Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
S
slapos
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Kirill Smelkov
slapos
Commits
9cf2c244
Commit
9cf2c244
authored
Oct 11, 2023
by
Kirill Smelkov
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
.
parent
06441439
Changes
75
Expand all
Show whitespace changes
Inline
Side-by-side
Showing
75 changed files
with
4326 additions
and
3455 deletions
+4326
-3455
component/binutils/buildout.cfg
component/binutils/buildout.cfg
+1
-0
component/ca-certificates/buildout.cfg
component/ca-certificates/buildout.cfg
+4
-3
component/ca-certificates/ca-certificates-mkdir-p.patch
component/ca-certificates/ca-certificates-mkdir-p.patch
+0
-16
component/ca-certificates/ca-certificates-no-cryptography.patch
...ent/ca-certificates/ca-certificates-no-cryptography.patch
+36
-0
component/egg-patch/Zope/0001-WSGIPublisher-set-REMOTE_USER-even-in-case-of-error-.patch
...SGIPublisher-set-REMOTE_USER-even-in-case-of-error-.patch
+64
-0
component/file/buildout.cfg
component/file/buildout.cfg
+2
-2
component/firewalld/buildout.cfg
component/firewalld/buildout.cfg
+1
-1
component/freetype/buildout.cfg
component/freetype/buildout.cfg
+5
-2
component/gdal/buildout.cfg
component/gdal/buildout.cfg
+2
-3
component/ghostscript/buildout.cfg
component/ghostscript/buildout.cfg
+3
-2
component/git/buildout.cfg
component/git/buildout.cfg
+2
-2
component/glib/buildout.cfg
component/glib/buildout.cfg
+5
-1
component/imagemagick/buildout.cfg
component/imagemagick/buildout.cfg
+18
-8
component/imagemagick/imagemagick-7.0.2-10-no-gsx-gsc-probe.patch
...t/imagemagick/imagemagick-7.0.2-10-no-gsx-gsc-probe.patch
+0
-11
component/imagemagick/imagemagick-7.1.1-20-no-gsx-gsc-probe.patch
...t/imagemagick/imagemagick-7.1.1-20-no-gsx-gsc-probe.patch
+11
-0
component/imagemagick/safe_policy.patch
component/imagemagick/safe_policy.patch
+66
-41
component/leptonica/buildout.cfg
component/leptonica/buildout.cfg
+5
-3
component/libtiff/buildout.cfg
component/libtiff/buildout.cfg
+1
-1
component/libtiff/debian_4.2.0-1+deb11u4.patch
component/libtiff/debian_4.2.0-1+deb11u4.patch
+282
-0
component/nodejs/buildout.cfg
component/nodejs/buildout.cfg
+28
-9
component/openssl/buildout.cfg
component/openssl/buildout.cfg
+6
-4
component/pillow/buildout.cfg
component/pillow/buildout.cfg
+0
-4
component/theia/buildout.cfg
component/theia/buildout.cfg
+5
-0
component/theia/buildout.hash.cfg
component/theia/buildout.hash.cfg
+2
-2
component/theia/download-plugins.cfg
component/theia/download-plugins.cfg
+66
-66
component/theia/generate_download_plugins_cfg.py
component/theia/generate_download_plugins_cfg.py
+1
-3
component/theia/preloadTemplate.html
component/theia/preloadTemplate.html
+1
-0
component/theia/yarn.lock
component/theia/yarn.lock
+2290
-2267
component/trafficserver/buildout.cfg
component/trafficserver/buildout.cfg
+2
-2
component/webp/buildout.cfg
component/webp/buildout.cfg
+3
-2
component/xorg/buildout.cfg
component/xorg/buildout.cfg
+2
-2
software/erp5/test/test/test_balancer.py
software/erp5/test/test/test_balancer.py
+28
-2
software/kvm/instance-kvm-cluster-input-schema.json
software/kvm/instance-kvm-cluster-input-schema.json
+0
-1
software/kvm/instance-kvm-input-schema.json
software/kvm/instance-kvm-input-schema.json
+0
-1
software/mail-server/buildout.hash.cfg
software/mail-server/buildout.hash.cfg
+1
-1
software/mail-server/instance-default.cfg.in
software/mail-server/instance-default.cfg.in
+5
-0
software/monitor/test/test.py
software/monitor/test/test.py
+137
-0
software/osie-coupler/buildout.hash.cfg
software/osie-coupler/buildout.hash.cfg
+1
-1
software/osie-coupler/instance.cfg.in
software/osie-coupler/instance.cfg.in
+1
-2
software/peertube/software.cfg
software/peertube/software.cfg
+2
-2
software/rapid-cdn/buildout.hash.cfg
software/rapid-cdn/buildout.hash.cfg
+6
-6
software/rapid-cdn/instance-frontend.cfg.in
software/rapid-cdn/instance-frontend.cfg.in
+5
-1
software/rapid-cdn/instance-kedifa.cfg.in
software/rapid-cdn/instance-kedifa.cfg.in
+5
-1
software/rapid-cdn/instance-slave-list.cfg.in
software/rapid-cdn/instance-slave-list.cfg.in
+44
-10
software/rapid-cdn/software.cfg
software/rapid-cdn/software.cfg
+1
-1
software/rapid-cdn/templates/backend-haproxy.cfg.in
software/rapid-cdn/templates/backend-haproxy.cfg.in
+19
-34
software/rapid-cdn/templates/frontend-haproxy-crt-list.in
software/rapid-cdn/templates/frontend-haproxy-crt-list.in
+3
-2
software/rapid-cdn/templates/frontend-haproxy.cfg.in
software/rapid-cdn/templates/frontend-haproxy.cfg.in
+15
-36
software/rapid-cdn/test/test.py
software/rapid-cdn/test/test.py
+69
-33
software/rapid-cdn/test/test_data/test.TestEnableHttp2ByDefaultFalseSlave.test00cluster_request_instance_parameter_dict.txt
...seSlave.test00cluster_request_instance_parameter_dict.txt
+239
-239
software/rapid-cdn/test/test_data/test.TestSlave.test00cluster_request_instance_parameter_dict.txt
...stSlave.test00cluster_request_instance_parameter_dict.txt
+239
-239
software/rapid-cdn/test/test_data/test.TestSlaveHealthCheck.test00cluster_request_instance_parameter_dict.txt
...thCheck.test00cluster_request_instance_parameter_dict.txt
+32
-32
software/rapid-cdn/test/test_data/test.TestSlaveHostHaproxyClash.test00cluster_request_instance_parameter_dict.txt
...xyClash.test00cluster_request_instance_parameter_dict.txt
+40
-12
software/rapid-cdn/test/test_data/test.TestSlaveHostHaproxyClash.test00file_list_log.txt
...ta/test.TestSlaveHostHaproxyClash.test00file_list_log.txt
+12
-6
software/rapid-cdn/test/test_data/test.TestSlaveHttp3.test00cluster_request_instance_parameter_dict.txt
...veHttp3.test00cluster_request_instance_parameter_dict.txt
+239
-239
software/rapid-cdn/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibility.test00cluster_request_instance_parameter_dict.txt
...ibility.test00cluster_request_instance_parameter_dict.txt
+40
-40
software/re6stnet/buildout.hash.cfg
software/re6stnet/buildout.hash.cfg
+1
-1
software/re6stnet/instance-re6stnet.cfg.in
software/re6stnet/instance-re6stnet.cfg.in
+1
-0
software/slapos-sr-testing/software.cfg
software/slapos-sr-testing/software.cfg
+101
-8
software/theia/buildout.hash.cfg
software/theia/buildout.hash.cfg
+1
-1
software/theia/instance-theia.cfg.jinja.in
software/theia/instance-theia.cfg.jinja.in
+8
-5
software/theia/test/test.py
software/theia/test/test.py
+14
-2
stack/erp5-zope2/buildout.cfg
stack/erp5-zope2/buildout.cfg
+0
-2
stack/erp5-zope2/buildout.hash.cfg
stack/erp5-zope2/buildout.hash.cfg
+1
-1
stack/erp5-zope2/my.cnf.in
stack/erp5-zope2/my.cnf.in
+5
-0
stack/erp5/buildout.cfg
stack/erp5/buildout.cfg
+7
-5
stack/erp5/buildout.hash.cfg
stack/erp5/buildout.hash.cfg
+2
-2
stack/erp5/haproxy.cfg.in
stack/erp5/haproxy.cfg.in
+3
-4
stack/erp5/my.cnf.in
stack/erp5/my.cnf.in
+5
-0
stack/erp5/zope-versions.cfg
stack/erp5/zope-versions.cfg
+10
-4
stack/monitor/buildout.cfg
stack/monitor/buildout.cfg
+5
-0
stack/monitor/buildout.hash.cfg
stack/monitor/buildout.hash.cfg
+5
-1
stack/monitor/instance-monitor.cfg.jinja2.in
stack/monitor/instance-monitor.cfg.jinja2.in
+14
-2
stack/monitor/templates/template-monitor-httpd-wrapper.sh.in
stack/monitor/templates/template-monitor-httpd-wrapper.sh.in
+27
-0
stack/slapos.cfg
stack/slapos.cfg
+19
-19
No files found.
component/binutils/buildout.cfg
View file @
9cf2c244
...
...
@@ -57,3 +57,4 @@ configure-options =
environment =
LDFLAGS=-L${gettext:location}/lib -lintl -Wl,-rpath=${gettext:location}/lib -Wl,-rpath=${zlib:location}/lib
PATH=${texinfo7:location}/bin:${bison:location}/bin:${m4:location}/bin:%(PATH)s
BISON_PKGDATADIR=${bison:location}/share/bison
component/ca-certificates/buildout.cfg
View file @
9cf2c244
...
...
@@ -12,12 +12,13 @@ parts =
[ca-certificates]
recipe = slapos.recipe.cmmi
shared = true
url = http
://deb.debian.org/debian/pool/main/c/ca-certificates/ca-certificates_20210119
.tar.xz
md5sum =
c02582bf9ae338e558617291897615eb
url = http
s://deb.debian.org/debian/pool/main/c/ca-certificates/ca-certificates_20230311
.tar.xz
md5sum =
fc1c3ec0067385f0be8ac7f6e670a0f8
patch-binary = ${patch:location}/bin/patch
patches =
${:_profile_base_location_}/ca-certificates-any-python.patch#c13b44dfc3157dda13a9a2ff97a9d501
${:_profile_base_location_}/ca-certificates-sbin-dir.patch#0b4e7d82ce768823c01954ee41ef177b
${:_profile_base_location_}/ca-certificates-mkdir-p.patch#02ed8a6d60c39c4b088657888af345ef
${:_profile_base_location_}/ca-certificates-no-cryptography.patch#14ad1308623b0d15420906ae3d9b4867
patch-options = -p0
configure-command = true
make-targets = install DESTDIR=@@LOCATION@@ CERTSDIR=certs SBINDIR=sbin
...
...
component/ca-certificates/ca-certificates-
sbin-dir
.patch
→
component/ca-certificates/ca-certificates-
mkdir-p
.patch
View file @
9cf2c244
...
...
@@ -9,19 +9,3 @@
$(MAKE) -C $$dir install CERTSDIR=$(DESTDIR)/$(CERTSDIR)/$$dir; \
done
for dir in sbin; do \
--- sbin/Makefile.orig 2011-12-11 20:54:02.000000000 +0100
+++ sbin/Makefile 2012-01-09 17:31:45.207387898 +0100
@@ -3,9 +3,12 @@
#
#
+SBINDIR=/usr/sbin
+
all:
clean:
install:
- install -m755 update-ca-certificates $(DESTDIR)/usr/sbin/
+ mkdir -p $(DESTDIR)/$(SBINDIR)
+ install -m755 update-ca-certificates $(DESTDIR)/$(SBINDIR)
component/ca-certificates/ca-certificates-no-cryptography.patch
0 → 100644
View file @
9cf2c244
Don't depend on cryptography
Revert https://salsa.debian.org/debian/ca-certificates/-/commit/8033d52259172b4bddc0f8bbcb6f6566b348db72
we don't need this here.
--- mozilla/certdata2pem.py 2023-01-14 22:58:27.000000000 +0900
+++ mozilla/certdata2pem.py 2023-10-02 22:13:31.355540545 +0900
@@ -21,15 +21,12 @@
# USA.
import base64
-import datetime
import os.path
import re
import sys
import textwrap
import io
-from cryptography import x509
-
objects = []
@@ -122,12 +119,6 @@
if not obj['CKA_LABEL'] in trust or not trust[obj['CKA_LABEL']]:
continue
- cert = x509.load_der_x509_certificate(bytes(obj['CKA_VALUE']))
- if cert.not_valid_after < datetime.datetime.utcnow():
- print('!'*74)
- print('Trusted but expired certificate found: %s' % obj['CKA_LABEL'])
- print('!'*74)
-
bname = obj['CKA_LABEL'][1:-1].replace('/', '_')\
.replace(' ', '_')\
.replace('(', '=')\
component/egg-patch/Zope/0001-WSGIPublisher-set-REMOTE_USER-even-in-case-of-error-.patch
0 → 100644
View file @
9cf2c244
From 1f0be881320f440cec05eb838fa42c5ddf56a57c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=A9rome=20Perrin?= <jerome@nexedi.com>
Date: Tue, 19 Sep 2023 15:19:51 +0900
Subject: [PATCH] WSGIPublisher: set REMOTE_USER even in case of error (#1156)
This fixes a problem that user name was empty in access log for error pages.
Fixes #1155
---------
Co-authored-by: Michael Howitz <icemac@gmx.net>
---
src/ZPublisher/WSGIPublisher.py | 13 +++++++------
src/ZPublisher/tests/test_WSGIPublisher.py | 9 +++++++++
2 files changed, 16 insertions(+), 6 deletions(-)
diff --git a/src/ZPublisher/WSGIPublisher.py b/src/ZPublisher/WSGIPublisher.py
index bd0ae1d17..09b2c44c9 100644
--- a/src/ZPublisher/WSGIPublisher.py
+++ b/src/ZPublisher/WSGIPublisher.py
@@ -382,12 +382,13 @@
def publish_module(environ, start_response,
try:
with load_app(module_info) as new_mod_info:
with transaction_pubevents(request, response):
- response = _publish(request, new_mod_info)
-
- user = getSecurityManager().getUser()
- if user is not None and \
- user.getUserName() != 'Anonymous User':
- environ['REMOTE_USER'] = user.getUserName()
+ try:
+ response = _publish(request, new_mod_info)
+ finally:
+ user = getSecurityManager().getUser()
+ if user is not None and \
+ user.getUserName() != 'Anonymous User':
+ environ['REMOTE_USER'] = user.getUserName()
break
except TransientError:
if request.supports_retry():
diff --git a/src/ZPublisher/tests/test_WSGIPublisher.py b/src/ZPublisher/tests/test_WSGIPublisher.py
index 989970f24..38e402ab3 100644
--- a/src/ZPublisher/tests/test_WSGIPublisher.py
+++ b/src/ZPublisher/tests/test_WSGIPublisher.py
@@ -822,6 +822,15 @@
class TestPublishModule(ZopeTestCase):
self._callFUT(environ, start_response, _publish)
self.assertFalse('REMOTE_USER' in environ)
+ def test_set_REMOTE_USER_environ_error(self):
+ environ = self._makeEnviron()
+ start_response = DummyCallable()
+ _publish = DummyCallable()
+ _publish._raise = ValueError()
+ with self.assertRaises(ValueError):
+ self._callFUT(environ, start_response, _publish)
+ self.assertEqual(environ['REMOTE_USER'], user_name)
+
def test_webdav_source_port(self):
from ZPublisher import WSGIPublisher
old_webdav_source_port = WSGIPublisher._WEBDAV_SOURCE_PORT
--
2.39.2
component/file/buildout.cfg
View file @
9cf2c244
...
...
@@ -11,8 +11,8 @@ extends =
[file]
recipe = slapos.recipe.cmmi
shared = true
url = http://ftp.astron.com/pub/file/file-5.4
4
.tar.gz
md5sum =
a60d586d49d015d842b9294864a89c
7a
url = http://ftp.astron.com/pub/file/file-5.4
5
.tar.gz
md5sum =
26b2a96d4e3a8938827a1e572afd52
7a
configure-options =
--disable-static
--disable-libseccomp
...
...
component/firewalld/buildout.cfg
View file @
9cf2c244
...
...
@@ -76,7 +76,7 @@ environment =
CPPFLAGS=-I${glib:location}/include/glib-2.0 -I${glib:location}/lib/glib-2.0/include
LDFLAGS=-L${glib:location}/lib -Wl,-rpath=${glib:location}/lib -L${libffi:location}/lib -Wl,-rpath=${libffi:location}/lib -lffi -L${zlib:location}/lib/ -Wl,-rpath=${zlib:location}/lib/
GLIB_CFLAGS=-I${glib:location}/include/glib-2.0 -I${glib:location}/lib/glib-2.0/include
GLIB_LIBS=-L${glib:location}/lib -lglib-2.0 -l
intl -l
gobject-2.0
GLIB_LIBS=-L${glib:location}/lib -lglib-2.0 -lgobject-2.0
FFI_CFLAGS=-I${libffi:location}/include
FFI_LIBS=-L${libffi:location}/lib -Wl,-rpath=${libffi:location}/lib -lffi
GIR_DIR=${buildout:parts-directory}/${:_buildout_section_name_}/share/gir-1.0
...
...
component/freetype/buildout.cfg
View file @
9cf2c244
...
...
@@ -14,12 +14,15 @@ parts =
[freetype]
recipe = slapos.recipe.cmmi
shared = true
url = http
://download.savannah.gnu.org/releases/freetype/freetype-2.7.1.tar.bz2
md5sum =
b3230110e0cab777e0df7631837ac36e
url = http
s://download.savannah.gnu.org/releases/freetype/freetype-2.13.2.tar.xz
md5sum =
1f625f0a913c449551b1e3790a1817d7
pkg_config_depends = ${zlib:location}/lib/pkgconfig:${libpng:location}/lib/pkgconfig
location = @@LOCATION@@
configure-options =
--disable-static
--enable-freetype-config
--without-brotli
--without-librsvg
environment =
PATH=${pkgconfig:location}/bin:%(PATH)s
PKG_CONFIG_PATH=${:pkg_config_depends}
...
...
component/gdal/buildout.cfg
View file @
9cf2c244
...
...
@@ -9,7 +9,6 @@ extends =
../pcre/buildout.cfg
../proj4/buildout.cfg
../sqlite3/buildout.cfg
../webp/buildout.cfg
../xz-utils/buildout.cfg
parts =
...
...
@@ -32,12 +31,12 @@ configure-options =
--with-png=${libpng:location}
--with-static-proj4=${proj4:location}
--with-sqlite3=${sqlite3:location}
--with-webp=${webp:location}
--with-xml2=${libxml2:location}/bin/xml2-config
--without-webp
environment =
PATH=${xz-utils:location}/bin:%(PATH)s
CPPFLAGS=-I${pcre:location}/include
LDFLAGS=-L${pcre:location}/lib -Wl,-rpath=${buildout:parts-directory}/${:_buildout_section_name_}/lib -Wl,-rpath=${curl:location}/lib -Wl,-rpath=${geos:location}/lib -Wl,-rpath=${giflib:location}/lib -Wl,-rpath=${jasper:location}/lib -Wl,-rpath=${jbigkit:location}/lib -Wl,-rpath=${libexpat:location}/lib -Wl,-rpath=${libjpeg:location}/lib -Wl,-rpath=${libpng:location}/lib -Wl,-rpath=${libtiff:location}/lib -Wl,-rpath=${libxml2:location}/lib -Wl,-rpath=${openssl:location}/lib -Wl,-rpath=${pcre:location}/lib -Wl,-rpath=${sqlite3:location}/lib -Wl,-rpath=${
webp:location}/lib -Wl,-rpath=${
zlib:location}/lib
LDFLAGS=-L${pcre:location}/lib -Wl,-rpath=${buildout:parts-directory}/${:_buildout_section_name_}/lib -Wl,-rpath=${curl:location}/lib -Wl,-rpath=${geos:location}/lib -Wl,-rpath=${giflib:location}/lib -Wl,-rpath=${jasper:location}/lib -Wl,-rpath=${jbigkit:location}/lib -Wl,-rpath=${libexpat:location}/lib -Wl,-rpath=${libjpeg:location}/lib -Wl,-rpath=${libpng:location}/lib -Wl,-rpath=${libtiff:location}/lib -Wl,-rpath=${libxml2:location}/lib -Wl,-rpath=${openssl:location}/lib -Wl,-rpath=${pcre:location}/lib -Wl,-rpath=${sqlite3:location}/lib -Wl,-rpath=${zlib:location}/lib
[gdal-python]
recipe = zc.recipe.egg:custom
...
...
component/ghostscript/buildout.cfg
View file @
9cf2c244
...
...
@@ -14,8 +14,8 @@ parts = ghostscript
[ghostscript]
recipe = slapos.recipe.cmmi
shared = true
url = https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs
9550/ghostscript-9.55
.0.tar.xz
md5sum =
92aa46e75c4f32eb11d9c975053d876c
url = https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs
10020/ghostscript-10.02
.0.tar.xz
md5sum =
80c1cdfada72f2eb5987dc0d590ea5b2
pkg_config_depends = ${libtiff:location}/lib/pkgconfig:${libjpeg:location}/lib/pkgconfig:${fontconfig:location}/lib/pkgconfig:${fontconfig:pkg_config_depends}
# XXX --with-tessdata work arounds a slaprunner bug of having softwares installed in a path containing //
configure-options =
...
...
@@ -23,6 +23,7 @@ configure-options =
--disable-threadsafe
--with-system-libtiff
--without-libidn
--without-so
--without-x
--with-drivers=FILES
--with-tessdata=$(python -c 'print("""${:tessdata-location}""".replace("//", "/"))')
...
...
component/git/buildout.cfg
View file @
9cf2c244
...
...
@@ -18,8 +18,8 @@ parts =
[git]
recipe = slapos.recipe.cmmi
shared = true
url = https://mirrors.edge.kernel.org/pub/software/scm/git/git-2.4
0.1
.tar.xz
md5sum =
125d13c374a9ec9253f42c483bacec31
url = https://mirrors.edge.kernel.org/pub/software/scm/git/git-2.4
2.0
.tar.xz
md5sum =
e61c187f6863d5e977e60cdedf213ec0
configure-options =
--with-curl=${curl:location}
--with-openssl=${openssl:location}
...
...
component/glib/buildout.cfg
View file @
9cf2c244
...
...
@@ -7,6 +7,7 @@ extends =
../patch/buildout.cfg
../pcre2/buildout.cfg
../perl/buildout.cfg
../python3/buildout.cfg
../pkgconfig/buildout.cfg
../xz-utils/buildout.cfg
../zlib/buildout.cfg
...
...
@@ -14,6 +15,9 @@ extends =
parts =
glib
[gcc]
min_version = 8
[glib]
recipe = slapos.recipe.cmmi
shared = true
...
...
@@ -24,7 +28,7 @@ make-binary = ninja -C builddir
pkg_config_depends = ${pcre2:location}/lib/pkgconfig:${libffi:location}/lib/pkgconfig:${zlib:location}/lib/pkgconfig
environment =
PKG_CONFIG_PATH=${:pkg_config_depends}
PATH=${ninja:location}/bin:${pkgconfig:location}/bin:${patch:location}/bin:${perl:location}/bin:${xz-utils:location}/bin:%(PATH)s
PATH=${
python3:location}/bin:${
ninja:location}/bin:${pkgconfig:location}/bin:${patch:location}/bin:${perl:location}/bin:${xz-utils:location}/bin:%(PATH)s
CFLAGS=-I${gettext:location}/include
LDFLAGS=-L${gettext:location}/lib -lintl -Wl,-rpath=${gettext:location}/lib -Wl,-rpath=${libffi:location}/lib -Wl,-rpath=${zlib:location}/lib -Wl,-rpath=@@LOCATION@@/lib -Wl,-rpath=${pcre2:location}/lib
post-install = rm %(location)s/bin/gtester-report
component/imagemagick/buildout.cfg
View file @
9cf2c244
...
...
@@ -19,23 +19,27 @@ extends =
../jbigkit/buildout.cfg
../patch/buildout.cfg
../pkgconfig/buildout.cfg
../webp/buildout.cfg
../xz-utils/buildout.cfg
../zlib/buildout.cfg
[imagemagick]
recipe = slapos.recipe.cmmi
shared = true
version = 7.
0.2-1
0
version = 7.
1.1-2
0
url = https://www.imagemagick.org/download/releases/ImageMagick-${:version}.tar.xz
md5sum = e1cb23d9c10a8eff228ef30ee281711a
pkg_config_depends = ${fontconfig:location}/lib/pkgconfig:${fontconfig:pkg_config_depends}:${lcms2:location}/lib/pkgconfig:${xz-utils:location}/lib/pkgconfig
md5sum = 4ce5c6854c1f8ab6ce5571a9377b1f2f
pkg_config_depends = ${fontconfig:location}/lib/pkgconfig:${fontconfig:pkg_config_depends}:${lcms2:location}/lib/pkgconfig:${libtiff:location}/lib/pkgconfig:${xz-utils:location}/lib/pkgconfig
# Change export-filename to export-png for inkscape < 1.0
pre-configure =
sed -i -e 's,--export-filename=,--export-png=,' config/delegates.xml.in
configure-options =
--disable-static
--without-x
--with-frozenpaths
--with-magick-plus-plus
--disable-openmp
--disable-opencl
--without-dmr
--without-dps
--without-djvu
--without-fftw
...
...
@@ -44,6 +48,8 @@ configure-options =
--with-fontconfig
--without-gslib
--without-gvc
--without-heic
--without-jxl
--with-lcms
--without-openjp2
--without-lqr
...
...
@@ -51,17 +57,21 @@ configure-options =
--without-openexr
--without-pango
--without-raqm
--without-raw
--without-rsvg
--without-webp
--without-wmf
--without-zip
--without-zstd
--with-bzlib=${bzip2:location}
--with-zlib=${zlib:location}
--with-frozenpaths
patch-options = -p1
patches =
${:_profile_base_location_}/imagemagick-7.
0.2-10-no-gsx-gsc-probe.patch#64898455d5175efedd1a7bef9f1f18b5
${:_profile_base_location_}/safe_policy.patch#
383c0392de7257c9dff7270973342914
${:_profile_base_location_}/imagemagick-7.
1.1-20-no-gsx-gsc-probe.patch#98762d1977e5bce2e12954818a671eb9
${:_profile_base_location_}/safe_policy.patch#
0226c51e276f397b5900815c17dcf117
environment =
PATH=${freetype:location}/bin:${ghostscript:location}/bin:${inkscape:location}/bin:${libxml2:location}/bin:${patch:location}/bin:${pkgconfig:location}/bin:${xz-utils:location}/bin:%(PATH)s
PKG_CONFIG_PATH=${:pkg_config_depends}
CPPFLAGS=-I${bzip2:location}/include -I${zlib:location}/include -I${jbigkit:location}/include -I${libjpeg:location}/include -I${libt
iff:location}/include -I${libtool:location}/include -I${libpng:location}/include -I${jasper:location}/include -I${freetype:location}/include -I${webp
:location}/include
LDFLAGS=-L${bzip2:location}/lib -Wl,-rpath=${bzip2:location}/lib -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib -L${jbigkit:location}/lib -Wl,-rpath=${jbigkit:location}/lib -L${libjpeg:location}/lib -Wl,-rpath=${libjpeg:location}/lib -L${libt
iff:location}/lib -Wl,-rpath=${libtiff:location}/lib -L${libtool:location}/lib -Wl,-rpath=${libtool:location}/lib -L${libpng:location}/lib -Wl,-rpath=${libpng:location}/lib -L${jasper:location}/lib -Wl,-rpath=${jasper:location}/lib -L${freetype:location}/lib -Wl,-rpath=${freetype:location}/lib -L${webp:location}/lib -Wl,-rpath=${webp
:location}/lib
CPPFLAGS=-I${bzip2:location}/include -I${zlib:location}/include -I${jbigkit:location}/include -I${libjpeg:location}/include -I${libt
ool:location}/include -I${libpng:location}/include -I${jasper:location}/include -I${freetype
:location}/include
LDFLAGS=-L${bzip2:location}/lib -Wl,-rpath=${bzip2:location}/lib -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib -L${jbigkit:location}/lib -Wl,-rpath=${jbigkit:location}/lib -L${libjpeg:location}/lib -Wl,-rpath=${libjpeg:location}/lib -L${libt
ool:location}/lib -Wl,-rpath=${libtool:location}/lib -L${libpng:location}/lib -Wl,-rpath=${libpng:location}/lib -L${jasper:location}/lib -Wl,-rpath=${jasper:location}/lib -L${freetype:location}/lib -Wl,-rpath=${freetype
:location}/lib
component/imagemagick/imagemagick-7.0.2-10-no-gsx-gsc-probe.patch
deleted
100644 → 0
View file @
06441439
--- ImageMagick-7.0.2-10/configure.ac.orig 2016-08-30 11:33:39.160279386 +0200
+++ ImageMagick-7.0.2-10/configure.ac 2016-08-30 11:35:34.753290590 +0200
@@ -3110,7 +3110,7 @@
AC_PATH_PROG(MrSIDDecodeDelegate, "$MrSIDDecodeDelegateDefault", "$MrSIDDecodeDelegateDefault")
AC_PATH_PROG(MVDelegate, "$MVDelegateDefault", "$MVDelegateDefault")
AC_PATH_PROG(PCLDelegate, "$PCLDelegateDefault", "$PCLDelegateDefault")
-AC_PATH_PROGS(PSDelegate, gsx gsc "$PSDelegateDefault", "$PSDelegateDefault")
+AC_PATH_PROGS(PSDelegate, "$PSDelegateDefault", "$PSDelegateDefault")
AC_PATH_PROG(RMDelegate, "$RMDelegateDefault", "$RMDelegateDefault")
AC_PATH_PROG(RSVGDecodeDelegate, "$RSVGDecodeDelegateDefault", "$RSVGDecodeDelegateDefault")
AC_PATH_PROG(SVGDecodeDelegate, "$SVGDecodeDelegateDefault", "$SVGDecodeDelegateDefault")
component/imagemagick/imagemagick-7.1.1-20-no-gsx-gsc-probe.patch
0 → 100644
View file @
9cf2c244
--- ImageMagick-7.1.1-20/configure.ac.orig 2023-10-08 23:05:13.000000000 +0200
+++ ImageMagick-7.1.1-20/configure.ac 2023-10-10 09:22:13.287693848 +0200
@@ -3317,7 +3317,7 @@
AC_PATH_PROG([MrSIDDecodeDelegate],["$MrSIDDecodeDelegateDefault"],["$MrSIDDecodeDelegateDefault"])
AC_PATH_PROG([MVDelegate],["$MVDelegateDefault"],["$MVDelegateDefault"])
AC_PATH_PROG([PCLDelegate],["$PCLDelegateDefault"],["$PCLDelegateDefault"])
-AC_PATH_PROGS([PSDelegate],[gsx gsc "$PSDelegateDefault"],["$PSDelegateDefault"])
+AC_PATH_PROGS([PSDelegate],["$PSDelegateDefault"],["$PSDelegateDefault"])
AC_PATH_PROG([RMDelegate],["$RMDelegateDefault"],["$RMDelegateDefault"])
AC_PATH_PROG([RSVGDecodeDelegate],["$RSVGDecodeDelegateDefault"],["$RSVGDecodeDelegateDefault"])
AC_PATH_PROG([SVGDecodeDelegate],["$SVGDecodeDelegateDefault"],["$SVGDecodeDelegateDefault"])
component/imagemagick/safe_policy.patch
View file @
9cf2c244
--- ImageMagick-7.0.2-10/config/policy.xml.orig 2016-08-30 11:37:29.110253211 +0200
+++ ImageMagick-7.0.2-10/config/policy.xml 2016-08-30 11:40:09.719555899 +0200
@@ -50,19 +50,28 @@
-->
--- ImageMagick-7.1.1-20.orig/config/policy-open.xml 2023-10-08 23:05:13.000000000 +0200
+++ ImageMagick-7.1.1-20/config/policy-open.xml 2023-10-10 18:29:06.846344247 +0200
@@ -84,41 +84,41 @@
<policymap>
<!-- <policy domain="resource" name="temporary-path" value="/tmp"/> -->
- <!-- <policy domain="resource" name="memory" value="2GiB"/> -->
- <!-- <policy domain="resource" name="map" value="4GiB"/> -->
- <!-- <policy domain="resource" name="width" value="10MP"/> -->
- <!-- <policy domain="resource" name="height" value="10MP"/> -->
- <!-- <policy domain="resource" name="area" value="1GB"/> -->
- <!-- <policy domain="resource" name="disk" value="16EB"/> -->
<policy domain="Undefined" rights="none"/>
<!-- Set maximum parallel threads. -->
- <!-- <policy domain="resource" name="thread" value="2"/> -->
+ <policy domain="resource" name="thread" value="2"/>
<!-- Set maximum time in seconds. When this limit is exceeded, an exception
is thrown and processing stops. -->
- <!-- <policy domain="resource" name="time" value="120"/> -->
+ <policy domain="resource" name="time" value="120"/>
<!-- Set maximum number of open pixel cache files. When this limit is
exceeded, any subsequent pixels cached to disk are closed and reopened
on demand. -->
- <!-- <policy domain="resource" name="file" value="768"/> -->
- <!-- <policy domain="resource" name="thread" value="4"/> -->
- <!-- <policy domain="resource" name="throttle" value="0"/> -->
- <!-- <policy domain="resource" name="time" value="3600"/> -->
- <!-- <policy domain="system" name="precision" value="6"/> -->
- <!-- <policy domain="coder" rights="none" pattern="MVG" /> -->
- <!-- <policy domain="delegate" rights="none" pattern="HTTPS" /> -->
- <!-- <policy domain="path" rights="none" pattern="@*" /> -->
+ <policy domain="resource" name="memory" value="2GiB"/>
+ <policy domain="resource" name="map" value="4GiB"/>
+ <policy domain="resource" name="width" value="10MP"/>
+ <policy domain="resource" name="height" value="10MP"/>
+ <policy domain="resource" name="area" value="1GB"/>
+ <policy domain="resource" name="disk" value="16EB"/>
+ <policy domain="resource" name="file" value="768"/>
+ <policy domain="resource" name="thread" value="4"/>
+ <policy domain="resource" name="throttle" value="0"/>
+ <policy domain="resource" name="time" value="3600"/>
+ <policy domain="system" name="precision" value="6"/>
+ <policy domain="coder" rights="none" pattern="MVG" />
+ <policy domain="delegate" rights="none" pattern="HTTPS" />
+ <policy domain="path" rights="none" pattern="@*" />
<policy domain="cache" name="shared-secret" value="passphrase" stealth="true"/>
+ <policy domain="coder" rights="none" pattern="EPHEMERAL" />
+ <policy domain="coder" rights="none" pattern="HTTPS" />
+ <policy domain="coder" rights="none" pattern="MSL" />
+ <policy domain="coder" rights="none" pattern="MVG" />
+ <policy domain="coder" rights="none" pattern="PLT" />
+ <policy domain="coder" rights="none" pattern="SHOW" />
+ <policy domain="coder" rights="none" pattern="TEXT" />
+ <policy domain="coder" rights="none" pattern="URL" />
+ <policy domain="coder" rights="none" pattern="WIN" />
<!-- Set maximum amount of memory in bytes to allocate for the pixel cache
from the heap. When this limit is exceeded, the image pixels are cached
to memory-mapped disk. -->
- <!-- <policy domain="resource" name="memory" value="256MiB"/> -->
+ <policy domain="resource" name="memory" value="256MiB"/>
<!-- Set maximum amount of memory map in bytes to allocate for the pixel
cache. When this limit is exceeded, the image pixels are cached to
disk. -->
- <!-- <policy domain="resource" name="map" value="512MiB"/> -->
+ <policy domain="resource" name="map" value="512MiB"/>
<!-- Set the maximum width * height of an image that can reside in the pixel
cache memory. Images that exceed the area limit are cached to disk. -->
- <!-- <policy domain="resource" name="area" value="16KP"/> -->
+ <policy domain="resource" name="area" value="16KP"/>
<!-- Set maximum amount of disk space in bytes permitted for use by the pixel
cache. When this limit is exceeded, the pixel cache is not be created
and an exception is thrown. -->
- <!-- <policy domain="resource" name="disk" value="1GiB"/> -->
+ <policy domain="resource" name="disk" value="1GiB"/>
<!-- Set the maximum length of an image sequence. When this limit is
exceeded, an exception is thrown. -->
- <!-- <policy domain="resource" name="list-length" value="32"/> -->
+ <policy domain="resource" name="list-length" value="32"/>
<!-- Set the maximum width of an image. When this limit is exceeded, an
exception is thrown. -->
- <!-- <policy domain="resource" name="width" value="8KP"/> -->
+ <policy domain="resource" name="width" value="8KP"/>
<!-- Set the maximum height of an image. When this limit is exceeded, an
exception is thrown. -->
- <!-- <policy domain="resource" name="height" value="8KP"/> -->
+ <policy domain="resource" name="height" value="8KP"/>
<!-- Periodically yield the CPU for at least the time specified in
milliseconds. -->
- <!-- <policy domain="resource" name="throttle" value="2"/> -->
+ <policy domain="resource" name="throttle" value="2"/>
<!-- Do not create temporary files in the default shared directories, instead
specify a private area to store only ImageMagick temporary files. -->
<!-- <policy domain="resource" name="temporary-path" value="/magick/tmp/"/> -->
@@ -138,7 +138,7 @@
<!-- don't read sensitive paths. -->
<!-- <policy domain="path" rights="none" pattern="/etc/*"/> -->
<!-- Indirect reads are not permitted. -->
- <!-- <policy domain="path" rights="none" pattern="@*"/> -->
+ <policy domain="path" rights="none" pattern="@*"/>
<!-- These image types are security risks on read, but write is fine -->
<!-- <policy domain="module" rights="write" pattern="{MSL,MVG,PS,SVG,URL,XPS}"/> -->
<!-- This policy sets the number of times to replace content of certain
@@ -150,4 +150,5 @@
<!-- Set the maximum amount of memory in bytes that are permitted for
allocation requests. -->
<!-- <policy domain="system" name="max-memory-request" value="256MiB"/> -->
+ <policy domain="coder" rights="none" pattern="{EPHEMERAL,HTTPS,MSL,MVG,PLT,SHOW,TEXT,URL,WIN}" />
</policymap>
component/leptonica/buildout.cfg
View file @
9cf2c244
...
...
@@ -5,7 +5,6 @@ extends =
../libjpeg/buildout.cfg
../libpng/buildout.cfg
../libtiff/buildout.cfg
../webp/buildout.cfg
../giflib/buildout.cfg
[leptonica]
...
...
@@ -15,6 +14,9 @@ url = http://www.leptonica.org/source/leptonica-1.80.0.tar.gz
md5sum = d640d684234442a84c9e8902f0b3ff36
configure-options =
--disable-static
--without-libwebp
--without-libwebpmux
--without-libopenjpeg
environment =
CPPFLAGS=-I${zlib:location}/include -I${libjpeg:location}/include -I${libpng:location}/include -I${libtiff:location}/include -I${
webp:location}/include -I${
giflib:location}/include
LDFLAGS=-L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib -L${libjpeg:location}/lib -Wl,-rpath=${libjpeg:location}/lib -L${libpng:location}/lib -Wl,-rpath=${libpng:location}/lib -L${libtiff:location}/lib -Wl,-rpath=${libtiff:location}/lib -L${
webp:location}/lib -Wl,-rpath=${webp:location}/lib -L${
giflib:location}/lib -Wl,-rpath=${giflib:location}/lib
CPPFLAGS=-I${zlib:location}/include -I${libjpeg:location}/include -I${libpng:location}/include -I${libtiff:location}/include -I${giflib:location}/include
LDFLAGS=-L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib -L${libjpeg:location}/lib -Wl,-rpath=${libjpeg:location}/lib -L${libpng:location}/lib -Wl,-rpath=${libpng:location}/lib -L${libtiff:location}/lib -Wl,-rpath=${libtiff:location}/lib -L${giflib:location}/lib -Wl,-rpath=${giflib:location}/lib
component/libtiff/buildout.cfg
View file @
9cf2c244
...
...
@@ -22,7 +22,7 @@ configure-options =
--disable-webp
patch-options = -p1
patches =
${:_profile_base_location_}/debian_4.2.0-1+deb11u
3.patch#d4396255ca214694501f4a44e8e685c6
${:_profile_base_location_}/debian_4.2.0-1+deb11u
4.patch#88940ccaedc6337b8ee1577fbffb9e2e
environment =
CPPFLAGS=-I${libjpeg:location}/include -I${jbigkit:location}/include -I${zlib:location}/include
LDFLAGS=-L${libjpeg:location}/lib -Wl,-rpath=${libjpeg:location}/lib -L${jbigkit:location}/lib -Wl,-rpath=${jbigkit:location}/lib -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib
...
...
component/libtiff/debian_4.2.0-1+deb11u
3
.patch
→
component/libtiff/debian_4.2.0-1+deb11u
4
.patch
View file @
9cf2c244
This diff is collapsed.
Click to expand it.
component/nodejs/buildout.cfg
View file @
9cf2c244
...
...
@@ -12,13 +12,25 @@ extends =
parts =
nodejs
[nodejs]
<= nodejs-16.19.0
# nodejs 16 needs gcc > 8.3
# nodejs >= 16 needs gcc >= 8.3
[gcc]
min_version = 8.3
[nodejs]
<= nodejs-18.18.0
[nodejs-headers]
<= nodejs-headers-18.18.0
[node-gyp-environment]
# environment section to build with node-gyp.
# node-gyp downloads a tarball containing nodejs headers by default
# this uses a locally downloaded tarball, for reproductibility.
npm_config_tarball = ${nodejs-headers:target}
[nodejs-16.19.0]
<= nodejs-base
openssl_location = ${openssl:location}
...
...
@@ -38,6 +50,18 @@ post-install =
version = v16.19.0
md5sum = e7bfbf135ae54d1dcca63bf17be84818
[nodejs-18.18.0]
<= nodejs-base
openssl_location = ${openssl:location}
version = v18.18.0
md5sum = a1ce8df7e6b9df9f4ba3ff1d4e2173d2
[nodejs-headers-18.18.0]
<= nodejs-headers-base
version = v18.18.0
md5sum = c5ab3e98977dfd639d830625d79eff52
[nodejs-14.16.0]
<= nodejs-base
openssl_location = ${openssl:location}
...
...
@@ -57,11 +81,6 @@ version = v8.9.4
md5sum = 4ddc1daff327d7e6f63da57fdfc24f55
PATH = ${pkgconfig:location}/bin:${python2.7:location}/bin:%(PATH)s
[nodejs-8.6.0]
<= nodejs-base
version = v8.6.0
md5sum = 0c95e08220667d8a18b97ecec8218ac6
PATH = ${pkgconfig:location}/bin:${python2.7:location}/bin:%(PATH)s
[nodejs-8.12.0]
<= nodejs-base
...
...
component/openssl/buildout.cfg
View file @
9cf2c244
...
...
@@ -17,8 +17,8 @@ parts =
[openssl]
recipe = slapos.recipe.cmmi
shared = true
url = https://www.openssl.org/source/openssl-1.1.1
v
.tar.gz
md5sum =
9edcfdd9b96523df82b312c404f4b169
url = https://www.openssl.org/source/openssl-1.1.1
w
.tar.gz
md5sum =
3f76825f195e52d4b10c70040681a275
location = @@LOCATION@@
# 'prefix' option to override --openssldir/--prefix (which is useful
# when combined with DESTDIR). Used by slapos.package.git/obs
...
...
@@ -48,8 +48,10 @@ environment =
[openssl-quictls]
<= openssl
url = https://github.com/quictls/openssl/archive/refs/tags/OpenSSL_1_1_1v-quic1.tar.gz
md5sum = 4b0e4a81590644a027b78a54c26a75e2
# XXX tag missing for 1.1.1w
# url = https://github.com/quictls/openssl/archive/refs/tags/OpenSSL_1_1_1w-quic1.tar.gz
url = https://github.com/quictls/openssl/archive/612d8e44d687e4b71c4724319d7aa27a733bcbca.tar.gz
md5sum =4a06f8b195e817c8a0d94ebdbc7c7bb7
[openssl-output]
# Shared binary location to ease migration
...
...
component/pillow/buildout.cfg
View file @
9cf2c244
...
...
@@ -5,7 +5,6 @@ extends =
../lcms/buildout.cfg
../libjpeg/buildout.cfg
../libtiff/buildout.cfg
../webp/buildout.cfg
../zlib/buildout.cfg
parts =
...
...
@@ -20,7 +19,6 @@ include-dirs =
${lcms2:location}/include
${libjpeg:location}/include
${libtiff:location}/include
${webp:location}/include
${zlib:location}/include
library-dirs =
${freetype:location}/lib
...
...
@@ -28,7 +26,6 @@ library-dirs =
${lcms2:location}/lib
${libjpeg:location}/lib
${libtiff:location}/lib
${webp:location}/lib
${zlib:location}/lib
rpath =
${freetype:location}/lib
...
...
@@ -36,5 +33,4 @@ rpath =
${lcms2:location}/lib
${libjpeg:location}/lib
${libtiff:location}/lib
${webp:location}/lib
${zlib:location}/lib
component/theia/buildout.cfg
View file @
9cf2c244
...
...
@@ -39,6 +39,7 @@ environment =
PATH=${nodejs:location}/bin:${pkgconfig:location}/bin:${python3:location}/bin:%(PATH)s
PKG_CONFIG_PATH=${libsecret:location}/lib/pkgconfig:${libsecret:pkg_config_depends}
LDFLAGS=-Wl,-rpath=${libsecret:location}/lib -L${gettext:location}/lib -Wl,-rpath=${gettext:location}/lib -Wl,-rpath=${glib:location}/lib
npm_config_tarball=${node-gyp-environment:npm_config_tarball}
NODE_OPTIONS=--max_old_space_size=4096
pre-configure =
mkdir -p $TMPDIR
...
...
@@ -71,6 +72,7 @@ post-install =
# and anyway not used once the software is installed
rm -f %(location)s/node_modules/@msgpackr-extract/*/*.node
rm -rf $HOME/.cache/yarn/
rm -rf $HOME/.cache/puppeteer/
# remove "which" command added in $PATH that does not correctly
# handle executables thanks to a secondary group of the user.
# https://www.npmjs.com/package/which https://www.npmjs.com/package/isexe
...
...
@@ -179,6 +181,7 @@ content =
"@theia/mini-browser": "latest",
"@theia/monaco": "latest",
"@theia/navigator": "latest",
"@theia/notebook": "latest",
"@theia/outline-view": "latest",
"@theia/output": "latest",
"@theia/plugin-dev": "latest",
...
...
@@ -191,9 +194,11 @@ content =
"@theia/scm": "latest",
"@theia/scm-extra": "latest",
"@theia/search-in-workspace": "latest",
"@theia/secondary-window": "latest",
"@theia/task": "latest",
"@theia/terminal": "latest",
"@theia/timeline": "latest",
"@theia/toolbar": "latest",
"@theia/typehierarchy": "latest",
"@theia/userstorage": "latest",
"@theia/variable-resolver": "latest",
...
...
component/theia/buildout.hash.cfg
View file @
9cf2c244
...
...
@@ -15,11 +15,11 @@
[preloadTemplate.html]
_update_hash_filename_ = preloadTemplate.html
md5sum =
6343592161a349bb40e0de16ce67aa51
md5sum =
a27e2cb34e4efe2ed0d4698f505554f0
[yarn.lock]
_update_hash_filename_ = yarn.lock
md5sum =
6435aaf48cbbfe7911505c2c45cc53ea
md5sum =
bb7444ebfeea21fed1960700aa6becf9
[ms-python-disable-jedi-buildout.patch]
_update_hash_filename_ = ms-python-disable-jedi-buildout.patch
...
...
component/theia/download-plugins.cfg
View file @
9cf2c244
This diff is collapsed.
Click to expand it.
component/theia/generate_download_plugins_cfg.py
View file @
9cf2c244
...
...
@@ -49,9 +49,7 @@ for plugin_and_version in '''\
vscode/lua/latest
vscode/make/latest
vscode/markdown/latest
# Activating extension 'Markdown Language Features (built-in)' failed:
# i.workspace.onWillDropOnTextEditor is not a function
vscode/markdown-language-features/1.64.2
vscode/markdown-language-features/latest
vscode/merge-conflict/latest
vscode/npm/latest
ms-vscode/node-debug/latest
...
...
component/theia/preloadTemplate.html
View file @
9cf2c244
...
...
@@ -7,6 +7,7 @@
link
=
document
.
createElement
(
'
link
'
);
link
.
rel
=
"
manifest
"
;
link
.
href
=
"
/theia.webmanifest
"
;
link
.
crossOrigin
=
"
use-credentials
"
;
document
.
head
.
appendChild
(
link
);
if
(
'
serviceWorker
'
in
navigator
)
{
...
...
component/theia/yarn.lock
View file @
9cf2c244
This diff is collapsed.
Click to expand it.
component/trafficserver/buildout.cfg
View file @
9cf2c244
...
...
@@ -24,8 +24,8 @@ min_version = 8
[trafficserver]
recipe = slapos.recipe.cmmi
url = https://dlcdn.apache.org/trafficserver/trafficserver-9.2.
0
.tar.bz2
md5sum =
3188d53f0a2eb618fb9399e098161691
url = https://dlcdn.apache.org/trafficserver/trafficserver-9.2.
2
.tar.bz2
md5sum =
994247ed0f50e6dfcfb8d7200dcad6ea
shared = true
patch-options = -p1
configure-options =
...
...
component/webp/buildout.cfg
View file @
9cf2c244
...
...
@@ -13,11 +13,12 @@ extends =
[webp]
recipe = slapos.recipe.cmmi
shared = true
url = http://downloads.webmproject.org/releases/webp/libwebp-
0.4.1
.tar.gz
md5sum =
42bc79613ec5ee5b0e68ba97839c981e
url = http://downloads.webmproject.org/releases/webp/libwebp-
1.3.2
.tar.gz
md5sum =
34869086761c0e2da6361035f7b64771
configure-options =
--disable-static
--disable-gl
--disable-sdl
--disable-wic
--enable-everything
--with-jpegincludedir=${libjpeg:location}/include
...
...
component/xorg/buildout.cfg
View file @
9cf2c244
...
...
@@ -165,8 +165,8 @@ environment =
[libX11]
recipe = slapos.recipe.cmmi
shared = true
url = https://www.x.org/releases/individual/lib/libX11-1.8.
6
.tar.gz
md5sum =
9767ee0c5819e35142835da61b923421
url = https://www.x.org/releases/individual/lib/libX11-1.8.
7
.tar.gz
md5sum =
feb9664ce36111923c0be0b292f6e15b
pkg_config_depends = ${inputproto:location}/lib/pkgconfig:${xorgproto:location}/share/pkgconfig:${libXau:location}/lib/pkgconfig:${libxcb:location}/lib/pkgconfig:${xextproto:location}/lib/pkgconfig:${xorg-libpthread-stubs:location}/lib/pkgconfig:${xorg-util-macros:location}/share/pkgconfig:${xtrans:location}/share/pkgconfig
configure-options =
--disable-static
...
...
software/erp5/test/test/test_balancer.py
View file @
9cf2c244
...
...
@@ -805,7 +805,7 @@ class TestFrontendXForwardedFor(BalancerTestCase):
).
json
()
self
.
assertEqual
(
result
[
'Incoming Headers'
].
get
(
'x-forwarded-for'
,
''
).
split
(
', '
)[
0
],
'1.2.3.4'
)
def
test_x_forwarded_for_stripped_when_no
t_verified_connection
(
self
):
def
test_x_forwarded_for_stripped_when_no
_certificate
(
self
):
# type: () -> None
balancer_url
=
json
.
loads
(
self
.
computer_partition
.
getConnectionParameterDict
()[
'_'
])[
'default'
]
result
=
requests
.
get
(
...
...
@@ -813,7 +813,7 @@ class TestFrontendXForwardedFor(BalancerTestCase):
headers
=
{
'X-Forwarded-For'
:
'1.2.3.4'
},
verify
=
False
,
).
json
()
self
.
assertNot
Equal
(
result
[
'Incoming Headers'
].
get
(
'x-forwarded-for'
,
''
).
split
(
', '
)[
0
],
'1.2.3.4'
)
self
.
assertNot
In
(
'x-fowarded-for'
,
[
k
.
lower
()
for
k
in
result
[
'Incoming Headers'
].
keys
()]
)
balancer_url
=
json
.
loads
(
self
.
computer_partition
.
getConnectionParameterDict
()[
'_'
])[
'default-auth'
]
with
self
.
assertRaisesRegex
(
Exception
,
"certificate required"
):
requests
.
get
(
...
...
@@ -822,6 +822,32 @@ class TestFrontendXForwardedFor(BalancerTestCase):
verify
=
False
,
)
def
test_x_forwarded_for_stripped_when_not_verified_certificate
(
self
):
# type: () -> None
balancer_url
=
json
.
loads
(
self
.
computer_partition
.
getConnectionParameterDict
()[
'_'
])[
'default'
]
# certificate from an unknown CA
another_unrelated_caucase
=
self
.
getManagedResource
(
'another_unrelated_caucase'
,
CaucaseService
)
unknown_client_certificate
=
self
.
getManagedResource
(
'unknown_client_certificate'
,
CaucaseCertificate
)
unknown_client_certificate
.
request
(
'unknown client certificate'
,
another_unrelated_caucase
)
result
=
requests
.
get
(
balancer_url
,
headers
=
{
'X-Forwarded-For'
:
'1.2.3.4'
},
cert
=
(
unknown_client_certificate
.
cert_file
,
unknown_client_certificate
.
key_file
),
verify
=
False
,
).
json
()
self
.
assertNotIn
(
'x-fowarded-for'
,
[
k
.
lower
()
for
k
in
result
[
'Incoming Headers'
].
keys
()])
balancer_url
=
json
.
loads
(
self
.
computer_partition
.
getConnectionParameterDict
()[
'_'
])[
'default-auth'
]
with
self
.
assertRaisesRegex
(
Exception
,
"unknown ca"
):
requests
.
get
(
balancer_url
,
headers
=
{
'X-Forwarded-For'
:
'1.2.3.4'
},
cert
=
(
unknown_client_certificate
.
cert_file
,
unknown_client_certificate
.
key_file
),
verify
=
False
,
)
class
TestServerTLSProvidedCertificate
(
BalancerTestCase
):
"""Check that certificate and key can be provided as instance parameters.
...
...
software/kvm/instance-kvm-cluster-input-schema.json
View file @
9cf2c244
...
...
@@ -279,7 +279,6 @@
"default"
:
"virtio"
,
"enum"
:
[
"ide"
,
"scsi"
,
"sd"
,
"mtd"
,
"floppy"
,
...
...
software/kvm/instance-kvm-input-schema.json
View file @
9cf2c244
...
...
@@ -53,7 +53,6 @@
"default"
:
"virtio"
,
"enum"
:
[
"ide"
,
"scsi"
,
"sd"
,
"mtd"
,
"floppy"
,
...
...
software/mail-server/buildout.hash.cfg
View file @
9cf2c244
...
...
@@ -19,7 +19,7 @@ md5sum = 7ab3b606972e1b338d28fc1374617835
[template-default]
_update_hash_filename_ = instance-default.cfg.in
md5sum =
698104b7c3694a69575c965c21629f87
md5sum =
89a7224c3dd9356bf262100816b67f73
[dovecot.jinja2.conf]
_update_hash_filename_ = dovecot.jinja2.conf
...
...
software/mail-server/instance-default.cfg.in
View file @
9cf2c244
...
...
@@ -147,6 +147,10 @@ recipe = slapos.recipe.template
output = ${directory:bin}/${:_buildout_section_name_}
inline =
#!/bin/sh
# If master.pid contains PID of any running process
# dovecot will refuse to run. Only the pidfile provided
# by wrapper recipe should be used
rm -f var/run/dovecot/master.pid
{{ dovecot_binary }} -F -c ${dovecot-conf:output}
[dovecot-service]
...
...
@@ -170,6 +174,7 @@ recipe = slapos.recipe.template
output = ${directory:bin}/${:_buildout_section_name_}
inline =
#!/bin/sh
rm -f var/spool/postfix/pid/master.pid
${directory:usr-postfix}/libexec/postfix/master -c ${directory:etc-postfix}
[postfix-service]
...
...
software/monitor/test/test.py
View file @
9cf2c244
...
...
@@ -30,11 +30,13 @@ import glob
import
hashlib
import
json
import
os
import
psutil
import
re
import
requests
import
shutil
import
subprocess
import
tempfile
import
time
import
xml.etree.ElementTree
as
ET
from
cryptography
import
x509
from
cryptography.hazmat.backends
import
default_backend
...
...
@@ -75,6 +77,141 @@ class ServicesTestCase(SlapOSInstanceTestCase):
self
.
assertIn
(
expected_process_name
,
process_names
)
def
test_monitor_httpd_normal_reboot
(
self
):
# Start the monitor-httpd service
with
self
.
slap
.
instance_supervisor_rpc
as
supervisor
:
info
,
=
[
i
for
i
in
supervisor
.
getAllProcessInfo
()
if
(
'monitor-httpd'
in
i
[
'name'
])
and
(
'on-watch'
in
i
[
'name'
])]
partition
=
info
[
'group'
]
if
info
[
'statename'
]
!=
"RUNNING"
:
monitor_httpd_process_name
=
f"
{
info
[
'group'
]
}
:
{
info
[
'name'
]
}
"
supervisor
.
startProcess
(
monitor_httpd_process_name
)
for
_retries
in
range
(
20
):
time
.
sleep
(
1
)
info
,
=
[
i
for
i
in
supervisor
.
getAllProcessInfo
()
if
(
'monitor-httpd'
in
i
[
'name'
])
and
(
'on-watch'
in
i
[
'name'
])]
if
info
[
'statename'
]
==
"RUNNING"
:
break
else
:
self
.
fail
(
f"the supervisord service '
{
monitor_httpd_process_name
}
' is not running"
)
# Get the partition path
partition_path_list
=
glob
.
glob
(
os
.
path
.
join
(
self
.
slap
.
instance_directory
,
'*'
))
for
partition_path
in
partition_path_list
:
if
os
.
path
.
exists
(
os
.
path
.
join
(
partition_path
,
'etc'
,
'monitor-httpd.conf'
)):
self
.
partition_path
=
partition_path
break
# Make sure we are focusing the same httpd service
self
.
assertIn
(
partition
,
self
.
partition_path
)
# Get the monitor-httpd-service
monitor_httpd_service_path
=
glob
.
glob
(
os
.
path
.
join
(
self
.
partition_path
,
'etc'
,
'service'
,
'monitor-httpd*'
))[
0
]
try
:
output
=
subprocess
.
check_output
([
monitor_httpd_service_path
],
timeout
=
10
,
stderr
=
subprocess
.
STDOUT
,
text
=
True
)
# If the httpd-monitor service is running
# and the monitor-httpd.pid contains the identical PID as the servicse
# run the monitor-httpd service can cause the "already running" error correctly
self
.
assertIn
(
"already running"
,
output
)
except
subprocess
.
CalledProcessError
as
e
:
self
.
logger
.
debug
(
"Unexpected error when running the monitor-httpd service:"
,
e
)
self
.
fail
(
"Unexpected error when running the monitor-httpd service"
)
except
subprocess
.
TimeoutExpired
as
e
:
# Timeout means we run the httpd service corrrectly
# This is not the expected behaviour
self
.
logger
.
debug
(
"Unexpected behaviour: We are not suppose to be able to run the httpd service in the test:"
,
e
)
# Kill the process that we started manually
# Get the pid of the monitor_httpd from the PID file
monitor_httpd_pid_file
=
os
.
path
.
join
(
self
.
partition_path
,
'var'
,
'run'
,
'monitor-httpd.pid'
)
monitor_httpd_pid
=
""
if
os
.
path
.
exists
(
monitor_httpd_pid_file
):
with
open
(
monitor_httpd_pid_file
,
"r"
)
as
pid_file
:
monitor_httpd_pid
=
pid_file
.
read
()
try
:
pid_to_kill
=
monitor_httpd_pid
.
strip
(
'
\
n
'
)
subprocess
.
run
([
"kill"
,
"-9"
,
str
(
pid_to_kill
)],
check
=
True
)
self
.
logger
.
debug
(
f"Process with PID
{
pid_to_kill
}
killed."
)
except
subprocess
.
CalledProcessError
as
e
:
self
.
logger
.
debug
(
f"Error killing process with PID
{
pid_to_kill
}
:
{
e
}
"
)
self
.
fail
(
"Unexpected behaviour: We are not suppose to be able to run the httpd service in the test"
)
with
self
.
slap
.
instance_supervisor_rpc
as
supervisor
:
info
,
=
[
i
for
i
in
supervisor
.
getAllProcessInfo
()
if
(
'monitor-httpd'
in
i
[
'name'
])
and
(
'on-watch'
in
i
[
'name'
])]
partition
=
info
[
'group'
]
if
info
[
'statename'
]
==
"RUNNING"
:
monitor_httpd_process_name
=
f"
{
info
[
'group'
]
}
:
{
info
[
'name'
]
}
"
supervisor
.
stopProcess
(
monitor_httpd_process_name
)
def
test_monitor_httpd_crash_reboot
(
self
):
# Get the partition path
partition_path_list
=
glob
.
glob
(
os
.
path
.
join
(
self
.
slap
.
instance_directory
,
'*'
))
for
partition_path
in
partition_path_list
:
if
os
.
path
.
exists
(
os
.
path
.
join
(
partition_path
,
'etc'
,
'monitor-httpd.conf'
)):
self
.
partition_path
=
partition_path
break
# Get the pid file
monitor_httpd_pid_file
=
os
.
path
.
join
(
self
.
partition_path
,
'var'
,
'run'
,
'monitor-httpd.pid'
)
with
self
.
slap
.
instance_supervisor_rpc
as
supervisor
:
info
,
=
[
i
for
i
in
supervisor
.
getAllProcessInfo
()
if
(
'monitor-httpd'
in
i
[
'name'
])
and
(
'on-watch'
in
i
[
'name'
])]
if
info
[
'statename'
]
==
"RUNNING"
:
monitor_httpd_process_name
=
f"
{
info
[
'group'
]
}
:
{
info
[
'name'
]
}
"
supervisor
.
stopProcess
(
monitor_httpd_process_name
)
# Write the PID of the infinite process to the pid file.
with
open
(
monitor_httpd_pid_file
,
"w"
)
as
file
:
file
.
write
(
str
(
os
.
getpid
()))
# Get the monitor-httpd-service
monitor_httpd_service_path
=
glob
.
glob
(
os
.
path
.
join
(
self
.
partition_path
,
'etc'
,
'service'
,
'monitor-httpd*'
))[
0
]
monitor_httpd_service_is_running
=
False
# Create the subprocess
self
.
logger
.
debug
(
"Ready to run the process in crash reboot"
)
try
:
process
=
subprocess
.
Popen
(
monitor_httpd_service_path
,
stdout
=
subprocess
.
PIPE
,
stderr
=
subprocess
.
PIPE
,
text
=
True
)
stdout
,
stderr
=
''
,
''
try
:
# Wait for the process to finish, but with a timeout
stdout
,
stderr
=
process
.
communicate
(
timeout
=
3
)
self
.
logger
.
debug
(
"Communicated!"
)
except
subprocess
.
TimeoutExpired
:
monitor_httpd_service_is_running
=
True
# We didn't get any output within 3 seconds, this means everything is fine.
# If the process times out, terminate it
try
:
main_process
=
psutil
.
Process
(
process
.
pid
)
child_processes
=
main_process
.
children
(
recursive
=
True
)
for
process
in
child_processes
+
[
main_process
]:
process
.
terminate
()
psutil
.
wait_procs
(
child_processes
+
[
main_process
])
self
.
logger
.
debug
(
f"Processes with PID
{
process
.
pid
}
and its subprocesses terminated."
)
except
psutil
.
NoSuchProcess
as
e
:
# This print will generate ResourceWarningm but it is normal in Python 3
# See https://github.com/giampaolo/psutil/blob/master/psutil/tests/test_process.py#L1526
self
.
logger
.
debug
(
"No process found with PID: %s"
%
process
.
pid
)
# "httpd (pid 21934) already running" means we start httpd failed
if
"already running"
in
stdout
:
self
.
fail
(
"Unexepected output from the monitor-httpd process: %s"
%
stdout
)
raise
Exception
(
"Unexepected output from the monitor-httpd process: %s"
%
stdout
)
except
subprocess
.
CalledProcessError
as
e
:
self
.
logger
.
debug
(
"Unexpected error when running the monitor-httpd service:"
,
e
)
self
.
fail
(
"Unexpected error when running the monitor-httpd service"
)
self
.
assertTrue
(
monitor_httpd_service_is_running
)
class
MonitorTestMixin
:
monitor_setup_url_key
=
'monitor-setup-url'
...
...
software/osie-coupler/buildout.hash.cfg
View file @
9cf2c244
[instance-profile]
filename = instance.cfg.in
md5sum =
f622d8b6e8ce96c75316a856b26caf96
md5sum =
6610ce91964dda42edbcb5b7837777c2
software/osie-coupler/instance.cfg.in
View file @
9cf2c244
...
...
@@ -55,5 +55,4 @@ log = ${:var}/log
[publish-connection-parameter]
recipe = slapos.cookbook:publish
opc_ua_port = ${instance-parameter:configuration.opc_ua_port}
interface = ${instance-parameter:configuration.interface}
url-ipv6 = opc.tcp://[${instance-parameter:ipv6-random}]:${instance-parameter:configuration.opc_ua_port}
software/peertube/software.cfg
View file @
9cf2c244
...
...
@@ -43,8 +43,6 @@ parts =
gcc
unzip
curl
nodejs
yarn
openssl
python3
nginx
...
...
@@ -57,6 +55,8 @@ parts =
peertube-build
instance-profile
[nodejs]
<= nodejs-16.19.0
[peertube]
recipe = slapos.recipe.build:download-unpacked
...
...
software/rapid-cdn/buildout.hash.cfg
View file @
9cf2c244
...
...
@@ -22,7 +22,7 @@ md5sum = 5784bea3bd608913769ff9a8afcccb68
[profile-frontend]
filename = instance-frontend.cfg.in
md5sum =
5c2f79d0773bd8594ccf1c34a7d27d5
3
md5sum =
9a33900d735ef074b5887d61bca5424
3
[profile-master]
filename = instance-master.cfg.in
...
...
@@ -30,7 +30,7 @@ md5sum = 3006197ddce87bd92866b76b5ce8ce08
[profile-slave-list]
filename = instance-slave-list.cfg.in
md5sum =
8289620cb32dbdfcca6ba112c7ec7b2b
md5sum =
b75e42233c1b7bdd5f21971ed8907efc
[profile-master-publish-slave-information]
filename = instance-master-publish-slave-information.cfg.in
...
...
@@ -38,11 +38,11 @@ md5sum = cba4d995962f7fbeae3f61c9372c4181
[template-frontend-haproxy-configuration]
_update_hash_filename_ = templates/frontend-haproxy.cfg.in
md5sum =
eef9712c6fe4d62b570b9059157c67ea
md5sum =
fc68a825c656bde0ae69a936936b0478
[template-frontend-haproxy-crt-list]
_update_hash_filename_ = templates/frontend-haproxy-crt-list.in
md5sum = 2
38760d48d2875f087ad2d784e2a8fcd
md5sum = 2
f3f75773eb879b97d1ff5e04486591c
[template-not-found-html]
_update_hash_filename_ = templates/notfound.html
...
...
@@ -50,7 +50,7 @@ md5sum = d56e2cfab274cbbbe5b387f2f6e417df
[template-backend-haproxy-configuration]
_update_hash_filename_ = templates/backend-haproxy.cfg.in
md5sum =
b4b55d931249f11e4e1256afeb74b503
md5sum =
6457064905f818f21e3733eb4278a580
[template-empty]
_update_hash_filename_ = templates/empty.in
...
...
@@ -102,7 +102,7 @@ md5sum = e82ccdb0b26552a1c88ff523d8fae24a
[profile-kedifa]
filename = instance-kedifa.cfg.in
md5sum =
a9854d48e750b3599043715c95138d5d
md5sum =
669da915003122e48646dc75fec239a5
[template-frontend-haproxy-rsyslogd-conf]
_update_hash_filename_ = templates/frontend-haproxy-rsyslogd.conf.in
...
...
software/rapid-cdn/instance-frontend.cfg.in
View file @
9cf2c244
...
...
@@ -1105,12 +1105,16 @@ delaycompress =
url = {{ software_parameter_dict['template_wrapper'] }}
output = ${directory:scripts}/logrotate-setup-validate
command =
if ${logrotate:wrapper-path} -d > ${:state-file} 2>&1 ; then
if ${logrotate:wrapper-path} -d > ${:state-file
-tmp
} 2>&1 ; then
cat /dev/null > ${:state-file}
rm -f ${:state-file-tmp}
else
mv ${:state-file-tmp} ${:state-file}
fi
extra-context =
key content :command
state-file = ${directory:run}/logrotate-setup.state
state-file-tmp = ${:state-file}.tmp
[promise-logrotate-setup]
<= monitor-promise-base
...
...
software/rapid-cdn/instance-kedifa.cfg.in
View file @
9cf2c244
...
...
@@ -329,12 +329,16 @@ monitor-base-url = ${monitor-instance-parameter:monitor-base-url}
url = {{ software_parameter_dict['template_wrapper'] }}
output = ${directory:scripts}/logrotate-setup-validate
command =
if ${logrotate:wrapper-path} -d > ${:state-file} 2>&1 ; then
if ${logrotate:wrapper-path} -d > ${:state-file
-tmp
} 2>&1 ; then
cat /dev/null > ${:state-file}
rm -f ${:state-file-tmp}
else
mv ${:state-file-tmp} ${:state-file}
fi
extra-context =
key content :command
state-file = ${directory:run}/logrotate-setup.state
state-file-tmp = ${:state-file}.tmp
[promise-logrotate-setup]
<= monitor-promise-base
...
...
software/rapid-cdn/instance-slave-list.cfg.in
View file @
9cf2c244
{%- set kedifa_updater_mapping = [] %}
{%- set cached_server_dict = {} %}
{%- set backend_slave_
list = []
%}
{%- set frontend_slave_
list = []
%}
{%- set backend_slave_
dict = {}
%}
{%- set frontend_slave_
dict = {}
%}
{%- set part_list = [] %}
{%- set cache_port = frontend_haproxy_configuration.get('cache-port') %}
{%- set cache_access = "http://%s:%s/HTTP" % (instance_parameter_dict['ipv4-random'], cache_port) %}
...
...
@@ -228,7 +228,8 @@ context =
{%- do slave_publish_dict.__setitem__('url', "http://%s" % slave_instance.get('custom_domain')) %}
{%- do slave_publish_dict.__setitem__('site_url', "http://%s" % slave_instance.get('custom_domain')) %}
{%- do slave_publish_dict.__setitem__('secure_access', 'https://%s' % slave_instance.get('custom_domain')) %}
{%- set host_list = slave_instance.get('server-alias', '').split() %}
{%- do slave_instance.__setitem__('server-alias', slave_instance.get('server-alias', '').split()) %}
{%- set host_list = slave_instance['server-alias'] %}
{%- if slave_instance.get('custom_domain') not in host_list %}
{%- do host_list.append(slave_instance.get('custom_domain')) %}
{%- endif %}
...
...
@@ -385,9 +386,9 @@ local_ipv4 = {{ dumps('' ~ instance_parameter_dict['ipv4-random']) }}
{#- ############################### #}
{#- Prepare Slave Information #}
{%- do slave_instance_information_list.append(slave_publish_dict) %}
{%- do frontend_slave_
list.append(
slave_instance) %}
{%- do frontend_slave_
dict.__setitem__(slave_instance['slave_reference'],
slave_instance) %}
{%- if slave_type != 'redirect' %}
{%- do backend_slave_
list.append(
slave_instance) %}
{%- do backend_slave_
dict.__setitem__(slave_instance['slave_reference'],
slave_instance) %}
{%- endif %}
{%- endfor %} {# Slave iteration ends for slave_instance in slave_instance_list #}
...
...
@@ -477,14 +478,30 @@ output = ${:file}
##<Frontend haproxy>
[frontend-haproxy-slave-list]
list = {{ dumps(sorted(frontend_slave_list, key=operator_module.itemgetter('slave_reference'))) }}
dict = {{ dumps(frontend_slave_dict) }}
{%- set slave_instance_hostname_frontend_order = [] %}
{%- for slave_instance in frontend_slave_dict.values() %}
{%- for hostname in slave_instance['host_list'] %}
{%- if '*' in hostname %}
{%- set order_value = hostname.count('.') %}
{%- else %}
{%- set order_value = 1000 %}
{%- endif %}
{%- do slave_instance_hostname_frontend_order.append({
'index': order_value,
'hostname': hostname,
'slave_reference': slave_instance['slave_reference']}) %}
{%- endfor %}
{%- endfor %}
order = {{ dumps(slave_instance_hostname_frontend_order) }}
[frontend-haproxy-crt-list]
<= jinja2-template-base
template = {{ template_frontend_haproxy_crt_list }}
rendered = ${frontend-haproxy-config:crt-list}
extra-context =
key frontend_slave_list frontend-haproxy-slave-list:list
key frontend_slave_dict frontend-haproxy-slave-list:dict
key frontend_slave_order frontend-haproxy-slave-list:order
section configuration frontend-haproxy-config
[frontend-haproxy-configuration]
...
...
@@ -492,7 +509,8 @@ extra-context =
template = {{ template_frontend_haproxy_configuration }}
rendered = ${frontend-haproxy-config:file}
extra-context =
key frontend_slave_list frontend-haproxy-slave-list:list
key frontend_slave_dict frontend-haproxy-slave-list:dict
key frontend_slave_order frontend-haproxy-slave-list:order
key crt_list frontend-haproxy-crt-list:rendered
section configuration frontend-haproxy-config
...
...
@@ -512,9 +530,25 @@ autocert-directory = {{ frontend_directory['autocert'] }}
< = jinja2-template-base
url = {{ template_backend_haproxy_configuration }}
output = ${backend-haproxy-config:file}
backend_slave_list = {{ dumps(sorted(backend_slave_list, key=operator_module.itemgetter('slave_reference'))) }}
backend_slave_dict = {{ dumps(backend_slave_dict) }}
{%- set slave_instance_hostname_backend_order = [] %}
{%- for slave_instance in backend_slave_dict.values() %}
{%- for hostname in slave_instance['host_list'] %}
{%- if '*' in hostname %}
{%- set order_value = hostname.count('.') %}
{%- else %}
{%- set order_value = 1000 %}
{%- endif %}
{%- do slave_instance_hostname_backend_order.append({
'index': order_value,
'hostname': hostname,
'slave_reference': slave_instance['slave_reference']}) %}
{%- endfor %}
{%- endfor %}
order = {{ dumps(slave_instance_hostname_backend_order) }}
extra-context =
key backend_slave_list :backend_slave_list
key backend_slave_dict :backend_slave_dict
key backend_slave_order :order
section configuration backend-haproxy-config
[backend-haproxy-config]
...
...
software/rapid-cdn/software.cfg
View file @
9cf2c244
...
...
@@ -211,7 +211,7 @@ output = ${buildout:directory}/template-wrapper.cfg
<=download-template
[versions]
kedifa = 0.0.
6
kedifa = 0.0.
7
# Modern KeDiFa requires zc.lockfile
zc.lockfile = 1.4
...
...
software/rapid-cdn/templates/backend-haproxy.cfg.in
View file @
9cf2c244
...
...
@@ -17,30 +17,20 @@ defaults
default-server init-addr last,libc,none
{%- set SCHEME_PREFIX_MAPPING = { 'http': 'http_backend', 'https': 'https_backend'} %}
{%- macro frontend_entry(slave_instance, scheme, wildcard) %}
{#- wildcard switch allows to put dangerous entries in the end, as haproxy parses with first match #}
{%- macro frontend_entry(slave_reference, hostname, slave_instance, scheme) %}
{%- if slave_instance[SCHEME_PREFIX_MAPPING[scheme]]['hostname'] and slave_instance[SCHEME_PREFIX_MAPPING[scheme]]['port'] %}
{%- set matched = {'count': 0} %}
{%- for host in slave_instance['host_list'] %}
{#- Match up to the end or optional port (starting with ':') #}
{#- Please note that this matching is quite sensitive to changes and hard to test, so avoid needless changes #}
{%- if wildcard and host.startswith('*.') %}
{%- do matched.__setitem__('count', matched['count'] + 1) %}
# match wildcard {{ host }}
acl is_{{ slave_instance['slave_reference'] }}_{{ scheme }} hdr_reg(host) -i {{ host[2:] }}($|:.*)
{%- elif not wildcard and not host.startswith('*.') %}
{%- do matched.__setitem__('count', matched['count'] + 1) %}
acl is_{{ slave_instance['slave_reference'] }}_{{ scheme }} hdr_reg(host) -i ^{{ host }}($|:.*)
{%- if hostname.startswith('*') %}
{%- set matcher = '' ~ hostname[2:] ~ '$' %}
{%- else %}
{%- set matcher = '^' ~ hostname ~ '$' %}
{%- endif %}
{%- endfor %}
{%- if matched['count'] > 0 %}
{%- set acl = '{ req.hdr(host),host_only -m reg ' ~ matcher ~ ' }' %}
{%- if slave_instance[SCHEME_PREFIX_MAPPING[scheme]]['health-check-failover-hostname'] %}
acl is_failover_{{ slave_
instance['slave_reference'] }}_{{ scheme }} nbsrv({{ slave_instance['slave_reference']
}}-{{ scheme }}) eq 0
use_backend {{ slave_
instance['slave_reference'] }}-{{ scheme }} if is_{{ slave_instance['slave_reference'] }}_{{ scheme }} ! is_failover_{{ slave_instance['slave_reference']
}}_{{ scheme }}
use_backend {{ slave_
instance['slave_reference'] }}-{{ scheme }}-failover if is_{{ slave_instance['slave_reference'] }}_{{ scheme }} is_failover_{{ slave_instance['slave_reference']
}}_{{ scheme }}
acl is_failover_{{ slave_
reference }}_{{ scheme }} nbsrv({{ slave_reference
}}-{{ scheme }}) eq 0
use_backend {{ slave_
reference }}-{{ scheme }} if {{ acl }} ! is_failover_{{ slave_reference
}}_{{ scheme }}
use_backend {{ slave_
reference }}-{{ scheme }}-failover if {{ acl }} is_failover_{{ slave_reference
}}_{{ scheme }}
{%- else %}
use_backend {{ slave_instance['slave_reference'] }}-{{ scheme }} if is_{{ slave_instance['slave_reference'] }}_{{ scheme }}
{%- endif %}
use_backend {{ slave_reference }}-{{ scheme }} if {{ acl }}
{%- endif %}
{%- endif %}
{%- endmacro %}
...
...
@@ -62,11 +52,8 @@ frontend http-backend
http-response add-header Via "%HV rapid-cdn-backend-{{ configuration['node-id'] }}-{{ configuration['version-hash']}}"
# setup Date
http-response set-header Date %[date(),http_date] if ! { res.hdr(Date) -m found }
{%- for slave_instance in backend_slave_list -%}
{{ frontend_entry(slave_instance, 'http', False) }}
{%- endfor %}
{%- for slave_instance in backend_slave_list -%}
{{ frontend_entry(slave_instance, 'http', True) }}
{%- for entry in backend_slave_order | sort(attribute="index,hostname", reverse=True) %}
{{- frontend_entry(entry['slave_reference'], entry['hostname'], backend_slave_dict[entry['slave_reference']], 'http') -}}
{%- endfor %}
frontend https-backend
...
...
@@ -75,14 +62,12 @@ frontend https-backend
http-response add-header Via "%HV rapid-cdn-backend-{{ configuration['node-id'] }}-{{ configuration['version-hash']}}"
# setup Date
http-response set-header Date %[date(),http_date] if ! { res.hdr(Date) -m found }
{%- for
slave_instance in backend_slave_list -
%}
{{
frontend_entry(slave_instance, 'https', False)
}}
{%- for
entry in backend_slave_order | sort(attribute="index,hostname", reverse=True)
%}
{{
- frontend_entry(entry['slave_reference'], entry['hostname'], backend_slave_dict[entry['slave_reference']], 'https') -
}}
{%- endfor %}
{%- for slave_instance in backend_slave_list -%}
{{ frontend_entry(slave_instance, 'https', True) }}
{% endfor %}
{%- for slave_instance in backend_slave_list %}
{%- for slave_reference in sorted(backend_slave_dict) %}
{%- set slave_instance = backend_slave_dict[slave_reference] %}
{%- for (scheme, prefix) in SCHEME_PREFIX_MAPPING.items() %}
{%- set info_dict = slave_instance[prefix] %}
{%- if info_dict['hostname'] and info_dict['port'] %}
...
...
software/rapid-cdn/templates/frontend-haproxy-crt-list.in
View file @
9cf2c244
{%- for slave in frontend_slave_list %}
{%- for entry in frontend_slave_order | sort(attribute="index,hostname", reverse=True) %}
{%- set slave = frontend_slave_dict[entry['slave_reference']] %}
{%- set entry_list = [] %}
{%- set sslbindconf = [] %}
{#- <crtfile> #}
...
...
@@ -9,7 +10,7 @@
{%- do sslbindconf.append(slave['alpn']) %}
{%- do entry_list.append('[' + ' '.join(sslbindconf) + ']') %}
{#- <snifilter> #}
{%- do entry_list.
extend(slave['host_list
']) %}
{%- do entry_list.
append(entry['hostname
']) %}
{{- ' '.join(entry_list) }}
{% endfor -%}
# Fallback to default certificate
...
...
software/rapid-cdn/templates/frontend-haproxy.cfg.in
View file @
9cf2c244
...
...
@@ -23,30 +23,14 @@ defaults
default-server init-addr last,libc,none
{%- set SCHEME_PREFIX_MAPPING = { 'http': 'backend-http-info', 'https': 'backend-https-info'} %}
{%- macro frontend_entry(slave_instance, scheme, wildcard) %}
{#- wildcard switch allows to put dangerous entries in the end, as haproxy parses with first match #}
{#- if slave_instance[SCHEME_PREFIX_MAPPING[scheme]]['hostname'] and slave_instance[SCHEME_PREFIX_MAPPING[scheme]]['port'] #}
{%- set host_list = (slave_instance.get('server-alias') or '').split() %}
{%- if slave_instance.get('custom_domain') not in host_list %}
{%- do host_list.append(slave_instance.get('custom_domain')) %}
{%- endif %}
{%- set matched = {'count': 0} %}
{%- for host in host_list %}
{#- Match up to the end or optional port (starting with ':') #}
{#- Please note that this matching is quite sensitive to changes and hard to test, so avoid needless changes #}
{%- if wildcard and host.startswith('*.') %}
{%- do matched.__setitem__('count', matched['count'] + 1) %}
# match wildcard {{ host }}
acl is_{{ slave_instance['slave_reference'] }} hdr_reg(host) -i {{ host[2:] }}($|:.*)
{%- elif not wildcard and not host.startswith('*.') %}
{%- do matched.__setitem__('count', matched['count'] + 1) %}
acl is_{{ slave_instance['slave_reference'] }} hdr_reg(host) -i ^{{ host }}($|:.*)
{%- endif %}
{%- endfor %}
{%- if matched['count'] > 0 %}
use_backend {{ slave_instance['slave_reference'] }}-{{ scheme }} if is_{{ slave_instance['slave_reference'] }}
{%- macro frontend_entry(slave_reference, hostname, scheme) %}
{%- if hostname.startswith('*') %}
{%- set matcher = hostname[2:] %}
{%- else %}
{%- set matcher = '^' ~ hostname %}
{%- endif %}
{#- endif #
}
use_backend {{ slave_reference }}-{{ scheme }} if { req.hdr(host),host_only -m reg {{ matcher }}$
}
{%- endmacro %}
{%- macro frontend_common() %}
...
...
@@ -68,11 +52,8 @@ frontend http-frontend
bind {{ configuration['local-ipv4'] }}:{{ configuration['http-port'] }}
bind {{ configuration['global-ipv6'] }}:{{ configuration['http-port'] }}
{{ frontend_common() }}
{%- for slave_instance in frontend_slave_list -%}
{{ frontend_entry(slave_instance, 'http', False) }}
{%- endfor %}
{%- for slave_instance in frontend_slave_list -%}
{{ frontend_entry(slave_instance, 'http', True) }}
{%- for entry in frontend_slave_order | sort(attribute="index,hostname", reverse=True) %}
{{- frontend_entry(entry['slave_reference'], entry['hostname'], 'http') -}}
{%- endfor %}
default_backend BACKEND_NOT_FOUND
...
...
@@ -84,16 +65,14 @@ frontend https-frontend
bind quic6@{{ configuration['global-ipv6'] }}:{{ configuration['https-port'] }} ssl crt-list {{ crt_list }} alpn h3
{%- endif %}
{{ frontend_common() }}
{%- for slave_instance in frontend_slave_list -%}
{{ frontend_entry(slave_instance, 'https', False) }}
{%- endfor %}
{%- for slave_instance in frontend_slave_list -%}
{{ frontend_entry(slave_instance, 'https', True) }}
{%- for entry in frontend_slave_order | sort(attribute="index,hostname", reverse=True) %}
{{- frontend_entry(entry['slave_reference'], entry['hostname'], 'https') -}}
{%- endfor %}
default_backend BACKEND_NOT_FOUND
# Backends
{%- for slave_instance in frontend_slave_list %}
{%- for slave_reference in sorted(frontend_slave_dict) %}
{%- set slave_instance = frontend_slave_dict[slave_reference] %}
{%- for (scheme, prefix) in SCHEME_PREFIX_MAPPING.items() %}
{%- set info_dict = slave_instance.get(prefix, slave_instance.get('backend-http-info')) %}
backend {{ slave_instance['slave_reference'] }}-{{ scheme }}
...
...
@@ -189,7 +168,7 @@ backend {{ slave_instance['slave_reference'] }}-{{ scheme }}
{%- endif %} {# if 'hostname' in info_dict and 'port' in info_dict #}
{%- endif %} {# if scheme == 'http' and slave_instance['https-only'] #}
{%- endfor %} {# for (scheme, prefix) in SCHEME_PREFIX_MAPPING.items() #}
{%- endfor %} {# for slave_
instance in frontend_slave_list
#}
{%- endfor %} {# for slave_
reference in sorted(frontend_slave_dict)
#}
backend BACKEND_NOT_FOUND
{#- a bit hacky but working way to provide default CDN's 404 #}
...
...
software/rapid-cdn/test/test.py
View file @
9cf2c244
...
...
@@ -1292,7 +1292,9 @@ class SlaveHttpFrontendTestCase(HttpFrontendTestCase):
@
classmethod
def
requestSlaves
(
cls
):
for
slave_reference
,
partition_parameter_kw
in
list
(
# Note: List is sorted here, so that tests which want slaves
# ordered by their slave_reference are stable
for
slave_reference
,
partition_parameter_kw
in
sorted
(
cls
.
getSlaveParameterDictDict
().
items
()):
software_url
=
cls
.
getSoftwareURL
()
software_type
=
cls
.
getInstanceSoftwareType
()
...
...
@@ -6577,49 +6579,83 @@ class TestSlaveHostHaproxyClash(SlaveHttpFrontendTestCase, TestDataMixin):
@
classmethod
def
getSlaveParameterDictDict
(
cls
):
# Note:
The slaves are specifically constructed to have an order which
#
is triggering the problem. Slave list is sorted in many places,
#
and such slave configuration will result with them begin seen
#
by backend haproxy configuration in exactly the way seen below
#
Ordering it here will not help at all.
# Note:
Slave list is ordered by it's reference, so that requestSlaves
#
will result in an order, which will hit the bugs covered here:
#
* the most wildcard domain is requested first
#
* then the more specific wildcard comes
#
* in the end specific slaves are there
return
{
'wildcard'
:
{
'url'
:
cls
.
backend_url
+
'wildcard'
,
'01wildcard'
:
{
'url'
:
cls
.
backend_url
+
'01wildcard'
,
'custom_domain'
:
'*.example.com'
,
'server-alias'
:
'example.com'
,
},
'02wildcard'
:
{
'url'
:
cls
.
backend_url
+
'02wildcard'
,
'custom_domain'
:
'*.alias1.example.com'
,
'server-alias'
:
'alias1.example.com'
,
},
'zspecific'
:
{
'url'
:
cls
.
backend_url
+
'zspecific'
,
'03zspecific'
:
{
'url'
:
cls
.
backend_url
+
'03zspecific'
,
'custom_domain'
:
'zspecific.example.com'
,
},
'04zspecific'
:
{
'url'
:
cls
.
backend_url
+
'04zspecific'
,
'custom_domain'
:
'zspecific.alias1.example.com'
,
},
}
def
test
(
self
):
_
,
wildcard_key
,
_
,
wildcard_crt
=
createSelfSignedCertificate
([
'*.example.com'
])
_
,
wildcard_alias1_key
,
_
,
wildcard_alias1_crt
=
\
createSelfSignedCertificate
([
'*.alias1.example.com'
])
_
,
zspecific_key
,
_
,
zspecific_crt
=
createSelfSignedCertificate
([
'zspecific.example.com'
])
_
,
zspecific_alias1_key
,
_
,
zspecific_alias1_crt
=
\
createSelfSignedCertificate
([
'zspecific.alias1.example.com'
])
def
uploadCertificate
(
key
,
certificate
):
auth
=
mimikra
.
get
(
self
.
current_generate_auth
,
verify
=
self
.
kedifa_caucase_ca_certificate_file
)
self
.
assertEqual
(
http
.
client
.
CREATED
,
auth
.
status_code
)
data
=
certificate
+
key
upload
=
mimikra
.
put
(
self
.
current_upload_url
+
auth
.
text
,
data
=
data
,
verify
=
self
.
kedifa_caucase_ca_certificate_file
)
self
.
assertEqual
(
http
.
client
.
CREATED
,
upload
.
status_code
)
self
.
assertSlaveBase
(
'01wildcard'
,
hostname
=
'*'
)
uploadCertificate
(
wildcard_key
,
wildcard_crt
)
self
.
assertSlaveBase
(
'wildcard'
,
hostname
=
'*.alias1'
)
'02wildcard'
,
hostname
=
'*.alias1'
)
uploadCertificate
(
wildcard_alias1_key
,
wildcard_alias1_crt
)
self
.
assertSlaveBase
(
'zspecific'
,
hostname
=
'zspecific.alias1'
)
'03zspecific'
,
hostname
=
'zspecific'
)
uploadCertificate
(
zspecific_key
,
zspecific_crt
)
self
.
assertSlaveBase
(
'04zspecific'
,
hostname
=
'zspecific.alias1'
)
uploadCertificate
(
zspecific_alias1_key
,
zspecific_alias1_crt
)
self
.
runKedifaUpdater
()
def
assertResult
(
hostname
,
path
,
certificate
):
result_wildcard
=
fakeHTTPSResult
(
'other.alias1.example.com'
,
'test-path'
,
headers
=
{
'Timeout'
:
'10'
,
# more than default backend-connect-timeout == 5
'Accept-Encoding'
:
'gzip'
,
}
)
self
.
assertEqual
(
self
.
certificate_pem
,
result_wildcard
.
certificate
)
self
.
assertEqualResultJson
(
result_wildcard
,
'Path'
,
'/wildcard/test-path'
)
result_specific
=
fakeHTTPSResult
(
'zspecific.alias1.example.com'
,
hostname
,
'test-path'
,
headers
=
{
'Timeout'
:
'10'
,
# more than default backend-connect-timeout == 5
'Accept-Encoding'
:
'gzip'
,
}
)
self
.
assertEqual
(
self
.
certificate_pem
,
result_specific
.
certificate
)
self
.
assertEqualResultJson
(
result_specific
,
'Path'
,
'/zspecific/test-path'
)
self
.
assertEqual
(
certificate
,
result_wildcard
.
certificate
)
self
.
assertEqualResultJson
(
result_wildcard
,
'Path'
,
'/%s/test-path'
%
(
path
,))
assertResult
(
'www.example.com'
,
'01wildcard'
,
wildcard_crt
)
assertResult
(
'www.alias1.example.com'
,
'02wildcard'
,
wildcard_alias1_crt
)
assertResult
(
'zspecific.example.com'
,
'03zspecific'
,
zspecific_crt
)
assertResult
(
'zspecific.alias1.example.com'
,
'04zspecific'
,
zspecific_alias1_crt
)
class
TestPassedRequestParameter
(
HttpFrontendTestCase
):
...
...
software/rapid-cdn/test/test_data/test.TestEnableHttp2ByDefaultFalseSlave.test00cluster_request_instance_parameter_dict.txt
View file @
9cf2c244
This diff is collapsed.
Click to expand it.
software/rapid-cdn/test/test_data/test.TestSlave.test00cluster_request_instance_parameter_dict.txt
View file @
9cf2c244
This diff is collapsed.
Click to expand it.
software/rapid-cdn/test/test_data/test.TestSlaveHealthCheck.test00cluster_request_instance_parameter_dict.txt
View file @
9cf2c244
...
...
@@ -14,19 +14,6 @@
"slap_software_release_url": "@@00getSoftwareURL@@",
"slap_software_type": "RootSoftwareInstance",
"slave_instance_list": [
{
"slap_software_type": "RootSoftwareInstance",
"slave_reference": "_health-check-disabled",
"slave_title": "_health-check-disabled",
"url": "http://@@_ipv4_address@@:@@_server_http_port@@/"
},
{
"health-check": true,
"slap_software_type": "RootSoftwareInstance",
"slave_reference": "_health-check-default",
"slave_title": "_health-check-default",
"url": "http://@@_ipv4_address@@:@@_server_http_port@@/"
},
{
"health-check": true,
"health-check-http-method": "CONNECT",
...
...
@@ -49,6 +36,19 @@
"slave_title": "_health-check-custom",
"url": "http://@@_ipv4_address@@:@@_server_http_port@@/"
},
{
"health-check": true,
"slap_software_type": "RootSoftwareInstance",
"slave_reference": "_health-check-default",
"slave_title": "_health-check-default",
"url": "http://@@_ipv4_address@@:@@_server_http_port@@/"
},
{
"slap_software_type": "RootSoftwareInstance",
"slave_reference": "_health-check-disabled",
"slave_title": "_health-check-disabled",
"url": "http://@@_ipv4_address@@:@@_server_http_port@@/"
},
{
"enable_cache": true,
"health-check": true,
...
...
@@ -66,32 +66,32 @@
},
{
"health-check": true,
"health-check-
failover-https-url": "http://@@_ipv4_address@@:@@_server_http_port@@/failover-https-url?a=b&c="
,
"health-check-failover-
url": "http://@@_ipv4_address@@:@@_server_http_port@@/failover
-url?a=b&c=",
"health-check-failover-url
-netloc-list": "@@_ipv4_address@@:@@_server_netloc_a_http_port@@ @@_ipv4_address@@:@@_server_netloc_b_http_port@@
",
"health-check-http-path": "/health-check-failover-url",
"health-check-
authenticate-to-failover-backend": true
,
"health-check-failover-
https-url": "https://@@_ipv4_address@@:@@_server_https_auth_port@@/failover-https
-url?a=b&c=",
"health-check-failover-url
": "https://@@_ipv4_address@@:@@_server_https_auth_port@@/failover-url?a=b&c=
",
"health-check-http-path": "/health-check-failover-url
-auth-to-backend
",
"health-check-interval": 1,
"health-check-timeout": 1,
"https-only": false,
"https-url": "http://@@_ipv4_address@@:@@_server_http_port@@/https-url",
"slap_software_type": "RootSoftwareInstance",
"slave_reference": "_health-check-failover-url-
netloc-list
",
"slave_title": "_health-check-failover-url-
netloc-list
",
"slave_reference": "_health-check-failover-url-
auth-to-backend
",
"slave_title": "_health-check-failover-url-
auth-to-backend
",
"url": "http://@@_ipv4_address@@:@@_server_http_port@@/url"
},
{
"health-check": true,
"health-check-
authenticate-to-failover-backend": true
,
"health-check-failover-
https-url": "https://@@_ipv4_address@@:@@_server_https_auth_port@@/failover-https
-url?a=b&c=",
"health-check-failover-url
": "https://@@_ipv4_address@@:@@_server_https_auth_port@@/failover-url?a=b&c=
",
"health-check-http-path": "/health-check-failover-url
-auth-to-backend
",
"health-check-
failover-https-url": "http://@@_ipv4_address@@:@@_server_http_port@@/failover-https-url?a=b&c="
,
"health-check-failover-
url": "http://@@_ipv4_address@@:@@_server_http_port@@/failover
-url?a=b&c=",
"health-check-failover-url
-netloc-list": "@@_ipv4_address@@:@@_server_netloc_a_http_port@@ @@_ipv4_address@@:@@_server_netloc_b_http_port@@
",
"health-check-http-path": "/health-check-failover-url",
"health-check-interval": 1,
"health-check-timeout": 1,
"https-only": false,
"https-url": "http://@@_ipv4_address@@:@@_server_http_port@@/https-url",
"slap_software_type": "RootSoftwareInstance",
"slave_reference": "_health-check-failover-url-
auth-to-backend
",
"slave_title": "_health-check-failover-url-
auth-to-backend
",
"slave_reference": "_health-check-failover-url-
netloc-list
",
"slave_title": "_health-check-failover-url-
netloc-list
",
"url": "http://@@_ipv4_address@@:@@_server_http_port@@/url"
},
{
...
...
@@ -109,27 +109,27 @@
},
{
"health-check": true,
"health-check-failover-ssl-proxy-ca-crt": "@@another_server_ca.certificate_pem@@",
"health-check-failover-ssl-proxy-verify": true,
"health-check-failover-url": "https://@@_ipv4_address@@:@@_server_https_port@@/",
"health-check-http-path": "/health-check-failover-url-ssl-proxy-verify-
unverified
",
"health-check-http-path": "/health-check-failover-url-ssl-proxy-verify-
missing
",
"health-check-interval": 1,
"health-check-timeout": 1,
"slap_software_type": "RootSoftwareInstance",
"slave_reference": "_health-check-failover-url-ssl-proxy-verify-
unverified
",
"slave_title": "_health-check-failover-url-ssl-proxy-verify-
unverified
",
"slave_reference": "_health-check-failover-url-ssl-proxy-verify-
missing
",
"slave_title": "_health-check-failover-url-ssl-proxy-verify-
missing
",
"url": "http://@@_ipv4_address@@:@@_server_http_port@@/"
},
{
"health-check": true,
"health-check-failover-ssl-proxy-ca-crt": "@@another_server_ca.certificate_pem@@",
"health-check-failover-ssl-proxy-verify": true,
"health-check-failover-url": "https://@@_ipv4_address@@:@@_server_https_port@@/",
"health-check-http-path": "/health-check-failover-url-ssl-proxy-verify-
missing
",
"health-check-http-path": "/health-check-failover-url-ssl-proxy-verify-
unverified
",
"health-check-interval": 1,
"health-check-timeout": 1,
"slap_software_type": "RootSoftwareInstance",
"slave_reference": "_health-check-failover-url-ssl-proxy-verify-
missing
",
"slave_title": "_health-check-failover-url-ssl-proxy-verify-
missing
",
"slave_reference": "_health-check-failover-url-ssl-proxy-verify-
unverified
",
"slave_title": "_health-check-failover-url-ssl-proxy-verify-
unverified
",
"url": "http://@@_ipv4_address@@:@@_server_http_port@@/"
}
],
...
...
software/rapid-cdn/test/test_data/test.TestSlaveHostHaproxyClash.test00cluster_request_instance_parameter_dict.txt
View file @
9cf2c244
...
...
@@ -14,19 +14,35 @@
"slap_software_release_url": "@@00getSoftwareURL@@",
"slap_software_type": "RootSoftwareInstance",
"slave_instance_list": [
{
"custom_domain": "*.example.com",
"server-alias": "example.com",
"slap_software_type": "RootSoftwareInstance",
"slave_reference": "_01wildcard",
"slave_title": "_01wildcard",
"url": "http://@@_ipv4_address@@:@@_server_http_port@@/01wildcard"
},
{
"custom_domain": "*.alias1.example.com",
"server-alias": "alias1.example.com",
"slap_software_type": "RootSoftwareInstance",
"slave_reference": "_02wildcard",
"slave_title": "_02wildcard",
"url": "http://@@_ipv4_address@@:@@_server_http_port@@/02wildcard"
},
{
"custom_domain": "zspecific.example.com",
"slap_software_type": "RootSoftwareInstance",
"slave_reference": "_
wildcard
",
"slave_title": "_
wildcard
",
"url": "http://@@_ipv4_address@@:@@_server_http_port@@/
wildcard
"
"slave_reference": "_
03zspecific
",
"slave_title": "_
03zspecific
",
"url": "http://@@_ipv4_address@@:@@_server_http_port@@/
03zspecific
"
},
{
"custom_domain": "zspecific.alias1.example.com",
"slap_software_type": "RootSoftwareInstance",
"slave_reference": "_zspecific",
"slave_title": "_zspecific",
"url": "http://@@_ipv4_address@@:@@_server_http_port@@/zspecific"
"slave_reference": "_
04
zspecific",
"slave_title": "_
04
zspecific",
"url": "http://@@_ipv4_address@@:@@_server_http_port@@/
04
zspecific"
}
],
"timestamp": "@@TIMESTAMP@@"
...
...
@@ -41,15 +57,27 @@
"monitor-password": "@@monitor-password@@",
"monitor-username": "admin",
"slave-list": [
{
"custom_domain": "*.example.com",
"server-alias": "example.com",
"slave_reference": "_01wildcard",
"url": "http://@@_ipv4_address@@:@@_server_http_port@@/01wildcard"
},
{
"custom_domain": "*.alias1.example.com",
"slave_reference": "_wildcard",
"url": "http://@@_ipv4_address@@:@@_server_http_port@@/wildcard"
"server-alias": "alias1.example.com",
"slave_reference": "_02wildcard",
"url": "http://@@_ipv4_address@@:@@_server_http_port@@/02wildcard"
},
{
"custom_domain": "zspecific.example.com",
"slave_reference": "_03zspecific",
"url": "http://@@_ipv4_address@@:@@_server_http_port@@/03zspecific"
},
{
"custom_domain": "zspecific.alias1.example.com",
"slave_reference": "_zspecific",
"url": "http://@@_ipv4_address@@:@@_server_http_port@@/zspecific"
"slave_reference": "_
04
zspecific",
"url": "http://@@_ipv4_address@@:@@_server_http_port@@/
04
zspecific"
}
]
},
...
...
@@ -69,7 +97,7 @@
"cluster-identification": "testing partition 0",
"domain": "example.com",
"enable-http3": "false",
"extra_slave_instance_list": "[{\"custom_domain\": \"*.
alias1.example.com\", \"slave_reference\": \"_wildcard\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/wildcard\"}, {\"custom_domain\": \"zspecific.alias1.example.com\", \"slave_reference\": \"_zspecific\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/
zspecific\"}]",
"extra_slave_instance_list": "[{\"custom_domain\": \"*.
example.com\", \"server-alias\": \"example.com\", \"slave_reference\": \"_01wildcard\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/01wildcard\"}, {\"custom_domain\": \"*.alias1.example.com\", \"server-alias\": \"alias1.example.com\", \"slave_reference\": \"_02wildcard\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/02wildcard\"}, {\"custom_domain\": \"zspecific.example.com\", \"slave_reference\": \"_03zspecific\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/03zspecific\"}, {\"custom_domain\": \"zspecific.alias1.example.com\", \"slave_reference\": \"_04zspecific\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/04
zspecific\"}]",
"frontend-name": "caddy-frontend-1",
"http3-port": "443",
"kedifa-caucase-url": "http://[@@_ipv6_address@@]:15090",
...
...
@@ -81,7 +109,7 @@
"plain_http_port": "11080",
"port": "11443",
"request-timeout": "12",
"slave-kedifa-information": "{\"_
wildcard\": {\"kedifa-caucase-url\": \"http://[@@_ipv6_address@@]:15090\", \"key-download-url\": \"https://[@@_ipv6_address@@]:15080/@@wildcard_key-generate-auth-url@@\", \"key-generate-auth-url\": \"https://[@@_ipv6_address@@]:15080/@@wildcard_key-generate-auth-url@@/@@wildcard_key-upload-url@@\", \"key-upload-url\": \"https://[@@_ipv6_address@@]:15080/@@wildcard_key-generate-auth-url@@?auth=\"}, \"_zspecific\": {\"kedifa-caucase-url\": \"http://[@@_ipv6_address@@]:15090\", \"key-download-url\": \"https://[@@_ipv6_address@@]:15080/@@zspecific_key-generate-auth-url@@\", \"key-generate-auth-url\": \"https://[@@_ipv6_address@@]:15080/@@zspecific_key-generate-auth-url@@/@@wildcard_key-upload-url@@\", \"key-upload-url\": \"https://[@@_ipv6_address@@]:15080/@@
zspecific_key-generate-auth-url@@?auth=\"}}"
"slave-kedifa-information": "{\"_
01wildcard\": {\"kedifa-caucase-url\": \"http://[@@_ipv6_address@@]:15090\", \"key-download-url\": \"https://[@@_ipv6_address@@]:15080/@@01wildcard_key-generate-auth-url@@\", \"key-generate-auth-url\": \"https://[@@_ipv6_address@@]:15080/@@01wildcard_key-generate-auth-url@@/@@01wildcard_key-upload-url@@\", \"key-upload-url\": \"https://[@@_ipv6_address@@]:15080/@@01wildcard_key-generate-auth-url@@?auth=\"}, \"_02wildcard\": {\"kedifa-caucase-url\": \"http://[@@_ipv6_address@@]:15090\", \"key-download-url\": \"https://[@@_ipv6_address@@]:15080/@@02wildcard_key-generate-auth-url@@\", \"key-generate-auth-url\": \"https://[@@_ipv6_address@@]:15080/@@02wildcard_key-generate-auth-url@@/@@01wildcard_key-upload-url@@\", \"key-upload-url\": \"https://[@@_ipv6_address@@]:15080/@@02wildcard_key-generate-auth-url@@?auth=\"}, \"_03zspecific\": {\"kedifa-caucase-url\": \"http://[@@_ipv6_address@@]:15090\", \"key-download-url\": \"https://[@@_ipv6_address@@]:15080/@@03zspecific_key-generate-auth-url@@\", \"key-generate-auth-url\": \"https://[@@_ipv6_address@@]:15080/@@03zspecific_key-generate-auth-url@@/@@01wildcard_key-upload-url@@\", \"key-upload-url\": \"https://[@@_ipv6_address@@]:15080/@@03zspecific_key-generate-auth-url@@?auth=\"}, \"_04zspecific\": {\"kedifa-caucase-url\": \"http://[@@_ipv6_address@@]:15090\", \"key-download-url\": \"https://[@@_ipv6_address@@]:15080/@@04zspecific_key-generate-auth-url@@\", \"key-generate-auth-url\": \"https://[@@_ipv6_address@@]:15080/@@04zspecific_key-generate-auth-url@@/@@01wildcard_key-upload-url@@\", \"key-upload-url\": \"https://[@@_ipv6_address@@]:15080/@@04
zspecific_key-generate-auth-url@@?auth=\"}}"
},
"full_address_list": [],
"instance_title": "caddy-frontend-1",
...
...
software/rapid-cdn/test/test_data/test.TestSlaveHostHaproxyClash.test00file_list_log.txt
View file @
9cf2c244
...
...
@@ -8,12 +8,18 @@ T-1/var/log/monitor-httpd-error.log
T-2/var/log/backend-haproxy.log
T-2/var/log/expose-csr.log
T-2/var/log/frontend-haproxy.log
T-2/var/log/httpd/_wildcard_access_log
T-2/var/log/httpd/_wildcard_backend_log
T-2/var/log/httpd/_wildcard_frontend_log
T-2/var/log/httpd/_zspecific_access_log
T-2/var/log/httpd/_zspecific_backend_log
T-2/var/log/httpd/_zspecific_frontend_log
T-2/var/log/httpd/_01wildcard_access_log
T-2/var/log/httpd/_01wildcard_backend_log
T-2/var/log/httpd/_01wildcard_frontend_log
T-2/var/log/httpd/_02wildcard_access_log
T-2/var/log/httpd/_02wildcard_backend_log
T-2/var/log/httpd/_02wildcard_frontend_log
T-2/var/log/httpd/_03zspecific_access_log
T-2/var/log/httpd/_03zspecific_backend_log
T-2/var/log/httpd/_03zspecific_frontend_log
T-2/var/log/httpd/_04zspecific_access_log
T-2/var/log/httpd/_04zspecific_backend_log
T-2/var/log/httpd/_04zspecific_frontend_log
T-2/var/log/monitor-httpd-access.log
T-2/var/log/monitor-httpd-error.log
T-2/var/log/slave-introspection-access.log
...
...
software/rapid-cdn/test/test_data/test.TestSlaveHttp3.test00cluster_request_instance_parameter_dict.txt
View file @
9cf2c244
This diff is collapsed.
Click to expand it.
software/rapid-cdn/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibility.test00cluster_request_instance_parameter_dict.txt
View file @
9cf2c244
...
...
@@ -15,35 +15,6 @@
"slap_software_release_url": "@@00getSoftwareURL@@",
"slap_software_type": "RootSoftwareInstance",
"slave_instance_list": [
{
"enable_cache": true,
"slap_software_type": "RootSoftwareInstance",
"slave_reference": "_ssl_from_master",
"slave_title": "_ssl_from_master",
"url": "http://@@_ipv4_address@@:@@_server_http_port@@/"
},
{
"slap_software_type": "RootSoftwareInstance",
"slave_reference": "_ssl_from_master_kedifa_overrides",
"slave_title": "_ssl_from_master_kedifa_overrides",
"url": "http://@@_ipv4_address@@:@@_server_http_port@@/"
},
{
"slap_software_type": "RootSoftwareInstance",
"slave_reference": "_ssl_from_slave",
"slave_title": "_ssl_from_slave",
"ssl_crt": "@@ssl_from_slave_certificate_pem@@",
"ssl_key": "@@ssl_from_slave_key_pem@@",
"url": "http://@@_ipv4_address@@:@@_server_http_port@@/"
},
{
"slap_software_type": "RootSoftwareInstance",
"slave_reference": "_ssl_from_slave_kedifa_overrides",
"slave_title": "_ssl_from_slave_kedifa_overrides",
"ssl_crt": "@@ssl_from_slave_kedifa_overrides_certificate_pem@@",
"ssl_key": "@@ssl_from_slave_kedifa_overrides_key_pem@@",
"url": "http://@@_ipv4_address@@:@@_server_http_port@@/"
},
{
"custom_domain": "customdomainsslcrtsslkey.example.com",
"slap_software_type": "RootSoftwareInstance",
...
...
@@ -63,6 +34,15 @@
"ssl_key": "@@customdomain_ca_key_pem@@",
"url": "http://@@_ipv4_address@@:@@_server_http_port@@/"
},
{
"slap_software_type": "RootSoftwareInstance",
"slave_reference": "_ssl_ca_crt_does_not_match",
"slave_title": "_ssl_ca_crt_does_not_match",
"ssl_ca_crt": "@@ca.certificate_pem@@",
"ssl_crt": "@@certificate_pem@@",
"ssl_key": "@@key_pem@@",
"url": "http://@@_ipv4_address@@:@@_server_http_port@@/"
},
{
"slap_software_type": "RootSoftwareInstance",
"slave_reference": "_ssl_ca_crt_garbage",
...
...
@@ -73,12 +53,32 @@
"url": "http://@@_ipv4_address@@:@@_server_http_port@@/"
},
{
"enable_cache": true,
"slap_software_type": "RootSoftwareInstance",
"slave_reference": "_ssl_ca_crt_does_not_match",
"slave_title": "_ssl_ca_crt_does_not_match",
"ssl_ca_crt": "@@ca.certificate_pem@@",
"ssl_crt": "@@certificate_pem@@",
"ssl_key": "@@key_pem@@",
"slave_reference": "_ssl_from_master",
"slave_title": "_ssl_from_master",
"url": "http://@@_ipv4_address@@:@@_server_http_port@@/"
},
{
"slap_software_type": "RootSoftwareInstance",
"slave_reference": "_ssl_from_master_kedifa_overrides",
"slave_title": "_ssl_from_master_kedifa_overrides",
"url": "http://@@_ipv4_address@@:@@_server_http_port@@/"
},
{
"slap_software_type": "RootSoftwareInstance",
"slave_reference": "_ssl_from_slave",
"slave_title": "_ssl_from_slave",
"ssl_crt": "@@ssl_from_slave_certificate_pem@@",
"ssl_key": "@@ssl_from_slave_key_pem@@",
"url": "http://@@_ipv4_address@@:@@_server_http_port@@/"
},
{
"slap_software_type": "RootSoftwareInstance",
"slave_reference": "_ssl_from_slave_kedifa_overrides",
"slave_title": "_ssl_from_slave_kedifa_overrides",
"ssl_crt": "@@ssl_from_slave_kedifa_overrides_certificate_pem@@",
"ssl_key": "@@ssl_from_slave_kedifa_overrides_key_pem@@",
"url": "http://@@_ipv4_address@@:@@_server_http_port@@/"
},
{
...
...
@@ -90,17 +90,17 @@
},
{
"slap_software_type": "RootSoftwareInstance",
"slave_reference": "_type-notebook-ssl_from_slave",
"slave_title": "_type-notebook-ssl_from_slave",
"ssl_crt": "@@type_notebook_ssl_from_slave_certificate_pem@@",
"ssl_key": "@@type_notebook_ssl_from_slave_key_pem@@",
"slave_reference": "_type-notebook-ssl_from_master_kedifa_overrides",
"slave_title": "_type-notebook-ssl_from_master_kedifa_overrides",
"type": "notebook",
"url": "http://@@_ipv4_address@@:@@_server_http_port@@/"
},
{
"slap_software_type": "RootSoftwareInstance",
"slave_reference": "_type-notebook-ssl_from_master_kedifa_overrides",
"slave_title": "_type-notebook-ssl_from_master_kedifa_overrides",
"slave_reference": "_type-notebook-ssl_from_slave",
"slave_title": "_type-notebook-ssl_from_slave",
"ssl_crt": "@@type_notebook_ssl_from_slave_certificate_pem@@",
"ssl_key": "@@type_notebook_ssl_from_slave_key_pem@@",
"type": "notebook",
"url": "http://@@_ipv4_address@@:@@_server_http_port@@/"
},
...
...
software/re6stnet/buildout.hash.cfg
View file @
9cf2c244
...
...
@@ -18,7 +18,7 @@ md5sum = 7be0c21751f8385ef876c3d7192d4057
[template-re6stnet]
filename = instance-re6stnet.cfg.in
md5sum =
84320356634f8d241fc827683d211bb8
md5sum =
01da4462b5e20cab73b87e7415f7483d
[template-apache-conf]
filename = apache.conf.in
...
...
software/re6stnet/instance-re6stnet.cfg.in
View file @
9cf2c244
...
...
@@ -107,6 +107,7 @@ recipe = slapos.cookbook:wrapper
wrapper-path = ${directory:services}/re6st-registry
pidfile = ${directory:run}/registry.pid
command-line = {{ bin_directory }}/re6st-registry @${re6st-registry-conf:output}
hash-files = ${re6st-registry-conf:output}
[cron-entry-re6st-backup]
recipe = slapos.cookbook:cron.d
...
...
software/slapos-sr-testing/software.cfg
View file @
9cf2c244
...
...
@@ -23,7 +23,7 @@ extends =
parts =
eggs/scripts
python2.7
-disabled
system-python
-disabled
slapos-cookbook
template
...
...
@@ -272,8 +272,8 @@ branch = master
egg = slapos.core
setup = ${slapos.core-repository:location}
[
python2.7
-disabled]
# An "intentionally broken" python
2
command that should catch
[
system-python
-disabled]
# An "intentionally broken" python command that should catch
# accidental usage of things like #!/usr/bin/env python2
recipe = zc.recipe.egg
# we need an egg to generate a script, use the one from this part's recipe
...
...
@@ -286,10 +286,11 @@ entry-points =
scripts =
python
python2
python3
python2.7
initialization =
import sys
print("Error: attempt to use system python
2
", file=sys.stderr)
print("Error: attempt to use system python", file=sys.stderr)
sys.exit(2)
[recurls-repository]
...
...
@@ -314,19 +315,66 @@ eggs +=
erp5.util
${python-pynacl:egg}
${python-cryptography:egg}
${python-mysqlclient:egg}
${backports.lzma:egg}
${bcrypt:egg}
${psycopg2:egg}
${selenium:egg}
slapos.libnetworkcache
supervisor
${slapos.cookbook-setup:egg}
${slapos.test.backupserver-setup:egg}
${slapos.test.beremiz-ide-setup:egg}
${slapos.test.caucase-setup:egg}
${slapos.test.cloudooo-setup:egg}
${slapos.test.dream-setup:egg}
${slapos.test.dufs-setup:egg}
${slapos.test.erp5-setup:egg}
${slapos.test.erp5testnode-setup:egg}
${slapos.test.fluentd-setup:egg}
${slapos.test.galene-setup:egg}
${slapos.test.headless-chromium-setup:egg}
${slapos.test.html5as-base-setup:egg}
${slapos.test.html5as-setup:egg}
${slapos.test.htmlvalidatorserver-setup:egg}
${slapos.test.hugo-setup:egg}
${slapos.test.js-drone-setup:egg}
${slapos.test.jscrawler-setup:egg}
${slapos.test.jstestnode-setup:egg}
${slapos.test.jupyter-setup:egg}
${slapos.test.kvm-setup:egg}
${slapos.test.matomo-setup:egg}
${slapos.test.metabase-setup:egg}
${slapos.test.monitor-setup:egg}
${slapos.test.mosquitto-setup:egg}
${slapos.test.nextcloud-setup:egg}
${slapos.test.nginx-push-stream-setup:egg}
${slapos.test.ors-amarisoft-setup:egg}
${slapos.test.osie-coupler-setup:egg}
${slapos.test.peertube-setup:egg}
${slapos.test.plantuml-setup:egg}
${slapos.test.powerdns-setup:egg}
${slapos.test.proftpd-setup:egg}
${slapos.test.rapid-cdn-setup:egg}
${slapos.test.re6stnet-setup:egg}
${slapos.test.repman-setup:egg}
${slapos.test.restic_rest_server-setup:egg}
${slapos.test.seleniumserver-setup:egg}
${slapos.test.slapos-master-setup:egg}
${slapos.test.ssh-setup:egg}
${slapos.test.theia-setup:egg}
${slapos.test.turnserver-setup:egg}
${slapos.test.upgrade_erp5-setup:egg}
# We don't name this interpreter `python`, so that when we run slapos node
# software, installation scripts running `python` use a python without any
# custom eggs pre-installed, not our special python interpreter.
interpreter = python_for_test
#
#
patches for eggs
#
patch-binary = ${patch:location}/bin/patch
#
PyPDF2-patches = ${:_profile_base_location_}/../../component/egg-patch/PyPDF2/0001-Custom-implementation-of-warnings.formatwarning-remo.patch#d25bb0f5dde7f3337a0a50c2f986f5c8
#
PyPDF2-patch-options = -p1
# patches for eggs
patch-binary = ${patch:location}/bin/patch
PyPDF2-patches = ${:_profile_base_location_}/../../component/egg-patch/PyPDF2/0001-Custom-implementation-of-warnings.formatwarning-remo.patch#d25bb0f5dde7f3337a0a50c2f986f5c8
PyPDF2-patch-options = -p1
[eggs/scripts]
recipe = zc.recipe.egg
...
...
@@ -364,7 +412,52 @@ context =
key tests :tests
tests =
json-schemas ${slapos.cookbook-setup:setup}
backupserver ${slapos.test.backupserver-setup:setup}
beremiz-ide ${slapos.test.beremiz-ide-setup:setup}
caucase ${slapos.test.caucase-setup:setup}
cloudooo ${slapos.test.cloudooo-setup:setup}
dream ${slapos.test.dream-setup:setup}
dufs ${slapos.test.dufs-setup:setup}
erp5 ${slapos.test.erp5-setup:setup}
erp5testnode ${slapos.test.erp5testnode-setup:setup}
fluentd ${slapos.test.fluentd-setup:setup}
galene ${slapos.test.galene-setup:setup}
gitlab ${slapos.test.gitlab-setup:setup}
grafana ${slapos.test.grafana-setup:setup}
headless-chromium ${slapos.test.headless-chromium-setup:setup}
helloworld ${slapos.test.helloworld-setup:setup}
html5as ${slapos.test.html5as-setup:setup}
html5as-base ${slapos.test.html5as-base-setup:setup}
htmlvalidatorserver ${slapos.test.htmlvalidatorserver-setup:setup}
hugo ${slapos.test.hugo-setup:setup}
js-drone ${slapos.test.js-drone-setup:setup}
jscrawler ${slapos.test.jscrawler-setup:setup}
jstestnode ${slapos.test.jstestnode-setup:setup}
jupyter ${slapos.test.jupyter-setup:setup}
kvm ${slapos.test.kvm-setup:setup}
matomo ${slapos.test.matomo-setup:setup}
metabase ${slapos.test.metabase-setup:setup}
monitor ${slapos.test.monitor-setup:setup}
mosquitto ${slapos.test.mosquitto-setup:setup}
nextcloud ${slapos.test.nextcloud-setup:setup}
nginx-push-stream ${slapos.test.nginx-push-stream-setup:setup}
ors-amarisoft ${slapos.test.ors-amarisoft-setup:setup}
osie-coupler ${slapos.test.osie-coupler-setup:setup}
peertube ${slapos.test.peertube-setup:setup}
plantuml ${slapos.test.plantuml-setup:setup}
powerdns ${slapos.test.powerdns-setup:setup}
proftpd ${slapos.test.proftpd-setup:setup}
rapid-cdn ${slapos.test.rapid-cdn-setup:setup}
re6stnet ${slapos.test.re6stnet-setup:setup}
repman ${slapos.test.repman-setup:setup}
restic-rest-server ${slapos.test.restic_rest_server-setup:setup}
seleniumserver ${slapos.test.seleniumserver-setup:setup}
slapos-master ${slapos.test.slapos-master-setup:setup}
ssh ${slapos.test.ssh-setup:setup}
theia ${slapos.test.theia-setup:setup}
turnserver ${slapos.test.turnserver-setup:setup}
upgrade_erp5 ${slapos.test.upgrade_erp5-setup:setup}
[versions]
# recurls are under development
...
...
software/theia/buildout.hash.cfg
View file @
9cf2c244
...
...
@@ -15,7 +15,7 @@
[instance-theia]
_update_hash_filename_ = instance-theia.cfg.jinja.in
md5sum =
c484bba770c6404ba0a5b2a958b07a68
md5sum =
b31e74f018ae92607f4ff63984b33c7a
[instance]
_update_hash_filename_ = instance.cfg.in
...
...
software/theia/instance-theia.cfg.jinja.in
View file @
9cf2c244
...
...
@@ -260,15 +260,18 @@ content =
frontend app
log global
bind $${:ip}:$${:port} ssl crt $${frontend-instance-certificate:cert-file} alpn h2,http/1.1
# writing twice the same ACL is doing OR
acl is_public path_beg /public/
acl is_public path /$${frontend-instance-favicon.ico:filename}
acl is_public path /$${frontend-instance-theia.webmanifest:filename}
acl is_public path /$${frontend-instance-theia-serviceworker.js:filename}
acl auth_ok http_auth(basic-auth-list)
# writing twice the same ACL is doing OR
acl is_static path_beg /$${frontend-instance-fonts:folder-name}
acl is_static path_beg /$${frontend-instance-slapos.css:folder-name}
acl is_static path /$${frontend-instance-logo:filename}
acl is_static path /$${frontend-instance-favicon.ico:filename}
acl is_static path /$${frontend-instance-theia.webmanifest:filename}
acl is_static path /$${frontend-instance-theia-serviceworker.js:filename}
# No authentication for public folder
http-request auth unless auth_ok || is_public
use_backend static if
{ path_beg /$${frontend-instance-fonts:folder-name} } || { path_beg /$${frontend-instance-slapos.css:folder-name} } || { path /$${frontend-instance-logo:filename} }
|| is_public
use_backend static if
is_static
|| is_public
default_backend nodejs
backend nodejs
...
...
software/theia/test/test.py
View file @
9cf2c244
...
...
@@ -161,10 +161,22 @@ class TestTheia(TheiaTestCase):
self
.
assertIn
(
'test_file'
,
get
(
'/public/'
))
self
.
assertEqual
(
'hello'
,
get
(
'/public/test_file'
))
# there's a (not empty) favicon (no need for authentication)
resp
=
self
.
get
(
urljoin
(
url
,
'/favicon.ico'
))
# favicon is not empty
self
.
get
(
urljoin
(
url
,
'/favicon.ico'
),
requests
.
codes
.
unauthorized
)
resp
=
self
.
get
(
urljoin
(
authenticated_url
,
'/favicon.ico'
))
resp
.
raise_for_status
()
self
.
assertTrue
(
resp
.
raw
)
self
.
get
(
urljoin
(
url
,
'/theia-serviceworker.js'
),
requests
.
codes
.
unauthorized
)
resp
=
self
.
get
(
urljoin
(
authenticated_url
,
'/theia-serviceworker.js'
))
resp
.
raise_for_status
()
self
.
assertTrue
(
resp
.
raw
)
self
.
get
(
urljoin
(
url
,
'/theia.webmanifest'
),
requests
.
codes
.
unauthorized
)
resp
=
self
.
get
(
urljoin
(
authenticated_url
,
'/theia.webmanifest'
))
resp
.
raise_for_status
()
self
.
assertIn
(
'Theia SlapOS'
,
resp
.
text
)
# there is a CSS referencing fonts
css_text
=
self
.
get
(
urljoin
(
authenticated_url
,
'/css/slapos.css'
)).
text
css_urls
=
re
.
findall
(
r'url\
([
\'"]+([^
\
)]+)[
\
'"
]
+
\
)
', css_text)
...
...
stack/erp5-zope2/buildout.cfg
View file @
9cf2c244
...
...
@@ -15,7 +15,6 @@ extends =
../../component/socat/buildout.cfg
../../component/rsyslogd/buildout.cfg
../../component/findutils/buildout.cfg
../../component/librsvg/buildout.cfg
../../component/imagemagick/buildout.cfg
../../component/jpegoptim/buildout.cfg
../../component/kumo/buildout.cfg
...
...
@@ -260,7 +259,6 @@ link-binary =
${imagemagick:location}/bin/identify
${jpegoptim:location}/bin/jpegoptim
${jsl:location}/bin/jsl
${librsvg:location}/bin/rsvg-convert
${mariadb:location}/bin/mysql
${mariadb:location}/bin/mysqldump
${openssl:location}/bin/openssl
...
...
stack/erp5-zope2/buildout.hash.cfg
View file @
9cf2c244
...
...
@@ -42,7 +42,7 @@ md5sum = 43556e5bca8336dd543ae8068512aa6d
[template-my-cnf]
filename = my.cnf.in
md5sum =
c0bde08ec6bd6d333315a15026266b65
md5sum =
2c553103f1196f95e4b6d0716a1e0638
[template-mariadb-initial-setup]
filename = mariadb_initial_setup.sql.in
...
...
stack/erp5-zope2/my.cnf.in
View file @
9cf2c244
...
...
@@ -50,6 +50,10 @@ max_connections = {{ parameter_dict['max-connection-count'] }}
# doesn't use "insert ... select" (in any number of queries) pattern.
innodb_locks_unsafe_for_binlog = 1
# disable innodb_change_buffering to prevent potential risk of crash or data corruption,
# that is default from 10.5.14.
innodb_change_buffering = none
{% set log_bin = parameter_dict['binlog-path'] -%}
{% if log_bin -%}
log_bin = {{ log_bin }}
...
...
@@ -74,6 +78,7 @@ relay-log = mariadb-relay-bin
{{x}}innodb_flush_log_at_trx_commit = 0
{{x}}innodb_flush_method = nosync
{{x}}innodb_doublewrite = 0
{{x}}innodb_change_buffering = all
{{x}}sync_frm = 0
character_set_server = {{ parameter_dict['character-set-server'] }}
...
...
stack/erp5/buildout.cfg
View file @
9cf2c244
...
...
@@ -2,7 +2,7 @@
extends =
# versions pins from zope, vendored with:
# curl https://zopefoundation.github.io/Zope/releases/4.8.
8
/versions-prod.cfg > zope-versions.cfg
# curl https://zopefoundation.github.io/Zope/releases/4.8.
9
/versions-prod.cfg > zope-versions.cfg
# When updating, keep in mind that some versions are defined in other places,
# for example component/ZEO , component/ZODB and stack/slapos
zope-versions.cfg
...
...
@@ -18,7 +18,6 @@ extends =
../../component/socat/buildout.cfg
../../component/rsyslogd/buildout.cfg
../../component/findutils/buildout.cfg
../../component/librsvg/buildout.cfg
../../component/imagemagick/buildout.cfg
../../component/jpegoptim/buildout.cfg
../../component/kumo/buildout.cfg
...
...
@@ -263,7 +262,6 @@ link-binary =
${imagemagick:location}/bin/identify
${jpegoptim:location}/bin/jpegoptim
${jsl:location}/bin/jsl
${librsvg:location}/bin/rsvg-convert
${mariadb:location}/bin/mysql
${mariadb:location}/bin/mysqldump
${openssl:location}/bin/openssl
...
...
@@ -709,6 +707,9 @@ waitress-patches =
${:_profile_base_location_}/../../component/egg-patch/waitress/CVE-2022-24761-5.patch#ad2765822397cd1e28e02a68a52d7768
${:_profile_base_location_}/../../component/egg-patch/waitress/CVE-2022-24761-6.patch#85fc9c4105eabee3ff71c800b2ddf63b
waitress-patch-options = -p1
Zope-patches =
${:_profile_base_location_}/../../component/egg-patch/Zope/0001-WSGIPublisher-set-REMOTE_USER-even-in-case-of-error-.patch#a437f4da28975f94dd07db0b02954111
Zope-patch-options = -p1
# neoppod installs bin/coverage so we inject erp5 plugin here so that coverage script can use it in report
[neoppod]
...
...
@@ -743,11 +744,12 @@ depends =
Acquisition = 4.7+SlapOSPatched001
Products.DCWorkflow = 2.4.1+SlapOSPatched001
ocropy = 1.0+SlapOSPatched001
PyPDF2 = 1.26.0+SlapOSPatched001
pysvn = 1.9.15+SlapOSPatched001
python-ldap = 2.4.32+SlapOSPatched001
python-magic = 0.4.12+SlapOSPatched001
PyPDF2 = 1.26.0+SlapOSPatched001
waitress = 1.4.4+SlapOSPatched006
Zope = 4.8.9+SlapOSPatched001
## https://lab.nexedi.com/nexedi/slapos/merge_requests/648
pylint = 1.4.4+SlapOSPatched002
# astroid 1.4.1 breaks testDynamicClassGeneration
...
...
@@ -810,7 +812,7 @@ Products.GenericSetup = 2.3.0
Products.MailHost = 4.13
Products.MimetypesRegistry = 2.1.8
Products.PluggableAuthService = 2.8.1
Products.PluginRegistry = 1.
6
Products.PluginRegistry = 1.
11
Products.PythonScripts = 4.15
Products.Sessions = 4.15
Products.SiteErrorLog = 5.7
...
...
stack/erp5/buildout.hash.cfg
View file @
9cf2c244
...
...
@@ -42,7 +42,7 @@ md5sum = f45dc4568b63de39f49b8fecca5deef1
[template-my-cnf]
filename = my.cnf.in
md5sum =
c0bde08ec6bd6d333315a15026266b65
md5sum =
2c553103f1196f95e4b6d0716a1e0638
[template-mariadb-initial-setup]
filename = mariadb_initial_setup.sql.in
...
...
@@ -94,7 +94,7 @@ md5sum = b0751d3d12cfcc8934cb1027190f5e5e
[template-haproxy-cfg]
filename = haproxy.cfg.in
md5sum =
1645ef8990ab2b50f91a4c02f0cf8882
md5sum =
85a8c0dadf7b648ef9748b6199dcfeb6
[template-rsyslogd-cfg]
filename = rsyslogd.cfg.in
...
...
stack/erp5/haproxy.cfg.in
View file @
9cf2c244
...
...
@@ -154,7 +154,7 @@ defaults
{% for name, (port, _, certificate_authentication, timeout, backend_list) in sorted(six.iteritems(parameter_dict['backend-dict'])) -%}
listen family_{{ name }}
{%- if parameter_dict.get('ca-cert') -%}
{%- set ssl_auth = ' ca-file ' ~ parameter_dict['ca-cert'] ~ ' verify' ~ ( ' required' if certificate_authentication else ' optional' ) ~ ' crl-file ' ~ parameter_dict['crl'] %}
{%- set ssl_auth = ' ca-file ' ~ parameter_dict['ca-cert'] ~ ' verify' ~ ( ' required' if certificate_authentication else ' optional
crt-ignore-err all
' ) ~ ' crl-file ' ~ parameter_dict['crl'] %}
{%- else %}
{%- set ssl_auth = '' %}
{%- endif %}
...
...
@@ -173,11 +173,10 @@ listen family_{{ name }}
{%- endif %}
# remove X-Forwarded-For unless client presented a verified certificate
acl client_cert_verified ssl_c_used ssl_c_verify 0
http-request del-header X-Forwarded-For unless client_cert_verified
http-request del-header X-Forwarded-For unless { ssl_c_verify 0 } { ssl_c_used 1 }
# set Remote-User if client presented a verified certificate
http-request del-header Remote-User
http-request set-header Remote-User %{+Q}[ssl_c_s_dn(cn)] if
client_cert_verified
http-request set-header Remote-User %{+Q}[ssl_c_s_dn(cn)] if
{ ssl_c_verify 0 } { ssl_c_used 1 }
# logs
capture request header Referer len 512
...
...
stack/erp5/my.cnf.in
View file @
9cf2c244
...
...
@@ -50,6 +50,10 @@ max_connections = {{ parameter_dict['max-connection-count'] }}
# doesn't use "insert ... select" (in any number of queries) pattern.
innodb_locks_unsafe_for_binlog = 1
# disable innodb_change_buffering to prevent potential risk of crash or data corruption,
# that is default from 10.5.14.
innodb_change_buffering = none
{% set log_bin = parameter_dict['binlog-path'] -%}
{% if log_bin -%}
log_bin = {{ log_bin }}
...
...
@@ -74,6 +78,7 @@ relay-log = mariadb-relay-bin
{{x}}innodb_flush_log_at_trx_commit = 0
{{x}}innodb_flush_method = nosync
{{x}}innodb_doublewrite = 0
{{x}}innodb_change_buffering = all
{{x}}sync_frm = 0
character_set_server = {{ parameter_dict['character-set-server'] }}
...
...
stack/erp5/zope-versions.cfg
View file @
9cf2c244
...
...
@@ -2,10 +2,10 @@
# Version pins for required and commonly used dependencies.
[versions]
Zope = 4.8.
8
Zope = 4.8.
9
Zope2 = 4.0
# AccessControl 5+ no longer supports Zope 4.
AccessControl = 4.
3
AccessControl = 4.
4
Acquisition = 4.13
AuthEncoding = 4.3
BTrees = 4.11.3
...
...
@@ -23,7 +23,7 @@ Products.BTreeFolder2 = 4.4
Products.ZCatalog = 5.4
Record = 3.6
# RestrictedPython >= 6 no longer supports Zope 4
RestrictedPython = 5.
2
RestrictedPython = 5.
4
WSGIProxy2 = 0.5.1
WebOb = 1.8.7
WebTest = 3.0.0
...
...
@@ -59,7 +59,7 @@ zope.cachedescriptors = 4.4
zope.component = 5.0.1
zope.componentvocabulary = 2.3.0
zope.configuration = 4.4.1
zope.container =
4.10
zope.container =
5.1
zope.contentprovider = 4.2.1
zope.contenttype = 4.6
zope.datetime = 4.3.0
...
...
@@ -119,6 +119,8 @@ multipart = 0.1.1
waitress = 1.4.4
# zope.dottedname >= 5 requires Python 3.6 or higher
zope.dottedname = 4.3
# zope.container 5.x requires Python 3.7 or higher
zope.container = 4.10
[versions:python35]
# DocumentTemplate 4+ cannot be installed on Zope 4 for Python 3.5
...
...
@@ -135,6 +137,8 @@ mock = 3.0.5
waitress = 1.4.4
# zope.dottedname >= 5 requires Python 3.6 or higher
zope.dottedname = 4.3
# zope.container 5.x requires Python 3.7 or higher
zope.container = 4.10
[versions:python36]
# PasteDeploy >3 requires Python 3.7
...
...
@@ -143,3 +147,5 @@ PasteDeploy = 2.1.1
WSGIProxy2 = 0.4.6
# waitress 2.1 requires Python 3.7 or higher
waitress = 2.0.0
# zope.container 5.x requires Python 3.7 or higher
zope.container = 4.10
stack/monitor/buildout.cfg
View file @
9cf2c244
...
...
@@ -51,6 +51,10 @@ filename = monitor.conf.in
[monitor-httpd-cors]
<= monitor-download-base
filename = httpd-cors.cfg.in
[template-monitor-httpd-wrapper]
<= monitor-download-base
filename = template-monitor-httpd-wrapper.sh.in
# End templates files
[monitor-template]
...
...
@@ -82,6 +86,7 @@ context =
raw python_executable ${buildout:executable}
raw python_with_eggs ${buildout:bin-directory}/${monitor-eggs:interpreter}
raw template_wrapper ${monitor-template-wrapper:location}/${monitor-template-wrapper:filename}
raw template_monitor_httpd_wrapper ${template-monitor-httpd-wrapper:location}/${template-monitor-httpd-wrapper:filename}
raw check_disk_space ${buildout:bin-directory}/check-free-disk
raw bin_directory ${buildout:directory}/bin
...
...
stack/monitor/buildout.hash.cfg
View file @
9cf2c244
...
...
@@ -14,12 +14,16 @@
# not need these here).
[monitor2-template]
filename = instance-monitor.cfg.jinja2.in
md5sum =
255b4f5f2d960ec958899114cef4cfd9
md5sum =
dda9b2355134517dae601cc20709685a
[monitor-httpd-conf]
_update_hash_filename_ = templates/monitor-httpd.conf.in
md5sum = 0540fc5cc439a06079e9e724a5a55a70
[template-monitor-httpd-wrapper]
_update_hash_filename_ = templates/template-monitor-httpd-wrapper.sh.in
md5sum = 45929a22527b71620555326f4dd78c34
[monitor-template-wrapper]
_update_hash_filename_ = templates/wrapper.in
md5sum = e8566c00b28f6f86adde11b6b6371403
...
...
stack/monitor/instance-monitor.cfg.jinja2.in
View file @
9cf2c244
...
...
@@ -67,9 +67,22 @@ hash-existing-files = ${buildout:directory}/software_release/buildout.cfg
recipe = slapos.cookbook:certificate_authority.request
key-file = ${monitor-httpd-conf-parameter:key-file}
cert-file = ${monitor-httpd-conf-parameter:cert-file}
executable = ${monitor-httpd-
wrapper:wrapper-path
}
executable = ${monitor-httpd-
service-wrapper:output
}
wrapper = ${directory:bin}/ca-monitor-httpd
[monitor-httpd-service-wrapper]
recipe = slapos.recipe.template:jinja2
url = {{ template_monitor_httpd_wrapper }}
output = ${directory:bin}/monitor-httpd-service-wrapper
pid-file = ${monitor-httpd-conf-parameter:pid-file}
monitor-httpd-wrapper-path = ${monitor-httpd-wrapper:wrapper-path}
monitor-httpd-conf = ${monitor-httpd-conf:output}
context =
key pid_file :pid-file
key monitor_httpd_wrapper_path :monitor-httpd-wrapper-path
key monitor_httpd_conf :monitor-httpd-conf
raw dash_binary {{ dash_executable_location }}
[ca-monitor-httpd-service]
recipe = slapos.cookbook:wrapper
command-line = ${ca-monitor-httpd:wrapper}
...
...
@@ -338,7 +351,6 @@ configuration-file-path = ${monitor-directory:etc}/monitor_knowledge0.cfg
interface-url = https://monitor.app.officejs.com
# NOTE
[monitor-frontend]
<= slap-connection
recipe = slapos.cookbook:requestoptional
...
...
stack/monitor/templates/template-monitor-httpd-wrapper.sh.in
0 → 100644
View file @
9cf2c244
#!{{ dash_binary }}
# BEWARE: This file is operated by slapos node
# BEWARE: It will be overwritten automatically
pid_file="{{ pid_file }}"
monitor_httpd_conf_file={{ monitor_httpd_conf }}
if [ -f "$pid_file" ]; then
pid=$(cat "$pid_file")
result=$(ps aux | grep "^\S*\s*$pid\s")
# The process with the specified PID is running
if [ -n "$result" ]; then
echo "there is a process running with the same pid"
# Get the command line of the process and replace null characters with spaces
cmdline=$(tr '\0' ' ' < "/proc/$pid/cmdline")
# There is a process running with the pid,
# but it is not one using our monitor-httpd.conf
if ! expr "$cmdline" : ".*$monitor_httpd_conf_file" > /dev/null; then
echo "The process is not running with the monitor_httpd_conf"
rm -f {{ pid_file }};
fi
fi
fi
exec {{ monitor_httpd_wrapper_path }} "$@"
stack/slapos.cfg
View file @
9cf2c244
...
...
@@ -136,17 +136,17 @@ zc.buildout = 2.7.1+slapos019
# Use SlapOS patched zc.recipe.egg (zc.recipe.egg 2.x is for Buildout 2)
zc.recipe.egg = 2.0.3+slapos003
aiohttp = 3.8.
3
:whl
aiohttp = 3.8.
5
:whl
aiosignal = 1.3.1:whl
apache-libcloud = 2.4.0
argon2-cffi = 20.1.0
asn1crypto = 1.3.0
astor = 0.5
async-generator = 1.10
async-timeout = 4.0.
2
async-timeout = 4.0.
3
atomicwrites = 1.4.0
atomize = 0.2.0
attrs = 2
2.2.0
attrs = 2
3.1.0:whl
backcall = 0.2.0
backports-abc = 0.5
backports.functools-lru-cache = 1.6.1:whl
...
...
@@ -155,12 +155,12 @@ backports.shutil-get-terminal-size = 1.0.0
bcrypt = 3.1.4
bleach = 5.0.1
CacheControl = 0.12.6:whl
cachetools = 5.
2.0
cachetools = 5.
3.1
cattrs = 22.2.0
certifi = 202
2.12.7
certifi = 202
3.7.22
cffi = 1.15.0
chardet = 3.0.4
charset-normalizer =
2.1.1
charset-normalizer =
3.3.0
click = 8.1.3
cliff = 2.8.3:whl
cmd2 = 0.7.0
...
...
@@ -180,10 +180,10 @@ entrypoints = 0.3
enum34 = 1.1.10
erp5.util = 0.4.74
et-xmlfile = 1.0.1
exceptiongroup = 1.
0.0
:whl
exceptiongroup = 1.
1.3
:whl
feedparser = 6.0.10
Flask = 1.1.2
frozenlist = 1.
3.3
:whl
frozenlist = 1.
4.0
:whl
funcsigs = 1.0.2
functools32 = 3.2.3.post2
gevent = 20.9.0
...
...
@@ -196,7 +196,7 @@ h5py = 2.7.1
idna = 3.4:whl
igmp = 1.0.4
Importing = 1.10
importlib-metadata =
1.7
.0:whl
importlib-metadata =
6.8
.0:whl
importlib-resources = 5.10.2:whl
inotify-simple = 1.1.1
ipaddress = 1.0.23
...
...
@@ -218,7 +218,7 @@ jupyterlab-launcher = 0.3.1
jupyterlab-pygments = 0.1.2
lock-file = 2.0
lockfile = 0.12.2:whl
lsprotocol = 202
2.0.0a9
:whl
lsprotocol = 202
3.0.0b1
:whl
lxml = 4.9.1
manuel = 1.11.2
MarkupSafe = 2.0.1
...
...
@@ -239,7 +239,7 @@ netifaces = 0.10.7
notebook = 6.1.5
openpyxl = 2.5.2
outcome = 1.2.0
packaging = 2
2.0
:whl
packaging = 2
3.2
:whl
pandocfilters = 1.4.3
paramiko = 2.11.0
parso = 0.7.1
...
...
@@ -266,7 +266,7 @@ pyasn1 = 0.4.5
pycparser = 2.20
pycurl = 7.43.0
pydantic = 1.9.1
pygls = 1.
0
.0:whl
pygls = 1.
1
.0:whl
Pygments = 2.9.0
PyNaCl = 1.3.0
pyOpenSSL = 19.1.0
...
...
@@ -283,7 +283,7 @@ pyzmq = 22.3.0
qtconsole = 4.3.0
random2 = 1.0.1
regex = 2020.9.27
requests = 2.
28.1
requests = 2.
31.0
rpdb = 0.1.5
rubygemsrecipe = 0.4.3
scandir = 1.10.0
...
...
@@ -297,7 +297,7 @@ simplegeneric = 0.8.1
singledispatch = 3.4.0.3
six = 1.16.0
slapos.cookbook = 1.0.329
slapos.core = 1.10.
2
slapos.core = 1.10.
3
slapos.extension.shared = 1.0
slapos.libnetworkcache = 0.25
slapos.rebootstrap = 4.5
...
...
@@ -319,8 +319,8 @@ tornado = 6.1
traitlets = 5.0.5
trio = 0.22.0
trio-websocket = 0.9.2
typeguard =
2.13.3
:whl
typing-extensions = 4.
3
.0:whl
typeguard =
3.0.2
:whl
typing-extensions = 4.
8
.0:whl
tzlocal = 1.5.1
unicodecsv = 0.14.1
uritemplate = 3.0.0
...
...
@@ -330,13 +330,13 @@ webencodings = 0.5.1
websockets = 10.4
websocket-client = 1.5.1
Werkzeug = 2.0.2
wheel = 0.
38.4
:whl
wheel = 0.
41.2
:whl
widgetsnbextension = 2.0.0
wsproto = 1.2.0
xlrd = 1.1.0
xml-marshaller = 1.0.2
yarl = 1.
8
.2
zc.buildout.languageserver = 0.
9
.0
yarl = 1.
9
.2
zc.buildout.languageserver = 0.
11
.0
zc.lockfile = 1.4
ZConfig = 3.6.1
zdaemon = 4.2.0
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment