Commit 40695801 authored by Cédric Le Ninivin's avatar Cédric Le Ninivin

apache-runner: add log access and publish monitoring url

parent 264b43dc
...@@ -48,7 +48,9 @@ parts = ...@@ -48,7 +48,9 @@ parts =
zero-parameters zero-parameters
public-symlink public-symlink
cgi-httpd-wrapper cgi-httpd-wrapper
## Monitor for apache
monitor-current-log-access
monitor-backup-log-access
extends = ${monitor-template:output} extends = ${monitor-template:output}
...@@ -119,6 +121,14 @@ apache-directory = ${apache-2.2:location} ...@@ -119,6 +121,14 @@ apache-directory = ${apache-2.2:location}
apache-ipv6 = $${instance-parameter:ipv6-random} apache-ipv6 = $${instance-parameter:ipv6-random}
apache-https-port = $${instance-parameter:configuration.port} apache-https-port = $${instance-parameter:configuration.port}
[monitor-current-log-access]
< = monitor-directory-access
source = $${directory:log}
[monitor-backup-log-access]
< = monitor-directory-access
source = $${directory:logrotate-backup}
[jinja2-template-base] [jinja2-template-base]
recipe = slapos.recipe.template:jinja2 recipe = slapos.recipe.template:jinja2
rendered = $${buildout:directory}/$${:filename} rendered = $${buildout:directory}/$${:filename}
......
...@@ -59,20 +59,24 @@ sla-{{ parameter }} = {{ slapparameter_dict.pop( sla_key + parameter ) }} ...@@ -59,20 +59,24 @@ sla-{{ parameter }} = {{ slapparameter_dict.pop( sla_key + parameter ) }}
[replicate] [replicate]
<= slap-connection <= slap-connection
recipe = slapos.cookbook:request recipe = slapos.cookbook:requestoptional
software-url = ${slap-connection:software-release-url} software-url = ${slap-connection:software-release-url}
software-type = {{frontend_type}} software-type = {{frontend_type}}
return = private-ipv4 public-ipv4 slave-instance-information-list return = private-ipv4 public-ipv4 slave-instance-information-list monitor_url
config = {{ ' '.join(slapparameter_dict.keys()) + ' ' + slave_list_name }} config = {{ ' '.join(slapparameter_dict.keys()) + ' ' + slave_list_name }}
{% for parameter, value in slapparameter_dict.iteritems() -%} {% for parameter, value in slapparameter_dict.iteritems() -%}
config-{{parameter}} = {{ value }} config-{{parameter}} = {{ value }}
{% endfor -%} {% endfor -%}
config-{{ slave_list_name }} = {{ json_module.dumps(slave_instance_list) }} config-{{ slave_list_name }} = {{ json_module.dumps(slave_instance_list) }}
connection-monitor_url =
[publish-information] [publish-information]
recipe = slapos.cookbook:publish recipe = slapos.cookbook:publish
domain = {{ slapparameter_dict.get('domain') }} domain = {{ slapparameter_dict.get('domain') }}
slave-amount = {{ slave_instance_list | length }} slave-amount = {{ slave_instance_list | length }}
{% for frontend in frontend_section_list %}
{{ frontend }}-monitor-url = {{ '${' + frontend + ':connection-monitor_url}' }}
{% endfor -%}
{% for frontend in frontend_list -%} {% for frontend in frontend_list -%}
#{{frontend}}-private-ipv4 = ${request-{{frontend}}:private-ipv4} #{{frontend}}-private-ipv4 = ${request-{{frontend}}:private-ipv4}
{% endfor -%} {% endfor -%}
......
...@@ -7,20 +7,23 @@ key = $${slap-connection:key-file} ...@@ -7,20 +7,23 @@ key = $${slap-connection:key-file}
cert = $${slap-connection:cert-file} cert = $${slap-connection:cert-file}
[monitor-parameters] [monitor-parameters]
monitor-dir = $${directory:var}/monitor monitor-dir = $${monitor-directory:var}/monitor
result-dir = $${:monitor-dir}/bool result-dir = $${:monitor-dir}/bool
json-filename = monitor.json json-filename = monitor.json
json-path = $${:monitor-dir}/$${:json-filename} json-path = $${:monitor-dir}/$${:json-filename}
rss-path = $${:public-cgi}/$${:rss-filename} rss-path = $${:public-cgi}/$${:rss-filename}
rss-filename = rssfeed.html rss-filename = rssfeed.html
executable = $${directory:bin}/monitor.py executable = $${monitor-directory:bin}/monitor.py
cgi-bin = $${directory:cgi-bin} cgi-bin = $${monitor-directory:cgi-bin}
monitoring-cgi = $${directory:monitoring-cgi} monitoring-cgi = $${monitor-directory:monitoring-cgi}
knowledge0-cgi = $${directory:knowledge0-cgi} knowledge0-cgi = $${monitor-directory:knowledge0-cgi}
public-cgi = $${directory:public-cgi} public-cgi = $${monitor-directory:public-cgi}
port = 9685 port = 9685
private-directory = $${monitor-directory:monitor-private-directory}
htaccess-file = $${monitor-htaccess:htaccess-path}
[directory] [monitor-directory]
recipe = slapos.cookbook:mkdirectory
home = $${buildout:directory} home = $${buildout:directory}
etc = $${:home}/etc etc = $${:home}/etc
bin = $${:home}/bin bin = $${:home}/bin
...@@ -37,34 +40,35 @@ crontabs = $${:etc}/crontabs ...@@ -37,34 +40,35 @@ crontabs = $${:etc}/crontabs
cronstamps = $${:etc}/cronstamps cronstamps = $${:etc}/cronstamps
log = $${:var}/log log = $${:var}/log
monitor = $${:etc}/monitor monitor = $${:etc}/monitor
monitor-result = $${monitor-parameters:monitor-dir} monitor-result = $${:var}/monitor
monitor-result-bool = $${monitor-parameters:result-dir} monitor-result-bool = $${:var}/monitor
promise = $${:etc}/promise promise = $${:etc}/promise
public-cgi = $${:cgi-bin}/public public-cgi = $${:cgi-bin}/public
run = $${:var}/run run = $${:var}/run
service = $${:etc}/service/ service = $${:etc}/service/
tmp = $${:home}/tmp tmp = $${:home}/tmp
www = $${:var}/www www = $${:var}/www
monitor-private-directory = $${:srv}/monitor-private
[public-symlink] [public-symlink]
recipe = cns.recipe.symlink recipe = cns.recipe.symlink
symlink = $${monitor-parameters:public-cgi} = $${directory:www}/public symlink = $${monitor-parameters:public-cgi} = $${monitor-directory:www}/public
autocreate = true autocreate = true
[cron] [cron]
recipe = slapos.cookbook:cron recipe = slapos.cookbook:cron
dcrond-binary = ${dcron:location}/sbin/crond dcrond-binary = ${dcron:location}/sbin/crond
cron-entries = $${directory:cron-entries} cron-entries = $${monitor-directory:cron-entries}
crontabs = $${directory:crontabs} crontabs = $${monitor-directory:crontabs}
cronstamps = $${directory:cronstamps} cronstamps = $${monitor-directory:cronstamps}
catcher = $${cron-simplelogger:wrapper} catcher = $${cron-simplelogger:wrapper}
binary = $${directory:service}/crond binary = $${monitor-directory:service}/crond
# Add log to cron # Add log to cron
[cron-simplelogger] [cron-simplelogger]
recipe = slapos.cookbook:simplelogger recipe = slapos.cookbook:simplelogger
wrapper = $${directory:bin}/cron_simplelogger wrapper = $${monitor-directory:bin}/cron_simplelogger
log = $${directory:log}/cron.log log = $${monitor-directory:log}/cron.log
[cron-entry-monitor] [cron-entry-monitor]
<= cron <= cron
...@@ -84,14 +88,14 @@ command = $${make-rss:output} ...@@ -84,14 +88,14 @@ command = $${make-rss:output}
recipe = hexagonit.recipe.download recipe = hexagonit.recipe.download
url = ${download-static-files:destination}/${download-static-files:filename} url = ${download-static-files:destination}/${download-static-files:filename}
filename = static filename = static
destination = $${directory:www} destination = $${monitor-directory:www}
ignore-existing = true ignore-existing = true
mode = 0644 mode = 0644
[deploy-index] [deploy-index]
recipe = slapos.recipe.template:jinja2 recipe = slapos.recipe.template:jinja2
template = ${index:location}/${index:filename} template = ${index:location}/${index:filename}
rendered = $${directory:www}/$${:filename} rendered = $${monitor-directory:www}/$${:filename}
filename = index.cgi filename = index.cgi
mode = 0744 mode = 0744
context = context =
...@@ -104,7 +108,7 @@ context = ...@@ -104,7 +108,7 @@ context =
[deploy-index-template] [deploy-index-template]
recipe = hexagonit.recipe.download recipe = hexagonit.recipe.download
url = ${index-template:location}/$${:filename} url = ${index-template:location}/$${:filename}
destination = $${directory:www} destination = $${monitor-directory:www}
filename = ${index-template:filename} filename = ${index-template:filename}
download-only = true download-only = true
mode = 0644 mode = 0644
...@@ -138,7 +142,7 @@ template = ${monitor-bin:location}/${monitor-bin:filename} ...@@ -138,7 +142,7 @@ template = ${monitor-bin:location}/${monitor-bin:filename}
rendered = $${monitor-parameters:executable} rendered = $${monitor-parameters:executable}
mode = 0744 mode = 0744
context = context =
section directory directory section directory monitor-directory
key monitoring_file_json monitor-parameters:json-path key monitoring_file_json monitor-parameters:json-path
key monitoring_folder_bool monitor-parameters:result-dir key monitoring_folder_bool monitor-parameters:result-dir
raw python_executable ${buildout:executable} raw python_executable ${buildout:executable}
...@@ -146,7 +150,7 @@ context = ...@@ -146,7 +150,7 @@ context =
[deploy-rss-script] [deploy-rss-script]
recipe = hexagonit.recipe.download recipe = hexagonit.recipe.download
url = ${rss-bin:destination}/${rss-bin:filename} url = ${rss-bin:destination}/${rss-bin:filename}
destination = $${directory:bin} destination = $${monitor-directory:bin}
filename = ${rss-bin:filename} filename = ${rss-bin:filename}
mode = 0744 mode = 0744
download-only = true download-only = true
...@@ -154,23 +158,34 @@ download-only = true ...@@ -154,23 +158,34 @@ download-only = true
[make-rss] [make-rss]
recipe = slapos.recipe.template recipe = slapos.recipe.template
url = ${make-rss-script:output} url = ${make-rss-script:output}
output = $${directory:bin}/make-rss.sh output = $${monitor-directory:bin}/make-rss.sh
mode = 0744 mode = 0744
[monitor-htaccess]
recipe = plone.recipe.command
stop-on-error = true
htaccess-path = $${monitor-directory:monitor}/.htaccess
command = ${apache:location}/bin/htpasswd -cb $${:htaccess-path} admin $${zero-parameters:monitor-password}
[monitor-directory-access]
recipe = plone.recipe.command
command = ln -s $${:source} $${monitor-directory:monitor-private-directory}
source =
[cadirectory] [cadirectory]
recipe = slapos.cookbook:mkdirectory recipe = slapos.cookbook:mkdirectory
requests = $${directory:ca-dir}/requests/ requests = $${monitor-directory:ca-dir}/requests/
private = $${directory:ca-dir}/private/ private = $${monitor-directory:ca-dir}/private/
certs = $${directory:ca-dir}/certs/ certs = $${monitor-directory:ca-dir}/certs/
newcerts = $${directory:ca-dir}/newcerts/ newcerts = $${monitor-directory:ca-dir}/newcerts/
crl = $${directory:ca-dir}/crl/ crl = $${monitor-directory:ca-dir}/crl/
[certificate-authority] [certificate-authority]
recipe = slapos.cookbook:certificate_authority recipe = slapos.cookbook:certificate_authority
openssl-binary = ${openssl:location}/bin/openssl openssl-binary = ${openssl:location}/bin/openssl
ca-dir = $${directory:ca-dir} ca-dir = $${monitor-directory:ca-dir}
requests-directory = $${cadirectory:requests} requests-directory = $${cadirectory:requests}
wrapper = $${directory:service}/certificate_authority wrapper = $${monitor-directory:service}/certificate_authority
ca-private = $${cadirectory:private} ca-private = $${cadirectory:private}
ca-certs = $${cadirectory:certs} ca-certs = $${cadirectory:certs}
ca-newcerts = $${cadirectory:newcerts} ca-newcerts = $${cadirectory:newcerts}
...@@ -181,8 +196,8 @@ ca-crl = $${cadirectory:crl} ...@@ -181,8 +196,8 @@ ca-crl = $${cadirectory:crl}
recipe = slapos.cookbook:certificate_authority.request recipe = slapos.cookbook:certificate_authority.request
key-file = $${cadirectory:certs}/httpd.key key-file = $${cadirectory:certs}/httpd.key
cert-file = $${cadirectory:certs}/httpd.crt cert-file = $${cadirectory:certs}/httpd.crt
executable = $${directory:bin}/cgi-httpd executable = $${monitor-directory:bin}/cgi-httpd
wrapper = $${directory:service}/cgi-httpd wrapper = $${monitor-directory:service}/cgi-httpd
# Put domain name # Put domain name
name = example.com name = example.com
...@@ -214,11 +229,18 @@ input = inline: ...@@ -214,11 +229,18 @@ input = inline:
LoadModule unixd_module modules/mod_unixd.so LoadModule unixd_module modules/mod_unixd.so
LoadModule access_compat_module modules/mod_access_compat.so LoadModule access_compat_module modules/mod_access_compat.so
LoadModule authz_core_module modules/mod_authz_core.so LoadModule authz_core_module modules/mod_authz_core.so
LoadModule authn_core_module modules/mod_authn_core.so
LoadModule authz_host_module modules/mod_authz_host.so LoadModule authz_host_module modules/mod_authz_host.so
LoadModule mime_module modules/mod_mime.so LoadModule mime_module modules/mod_mime.so
LoadModule cgid_module modules/mod_cgid.so LoadModule cgid_module modules/mod_cgid.so
LoadModule dir_module modules/mod_dir.so LoadModule dir_module modules/mod_dir.so
LoadModule ssl_module modules/mod_ssl.so LoadModule ssl_module modules/mod_ssl.so
LoadModule alias_module modules/mod_alias.so
LoadModule autoindex_module modules/mod_autoindex.so
LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule authn_file_module modules/mod_authn_file.so
# SSL Configuration # SSL Configuration
<IfDefine !SSLConfigured> <IfDefine !SSLConfigured>
Define SSLConfigured Define SSLConfigured
...@@ -243,14 +265,29 @@ input = inline: ...@@ -243,14 +265,29 @@ input = inline:
AddHandler cgi-script .cgi AddHandler cgi-script .cgi
DirectoryIndex $${deploy-index:filename} DirectoryIndex $${deploy-index:filename}
</Directory> </Directory>
output = $${directory:etc}/cgi-httpd.conf Alias /private/ $${monitor-parameters:private-directory}/
<Directory $${monitor-parameters:private-directory}>
Order Deny,Allow
Deny from env=AUTHREQUIRED
<Files ".??*">
Order Allow,Deny
Deny from all
</Files>
AuthType Basic
AuthName "Private access"
AuthUserFile "$${monitor-parameters:htaccess-file}"
Require valid-user
Options Indexes FollowSymLinks
Satisfy all
</Directory>
output = $${monitor-directory:etc}/cgi-httpd.conf
listening-ip = $${slap-parameters:ipv6-random} listening-ip = $${slap-parameters:ipv6-random}
# XXX: randomize-me # XXX: randomize-me
htdocs = $${directory:www} htdocs = $${monitor-directory:www}
pid-file = $${directory:run}/cgi-httpd.pid pid-file = $${monitor-directory:run}/cgi-httpd.pid
cgid-pid-file = $${directory:run}/cgi-httpd-cgid.pid cgid-pid-file = $${monitor-directory:run}/cgi-httpd-cgid.pid
document-root = $${directory:www} document-root = $${monitor-directory:www}
error-log = $${directory:log}/cgi-httpd-error-log error-log = $${monitor-directory:log}/cgi-httpd-error-log
[cgi-httpd-wrapper] [cgi-httpd-wrapper]
recipe = slapos.cookbook:wrapper recipe = slapos.cookbook:wrapper
...@@ -260,7 +297,7 @@ wrapper-path = $${ca-httpd:executable} ...@@ -260,7 +297,7 @@ wrapper-path = $${ca-httpd:executable}
[monitor-promise] [monitor-promise]
recipe = slapos.cookbook:check_url_available recipe = slapos.cookbook:check_url_available
path = $${directory:promises}/monitor path = $${monitor-directory:promises}/monitor
url = https://[$${cgi-httpd-configuration-file:listening-ip}]:$${monitor-parameters:port}/$${deploy-index:filename} url = https://[$${cgi-httpd-configuration-file:listening-ip}]:$${monitor-parameters:port}/$${deploy-index:filename}
check-secure = 1 check-secure = 1
dash_path = ${dash:location}/bin/dash dash_path = ${dash:location}/bin/dash
......
...@@ -17,6 +17,8 @@ ...@@ -17,6 +17,8 @@
<li><a href="{{ category }}/{{ script }}" class="script">{{ script }}</a></li> <li><a href="{{ category }}/{{ script }}" class="script">{{ script }}</a></li>
{% endfor %} {% endfor %}
{% endfor %} {% endfor %}
<li class="pure-menu-heading category">Files</li>
<li><a href="./private/" class="link"> User: admin</br> Password is yours</a></li>
</ul> </ul>
</div> </div>
</div> </div>
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment