Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
slapos
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Lukas Niegsch
slapos
Commits
2b4d054c
Commit
2b4d054c
authored
Mar 14, 2022
by
Joanne Hugé
Browse files
Options
Browse Files
Download
Plain Diff
Update Release Candidate
parents
8549b432
897a581f
Changes
92
Hide whitespace changes
Inline
Side-by-side
Showing
92 changed files
with
1238 additions
and
609 deletions
+1238
-609
component/git/buildout.cfg
component/git/buildout.cfg
+2
-2
component/nano/buildout.cfg
component/nano/buildout.cfg
+5
-5
software/beremiz-runtime/buildout.hash.cfg
software/beremiz-runtime/buildout.hash.cfg
+1
-1
software/beremiz-runtime/instance.cfg.in
software/beremiz-runtime/instance.cfg.in
+0
-3
software/caddy-frontend/buildout.hash.cfg
software/caddy-frontend/buildout.hash.cfg
+10
-6
software/caddy-frontend/caddyprofiledummy.py
software/caddy-frontend/caddyprofiledummy.py
+102
-0
software/caddy-frontend/instance-apache-frontend.cfg.in
software/caddy-frontend/instance-apache-frontend.cfg.in
+8
-6
software/caddy-frontend/instance-apache-replicate.cfg.in
software/caddy-frontend/instance-apache-replicate.cfg.in
+64
-86
software/caddy-frontend/instance-caddy-input-schema.json
software/caddy-frontend/instance-caddy-input-schema.json
+2
-2
software/caddy-frontend/instance-kedifa.cfg.in
software/caddy-frontend/instance-kedifa.cfg.in
+40
-78
software/caddy-frontend/instance-output-schema.json
software/caddy-frontend/instance-output-schema.json
+12
-8
software/caddy-frontend/setup.py
software/caddy-frontend/setup.py
+5
-0
software/caddy-frontend/software.cfg
software/caddy-frontend/software.cfg
+6
-0
software/caddy-frontend/templates/apache-custom-slave-list.cfg.in
.../caddy-frontend/templates/apache-custom-slave-list.cfg.in
+47
-94
software/caddy-frontend/templates/expose-csr-nginx.conf.in
software/caddy-frontend/templates/expose-csr-nginx.conf.in
+30
-0
software/caddy-frontend/test/test.py
software/caddy-frontend/test/test.py
+178
-53
software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultDefaultSlave.test_file_list_log-CADDY.txt
...leHttp2ByDefaultDefaultSlave.test_file_list_log-CADDY.txt
+2
-2
software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultDefaultSlave.test_file_list_plugin-CADDY.txt
...ttp2ByDefaultDefaultSlave.test_file_list_plugin-CADDY.txt
+4
-2
software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultDefaultSlave.test_supervisor_state-CADDY.txt
...ttp2ByDefaultDefaultSlave.test_supervisor_state-CADDY.txt
+2
-2
software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultDefaultSlaveGlobalDisableHttp2.test_file_list_log-CADDY.txt
...faultSlaveGlobalDisableHttp2.test_file_list_log-CADDY.txt
+2
-2
software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultDefaultSlaveGlobalDisableHttp2.test_file_list_plugin-CADDY.txt
...ltSlaveGlobalDisableHttp2.test_file_list_plugin-CADDY.txt
+4
-2
software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultDefaultSlaveGlobalDisableHttp2.test_supervisor_state-CADDY.txt
...ltSlaveGlobalDisableHttp2.test_supervisor_state-CADDY.txt
+2
-2
software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultFalseSlave.test_file_list_log-CADDY.txt
...ableHttp2ByDefaultFalseSlave.test_file_list_log-CADDY.txt
+2
-2
software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultFalseSlave.test_file_list_plugin-CADDY.txt
...eHttp2ByDefaultFalseSlave.test_file_list_plugin-CADDY.txt
+4
-2
software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultFalseSlave.test_supervisor_state-CADDY.txt
...eHttp2ByDefaultFalseSlave.test_supervisor_state-CADDY.txt
+2
-2
software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultFalseSlaveGlobalDisableHttp2.test_file_list_log-CADDY.txt
...FalseSlaveGlobalDisableHttp2.test_file_list_log-CADDY.txt
+2
-2
software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultFalseSlaveGlobalDisableHttp2.test_file_list_plugin-CADDY.txt
...seSlaveGlobalDisableHttp2.test_file_list_plugin-CADDY.txt
+4
-2
software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultFalseSlaveGlobalDisableHttp2.test_supervisor_state-CADDY.txt
...seSlaveGlobalDisableHttp2.test_supervisor_state-CADDY.txt
+2
-2
software/caddy-frontend/test/test_data/test.TestMasterAIKCDisabledAIBCCDisabledRequest.test_file_list_etc_cron_d-CADDY.txt
...dAIBCCDisabledRequest.test_file_list_etc_cron_d-CADDY.txt
+13
-0
software/caddy-frontend/test/test_data/test.TestMasterAIKCDisabledAIBCCDisabledRequest.test_file_list_log-CADDY.txt
...DisabledAIBCCDisabledRequest.test_file_list_log-CADDY.txt
+16
-0
software/caddy-frontend/test/test_data/test.TestMasterAIKCDisabledAIBCCDisabledRequest.test_file_list_plugin-CADDY.txt
...abledAIBCCDisabledRequest.test_file_list_plugin-CADDY.txt
+44
-0
software/caddy-frontend/test/test_data/test.TestMasterAIKCDisabledAIBCCDisabledRequest.test_file_list_run-CADDY.txt
...DisabledAIBCCDisabledRequest.test_file_list_run-CADDY.txt
+14
-0
software/caddy-frontend/test/test_data/test.TestMasterAIKCDisabledAIBCCDisabledRequest.test_supervisor_state-CADDY.txt
...abledAIBCCDisabledRequest.test_supervisor_state-CADDY.txt
+37
-0
software/caddy-frontend/test/test_data/test.TestMasterRequest.test_file_list_log-CADDY.txt
..._data/test.TestMasterRequest.test_file_list_log-CADDY.txt
+2
-2
software/caddy-frontend/test/test_data/test.TestMasterRequest.test_file_list_plugin-CADDY.txt
...ta/test.TestMasterRequest.test_file_list_plugin-CADDY.txt
+4
-2
software/caddy-frontend/test/test_data/test.TestMasterRequest.test_supervisor_state-CADDY.txt
...ta/test.TestMasterRequest.test_supervisor_state-CADDY.txt
+2
-2
software/caddy-frontend/test/test_data/test.TestMasterRequestDomain.test_file_list_log-CADDY.txt
...test.TestMasterRequestDomain.test_file_list_log-CADDY.txt
+2
-2
software/caddy-frontend/test/test_data/test.TestMasterRequestDomain.test_file_list_plugin-CADDY.txt
...t.TestMasterRequestDomain.test_file_list_plugin-CADDY.txt
+4
-2
software/caddy-frontend/test/test_data/test.TestMasterRequestDomain.test_supervisor_state-CADDY.txt
...t.TestMasterRequestDomain.test_supervisor_state-CADDY.txt
+2
-2
software/caddy-frontend/test/test_data/test.TestRe6stVerificationUrlDefaultSlave.test_file_list_log-CADDY.txt
...tVerificationUrlDefaultSlave.test_file_list_log-CADDY.txt
+2
-2
software/caddy-frontend/test/test_data/test.TestRe6stVerificationUrlDefaultSlave.test_file_list_plugin-CADDY.txt
...rificationUrlDefaultSlave.test_file_list_plugin-CADDY.txt
+4
-2
software/caddy-frontend/test/test_data/test.TestRe6stVerificationUrlDefaultSlave.test_supervisor_state-CADDY.txt
...rificationUrlDefaultSlave.test_supervisor_state-CADDY.txt
+2
-2
software/caddy-frontend/test/test_data/test.TestRe6stVerificationUrlSlave.test_file_list_log-CADDY.txt
...estRe6stVerificationUrlSlave.test_file_list_log-CADDY.txt
+2
-2
software/caddy-frontend/test/test_data/test.TestRe6stVerificationUrlSlave.test_file_list_plugin-CADDY.txt
...Re6stVerificationUrlSlave.test_file_list_plugin-CADDY.txt
+4
-2
software/caddy-frontend/test/test_data/test.TestRe6stVerificationUrlSlave.test_supervisor_state-CADDY.txt
...Re6stVerificationUrlSlave.test_supervisor_state-CADDY.txt
+2
-2
software/caddy-frontend/test/test_data/test.TestReplicateSlave.test_file_list_log-CADDY.txt
...data/test.TestReplicateSlave.test_file_list_log-CADDY.txt
+3
-3
software/caddy-frontend/test/test_data/test.TestReplicateSlave.test_file_list_plugin-CADDY.txt
...a/test.TestReplicateSlave.test_file_list_plugin-CADDY.txt
+5
-3
software/caddy-frontend/test/test_data/test.TestReplicateSlave.test_supervisor_state-CADDY.txt
...a/test.TestReplicateSlave.test_supervisor_state-CADDY.txt
+3
-3
software/caddy-frontend/test/test_data/test.TestSlave.test_file_list_log-CADDY.txt
...est/test_data/test.TestSlave.test_file_list_log-CADDY.txt
+5
-5
software/caddy-frontend/test/test_data/test.TestSlave.test_file_list_plugin-CADDY.txt
.../test_data/test.TestSlave.test_file_list_plugin-CADDY.txt
+4
-2
software/caddy-frontend/test/test_data/test.TestSlave.test_supervisor_state-CADDY.txt
.../test_data/test.TestSlave.test_supervisor_state-CADDY.txt
+2
-2
software/caddy-frontend/test/test_data/test.TestSlaveCiphers.test_file_list_log-CADDY.txt
...t_data/test.TestSlaveCiphers.test_file_list_log-CADDY.txt
+2
-2
software/caddy-frontend/test/test_data/test.TestSlaveCiphers.test_file_list_plugin-CADDY.txt
...ata/test.TestSlaveCiphers.test_file_list_plugin-CADDY.txt
+4
-2
software/caddy-frontend/test/test_data/test.TestSlaveCiphers.test_supervisor_state-CADDY.txt
...ata/test.TestSlaveCiphers.test_supervisor_state-CADDY.txt
+2
-2
software/caddy-frontend/test/test_data/test.TestSlaveGlobalDisableHttp2.test_file_list_log-CADDY.txt
....TestSlaveGlobalDisableHttp2.test_file_list_log-CADDY.txt
+5
-5
software/caddy-frontend/test/test_data/test.TestSlaveGlobalDisableHttp2.test_file_list_plugin-CADDY.txt
...stSlaveGlobalDisableHttp2.test_file_list_plugin-CADDY.txt
+4
-2
software/caddy-frontend/test/test_data/test.TestSlaveGlobalDisableHttp2.test_supervisor_state-CADDY.txt
...stSlaveGlobalDisableHttp2.test_supervisor_state-CADDY.txt
+2
-2
software/caddy-frontend/test/test_data/test.TestSlaveHealthCheck.test_file_list_log-CADDY.txt
...ta/test.TestSlaveHealthCheck.test_file_list_log-CADDY.txt
+2
-2
software/caddy-frontend/test/test_data/test.TestSlaveHealthCheck.test_file_list_plugin-CADDY.txt
...test.TestSlaveHealthCheck.test_file_list_plugin-CADDY.txt
+4
-2
software/caddy-frontend/test/test_data/test.TestSlaveHealthCheck.test_supervisor_state-CADDY.txt
...test.TestSlaveHealthCheck.test_supervisor_state-CADDY.txt
+2
-2
software/caddy-frontend/test/test_data/test.TestSlaveHostHaproxyClash.test_file_list_log-CADDY.txt
...st.TestSlaveHostHaproxyClash.test_file_list_log-CADDY.txt
+2
-2
software/caddy-frontend/test/test_data/test.TestSlaveHostHaproxyClash.test_file_list_plugin-CADDY.txt
...TestSlaveHostHaproxyClash.test_file_list_plugin-CADDY.txt
+4
-2
software/caddy-frontend/test/test_data/test.TestSlaveHostHaproxyClash.test_supervisor_state-CADDY.txt
...TestSlaveHostHaproxyClash.test_supervisor_state-CADDY.txt
+2
-2
software/caddy-frontend/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibility.test_file_list_log-CADDY.txt
...sterCertificateCompatibility.test_file_list_log-CADDY.txt
+2
-2
software/caddy-frontend/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibility.test_file_list_plugin-CADDY.txt
...rCertificateCompatibility.test_file_list_plugin-CADDY.txt
+4
-2
software/caddy-frontend/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibility.test_supervisor_state-CADDY.txt
...rCertificateCompatibility.test_supervisor_state-CADDY.txt
+2
-2
software/caddy-frontend/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibilityOverrideMaster.test_file_list_log-CADDY.txt
...eCompatibilityOverrideMaster.test_file_list_log-CADDY.txt
+2
-2
software/caddy-frontend/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibilityOverrideMaster.test_file_list_plugin-CADDY.txt
...mpatibilityOverrideMaster.test_file_list_plugin-CADDY.txt
+4
-2
software/caddy-frontend/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibilityOverrideMaster.test_supervisor_state-CADDY.txt
...mpatibilityOverrideMaster.test_supervisor_state-CADDY.txt
+2
-2
software/caddy-frontend/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibilityUpdate.test_file_list_log-CADDY.txt
...rtificateCompatibilityUpdate.test_file_list_log-CADDY.txt
+2
-2
software/caddy-frontend/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibilityUpdate.test_file_list_plugin-CADDY.txt
...ficateCompatibilityUpdate.test_file_list_plugin-CADDY.txt
+4
-2
software/caddy-frontend/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibilityUpdate.test_supervisor_state-CADDY.txt
...ficateCompatibilityUpdate.test_supervisor_state-CADDY.txt
+2
-2
software/kvm/buildout.hash.cfg
software/kvm/buildout.hash.cfg
+4
-4
software/kvm/instance-kvm.cfg.jinja2
software/kvm/instance-kvm.cfg.jinja2
+9
-6
software/kvm/template/image-download-config-creator.py
software/kvm/template/image-download-config-creator.py
+1
-1
software/kvm/template/image-download-controller.py
software/kvm/template/image-download-controller.py
+3
-15
software/kvm/template/template-kvm-run.in
software/kvm/template/template-kvm-run.in
+18
-25
software/kvm/test/test.py
software/kvm/test/test.py
+89
-94
software/matomo/apache-httpd.conf.in
software/matomo/apache-httpd.conf.in
+24
-0
software/matomo/buildout.hash.cfg
software/matomo/buildout.hash.cfg
+26
-0
software/matomo/matomo-backup.sh.in
software/matomo/matomo-backup.sh.in
+32
-0
software/matomo/matomo-instance.cfg.in
software/matomo/matomo-instance.cfg.in
+51
-0
software/matomo/software.cfg
software/matomo/software.cfg
+56
-0
software/matomo/test/README.md
software/matomo/test/README.md
+1
-0
software/matomo/test/setup.py
software/matomo/test/setup.py
+52
-0
software/matomo/test/test.py
software/matomo/test/test.py
+67
-0
software/ors-amarisoft/buildout.hash.cfg
software/ors-amarisoft/buildout.hash.cfg
+3
-3
software/ors-amarisoft/config/gnb.jinja2.cfg
software/ors-amarisoft/config/gnb.jinja2.cfg
+2
-2
software/ors-amarisoft/instance-gnb-epc.jinja2.cfg
software/ors-amarisoft/instance-gnb-epc.jinja2.cfg
+4
-4
software/ors-amarisoft/instance-gnb.jinja2.cfg
software/ors-amarisoft/instance-gnb.jinja2.cfg
+7
-0
software/slapos-sr-testing/software-py3.cfg
software/slapos-sr-testing/software-py3.cfg
+1
-0
software/slapos-sr-testing/software.cfg
software/slapos-sr-testing/software.cfg
+7
-0
No files found.
component/git/buildout.cfg
View file @
2b4d054c
...
...
@@ -18,8 +18,8 @@ parts =
[git]
recipe = slapos.recipe.cmmi
shared = true
url = https://mirrors.edge.kernel.org/pub/software/scm/git/git-2.3
3
.1.tar.xz
md5sum = 3
462f34d9c17288eee854b7645f6a0a1
url = https://mirrors.edge.kernel.org/pub/software/scm/git/git-2.3
5
.1.tar.xz
md5sum = 3
aae077280b6be861e3c1c637491853a
configure-options =
--with-curl=${curl:location}
--with-openssl=${openssl:location}
...
...
component/nano/buildout.cfg
View file @
2b4d054c
...
...
@@ -10,9 +10,8 @@ extends =
[nano]
recipe = slapos.recipe.cmmi
shared = true
url = http://www.nano-editor.org/dist/v2.8/nano-2.8.4.tar.xz
md5sum = 02ff28870194178595b287fc16fa611b
location = @@LOCATION@@
url = https://www.nano-editor.org/dist/v6/nano-6.2.tar.xz
md5sum = 12784a5c245518d7580125ebbd6b7601
# The dummy PKG_CONFIG is in the case that both pkg-config and ncursesw
# are installed on the system.
environment=
...
...
@@ -21,5 +20,6 @@ environment=
CPPFLAGS=-I${file:location}/include -I${zlib:location}/include
LDFLAGS=-L${file:location}/lib/ -Wl,-rpath=${file:location}/lib/ -L${zlib:location}/lib/ -Wl,-rpath=${zlib:location}/lib/
post-install =
cd ${:location} && mkdir etc &&
echo include "${:location}/share/nano/*.nanorc" > etc/nanorc
cd %(location)s
mkdir etc
echo 'include %(location)s/share/nano/*.nanorc' > etc/nanorc
software/beremiz-runtime/buildout.hash.cfg
View file @
2b4d054c
[instance-profile]
filename = instance.cfg.in
md5sum =
a438aa4126feb2e609a082935acbb625
md5sum =
6e3e1dc304378640707cdb6a792106f1
software/beremiz-runtime/instance.cfg.in
View file @
2b4d054c
...
...
@@ -29,11 +29,8 @@ key = ${slap-connection:key-file}
cert = ${slap-connection:cert-file}
configuration.runtime_plc_url =
configuration.runtime_plc_md5sum =
# XXX: we can get rid of plc_name in future
configuration.runtime_plc_name =
configuration.autostart = 1
configuration.interface = 0.0.0.0
# XXX: randomly generated one on slap's interface?
configuration.port = 61248
# Create all needed directories, depending on your needs
...
...
software/caddy-frontend/buildout.hash.cfg
View file @
2b4d054c
...
...
@@ -22,15 +22,15 @@ md5sum = 5784bea3bd608913769ff9a8afcccb68
[profile-caddy-frontend]
filename = instance-apache-frontend.cfg.in
md5sum =
0950e09ad1f03f0789308f5f7a7eb1b8
md5sum =
3e3021b86c3cfe93553489441da85496
[profile-caddy-replicate]
filename = instance-apache-replicate.cfg.in
md5sum = c
5d1e235959a877b4f3157369c6f5e10
md5sum = c
028f1c5947494e7f25cf8266a3ecd2d
[profile-slave-list]
_update_hash_filename_ = templates/apache-custom-slave-list.cfg.in
md5sum =
9e77ca5d41541787f66a4e1872556418
md5sum =
6b6ab13d82bf9ecff6a37c3402ddbf95
[profile-replicate-publish-slave-information]
_update_hash_filename_ = templates/replicate-publish-slave-information.cfg.in
...
...
@@ -94,15 +94,15 @@ md5sum = 8c150e1e6c993708d31936742f3a7302
[caddyprofiledeps-setup]
filename = setup.py
md5sum =
8e1c6c06c09beb921965b3ce98c67c9e
md5sum =
6aad2b4c271294f524214192ee197c15
[caddyprofiledeps-dummy]
filename = caddyprofiledummy.py
md5sum =
59cb33f11272ee09eccea74981d2304a
md5sum =
b41b8de115ad815d0b0db306ad650365
[profile-kedifa]
filename = instance-kedifa.cfg.in
md5sum =
483e834e689f9a943346683e4d81eab4
md5sum =
88f3a8cc30d3cf30f4bd2797f5c16221
[template-backend-haproxy-rsyslogd-conf]
_update_hash_filename_ = templates/backend-haproxy-rsyslogd.conf.in
...
...
@@ -111,3 +111,7 @@ md5sum = 3336d554661b138dcef97b1d1866803c
[template-slave-introspection-httpd-nginx]
_update_hash_filename_ = templates/slave-introspection-httpd-nginx.conf.in
md5sum = 3067e6ba6c6901821d57d2109517d39c
[template-expose-csr-nginx-conf]
_update_hash_filename_ = templates/expose-csr-nginx.conf.in
md5sum = 5620baa8819fcc8340fa6777ee551a1a
software/caddy-frontend/caddyprofiledummy.py
View file @
2b4d054c
from
__future__
import
print_function
import
caucase.client
import
caucase.utils
import
os
import
ssl
import
sys
import
urllib
import
urlparse
from
cryptography
import
x509
from
cryptography.hazmat.primitives
import
serialization
class
Recipe
(
object
):
def
__init__
(
self
,
*
args
,
**
kwargs
):
pass
...
...
@@ -19,3 +30,94 @@ def validate_netloc(netloc):
else
:
hostname
=
parsed
.
hostname
return
netloc
==
'%s:%s'
%
(
hostname
,
parsed
.
port
)
def
_check_certificate
(
url
,
certificate
):
parsed
=
urlparse
.
urlparse
(
url
)
got_certificate
=
ssl
.
get_server_certificate
((
parsed
.
hostname
,
parsed
.
port
))
if
certificate
.
strip
()
!=
got_certificate
.
strip
():
raise
ValueError
(
'Certificate for %s does not match expected one'
%
(
url
,))
def
_get_exposed_csr
(
url
,
certificate
):
_check_certificate
(
url
,
certificate
)
self_signed
=
ssl
.
create_default_context
()
self_signed
.
check_hostname
=
False
self_signed
.
verify_mode
=
ssl
.
CERT_NONE
return
urllib
.
urlopen
(
url
,
context
=
self_signed
).
read
()
def
_get_caucase_client
(
ca_url
,
ca_crt
,
user_key
):
return
caucase
.
client
.
CaucaseClient
(
ca_url
=
ca_url
+
'/cas'
,
ca_crt_pem_list
=
caucase
.
utils
.
getCertList
(
ca_crt
),
user_key
=
user_key
,
)
def
_get_caucase_csr_list
(
ca_url
,
ca_crt
,
user_key
):
csr_list
=
[]
for
entry
in
_get_caucase_client
(
ca_url
,
ca_crt
,
user_key
).
getPendingCertificateRequestList
():
csr
=
caucase
.
utils
.
load_certificate_request
(
caucase
.
utils
.
toBytes
(
entry
[
'csr'
]))
csr_list
.
append
({
'csr_id'
:
entry
[
'id'
],
'csr'
:
csr
.
public_bytes
(
serialization
.
Encoding
.
PEM
).
decode
()
})
return
csr_list
def
_csr_match
(
*
csr_list
):
number_list
=
set
([])
for
csr
in
csr_list
:
number_list
.
add
(
x509
.
load_pem_x509_csr
(
str
(
csr
)).
public_key
().
public_numbers
())
return
len
(
number_list
)
==
1
def
_sign_csr
(
ca_url
,
ca_crt
,
user_key
,
csr
,
csr_list
):
signed
=
False
client
=
_get_caucase_client
(
ca_url
,
ca_crt
,
user_key
)
for
csr_entry
in
csr_list
:
if
_csr_match
(
csr
,
csr_entry
[
'csr'
]):
client
.
createCertificate
(
int
(
csr_entry
[
'csr_id'
]))
print
(
'Signed csr with id %s'
%
(
csr_entry
[
'csr_id'
],))
signed
=
True
break
return
signed
def
_mark_done
(
filename
):
with
open
(
filename
,
'w'
)
as
fh
:
fh
.
write
(
'done'
)
print
(
'Marked file %s'
%
(
filename
,))
def
_is_done
(
filename
):
if
os
.
path
.
exists
(
filename
):
return
True
return
False
def
smart_sign
():
ca_url
,
ca_crt
,
done_file
,
user_key
,
csr_url
,
\
csr_url_certificate
=
sys
.
argv
[
1
:]
if
_is_done
(
done_file
):
return
exposed_csr
=
_get_exposed_csr
(
csr_url
,
csr_url_certificate
)
caucase_csr_list
=
_get_caucase_csr_list
(
ca_url
,
ca_crt
,
user_key
)
if
_sign_csr
(
ca_url
,
ca_crt
,
user_key
,
exposed_csr
,
caucase_csr_list
):
_mark_done
(
done_file
)
else
:
print
(
'Failed to sign %s'
%
(
csr_url
,))
def
caucase_csr_sign_check
():
ca_url
,
ca_crt
,
user_key
=
sys
.
argv
[
1
:]
if
len
(
_get_caucase_csr_list
(
ca_url
,
ca_crt
,
user_key
))
!=
0
:
print
(
'ERR There are CSR to sign on %s'
%
(
ca_url
,))
sys
.
exit
(
1
)
else
:
print
(
'OK No CSR to sign on %s'
%
(
ca_url
,))
software/caddy-frontend/instance-apache-frontend.cfg.in
View file @
2b4d054c
...
...
@@ -89,10 +89,10 @@ bbb-ssl-dir = ${:srv}/bbb-ssl
frontend_cluster = ${:var}/frontend_cluster
#
csr_id
publication
csr_id = ${:srv}/csr_id
certificate-csr_id = ${:etc}/certificate-csr_id
expose-csr
_id-var = ${:var}/expose-csr_id
#
CSR
publication
expose-csr = ${:srv}/expose-csr
expose-csr-etc = ${:etc}/expose-csr
expose-csr
-var = ${:var}/expose-csr
# slave introspection
slave-introspection-var = ${:var}/slave-introspection
...
...
@@ -179,6 +179,7 @@ template-empty = {{ software_parameter_dict['template_empty'] }}
template-default-slave-virtualhost = {{ software_parameter_dict['template_default_slave_virtualhost'] }}
template-backend-haproxy-configuration = {{ software_parameter_dict['template_backend_haproxy_configuration'] }}
template-backend-haproxy-rsyslogd-conf = {{ software_parameter_dict['template_backend_haproxy_rsyslogd_conf'] }}
template-expose-csr-nginx-conf = {{ software_parameter_dict['template_expose_csr_nginx_conf'] }}
[kedifa-login-config]
d = ${directory:ca-dir}
...
...
@@ -295,11 +296,12 @@ extra-context =
key master_key_download_url :master_key_download_url
key autocert caddy-directory:autocert
key caddy_log_directory caddy-directory:slave-log
key expose_csr_
id_
organization :organization
key expose_csr_
id_
organizational_unit :organizational-unit
key expose_csr_organization :organization
key expose_csr_organizational_unit :organizational-unit
key global_ipv6 slap-configuration:ipv6-random
key empty_template software-release-path:template-empty
key template_default_slave_configuration software-release-path:template-default-slave-virtualhost
key template_expose_csr_nginx_conf software-release-path:template-expose-csr-nginx-conf
key software_type :software_type
key frontend_lazy_graceful_reload frontend-caddy-lazy-graceful:rendered
key monitor_base_url monitor-instance-parameter:monitor-base-url
...
...
software/caddy-frontend/instance-apache-replicate.cfg.in
View file @
2b4d054c
...
...
@@ -286,7 +286,7 @@ config-monitor-username = ${monitor-instance-parameter:username}
config-monitor-password = ${monitor-htpasswd:passwd}
software-type = {{frontend_type}}
return = slave-instance-information-list monitor-base-url backend-client-csr
_id-url csr_id-url csr_id
-certificate backend-haproxy-statistic-url
return = slave-instance-information-list monitor-base-url backend-client-csr
-url kedifa-csr-url csr
-certificate backend-haproxy-statistic-url
{#- Send only needed parameters to frontend nodes #}
{%- set base_node_configuration_dict = {} %}
...
...
@@ -362,15 +362,15 @@ warning-slave-dict = {{ dumps(json_module.dumps(warning_slave_dict, sort_keys=Tr
{% if not aikc_enabled or not aibcc_enabled %}
{% for frontend in frontend_list %}
{% set section_part = '${request-' + frontend %}
{{ frontend }}-csr
_id-certificate = {{ section_part }}:connection-csr_id
-certificate}
{{ frontend }}-csr
-certificate = {{ section_part }}:connection-csr
-certificate}
{% endfor %}
{% endif %}
{% if not aikc_enabled %}
kedifa-csr
_id-url = ${request-kedifa:connection-csr_id
-url}
kedifa-csr
_id-certificate = ${request-kedifa:connection-csr_id
-certificate}
kedifa-csr
-url = ${request-kedifa:connection-kedifa-csr
-url}
kedifa-csr
-certificate = ${request-kedifa:connection-csr
-certificate}
{% for frontend in frontend_list %}
{% set section_part = '${request-' + frontend %}
{{ frontend }}-
csr_id-url = {{ section_part }}:connection-csr_id
-url}
{{ frontend }}-
kedifa-csr-url = {{ section_part }}:connection-kedifa-csr
-url}
{% endfor %}
{% endif %}
{% for frontend in frontend_list %}
...
...
@@ -380,7 +380,7 @@ kedifa-csr_id-certificate = ${request-kedifa:connection-csr_id-certificate}
{% if not aibcc_enabled %}
{% for frontend in frontend_list %}
{% set section_part = '${request-' + frontend %}
{{ frontend }}-backend-client-csr
_id-url = {{ section_part }}:connection-backend-client-csr_id
-url}
{{ frontend }}-backend-client-csr
-url = {{ section_part }}:connection-backend-client-csr
-url}
{% endfor %}
{% endif %}
...
...
@@ -431,7 +431,7 @@ software-url = ${slap-connection:software-release-url}
{% endif %}
software-type = kedifa
name = kedifa
return = slave-kedifa-information master-key-generate-auth-url master-key-upload-url master-key-download-url caucase-url
csr_id-url csr_id
-certificate monitor-base-url
return = slave-kedifa-information master-key-generate-auth-url master-key-upload-url master-key-download-url caucase-url
kedifa-csr-url csr
-certificate monitor-base-url
{% set sla_kedifa_key = "-sla-kedifa-" %}
{% set sla_kedifa_key_length = sla_kedifa_key | length %}
{% for key in slapparameter_dict.keys() %}
...
...
@@ -505,7 +505,6 @@ crl = ${directory:aikc}/crl.pem
user-ca-certificate = ${directory:aikc}/user-ca-certificate.pem
user-crl = ${directory:aikc}/user-crl.pem
user-created = ${directory:aikc}/user-created
csr_id = ${directory:aikc}/csr_id
data_dir = ${directory:aikc}/caucase-updater
[aikc-user-csr]
...
...
@@ -552,11 +551,12 @@ recipe = plone.recipe.command
{#- The called command is smart enough to survive errors and retry #}
stop-on-error = False
update-command = ${:command}
csr_id = ${directory:aikc}/csr_id
command =
if ! [ -f ${aikc-config:user-created} ] ; then
${aikc-caucase-wrapper:rendered} --mode user --send-csr ${aikc-user-csr:csr} > ${
aikc-config
:csr_id} || exit 1
cut -d ' ' -f 1 ${
aikc-config
:csr_id} || exit 1
csr_id=`cut -d ' ' -f 1 ${
aikc-config
:csr_id}`
${aikc-caucase-wrapper:rendered} --mode user --send-csr ${aikc-user-csr:csr} > ${:csr_id} || exit 1
cut -d ' ' -f 1 ${:csr_id} || exit 1
csr_id=`cut -d ' ' -f 1 ${:csr_id}`
sleep 1
${aikc-caucase-wrapper:rendered} --mode user --get-crt $csr_id ${aikc-config:key} || exit 1
touch ${aikc-config:user-created}
...
...
@@ -577,44 +577,32 @@ command =
mode='user',
)}}
[aikc-check-certificate]
recipe = slapos.recipe.template:jinja2
rendered = ${directory:bin}/aikc-check-certificate
template = inline:
import sys
import ssl
import urlparse
certificate = sys.argv[2]
parsed = urlparse.urlparse(sys.argv[1])
got_certificate = ssl.get_server_certificate((parsed.hostname, parsed.port))
sys.exit(0) if certificate.strip() == got_certificate.strip() else sys.exit(1)
[aikc-sign-promise-wrapper]
recipe = slapos.cookbook:wrapper
command-line = {{ software_parameter_dict['caucase_csr_sign_check'] }}
${aikc-config:caucase-url}
${aikc-config:ca-certificate}
${aikc-config:key}
wrapper-path = ${directory:bin}/aikc-caucase-csr-sign-check
{% do part_list.append('aikc-sign-promise') %}
[aikc-sign-promise]
<= monitor-promise-base
promise = check_command_execute
name = ${:_buildout_section_name_}.py
config-command = ${aikc-sign-promise-wrapper:wrapper-path}
{% for csr in frontend_list + ['kedifa'] %}
[aikc-{{ csr }}-wrapper]
{# jinja2 instead of wrapper is used with context to remove py'u' #}
recipe = slapos.recipe.template:jinja2
context =
key csr_id_url request-{{ csr }}:connection-csr_id-url
key csr_id_certificate request-{{ csr }}:connection-csr_id-certificate
template = inline:#!{{ software_parameter_dict['dash'] }}/bin/dash
test -f ${directory:aikc}/{{ csr }}-done && exit 0
${buildout:executable} ${aikc-check-certificate:rendered} \
{# raw block to use context #}
{% raw %}
{{ csr_id_url }} \
"""{{ csr_id_certificate }}"""
{% endraw %}
if [ $? = 0 ]; then
csr_id=`{{ software_parameter_dict['curl'] }}/bin/curl -s -k -g \
{% raw %}
{{ csr_id_url }} \
{% endraw %}
` || exit 1
${aikc-caucase-wrapper:rendered} --user-key ${aikc-config:key} --sign-csr $csr_id && touch ${directory:aikc}/{{ csr }}-done
fi
rendered = ${directory:bin}/aikc-{{ csr }}-wrapper
mode = 0700
recipe = slapos.cookbook:wrapper
wrapper-path = ${directory:bin}/aikc-{{ csr }}-wrapper
command-line = {{ software_parameter_dict['smart_caucase_signer'] }}
${aikc-config:caucase-url}
${aikc-config:ca-certificate}
${directory:aikc}/{{ csr }}-done
${aikc-config:key}
${request-{{ csr }}:connection-kedifa-csr-url}
"${request-{{ csr }}:connection-csr-certificate}"
{% do part_list.append('aikc-%s' % (csr,)) %}
[aikc-{{ csr }}]
...
...
@@ -622,7 +610,7 @@ recipe = plone.recipe.command
{#- The called command is smart enough to survive errors and retry #}
stop-on-error = False
command =
${aikc-{{ csr }}-wrapper:
rendered
}
${aikc-{{ csr }}-wrapper:
wrapper-path
}
update-command = ${:command}
{% endfor %}
{% endif %} {# if aikc_enabled #}
...
...
@@ -641,7 +629,6 @@ crl = ${directory:aibcc}/crl.pem
user-ca-certificate = ${directory:aibcc}/user-ca-certificate.pem
user-crl = ${directory:aibcc}/user-crl.pem
user-created = ${directory:aibcc}/user-created
csr_id = ${directory:aibcc}/csr_id
data_dir = ${directory:aibcc}/caucase-updater
[aibcc-user-csr]
...
...
@@ -668,6 +655,7 @@ recipe = slapos.recipe.template:jinja2
context =
key caucase_url aibcc-config:caucase-url
template = inline:#!{{ software_parameter_dict['dash'] }}/bin/dash
exec {{ software_parameter_dict['bin_directory'] }}/caucase \
{# raw block to use context #}
{% raw %}
...
...
@@ -690,11 +678,12 @@ recipe = plone.recipe.command
{#- XXX: Create promise #}
stop-on-error = False
update-command = ${:command}
csr_id = ${directory:aibcc}/csr_id
command =
if ! [ -f ${aibcc-config:user-created} ] ; then
${aibcc-caucase-wrapper:rendered} --mode user --send-csr ${aibcc-user-csr:csr} > ${
aibcc-config
:csr_id} || exit 1
cut -d ' ' -f 1 ${
aibcc-config
:csr_id} || exit 1
csr_id=`cut -d ' ' -f 1 ${
aibcc-config
:csr_id}`
${aibcc-caucase-wrapper:rendered} --mode user --send-csr ${aibcc-user-csr:csr} > ${:csr_id} || exit 1
cut -d ' ' -f 1 ${:csr_id} || exit 1
csr_id=`cut -d ' ' -f 1 ${:csr_id}`
sleep 1
${aibcc-caucase-wrapper:rendered} --mode user --get-crt $csr_id ${aibcc-config:key} || exit 1
touch ${aibcc-config:user-created}
...
...
@@ -715,43 +704,32 @@ command =
mode='user',
)}}
[aibcc-check-certificate]
recipe = slapos.recipe.template:jinja2
rendered = ${directory:bin}/aibcc-check-certificate
template = inline:
import sys
import ssl
import urlparse
certificate = sys.argv[2]
parsed = urlparse.urlparse(sys.argv[1])
got_certificate = ssl.get_server_certificate((parsed.hostname, parsed.port))
sys.exit(0) if certificate.strip() == got_certificate.strip() else sys.exit(1)
[aibcc-sign-promise-wrapper]
recipe = slapos.cookbook:wrapper
command-line = {{ software_parameter_dict['caucase_csr_sign_check'] }}
${aibcc-config:caucase-url}
${aibcc-config:ca-certificate}
${aibcc-config:key}
wrapper-path = ${directory:bin}/aibcc-caucase-csr-sign-check
{% do part_list.append('aibcc-sign-promise') %}
[aibcc-sign-promise]
<= monitor-promise-base
promise = check_command_execute
name = ${:_buildout_section_name_}.py
config-command = ${aibcc-sign-promise-wrapper:wrapper-path}
{% for csr in frontend_list %}
[aibcc-{{ csr }}-wrapper]
{# jinja2 instead of wrapper is used with context to remove py'u' #}
recipe = slapos.recipe.template:jinja2
context =
key csr_id_url request-{{ csr }}:connection-backend-client-csr_id-url
key csr_id_certificate request-{{ csr }}:connection-csr_id-certificate
template = inline:#!{{ software_parameter_dict['dash'] }}/bin/dash
test -f ${directory:aibcc}/{{ csr }}-done && exit 0
${buildout:executable} ${aibcc-check-certificate:rendered} \
{# raw block to use context #}
{% raw %}
{{ csr_id_url }} \
"""{{ csr_id_certificate }}"""
{% endraw %}
if [ $? = 0 ]; then
csr_id=`{{ software_parameter_dict['curl'] }}/bin/curl -s -k -g \
{% raw %}
{{ csr_id_url }} \
{% endraw %}
` || exit 1
${aibcc-caucase-wrapper:rendered} --user-key ${aibcc-config:key} --sign-csr $csr_id && touch ${directory:aibcc}/{{ csr }}-done
fi
rendered = ${directory:bin}/aibcc-{{ csr }}-wrapper
mode = 0700
recipe = slapos.cookbook:wrapper
wrapper-path = ${directory:bin}/aibcc-{{ csr }}-wrapper
command-line = {{ software_parameter_dict['smart_caucase_signer'] }}
${aibcc-config:caucase-url}
${aibcc-config:ca-certificate}
${directory:aibcc}/{{ csr }}-done
${aibcc-config:key}
${request-{{ csr }}:connection-backend-client-csr-url}
"${request-{{ csr }}:connection-csr-certificate}"
{% do part_list.append('aibcc-%s' % (csr,)) %}
[aibcc-{{ csr }}]
...
...
@@ -759,7 +737,7 @@ recipe = plone.recipe.command
{#- The called command is smart enough to survive errors and retry #}
stop-on-error = False
command =
${aibcc-{{ csr }}-wrapper:
rendered
}
${aibcc-{{ csr }}-wrapper:
wrapper-path
}
update-command = ${:command}
{% endfor %}
{% endif %} {# if aibcc_enabled #}
...
...
software/caddy-frontend/instance-caddy-input-schema.json
View file @
2b4d054c
...
...
@@ -69,7 +69,7 @@
},
"automatic-internal-kedifa-caucase-csr"
:
{
"default"
:
"true"
,
"description"
:
"Automatically signs CSRs sent to KeDiFa's caucase, based on
csr_id and matching certificate
."
,
"description"
:
"Automatically signs CSRs sent to KeDiFa's caucase, based on
CSR comparison
."
,
"enum"
:
[
"true"
,
"false"
...
...
@@ -79,7 +79,7 @@
},
"automatic-internal-backend-client-caucase-csr"
:
{
"default"
:
"true"
,
"description"
:
"Automatically signs CSRs sent to Backend Client's caucase, based on
csr_id and matching certificate
."
,
"description"
:
"Automatically signs CSRs sent to Backend Client's caucase, based on
CSR comparison
."
,
"enum"
:
[
"true"
,
"false"
...
...
software/caddy-frontend/instance-kedifa.cfg.in
View file @
2b4d054c
...
...
@@ -17,8 +17,7 @@ parts =
caucased
caucased-promise
caucase-updater
expose-csr_id
promise-expose-csr_id-ip-port
promise-expose-csr-ip-port
promise-logrotate-setup
[monitor-instance-parameter]
...
...
@@ -74,10 +73,10 @@ backup-caucased = ${:backup}/caucased
# reservation
reservation = ${:srv}/reservation
#
csr_id
publication
csr_id = ${:srv}/csr_id
certificate-csr_id = ${:var}/certificate-csr_id
expose-csr
_id-var = ${:var}/expose-csr_id
#
CSR
publication
expose-csr = ${:srv}/expose-csr
expose-csr-etc = ${:etc}/expose-csr
expose-csr
-var = ${:var}/expose-csr
[kedifa-csr]
recipe = plone.recipe.command
...
...
@@ -113,30 +112,19 @@ stop-on-error = True
template_csr='${kedifa-csr:template-csr}'
)}}
[
store-csr_id
]
[
expose-csr-link-csr
]
recipe = plone.recipe.command
csr_id_path = ${directory:csr_id}/csr_id.txt
csr_work_path = ${directory:tmp}/${:_buildout_section_name_}
filename = csr.pem
csr_path = ${directory:expose-csr}/${:filename}
stop-on-error = False
update-command = ${:command}
command =
[ -f {:csr_id_path} ] && exit 0
{{ software_parameter_dict['bin_directory'] }}/caucase \
--ca-url {{ caucase_url }} \
--ca-crt ${kedifa-config:ca-certificate} \
--crl ${kedifa-config:crl} \
--mode service \
{#- XXX: Need to use caucase-updater-csr:csr, as there is no way to obatin csr_id from caucase-updater -#}
{#- XXX: nor directly path to the generated CSR #}
--send-csr ${caucase-updater-csr:csr} > ${:csr_work_path} && \
cut -d ' ' -f 1 ${:csr_work_path} > ${:csr_id_path}
[certificate-csr_id]
ln -sf ${caucase-updater-csr:csr} ${:csr_path}
[expose-csr-certificate]
recipe = plone.recipe.command
certificate = ${directory:
certificate-csr_id
}/certificate.pem
key = ${directory:
certificate-csr_id
}/key.pem
certificate = ${directory:
expose-csr-etc
}/certificate.pem
key = ${directory:
expose-csr-etc
}/key.pem
{#- Can be stopped on error, as does not rely on self provided service #}
stop-on-error = True
...
...
@@ -148,70 +136,44 @@ command =
-days 5 -nodes -x509 -keyout ${:key} -out ${:certificate}
fi
[expose-csr
_id
-configuration]
[expose-csr-configuration]
ip = {{ instance_parameter_dict['ipv6-random'] }}
port = 17000
key = ${certificate-csr_id:key}
certificate = ${certificate-csr_id:certificate}
error-log = ${directory:log}/expose-csr_id.log
[expose-csr_id-template]
key = ${expose-csr-certificate:key}
certificate = ${expose-csr-certificate:certificate}
error-log = ${directory:log}/expose-csr.log
var = ${directory:expose-csr-var}
pid = ${directory:var}/nginx-expose-csr.pid
root = ${directory:expose-csr}
nginx_mime = {{ software_parameter_dict['nginx_mime'] }}
[expose-csr-template]
recipe = slapos.recipe.template:jinja2
var = ${directory:expose-csr_id-var}
pid = ${directory:var}/nginx-expose-csr_id.pid
rendered = ${directory:etc}/nginx-expose-csr_id.conf
template = inline:
daemon off;
pid ${:pid};
error_log ${expose-csr_id-configuration:error-log};
events {
}
http {
include {{ software_parameter_dict['nginx_mime'] }};
server {
server_name_in_redirect off;
port_in_redirect off;
error_log ${expose-csr_id-configuration:error-log};
access_log /dev/null;
listen [${expose-csr_id-configuration:ip}]:${expose-csr_id-configuration:port} ssl;
ssl_certificate ${expose-csr_id-configuration:certificate};
ssl_certificate_key ${expose-csr_id-configuration:key};
default_type application/octet-stream;
client_body_temp_path ${:var} 1 2;
proxy_temp_path ${:var} 1 2;
fastcgi_temp_path ${:var} 1 2;
uwsgi_temp_path ${:var} 1 2;
scgi_temp_path ${:var} 1 2;
location / {
alias ${directory:csr_id}/;
autoindex off;
sendfile on;
sendfile_max_chunk 1m;
}
}
}
[promise-expose-csr_id-ip-port]
rendered = ${directory:expose-csr-etc}/nginx.conf
template = {{ software_parameter_dict['template_expose_csr_nginx_conf'] }}
context =
section configuration expose-csr-configuration
[promise-expose-csr-ip-port]
<= monitor-promise-base
promise = check_socket_listening
name = expose-csr
_id
-ip-port-listening.py
config-host = ${expose-csr
_id
-configuration:ip}
config-port = ${expose-csr
_id
-configuration:port}
name = expose-csr-ip-port-listening.py
config-host = ${expose-csr-configuration:ip}
config-port = ${expose-csr-configuration:port}
[expose-csr_id]
depends = ${store-csr_id:command}
[expose-csr]
recipe = slapos.cookbook:wrapper
command-line = {{ software_parameter_dict['nginx'] }}
-c ${expose-csr_id-template:rendered}
-c ${expose-csr-template:rendered}
url = https://[${expose-csr-configuration:ip}]:${expose-csr-configuration:port}
wrapper-path = ${directory:service}/expose-csr
_id
wrapper-path = ${directory:service}/expose-csr
hash-existing-files = ${buildout:directory}/software_release/buildout.cfg
[
get-csr_id-certificate
]
[
expose-csr-certificate-get
]
recipe = collective.recipe.shelloutput
commands =
certificate = cat ${
certificate-csr_id
:certificate}
certificate = cat ${
expose-csr-certificate
:certificate}
[jinja2-template-base]
recipe = slapos.recipe.template:jinja2
...
...
@@ -326,8 +288,8 @@ caucase-url = {{ caucase_url }}
master-key-generate-auth-url = https://[${kedifa-config:ip}]:${kedifa-config:port}/${master-auth-random:passwd}/generateauth
master-key-upload-url = https://[${kedifa-config:ip}]:${kedifa-config:port}/${master-auth-random:passwd}?auth=
master-key-download-url = https://[${kedifa-config:ip}]:${kedifa-config:port}/${master-auth-random:passwd}
csr_id-url = https://[${expose-csr_id-configuration:ip}]:${expose-csr_id-configuration:port}/csr_id.txt
csr
_id-certificate = ${get-csr_id-certificate
:certificate}
kedifa-csr-url = ${expose-csr:url}/${expose-csr-link-csr:filename}
csr
-certificate = ${expose-csr-certificate-get
:certificate}
monitor-base-url = ${monitor-instance-parameter:monitor-base-url}
[promise-logrotate-setup]
...
...
software/caddy-frontend/instance-output-schema.json
View file @
2b4d054c
...
...
@@ -46,24 +46,28 @@
"description"
:
"Total amount of Slaves allocated to the Instance (include blocked ones)"
,
"type"
:
"integer"
},
"kedifa-csr
_id
-url"
:
{
"description"
:
"URL on which KeDiFa publishes its
csr_id
sent to caucase."
,
"kedifa-csr-url"
:
{
"description"
:
"URL on which KeDiFa publishes its
CSR
sent to caucase."
,
"type"
:
"string"
},
"kedifa-csr
_id
-certificate"
:
{
"description"
:
"Certificate used to serve data on kedifa-csr
_id
-url."
,
"kedifa-csr-certificate"
:
{
"description"
:
"Certificate used to serve data on kedifa-csr-url."
,
"type"
:
"string"
},
"kedifa-caucase-url"
:
{
"description"
:
"Url to caucase used by KeDiFa."
,
"type"
:
"string"
},
"caddy-frontend-N-
csr_id
-url"
:
{
"description"
:
"URL on which frontend node number N publishes its
csr_id
sent to caucase."
,
"caddy-frontend-N-
kedifa-csr
-url"
:
{
"description"
:
"URL on which frontend node number N publishes its
Kedifa CSR
sent to caucase."
,
"type"
:
"string"
},
"caddy-frontend-N-csr_id-certificate"
:
{
"description"
:
"Certificate used to serve data on caddy-frontend-N-csr_id-url."
,
"caddy-frontend-N-backend-client-csr-url"
:
{
"description"
:
"URL on which frontend node number N publishes its Backend Client CSR sent to caucase."
,
"type"
:
"string"
},
"caddy-frontend-N-csr-certificate"
:
{
"description"
:
"Certificate used to serve data on CSRs."
,
"type"
:
"string"
},
"warning-slave-dict"
:
{
...
...
software/caddy-frontend/setup.py
View file @
2b4d054c
...
...
@@ -9,10 +9,15 @@ setup(
'validators'
,
'furl'
,
'orderedmultidict'
,
'caucase'
,
],
entry_points
=
{
'zc.buildout'
:
[
'default = caddyprofiledummy:Recipe'
,
],
'console_scripts'
:
[
'smart-caucase-signer = caddyprofiledummy:smart_sign'
,
'caucase-csr-sign-check = caddyprofiledummy:caucase_csr_sign_check'
]
}
)
software/caddy-frontend/software.cfg
View file @
2b4d054c
...
...
@@ -99,6 +99,7 @@ template_trafficserver_records_config = ${template-trafficserver-records-config:
template_trafficserver_storage_config = ${template-trafficserver-storage-config:target}
template_validate_script = ${template-validate-script:target}
template_wrapper = ${template-wrapper:output}
template_expose_csr_nginx_conf = ${template-expose-csr-nginx-conf:target}
# directories
bin_directory = ${buildout:bin-directory}
...
...
@@ -123,6 +124,8 @@ kedifa-updater = ${:bin_directory}/kedifa-updater
kedifa-csr = ${:bin_directory}/kedifa-csr
xz_location = ${xz-utils:location}
htpasswd = ${:bin_directory}/htpasswd
smart_caucase_signer = ${:bin_directory}/smart-caucase-signer
caucase_csr_sign_check = ${:bin_directory}/caucase-csr-sign-check
[template]
recipe = slapos.recipe.template:jinja2
...
...
@@ -203,6 +206,9 @@ output = ${buildout:directory}/template-wrapper.cfg
[template-backend-haproxy-rsyslogd-conf]
<=download-template
[template-expose-csr-nginx-conf]
<=download-template
[versions]
kedifa = 0.0.6
# Modern KeDiFa requires zc.lockfile
...
...
software/caddy-frontend/templates/apache-custom-slave-list.cfg.in
View file @
2b4d054c
...
...
@@ -453,9 +453,9 @@ recipe = slapos.cookbook:publish.serialised
slave-instance-information-list = {{ json_module.dumps(slave_instance_information_list, sort_keys=True) }}
{%- endif %}
monitor-base-url = {{ monitor_base_url }}
csr_id-url = https://[${expose-csr_id-configuration:ip}]:${expose-csr_id-configuration:port}/csr_id.txt
backend-client-csr
_id-url = https://[${expose-csr_id-configuration:ip}]:${expose-csr_id-configuration:port}/backend-haproxy-csr_id.txt
csr
_id-certificate = ${get-csr_id-certificate
:certificate}
kedifa-csr-url = ${expose-csr:url}/${expose-csr-link-csr-kedifa:filename}
backend-client-csr
-url = ${expose-csr:url}/${expose-csr-link-csr-backend-haproxy:filename}
csr
-certificate = ${expose-csr-certificate-get
:certificate}
{%- set furled = furl_module.furl(backend_haproxy_configuration['statistic-frontend-secure_access']) %}
{%- do furled.set(username = backend_haproxy_configuration['statistic-username']) %}
{%- do furled.set(password = backend_haproxy_configuration['statistic-password']) %}
...
...
@@ -514,23 +514,23 @@ request-timeout = {{ dumps('' ~ configuration['request-timeout']) }}
backend-connect-timeout = {{ dumps('' ~ configuration['backend-connect-timeout']) }}
backend-connect-retries = {{ dumps('' ~ configuration['backend-connect-retries']) }}
[
store-backend-haproxy-csr_id
]
[
template-expose-csr-link-csr
]
recipe = plone.recipe.command
csr_id_path = {{ directory['csr_id'] }}/backend-haproxy-csr_id.txt
csr_work_path = {{ directory['tmp'] }}/${:_buildout_section_name_}
stop-on-error = False
update-command = ${:command}
csr_path = {{ directory['expose-csr'] }}/${:filename}
command =
[ -f ${:csr_id_path} ] && exit 0
{{ software_parameter_dict['bin_directory'] }}/caucase \
--ca-url {{ backend_haproxy_configuration['caucase-url'] }} \
--ca-crt {{ backend_haproxy_configuration['cas-ca-certificate'] }} \
--crl {{ backend_haproxy_configuration['crl'] }} \
--mode service \
--send-csr {{ backend_haproxy_configuration['csr'] }} > ${:csr_work_path} && \
cut -d ' ' -f 1 ${:csr_work_path} > ${:csr_id_path}
ln -sf ${:csr} ${:csr_path}
[expose-csr-link-csr-backend-haproxy]
<= template-expose-csr-link-csr
filename = backend-haproxy-csr.pem
csr = {{ backend_haproxy_configuration['csr'] }}
[expose-csr-link-csr-kedifa]
<= template-expose-csr-link-csr
filename = kedifa-csr.pem
csr = {{ kedifa_configuration['csr'] }}
##<Backend haproxy>
...
...
@@ -551,33 +551,14 @@ parts +=
publish-caddy-information
tunnel-6to4-base-http_port
tunnel-6to4-base-https_port
expose-csr_id
promise-expose-csr_id-ip-port
promise-expose-csr-ip-port
cache-access = {{ cache_access }}
[
store-csr_id
]
[
expose-csr-certificate
]
recipe = plone.recipe.command
csr_id_path = {{ directory['csr_id'] }}/csr_id.txt
csr_work_path = {{ directory['tmp'] }}/${:_buildout_section_name_}
stop-on-error = False
update-command = ${:command}
command =
[ -f ${:csr_id_path} ] && exit 0
{{ software_parameter_dict['bin_directory'] }}/caucase \
--ca-url {{ kedifa_configuration['caucase-url'] }} \
--ca-crt {{ kedifa_configuration['cas-ca-certificate'] }} \
--crl {{ kedifa_configuration['crl'] }} \
--mode service \
--send-csr {{ kedifa_configuration['csr'] }} > ${:csr_work_path} && \
cut -d ' ' -f 1 ${:csr_work_path} > ${:csr_id_path}
[certificate-csr_id]
recipe = plone.recipe.command
certificate = {{ directory['certificate-csr_id'] }}/certificate.pem
key = {{ directory['certificate-csr_id'] }}/key.pem
certificate = {{ directory['expose-csr-etc'] }}/certificate.pem
key = {{ directory['expose-csr-etc'] }}/key.pem
{#- Can be stopped on error, as does not rely on self provided service #}
stop-on-error = True
...
...
@@ -585,76 +566,48 @@ update-command = ${:command}
command =
if ! [ -f ${:key} ] && ! [ -f ${:certificate} ] ; then
openssl req -new -newkey rsa:2048 -sha256 -subj \
"/O={{ expose_csr_
id_organization }}/OU={{ expose_csr_id
_organizational_unit }}/CN=${slap-configuration:ipv6-random}" \
"/O={{ expose_csr_
organization }}/OU={{ expose_csr
_organizational_unit }}/CN=${slap-configuration:ipv6-random}" \
-days 5 -nodes -x509 -keyout ${:key} -out ${:certificate}
fi
[expose-csr
_id
-configuration]
[expose-csr-configuration]
ip = ${slap-configuration:ipv6-random}
port = 17001
key = ${certificate-csr_id:key}
certificate = ${certificate-csr_id:certificate}
error-log = {{ directory['log'] }}/expose-csr_id.log
[expose-csr_id-template]
key = ${expose-csr-certificate:key}
certificate = ${expose-csr-certificate:certificate}
error-log = {{ directory['log'] }}/expose-csr.log
var = {{ directory['expose-csr-var'] }}
pid = {{ directory['var'] }}/nginx-expose-csr.pid
root = {{ directory['expose-csr'] }}
nginx_mime = {{ software_parameter_dict['nginx_mime'] }}
[expose-csr-template]
recipe = slapos.recipe.template:jinja2
var = {{ directory['expose-csr_id-var'] }}
pid = {{ directory['var'] }}/nginx-expose-csr_id.pid
rendered = {{ directory['etc'] }}/nginx-expose-csr_id.conf
template = inline:
daemon off;
pid ${:pid};
error_log ${expose-csr_id-configuration:error-log};
events {
}
http {
include {{ software_parameter_dict['nginx_mime'] }};
server {
server_name_in_redirect off;
port_in_redirect off;
error_log ${expose-csr_id-configuration:error-log};
access_log /dev/null;
listen [${expose-csr_id-configuration:ip}]:${expose-csr_id-configuration:port} ssl;
ssl_certificate ${expose-csr_id-configuration:certificate};
ssl_certificate_key ${expose-csr_id-configuration:key};
default_type application/octet-stream;
client_body_temp_path ${:var} 1 2;
proxy_temp_path ${:var} 1 2;
fastcgi_temp_path ${:var} 1 2;
uwsgi_temp_path ${:var} 1 2;
scgi_temp_path ${:var} 1 2;
location / {
alias {{ directory['csr_id'] }}/;
autoindex off;
sendfile on;
sendfile_max_chunk 1m;
}
}
}
[promise-expose-csr_id-ip-port]
rendered = {{ directory['expose-csr-etc'] }}/nginx.conf
template = {{ template_expose_csr_nginx_conf }}
context =
section configuration expose-csr-configuration
[promise-expose-csr-ip-port]
<= monitor-promise-base
promise = check_socket_listening
name = expose-csr_id-ip-port-listening.py
config-host = ${expose-csr_id-configuration:ip}
config-port = ${expose-csr_id-configuration:port}
[expose-csr_id]
depends =
${store-csr_id:command}
${store-backend-haproxy-csr_id:command}
name = expose-csr-ip-port-listening.py
config-host = ${expose-csr-configuration:ip}
config-port = ${expose-csr-configuration:port}
[expose-csr]
recipe = slapos.cookbook:wrapper
command-line = {{ software_parameter_dict['nginx'] }}
-c ${expose-csr_id-template:rendered}
-c ${expose-csr-template:rendered}
url = https://[${expose-csr-configuration:ip}]:${expose-csr-configuration:port}
wrapper-path = {{ directory['service'] }}/expose-csr
_id
wrapper-path = {{ directory['service'] }}/expose-csr
hash-existing-files = ${buildout:directory}/software_release/buildout.cfg
[
get-csr_id-certificate
]
[
expose-csr-certificate-get
]
recipe = collective.recipe.shelloutput
commands =
certificate = cat ${
certificate-csr_id
:certificate}
certificate = cat ${
expose-csr-certificate
:certificate}
[promise-logrotate-setup]
<= monitor-promise-base
...
...
software/caddy-frontend/templates/expose-csr-nginx.conf.in
0 → 100644
View file @
2b4d054c
daemon off;
pid {{ configuration['pid'] }};
error_log {{ configuration['error-log'] }};
events {
}
http {
include {{ configuration['nginx_mime'] }};
server {
server_name_in_redirect off;
port_in_redirect off;
error_log {{ configuration['error-log'] }};
access_log /dev/null;
listen [{{ configuration['ip'] }}]:{{ configuration['port'] }} ssl;
ssl_certificate {{ configuration['certificate'] }};
ssl_certificate_key {{ configuration['key'] }};
default_type application/octet-stream;
client_body_temp_path {{ configuration['var'] }} 1 2;
proxy_temp_path {{ configuration['var'] }} 1 2;
fastcgi_temp_path {{ configuration['var'] }} 1 2;
uwsgi_temp_path {{ configuration['var'] }} 1 2;
scgi_temp_path {{ configuration['var'] }} 1 2;
location / {
alias {{ configuration['root'] }}/;
autoindex off;
sendfile on;
sendfile_max_chunk 1m;
}
}
}
software/caddy-frontend/test/test.py
View file @
2b4d054c
...
...
@@ -53,6 +53,9 @@ import sys
import
logging
import
random
import
string
from
slapos.slap.standalone
import
SlapOSNodeInstanceError
import
caucase.client
import
caucase.utils
try
:
...
...
@@ -741,25 +744,41 @@ class HttpFrontendTestCase(SlapOSInstanceTestCase):
self
.
logger
.
warning
(
'Process %s still alive'
%
(
self
.
server_https_auth_process
,
))
@
classmethod
def
_fetchKedifaCaucaseCaCertificateFile
(
cls
,
parameter_dict
):
ca_certificate
=
requests
.
get
(
parameter_dict
[
'kedifa-caucase-url'
]
+
'/cas/crt/ca.crt.pem'
)
assert
ca_certificate
.
status_code
==
httplib
.
OK
cls
.
kedifa_caucase_ca_certificate_file
=
os
.
path
.
join
(
cls
.
working_directory
,
'kedifa-caucase.ca.crt.pem'
)
open
(
cls
.
kedifa_caucase_ca_certificate_file
,
'w'
).
write
(
ca_certificate
.
text
)
@
classmethod
def
_fetchBackendClientCaCertificateFile
(
cls
,
parameter_dict
):
ca_certificate
=
requests
.
get
(
parameter_dict
[
'backend-client-caucase-url'
]
+
'/cas/crt/ca.crt.pem'
)
assert
ca_certificate
.
status_code
==
httplib
.
OK
cls
.
backend_client_caucase_ca_certificate_file
=
os
.
path
.
join
(
cls
.
working_directory
,
'backend-client-caucase.ca.crt.pem'
)
open
(
cls
.
backend_client_caucase_ca_certificate_file
,
'w'
).
write
(
ca_certificate
.
text
)
@
classmethod
def
setUpMaster
(
cls
):
# run partition until AIKC finishes
cls
.
runComputerPartitionUntil
(
cls
.
untilNotReadyYetNotInMasterKeyGenerateAuthUrl
)
parameter_dict
=
cls
.
requestDefaultInstance
().
getConnectionParameterDict
()
ca_certificate
=
requests
.
get
(
parameter_dict
[
'kedifa-caucase-url'
]
+
'/cas/crt/ca.crt.pem'
)
assert
ca_certificate
.
status_code
==
httplib
.
OK
cls
.
ca_certificate_file
=
os
.
path
.
join
(
cls
.
working_directory
,
'ca.crt.pem'
)
open
(
cls
.
ca_certificate_file
,
'w'
).
write
(
ca_certificate
.
text
)
cls
.
_fetchKedifaCaucaseCaCertificateFile
(
parameter_dict
)
auth
=
requests
.
get
(
parameter_dict
[
'master-key-generate-auth-url'
],
verify
=
cls
.
ca_certificate_file
)
verify
=
cls
.
kedifa_caucase_
ca_certificate_file
)
assert
auth
.
status_code
==
httplib
.
CREATED
upload
=
requests
.
put
(
parameter_dict
[
'master-key-upload-url'
]
+
auth
.
text
,
data
=
cls
.
key_pem
+
cls
.
certificate_pem
,
verify
=
cls
.
ca_certificate_file
)
verify
=
cls
.
kedifa_caucase_
ca_certificate_file
)
assert
upload
.
status_code
==
httplib
.
CREATED
cls
.
runKedifaUpdater
()
...
...
@@ -1063,6 +1082,17 @@ class HttpFrontendTestCase(SlapOSInstanceTestCase):
cls.stopServerProcess()
super(HttpFrontendTestCase, cls)._cleanup(snapshot_name)
@classmethod
def _workingDirectorySetUp(cls):
# do working directory
cls.working_directory = os.path.join(os.path.realpath(
os.environ.get(
'
SLAPOS_TEST_WORKING_DIR
',
os.path.join(os.getcwd(), '
.
slapos
'))),
'
caddy
-
frontend
-
test
')
if not os.path.isdir(cls.working_directory):
os.mkdir(cls.working_directory)
@classmethod
def setUpClass(cls):
try:
...
...
@@ -1084,19 +1114,12 @@ class HttpFrontendTestCase(SlapOSInstanceTestCase):
super(HttpFrontendTestCase, cls).setUpClass()
try:
cls._workingDirectorySetUp()
# expose instance directory
cls.instance_path = cls.slap.instance_directory
# expose software directory, extract from found computer partition
cls.software_path = os.path.realpath(os.path.join(
cls.computer_partition_root_path, '
software_release
'))
# do working directory
cls.working_directory = os.path.join(os.path.realpath(
os.environ.get(
'
SLAPOS_TEST_WORKING_DIR
',
os.path.join(os.getcwd(), '
.
slapos
'))),
'
caddy
-
frontend
-
test
')
if not os.path.isdir(cls.working_directory):
os.mkdir(cls.working_directory)
cls.setUpMaster()
cls.waitForCaddy()
except BaseException:
...
...
@@ -1335,6 +1358,120 @@ class TestMasterRequest(HttpFrontendTestCase, TestDataMixin):
)
class
TestMasterAIKCDisabledAIBCCDisabledRequest
(
HttpFrontendTestCase
,
TestDataMixin
):
@
classmethod
def
getInstanceParameterDict
(
cls
):
return
{
'port'
:
HTTPS_PORT
,
'plain_http_port'
:
HTTP_PORT
,
'kedifa_port'
:
KEDIFA_PORT
,
'caucase_port'
:
CAUCASE_PORT
,
'automatic-internal-kedifa-caucase-csr'
:
'false'
,
'automatic-internal-backend-client-caucase-csr'
:
'false'
,
}
@
classmethod
def
_setUpClass
(
cls
):
instance_max_retry
=
cls
.
instance_max_retry
try
:
cls
.
instance_max_retry
=
3
super
(
TestMasterAIKCDisabledAIBCCDisabledRequest
,
cls
).
_setUpClass
()
except
SlapOSNodeInstanceError
:
# Note: SLAPOS_TEST_DEBUG=1 will interrupt
pass
else
:
raise
ValueError
(
'_setUpClass unexpected success'
)
# Cluster requested without automatic certificate handling will never
# stabilize, as nodes can't join to the cluster, so the user is required
# to first manually create key and certificate for himself, then manually
# create certificates for services
cls
.
_workingDirectorySetUp
()
_
,
kedifa_key_pem
,
_
,
kedifa_csr_pem
=
createCSR
(
'Kedifa User'
)
_
,
backend_client_key_pem
,
_
,
backend_client_csr_pem
=
createCSR
(
'Backend Client User'
)
parameter_dict
=
cls
.
requestDefaultInstance
(
).
getConnectionParameterDict
()
cls
.
_fetchKedifaCaucaseCaCertificateFile
(
parameter_dict
)
cls
.
_fetchBackendClientCaCertificateFile
(
parameter_dict
)
with
open
(
cls
.
kedifa_caucase_ca_certificate_file
)
as
fh
:
kedifa_ca_pem
=
fh
.
read
()
with
open
(
cls
.
backend_client_caucase_ca_certificate_file
)
as
fh
:
backend_client_ca_pem
=
fh
.
read
()
kedifa_caucase_url
=
parameter_dict
[
'kedifa-caucase-url'
]
backend_client_caucase_url
=
parameter_dict
[
'backend-client-caucase-url'
]
# Simulate human: create user keys
def
getCauCertificate
(
ca_url
,
ca_pem
,
csr_pem
):
cau_client
=
caucase
.
client
.
CaucaseClient
(
ca_url
=
ca_url
+
'/cau'
,
ca_crt_pem_list
=
caucase
.
utils
.
getCertList
(
ca_pem
),
)
csr_id
=
cau_client
.
createCertificateSigningRequest
(
csr_pem
)
return
cau_client
.
getCertificate
(
csr_id
)
kedifa_crt_pem
=
getCauCertificate
(
kedifa_caucase_url
,
kedifa_ca_pem
,
kedifa_csr_pem
)
backend_client_crt_pem
=
getCauCertificate
(
backend_client_caucase_url
,
backend_client_ca_pem
,
backend_client_csr_pem
)
kedifa_key_file
=
os
.
path
.
join
(
cls
.
working_directory
,
'kedifa-key.pem'
)
with
open
(
kedifa_key_file
,
'w'
)
as
fh
:
fh
.
write
(
kedifa_crt_pem
+
kedifa_key_pem
)
backend_client_key_file
=
os
.
path
.
join
(
cls
.
working_directory
,
'backend-client-key.pem'
)
with
open
(
backend_client_key_file
,
'w'
)
as
fh
:
fh
.
write
(
backend_client_crt_pem
+
backend_client_key_pem
)
# Simulate human: create service keys
def
signAllCasCsr
(
ca_url
,
ca_pem
,
user_key
,
pending_csr_amount
):
client
=
caucase
.
client
.
CaucaseClient
(
ca_url
=
ca_url
+
'/cas'
,
ca_crt_pem_list
=
caucase
.
utils
.
getCertList
(
ca_pem
),
user_key
=
user_key
)
pending_csr_list
=
client
.
getPendingCertificateRequestList
()
assert
len
(
pending_csr_list
)
==
pending_csr_amount
for
csr_entry
in
pending_csr_list
:
client
.
createCertificate
(
int
(
csr_entry
[
'id'
]))
signAllCasCsr
(
kedifa_caucase_url
,
kedifa_ca_pem
,
kedifa_key_file
,
2
)
signAllCasCsr
(
backend_client_caucase_url
,
backend_client_ca_pem
,
backend_client_key_file
,
1
)
# Continue instance processing, copy&paste from
# slapos.testing.testcase.SlapOSInstanceTestCase._setUpClass
# as we hack a lot
cls
.
instance_max_retry
=
instance_max_retry
cls
.
waitForInstance
()
cls
.
computer_partition
=
cls
.
requestDefaultInstance
()
cls
.
computer_partition_root_path
=
os
.
path
.
join
(
cls
.
slap
.
_instance_root
,
cls
.
computer_partition
.
getId
())
def
test
(
self
):
parameter_dict
=
self
.
parseConnectionParameterDict
()
self
.
assertKeyWithPop
(
'monitor-setup-url'
,
parameter_dict
)
self
.
assertBackendHaproxyStatisticUrl
(
parameter_dict
)
self
.
assertKedifaKeysWithPop
(
parameter_dict
,
'master-'
)
self
.
assertRejectedSlavePromiseEmptyWithPop
(
parameter_dict
)
self
.
assertKeyWithPop
(
'kedifa-csr-certificate'
,
parameter_dict
)
self
.
assertKeyWithPop
(
'kedifa-csr-url'
,
parameter_dict
)
self
.
assertKeyWithPop
(
'caddy-frontend-1-kedifa-csr-url'
,
parameter_dict
)
self
.
assertKeyWithPop
(
'caddy-frontend-1-backend-client-csr-url'
,
parameter_dict
)
self
.
assertKeyWithPop
(
'caddy-frontend-1-csr-certificate'
,
parameter_dict
)
self
.
assertEqual
(
{
'monitor-base-url'
:
'https://[%s]:8401'
%
self
.
_ipv6_address
,
'backend-client-caucase-url'
:
'http://[%s]:8990'
%
self
.
_ipv6_address
,
'domain'
:
'None'
,
'accepted-slave-amount'
:
'0'
,
'rejected-slave-amount'
:
'0'
,
'slave-amount'
:
'0'
,
'rejected-slave-dict'
:
{}},
parameter_dict
)
class
TestSlave
(
SlaveHttpFrontendTestCase
,
TestDataMixin
):
@
classmethod
def
getInstanceParameterDict
(
cls
):
...
...
@@ -1582,7 +1719,7 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
'enable_cache'
:
True
,
'disable-via-header'
:
True
,
},
'enable_cache-https-only'
:
{
'enable_cache-https-only
-false
'
:
{
'url'
:
cls
.
backend_url
,
'https-only'
:
False
,
'enable_cache'
:
True
,
...
...
@@ -2535,7 +2672,7 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
# as now the place to put the key is known put the key there
auth
=
requests
.
get
(
generate_auth
,
verify
=
self
.
ca_certificate_file
)
verify
=
self
.
kedifa_caucase_
ca_certificate_file
)
self
.
assertEqual
(
httplib
.
CREATED
,
auth
.
status_code
)
data
=
self
.
customdomain_ca_certificate_pem
+
\
...
...
@@ -2545,7 +2682,7 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
upload
=
requests
.
put
(
upload_url
+
auth
.
text
,
data
=
data
,
verify
=
self
.
ca_certificate_file
)
verify
=
self
.
kedifa_caucase_
ca_certificate_file
)
self
.
assertEqual
(
httplib
.
CREATED
,
upload
.
status_code
)
self
.
runKedifaUpdater
()
...
...
@@ -2585,7 +2722,7 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
# as now the place to put the key is known put the key there
auth
=
requests
.
get
(
generate_auth
,
verify
=
self
.
ca_certificate_file
)
verify
=
self
.
kedifa_caucase_
ca_certificate_file
)
self
.
assertEqual
(
httplib
.
CREATED
,
auth
.
status_code
)
data
=
self
.
ca
.
certificate_pem
...
...
@@ -2593,7 +2730,7 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
upload
=
requests
.
put
(
upload_url
+
auth
.
text
,
data
=
data
,
verify
=
self
.
ca_certificate_file
)
verify
=
self
.
kedifa_caucase_
ca_certificate_file
)
self
.
assertEqual
(
httplib
.
UNPROCESSABLE_ENTITY
,
upload
.
status_code
)
self
.
assertEqual
(
'Key incorrect'
,
upload
.
text
)
...
...
@@ -2618,7 +2755,7 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
# as now the place to put the key is known put the key there
auth
=
requests
.
get
(
generate_auth
,
verify
=
self
.
ca_certificate_file
)
verify
=
self
.
kedifa_caucase_
ca_certificate_file
)
self
.
assertEqual
(
httplib
.
CREATED
,
auth
.
status_code
)
_
,
ca_key_pem
,
csr
,
_
=
createCSR
(
...
...
@@ -2629,7 +2766,7 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
upload
=
requests
.
put
(
upload_url
+
auth
.
text
,
data
=
data
,
verify
=
self
.
ca_certificate_file
)
verify
=
self
.
kedifa_caucase_
ca_certificate_file
)
self
.
assertEqual
(
httplib
.
CREATED
,
upload
.
status_code
)
self
.
runKedifaUpdater
()
...
...
@@ -2671,7 +2808,7 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
# as now the place to put the key is known put the key there
auth
=
requests
.
get
(
generate_auth
,
verify
=
self
.
ca_certificate_file
)
verify
=
self
.
kedifa_caucase_
ca_certificate_file
)
self
.
assertEqual
(
httplib
.
CREATED
,
auth
.
status_code
)
data
=
self
.
certificate_pem
+
self
.
key_pem
+
self
.
ca
.
certificate_pem
...
...
@@ -2679,7 +2816,7 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
upload
=
requests
.
put
(
upload_url
+
auth
.
text
,
data
=
data
,
verify
=
self
.
ca_certificate_file
)
verify
=
self
.
kedifa_caucase_
ca_certificate_file
)
self
.
assertEqual
(
httplib
.
CREATED
,
upload
.
status_code
)
self
.
runKedifaUpdater
()
...
...
@@ -2832,14 +2969,14 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
# as now the place to put the key is known put the key there
auth
=
requests
.
get
(
generate_auth
,
verify
=
self
.
ca_certificate_file
)
verify
=
self
.
kedifa_caucase_
ca_certificate_file
)
self
.
assertEqual
(
httplib
.
CREATED
,
auth
.
status_code
)
data
=
self
.
customdomain_certificate_pem
+
\
self
.
customdomain_key_pem
upload
=
requests
.
put
(
upload_url
+
auth
.
text
,
data
=
data
,
verify
=
self
.
ca_certificate_file
)
verify
=
self
.
kedifa_caucase_
ca_certificate_file
)
self
.
assertEqual
(
httplib
.
CREATED
,
upload
.
status_code
)
self
.
runKedifaUpdater
()
...
...
@@ -3699,8 +3836,8 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
result
.
headers
[
'Location'
]
)
def
test_enable_cache_https_only
(
self
):
parameter_dict
=
self
.
assertSlaveBase
(
'enable_cache-https-only'
)
def
test_enable_cache_https_only
_false
(
self
):
parameter_dict
=
self
.
assertSlaveBase
(
'enable_cache-https-only
-false
'
)
result
=
fakeHTTPSResult
(
parameter_dict
[
'domain'
],
...
...
@@ -5057,11 +5194,7 @@ class TestSlaveSlapOSMasterCertificateCompatibilityOverrideMaster(
cls
.
untilNotReadyYetNotInMasterKeyGenerateAuthUrl
)
parameter_dict
=
cls
.
requestDefaultInstance
().
getConnectionParameterDict
()
ca_certificate
=
requests
.
get
(
parameter_dict
[
'kedifa-caucase-url'
]
+
'/cas/crt/ca.crt.pem'
)
assert
ca_certificate
.
status_code
==
httplib
.
OK
cls
.
ca_certificate_file
=
os
.
path
.
join
(
cls
.
working_directory
,
'ca.crt.pem'
)
open
(
cls
.
ca_certificate_file
,
'w'
).
write
(
ca_certificate
.
text
)
cls
.
_fetchKedifaCaucaseCaCertificateFile
(
parameter_dict
)
# Do not upload certificates for the master partition
@
classmethod
...
...
@@ -5120,11 +5253,11 @@ class TestSlaveSlapOSMasterCertificateCompatibilityOverrideMaster(
self
.
requestDefaultInstance
().
getConnectionParameterDict
()
auth
=
requests
.
get
(
master_parameter_dict
[
'master-key-generate-auth-url'
],
verify
=
self
.
ca_certificate_file
)
verify
=
self
.
kedifa_caucase_
ca_certificate_file
)
requests
.
put
(
master_parameter_dict
[
'master-key-upload-url'
]
+
auth
.
text
,
data
=
key_pem
+
certificate_pem
,
verify
=
self
.
ca_certificate_file
)
verify
=
self
.
kedifa_caucase_
ca_certificate_file
)
self
.
runKedifaUpdater
()
result
=
fakeHTTPSResult
(
...
...
@@ -5147,11 +5280,7 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
cls
.
untilNotReadyYetNotInMasterKeyGenerateAuthUrl
)
parameter_dict
=
cls
.
requestDefaultInstance
().
getConnectionParameterDict
()
ca_certificate
=
requests
.
get
(
parameter_dict
[
'kedifa-caucase-url'
]
+
'/cas/crt/ca.crt.pem'
)
assert
ca_certificate
.
status_code
==
httplib
.
OK
cls
.
ca_certificate_file
=
os
.
path
.
join
(
cls
.
working_directory
,
'ca.crt.pem'
)
open
(
cls
.
ca_certificate_file
,
'w'
).
write
(
ca_certificate
.
text
)
cls
.
_fetchKedifaCaucaseCaCertificateFile
(
parameter_dict
)
# Do not upload certificates for the master partition
@
classmethod
...
...
@@ -5413,7 +5542,7 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
# as now the place to put the key is known put the key there
auth
=
requests
.
get
(
generate_auth
,
verify
=
self
.
ca_certificate_file
)
verify
=
self
.
kedifa_caucase_
ca_certificate_file
)
self
.
assertEqual
(
httplib
.
CREATED
,
auth
.
status_code
)
data
=
certificate_pem
+
key_pem
...
...
@@ -5421,7 +5550,7 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
upload
=
requests
.
put
(
upload_url
+
auth
.
text
,
data
=
data
,
verify
=
self
.
ca_certificate_file
)
verify
=
self
.
kedifa_caucase_
ca_certificate_file
)
self
.
assertEqual
(
httplib
.
CREATED
,
upload
.
status_code
)
self
.
runKedifaUpdater
()
...
...
@@ -5504,7 +5633,7 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
# as now the place to put the key is known put the key there
auth
=
requests
.
get
(
generate_auth
,
verify
=
self
.
ca_certificate_file
)
verify
=
self
.
kedifa_caucase_
ca_certificate_file
)
self
.
assertEqual
(
httplib
.
CREATED
,
auth
.
status_code
)
data
=
certificate_pem
+
key_pem
...
...
@@ -5512,7 +5641,7 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
upload
=
requests
.
put
(
upload_url
+
auth
.
text
,
data
=
data
,
verify
=
self
.
ca_certificate_file
)
verify
=
self
.
kedifa_caucase_
ca_certificate_file
)
self
.
assertEqual
(
httplib
.
CREATED
,
upload
.
status_code
)
self
.
runKedifaUpdater
()
...
...
@@ -5588,7 +5717,7 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
# as now the place to put the key is known put the key there
auth
=
requests
.
get
(
generate_auth
,
verify
=
self
.
ca_certificate_file
)
verify
=
self
.
kedifa_caucase_
ca_certificate_file
)
self
.
assertEqual
(
httplib
.
CREATED
,
auth
.
status_code
)
data
=
certificate_pem
+
key_pem
...
...
@@ -5596,7 +5725,7 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
upload
=
requests
.
put
(
upload_url
+
auth
.
text
,
data
=
data
,
verify
=
self
.
ca_certificate_file
)
verify
=
self
.
kedifa_caucase_
ca_certificate_file
)
self
.
assertEqual
(
httplib
.
CREATED
,
upload
.
status_code
)
self
.
runKedifaUpdater
()
...
...
@@ -5681,7 +5810,7 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
# as now the place to put the key is known put the key there
auth
=
requests
.
get
(
generate_auth
,
verify
=
self
.
ca_certificate_file
)
verify
=
self
.
kedifa_caucase_
ca_certificate_file
)
self
.
assertEqual
(
httplib
.
CREATED
,
auth
.
status_code
)
data
=
certificate_pem
+
key_pem
...
...
@@ -5689,7 +5818,7 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
upload
=
requests
.
put
(
upload_url
+
auth
.
text
,
data
=
data
,
verify
=
self
.
ca_certificate_file
)
verify
=
self
.
kedifa_caucase_
ca_certificate_file
)
self
.
assertEqual
(
httplib
.
CREATED
,
upload
.
status_code
)
self
.
runKedifaUpdater
()
...
...
@@ -5907,11 +6036,7 @@ class TestSlaveSlapOSMasterCertificateCompatibilityUpdate(
cls
.
untilNotReadyYetNotInMasterKeyGenerateAuthUrl
)
parameter_dict
=
cls
.
requestDefaultInstance
().
getConnectionParameterDict
()
ca_certificate
=
requests
.
get
(
parameter_dict
[
'kedifa-caucase-url'
]
+
'/cas/crt/ca.crt.pem'
)
assert
ca_certificate
.
status_code
==
httplib
.
OK
cls
.
ca_certificate_file
=
os
.
path
.
join
(
cls
.
working_directory
,
'ca.crt.pem'
)
open
(
cls
.
ca_certificate_file
,
'w'
).
write
(
ca_certificate
.
text
)
cls
.
_fetchKedifaCaucaseCaCertificateFile
(
parameter_dict
)
# Do not upload certificates for the master partition
instance_parameter_dict
=
{
...
...
software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultDefaultSlave.test_file_list_log-CADDY.txt
View file @
2b4d054c
T-0/var/log/monitor-httpd-access.log
T-0/var/log/monitor-httpd-error.log
T-0/var/log/slapgrid-T-0-error.log
T-1/var/log/expose-csr
_id
.log
T-1/var/log/expose-csr.log
T-1/var/log/kedifa.log
T-1/var/log/monitor-httpd-access.log
T-1/var/log/monitor-httpd-error.log
T-2/var/log/backend-haproxy.log
T-2/var/log/expose-csr
_id
.log
T-2/var/log/expose-csr.log
T-2/var/log/frontend-access.log
T-2/var/log/frontend-error.log
T-2/var/log/httpd/_dummy-cached_access_log
...
...
software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultDefaultSlave.test_file_list_plugin-CADDY.txt
View file @
2b4d054c
T-0/etc/plugin/__init__.py
T-0/etc/plugin/aibcc-sign-promise.py
T-0/etc/plugin/aibcc-user-caucase-updater.py
T-0/etc/plugin/aikc-sign-promise.py
T-0/etc/plugin/aikc-user-caucase-updater.py
T-0/etc/plugin/buildout-T-0-status.py
T-0/etc/plugin/caucased-backend-client.py
...
...
@@ -14,7 +16,7 @@ T-1/etc/plugin/__init__.py
T-1/etc/plugin/buildout-T-1-status.py
T-1/etc/plugin/caucased.py
T-1/etc/plugin/check-free-disk-space.py
T-1/etc/plugin/expose-csr
_id
-ip-port-listening.py
T-1/etc/plugin/expose-csr-ip-port-listening.py
T-1/etc/plugin/kedifa-http-reply.py
T-1/etc/plugin/monitor-bootstrap-status.py
T-1/etc/plugin/monitor-http-frontend.py
...
...
@@ -33,7 +35,7 @@ T-2/etc/plugin/caddy_frontend_ipv6_http.py
T-2/etc/plugin/caddy_frontend_ipv6_https.py
T-2/etc/plugin/caucase-updater.py
T-2/etc/plugin/check-free-disk-space.py
T-2/etc/plugin/expose-csr
_id
-ip-port-listening.py
T-2/etc/plugin/expose-csr-ip-port-listening.py
T-2/etc/plugin/frontend-caddy-configuration-promise.py
T-2/etc/plugin/monitor-bootstrap-status.py
T-2/etc/plugin/monitor-http-frontend.py
...
...
software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultDefaultSlave.test_supervisor_state-CADDY.txt
View file @
2b4d054c
...
...
@@ -12,7 +12,7 @@ T-1:caucase-updater-on-watch RUNNING
T-1:caucased-{hash-generic}-on-watch RUNNING
T-1:certificate_authority-{hash-generic}-on-watch RUNNING
T-1:crond-{hash-generic}-on-watch RUNNING
T-1:expose-csr
_id
-{hash-generic}-on-watch RUNNING
T-1:expose-csr-{hash-generic}-on-watch RUNNING
T-1:kedifa-{hash-generic}-on-watch RUNNING
T-1:kedifa-reloader EXITED
T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
...
...
@@ -26,7 +26,7 @@ T-2:backend-haproxy-safe-graceful EXITED
T-2:bootstrap-monitor EXITED
T-2:certificate_authority-{hash-generic}-on-watch RUNNING
T-2:crond-{hash-generic}-on-watch RUNNING
T-2:expose-csr
_id
-{hash-generic}-on-watch RUNNING
T-2:expose-csr-{hash-generic}-on-watch RUNNING
T-2:frontend-caddy-safe-graceful EXITED
T-2:frontend_caddy-{hash-caddy-T-2}-on-watch RUNNING
T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
...
...
software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultDefaultSlaveGlobalDisableHttp2.test_file_list_log-CADDY.txt
View file @
2b4d054c
T-0/var/log/monitor-httpd-access.log
T-0/var/log/monitor-httpd-error.log
T-0/var/log/slapgrid-T-0-error.log
T-1/var/log/expose-csr
_id
.log
T-1/var/log/expose-csr.log
T-1/var/log/kedifa.log
T-1/var/log/monitor-httpd-access.log
T-1/var/log/monitor-httpd-error.log
T-2/var/log/backend-haproxy.log
T-2/var/log/expose-csr
_id
.log
T-2/var/log/expose-csr.log
T-2/var/log/frontend-access.log
T-2/var/log/frontend-error.log
T-2/var/log/httpd/_dummy-cached_access_log
...
...
software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultDefaultSlaveGlobalDisableHttp2.test_file_list_plugin-CADDY.txt
View file @
2b4d054c
T-0/etc/plugin/__init__.py
T-0/etc/plugin/aibcc-sign-promise.py
T-0/etc/plugin/aibcc-user-caucase-updater.py
T-0/etc/plugin/aikc-sign-promise.py
T-0/etc/plugin/aikc-user-caucase-updater.py
T-0/etc/plugin/buildout-T-0-status.py
T-0/etc/plugin/caucased-backend-client.py
...
...
@@ -14,7 +16,7 @@ T-1/etc/plugin/__init__.py
T-1/etc/plugin/buildout-T-1-status.py
T-1/etc/plugin/caucased.py
T-1/etc/plugin/check-free-disk-space.py
T-1/etc/plugin/expose-csr
_id
-ip-port-listening.py
T-1/etc/plugin/expose-csr-ip-port-listening.py
T-1/etc/plugin/kedifa-http-reply.py
T-1/etc/plugin/monitor-bootstrap-status.py
T-1/etc/plugin/monitor-http-frontend.py
...
...
@@ -33,7 +35,7 @@ T-2/etc/plugin/caddy_frontend_ipv6_http.py
T-2/etc/plugin/caddy_frontend_ipv6_https.py
T-2/etc/plugin/caucase-updater.py
T-2/etc/plugin/check-free-disk-space.py
T-2/etc/plugin/expose-csr
_id
-ip-port-listening.py
T-2/etc/plugin/expose-csr-ip-port-listening.py
T-2/etc/plugin/frontend-caddy-configuration-promise.py
T-2/etc/plugin/monitor-bootstrap-status.py
T-2/etc/plugin/monitor-http-frontend.py
...
...
software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultDefaultSlaveGlobalDisableHttp2.test_supervisor_state-CADDY.txt
View file @
2b4d054c
...
...
@@ -12,7 +12,7 @@ T-1:caucase-updater-on-watch RUNNING
T-1:caucased-{hash-generic}-on-watch RUNNING
T-1:certificate_authority-{hash-generic}-on-watch RUNNING
T-1:crond-{hash-generic}-on-watch RUNNING
T-1:expose-csr
_id
-{hash-generic}-on-watch RUNNING
T-1:expose-csr-{hash-generic}-on-watch RUNNING
T-1:kedifa-{hash-generic}-on-watch RUNNING
T-1:kedifa-reloader EXITED
T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
...
...
@@ -26,7 +26,7 @@ T-2:backend-haproxy-safe-graceful EXITED
T-2:bootstrap-monitor EXITED
T-2:certificate_authority-{hash-generic}-on-watch RUNNING
T-2:crond-{hash-generic}-on-watch RUNNING
T-2:expose-csr
_id
-{hash-generic}-on-watch RUNNING
T-2:expose-csr-{hash-generic}-on-watch RUNNING
T-2:frontend-caddy-safe-graceful EXITED
T-2:frontend_caddy-{hash-caddy-T-2}-on-watch RUNNING
T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
...
...
software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultFalseSlave.test_file_list_log-CADDY.txt
View file @
2b4d054c
T-0/var/log/monitor-httpd-access.log
T-0/var/log/monitor-httpd-error.log
T-0/var/log/slapgrid-T-0-error.log
T-1/var/log/expose-csr
_id
.log
T-1/var/log/expose-csr.log
T-1/var/log/kedifa.log
T-1/var/log/monitor-httpd-access.log
T-1/var/log/monitor-httpd-error.log
T-2/var/log/backend-haproxy.log
T-2/var/log/expose-csr
_id
.log
T-2/var/log/expose-csr.log
T-2/var/log/frontend-access.log
T-2/var/log/frontend-error.log
T-2/var/log/httpd/_dummy-cached_access_log
...
...
software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultFalseSlave.test_file_list_plugin-CADDY.txt
View file @
2b4d054c
T-0/etc/plugin/__init__.py
T-0/etc/plugin/aibcc-sign-promise.py
T-0/etc/plugin/aibcc-user-caucase-updater.py
T-0/etc/plugin/aikc-sign-promise.py
T-0/etc/plugin/aikc-user-caucase-updater.py
T-0/etc/plugin/buildout-T-0-status.py
T-0/etc/plugin/caucased-backend-client.py
...
...
@@ -14,7 +16,7 @@ T-1/etc/plugin/__init__.py
T-1/etc/plugin/buildout-T-1-status.py
T-1/etc/plugin/caucased.py
T-1/etc/plugin/check-free-disk-space.py
T-1/etc/plugin/expose-csr
_id
-ip-port-listening.py
T-1/etc/plugin/expose-csr-ip-port-listening.py
T-1/etc/plugin/kedifa-http-reply.py
T-1/etc/plugin/monitor-bootstrap-status.py
T-1/etc/plugin/monitor-http-frontend.py
...
...
@@ -33,7 +35,7 @@ T-2/etc/plugin/caddy_frontend_ipv6_http.py
T-2/etc/plugin/caddy_frontend_ipv6_https.py
T-2/etc/plugin/caucase-updater.py
T-2/etc/plugin/check-free-disk-space.py
T-2/etc/plugin/expose-csr
_id
-ip-port-listening.py
T-2/etc/plugin/expose-csr-ip-port-listening.py
T-2/etc/plugin/frontend-caddy-configuration-promise.py
T-2/etc/plugin/monitor-bootstrap-status.py
T-2/etc/plugin/monitor-http-frontend.py
...
...
software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultFalseSlave.test_supervisor_state-CADDY.txt
View file @
2b4d054c
...
...
@@ -12,7 +12,7 @@ T-1:caucase-updater-on-watch RUNNING
T-1:caucased-{hash-generic}-on-watch RUNNING
T-1:certificate_authority-{hash-generic}-on-watch RUNNING
T-1:crond-{hash-generic}-on-watch RUNNING
T-1:expose-csr
_id
-{hash-generic}-on-watch RUNNING
T-1:expose-csr-{hash-generic}-on-watch RUNNING
T-1:kedifa-{hash-generic}-on-watch RUNNING
T-1:kedifa-reloader EXITED
T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
...
...
@@ -26,7 +26,7 @@ T-2:backend-haproxy-safe-graceful EXITED
T-2:bootstrap-monitor EXITED
T-2:certificate_authority-{hash-generic}-on-watch RUNNING
T-2:crond-{hash-generic}-on-watch RUNNING
T-2:expose-csr
_id
-{hash-generic}-on-watch RUNNING
T-2:expose-csr-{hash-generic}-on-watch RUNNING
T-2:frontend-caddy-safe-graceful EXITED
T-2:frontend_caddy-{hash-caddy-T-2}-on-watch RUNNING
T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
...
...
software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultFalseSlaveGlobalDisableHttp2.test_file_list_log-CADDY.txt
View file @
2b4d054c
T-0/var/log/monitor-httpd-access.log
T-0/var/log/monitor-httpd-error.log
T-0/var/log/slapgrid-T-0-error.log
T-1/var/log/expose-csr
_id
.log
T-1/var/log/expose-csr.log
T-1/var/log/kedifa.log
T-1/var/log/monitor-httpd-access.log
T-1/var/log/monitor-httpd-error.log
T-2/var/log/backend-haproxy.log
T-2/var/log/expose-csr
_id
.log
T-2/var/log/expose-csr.log
T-2/var/log/frontend-access.log
T-2/var/log/frontend-error.log
T-2/var/log/httpd/_dummy-cached_access_log
...
...
software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultFalseSlaveGlobalDisableHttp2.test_file_list_plugin-CADDY.txt
View file @
2b4d054c
T-0/etc/plugin/__init__.py
T-0/etc/plugin/aibcc-sign-promise.py
T-0/etc/plugin/aibcc-user-caucase-updater.py
T-0/etc/plugin/aikc-sign-promise.py
T-0/etc/plugin/aikc-user-caucase-updater.py
T-0/etc/plugin/buildout-T-0-status.py
T-0/etc/plugin/caucased-backend-client.py
...
...
@@ -14,7 +16,7 @@ T-1/etc/plugin/__init__.py
T-1/etc/plugin/buildout-T-1-status.py
T-1/etc/plugin/caucased.py
T-1/etc/plugin/check-free-disk-space.py
T-1/etc/plugin/expose-csr
_id
-ip-port-listening.py
T-1/etc/plugin/expose-csr-ip-port-listening.py
T-1/etc/plugin/kedifa-http-reply.py
T-1/etc/plugin/monitor-bootstrap-status.py
T-1/etc/plugin/monitor-http-frontend.py
...
...
@@ -33,7 +35,7 @@ T-2/etc/plugin/caddy_frontend_ipv6_http.py
T-2/etc/plugin/caddy_frontend_ipv6_https.py
T-2/etc/plugin/caucase-updater.py
T-2/etc/plugin/check-free-disk-space.py
T-2/etc/plugin/expose-csr
_id
-ip-port-listening.py
T-2/etc/plugin/expose-csr-ip-port-listening.py
T-2/etc/plugin/frontend-caddy-configuration-promise.py
T-2/etc/plugin/monitor-bootstrap-status.py
T-2/etc/plugin/monitor-http-frontend.py
...
...
software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultFalseSlaveGlobalDisableHttp2.test_supervisor_state-CADDY.txt
View file @
2b4d054c
...
...
@@ -12,7 +12,7 @@ T-1:caucase-updater-on-watch RUNNING
T-1:caucased-{hash-generic}-on-watch RUNNING
T-1:certificate_authority-{hash-generic}-on-watch RUNNING
T-1:crond-{hash-generic}-on-watch RUNNING
T-1:expose-csr
_id
-{hash-generic}-on-watch RUNNING
T-1:expose-csr-{hash-generic}-on-watch RUNNING
T-1:kedifa-{hash-generic}-on-watch RUNNING
T-1:kedifa-reloader EXITED
T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
...
...
@@ -26,7 +26,7 @@ T-2:backend-haproxy-safe-graceful EXITED
T-2:bootstrap-monitor EXITED
T-2:certificate_authority-{hash-generic}-on-watch RUNNING
T-2:crond-{hash-generic}-on-watch RUNNING
T-2:expose-csr
_id
-{hash-generic}-on-watch RUNNING
T-2:expose-csr-{hash-generic}-on-watch RUNNING
T-2:frontend-caddy-safe-graceful EXITED
T-2:frontend_caddy-{hash-caddy-T-2}-on-watch RUNNING
T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
...
...
software/caddy-frontend/test/test_data/test.TestMasterAIKCDisabledAIBCCDisabledRequest.test_file_list_etc_cron_d-CADDY.txt
0 → 100644
View file @
2b4d054c
T-0/etc/cron.d/logrotate
T-0/etc/cron.d/monitor-configurator
T-0/etc/cron.d/monitor-globalstate
T-0/etc/cron.d/monitor_collect
T-1/etc/cron.d/logrotate
T-1/etc/cron.d/monitor-configurator
T-1/etc/cron.d/monitor-globalstate
T-1/etc/cron.d/monitor_collect
T-2/etc/cron.d/logrotate
T-2/etc/cron.d/monitor-configurator
T-2/etc/cron.d/monitor-globalstate
T-2/etc/cron.d/monitor_collect
T-2/etc/cron.d/trafficserver-logrotate
software/caddy-frontend/test/test_data/test.TestMasterAIKCDisabledAIBCCDisabledRequest.test_file_list_log-CADDY.txt
0 → 100644
View file @
2b4d054c
T-0/var/log/monitor-httpd-access.log
T-0/var/log/monitor-httpd-error.log
T-0/var/log/slapgrid-T-0-error.log
T-1/var/log/expose-csr.log
T-1/var/log/kedifa.log
T-1/var/log/monitor-httpd-access.log
T-1/var/log/monitor-httpd-error.log
T-2/var/log/backend-haproxy.log
T-2/var/log/expose-csr.log
T-2/var/log/frontend-access.log
T-2/var/log/frontend-error.log
T-2/var/log/monitor-httpd-access.log
T-2/var/log/monitor-httpd-error.log
T-2/var/log/slave-introspection-access.log
T-2/var/log/slave-introspection-error.log
T-2/var/log/trafficserver/manager.log
software/caddy-frontend/test/test_data/test.TestMasterAIKCDisabledAIBCCDisabledRequest.test_file_list_plugin-CADDY.txt
0 → 100644
View file @
2b4d054c
T-0/etc/plugin/__init__.py
T-0/etc/plugin/buildout-T-0-status.py
T-0/etc/plugin/caucased-backend-client.py
T-0/etc/plugin/check-backend-haproxy-statistic-url-caddy-frontend-1.py
T-0/etc/plugin/check-free-disk-space.py
T-0/etc/plugin/monitor-bootstrap-status.py
T-0/etc/plugin/monitor-http-frontend.py
T-0/etc/plugin/monitor-httpd-listening-on-tcp.py
T-0/etc/plugin/rejected-slave-publish-ip-port-listening.py
T-0/etc/plugin/rejected-slave.py
T-1/etc/plugin/__init__.py
T-1/etc/plugin/buildout-T-1-status.py
T-1/etc/plugin/caucased.py
T-1/etc/plugin/check-free-disk-space.py
T-1/etc/plugin/expose-csr-ip-port-listening.py
T-1/etc/plugin/kedifa-http-reply.py
T-1/etc/plugin/monitor-bootstrap-status.py
T-1/etc/plugin/monitor-http-frontend.py
T-1/etc/plugin/monitor-httpd-listening-on-tcp.py
T-1/etc/plugin/promise-logrotate-setup.py
T-2/etc/plugin/__init__.py
T-2/etc/plugin/backend-client-caucase-updater.py
T-2/etc/plugin/backend-haproxy-configuration.py
T-2/etc/plugin/backend-haproxy-statistic-frontend.py
T-2/etc/plugin/backend_haproxy_http.py
T-2/etc/plugin/backend_haproxy_https.py
T-2/etc/plugin/buildout-T-2-status.py
T-2/etc/plugin/caddy_frontend_ipv4_http.py
T-2/etc/plugin/caddy_frontend_ipv4_https.py
T-2/etc/plugin/caddy_frontend_ipv6_http.py
T-2/etc/plugin/caddy_frontend_ipv6_https.py
T-2/etc/plugin/caucase-updater.py
T-2/etc/plugin/check-free-disk-space.py
T-2/etc/plugin/expose-csr-ip-port-listening.py
T-2/etc/plugin/frontend-caddy-configuration-promise.py
T-2/etc/plugin/monitor-bootstrap-status.py
T-2/etc/plugin/monitor-http-frontend.py
T-2/etc/plugin/monitor-httpd-listening-on-tcp.py
T-2/etc/plugin/promise-logrotate-setup.py
T-2/etc/plugin/re6st-connectivity.py
T-2/etc/plugin/slave-introspection-configuration.py
T-2/etc/plugin/slave_introspection_https.py
T-2/etc/plugin/trafficserver-cache-availability.py
T-2/etc/plugin/trafficserver-port-listening.py
software/caddy-frontend/test/test_data/test.TestMasterAIKCDisabledAIBCCDisabledRequest.test_file_list_run-CADDY.txt
0 → 100644
View file @
2b4d054c
T-0/var/run/monitor-httpd.pid
T-1/var/run/kedifa.pid
T-1/var/run/monitor-httpd.pid
T-2/var/run/backend-haproxy-rsyslogd.pid
T-2/var/run/backend-haproxy.pid
T-2/var/run/backend_haproxy_configuration_last_state
T-2/var/run/backend_haproxy_graceful_configuration_state_signature
T-2/var/run/bhlog.sck
T-2/var/run/graceful_configuration_state_signature
T-2/var/run/httpd.pid
T-2/var/run/monitor-httpd.pid
T-2/var/run/slave-introspection.pid
T-2/var/run/slave_introspection_configuration_last_state
T-2/var/run/slave_introspection_graceful_configuration_state_signature
software/caddy-frontend/test/test_data/test.TestMasterAIKCDisabledAIBCCDisabledRequest.test_supervisor_state-CADDY.txt
0 → 100644
View file @
2b4d054c
T-0:bootstrap-monitor EXITED
T-0:caucased-backend-client-{hash-generic}-on-watch RUNNING
T-0:certificate_authority-{hash-generic}-on-watch RUNNING
T-0:crond-{hash-generic}-on-watch RUNNING
T-0:monitor-httpd-{hash-generic}-on-watch RUNNING
T-0:monitor-httpd-graceful EXITED
T-0:rejected-slave-publish-{hash-rejected-slave-publish}-on-watch RUNNING
T-1:bootstrap-monitor EXITED
T-1:caucase-updater-on-watch RUNNING
T-1:caucased-{hash-generic}-on-watch RUNNING
T-1:certificate_authority-{hash-generic}-on-watch RUNNING
T-1:crond-{hash-generic}-on-watch RUNNING
T-1:expose-csr-{hash-generic}-on-watch RUNNING
T-1:kedifa-{hash-generic}-on-watch RUNNING
T-1:kedifa-reloader EXITED
T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
T-1:monitor-httpd-graceful EXITED
T-2:6tunnel-11080-{hash-generic}-on-watch RUNNING
T-2:6tunnel-11443-{hash-generic}-on-watch RUNNING
T-2:backend-client-login-certificate-caucase-updater-on-watch RUNNING
T-2:backend-haproxy-{hash-generic}-on-watch RUNNING
T-2:backend-haproxy-rsyslogd-{hash-generic}-on-watch RUNNING
T-2:backend-haproxy-safe-graceful EXITED
T-2:bootstrap-monitor EXITED
T-2:certificate_authority-{hash-generic}-on-watch RUNNING
T-2:crond-{hash-generic}-on-watch RUNNING
T-2:expose-csr-{hash-generic}-on-watch RUNNING
T-2:frontend-caddy-safe-graceful EXITED
T-2:frontend_caddy-{hash-caddy-T-2}-on-watch RUNNING
T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
T-2:kedifa-updater-{hash-generic}-on-watch RUNNING
T-2:monitor-httpd-{hash-generic}-on-watch RUNNING
T-2:monitor-httpd-graceful EXITED
T-2:slave-instrospection-nginx-{hash-generic}-on-watch RUNNING
T-2:slave-introspection-safe-graceful EXITED
T-2:trafficserver-{hash-generic}-on-watch RUNNING
T-2:trafficserver-reload EXITED
software/caddy-frontend/test/test_data/test.TestMasterRequest.test_file_list_log-CADDY.txt
View file @
2b4d054c
T-0/var/log/monitor-httpd-access.log
T-0/var/log/monitor-httpd-error.log
T-0/var/log/slapgrid-T-0-error.log
T-1/var/log/expose-csr
_id
.log
T-1/var/log/expose-csr.log
T-1/var/log/kedifa.log
T-1/var/log/monitor-httpd-access.log
T-1/var/log/monitor-httpd-error.log
T-2/var/log/backend-haproxy.log
T-2/var/log/expose-csr
_id
.log
T-2/var/log/expose-csr.log
T-2/var/log/frontend-access.log
T-2/var/log/frontend-error.log
T-2/var/log/monitor-httpd-access.log
...
...
software/caddy-frontend/test/test_data/test.TestMasterRequest.test_file_list_plugin-CADDY.txt
View file @
2b4d054c
T-0/etc/plugin/__init__.py
T-0/etc/plugin/aibcc-sign-promise.py
T-0/etc/plugin/aibcc-user-caucase-updater.py
T-0/etc/plugin/aikc-sign-promise.py
T-0/etc/plugin/aikc-user-caucase-updater.py
T-0/etc/plugin/buildout-T-0-status.py
T-0/etc/plugin/caucased-backend-client.py
...
...
@@ -14,7 +16,7 @@ T-1/etc/plugin/__init__.py
T-1/etc/plugin/buildout-T-1-status.py
T-1/etc/plugin/caucased.py
T-1/etc/plugin/check-free-disk-space.py
T-1/etc/plugin/expose-csr
_id
-ip-port-listening.py
T-1/etc/plugin/expose-csr-ip-port-listening.py
T-1/etc/plugin/kedifa-http-reply.py
T-1/etc/plugin/monitor-bootstrap-status.py
T-1/etc/plugin/monitor-http-frontend.py
...
...
@@ -33,7 +35,7 @@ T-2/etc/plugin/caddy_frontend_ipv6_http.py
T-2/etc/plugin/caddy_frontend_ipv6_https.py
T-2/etc/plugin/caucase-updater.py
T-2/etc/plugin/check-free-disk-space.py
T-2/etc/plugin/expose-csr
_id
-ip-port-listening.py
T-2/etc/plugin/expose-csr-ip-port-listening.py
T-2/etc/plugin/frontend-caddy-configuration-promise.py
T-2/etc/plugin/monitor-bootstrap-status.py
T-2/etc/plugin/monitor-http-frontend.py
...
...
software/caddy-frontend/test/test_data/test.TestMasterRequest.test_supervisor_state-CADDY.txt
View file @
2b4d054c
...
...
@@ -12,7 +12,7 @@ T-1:caucase-updater-on-watch RUNNING
T-1:caucased-{hash-generic}-on-watch RUNNING
T-1:certificate_authority-{hash-generic}-on-watch RUNNING
T-1:crond-{hash-generic}-on-watch RUNNING
T-1:expose-csr
_id
-{hash-generic}-on-watch RUNNING
T-1:expose-csr-{hash-generic}-on-watch RUNNING
T-1:kedifa-{hash-generic}-on-watch RUNNING
T-1:kedifa-reloader EXITED
T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
...
...
@@ -26,7 +26,7 @@ T-2:backend-haproxy-safe-graceful EXITED
T-2:bootstrap-monitor EXITED
T-2:certificate_authority-{hash-generic}-on-watch RUNNING
T-2:crond-{hash-generic}-on-watch RUNNING
T-2:expose-csr
_id
-{hash-generic}-on-watch RUNNING
T-2:expose-csr-{hash-generic}-on-watch RUNNING
T-2:frontend-caddy-safe-graceful EXITED
T-2:frontend_caddy-{hash-caddy-T-2}-on-watch RUNNING
T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
...
...
software/caddy-frontend/test/test_data/test.TestMasterRequestDomain.test_file_list_log-CADDY.txt
View file @
2b4d054c
T-0/var/log/monitor-httpd-access.log
T-0/var/log/monitor-httpd-error.log
T-0/var/log/slapgrid-T-0-error.log
T-1/var/log/expose-csr
_id
.log
T-1/var/log/expose-csr.log
T-1/var/log/kedifa.log
T-1/var/log/monitor-httpd-access.log
T-1/var/log/monitor-httpd-error.log
T-2/var/log/backend-haproxy.log
T-2/var/log/expose-csr
_id
.log
T-2/var/log/expose-csr.log
T-2/var/log/frontend-access.log
T-2/var/log/frontend-error.log
T-2/var/log/monitor-httpd-access.log
...
...
software/caddy-frontend/test/test_data/test.TestMasterRequestDomain.test_file_list_plugin-CADDY.txt
View file @
2b4d054c
T-0/etc/plugin/__init__.py
T-0/etc/plugin/aibcc-sign-promise.py
T-0/etc/plugin/aibcc-user-caucase-updater.py
T-0/etc/plugin/aikc-sign-promise.py
T-0/etc/plugin/aikc-user-caucase-updater.py
T-0/etc/plugin/buildout-T-0-status.py
T-0/etc/plugin/caucased-backend-client.py
...
...
@@ -14,7 +16,7 @@ T-1/etc/plugin/__init__.py
T-1/etc/plugin/buildout-T-1-status.py
T-1/etc/plugin/caucased.py
T-1/etc/plugin/check-free-disk-space.py
T-1/etc/plugin/expose-csr
_id
-ip-port-listening.py
T-1/etc/plugin/expose-csr-ip-port-listening.py
T-1/etc/plugin/kedifa-http-reply.py
T-1/etc/plugin/monitor-bootstrap-status.py
T-1/etc/plugin/monitor-http-frontend.py
...
...
@@ -33,7 +35,7 @@ T-2/etc/plugin/caddy_frontend_ipv6_http.py
T-2/etc/plugin/caddy_frontend_ipv6_https.py
T-2/etc/plugin/caucase-updater.py
T-2/etc/plugin/check-free-disk-space.py
T-2/etc/plugin/expose-csr
_id
-ip-port-listening.py
T-2/etc/plugin/expose-csr-ip-port-listening.py
T-2/etc/plugin/frontend-caddy-configuration-promise.py
T-2/etc/plugin/monitor-bootstrap-status.py
T-2/etc/plugin/monitor-http-frontend.py
...
...
software/caddy-frontend/test/test_data/test.TestMasterRequestDomain.test_supervisor_state-CADDY.txt
View file @
2b4d054c
...
...
@@ -12,7 +12,7 @@ T-1:caucase-updater-on-watch RUNNING
T-1:caucased-{hash-generic}-on-watch RUNNING
T-1:certificate_authority-{hash-generic}-on-watch RUNNING
T-1:crond-{hash-generic}-on-watch RUNNING
T-1:expose-csr
_id
-{hash-generic}-on-watch RUNNING
T-1:expose-csr-{hash-generic}-on-watch RUNNING
T-1:kedifa-{hash-generic}-on-watch RUNNING
T-1:kedifa-reloader EXITED
T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
...
...
@@ -26,7 +26,7 @@ T-2:backend-haproxy-safe-graceful EXITED
T-2:bootstrap-monitor EXITED
T-2:certificate_authority-{hash-generic}-on-watch RUNNING
T-2:crond-{hash-generic}-on-watch RUNNING
T-2:expose-csr
_id
-{hash-generic}-on-watch RUNNING
T-2:expose-csr-{hash-generic}-on-watch RUNNING
T-2:frontend-caddy-safe-graceful EXITED
T-2:frontend_caddy-{hash-caddy-T-2}-on-watch RUNNING
T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
...
...
software/caddy-frontend/test/test_data/test.TestRe6stVerificationUrlDefaultSlave.test_file_list_log-CADDY.txt
View file @
2b4d054c
T-0/var/log/monitor-httpd-access.log
T-0/var/log/monitor-httpd-error.log
T-0/var/log/slapgrid-T-0-error.log
T-1/var/log/expose-csr
_id
.log
T-1/var/log/expose-csr.log
T-1/var/log/kedifa.log
T-1/var/log/monitor-httpd-access.log
T-1/var/log/monitor-httpd-error.log
T-2/var/log/backend-haproxy.log
T-2/var/log/expose-csr
_id
.log
T-2/var/log/expose-csr.log
T-2/var/log/frontend-access.log
T-2/var/log/frontend-error.log
T-2/var/log/httpd/_default_access_log
...
...
software/caddy-frontend/test/test_data/test.TestRe6stVerificationUrlDefaultSlave.test_file_list_plugin-CADDY.txt
View file @
2b4d054c
T-0/etc/plugin/__init__.py
T-0/etc/plugin/aibcc-sign-promise.py
T-0/etc/plugin/aibcc-user-caucase-updater.py
T-0/etc/plugin/aikc-sign-promise.py
T-0/etc/plugin/aikc-user-caucase-updater.py
T-0/etc/plugin/buildout-T-0-status.py
T-0/etc/plugin/caucased-backend-client.py
...
...
@@ -14,7 +16,7 @@ T-1/etc/plugin/__init__.py
T-1/etc/plugin/buildout-T-1-status.py
T-1/etc/plugin/caucased.py
T-1/etc/plugin/check-free-disk-space.py
T-1/etc/plugin/expose-csr
_id
-ip-port-listening.py
T-1/etc/plugin/expose-csr-ip-port-listening.py
T-1/etc/plugin/kedifa-http-reply.py
T-1/etc/plugin/monitor-bootstrap-status.py
T-1/etc/plugin/monitor-http-frontend.py
...
...
@@ -33,7 +35,7 @@ T-2/etc/plugin/caddy_frontend_ipv6_http.py
T-2/etc/plugin/caddy_frontend_ipv6_https.py
T-2/etc/plugin/caucase-updater.py
T-2/etc/plugin/check-free-disk-space.py
T-2/etc/plugin/expose-csr
_id
-ip-port-listening.py
T-2/etc/plugin/expose-csr-ip-port-listening.py
T-2/etc/plugin/frontend-caddy-configuration-promise.py
T-2/etc/plugin/monitor-bootstrap-status.py
T-2/etc/plugin/monitor-http-frontend.py
...
...
software/caddy-frontend/test/test_data/test.TestRe6stVerificationUrlDefaultSlave.test_supervisor_state-CADDY.txt
View file @
2b4d054c
...
...
@@ -12,7 +12,7 @@ T-1:caucase-updater-on-watch RUNNING
T-1:caucased-{hash-generic}-on-watch RUNNING
T-1:certificate_authority-{hash-generic}-on-watch RUNNING
T-1:crond-{hash-generic}-on-watch RUNNING
T-1:expose-csr
_id
-{hash-generic}-on-watch RUNNING
T-1:expose-csr-{hash-generic}-on-watch RUNNING
T-1:kedifa-{hash-generic}-on-watch RUNNING
T-1:kedifa-reloader EXITED
T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
...
...
@@ -26,7 +26,7 @@ T-2:backend-haproxy-safe-graceful EXITED
T-2:bootstrap-monitor EXITED
T-2:certificate_authority-{hash-generic}-on-watch RUNNING
T-2:crond-{hash-generic}-on-watch RUNNING
T-2:expose-csr
_id
-{hash-generic}-on-watch RUNNING
T-2:expose-csr-{hash-generic}-on-watch RUNNING
T-2:frontend-caddy-safe-graceful EXITED
T-2:frontend_caddy-{hash-caddy-T-2}-on-watch RUNNING
T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
...
...
software/caddy-frontend/test/test_data/test.TestRe6stVerificationUrlSlave.test_file_list_log-CADDY.txt
View file @
2b4d054c
T-0/var/log/monitor-httpd-access.log
T-0/var/log/monitor-httpd-error.log
T-0/var/log/slapgrid-T-0-error.log
T-1/var/log/expose-csr
_id
.log
T-1/var/log/expose-csr.log
T-1/var/log/kedifa.log
T-1/var/log/monitor-httpd-access.log
T-1/var/log/monitor-httpd-error.log
T-2/var/log/backend-haproxy.log
T-2/var/log/expose-csr
_id
.log
T-2/var/log/expose-csr.log
T-2/var/log/frontend-access.log
T-2/var/log/frontend-error.log
T-2/var/log/httpd/_default_access_log
...
...
software/caddy-frontend/test/test_data/test.TestRe6stVerificationUrlSlave.test_file_list_plugin-CADDY.txt
View file @
2b4d054c
T-0/etc/plugin/__init__.py
T-0/etc/plugin/aibcc-sign-promise.py
T-0/etc/plugin/aibcc-user-caucase-updater.py
T-0/etc/plugin/aikc-sign-promise.py
T-0/etc/plugin/aikc-user-caucase-updater.py
T-0/etc/plugin/buildout-T-0-status.py
T-0/etc/plugin/caucased-backend-client.py
...
...
@@ -14,7 +16,7 @@ T-1/etc/plugin/__init__.py
T-1/etc/plugin/buildout-T-1-status.py
T-1/etc/plugin/caucased.py
T-1/etc/plugin/check-free-disk-space.py
T-1/etc/plugin/expose-csr
_id
-ip-port-listening.py
T-1/etc/plugin/expose-csr-ip-port-listening.py
T-1/etc/plugin/kedifa-http-reply.py
T-1/etc/plugin/monitor-bootstrap-status.py
T-1/etc/plugin/monitor-http-frontend.py
...
...
@@ -33,7 +35,7 @@ T-2/etc/plugin/caddy_frontend_ipv6_http.py
T-2/etc/plugin/caddy_frontend_ipv6_https.py
T-2/etc/plugin/caucase-updater.py
T-2/etc/plugin/check-free-disk-space.py
T-2/etc/plugin/expose-csr
_id
-ip-port-listening.py
T-2/etc/plugin/expose-csr-ip-port-listening.py
T-2/etc/plugin/frontend-caddy-configuration-promise.py
T-2/etc/plugin/monitor-bootstrap-status.py
T-2/etc/plugin/monitor-http-frontend.py
...
...
software/caddy-frontend/test/test_data/test.TestRe6stVerificationUrlSlave.test_supervisor_state-CADDY.txt
View file @
2b4d054c
...
...
@@ -12,7 +12,7 @@ T-1:caucase-updater-on-watch RUNNING
T-1:caucased-{hash-generic}-on-watch RUNNING
T-1:certificate_authority-{hash-generic}-on-watch RUNNING
T-1:crond-{hash-generic}-on-watch RUNNING
T-1:expose-csr
_id
-{hash-generic}-on-watch RUNNING
T-1:expose-csr-{hash-generic}-on-watch RUNNING
T-1:kedifa-{hash-generic}-on-watch RUNNING
T-1:kedifa-reloader EXITED
T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
...
...
@@ -26,7 +26,7 @@ T-2:backend-haproxy-safe-graceful EXITED
T-2:bootstrap-monitor EXITED
T-2:certificate_authority-{hash-generic}-on-watch RUNNING
T-2:crond-{hash-generic}-on-watch RUNNING
T-2:expose-csr
_id
-{hash-generic}-on-watch RUNNING
T-2:expose-csr-{hash-generic}-on-watch RUNNING
T-2:frontend-caddy-safe-graceful EXITED
T-2:frontend_caddy-{hash-caddy-T-2}-on-watch RUNNING
T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
...
...
software/caddy-frontend/test/test_data/test.TestReplicateSlave.test_file_list_log-CADDY.txt
View file @
2b4d054c
T-0/var/log/monitor-httpd-access.log
T-0/var/log/monitor-httpd-error.log
T-0/var/log/slapgrid-T-0-error.log
T-1/var/log/expose-csr
_id
.log
T-1/var/log/expose-csr.log
T-1/var/log/kedifa.log
T-1/var/log/monitor-httpd-access.log
T-1/var/log/monitor-httpd-error.log
T-2/var/log/backend-haproxy.log
T-2/var/log/expose-csr
_id
.log
T-2/var/log/expose-csr.log
T-2/var/log/frontend-access.log
T-2/var/log/frontend-error.log
T-2/var/log/httpd/_replicate_access_log
...
...
@@ -18,7 +18,7 @@ T-2/var/log/slave-introspection-access.log
T-2/var/log/slave-introspection-error.log
T-2/var/log/trafficserver/manager.log
T-3/var/log/backend-haproxy.log
T-3/var/log/expose-csr
_id
.log
T-3/var/log/expose-csr.log
T-3/var/log/frontend-access.log
T-3/var/log/frontend-error.log
T-3/var/log/httpd/_replicate_access_log
...
...
software/caddy-frontend/test/test_data/test.TestReplicateSlave.test_file_list_plugin-CADDY.txt
View file @
2b4d054c
T-0/etc/plugin/__init__.py
T-0/etc/plugin/aibcc-sign-promise.py
T-0/etc/plugin/aibcc-user-caucase-updater.py
T-0/etc/plugin/aikc-sign-promise.py
T-0/etc/plugin/aikc-user-caucase-updater.py
T-0/etc/plugin/buildout-T-0-status.py
T-0/etc/plugin/caucased-backend-client.py
...
...
@@ -15,7 +17,7 @@ T-1/etc/plugin/__init__.py
T-1/etc/plugin/buildout-T-1-status.py
T-1/etc/plugin/caucased.py
T-1/etc/plugin/check-free-disk-space.py
T-1/etc/plugin/expose-csr
_id
-ip-port-listening.py
T-1/etc/plugin/expose-csr-ip-port-listening.py
T-1/etc/plugin/kedifa-http-reply.py
T-1/etc/plugin/monitor-bootstrap-status.py
T-1/etc/plugin/monitor-http-frontend.py
...
...
@@ -34,7 +36,7 @@ T-2/etc/plugin/caddy_frontend_ipv6_http.py
T-2/etc/plugin/caddy_frontend_ipv6_https.py
T-2/etc/plugin/caucase-updater.py
T-2/etc/plugin/check-free-disk-space.py
T-2/etc/plugin/expose-csr
_id
-ip-port-listening.py
T-2/etc/plugin/expose-csr-ip-port-listening.py
T-2/etc/plugin/frontend-caddy-configuration-promise.py
T-2/etc/plugin/monitor-bootstrap-status.py
T-2/etc/plugin/monitor-http-frontend.py
...
...
@@ -58,7 +60,7 @@ T-3/etc/plugin/caddy_frontend_ipv6_http.py
T-3/etc/plugin/caddy_frontend_ipv6_https.py
T-3/etc/plugin/caucase-updater.py
T-3/etc/plugin/check-free-disk-space.py
T-3/etc/plugin/expose-csr
_id
-ip-port-listening.py
T-3/etc/plugin/expose-csr-ip-port-listening.py
T-3/etc/plugin/frontend-caddy-configuration-promise.py
T-3/etc/plugin/monitor-bootstrap-status.py
T-3/etc/plugin/monitor-http-frontend.py
...
...
software/caddy-frontend/test/test_data/test.TestReplicateSlave.test_supervisor_state-CADDY.txt
View file @
2b4d054c
...
...
@@ -12,7 +12,7 @@ T-1:caucase-updater-on-watch RUNNING
T-1:caucased-{hash-generic}-on-watch RUNNING
T-1:certificate_authority-{hash-generic}-on-watch RUNNING
T-1:crond-{hash-generic}-on-watch RUNNING
T-1:expose-csr
_id
-{hash-generic}-on-watch RUNNING
T-1:expose-csr-{hash-generic}-on-watch RUNNING
T-1:kedifa-{hash-generic}-on-watch RUNNING
T-1:kedifa-reloader EXITED
T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
...
...
@@ -26,7 +26,7 @@ T-2:backend-haproxy-safe-graceful EXITED
T-2:bootstrap-monitor EXITED
T-2:certificate_authority-{hash-generic}-on-watch RUNNING
T-2:crond-{hash-generic}-on-watch RUNNING
T-2:expose-csr
_id
-{hash-generic}-on-watch RUNNING
T-2:expose-csr-{hash-generic}-on-watch RUNNING
T-2:frontend-caddy-safe-graceful EXITED
T-2:frontend_caddy-{hash-caddy-T-2}-on-watch RUNNING
T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
...
...
@@ -46,7 +46,7 @@ T-3:backend-haproxy-safe-graceful EXITED
T-3:bootstrap-monitor EXITED
T-3:certificate_authority-{hash-generic}-on-watch STOPPED
T-3:crond-{hash-generic}-on-watch STOPPED
T-3:expose-csr
_id
-{hash-generic}-on-watch STOPPED
T-3:expose-csr-{hash-generic}-on-watch STOPPED
T-3:frontend-caddy-safe-graceful EXITED
T-3:frontend_caddy-{hash-caddy-T-3}-on-watch STOPPED
T-3:kedifa-login-certificate-caucase-updater-on-watch STOPPED
...
...
software/caddy-frontend/test/test_data/test.TestSlave.test_file_list_log-CADDY.txt
View file @
2b4d054c
T-0/var/log/monitor-httpd-access.log
T-0/var/log/monitor-httpd-error.log
T-0/var/log/slapgrid-T-0-error.log
T-1/var/log/expose-csr
_id
.log
T-1/var/log/expose-csr.log
T-1/var/log/kedifa.log
T-1/var/log/monitor-httpd-access.log
T-1/var/log/monitor-httpd-error.log
T-2/var/log/backend-haproxy.log
T-2/var/log/expose-csr
_id
.log
T-2/var/log/expose-csr.log
T-2/var/log/frontend-access.log
T-2/var/log/frontend-error.log
T-2/var/log/httpd/_Url_access_log
...
...
@@ -58,9 +58,9 @@ T-2/var/log/httpd/_enable_cache-disable-no-cache-request_error_log
T-2/var/log/httpd/_enable_cache-disable-via-header_access_log
T-2/var/log/httpd/_enable_cache-disable-via-header_backend_log
T-2/var/log/httpd/_enable_cache-disable-via-header_error_log
T-2/var/log/httpd/_enable_cache-https-only_access_log
T-2/var/log/httpd/_enable_cache-https-only_backend_log
T-2/var/log/httpd/_enable_cache-https-only_error_log
T-2/var/log/httpd/_enable_cache-https-only
-false
_access_log
T-2/var/log/httpd/_enable_cache-https-only
-false
_backend_log
T-2/var/log/httpd/_enable_cache-https-only
-false
_error_log
T-2/var/log/httpd/_enable_cache_access_log
T-2/var/log/httpd/_enable_cache_backend_log
T-2/var/log/httpd/_enable_cache_custom_domain_access_log
...
...
software/caddy-frontend/test/test_data/test.TestSlave.test_file_list_plugin-CADDY.txt
View file @
2b4d054c
T-0/etc/plugin/__init__.py
T-0/etc/plugin/aibcc-sign-promise.py
T-0/etc/plugin/aibcc-user-caucase-updater.py
T-0/etc/plugin/aikc-sign-promise.py
T-0/etc/plugin/aikc-user-caucase-updater.py
T-0/etc/plugin/buildout-T-0-status.py
T-0/etc/plugin/caucased-backend-client.py
...
...
@@ -14,7 +16,7 @@ T-1/etc/plugin/__init__.py
T-1/etc/plugin/buildout-T-1-status.py
T-1/etc/plugin/caucased.py
T-1/etc/plugin/check-free-disk-space.py
T-1/etc/plugin/expose-csr
_id
-ip-port-listening.py
T-1/etc/plugin/expose-csr-ip-port-listening.py
T-1/etc/plugin/kedifa-http-reply.py
T-1/etc/plugin/monitor-bootstrap-status.py
T-1/etc/plugin/monitor-http-frontend.py
...
...
@@ -35,7 +37,7 @@ T-2/etc/plugin/caucase-updater.py
T-2/etc/plugin/check-_monitor-ipv4-test-ipv4-packet-list-test.py
T-2/etc/plugin/check-_monitor-ipv6-test-ipv6-packet-list-test.py
T-2/etc/plugin/check-free-disk-space.py
T-2/etc/plugin/expose-csr
_id
-ip-port-listening.py
T-2/etc/plugin/expose-csr-ip-port-listening.py
T-2/etc/plugin/frontend-caddy-configuration-promise.py
T-2/etc/plugin/monitor-bootstrap-status.py
T-2/etc/plugin/monitor-http-frontend.py
...
...
software/caddy-frontend/test/test_data/test.TestSlave.test_supervisor_state-CADDY.txt
View file @
2b4d054c
...
...
@@ -12,7 +12,7 @@ T-1:caucase-updater-on-watch RUNNING
T-1:caucased-{hash-generic}-on-watch RUNNING
T-1:certificate_authority-{hash-generic}-on-watch RUNNING
T-1:crond-{hash-generic}-on-watch RUNNING
T-1:expose-csr
_id
-{hash-generic}-on-watch RUNNING
T-1:expose-csr-{hash-generic}-on-watch RUNNING
T-1:kedifa-{hash-generic}-on-watch RUNNING
T-1:kedifa-reloader EXITED
T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
...
...
@@ -26,7 +26,7 @@ T-2:backend-haproxy-safe-graceful EXITED
T-2:bootstrap-monitor EXITED
T-2:certificate_authority-{hash-generic}-on-watch RUNNING
T-2:crond-{hash-generic}-on-watch RUNNING
T-2:expose-csr
_id
-{hash-generic}-on-watch RUNNING
T-2:expose-csr-{hash-generic}-on-watch RUNNING
T-2:frontend-caddy-safe-graceful EXITED
T-2:frontend_caddy-{hash-caddy-T-2}-on-watch RUNNING
T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
...
...
software/caddy-frontend/test/test_data/test.TestSlaveCiphers.test_file_list_log-CADDY.txt
View file @
2b4d054c
T-0/var/log/monitor-httpd-access.log
T-0/var/log/monitor-httpd-error.log
T-0/var/log/slapgrid-T-0-error.log
T-1/var/log/expose-csr
_id
.log
T-1/var/log/expose-csr.log
T-1/var/log/kedifa.log
T-1/var/log/monitor-httpd-access.log
T-1/var/log/monitor-httpd-error.log
T-2/var/log/backend-haproxy.log
T-2/var/log/expose-csr
_id
.log
T-2/var/log/expose-csr.log
T-2/var/log/frontend-access.log
T-2/var/log/frontend-error.log
T-2/var/log/httpd/_default_ciphers_access_log
...
...
software/caddy-frontend/test/test_data/test.TestSlaveCiphers.test_file_list_plugin-CADDY.txt
View file @
2b4d054c
T-0/etc/plugin/__init__.py
T-0/etc/plugin/aibcc-sign-promise.py
T-0/etc/plugin/aibcc-user-caucase-updater.py
T-0/etc/plugin/aikc-sign-promise.py
T-0/etc/plugin/aikc-user-caucase-updater.py
T-0/etc/plugin/buildout-T-0-status.py
T-0/etc/plugin/caucased-backend-client.py
...
...
@@ -14,7 +16,7 @@ T-1/etc/plugin/__init__.py
T-1/etc/plugin/buildout-T-1-status.py
T-1/etc/plugin/caucased.py
T-1/etc/plugin/check-free-disk-space.py
T-1/etc/plugin/expose-csr
_id
-ip-port-listening.py
T-1/etc/plugin/expose-csr-ip-port-listening.py
T-1/etc/plugin/kedifa-http-reply.py
T-1/etc/plugin/monitor-bootstrap-status.py
T-1/etc/plugin/monitor-http-frontend.py
...
...
@@ -33,7 +35,7 @@ T-2/etc/plugin/caddy_frontend_ipv6_http.py
T-2/etc/plugin/caddy_frontend_ipv6_https.py
T-2/etc/plugin/caucase-updater.py
T-2/etc/plugin/check-free-disk-space.py
T-2/etc/plugin/expose-csr
_id
-ip-port-listening.py
T-2/etc/plugin/expose-csr-ip-port-listening.py
T-2/etc/plugin/frontend-caddy-configuration-promise.py
T-2/etc/plugin/monitor-bootstrap-status.py
T-2/etc/plugin/monitor-http-frontend.py
...
...
software/caddy-frontend/test/test_data/test.TestSlaveCiphers.test_supervisor_state-CADDY.txt
View file @
2b4d054c
...
...
@@ -12,7 +12,7 @@ T-1:caucase-updater-on-watch RUNNING
T-1:caucased-{hash-generic}-on-watch RUNNING
T-1:certificate_authority-{hash-generic}-on-watch RUNNING
T-1:crond-{hash-generic}-on-watch RUNNING
T-1:expose-csr
_id
-{hash-generic}-on-watch RUNNING
T-1:expose-csr-{hash-generic}-on-watch RUNNING
T-1:kedifa-{hash-generic}-on-watch RUNNING
T-1:kedifa-reloader EXITED
T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
...
...
@@ -26,7 +26,7 @@ T-2:backend-haproxy-safe-graceful EXITED
T-2:bootstrap-monitor EXITED
T-2:certificate_authority-{hash-generic}-on-watch RUNNING
T-2:crond-{hash-generic}-on-watch RUNNING
T-2:expose-csr
_id
-{hash-generic}-on-watch RUNNING
T-2:expose-csr-{hash-generic}-on-watch RUNNING
T-2:frontend-caddy-safe-graceful EXITED
T-2:frontend_caddy-{hash-caddy-T-2}-on-watch RUNNING
T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
...
...
software/caddy-frontend/test/test_data/test.TestSlaveGlobalDisableHttp2.test_file_list_log-CADDY.txt
View file @
2b4d054c
T-0/var/log/monitor-httpd-access.log
T-0/var/log/monitor-httpd-error.log
T-0/var/log/slapgrid-T-0-error.log
T-1/var/log/expose-csr
_id
.log
T-1/var/log/expose-csr.log
T-1/var/log/kedifa.log
T-1/var/log/monitor-httpd-access.log
T-1/var/log/monitor-httpd-error.log
T-2/var/log/backend-haproxy.log
T-2/var/log/expose-csr
_id
.log
T-2/var/log/expose-csr.log
T-2/var/log/frontend-access.log
T-2/var/log/frontend-error.log
T-2/var/log/httpd/_Url_access_log
...
...
@@ -58,9 +58,9 @@ T-2/var/log/httpd/_enable_cache-disable-no-cache-request_error_log
T-2/var/log/httpd/_enable_cache-disable-via-header_access_log
T-2/var/log/httpd/_enable_cache-disable-via-header_backend_log
T-2/var/log/httpd/_enable_cache-disable-via-header_error_log
T-2/var/log/httpd/_enable_cache-https-only_access_log
T-2/var/log/httpd/_enable_cache-https-only_backend_log
T-2/var/log/httpd/_enable_cache-https-only_error_log
T-2/var/log/httpd/_enable_cache-https-only
-false
_access_log
T-2/var/log/httpd/_enable_cache-https-only
-false
_backend_log
T-2/var/log/httpd/_enable_cache-https-only
-false
_error_log
T-2/var/log/httpd/_enable_cache_access_log
T-2/var/log/httpd/_enable_cache_backend_log
T-2/var/log/httpd/_enable_cache_custom_domain_access_log
...
...
software/caddy-frontend/test/test_data/test.TestSlaveGlobalDisableHttp2.test_file_list_plugin-CADDY.txt
View file @
2b4d054c
T-0/etc/plugin/__init__.py
T-0/etc/plugin/aibcc-sign-promise.py
T-0/etc/plugin/aibcc-user-caucase-updater.py
T-0/etc/plugin/aikc-sign-promise.py
T-0/etc/plugin/aikc-user-caucase-updater.py
T-0/etc/plugin/buildout-T-0-status.py
T-0/etc/plugin/caucased-backend-client.py
...
...
@@ -14,7 +16,7 @@ T-1/etc/plugin/__init__.py
T-1/etc/plugin/buildout-T-1-status.py
T-1/etc/plugin/caucased.py
T-1/etc/plugin/check-free-disk-space.py
T-1/etc/plugin/expose-csr
_id
-ip-port-listening.py
T-1/etc/plugin/expose-csr-ip-port-listening.py
T-1/etc/plugin/kedifa-http-reply.py
T-1/etc/plugin/monitor-bootstrap-status.py
T-1/etc/plugin/monitor-http-frontend.py
...
...
@@ -35,7 +37,7 @@ T-2/etc/plugin/caucase-updater.py
T-2/etc/plugin/check-_monitor-ipv4-test-ipv4-packet-list-test.py
T-2/etc/plugin/check-_monitor-ipv6-test-ipv6-packet-list-test.py
T-2/etc/plugin/check-free-disk-space.py
T-2/etc/plugin/expose-csr
_id
-ip-port-listening.py
T-2/etc/plugin/expose-csr-ip-port-listening.py
T-2/etc/plugin/frontend-caddy-configuration-promise.py
T-2/etc/plugin/monitor-bootstrap-status.py
T-2/etc/plugin/monitor-http-frontend.py
...
...
software/caddy-frontend/test/test_data/test.TestSlaveGlobalDisableHttp2.test_supervisor_state-CADDY.txt
View file @
2b4d054c
...
...
@@ -12,7 +12,7 @@ T-1:caucase-updater-on-watch RUNNING
T-1:caucased-{hash-generic}-on-watch RUNNING
T-1:certificate_authority-{hash-generic}-on-watch RUNNING
T-1:crond-{hash-generic}-on-watch RUNNING
T-1:expose-csr
_id
-{hash-generic}-on-watch RUNNING
T-1:expose-csr-{hash-generic}-on-watch RUNNING
T-1:kedifa-{hash-generic}-on-watch RUNNING
T-1:kedifa-reloader EXITED
T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
...
...
@@ -26,7 +26,7 @@ T-2:backend-haproxy-safe-graceful EXITED
T-2:bootstrap-monitor EXITED
T-2:certificate_authority-{hash-generic}-on-watch RUNNING
T-2:crond-{hash-generic}-on-watch RUNNING
T-2:expose-csr
_id
-{hash-generic}-on-watch RUNNING
T-2:expose-csr-{hash-generic}-on-watch RUNNING
T-2:frontend-caddy-safe-graceful EXITED
T-2:frontend_caddy-{hash-caddy-T-2}-on-watch RUNNING
T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
...
...
software/caddy-frontend/test/test_data/test.TestSlaveHealthCheck.test_file_list_log-CADDY.txt
View file @
2b4d054c
T-0/var/log/monitor-httpd-access.log
T-0/var/log/monitor-httpd-error.log
T-0/var/log/slapgrid-T-0-error.log
T-1/var/log/expose-csr
_id
.log
T-1/var/log/expose-csr.log
T-1/var/log/kedifa.log
T-1/var/log/monitor-httpd-access.log
T-1/var/log/monitor-httpd-error.log
T-2/var/log/backend-haproxy.log
T-2/var/log/expose-csr
_id
.log
T-2/var/log/expose-csr.log
T-2/var/log/frontend-access.log
T-2/var/log/frontend-error.log
T-2/var/log/httpd/_health-check-connect_access_log
...
...
software/caddy-frontend/test/test_data/test.TestSlaveHealthCheck.test_file_list_plugin-CADDY.txt
View file @
2b4d054c
T-0/etc/plugin/__init__.py
T-0/etc/plugin/aibcc-sign-promise.py
T-0/etc/plugin/aibcc-user-caucase-updater.py
T-0/etc/plugin/aikc-sign-promise.py
T-0/etc/plugin/aikc-user-caucase-updater.py
T-0/etc/plugin/buildout-T-0-status.py
T-0/etc/plugin/caucased-backend-client.py
...
...
@@ -14,7 +16,7 @@ T-1/etc/plugin/__init__.py
T-1/etc/plugin/buildout-T-1-status.py
T-1/etc/plugin/caucased.py
T-1/etc/plugin/check-free-disk-space.py
T-1/etc/plugin/expose-csr
_id
-ip-port-listening.py
T-1/etc/plugin/expose-csr-ip-port-listening.py
T-1/etc/plugin/kedifa-http-reply.py
T-1/etc/plugin/monitor-bootstrap-status.py
T-1/etc/plugin/monitor-http-frontend.py
...
...
@@ -33,7 +35,7 @@ T-2/etc/plugin/caddy_frontend_ipv6_http.py
T-2/etc/plugin/caddy_frontend_ipv6_https.py
T-2/etc/plugin/caucase-updater.py
T-2/etc/plugin/check-free-disk-space.py
T-2/etc/plugin/expose-csr
_id
-ip-port-listening.py
T-2/etc/plugin/expose-csr-ip-port-listening.py
T-2/etc/plugin/frontend-caddy-configuration-promise.py
T-2/etc/plugin/monitor-bootstrap-status.py
T-2/etc/plugin/monitor-http-frontend.py
...
...
software/caddy-frontend/test/test_data/test.TestSlaveHealthCheck.test_supervisor_state-CADDY.txt
View file @
2b4d054c
...
...
@@ -12,7 +12,7 @@ T-1:caucase-updater-on-watch RUNNING
T-1:caucased-{hash-generic}-on-watch RUNNING
T-1:certificate_authority-{hash-generic}-on-watch RUNNING
T-1:crond-{hash-generic}-on-watch RUNNING
T-1:expose-csr
_id
-{hash-generic}-on-watch RUNNING
T-1:expose-csr-{hash-generic}-on-watch RUNNING
T-1:kedifa-{hash-generic}-on-watch RUNNING
T-1:kedifa-reloader EXITED
T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
...
...
@@ -26,7 +26,7 @@ T-2:backend-haproxy-safe-graceful EXITED
T-2:bootstrap-monitor EXITED
T-2:certificate_authority-{hash-generic}-on-watch RUNNING
T-2:crond-{hash-generic}-on-watch RUNNING
T-2:expose-csr
_id
-{hash-generic}-on-watch RUNNING
T-2:expose-csr-{hash-generic}-on-watch RUNNING
T-2:frontend-caddy-safe-graceful EXITED
T-2:frontend_caddy-{hash-caddy-T-2}-on-watch RUNNING
T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
...
...
software/caddy-frontend/test/test_data/test.TestSlaveHostHaproxyClash.test_file_list_log-CADDY.txt
View file @
2b4d054c
T-0/var/log/monitor-httpd-access.log
T-0/var/log/monitor-httpd-error.log
T-0/var/log/slapgrid-T-0-error.log
T-1/var/log/expose-csr
_id
.log
T-1/var/log/expose-csr.log
T-1/var/log/kedifa.log
T-1/var/log/monitor-httpd-access.log
T-1/var/log/monitor-httpd-error.log
T-2/var/log/backend-haproxy.log
T-2/var/log/expose-csr
_id
.log
T-2/var/log/expose-csr.log
T-2/var/log/frontend-access.log
T-2/var/log/frontend-error.log
T-2/var/log/httpd/_wildcard_access_log
...
...
software/caddy-frontend/test/test_data/test.TestSlaveHostHaproxyClash.test_file_list_plugin-CADDY.txt
View file @
2b4d054c
T-0/etc/plugin/__init__.py
T-0/etc/plugin/aibcc-sign-promise.py
T-0/etc/plugin/aibcc-user-caucase-updater.py
T-0/etc/plugin/aikc-sign-promise.py
T-0/etc/plugin/aikc-user-caucase-updater.py
T-0/etc/plugin/buildout-T-0-status.py
T-0/etc/plugin/caucased-backend-client.py
...
...
@@ -14,7 +16,7 @@ T-1/etc/plugin/__init__.py
T-1/etc/plugin/buildout-T-1-status.py
T-1/etc/plugin/caucased.py
T-1/etc/plugin/check-free-disk-space.py
T-1/etc/plugin/expose-csr
_id
-ip-port-listening.py
T-1/etc/plugin/expose-csr-ip-port-listening.py
T-1/etc/plugin/kedifa-http-reply.py
T-1/etc/plugin/monitor-bootstrap-status.py
T-1/etc/plugin/monitor-http-frontend.py
...
...
@@ -33,7 +35,7 @@ T-2/etc/plugin/caddy_frontend_ipv6_http.py
T-2/etc/plugin/caddy_frontend_ipv6_https.py
T-2/etc/plugin/caucase-updater.py
T-2/etc/plugin/check-free-disk-space.py
T-2/etc/plugin/expose-csr
_id
-ip-port-listening.py
T-2/etc/plugin/expose-csr-ip-port-listening.py
T-2/etc/plugin/frontend-caddy-configuration-promise.py
T-2/etc/plugin/monitor-bootstrap-status.py
T-2/etc/plugin/monitor-http-frontend.py
...
...
software/caddy-frontend/test/test_data/test.TestSlaveHostHaproxyClash.test_supervisor_state-CADDY.txt
View file @
2b4d054c
...
...
@@ -12,7 +12,7 @@ T-1:caucase-updater-on-watch RUNNING
T-1:caucased-{hash-generic}-on-watch RUNNING
T-1:certificate_authority-{hash-generic}-on-watch RUNNING
T-1:crond-{hash-generic}-on-watch RUNNING
T-1:expose-csr
_id
-{hash-generic}-on-watch RUNNING
T-1:expose-csr-{hash-generic}-on-watch RUNNING
T-1:kedifa-{hash-generic}-on-watch RUNNING
T-1:kedifa-reloader EXITED
T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
...
...
@@ -26,7 +26,7 @@ T-2:backend-haproxy-safe-graceful EXITED
T-2:bootstrap-monitor EXITED
T-2:certificate_authority-{hash-generic}-on-watch RUNNING
T-2:crond-{hash-generic}-on-watch RUNNING
T-2:expose-csr
_id
-{hash-generic}-on-watch RUNNING
T-2:expose-csr-{hash-generic}-on-watch RUNNING
T-2:frontend-caddy-safe-graceful EXITED
T-2:frontend_caddy-{hash-caddy-T-2}-on-watch RUNNING
T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
...
...
software/caddy-frontend/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibility.test_file_list_log-CADDY.txt
View file @
2b4d054c
T-0/var/log/monitor-httpd-access.log
T-0/var/log/monitor-httpd-error.log
T-0/var/log/slapgrid-T-0-error.log
T-1/var/log/expose-csr
_id
.log
T-1/var/log/expose-csr.log
T-1/var/log/kedifa.log
T-1/var/log/monitor-httpd-access.log
T-1/var/log/monitor-httpd-error.log
T-2/var/log/backend-haproxy.log
T-2/var/log/expose-csr
_id
.log
T-2/var/log/expose-csr.log
T-2/var/log/frontend-access.log
T-2/var/log/frontend-error.log
T-2/var/log/httpd/_custom_domain_ssl_crt_ssl_key_access_log
...
...
software/caddy-frontend/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibility.test_file_list_plugin-CADDY.txt
View file @
2b4d054c
T-0/etc/plugin/__init__.py
T-0/etc/plugin/aibcc-sign-promise.py
T-0/etc/plugin/aibcc-user-caucase-updater.py
T-0/etc/plugin/aikc-sign-promise.py
T-0/etc/plugin/aikc-user-caucase-updater.py
T-0/etc/plugin/buildout-T-0-status.py
T-0/etc/plugin/caucased-backend-client.py
...
...
@@ -14,7 +16,7 @@ T-1/etc/plugin/__init__.py
T-1/etc/plugin/buildout-T-1-status.py
T-1/etc/plugin/caucased.py
T-1/etc/plugin/check-free-disk-space.py
T-1/etc/plugin/expose-csr
_id
-ip-port-listening.py
T-1/etc/plugin/expose-csr-ip-port-listening.py
T-1/etc/plugin/kedifa-http-reply.py
T-1/etc/plugin/monitor-bootstrap-status.py
T-1/etc/plugin/monitor-http-frontend.py
...
...
@@ -33,7 +35,7 @@ T-2/etc/plugin/caddy_frontend_ipv6_http.py
T-2/etc/plugin/caddy_frontend_ipv6_https.py
T-2/etc/plugin/caucase-updater.py
T-2/etc/plugin/check-free-disk-space.py
T-2/etc/plugin/expose-csr
_id
-ip-port-listening.py
T-2/etc/plugin/expose-csr-ip-port-listening.py
T-2/etc/plugin/frontend-caddy-configuration-promise.py
T-2/etc/plugin/monitor-bootstrap-status.py
T-2/etc/plugin/monitor-http-frontend.py
...
...
software/caddy-frontend/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibility.test_supervisor_state-CADDY.txt
View file @
2b4d054c
...
...
@@ -12,7 +12,7 @@ T-1:caucase-updater-on-watch RUNNING
T-1:caucased-{hash-generic}-on-watch RUNNING
T-1:certificate_authority-{hash-generic}-on-watch RUNNING
T-1:crond-{hash-generic}-on-watch RUNNING
T-1:expose-csr
_id
-{hash-generic}-on-watch RUNNING
T-1:expose-csr-{hash-generic}-on-watch RUNNING
T-1:kedifa-{hash-generic}-on-watch RUNNING
T-1:kedifa-reloader EXITED
T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
...
...
@@ -26,7 +26,7 @@ T-2:backend-haproxy-safe-graceful EXITED
T-2:bootstrap-monitor EXITED
T-2:certificate_authority-{hash-generic}-on-watch RUNNING
T-2:crond-{hash-generic}-on-watch RUNNING
T-2:expose-csr
_id
-{hash-generic}-on-watch RUNNING
T-2:expose-csr-{hash-generic}-on-watch RUNNING
T-2:frontend-caddy-safe-graceful EXITED
T-2:frontend_caddy-{hash-caddy-T-2}-on-watch RUNNING
T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
...
...
software/caddy-frontend/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibilityOverrideMaster.test_file_list_log-CADDY.txt
View file @
2b4d054c
T-0/var/log/monitor-httpd-access.log
T-0/var/log/monitor-httpd-error.log
T-0/var/log/slapgrid-T-0-error.log
T-1/var/log/expose-csr
_id
.log
T-1/var/log/expose-csr.log
T-1/var/log/kedifa.log
T-1/var/log/monitor-httpd-access.log
T-1/var/log/monitor-httpd-error.log
T-2/var/log/backend-haproxy.log
T-2/var/log/expose-csr
_id
.log
T-2/var/log/expose-csr.log
T-2/var/log/frontend-access.log
T-2/var/log/frontend-error.log
T-2/var/log/httpd/_ssl_from_master_kedifa_overrides_master_certificate_access_log
...
...
software/caddy-frontend/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibilityOverrideMaster.test_file_list_plugin-CADDY.txt
View file @
2b4d054c
T-0/etc/plugin/__init__.py
T-0/etc/plugin/aibcc-sign-promise.py
T-0/etc/plugin/aibcc-user-caucase-updater.py
T-0/etc/plugin/aikc-sign-promise.py
T-0/etc/plugin/aikc-user-caucase-updater.py
T-0/etc/plugin/buildout-T-0-status.py
T-0/etc/plugin/caucased-backend-client.py
...
...
@@ -14,7 +16,7 @@ T-1/etc/plugin/__init__.py
T-1/etc/plugin/buildout-T-1-status.py
T-1/etc/plugin/caucased.py
T-1/etc/plugin/check-free-disk-space.py
T-1/etc/plugin/expose-csr
_id
-ip-port-listening.py
T-1/etc/plugin/expose-csr-ip-port-listening.py
T-1/etc/plugin/kedifa-http-reply.py
T-1/etc/plugin/monitor-bootstrap-status.py
T-1/etc/plugin/monitor-http-frontend.py
...
...
@@ -33,7 +35,7 @@ T-2/etc/plugin/caddy_frontend_ipv6_http.py
T-2/etc/plugin/caddy_frontend_ipv6_https.py
T-2/etc/plugin/caucase-updater.py
T-2/etc/plugin/check-free-disk-space.py
T-2/etc/plugin/expose-csr
_id
-ip-port-listening.py
T-2/etc/plugin/expose-csr-ip-port-listening.py
T-2/etc/plugin/frontend-caddy-configuration-promise.py
T-2/etc/plugin/monitor-bootstrap-status.py
T-2/etc/plugin/monitor-http-frontend.py
...
...
software/caddy-frontend/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibilityOverrideMaster.test_supervisor_state-CADDY.txt
View file @
2b4d054c
...
...
@@ -12,7 +12,7 @@ T-1:caucase-updater-on-watch RUNNING
T-1:caucased-{hash-generic}-on-watch RUNNING
T-1:certificate_authority-{hash-generic}-on-watch RUNNING
T-1:crond-{hash-generic}-on-watch RUNNING
T-1:expose-csr
_id
-{hash-generic}-on-watch RUNNING
T-1:expose-csr-{hash-generic}-on-watch RUNNING
T-1:kedifa-{hash-generic}-on-watch RUNNING
T-1:kedifa-reloader EXITED
T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
...
...
@@ -26,7 +26,7 @@ T-2:backend-haproxy-safe-graceful EXITED
T-2:bootstrap-monitor EXITED
T-2:certificate_authority-{hash-generic}-on-watch RUNNING
T-2:crond-{hash-generic}-on-watch RUNNING
T-2:expose-csr
_id
-{hash-generic}-on-watch RUNNING
T-2:expose-csr-{hash-generic}-on-watch RUNNING
T-2:frontend-caddy-safe-graceful EXITED
T-2:frontend_caddy-{hash-caddy-T-2}-on-watch RUNNING
T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
...
...
software/caddy-frontend/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibilityUpdate.test_file_list_log-CADDY.txt
View file @
2b4d054c
T-0/var/log/monitor-httpd-access.log
T-0/var/log/monitor-httpd-error.log
T-0/var/log/slapgrid-T-0-error.log
T-1/var/log/expose-csr
_id
.log
T-1/var/log/expose-csr.log
T-1/var/log/kedifa.log
T-1/var/log/monitor-httpd-access.log
T-1/var/log/monitor-httpd-error.log
T-2/var/log/backend-haproxy.log
T-2/var/log/expose-csr
_id
.log
T-2/var/log/expose-csr.log
T-2/var/log/frontend-access.log
T-2/var/log/frontend-error.log
T-2/var/log/httpd/_ssl_from_master_access_log
...
...
software/caddy-frontend/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibilityUpdate.test_file_list_plugin-CADDY.txt
View file @
2b4d054c
T-0/etc/plugin/__init__.py
T-0/etc/plugin/aibcc-sign-promise.py
T-0/etc/plugin/aibcc-user-caucase-updater.py
T-0/etc/plugin/aikc-sign-promise.py
T-0/etc/plugin/aikc-user-caucase-updater.py
T-0/etc/plugin/buildout-T-0-status.py
T-0/etc/plugin/caucased-backend-client.py
...
...
@@ -14,7 +16,7 @@ T-1/etc/plugin/__init__.py
T-1/etc/plugin/buildout-T-1-status.py
T-1/etc/plugin/caucased.py
T-1/etc/plugin/check-free-disk-space.py
T-1/etc/plugin/expose-csr
_id
-ip-port-listening.py
T-1/etc/plugin/expose-csr-ip-port-listening.py
T-1/etc/plugin/kedifa-http-reply.py
T-1/etc/plugin/monitor-bootstrap-status.py
T-1/etc/plugin/monitor-http-frontend.py
...
...
@@ -33,7 +35,7 @@ T-2/etc/plugin/caddy_frontend_ipv6_http.py
T-2/etc/plugin/caddy_frontend_ipv6_https.py
T-2/etc/plugin/caucase-updater.py
T-2/etc/plugin/check-free-disk-space.py
T-2/etc/plugin/expose-csr
_id
-ip-port-listening.py
T-2/etc/plugin/expose-csr-ip-port-listening.py
T-2/etc/plugin/frontend-caddy-configuration-promise.py
T-2/etc/plugin/monitor-bootstrap-status.py
T-2/etc/plugin/monitor-http-frontend.py
...
...
software/caddy-frontend/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibilityUpdate.test_supervisor_state-CADDY.txt
View file @
2b4d054c
...
...
@@ -12,7 +12,7 @@ T-1:caucase-updater-on-watch RUNNING
T-1:caucased-{hash-generic}-on-watch RUNNING
T-1:certificate_authority-{hash-generic}-on-watch RUNNING
T-1:crond-{hash-generic}-on-watch RUNNING
T-1:expose-csr
_id
-{hash-generic}-on-watch RUNNING
T-1:expose-csr-{hash-generic}-on-watch RUNNING
T-1:kedifa-{hash-generic}-on-watch RUNNING
T-1:kedifa-reloader EXITED
T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
...
...
@@ -26,7 +26,7 @@ T-2:backend-haproxy-safe-graceful EXITED
T-2:bootstrap-monitor EXITED
T-2:certificate_authority-{hash-generic}-on-watch RUNNING
T-2:crond-{hash-generic}-on-watch RUNNING
T-2:expose-csr
_id
-{hash-generic}-on-watch RUNNING
T-2:expose-csr-{hash-generic}-on-watch RUNNING
T-2:frontend-caddy-safe-graceful EXITED
T-2:frontend_caddy-{hash-caddy-T-2}-on-watch RUNNING
T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
...
...
software/kvm/buildout.hash.cfg
View file @
2b4d054c
...
...
@@ -19,7 +19,7 @@ md5sum = 087f226ba90928dcc5a722d7008c867a
[template-kvm]
filename = instance-kvm.cfg.jinja2
md5sum =
baa3ee5b653731124bfc2ac2fa835787
md5sum =
2ff55931eab48f7992e8e1cb16b44b95
[template-kvm-cluster]
filename = instance-kvm-cluster.cfg.jinja2.in
...
...
@@ -55,7 +55,7 @@ md5sum = a8cf453d20f01c707f02c4b4014580d8
[template-kvm-run]
filename = template/template-kvm-run.in
md5sum =
875261817970d0f83335824373288b9d
md5sum =
395ee373ccda3382d257fde1ff4222b0
[template-kvm-controller]
filename = template/kvm-controller-run.in
...
...
@@ -79,11 +79,11 @@ md5sum = d57764bb7135037b4d21543b2f56ce1d
[image-download-controller]
filename = template/image-download-controller.py
md5sum =
9c67058edcc4edae0b57956c0932a9fc
md5sum =
4d48b3da5bc611fc6533335b5953c840
[image-download-config-creator]
filename = template/image-download-config-creator.py
md5sum =
54261e418ab9860efe73efd514c4d47f
md5sum =
8fbe05c4175a7f31b6bffced9ad4e91d
[whitelist-firewall-download-controller]
filename = template/whitelist-firewall-download-controller.py
...
...
software/kvm/instance-kvm.cfg.jinja2
View file @
2b4d054c
...
...
@@ -162,7 +162,8 @@ config-filename = ${boot-image-url-select-json-config:error-state-file}
# wrapper to execute boot-image-url-select-download on each run
recipe = slapos.cookbook:wrapper
wrapper-path = ${directory:scripts}/boot-image-url-select-updater
command-line = {{ python_executable }} {{ image_download_controller }} ${boot-image-url-select-json-config:rendered} {{ curl_executable_location }} ${:md5sum-state-file} ${:error-state-file} ${boot-image-url-select-processed-config:processed-md5sum}
command-line = {{ python_executable }} {{ image_download_controller }} ${:config} {{ curl_executable_location }} ${:md5sum-state-file} ${:error-state-file} ${boot-image-url-select-processed-config:processed-md5sum}
config = ${boot-image-url-select-json-config:rendered}
md5sum-state-filename = boot-image-url-select-download-controller-md5sum-fail.json
md5sum-state-file = ${directory:boot-image-url-select-expose}/${:md5sum-state-filename}
error-state-filename = boot-image-url-select-download-controller-error.text
...
...
@@ -258,7 +259,8 @@ config-filename = ${boot-image-url-list-json-config:error-state-file}
# wrapper to execute boot-image-url-list-download on each run
recipe = slapos.cookbook:wrapper
wrapper-path = ${directory:scripts}/boot-image-url-list-updater
command-line = {{ python_executable }} {{ image_download_controller }} ${boot-image-url-list-json-config:rendered} {{ curl_executable_location }} ${:md5sum-state-file} ${:error-state-file} ${boot-image-url-list-processed-config:processed-md5sum}
command-line = {{ python_executable }} {{ image_download_controller }} ${:config} {{ curl_executable_location }} ${:md5sum-state-file} ${:error-state-file} ${boot-image-url-list-processed-config:processed-md5sum}
config = ${boot-image-url-list-json-config:rendered}
md5sum-state-filename = boot-image-url-list-download-controller-md5sum-fail.json
md5sum-state-file = ${directory:boot-image-url-list-expose}/${:md5sum-state-filename}
error-state-filename = boot-image-url-list-download-controller-error.text
...
...
@@ -355,7 +357,8 @@ config-filename = ${virtual-hard-drive-url-json-config:error-state-file}
# wrapper to execute virtual-hard-drive-url-download on each run
recipe = slapos.cookbook:wrapper
wrapper-path = ${directory:scripts}/virtual-hard-drive-url-updater
command-line = {{ python_executable }} {{ image_download_controller }} ${virtual-hard-drive-url-json-config:rendered} {{ curl_executable_location }} ${:md5sum-state-file} ${:error-state-file} ${virtual-hard-drive-url-processed-config:processed-md5sum}
command-line = {{ python_executable }} {{ image_download_controller }} ${:config} {{ curl_executable_location }} ${:md5sum-state-file} ${:error-state-file} ${virtual-hard-drive-url-processed-config:processed-md5sum}
config = ${virtual-hard-drive-url-json-config:rendered}
md5sum-state-filename = virtual-hard-drive-url-download-controller-md5sum-fail.json
md5sum-state-file = ${directory:virtual-hard-drive-url-expose}/${:md5sum-state-filename}
error-state-filename = virtual-hard-drive-url-download-controller-error.text
...
...
@@ -547,13 +550,13 @@ command = [ ! -f {{ '${' + key + '}' }} ] && touch {{ '${' + key + '}' }}
{%- endmacro %}
{#- Create depending sections, as state files appear late, so it's better to have empty file which will impact the hash anyway #}
{%- if boot_image_url_list_enabled %}
{{ generate_depend_section('boot-image-url-list-depend', 'boot-image-url-list-download-wrapper:
md5sum-state-file
') }}
{{ generate_depend_section('boot-image-url-list-depend', 'boot-image-url-list-download-wrapper:
config
') }}
{%- endif %}
{%- if boot_image_url_select_enabled %}
{{ generate_depend_section('boot-image-url-select-depend', 'boot-image-url-select-download-wrapper:
md5sum-state-file
') }}
{{ generate_depend_section('boot-image-url-select-depend', 'boot-image-url-select-download-wrapper:
config
') }}
{%- endif %}
{%- if virtual_hard_drive_url_enabled %}
{{ generate_depend_section('virtual-hard-drive-url-depend', 'virtual-hard-drive-url-download-wrapper:
md5sum-state-file
') }}
{{ generate_depend_section('virtual-hard-drive-url-depend', 'virtual-hard-drive-url-download-wrapper:
config
') }}
{%- endif %}
[kvm-instance]
...
...
software/kvm/template/image-download-config-creator.py
View file @
2b4d054c
...
...
@@ -51,7 +51,7 @@ if __name__ == "__main__":
'url'
:
url
,
'destination'
:
md5sum
,
'destination-tmp'
:
md5sum
+
'_tmp'
,
'
link'
:
'image_
%03i'
%
(
image_number
,),
'
image-number'
:
'
%03i'
%
(
image_number
,),
})
else
:
print
(
'INF: checksum %s repeated, used url %s'
%
(
url
,
))
...
...
software/kvm/template/image-download-controller.py
View file @
2b4d054c
...
...
@@ -41,11 +41,13 @@ if __name__ == "__main__":
print
(
'ERR: There are problems with configuration'
)
print
(
'INF: Storing errors in %s'
%
(
error_state_file
,))
# switch to error state during image download
with
open
(
error_state_file
,
'w'
)
as
fh
:
fh
.
write
(
'
\
n
'
.
join
([
'INF Download in progress'
]))
# clean the destination directory
file_to_keep_list
=
[]
for
image
in
config
[
'image-list'
]:
file_to_keep_list
.
append
(
image
[
'destination'
])
file_to_keep_list
.
append
(
image
[
'link'
])
for
fname
in
os
.
listdir
(
config
[
'destination-directory'
]):
if
fname
not
in
file_to_keep_list
:
print
(
'INF: Removing obsolete %s'
%
(
fname
,))
...
...
@@ -118,20 +120,6 @@ if __name__ == "__main__":
os
.
rename
(
destination_tmp
,
destination
)
print
(
'INF: %s : Stored with checksum %s'
%
(
image
[
'url'
],
image
[
'md5sum'
]))
for
image
in
config
[
'image-list'
]:
destination
=
os
.
path
.
join
(
config
[
'destination-directory'
],
image
[
'destination'
])
link
=
os
.
path
.
join
(
config
[
'destination-directory'
],
image
[
'link'
])
if
os
.
path
.
exists
(
destination
):
if
os
.
path
.
lexists
(
link
):
if
not
os
.
path
.
islink
(
link
):
os
.
remove
(
link
)
if
os
.
path
.
islink
(
link
)
and
os
.
readlink
(
link
)
!=
destination
:
os
.
remove
(
link
)
if
not
os
.
path
.
lexists
(
link
):
print
(
'INF: %s : Symlinking %s -> %s'
%
(
image
[
'url'
],
link
,
destination
))
os
.
symlink
(
destination
,
link
)
with
open
(
md5sum_fail_file
,
'w'
)
as
fh
:
if
new_md5sum_state_dict
!=
{}:
json
.
dump
(
new_md5sum_state_dict
,
fh
,
indent
=
2
)
...
...
software/kvm/template/template-kvm-run.in
View file @
2b4d054c
...
...
@@ -329,6 +329,22 @@ if cpu_model:
if rgx.match(cpu_model):
kvm_argument_list.extend(['-cpu', cpu_model])
def handle_image(config, name):
with open(config) as fh:
image_config = json.load(fh)
if image_config['error-amount'] == 0:
for image in sorted(image_config['image-list'], key=lambda k: k['image-number']):
destination = os.path.join(image_config['destination-directory'], image['destination'])
if os.path.exists(destination):
kvm_argument_list.extend([
'-drive',
'file=%s,media=cdrom' % (destination,)
])
else:
raise ValueError('%s not ready yet' % (name,))
else:
raise ValueError('%s not ready yet' % (name,))
# Try to connect to NBD server (and second nbd if defined).
# If not available, don't even specify it in qemu command line parameters.
# Reason: if qemu starts with unavailable NBD drive, it will just crash.
...
...
@@ -350,33 +366,10 @@ else:
# Debian installation CDs, rendering it uninstallable
if boot_image_url_select_json_config:
# Support boot-image-url-select
with open(boot_image_url_select_json_config) as fh:
image_config = json.load(fh)
if image_config['error-amount'] == 0:
for image in sorted(image_config['image-list'], key=lambda k: k['link']):
link = os.path.join(image_config['destination-directory'], image['link'])
if os.path.exists(link) and os.path.islink(link):
kvm_argument_list.extend([
'-drive',
'file=%s,media=cdrom' % (link,)
])
else:
raise ValueError('boot-image-url-select not ready yet')
handle_image(boot_image_url_select_json_config, 'boot-image-url-select')
if boot_image_url_list_json_config:
# Support boot-image-url-list
with open(boot_image_url_list_json_config) as fh:
image_config = json.load(fh)
if image_config['error-amount'] == 0:
for image in sorted(image_config['image-list'], key=lambda k: k['link']):
link = os.path.join(image_config['destination-directory'], image['link'])
if os.path.exists(link) and os.path.islink(link):
kvm_argument_list.extend([
'-drive',
'file=%s,media=cdrom' % (link,)
])
else:
raise ValueError('boot-image-url-list not ready yet')
handle_image(boot_image_url_list_json_config, 'boot-image-url-list')
# Always add by default the default image
kvm_argument_list.extend([
'-drive', 'file=%s,media=cdrom' % default_cdrom_iso
...
...
software/kvm/test/test.py
View file @
2b4d054c
...
...
@@ -36,7 +36,6 @@ import requests
import
six
import
slapos.util
import
sqlite3
import
stat
from
six.moves.urllib.parse
import
parse_qs
,
urlparse
import
unittest
import
subprocess
...
...
@@ -752,49 +751,61 @@ class FakeImageHandler(SimpleHTTPServer.SimpleHTTPRequestHandler):
class
FakeImageServerMixin
(
KvmMixin
):
def
startImageHttpServer
(
self
):
self
.
image_source_directory
=
tempfile
.
mkdtemp
()
@
classmethod
def
startImageHttpServer
(
cls
):
cls
.
image_source_directory
=
tempfile
.
mkdtemp
()
server
=
SocketServer
.
TCPServer
(
(
self
.
_ipv4_address
,
findFreeTCPPort
(
self
.
_ipv4_address
)),
(
cls
.
_ipv4_address
,
findFreeTCPPort
(
cls
.
_ipv4_address
)),
FakeImageHandler
)
# c89f17758be13adeb06886ef935d5ff1
fake_image_content
=
b'fake_image_content'
self
.
fake_image_md5sum
=
hashlib
.
md5
(
fake_image_content
).
hexdigest
()
cls
.
fake_image_md5sum
=
hashlib
.
md5
(
fake_image_content
).
hexdigest
()
with
open
(
os
.
path
.
join
(
self
.
image_source_directory
,
self
.
fake_image_md5sum
),
'wb'
)
as
fh
:
cls
.
image_source_directory
,
cls
.
fake_image_md5sum
),
'wb'
)
as
fh
:
fh
.
write
(
fake_image_content
)
# bc81d2aee81e030c6cee210c802339c2
fake_image2_content
=
b'fake_image2_content'
self
.
fake_image2_md5sum
=
hashlib
.
md5
(
fake_image2_content
).
hexdigest
()
cls
.
fake_image2_md5sum
=
hashlib
.
md5
(
fake_image2_content
).
hexdigest
()
with
open
(
os
.
path
.
join
(
self
.
image_source_directory
,
self
.
fake_image2_md5sum
),
'wb'
)
as
fh
:
cls
.
image_source_directory
,
cls
.
fake_image2_md5sum
),
'wb'
)
as
fh
:
fh
.
write
(
fake_image2_content
)
self
.
fake_image_wrong_md5sum
=
self
.
fake_image2_md5sum
cls
.
fake_image_wrong_md5sum
=
cls
.
fake_image2_md5sum
# c5ef5d70ad5a0dbfd890a734f588e344
fake_image3_content
=
b'fake_image3_content'
cls
.
fake_image3_md5sum
=
hashlib
.
md5
(
fake_image3_content
).
hexdigest
()
with
open
(
os
.
path
.
join
(
cls
.
image_source_directory
,
cls
.
fake_image3_md5sum
),
'wb'
)
as
fh
:
fh
.
write
(
fake_image3_content
)
url
=
'http://%s:%s'
%
server
.
server_address
self
.
fake_image
=
'/'
.
join
([
url
,
self
.
fake_image_md5sum
])
self
.
fake_image2
=
'/'
.
join
([
url
,
self
.
fake_image2_md5sum
])
cls
.
fake_image
=
'/'
.
join
([
url
,
cls
.
fake_image_md5sum
])
cls
.
fake_image2
=
'/'
.
join
([
url
,
cls
.
fake_image2_md5sum
])
cls
.
fake_image3
=
'/'
.
join
([
url
,
cls
.
fake_image3_md5sum
])
old_dir
=
os
.
path
.
realpath
(
os
.
curdir
)
os
.
chdir
(
self
.
image_source_directory
)
os
.
chdir
(
cls
.
image_source_directory
)
try
:
self
.
server_process
=
multiprocessing
.
Process
(
cls
.
server_process
=
multiprocessing
.
Process
(
target
=
server
.
serve_forever
,
name
=
'FakeImageHttpServer'
)
self
.
server_process
.
start
()
cls
.
server_process
.
start
()
finally
:
os
.
chdir
(
old_dir
)
def
stopImageHttpServer
(
self
):
self
.
logger
.
debug
(
'Stopping process %s'
%
(
self
.
server_process
,))
self
.
server_process
.
join
(
10
)
self
.
server_process
.
terminate
()
@
classmethod
def
stopImageHttpServer
(
cls
):
cls
.
logger
.
debug
(
'Stopping process %s'
%
(
cls
.
server_process
,))
cls
.
server_process
.
join
(
10
)
cls
.
server_process
.
terminate
()
time
.
sleep
(
0.1
)
if
self
.
server_process
.
is_alive
():
self
.
logger
.
warning
(
'Process %s still alive'
%
(
self
.
server_process
,
))
if
cls
.
server_process
.
is_alive
():
cls
.
logger
.
warning
(
'Process %s still alive'
%
(
cls
.
server_process
,
))
shutil
.
rmtree
(
self
.
image_source_directory
)
shutil
.
rmtree
(
cls
.
image_source_directory
)
@
skipUnlessKvm
...
...
@@ -805,6 +816,7 @@ class TestBootImageUrlList(InstanceTestCase, FakeImageServerMixin):
# variations
key
=
'boot-image-url-list'
test_input
=
"%s#%s
\
n
%s#%s"
empty_input
=
""
image_directory
=
'boot-image-url-list-repository'
config_state_promise
=
'boot-image-url-list-config-state-promise.py'
download_md5sum_promise
=
'boot-image-url-list-download-md5sum-promise.py'
...
...
@@ -830,12 +842,21 @@ class TestBootImageUrlList(InstanceTestCase, FakeImageServerMixin):
@
classmethod
def
getInstanceParameterDict
(
cls
):
# start with empty, but working configuration
return
{}
return
{
cls
.
key
:
cls
.
test_input
%
(
cls
.
fake_image
,
cls
.
fake_image_md5sum
,
cls
.
fake_image2
,
cls
.
fake_image2_md5sum
)
}
def
setUp
(
self
):
super
(
InstanceTestCase
,
self
).
setUp
()
self
.
startImageHttpServer
()
@
classmethod
def
setUpClass
(
cls
):
cls
.
startImageHttpServer
()
super
(
InstanceTestCase
,
cls
).
setUpClass
()
@
classmethod
def
tearDownClass
(
cls
):
super
(
InstanceTestCase
,
cls
).
tearDownClass
()
cls
.
stopImageHttpServer
()
def
tearDown
(
self
):
# clean up the instance for other tests
...
...
@@ -845,7 +866,6 @@ class TestBootImageUrlList(InstanceTestCase, FakeImageServerMixin):
# 2nd ...move instance to "default" state
self
.
rerequestInstance
({})
self
.
slap
.
waitForInstance
(
max_retry
=
10
)
self
.
stopImageHttpServer
()
super
(
InstanceTestCase
,
self
).
tearDown
()
def
getRunningImageList
(
self
,
kvm_instance_partition
,
...
...
@@ -862,57 +882,56 @@ class TestBootImageUrlList(InstanceTestCase, FakeImageServerMixin):
m = _match_cdrom(entry)
if m:
path = m.group(1)
st = os.stat(path)
if stat.S_ISREG(st.st_mode) and st.st_size:
image_list.append(
_sub_iso(r'
\
1
-
$
{
ver
}
\
3
',
sub_shared(r'
$
{
shared
}
/
',
path.replace(kvm_instance_partition, '
$
{
inst
}
')
)))
image_list.append(
_sub_iso(r'
\
1
-
$
{
ver
}
\
3
',
sub_shared(r'
$
{
shared
}
/
',
path.replace(kvm_instance_partition, '
$
{
inst
}
')
)))
return image_list
def test(self):
partition_parameter_kw = {
self.key: self.test_input % (
self.fake_image, self.fake_image_md5sum, self.fake_image2,
self.fake_image2_md5sum)
}
self.rerequestInstance(partition_parameter_kw)
self.slap.waitForInstance(max_retry=10)
# check that image is correctly downloaded and linked
# check that image is correctly downloaded
kvm_instance_partition = os.path.join(
self.slap.instance_directory, self.kvm_instance_partition_reference)
image_repository = os.path.join(
kvm_instance_partition, '
srv
', self.image_directory)
image = os.path.join(image_repository, self.fake_image_md5sum)
image_link = os.path.join(image_repository, '
image_001
')
self.assertTrue(os.path.exists(image))
with open(image, 'rb') as fh:
image_md5sum = hashlib.md5(fh.read()).hexdigest()
self.assertEqual(image_md5sum, self.fake_image_md5sum)
self.assertTrue(os.path.islink(image_link))
self.assertEqual(os.readlink(image_link), image)
image2 = os.path.join(image_repository, self.fake_image2_md5sum)
image2_link = os.path.join(image_repository, '
image_002
')
self.assertTrue(os.path.exists(image2))
with open(image2, 'rb') as fh:
image2_md5sum = hashlib.md5(fh.read()).hexdigest()
self.assertEqual(image2_md5sum, self.fake_image2_md5sum)
self.assertTrue(os.path.islink(image2_link))
self.assertEqual(os.readlink(image2_link), image2)
# mimic the requirement: restart the instance by requesting it stopped and
# then started started, like user have to do it
self.rerequestInstance(partition_parameter_kw, state='
stopped
')
self.slap.waitForInstance(max_retry=1)
self.rerequestInstance(partition_parameter_kw, state='
started
')
self.slap.waitForInstance(max_retry=3)
self.assertEqual(
[
'
$
{
inst
}
/
srv
/%
s
/%
s
' % (self.image_directory, self.fake_image_md5sum),
'
$
{
inst
}
/
srv
/%
s
/%
s
' % (self.image_directory, self.fake_image2_md5sum),
'
$
{
shared
}
/
debian
-
$
{
ver
}
-
amd64
-
netinst
.
iso
',
],
self.getRunningImageList(kvm_instance_partition)
)
# Switch image
self.rerequestInstance({
self.key: self.test_input % (
self.fake_image3, self.fake_image3_md5sum,
self.fake_image2, self.fake_image2_md5sum)
})
self.slap.waitForInstance(max_retry=10)
self.assertTrue(os.path.exists(os.path.join(
image_repository, self.fake_image3_md5sum)))
self.assertTrue(os.path.exists(os.path.join(
image_repository, self.fake_image2_md5sum)))
self.assertEqual(
[
'
$
{
inst
}
/
srv
/%
s
/
image_001
' % self.image_directory
,
'
$
{
inst
}
/
srv
/%
s
/
image_002
' % self.image_directory
,
'
$
{
inst
}
/
srv
/%
s
/
%
s
' % (self.image_directory, self.fake_image3_md5sum)
,
'
$
{
inst
}
/
srv
/%
s
/
%
s
' % (self.image_directory, self.fake_image2_md5sum)
,
'
$
{
shared
}
/
debian
-
$
{
ver
}
-
amd64
-
netinst
.
iso
',
],
self.getRunningImageList(kvm_instance_partition)
...
...
@@ -920,21 +939,16 @@ class TestBootImageUrlList(InstanceTestCase, FakeImageServerMixin):
# cleanup of images works, also asserts that configuration changes are
# reflected
partition_parameter_kw[self.key] = ''
self.rerequestInstance(partition_parameter_kw)
self.slap.waitForInstance(max_retry=2)
# Note: key is left and empty_input is provided, as otherwise the part
# which generate images is simply removed, which can lead to
# leftover
self.rerequestInstance({self.key: self.empty_input})
self.slap.waitForInstance(max_retry=10)
self.assertEqual(
os.listdir(image_repository),
[]
)
# mimic the requirement: restart the instance by requesting it stopped and
# then started started, like user have to do it
self.rerequestInstance(partition_parameter_kw, state='
stopped
')
self.slap.waitForInstance(max_retry=1)
self.rerequestInstance(partition_parameter_kw, state='
started
')
self.slap.waitForInstance(max_retry=3)
# again only default image is available in the running process
self.assertEqual(
['
$
{
shared
}
/
debian
-
$
{
ver
}
-
amd64
-
netinst
.
iso
'],
...
...
@@ -1019,6 +1033,7 @@ class TestBootImageUrlSelect(TestBootImageUrlList):
# variations
key = '
boot
-
image
-
url
-
select
'
test_input = '
[
"%s#%s"
,
"%s#%s"
]
'
empty_input = '
[]
'
image_directory = '
boot
-
image
-
url
-
select
-
repository
'
config_state_promise = '
boot
-
image
-
url
-
select
-
config
-
state
-
promise
.
py
'
download_md5sum_promise = '
boot
-
image
-
url
-
select
-
download
-
md5sum
-
promise
.
py
'
...
...
@@ -1054,35 +1069,27 @@ class TestBootImageUrlSelect(TestBootImageUrlList):
}
self
.
rerequestInstance
(
partition_parameter_kw
)
self
.
slap
.
waitForInstance
(
max_retry
=
10
)
# check that image is correctly downloaded
and linked
# check that image is correctly downloaded
for
image_directory
in
[
'boot-image-url-list-repository'
,
'boot-image-url-select-repository'
]:
image_repository
=
os
.
path
.
join
(
self
.
slap
.
instance_directory
,
self
.
kvm_instance_partition_reference
,
'srv'
,
image_directory
)
image
=
os
.
path
.
join
(
image_repository
,
self
.
fake_image_md5sum
)
image_link
=
os
.
path
.
join
(
image_repository
,
'image_001'
)
self
.
assertTrue
(
os
.
path
.
exists
(
image
))
with
open
(
image
,
'rb'
)
as
fh
:
image_md5sum
=
hashlib
.
md5
(
fh
.
read
()).
hexdigest
()
self
.
assertEqual
(
image_md5sum
,
self
.
fake_image_md5sum
)
self
.
assertTrue
(
os
.
path
.
islink
(
image_link
))
self
.
assertEqual
(
os
.
readlink
(
image_link
),
image
)
kvm_instance_partition
=
os
.
path
.
join
(
self
.
slap
.
instance_directory
,
self
.
kvm_instance_partition_reference
)
# mimic the requirement: restart the instance by requesting it stopped and
# then started started, like user have to do it
self
.
rerequestInstance
(
partition_parameter_kw
,
state
=
'stopped'
)
self
.
slap
.
waitForInstance
(
max_retry
=
1
)
self
.
rerequestInstance
(
partition_parameter_kw
,
state
=
'started'
)
self
.
slap
.
waitForInstance
(
max_retry
=
3
)
self
.
assertEqual
(
[
'${inst}/srv/boot-image-url-select-repository/image_001'
,
'${inst}/srv/boot-image-url-list-repository/image_001'
,
'${inst}/srv/boot-image-url-select-repository/%s'
%
(
self
.
fake_image_md5sum
,),
'${inst}/srv/boot-image-url-list-repository/%s'
%
(
self
.
fake_image_md5sum
,),
'${shared}/debian-${ver}-amd64-netinst.iso'
,
],
self
.
getRunningImageList
(
kvm_instance_partition
)
...
...
@@ -1113,13 +1120,6 @@ class TestBootImageUrlSelect(TestBootImageUrlList):
[]
)
# mimic the requirement: restart the instance by requesting it stopped and
# then started started, like user have to do it
self
.
rerequestInstance
(
partition_parameter_kw
,
state
=
'stopped'
)
self
.
slap
.
waitForInstance
(
max_retry
=
1
)
self
.
rerequestInstance
(
partition_parameter_kw
,
state
=
'started'
)
self
.
slap
.
waitForInstance
(
max_retry
=
3
)
# again only default image is available in the running process
self
.
assertEqual
(
[
'${shared}/debian-${ver}-amd64-netinst.iso'
],
...
...
@@ -1486,7 +1486,7 @@ class TestImageDownloadController(InstanceTestCase, FakeImageServerMixin):
'destination-tmp'
:
'tmp'
,
'url'
:
self
.
fake_image
,
'destination'
:
'destination'
,
'
link'
:
'image_
001'
,
'
image-number'
:
'
001'
,
'gzipped'
:
False
,
'md5sum'
:
self
.
fake_image_md5sum
,
}
...
...
@@ -1501,12 +1501,10 @@ class TestImageDownloadController(InstanceTestCase, FakeImageServerMixin):
INF: Storing errors in %(error_state_file)s
INF: %(fake_image)s : Downloading
INF: %(fake_image)s : Stored with checksum %(checksum)s
INF: %(fake_image)s : Symlinking %(symlink)s -> %(destination)s
"""
.
strip
()
%
{
'fake_image'
:
self
.
fake_image
,
'checksum'
:
self
.
fake_image_md5sum
,
'error_state_file'
:
self
.
error_state_file
,
'symlink'
:
os
.
path
.
join
(
self
.
destination_directory
,
'image_001'
),
'destination'
:
os
.
path
.
join
(
self
.
destination_directory
,
'destination'
),
})
)
...
...
@@ -1533,7 +1531,6 @@ INF: %(fake_image)s : already downloaded
'fake_image'
:
self
.
fake_image
,
'checksum'
:
self
.
fake_image_md5sum
,
'error_state_file'
:
self
.
error_state_file
,
'symlink'
:
os
.
path
.
join
(
self
.
destination_directory
,
'image_001'
),
'destination'
:
os
.
path
.
join
(
self
.
destination_directory
,
'destination'
),
})
)
...
...
@@ -1548,7 +1545,7 @@ INF: %(fake_image)s : already downloaded
'destination-tmp'
:
'tmp'
,
'url'
:
self
.
fake_image
,
'destination'
:
'destination'
,
'
link'
:
'image_
001'
,
'
image-number'
:
'
001'
,
'gzipped'
:
False
,
'md5sum'
:
self
.
fake_image_wrong_md5sum
,
}
...
...
@@ -1566,7 +1563,6 @@ INF: %(fake_image)s : Downloading
"""
.
strip
()
%
{
'fake_image'
:
self
.
fake_image
,
'error_state_file'
:
self
.
error_state_file
,
'symlink'
:
os
.
path
.
join
(
self
.
destination_directory
,
'image_001'
),
'destination'
:
os
.
path
.
join
(
self
.
destination_directory
,
'destination'
),
})
...
...
@@ -1602,7 +1598,6 @@ INF: Storing errors in %(error_state_file)s
"""
.
strip
()
%
{
'fake_image'
:
self
.
fake_image
,
'error_state_file'
:
self
.
error_state_file
,
'symlink'
:
os
.
path
.
join
(
self
.
destination_directory
,
'image_001'
),
'destination'
:
os
.
path
.
join
(
self
.
destination_directory
,
'destination'
),
})
...
...
software/matomo/apache-httpd.conf.in
0 → 100644
View file @
2b4d054c
<VirtualHost *:{{ parameter_dict['port'] }}>
ServerAdmin admin@example.com
DocumentRoot {{ parameter_dict['document-root'] }}/matomo
SetEnvIf Origin "^http(s)?://(.+\.)?(app\.officejs\.com)$" ORIGIN_DOMAIN=$0
Header always set Access-Control-Allow-Origin "%{ORIGIN_DOMAIN}e" env=ORIGIN_DOMAIN
Header always set Access-Control-Allow-Credentials "true" env=ORIGIN_DOMAIN
Header always set Access-Control-Allow-Methods "PROPFIND, PROPPATCH, COPY, MOVE, DELETE, MKCOL, LOCK, UNLOCK, PUT, GETLIB, VERSION-CONTROL, CHECKIN, CHECKOUT, UNCHECKOUT, REPORT, UPDATE, CANCELUPLOAD, HEAD, OPTIONS, GET, POST" env=ORIGIN_DOMAIN
Header always set Access-Control-Allow-Headers "Overwrite, Destination, Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control, Authorization" env=ORIGIN_DOMAIN
Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"
<Directory {{ parameter_dict['document-root'] }}>
Options +FollowSymlinks
AllowOverride All
Require all granted
SetEnv HOME {{ parameter_dict['document-root'] }}
SetEnv HTTP_HOME {{ parameter_dict['document-root'] }}
Dav off
</Directory>
ErrorLog "{{ parameter_dict['log-dir'] }}/matomo-error.log"
CustomLog "{{ parameter_dict['log-dir'] }}/matomo-access.log" combined
</VirtualHost>
software/matomo/buildout.hash.cfg
0 → 100644
View file @
2b4d054c
# THIS IS NOT A BUILDOUT FILE, despite purposedly using a compatible syntax.
# The only allowed lines here are (regexes):
# - "^#" comments, copied verbatim
# - "^[" section beginings, copied verbatim
# - lines containing an "=" sign which must fit in the following categorie.
# - "^\s*filename\s*=\s*path\s*$" where "path" is relative to this file
# Copied verbatim.
# - "^\s*hashtype\s*=.*" where "hashtype" is one of the values supported
# by the re-generation script.
# Re-generated.
# - other lines are copied verbatim
# Substitution (${...:...}), extension ([buildout] extends = ...) and
# section inheritance (< = ...) are NOT supported (but you should really
# not need these here).
[template-apache-httpd]
filename = apache-httpd.conf.in
md5sum = 9940e05d5e624a7884f4e6e062355798
[template-matomo-instance]
filename = matomo-instance.cfg.in
md5sum = cd5d8b83fef478b2fbb4ccc9489f47ed
[template-matomo-backup.sh]
filename = matomo-backup.sh.in
md5sum = d11e34a576e580d4253fbe787f85e5cc
software/matomo/matomo-backup.sh.in
0 → 100644
View file @
2b4d054c
#!/bin/bash
set
-e
set
-x
#checkout if directory and matomo resources exist
if
[
!
-d
{{
parameter_dict[
'document-root'
]
}}
/matomo/config
]
;
then
exit
1
;
fi
if
[
!
-f
{{
parameter_dict[
'document-root'
]
}}
/matomo/config/config.ini.php
]
;
then
exit
0
;
fi
#create plugins backup file
touch
{{
parameter_dict[
'dir-backup'
]
}}
/plugins_list
#remove backup file before
if
[
-d
{{
parameter_dict[
'dir-backup'
]
}}
/config
]
;
then
rm
-rf
{{
parameter_dict[
'dir-backup'
]
}}
/config
fi
if
[
-d
{{
parameter_dict[
'dir-backup'
]
}}
/plugins
]
;
then
rm
-rf
{{
parameter_dict[
'dir-backup'
]
}}
/plugins
fi
#backup
{{
php_bin
}}
{{
parameter_dict[
'document-root'
]
}}
/matomo/console plugin:list
>
{{
parameter_dict[
'dir-backup'
]
}}
/plugins_list
cp
-rf
{{
parameter_dict[
'document-root'
]
}}
/matomo/config
{{
parameter_dict[
'dir-backup'
]
}}
cp
-rf
{{
parameter_dict[
'document-root'
]
}}
/matomo/plugins
{{
parameter_dict[
'dir-backup'
]
}}
exit
0
software/matomo/matomo-instance.cfg.in
0 → 100644
View file @
2b4d054c
# parameters required by the configuration instance
[instance-parameter]
matomo = ${:document-root}
dir-backup = ${directory:backup}
#php.ini parameters
php.memory_limit = 512M
php.date.timezone = Europe/Paris
php.upload_max_filesize = 10240M
php.post_max_size = 10240M
php.session.cookie_secure = True
php.max_execution_time = 1800
php.max_input_time = 3600
php.output_buffering = 'Off'
php.max_file_uploads = 100
[php-bin]
recipe = slapos.cookbook:wrapper
wrapper-path = ${directory:bin}/php
command-line = ${instance-parameter:php-bin} -c ${php.ini-conf:rendered}
[matomo-backup-cron]
recipe = slapos.cookbook:cron.d
cron-entries = ${cron:cron-entries}
name = matomo-backup
frequency = 0 0 * * *
command = ${matomo-backup.sh:rendered}
[matomo-apache-httpd]
recipe = slapos.recipe.template:jinja2
template = {{ matomo_apache_httpd }}
rendered = ${directory:apache.d}/matomo.conf
context =
section parameter_dict apache-php-configuration
[matomo-backup.sh]
recipe = slapos.recipe.template:jinja2
template = {{ matomo_backup_sh }}
rendered = ${directory:scripts}/matomo-backup
context =
section parameter_dict instance-parameter
key php_bin php-bin:wrapper-path
depends =
${matomo-apache-httpd:recipe}
${matomo-backup-cron:recipe}
[slap-parameter]
instance.cli-url = ${apache-php-configuration:url}
software/matomo/software.cfg
0 → 100644
View file @
2b4d054c
[buildout]
extends =
buildout.hash.cfg
#apache-php mariadb zilb ...
../../stack/lamp/buildout.cfg
# "slapos" stack describes basic things needed for 99.9% of SlapOS Software
../../stack/slapos.cfg
parts =
# Call installation of slapos.cookbook egg defined in stack/slapos.cfg (needed
# in 99,9% of Slapos Software Releases)
slapos-cookbook
# to create file instance-matomo.cfg in instance of apache-php
template-matomo-instance
# to create file instance.cfg of all instances
instance
# download bas
# inherited by modules that need to download files
[matomo-download]
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/${:filename}
# download matomo
# The specific process of downloading and decompressing is defined in stack lamp
[application]
url = https://builds.matomo.org/matomo-4.7.1.zip
md5sum = 8d592676bc2c0d51363ad7b2caf171fe
# give the location of the instance-matomo.cfg fil
# Without it the instance-matomo.cfg file will not be executed
[custom-application-deployment]
path = ${template-matomo-instance:rendered}
part-list = matomo-backup.sh
[template-matomo-instance]
recipe = slapos.recipe.template:jinja2
template = ${:_profile_base_location_}/${:filename}
rendered = ${buildout:directory}/instance-matomo.cfg
extensions = jinja2.ext.do
context =
key gzip_location gzip:location
key python3_location python3:location
key php_location apache-php:location
key matomo_apache_httpd template-apache-httpd:target
key matomo_backup_sh template-matomo-backup.sh:target
# download apache-httpd.conf.in
[template-apache-httpd]
<= matomo-download
# download matomo-backup.sh.in
[template-matomo-backup.sh]
<= matomo-download
software/matomo/test/README.md
0 → 100644
View file @
2b4d054c
Tests for matomo software release
software/matomo/test/setup.py
0 → 100644
View file @
2b4d054c
##############################################################################
#
# Copyright (c) 2018 Nexedi SA and Contributors. All Rights Reserved.
#
# WARNING: This program as such is intended to be used by professional
# programmers who take the whole responsibility of assessing all potential
# consequences resulting from its eventual inadequacies and bugs
# End users who are looking for a ready-to-use solution with commercial
# guarantees and support are strongly adviced to contract a Free Software
# Service Company
#
# This program is Free Software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 3
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#
##############################################################################
from
setuptools
import
setup
,
find_packages
version
=
'0.0.1.dev0'
name
=
'slapos.test.matomo'
with
open
(
"README.md"
)
as
f
:
long_description
=
f
.
read
()
setup
(
name
=
name
,
version
=
version
,
description
=
"Test for SlapOS' matomo"
,
long_description
=
long_description
,
long_description_content_type
=
'text/markdown'
,
maintainer
=
"Nexedi"
,
maintainer_email
=
"info@nexedi.com"
,
url
=
"https://lab.nexedi.com/nexedi/slapos"
,
packages
=
find_packages
(),
install_requires
=
[
'slapos.core'
,
'slapos.libnetworkcache'
,
'erp5.util'
,
'requests'
,
],
zip_safe
=
True
,
test_suite
=
'test'
,
)
software/matomo/test/test.py
0 → 100644
View file @
2b4d054c
##############################################################################
# coding: utf-8
#
# Copyright (c) 2022 Nexedi SA and Contributors. All Rights Reserved.
#
# WARNING: This program as such is intended to be used by professional
# programmers who take the whole responsibility of assessing all potential
# consequences resulting from its eventual inadequacies and bugs
# End users who are looking for a ready-to-use solution with commercial
# guarantees and support are strongly adviced to contract a Free Software
# Service Company
#
# This program is Free Software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 3
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#
##############################################################################
import
os
import
requests
import
glob
from
slapos.testing.testcase
import
makeModuleSetUpAndTestCaseClass
setUpModule
,
SlapOSInstanceTestCase
=
makeModuleSetUpAndTestCaseClass
(
os
.
path
.
abspath
(
os
.
path
.
join
(
os
.
path
.
dirname
(
__file__
),
'..'
,
'software.cfg'
)))
class
MatomoTestCase
(
SlapOSInstanceTestCase
):
#check where matomo installed
def
setUp
(
self
):
partition_path_list
=
glob
.
glob
(
os
.
path
.
join
(
self
.
slap
.
instance_directory
,
'*'
))
for
partition_path
in
partition_path_list
:
path
=
os
.
path
.
join
(
partition_path
,
'srv/www'
)
if
os
.
path
.
exists
(
path
):
self
.
matomo_path
=
path
break
self
.
assertTrue
(
self
.
matomo_path
,
"matomo path not found in %r"
%
(
partition_path_list
,))
self
.
connection_parameters
=
self
.
computer_partition
.
getConnectionParameterDict
()
#Check if matomo root directory is empty
def
test_matomo_dir
(
self
):
self
.
assertEqual
(
os
.
path
.
isfile
(
self
.
matomo_path
),
False
)
#Check deployement matomo works
def
test_matomo_url_get
(
self
):
resp
=
requests
.
get
(
self
.
connection_parameters
[
'backend-url'
],
verify
=
False
)
self
.
assertEqual
(
requests
.
codes
.
ok
,
resp
.
status_code
)
#Check deployement moniter works
def
test_monitor_url_get
(
self
):
resp
=
requests
.
get
(
self
.
connection_parameters
[
'monitor-setup-url'
],
verify
=
False
)
self
.
assertEqual
(
requests
.
codes
.
ok
,
resp
.
status_code
)
software/ors-amarisoft/buildout.hash.cfg
View file @
2b4d054c
...
...
@@ -28,11 +28,11 @@ md5sum = e4c224da723ad56091f27ed5c0b0bbca
[template-lte-gnb-epc]
_update_hash_filename_ = instance-gnb-epc.jinja2.cfg
md5sum = b
9a58fa4037d32fc1dc4f5ef89e6211a
md5sum = b
15e678779dee0a26746487990fedc01
[template-lte-gnb]
_update_hash_filename_ = instance-gnb.jinja2.cfg
md5sum =
0b74993990a0dfa3c6429dc4ac716826
md5sum =
9c275dde5c485c05f92a9be053f10593
[template-lte-epc]
_update_hash_filename_ = instance-epc.jinja2.cfg
...
...
@@ -48,7 +48,7 @@ md5sum = 8cac0de54f54236e750ee85b98de8a31
[gnb.jinja2.cfg]
filename = config/gnb.jinja2.cfg
md5sum =
28cc9fc7b1fa7cccb16315a732d9a15
f
md5sum =
655186dae112b1baf561ae320ed86ee
f
[ltelogs.jinja2.sh]
filename = ltelogs.jinja2.sh
...
...
software/ors-amarisoft/config/gnb.jinja2.cfg
View file @
2b4d054c
...
...
@@ -17,7 +17,7 @@
#define USE_SRS 0
{
log_options: "all.level=
debug,all.max_size=32
",
log_options: "all.level=
info,all.max_size=32,file.rotate=1G,file.path={{ directory['tmp'] }}
",
log_filename: "{{ directory['log'] }}/gnb.log",
/* Enable remote API and Web interface */
...
...
@@ -42,7 +42,7 @@
],
/* GTP bind address (=address of the ethernet interface connected to
the AMF). Must be modified if the AMF runs on a different host. */
{% if slapparameter_dict.get('
mme
_addr', '') %}
{% if slapparameter_dict.get('
amf
_addr', '') %}
gtp_addr: "{{ gtp_addr }}",
{% else %}
gtp_addr: "127.0.1.1",
...
...
software/ors-amarisoft/instance-gnb-epc.jinja2.cfg
View file @
2b4d054c
...
...
@@ -79,11 +79,11 @@ config-nr_band = {{ dumps(slapparameter_dict["nr_band"]) }}
{% if slapparameter_dict.get("nr_bandwidth", None) %}
config-nr_bandwidth = {{ dumps(slapparameter_dict["nr_bandwidth"]) }}
{% endif %}
{% if slapparameter_dict.get("
mme
_addr", None) %}
config-
mme_addr = {{ dumps(slapparameter_dict["mme
_addr"]) }}
{% if slapparameter_dict.get("
amf
_addr", None) %}
config-
amf_addr = {{ dumps(slapparameter_dict["amf
_addr"]) }}
{% endif %}
{% if slapparameter_dict.get("
e
nb_id", None) %}
config-
enb_id = {{ dumps(slapparameter_dict["e
nb_id"]) }}
{% if slapparameter_dict.get("
g
nb_id", None) %}
config-
gnb_id = {{ dumps(slapparameter_dict["g
nb_id"]) }}
{% endif %}
{% if slapparameter_dict.get("gnb_config_link", None) %}
config-gnb_config_link = {{ dumps(slapparameter_dict["gnb_config_link"]) }}
...
...
software/ors-amarisoft/instance-gnb.jinja2.cfg
View file @
2b4d054c
...
...
@@ -5,6 +5,7 @@ parts =
lte-gnb-config
lte-enb-service
sdr-busy-promise
remove-tmp
monitor-base
publish-connection-information
...
...
@@ -14,6 +15,11 @@ eggs-directory = {{ eggs_directory }}
develop-eggs-directory = {{ develop_eggs_directory }}
offline = true
[remove-tmp]
# Remove old logs stored in tmp directory to prevent disk from becoming full
recipe = plone.recipe.command
command = rm -rf ${directory:tmp}/*
[slap-configuration]
recipe = slapos.cookbook:slapconfiguration
computer = {{ slap_connection['computer-id'] }}
...
...
@@ -45,6 +51,7 @@ etc = ${:home}/etc
var = ${:home}/var
etc = ${:home}/etc
bin = ${:home}/bin
tmp = ${:home}/tmp
run = ${:var}/run
script = ${:etc}/run
service = ${:etc}/service
...
...
software/slapos-sr-testing/software-py3.cfg
View file @
2b4d054c
...
...
@@ -25,3 +25,4 @@ extra =
restic-rest-server ${slapos.test.restic_rest_server-setup:setup}
headless-chromium ${slapos.test.headless-chromium-setup:setup}
hugo ${slapos.test.hugo-setup:setup}
matomo ${slapos.test.matomo-setup:setup}
software/slapos-sr-testing/software.cfg
View file @
2b4d054c
...
...
@@ -145,6 +145,12 @@ setup = ${slapos-repository:location}/software/html5as-base/test/
egg = slapos.test.hugo
setup = ${slapos-repository:location}/software/hugo/test/
[slapos.test.matomo-setup]
<= setup-develop-egg
egg = slapos.test.matomo
setup = ${slapos-repository:location}/software/matomo/test/
[slapos.test.jupyter-setup]
<= setup-develop-egg
egg = slapos.test.jupyter
...
...
@@ -282,6 +288,7 @@ extra-eggs =
${slapos.test.headless-chromium-setup:egg}
${slapos.test.erp5testnode-setup:egg}
${slapos.test.hugo-setup:egg}
${slapos.test.matomo-setup:egg}
# We don't name this interpreter `python`, so that when we run slapos node
# software, installation scripts running `python` use a python without any
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment