instance-cloudooo.cfg.in 10.8 KB
Newer Older
1
{% set ipv4 = (ipv4_set | list)[0] -%}
2
{% if ipv6_set %}{% set ipv6 = (ipv6_set | list)[0] %}{% endif -%}
3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19
{% set instance_parameter_dict = parameter_dict['instance-parameter-dict'] -%}
{% macro assert(x) %}{{ ("",)[not x] }}{% endmacro -%}

{% set publish_url_name = instance_parameter_dict.get('publish-url-name') or 'url' -%}

{% set next_port = instance_parameter_dict['port'] | int -%}
{% if instance_parameter_dict.get('port-parameter-name') -%}
{%   set next_port = slapparameter_dict.get(instance_parameter_dict['port-parameter-name'], next_port) | int -%}
{% endif -%}
{% do assert(next_port > 0) -%}

{% set backend_count = instance_parameter_dict['backend-count'] | int -%}
{% if instance_parameter_dict.get('backend-count-parameter-name') -%}
{%   set backend_count = slapparameter_dict.get(instance_parameter_dict['backend-count-parameter-name'], backend_count) | int -%}
{% endif -%}
{% do assert(backend_count > 0) -%}

20 21 22 23 24 25
{% set timeout = instance_parameter_dict['timeout'] | int -%}
{% if instance_parameter_dict.get('timeout-parameter-name') -%}
{%   set timeout = slapparameter_dict.get(instance_parameter_dict['timeout-parameter-name'], timeout) | int -%}
{% endif -%}
{% do assert(timeout > 0) -%}

26 27 28 29
{% set ssl_parameter_dict = instance_parameter_dict.get('ssl', {}) %}
{% if instance_parameter_dict.get('ssl-dict-parameter-name') -%}
{%   set ssl_parameter_dict = slapparameter_dict.get(instance_parameter_dict['ssl-dict-parameter-name'], ssl_parameter_dict) -%}
{% endif -%}
30

31 32 33 34 35
{% set mimetype_entry_addition = instance_parameter_dict.get('mimetype-entry-addition', '') -%}
{% if instance_parameter_dict.get('mimetype-entry-addition-parameter-name') -%}
{%   set mimetype_entry_addition = mimetype_entry_addition ~ "\n" ~ slapparameter_dict.get(instance_parameter_dict['mimetype-entry-addition-parameter-name'], '') -%}
{% endif -%}

36 37 38 39 40 41 42 43 44
{% set apache_port = next_port -%}
{% set haproxy_port = next_port + 1 -%}
{% set next_port = next_port + 2 -%}

{% set apache_ip_list = [ipv4] -%}
{% if ipv6_set -%}
{%   do apache_ip_list.append('[' ~ ipv6 ~ ']') -%}
{% endif -%}
{% set apache_dict = {} -%}
45
{% do apache_dict.__setitem__(publish_url_name, (apache_port, "https", 'http://' ~ ipv4 ~ ':' ~ haproxy_port, False)) -%}
46

47
{% set bin_directory = parameter_dict['buildout-bin-directory'] -%}
48
{% set section_list = [] -%}
49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67
{% set cloudooo_section_list = [] -%}
{% macro cloudooo(name) %}{% do cloudooo_section_list.append(name) %}{{ name }}{% endmacro -%}
[simplefile]
recipe = slapos.recipe.template:jinja2
template = inline:{{ '{{ content }}' }}

{% macro simplefile(section_name, file_path, content, mode='') -%}
{%   set content_section_name = section_name ~ '-content' -%}
[{{  content_section_name }}]
content = {{ dumps(content) }}

[{{  section_name }}]
< = simplefile
rendered = {{ file_path }}
context = key content {{ content_section_name }}:content
mode = {{ mode }}
{%- endmacro %}


68
[buildout]
69 70
extends =
  {{ parameter_dict['template-logrotate-base'] }}
71
parts =
72 73 74 75
  publish
  apache
  apache-conf
  apache-promise
76
  apache-logrotate
77
  cloudooo-test-runner
78
  haproxy
79 80
  xvfb-instance
  wkhtmltopdf-on-xvfb
81 82 83 84 85

eggs-directory = {{ eggs_directory }}
develop-eggs-directory = {{ develop_eggs_directory }}
offline = true

86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104

[apache]
recipe = slapos.cookbook:wrapper
wrapper-path = ${directory:services}/apache
command-line = "{{ parameter_dict['apache'] }}/bin/httpd" -f "${apache-conf:rendered}" -DFOREGROUND

[apache-conf]
recipe = slapos.recipe.template:jinja2
template = {{ parameter_dict['template-apache-conf'] }}
rendered = ${directory:apache-conf}/apache.conf
context = section parameter_dict apache-conf-parameter-dict

[apache-conf-parameter-dict]
backend-list = {{ dumps(apache_dict.values()) }}
ip-list = {{ dumps(apache_ip_list) }}
pid-file = ${directory:run}/apache.pid
error-log = ${directory:log}/apache-error.log
access-log = ${directory:log}/apache-access.log
# Apache 2.4's default value (60 seconds) can be a bit too short
105
timeout = {{ timeout }}
106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151
# Basic SSL server configuration
cert = ${apache-ssl:cert}
key = ${apache-ssl:key}
cipher =
ssl-session-cache = ${directory:log}/apache-ssl-session-cache
# Client x509 auth
ca-cert = ${apache-ssl-client:cert}
crl = ${apache-ssl-client:crl}

[apache-promise]
# Check any apache port in ipv4, expect other ports and ipv6 to behave consistently
recipe = slapos.cookbook:check_port_listening
path = ${directory:promise}/apache
hostname = {{ ipv4 }}
port = {{ apache_dict.values()[0][0] }}

[apache-conf-ssl]
cert = ${directory:apache-conf}/apache.crt
key = ${directory:apache-conf}/apache.pem
ca-cert =  ${directory:apache-conf}/ca.crt
crl = ${directory:apache-conf}/crl.pem

[apache-ssl]
{% if ssl_parameter_dict.get('key') -%}
key = ${apache-ssl-key:rendered}
cert = ${apache-ssl-cert:rendered}
{{ simplefile('apache-ssl-key', '${apache-conf-ssl:key}', ssl_parameter_dict['key']) }}
{{ simplefile('apache-ssl-cert', '${apache-conf-ssl:cert}', ssl_parameter_dict['cert']) }}
{% else %}
recipe = plone.recipe.command
command = "{{ parameter_dict['openssl'] }}/bin/openssl" req -newkey rsa -batch -new -x509 -days 3650 -nodes -keyout "${:key}" -out "${:cert}"
key = ${apache-conf-ssl:key}
cert = ${apache-conf-ssl:cert}
{%- endif %}

[apache-ssl-client]
{% if ssl_parameter_dict.get('ca-cert') -%}
cert = ${apache-ssl-ca:rendered}
crl = ${apache-ssl-crl:rendered}
{{ simplefile('apache-ssl-ca', '${apache-conf-ssl:ca-cert}', ssl_parameter_dict['ca-cert']) }}
{{ simplefile('apache-ssl-crl', '${apache-conf-ssl:crl}', ssl_parameter_dict['crl']) }}
{% else %}
cert =
crl =
{%- endif %}

152
[apache-logrotate]
153
< = logrotate-entry-base
154 155
name = apache
log = ${apache-conf-parameter-dict:error-log} ${apache-conf-parameter-dict:access-log}
156
post = test ! -s ${apache-conf-parameter-dict:pid-file} || {{ bin_directory }}/slapos-kill --pidfile ${apache-conf-parameter-dict:pid-file} -s USR1
157

158
[publish]
159
recipe = slapos.cookbook:publish.serialised
160 161 162 163 164
{% for family_name, (apache_port, scheme, _) in apache_dict.items() -%}
{{   family_name ~ '-v6' }} = {% if ipv6_set %}{{ scheme ~ '://[' ~ ipv6 ~ ']:' ~ apache_port }}{% endif %}
{{   family_name }} = {{ scheme ~ '://' ~ ipv4 ~ ':' ~ apache_port }}
{% endfor -%}

165

166
[cloudooo-base]
167
recipe = slapos.cookbook:generic.cloudooo
168
ip = {{ ipv4 }}
169
environment =
170
  LD_LIBRARY_PATH = {{ parameter_dict['cairo'] }}/lib:{{ parameter_dict['cups'] }}/lib:{{ parameter_dict['cups'] }}/lib64:{{ parameter_dict['dbus'] }}/lib:{{ parameter_dict['dbus-glib'] }}/lib:{{ parameter_dict['file'] }}/lib:{{ parameter_dict['fontconfig'] }}/lib:{{ parameter_dict['freetype'] }}/lib:{{ parameter_dict['glib'] }}/lib:{{ parameter_dict['glu'] }}/lib:{{ parameter_dict['libICE'] }}/lib:{{ parameter_dict['libSM'] }}/lib:{{ parameter_dict['libX11'] }}/lib:{{ parameter_dict['libXau'] }}/lib:{{ parameter_dict['libXdmcp'] }}/lib:{{ parameter_dict['libXext'] }}/lib:{{ parameter_dict['libXrender'] }}/lib:{{ parameter_dict['libexpat'] }}/lib:{{ parameter_dict['libffi'] }}/lib:{{ parameter_dict['libffi'] }}/lib64:{{ parameter_dict['libpng12'] }}/lib:{{ parameter_dict['libxcb'] }}/lib:{{ parameter_dict['mesa'] }}/lib:{{ parameter_dict['pixman'] }}/lib:{{ parameter_dict['xdamage'] }}/lib:{{ parameter_dict['xfixes'] }}/lib:{{ parameter_dict['zlib'] }}/lib
171 172
  FONTCONFIG_FILE = ${fontconfig-instance:conf-path}
  PATH = ${binary-link:target-directory}
173
mimetype_entry_addition =
174 175 176
{% for entry in mimetype_entry_addition.splitlines() -%}
{{ "  " ~ entry.strip() }}
{% endfor -%}
177 178 179 180 181 182
# Binary information
# cloudooo specific configuration
ooo-binary-path = {{ parameter_dict['libreoffice-bin'] }}/program
ooo-paster = {{ bin_directory }}/cloudooo_paster
ooo-uno-path = {{ parameter_dict['libreoffice-bin'] }}/basis-link/program

183
{% for index in range(backend_count) -%}
184
{%   set name = 'cloudooo-' ~ index -%}
185
[{{ cloudooo(name) }}]
186
< = cloudooo-base
187 188
port = {{ next_port }}
openoffice-port = {{ next_port + 1 }}
189 190 191
configuration-file = ${directory:etc}/{{ name }}.cfg
data-directory = ${directory:srv}/{{ name }}
wrapper = ${directory:services}/{{ name }}
192

193
{%   set next_port = next_port + 2 -%}
194 195 196 197
{% endfor -%}

[haproxy]
recipe = slapos.cookbook:haproxy
198
name = cloudooo
199
conf-path = ${directory:etc}/haproxy.cfg
200
socket-path = ${directory:run}/haproxy.sock
201
ip = {{ ipv4 }}
202
port = {{ haproxy_port }}
203
maxconn = 1
204 205
wrapper-path = ${directory:services}/haproxy
binary-path = {{ parameter_dict['haproxy'] }}/sbin/haproxy
206
ctl-path = ${directory:bin}/haproxy-ctl
207
backend-list =
208
{%- for section_name in cloudooo_section_list %}
209 210 211
  {{ "${" ~ section_name ~ ":ip}:${" ~ section_name ~ ":port}" }}
{%- endfor %}

212 213 214 215 216 217 218
[cloudooo-test-runner]
recipe = slapos.cookbook:cloudooo.test

prepend-path = ${buildout:bin-directory}
run-unit-test = ${buildout:bin-directory}/runUnitTest
run-test-suite = ${buildout:bin-directory}/runTestSuite

219 220
ooo-paster = ${cloudooo-0:ooo-paster}
configuration-file = ${cloudooo-0:configuration-file}
221 222 223 224 225 226

run-unit-test-binary = {{ bin_directory }}/runCloudoooUnitTest
run-test-suite-binary = {{ bin_directory }}/runCloudoooTestSuite

[fontconfig-instance]
recipe = slapos.cookbook:fontconfig
227
conf-path = ${directory:etc}/font.conf
228 229
font-system-folder = {{ parameter_dict['fonts'] }}
font-folder = ${directory:font}
230
service-folder = ${directory:services}
231

232

233 234
[binary-link]
recipe = slapos.cookbook:symbolic.link
235
target-directory = ${directory:bin}
236 237 238 239 240 241 242
link-binary =
  {{ parameter_dict['coreutils'] }}/bin/basename
  {{ parameter_dict['coreutils'] }}/bin/cat
  {{ parameter_dict['coreutils'] }}/bin/cp
  {{ parameter_dict['coreutils'] }}/bin/ls
  {{ parameter_dict['coreutils'] }}/bin/tr
  {{ parameter_dict['coreutils'] }}/bin/uname
243
  {{ parameter_dict['coreutils'] }}/bin/dirname
244 245
# wrapper recipe needs the head command
  {{ parameter_dict['coreutils'] }}/bin/head
246 247 248 249 250
  {{ parameter_dict['imagemagick'] }}/bin/convert
  {{ parameter_dict['imagemagick'] }}/bin/identify
  {{ parameter_dict['poppler'] }}/bin/pdfinfo
  {{ parameter_dict['poppler'] }}/bin/pdftotext
  {{ parameter_dict['poppler'] }}/bin/pdftohtml
251
  {{ parameter_dict['onlyoffice-x2t'] }}/x2t
252 253 254 255

# rest of parts are candidates for some generic stuff
[directory]
recipe = slapos.cookbook:mkdirectory
256
apache-conf = ${:etc}/apache
257
bin = ${buildout:directory}/bin
258 259 260
ca-dir = ${buildout:directory}/srv/ssl
certs = ${:ca-dir}/certs
crl = ${:ca-dir}/crl
261
etc = ${buildout:directory}/etc
262
font = ${:srv}/font
263 264 265 266 267
log = ${:var}/log
newcerts = ${:ca-dir}/newcerts
private = ${:ca-dir}/private
promise = ${directory:etc}/promise
requests = ${:ca-dir}/requests
268 269
run = ${:var}/run
services = ${:etc}/run
270
srv = ${buildout:directory}/srv
271
var = ${buildout:directory}/var
272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289
framebuffer = ${:srv}/framebuffer

[xvfb-instance]
recipe = slapos.cookbook:xvfb
runner-path = ${directory:services}/xvfb
xvfb-path = {{ parameter_dict["xserver"] }}/bin/Xvfb
fbdir-path = ${directory:framebuffer}
tmp-path = ${directory:run}
shell-path = {{ parameter_dict["dash"] }}/bin/dash

[wkhtmltopdf-on-xvfb]
recipe = slapos.cookbook:wrapper
wrapper-path = ${directory:bin}/wkhtmltopdf
environment =
  DISPLAY=:0
  TMPDIR=${directory:run}
command-line = {{ parameter_dict['wkhtmltopdf'] }}/wkhtmltopdf --use-xserver
parameters-extra = true