Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
slapos
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Léo-Paul Géneau
slapos
Commits
d36b2da7
Commit
d36b2da7
authored
Jan 11, 2019
by
Guillaume Hervier
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
stack/monitor: Add auto-restart on certificate-authority section
/reviewed-on
nexedi/slapos!499
parent
139a2d9c
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
20 additions
and
14 deletions
+20
-14
stack/monitor/buildout.hash.cfg
stack/monitor/buildout.hash.cfg
+1
-1
stack/monitor/instance-monitor.cfg.jinja2.in
stack/monitor/instance-monitor.cfg.jinja2.in
+19
-13
No files found.
stack/monitor/buildout.hash.cfg
View file @
d36b2da7
...
@@ -14,4 +14,4 @@
...
@@ -14,4 +14,4 @@
# not need these here).
# not need these here).
[monitor2-template]
[monitor2-template]
filename = instance-monitor.cfg.jinja2.in
filename = instance-monitor.cfg.jinja2.in
md5sum =
0713a3987d11dc60649d8105ec9746f4
md5sum =
3b3acb2291fc7458bb11efc80a5aba27
stack/monitor/instance-monitor.cfg.jinja2.in
View file @
d36b2da7
...
@@ -51,12 +51,18 @@ recipe = slapos.cookbook:certificate_authority
...
@@ -51,12 +51,18 @@ recipe = slapos.cookbook:certificate_authority
openssl-binary = {{ openssl_executable_location }}
openssl-binary = {{ openssl_executable_location }}
ca-dir = ${ca-directory:root}
ca-dir = ${ca-directory:root}
requests-directory = ${ca-directory:requests}
requests-directory = ${ca-directory:requests}
wrapper = ${directory:
services
}/certificate_authority
wrapper = ${directory:
bin
}/certificate_authority
ca-private = ${ca-directory:private}
ca-private = ${ca-directory:private}
ca-certs = ${ca-directory:certs}
ca-certs = ${ca-directory:certs}
ca-newcerts = ${ca-directory:newcerts}
ca-newcerts = ${ca-directory:newcerts}
ca-crl = ${ca-directory:crl}
ca-crl = ${ca-directory:crl}
[certificate-authority-service]
recipe = slapos.cookbook:wrapper
command-line = ${certificate-authority:wrapper}
wrapper-path = ${directory:services}/certificate_authority
hash-files = ${buildout:directory}/software_release/buildout.cfg
[ca-monitor-httpd]
[ca-monitor-httpd]
<= certificate-authority
<= certificate-authority
recipe = slapos.cookbook:certificate_authority.request
recipe = slapos.cookbook:certificate_authority.request
...
@@ -84,12 +90,12 @@ log-folder = ${monitor-directory:log}
...
@@ -84,12 +90,12 @@ log-folder = ${monitor-directory:log}
document-folder = ${monitor-directory:documents}
document-folder = ${monitor-directory:documents}
pid-file = ${monitor-directory:pids}/monitor-bootstrap.pid
pid-file = ${monitor-directory:pids}/monitor-bootstrap.pid
public-path-list =
public-path-list =
private-path-list = ${directory:log}
private-path-list = ${directory:log}
monitor-url-list = ${monitor-instance-parameter:monitor-url-list}
monitor-url-list = ${monitor-instance-parameter:monitor-url-list}
parameter-file-path = ${monitor-instance-parameter:configuration-file-path}
parameter-file-path = ${monitor-instance-parameter:configuration-file-path}
parameter-list =
parameter-list =
raw monitor-user ${monitor-instance-parameter:username}
raw monitor-user ${monitor-instance-parameter:username}
htpasswd monitor-password ${httpd-monitor-htpasswd:password-file} ${monitor-instance-parameter:username} ${httpd-monitor-htpasswd:htpasswd-path}
htpasswd monitor-password ${httpd-monitor-htpasswd:password-file} ${monitor-instance-parameter:username} ${httpd-monitor-htpasswd:htpasswd-path}
file min-free-disk-MB ${promise-check-free-disk-space:config-threshold-file}
file min-free-disk-MB ${promise-check-free-disk-space:config-threshold-file}
...
@@ -144,8 +150,8 @@ stop-on-error = true
...
@@ -144,8 +150,8 @@ stop-on-error = true
password-file = ${directory:etc}/.monitor_pwd
password-file = ${directory:etc}/.monitor_pwd
htpasswd-path = ${monitor-directory:etc}/monitor-htpasswd
htpasswd-path = ${monitor-directory:etc}/monitor-htpasswd
# Keep multiple lines as password can end with newline char.
# Keep multiple lines as password can end with newline char.
command =
command =
if [ ! -s "${:htpasswd-path}" ]; then
if [ ! -s "${:htpasswd-path}" ]; then
{{ apache_location }}/bin/htpasswd -cb ${:htpasswd-path} ${:user} ${:password}
{{ apache_location }}/bin/htpasswd -cb ${:htpasswd-path} ${:user} ${:password}
fi
fi
if [ ! -s "${:password-file}" ]; then echo "${monitor-instance-parameter:password}" > ${:password-file}; fi
if [ ! -s "${:password-file}" ]; then echo "${monitor-instance-parameter:password}" > ${:password-file}; fi
...
@@ -170,7 +176,7 @@ key-file = ${ca-directory:certs}/httpd.key
...
@@ -170,7 +176,7 @@ key-file = ${ca-directory:certs}/httpd.key
htpasswd-file = ${httpd-monitor-htpasswd:htpasswd-path}
htpasswd-file = ${httpd-monitor-htpasswd:htpasswd-path}
url = https://[${monitor-instance-parameter:monitor-httpd-ipv6}]:${:port}
url = https://[${monitor-instance-parameter:monitor-httpd-ipv6}]:${:port}
httpd-cors-config-file = ${monitor-httpd-cors:rendered}
httpd-cors-config-file = ${monitor-httpd-cors:rendered}
httpd-include-file =
httpd-include-file =
[monitor-httpd-conf]
[monitor-httpd-conf]
recipe = slapos.recipe.template:jinja2
recipe = slapos.recipe.template:jinja2
...
@@ -224,7 +230,7 @@ mode = 700
...
@@ -224,7 +230,7 @@ mode = 700
[promise-monitor-httpd-is-process-older-than-dependency-set]
[promise-monitor-httpd-is-process-older-than-dependency-set]
recipe = slapos.cookbook:wrapper
recipe = slapos.cookbook:wrapper
command-line = {{ bin_directory }}/is-process-older-than-dependency-set ${monitor-httpd-conf-parameter:pid-file}
command-line = {{ bin_directory }}/is-process-older-than-dependency-set ${monitor-httpd-conf-parameter:pid-file}
wrapper-path = ${directory:promises}/promise-monitor-httpd-is-process-older-than-dependency-set
wrapper-path = ${directory:promises}/promise-monitor-httpd-is-process-older-than-dependency-set
[monitor-globalstate-wrapper]
[monitor-globalstate-wrapper]
...
@@ -362,7 +368,7 @@ recipe = slapos.cookbook:promise.plugin
...
@@ -362,7 +368,7 @@ recipe = slapos.cookbook:promise.plugin
eggs =
eggs =
slapos.toolbox
slapos.toolbox
file = ${monitor-conf-parameters:promise-output-file}
file = ${monitor-conf-parameters:promise-output-file}
content =
content =
from slapos.promise.plugin.monitor_bootstrap_status import RunPromise
from slapos.promise.plugin.monitor_bootstrap_status import RunPromise
output = ${directory:plugins}/monitor-bootstrap-status.py
output = ${directory:plugins}/monitor-bootstrap-status.py
mode = 600
mode = 600
...
@@ -375,7 +381,7 @@ recipe = slapos.cookbook:promise.plugin
...
@@ -375,7 +381,7 @@ recipe = slapos.cookbook:promise.plugin
eggs =
eggs =
slapos.toolbox
slapos.toolbox
output = ${directory:plugins}/buildout-${slap-connection:partition-id}-status.py
output = ${directory:plugins}/buildout-${slap-connection:partition-id}-status.py
content =
content =
from slapos.promise.plugin.check_partition_deployment_state import RunPromise
from slapos.promise.plugin.check_partition_deployment_state import RunPromise
config-monitor-url = ${monitor-instance-parameter:monitor-base-url}
config-monitor-url = ${monitor-instance-parameter:monitor-base-url}
mode = 600
mode = 600
...
@@ -385,7 +391,7 @@ recipe = slapos.cookbook:promise.plugin
...
@@ -385,7 +391,7 @@ recipe = slapos.cookbook:promise.plugin
eggs =
eggs =
slapos.toolbox
slapos.toolbox
output = ${directory:plugins}/check-free-disk-space.py
output = ${directory:plugins}/check-free-disk-space.py
content =
content =
from slapos.promise.plugin.check_free_disk_space import RunPromise
from slapos.promise.plugin.check_free_disk_space import RunPromise
mode = 600
mode = 600
config-collectordb = ${monitor-instance-parameter:collector-db}
config-collectordb = ${monitor-instance-parameter:collector-db}
...
@@ -396,7 +402,7 @@ config-threshold-file = ${directory:etc}/min-free-disk-size
...
@@ -396,7 +402,7 @@ config-threshold-file = ${directory:etc}/min-free-disk-size
# create dependencies between required monitor parts
# create dependencies between required monitor parts
recipe = plone.recipe.command
recipe = plone.recipe.command
command = true
command = true
update-command =
update-command =
base-url = ${monitor-conf-parameters:base-url}
base-url = ${monitor-conf-parameters:base-url}
depends =
depends =
${monitor-globalstate-cron-entry:name}
${monitor-globalstate-cron-entry:name}
...
@@ -404,7 +410,7 @@ depends =
...
@@ -404,7 +410,7 @@ depends =
${monitor-collect-cron-entry:name}
${monitor-collect-cron-entry:name}
${cron-entry-logrotate:name}
${cron-entry-logrotate:name}
${logrotate-entry-cron:name}
${logrotate-entry-cron:name}
${certificate-authority:wrapper}
${certificate-authority
-service
:wrapper}
${monitor-conf:rendered}
${monitor-conf:rendered}
${start-monitor:wrapper-path}
${start-monitor:wrapper-path}
${ca-monitor-httpd-service:wrapper-path}
${ca-monitor-httpd-service:wrapper-path}
...
@@ -424,5 +430,5 @@ monitor-setup-url = ${monitor-instance-parameter:interface-url}/#page=settings_c
...
@@ -424,5 +430,5 @@ monitor-setup-url = ${monitor-instance-parameter:interface-url}/#page=settings_c
[buildout]
[buildout]
extends =
extends =
{{ template_logrotate_base }}
{{ template_logrotate_base }}
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment