Commit 6e7b8e62 authored by Rafael Monnerat's avatar Rafael Monnerat

Update Release Candidate

parents 77adedc0 abc0873b
...@@ -17,8 +17,8 @@ parts = ...@@ -17,8 +17,8 @@ parts =
[git] [git]
recipe = slapos.recipe.cmmi recipe = slapos.recipe.cmmi
url = https://www.kernel.org/pub/software/scm/git/git-2.9.0.tar.xz url = https://www.kernel.org/pub/software/scm/git/git-2.9.2.tar.xz
md5sum = 118ef1e3108ef0b858cd13b74395a59c md5sum = dc5eb7ff2ca4641c6038f51ae49cad0f
configure-options = configure-options =
--with-curl=${curl:location} --with-curl=${curl:location}
--with-openssl=${openssl:location} --with-openssl=${openssl:location}
......
...@@ -27,11 +27,13 @@ configure-options = ...@@ -27,11 +27,13 @@ configure-options =
--without-ossp-uuid --without-ossp-uuid
--without-libxml --without-libxml
--without-libxslt --without-libxslt
# build core PostgreSQL + pg_trgm contrib extension for GitLab
make-targets = install && make -C contrib/pg_trgm/ install
environment = environment =
CPPFLAGS=-I${zlib:location}/include -I${readline:location}/include -I${openssl:location}/include -I${ncurses:location}/lib CPPFLAGS=-I${zlib:location}/include -I${readline:location}/include -I${openssl:location}/include -I${ncurses:location}/lib
LDFLAGS=-L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib -L${readline:location}/lib -Wl,-rpath=${readline:location}/lib -L${openssl:location}/lib -Wl,-rpath=${openssl:location}/lib -L${ncurses:location}/lib -Wl,-rpath=${ncurses:location}/lib -L${perl:location}/libs-c -Wl,-rpath=${perl:location}/libs-c LDFLAGS=-L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib -L${readline:location}/lib -Wl,-rpath=${readline:location}/lib -L${openssl:location}/lib -Wl,-rpath=${openssl:location}/lib -L${ncurses:location}/lib -Wl,-rpath=${ncurses:location}/lib -L${perl:location}/libs-c -Wl,-rpath=${perl:location}/libs-c
[postgresql92] [postgresql92]
<= postgresql-common <= postgresql-common
url = http://ftp.postgresql.org/pub/source/v9.2.16/postgresql-9.2.16.tar.bz2 url = http://ftp.postgresql.org/pub/source/v9.2.17/postgresql-9.2.17.tar.bz2
md5sum = a6ced0ccd4ce3279acfef9bac16a95ee md5sum = a75d4a82eae1edda04eda2e60656e74c
{
"name": "cloudooo",
"description": "Clusterised cloudooo",
"serialisation": "xml",
"software-type": {
"default": {
"title": "Default",
"description": "Cloudooo",
"request": "instance-cloudooo-input-schema.json",
"response": "instance-cloudooo-output-schema.json",
"index": 0
}
}
}
[buildout] [buildout]
eggs-directory = ${buildout:eggs-directory} eggs-directory = ${buildout:eggs-directory}
develop-eggs-directory = ${buildout:develop-eggs-directory} develop-eggs-directory = ${buildout:develop-eggs-directory}
offline = true offline = true
extends = ${monitor2-template:rendered}
parts = parts =
connection-dict
testnode testnode
shell shell
shellinabox shellinabox
certificate-authority certificate-authority
ca-shellinabox ca-shellinabox
ca-httpd ca-httpd
monitor-base
[connection-dict] monitor-publish
[monitor-publish]
recipe = slapos.cookbook:publish recipe = slapos.cookbook:publish
url = http://[$${shellinabox:ipv6}]:$${shellinabox:port}/ url = http://[$${shellinabox:ipv6}]:$${shellinabox:port}/
password = $${pwgen:passwd} password = $${pwgen:passwd}
......
{
"type": "object",
"$schema": "http://json-schema.org/draft-04/schema",
"title": "Input Parameters",
"properties": {
"test-node-title": {
"title": "Test Node Title",
"description": "Name for the Test Node which will be used at ERP5.",
"type": "string"
},
"node-quantity": {
"title": "Quantity of Parallel runs",
"description": "QUantity of Parallel tests will be executed on this Node.",
"type": "integer"
},
"test-suite-master-url": {
"title": "Task Distribution URL",
"description": "Url for the task distributor master on portal_task_distribution",
"type": "string"
}
}
}
{
"$schema": "http://json-schema.org/draft-04/schema#",
"description": "Values returned by Apache Frontend instanciation",
"properties": {
"password": {
"description": "Password to access shellinabox.",
"type": "string"
},
"url": {
"description": "IPv6 URL to access the shell in a box.",
"type": "string"
}
},
"type": "object"
}
...@@ -8,6 +8,7 @@ extends = ...@@ -8,6 +8,7 @@ extends =
../../component/shellinabox/buildout.cfg ../../component/shellinabox/buildout.cfg
../../component/pwgen/buildout.cfg ../../component/pwgen/buildout.cfg
../../component/apache/buildout.cfg ../../component/apache/buildout.cfg
../../stack/monitor/buildout.cfg
parts = parts =
slapos-cookbook slapos-cookbook
...@@ -55,9 +56,9 @@ recipe = slapos.recipe.template ...@@ -55,9 +56,9 @@ recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-default.cfg url = ${:_profile_base_location_}/instance-default.cfg
output = ${buildout:directory}/template-default.cfg output = ${buildout:directory}/template-default.cfg
mode = 0644 mode = 0644
md5sum = 43ca4026ee1aba5d20bb9e1b69d2f114 md5sum = 621c84f7adcba394686acbaf44cc1d7d
[versions] [versions]
PyXML = 0.8.5 PyXML = 0.8.5
erp5.util = 0.4.44 erp5.util = 0.4.45
slapos.recipe.template = 2.7 slapos.recipe.template = 2.7
{
"name": "ERP5 Test Node",
"description": "ERP5 Test Node Runner",
"serialisation": "xml",
"software-type": {
"default": {
"title": "Default",
"description": "Default setup for ERP5TestNode Instance.",
"request": "instance-erp5testnode-input-schema.json",
"response": "instance-output-schema.json"
}
}
}
...@@ -6,7 +6,7 @@ ...@@ -6,7 +6,7 @@
# #
# TODO better autogenerate from ^^^ (?) # TODO better autogenerate from ^^^ (?)
# #
# (last updated for omnibus-gitlab 8.5.1+ce.0-1-ge732b39) # (last updated for omnibus-gitlab 8.7.9+ce.1-0-gf589ad7)
[gitlab-parameters] [gitlab-parameters]
configuration.external_url = http://lab.example.com configuration.external_url = http://lab.example.com
...@@ -101,3 +101,8 @@ configuration.nginx_gzip_comp_level = 2 ...@@ -101,3 +101,8 @@ configuration.nginx_gzip_comp_level = 2
configuration.nginx_gzip_proxied = any configuration.nginx_gzip_proxied = any
configuration.nginx_gzip_types = text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript application/json configuration.nginx_gzip_types = text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript application/json
configuration.nginx_keepalive_timeout = 65 configuration.nginx_keepalive_timeout = 65
# TODO allow configuring trusted proxies
# configuration.nginx_real_ip_trusted_addresses
# configuration.nginx_real_ip_header
# configuration.nginx_real_ip_recursive
...@@ -9,6 +9,15 @@ die() { ...@@ -9,6 +9,15 @@ die() {
exit 1 exit 1
} }
# run psql on gitlab db
psql() {
{{ psql_bin }} \
-h {{ pgsql['pgdata-directory'] }} \
-U {{ pgsql.superuser }} \
-d {{ pgsql.dbname }} \
"$@"
}
# 1. what to do when instance is initially setup # 1. what to do when instance is initially setup
# see # see
# https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/files/gitlab-cookbooks/gitlab/recipes/database_migrations.rb # https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/files/gitlab-cookbooks/gitlab/recipes/database_migrations.rb
...@@ -18,12 +27,7 @@ die() { ...@@ -18,12 +27,7 @@ die() {
# ( first quering PG several times waiting a bit till postgresql is started and ready ) # ( first quering PG several times waiting a bit till postgresql is started and ready )
tpgwait=5 tpgwait=5
while true; do while true; do
pgtables="$({{ psql_bin }} \ pgtables="$(psql -c '\d')" && break
-h {{ pgsql['pgdata-directory'] }} \
-U {{ pgsql.superuser }} \
-d {{ pgsql.dbname }} \
-c '\d')" && break
tpgwait=$(( $tpgwait - 1 )) tpgwait=$(( $tpgwait - 1 ))
test $tpgwait = 0 && die "pg query problem" test $tpgwait = 0 && die "pg query problem"
echo "I: PostgreSQL is not ready (yet ?); will retry $tpgwait times..." 1>&2 echo "I: PostgreSQL is not ready (yet ?); will retry $tpgwait times..." 1>&2
...@@ -31,6 +35,9 @@ while true; do ...@@ -31,6 +35,9 @@ while true; do
done done
echo "I: PostgreSQL ready." 1>&2 echo "I: PostgreSQL ready." 1>&2
# make sure pg_trgm extension is enabled for gitlab db
psql -c 'CREATE EXTENSION IF NOT EXISTS pg_trgm;' || die "pg_trgm setup failed"
if echo "$pgtables" | grep -q '^No relations found' ; then if echo "$pgtables" | grep -q '^No relations found' ; then
$RAKE db:schema:load db:seed_fu || die "initial db setup failed" $RAKE db:schema:load db:seed_fu || die "initial db setup failed"
fi fi
......
...@@ -197,10 +197,6 @@ rendered= ${gitlab:etc}/${:_buildout_section_name_} ...@@ -197,10 +197,6 @@ rendered= ${gitlab:etc}/${:_buildout_section_name_}
rendered= ${nginx:etc}/${:_buildout_section_name_} rendered= ${nginx:etc}/${:_buildout_section_name_}
[config.ru]
<= gitlab-etc-template
template = {{ config_ru_in }}
[database.yml] [database.yml]
<= gitlab-etc-template <= gitlab-etc-template
template= {{ database_yml_in }} template= {{ database_yml_in }}
...@@ -366,12 +362,10 @@ update-command = ...@@ -366,12 +362,10 @@ update-command =
<= work-base <= work-base
software = {{ gitlab_repository_location }} software = {{ gitlab_repository_location }}
tune-command = tune-command =
# secret* config.ru tmp/ log/ shared/ builds/ # secret* tmp/ log/ shared/ builds/
rm -f .secret && rm -f .secret &&
rm -f config.ru &&
rm -rf log tmp shared builds && rm -rf log tmp shared builds &&
ln -sf ${secrets:secrets}/gitlab_rails_secret .secret && ln -sf ${secrets:secrets}/gitlab_rails_secret .secret &&
ln -sf ${config.ru:rendered} config.ru &&
ln -sf ${gitlab:log} log && ln -sf ${gitlab:log} log &&
ln -sf ${gitlab:tmp} tmp && ln -sf ${gitlab:tmp} tmp &&
ln -sf ${gitlab:shared} shared && ln -sf ${gitlab:shared} shared &&
...@@ -633,7 +627,7 @@ log = ${sidekiq-dir:log} ...@@ -633,7 +627,7 @@ log = ${sidekiq-dir:log}
# NOTE see queue list here: # NOTE see queue list here:
# https://gitlab.com/gitlab-org/gitlab-ce/blob/master/Procfile # https://gitlab.com/gitlab-org/gitlab-ce/blob/master/Procfile
# https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/files/gitlab-cookbooks/gitlab/templates/default/sv-sidekiq-run.erb # https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/files/gitlab-cookbooks/gitlab/templates/default/sv-sidekiq-run.erb
# (last updated for omnibus-gitlab 8.5.1+ce.0-1-ge732b39) # (last updated for omnibus-gitlab 8.7.9+ce.1-0-gf589ad7)
[service-sidekiq] [service-sidekiq]
recipe = slapos.cookbook:wrapper recipe = slapos.cookbook:wrapper
wrapper-path = ${directory:service}/sidekiq wrapper-path = ${directory:service}/sidekiq
......
...@@ -51,7 +51,6 @@ context = ...@@ -51,7 +51,6 @@ context =
raw watcher_sigkill ${watcher-sigkill:rendered} raw watcher_sigkill ${watcher-sigkill:rendered}
# config files # config files
raw config_ru_in ${config.ru.in:target}
raw database_yml_in ${database.yml.in:target} raw database_yml_in ${database.yml.in:target}
raw gitconfig_in ${gitconfig.in:target} raw gitconfig_in ${gitconfig.in:target}
raw gitlab_parameters_cfg ${gitlab-parameters.cfg:target} raw gitlab_parameters_cfg ${gitlab-parameters.cfg:target}
......
...@@ -23,7 +23,7 @@ extends = ...@@ -23,7 +23,7 @@ extends =
parts = parts =
ruby2.1 ruby2.1
golang15 golang16
git git
postgresql92 postgresql92
redis28 redis28
...@@ -113,26 +113,26 @@ git-executable = ${git:location}/bin/git ...@@ -113,26 +113,26 @@ git-executable = ${git:location}/bin/git
<= git-repository <= git-repository
#repository = https://gitlab.com/gitlab-org/gitlab-ce.git #repository = https://gitlab.com/gitlab-org/gitlab-ce.git
repository = https://lab.nexedi.com/nexedi/gitlab-ce.git repository = https://lab.nexedi.com/nexedi/gitlab-ce.git
# 8.5.X + NXD patches: # 8.7.X + NXD patches:
revision = v8.5.3-15-g827d39147af496bcd4696c845e9094a07b5a09d3 revision = v8.7.9-10-g7728df66b90483dac467df95948a532783e782c8
location = ${buildout:parts-directory}/gitlab location = ${buildout:parts-directory}/gitlab
[gitlab-shell-repository] [gitlab-shell-repository]
<= git-repository <= git-repository
#repository = https://gitlab.com/gitlab-org/gitlab-shell.git #repository = https://gitlab.com/gitlab-org/gitlab-shell.git
repository = https://lab.nexedi.com/nexedi/gitlab-shell.git repository = https://lab.nexedi.com/nexedi/gitlab-shell.git
# gitlab 8.5 wants gitlab-shell 2.6.10 # gitlab 8.7 wants gitlab-shell 2.7.2
# 2.6.10 + no-hooks.old patch # 2.7.2 + NXD patches
revision = v2.6.10-13-gcb8f331c955aa780efe10263d0d45b332f030f42 revision = v2.6.10-50-gfbca95be784816349abc5930324659151eca50d1
location = ${buildout:parts-directory}/gitlab-shell location = ${buildout:parts-directory}/gitlab-shell
[gitlab-workhorse-repository] [gitlab-workhorse-repository]
<= git-repository <= git-repository
#repository = https://gitlab.com/gitlab-org/gitlab-workhorse.git #repository = https://gitlab.com/gitlab-org/gitlab-workhorse.git
repository = https://lab.nexedi.com/nexedi/gitlab-workhorse.git repository = https://lab.nexedi.com/nexedi/gitlab-workhorse.git
# 0.6.4 + NXD patches for blob download speedup # gitlab 8.7 wants gitlab-workhorse 0.7.1
# (https://gitlab.com/gitlab-org/gitlab-workhorse/merge_requests/17) # 0.7.1 + NXD patches
revision = v0.6.4-3-g32ec77c4db3556dc66e8c863326325f8ec970849 revision = v0.7.1-5-gd23a3247829fc3200e3dc784dcd57b5a0febac48
location = ${buildout:parts-directory}/gitlab-workhorse location = ${buildout:parts-directory}/gitlab-workhorse
...@@ -175,7 +175,7 @@ configure-command = : ...@@ -175,7 +175,7 @@ configure-command = :
make-targets= ${:_buildout_section_name_} make-targets= ${:_buildout_section_name_}
environment = environment =
PATH=${golang15:location}/bin:%(PATH)s PATH=${golang16:location}/bin:%(PATH)s
############################### ###############################
...@@ -194,7 +194,7 @@ eggs = ...@@ -194,7 +194,7 @@ eggs =
recipe = slapos.recipe.template recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance.cfg.in url = ${:_profile_base_location_}/instance.cfg.in
output = ${buildout:directory}/instance.cfg output = ${buildout:directory}/instance.cfg
md5sum = e5e7ddede71265987bb0c534b009aa45 md5sum = ef85f02c4f6070c586d773b859a2f4e2
[watcher-sigkill] [watcher-sigkill]
recipe = slapos.recipe.template:jinja2 recipe = slapos.recipe.template:jinja2
...@@ -222,37 +222,33 @@ destination = ${buildout:directory}/${:_buildout_section_name_} ...@@ -222,37 +222,33 @@ destination = ${buildout:directory}/${:_buildout_section_name_}
url = ${:_profile_base_location_}/template/${:_buildout_section_name_} url = ${:_profile_base_location_}/template/${:_buildout_section_name_}
[config.ru.in]
<= download-template
md5sum = 91737a2067be80f3ae48157e5a0738b4
[database.yml.in] [database.yml.in]
<= download-template <= download-template
md5sum = 76d8f20532d63282ecd3617a3937fcf1 md5sum = 61d1d04b9347b3168a1ad7676e4681ef
[gitconfig.in] [gitconfig.in]
<= download-template <= download-template
md5sum = d8b3611386c4982605edd9a31832ee28 md5sum = eb1230fee50067924ba89f4dc6e82fa9
[gitlab-parameters.cfg] [gitlab-parameters.cfg]
<= download-file <= download-file
md5sum = b04b72949f0b9b5da96870ffbf8c1ff4 md5sum = 3edd435a984b51b94539ea1d4f1b3994
[gitlab-shell-config.yml.in] [gitlab-shell-config.yml.in]
<= download-template <= download-template
md5sum = 9c62aa1bf7396f207a528e39973aa135 md5sum = 58c09b1e609f903e483a76fe9e57366c
[gitlab-unicorn-startup.in] [gitlab-unicorn-startup.in]
<= download-file <= download-file
md5sum = 14c5632182d830c03f7788c85d6f4da1 md5sum = a9cb347f60aad3465932fd36cd4fe25d
[gitlab.yml.in] [gitlab.yml.in]
<= download-template <= download-template
md5sum = 8f1c52ed223ee2c2d07c6c79bcd2f6c0 md5sum = 735a78d0733fd6617d3b5f3d91bfae8c
[instance-gitlab.cfg.in] [instance-gitlab.cfg.in]
<= download-file <= download-file
md5sum = d3158d58e7fea9a656a8ef6e238a919b md5sum = ba83f01fd7a313b984766c50d6e48e54
[macrolib.cfg.in] [macrolib.cfg.in]
<= download-file <= download-file
...@@ -260,27 +256,27 @@ md5sum = a56a44e96f65f5ed20211bb6a54279f4 ...@@ -260,27 +256,27 @@ md5sum = a56a44e96f65f5ed20211bb6a54279f4
[nginx-gitlab-http.conf.in] [nginx-gitlab-http.conf.in]
<= download-template <= download-template
md5sum = be7ddd26b0b0196fde8d699e50e84b2f md5sum = a11b50d2ff2b1fa842ba4aa20041e2fe
[nginx.conf.in] [nginx.conf.in]
<= download-template <= download-template
md5sum = 71b4221cd91e0e1e20a72b97991f2665 md5sum = 7da68dba86fff79eb93c27aa1aaf1055
[rack_attack.rb.in] [rack_attack.rb.in]
<= download-template <= download-template
md5sum = 2cf56b210a906cee80f86cde7112f468 md5sum = bc1a7c1e83b7329d97bff6724f2bec3e
[resque.yml.in] [resque.yml.in]
<= download-template <= download-template
md5sum = 1fa21655a845602f68a901f23a1da89a md5sum = 7c89a730889e3224548d9abe51a2d719
[smtp_settings.rb.in] [smtp_settings.rb.in]
<= download-template <= download-template
md5sum = 07b640122b8c4840e853360f2479d0ac md5sum = d66a424516ffacea34303e2f512a7d94
[unicorn.rb.in] [unicorn.rb.in]
<= download-template <= download-template
md5sum = 4f7c14147fd60b4cc9aefe7f64524abe md5sum = 83921db1835d9e81cbbe808631cc40a9
[versions] [versions]
......
{{ autogenerated }}
# see:
# https://gitlab.com/gitlab-org/gitlab-ce/blob/master/config.ru
# https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/files/gitlab-cookbooks/gitlab/templates/default/gitlab-rails-config.ru.erb
# (last updated for omnibus-gitlab 8.5.1+ce.0-1-ge732b39)
# This file is used by Rack-based servers to start the application.
{% from 'macrolib.cfg.in' import cfg with context %}
if defined?(Unicorn)
require 'unicorn'
if ENV['RAILS_ENV'] == 'production' || ENV['RAILS_ENV'] == 'staging'
# Unicorn self-process killer
require 'unicorn/worker_killer'
# Max memory size (RSS) per worker
use Unicorn::WorkerKiller::Oom, ({{ cfg('unicorn_worker_memory_limit_min') }}), ({{ cfg('unicorn_worker_memory_limit_max') }})
end
end
require ::File.expand_path('../config/environment', __FILE__)
map ENV['RAILS_RELATIVE_URL_ROOT'] || "/" do
run Gitlab::Application
end
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
# see: # see:
# https://gitlab.com/gitlab-org/gitlab-ce/blob/master/config/database.yml.postgresql # https://gitlab.com/gitlab-org/gitlab-ce/blob/master/config/database.yml.postgresql
# https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/files/gitlab-cookbooks/gitlab/templates/default/database.yml.erb # https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/files/gitlab-cookbooks/gitlab/templates/default/database.yml.erb
# (last updated for 8.5.1+ce.0-1-ge732b39) # (last updated for 8.7.9+ce.1-0-gf589ad7)
{% from 'macrolib.cfg.in' import cfg with context %} {% from 'macrolib.cfg.in' import cfg with context %}
...@@ -23,5 +23,6 @@ production: ...@@ -23,5 +23,6 @@ production:
socket: socket:
{# not needed for unix socket {# not needed for unix socket
sslmode: <%= single_quote(@db_sslmode) %> sslmode: <%= single_quote(@db_sslmode) %>
sslrootcert: <%= single_quote(@db_sslrootcert) %> sslrootcert: <%= single_quote(@db_sslrootcert) || single_quote(@db_sslca) %>
sslca: <%= single_quote(@db_sslca) || single_quote(@db_sslrootcert) %>
#} #}
...@@ -3,7 +3,7 @@ ...@@ -3,7 +3,7 @@
# see: # see:
# https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/files/gitlab-cookbooks/gitlab/attributes/default.rb # https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/files/gitlab-cookbooks/gitlab/attributes/default.rb
# https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/files/gitlab-cookbooks/gitlab/templates/default/gitconfig.erb # https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/files/gitlab-cookbooks/gitlab/templates/default/gitconfig.erb
# (last updated for omnibus-gitlab 8.5.1+ce.0-1-ge732b39) # (last updated for omnibus-gitlab 8.7.9+ce.1-0-gf589ad7)
# #
{% from 'macrolib.cfg.in' import cfg with context %} {% from 'macrolib.cfg.in' import cfg with context %}
...@@ -22,3 +22,5 @@ ...@@ -22,3 +22,5 @@
email = {{ cfg('email_from') }} email = {{ cfg('email_from') }}
[core] [core]
autocrlf = input autocrlf = input
[gc]
auto = 0
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
# see: # see:
# https://gitlab.com/gitlab-org/gitlab-shell/blob/master/config.yml.example # https://gitlab.com/gitlab-org/gitlab-shell/blob/master/config.yml.example
# https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/files/gitlab-cookbooks/gitlab/templates/default/gitlab-shell-config.yml.erb # https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/files/gitlab-cookbooks/gitlab/templates/default/gitlab-shell-config.yml.erb
# (last updated for omnibus-gitlab 8.5.1+ce.0-1-ge732b39) # (last updated for omnibus-gitlab 8.7.9+ce.1-0-gf589ad7)
# GitLab user. git by default # GitLab user. git by default
user: {{ backend_info.user }} user: {{ backend_info.user }}
......
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
# see: # see:
# https://gitlab.com/gitlab-org/gitlab-ce/blob/master/config/gitlab.yml.example # https://gitlab.com/gitlab-org/gitlab-ce/blob/master/config/gitlab.yml.example
# https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/files/gitlab-cookbooks/gitlab/templates/default/gitlab.yml.erb # https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/files/gitlab-cookbooks/gitlab/templates/default/gitlab.yml.erb
# (last updated for omnibus-gitlab 8.5.1+ce.0-1-ge732b39) # (last updated for omnibus-gitlab 8.7.9+ce.1-0-gf589ad7)
{% from 'macrolib.cfg.in' import cfg, cfg_https, external_url with context %} {% from 'macrolib.cfg.in' import cfg, cfg_https, external_url with context %}
...@@ -32,6 +32,16 @@ production: &base ...@@ -32,6 +32,16 @@ production: &base
relative_url_root: <%= @gitlab_relative_url %> relative_url_root: <%= @gitlab_relative_url %>
#} #}
# Trusted Proxies
# Customize if you have GitLab behind a reverse proxy which is running on a different machine.
# Add the IP address for your reverse proxy to the list, otherwise users will appear signed in from that address.
trusted_proxies:
{# TODO support configuring trusted proxies
<% @trusted_proxies.each do |proxy| %>
- <%= proxy %>
<% end %>
#}
# Uncomment and customize if you can't use the default user to run GitLab (default: 'git') # Uncomment and customize if you can't use the default user to run GitLab (default: 'git')
user: {{ backend_info.user }} user: {{ backend_info.user }}
...@@ -96,7 +106,7 @@ production: &base ...@@ -96,7 +106,7 @@ production: &base
enabled: <%= @incoming_email_enabled %> enabled: <%= @incoming_email_enabled %>
# The email address including the `%{key}` placeholder that will be replaced to reference the item being replied to. # The email address including the `%{key}` placeholder that will be replaced to reference the item being replied to.
# The `%{key}` placeholder is added after the user part, after a `+` character, before the `@`. # The placeholder can be omitted but if present, it must appear in the "user" part of the address (before the `@`).
address: <%= single_quote(@incoming_email_address) %> address: <%= single_quote(@incoming_email_address) %>
# Email account username # Email account username
...@@ -124,7 +134,7 @@ production: &base ...@@ -124,7 +134,7 @@ production: &base
artifacts: artifacts:
enabled: <%= @artifacts_enabled %> enabled: <%= @artifacts_enabled %>
# The location where Build Artifacts are stored (default: shared/artifacts). # The location where Build Artifacts are stored (default: shared/artifacts).
storage_path: <%= @artifacts_path %> path: <%= @artifacts_path %>
#} #}
{# we do not support LFS {# we do not support LFS
...@@ -167,7 +177,7 @@ production: &base ...@@ -167,7 +177,7 @@ production: &base
#} #}
{# XXX cron jobs are disabled for now - we do not support CI and EE features {# XXX cron jobs are disabled for now - we do not support CI and EE features or we are ok with defaults
## Auxiliary jobs ## Auxiliary jobs
# Periodically executed jobs, to self-heal GitLab, do external synchronizations, etc. # Periodically executed jobs, to self-heal GitLab, do external synchronizations, etc.
# Please read here for more information: https://github.com/ondrejbartas/sidekiq-cron#adding-cron-job # Please read here for more information: https://github.com/ondrejbartas/sidekiq-cron#adding-cron-job
...@@ -176,6 +186,10 @@ production: &base ...@@ -176,6 +186,10 @@ production: &base
stuck_ci_builds_worker: stuck_ci_builds_worker:
cron: <%= @stuck_ci_builds_worker_cron %> cron: <%= @stuck_ci_builds_worker_cron %>
# Remove outdated repository archives
repository_archive_cache_worker:
cron: <%= @repository_archive_cache_worker_cron %>
## ##
# GitLab EE only jobs: # GitLab EE only jobs:
...@@ -187,11 +201,20 @@ production: &base ...@@ -187,11 +201,20 @@ production: &base
update_all_mirrors_worker: update_all_mirrors_worker:
cron: <%= @update_all_mirrors_worker_cron %> cron: <%= @update_all_mirrors_worker_cron %>
# Update remote mirrors
update_all_remote_mirrors_worker:
cron: <%= @update_all_remote_mirrors_worker_cron %>
# In addition to refreshing users when they log in, # In addition to refreshing users when they log in,
# periodically refresh LDAP users membership. # periodically refresh LDAP users membership.
# NOTE: This will only take effect if LDAP is enabled # NOTE: This will only take effect if LDAP is enabled
ldap_sync_worker: ldap_sync_worker:
cron: <%= @ldap_sync_worker_cron %> cron: <%= @ldap_sync_worker_cron %>
# Gitlab Geo nodes notification worker
# NOTE: This will only take effect if Geo is enabled
geo_bulk_notify_worker:
cron: <%= @geo_bulk_notify_worker_cron %>
#} #}
# #
...@@ -223,6 +246,7 @@ production: &base ...@@ -223,6 +246,7 @@ production: &base
enabled: false enabled: false
{# just disabled {# just disabled
enabled: <%= @ldap_enabled %> enabled: <%= @ldap_enabled %>
sync_time: <%= @ldap_sync_time %>
<% if @ldap_servers.any? %> <% if @ldap_servers.any? %>
servers: servers:
<% @ldap_servers.each do |provider_id, settings| %> <% @ldap_servers.each do |provider_id, settings| %>
...@@ -302,6 +326,12 @@ production: &base ...@@ -302,6 +326,12 @@ production: &base
# (default: false) # (default: false)
auto_link_saml_user: <%= @omniauth_auto_link_saml_user.to_json %> auto_link_saml_user: <%= @omniauth_auto_link_saml_user.to_json %>
# Set different Omniauth providers as external so that all users creating accounts
# via these providers will not be able to have access to internal projects. You
# will need to use the full name of the provider, like `google_oauth2` for Google.
# Refer to the examples below for the full names of the supported providers.
# (default: [])
external_providers: <%= @omniauth_external_providers.to_json %>
## Auth providers ## Auth providers
# Uncomment the following lines and fill in the data of the auth provider you want to use # Uncomment the following lines and fill in the data of the auth provider you want to use
......
{{ autogenerated }} {{ autogenerated }}
# see: # see:
# https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/files/gitlab-cookbooks/gitlab/templates/default/nginx-gitlab-http.conf.erb # https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/files/gitlab-cookbooks/gitlab/templates/default/nginx-gitlab-http.conf.erb
# (last updated for omnibus-gitlab 8.5.1+ce.0-1-ge732b39) # (last updated for omnibus-gitlab 8.7.9+ce.1-0-gf589ad7)
{% from 'macrolib.cfg.in' import cfg, cfg_bool, cfg_https, fqdn with context %} {% from 'macrolib.cfg.in' import cfg, cfg_bool, cfg_https, fqdn with context %}
...@@ -66,7 +66,6 @@ server { ...@@ -66,7 +66,6 @@ server {
server_name {{ fqdn }}; server_name {{ fqdn }};
server_tokens off; ## Don't show the nginx version number, a security best practice server_tokens off; ## Don't show the nginx version number, a security best practice
root {{ gitlab_work.location }}/public;
## Increase this if you want to upload large attachments ## Increase this if you want to upload large attachments
## Or if you want to accept large git objects over http ## Or if you want to accept large git objects over http
...@@ -100,6 +99,20 @@ server { ...@@ -100,6 +99,20 @@ server {
#} #}
{% endif %} {% endif %}
## Real IP Module Config
## http://nginx.org/en/docs/http/ngx_http_realip_module.html
{# TODO support trusted proxies & realip
<% if @real_ip_header %>
real_ip_header <%= @real_ip_header %>;
<% end %>
<% if @real_ip_recursive %>
real_ip_recursive <%= @real_ip_recursive %>;
<% end %>
<% @real_ip_trusted_addresses.each do |trusted_address| %>
set_real_ip_from <%= trusted_address %>;
<% end %>
#}
## Individual nginx logs for this GitLab vhost ## Individual nginx logs for this GitLab vhost
access_log {{ nginx.log }}/gitlab_access.log gitlab_access; access_log {{ nginx.log }}/gitlab_access.log gitlab_access;
error_log {{ nginx.log }}/gitlab_error.log; error_log {{ nginx.log }}/gitlab_error.log;
...@@ -135,6 +148,15 @@ server { ...@@ -135,6 +148,15 @@ server {
proxy_pass http://gitlab-workhorse; proxy_pass http://gitlab-workhorse;
} }
error_page 404 /404.html;
error_page 422 /422.html;
error_page 500 /500.html;
error_page 502 /502.html;
location ~ ^/(404|422|500|502)\.html$ {
root {{ gitlab_work.location }}/public;
internal;
}
{# we don't support custom nginx configs {# we don't support custom nginx configs
<%= @custom_gitlab_server_config %> <%= @custom_gitlab_server_config %>
#} #}
......
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
# see: # see:
# https://gitlab.com/gitlab-org/gitlab-ce/blob/master/lib/support/nginx/gitlab-ssl # https://gitlab.com/gitlab-org/gitlab-ce/blob/master/lib/support/nginx/gitlab-ssl
# https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/files/gitlab-cookbooks/gitlab/templates/default/nginx.conf.erb # https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/files/gitlab-cookbooks/gitlab/templates/default/nginx.conf.erb
# (last updated for omnibus-gitlab 8.5.1+ce.0-1-ge732b39) # (last updated for omnibus-gitlab 8.7.9+ce.1-0-gf589ad7)
{% from 'macrolib.cfg.in' import cfg with context %} {% from 'macrolib.cfg.in' import cfg with context %}
...@@ -41,6 +41,13 @@ http { ...@@ -41,6 +41,13 @@ http {
include {{ nginx_mime_types }}; include {{ nginx_mime_types }};
{# we do not do nginx caching:
- gitlab-workhorse serves raw blobs fast
- we have caches on frontend nodes
proxy_cache_path <%= @proxy_cache_path %>;
proxy_cache <%= @proxy_cache %>;
#}
include {{ nginx_gitlab_http_conf }}; include {{ nginx_gitlab_http_conf }};
{# we don't need: ci, pages, mattermost {# we don't need: ci, pages, mattermost
......
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
# see: # see:
# https://gitlab.com/gitlab-org/gitlab-ce/blob/master/config/initializers/rack_attack.rb.example # https://gitlab.com/gitlab-org/gitlab-ce/blob/master/config/initializers/rack_attack.rb.example
# https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/files/gitlab-cookbooks/gitlab/templates/default/rack_attack.rb.erb # https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/files/gitlab-cookbooks/gitlab/templates/default/rack_attack.rb.erb
# (last updated for omnibus-gitlab 8.5.1+ce.0-1-ge732b39) # (last updated for omnibus-gitlab 8.7.9+ce.1-0-gf589ad7)
{% from 'macrolib.cfg.in' import cfg with context %} {% from 'macrolib.cfg.in' import cfg with context %}
......
...@@ -2,6 +2,6 @@ ...@@ -2,6 +2,6 @@
# see: # see:
# https://gitlab.com/gitlab-org/gitlab-ce/blob/master/config/resque.yml.example # https://gitlab.com/gitlab-org/gitlab-ce/blob/master/config/resque.yml.example
# https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/files/gitlab-cookbooks/gitlab/templates/default/resque.yml.erb # https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/files/gitlab-cookbooks/gitlab/templates/default/resque.yml.erb
# (last udpdated for omnibus-gitlab 8.5.1+ce.0-1-ge732b39) # (last udpdated for omnibus-gitlab 8.7.9+ce.1-0-gf589ad7)
production: unix://{{ redis.unixsocket }} production: unix://{{ redis.unixsocket }}
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
# see: # see:
# https://gitlab.com/gitlab-org/gitlab-ce/blob/master/config/initializers/smtp_settings.rb.sample # https://gitlab.com/gitlab-org/gitlab-ce/blob/master/config/initializers/smtp_settings.rb.sample
# https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/files/gitlab-cookbooks/gitlab/templates/default/smtp_settings.rb.erb # https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/files/gitlab-cookbooks/gitlab/templates/default/smtp_settings.rb.erb
# (last updated for omnibus-gitlab 8.5.1+ce.0-1-ge732b39) # (last updated for omnibus-gitlab 8.7.9+ce.1-0-gf589ad7)
{% from 'macrolib.cfg.in' import cfg, cfg_bool with context %} {% from 'macrolib.cfg.in' import cfg, cfg_bool with context %}
...@@ -18,6 +18,7 @@ if Rails.env.production? ...@@ -18,6 +18,7 @@ if Rails.env.production?
domain: "{{ cfg('smtp_domain') }}", domain: "{{ cfg('smtp_domain') }}",
authentication: :{{ cfg('smtp_authentication') }}, authentication: :{{ cfg('smtp_authentication') }},
enable_starttls_auto: {{ cfg('smtp_enable_starttls_auto') }}, enable_starttls_auto: {{ cfg('smtp_enable_starttls_auto') }},
# ssl:
openssl_verify_mode: '{{ cfg("smtp_openssl_verify_mode") }}' openssl_verify_mode: '{{ cfg("smtp_openssl_verify_mode") }}'
# ca_path: # ca_path:
# ca_file: # ca_file:
......
...@@ -3,7 +3,7 @@ ...@@ -3,7 +3,7 @@
# https://gitlab.com/gitlab-org/gitlab-ce/blob/master/config/unicorn.rb.example # https://gitlab.com/gitlab-org/gitlab-ce/blob/master/config/unicorn.rb.example
# https://gitlab.com/gitlab-org/gitlab-ce/blob/master/config/unicorn.rb.example.development # https://gitlab.com/gitlab-org/gitlab-ce/blob/master/config/unicorn.rb.example.development
# https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/files/gitlab-cookbooks/gitlab/templates/default/unicorn.rb.erb # https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/files/gitlab-cookbooks/gitlab/templates/default/unicorn.rb.erb
# (last updated for omnibus-gitlab 8.5.1+ce.0-1-ge732b39) # (last updated for omnibus-gitlab 8.7.9+ce.1-0-gf589ad7)
{% from 'macrolib.cfg.in' import cfg with context %} {% from 'macrolib.cfg.in' import cfg with context %}
...@@ -79,3 +79,9 @@ ENV['RAILS_RELATIVE_URL_ROOT'] = "<%= @relative_url %>" ...@@ -79,3 +79,9 @@ ENV['RAILS_RELATIVE_URL_ROOT'] = "<%= @relative_url %>"
<%- end %> <%- end %>
#} #}
# Min memory size (RSS) per worker
ENV['GITLAB_UNICORN_MEMORY_MIN'] = ({{ cfg('unicorn_worker_memory_limit_min') }}).to_s
# Max memory size (RSS) per worker
ENV['GITLAB_UNICORN_MEMORY_MAX'] = ({{ cfg('unicorn_worker_memory_limit_max') }}).to_s
...@@ -155,7 +155,7 @@ recipe = hexagonit.recipe.download ...@@ -155,7 +155,7 @@ recipe = hexagonit.recipe.download
ignore-existing = true ignore-existing = true
url = ${:_profile_base_location_}/instance-kvm-export.cfg.jinja2 url = ${:_profile_base_location_}/instance-kvm-export.cfg.jinja2
mode = 644 mode = 644
md5sum = ff281bf8a8905632b32254622db105b7 md5sum = 4c71fbd0f27616d945df9669c57d302e
download-only = true download-only = true
on-update = true on-update = true
......
...@@ -23,14 +23,6 @@ parts += ...@@ -23,14 +23,6 @@ parts +=
{% if monitor -%} {% if monitor -%}
# monitor parts # monitor parts
monitor-base monitor-base
cron-entry-logrotate
certificate-authority
monitor-conf
start-monitor
ca-httpd
monitor-httpd-promise
monitor-httpd-promise-conf
monitor-status2rss-cron-entry
{% endif %} {% endif %}
# Create the exporter executable, which is a simple shell script # Create the exporter executable, which is a simple shell script
......
...@@ -198,7 +198,8 @@ ...@@ -198,7 +198,8 @@
"bootstrap-script-url": { "bootstrap-script-url": {
"title": "VM bootstrap script URL.", "title": "VM bootstrap script URL.",
"description": "If dedicaced disk image is used, this script will be downloaded and run at first boot of the virtual machine. Set md5sum to URL like: http://example.com/file#MD5SUM. Get file in vm at http://10.0.2.100/vm-bootstrap.", "description": "If dedicaced disk image is used, this script will be downloaded and run at first boot of the virtual machine. Set md5sum to URL like: http://example.com/file#MD5SUM. Get file in vm at http://10.0.2.100/vm-bootstrap.",
"type": "uri" "type": "string",
"format": "uri"
}, },
"data-to-vm": { "data-to-vm": {
"title": "Text content to send to this virtual machine.", "title": "Text content to send to this virtual machine.",
......
...@@ -56,6 +56,10 @@ repository = ${slapos.recipe.build-repository:location} ...@@ -56,6 +56,10 @@ repository = ${slapos.recipe.build-repository:location}
<= download-source <= download-source
repository = ${slapos.recipe.cmmi-repository:location} repository = ${slapos.recipe.cmmi-repository:location}
[slapos.toolbox]
<= download-source
repository = ${slapos.toolbox-repository:location}
[erp5-util] [erp5-util]
<= download-source <= download-source
repository = ${erp5-util-repository:location} repository = ${erp5-util-repository:location}
...@@ -78,6 +82,7 @@ test-list = ...@@ -78,6 +82,7 @@ test-list =
$${slapos.recipe.template:location} $${slapos.recipe.template:location}
$${slapos.recipe.build:location} $${slapos.recipe.build:location}
$${slapos.recipe.cmmi:location} $${slapos.recipe.cmmi:location}
$${slapos.toolbox:location}
$${erp5-util:location} $${erp5-util:location}
prepend-path = ${git:location}/bin:${libxslt:location}/bin:${python2.7:location}/bin prepend-path = ${git:location}/bin:${libxslt:location}/bin:${python2.7:location}/bin
environment = environment environment = environment
...@@ -86,7 +91,7 @@ environment = environment ...@@ -86,7 +91,7 @@ environment = environment
CPPFLAGS = -I${python2.7:location}/include/python2.7 -I${libxml2:location}/include -I${libxslt:location}/include CPPFLAGS = -I${python2.7:location}/include/python2.7 -I${libxml2:location}/include -I${libxslt:location}/include
LDFLAGS = -L${python2.7:location}/lib -L${libxml2:location}/lib -L${libxslt:location}/lib -L${libxslt:location}/lib -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib -Wl,-rpath=${python2.7:location}/lib -Wl,-rpath=${libxml2:location}/lib -Wl,-rpath=${libxslt:location}/lib -Wl,-rpath=${zlib:location}/lib LDFLAGS = -L${python2.7:location}/lib -L${libxml2:location}/lib -L${libxslt:location}/lib -L${libxslt:location}/lib -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib -Wl,-rpath=${python2.7:location}/lib -Wl,-rpath=${libxml2:location}/lib -Wl,-rpath=${libxslt:location}/lib -Wl,-rpath=${zlib:location}/lib
LD_LIBRARY_PATH = ${python2.7:location}/lib:${libxml2:location}/lib:${libxslt:location}/lib:${libxslt:location}/lib:${zlib:location}/lib LD_LIBRARY_PATH = ${python2.7:location}/lib:${libxml2:location}/lib:${libxslt:location}/lib:${libxslt:location}/lib:${zlib:location}/lib
PYTHONPATH = ${python-setuptools:pythonpath}:${buildout:eggs-directory} PYTHONPATH = ${python-setuptools:pythonpath}:${buildout:eggs-directory}:${buildout:develop-eggs-directory}
LOCAL_IPV4 = $${slap-configuration:ipv4-random} LOCAL_IPV4 = $${slap-configuration:ipv4-random}
[sh-environment] [sh-environment]
......
...@@ -17,6 +17,7 @@ parts = ...@@ -17,6 +17,7 @@ parts =
slapos.recipe.template-repository slapos.recipe.template-repository
slapos.recipe.build-repository slapos.recipe.build-repository
slapos.recipe.cmmi-repository slapos.recipe.cmmi-repository
slapos.toolbox-repository
erp5-util-repository erp5-util-repository
eggs eggs
phantomjs phantomjs
...@@ -26,6 +27,7 @@ parts = ...@@ -26,6 +27,7 @@ parts =
recipe = zc.recipe.egg recipe = zc.recipe.egg
eggs = eggs =
${lxml-python:egg} ${lxml-python:egg}
${python-cryptography:egg}
Jinja2 Jinja2
erp5.util erp5.util
slapos.cookbook slapos.cookbook
...@@ -33,6 +35,7 @@ eggs = ...@@ -33,6 +35,7 @@ eggs =
plone.recipe.command plone.recipe.command
slapos.recipe.template slapos.recipe.template
slapos.recipe.cmmi slapos.recipe.cmmi
slapos.toolbox
entry-points = entry-points =
runTestSuite=erp5.util.testsuite:runTestSuite runTestSuite=erp5.util.testsuite:runTestSuite
scripts = scripts =
...@@ -64,6 +67,10 @@ repository = https://lab.nexedi.com/nexedi/slapos.recipe.build.git ...@@ -64,6 +67,10 @@ repository = https://lab.nexedi.com/nexedi/slapos.recipe.build.git
<= git-clone-repository <= git-clone-repository
repository = https://lab.nexedi.com/nexedi/slapos.recipe.cmmi.git repository = https://lab.nexedi.com/nexedi/slapos.recipe.cmmi.git
[slapos.toolbox-repository]
<= git-clone-repository
repository = https://lab.nexedi.com/nexedi/slapos.toolbox.git
[erp5-util-repository] [erp5-util-repository]
<= git-clone-repository <= git-clone-repository
repository = https://lab.nexedi.com/nexedi/erp5.git repository = https://lab.nexedi.com/nexedi/erp5.git
...@@ -71,12 +78,12 @@ repository = https://lab.nexedi.com/nexedi/erp5.git ...@@ -71,12 +78,12 @@ repository = https://lab.nexedi.com/nexedi/erp5.git
[template] [template]
recipe = slapos.recipe.template recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance.cfg url = ${:_profile_base_location_}/instance.cfg
md5sum = 19b76f8a9f12be111e3a6600b337c21b md5sum = 1674921ba26e80d5e5266b71271c7ed1
output = ${buildout:directory}/template.cfg output = ${buildout:directory}/template.cfg
mode = 640 mode = 640
[versions] [versions]
Pygments = 1.6 Pygments = 2.1.3
collective.recipe.template = 1.10 collective.recipe.template = 1.10
plone.recipe.command = 1.1 plone.recipe.command = 1.1
slapos.recipe.template = 2.7 slapos.recipe.template = 2.7
...@@ -54,7 +54,7 @@ mode = 0644 ...@@ -54,7 +54,7 @@ mode = 0644
recipe = slapos.recipe.template recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-runner.cfg url = ${:_profile_base_location_}/instance-runner.cfg
output = ${buildout:directory}/template-runner.cfg.in output = ${buildout:directory}/template-runner.cfg.in
md5sum = f2d704c269244c4eb842aefbc9ff9201 md5sum = 5fbdf6f9996d6cb948ba042e9dd6e43e
mode = 0644 mode = 0644
[template-runner-import-script] [template-runner-import-script]
...@@ -70,7 +70,7 @@ mode = 0644 ...@@ -70,7 +70,7 @@ mode = 0644
recipe = slapos.recipe.template recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-runner-import.cfg.in url = ${:_profile_base_location_}/instance-runner-import.cfg.in
output = ${buildout:directory}/instance-runner-import.cfg output = ${buildout:directory}/instance-runner-import.cfg
md5sum = 673c30e5e7f9b7bb543f79465a56e43d md5sum = a41ff9e12a2304224704f6f31529879b
mode = 0644 mode = 0644
[template-runner-export-script] [template-runner-export-script]
...@@ -86,13 +86,13 @@ mode = 0644 ...@@ -86,13 +86,13 @@ mode = 0644
recipe = slapos.recipe.template recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-runner-export.cfg.in url = ${:_profile_base_location_}/instance-runner-export.cfg.in
output = ${buildout:directory}/instance-runner-export.cfg output = ${buildout:directory}/instance-runner-export.cfg
md5sum = 4b0ab39bc655ae0b865207147cb2e5bf md5sum = cab358589975d6f250b6363ecc95aab2
mode = 0644 mode = 0644
[template-resilient] [template-resilient]
recipe = slapos.recipe.build:download recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/instance-resilient.cfg.jinja2 url = ${:_profile_base_location_}/instance-resilient.cfg.jinja2
md5sum = 7b3f74b6ab491e907bbdef2ff40a7791 md5sum = a902b84ac7d1e29a7fdb06cbc7dec150
filename = instance-resilient.cfg.jinja2 filename = instance-resilient.cfg.jinja2
mode = 0644 mode = 0644
...@@ -110,7 +110,7 @@ recipe = hexagonit.recipe.download ...@@ -110,7 +110,7 @@ recipe = hexagonit.recipe.download
ignore-existing = true ignore-existing = true
url = ${:_profile_base_location_}/nginx_conf.in url = ${:_profile_base_location_}/nginx_conf.in
download-only = true download-only = true
md5sum = e6c2e1dd2153afefa0805c4065066e4e md5sum = 94d83ef3eb89c2d75c8c079ab12b4518
filename = nginx_conf.in filename = nginx_conf.in
mode = 0644 mode = 0644
...@@ -119,7 +119,7 @@ recipe = hexagonit.recipe.download ...@@ -119,7 +119,7 @@ recipe = hexagonit.recipe.download
ignore-existing = true ignore-existing = true
url = ${:_profile_base_location_}/httpd_conf.in url = ${:_profile_base_location_}/httpd_conf.in
download-only = true download-only = true
md5sum = 21ef5c7c487bdc774d675e33d000975f md5sum = 2e8440fa4b589be649a72108faec7745
filename = httpd_conf.in filename = httpd_conf.in
mode = 0644 mode = 0644
...@@ -135,7 +135,7 @@ location = ${buildout:parts-directory}/${:_buildout_section_name_} ...@@ -135,7 +135,7 @@ location = ${buildout:parts-directory}/${:_buildout_section_name_}
recipe = hexagonit.recipe.download recipe = hexagonit.recipe.download
ignore-existing = true ignore-existing = true
url = ${:_profile_base_location_}/template/${:filename} url = ${:_profile_base_location_}/template/${:filename}
md5sum = f406b91c5b0261b198a1c1930c195071 md5sum = ef16446d432e1397182b1654fe920ffb
location = ${buildout:parts-directory}/${:_buildout_section_name_} location = ${buildout:parts-directory}/${:_buildout_section_name_}
filename = slapos.cfg.in filename = slapos.cfg.in
download-only = true download-only = true
...@@ -203,6 +203,7 @@ eggs = ...@@ -203,6 +203,7 @@ eggs =
slapos.recipe.build slapos.recipe.build
slapos.toolbox[flask_auth] slapos.toolbox[flask_auth]
Gunicorn Gunicorn
futures
${slapos-cookbook:eggs} ${slapos-cookbook:eggs}
[extra-eggs] [extra-eggs]
......
...@@ -102,7 +102,7 @@ RewriteCond %{QUERY_STRING} service=git-receive-pack [OR] ...@@ -102,7 +102,7 @@ RewriteCond %{QUERY_STRING} service=git-receive-pack [OR]
RewriteCond %{REQUEST_URI} /git-receive-pack$ RewriteCond %{REQUEST_URI} /git-receive-pack$
<LocationMatch "^/git/"> <LocationMatch "^/git/">
SetEnv GIT_PROJECT_ROOT:{{ parameters.project_private_folder }} SetEnv GIT_PROJECT_ROOT {{ parameters.project_private_folder }}
Order Deny,Allow Order Deny,Allow
Deny from env=AUTHREQUIRED Deny from env=AUTHREQUIRED
...@@ -113,7 +113,7 @@ RewriteCond %{REQUEST_URI} /git-receive-pack$ ...@@ -113,7 +113,7 @@ RewriteCond %{REQUEST_URI} /git-receive-pack$
</LocationMatch> </LocationMatch>
<LocationMatch "^/git-public/"> <LocationMatch "^/git-public/">
SetEnv GIT_PROJECT_ROOT:{{ parameters.project_public_folder }} SetEnv GIT_PROJECT_ROOT {{ parameters.project_public_folder }}
Order Deny,Allow Order Deny,Allow
Deny from env=AUTHREQUIRED Deny from env=AUTHREQUIRED
......
...@@ -11,7 +11,8 @@ ...@@ -11,7 +11,8 @@
{% if number_of_instances > 2 %} {% if number_of_instances > 2 %}
{% set number_of_instances = 2 %} {% set number_of_instances = 2 %}
{% endif %} {% endif %}
{% set slaprunner_return = ['url', 'ssh-public-key', 'ssh-url', 'notification-id', 'ip', 'backend_url', 'url', 'ssh_command', 'access_url', '1_info', '2_info', 'webdav_url', 'public_url', 'git_public_url', 'git_private_url'] -%}
{% set slaprunner_return = ['init-user', 'init-password', 'url', 'ssh-public-key', 'ssh-url', 'notification-id', 'ip', 'backend-url', 'url', 'ssh-command', 'webdav-url', 'public-url', 'git-public-url', 'git-private-url'] -%}
{% set monitor_return = ['monitor-base-url', 'monitor-url', 'monitor-user', 'monitor-password'] -%} {% set monitor_return = ['monitor-base-url', 'monitor-url', 'monitor-user', 'monitor-password'] -%}
{% set monitor_parameter = {'monitor-cors-domains': slapparameter_dict.pop('monitor-cors-domains', "monitor.app.officejs.com")} -%} {% set monitor_parameter = {'monitor-cors-domains': slapparameter_dict.pop('monitor-cors-domains', "monitor.app.officejs.com")} -%}
{% set monitor_dict = {'parameter': monitor_parameter, 'return': monitor_return, 'set-monitor-url': True} -%} {% set monitor_dict = {'parameter': monitor_parameter, 'return': monitor_return, 'set-monitor-url': True} -%}
...@@ -55,21 +56,20 @@ return = {{ slaprunner_return | join(' ')}} {{ monitor_return | join(' ') }} ...@@ -55,21 +56,20 @@ return = {{ slaprunner_return | join(' ')}} {{ monitor_return | join(' ') }}
[publish-connection-information] [publish-connection-information]
recipe = slapos.cookbook:publish recipe = slapos.cookbook:publish
1_info = ${request-runner:connection-1_info} backend-url = ${request-runner:connection-backend-url}
2_info = ${request-runner:connection-2_info}
backend_url = ${request-runner:connection-backend_url}
access_url = ${request-runner:connection-access_url}
url = ${request-runner:connection-url} url = ${request-runner:connection-url}
ssh_command = ${request-runner:connection-ssh_command} init-user = ${request-runner:connection-init-user}
webdav_url = ${request-runner:connection-webdav_url} init-password = ${request-runner:connection-init-password}
public_url = ${request-runner:connection-public_url} ssh-command = ${request-runner:connection-ssh-command}
git_public_url = ${request-runner:connection-git_public_url} webdav-url = ${request-runner:connection-webdav-url}
git_private_url = ${request-runner:connection-git_private_url} public-url = ${request-runner:connection-public-url}
git-public-url = ${request-runner:connection-git-public-url}
git-private-url = ${request-runner:connection-git-private-url}
{% if slapparameter_dict.get('custom-frontend-backend-url') -%} {% if slapparameter_dict.get('custom-frontend-backend-url') -%}
custom-frontend-url = ${request-runner:connection-custom-frontend-url} custom-frontend-url = ${request-runner:connection-custom-frontend-url}
{% endif %} {% endif %}
monitor-base-url = ${request-runner:connection-monitor-base-url} monitor-base-url = ${request-runner:connection-monitor-base-url}
monitor_setup_url = {{ monitor_interface_url }}/#page=settings_configurator&url=${request-runner:connection-monitor-url}&username=${request-runner:connection-monitor-user}&password=${request-runner:connection-monitor-password} monitor-setup-url = {{ monitor_interface_url }}/#page=settings_configurator&url=${request-runner:connection-monitor-url}&username=${request-runner:connection-monitor-user}&password=${request-runner:connection-monitor-password}
[slap-parameter] [slap-parameter]
# Default parameters for distributed deployment # Default parameters for distributed deployment
......
...@@ -23,7 +23,6 @@ parts += ...@@ -23,7 +23,6 @@ parts +=
symlinks symlinks
shellinabox shellinabox
slapos-cfg slapos-cfg
slapos-repo
cron-entry-prepare-software cron-entry-prepare-software
deploy-instance-parameters deploy-instance-parameters
instance-software instance-software
...@@ -56,7 +55,6 @@ context = ...@@ -56,7 +55,6 @@ context =
monitor-httpd-port = 8437 monitor-httpd-port = 8437
# Pass some parameter to dispay in monitoring interface # Pass some parameter to dispay in monitoring interface
instance-configuration = instance-configuration =
file recovery-code $${recovery-code:storage-path}
httpdcors cors-domain $${slaprunner-httpd-cors:location} $${httpd-graceful-wrapper:output} httpdcors cors-domain $${slaprunner-httpd-cors:location} $${httpd-graceful-wrapper:output}
raw webrunner-url https://$${request-frontend:connection-domain} raw webrunner-url https://$${request-frontend:connection-domain}
......
...@@ -19,7 +19,6 @@ parts += ...@@ -19,7 +19,6 @@ parts +=
shellinabox shellinabox
symlinks symlinks
slapos-cfg slapos-cfg
slapos-repo
cron-entry-prepare-software cron-entry-prepare-software
deploy-instance-parameters deploy-instance-parameters
instance-software-type instance-software-type
......
...@@ -20,7 +20,6 @@ parts = ...@@ -20,7 +20,6 @@ parts =
symlinks symlinks
shellinabox shellinabox
slapos-cfg slapos-cfg
slapos-repo
cron-entry-prepare-software cron-entry-prepare-software
deploy-instance-parameters deploy-instance-parameters
instance-software instance-software
...@@ -120,12 +119,6 @@ sessions = $${buildout:directory}/.sessions ...@@ -120,12 +119,6 @@ sessions = $${buildout:directory}/.sessions
private-project = $${:home}/.git-private private-project = $${:home}/.git-private
public-project = $${:home}/.git-public public-project = $${:home}/.git-public
#Create password recovery code for slaprunner
[recovery-code]
recipe = slapos.cookbook:generate.password
storage-path = $${directory:etc}/.rcode
bytes = 8
[slaprunner] [slaprunner]
slaprunner = ${buildout:directory}/bin/slaprunner slaprunner = ${buildout:directory}/bin/slaprunner
slapos = ${buildout:directory}/bin/slapos slapos = ${buildout:directory}/bin/slapos
...@@ -171,6 +164,9 @@ instance_info_json = $${runnerdirectory:home}/instance_info.json ...@@ -171,6 +164,9 @@ instance_info_json = $${runnerdirectory:home}/instance_info.json
path = $${shell:path} path = $${shell:path}
instance_name = $${slap-parameter:instance-name} instance_name = $${slap-parameter:instance-name}
default_repository = $${slap-parameter:slapos-repository}
default_repository_branch = $${slap-parameter:slapos-reference}
#--------------------------- #---------------------------
#-- #--
...@@ -311,7 +307,7 @@ global_ip = $${slap-network-information:global-ipv6} ...@@ -311,7 +307,7 @@ global_ip = $${slap-network-information:global-ipv6}
global_port = $${slap-parameter:slaprunner-httpd-port} global_port = $${slap-parameter:slaprunner-httpd-port}
working_directory = $${slaprunner:working-directory} working_directory = $${slaprunner:working-directory}
dav_lock = $${directory:var}/WebDavLock dav_lock = $${directory:var}/WebDavLock
htpasswd_file = $${monitor-httpd-conf-parameter:htpasswd-file} htpasswd_file = $${directory:etc}/.htpasswd
etc_dir = $${directory:etc} etc_dir = $${directory:etc}
var_dir = $${directory:var} var_dir = $${directory:var}
project_folder = $${directory:project} project_folder = $${directory:project}
...@@ -377,7 +373,7 @@ path_pid = $${directory:run}/gunicorn.pid ...@@ -377,7 +373,7 @@ path_pid = $${directory:run}/gunicorn.pid
[gunicorn-launcher] [gunicorn-launcher]
recipe = slapos.cookbook:wrapper recipe = slapos.cookbook:wrapper
command-line = $${gunicorn:bin_gunicorn} slapos.runner.run:app -p $${gunicorn:path_pid} -b unix:$${gunicorn:socket} -e RUNNER_CONFIG=$${slaprunner:slapos.cfg} --error-logfile $${directory:log}/$${:error-log-file} --log-level error --preload command-line = $${gunicorn:bin_gunicorn} slapos.runner.run:app -p $${gunicorn:path_pid} -b unix:$${gunicorn:socket} -e RUNNER_CONFIG=$${slaprunner:slapos.cfg} --error-logfile $${directory:log}/$${:error-log-file} --timeout 200 --threads 3 --log-level error --preload
error-log-file = gunicorn-error.log error-log-file = gunicorn-error.log
wrapper-path = $${gunicorn:bin_launcher} wrapper-path = $${gunicorn:bin_launcher}
environment = PATH=$${environ:PATH}:${git:location}/bin/ environment = PATH=$${environ:PATH}:${git:location}/bin/
...@@ -458,26 +454,44 @@ dash_path = {{ dash_executable_location }} ...@@ -458,26 +454,44 @@ dash_path = {{ dash_executable_location }}
curl_path = {{ curl_executable_location }} curl_path = {{ curl_executable_location }}
check-secure = 1 check-secure = 1
[htpasswd]
recipe = slapos.cookbook:generate.password
storage-path = $${directory:etc}/.pwd
bytes = 8
[runner-htpasswd]
recipe = plone.recipe.command
stop-on-error = true
htpasswd-path = $${monitor-directory:etc}/.htpasswd
command = if [ ! -f "$${:htpasswd-path}" ]; then ${apache:location}//bin/htpasswd -cb $${:htpasswd-path} $${:user} $${:password}; fi
update-command = $${:command}
user = admin
{% if slapparameter_dict.get('monitor-password', '') -%}
password = {{ slapparameter_dict['monitor-password'] }}
{% else -%}
password = $${htpasswd:passwd}
{% endif -%}
#-------------------------------------- #--------------------------------------
#-- #--
#-- Send information to SlapOS Master #-- Send information to SlapOS Master
[publish-connection-information] [publish-connection-information]
recipe = slapos.cookbook:publish recipe = slapos.cookbook:publish
1_info = On your first run, Use "access_url" to setup you account. Then you can use both "url" or "access_url". Or "backend_url" if you want to use ipv6. Set up your account in the webrunner in order to use webdav, and being able to clone your git repositories from the runner. backend-url = $${slaprunner:access-url}
2_info = In order to set up your account, get the recovery-code from the monitoring interface. Use "monitor_setup_url" to configure monitor instance.
backend_url = $${slaprunner:access-url}
access_url = $${:url}/login
url = https://$${request-frontend:connection-domain} url = https://$${request-frontend:connection-domain}
ssh_command = ssh $${dropbear-runner-server:host} -p $${dropbear-runner-server:port} init-user = $${runner-htpasswd:user}
webdav_url = $${request-httpd-frontend:connection-secure_access}/share/ init-password = $${runner-htpasswd:password}
public_url = $${request-httpd-frontend:connection-secure_access}/public/ ssh-command = ssh $${dropbear-runner-server:host} -p $${dropbear-runner-server:port}
git_public_url = https://[$${httpd-parameters:global_ip}]:$${httpd-parameters:global_port}/git-public/ webdav-url = $${request-httpd-frontend:connection-secure_access}/share/
git_private_url = https://[$${httpd-parameters:global_ip}]:$${httpd-parameters:global_port}/git/ public-url = $${request-httpd-frontend:connection-secure_access}/public/
git-public-url = https://[$${httpd-parameters:global_ip}]:$${httpd-parameters:global_port}/git-public/
git-private-url = https://[$${httpd-parameters:global_ip}]:$${httpd-parameters:global_port}/git/
monitor-base-url = $${publish:monitor-base-url} monitor-base-url = $${publish:monitor-base-url}
{% if slapparameter_dict.get('instance-type', '') != 'resilient' -%} {% if slapparameter_dict.get('instance-type', '') != 'resilient' -%}
{% set monitor_interface_url = slapparameter_dict.get('monitor-interface-url', 'https://monitor.app.officejs.com') -%} {% set monitor_interface_url = slapparameter_dict.get('monitor-interface-url', 'https://monitor.app.officejs.com') -%}
monitor_setup_url = {{ monitor_interface_url }}/#page=settings_configurator&url=$${publish:monitor-url}&username=$${publish:monitor-user}&password=$${publish:monitor-password} monitor-setup-url = {{ monitor_interface_url }}/#page=settings_configurator&url=$${publish:monitor-url}&username=$${publish:monitor-user}&password=$${publish:monitor-password}
{% else -%} {% else -%}
monitor-url = $${publish:monitor-url} monitor-url = $${publish:monitor-url}
monitor-user = $${publish:monitor-user} monitor-user = $${publish:monitor-user}
...@@ -528,7 +542,7 @@ auto-deploy-instance = true ...@@ -528,7 +542,7 @@ auto-deploy-instance = true
autorun = false autorun = false
slaprunner-httpd-port = $${:monitor-port} slaprunner-httpd-port = $${:monitor-port}
# XXX - for backward compatibility, monitor-port was for slaprunner httpd server # XXX - for backward compatibility, monitor-port was for slaprunner httpd server
monitor-port = 9684 monitor-port = 9686
instance-name = instance-name =
monitor-cors-domains = monitor-cors-domains =
monitor-interface-url = monitor-interface-url =
...@@ -579,14 +593,6 @@ ps1 = "\\w> " ...@@ -579,14 +593,6 @@ ps1 = "\\w> "
[environ] [environ]
recipe = collective.recipe.environment recipe = collective.recipe.environment
[slapos-repo]
recipe = slapos.recipe.build:gitclone
repository = $${slap-parameter:slapos-repository}
git-executable = ${git:location}/bin/git
develop = true
location = $${directory:project}/slapos
branch = $${slap-parameter:slapos-reference}
[prepare-software] [prepare-software]
recipe = slapos.cookbook:wrapper recipe = slapos.cookbook:wrapper
command-line = ${curl:location}/bin/curl -g https://[$${slaprunner:ipv6}]:$${slaprunner:runner_port}/isSRReady --max-time 1 --insecure command-line = ${curl:location}/bin/curl -g https://[$${slaprunner:ipv6}]:$${slaprunner:runner_port}/isSRReady --max-time 1 --insecure
...@@ -732,9 +738,7 @@ cors-domains = {{ slapparameter_dict.get('monitor-cors-domains', 'monitor.app.of ...@@ -732,9 +738,7 @@ cors-domains = {{ slapparameter_dict.get('monitor-cors-domains', 'monitor.app.of
{% if slapparameter_dict.get('monitor-username', '') -%} {% if slapparameter_dict.get('monitor-username', '') -%}
username = {{ slapparameter_dict['monitor-username'] }} username = {{ slapparameter_dict['monitor-username'] }}
{% endif -%} {% endif -%}
{% if slapparameter_dict.get('monitor-password', '') -%} password = $${runner-htpasswd:password}
password = {{ slapparameter_dict['monitor-password'] }}
{% endif -%}
{% if slapparameter_dict.get('monitor-url-list', '') -%} {% if slapparameter_dict.get('monitor-url-list', '') -%}
monitor-url-list = {{ slapparameter_dict['monitor-url-list'] }} monitor-url-list = {{ slapparameter_dict['monitor-url-list'] }}
{% endif -%} {% endif -%}
...@@ -742,7 +746,6 @@ monitor-url-list = {{ slapparameter_dict['monitor-url-list'] }} ...@@ -742,7 +746,6 @@ monitor-url-list = {{ slapparameter_dict['monitor-url-list'] }}
{% if not slapparameter_dict.get('authorized-key', '') -%} {% if not slapparameter_dict.get('authorized-key', '') -%}
# Pass some parameter to dispay in monitoring interface # Pass some parameter to dispay in monitoring interface
instance-configuration = instance-configuration =
file recovery-code $${recovery-code:storage-path}
httpdcors cors-domain $${slaprunner-httpd-cors:location} $${httpd-graceful-wrapper:output} httpdcors cors-domain $${slaprunner-httpd-cors:location} $${httpd-graceful-wrapper:output}
raw webrunner-url https://$${request-frontend:connection-domain} raw webrunner-url https://$${request-frontend:connection-domain}
{% endif -%} {% endif -%}
......
...@@ -57,10 +57,14 @@ http { ...@@ -57,10 +57,14 @@ http {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $http_host; proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header X-Accel-Mapping /private/; proxy_set_header X-Accel-Mapping /private/;
proxy_connect_timeout 200;
proxy_send_timeout 200;
proxy_read_timeout 200;
send_timeout 200;
proxy_pass http://unix:{{ socket }}; proxy_pass http://unix:{{ socket }};
} }
location ~ ^(/login|/doLogin|/static|/setAccount|/configAccount|/slapgridResult|/isSRReady) { location ~ ^(/login|/doLogin|/static|/slapgridResult|/isSRReady) {
proxy_redirect off; proxy_redirect off;
proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
......
...@@ -14,6 +14,7 @@ cns.recipe.symlink = 0.2.3 ...@@ -14,6 +14,7 @@ cns.recipe.symlink = 0.2.3
collective.recipe.environment = 0.2.0 collective.recipe.environment = 0.2.0
ecdsa = 0.13 ecdsa = 0.13
erp5.util = 0.4.44 erp5.util = 0.4.44
futures = 3.0.5
gitdb = 0.6.4 gitdb = 0.6.4
gunicorn = 19.5.0 gunicorn = 19.5.0
prettytable = 0.7.2 prettytable = 0.7.2
...@@ -41,3 +42,7 @@ lockfile = 0.12.2 ...@@ -41,3 +42,7 @@ lockfile = 0.12.2
# Required by: # Required by:
# slapos.toolbox==0.56 # slapos.toolbox==0.56
paramiko = 2.0.1 paramiko = 2.0.1
# Required by:
# slapos.toolbox==0.55
passlib = 1.6.5
\ No newline at end of file
...@@ -37,6 +37,8 @@ minishell_cwd_file = {{ slaprunner['minishell_cwd_file'] }} ...@@ -37,6 +37,8 @@ minishell_cwd_file = {{ slaprunner['minishell_cwd_file'] }}
minishell_history_file = {{ slaprunner['minishell_history_file'] }} minishell_history_file = {{ slaprunner['minishell_history_file'] }}
path = {{ slaprunner['path'] }} path = {{ slaprunner['path'] }}
instance_name = {{ slaprunner['instance_name'] }} instance_name = {{ slaprunner['instance_name'] }}
default_repository = {{ slaprunner['default_repository'] }}
default_repository_branch = {{ slaprunner['default_repository_branch'] }}
[slapproxy] [slapproxy]
host = {{ slaprunner['ipv4'] }} host = {{ slaprunner['ipv4'] }}
......
...@@ -26,12 +26,6 @@ download-only = true ...@@ -26,12 +26,6 @@ download-only = true
url = ${:_profile_base_location_}/${:filename} url = ${:_profile_base_location_}/${:filename}
mode = 0644 mode = 0644
[monitor-web-base]
<= monitor-download-base
url = ${:_profile_base_location_}/web/${:filename}
destination = ${buildout:parts-directory}/monitor-web
on-update = true
[monitor-template-base] [monitor-template-base]
<= monitor-download-base <= monitor-download-base
url = ${:_profile_base_location_}/templates/${:filename} url = ${:_profile_base_location_}/templates/${:filename}
...@@ -46,6 +40,7 @@ on-update = true ...@@ -46,6 +40,7 @@ on-update = true
[monitor-eggs] [monitor-eggs]
recipe = zc.recipe.egg recipe = zc.recipe.egg
eggs = eggs =
plone.recipe.command
collective.recipe.template collective.recipe.template
cns.recipe.symlink cns.recipe.symlink
...@@ -61,14 +56,9 @@ eggs = ...@@ -61,14 +56,9 @@ eggs =
# Monitor templates files # Monitor templates files
[monitor-httpd-conf] [monitor-httpd-conf]
<= monitor-template-base <= monitor-template-base
md5sum = 65cf2c8f5cfffa509ec3fc06b37e7509 md5sum = 40dc51fc156f1ad7eb94be7f3cbf08b4
filename = monitor-httpd.conf.in filename = monitor-httpd.conf.in
[monitor-service-conf-template]
<= monitor-template-base
filename = monitor-service.cfg.in
md5sum = 5913d2a0096b50537f394a49b762b3e5
[monitor-template-wrapper] [monitor-template-wrapper]
<= monitor-template-base <= monitor-template-base
filename = wrapper.in filename = wrapper.in
...@@ -100,7 +90,7 @@ recipe = slapos.recipe.template:jinja2 ...@@ -100,7 +90,7 @@ recipe = slapos.recipe.template:jinja2
filename = template-monitor.cfg filename = template-monitor.cfg
template = ${:_profile_base_location_}/instance-monitor.cfg.jinja2.in template = ${:_profile_base_location_}/instance-monitor.cfg.jinja2.in
rendered = ${buildout:directory}/template-monitor.cfg rendered = ${buildout:directory}/template-monitor.cfg
md5sum = 9d6f50e616655c1ae11ace419ac2861e md5sum = 7ac78495de73cadafea87f97428e487f
context = context =
key apache_location apache:location key apache_location apache:location
key gzip_location gzip:location key gzip_location gzip:location
...@@ -111,13 +101,11 @@ context = ...@@ -111,13 +101,11 @@ context =
raw monitor_https_cors ${monitor-httpd-cors:location}/${monitor-httpd-cors:filename} raw monitor_https_cors ${monitor-httpd-cors:location}/${monitor-httpd-cors:filename}
raw monitor_instance_info ${monitor-instance-info:location}/${monitor-instance-info:filename} raw monitor_instance_info ${monitor-instance-info:location}/${monitor-instance-info:filename}
raw monitor_globalstate ${monitor-globalstate:location}/${monitor-globalstate:filename} raw monitor_globalstate ${monitor-globalstate:location}/${monitor-globalstate:filename}
raw monitor_password_promise_template ${monitor-password-promise:location}/${monitor-password-promise:filename}
raw curl_executable_location ${curl:location}/bin/curl raw curl_executable_location ${curl:location}/bin/curl
raw dash_executable_location ${dash:location}/bin/dash raw dash_executable_location ${dash:location}/bin/dash
raw dcron_executable_location ${dcron:location}/sbin/crond raw dcron_executable_location ${dcron:location}/sbin/crond
raw logrotate_executable_location ${logrotate:location}/usr/sbin/logrotate raw logrotate_executable_location ${logrotate:location}/usr/sbin/logrotate
raw monitor_httpd_template ${monitor-httpd-conf:location}/${monitor-httpd-conf:filename} raw monitor_httpd_template ${monitor-httpd-conf:location}/${monitor-httpd-conf:filename}
raw monitor_service_conf_template ${monitor-service-conf-template:location}/${monitor-service-conf-template:filename}
raw openssl_executable_location ${openssl:location}/bin/openssl raw openssl_executable_location ${openssl:location}/bin/openssl
raw python_executable ${buildout:executable} raw python_executable ${buildout:executable}
raw python_with_eggs ${buildout:directory}/bin/${extra-eggs:interpreter} raw python_with_eggs ${buildout:directory}/bin/${extra-eggs:interpreter}
...@@ -131,31 +119,26 @@ depends = ...@@ -131,31 +119,26 @@ depends =
[monitor2-bin] [monitor2-bin]
<= monitor-template-script <= monitor-template-script
filename = monitor.py filename = monitor.py
md5sum = 280412f9024030c8cae343c2b07e5130 md5sum = 5525e7445dab16fd03f4eeccf069b74b
[run-promise-py] [run-promise-py]
recipe = slapos.recipe.template:jinja2 recipe = slapos.recipe.template:jinja2
template = ${:_profile_base_location_}/scripts/run-promise.py template = ${:_profile_base_location_}/scripts/run-promise.py
rendered = ${buildout:parts-directory}/monitor-scripts/run-promise.py rendered = ${buildout:parts-directory}/monitor-scripts/run-promise.py
md5sum = 641c6917bbd19a7abaebb120ccd4e713 md5sum = 97148dfbb730cc4f55ed54513ce823e0
mode = 0755 mode = 0755
context = context =
raw python ${buildout:directory}/bin/${extra-eggs:interpreter} raw python ${buildout:directory}/bin/${extra-eggs:interpreter}
[monitor-password-promise]
<= monitor-template-script
filename = monitor-password-promise.py
md5sum = f7e937d6619eb674f39f34718928d91d
[status2rss-executable] [status2rss-executable]
<= monitor-template-script <= monitor-template-script
filename = status2rss.py filename = status2rss.py
md5sum = f297779d0881f4bd48081506efb492a4 md5sum = 88e3bf955e1e4eac76a444d50fa4f020
[monitor-globalstate] [monitor-globalstate]
<= monitor-template-script <= monitor-template-script
filename = globalstate.py filename = globalstate.py
md5sum = 1ebead4480d62d5e1d2612c2d9f4e1d8 md5sum = 3377e325baa4ecfcd6eee06945fb69fc
[monitor-collect] [monitor-collect]
<= monitor-template-script <= monitor-template-script
...@@ -165,12 +148,9 @@ md5sum = 78fbcb56761315bde354fe7914d3c54f ...@@ -165,12 +148,9 @@ md5sum = 78fbcb56761315bde354fe7914d3c54f
[monitor-document-edit] [monitor-document-edit]
<= monitor-template-script <= monitor-template-script
filename = monitor-document.py filename = monitor-document.py
md5sum = f3e557e5d81291a22d6d2837a9e37bd0 md5sum = 399ff4939b55ff74e6d48bec5a495981
[versions]
PyRSS2Gen = 1.1
cns.recipe.symlink = 0.2.3
[make-rss-script]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/make-rss.sh.in
md5sum = 98c8f6fd81e405b0ad10db07c3776321
output = ${buildout:directory}/template-make-rss.sh.in
mode = 0644
...@@ -78,13 +78,8 @@ public = ${directory:monitor}/public ...@@ -78,13 +78,8 @@ public = ${directory:monitor}/public
private = ${directory:monitor}/private private = ${directory:monitor}/private
services = ${directory:services} services = ${directory:services}
services-conf = ${directory:etc}/monitor.conf.d services-conf = ${directory:etc}/monitor.conf.d
www = ${directory:monitor}/web
web-dir = ${directory:monitor}/web
log = ${directory:log}/monitor log = ${directory:log}/monitor
monitor-var = ${directory:var}/monitor monitor-var = ${directory:var}/monitor
monitor-password-var = ${monitor-directory:monitor-var}/password
monitor-password-interface = ${monitor-directory:monitor-password-var}/password/interface
monitor-status2rss-var = ${monitor-directory:monitor-var}/status2rss
[logrotate-directory] [logrotate-directory]
recipe = slapos.cookbook:mkdirectory recipe = slapos.cookbook:mkdirectory
...@@ -135,7 +130,6 @@ public-folder = ${monitor-directory:public} ...@@ -135,7 +130,6 @@ public-folder = ${monitor-directory:public}
private-folder = ${monitor-directory:private} private-folder = ${monitor-directory:private}
webdav-folder = ${monitor-directory:webdav} webdav-folder = ${monitor-directory:webdav}
report-folder = ${monitor-directory:reports} report-folder = ${monitor-directory:reports}
web-folder = ${monitor-directory:web-dir}
base-url = ${monitor-instance-parameter:monitor-base-url} base-url = ${monitor-instance-parameter:monitor-base-url}
monitor-hal-json = ${monitor-directory:public}/monitor.hal.json monitor-hal-json = ${monitor-directory:public}/monitor.hal.json
service-pid-folder = ${monitor-directory:pids} service-pid-folder = ${monitor-directory:pids}
...@@ -230,7 +224,6 @@ password = ${monitor-instance-parameter:password} ...@@ -230,7 +224,6 @@ password = ${monitor-instance-parameter:password}
listening-ip = ${monitor-instance-parameter:monitor-httpd-ipv6} listening-ip = ${monitor-instance-parameter:monitor-httpd-ipv6}
port = ${monitor-instance-parameter:monitor-httpd-port} port = ${monitor-instance-parameter:monitor-httpd-port}
pid-file = ${directory:run}/monitor-httpd.pid pid-file = ${directory:run}/monitor-httpd.pid
cgid-pid-file = ${directory:run}/cgid.pid
access-log = ${monitor-directory:log}/monitor-httpd-access.log access-log = ${monitor-directory:log}/monitor-httpd-access.log
error-log = ${monitor-directory:log}/monitor-httpd-error.log error-log = ${monitor-directory:log}/monitor-httpd-error.log
cert-file = ${ca-directory:certs}/httpd.crt cert-file = ${ca-directory:certs}/httpd.crt
...@@ -279,7 +272,7 @@ command = kill -USR1 $(cat ${monitor-httpd-conf-parameter:pid-file}) ...@@ -279,7 +272,7 @@ command = kill -USR1 $(cat ${monitor-httpd-conf-parameter:pid-file})
[monitor-status2rss-wrapper] [monitor-status2rss-wrapper]
recipe = slapos.cookbook:wrapper recipe = slapos.cookbook:wrapper
# XXX - hard-coded Urls # XXX - hard-coded Urls
command-line = {{ python_with_eggs }} {{ status2rss_executable_path }} --output '${monitor-directory:public}/feed' --items_folder '${monitor-directory:public}' --public_url '${monitor-conf-parameters:base-url}/share/jio_public/' --private_url '${monitor-conf-parameters:base-url}/share/jio_private/' --instance_name '${monitor-conf-parameters:title}' --hosting_name '${monitor-conf-parameters:root-title}' command-line = {{ python_with_eggs }} {{ status2rss_executable_path }} --output '${monitor-directory:public}/feed' --items_folder '${monitor-directory:public}' --feed_url '${monitor-conf-parameters:base-url}/public/feed' --public_url '${monitor-conf-parameters:base-url}/share/jio_public/' --private_url '${monitor-conf-parameters:base-url}/share/jio_private/' --instance_name '${monitor-conf-parameters:title}' --hosting_name '${monitor-conf-parameters:root-title}'
wrapper-path = ${directory:bin}/monitor-status2rss.py wrapper-path = ${directory:bin}/monitor-status2rss.py
...@@ -324,45 +317,6 @@ check-secure = 1 ...@@ -324,45 +317,6 @@ check-secure = 1
dash_path = {{ dash_executable_location }} dash_path = {{ dash_executable_location }}
curl_path = {{ curl_executable_location }} curl_path = {{ curl_executable_location }}
[monitor-httpd-promise-conf]
recipe = slapos.recipe.template:jinja2
rendered = ${directory:monitor-promise}/${monitor-httpd-promise:filename}.cfg
template = {{ monitor_service_conf_template }}
mode = 0644
context = section parameter_dict monitor-httpd-promise-conf-parameter
[monitor-httpd-promise-conf-parameter]
title = Monitor httpd listening
# frequency 5 minute hour day mounth weekday
frequency = */5 * * * *
public-path-list = ${monitor-httpd-conf-parameter:access-log} ${monitor-httpd-conf-parameter:error-log}
#private-path-list =
[monitor-password-parameter]
password-changed-once-path = ${directory:var}/monitor-password-changed-once
[monitor-password-promise]
recipe = slapos.recipe.template:jinja2
template = {{ monitor_password_promise_template }}
rendered = ${directory:monitor-promise}/${:filename}
filename = monitor-password
mode = 0755
context =
raw python_executable {{ python_executable }}
key password_changed_once_path monitor-password-parameter:password-changed-once-path
[monitor-password-promise-conf-parameter]
title = Monitor password
frequency = */5 * * * *
private-path-list = ${monitor-directory:monitor-password-interface}
[monitor-password-promise-conf]
recipe = slapos.recipe.template:jinja2
template = {{ monitor_service_conf_template }}
rendered = ${directory:monitor-promise}/${monitor-password-promise:filename}.cfg
mode = 0644
context = section parameter_dict monitor-password-promise-conf-parameter
[publish] [publish]
# XXX depends on monitor-base section # XXX depends on monitor-base section
monitor-base-url = ${monitor-base:base-url} monitor-base-url = ${monitor-base:base-url}
...@@ -376,6 +330,7 @@ monitor-httpd-ipv6 = ${slap-configuration:ipv6-random} ...@@ -376,6 +330,7 @@ monitor-httpd-ipv6 = ${slap-configuration:ipv6-random}
monitor-httpd-port = 8196 monitor-httpd-port = 8196
# XXX - Set monitor-base-url = ${monitor-httpd-conf-parameter:url} => https://[ipv6]:port # XXX - Set monitor-base-url = ${monitor-httpd-conf-parameter:url} => https://[ipv6]:port
monitor-base-url = ${monitor-frontend-promise:url} monitor-base-url = ${monitor-frontend-promise:url}
# monitor-base-url = ${monitor-httpd-conf-parameter:url}
root-instance-title = ${slap-configuration:root-instance-title} root-instance-title = ${slap-configuration:root-instance-title}
monitor-url-list = monitor-url-list =
cors-domains = monitor.app.officejs.com cors-domains = monitor.app.officejs.com
...@@ -390,6 +345,8 @@ instance-configuration = ...@@ -390,6 +345,8 @@ instance-configuration =
configuration-file-path = ${monitor-directory:etc}/monitor_knowledge0.cfg configuration-file-path = ${monitor-directory:etc}/monitor_knowledge0.cfg
interface-url = https://monitor.app.officejs.com
[monitor-frontend] [monitor-frontend]
<= slap-connection <= slap-connection
recipe = slapos.cookbook:requestoptional recipe = slapos.cookbook:requestoptional
...@@ -427,7 +384,6 @@ depends = ...@@ -427,7 +384,6 @@ depends =
${monitor-httpd-promise:filename} ${monitor-httpd-promise:filename}
${monitor-status2rss-cron-entry:name} ${monitor-status2rss-cron-entry:name}
#[buildout] [monitor-publish]
#parts = monitor-base-url = ${publish:monitor-base-url}
# monitor-base monitor-setup-url = ${monitor-instance-parameter:interface-url}/#page=settings_configurator&url=${publish:monitor-url}&username=$${publish:monitor-user}&password=${publish:monitor-password}
# publish
#!${dash-output:dash}
STATUS_DB={{ monitor_parameters['db-path'] }}
RSS_FILE={{ monitor_parameters['rss-path'] }}
PYTHON=${buildout:directory}/bin/${extra-eggs:interpreter}
STATUS2RSS=${rss-bin:location}/${rss-bin:filename}
$PYTHON $STATUS2RSS "Monitoring RSS feed" "{{ monitor_parameters['url'] }}/{{ monitor_parameters['index-filename'] }}" $STATUS_DB > $RSS_FILE
...@@ -53,6 +53,8 @@ def main(args_list): ...@@ -53,6 +53,8 @@ def main(args_list):
statistic_folder = os.path.join(base_folder, 'data', '.jio_documents') statistic_folder = os.path.join(base_folder, 'data', '.jio_documents')
parameter_file = os.path.join(base_folder, 'config', '.jio_documents', 'config.json') parameter_file = os.path.join(base_folder, 'config', '.jio_documents', 'config.json')
report_date = datetime.now().strftime('%Y-%m-%d %H:%M:%S')
if not os.path.exists(statistic_folder): if not os.path.exists(statistic_folder):
try: try:
os.makedirs(statistic_folder) os.makedirs(statistic_folder)
...@@ -66,7 +68,6 @@ def main(args_list): ...@@ -66,7 +68,6 @@ def main(args_list):
glob.glob("%s/*.status.json" % status_folder) glob.glob("%s/*.status.json" % status_folder)
) )
error = warning = success = 0 error = warning = success = 0
latest_date = ''
status = 'OK' status = 'OK'
promise_list = [] promise_list = []
global_state_file = os.path.join(base_folder, 'monitor.global.json') global_state_file = os.path.join(base_folder, 'monitor.global.json')
...@@ -84,18 +85,13 @@ def main(args_list): ...@@ -84,18 +85,13 @@ def main(args_list):
success += 1 success += 1
elif tmp_json['status'] == 'WARNING': elif tmp_json['status'] == 'WARNING':
warning += 1 warning += 1
if tmp_json['start-date'] > latest_date:
latest_date = tmp_json['start-date']
tmp_json['time'] = tmp_json['start-date'].split(' ')[1] tmp_json['time'] = tmp_json['start-date'].split(' ')[1]
del tmp_json['start-date']
promise_list.append(tmp_json) promise_list.append(tmp_json)
if error: if error:
status = 'ERROR' status = 'ERROR'
elif warning: elif warning:
status = 'WARNING' status = 'WARNING'
if not latest_date:
latest_date = datetime.now().strftime('%Y-%m-%d %H:%M:%S')
global_state_dict = dict( global_state_dict = dict(
status=status, status=status,
...@@ -105,7 +101,7 @@ def main(args_list): ...@@ -105,7 +101,7 @@ def main(args_list):
'warning': warning, 'warning': warning,
}, },
type='global', type='global',
date=latest_date, date=report_date,
_links={"rss_url": {"href": "%s/public/feed" % base_url}, _links={"rss_url": {"href": "%s/public/feed" % base_url},
"public_url": {"href": "%s/share/jio_public/" % base_url}, "public_url": {"href": "%s/share/jio_public/" % base_url},
"private_url": {"href": "%s/share/jio_private/" % base_url} "private_url": {"href": "%s/share/jio_private/" % base_url}
...@@ -150,7 +146,7 @@ def main(args_list): ...@@ -150,7 +146,7 @@ def main(args_list):
# Public information with the link to private folder # Public information with the link to private folder
public_state_dict = dict( public_state_dict = dict(
status=status, status=status,
date=latest_date, date=report_date,
_links={'monitor': {'href': '%s/share/jio_private/' % base_url}}, _links={'monitor': {'href': '%s/share/jio_private/' % base_url}},
title=global_state_dict.get('title', '') title=global_state_dict.get('title', '')
) )
......
...@@ -63,7 +63,10 @@ def httpdCorsDomainWrite(httpd_cors_file, httpd_gracefull_bin, cors_domain): ...@@ -63,7 +63,10 @@ def httpdCorsDomainWrite(httpd_cors_file, httpd_gracefull_bin, cors_domain):
try: try:
with open(old_httpd_cors_file, 'r') as cors_file: with open(old_httpd_cors_file, 'r') as cors_file:
if cors_file.read() == cors_domain: if cors_file.read() == cors_domain:
return True if os.path.exists(httpd_cors_file) and (os.stat(httpd_cors_file).st_size > 0
or (cors_domain == "" and os.stat(httpd_cors_file).st_size == 0)):
# Skip if cors file is not empty
return True
except OSError, e: except OSError, e:
print "Failed to open file at %s. \n%s" % (old_httpd_cors_file, str(e)) print "Failed to open file at %s. \n%s" % (old_httpd_cors_file, str(e))
for domain in cors_domain_list: for domain in cors_domain_list:
......
#!/usr/bin/env python
password_changed_once_path = "{{ password_changed_once_path }}"
import os
def main():
if os.path.exists(password_changed_once_path):
print('{"status":"OK"}')
return 0
print('{"status":"BAD","message":"Password never changed"}')
return 1
if __name__ == "__main__":
exit(main())
...@@ -8,10 +8,9 @@ import json ...@@ -8,10 +8,9 @@ import json
import ConfigParser import ConfigParser
import traceback import traceback
import argparse import argparse
import time
import glob
import urllib2 import urllib2
import ssl import ssl
import glob
from datetime import datetime from datetime import datetime
OPML_START = """<?xml version="1.0" encoding="UTF-8"?> OPML_START = """<?xml version="1.0" encoding="UTF-8"?>
...@@ -39,24 +38,6 @@ def parseArguments(): ...@@ -39,24 +38,6 @@ def parseArguments():
parser.add_argument('--config_file', parser.add_argument('--config_file',
default='monitor.cfg', default='monitor.cfg',
help='Monitor Configuration file') help='Monitor Configuration file')
parser.add_argument('--promise-folder',
action='append', dest='promise_folder_list',
default=[],
help='The path to get promise executable files')
parser.add_argument('--public-folder',
action='append', dest='public_folder',
help='The path of public folder. All files in this folders will have public acess')
parser.add_argument('--private-folder',
action='append', dest='private_folder',
help='The path of private folder. All files in this folders will be accessible with password')
parser.add_argument('--promise-runner',
help='The path of promise runner, use to run promise files')
parser.add_argument('--wrapper-path',
help='Path of monitor generated promise scripts files.')
return parser.parse_args() return parser.parse_args()
...@@ -75,6 +56,13 @@ def softConfigGet(config, *args, **kwargs): ...@@ -75,6 +56,13 @@ def softConfigGet(config, *args, **kwargs):
except (ConfigParser.NoOptionError, ConfigParser.NoSectionError): except (ConfigParser.NoOptionError, ConfigParser.NoSectionError):
return None return None
def createSymlink(source, destination):
try:
os.symlink(source, destination)
except OSError, e:
if e.errno != os.errno.EEXIST:
raise
class Monitoring(object): class Monitoring(object):
def __init__(self, configuration_file): def __init__(self, configuration_file):
...@@ -199,14 +187,6 @@ class Monitoring(object): ...@@ -199,14 +187,6 @@ class Monitoring(object):
self.promise_dict[filename] = {"path": path, self.promise_dict[filename] = {"path": path,
"configuration": ConfigParser.ConfigParser()} "configuration": ConfigParser.ConfigParser()}
# get promises configurations
#for filename in os.listdir(monitor_promise_folder):
# path = os.path.join(monitor_promise_folder, filename)
# if os.path.isfile(path) and filename[-4:] == ".cfg":
# promise_name = filename[:-4]
# if promise_name in promise_dict:
# loadConfig([path], promise_dict[promise_name]["configuration"])
def createSymlinksFromConfig(self, destination_folder, source_path_list, name=""): def createSymlinksFromConfig(self, destination_folder, source_path_list, name=""):
if destination_folder: if destination_folder:
if source_path_list: if source_path_list:
...@@ -277,32 +257,30 @@ class Monitoring(object): ...@@ -277,32 +257,30 @@ class Monitoring(object):
jio_private = os.path.join(self.webdav_folder, 'jio_private') jio_private = os.path.join(self.webdav_folder, 'jio_private')
mkdirAll(jio_public) mkdirAll(jio_public)
mkdirAll(jio_private) mkdirAll(jio_private)
try:
os.symlink(self.public_folder, os.path.join(jio_public, '.jio_documents')) createSymlink(self.public_folder,
except OSError, e: os.path.join(jio_public, '.jio_documents'))
if e.errno != os.errno.EEXIST: createSymlink(self.private_folder,
raise os.path.join(jio_private, '.jio_documents'))
try:
os.symlink(self.private_folder, os.path.join(jio_private, '.jio_documents'))
except OSError, e:
if e.errno != os.errno.EEXIST:
raise
self.data_folder = os.path.join(self.private_folder, 'data', '.jio_documents') self.data_folder = os.path.join(self.private_folder, 'data', '.jio_documents')
self.document_folder = os.path.join(self.private_folder, 'documents')
config_folder = os.path.join(self.config_folder, '.jio_documents') config_folder = os.path.join(self.config_folder, '.jio_documents')
mkdirAll(self.data_folder) mkdirAll(self.data_folder)
mkdirAll(config_folder) mkdirAll(config_folder)
try:
os.symlink(os.path.join(self.private_folder, 'data'), createSymlink(os.path.join(self.private_folder, 'data'),
os.path.join(jio_private, 'data')) os.path.join(jio_private, 'data'))
except OSError, e: createSymlink(self.config_folder, os.path.join(jio_private, 'config'))
if e.errno != os.errno.EEXIST: createSymlink(self.data_folder, self.document_folder)
raise
try: # Cleanup private folder
os.symlink(self.config_folder, os.path.join(jio_private, 'config')) for file in glob.glob("%s/*.history.json" % self.private_folder):
except OSError, e: try:
if e.errno != os.errno.EEXIST: os.unlink(file)
raise except OSError:
print "failed to remove file %s. Ignoring..." % file
def makeConfigurationFiles(self): def makeConfigurationFiles(self):
config_folder = os.path.join(self.config_folder, '.jio_documents') config_folder = os.path.join(self.config_folder, '.jio_documents')
...@@ -352,12 +330,12 @@ class Monitoring(object): ...@@ -352,12 +330,12 @@ class Monitoring(object):
opml_content += OPML_OUTLINE_FEED % {'title': self.title, opml_content += OPML_OUTLINE_FEED % {'title': self.title,
'html_url': self.public_url + '/feed', 'html_url': self.public_url + '/feed',
'xml_url': self.public_url + '/feed', 'xml_url': self.public_url + '/feed',
'global_url': "%s/jio_public/" % self.webdav_url} 'global_url': "%s/jio_private/" % self.webdav_url}
for feed_url in feed_url_list: for feed_url in feed_url_list:
opml_content += OPML_OUTLINE_FEED % {'title': self.getMonitorTitleFromUrl(feed_url + "/share/jio_public/"), opml_content += OPML_OUTLINE_FEED % {'title': self.getMonitorTitleFromUrl(feed_url + "/share/jio_public/"),
'html_url': feed_url + '/public/feed', 'html_url': feed_url + '/public/feed',
'xml_url': feed_url + '/public/feed', 'xml_url': feed_url + '/public/feed',
'global_url': "%s/share/jio_public/" % feed_url} 'global_url': "%s/share/jio_private/" % feed_url}
opml_content += OPML_END opml_content += OPML_END
...@@ -376,37 +354,6 @@ class Monitoring(object): ...@@ -376,37 +354,6 @@ class Monitoring(object):
with open(file_path, 'w') as flog: with open(file_path, 'w') as flog:
flog.write(content) flog.write(content)
def generateMonitorHalJson(self):
monitor_link_dict = {"webdav": {"href": self.webdav_url},
"public": {"href": "%s/public" % self.webdav_url},
"private": {"href": "%s/private" % self.webdav_url},
"rss": {"href": "%s/feed" % self.public_url},
"jio_public": {"href": "%s/jio_public/" % self.webdav_url},
"jio_private": {"href": "%s/jio_private/" % self.webdav_url}
}
if self.title:
self.monitor_dict["title"] = self.title
if self.monitor_url_list:
monitor_link_dict["related_monitor"] = [{"href": url}
for url in self.monitor_url_list]
self.monitor_dict["_links"] = monitor_link_dict
if self.promise_items:
service_list = []
for service_name, promise in self.promise_items:
service_config = promise["configuration"]
tmp = softConfigGet(service_config, "service", "title")
service_dict = {}
service_dict["id"] = service_name
service_dict["_links"] = {"status": {"href": "%s/public/%s.status.json" % (self.webdav_url, service_name)}} # hardcoded
if tmp:
service_dict["title"] = tmp
service_list.append(service_dict)
self.monitor_dict["_embedded"] = {"service": service_list}
with open(self.monitor_hal_json, "w") as fp:
json.dump(self.monitor_dict, fp)
def generateReportCronEntries(self): def generateReportCronEntries(self):
cron_line_list = [] cron_line_list = []
...@@ -429,7 +376,7 @@ class Monitoring(object): ...@@ -429,7 +376,7 @@ class Monitoring(object):
'--promise_script "%s"' % report_script, '--promise_script "%s"' % report_script,
'--promise_name "%s"' % report_name, '--promise_name "%s"' % report_name,
'--monitor_url "%s/jio_private/"' % self.webdav_url, # XXX hardcoded, '--monitor_url "%s/jio_private/"' % self.webdav_url, # XXX hardcoded,
'--history_folder "%s"' % self.report_folder, '--history_folder "%s"' % self.data_folder,
'--instance_name "%s"' % self.title, '--instance_name "%s"' % self.title,
'--hosting_name "%s"' % self.root_title, '--hosting_name "%s"' % self.root_title,
'--promise_type "report"'] '--promise_type "report"']
...@@ -484,11 +431,6 @@ class Monitoring(object): ...@@ -484,11 +431,6 @@ class Monitoring(object):
if service_name in service_name_list: if service_name in service_name_list:
service_name_list.pop(service_name_list.index(service_name)) service_name_list.pop(service_name_list.index(service_name))
"""wrapper_path = os.path.join(self.wraper_folder, service_name)
with open(wrapper_path, "w") as fp:
fp.write("#!/bin/sh\n%s" % command) # XXX hardcoded, use dash, sh or bash binary!
os.chmod(wrapper_path, stat.S_IRUSR | stat.S_IWUSR | stat.S_IXUSR | stat.S_IRGRP | stat.S_IROTH )"""
if service_name_list != []: if service_name_list != []:
# XXX Some service was removed, delete his status file so monitor will not consider his status anymore # XXX Some service was removed, delete his status file so monitor will not consider his status anymore
for service_name in service_name_list: for service_name in service_name_list:
...@@ -532,10 +474,6 @@ class Monitoring(object): ...@@ -532,10 +474,6 @@ class Monitoring(object):
private_path_list.split(), private_path_list.split(),
service_name) service_name)
# generate monitor.json
self.monitor_dict = {}
self.generateMonitorHalJson()
# Generate OPML file # Generate OPML file
self.generateOpmlFile(self.monitor_url_list, self.generateOpmlFile(self.monitor_url_list,
os.path.join(self.public_folder, 'feeds')) os.path.join(self.public_folder, 'feeds'))
...@@ -551,11 +489,13 @@ class Monitoring(object): ...@@ -551,11 +489,13 @@ class Monitoring(object):
# Rotate monitor data files # Rotate monitor data files
option_list = [ option_list = [
'daily', 'nocreate', 'noolddir', 'rotate 5', 'daily', 'nocreate', 'olddir %s' % self.data_folder, 'rotate 5',
'nocompress', 'extension .json', 'dateext', 'nocompress', 'extension .json', 'dateext',
'dateformat -%Y-%m-%d', 'notifempty' 'dateformat -%Y-%m-%d', 'notifempty'
] ]
file_list = ["%s/*.data.json" % self.data_folder] file_list = [
"%s/*.data.json" % self.private_folder,
"%s/*.data.json" % self.data_folder]
self.generateLogrotateEntry('monitor.data', file_list, option_list) self.generateLogrotateEntry('monitor.data', file_list, option_list)
# Rotate public history status file, delete data of previous days # Rotate public history status file, delete data of previous days
......
#!/usr/bin/env python
import json
import os
import time
from datetime import datetime
OPML_START = """<?xml version="1.0" encoding="UTF-8"?>
<!-- OPML generated by SlapOS -->
<opml version="1.1">
<head>
<title>SlapOS Monitoring Status Lists</title>
<dateCreated>%(creation_date)s</dateCreated>
<dateModified>%(mondification_date)s</dateModified>
</head>
<body>
<outline text="%(outline_title)s">"""
OPML_END = """ </outline>
</body>
</opml>"""
OPML_OUTLINE_FEED = '<outline text="%(title)s" title="%(title)s" type="rss" version="RSS" htmlUrl="%(html_url)s" xmlUrl="%(xml_url)s" />'
def main(config_file, output_file):
feed_url_list = []
if os.path.exists(output_file):
creation_date = datetime.fromtimestamp(os.path.getctime(output_file)).utcnow().strftime("%a, %d %b %Y %H:%M:%S +0000")
modification_date = datetime.utcnow().strftime("%a, %d %b %Y %H:%M:%S +0000")
else:
creation_date = modification_date = datetime.utcnow().strftime("%a, %d %b %Y %H:%M:%S +0000")
with open(config_file, 'r') as fconfig:
feed_url_list = json.loads(fconfig.read())
opml_content = OPML_START
for feed_line in feed_url_list:
opml_content += OPML_OUTLINE_FEED % {'title': feed_line['title'], 'html_url': feed_line['url'], 'xml_url': feed_line['url']}
opml_content += OPML_END
with open(output_file, 'w') as wfile:
wfile.write(opml_content)
if __name__ == "__main__":
if len(sys.argv) < 3:
print("Usage: %s <rss_conf_file> <output_path>" % sys.argv[0])
sys.exit(2)
config_file = sys.argv[1]
output_file = sys.argv[2]
main(config_file, output_file)
\ No newline at end of file
...@@ -122,6 +122,12 @@ def updateStatusHistoryFolder(name, status_file, history_folder, promise_type): ...@@ -122,6 +122,12 @@ def updateStatusHistoryFolder(name, status_file, history_folder, promise_type):
} }
f_history.write(json.dumps(data_dict)) f_history.write(json.dumps(data_dict))
else: else:
# Remove useless informations
status_dict.pop('hosting_subscription', '')
status_dict.pop('title', '')
status_dict.pop('instance', '')
status_dict.pop('type', '')
with open (history_file, mode="r+") as f_history: with open (history_file, mode="r+") as f_history:
f_history.seek(0,2) f_history.seek(0,2)
position = f_history.tell() -2 position = f_history.tell() -2
......
import sys import sys
import os import os
import json import json
import datetime from datetime import datetime
import base64 import base64
import hashlib import hashlib
import PyRSS2Gen import PyRSS2Gen
...@@ -16,6 +16,8 @@ def parseArguments(): ...@@ -16,6 +16,8 @@ def parseArguments():
help='Path where to get *.status.json files which contain result of promises.') help='Path where to get *.status.json files which contain result of promises.')
parser.add_argument('--output', parser.add_argument('--output',
help='The Path of file where feed file will be saved.') help='The Path of file where feed file will be saved.')
parser.add_argument('--feed_url',
help='Url of this feed file.')
parser.add_argument('--public_url', parser.add_argument('--public_url',
help='Monitor Instance public URL.') help='Monitor Instance public URL.')
parser.add_argument('--private_url', parser.add_argument('--private_url',
...@@ -36,6 +38,7 @@ def main(): ...@@ -36,6 +38,7 @@ def main():
parser = parseArguments() parser = parseArguments()
rss_item_list = [] rss_item_list = []
report_date = datetime.utcnow()
for filename in os.listdir(parser.items_folder): for filename in os.listdir(parser.items_folder):
if filename.endswith(".status.json"): if filename.endswith(".status.json"):
filepath = os.path.join(parser.items_folder, filename) filepath = os.path.join(parser.items_folder, filename)
...@@ -46,7 +49,7 @@ def main(): ...@@ -46,7 +49,7 @@ def main():
print "Failed to load json file: %s" % filepath print "Failed to load json file: %s" % filepath
continue continue
description = result_dict.get('message', '') description = result_dict.get('message', '')
event_time = datetime.datetime.fromtimestamp(result_dict['change-time']) event_time = datetime.fromtimestamp(result_dict['change-time'])
rss_item = PyRSS2Gen.RSSItem( rss_item = PyRSS2Gen.RSSItem(
categories = [result_dict['status']], categories = [result_dict['status']],
source = PyRSS2Gen.Source(result_dict['title'], parser.public_url), source = PyRSS2Gen.Source(result_dict['title'], parser.public_url),
...@@ -55,7 +58,7 @@ def main(): ...@@ -55,7 +58,7 @@ def main():
description = "%s: %s\n%s" % (event_time, result_dict['status'], description), description = "%s: %s\n%s" % (event_time, result_dict['status'], description),
link = parser.private_url, link = parser.private_url,
pubDate = event_time, pubDate = event_time,
guid = PyRSS2Gen.Guid(base64.b64encode("%s, %s" % (event_time, result_dict['status']))) guid = PyRSS2Gen.Guid(base64.b64encode("%s, %s" % (parser.hosting_name, result_dict['title'])))
) )
rss_item_list.append(rss_item) rss_item_list.append(rss_item)
...@@ -64,11 +67,12 @@ def main(): ...@@ -64,11 +67,12 @@ def main():
sorted(rss_item_list, key=getKey) sorted(rss_item_list, key=getKey)
rss_feed = PyRSS2Gen.RSS2 ( rss_feed = PyRSS2Gen.RSS2 (
title = parser.instance_name, title = parser.instance_name,
link = parser.public_url, link = parser.feed_url,
description = parser.hosting_name, description = parser.hosting_name,
lastBuildDate = datetime.datetime.utcnow(), lastBuildDate = report_date,
items = rss_item_list items = rss_item_list
) )
with open(parser.output, 'w') as frss: with open(parser.output, 'w') as frss:
frss.write(rss_feed.to_xml()) frss.write(rss_feed.to_xml())
......
...@@ -11,7 +11,7 @@ ServerAdmin someone@email ...@@ -11,7 +11,7 @@ ServerAdmin someone@email
Listen [{{ parameter_dict.get('listening-ip') }}]:{{ parameter_dict.get('port') }} Listen [{{ parameter_dict.get('listening-ip') }}]:{{ parameter_dict.get('port') }}
Define MonitorPort Define MonitorPort
</IfDefine> </IfDefine>
DocumentRoot "{{ directory.get('webdav') }}" DocumentRoot "{{ directory.get('private') }}"
ErrorLog "{{ parameter_dict.get('error-log') }}" ErrorLog "{{ parameter_dict.get('error-log') }}"
LoadModule unixd_module modules/mod_unixd.so LoadModule unixd_module modules/mod_unixd.so
LoadModule access_compat_module modules/mod_access_compat.so LoadModule access_compat_module modules/mod_access_compat.so
...@@ -19,7 +19,6 @@ LoadModule authz_core_module modules/mod_authz_core.so ...@@ -19,7 +19,6 @@ LoadModule authz_core_module modules/mod_authz_core.so
LoadModule authn_core_module modules/mod_authn_core.so LoadModule authn_core_module modules/mod_authn_core.so
LoadModule authz_host_module modules/mod_authz_host.so LoadModule authz_host_module modules/mod_authz_host.so
LoadModule mime_module modules/mod_mime.so LoadModule mime_module modules/mod_mime.so
LoadModule cgid_module modules/mod_cgid.so
LoadModule dir_module modules/mod_dir.so LoadModule dir_module modules/mod_dir.so
LoadModule ssl_module modules/mod_ssl.so LoadModule ssl_module modules/mod_ssl.so
LoadModule alias_module modules/mod_alias.so LoadModule alias_module modules/mod_alias.so
...@@ -55,31 +54,12 @@ SSLEngine On ...@@ -55,31 +54,12 @@ SSLEngine On
Include {{ parameter_dict.get('httpd-cors-config-file') }} Include {{ parameter_dict.get('httpd-cors-config-file') }}
Header set Vary Origin Header set Vary Origin
Header set Cache-Control "private, max-age=0, must-revalidate" Header set Cache-Control "private, max-age=40"
Header set Access-Control-Max-Age "0" Header set Access-Control-Max-Age "40"
Header unset ETag
Header set Pragma "no-cache"
Header set Access-Control-Allow-Credentials "true" Header set Access-Control-Allow-Credentials "true"
Header set Access-Control-Allow-Methods "PROPFIND, PROPPATCH, COPY, MOVE, DELETE, MKCOL, LOCK, UNLOCK, PUT, GETLIB, VERSION-CONTROL, CHECKIN, CHECKOUT, UNCHECKOUT, REPORT, UPDATE, CANCELUPLOAD, HEAD, OPTIONS, GET, POST" Header set Access-Control-Allow-Methods "PROPFIND, PROPPATCH, COPY, MOVE, DELETE, MKCOL, LOCK, UNLOCK, PUT, GETLIB, VERSION-CONTROL, CHECKIN, CHECKOUT, UNCHECKOUT, REPORT, UPDATE, CANCELUPLOAD, HEAD, OPTIONS, GET, POST"
Header set Access-Control-Allow-Headers "Overwrite, Destination, Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control, Authorization" Header set Access-Control-Allow-Headers "Overwrite, Destination, Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control, Authorization"
{% if parameter_dict.has_key('monitor-url-list') -%}
RewriteEngine on
SSLProxyEngine on
ProxyPreserveHost On
SSLProxyVerify none
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
{% set index=1 -%}
{% set monitor_url_list = parameter_dict.get('monitor-url-list').split('\n') -%}
{% for url in monitor_url_list -%}
{% if url.strip() -%}
RewriteRule /monitor{{ index }}/(.*) {{ url }}/$1 [L,P]
{% set index = index + 1 -%}
{% endif -%}
{% endfor -%}
{% endif -%}
DavLockDB {{ directory.get('monitor-var') }}/DavLock DavLockDB {{ directory.get('monitor-var') }}/DavLock
Alias /share {{ directory.get('webdav') }} Alias /share {{ directory.get('webdav') }}
<Directory {{ directory.get('webdav') }}> <Directory {{ directory.get('webdav') }}>
...@@ -101,22 +81,6 @@ Alias /share {{ directory.get('webdav') }} ...@@ -101,22 +81,6 @@ Alias /share {{ directory.get('webdav') }}
</Limit> </Limit>
</LocationMatch> </LocationMatch>
ScriptSock {{ parameter_dict.get('cgid-pid-file') }}
<Directory {{ directory.get('www') }}>
SSLVerifyDepth 1
SSLRequireSSL
SSLOptions +StrictRequire
# XXX: security????
DirectoryIndex index.html
Options FollowSymLinks
AllowOverride All
Order Deny,Allow
AuthType Basic
AuthName "Private access"
AuthUserFile "{{ parameter_dict.get('htpasswd-file') }}"
Require valid-user
</Directory>
Alias /private {{ directory.get('private') }}/ Alias /private {{ directory.get('private') }}/
<Directory {{ directory.get('private') }}> <Directory {{ directory.get('private') }}>
Order Deny,Allow Order Deny,Allow
...@@ -140,24 +104,6 @@ Alias /public {{ directory.get('public') }}/ ...@@ -140,24 +104,6 @@ Alias /public {{ directory.get('public') }}/
Allow from all Allow from all
</Directory> </Directory>
Alias /cgi-bin {{ directory.get('cgi-bin') }}
<Directory {{ directory.get('cgi-bin') }}>
# XXX security ???
Order Deny,Allow
Deny from all
<Files "*.cgi">
Order Deny,Allow
Deny from env=AUTHREQUIRED
AuthType Basic
AuthName "Private access"
AuthUserFile "{{ parameter_dict.get('htpasswd-file') }}"
Require valid-user
</Files>
Options +ExecCGI
AddHandler cgi-script .cgi
Options Indexes FollowSymLinks
Satisfy all
</Directory>
{% if parameter_dict.get('httpd-include-file', '') -%} {% if parameter_dict.get('httpd-include-file', '') -%}
Include {{ parameter_dict.get('httpd-include-file') }} Include {{ parameter_dict.get('httpd-include-file') }}
{% endif -%} {% endif -%}
[service]
{% for key, value in parameter_dict.items() -%}
{{ key }} = {{ value.strip().replace("\n", "\n ") }}
{% endfor -%}
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment