Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
slapos
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Gwenaël Samain
slapos
Commits
ecf8d12f
Commit
ecf8d12f
authored
Jan 30, 2013
by
Marco Mariani
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
random pw for postgres in standalone SR and lapp stack; accept connections from the world
parent
3992d4ed
Changes
6
Hide whitespace changes
Inline
Side-by-side
Showing
6 changed files
with
40 additions
and
10 deletions
+40
-10
slapos/recipe/generatepassword.py
slapos/recipe/generatepassword.py
+7
-5
slapos/recipe/postgres/__init__.py
slapos/recipe/postgres/__init__.py
+0
-1
software/postgres/instance.cfg.in
software/postgres/instance.cfg.in
+16
-2
software/postgres/software.cfg
software/postgres/software.cfg
+1
-1
stack/lapp/buildout.cfg
stack/lapp/buildout.cfg
+1
-1
stack/lapp/postgres/instance-postgres.cfg.in
stack/lapp/postgres/instance-postgres.cfg.in
+15
-0
No files found.
slapos/recipe/generatepassword.py
View file @
ecf8d12f
# vim: set et sts=2:
##############################################################################
##############################################################################
#
#
# Copyright (c) 2012 Vifib SARL and Contributors. All Rights Reserved.
# Copyright (c) 2012 Vifib SARL and Contributors. All Rights Reserved.
...
@@ -24,12 +25,13 @@
...
@@ -24,12 +25,13 @@
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#
#
##############################################################################
##############################################################################
import
random
import
os
import
binascii
import
binascii
import
os
from
slapos.recipe.librecipe
import
GenericBaseRecipe
from
slapos.recipe.librecipe
import
GenericBaseRecipe
class
Recipe
(
GenericBaseRecipe
):
class
Recipe
(
GenericBaseRecipe
):
def
__init__
(
self
,
buildout
,
name
,
options
):
def
__init__
(
self
,
buildout
,
name
,
options
):
...
@@ -44,7 +46,7 @@ class Recipe(GenericBaseRecipe):
...
@@ -44,7 +46,7 @@ class Recipe(GenericBaseRecipe):
return
GenericBaseRecipe
.
__init__
(
self
,
buildout
,
name
,
options
)
return
GenericBaseRecipe
.
__init__
(
self
,
buildout
,
name
,
options
)
def
install
(
self
):
def
install
(
self
):
open_file
=
open
(
self
.
options
[
'storage-path'
],
'w'
)
with
open
(
self
.
options
[
'storage-path'
],
'w'
)
as
fout
:
open_file
.
write
(
self
.
options
[
'passwd'
])
fout
.
write
(
self
.
options
[
'passwd'
])
open_file
.
close
()
return
[
self
.
options
[
'storage-path'
]]
return
[
self
.
options
[
'storage-path'
]]
slapos/recipe/postgres/__init__.py
View file @
ecf8d12f
...
@@ -70,7 +70,6 @@ class Recipe(GenericBaseRecipe):
...
@@ -70,7 +70,6 @@ class Recipe(GenericBaseRecipe):
"""
"""
def
_options
(
self
,
options
):
def
_options
(
self
,
options
):
options
[
'password'
]
=
self
.
generatePassword
()
options
[
'url'
]
=
'postgresql://%(superuser)s:%(password)s@[%(ipv6_random)s]:%(port)s/%(dbname)s'
%
options
options
[
'url'
]
=
'postgresql://%(superuser)s:%(password)s@[%(ipv6_random)s]:%(port)s/%(dbname)s'
%
options
...
...
software/postgres/instance.cfg.in
View file @
ecf8d12f
...
@@ -16,6 +16,7 @@ offline = true
...
@@ -16,6 +16,7 @@ offline = true
recipe = slapos.cookbook:mkdirectory
recipe = slapos.cookbook:mkdirectory
bin = $${buildout:directory}/bin
bin = $${buildout:directory}/bin
etc = $${buildout:directory}/etc
etc = $${buildout:directory}/etc
srv = $${buildout:directory}/srv
services = $${directories:etc}/service
services = $${directories:etc}/service
promises = $${directories:etc}/promise
promises = $${directories:etc}/promise
var = $${buildout:directory}/var
var = $${buildout:directory}/var
...
@@ -30,11 +31,14 @@ recipe = slapos.cookbook:postgres
...
@@ -30,11 +31,14 @@ recipe = slapos.cookbook:postgres
# Options
# Options
ipv6 = $${instance-parameters:ipv6}
ipv6 = $${instance-parameters:ipv6}
ipv6_netmask_bits = 128
# listen to connections from anywhere
ipv6_netmask_bits = 0
ipv4 = $${instance-parameters:ipv4}
ipv4 = $${instance-parameters:ipv4}
ipv4_netmask_bits = 32
# listen to connections from anywhere
ipv4_netmask_bits = 0
ipv6_random = $${instance-parameters:ipv6_random}
ipv6_random = $${instance-parameters:ipv6_random}
superuser = postgres
superuser = postgres
password = $${gen-passwd:passwd}
port = 5432
port = 5432
dbname = db
dbname = db
# pgdata_directory is created by initdb, and should not exist beforehand.
# pgdata_directory is created by initdb, and should not exist beforehand.
...
@@ -43,6 +47,16 @@ bin = ${postgresql:location}/bin
...
@@ -43,6 +47,16 @@ bin = ${postgresql:location}/bin
services = $${directories:services}
services = $${directories:services}
#----------------
#--
#-- Generates a random password and stores it in the filesystem
[gen-passwd]
recipe = slapos.cookbook:generate.password
storage-path = $${directories:srv}/postgres_passwd
bytes = 16
#----------------
#----------------
#--
#--
#-- Deploy promise scripts.
#-- Deploy promise scripts.
...
...
software/postgres/software.cfg
View file @
ecf8d12f
...
@@ -17,7 +17,7 @@ parts =
...
@@ -17,7 +17,7 @@ parts =
recipe = slapos.recipe.template
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance.cfg.in
url = ${:_profile_base_location_}/instance.cfg.in
output = ${buildout:directory}/instance.cfg
output = ${buildout:directory}/instance.cfg
md5sum =
6f0ec52fdd5f602c0f624cd0e9146e8d
md5sum =
2c54a291ed61910f69a35a6db414c051
mode = 0644
mode = 0644
...
...
stack/lapp/buildout.cfg
View file @
ecf8d12f
...
@@ -87,7 +87,7 @@ mode = 0644
...
@@ -87,7 +87,7 @@ mode = 0644
recipe = slapos.recipe.template
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/postgres/instance-postgres.cfg.in
url = ${:_profile_base_location_}/postgres/instance-postgres.cfg.in
output = ${buildout:directory}/instance-postgres.cfg
output = ${buildout:directory}/instance-postgres.cfg
md5sum = 6
e9e587ddb52fb9a3817fda7d77e4cab
md5sum = 6
7c7772b80f82642f0f7d12793698374
mode = 0644
mode = 0644
[instance-postgres-import]
[instance-postgres-import]
...
...
stack/lapp/postgres/instance-postgres.cfg.in
View file @
ecf8d12f
...
@@ -173,9 +173,14 @@ crl = $${directory:ca-dir}/crl/
...
@@ -173,9 +173,14 @@ crl = $${directory:ca-dir}/crl/
[postgres-instance]
[postgres-instance]
recipe = slapos.cookbook:postgres
recipe = slapos.cookbook:postgres
ipv6 = $${instance-parameters:ipv6}
ipv6 = $${instance-parameters:ipv6}
# listen to connections from anywhere
ipv6_netmask_bits = 0
ipv4 = $${instance-parameters:ipv4}
ipv4 = $${instance-parameters:ipv4}
# listen to connections from anywhere
ipv4_netmask_bits = 0
ipv6_random = $${instance-parameters:ipv6_random}
ipv6_random = $${instance-parameters:ipv6_random}
superuser = postgres
superuser = postgres
password = $${postgres-passwd:passwd}
port = 5432
port = 5432
dbname = db
dbname = db
# pgdata_directory is created by initdb, and should not exist beforehand.
# pgdata_directory is created by initdb, and should not exist beforehand.
...
@@ -193,6 +198,16 @@ key-file = $${stunnel:key-file}
...
@@ -193,6 +198,16 @@ key-file = $${stunnel:key-file}
cert-file = $${stunnel:cert-file}
cert-file = $${stunnel:cert-file}
#----------------
#--
#-- Generates a random password and stores it in the filesystem
[postgres-passwd]
recipe = slapos.cookbook:generate.password
storage-path = $${rootdirectory:srv}/postgres_passwd
bytes = 16
#----------------
#----------------
#--
#--
#-- Deploy slapmonitor.
#-- Deploy slapmonitor.
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment