[buildout] extends = {{ template_runner_path }} {{ pbsready_import_template_path }} parts += nginx_conf nginx-launcher certificate-authority ca-nginx certificate-authority-service ca-nginx-service gunicorn-launcher gunicorn-graceful slaprunner-promise slaprunner-supervisord-wrapper runner-sshd-add-authorized-key runner-sshd-graceful runner-sshd-promise runner-sshkeys-authority runner-sshkeys-authority-service runner-sshkeys-sshd runner-sshkeys-sshd-service runtestsuite shellinabox shellinabox-service symlinks slapos-cfg cron-entry-prepare-software deploy-instance-parameters instance-software-type bash-profile supervisord-wrapper importer-consistency-promise software-release-deployment-promise resilient-software-release-information # have to repeat the next one, as it's not inherited from pbsready-import import-on-notification monitor-base [directory] recipe = slapos.cookbook:mkdirectory # XXX - keep srv path with slash at the end. srv = ${:home}/srv/ # For the needs of importer, we run the full slaprunner # In case both exporter and importer (aka main instance and clone instance) # run with the same IP (usually for testing purposes), # run slaprunner using different ports. [proxy-free-port] recipe = slapos.cookbook:free_port minimum = 49990 maximum = 49999 ip = ${slap-network-information:local-ipv4} [runner-free-port] recipe = slapos.cookbook:free_port minimum = 50015 maximum = 50024 ip = ${slap-network-information:global-ipv6} [slaprunner] proxy_port = ${proxy-free-port:port} runner_port = ${runner-free-port:port} [supervisord-free-port] recipe = slapos.cookbook:free_port minimum = 39996 maximum = 40005 ip = ${slaprunner:ipv4} [supervisord] port = ${supervisord-free-port:port} [runner-sshd-port] minimum = 22232 maximum = 22241 # Deactivate the call to prepareSoftware, and let the importer script # handle the build&run of the instance. [cron-entry-prepare-software] recipe = [importer] recipe = slapos.recipe.template:jinja2 template = {{ importer_script_path }} rendered = ${directory:bin}/${slap-parameter:namebase}-importer # backward compatibility for resilient stack wrapper = ${:rendered} mode = 700 restore-exit-code-file = ${directory:srv}/${:restore-exit-code-file-basename} restore-exit-code-file-basename = importer-exit-code-file restore-error-message-file = ${directory:srv}/${:restore-error-message-file-basename} restore-error-message-file-basename = importer-error-message-file resilient-log-basename = resilient.log context = import sys sys import easy_install zc.buildout.easy_install key backend_url slaprunner:access-url key ipv4 slaprunner:ipv4 key ipv6 slaprunner:ipv6 key proxy_port slaprunner:proxy_port key instance_folder slaprunner:instance_root section directory directory section supervisord supervisord raw output_log_file ${directory:log}/${:resilient-log-basename} raw shell_binary {{ bash_executable_location }} raw rsync_binary {{ rsync_executable_location }} raw restore_exit_code_file ${:restore-exit-code-file} raw restore_error_message_file ${:restore-error-message-file} [importer-consistency-bin] # Test that the importer script and "after-import" subscripts # are not older than 2 days (1 day + some slack), and have succeeded recipe = collective.recipe.template input = inline: #!/bin/sh EXIT_CODE_FILE="${importer:restore-exit-code-file}" RECENT_EXIT_CODE_FILE=$(find ${directory:srv} -maxdepth 1 -name "${importer:restore-exit-code-file-basename}" -mtime -2) RESILIENT_LOG_URL=${monitor-publish-parameters:monitor-base-url}/log/${importer:resilient-log-basename} if [ ! -f "$EXIT_CODE_FILE" ]; then exit 0; else if [ -z "$RECENT_EXIT_CODE_FILE" ]; then echo "Consistency check is too old."; exit 1; else if [ -f "${importer:restore-error-message-file}" ]; then cat ${importer:restore-error-message-file} fi echo "More information can be found here : $RESILIENT_LOG_URL"; exit $(cat $EXIT_CODE_FILE); fi fi exit 1; # Something else went wrong output = ${directory:bin}/importer-consistency-promise mode = 755 [importer-consistency-promise] <= monitor-promise-base module = check_command_execute name = importer-consistency-promise.py config-command = ${importer-consistency-promise:output} [software-release-deployment-bin] recipe = collective.recipe.template input = inline: #!/bin/sh PROJECT_FILE=$(find "${directory:etc}" -maxdepth 1 -name .project) if [ -z "$PROJECT_FILE" ]; then exit 0; else INSTALLATION_FILE=$(find "${runnerdirectory:software-root}" -mindepth 2 -maxdepth 2 -name .completed) if [ -n "$INSTALLATION_FILE" ]; then exit 0; else exit 1; fi fi exit 1 output = ${directory:bin}/software-release-deployment-promise mode = 755 [software-release-deployment-promise] <= monitor-promise-base module = check_command_execute name = software-release-deployment-promise.py config-command =${software-release-deployment-bin:output} [resilient-software-release-information] recipe = slapos.recipe.template url = {{ software_release_information_template }} output = ${directory:cgi-bin}/resilient_software_release_information.py resilient-log-url = ${monitor-publish-parameters:monitor-base-url}/log/${importer:resilient-log-basename} mode = 0600 [slap-parameter] auto-deploy-instance = false auto-deploy = true [resilient-publish-connection-parameter] monitor-base-url = ${monitor-publish-parameters:monitor-base-url} monitor-url = ${monitor-publish-parameters:monitor-url} monitor-user = ${monitor-publish-parameters:monitor-user} monitor-password = ${monitor-publish-parameters:monitor-password} [monitor-instance-parameter] monitor-httpd-port = 8360 monitor-title = {{ slapparameter_dict.get('name', 'Webrunner import') }} cors-domains = {{ slapparameter_dict.get('monitor-cors-domains', 'monitor.app.officejs.com') }} {% if slapparameter_dict.get('monitor-username', '') -%} username = {{ slapparameter_dict['monitor-username'] }} {% endif -%} {% if slapparameter_dict.get('monitor-password', '') -%} password = {{ slapparameter_dict['monitor-password'] }} {% endif -%} instance-configuration = raw takeover-url http://[${resilient-web-takeover-httpd-configuration-file:listening-ip}]:${resilient-web-takeover-httpd-configuration-file:listening-port}/ raw takeover-password ${resilient-web-takeover-password:passwd} configuration-file-path = ${buildout:directory}/knowledge0.cfg [monitor-conf-parameters] private-path-list += $${logrotate-directory:logrotate-backup} [post-notification-run] recipe = slapos.cookbook:wrapper command-line = {{ software_release_bin }}/runner-importer-post-notification-run --diff-file ${:diff-file} --proof-signature-file ${:proof-signature-file} --srv-path ${directory:srv} --backup-path ${directory:backup} wrapper-path = ${rootdirectory:bin}/post-notification-run output = ${:wrapper-path} mode = 0700