Commit acf9038a authored by Łukasz Nowak's avatar Łukasz Nowak

Merge branch 'master' into nbd

parents e76f29e8 cfce5320
0.13 (unreleased) Changes
================ =======
* No change yet. 0.17 (unreleased)
-----------------
* No changes yet.
0.16 (2011-07-15)
-----------------
* Improve Vifib and pure ERP5 instantiation [Rafael Monnerat]
* Use configurator for Vifib [Rafael Monnerat]
0.15 (2011-07-13)
-----------------
* Encrypt connection by default. [Vivien Alger]
0.14 (2011-07-13)
-----------------
* Provide new way to instantiate kvm. [Cedric de Saint Martin, Vivien Alger]
0.13 (2011-07-13)
-----------------
* Implement generic execute_wait wrapper, which allows to wait for some files
to appear before starting service depending on it. [Łukasz Nowak]
0.12 (2011-07-11) 0.12 (2011-07-11)
================= -----------------
* Fix slaprunner, phpmyadmin software releases, added * Fix slaprunner, phpmyadmin software releases, added
wordpress software release. [Cedric de Saint Martin] wordpress software release. [Cedric de Saint Martin]
0.11 (2011-07-07) 0.11 (2011-07-07)
================= -----------------
* Enable test suite runner for vifib. * Enable test suite runner for vifib.
0.10 (2011-07-01) 0.10 (2011-07-01)
================= -----------------
* Add PHPMyAdmin software release used in SlapOS tutorials * Add PHPMyAdmin software release used in SlapOS tutorials
[Cedric de Saint Martin] [Cedric de Saint Martin]
* Add slaprunner software release [Cedric de Saint Martin] * Add slaprunner software release [Cedric de Saint Martin]
0.9 (2011-06-24) 0.9 (2011-06-24)
================ ----------------
* mysql recipe : Changing slapos.recipe.erp5.execute to * mysql recipe : Changing slapos.recipe.erp5.execute to
slapos.recipe.librecipe.execute [Cedric de Saint Martin] slapos.recipe.librecipe.execute [Cedric de Saint Martin]
0.8 (2011-06-15) 0.8 (2011-06-15)
================ ----------------
* Add MySQL and MariaDB standalone software release and recipe * Add MySQL and MariaDB standalone software release and recipe
[Cedric de Saint Martin] [Cedric de Saint Martin]
* Fixed slapos.recipe.erp5testnode instantiation [Sebastien Robin] * Fixed slapos.recipe.erp5testnode instantiation [Sebastien Robin]
0.7 (2011-06-14) 0.7 (2011-06-14)
================ ----------------
* Fix slapos.recipe.erp5 package by providing site.zcml in it. [Łukasz Nowak] * Fix slapos.recipe.erp5 package by providing site.zcml in it. [Łukasz Nowak]
* Improve slapos.recipe.erp5testnode partition instantiation error reporting * Improve slapos.recipe.erp5testnode partition instantiation error reporting
[Sebastien Robin] [Sebastien Robin]
0.6 (2011-06-13) 0.6 (2011-06-13)
================ ----------------
* Fixed slapos.recipe.erp5 instantiation. [Łukasz Nowak] * Fixed slapos.recipe.erp5 instantiation. [Łukasz Nowak]
0.5 (2011-06-13) 0.5 (2011-06-13)
================ ----------------
* Implement zabbix agent instantiation. [Łukasz Nowak] * Implement zabbix agent instantiation. [Łukasz Nowak]
* Drop dependency on Zope2. [Łukasz Nowak] * Drop dependency on Zope2. [Łukasz Nowak]
* Share more in slapos.recipe.librecipe module. [Łukasz Nowak] * Share more in slapos.recipe.librecipe module. [Łukasz Nowak]
0.4 (2011-06-09) 0.4 (2011-06-09)
================ ----------------
* Remove reference to slapos.tool.networkcache as it was removed from pypi. [Łukasz Nowak] * Remove reference to slapos.tool.networkcache as it was removed from pypi. [Łukasz Nowak]
* Add Kumofs standalone software release and recipe [Cedric de Saint Martin] * Add Kumofs standalone software release and recipe [Cedric de Saint Martin]
* Add Memcached standalone software release and recipe [Cedric de Saint Martin] * Add Memcached standalone software release and recipe [Cedric de Saint Martin]
0.3 (2011-06-09) 0.3 (2011-06-09)
================ ----------------
* Moved out template and build to separate distributions [Łukasz Nowak] * Moved out template and build to separate distributions [Łukasz Nowak]
* Depend on slapos.core instead of depracated slapos.slap [Romain Courteaud] * Depend on slapos.core instead of depracated slapos.slap [Romain Courteaud]
...@@ -69,11 +94,11 @@ ...@@ -69,11 +94,11 @@
* Allow to control full environment in erp5 module [Łukasz Nowak] * Allow to control full environment in erp5 module [Łukasz Nowak]
0.2 (2011-05-30) 0.2 (2011-05-30)
================ ----------------
* Allow to pass zope_environment in erp5 entry point [Łukasz Nowak] * Allow to pass zope_environment in erp5 entry point [Łukasz Nowak]
0.1 (2011-05-27) 0.1 (2011-05-27)
================ ----------------
* All slapos.recipe.* became slapos.cookbook:* [Łukasz Nowak] * All slapos.recipe.* became slapos.cookbook:* [Łukasz Nowak]
slapos.cookbook slapos.cookbook
=============== ===============
Cookbook of SlapOS recipes.
...@@ -11,8 +11,8 @@ parts = ...@@ -11,8 +11,8 @@ parts =
[curl] [curl]
recipe = hexagonit.recipe.cmmi recipe = hexagonit.recipe.cmmi
url = http://curl.haxx.se/download/curl-7.21.3.tar.bz2 url = http://curl.haxx.se/download/curl-7.21.7.tar.bz2
md5sum = 5b57fee22090b5c43a6886fdd35af2ce md5sum = 5f6d50c4d4ee38c57fe37e3cff75adbd
configure-options = configure-options =
--disable-static --disable-static
--disable-ldap --disable-ldap
......
...@@ -5,8 +5,8 @@ extends = ...@@ -5,8 +5,8 @@ extends =
[glib] [glib]
recipe = hexagonit.recipe.cmmi recipe = hexagonit.recipe.cmmi
url = http://ftp.gnome.org/pub/gnome/sources/glib/2.28/glib-2.28.7.tar.bz2 url = http://ftp.gnome.org/pub/gnome/sources/glib/2.28/glib-2.28.8.tar.bz2
md5sum = feda1650c8646ad39c7b01d95b03766b md5sum = 789e7520f71c6a4bf08bc683ec764d24
configure-options = configure-options =
--disable-static --disable-static
--disable-selinux --disable-selinux
......
[buildout]
parts =
gzip
[gzip]
recipe = hexagonit.recipe.cmmi
url = ftp://ftp.gnu.org/pub/gnu/gzip/gzip-1.4.tar.gz
md5sum = e381b8506210c794278f5527cba0e765
...@@ -3,7 +3,6 @@ extends = ...@@ -3,7 +3,6 @@ extends =
../zlib/buildout.cfg ../zlib/buildout.cfg
parts = parts =
libpng12
libpng libpng
[libpng-common] [libpng-common]
...@@ -14,12 +13,7 @@ environment = ...@@ -14,12 +13,7 @@ environment =
CPPFLAGS =-I${zlib:location}/include CPPFLAGS =-I${zlib:location}/include
LDFLAGS =-L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib LDFLAGS =-L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib
[libpng12]
<= libpng-common
url = http://download.sourceforge.net/libpng/libpng-1.2.44.tar.bz2
md5sum = e3ac7879d62ad166a6f0c7441390d12b
[libpng] [libpng]
<= libpng-common <= libpng-common
url = http://download.sourceforge.net/libpng/libpng-1.5.2.tar.bz2 url = http://download.sourceforge.net/libpng/libpng-1.5.4.tar.bz2
md5sum = a003b37ed9afb0d9164eb7228421057c md5sum = b43afe39237b69859522455b215f9e85
...@@ -16,6 +16,8 @@ configure-options = ...@@ -16,6 +16,8 @@ configure-options =
--with-libxml-prefix=${libxml2:location} --with-libxml-prefix=${libxml2:location}
--without-crypto --without-crypto
--without-python --without-python
--without-debug
--without-debugger
environment = environment =
PATH=${pkgconfig:location}/bin:%(PATH)s PATH=${pkgconfig:location}/bin:%(PATH)s
CPPFLAGS=-I${zlib:location}/include CPPFLAGS=-I${zlib:location}/include
......
...@@ -3,10 +3,20 @@ extends = ...@@ -3,10 +3,20 @@ extends =
../popt/buildout.cfg ../popt/buildout.cfg
parts = logrotate parts = logrotate
[logrotate-3.7.9-O_CLOEXEC.optional.patch]
recipe = hexagonit.recipe.download
url = ${:_profile_base_location_}/${:filename}
download-only = true
md5sum = 6beac248c978b767d4bccc1b7eebe6bd
filename = ${:_buildout_section_name_}
[logrotate] [logrotate]
recipe = hexagonit.recipe.cmmi recipe = hexagonit.recipe.cmmi
url = https://fedorahosted.org/releases/l/o/logrotate/logrotate-3.7.9.tar.gz url = https://fedorahosted.org/releases/l/o/logrotate/logrotate-3.7.9.tar.gz
md5sum = eeba9dbca62a9210236f4b83195e4ea5 md5sum = eeba9dbca62a9210236f4b83195e4ea5
patch-options = -p1
patches =
${logrotate-3.7.9-O_CLOEXEC.optional.patch:location}/${logrotate-3.7.9-O_CLOEXEC.optional.patch:filename}
configure-command = true configure-command = true
make-options = PREFIX=${buildout:parts-directory}/${:_buildout_section_name_} make-options = PREFIX=${buildout:parts-directory}/${:_buildout_section_name_}
environment = environment =
......
diff --git a/config.c b/config.c
index e6d5d1d..dd004a9 100644
--- a/config.c
+++ b/config.c
@@ -519,7 +519,11 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig)
length arrays -- of course, if we aren't run setuid it doesn't
matter much */
+#ifdef O_CLOEXEC
fd = open(configFile, O_RDONLY | O_CLOEXEC);
+#else
+ fd = open(configFile, O_RDONLY);
+#endif
if (fd < 0) {
message(MESS_ERROR, "failed to open config file %s: %s\n",
configFile, strerror(errno));
[buildout]
extends =
../perl/buildout.cfg
../perl-DBI/buildout.cfg
../perl-DBD-MySQL/buildout.cfg
parts =
maatkit
[maatkit]
recipe = hexagonit.recipe.cmmi
depends =
${perl:version}
${perl-DBI:version}
${perl-DBD-MySQL:version}
url = http://maatkit.googlecode.com/files/maatkit-7540.tar.gz
md5sum = 55457f98500b096a6bf549356d3445fe
configure-command =
${perl:location}/bin/perl Makefile.PL
...@@ -12,9 +12,9 @@ parts = ...@@ -12,9 +12,9 @@ parts =
[mariadb] [mariadb]
recipe = hexagonit.recipe.cmmi recipe = hexagonit.recipe.cmmi
version = 5.2.6 version = 5.2.7
url = http://www.percona.com/downloads/MariaDB/mariadb-${:version}/kvm-tarbake-jaunty-x86/mariadb-${:version}.tar.gz url = http://www.percona.com/downloads/MariaDB/mariadb-${:version}/kvm-tarbake-jaunty-x86/mariadb-${:version}.tar.gz
md5sum = e562aca71ae16b490196f99aa7e64b55 md5sum = 06b9b102946a3606b38348c0ebf18367
# compile directory is required to build mysql plugins. # compile directory is required to build mysql plugins.
keep-compile-dir = true keep-compile-dir = true
# configure: how to avoid searching for my.cnf? # configure: how to avoid searching for my.cnf?
......
[buildout]
parts =
noVNC
[noVNC]
recipe = hexagonit.recipe.download
url = https://github.com/kanaka/noVNC/tarball/master
strip-top-level-dir = true
--- DBD-mysql-4.019.back/Makefile.PL 2011-05-09 03:12:07.000000000 +0200
+++ DBD-mysql-4.019/Makefile.PL 2011-06-22 11:44:06.478371893 +0200
@@ -358,7 +358,14 @@
'Data::Dumper' => 0 };
}
-ExtUtils::MakeMaker::WriteMakefile(%o);
+
+my %config;
+if (defined($ENV{'OTHERLDFLAGS'})) {
+ $config{dynamic_lib} = { OTHERLDFLAGS => " $ENV{'OTHERLDFLAGS'} " };
+}
+
+
+ExtUtils::MakeMaker::WriteMakefile(%o, %config);
exit 0;
[buildout]
extends =
../perl/buildout.cfg
../perl-DBI/buildout.cfg
../mysql-tritonn-5.0/buildout.cfg
../zlib/buildout.cfg
../openssl/buildout.cfg
parts =
perl-DBD-MySQL
[perl-DBD-MySQL-patch]
recipe = hexagonit.recipe.download
md5sum = e12e9233f20b0370cfcf5228ea767fbc
url = ${:_profile_base_location_}/${:filename}
filename = DBD-mysql-4.019.rpathsupport.patch
download-only = true
[perl-DBD-MySQL]
recipe = hexagonit.recipe.cmmi
version = 4.019
depends =
${perl:version}
${perl-DBI:version}
url = http://search.cpan.org/CPAN/authors/id/C/CA/CAPTTOFU/DBD-mysql-4.019.tar.gz
md5sum = 566d98ab8ffac9626a31f6f6d455558e
patches =
${perl-DBD-MySQL-patch:location}/${perl-DBD-MySQL-patch:filename}
patch-options = -p1
configure-command =
${perl:location}/bin/perl Makefile.PL --mysql_config=${mysql-tritonn-5.0:location}/bin/mysql_config
environment =
OTHERLDFLAGS=-Wl,-rpath=${zlib:location}/lib -Wl,-rpath=${mysql-tritonn-5.0:location}/lib/mysql -Wl,-rpath=${openssl:location}/lib
[buildout]
extends =
../perl/buildout.cfg
parts =
perl-DBI
[perl-DBI]
recipe = hexagonit.recipe.cmmi
version = 1.616
depends =
${perl:version}
url = http://search.cpan.org/CPAN/authors/id/T/TI/TIMB/DBI-1.616.tar.gz
md5sum = 799313e54a693beb635b47918458f7c4
configure-command =
${perl:location}/bin/perl Makefile.PL
...@@ -12,7 +12,8 @@ depends = ...@@ -12,7 +12,8 @@ depends =
${perl-XML-NamespaceSupport:location} ${perl-XML-NamespaceSupport:location}
url = http://search.cpan.org/CPAN/authors/id/G/GR/GRANTM/XML-SAX-0.96.tar.gz url = http://search.cpan.org/CPAN/authors/id/G/GR/GRANTM/XML-SAX-0.96.tar.gz
md5sum = bdcd4119a62505184e211e9dfaef0ab1 md5sum = bdcd4119a62505184e211e9dfaef0ab1
# say 'y' for 'Do you want XML::SAX to alter ParserDetails.ini? [Y]' question.
configure-command = configure-command =
${perl:location}/bin/perl Makefile.PL echo y | ${perl:location}/bin/perl Makefile.PL
environment = environment =
PERLLIB=blib/lib PERLLIB=blib/lib
...@@ -14,9 +14,9 @@ filename = ${:_buildout_section_name_} ...@@ -14,9 +14,9 @@ filename = ${:_buildout_section_name_}
[perl] [perl]
recipe = hexagonit.recipe.cmmi recipe = hexagonit.recipe.cmmi
version = 5.14.0 version = 5.14.1
url = http://www.cpan.org/src/5.0/perl-${:version}.tar.bz2 url = http://www.cpan.org/src/5.0/perl-${:version}.tar.bz2
md5sum = e7457deea78330c5f8eebb2fd2a45479 md5sum = 97cd306a2c22929cc141a09568f43bb0
patch-options = -p1 patch-options = -p1
patches = patches =
${perl-keep-linker-flags-in-ldflags.patch:location}/${perl-keep-linker-flags-in-ldflags.patch:filename} ${perl-keep-linker-flags-in-ldflags.patch:location}/${perl-keep-linker-flags-in-ldflags.patch:filename}
......
...@@ -6,8 +6,8 @@ extends = ...@@ -6,8 +6,8 @@ extends =
[readline] [readline]
recipe = hexagonit.recipe.cmmi recipe = hexagonit.recipe.cmmi
url = http://ftp.gnu.org/gnu/readline/readline-6.1.tar.gz url = http://ftp.gnu.org/gnu/readline/readline-6.2.tar.gz
md5sum = fc2f7e714fe792db1ce6ddc4c9fb4ef3 md5sum = 67948acb2ca081f23359d0256e9a271c
configure-options = configure-options =
--disable-static --disable-static
--with-ncurses=${ncurses:location} --with-ncurses=${ncurses:location}
......
...@@ -12,6 +12,15 @@ find-links = ...@@ -12,6 +12,15 @@ find-links =
versions = versions versions = versions
allow-hosts =
*.googlecode.com
*.nexedi.org
*.python.org
alastairs-place.net
code.google.com
github.com
peak.telecommunity.com
# separate from system python # separate from system python
include-site-packages = false include-site-packages = false
exec-sitecustomize = false exec-sitecustomize = false
...@@ -38,14 +47,14 @@ lxml = 2.3 ...@@ -38,14 +47,14 @@ lxml = 2.3
meld3 = 0.6.7 meld3 = 0.6.7
netaddr = 0.7.5 netaddr = 0.7.5
setuptools = 0.6c12dev-r88846 setuptools = 0.6c12dev-r88846
slapos.core = 0.9 slapos.core = 0.12
slapos.libnetworkcache = 0.2 slapos.libnetworkcache = 0.2
xml-marshaller = 0.9.7 xml-marshaller = 0.9.7
z3c.recipe.scripts = 1.0.1 z3c.recipe.scripts = 1.0.1
zc.recipe.egg = 1.3.2 zc.recipe.egg = 1.3.2
# Required by: # Required by:
# slapos.core==0.9 # slapos.core==0.12
Flask = 0.7.2 Flask = 0.7.2
# Required by: # Required by:
...@@ -53,13 +62,14 @@ Flask = 0.7.2 ...@@ -53,13 +62,14 @@ Flask = 0.7.2
hexagonit.recipe.download = 1.5.0 hexagonit.recipe.download = 1.5.0
# Required by: # Required by:
# slapos.core==0.9 # slapos.core==0.12
netifaces = 0.5 netifaces = 0.5
# Required by: # Required by:
# slapos.core==0.9 # slapos.core==0.12
supervisor = 3.0a10 supervisor = 3.0a10
# Required by: # Required by:
# slapos.core==0.9 # slapos.core==0.12
zope.interface = 3.6.4 zope.interface = 3.6.4
...@@ -5,8 +5,8 @@ parts = ...@@ -5,8 +5,8 @@ parts =
[sqlite3] [sqlite3]
recipe = hexagonit.recipe.cmmi recipe = hexagonit.recipe.cmmi
url = http://www.sqlite.org/sqlite-autoconf-3070603.tar.gz url = http://www.sqlite.org/sqlite-autoconf-3070701.tar.gz
md5sum = 7eb41eea5ffa5cbe359a48629084c425 md5sum = 554026fe7fac47b1cf61c18d5fe43419
configure-options = configure-options =
--disable-static --disable-static
--enable-readline --enable-readline
......
...@@ -2,7 +2,7 @@ from setuptools import setup, find_packages ...@@ -2,7 +2,7 @@ from setuptools import setup, find_packages
import glob import glob
import os import os
version = '0.13dev' version = '0.17-dev'
name = 'slapos.cookbook' name = 'slapos.cookbook'
long_description = open("README.txt").read() + "\n" + \ long_description = open("README.txt").read() + "\n" + \
open("CHANGES.txt").read() + "\n" open("CHANGES.txt").read() + "\n"
......
...@@ -84,6 +84,23 @@ class Recipe(BaseSlapRecipe): ...@@ -84,6 +84,23 @@ class Recipe(BaseSlapRecipe):
apache_login=self.installBackendApache(ip=self.getGlobalIPv6Address(), apache_login=self.installBackendApache(ip=self.getGlobalIPv6Address(),
port=13000, backend=site_access, key=key, certificate=certificate)) port=13000, backend=site_access, key=key, certificate=certificate))
connection_dict = dict(site_url=apache_conf['apache_login'])
if self.parameter_dict.get("domain_name") is not None:
connection_dict["backend_url"] = apache_conf['apache_login']
connection_dict["domain_ip"] = self.getGlobalIPv6Address()
# XXX Define a fake domain_name for now.
frontend_name = self.parameter_dict.get("domain_name")
frontend_key, frontend_certificate = \
self.requestCertificate(frontend_name)
connection_dict["site_url"] = self.installFrontendZopeApache(
ip=self.getGlobalIPv6Address(), port=13001, name=frontend_name,
frontend_path='/%s' % self.site_id, backend_path='/%s' % self.site_id,
backend_url="http://%s" % site_access, key=frontend_key,
certificate=frontend_certificate)
default_bt5_list = [] default_bt5_list = []
if self.parameter_dict.get("flavour", "default") == 'configurator': if self.parameter_dict.get("flavour", "default") == 'configurator':
default_bt5_list = self.options.get("configurator_bt5_list", '').split() default_bt5_list = self.options.get("configurator_bt5_list", '').split()
...@@ -97,13 +114,13 @@ class Recipe(BaseSlapRecipe): ...@@ -97,13 +114,13 @@ class Recipe(BaseSlapRecipe):
self.installTestSuiteRunner(ca_conf, mysql_conf, conversion_server_conf, self.installTestSuiteRunner(ca_conf, mysql_conf, conversion_server_conf,
memcached_conf, kumo_conf) memcached_conf, kumo_conf)
self.linkBinary() self.linkBinary()
self.setConnectionDict(dict( connection_dict.update(**dict(
site_url=apache_conf['apache_login'],
site_user=user, site_user=user,
site_password=password, site_password=password,
memcached_url=memcached_conf['memcached_url'], memcached_url=memcached_conf['memcached_url'],
kumo_url=kumo_conf['kumo_address'] kumo_url=kumo_conf['kumo_address']
)) ))
self.setConnectionDict(connection_dict)
return self.path_list return self.path_list
def installZopeStandalone(self): def installZopeStandalone(self):
...@@ -130,14 +147,19 @@ class Recipe(BaseSlapRecipe): ...@@ -130,14 +147,19 @@ class Recipe(BaseSlapRecipe):
thread_amount_per_zope = int(self.options.get( thread_amount_per_zope = int(self.options.get(
'cluster_zope_thread_amount', 1)) 'cluster_zope_thread_amount', 1))
activity_node_amount = 2 activity_node_amount = int(self.options.get(
user_node_amount = 2 "cluster_activity_node_amount", 2))
user_node_amount = int(self.options.get(
"cluster_user_node_amount", 2))
ip = self.getLocalIPv4Address() ip = self.getLocalIPv4Address()
storage_dict = self._requestZeoFileStorage('Zeo Server 1', 'main') storage_dict = self._requestZeoFileStorage('Zeo Server 1', 'main')
zeo_conf = self.installZeo(ip) zeo_conf = self.installZeo(ip)
tidstorage_config = dict(host=ip, port='6001') tidstorage_config = dict(host=ip, port='6001')
# XXX How to define good values for this?
mount_point = '/' mount_point = '/'
check_path = '/erp5/account_module' check_path = '/erp5/account_module'
...@@ -328,6 +350,12 @@ class Recipe(BaseSlapRecipe): ...@@ -328,6 +350,12 @@ class Recipe(BaseSlapRecipe):
# workaround wrong assumptions of ERP5Type.tests.runUnitTest about # workaround wrong assumptions of ERP5Type.tests.runUnitTest about
# directory existence # directory existence
unit_test = os.path.join(testinstance, 'unit_test') unit_test = os.path.join(testinstance, 'unit_test')
connection_string_list = []
for test_database, test_user, test_password in \
mysql_conf['mysql_parallel_test_dict'][-4:]:
connection_string_list.append(
'%s@%s:%s %s %s' % (test_database, mysql_conf['ip'],
mysql_conf['tcp_port'], test_user, test_password))
if not os.path.isdir(unit_test): if not os.path.isdir(unit_test):
os.mkdir(unit_test) os.mkdir(unit_test)
runUnitTest = zc.buildout.easy_install.scripts([ runUnitTest = zc.buildout.easy_install.scripts([
...@@ -341,6 +369,7 @@ class Recipe(BaseSlapRecipe): ...@@ -341,6 +369,7 @@ class Recipe(BaseSlapRecipe):
'--erp5_sql_connection_string', '%(mysql_test_database)s@%' '--erp5_sql_connection_string', '%(mysql_test_database)s@%'
'(ip)s:%(tcp_port)s %(mysql_test_user)s ' '(ip)s:%(tcp_port)s %(mysql_test_user)s '
'%(mysql_test_password)s' % mysql_conf, '%(mysql_test_password)s' % mysql_conf,
'--extra_sql_connection_string_list',','.join(connection_string_list),
'--conversion_server_hostname=%(conversion_server_ip)s' % \ '--conversion_server_hostname=%(conversion_server_ip)s' % \
conversion_server_conf, conversion_server_conf,
'--conversion_server_port=%(conversion_server_port)s' % \ '--conversion_server_port=%(conversion_server_port)s' % \
...@@ -881,13 +910,18 @@ class Recipe(BaseSlapRecipe): ...@@ -881,13 +910,18 @@ class Recipe(BaseSlapRecipe):
ident = 'frontend_' + name ident = 'frontend_' + name
apache_conf = self._getApacheConfigurationDict(ident, ip, port) apache_conf = self._getApacheConfigurationDict(ident, ip, port)
apache_conf['server_name'] = name apache_conf['server_name'] = name
apache_conf['frontend_path'] = frontend_path
apache_conf['ssl_snippet'] = pkg_resources.resource_string(__name__, apache_conf['ssl_snippet'] = pkg_resources.resource_string(__name__,
'template/apache.ssl-snippet.conf.in') % dict( 'template/apache.ssl-snippet.conf.in') % dict(
login_certificate=certificate, login_key=key) login_certificate=certificate, login_key=key)
rewrite_rule_template = \ rewrite_rule_template = \
"RewriteRule ^%(path)s($|/.*) %(backend_url)s/VirtualHostBase/https/%(server_name)s:%(port)s%(backend_path)s/VirtualHostRoot/_vh_%(vhname)s$1 [L,P]\n" "RewriteRule ^%(path)s($|/.*) %(backend_url)s/VirtualHostBase/https/%(server_name)s:%(port)s%(backend_path)s/VirtualHostRoot/_vh_%(vhname)s$1 [L,P]\n"
path = pkg_resources.resource_string(__name__, 'template/apache.zope.conf.path-protected.in') % dict(path='/', access_control_string='none')
path = pkg_resources.resource_string(__name__,
'template/apache.zope.conf.path-protected.in') % \
dict(path='/', access_control_string='none')
if access_control_string is None: if access_control_string is None:
path_template = pkg_resources.resource_string(__name__, path_template = pkg_resources.resource_string(__name__,
'template/apache.zope.conf.path.in') 'template/apache.zope.conf.path.in')
...@@ -903,8 +937,7 @@ class Recipe(BaseSlapRecipe): ...@@ -903,8 +937,7 @@ class Recipe(BaseSlapRecipe):
backend_path=backend_path, backend_path=backend_path,
port=apache_conf['port'], port=apache_conf['port'],
vhname=frontend_path.replace('/', ''), vhname=frontend_path.replace('/', ''),
server_name=name server_name=name)
)
rewrite_rule = rewrite_rule_template % d rewrite_rule = rewrite_rule_template % d
apache_conf.update(**dict( apache_conf.update(**dict(
path_enable=path, path_enable=path,
...@@ -925,7 +958,7 @@ class Recipe(BaseSlapRecipe): ...@@ -925,7 +958,7 @@ class Recipe(BaseSlapRecipe):
) )
])) ]))
# Note: IPv6 is assumed always # Note: IPv6 is assumed always
return 'https://[%(ip)s]:%(port)s' % apache_conf return 'https://%(server_name)s:%(port)s%(frontend_path)s' % (apache_conf)
def installBackendApache(self, ip, port, backend, key, certificate, def installBackendApache(self, ip, port, backend, key, certificate,
suffix='', access_control_string=None): suffix='', access_control_string=None):
...@@ -953,7 +986,8 @@ class Recipe(BaseSlapRecipe): ...@@ -953,7 +986,8 @@ class Recipe(BaseSlapRecipe):
def installMysqlServer(self, ip, port, database='erp5', user='user', def installMysqlServer(self, ip, port, database='erp5', user='user',
test_database='test_erp5', test_user='test_user', template_filename=None, test_database='test_erp5', test_user='test_user', template_filename=None,
parallel_test_database_amount=100, mysql_conf=None): parallel_test_database_amount=100, mysql_conf=None, with_backup=True,
with_maatkit=True):
if mysql_conf is None: if mysql_conf is None:
mysql_conf = {} mysql_conf = {}
backup_directory = self.createBackupDirectory('mysql') backup_directory = self.createBackupDirectory('mysql')
...@@ -1027,6 +1061,7 @@ class Recipe(BaseSlapRecipe): ...@@ -1027,6 +1061,7 @@ class Recipe(BaseSlapRecipe):
)])) )]))
self.path_list.extend([mysql_conf_path]) self.path_list.extend([mysql_conf_path])
if with_backup:
# backup configuration # backup configuration
backup_directory = self.createBackupDirectory('mysql') backup_directory = self.createBackupDirectory('mysql')
full_backup = os.path.join(backup_directory, 'full') full_backup = os.path.join(backup_directory, 'full')
...@@ -1060,5 +1095,30 @@ class Recipe(BaseSlapRecipe): ...@@ -1060,5 +1095,30 @@ class Recipe(BaseSlapRecipe):
mysql_backup_cron = os.path.join(self.cron_d, 'mysql_backup') mysql_backup_cron = os.path.join(self.cron_d, 'mysql_backup')
open(mysql_backup_cron, 'w').write('0 0 * * * ' + backup_controller) open(mysql_backup_cron, 'w').write('0 0 * * * ' + backup_controller)
self.path_list.append(mysql_backup_cron) self.path_list.append(mysql_backup_cron)
if with_maatkit:
# maatkit installation
for mk_script_name in (
'mk-variable-advisor',
'mk-table-usage',
'mk-visual-explain',
'mk-config-diff',
'mk-deadlock-logger',
'mk-error-log',
'mk-index-usage',
'mk-query-advisor',
):
mk_argument_list = [self.options['perl_binary'],
self.options['%s_binary' % mk_script_name],
'--defaults-file=%s' % mysql_conf_path,
'--socket=%s' %mysql_conf['socket'].strip(), '--user=root',
]
environment = dict(PATH='%s' % self.bin_directory)
mk_exe = zc.buildout.easy_install.scripts([(
mk_script_name,'slapos.recipe.librecipe.execute', 'executee')],
self.ws, sys.executable, self.bin_directory, arguments=[
mk_argument_list, environment])[0]
self.path_list.append(mk_exe)
# The return could be more explicit database, user ... # The return could be more explicit database, user ...
return mysql_conf return mysql_conf
...@@ -220,9 +220,10 @@ class Recipe(BaseSlapRecipe): ...@@ -220,9 +220,10 @@ class Recipe(BaseSlapRecipe):
self.substituteTemplate(template_filename, self.substituteTemplate(template_filename,
stunnel_conf)) stunnel_conf))
wrapper = zc.buildout.easy_install.scripts([('stunnel', wrapper = zc.buildout.easy_install.scripts([('stunnel',
'slapos.recipe.librecipe.execute', 'execute')], self.ws, sys.executable, 'slapos.recipe.librecipe.execute', 'execute_wait')], self.ws,
self.wrapper_directory, arguments=[ sys.executable, self.wrapper_directory, arguments=[
self.options['stunnel_binary'].strip(), stunnel_conf_path] [self.options['stunnel_binary'].strip(), stunnel_conf_path],
[ca_certificate, key]]
)[0] )[0]
self.path_list.append(wrapper) self.path_list.append(wrapper)
......
...@@ -30,113 +30,291 @@ from slapos.recipe.librecipe import BaseSlapRecipe ...@@ -30,113 +30,291 @@ from slapos.recipe.librecipe import BaseSlapRecipe
import subprocess import subprocess
import binascii import binascii
import random import random
import zc.buildout
import pkg_resources import pkg_resources
import ConfigParser
import hashlib
class Recipe(BaseSlapRecipe): class Recipe(BaseSlapRecipe):
def _install(self): def _install(self):
"""
Set the connection dictionnary for the computer partition and create a list
of paths to the different wrappers
Parameters : none
Returns : List path_list
"""
self.path_list = []
self.requirements, self.ws = self.egg.working_set()
self.cron_d = self.installCrond()
self.ca_conf = self.installCertificateAuthority()
self.key_path, self.certificate_path = self.requestCertificate('noVNC')
kvm_conf = self.installKvm(vnc_ip = self.getLocalIPv4Address())
vnc_port = 5900 + kvm_conf['vnc_display']
noVNC_conf = self.installNoVnc(source_ip = self.getGlobalIPv6Address(),
source_port = 6080,
target_ip = kvm_conf['vnc_ip'],
target_port = vnc_port,
python_path = kvm_conf['python_path'])
self.linkBinary()
self.computer_partition.setConnectionDict(dict(
url = "https://[%s]:%s/vnc.html?host=[%s]&port=%s&encrypt=1" % (noVNC_conf['source_ip'],
noVNC_conf['source_port'],
noVNC_conf['source_ip'],
noVNC_conf['source_port']
),
password = kvm_conf['vnc_passwd']))
return self.path_list
def installKvm(self, vnc_ip):
"""
Create kvm configuration dictionnary and instanciate a wrapper for kvm and
kvm controller
Parameters : IP the vnc server is listening on
Returns : Dictionnary kvm_conf
"""
kvm_conf = dict(vnc_ip = vnc_ip)
#Get the IP list
connection_found = False connection_found = False
ip = self.getGlobalIPv6Address() for tap_interface, dummy in self.parameter_dict['ip_list']:
for tap, dummy in self.parameter_dict['ip_list']:
# Get an ip associated to a tap interface # Get an ip associated to a tap interface
if tap: if tap_interface:
connection_found = True connection_found = True
if not connection_found: if not connection_found:
raise NotImplementedError("Do not support ip without tap interface") raise NotImplementedError("Do not support ip without tap interface")
kvm_conf['tap_interface'] = tap_interface
# Disk path # Disk path
disk_path = os.path.join(self.data_root_directory, 'virtual.qcow2') kvm_conf['disk_path'] = os.path.join(self.data_root_directory,
socket_path = os.path.join(self.var_directory, 'qmp_socket') 'virtual.qcow2')
kvm_conf['socket_path'] = os.path.join(self.var_directory, 'qmp_socket')
# XXX Weak password # XXX Weak password
vnc_passwd = binascii.hexlify(os.urandom(4)) ##XXX -Vivien: add an option to generate one password for all instances
# and/or to input it yourself
kvm_conf['vnc_passwd'] = binascii.hexlify(os.urandom(4))
#XXX pid_file path, database_path and xml path #XXX pid_file path, database_path, path to python binary and xml path
pid_file_path = os.path.join(self.run_directory, 'pid_file') kvm_conf['pid_file_path'] = os.path.join(self.run_directory, 'pid_file')
database_path = os.path.join(self.data_root_directory, 'slapmonitor_database') kvm_conf['database_path'] = os.path.join(self.data_root_directory,
'slapmonitor_database')
kvm_conf['python_path'] = sys.executable
kvm_conf['qemu_path'] = self.options['qemu_path']
#xml_path = os.path.join(self.var_directory, 'slapreport.xml' ) #xml_path = os.path.join(self.var_directory, 'slapreport.xml' )
# Create disk if needed # Create disk if needed
if not os.path.exists(disk_path): if not os.path.exists(kvm_conf['disk_path']):
retcode = subprocess.call(["%s create -f qcow2 %s %iG" % ( retcode = subprocess.call(["%s create -f qcow2 %s %iG" % (
self.options['qemu_img_path'], disk_path, self.options['qemu_img_path'], kvm_conf['disk_path'],
int(self.options['disk_size']))], shell=True) int(self.options['disk_size']))], shell=True)
if retcode != 0: if retcode != 0:
raise OSError, "Disk creation failed!" raise OSError, "Disk creation failed!"
# Instanciate KVM
kvm_config = {}
# Options nbd_ip and nbd_port are provided by slapos master # Options nbd_ip and nbd_port are provided by slapos master
kvm_config.update(self.options) kvm_conf['nbd_ip'] = self.parameter_dict['nbd_ip']
#raise NotImplementedError("%s" % self.parameter_dict) kvm_conf['nbd_port'] = self.parameter_dict['nbd_port']
kvm_config['vnc_ip'] = ip
kvm_config['tap_interface'] = tap
kvm_config['nbd_ip'] = self.parameter_dict['nbd_ip']
kvm_config['nbd_port'] = self.parameter_dict['nbd_port']
#XXX
kvm_config['pid_file'] = pid_file_path
kvm_config['image'] = disk_path
# First octet has to represent a locally administered address # First octet has to represent a locally administered address
octet_list = [254] + [random.randint(0x00, 0xff) for x in range(5)] octet_list = [254] + [random.randint(0x00, 0xff) for x in range(5)]
kvm_config['mac_address'] = ':'.join(['%02x' % x for x in octet_list]) kvm_conf['mac_address'] = ':'.join(['%02x' % x for x in octet_list])
kvm_config['qmp_socket'] = socket_path
kvm_config['hostname'] = "slaposkvm"
kvm_wrapper_template_location = pkg_resources.resource_filename( kvm_conf['hostname'] = "slaposkvm"
kvm_conf['smp_count'] = self.options['smp_count']
kvm_conf['ram_size'] = self.options['ram_size']
kvm_conf['vnc_display'] = 1
# Instanciate KVM
kvm_template_location = pkg_resources.resource_filename(
__name__, os.path.join( __name__, os.path.join(
'template', 'kvm_run.in')) 'template', 'kvm_run.in'))
kvm_runner_path = self.createRunningWrapper("kvm", kvm_runner_path = self.createRunningWrapper("kvm",
self.substituteTemplate(kvm_wrapper_template_location, kvm_config)) self.substituteTemplate(kvm_template_location,
kvm_conf))
self.path_list.append(kvm_runner_path)
# Instanciate KVM controller # Instanciate KVM controller
controller_config = {} kvm_controller_template_location = pkg_resources.resource_filename(
# Options nbd_ip and nbd_port are provided by slapos master
controller_config.update(self.options)
controller_config['qmp_socket'] = socket_path
controller_config['vnc_passwd'] = vnc_passwd
controller_config['python_path'] = sys.executable
controller_wrapper_template_location = pkg_resources.resource_filename(
__name__, os.path.join(
'template', 'kvm_controller_run.in'))
controller_runner_path = self.createRunningWrapper("kvm_controller",
self.substituteTemplate(controller_wrapper_template_location, controller_config))
#XXX Instanciate Slapmonitor
slapmonitor_config={}
slapmonitor_config.update(self.options)
slapmonitor_config['database_path'] = database_path
slapmonitor_config['pid_file'] = pid_file_path
slapmonitor_config['python_path'] = sys.executable
slapmonitor_wrapper_template_location = pkg_resources.resource_filename(
__name__, os.path.join( __name__, os.path.join(
'template', 'slapmonitor_run.in')) 'template',
slapmonitor_runner_path = self.createRunningWrapper("slapmonitor", 'kvm_controller_run.in' ))
self.substituteTemplate(slapmonitor_wrapper_template_location, slapmonitor_config))
kvm_controller_runner_path = self.createRunningWrapper("kvm_controller",
self.substituteTemplate(kvm_controller_template_location,
kvm_conf))
#XXX Instanciate Slapreport self.path_list.append(kvm_controller_runner_path)
slapreport_config={}
slapreport_config.update(self.options)
slapreport_config['database_path'] = database_path
slapreport_config['python_path'] = sys.executable
slapreport_wrapper_template_location = pkg_resources.resource_filename(
__name__, os.path.join(
'template', 'slapreport_run.in'))
slapreport_runner_path = self.createReportRunningWrapper(self.substituteTemplate(
slapreport_wrapper_template_location, slapreport_config))
# Instanciate Slapmonitor
##slapmonitor_runner_path = self.instanciate_wrapper("slapmonitor",
# [database_path, pid_file_path, python_path])
# Instanciate Slapreport
##slapreport_runner_path = self.instanciate_wrapper("slapreport",
# [database_path, python_path])
return kvm_conf
def installNoVnc(self, source_ip, source_port, target_ip, target_port,
python_path):
"""
Create noVNC configuration dictionnary and instanciate Websockify proxy
self.computer_partition.setConnectionDict(dict( Parameters : IP of the proxy, port on which is situated the proxy,
vnc_connection_string="vnc://[%s]:1" % ip, IP of the vnc server, port on which is situated the vnc server,
vnc_password=vnc_passwd, path to python binary
))
Returns : noVNC configuration dictionnary
"""
noVNC_conf = {}
noVNC_conf['source_ip'] = source_ip
noVNC_conf['source_port'] = source_port
# Instanciate Websockify
websockify_runner_path = zc.buildout.easy_install.scripts([('websockify',
'slapos.recipe.librecipe.execute', 'execute_wait')], self.ws,
sys.executable, self.wrapper_directory, arguments=[
[python_path.strip(),
self.options['websockify_path'],
'--web',
self.options['noVNC_location'],
'--key=%s' % (self.key_path),
'--cert=%s' % (self.certificate_path),
'--ssl-only',
'%s:%s' % (source_ip, source_port),
'%s:%s' % (target_ip, target_port)],
[self.certificate_path, self.key_path]]
)[0]
self.path_list.append(websockify_runner_path)
return noVNC_conf
def linkBinary(self):
"""Links binaries to instance's bin directory for easier exposal"""
for linkline in self.options.get('link_binary_list', '').splitlines():
if not linkline:
continue
target = linkline.split()
if len(target) == 1:
target = target[0]
path, linkname = os.path.split(target)
else:
linkname = target[1]
target = target[0]
link = os.path.join(self.bin_directory, linkname)
if os.path.lexists(link):
if not os.path.islink(link):
raise zc.buildout.UserError(
'Target link already %r exists but it is not link' % link)
os.unlink(link)
os.symlink(target, link)
self.logger.debug('Created link %r -> %r' % (link, target))
self.path_list.append(link)
def installCertificateAuthority(self, ca_country_code='XX',
ca_email='xx@example.com', ca_state='State', ca_city='City',
ca_company='Company'):
backup_path = self.createBackupDirectory('ca')
self.ca_dir = os.path.join(self.data_root_directory, 'ca')
self._createDirectory(self.ca_dir)
self.ca_request_dir = os.path.join(self.ca_dir, 'requests')
self._createDirectory(self.ca_request_dir)
config = dict(ca_dir=self.ca_dir, request_dir=self.ca_request_dir)
self.ca_private = os.path.join(self.ca_dir, 'private')
self.ca_certs = os.path.join(self.ca_dir, 'certs')
self.ca_crl = os.path.join(self.ca_dir, 'crl')
self.ca_newcerts = os.path.join(self.ca_dir, 'newcerts')
self.ca_key_ext = '.key'
self.ca_crt_ext = '.crt'
for d in [self.ca_private, self.ca_crl, self.ca_newcerts, self.ca_certs]:
self._createDirectory(d)
for f in ['crlnumber', 'serial']:
if not os.path.exists(os.path.join(self.ca_dir, f)):
open(os.path.join(self.ca_dir, f), 'w').write('01')
if not os.path.exists(os.path.join(self.ca_dir, 'index.txt')):
open(os.path.join(self.ca_dir, 'index.txt'), 'w').write('')
openssl_configuration = os.path.join(self.ca_dir, 'openssl.cnf')
config.update(
working_directory=self.ca_dir,
country_code=ca_country_code,
state=ca_state,
city=ca_city,
company=ca_company,
email_address=ca_email,
)
self._writeFile(openssl_configuration, pkg_resources.resource_string(
__name__, 'template/openssl.cnf.ca.in') % config)
self.path_list.extend(zc.buildout.easy_install.scripts([
('certificate_authority',
__name__ + '.certificate_authority', 'runCertificateAuthority')],
self.ws, sys.executable, self.wrapper_directory, arguments=[dict(
openssl_configuration=openssl_configuration,
openssl_binary=self.options['openssl_binary'],
certificate=os.path.join(self.ca_dir, 'cacert.pem'),
key=os.path.join(self.ca_private, 'cakey.pem'),
crl=os.path.join(self.ca_crl),
request_dir=self.ca_request_dir
)]))
# configure backup
backup_cron = os.path.join(self.cron_d, 'ca_rdiff_backup')
open(backup_cron, 'w').write(
'''0 0 * * * %(rdiff_backup)s %(source)s %(destination)s'''%dict(
rdiff_backup=self.options['rdiff_backup_binary'],
source=self.ca_dir,
destination=backup_path))
self.path_list.append(backup_cron)
return dict(
ca_certificate=os.path.join(config['ca_dir'], 'cacert.pem'),
ca_crl=os.path.join(config['ca_dir'], 'crl'),
certificate_authority_path=config['ca_dir']
)
return [kvm_runner_path, controller_runner_path] def requestCertificate(self, name):
hash = hashlib.sha512(name).hexdigest()
key = os.path.join(self.ca_private, hash + self.ca_key_ext)
certificate = os.path.join(self.ca_certs, hash + self.ca_crt_ext)
parser = ConfigParser.RawConfigParser()
parser.add_section('certificate')
parser.set('certificate', 'name', name)
parser.set('certificate', 'key_file', key)
parser.set('certificate', 'certificate_file', certificate)
parser.write(open(os.path.join(self.ca_request_dir, hash), 'w'))
return key, certificate
def installCrond(self):
timestamps = self.createDataDirectory('cronstamps')
cron_output = os.path.join(self.log_directory, 'cron-output')
self._createDirectory(cron_output)
catcher = zc.buildout.easy_install.scripts([('catchcron',
__name__ + '.catdatefile', 'catdatefile')], self.ws, sys.executable,
self.bin_directory, arguments=[cron_output])[0]
self.path_list.append(catcher)
cron_d = os.path.join(self.etc_directory, 'cron.d')
crontabs = os.path.join(self.etc_directory, 'crontabs')
self._createDirectory(cron_d)
self._createDirectory(crontabs)
# Use execute from erp5.
wrapper = zc.buildout.easy_install.scripts([('crond',
'slapos.recipe.librecipe.execute', 'execute')], self.ws, sys.executable,
self.wrapper_directory, arguments=[
self.options['dcrond_binary'].strip(), '-s', cron_d, '-c', crontabs,
'-t', timestamps, '-f', '-l', '5', '-M', catcher]
)[0]
self.path_list.append(wrapper)
return cron_d
import os
import subprocess
import time
import ConfigParser
def popenCommunicate(command_list, input=None):
subprocess_kw = dict(stdout=subprocess.PIPE, stderr=subprocess.STDOUT)
if input is not None:
subprocess_kw.update(stdin=subprocess.PIPE)
popen = subprocess.Popen(command_list, **subprocess_kw)
result = popen.communicate(input)[0]
if popen.returncode is None:
popen.kill()
if popen.returncode != 0:
raise ValueError('Issue during calling %r, result was:\n%s' % (
command_list, result))
return result
class CertificateAuthority:
def __init__(self, key, certificate, openssl_binary,
openssl_configuration, request_dir):
self.key = key
self.certificate = certificate
self.openssl_binary = openssl_binary
self.openssl_configuration = openssl_configuration
self.request_dir = request_dir
def checkAuthority(self):
file_list = [ self.key, self.certificate ]
ca_ready = True
for f in file_list:
if not os.path.exists(f):
ca_ready = False
break
if ca_ready:
return
for f in file_list:
if os.path.exists(f):
os.unlink(f)
try:
# no CA, let us create new one
popenCommunicate([self.openssl_binary, 'req', '-nodes', '-config',
self.openssl_configuration, '-new', '-x509', '-extensions',
'v3_ca', '-keyout', self.key, '-out', self.certificate,
'-days', '10950'], 'Automatic Certificate Authority\n')
except:
try:
for f in file_list:
if os.path.exists(f):
os.unlink(f)
except:
# do not raise during cleanup
pass
raise
def _checkCertificate(self, common_name, key, certificate):
file_list = [key, certificate]
ready = True
for f in file_list:
if not os.path.exists(f):
ready = False
break
if ready:
return False
for f in file_list:
if os.path.exists(f):
os.unlink(f)
csr = certificate + '.csr'
try:
popenCommunicate([self.openssl_binary, 'req', '-config',
self.openssl_configuration, '-nodes', '-new', '-keyout',
key, '-out', csr, '-days', '3650'],
common_name + '\n')
try:
popenCommunicate([self.openssl_binary, 'ca', '-batch', '-config',
self.openssl_configuration, '-out', certificate,
'-infiles', csr])
finally:
if os.path.exists(csr):
os.unlink(csr)
except:
try:
for f in file_list:
if os.path.exists(f):
os.unlink(f)
except:
# do not raise during cleanup
pass
raise
else:
return True
def checkRequestDir(self):
for request_file in os.listdir(self.request_dir):
parser = ConfigParser.RawConfigParser()
parser.readfp(open(os.path.join(self.request_dir, request_file), 'r'))
if self._checkCertificate(parser.get('certificate', 'name'),
parser.get('certificate', 'key_file'), parser.get('certificate',
'certificate_file')):
print 'Created certificate %r' % parser.get('certificate', 'name')
def runCertificateAuthority(args):
ca_conf = args[0]
ca = CertificateAuthority(ca_conf['key'], ca_conf['certificate'],
ca_conf['openssl_binary'], ca_conf['openssl_configuration'],
ca_conf['request_dir'])
while True:
ca.checkAuthority()
ca.checkRequestDir()
time.sleep(60)
...@@ -11,7 +11,7 @@ so = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM) ...@@ -11,7 +11,7 @@ so = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM)
connected = False connected = False
while not connected: while not connected:
try: try:
so.connect('%(qmp_socket)s') so.connect('%(socket_path)s')
except socket.error: except socket.error:
time.sleep(1) time.sleep(1)
else: else:
......
...@@ -10,8 +10,8 @@ exec %(qemu_path)s \ ...@@ -10,8 +10,8 @@ exec %(qemu_path)s \
-smp %(smp_count)s \ -smp %(smp_count)s \
-m %(ram_size)s \ -m %(ram_size)s \
-cdrom nbd:[%(nbd_ip)s]:%(nbd_port)s \ -cdrom nbd:[%(nbd_ip)s]:%(nbd_port)s \
-drive file=%(image)s,if=virtio,boot=on \ -drive file=%(disk_path)s,if=virtio,boot=on \
-vnc [%(vnc_ip)s]:1,ipv6,tls,password \ -vnc %(vnc_ip)s:1,ipv4,password \
-boot menu=on \ -boot menu=on \
-qmp unix:%(qmp_socket)s,server \ -qmp unix:%(socket_path)s,server \
-pidfile %(pid_file)s -pidfile %(pid_file_path)s
#
# OpenSSL example configuration file.
# This is mostly being used for generation of certificate requests.
#
# This definition stops the following lines choking if HOME isn't
# defined.
HOME = .
RANDFILE = $ENV::HOME/.rnd
# Extra OBJECT IDENTIFIER info:
#oid_file = $ENV::HOME/.oid
oid_section = new_oids
# To use this configuration file with the "-extfile" option of the
# "openssl x509" utility, name here the section containing the
# X.509v3 extensions to use:
# extensions =
# (Alternatively, use a configuration file that has only
# X.509v3 extensions in its main [= default] section.)
[ new_oids ]
# We can add new OIDs in here for use by 'ca', 'req' and 'ts'.
# Add a simple OID like this:
# testoid1=1.2.3.4
# Or use config file substitution like this:
# testoid2=${testoid1}.5.6
# Policies used by the TSA examples.
tsa_policy1 = 1.2.3.4.1
tsa_policy2 = 1.2.3.4.5.6
tsa_policy3 = 1.2.3.4.5.7
####################################################################
[ ca ]
default_ca = CA_default # The default ca section
####################################################################
[ CA_default ]
dir = %(working_directory)s # Where everything is kept
certs = $dir/certs # Where the issued certs are kept
crl_dir = $dir/crl # Where the issued crl are kept
database = $dir/index.txt # database index file.
#unique_subject = no # Set to 'no' to allow creation of
# several ctificates with same subject.
new_certs_dir = $dir/newcerts # default place for new certs.
certificate = $dir/cacert.pem # The CA certificate
serial = $dir/serial # The current serial number
crlnumber = $dir/crlnumber # the current crl number
# must be commented out to leave a V1 CRL
crl = $dir/crl.pem # The current CRL
private_key = $dir/private/cakey.pem # The private key
RANDFILE = $dir/private/.rand # private random number file
x509_extensions = usr_cert # The extentions to add to the cert
# Comment out the following two lines for the "traditional"
# (and highly broken) format.
name_opt = ca_default # Subject Name options
cert_opt = ca_default # Certificate field options
# Extension copying option: use with caution.
# copy_extensions = copy
# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs
# so this is commented out by default to leave a V1 CRL.
# crlnumber must also be commented out to leave a V1 CRL.
# crl_extensions = crl_ext
default_days = 3650 # how long to certify for
default_crl_days = 30 # how long before next CRL
default_md = default # use public key default MD
preserve = no # keep passed DN ordering
# A few difference way of specifying how similar the request should look
# For type CA, the listed attributes must be the same, and the optional
# and supplied fields are just that :-)
policy = policy_match
# For the CA policy
[ policy_match ]
countryName = match
stateOrProvinceName = match
organizationName = match
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
# For the 'anything' policy
# At this point in time, you must list all acceptable 'object'
# types.
[ policy_anything ]
countryName = optional
stateOrProvinceName = optional
localityName = optional
organizationName = optional
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
####################################################################
[ req ]
default_bits = 2048
default_md = sha1
default_keyfile = privkey.pem
distinguished_name = req_distinguished_name
#attributes = req_attributes
x509_extensions = v3_ca # The extentions to add to the self signed cert
# Passwords for private keys if not present they will be prompted for
# input_password = secret
# output_password = secret
# This sets a mask for permitted string types. There are several options.
# default: PrintableString, T61String, BMPString.
# pkix : PrintableString, BMPString (PKIX recommendation before 2004)
# utf8only: only UTF8Strings (PKIX recommendation after 2004).
# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings).
# MASK:XXXX a literal mask value.
# WARNING: ancient versions of Netscape crash on BMPStrings or UTF8Strings.
string_mask = utf8only
# req_extensions = v3_req # The extensions to add to a certificate request
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
countryName_value = %(country_code)s
countryName_min = 2
countryName_max = 2
stateOrProvinceName = State or Province Name (full name)
stateOrProvinceName_value = %(state)s
localityName = Locality Name (eg, city)
localityName_value = %(city)s
0.organizationName = Organization Name (eg, company)
0.organizationName_value = %(company)s
# we can do this but it is not needed normally :-)
#1.organizationName = Second Organization Name (eg, company)
#1.organizationName_default = World Wide Web Pty Ltd
commonName = Common Name (eg, your name or your server\'s hostname)
commonName_max = 64
emailAddress = Email Address
emailAddress_value = %(email_address)s
emailAddress_max = 64
# SET-ex3 = SET extension number 3
#[ req_attributes ]
#challengePassword = A challenge password
#challengePassword_min = 4
#challengePassword_max = 20
#
#unstructuredName = An optional company name
[ usr_cert ]
# These extensions are added when 'ca' signs a request.
# This goes against PKIX guidelines but some CAs do it and some software
# requires this to avoid interpreting an end user certificate as a CA.
basicConstraints=CA:FALSE
# Here are some examples of the usage of nsCertType. If it is omitted
# the certificate can be used for anything *except* object signing.
# This is OK for an SSL server.
# nsCertType = server
# For an object signing certificate this would be used.
# nsCertType = objsign
# For normal client use this is typical
# nsCertType = client, email
# and for everything including object signing:
# nsCertType = client, email, objsign
# This is typical in keyUsage for a client certificate.
# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
# This will be displayed in Netscape's comment listbox.
nsComment = "OpenSSL Generated Certificate"
# PKIX recommendations harmless if included in all certificates.
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer
# This stuff is for subjectAltName and issuerAltname.
# Import the email address.
# subjectAltName=email:copy
# An alternative to produce certificates that aren't
# deprecated according to PKIX.
# subjectAltName=email:move
# Copy subject details
# issuerAltName=issuer:copy
#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem
#nsBaseUrl
#nsRevocationUrl
#nsRenewalUrl
#nsCaPolicyUrl
#nsSslServerName
# This is required for TSA certificates.
# extendedKeyUsage = critical,timeStamping
[ v3_req ]
# Extensions to add to a certificate request
basicConstraints = CA:FALSE
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
[ v3_ca ]
# Extensions for a typical CA
# PKIX recommendation.
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid:always,issuer
# This is what PKIX recommends but some broken software chokes on critical
# extensions.
#basicConstraints = critical,CA:true
# So we do this instead.
basicConstraints = CA:true
# Key usage: this is typical for a CA certificate. However since it will
# prevent it being used as an test self-signed certificate it is best
# left out by default.
# keyUsage = cRLSign, keyCertSign
# Some might want this also
# nsCertType = sslCA, emailCA
# Include email address in subject alt name: another PKIX recommendation
# subjectAltName=email:copy
# Copy issuer details
# issuerAltName=issuer:copy
# DER hex encoding of an extension: beware experts only!
# obj=DER:02:03
# Where 'obj' is a standard or added object
# You can even override a supported extension:
# basicConstraints= critical, DER:30:03:01:01:FF
[ crl_ext ]
# CRL extensions.
# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
# issuerAltName=issuer:copy
authorityKeyIdentifier=keyid:always
[ proxy_cert_ext ]
# These extensions should be added when creating a proxy certificate
# This goes against PKIX guidelines but some CAs do it and some software
# requires this to avoid interpreting an end user certificate as a CA.
basicConstraints=CA:FALSE
# Here are some examples of the usage of nsCertType. If it is omitted
# the certificate can be used for anything *except* object signing.
# This is OK for an SSL server.
# nsCertType = server
# For an object signing certificate this would be used.
# nsCertType = objsign
# For normal client use this is typical
# nsCertType = client, email
# and for everything including object signing:
# nsCertType = client, email, objsign
# This is typical in keyUsage for a client certificate.
# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
# This will be displayed in Netscape's comment listbox.
nsComment = "OpenSSL Generated Certificate"
# PKIX recommendations harmless if included in all certificates.
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer
# This stuff is for subjectAltName and issuerAltname.
# Import the email address.
# subjectAltName=email:copy
# An alternative to produce certificates that aren't
# deprecated according to PKIX.
# subjectAltName=email:move
# Copy subject details
# issuerAltName=issuer:copy
#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem
#nsBaseUrl
#nsRevocationUrl
#nsRenewalUrl
#nsCaPolicyUrl
#nsSslServerName
# This really needs to be in place for it to be a proxy certificate.
proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:3,policy:foo
####################################################################
[ tsa ]
default_tsa = tsa_config1 # the default TSA section
[ tsa_config1 ]
# These are used by the TSA reply generation only.
dir = /etc/pki/tls # TSA root directory
serial = $dir/tsaserial # The current serial number (mandatory)
crypto_device = builtin # OpenSSL engine to use for signing
signer_cert = $dir/tsacert.pem # The TSA signing certificate
# (optional)
certs = $dir/cacert.pem # Certificate chain to include in reply
# (optional)
signer_key = $dir/private/tsakey.pem # The TSA private key (optional)
default_policy = tsa_policy1 # Policy if request did not specify it
# (optional)
other_policies = tsa_policy2, tsa_policy3 # acceptable policies (optional)
digests = md5, sha1 # Acceptable message digests (mandatory)
accuracy = secs:1, millisecs:500, microsecs:100 # (optional)
clock_precision_digits = 0 # number of digits after dot. (optional)
ordering = yes # Is ordering defined for timestamps?
# (optional, default: no)
tsa_name = yes # Must the TSA name be included in the reply?
# (optional, default: no)
ess_cert_id_chain = no # Must the ESS cert id chain be included?
# (optional, default: no)
#!/bin/sh #!/bin/sh
# BEWARE: This file is operated by slapgrid # BEWARE: This file is operated by slapgrid
# BEWARE: It will be overwritten automatically # BEWARE: It will be overwritten automatically
exec %(python_path)s %(slapmonitor_path)s %(pid_file)s %(database_path)s exec %(python_path)s %(slapmonitor_path)s %(pid_file_path)s %(database_path)s
...@@ -10,6 +10,23 @@ def execute(args): ...@@ -10,6 +10,23 @@ def execute(args):
# Note: Candidate for slapos.lib.recipe # Note: Candidate for slapos.lib.recipe
os.execv(args[0], args + sys.argv[1:]) os.execv(args[0], args + sys.argv[1:])
def execute_wait(args):
"""Execution but after all files in args[1] exists"""
exec_list = list(args[0])
file_list = list(args[1])
sleep = 60
while True:
ready = True
for f in file_list:
if not os.path.exists(f):
print 'File %r does not exists, sleeping for %s' % (f, sleep)
ready = False
if ready:
break
time.sleep(sleep)
os.execv(exec_list[0], exec_list + sys.argv[1:])
child_pg = None child_pg = None
......
...@@ -220,9 +220,10 @@ class Recipe(BaseSlapRecipe): ...@@ -220,9 +220,10 @@ class Recipe(BaseSlapRecipe):
self.substituteTemplate(template_filename, self.substituteTemplate(template_filename,
stunnel_conf)) stunnel_conf))
wrapper = zc.buildout.easy_install.scripts([('stunnel', wrapper = zc.buildout.easy_install.scripts([('stunnel',
'slapos.recipe.librecipe.execute', 'execute')], self.ws, sys.executable, 'slapos.recipe.librecipe.execute', 'execute_wait')], self.ws,
self.wrapper_directory, arguments=[ sys.executable, self.wrapper_directory, arguments=[
self.options['stunnel_binary'].strip(), stunnel_conf_path] [self.options['stunnel_binary'].strip(), stunnel_conf_path],
[ca_certificate, key]]
)[0] )[0]
self.path_list.append(wrapper) self.path_list.append(wrapper)
return stunnel_conf return stunnel_conf
......
...@@ -224,9 +224,10 @@ class Recipe(BaseSlapRecipe): ...@@ -224,9 +224,10 @@ class Recipe(BaseSlapRecipe):
self.substituteTemplate(template_filename, self.substituteTemplate(template_filename,
stunnel_conf)) stunnel_conf))
wrapper = zc.buildout.easy_install.scripts([('stunnel', wrapper = zc.buildout.easy_install.scripts([('stunnel',
'slapos.recipe.librecipe.execute', 'execute')], self.ws, sys.executable, 'slapos.recipe.librecipe.execute', 'execute_wait')], self.ws,
self.wrapper_directory, arguments=[ sys.executable, self.wrapper_directory, arguments=[
self.options['stunnel_binary'].strip(), stunnel_conf_path] [self.options['stunnel_binary'].strip(), stunnel_conf_path],
[ca_certificate, key]]
)[0] )[0]
self.path_list.append(wrapper) self.path_list.append(wrapper)
return stunnel_conf return stunnel_conf
......
...@@ -31,6 +31,9 @@ import zc.buildout ...@@ -31,6 +31,9 @@ import zc.buildout
import sys import sys
class Recipe(slapos.recipe.erp5.Recipe): class Recipe(slapos.recipe.erp5.Recipe):
default_bt5_list = []
def installKeyAuthorisationApache(self, ip, port, backend, key, certificate, def installKeyAuthorisationApache(self, ip, port, backend, key, certificate,
ca_conf, key_auth_path='/erp5/portal_slap'): ca_conf, key_auth_path='/erp5/portal_slap'):
ssl_template = """SSLEngine on ssl_template = """SSLEngine on
...@@ -172,6 +175,12 @@ SSLCARevocationPath %(ca_crl)s""" ...@@ -172,6 +175,12 @@ SSLCARevocationPath %(ca_crl)s"""
self.installTidStorage(tidstorage_config['host'], tidstorage_config['port'], self.installTidStorage(tidstorage_config['host'], tidstorage_config['port'],
known_tid_storage_identifier_dict, 'http://'+login_haproxy) known_tid_storage_identifier_dict, 'http://'+login_haproxy)
self.linkBinary() self.linkBinary()
# Connect direct to Zope to create the instance.
self.installERP5Site(user, password, service_url_list[-1], mysql_conf,
conversion_server_conf, memcached_conf, kumo_conf,
self.site_id, self.default_bt5_list)
self.setConnectionDict(dict( self.setConnectionDict(dict(
front_end_url=apache_frontend_login, front_end_url=apache_frontend_login,
site_url=apache_login, site_url=apache_login,
...@@ -227,6 +236,10 @@ SSLCARevocationPath %(ca_crl)s""" ...@@ -227,6 +236,10 @@ SSLCARevocationPath %(ca_crl)s"""
self.installTestSuiteRunner(ca_conf, mysql_conf, conversion_server_conf, self.installTestSuiteRunner(ca_conf, mysql_conf, conversion_server_conf,
memcached_conf, kumo_conf) memcached_conf, kumo_conf)
self.linkBinary() self.linkBinary()
self.installERP5Site(user, password, zope_access, mysql_conf,
conversion_server_conf, memcached_conf, kumo_conf,
self.site_id, self.default_bt5_list)
self.setConnectionDict(dict( self.setConnectionDict(dict(
development_zope='http://%s:%s/' % (ip, zope_port), development_zope='http://%s:%s/' % (ip, zope_port),
site_user=user, site_user=user,
...@@ -260,6 +273,9 @@ SSLCARevocationPath %(ca_crl)s""" ...@@ -260,6 +273,9 @@ SSLCARevocationPath %(ca_crl)s"""
[('killpidfromfile', 'slapos.recipe.erp5.killpidfromfile', [('killpidfromfile', 'slapos.recipe.erp5.killpidfromfile',
'killpidfromfile')], self.ws, sys.executable, self.bin_directory)[0] 'killpidfromfile')], self.ws, sys.executable, self.bin_directory)[0]
self.path_list.append(self.killpidfromfile) self.path_list.append(self.killpidfromfile)
if self.parameter_dict.get("flavour", "default") == 'configurator':
self.default_bt5_list = self.options.get("configurator_bt5_list", '').split()
if self.parameter_dict.get('development', 'false').lower() == 'true': if self.parameter_dict.get('development', 'false').lower() == 'true':
return self.installDevelopment() return self.installDevelopment()
if self.parameter_dict.get('production', 'false').lower() == 'true': if self.parameter_dict.get('production', 'false').lower() == 'true':
......
...@@ -9,6 +9,7 @@ develop-eggs-directory = ${buildout:develop-eggs-directory} ...@@ -9,6 +9,7 @@ develop-eggs-directory = ${buildout:develop-eggs-directory}
recipe = ${instance-recipe:egg}:${instance-recipe:module} recipe = ${instance-recipe:egg}:${instance-recipe:module}
dcrond_binary = ${dcron:location}/sbin/crond dcrond_binary = ${dcron:location}/sbin/crond
haproxy_binary = ${haproxy:location}/sbin/haproxy haproxy_binary = ${haproxy:location}/sbin/haproxy
gzip_binary = ${gzip:location}/bin/gzip
httpd_binary = ${apache:location}/bin/httpd httpd_binary = ${apache:location}/bin/httpd
innobackupex_binary = ${xtrabackup:location}/bin/innobackupex innobackupex_binary = ${xtrabackup:location}/bin/innobackupex
kumo_gateway_binary = ${kumo:location}/bin/kumo-gateway kumo_gateway_binary = ${kumo:location}/bin/kumo-gateway
...@@ -32,6 +33,14 @@ tidstorage_repozo_binary = ${buildout:bin-directory}/tidstorage_repozo ...@@ -32,6 +33,14 @@ tidstorage_repozo_binary = ${buildout:bin-directory}/tidstorage_repozo
tidstoraged_binary = ${buildout:bin-directory}/tidstoraged tidstoraged_binary = ${buildout:bin-directory}/tidstoraged
xtrabackup_binary = ${xtrabackup:location}/bin/xtrabackup_51 xtrabackup_binary = ${xtrabackup:location}/bin/xtrabackup_51
zabbix_agent_binary = ${zabbix-agent:location}/sbin/zabbix_agent zabbix_agent_binary = ${zabbix-agent:location}/sbin/zabbix_agent
mk-variable-advisor_binary = ${perl:siteprefix}/bin/mk-variable-advisor
mk-table-usage_binary = ${perl:siteprefix}/bin/mk-table-usage
mk-visual-explain_binary = ${perl:siteprefix}/bin/mk-visual-explain
mk-config-diff_binary = ${perl:siteprefix}/bin/mk-config-diff
mk-deadlock-logger_binary = ${perl:siteprefix}/bin/mk-deadlock-logger
mk-error-log_binary = ${perl:siteprefix}/bin/mk-error-log
mk-index-usage_binary = ${perl:siteprefix}/bin/mk-index-usage
mk-query-advisor_binary = ${perl:siteprefix}/bin/mk-query-advisor
# cloudooo specific configuration # cloudooo specific configuration
ooo_binary_path = ${libreoffice-bin:location}/program ooo_binary_path = ${libreoffice-bin:location}/program
...@@ -69,4 +78,4 @@ environment = ...@@ -69,4 +78,4 @@ environment =
bt5_repository_list = ${bt5-repository:list} bt5_repository_list = ${bt5-repository:list}
configurator_bt5_list = erp5_core_proxy_field_legacy erp5_full_text_myisam_catalog erp5_base erp5_workflow erp5_configurator erp5_configurator_standard erp5_configurator_maxma_demo erp5_configurator_ung configurator_bt5_list = ${instance-recipe:configurator_bt5_list}
...@@ -21,11 +21,14 @@ unzip = true ...@@ -21,11 +21,14 @@ unzip = true
egg = slapos.cookbook egg = slapos.cookbook
module = erp5 module = erp5
# Additional Configuration
configurator_bt5_list = erp5_core_proxy_field_legacy erp5_full_text_myisam_catalog erp5_base erp5_workflow erp5_configurator erp5_configurator_standard erp5_configurator_maxma_demo erp5_configurator_ung
[template] [template]
# Default template for erp5 instance. # Default template for erp5 instance.
recipe = slapos.recipe.template recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance.cfg url = ${:_profile_base_location_}/instance.cfg
md5sum = 65d9b269e204ba49ac5ff11e891a4b84 md5sum = cc268ff0f27fa1ed4839a3150980f4a7
output = ${buildout:directory}/template.cfg output = ${buildout:directory}/template.cfg
mode = 0644 mode = 0644
...@@ -34,7 +37,7 @@ mode = 0644 ...@@ -34,7 +37,7 @@ mode = 0644
recipe = slapos.recipe.template recipe = slapos.recipe.template
url = ${:_profile_base_location_}/configuration.json url = ${:_profile_base_location_}/configuration.json
md5sum = cbe1d75339c6cb20e1aef818797face1 md5sum = cbe1d75339c6cb20e1aef818797face1
output = ${buildout:directory}/validator.json output = ${buildout:directory}/schema.json
mode = 0644 mode = 0644
[versions] [versions]
...@@ -89,7 +92,7 @@ python-ldap = 2.4.0 ...@@ -89,7 +92,7 @@ python-ldap = 2.4.0
python-memcached = 1.45 python-memcached = 1.45
restkit = 3.3.0 restkit = 3.3.0
rtjp-eventlet = 0.3.2 rtjp-eventlet = 0.3.2
slapos.cookbook = 0.9 slapos.cookbook = 0.16
slapos.recipe.template = 1.1 slapos.recipe.template = 1.1
threadframe = 0.2 threadframe = 0.2
timerserver = 2.0.2 timerserver = 2.0.2
...@@ -129,7 +132,7 @@ fpconst = 0.7.2 ...@@ -129,7 +132,7 @@ fpconst = 0.7.2
ipython = 0.10.2 ipython = 0.10.2
# Required by: # Required by:
# slapos.cookbook==0.9 # slapos.cookbook==0.16
netaddr = 0.7.5 netaddr = 0.7.5
# Required by: # Required by:
...@@ -145,7 +148,7 @@ python-magic = 0.4.0.1 ...@@ -145,7 +148,7 @@ python-magic = 0.4.0.1
setuptools = 0.6c12dev-r88846 setuptools = 0.6c12dev-r88846
# Required by: # Required by:
# slapos.cookbook==0.9 # slapos.cookbook==0.16
slapos.core = 0.8 slapos.core = 0.8
# Required by: # Required by:
...@@ -153,5 +156,5 @@ slapos.core = 0.8 ...@@ -153,5 +156,5 @@ slapos.core = 0.8
supervisor = 3.0a10 supervisor = 3.0a10
# Required by: # Required by:
# slapos.cookbook==0.9 # slapos.cookbook==0.16
xml-marshaller = 0.9.7 xml-marshaller = 0.9.7
[buildout] [buildout]
extensions =
slapos.zcbworkarounds
slapos.rebootstrap
find-links += find-links +=
http://www.nexedi.org/static/packages/source/slapos.buildout/ http://www.nexedi.org/static/packages/source/slapos.buildout/
...@@ -44,11 +39,6 @@ parts += ...@@ -44,11 +39,6 @@ parts +=
# development / fast switching environment for whole software # development / fast switching environment for whole software
unzip = true unzip = true
[rebootstrap]
# Default first version of rebootstrapped python
version = 2
section = python2.7
[instance-recipe] [instance-recipe]
egg = slapos.cookbook egg = slapos.cookbook
module = kumofs module = kumofs
...@@ -73,13 +63,13 @@ output = ${buildout:directory}/template.cfg ...@@ -73,13 +63,13 @@ output = ${buildout:directory}/template.cfg
mode = 0644 mode = 0644
[versions] [versions]
slapos.cookbook = 0.7 slapos.cookbook = 0.13
erp5.recipe.cmmiforcei686 = 0.1.1 erp5.recipe.cmmiforcei686 = 0.1.1
hexagonit.recipe.cmmi = 1.5.0 hexagonit.recipe.cmmi = 1.5.0
hexagonit.recipe.download = 1.5.0 hexagonit.recipe.download = 1.5.0
# Required by slapos.cookbook==0.7 # Required by slapos.cookbook==0.13
slapos.core = 0.2 slapos.core = 0.2
collective.recipe.template = 1.8 collective.recipe.template = 1.8
netaddr = 0.7.5 netaddr = 0.7.5
......
[buildout]
parts =
kvminstance
eggs-directory = ${buildout:eggs-directory}
develop-eggs-directory = ${buildout:develop-eggs-directory}
[kvminstance]
recipe = slapos.cookbook:kvm
qemu_path = ${kvm:location}/bin/qemu-system-x86_64
qemu_img_path = ${kvm:location}/bin/qemu-img
#slapmonitor_path = ${buildout:bin-directory}/slapmonitor
#slapreport_path = ${buildout:bin-directory}/slapreport
websockify_path = ${noVNC:location}/utils/wsproxy.py
noVNC_location = ${noVNC:location}
openssl_binary = ${openssl:location}/bin/openssl
rdiff_backup_binary = ${buildout:bin-directory}/rdiff-backup
dcrond_binary = ${dcron:location}/sbin/crond
smp_count = 1
ram_size = 1024
disk_size = 10
[buildout]
extends =
../../stack/kvm.cfg
[template]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance.cfg
md5sum = d899f2111aab18ad25776f35ed49a91b
output = ${buildout:directory}/template.cfg
mode = 0644
[kvmsource]
command =
(${git:location}/bin/git clone --quiet http://git.erp5.org/repos/slapos.kvm.git ${:location} && cd ${:location} && ${git:location}/bin/git reset --hard 94ee45cc02e69798cac8209d2296fd1751125018) || (rm -fr ${:location} ; exit 1)
update-command =
[versions]
Jinja2 = 2.5.5
Werkzeug = 0.6.2
hexagonit.recipe.cmmi = 1.5.0
lxml = 2.3
meld3 = 0.6.7
plone.recipe.command = 1.1
slapos.cookbook = 0.15
slapos.recipe.template = 1.1
z3c.recipe.scripts = 1.0.1
# Required by:
# slapos.core==0.9
Flask = 0.7.2
# Required by:
# slapos.cookbook==0.15
PyXML = 0.8.4
# Required by:
# slapos.recipe.template==1.1
collective.recipe.template = 1.8
# Required by:
# hexagonit.recipe.cmmi==1.5.0
hexagonit.recipe.download = 1.5.0
# Required by:
# slapos.cookbook==0.15
netaddr = 0.7.5
# Required by:
# slapos.core==0.9
netifaces = 0.5
# Required by:
# slapos.cookbook==0.15
# slapos.core==0.9
# zc.buildout==1.5.3-dev-SlapOS-005
# zc.recipe.egg==1.3.2
setuptools = 0.6c12dev-r88846
# Required by:
# slapos.cookbook==0.15
slapos.core = 0.9
# Required by:
# slapos.core==0.9
supervisor = 3.0a10
# Required by:
# slapos.cookbook==0.15
xml-marshaller = 0.9.7
# Required by:
# slapos.cookbook==0.15
zc.recipe.egg = 1.3.2
# Required by:
# slapos.core==0.9
zope.interface = 3.6.4
[buildout] [buildout]
extensions =
slapos.zcbworkarounds
slapos.rebootstrap
find-links += find-links +=
http://www.nexedi.org/static/packages/source/slapos.buildout/ http://www.nexedi.org/static/packages/source/slapos.buildout/
...@@ -47,11 +42,6 @@ parts += ...@@ -47,11 +42,6 @@ parts +=
# development / fast switching environment for whole software # development / fast switching environment for whole software
unzip = true unzip = true
[rebootstrap]
# Default first version of rebootstrapped python
version = 2
section = python2.7
[instance-recipe] [instance-recipe]
egg = slapos.cookbook egg = slapos.cookbook
module = mysql module = mysql
...@@ -76,9 +66,9 @@ output = ${buildout:directory}/template.cfg ...@@ -76,9 +66,9 @@ output = ${buildout:directory}/template.cfg
mode = 0644 mode = 0644
[versions] [versions]
slapos.cookbook = 0.9 slapos.cookbook = 0.13
# Required by slapos.cookbook==0.9 # Required by slapos.cookbook==0.13
slapos.core = 0.4 slapos.core = 0.4
collective.recipe.template = 1.8 collective.recipe.template = 1.8
netaddr = 0.7.5 netaddr = 0.7.5
......
...@@ -31,6 +31,7 @@ md5sum = e2cbd8fe7b8e4c7e92a19cd775de0aa6 ...@@ -31,6 +31,7 @@ md5sum = e2cbd8fe7b8e4c7e92a19cd775de0aa6
[eggs] [eggs]
eggs += eggs +=
slapos.libnetworkcache
slapos.toolbox slapos.toolbox
slapos.core slapos.core
...@@ -47,6 +48,7 @@ setuptools = 0.6c12dev-r88795 ...@@ -47,6 +48,7 @@ setuptools = 0.6c12dev-r88795
hexagonit.recipe.cmmi = 1.5.0 hexagonit.recipe.cmmi = 1.5.0
hexagonit.recipe.download = 1.5.0 hexagonit.recipe.download = 1.5.0
plone.recipe.command = 1.1 plone.recipe.command = 1.1
slapos.libnetworkcache = 0.2
# Use SlapOS patched zc.buildout # Use SlapOS patched zc.buildout
zc.buildout = 1.5.3-dev-SlapOS-005 zc.buildout = 1.5.3-dev-SlapOS-005
...@@ -11,19 +11,16 @@ eggs += slapos.core ...@@ -11,19 +11,16 @@ eggs += slapos.core
[instance-recipe] [instance-recipe]
module = vifib module = vifib
# Additional Configuration
configurator_bt5_list = erp5_core_proxy_field_legacy erp5_full_text_myisam_catalog erp5_base erp5_workflow erp5_configurator erp5_configurator_vifib
[erp5_repository_list]
repository_id_list += vifib/master
[vifib] [vifib]
# Recipe zerokspot.recipe.git is disabled, as is not possible to change its <= erp5
# environment to use localy delivered git.
# plone.recipe.command can do same job, but it is controllable which binary
# will be used
recipe = plone.recipe.command
location = ${buildout:parts-directory}/${:_buildout_section_name_}
stop-on-error = true
repository = http://git.erp5.org/repos/slapos.core.git repository = http://git.erp5.org/repos/slapos.core.git
branch = master revision = bfcd67dae3221612d035fa13ddc5afaec1518270
revision = f95ca3ccda07292895939ef9b48678acb5f524ce
command = ${git:location}/bin/git clone --quiet -b ${:branch} ${:repository} ${:location} && if [ -n ${:revision} ]; then cd ${:location} && ${git:location}/bin/git reset --quiet --hard ${:revision} ; fi
update-command = cd ${:location} && ${git:location}/bin/git pull --quiet && if [ -n ${:revision} ]; then cd ${:location} && ${git:location}/bin/git reset --quiet --hard ${:revision} ; fi
[local-bt5-repository] [local-bt5-repository]
# XXX: workaround for zc.buildout bug, as list += ends up with adding new entry # XXX: workaround for zc.buildout bug, as list += ends up with adding new entry
......
...@@ -2,6 +2,7 @@ ...@@ -2,6 +2,7 @@
extensions = extensions =
slapos.rebootstrap slapos.rebootstrap
slapos.zcbworkarounds slapos.zcbworkarounds
buildout-versions
mr.developer mr.developer
find-links = find-links =
...@@ -82,7 +83,7 @@ parts = ...@@ -82,7 +83,7 @@ parts =
stunnel stunnel
w3m w3m
poppler poppler
libpng12 libpng
ghostscript ghostscript
mariadb mariadb
sphinx sphinx
...@@ -215,7 +216,7 @@ location = ${buildout:parts-directory}/${:_buildout_section_name_} ...@@ -215,7 +216,7 @@ location = ${buildout:parts-directory}/${:_buildout_section_name_}
stop-on-error = true stop-on-error = true
repository = http://git.erp5.org/repos/erp5.git repository = http://git.erp5.org/repos/erp5.git
branch = master branch = master
revision = 336a8d63bdcabd92bfe3d9466685e5cd47fad716 revision = 5d4862dc888506fb58905ddf2ed68b5803689af3
command = ${git:location}/bin/git clone --quiet -b ${:branch} ${:repository} ${:location} && if [ -n ${:revision} ]; then cd ${:location} && ${git:location}/bin/git reset --quiet --hard ${:revision} ; fi command = ${git:location}/bin/git clone --quiet -b ${:branch} ${:repository} ${:location} && if [ -n ${:revision} ]; then cd ${:location} && ${git:location}/bin/git reset --quiet --hard ${:revision} ; fi
update-command = cd ${:location} && ${git:location}/bin/git pull --quiet && if [ -n ${:revision} ]; then cd ${:location} && ${git:location}/bin/git reset --quiet --hard ${:revision} ; fi update-command = cd ${:location} && ${git:location}/bin/git pull --quiet && if [ -n ${:revision} ]; then cd ${:location} && ${git:location}/bin/git reset --quiet --hard ${:revision} ; fi
......
[buildout]
extends =
shacache-client.cfg
../component/python-2.7/buildout.cfg
../component/lxml-python/buildout.cfg
../component/git/buildout.cfg
../component/zlib/buildout.cfg
../component/readline/buildout.cfg
../component/ncurses/buildout.cfg
../component/libuuid/buildout.cfg
../component/noVNC/buildout.cfg
../component/openssl/buildout.cfg
../component/rdiff-backup/buildout.cfg
../component/dcron/buildout.cfg
../component/libpng/buildout.cfg
parts =
template
gnutls
kvm
eggs
find-links +=
http://www.nexedi.org/static/packages/source/slapos.buildout/
versions = versions
[gpg-error]
recipe = hexagonit.recipe.cmmi
url = ftp://ftp.gnupg.org/gcrypt/libgpg-error/libgpg-error-1.10.tar.gz
md5sum = 7c2710ef439f82ac429b88fec88e9a4c
[gcrypt]
recipe = hexagonit.recipe.cmmi
url = ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.4.6.tar.gz
md5sum = bfd45922eefb8a24d598af77366220d4
configure-options =
--with-gpg-error-prefix=${gpg-error:location}
environment =
CPPFLAGS=-I${gpg-error:location}/include
LDFLAGS=-Wl,-rpath -Wl,${gpg-error:location}/lib -Wl,${gpg-error:location}/lib/libgpg-error.so.0
[gnutls]
recipe = hexagonit.recipe.cmmi
url = ftp://ftp.gnupg.org/gcrypt/gnutls/gnutls-2.8.6.tar.bz2
md5sum = eb0a6d7d3cb9ac684d971c14f9f6d3ba
configure-options =
--with-libgcrypt-prefix=${gcrypt:location}
environment =
CPPFLAGS=-I${zlib:location}/include -I${readline:location}/include -I${ncurses:location}/include -I${ncurses:location}/include/ncursesw -I${gcrypt:location}/include -I${gpg-error:location}/include
LDFLAGS=-L${readline:location}/lib -L${ncurses:location}/lib -L${gcrypt:location}/lib -Wl,-rpath -Wl,${zlib:location}/lib -Wl,-rpath -Wl,${readline:location}/lib -Wl,-rpath -Wl,${ncurses:location}/lib -Wl,-rpath -Wl,${gcrypt:location}/lib -Wl,-rpath -Wl,${gpg-error:location}/lib -Wl,${gcrypt:location}/lib/libgcrypt.so.11
PKG_CONFIG=${zlib:location}/lib/pkgconfig
[kvm]
recipe = hexagonit.recipe.cmmi
path = ${kvmsource:location}/
configure-options =
--disable-sdl
--disable-xen
--enable-vnc-tls
--disable-vnc-sasl
--disable-curses
--disable-curl
--enable-kvm
--disable-docs
--enable-vnc-png
--disable-vnc-jpeg
--extra-cflags="-I${gnutls:location}/include -I${libuuid:location}/include -I${zlib:location}/include -I${libpng:location}/include"
--extra-ldflags="-Wl,-rpath -Wl,${gnutls:location}/lib -L${gnutls:location}/lib -Wl,-rpath -Wl,${libpng:location}/lib -L${libpng:location}/lib -L${libuuid:location}/lib -Wl,-rpath -Wl,${libuuid:location}/lib -L${zlib:location}/lib -Wl,-rpath -Wl,${zlib:location}/lib -lpng -lz -lgnutls"
--disable-werror
environment =
PKG_CONFIG_PATH=${gnutls:location}/lib/pkgconfig
[kvmsource]
recipe=plone.recipe.command
location = ${buildout:parts-directory}/${:_buildout_section_name_}
stop-on-error = true
#tag = slapos-v0.1
command =
(${git:location}/bin/git clone --quiet http://git.erp5.org/repos/slapos.kvm.git ${:location} ) || (rm -fr ${:location} ; exit 1)
update-command =
cd ${:location} && ${git:location}/bin/git pull --quiet origin master
[eggs]
python = python2.7
recipe = z3c.recipe.scripts
eggs =
${lxml-python:egg}
slapos.cookbook
[versions]
zc.buildout = 1.5.3-dev-SlapOS-005
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment