Commit 5cb52445 authored by zhifan huang's avatar zhifan huang

merge master

parents e4e53f72 320639dd
root = true root = true
[*.{cfg,in,md,json}] [*.{cfg,in,md,json,py}]
end_of_line = lf end_of_line = lf
charset = utf-8 charset = utf-8
insert_final_newline = true insert_final_newline = true
trim_trailing_whitespace = true
[**.json] [*.{json,py}]
indent_style = space indent_style = space
indent_size = 2 indent_size = 2
......
...@@ -7,7 +7,7 @@ extends = ...@@ -7,7 +7,7 @@ extends =
../nghttp2/buildout.cfg ../nghttp2/buildout.cfg
../gdbm/buildout.cfg ../gdbm/buildout.cfg
../libexpat/buildout.cfg ../libexpat/buildout.cfg
../libuuid/buildout.cfg ../util-linux/buildout.cfg
../libxml2/buildout.cfg ../libxml2/buildout.cfg
../openssl/buildout.cfg ../openssl/buildout.cfg
../patch/buildout.cfg ../patch/buildout.cfg
...@@ -39,9 +39,9 @@ configure-options = ...@@ -39,9 +39,9 @@ configure-options =
[apache] [apache]
recipe = slapos.recipe.cmmi recipe = slapos.recipe.cmmi
shared = true shared = true
version = 2.4.52 version = 2.4.53
url = https://archive.apache.org/dist/httpd/httpd-${:version}.tar.bz2 url = https://archive.apache.org/dist/httpd/httpd-${:version}.tar.bz2
md5sum = a94ae42b84309d5ef6e613ae825b92fa md5sum = f594f137137b5bdff3998dc17e3e9526
configure-options = --disable-static configure-options = --disable-static
--enable-authn-alias --enable-authn-alias
--enable-bucketeer --enable-bucketeer
...@@ -76,7 +76,7 @@ configure-options = --disable-static ...@@ -76,7 +76,7 @@ configure-options = --disable-static
--with-z=${zlib:location} --with-z=${zlib:location}
--with-expat=${libexpat:location} --with-expat=${libexpat:location}
--with-libxml2=${libxml2:location}/include/libxml2 --with-libxml2=${libxml2:location}/include/libxml2
--with-pcre=${pcre:location} --with-pcre=${pcre:location}/bin/pcre-config
--with-sqlite3=${sqlite3:location} --with-sqlite3=${sqlite3:location}
--with-gdbm=${gdbm:location} --with-gdbm=${gdbm:location}
--with-nghttp2=${nghttp2:location} --with-nghttp2=${nghttp2:location}
......
...@@ -10,7 +10,7 @@ extends = ...@@ -10,7 +10,7 @@ extends =
[boost-lib] [boost-lib]
recipe = slapos.recipe.cmmi recipe = slapos.recipe.cmmi
shared = true shared = true
url = http://downloads.sourceforge.net/sourceforge/boost/boost_1_67_0.tar.bz2 url = https://boostorg.jfrog.io/artifactory/main/release/1.67.0/source/boost_1_67_0.tar.bz2
md5sum = ced776cb19428ab8488774e1415535ab md5sum = ced776cb19428ab8488774e1415535ab
location = @@LOCATION@@ location = @@LOCATION@@
configure-command = ./bootstrap.sh --prefix=${:location} --without-icu $${PYTHON:+--with-python=$PYTHON} configure-command = ./bootstrap.sh --prefix=${:location} --without-icu $${PYTHON:+--with-python=$PYTHON}
...@@ -27,5 +27,5 @@ environment = ...@@ -27,5 +27,5 @@ environment =
LZMA_LIBRARY_PATH=${xz-utils:location}/lib LZMA_LIBRARY_PATH=${xz-utils:location}/lib
patch-options = -p1 patch-options = -p1
patches = patches =
https://sources.debian.org/data/main/b/boost1.67/1.67.0-17/debian/patches/fix-ftbfs-python-3.3.patch#c85fb479d51354deafd1cc7af78f25d2 https://sources.debian.org/data/main/b/boost1.67/1.67.0-13+deb10u1/debian/patches/fix-ftbfs-python-3.3.patch#c85fb479d51354deafd1cc7af78f25d2
patch-binary = ${patch:location}/bin/patch patch-binary = ${patch:location}/bin/patch
...@@ -12,7 +12,7 @@ extends = ...@@ -12,7 +12,7 @@ extends =
[cyrus-sasl] [cyrus-sasl]
recipe = slapos.recipe.cmmi recipe = slapos.recipe.cmmi
shared = true shared = true
url = ftp://ftp.cyrusimap.org/cyrus-sasl/cyrus-sasl-2.1.26.tar.gz url = https://github.com/cyrusimap/cyrus-sasl/releases/download/cyrus-sasl-2.1.26/cyrus-sasl-2.1.26.tar.gz
md5sum = a7f4e5e559a0e37b3ffc438c9456e425 md5sum = a7f4e5e559a0e37b3ffc438c9456e425
location = @@LOCATION@@ location = @@LOCATION@@
patch-options = -p1 patch-options = -p1
......
[buildout]
extends =
../xz-utils/buildout.cfg
parts =
diffutils
[diffutils]
recipe = slapos.recipe.cmmi
shared = true
url = https://ftp.gnu.org/gnu/diffutils/diffutils-3.8.tar.xz
md5sum = 6a6b0fdc72acfe3f2829aab477876fbc
environment =
PATH=${xz-utils:location}/bin:%(PATH)s
...@@ -18,7 +18,7 @@ recipe = slapos.recipe.cmmi ...@@ -18,7 +18,7 @@ recipe = slapos.recipe.cmmi
md5sum = 0284ea239083f04c8b874e08e1aca243 md5sum = 0284ea239083f04c8b874e08e1aca243
# XXX: We still use an old version of dropbear instead of the last one # XXX: We still use an old version of dropbear instead of the last one
# in order have all patches working. # in order have all patches working.
url = http://matt.ucc.asn.au/dropbear/releases/dropbear-0.53.1.tar.bz2 url = https://matt.ucc.asn.au/dropbear/releases/dropbear-0.53.1.tar.bz2
configure-options = configure-options =
--with-zlib=${zlib:location} --with-zlib=${zlib:location}
......
...@@ -148,7 +148,7 @@ library = ...@@ -148,7 +148,7 @@ library =
${libpng:location}/lib ${libpng:location}/lib
${libSM:location}/lib ${libSM:location}/lib
${libtool:location}/lib ${libtool:location}/lib
${libuuid:location}/lib ${util-linux:location}/lib
${libX11:location}/lib ${libX11:location}/lib
${libXau:location}/lib ${libXau:location}/lib
${libxcb:location}/lib ${libxcb:location}/lib
......
...@@ -31,25 +31,23 @@ md5sum = 5c781723a0d9ed6188960defba8e91cf ...@@ -31,25 +31,23 @@ md5sum = 5c781723a0d9ed6188960defba8e91cf
# http://ipafont.ipa.go.jp/ # http://ipafont.ipa.go.jp/
[ipaex-fonts] [ipaex-fonts]
<= fonts-base <= fonts-base
url = http://dl.sourceforge.jp/ipafonts/57330/IPAexfont00201.zip url = https://osdn.net/frs/redir.php?f=ipafonts%2F57330%2FIPAexfont00201.zip
md5sum = 7bf84182a04a9632268dbcb03f100d05 md5sum = 7bf84182a04a9632268dbcb03f100d05
[ipa-fonts] [ipa-fonts]
<= fonts-base <= fonts-base
url = http://dl.sourceforge.jp/ipafonts/51868/IPAfont00303.zip url = https://osdn.net/frs/redir.php?f=ipafonts%2F51868%2FIPAfont00303.zip
md5sum = 39a828acf27790adbe4944dfb4d94bb1 md5sum = 39a828acf27790adbe4944dfb4d94bb1
[ocrb-fonts] [ocrb-fonts]
<= fonts-base <= fonts-base
url = http://sourceforge.jp/frs/redir.php?m=jaist&f=%2Ftsukurimashou%2F56948%2Focr-0.2.zip url = https://osdn.net/frs/redir.php?f=tsukurimashou%2F56948%2Focr-0.2.zip
md5sum = 9f2acd83291a31dbe053912f4115db75 md5sum = 9f2acd83291a31dbe053912f4115db75
[android-fonts] [android-fonts]
<= fonts-base <= fonts-base
url = ftp://ftp.free.fr/mirrors/ftp.debian.org/pool/main/f/fonts-android/fonts-android_4.3.orig.tar.xz url = http://archive.debian.org/debian-archive/debian/pool/main/f/fonts-android/fonts-android_4.3.orig.tar.xz
md5sum = 2d41d5342eb5f61591ddeec5b80da74d md5sum = 2d41d5342eb5f61591ddeec5b80da74d
environment =
PATH=${xz-utils:location}/bin:%(PATH)s
# The DejaVu fonts are a font family based upon Bitstream Vera v1.10. Its purpose is to # The DejaVu fonts are a font family based upon Bitstream Vera v1.10. Its purpose is to
# provide a wider range of characters while maintaining the original look-and-feel # provide a wider range of characters while maintaining the original look-and-feel
......
...@@ -18,8 +18,8 @@ parts = ...@@ -18,8 +18,8 @@ parts =
[git] [git]
recipe = slapos.recipe.cmmi recipe = slapos.recipe.cmmi
shared = true shared = true
url = https://mirrors.edge.kernel.org/pub/software/scm/git/git-2.33.1.tar.xz url = https://mirrors.edge.kernel.org/pub/software/scm/git/git-2.35.1.tar.xz
md5sum = 3462f34d9c17288eee854b7645f6a0a1 md5sum = 3aae077280b6be861e3c1c637491853a
configure-options = configure-options =
--with-curl=${curl:location} --with-curl=${curl:location}
--with-openssl=${openssl:location} --with-openssl=${openssl:location}
......
...@@ -21,8 +21,8 @@ environment-extra = ...@@ -21,8 +21,8 @@ environment-extra =
[libgpg-error] [libgpg-error]
<= gpg-common <= gpg-common
version = 1.42 version = 1.44
md5sum = 133fed221ba8f63f5842858a1ff67cb3 md5sum = 3956969812cd4fbd133b79c5b5a2e7f7
configure-options-extra = configure-options-extra =
--disable-doc --disable-doc
--disable-tests --disable-tests
......
...@@ -5,7 +5,7 @@ parts = icu4c ...@@ -5,7 +5,7 @@ parts = icu4c
recipe = slapos.recipe.cmmi recipe = slapos.recipe.cmmi
shared = true shared = true
location = @@LOCATION@@ location = @@LOCATION@@
url = http://download.icu-project.org/files/icu4c/58.2/icu4c-58_2-src.tgz url = https://github.com/unicode-org/icu/releases/download/release-58-2/icu4c-58_2-src.tgz
md5sum = fac212b32b7ec7ab007a12dff1f3aea1 md5sum = fac212b32b7ec7ab007a12dff1f3aea1
configure-command = source/configure configure-command = source/configure
configure-options = configure-options =
...@@ -20,8 +20,3 @@ patches = ...@@ -20,8 +20,3 @@ patches =
[icu4c-58.2] [icu4c-58.2]
<= icu4c <= icu4c
[icu4c-55.1]
<= icu4c
url = http://download.icu-project.org/files/icu4c/55.1/icu4c-55_1-src.tgz
md5sum = e2d523df79d6cb7855c2fbe284f4db29
...@@ -41,7 +41,7 @@ environment = ...@@ -41,7 +41,7 @@ environment =
[inkscape] [inkscape]
recipe = slapos.recipe.cmmi recipe = slapos.recipe.cmmi
shared = true shared = true
url = https://inkscape.org/gallery/item/13330/inkscape-0.92.4_A6N0YOn.tar.bz2 url = https://media.inkscape.org/dl/resources/file/inkscape-0.92.4.tar.bz2
md5sum = ac30f6d5747fd9c620c00dad500f414f md5sum = ac30f6d5747fd9c620c00dad500f414f
pkg_config_depends = ${freetype:location}/lib/pkgconfig:${gtkmm:location}/lib/pkgconfig:${gtkmm:pkg_config_depends}:${gsl:location}/lib/pkgconfig:${popt:location}/lib/pkgconfig:${garbage-collector:location}/lib/pkgconfig:${libxslt:location}/lib/pkgconfig pkg_config_depends = ${freetype:location}/lib/pkgconfig:${gtkmm:location}/lib/pkgconfig:${gtkmm:pkg_config_depends}:${gsl:location}/lib/pkgconfig:${popt:location}/lib/pkgconfig:${garbage-collector:location}/lib/pkgconfig:${libxslt:location}/lib/pkgconfig
configure-command = ${cmake:location}/bin/cmake configure-command = ${cmake:location}/bin/cmake
......
[buildout] [buildout]
extends =
../attr/buildout.cfg
parts = libcap-ng parts = libcap-ng
[libcap-ng] [libcap-ng]
recipe = slapos.recipe.cmmi recipe = slapos.recipe.cmmi
shared = true shared = true
url = https://people.redhat.com/sgrubb/libcap-ng/libcap-ng-0.8.2.tar.gz #url = https://people.redhat.com/sgrubb/libcap-ng/libcap-ng-${:version}.tar.gz
# ERROR: The certificate of 'people.redhat.com' doesn't have a known issuer.
url = http://sources.buildroot.net/libcap-ng/libcap-ng-${:version}.tar.gz
version = 0.8.2
md5sum = faf1ef766cf068ad1aba4008ced665f7 md5sum = faf1ef766cf068ad1aba4008ced665f7
location = @@LOCATION@@
configure-options = configure-options =
--with-python=no --with-python=no
--with-python3=no --with-python3=no
......
...@@ -6,7 +6,7 @@ extends = ...@@ -6,7 +6,7 @@ extends =
../pkgconfig/buildout.cfg ../pkgconfig/buildout.cfg
../glib/buildout.cfg ../glib/buildout.cfg
../gettext/buildout.cfg ../gettext/buildout.cfg
../libuuid/buildout.cfg ../util-linux/buildout.cfg
../xz-utils/buildout.cfg ../xz-utils/buildout.cfg
......
...@@ -5,7 +5,7 @@ parts = ...@@ -5,7 +5,7 @@ parts =
[libsodium] [libsodium]
recipe = slapos.recipe.cmmi recipe = slapos.recipe.cmmi
shared = true shared = true
url = https://download.libsodium.org/libsodium/releases/libsodium-1.0.8.tar.gz url = https://download.libsodium.org/libsodium/releases/old/unsupported/libsodium-1.0.8.tar.gz
md5sum = 0a66b86fd3aab3fe4c858edcd2772760 md5sum = 0a66b86fd3aab3fe4c858edcd2772760
configure-options = configure-options =
--disable-static --disable-static
[buildout]
parts =
libuuid
extends =
../perl/buildout.cfg
[libuuid]
recipe = slapos.recipe.cmmi
shared = true
url = http://www.kernel.org/pub/linux/utils/util-linux/v2.37/util-linux-2.37.2.tar.xz
md5sum = d659bf7cd417d93dc609872f6334b019
configure-options =
--disable-static
--disable-all-programs
--enable-libuuid
--without-libiconv-prefix
--without-libintl-prefix
--without-ncurses
--without-slang
--without-pam
--without-selinux
--without-audit
environment =
PATH=${perl:location}/bin:%(PATH)s
...@@ -11,8 +11,8 @@ parts = ...@@ -11,8 +11,8 @@ parts =
[lmsensors] [lmsensors]
recipe = slapos.recipe.cmmi recipe = slapos.recipe.cmmi
url = https://src.fedoraproject.org/repo/pkgs/lm_sensors/lm_sensors-3.3.5.tar.bz2/da506dedceb41822e64865f6ba34828a/lm_sensors-3.3.5.tar.bz2
md5sum = da506dedceb41822e64865f6ba34828a md5sum = da506dedceb41822e64865f6ba34828a
url = http://dl.lm-sensors.org/lm-sensors/releases/lm_sensors-3.3.5.tar.bz2
configure-command = true configure-command = true
make-options = make-options =
PREFIX=${buildout:parts-directory}/${:_buildout_section_name_} PREFIX=${buildout:parts-directory}/${:_buildout_section_name_}
......
[buildout]
extends =
../pygolang/buildout.cfg
[virtual-env-base]
recipe = slapos.recipe.build
_name = ${:_buildout_section_name_}
init =
from zc.buildout.easy_install import working_set
import os
name = options['_name']
eggs = options['eggs']
try:
scripts = "scripts = " + options['scripts']
except KeyError:
scripts = ""
self.buildout.parse("""
[.%(name)s.install-eggs]
recipe = zc.recipe.egg
eggs = %(eggs)s
%(scripts)s
[.%(name)s.install-interpreter]
<= python-interpreter
eggs += %(eggs)s
""" % locals())
install =
with open(location, "w") as f:
f.write(options['template'] % {
"path" : self.buildout['buildout']['bin-directory'],
"name" : self.name,
})
# Template virtual env for bash shell in posix
[virtual-env-base:posix]
template =
deactivate () {
set PATH PS1
while [ "$1" ]; do
eval "if [ \"\$_OLD_VENV_$1\" ]; then $1=\$_OLD_VENV_$1; else unset $1; fi; unset \$_OLD_VENV_$1"
shift
done
unset -f deactivate
}
VENV_PATH=%(path)s
_OLD_VENV_PATH=$PATH
_OLD_VENV_PS1=$PS1
PATH=$VENV_PATH:$PATH
PS1='(%(name)s) '$PS1
...@@ -14,7 +14,7 @@ parts = ...@@ -14,7 +14,7 @@ parts =
[make3.81-debian] [make3.81-debian]
recipe = slapos.recipe.cmmi recipe = slapos.recipe.cmmi
url = http://ftp.de.debian.org/debian/pool/main/m/make-dfsg/make-dfsg_3.81.orig.tar.gz url = http://archive.debian.org/debian-archive/debian/pool/main/m/make-dfsg/make-dfsg_3.81.orig.tar.gz
md5sum = 7c93b1ab4680eb21c2c13f4f47741e2d md5sum = 7c93b1ab4680eb21c2c13f4f47741e2d
shared = true shared = true
patches = patches =
......
...@@ -81,7 +81,7 @@ environment = ...@@ -81,7 +81,7 @@ environment =
PATH=${patch:location}/bin:%(PATH)s PATH=${patch:location}/bin:%(PATH)s
patch-options = -p1 patch-options = -p1
patches = patches =
https://sources.debian.org/data/main/m/mariadb-10.3/1:10.3.22-0+deb10u1/debian/patches/0024-Revert-to-using-system-pcre-library.patch#1c6a0f2634f5a56122299674b77b1131 https://sources.debian.org/data/main/m/mariadb-10.3/1:10.3.34-0+deb10u1/debian/patches/0024-Revert-to-using-system-pcre-library.patch#1c6a0f2634f5a56122299674b77b1131
post-install = post-install =
ldd=`ldd %(location)s/lib/plugin/ha_rocksdb.so` ldd=`ldd %(location)s/lib/plugin/ha_rocksdb.so`
for x in ${lz4:location} ${snappy:location} ${zstd:location} for x in ${lz4:location} ${snappy:location} ${zstd:location}
......
...@@ -10,9 +10,8 @@ extends = ...@@ -10,9 +10,8 @@ extends =
[nano] [nano]
recipe = slapos.recipe.cmmi recipe = slapos.recipe.cmmi
shared = true shared = true
url = http://www.nano-editor.org/dist/v2.8/nano-2.8.4.tar.xz url = https://www.nano-editor.org/dist/v6/nano-6.2.tar.xz
md5sum = 02ff28870194178595b287fc16fa611b md5sum = 12784a5c245518d7580125ebbd6b7601
location = @@LOCATION@@
# The dummy PKG_CONFIG is in the case that both pkg-config and ncursesw # The dummy PKG_CONFIG is in the case that both pkg-config and ncursesw
# are installed on the system. # are installed on the system.
environment= environment=
...@@ -21,5 +20,6 @@ environment= ...@@ -21,5 +20,6 @@ environment=
CPPFLAGS=-I${file:location}/include -I${zlib:location}/include CPPFLAGS=-I${file:location}/include -I${zlib:location}/include
LDFLAGS=-L${file:location}/lib/ -Wl,-rpath=${file:location}/lib/ -L${zlib:location}/lib/ -Wl,-rpath=${zlib:location}/lib/ LDFLAGS=-L${file:location}/lib/ -Wl,-rpath=${file:location}/lib/ -L${zlib:location}/lib/ -Wl,-rpath=${zlib:location}/lib/
post-install = post-install =
cd ${:location} && mkdir etc && cd %(location)s
echo include "${:location}/share/nano/*.nanorc" > etc/nanorc mkdir etc
echo 'include %(location)s/share/nano/*.nanorc' > etc/nanorc
...@@ -17,8 +17,8 @@ parts = ...@@ -17,8 +17,8 @@ parts =
[openssl] [openssl]
recipe = slapos.recipe.cmmi recipe = slapos.recipe.cmmi
shared = true shared = true
url = https://www.openssl.org/source/openssl-1.1.1l.tar.gz url = https://www.openssl.org/source/openssl-1.1.1n.tar.gz
md5sum = ac0d4387f3ba0ad741b0580dd45f6ff3 md5sum = 2aad5635f9bb338bc2c6b7d19cbc9676
location = @@LOCATION@@ location = @@LOCATION@@
# 'prefix' option to override --openssldir/--prefix (which is useful # 'prefix' option to override --openssldir/--prefix (which is useful
# when combined with DESTDIR). Used by slapos.package.git/obs # when combined with DESTDIR). Used by slapos.package.git/obs
......
...@@ -7,7 +7,7 @@ parts = ...@@ -7,7 +7,7 @@ parts =
[pcre] [pcre]
recipe = slapos.recipe.cmmi recipe = slapos.recipe.cmmi
shared = true shared = true
url = https://ftp.pcre.org/pub/pcre/pcre-8.45.tar.bz2 url = https://download.sourceforge.net/pcre/pcre/8.45/pcre-8.45.tar.bz2
md5sum = 4452288e6a0eefb2ab11d36010a1eebb md5sum = 4452288e6a0eefb2ab11d36010a1eebb
configure-options = configure-options =
--disable-static --disable-static
......
...@@ -11,7 +11,7 @@ shared = false ...@@ -11,7 +11,7 @@ shared = false
<= perl-CPAN-package <= perl-CPAN-package
# XXX it's not on CPAN, so we use url # XXX it's not on CPAN, so we use url
version = 3.0.3 version = 3.0.3
url = https://www.percona.com/downloads/percona-toolkit/${:version}/source/tarball/percona-toolkit-${:version}.tar.gz url = https://downloads.percona.com/downloads/percona-toolkit/${:version}/source/tarball/percona-toolkit-${:version}.tar.gz
md5sum = 8af181994fdf9aa984475637861098e9 md5sum = 8af181994fdf9aa984475637861098e9
inc = ${perl-DBI:site_perl}:${perl-DBD-mariadb:site_perl} inc = ${perl-DBI:site_perl}:${perl-DBD-mariadb:site_perl}
...@@ -14,7 +14,7 @@ extends = ...@@ -14,7 +14,7 @@ extends =
[poppler] [poppler]
recipe = slapos.recipe.cmmi recipe = slapos.recipe.cmmi
shared = true shared = true
url = http://poppler.freedesktop.org/poppler-0.43.0.tar.xz url = https://poppler.freedesktop.org/poppler-0.43.0.tar.xz
md5sum = 1d2b001663119855cdfbc0713dbfb9c6 md5sum = 1d2b001663119855cdfbc0713dbfb9c6
configure-options = configure-options =
--disable-cairo-output --disable-cairo-output
......
...@@ -8,7 +8,7 @@ extends = ...@@ -8,7 +8,7 @@ extends =
../libcap-ng/buildout.cfg ../libcap-ng/buildout.cfg
../libpng/buildout.cfg ../libpng/buildout.cfg
../liburing/buildout.cfg ../liburing/buildout.cfg
../libuuid/buildout.cfg ../util-linux/buildout.cfg
../meson/buildout.cfg ../meson/buildout.cfg
../ncurses/buildout.cfg ../ncurses/buildout.cfg
../ninja/buildout.cfg ../ninja/buildout.cfg
......
...@@ -10,7 +10,7 @@ parts = ...@@ -10,7 +10,7 @@ parts =
recipe = slapos.recipe.cmmi recipe = slapos.recipe.cmmi
shared = true shared = true
location = @@LOCATION@@ location = @@LOCATION@@
url = http://download.qt.io/official_releases/qt/5.6/5.6.2/submodules/qtbase-opensource-src-5.6.2.tar.gz url = https://download.qt.io/new_archive/qt/5.6/5.6.2/submodules/qtbase-opensource-src-5.6.2.tar.gz
md5sum = 7aa5841b50c411e23e31e8a6cc1c6981 md5sum = 7aa5841b50c411e23e31e8a6cc1c6981
configure-command = ./configure configure-command = ./configure
configure-options = configure-options =
...@@ -42,7 +42,7 @@ post-install = ...@@ -42,7 +42,7 @@ post-install =
# qmake binary can be reached directly from ${qt:location}/bin/qmake if [qt] is fully built # qmake binary can be reached directly from ${qt:location}/bin/qmake if [qt] is fully built
recipe = slapos.recipe.cmmi recipe = slapos.recipe.cmmi
location = ${buildout:parts-directory}/${:_buildout_section_name_} location = ${buildout:parts-directory}/${:_buildout_section_name_}
url = http://download.qt.io/archive/qt/4.8/4.8.7/qt-everywhere-opensource-src-4.8.7.tar.gz url = https://download.qt.io/new_archive/qt/4.8/4.8.7/qt-everywhere-opensource-src-4.8.7.tar.gz
md5sum = d990ee66bf7ab0c785589776f35ba6ad md5sum = d990ee66bf7ab0c785589776f35ba6ad
# see https://github.com/NixOS/nixpkgs/blob/3e387c3e005c87566b5403d24c86f71f4945a79b/pkgs/development/libraries/qt-4.x/4.8/default.nix#L101 # see https://github.com/NixOS/nixpkgs/blob/3e387c3e005c87566b5403d24c86f71f4945a79b/pkgs/development/libraries/qt-4.x/4.8/default.nix#L101
pre-configure = pre-configure =
......
...@@ -11,7 +11,7 @@ extends = ...@@ -11,7 +11,7 @@ extends =
../pcre/buildout.cfg ../pcre/buildout.cfg
../libffi/buildout.cfg ../libffi/buildout.cfg
../zlib/buildout.cfg ../zlib/buildout.cfg
../libuuid/buildout.cfg ../util-linux/buildout.cfg
# compilation # compilation
../git/buildout.cfg ../git/buildout.cfg
......
...@@ -12,7 +12,7 @@ parts = ...@@ -12,7 +12,7 @@ parts =
[r-language] [r-language]
recipe = slapos.recipe.cmmi recipe = slapos.recipe.cmmi
url = http://cran.univ-paris1.fr/src/base/R-3/R-3.2.1.tar.gz url = https://cran.r-project.org/src/base/R-3/R-3.2.1.tar.gz
md5sum = c2aac8b40f84e08e7f8c9068de9239a3 md5sum = c2aac8b40f84e08e7f8c9068de9239a3
configure-options = configure-options =
--enable-R-shlib --enable-R-shlib
......
...@@ -5,7 +5,7 @@ extends = ...@@ -5,7 +5,7 @@ extends =
../curl/buildout.cfg ../curl/buildout.cfg
../libestr/buildout.cfg ../libestr/buildout.cfg
../libfastjson/buildout.cfg ../libfastjson/buildout.cfg
../libuuid/buildout.cfg ../util-linux/buildout.cfg
../zlib/buildout.cfg ../zlib/buildout.cfg
[rsyslogd] [rsyslogd]
......
...@@ -3,8 +3,9 @@ parts = ...@@ -3,8 +3,9 @@ parts =
serf serf
extends = extends =
../apache/buildout.cfg ../apache/buildout.cfg
../libuuid/buildout.cfg ../util-linux/buildout.cfg
../openssl/buildout.cfg ../openssl/buildout.cfg
../python-2.7/buildout.cfg
../zlib/buildout.cfg ../zlib/buildout.cfg
[serf] [serf]
...@@ -13,7 +14,7 @@ shared = true ...@@ -13,7 +14,7 @@ shared = true
url = https://archive.apache.org/dist/serf/serf-1.3.9.tar.bz2 url = https://archive.apache.org/dist/serf/serf-1.3.9.tar.bz2
md5sum = 370a6340ff20366ab088012cd13f2b57 md5sum = 370a6340ff20366ab088012cd13f2b57
scons-command = scons-command =
python ${scons:location}/scons.py \ ${python2.7:location}/bin/python ${scons:location}/scons.py \
APR="${apr:location}" \ APR="${apr:location}" \
APU="${apr-util:location}" \ APU="${apr-util:location}" \
OPENSSL="${openssl:location}" \ OPENSSL="${openssl:location}" \
......
...@@ -8,7 +8,7 @@ parts = ...@@ -8,7 +8,7 @@ parts =
[socat] [socat]
recipe = slapos.recipe.cmmi recipe = slapos.recipe.cmmi
shared = true shared = true
url = http://www.dest-unreach.org/socat/download/socat-${:version}.tar.gz url = http://www.dest-unreach.org/socat/download/Archive/socat-${:version}.tar.gz
version = 1.7.3.2 version = 1.7.3.2
md5sum = aec3154f7854580cfab0c2d81e910519 md5sum = aec3154f7854580cfab0c2d81e910519
environment = environment =
......
...@@ -5,7 +5,7 @@ ...@@ -5,7 +5,7 @@
extends = extends =
../apache/buildout.cfg ../apache/buildout.cfg
../libexpat/buildout.cfg ../libexpat/buildout.cfg
../libuuid/buildout.cfg ../util-linux/buildout.cfg
../openssl/buildout.cfg ../openssl/buildout.cfg
../patch/buildout.cfg ../patch/buildout.cfg
../perl/buildout.cfg ../perl/buildout.cfg
......
# Tig: text-mode interface for Git # Tig: text-mode interface for Git
# http://jonas.nitro.dk/tig/ # https://jonas.github.io/tig/
[buildout] [buildout]
extends = extends =
../libiconv/buildout.cfg
../ncurses/buildout.cfg ../ncurses/buildout.cfg
[tig] [tig]
recipe = slapos.recipe.cmmi recipe = slapos.recipe.cmmi
shared = true shared = true
url = http://jonas.nitro.dk/tig/releases/tig-2.1.tar.gz url = https://github.com/jonas/tig/releases/download/tig-2.5.5/tig-2.5.5.tar.gz
md5sum = d6c237aba2c03d85897da79789fd6104 md5sum = 0902ba706e8efaf6c2087d8b66393375
environment = environment =
CFLAGS=-I${ncurses:location}/include CFLAGS=-I${ncurses:location}/include -I${libiconv:location}/include
LDFLAGS=-L${ncurses:location}/lib -Wl,-rpath=${ncurses:location}/lib LDFLAGS=-L${ncurses:location}/lib -Wl,-rpath=${ncurses:location}/lib -L${libiconv:location}/lib -Wl,-rpath=${libiconv:location}/lib
...@@ -45,6 +45,7 @@ patch-options = -p1 ...@@ -45,6 +45,7 @@ patch-options = -p1
# (see https://github.com/apache/trafficserver/issues/8539 for the detail) # (see https://github.com/apache/trafficserver/issues/8539 for the detail)
patches = patches =
${:_profile_base_location_}/trafficserver-9.1.1-TSHttpTxnCacheLookupStatusGet-fix.patch#d8ed3db3a48e97eb72aaaf7d7598a2d2 ${:_profile_base_location_}/trafficserver-9.1.1-TSHttpTxnCacheLookupStatusGet-fix.patch#d8ed3db3a48e97eb72aaaf7d7598a2d2
${:_profile_base_location_}/trafficserver-9.1.1-via-string-rapid-cdn.patch#8c39243d7525222385d5964485734f99
environment = environment =
PATH=${libtool:location}/bin:${make:location}/bin:${patch:location}/bin:${perl:location}/bin:${pkgconfig:location}/bin:%(PATH)s PATH=${libtool:location}/bin:${make:location}/bin:${patch:location}/bin:${perl:location}/bin:${pkgconfig:location}/bin:%(PATH)s
LDFLAGS =-L${openssl:location}/lib -Wl,-rpath=${openssl:location}/lib -L${tcl:location}/lib -Wl,-rpath=${tcl:location}/lib -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib -Wl,-rpath=${luajit:location}/lib -lm LDFLAGS =-L${openssl:location}/lib -Wl,-rpath=${openssl:location}/lib -L${tcl:location}/lib -Wl,-rpath=${tcl:location}/lib -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib -Wl,-rpath=${luajit:location}/lib -lm
......
diff -ur trafficserver-9.1.1.orig/proxy/http/HttpTransactHeaders.cc trafficserver-9.1.1/proxy/http/HttpTransactHeaders.cc
--- trafficserver-9.1.1.orig/proxy/http/HttpTransactHeaders.cc 2022-02-09 12:21:56.591350540 +0100
+++ trafficserver-9.1.1/proxy/http/HttpTransactHeaders.cc 2022-03-07 13:02:31.503849619 +0100
@@ -758,15 +758,6 @@
write_hdr_protocol_stack(via_string, via_limit - via_string, ProtocolStackDetail::Standard, proto_buf.data(), n_proto);
*via_string++ = ' ';
- via_string += nstrcpy(via_string, s->http_config_param->proxy_hostname);
-
- *via_string++ = '[';
- memcpy(via_string, Machine::instance()->uuid.getString(), TS_UUID_STRING_LEN);
- via_string += TS_UUID_STRING_LEN;
- *via_string++ = ']';
- *via_string++ = ' ';
- *via_string++ = '(';
-
memcpy(via_string, s->http_config_param->proxy_request_via_string, s->http_config_param->proxy_request_via_string_len);
via_string += s->http_config_param->proxy_request_via_string_len;
@@ -793,7 +784,6 @@
}
}
- *via_string++ = ')';
*via_string = 0;
ink_assert((size_t)(via_string - new_via_string) < (sizeof(new_via_string) - 1));
@@ -848,10 +838,6 @@
write_hdr_protocol_stack(via_string, via_limit - via_string, ProtocolStackDetail::Standard, proto_buf.data(), n_proto);
*via_string++ = ' ';
- via_string += nstrcpy(via_string, s->http_config_param->proxy_hostname);
- *via_string++ = ' ';
- *via_string++ = '(';
-
memcpy(via_string, s->http_config_param->proxy_response_via_string, s->http_config_param->proxy_response_via_string_len);
via_string += s->http_config_param->proxy_response_via_string_len;
@@ -877,7 +863,6 @@
}
}
- *via_string++ = ')';
*via_string = 0;
ink_assert((size_t)(via_string - new_via_string) < (sizeof(new_via_string) - 1));
...@@ -5,7 +5,7 @@ extends = ...@@ -5,7 +5,7 @@ extends =
../libtool/buildout.cfg ../libtool/buildout.cfg
../git/buildout.cfg ../git/buildout.cfg
../openssl/buildout.cfg ../openssl/buildout.cfg
../libuuid/buildout.cfg ../util-linux/buildout.cfg
parts = accords parts = accords
......
...@@ -4,7 +4,7 @@ parts = apache-perl perl-Apache2-Request ...@@ -4,7 +4,7 @@ parts = apache-perl perl-Apache2-Request
extends = extends =
../apache/buildout.cfg ../apache/buildout.cfg
../perl/buildout.cfg ../perl/buildout.cfg
../libuuid/buildout.cfg ../util-linux/buildout.cfg
[apache-perl] [apache-perl]
# Note: Shall react on each build of apache and reinstall itself # Note: Shall react on each build of apache and reinstall itself
......
...@@ -7,8 +7,8 @@ extends = ...@@ -7,8 +7,8 @@ extends =
[util-linux] [util-linux]
recipe = slapos.recipe.cmmi recipe = slapos.recipe.cmmi
shared = true shared = true
url = https://www.kernel.org/pub/linux/utils/util-linux/v2.37/util-linux-2.37.1.tar.xz url = https://www.kernel.org/pub/linux/utils/util-linux/v2.37/util-linux-2.37.2.tar.xz
md5sum = 6d244f0f59247e9109f47d6e5dd0556b md5sum = d659bf7cd417d93dc609872f6334b019
configure-options = configure-options =
--disable-static --disable-static
--enable-libuuid --enable-libuuid
...@@ -50,3 +50,21 @@ environment = ...@@ -50,3 +50,21 @@ environment =
PATH=${perl:location}/bin:${xz-utils:location}/bin:%(PATH)s PATH=${perl:location}/bin:${xz-utils:location}/bin:%(PATH)s
LDFLAGS=-L${libcap-ng:location}/lib -Wl,-rpath=${libcap-ng:location}/lib LDFLAGS=-L${libcap-ng:location}/lib -Wl,-rpath=${libcap-ng:location}/lib
CFLAGS=-I${libcap-ng:location}/include CFLAGS=-I${libcap-ng:location}/include
[libuuid]
# libuuid is inside util-linux source code with only libuuid feature enabled.
<= util-linux
configure-options =
--disable-static
--disable-all-programs
--enable-libuuid
--without-libiconv-prefix
--without-libintl-prefix
--without-ncurses
--without-slang
--without-pam
--without-selinux
--without-audit
environment =
PATH=${perl:location}/bin:%(PATH)s
...@@ -13,7 +13,7 @@ parts = ...@@ -13,7 +13,7 @@ parts =
[wkhtmltopdf] [wkhtmltopdf]
recipe = slapos.recipe.build recipe = slapos.recipe.build
url = http://download.gna.org/wkhtmltopdf/0.12/0.12.4/wkhtmltox-0.12.4_${:_url}.tar.xz url = https://github.com/wkhtmltopdf/wkhtmltopdf/releases/download/0.12.4/wkhtmltox-0.12.4_${:_url}.tar.xz
environment = environment =
PATH=${xz-utils:location}/bin:%(PATH)s PATH=${xz-utils:location}/bin:%(PATH)s
install = install =
......
...@@ -3,7 +3,7 @@ parts = ...@@ -3,7 +3,7 @@ parts =
xapian xapian
extends = extends =
../zlib/buildout.cfg ../zlib/buildout.cfg
../libuuid/buildout.cfg ../util-linux/buildout.cfg
[xapian] [xapian]
recipe = slapos.recipe.cmmi recipe = slapos.recipe.cmmi
......
...@@ -10,7 +10,7 @@ extends = ...@@ -10,7 +10,7 @@ extends =
../icu/buildout.cfg ../icu/buildout.cfg
../intltool/buildout.cfg ../intltool/buildout.cfg
../libtool/buildout.cfg ../libtool/buildout.cfg
../libuuid/buildout.cfg ../util-linux/buildout.cfg
../libxml2/buildout.cfg ../libxml2/buildout.cfg
../libxslt/buildout.cfg ../libxslt/buildout.cfg
../meson/buildout.cfg ../meson/buildout.cfg
...@@ -134,7 +134,7 @@ environment = ...@@ -134,7 +134,7 @@ environment =
[libXext] [libXext]
recipe = slapos.recipe.cmmi recipe = slapos.recipe.cmmi
shared = true shared = true
url = http://ftp.x.org/pub/individual/lib/libXext-1.3.3.tar.bz2 url = https://ftp.x.org/pub/individual/lib/libXext-1.3.3.tar.bz2
md5sum = 52df7c4c1f0badd9f82ab124fb32eb97 md5sum = 52df7c4c1f0badd9f82ab124fb32eb97
pkg_config_depends = ${libX11:location}/lib/pkgconfig:${libX11:pkg_config_depends} pkg_config_depends = ${libX11:location}/lib/pkgconfig:${libX11:pkg_config_depends}
environment = environment =
...@@ -206,7 +206,7 @@ configure-options = ...@@ -206,7 +206,7 @@ configure-options =
[fixesproto] [fixesproto]
recipe = slapos.recipe.cmmi recipe = slapos.recipe.cmmi
shared = true shared = true
url = http://www.x.org/releases/X11R7.7/src/everything/fixesproto-5.0.tar.bz2 url = https://www.x.org/releases/X11R7.7/src/everything/fixesproto-5.0.tar.bz2
md5sum = e7431ab84d37b2678af71e29355e101d md5sum = e7431ab84d37b2678af71e29355e101d
environment = environment =
PKG_CONFIG_PATH=${xorg-util-macros:location}/share/pkgconfig PKG_CONFIG_PATH=${xorg-util-macros:location}/share/pkgconfig
...@@ -215,7 +215,7 @@ environment = ...@@ -215,7 +215,7 @@ environment =
[bigreqsproto] [bigreqsproto]
recipe = slapos.recipe.cmmi recipe = slapos.recipe.cmmi
shared = true shared = true
url = http://www.x.org/releases/X11R7.7/src/everything/bigreqsproto-1.1.2.tar.bz2 url = https://www.x.org/releases/X11R7.7/src/everything/bigreqsproto-1.1.2.tar.bz2
md5sum = 1a05fb01fa1d5198894c931cf925c025 md5sum = 1a05fb01fa1d5198894c931cf925c025
environment = environment =
PKG_CONFIG_PATH=${xorg-util-macros:location}/share/pkgconfig PKG_CONFIG_PATH=${xorg-util-macros:location}/share/pkgconfig
...@@ -224,7 +224,7 @@ environment = ...@@ -224,7 +224,7 @@ environment =
[xcmiscproto] [xcmiscproto]
recipe = slapos.recipe.cmmi recipe = slapos.recipe.cmmi
shared = true shared = true
url = http://www.x.org/releases/X11R7.7/src/everything/xcmiscproto-1.2.2.tar.bz2 url = https://www.x.org/releases/X11R7.7/src/everything/xcmiscproto-1.2.2.tar.bz2
md5sum = 5f4847c78e41b801982c8a5e06365b24 md5sum = 5f4847c78e41b801982c8a5e06365b24
environment = environment =
PKG_CONFIG_PATH=${xorg-util-macros:location}/share/pkgconfig PKG_CONFIG_PATH=${xorg-util-macros:location}/share/pkgconfig
...@@ -233,7 +233,7 @@ environment = ...@@ -233,7 +233,7 @@ environment =
[damageproto] [damageproto]
recipe = slapos.recipe.cmmi recipe = slapos.recipe.cmmi
shared = true shared = true
url = http://www.x.org/releases/X11R7.7/src/everything/damageproto-1.2.1.tar.bz2 url = https://www.x.org/releases/X11R7.7/src/everything/damageproto-1.2.1.tar.bz2
md5sum = 998e5904764b82642cc63d97b4ba9e95 md5sum = 998e5904764b82642cc63d97b4ba9e95
environment = environment =
PKG_CONFIG_PATH=${xorg-util-macros:location}/share/pkgconfig PKG_CONFIG_PATH=${xorg-util-macros:location}/share/pkgconfig
...@@ -261,7 +261,7 @@ environment = ...@@ -261,7 +261,7 @@ environment =
[renderproto] [renderproto]
recipe = slapos.recipe.cmmi recipe = slapos.recipe.cmmi
shared = true shared = true
url = http://www.x.org/releases/X11R7.7/src/everything/renderproto-0.11.1.tar.bz2 url = https://www.x.org/releases/X11R7.7/src/everything/renderproto-0.11.1.tar.bz2
md5sum = a914ccc1de66ddeb4b611c6b0686e274 md5sum = a914ccc1de66ddeb4b611c6b0686e274
environment = environment =
PKG_CONFIG_PATH=${xorg-util-macros:location}/share/pkgconfig PKG_CONFIG_PATH=${xorg-util-macros:location}/share/pkgconfig
...@@ -292,7 +292,7 @@ environment = ...@@ -292,7 +292,7 @@ environment =
[recordproto] [recordproto]
recipe = slapos.recipe.cmmi recipe = slapos.recipe.cmmi
shared = true shared = true
url = http://www.x.org/releases/X11R7.7/src/everything/recordproto-1.14.2.tar.bz2 url = https://www.x.org/releases/X11R7.7/src/everything/recordproto-1.14.2.tar.bz2
md5sum = 1b4e5dede5ea51906f1530ca1e21d216 md5sum = 1b4e5dede5ea51906f1530ca1e21d216
environment = environment =
PKG_CONFIG_PATH=${xorg-util-macros:location}/share/pkgconfig PKG_CONFIG_PATH=${xorg-util-macros:location}/share/pkgconfig
...@@ -301,7 +301,7 @@ environment = ...@@ -301,7 +301,7 @@ environment =
[resourceproto] [resourceproto]
recipe = slapos.recipe.cmmi recipe = slapos.recipe.cmmi
shared = true shared = true
url = http://www.x.org/releases/X11R7.7/src/everything/resourceproto-1.2.0.tar.bz2 url = https://www.x.org/releases/X11R7.7/src/everything/resourceproto-1.2.0.tar.bz2
md5sum = cfdb57dae221b71b2703f8e2980eaaf4 md5sum = cfdb57dae221b71b2703f8e2980eaaf4
environment = environment =
PKG_CONFIG_PATH=${xorg-util-macros:location}/share/pkgconfig PKG_CONFIG_PATH=${xorg-util-macros:location}/share/pkgconfig
...@@ -310,7 +310,7 @@ environment = ...@@ -310,7 +310,7 @@ environment =
[xineramaproto] [xineramaproto]
recipe = slapos.recipe.cmmi recipe = slapos.recipe.cmmi
shared = true shared = true
url = http://www.x.org/releases/X11R7.7/src/everything/xineramaproto-1.2.1.tar.bz2 url = https://www.x.org/releases/X11R7.7/src/everything/xineramaproto-1.2.1.tar.bz2
md5sum = 9959fe0bfb22a0e7260433b8d199590a md5sum = 9959fe0bfb22a0e7260433b8d199590a
environment = environment =
PKG_CONFIG_PATH=${xorg-util-macros:location}/share/pkgconfig PKG_CONFIG_PATH=${xorg-util-macros:location}/share/pkgconfig
...@@ -396,7 +396,7 @@ environment = ...@@ -396,7 +396,7 @@ environment =
[renderext] [renderext]
recipe = slapos.recipe.cmmi recipe = slapos.recipe.cmmi
shared = true shared = true
url = http://xlibs.freedesktop.org/release/renderext-0.9.tar.bz2 url = https://xlibs.freedesktop.org/release/renderext-0.9.tar.bz2
md5sum = d43c2afc69937655d13c02588c9ff974 md5sum = d43c2afc69937655d13c02588c9ff974
[libXrender] [libXrender]
...@@ -537,7 +537,7 @@ environment = ...@@ -537,7 +537,7 @@ environment =
[compositeproto] [compositeproto]
recipe = slapos.recipe.cmmi recipe = slapos.recipe.cmmi
shared = true shared = true
url = http://www.x.org/releases/X11R7.7/src/everything/compositeproto-0.4.2.tar.bz2 url = https://www.x.org/releases/X11R7.7/src/everything/compositeproto-0.4.2.tar.bz2
md5sum = 98482f65ba1e74a08bf5b056a4031ef0 md5sum = 98482f65ba1e74a08bf5b056a4031ef0
[libXcomposite] [libXcomposite]
......
[buildout] [buildout]
extends = extends =
../libtool/buildout.cfg ../libtool/buildout.cfg
../libuuid/buildout.cfg ../util-linux/buildout.cfg
[zeromq] [zeromq]
<= zeromq3 <= zeromq3
......
...@@ -28,7 +28,7 @@ from setuptools import setup, find_packages ...@@ -28,7 +28,7 @@ from setuptools import setup, find_packages
import glob import glob
import os import os
version = '1.0.226' version = '1.0.238'
name = 'slapos.cookbook' name = 'slapos.cookbook'
long_description = open("README.rst").read() long_description = open("README.rst").read()
......
...@@ -24,7 +24,7 @@ ...@@ -24,7 +24,7 @@
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
# #
############################################################################## ##############################################################################
from urlparse import urlparse from six.moves.urllib.parse import urlparse
from slapos.recipe.librecipe import GenericBaseRecipe from slapos.recipe.librecipe import GenericBaseRecipe
......
...@@ -8,7 +8,7 @@ import pytz ...@@ -8,7 +8,7 @@ import pytz
def updateMysql(mysql_upgrade_binary, mysql_binary, mysql_script_file): def updateMysql(mysql_upgrade_binary, mysql_binary, mysql_script_file):
sleep = 0 sleep = 0
with open(mysql_script_file, 'rb') as script_file: with open(mysql_script_file, 'r') as script_file:
mysql_script = script_file.read() mysql_script = script_file.read()
mysql_list = mysql_binary, '-B' mysql_list = mysql_binary, '-B'
mysql_tzinfo_to_sql_list = ( mysql_tzinfo_to_sql_list = (
......
...@@ -34,6 +34,7 @@ import string, random ...@@ -34,6 +34,7 @@ import string, random
import json import json
import traceback import traceback
from slapos import slap from slapos import slap
from slapos.util import binFromIpv6
class Recipe(GenericBaseRecipe): class Recipe(GenericBaseRecipe):
...@@ -54,20 +55,8 @@ class Recipe(GenericBaseRecipe): ...@@ -54,20 +55,8 @@ class Recipe(GenericBaseRecipe):
return GenericBaseRecipe.__init__(self, buildout, name, options) return GenericBaseRecipe.__init__(self, buildout, name, options)
def getSerialFromIpv6(self, ipv6): def getSerialFromIpv6(self, ipv6):
prefix = ipv6.split('/')[0].lower() prefix, prefix_length = ipv6.split('/')
hi, lo = struct.unpack('!QQ', socket.inet_pton(socket.AF_INET6, prefix)) return "0x%x" % int('1%s' % binFromIpv6(prefix)[:int(prefix_length)], 2)
ipv6_int = (hi << 64) | lo
serial = '0x1%x' % ipv6_int
# delete non significant part
for part in prefix.split(':')[::-1]:
if part:
for i in ['0']*(4 - len(part)):
part = i + part
serial = serial.split(part)[0] + part
break
return serial
def generateCertificate(self): def generateCertificate(self):
key_file = self.options['key-file'].strip() key_file = self.options['key-file'].strip()
......
...@@ -109,13 +109,18 @@ class Re6stnetTest(unittest.TestCase): ...@@ -109,13 +109,18 @@ class Re6stnetTest(unittest.TestCase):
recipe = self.new_recipe() recipe = self.new_recipe()
serial = recipe.getSerialFromIpv6(ipv6) serial = recipe.getSerialFromIpv6(ipv6)
self.assertEqual(serial, '0x1be280db8fe6a0d8504fe054a00ae0aea') self.assertEqual(serial, '0x1be280db8fe6a0d85')
ipv6 = '2001:db8:24::/48' ipv6 = '2001:db8:24::/48'
serial = recipe.getSerialFromIpv6(ipv6) serial = recipe.getSerialFromIpv6(ipv6)
self.assertEqual(serial, '0x120010db80024') self.assertEqual(serial, '0x120010db80024')
ipv6 = '2001:db8:24::/47'
serial = recipe.getSerialFromIpv6(ipv6)
self.assertEqual(serial, '0x900086dc0012')
def test_install(self): def test_install(self):
self.options.update({ self.options.update({
'ipv6-prefix': '2001:db8:24::/48', 'ipv6-prefix': '2001:db8:24::/48',
......
import unittest
import zc.buildout.testing
class UrlparseTest(unittest.TestCase):
def setUp(self):
self.buildout = buildout = zc.buildout.testing.Buildout()
buildout['urlinfo'] = {}
buildout['urlinfo']['url'] = "http://www.google.com/search?hl=en&q=urlparse&btnG=Google+Search"
from slapos.recipe import _urlparse
self.recipe = _urlparse.Recipe(buildout,"urlinfo",buildout['urlinfo'])
def test_options(self):
buildout = self.buildout
self.assertTrue(buildout['urlinfo'])
self.assertEqual(buildout['urlinfo']['path'], 'search')
self.assertEqual(buildout['urlinfo']['scheme'], 'http')
self.assertEqual(buildout['urlinfo']['host'], 'www.google.com')
self.assertEqual(buildout['urlinfo']['query'], 'hl=en&q=urlparse&btnG=Google+Search')
def test_install(self):
self.assertEqual(self.recipe.install(), [])
[instance-profile] [instance-profile]
filename = instance.cfg.in filename = instance.cfg.in
md5sum = ed202dc7d69f517e325f01dc3ac4fe32 md5sum = 6e3e1dc304378640707cdb6a792106f1
...@@ -5,27 +5,20 @@ ...@@ -5,27 +5,20 @@
############################# #############################
[buildout] [buildout]
parts = parts =
directory
publish-connection-parameter publish-connection-parameter
download-plc download-plc
beremiz-runtime beremiz-runtime
# beremiz-runtime-promise #beremiz-runtime-promise
eggs-directory = {{ buildout['eggs-directory'] }} eggs-directory = {{ buildout['eggs-directory'] }}
develop-eggs-directory = {{ buildout['develop-eggs-directory'] }} develop-eggs-directory = {{ buildout['develop-eggs-directory'] }}
offline = true offline = true
extends = {{ template_monitor }} extends = {{ template_monitor }}
[download-plc] [download-plc]
recipe = plone.recipe.command recipe = slapos.recipe.build:download-unpacked
update-command = ${:command} offline = false
url = ${instance-parameter:configuration.runtime_plc_url} url = ${instance-parameter:configuration.runtime_plc_url}
md5sum = ${instance-parameter:configuration.runtime_plc_md5sum}
# XXX: do check md5sum !
command =
wget ${:url} -O plc.tgz
tar zxvf plc.tgz
[instance-parameter] [instance-parameter]
recipe = slapos.cookbook:slapconfiguration recipe = slapos.cookbook:slapconfiguration
...@@ -36,13 +29,9 @@ key = ${slap-connection:key-file} ...@@ -36,13 +29,9 @@ key = ${slap-connection:key-file}
cert = ${slap-connection:cert-file} cert = ${slap-connection:cert-file}
configuration.runtime_plc_url = configuration.runtime_plc_url =
configuration.runtime_plc_md5sum = configuration.runtime_plc_md5sum =
# XXX: we can get rid of plc_name in future
configuration.runtime_plc_name =
configuration.autostart = 1 configuration.autostart = 1
configuration.interface = 0.0.0.0 configuration.interface = 0.0.0.0
# XXX: randomly generated one on slap's interface?
configuration.port = 61248 configuration.port = 61248
configuration.plc_runtime_path = ${directory:home}/${:configuration.runtime_plc_name}
# Create all needed directories, depending on your needs # Create all needed directories, depending on your needs
[directory] [directory]
...@@ -50,7 +39,7 @@ recipe = slapos.cookbook:mkdirectory ...@@ -50,7 +39,7 @@ recipe = slapos.cookbook:mkdirectory
home = ${buildout:directory} home = ${buildout:directory}
etc = ${:home}/etc etc = ${:home}/etc
var = ${:home}/var var = ${:home}/var
script = ${:etc}/run/ script = ${:etc}/run
service = ${:etc}/service service = ${:etc}/service
log = ${:var}/log log = ${:var}/log
...@@ -58,7 +47,7 @@ log = ${:var}/log ...@@ -58,7 +47,7 @@ log = ${:var}/log
logfile = ${directory:log}/beremiz-runtime.log logfile = ${directory:log}/beremiz-runtime.log
recipe = slapos.cookbook:wrapper recipe = slapos.cookbook:wrapper
command-line = command-line =
{{ buildout['bin-directory'] }}/pythonwitheggs {{ buildout['directory'] }}/src/beremiz/Beremiz_service.py -a ${instance-parameter:configuration.autostart} -p ${instance-parameter:configuration.port} -i ${instance-parameter:configuration.interface} -x 1 ${directory:home}/${instance-parameter:configuration.runtime_plc_name} {{ buildout['bin-directory'] }}/pythonwitheggs {{ buildout['directory'] }}/parts/beremiz-source/Beremiz_service.py -a ${instance-parameter:configuration.autostart} -p ${instance-parameter:configuration.port} -i ${instance-parameter:configuration.interface} -x 1 ${directory:home}/parts/download-plc
wrapper-path = ${directory:service}/beremiz-runtime wrapper-path = ${directory:service}/beremiz-runtime
[beremiz-runtime-promise] [beremiz-runtime-promise]
......
# the default SlapOs profile which setup a modbus server instance usually over OSIE's coupler
[buildout] [buildout]
allow-picked-versions = true
extensions = mr.developer
auto-checkout = beremiz
extends = extends =
buildout.hash.cfg buildout.hash.cfg
https://lab.nexedi.com/nexedi/slapos/raw/master/stack/monitor/buildout.cfg ../../component/git/buildout.cfg
https://lab.nexedi.com/nexedi/slapos/raw/master/stack/slapos.cfg ../../stack/monitor/buildout.cfg
https://lab.nexedi.com/nexedi/slapos/raw/master/component/python3/buildout.cfg ../../stack/slapos.cfg
parts = parts =
python-interpreter beremiz-source
slapos-cookbook slapos-cookbook
instance-profile instance-profile
python-interpreter
# fix for pypi: https://mail.python.org/pipermail/distutils-sig/2017-October/031712.html [beremiz-source]
index = https://pypi.python.org/simple/ recipe = slapos.recipe.build:gitclone
repository = https://github.com/beremiz/beremiz.git
[sources] branch = default
beremiz = git https://github.com/beremiz/beremiz.git branch=default git-executable = ${git:location}/bin/git
[beremiz] [beremiz]
recipe = zc.recipe.egg:develop recipe = zc.recipe.egg:develop
egg = beremiz egg = beremiz
setup = ${buildout:directory}/src/beremiz setup = ${beremiz-source:location}
[Twisted] [Twisted]
recipe = zc.recipe.egg:custom recipe = zc.recipe.egg:custom
...@@ -31,6 +28,7 @@ egg = Twisted ...@@ -31,6 +28,7 @@ egg = Twisted
setup-eggs = setup-eggs =
six six
pathlib pathlib
incremental
[python-interpreter] [python-interpreter]
recipe = zc.recipe.egg recipe = zc.recipe.egg
...@@ -53,7 +51,6 @@ eggs = click ...@@ -53,7 +51,6 @@ eggs = click
[instance-profile] [instance-profile]
recipe = slapos.recipe.template:jinja2 recipe = slapos.recipe.template:jinja2
template = ${:_profile_base_location_}/${:filename} template = ${:_profile_base_location_}/${:filename}
mode = 0644
rendered = ${buildout:directory}/instance.cfg rendered = ${buildout:directory}/instance.cfg
extensions = jinja2.ext.do extensions = jinja2.ext.do
context = context =
...@@ -95,4 +92,3 @@ typing = 3.10.0.0 ...@@ -95,4 +92,3 @@ typing = 3.10.0.0
autobahn = 19.11.2 autobahn = 19.11.2
txaio = 18.8.1 txaio = 18.8.1
idna = 2.10 idna = 2.10
mr.developer = 2.0.1
...@@ -22,19 +22,19 @@ md5sum = 5784bea3bd608913769ff9a8afcccb68 ...@@ -22,19 +22,19 @@ md5sum = 5784bea3bd608913769ff9a8afcccb68
[profile-caddy-frontend] [profile-caddy-frontend]
filename = instance-apache-frontend.cfg.in filename = instance-apache-frontend.cfg.in
md5sum = 0950e09ad1f03f0789308f5f7a7eb1b8 md5sum = 04e550480d3057ca65d87c6fadbaed6e
[profile-caddy-replicate] [profile-caddy-replicate]
filename = instance-apache-replicate.cfg.in filename = instance-apache-replicate.cfg.in
md5sum = c5d1e235959a877b4f3157369c6f5e10 md5sum = 63b418626ef0f8ac54d6359fb6637371
[profile-slave-list] [profile-slave-list]
_update_hash_filename_ = templates/apache-custom-slave-list.cfg.in _update_hash_filename_ = templates/apache-custom-slave-list.cfg.in
md5sum = c67e172c0c6eca955b18962404056a33 md5sum = e3ba0da5d137dcbd56c2604d200ac3b9
[profile-replicate-publish-slave-information] [profile-replicate-publish-slave-information]
_update_hash_filename_ = templates/replicate-publish-slave-information.cfg.in _update_hash_filename_ = templates/replicate-publish-slave-information.cfg.in
md5sum = df304a8aee87b6f2425241016a48f7a5 md5sum = be54431846fe7f3cee65260eefc83d62
[profile-caddy-frontend-configuration] [profile-caddy-frontend-configuration]
_update_hash_filename_ = templates/Caddyfile.in _update_hash_filename_ = templates/Caddyfile.in
...@@ -46,11 +46,11 @@ md5sum = 88af61e7abbf30dc99a1a2526161128d ...@@ -46,11 +46,11 @@ md5sum = 88af61e7abbf30dc99a1a2526161128d
[template-default-slave-virtualhost] [template-default-slave-virtualhost]
_update_hash_filename_ = templates/default-virtualhost.conf.in _update_hash_filename_ = templates/default-virtualhost.conf.in
md5sum = 37475d79f28c5f126bc1947fdb938fdb md5sum = 57c86795293b11300a036f5f8cf2c868
[template-backend-haproxy-configuration] [template-backend-haproxy-configuration]
_update_hash_filename_ = templates/backend-haproxy.cfg.in _update_hash_filename_ = templates/backend-haproxy.cfg.in
md5sum = ae4c9ce775ea003aa51eda5ecbbeec73 md5sum = 6d4ad68ac44ccc72fe9148bd8e05a6f0
[template-empty] [template-empty]
_update_hash_filename_ = templates/empty.in _update_hash_filename_ = templates/empty.in
...@@ -62,7 +62,7 @@ md5sum = 975177dedf677d24e14cede5d13187ce ...@@ -62,7 +62,7 @@ md5sum = 975177dedf677d24e14cede5d13187ce
[template-trafficserver-records-config] [template-trafficserver-records-config]
_update_hash_filename_ = templates/trafficserver/records.config.jinja2 _update_hash_filename_ = templates/trafficserver/records.config.jinja2
md5sum = e87238c53d080ef9ef90040e57bc1395 md5sum = 715baa302d562a7e4eddc3d1bf72f981
[template-trafficserver-storage-config] [template-trafficserver-storage-config]
_update_hash_filename_ = templates/trafficserver/storage.config.jinja2 _update_hash_filename_ = templates/trafficserver/storage.config.jinja2
...@@ -94,15 +94,15 @@ md5sum = 8c150e1e6c993708d31936742f3a7302 ...@@ -94,15 +94,15 @@ md5sum = 8c150e1e6c993708d31936742f3a7302
[caddyprofiledeps-setup] [caddyprofiledeps-setup]
filename = setup.py filename = setup.py
md5sum = 8e1c6c06c09beb921965b3ce98c67c9e md5sum = f6f72d03af7d9dc29fb4d4fef1062e73
[caddyprofiledeps-dummy] [caddyprofiledeps-dummy]
filename = caddyprofiledummy.py filename = caddyprofiledummy.py
md5sum = 59cb33f11272ee09eccea74981d2304a md5sum = b41b8de115ad815d0b0db306ad650365
[profile-kedifa] [profile-kedifa]
filename = instance-kedifa.cfg.in filename = instance-kedifa.cfg.in
md5sum = dfb4dabd1e4094de1276d171f998ef47 md5sum = 88f3a8cc30d3cf30f4bd2797f5c16221
[template-backend-haproxy-rsyslogd-conf] [template-backend-haproxy-rsyslogd-conf]
_update_hash_filename_ = templates/backend-haproxy-rsyslogd.conf.in _update_hash_filename_ = templates/backend-haproxy-rsyslogd.conf.in
...@@ -111,3 +111,7 @@ md5sum = 3336d554661b138dcef97b1d1866803c ...@@ -111,3 +111,7 @@ md5sum = 3336d554661b138dcef97b1d1866803c
[template-slave-introspection-httpd-nginx] [template-slave-introspection-httpd-nginx]
_update_hash_filename_ = templates/slave-introspection-httpd-nginx.conf.in _update_hash_filename_ = templates/slave-introspection-httpd-nginx.conf.in
md5sum = 3067e6ba6c6901821d57d2109517d39c md5sum = 3067e6ba6c6901821d57d2109517d39c
[template-expose-csr-nginx-conf]
_update_hash_filename_ = templates/expose-csr-nginx.conf.in
md5sum = 5620baa8819fcc8340fa6777ee551a1a
from __future__ import print_function
import caucase.client
import caucase.utils
import os
import ssl
import sys
import urllib
import urlparse import urlparse
from cryptography import x509
from cryptography.hazmat.primitives import serialization
class Recipe(object): class Recipe(object):
def __init__(self, *args, **kwargs): def __init__(self, *args, **kwargs):
pass pass
...@@ -19,3 +30,94 @@ def validate_netloc(netloc): ...@@ -19,3 +30,94 @@ def validate_netloc(netloc):
else: else:
hostname = parsed.hostname hostname = parsed.hostname
return netloc == '%s:%s' % (hostname, parsed.port) return netloc == '%s:%s' % (hostname, parsed.port)
def _check_certificate(url, certificate):
parsed = urlparse.urlparse(url)
got_certificate = ssl.get_server_certificate((parsed.hostname, parsed.port))
if certificate.strip() != got_certificate.strip():
raise ValueError('Certificate for %s does not match expected one' % (url,))
def _get_exposed_csr(url, certificate):
_check_certificate(url, certificate)
self_signed = ssl.create_default_context()
self_signed.check_hostname = False
self_signed.verify_mode = ssl.CERT_NONE
return urllib.urlopen(url, context=self_signed).read()
def _get_caucase_client(ca_url, ca_crt, user_key):
return caucase.client.CaucaseClient(
ca_url=ca_url + '/cas',
ca_crt_pem_list=caucase.utils.getCertList(ca_crt),
user_key=user_key,
)
def _get_caucase_csr_list(ca_url, ca_crt, user_key):
csr_list = []
for entry in _get_caucase_client(
ca_url, ca_crt, user_key).getPendingCertificateRequestList():
csr = caucase.utils.load_certificate_request(
caucase.utils.toBytes(entry['csr']))
csr_list.append({
'csr_id': entry['id'],
'csr': csr.public_bytes(serialization.Encoding.PEM).decode()
})
return csr_list
def _csr_match(*csr_list):
number_list = set([])
for csr in csr_list:
number_list.add(
x509.load_pem_x509_csr(str(csr)).public_key().public_numbers())
return len(number_list) == 1
def _sign_csr(ca_url, ca_crt, user_key, csr, csr_list):
signed = False
client = _get_caucase_client(ca_url, ca_crt, user_key)
for csr_entry in csr_list:
if _csr_match(csr, csr_entry['csr']):
client.createCertificate(int(csr_entry['csr_id']))
print('Signed csr with id %s' % (csr_entry['csr_id'],))
signed = True
break
return signed
def _mark_done(filename):
with open(filename, 'w') as fh:
fh.write('done')
print('Marked file %s' % (filename,))
def _is_done(filename):
if os.path.exists(filename):
return True
return False
def smart_sign():
ca_url, ca_crt, done_file, user_key, csr_url, \
csr_url_certificate = sys.argv[1:]
if _is_done(done_file):
return
exposed_csr = _get_exposed_csr(csr_url, csr_url_certificate)
caucase_csr_list = _get_caucase_csr_list(ca_url, ca_crt, user_key)
if _sign_csr(
ca_url, ca_crt, user_key, exposed_csr, caucase_csr_list):
_mark_done(done_file)
else:
print('Failed to sign %s' % (csr_url,))
def caucase_csr_sign_check():
ca_url, ca_crt, user_key = sys.argv[1:]
if len(_get_caucase_csr_list(ca_url, ca_crt, user_key)) != 0:
print('ERR There are CSR to sign on %s' % (ca_url,))
sys.exit(1)
else:
print('OK No CSR to sign on %s' % (ca_url,))
...@@ -63,6 +63,75 @@ parts = ...@@ -63,6 +63,75 @@ parts =
[caddyprofiledeps] [caddyprofiledeps]
recipe = caddyprofiledeps recipe = caddyprofiledeps
[frontend-node-id]
# Store id file in top of hierarchy, so it does not depend on directory creation
file = ${buildout:directory}/.frontend-node-id.txt
recipe = slapos.recipe.build
init =
import os
import secrets
if not os.path.exists(options['file']):
with open(options['file'], 'w') as fh:
fh.write(secrets.token_urlsafe(4))
with open(options['file'], 'r') as fh:
options['value'] = fh.read()
[frontend-node-private-salt]
# Private, not communicated, stable hash, which can be used to salt other
# hashes, so their values are connected to the node, but practicaly impossible
# to crack (until the node is hacked itself, but then those values are
# stolen anyway)
recipe = slapos.recipe.build
init =
import os
import uuid
if not os.path.exists(options['file']):
with open(options['file'], 'w') as fh:
fh.write(uuid.uuid4().hex)
with open(options['file'], 'r') as fh:
options['value'] = fh.read()
file = ${buildout:directory}/.frontend-node-private-salt.txt
[version-hash]
recipe = slapos.recipe.build
software-release-url = ${slap-connection:software-release-url}
hash-salt = ${frontend-node-private-salt:value}
init =
import hashlib
import base64
options['value'] = base64.urlsafe_b64encode(hashlib.md5(''.join([options['software-release-url'].strip(), options['hash-salt']])).digest())
[frontend-node-information]
recipe = slapos.recipe.build
file = ${buildout:directory}/.frontend-node-information.json
node-id = ${frontend-node-id:value}
current-hash = ${version-hash:value}
current-software-release-url = ${version-hash:software-release-url}
init =
import json
changed = False
try:
with open(options['file'], 'r') as fh:
data = json.load(fh)
except Exception:
changed = True
data = {
'node-id': options['node-id'],
'version-hash-history': {options['current-hash']: options['current-software-release-url']}
}
if 'node-id' not in data:
data['node-id'] = options['node-id']
changed = True
if 'version-hash-history' not in data:
data['version-hash-history'] = {}
changed = True
if options['current-hash'] not in data['version-hash-history']:
data['version-hash-history'][options['current-hash']] = options['current-software-release-url']
changed = True
if changed:
with open(options['file'], 'w') as fh:
json.dump(data, fh)
options['value'] = data
# Create all needed directories # Create all needed directories
[directory] [directory]
recipe = slapos.cookbook:mkdirectory recipe = slapos.cookbook:mkdirectory
...@@ -89,10 +158,10 @@ bbb-ssl-dir = ${:srv}/bbb-ssl ...@@ -89,10 +158,10 @@ bbb-ssl-dir = ${:srv}/bbb-ssl
frontend_cluster = ${:var}/frontend_cluster frontend_cluster = ${:var}/frontend_cluster
# csr_id publication # CSR publication
csr_id = ${:srv}/csr_id expose-csr = ${:srv}/expose-csr
certificate-csr_id = ${:etc}/certificate-csr_id expose-csr-etc = ${:etc}/expose-csr
expose-csr_id-var = ${:var}/expose-csr_id expose-csr-var = ${:var}/expose-csr
# slave introspection # slave introspection
slave-introspection-var = ${:var}/slave-introspection slave-introspection-var = ${:var}/slave-introspection
...@@ -179,6 +248,7 @@ template-empty = {{ software_parameter_dict['template_empty'] }} ...@@ -179,6 +248,7 @@ template-empty = {{ software_parameter_dict['template_empty'] }}
template-default-slave-virtualhost = {{ software_parameter_dict['template_default_slave_virtualhost'] }} template-default-slave-virtualhost = {{ software_parameter_dict['template_default_slave_virtualhost'] }}
template-backend-haproxy-configuration = {{ software_parameter_dict['template_backend_haproxy_configuration'] }} template-backend-haproxy-configuration = {{ software_parameter_dict['template_backend_haproxy_configuration'] }}
template-backend-haproxy-rsyslogd-conf = {{ software_parameter_dict['template_backend_haproxy_rsyslogd_conf'] }} template-backend-haproxy-rsyslogd-conf = {{ software_parameter_dict['template_backend_haproxy_rsyslogd_conf'] }}
template-expose-csr-nginx-conf = {{ software_parameter_dict['template_expose_csr_nginx_conf'] }}
[kedifa-login-config] [kedifa-login-config]
d = ${directory:ca-dir} d = ${directory:ca-dir}
...@@ -295,14 +365,19 @@ extra-context = ...@@ -295,14 +365,19 @@ extra-context =
key master_key_download_url :master_key_download_url key master_key_download_url :master_key_download_url
key autocert caddy-directory:autocert key autocert caddy-directory:autocert
key caddy_log_directory caddy-directory:slave-log key caddy_log_directory caddy-directory:slave-log
key expose_csr_id_organization :organization key expose_csr_organization :organization
key expose_csr_id_organizational_unit :organizational-unit key expose_csr_organizational_unit :organizational-unit
key global_ipv6 slap-configuration:ipv6-random key global_ipv6 slap-configuration:ipv6-random
key empty_template software-release-path:template-empty key empty_template software-release-path:template-empty
key template_default_slave_configuration software-release-path:template-default-slave-virtualhost key template_default_slave_configuration software-release-path:template-default-slave-virtualhost
key template_expose_csr_nginx_conf software-release-path:template-expose-csr-nginx-conf
key software_type :software_type key software_type :software_type
key frontend_lazy_graceful_reload frontend-caddy-lazy-graceful:rendered key frontend_lazy_graceful_reload frontend-caddy-lazy-graceful:rendered
key monitor_base_url monitor-instance-parameter:monitor-base-url key monitor_base_url monitor-instance-parameter:monitor-base-url
key node_id frontend-node-id:value
key version_hash version-hash:value
key software_release_url version-hash:software-release-url
key node_information frontend-node-information:value
key custom_ssl_directory caddy-directory:custom-ssl-directory key custom_ssl_directory caddy-directory:custom-ssl-directory
# BBB: SlapOS Master non-zero knowledge BEGIN # BBB: SlapOS Master non-zero knowledge BEGIN
key apache_certificate apache-certificate:rendered key apache_certificate apache-certificate:rendered
...@@ -460,6 +535,8 @@ disk-cache-size = ${configuration:disk-cache-size} ...@@ -460,6 +535,8 @@ disk-cache-size = ${configuration:disk-cache-size}
ram-cache-size = ${configuration:ram-cache-size} ram-cache-size = ${configuration:ram-cache-size}
templates-dir = {{ software_parameter_dict['trafficserver'] }}/etc/trafficserver/body_factory templates-dir = {{ software_parameter_dict['trafficserver'] }}/etc/trafficserver/body_factory
request-timeout = ${configuration:request-timeout} request-timeout = ${configuration:request-timeout}
version-hash = ${version-hash:value}
node-id = ${frontend-node-id:value}
[trafficserver-configuration-directory] [trafficserver-configuration-directory]
recipe = plone.recipe.command recipe = plone.recipe.command
......
...@@ -69,7 +69,7 @@ ...@@ -69,7 +69,7 @@
}, },
"automatic-internal-kedifa-caucase-csr": { "automatic-internal-kedifa-caucase-csr": {
"default": "true", "default": "true",
"description": "Automatically signs CSRs sent to KeDiFa's caucase, based on csr_id and matching certificate.", "description": "Automatically signs CSRs sent to KeDiFa's caucase, based on CSR comparison.",
"enum": [ "enum": [
"true", "true",
"false" "false"
...@@ -79,7 +79,7 @@ ...@@ -79,7 +79,7 @@
}, },
"automatic-internal-backend-client-caucase-csr": { "automatic-internal-backend-client-caucase-csr": {
"default": "true", "default": "true",
"description": "Automatically signs CSRs sent to Backend Client's caucase, based on csr_id and matching certificate.", "description": "Automatically signs CSRs sent to Backend Client's caucase, based on CSR comparison.",
"enum": [ "enum": [
"true", "true",
"false" "false"
......
...@@ -17,8 +17,7 @@ parts = ...@@ -17,8 +17,7 @@ parts =
caucased caucased
caucased-promise caucased-promise
caucase-updater caucase-updater
expose-csr_id promise-expose-csr-ip-port
promise-expose-csr_id-ip-port
promise-logrotate-setup promise-logrotate-setup
[monitor-instance-parameter] [monitor-instance-parameter]
...@@ -74,10 +73,10 @@ backup-caucased = ${:backup}/caucased ...@@ -74,10 +73,10 @@ backup-caucased = ${:backup}/caucased
# reservation # reservation
reservation = ${:srv}/reservation reservation = ${:srv}/reservation
# csr_id publication # CSR publication
csr_id = ${:srv}/csr_id expose-csr = ${:srv}/expose-csr
certificate-csr_id = ${:var}/certificate-csr_id expose-csr-etc = ${:etc}/expose-csr
expose-csr_id-var = ${:var}/expose-csr_id expose-csr-var = ${:var}/expose-csr
[kedifa-csr] [kedifa-csr]
recipe = plone.recipe.command recipe = plone.recipe.command
...@@ -113,29 +112,19 @@ stop-on-error = True ...@@ -113,29 +112,19 @@ stop-on-error = True
template_csr='${kedifa-csr:template-csr}' template_csr='${kedifa-csr:template-csr}'
)}} )}}
[store-csr_id] [expose-csr-link-csr]
recipe = plone.recipe.command recipe = plone.recipe.command
filename = csr.pem
csr_id_path = ${directory:csr_id}/csr_id.txt csr_path = ${directory:expose-csr}/${:filename}
csr_work_path = ${directory:tmp}/${:_buildout_section_name_}
stop-on-error = False stop-on-error = False
update-command = ${:command} update-command = ${:command}
command = command =
{{ software_parameter_dict['bin_directory'] }}/caucase \ ln -sf ${caucase-updater-csr:csr} ${:csr_path}
--ca-url {{ caucase_url }} \
--ca-crt ${kedifa-config:ca-certificate} \ [expose-csr-certificate]
--crl ${kedifa-config:crl} \
--mode service \
{#- XXX: Need to use caucase-updater-csr:csr, as there is no way to obatin csr_id from caucase-updater -#}
{#- XXX: nor directly path to the generated CSR #}
--send-csr ${caucase-updater-csr:csr} > ${:csr_work_path} && \
cut -d ' ' -f 1 ${:csr_work_path} > ${:csr_id_path}
[certificate-csr_id]
recipe = plone.recipe.command recipe = plone.recipe.command
certificate = ${directory:certificate-csr_id}/certificate.pem certificate = ${directory:expose-csr-etc}/certificate.pem
key = ${directory:certificate-csr_id}/key.pem key = ${directory:expose-csr-etc}/key.pem
{#- Can be stopped on error, as does not rely on self provided service #} {#- Can be stopped on error, as does not rely on self provided service #}
stop-on-error = True stop-on-error = True
...@@ -147,70 +136,44 @@ command = ...@@ -147,70 +136,44 @@ command =
-days 5 -nodes -x509 -keyout ${:key} -out ${:certificate} -days 5 -nodes -x509 -keyout ${:key} -out ${:certificate}
fi fi
[expose-csr_id-configuration] [expose-csr-configuration]
ip = {{ instance_parameter_dict['ipv6-random'] }} ip = {{ instance_parameter_dict['ipv6-random'] }}
port = 17000 port = 17000
key = ${certificate-csr_id:key} key = ${expose-csr-certificate:key}
certificate = ${certificate-csr_id:certificate} certificate = ${expose-csr-certificate:certificate}
error-log = ${directory:log}/expose-csr_id.log error-log = ${directory:log}/expose-csr.log
var = ${directory:expose-csr-var}
[expose-csr_id-template] pid = ${directory:var}/nginx-expose-csr.pid
root = ${directory:expose-csr}
nginx_mime = {{ software_parameter_dict['nginx_mime'] }}
[expose-csr-template]
recipe = slapos.recipe.template:jinja2 recipe = slapos.recipe.template:jinja2
var = ${directory:expose-csr_id-var} rendered = ${directory:expose-csr-etc}/nginx.conf
pid = ${directory:var}/nginx-expose-csr_id.pid template = {{ software_parameter_dict['template_expose_csr_nginx_conf'] }}
rendered = ${directory:etc}/nginx-expose-csr_id.conf context =
template = inline: section configuration expose-csr-configuration
daemon off;
pid ${:pid}; [promise-expose-csr-ip-port]
error_log ${expose-csr_id-configuration:error-log};
events {
}
http {
include {{ software_parameter_dict['nginx_mime'] }};
server {
server_name_in_redirect off;
port_in_redirect off;
error_log ${expose-csr_id-configuration:error-log};
access_log /dev/null;
listen [${expose-csr_id-configuration:ip}]:${expose-csr_id-configuration:port} ssl;
ssl_certificate ${expose-csr_id-configuration:certificate};
ssl_certificate_key ${expose-csr_id-configuration:key};
default_type application/octet-stream;
client_body_temp_path ${:var} 1 2;
proxy_temp_path ${:var} 1 2;
fastcgi_temp_path ${:var} 1 2;
uwsgi_temp_path ${:var} 1 2;
scgi_temp_path ${:var} 1 2;
location / {
alias ${directory:csr_id}/;
autoindex off;
sendfile on;
sendfile_max_chunk 1m;
}
}
}
[promise-expose-csr_id-ip-port]
<= monitor-promise-base <= monitor-promise-base
promise = check_socket_listening promise = check_socket_listening
name = expose-csr_id-ip-port-listening.py name = expose-csr-ip-port-listening.py
config-host = ${expose-csr_id-configuration:ip} config-host = ${expose-csr-configuration:ip}
config-port = ${expose-csr_id-configuration:port} config-port = ${expose-csr-configuration:port}
[expose-csr_id] [expose-csr]
depends = ${store-csr_id:command}
recipe = slapos.cookbook:wrapper recipe = slapos.cookbook:wrapper
command-line = {{ software_parameter_dict['nginx'] }} command-line = {{ software_parameter_dict['nginx'] }}
-c ${expose-csr_id-template:rendered} -c ${expose-csr-template:rendered}
url = https://[${expose-csr-configuration:ip}]:${expose-csr-configuration:port}
wrapper-path = ${directory:service}/expose-csr_id wrapper-path = ${directory:service}/expose-csr
hash-existing-files = ${buildout:directory}/software_release/buildout.cfg hash-existing-files = ${buildout:directory}/software_release/buildout.cfg
[get-csr_id-certificate] [expose-csr-certificate-get]
recipe = collective.recipe.shelloutput recipe = collective.recipe.shelloutput
commands = commands =
certificate = cat ${certificate-csr_id:certificate} certificate = cat ${expose-csr-certificate:certificate}
[jinja2-template-base] [jinja2-template-base]
recipe = slapos.recipe.template:jinja2 recipe = slapos.recipe.template:jinja2
...@@ -325,8 +288,8 @@ caucase-url = {{ caucase_url }} ...@@ -325,8 +288,8 @@ caucase-url = {{ caucase_url }}
master-key-generate-auth-url = https://[${kedifa-config:ip}]:${kedifa-config:port}/${master-auth-random:passwd}/generateauth master-key-generate-auth-url = https://[${kedifa-config:ip}]:${kedifa-config:port}/${master-auth-random:passwd}/generateauth
master-key-upload-url = https://[${kedifa-config:ip}]:${kedifa-config:port}/${master-auth-random:passwd}?auth= master-key-upload-url = https://[${kedifa-config:ip}]:${kedifa-config:port}/${master-auth-random:passwd}?auth=
master-key-download-url = https://[${kedifa-config:ip}]:${kedifa-config:port}/${master-auth-random:passwd} master-key-download-url = https://[${kedifa-config:ip}]:${kedifa-config:port}/${master-auth-random:passwd}
csr_id-url = https://[${expose-csr_id-configuration:ip}]:${expose-csr_id-configuration:port}/csr_id.txt kedifa-csr-url = ${expose-csr:url}/${expose-csr-link-csr:filename}
csr_id-certificate = ${get-csr_id-certificate:certificate} csr-certificate = ${expose-csr-certificate-get:certificate}
monitor-base-url = ${monitor-instance-parameter:monitor-base-url} monitor-base-url = ${monitor-instance-parameter:monitor-base-url}
[promise-logrotate-setup] [promise-logrotate-setup]
......
...@@ -46,24 +46,28 @@ ...@@ -46,24 +46,28 @@
"description": "Total amount of Slaves allocated to the Instance (include blocked ones)", "description": "Total amount of Slaves allocated to the Instance (include blocked ones)",
"type": "integer" "type": "integer"
}, },
"kedifa-csr_id-url": { "kedifa-csr-url": {
"description": "URL on which KeDiFa publishes its csr_id sent to caucase.", "description": "URL on which KeDiFa publishes its CSR sent to caucase.",
"type": "string" "type": "string"
}, },
"kedifa-csr_id-certificate": { "kedifa-csr-certificate": {
"description": "Certificate used to serve data on kedifa-csr_id-url.", "description": "Certificate used to serve data on kedifa-csr-url.",
"type": "string" "type": "string"
}, },
"kedifa-caucase-url": { "kedifa-caucase-url": {
"description": "Url to caucase used by KeDiFa.", "description": "Url to caucase used by KeDiFa.",
"type": "string" "type": "string"
}, },
"caddy-frontend-N-csr_id-url": { "caddy-frontend-N-kedifa-csr-url": {
"description": "URL on which frontend node number N publishes its csr_id sent to caucase.", "description": "URL on which frontend node number N publishes its Kedifa CSR sent to caucase.",
"type": "string" "type": "string"
}, },
"caddy-frontend-N-csr_id-certificate": { "caddy-frontend-N-backend-client-csr-url": {
"description": "Certificate used to serve data on caddy-frontend-N-csr_id-url.", "description": "URL on which frontend node number N publishes its Backend Client CSR sent to caucase.",
"type": "string"
},
"caddy-frontend-N-csr-certificate": {
"description": "Certificate used to serve data on CSRs.",
"type": "string" "type": "string"
}, },
"warning-slave-dict": { "warning-slave-dict": {
......
...@@ -9,10 +9,16 @@ setup( ...@@ -9,10 +9,16 @@ setup(
'validators', 'validators',
'furl', 'furl',
'orderedmultidict', 'orderedmultidict',
'caucase',
'python2-secrets',
], ],
entry_points={ entry_points={
'zc.buildout': [ 'zc.buildout': [
'default = caddyprofiledummy:Recipe', 'default = caddyprofiledummy:Recipe',
],
'console_scripts': [
'smart-caucase-signer = caddyprofiledummy:smart_sign',
'caucase-csr-sign-check = caddyprofiledummy:caucase_csr_sign_check'
] ]
} }
) )
...@@ -99,6 +99,7 @@ template_trafficserver_records_config = ${template-trafficserver-records-config: ...@@ -99,6 +99,7 @@ template_trafficserver_records_config = ${template-trafficserver-records-config:
template_trafficserver_storage_config = ${template-trafficserver-storage-config:target} template_trafficserver_storage_config = ${template-trafficserver-storage-config:target}
template_validate_script = ${template-validate-script:target} template_validate_script = ${template-validate-script:target}
template_wrapper = ${template-wrapper:output} template_wrapper = ${template-wrapper:output}
template_expose_csr_nginx_conf = ${template-expose-csr-nginx-conf:target}
# directories # directories
bin_directory = ${buildout:bin-directory} bin_directory = ${buildout:bin-directory}
...@@ -123,6 +124,8 @@ kedifa-updater = ${:bin_directory}/kedifa-updater ...@@ -123,6 +124,8 @@ kedifa-updater = ${:bin_directory}/kedifa-updater
kedifa-csr = ${:bin_directory}/kedifa-csr kedifa-csr = ${:bin_directory}/kedifa-csr
xz_location = ${xz-utils:location} xz_location = ${xz-utils:location}
htpasswd = ${:bin_directory}/htpasswd htpasswd = ${:bin_directory}/htpasswd
smart_caucase_signer = ${:bin_directory}/smart-caucase-signer
caucase_csr_sign_check = ${:bin_directory}/caucase-csr-sign-check
[template] [template]
recipe = slapos.recipe.template:jinja2 recipe = slapos.recipe.template:jinja2
...@@ -203,11 +206,15 @@ output = ${buildout:directory}/template-wrapper.cfg ...@@ -203,11 +206,15 @@ output = ${buildout:directory}/template-wrapper.cfg
[template-backend-haproxy-rsyslogd-conf] [template-backend-haproxy-rsyslogd-conf]
<=download-template <=download-template
[template-expose-csr-nginx-conf]
<=download-template
[versions] [versions]
kedifa = 0.0.6 kedifa = 0.0.6
# Modern KeDiFa requires zc.lockfile # Modern KeDiFa requires zc.lockfile
zc.lockfile = 1.4 zc.lockfile = 1.4
python2-secrets = 1.0.5
validators = 0.12.2 validators = 0.12.2
PyRSS2Gen = 1.1 PyRSS2Gen = 1.1
cns.recipe.symlink = 0.2.3 cns.recipe.symlink = 0.2.3
......
...@@ -330,6 +330,8 @@ certificate = {{ certificate }} ...@@ -330,6 +330,8 @@ certificate = {{ certificate }}
https_port = {{ dumps('' ~ configuration['port']) }} https_port = {{ dumps('' ~ configuration['port']) }}
http_port = {{ dumps('' ~ configuration['plain_http_port']) }} http_port = {{ dumps('' ~ configuration['plain_http_port']) }}
local_ipv4 = {{ dumps('' ~ instance_parameter_dict['ipv4-random']) }} local_ipv4 = {{ dumps('' ~ instance_parameter_dict['ipv4-random']) }}
version-hash = {{ version_hash }}
node-id = {{ node_id }}
{%- for key, value in slave_instance.iteritems() %} {%- for key, value in slave_instance.iteritems() %}
{%- if value is not none %} {%- if value is not none %}
{{ key }} = {{ dumps(value) }} {{ key }} = {{ dumps(value) }}
...@@ -453,9 +455,9 @@ recipe = slapos.cookbook:publish.serialised ...@@ -453,9 +455,9 @@ recipe = slapos.cookbook:publish.serialised
slave-instance-information-list = {{ json_module.dumps(slave_instance_information_list, sort_keys=True) }} slave-instance-information-list = {{ json_module.dumps(slave_instance_information_list, sort_keys=True) }}
{%- endif %} {%- endif %}
monitor-base-url = {{ monitor_base_url }} monitor-base-url = {{ monitor_base_url }}
csr_id-url = https://[${expose-csr_id-configuration:ip}]:${expose-csr_id-configuration:port}/csr_id.txt kedifa-csr-url = ${expose-csr:url}/${expose-csr-link-csr-kedifa:filename}
backend-client-csr_id-url = https://[${expose-csr_id-configuration:ip}]:${expose-csr_id-configuration:port}/backend-haproxy-csr_id.txt backend-client-csr-url = ${expose-csr:url}/${expose-csr-link-csr-backend-haproxy:filename}
csr_id-certificate = ${get-csr_id-certificate:certificate} csr-certificate = ${expose-csr-certificate-get:certificate}
{%- set furled = furl_module.furl(backend_haproxy_configuration['statistic-frontend-secure_access']) %} {%- set furled = furl_module.furl(backend_haproxy_configuration['statistic-frontend-secure_access']) %}
{%- do furled.set(username = backend_haproxy_configuration['statistic-username']) %} {%- do furled.set(username = backend_haproxy_configuration['statistic-username']) %}
{%- do furled.set(password = backend_haproxy_configuration['statistic-password']) %} {%- do furled.set(password = backend_haproxy_configuration['statistic-password']) %}
...@@ -463,6 +465,8 @@ csr_id-certificate = ${get-csr_id-certificate:certificate} ...@@ -463,6 +465,8 @@ csr_id-certificate = ${get-csr_id-certificate:certificate}
{#- We unquote, as furl quotes automatically, but there is buildout value on purpose like ${...:...} in the passwod #} {#- We unquote, as furl quotes automatically, but there is buildout value on purpose like ${...:...} in the passwod #}
{%- set statistic_url = urlparse_module.unquote(furled.tostr()) %} {%- set statistic_url = urlparse_module.unquote(furled.tostr()) %}
backend-haproxy-statistic-url = {{ statistic_url }} backend-haproxy-statistic-url = {{ statistic_url }}
{#- sort_keys are important in order to avoid shuffling parameters on each run #}
node-information-json = {{ json_module.dumps(node_information, sort_keys=True) }}
[kedifa-updater] [kedifa-updater]
recipe = slapos.cookbook:wrapper recipe = slapos.cookbook:wrapper
...@@ -513,23 +517,26 @@ global-ipv6 = ${slap-configuration:ipv6-random} ...@@ -513,23 +517,26 @@ global-ipv6 = ${slap-configuration:ipv6-random}
request-timeout = {{ dumps('' ~ configuration['request-timeout']) }} request-timeout = {{ dumps('' ~ configuration['request-timeout']) }}
backend-connect-timeout = {{ dumps('' ~ configuration['backend-connect-timeout']) }} backend-connect-timeout = {{ dumps('' ~ configuration['backend-connect-timeout']) }}
backend-connect-retries = {{ dumps('' ~ configuration['backend-connect-retries']) }} backend-connect-retries = {{ dumps('' ~ configuration['backend-connect-retries']) }}
version-hash = {{ version_hash }}
node-id = {{ node_id }}
[store-backend-haproxy-csr_id] [template-expose-csr-link-csr]
recipe = plone.recipe.command recipe = plone.recipe.command
csr_id_path = {{ directory['csr_id'] }}/backend-haproxy-csr_id.txt
csr_work_path = {{ directory['tmp'] }}/${:_buildout_section_name_}
stop-on-error = False stop-on-error = False
update-command = ${:command} update-command = ${:command}
csr_path = {{ directory['expose-csr'] }}/${:filename}
command = command =
{{ software_parameter_dict['bin_directory'] }}/caucase \ ln -sf ${:csr} ${:csr_path}
--ca-url {{ backend_haproxy_configuration['caucase-url'] }} \
--ca-crt {{ backend_haproxy_configuration['cas-ca-certificate'] }} \ [expose-csr-link-csr-backend-haproxy]
--crl {{ backend_haproxy_configuration['crl'] }} \ <= template-expose-csr-link-csr
--mode service \ filename = backend-haproxy-csr.pem
--send-csr {{ backend_haproxy_configuration['csr'] }} > ${:csr_work_path} && \ csr = {{ backend_haproxy_configuration['csr'] }}
cut -d ' ' -f 1 ${:csr_work_path} > ${:csr_id_path}
[expose-csr-link-csr-kedifa]
<= template-expose-csr-link-csr
filename = kedifa-csr.pem
csr = {{ kedifa_configuration['csr'] }}
##<Backend haproxy> ##<Backend haproxy>
...@@ -550,32 +557,14 @@ parts += ...@@ -550,32 +557,14 @@ parts +=
publish-caddy-information publish-caddy-information
tunnel-6to4-base-http_port tunnel-6to4-base-http_port
tunnel-6to4-base-https_port tunnel-6to4-base-https_port
expose-csr_id promise-expose-csr-ip-port
promise-expose-csr_id-ip-port
cache-access = {{ cache_access }} cache-access = {{ cache_access }}
[store-csr_id] [expose-csr-certificate]
recipe = plone.recipe.command
csr_id_path = {{ directory['csr_id'] }}/csr_id.txt
csr_work_path = {{ directory['tmp'] }}/${:_buildout_section_name_}
stop-on-error = False
update-command = ${:command}
command =
{{ software_parameter_dict['bin_directory'] }}/caucase \
--ca-url {{ kedifa_configuration['caucase-url'] }} \
--ca-crt {{ kedifa_configuration['cas-ca-certificate'] }} \
--crl {{ kedifa_configuration['crl'] }} \
--mode service \
--send-csr {{ kedifa_configuration['csr'] }} > ${:csr_work_path} && \
cut -d ' ' -f 1 ${:csr_work_path} > ${:csr_id_path}
[certificate-csr_id]
recipe = plone.recipe.command recipe = plone.recipe.command
certificate = {{ directory['certificate-csr_id'] }}/certificate.pem certificate = {{ directory['expose-csr-etc'] }}/certificate.pem
key = {{ directory['certificate-csr_id'] }}/key.pem key = {{ directory['expose-csr-etc'] }}/key.pem
{#- Can be stopped on error, as does not rely on self provided service #} {#- Can be stopped on error, as does not rely on self provided service #}
stop-on-error = True stop-on-error = True
...@@ -583,76 +572,48 @@ update-command = ${:command} ...@@ -583,76 +572,48 @@ update-command = ${:command}
command = command =
if ! [ -f ${:key} ] && ! [ -f ${:certificate} ] ; then if ! [ -f ${:key} ] && ! [ -f ${:certificate} ] ; then
openssl req -new -newkey rsa:2048 -sha256 -subj \ openssl req -new -newkey rsa:2048 -sha256 -subj \
"/O={{ expose_csr_id_organization }}/OU={{ expose_csr_id_organizational_unit }}/CN=${slap-configuration:ipv6-random}" \ "/O={{ expose_csr_organization }}/OU={{ expose_csr_organizational_unit }}/CN=${slap-configuration:ipv6-random}" \
-days 5 -nodes -x509 -keyout ${:key} -out ${:certificate} -days 5 -nodes -x509 -keyout ${:key} -out ${:certificate}
fi fi
[expose-csr_id-configuration] [expose-csr-configuration]
ip = ${slap-configuration:ipv6-random} ip = ${slap-configuration:ipv6-random}
port = 17001 port = 17001
key = ${certificate-csr_id:key} key = ${expose-csr-certificate:key}
certificate = ${certificate-csr_id:certificate} certificate = ${expose-csr-certificate:certificate}
error-log = {{ directory['log'] }}/expose-csr_id.log error-log = {{ directory['log'] }}/expose-csr.log
var = {{ directory['expose-csr-var'] }}
[expose-csr_id-template] pid = {{ directory['var'] }}/nginx-expose-csr.pid
root = {{ directory['expose-csr'] }}
nginx_mime = {{ software_parameter_dict['nginx_mime'] }}
[expose-csr-template]
recipe = slapos.recipe.template:jinja2 recipe = slapos.recipe.template:jinja2
var = {{ directory['expose-csr_id-var'] }} rendered = {{ directory['expose-csr-etc'] }}/nginx.conf
pid = {{ directory['var'] }}/nginx-expose-csr_id.pid template = {{ template_expose_csr_nginx_conf }}
rendered = {{ directory['etc'] }}/nginx-expose-csr_id.conf context =
template = inline: section configuration expose-csr-configuration
daemon off;
pid ${:pid}; [promise-expose-csr-ip-port]
error_log ${expose-csr_id-configuration:error-log};
events {
}
http {
include {{ software_parameter_dict['nginx_mime'] }};
server {
server_name_in_redirect off;
port_in_redirect off;
error_log ${expose-csr_id-configuration:error-log};
access_log /dev/null;
listen [${expose-csr_id-configuration:ip}]:${expose-csr_id-configuration:port} ssl;
ssl_certificate ${expose-csr_id-configuration:certificate};
ssl_certificate_key ${expose-csr_id-configuration:key};
default_type application/octet-stream;
client_body_temp_path ${:var} 1 2;
proxy_temp_path ${:var} 1 2;
fastcgi_temp_path ${:var} 1 2;
uwsgi_temp_path ${:var} 1 2;
scgi_temp_path ${:var} 1 2;
location / {
alias {{ directory['csr_id'] }}/;
autoindex off;
sendfile on;
sendfile_max_chunk 1m;
}
}
}
[promise-expose-csr_id-ip-port]
<= monitor-promise-base <= monitor-promise-base
promise = check_socket_listening promise = check_socket_listening
name = expose-csr_id-ip-port-listening.py name = expose-csr-ip-port-listening.py
config-host = ${expose-csr_id-configuration:ip} config-host = ${expose-csr-configuration:ip}
config-port = ${expose-csr_id-configuration:port} config-port = ${expose-csr-configuration:port}
[expose-csr_id] [expose-csr]
depends =
${store-csr_id:command}
${store-backend-haproxy-csr_id:command}
recipe = slapos.cookbook:wrapper recipe = slapos.cookbook:wrapper
command-line = {{ software_parameter_dict['nginx'] }} command-line = {{ software_parameter_dict['nginx'] }}
-c ${expose-csr_id-template:rendered} -c ${expose-csr-template:rendered}
url = https://[${expose-csr-configuration:ip}]:${expose-csr-configuration:port}
wrapper-path = {{ directory['service'] }}/expose-csr_id wrapper-path = {{ directory['service'] }}/expose-csr
hash-existing-files = ${buildout:directory}/software_release/buildout.cfg hash-existing-files = ${buildout:directory}/software_release/buildout.cfg
[get-csr_id-certificate] [expose-csr-certificate-get]
recipe = collective.recipe.shelloutput recipe = collective.recipe.shelloutput
commands = commands =
certificate = cat ${certificate-csr_id:certificate} certificate = cat ${expose-csr-certificate:certificate}
[promise-logrotate-setup] [promise-logrotate-setup]
<= monitor-promise-base <= monitor-promise-base
......
...@@ -58,6 +58,8 @@ frontend statistic ...@@ -58,6 +58,8 @@ frontend statistic
frontend http-backend frontend http-backend
bind {{ configuration['local-ipv4'] }}:{{ configuration['http-port'] }} bind {{ configuration['local-ipv4'] }}:{{ configuration['http-port'] }}
http-request add-header Via "%HV rapid-cdn-backend-{{ configuration['node-id'] }}-{{ configuration['version-hash'] }}"
http-response add-header Via "%HV rapid-cdn-backend-{{ configuration['node-id'] }}-{{ configuration['version-hash']}}"
{%- for slave_instance in backend_slave_list -%} {%- for slave_instance in backend_slave_list -%}
{{ frontend_entry(slave_instance, 'http', False) }} {{ frontend_entry(slave_instance, 'http', False) }}
{%- endfor %} {%- endfor %}
......
...@@ -21,6 +21,10 @@ ...@@ -21,6 +21,10 @@
# workaround for lost connection to haproxy by reconnecting # workaround for lost connection to haproxy by reconnecting
try_duration 3s try_duration 3s
try_interval 250ms try_interval 250ms
header_upstream +Via "{proto} rapid-cdn-frontend-{{ slave_parameter['node-id'] }}-{{ slave_parameter['version-hash'] }}"
{%- if not slave_parameter['disable-via-header'] %}
header_downstream +Via "{proto} rapid-cdn-frontend-{{ slave_parameter['node-id'] }}-{{ slave_parameter['version-hash'] }}"
{%- endif %}
{%- endmacro %} {# proxy_header #} {%- endmacro %} {# proxy_header #}
{%- macro hsts_header(tls) %} {%- macro hsts_header(tls) %}
......
daemon off;
pid {{ configuration['pid'] }};
error_log {{ configuration['error-log'] }};
events {
}
http {
include {{ configuration['nginx_mime'] }};
server {
server_name_in_redirect off;
port_in_redirect off;
error_log {{ configuration['error-log'] }};
access_log /dev/null;
listen [{{ configuration['ip'] }}]:{{ configuration['port'] }} ssl;
ssl_certificate {{ configuration['certificate'] }};
ssl_certificate_key {{ configuration['key'] }};
default_type application/octet-stream;
client_body_temp_path {{ configuration['var'] }} 1 2;
proxy_temp_path {{ configuration['var'] }} 1 2;
fastcgi_temp_path {{ configuration['var'] }} 1 2;
uwsgi_temp_path {{ configuration['var'] }} 1 2;
scgi_temp_path {{ configuration['var'] }} 1 2;
location / {
alias {{ configuration['root'] }}/;
autoindex off;
sendfile on;
sendfile_max_chunk 1m;
}
}
}
...@@ -72,6 +72,9 @@ log-access-url = {{ dumps(json_module.dumps(log_access_url, sort_keys=True)) }} ...@@ -72,6 +72,9 @@ log-access-url = {{ dumps(json_module.dumps(log_access_url, sort_keys=True)) }}
{{ key }} = {{ dumps(value) }} {{ key }} = {{ dumps(value) }}
{% endfor %} {% endfor %}
{% endif %} {% endif %}
{% for frontend_key, frontend_value in frontend_information.iteritems() %}
{{ frontend_key }} = {{ frontend_value }}
{% endfor %}
{% endfor %} {% endfor %}
[buildout] [buildout]
......
...@@ -18,6 +18,12 @@ LOCAL proxy.local.incoming_ip_to_bind STRING {{ ats_configuration['local-ip'] }} ...@@ -18,6 +18,12 @@ LOCAL proxy.local.incoming_ip_to_bind STRING {{ ats_configuration['local-ip'] }}
CONFIG proxy.config.log.logfile_dir STRING {{ ats_directory['log'] }} CONFIG proxy.config.log.logfile_dir STRING {{ ats_directory['log'] }}
# Never change Server header # Never change Server header
CONFIG proxy.config.http.response_server_enabled INT 0 CONFIG proxy.config.http.response_server_enabled INT 0
# Handle Via header
CONFIG proxy.config.http.insert_request_via_str INT 1
CONFIG proxy.config.http.request_via_str STRING rapid-cdn-cache-{{ ats_configuration['node-id'] }}-{{ ats_configuration['version-hash'] }}
CONFIG proxy.config.http.insert_response_via_str INT 1
CONFIG proxy.config.http.response_via_str STRING rapid-cdn-cache-{{ ats_configuration['node-id'] }}-{{ ats_configuration['version-hash'] }}
# Implement RFC 5861 with core # Implement RFC 5861 with core
CONFIG proxy.config.http.cache.open_write_fail_action INT 2 CONFIG proxy.config.http.cache.open_write_fail_action INT 2
CONFIG proxy.config.body_factory.template_sets_dir STRING {{ ats_configuration['templates-dir'] }} CONFIG proxy.config.body_factory.template_sets_dir STRING {{ ats_configuration['templates-dir'] }}
...@@ -53,13 +59,6 @@ CONFIG proxy.config.exec_thread.affinity INT 1 ...@@ -53,13 +59,6 @@ CONFIG proxy.config.exec_thread.affinity INT 1
############################################################################## ##############################################################################
CONFIG proxy.config.http.server_ports STRING {{ ats_configuration['local-ip'] + ':' + ats_configuration['input-port'] }} CONFIG proxy.config.http.server_ports STRING {{ ats_configuration['local-ip'] + ':' + ats_configuration['input-port'] }}
##############################################################################
# Via: headers. Docs:
# https://docs.trafficserver.apache.org/records.config#proxy-config-http-insert-response-via-str
##############################################################################
CONFIG proxy.config.http.insert_request_via_str INT 1
CONFIG proxy.config.http.insert_response_via_str INT 0
############################################################################## ##############################################################################
# Parent proxy configuration, in addition to these settings also see parent.config. Docs: # Parent proxy configuration, in addition to these settings also see parent.config. Docs:
# https://docs.trafficserver.apache.org/records.config#parent-proxy-configuration # https://docs.trafficserver.apache.org/records.config#parent-proxy-configuration
......
This diff is collapsed.
T-0/var/log/monitor-httpd-access.log T-0/var/log/monitor-httpd-access.log
T-0/var/log/monitor-httpd-error.log T-0/var/log/monitor-httpd-error.log
T-0/var/log/slapgrid-T-0-error.log T-0/var/log/slapgrid-T-0-error.log
T-1/var/log/expose-csr_id.log T-1/var/log/expose-csr.log
T-1/var/log/kedifa.log T-1/var/log/kedifa.log
T-1/var/log/monitor-httpd-access.log T-1/var/log/monitor-httpd-access.log
T-1/var/log/monitor-httpd-error.log T-1/var/log/monitor-httpd-error.log
T-2/var/log/backend-haproxy.log T-2/var/log/backend-haproxy.log
T-2/var/log/expose-csr_id.log T-2/var/log/expose-csr.log
T-2/var/log/frontend-access.log T-2/var/log/frontend-access.log
T-2/var/log/frontend-error.log T-2/var/log/frontend-error.log
T-2/var/log/httpd/_dummy-cached_access_log T-2/var/log/httpd/_dummy-cached_access_log
......
T-0/etc/plugin/__init__.py T-0/etc/plugin/__init__.py
T-0/etc/plugin/aibcc-sign-promise.py
T-0/etc/plugin/aibcc-user-caucase-updater.py T-0/etc/plugin/aibcc-user-caucase-updater.py
T-0/etc/plugin/aikc-sign-promise.py
T-0/etc/plugin/aikc-user-caucase-updater.py T-0/etc/plugin/aikc-user-caucase-updater.py
T-0/etc/plugin/buildout-T-0-status.py T-0/etc/plugin/buildout-T-0-status.py
T-0/etc/plugin/caucased-backend-client.py T-0/etc/plugin/caucased-backend-client.py
...@@ -14,7 +16,7 @@ T-1/etc/plugin/__init__.py ...@@ -14,7 +16,7 @@ T-1/etc/plugin/__init__.py
T-1/etc/plugin/buildout-T-1-status.py T-1/etc/plugin/buildout-T-1-status.py
T-1/etc/plugin/caucased.py T-1/etc/plugin/caucased.py
T-1/etc/plugin/check-free-disk-space.py T-1/etc/plugin/check-free-disk-space.py
T-1/etc/plugin/expose-csr_id-ip-port-listening.py T-1/etc/plugin/expose-csr-ip-port-listening.py
T-1/etc/plugin/kedifa-http-reply.py T-1/etc/plugin/kedifa-http-reply.py
T-1/etc/plugin/monitor-bootstrap-status.py T-1/etc/plugin/monitor-bootstrap-status.py
T-1/etc/plugin/monitor-http-frontend.py T-1/etc/plugin/monitor-http-frontend.py
...@@ -33,7 +35,7 @@ T-2/etc/plugin/caddy_frontend_ipv6_http.py ...@@ -33,7 +35,7 @@ T-2/etc/plugin/caddy_frontend_ipv6_http.py
T-2/etc/plugin/caddy_frontend_ipv6_https.py T-2/etc/plugin/caddy_frontend_ipv6_https.py
T-2/etc/plugin/caucase-updater.py T-2/etc/plugin/caucase-updater.py
T-2/etc/plugin/check-free-disk-space.py T-2/etc/plugin/check-free-disk-space.py
T-2/etc/plugin/expose-csr_id-ip-port-listening.py T-2/etc/plugin/expose-csr-ip-port-listening.py
T-2/etc/plugin/frontend-caddy-configuration-promise.py T-2/etc/plugin/frontend-caddy-configuration-promise.py
T-2/etc/plugin/monitor-bootstrap-status.py T-2/etc/plugin/monitor-bootstrap-status.py
T-2/etc/plugin/monitor-http-frontend.py T-2/etc/plugin/monitor-http-frontend.py
......
...@@ -12,7 +12,7 @@ T-1:caucase-updater-on-watch RUNNING ...@@ -12,7 +12,7 @@ T-1:caucase-updater-on-watch RUNNING
T-1:caucased-{hash-generic}-on-watch RUNNING T-1:caucased-{hash-generic}-on-watch RUNNING
T-1:certificate_authority-{hash-generic}-on-watch RUNNING T-1:certificate_authority-{hash-generic}-on-watch RUNNING
T-1:crond-{hash-generic}-on-watch RUNNING T-1:crond-{hash-generic}-on-watch RUNNING
T-1:expose-csr_id-{hash-generic}-on-watch RUNNING T-1:expose-csr-{hash-generic}-on-watch RUNNING
T-1:kedifa-{hash-generic}-on-watch RUNNING T-1:kedifa-{hash-generic}-on-watch RUNNING
T-1:kedifa-reloader EXITED T-1:kedifa-reloader EXITED
T-1:monitor-httpd-{hash-generic}-on-watch RUNNING T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
...@@ -26,7 +26,7 @@ T-2:backend-haproxy-safe-graceful EXITED ...@@ -26,7 +26,7 @@ T-2:backend-haproxy-safe-graceful EXITED
T-2:bootstrap-monitor EXITED T-2:bootstrap-monitor EXITED
T-2:certificate_authority-{hash-generic}-on-watch RUNNING T-2:certificate_authority-{hash-generic}-on-watch RUNNING
T-2:crond-{hash-generic}-on-watch RUNNING T-2:crond-{hash-generic}-on-watch RUNNING
T-2:expose-csr_id-{hash-generic}-on-watch RUNNING T-2:expose-csr-{hash-generic}-on-watch RUNNING
T-2:frontend-caddy-safe-graceful EXITED T-2:frontend-caddy-safe-graceful EXITED
T-2:frontend_caddy-{hash-caddy-T-2}-on-watch RUNNING T-2:frontend_caddy-{hash-caddy-T-2}-on-watch RUNNING
T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
......
T-0/var/log/monitor-httpd-access.log T-0/var/log/monitor-httpd-access.log
T-0/var/log/monitor-httpd-error.log T-0/var/log/monitor-httpd-error.log
T-0/var/log/slapgrid-T-0-error.log T-0/var/log/slapgrid-T-0-error.log
T-1/var/log/expose-csr_id.log T-1/var/log/expose-csr.log
T-1/var/log/kedifa.log T-1/var/log/kedifa.log
T-1/var/log/monitor-httpd-access.log T-1/var/log/monitor-httpd-access.log
T-1/var/log/monitor-httpd-error.log T-1/var/log/monitor-httpd-error.log
T-2/var/log/backend-haproxy.log T-2/var/log/backend-haproxy.log
T-2/var/log/expose-csr_id.log T-2/var/log/expose-csr.log
T-2/var/log/frontend-access.log T-2/var/log/frontend-access.log
T-2/var/log/frontend-error.log T-2/var/log/frontend-error.log
T-2/var/log/httpd/_dummy-cached_access_log T-2/var/log/httpd/_dummy-cached_access_log
......
T-0/etc/plugin/__init__.py T-0/etc/plugin/__init__.py
T-0/etc/plugin/aibcc-sign-promise.py
T-0/etc/plugin/aibcc-user-caucase-updater.py T-0/etc/plugin/aibcc-user-caucase-updater.py
T-0/etc/plugin/aikc-sign-promise.py
T-0/etc/plugin/aikc-user-caucase-updater.py T-0/etc/plugin/aikc-user-caucase-updater.py
T-0/etc/plugin/buildout-T-0-status.py T-0/etc/plugin/buildout-T-0-status.py
T-0/etc/plugin/caucased-backend-client.py T-0/etc/plugin/caucased-backend-client.py
...@@ -14,7 +16,7 @@ T-1/etc/plugin/__init__.py ...@@ -14,7 +16,7 @@ T-1/etc/plugin/__init__.py
T-1/etc/plugin/buildout-T-1-status.py T-1/etc/plugin/buildout-T-1-status.py
T-1/etc/plugin/caucased.py T-1/etc/plugin/caucased.py
T-1/etc/plugin/check-free-disk-space.py T-1/etc/plugin/check-free-disk-space.py
T-1/etc/plugin/expose-csr_id-ip-port-listening.py T-1/etc/plugin/expose-csr-ip-port-listening.py
T-1/etc/plugin/kedifa-http-reply.py T-1/etc/plugin/kedifa-http-reply.py
T-1/etc/plugin/monitor-bootstrap-status.py T-1/etc/plugin/monitor-bootstrap-status.py
T-1/etc/plugin/monitor-http-frontend.py T-1/etc/plugin/monitor-http-frontend.py
...@@ -33,7 +35,7 @@ T-2/etc/plugin/caddy_frontend_ipv6_http.py ...@@ -33,7 +35,7 @@ T-2/etc/plugin/caddy_frontend_ipv6_http.py
T-2/etc/plugin/caddy_frontend_ipv6_https.py T-2/etc/plugin/caddy_frontend_ipv6_https.py
T-2/etc/plugin/caucase-updater.py T-2/etc/plugin/caucase-updater.py
T-2/etc/plugin/check-free-disk-space.py T-2/etc/plugin/check-free-disk-space.py
T-2/etc/plugin/expose-csr_id-ip-port-listening.py T-2/etc/plugin/expose-csr-ip-port-listening.py
T-2/etc/plugin/frontend-caddy-configuration-promise.py T-2/etc/plugin/frontend-caddy-configuration-promise.py
T-2/etc/plugin/monitor-bootstrap-status.py T-2/etc/plugin/monitor-bootstrap-status.py
T-2/etc/plugin/monitor-http-frontend.py T-2/etc/plugin/monitor-http-frontend.py
......
...@@ -12,7 +12,7 @@ T-1:caucase-updater-on-watch RUNNING ...@@ -12,7 +12,7 @@ T-1:caucase-updater-on-watch RUNNING
T-1:caucased-{hash-generic}-on-watch RUNNING T-1:caucased-{hash-generic}-on-watch RUNNING
T-1:certificate_authority-{hash-generic}-on-watch RUNNING T-1:certificate_authority-{hash-generic}-on-watch RUNNING
T-1:crond-{hash-generic}-on-watch RUNNING T-1:crond-{hash-generic}-on-watch RUNNING
T-1:expose-csr_id-{hash-generic}-on-watch RUNNING T-1:expose-csr-{hash-generic}-on-watch RUNNING
T-1:kedifa-{hash-generic}-on-watch RUNNING T-1:kedifa-{hash-generic}-on-watch RUNNING
T-1:kedifa-reloader EXITED T-1:kedifa-reloader EXITED
T-1:monitor-httpd-{hash-generic}-on-watch RUNNING T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
...@@ -26,7 +26,7 @@ T-2:backend-haproxy-safe-graceful EXITED ...@@ -26,7 +26,7 @@ T-2:backend-haproxy-safe-graceful EXITED
T-2:bootstrap-monitor EXITED T-2:bootstrap-monitor EXITED
T-2:certificate_authority-{hash-generic}-on-watch RUNNING T-2:certificate_authority-{hash-generic}-on-watch RUNNING
T-2:crond-{hash-generic}-on-watch RUNNING T-2:crond-{hash-generic}-on-watch RUNNING
T-2:expose-csr_id-{hash-generic}-on-watch RUNNING T-2:expose-csr-{hash-generic}-on-watch RUNNING
T-2:frontend-caddy-safe-graceful EXITED T-2:frontend-caddy-safe-graceful EXITED
T-2:frontend_caddy-{hash-caddy-T-2}-on-watch RUNNING T-2:frontend_caddy-{hash-caddy-T-2}-on-watch RUNNING
T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
......
T-0/var/log/monitor-httpd-access.log T-0/var/log/monitor-httpd-access.log
T-0/var/log/monitor-httpd-error.log T-0/var/log/monitor-httpd-error.log
T-0/var/log/slapgrid-T-0-error.log T-0/var/log/slapgrid-T-0-error.log
T-1/var/log/expose-csr_id.log T-1/var/log/expose-csr.log
T-1/var/log/kedifa.log T-1/var/log/kedifa.log
T-1/var/log/monitor-httpd-access.log T-1/var/log/monitor-httpd-access.log
T-1/var/log/monitor-httpd-error.log T-1/var/log/monitor-httpd-error.log
T-2/var/log/backend-haproxy.log T-2/var/log/backend-haproxy.log
T-2/var/log/expose-csr_id.log T-2/var/log/expose-csr.log
T-2/var/log/frontend-access.log T-2/var/log/frontend-access.log
T-2/var/log/frontend-error.log T-2/var/log/frontend-error.log
T-2/var/log/httpd/_dummy-cached_access_log T-2/var/log/httpd/_dummy-cached_access_log
......
T-0/etc/plugin/__init__.py T-0/etc/plugin/__init__.py
T-0/etc/plugin/aibcc-sign-promise.py
T-0/etc/plugin/aibcc-user-caucase-updater.py T-0/etc/plugin/aibcc-user-caucase-updater.py
T-0/etc/plugin/aikc-sign-promise.py
T-0/etc/plugin/aikc-user-caucase-updater.py T-0/etc/plugin/aikc-user-caucase-updater.py
T-0/etc/plugin/buildout-T-0-status.py T-0/etc/plugin/buildout-T-0-status.py
T-0/etc/plugin/caucased-backend-client.py T-0/etc/plugin/caucased-backend-client.py
...@@ -14,7 +16,7 @@ T-1/etc/plugin/__init__.py ...@@ -14,7 +16,7 @@ T-1/etc/plugin/__init__.py
T-1/etc/plugin/buildout-T-1-status.py T-1/etc/plugin/buildout-T-1-status.py
T-1/etc/plugin/caucased.py T-1/etc/plugin/caucased.py
T-1/etc/plugin/check-free-disk-space.py T-1/etc/plugin/check-free-disk-space.py
T-1/etc/plugin/expose-csr_id-ip-port-listening.py T-1/etc/plugin/expose-csr-ip-port-listening.py
T-1/etc/plugin/kedifa-http-reply.py T-1/etc/plugin/kedifa-http-reply.py
T-1/etc/plugin/monitor-bootstrap-status.py T-1/etc/plugin/monitor-bootstrap-status.py
T-1/etc/plugin/monitor-http-frontend.py T-1/etc/plugin/monitor-http-frontend.py
...@@ -33,7 +35,7 @@ T-2/etc/plugin/caddy_frontend_ipv6_http.py ...@@ -33,7 +35,7 @@ T-2/etc/plugin/caddy_frontend_ipv6_http.py
T-2/etc/plugin/caddy_frontend_ipv6_https.py T-2/etc/plugin/caddy_frontend_ipv6_https.py
T-2/etc/plugin/caucase-updater.py T-2/etc/plugin/caucase-updater.py
T-2/etc/plugin/check-free-disk-space.py T-2/etc/plugin/check-free-disk-space.py
T-2/etc/plugin/expose-csr_id-ip-port-listening.py T-2/etc/plugin/expose-csr-ip-port-listening.py
T-2/etc/plugin/frontend-caddy-configuration-promise.py T-2/etc/plugin/frontend-caddy-configuration-promise.py
T-2/etc/plugin/monitor-bootstrap-status.py T-2/etc/plugin/monitor-bootstrap-status.py
T-2/etc/plugin/monitor-http-frontend.py T-2/etc/plugin/monitor-http-frontend.py
......
...@@ -12,7 +12,7 @@ T-1:caucase-updater-on-watch RUNNING ...@@ -12,7 +12,7 @@ T-1:caucase-updater-on-watch RUNNING
T-1:caucased-{hash-generic}-on-watch RUNNING T-1:caucased-{hash-generic}-on-watch RUNNING
T-1:certificate_authority-{hash-generic}-on-watch RUNNING T-1:certificate_authority-{hash-generic}-on-watch RUNNING
T-1:crond-{hash-generic}-on-watch RUNNING T-1:crond-{hash-generic}-on-watch RUNNING
T-1:expose-csr_id-{hash-generic}-on-watch RUNNING T-1:expose-csr-{hash-generic}-on-watch RUNNING
T-1:kedifa-{hash-generic}-on-watch RUNNING T-1:kedifa-{hash-generic}-on-watch RUNNING
T-1:kedifa-reloader EXITED T-1:kedifa-reloader EXITED
T-1:monitor-httpd-{hash-generic}-on-watch RUNNING T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
...@@ -26,7 +26,7 @@ T-2:backend-haproxy-safe-graceful EXITED ...@@ -26,7 +26,7 @@ T-2:backend-haproxy-safe-graceful EXITED
T-2:bootstrap-monitor EXITED T-2:bootstrap-monitor EXITED
T-2:certificate_authority-{hash-generic}-on-watch RUNNING T-2:certificate_authority-{hash-generic}-on-watch RUNNING
T-2:crond-{hash-generic}-on-watch RUNNING T-2:crond-{hash-generic}-on-watch RUNNING
T-2:expose-csr_id-{hash-generic}-on-watch RUNNING T-2:expose-csr-{hash-generic}-on-watch RUNNING
T-2:frontend-caddy-safe-graceful EXITED T-2:frontend-caddy-safe-graceful EXITED
T-2:frontend_caddy-{hash-caddy-T-2}-on-watch RUNNING T-2:frontend_caddy-{hash-caddy-T-2}-on-watch RUNNING
T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
......
T-0/var/log/monitor-httpd-access.log T-0/var/log/monitor-httpd-access.log
T-0/var/log/monitor-httpd-error.log T-0/var/log/monitor-httpd-error.log
T-0/var/log/slapgrid-T-0-error.log T-0/var/log/slapgrid-T-0-error.log
T-1/var/log/expose-csr_id.log T-1/var/log/expose-csr.log
T-1/var/log/kedifa.log T-1/var/log/kedifa.log
T-1/var/log/monitor-httpd-access.log T-1/var/log/monitor-httpd-access.log
T-1/var/log/monitor-httpd-error.log T-1/var/log/monitor-httpd-error.log
T-2/var/log/backend-haproxy.log T-2/var/log/backend-haproxy.log
T-2/var/log/expose-csr_id.log T-2/var/log/expose-csr.log
T-2/var/log/frontend-access.log T-2/var/log/frontend-access.log
T-2/var/log/frontend-error.log T-2/var/log/frontend-error.log
T-2/var/log/httpd/_dummy-cached_access_log T-2/var/log/httpd/_dummy-cached_access_log
......
T-0/etc/plugin/__init__.py T-0/etc/plugin/__init__.py
T-0/etc/plugin/aibcc-sign-promise.py
T-0/etc/plugin/aibcc-user-caucase-updater.py T-0/etc/plugin/aibcc-user-caucase-updater.py
T-0/etc/plugin/aikc-sign-promise.py
T-0/etc/plugin/aikc-user-caucase-updater.py T-0/etc/plugin/aikc-user-caucase-updater.py
T-0/etc/plugin/buildout-T-0-status.py T-0/etc/plugin/buildout-T-0-status.py
T-0/etc/plugin/caucased-backend-client.py T-0/etc/plugin/caucased-backend-client.py
...@@ -14,7 +16,7 @@ T-1/etc/plugin/__init__.py ...@@ -14,7 +16,7 @@ T-1/etc/plugin/__init__.py
T-1/etc/plugin/buildout-T-1-status.py T-1/etc/plugin/buildout-T-1-status.py
T-1/etc/plugin/caucased.py T-1/etc/plugin/caucased.py
T-1/etc/plugin/check-free-disk-space.py T-1/etc/plugin/check-free-disk-space.py
T-1/etc/plugin/expose-csr_id-ip-port-listening.py T-1/etc/plugin/expose-csr-ip-port-listening.py
T-1/etc/plugin/kedifa-http-reply.py T-1/etc/plugin/kedifa-http-reply.py
T-1/etc/plugin/monitor-bootstrap-status.py T-1/etc/plugin/monitor-bootstrap-status.py
T-1/etc/plugin/monitor-http-frontend.py T-1/etc/plugin/monitor-http-frontend.py
...@@ -33,7 +35,7 @@ T-2/etc/plugin/caddy_frontend_ipv6_http.py ...@@ -33,7 +35,7 @@ T-2/etc/plugin/caddy_frontend_ipv6_http.py
T-2/etc/plugin/caddy_frontend_ipv6_https.py T-2/etc/plugin/caddy_frontend_ipv6_https.py
T-2/etc/plugin/caucase-updater.py T-2/etc/plugin/caucase-updater.py
T-2/etc/plugin/check-free-disk-space.py T-2/etc/plugin/check-free-disk-space.py
T-2/etc/plugin/expose-csr_id-ip-port-listening.py T-2/etc/plugin/expose-csr-ip-port-listening.py
T-2/etc/plugin/frontend-caddy-configuration-promise.py T-2/etc/plugin/frontend-caddy-configuration-promise.py
T-2/etc/plugin/monitor-bootstrap-status.py T-2/etc/plugin/monitor-bootstrap-status.py
T-2/etc/plugin/monitor-http-frontend.py T-2/etc/plugin/monitor-http-frontend.py
......
...@@ -12,7 +12,7 @@ T-1:caucase-updater-on-watch RUNNING ...@@ -12,7 +12,7 @@ T-1:caucase-updater-on-watch RUNNING
T-1:caucased-{hash-generic}-on-watch RUNNING T-1:caucased-{hash-generic}-on-watch RUNNING
T-1:certificate_authority-{hash-generic}-on-watch RUNNING T-1:certificate_authority-{hash-generic}-on-watch RUNNING
T-1:crond-{hash-generic}-on-watch RUNNING T-1:crond-{hash-generic}-on-watch RUNNING
T-1:expose-csr_id-{hash-generic}-on-watch RUNNING T-1:expose-csr-{hash-generic}-on-watch RUNNING
T-1:kedifa-{hash-generic}-on-watch RUNNING T-1:kedifa-{hash-generic}-on-watch RUNNING
T-1:kedifa-reloader EXITED T-1:kedifa-reloader EXITED
T-1:monitor-httpd-{hash-generic}-on-watch RUNNING T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
...@@ -26,7 +26,7 @@ T-2:backend-haproxy-safe-graceful EXITED ...@@ -26,7 +26,7 @@ T-2:backend-haproxy-safe-graceful EXITED
T-2:bootstrap-monitor EXITED T-2:bootstrap-monitor EXITED
T-2:certificate_authority-{hash-generic}-on-watch RUNNING T-2:certificate_authority-{hash-generic}-on-watch RUNNING
T-2:crond-{hash-generic}-on-watch RUNNING T-2:crond-{hash-generic}-on-watch RUNNING
T-2:expose-csr_id-{hash-generic}-on-watch RUNNING T-2:expose-csr-{hash-generic}-on-watch RUNNING
T-2:frontend-caddy-safe-graceful EXITED T-2:frontend-caddy-safe-graceful EXITED
T-2:frontend_caddy-{hash-caddy-T-2}-on-watch RUNNING T-2:frontend_caddy-{hash-caddy-T-2}-on-watch RUNNING
T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
......
T-0/etc/cron.d/logrotate
T-0/etc/cron.d/monitor-configurator
T-0/etc/cron.d/monitor-globalstate
T-0/etc/cron.d/monitor_collect
T-1/etc/cron.d/logrotate
T-1/etc/cron.d/monitor-configurator
T-1/etc/cron.d/monitor-globalstate
T-1/etc/cron.d/monitor_collect
T-2/etc/cron.d/logrotate
T-2/etc/cron.d/monitor-configurator
T-2/etc/cron.d/monitor-globalstate
T-2/etc/cron.d/monitor_collect
T-2/etc/cron.d/trafficserver-logrotate
T-0/var/log/monitor-httpd-access.log
T-0/var/log/monitor-httpd-error.log
T-0/var/log/slapgrid-T-0-error.log
T-1/var/log/expose-csr.log
T-1/var/log/kedifa.log
T-1/var/log/monitor-httpd-access.log
T-1/var/log/monitor-httpd-error.log
T-2/var/log/backend-haproxy.log
T-2/var/log/expose-csr.log
T-2/var/log/frontend-access.log
T-2/var/log/frontend-error.log
T-2/var/log/monitor-httpd-access.log
T-2/var/log/monitor-httpd-error.log
T-2/var/log/slave-introspection-access.log
T-2/var/log/slave-introspection-error.log
T-2/var/log/trafficserver/manager.log
T-0/etc/plugin/__init__.py
T-0/etc/plugin/buildout-T-0-status.py
T-0/etc/plugin/caucased-backend-client.py
T-0/etc/plugin/check-backend-haproxy-statistic-url-caddy-frontend-1.py
T-0/etc/plugin/check-free-disk-space.py
T-0/etc/plugin/monitor-bootstrap-status.py
T-0/etc/plugin/monitor-http-frontend.py
T-0/etc/plugin/monitor-httpd-listening-on-tcp.py
T-0/etc/plugin/rejected-slave-publish-ip-port-listening.py
T-0/etc/plugin/rejected-slave.py
T-1/etc/plugin/__init__.py
T-1/etc/plugin/buildout-T-1-status.py
T-1/etc/plugin/caucased.py
T-1/etc/plugin/check-free-disk-space.py
T-1/etc/plugin/expose-csr-ip-port-listening.py
T-1/etc/plugin/kedifa-http-reply.py
T-1/etc/plugin/monitor-bootstrap-status.py
T-1/etc/plugin/monitor-http-frontend.py
T-1/etc/plugin/monitor-httpd-listening-on-tcp.py
T-1/etc/plugin/promise-logrotate-setup.py
T-2/etc/plugin/__init__.py
T-2/etc/plugin/backend-client-caucase-updater.py
T-2/etc/plugin/backend-haproxy-configuration.py
T-2/etc/plugin/backend-haproxy-statistic-frontend.py
T-2/etc/plugin/backend_haproxy_http.py
T-2/etc/plugin/backend_haproxy_https.py
T-2/etc/plugin/buildout-T-2-status.py
T-2/etc/plugin/caddy_frontend_ipv4_http.py
T-2/etc/plugin/caddy_frontend_ipv4_https.py
T-2/etc/plugin/caddy_frontend_ipv6_http.py
T-2/etc/plugin/caddy_frontend_ipv6_https.py
T-2/etc/plugin/caucase-updater.py
T-2/etc/plugin/check-free-disk-space.py
T-2/etc/plugin/expose-csr-ip-port-listening.py
T-2/etc/plugin/frontend-caddy-configuration-promise.py
T-2/etc/plugin/monitor-bootstrap-status.py
T-2/etc/plugin/monitor-http-frontend.py
T-2/etc/plugin/monitor-httpd-listening-on-tcp.py
T-2/etc/plugin/promise-logrotate-setup.py
T-2/etc/plugin/re6st-connectivity.py
T-2/etc/plugin/slave-introspection-configuration.py
T-2/etc/plugin/slave_introspection_https.py
T-2/etc/plugin/trafficserver-cache-availability.py
T-2/etc/plugin/trafficserver-port-listening.py
T-0/var/run/monitor-httpd.pid
T-1/var/run/kedifa.pid
T-1/var/run/monitor-httpd.pid
T-2/var/run/backend-haproxy-rsyslogd.pid
T-2/var/run/backend-haproxy.pid
T-2/var/run/backend_haproxy_configuration_last_state
T-2/var/run/backend_haproxy_graceful_configuration_state_signature
T-2/var/run/bhlog.sck
T-2/var/run/graceful_configuration_state_signature
T-2/var/run/httpd.pid
T-2/var/run/monitor-httpd.pid
T-2/var/run/slave-introspection.pid
T-2/var/run/slave_introspection_configuration_last_state
T-2/var/run/slave_introspection_graceful_configuration_state_signature
T-0:bootstrap-monitor EXITED
T-0:caucased-backend-client-{hash-generic}-on-watch RUNNING
T-0:certificate_authority-{hash-generic}-on-watch RUNNING
T-0:crond-{hash-generic}-on-watch RUNNING
T-0:monitor-httpd-{hash-generic}-on-watch RUNNING
T-0:monitor-httpd-graceful EXITED
T-0:rejected-slave-publish-{hash-rejected-slave-publish}-on-watch RUNNING
T-1:bootstrap-monitor EXITED
T-1:caucase-updater-on-watch RUNNING
T-1:caucased-{hash-generic}-on-watch RUNNING
T-1:certificate_authority-{hash-generic}-on-watch RUNNING
T-1:crond-{hash-generic}-on-watch RUNNING
T-1:expose-csr-{hash-generic}-on-watch RUNNING
T-1:kedifa-{hash-generic}-on-watch RUNNING
T-1:kedifa-reloader EXITED
T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
T-1:monitor-httpd-graceful EXITED
T-2:6tunnel-11080-{hash-generic}-on-watch RUNNING
T-2:6tunnel-11443-{hash-generic}-on-watch RUNNING
T-2:backend-client-login-certificate-caucase-updater-on-watch RUNNING
T-2:backend-haproxy-{hash-generic}-on-watch RUNNING
T-2:backend-haproxy-rsyslogd-{hash-generic}-on-watch RUNNING
T-2:backend-haproxy-safe-graceful EXITED
T-2:bootstrap-monitor EXITED
T-2:certificate_authority-{hash-generic}-on-watch RUNNING
T-2:crond-{hash-generic}-on-watch RUNNING
T-2:expose-csr-{hash-generic}-on-watch RUNNING
T-2:frontend-caddy-safe-graceful EXITED
T-2:frontend_caddy-{hash-caddy-T-2}-on-watch RUNNING
T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
T-2:kedifa-updater-{hash-generic}-on-watch RUNNING
T-2:monitor-httpd-{hash-generic}-on-watch RUNNING
T-2:monitor-httpd-graceful EXITED
T-2:slave-instrospection-nginx-{hash-generic}-on-watch RUNNING
T-2:slave-introspection-safe-graceful EXITED
T-2:trafficserver-{hash-generic}-on-watch RUNNING
T-2:trafficserver-reload EXITED
T-0/var/log/monitor-httpd-access.log T-0/var/log/monitor-httpd-access.log
T-0/var/log/monitor-httpd-error.log T-0/var/log/monitor-httpd-error.log
T-0/var/log/slapgrid-T-0-error.log T-0/var/log/slapgrid-T-0-error.log
T-1/var/log/expose-csr_id.log T-1/var/log/expose-csr.log
T-1/var/log/kedifa.log T-1/var/log/kedifa.log
T-1/var/log/monitor-httpd-access.log T-1/var/log/monitor-httpd-access.log
T-1/var/log/monitor-httpd-error.log T-1/var/log/monitor-httpd-error.log
T-2/var/log/backend-haproxy.log T-2/var/log/backend-haproxy.log
T-2/var/log/expose-csr_id.log T-2/var/log/expose-csr.log
T-2/var/log/frontend-access.log T-2/var/log/frontend-access.log
T-2/var/log/frontend-error.log T-2/var/log/frontend-error.log
T-2/var/log/monitor-httpd-access.log T-2/var/log/monitor-httpd-access.log
......
T-0/etc/plugin/__init__.py T-0/etc/plugin/__init__.py
T-0/etc/plugin/aibcc-sign-promise.py
T-0/etc/plugin/aibcc-user-caucase-updater.py T-0/etc/plugin/aibcc-user-caucase-updater.py
T-0/etc/plugin/aikc-sign-promise.py
T-0/etc/plugin/aikc-user-caucase-updater.py T-0/etc/plugin/aikc-user-caucase-updater.py
T-0/etc/plugin/buildout-T-0-status.py T-0/etc/plugin/buildout-T-0-status.py
T-0/etc/plugin/caucased-backend-client.py T-0/etc/plugin/caucased-backend-client.py
...@@ -14,7 +16,7 @@ T-1/etc/plugin/__init__.py ...@@ -14,7 +16,7 @@ T-1/etc/plugin/__init__.py
T-1/etc/plugin/buildout-T-1-status.py T-1/etc/plugin/buildout-T-1-status.py
T-1/etc/plugin/caucased.py T-1/etc/plugin/caucased.py
T-1/etc/plugin/check-free-disk-space.py T-1/etc/plugin/check-free-disk-space.py
T-1/etc/plugin/expose-csr_id-ip-port-listening.py T-1/etc/plugin/expose-csr-ip-port-listening.py
T-1/etc/plugin/kedifa-http-reply.py T-1/etc/plugin/kedifa-http-reply.py
T-1/etc/plugin/monitor-bootstrap-status.py T-1/etc/plugin/monitor-bootstrap-status.py
T-1/etc/plugin/monitor-http-frontend.py T-1/etc/plugin/monitor-http-frontend.py
...@@ -33,7 +35,7 @@ T-2/etc/plugin/caddy_frontend_ipv6_http.py ...@@ -33,7 +35,7 @@ T-2/etc/plugin/caddy_frontend_ipv6_http.py
T-2/etc/plugin/caddy_frontend_ipv6_https.py T-2/etc/plugin/caddy_frontend_ipv6_https.py
T-2/etc/plugin/caucase-updater.py T-2/etc/plugin/caucase-updater.py
T-2/etc/plugin/check-free-disk-space.py T-2/etc/plugin/check-free-disk-space.py
T-2/etc/plugin/expose-csr_id-ip-port-listening.py T-2/etc/plugin/expose-csr-ip-port-listening.py
T-2/etc/plugin/frontend-caddy-configuration-promise.py T-2/etc/plugin/frontend-caddy-configuration-promise.py
T-2/etc/plugin/monitor-bootstrap-status.py T-2/etc/plugin/monitor-bootstrap-status.py
T-2/etc/plugin/monitor-http-frontend.py T-2/etc/plugin/monitor-http-frontend.py
......
...@@ -12,7 +12,7 @@ T-1:caucase-updater-on-watch RUNNING ...@@ -12,7 +12,7 @@ T-1:caucase-updater-on-watch RUNNING
T-1:caucased-{hash-generic}-on-watch RUNNING T-1:caucased-{hash-generic}-on-watch RUNNING
T-1:certificate_authority-{hash-generic}-on-watch RUNNING T-1:certificate_authority-{hash-generic}-on-watch RUNNING
T-1:crond-{hash-generic}-on-watch RUNNING T-1:crond-{hash-generic}-on-watch RUNNING
T-1:expose-csr_id-{hash-generic}-on-watch RUNNING T-1:expose-csr-{hash-generic}-on-watch RUNNING
T-1:kedifa-{hash-generic}-on-watch RUNNING T-1:kedifa-{hash-generic}-on-watch RUNNING
T-1:kedifa-reloader EXITED T-1:kedifa-reloader EXITED
T-1:monitor-httpd-{hash-generic}-on-watch RUNNING T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
...@@ -26,7 +26,7 @@ T-2:backend-haproxy-safe-graceful EXITED ...@@ -26,7 +26,7 @@ T-2:backend-haproxy-safe-graceful EXITED
T-2:bootstrap-monitor EXITED T-2:bootstrap-monitor EXITED
T-2:certificate_authority-{hash-generic}-on-watch RUNNING T-2:certificate_authority-{hash-generic}-on-watch RUNNING
T-2:crond-{hash-generic}-on-watch RUNNING T-2:crond-{hash-generic}-on-watch RUNNING
T-2:expose-csr_id-{hash-generic}-on-watch RUNNING T-2:expose-csr-{hash-generic}-on-watch RUNNING
T-2:frontend-caddy-safe-graceful EXITED T-2:frontend-caddy-safe-graceful EXITED
T-2:frontend_caddy-{hash-caddy-T-2}-on-watch RUNNING T-2:frontend_caddy-{hash-caddy-T-2}-on-watch RUNNING
T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
......
T-0/var/log/monitor-httpd-access.log T-0/var/log/monitor-httpd-access.log
T-0/var/log/monitor-httpd-error.log T-0/var/log/monitor-httpd-error.log
T-0/var/log/slapgrid-T-0-error.log T-0/var/log/slapgrid-T-0-error.log
T-1/var/log/expose-csr_id.log T-1/var/log/expose-csr.log
T-1/var/log/kedifa.log T-1/var/log/kedifa.log
T-1/var/log/monitor-httpd-access.log T-1/var/log/monitor-httpd-access.log
T-1/var/log/monitor-httpd-error.log T-1/var/log/monitor-httpd-error.log
T-2/var/log/backend-haproxy.log T-2/var/log/backend-haproxy.log
T-2/var/log/expose-csr_id.log T-2/var/log/expose-csr.log
T-2/var/log/frontend-access.log T-2/var/log/frontend-access.log
T-2/var/log/frontend-error.log T-2/var/log/frontend-error.log
T-2/var/log/monitor-httpd-access.log T-2/var/log/monitor-httpd-access.log
......
T-0/etc/plugin/__init__.py T-0/etc/plugin/__init__.py
T-0/etc/plugin/aibcc-sign-promise.py
T-0/etc/plugin/aibcc-user-caucase-updater.py T-0/etc/plugin/aibcc-user-caucase-updater.py
T-0/etc/plugin/aikc-sign-promise.py
T-0/etc/plugin/aikc-user-caucase-updater.py T-0/etc/plugin/aikc-user-caucase-updater.py
T-0/etc/plugin/buildout-T-0-status.py T-0/etc/plugin/buildout-T-0-status.py
T-0/etc/plugin/caucased-backend-client.py T-0/etc/plugin/caucased-backend-client.py
...@@ -14,7 +16,7 @@ T-1/etc/plugin/__init__.py ...@@ -14,7 +16,7 @@ T-1/etc/plugin/__init__.py
T-1/etc/plugin/buildout-T-1-status.py T-1/etc/plugin/buildout-T-1-status.py
T-1/etc/plugin/caucased.py T-1/etc/plugin/caucased.py
T-1/etc/plugin/check-free-disk-space.py T-1/etc/plugin/check-free-disk-space.py
T-1/etc/plugin/expose-csr_id-ip-port-listening.py T-1/etc/plugin/expose-csr-ip-port-listening.py
T-1/etc/plugin/kedifa-http-reply.py T-1/etc/plugin/kedifa-http-reply.py
T-1/etc/plugin/monitor-bootstrap-status.py T-1/etc/plugin/monitor-bootstrap-status.py
T-1/etc/plugin/monitor-http-frontend.py T-1/etc/plugin/monitor-http-frontend.py
...@@ -33,7 +35,7 @@ T-2/etc/plugin/caddy_frontend_ipv6_http.py ...@@ -33,7 +35,7 @@ T-2/etc/plugin/caddy_frontend_ipv6_http.py
T-2/etc/plugin/caddy_frontend_ipv6_https.py T-2/etc/plugin/caddy_frontend_ipv6_https.py
T-2/etc/plugin/caucase-updater.py T-2/etc/plugin/caucase-updater.py
T-2/etc/plugin/check-free-disk-space.py T-2/etc/plugin/check-free-disk-space.py
T-2/etc/plugin/expose-csr_id-ip-port-listening.py T-2/etc/plugin/expose-csr-ip-port-listening.py
T-2/etc/plugin/frontend-caddy-configuration-promise.py T-2/etc/plugin/frontend-caddy-configuration-promise.py
T-2/etc/plugin/monitor-bootstrap-status.py T-2/etc/plugin/monitor-bootstrap-status.py
T-2/etc/plugin/monitor-http-frontend.py T-2/etc/plugin/monitor-http-frontend.py
......
...@@ -12,7 +12,7 @@ T-1:caucase-updater-on-watch RUNNING ...@@ -12,7 +12,7 @@ T-1:caucase-updater-on-watch RUNNING
T-1:caucased-{hash-generic}-on-watch RUNNING T-1:caucased-{hash-generic}-on-watch RUNNING
T-1:certificate_authority-{hash-generic}-on-watch RUNNING T-1:certificate_authority-{hash-generic}-on-watch RUNNING
T-1:crond-{hash-generic}-on-watch RUNNING T-1:crond-{hash-generic}-on-watch RUNNING
T-1:expose-csr_id-{hash-generic}-on-watch RUNNING T-1:expose-csr-{hash-generic}-on-watch RUNNING
T-1:kedifa-{hash-generic}-on-watch RUNNING T-1:kedifa-{hash-generic}-on-watch RUNNING
T-1:kedifa-reloader EXITED T-1:kedifa-reloader EXITED
T-1:monitor-httpd-{hash-generic}-on-watch RUNNING T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
...@@ -26,7 +26,7 @@ T-2:backend-haproxy-safe-graceful EXITED ...@@ -26,7 +26,7 @@ T-2:backend-haproxy-safe-graceful EXITED
T-2:bootstrap-monitor EXITED T-2:bootstrap-monitor EXITED
T-2:certificate_authority-{hash-generic}-on-watch RUNNING T-2:certificate_authority-{hash-generic}-on-watch RUNNING
T-2:crond-{hash-generic}-on-watch RUNNING T-2:crond-{hash-generic}-on-watch RUNNING
T-2:expose-csr_id-{hash-generic}-on-watch RUNNING T-2:expose-csr-{hash-generic}-on-watch RUNNING
T-2:frontend-caddy-safe-graceful EXITED T-2:frontend-caddy-safe-graceful EXITED
T-2:frontend_caddy-{hash-caddy-T-2}-on-watch RUNNING T-2:frontend_caddy-{hash-caddy-T-2}-on-watch RUNNING
T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
......
T-0/var/log/monitor-httpd-access.log T-0/var/log/monitor-httpd-access.log
T-0/var/log/monitor-httpd-error.log T-0/var/log/monitor-httpd-error.log
T-0/var/log/slapgrid-T-0-error.log T-0/var/log/slapgrid-T-0-error.log
T-1/var/log/expose-csr_id.log T-1/var/log/expose-csr.log
T-1/var/log/kedifa.log T-1/var/log/kedifa.log
T-1/var/log/monitor-httpd-access.log T-1/var/log/monitor-httpd-access.log
T-1/var/log/monitor-httpd-error.log T-1/var/log/monitor-httpd-error.log
T-2/var/log/backend-haproxy.log T-2/var/log/backend-haproxy.log
T-2/var/log/expose-csr_id.log T-2/var/log/expose-csr.log
T-2/var/log/frontend-access.log T-2/var/log/frontend-access.log
T-2/var/log/frontend-error.log T-2/var/log/frontend-error.log
T-2/var/log/httpd/_default_access_log T-2/var/log/httpd/_default_access_log
......
T-0/etc/plugin/__init__.py T-0/etc/plugin/__init__.py
T-0/etc/plugin/aibcc-sign-promise.py
T-0/etc/plugin/aibcc-user-caucase-updater.py T-0/etc/plugin/aibcc-user-caucase-updater.py
T-0/etc/plugin/aikc-sign-promise.py
T-0/etc/plugin/aikc-user-caucase-updater.py T-0/etc/plugin/aikc-user-caucase-updater.py
T-0/etc/plugin/buildout-T-0-status.py T-0/etc/plugin/buildout-T-0-status.py
T-0/etc/plugin/caucased-backend-client.py T-0/etc/plugin/caucased-backend-client.py
...@@ -14,7 +16,7 @@ T-1/etc/plugin/__init__.py ...@@ -14,7 +16,7 @@ T-1/etc/plugin/__init__.py
T-1/etc/plugin/buildout-T-1-status.py T-1/etc/plugin/buildout-T-1-status.py
T-1/etc/plugin/caucased.py T-1/etc/plugin/caucased.py
T-1/etc/plugin/check-free-disk-space.py T-1/etc/plugin/check-free-disk-space.py
T-1/etc/plugin/expose-csr_id-ip-port-listening.py T-1/etc/plugin/expose-csr-ip-port-listening.py
T-1/etc/plugin/kedifa-http-reply.py T-1/etc/plugin/kedifa-http-reply.py
T-1/etc/plugin/monitor-bootstrap-status.py T-1/etc/plugin/monitor-bootstrap-status.py
T-1/etc/plugin/monitor-http-frontend.py T-1/etc/plugin/monitor-http-frontend.py
...@@ -33,7 +35,7 @@ T-2/etc/plugin/caddy_frontend_ipv6_http.py ...@@ -33,7 +35,7 @@ T-2/etc/plugin/caddy_frontend_ipv6_http.py
T-2/etc/plugin/caddy_frontend_ipv6_https.py T-2/etc/plugin/caddy_frontend_ipv6_https.py
T-2/etc/plugin/caucase-updater.py T-2/etc/plugin/caucase-updater.py
T-2/etc/plugin/check-free-disk-space.py T-2/etc/plugin/check-free-disk-space.py
T-2/etc/plugin/expose-csr_id-ip-port-listening.py T-2/etc/plugin/expose-csr-ip-port-listening.py
T-2/etc/plugin/frontend-caddy-configuration-promise.py T-2/etc/plugin/frontend-caddy-configuration-promise.py
T-2/etc/plugin/monitor-bootstrap-status.py T-2/etc/plugin/monitor-bootstrap-status.py
T-2/etc/plugin/monitor-http-frontend.py T-2/etc/plugin/monitor-http-frontend.py
......
...@@ -12,7 +12,7 @@ T-1:caucase-updater-on-watch RUNNING ...@@ -12,7 +12,7 @@ T-1:caucase-updater-on-watch RUNNING
T-1:caucased-{hash-generic}-on-watch RUNNING T-1:caucased-{hash-generic}-on-watch RUNNING
T-1:certificate_authority-{hash-generic}-on-watch RUNNING T-1:certificate_authority-{hash-generic}-on-watch RUNNING
T-1:crond-{hash-generic}-on-watch RUNNING T-1:crond-{hash-generic}-on-watch RUNNING
T-1:expose-csr_id-{hash-generic}-on-watch RUNNING T-1:expose-csr-{hash-generic}-on-watch RUNNING
T-1:kedifa-{hash-generic}-on-watch RUNNING T-1:kedifa-{hash-generic}-on-watch RUNNING
T-1:kedifa-reloader EXITED T-1:kedifa-reloader EXITED
T-1:monitor-httpd-{hash-generic}-on-watch RUNNING T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
...@@ -26,7 +26,7 @@ T-2:backend-haproxy-safe-graceful EXITED ...@@ -26,7 +26,7 @@ T-2:backend-haproxy-safe-graceful EXITED
T-2:bootstrap-monitor EXITED T-2:bootstrap-monitor EXITED
T-2:certificate_authority-{hash-generic}-on-watch RUNNING T-2:certificate_authority-{hash-generic}-on-watch RUNNING
T-2:crond-{hash-generic}-on-watch RUNNING T-2:crond-{hash-generic}-on-watch RUNNING
T-2:expose-csr_id-{hash-generic}-on-watch RUNNING T-2:expose-csr-{hash-generic}-on-watch RUNNING
T-2:frontend-caddy-safe-graceful EXITED T-2:frontend-caddy-safe-graceful EXITED
T-2:frontend_caddy-{hash-caddy-T-2}-on-watch RUNNING T-2:frontend_caddy-{hash-caddy-T-2}-on-watch RUNNING
T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
......
T-0/var/log/monitor-httpd-access.log T-0/var/log/monitor-httpd-access.log
T-0/var/log/monitor-httpd-error.log T-0/var/log/monitor-httpd-error.log
T-0/var/log/slapgrid-T-0-error.log T-0/var/log/slapgrid-T-0-error.log
T-1/var/log/expose-csr_id.log T-1/var/log/expose-csr.log
T-1/var/log/kedifa.log T-1/var/log/kedifa.log
T-1/var/log/monitor-httpd-access.log T-1/var/log/monitor-httpd-access.log
T-1/var/log/monitor-httpd-error.log T-1/var/log/monitor-httpd-error.log
T-2/var/log/backend-haproxy.log T-2/var/log/backend-haproxy.log
T-2/var/log/expose-csr_id.log T-2/var/log/expose-csr.log
T-2/var/log/frontend-access.log T-2/var/log/frontend-access.log
T-2/var/log/frontend-error.log T-2/var/log/frontend-error.log
T-2/var/log/httpd/_default_access_log T-2/var/log/httpd/_default_access_log
......
T-0/etc/plugin/__init__.py T-0/etc/plugin/__init__.py
T-0/etc/plugin/aibcc-sign-promise.py
T-0/etc/plugin/aibcc-user-caucase-updater.py T-0/etc/plugin/aibcc-user-caucase-updater.py
T-0/etc/plugin/aikc-sign-promise.py
T-0/etc/plugin/aikc-user-caucase-updater.py T-0/etc/plugin/aikc-user-caucase-updater.py
T-0/etc/plugin/buildout-T-0-status.py T-0/etc/plugin/buildout-T-0-status.py
T-0/etc/plugin/caucased-backend-client.py T-0/etc/plugin/caucased-backend-client.py
...@@ -14,7 +16,7 @@ T-1/etc/plugin/__init__.py ...@@ -14,7 +16,7 @@ T-1/etc/plugin/__init__.py
T-1/etc/plugin/buildout-T-1-status.py T-1/etc/plugin/buildout-T-1-status.py
T-1/etc/plugin/caucased.py T-1/etc/plugin/caucased.py
T-1/etc/plugin/check-free-disk-space.py T-1/etc/plugin/check-free-disk-space.py
T-1/etc/plugin/expose-csr_id-ip-port-listening.py T-1/etc/plugin/expose-csr-ip-port-listening.py
T-1/etc/plugin/kedifa-http-reply.py T-1/etc/plugin/kedifa-http-reply.py
T-1/etc/plugin/monitor-bootstrap-status.py T-1/etc/plugin/monitor-bootstrap-status.py
T-1/etc/plugin/monitor-http-frontend.py T-1/etc/plugin/monitor-http-frontend.py
...@@ -33,7 +35,7 @@ T-2/etc/plugin/caddy_frontend_ipv6_http.py ...@@ -33,7 +35,7 @@ T-2/etc/plugin/caddy_frontend_ipv6_http.py
T-2/etc/plugin/caddy_frontend_ipv6_https.py T-2/etc/plugin/caddy_frontend_ipv6_https.py
T-2/etc/plugin/caucase-updater.py T-2/etc/plugin/caucase-updater.py
T-2/etc/plugin/check-free-disk-space.py T-2/etc/plugin/check-free-disk-space.py
T-2/etc/plugin/expose-csr_id-ip-port-listening.py T-2/etc/plugin/expose-csr-ip-port-listening.py
T-2/etc/plugin/frontend-caddy-configuration-promise.py T-2/etc/plugin/frontend-caddy-configuration-promise.py
T-2/etc/plugin/monitor-bootstrap-status.py T-2/etc/plugin/monitor-bootstrap-status.py
T-2/etc/plugin/monitor-http-frontend.py T-2/etc/plugin/monitor-http-frontend.py
......
...@@ -12,7 +12,7 @@ T-1:caucase-updater-on-watch RUNNING ...@@ -12,7 +12,7 @@ T-1:caucase-updater-on-watch RUNNING
T-1:caucased-{hash-generic}-on-watch RUNNING T-1:caucased-{hash-generic}-on-watch RUNNING
T-1:certificate_authority-{hash-generic}-on-watch RUNNING T-1:certificate_authority-{hash-generic}-on-watch RUNNING
T-1:crond-{hash-generic}-on-watch RUNNING T-1:crond-{hash-generic}-on-watch RUNNING
T-1:expose-csr_id-{hash-generic}-on-watch RUNNING T-1:expose-csr-{hash-generic}-on-watch RUNNING
T-1:kedifa-{hash-generic}-on-watch RUNNING T-1:kedifa-{hash-generic}-on-watch RUNNING
T-1:kedifa-reloader EXITED T-1:kedifa-reloader EXITED
T-1:monitor-httpd-{hash-generic}-on-watch RUNNING T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
...@@ -26,7 +26,7 @@ T-2:backend-haproxy-safe-graceful EXITED ...@@ -26,7 +26,7 @@ T-2:backend-haproxy-safe-graceful EXITED
T-2:bootstrap-monitor EXITED T-2:bootstrap-monitor EXITED
T-2:certificate_authority-{hash-generic}-on-watch RUNNING T-2:certificate_authority-{hash-generic}-on-watch RUNNING
T-2:crond-{hash-generic}-on-watch RUNNING T-2:crond-{hash-generic}-on-watch RUNNING
T-2:expose-csr_id-{hash-generic}-on-watch RUNNING T-2:expose-csr-{hash-generic}-on-watch RUNNING
T-2:frontend-caddy-safe-graceful EXITED T-2:frontend-caddy-safe-graceful EXITED
T-2:frontend_caddy-{hash-caddy-T-2}-on-watch RUNNING T-2:frontend_caddy-{hash-caddy-T-2}-on-watch RUNNING
T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
......
T-0/var/log/monitor-httpd-access.log T-0/var/log/monitor-httpd-access.log
T-0/var/log/monitor-httpd-error.log T-0/var/log/monitor-httpd-error.log
T-0/var/log/slapgrid-T-0-error.log T-0/var/log/slapgrid-T-0-error.log
T-1/var/log/expose-csr_id.log T-1/var/log/expose-csr.log
T-1/var/log/kedifa.log T-1/var/log/kedifa.log
T-1/var/log/monitor-httpd-access.log T-1/var/log/monitor-httpd-access.log
T-1/var/log/monitor-httpd-error.log T-1/var/log/monitor-httpd-error.log
T-2/var/log/backend-haproxy.log T-2/var/log/backend-haproxy.log
T-2/var/log/expose-csr_id.log T-2/var/log/expose-csr.log
T-2/var/log/frontend-access.log T-2/var/log/frontend-access.log
T-2/var/log/frontend-error.log T-2/var/log/frontend-error.log
T-2/var/log/httpd/_replicate_access_log T-2/var/log/httpd/_replicate_access_log
...@@ -18,7 +18,7 @@ T-2/var/log/slave-introspection-access.log ...@@ -18,7 +18,7 @@ T-2/var/log/slave-introspection-access.log
T-2/var/log/slave-introspection-error.log T-2/var/log/slave-introspection-error.log
T-2/var/log/trafficserver/manager.log T-2/var/log/trafficserver/manager.log
T-3/var/log/backend-haproxy.log T-3/var/log/backend-haproxy.log
T-3/var/log/expose-csr_id.log T-3/var/log/expose-csr.log
T-3/var/log/frontend-access.log T-3/var/log/frontend-access.log
T-3/var/log/frontend-error.log T-3/var/log/frontend-error.log
T-3/var/log/httpd/_replicate_access_log T-3/var/log/httpd/_replicate_access_log
......
T-0/etc/plugin/__init__.py T-0/etc/plugin/__init__.py
T-0/etc/plugin/aibcc-sign-promise.py
T-0/etc/plugin/aibcc-user-caucase-updater.py T-0/etc/plugin/aibcc-user-caucase-updater.py
T-0/etc/plugin/aikc-sign-promise.py
T-0/etc/plugin/aikc-user-caucase-updater.py T-0/etc/plugin/aikc-user-caucase-updater.py
T-0/etc/plugin/buildout-T-0-status.py T-0/etc/plugin/buildout-T-0-status.py
T-0/etc/plugin/caucased-backend-client.py T-0/etc/plugin/caucased-backend-client.py
...@@ -15,7 +17,7 @@ T-1/etc/plugin/__init__.py ...@@ -15,7 +17,7 @@ T-1/etc/plugin/__init__.py
T-1/etc/plugin/buildout-T-1-status.py T-1/etc/plugin/buildout-T-1-status.py
T-1/etc/plugin/caucased.py T-1/etc/plugin/caucased.py
T-1/etc/plugin/check-free-disk-space.py T-1/etc/plugin/check-free-disk-space.py
T-1/etc/plugin/expose-csr_id-ip-port-listening.py T-1/etc/plugin/expose-csr-ip-port-listening.py
T-1/etc/plugin/kedifa-http-reply.py T-1/etc/plugin/kedifa-http-reply.py
T-1/etc/plugin/monitor-bootstrap-status.py T-1/etc/plugin/monitor-bootstrap-status.py
T-1/etc/plugin/monitor-http-frontend.py T-1/etc/plugin/monitor-http-frontend.py
...@@ -34,7 +36,7 @@ T-2/etc/plugin/caddy_frontend_ipv6_http.py ...@@ -34,7 +36,7 @@ T-2/etc/plugin/caddy_frontend_ipv6_http.py
T-2/etc/plugin/caddy_frontend_ipv6_https.py T-2/etc/plugin/caddy_frontend_ipv6_https.py
T-2/etc/plugin/caucase-updater.py T-2/etc/plugin/caucase-updater.py
T-2/etc/plugin/check-free-disk-space.py T-2/etc/plugin/check-free-disk-space.py
T-2/etc/plugin/expose-csr_id-ip-port-listening.py T-2/etc/plugin/expose-csr-ip-port-listening.py
T-2/etc/plugin/frontend-caddy-configuration-promise.py T-2/etc/plugin/frontend-caddy-configuration-promise.py
T-2/etc/plugin/monitor-bootstrap-status.py T-2/etc/plugin/monitor-bootstrap-status.py
T-2/etc/plugin/monitor-http-frontend.py T-2/etc/plugin/monitor-http-frontend.py
...@@ -58,7 +60,7 @@ T-3/etc/plugin/caddy_frontend_ipv6_http.py ...@@ -58,7 +60,7 @@ T-3/etc/plugin/caddy_frontend_ipv6_http.py
T-3/etc/plugin/caddy_frontend_ipv6_https.py T-3/etc/plugin/caddy_frontend_ipv6_https.py
T-3/etc/plugin/caucase-updater.py T-3/etc/plugin/caucase-updater.py
T-3/etc/plugin/check-free-disk-space.py T-3/etc/plugin/check-free-disk-space.py
T-3/etc/plugin/expose-csr_id-ip-port-listening.py T-3/etc/plugin/expose-csr-ip-port-listening.py
T-3/etc/plugin/frontend-caddy-configuration-promise.py T-3/etc/plugin/frontend-caddy-configuration-promise.py
T-3/etc/plugin/monitor-bootstrap-status.py T-3/etc/plugin/monitor-bootstrap-status.py
T-3/etc/plugin/monitor-http-frontend.py T-3/etc/plugin/monitor-http-frontend.py
......
...@@ -12,7 +12,7 @@ T-1:caucase-updater-on-watch RUNNING ...@@ -12,7 +12,7 @@ T-1:caucase-updater-on-watch RUNNING
T-1:caucased-{hash-generic}-on-watch RUNNING T-1:caucased-{hash-generic}-on-watch RUNNING
T-1:certificate_authority-{hash-generic}-on-watch RUNNING T-1:certificate_authority-{hash-generic}-on-watch RUNNING
T-1:crond-{hash-generic}-on-watch RUNNING T-1:crond-{hash-generic}-on-watch RUNNING
T-1:expose-csr_id-{hash-generic}-on-watch RUNNING T-1:expose-csr-{hash-generic}-on-watch RUNNING
T-1:kedifa-{hash-generic}-on-watch RUNNING T-1:kedifa-{hash-generic}-on-watch RUNNING
T-1:kedifa-reloader EXITED T-1:kedifa-reloader EXITED
T-1:monitor-httpd-{hash-generic}-on-watch RUNNING T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
...@@ -26,7 +26,7 @@ T-2:backend-haproxy-safe-graceful EXITED ...@@ -26,7 +26,7 @@ T-2:backend-haproxy-safe-graceful EXITED
T-2:bootstrap-monitor EXITED T-2:bootstrap-monitor EXITED
T-2:certificate_authority-{hash-generic}-on-watch RUNNING T-2:certificate_authority-{hash-generic}-on-watch RUNNING
T-2:crond-{hash-generic}-on-watch RUNNING T-2:crond-{hash-generic}-on-watch RUNNING
T-2:expose-csr_id-{hash-generic}-on-watch RUNNING T-2:expose-csr-{hash-generic}-on-watch RUNNING
T-2:frontend-caddy-safe-graceful EXITED T-2:frontend-caddy-safe-graceful EXITED
T-2:frontend_caddy-{hash-caddy-T-2}-on-watch RUNNING T-2:frontend_caddy-{hash-caddy-T-2}-on-watch RUNNING
T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
...@@ -46,7 +46,7 @@ T-3:backend-haproxy-safe-graceful EXITED ...@@ -46,7 +46,7 @@ T-3:backend-haproxy-safe-graceful EXITED
T-3:bootstrap-monitor EXITED T-3:bootstrap-monitor EXITED
T-3:certificate_authority-{hash-generic}-on-watch STOPPED T-3:certificate_authority-{hash-generic}-on-watch STOPPED
T-3:crond-{hash-generic}-on-watch STOPPED T-3:crond-{hash-generic}-on-watch STOPPED
T-3:expose-csr_id-{hash-generic}-on-watch STOPPED T-3:expose-csr-{hash-generic}-on-watch STOPPED
T-3:frontend-caddy-safe-graceful EXITED T-3:frontend-caddy-safe-graceful EXITED
T-3:frontend_caddy-{hash-caddy-T-3}-on-watch STOPPED T-3:frontend_caddy-{hash-caddy-T-3}-on-watch STOPPED
T-3:kedifa-login-certificate-caucase-updater-on-watch STOPPED T-3:kedifa-login-certificate-caucase-updater-on-watch STOPPED
......
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment