}
{# BBB: for compatibility, keep 'zodb' as partition_reference for ZEO -#}
{{ request('zodb', 'zodb-' ~ server_type, 'zodb-' ~ server_type, {'tcpv4-port': 2100, 'zodb-dict': server_dict}, dict.fromkeys(('storage-dict', 'tidstorage-ip', 'tidstorage-port'))) }}
{% endif -%}
{% endfor -%}
[publish-early]
recipe = slapos.cookbook:publish-early
-init =
inituser-password gen-password:passwd
deadlock-debugger-password gen-deadlock-debugger-password:passwd
{%- if has_posftix %}
smtpd-sasl-password gen-smtpd-sasl-password:passwd
{%- endif %}
{%- if neo %}
neo-cluster gen-neo-cluster:name
{%- if neo[0] %}
neo-cluster = {{ neo[0] }}
{%- endif %}
{%- endif %}
{%- set inituser_password = slapparameter_dict.get('inituser-password') %}
{%- if inituser_password %}
inituser-password = {{ inituser_password }}
{%- endif %}
{%- set deadlock_debugger_password = slapparameter_dict.get('deadlock-debugger-password') -%}
{%- if deadlock_debugger_password %}
deadlock-debugger-password = {{ deadlock_debugger_password }}
{%- endif %}
[gen-password]
recipe = slapos.cookbook:generate.password
storage-path =
[gen-deadlock-debugger-password]
<= gen-password
[gen-neo-cluster-base]
<= gen-password
[gen-neo-cluster]
name = neo-${gen-neo-cluster-base:passwd}
[gen-smtpd-sasl-password]
< = gen-password
[request-zope-base]
<= request-common
return =
zope-address-list
hosts-dict
config-bt5 = {{ dumps(slapparameter_dict.get('bt5', 'erp5_full_text_myisam_catalog erp5_configurator_standard erp5_configurator_maxma_demo erp5_configurator_ung erp5_configurator_run_my_doc')) }}
config-bt5-repository-url = {{ dumps(slapparameter_dict.get('bt5-repository-url', local_bt5_repository)) }}
config-cloudooo-url = ${request-cloudooo:connection-url}
config-deadlock-debugger-password = ${publish-early:deadlock-debugger-password}
config-developer-list = {{ dumps(slapparameter_dict.get('developer-list', [inituser_login])) }}
config-hosts-dict = {{ dumps(slapparameter_dict.get('hosts-dict', {})) }}
config-hostalias-dict = {{ dumps(slapparameter_dict.get('hostalias-dict', {})) }}
config-inituser-login = {{ dumps(inituser_login) }}
config-inituser-password = ${publish-early:inituser-password}
config-kumofs-url = ${request-memcached-persistent:connection-url}
config-memcached-url = ${request-memcached-volatile:connection-url}
config-mysql-test-url-list = ${request-mariadb:connection-test-database-list}
config-mysql-url-list = ${request-mariadb:connection-database-list}
config-site-id = {{ dumps(site_id) }}
config-smtp-url = ${request-smtp:connection-url}
config-timezone = {{ dumps(slapparameter_dict.get('timezone', 'UTC')) }}
config-zodb-dict = {{ dumps(zodb_dict) }}
{% for server_type, server_dict in storage_dict.iteritems() -%}
{% if server_type == 'neo' -%}
config-neo-cluster = ${publish-early:neo-cluster}
config-neo-name = {{ server_dict.keys()[0] }}
config-neo-masters = ${neo-0-final:connection-masters}
{% else -%}
config-zodb-zeo = ${request-zodb:connection-storage-dict}
config-tidstorage-ip = ${request-zodb:connection-tidstorage-ip}
config-tidstorage-port = ${request-zodb:connection-tidstorage-port}
{% endif -%}
{% endfor -%}
software-type = zope
{% set zope_family_dict = {} -%}
{% for custom_name, zope_parameter_dict in slapparameter_dict.get('zope-partition-dict', {'1': {}}).items() -%}
{% set partition_name = 'zope-' ~ custom_name -%}
{% set section_name = 'request-' ~ partition_name -%}
{% do zope_family_dict.setdefault(zope_parameter_dict.get('family', 'default'), []).append(section_name) -%}
[{{ section_name }}]
<= request-zope-base
name = {{ partition_name }}
{{ root_common.sla(partition_name) }}
config-name = {{ dumps(custom_name) }}
config-instance-count = {{ dumps(zope_parameter_dict.get('instance-count', 1)) }}
config-thread-amount = {{ dumps(zope_parameter_dict.get('thread-amount', 4)) }}
config-timerserver-interval = {{ dumps(zope_parameter_dict.get('timerserver-interval', 5)) }}
config-longrequest-logger-interval = {{ dumps(zope_parameter_dict.get('longrequest-logger-interval', -1)) }}
config-longrequest-logger-timeout = {{ dumps(zope_parameter_dict.get('longrequest-logger-timeout', 1)) }}
config-port-base = {{ dumps(zope_parameter_dict.get('port-base', 2200)) }}
config-webdav = {{ dumps(zope_parameter_dict.get('webdav', False)) }}
{% endfor -%}
{# We need to concatenate lists that we cannot read as lists, so this gets hairy. -#}
{% set zope_address_list_id_dict = {} -%}
{% set zope_family_parameter_dict = {} -%}
{% for family_name, zope_section_id_list in zope_family_dict.items() -%}
{% for zope_section_id in zope_section_id_list -%}
{% set parameter_name = 'zope-family-entry-' ~ zope_section_id -%}
{% do zope_address_list_id_dict.__setitem__(zope_section_id, parameter_name) -%}
{% do zope_family_parameter_dict.setdefault(family_name, []).append(parameter_name) -%}
{% endfor -%}
{% if has_frontend -%}
{% set frontend_name = 'frontend-' ~ family_name -%}
{% do publish_dict.__setitem__('family-' ~ family_name, '${' ~ frontend_name ~ ':connection-site_url}' ) -%}
[{{ frontend_name }}]
<= request-frontend-base
name = {{ frontend_name }}
config-url = ${request-balancer:{{ family_name }}-v6}
{% else -%}
{% do publish_dict.__setitem__('family-' ~ family_name, '${request-balancer:connection-' ~ family_name ~ '}' ) -%}
{% do publish_dict.__setitem__('family-' ~ family_name ~ '-v6', '${request-balancer:connection-' ~ family_name ~ '-v6}' ) -%}
{% endif -%}
{% endfor -%}
{% set balancer_dict = slapparameter_dict.get('balancer', {}) -%}
[request-balancer]
<= request-common
name = balancer
software-type = balancer
{{ root_common.sla('balancer') }}
return =
{%- for family in zope_family_dict %}
{{ family }}
{{ family }}-v6
{% endfor -%}
config-zope-family-dict = {{ dumps(zope_family_parameter_dict) }}
config-tcpv4-port = {{ dumps(balancer_dict.get('tcpv4-port', 2150)) }}
{% for zope_section_id, name in zope_address_list_id_dict.items() -%}
config-{{ name }} = {{ ' ${' ~ zope_section_id ~ ':connection-zope-address-list}' }}
{% endfor -%}
# XXX: should those really be same for all families ?
config-haproxy-server-check-path = {{ dumps(balancer_dict.get('haproxy-server-check-path', '/') % {'site-id': site_id}) }}
config-backend-path = {{ dumps(balancer_dict.get('apache-backend-path', '/') % {'site-id': site_id}) }}
config-ssl = {{ dumps(balancer_dict.get('ssl', {})) }}
[request-frontend-base]
{% if has_frontend -%}
<= request-common
software-url = {{ dumps(frontend_dict['software-url']) }}
software-type = {{ dumps(frontend_dict.get('software-type', 'RootSoftwareInstance')) }}
{{ root_common.sla('frontend', True) }}
slave = true
{% set config_dict = {
'type': 'zope',
} -%}
{% if frontend_dict.get('domain') -%}
{% do config_dict.__setitem__('custom_domain', frontend_dict['domain']) -%}
{% endif -%}
{% for name, value in config_dict.items() -%}
config-{{ name }} = {{ value }}
{% endfor -%}
return = site_url
{% endif -%}
[publish]
recipe = slapos.cookbook:publish.serialised
-extends = publish-early
{% if 'neo' in storage_dict -%}
neo-masters = ${neo-0-final:connection-masters}
neo-admins = ${neo-0-final:connection-admins}
{% endif -%}
{#
Pick any published hosts-dict, they are expected to be identical - and there is
no way to check here.
-#}
hosts-dict = {{ '${' ~ zope_address_list_id_dict.keys()[0] ~ ':connection-hosts-dict}' }}
{% for name, value in publish_dict.items() -%}
{{ name }} = {{ value }}
{% endfor -%}
{{ root_common.common_section() }}
stack/erp5/instance-kumofs.cfg.in
View file @ 94026302
{% set use_ipv6 = slapparameter_dict.get('use-ipv6', False) -%}
[buildout]
parts =
publish-kumofs-connection-information
extends =
{{ logrotate_cfg }}
{{ parameter_dict['template-monitor'] }}
parts +=
publish
kumofs-instance
logrotate
logrotate-entry-kumofs
cron
cron-entry-logrotate
resiliency-exclude-file
promise-kumofs-server
promise-kumofs-server-listen
promise-kumofs-gateway
promise-kumofs-manager
eggs-directory = {{ eggs_directory }}
develop-eggs-directory = {{ develop_eggs_directory }}
offline = true
[publish-kumofs-connection-information]
recipe = slapos.cookbook:publishurl
[publish]
recipe = slapos.cookbook:publish.serialised
{% if use_ipv6 -%}
url = memcached://[${kumofs-instance:ip}]:${kumofs-instance:gateway-port}/
{% else -%}
url = memcached://${kumofs-instance:ip}:${kumofs-instance:gateway-port}/
{% endif -%}
[kumofs-instance]
recipe = slapos.cookbook:generic.kumofs
# Network options
ip = ${slap-network-information:local-ipv4}
manager-port = 13101
server-port = 13201
server-listen-port = 13202
gateway-port = 13301
{% if use_ipv6 -%}
ip = {{ (ipv6_set | list)[0] }}
address-family = inet6
{% else -%}
ip = {{ (ipv4_set | list)[0] }}
address-family = inet4
{% endif -%}
{% set tcpv4_port = slapparameter_dict['tcpv4-port'] -%}
manager-port = {{ tcpv4_port }}
server-port = {{ tcpv4_port + 1 }}
server-listen-port = {{ tcpv4_port + 2 }}
gateway-port = {{ tcpv4_port + 3 }}
# Paths: Data
{% set ram_storage_size = slapparameter_dict.get('ram-storage-size') -%}
{% if ram_storage_size -%}
data-path = *#capsiz={{ ram_storage_size }}m
{% else -%}
# (with 10M buckets and HDBTLARGE option)
data-path = ${directory:kumofs-data}/kumodb.tch#bnum=10485760#opts=l
{% endif -%}
# Paths: Running wrappers
gateway-wrapper = ${basedirectory:services}/kumofs_gateway
manager-wrapper = ${basedirectory:services}/kumofs_manager
server-wrapper = ${basedirectory:services}/kumofs_server
# Paths: Data (with 10M buckets and HDBTLARGE option)
data-path = ${directory:kumofs-data}/kumodb.tch#bnum=10485760#opts=l
gateway-wrapper = ${directory:services}/kumofs_gateway
manager-wrapper = ${directory:services}/kumofs_manager
server-wrapper = ${directory:services}/kumofs_server
# Paths: Logs
kumo-gateway-log = ${basedirectory:log}/kumo-gateway.log
kumo-manager-log = ${basedirectory:log}/kumo-manager.log
kumo-server-log = ${basedirectory:log}/kumo-server.log
kumo-gateway-log = ${directory:log}/kumo-gateway.log
kumo-manager-log = ${directory:log}/kumo-manager.log
kumo-server-log = ${directory:log}/kumo-server.log
# Binary information
kumo-gateway-binary = {{ kumo_location }}/bin/kumo-gateway
kumo-manager-binary = {{ kumo_location }}/bin/kumo-manager
kumo-server-binary = {{ kumo_location }}/bin/kumo-server
shell-path = {{ dash_location }}/bin/dash
kumo-gateway-binary = {{ parameter_dict['kumo-location'] }}/bin/kumo-gateway
kumo-manager-binary = {{ parameter_dict['kumo-location'] }}/bin/kumo-manager
kumo-server-binary = {{ parameter_dict['kumo-location'] }}/bin/kumo-server
shell-path = {{ parameter_dict['dash-location'] }}/bin/dash
[logrotate-entry-kumofs]
<= logrotate
recipe = slapos.cookbook:logrotate.d
logrotate-entries = ${logrotate:logrotate-entries}
backup = ${logrotate:backup}
name = kumofs
log = ${kumofs-instance:kumo-gateway-log} ${kumofs-instance:kumo-manager-log}
${kumofs-instance:kumo-server-log}
# rest of parts are candidates for some generic stuff
[logrotate]
recipe = slapos.cookbook:logrotate
# Binaries
logrotate-binary = {{ logrotate_location }}/usr/sbin/logrotate
gzip-binary = {{ gzip_location }}/bin/gzip
gunzip-binary = {{ gzip_location }}/bin/gunzip
# Directories
wrapper = ${rootdirectory:bin}/logrotate
conf = ${rootdirectory:etc}/logrotate.conf
logrotate-entries = ${directory:logrotate-entries}
backup = ${directory:logrotate-backup}
state-file = ${rootdirectory:srv}/logrotate.status
[basedirectory]
recipe = slapos.cookbook:mkdirectory
log = ${rootdirectory:var}/log
services = ${rootdirectory:etc}/run
promise = ${rootdirectory:etc}/promise
run = ${rootdirectory:var}/run
backup = ${rootdirectory:srv}/backup
log = ${kumofs-instance:kumo-gateway-log} ${kumofs-instance:kumo-manager-log} ${kumofs-instance:kumo-server-log}
[directory]
recipe = slapos.cookbook:mkdirectory
cron-entries = ${rootdirectory:etc}/cron.d
crontabs = ${rootdirectory:etc}/crontabs
cronstamps = ${rootdirectory:etc}/cronstamps
logrotate-backup = ${basedirectory:backup}/logrotate
logrotate-entries = ${rootdirectory:etc}/logrotate.d
kumofs-data = ${rootdirectory:srv}/kumofs
[rootdirectory]
recipe = slapos.cookbook:mkdirectory
etc = ${buildout:directory}/etc
var = ${buildout:directory}/var
log = ${buildout:directory}/var/log
services = ${buildout:directory}/etc/run
promise = ${buildout:directory}/etc/promise
srv = ${buildout:directory}/srv
bin = ${buildout:directory}/bin
[cron]
recipe = slapos.cookbook:cron
dcrond-binary = {{ dcron_location }}/sbin/crond
cron-entries = ${directory:cron-entries}
crontabs = ${directory:crontabs}
cronstamps = ${directory:cronstamps}
catcher = ${cron-simplelogger:wrapper}
binary = ${basedirectory:services}/crond
[cron-simplelogger]
recipe = slapos.cookbook:simplelogger
wrapper = ${rootdirectory:bin}/cron_simplelogger
log = ${basedirectory:log}/cron.log
[cron-entry-logrotate]
<= cron
recipe = slapos.cookbook:cron.d
name = logrotate
frequency = 0 0 * * *
command = ${logrotate:wrapper}
kumofs-data = ${:srv}/kumofs
[resiliency-exclude-file]
# Generate rdiff exclude file in case of resiliency
recipe = collective.recipe.template
input = inline: **
output = ${rootdirectory:srv}/exporter.exclude
output = ${directory:srv}/exporter.exclude
# Deploy zope promises scripts
[promise-template]
......@@ -130,20 +91,25 @@ port = ${kumofs-instance:server-listen-port}
[promise-kumofs-server]
<= promise-template
path = ${basedirectory:promise}/kumofs-server
path = ${directory:promise}/kumofs-server
port = ${kumofs-instance:server-port}
[promise-kumofs-server-listen]
<= promise-template
path = ${basedirectory:promise}/kumofs-server-listen
path = ${directory:promise}/kumofs-server-listen
port = ${kumofs-instance:server-listen-port}
[promise-kumofs-gateway]
<= promise-template
path = ${basedirectory:promise}/kumofs-gateway
path = ${directory:promise}/kumofs-gateway
port = ${kumofs-instance:gateway-port}
[promise-kumofs-manager]
<= promise-template
path = ${basedirectory:promise}/kumofs-manager
path = ${directory:promise}/kumofs-manager
port = ${kumofs-instance:manager-port}
[monitor-instance-parameter]
monitor-httpd-ipv6 = {{ (ipv6_set | list)[0] }}
monitor-httpd-port = {{ tcpv4_port + 4 }}
monitor-title = Kumofs monitor
stack/erp5/instance-mariadb.cfg.in
View file @ 94026302
{% if software_type == slap_software_type -%}
{% set json = json_module.loads(slapparameter_dict.get('mariadb-json', '{}')) -%}
{% set backup_periodicity = json.get('backup-periodicity', '0 22 * * *') -%}
{% set bin_directory = parameter_dict['buildout-bin-directory'] -%}
[buildout]
parts =
publish-mariadb-url
mariadb-instance
logrotate
logrotate-entry-mariadb
cron
cron-entry-logrotate
cron-entry-mariadb-backup
cron-entry-mariadb-backup-expire
binary-link
resiliency-exclude-file
resiliency-after-import-script
promise
eggs-directory = {{ eggs_directory }}
develop-eggs-directory = {{ develop_eggs_directory }}
offline = true
[publish-mariadb-url]
recipe = slapos.cookbook:publishurl
url = mysql://${mariadb-instance:user}:${mariadb-instance:password}@${mariadb-instance:ip}:${mariadb-instance:port}/${mariadb-instance:database}
[binary-wrap-base]
recipe = slapos.cookbook:wrapper
# Note: --defaults-file must be the first argument, otherwise wrapped binary
# will reject it.
command-line = "{{ mariadb_location }}/bin/${:command}" --defaults-file="${mariadb-instance:conf-file}"
wrapper-path = ${rootdirectory:bin}/${:command}
parameters-extra = true
[binary-wrap-mysqldump]
< = binary-wrap-base
command = mysqldump
{% set part_list = [] -%}
{% macro section(name) %}{% do part_list.append(name) %}{{ name }}{% endmacro -%}
{% set use_ipv6 = slapparameter_dict.get('use-ipv6', False) -%}
{% set database_list = slapparameter_dict.get('database-list', [{'name': 'erp5', 'user': 'user', 'password': 'insecure'}]) -%}
{% set test_database_list = [] %}
{% for database_count in range(slapparameter_dict.get('test-database-amount', 1)) -%}
{% do test_database_list.append({'name': 'erp5_test_' ~ database_count, 'user': 'testuser_' ~ database_count, 'password': 'testpassword' ~ database_count}) -%}
{% endfor -%}
{% set catalog_backup = slapparameter_dict.get('catalog-backup', {}) -%}
{% set backup_periodicity = slapparameter_dict.get('backup-periodicity', 'daily') -%}
{% set full_backup_retention_days = catalog_backup.get('full-retention-days', 7) -%}
{% set incremental_backup_retention_days = catalog_backup.get('incremental-retention-days', full_backup_retention_days) -%}
{% set port = slapparameter_dict['tcpv4-port'] %}
{% if use_ipv6 -%}
{% set ip = (ipv6_set | list)[0] -%}
{% else -%}
{% set ip = (ipv4_set | list)[0] -%}
{% endif -%}
[publish]
recipe = slapos.cookbook:publish.serialised
{% macro render_database_list(database_list) -%}
{% set publish_database_list = [] -%}
{% for database in database_list -%}
{% if database.get('user') -%}
{% do publish_database_list.append("mysql://" ~ database['user'] ~ ":" ~ database['password'] ~ "@" ~ ip ~ ":" ~ port ~ "/" ~ database['name']) -%}
{% else -%}
{% do publish_database_list.append("mysql://" ~ ip ~ ":" ~ port ~ "/" ~ database['name']) -%}
{% endif -%}
{% endfor -%}
{{ dumps(publish_database_list) }}
{% endmacro -%}
database-list = {{ render_database_list(database_list) }}
test-database-list = {{ render_database_list(test_database_list) }}
[simplefile]
recipe = slapos.recipe.template:jinja2
template = inline:{{ '{{ content }}' }}
{% macro simplefile(section_name, file_path, content, mode='') -%}
{% set content_section_name = section_name ~ '-content' -%}
[{{ content_section_name }}]
content = {{ dumps(content) }}
[{{ section(section_name) }}]
< = simplefile
rendered = {{ file_path }}
context = key content {{content_section_name}}:content
mode = {{ mode }}
{%- endmacro %}
{% set ssl_dict = {} -%}
{% macro sslfile(key, content, mode='644') -%}
{% set path = '${directory:mariadb-ssl}/' ~ key ~ '.pem' -%}
{% do ssl_dict.__setitem__(key, path) -%}
{{ simplefile('ssl-file-' ~ key, path, content, mode) }}
{%- endmacro %}
{% set ssl_parameter_dict = slapparameter_dict.get('ssl') -%}
{% if ssl_parameter_dict -%}
{% set base_directory = '${directory:mariadb-ssl}/' -%}
{# Note: The key content will be stored in .installed.cfg, and this template's
rendering, so the only point of mode is to avoid risking mariadb complaining
about laxist file mode. -#}
{{ sslfile('key', ssl_parameter_dict['key'], mode='600') }}
{{ sslfile('crt', ssl_parameter_dict['crt']) }}
{% if 'ca-crt' in ssl_parameter_dict -%}
{{ sslfile('ca-crt', ssl_parameter_dict['ca-crt']) }}
{% endif -%}
{% if 'crl' in ssl_parameter_dict -%}
{{ sslfile('crl', ssl_parameter_dict['crl']) }}
{% endif -%}
{%- endif %}
[cron-entry-mariadb-backup]
{% if full_backup_retention_days > -1 -%}
[{{ section('cron-entry-mariadb-backup') }}]
recipe = slapos.cookbook:cron.d
cron-entries = ${cron:cron-entries}
name = mariadb-backup
frequency = {{ backup_periodicity }}
time = {{ dumps(backup_periodicity) }}
{# When binlogs are enabled:
# flush-logs: used so no manipulation on binlogs is needed to restore from
# full + binlogs. The first binlog after a dump starts from dump snapshot and
# can be fully restored.
# master-data: use value "2" as we are not in a replication case
#}
command = "${binary-wrap-mysqldump:wrapper-path}" -u root --all-databases --single-transaction --flush-logs --master-data=2 --socket=${mariadb-instance:socket} | {{ gzip_location }}/bin/gzip > "${directory:mariadb-backup-full}/$({{ coreutils_location }}/bin/date "+%Y%m%d%H%M%S").sql.gz"
command = "${binary-wrap-mysqldump:wrapper-path}" -u root --all-databases --single-transaction {% if incremental_backup_retention_days > -1 %}--flush-logs --master-data=2 {% endif %}| {{ parameter_dict['gzip-location'] }}/bin/gzip > "${directory:mariadb-backup-full}/$({{ parameter_dict['coreutils-location'] }}/bin/date "+%Y%m%d%H%M%S").sql.gz"
{# KEEP GLOB PATTERN IN SYNC with generated filenames above
# YYYYmmddHHMMSS -#}
file-glob = ??????????????.sql.gz
[cron-entry-mariadb-backup-expire]
{% if full_backup_retention_days > 0 -%}
[{{ section("cron-entry-mariadb-backup-expire") }}]
recipe = slapos.cookbook:cron.d
cron-entries = ${cron:cron-entries}
name = mariadb-backup-expire
frequency = {{ backup_periodicity }}
command = {{ findutils_location }}/bin/find "${directory:mariadb-backup-full}" -maxdepth 1 -name "${cron-entry-mariadb-backup:file-glob}" -daystart -mtime +7 -delete
[mariadb-instance]
# XXX: remove backup part of this recipe. Backup part is now done in previous sections.
# Keeping it is harmless because it is supposed to be launched by cron entry, which has been removed.
recipe = slapos.cookbook:generic.mysql
# Options
user = user
parallel-test-database-amount = ${slap-parameter:test-database-amount}
port = 45678
ip = ${slap-network-information:local-ipv4}
database = erp5
test-user = erp5_test
test-database = erp5_test
mysql-test-database-base = testdb
mysql-test-user-base = testuser
# Backup
time = {{ dumps(backup_periodicity) }}
command = {{ parameter_dict['findutils-location'] }}/bin/find "${directory:mariadb-backup-full}" -maxdepth 1 -name "${cron-entry-mariadb-backup:file-glob}" -daystart -mtime +{{ full_backup_retention_days }} -delete
{%- endif %}
{%- endif %}
[my-cnf-parameters]
ip = {{ ip }}
port = {{ port }}
socket = ${directory:run}/mariadb.sock
data-directory = ${directory:mariadb-data}
pid-file = ${directory:run}/mariadb.pid
error-log = ${directory:log}/mariadb_error.log
slow-query-log = ${directory:log}/mariadb_slowquery.log
long-query-time = {{ dumps(slapparameter_dict.get('long-query-time', 1)) }}
innodb-buffer-pool-size = {{ dumps(slapparameter_dict.get('innodb-buffer-pool-size', 0)) }}
innodb-log-file-size = {{ dumps(slapparameter_dict.get('innodb-log-file-size', 0)) }}
innodb-log-buffer-size = {{ dumps(slapparameter_dict.get('innodb-log-buffer-size', 0)) }}
relaxed-writes = {{ dumps(slapparameter_dict.get('relaxed-writes', False)) }}
{% if incremental_backup_retention_days > -1 -%}
binlog-path = ${directory:mariadb-backup-incremental}/binlog
# XXX: binlog rotation happens along with other log's rotation
binlog-expire-days = 7
# Paths
wrapper = ${basedirectory:services}/mariadb
update-wrapper = ${basedirectory:services}/mariadb_update
backup-script = ${rootdirectory:bin}/innobackupex-controller
full-backup-directory = ${directory:mariadb-backup-full}
incremental-backup-directory = ${directory:mariadb-backup-incremental}
data-directory = ${directory:mariadb-data}
pid-file = ${basedirectory:run}/mariadb.pid
socket = ${basedirectory:run}/mariadb.sock
error-log = ${basedirectory:log}/mariadb_error.log
slow-query-log = ${basedirectory:log}/mariadb_slowquery.log
conf-file = ${rootdirectory:etc}/mariadb.cnf
bin-directory = ${rootdirectory:bin}
innobackupex-incremental = ${rootdirectory:bin}/innobackupex-incremental
innobackupex-full = ${rootdirectory:bin}/innobackupex-full
# Binary information
innobackupex-binary = {{ xtrabackup_location }}/bin/innobackupex
mysql-base-directory = {{ mariadb_location }}
mysql-binary = {{ mariadb_location }}/bin/mysql
mysql-install-binary = {{ mariadb_location }}/scripts/mysql_install_db
mysql-upgrade-binary = {{ mariadb_location }}/bin/mysql_upgrade
mysqld-binary = {{ mariadb_location }}/bin/mysqld
pt-align-binary = {{ perl_siteprefix }}/bin/pt-align
pt-archiver-binary = {{ perl_siteprefix }}/bin/pt-archiver
pt-config-diff-binary = {{ perl_siteprefix }}/bin/pt-config-diff
pt-deadlock-logger-binary = {{ perl_siteprefix }}/bin/pt-deadlock-logger
pt-diskstats-binary = {{ perl_siteprefix }}/bin/pt-diskstats
pt-duplicate-key-checker-binary = {{ perl_siteprefix }}/bin/pt-duplicate-key-checker
pt-fifo-split-binary = {{ perl_siteprefix }}/bin/pt-fifo-split
pt-find-binary = {{ perl_siteprefix }}/bin/pt-find
pt-fingerprint-binary = {{ perl_siteprefix }}/bin/pt-fingerprint
pt-fk-error-logger-binary = {{ perl_siteprefix }}/bin/pt-fk-error-logger
pt-heartbeat-binary = {{ perl_siteprefix }}/bin/pt-heartbeat
pt-index-usage-binary = {{ perl_siteprefix }}/bin/pt-index-usage
pt-ioprofile-binary = {{ perl_siteprefix }}/bin/pt-ioprofile
pt-kill-binary = {{ perl_siteprefix }}/bin/pt-kill
pt-mext-binary = {{ perl_siteprefix }}/bin/pt-mext
pt-mysql-summary-binary = {{ perl_siteprefix }}/bin/pt-mysql-summary
pt-online-schema-change-binary = {{ perl_siteprefix }}/bin/pt-online-schema-change
pt-pmp-binary = {{ perl_siteprefix }}/bin/pt-pmp
pt-query-digest-binary = {{ perl_siteprefix }}/bin/pt-query-digest
pt-show-grants-binary = {{ perl_siteprefix }}/bin/pt-show-grants
pt-sift-binary = {{ perl_siteprefix }}/bin/pt-sift
pt-slave-delay-binary = {{ perl_siteprefix }}/bin/pt-slave-delay
pt-slave-find-binary = {{ perl_siteprefix }}/bin/pt-slave-find
pt-slave-restart-binary = {{ perl_siteprefix }}/bin/pt-slave-restart
pt-stalk-binary = {{ perl_siteprefix }}/bin/pt-stalk
pt-summary-binary = {{ perl_siteprefix }}/bin/pt-summary
pt-table-checksum-binary = {{ perl_siteprefix }}/bin/pt-table-checksum
pt-table-sync-binary = {{ perl_siteprefix }}/bin/pt-table-sync
pt-table-usage-binary = {{ perl_siteprefix }}/bin/pt-table-usage
pt-upgrade-binary = {{ perl_siteprefix }}/bin/pt-upgrade
pt-variable-advisor-binary = {{ perl_siteprefix }}/bin/pt-variable-advisor
pt-visual-explain-binary = {{ perl_siteprefix }}/bin/pt-visual-explain
xtrabackup-binary = {{ xtrabackup_location }}/bin/xtrabackup_51
perl-binary = {{ perl_location }}/bin/perl
[logrotate]
recipe = slapos.cookbook:logrotate
# Binaries
logrotate-binary = {{ logrotate_location }}/usr/sbin/logrotate
gzip-binary = {{ gzip_location }}/bin/gzip
gunzip-binary = {{ gzip_location }}/bin/gunzip
# Directories
wrapper = ${rootdirectory:bin}/logrotate
conf = ${rootdirectory:etc}/logrotate.conf
logrotate-entries = ${directory:logrotate-entries}
backup = ${directory:logrotate-backup}
state-file = ${rootdirectory:srv}/logrotate.status
binlog-expire-days = {{ dumps(incremental_backup_retention_days) }}
{% else %}
binlog-path =
{%- endif %}
{%- for key, value in ssl_dict.items() -%}
ssl-{{ key }} = {{ value }}
{% endfor %}
[my-cnf]
recipe = slapos.recipe.template:jinja2
rendered = ${directory:etc}/mariadb.cnf
template = {{ parameter_dict['template-my-cnf'] }}
context = section parameter_dict my-cnf-parameters
[init-script-parameters]
database-list = {{ dumps(database_list + test_database_list) }}
[init-script]
recipe = slapos.recipe.template:jinja2
# XXX: is there a better location ?
rendered = ${directory:etc}/mariadb_initial_setup.sql
template = {{ parameter_dict['template-mariadb-initial-setup'] }}
context = section parameter_dict init-script-parameters
[update-mysql]
recipe = slapos.cookbook:generic.mysql.wrap_update_mysql
output = ${directory:services}/mariadb_update
binary = ${binary-wrap-mysql_upgrade:wrapper-path}
mysql = ${binary-wrap-mysql:wrapper-path}
init-script = ${init-script:rendered}
mysql_tzinfo_to_sql = ${binary-wrap-mysql_tzinfo_to_sql:wrapper-path}
[mysqld]
recipe = slapos.cookbook:generic.mysql.wrap_mysqld
output = ${directory:services}/mariadb
binary = {{ parameter_dict['mariadb-location'] }}/bin/mysqld
configuration-file = ${my-cnf:rendered}
data-directory = ${my-cnf-parameters:data-directory}
mysql-install-binary = {{ parameter_dict['mariadb-location'] }}/scripts/mysql_install_db
mysql-base-directory = {{ parameter_dict['mariadb-location'] }}
[logrotate-entry-mariadb]
<= logrotate
recipe = slapos.cookbook:logrotate.d
logrotate-entries = ${logrotate:logrotate-entries}
backup = ${logrotate:backup}
name = mariadb
log = ${mariadb-instance:error-log} ${mariadb-instance:slow-query-log}
post = ${mariadb-instance:mysql-binary} --no-defaults -B --socket=${mariadb-instance:socket} -e "FLUSH LOGS"
[cron]
recipe = slapos.cookbook:cron
dcrond-binary = {{ dcron_location }}/sbin/crond
cron-entries = ${directory:cron-entries}
crontabs = ${directory:crontabs}
cronstamps = ${directory:cronstamps}
catcher = ${cron-simplelogger:wrapper}
binary = ${basedirectory:services}/crond
[cron-simplelogger]
recipe = slapos.cookbook:simplelogger
wrapper = ${rootdirectory:bin}/cron_simplelogger
log = ${basedirectory:log}/cron.log
[cron-entry-logrotate]
<= cron
recipe = slapos.cookbook:cron.d
name = logrotate
frequency = 0 0 * * *
command = ${logrotate:wrapper}
log = ${my-cnf-parameters:error-log} ${my-cnf-parameters:slow-query-log}
post = "${binary-wrap-mysql:wrapper-path}" -B -u root -e "FLUSH LOGS"
[binary-link]
recipe = slapos.cookbook:symbolic.link
target-directory = ${rootdirectory:bin}
link-binary =
{{ coreutils_location }}/bin/basename
{{ coreutils_location }}/bin/cat
{{ coreutils_location }}/bin/cp
{{ coreutils_location }}/bin/ls
{{ coreutils_location }}/bin/tr
{{ coreutils_location }}/bin/uname
{{ gettext_location }}/lib/gettext/hostname
{{ grep_location }}/bin/grep
{{ sed_location }}/bin/sed
{{ mariadb_location }}/bin/mysql
target-directory = ${directory:bin}
link-binary = {{ dumps(parameter_dict['link-binary']) }}
[{{ section("binary-link-mysqlbinlog") }}]
< = binary-link
link-binary = {{ parameter_dict['mariadb-location'] }}/bin/mysqlbinlog
[binary-wrap-base]
recipe = slapos.cookbook:wrapper
# Note: --defaults-file must be the first argument, otherwise wrapped binary
# will reject it.
command-line = "{{ parameter_dict['mariadb-location'] }}/bin/${:command}" --defaults-file="${my-cnf:rendered}"
wrapper-path = ${directory:bin}/${:command}
parameters-extra = true
[binary-wrap-mysql]
< = binary-wrap-base
command = mysql
[binary-wrap-mysqldump]
< = binary-wrap-base
command = mysqldump
[binary-wrap-mysql_upgrade]
< = binary-wrap-base
command = mysql_upgrade
[binary-wrap-mysql_tzinfo_to_sql]
< = binary-wrap-base
command-line = "{{ parameter_dict['mariadb-location'] }}/bin/${:command}"
command = mysql_tzinfo_to_sql
[directory]
recipe = slapos.cookbook:mkdirectory
bin = ${buildout:directory}/bin
etc = ${buildout:directory}/etc
services = ${:etc}/run
promise = ${:etc}/promise
srv = ${buildout:directory}/srv
backup = ${:srv}/backup
mariadb-backup-full = ${:backup}/mariadb-full
mariadb-backup-incremental = ${:backup}/mariadb-incremental
mariadb-data = ${:srv}/mariadb
mariadb-ssl = ${:etc}/mariadb-ssl
var = ${buildout:directory}/var
log = ${:var}/log
run = ${:var}/run
[resiliency-exclude-file]
# Generate rdiff exclude file in case of resiliency
recipe = collective.recipe.template
input = inline: srv/mariadb/**
output = ${rootdirectory:srv}/exporter.exclude
output = ${directory:srv}/exporter.exclude
[resiliency-after-import-script]
# Generate after import script used by importer instance of webrunner
recipe = collective.recipe.template
input = {{ mariadb_resiliency_after_import_script }}
output = ${rootdirectory:srv}/runner-import-restore
input = {{ parameter_dict['mariadb-resiliency-after-import-script'] }}
output = ${directory:srv}/runner-import-restore
mode = 755
dash = {{ dash_location }}/bin/dash
[rootdirectory]
recipe = slapos.cookbook:mkdirectory
etc = ${buildout:directory}/etc
var = ${buildout:directory}/var
srv = ${buildout:directory}/srv
bin = ${buildout:directory}/bin
[basedirectory]
recipe = slapos.cookbook:mkdirectory
log = ${rootdirectory:var}/log
services = ${rootdirectory:etc}/run
promise = ${rootdirectory:etc}/promise
run = ${rootdirectory:var}/run
backup = ${rootdirectory:srv}/backup
[directory]
recipe = slapos.cookbook:mkdirectory
cron-entries = ${rootdirectory:etc}/cron.d
crontabs = ${rootdirectory:etc}/crontabs
cronstamps = ${rootdirectory:etc}/cronstamps
ca-dir = ${rootdirectory:srv}/ssl
mariadb-backup-full = ${basedirectory:backup}/mariadb-full
mariadb-backup-incremental = ${basedirectory:backup}/mariadb-incremental
mariadb-data = ${rootdirectory:srv}/mariadb
logrotate-backup = ${basedirectory:backup}/logrotate
logrotate-entries = ${rootdirectory:etc}/logrotate.d
dash = {{ parameter_dict['dash-location'] }}/bin/dash
[promise]
recipe = slapos.cookbook:check_port_listening
path = ${basedirectory:promise}/mariadb
hostname = ${mariadb-instance:ip}
port = ${mariadb-instance:port}
recipe = slapos.cookbook:wrapper
command-line = "{{ parameter_dict['bin-directory'] }}/is-local-tcp-port-opened" "${my-cnf-parameters:ip}" "${my-cnf-parameters:port}"
wrapper-path = ${directory:promise}/mariadb
parameters-extra = true
[slap-parameter]
test-database-amount = 100
{%- endif %}
[monitor-instance-parameter]
monitor-httpd-ipv6 = {{ (ipv6_set | list)[0] }}
monitor-httpd-port = {{ port + 1 }}
monitor-title = Mariadb monitor
[buildout]
extends =
{{ logrotate_cfg }}
{{ parameter_dict['template-monitor'] }}
parts +=
publish
logrotate-entry-mariadb
binary-link
update-mysql
mysqld
resiliency-exclude-file
resiliency-after-import-script
promise
{{ part_list | join('\n ') }}
stack/erp5/instance-memcached.cfg.in deleted 100644 → 0
View file @ 47a68bf7
# memcached-compatible volatile cache using kumofs
# that has no limitation for key length and data size
[buildout]
parts =
publish-kumofs-connection-information
kumofs-instance
logrotate
logrotate-entry-kumofs
cron
cron-entry-logrotate
resiliency-exclude-file
promise-kumofs-server
promise-kumofs-server-listen
promise-kumofs-gateway
promise-kumofs-manager
eggs-directory = {{ eggs_directory }}
develop-eggs-directory = {{ develop_eggs_directory }}
offline = true
[publish-kumofs-connection-information]
recipe = slapos.cookbook:publishurl
url = memcached://${kumofs-instance:ip}:${kumofs-instance:gateway-port}/
[kumofs-instance]
recipe = slapos.cookbook:generic.kumofs
# Network options
ip = ${slap-network-information:local-ipv4}
manager-port = 13401
server-port = 13501
server-listen-port = 13502
# previous memcached configuration
gateway-port = 11000
# previous memcached configuration
storage-size = 64m
# Paths: Running wrappers
gateway-wrapper = ${basedirectory:services}/volatile_kumofs_gateway
manager-wrapper = ${basedirectory:services}/volatile_kumofs_manager
server-wrapper = ${basedirectory:services}/volatile_kumofs_server
# Paths: Data
data-path = *#capsiz=${:storage-size}
# Paths: Logs
kumo-gateway-log = ${basedirectory:log}/kumo-gateway.log
kumo-manager-log = ${basedirectory:log}/kumo-manager.log
kumo-server-log = ${basedirectory:log}/kumo-server.log
# Binary information
kumo-gateway-binary = {{ kumo_location }}/bin/kumo-gateway
kumo-manager-binary = {{ kumo_location }}/bin/kumo-manager
kumo-server-binary = {{ kumo_location }}/bin/kumo-server
shell-path = {{ dash_location }}/bin/dash
[logrotate-entry-kumofs]
<= logrotate
recipe = slapos.cookbook:logrotate.d
name = kumofs
log = ${kumofs-instance:kumo-gateway-log} ${kumofs-instance:kumo-manager-log}
${kumofs-instance:kumo-server-log}
# rest of parts are candidates for some generic stuff
[logrotate]
recipe = slapos.cookbook:logrotate
# Binaries
logrotate-binary = {{ logrotate_location }}/usr/sbin/logrotate
gzip-binary = {{ gzip_location }}/bin/gzip
gunzip-binary = {{ gzip_location }}/bin/gunzip
# Directories
wrapper = ${rootdirectory:bin}/logrotate
conf = ${rootdirectory:etc}/logrotate.conf
logrotate-entries = ${directory:logrotate-entries}
backup = ${directory:logrotate-backup}
state-file = ${rootdirectory:srv}/logrotate.status
[basedirectory]
recipe = slapos.cookbook:mkdirectory
log = ${rootdirectory:var}/log
services = ${rootdirectory:etc}/run
promise = ${rootdirectory:etc}/promise
run = ${rootdirectory:var}/run
backup = ${rootdirectory:srv}/backup
[directory]
recipe = slapos.cookbook:mkdirectory
cron-entries = ${rootdirectory:etc}/cron.d
crontabs = ${rootdirectory:etc}/crontabs
cronstamps = ${rootdirectory:etc}/cronstamps
logrotate-backup = ${basedirectory:backup}/logrotate
logrotate-entries = ${rootdirectory:etc}/logrotate.d
[rootdirectory]
recipe = slapos.cookbook:mkdirectory
etc = ${buildout:directory}/etc
var = ${buildout:directory}/var
srv = ${buildout:directory}/srv
bin = ${buildout:directory}/bin
[cron]
recipe = slapos.cookbook:cron
dcrond-binary = {{ dcron_location }}/sbin/crond
cron-entries = ${directory:cron-entries}
crontabs = ${directory:crontabs}
cronstamps = ${directory:cronstamps}
catcher = ${cron-simplelogger:wrapper}
binary = ${basedirectory:services}/crond
[cron-simplelogger]
recipe = slapos.cookbook:simplelogger
wrapper = ${rootdirectory:bin}/cron_simplelogger
log = ${basedirectory:log}/cron.log
[cron-entry-logrotate]
<= cron
recipe = slapos.cookbook:cron.d
name = logrotate
frequency = 0 0 * * *
command = ${logrotate:wrapper}
[resiliency-exclude-file]
# Generate rdiff exclude file in case of resiliency
recipe = collective.recipe.template
input = inline: **
output = ${rootdirectory:srv}/exporter.exclude
# Deploy zope promises scripts
[promise-template]
recipe = slapos.cookbook:check_port_listening
hostname = ${kumofs-instance:ip}
port = ${kumofs-instance:server-listen-port}
[promise-kumofs-server]
<= promise-template
path = ${basedirectory:promise}/kumofs-server
port = ${kumofs-instance:server-port}
[promise-kumofs-server-listen]
<= promise-template
path = ${basedirectory:promise}/kumofs-server-listen
port = ${kumofs-instance:server-listen-port}
[promise-kumofs-gateway]
<= promise-template
path = ${basedirectory:promise}/kumofs-gateway
port = ${kumofs-instance:gateway-port}
[promise-kumofs-manager]
<= promise-template
path = ${basedirectory:promise}/kumofs-manager
port = ${kumofs-instance:manager-port}
stack/erp5/instance-postfix.cfg.in 0 → 100644
View file @ 94026302
{% set part_list = [] -%}
{% macro section(name) %}{% do part_list.append(name) %}{{ name }}{% endmacro -%}
{% if slapparameter_dict['use-ipv6'] -%}
{% set ip = '[' ~ (ipv6_set | list)[0] ~ ']' -%}
{% else -%}
{% set ip = (ipv4_set | list)[0] -%}
{% endif -%}
{% set tcpv4_port = slapparameter_dict['tcpv4-port'] -%}
{% set relay = slapparameter_dict.get('relay', {}) -%}
{% set divert = slapparameter_dict.get('divert', []) -%}
{% set alias_dict = slapparameter_dict.get('alias-dict', {}) -%}
{% do alias_dict.setdefault('postmaster', [slapparameter_dict['postmaster']]) -%}
{% set smtpd_sasl_user = slapparameter_dict['smtpd-sasl-user'] -%}
{% set smtpd_sasl_password = slapparameter_dict['smtpd-sasl-password'] -%}
[smtpd-password]
recipe = slapos.cookbook:generate.password
storage-path =
[{{ section('publish') }}]
recipe = slapos.cookbook:publish.serialised
url = {{ dumps('smtp://' ~ urllib.quote_plus(smtpd_sasl_user) ~ ':' ~ urllib.quote_plus(smtpd_sasl_password) ~ '@' ~ ip ~ ':' ~ tcpv4_port) }}
[directory]
recipe = slapos.cookbook:mkdirectory
etc = ${buildout:directory}/etc
promise = ${:etc}/promise
etc-postfix = ${:etc}/postfix
etc-cyrus = ${:etc}/cyrus
run = ${:etc}/run
bin = ${buildout:directory}/bin
usr = ${buildout:directory}/usr
var = ${buildout:directory}/var
var-lib = ${:var}/lib
var-lib-postfix = ${:var-lib}/postfix
var-spool = ${:var}/spool
var-spool-postfix = ${:var-spool}/postfix
# Not used at buildout level, presence needed by postfix.
var-spool-postfix-active = ${:var-spool-postfix}/active
var-spool-postfix-bounce = ${:var-spool-postfix}/bounce
var-spool-postfix-corrupt = ${:var-spool-postfix}/corrupt
var-spool-postfix-defer = ${:var-spool-postfix}/defer
var-spool-postfix-deferred = ${:var-spool-postfix}/deferred
var-spool-postfix-flush = ${:var-spool-postfix}/flush
var-spool-postfix-hold = ${:var-spool-postfix}/hold
var-spool-postfix-incoming = ${:var-spool-postfix}/incoming
var-spool-postfix-maildrop = ${:var-spool-postfix}/maildrop
var-spool-postfix-pid = ${:var-spool-postfix}/pid
var-spool-postfix-private = ${:var-spool-postfix}/private
var-spool-postfix-public = ${:var-spool-postfix}/public
var-spool-postfix-saved = ${:var-spool-postfix}/saved
var-spool-postfix-trace = ${:var-spool-postfix}/trace
[configuration]
smtp = {{ dumps(tcpv4_port) }}
inet-interfaces = {{ dumps(ip) }}
alias-dict = {{ dumps(alias_dict) }}
relayhost = {{ dumps(relay.get('host')) }}
relay-sasl-credential = {{ dumps(relay.get('sasl-credential')) }}
divert = {{ dumps(divert) }}
cyrus-sasldb = ${directory:etc-cyrus}/postfix.gdbm
[userinfo]
recipe = slapos.cookbook:userinfo
[smtp-sasl-passwd]
recipe = slapos.recipe.template:jinja2
rendered = ${directory:etc-postfix}/sasl_passwd
{% if relay -%}
template = inline:{{ "{{ host }} {{ sasl_credential }}" }}
{%- else -%}
template = inline:
{%- endif %}
context =
key host configuration:relayhost
key sasl_credential configuration:relay-sasl-credential
mode = 600
[{{ section('cyrus-smtpd-conf') }}]
recipe = slapos.recipe.template:jinja2
rendered = ${directory:etc-cyrus}/smtpd.conf
template = inline:
pwcheck_method: auxprop
mech_list: PLAIN LOGIN
sasldb_path: {{ '{{ sasldb }}' }}
context =
key sasldb configuration:cyrus-sasldb
[{{ section('cyrus-smtpd-password') }}]
recipe = plone.recipe.command
stop-on-error = true
command =
rm -f '${configuration:cyrus-sasldb}' &&
echo '{{ smtpd_sasl_password }}' | '${wrapper-postfix-saslpasswd2:wrapper-path}' -pc '{{ smtpd_sasl_user }}'
update-command = ${:command}
[divert]
recipe = slapos.recipe.template:jinja2
rendered = ${directory:etc-postfix}/divert
{% if divert -%}
template = inline:{{ "/.*/ {{ ', '.join(divert) }}" }}
{%- else -%}
template = inline:
{%- endif %}
context =
key divert configuration:divert
[smtpd-ssl]
recipe = plone.recipe.command
stop-on-error = true
openssl = '{{ parameter_dict['openssl'] }}/bin/openssl'
cert = ${directory:etc-postfix}/smtpd.crt
key = ${directory:etc-postfix}/smtpd.pem
dh-512 = ${directory:etc-postfix}/dh512.pem
dh-2048 = ${directory:etc-postfix}/dh2048.pem
command =
${:openssl} dhparam -out '${:dh-512}' 512 &&
${:openssl} dhparam -out '${:dh-2048}' 2048 &&
${:update}
update =
${:openssl} req -newkey rsa -batch -new -x509 -days 3650 -nodes -keyout '${:key}' -out '${:cert}'
[{{ section('postfix-main-cf') }}]
recipe = slapos.recipe.template:jinja2
rendered = ${directory:etc-postfix}/main.cf
template = {{ parameter_dict['template-postfix-main-cf'] }}
context =
key bin_directory directory:bin
key usr_directory directory:usr
key queue_directory directory:var-spool-postfix
key data_directory directory:var-lib-postfix
key spool_directory directory:var-spool
key mail_owner userinfo:pw-name
key setgid_group userinfo:gr-name
key inet_interfaces configuration:inet-interfaces
key relayhost configuration:relayhost
key sasl_passwd typed-paths:smtp-sasl-passwd
key aliases typed-paths:aliases
key divert typed-paths:divert
key cyrus_directory directory:etc-cyrus
key cert smtpd-ssl:cert
key key smtpd-ssl:key
key dh_512 smtpd-ssl:dh-512
key dh_2048 smtpd-ssl:dh-2048
[{{ section('postfix-master-cf') }}]
recipe = slapos.recipe.template:jinja2
rendered = ${directory:etc-postfix}/master.cf
template = {{ parameter_dict['template-postfix-master-cf'] }}
context = key smtp configuration:smtp
[aliases]
recipe = slapos.recipe.template:jinja2
template = {{ parameter_dict['template-postfix-aliases'] }}
rendered = ${directory:etc-postfix}/aliases
context =
key alias_dict configuration:alias-dict
[typed-paths]
# Postfix-friendly rendering of file paths, prefixed with database type.
aliases = hash:${aliases:rendered}
smtp-sasl-passwd = hash:${smtp-sasl-passwd:rendered}
divert = pcre:${divert:rendered}
[{{ section('postalias-db') }}]
recipe = plone.recipe.command
stop-on-error = true
command = '${wrapper-postalias:wrapper-path}' '${typed-paths:aliases}' '${typed-paths:smtp-sasl-passwd}'
update-command = ${:command}
[wrapper-postfix-saslpasswd2]
recipe = slapos.cookbook:wrapper
parameters-extra = true
command-line = '{{ parameter_dict['cyrus-sasl-location'] }}/sbin/saslpasswd2' -f '${configuration:cyrus-sasldb}'
wrapper-path = ${directory:bin}/saslpasswd2
[base-wrapper]
recipe = slapos.cookbook:wrapper
environment =
MAIL_CONFIG=${directory:etc-postfix}
SASL_CONF_PATH=${directory:etc-cyrus}
parameters-extra = true
[base-bin-wrapper]
< = base-wrapper
command-line = ${:path}/${:basename}
wrapper-path = ${directory:bin}/${:basename}
[base-bin-bin-wrapper]
< = base-bin-wrapper
path = {{ parameter_dict['postfix-location'] }}/usr/bin
[base-sbin-bin-wrapper]
< = base-bin-wrapper
path = {{ parameter_dict['postfix-location'] }}/usr/sbin
{% for extend, basename_list in (
(
'base-bin-bin-wrapper',
(
'mailq',
'newaliases',
),
),
(
'base-sbin-bin-wrapper',
(
'postalias',
'postcat',
'postconf',
'postdrop',
'postfix',
'postkick',
'postlock',
'postlog',
'postmap',
'postmulti',
'postqueue',
'postsuper',
'sendmail',
),
),
) %}
{% for basename in basename_list -%}
[{{ section('wrapper-' ~ basename) }}]
< = {{ extend }}
basename = {{ basename }}
{% endfor %}
{% endfor %}
[{{ section('postfix-symlinks-libexec') }}]
recipe = slapos.cookbook:symbolic.link
target-directory = ${directory:usr}
link-binary =
{{ parameter_dict['postfix-location'] }}/usr/libexec
[{{ section('service-postfix-master') }}]
< = base-wrapper
command-line = ${directory:usr}/libexec/postfix/master
wrapper-path = ${directory:run}/postfix-master
[{{ section('postfix-promise') }}]
recipe = slapos.cookbook:check_port_listening
path = ${directory:promise}/postfix
hostname = {{ ip }}
port = {{ tcpv4_port }}
[buildout]
extends = {{ logrotate_cfg }}
parts =
{{ part_list | join('\n ') }}
stack/erp5/instance-tidstorage.cfg.in deleted 100644 → 0
View file @ 47a68bf7
{% if software_type == slap_software_type -%}
{#
Note: all port counters are pre-incremented. No idea why base port is skipped.
-#}
{% set current_zeo_port = zeo_port_base | int -%}
{% set zope_port_base = zope_port_base | int -%}
{% set zope_dummy_list = [] -%}
{% set current_apache_port = apache_port_base | int -%}
{% set current_haproxy_port = haproxy_port_base | int -%}
{% set json = json_module.loads(slapparameter_dict['json']) -%}
{% set backup_periodicity = json.get('backup-periodicity', 'daily') -%}
{% set bin_directory = parameter_dict['buildout-bin-directory'] -%}
{#
XXX: This template only supports exactly one IPv4 and one IPv6 per
partition. No more (undefined result), no less (IndexError).
-#}
{% set ipv4 = (ipv4_set | list)[0] -%}
{% set ipv6 = (ipv6_set | list)[0] -%}
{#
BBB: erp5-ca['state'] has been configured as string by mistake. Keep this for
backward compatibility with existing automatically setup CAs.
-#}
{% set erp5_ca = json.get('erp5-ca', {
'country-code': 'ZZ',
'email': 'nobody@example.com',
'state': "('State',)",
'city': 'City',
'company': 'Company',
}) -%}
{% set site_id = json['site-id'] -%}
{% set part_list = [] -%}
{% set known_tid_storage_identifier_dict = {} -%}
{% set zodb_connection_list = [] -%}
{% macro section(name) %}{% do part_list.append(name) %}{{ name }}{% endmacro -%}
{% macro zope(
name,
thread_amount=1,
timerserver_interval=0,
longrequest_logger_file='',
longrequest_logger_timeout='',
longrequest_logger_interval=''
) -%}
{% set conf_name = name ~ '-conf' -%}
{% set conf_parameter_name = conf_name ~ '-param' -%}
[{{ conf_parameter_name }}]
< = zope-conf-parameter-base
pid-file = ${directory:run}/{{ name }}.pid
lock-file = ${directory:run}/{{ name }}.lock
{% do zope_dummy_list.append(None) -%}
{% set offset = zope_dummy_list | length -%}
port = {{ zope_port_base + offset }}
thread-amount = {{ thread_amount }}
{% if timerserver_interval -%}
timerserver-interval = {{ timerserver_interval }}
{% endif -%}
event-log = ${directory:log}/{{ name }}-event.log
z2-log = ${directory:log}/{{ name }}-Z2.log
[{{ conf_name }}]
< = zope-conf-base
rendered = ${directory:etc}/{{ name }}.conf
extra-context =
section parameter_dict {{ conf_parameter_name }}
[{{ section(name) }}]
< = zope-base
longrequest-logger-file = {{ longrequest_logger_file }}
longrequest-logger-timeout = {{ longrequest_logger_timeout }}
longrequest-logger-interval = {{ longrequest_logger_interval }}
wrapper = ${directory:services}/{{ name }}
configuration-file = {{ '${' ~ conf_name ~ ':rendered}' }}
port = {{ '${' ~ conf_parameter_name ~ ':port}' }}
[{{ section('logrotate-entry-' ~ name) }}]
< = logrotate-base
recipe = slapos.cookbook:logrotate.d
name = {{ name }}
log = {{ '${' ~ conf_parameter_name ~ ':event-log}' }} {{ '${' ~ conf_parameter_name ~ ':z2-log}' }}
post = {{ bin_directory }}/killpidfromfile {{ '${' ~ conf_parameter_name ~ ':pid-file}' }} SIGUSR2
{% endmacro -%}
#############################
# Directory creation
#############################
[directory]
recipe = slapos.cookbook:mkdirectory
apache-conf = ${:etc}/apache
backup = ${:srv}/backup
bin = ${buildout:directory}/bin
ca-dir = ${:srv}/ssl
cron-entries = ${:etc}/cron.d
cronstamps = ${:etc}/cronstamps
crontabs = ${:etc}/crontabs
erp5-ca-dir = ${:srv}/erp5-ssl
etc = ${buildout:directory}/etc
instance = ${:srv}/erp5shared
instance-constraint = ${:instance}/Constraint
instance-document = ${:instance}/Document
instance-etc = ${:instance}/etc
instance-etc-package-include = ${:instance}/etc/package-include
instance-extensions = ${:instance}/Extensions
instance-import = ${:instance}/import
instance-lib = ${:instance}/lib
instance-products = ${:instance}/Products
instance-propertysheet = ${:instance}/PropertySheet
instance-tests = ${:instance}/tests
log = ${:var}/log
logrotate-backup = ${:backup}/logrotate
logrotate-entries = ${:etc}/logrotate.d
promise = ${:etc}/promise
run = ${:var}/run
services = ${:etc}/run
srv = ${buildout:directory}/srv
tidstorage = ${:srv}/tidstorage
tmp = ${buildout:directory}/tmp
var = ${buildout:directory}/var
zodb = ${:srv}/zodb
zodb-backup = ${:backup}/zodb
zodb-recovery-test = ${:srv}/zodbrecoverytest
#############################
# Binary symlinking
#############################
[binary-link]
recipe = slapos.cookbook:symbolic.link
target-directory = ${directory:bin}
link-binary =
{{ parameter_dict['coreutils'] }}/bin/basename
{{ parameter_dict['coreutils'] }}/bin/cat
{{ parameter_dict['coreutils'] }}/bin/cp
{{ parameter_dict['coreutils'] }}/bin/ls
{{ parameter_dict['coreutils'] }}/bin/tr
{{ parameter_dict['coreutils'] }}/bin/uname
{{ parameter_dict['git'] }}/bin/git
{{ parameter_dict['graphviz'] }}/bin/dot
{{ parameter_dict['grep'] }}/bin/grep
{{ parameter_dict['imagemagick'] }}/bin/convert
{{ parameter_dict['imagemagick'] }}/bin/identify
{{ parameter_dict['mariadb'] }}/bin/mysql
{{ parameter_dict['mariadb'] }}/bin/mysqldump
{{ parameter_dict['sed'] }}/bin/sed
{{ parameter_dict['tesseract'] }}/bin/tesseract
{{ parameter_dict['w3m'] }}/bin/w3m
{{ parameter_dict['openssl'] }}/bin/openssl
{{ parameter_dict['poppler'] }}/bin/pdfinfo
{{ parameter_dict['poppler'] }}/bin/pdfseparate
{{ parameter_dict['poppler'] }}/bin/pdftotext
{{ parameter_dict['poppler'] }}/bin/pdftohtml
{{ parameter_dict['poppler'] }}/bin/pdfunite
{{ parameter_dict['dmtx-utils'] }}/bin/dmtxwrite
#############################
# Resiliency
#############################
# Used for ERP5 resiliency or (more probably)
# webrunner resiliency with erp5 inside.
[resiliency-exclude-file]
# Generate rdiff exclude file in case of resiliency
recipe = collective.recipe.template
input = inline: srv/zodb/**
output = ${directory:srv}/exporter.exclude
[resiliency-after-import-script]
# Generate after import script used by importer instance of webrunner
recipe = collective.recipe.template
input = inline: #!/bin/sh
# DO NOT RUN THIS SCRIPT ON PRODUCTION INSTANCE
# OR ZODB DATA WILL BE ERASED.
# This script will restore the repozo backup to the real
# zodb location. It is launched by the clone (importer) instance of webrunner
# in the end of the import script.
# Depending on the output, it will create a file containing
# the status of the restoration (success or failure).
zodb_directory="${directory:zodb}"
zodb_backup_directory="${directory:zodb-backup}"
repozo="${tidstorage:repozo-binary}"
EXIT_CODE=0
{% for zeo_id, zeo_configuration_list in json['zeo'].iteritems() -%}
{% for zeo_slave in zeo_configuration_list -%}
storage_name="{{ zeo_slave['storage-name'] }}"
zodb_path="$storage_name.fs"
pid_file=${zeo-instance-{{ zeo_id }}:pid-path}
if [ -e "$pid_file" ]; then
pid=$(cat $pid_file) > /dev/null 2>&1
if kill -0 "$pid"; then
echo "Zeo is already running with pid $pid. Aborting."
exit 1
fi
fi
echo "Removing $zodb_path..."
echo "Restoring $storage_name into $zodb_path..."
$repozo --recover --output="$zodb_directory/$zodb_path" --repository="$zodb_backup_directory/$storage_name"
CURRENT_EXIT_CODE=$?
if [ ! "$CURRENT_EXIT_CODE"="0" ]; then
EXIT_CODE="$CURRENT_EXIT_CODE"
echo "$storage_name Backup restoration failed."
fi
{% endfor -%}
{% endfor -%}
exit $EXIT_CODE
output = ${directory:srv}/runner-import-restore
mode = 755
#############################
# CA
#############################
[cadirectory]
recipe = slapos.cookbook:mkdirectory
requests = ${directory:ca-dir}/requests
private = ${directory:ca-dir}/private
certs = ${directory:ca-dir}/certs
newcerts = ${directory:ca-dir}/newcerts
crl = ${directory:ca-dir}/crl
[certificate-authority]
recipe = slapos.cookbook:certificate_authority
openssl-binary = {{ parameter_dict['openssl'] }}/bin/openssl
ca-dir = ${directory:ca-dir}
requests-directory = ${cadirectory:requests}
wrapper = ${directory:services}/ca
ca-private = ${cadirectory:private}
ca-certs = ${cadirectory:certs}
ca-newcerts = ${cadirectory:newcerts}
ca-crl = ${cadirectory:crl}
#############################
# ERP5 CA
#############################
[erp5-cadirectory]
recipe = slapos.cookbook:mkdirectory
requests = ${directory:erp5-ca-dir}/requests
private = ${directory:erp5-ca-dir}/private
certs = ${directory:erp5-ca-dir}/certs
newcerts = ${directory:erp5-ca-dir}/newcerts
crl = ${directory:erp5-ca-dir}/crl
[erp5-certificate-authority]
recipe = slapos.cookbook:certificate_authority
openssl-binary = {{ parameter_dict['openssl'] }}/bin/openssl
ca-dir = ${directory:erp5-ca-dir}
requests-directory = ${erp5-cadirectory:requests}
wrapper = ${directory:services}/erp5-ca
ca-private = ${erp5-cadirectory:private}
ca-certs = ${erp5-cadirectory:certs}
ca-newcerts = ${erp5-cadirectory:newcerts}
ca-crl = ${erp5-cadirectory:crl}
country-code = {{ erp5_ca['country-code'] }}
email = {{ erp5_ca['email'] }}
state = {{ erp5_ca['state'] }}
city = {{ erp5_ca['city'] }}
company = {{ erp5_ca['company'] }}
#############################
# CRON
#############################
[cron-base]
cron-entries = ${directory:cron-entries}
[cron]
< = cron-base
recipe = slapos.cookbook:cron
dcrond-binary = {{ parameter_dict['dcron'] }}/sbin/crond
crontabs = ${directory:crontabs}
cronstamps = ${directory:cronstamps}
catcher = ${cron-simplelogger:wrapper}
binary = ${directory:services}/crond
[cron-simplelogger]
recipe = slapos.cookbook:simplelogger
wrapper = ${directory:bin}/cron_simplelogger
log = ${directory:log}/cron.log
#############################
# Logrotate
#############################
[logrotate-base]
logrotate-entries = ${directory:logrotate-entries}
backup = ${directory:logrotate-backup}
[logrotate]
< = logrotate-base
recipe = slapos.cookbook:logrotate
# Binaries
logrotate-binary = {{ parameter_dict['logrotate'] }}/usr/sbin/logrotate
gzip-binary = {{ parameter_dict['gzip'] }}/bin/gzip
gunzip-binary = {{ parameter_dict['gzip'] }}/bin/gunzip
# Directories
wrapper = ${directory:bin}/logrotate
conf = ${directory:etc}/logrotate.conf
state-file = ${directory:srv}/logrotate.status
[cron-entry-logrotate]
< = cron-base
recipe = slapos.cookbook:cron.d
name = logrotate
frequency = 0 0 * * *
command = ${logrotate:wrapper}
#############################
# ERP5 bootstrap
#############################
[erp5-bootstrap]
recipe = slapos.cookbook:erp5.bootstrap
runner-path = ${directory:services}/erp5-bootstrap
mysql-url = {{ slapparameter_dict['mysql-url'] }}
zope-url = http://${zope-admin:user}:${zope-admin:password}@${zope-admin:ip}:${zope-admin:port}/{{ site_id }}
#############################
# ERP5 promise
#############################
[erp5-promise]
recipe = slapos.cookbook:erp5.promise
promise-path = ${directory:etc}/erp5promise.cfg
kumofs-url = {{ slapparameter_dict['kumofs-url'] }}
memcached-url = {{ slapparameter_dict['memcached-url'] }}
cloudooo-url = {{ slapparameter_dict['cloudooo-url'] }}
smtp-url = ${slap-parameter:smtp-url}
bt5 = ${slap-parameter:bt5}
bt5-repository-url = ${slap-parameter:bt5-repository-url}
#############################
# ZEO
#############################
[zeo-instance-entry-common]
recipe = slapos.cookbook:zeo
ip = {{ ipv4 }}
binary-path = {{ bin_directory }}/runzeo
{% for zeo_id, zeo_configuration_list in json['zeo'].iteritems() -%}
{% set current_zeo_port = current_zeo_port + 1 -%}
{% set storage_list = [] -%}
{% for zeo_slave in zeo_configuration_list -%}
{% do zodb_connection_list.append((
zeo_slave['storage-name'],
zeo_slave['mount-point'] % {'site-id': site_id},
zeo_slave['zope-cache-size'],
'zeoclient',
{
'cache-size': zeo_slave['zeo-cache-size'],
'server': ipv4 ~ ':' ~ current_zeo_port,
'storage': zeo_slave['storage-name'],
'name': zeo_slave['storage-name'],
},
)) -%}
{% set zodb_path = '${directory:zodb}/' ~ zeo_slave['storage-name'] ~ '.fs' -%}
{% do storage_list.append('storage-name=%(storage-name)s zodb-path=%(zodb-path)s' % {'zodb-path': zodb_path, 'storage-name': zeo_slave['storage-name']}) -%}
{% do known_tid_storage_identifier_dict.__setitem__("((('${zeo-instance-%(zeo_id)s:ip}', ${zeo-instance-%(zeo_id)s:port}),), '%(storage_name)s')" % {
'zeo_id': zeo_id,
'storage_name': zeo_slave['storage-name']
}, (zodb_path, '${directory:zodb-backup}/%s/' % zeo_slave['storage-name'], zeo_slave['serialize-path'] % {'site-id': site_id})) -%}
{% endfor -%}
[{{ section('zeo-instance-%s' % zeo_id) }}]
< = zeo-instance-entry-common
log-path = ${directory:log}/zeo-{{ zeo_id }}.log
pid-path = ${directory:run}/zeo-{{ zeo_id }}.pid
conf-path = ${directory:etc}/zeo-{{ zeo_id }}.conf
port = {{ current_zeo_port }}
storage =
{{ storage_list | join('\n ') }}
wrapper-path = ${directory:services}/zeo-{{ zeo_id }}
[{{ section('logrotate-entry-zeo-%s' % zeo_id) }}]
< = logrotate-base
recipe = slapos.cookbook:logrotate.d
name = zeo-{{ zeo_id }}
log = ${zeo-instance-{{ zeo_id }}:log-path}
post = {{ bin_directory }}/killpidfromfile ${zeo-instance-{{ zeo_id }}:pid-path} SIGUSR2
{% endfor -%}
#############################
# Zope
#############################
[zope-base]
recipe = slapos.cookbook:generic.zope.zeo.client
user = zope
ip = {{ ipv4 }}
timezone = {{ json['timezone'] }}
tidstorage-ip = ${tidstorage:ip}
tidstorage-port = ${tidstorage:port}
instance-etc = ${directory:instance-etc}
bt5-repository = ${directory:var}/bt5_repository
tmp-path = ${directory:tmp}
bin-path = ${directory:bin}
site-zcml = ${:instance-etc}/site.zcml
inituser = ${directory:instance}/inituser
runzope-binary = {{ bin_directory }}/runzope
bt5-repository-list =
[deadlock-debugger-password]
recipe = slapos.cookbook:generate.password
[zope-conf-parameter-base]
ip = {{ ipv4 }}
site-id = {{ site_id }}
zodb-list = {{ dumps(zodb_connection_list) }}
[zope-conf-base]
recipe = slapos.recipe.template:jinja2
template = {{ parameter_dict['zope-conf-template'] }}
extra-context =
context =
key instance directory:instance
key instance_products directory:instance-products
raw deadlock_path /manage_debug_threads
key deadlock_debugger_password deadlock-debugger-password:passwd
key tidstorage_ip tidstorage:ip
key tidstorage_port tidstorage:port
key promise_path erp5-promise:promise-path
${:extra-context}
# Distribution node
{{ zope('zope-distribution', timerserver_interval=1) }}
# Admin node
{{ zope('zope-admin') }}
# Activity nodes
{% for q in range(1, json['activity']['zopecount'] + 1) -%}
{{ zope('zope-activity-%s' % q, timerserver_interval=1) }}
{%- endfor %}
# Other zopes, apaches and haproxies
{% set publish_url_list = [] -%}
{% for backend_name, backend_configuration in json['backend'].iteritems() -%}
{% set haproxy_backend_list = [] -%}
{% set longrequest_logger = backend_configuration.get('longrequest-logger') -%}
{% for q in range(1, backend_configuration['zopecount'] + 1) -%}
{% set part_name = 'zope-%s-%s' % (backend_name, q) -%}
{% if longrequest_logger != None -%}
{% set longrequest_logger_file = '${directory:log}/%s-longrequest.log' % (part_name, ) -%}
{% set longrequest_logger_timeout = longrequest_logger.get('timeout', '4') -%}
{% set longrequest_logger_interval = longrequest_logger.get('interval', '2') -%}
{% else -%}
{% set longrequest_logger_file = '' -%}
{% set longrequest_logger_timeout = '' -%}
{% set longrequest_logger_interval = '' -%}
{% endif -%}
{{ zope(
part_name,
thread_amount=backend_configuration['thread-amount'],
longrequest_logger_file=longrequest_logger_file,
longrequest_logger_timeout=longrequest_logger_timeout,
longrequest_logger_interval=longrequest_logger_interval,
) }}
{% do haproxy_backend_list.append('${%(part_name)s:ip}:${%(part_name)s:port}' % {'part_name': part_name}) -%}
{% endfor -%}
{% set scheme = backend_configuration.get('scheme', ['https']) -%}
{% set current_apache_port = current_apache_port + 2 -%}
{% set current_haproxy_port = current_haproxy_port + 1 -%}
{% if 'http' in scheme -%}
{% set section_name = 'apache-public-' ~ backend_name -%}
{% do publish_url_list.append(
'url-public-%(backend_name)s = http://[${%(section_name)s:ip}]:${%(section_name)s:port}' % {
'backend_name': backend_name,
'section_name': section_name,
}) -%}
[{{ section(section_name) }}]
recipe = slapos.cookbook:apache.zope.backend
backend = http://${haproxy-{{ backend_name }}:ip}:${haproxy-{{ backend_name }}:port}
ip = {{ ipv6 }}
port = {{ current_apache_port }}
scheme = http
wrapper = ${directory:services}/apache-public-{{ backend_name }}
configuration-file = ${directory:apache-conf}/apache-public-{{ backend_name }}.conf
access-control-string = {{ backend_configuration['access-control-string'] }}
pid-file = ${directory:run}/apache-public-{{ backend_name }}.pid
lock-file = ${directory:run}/apache-public-{{ backend_name }}.lock
error-log = ${directory:log}/apache-public-{{ backend_name }}-error.log
access-log = ${directory:log}/apache-public-{{ backend_name }}-access.log
apache-binary = {{ parameter_dict['apache'] }}/bin/httpd
[{{ section('logrotate-entry-apache-public-' ~ backend_name) }}]
< = logrotate-base
recipe = slapos.cookbook:logrotate.d
name = apache-public-{{ backend_name }}
log = ${apache-public-{{ backend_name }}:error-log} ${apache-public-{{ backend_name }}:access-log}
post = {{ bin_directory }}/killpidfromfile ${apache-public-{{ backend_name }}:pid-file} SIGUSR1
{% endif -%}
{% if 'https' in scheme -%}
{% set section_name = 'apache-' ~ backend_name -%}
{% do publish_url_list.append(
'url-%(backend_name)s = https://[${%(section_name)s:ip}]:${%(section_name)s:port}' % {
'backend_name': backend_name,
'section_name': section_name,
}) -%}
[{{ section(section_name) }}]
recipe = slapos.cookbook:apache.zope.backend
backend = http://${haproxy-{{ backend_name }}:ip}:${haproxy-{{ backend_name }}:port}
ip = {{ ipv6 }}
port = {{ current_apache_port - 1 }}
wrapper = ${directory:bin}/apache-{{ backend_name }}
scheme = https
key-file = ${directory:apache-conf}/apache-{{ backend_name }}.key
cert-file = ${directory:apache-conf}/apache-{{ backend_name }}.crt
configuration-file = ${directory:apache-conf}/apache-{{ backend_name }}.conf
access-control-string = {{ backend_configuration['access-control-string'] }}
pid-file = ${directory:run}/apache-{{ backend_name }}.pid
lock-file = ${directory:run}/apache-{{ backend_name }}.lock
ssl-session-cache = $${directory:log}/apache-ssl-session-cache
error-log = ${directory:log}/apache-{{ backend_name }}-error.log
access-log = ${directory:log}/apache-{{ backend_name }}-access.log
apache-binary = {{ parameter_dict['apache'] }}/bin/httpd
ssl-authentication = {{ backend_configuration.get('ssl-authentication', False) }}
backend-path = {{ backend_configuration.get('backend-path', '/') % {'site-id': site_id} }}
# Note: Without erp5-certificate-authority main certificate have to be hardcoded
ssl-authentication-certificate = ${erp5-certificate-authority:ca-dir}/cacert.pem
ssl-authentication-crl = ${erp5-certificate-authority:ca-crl}
[{{ section('ca-apache-' ~ backend_name) }}]
< = certificate-authority
recipe = slapos.cookbook:certificate_authority.request
key-file = ${apache-{{ backend_name }}:key-file}
cert-file = ${apache-{{ backend_name }}:cert-file}
executable = ${apache-{{ backend_name }}:wrapper}
wrapper = ${directory:services}/apache-{{ backend_name }}
[{{ section('logrotate-entry-apache-' ~ backend_name) }}]
< = logrotate-base
recipe = slapos.cookbook:logrotate.d
name = apache-{{ backend_name }}
log = ${apache-{{ backend_name }}:error-log} ${apache-{{ backend_name }}:access-log}
post = {{ bin_directory }}/killpidfromfile ${apache-{{ backend_name }}:pid-file} SIGUSR1
[{{ section('haproxy-' ~ backend_name) }}]
recipe = slapos.cookbook:haproxy
name = {{ backend_name }}
conf-path = ${directory:etc}/haproxy-{{ backend_name }}.cfg
socket-path = ${directory:run}/haproxy-{{ backend_name }}.sock
ip = {{ ipv4 }}
port = {{ current_haproxy_port }}
maxconn = {{ backend_configuration['maxconn'] }}
server-check-path = /{{ site_id }}/getId
wrapper-path = ${directory:services}/haproxy-{{ backend_name }}
binary-path = {{ parameter_dict['haproxy'] }}/sbin/haproxy
ctl-path = ${directory:bin}/haproxy-{{ backend_name }}-ctl
backend-list = {{ haproxy_backend_list | join(' ')}}
{%- endif %}
{% endfor -%}
[{{ section('publish-apache-backend-list') }}]
recipe = slapos.cookbook:publish
{{ publish_url_list | join('\n') }}
#############################
# tidstorage
#############################
[tidstorage]
recipe = slapos.cookbook:tidstorage
known-tid-storage-identifier-dict = {{ known_tid_storage_identifier_dict }}
configuration-path = ${directory:etc}/tidstorage.py
ip = {{ ipv4 }}
port = 6001
timestamp-file-path = ${directory:tidstorage}/repozo_tidstorage_timestamp.log
logfile-name = ${directory:log}/tidstorage.log
pidfile-name = ${directory:run}/tidstorage.pid
status-file = ${directory:tidstorage}/tidstorage.tid
tidstorage-repozo-binary = {{ bin_directory }}/tidstorage_repozo
tidstoraged-binary = {{ bin_directory }}/tidstoraged
repozo-binary = {{ bin_directory }}/repozo
tidstorage-wrapper = ${directory:services}/tidstoraged
repozo-wrapper = ${buildout:bin-directory}/tidstorage-repozo
[cron-entry-tidstorage-backup]
< = cron-base
recipe = slapos.cookbook:cron.d
name = tidstorage
frequency = {{ backup_periodicity }}
command = ${tidstorage:repozo-wrapper}
[logrotate-entry-tidstorage]
< = logrotate-base
recipe = slapos.cookbook:logrotate.d
name = tidstorage
log = ${tidstorage:logfile-name}
post = {{ bin_directory }}/killpidfromfile ${tidstorage:pidfile-name} SIGHUP
#############################
# buildout main section
#############################
[buildout]
parts =
logrotate
cron
cron-entry-logrotate
certificate-authority
erp5-certificate-authority
resiliency-exclude-file
resiliency-after-import-script
tidstorage
cron-entry-tidstorage-backup
logrotate-entry-tidstorage
binary-link
erp5-promise
erp5-bootstrap
{{ part_list | join('\n ') }}
eggs-directory = {{ eggs_directory }}
develop-eggs-directory = {{ develop_eggs_directory }}
offline = true
{%- endif %}
stack/erp5/instance-varnish.cfg.in deleted 100644 → 0
View file @ 47a68bf7
{% if software_type == slap_software_type -%}
{% set web_checker_parameter = slapparameter_dict['web-checker-mail-address'] -%}
[buildout]
parts =
publish-varnish-connection-information
varnish-instance
cron
cron-entry-logrotate
resiliency-exclude-file
{# When web_checker related parameter is given, web_checker will be enabled.#}
{% if web_checker_parameter is defined %}
web-checker
cron-entry-web-checker
logrotate-entry-web-checker
{% endif %}
eggs-directory = {{ eggs_directory }}
develop-eggs-directory = {{ develop_eggs_directory }}
offline = true
[publish-varnish-connection-information]
recipe = slapos.cookbook:publishurl
url = http://${varnish-instance:ip}:${varnish-instance:server-port}/
[varnish-instance]
recipe = slapos.cookbook:generic.varnish
# Network options
ip = ${slap-network-information:local-ipv4}
server-port = 6001
manager-port = 6002
stunnel-port = 6003
# Paths: Running wrappers
varnishd-wrapper = ${basedirectory:services}/varnishd
varnishlog-wrapper = ${rootdirectory:bin}/varnishlog
stunnel-wrapper = ${basedirectory:services}/stunnel
# Binary information
varnishd-binary = {{ parameter_dict['varnish'] }}/sbin/varnishd
varnishlog-binary = {{ parameter_dict['varnish'] }}/bin/varnishlog
shell-path = {{ parameter_dict['dash'] }}/bin/dash
stunnel-binary = {{ parameter_dict['stunnel'] }}/bin/stunnel
# Configuration by VCL
vcl-file = ${rootdirectory:etc}/default.vcl
pid-file = ${basedirectory:run}/varnishd.pid
stunnel-conf-file = ${rootdirectory:etc}/stunnel.conf
stunnel-pid-file = ${basedirectory:run}/stunnel.pid
varnish-data = ${directory:varnish-data}
# this will pass at -n option
varnish-instance-name = ${directory:varnish-instance}
web-checker = {{ parameter_dict['buildout-bin-directory'] }}/web_checker_utility
[cron-entry-web-checker]
<= cron
recipe = slapos.cookbook:cron.d
name = web-checker
frequency = 0 0 * * *
command = ${varnish-instance:web-checker} ${web-checker:web-checker-config}
[web-checker]
recipe = slapos.cookbook:webchecker
web-checker-config = ${rootdirectory:etc}/web_checker.cfg
web-checker-working-directory = ${directory:web-checker}
frontend-url = ${varnish-instance:ip}:${varnish-instance:server-port}
wget-binary-path = {{ parameter_dict['wget'] }}/bin/wget
varnishlog-binary-path = ${varnish-instance:varnishlog-wrapper}
web-checker-log = ${basedirectory:log}/web-checker.log
[cron]
recipe = slapos.cookbook:cron
dcrond-binary = {{ parameter_dict['dcron'] }}/sbin/crond
cron-entries = ${directory:cron-entries}
crontabs = ${directory:crontabs}
cronstamps = ${directory:cronstamps}
binary = ${basedirectory:services}/crond
catcher = ${cron-simplelogger:wrapper}
[cron-simplelogger]
recipe = slapos.cookbook:simplelogger
wrapper = ${rootdirectory:bin}/cron_simplelogger
log = ${basedirectory:log}/cron.log
[cron-entry-logrotate]
<= cron
recipe = slapos.cookbook:cron.d
name = logrotate
frequency = 0 0 * * *
command = ${logrotate:wrapper}
[logrotate]
recipe = slapos.cookbook:logrotate
# Binaries
logrotate-binary = {{ parameter_dict['logrotate'] }}/usr/sbin/logrotate
gzip-binary = {{ parameter_dict['gzip'] }}/bin/gzip
gunzip-binary = {{ parameter_dict['gzip'] }}/bin/gunzip
# Directories
wrapper = ${rootdirectory:bin}/logrotate
conf = ${rootdirectory:etc}/logrotate.conf
logrotate-entries = ${directory:logrotate-entries}
backup = ${directory:logrotate-backup}
state-file = ${rootdirectory:srv}/logrotate.status
[logrotate-entry-web-checker]
<= logrotate
recipe = slapos.cookbook:logrotate.d
name = web-checker
log = ${web-checker:web-checker-log}
frequency = daily
rotate-num = 30
sharedscripts = true
notifempty = true
create = true
[resiliency-exclude-file]
# Generate rdiff exclude file in case of resiliency
recipe = collective.recipe.template
input = inline: **
output = ${rootdirectory:srv}/exporter.exclude
[basedirectory]
recipe = slapos.cookbook:mkdirectory
services = ${rootdirectory:etc}/run
run = ${rootdirectory:var}/run
backup = ${rootdirectory:srv}/backup
log = ${rootdirectory:var}/log
backup = ${rootdirectory:srv}/backup
[directory]
recipe = slapos.cookbook:mkdirectory
varnish-data = ${rootdirectory:srv}/varnish
varnish-instance = ${directory:varnish-data}/instance
cron-entries = ${rootdirectory:etc}/cron.d
crontabs = ${rootdirectory:etc}/crontabs
cronstamps = ${rootdirectory:etc}/cronstamps
logrotate-backup = ${basedirectory:backup}/logrotate
logrotate-entries = ${rootdirectory:etc}/logrotate.d
web-checker = ${rootdirectory:srv}/web-checker
[rootdirectory]
recipe = slapos.cookbook:mkdirectory
etc = ${buildout:directory}/etc
var = ${buildout:directory}/var
srv = ${buildout:directory}/srv
bin = ${buildout:directory}/bin
{% endif %}
stack/erp5/instance-zeo.cfg.in 0 → 100644
View file @ 94026302
{% set next_port = slapparameter_dict['tcpv4-port'] -%}
{% set ipv4 = (ipv4_set | list)[0] -%}
{% set backup_periodicity = slapparameter_dict.get('backup-periodicity', 'daily') -%}
{% set part_list = [] -%}
{% macro section(name) %}{% do part_list.append(name) %}{{ name }}{% endmacro -%}
{% set storage_dict = {} -%}
{% set default_zodb_path = buildout_directory ~ '/srv/zodb' -%}
{% set default_backup_path = buildout_directory ~ '/srv/backup/zodb' -%}
{% set bin_directory = parameter_dict['buildout-bin-directory'] -%}
[logrotate-base]
recipe = slapos.cookbook:logrotate.d
logrotate-entries = ${logrotate:logrotate-entries}
backup = ${logrotate:backup}
[zeo-base]
recipe = slapos.cookbook:zeo
log-path = ${directory:log}/${:base-name}.log
pid-path = ${directory:run}/${:base-name}.pid
conf-path = ${directory:etc}/${:base-name}.conf
wrapper-path = ${directory:services}/${:base-name}
binary-path = {{ bin_directory }}/runzeo
ip = {{ ipv4 }}
{% set known_tid_storage_identifier_dict = {} -%}
{% set zodb_dict = {} -%}
{% for name, zodb in slapparameter_dict['zodb-dict'].iteritems() -%}
{% do zodb_dict.setdefault(zodb.get('family', 'default').lower(), []).append((name, zodb)) -%}
{% endfor -%}
{% set tidstorage_port = next_port + len(zodb_dict) -%}
{% for family, zodb in zodb_dict.iteritems() -%}
{% set storage_list = [] -%}
{% set known_tid_storage_identifier_host = (ipv4, next_port), -%}
{% for name, zodb in zodb -%}
{% do storage_dict.__setitem__(name, {'server': ipv4 ~ ':' ~ next_port, 'storage': name}) %}
{% set path = zodb.get('path', '%(zodb)s/%(name)s.fs') % {'zodb': default_zodb_path, 'name': name} -%}
{% do storage_list.append((name, path)) -%}
{% set backup_directory = zodb.get('backup', '%(backup)s/%(name)s') % {'backup': default_backup_path, 'name': name} -%}
{# BBB: No mount-point specified because they're meaningless for ZEO and
TIDStorage. Pass '' for compatibility, and not None
because this would disable TIDStorage bootstrapping. -#}
{% do known_tid_storage_identifier_dict.__setitem__(json_module.dumps(
(known_tid_storage_identifier_host, name)),
(path, backup_directory, '')) -%}
{% endfor -%}
{% set zeo_section_name = 'zeo-' ~ family %}
[{{ zeo_section_name }}]
< = zeo-base
base-name = zeo-{{ family }}
port = {{ next_port }}
storage = {{ dumps(storage_list) }}
[{{ section("logrotate-" ~ zeo_section_name) }}]
< = logrotate-base
name = {{ "${" ~ zeo_section_name ~ ":base-name}" }}
log = {{ "${" ~ zeo_section_name ~ ":log-path}" }}
post = {{ bin_directory }}/slapos-kill --pidfile {{ "${" ~ zeo_section_name ~ ":pid-path}" }} -s USR2
[{{ section(zeo_section_name ~ "-promise") }}]
recipe = slapos.cookbook:check_port_listening
hostname = {{ "${" ~ zeo_section_name ~ ":ip}" }}
port = {{ "${" ~ zeo_section_name ~ ":port}" }}
path = ${directory:promises}/zeo-{{ family }}
{% set next_port = next_port + 1 -%}
{% endfor -%}
{% if backup_periodicity == 'never' -%}
{% set known_tid_storage_identifier_dict = () %}
{% set tidstorage_repozo_path = '' -%}
{% else -%}
[tidstorage]
recipe = slapos.cookbook:tidstorage
known-tid-storage-identifier-dict = {{ dumps(known_tid_storage_identifier_dict) }}
configuration-path = ${directory:etc}/tidstorage.py
ip = {{ ipv4 }}
port = {{ tidstorage_port }}
{% set tidstorage_repozo_path = slapparameter_dict.get('tidstorage-repozo-path', buildout_directory ~ '/srv/backup/tidstorage') -%}
timestamp-file-path = {{ tidstorage_repozo_path ~ '/repozo_tidstorage_timestamp.log' }}
{# BBB: recipe requires logfile-name for nothing because tidstorage runs in foreground mode -#}
logfile-name =
pidfile-name = ${directory:run}/tidstorage.pid
{# TODO: Add support for backup status file, so that the status file can be close to the ZODB (rather than close to the backup files). And do it efficiently, to not copy the whole status file every time. -#}
status-file = {{ tidstorage_repozo_path ~ '/tidstorage.tid' }}
tidstorage-repozo-binary = {{ bin_directory }}/tidstorage_repozo
tidstoraged-binary = {{ bin_directory }}/tidstoraged
repozo-binary = {{ bin_directory }}/repozo
repozo-wrapper = ${buildout:bin-directory}/tidstorage-repozo
{% if len(known_tid_storage_identifier_dict) > 1 -%}
tidstorage-wrapper = ${directory:services}/tidstoraged
[{{ section("promise-tidstorage") }}]
recipe = slapos.cookbook:check_port_listening
hostname = ${tidstorage:ip}
port = ${tidstorage:port}
path = ${directory:promises}/tidstorage
{% endif -%}
[{{ section("cron-entry-tidstorage-backup") }}]
# TODO:
# - configurable full/incremental
# - configurable retention
recipe = slapos.cookbook:cron.d
cron-entries = ${cron:cron-entries}
name = tidstorage
time = {{ dumps(backup_periodicity) }}
command = ${tidstorage:repozo-wrapper}
{% endif -%}
[publish]
recipe = slapos.cookbook:publish.serialised
storage-dict = {{ dumps(storage_dict) }}
{% if len(known_tid_storage_identifier_dict) > 1 -%}
tidstorage-ip = ${tidstorage:ip}
tidstorage-port = ${tidstorage:port}
{% else -%}
tidstorage-ip =
tidstorage-port =
{% endif -%}
# Used for ERP5 resiliency or (more probably)
# webrunner resiliency with erp5 inside.
[{{ section("resiliency-exclude-file") }}]
# Generate rdiff exclude file
recipe = collective.recipe.template
input = inline: {{ default_zodb_path }}/**
output = ${directory:srv}/exporter.exclude
[{{ section("resiliency-after-import-script") }}]
# Generate after import script used by importer instance of webrunner
recipe = collective.recipe.template
input = inline: #!/bin/sh
# DO NOT RUN THIS SCRIPT ON PRODUCTION INSTANCE
# OR ZODB DATA WILL BE ERASED.
# This script will restore the repozo backup to the real
# zodb location. It is launched by the clone (importer) instance of webrunner
# in the end of the import script.
# Depending on the output, it will create a file containing
# the status of the restoration (success or failure).
zodb_directory="${directory:zodb}"
zodb_backup_directory="{{ default_backup_path }}"
repozo="${tidstorage:repozo-binary}"
EXIT_CODE=0
{% for family, zodb in zodb_dict.iteritems() -%}
{% for name, zodb in zodb -%}
{% set zeo_section_name = 'zeo-' ~ family %}
storage_name="{{ name }}"
zodb_path="$storage_name.fs"
pid_file={{ "${" ~ zeo_section_name ~ ":pid-path}" }}
if [ -e "$pid_file" ]; then
pid=$(cat $pid_file) > /dev/null 2>&1
if kill -0 "$pid"; then
echo "Zeo is already running with pid $pid. Aborting."
exit 1
fi
fi
echo "Removing $zodb_path..."
echo "Restoring $storage_name into $zodb_path..."
$repozo --recover --output="$zodb_directory/$zodb_path" --repository="$zodb_backup_directory/$storage_name"
CURRENT_EXIT_CODE=$?
if [ ! "$CURRENT_EXIT_CODE"="0" ]; then
EXIT_CODE="$CURRENT_EXIT_CODE"
echo "$storage_name Backup restoration failed."
fi
{% endfor -%}
{% endfor -%}
exit $EXIT_CODE
output = ${directory:srv}/runner-import-restore
mode = 755
[directory]
recipe = slapos.cookbook:mkdirectory
bin = ${buildout:directory}/bin
etc = ${buildout:directory}/etc
services = ${:etc}/run
promises = ${:etc}/promise
srv = ${buildout:directory}/srv
var = ${buildout:directory}/var
log = ${:var}/log
run = ${:var}/run
backup-zodb = {{ default_backup_path }}
zodb = {{ default_zodb_path }}
tidstorage = {{ tidstorage_repozo_path }}
{% set next_port = next_port + 1 -%}
[monitor-instance-parameter]
monitor-httpd-ipv6 = {{ (ipv6_set | list)[0] }}
monitor-httpd-port = {{ next_port }}
monitor-title = ZODB monitor
[buildout]
extends =
{{ logrotate_cfg }}
{{ parameter_dict['template-monitor'] }}
parts +=
{{ part_list | join('\n ') }}
publish
stack/erp5/instance-zope.cfg.in
View file @ 94026302
[buildout]
parts =
certificate-authority
publish-apache-zope-backend-connection-string
zope-instance
apache-zope-backend-instance
ca-apache-zope-backend
logrotate
erp5-certificate-authority
logrotate-entry-zope
cron
cron-entry-logrotate
binary-link
bt5-erp5-link
promise-zope
promise-apache-zope-backend
eggs-directory = {{ eggs_directory }}
develop-eggs-directory = {{ develop_eggs_directory }}
offline = true
versions = versions
{% if 'frontend-software-url' in slapparameter_dict -%}
[request-slave-frontend]
recipe = slapos.cookbook:request
software-url = {{ slapparameter_dict['frontend-software-url'] }}
software-type = {{ slapparameter_dict.get('frontend-software-type', 'RootSoftwareInstance') }}
sla-instance_guid = {{ slapparameter_dict['frontend-instance-guid'] }}
server-url = ${slap-connection:server-url}
key-file = ${slap-connection:key-file}
cert-file = ${slap-connection:cert-file}
computer-id = ${slap-connection:computer-id}
partition-id = ${slap-connection:partition-id}
name = SlaveFrontend
slave = true
{% set config_dict = {
'url': '${apache-zope-backend-instance:scheme}://[${apache-zope-backend-instance:ip}]:${apache-zope-backend-instance:port}',
'type': 'zope',
} -%}
{% if 'frontend-domain' in slapparameter_dict -%}
{% do config_dict.__setitem__('custom_domain', slapparameter_dict['frontend-domain']) -%}
{% endif -%}
{% for name, value in config_dict.items() -%}
config-{{ name }} = {{ value }}
{% endfor -%}
return = site_url
[publish-apache-zope-backend-connection-string]
recipe = slapos.cookbook:publish
url = ${request-slave-frontend:connection-site_url}
login = ${zope-instance:user}
password = ${zope-instance:password}
url-deadlock = ${:url}/${zope-instance:deadlock-path}?${zope-instance:deadlock-password}
{% else %}
[publish-apache-zope-backend-connection-string]
recipe = slapos.cookbook:publish
url = https://${zope-instance:user}:${zope-instance:password}@[${apache-zope-backend-instance:ip}]:${apache-zope-backend-instance:port}
url-deadlock = ${:url}/${zope-instance:deadlock-path}?${zope-instance:deadlock-password}
{% endif %}
[apache-zope-backend-instance]
recipe = slapos.cookbook:apache.zope.backend
backend = http://${zope-instance:ip}:${zope-instance:port}/
ip = ${slap-network-information:global-ipv6}
port = 16001
wrapper = ${rootdirectory:bin}/apache
key-file = ${directory:apache-conf}/apache.key
cert-file = ${directory:apache-conf}/apache.crt
configuration-file = ${directory:apache-conf}/apache.conf
{# By default, if no white list is specified, backend allows access to everyone -#}
access-control-string = {{ slapparameter_dict.get('access-control-string', 'all') }}
pid-file = ${basedirectory:run}/apache.pid
lock-file = ${basedirectory:run}/apache.lock
ssl-session-cache = ${basedirectory:log}/apache-ssl-session-cache
error-log = ${basedirectory:log}/apache-error.log
access-log = ${basedirectory:log}/apache-access.log
apache-binary = {{ apache_location }}/bin/httpd
scheme = https
[ca-apache-zope-backend]
<= certificate-authority
recipe = slapos.cookbook:certificate_authority.request
key-file = ${apache-zope-backend-instance:key-file}
cert-file = ${apache-zope-backend-instance:cert-file}
executable = ${apache-zope-backend-instance:wrapper}
wrapper = ${basedirectory:services}/apache
[zope-instance]
recipe = slapos.cookbook:generic.zope
# Options
user = zope
port = 12001
ip = ${slap-network-information:local-ipv4}
zodb-cache-size = 5000
thread-amount = 4
zodb-path = ${directory:zodb}/main.fs
deadlock-path = /manage_debug_threads
# Paths
wrapper = ${basedirectory:services}/zope-development
instance-path = ${directory:instance}
instance-etc = ${directory:instance-etc}
instance-products = ${directory:instance-products}
bt5-repository = ${rootdirectory:var}/bt5_repository
tmp-path = ${rootdirectory:tmp}
bin-path = ${rootdirectory:bin}
site-zcml = ${:instance-etc}/site.zcml
logrotate-post = ${rootdirectory:bin}/zope-post-logrotate
pid-file = ${basedirectory:run}/zope.pid
lock-file = ${basedirectory:run}/zope.lock
event-log = ${basedirectory:log}/zope-event.log
z2-log = ${basedirectory:log}/zope-Z2.log
configuration-file = ${rootdirectory:etc}/zope.conf
inituser = ${:instance-path}/inituser
# Binary information
runzope-binary = {{ bin_directory }}/runzope
# Defaults
bt5-repository-list =
[logrotate]
recipe = slapos.cookbook:logrotate
# Binaries
logrotate-binary = {{ logrotate_location }}/usr/sbin/logrotate
gzip-binary = {{ gzip_location }}/bin/gzip
gunzip-binary = {{ gzip_location }}/bin/gunzip
# Directories
wrapper = ${rootdirectory:bin}/logrotate
conf = ${rootdirectory:etc}/logrotate.conf
logrotate-entries = ${directory:logrotate-entries}
backup = ${directory:logrotate-backup}
state-file = ${rootdirectory:srv}/logrotate.status
[logrotate-entry-zope]
<= logrotate
recipe = slapos.cookbook:logrotate.d
name = zope
log = ${zope-instance:event-log} ${zope-instance:z2-log}
frequency = daily
rotate-num = 30
post = {{ bin_directory }}/killpidfromfile ${zope-instance:pid-file} SIGUSR2
sharedscripts = true
notifempty = true
create = true
[logrotate-entry-apache-zope-backend]
<= logrotate
recipe = slapos.cookbook:logrotate.d
name = zope
log = ${apache-zope-backend-instance:error-log} ${apache-zope-backend-instance:access-log}
frequency = daily
rotate-num = 30
post = {{ bin_directory }}/killpidfromfile ${apache-zope-backend-instance:pid-file} SIGUSR1
sharedscripts = true
notifempty = true
create = true
[cron]
recipe = slapos.cookbook:cron
dcrond-binary = {{ dcron_location }}/sbin/crond
cron-entries = ${directory:cron-entries}
crontabs = ${directory:crontabs}
cronstamps = ${directory:cronstamps}
catcher = ${cron-simplelogger:wrapper}
binary = ${basedirectory:services}/crond
[cron-simplelogger]
recipe = slapos.cookbook:simplelogger
wrapper = ${rootdirectory:bin}/cron_simplelogger
log = ${basedirectory:log}/cron.log
[cron-entry-logrotate]
<= cron
recipe = slapos.cookbook:cron.d
name = logrotate
frequency = 0 0 * * *
command = ${logrotate:wrapper}
{% set use_ipv6 = slapparameter_dict.get('use-ipv6', False) -%}
{% set next_port = slapparameter_dict['port-base'] -%}
{% set site_id = slapparameter_dict['site-id'] -%}
{% set zodb_dict = slapparameter_dict['zodb-dict'] -%}
{% set node_id_base = slapparameter_dict['name'] -%}
{% set part_list = [] -%}
{% set publish_list = [] -%}
{% set longrequest_logger_base_path = buildout_directory ~ '/var/log/longrequest_logger_' -%}
{% macro section(name) %}{% do part_list.append(name) %}{{ name }}{% endmacro -%}
{% set bin_directory = parameter_dict['buildout-bin-directory'] -%}
{#
XXX: This template only supports exactly one IPv4 and one IPv6 per
partition. No more (undefined result), no less (IndexError).
-#}
{% set ipv4 = (ipv4_set | list)[0] -%}
[binary-link]
recipe = slapos.cookbook:symbolic.link
target-directory = ${rootdirectory:bin}
link-binary =
{{ coreutils_location }}/bin/basename
{{ coreutils_location }}/bin/cat
{{ coreutils_location }}/bin/cp
{{ coreutils_location }}/bin/ls
{{ coreutils_location }}/bin/tr
{{ coreutils_location }}/bin/uname
{{ git_location }}/bin/git
{{ graphviz_location }}/bin/dot
{{ grep_location }}/bin/grep
{{ imagemagick_location }}/bin/convert
{{ imagemagick_location }}/bin/identify
{{ librsvg_location }}/bin/rsvg-convert
{{ mariadb_location }}/bin/mysql
{{ mariadb_location }}/bin/mysqldump
{{ sed_location }}/bin/sed
{{ tesseract_location }}/bin/tesseract
{{ w3m_location }}/bin/w3m
{{ openssl_location }}/bin/openssl
{{ poppler_location }}/bin/pdfinfo
{{ poppler_location }}/bin/pdfseparate
{{ poppler_location }}/bin/pdftotext
{{ poppler_location }}/bin/pdftohtml
{{ poppler_location }}/bin/pdfunite
{{ dmtx_utils_location }}/bin/dmtxwrite
{{ aspell_location }}/bin/aspell
{{ jsl_location }}/bin/jsl
[certificate-authority]
recipe = slapos.cookbook:certificate_authority
openssl-binary = {{ openssl_location }}/bin/openssl
ca-dir = ${directory:ca-dir}
requests-directory = ${cadirectory:requests}
wrapper = ${basedirectory:services}/ca
ca-private = ${cadirectory:private}
ca-certs = ${cadirectory:certs}
ca-newcerts = ${cadirectory:newcerts}
ca-crl = ${cadirectory:crl}
[bt5-erp5-link]
recipe = slapos.cookbook:symbolic.link
target-directory = ${basedirectory:bt5-erp5}
link-binary =
{{ erp5_location }}/product/ERP5/bootstrap
{{ erp5_location }}/bt5
[cadirectory]
recipe = slapos.cookbook:mkdirectory
requests = ${directory:ca-dir}/requests
private = ${directory:ca-dir}/private
certs = ${directory:ca-dir}/certs
newcerts = ${directory:ca-dir}/newcerts
crl = ${directory:ca-dir}/crl
[rootdirectory]
recipe = slapos.cookbook:mkdirectory
etc = ${buildout:directory}/etc
var = ${buildout:directory}/var
srv = ${buildout:directory}/srv
bin = ${buildout:directory}/bin
tmp = ${buildout:directory}/tmp
{% if slapparameter_dict['mysql-test-url-list'] -%}
[{{ section('test-runner') }}]
recipe = slapos.cookbook:erp5.test
certificate-authority-path = ${test-certificate-authority:ca-dir}
mysql-url-list = {{ dumps(slapparameter_dict['mysql-test-url-list']) }}
kumofs-url = {{ dumps(slapparameter_dict['kumofs-url']) }}
memcached-url = {{ dumps(slapparameter_dict['memcached-url']) }}
cloudooo-url = {{ dumps(slapparameter_dict['cloudooo-url']) }}
test-instance-path = ${directory:unit-test-path}
prepend-path = ${buildout:bin-directory}
run-unit-test = ${buildout:bin-directory}/runUnitTest
run-test-suite = ${buildout:bin-directory}/runTestSuite
openssl-binary = ${test-certificate-authority:openssl-binary}
run-unit-test-binary = {{ parameter_dict['bin-directory'] }}/runUnitTest
run-test-suite-binary = {{ parameter_dict['bin-directory'] }}/runTestSuite
[basedirectory]
recipe = slapos.cookbook:mkdirectory
log = ${rootdirectory:var}/log
services = ${rootdirectory:etc}/run
promises = ${rootdirectory:etc}/promise/
run = ${rootdirectory:var}/run
backup = ${rootdirectory:srv}/backup
bt5-erp5 = ${rootdirectory:var}/bt5_erp5
[erp5-certificate-authority]
[test-certificate-authority]
recipe = slapos.cookbook:certificate_authority
openssl-binary = {{ openssl_location }}/bin/openssl
ca-dir = ${directory:erp5-ca-dir}
requests-directory = ${erp5-cadirectory:requests}
wrapper = ${basedirectory:services}/erp5-ca
ca-private = ${erp5-cadirectory:private}
ca-certs = ${erp5-cadirectory:certs}
ca-newcerts = ${erp5-cadirectory:newcerts}
ca-crl = ${erp5-cadirectory:crl}
[erp5-cadirectory]
recipe = slapos.cookbook:mkdirectory
requests = ${directory:erp5-ca-dir}/requests
private = ${directory:erp5-ca-dir}/private
certs = ${directory:erp5-ca-dir}/certs
newcerts = ${directory:erp5-ca-dir}/newcerts
crl = ${directory:erp5-ca-dir}/crl
openssl-binary = ${binary-link:target-directory}/openssl
ca-dir = ${directory:test-ca-dir}
requests-directory = ${directory:test-ca-requests}
wrapper = ${directory:services}/test-ca
ca-private = ${directory:test-ca-private}
ca-certs = ${directory:test-ca-certs}
ca-newcerts = ${directory:test-ca-newcerts}
ca-crl = ${directory:test-ca-crl}
{%- endif %}
[directory]
recipe = slapos.cookbook:mkdirectory
zodb = ${rootdirectory:srv}/zodb
instance = ${rootdirectory:srv}/erp5shared
bin = ${buildout:directory}/bin
etc = ${buildout:directory}/etc
instance = ${:srv}/erp5shared
instance-constraint = ${:instance}/Constraint
instance-document = ${:instance}/Document
instance-etc = ${:instance}/etc
apache-conf = ${rootdirectory:etc}/apache
instance-etc-package-include = ${:instance}/etc/package-include
# because of bug in slapos.recipe.template keys are lowercased
instance-document = ${:instance}/Document
instance-propertysheet = ${:instance}/PropertySheet
instance-products = ${:instance}/Products
instance-extensions = ${:instance}/Extensions
instance-constraint = ${:instance}/Constraint
instance-import = ${:instance}/import
instance-lib = ${:instance}/lib
instance-products = ${:instance}/Products
instance-propertysheet = ${:instance}/PropertySheet
instance-tests = ${:instance}/tests
erp5-ca-dir = ${rootdirectory:srv}/erp5-ca
ca-dir = ${rootdirectory:srv}/ssl
cron-entries = ${rootdirectory:etc}/cron.d
crontabs = ${rootdirectory:etc}/crontabs
cronstamps = ${rootdirectory:etc}/cronstamps
logrotate-backup = ${basedirectory:backup}/logrotate
logrotate-entries = ${rootdirectory:etc}/logrotate.d
# Deploy zope promises scripts
[promise-zope]
log = ${:var}/log
run = ${:var}/run
services = ${:etc}/run
srv = ${buildout:directory}/srv
tmp = ${buildout:directory}/tmp
var = ${buildout:directory}/var
promises = ${:etc}/promise
unit-test-path = ${:srv}/test-instance/unit_test
test-ca-dir = ${:srv}/test-ca
test-ca-requests = ${:test-ca-dir}/requests
test-ca-private = ${:test-ca-dir}/private
test-ca-certs = ${:test-ca-dir}/certs
test-ca-newcerts = ${:test-ca-dir}/newcerts
test-ca-crl = ${:test-ca-dir}/crl
ca-dir = ${:srv}/ca
ca-requests = ${:ca-dir}/requests
ca-private = ${:ca-dir}/private
ca-certs = ${:ca-dir}/certs
ca-newcerts = ${:ca-dir}/newcerts
ca-crl = ${:ca-dir}/crl
[binary-link]
recipe = slapos.cookbook:symbolic.link
target-directory = ${directory:bin}
link-binary = {{ dumps(parameter_dict['link-binary']) }}
[certificate-authority-common]
requests-directory = ${directory:ca-requests}
ca-dir = ${directory:ca-dir}
ca-private = ${directory:ca-private}
ca-certs = ${directory:ca-certs}
ca-newcerts = ${directory:ca-newcerts}
ca-crl = ${directory:ca-crl}
[{{ section('certificate-authority') }}]
< = certificate-authority-common
recipe = slapos.cookbook:certificate_authority
openssl-binary = ${binary-link:target-directory}/openssl
wrapper = ${directory:services}/ca
{% if use_ipv6 -%}
{% set ipv6 = (ipv6_set | list)[0] -%}
[ipv6toipv4-base]
recipe = slapos.cookbook:ipv6toipv4
runner-path = ${directory:services}/${:base-name}
6tunnel-path = {{ parameter_dict['6tunnel'] }}/bin/6tunnel
shell-path = {{ parameter_dict['dash'] }}/bin/dash
ipv4 = {{ ipv4 }}
ipv6 = {{ ipv6 }}
{% endif -%}
{% set hosts_dict = {} -%}
{% for alias, url in (
('erp5-memcached-volatile', slapparameter_dict['memcached-url']),
('erp5-memcached-persistent', slapparameter_dict['kumofs-url']),
('erp5-cloudooo', slapparameter_dict['cloudooo-url']),
('erp5-smtp', slapparameter_dict['smtp-url']),
) -%}
{% do hosts_dict.__setitem__(
alias,
urlparse.urlparse(url).hostname,
) -%}
{%- endfor %}
{% for i, url in enumerate(slapparameter_dict['mysql-url-list']) -%}
{% do hosts_dict.__setitem__(
'erp5-catalog-' ~ i,
urlparse.urlparse(url).hostname,
) -%}
{%- endfor %}
{% do hosts_dict.update(slapparameter_dict['hosts-dict']) -%}
[host-common]
[hosts-parameter]
# Used for both hosts and hostaliases sections.
host-dict = {{ dumps(hosts_dict) }}
hostalias-dict = {{ dumps(slapparameter_dict['hostalias-dict']) }}
# Note: there is a subtle difference between hosts and hostaliases files:
# - hosts files start with resolved, followed by alias(es) (only one alias per
# line in this case)
# - hostaliases start with alias, followed by resolved
# ...so it's not possible to merge these templates (not a big deal anyway).
[hostaliases]
recipe = slapos.recipe.template:jinja2
template = inline: {{ '
{% for alias, aliased in host_dict.items() -%}
{{ alias }} {{ aliased }}
{% endfor %}
' }}
rendered = ${directory:etc}/hostaliases
context = key host_dict hosts-parameter:hostalias-dict
[hosts]
recipe = slapos.recipe.template:jinja2
template = inline: {{ '
{% for alias, aliased in host_dict.items() -%}
{{ aliased }} {{ alias }}
{% endfor %}
' }}
rendered = ${directory:etc}/hosts
context = key host_dict hosts-parameter:host-dict
[preload-userhosts-runzope-parameter]
runzope-binary = {{ bin_directory }}/runzope
userhosts = {{ parameter_dict['userhosts'] }}
shell-path = {{ parameter_dict['dash'] }}/bin/dash
hosts = ${hosts:rendered}
hostaliases = ${hostaliases:rendered}
[preload-userhosts-runzope]
recipe = slapos.recipe.template:jinja2
rendered = ${directory:bin}/runzope_userhosts_preloaded
context = section parameter_dict preload-userhosts-runzope-parameter
template = {{ parameter_dict['runzope-userhosts-preloaded-template'] }}
mode = 755
{# Hack to deploy SSL certs via instance parameters -#}
{% for zodb in zodb_dict.itervalues() -%}
{% set storage_dict = zodb.setdefault('storage-dict', {}) -%}
{% if zodb['type'] == 'neo' and storage_dict.get('ssl', 1) -%}
{% for k, v in (('_ca', 'ca.crt'),
('_cert', 'neo.crt'),
('_key', 'neo.key')) -%}
{% if k in storage_dict -%}
[{{ section('neo-ssl-' + k[1:]) }}]
recipe = slapos.recipe.template:jinja2
rendered = ${directory:etc}/{{v}}
template = inline:{{'{{'}}pem}}
context = key pem :pem
pem = {{dumps(storage_dict.pop(k))}}
{% endif -%}
{% endfor -%}
{% endif -%}
{% endfor -%}
{# endhack -#}
[zope-base]
recipe = slapos.cookbook:generic.zope.zeo.client
inituser = ${directory:instance}/inituser
user = {{ dumps(slapparameter_dict['inituser-login']) }}
password = {{ dumps(slapparameter_dict['inituser-password']) }}
timezone = {{ dumps(slapparameter_dict['timezone']) }}
tmp-path = ${directory:tmp}
instancehome-path = ${directory:instance}
home-path = ${buildout:directory}
bin-path = ${directory:bin}:{{ parameter_dict['coreutils'] }}/bin
site-zcml = ${directory:instance-etc}/site.zcml
runzope-binary = ${preload-userhosts-runzope:rendered}
bt5-repository =
[zope-conf-parameter-base]
ip = {{ ipv4 }}
site-id = {{ site_id }}
{% set zeo_dict = slapparameter_dict.get('zodb-zeo', {}) -%}
{% for name, zodb in zodb_dict.iteritems() -%}
{% set storage_dict = zodb.setdefault('storage-dict', {}) -%}
{% if zodb['type'] == 'zeo' -%}
{% do storage_dict.update(zeo_dict.get(name, ())) -%}
{% else -%}
{% if name == slapparameter_dict.get('neo-name') -%}
{% do storage_dict.update(master_nodes=slapparameter_dict['neo-masters'],
name=slapparameter_dict['neo-cluster']) -%}
{% endif -%}
{{ assert(storage_dict['master_nodes'], name) }}
{% if storage_dict.pop('ssl', 1) -%}
{% do storage_dict.update(ca='~/etc/ca.crt',
cert='~/etc/neo.crt',
key='~/etc/neo.key') -%}
{% endif -%}
{% endif -%}
{% endfor -%}
developer-list = {{ dumps(slapparameter_dict['developer-list']) }}
instance = ${directory:instance}
instance-products = ${directory:instance-products}
deadlock-path = /manage_debug_threads
deadlock-debugger-password = {{ dumps(slapparameter_dict['deadlock-debugger-password']) }}
{% if slapparameter_dict.get('tidstorage-ip') -%}
tidstorage-ip = {{ dumps(slapparameter_dict['tidstorage-ip']) }}
tidstorage-port = {{ dumps(slapparameter_dict['tidstorage-port']) }}
{% endif -%}
promise-path = ${erp5-promise:promise-path}
{% set thread_amount = slapparameter_dict['thread-amount'] -%}
thread-amount = {{ thread_amount }}
{% set webdav = slapparameter_dict['webdav'] -%}
webdav = {{ dumps(webdav) }}
{% if webdav -%}
{% set timerserver_interval = 0 -%}
{% else -%}
{% set timerserver_interval = slapparameter_dict['timerserver-interval'] -%}
{%- endif %}
timerserver-interval = {{ dumps(timerserver_interval) }}
[zope-conf-base]
recipe = slapos.recipe.template:jinja2
template = {{ parameter_dict['zope-conf-template'] }}
[logrotate-entry-base]
recipe = slapos.cookbook:logrotate.d
logrotate-entries = ${logrotate:logrotate-entries}
backup = ${logrotate:backup}
{% macro zope(
index,
port,
longrequest_logger_timeout,
longrequest_logger_interval
) -%}
{% set name = 'zope-' ~ index -%}
{% set conf_name = name ~ '-conf' -%}
{% set conf_parameter_name = conf_name ~ '-param' -%}
{% set zope_tunnel_section_name = name ~ '-ipv6toipv4' -%}
{% set zope_tunnel_base_name = zope_tunnel_section_name -%}
[{{ conf_parameter_name }}]
< = zope-conf-parameter-base
pid-file = ${directory:run}/{{ name }}.pid
lock-file = ${directory:run}/{{ name }}.lock
port = {{ port }}
event-log = ${directory:log}/{{ name }}-event.log
z2-log = ${directory:log}/{{ name }}-Z2.log
node-id = {{ dumps(node_id_base ~ '-' ~ index) }}
{% set log_list = [] -%}
{% set import_set = set() -%}
{% for db_name, zodb in zodb_dict.iteritems() -%}
{% if zodb['type'] == 'neo' -%}
{% do import_set.add('neo.client') -%}
{% set log = '~/var/log/' ~ name ~ '-neo-' ~ db_name ~ '.log' -%}
{% do log_list.append(log) -%}
{% do zodb['storage-dict'].update(logfile=log) -%}
{% endif -%}
{% endfor -%}
import-list = {{ dumps(list(import_set)) }}
zodb-dict = {{ dumps(zodb_dict) }}
[{{ conf_name }}]
< = zope-conf-base
rendered = ${directory:etc}/{{ name }}.conf
context =
section parameter_dict {{ conf_parameter_name }}
[{{ section(name) }}]
< = zope-base
{% if longrequest_logger_interval < 0 -%}
longrequest-logger-file =
longrequest-logger-timeout =
longrequest-logger-interval =
{% else -%}
longrequest-logger-file = {{ longrequest_logger_base_path ~ name ~ ".log" }}
longrequest-logger-timeout = {{ longrequest_logger_timeout }}
longrequest-logger-interval = {{ longrequest_logger_interval }}
{% endif -%}
wrapper = ${directory:services}/{{ name }}
configuration-file = {{ '${' ~ conf_name ~ ':rendered}' }}
[{{ section("promise-" ~ name) }}]
recipe = slapos.cookbook:check_port_listening
path = ${basedirectory:promises}/zope
hostname = ${zope-instance:ip}
port = ${zope-instance:port}
hostname = {{ ipv4 }}
port = {{ port }}
path = ${directory:promises}/{{ name }}
[promise-apache-zope-backend]
{% if use_ipv6 -%}
[{{ zope_tunnel_section_name }}]
< = ipv6toipv4-base
base-name = {{ zope_tunnel_base_name }}
ipv6-port = {{ port }}
ipv4-port = {{ port }}
{% do publish_list.append(("[" ~ ipv6 ~ "]:" ~ port, thread_amount, webdav)) -%}
[{{ section("promise-tunnel-" ~ name) }}]
recipe = slapos.cookbook:check_port_listening
path = ${basedirectory:promises}/apache-backend
hostname = ${apache-zope-backend-instance:ip}
port = ${apache-zope-backend-instance:port}
hostname = {{ '${' ~ zope_tunnel_section_name ~ ':ipv6}' }}
port = {{ '${' ~ zope_tunnel_section_name ~ ':ipv6-port}' }}
path = ${directory:promises}/{{ zope_tunnel_base_name }}
{% else -%}
{% do publish_list.append((ipv4 ~ ":" ~ port, thread_amount, webdav)) -%}
{% endif -%}
[{{ section('logrotate-entry-' ~ name) }}]
< = logrotate-entry-base
name = {{ name }}
log = {{ '${' ~ conf_parameter_name ~ ':event-log}' }} {{ '${' ~ conf_parameter_name ~ ':z2-log}' }} {{ '${' ~ name ~ ':longrequest-logger-file}' }} {{ ' '.join(log_list) }}
post = {{ bin_directory }}/slapos-kill --pidfile {{ '${' ~ conf_parameter_name ~ ':pid-file}' }} -s USR2
{% endmacro -%}
{% for i in range(slapparameter_dict['instance-count']) -%}
{{ zope(
i,
next_port,
slapparameter_dict['longrequest-logger-timeout'],
slapparameter_dict['longrequest-logger-interval'],
) }}
{% set next_port = next_port + 1 -%}
{% endfor -%}
[publish]
recipe = slapos.cookbook:publish.serialised
zope-address-list = {{ dumps(publish_list) }}
{#
Note: hosts_dist is generated at zope level rather than at erp5 (root partition)
level, as it is easier: we can access urls as python values trivially here.
This has the downside of making each zope partition publish the (hopefuly) same
dict toward erp5 partition, violating the DRY principle and making the intent
hard to guess.
-#}
hosts-dict = {{ dumps(hosts_dict) }}
[erp5-promise]
recipe = slapos.cookbook:erp5.promise
promise-path = ${directory:etc}/erp5promise.cfg
kumofs-url = {{ dumps(slapparameter_dict['kumofs-url']) }}
memcached-url = {{ dumps(slapparameter_dict['memcached-url']) }}
cloudooo-url = {{ dumps(slapparameter_dict['cloudooo-url']) }}
smtp-url = {{ dumps(slapparameter_dict['smtp-url']) }}
bt5 = {{ dumps(slapparameter_dict['bt5']) }}
bt5-repository-url = {{ dumps(slapparameter_dict['bt5-repository-url']) }}
[monitor-instance-parameter]
monitor-httpd-ipv6 = {{ (ipv6_set | list)[0] }}
monitor-httpd-port = {{ next_port }}
monitor-title = Zope monitor
[buildout]
extends =
{{ logrotate_cfg }}
{{ parameter_dict['template-monitor'] }}
parts +=
erp5-promise
{{ part_list | join('\n ') }}
publish
versions = versions
[versions]
slapos.core = {{ slapos_core_version }}
stack/erp5/instance.cfg.in
View file @ 94026302
[buildout]
parts =
switch-softwaretype
eggs-directory = {{ eggs_directory }}
develop-eggs-directory = {{ develop_eggs_directory }}
offline = true
[slap-parameters]
recipe = slapos.cookbook:slapconfiguration
computer = ${slap-connection:computer-id}
partition = ${slap-connection:partition-id}
url = ${slap-connection:server-url}
key = ${slap-connection:key-file}
cert = ${slap-connection:cert-file}
extends = {{ instance_common_cfg }}
[jinja2-template-base]
recipe = slapos.recipe.template:jinja2
rendered = ${buildout:parts-directory}/${:_buildout_section_name_}/${:filename}
extra-context =
context =
key eggs_directory buildout:eggs-directory
key develop_eggs_directory buildout:develop-eggs-directory
key slap_software_type slap-parameters:slap-software-type
key slapparameter_dict slap-parameters:configuration
context +=
raw slapos_core_version {{ slapos_core_version }}
${:extra-context}
[dynamic-template-tidstorage-parameters]
apache = {{ apache_location }}
haproxy = {{ haproxy_location }}
dcron = {{ dcron_location }}
logrotate = {{ logrotate_location }}
gzip = {{ gzip_location }}
openssl = {{ openssl_location }}
coreutils = {{ coreutils_location }}
git = {{ git_location }}
graphviz = {{ graphviz_location }}
grep = {{ grep_location }}
imagemagick = {{ imagemagick_location }}
librsvg = {{ librsvg_location }}
mariadb = {{ mariadb_location }}
sed = {{ sed_location }}
tesseract = {{ tesseract_location }}
w3m = {{ w3m_location }}
aspell = {{ aspell_location }}
poppler = {{ poppler_location }}
dmtx-utils = {{ dmtx_utils_location }}
buildout-bin-directory = {{ buildout_bin_directory }}
zope-conf-template = {{ template_zope_conf }}
jsl = {{ jsl_location }}
[dynamic-template-tidstorage]
< = jinja2-template-base
template = {{ template_tidstorage }}
filename = instance-tidstorage.cfg
extensions = jinja2.ext.do
extra-context =
section parameter_dict dynamic-template-tidstorage-parameters
import json_module json
raw zope_port_base 12000
raw zeo_port_base 15000
raw haproxy_port_base 11000
raw apache_port_base 10000
key ipv4_set slap-parameters:ipv4
key ipv6_set slap-parameters:ipv6
# Must match the key id in [switch-softwaretype] which uses this section.
raw software_type tidstorage
[dynamic-template-cloudooo-parameters]
cairo = {{ cairo_location }}
cups = {{ cups_location }}
dbus = {{ dbus_location }}
dbus-glib = {{ dbus_glib_location }}
......@@ -88,185 +27,171 @@ libffi = {{ libffi_location }}
libpng12 = {{ libpng12_location }}
libxcb = {{ libxcb_location }}
mesa = {{ mesa_location }}
pixman = {{ pixman_location }}
xdamage = {{ xdamage_location }}
xfixes = {{ xfixes_location }}
zlib = {{ zlib_location }}
libreoffice-bin = {{ libreoffice_bin_location }}
fonts = {{ fonts_location }}
buildout-bin-directory = {{ buildout_bin_directory }}
6tunnel = {{ sixtunnel_location }}
dash = {{ dash_location }}
template-monitor = {{ dumps(template_monitor) }}
[dynamic-template-cloudooo]
< = jinja2-template-base
<= jinja2-template-base
template = {{ template_cloudooo }}
filename = instance-cloudoo.cfg
extra-context =
section parameter_dict dynamic-template-cloudooo-parameters
import json_module json
# Must match the key id in [switch-softwaretype] which uses this section.
raw software_type cloudooo
[dynamic-template-varnish-parameters]
dash = {{ dash_location }}
dcron = {{ dcron_location }}
gzip = {{ gzip_location }}
logrotate = {{ logrotate_location }}
stunnel = {{ stunnel_location }}
varnish = {{ varnish_location }}
wget = {{ wget_location }}
buildout-bin-directory = {{ buildout_bin_directory }}
[dynamic-template-postfix-parameters]
bin-directory = {{ bin_directory }}
cyrus-sasl-location = {{ cyrus_sasl_location }}
openssl = {{ openssl_location }}
postfix-location = {{ postfix_location }}
template-postfix-aliases = {{ template_postfix_aliases }}
template-postfix-main-cf = {{ template_postfix_main_cf }}
template-postfix-master-cf = {{ template_postfix_master_cf }}
[dynamic-template-varnish]
[dynamic-template-postfix]
< = jinja2-template-base
template = {{ template_varnish }}
filename = instance-varnish.cfg
template = {{ template_postfix }}
filename = instance-postfix.cfg
extensions = jinja2.ext.do
extra-context =
section parameter_dict dynamic-template-varnish-parameters
# Must match the key id in [switch-softwaretype] which uses this section.
raw software_type varnish
section parameter_dict dynamic-template-postfix-parameters
import urllib urllib
[dynamic-template-mariadb-parameters]
[dynamic-template-erp5-parameters]
local-bt5-repository = {{ local_bt5_repository }}
[dynamic-template-erp5]
<= jinja2-template-base
template = {{ template_erp5 }}
filename = instance-erp5.cfg
extra-context =
key local_bt5_repository dynamic-template-erp5-parameters:local-bt5-repository
import urlparse urlparse
import-list =
rawfile root_common {{ root_common }}
[dynamic-template-balancer-parameters]
apache = {{ apache_location }}
openssl = {{ openssl_location }}
haproxy = {{ haproxy_location }}
bin-directory = {{ bin_directory }}
6tunnel = {{ sixtunnel_location }}
dash = {{ dash_location }}
template-haproxy-cfg = {{ template_haproxy_cfg }}
template-apache-conf = {{ template_apache_conf }}
template-monitor = {{ dumps(template_monitor) }}
[dynamic-template-balancer]
<= jinja2-template-base
template = {{ template_balancer }}
filename = instance-balancer.cfg
extra-context =
section parameter_dict dynamic-template-balancer-parameters
[dynamic-template-zeo-parameters]
buildout-bin-directory = {{ buildout_bin_directory }}
template-monitor = {{ dumps(template_monitor) }}
[dynamic-template-mariadb]
< = jinja2-template-base
template = {{ template_mariadb }}
filename = instance-mariadb.cfg
[dynamic-template-zeo]
<= jinja2-template-base
template = {{ template_zeo }}
filename = instance-zeo.cfg
extra-context =
section parameter_dict dynamic-template-mariadb-parameters
raw coreutils_location {{ coreutils_location }}
raw dash_location {{ dash_location }}
raw dcron_location {{ dcron_location }}
raw findutils_location {{ findutils_location }}
raw gettext_location {{ gettext_location }}
raw grep_location {{ grep_location }}
raw gzip_location {{ gzip_location }}
raw logrotate_location {{ logrotate_location }}
raw mariadb_location {{ mariadb_location }}
raw mariadb_resiliency_after_import_script {{ mariadb_resiliency_after_import_script }}
raw perl_location {{ perl_location }}
raw perl_siteprefix {{ perl_siteprefix }}
raw sed_location {{ sed_location }}
raw xtrabackup_location {{ xtrabackup_location }}
key buildout_directory buildout:directory
section parameter_dict dynamic-template-zeo-parameters
import json_module json
# Must match the key id in [switch-softwaretype] which uses this section.
raw software_type mariadb
[dynamic-template-zope-parameters]
apache = {{ apache_location }}
aspell = {{ aspell_location }}
bin-directory = {{ bin_directory }}
zope-conf-template = {{ template_zope_conf }}
buildout-bin-directory = {{ buildout_bin_directory }}
6tunnel = {{ sixtunnel_location }}
coreutils = {{ coreutils_location }}
dcron = {{ dcron_location }}
dmtx-utils = {{ dmtx_utils_location }}
erp5 = {{ erp5_location }}
git = {{ git_location }}
graphviz = {{ graphviz_location }}
grep = {{ grep_location }}
gzip = {{ gzip_location }}
imagemagick = {{ imagemagick_location }}
librsvg = {{ librsvg_location }}
logrotate = {{ logrotate_location }}
mariadb = {{ mariadb_location }}
openssl = {{ openssl_location }}
poppler = {{ poppler_location }}
sed = {{ sed_location }}
tesseract = {{ tesseract_location }}
w3m = {{ w3m_location }}
dash = {{ dash_location }}
jsl = {{ jsl_location }}
link-binary = {{ dumps(zope_link_binary) }}
userhosts = {{ userhosts_location }}
runzope-userhosts-preloaded-template = {{ template_runzope_userhosts_preloaded }}
template-monitor = {{ dumps(template_monitor) }}
[dynamic-template-zope]
< = jinja2-template-base
<= jinja2-template-base
template = {{ template_zope }}
filename = instance-zope.cfg
extensions = jinja2.ext.do
# XXX: duplicates above section, so less is modified in template in this
# commit. Should be replaced by a single "section" line.
extra-context =
key apache_location dynamic-template-zope-parameters:apache
key aspell_location dynamic-template-zope-parameters:aspell
key bin_directory dynamic-template-zope-parameters:bin-directory
key coreutils_location dynamic-template-zope-parameters:coreutils
key dcron_location dynamic-template-zope-parameters:dcron
key dmtx_utils_location dynamic-template-zope-parameters:dmtx-utils
key erp5_location dynamic-template-zope-parameters:erp5
key git_location dynamic-template-zope-parameters:git
key graphviz_location dynamic-template-zope-parameters:graphviz
key grep_location dynamic-template-zope-parameters:grep
key gzip_location dynamic-template-zope-parameters:gzip
key imagemagick_location dynamic-template-zope-parameters:imagemagick
key librsvg_location dynamic-template-zope-parameters:librsvg
key logrotate_location dynamic-template-zope-parameters:logrotate
key mariadb_location dynamic-template-zope-parameters:mariadb
key openssl_location dynamic-template-zope-parameters:openssl
key poppler_location dynamic-template-zope-parameters:poppler
key sed_location dynamic-template-zope-parameters:sed
key tesseract_location dynamic-template-zope-parameters:tesseract
key w3m_location dynamic-template-zope-parameters:w3m
key jsl_location dynamic-template-zope-parameters:jsl
key buildout_directory buildout:directory
section parameter_dict dynamic-template-zope-parameters
import urlparse urlparse
[dynamic-template-kumofs-parameters]
dash-location = {{ dash_location }}
dcron-location = {{ dcron_location }}
gzip-location = {{ gzip_location }}
kumo-location = {{ kumo_location }}
logrotate-location = {{ logrotate_location }}
template-monitor = {{ dumps(template_monitor) }}
[dynamic-template-kumofs]
<= jinja2-template-base
template = {{ template_kumofs }}
filename = instance-kumofs.cfg
extra-context =
section parameter_dict dynamic-template-kumofs-parameters
[template-erp5-single-parameters]
[dynamic-template-mariadb-parameters]
coreutils-location = {{ coreutils_location }}
dash-location = {{ dash_location }}
findutils-location = {{ findutils_location }}
gzip-location = {{ gzip_location }}
mariadb-location = {{ mariadb_location }}
template-my-cnf = {{ template_my_cnf }}
template-mariadb-initial-setup = {{ template_mariadb_initial_setup }}
link-binary = {{ dumps(mariadb_link_binary) }}
bin-directory = {{ bin_directory }}
openssl = {{ openssl_location }}
local_bt5_repository = {{ local_bt5_repository }}
bt5_list = {{ bt5_list }}
dash = {{ dash_location }}
curl = {{ curl_location }}
mariadb-resiliency-after-import-script = {{ mariadb_resiliency_after_import_script }}
template-monitor = {{ template_monitor }}
[template-erp5-single]
< = jinja2-template-base
template = {{ template_erp5_single }}
filename = instance-erp5-single.cfg
# XXX: duplicates above section, so less is modified in template in this
# commit. Should be replaced by a "section" line (preserving template_zope
# definition).
[dynamic-template-mariadb]
<= jinja2-template-base
template = {{ template_mariadb }}
filename = instance-mariadb.cfg
extra-context =
key bin_directory template-erp5-single-parameters:bin-directory
key openssl_location template-erp5-single-parameters:openssl
key curl_location template-erp5-single-parameters:curl
key dash_location template-erp5-single-parameters:dash
key template_zope dynamic-template-zope:rendered
key local_bt5_repository template-erp5-single-parameters:local_bt5_repository
key bt5_list template-erp5-single-parameters:bt5_list
section parameter_dict dynamic-template-mariadb-parameters
[dynamic-template-cluster-parameters]
local-bt5-repository = {{ local_bt5_repository }}
bt5_list = {{ bt5_list }}
[dynamic-template-create-erp5-site-parameters]
instance-erp5 = ${dynamic-template-erp5:rendered}
template-create-erp5-site-real = {{ template_create_erp5_site_real }}
dash-location = {{ dash_location }}
curl-location = {{ curl_location }}
[dynamic-template-cluster]
< = jinja2-template-base
template = {{ template_erp5_cluster }}
filename = instance-erp5-cluster.cfg
[dynamic-template-create-erp5-site]
<= jinja2-template-base
template = {{ template_create_erp5_site }}
filename = instance-create-erp5-site.cfg
extra-context =
key local_bt5_repository dynamic-template-cluster-parameters:local-bt5-repository
key bt5_list template-erp5-single-parameters:bt5_list
# Must match the key id in [switch-softwaretype] which uses this section.
# XXX: it is dangerous to use buildout-style expansion in jinja context declaration
raw software_type ${:software-type}
software-type = cluster
# BBB: use "cluster" software type instead
[dynamic-template-production]
< = dynamic-template-cluster
software-type = production
section parameter_dict dynamic-template-create-erp5-site-parameters
[switch-softwaretype]
recipe = slapos.cookbook:softwaretype
default = ${template-erp5-single:rendered}
production = ${dynamic-template-production:rendered}
cluster = ${dynamic-template-cluster:rendered}
kumofs = {{ template_kumofs }}
memcached = {{ template_memcached }}
cloudooo = ${dynamic-template-cloudooo:rendered}
zope = ${dynamic-template-zope:rendered}
mariadb = ${dynamic-template-mariadb:rendered}
tidstorage = ${dynamic-template-tidstorage:rendered}
varnish = ${dynamic-template-varnish:rendered}
[slap-connection]
# part to migrate to new - separated words
computer-id = ${slap_connection:computer_id}
partition-id = ${slap_connection:partition_id}
server-url = ${slap_connection:server_url}
software-release-url = ${slap_connection:software_release_url}
key-file = ${slap_connection:key_file}
cert-file = ${slap_connection:cert_file}
recipe = slapos.cookbook:switch-softwaretype
override = {{ dumps(override_switch_softwaretype |default) }}
# Public software types
default = dynamic-template-erp5:rendered
create-erp5-site = dynamic-template-create-erp5-site:rendered
# BBB
RootSoftwareInstance = ${:default}
# Internal software types
kumofs = dynamic-template-kumofs:rendered
cloudooo = dynamic-template-cloudooo:rendered
mariadb = dynamic-template-mariadb:rendered
balancer = dynamic-template-balancer:rendered
postfix = dynamic-template-postfix:rendered
zodb-zeo = dynamic-template-zeo:rendered
zodb-neo = neo-storage-mysql:rendered
zope = dynamic-template-zope:rendered
stack/erp5/mariadb_initial_setup.sql.in 0 → 100644
View file @ 94026302
USE mysql;
DROP FUNCTION IF EXISTS last_insert_grn_id;
{% set mroonga = parameter_dict.get('mroonga', 'ha_mroonga.so') -%}
{% if mroonga %}CREATE FUNCTION last_insert_grn_id RETURNS INTEGER SONAME '{{ mroonga }}';{% endif %}
DROP FUNCTION IF EXISTS sphinx_snippets;
#CREATE FUNCTION sphinx_snippets RETURNS STRING SONAME 'ha_sphinx.so';
{% macro database(name, user, password) -%}
CREATE DATABASE IF NOT EXISTS `{{ name }}`;
{% if user -%}
GRANT ALL PRIVILEGES ON `{{ name }}`.* TO `{{ user }}`@`%` IDENTIFIED BY '{{ password }}';
GRANT ALL PRIVILEGES ON `{{ name }}`.* TO `{{ user }}`@localhost IDENTIFIED BY '{{ password }}';
{%- endif %}
{% endmacro -%}
{% for entry in parameter_dict['database-list'] -%}
{{ database(entry['name'], entry.get('user'), entry.get('password')) }}
{% endfor -%}
stack/erp5/my.cnf.in 0 → 100644
View file @ 94026302
{% set socket = parameter_dict['socket'] -%}
# ERP5 buildout my.cnf template based on my-huge.cnf shipped with mysql
# The MySQL server
[mysqld]
# ERP5 by default requires InnoDB storage. MySQL by default fallbacks to using
# different engine, like MyISAM. Such behaviour generates problems only, when
# tables requested as InnoDB are silently created with MyISAM engine.
#
# Loud fail is really required in such case.
sql_mode="NO_ENGINE_SUBSTITUTION"
# Workaround for https://bugs.launchpad.net/maria/+bug/985828
# that causes wrong result in Resource_zGetInventoryList etc.
optimizer_switch = derived_merge=off
skip_show_database
{% set ip = parameter_dict.get('ip') -%}
{% if ip -%}
bind_address = {{ ip }}
port = {{ parameter_dict['port'] }}
{% else -%}
skip_networking
{% endif -%}
socket = {{ socket }}
datadir = {{ parameter_dict['data-directory'] }}
pid_file = {{ parameter_dict['pid-file'] }}
log_error = {{ parameter_dict['error-log'] }}
slow_query_log
slow_query_log_file = {{ parameter_dict['slow-query-log'] }}
long_query_time = {{ parameter_dict['long-query-time'] }}
max_allowed_packet = 128M
query_cache_size = 32M
innodb_file_per_table = 0
plugin_load = ha_mroonga.so;handlersocket.so
# By default only 100 connections are allowed, when using zeo
# we may have much more connections
max_connections = 1000
{% set innodb_buffer_pool_size = parameter_dict['innodb-buffer-pool-size'] -%}
{% if innodb_buffer_pool_size %}innodb_buffer_pool_size = {{ innodb_buffer_pool_size }}{% endif %}
{% set innodb_log_file_size = parameter_dict['innodb-log-file-size'] -%}
{% if innodb_log_file_size %} innodb_log_file_size = {{ innodb_log_file_size }}{% endif %}
{% set innodb_log_buffer_size = parameter_dict['innodb-log-buffer-size'] -%}
{% if innodb_log_buffer_size %} innodb_log_buffer_size = {{ innodb_log_buffer_size }}{% endif %}
# very important to allow parallel indexing
# Note: this is compatible with binlog-based incremental backups, because ERP5
# doesn't use "insert ... select" (in any number of queries) pattern.
innodb_locks_unsafe_for_binlog = 1
{% set log_bin = parameter_dict['binlog-path'] -%}
{% if log_bin -%}
log_bin = {{ log_bin }}
{% set binlog_expire_days = parameter_dict['binlog-expire-days'] -%}
{% if binlog_expire_days > 0 %}expire_logs_days = {{ binlog_expire_days }}{% endif %}
{% endif %}
# Some dangerous settings you may want to uncomment temporarily
# if you only want performance or less disk access.
{% set x = '' if parameter_dict['relaxed-writes'] else '#' -%}
{{x}}innodb_flush_log_at_trx_commit = 0
{{x}}innodb_flush_method = nosync
{{x}}innodb_doublewrite = 0
{{x}}sync_frm = 0
# Force utf8 usage
collation_server = utf8_unicode_ci
character_set_server = utf8
skip_character_set_client_handshake
{% if 'ssl-key' in parameter_dict -%}
ssl_cert = {{ parameter_dict['ssl-crt'] }}
ssl_key = {{ parameter_dict['ssl-key'] }}
{% if 'ssl-ca-crt' in parameter_dict -%}
ssl_ca = {{ parameter_dict['ssl-ca-crt'] }}
{%- endif %}
{% if 'ssl-crl' in parameter_dict -%}
ssl_crl = {{ parameter_dict['ssl-crl'] }}
{%- endif %}
{% if 'ssl-cipher' in parameter_dict -%}
ssl_cipher = {{ parameter_dict['ssl-cipher'] }}
{%- endif %}
{%- endif %}
[client]
socket = {{ socket }}
user = root
[mysql]
no_auto_rehash
[mysqlhotcopy]
interactive_timeout
stack/erp5/postfix_aliases.in 0 → 100644
View file @ 94026302
# See http://www.postfix.org/aliases.5.html for format
{% for name, alias_list in alias_dict.items() -%}
{{ name }}: {{ alias_list | join(', ') }}
{% endfor %}
stack/erp5/postfix_main.cf.in 0 → 100644
View file @ 94026302
# http://www.postfix.org/STANDARD_CONFIGURATION_README.html
# http://www.postfix.org/postconf.5.html
queue_directory = {{ queue_directory }}
command_directory = {{ bin_directory }}
daemon_directory = {{ usr_directory }}/libexec/postfix
data_directory = {{ data_directory }}
mail_owner = {{ mail_owner }}
alias_maps = {{ aliases }}
alias_database = {{ aliases }}
mail_spool_directory = {{ spool_directory }}
sendmail_path =
newaliases_path =
mailq_path =
setgid_group = {{ setgid_group }}
html_directory =
manpage_directory =
sample_directory =
readme_directory =
inet_interfaces = {{ inet_interfaces }}
virtual_alias_maps = {{ divert }}
# Compared to default:
# - remove X-related variables, irrelevant for slapos, to be concise
# - add SASL_CONF_PATH to have per-partition cyrus-sasl configuration
import_environment =
MAIL_CONFIG MAIL_DEBUG MAIL_LOGTAG TZ LANG=C
SASL_CONF_PATH
# Mandatory sasl auth over TLS
# XXX: no man-in-the-middle protection
smtpd_tls_cert_file = {{ cert }}
smtpd_tls_key_file = {{ key }}
smtpd_tls_dh512_param_file = {{ dh_512 }}
{#
Note: 1024 vs. 2048 is not a typo, but what is actually recommended in
postfix documentation
-#}
smtpd_tls_dh1024_param_file = {{ dh_2048 }}
smtpd_tls_security_level = encrypt
smtpd_sasl_auth_enable = yes
# Reject as many bogus cases as soon as possible, so errors are visible to ERP5
# developper rather than relying on bounces.
smtpd_recipient_restrictions =
reject_non_fqdn_recipient
reject_unknown_recipient_domain
permit_sasl_authenticated
reject
# Disable local delivery
local_transport = error
{% if relayhost -%}
relayhost = {{ relayhost }}
smtp_tls_security_level = encrypt
smtp_tls_session_cache_database = btree:{{ data_directory }}/smtp_scache
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = {{ sasl_passwd }}
smtp_sasl_tls_security_options = noanonymous
{%- endif %}
stack/erp5/postfix_master.cf.in 0 → 100644
View file @ 94026302
# http://www.postfix.org/master.5.html
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
{{ smtp }} inet n - n - - smtpd
pickup unix n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr unix n - n 300 1 qmgr
tlsmgr unix - - n 1000? 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - n - - smtp
relay unix - - n - - smtp
showq unix n - n - - showq
error unix - - n - - error
retry unix - - n - - error
discard unix - - n - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
scache unix - - n - 1 scache
stack/erp5/runzope_userhosts_preloaded.in 0 → 100644
View file @ 94026302
#!{{ parameter_dict['shell-path'] }}
HOSTALIASES='{{ parameter_dict['hostaliases'] }}' HOSTS='{{ parameter_dict['hosts'] }}' exec '{{ parameter_dict['userhosts'] }}' '{{ parameter_dict['runzope-binary'] }}' "$@"
stack/erp5/template/instance-mariadb-resiliency-after-import-script.sh.in
View file @ 94026302
......@@ -12,13 +12,13 @@
set -e
mysql_executable="${mariadb-instance:mysql-binary}"
mysql_executable="${binary-wrap-mysql:wrapper-path}"
mysqldump_executable="${binary-wrap-mysqldump:wrapper-path}"
mariadb_data_directory="${directory:mariadb-data}"
mariadb_backup_directory="${directory:mariadb-backup-full}"
instance_directory="${buildout:directory}"
pid_file="${mariadb-instance:pid-file}"
binlog_path="${mariadb-instance:binlog-path}"
pid_file="${my-cnf-parameters:pid-file}"
binlog_path="${my-cnf-parameters:binlog-path}"
# Make sure mariadb is not already running
if [ -e "$pid_file" ]; then
......
stack/erp5/zope.conf.in
View file @ 94026302
# Note: Environment is setup in running wrapper script, as zope.conf is read
# too late for some components.
%define INSTANCE {{ instance }}
%define INSTANCE {{ parameter_dict['instance'] }}
instancehome $INSTANCE
zserver-threads {{ parameter_dict['thread-amount'] }}
# When ownership checking is enabled, the roles a script runs as are the
# intersection between user's roles and script owner's roles. This means
# that revoking a code author's access to the system prevent all scripts
# owned by that user from being of much use.
# This is not how ERP5 approaches development: Managers write code,
# Managers must be trustable and trusted, and their past work should not be
# revoked when their account is terminated.
skip-ownership-checking true
lock-filename {{ parameter_dict['lock-file'] }}
pid-filename {{ parameter_dict['pid-file'] }}
......@@ -12,38 +20,40 @@ rest-input-encoding utf-8
rest-output-encoding utf-8
# XXX: isn't this entry implicit ?
products {{ instance_products }}
products {{ parameter_dict['instance-products'] }}
<http-server>
address {{ parameter_dict['ip'] }}:{{ parameter_dict['port'] }}
</http-server>
{# TODO: enable
{% if webdav_port -%}
{% if parameter_dict['webdav'] -%}
<webdav-source-server>
address {{ parameter_dict['ip'] }}:{{ parameter_dict['webdav_port'] }}
address {{ parameter_dict['ip'] }}:{{ parameter_dict['port'] }}
force-connection-close off
</webdav-source-server>
{% else %}
<http-server>
address {{ parameter_dict['ip'] }}:{{ parameter_dict['port'] }}
</http-server>
{%- endif %}
{% endif -%}
-#}
<zoperunner>
program $INSTANCE/bin/runzope
</zoperunner>
<product-config DeadlockDebugger>
dump_url /manage_debug_threads
secret {{ deadlock_debugger_password }}
dump_url {{ parameter_dict['deadlock-path'] }}
secret {{ parameter_dict['deadlock-debugger-password'] }}
</product-config>
{% if tidstorage_ip -%}
{% if 'tidstorage-ip' in parameter_dict -%}
<product-config TIDStorage>
backend-ip {{ tidstorage_ip }}
backend-port {{ tidstorage_port }}
backend-ip {{ parameter_dict['tidstorage-ip'] }}
backend-port {{ parameter_dict['tidstorage-port'] }}
</product-config>
{% endif -%}
{% set timerserver_interval = parameter_dict.get('timerserver-interval', '0') | int -%}
<product-config CMFActivity>
node-id {{ parameter_dict['node-id'] }}
</product-config>
{% set timerserver_interval = parameter_dict['timerserver-interval'] -%}
{% if timerserver_interval -%}
%import timerserver
<timer-server>
......@@ -51,6 +61,7 @@ products {{ instance_products }}
</timer-server>
{% endif -%}
{% set promise_path = parameter_dict['promise-path'] -%}
{% if promise_path -%}
<product-config /{{ parameter_dict['site-id'] }}>
promise_path {{ promise_path }}
......@@ -81,12 +92,25 @@ products {{ instance_products }}
container-class Products.TemporaryFolder.TemporaryContainer
</zodb_db>
{% for db_name, mount_point, cache_size, storage_type, storage_dict in parameter_dict['zodb-list'] -%}
<zodb_db {{ db_name }}>
{%- if cache_size %}
cache-size {{ cache_size }}
{%- endif %}
mount-point {{ mount_point }}
{% set developer_list = parameter_dict['developer-list'] -%}
{% if developer_list -%}
%import Products.ERP5Type
<ERP5Type erp5>
developers {{ developer_list | join(' ') }}
</ERP5Type>
{% endif -%}
{% for m in parameter_dict['import-list'] -%}
%import {{ m }}
{% endfor -%}
{% set type_dict = {'neo': 'NEOStorage', 'zeo': 'zeoclient'} %}
{% for name, zodb_dict in parameter_dict['zodb-dict'].iteritems() %}
<zodb_db {{ name }}>
{%- set storage_type = type_dict[zodb_dict.pop('type')] %}
{%- set storage_dict = zodb_dict.pop('storage-dict') %}
{%- for key, value in zodb_dict.iteritems() %}
{{ key }} {{ value }}
{%- endfor %}
<{{ storage_type }}>
{%- for key, value in storage_dict.iteritems() %}
{{ key }} {{ value }}
......
stack/lamp.cfg
View file @ 94026302
......@@ -44,7 +44,6 @@ apache-libcloud = 0.9.1
async = 0.6.1
gitdb = 0.5.4
plone.recipe.command = 1.1
slapos.recipe.download = 1.0.dev-r4053
slapos.recipe.template = 2.3
slapos.toolbox = 0.40.4
smmap = 0.8.2
......@@ -63,4 +62,4 @@ feedparser = 5.1.1
# Required by:
# slapos.toolbox==0.40.2
paramiko = 1.15.2
paramiko = 1.15.3
stack/lamp/buildout.cfg
View file @ 94026302
......@@ -187,7 +187,6 @@ async = 0.6.1
gitdb = 0.5.4
pycrypto = 2.6
rdiff-backup = 1.0.5
slapos.recipe.download = 1.0.dev-r4053
slapos.recipe.template = 2.4.2
slapos.toolbox = 0.40.4
smmap = 0.8.2
......@@ -206,4 +205,4 @@ feedparser = 5.1.3
# Required by:
# slapos.toolbox==0.40.2
paramiko = 1.15.2
paramiko = 1.15.3
stack/lapp/buildout.cfg
View file @ 94026302
......@@ -184,7 +184,6 @@ cp.recipe.cmd = 0.4
gitdb = 0.5.4
plone.recipe.command = 1.1
pycrypto = 2.6
slapos.recipe.download = 1.0.dev-r4053
slapos.recipe.template = 2.4.2
slapos.toolbox = 0.40.4
smmap = 0.8.2
......@@ -203,7 +202,7 @@ feedparser = 5.1.3
# Required by:
# slapos.toolbox==0.40.2
paramiko = 1.15.2
paramiko = 1.15.3
# Required by:
# slapos.recipe.maarch==0.4
......
stack/monitor2/README.md 0 → 100644
View file @ 94026302
Monitor
=======
This stack has for purpose to know if all promises went/are ok.
It provides a web interface, to see which promises failed. It also provide a rss
feed to easily know the actual state of your instance, and to know when it
started to went bad.
THIS STACK IS A KIND OF FORK OF THE `stack/monitor`. THIS ONE WAS CREATED AS A
REDESIGNED ONE TO REMOVE UNWANTED FEATURES AND TO GO FURTHER TO THE GOOD DESIGN
DIRECTION. PLEASE, DO NOT USE THE OLD MONITORING INTERFACE OR ONLY FOR BACKWARD
COMPATIBILITY REASON.
Summary:
- Activate monitoring for you software
- Add a monitor promise
- Information about URL access
- Monitor promise configuration example
- Promise requirements
- monitor.haljson example
- monitor.conf example
Activate monitoring for your software
-------------------------------------
You just have to extend the monitor stack from your software.cfg.
You can also create a new buildout which extends your software, and the
monitoring stack:
[buildout]
extends =
monitor_url
my_software_url
In your instance.cfg, your publish section should be named `[publish]` in order
to extends the one of the monitoring stack.
Then, in the same file you can configure the monitor by adding this section:
[monitor-instance-parameter]
monitor-httpd-ipv6 = ...
monitor-httpd-port = ...
monitor-title = ...
Add a monitor promise
---------------------
For instance, we want to create a promise for KVM log parsing. Add these
sections in its instance.cfg:
[directory]
monitor-promise = ${:etc}/monitor-promise
[kvm-log-parser-promise]
recipe = ....
filename = kvm-log-parser
rendered = ${directory:monitor-promise}/${:filename}
mode = 0755
[buildout]
parts += kvm-log-parser-promise
We can optionaly add promise title:
[kvm-log-parser-promise-parameter]
# fill with -> see "Service config example" below
title = Kvm log parse
[kvm-log-parser-promise-cfg]
recipe = slapos.recipe.template:jinja2
rendered = ${directory:monitor-promise}/${kvm-log-parser-promise:filename}.cfg
template = service.cfg
context = section parameter_dict kvm-log-parser-promise-parameter
[buildout]
parts += kvm-log-parser-promise-cfg
... and optionaly a specific frequency:
[kvm-log-parser-promise-parameter]
frequency = */5 * * * *
Optionaly, we also want a custom interface:
[directory]
kvm-log-parser-promise-interface-dir = ....../interface
[kvm-log-parser-promise-parameter]
private-path-list += ${directory:kvm-log-parser-promise-interface-dir}
[kvm-log-parser-promise-interface]
recipe = ....
rendered = ${directory:kvm-log-parser-interface-dir}/index.html
[buildout]
parts += kvm-log-parser-promise-interface
service.cfg:
[service]
{% for key, value in parameter_dict.items() -%}
{{ key }} = {{ value.strip().replace("\n", "\n ") }}
{% endfor -%}
Information about URL access
----------------------------
Open HTTP GET on static files, open HTTP POST on cgi
GET <root_monitor>/ // classical monitoring interface
GET <root_monitor>/monitor.haljson // monitor conf
GET <root_monitor>/public/<service>.status.json // service status json
Example for KVM log parsing promise
GET <kvm_monitor>/monitor.haljson
GET <kvm_monitor>/public/kvm-log-parser.status.json
GET <kvm_monitor>/public/kvm-log-parser/index.html
POST <kvm_monitor>/cgi-bin/monitor-run-promise.cgi?service=kvm-log-parse // rerun the promise
Information about internal file tree
------------------------------------
Tree for monitor runtime:
etc/monitor.conf // generated by slapos
etc/cron.d/monitor // generated by slapos
bin/monitor.py // generated by slapos
srv/monitor/web/index.html // static
srv/monitor/web/monitor.css // static
srv/monitor/web/monitor.js // static
srv/monitor/web/monitor.haljson // generated by monitor.py
srv/monitor/public/.... // generated by monitor.py
srv/monitor/private/.... // generated by monitor.py
srv/monitor/cgi-bin/.... // generated by monitor.py
Example for KVM log parsing promise
etc/monitor-promise/kvm-log-parse.cfg // generated by slapos (kvm-log-parser-promise)
etc/monitor-promise/kvm-log-parse // generated by slapos (kvm-log-parser-promise)
var/kvm-log-parser-promise/interface/index.html // generated by slapos (kvm-log-parser-promise)
var/log/kvm.log // generated by kvm
var/log/kvm-log-parse-last-report.csv // generated by kvm-log-parse
srv/monitor/public/kvm-log-parse.status.json // generated by kvm-log-parse (indirectly by the monitor promise executor)
srv/monitor/public/kvm-log-parse/kvm.log -> var/log/kvm.log // generated by monitor.py
srv/monitor/public/kvm-log-parse/kvm-log-parse-last-report.csv -> var/log/kvm-log-parse-last-report.csv // genareted by monitor.py
srv/monitor/private/kvm-log-parse/interface -> var/kvm-log-parser-promise/interface // generated by monitor.py
srv/monitor/cgi-bin/kvm-log-parse/action.cgi -> var/kvm-log-parser-promise/action.cgi // generated by monitor.py
Monitor promise config example
------------------------------
Example for KVM log parsing promise
# etc/monitor-promise/kvm-log-parse.cfg
[service]
title = Kvm log parse
frequency = <Cron Syntax>
cgi-path-list = # automatically symlink to srv/monitor/cgi-bin/$service/
$instance/var/kvm-log-parser-promise/action.cgi
public-path-list = # automatically symlink to srv/monitor/public/$service/
$instance/var/log/kvm.log
private-path-list = # automatically symlink to srv/monitor/private/$service/
$instance/var/log
$instance/var/kvm-log-parser-promise/interface
On cron, the command will be something like:
${service:frequency} ${monitor:promise-executor-path} '${monitor:service-pid-folder}/${service:name}.pid' '${service:status-path}' '${promise_path}'
and "monitor:promise-executor-path" is a script that would run a promise if not
already on going (see `run-promise.py`).
TODO cron accepts 999 characters maximum for a command, so we should reduce the
size of the cron command
TODO put `run-promise.py` in the software
Promise requirements
--------------------
A promise should check something (like web page is well cached, there's not too
much slow queries, ...):
- MUST output the status.json in stdout
- SHOULD output on stdout
- MUST return 0 if status is good else != 0
- the status.json MUST contain "message" (string) which explains why the status is OK or bad
monitor.haljson example
-----------------------
{
"_links": {
"related_monitor": [
{ "href": "<url>/static" },
{ "href": "http://my.other.monitor" }
]
},
"_embedded": {
"service": [
{
"_links": {
"status": { "href": "<url>/kvm-log-parse/status.json" },
"interface": { "href": "<url>/kvm-log-parse/index.html" }
},
"title": "KVM log parse",
"id": "kvm-log-parse"
},
{
"_links": {
"status": { "href": "<url>/<service>/status.json" },
"interface": { "href": "<url>/<service>/index.html" }
},
"title": "Service name",
"id": "<service>"
}
]
},
"title": "KVM Monitoring interface"
}
monitor.conf example
--------------------
[monitor]
title = KVM Monitoring interface
monitor-hal-json = $instance/srv/monitor/web/monitor.haljson
public-folder = $instance/srv/monitor/public
private-folder = $instance/srv/monitor/private
web-folder = $instance/srv/monitor/web
cgi-folder = $instance/srv/monitor/cgi-bin
service-pid-folder = $instance/var/monitor/service-pid
public-path-list =
$instance/var/log
private-path-list =
$instance/srv/backup/log_rotate
monitor-url-list =
https://[...]/
https://[...]/
stack/monitor2/buildout.cfg 0 → 100644
View file @ 94026302
[buildout]
# XXX THIS STACK IS A KIND OF FORK OF `stack/monitor`. THIS ONE WAS
# CREATED AS A REDESIGNED ONE TO REMOVE UNWANTED FEATURES AND
# TO GO FURTHER TO THE GOOD DESIGN DIRECTION. SEE THE README FOR
# MORE INFORMATION.
extends =
../../component/apache/buildout.cfg
../../component/curl/buildout.cfg
../../component/dash/buildout.cfg
../../component/dcron/buildout.cfg
../../component/openssl/buildout.cfg
parts +=
slapos-cookbook
dcron
monitor-eggs
extra-eggs
monitor-conf
monitor-bin
monitor-web-index-html
monitor-web-monitor-css
monitor-web-monitor-js
monitor-web-monitor-logout-cgi
monitor-web-monitor-logout-page
monitor-template
rss-bin
[monitor-download-base]
recipe = hexagonit.recipe.download
download-only = true
url = ${:_profile_base_location_}/${:filename}
mode = 0644
[monitor-eggs]
recipe = zc.recipe.egg
eggs =
collective.recipe.template
cns.recipe.symlink
[extra-eggs]
recipe = zc.recipe.egg
interpreter = pythonwitheggs
eggs =
PyRSS2Gen
Jinja2
[make-rss-script]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/make-rss.sh.in
md5sum = 98c8f6fd81e405b0ad10db07c3776321
output = ${buildout:directory}/template-make-rss.sh.in
mode = 0644
[monitor-conf]
<= monitor-download-base
filename = monitor.conf.in
md5sum = 2db5c08c7e8658981b4b1e3f27fd5967
[monitor-bin]
<= monitor-download-base
filename = monitor.py.in
md5sum = 2484cb185c391890a05db26c2163af8e
[monitor-web-default-promise-interface]
<= monitor-download-base
filename = default-promise-interface.html
md5sum = eaedae330cd155f8b693b418286d0d98
[monitor-web-index-html]
<= monitor-download-base
filename = index.html
md5sum = 262db07691c145301252a49b6b51d11d
[monitor-web-monitor-css]
<= monitor-download-base
filename = monitor.css
md5sum = a18ab932e5e2e656995f47c7d4a7853a
[monitor-web-monitor-js]
<= monitor-download-base
filename = monitor.js.in
md5sum = 3451788c49d3664cd9b72551fab34a9b
[monitor-web-monitor-logout-cgi]
recipe = slapos.recipe.template:jinja2
filename = monitor-logout.py.cgi
md5sum = 5b3c0aa559722a3bae5a692ea9a0a441
mode = 0755
template = ${:_profile_base_location_}/${:filename}
rendered = ${buildout:directory}/monitor-logout.cgi
context = key python_executable buildout:executable
[monitor-web-monitor-logout-page]
<= monitor-download-base
filename = monitor-logout.html
md5sum = b210c6842df541305d299081bc1bf81e
[monitor-web-monitor-promise-runner-cgi]
<= monitor-download-base
filename = monitor-run-promise.py.cgi
md5sum = 15625e5bf6c1b57b9199250951ffc16e
[monitor-template]
recipe = slapos.recipe.template:jinja2
filename = template-monitor.cfg
template = ${:_profile_base_location_}/instance-monitor.cfg.jinja2.in
rendered = ${buildout:directory}/template-monitor.cfg
md5sum = 6d5f1ceff198262319566ee25093c350
context =
key apache_location apache:location
key gzip_location gzip:location
raw monitor_bin ${monitor-bin:location}/${monitor-bin:filename}
raw monitor_conf_template ${monitor-conf:location}/${monitor-conf:filename}
raw monitor_password_promise_template ${monitor-password-promise:location}/${monitor-password-promise:filename}
raw monitor_password_cgi_template ${monitor-password-cgi:location}/${monitor-password-cgi:filename}
raw monitor_password_promise_interface_template ${monitor-password-promise-interface:location}/${monitor-password-promise-interface:filename}
raw monitor_web_default_promise_interface ${monitor-web-default-promise-interface:location}/${monitor-web-default-promise-interface:filename}
raw monitor_web_index_html ${monitor-web-index-html:location}/${monitor-web-index-html:filename}
raw monitor_web_monitor_css ${monitor-web-monitor-css:location}/${monitor-web-monitor-css:filename}
key monitor_web_monitor_logout_cgi monitor-web-monitor-logout-cgi:rendered
raw monitor_web_monitor_logout_page ${monitor-web-monitor-logout-page:location}/${monitor-web-monitor-logout-page:filename}
raw monitor_web_monitor_promise_runner_cgi ${monitor-web-monitor-promise-runner-cgi:location}/${monitor-web-monitor-promise-runner-cgi:filename}
raw monitor_web_monitor_js ${monitor-web-monitor-js:location}/${monitor-web-monitor-js:filename}
raw curl_executable_location ${curl:location}/bin/curl
raw dash_executable_location ${dash:location}/bin/dash
raw dcron_executable_location ${dcron:location}/sbin/crond
raw logrotate_executable_location ${logrotate:location}/usr/sbin/logrotate
raw monitor_httpd_template ${monitor-httpd-conf:location}/${monitor-httpd-conf:filename}
raw monitor_service_conf_template ${monitor-service-conf-template:location}/${monitor-service-conf-template:filename}
raw monitor_service_run ${monitor-service-template-run:location}/${monitor-service-template-run:filename}
raw openssl_executable_location ${openssl:location}/bin/openssl
raw python_executable ${buildout:executable}
raw promise_executor_py ${run-promise-py:location}/${run-promise-py:filename}
raw template_wrapper ${template-wrapper:output}
raw status2rss_executable_path ${status2rss-executable:location}/${status2rss-executable:filename}
[monitor-httpd-conf]
<= monitor-download-base
md5sum = 625d3d948c0af7b4848d7fad92bfb844
filename = monitor-httpd.conf.in
[monitor-service-conf-template]
<= monitor-download-base
filename = monitor-service.cfg.in
md5sum = 5913d2a0096b50537f394a49b762b3e5
[monitor-service-template-run]
<= monitor-download-base
md5sum = d5f29fa859a45696e1ff1bb174ab1111
filename = monitor-service-run.in
[run-promise-py]
<= monitor-download-base
filename = run-promise.py
md5sum = 6db26ce13becf8a190e34c14cb8b6f9f
[monitor-httpd-template]
<= monitor-download-base
md5sum = 93e1dda50cb71bfe29966b2946c02dd1
filename = cgi-httpd.conf.in
[index]
recipe = hexagonit.recipe.download
url = ${:_profile_base_location_}/webfile-directory/${:filename}
download-only = true
md5sum = e759977b21c70213daa4c2701f2c2078
destination = ${buildout:parts-directory}/monitor-index
filename = index.cgi.in
mode = 0644
[index-template]
recipe = hexagonit.recipe.download
url = ${:_profile_base_location_}/webfile-directory/${:filename}
download-only = true
destination = ${buildout:parts-directory}/monitor-template-index
md5sum = 7400c8cfa16a15a0d41f512b8bbb1581
filename = index.html.jinja2
mode = 0644
[status-cgi]
recipe = hexagonit.recipe.download
url = ${:_profile_base_location_}/webfile-directory/${:filename}
download-only = true
md5sum = e43d79bec8824265e22df7960744113a
destination = ${buildout:parts-directory}/monitor-template-status-cgi
filename = status.cgi.in
mode = 0644
[status-history-cgi]
recipe = hexagonit.recipe.download
url = ${:_profile_base_location_}/webfile-directory/${:filename}
download-only = true
#md5sum = 4fb26753ee669b8ac90ffe33dbd12e8f
destination = ${buildout:parts-directory}/monitor-template-status-history-cgi
filename = status-history.cgi.in
mode = 0644
[settings-cgi]
recipe = hexagonit.recipe.download
url = ${:_profile_base_location_}/webfile-directory/${:filename}
download-only = true
md5sum = b4cef123a3273e848e8fe496e22b20a8
destination = ${buildout:parts-directory}/monitor-template-settings-cgi
filename = settings.cgi.in
mode = 0644
[monitor-password-promise]
<= monitor-download-base
filename = monitor-password-promise.py.in
md5sum = 0a9a42551ed6bdb973fd1f0dd1d4ec86
[monitor-password-cgi]
<= monitor-download-base
md5sum = 04fc7e6d892d29a601cfd43d1700eeda
filename = monitor-password.py.cgi
[monitor-password-promise-interface]
<= monitor-download-base
filename = monitor-password-interface.html
md5sum = 04b664dfb47bfd3d01502768311aa239
[status2rss-executable]
<= monitor-download-base
filename = status2rss.py
md5sum = 65315ded80cd72f54f6e12d06ce813c4
[dcron-service]
recipe = slapos.recipe.template
url = ${template-dcron-service:output}
output = $${directory:services}/crond
mode = 0700
logfile = $${directory:log}/crond.log
[template-wrapper]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/wrapper.in
output = ${buildout:directory}/template-wrapper.cfg
mode = 0644
md5sum = 8cde04bfd0c0e9bd56744b988275cfd8
stack/monitor2/cgi-httpd.conf.in 0 → 100644
View file @ 94026302
PidFile "{{ httpd_configuration.get('pid-file') }}"
StartServers 1
ServerLimit 1
ThreadLimit 4
ThreadsPerChild 4
ServerName example.com
ServerAdmin someone@email
<IfDefine !MonitorPort>
Listen [{{ httpd_configuration.get('listening-ip') }}]:{{ monitor_parameters.get('port') }}
Define MonitorPort
</IfDefine>
DocumentRoot "{{ directory.get('www') }}"
ErrorLog "{{ httpd_configuration.get('error-log') }}"
LoadModule unixd_module modules/mod_unixd.so
LoadModule access_compat_module modules/mod_access_compat.so
LoadModule authz_core_module modules/mod_authz_core.so
LoadModule authn_core_module modules/mod_authn_core.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule mime_module modules/mod_mime.so
LoadModule cgid_module modules/mod_cgid.so
LoadModule dir_module modules/mod_dir.so
LoadModule ssl_module modules/mod_ssl.so
LoadModule alias_module modules/mod_alias.so
LoadModule autoindex_module modules/mod_autoindex.so
LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule authn_file_module modules/mod_authn_file.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule rewrite_module modules/mod_rewrite.so
# SSL Configuration
<IfDefine !SSLConfigured>
Define SSLConfigured
SSLCertificateFile {{ httpd_configuration.get('certificate') }}
SSLCertificateKeyFile {{ httpd_configuration.get('key') }}
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
SSLRandomSeed startup /dev/urandom 256
SSLRandomSeed connect builtin
SSLProtocol -ALL +SSLv3 +TLSv1
SSLHonorCipherOrder On
SSLCipherSuite RC4-SHA:HIGH:!ADH
</IfDefine>
SSLEngine On
ScriptSock {{ httpd_configuration.get('cgid-pid-file') }}
<Directory {{ directory.get('www') }}>
SSLVerifyDepth 1
SSLRequireSSL
SSLOptions +StrictRequire
# XXX: security????
Options +ExecCGI
AddHandler cgi-script .cgi
DirectoryIndex {{ monitor_parameters.get('index-filename') }}
</Directory>
Alias /private/ {{ directory.get('private-directory') }}/
<Directory {{ directory.get('private-directory') }}>
Order Deny,Allow
Deny from env=AUTHREQUIRED
<Files ".??*">
Order Allow,Deny
Deny from all
</Files>
AuthType Basic
AuthName "Private access"
AuthUserFile "{{ monitor_parameters.get('htaccess-file') }}"
Require valid-user
Options Indexes FollowSymLinks
Satisfy all
</Directory>
<Location /rewrite>
AuthType Basic
AuthName "Private access"
AuthUserFile "{{ monitor_parameters.get('htaccess-file') }}"
Require valid-user
</Location>
ProxyVia On
RewriteEngine On
{% for key, value in monitor_rewrite_rule.iteritems() %}
RewriteRule ^/rewrite/{{ key }}($|/.*) {{ value }}/$1 [P,L]
{% endfor %}
stack/monitor2/default-promise-interface.html 0 → 100644
View file @ 94026302
<!DOCTYPE html>
<html>
<head>
<title>Promise status</title>
<style>
input, button {
min-height: 10mm;
min-width: 10mm;
}
</style>
<script>
function getServiceName() {
var match = /(?:&|\?)service_name=([^&]*)/.exec(location.search);
if (match) {
return match[1];
}
throw new Error("no service name found");
}
var service_name = getServiceName(),
monitor_json_url = "/monitor.haljson",
status_json_url = "/public/" + service_name + ".status.json",
rerun_cgi_url = "/cgi-bin/monitor-run-promise.cgi?service=" + service_name;
function newDeferred() {
var d = {
"promise": undefined,
"resolve": undefined,
"reject": undefined
};
d.promise = new Promise(function (resolve, reject) {
d.resolve = resolve;
d.reject = reject;
});
return d;
}
function xhr(param) {
/*global XMLHttpRequest */
var d = newDeferred(), xhr = new XMLHttpRequest(), k, i, l, a;
d.promise.cancel = function () { xhr.abort(); };
xhr.open((param.method || "GET").toUpperCase(), param.url, true);
xhr.responseType = param.responseType || "";
if (param.withCredentials !== undefined) {
xhr.withCredentials = param.withCredentials;
}
if (param.headers) {
a = Object.keys(param.headers);
l = a.length;
for (i = 0; i < l; i += 1) {
k = a[i];
xhr.setRequestHeader(k, param.headers[k]);
}
}
xhr.addEventListener("load", function (e) {
var r, t = e.target, callback;
if (param.noStatusCheck) {
d.resolve(t);
} else if (t.status < 400) {
d.resolve(t);
} else {
d.reject(new Error("HTTP: " + (t.status ? t.status + " " : "") + (t.statusText || "Unknown")));
}
}, false);
xhr.addEventListener("error", function (e) {
return d.reject(new Error("HTTP: Error"));
}, false);
xhr.addEventListener("abort", function (e) {
return d.reject(new Error("HTTP: Aborted"));
}, false);
xhr.send(param.data);
return d.promise;
}
function unexpectedError(reason) {
console.error(reason);
alert(reason);
}
function PromiseStatusInterface(config) {
var it = this,
statusP = document.createElement("p"),
descriptionH2 = document.createElement("h2"),
descriptionP = document.createElement("p"),
errorH2 = document.createElement("h2"),
errorPre = document.createElement("pre"),
header = document.createElement("header"),
h1 = document.createElement("h1"),
h2 = document.createElement("h2"),
a = document.createElement("a"),
button = document.createElement("button");
this.element = config.rootElement || document.createElement("div");
this.statusP = statusP;
this.descriptionP = descriptionP;
this.errorH2 = errorH2;
this.errorPre = errorPre;
this.element.appendChild(header);
header.appendChild(a);
a.setAttribute("tabindex", "-1");
a.setAttribute("href", "/");
a.appendChild(button);
button.textContent = "Home";
a = document.createElement("a");
button = document.createElement("button");
header.appendChild(a);
a.setAttribute("tabindex", "-1");
a.setAttribute("href", "");
a.appendChild(button);
button.textContent = "Refresh";
button = document.createElement("button");
header.appendChild(button);
button.textContent = "Run promise now";
button.onclick = function () {
this.runPromiseNow();
}.bind(this);
this.runPromiseNowButton = button;
this.element.appendChild(h1);
h1.textContent = "Promise status";
this.element.appendChild(statusP);
this.element.appendChild(descriptionH2);
descriptionH2.textContent = "Description";
this.element.appendChild(descriptionP);
this.element.appendChild(errorH2);
errorH2.textContent = "Error output";
errorH2.style.display = "none";
this.element.appendChild(errorPre);
errorPre.style.display = "none";
this.loadStatusUi();
this.loadDescriptionUi();
this.loadErrorUi();
}
PromiseStatusInterface.prototype.loadStatusJson = function () {
if (this.status_json_promise) { return; }
this.status_json_promise = Promise.resolve().then(function () {
return xhr({url: status_json_url, withCredentials: true, responseType: "json"});
}).then(function (xhr) {
return xhr.response;
});
this.status_json_promise.catch(function () { return; }).then(function () {
setTimeout(function () {
delete this.status_json_promise;
}.bind(this), 1000);
}.bind(this));
return this.status_json_promise;
};
PromiseStatusInterface.prototype.loadStatusUi = function () {
this.loadStatusJson();
this.statusP.textContent = "Loading status...";
return this.status_json_promise.then(function (status_json) {
if (status_json.status === "OK") {
this.statusP.textContent = "Status: OK.";
} else {
this.statusP.textContent = "Status: BAD (" + status_json.status + ").";
}
if (status_json.message) {
this.statusP.appendChild(document.createTextNode(" " + status_json.message));
}
}.bind(this), function (reason) {
var message = reason && (reason.target && (reason.target.statusText || "Unknown") || reason.message);
this.statusP.textContent = "Status Json Error: " + (message || "Unknown error");
}.bind(this)).catch(unexpectedError);
};
PromiseStatusInterface.prototype.loadDescriptionUi = function () {
this.loadStatusJson();
this.descriptionP.textContent = "Loading description...";
return this.status_json_promise.then(function (status_json) {
if (status_json.description) {
this.descriptionP.textContent = status_json.description;
} else {
this.descriptionP.textContent = "No description";
}
}.bind(this), function (reason) {
var message = reason && (reason.target && (reason.target.statusText || "Unknown") || reason.message);
this.descriptionP.textContent = "Status Json Error: " + (message || "Unknown error");
}.bind(this)).catch(unexpectedError);
};
PromiseStatusInterface.prototype.loadErrorUi = function () {
this.loadStatusJson();
this.errorPre.textContent = "Loading error output...";
return this.status_json_promise.then(function (status_json) {
if (status_json.error) {
this.errorH2.style.display = "";
this.errorPre.style.display = "";
this.errorPre.textContent = status_json.error;
} else {
this.errorH2.style.display = "none";
this.errorPre.style.display = "none";
this.errorPre.textContent = "";
}
}.bind(this), function (reason) {
var message = reason && (reason.target && (reason.target.statusText || "Unknown") || reason.message);
this.errorPre.textContent = "Status Json Error: " + (message || "Unknown error");
}.bind(this)).catch(unexpectedError);
};
PromiseStatusInterface.prototype.runPromiseNow = function () {
this.runPromiseNowButton.disabled = true;
var original_text = this.runPromiseNowButton.textContent;
this.runPromiseNowButton.textContent = "Sending message...";
return Promise.resolve().then(function () {
return xhr({url: rerun_cgi_url, method: "POST", withCredentials: true});
}).catch(unexpectedError).then(function () {
this.runPromiseNowButton.textContent = original_text;
}.bind(this));
};
/*global setTimeout */
setTimeout(function () {
/*global document */
document.body.innerHTML = "";
return new PromiseStatusInterface({rootElement: document.body});
});
</script>
</head>
<body>
<h1>Promise status</h1>
<noscript>Javascript should be enabled</noscript>
</body>
</html>
stack/monitor2/index.html 0 → 100644
View file @ 94026302
<!DOCTYPE html>
<html>
<head>
<link rel="stylesheet" href="monitor.css" />
<script src="monitor.js"></script>
</head>
<body>
<noscript>Please enable javascript on your browser to make this application to work.</noscript>
</body>
</html>
stack/monitor2/instance-monitor.cfg.jinja2.in 0 → 100644
View file @ 94026302
[cron]
recipe = slapos.cookbook:cron
cron-entries = ${logrotate-directory:cron-entries}
dcrond-binary = {{ dcron_executable_location }}
crontabs = ${logrotate-directory:crontabs}
cronstamps = ${logrotate-directory:cronstamps}
catcher = ${cron-simplelogger:wrapper}
binary = ${logrotate-directory:services}/crond
[cron-simplelogger]
recipe = slapos.cookbook:simplelogger
wrapper = ${logrotate-directory:bin}/cron_simplelogger
log = ${logrotate-directory:log}/cron.log
[logrotate]
recipe = slapos.cookbook:logrotate
logrotate-entries = ${logrotate-directory:logrotate-entries}
backup = ${logrotate-directory:logrotate-backup}
logrotate-binary = {{ logrotate_executable_location }}
gzip-binary = {{ gzip_location }}/bin/gzip
gunzip-binary = {{ gzip_location }}/bin/gunzip
wrapper = ${logrotate-directory:bin}/logrotate
conf = ${logrotate-directory:etc}/logrotate.conf
state-file = ${logrotate-directory:srv}/logrotate.status
[cron-entry-logrotate]
recipe = slapos.cookbook:cron.d
cron-entries = ${cron:cron-entries}
name = logrotate
frequency = 0 0 * * *
command = ${logrotate:wrapper}
# Add log to cron
[cron-simplelogger]
recipe = slapos.cookbook:simplelogger
wrapper = ${monitor-directory:bin}/cron_simplelogger
log = ${monitor-directory:log}/cron.log
[directory]
recipe = slapos.cookbook:mkdirectory
etc = ${buildout:directory}/etc
bin = ${buildout:directory}/bin
srv = ${buildout:directory}/srv
var = ${buildout:directory}/var
run = ${:var}/run
log = ${:var}/log
scripts = ${:etc}/run
services = ${:etc}/service
promises = ${:etc}/promise
monitor = ${:srv}/monitor
monitor-promise = ${:etc}/monitor-promise
[monitor-directory]
recipe = slapos.cookbook:mkdirectory
bin = ${directory:bin}
etc = ${directory:etc}
run = ${directory:monitor}/run
#run = ${directory:scripts}
pids = ${directory:run}/monitor
cgi-bin = ${directory:monitor}/cgi-bin
public = ${directory:monitor}/public
private = ${directory:monitor}/private
services = ${directory:services}
services-conf = ${directory:etc}/monitor.conf.d
www = ${directory:monitor}/web
web-dir = ${directory:monitor}/web
log = ${directory:log}/monitor
promise-wrapper = ${directory:var}/monitor-promise-wrapper
monitor-var = ${directory:var}/monitor
monitor-password-var = ${monitor-directory:monitor-var}/password
monitor-password-interface = ${monitor-directory:monitor-password-var}/password/interface
monitor-status2rss-var = ${monitor-directory:monitor-var}/status2rss
[logrotate-directory]
recipe = slapos.cookbook:mkdirectory
cron-entries = ${:etc}/cron.d
cronstamps = ${:etc}/cronstamps
crontabs = ${:etc}/crontabs
logrotate-backup = ${:backup}/logrotate
logrotate-entries = ${:etc}/logrotate.d
bin = ${buildout:directory}/bin
srv = ${buildout:directory}/srv
backup = ${:srv}/backup
etc = ${buildout:directory}/etc
services = ${:etc}/service
log = ${buildout:directory}/var/log
[ca-directory]
recipe = slapos.cookbook:mkdirectory
root = ${directory:srv}/ssl
requests = ${:root}/requests
private = ${:root}/private
certs = ${:root}/certs
newcerts = ${:root}/newcerts
crl = ${:root}/crl
[certificate-authority]
recipe = slapos.cookbook:certificate_authority
openssl-binary = {{ openssl_executable_location }}
ca-dir = ${ca-directory:root}
requests-directory = ${ca-directory:requests}
wrapper = ${monitor-directory:services}/certificate_authority
ca-private = ${ca-directory:private}
ca-certs = ${ca-directory:certs}
ca-newcerts = ${ca-directory:newcerts}
ca-crl = ${ca-directory:crl}
[ca-httpd]
<= certificate-authority
recipe = slapos.cookbook:certificate_authority.request
key-file = ${monitor-httpd-conf-parameter:key-file}
cert-file = ${monitor-httpd-conf-parameter:cert-file}
executable = ${httpd-wrapper:wrapper-path}
wrapper = ${directory:services}/monitor-httpd
[monitor-conf-parameters]
title = ${monitor-instance-parameter:monitor-title}
service-executable-dir = ${monitor-directory:run}
template-service-run = {{ monitor_service_run }}
public-folder = ${monitor-directory:public}
private-folder = ${monitor-directory:private}
web-folder = ${monitor-directory:web-dir}
monitor-hal-json = ${monitor-directory:web-dir}/monitor.haljson
service-pid-folder = ${monitor-directory:pids}
crond-folder = ${logrotate-directory:cron-entries}
public-path-list =
${directory:log}
private-path-list =
monitor-url-list =
[monitor-conf]
recipe = slapos.recipe.template:jinja2
template = {{ monitor_conf_template }}
rendered = ${directory:etc}/${:filename}
filename = monitor.conf
context = section parameter_dict monitor-conf-parameters
[httpd-monitor-htpasswd]
recipe = plone.recipe.command
stop-on-error = true
htpasswd-path = ${monitor-directory:etc}/monitor-htpasswd
command = {{ apache_location }}/bin/htpasswd -cb ${:htpasswd-path} ${:user} ${:password}
user = admin
password = admin
[monitor-httpd-conf-parameter]
listening-ip = ${monitor-instance-parameter:monitor-httpd-ipv6}
port = ${monitor-instance-parameter:monitor-httpd-port}
pid-file = ${directory:run}/httpd.pid
cgid-pid-file = ${directory:run}/cgid.pid
access-log = ${monitor-directory:log}/httpd-access.log
error-log = ${monitor-directory:log}/httpd-error.log
cert-file = ${ca-directory:certs}/httpd.crt
key-file = ${ca-directory:certs}/httpd.key
htpasswd-file = ${httpd-monitor-htpasswd:htpasswd-path}
url = https://[${monitor-instance-parameter:monitor-httpd-ipv6}]:${:port}/
[monitor-httpd-conf]
recipe = slapos.recipe.template:jinja2
template = {{ monitor_httpd_template }}
rendered = ${monitor-directory:etc}/monitor-httpd.conf
mode = 0744
context =
section directory monitor-directory
section parameter_dict monitor-httpd-conf-parameter
[httpd-wrapper]
recipe = slapos.cookbook:wrapper
command-line = {{ apache_location }}/bin/httpd -f ${monitor-httpd-conf:rendered} -DFOREGROUND
wrapper-path = ${directory:bin}/monitor-httpd
wait-for-files =
${ca-directory:certs}/httpd.key
${ca-directory:certs}/httpd.crt
${cgi-httpd-graceful-wrapper:rendered}
[cgi-httpd-graceful-wrapper]
recipe = slapos.recipe.template:jinja2
template = {{ template_wrapper }}
rendered = ${directory:run}/monitor-httpd-graceful
mode = 0700
context =
key content :command
command = kill -USR1 $(cat ${monitor-httpd-conf-parameter:pid-file})
[monitor-status2rss-wrapper]
recipe = slapos.cookbook:wrapper
command-line = {{ python_executable }} {{ status2rss_executable_path }} '${monitor-instance-parameter:monitor-title}' '${monitor-httpd-conf-parameter:url}' ${monitor-directory:public} ${monitor-directory:monitor-status2rss-var}/previous_status ${monitor-directory:web-dir}/feed
wrapper-path = ${directory:bin}/monitor-status2rss.py
[monitor-status2rss-cron-entry]
recipe = slapos.cookbook:cron.d
cron-entries = ${cron:cron-entries}
name = monitor-status2rss
frequency = * * * * *
command = ${monitor-status2rss-wrapper:wrapper-path}
[monitor-web-default-promise-interface]
recipe = slapos.recipe.template:jinja2
template = {{ monitor_web_default_promise_interface }}
rendered = ${monitor-directory:web-dir}/default-promise-interface.html
context =
[monitor-web-index-html]
recipe = slapos.recipe.template:jinja2
template = {{ monitor_web_index_html }}
rendered = ${monitor-directory:web-dir}/index.html
context =
[monitor-web-monitor-css]
recipe = slapos.recipe.template:jinja2
template = {{ monitor_web_monitor_css }}
rendered = ${monitor-directory:web-dir}/monitor.css
context =
[monitor-web-monitor-js]
recipe = slapos.recipe.template:jinja2
template = {{ monitor_web_monitor_js }}
rendered = ${monitor-directory:web-dir}/monitor.js
context =
key monitor_title monitor-instance-parameter:monitor-title
[monitor-web-monitor-logout-cgi]
recipe = slapos.recipe.template:jinja2
template = {{ monitor_web_monitor_logout_cgi }}
rendered = ${monitor-directory:cgi-bin}/monitor-logout.cgi
mode = 0755
context =
[monitor-web-monitor-logout-page]
recipe = slapos.recipe.template:jinja2
template = {{ monitor_web_monitor_logout_page }}
rendered = ${monitor-directory:web-dir}/logout
context =
[monitor-web-monitor-promise-runner-cgi]
recipe = slapos.recipe.template:jinja2
template = {{ monitor_web_monitor_promise_runner_cgi }}
rendered = ${monitor-directory:cgi-bin}/monitor-run-promise.cgi
mode = 0755
context =
raw python_executable {{ python_executable }}
key promise_wrapper_folder monitor-directory:promise-wrapper
[start-monitor]
recipe = slapos.recipe.template:jinja2
template = {{ monitor_bin }}
rendered = ${directory:scripts}/bootstrap-monitor
context =
raw python_executable {{ python_executable }}
key public_folder monitor-directory:public
key private_folder monitor-directory:private
key monitor_configuration_path monitor-conf:rendered
key promise_runner_path monitor-run-promise:rendered
key promise_folder directory:promises
key monitor_promise_folder directory:monitor-promise
key promise_wrapper_folder monitor-directory:promise-wrapper
[monitor-run-promise]
recipe = slapos.recipe.template:jinja2
template = {{ promise_executor_py }}
rendered = ${directory:bin}/monitor-run-promise
mode = 700
context =
raw python_executable {{ python_executable }}
[monitor-httpd-promise]
recipe = slapos.cookbook:check_url_available
path = ${directory:promises}/${:filename}
filename = monitor-httpd-listening-on-tcp
url = ${monitor-httpd-conf-parameter:url}
check-secure = 1
dash_path = {{ dash_executable_location }}
curl_path = {{ curl_executable_location }}
[monitor-httpd-promise-conf]
recipe = slapos.recipe.template:jinja2
rendered = ${directory:monitor-promise}/${monitor-httpd-promise:filename}.cfg
template = {{ monitor_service_conf_template }}
mode = 0644
context = section parameter_dict monitor-httpd-promise-conf-parameter
[monitor-httpd-promise-conf-parameter]
title = Monitor httpd listening
# frequency minute hour day mounth weekday
frequency = * * * * *
public-path-list = ${monitor-httpd-conf-parameter:access-log} ${monitor-httpd-conf-parameter:error-log}
#private-path-list =
[monitor-password-parameter]
password-changed-once-path = ${directory:var}/monitor-password-changed-once
[monitor-password-promise]
recipe = slapos.recipe.template:jinja2
template = {{ monitor_password_promise_template }}
rendered = ${directory:monitor-promise}/${:filename}
filename = monitor-password
mode = 0755
context =
raw python_executable {{ python_executable }}
key password_changed_once_path monitor-password-parameter:password-changed-once-path
[monitor-password-promise-conf-parameter]
title = Monitor password
frequency = */5 * * * *
private-path-list = ${monitor-directory:monitor-password-interface}
[monitor-password-promise-conf]
recipe = slapos.recipe.template:jinja2
template = {{ monitor_service_conf_template }}
rendered = ${directory:monitor-promise}/${monitor-password-promise:filename}.cfg
mode = 0644
context = section parameter_dict monitor-password-promise-conf-parameter
[monitor-password-cgi]
recipe = slapos.recipe.template:jinja2
template = {{ monitor_password_cgi_template }}
rendered = ${monitor-directory:cgi-bin}/monitor-password.cgi
context =
raw python_executable {{ python_executable }}
key password_changed_once_path monitor-password-parameter:password-changed-once-path
raw htpasswd_executable {{ apache_location }}/bin/htpasswd
key htpasswd_path httpd-monitor-htpasswd:htpasswd-path
[monitor-password-promise-interface]
recipe = slapos.recipe.template:jinja2
template = {{ monitor_password_promise_interface_template }}
rendered = ${monitor-directory:monitor-password-interface}/index.html
context =
[publish]
recipe = slapos.cookbook:publish
monitor-url = ${monitor-httpd-conf-parameter:url}
[monitor-instance-parameter]
monitor-title = Monitoring interface
[buildout]
parts =
monitor-web-default-promise-interface
monitor-web-index-html
monitor-web-monitor-css
monitor-web-monitor-js
monitor-web-monitor-logout-cgi
monitor-web-monitor-logout-page
monitor-web-monitor-promise-runner-cgi
cron-entry-logrotate
certificate-authority
monitor-conf
start-monitor
ca-httpd
monitor-httpd-promise
monitor-httpd-promise-conf
monitor-password-promise
monitor-password-promise-conf
monitor-password-cgi
monitor-password-promise-interface
monitor-status2rss-cron-entry
publish
stack/monitor2/make-rss.sh.in 0 → 100644
View file @ 94026302
#!${dash-output:dash}
STATUS_DB={{ monitor_parameters['db-path'] }}
RSS_FILE={{ monitor_parameters['rss-path'] }}
PYTHON=${buildout:directory}/bin/${extra-eggs:interpreter}
STATUS2RSS=${rss-bin:location}/${rss-bin:filename}
$PYTHON $STATUS2RSS "Monitoring RSS feed" "{{ monitor_parameters['url'] }}/{{ monitor_parameters['index-filename'] }}" $STATUS_DB > $RSS_FILE
stack/monitor2/monitor-httpd.conf.in 0 → 100644
View file @ 94026302
PidFile "{{ parameter_dict.get('pid-file') }}"
StartServers 1
ServerLimit 1
ThreadLimit 4
ThreadsPerChild 4
ServerName example.com
ServerAdmin someone@email
<IfDefine !MonitorPort>
Listen [{{ parameter_dict.get('listening-ip') }}]:{{ parameter_dict.get('port') }}
Define MonitorPort
</IfDefine>
DocumentRoot "{{ directory.get('www') }}"
ErrorLog "{{ parameter_dict.get('error-log') }}"
LoadModule unixd_module modules/mod_unixd.so
LoadModule access_compat_module modules/mod_access_compat.so
LoadModule authz_core_module modules/mod_authz_core.so
LoadModule authn_core_module modules/mod_authn_core.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule mime_module modules/mod_mime.so
LoadModule cgid_module modules/mod_cgid.so
LoadModule dir_module modules/mod_dir.so
LoadModule ssl_module modules/mod_ssl.so
LoadModule alias_module modules/mod_alias.so
LoadModule autoindex_module modules/mod_autoindex.so
LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule authn_file_module modules/mod_authn_file.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule rewrite_module modules/mod_rewrite.so
# SSL Configuration
<IfDefine !SSLConfigured>
Define SSLConfigured
SSLCertificateFile {{ parameter_dict.get('cert-file') }}
SSLCertificateKeyFile {{ parameter_dict.get('key-file') }}
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
SSLRandomSeed startup /dev/urandom 256
SSLRandomSeed connect builtin
SSLProtocol -ALL +SSLv3 +TLSv1
SSLHonorCipherOrder On
SSLCipherSuite RC4-SHA:HIGH:!ADH
</IfDefine>
AddType application/hal+json .haljson
SSLEngine On
ScriptSock {{ parameter_dict.get('cgid-pid-file') }}
<Directory {{ directory.get('www') }}>
SSLVerifyDepth 1
SSLRequireSSL
SSLOptions +StrictRequire
# XXX: security????
DirectoryIndex index.html
Options FollowSymLinks
Order Deny,Allow
AuthType Basic
AuthName "Private access"
AuthUserFile "{{ parameter_dict.get('htpasswd-file') }}"
Require valid-user
</Directory>
Alias /private {{ directory.get('private') }}/
<Directory {{ directory.get('private') }}>
Order Deny,Allow
Deny from env=AUTHREQUIRED
<Files ".??*">
Order Allow,Deny
Deny from all
</Files>
AuthType Basic
AuthName "Private access"
AuthUserFile "{{ parameter_dict.get('htpasswd-file') }}"
Require valid-user
Options Indexes FollowSymLinks
Satisfy all
</Directory>
Alias /public {{ directory.get('public') }}/
<Directory {{ directory.get('public') }}>
Options Indexes FollowSymLinks
Order Allow,Deny
Allow from all
</Directory>
Alias /cgi-bin {{ directory.get('cgi-bin') }}
<Directory {{ directory.get('cgi-bin') }}>
# XXX security ???
Order Deny,Allow
Deny from all
<Files "*.cgi">
Order Deny,Allow
Deny from env=AUTHREQUIRED
AuthType Basic
AuthName "Private access"
AuthUserFile "{{ parameter_dict.get('htpasswd-file') }}"
Require valid-user
</Files>
Options +ExecCGI
AddHandler cgi-script .cgi
Options Indexes FollowSymLinks
Satisfy all
</Directory>
stack/monitor2/monitor-logout.html 0 → 100644
View file @ 94026302
<!DOCTYPE html>
<html>
<head><title>Monitor logout</title></head>
<body>
<noscript>Cannot logout without javascript</noscript>
<script>
var logoutURL = "/cgi-bin/monitor-logout.cgi",
xhr = new XMLHttpRequest();
xhr.onload = function () {
if (xhr.status === 401) {
document.body.innerHTML = "<p>You are now logged out. You can go back to the monitor interface <a href=\"/\">here</a>.</p>";
} else {
console.error("Cannot logout (" + xhr.status + ")");
document.body.innerHTML = "<p>Cannot logout, retrying in 5 seconds.</p>";
setTimeout(location.reload.bind(location), 5000);
}
};
xhr.onerror = function () {
document.body.innerHTML = "<p>Cannot logout, please try again later.</p>";
};
xhr.open("POST", logoutURL, true, " logout", " password");
xhr.send();
document.body.innerHTML = "<p>Logging out...</p>";
</script>
</body>
</html>
stack/monitor2/monitor-logout.py.cgi 0 → 100644
View file @ 94026302
#!{{ python_executable }}
print("Status: 401 Unauthorized\r\nWWW-Authenticate: Basic realm=\"Private access\"\r\n\r")
stack/monitor2/monitor-password-interface.html 0 → 100644
View file @ 94026302
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8" />
<title>Monitor password</title>
<style>
input, button {
min-height: 10mm;
min-width: 10mm;
}
</style>
<script>
var service_name = "monitor-password", // XXX hardcoded
monitor_json_url = "/monitor.haljson",
status_json_url = "/public/" + service_name + ".status.json",
rerun_cgi_url = "/cgi-bin/monitor-run-promise.cgi?service=" + service_name,
password_cgi_url_part = "/cgi-bin/monitor-password.cgi?password=";
function newDeferred() {
var d = {
"promise": undefined,
"resolve": undefined,
"reject": undefined
};
d.promise = new Promise(function (resolve, reject) {
d.resolve = resolve;
d.reject = reject;
});
return d;
}
function xhr(param) {
/*global XMLHttpRequest */
var d = newDeferred(), xhr = new XMLHttpRequest(), k, i, l, a;
d.promise.cancel = function () { xhr.abort(); };
if (param.username) {
xhr.open((param.method || "GET").toUpperCase(), param.url, true, param.username, param.password);
} else {
xhr.open((param.method || "GET").toUpperCase(), param.url, true);
}
xhr.responseType = param.responseType || "";
if (param.withCredentials !== undefined) {
xhr.withCredentials = param.withCredentials;
}
if (param.headers) {
a = Object.keys(param.headers);
l = a.length;
for (i = 0; i < l; i += 1) {
k = a[i];
xhr.setRequestHeader(k, param.headers[k]);
}
}
xhr.addEventListener("load", function (e) {
var r, t = e.target, callback;
if (param.noStatusCheck) {
d.resolve(t);
} else if (t.status < 400) {
d.resolve(t);
} else {
r = new Error("HTTP: " + (t.status ? t.status + " " : "") + (t.statusText || "Unknown"));
r.target = t;
d.reject(r);
}
}, false);
xhr.addEventListener("error", function (e) {
return d.reject(new Error("HTTP: Error"));
}, false);
xhr.addEventListener("abort", function (e) {
return d.reject(new Error("HTTP: Aborted"));
}, false);
xhr.send(param.data);
return d.promise;
}
function unexpectedError(reason) {
console.error(reason);
alert(reason);
}
function MonitorPasswordInterface(config) {
var it = this,
statusP = document.createElement("p"),
descriptionP = document.createElement("p"),
form = document.createElement("form"),
formPassword1Input = document.createElement("input"),
formPassword2Input = document.createElement("input"),
formChangePasswordButton = document.createElement("button"),
errorH2 = document.createElement("h2"),
errorPre = document.createElement("pre"),
header = document.createElement("header"),
h1 = document.createElement("h1"),
h2 = document.createElement("h2"),
a = document.createElement("a"),
button = document.createElement("button");
this.element = config.rootElement || document.createElement("div");
this.statusP = statusP;
this.descriptionP = descriptionP;
this.formPassword1Input = formPassword1Input;
this.formPassword2Input = formPassword2Input;
this.formChangePasswordButton = formChangePasswordButton;
this.errorH2 = errorH2;
this.errorPre = errorPre;
this.element.appendChild(header);
header.appendChild(a);
a.setAttribute("tabindex", "-1");
a.setAttribute("href", "/");
a.appendChild(button);
button.textContent = "Home";
a = document.createElement("a");
button = document.createElement("button");
header.appendChild(a);
a.setAttribute("tabindex", "-1");
a.setAttribute("href", "");
a.appendChild(button);
button.textContent = "Refresh";
this.element.appendChild(h1);
h1.textContent = "Monitor password";
this.element.appendChild(statusP);
this.element.appendChild(descriptionP);
this.element.appendChild(form);
form.appendChild(formPassword1Input);
formPassword1Input.setAttribute("type", "password");
form.onsubmit = this.onFormSubmit.bind(this);
form.appendChild(document.createElement("br"));
form.appendChild(formPassword2Input);
formPassword2Input.setAttribute("type", "password");
form.appendChild(document.createElement("br"));
form.appendChild(formChangePasswordButton);
formChangePasswordButton.setAttribute("type", "submit");
formChangePasswordButton.textContent = "Change password";
this.element.appendChild(errorH2);
errorH2.textContent = "Operational error";
errorH2.style.display = "none";
this.element.appendChild(errorPre);
errorPre.style.display = "none";
this.loadStatusUi();
this.loadDescriptionUi();
this.loadErrorUi();
}
MonitorPasswordInterface.prototype.loadStatusJson = function () {
if (this.status_json_promise) { return; }
this.status_json_promise = Promise.resolve().then(function () {
return xhr({url: status_json_url, withCredentials: true, responseType: "json"});
}).then(function (xhr) {
return xhr.response;
});
this.status_json_promise.catch(function () { return; }).then(function () {
setTimeout(function () {
delete this.status_json_promise;
}.bind(this), 1000);
}.bind(this));
return this.status_json_promise;
};
MonitorPasswordInterface.prototype.loadStatusUi = function () {
this.loadStatusJson();
this.statusP.textContent = "Loading status...";
return this.status_json_promise.then(function (status_json) {
if (status_json.status === "OK") {
this.statusP.innerHTML = "&nbsp;";
} else {
this.statusP.textContent = "/!\\ The password needs to be changed at least once! /!\\";
}
}.bind(this), function (reason) {
if (reason && reason.target && reason.target.status === 404) {
this.statusP.textContent = "/!\\ The password needs to be changed at least once! /!\\";
return;
}
var message = reason && (reason.target && (reason.target.statusText || "Unknown") || reason.message);
this.statusP.textContent = "Status Json Error: " + (message || "Unknown error");
}.bind(this)).catch(unexpectedError);
};
MonitorPasswordInterface.prototype.loadDescriptionUi = function () {
this.descriptionP.textContent = [
"The monitor password is the password used to connect to this interface.",
"Here you can change the monitor password by filling the formular just below."
].join("\n");
};
MonitorPasswordInterface.prototype.loadErrorUi = function () {
this.loadStatusJson();
this.errorPre.textContent = "Loading error output...";
return this.status_json_promise.then(function (status_json) {
if (status_json.error) {
this.errorH2.style.display = "";
this.errorPre.style.display = "";
this.errorPre.textContent = status_json.error;
} else {
this.errorH2.style.display = "none";
this.errorPre.style.display = "none";
this.errorPre.textContent = "";
}
}.bind(this), function (reason) {
var message = reason && (reason.target && (reason.target.statusText || "Unknown") || reason.message);
this.errorPre.textContent = "Status Json Error: " + (message || "Unknown error");
}.bind(this)).catch(unexpectedError);
};
MonitorPasswordInterface.prototype.onFormSubmit = function (event) {
event.preventDefault();
event.stopPropagation();
this.execForm();
};
MonitorPasswordInterface.prototype.execForm = function () {
if (this.formPassword1Input.value !== this.formPassword2Input.value) {
this.statusP.textContent = "The two typed passwords should match!";
return;
}
this.statusP.textContent = "Changing password...";
var password = this.formPassword1Input.value;
return Promise.resolve().then(function () {
return xhr({url: password_cgi_url_part + password, method: "POST", withCredentials: true});
}).then(function () {
this.statusP.textContent = "Password changed succesfully!";
this.formPassword1Input.value = this.formPassword2Input.value = "";
// rerun promise with new login (also does the relogin)
xhr({url: rerun_cgi_url, method: "POST", withCredentials: true, username: "admin", password: password});
}.bind(this), function (reason) {
var message = reason && (reason.target && (reason.target.statusText || "Unknown") || reason.message);
this.statusP.textContent = "Status Json Error: " + (message || "Unknown error");
}.bind(this));
};
MonitorPasswordInterface.prototype.runPromiseNow = function () {
this.runPromiseNowButton.disabled = true;
var original_text = this.runPromiseNowButton.textContent;
this.runPromiseNowButton.textContent = "Sending message...";
return Promise.resolve().then(function () {
return xhr({url: rerun_cgi_url, method: "POST", withCredentials: true});
}).catch(unexpectedError).then(function () {
this.runPromiseNowButton.textContent = original_text;
}.bind(this));
};
/*global setTimeout */
setTimeout(function () {
/*global document */
document.body.innerHTML = "";
return new MonitorPasswordInterface({rootElement: document.body});
});
</script>
</head>
<body>
<h1>Monitor password</h1>
<noscript>Javascript should be enabled</noscript>
</body>
</html>
stack/monitor2/monitor-password-promise.py.in 0 → 100644
View file @ 94026302
#!{{ python_executable }}
password_changed_once_path = "{{ password_changed_once_path }}"
import os
def main():
if os.path.exists(password_changed_once_path):
print('{"status":"OK"}')
return 0
print('{"status":"BAD","message":"Password never changed"}')
return 1
if __name__ == "__main__":
exit(main())
stack/monitor2/monitor-password.py.cgi 0 → 100644
View file @ 94026302
#!{{ python_executable }}
htpasswd_executable = "{{ htpasswd_executable }}"
htpasswd_path = "{{ htpasswd_path }}"
password_changed_once_path = "{{ password_changed_once_path }}"
import cgi
import cgitb
import os
import sys
cgitb.enable(display=0)
def sh(args):
os.system(" ".join(["'" + arg.replace("'", "'\\''") + "'" for arg in args]))
def touch(path):
open(path, "w").close()
def main():
form = cgi.FieldStorage()
password = form["password"].value
if sh([htpasswd_executable, "-b", htpasswd_path, "admin", password]):
sys.stdout.write("Status: 500 Internal Server Error\r\n\r\n")
return 1
touch(password_changed_once_path)
sys.stdout.write("Status: 204 No Content\r\n\r\n")
return 0
if __name__ == "__main__":
exit(main())
stack/monitor2/monitor-run-promise.py.cgi 0 → 100644
View file @ 94026302
#!{{ python_executable }}
# Put this file in the software release
promise_wrapper_folder = "{{ promise_wrapper_folder }}"
import cgi
import cgitb
import os
cgitb.enable(display=0)
def main():
form = cgi.FieldStorage()
promise_name = form["service"].value
if "/" not in promise_name:
promise_path = os.path.join(promise_wrapper_folder, promise_name)
os.spawnl(os.P_NOWAIT, promise_path, promise_path)
print("Status: 204 No Content\r\n\r")
if __name__ == "__main__":
exit(main())
stack/monitor2/monitor-service-run.in 0 → 100644
View file @ 94026302
#!/usr/bin/env python
configuration_location = "%(configuration_location)s"
process_pid_file = "%(process_pid_file)s"
import sys
import os
import ConfigParser
import json
import subprocess
def loadConfig(config_file):
config = ConfigParser.ConfigParser()
config.read(config_file)
return config
def main():
config = loadConfig(configuration_location)
script_path = config.get("service", "script-path")
executable_folder = os.path.dirname(script_path)
executable = os.path.basename(script_path)
parameter_json = os.path.join(os.path.abspath(os.path.dirname(__file__)),
'parameters_%%s.json' %% executable)
with open(parameter_json, 'w') as fjson:
fjson.write(json.dumps(dict(config.items("parameter"))))
process = subprocess.Popen(
[script_path, parameter_json],
stdin=None,
stdout=subprocess.PIPE,
stderr=subprocess.PIPE
)
with open(process_pid_file, "w") as pidfile:
pidfile.write(str(process.pid))
if __name__ == "__main__":
sys.exit(main())
\ No newline at end of file
stack/monitor2/monitor-service.cfg.in 0 → 100644
View file @ 94026302
[service]
{% for key, value in parameter_dict.items() -%}
{{ key }} = {{ value.strip().replace("\n", "\n ") }}
{% endfor -%}
stack/monitor2/monitor.cfg.in 0 → 100644
View file @ 94026302
[slap-parameters]
recipe = slapos.cookbook:slapconfiguration
computer = $${slap-connection:computer-id}
partition = $${slap-connection:partition-id}
url = $${slap-connection:server-url}
key = $${slap-connection:key-file}
cert = $${slap-connection:cert-file}
[monitor-parameters]
json-filename = monitor.json
json-path = $${monitor-directory:monitor-result}/$${:json-filename}
rss-filename = rssfeed.html
rss-path = $${monitor-directory:public-cgi}/$${:rss-filename}
executable = $${monitor-directory:bin}/monitor.py
port = 9685
htaccess-file = $${monitor-directory:etc}/.htaccess-monitor
url = https://[$${slap-parameters:ipv6-random}]:$${:port}
index-filename = index.cgi
index-path = $${monitor-directory:www}/$${:index-filename}
db-path = $${monitor-directory:etc}/monitor.db
monitor-password-path = $${monitor-directory:etc}/.monitor.shadow
[monitor-directory]
recipe = slapos.cookbook:mkdirectory
# Standard directory needed by monitoring stack
home = $${buildout:directory}
etc = $${:home}/etc
bin = $${:home}/bin
srv = $${:home}/srv
var = $${:home}/var
log = $${:var}/log
run = $${:var}/run
service = $${:etc}/service/
etc-run = $${:etc}/run/
tmp = $${:home}/tmp
promise = $${:etc}/promise
cron-entries = $${:etc}/cron.d
crontabs = $${:etc}/crontabs
cronstamps = $${:etc}/cronstamps
ca-dir = $${:srv}/ssl
www = $${:var}/www
cgi-bin = $${:var}/cgi-bin
monitoring-cgi = $${:cgi-bin}/monitoring
knowledge0-cgi = $${:cgi-bin}/zero-knowledge
public-cgi = $${:cgi-bin}/monitor-public
monitor-custom-scripts = $${:etc}/monitor
monitor-result = $${:var}/monitor
private-directory = $${:srv}/monitor-private
[public-symlink]
recipe = cns.recipe.symlink
symlink = $${monitor-directory:public-cgi} = $${monitor-directory:www}/monitor-public
autocreate = true
[cron]
recipe = slapos.cookbook:cron
dcrond-binary = ${dcron:location}/sbin/crond
cron-entries = $${monitor-directory:cron-entries}
crontabs = $${monitor-directory:crontabs}
cronstamps = $${monitor-directory:cronstamps}
catcher = $${cron-simplelogger:wrapper}
binary = $${monitor-directory:service}/crond
# Add log to cron
[cron-simplelogger]
recipe = slapos.cookbook:simplelogger
wrapper = $${monitor-directory:bin}/cron_simplelogger
log = $${monitor-directory:log}/cron.log
[cron-entry-monitor]
<= cron
recipe = slapos.cookbook:cron.d
name = launch-monitor
frequency = */5 * * * *
command = $${deploy-monitor-script:rendered} -a
[cron-entry-rss]
<= cron
recipe = slapos.cookbook:cron.d
name = build-rss
frequency = */5 * * * *
command = $${make-rss:rendered}
[setup-static-files]
recipe = plone.recipe.command
command = ln -s ${download-monitor-jquery:destination} $${monitor-directory:www}/static
update-command = $${:command}
[deploy-index]
recipe = slapos.recipe.template:jinja2
template = ${index:location}/${index:filename}
rendered = $${monitor-parameters:index-path}
update-apache-access = ${apache:location}/bin/htpasswd -cb $${monitor-parameters:htaccess-file} admin
mode = 0744
context =
key cgi_directory monitor-directory:cgi-bin
raw index_template $${deploy-index-template:location}/$${deploy-index-template:filename}
key monitor_password_path monitor-parameters:monitor-password-path
key monitor_password_script_path deploy-monitor-password-cgi:rendered
key apache_update_command :update-apache-access
raw extra_eggs_interpreter ${buildout:directory}/bin/${extra-eggs:interpreter}
raw default_page /static/welcome.html
section rewrite_element monitor-rewrite-rule
[deploy-index-template]
recipe = hexagonit.recipe.download
url = ${index-template:location}/$${:filename}
destination = $${monitor-directory:www}
filename = ${index-template:filename}
download-only = true
mode = 0644
[deploy-status-cgi]
recipe = slapos.recipe.template:jinja2
template = ${status-cgi:location}/${status-cgi:filename}
rendered = $${monitor-directory:monitoring-cgi}/$${:filename}
filename = status.cgi
mode = 0744
context =
key json_file monitor-parameters:json-path
key monitor_bin monitor-parameters:executable
key pwd monitor-directory:monitoring-cgi
key this_file :filename
raw python_executable ${buildout:executable}
[deploy-status-history-cgi]
recipe = slapos.recipe.template:jinja2
template = ${status-history-cgi:location}/${status-history-cgi:filename}
rendered = $${monitor-directory:monitoring-cgi}/$${:filename}
filename = status-history.cgi
mode = 0744
context =
key monitor_db_path monitor-parameters:db-path
key status_history_length zero-parameters:status-history-length
raw python_executable ${buildout:executable}
[deploy-settings-cgi]
recipe = slapos.recipe.template:jinja2
template = ${settings-cgi:location}/${settings-cgi:filename}
rendered = $${monitor-directory:knowledge0-cgi}/$${:filename}
filename = settings.cgi
mode = 0744
context =
raw config_cfg $${buildout:directory}/knowledge0.cfg
raw timestamp $${buildout:directory}/.timestamp
raw python_executable ${buildout:executable}
key pwd monitor-directory:knowledge0-cgi
key this_file :filename
[deploy-monitor-password-cgi]
recipe = slapos.recipe.template:jinja2
template = ${monitor-password-cgi:location}/${monitor-password-cgi:filename}
rendered = $${monitor-directory:knowledge0-cgi}/$${:filename}
filename = monitor-password.cgi
mode = 0744
context =
raw python_executable ${buildout:executable}
key pwd monitor-directory:knowledge0-cgi
key this_file :filename
[deploy-monitor-script]
recipe = slapos.recipe.template:jinja2
template = ${monitor-bin:location}/${monitor-bin:filename}
rendered = $${monitor-parameters:executable}
mode = 0744
context =
section directory monitor-directory
section monitor_parameter monitor-parameters
key monitoring_file_json monitor-parameters:json-path
raw python_executable ${buildout:executable}
[make-rss]
recipe = slapos.recipe.template:jinja2
template = ${make-rss-script:output}
rendered = $${monitor-directory:bin}/make-rss.sh
mode = 0744
context =
section directory monitor-directory
section monitor_parameters monitor-parameters
[monitor-directory-access]
recipe = plone.recipe.command
command = ln -s $${:source} $${monitor-directory:private-directory}
source =
[monitor-instance-log-access]
recipe = plone.recipe.command
command = if [ -d $${:source} ]; then ln -s $${:source} $${monitor-directory:private-directory}/instance-logs; fi
update-command = if [ -d $${:source} ]; then ln -s $${:source} $${monitor-directory:private-directory}/instance-logs; fi
source = $${monitor-directory:home}/.slapgrid/log/
location = $${:source}
[cadirectory]
recipe = slapos.cookbook:mkdirectory
requests = $${monitor-directory:ca-dir}/requests/
private = $${monitor-directory:ca-dir}/private/
certs = $${monitor-directory:ca-dir}/certs/
newcerts = $${monitor-directory:ca-dir}/newcerts/
crl = $${monitor-directory:ca-dir}/crl/
[certificate-authority]
recipe = slapos.cookbook:certificate_authority
openssl-binary = ${openssl:location}/bin/openssl
ca-dir = $${monitor-directory:ca-dir}
requests-directory = $${cadirectory:requests}
wrapper = $${monitor-directory:service}/certificate_authority
ca-private = $${cadirectory:private}
ca-certs = $${cadirectory:certs}
ca-newcerts = $${cadirectory:newcerts}
ca-crl = $${cadirectory:crl}
[ca-httpd]
<= certificate-authority
recipe = slapos.cookbook:certificate_authority.request
key-file = $${cadirectory:certs}/httpd.key
cert-file = $${cadirectory:certs}/httpd.crt
executable = $${monitor-directory:bin}/cgi-httpd
wrapper = $${monitor-directory:service}/cgi-httpd
# Put domain name
name = example.com
###########
# Deploy a webserver running cgi scripts for monitoring
###########
[public]
recipe = slapos.cookbook:zero-knowledge.write
filename = knowledge0.cfg
status-history-length = 5
[zero-parameters]
recipe = slapos.cookbook:zero-knowledge.read
filename = $${public:filename}
[monitor-rewrite-rule]
# XXX could it be something lighter?
[monitor-httpd-configuration]
pid-file = $${monitor-directory:run}/cgi-httpd.pid
cgid-pid-file = $${monitor-directory:run}/cgi-httpd-cgid.pid
error-log = $${monitor-directory:log}/cgi-httpd-error-log
listening-ip = $${slap-parameters:ipv6-random}
certificate = $${ca-httpd:cert-file}
key = $${ca-httpd:key-file}
[monitor-httpd-configuration-file]
recipe = slapos.recipe.template:jinja2
template = ${monitor-httpd-template:destination}/${monitor-httpd-template:filename}
rendered = $${monitor-directory:etc}/cgi-httpd.conf
mode = 0744
context =
section directory monitor-directory
section monitor_parameters monitor-parameters
section httpd_configuration monitor-httpd-configuration
section monitor_rewrite_rule monitor-rewrite-rule
[cgi-httpd-wrapper]
recipe = slapos.cookbook:wrapper
apache-executable = ${apache:location}/bin/httpd
command-line = $${:apache-executable} -f $${monitor-httpd-configuration-file:rendered} -DFOREGROUND
wrapper-path = $${ca-httpd:executable}
wait-for-files =
$${cadirectory:certs}/httpd.key
$${cadirectory:certs}/httpd.crt
[cgi-httpd-graceful-wrapper]
recipe = slapos.recipe.template:jinja2
template = ${template-wrapper:output}
rendered = $${monitor-directory:etc-run}/cgi-httpd-graceful
mode = 0700
context =
key content :command
command = kill -USR1 $(cat $${monitor-httpd-configuration:pid-file})
[monitor-promise]
recipe = slapos.cookbook:check_url_available
path = $${monitor-directory:promise}/monitor
url = $${monitor-parameters:url}/$${monitor-parameters:index-filename}
check-secure = 1
dash_path = ${dash:location}/bin/dash
curl_path = ${curl:location}/bin/curl
[publish-connection-informations]
recipe = slapos.cookbook:publish
monitor_url = $${monitor-parameters:url}
stack/monitor2/monitor.conf.in 0 → 100644
View file @ 94026302
[monitor]
{% for key, value in parameter_dict.items() -%}
{{ key }} = {{ value.strip().replace("\n", "\n ") }}
{% endfor -%}
stack/monitor2/monitor.css 0 → 100644
View file @ 94026302
body { width: 80vw; margin: auto; padding-top: 1%; }
/* h1 { align-text: center; margin: auto; } */
/*td { padding: 0 2%; }/**/
td { padding: 0 1em; }/**/
table { border: 1px solid black; }
table > table { margin-top: 1em; }
input {
box-sizing: border-box;
min-height: 10mm;
min-width: 10mm;
}
button {
box-sizing: border-box;
min-height: 10mm;
min-width: 10mm;
background-color: lightgray;
background: linear-gradient(180deg, #F6F6F6 0%, #DDDDDD 100%);
border-radius: 2px;
border-style: solid;
border-width: 1px;
border-color: #A4A4A4;
}
a.as-button {
display: inline-block;
box-sizing: border-box;
min-height: 10mm;
min-width: 10mm;
padding: 0.5em 0.5em;
text-align: center;
text-decoration: initial;
}
a.as-button {
color: black;
background-color: lightgray;
background: linear-gradient(180deg, #F6F6F6 0%, #DDDDDD 100%);
border-radius: 2px;
border-style: solid;
border-width: 1px;
border-color: #A4A4A4;
}
a.as-button:active, button:active {
background-color: white;
background: linear-gradient(0deg, #F6F6F6 0%, #DDDDDD 100%);
}
a.as-button:hover, button:hover {
border-color: #777777;
}
stack/monitor2/monitor.js.in 0 → 100644
View file @ 94026302
/*jslint indent: 2 */
(function () {
"use strict";
var monitor_title = '{{ dumps(monitor_title)[5:-1] }}',
RSS_ICON_DATA_URI = [
"data:image/svg+xml;base64,PD94bWwgdmVyc2lvbj0iMS4wIj8+CjwhRE9DVFlQR",
"SBzdmcgUFVCTElDICItLy9XM0MvL0RURCBTVkcgMS4xLy9FTiIgImh0dHA6Ly93d3cu",
"dzMub3JnL0dyYXBoaWNzL1NWRy8xLjEvRFREL3N2ZzExLmR0ZCI+CjxzdmcgeG1sbnM",
"9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB2ZXJzaW9uPSIxLjEiIHdpZHRoPS",
"IxMjhweCIgaGVpZ2h0PSIxMjhweCIgdmlld0JveD0iMCAwIDI1NiAyNTYiPgo8cmVjd",
"CB3aWR0aD0iMjU2IiBoZWlnaHQ9IjI1NiIgeD0iMCIgIHk9IjAiICBmaWxsPSIjRjQ5",
"QzUyIi8+CjxjaXJjbGUgY3g9IjY4IiBjeT0iMTg5IiByPSIyNCIgZmlsbD0iI0ZGRiI",
"vPgo8cGF0aCBkPSJNMTYwIDIxM2gtMzRhODIgODIgMCAwIDAgLTgyIC04MnYtMzRhMT",
"E2IDExNiAwIDAgMSAxMTYgMTE2eiIgZmlsbD0iI0ZGRiIvPgo8cGF0aCBkPSJNMTg0I",
"DIxM0ExNDAgMTQwIDAgMCAwIDQ0IDczIFYgMzhhMTc1IDE3NSAwIDAgMSAxNzUgMTc1",
"eiIgZmlsbD0iI0ZGRiIvPgo8L3N2Zz4K"
].join("");
function loadJson(url) {
/*global XMLHttpRequest */
return new Promise(function (resolve, reject) {
var xhr = new XMLHttpRequest();
xhr.onload = function (event) {
var response = event.target;
if (response.status < 400) {
try {
resolve(JSON.parse(response.responseText));
} catch (e) {
reject(e);
}
} else {
reject(new Error("XHR: " + response.status + ": " + response.statusText));
}
};
xhr.onerror = function () {
reject(new Error("XHR: Error"));
};
xhr.open("GET", url, true);
xhr.send();
});
}
///////////////////
// tools for HAL //
function getProperty(object, path) {
if (Array.isArray(path)) {
while (path.length) {
object = object[path.shift()];
}
} else {
return object[path];
}
return object;
}
function softGetProperty(object, path) {
try {
return getProperty(object, path);
} catch (ignored) {
return undefined;
}
}
function forceList(value) {
if (Array.isArray(value)) {
return value;
}
return [value];
}
function softGetPropertyAsList(object, path) {
try {
return forceList(getProperty(object, path));
} catch (ignored) {
return [];
}
}
///////////////////
function htmlToElementList(html) {
/*global document */
var div = document.createElement("div");
div.innerHTML = html;
return div.querySelectorAll("*");
}
function resolveUrl(firstUrl) {
/*jslint plusplus: true */
/*global URL, location */
var l = arguments.length, i = 1, url = new URL(firstUrl, location.href);
while (i < l) { url = new URL(arguments[i++], url); }
return url.href;
}
function escapeHtml(html) {
return html.replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;").replace(/"/g, "&quot;").replace(/'/g, "&apos;");
}
function loadAndRenderMonitorSection(root, monitor_dict, monitor_url) {
var table, service_list = softGetPropertyAsList(monitor_dict, ["_embedded", "service"]);
if (!service_list) {
root.textContent = "";
return;
}
table = document.createElement("table");
root.appendChild(table);
return Promise.all(service_list.map(function (service_dict) {
var interface_url = softGetProperty(service_dict, ["_links", "interface", "href"]),
status_url = softGetProperty(service_dict, ["_links", "status", "href"]),
href_html_part = (interface_url ? " href=\"" + escapeHtml(interface_url) + "\"" : ""),
title_html_part = (service_dict.title ? escapeHtml(service_dict.title) : (service_dict.id ||"Untitled")),
row = htmlToElementList("<table><tbody><tr><td><a" + href_html_part + ">" + title_html_part + "</a></td><td>Loading status...</td><td><a" + href_html_part + "><div style=\"height: 10mm; width: 10mm; background-color: gray;\"></div></a></td></tr></tbody></table>");
table.appendChild(row[2]);
if (!status_url) {
row[5].textContent = "No status";
return;
}
return loadJson(resolveUrl(monitor_url, status_url)).then(function (status_dict) {
if (status_dict.description) {
row[2].title = status_dict.description;
}
row[5].textContent = status_dict.message || "";
row[8].style.backgroundColor = status_dict.status === "OK" ? "green" : "red";
}).catch(function (reason) {
row[5].textContent = (reason && (reason.name + ": " + reason.message));
row[8].style.backgroundColor = "red";
});
}));
}
function loadAndRenderMonitorJson(root) {
root.textContent = "Loading monitor section...";
return loadJson("monitor.haljson").then(function (monitor_dict) {
//monitor_json_list.push(monitor_dict);
root.innerHTML = "";
var loading = loadAndRenderMonitorSection(root, monitor_dict), related_monitor_list = softGetPropertyAsList(monitor_dict, ["_links", "related_monitor"]);
if (!related_monitor_list.length) { return loading; }
return Promise.all([loading, Promise.all(related_monitor_list.map(function (link) {
var div = htmlToElementList("<div>Loading monitor section...</div>")[0];
root.appendChild(div);
if (link.href[link.href.length - 1] !== "/") {
link.href += "/";
}
link.href = resolveUrl(link.href, "monitor.haljson");
return loadJson(link.href).catch(function (reason) {
div.textContent = (reason && (reason.name + ": " + reason.message));
}).then(function (monitor_dict) {
//monitor_json_list.push(monitor_dict);
div.remove();
return loadAndRenderMonitorSection(root, monitor_dict, link.href);
});
}))]);
});
}
function bootstrap(root) {
var element_list = htmlToElementList([
"<header>",
" <a href=\"\" class=\"as-button\">Refresh</a>",
" <a href=\"/logout\" class=\"as-button\">Logout</a>",
" <a href=\"/feed\"><img src=\"" + RSS_ICON_DATA_URI + "\" style=\"width: 10mm; height: 10mm; vertical-align: middle;\" alt=\"[RSS Feed]\" /></a>",
"</header>",
"<h1>" + monitor_title + "</h1>",
"<h2>System health status</h2>",
"<p>This interface allow to see the status of several features, it may show problems and sometimes provides a way to fix them.</p>",
"<p>Red square means the feature has a problem, green square means it is ok.</p>",
"<p>You can click on a feature below to get more precise information.</p>"
].join("\n")), div = document.createElement("div"), tmp;
[].reduce.call(element_list, function (array, element) {
if (element.parentNode.parentNode) { return array; }
array.push(element);
return array;
}, []).forEach(function (element) {
root.appendChild(element);
});
document.title = monitor_title;
root.appendChild(div);
/*global alert */
tmp = loadAndRenderMonitorJson(div);
tmp.catch(alert);
/*global console */
tmp.catch(console.error.bind(console));
}
/*global setTimeout */
setTimeout(function () {
/*global document */
bootstrap(document.body);
});
}());
stack/monitor2/monitor.py.in 0 → 100644
View file @ 94026302
#!{{ python_executable }}
# Put this file in the software release
promise_runner_path = "{{ promise_runner_path }}"
public_folder = "{{ public_folder }}"
private_folder = "{{ private_folder }}"
monitor_configuration_path = "{{ monitor_configuration_path }}"
promise_folder = "{{ promise_folder }}"
monitor_promise_folder = "{{ monitor_promise_folder }}"
promise_wrapper_folder = "{{ promise_wrapper_folder }}"
import sys
import os
import stat
import subprocess
import threading
import json
import ConfigParser
import traceback
def main():
# initialisation
config = loadConfig([monitor_configuration_path])
# get promises in monitor_promise_folder
promise_dict = {}
fillPromiseDictFromFolder(promise_dict, monitor_promise_folder)
# get promises in promise_folder
fillPromiseDictFromFolder(promise_dict, promise_folder)
# get promises configurations
for filename in os.listdir(monitor_promise_folder):
path = os.path.join(monitor_promise_folder, filename)
if os.path.isfile(path) and filename[-4:] == ".cfg":
promise_name = filename[:-4]
if promise_name in promise_dict:
loadConfig([path], promise_dict[promise_name]["configuration"])
promise_items = promise_dict.items()
# create symlinks from service configurations
for service_name, promise in promise_items:
service_config = promise["configuration"]
createSymlinksFromConfig((config, "monitor", "public-folder"), (service_config, "service", "public-path-list"), service_name)
createSymlinksFromConfig((config, "monitor", "private-folder"), (service_config, "service", "private-path-list"), service_name)
# create symlinks from monitor.conf
createSymlinksFromConfig((config, "monitor", "public-folder"), (config, "monitor", "public-path-list"))
createSymlinksFromConfig((config, "monitor", "private-folder"), (config, "monitor", "private-path-list"))
# generate monitor.json
monitor_dict = {}
tmp = softConfigGet(config, "monitor", "title")
if tmp:
monitor_dict["title"] = tmp
tmp = softConfigGet(config, "monitor", "monitor-url-list")
if tmp:
monitor_dict["_links"] = {"related_monitor": [{"href": url} for url in tmp.split()]}
if promise_items:
service_list = []
monitor_dict["_embedded"] = {"service": service_list}
for service_name, promise in promise_items:
service_config = promise["configuration"]
service_dict = {}
service_list.append(service_dict)
service_dict["id"] = service_name
service_dict["_links"] = {"status": {"href": "/public/%s.status.json" % service_name}} # hardcoded
tmp = softConfigGet(service_config, "service", "title")
if tmp:
service_dict["title"] = tmp
interface_path = os.path.join(private_folder, service_name, "interface/index.html") # hardcoded
if os.path.isfile(interface_path):
service_dict["_links"]["interface"] = {"href": "/private/%s/interface/" % service_name} # hardcoded
else:
service_dict["_links"]["interface"] = {"href": "/default-promise-interface.html?service_name=%s" % service_name} # XXX hardcoded
with open(config.get("monitor", "monitor-hal-json"), "w") as fp:
json.dump(monitor_dict, fp)
# put promises to a cron file
# XXX only if at least one configuration file is modified, then write in the cron
service_pid_folder = config.get("monitor", "service-pid-folder")
crond_folder = config.get("monitor", "crond-folder")
cron_line_list = []
for service_name, promise in promise_items:
service_status_path = "%s/%s.status.json" % (public_folder, service_name) # hardcoded
mkdirAll(os.path.dirname(service_status_path))
command = ("%s %s %s " % (
promise_runner_path,
os.path.join(service_pid_folder, "%s.pid" % service_name),
service_status_path,
)) + promise["path"]
cron_line_list.append("%s %s" % (
softConfigGet(service_config, "service", "frequency") or "* * * * *",
command.replace("%", "\\%"),
))
wrapper_path = os.path.join(promise_wrapper_folder, service_name)
with open(wrapper_path, "w") as fp:
fp.write("#!/bin/sh\n%s" % command) # XXX hardcoded, use dash, sh or bash binary!
os.chmod(wrapper_path, stat.S_IRUSR | stat.S_IWUSR | stat.S_IXUSR | stat.S_IRGRP | stat.S_IROTH )
with open(crond_folder + "/monitor-promises", "w") as fp:
fp.write("\n".join(cron_line_list))
return 0
def loadConfig(pathes, config=None):
if config is None:
config = ConfigParser.ConfigParser()
try:
config.read(pathes)
except ConfigParser.MissingSectionHeaderError:
traceback.print_exc()
return config
def fillPromiseDictFromFolder(promise_dict, folder):
for filename in os.listdir(folder):
path = os.path.join(folder, filename)
if os.path.isfile(path) and os.access(path, os.X_OK):
promise_dict[filename] = {"path": path, "configuration": ConfigParser.ConfigParser()}
def softConfigGet(config, *args, **kwargs):
try:
return config.get(*args, **kwargs)
except (ConfigParser.NoOptionError, ConfigParser.NoSectionError):
return None
def createSymlinksFromConfig(destination_folder_config_tuple, source_list_config_tuple, service_name=""):
destination_folder = softConfigGet(*destination_folder_config_tuple)
if destination_folder:
source_path_str = softConfigGet(*source_list_config_tuple)
if source_path_str:
for path in source_path_str.split():
dirname = os.path.join(destination_folder, service_name)
try:
mkdirAll(dirname) # could also raise OSError
os.symlink(path, os.path.join(dirname, os.path.basename(path)))
except OSError, e:
if e.errno != os.errno.EEXIST:
raise
def mkdirAll(path):
try:
os.makedirs(path)
except OSError, e:
if e.errno == os.errno.EEXIST and os.path.isdir(path):
pass
else: raise
if __name__ == "__main__":
sys.exit(main())
stack/monitor2/run-promise.py 0 → 100644
View file @ 94026302
#!{{ python_executable }}
# -*- coding: utf-8 -*-
import sys
import os
import subprocess
import json
from cStringIO import StringIO
def main():
if len(sys.argv) < 4:
print("Usage: %s <pid_path> <output_path> <command...>" % sys.argv[0])
return 2
pid_path=sys.argv[1]
output_path=sys.argv[2]
if os.path.exists(pid_path):
with open(pid_path, "r") as pidfile:
try:
pid = int(pidfile.read(6))
except ValueError:
pid = None
if pid and os.path.exists("/proc/" + str(pid)):
print("A process is already running with pid " + str(pid))
return 1
with open(pid_path, "w") as pidfile:
process = executeCommand(sys.argv[3:])
pidfile.write(str(process.pid))
status_json = generateStatusJsonFromProcess(process)
with open(output_path, "w") as outputfile:
json.dump(status_json, outputfile)
os.remove(pid_path)
def generateStatusJsonFromProcess(process):
stdout, stderr = process.communicate()
try:
status_json = json.loads(stdout)
except ValueError:
status_json = {}
if process.returncode != 0:
status_json["status"] = "error"
elif not status_json.get("status"):
status_json["status"] = "OK"
if stderr:
status_json["error"] = stderr
return status_json
def executeCommand(args):
return subprocess.Popen(
args,
#cwd=instance_path,
#env=None if sys.platform == 'cygwin' else {},
stdin=None,
stdout=subprocess.PIPE,
stderr=subprocess.PIPE
)
if __name__ == "__main__":
sys.exit(main())
stack/monitor2/status2rss.py 0 → 100644
View file @ 94026302
import sys
import os
import json
import datetime
import base64
import hashlib
def main():
_, title, link, public_folder, previous_status_path, output_path = sys.argv
final_status = "OK";
# getting status
for filename in os.listdir(public_folder):
if filename.endswith(".status.json"):
filepath = os.path.join(public_folder, filename)
status = None
try:
status = json.load(open(filepath, "r"))
except ValueError:
continue
try:
if status["status"] != "OK":
final_status = "BAD"
break
except KeyError:
final_status = "BAD"
break
# checking previous status
try:
status = open(previous_status_path, "r").readline(4)
if status == final_status:
return 0
except IOError:
pass
# update status
open(previous_status_path, "w").write(final_status)
# generating RSS
utcnow = datetime.datetime.utcnow()
open(output_path, "w").write(
newRssString(
title,
title,
link,
utcnow,
utcnow,
"60",
[
newRssItemString(
"Status is %s" % final_status,
"Status is %s" % final_status,
link,
newGuid("%s, %s" % (utcnow, final_status)),
utcnow,
)
],
)
)
def escapeHtml(string):
return string.replace("&", "&amp;").replace("<", "&lt;").replace(">", "&gt;").replace("\"", "&quot;")
def newGuid(string):
sha256 = hashlib.sha256()
sha256.update(string)
return sha256.hexdigest()
def newRssItemString(title, description, link, guid, pub_date, guid_is_perma_link=True):
return """<item>
<title>%(title)s</title>
<description>%(description)s</description>
<link>%(link)s</link>
<guid isPermaLink="%(guid_is_perma_link)s">%(guid)s</guid>
<pubDate>%(pub_date)s</pubDate>
</item>""" % {
"title": escapeHtml(title),
"description": escapeHtml(description),
"link": escapeHtml(link),
"guid": escapeHtml(guid),
"pub_date": escapeHtml(pub_date.strftime("%a, %d %b %Y %H:%M:%S +0000")),
"guid_is_perma_link": escapeHtml(repr(guid_is_perma_link).lower()),
}
def newRssString(title, description, link, last_build_date, pub_date, ttl, rss_item_string_list):
return """<?xml version="1.0" encoding="UTF-8" ?>
<rss version="2.0">
<channel>
<title>%(title)s</title>
<description>%(description)s</description>
<link>%(link)s</link>
<lastBuildDate>%(last_build_date)s</lastBuildDate>
<pubDate>%(pub_date)s</pubDate>
<ttl>%(ttl)s</ttl>
%(items)s
</channel>
</rss>
""" % {
"title": escapeHtml(title),
"description": escapeHtml(description),
"link": escapeHtml(link),
"last_build_date": escapeHtml(last_build_date.strftime("%a, %d %b %Y %H:%M:%S +0000")),
"pub_date": escapeHtml(pub_date.strftime("%a, %d %b %Y %H:%M:%S +0000")),
"ttl": escapeHtml(str(ttl)),
"items": "\n\n".join([" " + item.replace("\n", "\n ") for item in rss_item_string_list]),
}
if __name__ == "__main__":
exit(main())
stack/monitor2/webfile-directory/index.cgi.in 0 → 100755
View file @ 94026302
#!{{ extra_eggs_interpreter }}
import cgi
import cgitb
import Cookie
import base64
import hashlib
import hmac
import jinja2
import os
import subprocess
import urllib
cgitb.enable(display=0, logdir="/tmp/cgi.log")
form = cgi.FieldStorage()
cookie = Cookie.SimpleCookie()
cgi_path = "{{ cgi_directory }}"
monitor_password_path = "{{ monitor_password_path }}"
monitor_password_script_path = "{{ monitor_password_script_path }}"
monitor_apache_password_command = "{{ apache_update_command }}"
monitor_rewrite = "{{ ' '.join(rewrite_element.keys()) }}"
########
# Password functions
#######
def crypt(word, salt="$$"):
salt = salt.split("$")
algo = salt[0] or 'sha1'
if algo in hashlib.algorithms:
H = getattr(hashlib, algo)
elif algo == "plain":
return "%s$%s" % (algo, word)
else:
raise ValueError
rounds = min(max(0, int(salt[1])), 30) if salt[1] else 9
salt = salt[2] or base64.b64encode(os.urandom(12), "./")
h = hmac.new(salt, word, H).digest()
for x in xrange(1, 1 << rounds):
h = H(h).digest()
return "%s$%s$%s$%s" % (algo, rounds, salt,
base64.b64encode(h, "./").rstrip("="))
def is_password_set():
if not os.path.exists(monitor_password_path):
return False
hashed_password = open(monitor_password_path, 'r').read()
try:
void, algo, salt, hsh = hashed_password.split('$')
except ValueError:
return False
return True
def set_password(raw_password):
hashed_password = crypt(raw_password)
subprocess.check_call(monitor_apache_password_command + " %s" % raw_password,
shell=True)
open(monitor_password_path, 'w').write(hashed_password)
def check_password(raw_password):
"""
Returns a boolean of whether the raw_password was correct. Handles
encryption formats behind the scenes.
"""
if not os.path.exists(monitor_password_path) or not raw_password:
return False
hashed_password = open(monitor_password_path, 'r').read()
return hashed_password == crypt(raw_password, hashed_password)
### End of password functions
def forward_form():
command = os.path.join(cgi_path, form['posting-script'].value)
params_dict = {}
for f in form:
params_dict[f] = form[f].value
del params_dict['posting-script']
os.environ['QUERY_STRING'] = urllib.urlencode(params_dict)
try:
if os.access(command, os.X_OK):
print '\n', subprocess.check_output([command])
except subprocess.CalledProcessError:
print "There is a problem with sub-process"
pass
def return_document(command=None):
if not command:
script = form['script'].value
command = os.path.join(cgi_path, script)
#XXX this functions should be called only for display,
#so a priori it doesn't need form data
os.environ['QUERY_STRING'] = ''
try:
if os.access(command, os.X_OK):
print '\n', subprocess.check_output([command])
elif os.access(command, os.R_OK):
print open(command).read()
else:
raise OSError
except (subprocess.CalledProcessError, OSError) as e:
print "<p>Error :</p><pre>%s</pre>" % e
def make_menu():
# Transform deep-2 tree in json
folder_list = {}
for folder in os.listdir(cgi_path):
if os.path.isdir(os.path.join(cgi_path, folder)):
folder_list[folder] = []
for folder in folder_list:
for file in os.listdir(os.path.join(cgi_path, folder)):
if os.path.isfile(os.path.join(cgi_path, folder, file)):
folder_list[folder].append(file)
return folder_list
def get_cookie_password():
cookie_string = os.environ.get('HTTP_COOKIE')
if cookie_string:
cookie.load(cookie_string)
try:
return cookie['password'].value
except KeyError:
pass
return None
def set_cookie_password(password):
cookie['password'] = password
print cookie, "; Path=/; HttpOnly"
# Beginning of response
print "Content-Type: text/html"
password = None
# Check if user is logged
if "password_2" in form and "password" in form:
password_2 = form['password_2'].value
password_1 = form['password'].value
password = get_cookie_password()
if not is_password_set() or check_password(password):
if password_2 == password_1:
password = password_1
set_password(password)
set_cookie_password(password)
elif "password" in form:
password = form['password'].value
if is_password_set() and check_password(password):
set_cookie_password(password)
else:
password = get_cookie_password()
print '\n'
if not is_password_set():
return_document(monitor_password_script_path)
elif not check_password(password):
print "<html><head>"
print """
<link rel="stylesheet" href="static/pure-min.css">
<link rel="stylesheet" href="static/style.css">"""
print "</head><body>"
if password is None:
print "<h1>This is the monitoring interface</h1>"
else:
print "<h1>Error</h1><p>Wrong password</p>"
print """
<p>Please enter the monitor_password in the next field to access the data</p>
<form action="/index.cgi" method="post" class="pure-form-aligned">
Password : <input type="password" name="password">
<button type="submit" class="pure-button pure-button-primary">Access</button>
</form>
</body></html>"""
# redirection to the required script/page
else:
print
if "posting-script" in form:
forward_form()
elif "script" in form:
return_document()
else:
html_base = jinja2.Template(open('{{ index_template }}').read())
print
print html_base.render(tree=make_menu(), default_page="{{ default_page }}", monitor_rewrite=monitor_rewrite)
stack/monitor2/webfile-directory/index.html.jinja2 0 → 100644
View file @ 94026302
<html>
<head>
<title>Monitoring Interface</title>
<link rel="stylesheet" href="static/pure-min.css">
<link rel="stylesheet" href="static/style.css">
<script src="static/jquery-1.10.2.min.js"></script>
<script src="static/script.js"></script>
</head>
<body>
<div id="div-menu">
<h1>Monitoring</h1>
<div id="script-categories" class="pure-menu pure-menu-open">
<ul>
{% for category in tree %}
<li class="pure-menu-heading category">{{ category }}</li>
{% for script in tree[category] %}
<li><a href="{{ category }}/{{ script }}" class="script">{{ script }}</a></li>
{% endfor %}
{% endfor %}
<li class="pure-menu-heading category">Files</li>
<li><a href="./private/" class="link"> User: admin</br> Password is yours</a></li>
<li class="pure-menu-heading category">Local Service</li>
{% set rewrite_list = monitor_rewrite.split() %}
{% for path in rewrite_list %}
<li><a href="./rewrite/{{path}}/" class="link">{{path}}</a></li>
{% endfor %}
</ul>
</div>
</div>
<div id="content">
<iframe src="{{ default_page }}">
</iframe>
</div>
</body>
</html>
stack/monitor2/webfile-directory/monitor-password.cgi.in 0 → 100644
View file @ 94026302
#!{{ python_executable }}
import cgitb
cgitb.enable()
print "<html><head>"
print """
<script type="text/javascript" src="static/jquery-1.10.2.min.js"></script>
<link rel="stylesheet" href="static/pure-min.css">
<link rel="stylesheet" href="static/style.css">"""
print "</head><body>"
print "<h1>This is the monitoring interface</h1>"
print "<h2>Please set your password for later access</h2>"
print """
<form action="/index.cgi" method="post" class="pure-form-aligned">
<div class="pure-control-group">
<label for="password">Password*:</label>
<input placeholder="Set your password" type="password" name="password" id="password"></br>
</div><div class="pure-control-group">
<label for="password">Verify Password*:</label>
<input placeholder="Verify password" type="password" name="password_2" id="password_2"></br>
</div><p id="validate-status" style="color:red"></p>
<div class="pure-controls">
<button id="register-button" type="submit" class="pure-button pure-button-primary" disabled>Access</button></div>
</form>
<script type="text/javascript" src="static/monitor-register.js"></script>
</body></html>
"""
stack/monitor2/webfile-directory/settings.cgi.in 0 → 100755
View file @ 94026302
#!{{ python_executable }}
import cgi
import cgitb
import ConfigParser
import os
cgitb.enable()
form = cgi.FieldStorage()
print "<html><head>"
print "<link rel=\"stylesheet\" href=\"static/pure-min.css\">"
print "<link rel=\"stylesheet\" href=\"static/style.css\">"
print "</head><body>"
config_file = "{{ config_cfg }}"
if not os.path.exists(config_file):
print "Your software does <b>not</b> embed 0-knowledge. \
This interface is useless in this case</body></html>"
exit(0)
parser = ConfigParser.ConfigParser()
parser.read(config_file)
if not parser.has_section('public'):
print "<p>Your software does not use 0-knowledge settings.</p></body></html>"
exit(0)
for name in form:
if parser.has_option('public', name):
parser.set('public', name, form[name].value)
with open(config_file, 'w') as file:
parser.write(file)
if len(form) > 0:
try:
os.remove("{{ timestamp }}")
except OSError:
pass
print "<h1>Values that can be defined :</h1>"
print "<form action=\"/index.cgi\" method=\"post\" class=\"pure-form-aligned\">"
print "<input type=\"hidden\" name=\"posting-script\" value=\"{{ pwd }}/{{ this_file }}\">"
for option in parser.options("public"):
print "<div class=\"pure-control-group\">"
print "<label for=\"%s\">%s</label>" % (cgi.escape(option, quote=True), cgi.escape(option))
print "<input type=\"text\" name=\"%s\" value=\"%s\">" % (cgi.escape(option, quote=True), cgi.escape(parser.get('public', option), quote=True))
print "</div>"
print "<div class=\"pure-controls\"><button type=\"submit\" class=\"pure-button \
pure-button-primary\">Save</button></div></form>"
print "<br><h1>Other values :</h1>"
print "<form class=\"pure-form-aligned\">"
for section in parser.sections():
if section != 'public':
for option in parser.options(section):
print "<div class=\"pure-control-group\">"
print "<label for=\"%s\">%s</label>" % (cgi.escape(option, quote=True), cgi.escape(option))
print "<input type=\"text\" name=\"%s\" value=\"%s\" readonly>" %(cgi.escape(option, quote=True), cgi.escape(parser.get(section, option), quote=True))
print "</div>"
print "</form>"
print "</body></html>"
stack/monitor2/webfile-directory/static/monitor-register.js 0 → 100644
View file @ 94026302
$(window).load(function(){
$(document).ready(function() {
$("#password_2").keyup(validate);
});
function validate() {
var password1 = $("#password").val();
var password2 = $("#password_2").val();
if(password1 == password2) {
$("#register-button").removeAttr("disabled");
$("#validate-status").attr("style", "display:none");
}
else {
$("#register-button").attr("disabled", "disabled");
$("#validate-status").attr("style", "").text("Passwords do not match");
}
}
});
\ No newline at end of file
stack/monitor2/webfile-directory/static/pure-min.css 0 → 100644
View file @ 94026302
/*!
Pure v0.3.0
Copyright 2013 Yahoo! Inc. All rights reserved.
Licensed under the BSD License.
https://github.com/yui/pure/blob/master/LICENSE.md
*/
/*!
normalize.css v1.1.2 | MIT License | git.io/normalize
Copyright (c) Nicolas Gallagher and Jonathan Neal
*/
/*! normalize.css v1.1.2 | MIT License | git.io/normalize */article,aside,details,figcaption,figure,footer,header,hgroup,main,nav,section,summary{display:block}audio,canvas,video{display:inline-block;*display:inline;*zoom:1}audio:not([controls]){display:none;height:0}[hidden]{display:none}html{font-size:100%;-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%}html,button,input,select,textarea{font-family:sans-serif}body{margin:0}a:focus{outline:thin dotted}a:active,a:hover{outline:0}h1{font-size:2em;margin:.67em 0}h2{font-size:1.5em;margin:.83em 0}h3{font-size:1.17em;margin:1em 0}h4{font-size:1em;margin:1.33em 0}h5{font-size:.83em;margin:1.67em 0}h6{font-size:.67em;margin:2.33em 0}abbr[title]{border-bottom:1px dotted}b,strong{font-weight:700}blockquote{margin:1em 40px}dfn{font-style:italic}hr{-moz-box-sizing:content-box;box-sizing:content-box;height:0}mark{background:#ff0;color:#000}p,pre{margin:1em 0}code,kbd,pre,samp{font-family:monospace,serif;_font-family:'courier new',monospace;font-size:1em}pre{white-space:pre;white-space:pre-wrap;word-wrap:break-word}q{quotes:none}q:before,q:after{content:'';content:none}small{font-size:80%}sub,sup{font-size:75%;line-height:0;position:relative;vertical-align:baseline}sup{top:-.5em}sub{bottom:-.25em}dl,menu,ol,ul{margin:1em 0}dd{margin:0 0 0 40px}menu,ol,ul{padding:0 0 0 40px}nav ul,nav ol{list-style:none;list-style-image:none}img{border:0;-ms-interpolation-mode:bicubic}svg:not(:root){overflow:hidden}figure{margin:0}form{margin:0}fieldset{border:1px solid silver;margin:0 2px;padding:.35em .625em .75em}legend{border:0;padding:0;white-space:normal;*margin-left:-7px}button,input,select,textarea{font-size:100%;margin:0;vertical-align:baseline;*vertical-align:middle}button,input{line-height:normal}button,select{text-transform:none}button,html input[type=button],input[type=reset],input[type=submit]{-webkit-appearance:button;cursor:pointer;*overflow:visible}button[disabled],html input[disabled]{cursor:default}input[type=checkbox],input[type=radio]{box-sizing:border-box;padding:0;*height:13px;*width:13px}input[type=search]{-webkit-appearance:textfield;-moz-box-sizing:content-box;-webkit-box-sizing:content-box;box-sizing:content-box}input[type=search]::-webkit-search-cancel-button,input[type=search]::-webkit-search-decoration{-webkit-appearance:none}button::-moz-focus-inner,input::-moz-focus-inner{border:0;padding:0}textarea{overflow:auto;vertical-align:top}table{border-collapse:collapse;border-spacing:0}.pure-button{display:inline-block;*display:inline;zoom:1;line-height:normal;white-space:nowrap;vertical-align:baseline;text-align:center;cursor:pointer;-webkit-user-drag:none;-webkit-user-select:none;-moz-user-select:none;-ms-user-select:none;user-select:none}.pure-button::-moz-focus-inner{padding:0;border:0}.pure-button{font-size:100%;*font-size:90%;*overflow:visible;padding:.5em 1.5em;color:#444;color:rgba(0,0,0,.8);*color:#444;border:1px solid #999;border:0 rgba(0,0,0,0);background-color:#E6E6E6;text-decoration:none;border-radius:2px;-webkit-transition:.1s linear -webkit-box-shadow;-moz-transition:.1s linear -moz-box-shadow;-ms-transition:.1s linear box-shadow;-o-transition:.1s linear box-shadow;transition:.1s linear box-shadow}.pure-button-hover,.pure-button:hover,.pure-button:focus{filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#00000000', endColorstr='#1a000000', GradientType=0);background-image:-webkit-gradient(linear,0 0,0 100%,from(transparent),color-stop(40%,rgba(0,0,0,.05)),to(rgba(0,0,0,.1)));background-image:-webkit-linear-gradient(transparent,rgba(0,0,0,.05) 40%,rgba(0,0,0,.1));background-image:-moz-linear-gradient(top,rgba(0,0,0,.05) 0,rgba(0,0,0,.1));background-image:-ms-linear-gradient(transparent,rgba(0,0,0,.05) 40%,rgba(0,0,0,.1));background-image:-o-linear-gradient(transparent,rgba(0,0,0,.05) 40%,rgba(0,0,0,.1));background-image:linear-gradient(transparent,rgba(0,0,0,.05) 40%,rgba(0,0,0,.1))}.pure-button:focus{outline:0}.pure-button-active,.pure-button:active{box-shadow:0 0 0 1px rgba(0,0,0,.15) inset,0 0 6px rgba(0,0,0,.2) inset}.pure-button[disabled],.pure-button-disabled,.pure-button-disabled:hover,.pure-button-disabled:focus,.pure-button-disabled:active{border:0;background-image:none;filter:progid:DXImageTransform.Microsoft.gradient(enabled=false);filter:alpha(opacity=40);-khtml-opacity:.4;-moz-opacity:.4;opacity:.4;cursor:not-allowed;box-shadow:none}.pure-button-hidden{display:none}.pure-button::-moz-focus-inner{padding:0;border:0}.pure-button-primary,.pure-button-selected,a.pure-button-primary,a.pure-button-selected{background-color:#0078e7;color:#fff}.pure-form input[type=text],.pure-form input[type=password],.pure-form input[type=email],.pure-form input[type=url],.pure-form input[type=date],.pure-form input[type=month],.pure-form input[type=time],.pure-form input[type=datetime],.pure-form input[type=datetime-local],.pure-form input[type=week],.pure-form input[type=number],.pure-form input[type=search],.pure-form input[type=tel],.pure-form input[type=color],.pure-form select,.pure-form textarea{padding:.5em .6em;display:inline-block;border:1px solid #ccc;font-size:.8em;box-shadow:inset 0 1px 3px #ddd;border-radius:4px;-webkit-transition:.3s linear border;-moz-transition:.3s linear border;-ms-transition:.3s linear border;-o-transition:.3s linear border;transition:.3s linear border;-webkit-box-sizing:border-box;-moz-box-sizing:border-box;box-sizing:border-box}.pure-form input[type=text]:focus,.pure-form input[type=password]:focus,.pure-form input[type=email]:focus,.pure-form input[type=url]:focus,.pure-form input[type=date]:focus,.pure-form input[type=month]:focus,.pure-form input[type=time]:focus,.pure-form input[type=datetime]:focus,.pure-form input[type=datetime-local]:focus,.pure-form input[type=week]:focus,.pure-form input[type=number]:focus,.pure-form input[type=search]:focus,.pure-form input[type=tel]:focus,.pure-form input[type=color]:focus,.pure-form select:focus,.pure-form textarea:focus{outline:0;outline:thin dotted \9;border-color:#129FEA}.pure-form input[type=file]:focus,.pure-form input[type=radio]:focus,.pure-form input[type=checkbox]:focus{outline:thin dotted #333;outline:1px auto #129FEA}.pure-form .pure-checkbox,.pure-form .pure-radio{margin:.5em 0;display:block}.pure-form input[type=text][disabled],.pure-form input[type=password][disabled],.pure-form input[type=email][disabled],.pure-form input[type=url][disabled],.pure-form input[type=date][disabled],.pure-form input[type=month][disabled],.pure-form input[type=time][disabled],.pure-form input[type=datetime][disabled],.pure-form input[type=datetime-local][disabled],.pure-form input[type=week][disabled],.pure-form input[type=number][disabled],.pure-form input[type=search][disabled],.pure-form input[type=tel][disabled],.pure-form input[type=color][disabled],.pure-form select[disabled],.pure-form textarea[disabled]{cursor:not-allowed;background-color:#eaeded;color:#cad2d3}.pure-form input[readonly],.pure-form select[readonly],.pure-form textarea[readonly]{background:#eee;color:#777;border-color:#ccc}.pure-form input:focus:invalid,.pure-form textarea:focus:invalid,.pure-form select:focus:invalid{color:#b94a48;border:1px solid #ee5f5b}.pure-form input:focus:invalid:focus,.pure-form textarea:focus:invalid:focus,.pure-form select:focus:invalid:focus{border-color:#e9322d}.pure-form input[type=file]:focus:invalid:focus,.pure-form input[type=radio]:focus:invalid:focus,.pure-form input[type=checkbox]:focus:invalid:focus{outline-color:#e9322d}.pure-form select{border:1px solid #ccc;background-color:#fff}.pure-form select[multiple]{height:auto}.pure-form label{margin:.5em 0 .2em;font-size:90%}.pure-form fieldset{margin:0;padding:.35em 0 .75em;border:0}.pure-form legend{display:block;width:100%;padding:.3em 0;margin-bottom:.3em;font-size:125%;color:#333;border-bottom:1px solid #e5e5e5}.pure-form-stacked input[type=text],.pure-form-stacked input[type=password],.pure-form-stacked input[type=email],.pure-form-stacked input[type=url],.pure-form-stacked input[type=date],.pure-form-stacked input[type=month],.pure-form-stacked input[type=time],.pure-form-stacked input[type=datetime],.pure-form-stacked input[type=datetime-local],.pure-form-stacked input[type=week],.pure-form-stacked input[type=number],.pure-form-stacked input[type=search],.pure-form-stacked input[type=tel],.pure-form-stacked input[type=color],.pure-form-stacked select,.pure-form-stacked label,.pure-form-stacked textarea{display:block;margin:.25em 0}.pure-form-aligned input,.pure-form-aligned textarea,.pure-form-aligned select,.pure-form-aligned .pure-help-inline,.pure-form-message-inline{display:inline-block;*display:inline;*zoom:1;vertical-align:middle}.pure-form-aligned .pure-control-group{margin-bottom:.5em}.pure-form-aligned .pure-control-group label{text-align:right;display:inline-block;vertical-align:middle;width:10em;margin:0 1em 0 0}.pure-form-aligned .pure-controls{margin:1.5em 0 0 10em}.pure-form input.pure-input-rounded,.pure-form .pure-input-rounded{border-radius:2em;padding:.5em 1em}.pure-form .pure-group fieldset{margin-bottom:10px}.pure-form .pure-group input{display:block;padding:10px;margin:0;border-radius:0;position:relative;top:-1px}.pure-form .pure-group input:focus{z-index:2}.pure-form .pure-group input:first-child{top:1px;border-radius:4px 4px 0 0}.pure-form .pure-group input:last-child{top:-2px;border-radius:0 0 4px 4px}.pure-form .pure-group button{margin:.35em 0}.pure-form .pure-input-1{width:100%}.pure-form .pure-input-2-3{width:66%}.pure-form .pure-input-1-2{width:50%}.pure-form .pure-input-1-3{width:33%}.pure-form .pure-input-1-4{width:25%}.pure-form .pure-help-inline,.pure-form-message-inline{display:inline-block;padding-left:.3em;color:#666;vertical-align:middle;font-size:90%}.pure-form-message{display:block;color:#666;font-size:90%}@media only screen and (max-width :480px){.pure-form button[type=submit]{margin:.7em 0 0}.pure-form input[type=text],.pure-form input[type=password],.pure-form input[type=email],.pure-form input[type=url],.pure-form input[type=date],.pure-form input[type=month],.pure-form input[type=time],.pure-form input[type=datetime],.pure-form input[type=datetime-local],.pure-form input[type=week],.pure-form input[type=number],.pure-form input[type=search],.pure-form input[type=tel],.pure-form input[type=color],.pure-form label{margin-bottom:.3em;display:block}.pure-group input[type=text],.pure-group input[type=password],.pure-group input[type=email],.pure-group input[type=url],.pure-group input[type=date],.pure-group input[type=month],.pure-group input[type=time],.pure-group input[type=datetime],.pure-group input[type=datetime-local],.pure-group input[type=week],.pure-group input[type=number],.pure-group input[type=search],.pure-group input[type=tel],.pure-group input[type=color]{margin-bottom:0}.pure-form-aligned .pure-control-group label{margin-bottom:.3em;text-align:left;display:block;width:100%}.pure-form-aligned .pure-controls{margin:1.5em 0 0}.pure-form .pure-help-inline,.pure-form-message-inline,.pure-form-message{display:block;font-size:80%;padding:.2em 0 .8em}}.pure-g{letter-spacing:-.31em;*letter-spacing:normal;*word-spacing:-.43em;text-rendering:optimizespeed;font-family:FreeSans,Arimo,"Droid Sans",Helvetica,Arial,sans-serif;display:-webkit-flex;-webkit-flex-flow:row wrap;display:-ms-flexbox;-ms-flex-flow:row wrap}.opera-only :-o-prefocus,.pure-g{word-spacing:-.43em}.pure-u{display:inline-block;*display:inline;zoom:1;letter-spacing:normal;word-spacing:normal;vertical-align:top;text-rendering:auto}.pure-g [class *="pure-u"]{font-family:sans-serif}.pure-u-1,.pure-u-1-2,.pure-u-1-3,.pure-u-2-3,.pure-u-1-4,.pure-u-3-4,.pure-u-1-5,.pure-u-2-5,.pure-u-3-5,.pure-u-4-5,.pure-u-1-6,.pure-u-5-6,.pure-u-1-8,.pure-u-3-8,.pure-u-5-8,.pure-u-7-8,.pure-u-1-12,.pure-u-5-12,.pure-u-7-12,.pure-u-11-12,.pure-u-1-24,.pure-u-5-24,.pure-u-7-24,.pure-u-11-24,.pure-u-13-24,.pure-u-17-24,.pure-u-19-24,.pure-u-23-24{display:inline-block;*display:inline;zoom:1;letter-spacing:normal;word-spacing:normal;vertical-align:top;text-rendering:auto}.pure-u-1{width:100%}.pure-u-1-2{width:50%;*width:49.969%}.pure-u-1-3{width:33.3333%;*width:33.3023%}.pure-u-2-3{width:66.6667%;*width:66.6357%}.pure-u-1-4{width:25%;*width:24.969%}.pure-u-3-4{width:75%;*width:74.969%}.pure-u-1-5{width:20%;*width:19.969%}.pure-u-2-5{width:40%;*width:39.969%}.pure-u-3-5{width:60%;*width:59.969%}.pure-u-4-5{width:80%;*width:79.969%}.pure-u-1-6{width:16.6667%;*width:16.6357%}.pure-u-5-6{width:83.3333%;*width:83.3023%}.pure-u-1-8{width:12.5%;*width:12.469%}.pure-u-3-8{width:37.5%;*width:37.469%}.pure-u-5-8{width:62.5%;*width:62.469%}.pure-u-7-8{width:87.5%;*width:87.469%}.pure-u-1-12{width:8.3333%;*width:8.3023%}.pure-u-5-12{width:41.6667%;*width:41.6357%}.pure-u-7-12{width:58.3333%;*width:58.3023%}.pure-u-11-12{width:91.6667%;*width:91.6357%}.pure-u-1-24{width:4.1667%;*width:4.1357%}.pure-u-5-24{width:20.8333%;*width:20.8023%}.pure-u-7-24{width:29.1667%;*width:29.1357%}.pure-u-11-24{width:45.8333%;*width:45.8023%}.pure-u-13-24{width:54.1667%;*width:54.1357%}.pure-u-17-24{width:70.8333%;*width:70.8023%}.pure-u-19-24{width:79.1667%;*width:79.1357%}.pure-u-23-24{width:95.8333%;*width:95.8023%}.pure-g-r{letter-spacing:-.31em;*letter-spacing:normal;*word-spacing:-.43em;font-family:FreeSans,Arimo,"Droid Sans",Helvetica,Arial,sans-serif;display:-webkit-flex;-webkit-flex-flow:row wrap;display:-ms-flexbox;-ms-flex-flow:row wrap}.opera-only :-o-prefocus,.pure-g-r{word-spacing:-.43em}.pure-g-r [class *="pure-u"]{font-family:sans-serif}.pure-g-r img{max-width:100%;height:auto}@media (min-width:980px){.pure-visible-phone{display:none}.pure-visible-tablet{display:none}.pure-hidden-desktop{display:none}}@media (max-width:480px){.pure-g-r>.pure-u,.pure-g-r>[class *="pure-u-"]{width:100%}}@media (max-width:767px){.pure-g-r>.pure-u,.pure-g-r>[class *="pure-u-"]{width:100%}.pure-hidden-phone{display:none}.pure-visible-desktop{display:none}}@media (min-width:768px) and (max-width:979px){.pure-hidden-tablet{display:none}.pure-visible-desktop{display:none}}.pure-menu ul{position:absolute;visibility:hidden}.pure-menu.pure-menu-open{visibility:visible;z-index:2;width:100%}.pure-menu ul{left:-10000px;list-style:none;margin:0;padding:0;top:-10000px;z-index:1}.pure-menu>ul{position:relative}.pure-menu-open>ul{left:0;top:0;visibility:visible}.pure-menu-open>ul:focus{outline:0}.pure-menu li{position:relative}.pure-menu a,.pure-menu .pure-menu-heading{display:block;color:inherit;line-height:1.5em;padding:5px 20px;text-decoration:none;white-space:nowrap}.pure-menu.pure-menu-horizontal>.pure-menu-heading{display:inline-block;*display:inline;zoom:1;margin:0;vertical-align:middle}.pure-menu.pure-menu-horizontal>ul{display:inline-block;*display:inline;zoom:1;vertical-align:middle;height:2.4em}.pure-menu li a{padding:5px 20px}.pure-menu-can-have-children>.pure-menu-label:after{content:'\25B8';float:right;font-family:'Lucida Grande','Lucida Sans Unicode','DejaVu Sans',sans-serif;margin-right:-20px;margin-top:-1px}.pure-menu-can-have-children>.pure-menu-label{padding-right:30px}.pure-menu-separator{background-color:#dfdfdf;display:block;height:1px;font-size:0;margin:7px 2px;overflow:hidden}.pure-menu-hidden{display:none}.pure-menu-fixed{position:fixed;top:0;left:0;width:100%}.pure-menu-horizontal li{display:inline-block;*display:inline;zoom:1;vertical-align:middle}.pure-menu-horizontal li li{display:block}.pure-menu-horizontal>.pure-menu-children>.pure-menu-can-have-children>.pure-menu-label:after{content:"\25BE"}.pure-menu-horizontal>.pure-menu-children>.pure-menu-can-have-children>.pure-menu-label{padding-right:30px}.pure-menu-horizontal li.pure-menu-separator{height:50%;width:1px;margin:0 7px}.pure-menu-horizontal li li.pure-menu-separator{height:1px;width:auto;margin:7px 2px}.pure-menu.pure-menu-open,.pure-menu.pure-menu-horizontal li .pure-menu-children{background:#fff;border:1px solid #b7b7b7}.pure-menu.pure-menu-horizontal,.pure-menu.pure-menu-horizontal .pure-menu-heading{border:0}.pure-menu a{border:1px solid transparent;border-left:0;border-right:0}.pure-menu a,.pure-menu .pure-menu-can-have-children>li:after{color:#777}.pure-menu .pure-menu-can-have-children>li:hover:after{color:#fff}.pure-menu .pure-menu-open{background:#dedede}.pure-menu li a:hover,.pure-menu li a:focus{background:#eee}.pure-menu li.pure-menu-disabled a:hover,.pure-menu li.pure-menu-disabled a:focus{background:#fff;color:#bfbfbf}.pure-menu .pure-menu-disabled>a{background-image:none;border-color:transparent;cursor:default}.pure-menu .pure-menu-disabled>a,.pure-menu .pure-menu-can-have-children.pure-menu-disabled>a:after{color:#bfbfbf}.pure-menu .pure-menu-heading{color:#565d64;text-transform:uppercase;font-size:90%;margin-top:.5em;border-bottom-width:1px;border-bottom-style:solid;border-bottom-color:#dfdfdf}.pure-menu .pure-menu-selected a{color:#000}.pure-menu.pure-menu-open.pure-menu-fixed{border:0;border-bottom:1px solid #b7b7b7}.pure-paginator{letter-spacing:-.31em;*letter-spacing:normal;*word-spacing:-.43em;text-rendering:optimizespeed;list-style:none;margin:0;padding:0}.opera-only :-o-prefocus,.pure-paginator{word-spacing:-.43em}.pure-paginator li{display:inline-block;*display:inline;zoom:1;letter-spacing:normal;word-spacing:normal;vertical-align:top;text-rendering:auto}.pure-paginator .pure-button{border-radius:0;padding:.8em 1.4em;vertical-align:top;height:1.1em}.pure-paginator .pure-button:focus,.pure-paginator .pure-button:active{outline-style:none}.pure-paginator .prev,.pure-paginator .next{color:#C0C1C3;text-shadow:0 -1px 0 rgba(0,0,0,.45)}.pure-paginator .prev{border-radius:2px 0 0 2px}.pure-paginator .next{border-radius:0 2px 2px 0}@media (max-width:480px){.pure-menu-horizontal{width:100%}.pure-menu-children li{display:block;border-bottom:1px solid #000}}.pure-table{border-collapse:collapse;border-spacing:0;empty-cells:show;border:1px solid #cbcbcb}.pure-table caption{color:#000;font:italic 85%/1 arial,sans-serif;padding:1em 0;text-align:center}.pure-table td,.pure-table th{border-left:1px solid #cbcbcb;border-width:0 0 0 1px;font-size:inherit;margin:0;overflow:visible;padding:6px 12px}.pure-table td:first-child,.pure-table th:first-child{border-left-width:0}.pure-table thead{background:#e0e0e0;color:#000;text-align:left;vertical-align:bottom}.pure-table td{background-color:transparent}.pure-table-odd td{background-color:#f2f2f2}.pure-table-striped tr:nth-child(2n-1) td{background-color:#f2f2f2}.pure-table-bordered td{border-bottom:1px solid #cbcbcb}.pure-table-bordered tbody>tr:last-child td,.pure-table-horizontal tbody>tr:last-child td{border-bottom-width:0}.pure-table-horizontal td,.pure-table-horizontal th{border-width:0 0 1px;border-bottom:1px solid #cbcbcb}.pure-table-horizontal tbody>tr:last-child td{border-bottom-width:0}
\ No newline at end of file
stack/monitor2/webfile-directory/static/script.js 0 → 100644
View file @ 94026302
$(document).ready(function() {
function doDataUrl (data) {
var frame_content = document.getElementsByTagName("iframe")[0].contentWindow;
var b64 = btoa(data);
dataurl = 'data:text/html;base64,' + b64;
$("iframe").attr('src', dataurl);
}
if ( window.self === window.top ) {
//not in an iframe
$(".script").click(function(e) {
e.preventDefault();
var message = $(this).attr('href');
var slash_pos = message.search('/');
//let's differenciate kind of script called
if ( slash_pos === -1 || slash_pos === 0) {
url = message;
}
else {
url = '/index.cgi';
}
$("iframe").attr('src', url + '?script=' + encodeURIComponent(message));
});
$(".link").click(function(e) {
e.preventDefault();
var url = $(this).attr('href');
$("iframe").attr('src', url);
});
}
else {
//in an iframe
$("body").empty();
}
});
stack/monitor2/webfile-directory/static/style.css 0 → 100644
View file @ 94026302
body {
padding: 15px;
}
.pure-menu .pure-menu-heading {
font-size: 120%;
}
#content {
display: inline-block;
min-width: 72%;
height: 97%;
margin-left: 30px;
}
#div-menu {
display: inline-block;
vertical-align: top;
}
#div-menu h1 {
text-align: center;
}
iframe {
width: 100%;
height: 100%;
margin: 0px;
padding: 0px;
border-style: none;
}
stack/monitor2/webfile-directory/static/welcome.html 0 → 100644
View file @ 94026302
<html>
<head>
<title>Welcome to the Monitoring Interface</title>
<link rel="stylesheet" href="pure-min.css">
<link rel="stylesheet" href="style.css">
</head>
<body>
<h1>Welcome to your monitoring interface</h1>
<p>From this interface you can monitor, configure your instance</p>
</body>
</html>
stack/monitor2/webfile-directory/status-history.cgi.in 0 → 100644
View file @ 94026302
#!{{ python_executable }}
import cgi
import datetime
import os
import sqlite3
db_path = '{{ monitor_db_path }}'
status_history_length = '{{ status_history_length }}'
db = sqlite3.connect(db_path)
print """<html><head>
<link rel="stylesheet" href="static/pure-min.css">
<link rel="stylesheet" href="static/style.css">
</head><body>
<h1>Monitor Status History :</h1>"""
def get_date_from_timestamp(timestamp):
return datetime.datetime.fromtimestamp(timestamp).strftime('%Y-%m-%d %H:%M:%S')
def print_individual_status(timestamp):
print "<div><h3>Failure on %s</h3><ul>" % get_date_from_timestamp(timestamp)
rows = db.execute("select status, element, output from individual_status where timestamp=?", (timestamp,))
for row in rows:
status, element, output = row
print "<li>%s , %s :</br><pre>%s</pre></li>" % (status, cgi.escape(element), cgi.escape(output))
print "</ul></div>"
if not os.path.exists(db_path):
print """No status history found</p></body></html>"""
exit(0)
failure_row_list = db.execute("select timestamp from status where status='FAILURE' order by timestamp desc limit ?", status_history_length )
for failure_row in failure_row_list:
timestamp, = failure_row
print_individual_status(timestamp)
print "</body></html>"
stack/monitor2/webfile-directory/status.cgi.in 0 → 100755
View file @ 94026302
#!{{ python_executable }}
import cgi
import cgitb
import json
import os
import subprocess
def refresh():
command = ["{{ monitor_bin }}", "-a"]
subprocess.call(command)
cgitb.enable(display=0, logdir="/tmp/cgi.log")
form = cgi.FieldStorage()
json_file = "{{ json_file }}"
if not os.path.exists(json_file) or "refresh" in form:
refresh()
if not os.path.exists(json_file):
print """<html><head>
<link rel="stylesheet" href="static/pure-min.css">
<link rel="stylesheet" href="static/style.css">
</head><body>
<h1>Monitoring :</h1>
No status file found</p></body></html>"""
exit(0)
result = json.load(open(json_file))
print "<html><head>"
print "<link rel=\"stylesheet\" href=\"static/pure-min.css\">"
print "<link rel=\"stylesheet\" href=\"static/style.css\">"
print "</head><body>"
print "<h1>Monitoring :</h1>"
print "<form action=\"/index.cgi\" method=\"post\" class=\"pure-form-aligned\">"
print "<input type=\"hidden\" name=\"posting-script\" value=\"{{ pwd }}/{{ this_file }}\">"
print "<p><em>Last time of monitoring process : %s</em></p>" % (result['datetime'])
del result['datetime']
print "<div class=\"pure-controls\"><button type=\"submit\" class=\"pure-button \
pure-button-primary\" name=\"refresh\" value=\"refresh\">Refresh</button></div></form>"
print "<br/>"
print "<h2>These scripts and promises have failed :</h2>"
for r in result:
if result[r] != '':
print "<h3>%s</h3><pre style=\"padding-left:30px;\">%s</pre>" % (cgi.escape(r), cgi.escape(result[r]))
print "<br/>"
print "<h2>These scripts and promises were successful :</h2>"
print "<ul>"
for r in result:
if result[r] == '':
print "<li>%s</li>" % (r)
print "</ul>"
print "</body></html>"
stack/monitor2/wrapper.in 0 → 100644
View file @ 94026302
#!${dash-output:dash}
{{ content }}
\ No newline at end of file
stack/resilient/buildout.cfg
View file @ 94026302
......@@ -67,14 +67,14 @@ md5sum = 0e6a95e7a9b38d402f94c11b7d10397e
mode = 0644
[template-replicated]
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/template-replicated.cfg.in
md5sum = 0641a65142fe0f624bf7c112081c2527
mode = 0644
destination = ${buildout:directory}/template-replicated.cfg.in
[template-parts]
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/template-parts.cfg.in
md5sum = 071b1034ee8f5cc14f79b16fdeba2813
mode = 0644
......@@ -90,7 +90,7 @@ md5sum = d21472f0e58f928fb827f2cbf22c4d4a
output = ${buildout:directory}/instance-frozen.cfg
[resilient-web-takeover-cgi-script-download]
recipe = slapos.recipe.download
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/resilient-web-takeover-cgi-script.py.in
md5sum = 3aa7624af1196062d7d01946d4de9f0e
mode = 0644
......
stack/slapos.cfg
View file @ 94026302
......@@ -9,13 +9,9 @@ python = python2.7
# Note that if you want a develop version of slapos-cookbook from a git
# checkout, you must add both slapos-cookbook-develop and slapos-cookbook in parts
# Explicitly disable download-cache
download-cache =
# Generate list of automatically chosen eggs version
extensions +=
buildout-versions
mr.developer
slapos.extension.strip
# Use shacache and lxml
......@@ -26,6 +22,7 @@ extends =
../component/python-cffi/buildout.cfg
../component/python-cliff/buildout.cfg
../component/python-cryptography/buildout.cfg
../component/python-PyYAML/buildout.cfg
# Separate from site eggs
allowed-eggs-from-site-packages =
......@@ -86,6 +83,7 @@ recipe = zc.recipe.egg
eggs =
${lxml-python:egg}
${python-cffi:egg}
${python-PyYAML:egg}
${python-cliff:egg}
${python-cryptography:egg}
pyOpenSSL
......@@ -103,17 +101,18 @@ eggs =
[versions]
# Use SlapOS patched zc.buildout
zc.buildout = 1.7.1.post10
zc.buildout = 1.7.1.post13
# Use SlapOS patched zc.recipe.egg (zc.recipe.egg 2.x is for Buildout 2)
zc.recipe.egg = 1.3.2.post4
zc.recipe.egg = 1.3.2.post5
# Use own version of h.r.download to be able to open .xz and .lz archives
hexagonit.recipe.download = 1.7.post4
Jinja2 = 2.7.3
MarkupSafe = 0.23
Jinja2 = 2.8
PyYAML = 3.11
Werkzeug = 0.10.4
buildout-versions = 1.7
cffi = 1.1.2
cffi = 1.2.1
cliff = 1.15.0
cmd2 = 0.6.8
collective.recipe.template = 1.11
cryptography = 1.0.2
......@@ -127,39 +126,40 @@ netaddr = 0.7.18
pbr = 1.8.1
plone.recipe.command = 1.1
prettytable = 0.7.2
psutil = 3.1.1
psutil = 3.2.2
pyOpenSSL = 0.15.1
pyasn1 = 0.1.9
pyparsing = 2.0.3
pytz = 2015.4
requests = 2.7.0
setuptools = 18.0.1
pytz = 2015.6
requests = 2.8.1
setuptools = 18.1
simplejson = 3.8.0
six = 1.9.0
slapos.cookbook = 0.103
slapos.core = 1.3.10
six = 1.10.0
slapos.cookbook = 1.0.9
slapos.core = 1.3.12
slapos.extension.strip = 0.1
slapos.libnetworkcache = 0.14.2
slapos.libnetworkcache = 0.14.5
slapos.recipe.build = 0.21
slapos.recipe.cmmi = 0.2
stevedore = 1.6.0
stevedore = 1.9.0
unicodecsv = 0.14.1
xml-marshaller = 0.9.7
z3c.recipe.scripts = 1.0.1
# Required by:
# slapos.core==1.3.12
Flask = 0.10.1
# Required by:
# cliff==1.13.0
# stevedore==1.6.0
argparse = 1.3.0
# Jinja2==2.8
MarkupSafe = 0.23
# Required by:
# slapos.core==1.3.10
cliff = 1.13.0
# cliff==1.15.0
# stevedore==1.9.0
argparse = 1.4.0
# Required by:
# cryptography==0.9.3
# cryptography==1.0.2
enum34 = 1.0.4
# Required by:
......@@ -167,19 +167,15 @@ enum34 = 1.0.4
functools32 = 3.2.3.post2
# Required by:
# cryptography==0.9.3
idna = 2.0
# Required by:
# cryptography==0.9.3
# cryptography==1.0.2
ipaddress = 1.0.14
# Required by:
# slapos.cookbook==0.102
# slapos.cookbook==1.0.9
jsonschema = 2.5.1
# Required by:
# slapos.cookbook==0.102
# slapos.cookbook==1.0.9
lock-file = 2.0
# Required by:
......@@ -187,11 +183,7 @@ lock-file = 2.0
netifaces = 0.10.4
# Required by:
# cryptography==0.9.3
pyasn1 = 0.1.8
# Required by:
# cffi==1.1.2
# cffi==1.2.1
pycparser = 2.14
# Required by:
......@@ -218,6 +210,7 @@ download-dir-url = http://www.shacache.org/shadir
# Test Agent (Automatic update from tests)
# Aurélien Calonne
# Rafael Monnerat
# Ivan Tyagov
signature-certificate-list =
-----BEGIN CERTIFICATE-----
MIIB4DCCAUkCADANBgkqhkiG9w0BAQsFADA5MQswCQYDVQQGEwJGUjEZMBcGA1UE
......@@ -310,3 +303,16 @@ signature-certificate-list =
j8LgKB3tZCbBj+HDj+AeD+q9V+cqMFLKc6LezvQYUuum6bZdfUNnPv1K1ULYSPjq
/jsRBbabCWSXqxR6gYEM6ooauj3udBMXhHE=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIICAjCCAWugAwIBAgIJAL+BMtL+NJiHMA0GCSqGSIb3DQEBBQUAMBkxFzAVBgNV
BAMMDmxvY2FsX2NvbXB1dGVyMCAXDTE1MDgxODExMDQyNFoYDzIxMTUwNzI1MTEw
NDI0WjAZMRcwFQYDVQQDDA5sb2NhbF9jb21wdXRlcjCBnzANBgkqhkiG9w0BAQEF
AAOBjQAwgYkCgYEAvePhZuVoTvmX8f1N31FEpw/nfp9+Fl7TrIym+5norVvkj5Ps
c4bFIr2tfdj/GlmYLX3NtH2v26c1vbZ3Nt2lwCfi2rPXTJq9s1+NPPX9BnPXdSsz
iSp4LzAx/XgWQzHS1/tue989OXYGlroyQ842fHCCulHWmClVN5fDZbc/BwkCAwEA
AaNQME4wHQYDVR0OBBYEFOrHMBWcobogcdxbr0LAai35dWblMB8GA1UdIwQYMBaA
FOrHMBWcobogcdxbr0LAai35dWblMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEF
BQADgYEAYWOB2/WKJHL2GI4mh7F6TbqR+EODOgsqL5fSWG7LJeKo1rUWE4dW6h0T
8dEAOMIcdrPBzldf0JS+poCrLUw7qx9VZxa0ee3+F6WGEgsr2xhu2WpmTzpRWaFR
0I+saiiJCkOkLoyLxeQcgwe62em/DGn6PdcmRDYaVXBHygrRXus=
-----END CERTIFICATE-----
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7