instance-monitor.cfg.jinja2.in 14.1 KB
Newer Older
1 2 3 4 5 6 7 8
[slap-configuration]
recipe = slapos.cookbook:slapconfiguration.serialised
computer = ${slap-connection:computer-id}
partition = ${slap-connection:partition-id}
url = ${slap-connection:server-url}
key = ${slap-connection:key-file}
cert = ${slap-connection:cert-file}

9 10 11 12
# XXX Default values if doesn't exists
root-instance-title = UNKNOWN H-S
instance-title = UNKNOWN Instance

13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63
[cron]
recipe = slapos.cookbook:cron
cron-entries = ${logrotate-directory:cron-entries}
dcrond-binary = {{ dcron_executable_location }}
crontabs = ${logrotate-directory:crontabs}
cronstamps = ${logrotate-directory:cronstamps}
catcher = ${cron-simplelogger:wrapper}
binary = ${logrotate-directory:services}/crond

[cron-simplelogger]
recipe = slapos.cookbook:simplelogger
wrapper = ${logrotate-directory:bin}/cron_simplelogger
log = ${logrotate-directory:log}/cron.log

[logrotate]
recipe = slapos.cookbook:logrotate
logrotate-entries = ${logrotate-directory:logrotate-entries}
backup = ${logrotate-directory:logrotate-backup}
logrotate-binary = {{ logrotate_executable_location }}
gzip-binary = {{ gzip_location }}/bin/gzip
gunzip-binary = {{ gzip_location }}/bin/gunzip
wrapper = ${logrotate-directory:bin}/logrotate
conf = ${logrotate-directory:etc}/logrotate.conf
state-file = ${logrotate-directory:srv}/logrotate.status

[cron-entry-logrotate]
recipe = slapos.cookbook:cron.d
cron-entries = ${cron:cron-entries}
name = logrotate
frequency = 0 0 * * *
command = ${logrotate:wrapper}

# Add log to cron
[cron-simplelogger]
recipe = slapos.cookbook:simplelogger
wrapper = ${monitor-directory:bin}/cron_simplelogger
log = ${monitor-directory:log}/cron.log

[directory]
recipe = slapos.cookbook:mkdirectory
etc = ${buildout:directory}/etc
bin = ${buildout:directory}/bin
srv = ${buildout:directory}/srv
var = ${buildout:directory}/var
run = ${:var}/run
log = ${:var}/log
scripts = ${:etc}/run
services = ${:etc}/service
promises = ${:etc}/promise
monitor = ${:srv}/monitor
monitor-promise = ${:etc}/monitor-promise
64
monitor-report = ${:etc}/monitor-report
65 66 67 68 69 70 71

[monitor-directory]
recipe = slapos.cookbook:mkdirectory
bin = ${directory:bin}
etc = ${directory:etc}
run = ${directory:monitor}/run
#run = ${directory:scripts}
72
promises = ${directory:monitor-promise}
73
reports = ${directory:monitor-report}
74 75
pids = ${directory:run}/monitor
cgi-bin = ${directory:monitor}/cgi-bin
76
webdav = ${directory:monitor}/webdav
77 78 79 80 81
public = ${directory:monitor}/public
private = ${directory:monitor}/private
services = ${directory:services}
services-conf = ${directory:etc}/monitor.conf.d
log = ${directory:log}/monitor
82
monitor-var = ${directory:var}/monitor
83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122

[logrotate-directory]
recipe = slapos.cookbook:mkdirectory
cron-entries = ${:etc}/cron.d
cronstamps = ${:etc}/cronstamps
crontabs = ${:etc}/crontabs
logrotate-backup = ${:backup}/logrotate
logrotate-entries = ${:etc}/logrotate.d
bin = ${buildout:directory}/bin
srv = ${buildout:directory}/srv
backup = ${:srv}/backup
etc = ${buildout:directory}/etc
services = ${:etc}/service
log = ${buildout:directory}/var/log

[ca-directory]
recipe = slapos.cookbook:mkdirectory
root = ${directory:srv}/ssl
requests = ${:root}/requests
private = ${:root}/private
certs = ${:root}/certs
newcerts = ${:root}/newcerts
crl = ${:root}/crl

[certificate-authority]
recipe = slapos.cookbook:certificate_authority
openssl-binary = {{ openssl_executable_location }}
ca-dir = ${ca-directory:root}
requests-directory = ${ca-directory:requests}
wrapper = ${monitor-directory:services}/certificate_authority
ca-private = ${ca-directory:private}
ca-certs = ${ca-directory:certs}
ca-newcerts = ${ca-directory:newcerts}
ca-crl = ${ca-directory:crl}

[ca-httpd]
<= certificate-authority
recipe = slapos.cookbook:certificate_authority.request
key-file = ${monitor-httpd-conf-parameter:key-file}
cert-file = ${monitor-httpd-conf-parameter:cert-file}
123
executable = ${monitor-httpd-wrapper:wrapper-path}
124 125 126 127
wrapper = ${directory:services}/monitor-httpd

[monitor-conf-parameters]
title = ${monitor-instance-parameter:monitor-title}
128
root-title = ${monitor-instance-parameter:root-instance-title}
129 130
public-folder = ${monitor-directory:public}
private-folder = ${monitor-directory:private}
131
webdav-folder = ${monitor-directory:webdav}
132
report-folder = ${monitor-directory:reports}
133
base-url = ${monitor-instance-parameter:monitor-base-url}
134
monitor-hal-json = ${monitor-directory:public}/monitor.hal.json
135 136
service-pid-folder = ${monitor-directory:pids}
crond-folder = ${logrotate-directory:cron-entries}
137
logrotate-folder = ${logrotate:logrotate-entries}
138
promise-runner = {{ monitor_runpromise }}
Alain Takoudjou's avatar
Alain Takoudjou committed
139 140 141 142
promise-folder-list = 
  ${directory:promises}
  ${directory:monitor-promise}

143 144
public-path-list = 
private-path-list = 
145 146
    ${directory:log}
# 
147
monitor-url-list = 
148
  ${monitor-instance-parameter:monitor-url-list}
149 150 151 152 153 154 155 156 157 158 159 160

parameter-file-path = ${monitor-instance-parameter:configuration-file-path}

parameter-list = 
  raw monitor-user ${monitor-instance-parameter:username}
  htpasswd monitor-password ${monitor-htpassword-file:password-file} ${monitor-instance-parameter:username} ${httpd-monitor-htpasswd:htpasswd-path}
  ${monitor-instance-parameter:instance-configuration}
# htpasswd entry:  htpasswd key password-file username htpasswd-file

collector-db = ${monitor-instance-parameter:collector-db}
collect-script = {{ monitor_collect }}
python = {{ python_with_eggs }}
161

162 163
promise-output-file = ${directory:monitor}/monitor-bootstrap-status

164 165 166 167 168 169 170
[monitor-conf]
recipe = slapos.recipe.template:jinja2
template = {{ monitor_conf_template }}
rendered = ${directory:etc}/${:filename}
filename = monitor.conf
context = section parameter_dict monitor-conf-parameters

171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188
[instance-info-parameters]
name = ${monitor-instance-parameter:monitor-title}
root-name = ${monitor-instance-parameter:root-instance-title}
computer-id = ${slap-connection:computer-id}
ipv4 = ${slap-configuration:ipv4-random}
ipv6 = ${slap-configuration:ipv6-random}
software-release = ${slap-connection:software-release-url}
software-type = ${slap-configuration:slap-software-type}
partition-id = ${slap-connection:partition-id}

[monitor-instance-info]
recipe = slapos.recipe.template:jinja2
template = {{ monitor_instance_info }}
rendered = ${directory:etc}/${:filename}
filename = instance-info.conf
context = 
  section instance_dict instance-info-parameters

Alain Takoudjou's avatar
Alain Takoudjou committed
189 190 191
[python-symlink]
recipe = plone.recipe.command
target = ${directory:bin}
192
command = ln -sf {{ python_with_eggs }} ${:target}/python
Alain Takoudjou's avatar
Alain Takoudjou committed
193 194 195 196 197 198 199 200 201
update-command = ${:command}

[start-monitor]
recipe = slapos.cookbook:wrapper
command-line = {{ python_executable }} {{ monitor_bin }} --config_file ${monitor-conf:rendered}
wrapper-path = ${directory:scripts}/bootstrap-monitor
environment = 
  PATH=${python-symlink:target}:/usr/local/bin:/usr/bin:/bin

202 203 204 205 206 207 208 209 210 211 212 213 214 215
[monitor-htpasswd]
recipe = slapos.cookbook:generate.password
storage-path = ${directory:etc}/.monitor_user
bytes = 8
username = admin

[monitor-htpassword-file]
recipe = plone.recipe.command
stop-on-error = true
password-file = ${directory:etc}/.monitor_pwd
command = 
  if [ ! -f "${:password-file}" ]; then echo "${monitor-instance-parameter:password}" > ${:password-file}; fi
update-command = ${:command}

216 217 218 219
[httpd-monitor-htpasswd]
recipe = plone.recipe.command
stop-on-error = true
htpasswd-path = ${monitor-directory:etc}/monitor-htpasswd
220 221
command = if [ ! -f "${:htpasswd-path}" ]; then {{ apache_location }}/bin/htpasswd -cb ${:htpasswd-path} ${:user} ${:password}; fi
update-command = ${:command}
222 223
user = ${monitor-instance-parameter:username}
password = ${monitor-instance-parameter:password}
224 225 226 227

[monitor-httpd-conf-parameter]
listening-ip = ${monitor-instance-parameter:monitor-httpd-ipv6}
port = ${monitor-instance-parameter:monitor-httpd-port}
228 229 230
pid-file = ${directory:run}/monitor-httpd.pid
access-log = ${monitor-directory:log}/monitor-httpd-access.log
error-log = ${monitor-directory:log}/monitor-httpd-error.log
231 232 233
cert-file = ${ca-directory:certs}/httpd.crt
key-file = ${ca-directory:certs}/httpd.key
htpasswd-file = ${httpd-monitor-htpasswd:htpasswd-path}
234 235 236
url = https://[${monitor-instance-parameter:monitor-httpd-ipv6}]:${:port}
httpd-cors-config-file = ${monitor-httpd-cors:rendered}
httpd-include-file = 
237 238 239 240 241 242 243 244 245 246

[monitor-httpd-conf]
recipe = slapos.recipe.template:jinja2
template = {{ monitor_httpd_template }}
rendered = ${monitor-directory:etc}/monitor-httpd.conf
mode = 0744
context =
  section directory monitor-directory
  section parameter_dict monitor-httpd-conf-parameter

247 248 249 250 251 252 253 254 255
[monitor-httpd-cors]
recipe = slapos.recipe.template:jinja2
template = {{ monitor_https_cors }}
rendered = ${directory:etc}/httpd-cors.cfg
mode = 0600
context =
  key domain monitor-instance-parameter:cors-domains

[monitor-httpd-wrapper]
256 257 258 259 260 261
recipe = slapos.cookbook:wrapper
command-line = {{ apache_location }}/bin/httpd -f ${monitor-httpd-conf:rendered} -DFOREGROUND
wrapper-path = ${directory:bin}/monitor-httpd
wait-for-files =
  ${ca-directory:certs}/httpd.key
  ${ca-directory:certs}/httpd.crt
262
  ${monitor-httpd-graceful-wrapper:rendered}
263

264
[monitor-httpd-graceful-wrapper]
265 266
recipe = slapos.recipe.template:jinja2
template = {{ template_wrapper }}
267
rendered = ${directory:scripts}/monitor-httpd-graceful
268 269 270
mode = 0700
context =
    key content :command
271
    raw dash_binary {{ dash_executable_location }}
272 273
command = kill -USR1 $(cat ${monitor-httpd-conf-parameter:pid-file})

Tristan Cavelier's avatar
Tristan Cavelier committed
274 275
[monitor-status2rss-wrapper]
recipe = slapos.cookbook:wrapper
276
# XXX - hard-coded Urls
277
command-line = {{ monitor_genrss }} --output '${monitor-directory:public}/feed' --items_folder '${monitor-directory:public}'  --feed_url '${monitor-conf-parameters:base-url}/public/feed' --public_url '${monitor-conf-parameters:base-url}/share/jio_public/' --private_url '${monitor-conf-parameters:base-url}/share/jio_private/' --instance_name '${monitor-conf-parameters:title}' --hosting_name '${monitor-conf-parameters:root-title}'
278

Tristan Cavelier's avatar
Tristan Cavelier committed
279 280 281 282 283 284 285 286 287
wrapper-path = ${directory:bin}/monitor-status2rss.py

[monitor-status2rss-cron-entry]
recipe = slapos.cookbook:cron.d
cron-entries = ${cron:cron-entries}
name = monitor-status2rss
frequency = * * * * *
command = ${monitor-status2rss-wrapper:wrapper-path}

288 289
[monitor-globalstate-wrapper]
recipe = slapos.cookbook:wrapper
290
command-line = {{ monitor_genstatus }} '${monitor-conf:rendered}' '${monitor-instance-info:rendered}'
291 292 293 294 295
wrapper-path = ${directory:bin}/monitor-globalstate

[monitor-configurator-wrapper]
recipe = slapos.cookbook:wrapper
# XXX - hard coded path
296
command-line = {{ monitor_configwrite }} --config_folder '${monitor-conf-parameters:private-folder}/config/.jio_documents' --output_cfg_file '${monitor-instance-parameter:configuration-file-path}' --htpasswd_bin '{{ apache_location }}/bin/htpasswd'
297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312
wrapper-path = ${directory:bin}/monitor-configurator

[monitor-globalstate-cron-entry]
recipe = slapos.cookbook:cron.d
cron-entries = ${cron:cron-entries}
name = monitor-globalstate
frequency = * * * * *
command = ${monitor-globalstate-wrapper:wrapper-path}

[monitor-configurator-cron-entry]
recipe = slapos.cookbook:cron.d
cron-entries = ${cron:cron-entries}
name = monitor-configurator
frequency = * * * * *
command = ${monitor-configurator-wrapper:wrapper-path}

313 314 315 316 317 318 319 320 321 322
[monitor-httpd-promise]
recipe = slapos.cookbook:check_url_available
path = ${directory:promises}/${:filename}
filename = monitor-httpd-listening-on-tcp
url = ${monitor-httpd-conf-parameter:url}
check-secure = 1
dash_path = {{ dash_executable_location }}
curl_path = {{ curl_executable_location }}

[publish]
323 324
# XXX depends on monitor-base section
monitor-base-url = ${monitor-base:base-url}
325 326 327
monitor-url = ${:monitor-base-url}/public/feeds
monitor-user = ${monitor-instance-parameter:username}
monitor-password = ${monitor-instance-parameter:password}
328 329

[monitor-instance-parameter]
330 331 332
monitor-title = ${slap-configuration:instance-title}
monitor-httpd-ipv6 = ${slap-configuration:ipv6-random}
monitor-httpd-port = 8196
333 334
# XXX - Set monitor-base-url = ${monitor-httpd-conf-parameter:url} => https://[ipv6]:port
monitor-base-url = ${monitor-frontend-promise:url}
335
#monitor-base-url = ${monitor-httpd-conf-parameter:url}
336
root-instance-title = ${slap-configuration:root-instance-title}
337
monitor-url-list =
338
cors-domains = monitor.app.officejs.com 
339 340 341 342 343 344 345 346 347 348 349
# XXX Hard coded parameter
collector-db = /srv/slapgrid/var/data-log/collector.db
# Credentials
password = ${monitor-htpasswd:passwd}
username = ${monitor-htpasswd:username}
# XXX: type key value
# ex raw monitor-password resqdsdsd34
instance-configuration =

configuration-file-path = ${monitor-directory:etc}/monitor_knowledge0.cfg

350 351
interface-url = https://monitor.app.officejs.com

352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371
[monitor-frontend]
<= slap-connection
recipe = slapos.cookbook:requestoptional
name = Monitor Frontend ${monitor-instance-parameter:monitor-title}
# XXX We have hardcoded SR URL here.
software-url = http://git.erp5.org/gitweb/slapos.git/blob_plain/HEAD:/software/apache-frontend/software.cfg
slave = true
config-url = ${monitor-httpd-conf-parameter:url}
config-https-only = true
#software-type = custom-personal
return = domain secure_access

[monitor-frontend-promise]
recipe = slapos.cookbook:check_url_available
path = ${directory:promises}/monitor-http-frontend
url = ${monitor-frontend:connection-secure_access}
dash_path = {{ dash_executable_location }}
curl_path = {{ curl_executable_location }}
check-secure = 1

372 373 374 375 376 377 378 379 380 381 382
[monitor-bootstrap-promise]
recipe = slapos.recipe.template:jinja2
template = {{ template_wrapper }}
rendered = ${directory:promises}/monitor-bootstrap-status
file = ${monitor-conf-parameters:promise-output-file}
command = if [ ! -f "${:file}" ]; then echo "Monitor bootstrap exited with error." && exit 2; else echo "Bootstrap OK"; fi
mode = 0700
context =
    key content :command
    raw dash_binary {{ dash_executable_location }}

383 384 385 386 387
[monitor-base]
# create dependencies between required monitor parts
recipe = plone.recipe.command
command = true
update-command = 
388
base-url = ${monitor-conf-parameters:base-url}
389 390 391 392 393 394 395 396 397 398
depends =
  ${monitor-globalstate-cron-entry:name}
  ${monitor-configurator-cron-entry:name}
  ${cron-entry-logrotate:name}
  ${certificate-authority:wrapper}
  ${monitor-conf:rendered}
  ${start-monitor:wrapper-path}
  ${ca-httpd:wrapper}
  ${monitor-httpd-promise:filename}
  ${monitor-status2rss-cron-entry:name}
399
  ${monitor-bootstrap-promise:file}
400

401 402 403
[monitor-publish]
monitor-base-url = ${publish:monitor-base-url}
monitor-setup-url = ${monitor-instance-parameter:interface-url}/#page=settings_configurator&url=${publish:monitor-url}&username=$${publish:monitor-user}&password=${publish:monitor-password}