Commit e6ac66f3 authored by Mayoro Diagne's avatar Mayoro Diagne

Merge branch master into lamp-mayoro

parents 3f76a016 1e81747d
Changes Changes
======= =======
0.40 (Unreleased) 0.46 (Unreleased)
----------------- -----------------
* seleniumrunner initial release. [Cedric de Saint Martin] * No change yet.
0.45 (2012-03-29)
-----------------
* slaprunner: change number of available partitions to 7 [Alain Takoudjou]
0.44 (2012-03-28)
-----------------
* minor: apachephp: update apache configuration to work with Apache2.4
0.43 (2012-03-28)
-----------------
* minor: erp5: add missing .zcml files into egg. [Cedric de Saint Martin]
0.42 (2012-03-26)
-----------------
* erp5: Add web_checker recipe. [Tatuya Kamada]
* erp5: Add generic_varnish recipe. [Tatuya Kamada]
* erp5: Simplify erp5_update to only create the ERP5 site. [Romain Courteaud]
* erp5: Allow to pass CA parameters from section. [Łukasz Nowak]
0.41 (2012-03-21)
-----------------
* Release new "generic" version of KVM, includes frontend.
[Cedric de Saint Martin]
0.40.1 (2012-03-01)
-----------------
* Fix manifest to include files needed for apache. [Cedric de Saint Martin]
0.40 (2012-03-01)
-----------------
* apache_frontend initial release. [Cedric de Saint Martin]
0.39 (2012-02-20) 0.39 (2012-02-20)
----------------- -----------------
...@@ -195,9 +234,10 @@ Changes ...@@ -195,9 +234,10 @@ Changes
----------------- -----------------
* Add PHPMyAdmin software release used in SlapOS tutorials * Add PHPMyAdmin software release used in SlapOS tutorials
[Cedric de Saint Martin] [Cedric de Saint Martin]
* Add slaprunner software release [Cedric de Saint Martin] * Add slaprunner software release [Cedric de Saint Martin]
0.9 (2011-06-24) 0.9 (2011-06-24)
---------------- ----------------
......
include CHANGES.txt include CHANGES.txt
include slapos/recipe/generic_zope/template/site.zcml include slapos/recipe/apache_frontend/template/notfound.html
recursive-include slapos/recipe *.in recursive-include slapos/recipe *.in
recursive-include slapos/recipe *.bin recursive-include slapos/recipe *.bin
recursive-include slapos/recipe README.*.txt recursive-include slapos/recipe README.*.txt
recursive-include slapos/recipe *.js
recursive-include slapos/recipe *.zcml
...@@ -6,7 +6,7 @@ parts = ...@@ -6,7 +6,7 @@ parts =
# Contains libasound # Contains libasound
recipe = hexagonit.recipe.cmmi recipe = hexagonit.recipe.cmmi
url = ftp://ftp.alsa-project.org/pub/lib/alsa-lib-1.0.24.1.tar.bz2 url = ftp://ftp.alsa-project.org/pub/lib/alsa-lib-1.0.24.1.tar.bz2
#md5sum = d55a9d7d2a79d738a1b7a511cffda4b6 md5sum = 7cc05f25e1d5b65da8fb3fdcd540f226
configure-options = configure-options =
--disable-static --disable-static
--disable-aload --disable-aload
...@@ -18,4 +18,4 @@ configure-options = ...@@ -18,4 +18,4 @@ configure-options =
--disable-ucm --disable-ucm
--disable-alisp --disable-alisp
--disable-old-symbols --disable-old-symbols
--disable-python --disable-python
\ No newline at end of file
[buildout] [buildout]
parts = apache-php parts = apache-php
extends = extends =
../apache/buildout.cfg ../apache/buildout.cfg
../bzip2/buildout.cfg
../cclient/buildout.cfg ../cclient/buildout.cfg
../curl/buildout.cfg ../curl/buildout.cfg
../freetype/buildout.cfg ../freetype/buildout.cfg
../gettext/buildout.cfg ../gettext/buildout.cfg
../libiconv/buildout.cfg ../libiconv/buildout.cfg
...@@ -19,13 +20,14 @@ extends = ...@@ -19,13 +20,14 @@ extends =
[apache-php] [apache-php]
# Note: Shall react on each build of apache and reinstall itself # Note: Shall react on each build of apache and reinstall itself
recipe = hexagonit.recipe.cmmi recipe = hexagonit.recipe.cmmi
url = http://fr2.php.net/distributions/php-5.3.8.tar.gz url = http://fr2.php.net/distributions/php-5.3.10.tar.gz
md5sum = f4ce40d5d156ca66a996dbb8a0e7666a md5sum = 2b3d2d0ff22175685978fb6a5cbcdc13
configure-options = configure-options =
--with-apxs2=${apache:location}/bin/apxs --with-apxs2=${apache:location}/bin/apxs
--with-libxml-dir=${libxml2:location} --with-libxml-dir=${libxml2:location}
--with-mysql=${mariadb:location} --with-mysql=${mariadb:location}
--with-zlib-dir=${zlib:location} --with-zlib-dir=${zlib:location}
--with-bz2-dir=${bzip2:location}
--with-mcrypt=${libmcrypt:location} --with-mcrypt=${libmcrypt:location}
--with-gd --with-gd
--with-jpeg-dir=${libjpeg:location} --with-jpeg-dir=${libjpeg:location}
...@@ -37,7 +39,7 @@ configure-options = ...@@ -37,7 +39,7 @@ configure-options =
--with-mysqli=mysqlnd --with-mysqli=mysqlnd
--with-curl=${curl:location} --with-curl=${curl:location}
--with-zip-dir=${zip:location} --with-zip-dir=${zip:location}
--with-imap=${cclient:location} --with-imap=${cclient:location}
--with-iconv-dir=${libiconv:location} --with-iconv-dir=${libiconv:location}
--with-gettext=${gettext:location} --with-gettext=${gettext:location}
--with-ldap=${openldap:location} --with-ldap=${openldap:location}
...@@ -48,12 +50,13 @@ configure-options = ...@@ -48,12 +50,13 @@ configure-options =
--enable-session --enable-session
--enable-exif --enable-exif
--enable-zip --enable-zip
--enable-bz2
--enable-ftp --enable-ftp
environment = environment =
PKG_CONFIG_PATH=${libxml2:location}/lib/pkgconfig:${openssl:location}/lib/pkgconfig PKG_CONFIG_PATH=${libxml2:location}/lib/pkgconfig:${openssl:location}/lib/pkgconfig
PATH=${pkgconfig:location}/bin:${libxml2:location}/bin:%(PATH)s PATH=${pkgconfig:location}/bin:${bzip2:location}/bin:${libxml2:location}/bin:%(PATH)s
LDFLAGS =-L${libtool:location}/lib -Wl,-rpath -Wl,${libtool:location}/lib -L${mariadb:location}/lib -Wl,-rpath -Wl,${mariadb:location}/lib -L${zlib:location}/lib -Wl,-rpath -Wl,${zlib:location}/lib -L${libmcrypt:location}/lib -Wl,-rpath -Wl,${libmcrypt:location}/libblkid LDFLAGS =-L${bzip2:location}/lib -Wl,-rpath -Wl,${bzip2:location}/lib -L${libtool:location}/lib -Wl,-rpath -Wl,${libtool:location}/lib -L${mariadb:location}/lib -Wl,-rpath -Wl,${mariadb:location}/lib -L${zlib:location}/lib -Wl,-rpath -Wl,${zlib:location}/lib -L${libmcrypt:location}/lib -Wl,-rpath -Wl,${libmcrypt:location}/libblkid
[libmcrypt] [libmcrypt]
...@@ -64,4 +67,4 @@ md5sum = c4f491dd411a09e9de3b8702ea6f73eb ...@@ -64,4 +67,4 @@ md5sum = c4f491dd411a09e9de3b8702ea6f73eb
[xml-rpc] [xml-rpc]
recipe = hexagonit.recipe.cmmi recipe = hexagonit.recipe.cmmi
url = http://downloads.sourceforge.net/project/phpxmlrpc/phpxmlrpc/2.2.2/xmlrpc-2.2.2.tar.gz url = http://downloads.sourceforge.net/project/phpxmlrpc/phpxmlrpc/2.2.2/xmlrpc-2.2.2.tar.gz
md5sum = 59a644c636c6d98267d0c99b406ae9e8 md5sum = 59a644c636c6d98267d0c99b406ae9e8
\ No newline at end of file
...@@ -13,24 +13,30 @@ extends = ...@@ -13,24 +13,30 @@ extends =
../sqlite3/buildout.cfg ../sqlite3/buildout.cfg
../zlib/buildout.cfg ../zlib/buildout.cfg
[apache-CVE-2011-3368.patch] [apr]
recipe = hexagonit.recipe.download recipe = hexagonit.recipe.download
md5sum = 1ad598213480ddfc239ce6359b7b2c0b version = 1.4.6
url = http://www.apache.org/dist/httpd/patches/apply_to_2.2.21/CVE-2011-3368.patch url = http://mir2.ovh.net/ftp.apache.org/dist/apr/apr-${:version}.tar.bz2
filename = ${:_buildout_section_name_} md5sum = ffee70a111fd07372982b0550bbb14b7
download-only = true
[apr-util]
recipe = hexagonit.recipe.download
version = 1.4.1
url = http://mir2.ovh.net/ftp.apache.org/dist/apr/apr-util-${:version}.tar.bz2
md5sum = 52b31b33fb1aa16e65ddaefc76e41151
[apache] [apache]
# inspired on http://old.aclark.net/team/aclark/blog/a-lamp-buildout-for-wordpress-and-other-php-apps/ # inspired on http://old.aclark.net/team/aclark/blog/a-lamp-buildout-for-wordpress-and-other-php-apps/
recipe = hexagonit.recipe.cmmi recipe = hexagonit.recipe.cmmi
depends = depends =
${gdbm:version} ${gdbm:version}
url = http://mir2.ovh.net/ftp.apache.org/dist//httpd/httpd-2.2.21.tar.bz2 version = 2.4.1
md5sum = 1696ae62cd879ab1d4dd9ff021a470f2 revision = 1
patches = url = http://mir2.ovh.net/ftp.apache.org/dist/httpd/httpd-${:version}.tar.bz2
${apache-CVE-2011-3368.patch:location}/${apache-CVE-2011-3368.patch:filename} md5sum = 7d3001c7a26b985d17caa367a868f11c
patch-options = -p1 configure-command = cp -ar ${apr:location}/apr-${apr:version} srclib/apr/; cp -ar ${apr-util:location}/apr-util-${apr-util:version} srclib/apr-util; ./configure
configure-options = --disable-static configure-options = --prefix=${buildout:parts-directory}/${:_buildout_section_name_}
--disable-static
--enable-authn-alias --enable-authn-alias
--enable-bucketeer --enable-bucketeer
--enable-cache --enable-cache
...@@ -57,6 +63,7 @@ configure-options = --disable-static ...@@ -57,6 +63,7 @@ configure-options = --disable-static
--enable-dav-fs --enable-dav-fs
--enable-so --enable-so
--enable-ssl --enable-ssl
--disable-lua
--with-included-apr --with-included-apr
--with-ssl=${openssl:location} --with-ssl=${openssl:location}
--with-z=${zlib:location} --with-z=${zlib:location}
...@@ -82,11 +89,27 @@ environment = ...@@ -82,11 +89,27 @@ environment =
CPPFLAGS =-I${libuuid:location}/include CPPFLAGS =-I${libuuid:location}/include
LDFLAGS =-Wl,-rpath=${zlib:location}/lib -Wl,-rpath=${openssl:location}/lib -L${libuuid:location}/lib -Wl,-rpath=${libuuid:location}/lib -Wl,-rpath=${libexpat:location}/lib -Wl,-rpath=${pcre:location}/lib -Wl,-rpath=${sqlite3:location}/lib -Wl,-rpath=${gdbm:location}/lib LDFLAGS =-Wl,-rpath=${zlib:location}/lib -Wl,-rpath=${openssl:location}/lib -L${libuuid:location}/lib -Wl,-rpath=${libuuid:location}/lib -Wl,-rpath=${libexpat:location}/lib -Wl,-rpath=${pcre:location}/lib -Wl,-rpath=${sqlite3:location}/lib -Wl,-rpath=${gdbm:location}/lib
[mod_antiloris-apache-2.4.patch]
# http://www.apachelounge.com/viewtopic.php?p=19139
# http://www.apachelounge.com/viewtopic.php?p=20551
recipe = hexagonit.recipe.download
url =${:_profile_base_location_}/${:filename}
filename = mod_antiloris-apache-2.4.patch
download-only = true
md5sum = 4f074f035d3b37f3f3e71cd9616440f3
[apache-antiloris] [apache-antiloris]
# Note: Shall react on each build of apache and reinstall itself # Note: Shall react on each build of apache and reinstall itself
recipe = hexagonit.recipe.cmmi recipe = hexagonit.recipe.cmmi
url = http://sourceforge.net/projects/mod-antiloris/files/mod_antiloris-0.4.tar.bz2/download url = http://sourceforge.net/projects/mod-antiloris/files/mod_antiloris-0.4.tar.bz2/download
md5sum = 66862bf10e9be3a023e475604a28a0b4 md5sum = 66862bf10e9be3a023e475604a28a0b4
patch-options = -p0
patches =
${mod_antiloris-apache-2.4.patch:location}/${mod_antiloris-apache-2.4.patch:filename}
depends =
${apache:version}
${apache:revision}
${mod_antiloris-apache-2.4.patch:md5sum}
configure-command = ${apache:location}/bin/apxs configure-command = ${apache:location}/bin/apxs
configure-options = -c mod_antiloris.c configure-options = -c mod_antiloris.c
make-binary = ${:configure-command} make-binary = ${:configure-command}
......
--- mod_antiloris.c.orig 2009-07-28 15:27:42.000000000 +0200
+++ mod_antiloris.c 2012-03-06 11:05:50.167576066 +0100
@@ -1,5 +1,5 @@
/*
- mod_antiloris 0.2
+ mod_antiloris 0.5
Copyright (C) 2008 Monshouwer Internet Diensten
Author: Kees Monshouwer
@@ -22,11 +22,16 @@
#include "http_connection.h"
#include "http_log.h"
#include "ap_mpm.h"
+#include "ap_release.h"
#include "apr_strings.h"
#include "scoreboard.h"
#define MODULE_NAME "mod_antiloris"
-#define MODULE_VERSION "0.4"
+#define MODULE_VERSION "0.5.1"
+
+#ifdef APLOG_USE_MODULE
+APLOG_USE_MODULE(antiloris);
+#endif
module AP_MODULE_DECLARE_DATA antiloris_module;
@@ -58,6 +63,8 @@
/* Parse the IPReadLimit directive */
static const char *ipreadlimit_config_cmd(cmd_parms *parms, void *mconfig, const char *arg)
{
+ signed long int limit;
+
antiloris_config *conf = ap_get_module_config(parms->server->module_config, &antiloris_module);
const char *err = ap_check_cmd_context (parms, GLOBAL_ONLY);
@@ -65,7 +72,7 @@
return err;
}
- signed long int limit = strtol(arg, (char **) NULL, 10);
+ limit = strtol(arg, (char **) NULL, 10);
/* No reasonable person would want more than 2^16. Better would be
to use LONG_MAX but that causes portability problems on win32 */
@@ -80,7 +87,7 @@
/* Array describing structure of configuration directives */
static command_rec antiloris_cmds[] = {
- AP_INIT_TAKE1("IPReadLimit", ipreadlimit_config_cmd, NULL, RSRC_CONF, "Maximum simultaneous connections in READ state per IP address"),
+ AP_INIT_TAKE1("IPReadLimit", ipreadlimit_config_cmd, NULL, RSRC_CONF, "Maximum simultaneous connections per IP address"),
{NULL}
};
@@ -103,12 +110,15 @@
ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, NULL, MODULE_NAME " " MODULE_VERSION " started");
ap_mpm_query(AP_MPMQ_HARD_LIMIT_THREADS, &thread_limit);
ap_mpm_query(AP_MPMQ_HARD_LIMIT_DAEMONS, &server_limit);
+ ap_add_version_component(p, MODULE_NAME "/" MODULE_VERSION);
return OK;
}
static int pre_connection(conn_rec *c)
{
+ char *client_ip;
+
antiloris_config *conf = ap_get_module_config (c->base_server->module_config, &antiloris_module);
sb_handle *sbh = c->sbh;
@@ -123,16 +133,26 @@
worker_score *ws_record;
ws_record = &ap_scoreboard_image->servers[sbh->child_num][sbh->thread_num];
- apr_cpystrn(ws_record->client, c->remote_ip, sizeof(ws_record->client));
+ apr_cpystrn(ws_record->client, c->client_ip, sizeof(ws_record->client));
- char *client_ip = ws_record->client;
+ client_ip = ws_record->client;
/* Count up the number of connections we are handling right now from this IP address */
for (i = 0; i < server_limit; ++i) {
for (j = 0; j < thread_limit; ++j) {
- ws_record = ap_get_scoreboard_worker(i, j);
+#if AP_SERVER_MAJORVERSION_NUMBER == 2 && AP_SERVER_MINORVERSION_NUMBER > 2
+ ws_record = ap_get_scoreboard_worker_from_indexes(i, j);
+#else
+ ws_record = ap_get_scoreboard_worker(i, j);
+#endif
switch (ws_record->status) {
case SERVER_BUSY_READ:
+ case SERVER_BUSY_WRITE:
+ case SERVER_BUSY_KEEPALIVE:
+ case SERVER_BUSY_DNS:
+ case SERVER_BUSY_LOG:
+ case SERVER_CLOSING:
+ case SERVER_GRACEFUL:
if (strcmp(client_ip, ws_record->client) == 0)
ip_count++;
break;
@@ -143,7 +163,7 @@
}
if (ip_count > conf->limit) {
- ap_log_error(APLOG_MARK, APLOG_WARNING, 0, NULL, "Rejected, too many connections in READ state from %s", c->remote_ip);
+ ap_log_error(APLOG_MARK, APLOG_WARNING, 0, NULL, "[client %s] Antiloris rejected, too many connections", c->client_ip);
return OK;
} else {
return DECLINED;
@@ -151,17 +171,10 @@
}
-static void child_init (apr_pool_t *p, server_rec *s)
-{
- ap_add_version_component(p, MODULE_NAME "/" MODULE_VERSION);
-}
-
-
static void register_hooks(apr_pool_t *p)
{
ap_hook_post_config(post_config, NULL, NULL, APR_HOOK_MIDDLE);
ap_hook_process_connection(pre_connection, NULL, NULL, APR_HOOK_FIRST);
- ap_hook_child_init(child_init, NULL, NULL, APR_HOOK_MIDDLE);
}
module AP_MODULE_DECLARE_DATA antiloris_module = {
[buildout]
parts =
aspell
extends =
../ncurses/buildout.cfg
[aspell]
recipe = hexagonit.recipe.cmmi
url = http://ftp.gnu.org/gnu/aspell/aspell-0.60.6.1.tar.gz
md5sum = e66a9c9af6a60dc46134fdacf6ce97d7
...@@ -7,7 +7,7 @@ parts = ...@@ -7,7 +7,7 @@ parts =
[automake-1.11] [automake-1.11]
recipe = hexagonit.recipe.cmmi recipe = hexagonit.recipe.cmmi
md5sum = c2972c4d9b3e29c03d5f2af86249876f md5sum = 93ecb319f0365cb801990b00f658d026
url = http://ftp.gnu.org/gnu/automake/automake-1.11.1.tar.bz2 url = http://ftp.gnu.org/gnu/automake/automake-1.11.3.tar.gz
environment = environment =
PATH =${autoconf:location}/bin:${perl:location}/bin:%(PATH)s PATH =${autoconf:location}/bin:${perl:location}/bin:%(PATH)s
[buildout]
parts =
binutils
[binutils]
recipe = hexagonit.recipe.cmmi
url = http://ftp.gnu.org/gnu/binutils/binutils-2.21.1.tar.bz2
md5sum = bde820eac53fa3a8d8696667418557ad
...@@ -14,7 +14,7 @@ download-only = true ...@@ -14,7 +14,7 @@ download-only = true
[ca-certificates] [ca-certificates]
recipe = hexagonit.recipe.cmmi recipe = hexagonit.recipe.cmmi
version = 20111211 version = 20120212
url = ftp://ftp.free.fr/mirrors/ftp.debian.org/pool/main/c/ca-certificates/ca-certificates_${:version}.tar.gz url = ftp://ftp.free.fr/mirrors/ftp.debian.org/pool/main/c/ca-certificates/ca-certificates_${:version}.tar.gz
patches = patches =
${ca-certificates-sbin-dir.patch:location}/${ca-certificates-sbin-dir.patch:filename} ${ca-certificates-sbin-dir.patch:location}/${ca-certificates-sbin-dir.patch:filename}
......
[buildout]
extends =
../dcron/buildout.cfg
../libxml2/buildout.cfg
../logrotate/buildout.cfg
../rdiff-backup/buildout.cfg
../nodejs/buildout.cfg
parts =
nodejs
npm
cloud9
[cloud9]
<= cloud9-git
[cloud9-git]
# Online IDE written in javascript/node.js
# URL : c9.io
# You can use it using the following command :
# NODE_PATH=${:destination}/node_modules ${nodejs:node_location} ${:cloud9_js_location}
recipe = plone.recipe.command
stop-on-error = true
commit = 97db1467c517d265438684bd2a70b0b76ee282f6
repository = https://github.com/ajaxorg/cloud9.git
location = ${buildout:parts-directory}/${:_buildout_section_name_}
git-binary = ${git:location}/bin/git
npm-binary = ${nodejs-0.4:location}/bin/node ${npm:location}/bin/npm
command = export GIT_SSL_NO_VERIFY=true; (${:git-binary} clone --quiet ${:repository} ${:location} && cd ${:location} && ${:git-binary} reset --hard ${:commit} && ${:git-binary} submodule update --init && cd support/jsdav && PATH=${nodejs-0.4:location}/bin:$PATH LDFLAGS=-L${libxml2:location}/lib ${:npm-binary} install) || (rm -fr ${:location}; exit 1)
update-command =
[cloud9-npm]
# Online IDE written in javascript/node.js
# URL : c9.io
# You can use it using the following command :
# NODE_PATH=${:destination}/node_modules ${nodejs:node_location} ${:cloud9_js_location}
recipe = slapos.recipe.npm
# Node part has to be specified, otherwise system node is used.
node = nodejs-0.6
# List of packages to install
packages =
cloud9
# Specify environment jsDAV (dependency of cloud9) needs libxml2
environment =
LDFLAGS=-L${libxml2:location}/lib -Wl,-rpath=${libxml2:location}/lib
[buildout] [buildout]
software_home = ${:directory}
extends = extends =
../profiles/versions-common.cfg
../profiles/software-definition.cfg
../profiles/common.cfg
../xpdf/buildout.cfg
../imagemagick/buildout.cfg
../file/buildout.cfg
../pdftk/buildout.cfg
../ffmpeg/buildout.cfg
../python-2.6/buildout.cfg
../libreoffice-bin/buildout.cfg
../lxml-python/buildout.cfg ../lxml-python/buildout.cfg
python = software_definition
versions = versions
parts = parts =
instance_template
cloudooo cloudooo
imagemagick
instance-egg
libreoffice-bin
file
xpdf
pdftk
ffmpeg
python2.6
bootstrap2.6
cloudooo-packages = sources = sources
cloudooo.handler.ooo
cloudooo.handler.pdf
cloudooo.handler.ffmpeg
cloudooo.handler.imagemagick
cloudooo
[sources]
# Include information related to official cloudooo source code.
cloudooo = git http://git.erp5.org/repos/cloudooo.git
[instance-egg] [lxml-python]
recipe = zc.recipe.egg
python = python2.6 python = python2.6
eggs =
erp5.recipe.cloudoooinstance
z3c.recipe.mkdir
${buildout:cloudooo-packages}
[cloudooo] [cloudooo]
recipe = zc.recipe.egg recipe = zc.recipe.egg
python = python2.6 python = python2.6
interpreter = pycloudoo
scripts =
eggs = eggs =
${lxml-python:egg} ${lxml-python:egg}
collective.recipe.supervisor cloudooo
plone.recipe.command PasteScript
erp5.extension.sectionextender scripts =
supervisor paster=cloudooo_paster
${buildout:cloudooo-packages}
[software_definition]
software_home = ${buildout:directory}
executable = ${python2.6:executable}
...@@ -8,8 +8,8 @@ extends = ...@@ -8,8 +8,8 @@ extends =
[file] [file]
recipe = hexagonit.recipe.cmmi recipe = hexagonit.recipe.cmmi
url = ftp://ftp.astron.com/pub/file/file-5.10.tar.gz url = ftp://ftp.astron.com/pub/file/file-5.11.tar.gz
md5sum = 4cea34b087b060772511e066e2038196 md5sum = 16a407bd66d6c7a832f3a5c0d609c27b
configure-options = configure-options =
--disable-static --disable-static
environment = environment =
......
...@@ -20,8 +20,8 @@ depends = ...@@ -20,8 +20,8 @@ depends =
${liberation-fonts:location} ${liberation-fonts:location}
${ipaex-fonts:location} ${ipaex-fonts:location}
x86 = http://releases.mozilla.org/pub/mozilla.org/firefox/releases/7.0.1/linux-i686/fr/firefox-7.0.1.tar.bz2 42c2559892f26ed2a0563faaf693a00f x86 = http://releases.mozilla.org/pub/mozilla.org/firefox/releases/11.0/linux-i686/fr/firefox-11.0.tar.bz2 a7e9c614ddac993476ef771afaedf568
x86-64 = http://releases.mozilla.org/pub/mozilla.org/firefox/releases/7.0.1/linux-x86_64/en-US/firefox-7.0.1.tar.bz2 20d6c8e3dfc97d08d1dec7d0479f924f x86-64 = http://releases.mozilla.org/pub/mozilla.org/firefox/releases/11.0/linux-x86_64/fr/firefox-11.0.tar.bz2 b358865c08145211314a62660e871614
script = script =
if not self.options.get('url'): self.options['url'], self.options['md5sum'] = self.options[guessPlatform()].split(' ') if not self.options.get('url'): self.options['url'], self.options['md5sum'] = self.options[guessPlatform()].split(' ')
......
...@@ -4,6 +4,7 @@ extends = ...@@ -4,6 +4,7 @@ extends =
../freetype/buildout.cfg ../freetype/buildout.cfg
../libxml2/buildout.cfg ../libxml2/buildout.cfg
../pkgconfig/buildout.cfg ../pkgconfig/buildout.cfg
../bzip2/buildout.cfg
../zlib/buildout.cfg ../zlib/buildout.cfg
parts = parts =
...@@ -23,5 +24,5 @@ configure-options = ...@@ -23,5 +24,5 @@ configure-options =
environment = environment =
PATH=${pkgconfig:location}/bin:%(PATH)s PATH=${pkgconfig:location}/bin:%(PATH)s
PKG_CONFIG_PATH=${libxml2:location}/lib/pkgconfig PKG_CONFIG_PATH=${libxml2:location}/lib/pkgconfig
CPPFLAGS=-I${zlib:location}/include CPPFLAGS=-I${zlib:location}/include -I${bzip2:location}/include
LDFLAGS=-L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib LDFLAGS=-L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib -L${bzip2:location}/lib -Wl,-rpath=${bzip2:location}/lib
...@@ -3,6 +3,7 @@ ...@@ -3,6 +3,7 @@
[buildout] [buildout]
extends = extends =
../bzip2/buildout.cfg
../zlib/buildout.cfg ../zlib/buildout.cfg
parts = parts =
...@@ -10,10 +11,10 @@ parts = ...@@ -10,10 +11,10 @@ parts =
[freetype] [freetype]
recipe = hexagonit.recipe.cmmi recipe = hexagonit.recipe.cmmi
url = http://download.savannah.gnu.org/releases/freetype/freetype-2.4.8.tar.bz2 url = http://download.savannah.gnu.org/releases/freetype/freetype-2.4.9.tar.bz2
md5sum = dbf2caca1d3afd410a29217a9809d397 md5sum = 77a893dae81fd5b896632715ca041179
configure-options = configure-options =
--disable-static --disable-static
environment = environment =
CPPFLAGS=-I${zlib:location}/include CPPFLAGS=-I${bzip2:location}/include -I${zlib:location}/include
LDFLAGS=-L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib LDFLAGS=-L${bzip2:location}/lib -Wl,-rpath=${bzip2:location}/lib -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib
...@@ -20,6 +20,7 @@ configure-options = ...@@ -20,6 +20,7 @@ configure-options =
--without-emacs --without-emacs
--disable-acl --disable-acl
--disable-openmp --disable-openmp
--without-git
environment = environment =
CPPFLAGS=-I${libxml2:location}/include -I${zlib:location}/include -I${ncurses:location}/include CPPFLAGS=-I${libxml2:location}/include -I${zlib:location}/include -I${ncurses:location}/include
......
...@@ -9,24 +9,25 @@ parts = ghostscript ...@@ -9,24 +9,25 @@ parts = ghostscript
[ghostscript-common] [ghostscript-common]
recipe = hexagonit.recipe.cmmi recipe = hexagonit.recipe.cmmi
depends =
${libtiff:version}
configure-options = configure-options =
--disable-cups --disable-cups
--disable-cairo --with-system-libtiff
--without-x --without-x
--with-drivers=FILES --with-drivers=FILES
# it seems that parallel build sometimes fails for ghostscript. # it seems that parallel build sometimes fails for ghostscript.
make-options = -j1 make-options = -j1
environment = environment =
PATH=${pkgconfig:location}/bin:%(PATH)s PATH=${pkgconfig:location}/bin:%(PATH)s
PKG_CONFIG_PATH=${fontconfig:location}/lib/pkgconfig PKG_CONFIG_PATH=${fontconfig:location}/lib/pkgconfig:${libtiff:location}/lib/pkgconfig
CPPFLAGS=-I${libtiff:location}/include LDFLAGS=-Wl,-rpath=${fontconfig:location}/lib -L${libjpeg:location}/lib -Wl,-rpath=${libjpeg:location}/lib -Wl,-rpath=${libtiff:location}/lib
LDFLAGS=-Wl,-rpath=${fontconfig:location}/lib -L${libjpeg:location}/lib -Wl,-rpath=${libjpeg:location}/lib -L${libtiff:location}/lib -Wl,-rpath=${libtiff:location}/lib LD_LIBRARY_PATH=${fontconfig:location}/lib:${libtiff:location}/lib
LD_LIBRARY_PATH=${fontconfig:location}/lib
[ghostscript] [ghostscript]
<= ghostscript-9 <= ghostscript-9
[ghostscript-9] [ghostscript-9]
<= ghostscript-common <= ghostscript-common
url = http://downloads.ghostscript.com/public/ghostscript-9.04.tar.bz2 url = http://downloads.ghostscript.com/public/ghostscript-9.05.tar.bz2
md5sum = 9f6899e821ab6d78ab2c856f10fa3023 md5sum = 8bcef1f33ddf8a4d12b2cf8da385c191
...@@ -13,8 +13,8 @@ parts = ...@@ -13,8 +13,8 @@ parts =
[git] [git]
recipe = hexagonit.recipe.cmmi recipe = hexagonit.recipe.cmmi
url = http://git-core.googlecode.com/files/git-1.7.8.3.tar.gz url = http://git-core.googlecode.com/files/git-1.7.8.4.tar.gz
md5sum = 7a4bc5160166537d4da5eb48a7670dff md5sum = e6c3319d76d52a830af395046fc56143
configure-options = configure-options =
--with-curl=${curl:location} --with-curl=${curl:location}
--with-openssl=${openssl:location} --with-openssl=${openssl:location}
......
...@@ -5,6 +5,7 @@ ...@@ -5,6 +5,7 @@
parts = parts =
graphviz graphviz
extends = extends =
../bzip2/buildout.cfg
../fontconfig/buildout.cfg ../fontconfig/buildout.cfg
../freetype/buildout.cfg ../freetype/buildout.cfg
../libpng/buildout.cfg ../libpng/buildout.cfg
...@@ -50,5 +51,5 @@ configure-options = ...@@ -50,5 +51,5 @@ configure-options =
environment = environment =
PATH=${pkgconfig:location}/bin:%(PATH)s PATH=${pkgconfig:location}/bin:%(PATH)s
PKG_CONFIG_PATH=${fontconfig:location}/lib/pkgconfig:${freetype:location}/lib/pkgconfig PKG_CONFIG_PATH=${fontconfig:location}/lib/pkgconfig:${freetype:location}/lib/pkgconfig
CPPFLAGS=-I${zlib:location}/include CPPFLAGS=-I${bzip2:location}/include -I${zlib:location}/include
LDFLAGS=-L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib LDFLAGS=-L${bzip2:location}/lib -Wl,-rpath=${bzip2:location}/lib -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib
...@@ -7,10 +7,11 @@ parts = ...@@ -7,10 +7,11 @@ parts =
[groonga] [groonga]
recipe = hexagonit.recipe.cmmi recipe = hexagonit.recipe.cmmi
url = http://packages.groonga.org/source/groonga/groonga-1.2.9.tar.gz url = http://packages.groonga.org/source/groonga/groonga-2.0.0.tar.gz
md5sum = 47117baa401a3db08362e00f94fced12 md5sum = 09e6a34db15cf42b6a3aff07e0f841ff
configure-options = configure-options =
--disable-static --disable-static
--disable-glibtest --disable-glibtest
--disable-benchmark --disable-benchmark
--disable-document
--without-mecab --without-mecab
...@@ -10,6 +10,6 @@ configure-command = true ...@@ -10,6 +10,6 @@ configure-command = true
# otherwise use "generic". # otherwise use "generic".
# For ARCH value, x86_64 and i[3456]86 are supported. # For ARCH value, x86_64 and i[3456]86 are supported.
make-options = make-options =
TARGET="$(uname -sr 2>/dev/null|grep -q '^Linux 2\.6' && echo linux26 || echo generic)" TARGET="$(uname -sr 2>/dev/null|grep -Eq '^Linux (2\.6|3)' && echo linux26 || echo generic)"
ARCH="$(uname -m 2>/dev/null|grep -E '^(x86_64|i[3456]86)$')" ARCH="$(uname -m 2>/dev/null|grep -E '^(x86_64|i[3456]86)$')"
PREFIX=${buildout:parts-directory}/${:_buildout_section_name_} PREFIX=${buildout:parts-directory}/${:_buildout_section_name_}
...@@ -27,8 +27,10 @@ filename = imagemagick-6.6.6-1-no-gsx-gsc-probe.patch ...@@ -27,8 +27,10 @@ filename = imagemagick-6.6.6-1-no-gsx-gsc-probe.patch
[imagemagick] [imagemagick]
recipe = hexagonit.recipe.cmmi recipe = hexagonit.recipe.cmmi
url = ftp://ftp.imagemagick.org/pub/ImageMagick/ImageMagick-6.7.3-10.tar.bz2 url = ftp://ftp.imagemagick.org/pub/ImageMagick/ImageMagick-6.7.5-10.tar.bz2
md5sum = 3c1d1a04b1ed2998217e16001b58069f md5sum = 99bc7ec1e756fa75f1af6150df3d1383
depends =
${libtiff:version}
configure-options = configure-options =
--disable-static --disable-static
--without-x --without-x
......
...@@ -29,8 +29,8 @@ slapos_promisee = ...@@ -29,8 +29,8 @@ slapos_promisee =
directory:javaws directory:javaws
file:lib/rt.jar file:lib/rt.jar
file:bin/java file:bin/java
x86 = http://javadl.sun.com/webapps/download/AutoDL?BundleId=52240 0bd27d325c5ce11ce863d982ad052f7f x86 = http://download.oracle.com/otn-pub/java/jdk/6u30-b12/jre-6u30-linux-i586.bin 3e80243483bc825c34ae01a4373cce5f
x86-64 = http://javadl.sun.com/webapps/download/AutoDL?BundleId=52242 a4d929bc4d6511290c07c3745477b77b x86-64 = http://download.oracle.com/otn-pub/java/jdk/6u30-b12/jre-6u30-linux-x64.bin a4d28c49251d6b9c2d300b3d61f1ce95
script = script =
if not self.options.get('url'): self.options['url'], self.options['md5sum'] = self.options[guessPlatform()].split(' ') if not self.options.get('url'): self.options['url'], self.options['md5sum'] = self.options[guessPlatform()].split(' ')
download_file = self.download(self.options['url'], self.options.get('md5sum')) download_file = self.download(self.options['url'], self.options.get('md5sum'))
...@@ -43,7 +43,7 @@ script = ...@@ -43,7 +43,7 @@ script =
subprocess.call([auto_extract_bin]) subprocess.call([auto_extract_bin])
self.cleanup_dir_list.append(extract_dir) self.cleanup_dir_list.append(extract_dir)
workdir = guessworkdir(extract_dir) workdir = guessworkdir(extract_dir)
self.copyTree(os.path.join(workdir, "jre1.6.0_27"), "%(location)s") self.copyTree(os.path.join(workdir, "jre1.6.0_30"), "%(location)s")
[java-sdk-1.6.0] [java-sdk-1.6.0]
recipe = slapos.recipe.build recipe = slapos.recipe.build
......
...@@ -4,7 +4,7 @@ parts = ...@@ -4,7 +4,7 @@ parts =
[libjpeg] [libjpeg]
recipe = hexagonit.recipe.cmmi recipe = hexagonit.recipe.cmmi
url = http://www.ijg.org/files/jpegsrc.v8b.tar.gz url = http://www.ijg.org/files/jpegsrc.v8d.tar.gz
md5sum = e022acbc5b36cd2cb70785f5b575661e md5sum = 52654eb3b2e60c35731ea8fc87f1bd29
configure-options = configure-options =
--disable-static --disable-static
...@@ -3,6 +3,7 @@ extends = ...@@ -3,6 +3,7 @@ extends =
../zlib/buildout.cfg ../zlib/buildout.cfg
parts = parts =
libpng12
libpng libpng
[libpng-common] [libpng-common]
...@@ -13,7 +14,12 @@ environment = ...@@ -13,7 +14,12 @@ environment =
CPPFLAGS =-I${zlib:location}/include CPPFLAGS =-I${zlib:location}/include
LDFLAGS =-L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib LDFLAGS =-L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib
[libpng12]
<= libpng-common
url = http://download.sourceforge.net/libpng/libpng-1.2.47.tar.bz2
md5sum = 4389dab9fcd2f9d57ac14701b9115f59
[libpng] [libpng]
<= libpng-common <= libpng-common
url = http://download.sourceforge.net/libpng/libpng-1.5.5.tar.bz2 url = http://download.sourceforge.net/libpng/libpng-1.5.9.tar.bz2
md5sum = 3270bf2990c3174ae939388398de751e md5sum = 684ba5f05da436a99c6303a83c7856d6
...@@ -12,15 +12,15 @@ find-links = ...@@ -12,15 +12,15 @@ find-links =
[libreoffice-bin] [libreoffice-bin]
recipe = slapos.recipe.build recipe = slapos.recipe.build
# here, two %s are used, first one is for directory name (eg. x86_64), and second one is for filename (eg. x86-64). # here, two %s are used, first one is for directory name (eg. x86_64), and second one is for filename (eg. x86-64).
version = 3.4.5 version = 3.5.1
url = http://download.documentfoundation.org/libreoffice/stable/${:version}/rpm/%s/LibO_${:version}_Linux_%s_install-rpm_en-US.tar.gz url = http://download.documentfoundation.org/libreoffice/stable/${:version}/rpm/%s/LibO_${:version}_Linux_%s_install-rpm_en-US.tar.gz
# supported architectures md5sums # supported architectures md5sums
md5sum_x86 = 34786e6aa570782abac551ab092f3fb3 md5sum_x86 = ee46fdafb8361b8e131994508c2723b3
md5sum_x86-64 = 2159a50daab707c02b669a83f635ff0c md5sum_x86-64 = ddda58719358e5c97ca5d1c118646574
# where office code can be found? # where office code can be found?
officedir = libreoffice3.4 officedir = libreoffice3.5
# script to install # script to install
script = script =
...@@ -38,7 +38,11 @@ script = ...@@ -38,7 +38,11 @@ script =
rpmsdir = os.path.join(workdir, [q for q in os.listdir(workdir) if q == 'RPMS'][0]) rpmsdir = os.path.join(workdir, [q for q in os.listdir(workdir) if q == 'RPMS'][0])
rpmlist = [os.path.join(rpmsdir, q) for q in os.listdir(rpmsdir) if q.endswith('.rpm') and 'javafilter' not in q and 'xsltfilter' not in q] rpmlist = [os.path.join(rpmsdir, q) for q in os.listdir(rpmsdir) if q.endswith('.rpm') and 'javafilter' not in q and 'xsltfilter' not in q]
[self.pipeCommand([[sys.executable, '${:rpm2cpio}', rpm], ['${:cpio}', '-idum']], cwd=storagedir) for rpm in rpmlist] [self.pipeCommand([[sys.executable, '${:rpm2cpio}', rpm], ['${:cpio}', '-idum']], cwd=storagedir) for rpm in rpmlist]
self.copyTree(os.path.join(storagedir, 'opt', '${:officedir}'), location, ['basis3.4', 'ure']) self.copyTree(os.path.join(storagedir, 'opt', '${:officedir}'), location, ['ure-link'])
os.symlink('ure', os.path.join(location, 'ure-link'))
# backward compatibility for cloudooo configuration
os.mkdir(os.path.join(location, 'basis-link'))
os.symlink(os.path.join('..', 'program'), os.path.join(location, 'basis-link', 'program'))
# helper binaries # helper binaries
cpio = ${cpio:location}/bin/cpio cpio = ${cpio:location}/bin/cpio
......
...@@ -9,10 +9,11 @@ parts = ...@@ -9,10 +9,11 @@ parts =
[libtiff] [libtiff]
recipe = hexagonit.recipe.cmmi recipe = hexagonit.recipe.cmmi
#url = http://download.osgeo.org/libtiff/tiff-3.9.5.tar.gz version = 4.0.1
#url = http://download.osgeo.org/libtiff/tiff-${:version}.tar.gz
# server is down - circumvent # server is down - circumvent
url = http://www.imagemagick.org/download/delegates/tiff-3.9.5.tar.gz url = http://www.imagemagick.org/download/delegates/tiff-${:version}.tar.gz
md5sum = 8fc7ce3b4e1d0cc8a319336967815084 md5sum = fae149cc9da35c598d8be897826dfc63
configure-options = configure-options =
--disable-static --disable-static
--without-x --without-x
......
...@@ -3,10 +3,13 @@ ...@@ -3,10 +3,13 @@
[buildout] [buildout]
extends = extends =
../cmake/buildout.cfg
../zlib/buildout.cfg ../zlib/buildout.cfg
../groonga/buildout.cfg ../groonga/buildout.cfg
../libaio/buildout.cfg
../libevent/buildout.cfg ../libevent/buildout.cfg
../ncurses/buildout.cfg ../ncurses/buildout.cfg
../openssl/buildout.cfg
../pkgconfig/buildout.cfg ../pkgconfig/buildout.cfg
../readline/buildout.cfg ../readline/buildout.cfg
...@@ -22,9 +25,9 @@ download-only = true ...@@ -22,9 +25,9 @@ download-only = true
[mariadb] [mariadb]
recipe = hexagonit.recipe.cmmi recipe = hexagonit.recipe.cmmi
version = 5.3.3-rc version = 5.3.5-ga
url = http://downloads.askmonty.org/f/mariadb-${:version}/kvm-tarbake-jaunty-x86/mariadb-${:version}.tar.gz/from/http:/ftp.osuosl.org/pub/mariadb url = http://downloads.askmonty.org/f/mariadb-${:version}/kvm-tarbake-jaunty-x86/mariadb-${:version}.tar.gz/from/http:/ftp.osuosl.org/pub/mariadb
md5sum = 715c61bb101acc7d37e893f6a9de9267 md5sum = 98ce0441b37c8d681855150495fdc03b
# compile directory is required to build mysql plugins. # compile directory is required to build mysql plugins.
keep-compile-dir = true keep-compile-dir = true
# configure: how to avoid searching for my.cnf? # configure: how to avoid searching for my.cnf?
...@@ -42,10 +45,9 @@ configure-options = ...@@ -42,10 +45,9 @@ configure-options =
--with-extra-charsets=complex --with-extra-charsets=complex
--with-collation=utf8_unicode_ci --with-collation=utf8_unicode_ci
--with-big-tables --with-big-tables
--with-embedded-server --without-embedded-server
--with-plugins=max-no-ndb --with-plugins=max-no-ndb
--with-aria-tmp-tables --with-aria-tmp-tables
--without-plugin-innodb_plugin
--without-plugin-oqgraph --without-plugin-oqgraph
--without-readline --without-readline
--with-ssl --with-ssl
...@@ -61,11 +63,68 @@ environment = ...@@ -61,11 +63,68 @@ environment =
[mroonga-mariadb] [mroonga-mariadb]
recipe = hexagonit.recipe.cmmi recipe = hexagonit.recipe.cmmi
url = https://github.com/downloads/mroonga/mroonga/mroonga-1.11.tar.gz url = https://github.com/downloads/mroonga/mroonga/mroonga-2.00.tar.gz
md5sum = 69e56246226e0b9969ee7f99e08aa7da md5sum = 49dab92863b5c3fa1d49344c73357ca2
configure-options = configure-options =
--with-mysql-source=${mariadb:location}__compile__/mariadb-${mariadb:version} --with-mysql-source=${mariadb:location}__compile__/mariadb-${mariadb:version}
--with-mysql-config=${mariadb:location}/bin/mysql_config --with-mysql-config=${mariadb:location}/bin/mysql_config
depends =
${mariadb:version}
environment =
PATH=${groonga:location}/bin:${pkgconfig:location}/bin:%(PATH)s
CPPFLAGS=-I${groonga:location}/include/groonga
LDFLAGS=-L${groonga:location}/lib
PKG_CONFIG_PATH=${groonga:location}/lib/pkgconfig
[mariadb-5.5-no_test-patch]
recipe = hexagonit.recipe.download
url = ${:_profile_base_location_}/${:filename}
md5sum = 14e6d713c16298a10f40d29f2b799aca
filename = mariadb_5.5_create_system_tables__no_test.patch
download-only = true
[mariadb-5.5]
recipe = hexagonit.recipe.cmmi
version = 5.5.20
url = http://downloads.askmonty.org/f/mariadb-${:version}/kvm-tarbake-jaunty-x86/mariadb-${:version}.tar.gz/from/http://ftp.osuosl.org/pub/mariadb
md5sum = e618343b5039fa468c0e1e6098785e3c
# compile directory is required to build mysql plugins.
keep-compile-dir = true
patch-options = -p0
patches =
${mariadb-5.5-no_test-patch:location}/${mariadb-5.5-no_test-patch:filename}
configure-command = ${cmake:location}/bin/cmake
configure-options =
-DCMAKE_INSTALL_PREFIX=${buildout:parts-directory}/${:_buildout_section_name_}
-DBUILD_CONFIG=mysql_release
-DDEFAULT_CHARSET=utf8
-DDEFAULT_COLLATION=utf8_unicode_ci
-DWITH_SSL=system
-DWITH_ZLIB=system
-DWITH_READLINE=0
-DWITH_PIC=1
-DWITH_EXTRA_CHARSETS=complex
-DWITH_EMBEDDED_SERVER=0
-DWITHOUT_EXAMPLE_STORAGE_ENGINE=1
-DWITHOUT_DAEMON_EXAMPLE=1
-DWITH_SPHINX_STORAGE_ENGINE=1
-DCMAKE_C_FLAGS="-I${libaio:location}/include -I${ncurses:location}/include -I${openssl:location}/include -I${readline5:location}/include -I${zlib:location}/include"
-DCMAKE_INSTALL_RPATH=${libaio:location}/lib:${ncurses:location}/lib:${openssl:location}/lib:${readline5:location}/lib:${zlib:location}/lib
environment =
CMAKE_PROGRAM_PATH=${cmake:location}/bin
CMAKE_INCLUDE_PATH=${libaio:location}/include:${ncurses:location}/include:${openssl:location}/include:${readline5:location}/include:${zlib:location}/include
CMAKE_LIBRARY_PATH=${libaio:location}/lib:${ncurses:location}/lib:${openssl:location}/lib:${readline5:location}/lib:${zlib:location}/lib
LDFLAGS=-L${libaio:location}/lib
[mroonga-mariadb-5.5]
recipe = hexagonit.recipe.cmmi
url = https://github.com/downloads/mroonga/mroonga/mroonga-2.00.tar.gz
md5sum = 49dab92863b5c3fa1d49344c73357ca2
configure-options =
--with-mysql-source=${mariadb-5.5:location}__compile__/mariadb-${mariadb-5.5:version}
--with-mysql-config=${mariadb-5.5:location}/bin/mysql_config
depends =
${mariadb-5.5:version}
environment = environment =
PATH=${groonga:location}/bin:${pkgconfig:location}/bin:%(PATH)s PATH=${groonga:location}/bin:${pkgconfig:location}/bin:%(PATH)s
CPPFLAGS=-I${groonga:location}/include/groonga CPPFLAGS=-I${groonga:location}/include/groonga
......
...@@ -3,6 +3,6 @@ parts = ...@@ -3,6 +3,6 @@ parts =
noVNC noVNC
[noVNC] [noVNC]
recipe = hexagonit.recipe.download recipe = slapos.recipe.build:download-unpacked
url = https://github.com/kanaka/noVNC/tarball/master url = https://github.com/kanaka/noVNC/tarball/v0.2
strip-top-level-dir = true strip-top-level-dir = true
[buildout]
extends =
../git/buildout.cfg
../pkgconfig/buildout.cfg
../openssl/buildout.cfg
../python-2.7/buildout.cfg
../zlib/buildout.cfg
parts =
nodejs
[nodejs]
# Server-side Javascript.
recipe = hexagonit.recipe.cmmi
url = http://nodejs.org/dist/v0.6.12/node-v0.6.12.tar.gz
md5sum = a12766ae4003c9712927d1fa134ed9f6
configure-options =
--openssl-includes=${openssl:location}/include
--openssl-libpath=${openssl:location}/lib
environment =
PATH=${pkgconfig:location}/bin:${python2.7:location}/bin:%(PATH)s
PKG_CONFIG_PATH=${openssl:location}/lib/pkgconfig/
CPPFLAGS=-I${zlib:location}/include
LDFLAGS=-Wl,-rpath=${openssl:location}/lib -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib
[nodejs-0.4]
recipe = hexagonit.recipe.cmmi
url = http://nodejs.org/dist/node-v0.4.12.tar.gz
md5sum = a6375eaa43db5356bf443e25b828ae16
configure-options =
--openssl-includes=${openssl:location}/include
--openssl-libpath=${openssl:location}/lib
environment =
PATH=${pkgconfig:location}/bin:${python2.7:location}/bin:%(PATH)s
PKG_CONFIG_PATH=${openssl:location}/lib/pkgconfig/
CPPFLAGS=-I${zlib:location}/include
LDFLAGS=-Wl,-rpath=${openssl:location}/lib -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib
[npm]
# Node.js Package Manager
# Deprecated. Included in node >= 0.6.3.
recipe = plone.recipe.command
location = ${buildout:parts-directory}/${:_buildout_section_name_}
stop-on-error = true
commit = 3136abc5c6b3ed332c4700ece24450fada63639b
origin = https://github.com/isaacs/npm.git
git-bin = ${git:location}/bin/git
node-bin = ${nodejs-0.4:location}/bin/node
command = (GIT_SSL_NO_VERIFY=true ${:git-bin} clone --quiet ${:origin} ${:location} && cd ${:location} && ${:git-bin} reset --hard ${:commit} && ${:location}/configure --prefix=${:location} && GIT_SSL_NO_VERIFY=true ${:git-bin} submodule update --init --recursive && ${:node-bin} cli.js install npm@1.0.106 -g -f) || (rm -fr ${:location}; exit 1)
update-command =
...@@ -19,12 +19,20 @@ url = ${:_profile_base_location_}/${:filename} ...@@ -19,12 +19,20 @@ url = ${:_profile_base_location_}/${:filename}
filename = ${:_buildout_section_name_} filename = ${:_buildout_section_name_}
download-only = true download-only = true
[openssl-exlibs.patch]
recipe = hexagonit.recipe.download
md5sum = dfb8979460d6d75f2d23d1ea83bbb40a
url = ${:_profile_base_location_}/${:filename}
filename = ${:_buildout_section_name_}
download-only = true
[openssl] [openssl]
recipe = hexagonit.recipe.cmmi recipe = hexagonit.recipe.cmmi
url = https://www.openssl.org/source/openssl-1.0.0g.tar.gz url = https://www.openssl.org/source/openssl-1.0.1.tar.gz
md5sum = 07ecbe4324f140d157478637d6beccf1 md5sum = 134f168bc2a8333f19f81d684841710b
patches = patches =
${openssl-nodoc.patch:location}/${openssl-nodoc.patch:filename} ${openssl-nodoc.patch:location}/${openssl-nodoc.patch:filename}
${openssl-exlibs.patch:location}/${openssl-exlibs.patch:filename}
patch-options = -p0 patch-options = -p0
configure-command = ./config configure-command = ./config
configure-options = configure-options =
...@@ -33,13 +41,11 @@ configure-options = ...@@ -33,13 +41,11 @@ configure-options =
--openssldir=${buildout:parts-directory}/${:_buildout_section_name_}/etc/ssl --openssldir=${buildout:parts-directory}/${:_buildout_section_name_}/etc/ssl
--prefix=${buildout:parts-directory}/${:_buildout_section_name_} --prefix=${buildout:parts-directory}/${:_buildout_section_name_}
--libdir=lib --libdir=lib
shared shared no-idea no-mdc2 no-rc5 zlib
no-zlib -Wl,-rpath=${zlib:location}/lib -Wl,-rpath=${buildout:parts-directory}/${:_buildout_section_name_}/lib
# it seems that parallel build sometimes fails for openssl. # it seems that parallel build sometimes fails for openssl.
make-options = make-options =
-j1 -j1
make-targets = make-targets =
install && rm -f ${buildout:parts-directory}/${:_buildout_section_name_}/etc/ssl/certs/* && for i in ${ca-certificates:location}/certs/*/*.crt; do ln -sv $i ${buildout:parts-directory}/${:_buildout_section_name_}/etc/ssl/certs/`${buildout:parts-directory}/${:_buildout_section_name_}/bin/openssl x509 -hash -noout -in $i`.0; done; true install && rm -f ${buildout:parts-directory}/${:_buildout_section_name_}/etc/ssl/certs/* && for i in ${ca-certificates:location}/certs/*/*.crt; do ln -sv $i ${buildout:parts-directory}/${:_buildout_section_name_}/etc/ssl/certs/`${buildout:parts-directory}/${:_buildout_section_name_}/bin/openssl x509 -hash -noout -in $i`.0; done; true
LDFLAGS="-Wl,-rpath=${zlib:location}/lib -Wl,-rpath=${buildout:parts-directory}/${:_buildout_section_name_}/lib"
SHARED_LDFLAGS="-Wl,-rpath=${zlib:location}/lib -Wl,-rpath=${buildout:parts-directory}/${:_buildout_section_name_}/lib"
--- engines/ccgost/Makefile~ 2010-08-24 23:46:34.000000000 +0200
+++ engines/ccgost/Makefile 2012-03-14 10:11:46.826419864 +0100
@@ -7,6 +7,7 @@
AR= ar r
CFLAGS= $(INCLUDES) $(CFLAG)
LIB=$(TOP)/libcrypto.a
+EX_LIBS=
LIBSRC= gost2001.c gost2001_keyx.c gost89.c gost94_keyx.c gost_ameth.c gost_asn1.c gost_crypt.c gost_ctl.c gost_eng.c gosthash.c gost_keywrap.c gost_md.c gost_params.c gost_pmeth.c gost_sign.c
@@ -32,7 +33,7 @@
$(MAKE) -f $(TOP)/Makefile.shared -e \
LIBNAME=$(LIBNAME) \
LIBEXTRAS='$(LIBOBJ)' \
- LIBDEPS='-L$(TOP) -lcrypto' \
+ LIBDEPS='-L$(TOP) -lcrypto $(EX_LIBS)' \
link_o.$(SHLIB_TARGET); \
else \
$(AR) $(LIB) $(LIBOBJ); \
...@@ -10,7 +10,7 @@ parts = ...@@ -10,7 +10,7 @@ parts =
recipe = hexagonit.recipe.cmmi recipe = hexagonit.recipe.cmmi
depends = depends =
${perl:version} ${perl:version}
url = http://www.percona.com/redir/downloads/percona-toolkit/percona-toolkit-2.0.1.tar.gz url = http://www.percona.com/redir/downloads/percona-toolkit/2.0.4/percona-toolkit-2.0.4.tar.gz
md5sum = 3a78c78672cb7c634bda35dfb2f817bf md5sum = df7dffcccb48d50f143849629228d4b4
configure-command = configure-command =
${perl:location}/bin/perl Makefile.PL ${perl:location}/bin/perl Makefile.PL
[buildout] [buildout]
parts = poppler parts = poppler
extends = extends =
../bzip2/buildout.cfg
../fontconfig/buildout.cfg ../fontconfig/buildout.cfg
../freetype/buildout.cfg ../freetype/buildout.cfg
../jbigkit/buildout.cfg ../jbigkit/buildout.cfg
...@@ -17,10 +18,12 @@ extends = ...@@ -17,10 +18,12 @@ extends =
recipe = hexagonit.recipe.cmmi recipe = hexagonit.recipe.cmmi
md5sum = b566d1fbaa29b9257bf0ecc130e7b2ca md5sum = b566d1fbaa29b9257bf0ecc130e7b2ca
url = http://poppler.freedesktop.org/poppler-0.17.2.tar.gz url = http://poppler.freedesktop.org/poppler-0.17.2.tar.gz
depends =
${libtiff:version}
configure-options = configure-options =
--disable-cairo-output --disable-cairo-output
--disable-cms --disable-cms
--disable-curl --disable-libcurl
--disable-gtk-doc-html --disable-gtk-doc-html
--disable-gtk-test --disable-gtk-test
--disable-poppler-cpp --disable-poppler-cpp
...@@ -31,5 +34,5 @@ configure-options = ...@@ -31,5 +34,5 @@ configure-options =
environment = environment =
PATH=${pkgconfig:location}/bin:%(PATH)s PATH=${pkgconfig:location}/bin:%(PATH)s
PKG_CONFIG_PATH=${fontconfig:location}/lib/pkgconfig:${freetype:location}/lib/pkgconfig:${libpng:location}/lib/pkgconfig PKG_CONFIG_PATH=${fontconfig:location}/lib/pkgconfig:${freetype:location}/lib/pkgconfig:${libpng:location}/lib/pkgconfig
CPPFLAGS=-I${libjpeg:location}/include -I${libpng:location}/include -I${libtiff:location}/include -I${zlib:location}/include CPPFLAGS=-I${bzip2:location}/include -I${libjpeg:location}/include -I${libpng:location}/include -I${libtiff:location}/include -I${zlib:location}/include
LDFLAGS=-L${jbigkit:location}/lib -Wl,-rpath=${jbigkit:location}/lib -L${libjpeg:location}/lib -Wl,-rpath=${libjpeg:location}/lib -L${libtiff:location}/lib -Wl,-rpath=${libtiff:location}/lib -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib LDFLAGS=-L${bzip2:location}/lib -Wl,-rpath=${bzip2:location}/lib -L${jbigkit:location}/lib -Wl,-rpath=${jbigkit:location}/lib -L${libjpeg:location}/lib -Wl,-rpath=${libjpeg:location}/lib -L${libtiff:location}/lib -Wl,-rpath=${libtiff:location}/lib -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib
...@@ -30,16 +30,18 @@ depends = ...@@ -30,16 +30,18 @@ depends =
# other settings in this part if we don't set it explicitly here. # other settings in this part if we don't set it explicitly here.
prefix = ${buildout:parts-directory}/${:_buildout_section_name_} prefix = ${buildout:parts-directory}/${:_buildout_section_name_}
version = 2.6 version = 2.6
package_version = ${:version}.7 package_version = ${:version}.8
package_version_suffix = rc1
executable = ${:prefix}/bin/python${:version} executable = ${:prefix}/bin/python${:version}
url = url =
http://python.org/ftp/python/${:package_version}/Python-${:package_version}.tar.bz2 http://python.org/ftp/python/${:package_version}/Python-${:package_version}${:package_version_suffix}.tar.bz2
md5sum = d40ef58ed88438a870bbeb0ac5d4217b md5sum = df6ccdac7da3b7c7c79124b92110277e
patch-options = -p1 patch-options = -p1
patches = patches =
${python-2.6.6-no_system_inc_dirs.patch:location}/${python-2.6.6-no_system_inc_dirs.patch:filename} ${python-2.6.6-no_system_inc_dirs.patch:location}/${python-2.6.6-no_system_inc_dirs.patch:filename}
configure-options = configure-options =
--enable-ipv6
--enable-unicode=ucs4 --enable-unicode=ucs4
--with-threads --with-threads
......
...@@ -3,6 +3,7 @@ extends = ...@@ -3,6 +3,7 @@ extends =
../bzip2/buildout.cfg ../bzip2/buildout.cfg
../gdbm/buildout.cfg ../gdbm/buildout.cfg
../gettext/buildout.cfg ../gettext/buildout.cfg
../libexpat/buildout.cfg
../ncurses/buildout.cfg ../ncurses/buildout.cfg
../openssl/buildout.cfg ../openssl/buildout.cfg
../readline/buildout.cfg ../readline/buildout.cfg
...@@ -12,21 +13,6 @@ extends = ...@@ -12,21 +13,6 @@ extends =
parts = parts =
python2.7 python2.7
[python2.7]
<= python2.7.2
[python2.7.1]
<= python2.7common
package_version = 2.7.1
md5sum = aa27bc25725137ba155910bd8e5ddc4f
package_version_suffix =
[python2.7.2]
<= python2.7common
package_version = 2.7.2
md5sum = ba7b2f11ffdbf195ee0d111b9455a5bd
package_version_suffix =
[bootstrap2.7] [bootstrap2.7]
recipe = zc.recipe.egg recipe = zc.recipe.egg
eggs = zc.buildout eggs = zc.buildout
...@@ -36,8 +22,12 @@ scripts = ...@@ -36,8 +22,12 @@ scripts =
arguments = sys.argv[1:] + ["bootstrap"] arguments = sys.argv[1:] + ["bootstrap"]
python = python2.7 python = python2.7
[python2.7common] [python2.7]
recipe = hexagonit.recipe.cmmi recipe = hexagonit.recipe.cmmi
package_version = 2.7.3
package_version_suffix = rc1
md5sum = 72aaa940dfa2777de161d7cb27c91df7
depends = depends =
${gdbm:version} ${gdbm:version}
# This is actually the default setting for prefix, but we can't use it in # This is actually the default setting for prefix, but we can't use it in
...@@ -49,9 +39,11 @@ executable = ${:prefix}/bin/python${:version} ...@@ -49,9 +39,11 @@ executable = ${:prefix}/bin/python${:version}
url = url =
http://python.org/ftp/python/${:package_version}/Python-${:package_version}${:package_version_suffix}.tar.bz2 http://python.org/ftp/python/${:package_version}/Python-${:package_version}${:package_version_suffix}.tar.bz2
configure-options = configure-options =
--enable-ipv6
--enable-unicode=ucs4 --enable-unicode=ucs4
--with-system-expat
--with-threads --with-threads
environment = environment =
CPPFLAGS=-I${zlib:location}/include -I${readline:location}/include -I${ncurses:location}/include/ -I${ncurses:location}/include/ncursesw/ -I${bzip2:location}/include -I${gdbm:location}/include -I${openssl:location}/include -I${sqlite3:location}/include -I${gettext:location}/include CPPFLAGS=-I${zlib:location}/include -I${readline:location}/include -I${libexpat:location}/include -I${ncurses:location}/include -I${ncurses:location}/include/ncursesw -I${bzip2:location}/include -I${gdbm:location}/include -I${openssl:location}/include -I${sqlite3:location}/include -I${gettext:location}/include
LDFLAGS=-L${zlib:location}/lib -L${readline:location}/lib -L${ncurses:location}/lib -L${bzip2:location}/lib -L${gdbm:location}/lib -L${openssl:location}/lib -L${sqlite3:location}/lib -Wl,-rpath=${zlib:location}/lib -Wl,-rpath=${readline:location}/lib -Wl,-rpath=${ncurses:location}/lib -Wl,-rpath=${bzip2:location}/lib -Wl,-rpath=${gdbm:location}/lib -Wl,-rpath=${openssl:location}/lib -Wl,-rpath=${sqlite3:location}/lib -L${gettext:location}/lib -Wl,-rpath=${gettext:location}/lib LDFLAGS=-L${zlib:location}/lib -L${readline:location}/lib -L${libexpat:location}/lib -L${ncurses:location}/lib -L${bzip2:location}/lib -L${gdbm:location}/lib -L${openssl:location}/lib -L${sqlite3:location}/lib -Wl,-rpath=${zlib:location}/lib -Wl,-rpath=${readline:location}/lib -Wl,-rpath=${libexpat:location}/lib -Wl,-rpath=${ncurses:location}/lib -Wl,-rpath=${bzip2:location}/lib -Wl,-rpath=${gdbm:location}/lib -Wl,-rpath=${openssl:location}/lib -Wl,-rpath=${sqlite3:location}/lib -L${gettext:location}/lib -Wl,-rpath=${gettext:location}/lib
...@@ -12,18 +12,6 @@ configure-options = ...@@ -12,18 +12,6 @@ configure-options =
--enable-multibyte --enable-multibyte
--disable-static --disable-static
# readline-5.x is still used for GPL2 only softwares.
[readline5]
recipe = hexagonit.recipe.cmmi
url = http://ftp.gnu.org/gnu/readline/readline-5.2.tar.gz
md5sum = e39331f32ad14009b9ff49cc10c5e751
configure-options =
--enable-multibyte
--disable-static
--with-ncurses=${ncurses:location}
environment =
LDFLAGS =-Wl,-rpath=${ncurses:location}/lib
[readline] [readline]
recipe = hexagonit.recipe.cmmi recipe = hexagonit.recipe.cmmi
url = http://ftp.gnu.org/gnu/readline/readline-6.2.tar.gz url = http://ftp.gnu.org/gnu/readline/readline-6.2.tar.gz
......
...@@ -120,17 +120,17 @@ Werkzeug = 0.8.3 ...@@ -120,17 +120,17 @@ Werkzeug = 0.8.3
buildout-versions = 1.7 buildout-versions = 1.7
collective.recipe.template = 1.9 collective.recipe.template = 1.9
hexagonit.recipe.cmmi = 1.5.0 hexagonit.recipe.cmmi = 1.5.0
lxml = 2.3.3 lxml = 2.3.4
meld3 = 0.6.8 meld3 = 0.6.8
netaddr = 0.7.6 netaddr = 0.7.6
slapos.core = 0.22 slapos.core = 0.24
slapos.libnetworkcache = 0.12 slapos.libnetworkcache = 0.12
xml-marshaller = 0.9.7 xml-marshaller = 0.9.7
z3c.recipe.scripts = 1.0.1 z3c.recipe.scripts = 1.0.1
zc.recipe.egg = 1.3.2 zc.recipe.egg = 1.3.2
# Required by: # Required by:
# slapos.core==0.22 # slapos.core==0.24
Flask = 0.8 Flask = 0.8
# Required by: # Required by:
...@@ -138,11 +138,11 @@ Flask = 0.8 ...@@ -138,11 +138,11 @@ Flask = 0.8
hexagonit.recipe.download = 1.5.0 hexagonit.recipe.download = 1.5.0
# Required by: # Required by:
# slapos.core==0.22 # slapos.core==0.24
netifaces = 0.8 netifaces = 0.8
# Required by: # Required by:
# slapos.core==0.22 # slapos.core==0.24
# slapos.libnetworkcache==0.12 # slapos.libnetworkcache==0.12
# supervisor==3.0a12 # supervisor==3.0a12
# zc.buildout==1.6.0-dev-SlapOS-004 # zc.buildout==1.6.0-dev-SlapOS-004
...@@ -150,9 +150,9 @@ netifaces = 0.8 ...@@ -150,9 +150,9 @@ netifaces = 0.8
setuptools = 0.6c12dev-r88846 setuptools = 0.6c12dev-r88846
# Required by: # Required by:
# slapos.core==0.22 # slapos.core==0.24
supervisor = 3.0a12 supervisor = 3.0a12
# Required by: # Required by:
# slapos.core==0.22 # slapos.core==0.24
zope.interface = 3.8.0 zope.interface = 3.8.0
...@@ -21,9 +21,7 @@ recipe = hexagonit.recipe.cmmi ...@@ -21,9 +21,7 @@ recipe = hexagonit.recipe.cmmi
url = http://sphinxsearch.com/files/sphinx-2.0.2-beta.tar.gz url = http://sphinxsearch.com/files/sphinx-2.0.2-beta.tar.gz
md5sum = fafe0f1a71d0ded32404c067eba7d0b3 md5sum = fafe0f1a71d0ded32404c067eba7d0b3
configure-options = configure-options =
--with-mysql --with-mysql=${mariadb:location}
--with-mysql-includes=${mariadb:location}/include/mysql
--with-mysql-libs=${mariadb:location}/lib/mysql
--with-libstemmer --with-libstemmer
--with-iconv --with-iconv
--without-pgsql --without-pgsql
......
...@@ -17,8 +17,8 @@ filename = stunnel-4-hooks.py ...@@ -17,8 +17,8 @@ filename = stunnel-4-hooks.py
[stunnel-4] [stunnel-4]
recipe = hexagonit.recipe.cmmi recipe = hexagonit.recipe.cmmi
url = http://mirror.bit.nl/stunnel/stunnel-4.52.tar.gz url = http://mirror.bit.nl/stunnel/stunnel-4.53.tar.gz
md5sum = f5e713dda0e8efa659f372832ecd0c2c md5sum = ab3bfc915357d67da18c73f73610d593
pre-configure-hook = ${stunnel-4-hook-download:location}/${stunnel-4-hook-download:filename}:pre_configure_hook pre-configure-hook = ${stunnel-4-hook-download:location}/${stunnel-4-hook-download:filename}:pre_configure_hook
configure-options = configure-options =
--enable-ipv6 --enable-ipv6
......
...@@ -23,6 +23,8 @@ stop-on-error = yes ...@@ -23,6 +23,8 @@ stop-on-error = yes
recipe = hexagonit.recipe.cmmi recipe = hexagonit.recipe.cmmi
url = http://tesseract-ocr.googlecode.com/files/tesseract-3.00.tar.gz url = http://tesseract-ocr.googlecode.com/files/tesseract-3.00.tar.gz
md5sum = cc812a261088ea0c3d2da735be35d09f md5sum = cc812a261088ea0c3d2da735be35d09f
depends =
${libtiff:version}
configure-options = configure-options =
--disable-static --disable-static
--datarootdir=${tesseract-share:location} --datarootdir=${tesseract-share:location}
......
# Apache Tomcat - an open source software implementation of the Java Servlet and JavaServer Pages technologies.
# http://tomcat.apache.org/
[buildout]
parts =
tomcat
[tomcat]
<= tomcat6
[tomcat6]
recipe = hexagonit.recipe.download
strip-top-level-dir = true
url = http://apache.multidist.com/tomcat/tomcat-6/v6.0.35/bin/apache-tomcat-6.0.35.tar.gz
md5sum = 171d255cd60894b29a41684ce0ff93a8
[tomcat7]
recipe = hexagonit.recipe.download
strip-top-level-dir = true
url = http://apache.multidist.com/tomcat/tomcat-7/v7.0.25/bin/apache-tomcat-7.0.25.tar.gz
md5sum = 2aa59d23555d641b20efad4aed86b693
[buildout]
extends =
../openssl/buildout.cfg
../pkgconfig/buildout.cfg
../zlib/buildout.cfg
parts =
wget
[wget]
recipe = hexagonit.recipe.cmmi
url = http://ftp.gnu.org/gnu/wget/wget-1.13.4.tar.bz2
md5sum = 12115c3750a4d92f9c6ac62bac372e85
configure-options =
--enable-ipv6
--enable-opie
--disable-iri
--with-ssl=openssl
--with-libssl-prefix=${openssl:location}
--with-zlib-lib=${zlib:location}
environment =
PATH=${pkgconfig:location}/bin:%(PATH)s
PKG_CONFIG_PATH=${openssl:location}/lib/pkgconfig
LDFLAGS=-L${zlib:location}/lib -L${openssl:location}/lib
CPPFLAGS=-I${zlib:location}/include -I${openssl:location}/include
...@@ -13,8 +13,8 @@ parts = ...@@ -13,8 +13,8 @@ parts =
libXdmcp libXdmcp
libXext libXext
libXau libXau
libXinerama
libSM libSM
libXrender
[xorg-aclocal] [xorg-aclocal]
ACLOCAL=${xorg-util-macros:location}/share/aclocal ACLOCAL=${xorg-util-macros:location}/share/aclocal
...@@ -33,6 +33,7 @@ configure-options = ...@@ -33,6 +33,7 @@ configure-options =
--without-xmlto --without-xmlto
--without-fop --without-fop
environment = environment =
PKG_CONFIG_PATH=${xorg-util-macros:location}/share/pkgconfig
PATH=${libxml2:location}/bin:${pkgconfig:location}/bin:%(PATH)s PATH=${libxml2:location}/bin:${pkgconfig:location}/bin:%(PATH)s
[xextproto] [xextproto]
...@@ -43,6 +44,9 @@ configure-options = ...@@ -43,6 +44,9 @@ configure-options =
--disable-specs --disable-specs
--without-xmlto --without-xmlto
--without-fop --without-fop
environment =
PKG_CONFIG_PATH=${xorg-util-macros:location}/share/pkgconfig
PATH=${pkgconfig:location}/bin:%(PATH)s
[xtrans] [xtrans]
recipe = hexagonit.recipe.cmmi recipe = hexagonit.recipe.cmmi
...@@ -53,6 +57,7 @@ configure-options = ...@@ -53,6 +57,7 @@ configure-options =
--without-xmlto --without-xmlto
--without-fop --without-fop
environment = environment =
PKG_CONFIG_PATH=${xorg-util-macros:location}/share/pkgconfig
PATH=${pkgconfig:location}/bin:%(PATH)s PATH=${pkgconfig:location}/bin:%(PATH)s
[libXau] [libXau]
...@@ -62,7 +67,7 @@ md5sum = 4a2cbd83727682f9ee1c1e719bac6adb ...@@ -62,7 +67,7 @@ md5sum = 4a2cbd83727682f9ee1c1e719bac6adb
configure-options = configure-options =
--disable-static --disable-static
environment = environment =
PKG_CONFIG_PATH=${xproto:location}/lib/pkgconfig PKG_CONFIG_PATH=${xorg-util-macros:location}/share/pkgconfig:${xproto:location}/lib/pkgconfig
PATH=${pkgconfig:location}/bin:%(PATH)s PATH=${pkgconfig:location}/bin:%(PATH)s
[xcbproto] [xcbproto]
...@@ -99,7 +104,7 @@ recipe = hexagonit.recipe.cmmi ...@@ -99,7 +104,7 @@ recipe = hexagonit.recipe.cmmi
url = http://www.x.org/releases/X11R7.6/src/lib/libXext-1.2.0.tar.bz2 url = http://www.x.org/releases/X11R7.6/src/lib/libXext-1.2.0.tar.bz2
md5sum = 9bb236ff0193e9fc1c1fb504dd840331 md5sum = 9bb236ff0193e9fc1c1fb504dd840331
environment = environment =
PKG_CONFIG_PATH=${xcbproto:location}/lib/pkgconfig:${libXau:location}/lib/pkgconfig:${xproto:location}/lib/pkgconfig:${xorg-libpthread-stubs:location}/lib/pkgconfig:${xextproto:location}/lib/pkgconfig:${libX11:location}/lib/pkgconfig:${libxcb:location}/lib/pkgconfig PKG_CONFIG_PATH=${xorg-util-macros:location}/share/pkgconfig:${xcbproto:location}/lib/pkgconfig:${libXau:location}/lib/pkgconfig:${xproto:location}/lib/pkgconfig:${xorg-libpthread-stubs:location}/lib/pkgconfig:${xextproto:location}/lib/pkgconfig:${libX11:location}/lib/pkgconfig:${libxcb:location}/lib/pkgconfig
CPPFLAGS=-I${xcbproto:location}/include -I${libXau:location}/include -I${xproto:location}/include -I${xorg-libpthread-stubs:location}/include -I${xextproto:location}/include -I${libX11:location}/include -I${libxcb:location}/include CPPFLAGS=-I${xcbproto:location}/include -I${libXau:location}/include -I${xproto:location}/include -I${xorg-libpthread-stubs:location}/include -I${xextproto:location}/include -I${libX11:location}/include -I${libxcb:location}/include
LD_LIBRARY_PATH=${xcbproto:location}/lib:${libXau:location}/lib:${xorg-libpthread-stubs:location}/lib:${xextproto:location}/lib:${libX11:location}/lib:${libxcb:location}/lib LD_LIBRARY_PATH=${xcbproto:location}/lib:${libXau:location}/lib:${xorg-libpthread-stubs:location}/lib:${xextproto:location}/lib:${libX11:location}/lib:${libxcb:location}/lib
LD_RUN_PATH=${xcbproto:location}/lib:${libXau:location}/lib:${xorg-libpthread-stubs:location}/lib:${xextproto:location}/lib:${libX11:location}/lib:${libxcb:location}/lib LD_RUN_PATH=${xcbproto:location}/lib:${libXau:location}/lib:${xorg-libpthread-stubs:location}/lib:${xextproto:location}/lib:${libX11:location}/lib:${libxcb:location}/lib
...@@ -148,7 +153,7 @@ configure-options = ...@@ -148,7 +153,7 @@ configure-options =
--without-xmlto --without-xmlto
--without-fop --without-fop
environment = environment =
PKG_CONFIG_PATH=${xproto:location}/lib/pkgconfig:${xextproto:location}/lib/pkgconfig:${xtrans:location}/share/pkgconfig:${libxcb:location}/lib/pkgconfig:${xorg-libpthread-stubs:location}/lib/pkgconfig:${libXau:location}/lib/pkgconfig:${inputproto:location}/lib/pkgconfig:${kbproto:location}/lib/pkgconfig PKG_CONFIG_PATH=${xorg-util-macros:location}/share/pkgconfig:${xproto:location}/lib/pkgconfig:${xextproto:location}/lib/pkgconfig:${xtrans:location}/share/pkgconfig:${libxcb:location}/lib/pkgconfig:${xorg-libpthread-stubs:location}/lib/pkgconfig:${libXau:location}/lib/pkgconfig:${inputproto:location}/lib/pkgconfig:${kbproto:location}/lib/pkgconfig
LD_LIBRARY_PATH=${xproto:location}/lib:${xextproto:location}/lib:${libxcb:location}/lib LD_LIBRARY_PATH=${xproto:location}/lib:${xextproto:location}/lib:${libxcb:location}/lib
LD_RUN_PATH=${xproto:location}/lib:${xextproto:location}/lib:${libxcb:location}/lib LD_RUN_PATH=${xproto:location}/lib:${xextproto:location}/lib:${libxcb:location}/lib
PATH=${pkgconfig:location}/bin:%(PATH)s PATH=${pkgconfig:location}/bin:%(PATH)s
...@@ -329,7 +334,7 @@ configure-options = ...@@ -329,7 +334,7 @@ configure-options =
--without-xmlto --without-xmlto
--without-fop --without-fop
environment = environment =
PKG_CONFIG_PATH=${xproto:location}/lib/pkgconfig:${xtrans:location}/share/pkgconfig PKG_CONFIG_PATH=${xorg-util-macros:location}/share/pkgconfig:${xproto:location}/lib/pkgconfig:${xtrans:location}/share/pkgconfig
PATH=${pkgconfig:location}/bin:%(PATH)s PATH=${pkgconfig:location}/bin:%(PATH)s
[libSM] [libSM]
...@@ -341,10 +346,26 @@ configure-options = ...@@ -341,10 +346,26 @@ configure-options =
--without-xmlto --without-xmlto
--without-fop --without-fop
environment = environment =
PKG_CONFIG_PATH=${libICE:location}/lib/pkgconfig:${libuuid:location}/lib/pkgconfig:${xproto:location}/lib/pkgconfig:${xtrans:location}/share/pkgconfig PKG_CONFIG_PATH=${xorg-util-macros:location}/share/pkgconfig:${libICE:location}/lib/pkgconfig:${libuuid:location}/lib/pkgconfig:${xproto:location}/lib/pkgconfig:${xtrans:location}/share/pkgconfig
PATH=${pkgconfig:location}/bin:%(PATH)s PATH=${pkgconfig:location}/bin:%(PATH)s
LIBUUID_CFLAGS=-I${libuuid:location}/include LIBUUID_CFLAGS=-I${libuuid:location}/include
[renderproto]
recipe = hexagonit.recipe.cmmi
url = http://www.x.org/releases/X11R7.6/src/proto/renderproto-0.11.1.tar.bz2
md5sum = a914ccc1de66ddeb4b611c6b0686e274
[libXrender]
recipe = hexagonit.recipe.cmmi
url = http://www.x.org/releases/X11R7.6/src/lib/libXrender-0.9.6.tar.bz2
md5sum = 3b3b7d076c2384b6c600c0b5f4ba971f
configure-options =
--disable-static
environment =
PKG_CONFIG_PATH=${libX11:location}/lib/pkgconfig:${renderproto:location}/lib/pkgconfig:${xorg-util-macros:location}/share/pkgconfig
PATH=${pkgconfig:location}/bin:%(PATH)s
CPPFLAGS=-I${libX11:location}/include -I${renderproto:location}/include -I${xproto:location}/include
[libXt] [libXt]
recipe = hexagonit.recipe.cmmi recipe = hexagonit.recipe.cmmi
url = http://www.x.org/releases/X11R7.6/src/lib/libXt-1.0.9.tar.bz2 url = http://www.x.org/releases/X11R7.6/src/lib/libXt-1.0.9.tar.bz2
......
...@@ -4,5 +4,5 @@ parts = ...@@ -4,5 +4,5 @@ parts =
[zlib] [zlib]
recipe = hexagonit.recipe.cmmi recipe = hexagonit.recipe.cmmi
url = http://prdownloads.sourceforge.net/libpng/zlib-1.2.5.tar.gz?download url = http://prdownloads.sourceforge.net/libpng/zlib-1.2.6.tar.bz2?download
md5sum = c735eab2d659a96e5a594c9e8541ad63 md5sum = dc2cfa0d2313ca77224b4d932b2911e9
...@@ -2,7 +2,7 @@ from setuptools import setup, find_packages ...@@ -2,7 +2,7 @@ from setuptools import setup, find_packages
import glob import glob
import os import os
version = '0.40-dev' version = '0.46-dev'
name = 'slapos.cookbook' name = 'slapos.cookbook'
long_description = open("README.txt").read() + "\n" + \ long_description = open("README.txt").read() + "\n" + \
open("CHANGES.txt").read() + "\n" open("CHANGES.txt").read() + "\n"
...@@ -40,11 +40,13 @@ setup(name=name, ...@@ -40,11 +40,13 @@ setup(name=name,
zip_safe=True, zip_safe=True,
entry_points={ entry_points={
'zc.buildout': [ 'zc.buildout': [
'apache.frontend = slapos.recipe.apache_frontend:Recipe',
'apachephp = slapos.recipe.apachephp:Recipe', 'apachephp = slapos.recipe.apachephp:Recipe',
'apacheproxy = slapos.recipe.apacheproxy:Recipe', 'apacheproxy = slapos.recipe.apacheproxy:Recipe',
'apache.zope.backend = slapos.recipe.apache_zope_backend:Recipe', 'apache.zope.backend = slapos.recipe.apache_zope_backend:Recipe',
'certificate_authority = slapos.recipe.certificate_authority:Recipe', 'certificate_authority = slapos.recipe.certificate_authority:Recipe',
'certificate_authority.request = slapos.recipe.certificate_authority:Request', 'certificate_authority.request = slapos.recipe.certificate_authority:Request',
'check_port_listening = slapos.recipe.check_port_listening:Recipe',
'cron = slapos.recipe.dcron:Recipe', 'cron = slapos.recipe.dcron:Recipe',
'cron.d = slapos.recipe.dcron:Part', 'cron.d = slapos.recipe.dcron:Part',
'davstorage = slapos.recipe.davstorage:Recipe', 'davstorage = slapos.recipe.davstorage:Recipe',
...@@ -55,14 +57,18 @@ setup(name=name, ...@@ -55,14 +57,18 @@ setup(name=name,
'erp5scalabilitytestbed = slapos.recipe.erp5scalabilitytestbed:Recipe', 'erp5scalabilitytestbed = slapos.recipe.erp5scalabilitytestbed:Recipe',
'equeue = slapos.recipe.equeue:Recipe', 'equeue = slapos.recipe.equeue:Recipe',
'erp5testnode = slapos.recipe.erp5testnode:Recipe', 'erp5testnode = slapos.recipe.erp5testnode:Recipe',
'generate.mac = slapos.recipe.generatemac:Recipe',
'nbdserver = slapos.recipe.nbdserver:Recipe',
'generic.onetimeupload = slapos.recipe.generic_onetimeupload:Recipe',
'helloworld = slapos.recipe.helloworld:Recipe', 'helloworld = slapos.recipe.helloworld:Recipe',
'generic.cloudooo = slapos.recipe.generic_cloudooo:Recipe', 'generic.cloudooo = slapos.recipe.generic_cloudooo:Recipe',
'fontconfig = slapos.recipe.fontconfig:Recipe', 'fontconfig = slapos.recipe.fontconfig:Recipe',
'java = slapos.recipe.java:Recipe', 'java = slapos.recipe.java:Recipe',
'kumofs = slapos.recipe.kumofs:Recipe', 'kumofs = slapos.recipe.kumofs:Recipe',
'kvm = slapos.recipe.kvm:Recipe',
'kvm.frontend = slapos.recipe.kvm_frontend:Recipe',
'generic.kumofs = slapos.recipe.generic_kumofs:Recipe', 'generic.kumofs = slapos.recipe.generic_kumofs:Recipe',
'haproxy = slapos.recipe.haproxy:Recipe', 'haproxy = slapos.recipe.haproxy:Recipe',
'kvm = slapos.recipe.kvm:Recipe',
'libcloud = slapos.recipe.libcloud:Recipe', 'libcloud = slapos.recipe.libcloud:Recipe',
'libcloudrequest = slapos.recipe.libcloudrequest:Recipe', 'libcloudrequest = slapos.recipe.libcloudrequest:Recipe',
'lockfile = slapos.recipe.lockfile:Recipe', 'lockfile = slapos.recipe.lockfile:Recipe',
...@@ -72,11 +78,11 @@ setup(name=name, ...@@ -72,11 +78,11 @@ setup(name=name,
'mydumper = slapos.recipe.mydumper:Recipe', 'mydumper = slapos.recipe.mydumper:Recipe',
'generic.mysql = slapos.recipe.generic_mysql:Recipe', 'generic.mysql = slapos.recipe.generic_mysql:Recipe',
'mkdirectory = slapos.recipe.mkdirectory:Recipe', 'mkdirectory = slapos.recipe.mkdirectory:Recipe',
'nbdserver = slapos.recipe.nbdserver:Recipe',
'nosqltestbed = slapos.recipe.nosqltestbed:NoSQLTestBed', 'nosqltestbed = slapos.recipe.nosqltestbed:NoSQLTestBed',
'notifier = slapos.recipe.notifier:Recipe', 'notifier = slapos.recipe.notifier:Recipe',
'notifier.callback = slapos.recipe.notifier:Callback', 'notifier.callback = slapos.recipe.notifier:Callback',
'notifier.notify = slapos.recipe.notifier:Notify', 'notifier.notify = slapos.recipe.notifier:Notify',
'novnc = slapos.recipe.novnc:Recipe',
'lamp = slapos.recipe.lamp:Request', 'lamp = slapos.recipe.lamp:Request',
'lamp.request = slapos.recipe.lamp:Request', 'lamp.request = slapos.recipe.lamp:Request',
'lamp.static = slapos.recipe.lamp:Static', 'lamp.static = slapos.recipe.lamp:Static',
...@@ -114,8 +120,12 @@ setup(name=name, ...@@ -114,8 +120,12 @@ setup(name=name,
'generate.cloudooo = slapos.recipe.generate_cloudooo:Recipe', 'generate.cloudooo = slapos.recipe.generate_cloudooo:Recipe',
'zeo = slapos.recipe.zeo:Recipe', 'zeo = slapos.recipe.zeo:Recipe',
'tidstorage = slapos.recipe.tidstorage:Recipe', 'tidstorage = slapos.recipe.tidstorage:Recipe',
'erp5.bootstrap = slapos.recipe.erp5_bootstrap:Recipe',
'erp5.promise = slapos.recipe.erp5_promise:Recipe',
'erp5.update = slapos.recipe.erp5_update:Recipe', 'erp5.update = slapos.recipe.erp5_update:Recipe',
'erp5.test = slapos.recipe.erp5_test:Recipe', 'erp5.test = slapos.recipe.erp5_test:Recipe',
'generic.varnish = slapos.recipe.generic_varnish:Recipe',
'webchecker = slapos.recipe.web_checker:Recipe',
], ],
'slapos.recipe.nosqltestbed.plugin': [ 'slapos.recipe.nosqltestbed.plugin': [
'kumo = slapos.recipe.nosqltestbed.kumo:KumoTestBed', 'kumo = slapos.recipe.nosqltestbed.kumo:KumoTestBed',
......
apache_frontend
==========
Frontend using Apache, allowing to rewrite and proxy URLs like
myinstance.myfrontenddomainname.com to real IP/URL of myinstance.
apache_frontend works using the master instance / slave instance design.
It means that a single main instance of Apache will be used to act as frontend
for many slaves.
How to use
========
First, you will need to request a "master" instance of Apache Frontend with
"domain" parameter, like :
<?xml version='1.0' encoding='utf-8'?>
<instance>
<parameter id="domain">moulefrite.com</parameter>
<parameter id="port">443</parameter>
</instance>
Then, it is possible to request many slave instances
(currently only from slapconsole, UI doesn't work yet)
of Apache Frontend, like :
instance = request(
software_release=apache_frontend,
partition_reference='frontend2',
shared=True,
partition_parameter_kw={"url":"https://[1:2:3:4]:1234/someresource"}
)
Those slave instances will be redirected to the "master" instance,
and you will see on the "master" instance the associated RewriteRules of
all slave instances.
Finally, the slave instance will be accessible from :
https://someidentifier.moulefrite.com.
helloworld
==========
It only installs a dummy wrapper saying "Hello World!" and sends to the master an "HelloWorld" parameter.
kvm_frontend
===
Introduction
------------
The ``slapos.recipe.kvm_frontend`` aims to provide proxy server to KVM instances.
It allows HTTPS IPv4/IPv6 proxying (with or without domain name), and supports
the WebSocket technology needed for VNC-in-webapplication noVNC.
It works following the master/slave instances system. A master instance is
created, containing all what is needed to run the proxy. Slave instances
are later created, adding one line in the master instance's proxy configuration
that specify the IP/port to proxy to the KVM.
The slave instance (kvm) is then accessible from
http://[masterinstanceIPorhostname]/[randomgeneratednumber]
Instance parameters
------------
Incoming master instance parameters
+++++++
``port`` - Port of server, optional, defaults to 4443.
``domain`` - domain name to use, optional, default to
"host.vifib.net".
``redirect_plain_http`` - if value is one of ['y', 'yes', '1', 'true'], instance
will try to create a simple http server on port 80
redirecting to the proxy. Optional.
Incoming slave instance parameters
+++++++
``host`` - KVM instance IP or hostname. Mandatory.
``port`` - KVM instance port, Mandatory.
``https`` - if value is one of ['n', 'no', '0', 'false'], will try to connect
to target in plain http. Optional.
Connection parameters
-------------
Outgoing master connection parameters
+++++++
``domain_ipv6_address`` - Proxy IP
``site_url`` - Proxy URL
Outgoing slave connection parameters are :
+++++++
``site_url`` - URL of instance
``domain_name`` - Domain name of proxy
``port`` - Port of proxy
##############################################################################
#
# Copyright (c) 2010 Vifib SARL and Contributors. All Rights Reserved.
#
# WARNING: This program as such is intended to be used by professional
# programmers who take the whole responsibility of assessing all potential
# consequences resulting from its eventual inadequacies and bugs
# End users who are looking for a ready-to-use solution with commercial
# guarantees and support are strongly adviced to contract a Free Software
# Service Company
#
# This program is Free Software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 3
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#
##############################################################################
from slapos.recipe.librecipe import BaseSlapRecipe
import os
import pkg_resources
import hashlib
import sys
import zc.buildout
import zc.recipe.egg
import ConfigParser
import re
class Recipe(BaseSlapRecipe):
def getTemplateFilename(self, template_name):
return pkg_resources.resource_filename(__name__,
'template/%s' % template_name)
def _install(self):
self.path_list = []
self.requirements, self.ws = self.egg.working_set()
# self.cron_d is a directory, where cron jobs can be registered
self.cron_d = self.installCrond()
self.logrotate_d, self.logrotate_backup = self.installLogrotate()
self.killpidfromfile = zc.buildout.easy_install.scripts(
[('killpidfromfile', 'slapos.recipe.erp5.killpidfromfile',
'killpidfromfile')], self.ws, sys.executable, self.bin_directory)[0]
self.path_list.append(self.killpidfromfile)
frontend_port_number = self.parameter_dict.get("port", 4443)
frontend_domain_name = self.parameter_dict.get("domain",
"host.vifib.net")
base_varnish_port = 26009
slave_instance_list = self.parameter_dict.get("slave_instance_list", [])
rewrite_rule_list = []
slave_dict = {}
service_dict = {}
if frontend_port_number is 443:
base_url = "%s/" % frontend_domain_name
else:
base_url = "%s:%s/" % (frontend_domain_name, frontend_port_number)
for slave_instance in slave_instance_list:
url = slave_instance.get("url")
if url is None:
continue
reference = slave_instance.get("slave_reference")
subdomain = reference.replace("-", "").lower()
slave_dict[reference] = "https://%s.%s" % (subdomain, base_url)
enable_cache = slave_instance.get("enable_cache", "")
if enable_cache.upper() in ('1', 'TRUE'):
# Varnish should use stunnel to connect to the backend
base_varnish_control_port = base_varnish_port
base_varnish_port += 1
# Use regex
host_regex = "((\[\w*|[0-9]+\.)(\:|)).*(\]|\.[0-9]+)"
slave_host = re.search(host_regex, url).group(0)
port_regex = "\w+(\/|)$"
matcher = re.search(port_regex, url)
if matcher is not None:
slave_port = matcher.group(0)
slave_port = slave_port.replace("/", "")
elif url.startswith("https://"):
slave_port = 443
else:
slave_port = 80
service_name = "varnish_%s" % reference
varnish_ip = self.getLocalIPv4Address()
stunnel_port = base_varnish_port + 1
self.installVarnishCache(service_name,
ip=varnish_ip,
port=base_varnish_port,
control_port=base_varnish_control_port,
backend_host=varnish_ip,
backend_port=stunnel_port,
size="1G")
service_dict[service_name] = dict(public_ip=varnish_ip,
public_port=stunnel_port,
private_ip=slave_host.replace("[", "").replace("]", ""),
private_port=slave_port)
rewrite_rule_list.append("%s.%s http://%s:%s" % \
(reference.replace("-", ""), frontend_domain_name,
varnish_ip, base_varnish_port))
base_varnish_port += 2
else:
rewrite_rule_list.append("%s.%s %s" % (subdomain, frontend_domain_name,
url))
valid_certificate_str = self.parameter_dict.get("domain_ssl_ca_cert")
valid_key_str = self.parameter_dict.get("domain_ssl_ca_key")
if valid_certificate_str is None and valid_key_str is None:
ca_conf = self.installCertificateAuthority()
key, certificate = self.requestCertificate(frontend_domain_name)
else:
ca_conf = self.installValidCertificateAuthority(
frontend_domain_name, valid_certificate_str, valid_key_str)
key = ca_conf.pop("key")
certificate = ca_conf.pop("certificate")
if service_dict != {}:
if valid_certificate_str is not None and valid_key_str is not None:
self.installCertificateAuthority()
stunnel_key, stunnel_certificate = \
self.requestCertificate(frontend_domain_name)
else:
stunnel_key, stunnet_certificate = key, certificate
self.installStunnel(service_dict,
stunnel_certificate, stunnel_key,
ca_conf["ca_crl"],
ca_conf["certificate_authority_path"])
apache_parameter_dict = self.installFrontendApache(
ip_list=["[%s]" % self.getGlobalIPv6Address(),
self.getLocalIPv4Address()],
port=frontend_port_number,
name=frontend_domain_name,
rewrite_rule_list=rewrite_rule_list,
key=key, certificate=certificate)
for reference, url in slave_dict.iteritems():
self.setConnectionDict(dict(site_url=url), reference)
self.setConnectionDict(
dict(site_url=apache_parameter_dict["site_url"],
domain_ipv6_address=self.getGlobalIPv6Address(),
domain_ipv4_address=self.getLocalIPv4Address()))
return self.path_list
def installLogrotate(self):
"""Installs logortate main configuration file and registers its to cron"""
logrotate_d = os.path.abspath(os.path.join(self.etc_directory,
'logrotate.d'))
self._createDirectory(logrotate_d)
logrotate_backup = self.createBackupDirectory('logrotate')
logrotate_conf = self.createConfigurationFile("logrotate.conf",
"include %s" % logrotate_d)
logrotate_cron = os.path.join(self.cron_d, 'logrotate')
state_file = os.path.join(self.data_root_directory, 'logrotate.status')
open(logrotate_cron, 'w').write('0 0 * * * %s -s %s %s' %
(self.options['logrotate_binary'], state_file, logrotate_conf))
self.path_list.extend([logrotate_d, logrotate_conf, logrotate_cron])
return logrotate_d, logrotate_backup
def registerLogRotation(self, name, log_file_list, postrotate_script):
"""Register new log rotation requirement"""
open(os.path.join(self.logrotate_d, name), 'w').write(
self.substituteTemplate(self.getTemplateFilename(
'logrotate_entry.in'),
dict(file_list=' '.join(['"'+q+'"' for q in log_file_list]),
postrotate=postrotate_script, olddir=self.logrotate_backup)))
def requestCertificate(self, name):
hash = hashlib.sha512(name).hexdigest()
key = os.path.join(self.ca_private, hash + self.ca_key_ext)
certificate = os.path.join(self.ca_certs, hash + self.ca_crt_ext)
parser = ConfigParser.RawConfigParser()
parser.add_section('certificate')
parser.set('certificate', 'name', name)
parser.set('certificate', 'key_file', key)
parser.set('certificate', 'certificate_file', certificate)
parser.write(open(os.path.join(self.ca_request_dir, hash), 'w'))
return key, certificate
def installCrond(self):
timestamps = self.createDataDirectory('cronstamps')
cron_output = os.path.join(self.log_directory, 'cron-output')
self._createDirectory(cron_output)
catcher = zc.buildout.easy_install.scripts([('catchcron',
__name__ + '.catdatefile', 'catdatefile')], self.ws, sys.executable,
self.bin_directory, arguments=[cron_output])[0]
self.path_list.append(catcher)
cron_d = os.path.join(self.etc_directory, 'cron.d')
crontabs = os.path.join(self.etc_directory, 'crontabs')
self._createDirectory(cron_d)
self._createDirectory(crontabs)
wrapper = zc.buildout.easy_install.scripts([('crond',
'slapos.recipe.librecipe.execute', 'execute')], self.ws, sys.executable,
self.wrapper_directory, arguments=[
self.options['dcrond_binary'].strip(), '-s', cron_d, '-c', crontabs,
'-t', timestamps, '-f', '-l', '5', '-M', catcher]
)[0]
self.path_list.append(wrapper)
return cron_d
def installValidCertificateAuthority(self, domain_name, certificate, key):
ca_dir = os.path.join(self.data_root_directory, 'ca')
ca_private = os.path.join(ca_dir, 'private')
ca_certs = os.path.join(ca_dir, 'certs')
ca_crl = os.path.join(ca_dir, 'crl')
self._createDirectory(ca_dir)
for path in (ca_private, ca_certs, ca_crl):
self._createDirectory(path)
key_path = os.path.join(ca_private, domain_name + ".key")
certificate_path = os.path.join(ca_certs, domain_name + ".crt")
self._writeFile(key_path, key)
self._writeFile(certificate_path, certificate)
return dict(certificate_authority_path=ca_dir,
ca_crl=ca_crl,
certificate=certificate_path,
key=key_path)
def installCertificateAuthority(self, ca_country_code='XX',
ca_email='xx@example.com', ca_state='State', ca_city='City',
ca_company='Company'):
backup_path = self.createBackupDirectory('ca')
self.ca_dir = os.path.join(self.data_root_directory, 'ca')
self._createDirectory(self.ca_dir)
self.ca_request_dir = os.path.join(self.ca_dir, 'requests')
self._createDirectory(self.ca_request_dir)
config = dict(ca_dir=self.ca_dir, request_dir=self.ca_request_dir)
self.ca_private = os.path.join(self.ca_dir, 'private')
self.ca_certs = os.path.join(self.ca_dir, 'certs')
self.ca_crl = os.path.join(self.ca_dir, 'crl')
self.ca_newcerts = os.path.join(self.ca_dir, 'newcerts')
self.ca_key_ext = '.key'
self.ca_crt_ext = '.crt'
for d in [self.ca_private, self.ca_crl, self.ca_newcerts, self.ca_certs]:
self._createDirectory(d)
for f in ['crlnumber', 'serial']:
if not os.path.exists(os.path.join(self.ca_dir, f)):
open(os.path.join(self.ca_dir, f), 'w').write('01')
if not os.path.exists(os.path.join(self.ca_dir, 'index.txt')):
open(os.path.join(self.ca_dir, 'index.txt'), 'w').write('')
openssl_configuration = os.path.join(self.ca_dir, 'openssl.cnf')
config.update(
working_directory=self.ca_dir,
country_code=ca_country_code,
state=ca_state,
city=ca_city,
company=ca_company,
email_address=ca_email,
)
self._writeFile(openssl_configuration, pkg_resources.resource_string(
__name__, 'template/openssl.cnf.ca.in') % config)
self.path_list.extend(zc.buildout.easy_install.scripts([
('certificate_authority', __name__ + '.certificate_authority',
'runCertificateAuthority')],
self.ws, sys.executable, self.wrapper_directory, arguments=[dict(
openssl_configuration=openssl_configuration,
openssl_binary=self.options['openssl_binary'],
certificate=os.path.join(self.ca_dir, 'cacert.pem'),
key=os.path.join(self.ca_private, 'cakey.pem'),
crl=os.path.join(self.ca_crl),
request_dir=self.ca_request_dir
)]))
# configure backup
backup_cron = os.path.join(self.cron_d, 'ca_rdiff_backup')
open(backup_cron, 'w').write(
'''0 0 * * * %(rdiff_backup)s %(source)s %(destination)s'''%dict(
rdiff_backup=self.options['rdiff_backup_binary'],
source=self.ca_dir,
destination=backup_path))
self.path_list.append(backup_cron)
return dict(
ca_certificate=os.path.join(config['ca_dir'], 'cacert.pem'),
ca_crl=os.path.join(config['ca_dir'], 'crl'),
certificate_authority_path=config['ca_dir']
)
def _getApacheConfigurationDict(self, name, ip_list, port):
apache_conf = dict()
apache_conf['server_name'] = name
apache_conf['pid_file'] = os.path.join(self.run_directory,
name + '.pid')
apache_conf['lock_file'] = os.path.join(self.run_directory,
name + '.lock')
apache_conf['document_root'] = os.path.join(self.data_root_directory,
'htdocs')
apache_conf['ip_list'] = ip_list
apache_conf['port'] = port
apache_conf['server_admin'] = 'admin@'
apache_conf['error_log'] = os.path.join(self.log_directory,
name + '-error.log')
apache_conf['access_log'] = os.path.join(self.log_directory,
name + '-access.log')
self.registerLogRotation(name, [apache_conf['error_log'],
apache_conf['access_log']], self.killpidfromfile + ' ' +
apache_conf['pid_file'] + ' SIGUSR1')
return apache_conf
def installVarnishCache(self, name, ip, port, control_port, backend_host,
backend_port, size="1G"):
"""
Install a varnish daemon for a certain address
"""
directory = self.createDataDirectory(name)
varnish_config = dict(
directory=directory,
pid = "%s/varnish.pid" % directory,
port="%s:%s" % (ip, port),
varnishd_binary=self.options["varnishd_binary"],
control_port="%s:%s" % (ip, control_port),
storage="file,%s/storage.bin,%s" % (directory, size))
config_file = self.createConfigurationFile("%s.conf" % name,
self.substituteTemplate(self.getTemplateFilename('varnish.vcl.in'),
dict(backend_host=backend_host, backend_port=backend_port)))
varnish_argument_list = [varnish_config['varnishd_binary'].strip(),
"-F", "-n", directory, "-P", varnish_config["pid"], "-p",
"cc_command=exec %s " % self.options["gcc_binary"] +\
"-fpic -shared -o %o %s",
"-f", config_file,
"-a", varnish_config["port"], "-T", varnish_config["control_port"],
"-s", varnish_config["storage"]]
environment = dict(PATH=self.options["binutils_directory"])
wrapper = zc.buildout.easy_install.scripts([(name,
'slapos.recipe.librecipe.execute', 'executee')], self.ws,
sys.executable, self.wrapper_directory, arguments=[varnish_argument_list,
environment])[0]
self.path_list.append(wrapper)
return varnish_config
def installStunnel(self, service_dict, certificate,
key, ca_crl, ca_path):
"""Installs stunnel
service_dict =
{ name: (public_ip, private_ip, public_port, private_port),}
"""
template_filename = self.getTemplateFilename('stunnel.conf.in')
template_entry_filename = self.getTemplateFilename('stunnel.conf.entry.in')
log = os.path.join(self.log_directory, 'stunnel.log')
pid_file = os.path.join(self.run_directory, 'stunnel.pid')
stunnel_conf = dict(
pid_file=pid_file,
log=log,
cert = certificate,
key = key,
ca_crl = ca_crl,
ca_path = ca_path,
entry_str=''
)
entry_list = []
for name, parameter_dict in service_dict.iteritems():
parameter_dict["name"] = name
entry_str = self.substituteTemplate(template_entry_filename,
parameter_dict)
entry_list.append(entry_str)
stunnel_conf["entry_str"] = "\n".join(entry_list)
stunnel_conf_path = self.createConfigurationFile("stunnel.conf",
self.substituteTemplate(template_filename,
stunnel_conf))
wrapper = zc.buildout.easy_install.scripts([('stunnel',
'slapos.recipe.librecipe.execute', 'execute_wait')], self.ws,
sys.executable, self.wrapper_directory, arguments=[
[self.options['stunnel_binary'].strip(), stunnel_conf_path],
[certificate, key]]
)[0]
self.path_list.append(wrapper)
return stunnel_conf
def installFrontendApache(self, ip_list, port, key, certificate, name,
rewrite_rule_list=[], rewrite_rule_zope_list=[],
access_control_string=None):
# Create htdocs, populate it with default 404 document
htdocs_location = os.path.join(self.data_root_directory, 'htdocs')
self._createDirectory(htdocs_location)
notfound_file_location = os.path.join(htdocs_location, 'notfound.html')
notfound_template_file_location = self.getTemplateFilename(
'notfound.html')
notfound_file_content = open(notfound_template_file_location, 'r').read()
self._writeFile(notfound_file_location, notfound_file_content)
# Create configuration file and rewritemaps
apachemap_name = "apachemap.txt"
# XXX-Cedric : implement zope specific rewrites list. Current apachemap is
# generic and does not use VirtualHost Monster.
apachemapzope_name = "apachemapzope.txt"
self.createConfigurationFile(apachemap_name, "\n".join(rewrite_rule_list))
self.createConfigurationFile(apachemapzope_name,
"\n".join(rewrite_rule_zope_list))
apache_conf = self._getApacheConfigurationDict(name, ip_list, port)
apache_conf['ssl_snippet'] = self.substituteTemplate(
self.getTemplateFilename('apache.ssl-snippet.conf.in'),
dict(login_certificate=certificate, login_key=key))
apache_conf["listen"] = "\n".join(["Listen %s:%s" % (ip, port) for ip in ip_list])
path = self.substituteTemplate(
self.getTemplateFilename('apache.conf.path-protected.in'),
dict(path='/', access_control_string='none'))
apache_conf.update(**dict(
path_enable=path,
apachemap_path=os.path.join(self.etc_directory, apachemap_name),
apachemapzope_path=os.path.join(self.etc_directory, apachemapzope_name),
apache_domain=name,
port=port,
))
apache_conf_string = self.substituteTemplate(
self.getTemplateFilename('apache.conf.in'), apache_conf)
apache_config_file = self.createConfigurationFile('apache_frontend.conf',
apache_conf_string)
self.path_list.append(apache_config_file)
self.path_list.extend(zc.buildout.easy_install.scripts([(
name, 'slapos.recipe.erp5.apache', 'runApache')], self.ws,
sys.executable, self.wrapper_directory, arguments=[
dict(
required_path_list=[key, certificate],
binary=self.options['httpd_binary'],
config=apache_config_file)
]))
return dict(site_url="https://%s:%s/" % (name, port))
# Apache configuration file for Zope
# Automatically generated
# Basic server configuration
PidFile "%(pid_file)s"
LockFile "%(lock_file)s"
ServerName %(server_name)s
DocumentRoot %(document_root)s
%(listen)s
ServerAdmin %(server_admin)s
DefaultType text/plain
TypesConfig conf/mime.types
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
# As backend is trusting REMOTE_USER header unset it always
RequestHeader unset REMOTE_USER
# SSL Configuration
%(ssl_snippet)s
# Log configuration
ErrorLog "%(error_log)s"
LogLevel warn
LogFormat "%%h %%{REMOTE_USER}i %%l %%u %%t \"%%r\" %%>s %%b \"%%{Referer}i\" \"%%{User-Agent}i\"" combined
LogFormat "%%h %%{REMOTE_USER}i %%l %%u %%t \"%%r\" %%>s %%b" common
CustomLog "%(access_log)s" common
# Directory protection
<Directory />
Options FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
</Directory>
%(path_enable)s
# Rewrite part
RewriteEngine On
# Define the two rewritemaps : one for zope, one generic
RewriteMap apachemapzope txt:%(apachemapzope_path)s
RewriteMap apachemapgeneric txt:%(apachemap_path)s
# First, we check if we have a zope backend server
# If so, let's use Virtual Host Daemon rewrite
#RewriteCond ${apachemapzope:%%{SERVER_NAME}} >""
#RewriteRule ^/(\w+)($|/.*) ${apachemapzope:$1}/VirtualHostBase/https/%(apache_domain)s:%(port)s/VirtualHostRoot/_vh_$1$2 [L,P]
# If we have generic backend server, let's rewrite without virtual host daemon
RewriteCond ${apachemapgeneric:%%{SERVER_NAME}} >""
RewriteRule ^/(.*)$ ${apachemapgeneric:%%{SERVER_NAME}}/$1 [L,P]
# If nothing exist : put a nice error
ErrorDocument 404 /notfound.html
# List of modules
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule version_module modules/mod_version.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule ssl_module modules/mod_ssl.so
LoadModule mime_module modules/mod_mime.so
LoadModule dav_module modules/mod_dav.so
LoadModule dav_fs_module modules/mod_dav_fs.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule headers_module modules/mod_headers.so
LoadModule antiloris_module modules/mod_antiloris.so
# Path protected
<Location %(path)s>
Order Deny,Allow
Allow from %(access_control_string)s
</Location>
<Location %(location)s>
Order Deny,Allow
Deny from all
Allow from %(allow_string)s
</Location>
SSLEngine on
SSLProxyEngine on
SSLCertificateFile %(login_certificate)s
SSLCertificateKeyFile %(login_key)s
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
%(file_list)s {
daily
dateext
rotate 30
compress
notifempty
sharedscripts
create
postrotate
%(postrotate)s
endscript
olddir %(olddir)s
}
<html>
<head>
<title>Instance not found</title>
</head>
<body>
<h1>This instance has not been found.</h1>
<p>If this error persists, please check your instance URL and status on SlapOS Master.</p>
</body>
</html>
...@@ -6,16 +6,16 @@ ...@@ -6,16 +6,16 @@
# This definition stops the following lines choking if HOME isn't # This definition stops the following lines choking if HOME isn't
# defined. # defined.
HOME = . HOME = .
RANDFILE = $ENV::HOME/.rnd RANDFILE = $ENV::HOME/.rnd
# Extra OBJECT IDENTIFIER info: # Extra OBJECT IDENTIFIER info:
#oid_file = $ENV::HOME/.oid #oid_file = $ENV::HOME/.oid
oid_section = new_oids oid_section = new_oids
# To use this configuration file with the "-extfile" option of the # To use this configuration file with the "-extfile" option of the
# "openssl x509" utility, name here the section containing the # "openssl x509" utility, name here the section containing the
# X.509v3 extensions to use: # X.509v3 extensions to use:
# extensions = # extensions =
# (Alternatively, use a configuration file that has only # (Alternatively, use a configuration file that has only
# X.509v3 extensions in its main [= default] section.) # X.509v3 extensions in its main [= default] section.)
...@@ -40,27 +40,27 @@ default_ca = CA_default # The default ca section ...@@ -40,27 +40,27 @@ default_ca = CA_default # The default ca section
[ CA_default ] [ CA_default ]
dir = %(working_directory)s # Where everything is kept dir = %(working_directory)s # Where everything is kept
certs = $dir/certs # Where the issued certs are kept certs = $dir/certs # Where the issued certs are kept
crl_dir = $dir/crl # Where the issued crl are kept crl_dir = $dir/crl # Where the issued crl are kept
database = $dir/index.txt # database index file. database = $dir/index.txt # database index file.
#unique_subject = no # Set to 'no' to allow creation of #unique_subject = no # Set to 'no' to allow creation of
# several ctificates with same subject. # several ctificates with same subject.
new_certs_dir = $dir/newcerts # default place for new certs. new_certs_dir = $dir/newcerts # default place for new certs.
certificate = $dir/cacert.pem # The CA certificate certificate = $dir/cacert.pem # The CA certificate
serial = $dir/serial # The current serial number serial = $dir/serial # The current serial number
crlnumber = $dir/crlnumber # the current crl number crlnumber = $dir/crlnumber # the current crl number
# must be commented out to leave a V1 CRL # must be commented out to leave a V1 CRL
crl = $dir/crl.pem # The current CRL crl = $dir/crl.pem # The current CRL
private_key = $dir/private/cakey.pem # The private key private_key = $dir/private/cakey.pem # The private key
RANDFILE = $dir/private/.rand # private random number file RANDFILE = $dir/private/.rand # private random number file
x509_extensions = usr_cert # The extentions to add to the cert x509_extensions = usr_cert # The extentions to add to the cert
# Comment out the following two lines for the "traditional" # Comment out the following two lines for the "traditional"
# (and highly broken) format. # (and highly broken) format.
name_opt = ca_default # Subject Name options name_opt = ca_default # Subject Name options
cert_opt = ca_default # Certificate field options cert_opt = ca_default # Certificate field options
# Extension copying option: use with caution. # Extension copying option: use with caution.
# copy_extensions = copy # copy_extensions = copy
...@@ -68,21 +68,21 @@ cert_opt = ca_default # Certificate field options ...@@ -68,21 +68,21 @@ cert_opt = ca_default # Certificate field options
# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs # Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs
# so this is commented out by default to leave a V1 CRL. # so this is commented out by default to leave a V1 CRL.
# crlnumber must also be commented out to leave a V1 CRL. # crlnumber must also be commented out to leave a V1 CRL.
# crl_extensions = crl_ext # crl_extensions = crl_ext
default_days = 3650 # how long to certify for default_days = 3650 # how long to certify for
default_crl_days = 30 # how long before next CRL default_crl_days= 30 # how long before next CRL
default_md = default # use public key default MD default_md = default # use public key default MD
preserve = no # keep passed DN ordering preserve = no # keep passed DN ordering
# A few difference way of specifying how similar the request should look # A few difference way of specifying how similar the request should look
# For type CA, the listed attributes must be the same, and the optional # For type CA, the listed attributes must be the same, and the optional
# and supplied fields are just that :-) # and supplied fields are just that :-)
policy = policy_match policy = policy_match
# For the CA policy # For the CA policy
[ policy_match ] [ policy_match ]
countryName = match countryName = match
stateOrProvinceName = match stateOrProvinceName = match
organizationName = match organizationName = match
organizationalUnitName = optional organizationalUnitName = optional
...@@ -108,7 +108,7 @@ default_md = sha1 ...@@ -108,7 +108,7 @@ default_md = sha1
default_keyfile = privkey.pem default_keyfile = privkey.pem
distinguished_name = req_distinguished_name distinguished_name = req_distinguished_name
#attributes = req_attributes #attributes = req_attributes
x509_extensions = v3_ca # The extentions to add to the self signed cert x509_extensions = v3_ca # The extentions to add to the self signed cert
# Passwords for private keys if not present they will be prompted for # Passwords for private keys if not present they will be prompted for
# input_password = secret # input_password = secret
...@@ -116,7 +116,7 @@ x509_extensions = v3_ca # The extentions to add to the self signed cert ...@@ -116,7 +116,7 @@ x509_extensions = v3_ca # The extentions to add to the self signed cert
# This sets a mask for permitted string types. There are several options. # This sets a mask for permitted string types. There are several options.
# default: PrintableString, T61String, BMPString. # default: PrintableString, T61String, BMPString.
# pkix : PrintableString, BMPString (PKIX recommendation before 2004) # pkix : PrintableString, BMPString (PKIX recommendation before 2004)
# utf8only: only UTF8Strings (PKIX recommendation after 2004). # utf8only: only UTF8Strings (PKIX recommendation after 2004).
# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings). # nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings).
# MASK:XXXX a literal mask value. # MASK:XXXX a literal mask value.
...@@ -126,39 +126,39 @@ string_mask = utf8only ...@@ -126,39 +126,39 @@ string_mask = utf8only
# req_extensions = v3_req # The extensions to add to a certificate request # req_extensions = v3_req # The extensions to add to a certificate request
[ req_distinguished_name ] [ req_distinguished_name ]
countryName = Country Name (2 letter code) countryName = Country Name (2 letter code)
countryName_value = %(country_code)s countryName_value = %(country_code)s
countryName_min = 2 countryName_min = 2
countryName_max = 2 countryName_max = 2
stateOrProvinceName = State or Province Name (full name) stateOrProvinceName = State or Province Name (full name)
stateOrProvinceName_value = %(state)s stateOrProvinceName_value = %(state)s
localityName = Locality Name (eg, city) localityName = Locality Name (eg, city)
localityName_value = %(city)s localityName_value = %(city)s
0.organizationName = Organization Name (eg, company) 0.organizationName = Organization Name (eg, company)
0.organizationName_value = %(company)s 0.organizationName_value = %(company)s
# we can do this but it is not needed normally :-) # we can do this but it is not needed normally :-)
#1.organizationName = Second Organization Name (eg, company) #1.organizationName = Second Organization Name (eg, company)
#1.organizationName_default = World Wide Web Pty Ltd #1.organizationName_default = World Wide Web Pty Ltd
commonName = Common Name (eg, your name or your server\'s hostname) commonName = Common Name (eg, your name or your server\'s hostname)
commonName_max = 64 commonName_max = 64
emailAddress = Email Address emailAddress = Email Address
emailAddress_value = %(email_address)s emailAddress_value = %(email_address)s
emailAddress_max = 64 emailAddress_max = 64
# SET-ex3 = SET extension number 3 # SET-ex3 = SET extension number 3
#[ req_attributes ] #[ req_attributes ]
#challengePassword = A challenge password #challengePassword = A challenge password
#challengePassword_min = 4 #challengePassword_min = 4
#challengePassword_max = 20 #challengePassword_max = 20
# #
#unstructuredName = An optional company name #unstructuredName = An optional company name
[ usr_cert ] [ usr_cert ]
...@@ -173,7 +173,7 @@ basicConstraints=CA:FALSE ...@@ -173,7 +173,7 @@ basicConstraints=CA:FALSE
# the certificate can be used for anything *except* object signing. # the certificate can be used for anything *except* object signing.
# This is OK for an SSL server. # This is OK for an SSL server.
# nsCertType = server # nsCertType = server
# For an object signing certificate this would be used. # For an object signing certificate this would be used.
# nsCertType = objsign # nsCertType = objsign
...@@ -188,7 +188,7 @@ basicConstraints=CA:FALSE ...@@ -188,7 +188,7 @@ basicConstraints=CA:FALSE
# keyUsage = nonRepudiation, digitalSignature, keyEncipherment # keyUsage = nonRepudiation, digitalSignature, keyEncipherment
# This will be displayed in Netscape's comment listbox. # This will be displayed in Netscape's comment listbox.
nsComment = "OpenSSL Generated Certificate" nsComment = "OpenSSL Generated Certificate"
# PKIX recommendations harmless if included in all certificates. # PKIX recommendations harmless if included in all certificates.
subjectKeyIdentifier=hash subjectKeyIdentifier=hash
...@@ -278,7 +278,7 @@ basicConstraints=CA:FALSE ...@@ -278,7 +278,7 @@ basicConstraints=CA:FALSE
# the certificate can be used for anything *except* object signing. # the certificate can be used for anything *except* object signing.
# This is OK for an SSL server. # This is OK for an SSL server.
# nsCertType = server # nsCertType = server
# For an object signing certificate this would be used. # For an object signing certificate this would be used.
# nsCertType = objsign # nsCertType = objsign
...@@ -293,7 +293,7 @@ basicConstraints=CA:FALSE ...@@ -293,7 +293,7 @@ basicConstraints=CA:FALSE
# keyUsage = nonRepudiation, digitalSignature, keyEncipherment # keyUsage = nonRepudiation, digitalSignature, keyEncipherment
# This will be displayed in Netscape's comment listbox. # This will be displayed in Netscape's comment listbox.
nsComment = "OpenSSL Generated Certificate" nsComment = "OpenSSL Generated Certificate"
# PKIX recommendations harmless if included in all certificates. # PKIX recommendations harmless if included in all certificates.
subjectKeyIdentifier=hash subjectKeyIdentifier=hash
...@@ -327,24 +327,24 @@ default_tsa = tsa_config1 # the default TSA section ...@@ -327,24 +327,24 @@ default_tsa = tsa_config1 # the default TSA section
[ tsa_config1 ] [ tsa_config1 ]
# These are used by the TSA reply generation only. # These are used by the TSA reply generation only.
dir = /etc/pki/tls # TSA root directory dir = /etc/pki/tls # TSA root directory
serial = $dir/tsaserial # The current serial number (mandatory) serial = $dir/tsaserial # The current serial number (mandatory)
crypto_device = builtin # OpenSSL engine to use for signing crypto_device = builtin # OpenSSL engine to use for signing
signer_cert = $dir/tsacert.pem # The TSA signing certificate signer_cert = $dir/tsacert.pem # The TSA signing certificate
# (optional) # (optional)
certs = $dir/cacert.pem # Certificate chain to include in reply certs = $dir/cacert.pem # Certificate chain to include in reply
# (optional) # (optional)
signer_key = $dir/private/tsakey.pem # The TSA private key (optional) signer_key = $dir/private/tsakey.pem # The TSA private key (optional)
default_policy = tsa_policy1 # Policy if request did not specify it default_policy = tsa_policy1 # Policy if request did not specify it
# (optional) # (optional)
other_policies = tsa_policy2, tsa_policy3 # acceptable policies (optional) other_policies = tsa_policy2, tsa_policy3 # acceptable policies (optional)
digests = md5, sha1 # Acceptable message digests (mandatory) digests = md5, sha1 # Acceptable message digests (mandatory)
accuracy = secs:1, millisecs:500, microsecs:100 # (optional) accuracy = secs:1, millisecs:500, microsecs:100 # (optional)
clock_precision_digits = 0 # number of digits after dot. (optional) clock_precision_digits = 0 # number of digits after dot. (optional)
ordering = yes # Is ordering defined for timestamps? ordering = yes # Is ordering defined for timestamps?
# (optional, default: no) # (optional, default: no)
tsa_name = yes # Must the TSA name be included in the reply? tsa_name = yes # Must the TSA name be included in the reply?
# (optional, default: no) # (optional, default: no)
ess_cert_id_chain = no # Must the ESS cert id chain be included? ess_cert_id_chain = no # Must the ESS cert id chain be included?
# (optional, default: no) # (optional, default: no)
[%(name)s]
accept = %(public_ip)s:%(public_port)s
connect = %(private_ip)s:%(private_port)s
foreground = yes
output = %(log)s
pid = %(pid_file)s
syslog = no
client = yes
CApath = %(ca_path)s
key = %(key)s
CRLpath = %(ca_crl)s
cert = %(cert)s
sslVersion = SSLv3
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
%(entry_str)s
# This is a basic VCL configuration file for varnish. See the vcl(7)
# man page for details on VCL syntax and semantics.
#
# Default backend definition. Set this to point to your content
# server.
#
backend default {
.host = "%(backend_host)s";
.port = "%(backend_port)s";
.probe = {
.url = "/";
.timeout = 10s;
.interval = 10s;
.window = 4;
.threshold = 3;
}
}
#
# Below is a commented-out copy of the default VCL logic. If you
# redefine any of these subroutines, the built-in logic will be
# appended to your code.
#
# sub vcl_recv {
# if (req.http.x-forwarded-for) {
# set req.http.X-Forwarded-For =
# req.http.X-Forwarded-For ", " client.ip;
# } else {
# set req.http.X-Forwarded-For = client.ip;
# }
# if (req.request != "GET" &&
# req.request != "HEAD" &&
# req.request != "PUT" &&
# req.request != "POST" &&
# req.request != "TRACE" &&
# req.request != "OPTIONS" &&
# req.request != "DELETE") {
# /* Non-RFC2616 or CONNECT which is weird. */
# return (pipe);
# }
# if (req.request != "GET" && req.request != "HEAD") {
# /* We only deal with GET and HEAD by default */
# return (pass);
# }
# if (req.http.Authorization || req.http.Cookie) {
# /* Not cacheable by default */
# return (pass);
# }
# return (lookup);
# }
sub vcl_recv {
if (req.http.cache-control ~ "no-cache") {
purge_url(req.url);
}
if (req.url ~ "\.(css|js|ico)$") {
unset req.http.cookie;
}
# remove bogus cookies
if (req.http.Cookie) {
set req.http.Cookie = regsuball(req.http.Cookie, "(^|; ) *__utm.=[^;]+;? *", "\1");
set req.http.Cookie = regsuball(req.http.Cookie, "(^|; ) *__ac_name=\x22\x22;? *", "\1");
set req.http.Cookie = regsuball(req.http.Cookie, "(^|; ) *__ac=\x22Og.3D.3D\x22;? *", "\1");
}
if (req.http.Cookie == "") {
remove req.http.Cookie;
}
if (req.http.x-forwarded-for) {
set req.http.X-Forwarded-For =
req.http.X-Forwarded-For ", " client.ip;
} else {
set req.http.X-Forwarded-For = client.ip;
}
if (req.request != "GET" &&
req.request != "HEAD" &&
req.request != "PUT" &&
req.request != "POST" &&
req.request != "TRACE" &&
req.request != "OPTIONS" &&
req.request != "DELETE") {
/* Non-RFC2616 or CONNECT which is weird. */
return (pipe);
}
if (req.request != "GET" && req.request != "HEAD") {
/* We only deal with GET and HEAD by default */
return (pass);
}
if (req.http.Authorization) {
/* Not cacheable by default */
return (pass);
}
if (req.http.Cookie && req.http.Cookie ~ "(^|; ) *__ac=") {
/* Not cacheable for authorised users,
but KM images are cacheable */
if (!(req.url ~ "/km_img/.*\.(png|gif)$")) {
return (pass);
}
}
# XXX login form can defer based on __ac_name cookie value
if (req.url ~ "/(login_form|WebSite_viewLoginDialog)($|\?)") {
return (pass);
}
if (req.backend.healthy) {
set req.grace = 1h;
} else {
set req.grace = 1w;
}
return (lookup);
}
#
# sub vcl_pipe {
# # Note that only the first request to the backend will have
# # X-Forwarded-For set. If you use X-Forwarded-For and want to
# # have it set for all requests, make sure to have:
# # set req.http.connection = "close";
# # here. It is not set by default as it might break some broken web
# # applications, like IIS with NTLM authentication.
# return (pipe);
# }
#
# sub vcl_pass {
# return (pass);
# }
#
# sub vcl_hash {
# set req.hash += req.url;
# if (req.http.host) {
# set req.hash += req.http.host;
# } else {
# set req.hash += server.ip;
# }
# return (hash);
# }
#
# sub vcl_hit {
# if (!obj.cacheable) {
# return (pass);
# }
# return (deliver);
# }
#
# sub vcl_miss {
# return (fetch);
# }
#
# sub vcl_fetch {
# if (!beresp.cacheable) {
# return (pass);
# }
# if (beresp.http.Set-Cookie) {
# return (pass);
# }
# return (deliver);
# }
sub vcl_fetch {
# we only cache 200 (OK) and 304 (Not Modified) responses.
if (beresp.status != 200 && beresp.status != 304) {
set beresp.cacheable = false;
}
if (beresp.http.cache-control ~ "no-cache") {
set beresp.cacheable = false;
}
if (!beresp.cacheable) {
unset beresp.http.expires;
set beresp.http.cache-control = "no-cache";
return (pass);
}
# we don't care haproxy's cookie.
if (beresp.http.Set-Cookie && beresp.http.Set-Cookie !~ "^SERVERID=[^;]+; path=/$") {
return (pass);
}
if (req.url ~ "\.(css|js|ico)$") {
unset beresp.http.set-cookie;
set beresp.http.cache-control = regsub(beresp.http.cache-control, "^", "public,");
set beresp.http.cache-control = regsub(beresp.http.cache-control, ",$", "");
}
# remove some headers added by caching policy manager to avoid
# '304 Not Modified' in case of login <-> logout switching.
if (beresp.http.content-type ~ "^text/html") {
unset beresp.http.last-modified;
}
if (beresp.cacheable) {
/* Remove Expires from backend, it's not long enough */
unset beresp.http.expires;
/* Set the clients TTL on this object */
set beresp.http.cache-control = "max-age = 900";
/* Set how long Varnish will keep it */
set beresp.ttl = 1w;
/* marker for vcl_deliver to reset Age: */
set beresp.http.magicmarker = "1";
}
set beresp.grace = 1w;
return (deliver);
}
#
# sub vcl_deliver {
# return (deliver);
# }
sub vcl_deliver {
if (resp.http.magicmarker) {
/* Remove the magic marker */
unset resp.http.magicmarker;
/* By definition we have a fresh object */
set resp.http.age = "0";
}
if (obj.hits > 0) {
set resp.http.X-Cache = obj.hits;
} else {
set resp.http.X-Cache = "MISS";
}
return (deliver);
}
#
# sub vcl_error {
# set obj.http.Content-Type = "text/html; charset=utf-8";
# synthetic {"
# <?xml version="1.0" encoding="utf-8"?>
# <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
# "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
# <html>
# <head>
# <title>"} obj.status " " obj.response {"</title>
# </head>
# <body>
# <h1>Error "} obj.status " " obj.response {"</h1>
# <p>"} obj.response {"</p>
# <h3>Guru Meditation:</h3>
# <p>XID: "} req.xid {"</p>
# <hr>
# <p>Varnish cache server</p>
# </body>
# </html>
# "};
# return (deliver);
# }
...@@ -33,10 +33,33 @@ class Recipe(GenericBaseRecipe): ...@@ -33,10 +33,33 @@ class Recipe(GenericBaseRecipe):
ip = self.options['ip'] ip = self.options['ip']
port = self.options['port'] port = self.options['port']
backend = self.options['backend'] backend = self.options['backend']
key = self.options['key-file']
certificate = self.options['cert-file']
access_control_string = self.options['access-control-string']
apache_conf = dict() apache_conf = dict()
scheme = self.options['scheme']
if scheme == 'http':
required_path_list = []
apache_conf['ssl_snippet'] = ''
elif scheme == 'https':
key = self.options['key-file']
certificate = self.options['cert-file']
required_path_list = [key, certificate]
apache_conf['key'] = key
apache_conf['certificate'] = certificate
apache_conf['ssl_session_cache'] = self.options['ssl-session-cache']
apache_conf['ssl_snippet'] = pkg_resources.resource_string(__name__,
'template/snippet.ssl.in') % apache_conf
if 'ssl-authentication' in self.options and self.optionIsTrue(
'ssl-authentication'):
apache_conf['ssl_snippet'] += pkg_resources.resource_string(__name__,
'template/snippet.ssl.ca.in') % dict(
ca_certificate=self.options['ssl-authentication-certificate'],
ca_crl=self.options['ssl-authentication-crl']
)
else:
raise ValueError, "Unsupported scheme %s" % scheme
access_control_string = self.options['access-control-string']
apache_conf['pid_file'] = self.options['pid-file'] apache_conf['pid_file'] = self.options['pid-file']
apache_conf['lock_file'] = self.options['lock-file'] apache_conf['lock_file'] = self.options['lock-file']
apache_conf['ip'] = ip apache_conf['ip'] = ip
...@@ -45,11 +68,10 @@ class Recipe(GenericBaseRecipe): ...@@ -45,11 +68,10 @@ class Recipe(GenericBaseRecipe):
apache_conf['error_log'] = self.options['error-log'] apache_conf['error_log'] = self.options['error-log']
apache_conf['access_log'] = self.options['access-log'] apache_conf['access_log'] = self.options['access-log']
apache_conf['server_name'] = '%s' % apache_conf['ip'] apache_conf['server_name'] = '%s' % apache_conf['ip']
apache_conf['certificate'] = certificate
apache_conf['key'] = key
apache_conf['path'] = '/' apache_conf['path'] = '/'
apache_conf['access_control_string'] = access_control_string apache_conf['access_control_string'] = access_control_string
apache_conf['rewrite_rule'] = "RewriteRule (.*) %s$1 [L,P]" % backend apache_conf['rewrite_rule'] = "RewriteRule (.*) %s%s [L,P]" % (backend,
self.options.get('backend-path', '/'))
apache_conf_string = pkg_resources.resource_string(__name__, apache_conf_string = pkg_resources.resource_string(__name__,
'template/apache.zope.conf.in') % apache_conf 'template/apache.zope.conf.in') % apache_conf
apache_config_file = self.createFile(self.options['configuration-file'], apache_config_file = self.createFile(self.options['configuration-file'],
...@@ -58,7 +80,7 @@ class Recipe(GenericBaseRecipe): ...@@ -58,7 +80,7 @@ class Recipe(GenericBaseRecipe):
wrapper = self.createPythonScript(self.options['wrapper'], __name__ + wrapper = self.createPythonScript(self.options['wrapper'], __name__ +
'.apache.runApache', [ '.apache.runApache', [
dict( dict(
required_path_list=[key, certificate], required_path_list=required_path_list,
binary=self.options['apache-binary'], binary=self.options['apache-binary'],
config=apache_config_file config=apache_config_file
) )
......
...@@ -2,12 +2,16 @@ ...@@ -2,12 +2,16 @@
# Automatically generated # Automatically generated
# List of modules # List of modules
LoadModule unixd_module modules/mod_unixd.so
LoadModule access_compat_module modules/mod_access_compat.so
LoadModule authz_core_module modules/mod_authz_core.so
LoadModule authz_host_module modules/mod_authz_host.so LoadModule authz_host_module modules/mod_authz_host.so
LoadModule log_config_module modules/mod_log_config.so LoadModule log_config_module modules/mod_log_config.so
LoadModule setenvif_module modules/mod_setenvif.so LoadModule setenvif_module modules/mod_setenvif.so
LoadModule version_module modules/mod_version.so LoadModule version_module modules/mod_version.so
LoadModule proxy_module modules/mod_proxy.so LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
LoadModule ssl_module modules/mod_ssl.so LoadModule ssl_module modules/mod_ssl.so
LoadModule mime_module modules/mod_mime.so LoadModule mime_module modules/mod_mime.so
LoadModule dav_module modules/mod_dav.so LoadModule dav_module modules/mod_dav.so
...@@ -18,24 +22,23 @@ LoadModule headers_module modules/mod_headers.so ...@@ -18,24 +22,23 @@ LoadModule headers_module modules/mod_headers.so
# Basic server configuration # Basic server configuration
PidFile "%(pid_file)s" PidFile "%(pid_file)s"
LockFile "%(lock_file)s"
Listen %(ip)s:%(port)s Listen %(ip)s:%(port)s
ServerAdmin %(server_admin)s ServerAdmin %(server_admin)s
TypesConfig conf/mime.types TypesConfig conf/mime.types
AddType application/x-compress .Z AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz AddType application/x-gzip .gz .tgz
ServerTokens Prod
ServerSignature Off
TraceEnable Off
# Apache 2.4's default value (60 seconds) can be a bit too short
TimeOut 300
# As backend is trusting REMOTE_USER header unset it always # As backend is trusting REMOTE_USER header unset it always
RequestHeader unset REMOTE_USER RequestHeader unset REMOTE_USER
# SSL Configuration %(ssl_snippet)s
SSLEngine on
SSLCertificateFile %(certificate)s
SSLCertificateKeyFile %(key)s
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
SSLProxyEngine On
# Log configuration # Log configuration
ErrorLog "%(error_log)s" ErrorLog "%(error_log)s"
......
SSLVerifyClient require
RequestHeader set REMOTE_USER %%{SSL_CLIENT_S_DN_CN}s
SSLCACertificateFile %(ca_certificate)s
SSLCARevocationPath %(ca_crl)s
# SSL Configuration
SSLEngine on
SSLCertificateFile %(certificate)s
SSLCertificateKeyFile %(key)s
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
SSLProtocol -ALL +SSLv3 +TLSv1
SSLHonorCipherOrder On
SSLCipherSuite RC4-SHA:HIGH:!ADH
SSLSessionCache shmcb:%(ssl_session_cache)s(512000)
SSLProxyEngine On
...@@ -3,7 +3,6 @@ ...@@ -3,7 +3,6 @@
# Basic server configuration # Basic server configuration
PidFile "%(pid_file)s" PidFile "%(pid_file)s"
LockFile "%(lock_file)s"
Listen %(ip)s:%(port)s Listen %(ip)s:%(port)s
PHPINIDir %(php_ini_dir)s PHPINIDir %(php_ini_dir)s
ServerAdmin someone@email ServerAdmin someone@email
...@@ -25,20 +24,21 @@ CustomLog "%(access_log)s" common ...@@ -25,20 +24,21 @@ CustomLog "%(access_log)s" common
<Directory /> <Directory />
Options FollowSymLinks Options FollowSymLinks
AllowOverride None AllowOverride None
Order deny,allow Require all denied
Deny from all
</Directory> </Directory>
<Directory %(document_root)s> <Directory %(document_root)s>
Options FollowSymLinks Options FollowSymLinks
AllowOverride All AllowOverride All
Order allow,deny Require all granted
Allow from all
</Directory> </Directory>
DocumentRoot %(document_root)s DocumentRoot %(document_root)s
DirectoryIndex index.html index.php DirectoryIndex index.html index.php
# List of modules # List of modules
LoadModule unixd_module modules/mod_unixd.so
LoadModule access_compat_module modules/mod_access_compat.so
LoadModule authz_core_module modules/mod_authz_core.so
LoadModule authz_host_module modules/mod_authz_host.so LoadModule authz_host_module modules/mod_authz_host.so
LoadModule log_config_module modules/mod_log_config.so LoadModule log_config_module modules/mod_log_config.so
LoadModule setenvif_module modules/mod_setenvif.so LoadModule setenvif_module modules/mod_setenvif.so
......
...@@ -45,13 +45,14 @@ class Recipe(GenericBaseRecipe): ...@@ -45,13 +45,14 @@ class Recipe(GenericBaseRecipe):
def install(self): def install(self):
path_list = [] path_list = []
# XXX: We gotta find better a way to get these options ca_country_code = self.options.get('country-code', 'XX')
ca_country_code = 'XX' ca_email = self.options.get('email', 'xx@example.com')
ca_email = 'xx@example.com' # XXX-BBB: State by mistake has been configured as string "('State',)"
ca_state = 'State', # string, so keep this for backward compatibility of existing
ca_city = 'City' # automatically setup CAs
ca_company = 'Company' ca_state = self.options.get('state', "('State',)")
# XXX: end ca_city = self.options.get('city', 'City')
ca_company = self.options.get('company', 'Company')
self.setPath() self.setPath()
......
##############################################################################
#
# Copyright (c) 2011 Vifib SARL and Contributors. All Rights Reserved.
#
# WARNING: This program as such is intended to be used by professional
# programmers who take the whole responsibility of assessing all potential
# consequences resulting from its eventual inadequacies and bugs
# End users who are looking for a ready-to-use solution with commercial
# guarantees and support are strongly adviced to contract a Free Software
# Service Company
#
# This program is Free Software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 3
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#
##############################################################################
from slapos.recipe.librecipe import GenericBaseRecipe
import sys
class Recipe(GenericBaseRecipe):
"""
Check listening port promise
"""
def install(self):
config = dict(
hostname=self.options['hostname'],
port=self.options['port'],
python_path=sys.executable,
)
vnc_promise = self.createExecutable(
self.options['path'],
self.substituteTemplate(
self.getTemplateFilename('socket_connection_attempt.py.in'),
config))
return [vnc_promise]
#!%(python_path)s
# BEWARE: This file is operated by slapgrid
# BEWARE: It will be overwritten automatically
import socket
import sys
hostname = "%(hostname)s"
port = %(port)s
connection_okay = False
try:
s = socket.create_connection((hostname, port))
connection_okay = True
s.close()
except (socket.error, socket.timeout):
connection_okay = False
if not connection_okay:
print >> sys.stderr, "%(port)s on %(hostname)s isn't listening"
sys.exit(127)
...@@ -3,6 +3,9 @@ ServerRoot "%(server_root)s" ...@@ -3,6 +3,9 @@ ServerRoot "%(server_root)s"
Listen [%(ip)s]:%(port)s Listen [%(ip)s]:%(port)s
# Needed modules # Needed modules
LoadModule unixd_module modules/mod_unixd.so
LoadModule access_compat_module modules/mod_access_compat.so
LoadModule authz_core_module modules/mod_authz_core.so
LoadModule authn_file_module "%(modules_dir)s/mod_authn_file.so" LoadModule authn_file_module "%(modules_dir)s/mod_authn_file.so"
LoadModule authz_host_module "%(modules_dir)s/mod_authz_host.so" LoadModule authz_host_module "%(modules_dir)s/mod_authz_host.so"
LoadModule authz_user_module "%(modules_dir)s/mod_authz_user.so" LoadModule authz_user_module "%(modules_dir)s/mod_authz_user.so"
...@@ -11,6 +14,7 @@ LoadModule auth_digest_module "%(modules_dir)s/mod_auth_digest.so" ...@@ -11,6 +14,7 @@ LoadModule auth_digest_module "%(modules_dir)s/mod_auth_digest.so"
LoadModule log_config_module "%(modules_dir)s/mod_log_config.so" LoadModule log_config_module "%(modules_dir)s/mod_log_config.so"
LoadModule headers_module "%(modules_dir)s/mod_headers.so" LoadModule headers_module "%(modules_dir)s/mod_headers.so"
LoadModule setenvif_module "%(modules_dir)s/mod_setenvif.so" LoadModule setenvif_module "%(modules_dir)s/mod_setenvif.so"
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
LoadModule ssl_module "%(modules_dir)s/mod_ssl.so" LoadModule ssl_module "%(modules_dir)s/mod_ssl.so"
LoadModule mime_module "%(modules_dir)s/mod_mime.so" LoadModule mime_module "%(modules_dir)s/mod_mime.so"
LoadModule dav_module "%(modules_dir)s/mod_dav.so" LoadModule dav_module "%(modules_dir)s/mod_dav.so"
...@@ -25,7 +29,6 @@ ServerTokens ProductOnly ...@@ -25,7 +29,6 @@ ServerTokens ProductOnly
DocumentRoot "%(document_root)s" DocumentRoot "%(document_root)s"
PidFile "%(pid_file)s" PidFile "%(pid_file)s"
LockFile "%(lock_file)s"
DavLockDB "%(davlock_db)s" DavLockDB "%(davlock_db)s"
<Directory /> <Directory />
......
...@@ -2,12 +2,16 @@ ...@@ -2,12 +2,16 @@
# Automatically generated # Automatically generated
# List of modules # List of modules
LoadModule unixd_module modules/mod_unixd.so
LoadModule access_compat_module modules/mod_access_compat.so
LoadModule authz_core_module modules/mod_authz_core.so
LoadModule authz_host_module modules/mod_authz_host.so LoadModule authz_host_module modules/mod_authz_host.so
LoadModule log_config_module modules/mod_log_config.so LoadModule log_config_module modules/mod_log_config.so
LoadModule setenvif_module modules/mod_setenvif.so LoadModule setenvif_module modules/mod_setenvif.so
LoadModule version_module modules/mod_version.so LoadModule version_module modules/mod_version.so
LoadModule proxy_module modules/mod_proxy.so LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
LoadModule ssl_module modules/mod_ssl.so LoadModule ssl_module modules/mod_ssl.so
LoadModule mime_module modules/mod_mime.so LoadModule mime_module modules/mod_mime.so
LoadModule dav_module modules/mod_dav.so LoadModule dav_module modules/mod_dav.so
...@@ -19,7 +23,6 @@ LoadModule antiloris_module modules/mod_antiloris.so ...@@ -19,7 +23,6 @@ LoadModule antiloris_module modules/mod_antiloris.so
# Basic server configuration # Basic server configuration
PidFile "%(pid_file)s" PidFile "%(pid_file)s"
LockFile "%(lock_file)s"
Listen %(ip)s:%(port)s Listen %(ip)s:%(port)s
ServerAdmin %(server_admin)s ServerAdmin %(server_admin)s
TypesConfig conf/mime.types TypesConfig conf/mime.types
......
##############################################################################
#
# Copyright (c) 2012 Vifib SARL and Contributors. All Rights Reserved.
#
# WARNING: This program as such is intended to be used by professional
# programmers who take the whole responsibility of assessing all potential
# consequences resulting from its eventual inadequacies and bugs
# End users who are looking for a ready-to-use solution with commercial
# guarantees and support are strongly adviced to contract a Free Software
# Service Company
#
# This program is Free Software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 3
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#
##############################################################################
from slapos.recipe.librecipe import GenericBaseRecipe
import os
import sys
import urlparse
class Recipe(GenericBaseRecipe):
"""
Instanciate ERP5 in Zope
"""
def install(self):
parsed = urlparse.urlparse(self.options['mysql-url'])
mysql_connection_string = "%(database)s@%(hostname)s:%(port)s "\
"%(username)s %(password)s" % dict(
database=parsed.path.split('/')[1],
hostname=parsed.hostname,
port=parsed.port,
username=parsed.username,
password=parsed.password
)
zope_parsed = urlparse.urlparse(self.options['zope-url'])
config = dict(
python_path=sys.executable,
user=zope_parsed.username,
password=zope_parsed.password,
site_id=zope_parsed.path.split('/')[1],
host="%s:%s" % (zope_parsed.hostname, zope_parsed.port),
sql_connection_string=mysql_connection_string,
)
# Runners
runner_path = self.createExecutable(
self.options['runner-path'],
self.substituteTemplate(self.getTemplateFilename('erp5_bootstrap.in'),
config))
return [runner_path]
#!%(python_path)s
import httplib
import urllib
import base64
user = "%(user)s"
password = "%(password)s"
host = "%(host)s"
site_id = "%(site_id)s"
erp5_catalog_storage = 'erp5_mysql_innodb_catalog'
mysql_url = "%(sql_connection_string)s"
header_dict = {'Authorization': 'Basic %%s' %% \
base64.encodestring('%%s:%%s' %% (user, password)).strip()}
zope_connection = httplib.HTTPConnection(host)
# Check if an ERP5 site is already created, as ERP5 does support having
# 2 instances in the same zope, and this script should not destroy user data
zope_connection.request('GET', '/isERP5SitePresent', headers=header_dict)
result = zope_connection.getresponse()
if result.status == 204: # and (result.read() == "False"):
# Create the expected ERP5 instance
zope_connection.request(
'POST', '/manage_addProduct/ERP5/manage_addERP5Site',
urllib.urlencode({
'id': site_id,
'erp5_catalog_storage': erp5_catalog_storage,
'erp5_sql_connection_string': mysql_url,
'cmf_activity_sql_connection_string': mysql_url,
}),
headers=header_dict)
##############################################################################
#
# Copyright (c) 2012 Vifib SARL and Contributors. All Rights Reserved.
#
# WARNING: This program as such is intended to be used by professional
# programmers who take the whole responsibility of assessing all potential
# consequences resulting from its eventual inadequacies and bugs
# End users who are looking for a ready-to-use solution with commercial
# guarantees and support are strongly adviced to contract a Free Software
# Service Company
#
# This program is Free Software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 3
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#
##############################################################################
from slapos.recipe.librecipe import GenericBaseRecipe
import ConfigParser
class Recipe(GenericBaseRecipe):
"""
Generate ERP5 promise configuration file
"""
def install(self):
promise_parser = ConfigParser.RawConfigParser()
promise_parser.add_section('portal_templates')
promise_parser.set('portal_templates', 'repository', self.options['bt5-repository-url'])
promise_parser.set('portal_templates', 'expected_bt5', self.options['bt5'])
promise_parser.add_section('external_service')
promise_parser.set('external_service', 'cloudooo_url', self.options['cloudooo-url'])
promise_parser.set('external_service', 'memcached_url', self.options['memcached-url'])
promise_parser.set('external_service', 'kumofs_url', self.options['kumofs-url'])
promise_parser.set('external_service', 'smtp_url', self.options['smtp-url'])
promise_parser.write(open(self.options['promise-path'], 'w'))
return [self.options['promise-path']]
<?xml version="1.0"?> <?xml version="1.0"?>
<!DOCTYPE fontconfig SYSTEM "fonts.dtd"> <!DOCTYPE fontconfig SYSTEM "fonts.dtd">
<fontconfig> <fontconfig>
<cachedir>~/.fontconfig</cachedir>
%(font_folder_path_snippet)s %(font_folder_path_snippet)s
</fontconfig> </fontconfig>
\ No newline at end of file
...@@ -57,6 +57,9 @@ class Recipe(GenericSlapRecipe): ...@@ -57,6 +57,9 @@ class Recipe(GenericSlapRecipe):
known_tid_storage_identifier_dict = {} known_tid_storage_identifier_dict = {}
snippet_zeo = open(self.options['snippet-zeo']).read() snippet_zeo = open(self.options['snippet-zeo']).read()
for zeo_id, zeo_configuration_list in json_data['zeo'].iteritems(): for zeo_id, zeo_configuration_list in json_data['zeo'].iteritems():
if not type(zeo_configuration_list) in (type([]), type(set()), type(())):
raise ValueError('%s passed in json is not a list, json: %s.' % (
zeo_configuration_list, json_data))
storage_list = [] storage_list = []
a = storage_list.append a = storage_list.append
for zeo_slave in zeo_configuration_list: for zeo_slave in zeo_configuration_list:
...@@ -92,7 +95,8 @@ class Recipe(GenericSlapRecipe): ...@@ -92,7 +95,8 @@ class Recipe(GenericSlapRecipe):
zeo_connection_string = '\n'.join(zeo_connection_list) zeo_connection_string = '\n'.join(zeo_connection_list)
zope_dict.update( zope_dict.update(
timezone=json_data['timezone'], timezone=json_data['timezone'],
zeo_connection_string=zeo_connection_string zeo_connection_string=zeo_connection_string,
site_id=site_id,
) )
# always one distribution node # always one distribution node
current_zope_port += 1 current_zope_port += 1
...@@ -151,32 +155,72 @@ class Recipe(GenericSlapRecipe): ...@@ -151,32 +155,72 @@ class Recipe(GenericSlapRecipe):
longrequest_logger_interval=longrequest_logger_interval, longrequest_logger_interval=longrequest_logger_interval,
**zope_dict) **zope_dict)
haproxy_backend_list.append('${%(part_name)s:ip}:${%(part_name)s:port}' % dict(part_name=part_name)) haproxy_backend_list.append('${%(part_name)s:ip}:${%(part_name)s:port}' % dict(part_name=part_name))
scheme = backend_configuration.get('scheme', ['https'])
# now generate backend access # now generate backend access
current_apache_port += 1 current_apache_port += 1
current_haproxy_port += 1 current_haproxy_port += 1
part_list.append('apache-%(backend_name)s ca-apache-%(backend_name)s logrotate-entry-apache-%(backend_name)s haproxy-%(backend_name)s' % dict(backend_name=backend_name))
backend_dict = dict( backend_dict = dict(
backend_name=backend_name, backend_name=backend_name,
apache_port=current_apache_port, apache_port=current_apache_port,
apache_public_port=current_apache_port+1,
haproxy_port=current_haproxy_port, haproxy_port=current_haproxy_port,
access_control_string=backend_configuration['access-control-string'], access_control_string=backend_configuration['access-control-string'],
maxconn=backend_configuration['maxconn'], maxconn=backend_configuration['maxconn'],
server_check_path='/%s/getId' % site_id, server_check_path='/%s/getId' % site_id,
haproxy_backend_list=' '.join(haproxy_backend_list) haproxy_backend_list=' '.join(haproxy_backend_list),
ssl_authentication=backend_configuration.get('ssl-authentication',
False),
backend_path=backend_configuration.get('backend-path', '/') % {
'site-id': site_id}
) )
publish_url_list.append('url-%(backend_name)s = https://[${apache-%(backend_name)s:ip}]:${apache-%(backend_name)s:port}' % dict( current_apache_port += 1
backend_name=backend_name))
output += snippet_backend % backend_dict output += snippet_backend % backend_dict
if 'http' in scheme:
part_list.append('apache-public-%(backend_name)s logrotate-entry-apache-public-%(backend_name)s' % dict(backend_name=backend_name))
publish_url_list.append('url-public-%(backend_name)s = http://[${apache-public-%(backend_name)s:ip}]:${apache-public-%(backend_name)s:port}' % dict(
backend_name=backend_name))
if 'https' in scheme:
part_list.append('apache-%(backend_name)s ca-apache-%(backend_name)s logrotate-entry-apache-%(backend_name)s haproxy-%(backend_name)s' % dict(backend_name=backend_name))
publish_url_list.append('url-%(backend_name)s = https://[${apache-%(backend_name)s:ip}]:${apache-%(backend_name)s:port}' % dict(
backend_name=backend_name))
output += SECTION_BACKEND_PUBLISHER + '\n' output += SECTION_BACKEND_PUBLISHER + '\n'
output += '\n'.join(publish_url_list) output += '\n'.join(publish_url_list)
part_list.append('publish-apache-backend-list') part_list.append('publish-apache-backend-list')
master_dict = self.parameter_dict.copy()
if 'erp5-ca' in json_data:
erp5_ca = json_data['erp5-ca']
# Fetching exactly named parameters from json in order to raise proper
# error if required
master_dict.update(
erp5_ca_country_code = erp5_ca['country-code'],
erp5_ca_email = erp5_ca['email'],
erp5_ca_state = erp5_ca['state'],
erp5_ca_city = erp5_ca['city'],
erp5_ca_company = erp5_ca['company']
)
else:
master_dict.update(dict(
erp5_ca_country_code = 'XX',
erp5_ca_email = 'xx@example.com',
# XXX-BBB: State by mistake has been configured as string "('State',)"
# string, so keep this for backward compatibility of existing
# automatically setup CAs
erp5_ca_state = "('State',)",
erp5_ca_city = 'City',
erp5_ca_company = 'Company'
))
prepend = open(self.options['snippet-master']).read() % dict( prepend = open(self.options['snippet-master']).read() % dict(
part_list=' \n'.join([' '+q for q in part_list]), part_list=' \n'.join([' '+q for q in part_list]),
known_tid_storage_identifier_dict=known_tid_storage_identifier_dict, known_tid_storage_identifier_dict=known_tid_storage_identifier_dict,
haproxy_section="haproxy-%s" % backend_name, haproxy_section="haproxy-%s" % backend_name,
zope_section=zope_id, zope_section=zope_id,
site_id=site_id, site_id=site_id,
**self.parameter_dict **master_dict
) )
output = prepend + output output = prepend + output
with open(self.options['output'], 'w') as f: with open(self.options['output'], 'w') as f:
......
############################################################################## ##############################################################################
# #
# Copyright (c) 2010 Vifib SARL and Contributors. All Rights Reserved. # Copyright (c) 2010 Vifib SARL and Contributors. All Rights Reserved.
...@@ -24,21 +25,16 @@ ...@@ -24,21 +25,16 @@
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
# #
############################################################################## ##############################################################################
from slapos.recipe.librecipe import BaseSlapRecipe import random
from slapos.recipe.librecipe import GenericBaseRecipe
class Recipe(BaseSlapRecipe): class Recipe(GenericBaseRecipe):
def _install(self): def __init__(self, buildout, name, options):
parameter_dict = self.computer_partition.getInstanceParameterDict() # First octet has to represent a locally administered address
dummy_wrapper = self.createRunningWrapper('dummy', """#!/bin/sh octet_list = [254] + [random.randint(0x00, 0xff) for x in range(5)]
while [ true ] options['mac-address'] = ':'.join(['%02x' % x for x in octet_list])
do
sleep 10
echo "Hello World!"
done""")
self.computer_partition.setConnectionDict(dict( def install(self):
hello_world="Hello World!", return []
))
return [dummy_wrapper]
\ No newline at end of file
...@@ -52,7 +52,8 @@ class Recipe(GenericBaseRecipe): ...@@ -52,7 +52,8 @@ class Recipe(GenericBaseRecipe):
kumo_manager_port=kumo_manager_port, kumo_manager_port=kumo_manager_port,
kumo_server_port=kumo_server_port, kumo_server_port=kumo_server_port,
kumo_server_listen_port=kumo_server_listen_port, kumo_server_listen_port=kumo_server_listen_port,
kumo_gateway_port=kumo_gateway_port kumo_gateway_port=kumo_gateway_port,
shell_path=self.options['shell-path'],
) )
path_list.append(self.createExecutable(self.options['gateway-wrapper'], path_list.append(self.createExecutable(self.options['gateway-wrapper'],
......
#!/bin/sh #!%(shell_path)s
exec %(kumo_gateway_binary)s -F -E -m %(kumo_manager_ip)s:%(kumo_manager_port)s -t %(kumo_gateway_ip)s:%(kumo_gateway_port)s -o %(kumo_gateway_log)s exec %(kumo_gateway_binary)s -F -E -m %(kumo_manager_ip)s:%(kumo_manager_port)s -t %(kumo_gateway_ip)s:%(kumo_gateway_port)s -o %(kumo_gateway_log)s
#!/bin/sh #!%(shell_path)s
exec %(kumo_manager_binary)s -a -l %(kumo_manager_ip)s:%(kumo_manager_port)s -o %(kumo_manager_log)s exec %(kumo_manager_binary)s -a -l %(kumo_manager_ip)s:%(kumo_manager_port)s -o %(kumo_manager_log)s
#!/bin/sh #!%(shell_path)s
exec %(kumo_server_binary)s -l %(kumo_server_ip)s:%(kumo_server_port)s -L %(kumo_server_listen_port)s -m %(kumo_manager_ip)s:%(kumo_manager_port)s -s %(kumo_server_storage)s -o %(kumo_server_log)s exec %(kumo_server_binary)s -l %(kumo_server_ip)s:%(kumo_server_port)s -L %(kumo_server_listen_port)s -m %(kumo_manager_ip)s:%(kumo_manager_port)s -s %(kumo_server_storage)s -o %(kumo_server_log)s
...@@ -46,6 +46,7 @@ class Recipe(GenericBaseRecipe): ...@@ -46,6 +46,7 @@ class Recipe(GenericBaseRecipe):
memcached_binary=self.options['binary_path'], memcached_binary=self.options['binary_path'],
memcached_ip=self.options['ip'], memcached_ip=self.options['ip'],
memcached_port=self.options['port'], memcached_port=self.options['port'],
shell_path=self.options['shell-path'],
) )
executable_path = self.createExecutable( executable_path = self.createExecutable(
......
#!/bin/sh #!%(shell_path)s
exec %(memcached_binary)s -p %(memcached_port)s -U %(memcached_port)s -l %(memcached_ip)s exec %(memcached_binary)s -p %(memcached_port)s -U %(memcached_port)s -l %(memcached_ip)s
...@@ -67,6 +67,12 @@ class Recipe(GenericBaseRecipe): ...@@ -67,6 +67,12 @@ class Recipe(GenericBaseRecipe):
mysql_script_list = [] mysql_script_list = []
# user defined functions
mysql_script_list.append(self.substituteTemplate(
self.getTemplateFilename('mysql-init-function.sql.in'),
{
}
))
# real database # real database
mysql_script_list.append(self.substituteTemplate( mysql_script_list.append(self.substituteTemplate(
self.getTemplateFilename('initmysql.sql.in'), self.getTemplateFilename('initmysql.sql.in'),
......
...@@ -17,15 +17,15 @@ pid-file = %(pid_file)s ...@@ -17,15 +17,15 @@ pid-file = %(pid_file)s
log-error = %(error_log)s log-error = %(error_log)s
slow_query_log slow_query_log
slow_query_log_file = %(slow_query_log)s slow_query_log_file = %(slow_query_log)s
long_query_time = 5 long_query_time = 1
max_allowed_packet = 128M max_allowed_packet = 128M
query_cache_size = 32M query_cache_size = 32M
plugin-load = ha_groonga.so;ha_sphinx.so plugin-load = ha_mroonga.so;ha_sphinx.so;handlersocket.so
# By default only 100 connections are allowed, when using zeo # By default only 100 connections are allowed, when using zeo
# we may have much more connections # we may have much more connections
# max_connections = 1000 max_connections = 1000
# The following are important to configure and depend a lot on to the size of # The following are important to configure and depend a lot on to the size of
# your database and the available resources. # your database and the available resources.
......
USE mysql; USE mysql;
DROP FUNCTION IF EXISTS last_insert_grn_id; DROP FUNCTION IF EXISTS last_insert_grn_id;
CREATE FUNCTION last_insert_grn_id RETURNS INTEGER SONAME 'ha_groonga.so'; CREATE FUNCTION last_insert_grn_id RETURNS INTEGER SONAME 'ha_mroonga.so';
DROP FUNCTION IF EXISTS sphinx_snippets; DROP FUNCTION IF EXISTS sphinx_snippets;
CREATE FUNCTION sphinx_snippets RETURNS STRING SONAME 'sphinx.so'; CREATE FUNCTION sphinx_snippets RETURNS STRING SONAME 'sphinx.so';
##############################################################################
#
# Copyright (c) 2011 Vifib SARL and Contributors. All Rights Reserved.
#
# WARNING: This program as such is intended to be used by professional
# programmers who take the whole responsibility of assessing all potential
# consequences resulting from its eventual inadequacies and bugs
# End users who are looking for a ready-to-use solution with commercial
# guarantees and support are strongly adviced to contract a Free Software
# Service Company
#
# This program is Free Software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 3
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#
##############################################################################
from slapos.recipe.librecipe import GenericBaseRecipe
import binascii
import os
import sys
class Recipe(GenericBaseRecipe):
"""
kvm instance configuration.
"""
def __init__(self, buildout, name, options):
options['key'] = binascii.hexlify(os.urandom(24))
return GenericBaseRecipe.__init__(self, buildout, name, options)
def install(self):
config = dict(
ip=self.options['ip'],
port=self.options['port'],
onetimeupload_path=self.options['onetimeupload-path'],
shell_path=self.options['shell-path'],
log_path=self.options['log-path'],
image=self.options['image-path'],
key=self.options['key'],
)
# Runners
runner_path = self.createExecutable(
self.options['path'],
self.substituteTemplate(self.getTemplateFilename('onetimeupload_run.in'),
config))
return [runner_path]
#!/bin/sh #!%(shell_path)s
# BEWARE: This file is operated by slapgrid # BEWARE: This file is operated by slapgrid
# BEWARE: It will be overwritten automatically # BEWARE: It will be overwritten automatically
exec %(onetimeupload_path)s -l %(log_path)s %(ip)s %(port)s %(image)s %(key)s exec %(onetimeupload_path)s -l %(log_path)s %(ip)s %(port)s %(image)s %(key)s
##############################################################################
#
# Copyright (c) 2012 Vifib SARL and Contributors. All Rights Reserved.
#
# WARNING: This program as such is intended to be used by professional
# programmers who take the whole responsibility of assessing all potential
# consequences resulting from its eventual inadequacies and bugs
# End users who are looking for a ready-to-use solution with commercial
# guarantees and support are strongly adviced to contract a Free Software
# Service Company
#
# This program is Free Software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 3
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#
##############################################################################
import os
import re
from slapos.recipe.librecipe import GenericSlapRecipe
class Recipe(GenericSlapRecipe):
"""
Instantiate varnish daemon
TODO:
- use varnish3.x and replace .vcl for it
"""
def _install(self):
ip = self.options['ip']
backend_url = self.parameter_dict['tidstorage-url']
backend_ip, backend_port = self._getBackendServer(backend_url)
varnishd_manager_port = int(self.options['manager-port'])
varnishd_server_port = int(self.options['server-port'])
path_list = []
config = dict(
varnishd_binary=self.options['varnishd-binary'],
varnish_ip=ip,
varnishlog_binary=self.options['varnishlog-binary'],
varnishd_manager_port=varnishd_manager_port,
varnishd_server_port=varnishd_server_port,
varnishd_pid_file=self.options['pid-file'],
varnish_instance_name=self.options['varnish-instance-name'],
varnish_data=self.options['varnish-data'],
shell_path=self.options['shell-path'],
vcl_file=self.options['vcl-file'],
backend_ip = backend_ip,
backend_port = backend_port,
backend_server = "[%s]" % backend_ip,
)
path_list.append(self.createExecutable(self.options['varnishd-wrapper'],
self.substituteTemplate(self.getTemplateFilename('varnishd.in'),
config)))
path_list.append(self.createExecutable(self.options['varnishlog-wrapper'],
self.substituteTemplate(self.getTemplateFilename('varnishlog.in'),
config)))
path_list.append(self.createFile(self.options['vcl-file'],
self.substituteTemplate(self.getTemplateFilename('default.vcl.in'),
config)))
return path_list
def _getBackendServer(self, url):
r = re.compile('\/\/\[(.*)\]:(\d*)')
result = r.search(url)
ip = result.groups()[0]
port = result.groups()[1]
return (ip, port)
#This is a basic VCL configuration file for varnish. See the vcl(7)
#man page for details on VCL syntax and semantics.
#
#Default backend definition. Set this to point to your content
#server.
#
backend default {
.host = "%(backend_ip)s";
.port = "%(backend_port)s";
.probe = {
.timeout = 30s;
.interval = 5s;
.window = 4;
.threshold = 3;
.request =
"OPTIONS /erp5/getId HTTP/1.1"
"Host: %(backend_server)s:%(backend_port)s"
"Accept-Encoding: identity"
"Connection: close"
"User-Agent: Varnish";
}
}
#
#Below is a commented-out copy of the default VCL logic. If you
#redefine any of these subroutines, the built-in logic will be
#appended to your code.
#
sub vcl_recv {
if (req.request != "GET" &&
req.request != "HEAD" &&
req.request != "PUT" &&
req.request != "POST" &&
req.request != "TRACE" &&
req.request != "OPTIONS" &&
req.request != "PURGE" &&
req.request != "DELETE") {
/* Non-RFC2616 or CONNECT which is weird. */
pipe;
}
if (req.request != "GET" && req.request != "HEAD" && req.request != "PURGE") {
/* We only deal with GET and HEAD by default */
pass;
}
remove req.http.Cookie;
remove req.http.Set-Cookie;
if (req.http.Accept-Encoding) {
if (req.http.Accept-Encoding ~ "gzip") {
set req.http.Accept-Encoding = "gzip";
} elsif (req.http.Accept-Encoding ~ "deflate") {
set req.http.Accept-Encoding = "deflate";
} else {
# unkown algorithm
remove req.http.Accept-Encoding;
}
}
# Force deflate
remove req.http.Accept-Encoding;
# We do not care about Accept-Language, this is url controlled
remove req.http.Accept-Language;
#if (req.request == "PURGE") {
# if (!client.ip ~ purge) {
# error 405 "Not allowed.";
# }
# purge_url(req.url);
# error 200 "HASHPURGED";
# unset req.http.x;
#}
set req.grace = 30d;
lookup;
}
sub vcl_hash {
set req.hash += req.url;
hash;
}
sub vcl_hit {
#if (req.request == "PURGE" && client.ip ~ purge) {
# set obj.ttl = 0s;
# error 200 "Purged.";
#}
#if (client.ip ~ purge){
# # Force refresh from localhost
# set obj.ttl = 0s;
# return (restart);
#}
# According Vary Header do not return those headers
remove req.http.Accept-Language;
remove req.http.Accept-Encoding;
remove req.http.Cookie;
deliver;
}
sub vcl_miss {
fetch;
}
sub vcl_fetch {
/* Never send request to backend even if client ask refreshed content */
if (obj.cacheable) {
/* Setup grace period for 30days for all cacheable contents */
#set req.grace = 30d;
set obj.grace = 30d;
}
deliver;
}
sub vcl_deliver {
if (obj.hits > 0) {
set resp.http.X-Cache = obj.hits;
} else {
set resp.http.X-Cache = "MISS";
}
#if (obj.hash) {
# set resp.http.X-Hash = obj.hash;
#} else {
# set resp.http.X-Hash = "No hash";
#}
deliver;
}
#!%(shell_path)s
DAEMON_OPTS="-F \
-a %(varnish_ip)s:%(varnishd_server_port)s \
-T %(varnish_ip)s:%(varnishd_manager_port)s \
-n %(varnish_instance_name)s \
-f %(vcl_file)s \
-s file,%(varnish_data)s/varnish_storage.bin,1G"
PIDFILE=%(varnishd_pid_file)s
# exporting PATH here so that we will pass the PATH variable to the subprocess
export PATH
output=$(/bin/tempfile -s.varnish)
exec %(varnishd_binary)s -P ${PIDFILE} ${DAEMON_OPTS} > ${output} 2>&1
#!%(shell_path)s
DAEMON_OPTS="-a %(varnish_ip)s:%(varnishd_server_port)s \
-n %(varnish_instance_name)s"
exec %(varnishlog_binary)s ${DAEMON_OPTS} "$@"
#!%(shell_path)s
DAEMON_OPTS="-F \
-a %(varnish_ip)s:%(varnishd_server_port)s \
-T %(varnish_ip)s:%(varnishd_manager_port)s \
-n %(varnish_instance_name)s \
-f %(vcl_file)s \
-s file,%(varnish_data)s/varnish_storage.bin,1G"
PIDFILE=%(varnishd_pid_file)s
# exporting PATH here so that it will pass the PATH variable to the subprocess
export PATH
# If unset, or set to "0" or "no", exit
if [ -z "${VARNISHLOG_ENABLED}" ] || \
[ "${VARNISHLOG_ENABLED}" = "0" ] || \
[ "${VARNISHLOG_ENABLED}" = "no" ]; then
exit 0;
fi
output=$(/bin/tempfile -s.varnish)
exec %(varnishlog_binary)s ${DAEMON_OPTS} > ${output} 2>&1
...@@ -128,6 +128,13 @@ class Recipe(GenericBaseRecipe): ...@@ -128,6 +128,13 @@ class Recipe(GenericBaseRecipe):
zope_conf_content = self.substituteTemplate(zope_wrapper_template_location, zope_conf_content = self.substituteTemplate(zope_wrapper_template_location,
zope_config) zope_config)
if ('promise-path' in self.options) and ('site-id' in self.options):
zope_conf_content += self.substituteTemplate(self.getTemplateFilename(
'zope.conf.promise.in'), {
'site-id': self.options['site-id'],
'promise-path': self.options['promise-path'],
})
zope_conf_path = self.createFile(self.options['configuration-file'], zope_conf_content) zope_conf_path = self.createFile(self.options['configuration-file'], zope_conf_content)
path_list.append(zope_conf_path) path_list.append(zope_conf_path)
# Create init script # Create init script
......
...@@ -20,6 +20,11 @@ zserver-threads %(thread_amount)s ...@@ -20,6 +20,11 @@ zserver-threads %(thread_amount)s
pid-filename %(pid-filename)s pid-filename %(pid-filename)s
lock-filename %(lock-filename)s lock-filename %(lock-filename)s
# Encoding
rest-input-encoding utf-8
rest-output-encoding utf-8
default-zpublisher-encoding utf-8
# Temporary storage database (for sessions) # Temporary storage database (for sessions)
<zodb_db temporary> <zodb_db temporary>
<temporarystorage> <temporarystorage>
......
# ERP5 promise
<product-config /%(site-id)s>
promise_path %(promise-path)s
</product-config>
...@@ -115,7 +115,7 @@ class Recipe(GenericBaseRecipe): ...@@ -115,7 +115,7 @@ class Recipe(GenericBaseRecipe):
TMPDIR=self.options['tmp-path'], TMPDIR=self.options['tmp-path'],
HOME=self.options['tmp-path'], HOME=self.options['tmp-path'],
PATH=self.options['bin-path'], PATH=self.options['bin-path'],
TIMEZONE=self.options['timezone'], TZ=self.options['timezone'],
) )
# longrequestlogger product which requires environment settings # longrequestlogger product which requires environment settings
...@@ -157,6 +157,18 @@ class Recipe(GenericBaseRecipe): ...@@ -157,6 +157,18 @@ class Recipe(GenericBaseRecipe):
if self.isTrueValue(self.options['timeserver']): if self.isTrueValue(self.options['timeserver']):
zope_conf_content += self.substituteTemplate(self.getTemplateFilename( zope_conf_content += self.substituteTemplate(self.getTemplateFilename(
'zope.conf.timeserver.in'), {}) 'zope.conf.timeserver.in'), {})
if 'tidstorage-ip' in self.options:
zope_conf_content += self.substituteTemplate(self.getTemplateFilename(
'zope.conf.tidstorage.in'), {
'tidstorage-ip': self.options['tidstorage-ip'],
'tidstorage-port': self.options['tidstorage-port'],
})
if ('promise-path' in self.options) and ('site-id' in self.options):
zope_conf_content += self.substituteTemplate(self.getTemplateFilename(
'zope.conf.promise.in'), {
'site-id': self.options['site-id'],
'promise-path': self.options['promise-path'],
})
zope_conf_path = self.createFile(self.options['configuration-file'], zope_conf_content) zope_conf_path = self.createFile(self.options['configuration-file'], zope_conf_content)
path_list.append(zope_conf_path) path_list.append(zope_conf_path)
......
...@@ -20,6 +20,11 @@ zserver-threads %(thread_amount)s ...@@ -20,6 +20,11 @@ zserver-threads %(thread_amount)s
pid-filename %(pid-filename)s pid-filename %(pid-filename)s
lock-filename %(lock-filename)s lock-filename %(lock-filename)s
# Encoding
rest-input-encoding utf-8
rest-output-encoding utf-8
default-zpublisher-encoding utf-8
# Temporary storage database (for sessions) # Temporary storage database (for sessions)
<zodb_db temporary> <zodb_db temporary>
<temporarystorage> <temporarystorage>
......
# ERP5 promise
<product-config /%(site-id)s>
promise_path %(promise-path)s
</product-config>
# TIDStorage connection
<product-config TIDStorage>
backend-ip %(tidstorage-ip)s
backend-port %(tidstorage-port)s
</product-config>
...@@ -2,5 +2,5 @@ ...@@ -2,5 +2,5 @@
# ERP5 Timer Service # ERP5 Timer Service
%%import timerserver %%import timerserver
<timer-server> <timer-server>
interval 5 interval 1
</timer-server> </timer-server>
############################################################################## ##############################################################################
# #
# Copyright (c) 2010 Vifib SARL and Contributors. All Rights Reserved. # Copyright (c) 2011 Vifib SARL and Contributors. All Rights Reserved.
# #
# WARNING: This program as such is intended to be used by professional # WARNING: This program as such is intended to be used by professional
# programmers who take the whole responsibility of assessing all potential # programmers who take the whole responsibility of assessing all potential
...@@ -24,333 +24,53 @@ ...@@ -24,333 +24,53 @@
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
# #
############################################################################## ##############################################################################
from slapos.recipe.librecipe import GenericBaseRecipe
import binascii
import os import os
import sys import sys
from slapos.recipe.librecipe import BaseSlapRecipe
import subprocess
import binascii
import random
import zc.buildout
import pkg_resources
import ConfigParser
import hashlib
class Recipe(BaseSlapRecipe):
# To avoid magic numbers
VNC_BASE_PORT = 5900
def _install(self):
"""
Set the connection dictionnary for the computer partition and create a list
of paths to the different wrappers
Parameters : none
Returns : List path_list
"""
self.path_list = []
self.requirements, self.ws = self.egg.working_set()
self.cron_d = self.installCrond()
self.ca_conf = self.installCertificateAuthority()
self.key_path, self.certificate_path = self.requestCertificate('noVNC')
# Install the socket_connection_attempt script
catcher = zc.buildout.easy_install.scripts(
[('check_port_listening', 'slapos.recipe.kvm.socket_connection_attempt',
'connection_attempt')],
self.ws,
sys.executable,
self.bin_directory,
)
# Save the check_port_listening script path
check_port_listening_script = catcher[0]
# Get the port_listening_promise template path, and save it
self.port_listening_promise_path = pkg_resources.resource_filename(
__name__, 'template/port_listening_promise.in')
self.port_listening_promise_conf = dict(
check_port_listening_script=check_port_listening_script,
)
kvm_conf = self.installKvm(vnc_ip = self.getLocalIPv4Address())
vnc_port = Recipe.VNC_BASE_PORT + kvm_conf['vnc_display']
noVNC_conf = self.installNoVnc(source_ip = self.getGlobalIPv6Address(),
source_port = 6080,
target_ip = kvm_conf['vnc_ip'],
target_port = vnc_port)
self.linkBinary()
self.computer_partition.setConnectionDict(dict(
url = "https://[%s]:%s/vnc_auto.html?host=[%s]&port=%s&encrypt=1" % (
noVNC_conf['source_ip'],
noVNC_conf['source_port'],
noVNC_conf['source_ip'],
noVNC_conf['source_port']),
password = kvm_conf['vnc_passwd']))
return self.path_list
def installKvm(self, vnc_ip):
"""
Create kvm configuration dictionnary and instanciate a wrapper for kvm and
kvm controller
Parameters : IP the vnc server is listening on
Returns : Dictionnary kvm_conf
"""
kvm_conf = dict(vnc_ip = vnc_ip)
connection_found = False
for tap_interface, dummy in self.parameter_dict['ip_list']:
# Get an ip associated to a tap interface
if tap_interface:
connection_found = True
if not connection_found:
raise NotImplementedError("Do not support ip without tap interface")
kvm_conf['tap_interface'] = tap_interface
# Disk path
kvm_conf['disk_path'] = os.path.join(self.data_root_directory,
'virtual.qcow2')
kvm_conf['socket_path'] = os.path.join(self.var_directory, 'qmp_socket')
# XXX Weak password
##XXX -Vivien: add an option to generate one password for all instances
# and/or to input it yourself
kvm_conf['vnc_passwd'] = binascii.hexlify(os.urandom(4))
#XXX pid_file path, database_path, path to python binary and xml path
kvm_conf['pid_file_path'] = os.path.join(self.run_directory, 'pid_file')
kvm_conf['database_path'] = os.path.join(self.data_root_directory,
'slapmonitor_database')
kvm_conf['python_path'] = sys.executable
kvm_conf['qemu_path'] = self.options['qemu_path']
#xml_path = os.path.join(self.var_directory, 'slapreport.xml' )
# Create disk if needed class Recipe(GenericBaseRecipe):
if not os.path.exists(kvm_conf['disk_path']): """
retcode = subprocess.call(["%s create -f qcow2 %s %iG" % ( kvm instance configuration.
self.options['qemu_img_path'], kvm_conf['disk_path'], """
int(self.options['disk_size']))], shell=True)
if retcode != 0: def __init__(self, buildout, name, options):
raise OSError, "Disk creation failed!" options['passwd'] = binascii.hexlify(os.urandom(4))
return GenericBaseRecipe.__init__(self, buildout, name, options)
# Options nbd_ip and nbd_port are provided by slapos master
kvm_conf['nbd_ip'] = self.parameter_dict['nbd_ip'] def install(self):
kvm_conf['nbd_port'] = self.parameter_dict['nbd_port'] config = dict(
tap_interface=self.options['tap'],
# First octet has to represent a locally administered address vnc_ip=self.options['vnc-ip'],
octet_list = [254] + [random.randint(0x00, 0xff) for x in range(5)] vnc_port=self.options['vnc-port'],
kvm_conf['mac_address'] = ':'.join(['%02x' % x for x in octet_list]) nbd_ip=self.options['nbd-ip'],
nbd_port=self.options['nbd-port'],
kvm_conf['hostname'] = "slaposkvm" disk_path=self.options['disk-path'],
kvm_conf['smp_count'] = self.options['smp_count'] disk_size=self.options['disk-size'],
kvm_conf['ram_size'] = self.options['ram_size'] mac_address=self.options['mac-address'],
smp_count=self.options['smp-count'],
kvm_conf['vnc_display'] = 1 ram_size=self.options['ram-size'],
socket_path=self.options['socket-path'],
# Instanciate KVM pid_file_path=self.options['pid-path'],
kvm_template_location = pkg_resources.resource_filename( python_path=sys.executable,
__name__, os.path.join( shell_path=self.options['shell-path'],
'template', 'kvm_run.in')) qemu_path=self.options['qemu-path'],
qemu_img_path=self.options['qemu-img-path'],
kvm_runner_path = self.createRunningWrapper("kvm", # XXX Weak password
self.substituteTemplate(kvm_template_location, vnc_passwd=self.options['passwd']
kvm_conf))
self.path_list.append(kvm_runner_path)
# Instanciate KVM controller
kvm_controller_template_location = pkg_resources.resource_filename(
__name__, os.path.join(
'template',
'kvm_controller_run.in' ))
kvm_controller_runner_path = self.createRunningWrapper("kvm_controller",
self.substituteTemplate(kvm_controller_template_location,
kvm_conf))
self.path_list.append(kvm_controller_runner_path)
# Instanciate Slapmonitor
##slapmonitor_runner_path = self.instanciate_wrapper("slapmonitor",
# [database_path, pid_file_path, python_path])
# Instanciate Slapreport
##slapreport_runner_path = self.instanciate_wrapper("slapreport",
# [database_path, python_path])
# Add VNC promise
self.port_listening_promise_conf.update(
hostname=kvm_conf['vnc_ip'],
port=Recipe.VNC_BASE_PORT + kvm_conf['vnc_display'],
) )
self.createPromiseWrapper("vnc_promise",
self.substituteTemplate(self.port_listening_promise_path,
self.port_listening_promise_conf,
)
)
return kvm_conf # Runners
runner_path = self.createExecutable(
self.options['runner-path'],
self.substituteTemplate(self.getTemplateFilename('kvm_run.in'),
config))
def installNoVnc(self, source_ip, source_port, target_ip, target_port): controller_path = self.createExecutable(
""" self.options['controller-path'],
Create noVNC configuration dictionnary and instanciate Websockify proxy self.substituteTemplate(self.getTemplateFilename('kvm_controller_run.in'),
config))
Parameters : IP of the proxy, port on which is situated the proxy,
IP of the vnc server, port on which is situated the vnc server,
path to python binary
Returns : noVNC configuration dictionnary
"""
noVNC_conf = {}
noVNC_conf['source_ip'] = source_ip
noVNC_conf['source_port'] = source_port
execute_arguments = [[
self.options['websockify'].strip(),
'--web',
self.options['noVNC_location'],
'--key=%s' % (self.key_path),
'--cert=%s' % (self.certificate_path),
'--ssl-only',
'%s:%s' % (source_ip, source_port),
'%s:%s' % (target_ip, target_port)],
[self.certificate_path, self.key_path]]
self.path_list.extend(zc.buildout.easy_install.scripts([('websockify',
'slapos.recipe.librecipe.execute', 'execute_wait')], self.ws, sys.executable,
self.wrapper_directory, arguments=execute_arguments))
# Add noVNC promise
self.port_listening_promise_conf.update(hostname=noVNC_conf['source_ip'],
port=noVNC_conf['source_port'],
)
self.createPromiseWrapper("novnc_promise",
self.substituteTemplate(self.port_listening_promise_path,
self.port_listening_promise_conf,
)
)
return noVNC_conf
def linkBinary(self):
"""Links binaries to instance's bin directory for easier exposal"""
for linkline in self.options.get('link_binary_list', '').splitlines():
if not linkline:
continue
target = linkline.split()
if len(target) == 1:
target = target[0]
path, linkname = os.path.split(target)
else:
linkname = target[1]
target = target[0]
link = os.path.join(self.bin_directory, linkname)
if os.path.lexists(link):
if not os.path.islink(link):
raise zc.buildout.UserError(
'Target link already %r exists but it is not link' % link)
os.unlink(link)
os.symlink(target, link)
self.logger.debug('Created link %r -> %r' % (link, target))
self.path_list.append(link)
def installCertificateAuthority(self, ca_country_code='XX',
ca_email='xx@example.com', ca_state='State', ca_city='City',
ca_company='Company'):
backup_path = self.createBackupDirectory('ca')
self.ca_dir = os.path.join(self.data_root_directory, 'ca')
self._createDirectory(self.ca_dir)
self.ca_request_dir = os.path.join(self.ca_dir, 'requests')
self._createDirectory(self.ca_request_dir)
config = dict(ca_dir=self.ca_dir, request_dir=self.ca_request_dir)
self.ca_private = os.path.join(self.ca_dir, 'private')
self.ca_certs = os.path.join(self.ca_dir, 'certs')
self.ca_crl = os.path.join(self.ca_dir, 'crl')
self.ca_newcerts = os.path.join(self.ca_dir, 'newcerts')
self.ca_key_ext = '.key'
self.ca_crt_ext = '.crt'
for d in [self.ca_private, self.ca_crl, self.ca_newcerts, self.ca_certs]:
self._createDirectory(d)
for f in ['crlnumber', 'serial']:
if not os.path.exists(os.path.join(self.ca_dir, f)):
open(os.path.join(self.ca_dir, f), 'w').write('01')
if not os.path.exists(os.path.join(self.ca_dir, 'index.txt')):
open(os.path.join(self.ca_dir, 'index.txt'), 'w').write('')
openssl_configuration = os.path.join(self.ca_dir, 'openssl.cnf')
config.update(
working_directory=self.ca_dir,
country_code=ca_country_code,
state=ca_state,
city=ca_city,
company=ca_company,
email_address=ca_email,
)
self._writeFile(openssl_configuration, pkg_resources.resource_string(
__name__, 'template/openssl.cnf.ca.in') % config)
self.path_list.extend(zc.buildout.easy_install.scripts([
('certificate_authority',
__name__ + '.certificate_authority', 'runCertificateAuthority')],
self.ws, sys.executable, self.wrapper_directory, arguments=[dict(
openssl_configuration=openssl_configuration,
openssl_binary=self.options['openssl_binary'],
certificate=os.path.join(self.ca_dir, 'cacert.pem'),
key=os.path.join(self.ca_private, 'cakey.pem'),
crl=os.path.join(self.ca_crl),
request_dir=self.ca_request_dir
)]))
# configure backup
backup_cron = os.path.join(self.cron_d, 'ca_rdiff_backup')
open(backup_cron, 'w').write(
'''0 0 * * * %(rdiff_backup)s %(source)s %(destination)s'''%dict(
rdiff_backup=self.options['rdiff_backup_binary'],
source=self.ca_dir,
destination=backup_path))
self.path_list.append(backup_cron)
return dict(
ca_certificate=os.path.join(config['ca_dir'], 'cacert.pem'),
ca_crl=os.path.join(config['ca_dir'], 'crl'),
certificate_authority_path=config['ca_dir']
)
def requestCertificate(self, name): return [runner_path, controller_path]
hash = hashlib.sha512(name).hexdigest()
key = os.path.join(self.ca_private, hash + self.ca_key_ext)
certificate = os.path.join(self.ca_certs, hash + self.ca_crt_ext)
parser = ConfigParser.RawConfigParser()
parser.add_section('certificate')
parser.set('certificate', 'name', name)
parser.set('certificate', 'key_file', key)
parser.set('certificate', 'certificate_file', certificate)
parser.write(open(os.path.join(self.ca_request_dir, hash), 'w'))
return key, certificate
def installCrond(self):
timestamps = self.createDataDirectory('cronstamps')
cron_output = os.path.join(self.log_directory, 'cron-output')
self._createDirectory(cron_output)
catcher = zc.buildout.easy_install.scripts([('catchcron',
__name__ + '.catdatefile', 'catdatefile')], self.ws, sys.executable,
self.bin_directory, arguments=[cron_output])[0]
self.path_list.append(catcher)
cron_d = os.path.join(self.etc_directory, 'cron.d')
crontabs = os.path.join(self.etc_directory, 'crontabs')
self._createDirectory(cron_d)
self._createDirectory(crontabs)
# Use execute from erp5.
wrapper = zc.buildout.easy_install.scripts([('crond',
'slapos.recipe.librecipe.execute', 'execute')], self.ws, sys.executable,
self.wrapper_directory, arguments=[
self.options['dcrond_binary'].strip(), '-s', cron_d, '-c', crontabs,
'-t', timestamps, '-f', '-l', '5', '-M', catcher]
)[0]
self.path_list.append(wrapper)
return cron_d
import socket
import sys
def connection_attempt():
try:
hostname, port = sys.argv[1:3]
except ValueError:
print >> sys.stderr, """Bad command line.
Usage: %s hostname|ip port""" % sys.argv[0]
sys.exit(1)
connection_okay = False
try:
s = socket.create_connection((hostname, port))
connection_okay = True
s.close()
except (socket.error, socket.timeout):
connection_okay = False
if not connection_okay:
print >> sys.stderr, "%(port)s on %(ip)s isn't listening" % {
'port': port, 'ip': hostname
}
sys.exit(127)
#!/bin/sh #!%(python_path)s
# BEWARE: This file is operated by slapgrid # BEWARE: This file is operated by slapgrid
# BEWARE: It will be overwritten automatically # BEWARE: It will be overwritten automatically
# TODO: -net nic,model=virtio, but OS installer has to provide the virtio_net # Echo client program
# module import os
exec %(qemu_path)s \ import socket
-net nic,macaddr=%(mac_address)s \ import subprocess
-net tap,ifname=%(tap_interface)s,script=no,downscript=no \
-smp %(smp_count)s \ def getSocketStatus(host, port):
-m %(ram_size)s \ s = None
-cdrom nbd:[%(nbd_ip)s]:%(nbd_port)s \ for res in socket.getaddrinfo(host, port,
-drive file=%(disk_path)s,if=virtio,boot=on \ socket.AF_UNSPEC, socket.SOCK_STREAM):
-vnc %(vnc_ip)s:1,ipv4,password \ af, socktype, proto, canonname, sa = res
-boot menu=on \ try:
-qmp unix:%(socket_path)s,server \ s = socket.socket(af, socktype, proto)
-pidfile %(pid_file_path)s except socket.error, msg:
s = None
continue
try:
s.connect(sa)
except socket.error, msg:
s.close()
s = None
continue
break
return s
# create disk if doesn't exist
disk_path = '%(disk_path)s'
if not os.path.exists(disk_path):
subprocess.Popen(['%(qemu_img_path)s', 'create' ,'-f', 'qcow2',
'%(disk_path)s', '%(disk_size)sG'])
kvm_argument_list = ['kvm', '-net', 'nic,macaddr=%(mac_address)s',
'-net', 'tap,ifname=%(tap_interface)s,script=no,downscript=no',
'-smp', '%(smp_count)s',
'-m', '%(ram_size)s',
'-drive', 'file=%(disk_path)s,if=virtio,boot=on',
'-vnc', '%(vnc_ip)s:1,ipv4,password',
'-boot', 'menu=on',
'-qmp', 'unix:%(socket_path)s,server',
'-pidfile', '%(pid_file_path)s',
]
# Try to connect to NBD server
s = getSocketStatus('%(nbd_ip)s', %(nbd_port)s)
if s is None:
# NBD is not available : launch kvm without it
print 'Warning : Nbd is not available.'
os.execv('%(qemu_path)s', kvm_argument_list)
else:
# NBD is available
kvm_argument_list.extend(['-cdrom', 'nbd:[%(nbd_ip)s]:%(nbd_port)s'])
os.execv('%(qemu_path)s', kvm_argument_list)
#!/usr/bin/env sh
"%(check_port_listening_script)s" "%(hostname)s" "%(port)s"
exit $?
#!/bin/sh
# BEWARE: This file is operated by slapgrid
# BEWARE: It will be overwritten automatically
exec %(python_path)s %(slapreport_path)s $1 %(database_path)s
##############################################################################
#
# Copyright (c) 2011 Vifib SARL and Contributors. All Rights Reserved.
#
# WARNING: This program as such is intended to be used by professional
# programmers who take the whole responsibility of assessing all potential
# consequences resulting from its eventual inadequacies and bugs
# End users who are looking for a ready-to-use solution with commercial
# guarantees and support are strongly adviced to contract a Free Software
# Service Company
#
# This program is Free Software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 3
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#
##############################################################################
from slapos.recipe.librecipe import GenericBaseRecipe, GenericSlapRecipe
import json
import zc.buildout
class Recipe(GenericSlapRecipe):
"""
kvm frontend instance configuration.
"""
def _getRewriteRuleContent(self, slave_instance_list):
"""Generate rewrite rules list from slaves list"""
rewrite_rule_list = []
for slave_instance in slave_instance_list:
self.logger.info("Processing slave instance %s..." %
slave_instance['slave_reference'])
# Check for mandatory fields
if slave_instance.get('host', None) is None:
self.logger.warn('No "host" parameter is defined for %s slave'\
'instance. Ignoring it.' % slave_instance['slave_reference'])
continue
if slave_instance.get('port', None) is None:
self.logger.warn('No "host" parameter is defined for %s slave'\
'instance. Ignoring it.' % slave_instance['slave_reference'])
continue
current_slave_dict = dict()
# Get host, and if IPv6 address, remove "[" and "]"
current_slave_dict['host'] = slave_instance['host'].\
replace('[', '').replace(']', '')
current_slave_dict['port'] = slave_instance['port']
# Check if target is https or http
current_slave_dict['https'] = slave_instance.get('https', 'true')
if current_slave_dict['https'] in GenericBaseRecipe.FALSE_VALUES:
current_slave_dict['https'] = 'false'
# Set reference and resource url
# Reference is raw reference from SlapOS Master, resource is
# URL-compatible name
reference = slave_instance.get('slave_reference')
current_slave_dict['reference'] = reference
current_slave_dict['resource'] = reference.replace('-', '')
rewrite_rule_list.append(current_slave_dict)
return rewrite_rule_list
def _getProxyTableContent(self, rewrite_rule_list):
"""Generate proxy table file content from rewrite rules list"""
proxy_table = dict()
for rewrite_rule in rewrite_rule_list:
proxy_table[rewrite_rule['resource']] = {
'port': rewrite_rule['port'],
'host': rewrite_rule['host'],
'https': rewrite_rule['https'],
}
proxy_table_content = json.dumps(proxy_table)
return proxy_table_content
def _install(self):
# Check for mandatory field
if self.options.get('domain', None) is None:
raise zc.buildout.UserError('No domain name specified. Please define '
'the "domain" instance parameter.')
# Generate rewrite rules
rewrite_rule_list = self._getRewriteRuleContent(
json.loads(self.options['slave-instance-list']))
# Create Map
map_content = self._getProxyTableContent(rewrite_rule_list)
map_file = self.createFile(self.options['map-path'], map_content)
# Create configuration
conf = open(self.getTemplateFilename('kvm-proxy.js'), 'r')
conf_file = self.createFile(self.options['conf-path'], conf.read())
conf.close()
# Do we create http dummy server used to redirect to https?
if self.options['http-redirection'] in GenericBaseRecipe.TRUE_VALUES:
http_redirect_server = '1'
else:
http_redirect_server = ''
config = dict(
ip=self.options['ip'],
port=self.options['port'],
key=self.options['ssl-key-path'],
certificate=self.options['ssl-cert-path'],
name=self.options['domain'],
shell_path=self.options['shell-path'],
node_path=self.options['node-binary'],
node_env=self.options['node-env'],
conf_path=conf_file,
map_path=map_file,
plain_http=http_redirect_server,
)
runner_path = self.createExecutable(
self.options['wrapper-path'],
self.substituteTemplate(self.getTemplateFilename('nodejs_run.in'),
config))
# Send connection parameters of slave instances
site_url = "https://%s:%s/" % (self.options['domain'], self.options['port'])
for slave in rewrite_rule_list:
self.setConnectionDict(
dict(url="%s%s" % (site_url, slave['resource']),
domainname=self.options['domain'],
port=self.options['port'],
resource=slave['resource']),
slave['reference'])
return [map_file, conf_file, runner_path]
/*****************************************************************************
*
* Copyright (c) 2012 Vifib SARL and Contributors. All Rights Reserved.
*
* WARNING: This program as such is intended to be used by professional
* programmers who take the whole responsibility of assessing all potential
* consequences resulting from its eventual inadequacies and bugs
* End users who are looking for a ready-to-use solution with commercial
* guarantees and support are strongly adviced to contract a Free Software
* Service Company
*
* This program is Free Software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 3
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*
*****************************************************************************/
/* Wrapper used to configure the httpproxy node package to proxy
http://myhost/myinstance
to real IP/URL of myinstance
*/
var fs = require('fs'),
util = require('util'),
colors = require('colors'),
http = require('http'),
httpProxy = require('http-proxy'),
proxyByUrl = require('proxy-by-url');
var listenInterface = process.argv[2],
port = process.argv[3],
sslKeyFile = process.argv[4],
sslCertFile = process.argv[5],
proxyTable = process.argv[6],
redirect = process.argv[7] || false,
isRawIPv6;
if (process.argv.length < 7) {
console.error("Too few arguments. Exiting.");
process.exit(1);
}
isRawIPv6 = function checkipv6(str) {
// Inspired by http://forums.intermapper.com/viewtopic.php?t=452
return (/^\s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:)))(%.+)?\s*$/.test(str));
}(listenInterface);
/**
* Dummy middleware that throws 404 not found. Does not contain websocket
* middleware.
*/
var middlewareNotFound = function(req, res, proxy) {
res.statusCode = 404;
res.setHeader('Content-Type', 'text/plain');
res.end('This URL is not known. Please check your URL or contact your ' +
'SlapOS administrator.');
};
/**
* Create server
*/
var proxyServer = httpProxy.createServer(
// We declare our proxyByUrl middleware
proxyByUrl(proxyTable),
// Then we add your dummy middleware, called when proxyByUrl doesn't find url.
middlewareNotFound,
// And we set HTTPS options for server. HTTP will be forbidden.
{
https: {
key: fs.readFileSync(
sslKeyFile,
'utf8'
),
cert: fs.readFileSync(
sslCertFile,
'utf8'
)
},
source: {
host: listenInterface,
port: port
}}
);
console.log('HTTPS server starting and trying to listen on ' +
listenInterface + ':' + port);
// Release the beast.
proxyServer.listen(port, listenInterface);
// Dummy HTTP server redirecting to HTTPS. Only has sense if we can use port 80
if (redirect === '1') {
console.log('HTTP redirect server starting and trying to listen on ' +
listenInterface + ':' + httpPort);
try {
var httpPort = 80;
http.createServer(function(req, res) {
var url;
if (isRawIPv6 === true) {
url = 'https://[' + listenInterface + ']';
} else {
url = 'https://' + listenInterface;
}
// If non standard port : need to specify it
if (port !== 443) {
url = url + ':' + port;
}
// Add last part of URL
url = url + req.url;
console.log(url);
// Anwser "permanently redirected"
res.statusCode = 301;
res.setHeader('Location', url);
res.end();
}).listen(httpPort, listenInterface);
} catch (error) {
console.log('Couldn\'t start plain HTTP redirection server : ' + error)
}
}
#!/bin/sh #!%(shell_path)s
# BEWARE: This file is operated by slapgrid # BEWARE: This file is operated by slapgrid
# BEWARE: It will be overwritten automatically # BEWARE: It will be overwritten automatically
exec %(python_path)s %(slapmonitor_path)s %(pid_file_path)s %(database_path)s export NODE_PATH=%(node_env)s
exec %(node_path)s %(conf_path)s %(ip)s %(port)s %(key)s %(certificate)s %(map_path)s %(plain_http)s
...@@ -33,6 +33,8 @@ import sys ...@@ -33,6 +33,8 @@ import sys
import zc.recipe.egg import zc.recipe.egg
import urlparse import urlparse
# Warning : this recipe is deprecated and has been replaced by apachephp.
class BaseRecipe(BaseSlapRecipe): class BaseRecipe(BaseSlapRecipe):
def getTemplateFilename(self, template_name): def getTemplateFilename(self, template_name):
return pkg_resources.resource_filename(__name__, return pkg_resources.resource_filename(__name__,
......
...@@ -3,7 +3,6 @@ ...@@ -3,7 +3,6 @@
# Basic server configuration # Basic server configuration
PidFile "%(pid_file)s" PidFile "%(pid_file)s"
LockFile "%(lock_file)s"
Listen %(ip)s:%(port)s Listen %(ip)s:%(port)s
PHPINIDir %(php_ini_dir)s PHPINIDir %(php_ini_dir)s
ServerAdmin someone@email ServerAdmin someone@email
...@@ -39,6 +38,9 @@ DocumentRoot %(document_root)s ...@@ -39,6 +38,9 @@ DocumentRoot %(document_root)s
DirectoryIndex index.html index.php DirectoryIndex index.html index.php
# List of modules # List of modules
LoadModule unixd_module modules/mod_unixd.so
LoadModule access_compat_module modules/mod_access_compat.so
LoadModule authz_core_module modules/mod_authz_core.so
LoadModule authz_host_module modules/mod_authz_host.so LoadModule authz_host_module modules/mod_authz_host.so
LoadModule log_config_module modules/mod_log_config.so LoadModule log_config_module modules/mod_log_config.so
LoadModule setenvif_module modules/mod_setenvif.so LoadModule setenvif_module modules/mod_setenvif.so
......
...@@ -21,7 +21,7 @@ long_query_time = 5 ...@@ -21,7 +21,7 @@ long_query_time = 5
max_allowed_packet = 128M max_allowed_packet = 128M
query_cache_size = 32M query_cache_size = 32M
plugin-load = ha_groonga.so;ha_sphinx.so plugin-load = ha_mroonga.so;ha_sphinx.so
# The following are important to configure and depend a lot on to the size of # The following are important to configure and depend a lot on to the size of
# your database and the available resources. # your database and the available resources.
......
...@@ -38,6 +38,7 @@ import zc.buildout ...@@ -38,6 +38,7 @@ import zc.buildout
class GenericBaseRecipe(object): class GenericBaseRecipe(object):
TRUE_VALUES = ['y', 'yes', '1', 'true'] TRUE_VALUES = ['y', 'yes', '1', 'true']
FALSE_VALUES = ['n', 'no', '0', 'false']
def __init__(self, buildout, name, options): def __init__(self, buildout, name, options):
"""Recipe initialisation""" """Recipe initialisation"""
......
...@@ -31,23 +31,14 @@ from slapos.recipe.librecipe import GenericBaseRecipe ...@@ -31,23 +31,14 @@ from slapos.recipe.librecipe import GenericBaseRecipe
class Recipe(GenericBaseRecipe): class Recipe(GenericBaseRecipe):
def install(self): def install(self):
logrotate_backup = self.options['backup']
logrotate_d = self.options['logrotate-entries'] logrotate_d = self.options['logrotate-entries']
logrotate_conf_file = self.options['conf'] logrotate_conf_file = self.options['conf']
logrotate_conf = [ logrotate_conf = [
'daily',
'dateext',
'rotate 3650',
'compress',
'compresscmd %s' % self.options['gzip-binary'], 'compresscmd %s' % self.options['gzip-binary'],
'compressoptions -9', 'compressoptions -9',
'uncompresscmd %s' % self.options['gunzip-binary'], 'uncompresscmd %s' % self.options['gunzip-binary'],
'notifempty',
'sharedscripts',
'create',
'include %s' % logrotate_d, 'include %s' % logrotate_d,
'olddir %s' % logrotate_backup,
] ]
logrotate_conf_file = self.createFile(logrotate_conf_file, logrotate_conf_file = self.createFile(logrotate_conf_file,
...@@ -69,7 +60,16 @@ class Part(GenericBaseRecipe): ...@@ -69,7 +60,16 @@ class Part(GenericBaseRecipe):
logrotate_d = self.options['logrotate-entries'] logrotate_d = self.options['logrotate-entries']
conf = [] conf = [
'daily',
'dateext',
'rotate 3650',
'compress',
'notifempty',
'sharedscripts',
'create',
'olddir %s' % self.options['backup'],
]
if 'post' in self.options: if 'post' in self.options:
conf.append("postrotate\n%s\nendscript" % self.options['post']) conf.append("postrotate\n%s\nendscript" % self.options['post'])
......
...@@ -33,21 +33,12 @@ class Recipe(GenericBaseRecipe): ...@@ -33,21 +33,12 @@ class Recipe(GenericBaseRecipe):
def _options(self, options): def _options(self, options):
self.directory = options.copy() self.directory = options.copy()
del self.directory['recipe'] del self.directory['recipe']
self.mode = int(self.directory.pop('mode', '700'), 8)
str_mode = '0700'
if 'mode' in self.directory:
str_mode = self.directory['mode']
del self.directory['mode']
self.mode = int(str_mode, 8)
def install(self): def install(self):
for path in sorted(self.directory.values()):
for directory in sorted(self.directory.values()):
path = directory
if not os.path.exists(path): if not os.path.exists(path):
os.mkdir(path, self.mode) os.makedirs(path, self.mode)
elif not os.path.isdir(path): elif not os.path.isdir(path):
raise OSError("%s path exits, but it's not a directory.") raise OSError("%s path exits, but it's not a directory.")
return [] return []
...@@ -19,7 +19,7 @@ long_query_time = 5 ...@@ -19,7 +19,7 @@ long_query_time = 5
max_allowed_packet = 128M max_allowed_packet = 128M
query_cache_size = 32M query_cache_size = 32M
plugin-load = ha_groonga.so;ha_sphinx.so plugin-load = ha_mroonga.so;ha_sphinx.so
# The following are important to configure and depend a lot on to the size of # The following are important to configure and depend a lot on to the size of
# your database and the available resources. # your database and the available resources.
......
############################################################################## ##############################################################################
# #
# Copyright (c) 2010 Vifib SARL and Contributors. All Rights Reserved. # Copyright (c) 2011 Vifib SARL and Contributors. All Rights Reserved.
# #
# WARNING: This program as such is intended to be used by professional # WARNING: This program as such is intended to be used by professional
# programmers who take the whole responsibility of assessing all potential # programmers who take the whole responsibility of assessing all potential
...@@ -24,59 +24,29 @@ ...@@ -24,59 +24,29 @@
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
# #
############################################################################## ##############################################################################
import os from slapos.recipe.librecipe import GenericBaseRecipe
import binascii import binascii
from slapos.recipe.librecipe import BaseSlapRecipe import os
import sys
import pkg_resources
class Recipe(GenericBaseRecipe):
class Recipe(BaseSlapRecipe): """
nbd instance configuration.
def _install(self): """
# Image path def install(self):
cdrom_iso = os.path.join(self.data_root_directory, 'cdrom.iso') config = dict(
ip=self.options['ip'],
#Get the IP list port=self.options['port'],
ip = self.getGlobalIPv6Address() image_path=self.options['image-path'],
http_port = 9999 qemu_path=self.options['qemu-path'],
nbd_port = 1024 shell_path=self.options['shell-path'],
)
# Instanciate onetimeupload
onetimeupload_config = {} # Runners
onetimeupload_config.update(self.options) runner_path = self.createExecutable(
onetimeupload_config['port'] = http_port self.options['path'],
onetimeupload_config['ip'] = ip self.substituteTemplate(self.getTemplateFilename('nbdserver_run.in'),
onetimeupload_config['image'] = cdrom_iso config))
onetimeupload_config['key'] = binascii.hexlify(os.urandom(24))
onetimeupload_config['log_path'] = os.path.join(self.log_directory, return [runner_path]
'onetimeupload.log')
wrapper_template_location = pkg_resources.resource_filename(
__name__, os.path.join(
'template', 'onetimeupload_run.in'))
onetimeupload_runner_path = self.createRunningWrapper("onetimeupload",
self.substituteTemplate(wrapper_template_location,
onetimeupload_config))
# Instanciate qemu
qemu_config = {}
qemu_config.update(self.options)
qemu_config['ip'] = ip
qemu_config['port'] = nbd_port
qemu_config['image'] = cdrom_iso
wrapper_template_location = pkg_resources.resource_filename(
__name__, os.path.join(
'template', 'nbdserver_run.in'))
nbdserver_runner_path = self.createRunningWrapper("nbdserver",
self.substituteTemplate(wrapper_template_location, qemu_config))
# Publish connection dict
self.computer_partition.setConnectionDict(dict(
upload_connection_string="https://[%s]:%s/" % (ip, http_port),
upload_key=onetimeupload_config['key'],
nbd_connection_string="nbd:[%s]:%s" % (ip, nbd_port),
))
return [onetimeupload_runner_path, nbdserver_runner_path]
#!/bin/sh #!%(shell_path)s
# BEWARE: This file is operated by slapgrid # BEWARE: This file is operated by slapgrid
# BEWARE: It will be overwritten automatically # BEWARE: It will be overwritten automatically
# 32767 is the maximum number of connections allowed by the nbd server # 32767 is the maximum number of connections allowed by the nbd server
exec %(qemu_path)s -b %(ip)s %(image)s -r -t -p %(port)s -e 32767 exec %(qemu_path)s -b %(ip)s %(image_path)s -r -t -p %(port)s -e 32767
##############################################################################
#
# Copyright (c) 2011 Vifib SARL and Contributors. All Rights Reserved.
#
# WARNING: This program as such is intended to be used by professional
# programmers who take the whole responsibility of assessing all potential
# consequences resulting from its eventual inadequacies and bugs
# End users who are looking for a ready-to-use solution with commercial
# guarantees and support are strongly adviced to contract a Free Software
# Service Company
#
# This program is Free Software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 3
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#
##############################################################################
from slapos.recipe.librecipe import GenericBaseRecipe
import binascii
import os
import sys
class Recipe(GenericBaseRecipe):
"""
novnc instance configuration.
"""
def install(self):
runner_path = self.createPythonScript(
self.options['path'],
'slapos.recipe.librecipe.execute.execute_wait',
[[
self.options['websockify-path'],
'--web',
self.options['novnc-location'],
'--key=%s' % self.options['ssl-key-path'],
'--cert=%s' % self.options['ssl-cert-path'],
'--ssl-only',
'%s:%s' % (self.options['ip'], self.options['port']),
'%s:%s' % (self.options['vnc-ip'], self.options['vnc-port']),
],
[self.options['ssl-key-path'], self.options['ssl-cert-path']]],
)
return [runner_path]
...@@ -3,7 +3,6 @@ ...@@ -3,7 +3,6 @@
# Basic server configuration # Basic server configuration
PidFile "%(pid_file)s" PidFile "%(pid_file)s"
LockFile "%(lock_file)s"
Listen %(ip)s:%(port)s Listen %(ip)s:%(port)s
PHPINIDir %(php_ini_dir)s PHPINIDir %(php_ini_dir)s
ServerAdmin someone@email ServerAdmin someone@email
...@@ -42,6 +41,9 @@ DocumentRoot %(document_root)s ...@@ -42,6 +41,9 @@ DocumentRoot %(document_root)s
DirectoryIndex index.html index.php DirectoryIndex index.html index.php
# List of modules # List of modules
LoadModule unixd_module modules/mod_unixd.so
LoadModule access_compat_module modules/mod_access_compat.so
LoadModule authz_core_module modules/mod_authz_core.so
LoadModule authz_host_module modules/mod_authz_host.so LoadModule authz_host_module modules/mod_authz_host.so
LoadModule log_config_module modules/mod_log_config.so LoadModule log_config_module modules/mod_log_config.so
LoadModule setenvif_module modules/mod_setenvif.so LoadModule setenvif_module modules/mod_setenvif.so
......
...@@ -54,7 +54,7 @@ class Recipe(object): ...@@ -54,7 +54,7 @@ class Recipe(object):
self.return_parameters = [str(parameter).strip() self.return_parameters = [str(parameter).strip()
for parameter in options['return'].split()] for parameter in options['return'].split()]
else: else:
self.logger.warning("No parameter to return to main instance." self.logger.debug("No parameter to return to main instance."
"Be careful about that...") "Be careful about that...")
software_type = 'RootInstanceSoftware' software_type = 'RootInstanceSoftware'
...@@ -72,14 +72,15 @@ class Recipe(object): ...@@ -72,14 +72,15 @@ class Recipe(object):
partition_parameter_kw[config_parameter] = \ partition_parameter_kw[config_parameter] = \
options['config-%s' % config_parameter] options['config-%s' % config_parameter]
instance = self.request(options['software-url'], software_type, self.instance = self.request(options['software-url'], software_type,
options.get('name', name), partition_parameter_kw=partition_parameter_kw, options.get('name', name), partition_parameter_kw=partition_parameter_kw,
filter_kw=filter_kw, shared=self.isSlave) filter_kw=filter_kw, shared=self.isSlave)
self.failed = None self.failed = None
for param in self.return_parameters: for param in self.return_parameters:
try: try:
options['connection-%s' % param] = str(instance.getConnectionParameter(param)) options['connection-%s' % param] = str(
self.instance.getConnectionParameter(param))
except slapmodule.NotFoundError: except slapmodule.NotFoundError:
options['connection-%s' % param] = '' options['connection-%s' % param] = ''
if self.failed is None: if self.failed is None:
...@@ -87,7 +88,16 @@ class Recipe(object): ...@@ -87,7 +88,16 @@ class Recipe(object):
def install(self): def install(self):
if self.failed is not None: if self.failed is not None:
raise KeyError("Connection parameter %r not found." % self.failed) # Check instance status to know if instance has been deployed
try:
status = self.instance.getState()
except slapmodule.NotFoundError:
status = "not ready yet, please try again"
# XXX-Cedric : currently raise an error. So swallow it...
except AttributeError:
status = "unknown"
raise KeyError("Connection parameter %s not found. "
"Status of requested instance is : %s." % (self.failed, status))
return [] return []
update = install update = install
...@@ -40,6 +40,7 @@ class Recipe(BaseSlapRecipe): ...@@ -40,6 +40,7 @@ class Recipe(BaseSlapRecipe):
ipv6 = self.getGlobalIPv6Address() ipv6 = self.getGlobalIPv6Address()
proxy_port = '50000' proxy_port = '50000'
runner_port = '50000' runner_port = '50000'
cloud9_port = '30000'
workdir = self.createDataDirectory('runner') workdir = self.createDataDirectory('runner')
software_root = os.path.join(workdir, 'software') software_root = os.path.join(workdir, 'software')
instance_root = os.path.join(workdir, 'instance') instance_root = os.path.join(workdir, 'instance')
...@@ -48,7 +49,7 @@ class Recipe(BaseSlapRecipe): ...@@ -48,7 +49,7 @@ class Recipe(BaseSlapRecipe):
instance_root=instance_root, instance_root=instance_root,
master_url='http://%s:%s/' % (ipv4, proxy_port), master_url='http://%s:%s/' % (ipv4, proxy_port),
computer_id='slaprunner', computer_id='slaprunner',
partition_amount=2, partition_amount=7,
slapgrid_sr=self.options['slapgrid_sr'], slapgrid_sr=self.options['slapgrid_sr'],
slapgrid_cp=self.options['slapgrid_cp'], slapgrid_cp=self.options['slapgrid_cp'],
slapproxy=self.options['slapproxy'], slapproxy=self.options['slapproxy'],
...@@ -64,22 +65,33 @@ class Recipe(BaseSlapRecipe): ...@@ -64,22 +65,33 @@ class Recipe(BaseSlapRecipe):
proxy_port=proxy_port, proxy_port=proxy_port,
proxy_database=os.path.join(workdir, 'proxy.db'), proxy_database=os.path.join(workdir, 'proxy.db'),
git=self.options['git'], git=self.options['git'],
cloud9_url='http://[%s]:%s' % (ipv6, cloud9_port),
ssh_client=self.options['ssh_client'], ssh_client=self.options['ssh_client'],
public_key=self.options['public_key'], public_key=self.options['public_key'],
private_key=self.options['private_key'] private_key=self.options['private_key'],
) )
config_file = self.createConfigurationFile('slapos.cfg', config_file = self.createConfigurationFile('slapos.cfg',
self.substituteTemplate(pkg_resources.resource_filename(__name__, self.substituteTemplate(pkg_resources.resource_filename(__name__,
'template/slapos.cfg.in'), configuration)) 'template/slapos.cfg.in'), configuration))
self.path_list.append(config_file) self.path_list.append(config_file)
environment = dict( environment = dict(
PATH=os.path.dirname(self.options['git']) + ':' + os.environ['PATH'], PATH=os.path.dirname(self.options['git']) + ':' + os.environ['PATH'],
GIT_SSH=self.options['ssh_client'] GIT_SSH=self.options['ssh_client']
) )
workdir = os.path.join(workdir, 'project')
if not os.path.exists(workdir):
os.mkdir(workdir)
launch_args = [self.options['slaprunner'].strip(), config_file, '--debug'] launch_args = [self.options['slaprunner'].strip(), config_file, '--debug']
cloud9_args = [self.options['node-bin'].strip(), self.options['cloud9'].strip(),
'-l', ipv6, '-p', cloud9_port, '-w', workdir]
self.path_list.extend(zc.buildout.easy_install.scripts([('slaprunner', self.path_list.extend(zc.buildout.easy_install.scripts([('slaprunner',
'slapos.recipe.librecipe.execute', 'executee')], self.ws, sys.executable, 'slapos.recipe.librecipe.execute', 'executee')], self.ws, sys.executable,
self.wrapper_directory, arguments=[launch_args, environment])) self.wrapper_directory, arguments=[launch_args, environment]))
self.setConnectionDict(dict(url='http://[%s]:%s' % (ipv6, runner_port))) self.path_list.extend(zc.buildout.easy_install.scripts([('cloud9IDE',
'slapos.recipe.librecipe.execute', 'executee')], self.ws, sys.executable,
self.wrapper_directory, arguments=[cloud9_args, environment]))
self.setConnectionDict(dict(slaprunner_url='http://[%s]:%s' % (ipv6, runner_port),
cloud9_url='http://[%s]:%s' % (ipv6, cloud9_port)))
return self.path_list return self.path_list
...@@ -31,3 +31,6 @@ private_key = %(private_key)s ...@@ -31,3 +31,6 @@ private_key = %(private_key)s
[gitclient] [gitclient]
git = %(git)s git = %(git)s
[cloud9_IDE]
cloud9 = %(cloud9_url)s
\ No newline at end of file
...@@ -64,6 +64,15 @@ class Recipe: ...@@ -64,6 +64,15 @@ class Recipe:
# XXX: Lack checking for globality of address # XXX: Lack checking for globality of address
return self._getIpAddress(netaddr.valid_ipv6) return self._getIpAddress(netaddr.valid_ipv6)
def getNetworkInterface(self):
"""Returns the network interface available on partition"""
if not 'ip_list' in self.parameter_dict:
raise AttributeError
for name, ip in self.parameter_dict['ip_list']:
if name:
return name
raise AttributeError, "Not network interface found"
def install(self): def install(self):
slap = slapos.slap.slap() slap = slapos.slap.slap()
slap_connection = self.buildout['slap_connection'] slap_connection = self.buildout['slap_connection']
...@@ -111,6 +120,8 @@ class Recipe: ...@@ -111,6 +120,8 @@ class Recipe:
self.getLocalIPv4Address()) self.getLocalIPv4Address())
buildout.set('slap-network-information', 'global-ipv6', buildout.set('slap-network-information', 'global-ipv6',
self.getGlobalIPv6Address()) self.getGlobalIPv6Address())
buildout.set('slap-network-information', 'network-interface',
self.getNetworkInterface())
# Copy/paste slap_connection # Copy/paste slap_connection
buildout.add_section('slap-connection') buildout.add_section('slap-connection')
......
...@@ -54,3 +54,5 @@ class Recipe: ...@@ -54,3 +54,5 @@ class Recipe:
path_list.append(link) path_list.append(link)
return path_list return path_list
update = install
##############################################################################
#
# Copyright (c) 2012 Vifib SARL and Contributors. All Rights Reserved.
#
# WARNING: This program as such is intended to be used by professional
# programmers who take the whole responsibility of assessing all potential
# consequences resulting from its eventual inadequacies and bugs
# End users who are looking for a ready-to-use solution with commercial
# guarantees and support are strongly adviced to contract a Free Software
# Service Company
#
# This program is Free Software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 3
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#
##############################################################################
import os
import re
from slapos.recipe.librecipe import GenericSlapRecipe
class Recipe(GenericSlapRecipe):
"""
Create web checker configuration.
"""
def _install(self):
path_list = []
web_checker_mail_address = self.parameter_dict['web-checker-mail-address']
web_checker_smtp_host = self.parameter_dict['web-checker-smtp-host']
web_checker_working_directory = \
self.options['web-checker-working-directory']
config = dict(
web_checker_mail_address = web_checker_mail_address,
web_checker_smtp_host = web_checker_smtp_host,
web_checker_working_directory = web_checker_working_directory,
frontend_url = self.options['frontend-url'],
wget_binary_path = self.options['wget-binary-path'],
varnishlog_binary_path = self.options['varnishlog-binary-path'],
web_checker_log = self.options['web-checker-log'],
)
path_list.append(self.createFile(self.options['web-checker-config'],
self.substituteTemplate(self.getTemplateFilename('web_checker.cfg.in'),
config)))
return path_list
[web_checker]
url = %(frontend_url)s
working_directory = %(web_checker_working_directory)s
varnishlog_binary_path = %(varnishlog_binary_path)s
wget_binary_path = %(wget_binary_path)s
email_address = %(web_checker_mail_address)s
smtp_host = %(web_checker_smtp_host)s
debug_level = debug
file_log_path = %(web_checker_log)s
[header_list]
Last-Modified = True
Expires = True
Vary = Accept-Language, Cookie, Accept-Encoding
Accept-Language, Cookie
Accept-Language,Cookie,Accept-Encoding
Accept-Language,Cookie
Accept-Encoding
Cache-Control = max-age=300
max-age=3600
[header url=(.*_form)]
Vary = Accept-Encoding
[header url=.*/favicon.ico]
Last-Modified = True
[no_header content-type=(image/.*|text/css|.*/javascript)]
Vary = None
[erp5_extension_list]
prohibited_folder_name_list = web_page_module
document_module
prohibited_file_name_list = WebSection_viewAsWeb
Base_viewHistory
list
...@@ -21,7 +21,7 @@ long_query_time = 5 ...@@ -21,7 +21,7 @@ long_query_time = 5
max_allowed_packet = 128M max_allowed_packet = 128M
query_cache_size = 32M query_cache_size = 32M
plugin-load = ha_groonga.so;ha_sphinx.so plugin-load = ha_mroonga.so;ha_sphinx.so
# The following are important to configure and depend a lot on to the size of # The following are important to configure and depend a lot on to the size of
# your database and the available resources. # your database and the available resources.
......
[buildout]
parts =
instance
eggs-directory = ${buildout:eggs-directory}
develop-eggs-directory = ${buildout:develop-eggs-directory}
[instance]
recipe = ${instance-recipe:egg}:${instance-recipe:module}
httpd_binary = ${apache:location}/bin/httpd
logrotate_binary = ${logrotate:location}/usr/sbin/logrotate
openssl_binary = ${openssl:location}/bin/openssl
dcrond_binary = ${dcron:location}/sbin/crond
varnishd_binary = ${varnish-2.1:location}/sbin/varnishd
stunnel_binary = ${stunnel:location}/bin/stunnel
rdiff_backup_binary = ${buildout:bin-directory}/rdiff-backup
gcc_binary = ${gcc-java-minimal:location}/bin/gcc
binutils_directory = ${binutils:location}/bin/
[buildout]
versions = versions
extends =
../../component/binutils/buildout.cfg
../../component/gcc/buildout.cfg
../../component/lxml-python/buildout.cfg
../../component/apache/buildout.cfg
../../component/stunnel/buildout.cfg
../../component/varnish/buildout.cfg
../../component/dcron/buildout.cfg
../../component/logrotate/buildout.cfg
../../component/rdiff-backup/buildout.cfg
../../stack/slapos.cfg
parts =
template
binutils
gcc-java-minimal
apache
apache-antiloris
stunnel
varnish-2.1
dcron
logrotate
rdiff-backup
# Buildoutish
eggs
instance-recipe-egg
[instance-recipe]
# Note: In case if specific instantiation recipe is used this is the place to
# put its name
egg = slapos.cookbook
module = apache.frontend
[instance-recipe-egg]
recipe = zc.recipe.egg
eggs = ${instance-recipe:egg}
[eggs]
recipe = zc.recipe.egg
eggs =
${lxml-python:egg}
[template]
# Default template for apache instance.
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance.cfg
md5sum = 17180caef7d1c477fbb037d28b705e8b
output = ${buildout:directory}/template.cfg
mode = 0644
[versions]
# Use SlapOS patched zc.buildout
zc.buildout = 1.6.0-dev-SlapOS-004
Jinja2 = 2.6
Werkzeug = 0.8.3
buildout-versions = 1.7
hexagonit.recipe.cmmi = 1.5.0
meld3 = 0.6.8
rdiff-backup = 1.0.5
slapos.recipe.template = 2.2
slapos.cookbook = 0.40.1
# Required by:
# slapos.core==0.23
Flask = 0.8
# Required by:
# slapos.cookbook==0.40.1
PyXML = 0.8.4
# Required by:
# hexagonit.recipe.cmmi==1.5.0
hexagonit.recipe.download = 1.5.0
# Required by:
# slapos.cookbook==0.40.1
inotifyx = 0.2.0
# Required by:
# slapos.cookbook==0.40.1
# slapos.core==0.23
# xml-marshaller==0.9.7
lxml = 2.3.3
# Required by:
# slapos.cookbook==0.40.1
netaddr = 0.7.6
# Required by:
# slapos.core==0.23
netifaces = 0.8
# Required by:
# slapos.cookbook==0.40.1
# slapos.core==0.23
# zc.buildout==1.6.0-dev-SlapOS-004
# zc.recipe.egg==1.3.2
setuptools = 0.6c12dev-r88846
# Required by:
# slapos.cookbook==0.40.1
slapos.core = 0.23
# Required by:
# slapos.core==0.23
supervisor = 3.0a12
# Required by:
# slapos.cookbook==0.40.1
xml-marshaller = 0.9.7
# Required by:
# slapos.cookbook==0.40.1
zc.recipe.egg = 1.3.2
# Required by:
# slapos.core==0.23
zope.interface = 3.8.0
[networkcache]
# Cedric de Saint Martin signature certificate
signature-certificate-list =
-----BEGIN CERTIFICATE-----
MIIB9jCCAV+gAwIBAgIJAO4V/jiMoICoMA0GCSqGSIb3DQEBBQUAMBMxETAPBgNV
BAMMCENPTVAtMjMyMCAXDTEyMDIxNjExMTAyM1oYDzIxMTIwMTIzMTExMDIzWjAT
MREwDwYDVQQDDAhDT01QLTIzMjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
wi/3Z8W9pUiegUXIk/AiFDQ0UJ4JFAwjqr+HSRUirlUsHHT+8DzH/hfcTDX1I5BB
D1ADk+ydXjMm3OZrQcXjn29OUfM5C+g+oqeMnYQImN0DDQIOcUyr7AJc4xhvuXQ1
P2pJ5NOd3tbd0kexETa1LVhR6EgBC25LyRBRae76qosCAwEAAaNQME4wHQYDVR0O
BBYEFMDmW9aFy1sKTfCpcRkYnP6zUd1cMB8GA1UdIwQYMBaAFMDmW9aFy1sKTfCp
cRkYnP6zUd1cMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAskbFizHr
b6d3iIyN+wffxz/V9epbKIZVEGJd/6LrTdLiUfJPec7FaxVCWNyKBlCpINBM7cEV
Gn9t8mdVQflNqOlAMkOlUv1ZugCt9rXYQOV7rrEYJBWirn43BOMn9Flp2nibblby
If1a2ZoqHRxoNo2yTmm7TSYRORWVS+vvfjY=
-----END CERTIFICATE-----
[buildout]
extends = software.cfg
auto-checkout = cloudooo
...@@ -23,4 +23,4 @@ link_binary_list = ...@@ -23,4 +23,4 @@ link_binary_list =
${pdftk:location}/bin/pdftk ${pdftk:location}/bin/pdftk
environment = environment =
LD_LIBRARY_PATH = ${file:location}/lib:${fontconfig:location}/lib:${freetype:location}/lib:${libICE:location}/lib:${libSM:location}/lib:${libX11:location}/lib:${libXau:location}/lib:${libXdmcp:location}/lib:${libXext:location}/lib:${libXinerama:location}/lib:${libxcb:location}/lib:${zlib:location}/lib LD_LIBRARY_PATH = ${file:location}/lib:${fontconfig:location}/lib:${freetype:location}/lib:${libICE:location}/lib:${libpng12:location}/lib:${libSM:location}/lib:${libX11:location}/lib:${libXau:location}/lib:${libXdmcp:location}/lib:${libXext:location}/lib:${libxcb:location}/lib:${libXrender:location}/lib:${zlib:location}/lib
...@@ -33,6 +33,6 @@ module = cloudooo ...@@ -33,6 +33,6 @@ module = cloudooo
# Default template for erp5 instance. # Default template for erp5 instance.
recipe = slapos.recipe.template recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance.cfg url = ${:_profile_base_location_}/instance.cfg
md5sum = 2a38a928deb5870e02a8271b34341f5b md5sum = 49da453a38dc5462c170747a029037b7
output = ${buildout:directory}/template.cfg output = ${buildout:directory}/template.cfg
mode = 0644 mode = 0644
...@@ -27,7 +27,7 @@ wrapper = $${basedirectory:services}/cloudooo ...@@ -27,7 +27,7 @@ wrapper = $${basedirectory:services}/cloudooo
data-directory = $${directory:cloudooo-data} data-directory = $${directory:cloudooo-data}
environment = environment =
LD_LIBRARY_PATH = ${file:location}/lib:${fontconfig:location}/lib:${freetype:location}/lib:${libICE:location}/lib:${libSM:location}/lib:${libX11:location}/lib:${libXau:location}/lib:${libXdmcp:location}/lib:${libXext:location}/lib:${libXinerama:location}/lib:${libxcb:location}/lib:${zlib:location}/lib LD_LIBRARY_PATH = ${file:location}/lib:${fontconfig:location}/lib:${freetype:location}/lib:${libICE:location}/lib:${libpng12:location}/lib:${libSM:location}/lib:${libX11:location}/lib:${libXau:location}/lib:${libXdmcp:location}/lib:${libXext:location}/lib:${libxcb:location}/lib:${libXrender:location}/lib:${zlib:location}/lib
FONTCONFIG_FILE = $${fontconfig-instance:conf-path} FONTCONFIG_FILE = $${fontconfig-instance:conf-path}
# Binary information # Binary information
......
...@@ -54,11 +54,11 @@ ca-crl = $${test-cadirectory:crl} ...@@ -54,11 +54,11 @@ ca-crl = $${test-cadirectory:crl}
[test-cadirectory] [test-cadirectory]
recipe = slapos.cookbook:mkdirectory recipe = slapos.cookbook:mkdirectory
requests = $${directory:test-ca-dir}/requests/ requests = $${directory:test-ca-dir}/requests
private = $${directory:test-ca-dir}/private/ private = $${directory:test-ca-dir}/private
certs = $${directory:test-ca-dir}/certs/ certs = $${directory:test-ca-dir}/certs
newcerts = $${directory:test-ca-dir}/newcerts/ newcerts = $${directory:test-ca-dir}/newcerts
crl = $${directory:test-ca-dir}/crl/ crl = $${directory:test-ca-dir}/crl
[erp5-update] [erp5-update]
recipe = slapos.cookbook:erp5.update recipe = slapos.cookbook:erp5.update
...@@ -117,13 +117,13 @@ software-type = kumofs ...@@ -117,13 +117,13 @@ software-type = kumofs
# rest of parts are candidates for some generic stuff # rest of parts are candidates for some generic stuff
[basedirectory] [basedirectory]
recipe = slapos.cookbook:mkdirectory recipe = slapos.cookbook:mkdirectory
services = $${rootdirectory:etc}/run/ services = $${rootdirectory:etc}/run
[rootdirectory] [rootdirectory]
recipe = slapos.cookbook:mkdirectory recipe = slapos.cookbook:mkdirectory
etc = $${buildout:directory}/etc/ etc = $${buildout:directory}/etc
[directory] [directory]
test-ca-dir = $${rootdirectory:srv}/test-ca/ test-ca-dir = $${rootdirectory:srv}/test-ca
test-instance-path = $${rootdirectory:srv}/test-instance/ test-instance-path = $${rootdirectory:srv}/test-instance
unit-test-path = $${:test-instance-path}/unit_test/ unit-test-path = $${:test-instance-path}/unit_test
...@@ -34,6 +34,7 @@ partition-id = $${slap-connection:partition-id} ...@@ -34,6 +34,7 @@ partition-id = $${slap-connection:partition-id}
name = Sphinx Search Engine name = Sphinx Search Engine
software-type = sphinx software-type = sphinx
sla-computer_guid = $${slap-parameter:sphinx-computer-guid} sla-computer_guid = $${slap-parameter:sphinx-computer-guid}
return = url-sphinx url-sphinx-sql
[request-mariadb] [request-mariadb]
<=request-common <=request-common
...@@ -65,15 +66,30 @@ sla-computer_guid = $${slap-parameter:kumofs-computer-guid} ...@@ -65,15 +66,30 @@ sla-computer_guid = $${slap-parameter:kumofs-computer-guid}
<=request-common <=request-common
name = TidStorage name = TidStorage
return = url-login return = url-login
config = json mysql-url memcached-url cloudooo-url kumofs-url config = json mysql-url memcached-url cloudooo-url kumofs-url sphinx-url-sphinx sphinx-url-sphinx-sql smtp-url bt5 bt5-repository-url
config-json = $${slap-parameter:json} config-json = $${slap-parameter:json}
config-mysql-url = $${request-mariadb:connection-url} config-mysql-url = $${request-mariadb:connection-url}
config-memcached-url = $${request-memcached:connection-url} config-memcached-url = $${request-memcached:connection-url}
config-cloudooo-url = $${request-cloudooo:connection-url} config-cloudooo-url = $${request-cloudooo:connection-url}
config-kumofs-url = $${request-kumofs:connection-url} config-kumofs-url = $${request-kumofs:connection-url}
config-sphinx-url-sphinx = $${request-sphinx:connection-url-sphinx}
config-sphinx-url-sphinx-sql = $${request-sphinx:connection-url-sphinx-sql}
config-bt5 = $${slap-parameter:bt5}
config-bt5-repository-url = $${slap-parameter:bt5-repository-url}
config-smtp-url = $${slap-parameter:smtp-url}
software-type = tidstorage software-type = tidstorage
sla-computer_guid = $${slap-parameter:tidstorage-computer-guid} sla-computer_guid = $${slap-parameter:tidstorage-computer-guid}
[request-varnish]
<=request-common
name = Varnish
config = tidstorage-url
config-tidstorage-url = $${request-tidstorage:connection-url-login}
config-web-checker-mail-address = $${slap-parameter:web-checker-mail-address}
config-web-checker-smtp-host = $${slap-parameter:web-checker-smtp-host}
software-type = varnish
sla-computer_guid = $${slap-parameter:varnish-computer-guid}
[slap-parameter] [slap-parameter]
# Default value if no computer_guid is specified for each type # Default value if no computer_guid is specified for each type
sphinx-computer-guid = $${slap-connection:computer-id} sphinx-computer-guid = $${slap-connection:computer-id}
...@@ -82,6 +98,15 @@ cloudooo-computer-guid = $${slap-connection:computer-id} ...@@ -82,6 +98,15 @@ cloudooo-computer-guid = $${slap-connection:computer-id}
memcached-computer-guid = $${slap-connection:computer-id} memcached-computer-guid = $${slap-connection:computer-id}
kumofs-computer-guid = $${slap-connection:computer-id} kumofs-computer-guid = $${slap-connection:computer-id}
tidstorage-computer-guid = $${slap-connection:computer-id} tidstorage-computer-guid = $${slap-connection:computer-id}
varnish-computer-guid = $${slap-connection:computer-id}
cloudooo-json =
bt5 = erp5_full_text_myisam_catalog
erp5_configurator_standard
erp5_configurator_maxma_demo
erp5_configurator_ung
erp5_configurator_run_my_doc
bt5-repository-url = ${local-bt5-repository:list}
smtp-url = smtp://localhost:25/
# rest of parts are candidates for some generic stuff # rest of parts are candidates for some generic stuff
[basedirectory] [basedirectory]
......
...@@ -42,6 +42,7 @@ kumo-server-log = $${basedirectory:log}/kumo-server.log ...@@ -42,6 +42,7 @@ kumo-server-log = $${basedirectory:log}/kumo-server.log
kumo-gateway-binary = ${kumo:location}/bin/kumo-gateway kumo-gateway-binary = ${kumo:location}/bin/kumo-gateway
kumo-manager-binary = ${kumo:location}/bin/kumo-manager kumo-manager-binary = ${kumo:location}/bin/kumo-manager
kumo-server-binary = ${kumo:location}/bin/kumo-server kumo-server-binary = ${kumo:location}/bin/kumo-server
shell-path = ${dash:location}/bin/dash
[logrotate-entry-kumofs] [logrotate-entry-kumofs]
<= logrotate <= logrotate
...@@ -77,7 +78,6 @@ recipe = slapos.cookbook:mkdirectory ...@@ -77,7 +78,6 @@ recipe = slapos.cookbook:mkdirectory
cron-entries = $${rootdirectory:etc}/cron.d cron-entries = $${rootdirectory:etc}/cron.d
crontabs = $${rootdirectory:etc}/crontabs crontabs = $${rootdirectory:etc}/crontabs
cronstamps = $${rootdirectory:etc}/cronstamps cronstamps = $${rootdirectory:etc}/cronstamps
cronoutput = $${basedirectory:log}/cron
logrotate-backup = $${basedirectory:backup}/logrotate logrotate-backup = $${basedirectory:backup}/logrotate
logrotate-entries = $${rootdirectory:etc}/logrotate.d logrotate-entries = $${rootdirectory:etc}/logrotate.d
kumofs-data = $${rootdirectory:srv}/kumofs kumofs-data = $${rootdirectory:srv}/kumofs
...@@ -95,13 +95,13 @@ dcrond-binary = ${dcron:location}/sbin/crond ...@@ -95,13 +95,13 @@ dcrond-binary = ${dcron:location}/sbin/crond
cron-entries = $${directory:cron-entries} cron-entries = $${directory:cron-entries}
crontabs = $${directory:crontabs} crontabs = $${directory:crontabs}
cronstamps = $${directory:cronstamps} cronstamps = $${directory:cronstamps}
catcher = $${cron-simplelogger:binary} catcher = $${cron-simplelogger:wrapper}
binary = $${basedirectory:services}/crond binary = $${basedirectory:services}/crond
[cron-simplelogger] [cron-simplelogger]
recipe = slapos.cookbook:simplelogger recipe = slapos.cookbook:simplelogger
binary = $${rootdirectory:bin}/cron_simplelogger wrapper = $${rootdirectory:bin}/cron_simplelogger
output = $${directory:cronoutput} log = $${basedirectory:log}/cron.log
[cron-entry-logrotate] [cron-entry-logrotate]
<= cron <= cron
......
...@@ -115,13 +115,13 @@ dcrond-binary = ${dcron:location}/sbin/crond ...@@ -115,13 +115,13 @@ dcrond-binary = ${dcron:location}/sbin/crond
cron-entries = $${directory:cron-entries} cron-entries = $${directory:cron-entries}
crontabs = $${directory:crontabs} crontabs = $${directory:crontabs}
cronstamps = $${directory:cronstamps} cronstamps = $${directory:cronstamps}
catcher = $${cron-simplelogger:binary} catcher = $${cron-simplelogger:wrapper}
binary = $${basedirectory:services}/crond binary = $${basedirectory:services}/crond
[cron-simplelogger] [cron-simplelogger]
recipe = slapos.cookbook:simplelogger recipe = slapos.cookbook:simplelogger
binary = $${rootdirectory:bin}/cron_simplelogger wrapper = $${rootdirectory:bin}/cron_simplelogger
output = $${directory:cronoutput} log = $${basedirectory:log}/cron.log
[cron-entry-logrotate] [cron-entry-logrotate]
<= cron <= cron
...@@ -164,7 +164,6 @@ recipe = slapos.cookbook:mkdirectory ...@@ -164,7 +164,6 @@ recipe = slapos.cookbook:mkdirectory
cron-entries = $${rootdirectory:etc}/cron.d cron-entries = $${rootdirectory:etc}/cron.d
crontabs = $${rootdirectory:etc}/crontabs crontabs = $${rootdirectory:etc}/crontabs
cronstamps = $${rootdirectory:etc}/cronstamps cronstamps = $${rootdirectory:etc}/cronstamps
cronoutput = $${basedirectory:log}/cron
ca-dir = $${rootdirectory:srv}/ssl ca-dir = $${rootdirectory:srv}/ssl
mariadb-backup-full = $${basedirectory:backup}/mariadb-full mariadb-backup-full = $${basedirectory:backup}/mariadb-full
mariadb-backup-incremental = $${basedirectory:backup}/mariadb-incremental mariadb-backup-incremental = $${basedirectory:backup}/mariadb-incremental
......
...@@ -27,6 +27,7 @@ services = $${rootdirectory:etc}/run ...@@ -27,6 +27,7 @@ services = $${rootdirectory:etc}/run
recipe = slapos.cookbook:generic.memcached recipe = slapos.cookbook:generic.memcached
wrapper_path = $${basedirectory:services}/memcached wrapper_path = $${basedirectory:services}/memcached
binary_path = ${memcached:location}/bin/memcached binary_path = ${memcached:location}/bin/memcached
shell-path = ${dash:location}/bin/dash
ip = $${slap-network-information:local-ipv4} ip = $${slap-network-information:local-ipv4}
port = 11000 port = 11000
......
[buildout]
parts =
publish-varnish-connection-information
varnish-instance
web-checker
cron
cron-entry-logrotate
cron-entry-web-checker
eggs-directory = ${buildout:eggs-directory}
develop-eggs-directory = ${buildout:develop-eggs-directory}
offline = true
[publish-varnish-connection-information]
recipe = slapos.cookbook:publishurl
url = http://$${varnish-instance:ip}:$${varnish-instance:server-port}/
[varnish-instance]
recipe = slapos.cookbook:generic.varnish
# Network options
ip = $${slap-network-information:local-ipv4}
server-port = 6001
manager-port = 6002
# Paths: Running wrappers
varnishd-wrapper = $${basedirectory:services}/varnishd
varnishlog-wrapper = $${rootdirectory:bin}/varnishlog
# Binary information
varnishd-binary = ${varnish:location}/sbin/varnishd
varnishlog-binary = ${varnish:location}/bin/varnishlog
shell-path = ${dash:location}/bin/dash
# Configuration by VCL
vcl-file = $${rootdirectory:etc}/default.vcl
pid-file = $${basedirectory:run}/varnishd.pid
varnish-data = $${directory:varnish-data}
# this will pass at -n option
varnish-instance-name = $${directory:varnish-instance}
web-checker = ${buildout:bin-directory}/web_checker_utility
[cron-entry-web-checker]
<= cron
recipe = slapos.cookbook:cron.d
name = web-checker
frequency = 0 0 * * *
command = $${varnish-instance:web-checker} $${web-checker:web-checker-config}
[web-checker]
recipe = slapos.cookbook:webchecker
web-checker-config = $${rootdirectory:etc}/web_checker.cfg
web-checker-working-directory = $${directory:web-checker}
# for now frontend-url is varnish, it will replace with the real front-end one.
frontend-url = $${varnish-instance:ip}:$${varnish-instance:server-port}
wget-binary-path = ${wget:location}/bin/wget
varnishlog-binary-path = $${varnish-instance:varnishlog-wrapper}
web-checker-log = $${basedirectory:log}/web-checker.log
[cron]
recipe = slapos.cookbook:cron
dcrond-binary = ${dcron:location}/sbin/crond
cron-entries = $${directory:cron-entries}
crontabs = $${directory:crontabs}
cronstamps = $${directory:cronstamps}
binary = $${basedirectory:services}/crond
catcher = $${cron-simplelogger:wrapper}
[cron-simplelogger]
recipe = slapos.cookbook:simplelogger
wrapper = $${rootdirectory:bin}/cron_simplelogger
log = $${basedirectory:log}/cron.log
[cron-entry-logrotate]
<= cron
recipe = slapos.cookbook:cron.d
name = logrotate
frequency = 0 0 * * *
command = $${logrotate:wrapper}
[logrotate]
recipe = slapos.cookbook:logrotate
# Binaries
logrotate-binary = ${logrotate:location}/usr/sbin/logrotate
gzip-binary = ${gzip:location}/bin/gzip
gunzip-binary = ${gzip:location}/bin/gunzip
# Directories
wrapper = $${rootdirectory:bin}/logrotate
conf = $${rootdirectory:etc}/logrotate.conf
logrotate-entries = $${directory:logrotate-entries}
backup = $${directory:logrotate-backup}
state-file = $${rootdirectory:srv}/logrotate.status
[basedirectory]
recipe = slapos.cookbook:mkdirectory
services = $${rootdirectory:etc}/run
run = $${rootdirectory:var}/run
backup = $${rootdirectory:srv}/backup
log = $${rootdirectory:var}/log
backup = $${rootdirectory:srv}/backup
[directory]
recipe = slapos.cookbook:mkdirectory
varnish-data = $${rootdirectory:srv}/varnish
varnish-instance = $${directory:varnish-data}/instance
cron-entries = $${rootdirectory:etc}/cron.d
crontabs = $${rootdirectory:etc}/crontabs
cronstamps = $${rootdirectory:etc}/cronstamps
logrotate-backup = $${basedirectory:backup}/logrotate
logrotate-entries = $${rootdirectory:etc}/logrotate.d
web-checker = $${rootdirectory:srv}/web-checker
[rootdirectory]
recipe = slapos.cookbook:mkdirectory
etc = $${buildout:directory}/etc
var = $${buildout:directory}/var
srv = $${buildout:directory}/srv
bin = $${buildout:directory}/bin
...@@ -18,8 +18,8 @@ develop-eggs-directory = ${buildout:develop-eggs-directory} ...@@ -18,8 +18,8 @@ develop-eggs-directory = ${buildout:develop-eggs-directory}
offline = true offline = true
[slap-parameter] [slap-parameter]
# By default backend disallows the access # By default, if no white list is specified, backend allows access to everyone
access-control-string = none access-control-string = all
[publish-apache-zope-backend-connection-string] [publish-apache-zope-backend-connection-string]
recipe = slapos.cookbook:publish recipe = slapos.cookbook:publish
...@@ -38,9 +38,11 @@ configuration-file = $${directory:apache-conf}/apache.conf ...@@ -38,9 +38,11 @@ configuration-file = $${directory:apache-conf}/apache.conf
access-control-string = $${slap-parameter:access-control-string} access-control-string = $${slap-parameter:access-control-string}
pid-file = $${basedirectory:run}/apache.pid pid-file = $${basedirectory:run}/apache.pid
lock-file = $${basedirectory:run}/apache.lock lock-file = $${basedirectory:run}/apache.lock
ssl-session-cache = $${basedirectory:log}/apache-ssl-session-cache
error-log = $${basedirectory:log}/apache-error.log error-log = $${basedirectory:log}/apache-error.log
access-log = $${basedirectory:log}/apache-access.log access-log = $${basedirectory:log}/apache-access.log
apache-binary = ${apache:location}/bin/httpd apache-binary = ${apache:location}/bin/httpd
scheme = https
[ca-apache-zope-backend] [ca-apache-zope-backend]
<= certificate-authority <= certificate-authority
...@@ -132,13 +134,13 @@ dcrond-binary = ${dcron:location}/sbin/crond ...@@ -132,13 +134,13 @@ dcrond-binary = ${dcron:location}/sbin/crond
cron-entries = $${directory:cron-entries} cron-entries = $${directory:cron-entries}
crontabs = $${directory:crontabs} crontabs = $${directory:crontabs}
cronstamps = $${directory:cronstamps} cronstamps = $${directory:cronstamps}
catcher = $${cron-simplelogger:binary} catcher = $${cron-simplelogger:wrapper}
binary = $${basedirectory:services}/crond binary = $${basedirectory:services}/crond
[cron-simplelogger] [cron-simplelogger]
recipe = slapos.cookbook:simplelogger recipe = slapos.cookbook:simplelogger
binary = $${rootdirectory:bin}/cron_simplelogger wrapper = $${rootdirectory:bin}/cron_simplelogger
output = $${directory:cronoutput} log = $${basedirectory:log}/cron.log
[cron-entry-logrotate] [cron-entry-logrotate]
<= cron <= cron
...@@ -226,11 +228,11 @@ ca-crl = $${erp5-cadirectory:crl} ...@@ -226,11 +228,11 @@ ca-crl = $${erp5-cadirectory:crl}
[erp5-cadirectory] [erp5-cadirectory]
recipe = slapos.cookbook:mkdirectory recipe = slapos.cookbook:mkdirectory
requests = $${directory:erp5-ca-dir}/requests/ requests = $${directory:erp5-ca-dir}/requests
private = $${directory:erp5-ca-dir}/private/ private = $${directory:erp5-ca-dir}/private
certs = $${directory:erp5-ca-dir}/certs/ certs = $${directory:erp5-ca-dir}/certs
newcerts = $${directory:erp5-ca-dir}/newcerts/ newcerts = $${directory:erp5-ca-dir}/newcerts
crl = $${directory:erp5-ca-dir}/crl/ crl = $${directory:erp5-ca-dir}/crl
[directory] [directory]
recipe = slapos.cookbook:mkdirectory recipe = slapos.cookbook:mkdirectory
...@@ -248,11 +250,10 @@ instance-constraint = $${:instance}/Constraint ...@@ -248,11 +250,10 @@ instance-constraint = $${:instance}/Constraint
instance-import = $${:instance}/import instance-import = $${:instance}/import
instance-lib = $${:instance}/lib instance-lib = $${:instance}/lib
instance-tests = $${:instance}/tests instance-tests = $${:instance}/tests
erp5-ca-dir = $${rootdirectory:srv}/erp5-ca/ erp5-ca-dir = $${rootdirectory:srv}/erp5-ca
ca-dir = $${rootdirectory:srv}/ssl ca-dir = $${rootdirectory:srv}/ssl
cron-entries = $${rootdirectory:etc}/cron.d cron-entries = $${rootdirectory:etc}/cron.d
crontabs = $${rootdirectory:etc}/crontabs crontabs = $${rootdirectory:etc}/crontabs
cronstamps = $${rootdirectory:etc}/cronstamps cronstamps = $${rootdirectory:etc}/cronstamps
cronoutput = $${basedirectory:log}/cron
logrotate-backup = $${basedirectory:backup}/logrotate logrotate-backup = $${basedirectory:backup}/logrotate
logrotate-entries = $${rootdirectory:etc}/logrotate.d logrotate-entries = $${rootdirectory:etc}/logrotate.d
...@@ -33,6 +33,7 @@ zope = ${template-zope:output} ...@@ -33,6 +33,7 @@ zope = ${template-zope:output}
mariadb = ${template-mariadb:output} mariadb = ${template-mariadb:output}
sphinx = ${template-sphinx:output} sphinx = ${template-sphinx:output}
tidstorage = $${dynamic-template-tidstorage:output} tidstorage = $${dynamic-template-tidstorage:output}
varnish = ${template-varnish:output}
[slap-connection] [slap-connection]
# part to migrate to new - separated words # part to migrate to new - separated words
......
[apache-%(backend_name)s] [apache-public-%(backend_name)s]
recipe = slapos.cookbook:apache.zope.backend recipe = slapos.cookbook:apache.zope.backend
backend = http://$${haproxy-%(backend_name)s:ip}:$${haproxy-%(backend_name)s:port}/ backend = http://$${haproxy-%(backend_name)s:ip}:$${haproxy-%(backend_name)s:port}/
ip = $${slap-network-information:global-ipv6} ip = $${slap-network-information:global-ipv6}
port = %(apache_public_port)s
scheme = http
wrapper = $${basedirectory:services}/apache-public-%(backend_name)s
configuration-file = $${directory:apache-conf}/apache-public-%(backend_name)s.conf
access-control-string = %(access_control_string)s
pid-file = $${basedirectory:run}/apache-public-%(backend_name)s.pid
lock-file = $${basedirectory:run}/apache-public-%(backend_name)s.lock
error-log = $${basedirectory:log}/apache-public-%(backend_name)s-error.log
access-log = $${basedirectory:log}/apache-public-%(backend_name)s-access.log
apache-binary = ${apache:location}/bin/httpd
[apache-%(backend_name)s]
recipe = slapos.cookbook:apache.zope.backend
backend = http://$${haproxy-%(backend_name)s:ip}:$${haproxy-%(backend_name)s:port}
ip = $${slap-network-information:global-ipv6}
port = %(apache_port)s port = %(apache_port)s
wrapper = $${rootdirectory:bin}/apache-%(backend_name)s wrapper = $${rootdirectory:bin}/apache-%(backend_name)s
scheme = https
key-file = $${directory:apache-conf}/apache-%(backend_name)s.key key-file = $${directory:apache-conf}/apache-%(backend_name)s.key
cert-file = $${directory:apache-conf}/apache-%(backend_name)s.crt cert-file = $${directory:apache-conf}/apache-%(backend_name)s.crt
configuration-file = $${directory:apache-conf}/apache-%(backend_name)s.conf configuration-file = $${directory:apache-conf}/apache-%(backend_name)s.conf
access-control-string = %(access_control_string)s access-control-string = %(access_control_string)s
pid-file = $${basedirectory:run}/apache-%(backend_name)s.pid pid-file = $${basedirectory:run}/apache-%(backend_name)s.pid
lock-file = $${basedirectory:run}/apache-%(backend_name)s.lock lock-file = $${basedirectory:run}/apache-%(backend_name)s.lock
ssl-session-cache = $${basedirectory:log}/apache-ssl-session-cache
error-log = $${basedirectory:log}/apache-%(backend_name)s-error.log error-log = $${basedirectory:log}/apache-%(backend_name)s-error.log
access-log = $${basedirectory:log}/apache-%(backend_name)s-access.log access-log = $${basedirectory:log}/apache-%(backend_name)s-access.log
apache-binary = ${apache:location}/bin/httpd apache-binary = ${apache:location}/bin/httpd
ssl-authentication = %(ssl_authentication)s
backend-path = %(backend_path)s
# Note: Without erp5-certificate-authority main certificate have to be hardcoded
ssl-authentication-certificate = $${erp5-certificate-authority:ca-dir}/cacert.pem
ssl-authentication-crl = $${erp5-certificate-authority:ca-crl}
[ca-apache-%(backend_name)s] [ca-apache-%(backend_name)s]
<= certificate-authority <= certificate-authority
...@@ -22,6 +44,13 @@ cert-file = $${apache-%(backend_name)s:cert-file} ...@@ -22,6 +44,13 @@ cert-file = $${apache-%(backend_name)s:cert-file}
executable = $${apache-%(backend_name)s:wrapper} executable = $${apache-%(backend_name)s:wrapper}
wrapper = $${basedirectory:services}/apache-%(backend_name)s wrapper = $${basedirectory:services}/apache-%(backend_name)s
[logrotate-entry-apache-public-%(backend_name)s]
<= logrotate
recipe = slapos.cookbook:logrotate.d
name = apache-public-%(backend_name)s
log = $${apache-public-%(backend_name)s:error-log} $${apache-public-%(backend_name)s:access-log}
post = ${buildout:bin-directory}/killpidfromfile $${apache-public-%(backend_name)s:pid-file} SIGUSR1
[logrotate-entry-apache-%(backend_name)s] [logrotate-entry-apache-%(backend_name)s]
<= logrotate <= logrotate
recipe = slapos.cookbook:logrotate.d recipe = slapos.cookbook:logrotate.d
......
#############################
#
# Instanciate zeo
#
# zeo-id -- local id of the requested zeo (1,2,3,...)
#
# zeo-port -- ip port to use to run the process
#
# storage_list -- string with list of all resquested storage
# Example: event_module person_module
#
#############################
[buildout] [buildout]
parts = parts =
logrotate logrotate
...@@ -21,7 +9,8 @@ parts = ...@@ -21,7 +9,8 @@ parts =
cron-entry-tidstorage-backup cron-entry-tidstorage-backup
logrotate-entry-tidstorage logrotate-entry-tidstorage
binary-link binary-link
erp5-update erp5-promise
erp5-bootstrap
%(part_list)s %(part_list)s
eggs-directory = ${buildout:eggs-directory} eggs-directory = ${buildout:eggs-directory}
...@@ -59,28 +48,19 @@ name = tidstorage ...@@ -59,28 +48,19 @@ name = tidstorage
log = $${tidstorage:logfile-name} log = $${tidstorage:logfile-name}
post = ${buildout:bin-directory}/killpidfromfile $${tidstorage:pidfile-name} SIGHUP post = ${buildout:bin-directory}/killpidfromfile $${tidstorage:pidfile-name} SIGHUP
[directory]
recipe = slapos.cookbook:mkdirectory
cron-entries = $${rootdirectory:etc}/cron.d/
crontabs = $${rootdirectory:etc}/crontabs/
cronstamps = $${rootdirectory:etc}/cronstamps/
cronoutput = $${basedirectory:log}/cron/
logrotate-backup = $${basedirectory:backup}/logrotate/
logrotate-entries = $${rootdirectory:etc}/logrotate.d/
[cron] [cron]
recipe = slapos.cookbook:cron recipe = slapos.cookbook:cron
dcrond-binary = ${dcron:location}/sbin/crond dcrond-binary = ${dcron:location}/sbin/crond
cron-entries = $${directory:cron-entries} cron-entries = $${directory:cron-entries}
crontabs = $${directory:crontabs} crontabs = $${directory:crontabs}
cronstamps = $${directory:cronstamps} cronstamps = $${directory:cronstamps}
catcher = $${cron-simplelogger:binary} catcher = $${cron-simplelogger:wrapper}
binary = $${basedirectory:services}/crond binary = $${basedirectory:services}/crond
[cron-simplelogger] [cron-simplelogger]
recipe = slapos.cookbook:simplelogger recipe = slapos.cookbook:simplelogger
binary = $${rootdirectory:bin}/cron_simplelogger wrapper = $${rootdirectory:bin}/cron_simplelogger
output = $${directory:cronoutput} log = $${basedirectory:log}/cron.log
[cron-entry-logrotate] [cron-entry-logrotate]
<= cron <= cron
...@@ -89,8 +69,6 @@ name = logrotate ...@@ -89,8 +69,6 @@ name = logrotate
frequency = 0 0 * * * frequency = 0 0 * * *
command = $${logrotate:wrapper} command = $${logrotate:wrapper}
# rest of parts are candidates for some generic stuff
[logrotate] [logrotate]
recipe = slapos.cookbook:logrotate recipe = slapos.cookbook:logrotate
# Binaries # Binaries
...@@ -119,14 +97,19 @@ ca-private = $${erp5-cadirectory:private} ...@@ -119,14 +97,19 @@ ca-private = $${erp5-cadirectory:private}
ca-certs = $${erp5-cadirectory:certs} ca-certs = $${erp5-cadirectory:certs}
ca-newcerts = $${erp5-cadirectory:newcerts} ca-newcerts = $${erp5-cadirectory:newcerts}
ca-crl = $${erp5-cadirectory:crl} ca-crl = $${erp5-cadirectory:crl}
country-code = %(erp5_ca_country_code)s
email = %(erp5_ca_email)s
state = %(erp5_ca_state)s
city = %(erp5_ca_city)s
company = %(erp5_ca_company)s
[erp5-cadirectory] [erp5-cadirectory]
recipe = slapos.cookbook:mkdirectory recipe = slapos.cookbook:mkdirectory
requests = $${directory:erp5-ca-dir}/requests/ requests = $${directory:erp5-ca-dir}/requests
private = $${directory:erp5-ca-dir}/private/ private = $${directory:erp5-ca-dir}/private
certs = $${directory:erp5-ca-dir}/certs/ certs = $${directory:erp5-ca-dir}/certs
newcerts = $${directory:erp5-ca-dir}/newcerts/ newcerts = $${directory:erp5-ca-dir}/newcerts
crl = $${directory:erp5-ca-dir}/crl/ crl = $${directory:erp5-ca-dir}/crl
[certificate-authority] [certificate-authority]
recipe = slapos.cookbook:certificate_authority recipe = slapos.cookbook:certificate_authority
...@@ -141,33 +124,33 @@ ca-crl = $${cadirectory:crl} ...@@ -141,33 +124,33 @@ ca-crl = $${cadirectory:crl}
[cadirectory] [cadirectory]
recipe = slapos.cookbook:mkdirectory recipe = slapos.cookbook:mkdirectory
requests = $${directory:ca-dir}/requests/ requests = $${directory:ca-dir}/requests
private = $${directory:ca-dir}/private/ private = $${directory:ca-dir}/private
certs = $${directory:ca-dir}/certs/ certs = $${directory:ca-dir}/certs
newcerts = $${directory:ca-dir}/newcerts/ newcerts = $${directory:ca-dir}/newcerts
crl = $${directory:ca-dir}/crl/ crl = $${directory:ca-dir}/crl
[rootdirectory] [rootdirectory]
recipe = slapos.cookbook:mkdirectory recipe = slapos.cookbook:mkdirectory
etc = $${buildout:directory}/etc/ etc = $${buildout:directory}/etc
var = $${buildout:directory}/var/ var = $${buildout:directory}/var
srv = $${buildout:directory}/srv/ srv = $${buildout:directory}/srv
bin = $${buildout:directory}/bin/ bin = $${buildout:directory}/bin
tmp = $${buildout:directory}/tmp/ tmp = $${buildout:directory}/tmp
[basedirectory] [basedirectory]
recipe = slapos.cookbook:mkdirectory recipe = slapos.cookbook:mkdirectory
log = $${rootdirectory:var}/log/ log = $${rootdirectory:var}/log
services = $${rootdirectory:etc}/run/ services = $${rootdirectory:etc}/run
run = $${rootdirectory:var}/run/ run = $${rootdirectory:var}/run
backup = $${rootdirectory:srv}/backup/ backup = $${rootdirectory:srv}/backup
[directory] [directory]
recipe = slapos.cookbook:mkdirectory recipe = slapos.cookbook:mkdirectory
tidstorage = $${rootdirectory:srv}/tidstorage/ tidstorage = $${rootdirectory:srv}/tidstorage
zodb = $${rootdirectory:srv}/zodb/ zodb = $${rootdirectory:srv}/zodb
zodb-backup = $${basedirectory:backup}/zodb zodb-backup = $${basedirectory:backup}/zodb
instance = $${rootdirectory:srv}/erp5shared/ instance = $${rootdirectory:srv}/erp5shared
instance-etc = $${:instance}/etc instance-etc = $${:instance}/etc
apache-conf = $${rootdirectory:etc}/apache apache-conf = $${rootdirectory:etc}/apache
instance-etc-package-include = $${:instance}/etc/package-include instance-etc-package-include = $${:instance}/etc/package-include
...@@ -180,14 +163,13 @@ instance-constraint = $${:instance}/Constraint ...@@ -180,14 +163,13 @@ instance-constraint = $${:instance}/Constraint
instance-import = $${:instance}/import instance-import = $${:instance}/import
instance-lib = $${:instance}/lib instance-lib = $${:instance}/lib
instance-tests = $${:instance}/tests instance-tests = $${:instance}/tests
erp5-ca-dir = $${rootdirectory:srv}/erp5-ssl/ erp5-ca-dir = $${rootdirectory:srv}/erp5-ssl
ca-dir = $${rootdirectory:srv}/ssl/ ca-dir = $${rootdirectory:srv}/ssl
cron-entries = $${rootdirectory:etc}/cron.d/ cron-entries = $${rootdirectory:etc}/cron.d
crontabs = $${rootdirectory:etc}/crontabs/ crontabs = $${rootdirectory:etc}/crontabs
cronstamps = $${rootdirectory:etc}/cronstamps/ cronstamps = $${rootdirectory:etc}/cronstamps
cronoutput = $${basedirectory:log}/cron/ logrotate-backup = $${basedirectory:backup}/logrotate
logrotate-backup = $${basedirectory:backup}/logrotate/ logrotate-entries = $${rootdirectory:etc}/logrotate.d
logrotate-entries = $${rootdirectory:etc}/logrotate.d/
[binary-link] [binary-link]
recipe = slapos.cookbook:symbolic.link recipe = slapos.cookbook:symbolic.link
...@@ -214,22 +196,19 @@ link-binary = ...@@ -214,22 +196,19 @@ link-binary =
${poppler:location}/bin/pdftotext ${poppler:location}/bin/pdftotext
${poppler:location}/bin/pdftohtml ${poppler:location}/bin/pdftohtml
[erp5-update] [erp5-bootstrap]
recipe = slapos.cookbook:erp5.update recipe = slapos.cookbook:erp5.bootstrap
runner-path = $${basedirectory:services}/erp5-bootstrap
# Configuration
url = http://$${%(zope_section)s:user}:$${%(zope_section)s:password}@$${%(zope_section)s:ip}:$${%(zope_section)s:port}/
mysql-url = %(mysql-url)s mysql-url = %(mysql-url)s
zope-url = http://$${%(zope_section)s:user}:$${%(zope_section)s:password}@$${%(zope_section)s:ip}:$${%(zope_section)s:port}/%(site_id)s
[erp5-promise]
recipe = slapos.cookbook:erp5.promise
promise-path = $${rootdirectory:etc}/erp5promise.cfg
kumofs-url = %(kumofs-url)s kumofs-url = %(kumofs-url)s
memcached-url = %(memcached-url)s memcached-url = %(memcached-url)s
cloudooo-url = %(cloudooo-url)s cloudooo-url = %(cloudooo-url)s
site-id = %(site_id)s smtp-url = $${slap-parameter:smtp-url}
openssl-binary = ${openssl:location}/bin/openssl bt5 = $${slap-parameter:bt5}
cadir-path = $${erp5-certificate-authority:ca-dir} bt5-repository-url = $${slap-parameter:bt5-repository-url}
# Paths
update-wrapper = $${basedirectory:services}/erp5-update
# Defaults
configurator-bt5-list = erp5_full_text_myisam_catalog erp5_configurator_standard erp5_configurator_maxma_demo erp5_configurator_ung erp5_configurator_ung erp5_configurator_run_my_doc
bt5-repository-list = $${%(zope_section)s:bt5-repository-list}
...@@ -17,6 +17,8 @@ zeo-connection-string = ...@@ -17,6 +17,8 @@ zeo-connection-string =
%(zeo_connection_string)s %(zeo_connection_string)s
timeserver = %(zope_timeserver)s timeserver = %(zope_timeserver)s
tidstorage-ip = $${tidstorage:ip}
tidstorage-port = $${tidstorage:port}
# long request # long request
longrequest-logger-file = %(longrequest_logger_file)s longrequest-logger-file = %(longrequest_logger_file)s
...@@ -44,6 +46,9 @@ runzope-binary = ${buildout:bin-directory}/runzope ...@@ -44,6 +46,9 @@ runzope-binary = ${buildout:bin-directory}/runzope
# BT5 Configuration # BT5 Configuration
bt5-repository-list = bt5-repository-list =
promise-path = $${erp5-promise:promise-path}
site-id = %(site_id)s
[logrotate-entry-%(zope_id)s] [logrotate-entry-%(zope_id)s]
<= logrotate <= logrotate
recipe = slapos.cookbook:logrotate.d recipe = slapos.cookbook:logrotate.d
......
...@@ -28,7 +28,7 @@ recipe = plone.recipe.command ...@@ -28,7 +28,7 @@ recipe = plone.recipe.command
stop-on-error = true stop-on-error = true
location = ${buildout:parts-directory}/${:_buildout_section_name_} location = ${buildout:parts-directory}/${:_buildout_section_name_}
command = ${git:location}/bin/git clone --branch erp5 --quiet http://git.erp5.org/repos/slapos.git ${:location} command = ${git:location}/bin/git clone --branch erp5 --quiet http://git.erp5.org/repos/slapos.git ${:location}
update-command = cd ${:location} && ${git:location}/bin/git pull --quiet update-command = cd ${:location} && GIT_COMMITTER_EMAIL=nobody@example.com GIT_AUTHOR_NAME=Nobody GIT_AUTHOR_EMAIL=nobody@example.com ${git:location}/bin/git pull --quiet
[check-recipe] [check-recipe]
recipe = plone.recipe.command recipe = plone.recipe.command
...@@ -41,11 +41,12 @@ recipe = zc.recipe.egg ...@@ -41,11 +41,12 @@ recipe = zc.recipe.egg
eggs = slapos.cookbook eggs = slapos.cookbook
scripts = scripts =
python = python2.6 python = python2.6
ugly-depend-on = ${slapos.cookbook-repository:command} ${slapos.cookbook-repository:update-command}
[template-mariadb] [template-mariadb]
recipe = slapos.recipe.template recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-mariadb.cfg url = ${:_profile_base_location_}/instance-mariadb.cfg
md5sum = 3225a2ba7337505bdeb95867f5028891 md5sum = 6580f1d431f65281c7aa1358a51cc292
output = ${buildout:directory}/template-mariadb.cfg output = ${buildout:directory}/template-mariadb.cfg
mode = 0644 mode = 0644
...@@ -59,14 +60,14 @@ mode = 0644 ...@@ -59,14 +60,14 @@ mode = 0644
[template-zope] [template-zope]
recipe = slapos.recipe.template recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-zope.cfg url = ${:_profile_base_location_}/instance-zope.cfg
md5sum = 769a7ba8e8c5865637e374376be8cbcd md5sum = d3d221255f93a9ced82dcca9ca57f84e
output = ${buildout:directory}/template-zope.cfg output = ${buildout:directory}/template-zope.cfg
mode = 0644 mode = 0644
[template-cloudooo] [template-cloudooo]
recipe = slapos.recipe.template recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-cloudooo.cfg url = ${:_profile_base_location_}/instance-cloudooo.cfg
md5sum = 8ea2839e951f26af2bc74b9a8c0fa5c2 md5sum = e7698a0537785339e249bdc57f369e93
output = ${buildout:directory}/template-cloudooo.cfg output = ${buildout:directory}/template-cloudooo.cfg
mode = 0644 mode = 0644
...@@ -80,35 +81,35 @@ mode = 0644 ...@@ -80,35 +81,35 @@ mode = 0644
[template-kumofs] [template-kumofs]
recipe = slapos.recipe.template recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-kumofs.cfg url = ${:_profile_base_location_}/instance-kumofs.cfg
md5sum = c12d8dc1925d16a75247971086734aa8 md5sum = 9746823ccbbedf42b3e759c3e7150252
output = ${buildout:directory}/template-kumofs.cfg output = ${buildout:directory}/template-kumofs.cfg
mode = 0644 mode = 0644
[template] [template]
recipe = slapos.recipe.template recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance.cfg url = ${:_profile_base_location_}/instance.cfg
md5sum = 961d404f5726fce7c4d8b34d7e120077 md5sum = f3443d071d8d7330b3453583e096fef0
output = ${buildout:directory}/template.cfg output = ${buildout:directory}/template.cfg
mode = 0644 mode = 0644
[template-memcached] [template-memcached]
recipe = slapos.recipe.template recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-memcached.cfg url = ${:_profile_base_location_}/instance-memcached.cfg
md5sum = 9a1462f3e34b99f384ae47b48a3a733c md5sum = 7ed1d93dafa76adc025acb2f0e08c05f
output = ${buildout:directory}/template-memcached.cfg output = ${buildout:directory}/template-memcached.cfg
mode = 0644 mode = 0644
[template-erp5-development] [template-erp5-development]
recipe = slapos.recipe.template recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-erp5-development.cfg url = ${:_profile_base_location_}/instance-erp5-development.cfg
md5sum = 9af9db6f1220ffe42e030c81f9072669 md5sum = 4bc5a2ec8c04b206dab8b98258a69efd
output = ${buildout:directory}/template-erp5-development.cfg output = ${buildout:directory}/template-erp5-development.cfg
mode = 0644 mode = 0644
[template-erp5-production] [template-erp5-production]
recipe = slapos.recipe.template recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-erp5-production.cfg url = ${:_profile_base_location_}/instance-erp5-production.cfg
md5sum = 32f6537110bbc29e7cc5613695863096 md5sum = 54ad3c5e92af02d0db98d1085adf986d
output = ${buildout:directory}/template-erp5-production.cfg output = ${buildout:directory}/template-erp5-production.cfg
mode = 0644 mode = 0644
...@@ -122,24 +123,31 @@ mode = 0644 ...@@ -122,24 +123,31 @@ mode = 0644
[template-snippet-master] [template-snippet-master]
recipe = slapos.recipe.template recipe = slapos.recipe.template
url = ${:_profile_base_location_}/snippet-master.cfg url = ${:_profile_base_location_}/snippet-master.cfg
md5sum = c9bea484c2827954b9f9f728ce0342fb md5sum = 14ffe48453a74190bdd289169220739f
output = ${buildout:directory}/template-snippet-master.cfg output = ${buildout:directory}/template-snippet-master.cfg
mode = 0644 mode = 0644
[template-snippet-zope] [template-snippet-zope]
recipe = slapos.recipe.template recipe = slapos.recipe.template
url = ${:_profile_base_location_}/snippet-zope.cfg url = ${:_profile_base_location_}/snippet-zope.cfg
md5sum = 99fcce6aa6120787870522898650800d md5sum = bcc68c31a16b35bee7111f9c6e02b781
output = ${buildout:directory}/template-snippet-zope.cfg output = ${buildout:directory}/template-snippet-zope.cfg
mode = 0644 mode = 0644
[template-snippet-backend] [template-snippet-backend]
recipe = slapos.recipe.template recipe = slapos.recipe.template
url = ${:_profile_base_location_}/snippet-backend.cfg url = ${:_profile_base_location_}/snippet-backend.cfg
md5sum = e2b26547ba1435ec1b8e8cd1de89e2c6 md5sum = 3a1b359b57bf21a226bb96c0c18f1924
output = ${buildout:directory}/template-snippet-backend.cfg output = ${buildout:directory}/template-snippet-backend.cfg
mode = 0644 mode = 0644
[template-varnish]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-varnish.cfg
md5sum = 70fb0ccadf0d6723ddb0fe55a1549ca5
output = ${buildout:directory}/template-varnish.cfg
mode = 0644
[validator] [validator]
# Default json schema for instance parameters. # Default json schema for instance parameters.
recipe = slapos.recipe.template recipe = slapos.recipe.template
...@@ -153,6 +161,9 @@ mode = 0644 ...@@ -153,6 +161,9 @@ mode = 0644
# Romain Courteaud # Romain Courteaud
# Sebastien Robin # Sebastien Robin
# Kazuhiko Shiozaki # Kazuhiko Shiozaki
# Cedric de Saint Martin
# Yingjie Xu
# Gabriel Monnerat
signature-certificate-list = signature-certificate-list =
-----BEGIN CERTIFICATE----- -----BEGIN CERTIFICATE-----
MIIB4DCCAUkCADANBgkqhkiG9w0BAQsFADA5MQswCQYDVQQGEwJGUjEZMBcGA1UE MIIB4DCCAUkCADANBgkqhkiG9w0BAQsFADA5MQswCQYDVQQGEwJGUjEZMBcGA1UE
...@@ -193,3 +204,42 @@ signature-certificate-list = ...@@ -193,3 +204,42 @@ signature-certificate-list =
KrDm39slYD/1KoE5kB4l/p6KVOdeJ4I6xcgu9rnkqqHzDwI4v7e8/D3WZbpiFUsY KrDm39slYD/1KoE5kB4l/p6KVOdeJ4I6xcgu9rnkqqHzDwI4v7e8/D3WZbpiFUsY
vaZhjNYKWQf79l6zXfOvphzJ vaZhjNYKWQf79l6zXfOvphzJ
-----END CERTIFICATE----- -----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIB9jCCAV+gAwIBAgIJAO4V/jiMoICoMA0GCSqGSIb3DQEBBQUAMBMxETAPBgNV
BAMMCENPTVAtMjMyMCAXDTEyMDIxNjExMTAyM1oYDzIxMTIwMTIzMTExMDIzWjAT
MREwDwYDVQQDDAhDT01QLTIzMjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
wi/3Z8W9pUiegUXIk/AiFDQ0UJ4JFAwjqr+HSRUirlUsHHT+8DzH/hfcTDX1I5BB
D1ADk+ydXjMm3OZrQcXjn29OUfM5C+g+oqeMnYQImN0DDQIOcUyr7AJc4xhvuXQ1
P2pJ5NOd3tbd0kexETa1LVhR6EgBC25LyRBRae76qosCAwEAAaNQME4wHQYDVR0O
BBYEFMDmW9aFy1sKTfCpcRkYnP6zUd1cMB8GA1UdIwQYMBaAFMDmW9aFy1sKTfCp
cRkYnP6zUd1cMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAskbFizHr
b6d3iIyN+wffxz/V9epbKIZVEGJd/6LrTdLiUfJPec7FaxVCWNyKBlCpINBM7cEV
Gn9t8mdVQflNqOlAMkOlUv1ZugCt9rXYQOV7rrEYJBWirn43BOMn9Flp2nibblby
If1a2ZoqHRxoNo2yTmm7TSYRORWVS+vvfjY=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIB9jCCAV+gAwIBAgIJAIlBksrZVkK8MA0GCSqGSIb3DQEBBQUAMBMxETAPBgNV
BAMMCENPTVAtMzU3MCAXDTEyMDEyNjEwNTUyOFoYDzIxMTIwMTAyMTA1NTI4WjAT
MREwDwYDVQQDDAhDT01QLTM1NzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
ts+iGUwi44vtIfwXR8DCnLtHV4ydl0YTK2joJflj0/Ws7mz5BYkxIU4fea/6+VF3
i11nwBgYgxQyjNztgc9u9O71k1W5tU95yO7U7bFdYd5uxYA9/22fjObaTQoC4Nc9
mTu6r/VHyJ1yRsunBZXvnk/XaKp7gGE9vNEyJvPn2bkCAwEAAaNQME4wHQYDVR0O
BBYEFKuGIYu8+6aEkTVg62BRYaD11PILMB8GA1UdIwQYMBaAFKuGIYu8+6aEkTVg
62BRYaD11PILMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAMoTRpBxK
YLEZJbofF7gSrRIcrlUJYXfTfw1QUBOKkGFFDsiJpEg4y5pUk1s5Jq9K3SDzNq/W
it1oYjOhuGg3al8OOeKFrU6nvNTF1BAvJCl0tr3POai5yXyN5jlK/zPfypmQYxE+
TaqQSGBJPVXYt6lrq/PRD9ciZgKLOwEqK8w=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIB9jCCAV+gAwIBAgIJAPHoWu90gbsgMA0GCSqGSIb3DQEBBQUAMBQxEjAQBgNV
BAMMCXZpZmlibm9kZTAeFw0xMjAzMTkyMzIwNTVaFw0xMzAzMTkyMzIwNTVaMBQx
EjAQBgNVBAMMCXZpZmlibm9kZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
ozBijpO8PS5RTeKTzA90vi9ezvv4vVjNaguqT4UwP9+O1+i6yq1Y2W5zZxw/Klbn
oudyNzie3/wqs9VfPmcyU9ajFzBv/Tobm3obmOqBN0GSYs5fyGw+O9G3//6ZEhf0
NinwdKmrRX+d0P5bHewadZWIvlmOupcnVJmkks852BECAwEAAaNQME4wHQYDVR0O
BBYEFF9EtgfZZs8L2ZxBJxSiY6eTsTEwMB8GA1UdIwQYMBaAFF9EtgfZZs8L2ZxB
JxSiY6eTsTEwMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAc43YTfc6
baSemaMAc/jz8LNLhRE5dLfLOcRSoHda8y0lOrfe4lHT6yP5l8uyWAzLW+g6s3DA
Yme/bhX0g51BmI6gjKJo5DoPtiXk/Y9lxwD3p7PWi+RhN+AZQ5rpo8UfwnnN059n
yDuimQfvJjBFMVrdn9iP6SfMjxKaGk6gVmI=
-----END CERTIFICATE-----
...@@ -36,11 +36,6 @@ parts = ...@@ -36,11 +36,6 @@ parts =
zip zip
git git
# Separate from site eggs
allowed-eggs-from-site-packages =
include-site-packages = false
exec-sitecustomize = false
# Use only quite well working sites. # Use only quite well working sites.
allow-hosts = allow-hosts =
*.nexedi.org *.nexedi.org
...@@ -159,7 +154,7 @@ zc.buildout = 1.6.0-dev-SlapOS-003 ...@@ -159,7 +154,7 @@ zc.buildout = 1.6.0-dev-SlapOS-003
Jinja2 = 2.6 Jinja2 = 2.6
Werkzeug = 0.8.2 Werkzeug = 0.8.2
erp5.util = 0.3 erp5.util = 0.4.1
hexagonit.recipe.cmmi = 1.5.0 hexagonit.recipe.cmmi = 1.5.0
lxml = 2.3.2 lxml = 2.3.2
meld3 = 0.6.7 meld3 = 0.6.7
......
kvm
===
Introduction
------------
This software release is used to deploy KVM instances, NBD instances and
Frontend instances of KVM.
Examples
--------
The following examples listhow to request different possible instances of KVM
Software Release from slap console or command line.
KVM instance (1GB of RAM, 10GB of SSD, one core)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Note that the KVM instance will request a frontend slave instance in order
to be accessible from IPv4.
KVM instance needs a NBD to fetch disk image at first boot. Working NBD IP/port
has to be specified.
::
myawesomekvm = request(
software_release=kvm,
partition_reference="myawesomekvm",
partition_parameter_kw={
"ndb_ip":"2a01:e35:2e27:460:e2cb:4eff:fed9:48dc",
"ndb_port": 1024
}
)
KVM+ instance (2GB of RAM, 20GB of SSD, two cores)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
::
myevenmoreawesomekvm = request(
software_release=kvm,
partition_reference="myevenmoreawesomekvm",
partition_parameter_kw={
"ndb_ip":"2a01:e35:2e27:460:e2cb:4eff:fed9:48dc",
"ndb_port": 1024
},
software_type="kvm+",
)
NBD instance
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
This type of instance will allow to host a disk image that will be used by
any KVM instance.
::
mynbd = request(
software_release=kvm,
partition_reference="mynbd",
software_type="nbd",
)
KVM Frontend Master Instance (will host all frontend Slave Instances)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
This type of instance will allow to host any frontend slave instance requested
by KVM instances. Slave instances (and thus KVM instance) will be accessible
at : https://mydomain.com/instancereference .
::
mykvmfrontend = request(
software_release=kvm,
partition_reference="mykvmfrontend",
partition_parameter_kw={
"domain":"mydomain.com"
},
software_type="frontend",
)
#############################
#
# Instanciate kvm frontend
#
#############################
[buildout]
parts =
logrotate
# logrotate-entry-frontend
cron
cron-entry-logrotate
ca-frontend
certificate-authority
frontend-promise
publish-kvm-frontend-connection-information
eggs-directory = ${buildout:eggs-directory}
develop-eggs-directory = ${buildout:develop-eggs-directory}
offline = true
[rootdirectory]
recipe = slapos.cookbook:mkdirectory
etc = $${buildout:directory}/etc
bin = $${buildout:directory}/bin
srv = $${buildout:directory}/srv
var = $${buildout:directory}/var
[basedirectory]
recipe = slapos.cookbook:mkdirectory
services = $${rootdirectory:etc}/run
promises = $${rootdirectory:etc}/promise
nodejs-conf = $${rootdirectory:etc}/nodejs
run = $${rootdirectory:var}/run
log = $${rootdirectory:var}/log
ca-dir = $${rootdirectory:srv}/ssl
backup = $${rootdirectory:srv}/backup
[directory]
recipe = slapos.cookbook:mkdirectory
cron-entries = $${rootdirectory:etc}/cron.d
crontabs = $${rootdirectory:etc}/crontabs
cronstamps = $${rootdirectory:etc}/cronstamps
ca-dir = $${rootdirectory:srv}/ssl
logrotate-backup = $${basedirectory:backup}/logrotate
logrotate-entries = $${rootdirectory:etc}/logrotate.d
[frontend-instance]
recipe = slapos.cookbook:kvm.frontend
domain = $${ca-frontend:name}
# port = $${slap-parameter:port}
ip = $${slap-network-information:global-ipv6}
port = $${slap-parameter:port}
http-redirection = $${slap-parameter:http-redirection}
ssl-key-path = $${ca-frontend:key-file}
ssl-cert-path = $${ca-frontend:cert-file}
slave-instance-list = $${slap-parameter:slave_instance_list}
map-path = $${basedirectory:nodejs-conf}/proxy_table.json
conf-path = $${basedirectory:nodejs-conf}/kvm-proxy.js
wrapper-path = $${rootdirectory:bin}/kvm_frontend
node-binary = ${nodejs:location}/bin/node
node-env = ${buildout:parts-directory}:${npm-modules:location}/node_modules
shell-path = ${dash:location}/bin/dash
[frontend-promise]
recipe = slapos.cookbook:check_port_listening
path = $${basedirectory:promises}/frontend_promise
hostname = $${frontend-instance:ip}
port = $${frontend-instance:port}
[certificate-authority]
recipe = slapos.cookbook:certificate_authority
openssl-binary = ${openssl:location}/bin/openssl
ca-dir = $${basedirectory:ca-dir}
requests-directory = $${cadirectory:requests}
wrapper = $${basedirectory:services}/certificate_authority
ca-private = $${cadirectory:private}
ca-certs = $${cadirectory:certs}
ca-newcerts = $${cadirectory:newcerts}
ca-crl = $${cadirectory:crl}
[cadirectory]
recipe = slapos.cookbook:mkdirectory
requests = $${basedirectory:ca-dir}/requests/
private = $${basedirectory:ca-dir}/private/
certs = $${basedirectory:ca-dir}/certs/
newcerts = $${basedirectory:ca-dir}/newcerts/
crl = $${basedirectory:ca-dir}/crl/
[ca-frontend]
<= certificate-authority
recipe = slapos.cookbook:certificate_authority.request
key-file = $${basedirectory:nodejs-conf}/nodejs.key
cert-file = $${basedirectory:nodejs-conf}/nodejs.crt
executable = $${frontend-instance:wrapper-path}
wrapper = $${basedirectory:services}/nodejs
# Put domain name
name = $${slap-parameter:domain}
[cron]
recipe = slapos.cookbook:cron
dcrond-binary = ${dcron:location}/sbin/crond
cron-entries = $${directory:cron-entries}
crontabs = $${directory:crontabs}
cronstamps = $${directory:cronstamps}
catcher = $${cron-simplelogger:wrapper}
binary = $${basedirectory:services}/crond
[cron-simplelogger]
recipe = slapos.cookbook:simplelogger
wrapper = $${rootdirectory:bin}/cron_simplelogger
log = $${basedirectory:log}/cron.log
[cron-entry-logrotate]
<= cron
recipe = slapos.cookbook:cron.d
name = logrotate
frequency = 0 0 * * *
command = $${logrotate:wrapper}
[logrotate]
recipe = slapos.cookbook:logrotate
# Binaries
logrotate-binary = ${logrotate:location}/usr/sbin/logrotate
gzip-binary = ${gzip:location}/bin/gzip
gunzip-binary = ${gzip:location}/bin/gunzip
# Directories
wrapper = $${rootdirectory:bin}/logrotate
conf = $${rootdirectory:etc}/logrotate.conf
logrotate-entries = $${directory:logrotate-entries}
backup = $${directory:logrotate-backup}
state-file = $${rootdirectory:srv}/logrotate.status
[publish-kvm-frontend-connection-information]
recipe = slapos.cookbook:publish
ip = $${frontend-instance:ip}
port = $${frontend-instance:port}
[slap-parameter]
# Default value if no port is specified
port = 4443
http-redirection = 0
# [logrotate-entry-frontend]
# <= logrotate
# recipe = slapos.cookbook:logrotate.d
# name = frontend
# log = $${mariadb-instance:error-log} $${mariadb-instance:slow-query-log}
# post = $${mariadb-instance:mysql-binary} --no-defaults -B --socket=$${mariadb-instance:socket} -e "FLUSH LOGS"
#############################
#
# Instanciate kvm
#
#############################
[buildout]
parts =
request-slave-frontend
certificate-authority
kvm-promise
novnc-promise
publish-kvm-connection-information
eggs-directory = ${buildout:eggs-directory}
develop-eggs-directory = ${buildout:develop-eggs-directory}
offline = true
[rootdirectory]
recipe = slapos.cookbook:mkdirectory
etc = $${buildout:directory}/etc
bin = $${buildout:directory}/bin
srv = $${buildout:directory}/srv
var = $${buildout:directory}/var
[basedirectory]
recipe = slapos.cookbook:mkdirectory
services = $${rootdirectory:etc}/run
promises = $${rootdirectory:etc}/promise
novnc-conf = $${rootdirectory:etc}/novnc
run = $${rootdirectory:var}/run
ca-dir = $${rootdirectory:srv}/ssl
[create-mac]
recipe = slapos.cookbook:generate.mac
[kvm-instance]
recipe = slapos.cookbook:kvm
vnc-ip = $${slap-network-information:local-ipv4}
vnc-port = 5901
nbd-ip = $${slap-parameter:nbd_ip}
nbd-port = $${slap-parameter:nbd_port}
tap = $${slap-network-information:network-interface}
disk-path = $${rootdirectory:srv}/virtual.qcow2
disk-size = 10
socket-path = $${rootdirectory:var}/qmp_socket
pid-path = $${basedirectory:run}/pid_file
smp-count = 1
ram-size = 1024
mac-address = $${create-mac:mac-address}
runner-path = $${basedirectory:services}/kvm
controller-path = $${basedirectory:services}/kvm_controller
shell-path = ${dash:location}/bin/dash
qemu-path = ${kvm:location}/bin/qemu-system-x86_64
qemu-img-path = ${kvm:location}/bin/qemu-img
[kvm-promise]
recipe = slapos.cookbook:check_port_listening
path = $${basedirectory:promises}/vnc_promise
hostname = $${kvm-instance:vnc-ip}
port = $${kvm-instance:vnc-port}
[novnc-instance]
recipe = slapos.cookbook:novnc
path = $${ca-novnc:executable}
ip = $${slap-network-information:global-ipv6}
port = 6080
vnc-ip = $${kvm-instance:vnc-ip}
vnc-port = $${kvm-instance:vnc-port}
novnc-location = ${noVNC:location}
websockify-path = ${buildout:directory}/bin/websockify
ssl-key-path = $${ca-novnc:key-file}
ssl-cert-path = $${ca-novnc:cert-file}
[certificate-authority]
recipe = slapos.cookbook:certificate_authority
openssl-binary = ${openssl:location}/bin/openssl
ca-dir = $${basedirectory:ca-dir}
requests-directory = $${cadirectory:requests}
wrapper = $${basedirectory:services}/certificate_authority
ca-private = $${cadirectory:private}
ca-certs = $${cadirectory:certs}
ca-newcerts = $${cadirectory:newcerts}
ca-crl = $${cadirectory:crl}
[cadirectory]
recipe = slapos.cookbook:mkdirectory
requests = $${basedirectory:ca-dir}/requests/
private = $${basedirectory:ca-dir}/private/
certs = $${basedirectory:ca-dir}/certs/
newcerts = $${basedirectory:ca-dir}/newcerts/
crl = $${basedirectory:ca-dir}/crl/
[ca-novnc]
<= certificate-authority
recipe = slapos.cookbook:certificate_authority.request
key-file = $${basedirectory:novnc-conf}/novnc.key
cert-file = $${basedirectory:novnc-conf}/novnc.crt
executable = $${rootdirectory:bin}/novnc
wrapper = $${basedirectory:services}/websockify
[novnc-promise]
recipe = slapos.cookbook:check_port_listening
path = $${basedirectory:promises}/novnc_promise
hostname = $${novnc-instance:ip}
port = $${novnc-instance:port}
[kvm-monitor]
recipe = slapos.cookbook:generic.slapmonitor
db-path = $${rootdirectory:srv}/slapmonitor_database
[request-common]
recipe = slapos.cookbook:request
software-url = $${slap-connection:software-release-url}
sla = computer_guid
sla-computer_guid = $${slap-connection:computer-id}
server-url = $${slap-connection:server-url}
key-file = $${slap-connection:key-file}
cert-file = $${slap-connection:cert-file}
computer-id = $${slap-connection:computer-id}
partition-id = $${slap-connection:partition-id}
[request-slave-frontend]
<=request-common
name = SlaveFrontend
software-type = frontend
slave = true
config = host port
config-host = $${novnc-instance:ip}
config-port = $${novnc-instance:port}
return = url resource port domainname
[publish-kvm-connection-information]
recipe = slapos.cookbook:publish
backend_url = https://[$${novnc-instance:ip}]:$${novnc-instance:port}/vnc_auto.html?host=[$${novnc-instance:ip}]&port=$${novnc-instance:port}&encrypt=1
url = $${request-slave-frontend:connection-url}/vnc_auto.html?host=$${request-slave-frontend:connection-domainname}&port=$${request-slave-frontend:connection-port}&encrypt=1&path=$${request-slave-frontend:connection-resource}
password = $${kvm-instance:passwd}
#############################
#
# Instanciate kvm+
#
#############################
[buildout]
extends = instance-kvm.cfg
[kvm-instance]
recipe = slapos.cookbook:kvm
vnc-ip = $${slap-network-information:local-ipv4}
vnc-port = 5901
nbd-ip = $${slap-parameter:nbd_ip}
nbd-port = $${slap-parameter:nbd_port}
tap = $${slap-network-information:network-interface}
disk-path = $${rootdirectory:srv}/virtual.qcow2
disk-size = 20
socket-path = $${rootdirectory:var}/qmp_socket
pid-path = $${basedirectory:run}/pid_file
smp-count = 2
ram-size = 2048
mac-address = $${create-mac:mac-address}
runner-path = $${basedirectory:services}/kvm
controller-path = $${basedirectory:services}/kvm_controller
shell-path = ${dash:location}/bin/dash
qemu-path = ${kvm:location}/bin/qemu-system-x86_64
qemu-img-path = ${kvm:location}/bin/qemu-img
#############################
#
# Instanciate nbdserver
#
#############################
[buildout]
parts =
nbd-promise
onetimeupload-promise
publish-connection-information
eggs-directory = ${buildout:eggs-directory}
develop-eggs-directory = ${buildout:develop-eggs-directory}
offline = true
[rootdirectory]
recipe = slapos.cookbook:mkdirectory
etc = $${buildout:directory}/etc
srv = $${buildout:directory}/srv
log = $${buildout:directory}/log
[basedirectory]
recipe = slapos.cookbook:mkdirectory
services = $${rootdirectory:etc}/run
promises = $${rootdirectory:etc}/promise
[nbd-instance]
recipe = slapos.cookbook:nbdserver
ip = $${slap-network-information:global-ipv6}
port = 1024
image-path = $${onetimeupload-instance:image-path}
qemu-path = ${kvm:location}/bin/qemu-nbd
shell-path = ${dash:location}/bin/dash
# XXX TODO: Wait for the iso to be uploaded (execute_wait)
path = $${basedirectory:services}/nbdserver
[nbd-promise]
recipe = slapos.cookbook:check_port_listening
path = $${basedirectory:promises}/nbd_promise
hostname = $${nbd-instance:ip}
port = $${nbd-instance:port}
[onetimeupload-instance]
recipe = slapos.cookbook:generic.onetimeupload
ip = $${slap-network-information:global-ipv6}
port = 9999
image-path = $${rootdirectory:srv}/cdrom.iso
log-path = $${rootdirectory:log}/onetimeupload.log
shell-path = ${dash:location}/bin/dash
onetimeupload-path = ${buildout:bin-directory}/onetimeupload
path = $${basedirectory:services}/onetimeupload
[onetimeupload-promise]
recipe = slapos.cookbook:check_port_listening
path = $${basedirectory:promises}/onetimeupload_promise
hostname = $${onetimeupload-instance:ip}
port = $${onetimeupload-instance:port}
[publish-connection-information]
recipe = slapos.cookbook:publish
nbd_url = nbd://[$${nbd-instance:ip}]:$${nbd-instance:port}
upload_url = http://[$${onetimeupload-instance:ip}]:$${onetimeupload-instance:port}/
upload_key = $${onetimeupload-instance:key}
[buildout] [buildout]
parts = parts =
kvminstance switch-softwaretype
eggs-directory = ${buildout:eggs-directory} eggs-directory = ${buildout:eggs-directory}
develop-eggs-directory = ${buildout:develop-eggs-directory} develop-eggs-directory = ${buildout:develop-eggs-directory}
offline = true
[kvminstance] [switch-softwaretype]
recipe = slapos.cookbook:kvm recipe = slapos.cookbook:softwaretype
qemu_path = ${kvm:location}/bin/qemu-system-x86_64 default = ${template-kvm:output}
qemu_img_path = ${kvm:location}/bin/qemu-img kvm = ${template-kvm:output}
#slapmonitor_path = ${buildout:bin-directory}/slapmonitor kvm+ = ${template-kvmplus:output}
#slapreport_path = ${buildout:bin-directory}/slapreport nbd = ${template-nbd:output}
websockify = ${buildout:directory}/bin/websockify frontend = ${template-frontend:output}
noVNC_location = ${noVNC:location}
openssl_binary = ${openssl:location}/bin/openssl
rdiff_backup_binary = ${buildout:bin-directory}/rdiff-backup
dcrond_binary = ${dcron:location}/sbin/crond
smp_count = 1 [slap-connection]
ram_size = 1024 # part to migrate to new - separated words
disk_size = 10 computer-id = $${slap_connection:computer_id}
partition-id = $${slap_connection:partition_id}
server-url = $${slap_connection:server_url}
software-release-url = $${slap_connection:software_release_url}
key-file = $${slap_connection:key_file}
cert-file = $${slap_connection:cert_file}
...@@ -3,46 +3,37 @@ extensions = ...@@ -3,46 +3,37 @@ extensions =
buildout-versions buildout-versions
extends = extends =
../../component/gzip/buildout.cfg
../../component/dcron/buildout.cfg ../../component/dcron/buildout.cfg
../../component/logrotate/buildout.cfg
../../component/git/buildout.cfg ../../component/git/buildout.cfg
../../component/gnutls/buildout.cfg ../../component/gnutls/buildout.cfg
../../component/libpng/buildout.cfg ../../component/libpng/buildout.cfg
../../component/libuuid/buildout.cfg ../../component/libuuid/buildout.cfg
../../component/lxml-python/buildout.cfg
../../component/noVNC/buildout.cfg ../../component/noVNC/buildout.cfg
../../component/openssl/buildout.cfg ../../component/openssl/buildout.cfg
../../component/python-2.7/buildout.cfg ../../component/dash/buildout.cfg
../../component/rdiff-backup/buildout.cfg ../../component/lxml-python/buildout.cfg
../../stack/shacache-client.cfg ../../stack/nodejs.cfg
develop = develop =
${:parts-directory}/websockify ${:parts-directory}/websockify
parts = parts =
template template
dash
kvm kvm
eggs eggs
check-local-eggs check-local-eggs
nodejs
find-links += http-proxy
http://www.nexedi.org/static/packages/source/slapos.buildout/ proxy-by-url
npm-modules
dcron
logrotate
versions = versions versions = versions
# Use only quite well working sites.
allow-hosts =
*.nexedi.org
*.python.org
*.sourceforge.net
alastairs-place.net
dist.repoze.org
effbot.org
github.com
peak.telecommunity.com
psutil.googlecode.com
www.dabeaz.com
www.owlfish.com
#XXX-Cedric : Currently, one can only access to KVM using noVNC. #XXX-Cedric : Currently, one can only access to KVM using noVNC.
# Ideally one should be able to access KVM by using either NoVNC or VNC. # Ideally one should be able to access KVM by using either NoVNC or VNC.
# Problem is : no native crypto support in web browsers. So we have to disable ssl # Problem is : no native crypto support in web browsers. So we have to disable ssl
...@@ -54,15 +45,14 @@ allow-hosts = ...@@ -54,15 +45,14 @@ allow-hosts =
# Websockify (socket <-> websocket proxy server) when it is ready. # Websockify (socket <-> websocket proxy server) when it is ready.
# May solve previous XXX depending on the implementation. # May solve previous XXX depending on the implementation.
#XXX-Cedric: Check status of
# https://www.tiolive.com/nexedi/bug_module/20110819-11F4F70 for
# Chrome >= 14 and Firefox >=7 can access to noVNC. (should be solved)
#XXX-Cedric : add list of keyboard layouts (azerty/us querty/...) parameter to qemu #XXX-Cedric : add list of keyboard layouts (azerty/us querty/...) parameter to qemu
[kvm] [kvm]
recipe = hexagonit.recipe.cmmi recipe = hexagonit.recipe.cmmi
url = http://downloads.sourceforge.net/project/kvm/qemu-kvm/0.15.1/qemu-kvm-0.15.1.tar.gz url = http://downloads.sourceforge.net/project/kvm/qemu-kvm/0.15.1/qemu-kvm-0.15.1.tar.gz
# XXX-Cedric : Upgrade to 1.0
# url = http://downloads.sourceforge.net/project/kvm/qemu-kvm/1.0/qemu-kvm-1.0.tar.gz
# md5sum = 00a825db46a70ba8ef9fc95da9cc7c1e
md5sum = 8800a7d6b3aa4a168ea7f78dc66c0320 md5sum = 8800a7d6b3aa4a168ea7f78dc66c0320
configure-options = configure-options =
--disable-sdl --disable-sdl
...@@ -76,7 +66,7 @@ configure-options = ...@@ -76,7 +66,7 @@ configure-options =
--enable-vnc-png --enable-vnc-png
--disable-vnc-jpeg --disable-vnc-jpeg
--extra-cflags="-I${gnutls:location}/include -I${libuuid:location}/include -I${zlib:location}/include -I${libpng:location}/include" --extra-cflags="-I${gnutls:location}/include -I${libuuid:location}/include -I${zlib:location}/include -I${libpng:location}/include"
--extra-ldflags="-Wl,-rpath -Wl,${glib:location}/lib -L${glib:location}/lib -Wl,-rpath -Wl,${gnutls:location}/lib -L${gnutls:location}/lib -L${gettext:location}/lib -Wl,-rpath -Wl,${gettext:location}/lib -Wl,-rpath -Wl,${libpng:location}/lib -L${libpng:location}/lib -L${libuuid:location}/lib -Wl,-rpath -Wl,${libuuid:location}/lib -L${zlib:location}/lib -Wl,-rpath -Wl,${zlib:location}/lib -lpng -lz -lgnutls" --extra-ldflags="-Wl,-rpath -Wl,${glib:location}/lib -L${glib:location}/lib -Wl,-rpath -Wl,${gnutls:location}/lib -L${gnutls:location}/lib -Wl,-rpath -Wl,${gpg-error:location}/lib -L${gpg-error:location}/lib -L${gettext:location}/lib -Wl,-rpath -Wl,${gettext:location}/lib -Wl,-rpath -Wl,${libpng:location}/lib -L${libpng:location}/lib -L${libuuid:location}/lib -Wl,-rpath -Wl,${libuuid:location}/lib -L${zlib:location}/lib -Wl,-rpath -Wl,${zlib:location}/lib -lpng -lz -lgnutls"
--disable-werror --disable-werror
environment = environment =
PATH=${pkgconfig:location}/bin:%(PATH)s PATH=${pkgconfig:location}/bin:%(PATH)s
...@@ -86,8 +76,8 @@ environment = ...@@ -86,8 +76,8 @@ environment =
# XXX-Cedric : use official egg from pypi when it is released # XXX-Cedric : use official egg from pypi when it is released
recipe = plone.recipe.command recipe = plone.recipe.command
stop-on-error = true stop-on-error = true
commit = e7363f43443deb9982bdb5c3db50eec475584b06 commit = 301f3ae580557da47fa5ea2050aa671ce9c5a1a0
repository = https://github.com/desaintmartin/websockify.git repository = https://github.com/SlapOS/websockify.git
location = ${buildout:parts-directory}/${:_buildout_section_name_} location = ${buildout:parts-directory}/${:_buildout_section_name_}
git-binary = ${git:location}/bin/git git-binary = ${git:location}/bin/git
command = export GIT_SSL_NO_VERIFY=true; (${:git-binary} clone --quiet ${:repository} ${:location} && cd ${:location} && ${:git-binary} reset --hard ${:commit}) || (rm -fr ${:location}; exit 1) command = export GIT_SSL_NO_VERIFY=true; (${:git-binary} clone --quiet ${:repository} ${:location} && cd ${:location} && ${:git-binary} reset --hard ${:commit}) || (rm -fr ${:location}; exit 1)
...@@ -101,83 +91,199 @@ command = grep parts ${buildout:develop-eggs-directory}/websockify.egg-link ...@@ -101,83 +91,199 @@ command = grep parts ${buildout:develop-eggs-directory}/websockify.egg-link
depends = ${eggs:dummy} depends = ${eggs:dummy}
[eggs] [eggs]
python = python2.7
recipe = z3c.recipe.scripts recipe = z3c.recipe.scripts
dummy = dummy =
${websockify:location} ${websockify:location}
eggs = eggs =
${lxml-python:egg} ${lxml-python:egg}
slapos.cookbook
websockify websockify
slapos.cookbook
slapos.toolbox
[http-proxy]
# https://github.com/nodejitsu/node-http-proxy
recipe = slapos.recipe.build:download-unpacked
#XXX-Cedric : use upstream when merged
url = https://nodeload.github.com/desaintmartin/node-http-proxy/zipball/master
md5sum = 20204d0b29c2cef26e1c91e99eedca6b
[proxy-by-url]
# https://github.com/dominictarr/proxy-by-url
recipe = slapos.recipe.build:download-unpacked
#XXX-Cedric : use upstream when merged
url = https://nodeload.github.com/desaintmartin/proxy-by-url/zipball/master
md5sum = c2609948aa708581f93b981b23880314
[npm-modules]
recipe = plone.recipe.command
destination = ${buildout:parts-directory}/${:_buildout_section_name_}
location = ${buildout:parts-directory}/${:_buildout_section_name_}
command =
rm -fr ${:destination} &&
mkdir -p ${:destination} &&
cd ${:destination} &&
${nodejs:location}/bin/node ${nodejs:location}/bin/npm install colors@0.6.0-1 &&
${nodejs:location}/bin/node ${nodejs:location}/bin/npm install socket.io@0.8.7 &&
${nodejs:location}/bin/node ${nodejs:location}/bin/npm install socket.io-client@0.8.7 &&
${nodejs:location}/bin/node ${nodejs:location}/bin/npm install optimist@0.3.1 &&
${nodejs:location}/bin/node ${nodejs:location}/bin/npm install pkginfo@0.2.3
[template-kvm]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-kvm.cfg
md5sum = b6572c018e44d4676e76805116bcade0
output = ${buildout:directory}/template-kvm.cfg
mode = 0644
[template-kvmplus]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-kvmplus.cfg
md5sum = 2e35c5b2ac9ee51d8f98fb1199f011c4
output = ${buildout:directory}/template-kvmplus.cfg
mode = 0644
[template-nbd]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-nbd.cfg
md5sum = 7691fadfc8d4392c58ac1bf0ebd5aaf2
output = ${buildout:directory}/template-nbd.cfg
mode = 0644
[template-frontend]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-frontend.cfg
md5sum = 123bf4e5bea9e86c03b62e9afb8ca04b
output = ${buildout:directory}/template-frontend.cfg
mode = 0644
[template] [template]
recipe = slapos.recipe.template recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance.cfg url = ${:_profile_base_location_}/instance.cfg
md5sum = 298b146e4efce41bfd58b3f85d064ff1 md5sum = 68788763d23f70f24b9e575871c903a8
output = ${buildout:directory}/template.cfg output = ${buildout:directory}/template.cfg
mode = 0644 mode = 0644
[versions] [networkcache]
zc.buildout = 1.5.3-dev-SlapOS-010 # signature certificates of the following uploaders.
# Romain Courteaud
# Cedric de Saint Martin
signature-certificate-list =
-----BEGIN CERTIFICATE-----
MIIB4DCCAUkCADANBgkqhkiG9w0BAQsFADA5MQswCQYDVQQGEwJGUjEZMBcGA1UE
CBMQRGVmYXVsdCBQcm92aW5jZTEPMA0GA1UEChMGTmV4ZWRpMB4XDTExMDkxNTA5
MDAwMloXDTEyMDkxNTA5MDAwMlowOTELMAkGA1UEBhMCRlIxGTAXBgNVBAgTEERl
ZmF1bHQgUHJvdmluY2UxDzANBgNVBAoTBk5leGVkaTCBnzANBgkqhkiG9w0BAQEF
AAOBjQAwgYkCgYEApYZv6OstoqNzxG1KI6iE5U4Ts2Xx9lgLeUGAMyfJLyMmRLhw
boKOyJ9Xke4dncoBAyNPokUR6iWOcnPHtMvNOsBFZ2f7VA28em3+E1JRYdeNUEtX
Z0s3HjcouaNAnPfjFTXHYj4um1wOw2cURSPuU5dpzKBbV+/QCb5DLheynisCAwEA
ATANBgkqhkiG9w0BAQsFAAOBgQBCZLbTVdrw3RZlVVMFezSHrhBYKAukTwZrNmJX
mHqi2tN8tNo6FX+wmxUUAf3e8R2Ymbdbn2bfbPpcKQ2fG7PuKGvhwMG3BlF9paEC
q7jdfWO18Zp/BG7tagz0jmmC4y/8akzHsVlruo2+2du2freE8dK746uoMlXlP93g
QUUGLQ==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIB9jCCAV+gAwIBAgIJAO4V/jiMoICoMA0GCSqGSIb3DQEBBQUAMBMxETAPBgNV
BAMMCENPTVAtMjMyMCAXDTEyMDIxNjExMTAyM1oYDzIxMTIwMTIzMTExMDIzWjAT
MREwDwYDVQQDDAhDT01QLTIzMjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
wi/3Z8W9pUiegUXIk/AiFDQ0UJ4JFAwjqr+HSRUirlUsHHT+8DzH/hfcTDX1I5BB
D1ADk+ydXjMm3OZrQcXjn29OUfM5C+g+oqeMnYQImN0DDQIOcUyr7AJc4xhvuXQ1
P2pJ5NOd3tbd0kexETa1LVhR6EgBC25LyRBRae76qosCAwEAAaNQME4wHQYDVR0O
BBYEFMDmW9aFy1sKTfCpcRkYnP6zUd1cMB8GA1UdIwQYMBaAFMDmW9aFy1sKTfCp
cRkYnP6zUd1cMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAskbFizHr
b6d3iIyN+wffxz/V9epbKIZVEGJd/6LrTdLiUfJPec7FaxVCWNyKBlCpINBM7cEV
Gn9t8mdVQflNqOlAMkOlUv1ZugCt9rXYQOV7rrEYJBWirn43BOMn9Flp2nibblby
If1a2ZoqHRxoNo2yTmm7TSYRORWVS+vvfjY=
-----END CERTIFICATE-----
slapos.cookbook = 0.37 [versions]
Jinja2 = 2.6 Jinja2 = 2.6
Werkzeug = 0.8.1 Werkzeug = 0.8.3
apache-libcloud = 0.8.0
async = 0.6.1
buildout-versions = 1.7 buildout-versions = 1.7
gitdb = 0.5.4
hexagonit.recipe.cmmi = 1.5.0 hexagonit.recipe.cmmi = 1.5.0
lxml = 2.3.2 lxml = 2.3.3
meld3 = 0.6.7 meld3 = 0.6.8
plone.recipe.command = 1.1 plone.recipe.command = 1.1
pycrypto = 2.5
slapos.cookbook = 0.41
slapos.recipe.build = 0.7
slapos.recipe.template = 2.2 slapos.recipe.template = 2.2
slapos.toolbox = 0.18
smmap = 0.8.2
z3c.recipe.scripts = 1.0.1 z3c.recipe.scripts = 1.0.1
# Required by: # Required by:
# slapos.core==0.20 # slapos.core==0.23
# slapos.toolbox==0.18
Flask = 0.8 Flask = 0.8
# Required by: # Required by:
# slapos.cookbook==0.37 # slapos.toolbox==0.18
GitPython = 0.3.2.RC1
# Required by:
# slapos.cookbook==0.41
PyXML = 0.8.4 PyXML = 0.8.4
# Required by: # Required by:
# hexagonit.recipe.cmmi==1.5.0 # slapos.toolbox==0.18
hexagonit.recipe.download = 1.5.0 atomize = 0.1.1
# Required by:
# slapos.toolbox==0.18
feedparser = 5.1.1
# Required by:
# slapos.cookbook==0.41
inotifyx = 0.2.0
# Required by: # Required by:
# slapos.cookbook==0.37 # slapos.cookbook==0.41
netaddr = 0.7.6 netaddr = 0.7.6
# Required by: # Required by:
# slapos.core==0.20 # slapos.core==0.23
netifaces = 0.6 netifaces = 0.8
# Required by: # Required by:
# websockify==0.1-dev # websockify==0.1-dev
numpy = 1.6.1 numpy = 1.6.1
# Required by: # Required by:
# slapos.cookbook==0.37 # slapos.toolbox==0.18
# slapos.core==0.20 paramiko = 1.7.7.1
# zc.buildout==1.5.3-dev-SlapOS-010
# zc.recipe.egg==1.3.2 # Required by:
# slapos.toolbox==0.18
psutil = 0.4.1
# Required by:
# slapos.cookbook==0.41
# slapos.core==0.23
# slapos.toolbox==0.18
setuptools = 0.6c12dev-r88846 setuptools = 0.6c12dev-r88846
# Required by: # Required by:
# slapos.cookbook==0.37 # slapos.cookbook==0.41
slapos.core = 0.20 # slapos.toolbox==0.18
slapos.core = 0.23
# Required by: # Required by:
# slapos.core==0.20 # slapos.core==0.23
supervisor = 3.0a10 supervisor = 3.0a12
# Required by: # Required by:
# slapos.cookbook==0.37 # slapos.cookbook==0.41
# slapos.toolbox==0.18
xml-marshaller = 0.9.7 xml-marshaller = 0.9.7
# Required by: # Required by:
# slapos.cookbook==0.37 # slapos.cookbook==0.41
zc.recipe.egg = 1.3.2 zc.recipe.egg = 1.3.2
# Required by: # Required by:
# slapos.core==0.20 # slapos.core==0.23
zope.interface = 3.8.0 zope.interface = 3.8.0
\ No newline at end of file
...@@ -7,7 +7,6 @@ parts = ...@@ -7,7 +7,6 @@ parts =
mariadb mariadb
eggs eggs
instance-recipe-egg instance-recipe-egg
downloadcache-workaround
extends = extends =
../../stack/lamp.cfg ../../stack/lamp.cfg
...@@ -18,7 +17,6 @@ url = Student shall put here url of zipped or tarballed web page or application ...@@ -18,7 +17,6 @@ url = Student shall put here url of zipped or tarballed web page or application
md5sum = Student may put here md5sum of this file, this is good idea md5sum = Student may put here md5sum of this file, this is good idea
#If provided tarball does not contain top directory, option shall be changed to false #If provided tarball does not contain top directory, option shall be changed to false
strip-top-level-dir = true strip-top-level-dir = true
#extract-directory =
[application-template] [application-template]
recipe = slapos.recipe.download recipe = slapos.recipe.download
...@@ -43,91 +41,7 @@ url = ${:_profile_base_location_}/instance.cfg ...@@ -43,91 +41,7 @@ url = ${:_profile_base_location_}/instance.cfg
output = ${buildout:directory}/template.cfg output = ${buildout:directory}/template.cfg
mode = 0644 mode = 0644
[mariadb]
keep-compile-dir = false
[instance-recipe-egg] [instance-recipe-egg]
recipe = zc.recipe.egg recipe = zc.recipe.egg
eggs = eggs =
${instance-recipe:egg} ${instance-recipe:egg}
[versions]
# Use SlapOS patched zc.buildout
zc.buildout = 1.6.0-dev-SlapOS-003
# Generated by buildout-versions
Jinja2 = 2.6
Werkzeug = 0.8.2
buildout-versions = 1.7
hexagonit.recipe.cmmi = 1.5.0
meld3 = 0.6.8
plone.recipe.command = 1.1
slapos.cookbook = 0.20
slapos.recipe.build = 0.7
slapos.recipe.download = 1.0.dev-r4053
slapos.recipe.template = 2.2
# Required by:
# slapos.core==0.21
Flask = 0.8
# Required by:
# slapos.cookbook==0.38
PyXML = 0.8.4
# Required by:
# hexagonit.recipe.cmmi==1.5.0
hexagonit.recipe.download = 1.5.0
# Required by:
# slapos.cookbook==0.38
# slapos.core==0.21
# xml-marshaller==0.9.7
lxml = 2.3.3
# Required by:
# slapos.cookbook==0.38
netaddr = 0.7.6
# Required by:
# slapos.core==0.21
netifaces = 0.6
# Required by:
# slapos.cookbook==0.38
# slapos.core==0.21
# zc.buildout==1.6.0-dev-SlapOS-003
# zc.recipe.egg==1.3.2
setuptools = 0.6c12dev-r88846
# Required by:
# slapos.cookbook==0.38
slapos.core = 0.21
# Required by:
# slapos.core==0.21
supervisor = 3.0a12
# Required by:
# slapos.cookbook==0.38
xml-marshaller = 0.9.7
# Required by:
# slapos.cookbook==0.38
zc.recipe.egg = 1.3.2
# Required by:
# slapos.core==0.21
zope.interface = 3.8.0
[downloadcache-workaround]
# workaround irritating problem of hexagonit.recipe.cmmi which automatically
# creates download cache, which in turn switches builout to "semi-offline" mode
recipe = plone.recipe.command
# in hexagonit.recipe.cmmi if there is no ${buildout:download-cache} set it resolves
# to ${buildout:directory}/downloads but this variable is available late, that's
# why it is hardcoded only for required case
download-cache = ${buildout:directory}/downloads
command = [ -d ${:download-cache} ] && rm -fr ${:download-cache}/* || exit 0
update-command = ${:command}
stop-on-error = True
[buildout]
parts =
nbdserverinstance
eggs-directory = ${buildout:eggs-directory}
develop-eggs-directory = ${buildout:develop-eggs-directory}
[nbdserverinstance]
recipe = ${instance-recipe:egg}:${instance-recipe:module}
qemu_path = ${nbdserver:location}/bin/qemu-nbd
onetimeupload_path = ${buildout:bin-directory}/onetimeupload
[buildout]
extends =
../../stack/nbd.cfg
../../stack/shacache-client.cfg
parts +=
template
[template]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance.cfg
md5sum = 82e948e1c0cb0d5540ef185edeef3ec3
output = ${buildout:directory}/template.cfg
mode = 0644
[versions]
# XXX-CEDRIC Quick and dirty workaround to avoid m2crypto problems.
# should not be used elsewhere unless for urgent cases.
slapos.libnetworkcache = 0.2
...@@ -16,6 +16,8 @@ slapgrid_cp = ${buildout:directory}/bin/slapgrid-cp ...@@ -16,6 +16,8 @@ slapgrid_cp = ${buildout:directory}/bin/slapgrid-cp
slapproxy = ${buildout:directory}/bin/slapproxy slapproxy = ${buildout:directory}/bin/slapproxy
supervisor = ${buildout:directory}/bin/slapgrid-supervisorctl supervisor = ${buildout:directory}/bin/slapgrid-supervisorctl
git = ${git:location}/bin/git git = ${git:location}/bin/git
node-bin = ${nodejs-0.4:location}/bin/node
cloud9 = ${cloud9:location}/bin/cloud9.js
ssh_client = $${sshkeys-dropbear:wrapper} ssh_client = $${sshkeys-dropbear:wrapper}
public_key = $${sshkeys-dropbear:public-key} public_key = $${sshkeys-dropbear:public-key}
private_key = $${sshkeys-dropbear:private-key} private_key = $${sshkeys-dropbear:private-key}
...@@ -62,4 +64,4 @@ bin = $${buildout:directory}/bin/ ...@@ -62,4 +64,4 @@ bin = $${buildout:directory}/bin/
recipe = slapos.cookbook:mkdirectory recipe = slapos.cookbook:mkdirectory
sshkeys = $${rootdirectory:srv}/sshkeys sshkeys = $${rootdirectory:srv}/sshkeys
services = $${rootdirectory:etc}/run/ services = $${rootdirectory:etc}/run/
ssh = $${rootdirectory:etc}/ssh/ ssh = $${rootdirectory:etc}/ssh/
\ No newline at end of file
[buildout] [buildout]
extensions = extensions =
buildout-versions buildout-versions
...@@ -8,6 +9,7 @@ extends = ...@@ -8,6 +9,7 @@ extends =
../../stack/shacache-client.cfg ../../stack/shacache-client.cfg
../../component/dropbear/buildout.cfg ../../component/dropbear/buildout.cfg
../../component/git/buildout.cfg ../../component/git/buildout.cfg
../../component/cloud9/buildout.cfg
parts = parts =
template template
...@@ -31,7 +33,7 @@ recipe = slapos.recipe.template ...@@ -31,7 +33,7 @@ recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance.cfg url = ${:_profile_base_location_}/instance.cfg
output = ${buildout:directory}/template.cfg output = ${buildout:directory}/template.cfg
mode = 0644 mode = 0644
md5sum = cd69efd5c3a7e9adca7387b9a401590a md5sum = 7cfd248cdc6fa6cbb4957d25a0aed884
[eggs] [eggs]
eggs += eggs +=
...@@ -60,6 +62,7 @@ signature-certificate-list = ...@@ -60,6 +62,7 @@ signature-certificate-list =
[versions] [versions]
# Use SlapOS patched zc.buildout # Use SlapOS patched zc.buildout
zc.buildout = 1.6.0-dev-SlapOS-003 zc.buildout = 1.6.0-dev-SlapOS-003
Jinja2 = 2.6 Jinja2 = 2.6
Werkzeug = 0.8.3 Werkzeug = 0.8.3
apache-libcloud = 0.8.0 apache-libcloud = 0.8.0
...@@ -68,68 +71,65 @@ buildout-versions = 1.7 ...@@ -68,68 +71,65 @@ buildout-versions = 1.7
gitdb = 0.5.4 gitdb = 0.5.4
hexagonit.recipe.cmmi = 1.5.0 hexagonit.recipe.cmmi = 1.5.0
meld3 = 0.6.8 meld3 = 0.6.8
plone.recipe.command = 1.1
pycrypto = 2.5 pycrypto = 2.5
slapos.cookbook = 0.39 slapos.cookbook = 0.45
slapos.libnetworkcache = 0.12 slapos.libnetworkcache = 0.12
slapos.recipe.template = 2.2 slapos.recipe.template = 2.3
slapos.toolbox = 0.18 slapos.toolbox = 0.20
smmap = 0.8.2 smmap = 0.8.2
# Required by: # Required by:
# slapos.core==0.22 # slapos.core==0.24
Flask = 0.8 Flask = 0.8
# Required by: # Required by:
# slapos.toolbox==0.18 # slapos.toolbox==0.20
GitPython = 0.3.2.RC1 GitPython = 0.3.2.RC1
# Required by: # Required by:
# slapos.cookbook==0.39 # slapos.cookbook==0.45
PyXML = 0.8.4 PyXML = 0.8.4
# Required by: # Required by:
# slapos.toolbox==0.18 # slapos.toolbox==0.20
atomize = 0.1.1 atomize = 0.1.1
# Required by: # Required by:
# slapos.toolbox==0.18 # slapos.toolbox==0.20
feedparser = 5.1 feedparser = 5.1.1
# Required by:
# hexagonit.recipe.cmmi==1.5.0
hexagonit.recipe.download = 1.5.0
# Required by: # Required by:
# slapos.cookbook==0.39 # slapos.cookbook==0.45
inotifyx = 0.2.0 inotifyx = 0.2.0
# Required by: # Required by:
# slapos.cookbook==0.39 # slapos.cookbook==0.45
# slapos.core==0.22 # slapos.core==0.24
# xml-marshaller==0.9.7 # xml-marshaller==0.9.7
lxml = 2.3.3 lxml = 2.3.4
# Required by: # Required by:
# slapos.cookbook==0.39 # slapos.cookbook==0.45
netaddr = 0.7.6 netaddr = 0.7.6
# Required by: # Required by:
# slapos.core==0.22 # slapos.core==0.24
netifaces = 0.8 netifaces = 0.8
# Required by: # Required by:
# slapos.toolbox==0.18 # slapos.toolbox==0.20
paramiko = 1.7.7.1 paramiko = 1.7.7.1
# Required by: # Required by:
# slapos.toolbox==0.18 # slapos.toolbox==0.20
psutil = 0.4.1 psutil = 0.4.1
# Required by: # Required by:
# slapos.cookbook==0.39 # slapos.cookbook==0.45
# slapos.core==0.22 # slapos.core==0.24
# slapos.libnetworkcache==0.12 # slapos.libnetworkcache==0.12
# slapos.toolbox==0.18 # slapos.toolbox==0.20
# supervisor==3.0a12 # supervisor==3.0a12
# zc.buildout==1.6.0-dev-SlapOS-003 # zc.buildout==1.6.0-dev-SlapOS-003
# zc.recipe.egg==1.3.2 # zc.recipe.egg==1.3.2
...@@ -137,21 +137,21 @@ psutil = 0.4.1 ...@@ -137,21 +137,21 @@ psutil = 0.4.1
setuptools = 0.6c12dev-r88846 setuptools = 0.6c12dev-r88846
# Required by: # Required by:
# slapos.cookbook==0.39 # slapos.cookbook==0.45
slapos.core = 0.22 slapos.core = 0.24
# Required by: # Required by:
# slapos.core==0.22 # slapos.core==0.24
supervisor = 3.0a12 supervisor = 3.0a12
# Required by: # Required by:
# slapos.cookbook==0.39 # slapos.cookbook==0.45
xml-marshaller = 0.9.7 xml-marshaller = 0.9.7
# Required by: # Required by:
# slapos.cookbook==0.39 # slapos.cookbook==0.45
zc.recipe.egg = 1.3.2 zc.recipe.egg = 1.3.2
# Required by: # Required by:
# slapos.core==0.22 # slapos.core==0.24
zope.interface = 3.8.0 zope.interface = 3.8.0
\ No newline at end of file
...@@ -31,8 +31,12 @@ configurator_bt5_list = erp5_core_proxy_field_legacy erp5_full_text_myisam_catal ...@@ -31,8 +31,12 @@ configurator_bt5_list = erp5_core_proxy_field_legacy erp5_full_text_myisam_catal
[erp5_repository_list] [erp5_repository_list]
repository_id_list += vifib/master repository_id_list += vifib/master
[erp5]
branch = interaction-drop
[vifib] [vifib]
<= erp5 <= erp5
branch = master
repository = http://git.erp5.org/repos/slapos.core.git repository = http://git.erp5.org/repos/slapos.core.git
revision = revision =
......
...@@ -9,7 +9,8 @@ find-links = http://www.nexedi.org/static/packages/source/slapos.buildout/ ...@@ -9,7 +9,8 @@ find-links = http://www.nexedi.org/static/packages/source/slapos.buildout/
http://www.nexedi.org/static/packages/source/ http://www.nexedi.org/static/packages/source/
extends = extends =
../component/openoffice-bin/buildout.cfg ../component/libreoffice-bin/buildout.cfg
../component/libpng/buildout.cfg
../component/lxml-python/buildout.cfg ../component/lxml-python/buildout.cfg
../component/python-2.6/buildout.cfg ../component/python-2.6/buildout.cfg
../component/python-2.7/buildout.cfg ../component/python-2.7/buildout.cfg
...@@ -20,24 +21,26 @@ extends = ...@@ -20,24 +21,26 @@ extends =
../component/pdftk/buildout.cfg ../component/pdftk/buildout.cfg
../component/ffmpeg/buildout.cfg ../component/ffmpeg/buildout.cfg
../component/file/buildout.cfg ../component/file/buildout.cfg
../component/cloudooo/buildout.cfg
versions = versions versions = versions
parts = parts =
openoffice-bin libreoffice-bin
# basic Xorg # basic Xorg
libXdmcp libXdmcp
libXext libXext
libXau libXau
libXinerama
libSM libSM
libXrender
# fonts # fonts
liberation-fonts liberation-fonts
ipaex-fonts ipaex-fonts
# Dependencies # Dependencies
libpng12
imagemagick imagemagick
file file
xpdf xpdf
...@@ -64,19 +67,6 @@ python = python2.6 ...@@ -64,19 +67,6 @@ python = python2.6
version = 2 version = 2
section = python2.7 section = python2.7
[lxml-python]
python = python2.6
[cloudooo]
recipe = zc.recipe.egg
python = python2.6
eggs =
${lxml-python:egg}
cloudooo
PasteScript
scripts =
paster=cloudooo_paster
[versions] [versions]
# Use SlapOS patched zc.buildout # Use SlapOS patched zc.buildout
zc.buildout = 1.5.3-dev-SlapOS-001 zc.buildout = 1.5.3-dev-SlapOS-001
...@@ -28,10 +28,11 @@ allow-hosts = ...@@ -28,10 +28,11 @@ allow-hosts =
psutil.googlecode.com psutil.googlecode.com
www.dabeaz.com www.dabeaz.com
www.owlfish.com www.owlfish.com
launchpad.net
extends = extends =
# Exact version of Zope # Exact version of Zope
http://svn.zope.org/repos/main/Zope/tags/2.12.21/versions.cfg http://svn.zope.org/repos/main/Zope/tags/2.12.22/versions.cfg
../component/logrotate/buildout.cfg ../component/logrotate/buildout.cfg
../component/dcron/buildout.cfg ../component/dcron/buildout.cfg
../component/file/buildout.cfg ../component/file/buildout.cfg
...@@ -45,6 +46,7 @@ extends = ...@@ -45,6 +46,7 @@ extends =
../component/hookbox/buildout.cfg ../component/hookbox/buildout.cfg
../component/imagemagick/buildout.cfg ../component/imagemagick/buildout.cfg
../component/kumo/buildout.cfg ../component/kumo/buildout.cfg
../component/libpng/buildout.cfg
../component/libreoffice-bin/buildout.cfg ../component/libreoffice-bin/buildout.cfg
../component/lxml-python/buildout.cfg ../component/lxml-python/buildout.cfg
../component/percona-toolkit/buildout.cfg ../component/percona-toolkit/buildout.cfg
...@@ -72,12 +74,16 @@ extends = ...@@ -72,12 +74,16 @@ extends =
../component/sed/buildout.cfg ../component/sed/buildout.cfg
../component/coreutils/buildout.cfg ../component/coreutils/buildout.cfg
../component/grep/buildout.cfg ../component/grep/buildout.cfg
../component/dash/buildout.cfg
../component/wget/buildout.cfg
../component/aspell/buildout.cfg
versions = versions versions = versions
parts = parts =
itools-build itools-build
rdiff-backup rdiff-backup
aspell
apache apache
apache-antiloris apache-antiloris
file file
...@@ -88,6 +94,7 @@ parts = ...@@ -88,6 +94,7 @@ parts =
stunnel stunnel
w3m w3m
poppler poppler
libpng12
libpng libpng
ghostscript ghostscript
mariadb mariadb
...@@ -107,6 +114,8 @@ parts = ...@@ -107,6 +114,8 @@ parts =
zabbix-agent zabbix-agent
pdftk pdftk
dcron dcron
dash
wget
# Buildoutish # Buildoutish
eggs eggs
...@@ -117,8 +126,8 @@ parts = ...@@ -117,8 +126,8 @@ parts =
libXdmcp libXdmcp
libXext libXext
libXau libXau
libXinerama
libSM libSM
libXrender
# fonts # fonts
liberation-fonts liberation-fonts
...@@ -226,8 +235,8 @@ stop-on-error = true ...@@ -226,8 +235,8 @@ stop-on-error = true
repository = http://git.erp5.org/repos/erp5.git repository = http://git.erp5.org/repos/erp5.git
branch = master branch = master
revision = revision =
command = ${git:location}/bin/git clone --quiet -b ${:branch} ${:repository} ${:location} && if [ -n "${:revision}" ]; then cd ${:location} && ${git:location}/bin/git reset --quiet --hard ${:revision} ; fi command = ${git:location}/bin/git clone --quiet --branch ${:branch} ${:repository} ${:location} && if [ -n "${:revision}" ]; then cd ${:location} && ${git:location}/bin/git reset --quiet --hard ${:revision} ; fi
update-command = cd ${:location} && ${git:location}/bin/git pull --quiet && if [ -n "${:revision}" ]; then cd ${:location} && ${git:location}/bin/git reset --quiet --hard ${:revision} ; fi update-command = cd ${:location} && GIT_COMMITTER_EMAIL=nobody@example.com GIT_AUTHOR_NAME=Nobody GIT_AUTHOR_EMAIL=nobody@example.com ${git:location}/bin/git pull && if [ -n "${:revision}" ]; then echo "Resetting." ; cd ${:location} && ${git:location}/bin/git reset --hard ${:revision} ; fi
[products] [products]
# XXX: ERP5 related products are not defined as python distributions, so it is # XXX: ERP5 related products are not defined as python distributions, so it is
...@@ -268,11 +277,15 @@ initialization = ...@@ -268,11 +277,15 @@ initialization =
[bt5_path, os.path.join(bt5_path, '*')] [bt5_path, os.path.join(bt5_path, '*')]
for bt5_path in (os.path.join(parts_directory, x, 'bt5') for bt5_path in (os.path.join(parts_directory, x, 'bt5')
for x in repository_id_list)), [])) for x in repository_id_list)), []))
sys.path[:0] = [os.path.join(parts_directory, x, 'tests') sys.path[:0] = sum((
for x in repository_id_list] glob.glob(os.path.join(parts_directory, x, 'tests'))
for x in repository_id_list), [])
sys.path[:0] = sum(( sys.path[:0] = sum((
glob.glob(os.path.join(parts_directory, x, 'product', '*', 'tests')) glob.glob(os.path.join(parts_directory, x, 'product', '*', 'tests'))
for x in repository_id_list), []) for x in repository_id_list), [])
sys.path[:0] = sum((
glob.glob(os.path.join(x, '*', 'tests'))
for x in reversed('''${products:list}'''.split())), [])
[test_suite_runner] [test_suite_runner]
# XXX: Workaround for fact ERP5Type is not an distribution and does not # XXX: Workaround for fact ERP5Type is not an distribution and does not
...@@ -312,6 +325,7 @@ eggs = ...@@ -312,6 +325,7 @@ eggs =
coverage coverage
elementtree elementtree
erp5diff erp5diff
inotifyx
ipdb ipdb
mechanize mechanize
numpy numpy
...@@ -330,6 +344,7 @@ eggs = ...@@ -330,6 +344,7 @@ eggs =
feedparser feedparser
argparse argparse
validictory validictory
erp5.util
# Zope 2.12 with patched acquisition # Zope 2.12 with patched acquisition
ZODB3 ZODB3
...@@ -356,7 +371,6 @@ eggs = ...@@ -356,7 +371,6 @@ eggs =
Products.MimetypesRegistry Products.MimetypesRegistry
Products.ExternalEditor Products.ExternalEditor
Products.TIDStorage Products.TIDStorage
Products.Zelenium
# Currently forked in our repository # Currently forked in our repository
# Products.PortalTransforms # Products.PortalTransforms
...@@ -373,6 +387,7 @@ scripts = ...@@ -373,6 +387,7 @@ scripts =
runzeo runzeo
tidstoraged tidstoraged
tidstorage_repozo tidstorage_repozo
web_checker_utility = erp5.util.webchecker:web_checker_utility
extra-paths = extra-paths =
${itools:location}/lib ${itools:location}/lib
...@@ -418,7 +433,7 @@ scripts = ...@@ -418,7 +433,7 @@ scripts =
[versions] [versions]
# Use SlapOS patched zc.buildout # Use SlapOS patched zc.buildout
zc.buildout = 1.6.0-dev-SlapOS-003 zc.buildout = 1.6.0-dev-SlapOS-004
# pin Acquisition and Products.DCWorkflow to Nexedi flavour of eggs # pin Acquisition and Products.DCWorkflow to Nexedi flavour of eggs
Acquisition = 2.13.7nxd001 Acquisition = 2.13.7nxd001
...@@ -442,3 +457,10 @@ setuptools = ...@@ -442,3 +457,10 @@ setuptools =
# official pysvn egg does not supports --include-dirs and # official pysvn egg does not supports --include-dirs and
# --library-dirs, so we use our modified version # --library-dirs, so we use our modified version
pysvn = 1.7.4nxd006 pysvn = 1.7.4nxd006
# CMF 2.3 requries Zope 2.13.
Products.CMFCalendar = 2.2.2
Products.CMFCore = 2.2.5
Products.CMFDefault = 2.2.2
Products.CMFTopic = 2.2.1
Products.CMFUid = 2.2.1
[buildout] [buildout]
extensions = buildout-versions
find-links +=
http://www.nexedi.org/static/packages/source/slapos.buildout/
# Use only quite well working sites.
allow-hosts =
*.nexedi.org
*.python.org
*.sourceforge.net
alastairs-place.net
dist.repoze.org
effbot.org
github.com
launchpad.net
peak.telecommunity.com
psutil.googlecode.com
www.dabeaz.com
parts = parts =
template template
apache-php apache-php
...@@ -38,7 +19,7 @@ extends = ...@@ -38,7 +19,7 @@ extends =
../component/stunnel/buildout.cfg ../component/stunnel/buildout.cfg
../component/pycrypto-python/buildout.cfg ../component/pycrypto-python/buildout.cfg
../component/mysql-python/buildout.cfg ../component/mysql-python/buildout.cfg
shacache-client.cfg ../stack/slapos.cfg
../component/python-2.7/buildout.cfg ../component/python-2.7/buildout.cfg
# python-2.7 component is here only for compatibility with old software.cfg. # python-2.7 component is here only for compatibility with old software.cfg.
# It is not needed and should not be used in LAMP-based software.cfg # It is not needed and should not be used in LAMP-based software.cfg
...@@ -52,14 +33,6 @@ eggs = ...@@ -52,14 +33,6 @@ eggs =
[mariadb] [mariadb]
keep-compile-dir = false keep-compile-dir = false
[application]
#XXX-Cedric : ugly hack to work around h.r.cmmi unrespectful behavior, so that
# a cmmi Executes before application but after template downloading.
# Useful when [application] uses slapos.recipe.build or
# slapos.recipe.download rather than h.r.download.
depends = ${apache-php:location}
[networkcache] [networkcache]
# Romain Courteaud + Sebastien Robin + Alain Takoudjou signature certificate # Romain Courteaud + Sebastien Robin + Alain Takoudjou signature certificate
signature-certificate-list = signature-certificate-list =
......
[buildout] [buildout]
find-links +=
http://www.nexedi.org/static/packages/source/slapos.buildout/
parts = parts =
apache-php apache-php
mariadb mariadb
...@@ -18,21 +15,7 @@ parts = ...@@ -18,21 +15,7 @@ parts =
template-mariadb-pbsready-import template-mariadb-pbsready-import
template-mariadb-pbsready-export template-mariadb-pbsready-export
allow-hosts =
*.nexedi.org
*.python.org
*.sourceforge.net
alastairs-place.net
dist.repoze.org
effbot.org
github.com
peak.telecommunity.com
psutil.googlecode.com
www.dabeaz.com
launchpad.net
extends = extends =
../shacache-client.cfg
../../component/mariadb/buildout.cfg ../../component/mariadb/buildout.cfg
../../component/apache/buildout.cfg ../../component/apache/buildout.cfg
../../component/apache-php/buildout.cfg ../../component/apache-php/buildout.cfg
...@@ -40,7 +23,6 @@ extends = ...@@ -40,7 +23,6 @@ extends =
../../component/git/buildout.cfg ../../component/git/buildout.cfg
../../component/glib/buildout.cfg ../../component/glib/buildout.cfg
../../component/logrotate/buildout.cfg ../../component/logrotate/buildout.cfg
../../component/python-2.7/buildout.cfg
../../component/perl/buildout.cfg ../../component/perl/buildout.cfg
../../component/sqlite3/buildout.cfg ../../component/sqlite3/buildout.cfg
../../component/lxml-python/buildout.cfg ../../component/lxml-python/buildout.cfg
...@@ -51,6 +33,10 @@ extends = ...@@ -51,6 +33,10 @@ extends =
../../component/mydumper/buildout.cfg ../../component/mydumper/buildout.cfg
../../component/mysql-python/buildout.cfg ../../component/mysql-python/buildout.cfg
../../component/dropbear/buildout.cfg ../../component/dropbear/buildout.cfg
../slapos.cfg
../../component/python-2.7/buildout.cfg
# python-2.7 component is here only for compatibility with old software.cfg.
# It is not needed and should not be used in LAMP-based software.cfg
versions = versions versions = versions
...@@ -64,7 +50,6 @@ module = lamp.request ...@@ -64,7 +50,6 @@ module = lamp.request
[instance-recipe-egg] [instance-recipe-egg]
recipe = zc.recipe.egg recipe = zc.recipe.egg
#python = python2.7
eggs = ${instance-recipe:egg} eggs = ${instance-recipe:egg}
[application] [application]
...@@ -83,7 +68,7 @@ mode = 0644 ...@@ -83,7 +68,7 @@ mode = 0644
recipe = slapos.recipe.template recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-apache-php.cfg url = ${:_profile_base_location_}/instance-apache-php.cfg
output = ${buildout:directory}/template-apache-php.cfg output = ${buildout:directory}/template-apache-php.cfg
md5sum = 45bc82dc468e7f418d95c846d1a33d74 md5sum = 8ebed1e26127c066e5b69372e69e6c38
mode = 0644 mode = 0644
[template-apache-backup] [template-apache-backup]
......
...@@ -12,6 +12,7 @@ parts = ...@@ -12,6 +12,7 @@ parts =
logrotate-entry-stunnel logrotate-entry-stunnel
cron cron
cron-entry-logrotate cron-entry-logrotate
promise
eggs-directory = ${buildout:eggs-directory} eggs-directory = ${buildout:eggs-directory}
develop-eggs-directory = ${buildout:develop-eggs-directory} develop-eggs-directory = ${buildout:develop-eggs-directory}
...@@ -21,6 +22,12 @@ offline = true ...@@ -21,6 +22,12 @@ offline = true
recipe = slapos.cookbook:publishurl recipe = slapos.cookbook:publishurl
url = http://[$${apache-php:ip}]:$${apache-php:port}/ url = http://[$${apache-php:ip}]:$${apache-php:port}/
[promise]
recipe = slapos.cookbook:check_port_listening
path = $${basedirectory:promises}/apache
hostname = $${apache-php:ip}
port = $${apache-php:port}
[mariadb-urlparse] [mariadb-urlparse]
recipe = slapos.cookbook:urlparse recipe = slapos.cookbook:urlparse
url = $${request-mariadb:connection-url} url = $${request-mariadb:connection-url}
...@@ -43,8 +50,6 @@ tmp-dir = $${directory:tmp-php} ...@@ -43,8 +50,6 @@ tmp-dir = $${directory:tmp-php}
httpd-conf = $${rootdirectory:etc}/apache.conf httpd-conf = $${rootdirectory:etc}/apache.conf
wrapper = $${basedirectory:services}/apache wrapper = $${basedirectory:services}/apache
promise = $${basedirectory:promises}/apache
httpd-binary = ${apache:location}/bin/httpd httpd-binary = ${apache:location}/bin/httpd
mysql-username = $${mariadb-urlparse:username} mysql-username = $${mariadb-urlparse:username}
......
[buildout]
extends =
../component/nodejs/buildout.cfg
../component/lxml-python/buildout.cfg
../stack/slapos.cfg
versions = versions
parts =
eggs
nodejs
npm
[eggs]
recipe = zc.recipe.egg
eggs =
slapos.cookbook
${lxml-python:egg}
...@@ -18,6 +18,7 @@ exec-sitecustomize = false ...@@ -18,6 +18,7 @@ exec-sitecustomize = false
# Add location for modified non-official slapos.buildout # Add location for modified non-official slapos.buildout
find-links += find-links +=
http://www.nexedi.org/static/packages/source/slapos.buildout/ http://www.nexedi.org/static/packages/source/slapos.buildout/
http://www.nexedi.org/static/packages/source/hexagonit.recipe.download/
# Use only quite well working sites. # Use only quite well working sites.
allow-hosts += allow-hosts +=
...@@ -38,3 +39,12 @@ allow-hosts += ...@@ -38,3 +39,12 @@ allow-hosts +=
# Unzippig of eggs is required, as SlapOS do not yet provide nicely working # Unzippig of eggs is required, as SlapOS do not yet provide nicely working
# development / fast switching environment for whole software # development / fast switching environment for whole software
unzip = true unzip = true
versions = versions
[versions]
# Use patched hexagonit.recipe.download from
# https://github.com/SlapOS/hexagonit.recipe.download
hexagonit.recipe.download = 1.5.1-dev-slapos-001
# Use SlapOS patched zc.buildout
zc.buildout = 1.6.0-dev-SlapOS-004
...@@ -4,6 +4,7 @@ extends = ...@@ -4,6 +4,7 @@ extends =
../component/java/buildout.cfg ../component/java/buildout.cfg
../component/mysql-5.1/buildout.cfg ../component/mysql-5.1/buildout.cfg
../component/python-2.7/buildout.cfg ../component/python-2.7/buildout.cfg
../component/tomcat/buildout.cfg
../stack/shacache-client.cfg ../stack/shacache-client.cfg
find-links += find-links +=
...@@ -42,12 +43,6 @@ recipe = hexagonit.recipe.download ...@@ -42,12 +43,6 @@ recipe = hexagonit.recipe.download
url = http://download.softagency.net/mysql/Downloads/Connector-J/mysql-connector-java-5.1.17.zip url = http://download.softagency.net/mysql/Downloads/Connector-J/mysql-connector-java-5.1.17.zip
md5sum = 22e1aff6104bb9006f8744a02bf73124 md5sum = 22e1aff6104bb9006f8744a02bf73124
[tomcat]
recipe = hexagonit.recipe.download
strip-top-level-dir = true
url = http://apache.multidist.com/tomcat/tomcat-6/v6.0.32/bin/apache-tomcat-6.0.32.zip
md5sum = 082a0707985b6c029920d4d6d5ec11cd
[eggs] [eggs]
recipe = zc.recipe.egg recipe = zc.recipe.egg
python = python2.7 python = python2.7
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment