instance-default.cfg.jinja.in 8.5 KB
Newer Older
1 2
{%- set slapparameter_dict = dict(default_parameter_dict, **slapparameter_dict) -%}

3

4
[buildout]
5

6 7 8 9
eggs-directory = ${buildout:eggs-directory}
develop-eggs-directory = ${buildout:develop-eggs-directory}
offline = true

10 11
extends = ${monitor2-template:rendered}

12
parts =
13
  testnode-service
14 15
  certificate-authority
  ca-shellinabox
16
  ca-httpd-testnode
17 18
  monitor-base
  monitor-publish
19
  testnode-frontend
20
  resiliency-exclude-file
21 22
  shellinabox-frontend-reload
  promises
23

24
[monitor-publish]
25
recipe = slapos.cookbook:publish
26
url = $${shellinabox-frontend:url}
Ivan Tyagov's avatar
Ivan Tyagov committed
27
frontend-url = $${testnode-frontend:connection-secure_access}
28
log-frontend-url = $${testnode-log-frontend:connection-secure_access}
29 30

[pwgen]
31 32
recipe = slapos.cookbook:generate.password
storage-path = $${buildout:directory}/.password
33

34
[testnode]
35 36 37 38
recipe = slapos.cookbook:erp5testnode
slapos-directory = $${directory:slapos}
working-directory = $${directory:testnode}
test-suite-directory = $${directory:test-suite}
39
shared-part-list = $${directory:shared}
40
proxy-host = {{ partition_ipv4 }}
41 42
proxy-port = 5000
log-directory = $${directory:log}
43 44
srv-directory = $${rootdirectory:srv}
software-directory = $${directory:software}
45
run-directory = $${directory:run}
46 47 48 49 50 51 52 53 54 55 56 57
test-node-title = {{ slapparameter_dict['test-node-title'] }}
node-quantity = {{ slapparameter_dict['node-quantity'] }}
ipv4-address = {{ partition_ipv4 }}
ipv6-address = {{ partition_ipv6 }}
test-suite-master-url = {{ slapparameter_dict['test-suite-master-url'] }}
instance-dict = {{ slapparameter_dict['instance-dict'] }}
{%- if isinstance(slapparameter_dict['software-path-list'], str) %}
software-path-list = {{ slapparameter_dict['software-path-list'] }}
{%- else %}
software-path-list = {{ json.dumps(slapparameter_dict['software-path-list']) }}
{%- endif %}
keep-log-days = {{ slapparameter_dict['keep-log-days'] }}
58
git-binary = ${git:location}/bin/git
59
slapos-binary = ${buildout:bin-directory}/slapos
60 61
testnode = ${buildout:bin-directory}/testnode
zip-binary = ${zip:location}/bin/zip
62 63 64
httpd-pid-file = $${basedirectory:run}/httpd.pid
httpd-lock-file = $${basedirectory:run}/httpd.lock
httpd-conf-file = $${rootdirectory:etc}/httpd.conf
65
httpd-wrapper = $${rootdirectory:bin}/httpd
66
httpd-port = 9080
67
httpd-software-access-port = 9081
68
httpd-ip = {{ partition_ipv6 }}
69
httpd-log-directory = $${basedirectory:log}
70
httpd-software-directory = $${directory:software}
71 72
httpd-cert-file = $${rootdirectory:etc}/httpd-public.crt
httpd-key-file = $${rootdirectory:etc}/httpd-private.key
73 74
frontend-url = $${testnode-frontend:connection-secure_access}
log-frontend-url = $${testnode-log-frontend:connection-secure_access}
75 76 77

configuration-file = $${rootdirectory:etc}/erp5testnode.cfg
log-file = $${basedirectory:log}/erp5testnode.log
78
wrapper = $${buildout:bin-directory}/erp5testnode-service
79

80 81
# Binaries
apache-binary = ${apache:location}/bin/httpd
82
apache-modules-dir = ${apache:location}/modules
83 84 85
apache-mime-file = ${apache:location}/conf/mime.types
apache-htpasswd = ${apache:location}/bin/htpasswd

86
[testnode-service]
87 88 89
# wrapper over erp5testnode which restarts the service when configuration changed
recipe = slapos.cookbook:wrapper
wrapper-path = $${basedirectory:services}/erp5testnode
90
command-line = $${testnode:wrapper}
91
hash-files =
92 93
  $${testnode:wrapper}
  $${testnode:configuration-file}
94 95 96

[shell-environment]
shell = ${bash:location}/bin/bash
97 98

[shellinabox]
99 100 101 102 103 104 105
recipe = slapos.recipe.template:jinja2
# We cannot use slapos.cookbook:wrapper here because this recipe escapes too much
socket = $${directory:run}/siab.sock
mode = 0700
rendered = $${basedirectory:services}/shellinaboxd
template = inline:
  #!/bin/sh
106
  exec ${shellinabox:location}/bin/shellinaboxd \
107 108 109 110 111 112 113 114 115
    --unixdomain-only=$${:socket}:$(id -u):$(id -g):0600 \
    --service "/:$(id -u):$(id -g):HOME:$${shell-environment:shell} -l"

[shellinabox-frontend-config]
recipe = slapos.recipe.template:jinja2
rendered = $${directory:etc}/$${:_buildout_section_name_}
template = inline:
  https://$${:hostname}:$${:port} {
    bind $${:ipv6}
116
    tls self_signed
117 118 119 120 121 122 123 124 125
    gzip
    log stdout
    errors stderr
    proxy / unix:$${shellinabox:socket}
    basicauth $${:username} $${:passwd} {
      realm "Test Node $${testnode:test-node-title}"
      /
    }
  }
126
ipv6 = {{ partition_ipv6 }}
127
hostname = [$${:ipv6}]
128
port = 8080
129 130
username = testnode
passwd = $${pwgen:passwd}
131 132
cert-file = $${directory:shellinabox}/public.crt
key-file = $${directory:shellinabox}/private.key
133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149
url = https://$${:username}:$${:passwd}@$${:hostname}:$${:port}


[shellinabox-frontend]
recipe = slapos.cookbook:wrapper
wrapper-path = $${rootdirectory:bin}/$${:_buildout_section_name_}
command-line =
  ${caddy:output} -conf $${shellinabox-frontend-config:rendered} -pidfile $${:pidfile}
url =  $${shellinabox-frontend-config:url}
hostname = $${shellinabox-frontend-config:ipv6}
port = $${shellinabox-frontend-config:port}
pidfile = $${basedirectory:run}/$${:_buildout_section_name_}.pid

[shellinabox-frontend-reload]
recipe = slapos.cookbook:wrapper
wrapper-path = $${basedirectory:services}/$${:_buildout_section_name_}
command-line =
150
  ${bash:location}/bin/bash -c
151 152 153 154 155
  "kill -s USR1 $$(${coreutils:location}/bin/cat $${shellinabox-frontend:pidfile}) \
    && ${coreutils:location}/bin/sleep infinity"
hash-files =
  $${shellinabox-frontend-config:rendered}
  $${shellinabox-frontend:wrapper-path}
156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178

[certificate-authority]
recipe = slapos.cookbook:certificate_authority
openssl-binary = ${openssl:location}/bin/openssl
ca-dir = $${directory:ca-dir}
requests-directory = $${cadirectory:requests}
wrapper = $${basedirectory:services}/ca
ca-private = $${cadirectory:private}
ca-certs = $${cadirectory:certs}
ca-newcerts = $${cadirectory:newcerts}
ca-crl = $${cadirectory:crl}

[cadirectory]
recipe = slapos.cookbook:mkdirectory
requests = $${directory:ca-dir}/requests/
private = $${directory:ca-dir}/private/
certs = $${directory:ca-dir}/certs/
newcerts = $${directory:ca-dir}/newcerts/
crl = $${directory:ca-dir}/crl/

[ca-shellinabox]
<= certificate-authority
recipe = slapos.cookbook:certificate_authority.request
179 180 181 182
executable = $${shellinabox-frontend:wrapper-path}
wrapper = $${basedirectory:services}/shellinabox-frontend
key-file = $${shellinabox-frontend-config:key-file}
cert-file = $${shellinabox-frontend-config:cert-file}
183

184
[ca-httpd-testnode]
185 186 187 188 189 190 191
<= certificate-authority
recipe = slapos.cookbook:certificate_authority.request
executable = $${testnode:httpd-wrapper}
wrapper = $${basedirectory:services}/httpd
key-file = $${testnode:httpd-key-file}
cert-file = $${testnode:httpd-cert-file}

192 193
[rootdirectory]
recipe = slapos.cookbook:mkdirectory
194 195 196 197 198
etc = $${buildout:directory}/etc
var = $${buildout:directory}/var
srv = $${buildout:directory}/srv
bin = $${buildout:directory}/bin
tmp = $${buildout:directory}/tmp
199 200 201

[basedirectory]
recipe = slapos.cookbook:mkdirectory
202
log = $${rootdirectory:var}/log
203
services = $${rootdirectory:etc}/service
204
run = $${rootdirectory:var}/run
205 206 207

[directory]
recipe = slapos.cookbook:mkdirectory
208 209
slapos = $${rootdirectory:srv}/slapos
testnode = $${rootdirectory:srv}/testnode
210
shared = $${rootdirectory:srv}/shared
211 212 213
test-suite = $${rootdirectory:srv}/test_suite
log = $${basedirectory:log}/testnode
run = $${basedirectory:run}/testnode
214
software = $${rootdirectory:srv}/software
215 216
shellinabox = $${rootdirectory:srv}/shellinabox
ca-dir = $${rootdirectory:srv}/ca
217

218 219 220 221 222 223
[resiliency-exclude-file]
# Generate rdiff exclude file in case of resiliency
recipe = collective.recipe.template
input = inline: **
output = $${directory:srv}/exporter.exclude

224
[request-shared-frontend]
225 226 227 228 229 230 231 232
<= slap-connection
recipe = slapos.cookbook:requestoptional
# XXX We have hardcoded SR URL here.
software-url = http://git.erp5.org/gitweb/slapos.git/blob_plain/HEAD:/software/apache-frontend/software.cfg
slave = true
config-https-only = true
return = domain secure_access

233 234 235 236 237 238 239 240 241 242 243
[testnode-frontend]
<= request-shared-frontend
name = Test Node Frontend $${testnode:test-node-title}
config-url = https://[$${testnode:httpd-ip}]:$${testnode:httpd-software-access-port}

[testnode-log-frontend]
<= request-shared-frontend
name = Test Node Logs Frontend $${testnode:test-node-title}
config-url = https://[$${testnode:httpd-ip}]:$${testnode:httpd-port}


244 245 246
[promises]
recipe =
instance-promises =
247
  $${shellinabox-frontend-listen-promise:name}
248
  $${testnode-log-frontend-promise:name}
249 250

[shellinabox-frontend-listen-promise]
251
<= monitor-promise-base
252
module = check_socket_listening
253
name = $${:_buildout_section_name_}.py
254
config-host = $${shellinabox-frontend:hostname}
255
config-port = $${shellinabox-frontend:port}
256

257 258 259 260 261
[testnode-log-frontend-promise]
<= monitor-promise-base
module = check_url_available
name = $${:_buildout_section_name_}.py
config-url = $${testnode-log-frontend:connection-secure_access}