Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
slapos
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Douglas
slapos
Commits
28c78ec2
Commit
28c78ec2
authored
Aug 29, 2011
by
Łukasz Nowak
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Configure certificate authority.
Rely on portal introspections functionality.
parent
fe7a0738
Changes
3
Show whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
62 additions
and
9 deletions
+62
-9
slapos/recipe/erp5/__init__.py
slapos/recipe/erp5/__init__.py
+5
-3
slapos/recipe/erp5/erp5.py
slapos/recipe/erp5/erp5.py
+55
-4
slapos/recipe/vifib.py
slapos/recipe/vifib.py
+2
-2
No files found.
slapos/recipe/erp5/__init__.py
View file @
28c78ec2
...
@@ -107,7 +107,7 @@ class Recipe(BaseSlapRecipe):
...
@@ -107,7 +107,7 @@ class Recipe(BaseSlapRecipe):
self
.
installERP5Site
(
user
,
password
,
zope_access
,
mysql_conf
,
self
.
installERP5Site
(
user
,
password
,
zope_access
,
mysql_conf
,
conversion_server_conf
,
memcached_conf
,
kumo_conf
,
conversion_server_conf
,
memcached_conf
,
kumo_conf
,
self
.
site_id
,
default_bt5_list
)
self
.
site_id
,
default_bt5_list
,
ca_conf
)
self
.
installTestRunner
(
ca_conf
,
mysql_conf
,
conversion_server_conf
,
self
.
installTestRunner
(
ca_conf
,
mysql_conf
,
conversion_server_conf
,
memcached_conf
,
kumo_conf
)
memcached_conf
,
kumo_conf
)
...
@@ -649,7 +649,7 @@ class Recipe(BaseSlapRecipe):
...
@@ -649,7 +649,7 @@ class Recipe(BaseSlapRecipe):
def
installERP5Site
(
self
,
user
,
password
,
zope_access
,
mysql_conf
,
def
installERP5Site
(
self
,
user
,
password
,
zope_access
,
mysql_conf
,
conversion_server_conf
=
None
,
memcached_conf
=
None
,
conversion_server_conf
=
None
,
memcached_conf
=
None
,
kumo_conf
=
None
,
kumo_conf
=
None
,
erp5_site_id
=
'erp5'
,
default_bt5_list
=
[],
erp5_site_id
=
'erp5'
,
default_bt5_list
=
[],
ca_conf
=
{},
supervisor_controlled
=
True
):
supervisor_controlled
=
True
):
"""
"""
Create a script to automatically set up an erp5 site (controlled by
Create a script to automatically set up an erp5 site (controlled by
...
@@ -684,7 +684,9 @@ class Recipe(BaseSlapRecipe):
...
@@ -684,7 +684,9 @@ class Recipe(BaseSlapRecipe):
conversion_server
,
conversion_server
,
kumo_conf
.
get
(
"kumo_address"
),
kumo_conf
.
get
(
"kumo_address"
),
bt5_list
,
bt5_list
,
bt5_repository_list
])
bt5_repository_list
,
ca_conf
.
get
(
'certificate_authority_path'
),
self
.
options
.
get
(
'openssl_binary'
)])
self
.
path_list
.
extend
(
script
)
self
.
path_list
.
extend
(
script
)
...
...
slapos/recipe/erp5/erp5.py
View file @
28c78ec2
...
@@ -43,7 +43,8 @@ class ERP5Updater(object):
...
@@ -43,7 +43,8 @@ class ERP5Updater(object):
def
__init__
(
self
,
user
,
password
,
host
,
def
__init__
(
self
,
user
,
password
,
host
,
site_id
,
mysql_url
,
memcached_address
,
site_id
,
mysql_url
,
memcached_address
,
conversion_server_address
,
persistent_cache_address
,
conversion_server_address
,
persistent_cache_address
,
bt5_list
,
bt5_repository_list
):
bt5_list
,
bt5_repository_list
,
certificate_authority_path
,
openssl_binary
):
authentication_string
=
'%s:%s'
%
(
user
,
password
)
authentication_string
=
'%s:%s'
%
(
user
,
password
)
base64string
=
base64
.
encodestring
(
authentication_string
).
strip
()
base64string
=
base64
.
encodestring
(
authentication_string
).
strip
()
...
@@ -62,6 +63,10 @@ class ERP5Updater(object):
...
@@ -62,6 +63,10 @@ class ERP5Updater(object):
self
.
conversion_server_address
=
host
self
.
conversion_server_address
=
host
self
.
conversion_server_port
=
int
(
port
)
self
.
conversion_server_port
=
int
(
port
)
# Certificate Authority Tool configuration
self
.
certificate_authority_path
=
certificate_authority_path
self
.
openssl_binary
=
openssl_binary
def
log
(
self
,
level
,
message
):
def
log
(
self
,
level
,
message
):
date
=
time
.
strftime
(
"%a, %d %b %Y %H:%M:%S +0000"
)
date
=
time
.
strftime
(
"%a, %d %b %Y %H:%M:%S +0000"
)
print
"%s - %s : %s"
%
(
date
,
level
,
message
)
print
"%s - %s : %s"
%
(
date
,
level
,
message
)
...
@@ -225,6 +230,48 @@ class ERP5Updater(object):
...
@@ -225,6 +230,48 @@ class ERP5Updater(object):
return
is_updated
return
is_updated
def
updateCertificateAuthority
(
self
):
""" Update the certificate authority only if is not configured yet """
if
self
.
isCertificateAuthorityAvailable
():
if
self
.
isCertificateAuthorityConfigured
():
return
True
path
=
"/%s/portal_certificate_authority/"
\
"manage_editCertificateAuthorityTool"
%
self
.
site_id
self
.
POST
(
path
,
{
"certificate_authority_path"
:
self
.
certificate_authority_path
,
"openssl_binary"
:
self
.
openssl_binary
})
def
isCertificateAuthorityAvailable
(
self
):
""" Check if certificate Authority is available. """
external_connection_dict
=
self
.
system_signature_dict
[
'external_connection_dict'
]
if
'portal_certificate_authority/certificate_authority_path'
in
\
external_connection_dict
:
return
True
return
False
def
isCertificateAuthorityConfigured
(
self
):
""" Check if certificate Authority is configured correctly. """
external_connection_dict
=
self
.
system_signature_dict
[
'external_connection_dict'
]
if
self
.
certificate_authority_path
==
external_connection_dict
.
get
(
'portal_certificate_authority/certificate_authority_path'
)
and
\
self
.
openssl_binary
==
external_connection_dict
.
get
(
'portal_certificate_authority/openssl_binary'
):
return
True
return
False
def
isCertificateAuthorityConfigured
(
self
):
""" Check if certificate Authority is configured correctly. """
external_connection_dict
=
self
.
system_signature_dict
[
'external_connection_dict'
]
if
self
.
certificate_authority_path
==
external_connection_dict
.
get
(
'portal_certificate_authority/certificate_authority_path'
)
and
\
self
.
openssl_binary
==
external_connection_dict
.
get
(
'portal_certificate_authority/openssl_binary'
):
return
True
return
False
def
updateMemcached
(
self
):
def
updateMemcached
(
self
):
# Assert Memcached configuration
# Assert Memcached configuration
self
.
_assertAndUpdateDocument
(
self
.
_assertAndUpdateDocument
(
...
@@ -283,7 +330,7 @@ class ERP5Updater(object):
...
@@ -283,7 +330,7 @@ class ERP5Updater(object):
def
run
(
self
):
def
run
(
self
):
""" Keep running until kill"""
""" Keep running until kill"""
while
1
:
while
1
:
time
.
sleep
(
self
.
short_sleeping_time
)
#
time.sleep(self.short_sleeping_time)
if
not
self
.
updateERP5Site
():
if
not
self
.
updateERP5Site
():
self
.
loadSystemSignatureDict
()
self
.
loadSystemSignatureDict
()
if
self
.
_hasFailureActivity
():
if
self
.
_hasFailureActivity
():
...
@@ -299,7 +346,7 @@ class ERP5Updater(object):
...
@@ -299,7 +346,7 @@ class ERP5Updater(object):
self
.
updateMemcached
()
self
.
updateMemcached
()
if
self
.
updateConversionServer
():
if
self
.
updateConversionServer
():
continue
continue
self
.
updateCertificateAuthority
()
time
.
sleep
(
self
.
sleeping_time
)
time
.
sleep
(
self
.
sleeping_time
)
def
updateERP5
(
argument_list
):
def
updateERP5
(
argument_list
):
...
@@ -310,6 +357,8 @@ def updateERP5(argument_list):
...
@@ -310,6 +357,8 @@ def updateERP5(argument_list):
conversion_server_address
=
argument_list
[
4
]
conversion_server_address
=
argument_list
[
4
]
persistent_cache_provider
=
argument_list
[
5
]
persistent_cache_provider
=
argument_list
[
5
]
bt5_list
=
argument_list
[
6
]
bt5_list
=
argument_list
[
6
]
certificate_authority_path
=
argument_list
[
8
]
openssl_binary
=
argument_list
[
9
]
bt5_repository_list
=
[]
bt5_repository_list
=
[]
if
len
(
argument_list
)
>
7
:
if
len
(
argument_list
)
>
7
:
...
@@ -328,6 +377,8 @@ def updateERP5(argument_list):
...
@@ -328,6 +377,8 @@ def updateERP5(argument_list):
conversion_server_address
=
conversion_server_address
,
conversion_server_address
=
conversion_server_address
,
persistent_cache_address
=
persistent_cache_provider
,
persistent_cache_address
=
persistent_cache_provider
,
bt5_list
=
bt5_list
,
bt5_list
=
bt5_list
,
bt5_repository_list
=
bt5_repository_list
)
bt5_repository_list
=
bt5_repository_list
,
certificate_authority_path
=
certificate_authority_path
,
openssl_binary
=
openssl_binary
)
erp5_upgrader
.
run
()
erp5_upgrader
.
run
()
slapos/recipe/vifib.py
View file @
28c78ec2
...
@@ -185,7 +185,7 @@ SSLCARevocationPath %(ca_crl)s"""
...
@@ -185,7 +185,7 @@ SSLCARevocationPath %(ca_crl)s"""
# Connect direct to Zope to create the instance.
# Connect direct to Zope to create the instance.
self
.
installERP5Site
(
user
,
password
,
service_url_list
[
-
1
],
mysql_conf
,
self
.
installERP5Site
(
user
,
password
,
service_url_list
[
-
1
],
mysql_conf
,
conversion_server_conf
,
memcached_conf
,
kumo_conf
,
conversion_server_conf
,
memcached_conf
,
kumo_conf
,
self
.
site_id
,
self
.
default_bt5_list
)
self
.
site_id
,
self
.
default_bt5_list
,
ca_conf
)
self
.
setConnectionDict
(
dict
(
self
.
setConnectionDict
(
dict
(
front_end_url
=
apache_frontend_login
,
front_end_url
=
apache_frontend_login
,
...
@@ -245,7 +245,7 @@ SSLCARevocationPath %(ca_crl)s"""
...
@@ -245,7 +245,7 @@ SSLCARevocationPath %(ca_crl)s"""
self
.
linkBinary
()
self
.
linkBinary
()
self
.
installERP5Site
(
user
,
password
,
zope_access
,
mysql_conf
,
self
.
installERP5Site
(
user
,
password
,
zope_access
,
mysql_conf
,
conversion_server_conf
,
memcached_conf
,
kumo_conf
,
conversion_server_conf
,
memcached_conf
,
kumo_conf
,
self
.
site_id
,
self
.
default_bt5_list
)
self
.
site_id
,
self
.
default_bt5_list
,
ca_conf
)
self
.
setConnectionDict
(
dict
(
self
.
setConnectionDict
(
dict
(
development_zope
=
'http://%s:%s/'
%
(
ip
,
zope_port
),
development_zope
=
'http://%s:%s/'
%
(
ip
,
zope_port
),
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment